Bug#1005718: mosh: FTBFS with OpenSSL 3.0

2022-05-17 Thread Vincent Lefevre 
On 2022-05-17 16:57:55 +0200, Axel Beckert wrote:
> > Concerning this bug, it was reported upstream 3 months ago, and
> > there is still no reaction there.
> 
> You are aware, that at least for mosh the Debian package maintainer
> and main upstream developer of Mosh is the same person? So actually
> the forwarding of this bug report into the upstream bug tracker was an
> upstream reaction itself.

I didn't know that. So I'm wondering why he hasn't done anything
for 3 months.

Also note that /usr/share/doc/mosh/README.md.gz says

A note on compiler flags: Mosh is security-sensitive code. When making
automated builds for a binary package, we recommend passing the option
`--enable-compile-warnings=error` to `./configure`. On GNU/Linux with
`g++` or `clang++`, the package should compile cleanly with
`-Werror`. Please report a bug if it doesn't.

I assume that this is the real reason for the current failure. But
the -Wdeprecated-declarations warning (which is thus changed into
an error) isn't related to security.

BTW, warnings may also come from macros provided by libraries, if any.

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Bug#1011187: redis: FTBFS: killed due to inactivity

2022-05-17 Thread Sebastian Ramacher 
Source: redis
Version: 5:6.0.16-2
Severity: serious
Tags: ftbfs sid bookworm
Justification: fails to build from source (but built successfully in the past)
X-Debbugs-Cc: sramac...@debian.org

https://buildd.debian.org/status/fetch.php?pkg=redis=amd64=5%3A6.0.16-2%2Bb1=1652566704=0

--- Iteration 16 ---
19:48:12> Cluster is writable before failover: OK
19:48:12> Killing node #7: OK
19:48:12> Cluster should eventually be up again: OK
19:48:12> Cluster is writable again: OK
19:48:12> Restarting node #7: OK
19:48:12> Instance #7 is now a slave: OK
19:48:12> We can read back the value we set before: OK
--- Iteration 15 ---
19:48:13> Wait for slave of #1 to sync: OK
19:48:13> Cluster is writable before failover: OK
19:48:13> Killing node #1: OK
19:48:13> Wait failover by #6 with old epoch 2: OK
19:48:18> Cluster should eventually be up again: OK
19:48:18> Cluster is writable again: Expected error reading "sock562250dc96c0": 
software caused connection abort eq {OK} (context: type eval line 4 cmd {assert 
{$err eq {OK}}} proc ::test)
(Jumping to next unit after error)
--- Iteration 14 ---
19:48:18> Cluster is writable before failover: 
E: Build killed with signal TERM after 150 minutes of inactivity

Cheers
-- 
Sebastian Ramacher

Bug#1011186: ovn: FTBFS on armhf

2022-05-17 Thread Sebastian Ramacher 
Source: ovn
Version: 21.06.0+ds1-5
Severity: serious
Tags: ftbfs
Justification: fails to build from source (but built successfully in the past)
X-Debbugs-Cc: sramac...@debian.org

https://buildd.debian.org/status/fetch.php?pkg=ovn=armhf=21.06.0%2Bds1-5=1652705748=0

/usr/bin/make  check-local
make[4]: Entering directory '/<>'
set /bin/bash './tests/testsuite' -C tests 
AUTOTEST_PATH=/<>/ovs/utilities:/<>/ovs/vswitchd:/<>/ovs/ovsdb:/<>/ovs/vtep:tests:::controller-vtep:northd:utilities:controller:ic;
 \
"$@" --recheck || \
(test -z "$(find /<>/tests/testsuite.dir -name 'asan.*')" && \
 test X'' = Xyes && "$@" --recheck)
## --- ##
## ovn 21.06.0 test suite. ##
## --- ##

OVN end-to-end tests

156: ovn -- policy-based routing IPv6: 1 HVs, 3 LSs, 1 lport/LS, 1 LR -- 
ovn-northd -- dp-groups=no FAILED (ovn.at:7180)
332: ovn -- ACL conjunction -- ovn-northd -- dp-groups=no FAILED 
(ovs-macros.at:255)
379: ovn -- neighbor update on same HV -- ovn-northd -- dp-groups=yes ok
557: ovn -- nb_cfg timestamp -- ovn-northd -- dp-groups=yes ok

OVN Interconnection Controller

946: ovn-ic -- gateway sync -- ovn-northd -- dp-groups=no FAILED (ovn-ic.at:67)

## - ##
## Test results. ##
## - ##

ERROR: All 5 tests were run,
3 failed unexpectedly.
## -- ##
## testsuite.log was created. ##
## -- ##

Please send `tests/testsuite.log' and all information you think might help:

   To: 
   Subject: [ovn 21.06.0] testsuite: 156 332 946 failed

You may investigate any problem if you feel able to do so, in which
case the test suite provides a good starting point.  Its output may
be found below `tests/testsuite.dir'.

make[4]: *** [Makefile:3437: check-local] Error 1
make[4]: Leaving directory '/<>'


Cheers
-- 
Sebastian Ramacher

Processed: open-isns: diff for NMU version 0.101-0.1

2022-05-17 Thread Debian Bug Tracking System 
Processing control commands:

> tags 994672 + patch
Bug #994672 [src:open-isns] open-isns FTBFS: error: ‘sigrelse’ is deprecated
Added tag(s) patch.
> tags 994672 + pending
Bug #994672 [src:open-isns] open-isns FTBFS: error: ‘sigrelse’ is deprecated
Added tag(s) pending.

-- 
994672: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=994672
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#994672: open-isns: diff for NMU version 0.101-0.1

2022-05-17 Thread Sebastian Ramacher 
Control: tags 994672 + patch
Control: tags 994672 + pending

Dear maintainer,

I've prepared an NMU for open-isns (versioned as 0.101-0.1) and
uploaded it to DELAYED/7. Please feel free to tell me if I
should delay it longer.

Cheers
-- 
Sebastian Ramacher
diff -Nru open-isns-0.100/ChangeLog open-isns-0.101/ChangeLog
--- open-isns-0.100/ChangeLog	2020-01-23 22:02:36.0 +0100
+++ open-isns-0.101/ChangeLog	2021-02-01 18:27:33.0 +0100
@@ -1,3 +1,28 @@
+* Changes v0.100 to v0.101:
+
+Dmitry Bogdanov (1):
+  Fix parsing of GetNextRsp
+
+Lee Duncan (10):
+  Ignore common build files
+  Fix compiler issue when not in security mode
+  Do not ignore write() return value.
+  Fix 586 compile issue and remove -Werror
+  Added a TODO: 'make depend' not worrking
+  Update version string to "0.100".
+  Fix broken server authentication initialization.
+  Add man page for isnssetup.
+  Added TODO to test "isnsd --init"
+  Preparing for version 0.101
+
+Leo (1):
+  socket.c: include poll.h instead of sys/poll.h for POSIX compatibility
+
+Rosen Penev (2):
+  fix compilation without deprecated OpenSSL APIs
+  libisns: remove sighold and sigrelse
+
+
 * Changes v0.99 to v0.100:
 
 Chris Leech (1):
diff -Nru open-isns-0.100/client.c open-isns-0.101/client.c
--- open-isns-0.100/client.c	2020-01-23 22:02:36.0 +0100
+++ open-isns-0.101/client.c	2021-02-01 18:27:33.0 +0100
@@ -122,22 +122,17 @@
 /*
  * Create a security context
  */
+#ifdef WITH_SECURITY
 static isns_security_t *
 __create_security_context(const char *name, const char *auth_key,
 		const char *server_key)
 {
-#ifdef WITH_SECURITY
 	isns_security_t 	*ctx;
 	isns_principal_t	*princ;
-#endif /* WITH_SECURITY */
 
 	if (!isns_config.ic_security)
 		return NULL;
 
-#ifndef WITH_SECURITY
-	isns_error("Cannot create security context: security disabled at build time\n");
-	return NULL;
-#else /* WITH_SECURITY */
 	ctx = isns_create_dsa_context();
 	if (ctx == NULL)
 		isns_fatal("Unable to create security context\n");
@@ -174,8 +169,19 @@
 	}
 
 	return ctx;
-#endif /* WITH_SECURITY */
 }
+#else	/* WITH_SECURITY */
+static isns_security_t *
+__create_security_context(__attribute__((unused))const char *name,
+			  __attribute__((unused))const char *auth_key,
+			  __attribute__((unused))const char *server_key)
+{
+	if (!isns_config.ic_security)
+		return NULL;
+	isns_error("Cannot create security context: security disabled at build time\n");
+	return NULL;
+}
+#endif	/* WITH_SECURITY */
 
 /*
  * Create the default security context
diff -Nru open-isns-0.100/configure open-isns-0.101/configure
--- open-isns-0.100/configure	2020-01-23 22:02:36.0 +0100
+++ open-isns-0.101/configure	2021-02-01 18:27:33.0 +0100
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for open-isns 0.100.
+# Generated by GNU Autoconf 2.69 for open-isns 0.101.
 #
 #
 # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
@@ -577,8 +577,8 @@
 # Identity of this package.
 PACKAGE_NAME='open-isns'
 PACKAGE_TARNAME='open-isns'
-PACKAGE_VERSION='0.100'
-PACKAGE_STRING='open-isns 0.100'
+PACKAGE_VERSION='0.101'
+PACKAGE_STRING='open-isns 0.101'
 PACKAGE_BUGREPORT=''
 PACKAGE_URL=''
 
@@ -1250,7 +1250,7 @@
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures open-isns 0.100 to adapt to many kinds of systems.
+\`configure' configures open-isns 0.101 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1315,7 +1315,7 @@
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
- short | recursive ) echo "Configuration of open-isns 0.100:";;
+ short | recursive ) echo "Configuration of open-isns 0.101:";;
esac
   cat <<\_ACEOF
 
@@ -1410,7 +1410,7 @@
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-open-isns configure 0.100
+open-isns configure 0.101
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -1775,7 +1775,7 @@
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by open-isns $as_me 0.100, which was
+It was created by open-isns $as_me 0.101, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -3996,7 +3996,7 @@
 esac
 
 if test "$GCC" = "yes"; then
-CFLAGS="-Wall -Werror -Wextra $CFLAGS"
+CFLAGS="-Wall -Wextra $CFLAGS"
 	CPPFLAGS="$CPPFLAGS -D_GNU_SOURCE"
 fi
 
@@ -4985,7 +4985,7 @@
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by open-isns $as_me 0.100, which was
+This file was extended by open-isns $as_me 0.101, which was
 generated by

Bug#1011182: xygrib build-depends on obsolete package

2022-05-17 Thread Peter Green 

Package: xygrib
Version: 1.2.6.1-1
Severity: serious
Justification: rc policy - "packages must be buildable within the same release"
Tags: patch

xygrib build-depends on libgrib2c-dev which is no longer built by the g2clib
source package. It is still present in unstable as a cruft package, but is
completely gone from testing.

Changing the build-dependency to libg2c-dev resulted in a succesful build in
my test environment.I have not tested if the resulting packages actually work.

Bug#1006008: python-cryptography: FTBFS with OpenSSL 3.0

2022-05-17 Thread Agathe Porte 

Hi,

17/05/2022 19:02, John Paul Adrian Glaubitz :

Hello Agathe!

On 5/17/22 18:48, Agathe Porte wrote:

I do not know when that was done, but the two latest Fedora releases have been 
using >=35
versions which properly support OpenSSL 3.0 [1]. I have opened #1011155 in 
order to discuss
why we cannot just update to latest upstream versions, if that is the case, and 
to not pollute
this thread.

At least for Debian Ports, updating to python-cryptography 35 or newer would 
mean that the package
becomes BD-Uninstallable, i.e. not buildable as the Rust compiler is not 
available on all architectures
yet.

Rust support is slowly coming to more architectures with the rustc_codegen_gcc 
backend and gccrs,
so this problem will be eventually resolved. However, this work is not 
completed yet.
Thanks for this explanation. I totally forgot about architectures other 
than x86_64 and arm64. Makes sense. You may want to repost this to bug 
#1006008 [1] so that we can keep track (or I’ll do it if you want).


[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006008

Bests,

Agata.

Bug#992297: marked as done (gitit: CVE-2021-38711)

2022-05-17 Thread Debian Bug Tracking System 
Your message dated Tue, 17 May 2022 21:33:46 +
with message-id 
and subject line Bug#992297: fixed in gitit 0.15.1.0+dfsg-1
has caused the Debian Bug report #992297,
regarding gitit: CVE-2021-38711
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
992297: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992297
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: gitit
Version: 0.13.0.0+dfsg-2
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 
Control: found -1 0.12.3.1+dfsg-1

Hi,

The following vulnerability was published for gitit.

CVE-2021-38711[0]:
| In gitit before 0.15.0.0, the Export feature can be exploited to leak
| information from files.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-38711
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38711
[1] https://github.com/jgm/gitit/commit/eed32638f4f6e3b2f4b8a9a04c4b72001acf9ad8

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: gitit
Source-Version: 0.15.1.0+dfsg-1
Done: Scott Talbert 

We believe that the bug you reported is fixed in the latest version of
gitit, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 992...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Scott Talbert  (supplier of updated gitit package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 10 May 2022 23:05:19 -0400
Source: gitit
Architecture: source
Version: 0.15.1.0+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Haskell Group 

Changed-By: Scott Talbert 
Closes: 992297 1009770 1010067
Changes:
 gitit (0.15.1.0+dfsg-1) unstable; urgency=medium
 .
   * Team Upload.
   * Update to new upstream release 0.15.1.0 (Closes: #992297, #1010067)
   * Replace mime-support with media-types in Recommends (Closes: #1009770)
Checksums-Sha1:
 242b58a0ebcf72b59c27c426d1e8c77c0286c277 6287 gitit_0.15.1.0+dfsg-1.dsc
 0555f5b2d4a525ecf32c299dcc023a9efa988c6e 164604 gitit_0.15.1.0+dfsg.orig.tar.xz
 3bb20af1cdbfaa85aa6baa023dcc4242087e3c84 10968 
gitit_0.15.1.0+dfsg-1.debian.tar.xz
 516e6efaf99800425295827784036cc20f99b88b 23658 
gitit_0.15.1.0+dfsg-1_amd64.buildinfo
Checksums-Sha256:
 f5094474a5a6cc6e579212a9bba04f8b262d8cfb1ad6f07186410a73b7fbced7 6287 
gitit_0.15.1.0+dfsg-1.dsc
 3ddc4de66e797a90b4cd25fa655b57619e53f80501fcc57434bd4f81040e8f0e 164604 
gitit_0.15.1.0+dfsg.orig.tar.xz
 245380746fb6bd6c661d3c67546b53d3318162318dc69257a81ae2463f451907 10968 
gitit_0.15.1.0+dfsg-1.debian.tar.xz
 859e0b93afdc4b636018b17948a09c0b4d26e52fbabcd1581361c3338093ec21 23658 
gitit_0.15.1.0+dfsg-1_amd64.buildinfo
Files:
 a42366c50da983afeb1c1c04ee61d2b7 6287 haskell optional 
gitit_0.15.1.0+dfsg-1.dsc
 d92206cddf64c2189ba48799b9457156 164604 haskell optional 
gitit_0.15.1.0+dfsg.orig.tar.xz
 d3bd615d2f7505f5160ada9be3b7e231 10968 haskell optional 
gitit_0.15.1.0+dfsg-1.debian.tar.xz
 0602c2f095d9037343ddd6029f1bac01 23658 haskell optional 
gitit_0.15.1.0+dfsg-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQJDBAEBCgAtFiEEbnQ09Yl9Q7F/zVe3U9W8ZLUjeKIFAmKEEmEPHHN3dEB0ZWNo
aWUubmV0AAoJEFPVvGS1I3iiqDUP+wU2YEi8NgV2Z1hTSQ1dYXGbu8gtijUFmHnk
YFu2s2HEJoMPPuSUnYXAhfkjHqlIwVlZtqtn8PrxTz1a2W0SMXB6e3D7oMezEwO3
e6/ytOns3xlU2H9280CDDJHV8P+Viw6969aNK5zNdK7BSvYv18g7uM6b4W0YvXsn
NFK96JStNT/aY7nHPTSzkOWyfGhx1nXWwfEtJX9MmwuM6h52YRXJAwOgz5LM7vwx
z+AFQ7x4BPHkNIuk3CU8W45/QQWgTLxGa0yRn/tBPQcJOF36EIrUV189Z/2m2Wwk
CbbPkiXwL1N9ysKmUDleyxh3BdYixL2gOnWetPHY7QvY6RJ+bz96oOFs0knlAEyc
+KX3G+P/qdX4SM/32vRV60/yPz6NmuThaYmJYvzkiFhc+oHOHdIkfU0EngiWGlsC
9k7ZVfmhCaRcoGLL6yLV+1n6xJyIdF97GeIsiBHREz7K1n4hrXrKEUk5NTGVWOJI
R46whOcAZKQFllCWs8a1UHKWne1Sdm3LMQ3fFvVjY6WGB0otM32Pf67IckgdKh/o
Fuh0JSL43epOH07eKJZctBoP1yLwUZ8rz7ZY+oa7otQrcXKJ5X13i2oLrCRQQr/7
IZeqx0rqoMRzH+pVqjZn3JQoFJTaink5t0DuS2uqPXON37yZHnuGBrF7hoCfnhdA
mPssWpj+
=QqRk
-END PGP SIGNATURE End Message ---

Bug#1008379: closing 1008379

2022-05-17 Thread Valentin Vidic 
close 1008379 1.5.1-1
thanks

Tested the build of the new package release in sbuild
sid chroot and did not see any problems.

