Re: Teemu Hukkanen
> The package description is incomplete, both the short and long
> description have "FIXME" at the beginning, without a useful description.
Oops, thanks for spotting!
Christoph
Package: systemd-boot-efi
X-Debbugs-Cc: ch...@codefrickler.de
Version: 252.22-1~deb12u1
Severity: normal
Tags: upstream
We are managing IoT devices as a product, which consists of two root partitions
with corresponding
loader/entries/*.conf file on the EFI partition. On each update, a whole
t - it was already failing on
the default case. I'd say just upload and I'll report back if it's
still failing.
Thanks!
Christoph
FYI:
I haven't seen that behaviour after upgrading... and I do have quite a
few tabs in many windows open.
Maybe it happens not in all configurations.
Cheers,
Chris.
Re: Stefan Heine
> how can I find, what version of the llvm library a given version of postgres
> is linked to?
It should be visible in the linker flags:
select * from pg_config();
LDFLAGS │ -Wl,-z,relro -Wl,-z,now -L/usr/lib/llvm-16/lib
-Wl,--as-needed
Christoph
control: fixed -1 0.6.7-1
AttributeError: 'list' object has no attribute 'split'
Christoph
Control: tags 918316 - pending
Christoph Biedl wrote...
> to fix the issues with this package, I've prepared an NMU for nocache
> (versioned as 1.1-1.1), debdiff below.
Not going to upload this, NMU doesn't make sense without fixing #1069426
as well.
Christoph
signature.asc
Descr
Control: tags 918316 + patch pending
Dear maintainer,
to fix the issues with this package, I've prepared an NMU for nocache
(versioned as 1.1-1.1), debdiff below. An upload to DELAYED/5 will
follow shortly. Please feel free to tell me if I should delay it
longer.
Regards,
Christoph
diff
sgid "administrator's e-mail address:"
# FIXME: s/administrator's/Administrator's/
#. Type: password
#. Description
#: ../slm.templates:4001
msgid "administrator's password:"
Thank you very much for maintaining this project,
Christoph Brinkhaus
Package: slm
Version: 0.8.3-3
Severity: wishlist
Dear Maintainer,
please find attached the po file with the german translation.
Please consider to apply it to the package.
Thank you very much!
Kind regards,
Christoph Brinkhaus
# Translation of the SLM template to German.
# This file
As systemd certainly will not move,
nocache has to. I'll check out the upstream change and will prepare an
NMU upon success.
Christoph
¹
https://lists.debian.org/msgid-search/a77c773c1e8cbeadeefbd30f21e7bbeb21a9d9bc.ca...@debian.org
signature.asc
Description: PGP signature
FYI: deborphan has been removed from Debian.
Cheers,
Chris.
Hey Matteo.
I guess this and #705409 can be closed now?
Not sure about #983453.
Cheers,
Chris.
Hello Niels,
Am Sat, Jun 01, 2024 at 03:19:53PM +0200 schrieb Niels Thykier:
> Christoph Brinkhaus:
> > Package: debhelper
> > Version: 13.15.3
> > Severity: minor
[...]
> > 7. Issue: would no longer installs → no longer installs
> > Explanation: Make the descri
Oh and one more:
The underlying /tmp (i.e. when not mounted) is now still
1777/drwxrwxrwt .
It might make sense to change that to e.g. 0755/drwxr-xr-x?
Of course that would leave a defunct /tmp if the tmpfs is unmounted,
but at the same time prevent accidental writes there.
So depends on
Package: systemd
Version: 256~rc3-6
Severity: normal
Hey.
When /tmp was switched over to tmpfs, it seems that there was no cleanup of
the underlying /tmp (i.e. on the underlying fs), so any files that had been
there, are still there and will – unless manually removed – remain there
forever.
So, how do we move forward here?
We have been receiving numerous reports of this issue breaking systems,
and we don't have a great workaround either.
Please let me know if there is anything we can do to help get this patch
applied, thanks.
