Bug#1050649: bookworm-pu: package nx-libs/2:3.5.99.26-5+deb12u1

Package: release.debian.org Severity: normal Tags: bookworm User: release.debian@packages.debian.org Usertags: pu X-Debbugs-Cc: nx-l...@packages.debian.org Control: affects -1 + src:nx-libs We received a report about font problems with nxagent/x2goagent in Debian that occur with the official

Bug#1050335: bookworm-pu: package sitesummary/0.1.55~deb12u1

Control: tag -1 moreinfo On Wed, Aug 23, 2023 at 01:16:11PM +0200, Mike Gabriel wrote: > While working on the initial Debian Edu release, Guido Berhöster has > worked on the sitesummary package. All changes target Debian Edu 12, so > we want to release the current version (0.1.55) to Debian

Bug#1043585: AMD64 Kernel update prevents an emulated TPM working correctly inside Windows 11 KVM guest OS

Hi Martin, On Sun, Aug 13, 2023 at 11:27:57AM +0100, Martin Johnson wrote: > Package: linux-image > > Version: 6.1.0-11-amd64 > > When latest Debian kernel is installed it is causing a problem with KVM > virtual machine and the current version of QEMU on Bookworm. This is when > swtpm is used

Bug#1050648: 0xffff: update d/watch file

Source: 0x Version: 0.9-1 Severity: minor Dear Maintainer, Here is a patch for. Thanks, Patrice -- System Information: Debian Release: trixie/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental')

Bug#1050647: Updating the luasocket Uploaders list

Source: luasocket Version: 3.1.0-1 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Daniel Silverstone has retired, so can't work on the luasocket package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them

Bug#1050646: Updating the ekeyd Uploaders list

Source: ekeyd Version: 1.1.5-6.2 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Daniel Silverstone has retired, so can't work on the ekeyd package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from

Bug#1050645: Updating the netsurf Uploaders list

Source: netsurf Version: 3.10-3 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Daniel Silverstone has retired, so can't work on the netsurf package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from

Bug#1050644: libapache2-mod-apreq2: Stops parsing input after empty file name in POST

Package: libapache2-mod-apreq2 Version: 2.17-3 Severity: important Tags: upstream Dear Maintainer, When POSTing a form to the server that includes a file upload input element, libapache2-mod-apreq2 stops parsing the input if the file name is empty, i.e. the user didn't select a file to upload,

Bug#1050604: Acknowledgement (python3-binwalk: Fails to extract cramfs)

I've looked a bit into it and found some interesting things. First, there is an upstream (as I've understood) "deps.sh" file, which pulls "cramfs-tools" and installs "cramfsck" as well as "mkcramfs" (haven't found mentions of mkcramfs being used anywhere). I'm not understanding the Debian's

Bug#1050643: cairosvg: Embedded images using data URIs no longer work without unsafe flag (after original fix for CVE-2023-27586)

Source: cairosvg Version: 2.5.2-1.1 Severity: important Tags: upstream fixed-upstream Forwarded: https://github.com/Kozea/CairoSVG/issues/383 X-Debbugs-Cc: Joe Burmeister , car...@debian.org Control: done -1 2.7.1-1 Control: found -1 2.5.0-1.1+deb11u1 Control: affects +

Bug#1050432: rpy2: FTBFS on mips64el

On 27 August 2023 at 18:44, YunQiang Su wrote: | Maybe there is something wrong with ffi. (In fact the complex support of mips | was added by me. ;) Hah. | I am looking for a way to use debug to debug the extensions. | If you have any documents, can you point it to me. I can help you with R,

Bug#1050592: perl: F_GETLK / F_GETLK64 confusion on ppc64el breaking libfile-fcntllock-perl

(full quote for the benefit of the Aurelien and other glibc maintainers) On Sat, Aug 26, 2023 at 09:07:38PM +0300, Niko Tyni wrote: > Package: perl > Version: 5.36.0-8 > Severity: serious > X-Debbugs-Cc: debian-powe...@lists.debian.org > Control: affects -1 libfile-fcntllock-perl > > Hi, > >

Bug#1050642: mutter: Xwaylands crashes due to `(EE) Unrecognized option: -byteswappedclients`

