Bug#990825: [pre-approval] unblock: golang-1.15/1.15.9-6
On Sun, Jul 18, 2021 at 3:00 AM Sebastian Ramacher wrote: [..] > Ah, I missed the debdiff due to the other discussion. Please go ahead. > Uploaded, built and installed on all architecures. -- Shengjing Zhu
Re: Finding a tentative bullseye release date
Hi! On 7/17/21 4:58 PM, Steve McIntyre wrote: > On Sat, Jul 17, 2021 at 10:25:17PM +0200, Paul Gevers wrote: >> Hi all, >> >> On 11-07-2021 21:11, Paul Gevers wrote: >>> With less than three weeks to go until the tentative release date, I >>> would love to confirm the date by now, but there is a serious issue with >>> crucial infrastructure (cdbuilder.d.o). Apart from this issue (and what >>> it means for solving the debian-installer blocking issues in time), I'm >>> not aware of other blocking issues, so let's hope the teams involved can >>> recover in time. >> >> Albeit there is some progress, we think it better for the people >> involved to now say that we will *not* release on July 31. >> >> Unfortunately, that means that we have to start looking for a new date >> again. Assuming what we'll learn in the upcoming week or two is good, I >> propose to already start the list below with two weeks after the >> previous date. Upcoming time is around DebConf, I can imagine it could >> even be an advantage, especially as that's on-line, let's see. >> >> 14 August (day before DebCamp) Doable. > > Works for me for images team > >> 21 August (last day of DebCamp) >> RT: elbrus > > Awkward - wife has plans for us that evening. Half of the press team is available this day so it is not ideal. > >> 28 August (DebConf) >> RT: elbrus > > Debian UK BBQ, argh > >> 4 September >> RT: elbrus Labor day weekend in the U.S. Not a good weekend. > > Works fine for me > >> 11 September: >> RT: elbrus > > That's the week of my wedding anniversary, I'll be on VAC. Happy Anniversary! Could we put forth September 18th? We are good for that day without any issues. > -- -- - ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ Donald Norwood ⢿⡄⠘⠷⠚⠋⠀ B7A1 5F45 5B28 7F38 4174 ⠈⠳⣄ D5E9 E5EC 4AC9 BD62 7B05
Processed: tags 991073 - moreinfo
Processing commands for cont...@bugs.debian.org: > tags 991073 - moreinfo Bug #991073 [release.debian.org] unblock: ganglia-modules-linux/1.3.4-5 Removed tag(s) moreinfo. > End of message, stopping processing here. Please contact me if you need assistance. -- 991073: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991073 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#990939: unblock: newlisp/10.7.5-2
On Wednesday, July 14 2021, Paul Gevers wrote: > On 11-07-2021 20:29, Sergio Durigan Junior wrote: >>> Please unblock package newlisp > > unblocked. Thanks, Paul. >>> Depending on the -dev packages instead is not nice, >>> but it is actually the fix with the smallest change. >> >> I'm open to suggestions here. > > The original bug mentions: > Use e.g. dpkg-shlibdeps/dh_shlibdeps for that. See option -d > in dpkg-shlibdeps(1) for a hint on how to do that. I don't know if the original bug was filed using a template or not, but using dpkg-shlibdeps doesn't make sense in this case because the newlisp binary doesn't link against the specified libraries. Instead, the newlisp *scripts* (which are installed under /usr/share/newlisp) contain explicit commands to make the newlisp interpreter load the necessary libraries (via dlopen). I can be really wrong here, but I don't see another way to tackle this problem. Either way, I don't want to hijack this thread either, but I just thought I'd point this out. Thanks, -- Sergio GPG key ID: 237A 54B1 0287 28BF 00EF 31F4 D0EB 7628 65FC 5E36 Please send encrypted e-mail if possible https://sergiodj.net/ signature.asc Description: PGP signature
Bug#991221: buster-pu: package mariadb-10.3 10.3.30-0+deb10u1
Package: release.debian.org Severity: normal Tags: buster User: release.debian@packages.debian.org Usertags: pu I propose that the latest version of MariaDB 10.3.30 would be included in the upcoming stable release update of Debian. Package is ready at https://salsa.debian.org/mariadb-team/mariadb-10.3 Before I submit the final changelog etc I'd like to inquire what is the schedule of the Debian 10.11 stable update? There is currently no entry at https://release.debian.org/ If the date is far in the future (e.g. September) it might be that there is a MariaDB 10.3.31 available already by then and putting effort on 10.3.30 is moot.
Re: Finding a tentative bullseye release date
On Sat, Jul 17, 2021 at 10:25:17PM +0200, Paul Gevers wrote: >Hi all, > >On 11-07-2021 21:11, Paul Gevers wrote: >> With less than three weeks to go until the tentative release date, I >> would love to confirm the date by now, but there is a serious issue with >> crucial infrastructure (cdbuilder.d.o). Apart from this issue (and what >> it means for solving the debian-installer blocking issues in time), I'm >> not aware of other blocking issues, so let's hope the teams involved can >> recover in time. > >Albeit there is some progress, we think it better for the people >involved to now say that we will *not* release on July 31. > >Unfortunately, that means that we have to start looking for a new date >again. Assuming what we'll learn in the upcoming week or two is good, I >propose to already start the list below with two weeks after the >previous date. Upcoming time is around DebConf, I can imagine it could >even be an advantage, especially as that's on-line, let's see. > >14 August (day before DebCamp) Works for me for images team >21 August (last day of DebCamp) > RT: elbrus Awkward - wife has plans for us that evening. >28 August (DebConf) > RT: elbrus Debian UK BBQ, argh >4 September > RT: elbrus Works fine for me >11 September: > RT: elbrus That's the week of my wedding anniversary, I'll be on VAC. -- Steve McIntyre, Cambridge, UK.st...@einval.com "We're the technical experts. We were hired so that management could ignore our recommendations and tell us how to do our jobs." -- Mike Andrews
Re: Finding a tentative bullseye release date
Hi all, On 11-07-2021 21:11, Paul Gevers wrote: > With less than three weeks to go until the tentative release date, I > would love to confirm the date by now, but there is a serious issue with > crucial infrastructure (cdbuilder.d.o). Apart from this issue (and what > it means for solving the debian-installer blocking issues in time), I'm > not aware of other blocking issues, so let's hope the teams involved can > recover in time. Albeit there is some progress, we think it better for the people involved to now say that we will *not* release on July 31. Unfortunately, that means that we have to start looking for a new date again. Assuming what we'll learn in the upcoming week or two is good, I propose to already start the list below with two weeks after the previous date. Upcoming time is around DebConf, I can imagine it could even be an advantage, especially as that's on-line, let's see. 14 August (day before DebCamp) 21 August (last day of DebCamp) RT: elbrus 28 August (DebConf) RT: elbrus 4 September RT: elbrus 11 September: RT: elbrus Paul OpenPGP_signature Description: OpenPGP digital signature
Bug#990825: [pre-approval] unblock: golang-1.15/1.15.9-6
(Replace pkg-go-maintain...@lists.alioth.debian.org with debian-go@lists.d.o, the alioth list is deprecated) On Sun, Jul 18, 2021 at 3:32 AM Adrian Bunk wrote: > > On Tue, Jul 13, 2021 at 02:08:22PM +0800, Shengjing Zhu wrote: > >... > > Sadly the std library are statically embedded in all packages built by Go > > compiler. > > So if there's security issue in std library, bunch of packages need to be > > rebuild. > >... > > It might be an improvement to switch to gccgo as default Go compiler > in bookworm? Might be. And it would be great if we can get some compiler experts or upstream to have some inputs. If anyone have experience on this area and want to drive this, I think it's worth to try. -- Shengjing Zhu
Bug#990825: [pre-approval] unblock: golang-1.15/1.15.9-6
On Tue, Jul 13, 2021 at 02:08:22PM +0800, Shengjing Zhu wrote: >... > Sadly the std library are statically embedded in all packages built by Go > compiler. > So if there's security issue in std library, bunch of packages need to be > rebuild. >... It might be an improvement to switch to gccgo as default Go compiler in bookworm? cu Adrian
Bug#990825: [pre-approval] unblock: golang-1.15/1.15.9-6
On 2021-07-18 02:54:31 +0800, Shengjing Zhu wrote: > On Sun, Jul 18, 2021 at 2:52 AM Sebastian Ramacher > wrote: > > > > On 2021-07-18 02:49:26 +0800, Shengjing Zhu wrote: > > > On Sun, Jul 18, 2021 at 2:29 AM Sebastian Ramacher > > > wrote: > > > > > > > > On 2021-07-15 02:03:19 +0800, Shengjing Zhu wrote: > > > > > On Thu, Jul 15, 2021 at 2:02 AM Shengjing Zhu wrote: > > > > > > > > > > > > On Thu, Jul 15, 2021 at 1:54 AM Paul Wise wrote: > > > > > > > > > > > > > > On Wed, 2021-07-14 at 20:16 +0800, Shengjing Zhu wrote: > > > > > > > > > > > > > > > That feels over-engineering/energy-wasting. > > > > > > > > > > > > > > Another option would be to search the source code, and these > > > > > > > findings > > > > > > > would need to be confirmed using grep, but looking at codesearch: > > > > > > > > > > > > > > > > > > > > > https://codesearch.debian.net/search?q=%5C.generateClientKeyExchange=0 > > > > > > > > > > > > > > > > > > > generateClientKeyExchange is not an exported function, which is > > > > > > expected to be called by other library/softwares. > > > > > > > > > > oops, it should be "which is not expected..." > > > > > > > > What's the status? If we cannot reduce the number of packages to binNMU, > > > > then this needs to happen soon. Otherwise there won't be enough time to > > > > chase all the rebuilds. > > > > > > > > > > From my perspertive, for std library security fix in Go compiler, it's > > > better to rebuild all Go packages. > > > > > > It's not possible to figure out the affected packages at sub-lib(eg > > > the crypto/tls package in std lib) level by source package. > > > Only possible with binary packages, either by > > > + disassemble > > > + or rebuild at local first to see if the result binary changes. > > > > > > PS, the embedded version of Go std libary is tracked at all Go > > > packages' Built-Using field. And it's only tracked at source package > > > level, not every sub-lib level. > > > So for other Go lib packages security updates, we don't need to > > > rebuild the world. > > > > Sorry, I meant: what's the status of the golang-1.15 upload? > > > > Not uploaded yet. But I have sent the debdiff, and wait for the ACK. > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990825#17 Ah, I missed the debdiff due to the other discussion. Please go ahead. Cheers > > -- > Shengjing Zhu -- Sebastian Ramacher signature.asc Description: PGP signature
Bug#990825: [pre-approval] unblock: golang-1.15/1.15.9-6
On Sun, Jul 18, 2021 at 2:52 AM Sebastian Ramacher wrote: > > On 2021-07-18 02:49:26 +0800, Shengjing Zhu wrote: > > On Sun, Jul 18, 2021 at 2:29 AM Sebastian Ramacher > > wrote: > > > > > > On 2021-07-15 02:03:19 +0800, Shengjing Zhu wrote: > > > > On Thu, Jul 15, 2021 at 2:02 AM Shengjing Zhu wrote: > > > > > > > > > > On Thu, Jul 15, 2021 at 1:54 AM Paul Wise wrote: > > > > > > > > > > > > On Wed, 2021-07-14 at 20:16 +0800, Shengjing Zhu wrote: > > > > > > > > > > > > > That feels over-engineering/energy-wasting. > > > > > > > > > > > > Another option would be to search the source code, and these > > > > > > findings > > > > > > would need to be confirmed using grep, but looking at codesearch: > > > > > > > > > > > > > > > > > > https://codesearch.debian.net/search?q=%5C.generateClientKeyExchange=0 > > > > > > > > > > > > > > > > generateClientKeyExchange is not an exported function, which is > > > > > expected to be called by other library/softwares. > > > > > > > > oops, it should be "which is not expected..." > > > > > > What's the status? If we cannot reduce the number of packages to binNMU, > > > then this needs to happen soon. Otherwise there won't be enough time to > > > chase all the rebuilds. > > > > > > > From my perspertive, for std library security fix in Go compiler, it's > > better to rebuild all Go packages. > > > > It's not possible to figure out the affected packages at sub-lib(eg > > the crypto/tls package in std lib) level by source package. > > Only possible with binary packages, either by > > + disassemble > > + or rebuild at local first to see if the result binary changes. > > > > PS, the embedded version of Go std libary is tracked at all Go > > packages' Built-Using field. And it's only tracked at source package > > level, not every sub-lib level. > > So for other Go lib packages security updates, we don't need to > > rebuild the world. > > Sorry, I meant: what's the status of the golang-1.15 upload? > Not uploaded yet. But I have sent the debdiff, and wait for the ACK. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990825#17 -- Shengjing Zhu
Bug#990825: [pre-approval] unblock: golang-1.15/1.15.9-6
On 2021-07-18 02:49:26 +0800, Shengjing Zhu wrote: > On Sun, Jul 18, 2021 at 2:29 AM Sebastian Ramacher > wrote: > > > > On 2021-07-15 02:03:19 +0800, Shengjing Zhu wrote: > > > On Thu, Jul 15, 2021 at 2:02 AM Shengjing Zhu wrote: > > > > > > > > On Thu, Jul 15, 2021 at 1:54 AM Paul Wise wrote: > > > > > > > > > > On Wed, 2021-07-14 at 20:16 +0800, Shengjing Zhu wrote: > > > > > > > > > > > That feels over-engineering/energy-wasting. > > > > > > > > > > Another option would be to search the source code, and these findings > > > > > would need to be confirmed using grep, but looking at codesearch: > > > > > > > > > > > > > > > https://codesearch.debian.net/search?q=%5C.generateClientKeyExchange=0 > > > > > > > > > > > > > generateClientKeyExchange is not an exported function, which is > > > > expected to be called by other library/softwares. > > > > > > oops, it should be "which is not expected..." > > > > What's the status? If we cannot reduce the number of packages to binNMU, > > then this needs to happen soon. Otherwise there won't be enough time to > > chase all the rebuilds. > > > > From my perspertive, for std library security fix in Go compiler, it's > better to rebuild all Go packages. > > It's not possible to figure out the affected packages at sub-lib(eg > the crypto/tls package in std lib) level by source package. > Only possible with binary packages, either by > + disassemble > + or rebuild at local first to see if the result binary changes. > > PS, the embedded version of Go std libary is tracked at all Go > packages' Built-Using field. And it's only tracked at source package > level, not every sub-lib level. > So for other Go lib packages security updates, we don't need to > rebuild the world. Sorry, I meant: what's the status of the golang-1.15 upload? Cheers > > -- > Shengjing Zhu -- Sebastian Ramacher signature.asc Description: PGP signature
Bug#990825: [pre-approval] unblock: golang-1.15/1.15.9-6
On Sun, Jul 18, 2021 at 2:29 AM Sebastian Ramacher wrote: > > On 2021-07-15 02:03:19 +0800, Shengjing Zhu wrote: > > On Thu, Jul 15, 2021 at 2:02 AM Shengjing Zhu wrote: > > > > > > On Thu, Jul 15, 2021 at 1:54 AM Paul Wise wrote: > > > > > > > > On Wed, 2021-07-14 at 20:16 +0800, Shengjing Zhu wrote: > > > > > > > > > That feels over-engineering/energy-wasting. > > > > > > > > Another option would be to search the source code, and these findings > > > > would need to be confirmed using grep, but looking at codesearch: > > > > > > > > > > > > https://codesearch.debian.net/search?q=%5C.generateClientKeyExchange=0 > > > > > > > > > > generateClientKeyExchange is not an exported function, which is > > > expected to be called by other library/softwares. > > > > oops, it should be "which is not expected..." > > What's the status? If we cannot reduce the number of packages to binNMU, > then this needs to happen soon. Otherwise there won't be enough time to > chase all the rebuilds. > >From my perspertive, for std library security fix in Go compiler, it's better to rebuild all Go packages. It's not possible to figure out the affected packages at sub-lib(eg the crypto/tls package in std lib) level by source package. Only possible with binary packages, either by + disassemble + or rebuild at local first to see if the result binary changes. PS, the embedded version of Go std libary is tracked at all Go packages' Built-Using field. And it's only tracked at source package level, not every sub-lib level. So for other Go lib packages security updates, we don't need to rebuild the world. -- Shengjing Zhu
Bug#990825: [pre-approval] unblock: golang-1.15/1.15.9-6
On 2021-07-15 02:03:19 +0800, Shengjing Zhu wrote: > On Thu, Jul 15, 2021 at 2:02 AM Shengjing Zhu wrote: > > > > On Thu, Jul 15, 2021 at 1:54 AM Paul Wise wrote: > > > > > > On Wed, 2021-07-14 at 20:16 +0800, Shengjing Zhu wrote: > > > > > > > That feels over-engineering/energy-wasting. > > > > > > Another option would be to search the source code, and these findings > > > would need to be confirmed using grep, but looking at codesearch: > > > > > > > > > https://codesearch.debian.net/search?q=%5C.generateClientKeyExchange=0 > > > > > > > generateClientKeyExchange is not an exported function, which is > > expected to be called by other library/softwares. > > oops, it should be "which is not expected..." What's the status? If we cannot reduce the number of packages to binNMU, then this needs to happen soon. Otherwise there won't be enough time to chase all the rebuilds. Cheers -- Sebastian Ramacher signature.asc Description: PGP signature
Bug#991210: marked as done (unblock: conmon/2.0.25+ds1-1.1)
