date:20230912

Bug#1041504: moc: FTBFS with ffmpeg 6.0

2023-09-12 Thread Shengjing Zhu

Hi,

On Wed, Jul 19, 2023 at 09:48:41PM +0200, Sebastian Ramacher wrote:
> Source: moc
> Version: 1:2.6.0~svn-r3005-3
> Severity: important
> Tags: ftbfs sid trixie
> X-Debbugs-Cc: sramac...@debian.org
> 
> moc FTBFS with ffmpeg 6.0 (available in experimental):

I NMU 2.6.0~svn-r3005-3.1 which fixes building with ffmpeg 6.0.

Please see patch at https://salsa.debian.org/riesebie/moc/-/merge_requests/3

Bug#1039985: libjson-smart-java: buster-lts has a newer version than bullseye/bookworm/sid

2023-09-12 Thread tony mancill

On Fri, Jun 30, 2023 at 06:46:06PM +0200, Andreas Beckmann wrote:
> Package: libjson-smart-java
> Version: 2.2-2
> Severity: serious
> Tags: bullseye bookworm trixie sid
> 
> Hi,
> 
> during a test with piuparts I noticed your package cannot be upgraded
> from buster-lts to any newer release since buster-lts has a version
> newer than any later release:
> 
>  json-smart | 2.2-1 | stretch | source
>  json-smart | 2.2-2 | buster  | source
>  json-smart | 2.2-2 | bullseye| source
>  json-smart | 2.2-2 | bookworm| source
>  json-smart | 2.2-2 | trixie  | source
>  json-smart | 2.2-2 | sid | source
>  json-smart | 2.2-2+deb10u1 | buster-security | source

I am working on an upload of a new upstream version 2.5.0 that will take
care of trixie and sid.  Bastien, are you planning on uploading a
patched 2.2 to bullseye and bookworm?

Thanks,
tony

Bug#1051822: installed chrony package post-installation script subprocess returned error exit status 1

2023-09-12 Thread Anibal Monsalve Salazar

Installing adduser (3.137) fixed this bug for me.

Maybe there is a missing dependency on adduser (3.137).

Bug#1051822: installed chrony package post-installation script subprocess returned error exit status 1

2023-09-12 Thread Anibal Monsalve Salazar

Package: chrony
Version: 4.2-2
Severity: critical

# dpkg -i /mnt/apt/archives/chrony_4.4-1_i386.deb
(Reading database ... 34682 files and directories currently installed.)
Preparing to unpack .../archives/chrony_4.4-1_i386.deb ...
Failed to stop chronyd-restricted.service: Unit chronyd-restricted.service not 
loaded.
Unpacking chrony (4.4-1) over (4.3-4) ...
Setting up chrony (4.4-1) ...
Unknown option: comment
adduser [--home DIR] [--shell SHELL] [--no-create-home] [--uid ID]
[--firstuid ID] [--lastuid ID] [--gecos GECOS] [--ingroup GROUP | --gid ID]
[--disabled-password] [--disabled-login] [--add_extra_groups] USER
   Add a normal user

adduser --system [--home DIR] [--shell SHELL] [--no-create-home] [--uid ID]
[--gecos GECOS] [--group | --ingroup GROUP | --gid ID] [--disabled-password]
[--disabled-login] [--add_extra_groups] USER
   Add a system user

adduser --group [--gid ID] GROUP
addgroup [--gid ID] GROUP
   Add a user group

addgroup --system [--gid ID] GROUP
   Add a system group

adduser USER GROUP
   Add an existing user to an existing group

general options:
  --quiet | -q  don't give process information to stdout
  --force-badname   allow usernames which do not match the
NAME_REGEX configuration variable
  --help | -h   usage message
  --version | -vversion number and copyright
  --conf | -c FILE  use FILE as configuration file

dpkg: error processing package chrony (--install):
 installed chrony package post-installation script subprocess returned error 
exit status 1
Processing triggers for man-db (2.11.2-3) ...
Errors were encountered while processing:
 chrony

Bug#1051815: wasmedge - autopkgtest failure with rustc 1.68

2023-09-12 Thread Peter Green


On 12/09/2023 23:30, Faidon Liambotis wrote:

Control: reassign -1 rustc 1.68.2+dfsg1-1
Control: retitle -1 Builds invalid wasm32 binaries (1.67->1.68 regression)

On Tue, Sep 12, 2023 at 10:56:57PM +0100, Peter Green wrote:

The autopkgtests for wasmedge fail with rustc 1.68, I have observed this with
both testing and unstable's versions of wasmedge, and with both testing and
unstable's versions of wasi-lib.

Thanks for the report. Actually, I think the WasmEdge autopkgtests are
catching a rustc 1.68 regression, whereas rustc compiles wasm32 binaries
that do not work with neither WasmEdge, nor Wasmtime (the latter is not
in Debian).

And it seems the issue persists with rustc 1.69 :(

https://ci.debian.net/data/autopkgtest/unstable/amd64/w/wasmedge/37797497/log.gz


Very simple test case:

$ podman run --rm -it debian:sid  # or bookworm to test with rustc 1.67

root@ad697f1c195f:~# apt install rustc libstd-rust-dev-wasm32
[...]
root@ad697f1c195f:~# rustc -V
rustc 1.68.2
root@ad697f1c195f:~# cat > hello.rs

Bug#1050687: marked as done (poetry: needs internet access during build?)

2023-09-12 Thread Debian Bug Tracking System

Your message dated Wed, 13 Sep 2023 02:46:28 +
with message-id 
and subject line Bug#1050688: fixed in poetry 1.6.1+dfsg-2
has caused the Debian Bug report #1050688,
regarding poetry: needs internet access during build?
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1050688: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050688
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

Source: poetry:
Version: 1.5.1+dfsg-4
Severity: serious

Hello, this looks similar to #1031444 but with different test log, so I prefer 
to open a new defect.
The issue however might be linked, due to the fact that poetry looks doing some 
remote connections to github
during testsuite run.
If you disable internet access you might see that the package FTBFS

dpkg-buildpackage: info: source package poetry
dpkg-buildpackage: info: source version 1.5.1+dfsg-3
dpkg-buildpackage: info: source distribution unstable
 dpkg-source --before-build .
dpkg-buildpackage: info: host architecture amd64
dpkg-source: info: using options from poetry-1.5.1+dfsg/debian/source/options: 
--extend-diff-ignore=^[^/]*[.]egg-info/
 debian/rules clean
dh clean --with python3 --buildsystem=pybuild
   dh_auto_clean -O--buildsystem=pybuild
   dh_autoreconf_clean -O--buildsystem=pybuild
   dh_clean -O--buildsystem=pybuild
 debian/rules binary
dh binary --with python3 --buildsystem=pybuild
   dh_update_autotools_config -O--buildsystem=pybuild
   dh_autoreconf -O--buildsystem=pybuild
   dh_auto_configure -O--buildsystem=pybuild
   dh_auto_build -O--buildsystem=pybuild
I: pybuild plugin_pyproject:110: Building wheel for python3.11 with "build" 
module
I: pybuild base:291: python3.11 -m build --skip-dependency-check --no-isolation --wheel 
--outdir /<>/.pybuild/cpython3_3.11_poetry
* Building wheel...
Successfully built poetry-1.5.1-py3-none-any.whl
I: pybuild plugin_pyproject:122: Unpacking wheel built for python3.11 with 
"installer" module
   dh_auto_test -O--buildsystem=pybuild
I: pybuild base:291: cd /<>/.pybuild/cpython3_3.11_poetry/build; 
python3.11 -m pytest --ignore=tests/console/commands/env/test_list.py 
--ignore=tests/console/commands/env/test_remove.py 
--ignore=tests/console/commands/env/test_use.py --ignore=tests/utils/test_env.py 
--ignore=tests/config/test_config.py --ignore=tests/utils/test_helpers.py -k 'not 
test_self_update_should_install_all_necessary_elements and not 
test_add_file_constraint_sdist and not test_add_file_constraint_sdist_old_installer and not 
test_builder_setup_generation_runs_with_pip_editable and not test_publish_dry_run and not 
test_info_from_sdist and not test_installer_can_install_dependencies_from_forced_source and 
not test_search_for_file_sdist and not test_search_for_file_sdist_with_extras and not 
test_solver_can_resolve_sdist_dependencies and not 
test_solver_can_resolve_sdist_dependencies_with_extras and not 
test_solver_chooses_from_correct_repository_if_forced and not 
test_solver_chooses_from_correct_repository_if_forced_and_transitive_dependency and not 
test_solver_does_not_choose_from_secondary_repository_by_default and not 
test_solver_chooses_from_secondary_if_explicit and not 
test_get_package_information_fallback_read_setup and not 
test_get_package_information_skips_dependencies_with_invalid_constraints and not 
test_get_package_retrieves_packages_with_no_hashes and not 
test_fallback_can_read_setup_to_get_dependencies and not 
test_exporter_can_export_requirements_txt_with_file_packages and not 
test_exporter_can_export_requirements_txt_with_file_packages_and_markers and not 
test_lock_no_update and not test_locker_dumps_dependency_information_correctly and not 
test_package_partial_yank and not test_run_installs_with_same_version_url_files and not 
test_env_info_displays_complete_info and not test_skip_existing_output and not 
test_installer_should_use_the_locked_version_of_git_dependencies_with_extras and not 
test_installer_should_use_the_locked_version_of_git_dependencies_without_reference and not 
test_installer_uses_prereleases_if_they_are_compatible and not 
test_requirement_git_subdirectory and not test_check_valid and not test_check_invalid and 
not test_packages_property_returns_empty_list and not test_parse_dependency_specification 
and not test_info_setup_missing_mandatory_should_trigger_pep517 and not 
test_uninstall_git_package_nspkg_pth_cleanup and not 
test_executor_should_write_pep610_url_references_for_directories and not 
test_executor_should_write_pep610_url_references_for_git and not

Bug#1050688: marked as done (poetry: needs internet access during build?)

2023-09-12 Thread Debian Bug Tracking System

Your message dated Wed, 13 Sep 2023 02:46:28 +
with message-id 
and subject line Bug#1050688: fixed in poetry 1.6.1+dfsg-2
has caused the Debian Bug report #1050688,
regarding poetry: needs internet access during build?
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1050688: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050688
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

Source: poetry:
Version: 1.5.1+dfsg-4
Severity: serious

Hello, this looks similar to #1031444 but with different test log, so I prefer 
to open a new defect.
The issue however might be linked, due to the fact that poetry looks doing some 
remote connections to github
during testsuite run.
If you disable internet access you might see that the package FTBFS

dpkg-buildpackage: info: source package poetry
dpkg-buildpackage: info: source version 1.5.1+dfsg-3
dpkg-buildpackage: info: source distribution unstable
 dpkg-source --before-build .
dpkg-buildpackage: info: host architecture amd64
dpkg-source: info: using options from poetry-1.5.1+dfsg/debian/source/options: 
--extend-diff-ignore=^[^/]*[.]egg-info/
 debian/rules clean
dh clean --with python3 --buildsystem=pybuild
   dh_auto_clean -O--buildsystem=pybuild
   dh_autoreconf_clean -O--buildsystem=pybuild
   dh_clean -O--buildsystem=pybuild
 debian/rules binary
dh binary --with python3 --buildsystem=pybuild
   dh_update_autotools_config -O--buildsystem=pybuild
   dh_autoreconf -O--buildsystem=pybuild
   dh_auto_configure -O--buildsystem=pybuild
   dh_auto_build -O--buildsystem=pybuild
I: pybuild plugin_pyproject:110: Building wheel for python3.11 with "build" 
module
I: pybuild base:291: python3.11 -m build --skip-dependency-check --no-isolation --wheel 
--outdir /<>/.pybuild/cpython3_3.11_poetry
* Building wheel...
Successfully built poetry-1.5.1-py3-none-any.whl
I: pybuild plugin_pyproject:122: Unpacking wheel built for python3.11 with 
"installer" module
   dh_auto_test -O--buildsystem=pybuild
I: pybuild base:291: cd /<>/.pybuild/cpython3_3.11_poetry/build; 
python3.11 -m pytest --ignore=tests/console/commands/env/test_list.py 
--ignore=tests/console/commands/env/test_remove.py 
--ignore=tests/console/commands/env/test_use.py --ignore=tests/utils/test_env.py 
--ignore=tests/config/test_config.py --ignore=tests/utils/test_helpers.py -k 'not 
test_self_update_should_install_all_necessary_elements and not 
test_add_file_constraint_sdist and not test_add_file_constraint_sdist_old_installer and not 
test_builder_setup_generation_runs_with_pip_editable and not test_publish_dry_run and not 
test_info_from_sdist and not test_installer_can_install_dependencies_from_forced_source and 
not test_search_for_file_sdist and not test_search_for_file_sdist_with_extras and not 
test_solver_can_resolve_sdist_dependencies and not 
test_solver_can_resolve_sdist_dependencies_with_extras and not 
test_solver_chooses_from_correct_repository_if_forced and not 
test_solver_chooses_from_correct_repository_if_forced_and_transitive_dependency and not 
test_solver_does_not_choose_from_secondary_repository_by_default and not 
test_solver_chooses_from_secondary_if_explicit and not 
test_get_package_information_fallback_read_setup and not 
test_get_package_information_skips_dependencies_with_invalid_constraints and not 
test_get_package_retrieves_packages_with_no_hashes and not 
test_fallback_can_read_setup_to_get_dependencies and not 
test_exporter_can_export_requirements_txt_with_file_packages and not 
test_exporter_can_export_requirements_txt_with_file_packages_and_markers and not 
test_lock_no_update and not test_locker_dumps_dependency_information_correctly and not 
test_package_partial_yank and not test_run_installs_with_same_version_url_files and not 
test_env_info_displays_complete_info and not test_skip_existing_output and not 
test_installer_should_use_the_locked_version_of_git_dependencies_with_extras and not 
test_installer_should_use_the_locked_version_of_git_dependencies_without_reference and not 
test_installer_uses_prereleases_if_they_are_compatible and not 
test_requirement_git_subdirectory and not test_check_valid and not test_check_invalid and 
not test_packages_property_returns_empty_list and not test_parse_dependency_specification 
and not test_info_setup_missing_mandatory_should_trigger_pep517 and not 
test_uninstall_git_package_nspkg_pth_cleanup and not 
test_executor_should_write_pep610_url_references_for_directories and not 
test_executor_should_write_pep610_url_references_for_git and not

Processed: Bug#1050688 marked as pending in poetry

2023-09-12 Thread Debian Bug Tracking System

Processing control commands:

> tag -1 pending
Bug #1050688 [src:poetry] poetry: needs internet access during build?
Bug #1050687 [src:poetry] poetry: needs internet access during build?
Added tag(s) pending.
Added tag(s) pending.

-- 
1050687: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050687
1050688: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050688
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1050688: marked as pending in poetry

2023-09-12 Thread Emmanuel Arias

Control: tag -1 pending

Hello,

Bug #1050688 in poetry reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/python-team/packages/poetry/-/commit/57428349dc5f0b0322c9a853e932669fea3a5d91


d/rules: Skip the next tests that use internet (Closes: #1050688):

* d/rules: Skip the next tests that use internet (Closes: #1050688):
 - test_installer_with_pypi_repository
 - test_prepare_directory_editable
 - test_prepare_directory
 - test_prepare_directory_with_extensions


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/1050688

Bug#1050688: marked as pending in poetry

2023-09-12 Thread Emmanuel Arias

Control: tag -1 pending

Hello,

Bug #1050688 in poetry reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/python-team/packages/poetry/-/commit/57428349dc5f0b0322c9a853e932669fea3a5d91


d/rules: Skip the next tests that use internet (Closes: #1050688):

* d/rules: Skip the next tests that use internet (Closes: #1050688):
 - test_installer_with_pypi_repository
 - test_prepare_directory_editable
 - test_prepare_directory
 - test_prepare_directory_with_extensions


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/1050688

Processed: Bug#1050688 marked as pending in poetry

2023-09-12 Thread Debian Bug Tracking System

Processing control commands:

> tag -1 pending
Bug #1050688 [src:poetry] poetry: needs internet access during build?
Bug #1050687 [src:poetry] poetry: needs internet access during build?
Ignoring request to alter tags of bug #1050688 to the same tags previously set
Ignoring request to alter tags of bug #1050687 to the same tags previously set

-- 
1050687: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050687
1050688: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050688
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1050688: poetry: needs internet access during build?

2023-09-12 Thread Emmanuel Arias

Hi,

I can confirm that the next 4 tests needs internet to work:

* tests/installation/test_installer.py::test_installer_with_pypi_repository
* tests/installation/test_chef.py::test_prepare_directory_editable
* tests/installation/test_chef.py::test_prepare_directory
* tests/installation/test_chef.py::test_prepare_directory_with_extensions

I will thank you if you can tell me how run in a not internet builder.
My solution was just disconnect my RJ-45 from the computer to test the
no internet because I didn't found a solution from autopkgtest or sbuild
:-D.

Cheers,
Emmanuel


signature.asc
Description: PGP signature

Bug#1051811: pytorch-vision: Failing autopkgtests

2023-09-12 Thread Jeremy Bícha

On Tue, Sep 12, 2023 at 6:08 PM Petter Reinholdtsen  wrote:
> [Jeremy Bícha]
> > Autopkgtest failures currently prevent migration to Testing even when
> > the autopkgtests have never passed on an architecture.
>
> As far as I know, a test that never succeeded will not be considered a
> regression and will not block migration.
>
> https://tracker.debian.org/pkg/pytorch-vision > claim the failing
> ppc64el and s390x tests are regression.  Is this wrong?

If you click ppc64el (or any architecture) from that page, it shows
the test history. That test has only been run once on that
architecture and it failed.

Currently, Debian is set up to block migration even for this case.
That is why pytorch-vision has not migrated to Testing despite meeting
the 5 day wait.

Ubuntu's migration system does not block for an autopkgtest that never
succeeded but Debian's is stricter, perhaps to discourage autopkgtests
being run that never pass? Debian's autopkgtest system may have been
looser earlier but it has been this way for a while now.

Thank you,
Jeremy Bícha

Bug#1051815: wasmedge - autopkgtest failure with rustc 1.68

2023-09-12 Thread Faidon Liambotis

Control: reassign -1 rustc 1.68.2+dfsg1-1
Control: retitle -1 Builds invalid wasm32 binaries (1.67->1.68 regression)

On Tue, Sep 12, 2023 at 10:56:57PM +0100, Peter Green wrote:
> The autopkgtests for wasmedge fail with rustc 1.68, I have observed this with
> both testing and unstable's versions of wasmedge, and with both testing and
> unstable's versions of wasi-lib.

Thanks for the report. Actually, I think the WasmEdge autopkgtests are
catching a rustc 1.68 regression, whereas rustc compiles wasm32 binaries
that do not work with neither WasmEdge, nor Wasmtime (the latter is not
in Debian).

