Bug#1063484: marked as done (libuv1: CVE-2024-24806)
Your message dated Mon, 19 Feb 2024 07:49:25 + with message-id and subject line Bug#1063484: fixed in libuv1 1.48.0-1 has caused the Debian Bug report #1063484, regarding libuv1: CVE-2024-24806 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1063484: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063484 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: libuv1 Version: 1.46.0-3 Severity: grave Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for libuv1. CVE-2024-24806[0]: | libuv is a multi-platform support library with a focus on | asynchronous I/O. The `uv_getaddrinfo` function in | `src/unix/getaddrinfo.c` (and its windows counterpart | `src/win/getaddrinfo.c`), truncates hostnames to 256 characters | before calling `getaddrinfo`. This behavior can be exploited to | create addresses like `0x7f01`, which are considered valid | by `getaddrinfo` and could allow an attacker to craft payloads that | resolve to unintended IP addresses, bypassing developer checks. The | vulnerability arises due to how the `hostname_ascii` variable (with | a length of 256 bytes) is handled in `uv_getaddrinfo` and | subsequently in `uv__idna_toascii`. When the hostname exceeds 256 | characters, it gets truncated without a terminating null byte. As a | result attackers may be able to access internal APIs or for websites | (similar to MySpace) that allows users to have | `username.example.com` pages. Internal services that crawl or cache | these user pages can be exposed to SSRF attacks if a malicious user | chooses a long vulnerable username. This issue has been addressed in | release version 1.48.0. Users are advised to upgrade. There are no | known workarounds for this vulnerability. Note, that the advisory at [1] mentions that affected versions are only > 1.45.x. Looking at the git changes, is it not introduced after 6dd44caa35b4 ("unix,win: support IDNA 2008 in uv_getaddrinfo()") in v1.24.0? If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2024-24806 https://www.cve.org/CVERecord?id=CVE-2024-24806 [1] https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: libuv1 Source-Version: 1.48.0-1 Done: Dominique Dumont We believe that the bug you reported is fixed in the latest version of libuv1, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1063...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Dominique Dumont (supplier of updated libuv1 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 14 Feb 2024 18:47:19 +0100 Source: libuv1 Architecture: source Version: 1.48.0-1 Distribution: unstable Urgency: medium Maintainer: Dominique Dumont Changed-By: Dominique Dumont Closes: 1063484 Changes: libuv1 (1.48.0-1) unstable; urgency=medium . [ Dominique Dumont ] * new upstream version: * Fix CVE-2024-24806 (Closes: #1063484) * copyright: update with cme * refreshed patches * rm patch lp2046442-linux-don-t-use-io_uring-... * refreshed symbols file Checksums-Sha1: 40843c69ae68ea19eb615153a119b188eddb937e 1986 libuv1_1.48.0-1.dsc bcc87b177634f3637315af2d6044731384b79142 1322696 libuv1_1.48.0.orig.tar.gz 138316fd7da6f3a060b347218dabb5123977b0bf 21368 libuv1_1.48.0-1.debian.tar.xz a84fea478b4e8456077acfe1e2374b5f782cd646 8825 libuv1_1.48.0-1_source.buildinfo Checksums-Sha256: 996d16066c08481bdd938fc83a421cc343afb0eace6de884d53caa625ba97ac9 1986 libuv1_1.48.0-1.dsc 95b66faf3c19b021eb475c0a04c4febfe0442efbd88bca3174d32a1f8957cb71 1322696 libuv1_1.48.0.orig.tar.gz e119946f811d731e1150ae3d639f68ae31bd303429f04a95aae164439ecc10b3 21368 libuv1_1.48.0-1.debian.tar.xz 97e59bc729962a575a42ffb0b4a64976095907ce67e699ef3dc3b7d3e50cb646 8825 libuv1_1.48.0-1_source.buildinfo Files:
Processed: closing 1006585
Processing commands for cont...@bugs.debian.org: > # Builds fine with OpenSSL 3 now > close 1006585 1.2.0-1 Bug #1006585 [src:tpm2-tss-engine] tpm2-tss-engine: FTBFS with OpenSSL 3.0 Marked as fixed in versions tpm2-tss-engine/1.2.0-1. Bug #1006585 [src:tpm2-tss-engine] tpm2-tss-engine: FTBFS with OpenSSL 3.0 Marked Bug as done > thanks Stopping processing here. Please contact me if you need assistance. -- 1006585: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006585 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: closing 938622
Processing commands for cont...@bugs.debian.org: > # Uses Python 3 now in sid > close 938622 1.17.0-1 Bug #938622 [src:tahoe-lafs] tahoe-lafs: Python2 removal in sid/bullseye Marked as fixed in versions tahoe-lafs/1.17.0-1. Bug #938622 [src:tahoe-lafs] tahoe-lafs: Python2 removal in sid/bullseye Marked Bug as done > thanks Stopping processing here. Please contact me if you need assistance. -- 938622: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=938622 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: tagging 1064128
Processing commands for cont...@bugs.debian.org: > tags 1064128 + fixed-upstream Bug #1064128 [liquidsoap] liquidsoap: FTBFS: Error: Unbound module Pcre Added tag(s) fixed-upstream. > thanks Stopping processing here. Please contact me if you need assistance. -- 1064128: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064128 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: unarchiving 938622, reopening 938622, unarchiving 920414, reopening 920414
Processing commands for cont...@bugs.debian.org: > # src:tahoe-lafs was reintroduced: > https://lists.debian.org/msgid-search/546c2c3d77eaef6dc2b26c7ed7663f16df847bda.ca...@debian.org > unarchive 938622 Bug #938622 {Done: Debian FTP Masters } [src:tahoe-lafs] tahoe-lafs: Python2 removal in sid/bullseye Unarchived Bug 938622 > reopen 938622 Bug #938622 {Done: Debian FTP Masters } [src:tahoe-lafs] tahoe-lafs: Python2 removal in sid/bullseye 'reopen' may be inappropriate when a bug has been closed with a version; all fixed versions will be cleared, and you may need to re-add them. Bug reopened No longer marked as fixed in versions 1.12.1-5+rm. > unarchive 920414 Bug #920414 {Done: Debian FTP Masters } [src:tahoe-lafs] tahoe-lafs: Please package new upstream version 1.13.0 Unarchived Bug 920414 > reopen 920414 Bug #920414 {Done: Debian FTP Masters } [src:tahoe-lafs] tahoe-lafs: Please package new upstream version 1.13.0 'reopen' may be inappropriate when a bug has been closed with a version; all fixed versions will be cleared, and you may need to re-add them. Bug reopened No longer marked as fixed in versions 1.12.1-5+rm. > thanks Stopping processing here. Please contact me if you need assistance. -- 920414: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920414 938622: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=938622 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: unarchiving 1006585, reopening 1006585
Processing commands for cont...@bugs.debian.org: > # src:tpm2-tss-engine was reintroduced: > https://lists.debian.org/msgid-search/546c2c3d77eaef6dc2b26c7ed7663f16df847bda.ca...@debian.org > unarchive 1006585 Bug #1006585 {Done: Debian FTP Masters } [src:tpm2-tss-engine] tpm2-tss-engine: FTBFS with OpenSSL 3.0 Unarchived Bug 1006585 > reopen 1006585 Bug #1006585 {Done: Debian FTP Masters } [src:tpm2-tss-engine] tpm2-tss-engine: FTBFS with OpenSSL 3.0 'reopen' may be inappropriate when a bug has been closed with a version; all fixed versions will be cleared, and you may need to re-add them. Bug reopened No longer marked as fixed in versions 1.1.0-2+rm. > thanks Stopping processing here. Please contact me if you need assistance. -- 1006585: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006585 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Liquidsoap bug forward upstream
Processing commands for cont...@bugs.debian.org: > forwarded 1064128 https://github.com/savonet/liquidsoap/issues/3750 Bug #1064128 [liquidsoap] liquidsoap: FTBFS: Error: Unbound module Pcre Ignoring request to change the forwarded-to-address of bug#1064128 to the same value > thanks Stopping processing here. Please contact me if you need assistance. -- 1064128: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064128 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: bug 1064128 is forwarded to https://github.com/savonet/liquidsoap/issues/3750
Processing commands for cont...@bugs.debian.org: > forwarded 1064128 https://github.com/savonet/liquidsoap/issues/3750 Bug #1064128 [liquidsoap] liquidsoap: FTBFS: Error: Unbound module Pcre Set Bug forwarded-to-address to 'https://github.com/savonet/liquidsoap/issues/3750'. > thanks Stopping processing here. Please contact me if you need assistance. -- 1064128: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064128 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: reopen, stalls again migration
Processing control commands: > reopen -1 Bug #1059223 {Done: Paul Gevers } [src:meson] src:meson: fails to migrate to testing for too long: fails autopkgtest on arm64 and i386 'reopen' may be inappropriate when a bug has been closed with a version; all fixed versions will be cleared, and you may need to re-add them. Bug reopened No longer marked as fixed in versions meson/1.3.0-2. > found -1 1.3.2-1 Bug #1059223 [src:meson] src:meson: fails to migrate to testing for too long: fails autopkgtest on arm64 and i386 Marked as found in versions meson/1.3.2-1. -- 1059223: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059223 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1059223: reopen, stalls again migration
Control: reopen -1 Control: found -1 1.3.2-1 reopen, stalls again migration
Bug#1028416: systemctl kexec doesn't shutdown system properly and corrupts mounted filesystems
Dear maintainer, I wonder if this fix can be backported to stable-pu and oldstable-pu, since this bug may lead to data corruption. A possible approach might be to mask the kexec init script in the systemd side, i.e. via `systemctl mask kexec.service`, so that systemd users can get rid of the kexec init script and other init system users can still enjoy the provided kexec init script. Cheers, Miao Wang
Bug#1064252: linux-image-6.1.0-17-amd64: CONFIG_SYSTEM_TRUSTED_KEYS="y" is in the default config "y"
Package: src:linux Version: 6.1.69-1 Severity: serious Tags: ftbfs Justification: fails to build from source (but built successfully in the past) X-Debbugs-Cc: foren...@wi.rr.com In the default config-6.1.0-17-amd64, there is a line: CONFIG_SYSTEM_TRUSTED_KEYS="y" It is impossible to change it from y in menuconfig. Then, it creates 'error no rule to make y. -- Package-specific info: ** Version: Linux version 6.1.0-17-amd64 (debian-ker...@lists.debian.org) (gcc-12 (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40) #1 SMP PREEMPT_DYNAMIC Debian 6.1.69-1 (2023-12-30) ** Command line: BOOT_IMAGE=/vmlinuz-6.1.0-17-amd64 root=UUID=b8970480-c02f-4e13-83ea-99242beaa8c1 ro quiet ** Not tainted ** Kernel log: [850617.148769] sda: unable to read partition table [850617.148860] sd 6:0:0:0: [sda] Attached SCSI disk [850617.204217] sd 6:0:0:0: [sda] Synchronizing SCSI cache [850617.444223] sd 6:0:0:0: [sda] Synchronize Cache(10) failed: Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK [850617.716182] usb 2-7.4: new high-speed USB device number 11 using xhci_hcd [850617.888733] usb 2-7.4: New USB device found, idVendor=152d, idProduct=0562, bcdDevice= 2.09 [850617.888746] usb 2-7.4: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [850617.888748] usb 2-7.4: Product: SSK Storage [850617.888750] usb 2-7.4: Manufacturer: SSK [850617.888752] usb 2-7.4: SerialNumber: DD564198838B8 [850617.892008] scsi host6: uas [850617.892602] scsi 6:0:0:0: Direct-Access SSK 0209 PQ: 0 ANSI: 6 [850617.894762] sd 6:0:0:0: Attached scsi generic sg1 type 0 [850617.894982] sd 6:0:0:0: [sda] Spinning up disk... [850618.428107] usb 2-7.4: USB disconnect, device number 11 [850618.924215] .ready [850618.924291] sd 6:0:0:0: [sda] Read Capacity(16) failed: Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK [850618.924296] sd 6:0:0:0: [sda] Sense not available. [850618.924302] sd 6:0:0:0: [sda] Read Capacity(10) failed: Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK [850618.924304] sd 6:0:0:0: [sda] Sense not available. [850618.924314] sd 6:0:0:0: [sda] 0 512-byte logical blocks: (0 B/0 B) [850618.924316] sd 6:0:0:0: [sda] 0-byte physical blocks [850618.924321] sd 6:0:0:0: [sda] Write Protect is off [850618.924324] sd 6:0:0:0: [sda] Mode Sense: 00 00 00 00 [850618.924328] sd 6:0:0:0: [sda] Asking for cache data failed [850618.924333] sd 6:0:0:0: [sda] Assuming drive cache: write through [850618.924342] sd 6:0:0:0: [sda] Preferred minimum I/O size 4096 bytes not a multiple of physical block size (0 bytes) [850618.924345] sd 6:0:0:0: [sda] Optimal transfer size 33553920 bytes not a multiple of physical block size (0 bytes) [850618.924995] sd 6:0:0:0: [sda] Attached SCSI disk [854882.880440] usb 2-7.3: USB disconnect, device number 5 [854884.327593] usb 2-7.3: new low-speed USB device number 12 using xhci_hcd [854884.457279] usb 2-7.3: New USB device found, idVendor=047d, idProduct=1020, bcdDevice= 1.08 [854884.457289] usb 2-7.3: New USB device strings: Mfr=0, Product=1, SerialNumber=0 [854884.457292] usb 2-7.3: Product: Kensington Expert Mouse [854884.463747] input: Kensington Expert Mouse as /devices/pci:00/:00:14.0/usb2/2-7/2-7.3/2-7.3:1.0/0003:047D:1020.0004/input/input21 [854884.464101] hid-generic 0003:047D:1020.0004: input,hidraw2: USB HID v1.11 Mouse [Kensington Expert Mouse] on usb-:00:14.0-7.3/input0 [860266.405755] audit: type=1400 audit(1707886801.612:37): apparmor="DENIED" operation="capable" profile="/usr/sbin/cupsd" pid=178977 comm="cupsd" capability=12 capname="net_admin" [880247.840603] wlp4s0: Connection to AP 00:90:7f:4a:10:b1 lost [880459.847171] wlp4s0: authenticate with 00:90:7f:4a:10:b1 [880459.850240] wlp4s0: send auth to 00:90:7f:4a:10:b1 (try 1/3) [880459.879928] wlp4s0: authenticated [880459.881486] wlp4s0: associate with 00:90:7f:4a:10:b1 (try 1/3) [880459.888498] wlp4s0: RX AssocResp from 00:90:7f:4a:10:b1 (capab=0x511 status=0 aid=1) [880459.893044] wlp4s0: associated [880459.970372] IPv6: ADDRCONF(NETDEV_CHANGE): wlp4s0: link becomes ready [880460.156234] wlp4s0: Limiting TX power to 21 (24 - 3) dBm as advertised by 00:90:7f:4a:10:b1 [966628.811480] wlp4s0: Connection to AP 00:90:7f:4a:10:b1 lost [966840.859629] wlp4s0: authenticate with 00:90:7f:4a:10:b1 [966840.862710] wlp4s0: send auth to 00:90:7f:4a:10:b1 (try 1/3) [966840.891711] wlp4s0: authenticated [966840.894718] wlp4s0: associate with 00:90:7f:4a:10:b1 (try 1/3) [966840.898366] wlp4s0: RX AssocResp from 00:90:7f:4a:10:b1 (capab=0x511 status=0 aid=1) [966840.903409] wlp4s0: associated [966840.943963] wlp4s0: Limiting TX power to 21 (24 - 3) dBm as advertised by 00:90:7f:4a:10:b1 [966840.973030] IPv6: ADDRCONF(NETDEV_CHANGE): wlp4s0: link becomes ready [1053031.509002] wlp4s0: deauthenticated from 00:90:7f:4a:10:b1 (Reason: 3=DEAUTH_LEAVING) [1053245.065573] wlp4s0: authenticate with 00:90:7f:4a:10:b1 [1053245.068633] wlp4s0: send auth to 00:90:7f:4a:10:b1 (try 1/3)
Bug#1061412: marked as done (font-manager: Stop using webkit2gtk 4.0)
Your message dated Mon, 19 Feb 2024 03:05:24 + with message-id and subject line Bug#1061412: fixed in font-manager 0.8.8-4 has caused the Debian Bug report #1061412, regarding font-manager: Stop using webkit2gtk 4.0 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1061412: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061412 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: font-manager Version: 0.8.8-3 Severity: serious Tags: trixie sid User: pkg-webkit-maintain...@lists.alioth.debian.org Usertags: webkit-4.0 Forwarded: https://github.com/FontManager/font-manager/issues/343 Debian's webkit2gtk maintainers intend to stop building the 4.0 API soon. Please switch to using the 4.1 API which is the same as the 4.0 API except that it uses libsoup3 instead of libsoup2.4. The webkit feature is only used by the Google Fonts integration feature. It is possible to build font-manager without that feature. Or someone could port the feature to use libsoup3. It was actually already done in the experimental GTK4 branch, but I don't think it was done in a way that is easy to backport. There is documentation and examples at https://gitlab.gnome.org/GNOME/libsoup/-/issues/218 On behalf of the webkit2gtk maintainers, Jeremy Bícha --- End Message --- --- Begin Message --- Source: font-manager Source-Version: 0.8.8-4 Done: Boyuan Yang We believe that the bug you reported is fixed in the latest version of font-manager, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1061...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Boyuan Yang (supplier of updated font-manager package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 18 Feb 2024 21:17:37 -0500 Source: font-manager Architecture: source Version: 0.8.8-4 Distribution: unstable Urgency: medium Maintainer: Debian Fonts Task Force Changed-By: Boyuan Yang Closes: 1061412 Changes: font-manager (0.8.8-4) unstable; urgency=medium . * debian/patches/libsoup3.patch: Add patch from upstream to switch to libsoup-3 and libwebkitgtk-4.1. (Closes: #1061412) Checksums-Sha1: 690cfdc61e9898f19872215dc8edd1ccf4311ce4 2615 font-manager_0.8.8-4.dsc fdc9ed462b468e6a00207f98b88313763e138cf2 3284114 font-manager_0.8.8.orig.tar.gz b15f60b6ac231c33674ba90afdbadc467c79613d 7084 font-manager_0.8.8-4.debian.tar.xz c2f112ae4a889c8247bd728c57d712fccabdd978 23143 font-manager_0.8.8-4_amd64.buildinfo Checksums-Sha256: 1f47dae3dbe36afe2e93aee2753425769fe6ad40f86034afa0135c33b7f39f34 2615 font-manager_0.8.8-4.dsc 7badeefe47df3f21d4e9087889fe3d2a6f8e97c95c32fa7fae78ccb59ac40868 3284114 font-manager_0.8.8.orig.tar.gz ede181811a21f45c2c6ee57fc06cc4ebcc872895b43a44ab2b4aa40a631deebf 7084 font-manager_0.8.8-4.debian.tar.xz b6e55c4e5ad1becb87dc5a9ec2a54d2464165822e2c1e74da41eca441fa970cf 23143 font-manager_0.8.8-4_amd64.buildinfo Files: 8dabfa35611306c3c9149f5c6e43ea68 2615 graphics optional font-manager_0.8.8-4.dsc 9dbcaf606df347b3daba338cce495846 3284114 graphics optional font-manager_0.8.8.orig.tar.gz 26d7c5f5cdcc427554086d638afb15b4 7084 graphics optional font-manager_0.8.8-4.debian.tar.xz f36ea4f4bf744a7930ae376896d7ec87 23143 graphics optional font-manager_0.8.8-4_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEfncpR22H1vEdkazLwpPntGGCWs4FAmXSvBYACgkQwpPntGGC Ws5IGQ/7BF1g1dQiZ8oqcHZvG7bjKLy+zd1yL5O9KVWrdvpSRVU4qzbLwnfbk6Bz BESwMuPkw7xO68Fpd3ajdLFjpHVLR+5w1CmFQ690ORhPQMm/+iTIyfmQLdtj7YND hE129kLLW6RCwh3bsVq7DxWYXwtpf+zAwJH96Ujpf+l3K0nTe6tUiUDfRl1USJgN gaPQcm4rXhZr+3xXydbmFKjiMxTmSxUGsvfvC8WuCS1v6fZbBjMdGBrRo9TU6leF uVMXPGSJokds7mZGXkK3MKfe5xQhMYkLWpFUKG3sMIbmiNB5ce+BmPbBrucjdMmb AlaHC6o85Nq+r7qnEKHs0sjzotqFAiyZeoGf020DHBCjsY06GqkO4pkGcD4NiUeY mF7tPMXgmRfqgmdwesNiDh8biAQZ458oT/ux/gl0CbigeBzi3vRWsNKBdf4Wmg6i P9KDkNyZXUNAQd3vKgMzmvwDwAc0M23Ux8ZWwL6J7O9zxLicD5C3yPfBk74tExj3 JMus3EGjl0SngzJa3x+HU4dqEWWXfKq8v8TtdkSBT/TcKLvyff+VSm5jMgDtdZPi PcH569I50otNPva3N5N1GUFHdWUFR3dB5/EmVh/Qj9lXbUmeq8z3q7F/4Tn7IfwD vuvJD/HNHH95Q3OJ+A53KjIm2eWwq0v33z9d6bbE4OXWa0xnAy4= =5b95 -END PGP SIGNATURE- pgpUpzuuVoK5H.pgp Description: PGP
Processed: the autopkg test still fails
Processing control commands: > reopen -1 Bug #1061751 {Done: Carsten Schoenert } [src:python-django-debug-toolbar] python-django-debug-toolbar ftbfs with Python 3.12 as default 'reopen' may be inappropriate when a bug has been closed with a version; all fixed versions will be cleared, and you may need to re-add them. Bug reopened No longer marked as fixed in versions python-django-debug-toolbar/1:4.3-1. -- 1061751: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061751 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1061751: the autopkg test still fails
Control: reopen -1 42s autopkgtest [02:05:28]: test testsuite: [--- 43s ln: failed to create symbolic link '/usr/bin/python3': Permission denied 43s autopkgtest [02:05:29]: test testsuite: ---] 43s autopkgtest [02:05:29]: test testsuite: - - - - - - - - - - results - - - - - - - - - - 43s testsuiteFAIL non-zero exit status 1 43s autopkgtest [02:05:29]: summary 43s testsuiteFAIL non-zero exit status 1 either needs the needs-root restriction, or you manage the symlink in a writable path like $AUTOPKG_TEST/bin.
