Bug#954061: RM: uswsusp -- RoQA; Dead upstream, unmaintained

Package: ftp.debian.org Severity: normal Hi, please consider removing uswsusp from the archive. It's dead upstream and also no longer properly maintained in Debian. Nowadays, the kernel provided suspend and hibernate functionality is preferred and should be used instead.

Bug#920383: RFP: elpa-git-gutter-fringe -- provide git diff alongside opened files in Emacs

Hi Antoine, On Thu, Feb 07, 2019 at 04:43:26PM -0700, Nicholas D Steeves wrote: > On Thu, Jan 24, 2019 at 05:09:43PM -0500, Antoine Beaupre wrote: > > > > This would probably require packaging `git-gutter` first, as it's a > > dependency. I think. > > > > I would love if the emacsen team would

Bug#936480: empy: diff for NMU version 3.3.2-5.1

Control: tags 936480 + patch Dear maintainer, I've prepared an NMU for empy (versioned as 3.3.2-5.1). The diff is attached to this message. Regards. diff -Nru empy-3.3.2/debian/changelog empy-3.3.2/debian/changelog --- empy-3.3.2/debian/changelog 2020-02-17 14:56:03.0 -0500 +++

Bug#954060: node-unicode-data: Uses missing emoji files in unicode-data 13.0

Source: node-unicode-data Version: 0~20190709+git706d06c0-4 Severity: important Hello, I found node-unicode-data used emoji-*.txt files which have been removed from unicode-data in upstream version 13.0. (#953795) debian/rules:19:ln -s $(UNICODE)/emoji/emoji-sequences.txt

Bug#954059: libmenlo-perl: Please verify server identity via SSL

Package: libmenlo-perl Severity: important Dear maintainer, In the module lib/Menlo/Index/MetaCPAN.pm, your package performs a download from a secure URL but does not enable server verification in HTTP::Tinyish. I believe the encryption of a transmission has no value when talking to the wrong

Bug#954058: libhttp-tinyish-perl: Please verify server identity via SSL

Package: libhttp-tinyish-perl Severity: important Dear maintainer, Your package performs downloads that are presumed to be secure via https:// but does not verify any server certificates. I believe the encryption of a transmission has no value when talking to the wrong person. Users of your

Bug#954053: Issue closed

Hello,  It was a problem in my own system. Please consider to close this bug. I've commented  inside  /etc/nsswitch.conf file option "netgroup", I've removed unknown from "passwd: files systemd unknown ": passwd: files systemd group:  files systemd shadow: files

Bug#954057: libhttp-thin-perl: Please verify server identity via SSL

Package: libhttp-thin-perl Severity: important Dear maintainer, Your package uses the Perl module HTTP::Tiny but does not set the verify_SSL attribute to a true value. By default, that module does not validate the identity of server certificates. The documentation states that "Server identity

Bug#954056: libhtml-html5-parser-perl: Please verify server identity via SSL

Package: libhtml-html5-parser-perl Severity: important Dear maintainer, Your package uses the Perl module HTTP::Tiny but does not set the verify_SSL attribute to a true value. By default, that module does not validate the identity of server certificates. The documentation states that "Server

Bug#952599: fixed in insighttoolkit4 4.13.2-dfsg1-7

>[ Steve Robbins ] >* Update build-dep from swig3.0 --> swig3. Closes: #952599. This is a typo: the build-dependency is just "swig", which is presently swig 4. -Steve signature.asc Description: This is a digitally signed message part.

Bug#954055: RFS: runescape/0.7-1 [RC] -- Multiplayer online game set in a fantasy world

Package: sponsorship-requests Severity: important Dear mentors, I am looking for a sponsor for my package "runescape" * Package name: runescape Version : 0.7-1 Upstream Author : Jagex Games Ltd. * URL : https://oldschool.runescape.com * License :

Bug#954054: libdist-inkt-role-test-perl: Please verify server identity via SSL

Package: libdist-inkt-role-test-perl Severity: important Dear maintainer, Your package uses the Perl module HTTP::Tiny but does not set the verify_SSL attribute to a true value. By default, that module does not validate the identity of server certificates. The documentation states that "Server

Bug#954042: debian issue 954042

This isn't an urgent issue. First of all, dig is the default way that inxi grabs IP addresses (if dig is not installed for some reason), and other tools are used to get the WAN IP if and only if dig is not present. I believe the Debian inxi package installs dig if not present, so users would

