Bug#868108: pkg-config: version field is empty

[Simon Désaulniers]

Bug has been noticed to upstream:

https://github.com/jpbarrette/curlpp/issues/47

-- 
Simon Désaulniers
sim.desaulni...@gmail.com


signature.asc
Description: PGP signature

Bug#868109: nginx: CVE-2017-7529 Integer overflow in the range filter

[Christos Trochalakis]

Source: nginx
Severity: important
Tags: upstream security

A security issue was identified in nginx range filter.  A specially
crafted request might result in an integer overflow and incorrect
processing of ranges, potentially resulting in sensitive information
leak (CVE-2017-7529).

When using nginx with standard modules this allows an attacker to
obtain a cache file header if a response was returned from cache.
In some configurations a cache file header may contain IP address
of the backend server or other sensitive information.

Besides, with 3rd party modules it is potentially possible that
the issue may lead to a denial of service or a disclosure of
a worker process memory.  No such modules are currently known though.

The issue affects nginx 0.5.6 - 1.13.2.
The issue is fixed in nginx 1.13.3, 1.12.1.

For older versions, the following configuration can be used
as a temporary workaround:

   max_ranges 1;

Patch for the issue can be found here:
http://nginx.org/download/patch.2017.ranges.txt

Announcement: http://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html

Bug#868110: acpi-call-dkms: may fail to build

[Bert Riding]

Package: acpi-call-dkms
Version: 1.1.0-3
Severity: normal

Dear Maintainer,

I have an unusual installation, using kernel 4.12 and gcc 7.1

dkms fails with a suggestion in make.log that I meant raw_copy_from_user
in place of copy_from_user.  Making this change in the acpi-call.c line
227 results in an installable module.


-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1,
'experimental') Architecture: amd64 (x86_64)

Kernel: Linux 4.12.0 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages acpi-call-dkms depends on:
ii  dkms  2.3-3

acpi-call-dkms recommends no packages.

acpi-call-dkms suggests no packages.

-- no debconf information

-- 
Bert Riding   
rerid...@xmission.com   

Bug#868108: pkg-config: version field is empty

[Simon Désaulniers]

In my last message, reference [2] should be reference [1].

Also, I wanted to mention I have a debian package (dpaste) awaiting upload which
depends on libcurlpp 0.8.1.

Regards,

-- 
Simon Désaulniers
sim.desaulni...@gmail.com


signature.asc
Description: PGP signature

Bug#868108: pkg-config: version field is empty

[Simon Désaulniers]

Package: libcurlpp-dev
Version: 0.8.1-1
Severity: normal
Tags: upstream

Dear Maintainer,

Packages depending on a specific version get an error when requiring package
version *using autotools*. For e.g., this:

PKG_CHECK_MODULES([CURLPP], [curlpp >= 0.8.1])

Using CMake seems to work okay though. Version number in resulting pkg-config
file is empty. Indeed, I have checked upstream and it appears that it's their
fault. Their output file from calling `cmake` doesn't produce a version number
in the curlpp.pc file. I think that's the explanation. This bug will be reported
upstream.

While waiting for upstream fix, could you upload a new version with the
appropriate version number by applying a patch to curlpp.pc? I think that should
fix the problem.

Also, it may be possible upstream doesn't support autotools regarding this~[1].
In any case, I think the debian package should make sure packages using
autotools can require a version of this lib in an appropriate manner. What do
you think?

Regards,

[1]: https://anonscm.debian.org/cgit/collab-maint/dpaste.git/
[2]: https://github.com/jpbarrette/curlpp/issues/34#issuecomment-276893343


-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (900, 'testing'), (800, 'unstable'), (750, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_CA:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libcurlpp-dev depends on:
ii  libcurlpp0  0.8.1-1

libcurlpp-dev recommends no packages.

libcurlpp-dev suggests no packages.

-- no debconf information

-- 
Simon Désaulniers
sim.desaulni...@gmail.com


signature.asc
Description: PGP signature

Bug#842378: Xfce needs a policykit authentication agent

[Hartmut Buhrmester]

The virtual package, which is provided by all policykit authentication 
agents, is now "polkit-1-auth-agent":


hb1@debian:~$ aptitude show polkit-1-auth-agent
No candidate version found for polkit-1-auth-agent
Package: polkit-1-auth-agent
State: not a real package
Provided by: gnome-flashback (3.22.0-3), gnome-shell (3.22.3-3),
 lxpolkit (0.5.3-2), lxqt-policykit (0.11.1-1),
 mate-polkit (1.16.0-2), policykit-1-gnome (0.105-6),
 polkit-kde-agent-1 (4:5.8.4-1)


A new dependency for Thunar could then be:

thunar recommends lxpolkit|polkit-1-auth-agent

But since the XDG autostart file for lxpolkit is effectively disabled by 
adding "Hidden=true", thunar would have to provide an own autostart 
file. It could be defined as /etc/xdg/autostart/xfpolkit.desktop with 
the contents:


[Desktop Entry]
Type=Application
Name=LXPolKit for XFCE
Comment=Policykit Authentication Agent
Exec=lxpolkit
TryExec=lxpolkit
Icon=gtk-dialog-authentication
OnlyShowIn=XFCE;


Or, for the canonical solution, you could add the recommendation:

thunar recommends policykit-1-gnome|polkit-1-auth-agent

The file /etc/xdg/autostart/polkit-gnome-authentication-agent-1.desktop 
is already configured for XFCE (but surprisingly not for GNOME):


OnlyShowIn=XFCE;Unity;X-Cinnamon;


I would add this dependency to Thunar, because the package thunar 
already recommends gvfs, and that uses policykit for authorization.


--
Regards,
Hartmut Buhrmester

Bug#867301: wicd-curses: Changing WPA Supplicant driver results in crash

[Giap Tran]

Thank you for reporting the bug,
I have sent this bug to the upstream. Hope we have a new patch in next
time.

Regards,

-- 
Giap Tran 
0xB8E9A6F112C2D7B7

Bug#868107: adminer: Web Server (apache.conf) is not Configured

[Rob]

Package: adminer
Version: 4.2.5-3~bpo8+1
Severity: normal

Dear Maintainer,

The jessie package version 3.3.3-1 installs with an apache.conf (.htaccess) 
file and this
was the expected behavior.

The stretch and sid packages do not appear to install with an accessible web 
interface either.

-- System Information:
Debian Release: 8.8
  APT prefers oldstable-updates
  APT policy: (500, 'oldstable-updates'), (500, 'oldstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages adminer depends on:
ii  libapache2-mod-php55.6.30+dfsg-0+deb8u1
ii  php5-mysqlnd [php5-mysql]  5.6.30+dfsg-0+deb8u1
ii  php5-pgsql 5.6.30+dfsg-0+deb8u1

Versions of packages adminer recommends:
ii  php5-cli   5.6.30+dfsg-0+deb8u1
ii  php5-mysqlnd [php5-mysql]  5.6.30+dfsg-0+deb8u1
ii  php5-pgsql 5.6.30+dfsg-0+deb8u1
pn  php5-sqlite3   

Versions of packages adminer suggests:
ii  mariadb-server-10.0 [virtual-mysql-server]  10.0.30-0+deb8u2

-- no debconf information

Bug#809070: hi

[jessica meir]

أنا جيسيكا. میر، ضابط في الجیش الأمریکي من الولایات المتحدة الأمریکیة،
لدیني شيء ھام یتعاطی معکم.

Bug#868106: jessie-pu: package rkhunter/1.4.2-0.4

[Francois Marier]

Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu

This is an update for a security issue that is not going to get a DSA:

https://security-tracker.debian.org/tracker/CVE-2017-7480

Attached is the debdiff against the version in stable.

Francois
diff -Nru rkhunter-1.4.2/debian/changelog rkhunter-1.4.2/debian/changelog
--- rkhunter-1.4.2/debian/changelog	2014-11-28 03:27:20.0 -0800
+++ rkhunter-1.4.2/debian/changelog	2017-07-11 20:17:19.0 -0700
@@ -1,3 +1,10 @@
+rkhunter (1.4.2-0.4+deb8u1) oldstable; urgency=high
+
+  * Disable remote updates to fix CVE-2017-7480 and prevent bugs like
+it in the future (closes: #765895, #866677)
+
+ -- Francois Marier   Tue, 11 Jul 2017 20:17:08 -0700
+
 rkhunter (1.4.2-0.4) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru rkhunter-1.4.2/debian/patches/06_disable-updates.diff rkhunter-1.4.2/debian/patches/06_disable-updates.diff
--- rkhunter-1.4.2/debian/patches/06_disable-updates.diff	1969-12-31 16:00:00.0 -0800
+++ rkhunter-1.4.2/debian/patches/06_disable-updates.diff	2017-07-11 20:17:19.0 -0700
@@ -0,0 +1,44 @@
+Description: Disable all remote updates
+Author: Christoph Anton Mitterer 
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765895
+Forwarded: not-needed
+Last-Update: 2017-07-05
+
+--- a/files/rkhunter.conf
 b/files/rkhunter.conf
+@@ -104,7 +104,7 @@
+ #
+ # The default value is '1'.
+ #
+-#UPDATE_MIRRORS=1
++UPDATE_MIRRORS=0
+ 
+ #
+ # The MIRRORS_MODE option tells rkhunter which mirrors are to be used when
+@@ -119,7 +119,7 @@
+ #
+ # The default value is '0'.
+ #
+-#MIRRORS_MODE=0
++MIRRORS_MODE=1
+ 
+ #
+ # Email a message to this address if a warning is found when the system is
+@@ -221,7 +221,7 @@ SCRIPTDIR=/usr/share/rkhunter/scripts
+ # The default value is the null string, indicating that all the language files
+ # will be updated.
+ #
+-#UPDATE_LANG=""
++UPDATE_LANG="en"
+ 
+ #
+ # This option specifies the log file pathname. The file will be created if it
+@@ -1131,7 +1131,7 @@ SCRIPTWHITELIST=/usr/sbin/adduser
+ #
+ # This option has no default value.
+ #
+-#WEB_CMD=""
++WEB_CMD="/bin/false"
+ 
+ #
+ # Set the following option to '1' if locking is to be used when rkhunter runs.
diff -Nru rkhunter-1.4.2/debian/patches/series rkhunter-1.4.2/debian/patches/series
--- rkhunter-1.4.2/debian/patches/series	2014-11-28 03:27:20.0 -0800
+++ rkhunter-1.4.2/debian/patches/series	2017-07-11 20:17:19.0 -0700
@@ -1,4 +1,5 @@
 05_custom_conffile.diff
+06_disable-updates.diff
 10_fix-man.diff
 15_remove-empty-dir.diff
 20_fix-ipcs-language.diff

Bug#868105: stretch-pu: package rkhunter/1.4.2-6

[Francois Marier]

Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu

This is an update for a security issue that is not going to get a DSA:

https://security-tracker.debian.org/tracker/CVE-2017-7480

Attached is the debdiff against the version in stable.

Francois
diff -Nru rkhunter-1.4.2/debian/changelog rkhunter-1.4.2/debian/changelog
--- rkhunter-1.4.2/debian/changelog	2016-07-03 17:29:37.0 -0700
+++ rkhunter-1.4.2/debian/changelog	2017-07-11 20:07:17.0 -0700
@@ -1,3 +1,10 @@
+rkhunter (1.4.2-6+deb9u1) stable; urgency=high
+
+  * Disable remote updates to fix CVE-2017-7480 and prevent bugs like
+it in the future (closes: #765895, #866677)
+
+ -- Francois Marier   Wed, 12 Jul 2017 03:07:17 +
+
 rkhunter (1.4.2-6) unstable; urgency=medium
 
   * Fix logcheck rule ("1 seconds")
diff -Nru rkhunter-1.4.2/debian/patches/06_disable-updates.diff rkhunter-1.4.2/debian/patches/06_disable-updates.diff
--- rkhunter-1.4.2/debian/patches/06_disable-updates.diff	1969-12-31 16:00:00.0 -0800
+++ rkhunter-1.4.2/debian/patches/06_disable-updates.diff	2017-07-11 20:07:17.0 -0700
@@ -0,0 +1,44 @@
+Description: Disable all remote updates
+Author: Christoph Anton Mitterer 
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765895
+Forwarded: not-needed
+Last-Update: 2017-07-05
+
+--- a/files/rkhunter.conf
 b/files/rkhunter.conf
+@@ -104,7 +104,7 @@
+ #
+ # The default value is '1'.
+ #
+-#UPDATE_MIRRORS=1
++UPDATE_MIRRORS=0
+ 
+ #
+ # The MIRRORS_MODE option tells rkhunter which mirrors are to be used when
+@@ -119,7 +119,7 @@
+ #
+ # The default value is '0'.
+ #
+-#MIRRORS_MODE=0
++MIRRORS_MODE=1
+ 
+ #
+ # Email a message to this address if a warning is found when the system is
+@@ -221,7 +221,7 @@ SCRIPTDIR=/usr/share/rkhunter/scripts
+ # The default value is the null string, indicating that all the language files
+ # will be updated.
+ #
+-#UPDATE_LANG=""
++UPDATE_LANG="en"
+ 
+ #
+ # This option specifies the log file pathname. The file will be created if it
+@@ -1131,7 +1131,7 @@ SCRIPTWHITELIST=/usr/sbin/adduser
+ #
+ # This option has no default value.
+ #
+-#WEB_CMD=""
++WEB_CMD="/bin/false"
+ 
+ #
+ # Set the following option to '1' if locking is to be used when rkhunter runs.
diff -Nru rkhunter-1.4.2/debian/patches/series rkhunter-1.4.2/debian/patches/series
--- rkhunter-1.4.2/debian/patches/series	2016-07-03 17:29:37.0 -0700
+++ rkhunter-1.4.2/debian/patches/series	2017-07-11 20:07:17.0 -0700
@@ -1,4 +1,5 @@
 05_custom_conffile.diff
+06_disable-updates.diff
 10_fix-man.diff
 15_remove-empty-dir.diff
 20_fix-ipcs-language.diff

Bug#868104: resolvconf: clean up legacy conffiles

[Christoph Anton Mitterer]

Package: resolvconf
Version: 1.79
Severity: normal


Hi.

Apparently the package used to contain:
/etc/resolvconf/update.d/dnscache
but no longer does.

This file was however not properly cleaned up.
Could you please to so in one of the next versions, so that
people will get the clean up? :-)

Thanks,
Chris.

Bug#868079: Security issues marked as no-dsa are shown as "ignored"

[Paul Wise]

On Wed, Jul 12, 2017 at 6:51 AM, Moritz Muehlenhoff wrote:

> The PTS shows no-dsa security issues as "Ignored security issue",

Do you have an example of a package where this shows up?

> But showing them as ignored is wrong and misleading.

What wording to replace the current template would you suggest?

'nodsa': '{count} ignored security {issue} in {release}',

Maybe this:

'nodsa': '{count} unimportant security {issue} in
{release}',

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

Bug#868103: insserv: clean up legacy conffiles

[Christoph Anton Mitterer]

Package: insserv
Version: 1.14.0-5.4+b1
Severity: normal

Hi.

Apparently the package used to contain:
/etc/bash_completion.d/insserv
but no longer does.

This file was however not properly cleaned up.
Could you please to so in one of the next versions, so that
people will get the clean up? :-)

Thanks,
Chris.

