Bug#934729: gradle-debian-helper: support dh_auto_test

Package: gradle-debian-helper Version: 2.0.2 Hello, gradle-debian-helper does not seem to support dh_auto_test action, although this would be beneficial. In at least some of the sources I am interested in (for example [1]), gradle task 'test' is used to run the test suite. To run it, I may add

Bug#934089: firehol fails to use iptables-restore

Dear Jean Louis, thanks for your report. Have you tried, as suggested in the FireHOL message, /usr/sbin/firehol nofast try Please let me know the output of this action, if possible. Thanks in advance, Jerome -- Jerome BENOIT | calculus+at-rezozer^dot*net

Bug#934728: new upstream (7.80)

Package: nmap Severity: wishlist Hi, nmap 7.80 was released, it would be nice if you could upload it to unstable. Regards, Daniel

Bug#934034: monkeysphere: FTBFS in stretch

Chris Lamb: > [Correctly adding t...@release.debian.org to CC...] > > Hi Santiago, > >> For completeness I would also make the build-dependency on gnupg to be >> versioned. > > Good idea; updated patch attached. > > Stable release managers, would you consider this for the next stretch > point

Bug#934727: libvanessa-socket-dev: move vanessa-socket.pc to a Multi-Arch location

Package: libvanessa-socket-dev Version: 0.0.13-1 Tags: patch User: debian-cr...@lists.debian.org Usertags: ftcbfs Control: affects -1 + src:perdition perdition fails to cross build from source, because it cannot find vanessa-socket.pc. During cross compilation, pkg-config searches

Bug#934726: acme FTCBFS again: does not pass cross tools to make

Source: acme Version: 1:0.96.4-2 Tags: patch User: debian-cr...@lists.debian.org Usertags: ftcbfs acme fails to cross build from source again, because it does not pass cross tools to make while building contrib/toacme/src. The easiest way of fixing that - using dh_auto_build - makes acme cross

Bug#934725: nmu: golang-github-google-pprof_0.0~git20190109.e84dfd6-1

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu golang-github-google-pprof is holding up other Go packages from migrating to testing. pprof itself is not migrating since it was built by the uploader and never built on the buildds. So

Bug#923084: Misuse of dh_python3

Howdy, On Wed, 14 Aug 2019, Ben Finney wrote: On 01-Apr-2019, Unit 193 wrote: dh_python3 reads [its arguments such that] any path passed as an argument is prefixed with 'debian/$package/', which in this case ends up being 'debian/gandi-cli/debian/gandi-cli/...' I can now confirm this

Bug#934724: bugs.debian.org: Kernel Upgrade to 5.2.0-2 Appears to Break WiFi Using Broadcom BCM4352 Adapter

Package: linux-headers-5.2.0-2-common:amd64 (5.2.7-1, automatic), linux-image-5.2.0-2-amd64:amd64 (5.2.7-1, automatic), linux-headers-5.2.0-2-amd64:amd64 (5.2.7-1, automatic), linux-kbuild-5.2:amd64 (5.2.7-1, automatic) Severity: important Dear Maintainer, Kernel was upgraded to 5.2.0-2 on

Bug#933848: FTBFS if cmake is installed or if built twice in a row

Source: pygalmesh Followup-For: Bug #933848 Control: severity -1 important Control: tags -1 + moreinfo,unreproducible There is no cmake-related FTBFS for me. Fixing the tags for moreinfo,unreproducible -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy:

Bug#923084: Misuse of dh_python3

Control: tags -1 + confirmed pending On 01-Apr-2019, Unit 193 wrote: > dh_python3 reads [its arguments such that] any path passed as an > argument is prefixed with 'debian/$package/', which in this case > ends up being 'debian/gandi-cli/debian/gandi-cli/...' I can now confirm this difference.

Bug#842306: ITP: falco -- Sysdig Falco is a behavioral activity monitor designed to detect anomalous activity in your applications

Falco now has its very own website https://falco.org/ And github https://github.com/falcosecurity/falco +1 to getting this packaged On Wed, 2 Nov 2016 12:42:22 +0100 Julien Rabier wrote: > Le 01 nov. à 17:07, Evgeni Golov a écrit : > > Hi, > > > > On Mon, Oct 31, 2016 at 07:04:31PM +0100,

Bug#934723: shotwell: Crash when opening google photo login page

Package: shotwell Version: 0.30.4-1 Severity: normal Steps to reproduce: - select an image - click on "Publish" - the publish dialog opens... choose "Google Photos" - click the "Log in" button -> Segmentation fault A backtrace gives: #0 0x7fffd5c0cc9b in () at