Christoph Biedl wrote...
> (and why does the BTS¹ not show Étienne's
> message?).
Never mind, just a race condition.
signature.asc
Description: PGP signature
ere might be a small chance this breaks packages due to
slight implementation differences - but that's what testing and
autopkgtests are for.
Christoph (affected by this bug via tcpreplay)
¹ https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071321
signature.asc
Description: PGP signature
Package: libpcre2-dev
Version: 10.42-4+b1
Severity: wishlist
Hey.
Currently, general purpose manpages like pcre2pattern(3) are also
in libpcre2-dev.
IMO it would make sense to either ship them in a -doc package or
perhaps at least one of the lib packages?
Thanks,
Chris.
ration date, warns if it's less than 365 days in the future, and
exits non-zero if it's less than 30 days, or even already expired.
Todo:
* Make the thresholds configurable via command line options.
* Documentation, including "Setting the thresholds to 0 (zero) disables
the check&qu
Re: Moritz Mühlenhoff
> Agreed, if the package is actually broken with the version of PostgreSQL
> in stable and if there's no sensible backport for the open security issues,
> then let's rather remove it by the next point release.
Ack.
Christoph
control: severity -1 normal
Thanks for reporting! In the Android Tools case, the shared libs and packages
that use them are packaged together, often from the same source package, so I
can't see why we'd need special versions of it. And when we need to, we can use
strictly versioned
control: severity -1 normal
Thanks for reporting! In the Android Tools case, the shared libs and packages
that use them are packaged together, often from the same source package, so I
can't see why we'd need special versions of it. And when we need to, we can use
strictly versioned
control: severity -1 normal
Thanks for reporting! In the Android Tools case, the shared libs and packages
that use them are packaged together, often from the same source package, so I
can't see why we'd need special versions of it. And when we need to, we can use
strictly versioned
ebian packaging. As you'd expect,
version 1.5 builds fine again, will do some more checks and upload
during the weekend.
Christoph
signature.asc
Description: PGP signature
Hey.
Just a note:
In 2019, tsmuxer has been released under Apache 2.0 license.
See https://github.com/justdan96/tsMuxer .
Cheers,
Chris.
Am 14.05.24 um 10:39 schrieb Vincent Lefevre:
This could explain the error.
I'm wondering why apt plays with the permissions. This is confusing.
Or should there be a locking mechanism?
This reminds me about the long due rewrite to use the apt-API to access
these files and not read them
fix (at least on the PG side),
can we close the bug?
Christoph
Hi Vincent,
Am 13.05.24 um 19:59 schrieb Vincent Lefevre:
On 2024-05-13 17:12:57 +0200, Christoph Martin wrote:
Please try to access the file e.g. 'less
/var/lib/apt/lists//debug.mirrors.debian.org_debian-debug_dists_stable-debug_InRelease'
No problems.
You could try to prepend strace
an you access this files content?
Apart from that, I can't spot a problem.
Christoph
OpenPGP_signature.asc
Description: OpenPGP digital signature
_InRelease
for reading: Permission denied
I don't know why could cause the error, but the pathname with "//"
is incorrect.
// in the path should not be a problem. Can you do a 'ls -l
/var/lib/apt/lists/' to see the permissions?
Which user does the cronjob run with?
Christoph
O
Package: bash-completion
Version: 1:2.13.0-1
Severity: wishlist
Hey.
2.14.0 is out which allegedly fixes the bug[0] that remote scp file
completion was no longer working.
Thanks,
Chris.
[0] https://github.com/scop/bash-completion/issues/1157
it wasn't included?
Can you pull a backtrace of the hanging process?
https://wiki.postgresql.org/wiki/Getting_a_stack_trace_of_a_running_PostgreSQL_backend_on_Linux/BSD
Christoph
Hello again,
just to keep the records up to date: the bug is still present in
1:29.3+1-2, and the same patch still works around it (for me).