Bug#868102: stretch-pu: package devscripts/2.17.6+deb9u1

[James McCoy]

Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu

* debchange:
  + Target stretch-backports with --bpo.  Closes: #867662
  + Support $codename{,-{proposed-updates,security}} as well.
* bts:
  + Add support for the new 'a11y' tag.  Closes: #867416

-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diffstat for devscripts-2.17.6 devscripts-2.17.6+deb9u1

 debian/changelog |   12 
 scripts/bts.pl   |2 +-
 scripts/debchange.pl |   17 ++---
 test/test_debchange  |7 +++
 4 files changed, 30 insertions(+), 8 deletions(-)

diff -Nru devscripts-2.17.6/debian/changelog 
devscripts-2.17.6+deb9u1/debian/changelog
--- devscripts-2.17.6/debian/changelog  2017-06-03 14:29:24.0 -0400
+++ devscripts-2.17.6+deb9u1/debian/changelog   2017-07-11 22:06:17.0 
-0400
@@ -1,3 +1,15 @@
+devscripts (2.17.6+deb9u1) stretch; urgency=medium
+
+  [ Mattia Rizzolo ]
+  * debchange:
++ Target stretch-backports with --bpo.  Closes: #867662
++ Support $codename{,-{proposed-updates,security}} as well.
+  * bts:
++ Add patch from Samuel Thibault  to add support for
+  the new 'a11y' tag.  Closes: #867416
+
+ -- James McCoy   Tue, 11 Jul 2017 22:06:17 -0400
+
 devscripts (2.17.6) unstable; urgency=medium
 
   [ Osamu Aoki ]
diff -Nru devscripts-2.17.6/scripts/bts.pl 
devscripts-2.17.6+deb9u1/scripts/bts.pl
--- devscripts-2.17.6/scripts/bts.pl2017-06-03 14:29:24.0 -0400
+++ devscripts-2.17.6+deb9u1/scripts/bts.pl 2017-07-11 22:06:17.0 
-0400
@@ -160,7 +160,7 @@
"potato", "woody", "sid", "help", "security", "upstream",
"pending", "sarge", "sarge-ignore", "experimental", "d-i",
"confirmed", "ipv6", "lfs", "fixed-in-experimental",
-   "fixed-upstream", "l10n", "newcomer", "etch", "etch-ignore",
+   "fixed-upstream", "a11y", "l10n", "newcomer", "etch", "etch-ignore",
"lenny", "lenny-ignore", "squeeze", "squeeze-ignore",
"wheezy", "wheezy-ignore", "jessie", "jessie-ignore",
"stretch", "stretch-ignore", "buster", "buster-ignore",
diff -Nru devscripts-2.17.6/scripts/debchange.pl 
devscripts-2.17.6+deb9u1/scripts/debchange.pl
--- devscripts-2.17.6/scripts/debchange.pl  2017-06-03 14:29:24.0 
-0400
+++ devscripts-2.17.6+deb9u1/scripts/debchange.pl   2017-07-11 
22:06:17.0 -0400
@@ -161,7 +161,7 @@
  distribution name
   --bpo
  Increment the Debian release number for a backports upload
- to "jessie-backports"
+ to "stretch-backports"
   -l, --local 
  Add a suffix to the Debian version number for a local build
   -b, --force-bad-version
@@ -472,7 +472,7 @@
 # Check the distro name given.
 if (defined $opt_D) {
 if ($vendor eq 'Debian') {
-   unless ($opt_D =~ 
/^(experimental|unstable|UNRELEASED|((old)?stable|testing)(-proposed-updates)?|proposed-updates|(wheezy|jessie|stretch|buster|bullseye)-security)$/)
 {
+   unless ($opt_D =~ 
/^(experimental|unstable|sid|UNRELEASED|((old){0,2}stable|testing|wheezy|jessie|stretch|buster|bullseye)(-proposed-updates|-security)?|proposed-updates)$/)
 {
my $deb_info = get_debian_distro_info();
my ($oldstable_backports, $stable_backports) = ("", "");
if ($deb_info == 0) {
@@ -487,9 +487,12 @@
if ($deb_info == 0 || $opt_D !~ 
m/^(\Q$stable_backports\E|\Q$oldstable_backports\E)$/) {
$stable_backports = ", " . $stable_backports if 
$stable_backports;
$oldstable_backports = ", " . $oldstable_backports if 
$oldstable_backports;
-   warn "$progname warning: Recognised distributions are: 
unstable, testing, stable,\n"
-. "oldstable, experimental, 
{testing-,stable-,oldstable-,}proposed-updates,\n"
-. 
"{testing,stable,oldstable}-security$oldstable_backports$stable_backports and 
UNRELEASED.\n"
+   warn "$progname warning: Recognised distributions are: \n"
+. "experimental, unstable, testing, stable, oldstable, 
oldoldstable,\n"
+ . 
"{bullseye,buster,stretch,jessie,wheezy}-proposed-updates,\n"
+. 
"{testing,stable,oldstable,oldoldstable}-proposed-updates,\n"
+ . "{bullseye,buster,stretch,jessie,wheezy}-security,\n"
+. 
"{testing,stable,oldstable,oldoldstable}}-security$oldstable_backports$stable_backports
 

Bug#801727: pugixml: Please package pugixml variant with wchar enabled

[Bill Blough]

On Tue, Jul 11, 2017 at 08:40:53PM +0530, Vasudev Kamath wrote:
> Hey William,
> 
> Very very sorry about such a delayed response.

No worries.

> 
> William Blough  writes:
> 
> > Source: pugixml
> > Severity: wishlist
> >
> > The passwordsafe package uses pugixml, but requires wchar to be enabled.  
> > If a
> > wchar enabled version (see pugiconfig.hpp) was included along side the 
> > current 
> > version, I could remove the embedded copy of pugixml from passwordsafe and
> > depend on the packaged version instead.
> 
> Is it OK to enable this in default version itself instead of creating
> one more version?. Will it create any problems?.

It would be fine for my use case, but I don't know how it would affect
other users.  I'm thinking it would probably be fine, as a nonwide char
should fit in a wide char.  But I don't really work with wide charsets
that much, so my intuition may be wrong.

Bug#867192: [Pkg-dns-devel] Bug#867192: let systemd know about the pid file

[Simon Deziel]

On 2017-07-11 09:27 PM, Daniel Kahn Gillmor wrote:
> On Thu 2017-07-06 12:11:04 -0400, Simon Deziel wrote:
>> On 2017-07-05 09:28 PM, Daniel Kahn Gillmor wrote:
>>> On Tue 2017-07-04 11:52:17 -0400, Simon Deziel wrote:
>>>
 When unbound is stopped, its PID file is left behind causing subsequent
 service starts to complain like that:

  unbound[178]: [178:0] warning: did not exit gracefully last time (124)

 Please find a patch that tells systemd where the PID is so that it can
 delete it once unbound is stopped.
>>>
>>> Wouldn't it be preferable to not create a pidfile at all if it's not
>>> needed?
>>
>> That would work for the systemd case (with pidfile: "") but I don't know
>> how the init script would cope with that.
> 
> Isn't this bug report about systemd, and not sysvinit?

Having a PID file seems to be the easiest way to make both systemd and
SysV happy.

Simon

Bug#868099: rkhunter: clean up legacy conffile

[Francois Marier]

On 2017-07-12 at 02:50:27, Christoph Anton Mitterer wrote:
> Apparently the package used to contain:
> /etc/default/rkhunter
> as a dpkg conffile but no longer does and ships it manually managed instead.
> 
> This file was however not properly cleaned up as conffile and is still marked 
> as such.
> Could you please to so in one of the next versions, so that
> people will get the clean up? :-)

Do you know what the correct to do this is?

Francois

Bug#867192: [Pkg-dns-devel] Bug#867192: let systemd know about the pid file

[Daniel Kahn Gillmor]

On Thu 2017-07-06 12:11:04 -0400, Simon Deziel wrote:
> On 2017-07-05 09:28 PM, Daniel Kahn Gillmor wrote:
>> On Tue 2017-07-04 11:52:17 -0400, Simon Deziel wrote:
>> 
>>> When unbound is stopped, its PID file is left behind causing subsequent
>>> service starts to complain like that:
>>>
>>>  unbound[178]: [178:0] warning: did not exit gracefully last time (124)
>>>
>>> Please find a patch that tells systemd where the PID is so that it can
>>> delete it once unbound is stopped.
>> 
>> Wouldn't it be preferable to not create a pidfile at all if it's not
>> needed?
>
> That would work for the systemd case (with pidfile: "") but I don't know
> how the init script would cope with that.

Isn't this bug report about systemd, and not sysvinit?

  --dkg

Bug#831678: gtk2-engines-murrine: Text shadow misaligned for desktop icons on XFCE

[Matt Beary]

Package: gtk2-engines-murrine
Version: 0.98.1.1-6
Followup-For: Bug #831678

I have been having this issue as well.  It does look like the Ubuntu bugreport 
claims to be fixed in 0.98.2, so catching up to upstream may solve this issue 
(https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827451)

bug discussion on the repository for the theme I've been using:
https://github.com/B00merang-Project/B00merang-Themes/issues/17

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), 
LANGUAGE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages gtk2-engines-murrine depends on:
ii  libatk1.0-0  2.22.0-1
ii  libc62.24-12
ii  libcairo21.14.10-1
ii  libfontconfig1   2.12.3-0.1
ii  libfreetype6 2.8-0.2
ii  libgdk-pixbuf2.0-0   2.36.5-2
ii  libglib2.0-0 2.52.3-1
ii  libgtk2.0-0  2.24.31-2
ii  libpango-1.0-0   1.40.6-1
ii  libpangocairo-1.0-0  1.40.6-1
ii  libpangoft2-1.0-01.40.6-1
ii  libpixman-1-00.34.0-1

Versions of packages gtk2-engines-murrine recommends:
ii  murrine-themes  0.98.11

gtk2-engines-murrine suggests no packages.

-- no debconf information

Bug#868094: debsecan: clean up legacy conffiles

[Christoph Anton Mitterer]

On Wed, 2017-07-12 at 02:53 +0200, Florian Weimer wrote:
> Odd.  Could you check the contents of /var/lib/dpkg/status and what
> is
> listed there for the debsecan package?
Lucky you... I have one system left where I didn't a manual cleanup
(aka purge):

The file has:
Package: debsecan
Status: install ok installed
Priority: optional
Section: admin
Installed-Size: 111
Maintainer: Florian Weimer 
Architecture: all
Version: 0.4.19
Depends: debconf (>= 0.5) | debconf-2.0, python (>= 2.3), python-apt,
ca-certifi
Recommends: cron, exim4 | mail-transport-agent
Conffiles:
 /etc/default/debsecan 3a2aa7286725e2e5b29afae1081b2cde obsolete
Description: Debian Security Analyzer
 debsecan is a tool to generate a list of vulnerabilities which affect
 a particular Debian installation.  debsecan runs on the host which is
 to be checked, and downloads vulnerability information over the
 Internet.  It can send mail to interested parties when new
 vulnerabilities are discovered or when security updates become
 available.
Homepage: https://security-team.debian.org/security_tracker.html



> I didn't expect the Conffile: entries to be sticky, and nothing in
> the
> documentation about conffile handling says they are.

I don't know why it happens, guess because conffiles may only go away
on purge... so unless you tell dpkg it goes it won't remove it

There are many cases. Use
dpkg-query -W -f='${Conffiles}\n' | grep 'obsolete$'
to find out which are in some way considered obsolete.

But not all of the cases I found on my systems (and there are many)
have the same cause as the one here.. where a conffile->non-conffile
replace was done.
Some were simply dropped without using the maintainer scripts


> I don't see anything in dpkg-maintscript-helper which would remove
> the
> Conffile: lines from /var/lib/dpkg/status, so if they are still there
> on your system, this probably would not make a difference.

Better ask at d-d how to do it properly... I think it's rm_conffile... 
That's why I said you'd need to backup the file first, and then move it
back (once it's no longer a conffile...) but perhaps this is already
automated with some other command, so better ask experts ;)


Uhm... not sure but it might be a policy violation... so should be
cleaned up I guess... also it could perhaps cause problems if dpkg
thinks it still manages the file, while you do so already manually.


Cheers,
Chris.

smime.p7s
Description: S/MIME cryptographic signature

Bug#868101: ftp.debian.org: debian/indices/Uploaders has 'None' for source packages without Uploaders fields

[Paul Wise]

Package: ftp.debian.org
Severity: important
Control: affects -1 qa.debian.org
X-Debbugs-CC: qa.debian@packages.debian.org, Bernhard R. Link 

User: qa.debian@packages.debian.org
Usertags: bls

Since the Debian stretch release, the build log scanner has been
dumping lots of the following errors from the cron job:

Cannot parse  None

The issue appears to be that the debian/indices/Uploaders file has the
literal value of 'None' (without quotes) listed for 513 source packages
that appear to be missing Uploaders fields.

pabs@quantz:~$ grep None /srv/mirrors/debian/indices/Uploaders | head -n1
abcmidi-yaps None
pabs@quantz:~$ grep None /srv/mirrors/debian/indices/Uploaders | wc -l
513
pabs@quantz:~$ grep None /srv/mirrors/debian/indices/Uploaders | tail -n1
zpb-ttf  None
pabs@chianamo ~ $ apt-cache showsrc zpb-ttf 
Package: zpb-ttf
Binary: cl-zpb-ttf
Version: 0.7-2
Maintainer: Pierre THIERRY 
Build-Depends: cdbs, debhelper (>= 5)
Build-Depends-Indep: dh-lisp
Architecture: all
Standards-Version: 3.7.2
Format: 1.0
Files:
 dfd25e1f750bd2b8d632435bb207a940 600 zpb-ttf_0.7-2.dsc
 6eea38e0207eb56b688725f03b726c7e 47022 zpb-ttf_0.7.orig.tar.gz
 e21dddcd22dd5ef9e1c2b7e2eb544423 1811 zpb-ttf_0.7-2.diff.gz
Checksums-Sha256:
 fde5024d0325c4b9a212e7c90d253e24c8d6bd16598c61b401fbb8d1645a65c7 600 
zpb-ttf_0.7-2.dsc
 df8cda6bfd9cf17a3f1dc70a9ba64c1f2cb2ff71d4d4db12d7f5c3357d43161a 1811 
zpb-ttf_0.7-2.diff.gz
 fb70eea4d7270d2860edb96438dfb72b1563a8c2652a0360f219f68ef23b22fb 47022 
zpb-ttf_0.7.orig.tar.gz
Directory: pool/main/z/zpb-ttf
Priority: source
Section: libs

-- 
bye,
pabs

https://wiki.debian.org/PaulWise


signature.asc
Description: This is a digitally signed message part

Bug#868094: debsecan: clean up legacy conffiles

[Florian Weimer]

* Christoph Anton Mitterer:

> The problem is, apparently it once used to be a conffile, right?

Yes, it once was a conffile.

> And on legacy systems it still is marked as such, even though you
> create it now manually.

Odd.  Could you check the contents of /var/lib/dpkg/status and what is
listed there for the debsecan package?

I didn't expect the Conffile: entries to be sticky, and nothing in the
documentation about conffile handling says they are.