Package: mutter Version: 44.3-7 Severity: normal Dear Debian folks, After upgrading *mutter* from 43.6-1 to 44.3-7, Firefox does not start anymore as Xwayland terminates with SIGABRT. The journal contains gnome-shell[3416]: (EE) Unrecognized option: -byteswappedclients Starting

Bug#1050641: gcl: FTBFS on riscv64: Unknown reloc type 57

Source: gcl Version: 2.6.14-4 Severity: important Tags: ftbfs User: debian-ri...@lists.debian.org Usertags: riscv64 X-Debbugs-Cc: debian-ri...@lists.debian.org Dear maintainer, gcl fails to build from source on riscv64 while it was building in the past. This is the relevant part of the build

Bug#1050636: graphviz: Update to lua5.3

Am 27.08.23 um 13:30 schrieb László Böszörményi (GCS): Control: tags -1 +pending On Sun, Aug 27, 2023 at 1:09 PM Bastian Germann wrote: Please update your package to build with lua5.3 so we can drop v5.2 from the archive. The build system supports lua5.3 as well. I can build it with Lua

Bug#1050636: graphviz: Update to lua5.3

Control: tags -1 +pending On Sun, Aug 27, 2023 at 1:09 PM Bastian Germann wrote: > Please update your package to build with lua5.3 so we can drop v5.2 from the > archive. > The build system supports lua5.3 as well. I can build it with Lua 5.4 even, any reason not to use that? Regards,

Bug#1003724: Minor repo cleanup ready to push

Hello Marcin, There were nice updates ready in the repository at https://salsa.debian.org/debian/libpqxx, all created by you, and thank you for that. The changes were, among other things, related to an update to libpqxx version, upstream, 7.2.1. When I tried to build the package, it appeared

Bug#1050640: lua5.2: remove as soon as all reverse dependencies are gone

Source: lua5.2 Severity: wishlist Control: block -1 by 1050599 1050598 1050597 1050596 1050540 1050543 1050624 1050625 1050626 1050627 Control: block -1 by 1050628 1050629 1050630 1050631 1050632 1050633 1050634 1050635 1050636 1050637 The last lua5.2 release was on 07 Mar 2015. As upstream

Bug#1033167: usrmerge: messes with /etc/shells

On Thu, 22 Jun 2023 22:52:53 +0200 Andreas Beckmann wrote: > Hi Marco, > > two questions about convert-etc-shells: > > 1.) why does usrmerge.postinst call /usr/lib/usrmerge/convert-etc- shells > (nearly) unconditionally (i.e. on every upgrade of the usrmerge > package)? Shouldn't that be a

Bug#1050638: bullseye-pu: package clamav/0.103.9+dfsg-0+deb11u1

Package: release.debian.org Control: affects -1 + src:clamav User: release.debian@packages.debian.org Usertags: pu Tags: bullseye Severity: normal This is a stable update from clamav upstream in the 0.103.x series. It fixes the following CVE - CVE-2023-20197 (Possible DoS in HFS+ file

Bug#1041552: HFS/HFS+ are insecure

On Sunday, 27 August 2023 12:39:11 CEST Marco d'Itri wrote: > > Previously not knowing about that status, I looked up the commits where > > the > > status was set to "odd fixes" and found that for some the reason was that > > the maintainer didn't have the hardware to test it themselves. > > I do

Bug#1050001: Unwinding directory aliasing [and 3 more messages]

Hi Matthew, On Sun, 2023-08-27 at 11:30 +0100, Matthew Vernon wrote: > Any such consideration must be mindful of the fact that the majority of > Debian installs are now /usr-merged, which means that the complexity of > unwinding such installs has to be a heavy factor in thinking about >

Bug#1050637: vim: Update to lua5.4

Source: vim Severity: wishlist Version: 2:9.0.1672-1 Please update your package to build with lua5.4 so we can drop v5.2 from the archive. The build system supports lua5.4 as well.

Bug#1050636: graphviz: Update to lua5.3

Source: graphviz Severity: wishlist Version: 2.42.2-7 Please update your package to build with lua5.3 so we can drop v5.2 from the archive. The build system supports lua5.3 as well.