All the best,
-- Christoph
signature.asc
Description: PGP signature
control: severity -1 normal
Thanks for reporting! In the Android Tools case, the shared libs and packages
that use them are packaged together, often from the same source package, so I
can't see why we'd need special versions of it. And when we need to, we can use
strictly versioned
Package: wnpp
Severity: wishlist
Owner: Hans-Christoph Steiner
* Package name: remarkable
Version : 1.87+git20240504.e8cc99d
Upstream Author : Jamie McGowan
* URL : https://github.com/roddhjav/pass-import
* License : BSD-2 GPL-2+ LGPL-2.1+ MIT
Programming
Preuße, Hilmar wrote...
> On 03.05.2024 22:29, Christoph Biedl wrote:
> > Hilmar Preusse wrote...
> > > * Bump Standards and dh compat version, no changes needed.
> >
> > I'm a little surprised why you would change that in a NMU.
> >
> Well, thi
programs with different
| functionality but with the same filenames.
Christoph
signature.asc
Description: PGP signature
est by upstream and following the statements given in
<https://github.com/leahneukirchen/nq/issues/48#issuecomment-2091077937>,
also there's the LowNMU flag ... I'll upload 0.5-0.1 in the next days.
To improve quality and as it was a no-brainer, I'll also add an autopkgtest.
Christoph
sign
Hey.
Seems there were at least a series of commits from upstream last
November and few again this January.
And there even seem to be some more in their dev branch.
The number of CVEs mentioned by Salvatore is worrying, but it looks
even much worse over the years for ntfs-3g:
-editables
... which looked like libhwy1-python3-editables to me.
Thanks for considering,
Christoph
Re: Sean Whitton
> ===BEGIN
>
> A: Christoph Berg
> B: Matthew Garrett
> C: Helmut Grohne
> D: Stefano Rivera
> E: Timo Röhling
> F: Craig Small
> G: Matthew Vernon
> H: Sean Whitton
>
> ===END
I vote
H > ABCDEG > F
Christoph
signature.asc
Description: PGP signature
intainer didn't notice either.
> The attached patch fixes this mistake, although since the version in
> oldoldstable is 1:5.35-4+deb10u2, perhaps you would prefer to drop the
> fields instead.
Indeed, this was needed in 2016, will remove it in the next upload.
Christoph
signat
On Sat, 2024-04-27 at 03:15 +0200, Guilhem Moulin wrote:
> Yup that'd make sense to me (and I see you did that already), thanks!
:-)
Unfortunately I doubt it will be possibly to do some fully generic
solution.
So best we'll get is probably either an unconditional inclusion or some
simpler
Control: reassign -1 initramfs-tools
Control: severity -1 important
Control: retitle -1 copy_exec doesn't detect libgcc dependency anymore when
pthread is used
Hey.
I think I found the root cause (thanks to Guilhem Moulin, who
pointed[0] me to it).
Apparently (which wasn't on my radar at all
On Sat, 2024-04-27 at 01:48 +0200, Guilhem Moulin wrote:
> built using glibc ≥2.34. AFAICT the “if the ldd output includes
> libpthread then run copy_libgcc()” logic from initramfs-tools is
> mostly moot
> now
Ah, I just realised glibc "merged" libpthread ^^
Therefore...
> but despite what I
Hey Guilhem
On Sat, 2024-04-27 at 01:48 +0200, Guilhem Moulin wrote:
> Even it weren't, libpthread wouldn't show up since src:argon2 from
> bookworm
> and later is built using glibc ≥2.34.
When argon2 builds, it uses -pthread ... not really sure what that does
exactly, the manpage merely says it
Package: argon2
Version: 0~20190702+dfsg-4+b1
Severity: wishlist
Hey.
I stumbled over some odd issue, originally described here:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068849#84
In short:
I use the argon2 tool inside the initramfs, into which I copy it via
initramfs-tools’
Hey guys.
I kinda ran into a similar issue.
I use my own OpenPGP keyscript which is highly improved upon that
("decrypt_gnupg") shipped by the package.
