Bug#858892: unblock: haproxy/1.7.4-1

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hey! We would like to upload HAProxy 1.7.4 to unstable. This is mostly a bugfix only release (1.7 is the current stable branch). Upstream

Bug#858887: hyperscan: please backport hyperscan 4.4.0-1 to jessie-backports

Hi Arturo, I'll reply to this as I have prepared hyperscan backports before. > I would like to backport suricata 3.2.1-1 to jessie-backports but it depends > on hyperscan >= 4.4.0. Therefore I would ask you to update the hyperscan > version 4.3.1-1~bpo8+1 currently living in jessie-backports to

Bug#858138: kdenlive: Segmentation fault with Affine and Composition transitions

tag #858138 + upstream forwarded #858138 https://bugs.kde.org/show_bug.cgi?id=376433 thanks Am 16.03.2017 um 10:48 schrieb JAMES SUNDERLAND: > > Package: kdenlive > > Version: 16.12.2-1 > > Severity: normal Dear Maintainer, > > Kdenlive crashes with combination of "composite" and "affine"

Bug#858891: unblock: non-free otrs2/5.0.17-1

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package otrs2 diff -Naur '--exclude=.svn' 5.0.16-1/debian/changelog 5.0.17-1/debian/changelog --- 5.0.16-1/debian/changelog 2017-01-24 12:35:19.080487907 +0100 +++

Bug#858856: [Pkg-javascript-devel] Bug#858856: node-handlebars: Does not load

On Tue, Mar 28, 2017 at 02:54:55PM +0530, Pirate Praveen wrote: > Control: severity -1 important Fine. > On Tuesday 28 March 2017 12:58 AM, Andreas Tille wrote: > > I've set Severity grave since the module can not be used > > at all if it does not load. > > The current use of this package is

Bug#647628: pstotext: internal error 202

> I can't reproduce this anymore on up-to-date unstable. Is this still > happening for you? Not any more. Thank you for the fix! -- Laurent.

Bug#857295: [pkg-lxc-devel] Bug#857295: Bug#857295: Info received ([oss-security] LXC: CVE-2017-5985: lxc-user-nic didn't verify network namespace ownership)

Hi Evgeni, First of all, thank you for posting the detailed steps you used to reproduce a working config, which is by far the best explanation on how to set up LXC for running Debian 8 on top of Debian 8 I have seen yet. To answer your questions, yes I've been using Jessie's libvirt package

Bug#858835: python-lockfile: TypeError when python-daemon uses LinkFileLock

Hi Neil, On Tue, Mar 28, 2017 at 09:29:08AM +0100, Neil Williams wrote: > affects 858835 python-daemon > thanks > > On Tue, 28 Mar 2017 09:21:27 +1100 > Ben Finney wrote: > > > On 27-Mar-2017, Neil Williams wrote: > > > > > root@sylvester:/# apt-get -t jessie-backports

Bug#832128: freespace2: Bad symlinks /usr/games/fs2_open{,_DEBUG}

Control: tags 832128 + patch On Tue, 28 Mar 2017 at 09:35:27 +0100, Simon McVittie wrote: > On Fri, 22 Jul 2016 at 16:33:02 +0100, Edward Allcutt wrote: > > The current package contains symlinks such as > >/usr/games/fs2_open -> fs2_open_3.7.2+repack-1+b1 > > where the target doesn't exist. >

Bug#858260: Help needed for pandas bug: Could anybody verify the suspicion that tzdata might have some influence?

tags 858260 help thanks Hi, I admit that when reading the bug report I have no idea how to fix it. I can confirm that I can reproduce the issue in a recent unstable chroot. I have added maintainers of tzdata, Debian Science and Debian mentors in CC - just hoping for any helpful hint. Kind

Bug#857522: libbind-export-dev: broken symlinks: /usr/lib/x86_64-linux-gnu/liblwres-export.so -> /lib/x86_64-linux-gnu/liblwres-export.so.141, /usr/lib/x86_64-linux-gnu/libbind9.so -> libbind9.so.140.

On 2017-03-27 23:53, Adrian Bunk wrote: >> On Sun, Mar 12, 2017 at 1:26 AM, Andreas Beckmann wrote: >>> /usr/lib/x86_64-linux-gnu/liblwres-export.so -> >>> /lib/x86_64-linux-gnu/liblwres-export.so.141 >>> /usr/lib/x86_64-linux-gnu/libbind9.so -> libbind9.so.140.0.10 >> >> These are mistakenly

Bug#858890: gnat-6: missing dependency on the gcc package ?

