Bug#1061315: inn2 ftbfs with Python 3.12 as the default
Hi Matthias, looking at m4/python.m4, this comes from getting the configuration out of the sysconfig module. and _sysconfigdata_* has: 'LOCALMODLIBS': '-lm -lm -lz -lm -lm -lexpat -lexpat ' 'Modules/_hacl/libHacl_Hash_SHA2.a -lz', So, I'm not sure, how to better get the required information for linking, but this interface doesn't look very reliable. maybe better use: python3-config --embed --libs Oh, yes, your proposal to use python3-config is far better. After testing, "python3-config --libs" is enough; there's no need in adding "--embed" as the "-lpython3.12" flag otherwise appears twice in PYTHON_LIBS. Also, if python3-config (which may also be python2-config, python-config or any other variant) is not installed, I've kept the current check just to be sure we'll still have something. I've opened a PR upstream: https://github.com/rra/rra-c-util/pull/18/commits/63e4ddf8683c8c1dc429043ca8af7984eff21140 Thanks again. -- Julien ÉLIE « Le cercle est le plus long chemin d'un point au même point. » (Tom Stoppard, _Every Good Boy Deserves Favour_)
Bug#1061315: inn2 ftbfs with Python 3.12 as the default
Hi Matthias, Package: src:inn2 Version: 2.7.2~20231223-1 Severity: serious Tags: sid trixie ftbfs User: debian-pyt...@lists.debian.org Usertags: python3.12 with python3-defaults from experimental: [...] checking for Python.h... yes checking for Py_Initialize... no configure: error: in `/<>/build': configure: error: unable to link with Python library See `config.log' for more details Could you put the end of the config.log file? (the part showing the failure to find Py_Initialize) Maybe a problem of Python not in the path? FWIW, I do not run trixie, but building INN with a downloaded version of Python 3.12 on bookworm works for me: checking for flags to link with Python... -L/home/news/work/py3.12.1/lib -lpython3.12 -lpthread -ldl -lutil -lm -Xlinker -export-dynamic checking Python.h usability... yes checking Python.h presence... yes checking for Python.h... yes checking for Py_Initialize... yes configure:15028: checking for Py_Initialize configure:15028: gcc -o conftest -g -O2 -I/home/news/work/py3.12.1/include/python3.12 conftest.c -L/home/news/work/py3.12.1/lib -lpython3.12 -lpthread -ldl -lutil -lm -Xlinker -export-dynamic >&5 -- Julien ÉLIE « L'éternité, c'est long, surtout vers la fin. » (Woody Allen)
Bug#1035098: Bug#1034958: Consequence of #951598
Hi Marco, Would this work for you? Please let me know ASAP since the hard freeze is very close. As you plan on uploading a new package (thanks for it!), could you also please add this specific fix for ovsqlite-util? https://github.com/InterNetNews/inn/commit/a130d658317b623ba72d447ff3461389487917d2 It was fixed between 2.7.1rc1 and the final 2.7.1 version. Naturally, uploading 2.7.1 would be best if it can be done at this step of the freeze. Also, it may be useful to add libdbd-sqlite3-perl as a dependency of the inn2 package so that people can directly use ovsqlite-util. (As libsqlite is already listed in the dependencies, this Perl module could be listed as well). -- Julien ÉLIE « Le chemin le plus court d'un point à un autre est la ligne droite, à condition que les deux points soient bien en face l'un de l'autre. » (Pierre Dac)
Bug#974024: inn2 FTBFS on IPV6-only buildds
https://buildd.debian.org/status/fetch.php?pkg=inn2&arch=armhf&ver=2.6.3%2B20200601-1&stamp=1591433398&raw=0 https://buildd.debian.org/status/fetch.php?pkg=inn2&arch=armel&ver=2.6.3%2B20200601-1%2Bb1&stamp=1604879007&raw=0 lib/network/server..MISSED 34-42 (killed by signal 14) 34 - ...socket accept 35 - ...socket read 36 - ...address family is IPv4 37 - client made correct connections 38 - network_wait_any found UDP message 39 - ...of correct length 40 - ...from correct family 41 - ...and correct contents 42 - client made correct connections Missed tests (and not failed tests) are the ones in test_server_accept_any(): /* If there are firewalls that block connections, we could hang here. */ alarm(5); client = network_accept_any(fds, count, saddr, &slen); test_server_connection(client); Maybe the test should just be skipped if an alarm is raised? -- Julien ÉLIE « – Les sangliers apprécient mieux que toi ma musique ! – C'est normal, tu chantes comme un cochon !!! » (Astérix)
Bug#784115: inn: incoming feed is garbled
