Bug#972253: samba was forgotten for py3.9
Hi Mathieu On Fri, 20 Nov 2020 at 22:39, Mathieu Parent wrote: > SInce 14h 10m! Oh wait ;-) I did :) and have scheduled the binNMUs for samba now. I'm not sure if you've noticed, but ceph is in quite a bad state. Is it possible to build samba without it? Regards Graham
Bug#975357: nmu: xoreos-tools_0.0.5-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu Dear Release Team, the last upload of xoreos-tools included binaries for amd64, which were built with outdated dependencies. Thus xoreos-tools:amd64 is currently uninstallable, as it depends on boost 1.67, and was thus removed from testing. Since a simple rebuild with current dependencies fixes this, please schedule this binNMU: nmu xoreos-tools_0.0.5-2 . amd64 . unstable . -m "Rebuild against boost 1.71" Thanks in advance, Ahzo
Bug#974982: transition: krb5
> "Paul" == Paul Wise writes: Paul> switching to another module but I suspect that modauthkerb Paul> should just get removed from Debian in favour of Paul> mod_auth_gssapi, which is supposed to be a replacement. I think that mod_auth_gssapi plus mod_auth_pam and libpam-sss or libpam-krb5 is a good replacement for mod-auth-kerb. What mod-auth-kerb has going for it is that as I recall, it supports both spnego auth and password auth in one module. I think I will be able to upload a fix. But I do agree that the state of mod-auth-kerb is kind of grim. My proposal is to fix this, because I think it's relatively easy. But once the fixed libapache2-mod-auth-kerb gets into testing, open a serious bug questioning whether it's releasable as krb5 maintainer. I think it's fine for anyone willing to put in the effort to maintain the package to close such a bug, but I think it's reasonable for me as an interested party to raise that question. Especially after your analysis as someone who has performed several of the recent NMUs. --Sam signature.asc Description: PGP signature
Bug#974982: transition: krb5
On Fri, Nov 20, 2020 at 7:45 PM Sam Hartman wrote: > I note that libapache2-mod-auth-kerb seems to be QA maintained > effectively in Debian. > I haven't looked at upstream to see if they have a fix. Upstream is basically unmaintained, despite still having users. We are using libapache2-mod-auth-kerb at my workplace, I've raised an issue about taking over modauthkerb upstream or just switching to another module but I suspect that modauthkerb should just get removed from Debian in favour of mod_auth_gssapi, which is supposed to be a replacement. -- bye, pabs https://wiki.debian.org/PaulWise
NEW changes in stable-new
Processing changes file: choose-mirror_2.99+deb10u2_mips64el-buildd.changes ACCEPT Processing changes file: choose-mirror_2.99+deb10u2_ppc64el-buildd.changes ACCEPT Processing changes file: partman-auto_149+deb10u1_mips64el-buildd.changes ACCEPT Processing changes file: partman-auto_149+deb10u1_ppc64el-buildd.changes ACCEPT Processing changes file: tcpdump_4.9.3-1~deb10u2_armel-buildd.changes ACCEPT Processing changes file: tcpdump_4.9.3-1~deb10u2_mips64el-buildd.changes ACCEPT Processing changes file: tcpdump_4.9.3-1~deb10u2_ppc64el-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: choose-mirror_2.99+deb10u2_armel-buildd.changes ACCEPT Processing changes file: choose-mirror_2.99+deb10u2_armhf-buildd.changes ACCEPT Processing changes file: lmod_6.6-0.3+deb10u1_armel-buildd.changes ACCEPT Processing changes file: lmod_6.6-0.3+deb10u1_ppc64el-buildd.changes ACCEPT Processing changes file: partman-auto_149+deb10u1_armel-buildd.changes