Bug#928493: stretch-pu: package java-common/0.58+deb9u2

Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Hi, the recent updates to openjdk-8, java-common (and related packages) in stretch made some upgrade issues surface (either they were hidden behind now fixed issues or they

Bug#928495: nzbget: Gui missing all graphical elements due to missing symlink

Package: nzbget Version: 21.0+dfsg-1 Severity: serious Tags: patch Justification: 908427 Dear Maintainer, The following symlinks are missing from this release: /usr/share/nzbget/webui/lib/bootstrap.min.js -> ../../../javascript/twitter- bootstrap/js/bootstrap.min.js

Bug#922669: sqlalchemy: CVE-2019-7164 CVE-2019-7548 (SQL injection)

Source: sqlalchemy Version: 1.2.18+ds1 Followup-For: Bug #922669 I've confirmed that 1.2.18+ds1 is affected despite the description at [1]. Upstream has a patch for the 1.2 series at [2]. A debdiff including the patch is attached. It builds and the tests pass. However, the fix requires removing

Bug#525908: Are you sure you need to set USERNAME?

Are you sure you need to set USERNAME? Won't everything work without it?

Bug#670585: "ok hat location is writable"

On 5/5/19 9:41 PM, Dmitry Bogatov wrote: control: usertags -1 +objections [2019-05-02 22:00] Antoni Villalonga I've found the message here: /etc/rcS.d/S10checkfs.sh 124 log_success_msg "Done checking file systems. 125 A log is being saved in ${FSCK_LOGFILE} if that location is

Bug#928494: gdm3: Cannot update background setting picture-uri in /etc/gdm3/greeter.dconf-defaults

Package: gdm3 Version: 3.30.2-3 Severity: normal Dear Maintainer, I have been having issues with updating the background image in gdm3. I followed the instruction on the Debian wiki here: https://wiki.debian.org/GDM. The /etc/gdm3/greeter.dconf-defaults file says I should change picture-uri to

Bug#928496: unblock: haveged/1.9.1-7

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi, Please review the haveged udeb addition that I've implemented to fix entropy starvation issues in d-i. There are other changes in d-i components to leverage this addition (in rootskel

Bug#928415: fixed in firefox-esr 60.6.2esr-1

Thanks for the quick turn-around! Any idea when this will show up in Stable? -Russ

Bug#928455: [pre-a] unblock: perl6-zef/0.6.2-2

control: tags -1 -moreinfo Uploaded to unstable. On Sun, May 05, 2019 at 11:51:00AM +, Niels Thykier wrote: > Please go ahead with the upload and remove the moreinfo tag when it is > in unstable and ready to be unblocked. ~/D/perl6 ❯❯❯ debdiff --diffstat perl6-zef_0.6.2-1.dsc

Bug#924843: Any chance for some target fix for msxpertsuite

Hi Filippo, as far as I understood Debian Release team your last fix is not accepted for Buster. Do you plan to fix this in a testing-proposed-updates upload following release policy or will we see Buster without msxpertsuite? Kind regards Andreas. -- http://fam-tille.de

Bug#928351: unblock dhcpcd5/7.1.0-2

On 2019-05-05.20:47, Salvatore Bonaccorso wrote: > As for all those CVEs are known (see respective bugs and > security-tracker), can you please add the rspective CVE ids as well to > the debian/changelog enttries? Done, see amended debdiff attached. -- Regards, Scott Leggett. diff -Nru

Bug#928480: release-notes: please mention support for devices based on Allwinner A64

On Du, 05 mai 19, 22:27:50, Justin B Rye wrote: > Justin B Rye wrote: > > + > > It occurs to me the moment after I hit send: should this be > > > > or something? My intention was to promote arm64 devices as a viable alternative for some applications, so I would prefer if it wasn't

Bug#928415: disabling javascript

Attached is a snapshot of the banner, as it appears on all versions of Firefox I use that have disabled add-ons. This is on debian stable, 60.6.1esr-1~deb9u1. Are you running this version? Do you have add-ons installed? If so, you should probably submit a separate bug, either to mozilla or

Bug#928462: new upstream (4.0)

Package: knot-resolver Severity: wishlist Hi, knot-resolver 4 was recently released, it would be nice if you could upload it (to experimental). Regards, Daniel

Bug#928146: reported on freedesktop too

Hi all, it seems the issue is already reported and fixed in upstream repo: https://bugs.freedesktop.org/show_bug.cgi?id=110509

