Bug#1069191: glibc: GLIBC-SA-2024-0004/CVE-2024-2961: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence
Hi, Can this be backported to older Debian versions via the security repo? This bug can be used to execute code when using the PHP engine: * https://www.offensivecon.org/speakers/2024/charles-fol.html * https://www.openwall.com/lists/oss-security/2024/04/18/4
Bug#1025019: python-aiosmtpd: (autopkgtest) needs update for python3.11: Can't decode base64
Control: tags -1 + fixed-upstream patch Patch can be found at https://github.com/aio-libs/aiosmtpd/commit/827f2321b7a926f3e8ba2aad6387b36c7c2e0b9a.patch
Bug#1013480: hyperkitty: FTBFS: TypeError: __init__() got an unexpected keyword argument 'providing_args'
Am Mo., 14. Nov. 2022 um 10:53 Uhr schrieb Pierre-Elliott Bécue : > I really don't need reminders about the bugs on my packages. This is not a reminder. I was just going through the mailman3 packages to understand what is currently blocking the migration of packages. And when I found out what is blocking it, I've only checked if this problem is solved upstream or not. And if it was solved upstream, I added information about the situation in the already existing bug. > Please refrain from putting pressure on people with the expectation that > they'll do what you want at the tine you want. > > This is the last time I reply to such sollicitations. I don't understand why you are so unfriendly.
Bug#1013480: hyperkitty: FTBFS: TypeError: __init__() got an unexpected keyword argument 'providing_args'
Control: tags -1 + fixed-upstream patch This problem currently blocks various mailman3 related packages from migrating to Debian bookwoom. But it seems like this is fixed by 1.3.6: https://docs.mailman3.org/projects/hyperkitty/en/latest/news.html#news-1-3-6
Bug#1013500: django-mailman3: FTBFS: TypeError: __init__() got an unexpected keyword argument 'providing_args'
Control: tags -1 + fixed-upstream patch This problem currently blocks various mailman3 related packages from migrating to Debian bookwoom. But it seems like this is fixed by 1.3.8: https://pypi.org/project/django-mailman3/ (btw. thanks for the mailman 3.3.7 upload)
Bug#995779: autopkgtest fails with sqlalchemy 1.4.23+ds1
Control: tags 995779 + patch This is the upstream merged fix for sqlalchemy 1.4: https://gitlab.com/mailman/mailman/-/commit/c926e3d54680d4fac0648cde036368c699976038
Bug#960454: chromium: Make Chromium ask before downloading and enabling DRM
Completely disabling the autoupdater was an extremely bad idea. Now even various autoupdater scripts to update the global version in /usr/lib/chromium/WidevineCdm don't work anymore - so leaving users in a broken state. See also #981069
Bug#979970: libselinux1: dependency to newer libc6 ignored by/missing for aptitude
Package: libselinux1 Version: 2.8-1+b1 Severity: grave Right now, an update from buster to bullseye on amd64 completely bricks the system because libselinux1 is requiring a libc6 which is not yet installed on the system: Preparing to unpack .../0-libselinux1_3.1-2+b2_amd64.deb ... De-configuring libselinux1:i386 (2.8-1+b1) ... Unpacking libselinux1:amd64 (3.1-2+b2) over (2.8-1+b1) ... tar: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.30' not found (required by /lib/x86_64-linux-gnu/libselinux.so.1) dpkg-deb: error: tar subprocess returned error exit status 1 It is then not possible anymore to recover the system because dpkg (mv, ...) is no longer working. There is most likely some kind dependency missing to let aptitude known that it must first update libc6 before it can update libselinux1. At least on this system, the installed version of libc6 for amd64 and i386 was still 2.28-10 when this happened
Bug#922502: plasma-desktop: regional settings allow do select system incompatible locales
> Control: reassign -1 libqt5core5a/5.11.3+dfsg-2 > Control: affects -1 plasma-desktop > > Control: severity -1 important > > Please, don't abuse the bugs severity just to get more attention. I didn't abuse the severity. The https://www.debian.org/Bugs/Developer#severities has an entry "makes unrelated software on the system (or the whole system) break". And this is the case here. There is no obvious relation between plasma-desktop/libqt5core5a and the tex-common installation scripts. The same happened in the tex-common bug (actually worse - they just closed it). I am under the impression that everyone just wants to ignore this problem.