One thing that I do is offer optionally feeding the entered passphrase
trough argon2 (the standalone tool from the package of the same name)
/SETLKW64. Currently GPFS kernel module doesn't work
* with these 64 bit macro values through ganesha interface. Undefine it
* here to use plain F_GETLK/SETLK/SETLKW values.
*/
#undef _FILE_OFFSET_BITS
I'll exclude the GPFS module for armel and armhf.
Regards
Christoph
OpenPGP_signature.asc
uld be better. Please fix the issue in one of the next
updates.
Thank you very much for taking care of the project,
Christoph Brinkhaus
Hey.
Just upgraded (via aptitude) to the most recent apt in sid on a number
of nodes (this time, all *without* any Icinga/Prometheus stuff)... and
on all nodes the locking issue showed up:
# aptitude
Performing actions...
Retrieving bug reports... Done
Parsing Found/Fixed information... Done
On Sat, 2024-04-20 at 07:54 -0400, P. J. McDermott wrote:
> Then the salvage procedure can play out for the full 28+ days
> specified
> by developers-reference (21 days to allow the maintainer to object
> followed by a DELAYED/7 adoption upload). I've already soft-proposed
> to
> salvage in bug
Hey.
On Sun, 2024-03-31 at 01:46 +, Thorsten Glaser wrote:
> Yes, a multi-team task force is working on it and will inform users
> once it is known how to proceed, inclusing how much to throw away
> and rebuild.
Kindly wanted to ask whether anything has come out meanwhile of that?
I've
Package: ca-certificates-java
Version: 20230710~deb12u1
Severity: important
Hey.
Actually I think this should have a higher severity, since the
trusted certs may very well be quit security critical.
Nevertheless:
I just traced a bug for some hours, where it eventually turned out
that
Hey David.
Thanks for your elaborate mail
On Wed, 2024-04-17 at 21:55 +0200, David Kalnischkies wrote:
> > Unpacking util-linux-extra (2.38.1-5+deb12u1) over (2.38.1-5+b1)
> > ...
> > Setting up util-linux-extra (2.38.1-5+deb12u1) ...
> > dpkg: error: dpkg frontend lock was locked by another
On Thu, 2024-04-18 at 00:34 +0200, Santiago Vila wrote:
> >
> I think you might be overestimating the importance of this.
Well I haven't said it would be super important (not at least that the
dirs are created - what might be more important is, if e.g. owners are
changed, like when stuff was
On Wed, 2024-04-17 at 23:43 +0200, Santiago Vila wrote:
> Yes. An empty $2 means that the package is installed for the
> very first time, i.e. installed by debootstrap.
>
> This is actually explained in the last question here:
>
> /usr/share/doc/base-files/FAQ
Isn't that quite unfortunate?
It
Hey.
FYI: I have upgraded to 13.1, but still didn't get a
/usr/local/libexec.
Guess that's because $2 in the script is not empty?
Cheers,
Chris.
Package: sponsorship-requests
Severity: important
X-Debbugs-CC:textsh...@uchuujin.de
Dear mentors,
I am looking for a sponsor for my package "chr":
* Package name : chr
Version : 0.1.78-1
Upstream contact : Christoph Hueffelmann
* URL :https://
btw: There already is #586486 but to me it looked rather like a
different issue.
Package: xserver-xorg-core
Version: 2:21.1.12-1
Severity: wishlist
Hey.
Joking:
" Debin's xorg lacks critical security patches, I demand make me maintainer
immediately "
Too soon for XZ jokes? O:-P
Seriously, there's a new upstream version out (21.1.13), which incorporates
not only the fix
Package: aptitude
Version: 1.21.22
Severity: important
Hey.
May very well be an issue in APT or rather dpkg, still, since I always see it
from aptitude, I report it here. Please re-assign accordingly.
I'm seeing this since quite some releases and also every now and then in
unstable
(though
the documentation is updated I will be happy to update the
translation accordingly.