Your message dated Sat, 17 Jul 2021 18:27:04 + with message-id and subject line unblock conmon has caused the Debian Bug report #991210, regarding unblock: conmon/2.0.25+ds1-1.1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991210: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991210 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package conmon * Add upstream fix to not make container runtime processes unkillable. (Closes: #990263) I am not convinced that the lowering to non-RC of the bug was appropriate, but this is moot if the fix goes into bullseye. diff -Nru conmon-2.0.25+ds1/debian/changelog conmon-2.0.25+ds1/debian/changelog --- conmon-2.0.25+ds1/debian/changelog 2021-01-31 05:56:56.0 +0200 +++ conmon-2.0.25+ds1/debian/changelog 2021-07-14 20:46:07.0 +0300 @@ -1,3 +1,11 @@ +conmon (2.0.25+ds1-1.1) unstable; urgency=medium + + * Non-maintainer upload. + * Add upstream fix to not make container runtime processes +unkillable. (Closes: #990263) + + -- Adrian Bunk Wed, 14 Jul 2021 20:46:07 +0300 + conmon (2.0.25+ds1-1) unstable; urgency=medium * New upstream release diff -Nru conmon-2.0.25+ds1/debian/patches/0001-Reset-OOM-score-back-to-0-for-container-runtime.patch conmon-2.0.25+ds1/debian/patches/0001-Reset-OOM-score-back-to-0-for-container-runtime.patch --- conmon-2.0.25+ds1/debian/patches/0001-Reset-OOM-score-back-to-0-for-container-runtime.patch 1970-01-01 02:00:00.0 +0200 +++ conmon-2.0.25+ds1/debian/patches/0001-Reset-OOM-score-back-to-0-for-container-runtime.patch 2021-07-14 20:46:07.0 +0300 @@ -0,0 +1,76 @@ +From b033cb5dfde6de05e63408fc839f1bb641cddd85 Mon Sep 17 00:00:00 2001 +From: Mrunal Patel +Date: Thu, 27 May 2021 14:09:39 -0700 +Subject: Reset OOM score back to 0 for container runtime + +We don't want container runtime procesess to be unkillable +so we reset oom_score_adj back to 0 before execv +of the runtime process. + +Signed-off-by: Mrunal Patel +--- + src/conmon.c | 4 +++- + src/oom.c| 6 ++ + src/oom.h| 2 +- + 3 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/src/conmon.c b/src/conmon.c +index c349d6c..c6bd9f5 100644 +--- a/src/conmon.c b/src/conmon.c +@@ -41,7 +41,7 @@ int main(int argc, char *argv[]) + + process_cli(); + +- attempt_oom_adjust(); ++ attempt_oom_adjust("-1000"); + + /* ignoring SIGPIPE prevents conmon from being spuriously killed */ + signal(SIGPIPE, SIG_IGN); +@@ -275,6 +275,8 @@ int main(int argc, char *argv[]) + } + } + ++ // We don't want runc to be unkillable so we reset the oom_score_adj back to 0 ++ attempt_oom_adjust("0"); + execv(g_ptr_array_index(runtime_argv, 0), (char **)runtime_argv->pdata); + exit(127); + } +diff --git a/src/oom.c b/src/oom.c +index 5791777..0041a6b 100644 +--- a/src/oom.c b/src/oom.c +@@ -5,16 +5,14 @@ + #include + #include + +-#define OOM_SCORE "-1000" +- +-void attempt_oom_adjust() ++void attempt_oom_adjust(const char *const oom_score) + { + int oom_score_fd = open("/proc/self/oom_score_adj", O_WRONLY); + if (oom_score_fd < 0) { + ndebugf("failed to open /proc/self/oom_score_adj: %s\n", strerror(errno)); + return; + } +- if (write(oom_score_fd, OOM_SCORE, strlen(OOM_SCORE)) < 0) { ++ if (write(oom_score_fd, oom_score, strlen(oom_score)) < 0) { + ndebugf("failed to write to /proc/self/oom_score_adj: %s\n", strerror(errno)); + } + close(oom_score_fd); +diff --git a/src/oom.h b/src/oom.h +index 28e4178..9408c3b 100644 +--- a/src/oom.h b/src/oom.h +@@ -1,6 +1,6 @@ + #if !defined(OOM_H) + #define OOM_H + +-void attempt_oom_adjust(); ++void attempt_oom_adjust(const char *const oom_score); + + #endif // OOM_H +-- +2.20.1 + diff -Nru conmon-2.0.25+ds1/debian/patches/series conmon-2.0.25+ds1/debian/patches/series --- conmon-2.0.25+ds1/debian/patches/series 1970-01-01 02:00:00.0 +0200 +++ conmon-2.0.25+ds1/debian/patches/series 2021-07-14 20:46:07.0 +0300 @@ -0,0 +1 @@ +0001-Reset-OOM-score-back-to-0-for-container-runtime.patch --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Bug#991211: marked as done (unblock: debian-crossgrader/0.0.3+nmu3)
Your message dated Sat, 17 Jul 2021 18:27:31 + with message-id and subject line unblock debian-crossgrader has caused the Debian Bug report #991211, regarding unblock: debian-crossgrader/0.0.3+nmu3 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991211: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991211 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package debian-crossgrader * Purge with --force-remove-protected in the third stage to avoid failures due to packages that recently became protected. (Closes: #990669) This regression caused by changes in bullseye was hidden when #968458 in python-apt made crossgrader fail even earlier. diff -Nru debian-crossgrader-0.0.3+nmu2/debian/changelog debian-crossgrader-0.0.3+nmu3/debian/changelog --- debian-crossgrader-0.0.3+nmu2/debian/changelog 2020-12-12 23:22:05.0 +0200 +++ debian-crossgrader-0.0.3+nmu3/debian/changelog 2021-07-14 20:23:38.0 +0300 @@ -1,3 +1,12 @@ +debian-crossgrader (0.0.3+nmu3) unstable; urgency=medium + + * Non-maintainer upload. + * Purge with --force-remove-protected in the third stage to +avoid failures due to packages that recently became protected. +(Closes: #990669) + + -- Adrian Bunk Wed, 14 Jul 2021 20:23:38 +0300 + debian-crossgrader (0.0.3+nmu2) unstable; urgency=medium * NMU diff -Nru debian-crossgrader-0.0.3+nmu2/debian_crossgrader/__main__.py debian-crossgrader-0.0.3+nmu3/debian_crossgrader/__main__.py --- debian-crossgrader-0.0.3+nmu2/debian_crossgrader/__main__.py 2020-09-06 19:13:29.0 +0300 +++ debian-crossgrader-0.0.3+nmu3/debian_crossgrader/__main__.py 2021-07-11 19:22:28.0 +0300 @@ -138,7 +138,7 @@ return if cont == 'y': -subprocess.check_call(['dpkg', '--purge'] + targets) +subprocess.check_call(['dpkg', '--purge', '--force-remove-protected'] + targets) remaining = apt_utils.get_arch_packages(foreign_arch) if args.packages: remaining = [pkg_name for pkg_name in remaining if pkg_name not in args.packages] --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Processed: Re: Bug#991103: unblock: collectd/5.12.0-7 (pre-approval)
Processing control commands: > tags -1 moreinfo confirmed Bug #991103 [release.debian.org] unblock: collectd/5.12.0-7 (pre-approval) Added tag(s) moreinfo and confirmed. -- 991103: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991103 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#991103: unblock: collectd/5.12.0-7 (pre-approval)
Control: tags -1 moreinfo confirmed On 2021-07-14 22:48:15 +0900, Kentaro Hayashi wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > X-Debbugs-Cc: ken...@xdump.org > > Please unblock package collectd > > [ Reason ] > > Fix https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982294 > > If collection3 is set up(not enabled by default), the following error is sent > to logs repeatedly. > > FastCGI sent in stderr: "CGI::param called in list context from > /usr/share/doc/collectd-core/examples/collection3/lib/ > Collectd/Graph/Common.pm line 529, this can lead to vulnerabilities. See the > warning in "Fetching the value or values of a single named parameter" at > /usr/share/perl5/CGI.pm line 412" > > This is not actually assigned as CVE-, but it is unexpected situation. > > [ Impact ] > > It doesn't break collectd behavior at all. > > It only fixes the issue about generation of tons of warning messages > about inappropriate usage of param() via bundled web interface utility > (collection3). > > [ Tests ] > > Not ready for automated test because it need to run collection3 as a CGI. > So, I manually tested attached patch. > > [ Risks ] > > Low, because very limited reverse dependency and it is only affected when web > interface is enabled. > > % LANG=C apt rdepends collectd > collectd > Reverse Depends: > Replaces: collectd-utils (<< 4.6.1-1~) > Recommends: kcollectd > Suggests: drraw > Suggests: libcollectdclient1 > Replaces: collectd-core (<< 4.8.2-1~) > Recommends: collectd-utils > > [ Checklist ] > [x] all changes are documented in the d/changelog > [x] I reviewed all changes and I approve them > [x] attach debdiff against the package in testing > > [ Other info ] > > I've prepared debdiff patch. > > unblock collectd/5.12.0-7 ACK, please go ahead and remove the moreinfo tag once the new version is available in unstable. Cheers > diff -Nru collectd-5.12.0/debian/changelog collectd-5.12.0/debian/changelog > --- collectd-5.12.0/debian/changelog 2021-06-02 00:56:33.0 +0900 > +++ collectd-5.12.0/debian/changelog 2021-07-14 21:46:02.0 +0900 > @@ -1,3 +1,10 @@ > +collectd (5.12.0-7) unstable; urgency=medium > + > + * Team upload. > + * Fix CGI::param error in collection3 (Closes: 982294) > + > + -- Kentaro Hayashi Wed, 14 Jul 2021 21:46:02 +0900 > + > collectd (5.12.0-6) unstable; urgency=medium > >* [b4e7861] collectd-dev: Add missing header files again. > diff -Nru collectd-5.12.0/debian/patches/cgi-param-in-list-context.patch > collectd-5.12.0/debian/patches/cgi-param-in-list-context.patch > --- collectd-5.12.0/debian/patches/cgi-param-in-list-context.patch > 1970-01-01 09:00:00.0 +0900 > +++ collectd-5.12.0/debian/patches/cgi-param-in-list-context.patch > 2021-07-14 21:46:02.0 +0900 > @@ -0,0 +1,58 @@ > +From: Kentaro Hayashi > +Subject: Fix CGI::param error in collection3 > +Bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982294 > +Forwarded: https://salsa.debian.org/debian/pkg-collectd/-/merge_requests/6 > + > +When using collection3 as a CGI, the following error is sent to logs > repeatedly. > +This MR fixes it: > + > + FastCGI sent in stderr: "CGI::param called in list context from > /usr/share/doc/collectd-core/examples/collection3/lib/Collectd/Graph/Common.pm > line 529, this can lead to vulnerabilities. See the warning in "Fetching the > value or values of a single named parameter" at /usr/share/perl5/CGI.pm line > 412" > + > +This is caused by inappropriate usage of param(), > +it should be handled as a scalar or should be treated by multi_param() > explicitly. > + > +Closes: #982294 > + > +ref. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982294 > + > +--- a/contrib/collection3/lib/Collectd/Graph/Common.pm > b/contrib/collection3/lib/Collectd/Graph/Common.pm > +@@ -526,7 +526,7 @@ > + for (qw(hostname plugin plugin_instance type type_instance)) > + { > + my $part = $_; > +-my @temp = param ($part); > ++my @temp = multi_param ($part); > + if (!@temp) > + { > + next; > +@@ -547,9 +547,9 @@ > + sub get_timespan_selection > + { > + my $ret = 86400; > +- if (param ('timespan')) > ++ if (scalar param ('timespan')) > + { > +-my $temp = int (param ('timespan')); > ++my $temp = int (scalar param ('timespan')); > + if ($temp && ($temp > 0)) > + { > + $ret = $temp; > +@@ -568,7 +568,7 @@ > + $ret{$_} = 0; > + } > + > +- for (param ('hostname')) > ++ for (multi_param ('hostname')) > + { > + my $host = _sanitize_generic_allow_minus ($_); > + if (defined ($ret{$host})) > +@@ -597,7 +597,7 @@ > + $ret{$_} = 0; > + } > + > +- for (param ('plugin')) > ++ for (multi_param ('plugin')) > + { > + if (defined ($ret{$_})) > + { > diff -Nru collectd-5.12.0/debian/patches/series > collectd-5.12.0/debian/patches/series > ---
Bug#991209: marked as done (unblock: minetest/5.3.0+repack-2.1)
Your message dated Sat, 17 Jul 2021 18:26:12 + with message-id and subject line unblock minetest has caused the Debian Bug report #991209, regarding unblock: minetest/5.3.0+repack-2.1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991209: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991209 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package minetest * Add upstream fix for errors caused by missing param2 in falling.lua, thanks to Craig Small. (Closes: #990923) diff -Nru minetest-5.3.0+repack/debian/changelog minetest-5.3.0+repack/debian/changelog --- minetest-5.3.0+repack/debian/changelog 2021-01-31 15:41:26.0 +0200 +++ minetest-5.3.0+repack/debian/changelog 2021-07-15 18:55:57.0 +0300 @@ -1,3 +1,11 @@ +minetest (5.3.0+repack-2.1) unstable; urgency=medium + + * Non-maintainer upload. + * Add upstream fix for errors caused by missing param2 +in falling.lua, thanks to Craig Small. (Closes: #990923) + + -- Adrian Bunk Thu, 15 Jul 2021 18:55:57 +0300 + minetest (5.3.0+repack-2) unstable; urgency=medium * Team upload. diff -Nru minetest-5.3.0+repack/debian/patches/0001-Falling-Fix-error-caused-by-missing-param2.patch minetest-5.3.0+repack/debian/patches/0001-Falling-Fix-error-caused-by-missing-param2.patch --- minetest-5.3.0+repack/debian/patches/0001-Falling-Fix-error-caused-by-missing-param2.patch 1970-01-01 02:00:00.0 +0200 +++ minetest-5.3.0+repack/debian/patches/0001-Falling-Fix-error-caused-by-missing-param2.patch 2021-07-15 18:55:34.0 +0300 @@ -0,0 +1,26 @@ +From aba8c3753162320c7cc8a66913ad82f4f1fd0d8b Mon Sep 17 00:00:00 2001 +From: SmallJoker +Date: Thu, 30 Jul 2020 19:03:48 +0200 +Subject: Falling: Fix error caused by missing param2 + +Falling nodes that were spawned prior the recent falling node changes did not require param2. +Default to param2 = 0 when none is found in the node data. +--- + builtin/game/falling.lua | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/builtin/game/falling.lua b/builtin/game/falling.lua +index 714506a5f..4bfcca9e7 100644 +--- a/builtin/game/falling.lua b/builtin/game/falling.lua +@@ -52,6 +52,7 @@ core.register_entity(":__builtin:falling_node", { + floats = false, + + set_node = function(self, node, meta) ++ node.param2 = node.param2 or 0 + self.node = node + meta = meta or {} + if type(meta.to_table) == "function" then +-- +2.20.1 + diff -Nru minetest-5.3.0+repack/debian/patches/series minetest-5.3.0+repack/debian/patches/series --- minetest-5.3.0+repack/debian/patches/series 2021-01-31 11:43:36.0 +0200 +++ minetest-5.3.0+repack/debian/patches/series 2021-07-15 18:55:53.0 +0300 @@ -2,3 +2,4 @@ shared_mods.patch rawlua.patch postgresql.patch +0001-Falling-Fix-error-caused-by-missing-param2.patch --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Bug#991207: marked as done (unblock: dlib/19.10-3.1)
Your message dated Sat, 17 Jul 2021 17:53:16 + with message-id and subject line unblock dlib has caused the Debian Bug report #991207, regarding unblock: dlib/19.10-3.1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991207: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991207 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package dlib * Backport upstream fix for using cv_image.h with OpenCV 4, thanks to Alexandr Podgorniy. (Closes: #990676) This fixes compiling code using cv_image.h with the bullseye OpenCV. --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Bug#991206: marked as done (unblock: x264/2:0.160.3011+gitcde9a93-2.1)
Your message dated Sat, 17 Jul 2021 17:51:33 + with message-id and subject line unblock x264 has caused the Debian Bug report #991206, regarding unblock: x264/2:0.160.3011+gitcde9a93-2.1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991206: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991206 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package x264 * Backport upstream fix to support GPAC >= 0.8.0. (Closes: #975441) This fixes a regression from buster by restoring MP4 output in the x264 binary, the library is unchanged. diff -Nru x264-0.160.3011+gitcde9a93/debian/changelog x264-0.160.3011+gitcde9a93/debian/changelog --- x264-0.160.3011+gitcde9a93/debian/changelog 2020-07-26 17:52:56.0 +0300 +++ x264-0.160.3011+gitcde9a93/debian/changelog 2021-07-15 15:06:22.0 +0300 @@ -1,3 +1,10 @@ +x264 (2:0.160.3011+gitcde9a93-2.1) unstable; urgency=medium + + * Non-maintainer upload. + * Backport upstream fix to support GPAC >= 0.8.0. (Closes: #975441) + + -- Adrian Bunk Thu, 15 Jul 2021 15:06:22 +0300 + x264 (2:0.160.3011+gitcde9a93-2) unstable; urgency=medium * Team upload diff -Nru x264-0.160.3011+gitcde9a93/debian/patches/0001-mp4-Update-GPAC-support-to-v0.8.0-or-later.patch x264-0.160.3011+gitcde9a93/debian/patches/0001-mp4-Update-GPAC-support-to-v0.8.0-or-later.patch --- x264-0.160.3011+gitcde9a93/debian/patches/0001-mp4-Update-GPAC-support-to-v0.8.0-or-later.patch 1970-01-01 02:00:00.0 +0200 +++ x264-0.160.3011+gitcde9a93/debian/patches/0001-mp4-Update-GPAC-support-to-v0.8.0-or-later.patch 2021-07-15 15:06:22.0 +0300 @@ -0,0 +1,58 @@ +From 7c2004b58c26da661618262c9c06b73ad3a9ff6c Mon Sep 17 00:00:00 2001 +From: "A. David" +Date: Thu, 2 Jul 2020 19:45:50 +0200 +Subject: mp4: Update GPAC support to v0.8.0 or later + +--- + configure| 5 +++-- + output/mp4.c | 6 +- + 2 files changed, 8 insertions(+), 3 deletions(-) + +Index: x264-0.160.3011+gitcde9a93/configure +=== +--- x264-0.160.3011+gitcde9a93.orig/configure x264-0.160.3011+gitcde9a93/configure +@@ -1240,15 +1240,16 @@ if [ "$gpac" = "auto" -a "$lsmash" != "y + gpac="no" + GPAC_LIBS="-lgpac" + cc_check "" -lz && GPAC_LIBS="$GPAC_LIBS -lz" ++cc_check "" -ldl && GPAC_LIBS="$GPAC_LIBS -ldl" + if [ "$SYS" = "WINDOWS" ] ; then + cc_check "" -lws2_32 && GPAC_LIBS="$GPAC_LIBS -lws2_32" + cc_check "" -lwinmm && GPAC_LIBS="$GPAC_LIBS -lwinmm" + fi + if cc_check gpac/isomedia.h "$GPAC_LIBS" "gf_isom_close(0);" ; then +-if cc_check gpac/isomedia.h "$GPAC_LIBS" "gf_isom_set_pixel_aspect_ratio(0,0,0,0,0);" ; then ++if cc_check gpac/isomedia.h "$GPAC_LIBS" "gf_isom_set_pixel_aspect_ratio(0,0,0,0,0,0);" ; then + gpac="yes" + else +-echo "Warning: gpac is too old, update to 2007-06-21 UTC or later" ++echo "Warning: gpac is too old, update to v0.8.0 or later" + fi + fi + fi +Index: x264-0.160.3011+gitcde9a93/output/mp4.c +=== +--- x264-0.160.3011+gitcde9a93.orig/output/mp4.c x264-0.160.3011+gitcde9a93/output/mp4.c +@@ -147,7 +147,11 @@ static int close_file( hnd_t handle, int + { + uint32_t mvhd_timescale = gf_isom_get_timescale( p_mp4->p_file ); + uint64_t tkhd_duration = (uint64_t)( mdhd_duration * ( (double)mvhd_timescale / p_mp4->i_time_res ) ); ++#if GPAC_VERSION_MAJOR > 8 ++gf_isom_append_edit( p_mp4->p_file, p_mp4->i_track, tkhd_duration, sample->CTS_Offset, GF_ISOM_EDIT_NORMAL ); ++#else + gf_isom_append_edit_segment( p_mp4->p_file, p_mp4->i_track, tkhd_duration, sample->CTS_Offset, GF_ISOM_EDIT_NORMAL ); ++#endif + } + gf_isom_sample_del( ); + +@@ -233,7 +237,7 @@ static int set_param( hnd_t handle, x264 + dw *= sar; + else + dh /= sar; +-gf_isom_set_pixel_aspect_ratio( p_mp4->p_file, p_mp4->i_track, p_mp4->i_descidx, p_param->vui.i_sar_width, p_param->vui.i_sar_height ); ++gf_isom_set_pixel_aspect_ratio( p_mp4->p_file, p_mp4->i_track, p_mp4->i_descidx, p_param->vui.i_sar_width, p_param->vui.i_sar_height, 0 ); + gf_isom_set_track_layout_info( p_mp4->p_file, p_mp4->i_track, dw, dh, 0, 0, 0 ); + } + diff -Nru
Bug#991205: marked as done (unblock: deluge/2.0.3-3.1)