Package: gnat-6 Version: 6.3.0-10 Severity: normal Dear Maintainer, I encountered this issue on a newly installed system while performing basic ada programming, a simple hello world triggers the following situation. What led up to the situation? Installing gnat and trying to compile a simple

Bug#857910: gsequencer: GObject::dispose() is not implemented

Package: src:gsequencer Followup-For: Bug #857910 Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? * What exactly did you do (or not do) that was effective (or ineffective)? * What was the outcome of

Bug#858856: [Pkg-javascript-devel] Bug#858856: node-handlebars: Does not load

Control: severity -1 important On Tuesday 28 March 2017 12:58 AM, Andreas Tille wrote: > I've set Severity grave since the module can not be used > at all if it does not load. The current use of this package is to provide source code for ruby-handlebars-assets. Since babel is not packaged yet,

Bug#852251: libregex-clojure: Version upgrade request to 1.1.0

Hi Elana, Le 28/03/2017 à 05:34, Elana Hashman a écrit : > I've taken a look at the packaging of the current version and it appears > to use maven. I'd like to help upgrade it, but I've never made a maven > package before. Thank you fo offering your help. I got a look at the package and it

Bug#858889: nbd-server ignores listenaddr in configuration file

Package: nbd-server Version: 1:3.15.2-2 Severity: important nbd-server silently ignores listenaddr in configuration file and listen on '*'. Steps to reproduce: 1. Set up configuration with listenaddr = 127.0.0.1 (see example below) 2. Run nbd-server Expected result: `netstat -lnp|grep nbd`

Bug#857770: src:postgresql-debversion: please provide a unversioned binary package

Re: Antonio Terceiro 2017-03-27 <20170327152137.23l7vyrunt5pm...@debian.org> > We do exactly that in Ruby, and it is manageable. When the set of > supported versions change, we update the list in a central place > (ruby-defaults), and binNMU/fix existing modules. We also make the > dependencies in

Bug#858888: flashplugin-nonfree: wget tries to download old version

Package: flashplugin-nonfree Version: 1:3.6.1+deb8u1 Severity: important Dear Maintainer, update-flashplugin-nonfree found a new version of plugin: # update-flashplugin-nonfree --status Flash Player version installed on this system : Flash Player version available on upstream site: 25.0.0.127

Bug#858887: hyperscan: please backport hyperscan 4.4.0-1 to jessie-backports

Source: hyperscan Version: 4.4.0-1 Severity: wishlist Dear maintainers, thanks for your work with the hyperscan package in debian, it's really appreciated. I would like to backport suricata 3.2.1-1 to jessie-backports but it depends on hyperscan >= 4.4.0. Therefore I would ask you to update the

Bug#858886: freeipmi-tools: Exit code 1 and "ipmi_sensor_read: success" message on stdout

Package: freeipmi-tools Version: 1.4.5-3 Severity: important When running ipmi-sensors as root on a Dell DSS7500 server, it outputs good info on stdout but exit code 1 is returned from the binary. This is obviously a problem for example when using it with nagios that uses the exit code in order

Bug#857910: gsequencer: GObject::dispose() is not implemented

severity -1 serious thanks. Message-ID: <149069136526.17474.11614453442888250327.reportbug@xenakis.iemnet> X-Mailer: reportbug 7.1.5 Date: Tue, 28 Mar 2017 10:56:05 +0200 Package: src:gsequencer Followup-For: Bug #857910 justification: gsequencer appears to be not-yet releasable. after a major

Bug#857343: #857343: logback deserialization vulnerability

Control: retitle -1 logback: CVE-2017-5929: serialization vulnerability affecting the SocketServer and ServerSocketReceiver components Hi Markus, On Tue, Mar 28, 2017 at 09:41:30AM +0200, Markus Koschany wrote: > Hello security team, > > apparently logback < 1.2.0 is vulnerable to a

Bug#430951: Please support linux-vserver

On Fri, Jan 06, 2017 at 11:38:24AM +0300, Dmitry Bogatov wrote: > > Package: runit > > Version: 1.7.2-1 > > Severity: wishlist > > > > Hi, > > > > it would be great to be able to use runit to supervise processes running in > > vserver guests. > > > > Using a kludge, this is already sort of

Bug#852149: firefox-esr: Success and duplication

Many thanks. I stay careful, at next uploads of both Firefox and Thunderbird, I'll see the fixes. Best regards, Le 28/03/2017 à 10:21, Carsten Schoenert a écrit : > On Tue, Mar 28, 2017 at 08:24:58AM +0200, Jean-Philippe MENGUAL wrote: > ... >> The crash seems to be fixed in the release