ACCEPT Processing changes file: partman-auto_149+deb10u1_armhf-buildd.changes ACCEPT Processing changes file: tcpdump_4.9.3-1~deb10u2_armhf-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: choose-mirror_2.99+deb10u2_all.changes ACCEPT Processing changes file: choose-mirror_2.99+deb10u2_amd64-buildd.changes ACCEPT Processing changes file: choose-mirror_2.99+deb10u2_arm64-buildd.changes ACCEPT Processing changes file: choose-mirror_2.99+deb10u2_i386.changes ACCEPT Processing changes file: choose-mirror_2.99+deb10u2_mips-buildd.changes ACCEPT Processing changes file: choose-mirror_2.99+deb10u2_mipsel-buildd.changes ACCEPT Processing changes file: choose-mirror_2.99+deb10u2_s390x.changes ACCEPT Processing changes file: lmod_6.6-0.3+deb10u1_amd64-buildd.changes ACCEPT Processing changes file: lmod_6.6-0.3+deb10u1_arm64-buildd.changes ACCEPT Processing changes file: lmod_6.6-0.3+deb10u1_armhf-buildd.changes ACCEPT Processing changes file: lmod_6.6-0.3+deb10u1_i386.changes ACCEPT Processing changes file: lmod_6.6-0.3+deb10u1_mips-buildd.changes ACCEPT Processing changes file: lmod_6.6-0.3+deb10u1_mips64el-buildd.changes ACCEPT Processing changes file: lmod_6.6-0.3+deb10u1_mipsel-buildd.changes ACCEPT Processing changes file: lmod_6.6-0.3+deb10u1_s390x.changes ACCEPT Processing changes file: node-pathval_1.1.0-3+deb10u1_all.changes ACCEPT Processing changes file: partman-auto_149+deb10u1_amd64-buildd.changes ACCEPT Processing changes file: partman-auto_149+deb10u1_arm64-buildd.changes ACCEPT Processing changes file: partman-auto_149+deb10u1_i386-buildd.changes ACCEPT Processing changes file: partman-auto_149+deb10u1_mips-buildd.changes ACCEPT Processing changes file: partman-auto_149+deb10u1_mipsel-buildd.changes ACCEPT Processing changes file: partman-auto_149+deb10u1_s390x.changes ACCEPT Processing changes file: tcpdump_4.9.3-1~deb10u2_amd64-buildd.changes ACCEPT Processing changes file: tcpdump_4.9.3-1~deb10u2_arm64-buildd.changes ACCEPT Processing changes file: tcpdump_4.9.3-1~deb10u2_i386-buildd.changes ACCEPT Processing changes file: tcpdump_4.9.3-1~deb10u2_mips-buildd.changes ACCEPT Processing changes file: tcpdump_4.9.3-1~deb10u2_mipsel-buildd.changes ACCEPT Processing changes file: tcpdump_4.9.3-1~deb10u2_s390x.changes ACCEPT
Bug#972253: samba was forgotten for py3.9
Le ven. 20 nov. 2020 à 21:36, Matthias Klose a écrit : > > On 11/20/20 9:33 PM, Matthias Klose wrote: > > On 11/20/20 9:13 PM, Mathieu Parent wrote: > >> Hi, > >> > >> It looks like samba was forgotten by the binNMU request. > >> > >> See https://bugs.debian.org/975330 > >> > >> Can you schedule that? > > > > no, according to > > https://release.debian.org/transitions/html/python3.9-default.html > > ldb ftbfs on s390x. > > wait, the build is still pending ... SInce 14h 10m! Oh wait ;-)
Bug#972253: samba was forgotten for py3.9
On 11/20/20 9:33 PM, Matthias Klose wrote: > On 11/20/20 9:13 PM, Mathieu Parent wrote: >> Hi, >> >> It looks like samba was forgotten by the binNMU request. >> >> See https://bugs.debian.org/975330 >> >> Can you schedule that? > > no, according to > https://release.debian.org/transitions/html/python3.9-default.html > ldb ftbfs on s390x. wait, the build is still pending ...
Bug#972253: samba was forgotten for py3.9
On 11/20/20 9:13 PM, Mathieu Parent wrote: > Hi, > > It looks like samba was forgotten by the binNMU request. > > See https://bugs.debian.org/975330 > > Can you schedule that? no, according to https://release.debian.org/transitions/html/python3.9-default.html ldb ftbfs on s390x.