Bug#922500: tex-common: Fails to install with LC_TIME=en_DE.UTF-8
> On Sun, 17 Feb 2019, Charlemagne Lasse wrote: > > perl: warning: Setting locale failed. > > perl: warning: Please check that your locale settings: > > LANGUAGE = "en_US:en", > > LC_ALL = (unset), > > LC_TIME = "en_DE.UTF-8", > > LANG = "C" > > are supported and installed on your system. > > > locale: Cannot set LC_ALL to default locale: No such file or directory > > You have a broken locale setup, there is nothing we can do. luatex needs > correctly setup locales, but they are not. But the installation of tex-common should not fail because of this. It works fine when LC_TIME is not set to C or en_US.UTF-8 and so on (everything which locales-all provides). If the installation of a package fails because a user set locale is wrong then something is terrible broken with your installation process. I understand that it may fail when the user calls luatex manually with some incorrect env but not when the installation process is run. Setup/Installation happens in the system context. But now you are telling me that something in the user context is allowed to break the installation. Nothing in the users env should change the way how the package installation process behaves. We have /etc for that - not the user specific env. What would you say when you swedish system administrator installs package xyz and suddenly all english-only speaking users of the system have to deal with a swedish-only installation of xyz - even when the swedish system admin never explicitly said that a swedish-only version should be installed? Sounds wrong, correct? It is a little bit like farting in the face of the reproducible build folks. Cool, we removed all the non-reproducible behavior in the build process - lets move all the reproducibility problems in the installation process. Maybe the package is assigned incorrectly in this ticket and dpkg/aptitude/... should sanitize the env. But the ticket should not be closed so easily. It is not like I sat down and broke the package on purpose. I just selected some good looking regional settings in KDE plasma. And suddenly my texlive installation doesn't work anymore. Not something which you would expect.
Bug#922502: plasma-desktop: regional settings allow do select system incompatible locales
See also https://bugs.debian.org/922500
Bug#922502: plasma-desktop: regional settings allow do select system incompatible locales
Package: plasma-desktop Version: 4:5.14.5-1 Severity: critical Justification: makes unrelated software break on the system The "regional settings" allow to select various regions which are not available on the system (even with locales-all). An example here is en_DE (Germany) for "Time". This is then exported at the next login in the env variable LC_TIME as "en_DE.UTF-8". This is not supported on any Debian buster installation and is causing other software to break. Here an example of me trying to install tex-common under the environment created by the plasma desktop: sudo aptitude reinstall tex-common Warning: Invalid locale (please review locale settings, this might lead to problems later): locale::facet::_S_create_c_locale name not valid The following packages will be REINSTALLED: tex-common 0 packages upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 33 not upgraded. Need to get 53.0 kB of archives. After unpacking 0 B will be used. Get: 1 http://ftp.de.debian.org/debian buster/main amd64 tex-common all 6.10 [53.0 kB] Fetched 53.0 kB in 1s (105 kB/s) perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LANGUAGE = "en_US:en", LC_ALL = (unset), LC_TIME = "en_DE.UTF-8", LANG = "C" are supported and installed on your system. perl: warning: Falling back to the standard locale ("C"). perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LANGUAGE = "en_US:en", LC_ALL = (unset), LC_TIME = "en_DE.UTF-8", LANG = "C" are supported and installed on your system. perl: warning: Falling back to the standard locale ("C"). perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LANGUAGE = "en_US:en", LC_ALL = (unset), LC_TIME = "en_DE.UTF-8", LANG = "C" are supported and installed on your system. perl: warning: Falling