Very simple test case:

$ podman run --rm -it debian:sid  # or bookworm to test with rustc 1.67

root@ad697f1c195f:~# apt install rustc libstd-rust-dev-wasm32
[...]
root@ad697f1c195f:~# rustc -V
rustc 1.68.2
root@ad697f1c195f:~# cat > hello.rs

Processed: Re: Bug#1051815: wasmedge - autopkgtest failure with rustc 1.68

2023-09-12 Thread Debian Bug Tracking System

Processing control commands:

> reassign -1 rustc 1.68.2+dfsg1-1
Bug #1051815 [wasmedge] wasmedge - autopkgtest failure with rustc 1.68
Bug reassigned from package 'wasmedge' to 'rustc'.
No longer marked as found in versions wasmedge/0.13.3+dfsg-1.
Ignoring request to alter fixed versions of bug #1051815 to the same values 
previously set
Bug #1051815 [rustc] wasmedge - autopkgtest failure with rustc 1.68
Marked as found in versions rustc/1.68.2+dfsg1-1.
> retitle -1 Builds invalid wasm32 binaries (1.67->1.68 regression)
Bug #1051815 [rustc] wasmedge - autopkgtest failure with rustc 1.68
Changed Bug title to 'Builds invalid wasm32 binaries (1.67->1.68 regression)' 
from 'wasmedge - autopkgtest failure with rustc 1.68'.

-- 
1051815: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051815
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1051811: pytorch-vision: Failing autopkgtests

2023-09-12 Thread Petter Reinholdtsen

[Jeremy Bícha]
> Autopkgtest failures currently prevent migration to Testing even when
> the autopkgtests have never passed on an architecture.

As far as I know, a test that never succeeded will not be considered a
regression and will not block migration.

https://tracker.debian.org/pkg/pytorch-vision > claim the failing
ppc64el and s390x tests are regression.  Is this wrong?
-- 
Happy hacking
Petter Reinholdtsen

Bug#1051815: wasmedge - autopkgtest failure with rustc 1.68

2023-09-12 Thread Peter Green


Package: wasmedge
Version: 0.13.3+dfsg-1
Severity:serious

The autopkgtests for wasmedge fail with rustc 1.68, I have observed this with
both testing and unstable's versions of wasmedge, and with both testing and
unstable's versions of wasi-lib.

https://ci.debian.net/data/autopkgtest/unstable/amd64/w/wasmedge/37793933/log.gz

https://ci.debian.net/data/autopkgtest/unstable/amd64/w/wasmedge/37778163/log.gz

https://ci.debian.net/data/autopkgtest/testing/amd64/w/wasmedge/37770138/log.gz



 93s autopkgtest [14:54:23]: test capi-wasi-env: [---
 93s 1..2
 94s ok 1 build wasi_get_env.wasm with cargo/rustc
 94s not ok 2 build set_wasm_env with gcc
 94s # (in test file debian/tests/capi-wasi-env, line 24)
 94s #   `assert_output --partial "ENV1: VAL1"' failed
 94s #
 94s # -- output does not contain substring --
 94s # substring (1 lines):
 94s #   ENV1: VAL1
 94s # output (4 lines):
 94s #   [2023-09-12 14:54:24.910] [error] execution failed: unreachable, Code: 
0x89
 94s #   [2023-09-12 14:54:24.910] [error] In instruction: unreachable 
(0x00) , Bytecode offset: 0x9efb
 94s #   [2023-09-12 14:54:24.910] [error] When executing function name: 
"print_env"
 94s #   Execution Failed. Error message: unreachable
 94s # --
 94s #
 95s autopkgtest [14:54:25]: test capi-wasi-env: ---]
 95s autopkgtest [14:54:25]: test capi-wasi-env:  - - - - - - - - - - results - 
- - - - - - - - -
 95s capi-wasi-envFAIL non-zero exit status 1

Bug#1050766: natpmp_declspec.h missing?

2023-09-12 Thread Antti Järvinen

Dear libnatpmp-dev maintainer,

please check out https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050766
where classified-ads fails to build due to missing natpmp_declspec.h
with version 20230423-1 of libnatpmp-dev. I don't see any package
providing the missing file natpmp_declspec.h, is there any hope?

--
Antti, having package not compiling

Bug#1051577: iproute2: obsolete conffiles

2023-09-12 Thread Luca Boccassi

On Mon, 11 Sept 2023 at 15:57, Daniel Gröber  wrote:
>
> Hi Luca,
>
> On Mon, Sep 11, 2023 at 01:06:06PM +0100, Luca Boccassi wrote:
> > > I want to question whether removing these conffiles is a good idea at
> > > all. I'm probably one of the few people that actually muck around in there
> > > but it seems like this is going to break things for any users that do.
> >
> > As far as I understand dpkg's conffile machinery should recognize if
> > you changed anything, and leave it in place. Upstream moved the
> > default ones to /usr, so we just follow what they do.
>
> Right. Think of an admin having to adjust these config files though:
> previously they could just `editor /etc/iproute2/rt_tables` and get on with
> things. Now anyone needing to do that will have to do a doubletake, figure
> out why /etc/iproute2 is missing, realize that it's at /usr/lib/iproute2
> now, copy that over and finally edit.
>
> Is that friction really warrented to cater to a specialized niche use-case?
>
> Please consider overriding upstream's decision here.

Yes, it is warranted, both because it's exactly the correct behaviour
for a package, and also because we are certainly not spending time and
resources to go against upstream choices, especially when they are the
right choices.

Processed: Re: Bug#1051577: iproute2: obsolete conffiles

2023-09-12 Thread Debian Bug Tracking System

Processing control commands:

> severity -1 serious
Bug #1051577 {Done: Luca Boccassi } [iproute2] iproute2: 
obsolete conffiles
Severity set to 'serious' from 'normal'

-- 
1051577: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051577
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1051355: 117.0.5938.62 released as stable version

2023-09-12 Thread Leandro Cunha

Hi,

The version 117.0.5938.62 released for Linux, Mac and Windows and include
16 CVEs fixes.

https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_12.html

https://developer.chrome.com/blog/new-in-chrome-117

>

Bug#1051811: pytorch-vision: Failing autopkgtests

2023-09-12 Thread Jeremy Bícha

Source: pytorch-vision
Version: 0.15.2-1
Severity: serious

pytorch-vision added autopkgtests in version 0.15.2-1. However, the
autopkgtests are failing on ppc64el and s390x. Autopkgtest failures
currently prevent migration to Testing even when the autopkgtests have
never passed on an architecture.

Thank you,
Jeremy Bícha

Processed: fixed 1051787 in 1.2.4-0.2+deb12u1

2023-09-12 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> # in upcoming DSA
> fixed 1051787 1.2.4-0.2+deb12u1
Bug #1051787 [libwebp] Subject: CVE-2023-4863: Heap buffer overflow in WebP
Bug #1051786 [libwebp] CVE-2023-4863: Heap buffer overflow in WebP
There is no source info for the package 'libwebp' at version 
'1.2.4-0.2+deb12u1' with architecture ''
Unable to make a source version for version '1.2.4-0.2+deb12u1'
Ignoring request to alter fixed versions of bug #1051787 to the same values 
previously set
Ignoring request to alter fixed versions of bug #1051786 to the same values 
previously set
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1051786: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051786
1051787: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051787
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: fixed 1051787 in 1.2.4-0.2+deb12u1

2023-09-12 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> fixed 1051787 1.2.4-0.2+deb12u1
Bug #1051787 [libwebp] Subject: CVE-2023-4863: Heap buffer overflow in WebP
Bug #1051786 [libwebp] CVE-2023-4863: Heap buffer overflow in WebP
There is no source info for the package 'libwebp' at version 
'1.2.4-0.2+deb12u1' with architecture ''
Unable to make a source version for version '1.2.4-0.2+deb12u1'
Marked as fixed in versions 1.2.4-0.2+deb12u1.
Marked as fixed in versions 1.2.4-0.2+deb12u1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1051786: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051786
1051787: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051787
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: forcibly merging 1051355 1051629

2023-09-12 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> forcemerge 1051355 1051629
Bug #1051355 [chromium] chromium: Segmentation fault
Bug #1051629 [chromium] chromium: Crash with seqfault when starting
Added indication that 1051629 affects jquery-timepicker,phpsysinfo,phpldapadmin
Merged 1051355 1051629
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1051355: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051355
1051629: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051629
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed (with 1 error): merging 1051355 1051629

2023-09-12 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> merge 1051355 1051629
Bug #1051355 [chromium] chromium: Segmentation fault
Unable to merge bugs because:
affects of #1051629 is '' not 'jquery-timepicker,phpsysinfo,phpldapadmin'
Failed to merge 1051355: Did not alter merged bugs.

> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1051355: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051355
1051629: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051629
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1051592: Regression: Commit "netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID" breaks ruleset loading in linux-stable

2023-09-12 Thread Salvatore Bonaccorso

Hi Timo,

On Tue, Sep 12, 2023 at 01:39:59PM +0200, Timo Sigurdsson wrote:
> Hi Pablo,
> 
> Pablo Neira Ayuso schrieb am 12.09.2023 00:57 (GMT +02:00):
> 
> > Hi Timo,
> > 
> > On Mon, Sep 11, 2023 at 11:37:50PM +0200, Timo Sigurdsson wrote:
> >> Hi,
> >> 
> >> recently, Debian updated their stable kernel from 6.1.38 to 6.1.52
> >> which broke nftables ruleset loading on one of my machines with lots
> >> of "Operation not supported" errors. I've reported this to the
> >> Debian project (see link below) and Salvatore Bonaccorso and I
> >> identified "netfilter: nf_tables: disallow rule addition to bound
> >> chain via NFTA_RULE_CHAIN_ID" (0ebc1064e487) as the offending commit
> >> that introduced the regression. Salvatore also found that this issue
> >> affects the 5.10 stable tree as well (observed in 5.10.191), but he
> >> cannot reproduce it on 6.4.13 and 6.5.2.
> >> 
> >> The issue only occurs with some rulesets. While I can't trigger it
> >> with simple/minimal rulesets that I use on some machines, it does
> >> occur with a more complex ruleset that has been in use for months
> >> (if not years, for large parts of it). I'm attaching a somewhat
> >> stripped down version of the ruleset from the machine I originally
> >> observed this issue on. It's still not a small or simple ruleset,
> >> but I'll try to reduce it further when I have more time.
> >> 
> >> The error messages shown when trying to load the ruleset don't seem
> >> to be helpful. Just two simple examples: Just to give two simple
> >> examples from the log when nftables fails to start:
> >> /etc/nftables.conf:99:4-44: Error: Could not process rule: Operation not
> >> supported
> >> tcp option maxseg size 1-500 counter drop
> >> ^
> >> /etc/nftables.conf:308:4-27: Error: Could not process rule: Operation not
> >> supported
> >> tcp dport sip-tls accept
> >> 
> > 
> > I can reproduce this issue with 5.10.191 and 6.1.52 and nftables v1.0.6,
> > this is not reproducible with v1.0.7 and v1.0.8.
> > 
> >> Since the issue only affects some stable trees, Salvatore thought it
> >> might be an incomplete backport that causes this.
> >> 
> >> If you need further information, please let me know.
> > 
> > Userspace nftables v1.0.6 generates incorrect bytecode that hits a new
> > kernel check that rejects adding rules to bound chains. The incorrect
> > bytecode adds the chain binding, attach it to the rule and it adds the
> > rules to the chain binding. I have cherry-picked these three patches
> > for nftables v1.0.6 userspace and your ruleset restores fine.
> 
> hmm, that doesn't explain why Salvatore didn't observe this with
> more recent kernels.
> 
> Salvatore, did you use newer userspace components when you tested
> your 6.4.13 and 6.5.2 builds?

It does explain now because understanding the issue better. While one
while experinting should only change each one constraint for the
6.4.13 and 6.5.2 testing I indeed switched to a Debian unstable
system, which has newer userpace nftables and so not triggering the
issue. This was missleading for the report.

> As for the regression and how it be dealt with: Personally, I don't
> really care whether the regression is solved in the kernel or
> userspace. If everybody agrees that this is the best or only viable
> option and Debian decides to push a nftables update to fix this,
> that works for me. But I do feel the burden to justify this should
> be high. A kernel change that leaves users without a working packet
> filter after upgrading their machines is serious, if you ask me. And
> since it affects several stable/longterm trees, I would assume this
> will hit other stable (non-rolling) distributions as well, since
> they will also use older userspace components (unless this is
> behavior specific to nftables 1.0.6 but not older versions). They
> probably should get a heads up then.

So if it is generally believed on kernel side there should not happen
any further changes to work with older userland, I guess in Debian we
will need to patch nftables. I'm CC'ing Arturo Borrero Gonzalez
, maintainer for the package. The update should go
ideally in the next point releases from October (and maybe released
earlier as well trough the stable-updates mechanism).

FWIW: In Debian bullseye we have 0.9.8 based nftables, in bookworm
1.0.6, so both will need those fixes.

As 0ebc1064e487 is to address CVE-2023-4147 other distros picking the
fix will likely encounter the problem at some point. It looks Red Hat
has taken it (some RHSA's were released), I assume Ubuntu will shortly
as well release USN's containing a fix.

Regards,
Salvatore

Bug#999227: marked as done (xfonts-cyrillic: missing required debian/rules targets build-arch and/or build-indep)

2023-09-12 Thread Debian Bug Tracking System

Your message dated Tue, 12 Sep 2023 19:08:37 +
with message-id 
and subject line Bug#999227: fixed in xfonts-cyrillic 1:1.0.5+nmu1
has caused the Debian Bug report #999227,
regarding xfonts-cyrillic: missing required debian/rules targets build-arch 
and/or build-indep
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
999227: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999227
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: xfonts-cyrillic
Version: 1:1.0.5
Severity: important
Justification: Debian Policy section 4.9
Tags: bookworm sid
User: debian...@lists.debian.org
Usertags: missing-build-arch-indep

Dear maintainer,

Your package does not include build-arch and/or build-indep targets in
debian/rules. This is required by Debian Policy section 4.9, since 2012.
https://www.debian.org/doc/debian-policy/ch-source.html#main-building-script-debian-rules

Please note that this is also a sign that the packaging of this software
could benefit from a refresh. For example, packages using 'dh' cannot be
affected by this issue.

This mass bug filing was discussed on debian-devel@ in
https://lists.debian.org/debian-devel/2021/11/msg00052.html .
The severity of this bug will be changed to 'serious' after a month.

Best,

Lucas
--- End Message ---
--- Begin Message ---
Source: xfonts-cyrillic
Source-Version: 1:1.0.5+nmu1
Done: Boyuan Yang 

We believe that the bug you reported is fixed in the latest version of
xfonts-cyrillic, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 999...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Boyuan Yang  (supplier of updated xfonts-cyrillic package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 29 Aug 2023 13:36:25 -0400
Source: xfonts-cyrillic
Architecture: source
Version: 1:1.0.5+nmu1
Distribution: unstable
Urgency: medium
Maintainer: Debian X Strike Force 
Changed-By: Boyuan Yang 
Closes: 999227
Changes:
 xfonts-cyrillic (1:1.0.5+nmu1) unstable; urgency=medium
 .
   * Non-maintainer upload.
 .
   [ Julien Cristau ]
   * Switch Vcs-* control fields to https.
   * Switch upstream URLs in packaging to https.
 .
   [ Simon McVittie ]
   * d/control: Update Vcs-* for migration to salsa.debian.org
   * d/rules: Add missing build-arch, build-indep targets (Policy §4.9)
 (Closes: #999227)
   * d/control: Declare that the build does not require (fake)root
   * d/rules: Use dh_update_autotools_config to update config.guess,
 config.sub
 .
   [ Boyuan Yang ]
   * debian/source/format: Explicitly use format "3.0 (native)".
 + Current version corresponds to upstream release v1.0.4.
Checksums-Sha1:
 b08a904df4d47634944d5ca15ce584910ea5533e 1654 xfonts-cyrillic_1.0.5+nmu1.dsc
 65a7cbe52d9eaac99e3edcd526eb680effea73f5 272536 
xfonts-cyrillic_1.0.5+nmu1.tar.xz
 3a5c5aa790c94abc6a624119c0526da2c720183a 6215 
xfonts-cyrillic_1.0.5+nmu1_amd64.buildinfo
Checksums-Sha256:
 33126deb255611a33807099b3beb16f56d88785833695214c2e34651f3b54376 1654 
xfonts-cyrillic_1.0.5+nmu1.dsc
 942a2761f11aa92ff7438da49ba10d8375c7214819a29f297fb2609dbf29ffef 272536 
xfonts-cyrillic_1.0.5+nmu1.tar.xz
 08aead5f8dd445b90141a8ed47e317366575d21a59a2b5526a93322215b808de 6215 
xfonts-cyrillic_1.0.5+nmu1_amd64.buildinfo
Files:
 0a351e20717d9ea93c2cdada1cac7e5b 1654 fonts optional 
xfonts-cyrillic_1.0.5+nmu1.dsc
 707fd9a613e6f401ff9e4215d08e01fb 272536 fonts optional 
xfonts-cyrillic_1.0.5+nmu1.tar.xz
 edcbe7f5c2bb3f08bee73add44e68ea0 6215 fonts optional 
xfonts-cyrillic_1.0.5+nmu1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEfncpR22H1vEdkazLwpPntGGCWs4FAmTuLVQACgkQwpPntGGC
Ws5bwxAAkQVtndz9TudNm+W0zz6Qcr0vOdOtKFuEXiaO24+cFZtHrZ+QbHMn2Ook
m7jb+ir8bymANWJ3uC5O5D0JXMFw5iKoFeDaP8yNcUCI4t2FZE5BmQhT2AKL5McW
cHQRyOj7CUVq34gejapf9CGVimQbA/eqx2T8T6l4lmj+dicFXPHb8EBzlYviKpNV
U9ddryj2IXH5m1B2abCMaInBKOx+BPVGiChSUlwi3F8IamZyelPvYEJIXHczJZSo
vpCiYFnYrFuXR+0szZlMcNSWXCxby5hS0BS6eb2k/j3NzLBpnr42ge88oHS9AGYC
dHaq4Y0hB/Ol/wVptW3BrCASzWn4/zlx1uVxWmOzKPPmiVD0ruOZXYPiqqeZI5AR
rnGhNPJSZpziOrhiOjy+2pg1OHlVt+DWcjTT+HEoQnEl3HXjQLw/Cu875ipg5L/r

Bug#1006336: marked as done (trinityrnaseq: autopkgtest regression in testing: segmentation fault)

2023-09-12 Thread Debian Bug Tracking System

Your message dated Tue, 12 Sep 2023 19:08:21 +
with message-id 
and subject line Bug#1006336: fixed in trinityrnaseq 2.15.1+dfsg-1
has caused the Debian Bug report #1006336,
regarding trinityrnaseq: autopkgtest regression in testing: segmentation fault
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1006336: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006336
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: trinityrnaseq
Version: 2.13.2+dfsg-3
Severity: serious

Dear maintainer,

Somewhere around the end of January 2022, the autopkgtest of you
package started to fail on amd64.