Bug#972253: samba was forgotten for py3.9
Hi, It looks like samba was forgotten by the binNMU request. See https://bugs.debian.org/975330 Can you schedule that? Thanks -- Mathieu Parent
Bug#959469: buster-pu: package openssl/1.1.1g-1
On 2020-11-20 17:24:30 [+], Adam D. Barratt wrote: > Predictably we're again quite close to a point release. :-( (One week > from freeze, specifically.) oh. > Looking at the upstream issues regarding certificate validation changes > between 1.1.1e and f/g, #11456 appears to have been addressed already, > but #11625 is still open and looks stalled. Have you seen any more > reports of that issue? Not that I am aware of. I don't want to rush anything. I have no problem to delay this until after the point release if you prefer to do so. > Regards, > > Adam Sebastian
Bug#974982: transition: krb5
> "Sam" == Sam Hartman writes: > "Sebastian" == Sebastian Ramacher writes: >>> I've uploaded to unstable. There's what tracker lists as a >>> regression in CI tests: >>> https://ci.debian.net/data/autopkgtest/testing/ppc64el/s/squid/8297228/log.gz >>> >>> I don't think that regression looks caused by krb5 after >>> examining the log. Sebastian> Looks like some symbols were removed without bumping the Sebastian> SONAME of librkb5 (#975344). Sam> Sure. These symbols were never part of the public API. The Sam> public api is defined by krb5.h without defining KRB5_PRIVATE. Sam> The symbols were defined in k5-int.h, which is not even an Sam> installed header. I mean I agree we need to block the Sam> transition until we figure out what to do about things, but Sam> this doesn't seem like krb5's fault. I'm responding to that Sam> bug in a moment. Oof. If you take a look at src/mit-internals.h in the libapache2-mod-auth-kerb sources, you'll see the scope of the problem. Significant internals were copied from the krb5 sources (2005 era code) directly into the libapache2-mod-auth-kerb sources. My surprise is that it worked for 15 years not that it's breaking now. I'm uploading a version of krb5 to unstable that breaks libapache2-mod-auth-kerb. I realize unversioned breaks are bad (and this situation is bad) but I hope to replace that with a versioned breaks assuming we find a fix. I note that libapache2-mod-auth-kerb seems to be QA maintained effectively in Debian. I haven't looked at upstream to see if they have a fix. I'll dig into that after the upload. signature.asc Description: PGP signature
Bug#973674: buster-pu: package mdadm/4.1-8
Hi Adam, On Fri, Nov 20, 2020 at 11:08 AM Adam D. Barratt wrote: > > My understanding is that the service / timer for this is not enabled by > default, so this change will make things work for those users who have > explicitly chosen to enable it, but have no effect on any user who has > not done so. Is that correct? That is my understanding also. I would not have asked for an update in buster if Bug#960132 had not been marked as affected in stable after I closed the bug. The same person also marked the bug as "serious". I was then advised that it was my responsibility to provide a new version in stable but, given the circumstances, would be fine with that request being denied. Kind regards, Felix Lechner
Bug#974982: transition: krb5
> "Sebastian" == Sebastian Ramacher writes: >> I've uploaded to unstable. There's what tracker lists as a >> regression in CI tests: >> https://ci.debian.net/data/autopkgtest/testing/ppc64el/s/squid/8297228/log.gz >> >> I don't think that regression looks caused by krb5 after >> examining the log. Sebastian> Looks like some symbols were removed without bumping the Sebastian> SONAME of librkb5 (#975344). Sure. These symbols were never part of the public API. The public api is defined by krb5.h without defining KRB5_PRIVATE. The symbols were defined in k5-int.h, which is not even an installed header. I mean I agree we need to block the transition until we figure out what to do about things, but this doesn't seem like krb5's fault. I'm responding to that bug in a moment. --Sam
NEW changes in stable-new
Processing changes file: choose-mirror_2.99+deb10u2_source.changes ACCEPT Processing changes file: lmod_6.6-0.3+deb10u1_source.changes ACCEPT Processing changes file: node-pathval_1.1.0-3+deb10u1_sourceonly.changes ACCEPT Processing changes file: partman-auto_149+deb10u1_source.changes ACCEPT Processing changes file: tcpdump_4.9.3-1~deb10u2_source.changes ACCEPT
Bug#974982: transition: krb5
Control: block -1 by 975344 On 2020-11-20 13:04:06 -0500, Sam Hartman wrote: > I've uploaded to unstable. > There's what tracker lists as a regression in CI tests: > https://ci.debian.net/data/autopkgtest/testing/ppc64el/s/squid/8297228/log.gz > > I don't think that regression looks caused by krb5 after examining the > log. Looks like some symbols were removed without bumping the SONAME of librkb5 (#975344). > Do you need me to request binnmu of libauthen-krb5-admin-perl and > libpam-krb5-migrate-mit? I'm guessing not because it looks like that's > already happening. That's not necessary. We take care of those for transitions. Cheers -- Sebastian Ramacher signature.asc Description: PGP signature
