NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: openssl_1.0.1t-1+deb8u3_armel.changes
  ACCEPT

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: gdcm_2.4.4-3+deb8u1_powerpc.changes
  ACCEPT
Processing changes file: openssl_1.0.1t-1+deb8u3_mips.changes
  ACCEPT
Processing changes file: openssl_1.0.1t-1+deb8u3_s390x.changes
  ACCEPT

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: gdcm_2.4.4-3+deb8u1_i386.changes
  ACCEPT
Processing changes file: gdcm_2.4.4-3+deb8u1_s390x.changes
  ACCEPT
Processing changes file: openssl_1.0.1t-1+deb8u3_arm64.changes
  ACCEPT
Processing changes file: openssl_1.0.1t-1+deb8u3_i386.changes
  ACCEPT
Processing changes file: openssl_1.0.1t-1+deb8u3_powerpc.changes
  ACCEPT
Processing changes file: openssl_1.0.1t-1+deb8u3_ppc64el.changes
  ACCEPT

Processed: Re: Bug#834854: jessie-pu: package charybdis/3.4.2-5~deb8u1

[Debian Bug Tracking System]

Processing control commands:

> tags -1 -moreinfo
Bug #834854 [release.debian.org] jessie-pu: package charybdis/3.4.2-5~deb8u1
Removed tag(s) moreinfo.

-- 
834854: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834854
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#834854: jessie-pu: package charybdis/3.4.2-5~deb8u1

[Antoine Beaupré]

Control: tags -1 -moreinfo

On 2016-08-19 18:05:34, Antoine Beaupré wrote:
> On 2016-08-19 17:56:29, Adam D. Barratt wrote:
>> On Fri, 2016-08-19 at 17:35 -0400, Antoine Beaupré wrote:
>>> TL;DR: Charybdis 3.4 (Jessie) introduces a regression (CertFP broken)
>>> from Charybdis 3.3 (Wheezy). 7-line patch (attached) fixes the issue.
>>> 
>>> Charybdis 3.4 suffers from a regression which breaks authentication in
>>> certain scenarios. The bug is now documented upstream here:
>>> 
>>> https://github.com/charybdis-ircd/charybdis/pull/211
>> [...]
>>> I have produced a simple patch which fixes the issue for Charybdis 3.5
>>> here:
>>> 
>>> https://github.com/charybdis-ircd/charybdis/pull/211/commits/0ff0a0592de84dec2a2f46d9f8d6e22f6c1ee467
>>
>> That patch doesn't appear to have been applied to the package in
>> unstable. That's a pre-requisite for considering it for an update in
>> stable.
>
> Understood. I am waiting for upstream to release 3.5.3 which will
> include that patch, tonight, before doing a new upload.

Turns out this took about three weeks instead of 24h. But 3.5.3 is
released, and I will push the update to unstable now.

The situation is a tad more complicated now because there was a security
issue disclosed in the meantime:

https://security-tracker.debian.org/tracker/CVE-2016-7143

... which 3.5.3 fixes. I have prepared a deb8u2 update for the security
team in #836714, which the attached debdiff builds upon.

diff -Nru charybdis-3.4.2/debian/changelog charybdis-3.4.2/debian/changelog
--- charybdis-3.4.2/debian/changelog	2016-09-05 19:45:08.0 -0400
+++ charybdis-3.4.2/debian/changelog	2016-09-05 20:11:24.0 -0400
@@ -1,3 +1,10 @@
+charybdis (3.4.2-5+deb8u3) stable; urgency=medium
+
+  * backport patch from testing: fix error handling in gnutls certfp
+support
+
+ -- Antoine Beaupré   Mon, 05 Sep 2016 20:11:19 -0400
+
 charybdis (3.4.2-5+deb8u2) jessie-security; urgency=high
 