Your message dated Sat, 17 Jul 2021 17:50:19 + with message-id and subject line unblock deluge has caused the Debian Bug report #991205, regarding unblock: deluge/2.0.3-3.1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991205: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991205 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package deluge * Backport upstream fix for ngettext KeyError during deluge-console startup. (Closes: #988345) diff -Nru deluge-2.0.3/debian/changelog deluge-2.0.3/debian/changelog --- deluge-2.0.3/debian/changelog 2020-07-28 01:33:26.0 +0300 +++ deluge-2.0.3/debian/changelog 2021-07-15 14:57:18.0 +0300 @@ -1,3 +1,11 @@ +deluge (2.0.3-3.1) unstable; urgency=medium + + * Non-maintainer upload. + * Backport upstream fix for ngettext KeyError during deluge-console +startup. (Closes: #988345) + + -- Adrian Bunk Thu, 15 Jul 2021 14:57:18 +0300 + deluge (2.0.3-3) unstable; urgency=low [ Federico Ceratto ] diff -Nru deluge-2.0.3/debian/patches/0001-Fix-warning-related-to-gettext.patch deluge-2.0.3/debian/patches/0001-Fix-warning-related-to-gettext.patch --- deluge-2.0.3/debian/patches/0001-Fix-warning-related-to-gettext.patch 1970-01-01 02:00:00.0 +0200 +++ deluge-2.0.3/debian/patches/0001-Fix-warning-related-to-gettext.patch 2021-07-15 14:45:27.0 +0300 @@ -0,0 +1,25 @@ +From d6c96d629183e8bab2167ef56457f994017e7c85 Mon Sep 17 00:00:00 2001 +From: neeshy +Date: Sat, 18 Apr 2020 23:23:51 -0400 +Subject: Fix warning related to gettext + +--- + deluge/i18n/util.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/deluge/i18n/util.py b/deluge/i18n/util.py +index bd002f7a2..90568fc5b 100644 +--- a/deluge/i18n/util.py b/deluge/i18n/util.py +@@ -114,7 +114,7 @@ def setup_translation(): + # Workaround for Python 2 unicode gettext (keyword removed in Py3). + kwargs = {} if not deluge.common.PY2 else {'unicode': True} + +-gettext.install(I18N_DOMAIN, translations_path, names='ngettext', **kwargs) ++gettext.install(I18N_DOMAIN, translations_path, names=['ngettext'], **kwargs) + builtins.__dict__['_n'] = builtins.__dict__['ngettext'] + + libintl = None +-- +2.20.1 + diff -Nru deluge-2.0.3/debian/patches/series deluge-2.0.3/debian/patches/series --- deluge-2.0.3/debian/patches/series 2019-08-25 19:13:11.0 +0300 +++ deluge-2.0.3/debian/patches/series 2021-07-15 14:45:42.0 +0300 @@ -1 +1,2 @@ new_release_check.patch +0001-Fix-warning-related-to-gettext.patch --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Bug#991119: unblock: postsrsd/1.10-2
Control: tags -1 confirmed moreinfo On 2021-07-14 21:48:50, Oxan van Leeuwen wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > > Please unblock package postsrsd > > [ Reason ] > Security fix for CVE-2021-35525. > > [ Impact ] > Package is vulnerable to a potential DoS attack. > > [ Tests ] > Tests from upstream backported, testsuite from upstream passes, manually > tested > functionality. > > [ Risks ] > Fix is a one-to-one backport from upstream, modulus formatting changes. > > [ Checklist ] > [x] all changes are documented in the d/changelog > [x] I reviewed all changes and I approve them > [x] attach debdiff against the package in testing > > [ Other info ] > N/A > > unblock postsrsd/1.10-2 If this is a pre-approval request, please go ahead and remove the moreinfo tag once the new version is available in unstable. Cheers > diff -Nru postsrsd-1.10/debian/changelog postsrsd-1.10/debian/changelog > --- postsrsd-1.10/debian/changelog2020-12-02 22:36:36.0 +0100 > +++ postsrsd-1.10/debian/changelog2021-07-14 21:21:11.0 +0200 > @@ -1,4 +1,12 @@ > -postsrsd (1.10-1) UNRELEASED; urgency=medium > +postsrsd (1.10-2) UNRELEASED; urgency=medium > + > + * Fix CVE-2021-35525: potential DoS when Postfix sends certain long data > +fields such as multiple concatenated email addresses. Fix backported from > +upstream commit 077be98d8c8. (Closes: #990439) > + > + -- Oxan van Leeuwen Wed, 14 Jul 2021 21:21:11 > +0200 > + > +postsrsd (1.10-1) unstable; urgency=medium > >* New upstream release (Closes: #975633) >* Drop patches integrated upstream > diff -Nru > postsrsd-1.10/debian/patches/0002-SECURITY-Fix-DoS-on-overly-long-input-from-Postfix.patch > > postsrsd-1.10/debian/patches/0002-SECURITY-Fix-DoS-on-overly-long-input-from-Postfix.patch > --- > postsrsd-1.10/debian/patches/0002-SECURITY-Fix-DoS-on-overly-long-input-from-Postfix.patch > 1970-01-01 01:00:00.0 +0100 > +++ > postsrsd-1.10/debian/patches/0002-SECURITY-Fix-DoS-on-overly-long-input-from-Postfix.patch > 2021-07-14 21:21:11.0 +0200 > @@ -0,0 +1,211 @@ > +From: =?utf-8?q?Timo_R=C3=B6hling?= > +Date: Sun, 21 Mar 2021 15:27:55 +0100 > +Subject: SECURITY: Fix DoS on overly long input from Postfix > +MIME-Version: 1.0 > +Content-Type: text/plain; charset="utf-8" > +Content-Transfer-Encoding: 8bit > + > +Thanks to Mateusz Jończyk who reported this issue and gave valuable > +feedback for its resolution. > + > +PostSRSd would hang on an overly long GET request, because the > +fread()/fwrite() logic in the subprocess would get confused by the > +remaining input line in its buffer. > + > +Theoretically, this error should never occur, as Postfix is supposed to > +send valid email addresses only, which are shorter than the buffer, even > +assuming every single character is percent-encoded. However, Postfix > +sometimes does seem to send malformed request with multiple concatenated > +email addresses. I'm not sure if there's a reliable way to trigger this > +condition by an external attacker, but it is a security bug in PostSRSd > +nevertheless. > + > +Fixes CVE-2021-35525. > + > +Origin: > https://github.com/roehling/postsrsd/commit/077be98d8c8a9847e4ae0c7dc09e7474cbe27db2 > +Forwarded: not-needed > +Last-Update: 2021-07-14 > +--- > + postsrsd.c | 52 > ++--- > + run_postsrsd_tests.bats | 40 + > + 2 files changed, 68 insertions(+), 24 deletions(-) > + > +diff --git a/postsrsd.c b/postsrsd.c > +index c009d8f..5ebf7f6 100644 > +--- a/postsrsd.c > b/postsrsd.c > +@@ -518,9 +518,9 @@ int main (int argc, char **argv) > + fds[sc].events = POLLIN; > + } > + while(TRUE) { > + int conn; > +-FILE *fp; > ++FILE *fp_read, *fp_write; > + char linebuf[1024], *line; > + char keybuf[1024], *key; > + > + if (poll(fds, socket_count, 1000) < 0) { > +@@ -540,41 +540,53 @@ int main (int argc, char **argv) > + int i; > + // close listen sockets so that we don't stop the main daemon > process from restarting > + for (i = 0; i < socket_count; ++i) close (sockets[i]); > + > +- fp = fdopen(conn, "r+"); > +- if (fp == NULL) exit(EXIT_FAILURE); > +- fds[0].fd = conn; > +- fds[0].events = POLLIN; > +- if (poll(fds, 1, timeout * 1000) <= 0) return EXIT_FAILURE; > +- line = fgets(linebuf, sizeof(linebuf), fp); > +- while (line) { > +-fseek (fp, 0, SEEK_CUR); /* Workaround for Solaris */ > ++ /* create separate input/output streams */ > ++ fp_read = fdopen(conn, "r"); > ++ if (fp_read == NULL) > ++return EXIT_FAILURE; > ++ fp_write = fdopen(dup(conn), "w"); > ++ if (fp_write == NULL) return EXIT_FAILURE; > ++ errno = 0; > ++
Processed: Re: Bug#991119: unblock: postsrsd/1.10-2
Processing control commands: > tags -1 confirmed moreinfo Bug #991119 [release.debian.org] unblock: postsrsd/1.10-2 Added tag(s) moreinfo and confirmed. -- 991119: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991119 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#991201: marked as done (unblock: refpolicy/2:2.20210203-7)
Your message dated Sat, 17 Jul 2021 17:41:09 + with message-id and subject line unblock refpolicy has caused the Debian Bug report #991201, regarding unblock: refpolicy/2:2.20210203-7 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991201: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991201 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package refpolicy [ Reason ] Improvement to policy for certbot, dhcp, mon, fsadm, and java. [ Impact ] This allows certbot to work out of the box on the first run. It correctly labels dhclient hooks scripts and wide-dhcpv6-client hooks. Changes to mon and fsadm policy support megaraid (AKA PERC) RAID controllers. Made the Java policy work for JRE 17. [ Tests ] Tested all of this manually. [ Risks ] No real risk, just added new allow rules. [ Checklist ] [X] all changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in testing unblock refpolicy/2:2.20210203-7 diff -Nru refpolicy-2.20210203/debian/changelog refpolicy-2.20210203/debian/changelog --- refpolicy-2.20210203/debian/changelog 2021-05-08 17:55:06.0 +1000 +++ refpolicy-2.20210203/debian/changelog 2021-06-14 09:47:05.0 +1000 @@ -1,3 +1,19 @@ +refpolicy (2:2.20210203-7) unstable; urgency=medium + + * Allow certbot to create /var/log/letsencrypt and /var/lib/letsencrypt + * Label /etc/wide-dhcpv6/dhcp6c-ifupdown /etc/wide-dhcpv6/dhcp6c-script +/etc/dhcp/dhclient-enter-hooks.d/* and /etc/dhcp/dhclient-exit-hooks.d/* +as bin_t. + * Allow mon_local_test_t to run smartctl in fsadm_t for megaraid and other +corner cases and allowed fsadm_t to read fsdaemon_var_lib_t. Dontaudit +fsadm_t inheriting file handles from mon_t. + * Allow fsadm_t to do a file type trans for creating +/dev/megaraid_sas_ioctl_node + * Allow java_t to exec bin_t and lib_t files for jspawnhelper, and to read +cgroup files. Needed for JRE 17 + + -- Russell Coker Mon, 14 Jun 2021 09:47:05 +1000 + refpolicy (2:2.20210203-6) unstable; urgency=medium * Add policy for cockpit web admin tool diff -Nru refpolicy-2.20210203/debian/patches/0027-services refpolicy-2.20210203/debian/patches/0027-services --- refpolicy-2.20210203/debian/patches/0027-services 2021-05-06 04:09:33.0 +1000 +++ refpolicy-2.20210203/debian/patches/0027-services 2021-06-14 09:47:05.0 +1000 @@ -217,26 +217,6 @@ dev_rw_xserver_misc(boinc_t) domain_read_all_domains_state(boinc_t) -Index: refpolicy-2.20210203/policy/modules/services/certbot.te -=== refpolicy-2.20210203.orig/policy/modules/services/certbot.te -+++ refpolicy-2.20210203/policy/modules/services/certbot.te -@@ -80,11 +80,15 @@ corenet_tcp_connect_dns_port(certbot_t) - # bind to http port for standalone mode - corenet_tcp_bind_http_port(certbot_t) - -+dev_read_urand(certbot_t) -+ - domain_use_interactive_fds(certbot_t) - - files_read_etc_files(certbot_t) - files_read_usr_files(certbot_t) - -+# dontaudit for attempts to write python cache files -+libs_dontaudit_write_lib_dirs(certbot_t) - libs_exec_ldconfig(certbot_t) - # for /usr/lib/gcc/x86_64-linux-gnu/8/collect2 - libs_exec_lib_files(certbot_t) Index: refpolicy-2.20210203/policy/modules/services/clamav.te === --- refpolicy-2.20210203.orig/policy/modules/services/clamav.te @@ -561,7 +541,7 @@ files_read_usr_files(mon_local_test_t) files_search_mnt(mon_local_test_t) files_search_spool(mon_local_test_t) -@@ -197,8 +203,11 @@ files_list_boot(mon_local_test_t) +@@ -197,9 +203,13 @@ files_list_boot(mon_local_test_t) fs_search_auto_mountpoints(mon_local_test_t) fs_getattr_nfs(mon_local_test_t) fs_getattr_xattr_fs(mon_local_test_t) @@ -571,9 +551,11 @@ +fs_read_cgroup_files(mon_local_test_t) +fs_search_cgroup_dirs(mon_local_test_t) fs_search_nfs(mon_local_test_t) ++fstools_domtrans(mon_local_test_t) storage_getattr_fixed_disk_dev(mon_local_test_t) -@@ -211,12 +220,14 @@ application_exec_all(mon_local_test_t) + storage_getattr_removable_dev(mon_local_test_t) +@@ -211,12 +221,14 @@ application_exec_all(mon_local_test_t) auth_use_nsswitch(mon_local_test_t) @@ -1765,3 +1747,130 @@ dontaudit inetd_t self:capability sys_tty_config; allow inetd_t self:process { setsched setexec setrlimit };
Processed: tagging 990977
Processing commands for cont...@bugs.debian.org: > tags 990977 + moreinfo Bug #990977 [release.debian.org] unblock: python-aiosqlite/0.16.1-2 Added tag(s) moreinfo. > thanks Stopping processing here. Please contact me if you need assistance. -- 990977: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990977 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: tagging 990977
Processing commands for cont...@bugs.debian.org: > tags 990977 - moreinfo Bug #990977 [release.debian.org] unblock: python-aiosqlite/0.16.1-2 Removed tag(s) moreinfo. > thanks Stopping processing here. Please contact me if you need assistance. -- 990977: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990977 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#991182: unblock: jailkit/2.21-4
Hi Graham, Thank you. Regards, Eriberto
Processed: your mail
Processing commands for cont...@bugs.debian.org: > tags 991091 - moreinfo Bug #991091 [release.debian.org] unblock: budgie-desktop/10.5.2-4 Removed tag(s) moreinfo. > End of message, stopping processing here. Please contact me if you need assistance. -- 991091: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991091 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#991211: unblock: debian-crossgrader/0.0.3+nmu3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package debian-crossgrader * Purge with --force-remove-protected in the third stage to avoid failures due to packages that recently became protected. (Closes: #990669) This regression caused by changes in bullseye was hidden when #968458 in python-apt made crossgrader fail even earlier. diff -Nru debian-crossgrader-0.0.3+nmu2/debian/changelog debian-crossgrader-0.0.3+nmu3/debian/changelog --- debian-crossgrader-0.0.3+nmu2/debian/changelog 2020-12-12 23:22:05.0 +0200 +++ debian-crossgrader-0.0.3+nmu3/debian/changelog 2021-07-14 20:23:38.0 +0300 @@ -1,3 +1,12 @@ +debian-crossgrader (0.0.3+nmu3) unstable; urgency=medium + + * Non-maintainer upload. + * Purge with --force-remove-protected in the third stage to +avoid failures due to packages that recently became protected. +(Closes: #990669) + + -- Adrian Bunk Wed, 14 Jul 2021 20:23:38 +0300 + debian-crossgrader (0.0.3+nmu2) unstable; urgency=medium * NMU diff -Nru debian-crossgrader-0.0.3+nmu2/debian_crossgrader/__main__.py debian-crossgrader-0.0.3+nmu3/debian_crossgrader/__main__.py --- debian-crossgrader-0.0.3+nmu2/debian_crossgrader/__main__.py 2020-09-06 19:13:29.0 +0300 +++ debian-crossgrader-0.0.3+nmu3/debian_crossgrader/__main__.py 2021-07-11 19:22:28.0 +0300 @@ -138,7 +138,7 @@ return if cont == 'y': -subprocess.check_call(['dpkg', '--purge'] + targets) +subprocess.check_call(['dpkg', '--purge', '--force-remove-protected'] + targets) remaining = apt_utils.get_arch_packages(foreign_arch) if args.packages: remaining = [pkg_name for pkg_name in remaining if pkg_name not in args.packages]
Bug#991210: unblock: conmon/2.0.25+ds1-1.1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package conmon * Add upstream fix to not make container runtime processes unkillable. (Closes: #990263) I am not convinced that the lowering to non-RC of the bug was appropriate, but this is moot if the fix goes into bullseye. diff -Nru conmon-2.0.25+ds1/debian/changelog conmon-2.0.25+ds1/debian/changelog --- conmon-2.0.25+ds1/debian/changelog 2021-01-31 05:56:56.0 +0200 +++ conmon-2.0.25+ds1/debian/changelog 2021-07-14 20:46:07.0 +0300 @@ -1,3 +1,11 @@ +conmon (2.0.25+ds1-1.1) unstable; urgency=medium + + * Non-maintainer upload. + * Add upstream fix to not make container runtime processes +unkillable. (Closes: #990263) + + -- Adrian Bunk Wed, 14 Jul 2021 20:46:07 +0300 + conmon (2.0.25+ds1-1) unstable; urgency=medium * New upstream release diff -Nru conmon-2.0.25+ds1/debian/patches/0001-Reset-OOM-score-back-to-0-for-container-runtime.patch conmon-2.0.25+ds1/debian/patches/0001-Reset-OOM-score-back-to-0-for-container-runtime.patch --- conmon-2.0.25+ds1/debian/patches/0001-Reset-OOM-score-back-to-0-for-container-runtime.patch 1970-01-01 02:00:00.0 +0200 +++ conmon-2.0.25+ds1/debian/patches/0001-Reset-OOM-score-back-to-0-for-container-runtime.patch 2021-07-14 20:46:07.0 +0300 @@ -0,0 +1,76 @@ +From b033cb5dfde6de05e63408fc839f1bb641cddd85 Mon Sep 17 00:00:00 2001 +From: Mrunal Patel +Date: Thu, 27 May 2021 14:09:39 -0700 +Subject: Reset OOM score back to 0 for container runtime + +We don't want container runtime procesess to be unkillable +so we reset oom_score_adj back to 0 before execv +of the runtime process. + +Signed-off-by: Mrunal Patel +--- + src/conmon.c | 4 +++- + src/oom.c| 6 ++ + src/oom.h| 2 +- + 3 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/src/conmon.c b/src/conmon.c +index c349d6c..c6bd9f5 100644 +--- a/src/conmon.c b/src/conmon.c +@@ -41,7 +41,7 @@ int main(int argc, char *argv[]) + + process_cli(); + +- attempt_oom_adjust(); ++ attempt_oom_adjust("-1000"); + + /* ignoring SIGPIPE prevents conmon from being spuriously killed */ + signal(SIGPIPE, SIG_IGN); +@@ -275,6 +275,8 @@ int main(int argc, char *argv[]) + } + } + ++ // We don't want runc to be unkillable so we reset the oom_score_adj back to 0 ++ attempt_oom_adjust("0"); + execv(g_ptr_array_index(runtime_argv, 0), (char **)runtime_argv->pdata); + exit(127); + } +diff --git a/src/oom.c b/src/oom.c +index 5791777..0041a6b 100644 +--- a/src/oom.c b/src/oom.c +@@ -5,16 +5,14 @@ + #include + #include + +-#define OOM_SCORE "-1000" +- +-void attempt_oom_adjust() ++void attempt_oom_adjust(const char *const oom_score) + { + int oom_score_fd = open("/proc/self/oom_score_adj", O_WRONLY); + if (oom_score_fd < 0) { + ndebugf("failed to open /proc/self/oom_score_adj: %s\n", strerror(errno)); + return; + } +- if (write(oom_score_fd, OOM_SCORE, strlen(OOM_SCORE)) < 0) { ++ if (write(oom_score_fd, oom_score, strlen(oom_score)) < 0) { + ndebugf("failed to write to /proc/self/oom_score_adj: %s\n", strerror(errno)); + } + close(oom_score_fd); +diff --git a/src/oom.h b/src/oom.h +index 28e4178..9408c3b 100644 +--- a/src/oom.h b/src/oom.h +@@ -1,6 +1,6 @@ + #if !defined(OOM_H) + #define OOM_H + +-void attempt_oom_adjust(); ++void attempt_oom_adjust(const char *const oom_score); + + #endif // OOM_H +-- +2.20.1 + diff -Nru conmon-2.0.25+ds1/debian/patches/series conmon-2.0.25+ds1/debian/patches/series --- conmon-2.0.25+ds1/debian/patches/series 1970-01-01 02:00:00.0 +0200 +++ conmon-2.0.25+ds1/debian/patches/series 2021-07-14 20:46:07.0 +0300 @@ -0,0 +1 @@ +0001-Reset-OOM-score-back-to-0-for-container-runtime.patch
Bug#991207: unblock: dlib/19.10-3.1