> AFAIU, the conffile should be backuped, then removed with dpkg-
> maintscript-helper and the backup then moved back manually, to clean
> things up.

I don't see anything in dpkg-maintscript-helper which would remove the
Conffile: lines from /var/lib/dpkg/status, so if they are still there
on your system, this probably would not make a difference.

Bug#868100: kexec-tools: clean up legacy conffiles

[Christoph Anton Mitterer]

Package: kexec-tools
Version: 1:2.0.14-1
Severity: normal


Hi.

Apparently the package used to contain:
/etc/default/kexec
as a dpkg conffile but no longer does and ships it manually managed instead.

This file was however not properly cleaned up as conffile and is still marked 
as such.
Could you please to so in one of the next versions, so that
people will get the clean up? :-)

Thanks,
Chris.

Bug#849308: wireguard: Wireguard should not transition to stable yet

[Georg Faerber]

Hi,

I would like to see wireguard right now in buster. Even if the on-wire
format should change in the future, it would be still worth it, IMHO.
Buster is the 'testing' suite - so let's just do that: let's test and
get this into testing. Sometimes testing breaks, which is expected, but
most of the time it works. I doubt that there would be a major
difference in this case.

Thanks for consideration and your work,
cheers,
Georg


signature.asc
Description: Digital signature

Bug#867542: 'invalid language tag' since 30c1fe69 [was: Re: Bug#867542: enigmail: can't decrypt messages in thunderbird]

[Daniel Kahn Gillmor]

Control: severity 867542 normal

Hi Jörg--

Over in https://bugs.debian.org/867542, you wrote:

> decryption of messages in thunderbird fails.

how does it fail?  does it hang?  show you an error message?

> The log of enigmail shows this:
>
> --- %< ---
> 2017-07-07 08:34:46.501 [DEBUG] errorHandling.jsm: parseErrorOutputWith:
> statusFlags = 0020
> 2017-07-07 08:34:46.501 [DEBUG] errorHandling.jsm: parseErrorOutputWith: 
> return
> with c.errorMsg =
> 2017-07-07 08:34:46.501 [DEBUG] execution.jsm: EnigmailExecution.fixExitCode:
> agentType: gpg exitCode: 0 statusFlags undefined
> 2017-07-07 08:34:46.502 [CONSOLE]
> 2017-07-07 08:34:46.502 [DEBUG] keyRing.jsm: createAndSortKeyList()
> 2017-07-07 08:34:46.504 [ERROR] enigmailMessengerOverlay.js: messageDecryptCb:
> caught exception: RangeError
> Message: 'invalid language tag: en-US.UTF-8'
> File:resource://enigmail/time.jsm
> Line:48
> Stack:   EnigmailTime.getDateTime@resource://enigmail/time.jsm:48:14
> KeyObject@resource://enigmail/keyRing.jsm:1607:19
> appendKeyItems@resource://enigmail/keyRing.jsm:1436:20
> createKeyObjects@resource://enigmail/keyRing.jsm:1411:3
> createAndSortKeyList@resource://enigmail/keyRing.jsm:1560:3
> loadKeyList@resource://enigmail/keyRing.jsm:1283:3
> EnigmailKeyRing.getAllKeys@resource://enigmail/keyRing.jsm:151:7
> EnigmailKeyRing.getKeyById@resource://enigmail/keyRing.jsm:222:7
> EnigmailDecryption.decryptMessageEnd@resource://enigmail/decryption.jsm:348:26
> EnigmailDecryption.decryptMessage@resource://enigmail/decryption.jsm:553:20
> Enigmail.msg.messageParseCallback@chrome://enigmail/content/enigmailMessengerOverlay.js:1005:19
> Enigmail.msg.messageParse@chrome://enigmail/content/enigmailMessengerOverlay.js:926:5
> Enigmail.msg.messageDecryptCb@chrome://enigmail/content/enigmailMessengerOverlay.js:764:9
> _f@chrome://enigmail/content/enigmailMessengerOverlay.js:555:9
> callbackWrapper@resource://enigmail/timer.jsm:38:9
> --- >% ---

thanks for the logs.  Was it repeatable reliably with 1.9.8-1 ?  Are you
able to get this to repeat with 1.9.8.1-1 (the version i uploaded to
unstable today)?

> Something seems odd with the language tag "en-US.UTF-8".
>
> The command "locale -a" shows on this system among others "en_US.utf8".

I am used to seeing en_US.UTF-8 for LANG, but not en-US.UTF-8.  Are you
setting NSILOCALE_TIME anywhere in your environment?

> For the moment I will revert back to the last working version 2:1.9.7-2.

The line you're getting an error on was definitely changed between 1.9.7
and 1.9.8 (it was changed in 30c1fe69a7c62007f925d760efc832884aed4412,
which overhauls the time calculations).

Maybe upstream (cc'ed here) can shed some light on this?

--dkg


signature.asc
Description: PGP signature

Bug#868099: rkhunter: clean up legacy conffile

[Christoph Anton Mitterer]

Package: rkhunter
Version: 1.4.2-6
Severity: normal


Hi.

Apparently the package used to contain:
/etc/default/rkhunter
as a dpkg conffile but no longer does and ships it manually managed instead.

This file was however not properly cleaned up as conffile and is still marked 
as such.
Could you please to so in one of the next versions, so that
people will get the clean up? :-)

Thanks,
Chris.

Bug#868098: edac-utils: clean up legacy conffiles

[Christoph Anton Mitterer]

Package: edac-utils
Version: 0.18-1+b1
Severity: normal


Hi.

Apparently the package used to contain:
/etc/udev/rules.d/z60_edac-utils.rules
but no longer does.

This file was however not properly cleaned up.
Could you please to so in one of the next versions, so that
people will get the clean up? :-)

Thanks,
Chris.

Bug#868094: debsecan: clean up legacy conffiles

[Christoph Anton Mitterer]

Control: reopen -1 

Hi Florian.

I didn't request you to make it a conffile :-)

The problem is, apparently it once used to be a conffile, right?
And on legacy systems it still is marked as such, even though you
create it now manually.

AFAIU, the conffile should be backuped, then removed with dpkg-
maintscript-helper and the backup then moved back manually, to clean
things up.


Cheers,
Chris.

smime.p7s
Description: S/MIME cryptographic signature

Bug#851066: flashplugin-nonfree: Mismatch between detected and available versions (Download file not available at people.debian.org)

[Bob Bib]

Perhaps, someone should contact the MIA team...

https://wiki.debian.org/Teams/MIA

--
Best wishes,
Bob

Bug#847918: python3-pip: Can be closed.

[Oliver Schode]

Package: python3-pip
Followup-For: Bug #847918

Hi,

this report can be closed. As could've been deduced from the error message,
the crash was rather due to a local version conflict between pip and Setuptools.
It appears I had accidentally updated my system version of the latter, instead
of a user or pyvenv installation. So this is not a bug.

Oliver


-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.11.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages python3-pip depends on:
ii  ca-certificates  20161130+nmu1
ii  python-pip-whl   9.0.1-2
ii  python3  3.5.3-3

Versions of packages python3-pip recommends:
ii  build-essential 12.3
ii  python3-dev 3.5.3-3
ii  python3-setuptools  36.0.1-1
ii  python3-wheel   0.29.0-2

python3-pip suggests no packages.

-- no debconf information

Bug#868096: sipsak: Authentication (REGISTER method) fails using usrloc mode

[Jorge Daniel Sequeira Matias]

Package: sipsak
Version: 0.9.6+git20160713-2
Severity: important

Dear Maintainer,

I'm using sipsak in my Nagios monitoring system configuration to check if my 
VoIP (SIP) server is authenticating users correctly.
This command is being used to do a "usrloc" mode test and is being invoked in 
the following way:

$ sipsak -U -s x@foobar.domain -a  -N

After upgrading from Debian/Wheezy to Debian/Stretch sipsak stopped working 
correctly. Now, when doing "usrloc" mode tests, which imply doing a SIP 
REGISTER, 
it always fails authentication returning "SIP failure" when it should have 
returned "SIP ok".
I have used several toosl to verify the authentication digest response that 
sipsak sends to the server and confirmed that it is doing wrong MD5 calcultions.

After this I have compiled directly from upstream using latest commit [1] 
(20170712) and confirmed that current upstream version is working correctly 
regarding to this issue.

[1] 
https://github.com/nils-ohlmeier/sipsak/commit/b1fdbd775ab4fe6e8d8602d8f574d948ed8a980f

Best Regards,
Jorge Daniel Sequeira Matias


-- System Information:
Debian Release: 9.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=UTF-8 (charmap=UTF-8) (ignored: LC_ALL set 
to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to 
en_US.UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)

Versions of packages sipsak depends on:
ii  libc62.24-11+deb9u1
ii  libgnutls30  3.5.8-5+deb9u1
ii  libruli4 0.33-1.1+b2

sipsak recommends no packages.

sipsak suggests no packages.

-- no debconf information

Bug#868097: ipset: clean up legacy conf files

[Christoph Anton Mitterer]

Package: ipset
Version: 6.32-1
Severity: normal


Hi.

Apparently the package used to contain:
/etc/bash_completion.d/ipset
but no longer does.

This file was however not properly cleaned up.
Could you please to so in one of the next versions, so that
people will get the clean up? :-)

Thanks,
Chris.

Bug#868095: base-files: clean up legacy conffiles

[Christoph Anton Mitterer]

Package: base-files
Version: 10
Severity: normal


Hi.

Apparently the package used to contain:
/etc/profile
as a dpkg conffile but no longer does and ships it manually managed instead.

This file was however not properly cleaned up as conffile.
Could you please to so in one of the next versions, so that
people will get the clean up? :-)

Thanks,
Chris.

Bug#867804: cdrom: Stretch netinst CD installs grub config file incorrectly

[Steve McIntyre]

On Tue, Jul 11, 2017 at 12:43:13PM +0100, Hazel Russman wrote:
>On Mon, 10 Jul 2017 17:50:45 +0100
>Steve McIntyre  wrote:
>> 
>> I'm wondering if *maybe* something has been confused by those lilo
>> setups, but I'll admit that I'm not sure what's happening there.

...

>No need to do that! I've found the error. I ran grub-mkconfig by hand
>and here's what it gave me:
>
>grub-mkconfig -o testfile
>Generating grub configuration file ...
>Found background image: /usr/share/images/desktop-base/desktop-grub.png
>Found linux image: /boot/vmlinuz-4.9.0-3-amd64
>Found initrd image: /boot/initrd.img-4.9.0-3-amd64
>Found Crux GNU/Linux 3.3 on /dev/sda1
>Found Linux From Scratch (7.10-rc1) on /dev/sda5
>Found Linux From Scratch (8.0-rc1) on /dev/sda6
>error: syntax error.
>error: Incorrect command.
>error: syntax error.
>Syntax error at line 226
>Syntax errors are detected in generated GRUB config file.
>Ensure that there are no errors in /etc/default/grub
>and /etc/grub.d/* files or please file a bug report with testfile.new file 
>attached.
>
>That's why the file wasn't renamed. The script didn't fail; it did
>what it was supposed to do. And if I installed grub now, I bet it still
>wouldn't work because of those errors in the config file. I'd just end
>up with a grub prompt again. So, if you don't mind, I won't do that for
>now.
>
>Instead I'm attaching the newly-created config file,
>the /etc/defaults/grub file, and a tarball of /etc/grub.d. I could
>probably examine those files from here to Sunday and not see where the
>error was, but you will probably spot it at once!

Hi Hazel,

I *think* my first guess was right - look at the line 190 in
testfile.new:

linux /boot/vmlinuz-4.9.6 root=/dev/sda1 ro vga = normal append = "quiet

That's blatantly broken, if nothing else for the missing closing
quotes. I'd also suspect the "vga = normal" of not doing the right
thing. This looks very like a mis-parsing of the various lilo.conf
files you have.

Could you attach those too, please? This looks like a bug for upstream
to look into, and they're going to need those files too I assume...

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
There's no sensation to compare with this
Suspended animation, A state of bliss

Bug#842291: still present for gnupg 2.21

[David Bremner]

I was curious if much had changed with the transition from ADNS that
Werner mentioned, but sadly it is still pretty slow. I'm not really sure
how to interpret the errrors below; I'll include a version with
debugging info below in case it's useful. For what it's worth, I also
tried standard-resolver, and it was about 10s faster, but still slow
(20s delay vs. 32s).

,
| Jul 11 20:56:27 rocinante dirmngr[5063]: no CRL available for issuer id 
E0DD1D7C31AA482EDCCE895CDD920A3AF9857121
| Jul 11 20:56:59 rocinante dirmngr[5063]: certificate cached
| Jul 11 20:56:59 rocinante dirmngr[5063]: Note: non-critical certificate 
policy not allowed
| Jul 11 20:56:59 rocinante dirmngr[5063]: error getting 
authorityKeyIdentifier: No data
| Jul 11 20:56:59 rocinante dirmngr[5063]: issuer certificate not found: No data
| Jul 11 20:56:59 rocinante dirmngr[5063]: error checking validity of CRL 
issuer certificate: Missing issuer certificate
| Jul 11 20:56:59 rocinante dirmngr[5063]: crl_parse_insert failed: Missing 
issuer certificate
| Jul 11 20:56:59 rocinante dirmngr[5063]: crl_cache_insert via DP failed: 
Missing issuer certificate
| Jul 11 20:56:59 rocinante dirmngr[5063]: command 'ISVALID' failed: Missing 
issuer certificate
`

output from --standard-resolver --debug-level=basic:

,
| Jul 11 21:05:12 rocinante dirmngr[5063]: SIGHUP received - re-reading 
configuration and flushing caches
| Jul 11 21:05:12 rocinante dirmngr[5063]: enabled debug flags: ipc
| Jul 11 21:05:12 rocinante dirmngr[5063]: permanently loaded certificates: 167
| Jul 11 21:05:12 rocinante dirmngr[5063]: runtime cached certificates: 0
| Jul 11 21:05:12 rocinante dirmngr[5063]:trusted certificates: 167 
(166,0,0,1)
| Jul 11 21:05:12 rocinante dirmngr[5063]: DBG: chan_5 -> OK
| Jul 11 21:05:12 rocinante dirmngr[5063]: DBG: chan_5 <- [eof]
| Jul 11 21:05:12 rocinante dirmngr[5063]: handler for fd 5 terminated
| Jul 11 21:05:18 rocinante dirmngr[5063]: handler for fd 5 started
| Jul 11 21:05:18 rocinante dirmngr[5063]: DBG: chan_5 -> # Home: 
/home/bremner/.gnupg
| Jul 11 21:05:18 rocinante dirmngr[5063]: DBG: chan_5 -> # Config: 
/home/bremner/.gnupg/dirmngr.conf
| Jul 11 21:05:18 rocinante dirmngr[5063]: DBG: chan_5 -> OK Dirmngr 2.1.21 at 
your service
| Jul 11 21:05:18 rocinante dirmngr[5063]: connection from process 6228 
(1000:1000)
| Jul 11 21:05:18 rocinante dirmngr[5063]: DBG: chan_5 <- GETINFO version
| Jul 11 21:05:18 rocinante dirmngr[5063]: DBG: chan_5 -> D 2.1.21
| Jul 11 21:05:18 rocinante dirmngr[5063]: DBG: chan_5 -> OK
| Jul 11 21:05:18 rocinante dirmngr[5063]: DBG: chan_5 <- OPTION audit-events=1
| Jul 11 21:05:18 rocinante dirmngr[5063]: DBG: chan_5 -> OK
| Jul 11 21:05:18 rocinante dirmngr[5063]: DBG: chan_5 <- ISVALID 
E0DD1D7C31AA482EDCCE895CDD920A3AF9857121.029082
| Jul 11 21:05:18 rocinante dirmngr[5063]: no CRL available for issuer id 
E0DD1D7C31AA482EDCCE895CDD920A3AF9857121
| Jul 11 21:05:18 rocinante dirmngr[5063]: DBG: chan_5 -> INQUIRE SENDCERT
| Jul 11 21:05:18 rocinante dirmngr[5063]: DBG: chan_5 <- [ 44 20 30 82 05 da 
30 82 03 c2 a0 03 02 01 02 02 ...(982 byte(s) skipped) ]
| Jul 11 21:05:18 rocinante dirmngr[5063]: DBG: chan_5 <- [ 44 20 11 6e 75 72 
2d 61 62 2d 73 61 6c 40 67 6d ...(564 byte(s) skipped) ]
| Jul 11 21:05:18 rocinante dirmngr[5063]: DBG: chan_5 <- END
| Jul 11 21:05:18 rocinante dirmngr[5063]: checking distribution points
| Jul 11 21:05:18 rocinante dirmngr[5063]: fetching CRL from 
'http://crl.cacert.org/class3-revoke.crl'
| Jul 11 21:05:19 rocinante dirmngr[5063]: inserting CRL (reader 
0x7fc6700116b0)
| Jul 11 21:05:19 rocinante dirmngr[5063]: update times of this CRL: 
this=20170711T235454 next=20170718T235454
| Jul 11 21:05:50 rocinante dirmngr[5063]: DBG: chan_5 -> INQUIRE SENDCERT 
/CN=CAcert Class 3 Root,OU=http://www.CAcert.org,O=CAcert Inc.
| Jul 11 21:05:50 rocinante dirmngr[5063]: DBG: chan_5 <- [ 44 20 30 82 06 08 
30 82 03 f0 a0 03 02 01 02 02 ...(982 byte(s) skipped) ]
| Jul 11 21:05:50 rocinante dirmngr[5063]: DBG: chan_5 <- [ 44 20 4a 30 33 30 
31 06 08 2b 06 01 05 05 07 02 ...(592 byte(s) skipped) ]
| Jul 11 21:05:50 rocinante dirmngr[5063]: DBG: chan_5 <- END
| Jul 11 21:05:50 rocinante dirmngr[5063]: certificate cached
| Jul 11 21:05:50 rocinante dirmngr[5063]: Note: non-critical certificate 
policy not allowed
| Jul 11 21:05:50 rocinante dirmngr[5063]: error getting 
authorityKeyIdentifier: No data
| Jul 11 21:05:50 rocinante dirmngr[5063]: issuer certificate not found: No data
| Jul 11 21:05:50 rocinante dirmngr[5063]: error checking validity of CRL 
issuer certificate: Missing issuer certificate
| Jul 11 21:05:50 rocinante dirmngr[5063]: crl_parse_insert failed: Missing 
issuer certificate
| Jul 11 21:05:50 rocinante dirmngr[5063]: crl_cache_insert via DP failed: 
Missing issuer certificate
| Jul 11 21:05:50 rocinante dirmngr[5063]: command 'ISVALID' failed: Missing 
issuer certificate
| Jul 11 21:05:50 rocinante dirmngr[5063]: DBG: chan_5 -> ERR 

Bug#868094: debsecan: clean up legacy conffiles

[Christoph Anton Mitterer]

Package: debsecan
Version: 0.4.19
Severity: normal


Hi.

Apparently the package used to contain:
/etc/default/debsecan
as a dpkg conffile but no longer does and ships it manually managed insted.

This file was however not properly cleaned up as conffile.
Could you please to so in one of the next versions, so that
people will get the clean up? :-)

Thanks,
Chris.

Bug#868090: Acknowledgement (fail2ban: clean up legacy conf files)

[Christoph Anton Mitterer]

The same applies for:
/etc/fail2ban/paths-fedora.conf
/etc/fail2ban/paths-freebsd.conf
/etc/fail2ban/paths-osx.conf

btw:
The package now also contains
/etc/fail2ban/paths-opensuse.conf
Why? This should be also dropped & cleaned up :)

smime.p7s
Description: S/MIME cryptographic signature

Bug#868093: bugs.debian.org: in squeeze /etc/rc.local doesn't work with !#/bin/sh -e

[Łukasz Grabowski]

Package: bugs.debian.org
Severity: normal

Dear Maintainer,

I had to change the first line of /etc/rc.local from
#!/bin/sh -e
to
#!/bin/bash
to make it work. Don't know why - I tried several things and this was another 
random
shot at trying to make it work.




*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
   * What was the outcome of this action?
   * What outcome did you expect instead?

*** End of the template - remove these template lines ***


-- System Information:
Debian Release: 9.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 3.16.0-4-686-pae (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#868092: Acknowledgement (clamav-freshclam: clean up legacy conf files)

[Christoph Anton Mitterer]

Control: reopen -1

On Wed, 2017-07-12 at 01:39 +0200, Christoph Anton Mitterer wrote:
> Sorry, haven't seen it was created via debconf =)

Reverting this... it's still technically a bug, even though you create
the file, as it's marked as a conffile in dpkg, which it no longer is.

So please clean up =)

smime.p7s
Description: S/MIME cryptographic signature

Bug#833691: lintian: warn against setting DEB_BUILD_OPTIONS in debian/rules

[Guillem Jover]

Hi!

On Tue, 2017-07-11 at 23:07:31 +0100, Chris Lamb wrote:
> tags 833691 + pending
> thanks
> 
> Fixed in Git:
> 
>   
> https://anonscm.debian.org/git/lintian/lintian.git/commit/?id=a2accfc84c96351956042174413c472e2e644775

I think you meant DEB_* instead of DH_*.

Thanks,
Guillem

Bug#608648: [Debconf-devel] Bug#608648: dpkg-reconfigure should chdir("/") before running maintainer scripts

[Colin Watson]

On Mon, Jul 10, 2017 at 08:59:23PM +0200, Andreas Beckmann wrote:
> Followup-For: Bug #608648
> 
> This change causes regressions, e.g. #867256. I might find more until
> sid has seen a complete recheck in piuparts.
> 
> That change sounds sensible and should not be reverted, just the
> affected packages should be fixed.

I think the right answer is actually a partial revert.  The change to
Debconf::ConfModule was overkill on my part: it isn't necessary to fix
the original bug, and it causes this kind of problem.  I have an
alternative implementation which only affects dpkg-reconfigure, so won't
break ordinary maintainer scripts like this; I'm just testing it a bit
before upload.

That said, using absolute paths (as has been done though not yet
uploaded for #867256, I see) when calling ucf still seems like a good
idea for robustness.

-- 
Colin Watson   [cjwat...@debian.org]

Bug#868092: clamav-freshclam: clean up legacy conf files

[Christoph Anton Mitterer]

Package: clamav-freshclam
Version: 0.99.2+dfsg-6+b1
Severity: normal


Hi.

Apparently the package used to contain:
/etc/logrotate.d/clamav-freshclam
but no longer does.

This file was however not properly cleaned up.
Could you please to so in one of the next versions, so that
people will get the clean up? :-)

Thanks,
Chris.

Bug#867541: please build ruby binding of grpc

[Andrew Pollock]

On Tue, Jul 11, 2017 at 12:25:52PM +0200, László Böszörményi (GCS) wrote:
> On Tue, Jul 11, 2017 at 11:12 AM, Steinar H. Gunderson  
> wrote:
> > On Tue, Jul 11, 2017 at 10:07:58AM +1000, Andrew Pollock wrote:
> >>> Andrew, please link me to the grpc-packages link/account if possible.
> >>> It's bad that I can't follow this package from the first hand.
> >> Sorry, can you please clarify what you're asking for here?
> >
> > Maintainer: gRPC Package Maintainers 
> >
> > Presumably he wants to be added to that list.
>  +1, all uploads, bugreports, migration, etc mails go to the email
> address specified in the maintainer field. That's why it's usually a
> mailing list and anyone can subscribe to it. At the moment I don't get
> mails sent to grpc-packages@ and I'm kind of blind about the package.

Got it. Let me see what I can do about changing the maintainer address to
something more conducive to outside collaboration, or adding folks to that
mailing list.


signature.asc
Description: Digital signature

Bug#868091: tig: clean up legacy conf files

[Christoph Anton Mitterer]

Package: tig
Version: 2.2-1+b2
Severity: normal


Hi.

Apparently the package used to contain:
/etc/bash_completion.d/tig
but no longer does.

This file was however not properly cleaned up.
Could you please to so in one of the next versions, so that
people will get the clean up? :-)

Thanks,
Chris.

Bug#569945: hercules: high pitched whine on old laptop drives

[Jonathan Nieder]

Hi Philipp,

Philipp Kern wrote:

> This bug report from 2010 feels pretty much obsolete. Even assuming that
> Hercules might cause a lot of random I/O the machine this was reported
> for was likely too small to run Debian on s390 meaningfully in it. Plus
> we have SSDs now.

Agreed.  If I end up trying again on more modern hardware and run into
trouble then I'll ask debian-user@ + hercu...@packages.debian.org for
help.  I don't think there's any obvious change to make (even in docs)
that would warrant tracking in a bug.

Thanks for your work,
Jonathan

Bug#868090: fail2ban: clean up legacy conf files

[Christoph Anton Mitterer]

Package: fail2ban
Version: 0.9.6-2
Severity: normal


Hi.

Apparently the package used to contain:
/etc/fail2ban/action.d/iptables-blocktype.conf
but no longer does.

This file was however not properly cleaned up.
Could you please to so in one of the next versions, so that
people will get the clean up? :-)

Thanks,
Chris.

Bug#690763: installation-guide: sudo and no password for root user situation

[Holger Wansing]

Hi,

Baptiste Jammet  wrote:
> Hello, 
> 
> I don't know the implementation detail of this (no root password
> installs sudo and allow user to use it), but I suspect that only the
> first user (created in the next step) will be allowed to use sudo.
> 
> Maybe add something like :
> By default, only the first user, that will be created in the next step,
> will be allowed to use sudo to perform these
> administrative tasks.

Yes, you are right, it works exactly this way.

I have committed a change to document this clearer:
https://anonscm.debian.org/viewvc/d-i?view=revision=70801


Thanks for the hint

Holger


-- 

Created with Sylpheed 3.5.0 under
D E B I A N   L I N U X   8 . 0   " J E S S I E " .

Registered Linux User #311290 - https://linuxcounter.net/

Bug#864955: live-boot: Non ASCII chars aren't displayed correctly

[Steve McIntyre]

On Sun, Jun 18, 2017 at 02:45:54AM +0200, Antoni Villalonga wrote:
>Package: live-boot
>Version: 1:20170112
>Severity: normal
>
>Dear Maintainer,
>
>Testing stretch live kde some non-asci chars are shown incorrectly.
>
>I've found that console-setup is configured iso-8859-15 instead of utf8.
>Switching to utf8 solves the problem.

That's a start, but things are rather more complicated. At the moment
the live setup is only setting locale. It works for display on the X
desktop, but:

 * as you've discovered it doesn't work on the console
 * it's not selecting an appropriate keyboard layout, either under X
   or on the console

To get all this *right* will be a major undertaking, I think. We
*could* simply add a default keyboard layout to the setup for each
language as well, but that's quite likely to be wrong for a lot of
users...

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
"I've only once written 'SQL is my bitch' in a comment. But that code 
 is in use on a military site..." -- Simon Booth

Bug#868089: debtags: clean up legacy files

[Christoph Anton Mitterer]

Package: debtags
Version: 2.1.2
Severity: normal


Hi.

Apparently the package used to contain:
/etc/bash_completion.d/debtags
but no longer does.

This file was however not properly cleaned up.
Could you please to so in one of the next versions, so that
people will get the clean up? :-)

Thanks,
Chris.

Bug#867268: [pkg-gnupg-maint] Bug#867268: dirmngr: Can't set nameserver port

[Daniel Kahn Gillmor]

Control: severity 867268 wishlist
Control: reassign 867268 dirmngr
Control: reassign 867268 dirmngr: allow to set nameserver port

Hi Sandro--

On Wed 2017-07-05 12:43:45 +0200, Sandro Knauß wrote:
> I'm using gnupg with use-tor option and a onion address as keyserver.
> All wents find to search keys over the keyserver and so one.

I'm not sure i understand this second sentence, sorry :/

> so it looks like he is unhappy about my nameserver entry in dirmgr.conf:
> nameserver 127.0.0.1:1053
>
> it is quite unexpected, that I can't overwrite the port for the
> nameserver.

hm, the "nameserver" directive in dirmngr(8) is pretty clearly "ipaddr",
not "ipaddr[:port]" or anything else.  I understand that it would be
"nice to have" to be able to identify a port, but it doesn't seem like
it's unexpected that it doesn't work yet.

> and I actually wants to make sure that gnupg is using dns over tor.

If GnuPG is *not* using DNS over Tor on these modern versions when
--use-tor is present, i think that would be a bug.  Please do file a
ticket if that's the case!

I don't think that tor's DNSPort is capable of resolving anything other
than A, , or PTR requests, so this wouldn't have worked for you
anyway -- dirmngr prefers to use SRV records where possible.

(for more details on why this is:
https://trac.torproject.org/projects/tor/ticket/7829)

So i don't think what you're asking for in this ticket (setting the
nameserver port) provides the bigger picture of what you want in any
case.  Let's try to ensure that dirmngr is constrained to accessing tor
where possible; that seems like a good goal.  but this particular ticket
(about setting nameserver port) seems like an orthogonal, independent
wishlist request.

   --dkg


signature.asc
Description: PGP signature

Bug#868046: Pending fixes for bugs in the gb package

[pkg-go-maintainers]

tag 868046 + pending
thanks

Some bugs in the gb package are closed in revision
6baea5d7fa4e587348aaa2bd238d11ba289b11fb in branch 'master' by Tianon
Gravi

The full diff can be seen at
https://anonscm.debian.org/cgit/pkg-go/packages/gb.git/commit/?id=6baea5d

Commit message:

(Build-)Depends explicitly on golang-1.X-go (Closes: #868046)

Bug#867240: [Pkg-openssl-devel] Bug#867240: openssl: Please add support for arm64ilp32 architecture

[Sebastian Andrzej Siewior]

control: tags -1 pending

On 2017-07-05 03:39:45 [+0100], Wookey wrote:
> This package FTBFS on arm64ilp32. The package has upstream support
> already. It just needs the correct debian target conf information adding. 
> "debian-arm64ilp32" => {
>  inherit_from => [ "linux-arm64ilp32", "debian" ],
>  },
> 
> A patch is attached.

added, thx.

Sebastian

Bug#868046: gb uses /usr/lib/go-1.7 even if go 1.8 is installed

[Tianon Gravi]

On 11 July 2017 at 14:43, Michael Hudson-Doyle
 wrote:
> Maybe it just makes sense for gb to (build-)depend on whichever
> golang-1.X-go directly.