-- 
Valentin

Bug#1001661: notcurses: flaky autopkgtests on armhf

2022-05-17 Thread peter green 

Version 3.0.7 seems to be be passing most of the time on armhf, though there 
were
a few failures duing attempts to migrate gcc-12. The failures appear to be 
timeouts.

Unfortunately 3.0.7 seems to be pretty consistently failing on s390x :(

Processed: closing 1008379

2022-05-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> close 1008379 1.5.1-1
Bug #1008379 [src:synfigstudio] synfigstudio: FTBFS: _clock_system.h:34:27: 
error: using-declaration for non-member at class scope
Marked as fixed in versions synfigstudio/1.5.1-1.
Bug #1008379 [src:synfigstudio] synfigstudio: FTBFS: _clock_system.h:34:27: 
error: using-declaration for non-member at class scope
Marked Bug as done
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1008379: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008379
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1011177: opennds: binary-any FTBFS

2022-05-17 Thread Adrian Bunk 
Source: opennds
Version: 9.7.0-1
Severity: serious
Tags: ftbfs

https://buildd.debian.org/status/logs.php?pkg=opennds=9.7.0-1

...
dh_fixperms
chmod a-x debian/opennds/etc/opennds/fas-hid.php
chmod: cannot access 'debian/opennds/etc/opennds/fas-hid.php': No such file or 
directory
make[1]: *** [debian/rules:29: override_dh_fixperms] Error 1

Bug#976439: wminput: Aborts with "undefined symbol: PyVarObject_CallFunction"

2022-05-17 Thread Bernd Zeimetz 



Hi,

with this MR applied, it does not crash at least.
https://salsa.debian.org/georgesk/cwiid/-/merge_requests/1

Not tested yet.

Bernd

-- 
 Bernd ZeimetzDebian GNU/Linux Developer
 http://bzed.dehttp://www.debian.org
 GPG Fingerprint: ECA1 E3F2 8E11 2432 D485  DD95 EB36 171A 6FF9 435F

Bug#1011176: apertium-recursive: fails to detect EOF condition on unsigned char archs

2022-05-17 Thread Steve Langasek 
Package: apertium-recursive
Version: 1.1.0-1
Severity: serious
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu kinetic ubuntu-patch

Dear maintainers,

The new version of apertium-recursive FTBFS in Ubuntu on most archs because
of incorrect handling of EOF condition from fgetc():

[...]
g++ -DHAVE_CONFIG_H -I.   -Wdate-time -D_FORTIFY_SOURCE=2 -Wall -Wextra -g -O2 
-ffile-prefix-map=/<>=. -flto=auto -ffat-lto-objects -flto=auto 
-ffat-lto-objects -fstack-protector-strong -Wformat -Werror=format-security 
-I/usr/include/lttoolbox-3.6 -I/usr/include/apertium-3.8 
-I/usr/lib/aarch64-linux-gnu/apertium-3.8/include -I/usr/include/libxml2   
-Wall -Wextra -g -O2 -ffile-prefix-map=/<>=. -flto=auto 
-ffat-lto-objects -flto=auto -ffat-lto-objects -fstack-protector-strong 
-Wformat -Werror=format-security -std=c++20 -c -o pattern.o pattern.cc
rtx_comp.cc: In function ‘int main(int, char**)’:
rtx_comp.cc:104:10: warning: comparison is always false due to limited range of 
data type [-Wtype-limits]
  104 | if(c == EOF)
  |  ^
[...]
==
FAIL: test_compiles (__main__.NoRules)
--
Traceback (most recent call last):
  File "/<>/tests/./run_tests.py", line 8, in test_compiles
with self.assertRaises(subprocess.CalledProcessError):
AssertionError: CalledProcessError not raised

--
Ran 66 tests in 2.751s
[...]

  
(https://launchpad.net/ubuntu/+source/apertium-recursive/1.1.0-1/+build/23586338)

I have no idea why the tests passed at build time in Debian!  But the logic
error in the C code is clear: fgetc() returns an int, not a char, and on
many archs (but not x86), a bare 'char' is unsigned, so can never == EOF.

The attached patch has been uploaded to Ubuntu to fix the build failure
there, and complete the libapertium3-3.8-1 transition.

Please consider applying it in Debian as well (and forwarding upstream).

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru apertium-recursive-1.1.0/debian/patches/series 
apertium-recursive-1.1.0/debian/patches/series
--- apertium-recursive-1.1.0/debian/patches/series  1969-12-31 
16:00:00.0 -0800
+++ apertium-recursive-1.1.0/debian/patches/series  2022-05-17 
13:49:42.0 -0700
@@ -0,0 +1 @@
+unsigned-char.patch
diff -Nru apertium-recursive-1.1.0/debian/patches/unsigned-char.patch 
apertium-recursive-1.1.0/debian/patches/unsigned-char.patch
--- apertium-recursive-1.1.0/debian/patches/unsigned-char.patch 1969-12-31 
16:00:00.0 -0800
+++ apertium-recursive-1.1.0/debian/patches/unsigned-char.patch 2022-05-17 
13:52:04.0 -0700
@@ -0,0 +1,29 @@
+Description: fgetc() returns an int, not a (unsigned) char
+ The code is wrongly assigning fgetc()'s return value to a char instead of an
+ int.  On some architectures, this is doubly wrong because 'char' is
+ unsigned, meaning it can never hold the EOF value:
+ .
+ rtx_comp.cc: In function ‘int main(int, char**)’:
+ rtx_comp.cc:104:10: warning: comparison is always false due to limited range 
of data type [-Wtype-limits]
+   104 | if(c == EOF)
+   |  ^
+ .
+ Fix the type, which removes the warning and also fixes build failures on
+ these unsigned char archs in Ubuntu.
+Author: Steve Langasek 
+Last-Update: 2022-05-17
+Forwarded: no
+
+Index: apertium-recursive-1.1.0/src/rtx_comp.cc
+===
+--- apertium-recursive-1.1.0.orig/src/rtx_comp.cc
 apertium-recursive-1.1.0/src/rtx_comp.cc
+@@ -98,7 +98,7 @@
+ cout << "Unable to open " << argv[optind] << " for reading." << endl;
+ exit(EXIT_FAILURE);
+   }
+-  char c;
++  int c;
+   while((c = fgetc(check)) != '<')
+   {
+ if(c == EOF)

Bug#1011166: pidgin breaks chatty autopkgtest: error while loading shared libraries: libjabber.so.0

2022-05-17 Thread Paul Gevers 

Source: pidgin, chatty
Control: found -1 pidgin/2.14.9-2
Control: found -1 chatty/0.6.3-1
Severity: serious
Tags: sid bookworm
User: debian...@lists.debian.org
Usertags: breaks needs-update

Dear maintainer(s),

With a recent upload of pidgin the autopkgtest of chatty fails in 
testing when that autopkgtest is run with the binary packages of pidgin 
from unstable. It passes when run with only packages from testing. In 
tabular form:


   passfail
pidgin from testing2.14.9-2
chatty from testing0.6.3-1
all others from testingfrom testing

I copied some of the output at the bottom of this report. I note that 
the library moved location from /usr/lib/purple-2/libjabber.so.0.0.0 to 
/usr/lib/x86_64-linux-gnu/purple-2/libjabber.so.0.0.0. Naively I would 
have expected it to be picked up, but maybe the /purple-2 in the middle 
of the path is preventing that.


Currently this regression is blocking the migration of pidgin to testing 
[1]. Due to the nature of this issue, I filed this bug report against 
both packages. Can you please investigate the situation and reassign the 
bug to the right package?


More information about this bug and the reason for filing it can be found on
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation

Paul

[0] You can see what packages were added from the second line of the log 
file quoted below. The migration software adds source package from 
unstable to the list if they are needed to install packages from 
pidgin/2.14.9-2. I.e. due to versioned dependencies or breaks/conflicts.

[1] https://qa.debian.org/excuses.php?package=pidgin

https://ci.debian.net/data/autopkgtest/testing/amd64/c/chatty/21821951/log.gz

/usr/bin/chatty: error while loading shared libraries: libjabber.so.0: 
cannot open shared object file: No such file or directory

autopkgtest [19:11:11]: test command1



OpenPGP_signature
Description: OpenPGP digital signature

Processed: pidgin breaks chatty autopkgtest: error while loading shared libraries: libjabber.so.0

2022-05-17 Thread Debian Bug Tracking System 
Processing control commands:

> found -1 pidgin/2.14.9-2
Bug #1011166 [src:pidgin, src:chatty] pidgin breaks chatty autopkgtest: error 
while loading shared libraries: libjabber.so.0
Marked as found in versions pidgin/2.14.9-2.
> found -1 chatty/0.6.3-1
Bug #1011166 [src:pidgin, src:chatty] pidgin breaks chatty autopkgtest: error 
while loading shared libraries: libjabber.so.0
Marked as found in versions chatty/0.6.3-1.

-- 
1011166: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011166
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#978881: marked as done (pidgin: ftbfs with autoconf 2.70)

2022-05-17 Thread Debian Bug Tracking System 
Your message dated Tue, 17 May 2022 22:37:59 +0200
with message-id 
and subject line Re: pidgin: ftbfs with autoconf 2.70
has caused the Debian Bug report #978881,
regarding pidgin: ftbfs with autoconf 2.70
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
978881: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978881
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: src:pidgin
Version: 2.13.0-2.2
Severity: normal
Tags: sid bookworm
User: d...@debian.org
Usertags: ftbfs-ac270

[This bug report is not targeted to the upcoming bullseye release]

The package fails to build in a test rebuild on at least amd64 with
autoconf 2.70, but succeeds to build with autoconf 2.69. The
severity of this report will be raised before the bookworm release,
so nothing has to be done for the bullseye release.

The full build log can be found at:
http://qa-logs.debian.net/2020/09/26.ac270/pidgin_2.13.0-2.2_unstable_ac270.log
The last lines of the build log are at the end of this report.

To build with autoconf 2.70, please install the autoconf package from
experimental:  apt-get -t=experimental install autoconf 

[...]
configure.ac:2209: warning: The macro `AC_HELP_STRING' is obsolete.
configure.ac:2209: You should run autoupdate.
./lib/autoconf/general.m4:203: AC_HELP_STRING is expanded from...
./lib/autoconf/general.m4:1541: AC_ARG_ENABLE is expanded from...
configure.ac:2209: the top level
configure.ac:2211: warning: The macro `AC_HELP_STRING' is obsolete.
configure.ac:2211: You should run autoupdate.
./lib/autoconf/general.m4:203: AC_HELP_STRING is expanded from...
./lib/autoconf/general.m4:1560: AC_ARG_WITH is expanded from...
configure.ac:2211: the top level
configure.ac:2290: warning: The macro `AC_HELP_STRING' is obsolete.
configure.ac:2290: You should run autoupdate.
./lib/autoconf/general.m4:203: AC_HELP_STRING is expanded from...
./lib/autoconf/general.m4:1541: AC_ARG_ENABLE is expanded from...
configure.ac:2290: the top level
configure.ac:2292: warning: The macro `AC_HELP_STRING' is obsolete.
configure.ac:2292: You should run autoupdate.
./lib/autoconf/general.m4:203: AC_HELP_STRING is expanded from...
./lib/autoconf/general.m4:1560: AC_ARG_WITH is expanded from...
configure.ac:2292: the top level
configure.ac:2376: warning: The macro `AC_HELP_STRING' is obsolete.
configure.ac:2376: You should run autoupdate.
./lib/autoconf/general.m4:203: AC_HELP_STRING is expanded from...
configure.ac:2376: the top level
configure.ac:2479: warning: The macro `AC_TRY_LINK' is obsolete.
configure.ac:2479: You should run autoupdate.
./lib/autoconf/general.m4:2816: AC_TRY_LINK is expanded from...
lib/m4sugar/m4sh.m4:673: AS_IF is expanded from...
./lib/autoconf/general.m4:2149: AC_CACHE_VAL is expanded from...
./lib/autoconf/general.m4:2170: AC_CACHE_CHECK is expanded from...
acinclude.m4:423: AC_VAR_TIMEZONE_EXTERNALS is expanded from...
configure.ac:2479: the top level
configure.ac:2527: warning: The macro `AC_HELP_STRING' is obsolete.
configure.ac:2527: You should run autoupdate.
./lib/autoconf/general.m4:203: AC_HELP_STRING is expanded from...
configure.ac:2527: the top level
configure.ac:2534: warning: The macro `AC_HELP_STRING' is obsolete.
configure.ac:2534: You should run autoupdate.
./lib/autoconf/general.m4:203: AC_HELP_STRING is expanded from...
configure.ac:2534: the top level
configure.ac:2541: warning: The macro `AC_HELP_STRING' is obsolete.
configure.ac:2541: You should run autoupdate.
./lib/autoconf/general.m4:203: AC_HELP_STRING is expanded from...
./lib/autoconf/general.m4:1541: AC_ARG_ENABLE is expanded from...
configure.ac:2541: the top level
configure.ac:2545: warning: The macro `AC_HELP_STRING' is obsolete.
configure.ac:2545: You should run autoupdate.
./lib/autoconf/general.m4:203: AC_HELP_STRING is expanded from...
./lib/autoconf/general.m4:1541: AC_ARG_ENABLE is expanded from...
configure.ac:2545: the top level
configure.ac:2549: warning: The macro `AC_HELP_STRING' is obsolete.
configure.ac:2549: You should run autoupdate.
./lib/autoconf/general.m4:203: AC_HELP_STRING is expanded from...
./lib/autoconf/general.m4:1541: AC_ARG_ENABLE is expanded from...
configure.ac:2549: the top level
configure.ac:2595: warning: The macro `AC_HELP_STRING' is obsolete.
configure.ac:2595: You should run autoupdate.
./lib/autoconf/general.m4:203: AC_HELP_STRING is expanded from...
./lib/autoconf/general.m4:1541: AC_ARG_ENABLE is expanded from...
configure.ac:2595: the top level
libtoolize: putting auxiliary files in '.'.
libtoolize: copying file './ltmain.sh'
libtoolize: Consider adding

Processed: severity of 976439 is grave

2022-05-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> severity 976439 grave
Bug #976439 [wminput] wminput: Aborts with "undefined symbol: 
PyVarObject_CallFunction"
Severity set to 'grave' from 'important'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
976439: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976439
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Processed (with 1 error): Re: Bug#1011127: libssl3 breaks systems vith VIA Nehemiah cpu

2022-05-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> forwarded 1011127 https://github.com/openssl/openssl/issues/18334
Bug #1011127 [libssl3] libssl3 breaks systems vith VIA Nehemiah cpu
Set Bug forwarded-to-address to 
'https://github.com/openssl/openssl/issues/18334'.
>
End of message, stopping processing here.

Please contact me if you need assistance.
-- 
1011127: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011127
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Bug#1011165: org.h2.jdbc.JdbcSQLSyntaxErrorException: schema "MEDIATHEKVIEW" not found

2022-05-17 Thread Debian Bug Tracking System 
Processing control commands:

> severity -1 serious
Bug #1011165 [mediathekview] org.h2.jdbc.JdbcSQLSyntaxErrorException: schema 
"MEDIATHEKVIEW" not found
Severity set to 'serious' from 'important'

-- 
1011165: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011165
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1011152: spyder: Console not starting. Spyder alerts : iPython 7.31.1 & qtconsole 5.3.0 not installed. But they are !

2022-05-17 Thread Julian Gilbey 
It's a pleasure!

We cannot write instructions to cover every eventually; that is
effectively impossible.  But it seems like you did the right thing to
sort out your problem, which I am pleased to hear.

Best wishes,

   Julian

On Tue, May 17, 2022 at 07:42:37PM +0200, epsommum...@virgilio.it wrote:
> Thank you very much !
> 
> Your command did not work in Spyder's console on the desktop, first because of
> the 3 at the end of pip, then because pressing the Y key at the prompt did not
> do anything. After googling how to force uninstall I found the command that
> worked for the desktop :
> 
> pip uninstall iPython -y
> 
> (I did not have a local qtconsole package installed)
> 
> In qemu, I typed this in a regular console since no console worked in Spyder :
> 
> python3 -m pip uninstall qtconsole iPython
> 
> Here the prompts accepted my Y presses.
> 
> I then had to do (probably because I closed spyder while it was reporting the
> error messages for a github bug report) :
> 
> killall spyder
> 
> Then Spyder started successfully !
> 
> Too bad your instructions are not included in Spyder's error messages to 
> explain
> to people like me who are not pros what to do to solve such a simple problem !
> 
> Anyway, thank you again !
> 
> P.S. : the mail bounced because this mail address I use for bug reports had 
> not
> been used for too long, and I had to renew the password.