Bug#928415: studies

> installing the STUDIES "hotfix" from Mozilla by hand on each one is not > feasible. Not to mention, this requires that other features of Firefox's 'phone home' framework are turned on, which 'studies' uses. For example, in the GUI, the 'studies' option is under: "Allow Firefox to send

Bug#919621: lvm2: Update unexpectedly activates system ID check, bypassing impossible

Hi Colin On Sun, May 05, 2019 at 12:12:00AM +0100, Colin Watson wrote: > > I also ran into this on upgrading from stretch to buster. Fortunately I > > was keeping enough of an eye on console output from the upgrade that I > > was able to find this bug and I worked around it as you describe here.

Bug#928308: integrit segfault at 804e48c ip 0804e48c sp bfe178dc error 14

On 3. 05. 19 18:29, Bernhard Übelacker wrote: > Hello Tomaz Solc, > are you still able to reproduce the crash? Unfortunately no, I can't reproduce the crash anymore. After I did "apt-get install valgrind" on that system integrit started running fine. Even after uninstalling valgrind I still can't

Bug#928415: firefox-esr: Bugzilla 1548973 All extensions disabled due to expiration of intermediate signing cert

Package: firefox-esr Version: 60.6.1esr-1~deb9u1 Followup-For: Bug #928415 Dear Maintainer, What is Debian's recommendation for users and administrators dealing with this major snafu? I've got a bunch of Debian Stable boxes with Firefox-esr and installing the STUDIES "hotfix" from Mozilla by

Bug#928415: disabling javascript

There is no such banner - at least not in current Debian Stable. On Sun, May 5, 2019 at 2:06 AM Brad Barnett wrote: > While I agree an unknown disabling of plugins, not just noscript (there > are others like noscript) is a security concern... > > There is a big, yellow banner that appears and

Bug#928458: scrollz FTCBFS: configures for the build architecture

Source: scrollz Version: 2.2.3-1 Tags: patch User: helm...@debian.org Usertags: rebootstrap scrollz fails to cross build from source, because it configures for the build architecture. While it does use dh_auto_configure and thus passes --host, the ./configure is too old to understand that flag

Bug#921425: matrix-synapse: please preload libjemalloc to reduce memory consumption

Control: tags -1 + moreinfo Control: severity -1 wishlist On Fri, Feb 08, 2019 at 09:00:00PM +, Linda Lapinlampi wrote: > Smart ideas may not always be smart in the end. I think you'd be better > off convincing to switch the malloc(3) system call to use jemalloc(3) > everywhere, if the

Bug#928459: apngdis FTCBFS: debian/rules hard codes plain gcc

Source: apngdis Version: 2.5-2 Tags: patch User: helm...@debian.org Usertags: rebootstrap apngdis fails to cross build from source, because debian/rules hard codes plain gcc as the compiler. A cross compiler can be obtained from dpkg's buildtools.mk. Please consider applying the attached patch to

Bug#928461: unblock: haproxy/1.8.20-1 (pre-approval)

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hey! HAProxy 1.8.20 was released last week. This is a bugfix only release. Upstream has stated his dislike of cherry-picking only some of

Bug#928460: fatsort FTCBFS: builds for the wrong architecture

Source: fatsort Version: 1.3.365-1 Tags: patch User: helm...@debian.org Usertags: rebootstrap fatsort fails to cross build from source, because the upstream Makefile hard codes the environment variables set up by cdbs. dh_auto_build instead passes them as override variables so fatsort's build

Bug#928457: arm64: please apply workaround for A64 timer instability

Source: linux Version: 4.19.28-2 Severity: wishlist X-Debbugs-CC: debian-...@lists.debian.org Hello, The Allwinner A64 is affected by a bug that makes the clock jump, usually 95 years into the future. The mainline kernel contains a workaround merged for 5.1:

Bug#928306: unblock: liblivemedia/2018.11.26-1.1

Control: tags -1 confirmed moreinfo Hi, On Wed, May 01, 2019 at 06:45:04PM +0200, Hugo Lefeuvre wrote: > Please unblock package liblivemedia > > Dear Release team, > > liblivemedia 2018.11.26-1 from Buster is affected by CVE-2019-9215[1] and > CVE-2019-7314[2], two security issues in the