I think you're probably right... :(

(Or perhaps we build-depend on golang-go, and explicitly depend on
whichever package that pulls in?  Although that would make updating it
require a binNMU, which is a bit annoying.)

We can't (easily) just "use whichever version is installed", since gb
has to be recompiled against every Go update.  For that, you might as
well skip the "gb" package and use "go get" instead (as recommended by
upstream).

Additionally, Go itself no longer uses alternatives because then the
software built in the archive might be built against any installed Go,
and package maintainers lose control over which version actually gets
used.

So TL;DR, I think Michael is right -- we probably need to just
explicitly (build-)depend on golang-1.X-go directly, and manually
update the package for each Go release (assuming gb is compatible with
the given release, which this method of updating would also help
ensure).


♥,
- Tianon
  4096R / B42F 6819 007F 00F8 8E36  4FD4 036A 9C25 BF35 7DD4

Bug#833691: lintian: warn against setting DEB_BUILD_OPTIONS in debian/rules

[Chris Lamb]

tags 833691 + pending
thanks

Fixed in Git:

  
https://anonscm.debian.org/git/lintian/lintian.git/commit/?id=a2accfc84c96351956042174413c472e2e644775


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb, Debian Project Leader
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#868088: RFS: sysbench/1.0.8+ds-1 -- multi-threaded benchmark tool for database systems

[JCF Ploemen]

Package: sponsorship-requests
Severity: normal
X-Debbugs-CC: spwhit...@spwhitton.name

Dear mentors,

I am looking for a sponsor for "sysbench":

  Package name: sysbench
  Version : 1.0.8+ds-1
  Upstream Author : Alexey Kopytov
  URL : https://github.com/akopytov/sysbench
  License : GPL-2
  Section : misc

It builds a single binary package:
  sysbench - multi-threaded benchmark tool for database systems

Changes since last upload:
  * New upstream release.
  * Patches: remove 02 and 05: merged upstream.
  * Bump Standards-Version to 4.0.0 (from 3.9.8; no further changes).
  * Control: limit build-depend on libaio-dev to linux-only.


Git branch for use with dgit-maint-gbp workflow is available at:
 https://github.com/jcfp/debpkg-sysbench/tree/master/
 HEAD commit id a1ccb164415345c6b1c648018ed2ec5c75b5295a

As requested in dgit-sponsorship(7), some sample commands:
To generate the orig tarball:
 origtargz
or using pristine-tar directly:
 pristine-tar checkout ../sysbench_1.0.8+ds.orig.tar.gz

To build the source package:
 dgit --gbp build-source

To upload:
 dgit --gbp push


Regards.


pgp4gyMhOMwrN.pgp
Description: OpenPGP digital signature

Bug#868084: git-annex: adjusted-unlocked mode but different

[Clint Adams]

On Tue, Jul 11, 2017 at 09:40:00PM +, Clint Adams wrote:
> I would like some way of operating with a working tree that has
> 
>  1) the actual files as if they are unlocked, but mode 0444
>  2) for files missing from the annex, either
> a) no file in working tree or
> b) a broken symlink just as if the file were locked

Or an automated, interspersed version of

git annex unlock --in=here
find . -path ./.git -prune -o -type f -perm /222 -exec chmod 444 {} \;

or something.

Bug#868087: light-locker: Locking screen with light-locker crashes system to blinking cursor

[Max Zhao]

Package: light-locker
Version: 1.7.0-3
Severity: important

Dear Maintainer,

when locking the screen using either the command 'dm-tool lock' or 
'light-locker-command -l', the screen will black showing only a blinking 
cursor. Switching to TTYs is not possible and only a restart will resolve the 
situation. This happens for every execution of the aforementioned commands.

Also when issuing a 'light-locker-command -a', the screen will not be turned 
off, instead the following error message is generated:
** Message: The screensaver failed to activate.

seat0.greeter.log:
** Message: Starting lightdm-gtk-greeter 2.0.2 (Nov 16 2016, 20:48:17)
** Message: [Configuration] Reading file: 
/usr/share/lightdm/lightdm-gtk-greeter.conf.d/01_debian.conf
** Message: [Configuration] Reading file: /etc/lightdm/lightdm-gtk-greeter.conf
Activating service name='org.a11y.atspi.Registry'
Successfully activated service 'org.a11y.atspi.Registry'

** (lightdm-gtk-greeter:742): WARNING **: [PIDs] Failed to execute command: 
upstart

** (lightdm-gtk-greeter:742): WARNING **: Error getting user list from 
org.freedesktop.Accounts: 
GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name 
org.freedesktop.Accounts was not provided by any .service files

(lightdm-gtk-greeter:742): Gtk-WARNING **: Drawing a gadget with negative 
dimensions. Did you forget to allocate a size? (node menubar owner 
GreeterMenuBar)

(lightdm-gtk-greeter:742): Gtk-WARNING **: Drawing a gadget with negative 
dimensions. Did you forget to allocate a size? (node menubar owner 
GreeterMenuBar)



-- System Information:
Debian Release: 9.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/12 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages light-locker depends on:
ii  dconf-gsettings-backend [gsettings-backend]  0.26.0-2+b1
ii  libc62.24-11+deb9u1
ii  libcairo21.14.8-1
ii  libdbus-1-3  1.10.18-1
ii  libdbus-glib-1-2 0.108-2
ii  libglib2.0-0 2.50.3-2
ii  libgtk-3-0   3.22.11-1
ii  libpango-1.0-0   1.40.5-1
ii  libpangocairo-1.0-0  1.40.5-1
ii  libsystemd0  232-25
ii  libx11-6 2:1.6.4-3
ii  libxext6 2:1.3.3-1+b2
ii  libxss1  1:1.2.2-1
ii  lightdm  1.18.3-1

light-locker recommends no packages.

light-locker suggests no packages.

-- no debconf information

Bug#868086: RFS: beautify-bash/1.1-1 [ITP]

[Mike Mestnik]

Package: sponsorship-requests
Severity: wishlist

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

  Dear mentors,

  I am looking for a sponsor for my package "beautify-bash"

 * Package name: beautify-bash
   Version : 1.1-1
   Upstream Author : Paul Lutus, Shriram V 
 * URL : https://arachnoid.com/python/beautify_bash_program.html
 * License : GPL+
   Section : utils

  It builds those binary packages:

beautify-bash - Beautifier for Bash shell scripts written in Python

  To access further information about this package, please visit the following 
URL:

  https://mentors.debian.net/package/beautify-bash


  Alternatively, one can download the package with dget using this command:

dget -x 
https://mentors.debian.net/debian/pool/main/b/beautify-bash/beautify-bash_1.1-1.dsc

  Changes since the last upload:

beautify-bash (1.1-1) unstable; urgency=medium

  * Initial release (Closes: #867869)

 -- Mike Mestnik   Tue, 11 Jul 2017 13:21:00 
-0500

  Regards,
   Mike Mestnik

- --
Debian Release: 9.0
  APT prefers stable
  APT policy: (500, 'stable'), (480, 'unstable'), (470, 'experimental')
Architecture: i386 (x86_64)

Kernel: Linux 4.11.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-BEGIN PGP SIGNATURE-

iQJLBAEBCAA1FiEE50YYYn+e/FujuFBs49GprY7cq4oFAlllSBIXHGNoZWFrb0Bt
aWtlbWVzdG5pay5uZXQACgkQ49GprY7cq4qpnBAAgGmQqwcmjqfCsm65YXvKGexO
O/3AntGsC68Mi1NMBxYWZVkTIdkGFgNkq+VnoXqXxepGrdoAi9HZtBjhcxHZ+KN9
bOGCOjhZj+coOSOiJXkCvVqMfGdUBn9Qfw2EyaXQcq/o/Dym64u+Vihq4ElvwdJq
LpzdPZp8nEPpayAX+n7U5BvKnr0B4rUwdMtOfDTeDtCA6+86bzNKJO0eUnAOKKP6
c4fCVODHc58WwF8NcW7GPywznvU4WoR5QJ8repLSYfXrLBeFGcv1sWugbbo2+hhe
eKbBBtvHAkHj4fEtkAR1QzPYxEo8m4ahKHkjkS13I3tlX4x611MtDOuWirmlJyUl
GIjR+yTlF1PgS4+sy6Eytx1My9jKVpfkYktwKHMaFidrGj9pvAfklyRoU00Sx0Kf
9AEgVK76PowZaqskT5PnmHC4j1Kg8oGbfSxuzaELZ7/83Un1kZg81FBZTS9awIcQ
+DqfjSU3sqXV06baTCWj/7VrxlLHZszGlZGJv6t+FcMnPtUEKHiSnGHjootfegPT
9TLm+swst1Y6Pp1l/vZn5I0NCWgullypcxJ0eYt5gkGYVoEw9jGDo5OGwl06OW9N
9Ojyn1OajncA25862oqVxE6ppA6I49AwsDJyvkTclg+tHqSSnkVOygCcVScc+Y6V
hRJeKW6ofc+zzgRm8Ys=
=JbDP
-END PGP SIGNATURE-

Bug#868084: git-annex: adjusted-unlocked mode but different

[Clint Adams]

Package: git-annex
Version: 6.20170101-1
Severity: wishlist

I would like some way of operating with a working tree that has

 1) the actual files as if they are unlocked, but mode 0444
 2) for files missing from the annex, either
a) no file in working tree or
b) a broken symlink just as if the file were locked

In other words, I want a read-only human-readable view of the 
files in the annex, and I do not want ~150-octet real files with
the annex object path in them.

I hope that was coherent.

Bug#867104: wanna-build issue with src:perl versioned Provides

[gregor herrmann]

On Wed, 05 Jul 2017 03:01:10 +0200, Guillem Jover wrote:

> On Tue, 2017-07-04 at 23:30:37 +0300, Niko Tyni wrote:
> > Not that I know of. I've been just going by what works with dpkg and
> > apt. If this is something that has only been made possible accidentally,
> > I'll of course back up the src:perl changes.
> 
> This was pretty much intentional. And the usage in perl seems completely
> as this was implemented for.

That's good to hear as we'd really like to use versioned provides
this way in th perliverse :)


On Thu, 06 Jul 2017 04:26:04 +0200, Guillem Jover wrote:

> > 6)
> > 
> > Package: a
> > Depends: p (>= 1), p (<< 2)
> > 
> > Package: b
> > Provides: p (=1)
> > 
> > Package: c
> > Provides: p (=2)
> > 
> > When a and b are installed, can c be installed without removing a?
> 
> Yes, because b is enough to satisfy the dependency. This is not a
> Conflicts/Breaks field after all.
> 
> I think all of Ralf cases are already covered by the functional test
> suite, I've just added the one from Adrian.
> 
>   

Thanks for all your explanations!


Now that all cases, including the 6th one, are clear, is there
anything that's missing before the behaviour of dose-builddebcheck
can be adapted?


Cheers,
gregor

-- 
 .''`.  https://info.comodo.priv.at/ - Debian Developer https://www.debian.org
 : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D  85FA BB3A 6801 8649 AA06
 `. `'  Member of VIBE!AT & SPI, fellow of the Free Software Foundation Europe
   `-   NP: Billy Joel: We Didn't Start the Fire


signature.asc
Description: Digital Signature

Bug#846009: look for FIX_MEs in control and copyright created by npm2deb

[Chris Lamb]

tags 846009 + pending
thanks

Fixed in Git:

  
https://anonscm.debian.org/git/lintian/lintian.git/commit/?id=7319953bad3ae5e0e15f778a7ed19dd20241b77c


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb, Debian Project Leader
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#868046: [pkg-go] Bug#868046: Bug#868046: gb uses /usr/lib/go-1.7 even if go 1.8 is installed

[Michael Hudson-Doyle]

Maybe it just makes sense for gb to (build-)depend on whichever
golang-1.X-go directly.

Bug#867706: backfire-dkms: module FTBFS for Linux 4.11

[Uwe Kleine-König]

Hello Marcelo,

On 07/11/2017 11:21 PM, Marcelo Henrique Cerri wrote:
> Package: backfire-dkms
> Version: 1.0-1
> Tags: patch
> Followup-For: Bug #867706
> 
> Can you please check if the attached patch fixes the problem for you?

It probably does but it is ugly and I already talked to upstream and the
plan is to drop the backfire module. I already pushed a commit to the
packaging git that drops the dkms module and intend to upload that soon.

Best regards and sorry for your effort that won't make it in.
Uwe



signature.asc
Description: OpenPGP digital signature

Bug#868083: CVE-2017-7506

[Moritz Muehlenhoff]

Source: spice
Severity: grave
Tags: security

Please see:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7506

Cheers,
Moritz

Bug#868082: linux-image-4.11.0-1-686: fails to boot on i386 (Soekris net5501)

[Francesco Poli (wintermute)]

Package: src:linux
Version: 4.11.6-1
Severity: important

Hello,
after upgrading an i386 box (Soekris net5501) running testing (buster),
I found out that the newly migrated Linux kernel fails to boot.

Looking at the boot through the serial console reveals the following
few messages:

  Booting 'Debian GNU/Linux, with Linux 4.11.0-1-686'

  Loading Linux 4.11.0-1-686 ...
  Loading initial ramdisk ...

and then nothing else.

The previous kernel image (4.9.0-3-686) works fine.
I have currently altered GRUB_DEFAULT in /etc/default/grub, in order to
force the machine to automatically boot that kernel version.

I hope that this bug may be fixed soon.
Thanks to the Debian Kernel Team for any help they may provide.




-- Package-specific info:

** Model information

** PCI devices:
00:01.0 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] CS5536 [Geode 
companion] Host Bridge [1022:2080] (rev 33)
Subsystem: Advanced Micro Devices, Inc. [AMD] CS5536 [Geode companion] 
Host Bridge [1022:2080]
Control: I/O+ Mem- BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap- 66MHz+ UDF- FastB2B- ParErr- DEVSEL=medium >TAbort- 
SERR- TAbort- 
SERR- TAbort- 
SERR- 
Kernel driver in use: via-rhine
Kernel modules: via_rhine

00:07.0 Ethernet controller [0200]: VIA Technologies, Inc. VT6105M [Rhine-III] 
[1106:3053] (rev 96)
Subsystem: VIA Technologies, Inc. VT6105M [Rhine-III] [1106:0106]
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV+ VGASnoop- ParErr- 
Stepping- SERR+ FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=medium >TAbort- 
SERR- 
Kernel driver in use: via-rhine
Kernel modules: via_rhine

00:08.0 Ethernet controller [0200]: VIA Technologies, Inc. VT6105M [Rhine-III] 
[1106:3053] (rev 96)
Subsystem: VIA Technologies, Inc. VT6105M [Rhine-III] [1106:0106]
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV+ VGASnoop- ParErr- 
Stepping- SERR+ FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=medium >TAbort- 
SERR- 
Kernel driver in use: via-rhine
Kernel modules: via_rhine

00:09.0 Ethernet controller [0200]: VIA Technologies, Inc. VT6105M [Rhine-III] 
[1106:3053] (rev 96)
Subsystem: VIA Technologies, Inc. VT6105M [Rhine-III] [1106:0106]
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV+ VGASnoop- ParErr- 
Stepping- SERR+ FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=medium >TAbort- 
SERR- 
Kernel driver in use: via-rhine
Kernel modules: via_rhine

00:14.0 ISA bridge [0601]: Advanced Micro Devices, Inc. [AMD] CS5536 [Geode 
companion] ISA [1022:2090] (rev 03)
Subsystem: Advanced Micro Devices, Inc. [AMD] CS5536 [Geode companion] 
ISA [1022:2090]
Control: I/O+ Mem- BusMaster- SpecCycle+ MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap- 66MHz+ UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort- 
SERR- TAbort- 
SERR- TAbort- 
SERR- TAbort- 
SERR- 
ii  grub-pc 1.99-17
pn  linux-doc-4.11  

Versions of packages linux-image-4.11.0-1-686 is related to:
pn  firmware-amd-graphics 
pn  firmware-atheros  
pn  firmware-bnx2 
pn  firmware-bnx2x
pn  firmware-brcm80211
pn  firmware-cavium   
pn  firmware-intel-sound  
pn  firmware-intelwimax   
pn  firmware-ipw2x00  
pn  firmware-ivtv 
pn  firmware-iwlwifi  
pn  firmware-libertas 
pn  firmware-linux-nonfree
pn  firmware-misc-nonfree 
pn  firmware-myricom  
pn  firmware-netxen   
pn  firmware-qlogic   
pn  firmware-realtek  
pn  firmware-samsung  
pn  firmware-siano
pn  firmware-ti-connectivity  
pn  xen-hypervisor

-- no debconf information

Bug#867706: backfire-dkms: module FTBFS for Linux 4.11

[Marcelo Henrique Cerri]

Package: backfire-dkms
Version: 1.0-1
Tags: patch
Followup-For: Bug #867706

Can you please check if the attached patch fixes the problem for you?