   * add fix for CVE-2016-7143, backported from upstream (Closes: #836714)
diff -Nru charybdis-3.4.2/debian/patches/0001-fix-error-handling-in-gnutls-certfp-support.patch charybdis-3.4.2/debian/patches/0001-fix-error-handling-in-gnutls-certfp-support.patch
--- charybdis-3.4.2/debian/patches/0001-fix-error-handling-in-gnutls-certfp-support.patch	1969-12-31 19:00:00.0 -0500
+++ charybdis-3.4.2/debian/patches/0001-fix-error-handling-in-gnutls-certfp-support.patch	2016-09-05 20:11:24.0 -0400
@@ -0,0 +1,41 @@
+Bug: https://github.com/charybdis-ircd/charybdis/pull/211
+
+will be factored into 3.5.3, so hold on before merging...
+
+From 0ff0a0592de84dec2a2f46d9f8d6e22f6c1ee467 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= 
+Date: Fri, 19 Aug 2016 11:53:59 -0400
+Subject: [PATCH] fix error handling in gnutls certfp support
+
+---
+ libratbox/src/gnutls.c | 13 ++---
+ 1 file changed, 6 insertions(+), 7 deletions(-)
+
+diff --git a/libratbox/src/gnutls.c b/libratbox/src/gnutls.c
+index f51211f..9bb69bb 100644
+--- a/libratbox/src/gnutls.c
 b/libratbox/src/gnutls.c
+@@ -608,18 +608,17 @@ rb_get_ssl_certfp(rb_fde_t *F, uint8_t certfp[RB_SSL_CERTFP_LEN], int method)
+ 	if (gnutls_certificate_type_get(SSL_P(F)) != GNUTLS_CRT_X509)
+ 		return 0;
+ 
+-	if (gnutls_x509_crt_init() < 0)
+-		return 0;
+-
+ 	cert_list_size = 0;
+ 	cert_list = gnutls_certificate_get_peers(SSL_P(F), _list_size);
+-	if (cert_list == NULL)
++	if (cert_list_size <= 0)
+ 	{
+-		gnutls_x509_crt_deinit(cert);
+ 		return 0;
+ 	}
+ 
+-	if (gnutls_x509_crt_import(cert, _list[0], GNUTLS_X509_FMT_DER) < 0)
++	if (gnutls_x509_crt_init() != GNUTLS_E_SUCCESS)
++		return 0;
++
++	if (gnutls_x509_crt_import(cert, _list[0], GNUTLS_X509_FMT_DER) != GNUTLS_E_SUCCESS)
+ 	{
+ 		gnutls_x509_crt_deinit(cert);
+ 		return 0;
diff -Nru charybdis-3.4.2/debian/patches/series charybdis-3.4.2/debian/patches/series
--- charybdis-3.4.2/debian/patches/series	2016-09-05 19:45:08.0 -0400
+++ charybdis-3.4.2/debian/patches/series	2016-09-05 20:11:24.0 -0400
@@ -7,3 +7,4 @@
 gnutls30
 libratbox-gnutls-add-gnutls-v3-api-compatibility-wit.patch
 CVE-2015-5290
+0001-fix-error-handling-in-gnutls-certfp-support.patch

I am running with those patches in production now.

Thanks and sorry for the delay.

A.

-- 
La propriété est un piège: ce que nous croyons posséder nous possède.
- Alphonse Karr

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: gdcm_2.4.4-3+deb8u1_amd64.changes
  ACCEPT
Processing changes file: monotone_1.1-4+deb8u1_amd64.changes
  ACCEPT
Processing changes file: monotone_1.1-4+deb8u1_arm64.changes
  ACCEPT
Processing changes file: monotone_1.1-4+deb8u1_armel.changes
  ACCEPT
Processing changes file: monotone_1.1-4+deb8u1_armhf.changes
  ACCEPT
Processing changes file: monotone_1.1-4+deb8u1_i386.changes
  ACCEPT
Processing changes file: monotone_1.1-4+deb8u1_mips.changes
  ACCEPT
Processing changes file: monotone_1.1-4+deb8u1_mipsel.changes
  ACCEPT
Processing changes file: monotone_1.1-4+deb8u1_powerpc.changes
  ACCEPT
Processing changes file: monotone_1.1-4+deb8u1_ppc64el.changes
  ACCEPT
Processing changes file: monotone_1.1-4+deb8u1_s390x.changes
  ACCEPT
Processing changes file: openssl_1.0.1t-1+deb8u3_amd64.changes
  ACCEPT
Processing changes file: pypdf2_1.23+git20141008-1+deb8u1_amd64.changes
  ACCEPT

Bug#836799: transition: ros-geometric-shapes

[Jochen Sprickerhof]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition

Hi,

ros-geometric-shapes got a small ABI change I would like to transition. Only
ros-robot-model is affected, which is also maintained by me.

Cheers Jochen

Ben file:

title = "ros-geometric-shapes";
is_affected = .depends ~ /\b(libgeometric\-shapes0d)\b/ | .depends ~ 
/\b(libgeometric\-shapes1d)\b/;
is_good = .depends ~ /\b(libgeometric\-shapes1d)\b/;
is_bad = .depends ~ /\b(libgeometric\-shapes0d)\b/;


-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.6.0-1-amd64 (SMP w/12 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Processed: Re: Bug#836592: jessie-pu: package gdcm/2.4.4-3

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + pending
Bug #836592 [release.debian.org] jessie-pu: package gdcm/2.4.4-3
Added tag(s) pending.

-- 
836592: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836592
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#836787: jessie-pu: package pypdf2/1.23+git20141008-1+deb8u1

[Adam D. Barratt]

Control: tags -1 + pending

On Mon, 2016-09-05 at 19:59 +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Mon, 2016-09-05 at 20:06 +0200, Laszlo Boszormenyi (GCS) wrote:
> > A PyPDF2 user found a DoS, an infinite loop[1]. It has a reproducer
> > even. This affects Jessie as well (the Sid update is just uploaded).
> > Upstream fix is simple[2] and the Security Team noted this as no-dsa,
> > but can be updated via a Jessie PU.
> 
> Please go ahead.

Uploaded and flagged for acceptance.

Regards,

Adam

Processed: Re: Bug#836787: jessie-pu: package pypdf2/1.23+git20141008-1+deb8u1

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + pending
Bug #836787 [release.debian.org] jessie-pu: package 
pypdf2/1.23+git20141008-1+deb8u1
Added tag(s) pending.