Paul

https://ci.debian.net/data/autopkgtest/testing/amd64/t/trinityrnaseq/19291359/log.gz

All commands completed successfully. :-)



** Harvesting all assembled transcripts into a single multi-fasta file...

Thursday, February 17, 2022: 04:50:39   CMD: find 
/tmp/autopkgtest-lxc.ayemar40/downtmp/autopkgtest_tmp/trinityrnaseq/trinity_ext_sample_data/test_full_edgeR_pipeline/trinity_out_dir/read_partitions/
 -name '*inity.fasta'  | 
/usr/lib/trinityrnaseq/util/support_scripts/partitioned_trinity_aggregator.pl 
--token_prefix TRINITY_DN --output_prefix 
/tmp/autopkgtest-lxc.ayemar40/downtmp/autopkgtest_tmp/trinityrnaseq/trinity_ext_sample_data/test_full_edgeR_pipeline/trinity_out_dir/Trinity.tmp
* [Thu Feb 17 04:50:39 2022] Running CMD: 
/usr/lib/trinityrnaseq/util/support_scripts/salmon_runner.pl Trinity.tmp.fasta 
/tmp/autopkgtest-lxc.ayemar40/downtmp/autopkgtest_tmp/trinityrnaseq/trinity_ext_sample_data/test_full_edgeR_pipeline/trinity_out_dir/both.fa
 2


Error encountered::  

Error, cmd: /usr/lib/trinityrnaseq/util/support_scripts/salmon_runner.pl 
Trinity.tmp.fasta 
/tmp/autopkgtest-lxc.ayemar40/downtmp/autopkgtest_tmp/trinityrnaseq/trinity_ext_sample_data/test_full_edgeR_pipeline/trinity_out_dir/both.fa
 2 2>tmp.5696.1645073439.stderr died with ret 65280  at 
/usr/lib/trinityrnaseq/PerlLib/Pipeliner.pm line 187.
Pipeliner::run(Pipeliner=HASH(0x56312e81af88)) called at 
/usr/lib/trinityrnaseq/Trinity line 4127
main::salmon_expr_filtering("Trinity.tmp.fasta", 
"/tmp/autopkgtest-lxc.ayemar40/downtmp/autopkgtest_tmp/trinity"..., 
"/tmp/autopkgtest-lxc.ayemar40/downtmp/autopkgtest_tmp/trinity"...) called at 
/usr/lib/trinityrnaseq/Trinity line 1460
make[1]: *** [Makefile:2: test] Error 255
make[1]: Leaving directory 
'/tmp/autopkgtest-lxc.ayemar40/downtmp/autopkgtest_tmp/trinityrnaseq/trinity_ext_sample_data/test_full_edgeR_pipeline'
make: *** [Makefile:18: test] Error 2
--- End Message ---
--- Begin Message ---
Source: trinityrnaseq
Source-Version: 2.15.1+dfsg-1
Done: Michael R. Crusoe 

We believe that the bug you reported is fixed in the latest version of
trinityrnaseq, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1006...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Michael R. Crusoe  (supplier of updated trinityrnaseq 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 12 Sep 2023 17:12:30 +0200
Source: trinityrnaseq
Architecture: source
Version: 2.15.1+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Med Packaging Team 

Changed-By: Michael R. Crusoe 
Closes: 1004773 1006336
Changes:
 trinityrnaseq (2.15.1+dfsg-1) unstable; urgency=medium
 .
   [ Michael R. Crusoe ]
   * d/watch: update for GitHub API breakage
 .
   [ Andreas Tille ]
   * Standards-Version: 4.6.2 (routine-update)
 .
   [ Michael R. Crusoe ]
   * d/control: update homepage
   * d/control: remove unused test-deps
   * d/source/lintian-overrides: note that we clean up the
 config.{log,status} automatically.
   * d/patches/R_4.2_fix: fix for R 4.2.x+.
 Closes: #1006336, #1004773
Checksums-Sha1:
 b85a25f43fa002c684fe19b894768b619e898ab3 2321 trinityrnaseq_2.15.1+dfsg-1.dsc
 0857b38a12ed7b84799ff870397a752991b8d618 307318092 
trinityrnaseq_2.15.1+dfsg.orig.tar.xz
 5b659b883d9f773f0fe36c4381e85a5c2cee2ad7 39144 
trinityrnaseq_2.15.1+dfsg-1.debian.tar.xz
 2800a1c1cde54b36b49f754cb872362c12415e31 14570 
trinityrnaseq_2.15.1+dfsg-1_source.buildinfo
Checksums-Sha256:

Processed: bug 1050436 is forwarded to https://gitlab.freedesktop.org/upower/upower/-/issues/251

2023-09-12 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> forwarded 1050436 https://gitlab.freedesktop.org/upower/upower/-/issues/251
Bug #1050436 [src:upower] upower: autopkgtest regression on i386: excessive 
precision?
Set Bug forwarded-to-address to 
'https://gitlab.freedesktop.org/upower/upower/-/issues/251'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1050436: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050436
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1051804: aom: Autopkgtest regression on s390x with aom v3.7.0

2023-09-12 Thread Boyuan Yang

Source: aom
Version: 3.7.0-1~exp1
Severity: serious
Forwarded: https://bugs.chromium.org/p/aomedia/issues/detail?id=3487

Current aom 3.7.0 will raise autopkgtest regression on s390x. The following
commands will raise an error:

ffmpeg -y -f lavfi -i testsrc=duration=1:size=320x240:rate=30 -pix_fmt 
yuv420p input.y4m
aomenc -o encoded.webm input.y4m
aomdec -o decoded.yuv encoded.webm

the error output of aomdec is as follows:

Warning: Failed to decode frame 1: Corrupt frame detected
Warning: Additional information: Invalid intrabc dv

It is believed to be some endian handling error in the source code, and
the bug is forwarded upstream pending investigation.

Thanks,
Boyuan Yang


signature.asc
Description: This is a digitally signed message part

Processed: found 1051787 in 0.6.1-2.1+deb11u1, found 1051787 in 0.6.1-1

2023-09-12 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> found 1051787 0.6.1-2.1+deb11u1
Bug #1051787 [libwebp] Subject: CVE-2023-4863: Heap buffer overflow in WebP
Bug #1051786 [libwebp] CVE-2023-4863: Heap buffer overflow in WebP
There is no source info for the package 'libwebp' at version 
'0.6.1-2.1+deb11u1' with architecture ''
Unable to make a source version for version '0.6.1-2.1+deb11u1'
Marked as found in versions 0.6.1-2.1+deb11u1.
Marked as found in versions 0.6.1-2.1+deb11u1.
> found 1051787 0.6.1-1
Bug #1051787 [libwebp] Subject: CVE-2023-4863: Heap buffer overflow in WebP
Bug #1051786 [libwebp] CVE-2023-4863: Heap buffer overflow in WebP
There is no source info for the package 'libwebp' at version '0.6.1-1' with 
architecture ''
Unable to make a source version for version '0.6.1-1'
Marked as found in versions 0.6.1-1.
Marked as found in versions 0.6.1-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1051786: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051786
1051787: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051787
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: found 1051787 in 1.2.4-0.2, tagging 1051787, bug 1051787 is forwarded to https://crbug.com/1479274

2023-09-12 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> found 1051787 1.2.4-0.2
Bug #1051787 [libwebp] Subject: CVE-2023-4863: Heap buffer overflow in WebP
Bug #1051786 [libwebp] CVE-2023-4863: Heap buffer overflow in WebP
There is no source info for the package 'libwebp' at version '1.2.4-0.2' with 
architecture ''
Unable to make a source version for version '1.2.4-0.2'
Marked as found in versions 1.2.4-0.2.
Marked as found in versions 1.2.4-0.2.
> tags 1051787 + upstream
Bug #1051787 [libwebp] Subject: CVE-2023-4863: Heap buffer overflow in WebP
Bug #1051786 [libwebp] CVE-2023-4863: Heap buffer overflow in WebP
Added tag(s) upstream.
Added tag(s) upstream.
> forwarded 1051787 https://crbug.com/1479274
Bug #1051787 [libwebp] Subject: CVE-2023-4863: Heap buffer overflow in WebP
Bug #1051786 [libwebp] CVE-2023-4863: Heap buffer overflow in WebP
Set Bug forwarded-to-address to 'https://crbug.com/1479274'.
Set Bug forwarded-to-address to 'https://crbug.com/1479274'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1051786: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051786
1051787: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051787
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1051563: marked as done (mutt: CVE-2023-4874 CVE-2023-4875)

2023-09-12 Thread Debian Bug Tracking System

Your message dated Tue, 12 Sep 2023 18:47:15 +
with message-id 
and subject line Bug#1051563: fixed in mutt 2.2.9-1+deb12u1
has caused the Debian Bug report #1051563,
regarding mutt: CVE-2023-4874 CVE-2023-4875
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1051563: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051563
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: mutt
Version: 2.2.9-1
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerabilities were published for mutt.

CVE-2023-4874[0]:
| Null pointer dereference when viewing a specially crafted email in
| Mutt >1.5.2 <2.2.12


CVE-2023-4875[1]:
| Null pointer dereference when composing from a specially crafted
| draft message in Mutt >1.5.2 <2.2.12

Make sure to include all three commits referenced from [2], the last
one is technically not part of the two CVEs, but another crash found
by upstream.

If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-4874
https://www.cve.org/CVERecord?id=CVE-2023-4874
[1] https://security-tracker.debian.org/tracker/CVE-2023-4875
https://www.cve.org/CVERecord?id=CVE-2023-4875
[2] 
http://lists.mutt.org/pipermail/mutt-announce/Week-of-Mon-20230904/56.html

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: mutt
Source-Version: 2.2.9-1+deb12u1
Done: Salvatore Bonaccorso 

We believe that the bug you reported is fixed in the latest version of
mutt, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1051...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso  (supplier of updated mutt package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 10 Sep 2023 12:57:40 +0200
Source: mutt
Architecture: source
Version: 2.2.9-1+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Mutt maintainers 
Changed-By: Salvatore Bonaccorso 
Closes: 1051563
Changes:
 mutt (2.2.9-1+deb12u1) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix rfc2047 base64 decoding to abort on illegal characters.
 (CVE-2023-4874, CVE-2023-4875) (Closes: #1051563)
   * Check for NULL userhdrs. (CVE-2023-4875) (Closes: #1051563)
   * Fix write_one_header() illegal header check. (CVE-2023-4874)
 (Closes: #1051563)
Checksums-Sha1: 
 05ac33a23ef842199c82d6c8de58534535ab6cfa 2465 mutt_2.2.9-1+deb12u1.dsc
 88e057097697441b96acec5882887c057ab93a98 5526236 mutt_2.2.9.orig.tar.gz
 3af2bdbf259fdda4557d57229ef19ae2125c1fcc 833 mutt_2.2.9.orig.tar.gz.asc
 7e91aa2fb3df0017accec7e7f7cf56708298e490 63120 
mutt_2.2.9-1+deb12u1.debian.tar.xz
Checksums-Sha256: 
 5e76b0c44c2c304761288746fcc904a7de76fdf34e2402bf3211d7508bdc813c 2465 
mutt_2.2.9-1+deb12u1.dsc
 fa531b231d58fe1f30ceda0ed626683ea9ebdfb76ce47ef8bb27c2f77422cffb 5526236 
mutt_2.2.9.orig.tar.gz
 e35e9ea2f128976037c8e6f9ae7c57ba0b1520981b45d3bc9ab07eb42cf11de2 833 
mutt_2.2.9.orig.tar.gz.asc
 0cd540b84ab7c52ba3b06983994efd2f29d3def0cc1d1c33cb53b788095f1392 63120 
mutt_2.2.9-1+deb12u1.debian.tar.xz
Files: 
 a3e6d529803433f896400326430da2f0 2465 mail optional mutt_2.2.9-1+deb12u1.dsc
 14cbaec4cc88ad8147fbe6df8a2d48fd 5526236 mail optional mutt_2.2.9.orig.tar.gz
 00aad8b2a4da8e02734cb6a3d9ebab0e 833 mail optional mutt_2.2.9.orig.tar.gz.asc
 1e7bb46fd33f5d9cea7b780aa3b9d76a 63120 mail optional 
mutt_2.2.9-1+deb12u1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmT9ofdfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EuIgP/2jvydn4UUbPdviuUEzJT8by33FmS8of
O+fCLV7BF2DGFc0htmMF7GOWYVjbDB/EHsabDzHsnphtQE7c61F8jF7ULbgQHRab
OTMeD8x+uKZPS5v7+66lwAuHGOYHjaNnUh4rbkuoBgK6+pb3HsJsJT03AVZwd0z9

Bug#1050970: marked as done (open-vm-tools: CVE-2023-20900)

2023-09-12 Thread Debian Bug Tracking System

Your message dated Tue, 12 Sep 2023 18:47:41 +
with message-id 
and subject line Bug#1050970: fixed in open-vm-tools 2:11.2.5-2+deb11u2
has caused the Debian Bug report #1050970,
regarding open-vm-tools: CVE-2023-20900
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1050970: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050970
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: open-vm-tools
Version: 2:12.2.5-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for open-vm-tools.

CVE-2023-20900[0]:
| VMware Tools contains a SAML token signature bypass vulnerability. A
| malicious actor with man-in-the-middle (MITM) network positioning
| between vCenter server and the virtual machine may be able to bypass
| SAML token signature verification, to perform VMware Tools Guest
| Operations.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-20900
https://www.cve.org/CVERecord?id=CVE-2023-20900
[1] https://www.openwall.com/lists/oss-security/2023/08/31/1
[2] 
https://github.com/vmware/open-vm-tools/commit/74b6d0d9000eda1a2c8f31c40c725fb0b8520b16

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.4.0-3-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
--- End Message ---
--- Begin Message ---
Source: open-vm-tools
Source-Version: 2:11.2.5-2+deb11u2
Done: Bernd Zeimetz 

We believe that the bug you reported is fixed in the latest version of
open-vm-tools, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1050...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bernd Zeimetz  (supplier of updated open-vm-tools package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Wed, 06 Sep 2023 20:17:28 +0200
Source: open-vm-tools
Binary: open-vm-tools open-vm-tools-dbgsym open-vm-tools-desktop 
open-vm-tools-desktop-dbgsym open-vm-tools-dev open-vm-tools-sdmp 
open-vm-tools-sdmp-dbgsym
Architecture: source amd64
Version: 2:11.2.5-2+deb11u2
Distribution: bullseye-security
Urgency: high
Maintainer: Bernd Zeimetz 
Changed-By: Bernd Zeimetz 
Description:
 open-vm-tools - Open VMware Tools for virtual machines hosted on VMware (CLI)
 open-vm-tools-desktop - Open VMware Tools for virtual machines hosted on 
VMware (GUI)
 open-vm-tools-dev - Open VMware Tools for virtual machines hosted on VMware 
(developm
 open-vm-tools-sdmp - Open VMware Tools for VMs hosted on VMware (Service 
Discovery Plu
Closes: 1050970
Changes:
 open-vm-tools (2:11.2.5-2+deb11u2) bullseye-security; urgency=high
 .
   * [29e736e] Fixing CVE-2023-20867, CVE-2023-20900
 - Authentication Bypass vulnerability in VMware Tools (CVE-2023-20867)
   A fully compromised ESXi host can force VMware Tools to fail to
   authenticate host-to-guest operations, impacting the confidentiality
   and integrity of the guest virtual machine.
 - SAML token signature bypass vulnerability (CVE-2023-20900)
   A malicious actor with man-in-the-middle (MITM) network positioning
   between vCenter server and the virtual machine may be able to bypass
   SAML token signature verification, to perform VMware Tools Guest
   Operations. (Closes: #1050970)
Checksums-Sha1:
 00b48931dc1db0f8219b59b3cacda160df049884 2521 
open-vm-tools_11.2.5-2+deb11u2.dsc
 11860715e4fef9615e93afa33e2fe9daa005a6b7 33852 
open-vm-tools_11.2.5-2+deb11u2.debian.tar.xz
 89781142cdfeb9445067af478e0dd35c8eb77863 1972124 
open-vm-tools-dbgsym_11.2.5-2+deb11u2_amd64.deb
 c57d1c1dab71ca059b261bc27fca18d0d0242648 1364760

Bug#1050970: marked as done (open-vm-tools: CVE-2023-20900)

2023-09-12 Thread Debian Bug Tracking System

Your message dated Tue, 12 Sep 2023 18:47:19 +
with message-id 
and subject line Bug#1050970: fixed in open-vm-tools 2:12.2.0-1+deb12u1
has caused the Debian Bug report #1050970,
regarding open-vm-tools: CVE-2023-20900
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1050970: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050970
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: open-vm-tools
Version: 2:12.2.5-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for open-vm-tools.