Bug#934661: [PATCH] Keep help files in upstream location

tags 934661 patch thanks - >8 - Removing the entire contents due to the missing __init__.py file. Removing the markdown files from this location prevents the help from being displayed through the web UI. --- debian/python3-fava.docs | 1 - debian/rules | 4 2 files

Bug#934722: urweb: _FORTIFY_SOURCE=2 causes extreme slowdown

Source: urweb Version: 20170720+dfsg-2 Ur/Web’s C runtime currently builds with -D_FORTIFY_SOURCE=2 (really, with DEB_BUILD_MAINT_OPTIONS=hardening=+all), since it’s a library in the serving path. However, the runtime makes heavy use of %n format specifiers, and _FORTIFY_SOURCE=2 causes that

Bug#933828: ncbi-tools6/6.1.20170106+dfsg1-0+deb9u1

"Adam D. Barratt" writes: > Please go ahead with the stretch upload. Uploaded, thanks! -- Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org) http://www.mit.edu/~amu/ | http://stuff.mit.edu/cgi/finger/?a...@monk.mit.edu

Bug#934311: ncbi-tools6/6.1.20170106+dfsg1-0+deb10u1

"Adam D. Barratt" writes: > Please go ahead; thanks. Uploaded, thanks! -- Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org) http://www.mit.edu/~amu/ | http://stuff.mit.edu/cgi/finger/?a...@monk.mit.edu

Bug#772891: Doodle Mobile

لقد تم منحك مبلغ 1،300،000 دولار أمريكي من مؤسسة عبد الله الغرير دبي ، الإمارات العربية المتحدة لبرنامج المعونة الإنسانية / تخفيف وطأة الفقر. الرد على البريد الإلكتروني لدينا: em...@online-grant.org اكتب اسمك عنوان رقم ولاية الرد على البريد الإلكتروني لدينا:

Bug#934720: osm2pgsql 0.96 tile expiration memory leak

Package: osm2pgsql Version: 0.92.0+ds-2 Severity: important Tags: upstream Dear Maintainer, This bug report is for 0.96 from backports, NOT 0.92. To summarize, there appears to be a memory leak related to tile expiration. My initial bug report to the osm-dev list contains more information and

Bug#934717: xterm: fullscreen:never resource causes "xterm: Unrecognized keyword: never" warning

On Tue, Aug 13, 2019 at 07:10:08PM -0400, Greg Klanderman wrote: > Package: xterm > Version: 348-1 > Severity: normal > > Dear Maintainer, > > I notice that in xterm 348 (vs 337), I am seeing the following warning when > starting xterm from a shell: Actually broken in #347. Someone reported it

Bug#934719: RM: task-print-server -- NBS; RoM

Package: ftp.debian.org Severity: normal -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Dear ftpmaster, In tasksel/3.54, task-print-server was renamed to task-print-service. Despite being NBS, it doesn't appear in the latest [cruft-report], so I am filing this request for removal. Best,

Bug#931591: Bug update

Hi Bernhard, I ran `ulimit -c 0` and started handbrake from the Terminal. I added a folder's worth of files to the queue, set the output folder to the 5TB external drive, and clicked Start. Handbrake crashed as expected when starting the second encoding pass. The associated `journalctl

Bug#934718: switcheroo-control: Failed to start Switcheroo Control Proxy service

Package: switcheroo-control Version: 1.2-2 Severity: important Dear Maintainer, Switcheroo does not start. I tried, without success: $ systemctl restart switcheroo-control Here is the output of journalctl -xe: août 14 01:07:20 ARRAKIS systemd[1]: Starting Switcheroo Control Proxy service...

Bug#934655: libglib2.0-0: provide environment variable to suppress or redirect logging

On 2019-08-13 at 06:12:30, Philip Withnall wrote: > Hi, > > I can’t speak for the Debian project, but as an upstream GLib developer > I can say such an environment variable would not be welcome upstream. > > Hiding such warnings makes them less likely to be fixed. It’s a way of > sweeping bugs

Bug#813815: Open ITPs (turned into RFPs)

Hi Andreas, On Mon, Jul 22, 2019 at 07:42:06PM +0200, Andreas Tille wrote: > > you have at least two long standing ITPs (#813815 - r-cran-nfactors, > #835082 - r-cran-semplot, may be others) which were turned into RFPs > automatically. Could you give some statement whether these packages >

Bug#934717: xterm: fullscreen:never resource causes "xterm: Unrecognized keyword: never" warning

Package: xterm Version: 348-1 Severity: normal Dear Maintainer, I notice that in xterm 348 (vs 337), I am seeing the following warning when starting xterm from a shell: | xterm: Unrecognized keyword: never This is being caused by the following resource setting: XTerm*fullscreen: never and

Bug#923481: alpine: replies lose In-Reply-To and References headers

Howdy, On Tue, 13 Aug 2019, Thorsten Glaser wrote: severity 923481 serious thanks (Please remember to Cc the bug submitter when replying.) On Sat, 9 Mar 2019, Unit 193 wrote: As I understand it, this is not a regression in alpine but a difference in how pine and alpine function, correct?