-- 
836787: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836787
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#836592: jessie-pu: package gdcm/2.4.4-3

[Adam D. Barratt]

Control: tags -1 + pending

On Sun, 2016-09-04 at 18:13 +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Sun, 2016-09-04 at 13:14 +0200, Gert Wollny wrote:
> > The version of gdcm in jessie suffers from two security problems:
> > 
> >   CVE-2015-8396 [1]
> >   CVE-2015-8397 [2]
> > 
> > However, the security team notified my that the issue does not warrant a DSA
> > and I should instead just fix it via a jessie point release.
> > 
> > The proposed patch against the package is enclosed, it adds the according 
> > fixes
> > from the upstream repository.
> 
> +gdcm (2.4.4-3+deb8u1) jessie-proposed-updates; urgency=medium
> 
> Simply "jessie" is preferred.
> 
> Please go ahead.

Uploaded and flagged for acceptance.

Regards,

Adam

Bug#827054: jessie-pu: package openssl/1.0.1t-1+deb8u3

[Adam D. Barratt]

Control: tags -1 + pending

On Sun, 2016-09-04 at 18:01 +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Tue, 2016-08-23 at 21:47 +0200, Kurt Roeckx wrote:
> > The current debdiff we'd like to upload is:
> > diff -Nru openssl-1.0.1t/debian/changelog openssl-1.0.1t/debian/changelog
> > --- openssl-1.0.1t/debian/changelog 2016-05-15 21:16:55.0 +0200
> > +++ openssl-1.0.1t/debian/changelog 2016-06-11 19:18:11.0 +0200
> > @@ -1,3 +1,14 @@
> > +openssl (1.0.1t-1+deb8u3) jessie; urgency=medium
> > +
> > +  [ Kurt Roeckx ]
> > +  * Fix length check for CRLs. (Closes: #826552)
> > +
> > +  [ Sebastian Andrzej Siewior ]
> > +  * Enable asm optimisation for s390x. Patch by Dimitri John Ledkov.
> > +(Closes: #833156).
> 
> Please go ahead.

Uploaded and flagged for acceptance.

Regards,

Adam

Processed: Re: Bug#827054: jessie-pu: package openssl/1.0.1t-1+deb8u3

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + pending
Bug #827054 [release.debian.org] jessie-pu: package openssl/1.0.1t-1+deb8u3
Added tag(s) pending.

-- 
827054: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827054
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#836700: jessie-pu: package cacti/0.8.8b+dfsg-8+deb8u6

[Paul Gevers]

Hi,

On 05-09-16 07:49, Paul Gevers wrote:
>>> The fix for CVE-2016-2313 in 0.8.8b+dfsg-8+deb8u5 was reported¹ to contain a
>>> regression. The attached debdiff contains the reporters patch that was 
>>> accepted
>>> upstream to fix the issue.
>>
>> What's the plan for getting the updated fix into unstable?
> 
> Will do that tonight (UTC+2). Due to the upload window for jpu, I
> focused on that one first and than it was bed time.

Uploaded at 22:11 (UTC+2).

Paul



signature.asc
Description: OpenPGP digital signature

Bug#836530: nmu: lazarus_1.6+dfsg-4

[Paul Gevers]

Hi

On 04-09-16 12:42, peter green wrote:
>>
>> nmu lazarus_1.6+dfsg-4 . powerpc . unstable . -m "rebuild with fpc
>> 3.0.0+dfsg-7 to fix glibc>  2.23 related issues"
> Minor nitpick, the working powerpc fix didn't land until -8

Ouch, yes, sure.

>> nmu imapcopy_1.04-2 . powerpc . unstable . -m "rebuild with fpc
>> 3.0.0+dfsg-7 to fix glibc>  2.23 related issues"
>> nmu mricron_0.20140804.1~dfsg.1-1 . powerpc . unstable . -m "rebuild
>> with fpc 3.0.0+dfsg-7 to fix glibc>  2.23 related issues"
>>
> These have unrelated FTBFS bugs, so scheduling a binnmu is pointless.
> Instead the FTBFS bugs need to be fixed.

And they both contain patches even. Apparently nobody cares that the
packages are not in testing for a long time. @Peter, thanks for the patch ;)

> In addition to the binnmus we will want some give-backs once lazarus is
> rebuilt
> 
> gb ddrescueview_0.4~alpha3-1 . powerpc . unstable
> gb doublecmd_0.7.3-1 . powerpc . unstable

And since today:
gb winff_1.5.3-7 . powerpc . unstable


So in total we have:
nmu lazarus_1.6+dfsg-4 . powerpc . unstable . -m "rebuild with fpc 3.0.0+dfsg-7 
to fix glibc > 2.23 related issues"

