Bug#988349: mariadb-10.5: FTBFS on sh4: test suite fails to start

[Otto Kekäläinen]

Source: mariadb-10.5
Version: 1:10.5.9-1
Tags: confirmed, help, ftbfs
Severity: normal
Justification: source does build, but tests don't run and binaries are
unvalidated
User: debian-...@lists.debian.org
Usertags: sh4

Related: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972057

I noticed in the sh4 build log that the test suite does not start
after the build:

*
Full log: 
https://buildd.debian.org/status/fetch.php?pkg=mariadb-10.5=sh4=1%3A10.5.9-1=1617143952=0:
*
make[1]: Entering directory '/<>'
RULES.override_dh_auto_test
dh_testdir
# Skip unstable tests if such are defined for arch
cp mysql-test/unstable-tests debian/mysql-test-unstable-tests.orig
[ ! -f debian/unstable-tests.sh4 ] || cat debian/unstable-tests.sh4 >>
mysql-test/unstable-tests
# Run testsuite
make[1]: Leaving directory '/<>'
   create-stamp debian/debhelper-build-stamp
   dh_testroot -a -O--fail-missing
   dh_prep -a -O--fail-missing
rm -f -- debian/libmariadb-dev.substvars [..]
   debian/rules override_dh_auto_install
make[1]: Entering directory '/<>'
RULES.override_dh_auto_install
*

For some unknown reason mtr does not start at all. Thus we don't know
if the sh4 build actually succeeded or not.

In a normal build it should look like:

*
Full log at: 
https://buildd.debian.org/status/fetch.php?pkg=mariadb-10.5=x32=1%3A10.5.9-1=1614082043=0
*
RULES.override_dh_auto_test
dh_testdir
# Skip unstable tests if such are defined for arch
cp mysql-test/unstable-tests debian/mysql-test-unstable-tests.orig
[ ! -f debian/unstable-tests.x32 ] || cat debian/unstable-tests.x32 >>
mysql-test/unstable-tests
# Run testsuite
# Don't use --mem here as official Debian builders and most Docker
systems don't have a large mem device available and
# would fail with errors on lack of disk space.
cd builddir/mysql-test && \
./mtr --force --testcase-timeout=120 --suite-timeout=540 --retry=3 \
[...]
*


This is how the debian/rules looks like:

 override_dh_auto_test:
 @echo "RULES.$@"
 dh_testdir
 # Skip unstable tests if such are defined for arch
 cp mysql-test/unstable-tests debian/mysql-test-unstable-tests.orig
 [ ! -f debian/unstable-tests.$(DEB_HOST_ARCH) ] || cat
debian/unstable-tests.$(DEB_HOST_ARCH) >> mysql-test/unstable-tests
 # Run testsuite
 ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS)))
 # Don't use --mem here as official Debian builders and most
Docker systems don't have a large mem device available and
 # would fail with errors on lack of disk space.
 cd $(BUILDDIR)/mysql-test && \
 ./mtr --force --testcase-timeout=120 --suite-timeout=540 --retry=3 \
   --parallel=$(NUMJOBS) --skip-rpl --suite=main \
   --skip-test-list=unstable-tests
 endif


It is if as the line ` ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS)))`
always evaluated false..?

Bug#983095: pidgin: 5353/udp probe every 2 sec

[Richard Laager]

I was never able to reproduce this, nor was Gary (Pidgin lead developer).

Are you able to narrow this down at all? For example, if you run:

mkdir pidgin-test
pidgin -c pidgin-test

that will start with a blank config. Does it happen then? If not, try 
adding accounts and/or enabling plugins until you reproduce it.


Or, alternatively, work from the opposite direction by copying your config:

cp -a ~/.purple pidgin-test2
pidgin -c pidgin-test2

That should reproduce it. Then remove things from your config until it 
stops.


Or, do both and diff the two configs to know what to tweak.

--
Richard

Bug#978084: CPU: 2 PID: 5507 at drivers/gpu/drm/amd/amdgpu/../display/dc/core/dc_link.c:2548

[NG]

Hi there,
I cannot reproduce this bug anymore (tested with linux 5.10.28-1 aka 
linux 5.10.0-6-amd64 debian sid)



Great!
Peace.

El 8/05/21 a las 8:02 a. m., Salvatore Bonaccorso escribió:

is this still something you can reproduce with a recent 5.10.y kernel?

Regards,
Salvatore

Bug#988289: htmldoc: CVE-2019-19630

[Håvard Flaget Aasen]

On Mon, 10 May 2021 00:28:43 +0530 Utkarsh Gupta  wrote:
> Hello,
> 
> That's pretty unfortunate what happened. Since I fixed this in jessie
> (back when it was LTS), I'll take care of stretch (now that it's LTS)
> and subsequently buster as well. Thanks!
> 
> 


Hi Utkarsh,

I wasn't aware this versioning could be a problem.

I can make a release to buster if you want. I would need a sponsor
though, so if your determined, I won't rip it out of your hands.

Regardless who does it, can we fix CVE-2021-20308 [0] as well? It's
marked as unimportant but since we already is preparing packages...

I'v prepared a release to unstable and bullseye with the fix for
cve-2021-20308 it's on the mentors site now.

Håvard

[0] https://security-tracker.debian.org/tracker/CVE-2021-20308

Bug#988344: RFS: htmldoc/1.9.11-3 -- HTML processor that generates indexed HTML, PS, and PDF

[Håvard Flaget Aasen]

Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "htmldoc":

 * Package name: htmldoc
   Version : 1.9.11-3
   Upstream Author : Michael R Sweet 
 * URL : https://www.msweet.org/htmldoc/
 * License : BSD-2-Clause, zlib, GPL-2 with document exception,
MIT-CMU, PNG, bitstream, IJG, GPL-2, Apache-2.0, Apache-2.0 with
(L)GPL-2 exception
   Section : web

It builds those binary packages:

  htmldoc - HTML processor that generates indexed HTML, PS, and PDF
  htmldoc-common - Common arch-independent files for htmldoc

To access further information about this package, please visit the
following URL:

  https://mentors.debian.net/package/htmldoc/

Alternatively, one can download the package with dget using this command:

  dget -x
https://mentors.debian.net/debian/pool/main/h/htmldoc/htmldoc_1.9.11-3.dsc

Changes since the last upload:

 htmldoc (1.9.11-3) unstable; urgency=medium
 .
   * Add patch to mitigate buffer-overflow caused by integer-overflow in
 image_load_gif() Closes: 984765 and fixes CVE-2021-20308


The unblock to testing is confirmed in bug #988325

Regards,
Håvard

Bug#988348: checksecurity: Please adjust Recommends/Suggests

[Bryce Harrington]

Source: checksecurity
Severity: normal

Dear Maintainer,

Could you consider moving a few of checksecurity's Recommends to
Suggests?  These packages aren't included in Ubuntu's main archive so
we've been moving them to Suggests, but if you would be willing to take
this change into Debian it would enable us to autosync your package
directly from now on.