Bug#1064187: marked as done (lua-socket: identified for time_t transition but no ABI in shlibs)
Your message dated Sun, 18 Feb 2024 16:28:38 -0800 with message-id and subject line Re: lua-socket: identified for time_t transition but no ABI in shlibs has caused the Debian Bug report #1064187, regarding lua-socket: identified for time_t transition but no ABI in shlibs to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1064187: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064187 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: lua-luv Version: 1.44.2-0-1 Severity: serious User: debian-...@lists.debian.org Usertags: time-t Dear maintainers, Analysis of the archive for the 64-bit time_t transition[0][1] identifies luasocket as an affected package, on the basis that the headers could not be compiled and analyzed out of the box using abi-compliance-checker[2], so we have to assume it's affected. However, lua-socket's shlibs file declares a dependency on a library package name that contains no ABI information: $ cat DEBIAN/shlibs liblua5.1-mime 2 lua-socket (>= 3.1.0) liblua5.1-socket-serial 0 lua-socket (>= 3.1.0) liblua5.1-socket-unix 2 lua-socket (>= 3.1.0) liblua5.1-socket 2 lua-socket (>= 3.1.0) liblua5.2-mime 2 lua-socket (>= 3.1.0) liblua5.2-socket-serial 0 lua-socket (>= 3.1.0) liblua5.2-socket-unix 2 lua-socket (>= 3.1.0) liblua5.2-socket 2 lua-socket (>= 3.1.0) liblua5.3-mime 2 lua-socket (>= 3.1.0) liblua5.3-socket-serial 0 lua-socket (>= 3.1.0) liblua5.3-socket-unix 2 lua-socket (>= 3.1.0) liblua5.3-socket 2 lua-socket (>= 3.1.0) liblua5.4-mime 2 lua-socket (>= 3.1.0) liblua5.4-socket-serial 0 lua-socket (>= 3.1.0) liblua5.4-socket-unix 2 lua-socket (>= 3.1.0) liblua5.4-socket 2 lua-socket (>= 3.1.0) $ It is therefore not obvious that we should rename the package to 'lua-sockett64' as part of this transition. Looking at the archive, there is a package built from the separate lua-sec source package that depends on this library. Since there is no self-evident thing to do with the library package name here, we will not be handling this package as part of the mass NMUs. Instead I am filing a serious bug because partial upgrades from bookworm to trixie on 32-bit architectures will result in ABI skew and may result in broken behavior. Thanks, -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer https://www.debian.org/ slanga...@ubuntu.com vor...@debian.org [0] https://wiki.debian.org/ReleaseGoals/64bit-time [1] https://lists.debian.org/debian-devel/2024/01/msg00041.html [2] https://adrien.dcln.fr/misc/armhf-time_t/2024-02-16T21%3A19%3A00/logs/lua-socket-dev/base/log.txt signature.asc Description: PGP signature --- End Message --- --- Begin Message --- We were able to get a successful analysis which show that lua-socket's ABI is not affected by time_t, so closing this bug. Thanks! On Sun, Feb 18, 2024 at 12:07:13AM -0800, Steve Langasek wrote: > Control: reassign -1 src:luasocket/20200726-1 > > Sigh, cut'n'paste fail. Reassigning. > > On Sat, Feb 17, 2024 at 11:57:16PM -0800, Steve Langasek wrote: > > Source: lua-luv > > Version: 1.44.2-0-1 > > Severity: serious > > User: debian-...@lists.debian.org > > Usertags: time-t > > > > Dear maintainers, > > > > Analysis of the archive for the 64-bit time_t transition[0][1] identifies > > luasocket as an affected package, on the basis that the headers could not > > be compiled and analyzed out of the box using abi-compliance-checker[2], so > > we have to assume it's affected. > > > > However, lua-socket's shlibs file declares a dependency on a library package > > name that contains no ABI information: > > > > $ cat DEBIAN/shlibs > > liblua5.1-mime 2 lua-socket (>= 3.1.0) > > liblua5.1-socket-serial 0 lua-socket (>= 3.1.0) > > liblua5.1-socket-unix 2 lua-socket (>= 3.1.0) > > liblua5.1-socket 2 lua-socket (>= 3.1.0) > > liblua5.2-mime 2 lua-socket (>= 3.1.0) > > liblua5.2-socket-serial 0 lua-socket (>= 3.1.0) > > liblua5.2-socket-unix 2 lua-socket (>= 3.1.0) > > liblua5.2-socket 2 lua-socket (>= 3.1.0) > > liblua5.3-mime 2 lua-socket (>= 3.1.0) > > liblua5.3-socket-serial 0 lua-socket (>= 3.1.0) > > liblua5.3-socket-unix 2 lua-socket (>= 3.1.0) > > liblua5.3-socket 2 lua-socket (>= 3.1.0) > > liblua5.4-mime 2 lua-socket (>= 3.1.0) > > liblua5.4-socket-serial 0 lua-socket (>= 3.1.0) > > liblua5.4-socket-unix 2 lua-socket (>= 3.1.0) > > liblua5.4-socket 2 lua-socket (>= 3.1.0) > > $ > > > > It is therefore not obvious that we
Bug#1063717: NVIDIA packages in stable-updates fix module compilation for linux 6.1.76-1
On 18/02/2024 17.06, matte.mb2006.9...@gmail.com wrote: https://lists.debian.org/debian-stable-announce/2024/02/msg2.html The update is not yet available on my PC. I live in Italy. Do you have bookworm-updates (or stable-updates) enabled in your sources.list(.d/)? See detailed instructions in the announcement email linked above. Andreas
Bug#1064208: marked as done (gvfs: wsdd dependency is not working as expected)
Your message dated Sun, 18 Feb 2024 22:04:24 + with message-id and subject line Bug#1064208: fixed in gvfs 1.53.90-2 has caused the Debian Bug report #1064208, regarding gvfs: wsdd dependency is not working as expected to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1064208: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064208 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: gvfs Version: 1.53.90-1 Severity: serious I should have tested the wsdd feature before adding Recommends: wsdd to gvfs-daemon. The Debian wsdd package needs some changes to be usable in this configuration. I think it might be best to demote wsdd to Suggests for now so that we can easily test the feature with some minimal log spew to journalctl about wsdd not working. Thank you, Jeremy Bícha --- End Message --- --- Begin Message --- Source: gvfs Source-Version: 1.53.90-2 Done: Jeremy Bícha We believe that the bug you reported is fixed in the latest version of gvfs, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1064...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jeremy Bícha (supplier of updated gvfs package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 18 Feb 2024 16:36:33 -0500 Source: gvfs Built-For-Profiles: noudeb Architecture: source Version: 1.53.90-2 Distribution: unstable Urgency: medium Maintainer: Debian GNOME Maintainers Changed-By: Jeremy Bícha Closes: 1064208 Changes: gvfs (1.53.90-2) unstable; urgency=medium . * Demote wsdd to Suggests (Closes: #1064208) Checksums-Sha1: 7d4926c47dee77d2b9aaee914e39c613c08bbf1b 3494 gvfs_1.53.90-2.dsc a770ae34d2571d04932b797f4a61431bb95b84fa 27012 gvfs_1.53.90-2.debian.tar.xz d874144081057159674d086a9e6570af51ea67cb 19674 gvfs_1.53.90-2_source.buildinfo Checksums-Sha256: 0d1b74b786def0a2adb5221cea3baf46cec6b4ed26f131403d87bf1658f44953 3494 gvfs_1.53.90-2.dsc 114ec6f5c77484169589da788d973479c066258bd2df6142b4a2a22875c847fb 27012 gvfs_1.53.90-2.debian.tar.xz bb08c147394de2875da1a2b560cf8efbc9749d552af7e534ef6d3c50162e45ce 19674 gvfs_1.53.90-2_source.buildinfo Files: 740fca219174faa42493573f871dfae6 3494 gnome optional gvfs_1.53.90-2.dsc 0673c079942216463ddec49aed7aa12b 27012 gnome optional gvfs_1.53.90-2.debian.tar.xz 016ba96a66f2507f84fb12c7157345bc 19674 gnome optional gvfs_1.53.90-2_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEETQvhLw5HdtiqzpaW5mx3Wuv+bH0FAmXSeZ8ACgkQ5mx3Wuv+ bH3uGA//WikXgvhwTwbdbXSau5wZI82Vmp2w3VlETmBlo8TqaZbAk/xdTlPY2iwA xcC3jp2taO4CykwzPJmm9hdlPgfFFseJW4SDdnf20WuQGYgplooWOy9pG32AC0pY 8BvZ4bNfHUkeTk9yDTXxGJA9MFzVMJQa6/2oFPX5ba8PVRCi8NaRVn5LYjq9el+Q /0H5nU+9wyd4HLbgJnSZgn4g36VXhxmrn4wSj5/IOodADQ1k7/svyEOnXSfk0IQp kl6oOLTCjA6+iTdmcrNZ4YTDdUUvIrm/pGQxSLPYz5jbaBuEb+J/qpph7mwL/n/n LMUNp4XrS+EuHCLambVBKxfF0R8/snUqScgeL5BqWHevvoKF9d69bnJlaYxp/IR0 LALGdIN88LqIlrL3Zu0MJeVf/0d1hU73ZWIDHRluzpntT7zsKa+Hi3Sr5eHlYqn/ i4N72UU+BpkFwKtMm0xdt3Iq3tyII5mDsFCrVSq8jzIc48EXvaY74UEfmbJDs5Wf kpcjvJPY8Yqk2N2BWdIVqp+iCSnavbZkDZOQ3XeEPzQPl4/5lGj7PhZ7fmIZmpbW eHHEzKj8rxxa7qLBHpmpC6eR3QyROHvm1TQLdVloeA3TvWFCTv0CMeYUD0DrpY/8 +tJeGvEKg5ZtCjjFE+fGpL/9ACMh11AGy2RJ7gr+FYWvczSxFnE= =NY/9 -END PGP SIGNATURE- pgplCoIJCjeqv.pgp Description: PGP signature --- End Message ---
Bug#1064243: rust-ahash: Fails to build, requires rustc 1.72
Source: rust-ahash Version: 0.8.8-1 Severity: serious Tags: ftbfs rust-ahash fails to build because it wants rustc >= 1.72 but Debian Unstable only has rustc 1.70. https://buildd.debian.org/status/package.php?p=rust-ahash Thank you, Jeremy Bícha
Processed: tagging 1064139
Processing commands for cont...@bugs.debian.org: > tags 1064139 + experimental Bug #1064139 [src:ogre-1.12] ogre-1.12: FTBFS: error: ‘BuildFontAtlas’ is not a member of ‘ImGuiFreeType’ Added tag(s) experimental. > thanks Stopping processing here. Please contact me if you need assistance. -- 1064139: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064139 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1064234: rust-palette: Fails to build from source
Source: rust-palette Version: 0.7.4.0+dfsg-2 Severity: serious Tags: ftbfs The latest upload of rust-palette fails to build from source due to build test failures. https://buildd.debian.org/status/package.php?p=rust-palette Thank you, Jeremy Bícha
Processed: RM: rust-axum-core -- RoM; superseded by rust-axum
Processing control commands: > affects -1 src:rust-axum-core Bug #1064233 [ftp.debian.org] RM: rust-axum-core -- RoM; superseded by rust-axum Added indication that 1064233 affects src:rust-axum-core > block -1 by 1064232 Bug #1064233 [ftp.debian.org] RM: rust-axum-core -- RoM; superseded by rust-axum 1064233 was not blocked by any bugs. 1064233 was not blocking any bugs. Added blocking bug(s) of 1064233: 1064232 -- 1064233: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064233 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1064232: rust-axum: Failing autopkgtests
Source: rust-axum Version: 0.6.20-16 Severity: serious rust-axum is unable to migrate to Testing because its autopkgtests are failing https://qa.debian.org/excuses.php?package=rust-axum Thank you, Jeremy Bícha
Bug#1064213: incus-agent: Incus Agent never starts due to ConditionPathExists
Control: severity -1 normal Hi Stefano, I suspect you're seeing this on the host system running Incus? If so, that's expected behavior. Incus' default mode of operation when launching a VM is to dynamically inject the `incus-agent` binary into the VM's environment. (`incus-agent` should never actually run on the host itself.) To accomplish this, it must copy the binary from the host system in addition to automatically creating other config and service files for the VM. Debian's packaging breaks out the `incus-agent` binary into its own package that is Recommended, but not required if you're only running containers. This setup covers the vast majority of regular Incus use. But, because there is an incus-agent package we also need to support someone creating a VM image that bakes in that package. Thus, there's a service definition in the incus-agent package. The ConditionPathExists check should ever only be true within a VM running under Incus. I've just verified that both use cases appear to work properly, so I've downgraded the bug's severity to normal. If you know of a better way of making the systemd service not start on the host machine, please let me know. Or if there might be some way to make it more readily apparent that it's expected and normal behavior. Mathias signature.asc Description: This is a digitally signed message part
Processed: Re: incus-agent: Incus Agent never starts due to ConditionPathExists
Processing control commands: > severity -1 normal Bug #1064213 [incus-agent] incus-agent: Incus Agent never starts due to ConditionPathExists Severity set to 'normal' from 'serious' -- 1064213: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064213 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: found 1064055 in 18.19.0+dfsg-6
Processing commands for cont...@bugs.debian.org: > found 1064055 18.19.0+dfsg-6 Bug #1064055 {Done: Jérémy Lal } [src:nodejs] nodejs: CVE-2023-46809 CVE-2024-22019 CVE-2024-21892 Marked as found in versions nodejs/18.19.0+dfsg-6. > thanks Stopping processing here. Please contact me if you need assistance. -- 1064055: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064055 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: fixed 1060777 in 23.5-1
Processing commands for cont...@bugs.debian.org: > fixed 1060777 23.5-1 Bug #1060777 {Done: Jérémy Lal } [src:django-filter] django-filter: build dependency missing in testing: python3-django-crispy-forms Marked as fixed in versions django-filter/23.5-1. > thanks Stopping processing here. Please contact me if you need assistance. -- 1060777: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060777 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1051017: marked as done (cdo: Major data error with ICON files)
Your message dated Sun, 18 Feb 2024 19:17:08 + with message-id and subject line Bug#1051017: fixed in cdo 2.1.1-1+deb12u1 has caused the Debian Bug report #1051017, regarding cdo: Major data error with ICON files to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1051017: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051017 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: cdo Version: 2.2.1 Severity: serious Tags: upstream Justification: 2 X-Debbugs-Cc: Momtchil Momtchev Just a heads up that there is a serious issue with the cdo version in bookworm - it produces broken (flipped on the Y-axis) GRIBs when "remapping" (extracting) data from the ICON output files. The one in bullseye works correctly. As this is probably the number one reason commoners use cdo, it is a major showstopper. Here is the original bug report: https://code.mpimet.mpg.de/boards/1/topics/14808 The issue has been fixed in 2.2.2. -- System Information: Debian Release: 12.1 APT prefers stable-security APT policy: (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-11-amd64 (SMP w/4 CPU threads; PREEMPT) Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_IE.UTF-8), LANGUAGE=en_IE:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages cdo depends on: ii libc6 2.36-9+deb12u1 pn libcdi0 ii libcurl3-gnutls 7.88.1-10+deb12u1 ii libfftw3-double3 3.3.10-1 ii libgcc-s1 12.2.0-14 ii libgomp1 12.2.0-14 pn libhdf5-103-1 pn libmagplus3v5 pn libnetcdf19 pn libproj25 ii libstdc++612.2.0-14 pn libudunits2-0 Versions of packages cdo recommends: pn python3-cdo cdo suggests no packages. --- End Message --- --- Begin Message --- Source: cdo Source-Version: 2.1.1-1+deb12u1 Done: Alastair McKinstry We believe that the bug you reported is fixed in the latest version of cdo, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1051...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Alastair McKinstry (supplier of updated cdo package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 03 Dec 2023 17:50:35 + Source: cdo Architecture: source Version: 2.1.1-1+deb12u1 Distribution: bookworm Urgency: medium Maintainer: Alastair McKinstry Changed-By: Alastair McKinstry Closes: 1051017 Changes: cdo (2.1.1-1+deb12u1) bookworm; urgency=medium . * Remove enable-hirlam-extensions as it causes issues with ICON data files Closes: #1051017 Checksums-Sha1: 706e955946414d365ab69022fe36c79843a2f5d7 2412 cdo_2.1.1-1+deb12u1.dsc 2ef04f6f2d8b0ac2b628237cab0ff28aac35baa2 12716 cdo_2.1.1-1+deb12u1.debian.tar.xz Checksums-Sha256: 935de4f20a54abdb19d641b1bcaf09c5bad1d28d6f273fb6365b8e47bdbec7a5 2412 cdo_2.1.1-1+deb12u1.dsc 305a0f12496350a2b9dc1b1b71dd074cd70a507e208ca4ac82d046637bb29827 12716 cdo_2.1.1-1+deb12u1.debian.tar.xz Files: bcfd183631894b7c934215d9cbe6834b 2412 utils optional cdo_2.1.1-1+deb12u1.dsc 0a2023e01648cf7993003a013f6c2925 12716 utils optional cdo_2.1.1-1+deb12u1.debian.tar.xz -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEgjg86RZbNHx4cIGiy+a7Tl2a06UFAmVsw7cACgkQy+a7Tl2a 06UVsA/9GQ4GT3tXolPjEYxblDDYtNBZD4tXMuFmGyKMC+dQIZvt2rmbZ/tl0aNQ 7kdeEwATeNMZGuz1icXloMV/wPHZpE5PtthgpqESpakg/6tmY+qYAnJpyPq80zd5 Hy9W+DhjnjLRnx5mKhnSwIqi+LuNFvjwACEHS3ZNmF8nDau3pI8/hpyT8ffQF/v1 oyM/nVhfiRgZ60McMdiX132KBMcX7ooFPIJ64QTPfSFlTSmlZTMFJWXtQoHmVwPg SQscKlRA+uuI9ZxKXlh54ZEZSCtaRNiTXJVS2eg52/lUWlTXJqZRv/dkaaA5bBHy RN05vdGQDjmSS0yIXPJlqbSZlqfaU3YSjRfQEU+QCd/oh/fOFnq1cll+torFyqid JSqGrb9oW4YPyFE6f+D9qWhWsMAiWIh2u4cyfJFxnoDAENsyZinLahdj8KTgzYZQ 8CfEONf2JALOy4BXqQPYOiwVvBJDy/SvbOqxeln/xoByiwDOLGSNjIeXxmy5HH+z Q168myfWoJ/voAev7LlfqTihrGE67tosLTwA9ZroMM5D4/plMqXaQtofQPJZ2eNx 3M6qBY7ChoVHX4QD0OfDlwiBl6XCLTUL/o+Wjv758gJedAj20hC6pt8+vYiMZ05Y 8jvaNWZ/McPBFOXPzeBZUkPJ7tUv1FV7nBtsWFRtyeRagI6f9t4= =QqIY -END PGP SIGNATURE- pgpXPdNc81B_2.pgp Description: PGP signature --- End Message ---
Bug#1064224: python-hmmlearn: fails variational gaussian tests with sklearn 1.4
Source: python-hmmlearn Version: 0.3.0-3 Severity: serious Justification: debci python-hmmlearn is failing variational_gaussian tests (test_fit_mcgrory_titterington1d) with sklearn 1.4. This comment upstream is relevant: https://github.com/hmmlearn/hmmlearn/issues/539#issuecomment-1871436258 It's likely fixed in upstream PR#531 https://github.com/hmmlearn/hmmlearn/pull/531 If not, then I'd suggest skipping test_fit_mcgrory_titterington1d until there's a better fix upstream. PR#545 might also be generally helpful.