Bug#954053: adduser: Can't get unique UID (no more available UIDs)

Package: adduser Version: 3.118 Severity: important Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? useradd foo * What exactly did you do (or not do) that was effective (or ineffective)? *

Bug#954052: elpa-org: tracking bug about ensuring smooth upgrades for org-drill users

Package: elpa-org Severity: normal Control: block -1 by 947017 I just read this: Currently, I am refactoring org-drill significantly. It's quite hard to test all of its functionality automatically, so I expect breakages. In addition, some of the interfaces for card types has

Bug#885213: make-dfsg: please migrate to guile-2.2

Rob Browning writes: > Actually now that guile-3.0 is in sid (though it's not yet building on > all the release architectures), I suppose we might just side-step 2.2 > entirely, but either would be much appreciated. > > Here this at least builds via "fakeroot debian/rules binary", but >

Bug#923908: new upstream version available (9.2)

Hi Antoine and Sébastien! On Wed, Mar 06, 2019 at 06:27:08PM -0500, Antoine Beaupre wrote: > Package: org-mode > Version: 9.1.14+dfsg-3 > Severity: wishlist > > It would be great to see the newest version of org-mode packaged in > Debian. I understand it's too late to pass the freeze, but maybe

Bug#954051: libgitlab-api-v4-perl: Please verify server identity via SSL

Package: libgitlab-api-v4-perl Severity: important Dear maintainer, Your package uses the Perl module HTTP::Tiny but does not set the verify_SSL attribute to a true value. By default, that module does not validate the identity of server certificates. The documentation states that "Server

Bug#954050: RFS: persist-el/0.4+dfsg-1 [ITP] -- persist variables between Emacs Sessions

Package: sponsorship-requests Severity: wishlist Control: block 953128 by -1 Dear mentors, I am looking for a sponsor for my package "persist-el". It is a dependency of org-drill (ITP #947017), and org-drill will restore functionality to Emacs' org-mode that was previously built-in. * Package

Bug#952099: tootle: FTBFS: ../../src/Views/AbstractView.vala:24.5-24.23: error: Creation method of abstract class cannot be public.

Package: tootle Version: 0.2.0-2 Followup-For: Bug #952099 User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu focal ubuntu-patch Hi, In Ubuntu, the attached patch was applied to achieve the following: * d/p/vala-0.46.patch: Make constructor for AbstractView protected to fix FTBFS

Bug#954049: lintian-brush: combine into one commit the move of name/contact from upstream metadata to debian copyright

Package: lintian-brush Version: 0.59 Severity: wishlist When lintian-brush moves the name/contact fields from the upstream metadata to the debian copyright file, it generates two commits; one for the removal and one for the addition. I think that this is overkill and one commit doing the move

Bug#951347: Bug status

Hi Manu, March 12, 2020 7:09 AM, "Emmanuel Kasper" wrote: > Hi Kurt > Thank you for reviving the vagrant-lxc boxes, I wanted to ask, what do > you think we should do about > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951347 ? > > The bug is critical as it prevents doing anywork with the

Bug#954048: libwww-oauth-perl: Please verify server identity via SSL

Package: libwww-oauth-perl Severity: important Dear maintainer, Your package uses the Perl module HTTP::Tiny but does not seem to set the verify_SSL attribute to a true value. By default, that module does not validate the identity of server certificates. The documentation states that "Server

Bug#953989: borgbackup reports installed python3-msgpack is incompatible

On Sun, 15 Mar 2020 12:16:54 + Gordon Ball wrote: > Package: borgbackup > Version: 1.1.11-2 > Severity: grave > Justification: renders package unusable > > After updating python3-msgpack from 0.5.6-3 -> 0.6.2-1, attempting to > run any borg command fails with the following message, making

Bug#954047: pmuninstall: Please verify server identity via SSL

Package: pmuninstall Severity: important Dear maintainer, Your package uses the Perl module HTTP::Tiny but does not set the verify_SSL attribute to a true value. By default, that module does not validate the identity of server certificates. The documentation states that "Server identity

Bug#945631: cuetools: diff for NMU version 1.4.1-0.2

On Monday, 16 March 2020 12:43:30 PM AEDT Sandro Tosi wrote: > I've prepared an NMU for cuetools (versioned as 1.4.1-0.2). The diff > is attached to this message. Thank you for taking care of that, Sandro. -- Best wishes, Dmitry Smirnov. --- Before a man speaks, it is always safe to assume