Wait until lazarus is rebuild:
nmu cqrlog_2.0.1-1 . powerpc . unstable . -m "rebuild with fpc 3.0.0+dfsg-7 to 
fix glibc > 2.23 related issues"
nmu dozzaqueux_3.42-1 . powerpc . unstable . -m "rebuild with fpc 3.0.0+dfsg-7 
to fix glibc > 2.23 related issues"
nmu easymp3gain_0.5.0+svn135-6 . powerpc . unstable . -m "rebuild with fpc 
3.0.0+dfsg-7 to fix glibc > 2.23 related issues"
nmu gearhead_1.302-1 . powerpc . unstable . -m "rebuild with fpc 3.0.0+dfsg-7 
to fix glibc > 2.23 related issues"
nmu hedgewars_0.9.22-dfsg-7+b2 . powerpc . unstable . -m "rebuild with fpc 
3.0.0+dfsg-7 to fix glibc > 2.23 related issues"
nmu nbc_1.2.1.r4+dfsg-1 . powerpc . unstable . -m "rebuild with fpc 
3.0.0+dfsg-7 to fix glibc > 2.23 related issues"
nmu optgeo_2.23-1 . powerpc . unstable . -m "rebuild with fpc 3.0.0+dfsg-7 to 
fix glibc > 2.23 related issues"
nmu transgui_5.0.1-4 . powerpc . unstable . -m "rebuild with fpc 3.0.0+dfsg-7 
to fix glibc > 2.23 related issues"
nmu tuxcmd_0.6.70+dfsg-2 . powerpc . unstable . -m "rebuild with fpc 
3.0.0+dfsg-7 to fix glibc > 2.23 related issues"
nmu vmg_3.7.1-2 . powerpc . unstable . -m "rebuild with fpc 3.0.0+dfsg-7 to fix 
glibc > 2.23 related issues"
gb ddrescueview_0.4~alpha3-1 . powerpc . unstable
gb doublecmd_0.7.3-1 . powerpc . unstable
gb winff_1.5.3-7 . powerpc . unstable

Paul



signature.asc
Description: OpenPGP digital signature

Processed: Re: Bug#836787: jessie-pu: package pypdf2/1.23+git20141008-1+deb8u1

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + confirmed
Bug #836787 [release.debian.org] jessie-pu: package 
pypdf2/1.23+git20141008-1+deb8u1
Added tag(s) confirmed.

-- 
836787: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836787
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#836787: jessie-pu: package pypdf2/1.23+git20141008-1+deb8u1

[Adam D. Barratt]

Control: tags -1 + confirmed

On Mon, 2016-09-05 at 20:06 +0200, Laszlo Boszormenyi (GCS) wrote:
> A PyPDF2 user found a DoS, an infinite loop[1]. It has a reproducer
> even. This affects Jessie as well (the Sid update is just uploaded).
> Upstream fix is simple[2] and the Security Team noted this as no-dsa,
> but can be updated via a Jessie PU.

Please go ahead.

Regards,

Adam

Bug#825512: jessie-pu: package policykit-1/0.105-15~deb8u1

[Adam D. Barratt]

Hi,

On Mon, 2016-09-05 at 18:16 +0200, Michael Biebl wrote:
> sd_uid_get_state() is apparently broken in jessie with systemd-logind
> under sysvinit. This was fixed in a later systemd version, that's why
> no-one ever noticed it in unstable/testing.
> 
> debian/patches/0.113/sessionmonitor-systemd-Use-sd_uid_get_state-to-check.patch
> and
> debian/patches/0.113/sessionmonitor-systemd-prepare-for-D-Bus-user-bus-mo.patch
> 
> where added to support the systemd --user / D-Bus user model.
> This is not really a concern for jessie though.
> 
> So my proposal would be, to simply disable those two particular patches.
> Those would be the only change between policykit-1/0.105-15~deb8u1 and
> deb8u2.
> 
> Does that sound ok to you?

Yes, please feel free to upload that; thanks.

Regards,

Adam

Bug#836787: jessie-pu: package pypdf2/1.23+git20141008-1+deb8u1

[Laszlo Boszormenyi (GCS)]

Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu

Hi Release Team,

A PyPDF2 user found a DoS, an infinite loop[1]. It has a reproducer
even. This affects Jessie as well (the Sid update is just uploaded).
Upstream fix is simple[2] and the Security Team noted this as no-dsa,
but can be updated via a Jessie PU.

Proposed patch is attached.

Thanks for considering,
Laszlo/GCS
[1] https://github.com/mstamy2/PyPDF2/issues/184
[2] 
https://github.com/mstamy2/PyPDF2/commit/4fc7f9d14adb2a9b890aea2616955ec54229f48cdiff -Nru pypdf2-1.23+git20141008/debian/changelog pypdf2-1.23+git20141008/debian/changelog
--- pypdf2-1.23+git20141008/debian/changelog	2014-10-25 21:00:12.0 +
+++ pypdf2-1.23+git20141008/debian/changelog	2016-09-05 17:50:32.0 +
@@ -1,3 +1,10 @@
+pypdf2 (1.23+git20141008-1+deb8u1) jessie; urgency=medium
+
+  * Backport fix 'prevent infinite loop in readObject() function' to prevent
+DoS from upstream Git tree.
+
+ -- Laszlo Boszormenyi (GCS)   Mon, 05 Sep 2016 17:46:41 +
+
 pypdf2 (1.23+git20141008-1) unstable; urgency=low
 