Bug#1064223: imbalanced-learn: fails tests with sklearn 1.4: needs new versions
Source: imbalanced-learn Version: 0.10.0-2 Severity: serious Justification: debci imbalanced-learn 0.10 fails tests with sklearn 1.4. The problem is fixed upstrema with v0.12.
Bug#1064055: marked as done (nodejs: CVE-2023-46809 CVE-2024-22019 CVE-2024-21892)
Your message dated Sun, 18 Feb 2024 18:07:32 + with message-id and subject line Bug#1064055: fixed in nodejs 18.19.1+dfsg-1 has caused the Debian Bug report #1064055, regarding nodejs: CVE-2023-46809 CVE-2024-22019 CVE-2024-21892 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1064055: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064055 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: nodejs X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerabilities were published for nodejs. CVE-2023-46809[0]: https://nodejs.org/en/blog/vulnerability/february-2024-security-releases/#nodejs-is-vulnerable-to-the-marvin-attack-timing-variant-of-the-bleichenbacher-attack-against-pkcs1-v15-padding-cve-2023-46809---medium CVE-2024-22019[1]: https://nodejs.org/en/blog/vulnerability/february-2024-security-releases/#reading-unprocessed-http-request-with-unbounded-chunk-extension-allows-dos-attacks-cve-2024-22019---high CVE-2024-21892[2]: https://nodejs.org/en/blog/vulnerability/february-2024-security-releases/#code-injection-and-privilege-escalation-through-linux-capabilities-cve-2024-21892---high There are some other issues, but they only affect the version in expeirimental. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-46809 https://www.cve.org/CVERecord?id=CVE-2023-46809 [1] https://security-tracker.debian.org/tracker/CVE-2024-22019 https://www.cve.org/CVERecord?id=CVE-2024-22019 [2] https://security-tracker.debian.org/tracker/CVE-2024-21892 https://www.cve.org/CVERecord?id=CVE-2024-21892 Please adjust the affected versions in the BTS as needed. --- End Message --- --- Begin Message --- Source: nodejs Source-Version: 18.19.1+dfsg-1 Done: Jérémy Lal We believe that the bug you reported is fixed in the latest version of nodejs, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1064...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jérémy Lal (supplier of updated nodejs package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 18 Feb 2024 18:12:23 +0100 Source: nodejs Architecture: source Version: 18.19.1+dfsg-1 Distribution: unstable Urgency: medium Maintainer: Debian Javascript Maintainers Changed-By: Jérémy Lal Closes: 1059168 1064055 Changes: nodejs (18.19.1+dfsg-1) unstable; urgency=medium . * New upstream version 18.19.1. Closes: 1064055. + CVE-2024-21892 (High) Code injection and privilege escalation through Linux capabilities + CVE-2024-22019 (High) Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks + CVE-2023-46809 (Medium) Marvin Attack vulnerability against PKCS#1 v1.5 padding * new architecture: loong64, thanks to Shi Pujin * patch: + let loong64 have some failing tests + more doc for localhost-no-addrconfig + allow test-debugger-heap-profiler to fail. Closes: #1059168 + disable zlib embedding in v8, disable snapshot compression * override lintian source warning for zlib brotli test string * fix boostrapping of nodejs package: + update README.source + nodoc: disable bash completion output + patch: disable shared builtins when flag node-builtin-modules-path is used * include permission headers in libnode-dev * B-D pkg-config becomes pkgconf Checksums-Sha1: 0d0de63a10ea082a473f677af1b9a6be2b066337 4356 nodejs_18.19.1+dfsg-1.dsc 2540b9b84f230689afcbf507a307d46d4ef2a411 269724 nodejs_18.19.1+dfsg.orig-ada.tar.xz 4cad22f4545483163b468271d06f425b15f1dcf0 267236 nodejs_18.19.1+dfsg.orig-types-node.tar.xz c2d954a215b417e858e4750e687ef180333790a9 28802788 nodejs_18.19.1+dfsg.orig.tar.xz 2f4699c23c652a71ae581b2b187756cb5c1fbd8b 163300 nodejs_18.19.1+dfsg-1.debian.tar.xz 3451db4d91e2c65cf28d19c0f87495368ea19621 10959 nodejs_18.19.1+dfsg-1_source.buildinfo Checksums-Sha256:
Bug#1059168: marked as done (flaky autopkgtest)
Your message dated Sun, 18 Feb 2024 18:07:32 + with message-id and subject line Bug#1059168: fixed in nodejs 18.19.1+dfsg-1 has caused the Debian Bug report #1059168, regarding flaky autopkgtest to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1059168: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059168 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: zlib Version: 1:1.2.13.dfsg-3 Severity: serious Control: close -1 1:1.3.dfsg-3 Tags: sid trixie User: release.debian@packages.debian.org Usertags: out-of-sync Control: affects -1 src:burp src:dolfin src:nodejs Control: block -1 by 1057880 Dear maintainer(s), The Release Team considers packages that are out-of-sync between testing and unstable for more than 30 days as having a Release Critical bug in testing [1]. Your package src:zlib has been trying to migrate for 32 days [2]. Hence, I am filing this bug. The version in unstable triggers autopkgtest failures in multiple packages (although I suspect that the current dolfin issues are due to it being flaky). The failure for burp has already a bug report against that package, which leaves nodejs on i386. If a package is out of sync between unstable and testing for a longer period, this usually means that bugs in the package in testing cannot be fixed via unstable. Additionally, blocked packages can have impact on other packages, which makes preparing for the release more difficult. Finally, it often exposes issues with the package and/or its (reverse-)dependencies. We expect maintainers to fix issues that hamper the migration of their package in a timely manner. This bug will trigger auto-removal when appropriate. As with all new bugs, there will be at least 30 days before the package is auto-removed. I have immediately closed this bug with the version in unstable, so if that version or a later version migrates, this bug will no longer affect testing. I have also tagged this bug to only affect sid and trixie, so it doesn't affect (old-)stable. If you believe your package is unable to migrate to testing due to issues beyond your control, don't hesitate to contact the Release Team. Paul [1] https://lists.debian.org/debian-devel-announce/2023/06/msg1.html [2] https://qa.debian.org/excuses.php?package=zlib OpenPGP_signature.asc Description: OpenPGP digital signature --- End Message --- --- Begin Message --- Source: nodejs Source-Version: 18.19.1+dfsg-1 Done: Jérémy Lal We believe that the bug you reported is fixed in the latest version of nodejs, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1059...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jérémy Lal (supplier of updated nodejs package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 18 Feb 2024 18:12:23 +0100 Source: nodejs Architecture: source Version: 18.19.1+dfsg-1 Distribution: unstable Urgency: medium Maintainer: Debian Javascript Maintainers Changed-By: Jérémy Lal Closes: 1059168 1064055 Changes: nodejs (18.19.1+dfsg-1) unstable; urgency=medium . * New upstream version 18.19.1. Closes: 1064055. + CVE-2024-21892 (High) Code injection and privilege escalation through Linux capabilities + CVE-2024-22019 (High) Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks + CVE-2023-46809 (Medium) Marvin Attack vulnerability against PKCS#1 v1.5 padding * new architecture: loong64, thanks to Shi Pujin * patch: + let loong64 have some failing tests + more doc for localhost-no-addrconfig + allow test-debugger-heap-profiler to fail. Closes: #1059168 + disable zlib embedding in v8, disable snapshot compression * override lintian source warning for zlib brotli test string * fix boostrapping of nodejs package: + update README.source + nodoc: disable bash completion output + patch: disable shared builtins when flag node-builtin-modules-path is used * include permission headers in libnode-dev * B-D pkg-config becomes pkgconf Checksums-Sha1:
Bug#1062798: src:mumble: fails to migrate to testing for too long: autopkgtest failure
On Sat, 3 Feb 2024 11:52:03 +0100 Paul Gevers wrote: > Source: mumble > Version: 1.3.4-4 > Severity: serious > Control: close -1 1.5.517-1 > Tags: sid trixie > User: release.debian@packages.debian.org > Usertags: out-of-sync > > Dear maintainer(s), > > The Release Team considers packages that are out-of-sync between testing > and unstable for more than 30 days as having a Release Critical bug in > testing [1]. Your package src:mumble has been trying to migrate for 31 > days [2]. Hence, I am filing this bug. The version in unstable fails its > own autopkgtest (thanks for adding one, it seems to just be missing a > test dependency). Please also annotate the test with the "superficial" > restriction as the name suggest you are not testing the package to great > extend. Please also help poco migrate, the package (build) depends on it. > > [1] https://lists.debian.org/debian-devel-announce/2023/06/msg1.html > [2] https://qa.debian.org/excuses.php?package=mumble In https://bugs.debian.org/1063711 I added a "X-Debbugs-Cc" to this bug, but apparently that doesn't make it turn up in this bug. In bug #1063711 I added some patches which made the autopkgtest succeed on my Salsa CI pipeline, but that's based on an older 'unreleased' version version of 1.5.517. Next to the missing test dependency, I also added a workaround for an upstream bug (https://github.com/mumble-voip/mumble/issues/6193) and a patch which fixed a script error (missing closing ')'). signature.asc Description: This is a digitally signed message part.
Processed: tagging 1064187, tagging 1064193, tagging 1064139, tagging 1064094, found 1064094 in 1.4-1 ...