back to the standard locale ("C"). perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LANGUAGE = "en_US:en", LC_ALL = (unset), LC_TIME = "en_DE.UTF-8", LANG = "C" are supported and installed on your system. perl: warning: Falling back to the standard locale ("C"). apt-listchanges: Can't set locale; make sure $LC_* and $LANG are correct! perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LANGUAGE = "en_US:en", LC_ALL = (unset), LC_TIME = "en_DE.UTF-8", LANG = "de_DE.UTF-8" are supported and installed on your system. perl: warning: Falling back to a fallback locale ("de_DE.UTF-8"). locale: Cannot set LC_ALL to default locale: No such file or directory (Reading database ... 21 files and directories currently installed.) Preparing to unpack .../tex-common_6.10_all.deb ... Unpacking tex-common (6.10) over (6.10) ... Setting up tex-common (6.10) ... locale: Cannot set LC_ALL to default locale: No such file or directory Running mktexlsr. This may take some time... done. Running updmap-sys. This may take some time... done. Running mktexlsr /var/lib/texmf ... done. Building format(s) --all. This may take some time... fmtutil failed. Output has been stored in /tmp/fmtutil.kwturaob Please include this file if you report a bug. dpkg: error processing package tex-common (--configure): installed tex-common package post-installation script subprocess returned error exit status 1 Processing triggers for man-db (2.8.5-1) ... Errors were encountered while processing: tex-common perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LANGUAGE = "en_US:en", LC_ALL = (unset), LC_TIME = "en_DE.UTF-8", LANG = "C" are supported and installed on your system. perl: warning: Falling back to the standard locale ("C"). perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LANGUAGE = "en_US:en", LC_ALL = (unset), LC_TIME = "en_DE.UTF-8", LANG = "C" are supported and installed on your system. perl: warning: Falling back to the standard locale ("C"). E: Sub-process /usr/bin/dpkg returned an error code (1) Setting up tex-common (6.10) ... locale: Cannot set LC_ALL to default locale: No such file or directory Running mktexlsr. This may take some time... done. Running updmap-sys. This may take some time... done. Running mktexlsr /var/lib/texmf ... done. Building format(s) --all. This may take some time... fmtutil failed. Output has been stored in /tmp/fmtutil.oXxMEBqv Please include this file if you report a bug. dpkg: error processing package tex-common (--configure): installed tex-common package post-installation script subprocess returned error exit status 1 Errors were encountered while processing: tex-common sudo cat /tmp/fmtutil.oXxMEBqv fmtutil: fmtutil is using the
Bug#922500: tex-common: Fails to install with LC_TIME=en_DE.UTF-8
Package: tex-common Version: 6.10 Severity: serious Justification: Fails to install on a normal KDE installation with "Germany" setting as Time localization The installation works fine with LC_TIME=C but not with the setting generated by KDE LC_TIME=en_DE.UTF-8. The aptitude output follows and at the end the log file content mentioned in the aptitude output sudo LC_TIME=en_DE.UTF-8 aptitude reinstall tex-common Warning: Invalid locale (please review locale settings, this might lead to problems later): locale::facet::_S_create_c_locale name not valid The following packages will be REINSTALLED: tex-common 0 packages upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 33 not upgraded. Need to get 53.0 kB of archives. After unpacking 0 B will be used. Get: 1 http://ftp.de.debian.org/debian buster/main amd64 tex-common all 6.10 [53.0 kB] Fetched 53.0 kB in 1s (105 kB/s) perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LANGUAGE = "en_US:en", LC_ALL = (unset), LC_TIME = "en_DE.UTF-8", LANG = "C" are supported and installed on your system. perl: warning: Falling back to the standard locale ("C"). perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LANGUAGE = "en_US:en", LC_ALL = (unset), LC_TIME = "en_DE.UTF-8", LANG = "C" are supported and installed on your system. perl: warning: Falling back to the standard locale ("C"). perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LANGUAGE = "en_US:en", LC_ALL = (unset), LC_TIME = "en_DE.UTF-8", LANG = "C" are supported and installed on your system. perl: warning: Falling back to the standard locale ("C"). perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LANGUAGE = "en_US:en", LC_ALL = (unset), LC_TIME = "en_DE.UTF-8", LANG = "C" are supported and installed on your system. perl: warning: Falling back to the standard locale ("C"). apt-listchanges: Can't set locale; make sure $LC_* and $LANG are correct! perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LANGUAGE = "en_US:en", LC_ALL = (unset), LC_TIME = "en_DE.UTF-8", LANG = "de_DE.UTF-8" are supported and installed on your system. perl: warning: Falling back to a fallback locale ("de_DE.UTF-8"). locale: Cannot set LC_ALL to default locale: No such file or directory (Reading database ... 21 files and directories currently installed.) Preparing to unpack .../tex-common_6.10_all.deb ... Unpacking tex-common (6.10) over (6.10) ... Setting up tex-common (6.10) ... locale: Cannot set LC_ALL to default locale: No such file or directory Running mktexlsr. This may take some time... done. Running updmap-sys. This may take some time... done. Running mktexlsr /var/lib/texmf ... done. Building format(s) --all. This may take some time... fmtutil failed. Output has been stored in /tmp/fmtutil.kwturaob Please include this file if you report a bug. dpkg: error processing package tex-common (--configure): installed tex-common package post-installation script subprocess returned error exit status 1 Processing triggers for man-db (2.8.5-1) ... Errors were encountered while processing: tex-common perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LANGUAGE = "en_US:en", LC_ALL = (unset), LC_TIME = "en_DE.UTF-8", LANG = "C" are supported and installed on your system. perl: warning: Falling back to the standard locale ("C"). perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LANGUAGE = "en_US:en", LC_ALL = (unset), LC_TIME = "en_DE.UTF-8", LANG = "C" are supported and installed on your system. perl: warning: Falling back to the standard locale ("C"). E: Sub-process /usr/bin/dpkg returned an error code (1) Setting up tex-common (6.10) ... locale: Cannot set LC_ALL to default locale: No such file or directory Running mktexlsr. This may take some time... done. Running updmap-sys. This may take some time... done. Running mktexlsr /var/lib/texmf ... done. Building format(s) --all. This may take some time... fmtutil failed. Output has been stored in /tmp/fmtutil.oXxMEBqv Please include this file if you report a bug. dpkg: error processing package tex-common (--configure): installed tex-common package post-installation script subprocess returned error exit status 1 Errors were encountered while processing: tex-common sudo cat /tmp/fmtutil.oXxMEBqv fmtutil: fmtutil is using the following fmtutil.cnf files (in precedence order): fmtutil: /usr/share/texmf/web2c/fmtutil.cnf fmtutil: /usr/share/texlive/texmf-dist/web2c/fmtutil.cnf fmtutil: fmtutil is using the
Bug#921832: [firefox-esr] FTBFS of security/certverifier/Buffer.cpp
Source: firefox-esr Version: 60.5.0esr-1 Severity: grave Tags: patch Forwarded: https://bugzilla.mozilla.org/show_bug.cgi?id=1526648 Noticed while trying to prepare the mini fix for https://bugs.debian.org/921381 /usr/bin/g++ -o Unified_cpp_certverifier0.o -c -Ibuster/stl_wrappers -Ibuster/system_wrappers -include /build/firefox-esr-60.5.0esr/config/gcc_hidden.h -DNDEBUG=1 -DTRIMMED=1 '-DDLL_PREFIX="lib"' '-DDLL_SUFFIX=".so"' -DSTATIC_EXPORTABLE_JS_API -DMOZ_HAS_MOZGLUE -DMOZILLA_INTERNAL_API -DIMPL_LIBXUL -I/build/firefox-esr-60.5.0esr/security/certverifier -I/build/firefox-esr-60.5.0esr/build-browser/security/certverifier -I/build/firefox-esr-60.5.0esr/security/manager/ssl -I/build/firefox-esr-60.5.0esr/security/pkix/include -I/build/firefox-esr-60.5.0esr/security/pkix/lib -I/build/firefox-esr-60.5.0esr/build-browser/dist/include -I/usr/include/nspr -I/usr/include/nss -fPIC -DMOZILLA_CLIENT -include /build/firefox-esr-60.5.0esr/build-browser/mozilla-config.h -Wdate-time -D_FORTIFY_SOURCE=2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -Wall -Wempty-body -Wignored-qualifiers -Woverloaded-virtual -Wpointer-arith -Wsign-compare -Wtype-limits -Wunreachable-code -Wwrite-strings -Wno-invalid-offsetof -Wc++1z-compat -Wduplicated-cond -Wimplicit-fallthrough -Wno-error=maybe-uninitialized -Wno-error=deprecated-declarations -Wno-error=array-bounds -Wno-error=free-nonheap-object -Wformat -Wformat-overflow=2 -fno-sized-deallocation -fstack-protector-strong -Wformat -Werror=format-security -fno-schedule-insns2 -fno-lifetime-dse -fno-delete-null-pointer-checks -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fno-exceptions -fno-strict-aliasing -fno-rtti -ffunction-sections -fdata-sections -fno-exceptions -fno-math-errno -pthread -pipe -g -freorder-blocks -O2 -fomit-frame-pointer -Wall -Wextra -Wunreachable-code -Wno-unused-parameter -MD -MP -MF .deps/Unified_cpp_certverifier0.o.pp /build/firefox-esr-60.5.0esr/build-browser/security/certverifier/Unified_cpp_certverifier0.cpp In file included from /build/firefox-esr-60.5.0esr/build-browser/security/certverifier/Unified_cpp_certverifier0.cpp:20: /build/firefox-esr-60.5.0esr/security/certverifier/Buffer.cpp: In function 'bool mozilla::operator==(const Buffer&, const Buffer&)': /build/firefox-esr-60.5.0esr/security/certverifier/Buffer.cpp:14:11: error: 'memcmp' was not declared in this scope memcmp(a.begin(), b.begin(), a.length()) == 0); ^~ /build/firefox-esr-60.5.0esr/security/certverifier/Buffer.cpp:14:11: note: 'memcmp' is defined in header ''; did you forget to '#include '? /build/firefox-esr-60.5.0esr/security/certverifier/Buffer.cpp:1:1: +#include /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ /build/firefox-esr-60.5.0esr/security/certverifier/Buffer.cpp:14:11: memcmp(a.begin(), b.begin(), a.length()) == 0); ^~ make[6]: *** [/build/firefox-esr-60.5.0esr/config/rules.mk:1056: Unified_cpp_certverifier0.o] Error 1 make[6]: Leaving directory '/build/firefox-esr-60.5.0esr/build-browser/security/certverifier' make[5]: *** [/build/firefox-esr-60.5.0esr/config/recurse.mk:73: security/certverifier/target] Error 2 make[5]: Leaving directory '/build/firefox-esr-60.5.0esr/build-browser' make[4]: *** [/build/firefox-esr-60.5.0esr/config/recurse.mk:33: compile] Error 2 make[4]: Leaving directory '/build/firefox-esr-60.5.0esr/build-browser' make[3]: *** [/build/firefox-esr-60.5.0esr/config/rules.mk:442: default] Error 2 make[3]: Leaving directory '/build/firefox-esr-60.5.0esr/build-browser' dh_auto_build: cd build-browser && make -j1 LD_LIBS=-Wl,--no-gc-sections _LEAKTEST_FILES=leaktest.py returned exit code 2 make[2]: *** [debian/rules:227: stamps/build-browser] Error 2 make[2]: Leaving directory '/build/firefox-esr-60.5.0esr' make[1]: *** [debian/rules:336: build-arch] Error 2 make[1]: Leaving directory '/build/firefox-esr-60.5.0esr' make: *** [debian/rules:336: build] Error 2 dpkg-buildpackage: error: debian/rules build subprocess returned exit status 2 From: Charlemange Lasse Date: Sat, 9 Feb 2019 10:08:10 +0100 Subject: [PATCH] Fix FTBFS of security/certverifier/Buffer.cpp --- debian/changelog | 1 + .../Bug-1526648-Include-cstring-for-memcmp.patch | 12 debian/patches/series| 1 + 3 files changed, 14 insertions(+) create mode 100644 debian/patches/fixes/Bug-1526648-Include-cstring-for-memcmp.patch --- a/debian/changelog +++ b/debian/changelog @@ -4,6 +4,7 @@ firefox-esr (60.5.0esr-2) UNRELEASED; urgency=medium * Fix download of esr compatible Gecko Media Plugins (widevine, openh264) by switching to "esr" update channel (Closes: #921381, #921121, #921654) + * Fix FTBFS of security/certverifier/Buffer.cpp (Closes: #-TODO) -- Charlemange Lasse Sat, 09 Feb 2019 08:47:47 +0100 --- /dev/null +++ b/debian/patches/fixes/Bug-1526648-Include-cstring-for-memcmp.patch @@ -0,0 +1,12 @@ +diff --git
Bug#921823: chromium: FTBFS of vaapi_wrapper.cc in i386/armhf (pointer casting)