Specifically, this would be the change:

-Recommends: tiger, logcheck, tripwire | integrit | aide | samhain | fcheck, 
debsecan
-Suggests: apt-watch | cron-apt, lockfile-progs
+Recommends: logcheck
+Suggests: apt-watch | cron-apt, lockfile-progs, tiger, tripwire | integrit | 
aide | samhain | fcheck, debsecan

We also have dropped fcron as a dependency since fcron is no longer in
the archive, but I see there is a separate bug report about this:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798235

Bug#978656: RFA: zenburn-emacs -- low contrast color theme for Emacs

[Sean Whitton]

Hello,

On Sun 09 May 2021 at 04:14PM -07, Raúl Benencia wrote:

> Hello Sean, :-)
>
> On Sun, May 09, 2021 at 01:46:29PM -0700, Sean Whitton wrote:
>> Thanks for taking it over!  I've granted salsa access but would prefer
>> to sponsor a few more Emacs-related uploads by you before granting DM.
>
> Thanks so much for your prompt upload, and for granting me access to
> the team! Much appreciated.
>
> Also, thanks for mentioning that you would prefer to sponsor a few
> more uploads first before granting me DM permissions. I understand
> that and, if you don't mind, I'll CC you on future Emacs-related
> contributions that requires sponsoring.

Sure thing.

-- 
Sean Whitton


signature.asc
Description: PGP signature

Bug#988315: xterm menu display garbled

[Thomas Dickey]

On Mon, May 10, 2021 at 12:53:44PM +0200, Philipp Marek wrote:
> Package: xterm
> Version: 367-1
> Severity: minor
> X-Debbugs-Cc: phil...@marek.priv.at
> 
> Please see the attached screenshot.
> 
> It doesn't matter which menu I open (Ctrl+left, Ctrl+right, ctrl+middle 
> mouse button) - the right and bottom borders are always missing.

That's more likely a problem with the X server than xterm
(the menus are via Xaw, which is pretty stable).  For instance,
you might be using Wayland...

-- 
Thomas E. Dickey 
https://invisible-island.net
ftp://ftp.invisible-island.net


signature.asc
Description: PGP signature

Bug#988304: exim4: rsyslog log files not getting any new info

[GSR]

Hi,
ametz...@bebt.de (2021-05-10 at 1938.37 +0200):
> what log_file_path setting are you using? I am aware that 
> log_file_path = :syslog
> does not duplicate the entries to syslog but only logs to /var/log/exim4
> (See https://bugs.exim.org/show_bug.cgi?id=2733#c5 and later.)

Same config. To be exact, these are the config lines about syslog,
which have worked for years (log msgs once to syslog without time as
it will be added by logger and log to own files+syslog):
---8<---
syslog_duplication = false
syslog_timestamp = false
log_file_path = :syslog
--->8---
I just checked the documentation at exim.org and it seems their
purpose has not changed.

I see in the bugreport that explicit "/var/log/exim4/%slog : syslog"
works, but not ":syslog". So Debian 988304 is upstream 2733#c3.

Are we sure exim4 contacts rsyslog at all? Got the source, and all
those "else" & "if" without {} in src/log.c write_syslog() make me
doubt the compiler and humans agree what the source means.

Cheers,
GSR
 

Bug#988347: tuxpaint-stamps-default: Broken image placeholder is shown instead of melon stamp

[Judit Foglszinger]

Package: tuxpaint-stamps-default
Version: 2014.08.23-3.1
Severity: minor
Tags: patch

Hi,

the melon stamp in tuxpaint is broken
(placeholder image for broken pictures is shown instead of the melon picture);
from gimp's error message I assume that the reason is the picture being an 
inkscape svg instead of a plain svg:

Opening '/usr/share/tuxpaint/stamps/food/fruit/cartoon/watermelon.svg' failed: 
Could not open
'/usr/share/tuxpaint/stamps/food/fruit/cartoon/watermelon.svg' for reading: XML 
parse error: error
code=201 (3) in (null):12:30: Namespace prefix inkscape for label on g is not 
defined

Attached a patch with the same melon picture, just saved as plain svg.
Description: Fixing melon stamp
 Instead of a melon, a placeholder for broken images is shown in tuxpaint.
 This patch replaces the current inkscape svg with a plain svg
 what brings the melon stamp back.
Bug: 
Bug-Debian: https://bugs.debian.org/
Bug-Ubuntu: https://launchpad.net/bugs/
Forwarded: 
Reviewed-By: 
Last-Update: 2021-05-10

--- tuxpaint-stamps-2014.08.23.orig/stamps/food/fruit/cartoon/watermelon.svg
+++ tuxpaint-stamps-2014.08.23/stamps/food/fruit/cartoon/watermelon.svg
@@ -1,15 +1,30 @@
 
-
 http://inkscape.sourceforge.net/DTD/sodipodi-0.dtd;
+   xmlns:dc="http://purl.org/dc/elements/1.1/;
+   xmlns:cc="http://creativecommons.org/ns#;
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#;
+   xmlns:svg="http://www.w3.org/2000/svg;
+   xmlns="http://www.w3.org/2000/svg;
height="21cm"
id="svg2"
-   width="21cm">
+   width="21cm"
+   version="1.1">
+  
+
+  
+image/svg+xml
+http://purl.org/dc/dcmitype/StillImage; />
+
+  
+
+  
+  
   
+ id="layer1">
 


signature.asc
Description: This is a digitally signed message part.

Bug#966675: virt-v2v missing

[Hilko Bengen]

* Wong Hoi Sing Edison:

> BTW, I could find http://ftp.us.debian.org/debian/pool/main/v/virt-p2v/ but 
> nothing for 
> http://ftp.us.debian.org/debian/pool/main/v/virt-v2v/. Anywhere that I could 
> temporarily download the .deb for installing manually with
> dpkg?