Processing commands for cont...@bugs.debian.org: > tags 1064187 + sid trixie experimental Bug #1064187 [src:luasocket] lua-socket: identified for time_t transition but no ABI in shlibs Added tag(s) experimental, trixie, and sid. > tags 1064193 + sid trixie experimental Bug #1064193 [src:lua-cqueues] lua-cqueues: identified for time_t transition but no ABI in shlibs Added tag(s) sid, experimental, and trixie. > tags 1064139 + sid trixie Bug #1064139 [src:ogre-1.12] ogre-1.12: FTBFS: error: ‘BuildFontAtlas’ is not a member of ‘ImGuiFreeType’ Added tag(s) sid and trixie. > tags 1064094 + sid trixie Bug #1064094 [src:setuptools-scm-git-archive] setuptools-scm-git-archive shouldn't be in trixie Added tag(s) trixie and sid. > found 1064094 1.4-1 Bug #1064094 [src:setuptools-scm-git-archive] setuptools-scm-git-archive shouldn't be in trixie Marked as found in versions setuptools-scm-git-archive/1.4-1. > tags 1064088 + sid trixie Bug #1064088 [src:gutenprint] gutenprint: FTBFS in unstable Added tag(s) trixie and sid. > tags 1064037 + sid trixie Bug #1064037 {Done: Georges Khaznadar } [src:xhtml2pdf] xhtml2pdf: the new version of python-reportlab breaks xhtml2pdf/context.py Added tag(s) trixie and sid. > tags 1042031 + experimental Bug #1042031 [src:jruby-utils-clojure] jruby-utils-clojure: FTBFS: E: Build killed with signal TERM after 150 minutes of inactivity Added tag(s) experimental. > thanks Stopping processing here. Please contact me if you need assistance. -- 1042031: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1042031 1064037: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064037 1064088: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064088 1064094: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064094 1064139: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064139 1064187: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064187 1064193: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064193 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1063494: marked as done (engrampa: CVE-2023-52138: Path traversal via crafted cpio archives in Engrampa archivers)
Your message dated Sun, 18 Feb 2024 16:47:10 + with message-id and subject line Bug#1063494: fixed in engrampa 1.26.0-1+deb12u2 has caused the Debian Bug report #1063494, regarding engrampa: CVE-2023-52138: Path traversal via crafted cpio archives in Engrampa archivers to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1063494: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063494 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: engrampa Version: 1.26.1-4 Severity: grave Tags: security upstream Justification: user security hole X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for engrampa. CVE-2023-52138[0]: | Engrampa is an archive manager for the MATE environment. Engrampa is | found to be vulnerable to a Path Traversal vulnerability that can be | leveraged to achieve full Remote Command Execution (RCE) on the | target. While handling CPIO archives, the Engrampa Archive manager | follows symlink, cpio by default will follow stored symlinks while | extracting and the Archiver will not check the symlink location, | which leads to arbitrary file writes to unintended locations. When | the victim extracts the archive, the attacker can craft a malicious | cpio or ISO archive to achieve RCE on the target system. This | vulnerability was fixed in commit 63d5dfa. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-52138 https://www.cve.org/CVERecord?id=CVE-2023-52138 [1] https://github.com/mate-desktop/engrampa/commit/63d5dfa9005c6b16d0f0ccd888cc859fca78f970 [2] https://github.com/mate-desktop/engrampa/security/advisories/GHSA-c98h-v39w-3r7v Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: engrampa Source-Version: 1.26.0-1+deb12u2 Done: Mike Gabriel We believe that the bug you reported is fixed in the latest version of engrampa, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1063...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Mike Gabriel (supplier of updated engrampa package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 13 Feb 2024 07:44:28 +0100 Source: engrampa Architecture: source Version: 1.26.0-1+deb12u2 Distribution: bookworm-security Urgency: medium Maintainer: Debian+Ubuntu MATE Packaging Team Changed-By: Mike Gabriel Closes: 1063494 Changes: engrampa (1.26.0-1+deb12u2) bookworm-security; urgency=medium . * debian/patches: + CVE-2023-52138: Add 0006_use-unar-instead-of-cpio-for-CPIO-archives.patch. Use unar instead of cpio for CPIO archives. (Closes: #1063494). Checksums-Sha1: c61dede8047e69b16112cfdfdf1a45f857bdbdbb 2441 engrampa_1.26.0-1+deb12u2.dsc ddc20fe8eb062e1211a682a0006c67aa83f4374e 1161724 engrampa_1.26.0.orig.tar.xz 2288040437dd90a01fc3abcbc4b64386c758ba68 12508 engrampa_1.26.0-1+deb12u2.debian.tar.xz b15ce38aa621a8a248c829060882cfbd9df41ec0 17301 engrampa_1.26.0-1+deb12u2_source.buildinfo Checksums-Sha256: b4921a326fe3eeefc83fab04059682fab726fb544ff7399eb4c8c23435eceb6a 2441 engrampa_1.26.0-1+deb12u2.dsc d376a93a37dfc949c13a426e099b5646b28f1236edff287b3a8e866aaa85a093 1161724 engrampa_1.26.0.orig.tar.xz a1f07f7111df48cc18ebe6357e44565e7ef4ec5f1c91d413009487ef9df0785a 12508 engrampa_1.26.0-1+deb12u2.debian.tar.xz 5c10fe51c1ac9cfce1e435f346132a99574bf688a92ed7aa6166c0d58eaec8c5 17301 engrampa_1.26.0-1+deb12u2_source.buildinfo Files: cf271a2d1d794313df0a5810086389b3 2441 x11 optional engrampa_1.26.0-1+deb12u2.dsc f4718720cd901cf82f2136da6c29a5e2 1161724 x11 optional engrampa_1.26.0.orig.tar.xz 0c165ba2b9fa2c7308cf4b4f9d3b2b07 12508 x11 optional engrampa_1.26.0-1+deb12u2.debian.tar.xz 77eb852c7dd5ca7e9c85bfd7fdc611bd 17301 x11 optional engrampa_1.26.0-1+deb12u2_source.buildinfo -BEGIN PGP SIGNATURE- iQJVBAEBCAA/FiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAmXLjBghHG1pa2UuZ2Fi
Bug#1044067: marked as done (sklearn-pandas: FTBFS with pandas 2.0)
Your message dated Sun, 18 Feb 2024 16:25:33 + with message-id and subject line Bug#1044067: fixed in sklearn-pandas 2.2.0-2 has caused the Debian Bug report #1044067, regarding sklearn-pandas: FTBFS with pandas 2.0 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1044067: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1044067 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:sklearn-pandas Version: 2.2.0-1.1 Control: block 1043240 by -1 sklearn-pandas fails to build with pandas 2.0, currently in experimental. Build log: https://launchpadlibrarian.net/680702008/buildlog_ubuntu-mantic-amd64.sklearn-pandas_2.2.0-1.1_BUILDING.txt.gz A common source of failures is that pandas.util.testing has been renamed to pandas.testing. Both names were available in all 1.x versions (and hence in Debian stable and oldstable), so Debian packages that were using this can immediately switch unconditionally. --- End Message --- --- Begin Message --- Source: sklearn-pandas Source-Version: 2.2.0-2 Done: Federico Ceratto We believe that the bug you reported is fixed in the latest version of sklearn-pandas, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1044...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Federico Ceratto (supplier of updated sklearn-pandas package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 18 Feb 2024 16:51:22 +0100 Source: sklearn-pandas Architecture: source Version: 2.2.0-2 Distribution: unstable Urgency: medium Maintainer: Federico Ceratto Changed-By: Federico Ceratto Closes: 1044067 Changes: sklearn-pandas (2.2.0-2) unstable; urgency=medium . * Fix tests with Pandas >= 2.0.0 (Closes: #1044067) Checksums-Sha1: fe3c72ff1ca9b946abb06fdb86c9ff8ade47ce97 2148 sklearn-pandas_2.2.0-2.dsc c65127c857dbcae01a08b15e124f645655027bfc 4172 sklearn-pandas_2.2.0-2.debian.tar.xz 0ab7708ca6f19a6ac6f862dd17e427f3ffb87b59 7914 sklearn-pandas_2.2.0-2_amd64.buildinfo Checksums-Sha256: 34c2b0058bb804dd86ec43a454d2e0e714e77c53aca1bc609093d48a87f36c06 2148 sklearn-pandas_2.2.0-2.dsc bf8df7cdd699e94abeb61443ac70cf9c60e324950d39f0870b475e6fe59fde99 4172 sklearn-pandas_2.2.0-2.debian.tar.xz 86f1a68c6b8472b72493f02c1934d1036ba5ba59458bd212ca20b205a8028885 7914 sklearn-pandas_2.2.0-2_amd64.buildinfo Files: c2fb08999a148b35b82639b756a9fdf7 2148 python optional sklearn-pandas_2.2.0-2.dsc a72e1e662034f98abcbe58b71735b6ca 4172 python optional sklearn-pandas_2.2.0-2.debian.tar.xz 586577053067e7933e2384746f5d8419 7914 python optional sklearn-pandas_2.2.0-2_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEfKfd+zM5IUCMbyuWbzG8RPUXfaoFAmXSKKEACgkQbzG8RPUX farOAQ//YX90t8+1t3BURLR2FIjTS2AEH32FvyXsGLJUFLa1YKfu6CnZ6vdE1XJS L/qOyXstm95yn8FV+Pjhd4E0tvXBHvo8wRy+TURb56O+RqaiJRarvcNS/pBzBbei sTfbxJw8G6rwGgK0a5AvKEullmYFn8W9IoFVbfyrzjL7pfgikG1jgFzIrTFle9kb 2mcazMdzkL2TdBywnOmi36xvFrDfrOJUjDQBfPlUXo16Nrva6g1U6FZex7ev2RuQ 8jX3v746Ndq5uIa2I6kMUq6LlhX8jaaZAI/r7rdvZ59EjdzWJf3VLwW9KMxorzW6 e6Gcjbxtls1A2a3nsBXxU/aItYvyO2NLt+cVPvq4IYweeWxONUTBiXFSVzSC4aYw 8pK9utBilG5xt5S9+QqIwWUMaxdR7Htip2/Plwmae9I05zZblhRUfLDo427GjBm+ lHRCMBA4c4i5wTS6doFe3t7YBxruNWzucmEilGWZyheC9HcVgyYf/R9F96pjA89d jIpdojF3tVfK83kc0jADg3gJw75bJbHpgvHlfdo3NjleSr2I3RbhUhY1t+Pdmhvi 4gIOHEUnv/gVDQYOkxWS6AJNQpX4JfUaBIaMTISivKRvefuVUuBXszYekvKi5i8z PMlflG2mZF5S/DsQLXeiQfNi4OMSHtpRLEys8FVp6U+ALObxSQ8= =bBIs -END PGP SIGNATURE- pgpi00Pig4hJL.pgp Description: PGP signature --- End Message ---
Processed: Bug#1063393 marked as pending in systemd
Processing control commands: > tag -1 pending Bug #1063393 [src:systemd] systemd FTBFS with nocheck build profile: ../meson.build:1810:33: ERROR: Feature ukify cannot be enabled: Python >= 3.9 and pefile required Added tag(s) pending. -- 1063393: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063393 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1063393: marked as pending in systemd
Control: tag -1 pending Hello, Bug #1063393 in systemd reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/systemd-team/systemd/-/commit/c3c302d3ac90d37ef6be01939bb2ddb5038674b6 Skip python3-pefile build dependency only if both nocheck and noinsttests are set Closes: #1063393 (this message was generated automatically) -- Greetings https://bugs.debian.org/1063393
Bug#1044057: python-ulmo and pandas 2
Control: tags -1 patch This should fix this (and as the filename suggests, also re-adds spme older fixes that seem to have been dropped by mistake between -1.1 and -2), but has not been tested: the relevant tests aren't run by default and there vaguely might be legal issues around ulmo's tests.Description: Don't fail on malformed or changed test data CDEC has malformed lines that pandas 1.4+ errors out on (I'm not sure why earlier pandas didn't do the same); GHCN has simply changed at the source. Author: Rebecca N. Palmer (but upstream independently came up with the on_bad_lines part) Bug-Debian: https://bugs.debian.org/1017573 https://bugs.debian.org/1044057 Forwarded: partly no, partly not-needed, partly https://github.com/ulmo-dev/ulmo/pull/214 --- a/test/cdec_historical_test.py +++ b/test/cdec_historical_test.py @@ -9,7 +9,7 @@ def test_get_stations(): stations_file = 'cdec/historical/all_stations.csv' with test_util.mocked_urls(stations_file): stations = ulmo.cdec.historical.get_stations() -assert 2000 < len(stations) +assert 1900 < len(stations) assert u'PRA' in stations.index --- a/test/ghcn_daily_test.py +++ b/test/ghcn_daily_test.py @@ -10,12 +10,12 @@ import test_util test_stations = [ { 'country': 'US', -'elevation': 286.5, +'elevation': 325.8, 'gsn_flag': 'GSN', 'hcn_flag': 'HCN', 'id': 'USW3870', -'latitude': 34.8831, -'longitude': -82.2203, +'latitude': 34.8833, +'longitude': -82.2197, 'name': 'GREER', 'network': 'W', 'network_id': '3870', --- a/ulmo/cdec/historical/core.py +++ b/ulmo/cdec/historical/core.py @@ -74,9 +74,9 @@ def get_stations(): # I haven't found a better list of stations, seems pretty janky # to just have them in a file, and not sure if/when it is updated. url = 'http://cdec.water.ca.gov/misc/all_stations.csv' -# the csv is malformed, so some rows think there are 7 fields -col_names = ['id','meta_url','name','num','lat','lon','junk'] -df = pd.read_csv(url, names=col_names, header=None, quotechar="'",index_col=0) +# the csv is malformed, so some rows think there are 7-8 fields +col_names = ['id','meta_url','name','num','lat','lon'] +df = pd.read_csv(url, names=col_names, header=None, quotechar="'",index_col=0,on_bad_lines='skip') return df @@ -170,7 +170,7 @@ def get_station_sensors(station_ids=None, sensor_ids=None, resolutions=None): sensor_list.columns = ['sensor_id', 'variable', 'resolution','timerange'] except: sensor_list.columns = ['variable', 'sensor_id', 'resolution', 'varcode', 'method', 'timerange'] -sensor_list[['variable', 'units']] = sensor_list.variable.str.split(',', 1, expand=True) +sensor_list[['variable', 'units']] = sensor_list.variable.str.split(',', n=1, expand=True) sensor_list.resolution = sensor_list.resolution.str.strip('()') station_sensors[station_id] = _limit_sensor_list(sensor_list, sensor_ids, resolutions)
Processed: Re: python-ulmo and pandas 2
Processing control commands: > tags -1 patch Bug #1044057 [src:python-ulmo] python-ulmo: test failure with pandas 2.0 Added tag(s) patch. -- 1044057: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1044057 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1063717: NVIDIA packages in stable-updates fix module compilation for linux 6.1.76-1
On Sun, 18 Feb 2024 01:24:02 +0100 Andreas Beckmann wrote: > Hi, > > NVIDIA driver packages that fix module compilation for linux 6.1.76-1 > (aka linux-image-6.1.0-18-*) are now available in stable-updates: > > https://lists.debian.org/debian-stable-announce/2024/02/msg2.html > > > Andreas > > The update is not yet available on my PC. I live in Italy.
Bug#1063142: marked as done (tiny-initramfs: Fails to boot with compressed modules)
Your message dated Sun, 18 Feb 2024 15:54:59 + with message-id and subject line Bug#1063142: fixed in tiny-initramfs 0.1-5.1 has caused the Debian Bug report #1063142, regarding tiny-initramfs: Fails to boot with compressed modules to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1063142: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063142 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: tiny-initramfs Severity: grave Justification: renders package unusable X-Debbugs-Cc: li...@packages.debian.org -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Since kernel version 6.6.3-1~exp1 modules are compressed with xz. Tiny-initramfs does not decompress modules before loading them, rendering systems that need modules to boot unbootable. Because the initramfs is compressed anyway, I think the easiest fix would be for mktirfs to decompress the kernel modules when copying them. - -- Vriendelijke groet, Kind regards, Victor Westerhuis - -- System Information: Debian Release: trixie/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (100, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 6.6.13-amd64 (SMP w/4 CPU threads; PREEMPT) Locale: LANG=en_NL.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en_US:en:nl_NL:nl Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) - -- no debconf information -BEGIN PGP SIGNATURE- iQJHBAEBCAAxFiEE6OxII3T+o0Ujs6ECQz2Rq5dHQPsFAmXAqigTHHZpY3RvckB3 ZXN0ZXJodS5pcwAKCRBDPZGrl0dA+3PDD/wOD4s89qm3SkLNi2BXPpgxoIikndDn ZKtE3EGUjyi7VCGG7E+yH6Mgxu4/y5W8Z9T8u8Jl96Vo0vKOlUFgLfkAChHpQRQu 52kFjw5zylF6FLe1nA6hmgvjs1YGCMEGjEp10gsEkVKecMMNJy2hdiY1rT3c6zBw vAllb2gBkd4Ln4Cz52cUFbPyXmZo7CVu3ImyIX45mQnWVTWcLqrr+L3o9+NgxCwT MSiYeMv5hecwUXZkCus+87dHV7noCWECrwDhMhjMh9PA+LI9oJMDcC4KLjliBxKM ZkDvvFZ9+vZsO0jG4H6YMdh3zb1uBloIvzlcUTAiHN76DfpPBhh3hJhGemPVZvPQ LWA3coi6wtLOAJ5yoOc82558tgg7QehcqbxQuhZxXN4S3oLj4vo4h3egwmAzHokz UXryrJbCfKcmjvlaApSRKhASmN+MyAJAybaqgOcBIig+MHEVA+Bg8mtKnmWrk2f5 NuNgNZlcH8zV1t7VQrv/jlvnMH0yavMJZzwKLaj2tJvOfjaYp0DFQLseXTYr6ZkU 7nRIcq6wJUmOm1pXxLqT7KVx1Cy0CfP6cM7ZcBiQLdJ3EdLYVTIE24gEHE6ReX83 OdegsE4iRATpKfSIC383hg7ppOjKIiNEDi5ibt1ObhG4RoBfxtQzEH2k+GTXUEte GomdwPAbyRu/MQ== =ijNW -END PGP SIGNATURE- --- End Message --- --- Begin Message --- Source: tiny-initramfs Source-Version: 0.1-5.1 Done: Victor Westerhuis We believe that the bug you reported is fixed in the latest version of tiny-initramfs, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1063...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Victor Westerhuis (supplier of updated tiny-initramfs package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 11 Feb 2024 11:48:39 +0100 Source: tiny-initramfs Architecture: source Version: 0.1-5.1 Distribution: unstable Urgency: high Maintainer: Christian Seiler Changed-By: Victor Westerhuis Closes: 1063142 Changes: tiny-initramfs (0.1-5.1) unstable; urgency=high . * Non-maintainer upload. * Decompress kernel modules included in initramfs. (Closes: #1063142) Checksums-Sha1: 067ec0b7c93a285c711b8c761ece476ebd5b552d 2043 tiny-initramfs_0.1-5.1.dsc c9d8db49a1dba8b1896d14c501aa3cbe79f5d21d 16680 tiny-initramfs_0.1-5.1.debian.tar.xz 619372f0bf552b5e7bc71491754f311e07b0002c 6823 tiny-initramfs_0.1-5.1_amd64.buildinfo Checksums-Sha256: b42178e02ed4bb3dfa7e8fea897fc32531c6c20e7339a9144f1cabb2b71b70b6 2043 tiny-initramfs_0.1-5.1.dsc 27b59c6a30fd032d8114fe1f7005448bdbd3277707c35bf287e47337eac63b8f 16680 tiny-initramfs_0.1-5.1.debian.tar.xz d2fc673e56d08a614fe418c720330e6875952682685efb0ed40e7c4bb01e77f4 6823 tiny-initramfs_0.1-5.1_amd64.buildinfo Files: c4a01373533c47503fcdececc80ca782 2043 utils optional tiny-initramfs_0.1-5.1.dsc 2d02d45bc80a4ffb4f72bb8fbf2d0230 16680 utils optional tiny-initramfs_0.1-5.1.debian.tar.xz 5ef3752e227cf50b3687cbfe07c5afee 6823 utils optional tiny-initramfs_0.1-5.1_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEE/d0M/zhkJ3YwohhskWT6HRe9XTYFAmXLhDMACgkQkWT6HRe9
Bug#1061760: marked as done (sasview ftbfs with Python 3.12 as default)