On Sat, Jul 17, 2021 at 04:23:45PM +0300, Adrian Bunk wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > > Please unblock package dlib > > * Backport upstream fix for using cv_image.h with OpenCV 4, > thanks to Alexandr Podgorniy. (Closes: #990676) > > This fixes compiling code using cv_image.h with the bullseye OpenCV. And with debdiff attached. cu Adrian diff -Nru dlib-19.10/debian/changelog dlib-19.10/debian/changelog --- dlib-19.10/debian/changelog 2019-01-17 09:17:25.0 +0200 +++ dlib-19.10/debian/changelog 2021-07-15 17:19:19.0 +0300 @@ -1,3 +1,11 @@ +dlib (19.10-3.1) unstable; urgency=medium + + * Non-maintainer upload. + * Backport upstream fix for using cv_image.h with OpenCV 4, +thanks to Alexandr Podgorniy. (Closes: #990676) + + -- Adrian Bunk Thu, 15 Jul 2021 17:19:19 +0300 + dlib (19.10-3) unstable; urgency=medium * Team upload. diff -Nru dlib-19.10/debian/patches/0001-Fix-opencv-version-check-to-work-on-all-opencv-versi.patch dlib-19.10/debian/patches/0001-Fix-opencv-version-check-to-work-on-all-opencv-versi.patch --- dlib-19.10/debian/patches/0001-Fix-opencv-version-check-to-work-on-all-opencv-versi.patch 1970-01-01 02:00:00.0 +0200 +++ dlib-19.10/debian/patches/0001-Fix-opencv-version-check-to-work-on-all-opencv-versi.patch 2021-07-15 17:02:19.0 +0300 @@ -0,0 +1,33 @@ +From eea91537ac73498153266984da28c202965b75de Mon Sep 17 00:00:00 2001 +From: Davis King +Date: Sun, 22 Dec 2019 07:52:08 -0500 +Subject: Fix opencv version check to work on all opencv versions + +--- + dlib/opencv/cv_image.h | 9 + + 1 file changed, 9 insertions(+) + +diff --git a/dlib/opencv/cv_image.h b/dlib/opencv/cv_image.h +index 5f224d00..05af0551 100644 +--- a/dlib/opencv/cv_image.h b/dlib/opencv/cv_image.h +@@ -34,7 +34,16 @@ namespace dlib + << "\n\t img.channels(): " << img.channels() + << "\n\t img.pixel_traits::num: " << pixel_traits::num + ); ++// Note, do NOT use CV_VERSION_MAJOR because in OpenCV 2 CV_VERSION_MAJOR actually held ++// CV_VERSION_MINOR and instead they used CV_VERSION_EPOCH. So for example, in OpenCV ++// 2.4.9.1 CV_VERSION_MAJOR==4 and CV_VERSION_EPOCH==2. However, CV_MAJOR_VERSION has always ++// (seemingly) held the actual major version number, so we use that to test for the OpenCV major ++// version. ++#if CV_MAJOR_VERSION > 3 ++IplImage temp = cvIplImage(img); ++#else + IplImage temp = img; ++#endif + init(); + } + +-- +2.20.1 + diff -Nru dlib-19.10/debian/patches/series dlib-19.10/debian/patches/series --- dlib-19.10/debian/patches/series2019-01-17 08:43:25.0 +0200 +++ dlib-19.10/debian/patches/series2021-07-15 17:19:17.0 +0300 @@ -1 +1,2 @@ fix-soname.patch +0001-Fix-opencv-version-check-to-work-on-all-opencv-versi.patch
Bug#991209: unblock: minetest/5.3.0+repack-2.1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package minetest * Add upstream fix for errors caused by missing param2 in falling.lua, thanks to Craig Small. (Closes: #990923) diff -Nru minetest-5.3.0+repack/debian/changelog minetest-5.3.0+repack/debian/changelog --- minetest-5.3.0+repack/debian/changelog 2021-01-31 15:41:26.0 +0200 +++ minetest-5.3.0+repack/debian/changelog 2021-07-15 18:55:57.0 +0300 @@ -1,3 +1,11 @@ +minetest (5.3.0+repack-2.1) unstable; urgency=medium + + * Non-maintainer upload. + * Add upstream fix for errors caused by missing param2 +in falling.lua, thanks to Craig Small. (Closes: #990923) + + -- Adrian Bunk Thu, 15 Jul 2021 18:55:57 +0300 + minetest (5.3.0+repack-2) unstable; urgency=medium * Team upload. diff -Nru minetest-5.3.0+repack/debian/patches/0001-Falling-Fix-error-caused-by-missing-param2.patch minetest-5.3.0+repack/debian/patches/0001-Falling-Fix-error-caused-by-missing-param2.patch --- minetest-5.3.0+repack/debian/patches/0001-Falling-Fix-error-caused-by-missing-param2.patch 1970-01-01 02:00:00.0 +0200 +++ minetest-5.3.0+repack/debian/patches/0001-Falling-Fix-error-caused-by-missing-param2.patch 2021-07-15 18:55:34.0 +0300 @@ -0,0 +1,26 @@ +From aba8c3753162320c7cc8a66913ad82f4f1fd0d8b Mon Sep 17 00:00:00 2001 +From: SmallJoker +Date: Thu, 30 Jul 2020 19:03:48 +0200 +Subject: Falling: Fix error caused by missing param2 + +Falling nodes that were spawned prior the recent falling node changes did not require param2. +Default to param2 = 0 when none is found in the node data. +--- + builtin/game/falling.lua | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/builtin/game/falling.lua b/builtin/game/falling.lua +index 714506a5f..4bfcca9e7 100644 +--- a/builtin/game/falling.lua b/builtin/game/falling.lua +@@ -52,6 +52,7 @@ core.register_entity(":__builtin:falling_node", { + floats = false, + + set_node = function(self, node, meta) ++ node.param2 = node.param2 or 0 + self.node = node + meta = meta or {} + if type(meta.to_table) == "function" then +-- +2.20.1 + diff -Nru minetest-5.3.0+repack/debian/patches/series minetest-5.3.0+repack/debian/patches/series --- minetest-5.3.0+repack/debian/patches/series 2021-01-31 11:43:36.0 +0200 +++ minetest-5.3.0+repack/debian/patches/series 2021-07-15 18:55:53.0 +0300 @@ -2,3 +2,4 @@ shared_mods.patch rawlua.patch postgresql.patch +0001-Falling-Fix-error-caused-by-missing-param2.patch
Bug#991201: unblock: refpolicy/2:2.20210203-7
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package refpolicy [ Reason ] Improvement to policy for certbot, dhcp, mon, fsadm, and java. [ Impact ] This allows certbot to work out of the box on the first run. It correctly labels dhclient hooks scripts and wide-dhcpv6-client hooks. Changes to mon and fsadm policy support megaraid (AKA PERC) RAID controllers. Made the Java policy work for JRE 17. [ Tests ] Tested all of this manually. [ Risks ] No real risk, just added new allow rules. [ Checklist ] [X] all changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in testing unblock refpolicy/2:2.20210203-7 diff -Nru refpolicy-2.20210203/debian/changelog refpolicy-2.20210203/debian/changelog --- refpolicy-2.20210203/debian/changelog 2021-05-08 17:55:06.0 +1000 +++ refpolicy-2.20210203/debian/changelog 2021-06-14 09:47:05.0 +1000 @@ -1,3 +1,19 @@ +refpolicy (2:2.20210203-7) unstable; urgency=medium + + * Allow certbot to create /var/log/letsencrypt and /var/lib/letsencrypt + * Label /etc/wide-dhcpv6/dhcp6c-ifupdown /etc/wide-dhcpv6/dhcp6c-script +/etc/dhcp/dhclient-enter-hooks.d/* and /etc/dhcp/dhclient-exit-hooks.d/* +as bin_t. + * Allow mon_local_test_t to run smartctl in fsadm_t for megaraid and other +corner cases and allowed fsadm_t to read fsdaemon_var_lib_t. Dontaudit +fsadm_t inheriting file handles from mon_t. + * Allow fsadm_t to do a file type trans for creating +/dev/megaraid_sas_ioctl_node + * Allow java_t to exec bin_t and lib_t files for jspawnhelper, and to read +cgroup files. Needed for JRE 17 + + -- Russell Coker Mon, 14 Jun 2021 09:47:05 +1000 + refpolicy (2:2.20210203-6) unstable; urgency=medium * Add policy for cockpit web admin tool diff -Nru refpolicy-2.20210203/debian/patches/0027-services refpolicy-2.20210203/debian/patches/0027-services --- refpolicy-2.20210203/debian/patches/0027-services 2021-05-06 04:09:33.0 +1000 +++ refpolicy-2.20210203/debian/patches/0027-services 2021-06-14 09:47:05.0 +1000 @@ -217,26 +217,6 @@ dev_rw_xserver_misc(boinc_t) domain_read_all_domains_state(boinc_t) -Index: refpolicy-2.20210203/policy/modules/services/certbot.te -=== refpolicy-2.20210203.orig/policy/modules/services/certbot.te -+++ refpolicy-2.20210203/policy/modules/services/certbot.te -@@ -80,11 +80,15 @@ corenet_tcp_connect_dns_port(certbot_t) - # bind to http port for standalone mode - corenet_tcp_bind_http_port(certbot_t) - -+dev_read_urand(certbot_t) -+ - domain_use_interactive_fds(certbot_t) - - files_read_etc_files(certbot_t) - files_read_usr_files(certbot_t) - -+# dontaudit for attempts to write python cache files -+libs_dontaudit_write_lib_dirs(certbot_t) - libs_exec_ldconfig(certbot_t) - # for /usr/lib/gcc/x86_64-linux-gnu/8/collect2 - libs_exec_lib_files(certbot_t) Index: refpolicy-2.20210203/policy/modules/services/clamav.te === --- refpolicy-2.20210203.orig/policy/modules/services/clamav.te @@ -561,7 +541,7 @@ files_read_usr_files(mon_local_test_t) files_search_mnt(mon_local_test_t) files_search_spool(mon_local_test_t) -@@ -197,8 +203,11 @@ files_list_boot(mon_local_test_t) +@@ -197,9 +203,13 @@ files_list_boot(mon_local_test_t) fs_search_auto_mountpoints(mon_local_test_t) fs_getattr_nfs(mon_local_test_t) fs_getattr_xattr_fs(mon_local_test_t) @@ -571,9 +551,11 @@ +fs_read_cgroup_files(mon_local_test_t) +fs_search_cgroup_dirs(mon_local_test_t) fs_search_nfs(mon_local_test_t) ++fstools_domtrans(mon_local_test_t) storage_getattr_fixed_disk_dev(mon_local_test_t) -@@ -211,12 +220,14 @@ application_exec_all(mon_local_test_t) + storage_getattr_removable_dev(mon_local_test_t) +@@ -211,12 +221,14 @@ application_exec_all(mon_local_test_t) auth_use_nsswitch(mon_local_test_t) @@ -1765,3 +1747,130 @@ dontaudit inetd_t self:capability sys_tty_config; allow inetd_t self:process { setsched setexec setrlimit }; allow inetd_t self:fifo_file rw_fifo_file_perms; +Index: refpolicy-2.20210203/policy/modules/kernel/corecommands.fc +=== +--- refpolicy-2.20210203.orig/policy/modules/kernel/corecommands.fc refpolicy-2.20210203/policy/modules/kernel/corecommands.fc +@@ -43,6 +43,8 @@ ifdef(`distro_redhat',` + /etc/cron\.monthly(/.*)? gen_context(system_u:object_r:bin_t,s0) + + /etc/dhcp/dhclient\.d(/.*)? gen_context(system_u:object_r:bin_t,s0) ++/etc/dhcp/dhclient-enter-hooks.d(/.*)? -- gen_context(system_u:object_r:bin_t,s0) ++/etc/dhcp/dhclient-exit-hooks.d(/.*)? -- gen_context(system_u:object_r:bin_t,s0) + + /etc/hotplug/.*agent --
Bug#991207: unblock: dlib/19.10-3.1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package dlib * Backport upstream fix for using cv_image.h with OpenCV 4, thanks to Alexandr Podgorniy. (Closes: #990676) This fixes compiling code using cv_image.h with the bullseye OpenCV.
Bug#991189: marked as done (unblock: fail2ban/0.11.2-2)
Your message dated Sat, 17 Jul 2021 14:33:17 +0200 with message-id and subject line Re: Bug#991189: unblock: fail2ban/0.11.2-2 has caused the Debian Bug report #991189, regarding unblock: fail2ban/0.11.2-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991189: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991189 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: car...@debian.org,t...@security.debian.org,sylves...@debian.org Hi Release Team! Please unblock package fail2ban fail2ban is affected by CVE-2021-32749, see detailed advisory in https://github.com/fail2ban/fail2ban/security/advisories/GHSA-m985-3f3v-cwmm, which is a possible remote code execution vulnerability in the mailing action mail-whois. The idea is to have it fixed in the upper suite first, later for buster a point release update could follow. unblock fail2ban/0.11.2-2 Regards, Salvatore diff -Nru fail2ban-0.11.2/debian/changelog fail2ban-0.11.2/debian/changelog --- fail2ban-0.11.2/debian/changelog2020-11-26 13:47:53.0 +0100 +++ fail2ban-0.11.2/debian/changelog2021-07-12 06:52:40.0 +0200 @@ -1,3 +1,9 @@ +fail2ban (0.11.2-2) unstable; urgency=high + + * Fix a problem with mail + + -- Sylvestre Ledru Mon, 12 Jul 2021 06:52:40 +0200 + fail2ban (0.11.2-1) unstable; urgency=medium * New upstream release diff -Nru fail2ban-0.11.2/debian/patches/fix-mail.patch fail2ban-0.11.2/debian/patches/fix-mail.patch --- fail2ban-0.11.2/debian/patches/fix-mail.patch 1970-01-01 01:00:00.0 +0100 +++ fail2ban-0.11.2/debian/patches/fix-mail.patch 2021-07-12 06:50:21.0 +0200 @@ -0,0 +1,147 @@ + config/action.d/complain.conf | 2 +- + config/action.d/dshield.conf | 2 +- + config/action.d/mail-buffered.conf| 8 + config/action.d/mail-whois-lines.conf | 2 +- + config/action.d/mail-whois.conf | 6 +++--- + config/action.d/mail.conf | 6 +++--- + 6 files changed, 13 insertions(+), 13 deletions(-) + +diff --git a/config/action.d/complain.conf b/config/action.d/complain.conf +index 3a5f882c..4d73b058 100644 +--- a/config/action.d/complain.conf b/config/action.d/complain.conf +@@ -102,7 +102,7 @@ logpath = /dev/null + # Notes.: Your system mail command. Is passed 2 args: subject and recipient + # Values: CMD + # +-mailcmd = mail -s ++mailcmd = mail -E 'set escape' -s + + # Option: mailargs + # Notes.: Additional arguments to mail command. e.g. for standard Unix mail: +diff --git a/config/action.d/dshield.conf b/config/action.d/dshield.conf +index c128bef3..3d5a7a53 100644 +--- a/config/action.d/dshield.conf b/config/action.d/dshield.conf +@@ -179,7 +179,7 @@ tcpflags = + # Notes.: Your system mail command. Is passed 2 args: subject and recipient + # Values: CMD + # +-mailcmd = mail -s ++mailcmd = mail -E 'set escape' -s + + # Option: mailargs + # Notes.: Additional arguments to mail command. e.g. for standard Unix mail: +diff --git a/config/action.d/mail-buffered.conf b/config/action.d/mail-buffered.conf +index 325f185b..79b84104 100644 +--- a/config/action.d/mail-buffered.conf b/config/action.d/mail-buffered.conf +@@ -17,7 +17,7 @@ actionstart = printf %%b "Hi,\n + The jail has been started successfully.\n + Output will be buffered until lines are available.\n + Regards,\n +- Fail2Ban"|mail -s "[Fail2Ban] : started on " ++ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] : started on " + + # Option: actionstop + # Notes.: command executed at the stop of jail (or at the end of Fail2Ban) +@@ -28,13 +28,13 @@ actionstop = if [ -f ]; then + These hosts have been banned by Fail2Ban.\n + `cat ` + Regards,\n +- Fail2Ban"|mail -s "[Fail2Ban] : Summary from " ++ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] : Summary from " + rm + fi + printf %%b "Hi,\n + The jail has been stopped.\n + Regards,\n +- Fail2Ban"|mail -s "[Fail2Ban] : stopped on " ++ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] : stopped on " + + # Option: actioncheck + # Notes.: command executed once before each actionban command +@@ -55,7 +55,7 @@ actionban = printf %%b "`date`: ( failures)\n" >> + These hosts have been banned by Fail2Ban.\n +
Bug#991206: unblock: x264/2:0.160.3011+gitcde9a93-2.1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package x264 * Backport upstream fix to support GPAC >= 0.8.0. (Closes: #975441) This fixes a regression from buster by restoring MP4 output in the x264 binary, the library is unchanged. diff -Nru x264-0.160.3011+gitcde9a93/debian/changelog x264-0.160.3011+gitcde9a93/debian/changelog --- x264-0.160.3011+gitcde9a93/debian/changelog 2020-07-26 17:52:56.0 +0300 +++ x264-0.160.3011+gitcde9a93/debian/changelog 2021-07-15 15:06:22.0 +0300 @@ -1,3 +1,10 @@ +x264 (2:0.160.3011+gitcde9a93-2.1) unstable; urgency=medium + + * Non-maintainer upload. + * Backport upstream fix to support GPAC >= 0.8.0. (Closes: #975441) + + -- Adrian Bunk Thu, 15 Jul 2021 15:06:22 +0300 + x264 (2:0.160.3011+gitcde9a93-2) unstable; urgency=medium * Team upload diff -Nru x264-0.160.3011+gitcde9a93/debian/patches/0001-mp4-Update-GPAC-support-to-v0.8.0-or-later.patch x264-0.160.3011+gitcde9a93/debian/patches/0001-mp4-Update-GPAC-support-to-v0.8.0-or-later.patch --- x264-0.160.3011+gitcde9a93/debian/patches/0001-mp4-Update-GPAC-support-to-v0.8.0-or-later.patch 1970-01-01 02:00:00.0 +0200 +++ x264-0.160.3011+gitcde9a93/debian/patches/0001-mp4-Update-GPAC-support-to-v0.8.0-or-later.patch 2021-07-15 15:06:22.0 +0300 @@ -0,0 +1,58 @@ +From 7c2004b58c26da661618262c9c06b73ad3a9ff6c Mon Sep 17 00:00:00 2001 +From: "A. David" +Date: Thu, 2 Jul 2020 19:45:50 +0200 +Subject: mp4: Update GPAC support to v0.8.0 or later + +--- + configure| 5 +++-- + output/mp4.c | 6 +- + 2 files changed, 8 insertions(+), 3 deletions(-) + +Index: x264-0.160.3011+gitcde9a93/configure +=== +--- x264-0.160.3011+gitcde9a93.orig/configure x264-0.160.3011+gitcde9a93/configure +@@ -1240,15 +1240,16 @@ if [ "$gpac" = "auto" -a "$lsmash" != "y + gpac="no" + GPAC_LIBS="-lgpac" + cc_check "" -lz && GPAC_LIBS="$GPAC_LIBS -lz" ++cc_check "" -ldl && GPAC_LIBS="$GPAC_LIBS -ldl" + if [ "$SYS" = "WINDOWS" ] ; then + cc_check "" -lws2_32 && GPAC_LIBS="$GPAC_LIBS -lws2_32" + cc_check "" -lwinmm && GPAC_LIBS="$GPAC_LIBS -lwinmm" + fi + if cc_check gpac/isomedia.h "$GPAC_LIBS" "gf_isom_close(0);" ; then +-if cc_check gpac/isomedia.h "$GPAC_LIBS" "gf_isom_set_pixel_aspect_ratio(0,0,0,0,0);" ; then ++if cc_check gpac/isomedia.h "$GPAC_LIBS" "gf_isom_set_pixel_aspect_ratio(0,0,0,0,0,0);" ; then + gpac="yes" + else +-echo "Warning: gpac is too old, update to 2007-06-21 UTC or later" ++echo "Warning: gpac is too old, update to v0.8.0 or later" + fi + fi + fi +Index: x264-0.160.3011+gitcde9a93/output/mp4.c +=== +--- x264-0.160.3011+gitcde9a93.orig/output/mp4.c x264-0.160.3011+gitcde9a93/output/mp4.c +@@ -147,7 +147,11 @@ static int close_file( hnd_t handle, int + { + uint32_t mvhd_timescale = gf_isom_get_timescale( p_mp4->p_file ); + uint64_t tkhd_duration = (uint64_t)( mdhd_duration * ( (double)mvhd_timescale / p_mp4->i_time_res ) ); ++#if GPAC_VERSION_MAJOR > 8 ++gf_isom_append_edit( p_mp4->p_file, p_mp4->i_track, tkhd_duration, sample->CTS_Offset, GF_ISOM_EDIT_NORMAL ); ++#else + gf_isom_append_edit_segment( p_mp4->p_file, p_mp4->i_track, tkhd_duration, sample->CTS_Offset, GF_ISOM_EDIT_NORMAL ); ++#endif + } + gf_isom_sample_del( ); + +@@ -233,7 +237,7 @@ static int set_param( hnd_t handle, x264 + dw *= sar; + else + dh /= sar; +-gf_isom_set_pixel_aspect_ratio( p_mp4->p_file, p_mp4->i_track, p_mp4->i_descidx, p_param->vui.i_sar_width, p_param->vui.i_sar_height ); ++gf_isom_set_pixel_aspect_ratio( p_mp4->p_file, p_mp4->i_track, p_mp4->i_descidx, p_param->vui.i_sar_width, p_param->vui.i_sar_height, 0 ); + gf_isom_set_track_layout_info( p_mp4->p_file, p_mp4->i_track, dw, dh, 0, 0, 0 ); + } + diff -Nru x264-0.160.3011+gitcde9a93/debian/patches/series x264-0.160.3011+gitcde9a93/debian/patches/series --- x264-0.160.3011+gitcde9a93/debian/patches/series2020-06-21 12:40:55.0 +0300 +++ x264-0.160.3011+gitcde9a93/debian/patches/series2021-07-15 15:06:22.0 +0300 @@ -1,2 +1,3 @@ link_gpac_dynamically.patch properly_detect_x32.patch +0001-mp4-Update-GPAC-support-to-v0.8.0-or-later.patch
Processed: Re: Bug#991189: unblock: fail2ban/0.11.2-2
Processing control commands: > tags -1 - moreinfo Bug #991189 [release.debian.org] unblock: fail2ban/0.11.2-2 Removed tag(s) moreinfo. -- 991189: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991189 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#991189: unblock: fail2ban/0.11.2-2
Control: tags -1 - moreinfo Hi Graham, On Sat, Jul 17, 2021 at 01:58:57PM +0200, Graham Inggs wrote: > Control: tags -1 + moreinfo > > Hi Salvatore > > On Fri, 16 Jul 2021 at 21:24, Salvatore Bonaccorso wrote: > > fail2ban is affected by CVE-2021-32749, see detailed advisory in > > https://github.com/fail2ban/fail2ban/security/advisories/GHSA-m985-3f3v-cwmm, > > which is a possible remote code execution vulnerability in the mailing > > action mail-whois. > > fail2ban (0.11.2-2) unstable; urgency=high > > * Fix a problem with mail > > -- Sylvestre Ledru Mon, 12 Jul 2021 06:52:40 +0200 > > Would it be better to have the CVE mentioned in the changelog? Right, the description could have been more descriptive but is caused by the following: The issue was not yet public at the time of the upload, nor the CVE, but upstream was fine to Debian first issue an update and then publish the GHSA. This was the reason that the changelog entry gives not detail on what is wrong with mail. We could re-trospectively ask for -3 with a more descriptive changelog entry and include the CVE, but I would suggest to just unblock what we have. Regards, Salvatore
Bug#991203: marked as done (unblock: python-dbussy/1.3-1.1)