Hi Stefan, Good: inn_1.7.2q-41_amd64.deb Fail: inn_1.7.2q-41+b1_amd64.deb I don't know anything about the differences of these two versions. However, 41 has been running without a single error for a couple of hours now. When I switched to 41+b1 again, errors came within seconds. The only change between -41 and -41b1 is a rebuild against perl 5.18, isn't it? So maybe the issue comes from Perl... Is it possible to disable the Perl filters in inn.conf to see if it then works OK? Or a large-file support issue? (I do not know if LFS also exists in INN 1.7.2 but one should note that we had issues with INN 2.x against latest versions of Perl.) Is the problem only with the amd64 package? Fixing the pointer-cast-size-mismatch warnings may be helpful if that is the case: https://qa.debian.org/bls/packages/i/inn.html We can see the warnings in: https://buildd.debian.org/status/fetch.php?pkg=inn&arch=amd64&ver=1%3a1.7.2q-44%2bb2&stamp=1412186175 I notably see that one concerns Perl in the CHECK command (used for streaming!): nc.c: In function 'NCcheck': nc.c:1592:24: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast] else if ((perlrc = (char *)HandleMessageID(p)) != NULL) { -- Julien ÉLIE « Ce n'est pas en tournant le dos aux choses qu'on leur fait face. » (Pierre Dac) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#736818: base-passwd: defaults to set shell of news to /usr/sbin/nologin which kills inn2
tags 736818 fixed-upstream thanks Hi Colin, Marco, here's a patch; could you apply it? The bulk of it is documentation updates. [...] I've put the new patch in the "Debian integration" section, but I expect it would be upstreamable too. Thanks for your patch. The part related to upstream is now committed to upstream, and will be present in the forthcoming INN 2.5.4 release: https://inn.eyrie.org/trac/changeset/9599 I have added your name to the list of our contributors. -- Julien ÉLIE « Il n'y a pas moyen de contenter ceux qui veulent savoir le pourquoi des pourquoi. » (Leibniz) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#736818: RE : Bug#736818: base-passwd: defaults to set shell of news to /usr/sbin/nologin which kills inn2
Hi Russ, > As an upstream INN maintainer, I agree with this change from an upstream > perspective and, unless Julien beats me to it, will incorporate it into > the next upstream releases. Ok I will have a look in February as soon as my ADSL line is installed. Please tell me in case you have already begun adding /bin/sh where it should be added. -- Julien
Bug#690128: inn2: conffile disappearing during squeeze->wheezy upgrade: /etc/news/motd.news
Hi Russ, Couldn't we install them as ${PATHETC}/motd.innd.sample and ${PATHETC}/motd.nnrpd.sample or should they be in a separate path? In the latter case, would the ${PATHETC}/samples directory be fine? Looking at the files, they're mostly documentation for the facility. I'm wondering whether that's a useful thing to install. The upside of installing some sort of sample is that it makes it clear to people installing a new server that this is something that can be done. The downside is that the files are not, themselves, actually useful; you wouldn't use any part of their content when creating a real MOTD file. They're just documentation. Shouldn't we just add examples in /etc/news/motd.innd.sample and /etc/news/motd.nnrpd/sample so that these files contain more information than mere documentation? Wouldn't then /etc/news be the right place to keep using? (Note that we keep ".sample" at the end of the name of these files for them not to be automatically used by INN in case the news administrator forgot to modify them.) For instance adding in motd.nnrpd.sample: %%% Here are a few suggestions of messages to display to the news reader. Example 1 - Attention all users, This server will be down for scheduled upgrades on February 1st. It should be back up by 8:00 a.m. February 2nd. Any questions should be e-mailed to . Apologies for the disturbance. Example 2 - Dear customers, We are pleased to announce the creation of a support newsgroup, named "our.company.support". It was created on February 1st and is intended to receive your questions about the use of our services. Our support team will respond within a couple of days. Please use this new newsgroup preferably as a means to contact us. Example 3 - This news server now supports TLS connections. Please configure your news reader to use TLS when connecting or authenticating. A tutorial is available in the newsgroup "our.company.support" to help you do the change. Do not hesitate to ask for help in the newsgroup if you encounter issues during the change. Starting from February 1st, unencrypted authentications (that is to say not using TLS) will be rejected. Example 4 - Support for a new SASL mechanism has been added: OPENID20 can now be used to authenticate. Feel free to use it! %%% And in motd.innd.sample: %%% Here are a few suggestions of messages to display to the peer. Example 1 - Attention all users, This server will be down for scheduled upgrades on February 1st. It should be back up by 8:00 a.m. February 2nd. Any questions should be e-mailed to . Apologies for the disturbance. Example 2 - This news server now carries the comp.