Your message dated Sun, 18 Feb 2024 15:22:40 + with message-id and subject line Bug#1061760: fixed in sasview 5.0.6-2 has caused the Debian Bug report #1061760, regarding sasview ftbfs with Python 3.12 as default to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1061760: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061760 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:sasview Version: 5.0.6-1 Severity: serious Tags: sid trixie ftbfs User: debian-pyt...@lists.debian.org Usertags: python3.12 With python3-defaults from experimental, the package fails to build: [...] python3 setup.py docs update running docs = check for sasmodels at /<>/sasmodels/doc == !!WARNING!! sasmodels directory not found. Cannot build model docs. == Traceback (most recent call last): File "/<>/setup.py", line 292, in setup( File "/usr/lib/python3/dist-packages/setuptools/__init__.py", line 107, in setup return distutils.core.setup(**attrs) ^ File "/usr/lib/python3/dist-packages/setuptools/_distutils/core.py", line 185, in setup return run_commands(dist) ^^ File "/usr/lib/python3/dist-packages/setuptools/_distutils/core.py", line 201, in run_commands dist.run_commands() File "/usr/lib/python3/dist-packages/setuptools/_distutils/dist.py", line 969, in run_commands self.run_command(cmd) File "/usr/lib/python3/dist-packages/setuptools/dist.py", line 1233, in run_command super().run_command(command) File "/usr/lib/python3/dist-packages/setuptools/_distutils/dist.py", line 988, in run_command cmd_obj.run() File "/<>/setup.py", line 106, in run import build_sphinx File "/<>/docs/sphinx-docs/build_sphinx.py", line 16, in import imp ModuleNotFoundError: No module named 'imp' make[1]: *** [debian/rules:30: execute_after_dh_auto_build] Error 1 make[1]: Leaving directory '/<>' make: *** [debian/rules:20: binary] Error 2 --- End Message --- --- Begin Message --- Source: sasview Source-Version: 5.0.6-2 Done: Stuart Prescott We believe that the bug you reported is fixed in the latest version of sasview, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1061...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Stuart Prescott (supplier of updated sasview package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Mon, 19 Feb 2024 00:09:40 +1100 Source: sasview Architecture: source Version: 5.0.6-2 Distribution: unstable Urgency: medium Maintainer: Debian Science Maintainers Changed-By: Stuart Prescott Closes: 1047258 1049810 1061760 Changes: sasview (5.0.6-2) unstable; urgency=medium . * Fix typo in debian/clean to make clean target work (Closes: #1047258, #1049810). * Cherry-pick upstream patch for Python 3.12 compatibility (Closes: #1061760). Checksums-Sha1: e99cda64eb6819751db9179c467e8d800569cbfe 2921 sasview_5.0.6-2.dsc cad1e9341ebf52defcb849e7b78cd0cc04da5251 53032 sasview_5.0.6-2.debian.tar.xz 301e4677b4e3c94da14edccb850b1375b838d8e3 20196 sasview_5.0.6-2_amd64.buildinfo Checksums-Sha256: cc0f4bcc458eadec1ba2cb73cd09f1c12e63297908df978c4854ef77ea06c287 2921 sasview_5.0.6-2.dsc 15d44ebf23ec9d9738dfba6e29dea3c1bd0b8ec07eb5ba5b284d72b5f931871a 53032 sasview_5.0.6-2.debian.tar.xz ad0f0b26db06fde0a6f89059f36615d23e8098a2f8780e3baa537b2f66bd2117 20196 sasview_5.0.6-2_amd64.buildinfo Files: 1ab610d7d1c7034f3f3a72662c667f8a 2921 science optional sasview_5.0.6-2.dsc 187345e4ebc38042fc9659032820e321 53032 science optional sasview_5.0.6-2.debian.tar.xz 513f34c134c598dbecf47da36a451e50 20196 science optional sasview_5.0.6-2_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEkOLSwa0Uaht+u4kdu8F+uxOW8vcFAmXSCsoACgkQu8F+uxOW 8veBDQ/+K4LogFaISsRiBUAEsjSDGNxx2+IweYZCzu8ZNx4T++EKdqviNnzbPnGB tVJVrJzmLG75+MRuM7BJpZ2AY9ghzXT/6jmi7KtREf/Ir85gHuZ/Zry7Tls8E+1d Rcgu1dqQFteSymFb6US2CtnqF62dnB3xKou9tn97lo2Hs10RQMxN48KJ1G7nrD6e V66cnTTjEpXU3pj2FPJK8H1DqvxoiROnYI1mtabGdUAWcDT22ZKPRFAkM7Sw4p8X
Processed: Re:dyda: test failure with pandas 2.0
Processing control commands: > tags -1 help Bug #1044054 [src:dyda] dyda: test failure with pandas 2.0 Added tag(s) help. -- 1044054: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1044054 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1044054: dyda: test failure with pandas 2.0
Control: tags -1 help Hi, I've pushed the packaging to Debian Science team on Salsa which created a persistent autopkgtest log in Salsa CI[1] where the said bug can be reproduced. Any help to fix TypeError: Could not convert string 'classification' to numeric The above exception was the direct cause of the following exception: Traceback (most recent call last): File "/tmp/autopkgtest-lxc.zjkxt8yu/downtmp/build.5t5/src/tests/test_DeterminatorByAggregatedDataSingle.py", line 24, in test_main_process d.run() File "/usr/lib/python3/dist-packages/dyda/core/dyda_base.py", line 674, in run self.main_process() would be welcome. Kind regards Andreas. [1] https://salsa.debian.org/science-team/dyda/-/jobs/5321620 -- http://fam-tille.de
Bug#1064213: incus-agent: Incus Agent never starts due to ConditionPathExists
Package: incus-agent Version: 0.5.1-3 Severity: serious ... Feb 18 14:31:55 debian systemd[1]: incus-agent.service - Incus - agent was skipped because of an unmet condition check (ConditionPathExists=/dev/virtio-ports/org.linuxcontainers.incus). ... Feb 18 14:31:55 debian systemd[1]: Starting systemd-udevd.service - Rule-based Manager for Device Events and Files... Feb 18 14:31:55 debian systemd[1]: Started systemd-udevd.service - Rule-based Manager for Device Events and Files. ... Because the systemd unit declares DefaultDependencies=no, it attempts to start incus-agent before systemd-udevd has started, and so the path doesn't exist yet. I can't see any obvious way to delay the condition check, I think it's best to just remove it, and allow the unit to quietly fail. Stefano
Processed: src:expeyes: fails to migrate to testing for too long: arch:all FTBFS
Processing control commands: > close -1 5.3.1+repack-4 Bug #1064212 [src:expeyes] src:expeyes: fails to migrate to testing for too long: arch:all FTBFS Marked as fixed in versions expeyes/5.3.1+repack-4. Bug #1064212 [src:expeyes] src:expeyes: fails to migrate to testing for too long: arch:all FTBFS Marked Bug as done -- 1064212: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064212 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1064212: src:expeyes: fails to migrate to testing for too long: arch:all FTBFS
Source: expeyes Version: 5.3.1+repack-1 Severity: serious Control: close -1 5.3.1+repack-4 Tags: sid trixie User: release.debian@packages.debian.org Usertags: out-of-sync Dear maintainer(s), The Release Team considers packages that are out-of-sync between testing and unstable for more than 30 days as having a Release Critical bug in testing [1]. Your package src:expeyes has been trying to migrate for 31 days [2]. Hence, I am filing this bug. The version in unstable failed to build on arch:all because: """ dpkg-gencontrol: error: the Depends field contains an arch-specific dependency but the package 'eyes17' is architecture all dh_gencontrol: error: dpkg-gencontrol -peyes17 -ldebian/changelog -Tdebian/eyes17.substvars -Pdebian/eyes17 returned exit code 25 """ I recognize the solution from our discussion on mediawiki2latex, but it only works for arch:${not-all} binaries, as the architecture qualifiers are resolved at build time, not at install time. If these dependencies aren't absolutely needed, I suggest to add them to Recommends (as those are installed by default, while still supporting armel, ppc64el and s390x). If they are near "absolutely needed", then just have eyes17 not-installable on these architectures (which needs a hint from the Release Team to migrate to testing). If a package is out of sync between unstable and testing for a longer period, this usually means that bugs in the package in testing cannot be fixed via unstable. Additionally, blocked packages can have impact on other packages, which makes preparing for the release more difficult. Finally, it often exposes issues with the package and/or its (reverse-)dependencies. We expect maintainers to fix issues that hamper the migration of their package in a timely manner. This bug will trigger auto-removal when appropriate. As with all new bugs, there will be at least 30 days before the package is auto-removed. I have immediately closed this bug with the version in unstable, so if that version or a later version migrates, this bug will no longer affect testing. I have also tagged this bug to only affect sid and trixie, so it doesn't affect (old-)stable. If you believe your package is unable to migrate to testing due to issues beyond your control, don't hesitate to contact the Release Team. Paul [1] https://lists.debian.org/debian-devel-announce/2023/06/msg1.html [2] https://qa.debian.org/excuses.php?package=expeyes OpenPGP_signature.asc Description: OpenPGP digital signature
Processed: src:rust-async-task: fails to migrate to testing for too long: autopkgtest failure
Processing control commands: > close -1 4.7.0-1 Bug #1064210 [src:rust-async-task] src:rust-async-task: fails to migrate to testing for too long: autopkgtest failure Marked as fixed in versions rust-async-task/4.7.0-1. Bug #1064210 [src:rust-async-task] src:rust-async-task: fails to migrate to testing for too long: autopkgtest failure Marked Bug as done -- 1064210: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064210 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1064210: src:rust-async-task: fails to migrate to testing for too long: autopkgtest failure
Source: rust-async-task Version: 4.5.0-1.1 Severity: serious Control: close -1 4.7.0-1 Tags: sid trixie User: release.debian@packages.debian.org Usertags: out-of-sync Dear maintainer(s), The Release Team considers packages that are out-of-sync between testing and unstable for more than 30 days as having a Release Critical bug in testing [1]. Your package src:rust-async-task has been trying to migrate for 31 days [2]. Hence, I am filing this bug. The version in unstable fails its own autopkgtest. If a package is out of sync between unstable and testing for a longer period, this usually means that bugs in the package in testing cannot be fixed via unstable. Additionally, blocked packages can have impact on other packages, which makes preparing for the release more difficult. Finally, it often exposes issues with the package and/or its (reverse-)dependencies. We expect maintainers to fix issues that hamper the migration of their package in a timely manner. This bug will trigger auto-removal when appropriate. As with all new bugs, there will be at least 30 days before the package is auto-removed. I have immediately closed this bug with the version in unstable, so if that version or a later version migrates, this bug will no longer affect testing. I have also tagged this bug to only affect sid and trixie, so it doesn't affect (old-)stable. If you believe your package is unable to migrate to testing due to issues beyond your control, don't hesitate to contact the Release Team. Paul [1] https://lists.debian.org/debian-devel-announce/2023/06/msg1.html [2] https://qa.debian.org/excuses.php?package=rust-async-task OpenPGP_signature.asc Description: OpenPGP digital signature
Bug#1064208: gvfs: wsdd dependency is not working as expected
Source: gvfs Version: 1.53.90-1 Severity: serious I should have tested the wsdd feature before adding Recommends: wsdd to gvfs-daemon. The Debian wsdd package needs some changes to be usable in this configuration. I think it might be best to demote wsdd to Suggests for now so that we can easily test the feature with some minimal log spew to journalctl about wsdd not working. Thank you, Jeremy Bícha
Bug#1044060: More qiime related issues affecting q2-quality-control (Was: Help needed to port qiime to Python3.12)
Hi again, Am Sun, Feb 18, 2024 at 12:25:49PM +0100 schrieb Andreas Tille: > I just realised that a new qiime version is out. I will upgrade > to latest upstream and see how this might affect this issue The new qiime upstream version does not change anything. After I switched q2-* packages to run autopkgtest for `py3versions -s` I realised the problem below exist in several of the q2-* packages so its rather no Pandas issue but a Python3.12 problem which in parallel to the Pandas migration showed up. If you might have any hint how to deal with these (no matter for the old or the new qiime package since I assume the patch will apply to both, it would be really appreciated. Kind regards Andreas. > Am Sun, Feb 18, 2024 at 12:11:04PM +0100 schrieb Andreas Tille: > > Control: tags -1 help > > > > Hi again, > > > > I hope to approach the last remaining Pandas issue for the qiime > > ecosystem. As it has become obvious in the q2-types package I'm now > > facing pretty similar errors when running the q2-quality-control > > package which can be seen in full length in Salsa-CI[3] and contains > > errors like: > > > > E AttributeError: 'ProvenancePath' object has no attribute '_drv' > > E AttributeError: 'ProvenancePath' object has no attribute > > '_raw_paths' > > E AttributeError: 'ProvenancePath' object has no attribute '_str' > > E AttributeError: 'OutPath' object has no attribute '_str' > > > > This all goes back to the qiime package but I admit I have no idea > > how to fix this. > > > > Kind regards > > Andreas. > > > > > > [3] https://salsa.debian.org/med-team/q2-quality-control/-/jobs/5320775#L700 > > > > Am Sat, Feb 17, 2024 at 11:36:41AM +0100 schrieb Andreas Tille: > > > Hi, > > > > > > as reported in a qiime2 issue[1] there is some problem with Python3.12 > > > in the tests of the q2-* packages which are all using the qiime package. > > > This problem is currently hidden from the tests made by Python3.12 > > > porters but it became obvious now on Salsa CI[2]. I tried to fiddle > > > around a bit with the qiime code but with no success at all. Any help > > > would be welcome. > > > > > > Kind regards > > > Andreas. > > > > > > [1] https://github.com/qiime2/qiime2/issues/751 > > > [2] https://salsa.debian.org/med-team/q2-types/-/jobs/5313640#L900 > > > > > > -- > > > http://fam-tille.de > > > > -- > > http://fam-tille.de > > -- > http://fam-tille.de -- http://fam-tille.de
Bug#1063602: marked as done (seqan-needle: FTBFS on amd64: test/api/insert_delete_test (Failed))
Your message dated Sun, 18 Feb 2024 14:33:50 +0100 with message-id <96a75c18-aec3-4a0a-8fed-77e61190d...@debian.org> and subject line Re: seqan-needle: FTBFS on amd64: test/api/insert_delete_test (Failed) has caused the Debian Bug report #1063602, regarding seqan-needle: FTBFS on amd64: test/api/insert_delete_test (Failed) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1063602: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063602 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: seqan-needle Version: 1.0.2+ds-2 Severity: serious Tags: ftbfs Justification: fails to build from source (but built successfully in the past) X-Debbugs-Cc: sramac...@debian.org https://buildd.debian.org/status/fetch.php?pkg=seqan-needle=amd64=1.0.2%2Bds-2=1707394988=0 2: [ RUN ] insert.ibfmin 2: unknown file: Failure 2: C++ exception with description "std::bad_alloc" thrown in the test body. 2: 2: [ FAILED ] insert.ibfmin (0 ms) [...] 2: [ FAILED ] 1 test, listed below: 2: [ FAILED ] insert.ibfmin 2: 2: 1 FAILED TEST 2/13 Test #2: test/api/insert_delete_test ...***Failed0.03 sec Cheers -- Sebastian Ramacher --- End Message --- --- Begin Message --- The package just built on an amd64 buildd https://buildd.debian.org/status/logs.php?suite=sid=amd64=seqan-needle=1.0.2%2Bds-2 On Sun, 18 Feb 2024 13:14:56 +0100 Sascha Steinbiss wrote: > Hi, > > > https://buildd.debian.org/status/fetch.php?pkg=seqan-needle=amd64=1.0.2%2Bds-2=1707394988=0 > > > > 2: [ RUN ] insert.ibfmin > > 2: unknown file: Failure > > 2: C++ exception with description "std::bad_alloc" thrown in the test body. > > 2: > > 2: [ FAILED ] insert.ibfmin (0 ms) > > [...] > > 2: [ FAILED ] 1 test, listed below: > > 2: [ FAILED ] insert.ibfmin > > 2: > > 2: 1 FAILED TEST > > 2/13 Test #2: test/api/insert_delete_test ...***Failed 0.03 sec > > Unfortunately, I cannot reproduce this on my amd64 machine in a current > sid chroot. Maybe the test tried to allocate more memory than > temporarily available on the buildd? I'll take another look. > > Cheers > S > -- Michael R. Crusoe OpenPGP_signature.asc Description: OpenPGP digital signature --- End Message ---
Bug#1064161: marked as done (libshumate-dev: Missing dependencies on libjson-glib-dev, libprotobuf-c-dev)