Thank you very much for maintaining this huge project,
Christoph Brinkhaus
1. Issue: s/source/B/
Explanation: The fix should correct the appearance to be bold.
Occurance: debhelper.pod:517
Current string:
"
"megacli" tool. ...
Christoph
he past few decades,
so this rename is going to confuse quite a few people if not reverted.
Christoph
Package: less
Version: 590-2
Severity: wishlist
Hey.
Less 590 is quite outdated (from somewhere mid 2021)... would be
nice to have the current version. There's been quite some changes
meanwhile including improvements to follow mode.
Cheers,
Chris.
Hey.
I mostly forgot the details of this issue ^^
On Mon, 2024-04-15 at 13:08 +0200, Santiago Vila wrote:
> I'd like to be sure that things will not break horribly
> for somebody.
What I can say at least (which is of course not a definite answer) is,
that I personally run my systems since quite
Hey.
There seems to be a somewhat similar issue reported by Jakub Wilk on
oss-security:
https://www.openwall.com/lists/oss-security/2024/04/12/5
where quoting causes troubles (though I couldn't replay the demo).
Any chance to get both fixed in Debian unstable?
Cheers,
Chris.
On Thu, 2024-04-11 at 22:12 +0200, Julian Andres Klode wrote:
> > => First, I'm not sure whether this is the right behaviour, as
> > the
> > "original/modified" file seems to get removed, but it - being
> > a
> > local file - may actually be something of value to the user.
> > So
Source: vobcopy
Version: 1.2.1-4
Severity: minor
Hey.
The site listed in the homepage field:
Homepage: http://vobcopy.org
seems dead and links eventually to some (I guess) Turikish football website.
Should perhaps be removed and replaced with the github repo:
Package: apt
Version: 2.7.14
Severity: normal
Tags: security
Hey.
I noted the following behaviour - which may or may not be regarded as
security relevant.
So this is rather a heads up, and in case you think it's fine as it is,
just close it.
I always remembered that apt-get source was ought to
, IOW, Myon: my I reassign this back to qa.debian.org
> for vcswatch?
Done.
Christoph
(build passes, didn't
check further).
Cheers,
Christoph
-- System Information:
Debian Release: trixie/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.6.23 (SMP w/8 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap
Package: aapt
Version: 1:10.0.0+r36-10
Severity: important
Dear Maintainer,
When adb/fastboot is installed from bookworm-backports, those pull in
android-libziparchive 1:33.0.3-2~bpo12+1, which does not have the symbols that
bookworm's aapt needs to run:
$ aapt
aapt: symbol lookup error:
Hey.
Also with respect to having this documented in the release note, you
may want to have a look at my comment:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065806#47
I.e. I think it might be usefull to not just indicate that/how people
may use "nousergroups" again, but also to refer to
My I suggest one further improvement:
I think it would be nice if there was a sentence like:
"See the pam_umask(8) manpage for alternative means to change the
UMASK, for example per-user only."
I guess there are users that would actually want to keep the new
default, but have it e.g.
Hey Sam.
There's a typ in the NEWS enty:
>this user a group name that differs from the user name or add
|
should probably be "use"
Also, I had to think twice what's meant by "pat" ;-)
> matches their primary user name (user pat's default group is also
>called
Hi Adam,
Am 08.04.24 um 19:15 schrieb Adam D. Barratt:
On Mon, 2024-04-08 at 11:42 +0200, Christoph Martin wrote:
Hi Sebastian,
the packages are already removed from testing and unstable.
Where do you see a problem?
I'm not Sebastian, but the archive disagrees with you about the
packages
uploaded yet, will do in the
next days). If you have the skills and the time, you could try to
backport
https://github.com/latchset/clevis/commit/bebb037d664185769c12cd061c2221c2d2bdb432
Christoph
signature.asc
Description: PGP signature
Hi Sebastian,
the packages are already removed from testing and unstable.
Where do you see a problem?