Processed: Re: Bug#974982: transition: krb5
Processing control commands: > block -1 by 975344 Bug #974982 [release.debian.org] transition: krb5 974982 was not blocked by any bugs. 974982 was not blocking any bugs. Added blocking bug(s) of 974982: 975344 -- 974982: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=974982 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#973674: buster-pu: package mdadm/4.1-8
On Tue, 2020-11-03 at 02:50 -0800, Felix Lechner wrote: > +mdadm (4.1-1+deb10u1) buster-updates; urgency=medium The distribution there wants to simply be "buster", please. "buster- updates" is a related suite to which we can push packages if appropriate, but it's not an upload target and, while dak should route the package appropriately in any case, it's at best confusing. > + * Install mdcheck. (Closes: #960132) My understanding is that the service / timer for this is not enabled by default, so this change will make things work for those users who have explicitly chosen to enable it, but have no effect on any user who has not done so. Is that correct? Regards, Adam
Bug#973917: tcpdump 4.9.3-1~deb10u2 flagged for acceptance
package release.debian.org tags 973917 = buster pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian buster. Thanks for your contribution! Upload details == Package: tcpdump Version: 4.9.3-1~deb10u2 Explanation: fix untrusted input issue in the PPP printer [CVE-2020-8037]
Processed: lmod 6.6-0.3+deb10u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 972963 = buster pending Bug #972963 [release.debian.org] buster-pu: package lmod/6.6-0.3+deb10u1 Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 972963: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972963 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: tcpdump 4.9.3-1~deb10u2 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 973917 = buster pending Bug #973917 [release.debian.org] buster-pu: package tcpdump/4.9.3-1~deb10u2 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 973917: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973917 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: node-pathval 1.1.0-3+deb10u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 972903 = buster pending Bug #972903 [release.debian.org] buster-pu: package node-pathval/1.1.0-3+deb10u1 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 972903: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972903 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#972963: lmod 6.6-0.3+deb10u1 flagged for acceptance
package release.debian.org tags 972963 = buster pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian buster. Thanks for your contribution! Upload details == Package: lmod Version: 6.6-0.3+deb10u1 Explanation: change architecture to "any" - required due to LUA_PATH and LUA_CPATH being determined at build time
Bug#972903: node-pathval 1.1.0-3+deb10u1 flagged for acceptance
package release.debian.org tags 972903 = buster pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian buster. Thanks for your contribution! Upload details == Package: node-pathval Version: 1.1.0-3+deb10u1 Explanation: fix prototype pollution [CVE-2020-7751]
Bug#975297: buster-pu: package tor/3.5.12-1
Control: tags -1 + confirmed Hi, On Fri, 2020-11-20 at 07:43 +, Peter Palfrader wrote: > Stable currently has Tor 0.3.5.10. > > Upstream released 0.3.5.11 and 0.3.5.12 since, which bring some > security fixes, update the list of fallback directory servers, and a > few things more. > > See > https://gitweb.torproject.org/tor.git/tree/ChangeLog?h=tor-0.3.5.12 > for a full list. > > I would like to build and upload packages for tor 3.5.12. Based on previous updates, I'd be happy with that, but please attach a debdiff to this bug log once it's built / uploaded, for completeness. As a side note - I suspect it may have been spotted already, but the introduction to upstream's changelog for 0.3.5.12 should presumably refer to that version, rather than 0.4.3.7. Regards, Adam
Processed: Re: Bug#975297: buster-pu: package tor/3.5.12-1
Processing control commands: > tags -1 + confirmed Bug #975297 [release.debian.org] buster-pu: package tor/0.3.5.12-1 Added tag(s) confirmed. -- 975297: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=975297 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#974982: transition: krb5
I've uploaded to unstable. There's what tracker lists as a regression in CI tests: https://ci.debian.net/data/autopkgtest/testing/ppc64el/s/squid/8297228/log.gz I don't think that regression looks caused by krb5 after examining the log. Do you need me to request binnmu of libauthen-krb5-admin-perl and libpam-krb5-migrate-mit? I'm guessing not because it looks like that's already happening.