The package has not yet been accepted into the unstable distribution.

In the meantime, you can use
https://salsa.debian.org/libvirt-team/virt-v2v and build source and
binary packages using git-buildpackage.

Cheers,
-Hilko

Bug#988072: release.debian.org: unblick (pre-approval): hivex/1.3.20-1

[Hilko Bengen]

>> For buster DSA 4913-1 was released to fix this issue, so ideally this
>> fix is present as well on bullseye. Does the debdiff look ok to you
>> for inclusion based on rebasing to 1.3.20-1.
>
> The bug report didn't make it to the list which is a good sign that the
> debdiff is too big. Please provide a filtered debdiff without the
> gnulib, auto*, etc. noise.

Here it is, generated by running

debdiff --exclude gnulib --exclude Makefile.in --exclude '*.m4' --exclude 
build-aux --exclude configure  hivex_1.3.{19,20}-1.dsc > 
hivex_1.3.20-1.min.debdiff

Cheers,
-Hilko
diff -Nru --exclude gnulib --exclude Makefile.in --exclude '*.m4' --exclude build-aux --exclude configure hivex-1.3.19/ChangeLog hivex-1.3.20/ChangeLog
--- hivex-1.3.19/ChangeLog	2020-07-29 12:16:43.0 +0200
+++ hivex-1.3.20/ChangeLog	2021-05-03 12:14:28.0 +0200
@@ -1,5 +1,86 @@
+2021-05-03  Richard W.M. Jones  
+
+	lib/handle.c: Bounds check for block exceeding page length (CVE-2021-3504)
+	Hives are encoded as fixed-sized pages containing smaller variable-
+	length blocks:
+
+	  +---+---+---+--
+	  | header|[ blk ][blk][ blk ]|[blk][blk][blk]|
+	  +---+---+---+--
+
+	Blocks should not straddle a page boundary.  However because blocks
+	contain a 32 bit length field it is possible to construct an invalid
+	hive where the last block in a page overlaps either the next page or
+	the end of the file:
+
+	  +---+---+
+	  | header|[ blk ][blk][ blk . ]
+	  +---+---+
+
+	Hivex lacked a bounds check and would process the registry.  Because
+	the rest of the code assumes this situation can never happen it was
+	possible to have a block containing some field (eg. a registry key
+	name) which would extend beyond the end of the file.  Hivex mmaps or
+	mallocs the file, causing hivex to read memory beyond the end of the
+	mapped region, resulting in reading other memory structures or a
+	crash.  (Writing beyond the end of the mapped region seems to be
+	impossible because we always allocate a new page before writing.)
+
+	This commit adds a check which rejects the malformed registry on
+	hivex_open.
+
+	Credit: Jeremy Galindo, Sr Security Engineer, Datto.com
+	Fixes: CVE-2021-3504
+	Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1949687
+
+2021-04-16  Richard W.M. Jones  
+
+	Update gnulib to latest.
+
+	Add instructions for fuzzing hivex using AFL or AFL++.
+
+	extra-tests: Remove fuzzing test.
+	We will soon add some instructions for using a real fuzzer like AFL++
+	so this test is not necessary.
+
+2020-09-15  rwmjones  
+
+	Merge pull request #13 from weblate/weblate-hivex-master
+	Translations update from Weblate
+
+2020-09-06  Jean-Baptiste Holcroft  
+	Jean-Baptiste Holcroft  
+
+	Translated using Weblate (French)
+	Currently translated at 100.0% (22 of 22 strings)
+
+	Translate-URL: https://translate.fedoraproject.org/projects/hivex/master/fr/
+	Translation: hivex/master
+
+2020-09-06  Weblate  
+	Weblate  
+
+	Update translation files
+	Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.
+
+	Translate-URL: https://translate.fedoraproject.org/projects/hivex/master/
+	Translation: hivex/master
+
+2020-08-27  Richard W.M. Jones  
+
+	Update translations from Zanata (RHBZ#1787302).
+
+2020-08-14  Matt Coleman  
+
+	Increase HIVEX_MAX_VALUES
+	Due to unintended interaction between Windows and VMWare's snapshot
+	functionality, HKLM\SYSTEM\MountedDevices can end up with more than
+	55,000 values.
+
 2020-07-29  Richard W.M. Jones  
 
+	build: Fix maintainer-tag rule.
+
 	Version 1.3.19.
 
 2020-07-29  Richard W.M. Jones  
diff -Nru --exclude gnulib --exclude Makefile.in --exclude '*.m4' --exclude build-aux --exclude configure hivex-1.3.19/config.h.in hivex-1.3.20/config.h.in
--- hivex-1.3.19/config.h.in	2020-07-29 12:16:03.0 +0200
+++ hivex-1.3.20/config.h.in	2021-05-03 12:12:46.0 +0200
@@ -62,6 +62,10 @@
 #undef GNULIB_LOCK
 
 /* Define to a C preprocessor expression that evaluates to 1 or 0, depending
+   whether the gnulib module malloc-posix shall be considered present. */
+#undef GNULIB_MALLOC_POSIX
+
+/* Define to a C preprocessor expression that evaluates to 1 or 0, depending
whether the gnulib module msvc-nothrow shall be considered present. */
 #undef GNULIB_MSVC_NOTHROW
 
@@ -111,12 +115,45 @@
 /* Define to 1 when the gnulib module fdopen should be tested. */
 #undef GNULIB_TEST_FDOPEN
 
+/* Define to 1 when the gnulib module fgetc should be tested. */
+#undef GNULIB_TEST_FGETC
+
+/* Define to 1 when the gnulib module fgets should be tested. */
+#undef GNULIB_TEST_FGETS
+
+/* Define to 1 when the gnulib module fprintf should be tested. */
+#undef GNULIB_TEST_FPRINTF
+
+/* Define to 1 when the gnulib module fputc should be tested. */
+#undef GNULIB_TEST_FPUTC
+
+/* Define to 1 when the 

Bug#988333: linux-image-5.10.0-6-amd64: VGA Intel IGD Passthrough to Debian Xen HVM DomUs not working, but Windows Xen HVMs do work

[Chuck Zmudzinski]

Package: src:linux
Version: 5.10.28-1
Severity: normal
Tags: upstream

Dear Maintainer,

I have been using Xen's PCI and VGA passthrough feature since wheezy and jessie 
were the stable versions, and back then both Windows HVMs and Linux HVMs would 
function with the Intel Integrated Graphics Device (IGD), the audio device, and 
the USB 3 controller passed to them. But with buster and bullseye running as 
the Dom0, I can only get the VGA/Passthrough feature to work with Windows Xen 
HVMs. I would expect both Windows and Linux HVMs to work comparably well. 