Bug#857343: #857343: logback deserialization vulnerability

On Mar/28, Markus Koschany wrote: > apparently logback < 1.2.0 is vulnerable to a deserialization issue. > They announced it on February 8th 2017 but it appears no CVE has been > assigned yet. [1] Fixing commit is at [2] The bug reporter claims it is > the same issue as CVE-2015-6420 but I cannot

Bug#355607: svlogd: please support hierarchical configuration

On Fri, Jan 06, 2017 at 11:38:19AM +0300, Dmitry Bogatov wrote: > > part text/plain1518 > > Package: runit > > Version: 1.3.3-1 > > Severity: wishlist > > > > Hi, > > > > I'm using socklog and svlogd to manage logs coming in from several boxes via > > UDP. > > > >

Bug#858768: apparmor: CVE-2017-6507

Antoine Beaupre: > Here's some more information about that security issue that I could > gleam from testing and other sources. Thanks! I intend to work on this today, but certainly wouldn't mind if one of my team-mates took the lead on it (after coordinating with me so we avoid duplicating work

Bug#858867: diffoscope: please support pcap files

tags 858867 + pending thanks Implemented in Git: https://anonscm.debian.org/git/reproducible/diffoscope.git/commit/?id=c5d01341055d0aa0552d08725a6b8e44255b0374 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#832128: freespace2: Bad symlinks /usr/games/fs2_open{,_DEBUG}

On Fri, 22 Jul 2016 at 16:33:02 +0100, Edward Allcutt wrote: > The current package contains symlinks such as >/usr/games/fs2_open -> fs2_open_3.7.2+repack-1+b1 > where the target doesn't exist. This was tagged pending last July, but I don't see any work-in-progress in pkg-games git, so I'm

Bug#858885: tests fail with libcmocka-dev 0.4.1-2

Source: socket-wrapper Version: 1.1.7-1 Severity: serious Tags: patch Justification: fails to build from source (but built successfully in the past) Preparing a backport of libsocket-wrapper to stable, I noticed that it won't build with the stated build-dependency of libcmocka-dev 0.4.1. The last

Bug#858875: dict-gcide: 0.48.3 misbuild: missing all words that begin with [ao]

Control: tag -1 +confirmed Thank you fore reporting this bug. I am not sure which version has caused this problem. Perhaps the first step would be to pick older versions from snapshot.debian.org and try. On Tue, 2017-03-28 at 16:20 +1100, pmoulder wrote: > Package: dict-gcide > Version: 0.48.3

Bug#858884: nfs-common : mounting is done before network time adjustment

Package: nfs-common Version: 1:1.3.4-2.1 Dear maintainer, here is what I see in journalctl (/users is a Kerberos NFS mount point): Mar 28 09:55:57 file-info2 systemd[1]: Mounted /users. Mar 28 09:55:57 file-info2 systemd[1]: Started /etc/rc.local Compatibility. Mar 28 09:55:57 file-info2

Bug#858700: libatk-wrapper-jni crashes Netbeans

> If you have some time to spare could you tell us how you > trigger the crash and retry with debugging symbols installed? I haven't > found a reliable way to do it yet. I don't know how to reproduce it. Basically I just use netbeans. That means I have a few projects as well as a bunch of files

Bug#852149: firefox-esr: Success and duplication

On Tue, Mar 28, 2017 at 08:24:58AM +0200, Jean-Philippe MENGUAL wrote: ... > The crash seems to be fixed in the release up@to-dated. Do we have a chance > to have this fix in Stretch? > > Mooreover, the problem appears as well in Thouddrbird which has just been > uploaded to stretch. What should

Bug#830876: lua love 0.10.2 is out

Hi, I've been working on this (as a depedency of MrRescue); but couldn't finish it before the freeze. New maintainers are always needed :-) Feel free to take over existing work-in-progress. >From the top of my mind I do remember that the debian/copyright file was still needing work.

Bug#858883: nslcd : missing symbols : _nss_ldap_version and _nss_ldap_enablelookups

Package: nslcd Version: 0.9.7-2 Dear maintainer, here is the problem: # journalctl | grep nslcd Mar 28 09:55:57 file-info2 nslcd[509]: Starting LDAP connection daemon: nslcdnslcd: Warning: NSS_LDAP version missing: /lib/x86_64-linux-gnu/libnss_ldap.so.2: undefined symbol: _nss_ldap_version

Bug#858835: python-lockfile: TypeError when python-daemon uses LinkFileLock

Control: reassign -1 python-daemon Control: retitle -1 python-daemon: Incompatible with ‘python-lockfile’ >= 0.9 Control: found -1 python-daemon/1.5.5-1 Control: fixed -1 python-daemon/2.0.5-1 On 28-Mar-2017, Ben Finney wrote: > There's the problem. ‘python-daemon’ version 1.5.5 is not compatible