Regards
Christoph
Am 07.04.24 um 13:21 schrieb Sebastian Ramacher:
Package: ftp.debian.org
Severity: normal
X-Debbugs-Cc: nfs-gane...@packages.debian.org, sramac...@debian.org
User
, but of course it only got
removed from unstable. So, here I am again:
Please remove libzia from experimental.
The library is now part of the tucnak source since it doesn't get
released (and used) independently.
Thanks,
Christoph
Control: severity -1 serious
Re: Peter Michael Green
> > severity 1064708 important
> Can you explain why you downgraded this bug? it looks rc to me
> and is blocking the time_t transition.
I think I mistakenly downgraded it along with some other "t64 nmu diff" bugs.
Christoph
w to deal
with this.
Christoph
signature.asc
Description: PGP signature
Package: miniflux
Version: miniflux 2.1.2-1
Severity: wishlist
X-Debbugs-Cc: maytha8the...@gmail.com
Dear Maintainer,
please find attached the german translation of the miniflux_2.1.1-1 template.
Thank you for taking care of the package!
Kind regards,
Christoph Brinkhaus
# German translation
One more thing:
Is anyone on the Debian side trying to figure out how far we've been
practically affected?
I mean let's assume we're "lucky", and the backdoor is only in
5.6.0/5.6.1... and that none of the adversary's earlier commits
introduced any serious holes[0] which wouldn't be known yet.
Hey.
Can we be confidently sure that going back to 5.4.5 is enough?
At least the git tag for that seems to be still signed by the
adversary:
https://git.tukaani.org/?p=xz.git;a=tag;h=9e4835399118b98954f110f76af2a0d504d2f531
The last one, still from Lasse Collin seems to be 5.4.1:
file.
According to ltrace, none of the RESOLV_WRAPPER_* variables are checked
via getenv.
Not a big surpise then: Setting RESOLV_WRAPPER_DEBUGLEVEL had no effect
either.
Using <https://github.com/figiel/hosts>, the above checks work except
for the second one. However, this project is not in Debian
Control: forwarded 1067457 https://github.com/latchset/jose/issues/151
signature.asc
Description: PGP signature
needs to be
> updated.
It actually doesn't hard-code the dependency but correctly extracts it
from libssl-dev. But since we don't have arch:all binnmus, a new
upload was needed anyway. Just did that.
Once cl-plus-ssl is installed, please binnmu pgloader to have it pick
up the changed dependency.
Christoph
or the Internet Message Support
> Protocol (imsp), providing central storage for addressbooks and application
> config.
This didn't have any takers in 3 years, and the package is now
FTBFSing (#1066480) with C code so ancient it's a PITA to fix, so
let's get it removed.
Christoph
Re: Gregor Riepl
> I pushed a simple patch to add the dependency, would be nice if you could
> release it, @myon? Thanks in advance.
On its way, thanks for the update!
Christoph
ah, let's just do that. Thanks for looking into the details!
Christoph
ng in the user's way.
.
This package contains the notify-send command line utility.
Thanks,
Christoph
Control: tags 1066850 -moreinfo +pending
Matthias Klose wrote...
> On 14.03.24 21:38, Christoph Biedl wrote:
> > Do you have an idea, an existing solution how to do that?
> dep := $(shell dpkg-query '-f${Depends}' -W libmagic-dev | sed
> 's/.*\(libmagic[a-z0-9]*\).*/\1/')
> e
s was the point to make python3-magic arch:any.
So, is all this worth the efforts? FWIW, I maintain the libmagic
package as well, so being lazy now will just hurt me later.
Christoph
signature.asc
Description: PGP signature
the next uplad.
> and derive the name of the shared library package from the
> libmagic-dev package.
Are you still talking about the build dependency here? Then it's no
issue as the -dev dependency will take care of that.
Question: What is the justifcation for the bug severity? To me,
control: fixed 1036559 3.4.0~a1-7
1 - 100 of 13398 matches
Mail list logo