-- Package-specific info:
Linux version 5.10.0-6-amd64 (debian-ker...@lists.debian.org) (gcc-10 (Debian 
10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2) #1 SMP 
Debian 5.10.28-1 (2021-04-09)

BOOT_IMAGE=/boot/vmlinuz-5.10.0-6-amd64 
root=UUID=332b3875-d57c-4083-9d46-3faa28d60691 ro xen-fbfront.video=24,1368,768 
quiet - this is what I have on the bullseye DomU.

On the Dom0, I have
BOOT_IMAGE=/boot/vmlinuz-5.10.0-6-amd64 root=/dev/debian/bullseye ro 
reboot=bios quiet console=tty1 console=hvc0
 
On Dom0, the Xen commandline and version (from xl dmesg):
dom0_mem=2G,max:2G smt=false pv-l1tf=false iommu=1 no-real-mode edd=off
Xen version 4.14.2-pre (Debian 4.14.1+11-gb0b734a8b3-1) 
(pkg-xen-de...@lists.alioth.debian.org) (x86_64-linux-gnu-gcc (Debian 10.2.1-6) 
10.2.1 20210110) debug=n  Sun Feb 28 18:49:45 UTC 2021
Bootloader: GRUB 2.02+dfsg1-20+deb10u2

kernel logs (problems reported in Dom0's syslog when trying to start this 
Debian bullseye Xen HVM DomU with Xen VGA/PCI  passthrough configured):

May  9 10:52:20 bullseye kernel: [0.00] Linux version 5.10.0-6-amd64 
(debian-ker...@lists.debian.org) (gcc-10 (Debian 10.2.1-6) 10.2.1 20210110, GNU 
ld (GNU Binutils for Debian) 2.35.2) #1 SMP Debian 5.10.28-1 (2021-04-09)
May  9 10:52:20 bullseye kernel: [0.00] Command line: placeholder 
root=/dev/debian/bullseye ro reboot=bios quiet console=tty1 console=hvc0
.
.
.
Start a bullseye Xen HVM configured for PCI/VGA passthrough using the bullseye 
Xen and Qemu packages for bullseye on Dom0 (Haswell Intel IGD + audio device + 
USB 3.0 controller):

May 10 08:50:03 bullseye kernel: [79077.644346] pciback :00:1b.0: 
xen_pciback: vpci: assign to virtual slot 0
May 10 08:50:03 bullseye kernel: [79077.644478] pciback :00:1b.0: 
registering for 16
May 10 08:50:03 bullseye kernel: [79077.644732] pciback :00:14.0: 
xen_pciback: vpci: assign to virtual slot 1
May 10 08:50:03 bullseye kernel: [79077.644874] pciback :00:14.0: 
registering for 16
May 10 08:50:03 bullseye kernel: [79077.645024] pciback :00:02.0: 
xen_pciback: vpci: assign to virtual slot 2
May 10 08:50:03 bullseye kernel: [79077.645107] pciback :00:02.0: 
registering for 16
May 10 08:50:30 bullseye kernel: [79105.273876] vif vif-16-0 vif16.0: Guest Rx 
ready
May 10 08:50:30 bullseye kernel: [79105.273893] IPv6: ADDRCONF(NETDEV_CHANGE): 
vif16.0: link becomes ready
May 10 08:50:30 bullseye kernel: [79105.278023] xen-blkback: 
backend/vbd/16/51712: using 4 queues, protocol 1 (x86_64-abi) persistent grants
May 10 08:50:44 bullseye kernel: [79119.104937] irq 16: nobody cared (try 
booting with the "irqpoll" option)
May 10 08:50:44 bullseye kernel: [79119.104973] CPU: 0 PID: 0 Comm: swapper/0 
Not tainted 5.10.0-6-amd64 #1 Debian 5.10.28-1
May 10 08:50:44 bullseye kernel: [79119.104976] Hardware name: To Be Filled By 
O.E.M. To Be Filled By O.E.M./B85M Pro4, BIOS P2.50 12/11/2015
May 10 08:50:44 bullseye kernel: [79119.104979] Call Trace:
May 10 08:50:44 bullseye kernel: [79119.104984]  
May 10 08:50:44 bullseye kernel: [79119.104998]  dump_stack+0x6b/0x83
May 10 08:50:44 bullseye kernel: [79119.105008]  __report_bad_irq+0x35/0xa7
May 10 08:50:44 bullseye kernel: [79119.105014]  note_interrupt.cold+0xb/0x61
May 10 08:50:44 bullseye kernel: [79119.105024]  handle_irq_event+0xa8/0xb0
May 10 08:50:44 bullseye kernel: [79119.105030]  handle_fasteoi_irq+0x78/0x1c0
May 10 08:50:44 bullseye kernel: [79119.105037]  generic_handle_irq+0x47/0x50
May 10 08:50:44 bullseye kernel: [79119.105044]  
__evtchn_fifo_handle_events+0x175/0x190
May 10 08:50:44 bullseye kernel: [79119.105054]  
__xen_evtchn_do_upcall+0x66/0xb0
May 10 08:50:44 bullseye kernel: [79119.105063]  
__xen_pv_evtchn_do_upcall+0x11/0x20
May 10 08:50:44 bullseye kernel: [79119.105069]  asm_call_irq_on_stack+0x12/0x20
May 10 08:50:44 bullseye kernel: [79119.105072]  
May 10 08:50:44 bullseye kernel: [79119.105079]  
xen_pv_evtchn_do_upcall+0xa2/0xc0
May 10 08:50:44 bullseye kernel: [79119.105084]  
exc_xen_hypervisor_callback+0x8/0x10
May 10 08:50:44 bullseye kernel: [79119.105091] RIP: 
e030:xen_hypercall_sched_op+0xa/0x20
May 10 08:50:44 bullseye kernel: [79119.105097] Code: 51 41 53 b8 1c 00 00 00 
0f 05 41 5b 59 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 51 41 
53 b8 1d 00 00 00 0f 05 <41> 5b 59 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc 
cc cc cc cc
May 10 08:50:44 bullseye kernel: 