Bug#954046: libcpan-sqlite-perl: Please verify server identity via SSL

Package: libcpan-sqlite-perl Severity: important Dear maintainer, Your package uses the Perl module HTTP::Tiny but does not set the verify_SSL attribute to a true value. By default, that module does not validate the identity of server certificates. The documentation states that "Server identity

Bug#954045: libcpanplus-perl: Please verify server identity via SSL

Package: libcpanplus-perl Severity: important Dear maintainer, Your package uses the Perl module HTTP::Tiny but does not set the verify_SSL attribute to a true value. By default, that module does not validate the identity of server certificates. The documentation states that "Server identity

Bug#954029: libwrap0: aclexec in hosts.allow doesn't block requests

On Mar 16, Martin Kraus wrote: > It seems that returning failure in aclexec command in hosts.allow stops > processing > hosts.allow and starts processing hosts.deny which then must have > configuration to > block the connection. Therefore aclexec in hosts.allow behaves differently > from

Bug#954044: libcpan-perl-releases-perl: Please verify server identity via SSL

Package: libcpan-perl-releases-perl Severity: important Dear maintainer, Your package uses the Perl module HTTP::Tiny (admittedly with plain http://) but it does not set the verify_SSL attribute to a true value. By default, that module does not validate the identity of server certificates. The

Bug#945631: cuetools: diff for NMU version 1.4.1-0.2

Control: tags 945631 + patch Dear maintainer, I've prepared an NMU for cuetools (versioned as 1.4.1-0.2). The diff is attached to this message. Regards. diff -Nru cuetools-1.4.1/debian/changelog cuetools-1.4.1/debian/changelog --- cuetools-1.4.1/debian/changelog 2019-10-03 16:20:55.0

Bug#954043: libcpan-common-index-perl: Please verify server identity via SSL

Package: libcpan-common-index-perl Severity: important Dear maintainer, Your package uses the Perl module HTTP::Tiny (admittedly with plain http:://) but it does not set the verify_SSL attribute to a true value. By default, that module does not validate the identity of server certificates. The

Bug#954034: vcs-field-uses-insecure-uri: changes branchable.com git URLs even though git clone https doesn't work

On Mon, 2020-03-16 at 01:26 +, Jelmer Vernooij wrote: > It was already meant to do this, but due to a bug it just > checked the old insecure URL twice. :-) > > Commit coming up shortly to address that. Aha, thanks for the fix :) -- bye, pabs https://wiki.debian.org/PaulWise

Bug#954042: inxi: Please verify server identity via SSL

Package: inxi Severity: important Dear maintainer, Your package uses the Perl module HTTP::Tiny but does not set the verify_SSL attribute to a true value. By default, that module does not validate the identity of server certificates. The documentation states that "Server identity verification

Bug#954034: vcs-field-uses-insecure-uri: changes branchable.com git URLs even though git clone https doesn't work

Hi Paul, Thanks for the bug report. On Mon, Mar 16, 2020 at 08:34:20AM +0800, Paul Wise wrote: > When I run lintian-brush on the myrepos package, it changes the Vcs-Git > URL from git:// to https:// even though the https:// URL does not work. > > $ git ls-remote git://myrepos.branchable.com/ |

Bug#951497:

Just an update on some things relevant to this bug: * a new version of Rumur I uploaded, v2020.03.12-1, was just approved by Adam * Rumur v2020.01.27-2, my attempted final resolution to this bug, was removed from mentors due to the more recent upload For anyone following this bug at home or

Bug#954041: cpanoutdated: Please verify server identity via SSL

Package: cpanoutdated Severity: important Dear maintainer, Your package uses the Perl module HTTP::Tiny but does not set the verify_SSL attribute to a true value. By default, that module does not validate the identity of server certificates. The documentation states that "Server identity

Bug#946879: git: please build package with libsecret credential helper

On 2019-12-17 at 01:20:15, Jonathan Nieder wrote: > forcemerge 878599 946879 > quit > > Hi, > > brian m. carlson wrote: > > > It would be great if the libsecret credential helper could be built in > > its own package so that folks could easily use it. > > Thanks! I agree. Here's what should

Bug#954040: cpanminus: Please verify server identity via SSL

Package: cpanminus Severity: important Dear maintainer, Your package uses the Perl module HTTP::Tiny (as a backup) but it does not set the verify_SSL attribute to a true value. By default, that module does not validate the identity of server certificates. The documentation states that "Server