Your message dated Sat, 17 Jul 2021 14:20:54 +0200 with message-id and subject line Re: Bug#991203: unblock: python-dbussy/1.3-1.1 has caused the Debian Bug report #991203, regarding unblock: python-dbussy/1.3-1.1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991203: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991203 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package python-dbussy * Backport upstream fix to ensure that Type objects always have a code field. (Closes: #978544) --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Bug#991202: marked as done (unblock: dask.distributed/2021.01.0+ds.1-2.1)
Your message dated Sat, 17 Jul 2021 14:11:33 +0200 with message-id and subject line Re: Bug#991202: unblock: dask.distributed/2021.01.0+ds.1-2.1 has caused the Debian Bug report #991202, regarding unblock: dask.distributed/2021.01.0+ds.1-2.1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991202: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991202 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package dask.distributed * Backport upstream fix removing tests that fail under some circumstances. (Closes: #987816) * python-distributed-doc: Fix broken symlink to html5shiv.min.js, dh_link needs absolute paths. (Closes: #988675) diff -Nru dask.distributed-2021.01.0+ds.1/debian/changelog dask.distributed-2021.01.0+ds.1/debian/changelog --- dask.distributed-2021.01.0+ds.1/debian/changelog2021-02-01 22:08:19.0 +0200 +++ dask.distributed-2021.01.0+ds.1/debian/changelog2021-07-13 19:19:56.0 +0300 @@ -1,3 +1,13 @@ +dask.distributed (2021.01.0+ds.1-2.1) unstable; urgency=medium + + * Non-maintainer upload. + * Backport upstream fix removing tests that fail under some +circumstances. (Closes: #987816) + * python-distributed-doc: Fix broken symlink to html5shiv.min.js, +dh_link needs absolute paths. (Closes: #988675) + + -- Adrian Bunk Tue, 13 Jul 2021 19:19:56 +0300 + dask.distributed (2021.01.0+ds.1-2) unstable; urgency=medium * Add fall-back-to-ipv6-localhost.patch to work around ipv6 networking diff -Nru dask.distributed-2021.01.0+ds.1/debian/patches/0001-Remove-tests-for-process_time-and-thread_time-4895.patch dask.distributed-2021.01.0+ds.1/debian/patches/0001-Remove-tests-for-process_time-and-thread_time-4895.patch --- dask.distributed-2021.01.0+ds.1/debian/patches/0001-Remove-tests-for-process_time-and-thread_time-4895.patch 1970-01-01 02:00:00.0 +0200 +++ dask.distributed-2021.01.0+ds.1/debian/patches/0001-Remove-tests-for-process_time-and-thread_time-4895.patch 2021-07-13 19:19:56.0 +0300 @@ -0,0 +1,73 @@ +From 668f3f1d38c27277448af6f5aa88741cd1d33f3b Mon Sep 17 00:00:00 2001 +From: James Bourbeau +Date: Wed, 9 Jun 2021 08:57:53 -0500 +Subject: Remove tests for `process_time` and `thread_time` (#4895) + +--- + distributed/tests/test_metrics.py | 46 --- + 1 file changed, 46 deletions(-) + +diff --git a/distributed/tests/test_metrics.py b/distributed/tests/test_metrics.py +index 3a27e638..58c33266 100644 +--- a/distributed/tests/test_metrics.py b/distributed/tests/test_metrics.py +@@ -1,9 +1,6 @@ +-import sys +-import threading + import time + + from distributed import metrics +-from distributed.utils_test import run_for + + + def test_wall_clock(): +@@ -18,46 +15,3 @@ def test_wall_clock(): + assert any(lambda d: 0.0 < d < 0.0001 for d in deltas), deltas + # Close to time.time() + assert t - 0.5 < samples[0] < t + 0.5 +- +- +-def test_process_time(): +-start = metrics.process_time() +-run_for(0.05) +-dt = metrics.process_time() - start +-assert 0.03 <= dt <= 0.2 +- +-# All threads counted +-t = threading.Thread(target=run_for, args=(0.1,)) +-start = metrics.process_time() +-t.start() +-t.join() +-dt = metrics.process_time() - start +-assert dt >= 0.05 +- +-# Sleep time not counted +-start = metrics.process_time() +-time.sleep(0.1) +-dt = metrics.process_time() - start +-assert dt <= 0.05 +- +- +-def test_thread_time(): +-start = metrics.thread_time() +-run_for(0.05) +-dt = metrics.thread_time() - start +-assert 0.03 <= dt <= 0.2 +- +-# Sleep time not counted +-start = metrics.thread_time() +-time.sleep(0.1) +-dt = metrics.thread_time() - start +-assert dt <= 0.05 +- +-if sys.platform == "linux": +-# Always per-thread on Linux +-t = threading.Thread(target=run_for, args=(0.1,)) +-start = metrics.thread_time() +-t.start() +-t.join() +-dt = metrics.thread_time() - start +-assert dt <= 0.05 +-- +2.20.1 + diff -Nru dask.distributed-2021.01.0+ds.1/debian/patches/series dask.distributed-2021.01.0+ds.1/debian/patches/series --- dask.distributed-2021.01.0+ds.1/debian/patches/series 2021-02-01 21:51:15.0 +0200 +++ dask.distributed-2021.01.0+ds.1/debian/patches/series 2021-07-13 19:19:56.0 +0300 @@ -7,3 +7,4 @@
Bug#991200: marked as done (unblock: python2.7/2.7.18-8)
Your message dated Sat, 17 Jul 2021 14:04:01 +0200 with message-id and subject line Re: Bug#991200: unblock: python2.7/2.7.18-8 has caused the Debian Bug report #991200, regarding unblock: python2.7/2.7.18-8 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991200: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991200 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: Andreas Beckmann Please unblock python2.7/2.7.18-8, just adding some breaks for smoother upgrades as requested in #990520. No code changes. The debdiff is in the bug report. --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Processed: Re: Bug#991189: unblock: fail2ban/0.11.2-2
Processing control commands: > tags -1 + moreinfo Bug #991189 [release.debian.org] unblock: fail2ban/0.11.2-2 Added tag(s) moreinfo. -- 991189: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991189 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#991189: unblock: fail2ban/0.11.2-2
Control: tags -1 + moreinfo Hi Salvatore On Fri, 16 Jul 2021 at 21:24, Salvatore Bonaccorso wrote: > fail2ban is affected by CVE-2021-32749, see detailed advisory in > https://github.com/fail2ban/fail2ban/security/advisories/GHSA-m985-3f3v-cwmm, > which is a possible remote code execution vulnerability in the mailing > action mail-whois. fail2ban (0.11.2-2) unstable; urgency=high * Fix a problem with mail -- Sylvestre Ledru Mon, 12 Jul 2021 06:52:40 +0200 Would it be better to have the CVE mentioned in the changelog? Regards Graham
Bug#991203: unblock: python-dbussy/1.3-1.1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package python-dbussy * Backport upstream fix to ensure that Type objects always have a code field. (Closes: #978544)
Bug#991186: marked as done (unblock: trafficserver/8.1.1+ds-1.1)
Your message dated Sat, 17 Jul 2021 13:52:37 +0200 with message-id and subject line Re: Bug#991186: unblock: trafficserver/8.1.1+ds-1.1 has caused the Debian Bug report #991186, regarding unblock: trafficserver/8.1.1+ds-1.1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991186: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991186 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: car...@debian.org,j...@debian.org,deb...@jbfavre.org Hi release team, Please unblock package trafficserver [ Reason ] Trafficserver is affected by several CVEs, covered in #990303 and are CVE-2021-27577, CVE-2021-32565, CVE-2021-32566, CVE-2021-32567 and CVE-2021-35474.. [ Impact ] Security issues remain open in bullseye (for now). But it is planned to release a DSA for buster. So we want to make sure the fixes are already present in the upper suite before it's release. [ Tests ] None further specifically. [ Risks ] Targetted upstream patch applied without problem. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] None. unblock trafficserver/8.1.1+ds-1.1 Regards, Salvatore diff -Nru trafficserver-8.1.1+ds/debian/changelog trafficserver-8.1.1+ds/debian/changelog --- trafficserver-8.1.1+ds/debian/changelog 2020-12-06 16:26:39.0 +0100 +++ trafficserver-8.1.1+ds/debian/changelog 2021-07-15 21:48:17.0 +0200 @@ -1,3 +1,20 @@ +trafficserver (8.1.1+ds-1.1) unstable; urgency=medium + + * Non-maintainer upload. + * Address CVE-2021-27577, CVE-2021-32565, CVE-2021-32566, CVE-2021-32567 and +CVE-2021-35474. +- CVE-2021-27577: Incorrect handling of url fragment leads to cache + poisoning +- CVE-2021-32565: HTTP Request Smuggling, content length with invalid + charters +- CVE-2021-32566: Specific sequence of HTTP/2 frames can cause ATS to + crash +- CVE-2021-32567: Reading HTTP/2 frames too many times +- CVE-2021-35474: Dynamic stack buffer overflow in cachekey plugin +(Closes: #990303) + + -- Salvatore Bonaccorso Thu, 15 Jul 2021 21:48:17 +0200 + trafficserver (8.1.1+ds-1) unstable; urgency=medium * New upstream version 8.1.0+ds diff -Nru trafficserver-8.1.1+ds/debian/patches/0018-Fixes-7971.patch trafficserver-8.1.1+ds/debian/patches/0018-Fixes-7971.patch --- trafficserver-8.1.1+ds/debian/patches/0018-Fixes-7971.patch 1970-01-01 01:00:00.0 +0100 +++ trafficserver-8.1.1+ds/debian/patches/0018-Fixes-7971.patch 2021-07-15 21:45:16.0 +0200 @@ -0,0 +1,153 @@ +From: Evan Zelkowitz +Date: Tue, 22 Jun 2021 14:32:55 -0700 +Subject: Fixes (#7971) +Origin: https://github.com/apache/trafficserver/commit/b82a3d192f995fb9d78e1c44d51d9acca4783277 +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2021-27577 +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2021-32565 +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2021-32566 +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2021-32567 +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2021-35474 +Bug-Debian: https://bugs.debian.org/990303 + +* String the url fragment for outgoing requests (#7966) + +Co-authored-by: Susan Hinrichs +(cherry picked from commit 2b13eb33794574e62249997b4ba654d943a10f2d) + +* Ensure that the content-length value is only digits (#7964) + +Co-authored-by: Susan Hinrichs +(cherry picked from commit 668d0f8668fec1cd350b0ceba3f7f8e4020ae3ca) + +* Schedule H2 reenable event only if it's necessary + +Co-authored-by: Katsutoshi Ikenoya + +* Fix dynamic-stack-buffer-overflow of cachekey plugin (#7945) + +* Fix dynamic-stack-buffer-overflow of cachekey plugin + +* Check dst_size include null termination + +(cherry picked from commit 5a9339d7bc65e1c2d8d2a0fc80bb051daf3cdb0b) + +Co-authored-by: Bryan Call +Co-authored-by: Masakazu Kitajo +Co-authored-by: Katsutoshi Ikenoya +Co-authored-by: Masaori Koshiba +--- + plugins/cachekey/cachekey.cc | 2 +- + proxy/hdrs/HTTP.cc| 11 +++ + proxy/http/HttpTransact.cc| 5 - + proxy/http2/Http2ClientSession.cc | 14 +++--- + proxy/logging/LogUtils.cc | 2 +- + 5 files changed, 24 insertions(+), 10 deletions(-) + +diff --git a/plugins/cachekey/cachekey.cc b/plugins/cachekey/cachekey.cc +index
Bug#991182: marked as done (unblock: jailkit/2.21-4)
Your message dated Sat, 17 Jul 2021 13:49:16 +0200 with message-id and subject line Re: Bug#991182: unblock: jailkit/2.21-4 has caused the Debian Bug report #991182, regarding unblock: jailkit/2.21-4 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991182: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991182 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: eribe...@debian.org Dear Release Team, Please unblock package jailkit. [ Reason ] The upstream migrated the source code from Python2 to Python3 in a previous release (Debian revision 2.21-1). Recently, he released a new version to fix some issues (upstream/2.22). This new version fixes two bad lines, not compatibles with Python3 in file py/jk_update.in. In this week, the bug #991075 pointed a crash in the current revision in testing (2.21-3), caused by those two lines (without the fix), generating a crash in the jail environment when updating it. To fix, I made a patch over 2.21 version. [ Impact ] jailkit is a set of tools to generate chroot jails easily. If the unblock isn't granted, the final user will be able to create a chroot environment but it will not be updated. There is a security issue here, because the user will always work inside an outdated environment. [ Tests ] This fix was tested by the upstream, by the bug submitter (Jesse Norel) and by me. [ Risks ] This is a trivial fix and it has no risks. I made contact with the upstream to ask if this alone change could impact negatively in whole source code and the answer was "yes it is secure to change only those two lines"[1]. [1] https://lists.nongnu.org/archive/html/jailkit-dev/2021-07/msg1.html [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] Debian bug: https://bugs.debian.org/991075 Upstream changes: https://cvs.savannah.nongnu.org/viewvc/jailkit/jailkit/py/jk_update.in?r1=1.16=1.18=log Upstream contact: https://lists.nongnu.org/archive/html/jailkit-dev/2021-07/msg0.html unblock jailkit/2.21-4 diff -Nru jailkit-2.21/debian/changelog jailkit-2.21/debian/changelog --- jailkit-2.21/debian/changelog 2020-08-24 10:23:23.0 -0300 +++ jailkit-2.21/debian/changelog 2021-07-16 11:31:18.0 -0300 @@ -1,3 +1,13 @@ +jailkit (2.21-4) unstable; urgency=medium + + * debian/control: bumped Standards-Version to 4.5.1. + * debian/copyright: updated upstream and packaging copyright years. + * debian/patches/040_fix-crash-jk_update.patch: created to migrate two lines +from Python2 to 3, fixing Python3 compatibility and avoiding a crash when +updating the jail. (Closes: #991075) + + -- Joao Eriberto Mota Filho Fri, 16 Jul 2021 11:31:18 -0300 + jailkit (2.21-3) unstable; urgency=medium * debian/control: diff -Nru jailkit-2.21/debian/control jailkit-2.21/debian/control --- jailkit-2.21/debian/control 2020-08-24 10:23:23.0 -0300 +++ jailkit-2.21/debian/control 2021-07-16 11:31:18.0 -0300 @@ -3,7 +3,7 @@ Priority: optional Maintainer: Joao Eriberto Mota Filho Build-Depends: debhelper-compat (= 13), dh-python, python3-all -Standards-Version: 4.5.0 +Standards-Version: 4.5.1 Rules-Requires-Root: no Homepage: https://olivier.sessink.nl/jailkit/ Vcs-Browser: https://salsa.debian.org/debian/jailkit diff -Nru jailkit-2.21/debian/copyright jailkit-2.21/debian/copyright --- jailkit-2.21/debian/copyright 2020-08-24 10:23:23.0 -0300 +++ jailkit-2.21/debian/copyright 2021-07-16 11:31:18.0 -0300 @@ -4,7 +4,7 @@ Source: https://olivier.sessink.nl/jailkit/ Files: * -Copyright: 2003-2019 Olivier Sessink +Copyright: 2003-2021 Olivier Sessink License: BSD-3-Clause Files: man/* @@ -23,7 +23,7 @@ License: LGPL-2+ Files: debian/* -Copyright: 2019-2020 Joao Eriberto Mota Filho +Copyright: 2019-2021 Joao Eriberto Mota Filho License: BSD-3-Clause License: BSD-3-Clause diff -Nru jailkit-2.21/debian/patches/040_fix-crash-jk_update.patch jailkit-2.21/debian/patches/040_fix-crash-jk_update.patch --- jailkit-2.21/debian/patches/040_fix-crash-jk_update.patch 1969-12-31 21:00:00.0 -0300 +++ jailkit-2.21/debian/patches/040_fix-crash-jk_update.patch 2021-07-16 11:31:18.0 -0300 @@ -0,0 +1,36 @@ +Description: Fix Python3 compatibility, avoiding a crash when updating jail +Author: Olivier Sessink +Bug-Debian:
Bug#991179: marked as done (unblock: hamlib/4.0-7)
Your message dated Sat, 17 Jul 2021 13:43:49 +0200 with message-id and subject line Re: Bug#991179: unblock: hamlib/4.0-7 has caused the Debian Bug report #991179, regarding unblock: hamlib/4.0-7 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991179: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991179 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Dear Release Team, Please consider an unblock for package hamlib. [ Reason ] This upload adds a patch for a bug that causes some programs that use hamlib to crash upon startup. See: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980472 [ Impact ] The severity of bug 980472 impacts all reverse dependencies of hamlib; its removal would transitively remove several popular Ham Radio packages from the Bullseye release. Alternately, the bug could be downgraded and cubicsdr and any other applications that call rig_load_all_backends() more than once would remain broken. [ Tests ] The reported issue with cubicsdr is trivially reproducible with the current version. After verifying the crash, I installed the patched libhamlib4 and libhamlib-utils packages and manually tested cubicsdr, wsjtx, and xlog. [ Risks ] The patch clears memory in a hash table so repopulating the table doesn't fail. Since it is only called when the table is being reconstructed, it seems quite safe. (The code works on the first call because it depends on the memory being initialized to zeros.) The patch originates (and has been applied) upstream. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] Thank you, and apologies for the very late unblock request! Cheers, tony unblock hamlib/4.0-7 diff -Nru hamlib-4.0/debian/changelog hamlib-4.0/debian/changelog --- hamlib-4.0/debian/changelog 2021-05-11 10:03:12.0 -0700 +++ hamlib-4.0/debian/changelog 2021-07-15 21:31:14.0 -0700 @@ -1,3 +1,11 @@ +hamlib (4.0-7) unstable; urgency=medium + + * Team upload. + * Allow rig_load_all_backends to be called more than once. +(Closes: #980472) + + -- tony mancill Thu, 15 Jul 2021 21:31:14 -0700 + hamlib (4.0-6) unstable; urgency=medium * Paper over a minor precision difference in dec2dms on i386. diff -Nru hamlib-4.0/debian/patches/31dedcf4f79d8fc5fcf287360e5d017842c8e4c0 hamlib-4.0/debian/patches/31dedcf4f79d8fc5fcf287360e5d017842c8e4c0 --- hamlib-4.0/debian/patches/31dedcf4f79d8fc5fcf287360e5d017842c8e4c0 1969-12-31 16:00:00.0 -0800 +++ hamlib-4.0/debian/patches/31dedcf4f79d8fc5fcf287360e5d017842c8e4c0 2021-07-15 21:31:14.0 -0700 @@ -0,0 +1,17 @@ +Comment: Allow rig_load_all_backends to be called more than once +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980472 +Forwarded: not-needed +Source: https://sourceforge.net/p/hamlib/code/ci/31dedcf4f79d8fc5fcf287360e5d017842c8e4c0/ +Author: Michael Black W9MDB + +--- a/src/register.c b/src/register.c +@@ -454,6 +454,8 @@ + { + int i; + ++memset(rig_hash_table, 0 , sizeof(rig_hash_table)); ++ + for (i = 0; i < RIG_BACKEND_MAX && rig_backend_list[i].be_name; i++) + { + rig_load_backend(rig_backend_list[i].be_name); diff -Nru hamlib-4.0/debian/patches/series hamlib-4.0/debian/patches/series --- hamlib-4.0/debian/patches/series2021-05-11 10:03:12.0 -0700 +++ hamlib-4.0/debian/patches/series2021-07-15 21:31:14.0 -0700 @@ -7,3 +7,4 @@ cf858bfa3c8a36eda749c5078ef6f53a119fb285 0089964af7fa1f43757083b7bc7db195ba382fe0 1d74711a00dfa416a171cec87c841db315c5d9f7 +31dedcf4f79d8fc5fcf287360e5d017842c8e4c0 [The following lists of changes regard files as different if they have different names, permissions or owners.] Files in second .changes but not in first - -rw-r--r-- root/root /usr/lib/debug/.build-id/37/f26c116c35dc6ce75eab34eec4e51ae09c1e0d.debug Files in first .changes but not in second - -rw-r--r-- root/root /usr/lib/debug/.build-id/93/b3059fa0ecb4686b120e91e64e0a2b8e37100c.debug Control files of package libhamlib++-dev: lines which differ (wdiff format) --- Depends: libc6-dev, libhamlib++4 (= [-4.0-6),-] {+4.0-7),+} libhamlib-dev (= [-4.0-6),-] {+4.0-7),+} libhamlib4 (= [-4.0-6)-] {+4.0-7)+} Version:
Bug#991161: marked as done (unblock: python-nosehtmloutput/0.0.5-3)
Your message dated Sat, 17 Jul 2021 13:39:06 +0200 with message-id and subject line Re: Bug#991161: unblock: python-nosehtmloutput/0.0.5-3 has caused the Debian Bug report #991161, regarding unblock: python-nosehtmloutput/0.0.5-3 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991161: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991161 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package python-nosehtmloutput This fixes #990816 (ie: unuseable package, it seems). I applied upstream Python 3 support patch which fixes the issue. This is kind of a low risk leaf package, only used to build docs, so IMO nothing to worry much about. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock python-nosehtmloutput/0.0.5-3 diff -Nru python-nosehtmloutput-0.0.5/debian/changelog python-nosehtmloutput-0.0.5/debian/changelog --- python-nosehtmloutput-0.0.5/debian/changelog2019-09-02 09:06:42.0 +0200 +++ python-nosehtmloutput-0.0.5/debian/changelog2021-07-16 09:23:39.0 +0200 @@ -1,3 +1,9 @@ +python-nosehtmloutput (0.0.5-3) unstable; urgency=medium + + * Added upstream "Python 3 support" patch (Closes: #990816). + + -- Thomas Goirand Fri, 16 Jul 2021 09:23:39 +0200 + python-nosehtmloutput (0.0.5-2) unstable; urgency=medium * Team upload. diff -Nru python-nosehtmloutput-0.0.5/debian/patches/Python-3-support.patch python-nosehtmloutput-0.0.5/debian/patches/Python-3-support.patch --- python-nosehtmloutput-0.0.5/debian/patches/Python-3-support.patch 1970-01-01 01:00:00.0 +0100 +++ python-nosehtmloutput-0.0.5/debian/patches/Python-3-support.patch 2021-07-16 09:23:39.0 +0200 @@ -0,0 +1,84 @@ +Description: Python 3 support + * Implicit relative import 'import version' to import htmloutput.version. + Use explicit relative import instead 'from . import version'. + Somehow 'from htmloutput import version' does not work for python2 + when I tested this with horizon nosetest. + * Python3 dict does not has_key(). Use 'not in' instead. + * Open a file for writing with 'wb' (binary mode). + In Python 3, encode() converts unicode including regular string into + bytes. In Python 2, encode() converts unicode string into string and + string and bytes are handled equivalently. Thus, opening a file with + binary mode works both for python2 and python3. + * Decoding from string to unicode is only needed for Python 2, + so six.PY2 check is added to isinstance(x, str) if-clause. +Author: Akihiro Motoki +Date: Thu, 22 Jun 2017 19:18:31 +0900 +Change-Id: Ied161e133ced1d672aba9d1a44b52034dfb676da +Origin: upstream, https://github.com/openstack/nose-html-output/commit/71d12999b06908bbb019f69c89361bd44bec316c.patch + +Index: python-nosehtmloutput/htmloutput/htmloutput.py +=== +--- python-nosehtmloutput.orig/htmloutput/htmloutput.py python-nosehtmloutput/htmloutput/htmloutput.py +@@ -44,7 +44,9 @@ from nose.plugins import Plugin + import nose.plugins.skip + from xml.sax import saxutils + +-import version ++import six ++ ++from . import version + __version__ = version.__version__ + + class TemplateData(object): +@@ -513,7 +515,7 @@ class HtmlOutput(Plugin): + ending = ending, + ) + if self.html_file: +-html_file = open(self.html_file, 'w') ++html_file = open(self.html_file, 'wb') + html_file.write(output.encode('utf8')) + else: + stream.write(output.encode('utf8')) +@@ -621,7 +623,7 @@ class HtmlOutput(Plugin): + cls = test.test.__class__ + else: + cls = test.__class__ +-if not rmap.has_key(cls): ++if cls not in rmap: + rmap[cls] = [] + classes.append(cls) + rmap[cls].append(data_tuple) +@@ -639,13 +641,17 @@ class HtmlOutput(Plugin): + # Comments below from the original source project. + # TODO: clean this up within the context of a nose plugin. + # o and e should be byte string because they are collected from stdout and stderr? +-if isinstance(o,str): ++# NOTE: In Python3 unicode is natively supported as string, ++# so there is no need to decode() here. ++if six.PY2 and isinstance(o, str): + # TODO:
Bug#991145: marked as done (unblock: syncthing/1.12.1~ds1-3)
Your message dated Sat, 17 Jul 2021 13:34:27 +0200 with message-id and subject line Re: Bug#991145: unblock: syncthing/1.12.1~ds1-3 has caused the Debian Bug report #991145, regarding unblock: syncthing/1.12.1~ds1-3 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991145: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991145 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package syncthing. [ Reason ] It contains various fixes, all of them provided by upstream sending patches for our specific version of syncthing. Notably, it fixes CVE-2021-21404. [ Impact ] Less bugs, less CVES, better upstream cooperation! -- Alexandre Viau av...@debian.org syncthing.debdiff Description: Binary data --- End Message --- --- Begin Message --- Hi Alexandre On Thu, 15 Jul 2021 at 18:21, Alexandre Viau wrote: > Please unblock package syncthing. Syncthing is not blocked. I have aged it so it can migrate sooner. Regards Graham--- End Message ---
Bug#991202: unblock: dask.distributed/2021.01.0+ds.1-2.1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package dask.distributed * Backport upstream fix removing tests that fail under some circumstances. (Closes: #987816) * python-distributed-doc: Fix broken symlink to html5shiv.min.js, dh_link needs absolute paths. (Closes: #988675) diff -Nru dask.distributed-2021.01.0+ds.1/debian/changelog dask.distributed-2021.01.0+ds.1/debian/changelog --- dask.distributed-2021.01.0+ds.1/debian/changelog2021-02-01 22:08:19.0 +0200 +++ dask.distributed-2021.01.0+ds.1/debian/changelog2021-07-13 19:19:56.0 +0300 @@ -1,3 +1,13 @@ +dask.distributed (2021.01.0+ds.1-2.1) unstable; urgency=medium + + * Non-maintainer upload. + * Backport upstream fix removing tests that fail under some +circumstances. (Closes: #987816) + * python-distributed-doc: Fix broken symlink to html5shiv.min.js, +dh_link needs absolute paths. (Closes: #988675) + + -- Adrian Bunk Tue, 13 Jul 2021 19:19:56 +0300 + dask.distributed (2021.01.0+ds.1-2) unstable; urgency=medium * Add fall-back-to-ipv6-localhost.patch to work around ipv6 networking diff -Nru dask.distributed-2021.01.0+ds.1/debian/patches/0001-Remove-tests-for-process_time-and-thread_time-4895.patch dask.distributed-2021.01.0+ds.1/debian/patches/0001-Remove-tests-for-process_time-and-thread_time-4895.patch --- dask.distributed-2021.01.0+ds.1/debian/patches/0001-Remove-tests-for-process_time-and-thread_time-4895.patch 1970-01-01 02:00:00.0 +0200 +++ dask.distributed-2021.01.0+ds.1/debian/patches/0001-Remove-tests-for-process_time-and-thread_time-4895.patch 2021-07-13 19:19:56.0 +0300 @@ -0,0 +1,73 @@ +From 668f3f1d38c27277448af6f5aa88741cd1d33f3b Mon Sep 17 00:00:00 2001 +From: James Bourbeau +Date: Wed, 9 Jun 2021 08:57:53 -0500 +Subject: Remove tests for `process_time` and `thread_time` (#4895) + +--- + distributed/tests/test_metrics.py | 46 --- + 1 file changed, 46 deletions(-) + +diff --git a/distributed/tests/test_metrics.py b/distributed/tests/test_metrics.py +index 3a27e638..58c33266 100644 +--- a/distributed/tests/test_metrics.py b/distributed/tests/test_metrics.py +@@ -1,9 +1,6 @@ +-import sys +-import threading + import time + + from distributed import metrics +-from distributed.utils_test import run_for + + + def test_wall_clock(): +@@ -18,46 +15,3 @@ def test_wall_clock(): + assert any(lambda d: 0.0 < d < 0.0001 for d in deltas), deltas + # Close to time.time() + assert t - 0.5 < samples[0] < t + 0.5 +- +- +-def test_process_time(): +-start = metrics.process_time() +-run_for(0.05) +-dt = metrics.process_time() - start +-assert 0.03 <= dt <= 0.2 +- +-# All threads counted +-t = threading.Thread(target=run_for, args=(0.1,)) +-start = metrics.process_time() +-t.start() +-t.join() +-dt = metrics.process_time() - start +-assert dt >= 0.05 +- +-# Sleep time not counted +-start = metrics.process_time() +-time.sleep(0.1) +-dt = metrics.process_time() - start +-assert dt <= 0.05 +- +- +-def test_thread_time(): +-start = metrics.thread_time() +-run_for(0.05) +-dt = metrics.thread_time() - start +-assert 0.03 <= dt <= 0.2 +- +-# Sleep time not counted +-start = metrics.thread_time() +-time.sleep(0.1) +-dt = metrics.thread_time() - start +-assert dt <= 0.05 +- +-if sys.platform == "linux": +-# Always per-thread on Linux +-t = threading.Thread(target=run_for, args=(0.1,)) +-start = metrics.thread_time() +-t.start() +-t.join() +-dt = metrics.thread_time() - start +-assert dt <= 0.05 +-- +2.20.1 + diff -Nru dask.distributed-2021.01.0+ds.1/debian/patches/series dask.distributed-2021.01.0+ds.1/debian/patches/series --- dask.distributed-2021.01.0+ds.1/debian/patches/series 2021-02-01 21:51:15.0 +0200 +++ dask.distributed-2021.01.0+ds.1/debian/patches/series 2021-07-13 19:19:56.0 +0300 @@ -7,3 +7,4 @@ use-local-favicon.patch mark-tests-require-installation.patch fall-back-to-ipv6-localhost.patch +0001-Remove-tests-for-process_time-and-thread_time-4895.patch diff -Nru dask.distributed-2021.01.0+ds.1/debian/python-distributed-doc.links dask.distributed-2021.01.0+ds.1/debian/python-distributed-doc.links --- dask.distributed-2021.01.0+ds.1/debian/python-distributed-doc.links 2021-01-17 05:54:55.0 +0200 +++ dask.distributed-2021.01.0+ds.1/debian/python-distributed-doc.links 2021-07-13 19:19:56.0 +0300 @@ -1 +1 @@ -../../../../sphinx_rtd_theme/static/js/html5shiv.min.js usr/share/doc/python-distributed-doc/html/_static/js/html5shiv.min.js +/usr/share/sphinx_rtd_theme/static/js/html5shiv.min.js usr/share/doc/python-distributed-doc/html/_static/js/html5shiv.min.js
Processed (with 1 error): Fwd: Bug#991073: unblock: ganglia-modules-linux/1.3.4-5
Processing control commands: > tags -1 + moreinfo confirmed Bug #991073 [release.debian.org] unblock: ganglia-modules-linux/1.3.4-5 Added tag(s) moreinfo and confirmed. > tags 990808 -1 -moreinfo confirmed Unknown tag/s: 1. Recognized are: patch wontfix moreinfo unreproducible help security upstream pending confirmed ipv6 lfs d-i l10n newcomer a11y ftbfs fixed-upstream fixed fixed-in-experimental sid experimental potato woody sarge sarge-ignore etch etch-ignore lenny lenny-ignore squeeze squeeze-ignore wheezy wheezy-ignore jessie jessie-ignore stretch stretch-ignore buster buster-ignore bullseye bullseye-ignore bookworm bookworm-ignore trixie trixie-ignore. Bug #990808 [ganglia-modules-linux] ganglia-modules-linux: library paths in configs are wrong Requested to remove no tags; doing nothing. Bug #990808 [ganglia-modules-linux] ganglia-modules-linux: library paths in configs are wrong Removed tag(s) moreinfo and confirmed. -- 990808: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990808 991073: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991073 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#991073: Fwd: Bug#991073: unblock: ganglia-modules-linux/1.3.4-5
Control: tags -1 + moreinfo confirmed Control: tags 990808 -1 -moreinfo confirmed Sorry, I managed to reply to the wrong bug. Hi Marcos On Tue, 13 Jul 2021 at 17:33, Marcos Fouces wrote: > I still not uploaded the package to sid waiting for aproval. Please go ahead and upload, then remove the moreinfo tag once it has built. Regards Graham
Bug#991144: marked as done (unblock: libaperture-0/0.1.0+git20200908-2)
Your message dated Sat, 17 Jul 2021 12:47:01 +0200 with message-id and subject line Re: Bug#991144: unblock: libaperture-0/0.1.0+git20200908-2 has caused the Debian Bug report #991144, regarding unblock: libaperture-0/0.1.0+git20200908-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991144: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991144 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package libaperture-0 The source package libaperture-0 is missing --with gir when calling debhelper in debian/rules. This results in ${gir:Depends} not being expanded properly and therefore gir1.2-aperture-0 is missing dependencies. [ Reason ] Closes RC bug #991078 - missing gir dependencies on binary package. [ Impact ] The binary package gir1.2-aperture-0 is missing dependencies. [ Tests ] No specific tests added, the change only affect the debian packaging, not the upstream code. [ Risks ] Change is trivial and this is not a key package (it is a leaf package). Therefore I consider the risk as very low. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] n/a unblock libaperture-0/0.1.0+git20200908-2 diff -Nru libaperture-0-0.1.0+git20200908/debian/changelog libaperture-0-0.1.0+git20200908/debian/changelog --- libaperture-0-0.1.0+git20200908/debian/changelog2020-07-06 09:53:19.0 + +++ libaperture-0-0.1.0+git20200908/debian/changelog2021-07-15 15:53:35.0 + @@ -1,3 +1,9 @@ +libaperture-0 (0.1.0+git20200908-2) unstable; urgency=medium + + * d/rules: ensure dh uses --with gir (Closes: #991078) + + -- Henry-Nicolas Tourneur Thu, 15 Jul 2021 15:53:35 + + libaperture-0 (0.1.0+git20200908-1) unstable; urgency=medium * Initial Debian release (Closes: #969745) diff -Nru libaperture-0-0.1.0+git20200908/debian/rules libaperture-0-0.1.0+git20200908/debian/rules --- libaperture-0-0.1.0+git20200908/debian/rules2020-07-06 09:53:19.0 + +++ libaperture-0-0.1.0+git20200908/debian/rules2021-07-15 15:52:50.0 + @@ -3,7 +3,7 @@ export DEB_BUILD_MAINT_OPTIONS = hardening=+all %: - dh $@ --builddirectory=_build + dh $@ --builddirectory=_build --with gir override_dh_auto_test: ifeq ($(filter nocheck,$(DEB_BUILD_OPTIONS)),) --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Bug#991138: marked as done (unblock: davmail/5.5.1.3299-5)
Your message dated Sat, 17 Jul 2021 12:43:04 +0200 with message-id and subject line Re: Bug#991138: unblock: davmail/5.5.1.3299-5 has caused the Debian Bug report #991138, regarding unblock: davmail/5.5.1.3299-5 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991138: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991138 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package davmail. The updated version fixes RC bug #987601. It also fixes the init.d script (when systemd is not used). It also cleanups a Suggests: of a package no longer in the archive. This is a leaf package with no rdeps. Changes are in the Suggests: and in the init.d script when systemd is not in use: risks of regressions are very low. unblock davmail/5.5.1.3299-5 -- System Information: Debian Release: 10.10 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-16-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8), LANGUAGE=fr_FR.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled diff -Nru davmail-5.5.1.3299/debian/changelog davmail-5.5.1.3299/debian/changelog --- davmail-5.5.1.3299/debian/changelog 2020-10-13 11:09:08.0 +0200 +++ davmail-5.5.1.3299/debian/changelog 2021-07-07 14:39:48.0 +0200 @@ -1,3 +1,14 @@ +davmail (5.5.1.3299-5) unstable; urgency=medium + + [ Alexandre Rossi ] + * drop Suggests of libswt-gtk2-4-jni which is gone from the archive + * add default-jre as a Suggests (Closes: #987601) + + [ Meeuwissen Olaf ] + * fix conf ignored when starting via init.d script (Closes: #989817) + + -- Alexandre Rossi Wed, 07 Jul 2021 14:39:48 +0200 + davmail (5.5.1.3299-4) unstable; urgency=medium * fix service start when not using keystoreFile (Closes: #972136) diff -Nru davmail-5.5.1.3299/debian/control davmail-5.5.1.3299/debian/control --- davmail-5.5.1.3299/debian/control 2020-05-03 16:54:47.0 +0200 +++ davmail-5.5.1.3299/debian/control 2021-07-07 14:29:00.0 +0200 @@ -39,7 +39,7 @@ ${shlibs:Depends}, ${misc:Depends}, ${java:Depends} -Suggests: libswt-gtk2-4-jni, +Suggests: default-jre, libswt-cairo-gtk-4-jni, libopenjfx-java, Description: POP/IMAP/SMTP/CalDav/LDAP to Microsoft Exchange gateway diff -Nru davmail-5.5.1.3299/debian/init davmail-5.5.1.3299/debian/init --- davmail-5.5.1.3299/debian/init 2018-12-27 17:54:26.0 +0100 +++ davmail-5.5.1.3299/debian/init 2021-07-07 14:39:39.0 +0200 @@ -19,23 +19,23 @@ DESC="Davmail Exchange gateway" NAME=davmail DAEMON=/usr/bin/$NAME -DAEMON_USER=$NAME +DAEMON_USER=_$NAME HOME=/var/lib/$DAEMON_USER PIDFILE=/var/run/$NAME.pid -LOGFILE=/var/log/$NAME.log +LOGFILE=/var/log/$NAME/$NAME.log SCRIPTNAME=/etc/init.d/$NAME # Exit if the package is not installed [ -x "$DAEMON" ] || exit 0 -DAEMON_ARGS="/etc/davmail.properties" +DAEMON_ARGS="-server /etc/davmail/davmail.properties" # Create logfiles if they do not exist if [ ! -r "$LOGFILE" ] then touch $LOGFILE -chown $NAME:adm $LOGFILE +chown $DAEMON_USER:adm $LOGFILE fi # Load the VERBOSE setting and other rcS variables --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Bug#991127: marked as done (unblock: kio/5.78.0-5)