Bug#988346: RFS: fpart/1.3.0-1

[Ganael Laplanche]

Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "fpart":

 * Package name: fpart
   Version : 1.3.0-1
   Upstream Author : Ganael Laplanche 
 * URL : http://sourceforge.net/projects/fpart/
 * License : BSD-3-Clause
 * Vcs : https://salsa.debian.org/debian/fpart.git
   Section : misc

It provides the following tools:

  fpart (binary)
  fpsync (shell script)

To access further information about this package, please visit the following 
URL:

  https://mentors.debian.net/package/fpart

Changes since the last upload:

Import Debian changes 1.3.0-1

fpart (1.3.0-1) unstable; urgency=low

  * New upstream release
  * debian/control
- Bump Standards-Version to 4.5.1 (no changes required)
- Add mailx to Depends

Regards,

-- 
Ganael LAPLANCHE 
http://www.martymac.org | http://contribs.martymac.org
FreeBSD: martymac , http://www.FreeBSD.org

Bug#988345: deluge-console: KeyError: 'ngettext'

[Sebastian Ramacher]

Package: deluge-console
Version: 2.0.3-3
Severity: normal

% deluge-console
Unable to initialize gettext/locale!
'ngettext'
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/deluge/i18n/util.py", line 118, in 
setup_translation
builtins.__dict__['_n'] = builtins.__dict__['ngettext']
KeyError: 'ngettext'

Cheers
-- 
Sebastian Ramacher

Bug#987921: [RFS] Re: Bug#987921: linbox FTBFS on 32bit with gcc 10

[Nilesh Patra]

Hi Anton,

On Tue, 11 May, 2021, 2:47 am Anton Gladky,  wrote:

> Your changes look good. Let's wait for approval by
> release team not to pollute unstable by unapproved uploads.
>

The release team has responded that it's a targeted fix, and can be
uploaded.
You might want to see the full reply here[1]

[1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988296#10

Nilesh

Bug#987921: [RFS] Re: Bug#987921: linbox FTBFS on 32bit with gcc 10

[Anton Gladky]

Your changes look good. Let's wait for approval by
release team not to pollute unstable by unapproved uploads.

Regards

Anton


Am Mo., 10. Mai 2021 um 11:40 Uhr schrieb Torrance, Douglas <
dtorra...@piedmont.edu>:

> On Sun 09 May 2021 05:16:38 PM EDT, Anton Gladky wrote:
> > I will review/upload the package tomorrow,
> > Please file a pre-approval request against release.debian.org. Thanks
>
> Thanks!  Pre-approval request: https://bugs.debian.org/988296
>
> Doug

Bug#988278: [pre-approval] unblock: libgetdata/0.10.0-10

[Sebastian Ramacher]

Control: tags -1 confirmed

On 2021-05-10 22:35:28, Anton Gladky wrote:
> Control: tags -1 -moreinfo
> 
> Hi Sebastian,
> 
> Thanks for looking into this issue. Yes, it is intentional. We should always
> check whether first_raw is NULL or not.

Then please go ahead.

Cheers

> 
> I have reproduced the issue in the CI-pipeline [1], and the proposed patch
> fixes
> the issue [2]: no more segfault, just an error message due to exploit.
> 
> [1] https://salsa.debian.org/science-team/libgetdata/-/jobs/1631525
> [2] https://salsa.debian.org/science-team/libgetdata/-/jobs/1633848
> 
> Anton
> 
> 
> Am Mo., 10. Mai 2021 um 22:27 Uhr schrieb Sebastian Ramacher <
> sramac...@debian.org>:
> 
> 
> > > +--- libgetdata-0.10.0.orig/src/parse.c
> > >  libgetdata-0.10.0/src/parse.c
> > > +@@ -2504,6 +2504,9 @@ char *_GD_ParseFragment(FILE *restrict f
> > > + if (D->error == GD_E_OK && !match)
> > > +   first_raw = _GD_ParseFieldSpec(D, p, n_cols, in_cols,
> > strlen(in_cols[0]),
> > > +   NULL, me, 0, 1, , tok_pos);
> > > ++  if (first_raw == NULL) {
> > > ++_GD_SetError(D, GD_E_BAD_DIRFILE, GD_E_ENTRY_TYPE, NULL, 0,
> > NULL);
> > > ++  }
> >
> > Is it intentional that newly addeded if is evaluated in any case or is
> > this patch missing curly brackets for the body of "if (D->error =
> > GD_E_OK && !match)"?
> >

-- 
Sebastian Ramacher

Bug#988278: [pre-approval] unblock: libgetdata/0.10.0-10

[Anton Gladky]

Control: tags -1 -moreinfo

Hi Sebastian,

Thanks for looking into this issue. Yes, it is intentional. We should always
check whether first_raw is NULL or not.

I have reproduced the issue in the CI-pipeline [1], and the proposed patch
fixes
the issue [2]: no more segfault, just an error message due to exploit.

[1] https://salsa.debian.org/science-team/libgetdata/-/jobs/1631525
[2] https://salsa.debian.org/science-team/libgetdata/-/jobs/1633848

Anton


Am Mo., 10. Mai 2021 um 22:27 Uhr schrieb Sebastian Ramacher <
sramac...@debian.org>:


> > +--- libgetdata-0.10.0.orig/src/parse.c
> >  libgetdata-0.10.0/src/parse.c
> > +@@ -2504,6 +2504,9 @@ char *_GD_ParseFragment(FILE *restrict f
> > + if (D->error == GD_E_OK && !match)
> > +   first_raw = _GD_ParseFieldSpec(D, p, n_cols, in_cols,
> strlen(in_cols[0]),
> > +   NULL, me, 0, 1, , tok_pos);
> > ++  if (first_raw == NULL) {
> > ++_GD_SetError(D, GD_E_BAD_DIRFILE, GD_E_ENTRY_TYPE, NULL, 0,
> NULL);
> > ++  }
>
> Is it intentional that newly addeded if is evaluated in any case or is
> this patch missing curly brackets for the body of "if (D->error =
> GD_E_OK && !match)"?
>

Bug#986286: diaspora-installer update for #986286

[Pirate Praveen]

Hi,

diaspora-installer installation is broken in buster-backports because 
mime-magic gem got removed from rubygems.org due to a licensing oversight 
making its effective license as GPL instead of its upstream preferred license 
of MIT/Expat.