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.11.0-1-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to C.UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) (ignored: LC_ALL set to 
C.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages backfire-dkms depends on:
ii  dkms  2.3-3

backfire-dkms recommends no packages.

backfire-dkms suggests no packages.

-- no debconf information
diff -Nru rt-tests-1.0/debian/patches/backfire-fix-build-failure-for-4.11-kernels.patch rt-tests-1.0/debian/patches/backfire-fix-build-failure-for-4.11-kernels.patch
--- rt-tests-1.0/debian/patches/backfire-fix-build-failure-for-4.11-kernels.patch	1969-12-31 21:00:00.0 -0300
+++ rt-tests-1.0/debian/patches/backfire-fix-build-failure-for-4.11-kernels.patch	2016-06-19 18:46:40.0 -0300
@@ -0,0 +1,28 @@
+From: Marcelo Henrique Cerri 
+Subject: [PATCH] backfire: fix build failure for 4.11+ kernels
+Bug-Debian: 867706
+
+Since v4.11-rc1~18^2~76, kill_pid() is declared in
+"linux/sched/signal.h" instead of in "linux/sched.h".
+
+Include the correct header file based on the kernel version to keep
+it compatible with older kernels.
+
+Signed-off-by: Marcelo Henrique Cerri 
+
+--- a/src/backfire/backfire.c
 b/src/backfire/backfire.c
+@@ -20,8 +20,13 @@
+  */
+ 
+ #include 
++#include 
+ 
++#if LINUX_VERSION_CODE < KERNEL_VERSION(4,11,0)
+ #include 
++#else
++#include 
++#endif
+ #include 
+ #include 
+ #include 
diff -Nru rt-tests-1.0/debian/patches/series rt-tests-1.0/debian/patches/series
--- rt-tests-1.0/debian/patches/series	2016-06-19 17:45:37.0 -0300
+++ rt-tests-1.0/debian/patches/series	2016-06-19 18:46:40.0 -0300
@@ -5,3 +5,4 @@
 fix_comment_about_realtime_group.patch
 backfire-fix-build-failure-for-modern-kernels.patch
 install_manpage_rt-migrate-test.patch
+backfire-fix-build-failure-for-4.11-kernels.patch

Bug#634785:

[Davis Hardiansyah]

Bug#868081: -done and -forwarded should work just like nnn but also do control@ things

[Don Armstrong]

Package: bugs.debian.org
Severity: normal

Current, repeated messages to nnn-done@foo just get appended to the log
and don't get mailed anywhere.

They should do normal nnn@ things instead, and only do the extra -done
bits via Debbugs::Control::set_done or ::set_forwarded.

This will require a bit of a rewrite of process, though.

-- 
Don Armstrong  https://www.donarmstrong.com

A Bill of Rights that means what the majority wants it to mean is worthless. 
 -- U.S. Supreme Court Justice Antonin Scalia

Bug#868046: [pkg-go] Bug#868046: gb uses /usr/lib/go-1.7 even if go 1.8 is installed

[Jens Kubieziel]

* Tianon Gravi schrieb am 2017-07-11 um 18:43 Uhr:
> Arg -- so, gb is a bit picky about which Go it's compiled against (and
> Dave often will recommend that users try a clean recompile of gb
> before he'll try debugging their issues since even minor Go upgrades
> can break it).

Well I tried to `apt-get source -b gb`, but also this failed:
…
debian/rules:15: recipe for target 'override_dh_auto_test' failed
…

Before I saw severall failed messages from tests.

> I wonder if we need to do something like "gb-go1.8" vs "gb-go1.7" to
> help enforce tighter separation (similar to what's often done in
> Python packages with "bin2" vs "bin3" or even "bin2.7" vs "bin3.4" vs
> "bin3.5"). :(

I'm not sure if that's a good idea or not, but can't we have something
like Debian alternatives for go. So when someone uses
update-alternatives to set go to go-1.8 also gb uses the right
directories and if another version is used then gb uses whatever is
correct then. However I'm neither a Go nor a Debian expert to see how
this can be realised.

-- 
Jens Kubieziel   http://www.kubieziel.de
 "When someone says: 'I want a programming language in which I need only
 say what I wish done', give him a lollipop." - Alan J. Perlis


signature.asc
Description: Digital signature

Bug#868080: CVE-2017-11163

[Moritz Muehlenhoff]

Package: cacti
Severity: important
Tags: security

This was assigned CVE-2017-11163:
https://github.com/Cacti/cacti/issues/847

Cheers,
Moritz

Bug#868075: Pending fixes for bugs in the libperlx-assert-perl package

[pkg-perl-maintainers]

tag 868075 + pending
thanks

Some bugs in the libperlx-assert-perl package are closed in revision
840d5d84331ff0aa8e94cbe61deb647f80b9f035 in branch 'master' by gregor
herrmann

The full diff can be seen at
https://anonscm.debian.org/cgit/pkg-perl/packages/libperlx-assert-perl.git/commit/?id=840d5d8

Commit message:

Add libkeyword-simple-perl, libdevel-declare-perl to Depends.

Closes: #868075

Bug#867514: [Pkg-cmake-team] Bug#867514: python2.7/cmake: find_package called with invalid argument "2.7.13+"

[Felix Geyer]

Hi Adrian,

On 07.07.2017 01:11, Adrian Bunk wrote:
> -- Found PythonLibs: /usr/lib/mips-linux-gnu/libpython2.7.so (found suitable 
> version "2.7.13+", minimum required is "2") 
> CMake Error at bindings/python/CMakeLists.txt:9 (FIND_PACKAGE):
>   find_package called with invalid argument "2.7.13+"

I've submitted a patch upstream.

Please note however that libsolv doesn't follow the recommended way to find the 
Python interpreter
+ libs:

> If calling both ``find_package(PythonInterp)`` and
> ``find_package(PythonLibs)``, call ``find_package(PythonInterp)`` first to> 
> get the currently active Python version by default with a consistent version
> of PYTHON_LIBRARIES.
Felix

Bug#868075: libperlx-assert-perl: missing dependency on libkeyword-simple-perl | libdevel-declare-perl

[gregor herrmann]

On Tue, 11 Jul 2017 23:18:39 +0300, Niko Tyni wrote:

> This package seems to be missing a runtime dependency on
> libkeyword-simple-perl | libdevel-declare-perl.
> 
>   % perl -e 'use PerlX::Assert'
>   Can't locate Devel/Declare.pm in @INC (you may need to install the 
> Devel::Declare module) (@INC contains: /etc/perl 
> /usr/local/lib/x86_64-linux-gnu/perl/5.24.1 /usr/local/share/perl/5.24.1 
> /usr/lib/x86_64-linux-gnu/perl5/5.24 /usr/share/perl5 
> /usr/lib/x86_64-linux-gnu/perl/5.24 /usr/share/perl/5.24 
> /usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base) at 
> /usr/share/perl5/PerlX/Assert/DD.pm line 6.
>   BEGIN failed--compilation aborted at /usr/share/perl5/PerlX/Assert/DD.pm 
> line 6.
>   Compilation failed in require at /usr/share/perl5/PerlX/Assert.pm line 50.
>   BEGIN failed--compilation aborted at -e line 1
> 
> The code looks like PerlX::Assert::Keyword is used if Keyword::Simple
> is installed, otherwise PerlX::Assert::DD (which needs Devel::Declare.)

Looks like both are needed in a way: If I add libkeyword-simple-perl
| libdevel-declare-perl, there's still one autopkgtest failure:

# Subtest: all modules in libperlx-assert-perl pass the syntax check
1..3
# Can't locate Devel/Declare.pm in @INC (you may need to install the 
Devel::Declare module) (@INC contains: /etc/perl 
/usr/local/lib/x86_64-linux-gnu/perl/5.24.1 /usr/local/share/perl/5.24.1 
/usr/lib/x86_64-linux-gnu/perl5/5.24 /usr/share/perl5 
/usr/lib/x86_64-linux-gnu/perl/5.24 /usr/share/perl/5.24 
/usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base) at 
/usr/share/perl5/PerlX/Assert/DD.pm line 6.
# BEGIN failed--compilation aborted at /usr/share/perl5/PerlX/Assert/DD.pm 
line 6.
not ok 1 - /usr/bin/perl -wc /usr/share/perl5/PerlX/Assert/DD.pm exited 
successfully
ok 2 - /usr/bin/perl -wc /usr/share/perl5/PerlX/Assert/Keyword.pm exited 
successfully
ok 3 - /usr/bin/perl -wc /usr/share/perl5/PerlX/Assert.pm exited 
successfully
not ok 4 - all modules in libperlx-assert-perl pass the syntax check


Which matches your conclusion that only PerlX::Assert::DD needs Devel::Declare
but adding both seems safer.


Cheers,
gregor

-- 
 .''`.  https://info.comodo.priv.at/ - Debian Developer https://www.debian.org
 : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D  85FA BB3A 6801 8649 AA06
 `. `'  Member of VIBE!AT & SPI, fellow of the Free Software Foundation Europe
   `-   NP: Cat Stevens: I See A Road


signature.asc
Description: Digital Signature

Bug#868079: Security issues marked as no-dsa are shown as "ignored"

[Moritz Muehlenhoff]

Package: tracker.debian.org
Severity: normal

The PTS shows no-dsa security issues as "Ignored security issue",
but that's wrong: They are not ignored per se, it only means they
don't warrant an immediate DSA. They can stable through a point
release or they're lined up, they can be piggybacked on a DSA if
a more severe issues comes forth or they can be left unfixed.

But showing them as ignored is wrong and misleading.

Cheers,
Moritz

Bug#868057: davmail: NoClassDefFoundError at startup so no listen port

[Geert Stappers]

On Tue, Jul 11, 2017 at 07:50:41PM +0200, Alexandre Rossi wrote:
> Hi,
> 
> > The davmail program don't start: it stay hang and no ports are
> > listening.
> 
> This should be fixed by the version awaiting sponsorship on mentors.d.o
> https://mentors.debian.net/package/davmail


|Information
|Version:  4.8.0.2479-2
|Uploaded: 2017-07-11 17:21
|Source package:   
https://mentors.debian.net/debian/pool/main/d/davmail/davmail_4.8.0.2479-2.dsc
|Section:  net
|Priority: extra
|Closes bugs:  868057

Seen it and shall look into it.


Groeten
Geert Stappers
-- 
Leven en laten leven

Bug#690763: installation-guide: sudo and no password for root user situation

[Baptiste Jammet]

Hello, 

I don't know the implementation detail of this (no root password
installs sudo and allow user to use it), but I suspect that only the
first user (created in the next step) will be allowed to use sudo.

Maybe add something like :
By default, only the first user, that will be created in the next step,
will be allowed to use sudo to perform these
administrative tasks.

Baptiste

Index: en/using-d-i/modules/user-setup.xml
===
--- en/using-d-i/modules/user-setup.xml	(révision 70799)
+++ en/using-d-i/modules/user-setup.xml	(copie de travail)
@@ -34,6 +34,9 @@
 here, this account will be disabled but the sudo package
 will be installed later to enable administrative tasks to be carried out on
 the new system.
+By default, only the first user, that will be created in the next step,
+will be allowed to use sudo to perform these
+administrative tasks.
 
 
   


pgpMcBvK_f9L8.pgp
Description: OpenPGP digital signature

Bug#868077: /usr/bin/dh_strip_nondeterminism: fails on Winff with: Can't locate object method "new" via package "File::Temp"

[Chris Lamb]

tags 868077 + pending
thanks

Fixed in Git:

  
https://anonscm.debian.org/git/reproducible/strip-nondeterminism.git/commit/?id=3feaec92752aa6be958c5f3b3f444665f2536e96


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb, Debian Project Leader
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#868078: poco: Please add m68k as target to Double-Conversion

[John Paul Adrian Glaubitz]

Source: poco
Version: 1.7.6+dfsg1
Severity: normal
Tags: patch
User: debian-...@lists.debian.org
Usertags: m68k

Hi!

poco currently fails to build from source because the embedded
version of Double-Conversion lacks support for m68k:

g++  -Iinclude -I/<>/poco-1.7.6+dfsg1/CppUnit/include 
-I/<>/poco-1.7.6+dfsg1/CppUnit/WinTestRunner/include 
-I/<>/poco-1.7.6+dfsg1/Foundation/include 
-I/<>/poco-1.7.6+dfsg1/XML/include 
-I/<>/poco-1.7.6+dfsg1/JSON/include 
-I/<>/poco-1.7.6+dfsg1/Util/include 
-I/<>/poco-1.7.6+dfsg1/Net/include 
-I/<>/poco-1.7.6+dfsg1/Crypto/include 
-I/<>/poco-1.7.6+dfsg1/NetSSL_OpenSSL/include 
-I/<>/poco-1.7.6+dfsg1/Data/include 
-I/<>/poco-1.7.6+dfsg1/Data/SQLite/include 
-I/<>/poco-1.7.6+dfsg1/Data/ODBC/include 
-I/<>/poco-1.7.6+dfsg1/Data/MySQL/include 
-I/<>/poco-1.7.6+dfsg1/MongoDB/include 
-I/<>/poco-1.7.6+dfsg1/Zip/include 
-I/<>/poco-1.7.6+dfsg1/PageCompiler/include 
-I/<>/poco-1.7.6+dfsg1/PageCompiler/File2Page/include -g -O2 
-fdebug-prefix-map=/<>/poco-1.7.6+dfsg1=. -fstack-protector-strong 
-Wformat -Werror=format-security -W
 all -Wno-sign-compare -Wall -Wno-sign-compare -DPOCO_BUILD_HOST=vs91 
-DPOCO_TARGET_OSNAME=Linux -DPOCO_TARGET_OSARCH=m68k 
-DPOCO_UTIL_NO_JSONCONFIGURATION -D_XOPEN_SOURCE=500 -D_REENTRANT 
-D_THREAD_SAFE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE64_SOURCE 
-DPOCO_HAVE_FD_EPOLL -Wdate-time -D_FORTIFY_SOURCE=2  -DNDEBUG -fPIC -c 
src/NumericString.cpp -o 
/<>/poco-1.7.6+dfsg1/Foundation/obj/Linux/m68k/release_shared/NumericString.o
In file included from src/diy-fp.h:31:0,
 from src/diy-fp.cc:29,
 from src/NumericString.cpp:23:
src/utils.h:74:2: error: #error Target architecture was not detected as 
supported by Double-Conversion.
 #error Target architecture was not detected as supported by Double-Conversion.
  ^

This is fixed by applying the attached patch which was cherry-picked
from Double-Conversion upstream [1]. poco upstream is missing the patch
as well as Double-Conversion upstream hasn't released since after the
patch [1] was merged in 2014.