* hierarchy. Feel free to add it to the list of hierarchies you feed us. Example 3 - This news server no longer accepts articles whose length exceeds 32 768 bytes. Please configure your server not to send us such articles. Example 4 - Starting from February 1st, the IP of this news server will change. Note that its host name remains the same. In case explicit rules based on IP exist at your end (firewall, iptables, feed configuration, etc.), please update them to use 10.0.0.1 as the IP of our news server. %%% Is it OK to do the suggested change and keep the samples in /etc/news? Please tell me in case there are misspellings in the suggested texts. Some of you may have noticed that the first example for nnrpd is taken from RFC 6048 (specifying LIST MOTD, amongst other commands). I hope it is fine to use it :-) If you have ideas of other examples to add, do not hesitate to suggest. -- Julien ÉLIE « Il faut mettre un frein à l'immobilisme. » -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#690128: inn2: conffile disappearing during squeeze->wheezy upgrade: /etc/news/motd.news
Hi Russ, With current newsreaders the motd is just annoying. Yeah, I'm inclined to agree with this, and wonder if INN should change its upstream behavior to install a sample in a path other than the one used by innd and nnrpd. That would also be fine, yes. Couldn't we install them as ${PATHETC}/motd.innd.sample and ${PATHETC}/motd.nnrpd.sample or should they be in a separate path? In the latter case, would the ${PATHETC}/samples directory be fine? Shouldn't we do the same for the ${PATHETC}/subscriptions file? It already contains a list of newsgroups. What for files like ${PATHETC}/actsync.ign? Maybe the default behaviour is not the expected one. my guess is that most sites never set a MOTD, so installing one that's displayed by default is probably not the right default behavior. Too bad that news clients do not behave smarter... They should cache a local copy or fingerprint of the message of the day so that they could display the message to the user only upon modification. Besides, they should provide a way to force the cached information to be refreshed... -- Julien ÉLIE -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#690128: inn2: conffile disappearing during squeeze->wheezy upgrade: /etc/news/motd.news
Hi Nick, I believe something should be done in the 2.5.3 Debian package: motd.innd and motd.nnrpd should be installed in the /etc/news directory! I would disagree on that one. INN itself does not install them, they are only there as examples for an admin who wants to use them. No, INN installs both motd.innd and motd.nnrpd in /etc/news. Have a look at site/Makefile in the INN upstream package: PATH_MOTD_INND = ${PATHETC}/motd.innd PATH_MOTD_NNRPD = ${PATHETC}/motd.nnrpd Makefile:$D$(PATH_MOTD_INND): motd.innd ; $(COPY_RPUB) $? $@ Makefile:$D$(PATH_MOTD_NNRPD): motd.nnrpd ; $(COPY_RPUB) $? $@ Same thing for innreport.css that is installed in /usr/share/doc/inn2/examples whereas INN installs it in PATHHTTP (normally /var/log/news in Debian). motd.news was properly installed by the Debian package for INN <= 2.5.2 in /etc/news. Indeed on my own inn2 installation I made /etc/news/motd.news into an empty file as otherwise trn does display it each time, so some users definitely do not want the example files installed. Two different things are mixed here: the news administrator manages his server the way he wants. It is up to him to configure his news server (feeds, newsgroups carried, cleanfeed policy, message of the day, etc.). If a user is disturbed, then he should contact his news administrator to ask for a change in motd, the same way he would ask him to add newsgroups, change spam policies, etc. -- Julien ÉLIE « La perfection est atteinte non pas lorsqu'il n'y a plus rien à ajouter, mais lorsqu'il n'y a plus rien à retirer. » (Saint- Exupéry) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#690128: inn2: conffile disappearing during squeeze->wheezy upgrade: /etc/news/motd.news