More details of the bug here, 
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986286

It is already fixed in unstable, but due to freeze, testing migration will take 
20 days. Would it be possible to give an exception to upload the version from 
unstable to buster-backports ?

Thanks
Praveen

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Bug#988293: unblock: hamlib/4.0-5

[Sebastian Ramacher]

On 2021-05-09 22:35:48, Christoph Berg wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please unblock package hamlib.

If the autopkgtest on i386 wouldn't fail, hamlib would be able to
migrate without an unblock. Could you please fix the autopkgtest? Thanks

Cheers

> 
> [ Reason ]
> The update fixes #988290.
> 
> [ Risks ]
> debian/control-only change.
> 
> [ Checklist ]
>   [x] all changes are documented in the d/changelog
>   [x] I reviewed all changes and I approve them
>   [x] attach debdiff against the package in testing
> 
> unblock hamlib/4.0-5
> 
> Thanks,
> Christoph

> 
> Control files: lines which differ (wdiff format)
> 
> {+Breaks:+}
> {+ libhamlib2-perl (<< 4.0),+}
> {+Breaks:+}
> {+ libhamlib2-tcl (<< 4.0),+}
> {+Breaks:+}
> {+ lua-hamlib2 (<< 4.0),+}
> {+Breaks:+}
> {+ python3-libhamlib2 (<< 4.0),+}
> 
> diff -Nru hamlib-4.0/debian/changelog hamlib-4.0/debian/changelog
> --- hamlib-4.0/debian/changelog   2021-01-12 10:52:31.0 +0100
> +++ hamlib-4.0/debian/changelog   2021-05-09 22:00:33.0 +0200
> @@ -1,3 +1,9 @@
> +hamlib (4.0-5) unstable; urgency=medium
> +
> +  * Add Breaks to module packages renamed in 4.0-1. (Closes: #988290)
> +
> + -- Christoph Berg   Sun, 09 May 2021 22:00:33 +0200
> +
>  hamlib (4.0-4) unstable; urgency=medium
>  
>* Pull patches from upstream to fix issues with Icom (IC706 in particular)
> diff -Nru hamlib-4.0/debian/control hamlib-4.0/debian/control
> --- hamlib-4.0/debian/control 2021-01-12 09:48:48.0 +0100
> +++ hamlib-4.0/debian/control 2021-05-09 22:00:33.0 +0200
> @@ -132,6 +132,8 @@
>   libhamlib2-perl,
>  Replaces:
>   libhamlib2-perl (<< 4.0),
> +Breaks:
> + libhamlib2-perl (<< 4.0),
>  Description: Run-time perl library to control radio transceivers and 
> receivers
>   Most recent amateur radio transceivers allow external control of their
>   functions through a computer interface. Unfortunately, control commands are
> @@ -165,6 +167,8 @@
>   libhamlib2-tcl,
>  Replaces:
>   libhamlib2-tcl (<< 4.0),
> +Breaks:
> + libhamlib2-tcl (<< 4.0),
>  Description: Run-time Tcl library to control radio transceivers and receivers
>   Most recent amateur radio transceivers allow external control of their
>   functions through a computer interface. Unfortunately, control commands are
> @@ -200,6 +204,8 @@
>   ${python3:Provides},
>  Replaces:
>   python3-libhamlib2 (<< 4.0),
> +Breaks:
> + python3-libhamlib2 (<< 4.0),
>  Description: Run-time Python3 library to control radio transceivers and 
> receivers
>   Most recent amateur radio transceivers allow external control of their
>   functions through a computer interface. Unfortunately, control commands are
> @@ -275,6 +281,8 @@
>   ${lua:Provides},
>  Replaces:
>   lua-hamlib2 (<< 4.0),
> +Breaks:
> + lua-hamlib2 (<< 4.0),
>  XB-Lua-Version: ${lua:Versions}
>  Description: Run-time Lua library to control radio transceivers and receivers
>   Most recent amateur radio transceivers allow external control of their


-- 
Sebastian Ramacher

Bug#988343: libsane1: Segmentation fault in hp4200.c:1501

[Hauke Mehrtens]

Package: libsane1
Version: 1.0.31-4

When I scan a document with simple-scan, which uses libsane1 in Debian 
Bullseye the application crashes with a segmentation fault when I slick 
the "scan" button.


I am using a HP, Inc ScanJet 4200c ( 03f0:0105 ) scanner.

I started simple-scan in gdb and got this backtrace:
---
__memset_avx2_erms () at 
../sysdeps/x86_64/multiarch/memset-vec-unaligned-erms.S:151
Download failed: Invalid argument.  Continuing without source file 
./string/../sysdeps/x86_64/multiarch/memset-vec-unaligned-erms.S.
151	../sysdeps/x86_64/multiarch/memset-vec-unaligned-erms.S: No such 
file or directory.

(gdb) bt
#0  __memset_avx2_erms () at 
../sysdeps/x86_64/multiarch/memset-vec-unaligned-erms.S:151
#1  0x7fffd9cb308f in memset (__len=1073217600, __ch=0, 
__dest=) at 
/usr/include/x86_64-linux-gnu/bits/string_fortified.h:71
#2  do_fine_calibration (s=0x7fffd40e8850, coarse=0x7fffdb6009a0) at 
hp4200.c:1501

#3  0x in  ()
(gdb) list *do_fine_calibration
0x7fffd9cb2cb0 is in do_fine_calibration (hp4200.c:1366).
Download failed: Invalid argument.  Continuing without source file 
./backend/hp4200.c.