   * Upstream snapshot with various bug fixes.
diff -Nru pypdf2-1.23+git20141008/debian/patches/Prevent_infinite_loop_in_readObject.patch pypdf2-1.23+git20141008/debian/patches/Prevent_infinite_loop_in_readObject.patch
--- pypdf2-1.23+git20141008/debian/patches/Prevent_infinite_loop_in_readObject.patch	1970-01-01 00:00:00.0 +
+++ pypdf2-1.23+git20141008/debian/patches/Prevent_infinite_loop_in_readObject.patch	2016-09-05 17:49:22.0 +
@@ -0,0 +1,25 @@
+From 48193975e5a0e48ebbb68217f8533ad2bfbdede2 Mon Sep 17 00:00:00 2001
+From: Henri Salo 
+Date: Tue, 18 Aug 2015 13:42:22 +0300
+Subject: [PATCH] Prevent infinite loop in readObject() function. Patch by
+ dhudson1. Closes mstamy2/PyPDF2#184
+
+---
+ PyPDF2/generic.py | 4 
+ 1 file changed, 4 insertions(+)
+
+diff --git a/PyPDF2/generic.py b/PyPDF2/generic.py
+index df1e028..657612a 100644
+--- a/PyPDF2/generic.py
 b/PyPDF2/generic.py
+@@ -82,6 +82,10 @@ def readObject(stream, pdf):
+ # comment
+ while tok not in (b_('\r'), b_('\n')):
+ tok = stream.read(1)
++# Prevents an infinite loop by raising an error if the stream is at
++# the EOF
++if len(tok) <= 0:
++raise PdfStreamError("File ended unexpectedly.")
+ tok = readNonWhitespace(stream)
+ stream.seek(-1, 1)
+ return readObject(stream, pdf)
diff -Nru pypdf2-1.23+git20141008/debian/patches/series pypdf2-1.23+git20141008/debian/patches/series
--- pypdf2-1.23+git20141008/debian/patches/series	1970-01-01 00:00:00.0 +
+++ pypdf2-1.23+git20141008/debian/patches/series	2016-09-05 17:50:00.0 +
@@ -0,0 +1 @@
+Prevent_infinite_loop_in_readObject.patch

Bug#825512: jessie-pu: package policykit-1/0.105-15~deb8u1

[Michael Biebl]

Am 05.09.2016 um 18:16 schrieb Michael Biebl:
> debian/patches/0.113/sessionmonitor-systemd-Use-sd_uid_get_state-to-check.patch
> and
> debian/patches/0.113/sessionmonitor-systemd-prepare-for-D-Bus-user-bus-mo.patch
> 
> where added to support the systemd --user / D-Bus user model.
> This is not really a concern for jessie though.
> 
> So my proposal would be, to simply disable those two particular patches.
> Those would be the only change between policykit-1/0.105-15~deb8u1 and
> deb8u2.
> 
> Does that sound ok to you?


Fwiw, I've setup a test-VM with lxde and lighdm and tested both
combinations (systemd-sysv + new policykit, sysvinit-core + new
policykit) successfully.


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#825512: jessie-pu: package policykit-1/0.105-15~deb8u1

[Michael Biebl]

Hi Adam

Am 04.09.2016 um 19:42 schrieb Adam D. Barratt:
> Contrary to my over-hasty closing back in June (which no-one corrected
> in the meantime), this actually wasn't included in the 8.5 point
> release, due to last minute regressions raised in #825956.
> 
> Michael, am I reading the bug log correctly that the issues turned out
> not to be due to the policykit-1 update? If so, should the package now
> been included in 8.6?

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825956#81
has some background on this.

sd_uid_get_state() is apparently broken in jessie with systemd-logind
under sysvinit. This was fixed in a later systemd version, that's why
no-one ever noticed it in unstable/testing.

debian/patches/0.113/sessionmonitor-systemd-Use-sd_uid_get_state-to-check.patch
and
debian/patches/0.113/sessionmonitor-systemd-prepare-for-D-Bus-user-bus-mo.patch

where added to support the systemd --user / D-Bus user model.
This is not really a concern for jessie though.

So my proposal would be, to simply disable those two particular patches.
Those would be the only change between policykit-1/0.105-15~deb8u1 and
deb8u2.

Does that sound ok to you?

Sorry for that mess this upload created.

Regards,
Michael





-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#836370: transition: shibboleth

[Emilio Pozuelo Monfort]

On 04/09/16 16:18, Ferenc Wágner wrote:
> Do you think there's anything else to do (but wait for testing
> migration) with this transition?

Just wait. It all seems fine at this point.

> I don't understand why opensaml2 and
> shibboleth-sp2 are "partial" on all arches except the hurd, could you
> please give me a hint?  It's the first time I look at such tables...

Because the old binaries were still around. Those have been decrufted now as the
binNMUs have caused packages to depend on the new binaries, and that's why they
are no longer "partial" but "good".