Hi Nick, We seem to have two things going on here: motd.innd is to be renamed to motd.nnrpd (by a means yet to be agreed); Do you mean motd.news (used by INN <= 2.5.2) is to be renamed to motd.nnrpd (used by INN >= 2.5.3)? motd.innd does not exist in INN 2.5.2. Under the name motd.nnrpd it is no longer a conffile in the new package (as it is no longer shipped but it is used if present). motd.nnrpd is still shipped in INN 2.5.3. If I have a look at the list of files installed by Debian packages, I see: INN 2.5.2: /etc/news/motd.news /usr/share/doc/inn2/examples/active /usr/share/doc/inn2/examples/innreport.css /usr/share/doc/inn2/examples/newsgroups INN 2.5.3: /usr/share/doc/inn2/examples/active /usr/share/doc/inn2/examples/innreport.css /usr/share/doc/inn2/examples/motd.innd /usr/share/doc/inn2/examples/motd.nnrpd /usr/share/doc/inn2/examples/newsgroups I believe something should be done in the 2.5.3 Debian package: motd.innd and motd.nnrpd should be installed in the /etc/news directory! Incidentally Russ Alberry reckons that the feature which requires this file is almost never used anyway: http://www.eyrie.org/~eagle/software/inn/docs/motd.news.html Yep, that's true. This feature is not wide-spread. In Wheezy we will (all being well) then either have no file at all (if it proclaimed "This is a sample MOTD file" under squeeze) or else have a non-conffile that has been user created. I think it would be best to have both motd.innd and motd.nnrpd because they are already shipped in the package. They should be installed in the right /etc/news directory. I think this is the best for anyone who does use this file. I'll try coding it up but can anyone see any holes in this idea in the meantime ? I hope the above comments will be of help. -- Julien ÉLIE « La perfection est atteinte non pas lorsqu'il n'y a plus rien à ajouter, mais lorsqu'il n'y a plus rien à retirer. » (Saint- Exupéry) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#690128: inn2: conffile disappearing during squeeze->wheezy upgrade: /etc/news/motd.news
Hi Andreas, The file /etc/news/motd.news is renamed to /etc/news/motd.nnrpd by the innupgrade script shipped by upstream. Should this renaming by upstream be marked as a removal in the maintainter scripts? /etc/news/motd.nnrpd is no longer shipped as a conffile? /etc/news/motd.nnrpd and /etc/news/motd.innd are two new conf files shipped with INN 2.5.3. /etc/news/motd.news is no longer used. How is it generated (if at all)? During a fresh install, motd.nnrpd and motd.innd are the two files shipped in the inn2 tarball. During an update, motd.innd is not installed. And motd.news (if present) is moved to motd.nnrpd. So motd.nnrpd can be present or not. INN works fine without the two files, don't worry. They are just "message of the day" informative files. If it were still a conffile shipped by inn2, dpkg-maint-script-helper mv_conffile would be the correct tool. And how is the new file being cleaned up on purge if it exists? I do not know. I do not know much about Debian scripts. I bet Marco will answer better! -- Julien ÉLIE -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#690128: inn2: conffile disappearing during squeeze->wheezy upgrade: /etc/news/motd.news
Hi Andreas, 1m24.8s ERROR: FAIL: debsums reports modifications inside the chroot: debsums: missing file /etc/news/motd.news (from inn2 package) I couldn't find the deletion in the maintainer scripts, so it's probably done by something something that is run from the maintainer scripts. As the wheezy package no longer ships this file as a conffile, this looks like an intentional deletion, but to do this properly and record it in dpkg's database accordingly, please use dpkg-maintscript-helper rm_conffile (ideally via debian/inn2.maintscript). The file /etc/news/motd.news is renamed to /etc/news/motd.nnrpd by the innupgrade script shipped by upstream. According to changelog for INN 2.5.3 : "Add support for LIST MOTD in innd. Consequently, the motd.news configuration file which was previously used only by nnrpd is renamed to motd.nnrpd (innupgrade takes care of the rename). innd uses the new motd.innd file in pathetc for its message of the day." Should this renaming by upstream be marked as a removal in the maintainter scripts? -- Julien ÉLIE -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#685581: inn: CVE-2012-3523 prone to STARTTLS plaintext command injection
Hi Marco, Or does it mean that a security release should be made for previous versions still maintained by the Debian project? It should be, yes. (At least, if you think that it should be fixed.) I do not believe taking time to fix it on older versions of INN is worthwhile. Not much harm can be done in NNTP when this security hole is exploited. Usually, authentication and/or host checks are required for sensitive newsgroups. (Also note that once a user has been authenticated, STARTTLS is no longer available.) If other people think this vulnerability can be harmful, please speak up! -- Julien ÉLIE « – Nous parlerons quand l'interprète dormira. [Bong !] – Il dort. On peut parler. » (Astérix) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#685581: inn: CVE-2012-3523 prone to STARTTLS plaintext command injection