CVE-2023-20900[0]:
| VMware Tools contains a SAML token signature bypass vulnerability. A
| malicious actor with man-in-the-middle (MITM) network positioning
| between vCenter server and the virtual machine may be able to bypass
| SAML token signature verification, to perform VMware Tools Guest
| Operations.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-20900
https://www.cve.org/CVERecord?id=CVE-2023-20900
[1] https://www.openwall.com/lists/oss-security/2023/08/31/1
[2] 
https://github.com/vmware/open-vm-tools/commit/74b6d0d9000eda1a2c8f31c40c725fb0b8520b16

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.4.0-3-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
--- End Message ---
--- Begin Message ---
Source: open-vm-tools
Source-Version: 2:12.2.0-1+deb12u1
Done: Bernd Zeimetz 

We believe that the bug you reported is fixed in the latest version of
open-vm-tools, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1050...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bernd Zeimetz  (supplier of updated open-vm-tools package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Wed, 06 Sep 2023 20:01:06 +0200
Source: open-vm-tools
Binary: open-vm-tools open-vm-tools-containerinfo 
open-vm-tools-containerinfo-dbgsym open-vm-tools-dbgsym open-vm-tools-desktop 
open-vm-tools-desktop-dbgsym open-vm-tools-dev open-vm-tools-salt-minion 
open-vm-tools-sdmp open-vm-tools-sdmp-dbgsym
Architecture: source amd64
Version: 2:12.2.0-1+deb12u1
Distribution: bookworm-security
Urgency: medium
Maintainer: Bernd Zeimetz 
Changed-By: Bernd Zeimetz 
Description:
 open-vm-tools - Open VMware Tools for virtual machines hosted on VMware (CLI)
 open-vm-tools-containerinfo - Open VMware Tools for VMs hosted on VMware 
(Service Discovery Plu
 open-vm-tools-desktop - Open VMware Tools for virtual machines hosted on 
VMware (GUI)
 open-vm-tools-dev - Open VMware Tools for virtual machines hosted on VMware 
(developm
 open-vm-tools-salt-minion - Open VMware Tools for VMs hosted on VMware 
(Service Discovery Plu
 open-vm-tools-sdmp - Open VMware Tools for VMs hosted on VMware (Service 
Discovery Plu
Closes: 1050970
Changes:
 open-vm-tools (2:12.2.0-1+deb12u1) bookworm-security; urgency=medium
 .
   * [3812674] Fixing CVE-2023-20867, CVE-2023-20900
 - Authentication Bypass vulnerability in VMware Tools (CVE-2023-20867)
   A fully compromised ESXi host can force VMware Tools to fail to
   authenticate host-to-guest operations, impacting the confidentiality
   and integrity of the guest virtual machine.
 - SAML token signature bypass vulnerability (CVE-2023-20900)
   A malicious actor with man-in-the-middle (MITM) network positioning
   between vCenter server and the virtual machine may be able to bypass
   SAML token signature verification, to perform VMware Tools Guest
   Operations. (Closes: #1050970)
   * [fb0ab84] Updating gitlab CI and GBP to build in bookworm
Checksums-Sha1:

Bug#1006336: marked as pending in trinityrnaseq

2023-09-12 Thread Michael R. Crusoe

Control: tag -1 pending

Hello,

Bug #1006336 in trinityrnaseq reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/med-team/trinityrnaseq/-/commit/2e49a54481ce3fbcc636c8b9a5123940a6e20e71


d/patches/R_4.2_fix: fix for R 4.2.x+.

Closes: #1006336, #100477


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/1006336

Processed: Bug#1006336 marked as pending in trinityrnaseq

2023-09-12 Thread Debian Bug Tracking System

Processing control commands:

> tag -1 pending
Bug #1006336 [src:trinityrnaseq] trinityrnaseq: autopkgtest regression in 
testing: segmentation fault
Added tag(s) pending.

-- 
1006336: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006336
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1051563: marked as done (mutt: CVE-2023-4874 CVE-2023-4875)

2023-09-12 Thread Debian Bug Tracking System

Your message dated Tue, 12 Sep 2023 17:47:28 +
with message-id 
and subject line Bug#1051563: fixed in mutt 2.0.5-4.1+deb11u3
has caused the Debian Bug report #1051563,
regarding mutt: CVE-2023-4874 CVE-2023-4875
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1051563: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051563
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: mutt
Version: 2.2.9-1
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerabilities were published for mutt.

CVE-2023-4874[0]:
| Null pointer dereference when viewing a specially crafted email in
| Mutt >1.5.2 <2.2.12


CVE-2023-4875[1]:
| Null pointer dereference when composing from a specially crafted
| draft message in Mutt >1.5.2 <2.2.12

Make sure to include all three commits referenced from [2], the last
one is technically not part of the two CVEs, but another crash found
by upstream.

If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-4874
https://www.cve.org/CVERecord?id=CVE-2023-4874
[1] https://security-tracker.debian.org/tracker/CVE-2023-4875
https://www.cve.org/CVERecord?id=CVE-2023-4875
[2] 
http://lists.mutt.org/pipermail/mutt-announce/Week-of-Mon-20230904/56.html

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: mutt
Source-Version: 2.0.5-4.1+deb11u3
Done: Salvatore Bonaccorso 

We believe that the bug you reported is fixed in the latest version of
mutt, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1051...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso  (supplier of updated mutt package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 10 Sep 2023 13:53:23 +0200
Source: mutt
Architecture: source
Version: 2.0.5-4.1+deb11u3
Distribution: bullseye-security
Urgency: high
Maintainer: Mutt maintainers 
Changed-By: Salvatore Bonaccorso 
Closes: 1051563
Changes:
 mutt (2.0.5-4.1+deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix rfc2047 base64 decoding to abort on illegal characters.
 (CVE-2023-4874, CVE-2023-4875) (Closes: #1051563)
   * Check for NULL userhdrs. (CVE-2023-4875) (Closes: #1051563)
   * Fix write_one_header() illegal header check. (CVE-2023-4874)
 (Closes: #1051563)
Checksums-Sha1: 
 241bdd85de80c5f0bd977f580500505d7ab250ab 2476 mutt_2.0.5-4.1+deb11u3.dsc
 5254653d11f03e59d6a733f696076f4cebfa7324 5294710 mutt_2.0.5.orig.tar.gz
 0ea5fe0ef496229bea4f2f71cf23fee8372ca4c0 833 mutt_2.0.5.orig.tar.gz.asc
 f5de9eb973394d041dc87f7548c58cedd1b66c28 109300 
mutt_2.0.5-4.1+deb11u3.debian.tar.xz
Checksums-Sha256: 
 778f98df98ce8369b3d6993de836f622bf86ffe2ac1bac30918e72026a97b0e7 2476 
mutt_2.0.5-4.1+deb11u3.dsc
 e21d5aec0d3110f89d390929e56a38794a94f5843120d9ff59b21da78fd0004d 5294710 
mutt_2.0.5.orig.tar.gz
 9deff041e96664c2871e04eff30c0c77ac35d8a35a515c749bcbf205656c622c 833 
mutt_2.0.5.orig.tar.gz.asc
 622db451e11dfc415f7846180da19a77ff9c5f70e12cb95fe2019547cfba8a2c 109300 
mutt_2.0.5-4.1+deb11u3.debian.tar.xz
Files: 
 5ac3eb203c8ce68de7a457a5f459e0d6 2476 mail optional mutt_2.0.5-4.1+deb11u3.dsc
 f738a7d1d458d91420fe0759845e4d0a 5294710 mail optional mutt_2.0.5.orig.tar.gz
 ca23b5285b3b22b1b9ce6541bcec6162 833 mail optional mutt_2.0.5.orig.tar.gz.asc
 a8c8eb16f095bf30ba9bc560f148853a 109300 mail optional 
mutt_2.0.5-4.1+deb11u3.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmT9rvNfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89E5BwP/1Q4QvzdIvGfjalJKgQbQG0/bgC7P62s
ZNKwczlHjLbpQHj+aPXBuB4yKrr6RpEZUeHt6SKZtU07A4P0KrbYpiFx3UjfJjPW
wGc4jYqd/YWPPrOcfpFLJXOOkPtbkyB13tl2DNy3M0/9MWc5WOObD0sH2/amtP+X

Bug#1051543: grub2: Fails to load normal.mod from a XFS v5 parition.

2023-09-12 Thread Jamie Heilman

Funny, I had this problem (unbootable system, couldn't find net.mod
even though it was there ls on the grub_rescue prompt didn't see it)
with a XFS V4 partition, and rebuilding that as V5 and copying
everything over seemed to have fixed it... but maybe I just got lucky
on the first try.  Interestingly, once I've got grub actually able to
load normal.mod it doesn't seem to have problems finding any files on
the V4 partition.  For the sake of comparison here's are the full
details of the two (lvm) volumes in question:

The partition that initially broke w/2.12~rc1-9:

# xfs_db -r /dev/mapper/S-root
xfs_db> version
versionnum [0xb4b4+0xa] = 
V4,NLINK,DIRV2,ATTR,ALIGN,LOGV2,EXTFLG,MOREBITS,ATTR2,LAZYSBCOUNT

# xfs_info /dev/mapper/S-root
meta-data=/dev/mapper/S-root isize=256agcount=4, agsize=524288 blks
 =   sectsz=512   attr=2, projid32bit=0
 =   crc=0finobt=0, sparse=0, rmapbt=0
 =   reflink=0bigtime=0 inobtcount=0 nrext64=0
data =   bsize=4096   blocks=2097152, imaxpct=25
 =   sunit=0  swidth=0 blks
naming   =version 2  bsize=4096   ascii-ci=0, ftype=0
log  =internal log   bsize=4096   blocks=2560, version=2
 =   sectsz=512   sunit=0 blks, lazy-count=1
realtime =none   extsz=4096   blocks=0, rtextents=0


And the partition that seems to be working OK (but maybe it's just
luck?):

# xfs_db -r /dev/mapper/S-root23
xfs_db> version
versionnum [0xb4a5+0x18a] = 
V5,NLINK,DIRV2,ALIGN,LOGV2,EXTFLG,MOREBITS,ATTR2,LAZYSBCOUNT,PROJID32BIT,CRC,FTYPE,FINOBT,SPARSE_INODES,REFLINK,INOBTCNT,BIGTIME

# xfs_info /dev/mapper/S-root23
meta-data=/dev/mapper/S-root23   isize=512agcount=4, agsize=524288 blks
 =   sectsz=512   attr=2, projid32bit=1
 =   crc=1finobt=1, sparse=1, rmapbt=0
 =   reflink=1bigtime=1 inobtcount=1 nrext64=0
data =   bsize=4096   blocks=2097152, imaxpct=25
 =   sunit=0  swidth=0 blks
naming   =version 2  bsize=4096   ascii-ci=0, ftype=1
log  =internal log   bsize=4096   blocks=16384, version=2
 =   sectsz=512   sunit=0 blks, lazy-count=1
realtime =none   extsz=4096   blocks=0, rtextents=0


Do we know if the breakage related to bigtime feature?


-- 
Jamie Heilman http://audible.transient.net/~jamie/

Processed: your mail

2023-09-12 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> unarchive 1003125
Bug #1003125 {Done: Mike Gabriel } [src:e2guardian] 
e2guardian: CVE-2021-44273
Unarchived Bug 1003125
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1003125: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003125
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1036062: marked as done (frr: CVE-2023-31490)

2023-09-12 Thread Debian Bug Tracking System

Your message dated Tue, 12 Sep 2023 17:17:28 +
with message-id 
and subject line Bug#1036062: fixed in frr 7.5.1-1.1+deb11u2
has caused the Debian Bug report #1036062,
regarding frr: CVE-2023-31490
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1036062: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036062
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: frr
Version: 8.4.2-1
Severity: grave
Tags: security upstream
Forwarded: https://github.com/FRRouting/frr/issues/13099
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for frr.

CVE-2023-31490[0]:
| An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to
| cause a denial of service via the bgp_attr_psid_sub() function.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-31490
https://www.cve.org/CVERecord?id=CVE-2023-31490
[1] https://github.com/FRRouting/frr/issues/13099

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: frr
Source-Version: 7.5.1-1.1+deb11u2
Done: Aron Xu 

We believe that the bug you reported is fixed in the latest version of
frr, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1036...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Aron Xu  (supplier of updated frr package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 01 Sep 2023 12:27:31 +0800
Source: frr
Architecture: source
Version: 7.5.1-1.1+deb11u2
Distribution: bullseye-security
Urgency: high
Maintainer: David Lamparter 
Changed-By: Aron Xu 
Closes: 1035829 1036062
Changes:
 frr (7.5.1-1.1+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2022-36440, CVE-2022-40302, CVE-2022-40318, CVE-2022-43681:
 Denial of service with maliciously construct BGP OPEN packet
 (Closes: #1035829).
   * CVE-2023-31490: Denial of service caused by malformed SRv6 L3
 service attribute (Closes: #1036062).
   * CVE-2023-38802: Denial of service caused by corrupted
 Tunnel Encapsulation attribute.
   * CVE-2023-41358: Denial of service while processing NLRIs with
 zero length attribute.
Checksums-Sha1:
 a7d908ce0fb2a65ba5ce72901d050902748518e2 2287 frr_7.5.1-1.1+deb11u2.dsc
 0827aedf82f6e44a3116afd2fbfb5fca74d5d479 34096 
frr_7.5.1-1.1+deb11u2.debian.tar.xz
 2a84253426b6797268238724c7e6c8999e857519 8106 
frr_7.5.1-1.1+deb11u2_source.buildinfo
Checksums-Sha256:
 f374798eaae32e10a1c0721181c88c07aa8d70a18c07e94d504abda8f07bbf19 2287 
frr_7.5.1-1.1+deb11u2.dsc
 98a19282f795a65e2e104b5254947afd7bf0f375d115f123e27a48372b4efefa 34096 
frr_7.5.1-1.1+deb11u2.debian.tar.xz
 24ec8f8682e2f23337f26180454e9c5bd2c6f4cf81726401136f0759f97ce5e5 8106 
frr_7.5.1-1.1+deb11u2_source.buildinfo
Files:
 a07602544e027cade4ffab8cff96b525 2287 net optional frr_7.5.1-1.1+deb11u2.dsc
 f340cd118ef732330033d1ac49b5706f 34096 net optional 
frr_7.5.1-1.1+deb11u2.debian.tar.xz
 2bc53635a7e44849fc61a0669bd11f48 8106 net optional 
frr_7.5.1-1.1+deb11u2_source.buildinfo

-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEEhhz+aYQl/Bp4OTA7O1LKKgqv2VQFAmTxpWoACgkQO1LKKgqv
2VQIMwf9Ey4eqHd8G1ipYUDlPR11iyLuywUqTjM/02DcZuPH+jZGhE+bdi9iojyd
a7qTJ/WQ0lJ+TWhZ0UIF8qlj8cWQf96nriNpf8Fe6DZ1J1LFdnTINWcJLvgQ0iCm
Mmq0PuvUTW7KjTAZC9apaSSIPUFkEEtlUuKqQ624++NiGMZs95bD6nQzPIHCG3yA
TXCREoXwvUDEzUiiO/kh6h/S5vlheLnYI9xvetxhcMl2BVGWtsNFAlZWScGmZQ7z
IZbeeNcgrBYZy4BzHw/cNf6HtUIkvrw84C/mgKmR1lHM5+FOT9nHTQkgYr6L/oRS
yEInY3potu0i6SM8rpVW6CtJ9/xn2A==
=PuKm
-END PGP SIGNATURE End Message ---

Processed: Re: Bug#1051787: Subject: CVE-2023-4863: Heap buffer overflow in WebP

2023-09-12 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> reassign 1051787 libwebp
Bug #1051787 [chromium] Subject: CVE-2023-4863: Heap buffer overflow in WebP
Bug #1051786 [chromium] CVE-2023-4863: Heap buffer overflow in WebP
Bug reassigned from package 'chromium' to 'libwebp'.
Bug reassigned from package 'chromium' to 'libwebp'.
No longer marked as found in versions chromium/116.0.5845.180-1.
No longer marked as found in versions chromium/116.0.5845.180-1.
Ignoring request to alter fixed versions of bug #1051787 to the same values 
previously set
Ignoring request to alter fixed versions of bug #1051786 to the same values 
previously set
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1051786: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051786
1051787: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051787
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1051787: Subject: CVE-2023-4863: Heap buffer overflow in WebP

2023-09-12 Thread Andres Salomon


reassign 1051787 libwebp
thanks


Actually I'm mistaken, we're building against the system libwebp so 
there's no need to update chromium at all for this CVE. The webp fix is 
the only (linux) change that chromium made between .180 and .187.





On Tue, Sep 12 2023 at 11:34:26 AM -04:00:00, Andres Salomon 
 wrote:

clone 1051787 -1
reassign -1 libwebp
thanks

This bug's actually in libwebp. Unfortunately we're still embedding 
it in chromium, so we likely need to fix both chromium *and* libwebp 
in debian. There hasn't been a libwebp release yet, but the two 
relevant git commits are


and what appears to be a followup fix to that,



On Tue, Sep 12 2023 at 09:12:40 AM -06:00:00, Jeffrey Cliff 
 wrote:

Package: chromium
Version: 116.0.5845.180-1
Severity: grave
Tags: security
Justification: user security hole
X-Debbugs-Cc: Debian Security Team >


Dear Maintainer,

116.0.5845.187 fixes a critical remote vulnerability in chrome

[$NA][1479274] Critical CVE-2023-4863: Heap buffer overflow in WebP.
Reported by Apple Security Engineering and Architecture (SEAR) and 
The Citizen

Lab at The University of Torontoʼs Munk School on 2023-09-06



Might want to look into this at least

(attempt 3, my reportbug broke sorry)

Jeff Cliff

-- System Information:
Debian Release: trixie/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'stable-debug'), (500,
'oldstable-debug')
Architecture: amd64 (x86_64)

Kernel: Linux 6.5.0-gnulibre (SMP w/2 CPU threads; PREEMPT)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8),
LANGUAGE=en_CA:en
Shell: /bin/sh linked to /usr/bin/dash
Init: sysvinit (via /sbin/init)
LSM: AppArmor: enabled


Versions of packages chromium depends on:
pn  chromium-common
ii  libasound2 1.2.9-2
ii  libatk-bridge2.0-0 2.49.91-2
ii  libatk1.0-02.49.91-2
ii  libatomic1 13.2.0-3
ii  libatspi2.0-0  2.49.91-2
ii  libbrotli1 1.0.9-2+b6
ii  libc6  2.37-7
ii  libcairo2  1.17.8-3
ii  libcups2   2.4.2-5
ii  libdbus-1-31.14.10-1devuan1
ii  libdouble-conversion3  3.3.0-1
ii  libdrm22.4.115-1
ii  libevent-2.1-7 2.1.12-stable-8
ii  libexpat1  2.5.0-2
ii  libflac12  1.4.3+ds-2
ii  libfontconfig1 2.14.2-5
ii  libfreetype6   2.13.2+dfsg-1
ii  libgbm123.1.7-1
ii  libgcc-s1  13.2.0-3
ii  libglib2.0-0   2.77.3-1
ii  libgtk-3-0 3.24.38-4
ii  libjpeg62-turbo1:2.1.5-2
ii  libjsoncpp25   1.9.5-6
ii  liblcms2-2 2.14-2
ii  libminizip11:1.2.13.dfsg-3
ii  libnspr4   2:4.35-1.1
ii  libnss32:3.92-1
pn  libopenh264-7  
ii  libopenjp2-7   2.5.0-2
ii  libopus0   1.4-1
ii  libpango-1.0-0 1.51.0+ds-2
ii  libpng16-161.6.40-1
ii  libpulse0  16.1+dfsg1-2+b1
ii  libsnappy1v5   1.1.10-1
ii  libstdc++6 13.2.0-3
ii  libwebp7   1.2.4-0.2
ii  libwebpdemux2  1.2.4-0.2
ii  libwebpmux31.2.4-0.2
ii  libwoff1   1.0.2-2
ii  libx11-6   2:1.8.6-1
ii  libxcb11.15-1
ii  libxcomposite1 1:0.4.5-1
ii  libxdamage11:1.1.6-1
ii  libxext6   2:1.3.4-1+b1
ii  libxfixes3 1:6.0.0-2
ii  libxkbcommon0  1.5.0-1
ii  libxml22.9.14+dfsg-1.3
ii  libxnvctrl0525.125.06-1
ii  libxrandr2 2:1.5.2-2+b1
ii  libxslt1.1 1.1.35-1
ii  zlib1g 1:1.2.13.dfsg-3

Versions of packages chromium recommends:
pn  chromium-sandbox  

Versions of packages chromium suggests:
pn  chromium-driver  
pn  chromium-l10n
pn  chromium-shell

Bug#1037894: webkit2gtk: ftbfs with GCC-13

2023-09-12 Thread Alberto Garcia

On Tue, Sep 12, 2023 at 10:28:06AM +0200, Manuel A. Fernandez Montecelo wrote:
> > FYI I have successfully built webkit2gtk 2.40.3-2 in a sid chroot with
> > with gcc-13 13.1.0-7 from experimental.
> 
> Also it built fine with gcc-13 in riscv64, which was rebootstrapped
> in the last weeks and with gcc-13 as the default compiler since the
> start.
> 
> Build for the new archive:
> 
>   2.40.5-1 (sid)  Maybe-Successful  2023-08-28 19:38:30
>   rv-osuosl-03  2d 10h 31m  23.91 GB
> 
>   https://buildd.debian.org/status/logs.php?pkg=webkit2gtk=riscv64
> 
> So I think that this can be closed.