Processed: your mail

2022-05-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tag 1006393 patch
Bug #1006393 [src:libewf] libewf: FTBFS with OpenSSL 3.0
Added tag(s) patch.
>
End of message, stopping processing here.

Please contact me if you need assistance.
-- 
1006393: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006393
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1011127: libssl3 breaks systems vith VIA Nehemiah cpu

2022-05-17 Thread Sebastian Andrzej Siewior 
control: forward -1 https://github.com/openssl/openssl/issues/18334

On 2022-05-17 16:01:35 [+0200], Wolfgang Walter wrote:
> 
> Yes, with libssl3_3.0.3-4.noendbr_i386.deb this is fixed.

perfect, thank you for the confirmation.
I forwarded it upstream and I hope to have something for the next
upload.

> Thanks

Sebastian

Processed: Re: Should live-wrapper be removed?

2022-05-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> severity 1009282 normal
Bug #1009282 [src:live-wrapper] Should live-wrapper be removed?
Severity set to 'normal' from 'serious'
> reassign 1009282 ftp.debian.org
Bug #1009282 [src:live-wrapper] Should live-wrapper be removed?
Bug reassigned from package 'src:live-wrapper' to 'ftp.debian.org'.
No longer marked as found in versions live-wrapper/0.10.
Ignoring request to alter fixed versions of bug #1009282 to the same values 
previously set
> retitle 1009282 RM: live-wrapper -- RoQA; Depends on Python 2, depends on 
> removed package
Bug #1009282 [ftp.debian.org] Should live-wrapper be removed?
Changed Bug title to 'RM: live-wrapper -- RoQA; Depends on Python 2, depends on 
removed package' from 'Should live-wrapper be removed?'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1009282: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009282
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1009282: Should live-wrapper be removed?

2022-05-17 Thread Moritz Mühlenhoff 
severity 1009282 normal
reassign 1009282 ftp.debian.org
retitle 1009282 RM: live-wrapper -- RoQA; Depends on Python 2, depends on 
removed package
thanks

Reassigning for removal.

Cheers,
Moritz

Processed: Re: Should python-passfd be removed?

2022-05-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> severity 1009280 normal
Bug #1009280 [src:python-passfd] Should python-passfd be removed?
Severity set to 'normal' from 'serious'
> reassign 1009280 ftp.debian.org
Bug #1009280 [src:python-passfd] Should python-passfd be removed?
Bug reassigned from package 'src:python-passfd' to 'ftp.debian.org'.
No longer marked as found in versions python-passfd/0.2-3.
Ignoring request to alter fixed versions of bug #1009280 to the same values 
previously set
> retitle 1009280 RM: python-passfd -- RoQA; Depends on Python 2, no reverse 
> deps
Bug #1009280 [ftp.debian.org] Should python-passfd be removed?
Changed Bug title to 'RM: python-passfd -- RoQA; Depends on Python 2, no 
reverse deps' from 'Should python-passfd be removed?'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1009280: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009280
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1009280: Should python-passfd be removed?

2022-05-17 Thread Moritz Mühlenhoff 
severity 1009280 normal
reassign 1009280 ftp.debian.org
retitle 1009280 RM: python-passfd -- RoQA; Depends on Python 2, no reverse deps
thanks

Reassigning for removal.

Cheers,
Moritz

Processed: Re: Should fsl be removed?

2022-05-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> severity 1009276 normal
Bug #1009276 [src:fsl] Should fsl be removed?
Severity set to 'normal' from 'serious'
> reassign 1009276 ftp.debian.org
Bug #1009276 [src:fsl] Should fsl be removed?
Bug reassigned from package 'src:fsl' to 'ftp.debian.org'.
No longer marked as found in versions fsl/5.0.8-6.
Ignoring request to alter fixed versions of bug #1009276 to the same values 
previously set
> retitle 1009276 RM: fsl -- RoM; Depends on Python 2, FTBFS, unmaintained
Bug #1009276 [ftp.debian.org] Should fsl be removed?
Changed Bug title to 'RM: fsl -- RoM; Depends on Python 2, FTBFS, unmaintained' 
from 'Should fsl be removed?'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1009276: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009276
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1009276: Should fsl be removed?

2022-05-17 Thread Moritz Mühlenhoff 
severity 1009276 normal
reassign 1009276 ftp.debian.org
retitle 1009276 RM: fsl -- RoM; Depends on Python 2, FTBFS, unmaintained
thanks

Reassigning for removal.

Bug#1011152: spyder: Console not starting. Spyder alerts : iPython 7.31.1 & qtconsole 5.3.0 not installed. But they are !

2022-05-17 Thread epsommumule 
Thank you very much !

Your command did not work in Spyder's console on the desktop, first because of 
the 3 at the end of pip, then because pressing the Y key at the prompt did not 
do anything. After googling how to force uninstall I found the command that 
worked for the desktop :

pip uninstall iPython -y

(I did not have a local qtconsole package installed)


In qemu, I typed this in a regular console since no console worked in Spyder :

python3 -m pip uninstall qtconsole iPython

Here the prompts accepted my Y presses.

I then had to do (probably because I closed spyder while it was reporting the 
error messages for a github bug report) :

killall spyder

Then Spyder started successfully !


Too bad your instructions are not included in Spyder's error messages to 
explain to people like me who are not pros what to do to solve such a simple 
problem !


Anyway, thank you again !


P.S. : the mail bounced because this mail address I use for bug reports had not 
been used for too long, and I had to renew the password.

Bug#1006008: python-cryptography: FTBFS with OpenSSL 3.0

2022-05-17 Thread John Paul Adrian Glaubitz 
Hello Agathe!

On 5/17/22 18:48, Agathe Porte wrote:
> I do not know when that was done, but the two latest Fedora releases have 
> been using >=35
> versions which properly support OpenSSL 3.0 [1]. I have opened #1011155 in 
> order to discuss
> why we cannot just update to latest upstream versions, if that is the case, 
> and to not pollute
> this thread.

At least for Debian Ports, updating to python-cryptography 35 or newer would 
mean that the package
becomes BD-Uninstallable, i.e. not buildable as the Rust compiler is not 
available on all architectures
yet.

Rust support is slowly coming to more architectures with the rustc_codegen_gcc 
backend and gccrs,
so this problem will be eventually resolved. However, this work is not 
completed yet.

Adrian

-- 
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer
`. `'   Physicist
  `-GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913

Processed: tagging 1010377

2022-05-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 1010377 + pending
Bug #1010377 [v2ray] V2Ray CVE-2021-4070 DoS by Authenticated VMess Server 
patch not applied
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1010377: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010377
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: tagging 1009818

2022-05-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 1009818 + pending
Bug #1009818 [v2ray] V2Ray 4.34.0-5 (Debian Unstable ver.) Crashes when VMess 
Protocol is Used because an unsynchronized update of Golang and V2Ray - HMAC 
constructor fix not applied on Debian
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1009818: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009818
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1010505: golang-gopkg-libgit2-git2go.v31 autopkgtest failure with libgit2 1.3

2022-05-17 Thread Steve Langasek 
Package: golang-gopkg-libgit2-git2go.v31
Followup-For: Bug #1010505
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu kinetic ubuntu-patch
Control: tags -1 patch

This package builds (and tests) fine, except for this strict version check
in the test.

Testing for versions instead of features doesn't make for very good tests.
Here's a patch that relaxes the version check (but really, it should just be
dropped upstream, and if there are specific compatibilities they're
concerned about, those should be expressed as tests of the code).

Cheers,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru 
golang-gopkg-libgit2-git2go.v31-31.4.3/debian/patches/libgit-1.3-compat.patch 
golang-gopkg-libgit2-git2go.v31-31.4.3/debian/patches/libgit-1.3-compat.patch
--- 
golang-gopkg-libgit2-git2go.v31-31.4.3/debian/patches/libgit-1.3-compat.patch   
1969-12-31 16:00:00.0 -0800
+++ 
golang-gopkg-libgit2-git2go.v31-31.4.3/debian/patches/libgit-1.3-compat.patch   
2022-05-17 09:09:59.0 -0700
@@ -0,0 +1,21 @@
+Description: raise the upper bound for libgit compat
+ Generally best not to put upper version constraints in source code, we don't
+ know the future.
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1010505
+Last-Update: 2022-05-17
+Forwarded: no
+
+Index: golang-gopkg-libgit2-git2go.v31-31.4.3/git_system_dynamic.go
+===
+--- golang-gopkg-libgit2-git2go.v31-31.4.3.orig/git_system_dynamic.go
 golang-gopkg-libgit2-git2go.v31-31.4.3/git_system_dynamic.go
+@@ -7,7 +7,7 @@
+ #cgo CFLAGS: -DLIBGIT2_DYNAMIC
+ #include 
+ 
+-#if LIBGIT2_VER_MAJOR != 1 || LIBGIT2_VER_MINOR < 1 || LIBGIT2_VER_MINOR > 1
++#if LIBGIT2_VER_MAJOR != 1 || LIBGIT2_VER_MINOR < 1 || LIBGIT2_VER_MINOR > 3
+ # error "Invalid libgit2 version; this git2go supports libgit2 between v1.1.0 
and v1.1.0"
+ #endif
+ */
diff -Nru golang-gopkg-libgit2-git2go.v31-31.4.3/debian/patches/series 
golang-gopkg-libgit2-git2go.v31-31.4.3/debian/patches/series
--- golang-gopkg-libgit2-git2go.v31-31.4.3/debian/patches/series
2021-08-29 09:48:38.0 -0700
+++ golang-gopkg-libgit2-git2go.v31-31.4.3/debian/patches/series
2022-05-17 09:08:10.0 -0700
@@ -1 +1,2 @@
 Skip-remote-tests.patch
+libgit-1.3-compat.patch

Processed: Re: golang-gopkg-libgit2-git2go.v31 autopkgtest failure with libgit2 1.3

2022-05-17 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 patch
Bug #1010505 [golang-gopkg-libgit2-git2go.v31] golang-gopkg-libgit2-git2go.v31 
autopkgtest failure with libgit2 1.3
Added tag(s) patch.

-- 
1010505: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010505
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1006008: python-cryptography: FTBFS with OpenSSL 3.0

2022-05-17 Thread Agathe Porte 

Hi,

17/05/2022 08:43, John Paul Adrian Glaubitz :

Hi!


Looks like an upgrade to at least v35.0.0 is needed to fix this issue:
https://github.com/pyca/cryptography/issues/7039#issuecomment-1088566628=

Not necessarily. One of the Python core developers, Christian Heimes, actually
backported fixes for Python3.10 and OpenSSL 3.0.0 for Fedora [1].


I do not know when that was done, but the two latest Fedora releases 
have been using >=35 versions which properly support OpenSSL 3.0 [1]. I 
have opened #1011155 in order to discuss why we cannot just update to 
latest upstream versions, if that is the case, and to not pollute this 
thread.


[1] https://src.fedoraproject.org/rpms/python-cryptography

[2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011155

Best regards,

Agata.

Bug#1011152: spyder: Console not starting. Spyder alerts : iPython 7.31.1 & qtconsole 5.3.0 not installed. But they are !

2022-05-17 Thread Julian Gilbey 
Dear RB68,

On Tue, May 17, 2022 at 04:54:19PM +0200, RB68 wrote:
> Package: spyder
> Version: 5.3.0+dfsg1-7
> Severity: grave
> Justification: renders package unusable
> X-Debbugs-Cc: epsommum...@virgilio.it
> 
> Dear Maintainer,
> 
> I upgraded Spyder 4.2.1 to 5.3 both on my main desktop PC and in a qemu 
> client.
> In both cases I encountered a problem.
> 
> The console would not start in the qemu client, Spyder alerting that iPython
> 7.31.1 & qtconsole 5.3.0 are not installed, even though they are ! After a
> reboot I still faced the same problem.

Thanks for this report.  This is strange...

> [...]
> 
> Here are the error messages from Spyder :
> 
> # Mandatory:
> IPython >=7.31.1 : 7.28.0 (NOK)
> qtconsole >=5.3.0;<5.4.0 : 5.1.1 (NOK)

This says that the versions of ipython and qtconsole that spyder has
loaded are versions 7.28.0 and 5.1.1 respectively.

> Traceback (most recent call last):
>   File "/home/horses/.local/lib/python3.9/site-
> packages/qtconsole/base_frontend_mixin.py", line 138, in _dispatch
> handler(msg)

And I think we have the problem: you have locally installed versions
of several of the required Python packages (presumably using "pip3
install --user", and these are loaded in preference to the system
versions.

Have a look at the directory ~/.local/lib/python3.9/site-packages to
see what's locally installed, and uninstall all of the packages that
have newer versions on the system.  For example:

pip3 uninstall qtconsole iPython

I assume that doing this will resolve the problem.  If not, please let
me know.

Best wishes,

   Julian

Bug#1011152: marked as done (spyder: Console not starting. Spyder alerts : iPython 7.31.1 & qtconsole 5.3.0 not installed. But they are !)

2022-05-17 Thread Debian Bug Tracking System 
Your message dated Tue, 17 May 2022 17:13:21 +0100
with message-id 
and subject line Re: Bug#1011152: spyder: Console not starting. Spyder alerts : 
iPython 7.31.1 & qtconsole 5.3.0 not installed. But they are !
has caused the Debian Bug report #1011152,
regarding spyder: Console not starting. Spyder alerts : iPython 7.31.1 & 
qtconsole 5.3.0 not installed. But they are !
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1011152: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011152
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: spyder
Version: 5.3.0+dfsg1-7
Severity: grave
Justification: renders package unusable
X-Debbugs-Cc: epsommum...@virgilio.it

Dear Maintainer,

I upgraded Spyder 4.2.1 to 5.3 both on my main desktop PC and in a qemu client.
In both cases I encountered a problem.

The console would not start in the qemu client, Spyder alerting that iPython
7.31.1 & qtconsole 5.3.0 are not installed, even though they are ! After a
reboot I still faced the same problem.

On my main desktop (which hosts qemu), I got the same alerts...but the console
started. I tested some python code I worked on the day before, and it still
works fine. So the alerts do not prevent Spyder from functioning normally.




Here are the error messages from Spyder :

# Mandatory:
IPython >=7.31.1 : 7.28.0 (NOK)
qtconsole >=5.3.0;<5.4.0 : 5.1.1 (NOK)


Traceback (most recent call last):
  File "/home/horses/.local/lib/python3.9/site-
packages/qtconsole/base_frontend_mixin.py", line 138, in _dispatch
handler(msg)
  File "/usr/lib/python3/dist-
packages/spyder/plugins/ipythonconsole/widgets/namespacebrowser.py", line 212,
in _handle_execute_reply
super(NamepaceBrowserWidget, self)._handle_execute_reply(msg)
  File "/home/horses/.local/lib/python3.9/site-
packages/qtconsole/jupyter_widget.py", line 191, in _handle_execute_reply
self._show_interpreter_prompt(number)
  File "/home/horses/.local/lib/python3.9/site-
packages/qtconsole/jupyter_widget.py", line 382, in _show_interpreter_prompt
self._show_prompt(self._make_in_prompt(number), html=True)
  File "/usr/lib/python3/dist-
packages/spyder/plugins/ipythonconsole/widgets/debugging.py", line 654, in
_show_prompt
super(DebuggingWidget, self)._show_prompt(prompt, html, newline,
TypeError: _show_prompt() takes from 1 to 4 positional arguments but 5 were
given



I googled this, read some bug reports, some forum discussions, but did not find
any solution.


-- System Information:
Debian Release: bookworm/sid
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.16.0-6-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), 
LANGUAGE=fr:en_US:ja
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages spyder depends on:
ii  python3 3.9.2-3
ii  python3-spyder  5.3.0+dfsg1-7

spyder recommends no packages.

Versions of packages spyder suggests:
pn  python3-spyder-unittest  

Versions of packages python3-spyder depends on:
ii  ipython3   7.31.1-1
ii  libjs-jquery   3.6.0+dfsg+~3.5.13-1
ii  libjs-mathjax  2.7.9+dfsg-1
ii  pyflakes3  2.4.0-2
ii  pylint 2.12.2-1
ii  python33.9.2-3
ii  python3-atomicwrites   1.4.0-2
ii  python3-autopep8   1.6.0-1
ii  python3-chardet4.0.0-2
ii  python3-cloudpickle2.0.0-1
ii  python3-cookiecutter   1.7.3-1
ii  python3-diff-match-patch   20200713-2
ii  python3-docutils   0.17.1+dfsg-2
ii  python3-flake8 4.0.1-2
ii  python3-intervaltree   3.0.2-1.1
ii  python3-ipython7.31.1-1
ii  python3-jedi   0.18.0-1
ii  python3-jellyfish  0.8.9-1+b1
ii  python3-jsonschema 3.2.0-5
ii  python3-keyring23.5.0-1
ii  python3-mccabe 0.6.1-3
ii  python3-nbconvert  6.4.4-1
ii  python3-numpydoc   1.2.1-1
ii  python3-parso  0.8.1-1
ii  python3-pexpect4.8.0-2
ii  python3-pickleshare0.7.5-5
ii  python3-pkg-resources  59.6.0-1.2
ii  python3-psutil 5.9.0-1
ii  python3-pycodestyle2.8.0-2
ii  python3-pydocstyle 6.1.1-1
ii  python3-pygments   2.11.2+dfsg-2
ii  python3-pyls-spyder0.4.0-2
ii  python3-pylsp  1.4.1-2
ii  python3-pylsp-black1.2.1-1
ii  python3-pyqt5  5.15.6+dfsg-1+b2
ii

Bug#1011131: josm: FTBFS with JavaCC 6

2022-05-17 Thread Sebastiaan Couwenberg 

In the upstream issue it's noted that javacc 6.1.3 was never released:

"
 This tagged release may or may not be released, but is tagged here so
 that we maintain a history prior to merging in Francis' substantial
 changes.
"

https://github.com/javacc/javacc/releases/tag/release_6_1_3

6.1.2 is the most recent 6.x on Maven Central:

 https://search.maven.org/artifact/net.java.dev.javacc/javacc

And that works as expected:


https://github.com/simonpoole/OpeningHoursParser/issues/72#issuecomment-1129016265

Would you consider downgrading to 6.1.2?