Bug#1050635: fityk: Update to lua5.3

Source: fityk Severity: wishlist Version: 1.3.2-2 Please update your package to build with lua5.3 so we can drop v5.2 from the archive. The build system supports lua5.3 as well.

Bug#1050634: worker: Downgrade to lua5.1

Source: worker Severity: wishlist Version: 4.11.0-1 Please build your package with lua5.1 so we can drop v5.2 from the archive. The build system supports it as fallback but you can certainly also try patching to a more up to date lua version.

Bug#1050633: wireshark: Downgrade to lua5.1

Source: wireshark Severity: wishlist Version: 4.0.8-1 Please build your package with lua5.1 so we can drop v5.2 from the archive. The build system supports it as fallback but you can certainly also try patching to a more up to date lua version.

Bug#1050632: vlc: Downgrade to lua5.1

Source: vlc Severity: wishlist Version: 3.0.18-4 Please build your package with lua5.1 so we can drop v5.2 from the archive. The build system supports it as fallback but you can certainly also try patching to a more up to date lua version.

Bug#1050631: telegram-cli: Downgrade to lua5.1

Source: telegram-cli Severity: wishlist Version: 1.3.1+git20160323.6547c0b21-3.1 Please build your package with lua5.1 so we can drop v5.2 from the archive. The build system supports it as fallback but you can certainly also try patching to a more up to date lua version.

Bug#1050630: onscripter: Downgrade to lua5.1

Source: onscripter Severity: wishlist Version: 20220816-1 Please build your package with lua5.1 so we can drop v5.2 from the archive. The build system supports it as fallback but you can certainly also try patching to a more up to date lua version.

Bug#1050629: mpv: Downgrade to lua5.1

Source: mpv Severity: wishlist Version: 0.36.0-1 Please build your package with lua5.1 so we can drop v5.2 from the archive. The build system supports it as fallback but you can certainly also try patching to a more up to date lua version.

Bug#1050628: lua-lxc: Downgrade to lua5.1

Source: lua-lxc Severity: wishlist Version: 1:3.0.2-2 Please build your package with lua5.1 so we can drop v5.2 from the archive. The build system supports it as fallback but you can certainly also try patching to a more up to date lua version.

Bug#1021292: Enabling branch protection on amd64 and arm64

Hi! On Tue, 2023-06-27 at 16:09:40 +0100, Wookey wrote: > On 2023-06-27 16:58 +0200, Moritz Mühlenhoff wrote: > > Am Wed, Jun 21, 2023 at 05:41:36PM +0200 schrieb Emanuele Rocca: > > > On 2022-10-26 08:20, Moritz Mühlenhoff wrote: > > > > I think this should rather be applied early after the

Bug#1050627: eiskaltdcpp: Downgrade to lua5.1

Source: eiskaltdcpp Severity: wishlist Version: 2.4.2-1 Please build your package with lua5.1 so we can drop v5.2 from the archive. The build system supports it as fallback but you can certainly also try patching to a more up to date lua version.

Bug#1049950: dh-python: Pybuild runs tests with tox but fails to clean up

Control: tag -1 -moreinfo Hi Arto (2023.08.26_06:24:29_+0100) > > It has code to do this, can you point to an example of it not happening? > > > > https://salsa.debian.org/python-team/tools/dh-python/-/blob/a5068b6de912dee00415e3ed8af13b75ef29994c/dhpython/build/base.py#L164-172 Aha, I figured

Bug#1050626: efl: Downgrade to lua5.1

Source: efl Severity: wishlist Version: 1.26.3-1 Please build your package with lua5.1 so we can drop v5.2 from the archive. The build system supports it as fallback but you can certainly also try patching to a more up to date lua version.

Bug#1050625: asterisk: Downgrade to lua5.1

Source: asterisk Severity: wishlist Version: 1:20.4.0~dfsg+~cs6.13.40431414-1 Please build your package with lua5.1 so we can drop v5.2 from the archive. The build system supports it as fallback but you can certainly also try patching to a more up to date lua version.

Bug#1050624: aghermann: Downgrade to lua5.1

Source: aghermann Severity: wishlist Version: 1.1.2-4 Please build your package with lua5.1 so we can drop v5.2 from the archive. The build system supports it as fallback but you can certainly also try patching to a more up to date lua version.