Bug#954039: prayer: FTBFS against glibc 2.30

Package: prayer Version: 1.3.5-dfsg1-6 Severity: serious Tags: patch ftbfs Justification: fails to build from source (but built successfully in the past) User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu focal ubuntu-patch Hi, prayer currently FTBFS against glibc 2.30 in unstable. This

Bug#954038: pkg-perl-tools: Please verify server identity via SSL

Package: pkg-perl-tools Severity: important Dear maintainer, Your package uses the Perl module HTTP::Tiny but does not set the verify_SSL attribute to a true value. By default, that module does not validate the identity of server certificates. The documentation states that "Server identity

Bug#954036: RFP: xidlehook -- xautolock rewrite in Rust, with a few extra features

Package: wnpp Severity: wishlist * Package name: xidlehook Version : 0.8.2 Upstream Author : jD91mZM2 * URL : https://gitlab.com/jD91mZM2/xidlehook * License : MIT Programming Lang: Rust Description : xautolock rewrite in Rust, with a few extra

Bug#954035: ITP: qtfeedback-opensource-src -- Qt Feedback module

Package: wnpp Severity: wishlist Owner: Mike Gabriel * Package name: qtfeedback-opensource-src Version : 5.0~git20180329.a14bd0bb-1 Upstream Author : Chris Adams * URL : https://code.qt.io/qt/qtsystems.git * License : LGPL-2.1 (with exception) or GPL-3

Bug#939171: Please remove Lintian check

Control: tags -1 - patch Dear maintainer, The xdeb check is now part of Lintian. You can see it here: https://salsa.debian.org/lintian/lintian/-/blob/master/checks/xdeb.pm Will you please remove the check from your package? Kind regards Felix Lechner

Bug#954037: openwince-jtag: FTBFS against glibc 2.30

Package: openwince-jtag Version: 0.5.1-7 Severity: serious Tags: patch ftbfs Justification: fails to build from source (but built successfully in the past) User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu focal ubuntu-patch Hi, openwince-jtag FTBFS against glibc 2.30 in unstable due

Bug#954034: vcs-field-uses-insecure-uri: changes branchable.com git URLs even though git clone https doesn't work

Package: lintian-brush Version: 0.59 Severity: normal When I run lintian-brush on the myrepos package, it changes the Vcs-Git URL from git:// to https:// even though the https:// URL does not work. $ git ls-remote git://myrepos.branchable.com/ | head -n1 465479bffda390614c32994393aabea15f9f547e

Bug#954033: pdfarranger: The package should depend on python3-gi-cairo. Otherwise the application will not render pages.

Package: pdfarranger Version: 1.1.1-1 Severity: grave Justification: renders package unusable Dear Maintainer, I tried using the application. It rendered empty pages and wrote a lot of TypeError: Couldn't find foreign struct converter for 'cairo.Context' to stderr. I searched the net on the

Bug#954032: libvirt-daemon-driver-qemu: file conflict /usr/share/augeas/lenses/libvirtd_qemu.aug libvirt-daemon 5.6.0-3

Package: libvirt-daemon-driver-qemu Version: 6.0.0-2 Severity: serious Justification: uninstallable Missing a Replaces: tglase@tglase-nb:~ $ sudo apt-get --purge install libvirt-daemon-system-sysv Reading package lists... Done Building dependency tree Reading state information... Done Starting

Bug#954031: sbcl: Please allow building with clisp on currently unsupported architectures

Source: sbcl Severity: normal Tags: patch Hi! In order to provide some basic level of continuous integration for sbcl upstream, it would be great if the sbcl package could be tried to build on any of the currently unsupported architectures using clisp. sbcl has partial support for alpha, hppa,

Bug#954030: pulseaudio: Pulseaudio does not start in xrdp session. Error in startup script.