Your message dated Sat, 17 Jul 2021 12:36:06 +0200 with message-id and subject line Re: Bug#991127: unblock: kio/5.78.0-5 has caused the Debian Bug report #991127, regarding unblock: kio/5.78.0-5 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991127: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991127 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: debian-qt-...@lists.debian.org Please unblock package kio Backport of fix for upstream bug https://bugs.kde.org/show_bug.cgi?id=439477 from merge request https://invent.kde.org/frameworks/kio/-/merge_requests/498 What happens is that: - if you select a browser not by .desktop file but via binary - then click on a link - the file is downloaded and cached, and the cached version is shown Example: run `kcmshell5 componentchooser` click web browser -> other -> type in /usr/bin/firefox Apply Then runJ `kde-open5 http://kde.org` This opens the content of kde.org web page from a local cache file file:///home/norbert/.cache/kioexec/krun/98133_0/unnamed This is rather unfortunate. [ Reason ] Users will have: - strange location in the URL bar, instead of the correct URL - accumulate files in .cache [ Impact ] See above [ Tests ] Testing that before the patch, the above procedure opened the cached url, and after the proper web page (if the generated .desktop file is removed and regenerated - this is something we cannot fix now). [ Risks ] Very low to zero. Trivial code. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing the new debian/patch file is attached, besides debian/changelog this is the only change. unblock kio/5.78.0-5 Best Norbert -- PREINING Norbert https://www.preining.info Fujitsu Research + IFMGA Guide + TU Wien + TeX Live + Debian Dev GPG: 0x860CDC13 fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13 >From 8ad6921524c92a0cf1b58336b3ce29e159e83b7d Mon Sep 17 00:00:00 2001 From: David Edmundson Date: Wed, 14 Jul 2021 17:06:59 +0100 Subject: [PATCH] Fix selecting binaries from component chooser KCM In the kcmshell for a component chooser we use the open with dialog to select services for various scheme handlers. If you select a binary instead of a .desktop file a temporary .desktop file is created in ~/.local/share/applications This is in the format Exec=someBinary MimeType=x-scheme-handler/http When we then use this application for launching KIO::DesktopExecParser then (sort of correctly) determines that that the chosen service cannot handle the http scheme because even though it is a scheme handler it does not have a "%u" in the exec line. This leads to us potentially loading websites via kioclient or kio-fuse. Testing done: - kcmshell5 component chooser - web browser -> other -> type "/usr/bin/firefox" - kde-open5 http://kde.org - Previously this gave a local URL, now it is correct --- src/widgets/kopenwithdialog.cpp | 8 1 file changed, 8 insertions(+) diff --git a/src/widgets/kopenwithdialog.cpp b/src/widgets/kopenwithdialog.cpp index 1831878ca..31295044d 100644 --- a/src/widgets/kopenwithdialog.cpp +++ b/src/widgets/kopenwithdialog.cpp @@ -1088,6 +1088,14 @@ bool KOpenWithDialogPrivate::checkAccept() KConfigGroup cg = desktopFile.desktopGroup(); cg.writeEntry("Type", "Application"); cg.writeEntry("Name", initialServiceName); + +// if we select a binary for a scheme handler, then it's safe to assume it can handle URLs +if (qMimeType.startsWith(QLatin1String("x-scheme-handler/"))) { +if (!typedExec.contains(QLatin1String("%u"), Qt::CaseInsensitive) && !typedExec.contains(QLatin1String("%f"), Qt::CaseInsensitive)) { +fullExec += QStringLiteral(" %u"); +} +} + cg.writeEntry("Exec", fullExec); cg.writeEntry("NoDisplay", true); // don't make it appear in the K menu if (terminal->isChecked()) { -- GitLab --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Bug#991125: marked as done (unblock: okular/4:20.12.3-2)
Your message dated Sat, 17 Jul 2021 12:31:29 +0200 with message-id and subject line Re: Bug#991125: unblock: okular/4:20.12.3-2 has caused the Debian Bug report #991125, regarding unblock: okular/4:20.12.3-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991125: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991125 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: debian-qt-...@lists.debian.org Please unblock package okular [ Reason ] The json definition for the fictionbook book format currently uses the same identification string as the fax book format, thus okular uses only one of the two, currently the fax generator. Thus, .fb2 files cannot be opened at the moment with okular, showing only blank pages or unformatted text. By only fixing the id of the generator to have a unique identifier, both fax and fb2 can be displayed with okular. [ Impact ] Cannot view .fb2 (fictionbook) files. [ Tests ] Tested that after installing this patch, .fb2 can again be opened. [ Risks ] None. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing see below: The only difference (besides debian changelog) is inclusion of the following patch: From 504eec7688e7139e9d193fc2b3ddafac0f835b6f Mon Sep 17 00:00:00 2001 From: Yaroslav Sidlovsky Date: Mon, 12 Jul 2021 11:06:26 +0300 Subject: [PATCH] Fix non unique KPlugin Id for fictionbook generator BUG: 439807 (cherry picked from commit 8dc58c7617abcacf9325e5b93a5e38149f6e2aaf) --- generators/fictionbook/libokularGenerator_fb.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/generators/fictionbook/libokularGenerator_fb.json b/generators/fictionbook/libokularGenerator_fb.json index 1ef01a2d5..3d499a50f 100644 --- a/generators/fictionbook/libokularGenerator_fb.json +++ b/generators/fictionbook/libokularGenerator_fb.json @@ -120,7 +120,7 @@ "Description[x-test]": "xxA renderer for FictionBook eBooksxx", "Description[zh_CN]": "FictionBook 电子书渲染器", "Description[zh_TW]": "FictionBook 電子書成像器", -"Id": "okular_fax", +"Id": "okular_fictionbook", "License": "GPL", "MimeTypes": [ "application/x-fictionbook+xml" [ Other info ] Upstream bug report: https://bugs.kde.org/show_bug.cgi?id=439807 fix will be included in 21.08 and probably backported to 21.04 branch by upstream. unblock okular/4:20.12.3-2 --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Bug#991097: marked as done (unblock: horizon/18.6.2-5)
Your message dated Sat, 17 Jul 2021 12:14:20 +0200 with message-id and subject line Re: Bug#991097: unblock: horizon/18.6.2-5 has caused the Debian Bug report #991097, regarding unblock: horizon/18.6.2-5 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991097: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991097 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package horizon [ Reason ] This upload fixes 2 problems. Let me explain. 1/ Don't load user role assignment or groups tabs for non-admins OpenStack manages access rights to its API through "roles". A list of roles can be assigned to a user. These operations (ie: role assignments) can be performed by any user with the admin role. It is possible to manage user roles with Horizon. Unfortunately, the role assignment tabs where also displayed for non-admins, which isn't great (a newbie would click and see some error messages, that's not a very nice user experience...). So I added to the Horizon package the patch from upstream, which they are also in the process of backporting: https://review.opendev.org/c/openstack/horizon/+/783547 2/ Do not do boot-from-volume by default when launching instances With the current default in Horizon, launching a new VM is done using the "boot from volume" option of OpenStack. In our opinion, this isn't a nice default, which can complicate things for newbies, so it's much nicer to get the default set to Flase, which is what the 2nd patch is doing. [ Impact ] Clearly, these 2 patches are just some last minutes polishing of the package, but I think it's nice to have them. [ Tests ] Upstream runs extensive functional testing with Selenium, upstream unit tests are run at build time in the Debian package, and we also are running the modified version of the package in a production public cloud, so we're good regarding tests. :) [ Risks ] This is very minimum risk change, which is only changing defaults and fixing display. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock horizon/18.6.2-5 diff -Nru horizon-18.6.2/debian/changelog horizon-18.6.2/debian/changelog --- horizon-18.6.2/debian/changelog 2021-06-29 14:53:41.0 +0200 +++ horizon-18.6.2/debian/changelog 2021-07-14 11:19:22.0 +0200 @@ -1,3 +1,11 @@ +horizon (3:18.6.2-5) unstable; urgency=medium + + * Add patches: +- Dont_load_user_role_assignment_or_groups_tabs_for_non-admins.patch +- do-not-create-volume-by-default-when-launching-instance.patch + + -- Thomas Goirand Wed, 14 Jul 2021 11:19:22 +0200 + horizon (3:18.6.2-4) unstable; urgency=medium * Do not use an enable folder in /etc, as this marks all files from plugins diff -Nru horizon-18.6.2/debian/patches/do-not-create-volume-by-default-when-launching-instance.patch horizon-18.6.2/debian/patches/do-not-create-volume-by-default-when-launching-instance.patch --- horizon-18.6.2/debian/patches/do-not-create-volume-by-default-when-launching-instance.patch 1970-01-01 01:00:00.0 +0100 +++ horizon-18.6.2/debian/patches/do-not-create-volume-by-default-when-launching-instance.patch 2021-07-14 11:19:22.0 +0200 @@ -0,0 +1,19 @@ +Description: Do not create volume by default when launching instance + By default, Horizon creates a volume and wants users to boot from it, which is + not what a user should do by default. This patch restors sanity in the default + behavior. +Author: Thomas Goirand +Forwarded: no +Last-Update: 2021-07-14 + +--- horizon-18.6.2.orig/openstack_dashboard/defaults.py horizon-18.6.2/openstack_dashboard/defaults.py +@@ -251,7 +251,7 @@ LAUNCH_INSTANCE_NG_ENABLED = True + # properties found in the Launch Instance modal. + LAUNCH_INSTANCE_DEFAULTS = { + 'config_drive': False, +-'create_volume': True, ++'create_volume': False, + 'hide_create_volume': False, + 'disable_image': False, + 'disable_instance_snapshot': False, diff -Nru horizon-18.6.2/debian/patches/Dont_load_user_role_assignment_or_groups_tabs_for_non-admins.patch horizon-18.6.2/debian/patches/Dont_load_user_role_assignment_or_groups_tabs_for_non-admins.patch --- horizon-18.6.2/debian/patches/Dont_load_user_role_assignment_or_groups_tabs_for_non-admins.patch 1970-01-01 01:00:00.0 +0100 +++
Processed: Re: Bug#991091: unblock: budgie-desktop/10.5.2-4
Processing control commands: > tags -1 + moreinfo confirmed Bug #991091 [release.debian.org] unblock: budgie-desktop/10.5.2-4 Added tag(s) moreinfo and confirmed. -- 991091: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991091 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#991091: unblock: budgie-desktop/10.5.2-4
Control: tags -1 + moreinfo confirmed Hi David On Tue, 13 Jul 2021 at 22:33, David Mohammed wrote: > Please unblock package budgie-desktop Please go ahead and upload to unstable, then remove the moreinfo tag once it has built. Regards Graham
Bug#990988: marked as done (unblock: networkd-dispatcher/2.1-2)
Your message dated Sat, 17 Jul 2021 11:52:18 +0200 with message-id and subject line Re: Bug#990988: unblock: networkd-dispatcher/2.1-2 has caused the Debian Bug report #990988, regarding unblock: networkd-dispatcher/2.1-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 990988: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990988 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: juli...@ubuntu.com, sl...@ubuntu.com Please unblock package networkd-dispatcher [ Reason ] networkd-dispatcher provides invalid IP addresses to hooks in its JSON, such as "172.25.117.104 (DHCP4)", which breaks hooks relying on proper IP addresses in the IP address field :) [ Impact ] Hooks are broken for IPv4 addressing. Might break automatization people have written as networkd-dispatcher hooks for systemd-networkd. [ Tests ] Unit tests: Added the erronous DHCP4 part to the test input, and hence test ensures it is stripped properly when testing. [ Risks ] The way the normalization happens there shouldn't really be any risk, it's trivial, and just removes the DHCPv4 string from the address. My understanding is that it's a leaf package and not installed by default, 80 Inst reports on popcon, so even if it broke, who's going to notice? [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] We understand parsing networkctl human-readable output is bad, future versions will eventually make use of networkctl's JSON support. unblock networkd-dispatcher/2.1-2 -- debian developer - deb.li/jak | jak-linux.org - free software dev ubuntu core developer i speak de, en diff -Nru networkd-dispatcher-2.1/debian/changelog networkd-dispatcher-2.1/debian/changelog --- networkd-dispatcher-2.1/debian/changelog 2020-11-10 14:35:05.0 +0100 +++ networkd-dispatcher-2.1/debian/changelog 2021-07-12 12:56:03.0 +0200 @@ -1,3 +1,14 @@ +networkd-dispatcher (2.1-2) unstable; urgency=medium + + [ Lukas Märdian ] + * Add d/p/0003-Normalize-parsed-IP-address-value.patch to handle IP address +networkctl output of systemd v244+ + + [ Julian Andres Klode ] + * debian/gbp.conf: Point to debian/bullseye + + -- Julian Andres Klode Mon, 12 Jul 2021 12:56:03 +0200 + networkd-dispatcher (2.1-1) unstable; urgency=medium * New upstream release 2.1 (Closes: #968941) diff -Nru networkd-dispatcher-2.1/debian/gbp.conf networkd-dispatcher-2.1/debian/gbp.conf --- networkd-dispatcher-2.1/debian/gbp.conf 2020-11-10 14:35:05.0 +0100 +++ networkd-dispatcher-2.1/debian/gbp.conf 2021-07-12 12:56:03.0 +0200 @@ -1,5 +1,5 @@ [DEFAULT] -debian-branch = debian/master +debian-branch = debian/bullseye upstream-branch = upstream upstream-tag = %(version)s debian-tag= debian/%(version)s diff -Nru networkd-dispatcher-2.1/debian/patches/0003-Normalize-parsed-IP-address-value.patch networkd-dispatcher-2.1/debian/patches/0003-Normalize-parsed-IP-address-value.patch --- networkd-dispatcher-2.1/debian/patches/0003-Normalize-parsed-IP-address-value.patch 1970-01-01 01:00:00.0 +0100 +++ networkd-dispatcher-2.1/debian/patches/0003-Normalize-parsed-IP-address-value.patch 2021-07-12 12:56:03.0 +0200 @@ -0,0 +1,48 @@ +From: Lukas Märdian +Date: Mon, 12 Jul 2021 12:19:12 +0200 +Subject: Normalize parsed IP address value + +Origin: vendor, Ubuntu +Bug-Ubuntu: https://bugs.launchpad.net/bugs/1884248 +Forwarded: https://gitlab.com/craftyguy/networkd-dispatcher/-/merge_requests/56 +--- + networkd-dispatcher | 5 + + tests/inputs/test_get_networkctl_status | 2 +- + 2 files changed, 6 insertions(+), 1 deletion(-) + +diff --git a/networkd-dispatcher b/networkd-dispatcher +index 82bf7ad..cc5f485 100755 +--- a/networkd-dispatcher b/networkd-dispatcher +@@ -15,6 +15,7 @@ import errno + import json + import logging + import os ++import re + import socket + import stat + import subprocess +@@ -110,6 +111,10 @@ def get_networkctl_status(iface_name): + if not v: + continue + ++# normalize some values that changed in v244 & v246 ++if k == 'Address': ++v = re.sub(r' \(DHCP4.*\)$', '', v) ++ + oldk = k + + if k in SINGLETONS: +diff --git a/tests/inputs/test_get_networkctl_status b/tests/inputs/test_get_networkctl_status +index 6a70279..3439162 100644
Processed: Re: Bug#990977: unblock: python-aiosqlite/0.16.1-2
Processing control commands: > tags -1 + moreinfo confirmed Bug #990977 [release.debian.org] unblock: python-aiosqlite/0.16.1-2 Added tag(s) confirmed and moreinfo. -- 990977: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990977 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#990977: unblock: python-aiosqlite/0.16.1-2
Control: tags -1 + moreinfo confirmed Hi Benjamin On Mon, 12 Jul 2021 at 08:57, Benjamin Hof wrote: > I'd be happy to provide a new upload with a more useful autopkgtest > that executes the test suite, if that'd work for you. That sounds good! Please go ahead with a new upload and remove the moreinfo tag once it has built. Regards Graham
Bug#990973: marked as done (unblock: mksh/59c-9)
Your message dated Sat, 17 Jul 2021 11:38:16 +0200 with message-id and subject line Re: Bug#990973: unblock: mksh/59c-9 has caused the Debian Bug report #990973, regarding unblock: mksh/59c-9 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 990973: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990973 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: t...@mirbsd.de, Vincent Lefèvre Please unblock package mksh [ Reason ] This update is comprised of: • documentation update from upstream CVS HEAD, mostly related to the death of a certain IRC network (one FAQ entry related to changes that are already in 59c-8 also got in) • some more reliability checks (although I’m afraid the full C1 control character escaping changes won’t make bullseye, they’re still under development and rather invasive, so I only picked the small independent fixes): – check lower bounds of input line array when backspacing – protect against hi-bit7 (stty) EOF character – ensure macro calls don’t have side effects in arguments • properly flush stderr and unwind for direct builtin calls (“ln -s /bin/mksh echo; ./echo …”) so they behave the same as if called from within the shell (“/bin/mksh -c 'echo …'”) • fix truncation behaviour for internal snprintf equivalent (a sequence of putc+puts+putc could, before, drop the puts but allow the putc to succeed); this becomes important with the next change • show error message and exit nōn-zero on stdout write failure for builtin calls (Closes: #990265) ‣ there was quite a discussion around what parts are actually buggy-as-in-not-POSIX on the Austin Group (POSIX) mailing list, as there was no consensus between shell implementors, packagers and users; this implements (for all known cases) what the official response requires • display correct errno when doing so (before, one codepath could lose errno as it did another libc call in between) • show error message in echo/print builtin on output write failure (basically the same as the generic one except echo/print don’t write buffered to stdout, they write to any fd, and already exited 1 on write error but didn’t issue a diagnostic message in that case which the POSIX people seem to prefer) [ Impact ] The references to the dead IRC network stay in. Scenarios in which output is redirected to files on a full filesystem can’t be handled by shell scripts. Direct builtin calls can lose stderr messages. (The other fixes are for bugs I’ve not seen in production but aren’t untrue either.) [ Tests ] The stdout/error change has new tests in the regression test suite and has also been tested by the requestor and the concept was ACK’d on the Austin Group mailing list. All changes have been tested in MirBSD for a while (including rebuilding the full OS with them in play) and not triggered any problems. The changes (except documentation where I cp’d for some files) are all individual cherry-picks of the relevant commits, individually reviewed. I also tested the truncation one by temporarily adding debugging code during development, and all error handling-related ones also on Debian with /dev/full (which doesn’t exist on MirBSD). [ Risks ] As mentioned in the last unblock, mksh is effectively not key. These changes only affect specific things (the ones under “some more reliability checks” only the interactive line editor, for example) and thus are rather localised, mistakes easily spotted. Therefore I believe these are low risk (I specifically didn’t cherry-pick a few fixes that are of higher risk because of their interwovenness and intrusivity level; users will have to wait for the next release for these). I expect this to be the last upload before the release. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach diff against the package in testing [ Other info ] I’ve again attached a diff of the unpacked package instead of a debdiff because I use single-debian-patch and develop in VCS. I’ve commented the diff, so it’s easier to map the hunks to the changes listed. unblock mksh/59c-9 --- End Message --- --- Begin Message --- Unblocked, but can only migrate after linux (#990897).--- End Message ---
Bug#991200: unblock: python2.7/2.7.18-8
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: Andreas Beckmann Please unblock python2.7/2.7.18-8, just adding some breaks for smoother upgrades as requested in #990520. No code changes. The debdiff is in the bug report.