Matthias, what do you say, can we close this?

Berto

Bug#1037905: marked as done (yade: ftbfs with GCC-13)

2023-09-12 Thread Debian Bug Tracking System

Your message dated Tue, 12 Sep 2023 15:55:23 +
with message-id 
and subject line Bug#1037905: fixed in yade 2023.02a-3
has caused the Debian Bug report #1037905,
regarding yade: ftbfs with GCC-13
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1037905: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1037905
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: src:yade
Version: 2023.02a-1
Severity: normal
Tags: sid trixie
User: debian-...@lists.debian.org
Usertags: ftbfs-gcc-13

[This bug is targeted to the upcoming trixie release]

Please keep this issue open in the bug tracker for the package it
was filed for.  If a fix in another package is required, please
file a bug for the other package (or clone), and add a block in this
package. Please keep the issue open until the package can be built in
a follow-up test rebuild.

The package fails to build in a test rebuild on at least amd64 with
gcc-13/g++-13, but succeeds to build with gcc-12/g++-12. The
severity of this report will be raised before the trixie release.

The full build log can be found at:
http://qa-logs.debian.net/2023/05/22/logs/yade_2023.02a-1_unstable_gccexp.log
The last lines of the build log are at the end of this report.

To build with GCC 13, either set CC=gcc-13 CXX=g++-13 explicitly,
or install the gcc, g++, gfortran, ... packages from experimental.

  apt-get -t=experimental install g++ 

Common build failures are new warnings resulting in build failures with
-Werror turned on, or new/dropped symbols in Debian symbols files.
For other C/C++ related build failures see the porting guide at
http://gcc.gnu.org/gcc-13/porting_to.html

[...]
cpu cores   : 4
apicid  : 7
initial apicid  : 7
fpu : yes
fpu_exception   : yes
cpuid level : 13
wp  : yes
flags   : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov 
pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm 
constant_tsc rep_good nopl xtopology nonstop_tsc cpuid tsc_known_freq pni 
pclmulqdq ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt 
tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm 
3dnowprefetch invpcid_single pti fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms 
invpcid mpx avx512f avx512dq rdseed adx smap clflushopt clwb avx512cd avx512bw 
avx512vl xsaveopt xsavec xgetbv1 xsaves ida arat pku ospke
bugs: cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds 
swapgs itlb_multihit mmio_stale_data retbleed
bogomips: 5000.01
clflush size: 64
cache_alignment : 64
address sizes   : 46 bits physical, 48 bits virtual
power management:

make[1]: Leaving directory '/<>'
   debian/rules override_dh_auto_build
make[1]: Entering directory '/<>'
dh_auto_build -B/<>/debian/build-double
cd debian/build-double && make -j1 "INSTALL=install 
--strip-program=true" VERBOSE=1
make[2]: Entering directory '/<>/debian/build-double'
/usr/bin/cmake -S/<> -B/<>/debian/build-double 
--check-build-system CMakeFiles/Makefile.cmake 0
/usr/bin/cmake -E cmake_progress_start 
/<>/debian/build-double/CMakeFiles 
/<>/debian/build-double//CMakeFiles/progress.marks
make  -f CMakeFiles/Makefile2 all
make[3]: Entering directory '/<>/debian/build-double'
make  -f CMakeFiles/post_vtk.dir/build.make CMakeFiles/post_vtk.dir/depend
make[4]: Entering directory '/<>/debian/build-double'
cd /<>/debian/build-double && /usr/bin/cmake -E cmake_depends 
"Unix Makefiles" /<> /<> 
/<>/debian/build-double /<>/debian/build-double 
/<>/debian/build-double/CMakeFiles/post_vtk.dir/DependInfo.cmake 
--color=
make[4]: Leaving directory '/<>/debian/build-double'
make  -f CMakeFiles/post_vtk.dir/build.make CMakeFiles/post_vtk.dir/build
make[4]: Entering directory '/<>/debian/build-double'
[  0%] Building CXX object 
CMakeFiles/post_vtk.dir/postprocessing/vtk/VTKRecorder.cpp.o
/usr/bin/c++ -DBOOST_LOG_DYN_LINK -DFREEGLUT_VERSION_MAJOR=3 -DMAX_LOG_LEVEL=5 
-DQT_NO_KEYWORDS -DSUITESPARSE_VERSION_4 -DYADE_BOOST_LOG -DYADE_COMPLEX_MP 
-DYADE_FEM -DYADE_LS_DEM -DYADE_ODEINT -DYADE_POTENTIAL_PARTICLES 
-DYADE_REAL_BIT=64 -DYADE_REAL_DEC=15 -Dkiss_fft_scalar=double 
-Dpost_vtk_EXPORTS -I/<> -I/usr/include/python3.11 
-I/usr/lib/python3/dist-packages/numpy/core/include -I/usr/include/eigen3 
-I/usr/include/glib-2.0 -I/usr/lib/x86_64-linux-gnu/glib-2.0/include 
-I/usr/include/x86_64-linux-gnu/qt5 -I/usr/include/x86_64-linux-gnu/qt5/QtCore 
-I/usr/lib/x86_64-linux-gnu/qt5/mkspecs/linux-g++ 
-I/usr/include/x86_64-linux-gnu/qt5/QtWidgets 
-I/usr/include/x86_64-linux-gnu/qt5/QtGui

Bug#1051543: grub2: Fails to load normal.mod from a XFS v5 parition.

2023-09-12 Thread Sebastian Andrzej Siewior

On 2023-09-12 15:43:34 [+0200], Daniel Kiper wrote:
> Hey,
Hi,

> Adding Lidong...
> 
> Sebastian, Lidong is working on a fix for this issue.

ach great.

> Lidong, please keep Sebastain in the loop.
> 
> Daniel
Sebastian

Bug#1051787: Subject: CVE-2023-4863: Heap buffer overflow in WebP

2023-09-12 Thread Andres Salomon


clone 1051787 -1
reassign -1 libwebp
thanks

This bug's actually in libwebp. Unfortunately we're still embedding it 
in chromium, so we likely need to fix both chromium *and* libwebp in 
debian. There hasn't been a libwebp release yet, but the two relevant 
git commits are


and what appears to be a followup fix to that,



On Tue, Sep 12 2023 at 09:12:40 AM -06:00:00, Jeffrey Cliff 
 wrote:

Package: chromium
Version: 116.0.5845.180-1
Severity: grave
Tags: security
Justification: user security hole
X-Debbugs-Cc: Debian Security Team >


Dear Maintainer,

116.0.5845.187 fixes a critical remote vulnerability in chrome

[$NA][1479274] Critical CVE-2023-4863: Heap buffer overflow in WebP.
Reported by Apple Security Engineering and Architecture (SEAR) and 
The Citizen

Lab at The University of Torontoʼs Munk School on 2023-09-06



Might want to look into this at least

(attempt 3, my reportbug broke sorry)

Jeff Cliff

-- System Information:
Debian Release: trixie/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'stable-debug'), (500,
'oldstable-debug')
Architecture: amd64 (x86_64)

Kernel: Linux 6.5.0-gnulibre (SMP w/2 CPU threads; PREEMPT)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8),
LANGUAGE=en_CA:en
Shell: /bin/sh linked to /usr/bin/dash
Init: sysvinit (via /sbin/init)
LSM: AppArmor: enabled


Versions of packages chromium depends on:
pn  chromium-common
ii  libasound2 1.2.9-2
ii  libatk-bridge2.0-0 2.49.91-2
ii  libatk1.0-02.49.91-2
ii  libatomic1 13.2.0-3
ii  libatspi2.0-0  2.49.91-2
ii  libbrotli1 1.0.9-2+b6
ii  libc6  2.37-7
ii  libcairo2  1.17.8-3
ii  libcups2   2.4.2-5
ii  libdbus-1-31.14.10-1devuan1
ii  libdouble-conversion3  3.3.0-1
ii  libdrm22.4.115-1
ii  libevent-2.1-7 2.1.12-stable-8
ii  libexpat1  2.5.0-2
ii  libflac12  1.4.3+ds-2
ii  libfontconfig1 2.14.2-5
ii  libfreetype6   2.13.2+dfsg-1
ii  libgbm123.1.7-1
ii  libgcc-s1  13.2.0-3
ii  libglib2.0-0   2.77.3-1
ii  libgtk-3-0 3.24.38-4
ii  libjpeg62-turbo1:2.1.5-2
ii  libjsoncpp25   1.9.5-6
ii  liblcms2-2 2.14-2
ii  libminizip11:1.2.13.dfsg-3
ii  libnspr4   2:4.35-1.1
ii  libnss32:3.92-1
pn  libopenh264-7  
ii  libopenjp2-7   2.5.0-2
ii  libopus0   1.4-1
ii  libpango-1.0-0 1.51.0+ds-2
ii  libpng16-161.6.40-1
ii  libpulse0  16.1+dfsg1-2+b1
ii  libsnappy1v5   1.1.10-1
ii  libstdc++6 13.2.0-3
ii  libwebp7   1.2.4-0.2
ii  libwebpdemux2  1.2.4-0.2
ii  libwebpmux31.2.4-0.2
ii  libwoff1   1.0.2-2
ii  libx11-6   2:1.8.6-1
ii  libxcb11.15-1
ii  libxcomposite1 1:0.4.5-1
ii  libxdamage11:1.1.6-1
ii  libxext6   2:1.3.4-1+b1
ii  libxfixes3 1:6.0.0-2
ii  libxkbcommon0  1.5.0-1
ii  libxml22.9.14+dfsg-1.3
ii  libxnvctrl0525.125.06-1
ii  libxrandr2 2:1.5.2-2+b1
ii  libxslt1.1 1.1.35-1
ii  zlib1g 1:1.2.13.dfsg-3

Versions of packages chromium recommends:
pn  chromium-sandbox  

Versions of packages chromium suggests:
pn  chromium-driver  
pn  chromium-l10n
pn  chromium-shell

Processed (with 2 errors): Re: Bug#1051787: Subject: CVE-2023-4863: Heap buffer overflow in WebP

2023-09-12 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> clone 1051787 -1
Bug #1051787 [chromium] Subject: CVE-2023-4863: Heap buffer overflow in WebP
Bug #1051786 [chromium] CVE-2023-4863: Heap buffer overflow in WebP
Failed to clone 1051787: Bug is marked as being merged with others. Use an 
existing clone.

> reassign -1 libwebp
Failed to clear fixed versions and reopen on -1: The 'bug' parameter ("-1") to 
Debbugs::Control::set_package did not pass regex check
.

> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: duplicate

2023-09-12 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> merge 1051786 1051787
Bug #1051786 [chromium] CVE-2023-4863: Heap buffer overflow in WebP
Bug #1051787 [chromium] Subject: CVE-2023-4863: Heap buffer overflow in WebP
Merged 1051786 1051787
>
End of message, stopping processing here.

Please contact me if you need assistance.
-- 
1051786: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051786
1051787: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051787
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1051787: Subject: CVE-2023-4863: Heap buffer overflow in WebP

2023-09-12 Thread Jeffrey Cliff

Package: chromium
Version: 116.0.5845.180-1
Severity: grave
Tags: security
Justification: user security hole
X-Debbugs-Cc: Debian Security Team 

Dear Maintainer,

116.0.5845.187 fixes a critical remote vulnerability in chrome

[$NA][1479274] Critical CVE-2023-4863: Heap buffer overflow in WebP.
Reported by Apple Security Engineering and Architecture (SEAR) and The Citizen
Lab at The University of Torontoʼs Munk School on 2023-09-06

https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html

Might want to look into this at least

(attempt 3, my reportbug broke sorry)

Jeff Cliff

-- System Information:
Debian Release: trixie/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'stable-debug'), (500,
'oldstable-debug')
Architecture: amd64 (x86_64)

Kernel: Linux 6.5.0-gnulibre (SMP w/2 CPU threads; PREEMPT)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8),
LANGUAGE=en_CA:en
Shell: /bin/sh linked to /usr/bin/dash
Init: sysvinit (via /sbin/init)
LSM: AppArmor: enabled


Versions of packages chromium depends on:
pn  chromium-common
ii  libasound2 1.2.9-2
ii  libatk-bridge2.0-0 2.49.91-2
ii  libatk1.0-02.49.91-2
ii  libatomic1 13.2.0-3
ii  libatspi2.0-0  2.49.91-2
ii  libbrotli1 1.0.9-2+b6
ii  libc6  2.37-7
ii  libcairo2  1.17.8-3
ii  libcups2   2.4.2-5
ii  libdbus-1-31.14.10-1devuan1
ii  libdouble-conversion3  3.3.0-1
ii  libdrm22.4.115-1
ii  libevent-2.1-7 2.1.12-stable-8
ii  libexpat1  2.5.0-2
ii  libflac12  1.4.3+ds-2
ii  libfontconfig1 2.14.2-5
ii  libfreetype6   2.13.2+dfsg-1
ii  libgbm123.1.7-1
ii  libgcc-s1  13.2.0-3
ii  libglib2.0-0   2.77.3-1
ii  libgtk-3-0 3.24.38-4
ii  libjpeg62-turbo1:2.1.5-2
ii  libjsoncpp25   1.9.5-6
ii  liblcms2-2 2.14-2
ii  libminizip11:1.2.13.dfsg-3
ii  libnspr4   2:4.35-1.1
ii  libnss32:3.92-1
pn  libopenh264-7  
ii  libopenjp2-7   2.5.0-2
ii  libopus0   1.4-1
ii  libpango-1.0-0 1.51.0+ds-2
ii  libpng16-161.6.40-1
ii  libpulse0  16.1+dfsg1-2+b1
ii  libsnappy1v5   1.1.10-1
ii  libstdc++6 13.2.0-3
ii  libwebp7   1.2.4-0.2
ii  libwebpdemux2  1.2.4-0.2
ii  libwebpmux31.2.4-0.2
ii  libwoff1   1.0.2-2
ii  libx11-6   2:1.8.6-1
ii  libxcb11.15-1
ii  libxcomposite1 1:0.4.5-1
ii  libxdamage11:1.1.6-1
ii  libxext6   2:1.3.4-1+b1
ii  libxfixes3 1:6.0.0-2
ii  libxkbcommon0  1.5.0-1
ii  libxml22.9.14+dfsg-1.3
ii  libxnvctrl0525.125.06-1
ii  libxrandr2 2:1.5.2-2+b1
ii  libxslt1.1 1.1.35-1
ii  zlib1g 1:1.2.13.dfsg-3

Versions of packages chromium recommends:
pn  chromium-sandbox  

Versions of packages chromium suggests:
pn  chromium-driver  
pn  chromium-l10n
pn  chromium-shell

Bug#1051786: CVE-2023-4863: Heap buffer overflow in WebP

2023-09-12 Thread Jeffrey Cliff

Subject: CVE-2023-4863: Heap buffer overflow in WebP
Package: chromium
Version: 116.0.5845.180-1
Severity: grave
Tags: security
Justification: user security hole
X-Debbugs-Cc: Debian Security Team 



On Tue, Sep 12, 2023 at 9:07 AM Jeffrey Cliff  wrote:
>
> Dear Maintainer,
>
> 116.0.5845.187 fixes a critical remote vulnerability in chrome
>
> [$NA][1479274] Critical CVE-2023-4863: Heap buffer overflow in WebP.
> Reported by Apple Security Engineering and Architecture (SEAR) and The Citizen
> Lab at The University of Torontoʼs Munk School on 2023-09-06
>
> https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html
>
> Might want to look into this at least
>
> Jeff Cliff
>
>
> -- System Information:
> Debian Release: trixie/sid
>   APT prefers unstable-debug
>   APT policy: (500, 'unstable-debug'), (500, 'stable-debug'), (500,
> 'oldstable-debug')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 6.5.0-gnulibre (SMP w/2 CPU threads; PREEMPT)
> Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8),
> LANGUAGE=en_CA:en
> Shell: /bin/sh linked to /usr/bin/dash
> Init: sysvinit (via /sbin/init)
> LSM: AppArmor: enabled
>
>
> Versions of packages chromium depends on:
> pn  chromium-common
> ii  libasound2 1.2.9-2
> ii  libatk-bridge2.0-0 2.49.91-2
> ii  libatk1.0-02.49.91-2
> ii  libatomic1 13.2.0-3
> ii  libatspi2.0-0  2.49.91-2
> ii  libbrotli1 1.0.9-2+b6
> ii  libc6  2.37-7
> ii  libcairo2  1.17.8-3
> ii  libcups2   2.4.2-5
> ii  libdbus-1-31.14.10-1devuan1
> ii  libdouble-conversion3  3.3.0-1
> ii  libdrm22.4.115-1
> ii  libevent-2.1-7 2.1.12-stable-8
> ii  libexpat1  2.5.0-2
> ii  libflac12  1.4.3+ds-2
> ii  libfontconfig1 2.14.2-5
> ii  libfreetype6   2.13.2+dfsg-1
> ii  libgbm123.1.7-1
> ii  libgcc-s1  13.2.0-3
> ii  libglib2.0-0   2.77.3-1
> ii  libgtk-3-0 3.24.38-4
> ii  libjpeg62-turbo1:2.1.5-2
> ii  libjsoncpp25   1.9.5-6
> ii  liblcms2-2 2.14-2
> ii  libminizip11:1.2.13.dfsg-3
> ii  libnspr4   2:4.35-1.1
> ii  libnss32:3.92-1
> pn  libopenh264-7  
> ii  libopenjp2-7   2.5.0-2
> ii  libopus0   1.4-1
> ii  libpango-1.0-0 1.51.0+ds-2
> ii  libpng16-161.6.40-1
> ii  libpulse0  16.1+dfsg1-2+b1
> ii  libsnappy1v5   1.1.10-1
> ii  libstdc++6 13.2.0-3
> ii  libwebp7   1.2.4-0.2
> ii  libwebpdemux2  1.2.4-0.2
> ii  libwebpmux31.2.4-0.2
> ii  libwoff1   1.0.2-2
> ii  libx11-6   2:1.8.6-1
> ii  libxcb11.15-1
> ii  libxcomposite1 1:0.4.5-1
> ii  libxdamage11:1.1.6-1
> ii  libxext6   2:1.3.4-1+b1
> ii  libxfixes3 1:6.0.0-2
> ii  libxkbcommon0  1.5.0-1
> ii  libxml22.9.14+dfsg-1.3
> ii  libxnvctrl0525.125.06-1
> ii  libxrandr2 2:1.5.2-2+b1
> ii  libxslt1.1 1.1.35-1
> ii  zlib1g 1:1.2.13.dfsg-3
>
> Versions of packages chromium recommends:
> pn  chromium-sandbox  
>
> Versions of packages chromium suggests:
> pn  chromium-driver  
> pn  chromium-l10n
> pn  chromium-shell   



-- 

End the campaign to Cancel Richard Stallman - go to stallmansupport.org !