Package: pulseaudio Version: 13.0-5 Severity: normal Tags: patch Dear Maintainer, I run KDE in a virtual machine using XRDP. For sound support I installed pulseaudio-module-xrdp from github: https://github.com/neutrinolabs/pulseaudio-module-xrdp But pulseaudio does not start. There is an

Bug#954029: libwrap0: aclexec in hosts.allow doesn't block requests

Package: libwrap0 Version: 7.6.q-30 Severity: important Dear Maintainer, man hosts_options says that The allow and deny keywords make it possible to keep all access control rules within a single file, for example in the hosts.allow file. and specifically for aclexec The connection will

Bug#954021: Please detect use of staff group (and 2775 permissions) in maintainer scripts without checking staff-group-for-usr-local

Hi Josh, > Policy version 4.1.4, in April 2018, states that /usr/local and subdirectories > should only have group "staff" if /etc/staff-group-for-usr-local exists, > and otherwise they should have group "root". Many packages still > unconditionally chown directories to root:staff, or chmod

Bug#886569:

Control: retitle -1 RFP: zerotier-one -- ZeroTier network virtualization service Control: noowner -1 I'll not go with this. Zerotier is no longer free software. With centralized controller, it's hard to say the free version will not cease to work some day. zerotier-one-debian.tar.xz

Bug#925669:

This bug should be fixed in the current upstream from 66cc4b7 in https://github.com/jedwards1211/dewalls Treating warnings as errors has been disabled. Philip

Bug#954006: release.debian.org: Please allow postfix to migrate despite autopkgtest failures, they are unrelated

Thanks whoever marked resource-agents as not a regression. I don't see any other blockers, so I suppose this can be closed now. Scott K

Bug#953829: regression/crash: mtr: Probes exhausted

This would be caused by the use of very low intervals, as you mentioned (causing ping probes to be consumed at a fast rate) in combination with lost packets at one or more remote hops (causing the probes to not be freed soon enough). 10 seconds at 100 probes per second does not leave sufficient

Bug#819476: Orphaned package - quotatool

Hi, I'd be interested in taking on this package. I'm currently one of two Github maintainers on a program called nwipe[1] (Partialvolume[2]), the other maintainer is a Debian maintainer (which I'm currently not) and he uploads nwipe to Debian. I would be taking this on as a sponsored

Bug#928714: bird6 next hop keep not forwarded to bgp neighbor

Hi, On Thu, 09 May 2019 12:42:15 +0200 Diego Arroyo wrote: > Package: bird > Version: 1.6.3-2 > Version: 1.6.5-1 > Version: 1.6.6-1 > Severity: normal > > Dear Maintainer, > > In a working environment with bgp and ipv4 I am configuring bgp for ipv6 > with similar configuration, but I cannot

Bug#954021: Please detect use of staff group (and 2775 permissions) in maintainer scripts without checking staff-group-for-usr-local

Hi all, > What is an acceptable way to identify such scripts? Would it be a > successful 'grep root[:.]staff', followed by an unsuccessful 'grep > staff-group-for-usr-local'? Josh, another way to help answer this might be to link to some offending packages if you have them handy. Regards, --

Bug#767006: JOB

Are you interested in this position account receivables agent for Metscco Heavy Steel Industries Co. Ltd, who can handle its account from its customers/clients in Canada or USA? Thanks, The HR Team

Bug#954021: Please detect use of staff group (and 2775 permissions) in maintainer scripts without checking staff-group-for-usr-local

Hi Josh, On Sun, Mar 15, 2020 at 1:18 PM Josh Triplett wrote: > > Policy version 4.1.4, in April 2018, states that /usr/local and subdirectories > should only have group "staff" if /etc/staff-group-for-usr-local exists, > and otherwise they should have group "root". Many packages still >

Bug#954028: ITP: node-babel7 -- compiler for next generation JavaScript

Package: wnpp Severity: wishlist Owner: Xavier Guimard * Package name: node-babel7 Version : 7.4.5 Upstream Author : Sebastian McKenzie * URL : https://babeljs.io/ * License : Expat Programming Lang: JavaScript Description : compiler for next

Bug#954027: insighttoolkit4 FTBFS with Pythin 3.8 as default

Source: insighttoolkit4 Version: 4.13.2-dfsg1-6 Severity: serious Tags: ftbfs https://buildd.debian.org/status/package.php?p=insighttoolkit4=sid ... Traceback (most recent call last): File "/<>/Wrapping/Generators/SwigInterface/igenerator.py", line 971, in wrappingNamespace =

Bug#954026: WEBKIT_WEB_PROCESS_CRASHED on ppc64 (and similar 64-bit big-endian platforms)