Kind Regards,

Bas

--
 GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146  50D1 6750 F10A E88D 4AF1

Bug#1005718: mosh: FTBFS with OpenSSL 3.0

2022-05-17 Thread Axel Beckert 
Hi Vincent,

Vincent Lefevre wrote:
> > > Shouldn't Debian use -Wno-error=deprecated-declarations to ignore
> > > the use of deprecated functions?
> > 
> > No, in contrary. These kind of problems only appear in Debian Unstable
> > which is our development branch. And there we should see such issues
> > rather early than late.
> 
> Upstream developers could (should) test their software on a machine
> with recent libraries (such as Debian/unstable), so that they would
> see the issue without needing downstream to tell them.

I agree.

> Or Debian should have a specific build system (with options like
> -Werror=deprecated-declarations for any package) just for testing
> and reporting bugs to upstream, but which would not affect the
> build of packages for Debian/unstable.

I disagree.

> Concerning this bug, it was reported upstream 3 months ago, and
> there is still no reaction there.

You are aware, that at least for mosh the Debian package maintainer
and main upstream developer of Mosh is the same person? So actually
the forwarding of this bug report into the upstream bug tracker was an
upstream reaction itself.

Regards, Axel
-- 
 ,''`.  |  Axel Beckert , https://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-|  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE

Bug#1010883: dkms breaks nvidia-graphics-drivers autopkgtest on arm64: unmet dependencies

2022-05-17 Thread Andreas Beckmann 

On 12/05/2022 14.21, Andreas Beckmann wrote:
That dependency problem should resolve automatically once src:linux gets 
decrufted.
But we should probably have a better way to enumerate "all 
linux-header-* packages" in dkms-autopkgtest ... and skip cruft ...


Nope, that is a problem in src:linux-signed-amd64 after src:linux got 
binNMUed, the metapackges are uninstallable


The following packages have unmet dependencies:
 linux-headers-amd64 : Depends: linux-headers-5.17.0-2-amd64 (= 
5.17.6-1) but it is not going to be installed


$ rmadison linux-headers-5.17.0-2-amd64
linux-headers-5.17.0-2-amd64 | 5.17.6-1+b1   | unstable   | amd64


Andreas

Bug#1005718: mosh: FTBFS with OpenSSL 3.0

2022-05-17 Thread Vincent Lefevre 
Hi Axel,

On 2022-05-17 14:26:51 +0200, Axel Beckert wrote:
> Vincent Lefevre wrote:
> > Shouldn't Debian use -Wno-error=deprecated-declarations to ignore
> > the use of deprecated functions?
> 
> No, in contrary. These kind of problems only appear in Debian Unstable
> which is our development branch. And there we should see such issues
> rather early than late.

Upstream developers could (should) test their software on a machine
with recent libraries (such as Debian/unstable), so that they would
see the issue without needing downstream to tell them.

Or Debian should have a specific build system (with options like
-Werror=deprecated-declarations for any package) just for testing
and reporting bugs to upstream, but which would not affect the
build of packages for Debian/unstable.

The problem is that it can take months before upstream provides
updated code, while in general, deprecated functions are not removed
before several years (giving the time to developers to notice them
even on platforms with a stable OS release). Of course, this is
completely different if the maintainer or some other Debian developer
is willing to do the work.

Concerning this bug, it was reported upstream 3 months ago, and
there is still no reaction there.

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Bug#1011127: [Pkg-openssl-devel] Bug#1011127: libssl3 breaks systems vith VIA Nehemiah cpu

2022-05-17 Thread Wolfgang Walter 

Am 2022-05-17 15:34, schrieb Sebastian Andrzej Siewior:

On 2022-05-17 12:53:07 [+0200], Wolfgang Walter wrote:
Systems with VIA Nehemiah cpu break after upgrading unstable. All 
commands

using libssl3 fail with

…

lscpu shows:

Architecture:i686
CPU op-mode(s):  32-bit

…
Flags:   fpu vme de pse tsc msr cx8 sep mtrr 
pge

cmov pat mmx fxsr sse cpuid rng rng_en ace ace_en


My guess is that your CPU lacks sse2, which in turn doesn't support
multi-byte nops, which in turn does not support the endbr opcode / CET.
I built i386 packages without endbr and uploaded everything to
https://people.debian.org/~bigeasy/openssl-3-noendbr/

Could you please give a try report if this is correct?

Sebastian


Yes, with libssl3_3.0.3-4.noendbr_i386.deb this is fixed.

Thanks
--
Wolfgang Walter
Studentenwerk München
Anstalt des öffentlichen Rechts

Bug#999716: marked as done (ruby-omniauth-google-oauth2: FTBFS with ruby-omniauth 2.0.x: ERROR: Test "ruby2.7" failed: NoMethodError:)

2022-05-17 Thread Debian Bug Tracking System 
Your message dated Tue, 17 May 2022 13:33:41 +
with message-id 
and subject line Bug#999716: fixed in ruby-omniauth-google-oauth2 1.0.1-1
has caused the Debian Bug report #999716,
regarding ruby-omniauth-google-oauth2: FTBFS with ruby-omniauth 2.0.x: ERROR: 
Test "ruby2.7" failed:  NoMethodError:
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
999716: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999716
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: ruby-omniauth-google-oauth2
Version: 0.6.0-2
Severity: serious
Justification: FTBFS
Tags: bookworm sid ftbfs
User: debian-r...@lists.debian.org
Usertags: ruby-omniauth-2.0

Hi,

I would like to upload ruby-omniauth 2.0.4 to unstable soon. During a test
rebuild, ruby-omniauth-google-oauth2 was found to fail to build in that 
situation.

To reproduce this locally, you need to install ruby-omniauth from experimental
on an unstable system or build chroot.

Relevant part (hopefully):
>  NoMethodError:
>undefined method `[]' for nil:NilClass
>  # 
> /usr/share/rubygems-integration/all/gems/omniauth-2.0.4/lib/omniauth/strategy.rb:501:in
>  `script_name'
>  # 
> /usr/share/rubygems-integration/all/gems/omniauth-2.0.4/lib/omniauth/strategy.rb:450:in
>  `callback_path'
>  # ./spec/omniauth/strategies/google_oauth2_spec.rb:293:in `block (3 
> levels) in '
> 
> Finished in 0.09861 seconds (files took 0.22631 seconds to load)
> 102 examples, 1 failure
> 
> Failed examples:
> 
> rspec ./spec/omniauth/strategies/google_oauth2_spec.rb:292 # 
> OmniAuth::Strategies::GoogleOauth2#callback_path has the correct default 
> callback path
> 
> /usr/bin/ruby2.7 
> -I/usr/share/rubygems-integration/all/gems/rspec-support-3.9.3/lib:/usr/share/rubygems-integration/all/gems/rspec-core-3.9.2/lib
>  /usr/share/rubygems-integration/all/gems/rspec-core-3.9.2/exe/rspec 
> --pattern ./spec/\*\*/\*_spec.rb --format documentation failed
> ERROR: Test "ruby2.7" failed: 


The full build log is available at
https://people.debian.org/~terceiro/rebuilds/ruby-omniauth-2.0/ruby-omniauth-google-oauth2.log


signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: ruby-omniauth-google-oauth2
Source-Version: 1.0.1-1
Done: Mohammed Bilal 

We believe that the bug you reported is fixed in the latest version of
ruby-omniauth-google-oauth2, which is due to be installed in the Debian FTP 
archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 999...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Mohammed Bilal  (supplier of updated 
ruby-omniauth-google-oauth2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 17 May 2022 07:55:22 +
Source: ruby-omniauth-google-oauth2
Architecture: source
Version: 1.0.1-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Ruby Team 

Changed-By: Mohammed Bilal 
Closes: 999716
Changes:
 ruby-omniauth-google-oauth2 (1.0.1-1) experimental; urgency=medium
 .
   * Team Upload.
 .
   [ Debian Janitor ]
   * Trim trailing whitespace.
   * Set upstream metadata fields: Bug-Database, Repository, Repository-
 Browse.
 .
   [ Cédric Boutillier ]
   * [ci skip] Update team name
   * [ci skip] Add .gitattributes to keep unwanted files out of the
 source package
 .
   [ Debian Janitor ]
   * Update watch file format version to 4.
   * Set upstream metadata fields: Bug-Submit.
   * Update standards version to 4.5.0, no changes needed.
   * Remove constraints unnecessary since buster
 .
   [ Mohammed Bilal ]
   * New upstream version 1.0.1 (Closes: #999716)
   * Tighten dependencies
   * Bump debhelper compatibility level to 13
   * Bump Standards-Version to 4.6.1 (no changes needed)
Checksums-Sha1:
 321cb84bd0527959d180c3942f41d37682848e87 2329 
ruby-omniauth-google-oauth2_1.0.1-1.dsc
 fffb0147994b35b3248ade353b9100654faecbeb 19530 
ruby-omniauth-google-oauth2_1.0.1.orig.tar.gz
 50c605a4c4e33dc3f81db920a637f2579f49dd89 3516 
ruby-omniauth-google-oauth2_1.0.1-1.debian.tar.xz
 989de5babec23e2130ce1e2b933207a89ac51049 9744 
ruby-omniauth-google-oauth2_1.0.1-1_amd64.buildinfo
Checksums-Sha256:

Bug#999722: marked as done (ruby-omniauth-openid: FTBFS with ruby-omniauth 2.0.x: ERROR: Test "ruby2.7" failed: /usr/lib/ruby/vendor_ruby/rubygems/specification.rb:1404:in `rescue in block in activate

2022-05-17 Thread Debian Bug Tracking System 
Your message dated Tue, 17 May 2022 13:33:48 +
with message-id 
and subject line Bug#999722: fixed in ruby-omniauth-openid 2.0.1-1
has caused the Debian Bug report #999722,
regarding ruby-omniauth-openid: FTBFS with ruby-omniauth 2.0.x: ERROR: Test 
"ruby2.7" failed: /usr/lib/ruby/vendor_ruby/rubygems/specification.rb:1404:in 
`rescue in block in activate_dependencies': Could not find 'omniauth' (~> 1.0) 
among 77 total gem(s) (Gem::MissingSpecError)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
999722: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999722
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: ruby-omniauth-openid
Version: 1.0.1-4
Severity: serious
Justification: FTBFS
Tags: bookworm sid ftbfs
User: debian-r...@lists.debian.org
Usertags: ruby-omniauth-2.0

Hi,

I would like to upload ruby-omniauth 2.0.4 to unstable soon. During a test
rebuild, ruby-omniauth-openid was found to fail to build in that situation.

To reproduce this locally, you need to install ruby-omniauth from experimental
on an unstable system or build chroot. I would expect a new upstream version to
work against the latest ruby-omniauth just fine.

Relevant part (hopefully):
> /usr/lib/ruby/vendor_ruby/rubygems/specification.rb:1404:in `rescue in block 
> in activate_dependencies': Could not find 'omniauth' (~> 1.0) among 77 total 
> gem(s) (Gem::MissingSpecError)
> Checked in 
> 'GEM_PATH=/<>/debian/ruby-omniauth-openid/usr/share/rubygems-integration/all:/var/lib/gems/2.7.0:/usr/local/lib/ruby/gems/2.7.0:/usr/lib/ruby/gems/2.7.0:/usr/lib/x86_64-linux-gnu/ruby/gems/2.7.0:/usr/share/rubygems-integration/2.7.0:/usr/share/rubygems-integration/all:/usr/lib/x86_64-linux-gnu/rubygems-integration/2.7.0'
>  at: 
> /<>/debian/ruby-omniauth-openid/usr/share/rubygems-integration/all/specifications/omniauth-openid-1.0.1.gemspec,
>  execute `gem env` for more information
>   from /usr/lib/ruby/vendor_ruby/rubygems/specification.rb:1401:in `block 
> in activate_dependencies'
>   from /usr/lib/ruby/vendor_ruby/rubygems/specification.rb:1390:in `each'
>   from /usr/lib/ruby/vendor_ruby/rubygems/specification.rb:1390:in 
> `activate_dependencies'
>   from /usr/lib/ruby/vendor_ruby/rubygems/specification.rb:1372:in 
> `activate'
>   from /usr/lib/ruby/vendor_ruby/rubygems/core_ext/kernel_gem.rb:68:in 
> `block in gem'
>   from /usr/lib/ruby/vendor_ruby/rubygems/core_ext/kernel_gem.rb:68:in 
> `synchronize'
>   from /usr/lib/ruby/vendor_ruby/rubygems/core_ext/kernel_gem.rb:68:in 
> `gem'
>   from -e:1:in `'
> /usr/lib/ruby/vendor_ruby/rubygems/dependency.rb:313:in `to_specs': Could not 
> find 'omniauth' (~> 1.0) - did find: [omniauth-2.0.4] 
> (Gem::MissingSpecVersionError)
> Checked in 
> 'GEM_PATH=/<>/debian/ruby-omniauth-openid/usr/share/rubygems-integration/all:/var/lib/gems/2.7.0:/usr/local/lib/ruby/gems/2.7.0:/usr/lib/ruby/gems/2.7.0:/usr/lib/x86_64-linux-gnu/ruby/gems/2.7.0:/usr/share/rubygems-integration/2.7.0:/usr/share/rubygems-integration/all:/usr/lib/x86_64-linux-gnu/rubygems-integration/2.7.0'
>  , execute `gem env` for more information
>   from /usr/lib/ruby/vendor_ruby/rubygems/specification.rb:1402:in `block 
> in activate_dependencies'
>   from /usr/lib/ruby/vendor_ruby/rubygems/specification.rb:1390:in `each'
>   from /usr/lib/ruby/vendor_ruby/rubygems/specification.rb:1390:in 
> `activate_dependencies'
>   from /usr/lib/ruby/vendor_ruby/rubygems/specification.rb:1372:in 
> `activate'
>   from /usr/lib/ruby/vendor_ruby/rubygems/core_ext/kernel_gem.rb:68:in 
> `block in gem'
>   from /usr/lib/ruby/vendor_ruby/rubygems/core_ext/kernel_gem.rb:68:in 
> `synchronize'
>   from /usr/lib/ruby/vendor_ruby/rubygems/core_ext/kernel_gem.rb:68:in 
> `gem'
>   from -e:1:in `'
> addressable (2.8.0)
> benchmark (default: 0.1.0)
> bigdecimal (default: 2.0.0)
> bundler (default: 2.1.4)
> cgi (default: 0.1.0)
> crack (0.4.4)
> csv (default: 3.1.2)
> date (default: 3.0.0)
> dbm (default: 1.1.0)
> delegate (default: 0.1.0)
> did_you_mean (default: 1.4.0)
> diff-lcs (1.4.4)
> etc (default: 1.1.0)
> fcntl (default: 1.0.0)
> fiddle (default: 1.0.0)
> fileutils (default: 1.4.1)
> forwardable (default: 1.3.1)
> gdbm (default: 2.1.0)
> getoptlong (default: 0.1.0)
> hashdiff (1.0.1)
> hashie (3.5.5)
> io-console (default: 0.5.6)
> ipaddr (default: 1.2.2)
> irb (default: 1.2.6)
> json (default: 2.3.0)
> logger (default: 1.4.2)
> matrix (default: 0.2.0)
> minitest (5.13.0)
> mutex_m (default: 0.1.0)
> net-pop (default: 0.1.0)
> net-smtp (default: 0.1.0)
>

Bug#1011127: [Pkg-openssl-devel] Bug#1011127: libssl3 breaks systems vith VIA Nehemiah cpu

2022-05-17 Thread Sebastian Andrzej Siewior 
On 2022-05-17 12:53:07 [+0200], Wolfgang Walter wrote:
> Systems with VIA Nehemiah cpu break after upgrading unstable. All commands
> using libssl3 fail with
…
> lscpu shows:
> 
> Architecture:i686
> CPU op-mode(s):  32-bit
…
> Flags:   fpu vme de pse tsc msr cx8 sep mtrr pge
> cmov pat mmx fxsr sse cpuid rng rng_en ace ace_en

My guess is that your CPU lacks sse2, which in turn doesn't support
multi-byte nops, which in turn does not support the endbr opcode / CET.
I built i386 packages without endbr and uploaded everything to
https://people.debian.org/~bigeasy/openssl-3-noendbr/

Could you please give a try report if this is correct?