Bug#1050432: rpy2: FTBFS on mips64el

Dirk Eddelbuettel 于2023年8月27日周日 16:52写道： > > > On 27 August 2023 at 14:09, YunQiang Su wrote: > | Dirk Eddelbuettel 于2023年8月27日周日 00:15写道： > | > > | > > | > Hi all, > | > > | > As the test failures for complex valued variables appeared to be systemic > on > | > the 'mips64el' platform, I

Bug#1050623: intake: autopkgtest needs update for dask 2023.8.0

Source: intake Version: 0.6.6-1 Severity: serious Tags: ftbfs User: debian...@lists.debian.org Usertags: needs-update Hi Maintainer Since the upload of dask 2023.8.0+dfsg-1, the autopkgtests of intake are failing [1]. I've copied what I hope is the relevant part of the log below. This same

Bug#1050586: kmod: Updating to kmod to 30+20230601-1 results in a non booting system modules cannot be decompressed

Dear Marco and others, I will do a test build using ZSTD and see if that works. - I think the first thing I did was to switch back to XZ when this first happened Yesterday. I've been using XZ for module compression since it was available, I just select it using make menuconfig I'm not using

Bug#1050586: kmod: Updating to kmod to 30+20230601-1 results in a non booting system modules cannot be decompressed

Control: retitle -1 kmod does not work with XZ in-kernel module decompression On Aug 27, Jon Westgate wrote: > Note that I already had "Support in-kernel module decompression" selected > when the compression method was XZ. > > Would you like me to try without it? No need to: we know that

Bug#1050586: kmod: Updating to kmod to 30+20230601-1 results in a non booting system modules cannot be decompressed

All, To confirm that switching to ZSTD works. I ran make menuconfig,    [*] Enable loadable module support  --->        Module compression mode (ZSTD) --->         [*]   Support in-kernel module decompression Note that I already had "Support in-kernel module decompression" selected

Bug#1041552: HFS/HFS+ are insecure

On Aug 27, Diederik de Haas wrote: > While I agree that "orphan" does mean that it is NOT actively maintained, > AFAICT the situation is a bit more blurry for "odd fixes". All these file systems are either rare enough and/or not used on removable media, so I do not believe that it is

Bug#1050117: The patch has been applied to the Linux kernel repository.

Control: tag -1 fixed-upstream On Sunday, 27 August 2023 03:29:08 CEST Takashi Yano wrote: > I have been notified that the patch has been applied to > 5.15-stable tree, 6.1-stable tree and 6.4-stable tree. > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summ > ary > > I

Bug#1050001: Unwinding directory aliasing [and 3 more messages]

Dear Luca, On 27/08/2023 03:16, Luca Boccassi wrote: [things] You've already been asked by a couple of people to moderate your tone in this thread. I appreciate there is a lot of frustration around /usr-merge, but your contributions are not helping with that at all. Nor do they help us have

Bug#1041552: HFS/HFS+ are insecure

On Sunday, 27 August 2023 02:34:04 CEST Marco d'Itri wrote: > So I propose this content for a file like > /usr/lib/udev/rules.d/75-insecure-fs.rules: > > # Do not automatically mount these file systems because their drivers are > # marked as "orphan" or "odd fixes" in the kernel MAINTAINERS file

Bug#1042343: binutils-msp430: FTBFS: make[1]: *** [debian/rules:36: override_dh_auto_build] Error 1

The stuff that is currently in debian/patches should be patched at the binutils-source package (if the files were available, which they are not). Please hand in your patches there and only maintain binutils patches that are platform-specific. Thanks!

Bug#1043114: Please remove mipsel port from testing and sid

Hi Ansgar, On 2023-08-27 08:32, Ansgar wrote: > Hi, > > On Sun, 2023-08-06 at 16:50 +0800, YunQiang Su wrote: > > Since the Y2038 problem, 2G user space memory limit, > > and some lack of manpower,  It's time for us to drop mipsel support > > from the list of official release architectures. > >

Bug#661454: O: mazeofgalious -- The Maze of Galious

Control: retitle -1 O: mazeofgalious -- The Maze of Galious Control: noowner -1 The adoption failed.