Bug#1051543: grub2: Fails to load normal.mod from a XFS v5 parition.

2023-09-12 Thread Daniel Kiper

Hey,

Adding Lidong...

Sebastian, Lidong is working on a fix for this issue.

Lidong, please keep Sebastain in the loop.

Daniel

On Sat, Sep 09, 2023 at 03:41:55PM +0200, Sebastian Andrzej Siewior wrote:
> Package: grub2
> Version: 2.12~rc1-9
> Severity: Serious
> control: forwarded -1 https://savannah.gnu.org/bugs/?64376
>
> I have a single XFS partition which contains the root filesystem and the
> boot partition. Since the recent upgrade to the 2.12 series I can't boot
> anymore because grub complains that it can't find normal.mod and remains in
> the rescue shell.
> The ls command kind of works. A ls in /boot/grub/i386-pc/ (where the
> normal.mod should be) shows a few files and then abort with the error
> message: 'error: invalid XFS directory entry'.
>
> I figured out that if I remove that directory and create a new one only
> with normal.mod then it was able to find it and complained about onother file.
> I then repeated the game until I had more files… The invocation of 
> grub-install
> copied all files and broke it again.
>
> I then looked at various places and stumbled uppon
> https://savannah.gnu.org/bugs/?64376 and this indeed matches what I see.
> I rebuilt the grub2 package with commit ef7850c757fb3 ("fs/xfs: Fix
> issues found while fuzzing the XFS filesystem") reverted, installed from
> a rescue system and voila it boots again.
>
> My xfs filesystem is a normal v5 as in:
> | # xfs_info /dev/sdb1
> | meta-data=/dev/sdb1  isize=512agcount=4, agsize=655360 blks
> |  =   sectsz=512   attr=2, projid32bit=1
> |  =   crc=1finobt=1, sparse=1, rmapbt=1
> |  =   reflink=1bigtime=0 inobtcount=0 
> nrext64=0
> | data =   bsize=4096   blocks=2621440, imaxpct=25
> |  =   sunit=0  swidth=0 blks
> | naming   =version 2  bsize=4096   ascii-ci=0, ftype=1
> | log  =internal log   bsize=4096   blocks=3693, version=2
> |  =   sectsz=512   sunit=0 blks, lazy-count=1
> | realtime =none   extsz=4096   blocks=0, rtextents=0
>
> Sebastian

Bug#1040889: marked as done (giac FTBFS on !amd64: FAIL chk_fhan0)

2023-09-12 Thread Debian Bug Tracking System

Your message dated Tue, 12 Sep 2023 13:49:28 +
with message-id 
and subject line Bug#1040889: fixed in giac 1.9.0.57+dfsg2-3
has caused the Debian Bug report #1040889,
regarding giac FTBFS on !amd64: FAIL chk_fhan0
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1040889: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040889
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: giac
Version: 1.9.0.57+dfsg2-1
Severity: serious
Tags: ftbfs

https://buildd.debian.org/status/logs.php?pkg=giac=1.9.0.57%2Bdfsg2-1

...
33c33
< 
4.0*(x+0.49788349552099382283094073616854227304830384829676320412646603489)*(x+0.80901699437494742410229341718281905886015458990288143106772431135263023140945+0.58778525229247312916870595463907276859765243764314599107227248075727847416235*I)*(x+0.80901699437494742410229341718281905886015458990288143106772431135263023140945-0.58778525229247312916870595463907276859765243764314599107227248075727847416235*I)*(x-0.30901699437494742410229341718281905886015458990288143106772431135263023140945+0.9510565162951535721164397938214340569863412575022244730564443015317008520*I)*(x-0.30901699437494742410229341718281905886015458990288143106772431135263023140945-0.9510565162951535721164397938214340569863412575022244730564443015317008520*I)*(x+0.50423652873866744096133134925237086727128317399273251261816211367+0.31757869575771877431763872202300318623834849619459415460408363224777378859822e-15*I),
---
> 4.0*(x+0.49788328925430029686609811928022330782155585549767058946497075172)*(x+0.80901699437494742410229341718281905886015458990288143106772431135263023140945+0.58778525229247312916870595463907276859765243764314599107227248075727847416235*I)*(x+0.80901699437494742410229341718281905886015458990288143106772431135263023140945-0.58778525229247312916870595463907276859765243764314599107227248075727847416235*I)*(x-0.30901699437494742410229341718281905886015458990288143106772431135263023140945+0.9510565162951535721164397938214340569863412575022244730564443015317008520*I)*(x-0.30901699437494742410229341718281905886015458990288143106772431135263023140945-0.9510565162951535721164397938214340569863412575022244730564443015317008520*I)*(x+0.50423695020762139072415632649460476103935691753889574803974870605+0.31797400722558614463582272906881192689588258358870001378007305967449842289426e-15*I),
36c36
< 
4.0*(x+0.49788349552099382283094073616854227304830384829676320412646603489)*(x+0.50423652873866744096133134925237086727128317399273251261816211367+0.31757869575771877431763872202300318623834849619459415460408363224777378859822e-15*I)*(x^2-0.61803398874989484820458683436563811772030917980576286213544862270526046281890*x+1.)*(x^2+1.6180339887498948482045868343656381177203091798057628621354486227052604628189*x+1.),
---
> 4.0*(x+0.49788328925430029686609811928022330782155585549767058946497075172)*(x+0.50423695020762139072415632649460476103935691753889574803974870605+0.31797400722558614463582272906881192689588258358870001378007305967449842289426e-15*I)*(x^2-0.61803398874989484820458683436563811772030917980576286213544862270526046281890*x+1.)*(x^2+1.6180339887498948482045868343656381177203091798057628621354486227052604628189*x+1.),
5,7c5,7
< 2.8438669798515,
< 2.8438669798515,
< 2.8438669798515,
---
> 2.8438669798516,
> 2.8438669798516,
> 2.843866979851565477695440,
32,33c32,33
< 
4.4*(x+0.4995802767719425726646262389673108)*(x+0.5004197233049305707985262184456402)*(x+0.80901699437494469055404981865454965242+0.58778525229247103432520509730405154890*I)*(x+0.80901699437494469055404981865454965242-0.58778525229247103432520509730405154890*I)*(x-0.30901699437494853421122297627742029997+0.95105651629515245315101034450709359529*I)*(x-0.30901699437494853421122297627742029997-0.95105651629515245315101034450709359529*I),
<

Bug#1051111: marked as done (notmuch: FTBFS: 6 tests failed.)

2023-09-12 Thread Debian Bug Tracking System

Your message dated Tue, 12 Sep 2023 12:22:19 +
with message-id 
and subject line Bug#105: fixed in notmuch 0.38-1
has caused the Debian Bug report #105,
regarding notmuch: FTBFS: 6 tests failed.
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
105: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=105
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: notmuch
Version: 0.37-1
Severity: serious
Tags: ftbfs
Justification: fails to build from source (but built successfully in the past)

Dear maintainer,

notmuch fails to build from source due to testsuite issues. From my
build log on amd64:
| 
|   make -j12 test "TESTSUITEFLAGS=-j12 --verbose" VERBOSE=1
| make[1]: Entering directory '/<>'
| Use "make V=1" to see the verbose compile lines.
| CC -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2 
-ffile-prefix-map=/<>=. -fstack-protector-strong 
-fstack-clash-protection -Wformat -Werror=format-security -fcf-protection 
test/arg-test.o
| CC -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2 
-ffile-prefix-map=/<>=. -fstack-protector-strong 
-fstack-clash-protection -Wformat -Werror=format-security -fcf-protection 
test/hex-xcode.o
| CC -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2 
-ffile-prefix-map=/<>=. -fstack-protector-strong 
-fstack-clash-protection -Wformat -Werror=format-security -fcf-protection 
test/random-corpus.o
| CC -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2 
-ffile-prefix-map=/<>=. -fstack-protector-strong 
-fstack-clash-protection -Wformat -Werror=format-security -fcf-protection 
test/database-test.o
| CC -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2 
-ffile-prefix-map=/<>=. -fstack-protector-strong 
-fstack-clash-protection -Wformat -Werror=format-security -fcf-protection 
test/parse-time.o
| CC -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2 
-ffile-prefix-map=/<>=. -fstack-protector-strong 
-fstack-clash-protection -Wformat -Werror=format-security -fcf-protection 
test/smtp-dummy.o
| CXX -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2 
-ffile-prefix-map=/<>=. -fstack-protector-strong 
-fstack-clash-protection -Wformat -Werror=format-security -fcf-protection 
test/symbol-test.o
| CXX -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2 
-ffile-prefix-map=/<>=. -fstack-protector-strong 
-fstack-clash-protection -Wformat -Werror=format-security -fcf-protection 
test/make-db-version.o
| CXX -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2 
-ffile-prefix-map=/<>=. -fstack-protector-strong 
-fstack-clash-protection -Wformat -Werror=format-security -fcf-protection 
test/ghost-report.o
| CC -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2 
-ffile-prefix-map=/<>=. -fstack-protector-strong 
-fstack-clash-protection -Wformat -Werror=format-security -fcf-protection 
test/message-id-parse.o
| CC test/arg-test
| CC test/parse-time
| CC test/smtp-dummy
| CC test/hex-xcode
| CC test/message-id-parse
| CXX test/random-corpus
| CXX test/symbol-test
| CXX test/make-db-version
| CXX test/ghost-report
| Use "make V=1" to see the details for passing and known broken tests.
| INFO: using 2m timeout for tests
| 
| T030-config: Testing "notmuch config"
|  BROKEN Round trip config item with leading spaces
|  BROKEN Round trip config item with leading tab
| 
| T040-setup: Testing "notmuch setup"
|  FAIL   Create a new config interactively
|   --- T040-setup.2.config-with-comments   2023-09-01 08:05:51.105192140 
+
|   +++ T040-setup.2.new-notmuch-config 2023-09-01 08:05:51.105192140 
+
|   @@ -1,7 +1,3 @@
|   -# .notmuch-config - Configuration file for the notmuch mail system
|   -#
|   -# For more information about notmuch, see https://notmuchmail.org
|   -
|# Database configuration
|#
|# The only value supported here is 'path' which should be the top-level
|   @@ -12,7 +8,6 @@
|#
|[database]
|path=/path/to/maildir
|   -
|# User configuration
|#
|# Here is where you can let notmuch know how you would like to be
|   @@ -32,7 +27,6 @@
|name=Test Suite
|primary_email=test.su...@example.com
|other_email=another.su...@example.com
|   -
|# Configuration for "notmuch new"
|#
|# The following options are supported here:
|   @@ -49,7 +43,6 @@
|#
|[new]
|tags=foo;bar;
|   -
|# Search configuration
|#
|# The following option is supported here:
|   @@ -61,7 +54,6 @@
|#
|[search]
|exclude_tags=baz
|   -
|# Maildir compatibility configuration
|#
|# The following option is supported here:
| 
|

Bug#1051592: Regression: Commit "netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID" breaks ruleset loading in linux-stable

2023-09-12 Thread Pablo Neira Ayuso

On Tue, Sep 12, 2023 at 01:39:59PM +0200, Timo Sigurdsson wrote:
> Hi Pablo,
> 
> Pablo Neira Ayuso schrieb am 12.09.2023 00:57 (GMT +02:00):
> 
> > Hi Timo,
> > 
> > On Mon, Sep 11, 2023 at 11:37:50PM +0200, Timo Sigurdsson wrote:
> >> Hi,
> >> 
> >> recently, Debian updated their stable kernel from 6.1.38 to 6.1.52
> >> which broke nftables ruleset loading on one of my machines with lots
> >> of "Operation not supported" errors. I've reported this to the
> >> Debian project (see link below) and Salvatore Bonaccorso and I
> >> identified "netfilter: nf_tables: disallow rule addition to bound
> >> chain via NFTA_RULE_CHAIN_ID" (0ebc1064e487) as the offending commit
> >> that introduced the regression. Salvatore also found that this issue
> >> affects the 5.10 stable tree as well (observed in 5.10.191), but he
> >> cannot reproduce it on 6.4.13 and 6.5.2.
> >> 
> >> The issue only occurs with some rulesets. While I can't trigger it
> >> with simple/minimal rulesets that I use on some machines, it does
> >> occur with a more complex ruleset that has been in use for months
> >> (if not years, for large parts of it). I'm attaching a somewhat
> >> stripped down version of the ruleset from the machine I originally
> >> observed this issue on. It's still not a small or simple ruleset,
> >> but I'll try to reduce it further when I have more time.
> >> 
> >> The error messages shown when trying to load the ruleset don't seem
> >> to be helpful. Just two simple examples: Just to give two simple
> >> examples from the log when nftables fails to start:
> >> /etc/nftables.conf:99:4-44: Error: Could not process rule: Operation not
> >> supported
> >> tcp option maxseg size 1-500 counter drop
> >> ^
> >> /etc/nftables.conf:308:4-27: Error: Could not process rule: Operation not
> >> supported
> >> tcp dport sip-tls accept
> >> 
> > 
> > I can reproduce this issue with 5.10.191 and 6.1.52 and nftables v1.0.6,
> > this is not reproducible with v1.0.7 and v1.0.8.
> > 
> >> Since the issue only affects some stable trees, Salvatore thought it
> >> might be an incomplete backport that causes this.
> >> 
> >> If you need further information, please let me know.
> > 
> > Userspace nftables v1.0.6 generates incorrect bytecode that hits a new
> > kernel check that rejects adding rules to bound chains. The incorrect
> > bytecode adds the chain binding, attach it to the rule and it adds the
> > rules to the chain binding. I have cherry-picked these three patches
> > for nftables v1.0.6 userspace and your ruleset restores fine.
> 
> hmm, that doesn't explain why Salvatore didn't observe this with
> more recent kernels.
>
> Salvatore, did you use newer userspace components when you tested
> your 6.4.13 and 6.5.2 builds?
> 
> As for the regression and how it be dealt with: Personally, I don't
> really care whether the regression is solved in the kernel or
> userspace. If everybody agrees that this is the best or only viable
> option and Debian decides to push a nftables update to fix this,
> that works for me. But I do feel the burden to justify this should
> be high. A kernel change that leaves users without a working packet
> filter after upgrading their machines is serious, if you ask me. And
> since it affects several stable/longterm trees, I would assume this
> will hit other stable (non-rolling) distributions as well, since
> they will also use older userspace components (unless this is
> behavior specific to nftables 1.0.6 but not older versions). They
> probably should get a heads up then.

There is coverage for the chain binding feature in our tests
infrastructure, but unfortunately the bug did not trigger with newer
nftables versions. In the future, I will keep an eye with running our
tests on older userspace nftables versions when working on stable
trees.

Bug#1051592: Regression: Commit "netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID" breaks ruleset loading in linux-stable

2023-09-12 Thread Florian Westphal

Timo Sigurdsson  wrote:
> > Linux regression tracking (Thorsten Leemhuis) 
> > wrote:
> >> On 12.09.23 00:57, Pablo Neira Ayuso wrote:
> >> > Userspace nftables v1.0.6 generates incorrect bytecode that hits a new
> >> > kernel check that rejects adding rules to bound chains. The incorrect
> >> > bytecode adds the chain binding, attach it to the rule and it adds the
> >> > rules to the chain binding. I have cherry-picked these three patches
> >> > for nftables v1.0.6 userspace and your ruleset restores fine.
> >> > [...]
> >> 
> >> H. Well, this sounds like a kernel regression to me that normally
> >> should be dealt with on the kernel level, as users after updating the
> >> kernel should never have to update any userspace stuff to continue what
> >> they have been doing before the kernel update.
> > 
> > This is a combo of a userspace bug and this new sanity check that
> > rejects the incorrect ordering (adding rules to the already-bound
> > anonymous chain).
> > 
> 
> Out of curiosity, did the incorrect ordering or bytecode from the older 
> userspace components actually lead to a wrong representation of the rules in 
> the kernel or did the rules still work despite all that?

It works, but without the stricter behaviour userspace can trigger
memory corruption in the kernel. nftables userland will not trigger this.

Bug#1051592: Regression: Commit "netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID" breaks ruleset loading in linux-stable

2023-09-12 Thread Timo Sigurdsson

Hi,

Florian Westphal schrieb am 12.09.2023 12:27 (GMT +02:00):

> Linux regression tracking (Thorsten Leemhuis) 
> wrote:
>> On 12.09.23 00:57, Pablo Neira Ayuso wrote:
>> > Userspace nftables v1.0.6 generates incorrect bytecode that hits a new
>> > kernel check that rejects adding rules to bound chains. The incorrect
>> > bytecode adds the chain binding, attach it to the rule and it adds the
>> > rules to the chain binding. I have cherry-picked these three patches
>> > for nftables v1.0.6 userspace and your ruleset restores fine.
>> > [...]
>> 
>> H. Well, this sounds like a kernel regression to me that normally
>> should be dealt with on the kernel level, as users after updating the
>> kernel should never have to update any userspace stuff to continue what
>> they have been doing before the kernel update.
> 
> This is a combo of a userspace bug and this new sanity check that
> rejects the incorrect ordering (adding rules to the already-bound
> anonymous chain).
> 

Out of curiosity, did the incorrect ordering or bytecode from the older 
userspace components actually lead to a wrong representation of the rules in 
the kernel or did the rules still work despite all that?