Sebastian

Processed: nvidia-graphics-drivers: CVE-2022-28181, CVE-2022-28183, CVE-2022-28184, CVE-2022-28185, CVE-2022-28191, CVE-2022-28192

2022-05-17 Thread Debian Bug Tracking System 
Processing control commands:

> clone -1 -2 -3 -4 -5 -6 -7 -8
Bug #1011140 [src:nvidia-graphics-drivers] nvidia-graphics-drivers: 
CVE-2022-28181, CVE-2022-28183, CVE-2022-28184, CVE-2022-28185, CVE-2022-28191, 
CVE-2022-28192
Bug 1011140 cloned as bugs 1011141-1011147
> reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Bug #1011141 [src:nvidia-graphics-drivers] nvidia-graphics-drivers: 
CVE-2022-28181, CVE-2022-28183, CVE-2022-28184, CVE-2022-28185, CVE-2022-28191, 
CVE-2022-28192
Bug reassigned from package 'src:nvidia-graphics-drivers' to 
'src:nvidia-graphics-drivers-legacy-340xx'.
Ignoring request to alter found versions of bug #1011141 to the same values 
previously set
Ignoring request to alter fixed versions of bug #1011141 to the same values 
previously set
Bug #1011141 [src:nvidia-graphics-drivers-legacy-340xx] 
nvidia-graphics-drivers: CVE-2022-28181, CVE-2022-28183, CVE-2022-28184, 
CVE-2022-28185, CVE-2022-28191, CVE-2022-28192
Marked as found in versions nvidia-graphics-drivers-legacy-340xx/340.76-6.
> retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2022-28181, 
> CVE-2022-28185
Bug #1011141 [src:nvidia-graphics-drivers-legacy-340xx] 
nvidia-graphics-drivers: CVE-2022-28181, CVE-2022-28183, CVE-2022-28184, 
CVE-2022-28185, CVE-2022-28191, CVE-2022-28192
Changed Bug title to 'nvidia-graphics-drivers-legacy-340xx: CVE-2022-28181, 
CVE-2022-28185' from 'nvidia-graphics-drivers: CVE-2022-28181, CVE-2022-28183, 
CVE-2022-28184, CVE-2022-28185, CVE-2022-28191, CVE-2022-28192'.
> tag -2 + wontfix
Bug #1011141 [src:nvidia-graphics-drivers-legacy-340xx] 
nvidia-graphics-drivers-legacy-340xx: CVE-2022-28181, CVE-2022-28185
Added tag(s) wontfix.
> reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Bug #1011142 [src:nvidia-graphics-drivers] nvidia-graphics-drivers: 
CVE-2022-28181, CVE-2022-28183, CVE-2022-28184, CVE-2022-28185, CVE-2022-28191, 
CVE-2022-28192
Bug reassigned from package 'src:nvidia-graphics-drivers' to 
'src:nvidia-graphics-drivers-legacy-390xx'.
Ignoring request to alter found versions of bug #1011142 to the same values 
previously set
Ignoring request to alter fixed versions of bug #1011142 to the same values 
previously set
Bug #1011142 [src:nvidia-graphics-drivers-legacy-390xx] 
nvidia-graphics-drivers: CVE-2022-28181, CVE-2022-28183, CVE-2022-28184, 
CVE-2022-28185, CVE-2022-28191, CVE-2022-28192
Marked as found in versions nvidia-graphics-drivers-legacy-390xx/390.48-4.
> retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2022-28181, 
> CVE-2022-28185
Bug #1011142 [src:nvidia-graphics-drivers-legacy-390xx] 
nvidia-graphics-drivers: CVE-2022-28181, CVE-2022-28183, CVE-2022-28184, 
CVE-2022-28185, CVE-2022-28191, CVE-2022-28192
Changed Bug title to 'nvidia-graphics-drivers-legacy-390xx: CVE-2022-28181, 
CVE-2022-28185' from 'nvidia-graphics-drivers: CVE-2022-28181, CVE-2022-28183, 
CVE-2022-28184, CVE-2022-28185, CVE-2022-28191, CVE-2022-28192'.
> reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Bug #1011143 [src:nvidia-graphics-drivers] nvidia-graphics-drivers: 
CVE-2022-28181, CVE-2022-28183, CVE-2022-28184, CVE-2022-28185, CVE-2022-28191, 
CVE-2022-28192
Bug reassigned from package 'src:nvidia-graphics-drivers' to 
'src:nvidia-graphics-drivers-tesla-418'.
Ignoring request to alter found versions of bug #1011143 to the same values 
previously set
Ignoring request to alter fixed versions of bug #1011143 to the same values 
previously set
Bug #1011143 [src:nvidia-graphics-drivers-tesla-418] nvidia-graphics-drivers: 
CVE-2022-28181, CVE-2022-28183, CVE-2022-28184, CVE-2022-28185, CVE-2022-28191, 
CVE-2022-28192
The source 'nvidia-graphics-drivers-tesla-418' and version '418.87.01-1' do not 
appear to match any binary packages
Marked as found in versions nvidia-graphics-drivers-tesla-418/418.87.01-1.
> retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2022-28181, CVE-2022-28185, 
> CVE-2022-28192
Bug #1011143 [src:nvidia-graphics-drivers-tesla-418] nvidia-graphics-drivers: 
CVE-2022-28181, CVE-2022-28183, CVE-2022-28184, CVE-2022-28185, CVE-2022-28191, 
CVE-2022-28192
Changed Bug title to 'nvidia-graphics-drivers-tesla-418: CVE-2022-28181, 
CVE-2022-28185, CVE-2022-28192' from 'nvidia-graphics-drivers: CVE-2022-28181, 
CVE-2022-28183, CVE-2022-28184, CVE-2022-28185, CVE-2022-28191, CVE-2022-28192'.
> tag -4 + wontfix
Bug #1011143 [src:nvidia-graphics-drivers-tesla-418] 
nvidia-graphics-drivers-tesla-418: CVE-2022-28181, CVE-2022-28185, 
CVE-2022-28192
Added tag(s) wontfix.
> reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Bug #1011144 [src:nvidia-graphics-drivers] nvidia-graphics-drivers: 
CVE-2022-28181, CVE-2022-28183, CVE-2022-28184, CVE-2022-28185, CVE-2022-28191, 
CVE-2022-28192
Bug reassigned from package 'src:nvidia-graphics-drivers' to 
'src:nvidia-graphics-drivers-tesla-450'.
Ignoring request to alter found versions of bug #1011144 to the same values 
previously set
Ignoring request to alter fixed versions of bug

Bug#1011140: nvidia-graphics-drivers: CVE-2022-28181, CVE-2022-28183, CVE-2022-28184, CVE-2022-28185, CVE-2022-28191, CVE-2022-28192

2022-05-17 Thread Andreas Beckmann 
Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
Control: clone -1 -2 -3 -4 -5 -6 -7 -8
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2022-28181, 
CVE-2022-28185
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2022-28181, 
CVE-2022-28185
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2022-28181, 
CVE-2022-28185, CVE-2022-28192
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2022-28181, 
CVE-2022-28185, CVE-2022-28192
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2022-28181, 
CVE-2022-28183, CVE-2022-28184, CVE-2022-28185, CVE-2022-28191, CVE-2022-28192
Control: tag -6 + wontfix
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2022-28181, 
CVE-2022-28183, CVE-2022-28184, CVE-2022-28185, CVE-2022-28191, CVE-2022-28192
Control: reassign -8 src:nvidia-graphics-drivers-tesla-510 510.47.03-1
Control: retitle -8 nvidia-graphics-drivers-tesla-510: CVE-2022-28181, 
CVE-2022-28183, CVE-2022-28184, CVE-2022-28185, CVE-2022-28191, CVE-2022-28192
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1

https://nvidia.custhelp.com/app/answers/detail/a_id/5353

CVE-2022-28181  NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer, where an unprivileged regular
user on the network can cause an out-of-bounds write through a specially
crafted shader, which may lead to code execution, denial of service,
escalation of privileges, information disclosure, and data tampering.
The scope of the impact may extend to other components.

CVE-2022-28183  NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer, where an unprivileged regular
user can cause an out-of-bounds read, which may lead to denial of
service and information disclosure.

CVE-2022-28184  NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for
DxgkDdiEscape, where an unprivileged regular user can access
administrator- privileged registers, which may lead to denial of
service, information disclosure, and data tampering.

CVE-2022-28185 NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the ECC layer, where an unprivileged regular user can
cause an out-of-bounds write, which may lead to denial of service and
data tampering.

CVE-2022-28191  NVIDIA vGPU software contains a vulnerability in the
Virtual GPU Manager (nvidia.ko), where uncontrolled resource consumption
can be triggered by an unprivileged regular user, which may lead to
denial of service.

CVE-2022-28192  NVIDIA vGPU software contains a vulnerability in the
Virtual GPU Manager (nvidia.ko), where it may lead to a use-after-free,
which in turn may cause denial of service. This attack is complex to
carry out because the attacker needs to have control over freeing some
host side resources out of sequence, which requires elevated privileges.

Driver Branch   CVE IDs Addressed
R510 and R470   CVE-2022-28181, CVE-2022-28183, CVE-2022-28184, CVE-2022-28185, 
CVE-2022-28191, CVE-2022-28192
R450CVE-2022-28181, CVE-2022-28185, CVE-2022-28192
R390CVE-2022-28181, CVE-2022-28185

Andreas

Bug#1011139: python-omegaconf: FTBFS without internet connection

2022-05-17 Thread Lukas Märdian 
Package: python-omegaconf
Version: 2.1.0~rc1-2
Severity: serious
Tags: ftbfs
Justification: fails to build from source (but built successfully in the past)
X-Debbugs-Cc: sl...@ubuntu.com

Dear Maintainer,

The python-omegaconf package fails to build from source, whenever the host
is not connected to the internet (or behind a proxy). This can also be seen in
Debian's reproducible-builds:
https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/python-omegaconf.html

Cheers,
  Lukas

python3.9 setup.py install --install-layout=deb --root 
/build/1st/python-omegaconf-2.1.0~rc1/debian/tmp
/usr/lib/python3/dist-packages/setuptools/installer.py:27: 
SetuptoolsDeprecationWarning: setuptools.installer is deprecated. Requirements 
should be satisfied by a PEP 517 installer.
  warnings.warn(
WARNING: Retrying (Retry(total=4, connect=None, read=None, redirect=None, 
status=None)) after connection broken by 
'NewConnectionError(': Failed to establish a new connection: [Errno -3] Temporary 
failure in name resolution')': /simple/pytest-runner/
WARNING: Retrying (Retry(total=3, connect=None, read=None, redirect=None, 
status=None)) after connection broken by 
'NewConnectionError(': Failed to establish a new connection: [Errno -3] Temporary 
failure in name resolution')': /simple/pytest-runner/
WARNING: Retrying (Retry(total=2, connect=None, read=None, redirect=None, 
status=None)) after connection broken by 
'NewConnectionError(': Failed to establish a new connection: [Errno -3] Temporary 
failure in name resolution')': /simple/pytest-runner/
WARNING: Retrying (Retry(total=1, connect=None, read=None, redirect=None, 
status=None)) after connection broken by 
'NewConnectionError(': Failed to establish a new connection: [Errno -3] Temporary 
failure in name resolution')': /simple/pytest-runner/
WARNING: Retrying (Retry(total=0, connect=None, read=None, redirect=None, 
status=None)) after connection broken by 
'NewConnectionError(': Failed to establish a new connection: [Errno -3] Temporary 
failure in name resolution')': /simple/pytest-runner/
ERROR: Could not find a version that satisfies the requirement pytest-runner 
(from versions: none)
ERROR: No matching distribution found for pytest-runner
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/setuptools/installer.py", line 82, in 
fetch_build_egg
subprocess.check_call(cmd)
  File "/usr/lib/python3.9/subprocess.py", line 373, in check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['/usr/bin/python3.9', '-m', 'pip', 
'--disable-pip-version-check', 'wheel', '--no-deps', '-w', '/tmp/tmpjd7rmory', 
'--quiet', 'pytest-runner']' returned non-zero exit status 1.

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "/build/1st/python-omegaconf-2.1.0~rc1/setup.py", line 34, in 
setuptools.setup(
  File "/usr/lib/python3/dist-packages/setuptools/__init__.py", line 152, in 
setup
_install_setup_requires(attrs)
  File "/usr/lib/python3/dist-packages/setuptools/__init__.py", line 147, in 
_install_setup_requires
dist.fetch_build_eggs(dist.setup_requires)
  File "/usr/lib/python3/dist-packages/setuptools/dist.py", line 812, in 
fetch_build_eggs
resolved_dists = pkg_resources.working_set.resolve(
  File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 771, in 
resolve
dist = best[req.key] = env.best_match(
  File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 1056, 
in best_match
return self.obtain(req, installer)
  File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 1068, 
in obtain
return installer(requirement)
  File "/usr/lib/python3/dist-packages/setuptools/dist.py", line 883, in 
fetch_build_egg
return fetch_build_egg(self, req)
  File "/usr/lib/python3/dist-packages/setuptools/installer.py", line 84, in 
fetch_build_egg
raise DistutilsError(str(e)) from e
distutils.errors.DistutilsError: Command '['/usr/bin/python3.9', '-m', 'pip', 
'--disable-pip-version-check', 'wheel', '--no-deps', '-w', '/tmp/tmpjd7rmory', 
'--quiet', 'pytest-runner']' returned non-zero exit status 1.
make[1]: *** [debian/rules:18: override_dh_auto_install] Error 1

-- System Information:
Debian Release: bookworm/sid
  APT prefers jammy-updates
  APT policy: (500, 'jammy-updates'), (500, 'jammy-security'), (500, 'jammy')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.15.0-27-generic (SMP w/4 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#1011131: marked as done (josm: FTBFS with JavaCC 6)

2022-05-17 Thread Debian Bug Tracking System 
Your message dated Tue, 17 May 2022 12:33:55 +
with message-id 
and subject line Bug#1011131: fixed in josm 0.0.svn18427+dfsg-2
has caused the Debian Bug report #1011131,
regarding josm: FTBFS with JavaCC 6
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1011131: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011131
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: josm
Version: 0.0.svn18427+dfsg-1
Severity: serious
Tags: ftbfs
Justification: FTBFS

josm fails to build with JavaCC 6:

[javac] 
/<>/src/ch/poole/openinghoursparser/OpeningHoursParserTokenManager.java:1182:
 error: incompatible types: possible lossy conversion from int to char
[javac]  throw new TokenMgrError(EOFSeen, curLexState, error_line, 
error_column, error_after, curChar, TokenMgrError.LEXICAL_ERROR);
[javac] 
  ^


This can be fixed by building with the javacc5 package instead of javacc
--- End Message ---
--- Begin Message ---
Source: josm
Source-Version: 0.0.svn18427+dfsg-2
Done: Bas Couwenberg 

We believe that the bug you reported is fixed in the latest version of
josm, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1011...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bas Couwenberg  (supplier of updated josm package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 17 May 2022 13:51:23 +0200
Source: josm
Architecture: source
Version: 0.0.svn18427+dfsg-2
Distribution: unstable
Urgency: medium
Maintainer: Debian GIS Project 
Changed-By: Bas Couwenberg 
Closes: 1011131
Changes:
 josm (0.0.svn18427+dfsg-2) unstable; urgency=medium
 .
   * Use JavaCC 5 to fix FTBFS with JavaCC 6.
 (closes: #1011131)
Checksums-Sha1:
 8e5675853f6f1e94a61222cf880527f8f6acd97c 2309 josm_0.0.svn18427+dfsg-2.dsc
 18467834409816ee775a11c6bcc9703c8d57b43f 53176 
josm_0.0.svn18427+dfsg-2.debian.tar.xz
 8f18ba533708144096e73092f35c90a992421dfd 12683 
josm_0.0.svn18427+dfsg-2_amd64.buildinfo
Checksums-Sha256:
 d57ee786a3ba26cc3715c32562523b4582e351a1712b36e97f020d7c254cc6d7 2309 
josm_0.0.svn18427+dfsg-2.dsc
 c2d6c9ab715dabad8c3fd31ba05ea99a1b0da309e07828838abbefb3782cb91e 53176 
josm_0.0.svn18427+dfsg-2.debian.tar.xz
 90e9c50e162055809ff8e6c6d4635e85a318cac4d95af75c2305788fce35ea32 12683 
josm_0.0.svn18427+dfsg-2_amd64.buildinfo
Files:
 ce46be28a3ca6deed8bd41ed22155659 2309 utils optional 
josm_0.0.svn18427+dfsg-2.dsc
 40ecedf9bc4fae5cd4b390579f4bc310 53176 utils optional 
josm_0.0.svn18427+dfsg-2.debian.tar.xz
 91f58afcc1acbd58bcb5bd30e817d711 12683 utils optional 
josm_0.0.svn18427+dfsg-2_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEgYLeQXBWQI1hRlDRZ1DxCuiNSvEFAmKDktAACgkQZ1DxCuiN
SvGmRhAAy6eiotGjNMG2z1VIH3irSoZXU2p8d93N/QIGeozl/l/zj3h6gGjj7843
GPrzShRDO6rfhVEPK5Wlcjr3vROnpAnNpWQX+1IJiRpn49DF79Zaf50mXpe6eFtw
roWloj5Fuu51BTT5dgLVcMwByJ7oevhn4PtOrkX3/bJNI3s19KoCtigTQvnzB/14
Gt9WbYkWyIXdBNtZw6PyvVjn97/5CQSjVWL9Z7O4vSg1I3xJboDw/46o5EJZ3YVf
JxoeNnztxeLhiUOiSzyWUEDq/ct48sbyl9uHBXhyXkAaJ7AWADHuI+Uozaqoeokj
r9fX7x7fu0NcGDoUFclx4FMOW66+8mDAg+fGB9fOvgXC3YF0lk5QyW/R8Ux+rbyl
x2M2Y/NuAZXt8zbnEJB5qDOhLZwJF0ZGodSQ9sK8wmywazr/F0uvVILzgucwZ8Vq
GkngIdpv0UCcrMNoECUTtKu9e2JtLhkcM0FcE11zQQRTK81TqtdOdqMCIhRG1NZb
zaq6uL9H+kkpv1yg9gGEMmWo1l5sGG2MmKub19zsJnjqwqHSxORw1O2+BjJF+Hai
2Me3pBFFLncMtOpTUe+7rZNuGpMOjfHeHdDCCHKb1Bjmdksvm61i5DI/2Cac033P
dzhXeDMAk+1lVoBR8se2yH3T10F92Vn76qM6GcrAsC+xt6yY0Zc=
=C83P
-END PGP SIGNATURE End Message ---

Bug#1005718: mosh: FTBFS with OpenSSL 3.0

2022-05-17 Thread Axel Beckert 
Hi Vincent,

Vincent Lefevre wrote:
> Shouldn't Debian use -Wno-error=deprecated-declarations to ignore
> the use of deprecated functions?