Bug#928205: memcached: diff for NMU version 1.5.6-1.1

Control: tags 928205 + patch Control: tags 928205 + pending Dear maintainer, I've prepared an NMU for memcached (versioned as 1.5.6-1.1) and uploaded it to DELAYED/5. Please feel free to tell me if I should delay it longer. Regards, Salvatore diff -Nru memcached-1.5.6/debian/changelog

Bug#928474: (semi-preapproval) unblock: memcached/1.5.6-1.1

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi, Please unblock package memcached, though it is not yet uploaded to unstable and only in the DELAYED/5 queue. The upload fixes a NULL pointer dereference issue with the "lru mode" and

Bug#928111: [pre-approval] unblock: icu/63.2-1

On Sun, May 05, 2019 at 02:25:01PM +0200, Ivo De Decker wrote: > Secondly, the fact that chromium needs a rebuild suggest there is a change > that breaks something. > > I suggest you upload the new version to experimental. That way we can look at > the differences and people can test the new

Bug#865879: calibre: Bug still present in buster (3.39.1+dfsg-2)

Hi > The bug is sadly still present in Buster: I cannot reproduce this. Can you please provide a way how to reproduce this! Thanks Norbert -- PREINING Norbert http://www.preining.info Accelia Inc. +JAIST +TeX Live +Debian Developer GPG:

Bug#928291: unblock: signing-party/2.10-1

Control: tag -1 - moreinfo Control: retitle -1 unblock: signing-party/2.10-2 Hi Ivo, On Sun, 05 May 2019 at 14:44:31 +0200, Ivo De Decker wrote: > On Wed, May 01, 2019 at 01:44:08PM +0200, Guilhem Moulin wrote: >> On Wed, 01 May 2019 at 12:46:12 +0200, Guilhem Moulin wrote: >>> gpg-key2ps(1)

Bug#928306: unblock: liblivemedia/2018.11.26-1.1

Hi, > According to the security tracker, liblivemedia in buster/sid is also affected > by CVE-2019-7732 and CVE-2019-7733. Maybe you should consider fixing these as > well (if there is a fix available that's easy to apply to the version in sid). liblivemedia's upstream does not seem to be aware

Bug#888733: hyantesite: test failures on most architectures

Control: found -1 1.3.0-1.1 Control: retitle -1 hyantesite: test failures on most architectures At least on i386, this *isn't* just -0 vs +0 and last-digit rounding errors: in test 'family' (which applies a cone smoother to a regularly spaced set of spikes), centre points drop from highest to

Bug#926180: scilab: FTBFS on all

Control: tags -1 moreinfo I don't see this in a DIST=sid cowbuilder --build scilab_6.0.1-9.dsc --binary-indep build: has it been fixed (the -8 to -9 changelog suggests not), or does my setup allow enough graphics access to not have it? If the bug does still exist, can someone affected try

Bug#928476: rsyslog: fills up disk space with a single error message repeated

Package: rsyslog Version: 8.24.0-1 Severity: normal Dear Michael, I recently opened up a search query in KDE Dolphin and left the window open for a few days. Only later did I realize that rsyslog filled up the available disk space with millions of these messages: May 5 01:24:22 concha

Bug#928351: unblock dhcpcd5/7.1.0-2

Control: retitle -1 unblock dhcpcd5/7.1.0-2 On 2019-05-02.18:38, Paul Gevers wrote: > We very much prefer you to try and cherry-pick at this point of the > release cycle. Hi Paul, Please unblock package dhcpcd5. See attached for the debdiff between the version of dhcpcd5 currently in testing

Bug#888152: kontact: Kontact crashed each time when closing.

Kontact closes normally for me, but it does crash when I end my session by trying to log out. DrKonqi opens up and generates a backtrace, but doesn't do so quickly enough for me to save it before my session ends. I'd appreciate tips on how I can debug this further. signature.asc Description:

Bug#928415: studies

On Sun, 5 May 2019 03:00:04 -0400 Brad Barnett wrote: > > > installing the STUDIES "hotfix" from Mozilla by hand on each one is not > > feasible. > > Not to mention, this requires that other features of Firefox's 'phone > home' framework are turned on, which 'studies' uses. For example, in

Bug#928473: dgit: not clear what to do when earlier uploads used dgit but intermediate ones didn't

Source: dgit Version: 8.4 Severity: normal I tried to upload the current state of https://salsa.debian.org/pkg-debconf/debconf using dgit (commit 48c5ce38cfd5d4679ddb2d7c60d7f85833b4a501 with an extra "dch -r && debcommit -r" on the end). I got the following output: $ dgit -L push-source