Cheers,
Emilio

Processed: libphonenumber: FTBFS with glibc 2.24: int readdir_r() is deprecated

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> forwarded 836768 https://github.com/googlei18n/libphonenumber/issues/1307
Bug #836768 [src:libphonenumber] libphonenumber: FTBFS with glibc 2.24: int 
readdir_r() is deprecated
Set Bug forwarded-to-address to 
'https://github.com/googlei18n/libphonenumber/issues/1307'.
> block 834855 by 836768
Bug #834855 [release.debian.org] transition: glibc 2.24
834855 was not blocked by any bugs.
834855 was not blocking any bugs.
Added blocking bug(s) of 834855: 836768
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
834855: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834855
836768: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836768
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#836447: transition: proj

[Emilio Pozuelo Monfort]

On 05/09/16 14:37, Sebastiaan Couwenberg wrote:
> On 09/05/2016 10:54 AM, Sebastiaan Couwenberg wrote:
>> On 09/04/2016 05:32 PM, Sebastiaan Couwenberg wrote:
>>> On 09/04/2016 12:02 PM, Emilio Pozuelo Monfort wrote:
 On 03/09/16 21:41, Sebastiaan Couwenberg wrote:
> proj (4.9.3-1) has been uploaded to unstable, and has been built on all
> release architectures. The ports need a little more time.

 binnmus scheduled.
>>>
>>> Many thanks for those.
>>>
>>> In general the rebuild look good so far. The binNMUs did reveal a few
>>> packages with issues on some of the architectures.
>>>
>>> postgis FTBFS due to test failures caused by the fakeroot fix for
>>> #830912 not being used yet. Those builds should succeed when they use
>>> fakeroot (1.21-2). Can dep-waits be set for those?
>>
>> postgis still needs to be rebuilt with fakeroot (1.21-2). The following
>> should do, perhaps the libproj-dev dependency should be specified too:
>>
>>  dw postgis_2.2.2+dfsg-4 . ANY . -m 'fakeroot (>= 1.21-2)'
>>
>>> mapserver FTBFS on mipsel due to a fatal error in the Java Runtime
>>> Environment. I think retrying the build on a different buildd should let
>>> that succeed too, mipsel-manda-01 had issues with mapserver before.
>>
>> mapserver is now OK thanks to the rebuilt on eberlin.
>>
>>> qlandkartegt FTBFS on some architectures where char is probably unsigned
>>> by default. I've added a patch which should fix the issue, but still
>>> needs verification on the porterboxes. I'll upload a new revision if the
>>> builds on the porterboxes confirm the fix.
>>
>> qlandkartegt is now OK too with the changes in 1.8.1+ds-7.
>>
>>
>> The affected packages in experimental need to be rebuilt with proj 4.9.3
>> too:
>>
>>  grass(7.0.5~rc1-1~exp1)
>>  mapnik(3.0.12~rc6+ds-1~exp2)
>>  spatialite   (4.4.0~rc1-1~exp1)
>>
>>  python-mapnik(1:0.0~20160810-3a60211-1~exp1)
>>  spatialite-tools (4.4.0~rc1-1~exp1)
>>
>> I think the attached wanna-build commands should do for the above
>> packages in experimental.
> 
> vtk6 on armel still hasn't starting building yet, can the priority be
> increased to hopefully prevent another entanglement issue like near the
> end of the gdal transition (#823335)?

There's no rush here. gdal is different because there all packages need to
migrate at the same time.

I have given back vtk6/mipsel, let's see if that was a transient issue.

Cheers,
Emilio

Bug#836447: transition: proj

[Emilio Pozuelo Monfort]

On 05/09/16 10:54, Sebastiaan Couwenberg wrote:
> On 09/04/2016 05:32 PM, Sebastiaan Couwenberg wrote:
>> On 09/04/2016 12:02 PM, Emilio Pozuelo Monfort wrote:
>>> On 03/09/16 21:41, Sebastiaan Couwenberg wrote:
 proj (4.9.3-1) has been uploaded to unstable, and has been built on all
 release architectures. The ports need a little more time.
>>>
>>> binnmus scheduled.
>>
>> Many thanks for those.
>>
>> In general the rebuild look good so far. The binNMUs did reveal a few
>> packages with issues on some of the architectures.
>>
>> postgis FTBFS due to test failures caused by the fakeroot fix for
>> #830912 not being used yet. Those builds should succeed when they use
>> fakeroot (1.21-2). Can dep-waits be set for those?
> 
> postgis still needs to be rebuilt with fakeroot (1.21-2). The following
> should do, perhaps the libproj-dev dependency should be specified too:
> 
>  dw postgis_2.2.2+dfsg-4 . ANY . -m 'fakeroot (>= 1.21-2)'

Scheduled (give-back with --extra-depends).

> The affected packages in experimental need to be rebuilt with proj 4.9.3
> too:
> 
>  grass(7.0.5~rc1-1~exp1)
>  mapnik (3.0.12~rc6+ds-1~exp2)
>  spatialite   (4.4.0~rc1-1~exp1)
> 
>  python-mapnik(1:0.0~20160810-3a60211-1~exp1)
>  spatialite-tools (4.4.0~rc1-1~exp1)
> 
> I think the attached wanna-build commands should do for the above
> packages in experimental.