Bug#934716: binutils patch applied, package now ftbfs

Package: src:cross-toolchain-base-mipsen VersioN: 5 Severity: serious Tags: sid bullseye the binutils patch is now applied, and the package now ftbfs. please remove the patch again.

Bug#932014: lib32stdc++-9-dev-x32-cross: Missing parenthesis in short description

Fixed in unstable/bullseye.

Bug#925573: gcc-9-cross-ports: incomplete copyright

Fixed in unstable/bullseye.

Bug#934678: libreoffice-writer: Cropping an image that is flipped does not work as expected

Package: libreoffice-writer Version: 1:6.3.0-2 Followup-For: Bug #934678 -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.19.0-5-amd64 (SMP w/4

Bug#934034: monkeysphere: FTBFS in stretch

[Correctly adding t...@release.debian.org to CC...] Hi Santiago, > For completeness I would also make the build-dependency on gnupg to be > versioned. Good idea; updated patch attached. Stable release managers, would you consider this for the next stretch point release? Regards, --

Bug#931684: libgit2 0.28 transition and libgit2-glib

On Tue, Aug 13, 2019 at 02:08:12PM +0530, Pirate Praveen wrote: > I'm trying to update in https://salsa.debian.org/praveen/libgit2-glib > (requested access to gnome-team) I sent you an MR [1]: updated the symbols, to fix another build failure. [1]

Bug#934678: libreoffice-writer: Cropping an image that is flipped does not work as expected

Package: libreoffice-writer Version: 1:6.3.0-2 Followup-For: Bug #934678 bug found -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux

Bug#934034: monkeysphere: FTBFS in stretch

[Adding rele...@lists.debian.org to CC] Hi Santiago, > For completeness I would also make the build-dependency on gnupg to be > versioned. Good idea; updated patch attached. Stable release managers, would you consider this for the next stretch point release? Regards, -- ,''`. :

Bug#934715: libcryptsetup12: crypt_keyslot_add_by_volume_key() fails on a LUKS2 header where all bound key slots were deleted

Package: libcryptsetup12 Version: 2:2.1.0-7 Severity: important Tags: upstream (Cloning upstream issue #466 so we can track it for Buster, Bullseye and sid.) Even when all (bound) key slots were removed from a LUKS header, the header is still salvageable given a copy of the master key. The

Bug#934711: Please package latest upstream, and switch to Python 3

Control: severity -1 normal Control: tags -1 pending On Tue, Aug 13, 2019 at 9:48 PM Thomas Goirand wrote: > We're trying to remove Python 2 for Bullseye. Yup, I do know it like you. > Please package the latest version upstream which has support for Python 3, > and remove Python 2 support /

Bug#934590: [Mlt-devel] Bug#934590: libmlt-data: The package became bloated

On 13.08.2019 22:22, Dan Dennedy wrote: On Mon, Aug 12, 2019 at 5:27 AM Patrick Matthäi > wrote: Am 12.08.2019 um 13:11 schrieb Горбешко Богдан: > Package: libmlt-data > Version: 6.16.0-3 > Severity: minor > > Dear Maintainer, > >

Bug#934714: RFA: yojson -- JSON library for OCaml

Package: wnpp Severity: normal Hello, Currently, yojson has no human maintainers. It is maintained by the Debian OCaml team because of the need of transition coordination, but needs more love and a dedicated maintainer. A potential maintainer should get familiar with [1], and in particular with

Bug#934713: os-prober: missing dependency on mount

Package: os-prober Version: 1.76 Severity: important Hi, The script /usr/lib/os-probes/50mounted-tests calls the `umount` utility which resides in the mount package. But os-prober does not depend on mount and thus one might get this error message: Generating grub configuration file ... Found

Bug#695873: memtest86+: Serial console does not work

Hi, Feel free do NMU - thanks much for this :) - Mail original - > De: "Louis-Philippe Véronneau" > À: 695...@bugs.debian.org > Envoyé: Mardi 13 Août 2019 21:44:38 > Objet: Bug#695873: memtest86+: Serial console does not work > > Hello! > > I'd be happy to make an NMU to fix this,