Bug#852149: firefox-esr: Success and duplication

On Tue, Mar 28, 2017 at 08:24:58AM +0200, Jean-Philippe MENGUAL wrote: > Package: firefox-esr > Followup-For: Bug #852149 > > Dear Maintainer, > > The crash seems to be fixed in the release up@to-dated. Do we have a chance > to have this fix in Stretch? Can you be more explicit what you mean by

Bug#830876: lua love 0.10.2 is out

Am 28.03.2017 um 09:59 schrieb Francisco Gómez García: > Package: love > Version: 0.9.1-4 > Followup-For: Bug #830876 > > Dear Maintainers, > > It's been about two years since LÖVE 0.9.1 was released, and it's already on > version 0.10.2, which is not fully compatible with 0.9.x. It is, thus, >

Bug#858882: r-cran-rcppgsl: Missing dependency libgsl-dev

Package: r-cran-rcppgsl Version: 0.3.2-1 Severity: grave Tags: patch Justification: renders package unusable [ Release team see below how to deal with newer upstream version in unstable than in testing ] Dear Maintainer, *** Reporter, please consider answering these questions, where

Bug#858525: libjack-jackd2-dev: Depend on jackd2

On Mon, Mar 27, 2017 at 11:22:41PM -0400, Reinhard Tartler wrote: > I think the approach of adding a 'depends' to jackd2 is the simplest. > Moving the shared library to the -dev packages doesn't work, because > /usr/bin/jackd2 and netserver.so link against it. Why not moving the file to

Bug#830876: lua love 0.10.2 is out

Package: love Version: 0.9.1-4 Followup-For: Bug #830876 Dear Maintainers, It's been about two years since LÖVE 0.9.1 was released, and it's already on version 0.10.2, which is not fully compatible with 0.9.x. It is, thus, important to get the new version properly packaged. Why is it? If new

Bug#858655: Please move Java dependencies to libreoffice-java-common

On Tue, 2017 Mar 28 08:36+0200, Rene Engelhard wrote: > > > > > That installation would fail with a non clear message if the Java > > > support is not there. -> Bad. > > > > > > We had that "fun" in the past... > > > > So, there are Java-based LibreOffice extension packages that do not > >

Bug#858655: Please move Java dependencies to libreoffice-java-common

On Tue, Mar 28, 2017 at 03:28:31AM -0400, Daniel Richard G. wrote: > On Tue, 2017 Mar 28 08:36+0200, Rene Engelhard wrote: > > > > > > > That installation would fail with a non clear message if the Java > > > > support is not there. -> Bad. > > > > > > > > We had that "fun" in the past... > > > >

Bug#832566: systemd-machined breaks automounting nfs shares

Hello Michael, The KVM domain is "auto-started" by libvirtd, and that appears to result in systemd-machined starting up. Stopping systemd-machined, then stopping and re-starting the virtual machine using virsh causes systemd-machined to restart along with it. I've tried both disabling and

Bug#857343: #857343: logback deserialization vulnerability

Hello security team, apparently logback < 1.2.0 is vulnerable to a deserialization issue. They announced it on February 8th 2017 but it appears no CVE has been assigned yet. [1] Fixing commit is at [2] The bug reporter claims it is the same issue as CVE-2015-6420 but I cannot verify that at the

Bug#845751: patch backported to gcc-6 available

I see upstream has a patch for gcc-6 . Would it be possible to import it ? Thanks, F. pgpqSD_OZqxpy.pgp Description: PGP signature

Bug#858260: pandas: FTBFS (pandas.tests.test_multilevel.TestMultiLevel fails)

Looking into ci.debian.net, the new failure appears for the first time on 2017-03-14: https://ci.debian.net/data/packages/unstable/amd64/p/pandas/20170314_082050.autopkgtest.log.gz The debci log also shows an update of tzdata for this time:

Bug#858881: CI test fails (pandas.tools.tests.test_util.TestLocaleUtils)

Package: src:pandas Version: 0.19.2-5 Severity: important Hi, since quite a while, the CI test for Pandas fails: == FAIL: test_set_locale (pandas.tools.tests.test_util.TestLocaleUtils)

Bug#858880: cinnamon: Sometimes 100% CPU after starting

Package: cinnamon Version: 3.0.4-2~bpo8+1 Severity: normal Dear Maintainer, I had to make a laptop for many users with autologin, and wanted to use Cinnamon. I have used Debian 9 RC2 and the latest updates available on 2017-3-27. I have seen many times that Cinnamon used 100% CPU after the