1361hp4200.c: No such file or directory.
(gdb) q
---

I applied this patch to libsane1 and then the bug was gone and scanning 
was working again:

https://gitlab.com/sane-project/backends/-/commit/acc5ca499f67ed1c8c42242fcf87358e7968e71d

Hauke

Bug#988278: [pre-approval] unblock: libgetdata/0.10.0-10

[Sebastian Ramacher]

Control: tags -1 moreinfo

On 2021-05-09 14:41:18, Anton Gladky wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Dear release team,
> 
> this is the pre-approval request for libgetdata/0.10.0-10
> 
> It fixes CVE-2021-20204 (#988239). It is not a release critical bug,
> but security issue. Diff is attached.
> 
> Thanks
> 
> unblock libgetdata/0.10.0-10
> 

> diff --git a/debian/changelog b/debian/changelog
> index 2c30a9c..514058c 100644
> --- a/debian/changelog
> +++ b/debian/changelog
> @@ -1,3 +1,10 @@
> +libgetdata (0.10.0-10) unstable; urgency=medium
> +
> +  * Team upload.
> +  * [4ee5ad0] Fix CVE-2021-20204. (Closes: #988239)
> +
> + -- Anton Gladky   Sun, 09 May 2021 14:27:38 +0200
> +
>  libgetdata (0.10.0-9) unstable; urgency=medium
>  
>* Fix FTBFFS on binary-all build (missing file). Closes: #966522
> diff --git a/debian/patches/CVE-2021-20204.patch 
> b/debian/patches/CVE-2021-20204.patch
> new file mode 100644
> index 000..08bb876
> --- /dev/null
> +++ b/debian/patches/CVE-2021-20204.patch
> @@ -0,0 +1,18 @@
> +Description: Raise error if returned first_raw in _GD_ParseFieldSpec is NULL
> +  Fix for CVE-2021-20204
> +Author: Anton Gladky 
> +Bug-Debian: https://bugs.debian.org/988239 
> +Last-Update: 2021-05-09
> +
> +--- libgetdata-0.10.0.orig/src/parse.c
>  libgetdata-0.10.0/src/parse.c
> +@@ -2504,6 +2504,9 @@ char *_GD_ParseFragment(FILE *restrict f
> + if (D->error == GD_E_OK && !match)
> +   first_raw = _GD_ParseFieldSpec(D, p, n_cols, in_cols, 
> strlen(in_cols[0]),
> +   NULL, me, 0, 1, , tok_pos);
> ++  if (first_raw == NULL) {
> ++_GD_SetError(D, GD_E_BAD_DIRFILE, GD_E_ENTRY_TYPE, NULL, 0, NULL);
> ++  }

Is it intentional that newly addeded if is evaluated in any case or is
this patch missing curly brackets for the body of "if (D->error =
GD_E_OK && !match)"?

Cheers

> + 
> + if (D->error == GD_E_FORMAT) {
> +   /* call the callback for this error */
> diff --git a/debian/patches/series b/debian/patches/series
> index 24c0911..cc09615 100644
> --- a/debian/patches/series
> +++ b/debian/patches/series
> @@ -1 +1,2 @@
>  #python3.patch
> +CVE-2021-20204.patch


-- 
Sebastian Ramacher

Bug#988296: [pre-approval] unblock: linbox/1.6.3-3

[Sebastian Ramacher]

Control: tags -1 moreinfo confirmed

On 2021-05-09 18:25:23, Doug Torrance wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> X-Debbugs-Cc: dtorra...@piedmont.edu, debian-scie...@lists.debian.org, 
> 987...@bugs.debian.org
> 
> Please unblock package linbox
> 
> [ Reason ]
> linbox is scheduled to be removed from testing on June 15 due to RC bug 
> #987921.  The package FTBFS on i386 when compiling with gcc 10 due to an 
> ambiguous overload error.  A fix has been proposed upstream 
> (https://github.com/linbox-team/linbox/pull/274) and a patch has been written 
> for the Debian package 
> (https://salsa.debian.org/science-team/linbox/-/commit/f630fb1).  It should 
> arrive in unstable soon, pending review and sponsorship.

The new version is a targeted fix for an RC bug and is inline with the
freeze policy. There is no for a pre-approval. Please go ahead and
remove the moreinfo tag once the new version is available in unstable.

Cheers

> 
> [ Impact ]
> The change between the version of the package currently in testing and the 
> proposed version is minimal (one patch affecting two lines of code) and also 
> prevents FTBFS on i386.
> 
> [ Tests ]
> The affected code is covered in test-qlub from the upstream test suite, which 
> is run during build.
> 
> [ Risks ]
> Minimal risk -- patch is trivial.
> 
> [ Checklist ]
>   [x] all changes are documented in the d/changelog
>   [x] I reviewed all changes and I approve them
>   [x] attach debdiff against the package in testing
> 
> [ Other info ]
> Thank you!
> 
> unblock linbox/1.6.3-3

> diff -Nru linbox-1.6.3/debian/changelog linbox-1.6.3/debian/changelog
> --- linbox-1.6.3/debian/changelog 2020-02-01 15:09:26.0 -0500
> +++ linbox-1.6.3/debian/changelog 2021-05-09 12:28:04.0 -0400
> @@ -1,3 +1,11 @@
> +linbox (1.6.3-3) unstable; urgency=medium
> +
> +  * debian/patches/iterator-difference-type.patch
> +- New patch; use std::ptrdiff_t for vector iterator difference
> +  type (Closes: #987921).
> +
> + -- Doug Torrance   Sun, 09 May 2021 12:28:04 -0400
> +
>  linbox (1.6.3-2) unstable; urgency=medium
>  
>* Team upload.
> diff -Nru linbox-1.6.3/debian/patches/iterator-difference-type.patch 
> linbox-1.6.3/debian/patches/iterator-difference-type.patch
> --- linbox-1.6.3/debian/patches/iterator-difference-type.patch
> 1969-12-31 19:00:00.0 -0500
> +++ linbox-1.6.3/debian/patches/iterator-difference-type.patch
> 2021-05-09 12:26:48.0 -0400
> @@ -0,0 +1,27 @@
> +Description: Use std::ptrdiff_t for vector iterator difference type
> +Bug: https://github.com/linbox-team/linbox/issues/273
> +Bug-Debian: https://bugs.debian.org/987921
> +Origin: https://github.com/linbox-team/linbox/pull/274
> +Author: Doug Torrance 
> +Last-Update: 2021-05-09
> +
> +--- a/linbox/vector/bit-vector.inl
>  b/linbox/vector/bit-vector.inl
> +@@ -46,7 +46,7 @@
> + typedef LinBox::BitVector::reference reference;
> + typedef bool *pointer;
> + typedef bool value_type;
> +-typedef long difference_type;
> ++typedef std::ptrdiff_t difference_type;
> + };
> + 
> + template <>
> +@@ -56,7 +56,7 @@
> + typedef LinBox::BitVector::const_reference reference;
> + typedef const bool *pointer;
> + typedef bool value_type;
> +-typedef long difference_type;
> ++typedef std::ptrdiff_t difference_type;
> + };
> + }
> + 
> diff -Nru linbox-1.6.3/debian/patches/series 
> linbox-1.6.3/debian/patches/series
> --- linbox-1.6.3/debian/patches/series2020-02-01 15:06:40.0 
> -0500
> +++ linbox-1.6.3/debian/patches/series2021-05-09 12:24:55.0 
> -0400
> @@ -4,3 +4,4 @@
>  fix-RR-RecCounter.patch
>  pkgconfig.patch
>  replace-dangerous-pointer-casts-with-memcpy.patch
> +iterator-difference-type.patch