You want a nmu command, not a dw. Scheduled.

Cheers,
Emilio

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: glibc_2.19-18+deb8u6_mipsel.changes
  ACCEPT

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: glibc_2.19-18+deb8u6_mips.changes
  ACCEPT

Bug#836447: transition: proj

[Sebastiaan Couwenberg]

On 09/05/2016 10:54 AM, Sebastiaan Couwenberg wrote:
> On 09/04/2016 05:32 PM, Sebastiaan Couwenberg wrote:
>> On 09/04/2016 12:02 PM, Emilio Pozuelo Monfort wrote:
>>> On 03/09/16 21:41, Sebastiaan Couwenberg wrote:
 proj (4.9.3-1) has been uploaded to unstable, and has been built on all
 release architectures. The ports need a little more time.
>>>
>>> binnmus scheduled.
>>
>> Many thanks for those.
>>
>> In general the rebuild look good so far. The binNMUs did reveal a few
>> packages with issues on some of the architectures.
>>
>> postgis FTBFS due to test failures caused by the fakeroot fix for
>> #830912 not being used yet. Those builds should succeed when they use
>> fakeroot (1.21-2). Can dep-waits be set for those?
> 
> postgis still needs to be rebuilt with fakeroot (1.21-2). The following
> should do, perhaps the libproj-dev dependency should be specified too:
> 
>  dw postgis_2.2.2+dfsg-4 . ANY . -m 'fakeroot (>= 1.21-2)'
> 
>> mapserver FTBFS on mipsel due to a fatal error in the Java Runtime
>> Environment. I think retrying the build on a different buildd should let
>> that succeed too, mipsel-manda-01 had issues with mapserver before.
> 
> mapserver is now OK thanks to the rebuilt on eberlin.
> 
>> qlandkartegt FTBFS on some architectures where char is probably unsigned
>> by default. I've added a patch which should fix the issue, but still
>> needs verification on the porterboxes. I'll upload a new revision if the
>> builds on the porterboxes confirm the fix.
> 
> qlandkartegt is now OK too with the changes in 1.8.1+ds-7.
> 
> 
> The affected packages in experimental need to be rebuilt with proj 4.9.3
> too:
> 
>  grass(7.0.5~rc1-1~exp1)
>  mapnik (3.0.12~rc6+ds-1~exp2)
>  spatialite   (4.4.0~rc1-1~exp1)
> 
>  python-mapnik(1:0.0~20160810-3a60211-1~exp1)
>  spatialite-tools (4.4.0~rc1-1~exp1)
> 
> I think the attached wanna-build commands should do for the above
> packages in experimental.

vtk6 on armel still hasn't starting building yet, can the priority be
increased to hopefully prevent another entanglement issue like near the
end of the gdal transition (#823335)?

Kind Regards,

Bas

-- 
 GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146  50D1 6750 F10A E88D 4AF1

Re: Introducing default-mysql-* metapackages

[Otto Kekäläinen]

Hello!

2016-09-05 9:57 GMT+03:00 Ondřej Surý :
> could you elaborate a bit more why you are forcing all Build-RDeps to
> change B-D to default-libmysqlclient-dev instead of just changing the
> semantics of libmysqlclient-dev?
>
> I understand the default-mysql-client and default-mysql-server, but I
> don't understand the change from libmysqlclient-dev to
> default-libmysqlclient-dev.
>
> We have a couple of similar cases that doesn't require that much work
> (f.e. libjpeg-dev) and renaming the original libmysqlclient-dev to
> libmysqlclient-oracle-dev and adding Provides: libmysqlclient-dev to
> libmariadbclient-dev would achieve the same thing and require a
> substantially less work on the other people side.

Thanks for the suggestion. This method was not discussed earlier when
the pkg-mysql-maint team designed the new mysql-defaults metapackages.
I would be fine by doing what you suggest. What does Robie and others
who are more vested in maintaining Oracle packages think about this?

- Otto

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: glibc_2.19-18+deb8u6_armel.changes
  ACCEPT

Bug#836447: transition: proj

[Sebastiaan Couwenberg]

On 09/04/2016 05:32 PM, Sebastiaan Couwenberg wrote:
> On 09/04/2016 12:02 PM, Emilio Pozuelo Monfort wrote:
>> On 03/09/16 21:41, Sebastiaan Couwenberg wrote:
>>> proj (4.9.3-1) has been uploaded to unstable, and has been built on all
>>> release architectures. The ports need a little more time.
>>
>> binnmus scheduled.
> 
> Many thanks for those.
> 
> In general the rebuild look good so far. The binNMUs did reveal a few
> packages with issues on some of the architectures.
> 
> postgis FTBFS due to test failures caused by the fakeroot fix for
> #830912 not being used yet. Those builds should succeed when they use
> fakeroot (1.21-2). Can dep-waits be set for those?

postgis still needs to be rebuilt with fakeroot (1.21-2). The following
should do, perhaps the libproj-dev dependency should be specified too:

 dw postgis_2.2.2+dfsg-4 . ANY . -m 'fakeroot (>= 1.21-2)'

> mapserver FTBFS on mipsel due to a fatal error in the Java Runtime
> Environment. I think retrying the build on a different buildd should let
> that succeed too, mipsel-manda-01 had issues with mapserver before.

mapserver is now OK thanks to the rebuilt on eberlin.