Bug#928475: libglvnd: unnecessarily Build-Depends: xvfb

Source: libglvnd Version: 1.1.0-1 Tags: patch User: helm...@debian.org Usertags: rebootstrap libglvnd Build-Depends on xvfb even though tests are disabled. This dependency is no longer necessary. As it happens, this dependency is part of cycles and poses a problem for bootstrapping Debian. Please

Bug#926215: dune-pdelab: FTBFS with gcc 8.3

Version: 2.6~20180302-1 On Sun, May 05, 2019 at 09:41:21AM +0100, Rebecca N. Palmer wrote: > Control: tags -1 moreinfo > > It works for me, in both sid and buster cowbuilder chroots. Same here, just tried in both buster and sid, using sbuild. So, I'm closing the bug. [ Ansgar: If you still can

Bug#928395: unblock: apt/1.8.1

Control: tags -1 moreinfo confirmed Julian Andres Klode: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > > Please unblock package apt > > I'd like to add systemd inhibitor support to apt in buster, so people > don't shoot

Bug#923826: python-blessed: FTBFS randomly (failing tests)

On Sun, May 05, 2019 at 02:07:32AM +0200, Pierre-Elliott Bécue wrote: > > I've put several failed build logs here for reference: > > > > https://people.debian.org/~sanvila/build-logs/python-blessed/ > > > > If you need a test machine to reproduce this, please contact me > > privately and I could

Bug#928407: unblock: bind9/1:9.11.5.P4+dfsg-5

Control: tags -1 d-i confirmed Bernhard Schmidt: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > > Please unblock package bind9 > > -4 and -5 have the following changes over -3 currently in testing. > > - CVE-2018-5743

Bug#928457: arm64: please apply workaround for A64 timer instability

Control: tag 928457 pending On 2019-05-05, Andrei POPESCU wrote: > The Allwinner A64 is affected by a bug that makes the clock jump, > usually 95 years into the future. > > The mainline kernel contains a workaround merged for 5.1: >

Bug#928477: librecad: denial-of-service CVE-2018-19105

Package: librecad X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerability was published for librecad. CVE-2018-19105[0]: | LibreCAD 2.1.3 allows remote attackers to cause a denial of service | (0x89C04589 write access violation and application

Bug#920563: dracut: fails to boot with bash 5 as /bin/sh

Hi Lehel, hi Ingo, it would be nice if you could check if fix-bash-5.patch from the URL below fixes your problems. I sure will also apply 0001-remove-bashism-in-various-boot-scripts.patch which is now also in upstream. > On Sat, 4 May 2019 18:30:09 +0200, Lehel Bernadt said: > For

Bug#928407: unblock: bind9/1:9.11.5.P4+dfsg-5

Niels Thykier (2019-05-05): > I have flagged it as ok from the RT PoV and is CC'ing KiBi for a d-i > review before it is finally unblocked. No objections. Cheers, -- Cyril Brulebois (k...@debian.org) D-I release manager -- Release team member -- Freelance

Bug#928483: execline: vim syntax highlighting

Package: execline Version: 2.5.0.1-4 Severity: wishlist Dear Maintainer, please consider including (any maybe suggesting upstream) attached vim syntax highlighting files. There seems to be no well-established extension for execline scripts. I choosed arbitrary ".ex". setlocal shiftwidth=2

Bug#928350: cdist: new upstream release

control: tags -1 +upstream [2019-05-02 15:04] Dmitry Bogatov > Dear Maintainer, > > new upstream release 4.11.1 is available on new upstream hosting: > http://code.ungleich.ch/ungleich-public/cdist.git Upstream transition is not finished yet, and there is no GPG-signed release tarball at new

Bug#670585: "ok hat location is writable"

control: usertags -1 +objections [2019-05-02 22:00] Antoni Villalonga > I've found the message here: > > /etc/rcS.d/S10checkfs.sh > 124 log_success_msg "Done checking file systems. > 125 A log is being saved in ${FSCK_LOGFILE} if that location is writable." > > I think the console width

Bug#928481: mmh: wierd boundary-separators generated

Package: mmh Severity: normal Dear Maintainer, mmh sometimes generates boundary separators in multipart messages with non-ascii symbols in it. Not sure about RFC-compliance, but at least Python standard library does not work well with them. Here is example of problematic separator:

Bug#928484: libgitlab-api-v4-perl: incorrect handling of non-json data

Package: libgitlab-api-v4-perl Version: 0.16-1 Severity: important Dear Maintainer, I am trying to use gitlab-api-v4 tool to get CI job output, but get following output: malformed JSON string, neither array, object, number, string or atom, at character offset 0 (before

Bug#928394: RFS: freetype-py/2.1.0.post1-1 [ITP]

[2019-05-03 17:18] Bastian Germann > Package: sponsorship-requests > Severity: wishlist > > Dear mentors, > > I am looking for a sponsor for my package "freetype-py". This closes a > very long-standing wnpp issue. I posted an earlier version last > September but got no attention so far. > > *

Bug#928482: salsa: add feature to request membership

Package: devscripts Version: 2.19.4 Severity: wishlist Dear Maintainer, please make it possible to request membership in salsa team with salsa(1) command line tool. pgpqpAEQ6ELr0.pgp Description: PGP signature

Bug#928415: ,#928417: [firefox] All extensions are disabled

Thanks for the tip, Alexis! Installing the Debian-packaged plugins does the trick - hands down the easiest way to work around this bug.

Bug#928485: Error messages are not shown without --verbose

Package: vmdb2 Version: 0.13.2+git20190215-1 Severity: important Try building an image without using sudo: ~/tmp/sb-test$ vmdb2 buster-sb-vmdb.yaml --output buster-sb.img ~/tmp/sb-test$ echo $? 1 Er, what? Now with --verbose: ~/tmp/sb-test$ vmdb2 buster-sb-vmdb.yaml --output buster-sb.img

Bug#928415: firefox-esr: All extensions are disabled

Surprised more people do not clearly see how [badly] this could be used as an attack vector. Tracking individuals by subtle transient modulation etc. More appalling is that the Tor Browser is also affected. Nothing should every be updated or changed unless the user gives a command. External

Bug#928486: shim-signed:amd64 cannot be installed alongside shim-signed:i386

Package: shim-signed Version: 1.30+15+1533136590.3beb971-5 Severity: normal Dear Maintainer, I want to be able to build a live cd that has both ia32 and x64 Secure Boot UEFI support. So I need both shim-signed:amd64 and shim-signed:i386 installed. After adding and apt amd64 architecture to an

Bug#928415: Possibly helpful follow-up

Alexis Murzeau wrote: > See here: https://news.ycombinator.com/item?id=19826903 Which instructs people to install https://storage.googleapis.com/moz-fx-normandy-prod-addons/extensions/hotfix-update-xpi-intermediate%40mozilla.com-1.0.2-signed.xpi For me at least, that download resulted in a file

Bug#928482: salsa: add feature to request membership

Le 05/05/2019 à 21:41, Dmitry Bogatov a écrit : > > Package: devscripts > Version: 2.19.4 > Severity: wishlist > > Dear Maintainer, > > please make it possible to request membership in salsa team with > salsa(1) command line tool. Hello, work is ready

Bug#928417: studies disabled in debian

On Sat, 04 May 2019 14:42:28 -0300 Niv Sardi wrote: > mozilla is roling out a fix > https://blog.mozilla.org/addons/2019/05/04/update-regarding-add-ons-in-firefox/ > that said they are using the 'studies' infrastructure to do so, and > they seem to be disabled in the debian

Bug#926952: sa-exim: Unbuildable/uninstallable in sid

lördag 4 maj 2019 kl. 12:47:18 CEST skrev Magnus Holmgren: > söndag 21 april 2019 kl. 19:55:10 CEST skrev Magnus Holmgren: > > But now that I look closer, it looks like the "spool format error" message > > is only triggered by malformed header files, and Thomas in https:// > >

Bug#928480: release-notes: please mention support for devices based on Allwinner A64

Andrei POPESCU wrote: > diff --git a/en/whats-new.dbk b/en/whats-new.dbk > index f8b058c3..99f95f47 100644 > --- a/en/whats-new.dbk > +++ b/en/whats-new.dbk > @@ -545,5 +545,29 @@ code. > > > > + > + > + Basic support for Allwiner A64 based devices Typo: s/Allwiner/Allwinner/, here and

Bug#928480: release-notes: please mention support for devices based on Allwinner A64