Thanks for consideration!

Adrian

> [1] 
> https://github.com/google/double-conversion/commit/da11179623145f53b204105a93b8bbca431141da

-- 
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer - glaub...@debian.org
`. `'   Freie Universitaet Berlin - glaub...@physik.fu-berlin.de
  `-GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913
Description: Add m68k as target architecture to Double Conversion
Origin: 
https://github.com/google/double-conversion/commit/da11179623145f53b204105a93b8bbca431141da
Last-Update: 2017-07-11

--- poco-1.7.6+dfsg1.orig/Foundation/src/utils.h
+++ poco-1.7.6+dfsg1/Foundation/src/utils.h
@@ -63,6 +63,8 @@
 defined(__AARCH64EL__) || \
 defined(nios2) || defined(__nios2) || defined(__nios2__)
 #define DOUBLE_CONVERSION_CORRECT_DOUBLE_OPERATIONS 1
+#elif defined(__mc68000__)
+#undef DOUBLE_CONVERSION_CORRECT_DOUBLE_OPERATIONS
 #elif defined(_M_IX86) || defined(__i386__) || defined(__i386)
 #if defined(_WIN32)
 // Windows uses a 64bit wide floating point stack.

Bug#868077: /usr/bin/dh_strip_nondeterminism: fails on Winff with: Can't locate object method "new" via package "File::Temp"

[Paul Gevers]

Package: dh-strip-nondeterminism
Version: 0.036-1
Severity: normal
File: /usr/bin/dh_strip_nondeterminism

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

I just uploaded my package Winff to the archive and it FTBFS due to the
following error in dh_strip_nondeterminism:

   dh_strip_nondeterminism -i "-O--ddeb-migration=winff-dbg (<< 1.5.3-7~)"
dh_strip_nondeterminism: 
debian/winff-data/usr/share/icons/hicolor/48x48/apps/winff.png: Can't locate 
object method "new" via package "File::Temp" (perhaps you forgot to load 
"File::Temp"?) at /usr/share/perl5/File/StripNondeterminism/handlers/png.pm 
line 55.

See the full log here:
https://buildd.debian.org/status/fetch.php?pkg=winff=all=1.5.5-2=1499802863=0

In the past this png wasn't a problem, and anyways I don't think
dh_strip_nondeterminism should abort like this.

Paul


- -- System Information:
Debian Release: 9.0
  APT prefers stable-debug
  APT policy: (500, 'stable-debug'), (500, 'stable'), (200, 'stable'), (50, 
'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages dh-strip-nondeterminism depends on:
ii  debhelper 10.2.5
ii  libfile-stripnondeterminism-perl  0.034-1
ii  libtimedate-perl  2.3000-2
ii  perl  5.24.1-3

dh-strip-nondeterminism recommends no packages.

dh-strip-nondeterminism suggests no packages.

- -- no debconf information

-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEEWLZtSHNr6TsFLeZynFyZ6wW9dQoFAlllM00ACgkQnFyZ6wW9
dQo/ugf/U23aeRVuPu5Ggyln8vxDv6vwFgSUhuBdFUaB7obAEej9TatgAMy2+x3B
p8h51hTxSwJ5YF8sCGizzW0CcBkivShAVwtJ+R9MACRg9jcop/aQnnpShbuNDqnu
lNJsZAG4GMsp4w2+No9q5ZuMGQ8hyewHgEZOqyIBwTh+xQrJwHt0bwzappdI1U6a
7Lc/bzJ53JL8TYMkuhQmhy2ZNCUEwfeDJXdPe6luOMW1IXYjXAnG9pyMmzyhTgiv
mGnTKSeu2TKfNZ74a7h2kKjkGFm77peDth16+u06iIK2jzjgfnQ4pMzEW4QCaj08
O/aOYloKh5EDNU2bLha801HCuahRnw==
=GC/7
-END PGP SIGNATURE-

Bug#868076: libc6: gethostbyname assertion failure on m68k

[James Clarke]

Package: libc6
Version: 2.24-12
Tags: upstream patch
Forwarded: https://sourceware.org/ml/libc-alpha/2017-07/msg00466.html
User: debian-...@lists.debian.org
Usertags: m68k
X-Debbugs-Cc: debian-...@lists.debian.org

Hi,
On m68k, gethostbyname can sometimes cause an assertion failure:

> "nss_files/files-hosts.c:218: _nss_files_gethostbyname3_r: Assertion 
> `(bufferend - (char *) 0) % sizeof (char *) == 0' failed."

This can be reproduced with the following simple program (though it may
depend on the exact system or chroot setup):

> #include 
> #include 
>
> int main(int argc, char **argv) {
> struct hostent *h = gethostbyname("localhost");
> printf("name: %s\n", h->h_name);
> return 0;
> }

This is because _nss_files_gethostbyname3_r asserts that bufferend is
sizeof-aligned (4 bytes for a char *), but parse_list only rounds to
__alignof__(char *), which is (unusually) just 2 bytes on m68k. The
above patch forwarded upstream weakens the assertion (and subsequent
rounding on future loop iterations) to only be __alignof__(char *).

Regards,
James

Bug#868075: libperlx-assert-perl: missing dependency on libkeyword-simple-perl | libdevel-declare-perl

[Niko Tyni]

Package: libperlx-assert-perl
Version: 0.904-1
Severity: serious

This package seems to be missing a runtime dependency on
libkeyword-simple-perl | libdevel-declare-perl.

  % perl -e 'use PerlX::Assert'
  Can't locate Devel/Declare.pm in @INC (you may need to install the 
Devel::Declare module) (@INC contains: /etc/perl 
/usr/local/lib/x86_64-linux-gnu/perl/5.24.1 /usr/local/share/perl/5.24.1 
/usr/lib/x86_64-linux-gnu/perl5/5.24 /usr/share/perl5 
/usr/lib/x86_64-linux-gnu/perl/5.24 /usr/share/perl/5.24 
/usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base) at 
/usr/share/perl5/PerlX/Assert/DD.pm line 6.
  BEGIN failed--compilation aborted at /usr/share/perl5/PerlX/Assert/DD.pm line 
6.
  Compilation failed in require at /usr/share/perl5/PerlX/Assert.pm line 50.
  BEGIN failed--compilation aborted at -e line 1

The code looks like PerlX::Assert::Keyword is used if Keyword::Simple
is installed, otherwise PerlX::Assert::DD (which needs Devel::Declare.)
-- 
Niko Tyni   nt...@debian.org

Bug#775104: gnome-system-monitor: not auto expanding column width in proctree view

[Tim]

Hi Pedro,

On Fri, 2016-09-16 at 22:38 +0100, Pedro Beja wrote:
> I think this issue was fixed in the latest upstream version.
> Could you please try with newer gnome-system-monitor version 3.21.91-
> 1 ?

I recently upgraded to the new Debian stable and can confirm that this
issue does not appear anymore in gnome-system-monitor 3.22.2-1.
As far as I am concerned, this report may be closed.

Best,
Tim

Bug#868072: transition-check: Failed to retrieve transitions list:

[Adam D. Barratt]

On Tue, 2017-07-11 at 21:18 +0200, Jakub Wilk wrote:
> transition-check doesn't work:
> 
> $ transition-check
> transition-check: Failed to retrieve transitions list:

In fact, it's not worked since at least the split of release.d.o from
ftp-master.d.o, probably actually the changes to d.o Apache
configuration before that to not follow symlinks.

The fact that no-one noticed, coupled with the fact that the
functionality hasn't been used for years (I don't think it's ever been
used while I've been on the Release Team) makes fixing it seem slightly
redundant. However, the file appears to still be available on a public
URL, so I'll do it anyway.

Regards,

Adam

Bug#868074: libfelix-bundlerepository-java: missing requirement osgi.wiring.package; (&(osgi.wiring.package=org.osgi.service.repository)(version>=1.0.0)(!(version>=1.1.0))))

[Mykola Nikishov]

Package: libfelix-bundlerepository-java
Version: 2.0.10-1
Severity: grave
Justification: renders package unusable

Bundle fails to start due to a missing requirement:

--8<---cut here---start->8---
$ felix-framework
ERROR: Bundle org.apache.felix.bundlerepository [16] Error starting 
file:/usr/share/felix-framework/bundle/org.apache.felix.bundlerepository.jar 
(org.osgi.framework.BundleException: Unresolved constraint in bundle 
org.apache.felix.bundlerepository [16]: Unable to resolve 16.0: missing 
requirement [16.0] osgi.wiring.package; 
(&(osgi.wiring.package=org.osgi.service.repository)(version>=1.0.0)(!(version>=1.1.0
org.osgi.framework.BundleException: Unresolved constraint in bundle 
org.apache.felix.bundlerepository [16]: Unable to resolve 16.0: missing 
requirement [16.0] osgi.wiring.package; 
(&(osgi.wiring.package=org.osgi.service.repository)(version>=1.0.0)(!(version>=1.1.0)))
at org.apache.felix.framework.Felix.resolveBundleRevision(Felix.java:4097)
at org.apache.felix.framework.Felix.startBundle(Felix.java:2114)
at org.apache.felix.framework.Felix.setActiveStartLevel(Felix.java:1368)
at 
org.apache.felix.framework.FrameworkStartLevelImpl.run(FrameworkStartLevelImpl.java:308)
at java.lang.Thread.run(Thread.java:748)

Welcome to Apache Felix Gogo

g! lb
START LEVEL 1
   ID|State  |Level|Name
0|Active |0|System Bundle (4.6.1)
2|Active |1|Apache Felix Gogo Command (0.14.0)
3|Active |1|Apache Felix Gogo Runtime (0.16.2)
4|Active |1|Apache Felix Gogo Shell (0.12.0)
   16|Installed  |1|Apache Felix Bundle Repository (2.0.10)
g!
--8<---cut here---end--->8---

Downgrading back to 2.0.8 fixes this problem.

-- System Information:
Debian Release: buster/sid
  APT prefers oldoldstable
  APT policy: (500, 'oldoldstable'), (500, 'stable'), (70, 'unstable'), (60, 
'testing'), (50, 'experimental'), (40, 'oldstable')
Architecture: amd64
 (x86_64)

Kernel: Linux 4.11.0-1-rt-amd64 (SMP w/4 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libfelix-bundlerepository-java depends on:
ii  libeasymock-java   3.4+ds-1
ii  libosgi-core-java  6.0.0-1

Versions of packages libfelix-bundlerepository-java recommends:
ii  libfelix-gogo-runtime-java  0.16.2-1
pn  libfelix-osgi-obr-java  
pn  libfelix-shell-java 
pn  libfelix-utils-java 
pn  libkxml2-java   
ii  libosgi-compendium-java 5.0.0-5

Versions of packages libfelix-bundlerepository-java suggests:
pn  libfelix-bundlerepository-java-doc  

-- no debconf information

Bug#797934:

[Davis Hardiansyah]

Bug#868073: bioperl-run: FTBFS: t/Bowtie.t failure

[Niko Tyni]

Package: bioperl-run
Version: 1.7.1-3
Severity: serious

This package falis to build on current sid/amd64.

>From the build log:

  - EXCEPTION -
  MSG: /usr/bin/bowtie call crashed: There was a problem running 
/usr/bin/bowtie : Encountered a space parsing the quality string for read r1
  If this is a FASTQ file with integer (non-ASCII-encoded) qualities, please
  re-run Bowtie with the --integer-quals option.
  TBB Warning: Exact exception propagation is requested by application but the 
linked library is built without support for it
  Command: bowtie-align --wrapper basic-0 -l 28 -n 2 -e 70 -S --12 
t/data/bowtie/reads/e_coli.cb t/data/bowtie/indexes/e_coli 
/tmp/Wi1GtfHq3S/B2MCI6vGnb.sam 
  
  STACK Bio::Tools::Run::WrapperBase::_run 
/<>/blib/lib/Bio/Tools/Run/WrapperBase/CommandExts.pm:1032
  STACK Bio::Tools::Run::Bowtie::run 
/<>/blib/lib/Bio/Tools/Run/Bowtie.pm:358
  STACK toplevel t/Bowtie.t:234
  -
  
  # Looks like your test exited with 29 just after 57.
  t/Bowtie.t  
  1..70
  ok 1 - make a factory using command 'assemble'
  ok 2 - parameters changed on construction
  ok 3 - access parameter
  ok 4 - parameters_changed cleared on read
  ok 5 - set a param not set in constructor
  ok 6 - parameters_changed set
  ok 7 - parameter really set
  ok 8 - original parameter unchanged
  ok 9 - parameters_changed cleared on read
  ok 10 - change an original parameter
  ok 11 - parameter really changed
  ok 12 - reset parameters with arg
  ok 13 - original parameters undefined
  ok 14 - parameter really reset via arg
  ok 15 - set an exclusive group parameter
  ok 16 - parameter really set
  ok 17 - set an incompatible parameter
  ok 18 - parameter really set
  ok 19 - original exclusive parameter really unset
  ok 20 - parameters changed
  ok 21 - all available options
  ok 22 - available parameters
  ok 23 - available switches
  ok 24 - parameters changed
  ok 25 - all available options
  ok 26 - available parameters
  ok 27 - available switches
  ok 28 - get_parameters correct
  ok 29 - command attribute set
  ok 30 - internal command array set
  ok 31 - internal prefix hash set
  ok 32 - commands filtered by prefix
  ok 33 - translate_params: options correct
  ok 34 - make unpaired reads bowtie factory
  ok 35 - read raw sequence
  ok 36 - bowtie success
  ok 37 - read fasta sequence
  ok 38 - bowtie success
  ok 39 - read fastq sequence
  ok 40 - bowtie success
  ok 41 - make paired reads bowtie factory
  ok 42 - read paired fasta sequence
  ok 43 - bowtie success
  ok 44 - read paired fastq sequence
  ok 45 - bowtie success
  ok 46 - make a single alignment factory
  ok 47 - command attribute set
  ok 48 - seed mismatch param set
  ok 49 - seed length param set
  ok 50 - quality mismatch param set
  ok 51 - return type set
  ok 52 - make file based alignment
  ok 53 - make readable output
  ok 54 - number of alignments
  ok 55 - change mode
  ok 56 - make a crossbow alignment factory
  ok 57 - command attribute set
  Dubious, test returned 29 (wstat 7424, 0x1d00)
  Failed 13/70 subtests 
  
  [...]
  