Thanks,

Timo

Bug#1051592: Regression: Commit "netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID" breaks ruleset loading in linux-stable

2023-09-12 Thread Timo Sigurdsson

Hi Pablo,

Pablo Neira Ayuso schrieb am 12.09.2023 00:57 (GMT +02:00):

> Hi Timo,
> 
> On Mon, Sep 11, 2023 at 11:37:50PM +0200, Timo Sigurdsson wrote:
>> Hi,
>> 
>> recently, Debian updated their stable kernel from 6.1.38 to 6.1.52
>> which broke nftables ruleset loading on one of my machines with lots
>> of "Operation not supported" errors. I've reported this to the
>> Debian project (see link below) and Salvatore Bonaccorso and I
>> identified "netfilter: nf_tables: disallow rule addition to bound
>> chain via NFTA_RULE_CHAIN_ID" (0ebc1064e487) as the offending commit
>> that introduced the regression. Salvatore also found that this issue
>> affects the 5.10 stable tree as well (observed in 5.10.191), but he
>> cannot reproduce it on 6.4.13 and 6.5.2.
>> 
>> The issue only occurs with some rulesets. While I can't trigger it
>> with simple/minimal rulesets that I use on some machines, it does
>> occur with a more complex ruleset that has been in use for months
>> (if not years, for large parts of it). I'm attaching a somewhat
>> stripped down version of the ruleset from the machine I originally
>> observed this issue on. It's still not a small or simple ruleset,
>> but I'll try to reduce it further when I have more time.
>> 
>> The error messages shown when trying to load the ruleset don't seem
>> to be helpful. Just two simple examples: Just to give two simple
>> examples from the log when nftables fails to start:
>> /etc/nftables.conf:99:4-44: Error: Could not process rule: Operation not
>> supported
>> tcp option maxseg size 1-500 counter drop
>> ^
>> /etc/nftables.conf:308:4-27: Error: Could not process rule: Operation not
>> supported
>> tcp dport sip-tls accept
>> 
> 
> I can reproduce this issue with 5.10.191 and 6.1.52 and nftables v1.0.6,
> this is not reproducible with v1.0.7 and v1.0.8.
> 
>> Since the issue only affects some stable trees, Salvatore thought it
>> might be an incomplete backport that causes this.
>> 
>> If you need further information, please let me know.
> 
> Userspace nftables v1.0.6 generates incorrect bytecode that hits a new
> kernel check that rejects adding rules to bound chains. The incorrect
> bytecode adds the chain binding, attach it to the rule and it adds the
> rules to the chain binding. I have cherry-picked these three patches
> for nftables v1.0.6 userspace and your ruleset restores fine.

hmm, that doesn't explain why Salvatore didn't observe this with more recent 
kernels.

Salvatore, did you use newer userspace components when you tested your 6.4.13 
and 6.5.2 builds?

As for the regression and how it be dealt with: Personally, I don't really care 
whether the regression is solved in the kernel or userspace. If everybody 
agrees that this is the best or only viable option and Debian decides to push a 
nftables update to fix this, that works for me. But I do feel the burden to 
justify this should be high. A kernel change that leaves users without a 
working packet filter after upgrading their machines is serious, if you ask me. 
And since it affects several stable/longterm trees, I would assume this will 
hit other stable (non-rolling) distributions as well, since they will also use 
older userspace components (unless this is behavior specific to nftables 1.0.6 
but not older versions). They probably should get a heads up then.


Regards,

Timo

Bug#1051766: lintian-brush: apply-multiarch-hints does not finish

2023-09-12 Thread Andreas Tille

Package: lintian-brush
Version: 0.150
Severity: grave
Justification: renders package unusable

Hi,

after upgrading to lintian-brush 0.150 apply-multiarch-hints just does
not end and I need to kill the actual xterm (even ^C does not back the
prompt).  After killing the xterm it leaves a broken git repository.

I cloned my test repository freshly from salsa and  downgraded to
lintian-brush 0.149.  Then I get:


 $ apply-multiarch-hints 
Traceback (most recent call last):
  File "/usr/bin/apply-multiarch-hints", line 8, in 
sys.exit(main())
 ^^
  File "/usr/lib/python3/dist-packages/lintian_brush/multiarch_hints.py", line 
512, in main
MultiArchHintFixer(hints),
^
TypeError: No constructor defined


No idea whether this gives some hint - but at least neither the git
repository is broken nor I have to interrupt really hard.

Kind regards
   Andreas.

-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (50, 'buildd-unstable'), (1, 
'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.3.0-2-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_WARN
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages lintian-brush depends on:
ii  devscripts   2.23.6
ii  libc62.37-8
ii  libgcc-s113.2.0-3
ii  liblzma5 5.4.4-0.1
ii  libpython3.113.11.5-3
ii  libssl3  3.0.10-1
ii  python3  3.11.4-5+b1
ii  python3-breezy   3.3.4-1
ii  python3-debian   0.1.49
ii  python3-debmutate0.67
ii  python3-distro-info  1.5
ii  python3-dulwich  0.21.6-1
ii  python3-iniparse 0.5-1
ii  python3-iso8601  1.0.2-1
ii  python3-levenshtein  0.12.2-2+b4
ii  python3-psycopg2 2.9.6-3
ii  python3-pyinotify0.9.6-2
ii  python3-ruamel.yaml  0.17.21-1
ii  python3-semver   2.10.2-3
ii  python3-tomlkit  0.12.1-1
ii  python3-tqdm 4.64.1-1
ii  python3-upstream-ontologist  0.1.35-1

Versions of packages lintian-brush recommends:
ii  debhelper  13.11.6
ii  decopy 0.2.4.8-0.1
ii  dos2unix   7.5.1-1
ii  gpg2.2.40-1.1
ii  lintian2.116.3
ii  ognibuild  0.0.18+git20230208.1.9b890a2-1
ii  python3-bs44.12.2-2
ii  python3-debianbts  4.0.1
ii  python3-docutils   0.19+dfsg-7
ii  python3-lxml   4.9.3-1
ii  python3-markdown   3.4.4-1

Versions of packages lintian-brush suggests:
ii  brz-debian 2.8.78
ii  git-buildpackage   0.9.32
ii  gnome-pkg-tools0.22.9
ii  po-debconf 1.0.21+nmu1
ii  postgresql-common  254

-- no debconf information

Bug#1051592: Regression: Commit "netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID" breaks ruleset loading in linux-stable

2023-09-12 Thread Florian Westphal

Linux regression tracking (Thorsten Leemhuis)  wrote:
> On 12.09.23 00:57, Pablo Neira Ayuso wrote:
> > Userspace nftables v1.0.6 generates incorrect bytecode that hits a new
> > kernel check that rejects adding rules to bound chains. The incorrect
> > bytecode adds the chain binding, attach it to the rule and it adds the
> > rules to the chain binding. I have cherry-picked these three patches
> > for nftables v1.0.6 userspace and your ruleset restores fine.
> > [...]
> 
> H. Well, this sounds like a kernel regression to me that normally
> should be dealt with on the kernel level, as users after updating the
> kernel should never have to update any userspace stuff to continue what
> they have been doing before the kernel update.

This is a combo of a userspace bug and this new sanity check that
rejects the incorrect ordering (adding rules to the already-bound
anonymous chain).

nf_tables uses a transaction allor-nothing model, this means that any
error that occurs during a transaction has to be reverse/undo all the
pending changes.  This has caused a myriad of bugs already.

So while this can be theoretically fixed in the kernel I don't see
a sane way to do it.  Error unwinding / recovery from deeply nested
errors is already too complex for my taste.

> Can't the kernel somehow detect the incorrect bytecode and do the right
> thing(tm) somehow?

Theoretically yes, but I don't feel competent enough to do it, just look
at all the UaF bugs of the past month.

Bug#1042318: marked as done (rich: FTBFS: dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p 3.11 returned exit code 13)

2023-09-12 Thread Debian Bug Tracking System

Your message dated Tue, 12 Sep 2023 09:34:23 +
with message-id 
and subject line Bug#1042318: fixed in rich 13.3.1-2
has caused the Debian Bug report #1042318,
regarding rich: FTBFS: dh_auto_test: error: pybuild --test --test-pytest -i 
python{version} -p 3.11 returned exit code 13
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1042318: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1042318
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: rich
Version: 13.3.1-1
Severity: serious
Justification: FTBFS
Tags: trixie sid ftbfs
User: lu...@debian.org
Usertags: ftbfs-20230726 ftbfs-trixie

Hi,

During a rebuild of all packages in sid, your package failed to build
on amd64.


Relevant part (hopefully):
> make[1]: Entering directory '/<>'
> PYBUILD_SYSTEM=custom PYBUILD_TEST_ARGS="PYTHONPATH=/<> 
> {interpreter} -m pytest" dh_auto_test
> I: pybuild base:240: PYTHONPATH=/<> python3.11 -m pytest
> = test session starts 
> ==
> platform linux -- Python 3.11.4, pytest-7.4.0, pluggy-1.2.0
> rootdir: /<>
> configfile: pyproject.toml
> testpaths: tests
> collected 741 items / 1 error
> 
>  ERRORS 
> 
>  ERROR collecting tests/test_pretty.py 
> _
> ImportError while importing test module 
> '/<>/tests/test_pretty.py'.
> Hint: make sure your test modules/packages have valid Python names.
> Traceback:
> /usr/lib/python3.11/importlib/__init__.py:126: in import_module
> return _bootstrap._gcd_import(name[level:], package, level)
> tests/test_pretty.py:10: in 
> import attr
> E   ModuleNotFoundError: No module named 'attr'
> === short test summary info 
> 
> ERROR tests/test_pretty.py
>  Interrupted: 1 error during collection 
> 
> === 1 error in 1.70s 
> ===
> E: pybuild pybuild:388: test: plugin custom failed with: exit code=2: 
> PYTHONPATH=/<> python3.11 -m pytest
> dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p 3.11 
> returned exit code 13


The full build log is available from:
http://qa-logs.debian.net/2023/07/26/rich_13.3.1-1_unstable.log

All bugs filed during this archive rebuild are listed at:
https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=ftbfs-20230726;users=lu...@debian.org
or:
https://udd.debian.org/bugs/?release=na=ign=7=7=only=ftbfs-20230726=lu...@debian.org=1=1=1=1#results

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

If you reassign this bug to another package, please mark it as 'affects'-ing
this package. See https://www.debian.org/Bugs/server-control#affects

If you fail to reproduce this, please provide a build log and diff it with mine
so that we can identify if something relevant changed in the meantime.
--- End Message ---
--- Begin Message ---
Source: rich
Source-Version: 13.3.1-2
Done: Michael R. Crusoe 

We believe that the bug you reported is fixed in the latest version of
rich, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1042...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Michael R. Crusoe  (supplier of updated rich package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 12 Sep 2023 11:16:15 +0200
Source: rich
Architecture: source
Version: 13.3.1-2
Distribution: unstable
Urgency: medium
Maintainer: Sandro Tosi 
Changed-By: Michael R. Crusoe 
Closes: 1038963 1042318
Changes:
 rich (13.3.1-2) unstable; urgency=medium
 .
   * Team upload.
   * d/control: add explicit build-dep on python3-attr to fix FTBFS.
 Closes: #1042318
   * d/control,copyright: update homepage URL. Closes: #1038963
   * Standards-Version: 4.6.2 (routine-update)
   * Reorder sequence of d/control fields by cme (routine-update)
   * Add salsa-ci file (routine-update)
   * Set upstream metadata fields: Security-Contact.
Checksums-Sha1:

Processed: Bug#1042318 marked as pending in rich

2023-09-12 Thread Debian Bug Tracking System

Processing control commands:

> tag -1 pending
Bug #1042318 [src:rich] rich: FTBFS: dh_auto_test: error: pybuild --test 
--test-pytest -i python{version} -p 3.11 returned exit code 13
Added tag(s) pending.

-- 
1042318: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1042318
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1042318: marked as pending in rich

2023-09-12 Thread Michael R. Crusoe

Control: tag -1 pending

Hello,

Bug #1042318 in rich reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/python-team/packages/rich/-/commit/163bc0ac37b2d97fa1a8c824d327a52a1989ef35


d/control: add explicit build-dep on python3-attr to fix FTBFS.

Closes: #1042318


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/1042318

Bug#1037913: marked as done (zytrax: ftbfs with GCC-13)

2023-09-12 Thread Debian Bug Tracking System

Your message dated Tue, 12 Sep 2023 09:22:14 +
with message-id 
and subject line Bug#1037913: fixed in zytrax 0+git20201215-1.1
has caused the Debian Bug report #1037913,
regarding zytrax: ftbfs with GCC-13
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1037913: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1037913
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: src:zytrax
Version: 0+git20201215-1
Severity: normal
Tags: sid trixie
User: debian-...@lists.debian.org
Usertags: ftbfs-gcc-13

[This bug is targeted to the upcoming trixie release]

Please keep this issue open in the bug tracker for the package it
was filed for.  If a fix in another package is required, please
file a bug for the other package (or clone), and add a block in this
package. Please keep the issue open until the package can be built in
a follow-up test rebuild.

The package fails to build in a test rebuild on at least amd64 with
gcc-13/g++-13, but succeeds to build with gcc-12/g++-12. The
severity of this report will be raised before the trixie release.

The full build log can be found at:
http://qa-logs.debian.net/2023/05/22/logs/zytrax_0+git20201215-1_unstable_gccexp.log
The last lines of the build log are at the end of this report.

To build with GCC 13, either set CC=gcc-13 CXX=g++-13 explicitly,
or install the gcc, g++, gfortran, ... packages from experimental.

  apt-get -t=experimental install g++ 

Common build failures are new warnings resulting in build failures with
-Werror turned on, or new/dropped symbols in Debian symbols files.
For other C/C++ related build failures see the porting guide at
http://gcc.gnu.org/gcc-13/porting_to.html

[...]
globals/base64.cpp:21:9: note: ‘uint8_t’ is defined in header ‘’; did 
you forget to ‘#include ’?
globals/base64.cpp:22:16: error: expected ‘;’ before ‘char_array_4’
   22 | uint8_t char_array_4[4];
  |^
  |;
globals/base64.cpp:25:17: error: ‘char_array_3’ was not declared in this scope
   25 | char_array_3[i++] = *(buf++);
  | ^~~~
globals/base64.cpp:25:39: error: ‘buf’ was not declared in this scope
   25 | char_array_3[i++] = *(buf++);
  |   ^~~
globals/base64.cpp:27:25: error: ‘char_array_4’ was not declared in this scope
   27 | char_array_4[0] = (char_array_3[0] & 0xfc) >> 2;
  | ^~~~
globals/base64.cpp:40:25: error: ‘char_array_3’ was not declared in this scope
   40 | char_array_3[j] = '\0';
  | ^~~~
globals/base64.cpp:42:17: error: ‘char_array_4’ was not declared in this scope
   42 | char_array_4[0] = (char_array_3[0] & 0xfc) >> 2;
  | ^~~~
globals/base64.cpp:42:36: error: ‘char_array_3’ was not declared in this scope
   42 | char_array_4[0] = (char_array_3[0] & 0xfc) >> 2;
  |^~~~
globals/base64.cpp: At global scope:
globals/base64.cpp:57:8: error: ‘uint8_t’ was not declared in this scope
   57 | Vector base64_decode(std::string const _string) {
  |^~~
globals/base64.cpp:57:8: note: ‘uint8_t’ is defined in header ‘’; did 
you forget to ‘#include ’?
globals/base64.cpp:57:15: error: template argument 1 is invalid
   57 | Vector base64_decode(std::string const _string) {
  |   ^
globals/base64.cpp: In function ‘int base64_decode(const std::string&)’:
globals/base64.cpp:62:9: error: ‘uint8_t’ was not declared in this scope
   62 | uint8_t char_array_4[4], char_array_3[3];
  | ^~~
globals/base64.cpp:62:9: note: ‘uint8_t’ is defined in header ‘’; did 
you forget to ‘#include ’?
globals/base64.cpp:65:69: error: ‘is_base64’ cannot be used as a function
   65 | while (in_len-- && (encoded_string[in_] != '=') && 
is_base64(encoded_string[in_])) {
  |
~^
globals/base64.cpp:66:17: error: ‘char_array_4’ was not declared in this scope
   66 | char_array_4[i++] = encoded_string[in_];
  | ^~~~
globals/base64.cpp:72:25: error: ‘char_array_3’ was not declared in this scope
   72 | char_array_3[0] = (char_array_4[0] << 2) + 
((char_array_4[1] & 0x30) >> 4);
  | ^~~~
globals/base64.cpp:77:37: error: request for member

Bug#1037574: marked as done (android-platform-system-tools-hidl: ftbfs with GCC-13)

2023-09-12 Thread Debian Bug Tracking System

Your message dated Tue, 12 Sep 2023 09:18:57 +
with message-id 
and subject line Bug#1037574: fixed in android-platform-system-tools-hidl 
10.0.0+r36-3.1
has caused the Debian Bug report #1037574,
regarding android-platform-system-tools-hidl: ftbfs with GCC-13
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1037574: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1037574
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: src:android-platform-system-tools-hidl
Version: 10.0.0+r36-3
Severity: normal
Tags: sid trixie
User: debian-...@lists.debian.org
Usertags: ftbfs-gcc-13

[This bug is targeted to the upcoming trixie release]

Please keep this issue open in the bug tracker for the package it
was filed for.  If a fix in another package is required, please
file a bug for the other package (or clone), and add a block in this
package. Please keep the issue open until the package can be built in
a follow-up test rebuild.

The package fails to build in a test rebuild on at least amd64 with
gcc-13/g++-13, but succeeds to build with gcc-12/g++-12. The
severity of this report will be raised before the trixie release.

The full build log can be found at:
http://qa-logs.debian.net/2023/05/22/logs/android-platform-system-tools-hidl_10.0.0+r36-3_unstable_gccexp.log
The last lines of the build log are at the end of this report.