Justin B Rye wrote: > + It occurs to me the moment after I hit send: should this be or something? -- JBR with qualifications in linguistics, experience as a Debian sysadmin, and probably no clue about this particular package

Bug#928476: rsyslog: fills up disk space with a single error message repeated

Dear Michael Am 05.05.19 um 21:06 schrieb Michael Biebl: Am 05.05.2019 um 21:03 schrieb Michael Biebl: Am 05.05.2019 um 16:23 schrieb Mark Szentes-Wanner: Package: rsyslog Version: 8.24.0-1 Severity: normal Dear Michael, I recently opened up a search query in KDE Dolphin and left the window

Bug#918449: kate freeze when right-click the open/save file dialog

Hello Joe Ma, On Sun, 20 Jan 2019 19:59:27 +0800 Joe Ma wrote: > Hello Bernhard, > For your question, I do execute your gdb command in the console by a shell > script when kate freeze. What information do you want me to add? I will > reply asap. sorry for the late reply, I did not notice your

Bug#928487: postfix-policyd-spf-python missing python3-pkg-resources dependency

Package: postfix-policyd-spf-python Version: 2.9.0-3 Hi! I installed a postfix-policyd-spf-python on debian buster inside a docker container just like I did on a production system on debian stretch. Running /usr/bin/policyd-spf with default configuration yields: # /usr/bin/policyd-spf Traceback

Bug#879687: SA-Exim not compatible with CHUNKING

tisdag 24 oktober 2017 kl. 15:53:20 CEST skrev du: > After the analysis by SpamAssassin an email can get a note between > SAtempreject and SApermreject. The mail can pass through the antispam > (according to the Greylisting phase) in which case it will include an > additional header:

Bug#928449: firefox-esr: Add-ons fail to install probably due to upstream certificate issue

Package: firefox-esr Version: 60.6.1esr-1~deb9u1 Followup-For: Bug #928449 The problem is caused by an expired intermediate certificate in the builtin chain of trust that the browser applies to verify signatures on addons. More details are available at

Bug#892105: i40e

Hi, On Fri, May 03, 2019 at 10:38:16AM +, Dominik Dausch wrote: > On Fri, 29 Jun 2018 09:33:56 +0200 "=?utf-8?q?J=C3=B6rg?= Kost" > wrote: > > Run into a similar issues with i40e. I found out that the i40e driver > > included in linux-image-4.9.0-6-amd64 drops ARP requests randomly if the

Bug#926215: dune-pdelab: FTBFS with gcc 8.3

Control: tags -1 moreinfo It works for me, in both sid and buster cowbuilder chroots. Has it been fixed (the version of dune-pdelab hasn't changed, but the bug may have been elsewhere), or is it hardware/setup dependent?

Bug#928464: webext-privacy-badger: Unexpected properties in manifest.json

Package: webext-privacy-badger Version: 2019.2.19-1 Severity: minor about:debugging#addons Reading manifest: Error processing author: Expected string instead of {"email":"eff.software.proje...@gmail.com"} Reading manifest: Error processing storage: An unexpected property was found in the

Bug#919621: lvm2: Update unexpectedly activates system ID check, bypassing impossible

On Sun, May 05, 2019 at 09:55:41AM +0200, Bastian Blank wrote: > On Sun, May 05, 2019 at 12:12:00AM +0100, Colin Watson wrote: > > > I also ran into this on upgrading from stretch to buster. Fortunately I > > > was keeping enough of an eye on console output from the upgrade that I > > > was able

Bug#928168: ntp: Wrong path in apparmor profile for samba

Hello, On Mon, 29 Apr 2019 11:18:27 +0200 Louis van Belle wrote: > File : /etc/apparmor.d/usr.sbin.ntpd > Wrong: > # samba4 ntp signing socket > /{,var/}run/samba/ntp_signd/socket rw, > > Correct: > # To sign replies to MS-SNTP clients by the smbd daemon in /var/lib/samba >

Bug#928468: xdms FTCBFS: uses the wrong compiler

Source: xdms Version: 1.3.2-6 Tags: patch User: helm...@debian.org Usertags: rebootstrap xdms fails to cross build from source, because it uses the build architecture compiler. The upstream ./configure expects a CC variable. The attached patch supplies it from dpkg's buildtools.mk. Please

Bug#928450: RFS: megadown/0~20190502+git734e46f-1 [RC]