Hi all, Package: inn Version: 1.7.2q-41 Severity: grave the STARTTLS implementation in INN's NNTP server for readers, nnrpd, before 2.5.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. reassign 685581 inn2 I see that this bug report has been reassigned to the inn2 package. Yet, it is not present in the latest 2.5.3-1 inn2 package. Shouldn't the bug be closed for inn2 then? Or does it mean that a security release should be made for previous versions still maintained by the Debian project? And... as for inn 1.7.2, I think it does not support STARTTLS, right? (I have not checked.) The feature was added in INN 2.3.0. Relevant upstream patch (the 'diff -Nurp inn-2.5.2/nnrpd/misc.c inn-2.5.3/nnrpd/misc.c' part) The complete patch deals with more files than nnrpd/misc.c; the relevant patch is: http://inn.eyrie.org/trac/changeset/9259 I hope this commit #9259 will be of help! -- Julien ÉLIE « – Nous parlerons quand l'interprète dormira. [Bong !] – Il dort. On peut parler. » (Astérix) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#599966: Bug#598135: Forwarding articles to moderators is broken / FTBFS
Hi Steve, Julien: have there been any more patches upstream for the moderator issue in addition to the two you pointed to? The two mentioned patches completely solve the issue. So, rather than get mixed up in a libdb transition (if there is one), what do you think about uploading a fix for #598135 targeted only for testing that drops back to libdb 4.8? As a new upload is planned, I also suggest the following fixes: Bug fixes http://inn.eyrie.org/trac/changeset/9095 (confusion between CR and LF) http://inn.eyrie.org/trac/changeset/9097 (missing fields in overview) http://inn.eyrie.org/trac/changeset/9103 (Tcl scripts not working) http://inn.eyrie.org/trac/changeset/9112 (inncheck) http://inn.eyrie.org/trac/changeset/9142 (Perl warning in cnfsstat) Documentation fixes http://inn.eyrie.org/trac/changeset/9045 (remove inflow) http://inn.eyrie.org/trac/changeset/9047 (URL update) http://inn.eyrie.org/trac/changeset/9070 (libstorage) http://inn.eyrie.org/trac/changeset/9072 (nntpsend) http://inn.eyrie.org/trac/changeset/9098 (Perl and Python hooks) http://inn.eyrie.org/trac/changeset/9049 (link for Berkeley DB) http://inn.eyrie.org/trac/changeset/9107 (link for Berkeley DB - bis) Samples fix http://inn.eyrie.org/trac/changeset/9129 (alignment in inn.conf) Enhancement http://inn.eyrie.org/trac/changeset/9110 (related to #584234) Feel free to take any patch you want. (I only mention here the patches useful for Squeeze. For instance, I have a patch specific to Perl 5.12.1, so it is useless for Squeeze with Perl 5.10.x.) Have a nice week, -- Julien ÉLIE « N'écoutant que son courage qui ne lui disait rien, il se garda d'intervenir. » (Jules Renard) -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598135: Forwarding articles to moderators is broken
Package: inn2 Version: 2.5.2-2 Severity: serious Tags: patch, fixed-upstream nnrpd wrongly updates the Path: header field when an article posted to a moderated newsgroup is forwarded to a moderator. It adds the ".POSTED" diagnostic whereas it should not. As a consequence, the article is rejected after being moderated by an external system that does not strip the Path: header, because nnrpd thinks it has already been injected into the news system. It is a behaviour that needs fixing in the stable Debian release. It violates a MUST from RFC 5537 (point 9 of Section 3.5). Two patches from upstream: http://inn.eyrie.org/trac/changeset/9122 http://inn.eyrie.org/trac/changeset/9126 -- Julien ÉLIE « Sum, ergo bibo ; bibo, ergo sum. » -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#476186: inn2: lib/md5.c contains non-free md5 implementation
Hi Tim, The md5 implementation from RSA Data Security, Inc. does not have a DFSG-compatible licence - it permits you to make and use derivative works, but not to redistribute those works, iirc. Please see this thread already discussed for INN: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405354 It points to the following clarification: http://www.ietf.org/ietf/IPR/RSA-MD-all Implementations of these message-digest algorithms, including implementations derived from the reference C code in RFC-1319, RFC-1320, and RFC-1321, may be made, used, and sold without license from RSA for any purpose. Therefore, RSA's license allows to redistribute a work based upon RFC 1321. -- Julien ÉLIE « Si le peuple est content des jeux, je te donnerai des sesterces. S'il n'est pas content, je te donnerai aux lions ! » (Astérix)