Bug#934697: re2c: please make the build reproducible

forwarded 934697 https://github.com/skvadrik/re2c/pull/258 thanks I've forwarded this upstream here: https://github.com/skvadrik/re2c/pull/258 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#934698: libchamplain: please make the build reproducible

forwarded 934698 https://gitlab.gnome.org/GNOME/libchamplain/merge_requests/9 thanks I've forwarded this upstream here: https://gitlab.gnome.org/GNOME/libchamplain/merge_requests/9 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk

Bug#934405: debhelper: Please ignore binNMUs in get_source_date_epoch() function

Control: tags -1 wontfix On Sat, 10 Aug 2019 21:24:37 +0300 Dmitry Shachnev wrote: > Package: debhelper > Version: 12.3 > Severity: wishlist > > Dear debhelper maintainers, > > Our package qtbase5-dev (which is marked as Multi-Arch: same) was recently > binNMUed, after which it started

Bug#934689: tzdata 2019b-0+deb10u1 flagged for acceptance

package release.debian.org tags 934689 = buster pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian buster. Thanks for your contribution! Upload details == Package: tzdata Version: 2019b-0+deb10u1

Bug#934688: tzdata 2019b-0+deb9u1 flagged for acceptance

package release.debian.org tags 934688 = stretch pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian stretch. Thanks for your contribution! Upload details == Package: tzdata Version: 2019b-0+deb9u1

Bug#906697: ck: baseline violation on i386

Looks like upstream release 0.7.0 has an option to disable sse, see: https://github.com/concurrencykit/ck/commit/f00aaa977b0cbdfb513e1e4e68c1e31ec42270d7 pgp9CzK01XWDT.pgp Description: OpenPGP digital signature

Bug#934491: libelogind0: failing to switch from systemd to sysvinit-core/elogind results in libsystemd.so.0 disappearing

On Tue, 13 Aug 2019, Adam Borowski wrote: > > 1. Merge elogind into libpam-elogind (not the other way round), > >as elogind without libpam-elogind is apparently (see the > >other thread) not useful in any way. > > I don't think it's reasonable to have the daemon in a library package. >

Bug#934491: libelogind0: failing to switch from systemd to sysvinit-core/elogind results in libsystemd.so.0 disappearing

On Tue, Aug 13, 2019 at 10:43:30PM +0200, Thorsten Glaser wrote: > On Tue, 13 Aug 2019, Adam Borowski wrote: > > > The prerm also makes systemd non-removable without uninstalling most > > packages, > > rebooting, then installing anew. Requiring such a reinstall is pretty much > > RC in by book.

Bug#934491: libelogind0: failing to switch from systemd to sysvinit-core/elogind results in libsystemd.so.0 disappearing

On Tue, Aug 13, 2019 at 10:36:04PM +0200, Thorsten Glaser wrote: > > > I would also add that it surprises me that apt requires symbols from > > > libsystemd.so. > > > > libapt-pkg uses sd-bus, systemd's implementation of D-Bus (the same one > > provided by libelogind), to tell systemd-logind (or

Bug#934491: libelogind0: failing to switch from systemd to sysvinit-core/elogind results in libsystemd.so.0 disappearing

On Tue, 13 Aug 2019, Adam Borowski wrote: > The prerm also makes systemd non-removable without uninstalling most packages, > rebooting, then installing anew. Requiring such a reinstall is pretty much > RC in by book. > > I've reported this before as #930105 but this got insta-closed+downgraded

Bug#933220: siridb-server: missing source for Release/makefile

Control: severity -1 normal Hi Jeroen, On 13-08-2019 11:51, Jeroen van der Heijden wrote: > The SiriDB project once started by using the Eclipse IDE which generates > the make-files and adds the "Auto generated.." comments. Since the > project is ejected from Eclipse we can now simply remove the

Bug#934491: libelogind0: failing to switch from systemd to sysvinit-core/elogind results in libsystemd.so.0 disappearing

On Tue, 13 Aug 2019, Simon McVittie wrote: > Ah, that's a major constraint on finding a correct solution here. systemd > is from the same source package as libsystemd0, so I think it's > reasonable for them to be in lockstep: systemd executables could well be > using private symbols or relying on

Bug#928920: patch: Introduce logging functions that check ${VERBOSE}

Dmitry Bogatov dixit: >--- /dev/null >+++ b/init-functions.d/00-verbose.jinja >@@ -0,0 +1,9 @@ >+## Generated automatically. Do not edit! -*- shell-script -*- >+{% for fn in log_functions %} >+v{{ fn }} () { ↑ no space here, please, for pdksh compatibility (allowing the

Bug#934491: libelogind0: failing to switch from systemd to sysvinit-core/elogind results in libsystemd.so.0 disappearing

On Tue, 13 Aug 2019, Mark Hindley wrote: > I would also add that it surprises me that apt requires symbols from > libsystemd.so. I haven't yet investigated what functionality that is. But that > is a side issue. Probably for “modern Poett^WLinux desktop” logging, or somesuch. bye, //mirabilos

Bug#933035: dmtcp: Should this package be removed?