No, in contrary. These kind of problems only appear in Debian Unstable
which is our development branch. And there we should see such issues
rather early than late.

Regards, Axel
-- 
 ,''`.  |  Axel Beckert , https://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-|  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE

Processed: Re: Bug#1011131: josm: FTBFS with JavaCC 6

2022-05-17 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 pending
Bug #1011131 [src:josm] josm: FTBFS with JavaCC 6
Added tag(s) pending.

-- 
1011131: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011131
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1011131: josm: FTBFS with JavaCC 6

2022-05-17 Thread Sebastiaan Couwenberg 

Control: tags -1 pending

On 5/17/22 13:27, Emmanuel Bourg wrote:

This can be fixed by building with the javacc5 package instead of javacc


Thanks for this workaround, I'll use that for the time being.

Kind Regards,

Bas

--
 GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146  50D1 6750 F10A E88D 4AF1

Processed: closing 1011025

2022-05-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> close 1011025 0.11.4-2
Bug #1011025 [src:golang-github-containerd-stargz-snapshotter] 
golang-github-containerd-stargz-snapshotter FTBFS: cannot find package 
"github.com/ipfs/go-cid"
Marked as fixed in versions 
golang-github-containerd-stargz-snapshotter/0.11.4-2.
Bug #1011025 [src:golang-github-containerd-stargz-snapshotter] 
golang-github-containerd-stargz-snapshotter FTBFS: cannot find package 
"github.com/ipfs/go-cid"
Marked Bug as done
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1011025: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011025
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: tagging 1011131 ...

2022-05-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 1011131 + upstream
Bug #1011131 [src:josm] josm: FTBFS with JavaCC 6
Added tag(s) upstream.
> forwarded 1011131 https://github.com/simonpoole/OpeningHoursParser/issues/72
Bug #1011131 [src:josm] josm: FTBFS with JavaCC 6
Set Bug forwarded-to-address to 
'https://github.com/simonpoole/OpeningHoursParser/issues/72'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1011131: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011131
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Bug#1011130: libpipewire-0.3-0: should not recommend pipewire

2022-05-17 Thread Debian Bug Tracking System 
Processing control commands:

> severity -1 normal
Bug #1011130 [libpipewire-0.3-0] libpipewire-0.3-0: should not recommend 
pipewire
Severity set to 'normal' from 'critical'

-- 
1011130: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011130
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1011130: libpipewire-0.3-0: should not recommend pipewire

2022-05-17 Thread Sebastian Ramacher 
Control: severity -1 normal

On 2022-05-17 13:20:30, Vincent Lefevre wrote:
> Package: libpipewire-0.3-0
> Version: 0.3.51-1
> Severity: critical
> Justification: breaks unrelated software
> 
> Several packages depend on libpipewire-0.3-0 in order to have
> pipewire *support* (but they don't need pipewire: the user may
> want to use pulseaudio). However, libpipewire-0.3-0 currently
> has "Recommends: pipewire [...]", which means that the pipewire
> package is installed as a consequence, which runs the pipewire
> server automatically.
> 
> FYI, xdg-desktop-portal depends on libpipewire-0.3-0, and
> xdg-desktop-portal is automatically installed via dependencies
> from packages like atril (a document viewer), gnucash and
> viking.
> 
> Until now, this did not seem to have any major drawback (except
> that having a useless server running, just because that one wants
> pacakges like atril, gnucash or viking). But now that vlc has
> pipewire support in its plugins recommended by default, this
> breaks VLC when one just wants to use pulseaudio. Worse, this
> also breaks ogg123, with apparently ***no way of going back***
> (I suspect that the use of pipewire changed something in the
> configuration), unlike VLC.

There are plenty of ways to go back:
* uninstall the pipewire package
* disable the pipewire service

Also vlc still just works with pulseaudio.

Please stop using RC severities for your crusade against pipewire.

Cheers

> 
> Packages that need the pipewire server (instead of only pipewire
> support) could just depend on (or recommend) the pipewire package
> directly. Users who want the pipewire server can install the
> package directly.
> 
> Note that usually, libraries do not depend on packages providing
> daemons.
> 
> So, in short:
>   * The "Recommends: pipewire [...]" is useless.
>   * It breaks other software, even not written with pipewire in mind.
> 
> -- System Information:
> Debian Release: bookworm/sid
>   APT prefers unstable-debug
>   APT policy: (500, 'unstable-debug'), (500, 'stable-updates'), (500, 
> 'stable-security'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
> 'experimental')
> Architecture: amd64 (x86_64)
> 
> Kernel: Linux 5.17.0-2-amd64 (SMP w/8 CPU threads; PREEMPT)
> Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
> TAINT_UNSIGNED_MODULE
> Locale: LANG=POSIX, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
> LSM: AppArmor: enabled
> 
> Versions of packages libpipewire-0.3-0 depends on:
> ii  libc6   2.33-7
> ii  libspa-0.2-modules  0.3.51-1
> 
> Versions of packages libpipewire-0.3-0 recommends:
> ii  libpipewire-0.3-common  0.3.51-1
> ii  pipewire0.3.51-1
> 
> libpipewire-0.3-0 suggests no packages.
> 
> -- no debconf information
> 
> -- 
> Vincent Lefèvre  - Web: 
> 100% accessible validated (X)HTML - Blog: 
> Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

-- 
Sebastian Ramacher

Bug#1011131: josm: FTBFS with JavaCC 6

2022-05-17 Thread Emmanuel Bourg 
Source: josm
Version: 0.0.svn18427+dfsg-1
Severity: serious
Tags: ftbfs
Justification: FTBFS

josm fails to build with JavaCC 6:

[javac] 
/<>/src/ch/poole/openinghoursparser/OpeningHoursParserTokenManager.java:1182:
 error: incompatible types: possible lossy conversion from int to char
[javac]  throw new TokenMgrError(EOFSeen, curLexState, error_line, 
error_column, error_after, curChar, TokenMgrError.LEXICAL_ERROR);
[javac] 
  ^


This can be fixed by building with the javacc5 package instead of javacc

Bug#1011130: libpipewire-0.3-0: should not recommend pipewire

2022-05-17 Thread Vincent Lefevre 
Package: libpipewire-0.3-0
Version: 0.3.51-1
Severity: critical
Justification: breaks unrelated software

Several packages depend on libpipewire-0.3-0 in order to have
pipewire *support* (but they don't need pipewire: the user may
want to use pulseaudio). However, libpipewire-0.3-0 currently
has "Recommends: pipewire [...]", which means that the pipewire
package is installed as a consequence, which runs the pipewire
server automatically.

FYI, xdg-desktop-portal depends on libpipewire-0.3-0, and
xdg-desktop-portal is automatically installed via dependencies
from packages like atril (a document viewer), gnucash and
viking.

Until now, this did not seem to have any major drawback (except
that having a useless server running, just because that one wants
pacakges like atril, gnucash or viking). But now that vlc has
pipewire support in its plugins recommended by default, this
breaks VLC when one just wants to use pulseaudio. Worse, this
also breaks ogg123, with apparently ***no way of going back***
(I suspect that the use of pipewire changed something in the
configuration), unlike VLC.

Packages that need the pipewire server (instead of only pipewire
support) could just depend on (or recommend) the pipewire package
directly. Users who want the pipewire server can install the
package directly.

Note that usually, libraries do not depend on packages providing
daemons.

So, in short:
  * The "Recommends: pipewire [...]" is useless.
  * It breaks other software, even not written with pipewire in mind.

-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'stable-updates'), (500, 
'stable-security'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.17.0-2-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=POSIX, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libpipewire-0.3-0 depends on:
ii  libc6   2.33-7
ii  libspa-0.2-modules  0.3.51-1

Versions of packages libpipewire-0.3-0 recommends:
ii  libpipewire-0.3-common  0.3.51-1
ii  pipewire0.3.51-1

libpipewire-0.3-0 suggests no packages.

-- no debconf information

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Processed: found 937234 in 1.0.9-2

2022-05-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> found 937234 1.0.9-2
Bug #937234 [src:pam-python] pam-python: Python2 removal in sid/bullseye
Marked as found in versions pam-python/1.0.9-2.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
937234: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=937234
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1010813: marked as done (mutter: Let gtk4 4.6.3+ds1-2 migrate to testing first)

2022-05-17 Thread Debian Bug Tracking System 
Your message dated Tue, 17 May 2022 07:01:28 -0400
with message-id 

and subject line Re: mutter: Let gtk4 4.6.3+ds1-2 migrate to testing first
has caused the Debian Bug report #1010813,
regarding mutter: Let gtk4 4.6.3+ds1-2 migrate to testing first
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1010813: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010813
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: mutter
Version: 42.1-1
Severity: serious
Control: affects -1 src:gtk4

mutter 42.1-1 has a Breaks: libgtk-4-1 << 4.6.3+ds1-2
Therefore, mutter shouldn't be allowed to migrate to Testing until
that version of gtk4 is available in Testing.

Thank you,
Jeremy Bicha
--- End Message ---
--- Begin Message ---
X-CrossAssassin-Score: 34981--- End Message ---

Bug#1011127: libssl3 breaks systems vith VIA Nehemiah cpu

2022-05-17 Thread Wolfgang Walter 

Package: libssl3
Version: 3.0.3-4
Severity: grave

Systems with VIA Nehemiah cpu break after upgrading unstable. All 
commands using libssl3 fail with


traps: modprobe[2002] trap invalid opcode ip:b7c14700 sp:bfed3238 
error:0 in libcrypto.so.3[b7ac+24f000]
traps: sshd[1969] trap invalid opcode ip:b7b9c700 sp:bfedeaf8 error:0 in 
libcrypto.so.3[b7a48000+24f000]


lscpu shows:

Architecture:i686
CPU op-mode(s):  32-bit
Address sizes:   32 bits physical, 32 bits virtual
Byte Order:  Little Endian
CPU(s):  1
On-line CPU(s) list: 0
Vendor ID:   CentaurHauls
BIOS Vendor ID:  VIA
Model name:  VIA Nehemiah
BIOS Model name: Eden ESP
  CPU @ 1.0GHz

BIOS CPU family: 13
CPU family:  6
Model:   9
Thread(s) per core:  1
Core(s) per socket:  1
Socket(s):   1
Stepping:8
BogoMIPS:1995.89
Flags:   fpu vme de pse tsc msr cx8 sep mtrr pge 
cmov pat mmx fxsr sse cpuid rng rng_en ace ace_en

Vulnerability Itlb multihit: Processor vulnerable
Vulnerability L1tf:  Vulnerable
Vulnerability Mds:   Vulnerable: Clear CPU buffers 
attempted, no microcode; SMT disabled

Vulnerability Meltdown:  Vulnerable
Vulnerability Spec store bypass: Vulnerable
Vulnerability Spectre v1:Mitigation; usercopy/swapgs barriers 
and __user pointer sanitization
Vulnerability Spectre v2:Mitigation; Retpolines, STIBP disabled, 
RSB filling

Vulnerability Srbds: Not affected
Vulnerability Tsx async abort:   Not affected


Systems with a VIA Eden Processor do not show this problem (flags are 
fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge cmov pat clflush 
acpi mmx fxsr sse sse2 tm nx cpuid pni est tm2 xtpr rng rng_en ace 
ace_en ace2 ace2_en phe phe_en pmm pmm_en).




Regards,
--
Wolfgang Walter
Studentenwerk München
Anstalt des öffentlichen Rechts

Bug#1011124: [Pkg-javascript-devel] Bug#1011124: iotjs: is this package maintained?

2022-05-17 Thread Jérémy Lal 
Le mar. 17 mai 2022 à 12:00, Adam Borowski  a écrit :

> Source: iotjs
> Version: 1.0+715-1
> Severity: serious
> Justification: In the opinion of a QA person the package is unsuitable for
> release.
>
> Hi!
> This package appears to be unmaintained, and:
> * has a large set of CVEs reported.  They are also untriaged and have seen
>   no maintainer response.
> * blocks Python 2 removal
>

Also:
- very low upstream activity
- uses an experimental "new" js engine, jerryscript which is on low
activity too
- no reverse dependencies, no reverse build dependencies

Jérémy

Bug#1005718: mosh: FTBFS with OpenSSL 3.0

2022-05-17 Thread Vincent Lefevre 
On 2022-02-13 21:58:36 +0100, Sebastian Andrzej Siewior wrote:
> Your package is failing to build using OpenSSL 3.0 with the
> following error:
> 
> | c++ -DHAVE_CONFIG_H -I. -I../..  -I./../util  -Wdate-time 
> -D_FORTIFY_SOURCE=2 -Wall -Werror -Wextra -pedantic -Wno-long-long -Weffc++ 
> -Wmissing-declarations -fno-strict-overflow -D_FORTIFY_SOURCE=2 
> -fstack-protector-all -Wstack-protector --param ssp-buffer-size=1 -fPIE 
> -fno-default-inline -pipe -g -O2 -ffile-prefix-map=/<>=. 
> -Wformat -Werror=format-security -c -o ocb.o ocb.cc
> | ocb.cc: In function ‘void AES_ecb_encrypt_blks(block*, unsigned int, 
> AES_KEY*)’:
> | ocb.cc:360:80: error: ‘void AES_encrypt(const unsigned char*, unsigned 
> char*, const AES_KEY*)’ is deprecated: Since OpenSSL 3.0 
> [-Werror=deprecated-declarations]
> |   360 |   AES_encrypt((unsigned char *)(blks+nblks), (unsigned char 
> *)(blks+nblks), key);
> |   | 
>^

and other similar errors.

I suppose that the -Werror=deprecated-declarations errors are useful
only for the upstream developers (so that they know that they should
update their code).

Shouldn't Debian use -Wno-error=deprecated-declarations to ignore
the use of deprecated functions?

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Bug#1011124: iotjs: is this package maintained?

2022-05-17 Thread Adam Borowski 
Source: iotjs
Version: 1.0+715-1
Severity: serious
Justification: In the opinion of a QA person the package is unsuitable for 
release.

Hi!
This package appears to be unmaintained, and:
* has a large set of CVEs reported.  They are also untriaged and have seen
  no maintainer response.
* blocks Python 2 removal

I thus believe our users are better served by not being exposed to the
package in its current state.  If you disagree, please just close this bug.


Meow!