Bug#959469: buster-pu: package openssl/1.1.1g-1
On Sun, 2020-11-15 at 11:29 +0100, Sebastian Andrzej Siewior wrote: > control: retitle -1 buster-pu: package openssl/1.1.1h-1 > > On 2020-05-02 22:34:40 [+0100], Adam D. Barratt wrote: > > > > Do we have any feeling for how widespread such certificates > > > > might be? > > > > The fact that there have been two different upstream reports > > > > isn't particularly comforting. > > > > > > This is correct. I don't know if there is tooling that is > > > generating broken certificates or just some individuals. I > > > updated my two OpenVPN instances and I saw clients connecting > > > again. > > > > Thanks for the information. > > look at that. I deployed it locally and forgot all about it. Now I > was going to open a pu for 1.1.1h and noticed that I didn't finish > this one. > > I hereby propose an update to 1.1.1h. Predictably we're again quite close to a point release. :-( (One week from freeze, specifically.) Looking at the upstream issues regarding certificate validation changes between 1.1.1e and f/g, #11456 appears to have been addressed already, but #11625 is still open and looks stalled. Have you seen any more reports of that issue? Regards, Adam
Re: Porter roll call for Debian Bullseye
Hi A friendly reminder about the porter roll call for bullseye. On Mon, 2 Nov 2020 at 22:23, Graham Inggs wrote: > We are doing a roll call for porters of all release architectures. If > you are an active porter behind one of the release architectures [1] > for the entire lifetime of Debian Bullseye (est. end of 2024), please > respond with a signed email containing the following before Friday, > November 27: Please note we don't automatically assume that porters for previous releases will continue to do so. If you were a porter for a previous release, we'd like you to sign up again for bullseye. Please refer to the architecture requalification page [1] for the current status. Graham, on behalf of the release team [1] https://release.debian.org/bullseye/arch_qualify.html
Processed: retitle 975297 to buster-pu: package tor/0.3.5.12-1
Processing commands for cont...@bugs.debian.org: > retitle 975297 buster-pu: package tor/0.3.5.12-1 Bug #975297 [release.debian.org] buster-pu: package tor/3.5.12-1 Changed Bug title to 'buster-pu: package tor/0.3.5.12-1' from 'buster-pu: package tor/3.5.12-1'. > thanks Stopping processing here. Please contact me if you need assistance. -- 975297: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=975297 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#975297: buster-pu: package tor/3.5.12-1
On Fri, 20 Nov 2020, Peter Palfrader wrote: > I would like to build and upload packages for tor 3.5.12. Actually, that's 0.3.5.12, and the package would be 0.3.5.12-1. -- | .''`. ** Debian ** Peter Palfrader | : :' : The universal https://www.palfrader.org/ | `. `' Operating System | `-https://www.debian.org/
Bug#966028: buster-pu: package librsvg/2.44.10-2.1+deb10u1
[slightly delayed, as I just realised that I still had this in drafts for some reason] On Sun, 2020-09-20 at 21:26 +0200, Emilio Pozuelo Monfort wrote: > On 20/09/2020 10:55, Emilio Pozuelo Monfort wrote: > > On 25/07/2020 12:04, Adam D. Barratt wrote: > > > Unfortunately it appears that this FTBFS on ppc64el and s390x, > > > with a segmentation fault in the tests. > > > > I have uploaded a new revision, fixing this FTBFS and the one > > caused by the new rustc 1.41. > > Shame on me, the ppc64el/s390x was good but the other, general FTBFS > with rustc 1.41 wasn't sufficiently tested due to a mistake on my > side. > > I have done a new brown paper bug release to stable-new, hopefully > this will be the final one. Unfortunately the test suite still fails on ppc64el: ERROR: rsvg-test thread '' panicked at 'assertion failed: bounds.x1 >= bounds.x0', rsvg_internals/src/surface_utils/iterators.rs:36:9 Regards, Adam