Hi Moritz, I'm sorry for the delayed reply. We are about to release DMTCP version 2.6.0, and we are including a Debian package. We have verified with Yaroslav Halchenko that our proposed Debian package will pass. We should be submitting it this week. Also, we are replacing Kapil Arya by

Bug#934491: libelogind0: failing to switch from systemd to sysvinit-core/elogind results in libsystemd.so.0 disappearing

On Tue, Aug 13, 2019 at 09:10:12PM +0100, Simon McVittie wrote: > On Tue, 13 Aug 2019 at 19:58:09 +0100, Mark Hindley wrote: > > I would also add that it surprises me that apt requires symbols from > > libsystemd.so. > > libapt-pkg uses sd-bus, systemd's implementation of D-Bus (the same one >

Bug#934491: libelogind0: failing to switch from systemd to sysvinit-core/elogind results in libsystemd.so.0 disappearing

On Tue, Aug 13, 2019 at 07:58:09PM +0100, Mark Hindley wrote: > On Tue, Aug 13, 2019 at 04:46:32PM +0200, Thorsten Glaser wrote: > > On Sun, 11 Aug 2019, Simon McVittie wrote: > > > Found while preparing a test VM to test #923240. Please raise this to > > > RC severity if you think it is justified

Bug#934712: node-mysql: CVE-2019-14939

Source: node-mysql Version: 2.16.0-2 Severity: important Tags: security upstream Forwarded: https://github.com/mysqljs/mysql/issues/2257 Hi, The following vulnerability was published for node-mysql. I'm opening this bug for now mainly for tracking. The upstream issue got locked down and the

Bug#934491: libelogind0: failing to switch from systemd to sysvinit-core/elogind results in libsystemd.so.0 disappearing

On Tue, 13 Aug 2019 at 19:58:09 +0100, Mark Hindley wrote: > systemd depends on a specific pacakged version of libsystemd0 (currently 241-7 > in sid) whilst all other packages at most depend on a particular src version > (eg. >= 213). Ah, that's a major constraint on finding a correct solution

Bug#885947: marco: After updating, restart (user or pc) and log in, desktop fails

Package: marco Followup-For: Bug #885947 Version: 1.22.2-1 Dear Maintainer. > This might really be a X driver specific issue. Perhaps, but as I said in message #30 "The PC woks fine in Debian 9, and too in Debian 10 testing with mate 1.18.1-3, just until I update to the following versions."

Bug#695873: memtest86+: Serial console does not work

Hello! I'd be happy to make an NMU to fix this, since: * there is a patch * the patch was tested by 4 people and it seems to work * the patch looks trivial * the patch has been merged in Fedora [1] I've emailed the maintainer directly to ask him if it would be OK with him for me to NMU this.

Bug#934711: Please package latest upstream, and switch to Python 3

Package: python-googleapi Version: 1.5.5-1 Severity: serious Hi, We're trying to remove Python 2 for Bullseye. python-monotonic support for Python 2 is removed, and therefore, your package depends on a cruft package. Please package the latest version upstream which has support for Python 3,

Bug#934710: systemtap: autopkgtest fails when there are two versions of linux-latest available

Source: systemtap Version: 4.1-7 Severity: serious X-Debbugs-CC: debian...@lists.debian.org User: debian...@lists.debian.org Usertags: flaky Control: affects -1 src:linux-latest Dear maintainers, With a recent upload of linux-latest the autopkgtest of systemtap fails in testing when that

Bug#934709: v4l2loopback: autopkgtest fails when there is a new version of linux-latest

Source: v4l2loopback Version: 0.12.1-1 Severity: serious X-Debbugs-CC: debian...@lists.debian.org User: debian...@lists.debian.org Usertags: issue Control: affects -1 src:linux-latest Dear maintainers, With a recent upload of linux-latest the autopkgtest of v4l2loopback fails in testing when