Bug#1050622: linux-source-6.4: regression found upstream making AVX instructions unusable

Package: linux-source-6.4 Version: 6.4.4-3~bpo12+1 Severity: normal Dear Maintainer, a certain patch leads to a significant regression making AVX instructions unusable in the CPUs having them: https://lore.kernel.org/lkml/202307192135.203ac24e-oliver.s...@intel.com/ a fix is available upstream:

Bug#1050621: blends-dev: Support conflicts and breaks relations in meta-packages

Package: blends-dev Version: 0.7.5 Severity: wishlist As discussed in [1], I would like to request addition of Conflicts and Breaks relationships in tasks meta-package descriptions. I ahve already started to scan the sources of blends-dev and to implement the basics for the feature in [2], which

Bug#1050620: coccinelle: Drop pcre

Source: coccinelle Severity: important Version: 0.2.5.deb-3 coccinelle build-depends on libpcre-ocaml-dev, which is optional. Please drop it, so the package is not autoremoved.

Bug#1050069: RM: llvm-toolchain-14 -- ROM; Too many version of llvm

On Sun, Aug 20, 2023 at 03:15PM, Ilias Tsitsimpis wrote: > Can we please keep llvm-toolchain-14 in unstable? GHC 9.4.6 (which is > the latest version used in stackage LTS, see https://www.stackage.org/) > uses LLVM-14. I tried using LLVM-16 and it failed (see version > 9.4.6-1~exp2 in

Bug#1050606: Acknowledgement (find: ‘/lib/systemd/system-sleep’: No such file or directory)

Control: tags -1 + patch Please find attached a patch which should be sufficient to address this issue. I can offer to NMU, in case you are busy. Regards, Michael diff --git a/debian/scripts/suspend/cryptsetup-suspend-wrapper b/debian/scripts/suspend/cryptsetup-suspend-wrapper index

Bug#1050619: nbclient: unreproducible output - iopub.* timestamps

Package: python3-nbclient Version: 0.8.0-1 Severity: wishlist Tags: patch User: reproducible-bui...@lists.alioth.debian.org Usertags: timestamps By default, nbclient includes timestamps in its output, which makes packages built with it (e.g. python-pandas-doc) unreproducible. It provides a

Bug#1034356: gnome-shell: Frozen UI and massive log flodding

Am Sonntag, dem 20.08.2023 um 12:17 +0100 schrieb Simon McVittie: > Control: tags -1 + moreinfo > > On Thu, 17 Aug 2023 at 09:58:42 +0100, Simon McVittie wrote: > > The key change in gjs seems to be the second commit of > > so I'll > > try

Bug#1050618: rocrand: failing autopkgtests on gfx1030

Source: rocrand Version: 5.5.1-1 Severity: serious The tests from ci.rocm.debian.net failed on gfx1030 [1]. I'm filing this RC bug to prevent migration to testing. [1] https://ci.rocm.debian.net/data/autopkgtest/unstable/amd64+gfx1030/r/rocrand/83/log.gz

Bug#1050432: rpy2: FTBFS on mips64el

On 27 August 2023 at 14:09, YunQiang Su wrote: | Dirk Eddelbuettel 于2023年8月27日周日 00:15写道： | > | > | > Hi all, | > | > As the test failures for complex valued variables appeared to be systemic on | > the 'mips64el' platform, I buckled down, taught myself some Python ==:-) and | > conditioned the

Bug#1049952: csh: maintained by ubuntu-devel-disc...@lists.ubuntu.com

X-Debbugs-Cc: mckins...@debian.org On Thu, 17 Aug 2023 11:34:56 +0200 Lucas Nussbaum wrote: Hi, this package is maintained by ubuntu-devel-disc...@lists.ubuntu.com, which is not a suitable contact point for Debian packages maintenance according to

Bug#1041524: logcheck: badly handles "rsyslog + journalctl" checking

Package: logcheck Version: 1.4.2 Followup-For: Bug #1041524 Dear Maintainer, I also had the problem of duplicated journalctl/rsyslogd messages with different time formatting, but otherwise than suggested in this bug I'd like to move to the precision format - and thus came up with a patch to