> qlandkartegt FTBFS on some architectures where char is probably unsigned
> by default. I've added a patch which should fix the issue, but still
> needs verification on the porterboxes. I'll upload a new revision if the
> builds on the porterboxes confirm the fix.

qlandkartegt is now OK too with the changes in 1.8.1+ds-7.


The affected packages in experimental need to be rebuilt with proj 4.9.3
too:

 grass(7.0.5~rc1-1~exp1)
 mapnik   (3.0.12~rc6+ds-1~exp2)
 spatialite   (4.4.0~rc1-1~exp1)

 python-mapnik(1:0.0~20160810-3a60211-1~exp1)
 spatialite-tools (4.4.0~rc1-1~exp1)

I think the attached wanna-build commands should do for the above
packages in experimental.

Kind Regards,

Bas

-- 
 GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146  50D1 6750 F10A E88D 4AF1
dw grass_7.0.5~rc1-1~exp1 . ANY . experimental . -m 'libproj-dev (>= 4.9.3-1)'
dw mapnik_3.0.12~rc6+ds-1~exp2 . ANY . experimental . -m 'libproj-dev (>= 
4.9.3-1)'
dw spatialite_4.4.0~rc1-1~exp1 . ANY . experimental . -m 'libproj-dev (>= 
4.9.3-1)'
dw python-mapnik_1:0.0~20160810-3a60211-1~exp1 . ANY . experimental . -m 
'libproj-dev (>= 4.9.3-1)'
dw spatialite-tools_4.4.0~rc1-1~exp1 . ANY . experimental . -m 'libproj-dev (>= 
4.9.3-1)'

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: glibc_2.19-18+deb8u6_armhf.changes
  ACCEPT

RE: Porter roll call for Debian Stretch

[Radovan Birdic]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi,

I am an active porter for the following architectures and I intend
to continue this for the lifetime of the Stretchj release (est. end
of 2020):

For mips, mipsel and mips64el, I
 - can test all packages on this architecture on different hardware
   (I have access to different MIPS boards)
 - detect toolchain issues and bring it to the attention of toolchain
   maintainers whom we already have contact to,
 - triage arch-specific bugs
 - fix arch-related bugs

I am not a DD/DM.

Radovan Birdic

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQEcBAEBAgAGBQJXzRUOAAoJEFPgpzyfkdV4lPUIAIpd3yh1nlzUxa0xo+w3TBVG
F5CABA1vS6YiMqmV4TkELZrcO1RMOAq06sczzPchwIscY/HnMqcGO5vZPLcB9t/g
hGOmgH/+bYsgsoBYWqrlRDIMy2AG5PwbIeHYcfnX5aCcacoSIqw+nZPn6VFn4TKB
wF7aIlqBhvkwmivl2BQrPMNp84t1zvEs+JwhaEesTkAAz+JH82V+d6ww76pVxm+c
TRQ5I2fvvqsMDGJ+aCd+9gZFJWuJvv9ap2R7R64ER3cIBEDkHwX+18kkVU38xb3h
OYJO4WsXGLhPHIBWbgK4zU5d+WfW+hD+eBRHQaq7Y2xgEko9+oBqAipI3U0ap1Y=
=7OQr
-END PGP SIGNATURE-

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: dietlibc_0.33~cvs20120325-6+deb8u1_armel.changes
  ACCEPT
Processing changes file: dietlibc_0.33~cvs20120325-6+deb8u1_armhf.changes
  ACCEPT
Processing changes file: dietlibc_0.33~cvs20120325-6+deb8u1_mips.changes
  ACCEPT
Processing changes file: dietlibc_0.33~cvs20120325-6+deb8u1_s390x.changes
  ACCEPT
Processing changes file: glibc_2.19-18+deb8u6_amd64.changes
  ACCEPT
Processing changes file: glibc_2.19-18+deb8u6_arm64.changes
  ACCEPT
Processing changes file: glibc_2.19-18+deb8u6_i386.changes
  ACCEPT
Processing changes file: glibc_2.19-18+deb8u6_powerpc.changes
  ACCEPT
Processing changes file: glibc_2.19-18+deb8u6_ppc64el.changes
  ACCEPT
Processing changes file: glibc_2.19-18+deb8u6_s390x.changes
  ACCEPT

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: dietlibc_0.33~cvs20120325-6+deb8u1_i386.changes
  ACCEPT
Processing changes file: dietlibc_0.33~cvs20120325-6+deb8u1_mipsel.changes
  ACCEPT
Processing changes file: dietlibc_0.33~cvs20120325-6+deb8u1_powerpc.changes
  ACCEPT