Bug#934590: [Mlt-devel] Bug#934590: libmlt-data: The package became bloated

On Mon, Aug 12, 2019 at 5:27 AM Patrick Matthäi wrote: > Am 12.08.2019 um 13:11 schrieb Горбешко Богдан: > > Package: libmlt-data > > Version: 6.16.0-3 > > Severity: minor > > > > Dear Maintainer, > > > > After the last upgrade, the package became about 230 MBs larger, > > because of a lot of

Bug#867067: nfs-kernel-server: nfsdcltrack fails to init database

This problem is still present in buster. The relevant strace output seems to be: capget({version=_LINUX_CAPABILITY_VERSION_3, pid=0}, NULL) = 0 capset({version=_LINUX_CAPABILITY_VERSION_3, pid=0}, {effective=0, permitted=0, inheritable=0}) = 0 access("/var/lib/nfs/nfsdcltrack", W_OK) = -1 ENOENT

Bug#934453: curl: SSL

On 2019-08-12 23:59:10 [+0200], Kurt Roeckx wrote: > > Kurt, could we get something into OpenSSL (aka openssl s_client > > -connect) which describes the error more accurate / verbose? > > I will try to collect some information and point the ssllabs people to > > it hoping that it will pop up in

Bug#934491: libelogind0: failing to switch from systemd to sysvinit-core/elogind results in libsystemd.so.0 disappearing

Thorsten, Thanks for this. On Tue, Aug 13, 2019 at 04:46:32PM +0200, Thorsten Glaser wrote: > On Sun, 11 Aug 2019, Simon McVittie wrote: > > > Found while preparing a test VM to test #923240. Please raise this to > > RC severity if you think it is justified - I don't want to create the > > I

Bug#934708: gitlab: CVE-2019-14942 CVE-2019-14944 (GitLab Critical Security Release: 12.1.6, 12.0.6, and 11.11.8)

Source: gitlab Version: 11.8.10+dfsg-1 Severity: grave Tags: security upstream Justification: user security hole Hi, The following vulnerabilities were published for gitlab, another round of gitlab issues. Where this time only two CVE are affecting the versions present in Debian.

Bug#672361: bootlogd: escape sequences should be filtered out

On 8/13/19 2:06 PM, Dmitry Bogatov wrote: > [2019-08-12 17:45] Jesse Smith >> Certainly. Attached is a file with the last 20 lines of the >> /var/boot/log file on a test machine. When I view the log with "less" >> the output looks normal. When I run the file through "head" "tail" or >> "cat" the

Bug#695873: memtest86+: Serial console does not work

I have also confirmed the patch to fix serial console that was sent to #695873 works. I was applying it to 5.01-3, building on buster, installed and booted fine. Please apply. Thanks, -- Matt Taggart tagg...@debian.org

Bug#933275: Patch for #933275

tags 933275 +patch thanks Hi, here's a patch I've also sent to the mailing list. Works for me, but probably needs some testing that it doesn't break anything else. Simon >From 13105537e68f0d3692b19a0f5cf675d79e32d42a Mon Sep 17 00:00:00 2001 From: Simon Richter Date: Tue, 13 Aug 2019

Bug#934707: Temporal fix-up

As temp workaround, inspect policy files in /etc/dbus-1/system.d and create missed users. One liner: for i in $(awk 'BEGIN{FS="user=\"|\">"}; $0 ~ /policy user=/{print $2}' /etc/dbus-1/system./* | sort -u); do [ "x$(getent passwd $i)" = "x" ] && { useradd -Mr $i && echo System user $i created; };

Bug#932540: epiphany-browser: Gmail doesn't work correctly in Epiphany in buster

I ticked off everything: Try to block advertisements, Try to block web trackers, and even Try to block dangerous websites. Didn't work (sending this from Firefox). As a test I tried sending a message. While I was composing it a red banner appeared with the text "Errore durante il salvataggio

Bug#934678: libreoffice-writer: Cropping an image that is flipped does not work as expected

notfound 934678 6.3.0.4 # according to upstream bug found 934678 1:5.0.0~rc5-1 forwarded 934678 https://bugs.documentfoundation.org/show_bug.cgi?id=104995 thanks On Tue, Aug 13, 2019 at 12:25:27PM +0300, Vangelis Skarmoutsos wrote: >Package: libreoffice-writer >Version: 6.3.0.4 Version:

Bug#932584: Please help fix pydoctor

Hi, On Sun, Jul 28, 2019 at 02:00:56PM +0100, Ian Jackson wrote: > Hi, Python folks. > > I think help is needed regarding > > #932584 python-pydoctor: Epydoc will be removed > > It seems to be languishing rather. What I don't understand is why > pydoctor depends on epydoc given that, in the