Bug#990968: marked as done (unblock: apache2/2.4.48-3.1)
Your message dated Sat, 17 Jul 2021 10:32:16 +0200 with message-id and subject line Re: Bug#990968: unblock: apache2/2.4.48-3.1 has caused the Debian Bug report #990968, regarding unblock: apache2/2.4.48-3.1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 990968: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990968 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: t...@mirbsd.de Please unblock package apache2 [ Reason ] Fixes #990580 which is a regression caused by the changes from #979813. [ Impact ] Sysadmins will get hundreds of eMails each night, become angry and storm Debian HQ with torches and putforks and… erm well insert your favourite upraising scenatio. [ Tests ] The updated package fixes the issue for me, and the cause was identified by kilobyte, so it’s seen two eyepairs at least. [ Risks ] Trivial fix to a logrotate script. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] unblock apache2/2.4.48-3.1 diff -Nru apache2-2.4.48/debian/apache2.logrotate apache2-2.4.48/debian/apache2.logrotate --- apache2-2.4.48/debian/apache2.logrotate 2021-06-20 13:55:24.0 +0200 +++ apache2-2.4.48/debian/apache2.logrotate 2021-07-10 23:31:24.0 +0200 @@ -14,7 +14,7 @@ endscript postrotate if pgrep -f ^/usr/sbin/apache2 > /dev/null; then - invoke-rc.d apache2 reload + invoke-rc.d apache2 reload 2>&1 | logger -t apache2.logrotate fi endscript } diff -Nru apache2-2.4.48/debian/changelog apache2-2.4.48/debian/changelog --- apache2-2.4.48/debian/changelog 2021-06-20 16:39:33.0 +0200 +++ apache2-2.4.48/debian/changelog 2021-07-10 23:31:28.0 +0200 @@ -1,3 +1,11 @@ +apache2 (2.4.48-3.1) unstable; urgency=medium + + * Non-maintainer upload. + * Direct init script reload output from logrotate to syslog, to +avoid mail-spamming the local admin (Closes: #990580) + + -- Thorsten Glaser Sat, 10 Jul 2021 23:31:28 +0200 + apache2 (2.4.48-3) unstable; urgency=medium * Fix debian/changelog --- End Message --- --- Begin Message --- On Sun, 11 Jul 2021 at 22:45, Thorsten Glaser wrote: > Sysadmins will get hundreds of eMails each night, become angry and > storm Debian HQ with torches and putforks and… erm well insert your > favourite upraising scenatio. Let's try to avoid that! Unblocked.--- End Message ---
Bug#990788: marked as done (unblock: llvm-toolchain-9/1:9.0.1-16.1)
Your message dated Sat, 17 Jul 2021 10:20:27 +0200 with message-id and subject line Re: Bug#990788: unblock: llvm-toolchain-9/1:9.0.1-17 (pre-approval) has caused the Debian Bug report #990788, regarding unblock: llvm-toolchain-9/1:9.0.1-16.1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 990788: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990788 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package llvm-toolchain-9 Hi, I'd like to drop the Recommends: libomp-9-dev from clang-9 libomp-*-dev are not co-installable and libomp-dev depends on libomp-11-dev. Having the Recomends on the non-default libomp-9-dev causes many upgrade scenarios from buster with --install-recommends enabled and libomp-dev installed to keep libomp-dev at the buster version (and therefore libomp-7-dev installed) if some bullseye package involved is built against clang-9 instead of clang-11. With this Recommends dropped, libomp-dev always gets upgraded to the bullseye version and libomp-11-dev gets installed. The clang-9 bug is #990452 Andreas unblock llvm-toolchain-9/1:9.0.1-17 diff -Nru llvm-toolchain-9-9.0.1/debian/changelog llvm-toolchain-9-9.0.1/debian/changelog --- llvm-toolchain-9-9.0.1/debian/changelog 2021-01-08 12:48:25.0 +0100 +++ llvm-toolchain-9-9.0.1/debian/changelog 2021-06-28 20:41:14.0 +0200 @@ -1,3 +1,11 @@ +llvm-toolchain-9 (1:9.0.1-17) UNRELEASED; urgency=medium + + * clang-9: Drop Recommends: libomp-9-dev which is not co-installable with +libomp-11-dev (and libomp-dev) for smoother upgrades of libomp-dev from +buster to bullseye. (Closes: #-1) + + -- Andreas Beckmann Mon, 28 Jun 2021 20:41:14 +0200 + llvm-toolchain-9 (1:9.0.1-16) unstable; urgency=medium [ Adrian Bunk ] diff -Nru llvm-toolchain-9-9.0.1/debian/control llvm-toolchain-9-9.0.1/debian/control --- llvm-toolchain-9-9.0.1/debian/control 2021-01-08 12:48:25.0 +0100 +++ llvm-toolchain-9-9.0.1/debian/control 2021-06-28 20:41:14.0 +0200 @@ -34,7 +34,8 @@ ${dep:devlibs-objc}, libclang-common-9-dev (= ${binary:Version}), libclang-cpp9 (= ${binary:Version}), libc6-dev, binutils Provides: c-compiler, objc-compiler, c++-compiler -Recommends: llvm-9-dev, python3, libomp-9-dev +Recommends: llvm-9-dev, python3, +# libomp-9-dev Suggests: clang-9-doc Description: C, C++ and Objective-C compiler Clang project is a C, C++, Objective C and Objective C++ front-end --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Bug#991165: marked as done (RM: compass-yui-plugin/0~20100724-4)
Your message dated Sat, 17 Jul 2021 10:15:32 +0200 with message-id and subject line Re: Bug#991162: RM: compass-singularitygs-plugin/1.8.0-1 has caused the Debian Bug report #991165, regarding RM: compass-yui-plugin/0~20100724-4 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991165: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991165 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Please drop compass-yui-plugin from Debian testing. It is dead upstream and obsoleted by newer major YUI releases. Last dependency, debian-design, dropped its dependency few days ago. -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAmDxVowACgkQLHwxRsGg ASEsNA//UI4BOdreODXSKgL/NA2H1Z8xDXnfzi3brxpmyfWV8lYn/9nQqG1l/3/d kf7GjScsWbH0Bap7d4G4zFTb8DfEF1JmBRkE8MrVT0KABiCiR12+rlLPNsFrAleA qo5NDgRsU+3QVxVj8feV2eg2MHTRziBjfg4qF/kGy46Avk7BvDc6GGQ+XwCCwI/i YNN4bCX8T6zyotSHRrv+aK6TaQQ0B6c7KnqLWI85z9PLLfCguvR1lwkZ/ejcdK77 ROAgpGVJIBS74pF5lLKdvDOz58BZt/CrEevcNCAAalU0IgjUbIk9zbL8vlgjubCz SpOvaSfa+yPdSCUFtmwGf+Te7hOuflGG1NEgRZKXB23XG3eWbKtikrsfo8peVFab iVPIc80jp1FWbQY/9YzZsyN+HqQixdO9HDkDeK6e/u2sm0dhA7gmP3EbM9rHm81b x7IWi8v+2ORFpGmyl8+sqprjVUL8jU1YThCeAfzbK4dPZ3ozZq61Dc5xs+Qw16Gt apYJUXZAuS0eDd6VlLGOnF9G3CdSqbwIUIhj4U5vUvxBXWaUj8jyZg/+Ecuk7f6m 42aUVb0qIw7OkExP8KA6RhQPRuTwYeMX719eHUFgmcSiLwM8EQyLFqRA4j6qWwE9 N0gT5k/SLq0wNrgkrbtpVR0Ti/V71XkEmtr4Z3yy3U811JR6hOo= =Cl/8 -END PGP SIGNATURE- --- End Message --- --- Begin Message --- Removed.--- End Message ---
Bug#991164: marked as done (RM: compass-slickmap-plugin/0.5.1.1-5)
Your message dated Sat, 17 Jul 2021 10:15:32 +0200 with message-id and subject line Re: Bug#991162: RM: compass-singularitygs-plugin/1.8.0-1 has caused the Debian Bug report #991164, regarding RM: compass-slickmap-plugin/0.5.1.1-5 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991164: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991164 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Please drop compass-slickmap-plugin from Debian testing. It is dead upstream and has little if any use with modern Sass tools (it has closer ties to ruby-sass which is also dead upstream but unfortunately cannot be dropped yet due to reverse dependencies). Last dependency, debian-design, dropped its dependency few days ago. -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAmDxVlAACgkQLHwxRsGg ASG+QA/+KttDnbsflcIvAsCzVfZnEGdlG3Ep6PiCLNf/kGGB94G0BK98aj9+AL62 PMIwuopMUiw4dBvJ4IgxEDqSBeYCFqUNB2OEtlLKFPwBf2TqOxpGcJ8kfyWSHmxb jIy+yiYiAi5xyRpnPKa8vlmyIXuCG4CzupHctQ6NwM5Kx9orRjEZ4hQoeakd7hR2 PVPZsr3fvBToejdalQUeDzneO2RvRyaomw26rInVFLw9XEWEtM/lOkrNjRrMD84m b+72btX5zaTmfKWRzCVPvlzmF0CP8NgHaV9khXSkovST9cZrGBMrp6lJibAX2psb CUhbr6vjEMkOUxPrVhey612FzSx3cNZzpl69gA3ZEvrkO2fkgR2ALUcwbyJ0M61A JiMAV5mETxzxb3k6cHWtdIwrVUj3XMKL1Hx+pwgjEpj6y0PIaI0W3SQ3iPPFet8e Aqo2jcM3JKq9wN5ma7XpWhT7n83K/X5qlPAMp7s8sFERE20anSG0VxmTJn+PrrKF xki8hYt+7mPwqdL3HB6naECyuyHfSAwzmatC9xK2X0RcrcNp7R5rHWW2eVYTuTRH HIHX6C21I1pR/IAela6H0H/9ETnzOY6z79P0pR9sZ61/6GfuIGRWqGx25/b3DnJx uzWxSFiDptfYrU2rekQquPBt527cPDlV68/f1whpHb+1VrakLjk= =V71c -END PGP SIGNATURE- --- End Message --- --- Begin Message --- Removed.--- End Message ---
Bug#991163: marked as done (RM: compass-susy-plugin/2.2.12-1.1)
Your message dated Sat, 17 Jul 2021 10:15:32 +0200 with message-id and subject line Re: Bug#991162: RM: compass-singularitygs-plugin/1.8.0-1 has caused the Debian Bug report #991163, regarding RM: compass-susy-plugin/2.2.12-1.1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991163: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991163 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Please drop compass-susy-plugin from Debian testing. It is dead upstream and obsoleted by newer CSS3 Grid techniques. Last dependency, debian-design, dropped its dependency few days ago. -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAmDxVd4ACgkQLHwxRsGg ASGbRQ//YS9UYzgPHozwOmwZoMdmQC8NnwlfLXITfmvGBez5BvNSH2NhgEaHq1sN DBSvK1T+EQgi9XesgKkzxFftax1bnZC9R5n/Wt70z2ImQMk9dFp7ckl3HQ67I2Ir MQudkZFjXYyEJPSp95fzK1cUqkOtzidOWEnnbEXffv1t5CIOaLOd1rh1Par7y7En GuDnYcNq6JR+2lEzjP1Rlupl7PHghBjwphUvXqXo8q7vyxfClTrh4BF2a2hqIqJb 9GKUr72wiKmX66HvTo75mWT8WLPoEEMD7yCPU0Otb2RLA6kM7tXIKu3PUpMsSpWR ohIAWtcLaEKcUCTBgwSM8a+9alrfBByCXfWmli/seC1v5i868h3NmFb9EH5Ylf+h CAm1BS4TbSViwv7TrIcxElchhZgjaZP9HDfZNr5/C6cle0ae2xFBOZFPJxxUB2x6 NMh7nSzkJeheuTJ2QizYS4OZ7clZ+OBp1ZFjeBRaKGAqnd/MPPlavrmYRgAytPoi p5biCxA6A2uaKMhkWDTf2WYQTTqkcLLXsMjtomrK5cUDkqFdI3W7Sz9AUKgQVJ70 Zu6XJ1y84RXAy6bsVW2IfrT+buwfGwpKNDKH4beXi0czvVFb9su4B3f8EdTMA7Lu 16m1wVI1rulXpgzalUyhDy5GByWTFLQUZ/AwNbvIGN4o5v7yA+U= =/t8U -END PGP SIGNATURE- --- End Message --- --- Begin Message --- Removed.--- End Message ---
Bug#991162: marked as done (RM: compass-singularitygs-plugin/1.8.0-1)
Your message dated Sat, 17 Jul 2021 10:15:32 +0200 with message-id and subject line Re: Bug#991162: RM: compass-singularitygs-plugin/1.8.0-1 has caused the Debian Bug report #991162, regarding RM: compass-singularitygs-plugin/1.8.0-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991162: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991162 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Please drop compass-singularitygs-plugin from Debian testing. It is dead upstream and obsoleted by newer CSS3 Grid techniques. Last dependency, debian-design, dropped its dependency few days ago. - Jonas -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAmDxVYoACgkQLHwxRsGg ASHBNg//VvBv8OcMWcBp5EAu+r+q2O3iLJKGMBKb5WL/inrRikEoC7pZ+pkqm/RZ pcC6qUaHtnRkej60YTdX33o6Tm9a7SO3jB7UW0BEh/HQrLB3GZ3pxwAUaK1mQ8Gs c7ZSy6c/rNlFe16ZJpQHpT9/2VSZihwzBMAyko9xluZ4Y5yvSaE6backKArIaHrh Amgn07znwmLwy+tad7uvC3MF0kgNLqhwJ2i0L9wqSwhfwMprGhi4HWLzabB3V3QQ BjOckVjv1Wl3qTeEzceT9pmLx24ozxZWASSShLJLBeLEug4jYCfFam5txPYIO+XI q/zjvOdaAyXwg8A63FR7RlLeySW2yXdB/QJ49eoGhy5rPJByy+CKdBHd8V1Fpqbb A18yfgOo+XjhV49pJdxDOYJR+owoTWMhgxqh8BPP2bm2ZhxAnToskIc5QshOvZGF zbtH0YTq+vcWtpyeY5GTExi0sZqxTYR9oc7xGzm7KWPGf8ZT6CiI9GkrkbbLY5cv uswrbB1xeq/QtjgED7RZvt6KvWtoQj5yxlxnifOONFWlnqQnKhuKOzWeSt5FSrb9 Goxvpk7ANI++veIjjeQWPAPjqmRxZaP7S5mbN0hK7SYuSpD3IlLqtx3/gCyq03S2 RolJ9OOVgr5cESsOyRx3Yr1TR8/c28mM5ijkIegxvdw4y0+BTAk= =Q95r -END PGP SIGNATURE- --- End Message --- --- Begin Message --- Removed.--- End Message ---