Package: libwebkit2gtk-4.0-dev Version: 2.28.0-2 Control: affects -1 src:geary Attempting to build geary on ppc64 shows failures in the geary test suite due to "WEBKIT_WEB_PROCESS_CRASHED" For example: https://buildd.debian.org/status/fetch.php?pkg=geary=ppc64=3.36.0-1=1584168969=0 or, when

Bug#954025: Please enable CONFIG_DEFERRED_STRUCT_PAGE_INIT

Package: linux-image-cloud-amd64 Severity: wishlist Please consider enabling CONFIG_DEFERRED_STRUCT_PAGE_INIT for both the cloud variant and and the standard kernel. This substantially improves boot time on systems with lots of memory. - Josh Triplett -- System Information: Debian Release:

Bug#953957: [live-build] W: Download is performed unsandboxed as root as file '.dsc' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied)

On Sun, 2020-03-15 at 18:20 +, jnq...@gmail.com wrote: > On Sun, 2020-03-15 at 11:34 +, Luca Boccassi wrote: > > The reason I asked for the change and I wasn't comfortable with > > making > > the download directory 777 is that live-build is routinely used in > > automated production

Bug#935173: audacity graphical windows fail to update properly

Control: forwarded 935173 https://github.com/audacity/audacity/issues/454 On Sun 2020-03-15 00:23:52 -0400, Anthony DeRobertis wrote: > On 3/13/20 1:16 AM, Daniel Kahn Gillmor wrote: >> Control: retitle 935173 audacity graphical windows fail to update properly >> when GTK_IM_MODULE=xim >>

Bug#953774: texlive-bin: FTBFS on various arches

Am 15.03.2020 um 21:37 teilte Norbert Preining mit: Hi Norbert, > thanks for the fix, indeed I forgot luahbjittex .. too many of those. > >> doing a native build for amd64 the configure script detects correctly >> that there is no isastream() and the build is OK. When doing a cross > > So,

Bug#951355: rspamd: Bayesian filters should not cause mails to be rejected

Le 15/02/2020 à 06:14, Julien Muchembled a écrit : > After a quick investigation, I understand that was because of bayesian > filters. I think I misused the term "Bayesian". I used it in opposition to filters that analyze the form of the message or how it is transported. > If you think it's not

Bug#954024: mate-terminal: URL highlighting is broken

Package: mate-terminal Version: 1.24.0-1 Severity: important Hi, either the mate-terminal update or the vte update has broken url highlighting. See also https://github.com/mate-desktop/mate-terminal/issues/329 Best -- System Information: Debian Release: bullseye/sid APT prefers unstable

Bug#953230: balsa: autopkgtest failure: times out

On Fri 2020-03-06 10:16:13 +0100, Paul Gevers wrote: > PS: these kind of timeouts are bad for our infrastructure. If this bug > doesn't get fixed in a timely manner, I may add your package to our > ignore-list. Sorry about the delay in getting this fixed, Paul. I believe the test suite will no

Bug#954023: Minor debdiff update

Please see an updated debdiff in attachment (dropped one line in d/changelog). Best regards Anton diff -Nru amd64-microcode-3.20160316.3/debian/changelog amd64-microcode-3.20181128.1~deb9u1/debian/changelog --- amd64-microcode-3.20160316.3/debian/changelog 2016-11-30 02:54:53.0

Bug#954023: stretch-pu: package amd64-microcode/3.20181128.1~deb9u1

Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Dear release team, I have prepared an update for amd64-microcode for Debian Stretch, which fixes CVE-2017-5715. Please see an

Bug#954020: buster-pu: package zipios++/0.1.5.9+cvs.2007.04.28-10+deb10u1

Please find attached the debdiff. Best, François diff -Nru zipios++-0.1.5.9+cvs.2007.04.28/debian/changelog zipios++-0.1.5.9+cvs.2007.04.28/debian/changelog --- zipios++-0.1.5.9+cvs.2007.04.28/debian/changelog 2017-05-28 21:20:05.0 +0200 +++

Bug#954004: systemd-udevd: do_page_fault() type=15 address=0x00000005

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256   On 2020-03-15 1:31 p.m., Michael Biebl wrote: > This will need a hppa porter to look into this so adding them to CC I tried attaching to systemd-udev: root@atlas:~# gdb /lib/systemd/systemd-udevd 2168 GNU gdb (Debian 9.1-2) 9.1 Copyright (C)

Bug#954006: release.debian.org: Please allow postfix to migrate despite autopkgtest failures, they are unrelated