Bug#598351: texlive-latex-base: Error when using lmodern fonts together with T1 fontenc

On Tue, 13 Aug 2019, Hilmar Preuße wrote: > Are you sure, that the format files read the EC fonts? If yes, why does > redefining the \fontfamily before loading fontenc solves the problem? Indeed, maybe then it is some AtBeginDocument hooks? Not sure exactely, but I am not really interested in

Bug#934518: stretch-pu: package libebml/1.3.4-1

On 2019-08-13 18:22:48, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Sun, 2019-08-11 at 23:08 +0200, Sebastian Ramacher wrote: > > I'd like to fix CVE-2019-13615 in libebml in stetch (the security > > team > > classified it as no-DSA). The proposed debdiff is attached. > > > >

Bug#934707: [dbus,systemd,sssd]: Unresponsive domain and nonexistent user in policy lead to reload fail and fall of dependant daemons.

Package: dbus Version: 1.12.16-1 Severity: normal Dear Maintainer. As subject says, if sssd can't reach dc, dbus get NoReply fail and succesfully restarted aftervards with following consequences: 1. reload process lagging due sssd timeouts; 2. other daemons fail because 1 or dbus restart; 3.

Bug#598351: texlive-latex-base: Error when using lmodern fonts together with T1 fontenc

Am 13.08.2019 um 18:07 teilte Norbert Preining mit: > On Tue, 13 Aug 2019, Hilmar Preuße wrote: Hi Norbert, >> information that the problem can be avoided as described above. Still >> I'm not sure if it is a bug in fontenc package. > > I guess it is a problem with the default format dump, which

Bug#684128: Bug 684128, GB vs GiB

Well, it's been 7 years since this bug was opened. Sure, it's not killing anyone. And I assume that the partitioner correctly handles alignment issues for current drives. But still, IMHO, any time software does something other than what you expect it to do, it's broken. A simple suggestion:

Bug#934697: re2c: please make the build reproducible

Control: tags -1 + confirmed pending https://github.com/jcfp/debpkg-re2c/commit/9301836027a2292cc992e7525b1891b91f8b33b2 Thanks for the patch! pgp0wo7WHSndn.pgp Description: OpenPGP digital signature

Bug#934508: stretch-pu: package openldap/2.4.44+dfsg-5+deb9u3

Control: tags -1 + confirmed On Sun, 2019-08-11 at 11:45 -0700, Ryan Tandy wrote: > I would like to update openldap in stretch to fix two CVEs and one > additional important bug. I already discussed the CVEs with the > security > team and we agreed on fixing them in a point release. > Please go

Bug#934518: stretch-pu: package libebml/1.3.4-1

Control: tags -1 + confirmed On Sun, 2019-08-11 at 23:08 +0200, Sebastian Ramacher wrote: > I'd like to fix CVE-2019-13615 in libebml in stetch (the security > team > classified it as no-DSA). The proposed debdiff is attached. > Please go ahead; thanks. Regards, Adam

Bug#934507: buster-pu: package openldap/2.4.47+dfsg-3+deb10u1

Control: tags -1 + confirmed On Sun, 2019-08-11 at 11:45 -0700, Ryan Tandy wrote: > I would like to update openldap in buster to fix two CVEs and one  > additional important bug. I already discussed the CVEs with the > security  > team and we agreed on fixing them in a point release. > Please

Bug#934704: buster-pu: package node-lodash/4.17.11+dfsg-2+deb10u1

Package: release.debian.org Severity: normal Tags: buster User: release.debian@packages.debian.org Usertags: pu Hi all, node-lodash is vulnerable to prototype pollution (#933079, CVE-2019-10744). I imported upstream fix in the attached debdiff. Cheers, Xavier diff --git a/debian/changelog

Bug#933799: geary FTBFS - ERROR: Problem encountered: SQLite3 is missing FTS3 tokenizer support

On Sat, 03 Aug 2019 21:10:48 +0530 Pirate Praveen wrote: > Package: geary > version: 3.32.0-1 > Severity: serious > > I tried building in both buster and sid, both builds failed. Built with > an uptodate chroot using sbuild. > > Header has symbol "SQLITE_DBCONFIG_ENABLE_FTS3_TOKENIZER" >

Bug#934463: initscripts: consider taking over hwclock policy machinery

[2019-08-12 22:37] Andreas Henriksson > > This is how things usually done on non-conffiles. Are there > > additional complications with conffiles? > > Yes, there are many gotchas with conffiles. Extensive testing is > needed. Yes. We could use semi-automatic tests in Docker, like

Bug#672361: bootlogd: escape sequences should be filtered out

[2019-08-12 17:45] Jesse Smith > >> I tried it and the "head", "cat" and "tail" commands mangle the lines > >> of the log file when escape sequences are not escaped. Output from > >> "less" is clean though and looks correct. > > Interesting. Can you please send text that shows this behaviour?