Bug#1050586: kmod: Updating to kmod to 30+20230601-1 results in a non booting system modules cannot be decompressed

ticket: https://techpatterns.com/forums/about3040.html

Bug#1050616: apt-secure(8) points to non-existing page

Package: apt Version: 2.7.3 Severity: normal Hi, the manualpage apt-secure points to https://www.debian.org/doc/manuals/securing‐debian‐howto/ch7 which doesn't exist: ``` % curl -sI https://www.debian.org/doc/manuals/securing‐debian‐howto/ch7 HTTP/2 404 content-location: 404.en.html … ```

Bug#1050586: kmod: Updating to kmod to 30+20230601-1 results in a non booting system modules cannot be decompressed

I don't build kernel from source, I use binary packages installed from liquorix repositories https://liquorix.net/. I opened a ticket to their forum, maybe a recompilation of the kernel is enough. We await your reply... Il 27/08/23 03:10, Marco d'Itri ha scritto: On Aug 26, Jon Westgate

Bug#1050615: Crash: Illegal instruction / invalid opcode in libxul.so on Pentium M

Package: firefox-esr Version: 102.14.0esr-1~deb12u1 Severity: important Loading certain sites in Firefox ESR causes the tab to crash, and on occasion, the browser as a whole. A reliable cause of this is the Google account login page, which this crash makes impossible to traverse. I had to start

Bug#1048895: john: Fails to build source after successful build

Control: tags -1 + patch See https://salsa.debian.org/pkg-security-team/john/-/merge_requests/2

Bug#1043114: Please remove mipsel port from testing and sid

Hi, On Sun, 2023-08-06 at 16:50 +0800, YunQiang Su wrote: > Since the Y2038 problem, 2G user space memory limit, > and some lack of manpower,  It's time for us to drop mipsel support > from the list of official release architectures. > > Note: please keep mips64el for now. Please stop building

Bug#1050530: closed by Debian FTP Masters (reply to Matthias Klose ) (Bug#1050530: fixed in python3.11 3.11.5-2)

Hi Matthias, I think it would be enough to add the tzdata-legacy dependency to libpython3.11-testsuite. I've also send a patch upstream to switch to the normal name: https://github.com/python/cpython/pull/108533 Cheers Jochen * Debian Bug Tracking System [2023-08-26 19:09]: This is an

Bug#1050614: src:dpf-plugins: fails to migrate to testing for too long: uploader built arch:all binaries

Source: dpf-plugins Version: 1.6+ds-2 Severity: serious Control: close -1 1.7+ds-1 Tags: sid trixie pending User: release.debian@packages.debian.org Usertags: out-of-sync Dear maintainer(s), The Release Team considers packages that are out-of-sync between testing and unstable for more than

Bug#1050613: src:numba: fails to migrate to testing for too long: triggers autopkgtest failure

Source: numba Version: 0.56.4+dfsg-2 Severity: serious Control: close -1 0.57.1+dfsg-1 X-Debbugs-CC: python-spa...@packages.debian.org Tags: sid trixie User: release.debian@packages.debian.org Usertags: out-of-sync Control: affects -1 src:python-sparse Dear maintainer(s), The Release Team

Bug#1050044: bullseye-pu: package rar/2:5.5.0-1

There was another vulnerability, CVE-2023-40477, fixed in version 2:6.23- 1~deb11u1 now. signature.asc Description: This is a digitally signed message part

Bug#1050612: bookworm-pu: package rar/2:6.20.0.1

Package: release.debian.org Severity: normal Tags: bookworm User: release.debian@packages.debian.org Usertags: pu X-Debbugs-Cc: a...@debian.org Please see Debian bug #1050044. Same reasoning applies to Bookworm. Here rar is only affected by CVE-2023-40477 though. [ Checklist ] [x] *all*

Bug#1050432: rpy2: FTBFS on mips64el

Dirk Eddelbuettel 于2023年8月27日周日 00:15写道： > > > Hi all, > > As the test failures for complex valued variables appeared to be systemic on > the 'mips64el' platform, I buckled down, taught myself some Python ==:-) and > conditioned the number of failing tests away via > >

<    1   2