On March 15, 2020 7:05:20 PM UTC, Paul Gevers wrote: >Hi Scott, > >On 15-03-2020 18:17, Scott Kitterman wrote: >> Currently postfix 2.4.10-1 is showing two autopkgtest failures in >> related packages. Neither of them are postfix related. > >Which two, I only see one? Can you please elaborate

Bug#954001: buster-pu: package timeshift/19.01+ds-2+deb10u1

Control: tags -1 + confirmed On Sun, 2020-03-15 at 12:32 -0400, Boyuan Yang wrote: > I am looking into solving CVE-2020-10174 ( > https://bugs.debian.org/953385) in > Buster. Please find the proposed diff in the attachment. Please go ahead. Regards, Adam

Bug#954020: buster-pu: package zipios++/0.1.5.9+cvs.2007.04.28-10+deb10u1

Control: tags -1 + moreinfo On Sun, 2020-03-15 at 20:51 +0100, Francois Mazen wrote: > I'm seeking approval to do this update in buster. > The goal is fixing the CVE-2019-13453. > https://security-tracker.debian.org/tracker/CVE-2019-13453 > You appear to have forgotten to attach the debdiff for

Bug#954022: pipewire: New upstream release 0.3.x, required by mutter 3.36.x and xdg-desktop-portal 1.7.x

Source: pipewire Version: 0.2.7-1 Severity: wishlist pipewire 0.3.x contains API changes which are needed for mutter 3.36.x (currently in experimental), xdg-desktop-portal 1.7.x and xdg-desktop-portal-gtk 1.7.x. It would be great to have it available in experimental too. smcv

Bug#954021: Please detect use of staff group (and 2775 permissions) in maintainer scripts without checking staff-group-for-usr-local

Package: lintian Version: 2.55.0 Severity: wishlist Policy version 4.1.4, in April 2018, states that /usr/local and subdirectories should only have group "staff" if /etc/staff-group-for-usr-local exists, and otherwise they should have group "root". Many packages still unconditionally chown

Bug#954020: buster-pu: package zipios++/0.1.5.9+cvs.2007.04.28-10+deb10u1

Package: release.debian.org Severity: normal Tags: buster User: release.debian@packages.debian.org Usertags: pu Dear Buster Release Managers, I'm seeking approval to do this update in buster. The goal is fixing the CVE-2019-13453. https://security-tracker.debian.org/tracker/CVE-2019-13453

Bug#854866: [SPAM] Bug#854866: Confirmation

Hi Mark, On Sun, 15 Mar 2020 18:47:42 +, Maik Zumstrull wrote: > It seems the original submitter lost interest, but I can confirm that > this happens. Not sure this is the only problem, but > /lib/udev/rules.d/60-solaar.rules only has a limited set of device > IDs: > >

Bug#954019: /lib/systemd/system/systemd-ask-password-console.service:20: Executable "systemd-tty-ask-password-agent" not found in path

Package: dracut Version: 048+80-2 Severity: important Hi, during boot I see the following error message during the initramfs stage: Mär 15 20:21:37 pluto systemd[1]: /lib/systemd/system/systemd-ask-password-console.service:20: Executable "systemd-tty-ask-password-agent" not found in path

Bug#954018: src:refpolicy: fails to migrate to testing for too long

Source: refpolicy Version: 2:2.20190201-6 Severity: serious Control: fixed -1 2:2.20190201-7 Tags: sid bullseye pending User: release.debian@packages.debian.org Usertags: out-of-sync Dear maintainer(s), As recently announced [1], the Release Team now considers packages that are out-of-sync

Bug#954017: xscreensaver: epicycle screensaver braws part of its figure in black on black background

Package: xscreensaver Version: 5.42+dfsg1-1 Severity: normal If you look closely at the output of the epicycle screenhack, part of each curve is drawn in black on black. This seems most often to occur at the part of the figure that is next the brightest drawn part. I built the pristine upstream

Bug#953957: [live-build] W: Download is performed unsandboxed as root as file '.dsc' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied)

For the record - I also did not realised until it was pointed out that apt has it's own user account.