To build with GCC 13, either set CC=gcc-13 CXX=g++-13 explicitly,
or install the gcc, g++, gfortran, ... packages from experimental.

  apt-get -t=experimental install g++ 

Common build failures are new warnings resulting in build failures with
-Werror turned on, or new/dropped symbols in Debian symbols files.
For other C/C++ related build failures see the porting guide at
http://gcc.gnu.org/gcc-13/porting_to.html

[...]
4 errors generated.
In file included from generateVts.cpp:17:
In file included from ./AST.h:22:
hashing/include/hidl-hash/Hash.h:25:30: error: use of undeclared identifier 
'uint8_t'
static const std::vector kEmptyHash;
 ^
hashing/include/hidl-hash/Hash.h:38:52: error: use of undeclared identifier 
'uint8_t'
static std::string hexString(const std::vector& hash);
   ^
hashing/include/hidl-hash/Hash.h:41:23: error: use of undeclared identifier 
'uint8_t'
const std::vector& raw() const;
  ^
hashing/include/hidl-hash/Hash.h:50:17: error: use of undeclared identifier 
'uint8_t'
std::vector mHash;
^
4 errors generated.
In file included from AST.cpp:17:
In file included from ./AST.h:22:
hashing/include/hidl-hash/Hash.h:25:30: error: use of undeclared identifier 
'uint8_t'
static const std::vector kEmptyHash;
 ^
hashing/include/hidl-hash/Hash.h:38:52: error: use of undeclared identifier 
'uint8_t'
static std::string hexString(const std::vector& hash);
   ^
hashing/include/hidl-hash/Hash.h:41:23: error: use of undeclared identifier 
'uint8_t'
const std::vector& raw() const;
  ^
hashing/include/hidl-hash/Hash.h:50:17: error: use of undeclared identifier 
'uint8_t'
std::vector mHash;
^
4 errors generated.
In file included from hidl-gen_y.yy:19:
In file included from ./AST.h:22:
hashing/include/hidl-hash/Hash.h:25:30: error: use of undeclared identifier 
'uint8_t'
static const std::vector kEmptyHash;
 ^
hashing/include/hidl-hash/Hash.h:38:52: error: use of undeclared identifier 
'uint8_t'
static std::string hexString(const std::vector& hash);
   ^
hashing/include/hidl-hash/Hash.h:41:23: error: use of undeclared identifier 
'uint8_t'
const std::vector& raw() const;
  ^
hashing/include/hidl-hash/Hash.h:50:17: error: use of undeclared identifier 
'uint8_t'
std::vector mHash;
^
4 errors generated.
In file included from hashing/Hash.cpp:17:
hashing/include/hidl-hash/Hash.h:25:30: error: use of undeclared identifier 
'uint8_t'
static const std::vector kEmptyHash;
 ^
hashing/include/hidl-hash/Hash.h:38:52: error: use of undeclared identifier 
'uint8_t'
static std::string hexString(const std::vector& hash);
   ^
hashing/include/hidl-hash/Hash.h:41:23: error: use of undeclared identifier 
'uint8_t'
const std::vector& raw() const;
  ^
hashing/include/hidl-hash/Hash.h:50:17: error: use

Bug#1051592: Regression: Commit "netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID" breaks ruleset loading in linux-stable

2023-09-12 Thread Linux regression tracking (Thorsten Leemhuis)

On 12.09.23 00:57, Pablo Neira Ayuso wrote:
> On Mon, Sep 11, 2023 at 11:37:50PM +0200, Timo Sigurdsson wrote:
>>
>> recently, Debian updated their stable kernel from 6.1.38 to 6.1.52
>> which broke nftables ruleset loading on one of my machines with lots
>> of "Operation not supported" errors. I've reported this to the
>> Debian project (see link below) and Salvatore Bonaccorso and I
>> identified "netfilter: nf_tables: disallow rule addition to bound
>> chain via NFTA_RULE_CHAIN_ID" (0ebc1064e487) as the offending commit
>> that introduced the regression. Salvatore also found that this issue
>> affects the 5.10 stable tree as well (observed in 5.10.191), but he
>> cannot reproduce it on 6.4.13 and 6.5.2.
>>
>> The issue only occurs with some rulesets. While I can't trigger it
>> with simple/minimal rulesets that I use on some machines, it does
>> occur with a more complex ruleset that has been in use for months
>> (if not years, for large parts of it). I'm attaching a somewhat
>> stripped down version of the ruleset from the machine I originally
>> observed this issue on. It's still not a small or simple ruleset,
>> but I'll try to reduce it further when I have more time.
>>
>> The error messages shown when trying to load the ruleset don't seem
>> to be helpful. Just two simple examples: Just to give two simple
>> examples from the log when nftables fails to start:
>> /etc/nftables.conf:99:4-44: Error: Could not process rule: Operation not 
>> supported
>> tcp option maxseg size 1-500 counter drop
>> ^
>> /etc/nftables.conf:308:4-27: Error: Could not process rule: Operation not 
>> supported
>> tcp dport sip-tls accept
>> 
> 
> I can reproduce this issue with 5.10.191 and 6.1.52 and nftables v1.0.6,
> this is not reproducible with v1.0.7 and v1.0.8.
> 
>> Since the issue only affects some stable trees, Salvatore thought it
>> might be an incomplete backport that causes this.
>>
>> If you need further information, please let me know.
> 
> Userspace nftables v1.0.6 generates incorrect bytecode that hits a new
> kernel check that rejects adding rules to bound chains. The incorrect
> bytecode adds the chain binding, attach it to the rule and it adds the
> rules to the chain binding. I have cherry-picked these three patches
> for nftables v1.0.6 userspace and your ruleset restores fine.
> [...]

H. Well, this sounds like a kernel regression to me that normally
should be dealt with on the kernel level, as users after updating the
kernel should never have to update any userspace stuff to continue what
they have been doing before the kernel update.

Can't the kernel somehow detect the incorrect bytecode and do the right
thing(tm) somehow?

But yes, don't worry, I know that reality is not black and white and
that it's crucial that things like package filtering do exactly what the
user expect it to do; that's why this might be one of those rare
situations where "user has to update userspace components to support
newer kernels" might be the better of two bad choices. But I had to ask
to ensure it's something like that.

Ciao, Thorsten (wearing his 'the Linux kernel's regression tracker' hat)
--
Everything you wanna know about Linux kernel regression tracking:
https://linux-regtracking.leemhuis.info/about/#tldr
If I did something stupid, please tell me, as explained on that page.

Bug#1037878: marked as done (ultracopier: ftbfs with GCC-13)

2023-09-12 Thread Debian Bug Tracking System

Your message dated Tue, 12 Sep 2023 09:03:46 +
with message-id 
and subject line Bug#1037878: fixed in ultracopier 2.2.6.0-1.1
has caused the Debian Bug report #1037878,
regarding ultracopier: ftbfs with GCC-13
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1037878: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1037878
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: src:ultracopier
Version: 2.2.6.0-1
Severity: normal
Tags: sid trixie
User: debian-...@lists.debian.org
Usertags: ftbfs-gcc-13

[This bug is targeted to the upcoming trixie release]

Please keep this issue open in the bug tracker for the package it
was filed for.  If a fix in another package is required, please
file a bug for the other package (or clone), and add a block in this
package. Please keep the issue open until the package can be built in
a follow-up test rebuild.

The package fails to build in a test rebuild on at least amd64 with
gcc-13/g++-13, but succeeds to build with gcc-12/g++-12. The
severity of this report will be raised before the trixie release.

The full build log can be found at:
http://qa-logs.debian.net/2023/05/22/logs/ultracopier_2.2.6.0-1_unstable_gccexp.log
The last lines of the build log are at the end of this report.

To build with GCC 13, either set CC=gcc-13 CXX=g++-13 explicitly,
or install the gcc, g++, gfortran, ... packages from experimental.

  apt-get -t=experimental install g++ 

Common build failures are new warnings resulting in build failures with
-Werror turned on, or new/dropped symbols in Debian symbols files.
For other C/C++ related build failures see the porting guide at
http://gcc.gnu.org/gcc-13/porting_to.html

[...]
gcc -c -pipe -g -O2 -ffile-prefix-map=/<>=. 
-fstack-protector-strong -Wformat -Werror=format-security -Wdate-time 
-D_FORTIFY_SOURCE=2 -Wall -Wextra -D_REENTRANT -fPIC 
-DULTRACOPIER_PLUGIN_ALL_IN_ONE -D_LARGE_FILE_SOURCE=1 -D_FILE_OFFSET_BITS=64 
-D_UNICODE -DUNICODE -DUSE_ALLOCA -DOPUS_BUILD -DWIDESTRING 
-DULTRACOPIER_PLUGIN_ALL_IN_ONE -DULTRACOPIER_PLUGIN_ALL_IN_ONE_DIRECT 
-DQT_NO_DEBUG -DQT_MULTIMEDIA_LIB -DQT_WIDGETS_LIB -DQT_GUI_LIB 
-DQT_NETWORK_LIB -DQT_XML_LIB -DQT_CORE_LIB -I. -Ilibopus/include 
-Ilib/qt-tar-xz -I/usr/include/x86_64-linux-gnu/qt5 
-I/usr/include/x86_64-linux-gnu/qt5/QtMultimedia 
-I/usr/include/x86_64-linux-gnu/qt5/QtWidgets 
-I/usr/include/x86_64-linux-gnu/qt5/QtGui 
-I/usr/include/x86_64-linux-gnu/qt5/QtNetwork 
-I/usr/include/x86_64-linux-gnu/qt5/QtXml 
-I/usr/include/x86_64-linux-gnu/qt5/QtCore -I. -I. 
-I/usr/lib/x86_64-linux-gnu/qt5/mkspecs/linux-g++ -o opus_multistream_decoder.o 
libopus/src/opus_multistream_decoder.c
gcc -c -pipe -g -O2 -ffile-prefix-map=/<>=. 
-fstack-protector-strong -Wformat -Werror=format-security -Wdate-time 
-D_FORTIFY_SOURCE=2 -Wall -Wextra -D_REENTRANT -fPIC 
-DULTRACOPIER_PLUGIN_ALL_IN_ONE -D_LARGE_FILE_SOURCE=1 -D_FILE_OFFSET_BITS=64 
-D_UNICODE -DUNICODE -DUSE_ALLOCA -DOPUS_BUILD -DWIDESTRING 
-DULTRACOPIER_PLUGIN_ALL_IN_ONE -DULTRACOPIER_PLUGIN_ALL_IN_ONE_DIRECT 
-DQT_NO_DEBUG -DQT_MULTIMEDIA_LIB -DQT_WIDGETS_LIB -DQT_GUI_LIB 
-DQT_NETWORK_LIB -DQT_XML_LIB -DQT_CORE_LIB -I. -Ilibopus/include 
-Ilib/qt-tar-xz -I/usr/include/x86_64-linux-gnu/qt5 
-I/usr/include/x86_64-linux-gnu/qt5/QtMultimedia 
-I/usr/include/x86_64-linux-gnu/qt5/QtWidgets 
-I/usr/include/x86_64-linux-gnu/qt5/QtGui 
-I/usr/include/x86_64-linux-gnu/qt5/QtNetwork 
-I/usr/include/x86_64-linux-gnu/qt5/QtXml 
-I/usr/include/x86_64-linux-gnu/qt5/QtCore -I. -I. 
-I/usr/lib/x86_64-linux-gnu/qt5/mkspecs/linux-g++ -o opus_multistream.o 
libopus/src/opus_multistream.c
gcc -c -pipe -g -O2 -ffile-prefix-map=/<>=. 
-fstack-protector-strong -Wformat -Werror=format-security -Wdate-time 
-D_FORTIFY_SOURCE=2 -Wall -Wextra -D_REENTRANT -fPIC 
-DULTRACOPIER_PLUGIN_ALL_IN_ONE -D_LARGE_FILE_SOURCE=1 -D_FILE_OFFSET_BITS=64 
-D_UNICODE -DUNICODE -DUSE_ALLOCA -DOPUS_BUILD -DWIDESTRING 
-DULTRACOPIER_PLUGIN_ALL_IN_ONE -DULTRACOPIER_PLUGIN_ALL_IN_ONE_DIRECT 
-DQT_NO_DEBUG -DQT_MULTIMEDIA_LIB -DQT_WIDGETS_LIB -DQT_GUI_LIB 
-DQT_NETWORK_LIB -DQT_XML_LIB -DQT_CORE_LIB -I. -Ilibopus/include 
-Ilib/qt-tar-xz -I/usr/include/x86_64-linux-gnu/qt5 
-I/usr/include/x86_64-linux-gnu/qt5/QtMultimedia 
-I/usr/include/x86_64-linux-gnu/qt5/QtWidgets 
-I/usr/include/x86_64-linux-gnu/qt5/QtGui 
-I/usr/include/x86_64-linux-gnu/qt5/QtNetwork 
-I/usr/include/x86_64-linux-gnu/qt5/QtXml 
-I/usr/include/x86_64-linux-gnu/qt5/QtCore -I. -I. 
-I/usr/lib/x86_64-linux-gnu/qt5/mkspecs/linux-g++ -o mlp_data.o 
libopus/src/mlp_data.c
gcc -c -pipe -g -O2

Bug#1037894: webkit2gtk: ftbfs with GCC-13

2023-09-12 Thread Manuel A. Fernandez Montecelo


2023-07-06 01:28 Alberto Garcia:

fixed 1037894 2.40.3-2
thanks

On Wed, Jun 14, 2023 at 09:32:41AM +, Matthias Klose wrote:

The package fails to build in a test rebuild on at least amd64 with
gcc-13/g++-13, but succeeds to build with gcc-12/g++-12. The
severity of this report will be raised before the trixie release.


FYI I have successfully built webkit2gtk 2.40.3-2 in a sid chroot with
with gcc-13 13.1.0-7 from experimental.


Also it built fine with gcc-13 in riscv64, which was rebootstrapped in
the last weeks and with gcc-13 as the default compiler since the start.

Build for the new archive:

  2.40.5-1 (sid)  Maybe-Successful  2023-08-28 19:38:30
  rv-osuosl-03  2d 10h 31m  23.91 GB

  https://buildd.debian.org/status/logs.php?pkg=webkit2gtk=riscv64


So I think that this can be closed.


Cheers.
--
Manuel A. Fernandez Montecelo

Bug#1051729: marked as done (pmix: CVE-2023-41915)

2023-09-12 Thread Debian Bug Tracking System

Your message dated Tue, 12 Sep 2023 08:09:15 +
with message-id 
and subject line Bug#1051729: fixed in pmix 5.0.1-1
has caused the Debian Bug report #1051729,
regarding pmix: CVE-2023-41915
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1051729: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051729
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: pmix
Version: 5.0.0~rc1-2
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for pmix.

CVE-2023-41915[0]:
| OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers
| to obtain ownership of arbitrary files via a race condition during
| execution of library code with UID 0.

As mentioned in [2]:
| A filesystem race condition could permit a malicious user
| to obtain ownership of an arbitrary file on the filesystem
| when parts of the PMIx library are called by a process
| running as uid 0. This may happen under the default
| configuration of certain workload managers, including Slurm.

(fs.protected_symlinks not protecting in such a case)

Please downgrade the severity if you do not agree on the assessment,
but at a very start the unstable version should be fixed. We can have
a look what need to be done for bookworm and bullseye in next step.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-41915
https://www.cve.org/CVERecord?id=CVE-2023-41915
[1] 
https://github.com/openpmix/openpmix/commit/0bf9801a3017eb6ca411e158da39570ccb998c17
[2] https://github.com/openpmix/openpmix/releases/tag/v5.0.1

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: pmix
Source-Version: 5.0.1-1
Done: Alastair McKinstry 

We believe that the bug you reported is fixed in the latest version of
pmix, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1051...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Alastair McKinstry  (supplier of updated pmix package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 08 Aug 2023 09:50:20 +0100
Source: pmix
Architecture: source
Version: 5.0.1-1
Distribution: unstable
Urgency: medium
Maintainer: Alastair McKinstry 
Changed-By: Alastair McKinstry 
Closes: 1043263 1051729
Changes:
 pmix (5.0.1-1) unstable; urgency=medium
 .
   * New upstream release. Closes: #1051729, #1043263
Checksums-Sha1:
 37e79cc8ba1c040967a27916d2a3fb9606c49bb2 2375 pmix_5.0.1-1.dsc
 5686f6e6e128dcf89a670407652e805d8f3a3d86 976948 pmix_5.0.1.orig.tar.xz
 b03b54bd4923b7b9adf2320aa36493351e986269 11460 pmix_5.0.1-1.debian.tar.xz
Checksums-Sha256:
 32a4fbdcbe069d4329cb1c62c82cc20541af291ebbdf3b5969e9cc88b32efb55 2375 
pmix_5.0.1-1.dsc
 2e53a02f62c69a5928385463ce039ee00e1b6ebd7cfe7e5bbb102d776a96dd37 976948 
pmix_5.0.1.orig.tar.xz
 86c04faf35d996fa4503387783913cac2f63210d13cc4fc9ac08561c9a18f2d8 11460 
pmix_5.0.1-1.debian.tar.xz
Files:
 948fbefdb8c49eb833c646f0dcc674c2 2375 net optional pmix_5.0.1-1.dsc
 0a191e1061092a625dc8ab728c2e9426 976948 net optional pmix_5.0.1.orig.tar.xz
 c80f914c2edba460da571fb9ed28e66d 11460 net optional pmix_5.0.1-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEgjg86RZbNHx4cIGiy+a7Tl2a06UFAmUAFT0ACgkQy+a7Tl2a
06U7Uw/+P0bLEVKXglMCRGNISb1BUoUgaH7fkiwasy0pZb1XcAna47SmRmHfd7r2
T0oVXHyLjaCYgwvmmh6XV0mgFE2pSodWHU0hk7hQV5wbIrE0IS7sEPs80Mf6Pe6E
Ii4CujPD6CP4U8PnH98AmNz8UycgHrMjWY9tB97BXCMuKXjdSSVoXVjWUuyG3hB7
7KoZg4VXzZoV3nJSMhGdJtHPHh8LRdkx9lmjA9Q57w6ge+NpW5uzC3ncVQtiVqUQ
tHQbsKZtQI5mSJQgxWZ1M6Zh9gAdiR30VXJf2t971q+MkWqzMvHBFF1eGaOUdygP
68L+SF9WgifSxNO1pQXOYmMajmB33yhMThb1Any70riSWcZa3HkS6p0WJqIsM5Ui
ROQvi51QPDMyRTAIrJxbz+d9lpQtRBoH/lehCfnWV5b8rLK1sFief36quRMvxBXB
qLF0IN07074L0GbQl9h4QK53Hsy0L1R/Dk15nWdajO3UN6OtKg/9ZpKhzkAcoUDK
bUvClm5XTNfqStRcYA1OimNMS8ear5VdmcwouIj8Y6sVgNrhG4vNrsTwI0PC+XD+

Bug#1030129: question about proposed update 20230620~deb12u1

2023-09-12 Thread grin

Is this bug fixed in recently uploaded 20230620~deb12u1? Or are we waiting for 
20230710 backport?

(Sidenote: found this bug because Ceph cannot build their release. 
[https://docs.ceph.com/en/latest/releases/reef/])

Peter

Bug#1051752: uwsgi: remove uwsgi-plugin-glusterfs on 32 bit architectures

2023-09-12 Thread Sebastian Ramacher

Source: uwsgi
Version: 2.0.22-1
Severity: serious
X-Debbugs-Cc: sramac...@debian.org

glusterfs dropped support for 32 bit architectures (see #1050629 for
details) and the binaries are being removed from trixie.
uwsgi-plugin-glusterfs is the last remaining binary package depending on
them on 32 bit architectures which prevents their removal. Please remove
uwsgi-plugin-glusterfs on all 32 bit architectures.

Cheers
-- 
Sebastian Ramacher

72 matches

Mail list logo