Your message dated Sun, 18 Feb 2024 13:24:22 + with message-id and subject line Bug#1064161: fixed in libshumate 1.2~beta-2 has caused the Debian Bug report #1064161, regarding libshumate-dev: Missing dependencies on libjson-glib-dev, libprotobuf-c-dev to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1064161: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064161 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libshumate-dev Version: 1.2~beta-1 Severity: serious Tags: ftbfs Control: affects -1 src:picplanner https://buildd.debian.org/status/fetch.php?pkg=picplanner=riscv64=0.4.0-1%2Bb1=1708193779=0 ... Run-time dependency shumate-1.0 found: NO ../src/meson.build:24:2: ERROR: Dependency lookup for shumate-1.0 with method 'pkgconfig' failed: Could not generate cflags for shumate-1.0: Package libprotobuf-c was not found in the pkg-config search path. Perhaps you should add the directory containing `libprotobuf-c.pc' to the PKG_CONFIG_PATH environment variable Package 'libprotobuf-c', required by 'shumate-1.0', not found ... This is due to: $ pkg-config --cflags shumate-1.0 Package json-glib-1.0 was not found in the pkg-config search path. Perhaps you should add the directory containing `json-glib-1.0.pc' to the PKG_CONFIG_PATH environment variable Package 'json-glib-1.0', required by 'shumate-1.0', not found Package 'libprotobuf-c', required by 'shumate-1.0', not found $ cat /usr/lib/x86_64-linux-gnu/pkgconfig/shumate-1.0.pc ... Requires.private: gio-2.0 >= 2.74.0, cairo >= 1.4, sqlite3 >= 1.12.0, libsoup-3.0 >= 3.0, sysprof-capture-4, json-glib-1.0 >= 1.6, libprotobuf-c ... $ --- End Message --- --- Begin Message --- Source: libshumate Source-Version: 1.2~beta-2 Done: Matthias Geiger We believe that the bug you reported is fixed in the latest version of libshumate, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1064...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Matthias Geiger (supplier of updated libshumate package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 18 Feb 2024 13:59:29 +0100 Source: libshumate Architecture: source Version: 1.2~beta-2 Distribution: unstable Urgency: medium Maintainer: Debian GNOME Maintainers Changed-By: Matthias Geiger Closes: 1064161 Changes: libshumate (1.2~beta-2) unstable; urgency=medium . * Build-depend on json-glib and protobuf for the -dev package too (Closes: #1064161) Checksums-Sha1: fa512f0a5871d5bb59e724af611bd6dea65d51c4 2755 libshumate_1.2~beta-2.dsc 25eb2bebcddefce8cbabe3c47e1a6c4a3c40051a 8160 libshumate_1.2~beta-2.debian.tar.xz 60877deaa5913afc36fdd3936fc6daaaf77e2317 17532 libshumate_1.2~beta-2_amd64.buildinfo Checksums-Sha256: 99e5e379af4230078087c13ec7be226d30c8eef1176e62446ef48014aa2a9660 2755 libshumate_1.2~beta-2.dsc f9097cd3ee9fbe55d26390817db1cceb56ba4fc8d913266b995fbacc8068484b 8160 libshumate_1.2~beta-2.debian.tar.xz f169025ca9d63f610bedb4849f7ecf4f3774647f6a9f4c96d4734e8a0c0abf7a 17532 libshumate_1.2~beta-2_amd64.buildinfo Files: 73f4f732af6607680393e8e8bbad132e 2755 libs optional libshumate_1.2~beta-2.dsc 7d0b5c3bd7680ce6aae1c10ba01737b6 8160 libs optional libshumate_1.2~beta-2.debian.tar.xz ebc969beae815b223f5a4d74c2624e42 17532 libs optional libshumate_1.2~beta-2_amd64.buildinfo -BEGIN PGP SIGNATURE- iQJJBAEBCgAzFiEEwuGmy/3s5RGopBdtGL0QaztsVHUFAmXSAJUVHHdlcmRhaGlh c0ByaXNldXAubmV0AAoJEBi9EGs7bFR1xC8QAIRlU4uFNeUiOQhaynsst8JP9Xr5 9HCJnnEiNb+UEAQPiTkYUqLuTqqfML0DmugFGbBGVoqEeX2jtc0G1AkV7PDVCzYu 9iAUz2o8g7iVoKNQhQvsLWq7q55LI7KfT/xf6mcH3gJGPKGjxQX2u5woTisr8j1T w0/Ec/5hOweuYQDKt8GmvvkTb5z+ZdQ46fElH03Kq3gJZTSEf0R9e5U+BY/pv11h 21q6OT/4rrxxIPqNOSye98WxDeq6hdqewdmuI9fbIj9AAZMhAXRBAz5BBjU2fP9s x76ngZ7dw8FYzjTK9Ink0lNfrpYXCQ7ZUUzgzBa1vnAOJcxPON6ET0P1PmMebD4b x0HoNxG8d2XPVUlPzK48vSfOcq+tljs6+SSM4rb2SmBkNfNbfcD6ty5HnbJ05W2M O8KjNj/ctCkVWK8Mq+dWacF98sHdm6GCHCcku+OhRk8UGL8JdVfqXvpB2qf6dDqV ozz8HATu78u5Afb9Vm6BtRq9L/UIppv7qnKaZPfxm/62KhqceAmG9cQbMSUdy7Ha iVgLoQnGNITsLtVwiDxQlyIaudmeCqLS+VHOTq+rQIKcLOH0fcFhNtKzNe/+b/26
Bug#1064199: marked as done (qt6-base/experimental: binary-all FTBFS)
Your message dated Sun, 18 Feb 2024 12:56:06 + with message-id and subject line Bug#1064199: fixed in qt6-base 6.6.2+dfsg-3 has caused the Debian Bug report #1064199, regarding qt6-base/experimental: binary-all FTBFS to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1064199: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064199 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: qt6-base Version: 6.6.2+dfsg-1 Severity: serious Tags: ftbfs https://buildd.debian.org/status/logs.php?pkg=qt6-base=all ... dh_auto_test -i -O--buildsystem=cmake\+ninja cd obj-x86_64-linux-gnu && LC_ALL=C.UTF-8 MESON_TESTTHREADS=6 ninja test [0/1] Running tests... Test project /<>/obj-x86_64-linux-gnu Start 1: editabletreemodel_tester Could not find executable /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/editabletreemodel_tester Looked in the following places: /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Release/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Release/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Debug/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Debug/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/MinSizeRel/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/MinSizeRel/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/RelWithDebInfo/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/RelWithDebInfo/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Deployment/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Deployment/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Development/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Development/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Release/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Release/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Debug/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Debug/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/MinSizeRel/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/MinSizeRel/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/RelWithDebInfo/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/RelWithDebInfo/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Deployment/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Deployment/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Development/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Development/editabletreemodel_tester Unable to find executable: /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/editabletreemodel_tester 1/1 Test #1: editabletreemodel_tester .***Not Run 0.00 sec 0% tests passed, 1 tests failed out of 1 Total Test time (real) = 0.03 sec The following tests FAILED: 1 - editabletreemodel_tester (Not Run) Errors while running CTest FAILED: CMakeFiles/test.util cd /<>/obj-x86_64-linux-gnu && /usr/bin/ctest --force-new-ctest-process ninja: build stopped: subcommand failed. dh_auto_test: error: cd obj-x86_64-linux-gnu && LC_ALL=C.UTF-8 MESON_TESTTHREADS=6 ninja test returned exit code 1 --- End Message --- --- Begin Message --- Source: qt6-base Source-Version: 6.6.2+dfsg-3 Done: Patrick Franz We believe that the bug
Bug#1054761: marked as done (esda: FTBFS: dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p 3.11 returned exit code 13)
Your message dated Sun, 18 Feb 2024 12:44:03 + with message-id and subject line Bug#1054761: fixed in esda 2.5.1-2 has caused the Debian Bug report #1054761, regarding esda: FTBFS: dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p 3.11 returned exit code 13 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1054761: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054761 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: esda Version: 2.5.0-1 Severity: serious Justification: FTBFS Tags: trixie sid ftbfs User: lu...@debian.org Usertags: ftbfs-20231027 ftbfs-trixie Hi, During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part (hopefully): > debian/rules binary > dh binary --with python3,sphinxdoc --buildsystem=pybuild >dh_update_autotools_config -O--buildsystem=pybuild >dh_autoreconf -O--buildsystem=pybuild >dh_auto_configure -O--buildsystem=pybuild >dh_auto_build -O--buildsystem=pybuild > I: pybuild plugin_pyproject:110: Building wheel for python3.11 with "build" > module > I: pybuild base:310: python3.11 -m build --skip-dependency-check > --no-isolation --wheel --outdir /<>/.pybuild/cpython3_3.11_esda > * Building wheel... > running bdist_wheel > running build > running build_py > creating build > creating build/lib > creating build/lib/esda > copying esda/adbscan.py -> build/lib/esda > copying esda/geary_local.py -> build/lib/esda > copying esda/map_comparison.py -> build/lib/esda > copying esda/topo.py -> build/lib/esda > copying esda/mixture_smoothing.py -> build/lib/esda > copying esda/__init__.py -> build/lib/esda > copying esda/lee.py -> build/lib/esda > copying esda/losh.py -> build/lib/esda > copying esda/join_counts_local_bv.py -> build/lib/esda > copying esda/join_counts_local.py -> build/lib/esda > copying esda/crand.py -> build/lib/esda > copying esda/geary_local_mv.py -> build/lib/esda > copying esda/join_counts_local_mv.py -> build/lib/esda > copying esda/silhouettes.py -> build/lib/esda > copying esda/getisord.py -> build/lib/esda > copying esda/util.py -> build/lib/esda > copying esda/moran.py -> build/lib/esda > copying esda/tabular.py -> build/lib/esda > copying esda/gamma.py -> build/lib/esda > copying esda/smaup.py -> build/lib/esda > copying esda/shape.py -> build/lib/esda > copying esda/geary.py -> build/lib/esda > copying esda/smoothing.py -> build/lib/esda > copying esda/join_counts.py -> build/lib/esda > creating build/lib/esda/tests > copying esda/tests/test_map_comparison.py -> build/lib/esda/tests > copying esda/tests/test_smaup.py -> build/lib/esda/tests > copying esda/tests/test_util.py -> build/lib/esda/tests > copying esda/tests/test_moran.py -> build/lib/esda/tests > copying esda/tests/__init__.py -> build/lib/esda/tests > copying esda/tests/test_geary.py -> build/lib/esda/tests > copying esda/tests/test_mixture_smoothing.py -> build/lib/esda/tests > copying esda/tests/test_getisord.py -> build/lib/esda/tests > copying esda/tests/test_join_counts.py -> build/lib/esda/tests > copying esda/tests/test_local_geary_mv.py -> build/lib/esda/tests > copying esda/tests/test_smoothing.py -> build/lib/esda/tests > copying esda/tests/test_topo.py -> build/lib/esda/tests > copying esda/tests/test_silhouette.py -> build/lib/esda/tests > copying esda/tests/test_lee.py -> build/lib/esda/tests > copying esda/tests/test_losh.py -> build/lib/esda/tests > copying esda/tests/test_ljc_bv.py -> build/lib/esda/tests > copying esda/tests/test_gamma.py -> build/lib/esda/tests > copying esda/tests/test_local_geary.py -> build/lib/esda/tests > copying esda/tests/test_shape.py -> build/lib/esda/tests > copying esda/tests/test_adbscan.py -> build/lib/esda/tests > copying esda/tests/test_ljc.py -> build/lib/esda/tests > copying esda/tests/test_ljc_mv.py -> build/lib/esda/tests > running egg_info > creating esda.egg-info > writing esda.egg-info/PKG-INFO > writing dependency_links to esda.egg-info/dependency_links.txt > writing requirements to esda.egg-info/requires.txt > writing top-level names to esda.egg-info/top_level.txt > writing manifest file 'esda.egg-info/SOURCES.txt' > reading manifest file 'esda.egg-info/SOURCES.txt' > adding license file 'LICENSE.txt' > writing manifest file 'esda.egg-info/SOURCES.txt' > installing to build/bdist.linux-x86_64/wheel > running install > running install_lib > creating build/bdist.linux-x86_64 > creating build/bdist.linux-x86_64/wheel > creating build/bdist.linux-x86_64/wheel/esda > copying build/lib/esda/adbscan.py ->
Bug#1044077: marked as done (esda: FTBFS with pandas 2.0)
Your message dated Sun, 18 Feb 2024 12:44:03 + with message-id and subject line Bug#1044077: fixed in esda 2.5.1-2 has caused the Debian Bug report #1044077, regarding esda: FTBFS with pandas 2.0 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1044077: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1044077 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:esda Version: 2.4.3-4 Control: block 1043240 by -1 esda fails to build with pandas 2.0, currently in experimental. Build log: https://launchpadlibrarian.net/680699664/buildlog_ubuntu-mantic-amd64.esda_2.4.3-4_BUILDING.txt.gz A common source of failures is that pandas.util.testing has been renamed to pandas.testing. Both names were available in all 1.x versions (and hence in Debian stable and oldstable), so Debian packages that were using this can immediately switch unconditionally. --- End Message --- --- Begin Message --- Source: esda Source-Version: 2.5.1-2 Done: Andreas Tille We believe that the bug you reported is fixed in the latest version of esda, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1044...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andreas Tille (supplier of updated esda package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 18 Feb 2024 12:36:35 +0100 Source: esda Architecture: source Version: 2.5.1-2 Distribution: unstable Urgency: medium Maintainer: Debian Science Maintainers Changed-By: Andreas Tille Closes: 1044077 1054761 Changes: esda (2.5.1-2) unstable; urgency=medium . * Team upload. * Verify that package builds with latest Python3 and latest Pandas Closes: #1044077, #1054761 * Build-Depends: s/dh-python/dh-sequence-python3/ (routine-update) Checksums-Sha1: 3fa3f0f4d58a357560f3f9a9c830f3eb7e72f558 2607 esda_2.5.1-2.dsc 157486eb0d09a22efa57273dcb171b2eec773476 4004 esda_2.5.1-2.debian.tar.xz a87d45dcc82a5870546a6462befa942f0888d289 15825 esda_2.5.1-2_amd64.buildinfo Checksums-Sha256: 0184d28363ae95433f43c705e041e4e73c3d023e3aed06dd3fd2905141469c3a 2607 esda_2.5.1-2.dsc fefe9712fe95f20ccb85b89cefc74eab56cb88cf04803b37c7a51ae02dadbfe5 4004 esda_2.5.1-2.debian.tar.xz 21d719db86336f9bb36be63dc39fd7b54fa1a31033d28d5d0d9e7393b3c1172d 15825 esda_2.5.1-2_amd64.buildinfo Files: 7a24b07070e395d2be4da285e509ae6a 2607 python optional esda_2.5.1-2.dsc f42c007cc6c68997154a43c6e964ee9d 4004 python optional esda_2.5.1-2.debian.tar.xz 8fb445a9c0b1248d5998c101bed82b79 15825 python optional esda_2.5.1-2_amd64.buildinfo -BEGIN PGP SIGNATURE- iQJFBAEBCAAvFiEE8fAHMgoDVUHwpmPKV4oElNHGRtEFAmXR7nkRHHRpbGxlQGRl Ymlhbi5vcmcACgkQV4oElNHGRtG7pg//QUGQ8hl+t+T21kYOKmPijYKQWQoJACzW JnIAxf4Wpv+ShoeeRLU+nnm6pBsbakdRgygWRa45IKaZBrlMgzlKn+vNhspHPO1S acLibV/aEbiXKRnAAD0n7FONZ4SneQ8WQs050b81ZrOWJFezTFkyMAlD2E0ee3zg gIU2hs7e0yL5OuDnisS6M5kTiS72QzWVlbT8Hddnsxq36L1mSyR4TWZP5ihE3KB+ gloUVIt9szhCWdY6IfPyb/ovTo1gouwqlxaSksa4qexLzSNZbGIhM9WF97SbWvbS 6vDnIZrZg7OrTp1G7nkmURqnvqvDg8DsX+QeDuJ4YUfMyV0rnuks8hkgSTS2SkLz Odwiq6oLnZrO0XKrOBr43G8r6mNY4Ragnb34xtuhgLN/o6zvn4erlZTWpAvcK8AR 8menlfU7md+RtJUksBC60QZ/urpeYSjfPvNsMkS5BRir/k6U020AyyJZX84zv6Nx 3RdYvxElzF4y6FHrvnEGg7TJFNVUhuX2wKenRodzB/3ZyeNetAQeBtHLNsAEdWqT sMNS8jvoJRo4nL74AoJpYgG8mrCg0oVrDOnMsTWOuKvgJk3LrbolfIS9v6IVzOUK g/ZC1Vkvyg7nSD44oAk8jSVH1KBZqL5EnZv2aUElUZ1I2ii/WaqTjRRdUkXPKkEt NwCCniw4tTE= =koFX -END PGP SIGNATURE- pgpYit04rV8mM.pgp Description: PGP signature --- End Message ---
Bug#1063602: seqan-needle: FTBFS on amd64: test/api/insert_delete_test (Failed)
Hi, https://buildd.debian.org/status/fetch.php?pkg=seqan-needle=amd64=1.0.2%2Bds-2=1707394988=0 2: [ RUN ] insert.ibfmin 2: unknown file: Failure 2: C++ exception with description "std::bad_alloc" thrown in the test body. 2: 2: [ FAILED ] insert.ibfmin (0 ms) [...] 2: [ FAILED ] 1 test, listed below: 2: [ FAILED ] insert.ibfmin 2: 2: 1 FAILED TEST 2/13 Test #2: test/api/insert_delete_test ...***Failed0.03 sec Unfortunately, I cannot reproduce this on my amd64 machine in a current sid chroot. Maybe the test tried to allocate more memory than temporarily available on the buildd? I'll take another look. Cheers S OpenPGP_signature.asc Description: OpenPGP digital signature
Bug#1058336: marked as done (visidata: FTBFS: dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p "3.12 3.11" returned exit code 13)
Your message dated Sun, 18 Feb 2024 12:10:43 + with message-id and subject line Bug#1058336: fixed in visidata 3.0.2-1 has caused the Debian Bug report #1058336, regarding visidata: FTBFS: dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p "3.12 3.11" returned exit code 13 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1058336: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058336 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: visidata Version: 2.11-1 Severity: serious Justification: FTBFS Tags: trixie sid ftbfs User: lu...@debian.org Usertags: ftbfs-20231212 ftbfs-trixie Hi, During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part (hopefully): > debian/rules binary > dh binary --with python3 --buildsystem=pybuild >dh_update_autotools_config -O--buildsystem=pybuild >dh_autoreconf -O--buildsystem=pybuild >dh_auto_configure -O--buildsystem=pybuild > pybuild --configure -i python{version} -p "3.12 3.11" > I: pybuild base:310: python3.12 setup.py config > running config > I: pybuild base:310: python3.11 setup.py config > running config >dh_auto_build -O--buildsystem=pybuild > pybuild --build -i python{version} -p "3.12 3.11" > I: pybuild base:310: /usr/bin/python3.12 setup.py build > running build > running build_py > file visidata.py (for module visidata) not found > creating /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/fill.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/customdate.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/choose.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/utils.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/slide.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/shell.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/transpose.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/__init__.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/textsheet.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/path.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/macos.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/freqtbl.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/search.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/aggregators.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/metasheets.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/bezier.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/unfurl.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/help.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/_types.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/canvas.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/sheets.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/main.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/movement.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/menu.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/canvas_text.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/pyobj.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/form.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/selection.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/keys.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/macros.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/modify.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/memory.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/clipboard.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/color.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/regex.py -> > /<>/.pybuild/cpython3_3.12_visidata/build/visidata > copying visidata/__main__.py -> >
Bug#1053942: marked as done (q2-demux: test failure with pandas 2.1)