Source: chromium Version: 72.0.3626.81-1 Severity: grave X-Debbugs-CC: 856...@bugs.debian.org FAILED: obj/media/gpu/vaapi/vaapi/vaapi_wrapper.o g++ -MMD -MF obj/media/gpu/vaapi/vaapi/vaapi_wrapper.o.d -DMEDIA_GPU_IMPLEMENTATION -DV8_DEPRECATION_WARNINGS -DUSE_UDEV -DUSE_AURA=1 -DUSE_GLIB=1 -DUSE_NSS_CERTS=1 -DUSE_X11=1 -DNO_TCMALLOC -DFULL_SAFE_BROWSING -DSAFE_BROWSING_CSD -DSAFE_BROWSING_DB_LOCAL -DCHROMIUM_BUILD -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D__STDC_CONSTANT_MACROS -D__STDC_FORMAT_MACROS -D_FORTIFY_SOURCE=2 -DNDEBUG -DNVALGRIND -DDYNAMIC_ANNOTATIONS_ENABLED=0 -DGLIB_VERSION_MAX_ALLOWED=GLIB_VERSION_2_32 -DGLIB_VERSION_MIN_REQUIRED=GLIB_VERSION_2_26 -DVK_NO_PROTOTYPES -DGL_GLEXT_PROTOTYPES -DUSE_GLX -DUSE_EGL -DSK_HAS_PNG_LIBRARY -DSK_HAS_WEBP_LIBRARY -DSK_HAS_JPEG_LIBRARY -DSK_VULKAN_HEADER=\"../../skia/config/SkVulkanConfig.h\" -DSK_VULKAN=1 -DSK_SUPPORT_GPU=1 -DSK_GPU_WORKAROUNDS_HEADER=\"gpu/config/gpu_driver_bug_workaround_autogen.h\" -DVK_NO_PROTOTYPES -DUSING_SYSTEM_ICU=1 -DICU_UTIL_DATA_IMPL=ICU_UTIL_DATA_STATIC -DUCHAR_TYPE=uint16_t -DU_IMPORT=U_EXPORT -DGOOGLE_PROTOBUF_NO_RTTI -DGOOGLE_PROTOBUF_NO_STATIC_INITIALIZER -DHAVE_PTHREAD -DLEVELDB_PLATFORM_CHROMIUM=1 -DLEVELDB_PLATFORM_CHROMIUM=1 -I../.. -Igen -I../../third_party/libyuv/include -Igen/shim_headers/libevent_shim -Igen/shim_headers/libpng_shim -Igen/shim_headers/libwebp_shim -Igen/shim_headers/icuuc_shim -Igen/shim_headers/zlib_shim -I../../third_party/khronos -I../../gpu -Igen/shim_headers/libdrm_shim -I../../third_party/vulkan/include -Igen/shim_headers/icui18n_shim -Igen/shim_headers/re2_shim -Igen/shim_headers/ffmpeg_shim -Igen/shim_headers/libvpx_shim -Igen/shim_headers/snappy_shim -Igen/shim_headers/opus_shim -I../../skia/config -I../../skia/ext -I../../third_party/skia/include/c -I../../third_party/skia/include/config -I../../third_party/skia/include/core -I../../third_party/skia/include/docs -I../../third_party/skia/include/effects -I../../third_party/skia/include/encode -I../../third_party/skia/include/gpu -I../../third_party/skia/include/pathops -I../../third_party/skia/include/ports -I../../third_party/skia/include/utils -I../../third_party/vulkan/include -I../../third_party/skia/third_party/vulkanmemoryallocator -I../../third_party/skia/include/codec -I../../third_party/skia/src/gpu -I../../third_party/skia/src/sksl -I../../third_party/skia/modules/skottie/include -I../../third_party/vulkan/include -I../../third_party/ced/src -I../../third_party/protobuf/src -I../../third_party/mesa_headers -I../../third_party/libwebm/source -I../../third_party/protobuf/src -Igen/protoc_out -I../../third_party/leveldatabase -I../../third_party/leveldatabase/src -I../../third_party/leveldatabase/src/include -fno-strict-aliasing --param=ssp-buffer-size=4 -fstack-protector -Wno-builtin-macro-redefined -D__DATE__= -D__TIME__= -D__TIMESTAMP__= -funwind-tables -fPIC -pipe -pthread -march=armv7-a -mfloat-abi=hard -mtune=generic-armv7-a -mfpu=vfpv3-d16 -mthumb -Wall -Wno-psabi -Wno-unused-local-typedefs -Wno-maybe-uninitialized -Wno-deprecated-declarations -Wno-comments -Wno-missing-field-initializers -Wno-unused-parameter -O2 -fno-ident -fdata-sections -ffunction-sections -fno-omit-frame-pointer -g0 -fvisibility=hidden -I/usr/include/glib-2.0 -I/usr/lib/arm-linux-gnueabihf/glib-2.0/include -std=gnu++14 -Wno-narrowing -fno-exceptions -fno-rtti -fvisibility-inlines-hidden -Wdate-time -D_FORTIFY_SOURCE=2 -Wno-pedantic -Wno-unused-function -Wno-unused-variable -Wno-unused-but-set-variable -Wno-deprecated-declarations -Wno-return-type -Wno-misleading-indentation -Wno-attributes -Wno-subobject-linkage -Wno-ignored-attributes -Wno-address -Wno-dangling-else -Wno-class-memaccess -Wno-invalid-offsetof -Wno-packed-not-aligned -Wno-pedantic -Wno-unused-function -Wno-unused-variable -Wno-unused-but-set-variable -Wno-deprecated-declarations -Wno-return-type -Wno-misleading-indentation -Wno-attributes -Wno-subobject-linkage -Wno-ignored-attributes -Wno-address -Wno-dangling-else -Wno-class-memaccess -Wno-invalid-offsetof -Wno-packed-not-aligned -c ../../media/gpu/vaapi/vaapi_wrapper.cc -o obj/media/gpu/vaapi/vaapi/vaapi_wrapper.o ../../media/gpu/vaapi/vaapi_wrapper.cc: In member function 'scoped_refptr media::VaapiWrapper::CreateVASurfaceForPixmap(const scoped_refptr&)': ../../media/gpu/vaapi/vaapi_wrapper.cc:1012:38: error: invalid conversion from 'long unsigned int*' to 'uintptr_t*' {aka 'unsigned int*'} [-fpermissive] va_attrib_extbuf.buffers = fds.data(); ^~ https://buildd.debian.org/status/fetch.php?pkg=chromium=armhf=72.0.3626.81-1=1549182249=0 https://buildd.debian.org/status/fetch.php?pkg=chromium=i386=72.0.3626.81-1=1549136121=0