Bug#1006513: marked as done (openpace: FTBFS with OpenSSL 3.0)

2022-05-17 Thread Debian Bug Tracking System 
Your message dated Tue, 17 May 2022 09:33:53 +
with message-id 
and subject line Bug#1006513: fixed in openpace 
1.1.2+ds+git20220117+453c3d6b03a0-1
has caused the Debian Bug report #1006513,
regarding openpace: FTBFS with OpenSSL 3.0
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1006513: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006513
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: openpace
Version: 1.1.0+ds-1
Severity: important
Tags: bookworm sid
User: pkg-openssl-de...@lists.alioth.debian.org
Usertags: ftbfs-3.0

Your package is failing to build using OpenSSL 3.0 with the
following error:

| libtool: compile:  gcc -DHAVE_CONFIG_H -I. -I.. -DCVCDIR=\"/etc/eac/cvc\" 
-DX509DIR=\"/etc/eac/x509\" -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2 
-ffile-prefix-map=/<>=. -fstack-protector-strong -Wformat 
-Werror=format-security -Wall -pedantic -c cv_cert.c  -fPIC -DPIC -o 
.libs/libeac_la-cv_cert.o
| In file included from ./eac/cv_cert.h:37,
|  from ./eac/eac.h:35,
|  from eac_asn1.h:31,
|  from cv_cert.c:32:
| cv_cert.c:225:1: error: conflicting types for ‘i2d_CVC_CERT’; have 
‘int(const CVC_CERT *, unsigned char **)’ {aka ‘int(const struct 
cvc_cert_seq_st *, unsigned char **)’}
|   225 | IMPLEMENT_ASN1_FUNCTIONS(CVC_CERT)
|   | ^~~~
| In file included from ./eac/eac.h:35,
|  from eac_asn1.h:31,
|  from cv_cert.c:32:
| ./eac/cv_cert.h:341:5: note: previous declaration of ‘i2d_CVC_CERT’ with 
type ‘int(CVC_CERT *, unsigned char **)’ {aka ‘int(struct cvc_cert_seq_st 
*, unsigned char **)’}
|   341 | int i2d_CVC_CERT(CVC_CERT *a, unsigned char **out);
|   | ^~~~
| cv_cert.c: In function ‘CVC_pubkey2rsa’:
| cv_cert.c:542:5: warning: ‘RSA_new’ is deprecated: Since OpenSSL 3.0 
[-Wdeprecated-declarations]
|   542 | rsa = RSA_new();
|   | ^~~
| In file included from ssl_compat.h:8,
|  from cv_cert.c:37:
| /usr/include/openssl/rsa.h:201:28: note: declared here
|   201 | OSSL_DEPRECATEDIN_3_0 RSA *RSA_new(void);
|   |^~~
| cv_cert.c:546:5: warning: ‘RSA_set0_key’ is deprecated: Since OpenSSL 3.0 
[-Wdeprecated-declarations]
|   546 | check(RSA_set0_key(rsa,
|   | ^
| In file included from ssl_compat.h:8,
|  from cv_cert.c:37:
| /usr/include/openssl/rsa.h:207:27: note: declared here
|   207 | OSSL_DEPRECATEDIN_3_0 int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, 
BIGNUM *d);
|   |   ^~~~
| cv_cert.c:553:5: warning: ‘EVP_PKEY_set1_RSA’ is deprecated: Since 
OpenSSL 3.0 [-Wdeprecated-declarations]
|   553 | ok = EVP_PKEY_set1_RSA(out, rsa);
|   | ^~
| In file included from /usr/include/openssl/cmac.h:25,
|  from ./eac/eac.h:39,
|  from eac_asn1.h:31,
|  from cv_cert.c:32:
| /usr/include/openssl/evp.h:1344:5: note: declared here
|  1344 | int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, struct rsa_st *key);
|   | ^
| cv_cert.c:557:9: warning: ‘RSA_free’ is deprecated: Since OpenSSL 3.0 
[-Wdeprecated-declarations]
|   557 | RSA_free(rsa);
|   | ^~~~
| In file included from ssl_compat.h:8,
|  from cv_cert.c:37:
| /usr/include/openssl/rsa.h:293:28: note: declared here
|   293 | OSSL_DEPRECATEDIN_3_0 void RSA_free(RSA *r);
|   |^~~~
| cv_cert.c: In function ‘CVC_pubkey2eckey’:
| cv_cert.c:575:9: warning: ‘EC_KEY_new’ is deprecated: Since OpenSSL 3.0 
[-Wdeprecated-declarations]
|   575 | ec = EC_KEY_new();
|   | ^~
| In file included from ./eac/eac.h:40,
|  from eac_asn1.h:31,
|  from cv_cert.c:32:
| /usr/include/openssl/ec.h:966:31: note: declared here
|   966 | OSSL_DEPRECATEDIN_3_0 EC_KEY *EC_KEY_new(void);
|   |   ^~
| cv_cert.c:587:13: warning: ‘EC_KEY_free’ is deprecated: Since OpenSSL 3.0 
[-Wdeprecated-declarations]
|   587 | EC_KEY_free(ec);
|   | ^~~
| In file included from ./eac/eac.h:40,
|  from eac_asn1.h:31,
|  from cv_cert.c:32:
| /usr/include/openssl/ec.h:1001:28: note: declared here
|  1001 | OSSL_DEPRECATEDIN_3_0 void EC_KEY_free(EC_KEY *key);
|   |^~~
| cv_cert.c:592:9: warning: ‘EVP_PKEY_set1_EC_KEY’ is deprecated:

Bug#1011107: marked as done (binary packages should conflict/replace older ones)

2022-05-17 Thread Debian Bug Tracking System 
Your message dated Tue, 17 May 2022 08:40:43 +
with message-id 
and subject line Bug#1011107: fixed in waylandpp 1.0.0-3
has caused the Debian Bug report #1011107,
regarding binary packages should conflict/replace older ones
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1011107: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011107
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: waylandpp
Version: 1.0.0-1
Severity: serious

Perhaps libwayland-client++1 should conflict/replace
libwayland-client++0, and the same for cursor and egl packages?


Preparing to unpack .../libwayland-client++1_1.0.0-2_amd64.deb ...
Unpacking libwayland-client++1:amd64 (1.0.0-2) ...
dpkg: error processing archive 
/var/cache/apt/archives/libwayland-client++1_1.0.0-2_amd64.deb (--unpack):
 trying to overwrite '/usr/lib/x86_64-linux-gnu/libwayland-client++.so.1.0.0', 
which is also in package libwayland-client++0:amd64 1.0.0-1
Preparing to unpack .../libwayland-cursor++1_1.0.0-2_amd64.deb ...
Unpacking libwayland-cursor++1:amd64 (1.0.0-2) ...
dpkg: error processing archive 
/var/cache/apt/archives/libwayland-cursor++1_1.0.0-2_amd64.deb (--unpack):
 trying to overwrite '/usr/lib/x86_64-linux-gnu/libwayland-cursor++.so.1.0.0', 
which is also in package libwayland-cursor++0:amd64 1.0.0-1
Preparing to unpack .../libwayland-egl++1_1.0.0-2_amd64.deb ...
Unpacking libwayland-egl++1:amd64 (1.0.0-2) ...
dpkg: error processing archive 
/var/cache/apt/archives/libwayland-egl++1_1.0.0-2_amd64.deb (--unpack):
 trying to overwrite '/usr/lib/x86_64-linux-gnu/libwayland-egl++.so.1.0.0', 
which is also in package libwayland-egl++0:amd64 1.0.0-1
Errors were encountered while processing:
 /var/cache/apt/archives/libwayland-client++1_1.0.0-2_amd64.deb
 /var/cache/apt/archives/libwayland-cursor++1_1.0.0-2_amd64.deb
 /var/cache/apt/archives/libwayland-egl++1_1.0.0-2_amd64.deb


-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'stable-security'), (500, 
'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-11-amd64 (SMP w/2 CPU threads)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_US.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
--- End Message ---
--- Begin Message ---
Source: waylandpp
Source-Version: 1.0.0-3
Done: Georges Khaznadar 

We believe that the bug you reported is fixed in the latest version of
waylandpp, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1011...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Georges Khaznadar  (supplier of updated waylandpp package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 17 May 2022 09:32:49 +0200
Source: waylandpp
Architecture: source
Version: 1.0.0-3
Distribution: unstable
Urgency: medium
Maintainer: Georges Khaznadar 
Changed-By: Georges Khaznadar 
Closes: 1011107
Changes:
 waylandpp (1.0.0-3) unstable; urgency=medium
 .
   * Closes: #1011107, thanks to Thadeu Lima de Souza Cascardo;
 added conflict/replace clauses for libraries
Checksums-Sha1:
 12a57b52c9dd1f655bfbcf69c494f105718582ad 2527 waylandpp_1.0.0-3.dsc
 79ea3b612aaabaaaf0e6d9d3df0c569c765a93b7 6048 waylandpp_1.0.0-3.debian.tar.xz
 d651a3b90f9c528111ce65810664d01021309969 8896 
waylandpp_1.0.0-3_source.buildinfo
Checksums-Sha256:
 39e24ec7f7abe70502f4b6b19504cc2d58ec19562fc5e57269f974522eee5342 2527 
waylandpp_1.0.0-3.dsc
 16fc502d3f6aa221c2e9f4ff616dc76bcbe8468797b3b86adff4415ea99819ad 6048 
waylandpp_1.0.0-3.debian.tar.xz
 992bb20042790b8f8c67a385a7198b077799736ca6c6cc938f43f96f420035bc 8896 
waylandpp_1.0.0-3_source.buildinfo
Files:
 461e0a6aa0450e5be0a8c2a08c5ad4ca 2527 libs optional waylandpp_1.0.0-3.dsc
 b0e485ccf6e7eba17c656524c03c3e05 6048 libs optional 
waylandpp_1.0.0-3.debian.tar.xz
 f2b491d2569231a0fd97fface5fe2240 8896 libs optional 
waylandpp_1.0.0-3_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJIBAEBCAAyFiEEM0CzZP9nFT+3zK6FHCgWkHE2rjkFAmKDUN4UHGdlb3JnZXNr

Bug#1011118: libpython2.7-stdlib: Hardcoded dependency on libssl1.1

2022-05-17 Thread Adrian Bunk 
Package: libpython2.7-stdlib
Version: 2.7.18-13.1
Severity: serious

libssl1.1 is no longer being built by src:openssl.

Processed: tagging 999725, found 1011108 in 3.5+dfsg-5, tagging 1009101, fixed 1008657 in 1:14.0.1-1 ...

2022-05-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 999725 + experimental
Bug #999725 {Done: Mohammed Bilal } 
[src:ruby-omniauth-saml] ruby-omniauth-saml: FTBFS with ruby-omniauth 2.0.x: 
ERROR: Test "ruby2.7" failed: 
/usr/lib/ruby/vendor_ruby/rubygems/specification.rb:1404:in `rescue in block in 
activate_dependencies': Could not find 'omniauth' (~> 1.3, >= 1.3.2) among 77 
total gem(s) (Gem::MissingSpecError)
Added tag(s) experimental.
> found 1011108 3.5+dfsg-5
Bug #1011108 {Done: Andrius Merkys } [macromoleculebuilder] 
ftbfs: forces std=c++14
There is no source info for the package 'macromoleculebuilder' at version 
'3.5+dfsg-5' with architecture ''
Unable to make a source version for version '3.5+dfsg-5'
Marked as found in versions 3.5+dfsg-5.
> tags 1009101 - sid bookworm
Bug #1009101 {Done: Luca Boccassi } 
[network-manager-openconnect-gnome] network-manager-openconnect-gnome: GTK 4 
version needed for gnome-control-center 42
Removed tag(s) bookworm and sid.
> fixed 1008657 1:14.0.1-1
Bug #1008657 {Done: Sylvestre Ledru } [clang-14] 
clang-14: Integrate post v14.0.0 upstream patches
Marked as fixed in versions llvm-toolchain-14/1:14.0.1-1.
> fixed 952922 1.22.4-4
Bug #952922 {Done: Colin Watson } [groff] groff: bad 
ghostscript version in the font path
Bug #982302 {Done: Colin Watson } [groff] Outdated 
ghostscript font paths
Marked as fixed in versions groff/1.22.4-4.
Marked as fixed in versions groff/1.22.4-4.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1008657: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008657
1009101: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009101
1011108: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011108
952922: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952922
982302: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982302
999725: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999725
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: tagging 1011114, severity of 1011114 is serious

2022-05-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 104 + sid bookworm
Bug #104 [src:nvidia-cuda-toolkit] nivdia-cuda-toolkit: hardcodes 
dependencies on libssl1.1
Added tag(s) sid and bookworm.
> severity 104 serious
Bug #104 [src:nvidia-cuda-toolkit] nivdia-cuda-toolkit: hardcodes 
dependencies on libssl1.1
Severity set to 'serious' from 'normal'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
104: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=104
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: python-cryptography: FTBFS with OpenSSL 3.0

2022-05-17 Thread Debian Bug Tracking System 
Processing control commands:

> reopen -1
Bug #1006008 {Done: John Paul Adrian Glaubitz } 
[src:python-cryptography] python-cryptography: FTBFS with OpenSSL 3.0
Bug reopened
Ignoring request to alter fixed versions of bug #1006008 to the same values 
previously set

-- 
1006008: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006008
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1006008: python-cryptography: FTBFS with OpenSSL 3.0

2022-05-17 Thread John Paul Adrian Glaubitz 
Control: reopen -1

On 5/17/22 08:50, John Paul Adrian Glaubitz wrote:
> I just noticed the patches for OpenSSL 3.0 support have already been added to 
> the
> Debian package [1]. I also verified that the package builds fine in unstable
> with OpenSSL 3.0.
> 
> Therefore closing this bug report.

Hmm, I was too quick here. While the build itself succeeds, 17 tests are 
failing:

=== short test summary info 
SKIPPED [1] ../../../tests/hazmat/backends/test_openssl.py:192: Requires 
OpenSSL with ENGINE support and OpenSSL < 1.1.1d
SKIPPED [1] ../../../tests/hazmat/backends/test_openssl.py:233: Requires 
OpenSSL with ENGINE support and OpenSSL < 1.1.1d
SKIPPED [1] ../../../tests/hazmat/backends/test_openssl.py:240: Requires 
OpenSSL with ENGINE support and OpenSSL < 1.1.1d
SKIPPED [1] ../../../tests/hazmat/backends/test_openssl.py:251: Requires 
OpenSSL with ENGINE support and OpenSSL < 1.1.1d
SKIPPED [1] ../../../tests/hazmat/backends/test_openssl.py:262: Requires 
OpenSSL with ENGINE support and OpenSSL < 1.1.1d
SKIPPED [1] ../../../tests/hazmat/backends/test_openssl.py:270: Requires 
OpenSSL with ENGINE support and OpenSSL < 1.1.1d
SKIPPED [1] ../../../tests/hazmat/backends/test_openssl.py:285: Requires 
OpenSSL with ENGINE support and OpenSSL < 1.1.1d
SKIPPED [1] ../../../tests/hazmat/backends/test_openssl.py:425: Requires 
OpenSSL without rsa_oaep_md (< 1.0.2)
SKIPPED [1] ../../../tests/hazmat/backends/test_openssl.py:441: Requires 
OpenSSL without rsa_oaep_md (< 1.0.2)
SKIPPED [3] ../../../tests/hazmat/backends/test_openssl.py:612: Requires 
OpenSSL without EVP_PKEY_DHX (< 1.0.2)
SKIPPED [2] ../../../tests/hazmat/backends/test_openssl.py:642: Requires 
OpenSSL without EVP_PKEY_DHX (< 1.0.2)
SKIPPED [2] ../../../tests/hazmat/backends/test_openssl.py:664: Requires 
OpenSSL without EVP_PKEY_DHX (< 1.0.2)
SKIPPED [1] ../../../tests/hazmat/primitives/test_aead.py:41: Requires OpenSSL 
without ChaCha20Poly1305 support
SKIPPED [1] ../../../tests/hazmat/primitives/test_aes.py:258: AES in dummy-mode 
mode not supported
SKIPPED [1] ../../../tests/utils.py:30: 256-bit DH keys are not supported in 
OpenSSL 3.0.0+ ()
SKIPPED [1] ../../../tests/hazmat/primitives/test_dh.py:432: DH keys less than 
512 bits are unsupported
SKIPPED [1] ../../../tests/utils.py:30: Requires OpenSSL without Ed25519 
support ()
SKIPPED [1] ../../../tests/utils.py:30: Requires OpenSSL without Ed448 support 
()
SKIPPED [1] ../../../tests/hazmat/primitives/test_ed448.py:60: ed448 contexts 
are not currently supported
SKIPPED [1] ../../../tests/utils.py:30: Does not support IDEA ECB 
()
SKIPPED [1] ../../../tests/utils.py:30: Does not support IDEA CBC 
()
SKIPPED [1] ../../../tests/utils.py:30: Does not support IDEA OFB 
()
SKIPPED [1] ../../../tests/utils.py:30: Does not support IDEA CFB 
()
SKIPPED [480] ../../../tests/hazmat/primitives/utils.py:432: KBKDF does not 
support algorithm: cmac_aes128
SKIPPED [480] ../../../tests/hazmat/primitives/utils.py:432: KBKDF does not 
support algorithm: cmac_aes192
SKIPPED [480] ../../../tests/hazmat/primitives/utils.py:432: KBKDF does not 
support algorithm: cmac_aes256
SKIPPED [480] ../../../tests/hazmat/primitives/utils.py:432: KBKDF does not 
support algorithm: cmac_tdes2
SKIPPED [480] ../../../tests/hazmat/primitives/utils.py:432: KBKDF does not 
support algorithm: cmac_tdes3
SKIPPED [800] ../../../tests/hazmat/primitives/utils.py:438: Does not support 
counter location: middle_fixed
SKIPPED [1] ../../../tests/utils.py:30: Requires OpenSSL without poly1305 
support ()
SKIPPED [1] ../../../tests/utils.py:30: Requires backend without RSA OAEP label 
support ()
SKIPPED [4] ../../../tests/hazmat/primitives/test_serialization.py:1910: 
Requires bcrypt module
SKIPPED [1] ../../../tests/utils.py:30: Requires that bcrypt exists 
()
SKIPPED [1] ../../../tests/utils.py:30: Requires OpenSSL without X25519 support 
()
SKIPPED [1] ../../../tests/utils.py:30: Requires OpenSSL without X448 support 
()
SKIPPED [23] 
../../../../../../usr/lib/python3/dist-packages/_pytest/config/__init__.py:1473:
 no 'wycheproof_root' option found
SKIPPED [1] ../../../tests/utils.py:30: Requires OpenSSL < 1.1.0f 
()
SKIPPED [1] ../../../tests/utils.py:30: Requires LibreSSL 
()
== 17 failed, 2726 passed, 3261 skipped in 203.25s (0:03:23) ===

So, we need to ignore these failures for the package to build with OpenSSL.