  Test Summary Report
  ---
  t/Bowtie.t  (Wstat: 7424 Tests: 57 Failed: 0)
Non-zero exit status: 29
Parse errors: Bad plan.  You planned 70 tests but ran 57.
  Files=76, Tests=1783, 90 wallclock secs ( 0.20 usr  0.06 sys + 86.61 cusr  
2.41 csys = 89.28 CPU)
  Result: FAIL
 
-- 
Niko Tyni   nt...@debian.org

Bug#868072: transition-check: Failed to retrieve transitions list:

[Jakub Wilk]

Package: devscripts
Version: 2.17.7

transition-check doesn't work:

   $ transition-check
   transition-check: Failed to retrieve transitions list:

--
Jakub Wilk

Bug#634785:

[Davis Hardiansyah]

Bug#868069: Pending fixes for bugs in the liburi-namespacemap-perl package

[pkg-perl-maintainers]

tag 868069 + pending
thanks

Some bugs in the liburi-namespacemap-perl package are closed in
revision 061d64dfe3ebb6fcefc025dd52cb8a9ada1c76e1 in branch 'master'
by gregor herrmann

The full diff can be seen at
https://anonscm.debian.org/cgit/pkg-perl/packages/liburi-namespacemap-perl.git/commit/?id=061d64d

Commit message:

Switch order of alternative build dependency

on libmoo-perl (<< 2.003000) and libsub-quote-perl.

sbuild by default only looks at the first alternative, and the version of 
libmoo-perl
in the archive is newer.

Closes: #868069

Bug#854327: pulseaudio: default configuration depends on consolekit

[julien forest]

Maybe one should just change the default.pa as follows (not a real
diff but the + lines are just to add): 

.ifexists module-console-kit.so
+.nofail
load-module module-console-kit
+.fail
.endif


It suffices for me to make pulseaudio works without consolekit nor
systemd installed. 

Best regards, 

Julien

Bug#868071: ggcov: FTBFS: test failures

[Niko Tyni]

Package: ggcov
Version: 0.9-14
Severity: serious
User: reproducible-bui...@lists.alioth.debian.org

This package fails to build on current sid/amd64.

>From the build log:

 debian/rules override_dh_auto_test
  make[1]: Entering directory '/<>'
  (cd test && ./runtest)
  Running tests
  hostname: "carme"
  date: "20170711T194721"
  uname -s: "Linux"
  uname -m: "x86_64"
  uname -r: "4.9.0-3-amd64"
  head -1 /etc/os-release: "PRETTY_NAME="Debian GNU/Linux buster/sid""
  which gcc: "/usr/bin/gcc"
  gcc --version: "gcc (Debian 6.4.0-1) 6.4.0 20170704"
  which g++: "/usr/bin/g++"
  g++ --version: "g++ (Debian 6.4.0-1) 6.4.0 20170704"
  PASS: (test000) unit tests
  ERROR: (test001) tggcov failed, see log or re-run with -D all,verbose --no-log
  ERROR: (test002) tggcov failed, see log or re-run with -D all,verbose --no-log
  ERROR: (test004) tggcov failed, see log or re-run with -D all,verbose --no-log
  ERROR: (test005.1) tggcov failed, see log or re-run with -D all,verbose 
--no-log
  ERROR: (test006) tggcov failed, see log or re-run with -D all,verbose --no-log
  ERROR: (test007) tggcov failed, see log or re-run with -D all,verbose --no-log
  ERROR: (test008.0) tggcov failed, see log or re-run with -D all,verbose 
--no-log
  ERROR: (test009) tggcov failed, see log or re-run with -D all,verbose --no-log
  ERROR: (test010) tggcov failed, see log or re-run with -D all,verbose --no-log
  ERROR: (test011.1) tggcov failed, see log or re-run with -D all,verbose 
--no-log
  ERROR: (test013) tggcov failed, see log or re-run with -D all,verbose --no-log
  ERROR: (test014) tggcov failed, see log or re-run with -D all,verbose --no-log
  ERROR: (test015.a001) tggcov failed, see log or re-run with -D all,verbose 
--no-log
  ERROR: (test016.1) tggcov failed, see log or re-run with -D all,verbose 
--no-log
  PASS: (test021) unit test for libpopt / fakepopt.c
  ERROR: (test029) tggcov failed, see log or re-run with -D all,verbose --no-log
  ERROR: (test030) tggcov failed, see log or re-run with -D all,verbose --no-log
  ERROR: (test033) tggcov failed, see log or re-run with -D all,verbose --no-log
  ERROR: (test034) tggcov failed, see log or re-run with -D all,verbose --no-log
  Total: 2/20 tests passed
  debian/rules:34: recipe for target 'override_dh_auto_test' failed
  make[1]: *** [override_dh_auto_test] Error 1
  make[1]: Leaving directory '/<>'
  debian/rules:12: recipe for target 'build' failed
  make: *** [build] Error 2
 
-- 
Niko Tyni   nt...@debian.org

Bug#634785: svox: Regenerate .bin files

[Davis Hardiansyah]

On Wed, 20 Jul 2011 00:50:59 +0200 Samuel Thibault 
wrote:
> Package: svox
> Version: 1.0+git20110131-1
> Severity: important
>
> Hello,
>
> Currently, the svox package uses the pre-generated .bin files shipped by
> Android, but this does not permit to patch the voices.
>
> In order to regenerate the .bin files, the (unfortunately nonfree)
> lingware toolset needs to be used. It happens that it can work in wine,
> provided that winetricks vcrun2005sp1 is executed to fix an issue with
> msvcr80. The attached patch fixes a few issue with unix environments,
> and the following could be used as cygpath script:
>
> #!/bin/bash
> [ "$1" = -w ] && shift
> echo "$@"
>
> in the end, the buildall.sh script can be used to regenerate the .bin
> files, which indeed do work properly.
>
> Samuel
>
> -- System Information:
> Debian Release: wheezy/sid
>   APT prefers testing
>   APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1,
'experimental')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 2.6.39-2-amd64 (SMP w/2 CPU cores)
> Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/bash
>
> --
> Samuel Thibault 
>  >   ±z¬O§_¸g±`¬°¦p¦ó©Ý®i¦æ¾PºÞ¹D¶Ë¸£µ¬?
>  > ¥Zµn³ø¯È,Âø»x¼s§i©Î¶l±H¢Ò¢Û (Direct
Mail)¬O§_¤w¸gµLªk¹F¦¨±z¹w´Áªº¼s§i®ÄªG?
>  Je vous invite a consulter dans un premier temps le french-Howto.
>  -+- JCD in Guide du linuxien pervers - "Bien configurer la lisibilité de
fcolm"

Bug#634785:

[Davis Hardiansyah]

Bug#865893: Pending fixes for bugs in the libtest-simple-perl package

[pkg-perl-maintainers]

tag 865893 + pending
thanks

Some bugs in the libtest-simple-perl package are closed in revision
39ab9b42cd90d5126b21782eb9ac4d18d0d6a492 in branch 'master' by Niko
Tyni

The full diff can be seen at
https://anonscm.debian.org/cgit/pkg-perl/packages/libtest-simple-perl.git/commit/?id=39ab9b4

Commit message:

Backport upstream patch from 1.302076 to unbreak libapache2-authcookie-perl

Closes: #865893

Bug#868070: gocryptfs: '--version' option is useless, containing only 'gocryptfs'

[Unit 193]

Package: gocryptfs
Version: 1.3-1
Severity: normal

Dear Maintainer,

When you call `gocryptfs --version`, the only info you get back is 'gocryptfs'.
This is because the required vars aren't set at build time, with the below 
patch I get 'gocryptfs 1.3; go-fuse 0.0~git20170609.0.5690be4-1; 2017-06-17 
go1.7.6'


--- gocryptfs-1.3/debian/rules  2017-06-05 21:03:20.0 -0400
+++ gocryptfs-1.3/debian/rules  2017-06-16 20:14:57.253417564 -0400
@@ -3,6 +3,10 @@
 PKD = $(word 1,$(abspath $(dir $(MAKEFILE_LIST
 PKG = $(shell dpkg-parsechangelog -l$(PKD)/changelog --show-field=Source)
 VER ?= $(shell (dpkg-parsechangelog -l$(PKD)/changelog | grep Version | sed 
's/Version..//' | sed 's/-.\+//'))
+include /usr/share/dpkg/default.mk
+export DEB_BUILD_MAINT_OPTIONS=hardening=+all
+FUSEVER = $(shell dpkg-query --showformat='$${Version}' -W 
golang-github-hanwen-go-fuse-dev)
+DEB_LDFLAGS = -X main.GitVersion=$(DEB_VERSION_UPSTREAM) -X 
main.BuildTime=$(SOURCE_DATE_EPOCH) -X main.GitVersionFuse=$(FUSEVER)
 
 %:
dh $@ --buildsystem=golang --with=golang
@@ -11,7 +15,7 @@
 DT = $(shell date -d "${CHDATE}" "+%Y-%m-%d")
 
 override_dh_auto_build:
-   GOPATH=$(shell ls -d $(CURDIR)/obj*) go install -v  
github.com/rfjakob/gocryptfs
+   GOPATH=$(shell ls -d $(CURDIR)/obj*) go install 
-ldflags="$(DEB_LDFLAGS)" -v  github.com/rfjakob/gocryptfs
pandoc Documentation/MANPAGE.md -s -t man -o debian/gocryptfs.1
 
 override_dh_auto_clean:


-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 4.9.0-3-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages gocryptfs depends on:
ii  libc6  2.24-12
ii  libfuse2   2.9.7-1
ii  libssl1.1  1.1.0f-3

gocryptfs recommends no packages.

gocryptfs suggests no packages.

-- no debconf information

Bug#867997: jessie->stretch, all apt clients break with /var/lib/dpkg/status realpath error

[Alan Schwartz]

Quoting Niels Thykier (ni...@thykier.net):


FTR; I don't think that "apt-get check" is supposed to work as non-root.


  - If it fails, please attempt to figure out where the permission
fails (e.g. [dir-test])


# ls -ld / /var /var/lib /var/lib/dpkg /var/lib/dpkg/status
drwxr-xr-x 21 root root1024 Jul 10 11:21 /
drwxr-xr-x 13 root root4096 May  7  2013 /var
drwxr-xr-x 74 root root4096 Jul  7 16:01 /var/lib
drwxr-xr-x  8 root root4096 Jul 11 08:48 /var/lib/dpkg
-rw-r--r--  1 root root 1961225 Jul 11 08:48 /var/lib/dpkg/status

As you can see, none of these are writable by _apt; however, these are
the same permissions I see on the other (working)


Indeed, and _apt does not need write access to the status file.

Does it work if you disable the sandbox user, e.g. by using:
 apt-get -o APT::Sandbox::User=root update


No, same error:

# apt-get -o APT::Sandbox::User=root update
Get:1 http://security.debian.org stretch/updates InRelease [62.9 kB]
Get:2 http://ftp.us.debian.org/debian stretch-updates InRelease [88.5 kB]
Ign:3 http://ftp.debian.org/debian stretch InRelease
Hit:4 http://ftp.debian.org/debian stretch Release
Fetched 151 kB in 1s (81.1 kB/s)
Reading package lists... Error!
E: flAbsPath on /var/lib/dpkg/status failed - realpath (22: Invalid argument)
E: Could not open file  - open (2: No such file or directory)
E: Problem opening
E: The package lists or status file could not be parsed or opened.


--
Alan Schwartz
The Michael Reese Endowed Professor of Medical Education
Associate Head, UIC Department of Medical Education
Research Professor, UIC Department of Pediatrics
ala...@uic.edu  |  http://ulan.mede.uic.edu/alansz  |  PGP: 0x062556CF

Bug#868055: [Python-modules-team] Bug#868055: virtualenv'ed python-dbg doesn't work smoothly with gdb (py- commands are gone)

[Yaroslav Halchenko]

On Tue, 11 Jul 2017, Yaroslav Halchenko wrote:

> Package: python-virtualenv
> Version: 15.1.0+ds-1
> Severity: normal

> Not 100% sure if it is not a python-dbg or gdb issue, but I think it might as
> well be virtualenv:

> $> virtualenv --python=/usr/bin/python-dbg venv-dbg
> Running virtualenv with interpreter /usr/bin/python-dbg
> New python executable in /tmp/venv-dbg/bin/python-dbg
> Also creating executable in /tmp/venv-dbg/bin/python
> [21403 refs]
> Installing setuptools, pkg_resources, pip, wheel...done.
> [47796 refs]

> $> gdb -q -ex 'py-bt' -ex quit /usr/bin/python-dbg
> Reading symbols from /usr/bin/python-dbg...done.
> Traceback (most recent call first):
> Python Exception  No frame is currently selected.:
> Error occurred in Python command: No frame is currently selected.

> $> gdb -q -ex 'py-bt' -ex quit $PWD/venv-dbg/bin/python-dbg
> Reading symbols from /tmp/venv-dbg/bin/python-dbg...done.
> Undefined command: "py-bt".  Try "help".

ok -- the reason is that the corresponding python*-gdb.py (e.g.
/usr/share/gdb/auto-load/usr/bin/python3.5-gdb.py) is not copied over as
well under bin/ of the virtualenv where gdb also looks for it, and it
would also require add-auto-load-safe-path instruction to gdb (eg.  via
-iex) to allow loading from it.  May be there is another way also to
point to it -- didn't research yet

-- 
Yaroslav O. Halchenko
Center for Open Neuroscience http://centerforopenneuroscience.org
Dartmouth College, 419 Moore Hall, Hinman Box 6207, Hanover, NH 03755
Phone: +1 (603) 646-9834   Fax: +1 (603) 646-1419
WWW:   http://www.linkedin.com/in/yarik

Bug#868069: liburi-namespacemap-perl: unbuildable with sbuild

[Niko Tyni]

Package: liburi-namespacemap-perl
Version: 1.00-1
Severity: serious
Justification: the buildds use sbuild

Building this package with sbuild on current sid fails with

  Installing build dependencies
  Reading package lists...
  Building dependency tree...
  Reading state information...
  Some packages could not be installed. This may mean that you have
  requested an impossible situation or if you are using the unstable
  distribution that some required packages have not yet been created
  or been moved out of Incoming.
  The following information may help to resolve the situation:
  
  The following packages have unmet dependencies:
   sbuild-build-depends-liburi-namespacemap-perl-dummy : Depends: libmoo-perl 
(< 2.003000) but 2.003002-1 is to be installed
  E: Unable to correct problems, you have held broken packages.
  apt-get failed.
  E: Package installation failed
 
The problematic build dependency reads

 libmoo-perl (<< 2.003000) | libsub-quote-perl

while sid has libmoo-perl_2.003002-1 since 2017-06-18.

I believe the issue is that sbuild only looks at the first dependency,
so they need to be shuffled around now. Bother.

I'm not quite sure of the severity, but I expect a source-only upload
with these build dependencies would fail on the arch:all buildd.
Feel free to downgrade if that turns out to be wrong.
-- 
Niko Tyni   nt...@debian.org

Bug#634785:

[Davis Hardiansyah]