Bug#921738: chromium-widevine: Widevine does not work with Netflix
tags 921738 + wontfix bye This package is *not* widevine. It is the *support* for the legacy widevine cdm. You still have to download the widevine cdm from widevine.com/google. Google prohibits its distribution without a license: > "Google Inc. and its affiliates ("Google") own all legal right, title and > interest in and to the content decryption module software ("Software") and > related documentation, including any intellectual property rights in the > Software. You may not use, modify, sell, or otherwise distribute the Software > without a separate license agreement with Google. The Software is not open > source software. > > If you are interested in licensing the Software, please contact > widev...@google.com. This package was removed from newer releases of the chromium package. The new widevine cdm module (4.10.1196.0) will be loaded directly by the browser from /usr/lib/chromium/libwidevinecdm.so when you have a version installed which isn't affected by https://bugs.debian.org/916058 - you still have to get libwidevinecdm.so If you are interested in automatically installing this plugin then please use the approach by https://tracker.debian.org/pkg/pepperflashplugin-nonfree and upload the download helper to contrib/web. As far as I know, Mozilla has a license to use widevine but not a license to distribute it. Steam/Valve maybe has a license to redistribute it (I could be wrong but I thought that it was in their steam runtime) and the chrome team definitely has a license to distribute it. You have to contact netflix directly about their wrong help message
Bug#921521: chromium-browser: CVE/Security fixes missing in stable-sec
Package: chromium Version: 71.0.3578.80-1~deb9u1 Severity: serious The stable-sec package is stuck with version 71.0.3578.80 and is missing security updates for several CVEs. Take for example the list from 72.0.3626.81 - Stack buffer overflow in Skia. Reported by Ivan Fratric - Use after free in Mojo, FileAPI, and Payments. Reported by Mark Brand - CVE-2018-17481: Use after free in PDFium. Reported by Anonymous - CVE-2019-5754: Inappropriate implementation in QUIC Networking. Reported by Klzgrad - CVE-2019-5755: Inappropriate implementation in V8. Reported by Jay Bosamiya - CVE-2019-5756: Use after free in PDFium. Reported by Anonymous - CVE-2019-5757: Type Confusion in SVG. Reported by Alexandru Pitis - CVE-2019-5758: Use after free in Blink. Reported by Zhe Jin - CVE-2019-5759: Use after free in HTML select elements. Reported by Almog Benin - CVE-2019-5760: Use after free in WebRTC. Reported by Zhe Jin - CVE-2019-5762: Use after free in PDFium. Reported by Anonymous - CVE-2019-5763: Insufficient validation of untrusted input in V8. Reported by Guang Gong - CVE-2019-5764: Use after free in WebRTC. Reported by Eyal Itkin - CVE-2019-5765: Insufficient policy enforcement in the browser. Reported by Sergey Toshin - CVE-2019-5766: Insufficient policy enforcement in Canvas. Reported by David Erceg - CVE-2019-5767: Incorrect security UI in WebAPKs. Reported by Haoran Lu, Yifan Zhang, Luyi Xing, and Xiaojing Liao - CVE-2019-5768: Insufficient policy enforcement in DevTools. Reported by Rob Wu - CVE-2019-5769: Insufficient validation of untrusted input in Blink. Reported by Guy Eshel - CVE-2019-5770: Heap buffer overflow in WebGL. Reported by hemidallt - CVE-2019-5772: Use after free in PDFium. Reported by Zhen Zhou - CVE-2019-5773: Insufficient data validation in IndexedDB. Reported by Yongke Wang - CVE-2019-5774: Insufficient validation of untrusted input in SafeBrowsing. Reported by Junghwan Kang and Juno Im - CVE-2019-5775: Insufficient policy enforcement in Omnibox. Reported by evi1m0 - CVE-2019-5776: Insufficient policy enforcement in Omnibox. Reported by Lnyas Zhang - CVE-2019-5777: Insufficient policy enforcement in Omnibox. Reported by Khalil Zhani - CVE-2019-5778: Insufficient policy enforcement in Extensions. Reported by David Erceg - CVE-2019-5779: Insufficient policy enforcement in ServiceWorker. Reported by David Erceg - CVE-2019-5780: Insufficient policy enforcement. Reported by Andreas Hegenberg - CVE-2019-5781: Insufficient policy enforcement in Omnibox. Reported by evi1m0 - CVE-2019-5782: Inappropriate implementation in V8 reported by Qixun Zhao - CVE-2019-5783: Insufficient validation of untrusted input in DevTools. Reported by Shintaro Kobori