On Sat, May 04, 2019 at 04:08:32PM -0700, Lev Lazinskiy wrote: >Upstream Author : [fill in name and email of upstream] > * URL : [fill in URL of upstream's web site] > * License : [fill in] > > megadown - Script for downloading files from mega.nz and megacrypter

Bug#928428: [pkg-wicd-maint] Bug#928428: unblock: [pre-approval] wicd/1.7.4+tb2-7

Well I use isc-dhcp-client and it works fine so I guess it is an ok change. Il giorno sab 4 mag 2019 alle ore 15:41 Axel Beckert ha scritto: > > Hi, > > Axel Beckert wrote: > > I'll prepare a feature branch for this in git including a planned > > debdiff and let you know once it's ready for

Bug#928227: unblock: golang-golang-x-net-dev/1:0.0+git20181201.351d144+dfsg-3

Control: tags -1 moreinfo Hi, On Tue, Apr 30, 2019 at 05:07:57PM +0800, Drew Parsons wrote: > Please unblock package golang-golang-x-net-dev > > Upstream has provided patches addressing security issues > CVE-2018-17846 / CVE-2018-17847 / CVE-2018-17848 > (Debian bug #911795). How will

Bug#927722: fixed in ipset 6.38-1.1

Control: reopen -1 Hi, On Thu, May 02, 2019 at 10:18:33AM +, Cyril de Bourgues wrote: >* Non maintainer upload. >* use dpkg-maintscript-helper rm_conffile to clean up old bash-completion > file in /etc (Closes: #927722). You added dpkg-maintscript-helper rm_conffile conffile

Bug#928223: unblock / pre approval: otrs2/6.0.16-2

Control: tags -1 confirmed moreinfo Hi, On Tue, Apr 30, 2019 at 09:55:58AM +0200, Patrick Matthäi wrote: > I would like to upload the attached diff to fix several security issues in the > buster otrs2 version. Please go ahead and remove the moreinfo tag from this bug once the package is in

Bug#928291: unblock: signing-party/2.10-1

Control: tags -1 moreinfo confirmed Hi, On Wed, May 01, 2019 at 01:44:08PM +0200, Guilhem Moulin wrote: > On Wed, 01 May 2019 at 12:46:12 +0200, Guilhem Moulin wrote: > > gpg-key2ps(1) from signing-party 2.9-1 is vulnerable to CVE-2018-15599: > > unsafe shell call enabling shell injection via a

Bug#928326: matrix-synapse: Federation issues with 0.99.2

Hu Kurt, On Thu, 2 May 2019 09:03:53 +0200 Kurt Roeckx wrote: > I've been told that there are federation issues in 0.99.2 and that > I should upgrade to 0.99.3. I have asked the upstream (cc’ed), and they replied they’re not aware of those issues. Kurt, could you please elaborate? Thanks! --

Bug#928457: arm64: please apply workaround for A64 timer instability

Control: tags -1 + confirmed pending Hi Andrei, On Sun, May 05, 2019 at 10:48:44AM +0300, Andrei POPESCU wrote: > Source: linux > Version: 4.19.28-2 > Severity: wishlist > X-Debbugs-CC: debian-...@lists.debian.org > > Hello, > > The Allwinner A64 is affected by a bug that makes the clock jump,

Bug#928440: dhcpcd5: DHCPv6: Potential read overflow with D6_OPTION_PD_EXCLUDE

Control: retitle -1 dhcpcd5: CVE-2019-11766: DHCPv6: Potential read overflow with D6_OPTION_PD_EXCLUDE Hi, On Sat, May 04, 2019 at 08:08:38PM +0200, Timo Sigurdsson wrote: > Package: dhcpcd5 > Version: 7.1.0-1 > Severity: serious > Tags: security upstream fixed-upstream > > Dear Maintainer, >

Bug#928463: puppet: needs versioned dependency on ruby

Source: puppet Version: 5.5.10-2 Severity: important Hi, puppet needs to depend on the ruby version if was being built for. This problem will rarely be a problem, but in cases like the one I have right now (half-upgraded system), puppet won't start as its using the wrong ruby version. Thanks,

Bug#927420: debarchiver: [INTL:pt] Update on Portuguese translation of manpage

Thank you. Will be added on next upload. // Ola On Fri, 19 Apr 2019 at 14:03, Américo Monteiro wrote: > Package: debarchiver > Version: 0.11.3 > 3ags: l10n, patch- > Severity: wishlist > > Updated Portuguese translation for debarchiver's manpage > Translator: Américo Monteiro > Feel free to