Bug#954006: release.debian.org: Please allow postfix to migrate despite autopkgtest failures, they are unrelated

Hi Scott, On 15-03-2020 18:17, Scott Kitterman wrote: > Currently postfix 2.4.10-1 is showing two autopkgtest failures in > related packages. Neither of them are postfix related. Which two, I only see one? Can you please elaborate why you think it is not postfix related? I tend to say that

Bug#953561: closed by Debian FTP Masters (reply to Kan-Ru Chen (陳侃如) ) (Bug#953561: fixed in mupdf 1.16.1+ds1-2)

Debian Bug Tracking System dixit: >Their explanation is attached below along with your original report. >> * Backport fix for upstream bug 701402 allow smart scroll to advance to >> last page

Bug#943580: cannot reproduce (dist name vs module name issue?)

Control: tags 943580 + moreinfo Hi, I cannot reproduce it:  python3.8 -c 'import pkg_resources as pkg; pkg.require("typing")'

Bug#954016: vim-runtime: tap.vim: Make "TODO" and "SKIP" case-insensitive

Package: vim Version: 2:8.2.0368-1 Severity: normal Tags: patch upstream Dear Maintainer, * What led up to the situation? According to the TAP specification, the keywords "TODO" and "SKIP" are case-insensitive: https://testanything.org/tap-specification.html#directives Directives

Bug#954015: RFS: rumur/2020.03.12-1 -- model checker for the Murphi language

Package: sponsorship-requests Severity: normal Dear mentors, I am looking for a sponsor for my package "rumur" * Package name: rumur Version : 2020.03.12-1 Upstream Author : Matthew Fernandez * URL : https://github.com/Smattr/rumur * License : Unlicense *

Bug#953421: dash: Resident Set Size growth is unbound (memory leak) on an infinite shell loop

Hi, On Mon, 9 Mar 2020 at 17:09, Vitaly Zuevsky wrote: > [VZ]I use a shell script to supervise processes in a docker/kubernetes > container. I noticed steady growth > in the cgroup's CPU utilization from 15 to 35 millicores within 17 > days in absence of any external >

Bug#854866: Confirmation

Hi Stephen, It seems the original submitter lost interest, but I can confirm that this happens. Not sure this is the only problem, but /lib/udev/rules.d/60-solaar.rules only has a limited set of device IDs: ATTRS{idVendor}=="046d", ATTRS{idProduct}=="c52b", GOTO="solaar_apply"

Bug#954014: idl-font-lock-el: Mismatched source format vs source version

Source: idl-font-lock-el Source-Version: 1.5-9 Severity: important User: debian-d...@lists.debian.org Usertags: dpkg-mismatch-source-vs-version-format Hi! This package uses a native source format, with a non-native version, which is rather confusing and subverts the semantics of both the source

Bug#954012: sredird: Mismatched source format vs source version

Source: sredird Source-Version: 2.2.1-2 Severity: important User: debian-d...@lists.debian.org Usertags: dpkg-mismatch-source-vs-version-format Hi! This package uses a native source format, with a non-native version, which is rather confusing and subverts the semantics of both the source and

Bug#954009: gwhois: Mismatched source format vs source version

Source: gwhois Source-Version: 20120626-1.2 Severity: important User: debian-d...@lists.debian.org Usertags: dpkg-mismatch-source-vs-version-format Hi! This package uses a native source format, with a non-native version, which is rather confusing and subverts the semantics of both the source and

Bug#954011: rust-maybe-uninit: d/copyright issue

Source: rust-maybe-uninit Version: 2.0.0-1 Hello, During review in NEW, I noticed that in the file LICENSE-MIT there is a copyright notice for 2010, although d/copyright mentions only 2019. -- Sean Whitton signature.asc Description: PGP signature

Bug#954010: improvements to mbox viewer

Package: nm.debian.org Owner: enr...@debian.org 1. I seem unable to scroll the list of mails in the mbox viewer unless I also open a mail. 2. when you open a mail, scroll it, then move to a different email (either by clicking or arrow keys), the mail body doesn't scroll back to the start of the

Bug#953957: [live-build] W: Download is performed unsandboxed as root as file '.dsc' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied)

On Sun, 2020-03-15 at 11:34 +, Luca Boccassi wrote: > The reason I asked for the change and I wasn't comfortable with > making > the download directory 777 is that live-build is routinely used in > automated production systems to create images. I do not want to > introduce the risk of a rogue,

Bug#953851: pymissile: should this package be removed?

> While these are all good arguments for removal, I still got the hardware > and thus enjoy having the software to use it in Debian. :) > > But I realise that it need some porting to keep working, and lack the > spare time required to do it myself. :( are you ok with removing this package now,

  1   2   >