Bug#904652: pulseaudio: looses device and replace it with dummy package so no sound possible
found 904652 11.1-5 thanks > i didn't do anything. > Upgrading the system like always. > Suddenly there was no sound available. Change /etc/pulse/default.pa to automatically load module-alsa-sink on boot (module-udev-detect is broken and will not load the alsa-sink anymore) This is also a problem in buster (which is still using 11.1-5)
Bug#863475: [prosody] Fails to initiate s2s when lua-event 0.4.3 is installed
Package: prosody Version: 0.9.12-1 Severity: serious Tags: patch stretch Prosody fails to intiate S2S connections when lua-event 0.4.3 is installed. This bug was already fixed in the 0.10 branch of prosody but is still present on Debian stretch (which is shipped with lua-event 0.4.3) The fix can be found at https://prosody.im/issues/issue/555 Errors in the log are: May 27 13:47:24 adnswarnDNS socket for 8.8.8.8 disconnected: connection timeout May 27 13:47:39 adnswarnDNS socket for 8.8.4.4 disconnected: connection timeout May 27 13:47:59 adnswarnDNS socket for 8.8.8.8 disconnected: connection timeout May 27 13:47:59 adnserror Exhausted all 2 configured DNS servers, next lookup will try 8.8.4.4 again May 27 13:48:04 s2sout55ea3204b2d0 infoOut of connection options, can't connect to jabber.linux.it May 27 13:48:04 s2sout55ea3204b2d0 infoSending error replies for 2 queued stanzas because of failed outgoing connection to jabber.linux.it The problem can either be resolved by backporting the fix or marking lua-event 0.4.3 as conflict (and remove it from the Recommended field). Marking this as serious bug because federation is an extreme important part of XMPP/Jabber --- System information. --- Architecture: Kernel: Linux 4.9.0-3-amd64 Debian Release: 9.0 500 testing-debug debug.mirrors.debian.org 500 testing httpredir.debian.org
Bug#842710: [gcc-6] Fails to compile OpenWrt/LEDE prereq-build
Package: gcc-6 Version: 6.2.0-10 Severity: serious X-Debbugs-CC: lede-...@lists.infradead.org There is a regression after gcc-6 6.2.0-6. I get following output when trying to compile LEDE/OpenWrt "Please install a static zlib" This is wrong $ ls -ltr /usr/lib/x86_64-linux-gnu/libz.a -rw-r--r-- 1 root root 149834 Nov 27 2014 /usr/lib/x86_64-linux-gnu/libz.a Following can be found in their include/prereq-build.mk ifeq ($(HOST_OS),Linux) zlib_link_flags := -Wl,-Bstatic -lz -Wl,-Bdynamic else zlib_link_flags := -lz endif $(eval $(call TestHostCommand,zlib, \ Please install a static zlib. (Missing libz.a or zlib.h), \ echo 'int main(int argc, char **argv) { gzdopen(0, "rb"); return 0; }' | \ gcc -include zlib.h -x c -o $(TMP_DIR)/a.out - $(zlib_link_flags))) Testing it with gcc-6 6.2.0-6 works: $ echo 'int main(int argc, char **argv) { gzdopen(0, "rb"); return 0; }' | gcc -include zlib.h -x c -o a.out - -Wl,-Bstatic -lz -Wl,-Bdynamic $ echo $? 0 with gcc-6 6.2.0-10 fails: $ echo 'int main(int argc, char **argv) { gzdopen(0, "rb"); return 0; }' | gcc -include zlib.h -x c -o a.out - -Wl,-Bstatic -lz -Wl,-Bdynamic /usr/bin/ld: /usr/lib/gcc/x86_64-linux-gnu/6/../../../x86_64-linux-gnu/libz.a(gzlib.o): relocation R_X86_64_32S against `.rodata' can not be used when making a shared object; recompile with -fPIC /usr/bin/ld: final link failed: Nonrepresentable section on output collect2: error: ld returned 1 exit status $ echo $? 1
Bug#831525: [libretro-mupen64plus] Remove copies of mupen64plus-*
Source: libretro-mupen64plus Version: 2.0+git20160207+dfsg2-1 Severity: serious Marked as serious because it is a violation of paragraph 4.13 from the Debian Policy. Debian should not ship the same things twice. So the Debian Games Team should decide whether it wants to ship mupen64plus-* or libretro-mupen64plus Maybe it is also possible not to use the included copies and instead load the plugins from mupen64plus-*