Bug#928112: icmpush FTCBFS: does not pass cross tools to make

Hi Thank you. You are free to make an NMU of this if you want. // Ola On Sun, 28 Apr 2019 at 15:00, Helmut Grohne wrote: > Source: icmpush > Version: 2.2-6.1 > Tags: patch > User: helm...@debian.org > Usertags: rebootstrap > > icmpush fails to cross build from source, because it does not pass

Bug#928465: stretch-pu: package linux/4.9.168-1

Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Hi stable release managers, The last linux upload via the stretch point release unfortunately uncovered #928125, easily triggerble when forcing the kernel to scan the partition

Bug#928469: ITP: uacme -- lightweight client for the RFC8555 ACMEv2 protocol

Package: wnpp Severity: wishlist Owner: 'Nicola Di Lieto' *Package Name: uacme Version : 1.0.8 Upstream Author : Nicola Di Lieto *URL : https://github.com/ndilieto/uacme *License : GPL-3.0+ Description : lightweight client for the RFC8555 ACMEv2 protocol

Bug#928455: [pre-a] unblock: perl6-zef/0.6.2-2

Control: tags -1 moreinfo confirmed Mo Zhou: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > X-Debbugs-CC: Robert Lemmen , Dominique Dumont > > > Please unblock package perl6-zef > > (explain the reason for the unblock

Bug#928111: [pre-approval] unblock: icu/63.2-1

Control: tags -1 moreinfo Hi, On Sun, Apr 28, 2019 at 01:57:15PM +0200, László Böszörményi (GCS) wrote: > Hi Release Team, > > As Hideki Yamane noted on debian-release [1] Japanese new era is in > effect. ICU upstream released the 63.2 version to address this. The > packaging is ready to be

Bug#928472: pdftohtml litters the directory with all sort of binary named files

Package: poppler-utils Version: 0.71.0-3 Severity: important File: /usr/bin/pdftohtml pdftohtml is crazy, littering the directory with all kinds of raw binary names for the *.png files it creates. And then it can't find them anyway: And also the internal links are not ASCII either and all the

Bug#928471: Add TIME_STYLE=locale to column example

Package: bsdmainutils Version: 11.1.2+b1 Severity: wishlist File: /usr/share/man/man1/column.1.gz Actually the example should be (printf "PERM LINKS OWNER GROUP SIZE MONTH DAY " ; \ printf "HH:MM/YEAR NAME\n" ; \ TIME_STYLE=locale ls -l | sed 1d) | column -t To avoid messing up if TIME_STYLE

Bug#928269: unblock: cryptsetup/2.1.0-3

Control: tags -1 confirmed d-i Hi, On Tue, Apr 30, 2019 at 10:14:22PM +0200, Guilhem Moulin wrote: > The cryptsetup package found in Buster, currently at version 2:2.1.0-2, > contains regressions affecting unlocking using OpenSC (PKCS#15 compatible > Smart Card): > > [#926573] The

Bug#928269: unblock: cryptsetup/2.1.0-3

Ivo De Decker (2019-05-05): > On Tue, Apr 30, 2019 at 10:14:22PM +0200, Guilhem Moulin wrote: > > The cryptsetup package found in Buster, currently at version 2:2.1.0-2, > > contains regressions affecting unlocking using OpenSC (PKCS#15 compatible > > Smart Card): > > > > [#926573] The

Bug#928467: mailavenger passes the wrong value to --host

Source: mailavenger Version: 0.8.5-1 Tags: patch User: helm...@debian.org Usertags: rebootstrap mailavenger confuses build vs host and thus passes a wrong value to the --host flag of ./configure. Refer to man dpkg-architecture for details. The attached patch fixes the --host value. It doesn't

Bug#928466: jzip FTCBFS: uses the wrong compiler

Source: jzip Version: 210r20001005d-4 Tags: patch User: helm...@debian.org Usertags: rebootstrap jzip fails to cross build from source, because it uses the build architecture compiler as a make default. dpkg's buildtools.mk properly sets up the CC variable and the attached patch implements that.

Bug#928448: unblock: mmdebstrap/0.4.1-3

Control: tags -1 moreinfo confirmed Johannes 'josch' Schauer: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > > Hello release team! > > [...] > > I find especially support for old apt versions and derivative > distributions

  1   2   >