Your message dated Sun, 18 Feb 2024 12:24:16 +0100 with message-id and subject line Done with upload of 2023.9.1+dfsg-2 has caused the Debian Bug report #1053942, regarding q2-demux: test failure with pandas 2.1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1053942: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053942 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:q2-demux Version: 2023.7.0+dfsg-1 Control: block 1043240 by -1 q2-demux fails its autopkgtest with pandas 2.1, currently in experimental. Log: https://ci.debian.net/data/autopkgtest/unstable/amd64/q/q2-demux/38997862/log.gz A common source of failures is new pandas FutureWarnings in tests that are set to fail on unexpected warnings. --- End Message --- --- Begin Message --- Forgot to close bug in changelog -- http://fam-tille.de--- End Message ---
Bug#1044060: More qiime related issues affecting q2-quality-control (Was: Help needed to port qiime to Python3.12)
Hi, I just realised that a new qiime version is out. I will upgrade to latest upstream and see how this might affect this issue Kind regards Andreas. Am Sun, Feb 18, 2024 at 12:11:04PM +0100 schrieb Andreas Tille: > Control: tags -1 help > > Hi again, > > I hope to approach the last remaining Pandas issue for the qiime > ecosystem. As it has become obvious in the q2-types package I'm now > facing pretty similar errors when running the q2-quality-control > package which can be seen in full length in Salsa-CI[3] and contains > errors like: > > E AttributeError: 'ProvenancePath' object has no attribute '_drv' > E AttributeError: 'ProvenancePath' object has no attribute '_raw_paths' > E AttributeError: 'ProvenancePath' object has no attribute '_str' > E AttributeError: 'OutPath' object has no attribute '_str' > > This all goes back to the qiime package but I admit I have no idea > how to fix this. > > Kind regards > Andreas. > > > [3] https://salsa.debian.org/med-team/q2-quality-control/-/jobs/5320775#L700 > > Am Sat, Feb 17, 2024 at 11:36:41AM +0100 schrieb Andreas Tille: > > Hi, > > > > as reported in a qiime2 issue[1] there is some problem with Python3.12 > > in the tests of the q2-* packages which are all using the qiime package. > > This problem is currently hidden from the tests made by Python3.12 > > porters but it became obvious now on Salsa CI[2]. I tried to fiddle > > around a bit with the qiime code but with no success at all. Any help > > would be welcome. > > > > Kind regards > > Andreas. > > > > [1] https://github.com/qiime2/qiime2/issues/751 > > [2] https://salsa.debian.org/med-team/q2-types/-/jobs/5313640#L900 > > > > -- > > http://fam-tille.de > > -- > http://fam-tille.de -- http://fam-tille.de
Processed: More qiime related issues affecting q2-quality-control (Was: Help needed to port qiime to Python3.12)
Processing control commands: > tags -1 help Bug #1044060 [src:q2-quality-control] q2-quality-control: test failure with pandas 2.0 Added tag(s) help. -- 1044060: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1044060 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1044060: More qiime related issues affecting q2-quality-control (Was: Help needed to port qiime to Python3.12)
Control: tags -1 help Hi again, I hope to approach the last remaining Pandas issue for the qiime ecosystem. As it has become obvious in the q2-types package I'm now facing pretty similar errors when running the q2-quality-control package which can be seen in full length in Salsa-CI[3] and contains errors like: E AttributeError: 'ProvenancePath' object has no attribute '_drv' E AttributeError: 'ProvenancePath' object has no attribute '_raw_paths' E AttributeError: 'ProvenancePath' object has no attribute '_str' E AttributeError: 'OutPath' object has no attribute '_str' This all goes back to the qiime package but I admit I have no idea how to fix this. Kind regards Andreas. [3] https://salsa.debian.org/med-team/q2-quality-control/-/jobs/5320775#L700 Am Sat, Feb 17, 2024 at 11:36:41AM +0100 schrieb Andreas Tille: > Hi, > > as reported in a qiime2 issue[1] there is some problem with Python3.12 > in the tests of the q2-* packages which are all using the qiime package. > This problem is currently hidden from the tests made by Python3.12 > porters but it became obvious now on Salsa CI[2]. I tried to fiddle > around a bit with the qiime code but with no success at all. Any help > would be welcome. > > Kind regards > Andreas. > > [1] https://github.com/qiime2/qiime2/issues/751 > [2] https://salsa.debian.org/med-team/q2-types/-/jobs/5313640#L900 > > -- > http://fam-tille.de -- http://fam-tille.de
Bug#1064199: qt6-base/experimental: binary-all FTBFS
Source: qt6-base Version: 6.6.2+dfsg-1 Severity: serious Tags: ftbfs https://buildd.debian.org/status/logs.php?pkg=qt6-base=all ... dh_auto_test -i -O--buildsystem=cmake\+ninja cd obj-x86_64-linux-gnu && LC_ALL=C.UTF-8 MESON_TESTTHREADS=6 ninja test [0/1] Running tests... Test project /<>/obj-x86_64-linux-gnu Start 1: editabletreemodel_tester Could not find executable /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/editabletreemodel_tester Looked in the following places: /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Release/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Release/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Debug/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Debug/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/MinSizeRel/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/MinSizeRel/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/RelWithDebInfo/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/RelWithDebInfo/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Deployment/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Deployment/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Development/editabletreemodel_tester /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Development/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Release/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Release/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Debug/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Debug/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/MinSizeRel/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/MinSizeRel/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/RelWithDebInfo/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/RelWithDebInfo/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Deployment/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Deployment/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Development/editabletreemodel_tester <>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/Development/editabletreemodel_tester Unable to find executable: /<>/obj-x86_64-linux-gnu/examples/widgets/itemviews/editabletreemodel/editabletreemodel_tester 1/1 Test #1: editabletreemodel_tester .***Not Run 0.00 sec 0% tests passed, 1 tests failed out of 1 Total Test time (real) = 0.03 sec The following tests FAILED: 1 - editabletreemodel_tester (Not Run) Errors while running CTest FAILED: CMakeFiles/test.util cd /<>/obj-x86_64-linux-gnu && /usr/bin/ctest --force-new-ctest-process ninja: build stopped: subcommand failed. dh_auto_test: error: cd obj-x86_64-linux-gnu && LC_ALL=C.UTF-8 MESON_TESTTHREADS=6 ninja test returned exit code 1
Bug#1037914: closed by Debian FTP Masters (reply to Matthew Grant ) (Bug#1037914: fixed in wsdd 2:0.7.1-4)
Hi Matthew, wsdd's source repo [1] is currently broken so I can't check what you did, but how does it have anything to do with cloud-initramfs-growroot? I don't think it is in the dependency tree of the latter package. 1: https://salsa.debian.org/debian/wsdd.git On 2024/2/18 08:51, Debian Bug Tracking System wrote: This is an automatic notification regarding your Bug report which was filed against the cloud-initramfs-growroot package: #1037914: cloud-initramfs-growroot: missing dependencies in initramfs It has been closed by Debian FTP Masters (reply to Matthew Grant ). Their explanation is attached below along with your original report. If this explanation is unsatisfactory and you have not received a better one in a separate message then please contact Debian FTP Masters (reply to Matthew Grant ) by replying to this email. -- Best regards, ZHANG, Yuntian Operating System Developer Radxa Computer Co., Ltd Shenzhen, China
Processed: Help needed fpr last Pandas issue in pyrange (Was: q2-taxa: test failure with pandas 2.1)
Processing control commands: > tags -1 help Bug #1044064 [src:pyranges] pyranges: FTBFS with pandas 2.0 Added tag(s) help. -- 1044064: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1044064 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1044064: Help needed fpr last Pandas issue in pyrange (Was: q2-taxa: test failure with pandas 2.1)
Control: tags -1 help Hi again, Am Sat, Feb 17, 2024 at 07:31:48PM +0100 schrieb s3v: > More immediate fix is attached but I guess there is a more elegant > way by changing the code in _ids_to_keep_from_taxonomy() function. thanks a lot for all your fixes you provided for Debian Med packages. There are a few remaining issues, which I would love to ask you step by step. I found a patch for pyranges[1] which solves all issues but one: >pd.testing.assert_frame_equal(df1, df2) EAssertionError: Attributes of DataFrame.iloc[:, 7] (column name="Cluster") are different E EAttribute "dtype" are different E[left]: int32 E[right]: int64 My attempt to fix this by +--- a/tests/helpers.py b/tests/helpers.py +@@ -57,6 +57,7 @@ def assert_df_equal(df1, df2): + print(df2.index) + print("index equal", df1.index == df2.index) + ++df1["Cluster"] = df1["Cluster"].astype(np.int64) + pd.testing.assert_frame_equal(df1, df2) + + pd.options.mode.chained_assignment = "warn" totally failed and introduced a new series of failures basically saying > ??? E KeyError: 'Cluster' pandas/_libs/hashtable_class_helper.pxi:7088: KeyError Any suggestion how to fix that issue? Kind regards Andreas. [1] https://salsa.debian.org/med-team/pyranges/-/blob/master/debian/patches/pandas2.0.patch?ref_type=heads -- http://fam-tille.de
Bug#1056438: marked as done (pyfai's autopkg tests fail with Python 3.12)
Your message dated Sun, 18 Feb 2024 09:35:35 + with message-id and subject line Bug#1056438: fixed in pyfai 2024.02-1 has caused the Debian Bug report #1056438, regarding pyfai's autopkg tests fail with Python 3.12 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1056438: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056438 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:pyfai Version: 2023.9.0-1 Severity: important Tags: sid trixie User: debian-pyt...@lists.debian.org Usertags: python3.12 pyfai's autopkg tests fail with Python 3.12: [...] 1324s == 1324s ERROR: test_copy (pyFAI.test.test_calibrant.TestCalibrant.test_copy) 1324s -- 1324s Traceback (most recent call last): 1324s File "/usr/lib/python3/dist-packages/pyFAI/test/test_calibrant.py", line 163, in test_copy 1324s self.assertNotEquals(c1, c2) 1324s 1324s AttributeError: 'TestCalibrant' object has no attribute 'assertNotEquals'. Did you mean: 'assertNotEqual'? 1324s 1324s == 1324s ERROR: test_not_same_dspace (pyFAI.test.test_calibrant.TestCalibrant.test_not_same_dspace) 1324s -- 1324s Traceback (most recent call last): 1324s File "/usr/lib/python3/dist-packages/pyFAI/test/test_calibrant.py", line 149, in test_not_same_dspace 1324s self.assertNotEquals(c1, c2) 1324s 1324s AttributeError: 'TestCalibrant' object has no attribute 'assertNotEquals'. Did you mean: 'assertNotEqual'? 1324s 1324s == 1324s ERROR: test_not_same_wavelength (pyFAI.test.test_calibrant.TestCalibrant.test_not_same_wavelength) 1324s -- 1324s Traceback (most recent call last): 1324s File "/usr/lib/python3/dist-packages/pyFAI/test/test_calibrant.py", line 155, in test_not_same_wavelength 1324s self.assertNotEquals(c1, c2) 1324s 1324s AttributeError: 'TestCalibrant' object has no attribute 'assertNotEquals'. Did you mean: 'assertNotEqual'? 1324s 1324s -- 1324s Ran 448 tests in 287.330s 1324s 1324s FAILED (errors=3, skipped=16) --- End Message --- --- Begin Message --- Source: pyfai Source-Version: 2024.02-1 Done: Andreas Tille We believe that the bug you reported is fixed in the latest version of pyfai, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1056...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andreas Tille (supplier of updated pyfai package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 18 Feb 2024 09:56:52 +0100 Source: pyfai Architecture: source Version: 2024.02-1 Distribution: unstable Urgency: medium Maintainer: Debian PaN Maintainers Changed-By: Andreas Tille Closes: 1056438 Changes: pyfai (2024.02-1) unstable; urgency=medium . * Team upload. * New upstream version Closes: #1056438 * Fix watch file * cme fix dpkg-control * Import /usr/share/dpkg/pkg-info.mk to set SOURCE_DATE_EPOCH * Do not parse d/changelog (routine-update) * Set upstream metadata fields: Repository. Checksums-Sha1: 09115624519898c39e15525f95f2baded0734639 2935 pyfai_2024.02-1.dsc 2a8f629fb429effdc3886796ba87e5d0f5bf58db 56240830 pyfai_2024.02.orig.tar.gz 91fe10ca42c72020b3cf6a1057f07c5348c5722d 17816 pyfai_2024.02-1.debian.tar.xz b33d42ae0990e4fe24531304adacd97dbb8cce2e 2 pyfai_2024.02-1_amd64.buildinfo Checksums-Sha256: 0645f85f9f08532c98c1e95f9eda5f18baab60fe057edece774fb7028849f232 2935 pyfai_2024.02-1.dsc 249b23007f28d0d93514b706f11c9721884375621749a037b158ca8ea40acb02 56240830 pyfai_2024.02.orig.tar.gz c14ecd25d173c46dcb8f8335abbe14f58fc1b42bffbb802284c1226aa4227b92 17816 pyfai_2024.02-1.debian.tar.xz
Bug#1064174: marked as done (php8.2: Broken autopkgtest tests php8.3)
Your message dated Sun, 18 Feb 2024 09:07:48 + with message-id and subject line Bug#1064174: fixed in php8.2 8.2.16-2 has caused the Debian Bug report #1064174, regarding php8.2: Broken autopkgtest tests php8.3 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1064174: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064174 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: php8.2 Version: 8.2.16-1 Severity: serious The version autopkgtest recently added to php8.2 is failing because it tries to test php8.3 instead of 8.2. Failing autopkgtests will cause the new version of php8.2 to be unable to migrate to Testing. https://qa.debian.org/excuses.php?package=php8.2 Thank you, Jeremy Bícha --- End Message --- --- Begin Message --- Source: php8.2 Source-Version: 8.2.16-2 Done: Ondřej Surý We believe that the bug you reported is fixed in the latest version of php8.2, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1064...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ondřej Surý (supplier of updated php8.2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 18 Feb 2024 08:09:07 +0100 Source: php8.2 Architecture: source Version: 8.2.16-2 Distribution: unstable Urgency: medium Maintainer: Debian PHP Maintainers Changed-By: Ondřej Surý Closes: 1064174 Changes: php8.2 (8.2.16-2) unstable; urgency=medium . * Regenerate d/tests for correct PHP version (Closes: #1064174) Checksums-Sha1: ad1b4d4ec79b44c1f6626a85ba9e919593ee0f28 5656 php8.2_8.2.16-2.dsc efc2a686615ffc677008efdf5224315ee8e862d0 12085228 php8.2_8.2.16.orig.tar.xz b14a429dd7d5475f47858e697ab69c612d749b65 858 php8.2_8.2.16.orig.tar.xz.asc 86f1a5319580e5e2f9efa8034c002babb1a1c7b7 70192 php8.2_8.2.16-2.debian.tar.xz b9bc793072aead5d6963d329ac857f387c3afe8c 33510 php8.2_8.2.16-2_amd64.buildinfo Checksums-Sha256: 59a88980272688020f7b194c1709a286c0d8f904ea176ac908f969e921d087c9 5656 php8.2_8.2.16-2.dsc 28cdc995b7d5421711c7044294885fcde4390c9f67504a994b4cf9bc1b5cc593 12085228 php8.2_8.2.16.orig.tar.xz bb2d3eda6eaeb237d6ebb9dc925b6bc4f65b42ab792e4d11ba5f9e19528d02cd 858 php8.2_8.2.16.orig.tar.xz.asc 09ddb471969dda402e982ea0dc3b07e0acb5c441379de47ecc46c37675ee1b92 70192 php8.2_8.2.16-2.debian.tar.xz 3d36e30debbab546207efb3db1655f7e6bc06b6f45b58c68eb1557bcf8bb1704 33510 php8.2_8.2.16-2_amd64.buildinfo Files: 509ecffdfe80cd3c50ab9e28f38f8e65 5656 php optional php8.2_8.2.16-2.dsc 3ca2da5206656e5f68704815d322ea38 12085228 php optional php8.2_8.2.16.orig.tar.xz 6a496f7c6782226dac57b66daf0a30b9 858 php optional php8.2_8.2.16.orig.tar.xz.asc 976a2f2a6f1dc352c21261ddbe577853 70192 php optional php8.2_8.2.16-2.debian.tar.xz 71bc95205c694050af5de05dd9dc0590 33510 php optional php8.2_8.2.16-2_amd64.buildinfo -BEGIN PGP SIGNATURE- iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmXRwYVfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u WcLGLg//VgywtZUZXWPz2Ji/FkYYxEjziNPOoGetdBIPxvkgiiVHOBXtezOV8GWd 2+lgemfU85aLoxH/gvu03YszpMPf6JAVU8Ibat0yGuYlAYXOruGTIH2JZ/NgXpZM qzgBSuY7pUnMNEsxxy3gtcji6Zf4btIZxCHXKva1musF/rergN7fA1BEE5nG8TA8 kRr0WVPPoGRAeVgTTVuL87NthQm2doqpzVdUox8QRNI1wGbK7/ZuTz+w42ow1WtN I1n6p1dImY1EaX4YAxei3DuYmuV4SNA7r8TjqOneiuHxooZO9xVgITpeJNgrd5hv 5OHweCf4NoJEKtPrnKxSiN2pcPpzurGuUe22AM6AWbfE8z7WAjrkmKFvjzkl6qwt HTJamDSXlYII9gyG0CuvTAPpa/rs1OeVUjdsPMyEKIHEZaDd7dT4SFb1NvHRmKuw h2yjzHBSydSYD2yYOq/pGMSas80gFSESmKx5GNY09QLRagrs7H8llVuHocmxYffo 4QDPQf9E+A3kIkP11Aky0mOxkDPmhvcCt5ZpDE2K7MI9DE4rQCJGbTW8tkboHOUz YNKMdGKLPVIv9Cg3/DWOX5x0BURjSsRP2or9J/OzH2rDq1YQ5tYTf/rbgw0AWBwW CktWAywaW49Ap1BNdGSi/DaXg3xtzyWwbbmSzRlVjuzGR33NIXU= =Sjs1 -END PGP SIGNATURE- pgpomF1e7BgjL.pgp Description: PGP signature --- End Message ---
Bug#1062803: marked as done (libsigrok4t64: improper /usr-move mitigation)