Bug#792416: po4a: Remove support for broken timezone names

Hello, as you can see, I fixed this bug without integrating your patch. This is because po4a is only a parser, not a generator of such files. There is nothing we can do to fix the debian changelog files. Instead, we must deal with all variants of such files. Your change would have make po4a

Bug#848669: devhelp: Unusably slow

Hi, I seem to me that the slowness I've seen isn't devhelp, but webkit2 / webkit2gtk. WEBKIT_DISABLE_COMPOSITING_MODE=1 helped a lot. ref. https://lists.webkit.org/pipermail/webkit-gtk/2016-September/002803.html -- yashi

Bug#858500: diff NMU for sanlock_3.3.0-2.1

Anton Gladky writes: > If you are agree with this upload, I can reschedule it to day/0 and > let it be built right now. Yes, I agree. Thanks, Milan

Bug#857067: Excluding arch s390x for dsdp?

Control: tags -1 patch Hi Andreas and all, it seems that this bug is fixed in Ubuntu; at least there is a quite careful analysis: https://bugs.launchpad.net/ubuntu/+source/dsdp/+bug/1543982 I attach the complete patch; it needs some minor clean-up, but is a good candidate to solve this.

Bug#834392: icedove: Random SIGSEGV in icedove - null pointer (morkNode::SlotStrongNode)

Package: thunderbird Version: 1:45.8.0-2 Followup-For: Bug #834392 Using IMAP server. Browsing and deleting new e-mails. GNU DDD 3.3.12 (x86_64-pc-linux-gnu), by Dorothea LReading symbols from /usr/lib/thunderbird/thunderbird...Reading symbols from /usr/lib/debug/.build-

Bug#858655: Please move Java dependencies to libreoffice-java-common

On Tue, Mar 28, 2017 at 01:49:04AM -0400, Daniel Richard G. wrote: > On Mon, 2017 Mar 27 11:01+0200, Rene Engelhard wrote: > > > > The metapackage is supposed to install (mostly) everything. > > > > This includes the Java stuff. > > > > Think of people wanting to install extensions (which happen

Bug#858879: ITP: ruby-doorkeeper-openid-connect -- OpenID Connect extension for Doorkeeper

package: wnpp severity: wishlist owner: Pirate Praveen from rubygems.org/gems/doorkeeper-openid_connect signature.asc Description: OpenPGP digital signature

Bug#858832: [wea...@debian.org: Bug#858832: calls efibootmgr with invalid options]

On Mon, 27 Mar 2017, Andrei Borzenkov wrote: > 27.03.2017 15:41, Colin Watson пишет: > > I guess that the attached bug happens because grub_install_register_efi > > is called on non-biosdisk-ish systems but uses > > grub_util_biosdisk_get_osdev to get an OS device name for > >

Bug#857067: Excluding arch s390x for dsdp?

Hi s390 porters, I admit I have no better clue than excluding s390x from the list of architectures to fix bug #857067. Do you see any better option since this would as well exclude some rdepends of libdsdp-5.8gf like python-cvxopt python-openopt python-statsmodels sagemath

Bug#852149: firefox-esr: Success and duplication

Package: firefox-esr Followup-For: Bug #852149 Dear Maintainer, The crash seems to be fixed in the release up@to-dated. Do we have a chance to have this fix in Stretch? Mooreover, the problem appears as well in Thouddrbird which has just been uploaded to stretch. What should I do? Report a bug?

Bug#706656: [3dprinter-general] Bug#706656: ITP: cura -- Controller for 3D printers

And here's my (updated) response to Rock's comments: > libArcus > > > debian/changelog > > > * There seems to be a line in the changelog that is too long, it'd be >nice to split it into two so it fits into the "80 character limit". Done. > * Typically, new

Bug#858305: [Python-modules-team] Bug#858305: celeryd: celerdy should depend on python-celery-common?

Nish Aravamudan writes: > I was able to verify the updated package in unstable has the correct > dependencies and when 'celeryd' is installed, the appropriate binaries > `celery` and `celeryd` are avaiable. Thanks for the confirmation. Unblock request sent:

Bug#858878: debianutils: [INTL:it] Updated Italian translation of debianutils doc (po4a)

Source: debianutils Version: 4.8.1 Severity: wishlist Tags: l10n patch Hi, please find attached the updated Italian translation of debianutils docs (po4a). Please include it in your next upload. Beatrice # Italian translation of debianutils man pages # Copyright (C) 2017 Free Software

<    1   2   3