Bug#934650: buster-pu: package open-infrastructure-compute-tools/20190301-lts2-1~deb10u1

Control: tags -1 + confirmed On Tue, 2019-08-13 at 00:58 +0200, Daniel Baumann wrote: > unfortunatlly I did a rebase error when preparing the upload for > buster, so one necessary 'case' statement got removed that shouldn't. > > The effect of the missing 'case' statement is that when containers

Bug#933828: ncbi-tools6/6.1.20170106+dfsg1-0+deb10u1

Control: tags -1 + confirmed On Sat, 2019-08-03 at 23:27 -0400, Aaron M. Ucko wrote: > Thorsten Alteholz from the FTP Master team recently pointed out a > couple of long-standing copyright-related issues with ncbi-tools6: > some data files turned out to contain non-free portions, and >

Bug#934706: Long description insufficient to understand what package does

package: node-lodash version: 4.17.11+dfsg-4 The entire description is: Description-en: Lo-dash is a Node.js utility library Lo-dash is a Node.js utility library delivering consistency, customization, performance, & extras.

Bug#930603: libdockapp-dev: pkg-config file Requires xext without dependency on libxext-dev

On 2019-06-16 "Torrance, Douglas" wrote: > On Sun, Jun 16, 2019 at 7:30 AM Andreas Metzler > mailto:ametz...@bebt.de>> wrote: >> /usr/lib/x86_64-linux-gnu/pkgconfig/dockapp.pc: >> Requires: x11 xext xpm >> Therefore anything build-depending on libdockapp-dev and using pkg-config >> to locate

Bug#934705: RM: sysbench [x32 sparc64 sh4 m68k hppa armhf alpha] -- ROM; build-dependencies unavailable

Package: ftp.debian.org Severity: normal Please remove the sysbench package for the architectures listed above. Recent versions of sysbench require libck which isn't available on these archs. See https://bugs.debian.org/921506 Thanks! pgpRxrQ7b_Jhy.pgp Description: OpenPGP digital signature

Bug#934311: ncbi-tools6/6.1.20170106+dfsg1-0+deb10u1

Control: tags -1 + confirmed On Sun, 2019-08-11 at 22:40 -0400, Aaron M. Ucko wrote: > [Switching to Buster version of this request, which got the new > number.] > > "Adam D. Barratt" writes: [...] > At any rate, I've just uploaded 6.1.20170106+dfsg1-2 to unstable with > the autopkgtest

Bug#934673: libgit2-glib ftbfs with meson.build:148:2: ERROR: Assert failed: libgit2 ssh support was requested, but not found. Use -Dssh=false to build without it

On 2019, ഓഗസ്റ്റ് 13 4:37:35 PM IST, Simon McVittie wrote: >On Tue, 13 Aug 2019 at 14:14:01 +0530, Pirate Praveen wrote: >> When building with sbuild, > >Is ccache preinstalled in the chroot you used? Yes. >> #include >> int >> main(int argc, const char *argv[]) >> { >>

Bug#934589: udev: net.ifnames is wrongly imported as a property for any/all devices

Am 13.08.19 um 18:07 schrieb quidame: > > > On 13/08/2019 17:44, Michael Biebl wrote: >> >> --export says >> >> -x, --export >>Print output as key/value pairs. Values are enclosed in >> single quotes. This takes effects only when --query=property or >> --device-id-of-file=FILE

Bug#873520: Check for bad distribution in d/changelog only when changes file is signed

Hi Chris, On Tue, Aug 13, 2019 at 9:10 AM Felix Lechner wrote: > > When the changes file is unsigned, which is part of the > normal workflow for those using 'dch', the tag is not issued. Did we get that logic right? Should Lintian perhaps complain instead when analysing a changes file---which

Bug#934702: RFP: yggdrasil -- End-to-end encrypted IPv6 networking to connect worlds.

Package: wnpp Severity: wishlist * Package name: yggdrasil Version: 0.3.6 Upstream Author: Arceliar, neilalexander, aparcar * URL: https://github.com/yggdrasil-network/yggdrasil-go * License: LGPLv3 Programming Lang: Go Description: End-to-end encrypted IPv6 networking to connect worlds.

  1   2   >