Your message dated Sun, 18 Feb 2024 08:43:35 + with message-id and subject line Bug#1062803: fixed in libsigrok 0.5.2-5.1~exp2 has caused the Debian Bug report #1062803, regarding libsigrok4t64: improper /usr-move mitigation to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1062803: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1062803 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libsigrok4t64 Version: 0.5.2-5.1~exp1 Severity: serious Tags: patch User: helm...@debian.org Usertags: dep17p1 Control: affects -1 + libsigrok4 X-Debbugs-Cc: vor...@debian.org Hi Steve, this NMU also introduces a DEP17 P1 problem. To make matters worse, the affected file already is being mitigated for DEP17 P7. Mitigating both problems at the same time is "interesting". I think I found a solution and it passes piuparts. As I do not want to interfere with the time64 transition, I am not uploading this and merely attaching a patch. For P7 mitigations, the diversion must not be owned by the causing package. Hence these diversions are assigned to usr-is-merged and must remain there. We're also dealing with the problem that these mitigations now have to move from libsigrok4 to libsigrok4t64. I'd appreciate another pair of eyeballs double checking this. Helmut diff --minimal -Nru libsigrok-0.5.2/debian/changelog libsigrok-0.5.2/debian/changelog --- libsigrok-0.5.2/debian/changelog2024-02-02 08:36:33.0 +0100 +++ libsigrok-0.5.2/debian/changelog2024-02-03 11:50:34.0 +0100 @@ -1,3 +1,10 @@ +libsigrok (0.5.2-5.1~exp1.1) UNRELEASED; urgency=medium + + * Non-maintainer upload. + * Extend /usr-move mitigation for package rename. (Closes: #-1) + + -- Helmut Grohne Sat, 03 Feb 2024 11:50:34 +0100 + libsigrok (0.5.2-5.1~exp1) experimental; urgency=medium * Non-maintainer upload. diff --minimal -Nru libsigrok-0.5.2/debian/libsigrok4t64.postinst libsigrok-0.5.2/debian/libsigrok4t64.postinst --- libsigrok-0.5.2/debian/libsigrok4t64.postinst 2024-02-02 08:36:33.0 +0100 +++ libsigrok-0.5.2/debian/libsigrok4t64.postinst 1970-01-01 01:00:00.0 +0100 @@ -1,23 +0,0 @@ -#!/bin/sh -set -e - -# begin-remove-after: released:forky -# protective diversion of files moved from / to /usr, to avoid file loss. -# Only for upgrades. -if [ "$1" = "configure" ]; then -# At this point, the package will have installed the same file in */usr*. -dpkg-divert --package usr-is-merged --no-rename \ ---divert /lib/udev/rules.d/60-libsigrok.rules.usr-is-merged \ ---remove /lib/udev/rules.d/60-libsigrok.rules -dpkg-divert --package usr-is-merged --no-rename \ ---divert /lib/udev/rules.d/61-libsigrok-plugdev.rules.usr-is-merged \ ---remove /lib/udev/rules.d/61-libsigrok-plugdev.rules -dpkg-divert --package usr-is-merged --no-rename \ ---divert /lib/udev/rules.d/61-libsigrok-uaccess.rules.usr-is-merged \ ---remove /lib/udev/rules.d/61-libsigrok-uaccess.rules -fi -# end-remove-after - -#DEBHELPER# - -exit 0 diff --minimal -Nru libsigrok-0.5.2/debian/libsigrok4t64.postrm libsigrok-0.5.2/debian/libsigrok4t64.postrm --- libsigrok-0.5.2/debian/libsigrok4t64.postrm 2024-02-02 08:36:33.0 +0100 +++ libsigrok-0.5.2/debian/libsigrok4t64.postrm 2024-02-03 11:50:16.0 +0100 @@ -1,9 +1,7 @@ #!/bin/sh set -e -# begin-remove-after: released:forky # protective diversion of files moved from / to /usr, to avoid file loss. -# Only for upgrades. if [ "$1" = "remove" ] && [ "$DPKG_MAINTSCRIPT_PACKAGE_REFCOUNT" = "1" ]; then # Cleanup in case package is removed before upgrade is finished (postinst ran). dpkg-divert --package usr-is-merged --no-rename \ @@ -16,7 +14,6 @@ --divert /lib/udev/rules.d/61-libsigrok-uaccess.rules.usr-is-merged \ --remove /lib/udev/rules.d/61-libsigrok-uaccess.rules fi -# end-remove-after #DEBHELPER# diff --minimal -Nru libsigrok-0.5.2/debian/libsigrok4t64.preinst libsigrok-0.5.2/debian/libsigrok4t64.preinst --- libsigrok-0.5.2/debian/libsigrok4t64.preinst2024-02-02 08:36:33.0 +0100 +++ libsigrok-0.5.2/debian/libsigrok4t64.preinst2024-02-03 11:50:34.0 +0100 @@ -1,10 +1,10 @@ #!/bin/sh set -e -# begin-remove-after: released:forky # protective diversion of files moved from / to /usr, to avoid file loss. -# Only for upgrades. -if [ "$1" = "upgrade" ]; then +# These protect both from M-A:same shared file loss and from loss due to moving +# from libsigrok4 to libsigrok4t64. +if [ "$1" = upgrade ] || [ "$1" =
Processed: reassign 1064187 to src:luasocket, found 1064187 in 3.1.0-1
Processing commands for cont...@bugs.debian.org: > reassign 1064187 src:luasocket Bug #1064187 [src:lua-luv] lua-socket: identified for time_t transition but no ABI in shlibs Bug reassigned from package 'src:lua-luv' to 'src:luasocket'. No longer marked as found in versions lua-luv/3.1.0-1 and lua-luv/1.44.2-0-1. Ignoring request to alter fixed versions of bug #1064187 to the same values previously set > found 1064187 3.1.0-1 Bug #1064187 [src:luasocket] lua-socket: identified for time_t transition but no ABI in shlibs Marked as found in versions luasocket/3.1.0-1. > thanks Stopping processing here. Please contact me if you need assistance. -- 1064187: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064187 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1064193: lua-cqueues: identified for time_t transition but no ABI in shlibs
Source: lua-cqueues Version: 3.1.0-1 Severity: serious User: debian-...@lists.debian.org Usertags: time-t Dear maintainers, Analysis of the archive for the 64-bit time_t transition[0][1] identifies lua-cqueues as an affected package, on the basis that the headers could not be compiled and analyzed out of the box using abi-compliance-checker[2], so we have to assume it's affected. However, lua-cqueue's shlibs file declares a dependency on a library package name that contains no ABI information: $ cat DEBIAN/shlibs liblua5.1-cqueues 0 lua-cqueues (>= 20200726) liblua5.2-cqueues 0 lua-cqueues (>= 20200726) liblua5.3-cqueues 0 lua-cqueues (>= 20200726) liblua5.4-cqueues 0 lua-cqueues (>= 20200726) $ It is therefore not obvious that we should rename the package to 'lua-cqueuest64' as part of this transition. Looking at the archive, there is a package built from the separate lua-http source package that depends on this library. Since there is no self-evident thing to do with the library package name here, we will not be handling this package as part of the mass NMUs. Instead I am filing a serious bug because partial upgrades from bookworm to trixie on 32-bit architectures will result in ABI skew and may result in broken behavior. Thanks, -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer https://www.debian.org/ slanga...@ubuntu.com vor...@debian.org [0] https://wiki.debian.org/ReleaseGoals/64bit-time [1] https://lists.debian.org/debian-devel/2024/01/msg00041.html [2] https://adrien.dcln.fr/misc/armhf-time_t/2024-02-16T21%3A19%3A00/logs/lua-cqueues-dev/base/log.txt signature.asc Description: PGP signature
Processed: found 1064187 in 3.1.0-1, notfound 1064187 in 20200726-1
Processing commands for cont...@bugs.debian.org: > found 1064187 3.1.0-1 Bug #1064187 [src:lua-luv] lua-socket: identified for time_t transition but no ABI in shlibs The source 'lua-luv' and version '3.1.0-1' do not appear to match any binary packages Marked as found in versions lua-luv/3.1.0-1. > notfound 1064187 20200726-1 Bug #1064187 [src:lua-luv] lua-socket: identified for time_t transition but no ABI in shlibs The source 'lua-luv' and version '20200726-1' do not appear to match any binary packages Ignoring request to alter found versions of bug #1064187 to the same values previously set > thanks Stopping processing here. Please contact me if you need assistance. -- 1064187: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064187 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1064187: lua-socket: identified for time_t transition but no ABI in shlibs
Control: reassign -1 src:luasocket/20200726-1 Sigh, cut'n'paste fail. Reassigning. On Sat, Feb 17, 2024 at 11:57:16PM -0800, Steve Langasek wrote: > Source: lua-luv > Version: 1.44.2-0-1 > Severity: serious > User: debian-...@lists.debian.org > Usertags: time-t > > Dear maintainers, > > Analysis of the archive for the 64-bit time_t transition[0][1] identifies > luasocket as an affected package, on the basis that the headers could not > be compiled and analyzed out of the box using abi-compliance-checker[2], so > we have to assume it's affected. > > However, lua-socket's shlibs file declares a dependency on a library package > name that contains no ABI information: > > $ cat DEBIAN/shlibs > liblua5.1-mime 2 lua-socket (>= 3.1.0) > liblua5.1-socket-serial 0 lua-socket (>= 3.1.0) > liblua5.1-socket-unix 2 lua-socket (>= 3.1.0) > liblua5.1-socket 2 lua-socket (>= 3.1.0) > liblua5.2-mime 2 lua-socket (>= 3.1.0) > liblua5.2-socket-serial 0 lua-socket (>= 3.1.0) > liblua5.2-socket-unix 2 lua-socket (>= 3.1.0) > liblua5.2-socket 2 lua-socket (>= 3.1.0) > liblua5.3-mime 2 lua-socket (>= 3.1.0) > liblua5.3-socket-serial 0 lua-socket (>= 3.1.0) > liblua5.3-socket-unix 2 lua-socket (>= 3.1.0) > liblua5.3-socket 2 lua-socket (>= 3.1.0) > liblua5.4-mime 2 lua-socket (>= 3.1.0) > liblua5.4-socket-serial 0 lua-socket (>= 3.1.0) > liblua5.4-socket-unix 2 lua-socket (>= 3.1.0) > liblua5.4-socket 2 lua-socket (>= 3.1.0) > $ > > It is therefore not obvious that we should rename the package to > 'lua-sockett64' as part of this transition. > > Looking at the archive, there is a package built from the separate lua-sec > source package that depends on this library. > > Since there is no self-evident thing to do with the library package name > here, we will not be handling this package as part of the mass NMUs. > Instead I am filing a serious bug because partial upgrades from bookworm to > trixie on 32-bit architectures will result in ABI skew and may result in > broken behavior. > > Thanks, > -- > Steve Langasek Give me a lever long enough and a Free OS > Debian Developer to set it on, and I can move the world. > Ubuntu Developer https://www.debian.org/ > slanga...@ubuntu.com vor...@debian.org > > [0] https://wiki.debian.org/ReleaseGoals/64bit-time > [1] https://lists.debian.org/debian-devel/2024/01/msg00041.html > [2] > https://adrien.dcln.fr/misc/armhf-time_t/2024-02-16T21%3A19%3A00/logs/lua-socket-dev/base/log.txt -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer https://www.debian.org/ slanga...@ubuntu.com vor...@debian.org signature.asc Description: PGP signature
Bug#1064192: openrefine: CVE-2024-23833
Source: openrefine Version: 3.7.7-1 Severity: grave Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for openrefine. Markus, please adjust severity if you think grave/RC severity is not appropriate. openrefine updates were batches previously as well just in point release, that might be enough here as well. CVE-2024-23833[0]: | OpenRefine is a free, open source power tool for working with messy | data and improving it. A jdbc attack vulnerability exists in | OpenRefine(version<=3.7.7) where an attacker may construct a JDBC | query which may read files on the host filesystem. Due to the newer | MySQL driver library in the latest version of OpenRefine (8.0.30), | there is no associated deserialization utilization point, so | original code execution cannot be achieved, but attackers can use | this vulnerability to read sensitive files on the target server. | This issue has been addressed in version 3.7.8. Users are advised to | upgrade. There are no known workarounds for this vulnerability. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2024-23833 https://www.cve.org/CVERecord?id=CVE-2024-23833 [1] https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-6p92-qfqf-qwx4 [2] https://github.com/OpenRefine/OpenRefine/commit/41ccf574847d856e22488a7c0987ad8efa12a84a Please adjust the affected versions in the BTS as needed. Regards, Salvatore
Bug#1062803: libsigrok4t64: improper /usr-move mitigation
Thanks. A follow-up NMU has been uploaded to experimental; attached is the combined NMU patch. On Sat, Feb 03, 2024 at 12:11:10PM +0100, Helmut Grohne wrote: > Package: libsigrok4t64 > Version: 0.5.2-5.1~exp1 > Severity: serious > Tags: patch > User: helm...@debian.org > Usertags: dep17p1 > Control: affects -1 + libsigrok4 > X-Debbugs-Cc: vor...@debian.org > > Hi Steve, > > this NMU also introduces a DEP17 P1 problem. To make matters worse, the > affected file already is being mitigated for DEP17 P7. Mitigating both > problems at the same time is "interesting". I think I found a solution > and it passes piuparts. As I do not want to interfere with the time64 > transition, I am not uploading this and merely attaching a patch. > > For P7 mitigations, the diversion must not be owned by the causing > package. Hence these diversions are assigned to usr-is-merged and must > remain there. We're also dealing with the problem that these mitigations > now have to move from libsigrok4 to libsigrok4t64. I'd appreciate > another pair of eyeballs double checking this. > > Helmut > diff --minimal -Nru libsigrok-0.5.2/debian/changelog > libsigrok-0.5.2/debian/changelog > --- libsigrok-0.5.2/debian/changelog 2024-02-02 08:36:33.0 +0100 > +++ libsigrok-0.5.2/debian/changelog 2024-02-03 11:50:34.0 +0100 > @@ -1,3 +1,10 @@ > +libsigrok (0.5.2-5.1~exp1.1) UNRELEASED; urgency=medium > + > + * Non-maintainer upload. > + * Extend /usr-move mitigation for package rename. (Closes: #-1) > + > + -- Helmut Grohne Sat, 03 Feb 2024 11:50:34 +0100 > + > libsigrok (0.5.2-5.1~exp1) experimental; urgency=medium > >* Non-maintainer upload. > diff --minimal -Nru libsigrok-0.5.2/debian/libsigrok4t64.postinst > libsigrok-0.5.2/debian/libsigrok4t64.postinst > --- libsigrok-0.5.2/debian/libsigrok4t64.postinst 2024-02-02 > 08:36:33.0 +0100 > +++ libsigrok-0.5.2/debian/libsigrok4t64.postinst 1970-01-01 > 01:00:00.0 +0100 > @@ -1,23 +0,0 @@ > -#!/bin/sh > -set -e > - > -# begin-remove-after: released:forky > -# protective diversion of files moved from / to /usr, to avoid file loss. > -# Only for upgrades. > -if [ "$1" = "configure" ]; then > -# At this point, the package will have installed the same file in */usr*. > -dpkg-divert --package usr-is-merged --no-rename \ > ---divert /lib/udev/rules.d/60-libsigrok.rules.usr-is-merged \ > ---remove /lib/udev/rules.d/60-libsigrok.rules > -dpkg-divert --package usr-is-merged --no-rename \ > ---divert /lib/udev/rules.d/61-libsigrok-plugdev.rules.usr-is-merged \ > ---remove /lib/udev/rules.d/61-libsigrok-plugdev.rules > -dpkg-divert --package usr-is-merged --no-rename \ > ---divert /lib/udev/rules.d/61-libsigrok-uaccess.rules.usr-is-merged \ > ---remove /lib/udev/rules.d/61-libsigrok-uaccess.rules > -fi > -# end-remove-after > - > -#DEBHELPER# > - > -exit 0 > diff --minimal -Nru libsigrok-0.5.2/debian/libsigrok4t64.postrm > libsigrok-0.5.2/debian/libsigrok4t64.postrm > --- libsigrok-0.5.2/debian/libsigrok4t64.postrm 2024-02-02 > 08:36:33.0 +0100 > +++ libsigrok-0.5.2/debian/libsigrok4t64.postrm 2024-02-03 > 11:50:16.0 +0100 > @@ -1,9 +1,7 @@ > #!/bin/sh > set -e > > -# begin-remove-after: released:forky > # protective diversion of files moved from / to /usr, to avoid file loss. > -# Only for upgrades. > if [ "$1" = "remove" ] && [ "$DPKG_MAINTSCRIPT_PACKAGE_REFCOUNT" = "1" ]; > then > # Cleanup in case package is removed before upgrade is finished > (postinst ran). > dpkg-divert --package usr-is-merged --no-rename \ > @@ -16,7 +14,6 @@ > --divert /lib/udev/rules.d/61-libsigrok-uaccess.rules.usr-is-merged \ > --remove /lib/udev/rules.d/61-libsigrok-uaccess.rules > fi > -# end-remove-after > > #DEBHELPER# > > diff --minimal -Nru libsigrok-0.5.2/debian/libsigrok4t64.preinst > libsigrok-0.5.2/debian/libsigrok4t64.preinst > --- libsigrok-0.5.2/debian/libsigrok4t64.preinst 2024-02-02 > 08:36:33.0 +0100 > +++ libsigrok-0.5.2/debian/libsigrok4t64.preinst 2024-02-03 > 11:50:34.0 +0100 > @@ -1,10 +1,10 @@ > #!/bin/sh > set -e > > -# begin-remove-after: released:forky > # protective diversion of files moved from / to /usr, to avoid file loss. > -# Only for upgrades. > -if [ "$1" = "upgrade" ]; then > +# These protect both from M-A:same shared file loss and from loss due to > moving > +# from libsigrok4 to libsigrok4t64. > +if [ "$1" = upgrade ] || [ "$1" = install ]; then > dpkg-divert --package usr-is-merged --no-rename \ > --divert /lib/udev/rules.d/60-libsigrok.rules.usr-is-merged \ > --add /lib/udev/rules.d/60-libsigrok.rules > @@ -14,8 +14,11 @@ > dpkg-divert --package usr-is-merged --no-rename \ > --divert /lib/udev/rules.d/61-libsigrok-uaccess.rules.usr-is-merged \ > --add /lib/udev/rules.d/61-libsigrok-uaccess.rules > + > +# These
Bug#1064187: lua-socket: identified for time_t transition but no ABI in shlibs
Source: lua-luv Version: 1.44.2-0-1 Severity: serious User: debian-...@lists.debian.org Usertags: time-t Dear maintainers, Analysis of the archive for the 64-bit time_t transition[0][1] identifies luasocket as an affected package, on the basis that the headers could not be compiled and analyzed out of the box using abi-compliance-checker[2], so we have to assume it's affected. However, lua-socket's shlibs file declares a dependency on a library package name that contains no ABI information: $ cat DEBIAN/shlibs liblua5.1-mime 2 lua-socket (>= 3.1.0) liblua5.1-socket-serial 0 lua-socket (>= 3.1.0) liblua5.1-socket-unix 2 lua-socket (>= 3.1.0) liblua5.1-socket 2 lua-socket (>= 3.1.0) liblua5.2-mime 2 lua-socket (>= 3.1.0) liblua5.2-socket-serial 0 lua-socket (>= 3.1.0) liblua5.2-socket-unix 2 lua-socket (>= 3.1.0) liblua5.2-socket 2 lua-socket (>= 3.1.0) liblua5.3-mime 2 lua-socket (>= 3.1.0) liblua5.3-socket-serial 0 lua-socket (>= 3.1.0) liblua5.3-socket-unix 2 lua-socket (>= 3.1.0) liblua5.3-socket 2 lua-socket (>= 3.1.0) liblua5.4-mime 2 lua-socket (>= 3.1.0) liblua5.4-socket-serial 0 lua-socket (>= 3.1.0) liblua5.4-socket-unix 2 lua-socket (>= 3.1.0) liblua5.4-socket 2 lua-socket (>= 3.1.0) $ It is therefore not obvious that we should rename the package to 'lua-sockett64' as part of this transition. Looking at the archive, there is a package built from the separate lua-sec source package that depends on this library. Since there is no self-evident thing to do with the library package name here, we will not be handling this package as part of the mass NMUs. Instead I am filing a serious bug because partial upgrades from bookworm to trixie on 32-bit architectures will result in ABI skew and may result in broken behavior. Thanks, -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer https://www.debian.org/ slanga...@ubuntu.com vor...@debian.org [0] https://wiki.debian.org/ReleaseGoals/64bit-time [1] https://lists.debian.org/debian-devel/2024/01/msg00041.html [2] https://adrien.dcln.fr/misc/armhf-time_t/2024-02-16T21%3A19%3A00/logs/lua-socket-dev/base/log.txt signature.asc Description: PGP signature