Ignoring the failures should be safe as it's just the tests that assume OpenSSL 
to be version <= 1.1.1.

Adrian

-- 
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer
`. `'   Physicist
  `-GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913

Bug#1006008: marked as done (python-cryptography: FTBFS with OpenSSL 3.0)

2022-05-17 Thread Debian Bug Tracking System 
Your message dated Tue, 17 May 2022 08:50:44 +0200
with message-id <9c9bce41-ed6a-140b-0210-fd3c8834a...@physik.fu-berlin.de>
and subject line Re: python-cryptography: FTBFS with OpenSSL 3.0
has caused the Debian Bug report #1006008,
regarding python-cryptography: FTBFS with OpenSSL 3.0
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1006008: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006008
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: python-cryptography
Version: 3.4.8-1
Severity: important
Tags: bookworm sid
User: pkg-openssl-de...@lists.alioth.debian.org
Usertags: ftbfs-3.0
control: forwarded -1 https://github.com/pyca/cryptography/pull/6000

Your package is failing to build using OpenSSL 3.0 with the
following error:

| === FAILURES 
===
| __ TestPoly1305.test_vectors[vector0] 
__
| 
| self = 
| vector = {'key': 
b'', 'msg': 
b'...0',
 'tag': b''}
| backend = 
| 
| @pytest.mark.parametrize(
| "vector",
| load_vectors_from_file(
| os.path.join("poly1305", "rfc7539.txt"), load_nist_vectors
| ),
| )
| def test_vectors(self, vector, backend):
| key = binascii.unhexlify(vector["key"])
| msg = binascii.unhexlify(vector["msg"])
| tag = binascii.unhexlify(vector["tag"])
| poly = Poly1305(key)
| poly.update(msg)
| >   assert poly.finalize() == tag
| 
| ../../../tests/hazmat/primitives/test_poly1305.py:51: 
| _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
_ 
| cryptography/hazmat/primitives/poly1305.py:34: in finalize
| mac = self._ctx.finalize()
| cryptography/hazmat/backends/openssl/poly1305.py:56: in finalize
| self._backend.openssl_assert(res != 0)
| cryptography/hazmat/backends/openssl/backend.py:242: in openssl_assert
| return binding._openssl_assert(self._lib, ok, errors=errors)
| _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
_ 
| 
| lib = , ok = False
| errors = []
| 
| def _openssl_assert(lib, ok, errors=None):
| if not ok:
| if errors is None:
| errors = _consume_errors(lib)
| errors_with_text = _errors_with_text(errors)
| 
| >   raise InternalError(
| "Unknown OpenSSL error. This error is commonly encountered 
when "
| "another library is not cleaning up the OpenSSL error stack. 
If "
| "you are using cryptography with another library that uses "
| "OpenSSL try disabling it before reporting a bug. Otherwise "
| "please file an issue at 
https://github.com/pyca/cryptography/;
| "issues with information on how to reproduce "
| "this. ({0!r})".format(errors_with_text),
| errors_with_text,
| )
| E   cryptography.exceptions.InternalError: Unknown OpenSSL error. 
This error is commonly encountered when another library is not cleaning up the 
OpenSSL error stack. If you are using cryptography with another library that 
uses OpenSSL try disabling it before reporting a bug. Otherwise please file an 
issue at https://github.com/pyca/cryptography/issues with information on how to 
reproduce this. ([_OpenSSLErrorWithText(code=50331803, lib=6, reason=155, 
reason_text=b'error:039B:digital envelope routines::buffer too small')])
| 
| cryptography/hazmat/bindings/openssl/binding.py:77: InternalError

Full build log:
   
https://people.debian.org/~bigeasy/openssl-rebuild-3/attempted/python-cryptography_3.4.8-1_amd64-2022-02-15T03:33:24Z

For more information see:
https://www.openssl.org/docs/man3.0/man7/migration_guide.html

Sebastian
--- End Message ---
--- Begin Message ---
Hi!

I just noticed the patches for OpenSSL 3.0 support have already been added to 
the
Debian package [1]. I also verified that the package builds fine in unstable
with OpenSSL 3.0.

Therefore closing this bug report.

Adrian

> [1] 
> https://salsa.debian.org/python-team/packages/python-cryptography/-/tree/master/debian/patches/openssl3

-- 
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer
`. `'   Physicist
  `-GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913--- End Message ---

Bug#1006008: python-cryptography: FTBFS with OpenSSL 3.0

2022-05-17 Thread John Paul Adrian Glaubitz 
Hi!

> Looks like an upgrade to at least v35.0.0 is needed to fix this issue: 
> https://github.com/pyca/cryptography/issues/7039#issuecomment-1088566628=

Not necessarily. One of the Python core developers, Christian Heimes, actually
backported fixes for Python3.10 and OpenSSL 3.0.0 for Fedora [1].

I have extracted the patches and I'm attaching them to this bug report. I will
test whether they fix the build on Debian.

Adrian

> [1] 
> https://src.fedoraproject.org/rpms/python-cryptography/c/b166e77e86d756b18cd79aeced13f5f3b6341a50?branch=rawhide

-- 
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer
`. `'   Physicist
  `-GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913
From cb1908043d5daa7c5c38945c048c4a2477a46221 Mon Sep 17 00:00:00 2001
From: Paul Kehrer 
Date: Sun, 28 Feb 2021 16:06:11 -0600
Subject: [PATCH 1/4] fix pkcs12 parse ordering. fixes #5872 (#5879)

* fix pkcs12 parse ordering. fixes #5872

* remove an unneeded print

* simplify the test a bit more

* index

* black

* Update tests/hazmat/primitives/test_pkcs12.py

Co-authored-by: Alex Gaynor 

Co-authored-by: Alex Gaynor 
---
 .../hazmat/backends/openssl/backend.py|  5 +-
 tests/hazmat/primitives/test_pkcs12.py| 58 ++-
 2 files changed, 59 insertions(+), 4 deletions(-)

diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index 271873d9..a96d08d8 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -6,6 +6,7 @@
 import collections
 import contextlib
 import itertools
+import typing
 import warnings
 from contextlib import contextmanager
 
@@ -2562,9 +2563,7 @@ class Backend(object):
 sk_x509 = self._lib.sk_X509_new_null()
 sk_x509 = self._ffi.gc(sk_x509, self._lib.sk_X509_free)
 
-# reverse the list when building the stack so that they're encoded
-# in the order they were originally provided. it is a mystery
-for ca in reversed(cas):
+for ca in cas:
 res = self._lib.sk_X509_push(sk_x509, ca._x509)
 backend.openssl_assert(res >= 1)
 
diff --git a/tests/hazmat/primitives/test_pkcs12.py b/tests/hazmat/primitives/test_pkcs12.py
index b5de09f9..b1759a1b 100644
--- a/tests/hazmat/primitives/test_pkcs12.py
+++ b/tests/hazmat/primitives/test_pkcs12.py
@@ -4,13 +4,15 @@
 
 
 import os
+from datetime import datetime
 
 import pytest
 
 from cryptography import x509
 from cryptography.hazmat.backends.interfaces import DERSerializationBackend
 from cryptography.hazmat.backends.openssl.backend import _RC2
-from cryptography.hazmat.primitives import serialization
+from cryptography.hazmat.primitives import hashes, serialization
+from cryptography.hazmat.primitives.asymmetric import ec
 from cryptography.hazmat.primitives.serialization import load_pem_private_key
 from cryptography.hazmat.primitives.serialization.pkcs12 import (
 load_key_and_certificates,
@@ -273,3 +275,57 @@ class TestPKCS12Creation(object):
 DummyKeySerializationEncryption(),
 )
 assert str(exc.value) == "Unsupported key encryption type"
+
+
+def test_pkcs12_ordering():
+"""
+In OpenSSL < 3.0.0 PKCS12 parsing reverses the order. However, we
+accidentally thought it was **encoding** that did it, leading to bug
+https://github.com/pyca/cryptography/issues/5872
+This test ensures our ordering is correct going forward.
+"""
+
+def make_cert(name):
+key = ec.generate_private_key(ec.SECP256R1())
+subject = x509.Name(
+[
+x509.NameAttribute(x509.NameOID.COMMON_NAME, name),
+]
+)
+now = datetime.utcnow()
+cert = (
+x509.CertificateBuilder()
+.subject_name(subject)
+.issuer_name(subject)
+.public_key(key.public_key())
+.serial_number(x509.random_serial_number())
+.not_valid_before(now)
+.not_valid_after(now)
+.sign(key, hashes.SHA256())
+)
+return (key, cert)
+
+# Make some certificates with distinct names.
+a_name = "A" * 20
+b_name = "B" * 20
+c_name = "C" * 20
+a_key, a_cert = make_cert(a_name)
+_, b_cert = make_cert(b_name)
+_, c_cert = make_cert(c_name)
+
+# Bundle them in a PKCS#12 file in order A, B, C.
+p12 = serialize_key_and_certificates(
+b"p12", a_key, a_cert, [b_cert, c_cert], serialization.NoEncryption()
+)
+
+# Parse them out. The API should report them in the same order.
+(key, cert, certs) = load_key_and_certificates(p12, None)
+assert cert == a_cert
+assert certs == [b_cert, c_cert]
+
+# The ordering in the PKCS#12 file itself should also match.
+a_idx = p12.index(a_name.encode("utf-8"))
+b_idx = p12.index(b_name.encode("utf-8"))
+c_idx =

Bug#1011108: marked as done (ftbfs: forces std=c++14)

2022-05-17 Thread Debian Bug Tracking System 
Your message dated Tue, 17 May 2022 06:18:52 +
with message-id 
and subject line Bug#1011108: fixed in macromoleculebuilder 3.5+dfsg-6
has caused the Debian Bug report #1011108,
regarding ftbfs: forces std=c++14
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1011108: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011108
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: macromoleculebuilder
Severity: serious
Tags: patch ftbfs
Justification: fails to build from source (but built successfully in the past)
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu kinetic ubuntu-patch

Dear maintainers,

The macromoleculebuilder source package fails to build in Debian unstable:

[...]
/usr/bin/c++ -DBuildNtC -DLEPTON_BUILDING_STATIC_LIBRARY -DLepton_USAGE 
-DMMBlib_EXPORTS -DUSE_MMB_CONSTEXPR -DUSE_OPENMM -isystem 
/tmp/macromoleculebuilder-3.5+dfsg/include -isystem 
/usr/include/simbody-isystem /usr/include/openmm -isystem 
/usr/include/openmm/reference -isystem /include -isystem 
/tmp/macromoleculebuilder-3.5+dfsg/3rdparty/Lepton1.3/include -D BuildNtC -D 
USE_OPENMM -g -O2 -ffile-prefix-map=/tmp/macromoleculebuilder-3.5+dfsg=. 
-fstack-protector-strong -Wformat -Werror=format-security -O0 
-fvisibility=hidden -O3 -DNDEBUG -fPIC -DMMB_BUILDING_SHARED_LIBRARY -std=c++14 
-MD -MT CMakeFiles/MMBlib.dir/src/ConstraintContainer.cpp.o -MF 
CMakeFiles/MMBlib.dir/src/ConstraintContainer.cpp.o.d -o 
CMakeFiles/MMBlib.dir/src/ConstraintContainer.cpp.o -c 
/tmp/macromoleculebuilder-3.5+dfsg/src/ConstraintContainer.cpp
In file included from /usr/include/tao/pegtl.hpp:8,
 from /usr/include/gemmi/cif.hpp:13,
 from /usr/include/gemmi/mmread.hpp:9,
 from /usr/include/molmodel/internal/Compound.h:48,
 from /usr/include/SimTKmolmodel.h:53,
 from 
/tmp/macromoleculebuilder-3.5+dfsg/include/UnitCellParameters.h:3,
 from 
/tmp/macromoleculebuilder-3.5+dfsg/src/UnitCellParameters.cpp:4:
/usr/include/tao/pegtl/demangle.hpp:23:33: error: 'string_view' in namespace 
'std' does not name a type
   23 |[[nodiscard]] constexpr std::string_view demangle() noexcept;
[...]

This is because tao-pegtl-dev now requires C++17, but -std=c++14 is being
forced.

I've uploaded the attached patch in Ubuntu to work around this by forcing
c++17 instead of c++14.  You could also probably drop the forcing entirely,
since the default standard nowadays is gnu17 (C++17 with GNU extensions).

The package currently still fails to build from source because gemmi's
headers are also incompatible with the new tao-pegtl; but I'm hoping this
will be resolved when bug #1009415 is fixed.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru macromoleculebuilder-3.5+dfsg/debian/patches/CXX17.patch 
macromoleculebuilder-3.5+dfsg/debian/patches/CXX17.patch
--- macromoleculebuilder-3.5+dfsg/debian/patches/CXX17.patch1969-12-31 
16:00:00.0 -0800
+++ macromoleculebuilder-3.5+dfsg/debian/patches/CXX17.patch2022-05-16 
18:02:44.0 -0700
@@ -0,0 +1,21 @@
+Description: Use C++17 standard, not C++14.
+ The macromoleculebuilder tries to force C++14 in the compiler to ensure
+ access to newer language features.  However, C++14 is now too *old* for
+ some of the build-dependencies (tao-pegtl-dev) and causes a build failure.
+Author: Steve Langasek 
+Last-Update: 2022-05-16
+Forwarded: no
+
+Index: macromoleculebuilder-3.5+dfsg/CMakeLists.txt
+===
+--- macromoleculebuilder-3.5+dfsg.orig/CMakeLists.txt
 macromoleculebuilder-3.5+dfsg/CMakeLists.txt
+@@ -8,7 +8,7 @@
+ 
+ PROJECT(MMB LANGUAGES CXX)
+ 
+-SET(CMAKE_CXX_STANDARD 14)
++SET(CMAKE_CXX_STANDARD 17)
+ SET(CMAKE_CXX_EXTENSIONS OFF)
+ SET(CMAKE_CXX_STANDARD_REQUIRED ON)
+ 
diff -Nru macromoleculebuilder-3.5+dfsg/debian/patches/series 
macromoleculebuilder-3.5+dfsg/debian/patches/series
--- macromoleculebuilder-3.5+dfsg/debian/patches/series 2022-03-30 
03:37:26.0 -0700
+++ macromoleculebuilder-3.5+dfsg/debian/patches/series 2022-05-16 
18:01:18.0 -0700
@@ -1,2 +1,3 @@
 fix-Lepton-path.patch
 fix-Gemmi-compatibility.patch
+CXX17.patch
--- End Message ---
--- Begin Message ---
Source: macromoleculebuilder
Source-Version: 3.5+dfsg-6

Bug#1010958: marked as done (sscg FTBFS with OpenSSL 3.0.3)

2022-05-17 Thread Debian Bug Tracking System 
Your message dated Tue, 17 May 2022 08:08:01 +0200
with message-id 
and subject line Re: Bug#1010958: sscg FTBFS with OpenSSL 3.0.3
has caused the Debian Bug report #1010958,
regarding sscg FTBFS with OpenSSL 3.0.3
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1010958: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010958
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: sscg
Version: 3.0.2-1
Severity: serious
Tags: ftbfs

https://buildd.debian.org/status/logs.php?pkg=sscg=3.0.2-1%2Bb1

...
 1/10 generate_rsa_key_test FAIL  0.01s   killed by signal 11 
SIGSEGV
04:32:21 MALLOC_PERTURB_=87 
/<>/obj-x86_64-linux-gnu/generate_rsa_key_test
...

Summary of Failures:

 1/10 generate_rsa_key_test FAIL  0.01s   killed by signal 11 
SIGSEGV


Ok: 9   
Expected Fail:  0   
Fail:   1   
Unexpected Pass:0   
Skipped:0   
Timeout:0   
dh_auto_test: error: cd obj-x86_64-linux-gnu && LC_ALL=C.UTF-8 
MESON_TESTTHREADS=4 ninja test returned exit code 1
make: *** [debian/rules:6: binary-arch] Error 25
--- End Message ---
--- Begin Message ---
Version: 3.0.3-4

I confirm that sscg builds/tests fine with 3.0.3-4 again.

Thanks Sebastian!

Martin--- End Message ---