-- 
Sebastian Ramacher

Bug#902330: timidity: same for upgrade to 2.14.0-8

[nbi]

Package: timidity
Version: 2.14.0-8
Followup-For: Bug #902330

Timidity breaks pulseaudio's built-in Analog stereo device AD1989B (Intel HDA) 
by blocking
pulseaudio's device access so that the built-in device is not seen by 
pulseaudio. It does
so without any warning to the user. As pulseaudio is the common audio 
foundation of many
linux systems any new package installation (or upgrade) that has the potential 
to disrupt
an existing pulseaudio installation should result in a clear blocking warning 
to the user.
This problem can be remedied by killing the timidity daemon and uninstalling 
the timidity
package - that however should not be neccessary as it should not have been 
installed in
the first place. Even for a veteran of linux audio problems like myself it took 
some time
to pin down the root cause of the pulseaudio problem. I'm not suggesting a 
technical fix
or policy fix, but it's clear that installation of a new package should not 
break the
proper functioning of an already installed high profile package like pulseaudio.


-- System Information:
Debian Release: bullseye/sid
  APT prefers testing-security
  APT policy: (500, 'testing-security'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.6.14 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_WARN, TAINT_OOT_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages timidity depends on:
ii  libao41.2.2+20180113-1.1
ii  libasound21.2.4-1.1
ii  libc6 2.31-11
ii  libflac8  1.3.3-2
ii  libice6   2:1.0.10-1
ii  libjack-jackd2-0 [libjack-0.125]  1.9.17~dfsg-1
ii  libncurses6   6.2+20201114-2
ii  libogg0   1.3.4-0.1
ii  libpng16-16   1.6.37-3
ii  libsm62:1.2.3-1
ii  libspeex1 1.2~rc1.2-1.1
ii  libtinfo6 6.2+20201114-2
ii  libvorbis0a   1.3.7-1
ii  libvorbisenc2 1.3.7-1
ii  libx11-6  2:1.7.0-2
ii  libxaw7   2:1.0.13-1.1
ii  libxext6  2:1.3.3-1.1
ii  libxmu6   2:1.1.2-2+b3
ii  libxt61:1.2.0-1
ii  lsb-base  11.1.0
ii  zlib1g1:1.2.11.dfsg-2

Versions of packages timidity recommends:
ii  fluid-soundfont-gm  3.1-5.2

Versions of packages timidity suggests:
pn  fluid-soundfont-gs  
ii  freepats20060219-3
pn  pmidi   
pn  timidity-daemon 

Bug#988329: RFS: usbredir/0.9.0-1 -- Simple USB host TCP server

[LQi254]

Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for the orphaned package "usbredir":

 * Package name: usbredir
   Version : 0.9.0-1
   Upstream Author : Victor Toso 
 * URL : http://www.spice-space.org/
 * License : LGPL-2.1+, GPL-2+
 * Vcs : https://salsa.debian.org/debian/usbredir
   Section : libs

It builds those binary packages:

  libusbredirhost1 - Implementing the usb-host (*) side of a usbredir 
connection (runtime)
  libusbredirhost-dev - implementing the usb-host (*) side of a usbredir 
connection (development)
  libusbredirparser1 - Parser for the usbredir protocol (runtime)
  libusbredirparser-dev - Parser for the usbredir protocol (development)
  usbredirserver - Simple USB host TCP server

To access further information about this package, please visit the following 
URL:

  https://mentors.debian.net/package/usbredir/

Alternatively, one can download the package with dget using this command:

  dget -x 
https://mentors.debian.net/debian/pool/main/u/usbredir/usbredir_0.9.0-1.dsc

Changes since the last upload:

 usbredir (0.9.0-1) unstable; urgency=medium
 .
   * New upstream version 0.9.0
   * Updated docs from text to markdown
   * debian/watch: Use tagged git releases and check gittag in pgp mode
   * debian/upstream/signing-key.asc: Added upstream signing key

This is my first package and I am very excited!

Regards,
--
  Lin Qigang

Lin Qigang 
GPG Fingerprint:  8CAD 1250 8EE0 3A41 7223  03EC 7096 F91E D75D 028F


signature.asc
Description: OpenPGP digital signature

Bug#988325: unblock: htmldoc/1.9.11-3

[Sebastian Ramacher]

Control: tags -1 confirmed moreinfo

On 2021-05-10 16:53:54, Håvard Flaget Aasen wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> X-Debbugs-Cc: haavard_aa...@yahoo.no
> 
> Please unblock package htmldoc

Please go ahead and remove the moreinfo tag once the new version is
available in unstable.

Cheers

> 
> The bug #984765 [0] is only of severity normal, but it got a CVE number some 
> days
> ago, it has been deemed unimportant by the security team.
> 
> The patch is cherry-picked from upstream.
> 
> [ Reason ]
> buffer-overflow caused by integer-overflow in image_load_gif(), which is
> CVE-2021-20308 [1]
> 
> [ Impact ]
> Probably quite small.
> 
> [ Tests ]
> None.
> 
> [ Risks ]
> Small risk.
> 
> [ Checklist ]
>   [x] all changes are documented in the d/changelog
>   [x] I reviewed all changes and I approve them
>   [x] attach debdiff against the package in testing
> 
> unblock htmldoc/1.9.11-3
> 
> Regards,
> Håvard
> 
> [0] https://bugs.debian.org/#984765
> [1] https://security-tracker.debian.org/tracker/CVE-2021-20308

> diff -Nru htmldoc-1.9.11/debian/changelog htmldoc-1.9.11/debian/changelog
> --- htmldoc-1.9.11/debian/changelog   2021-02-08 15:46:44.0 +0100
> +++ htmldoc-1.9.11/debian/changelog   2021-05-10 16:10:41.0 +0200
> @@ -1,3 +1,10 @@
> +htmldoc (1.9.11-3) unstable; urgency=medium
> +
> +  * Add patch to mitigate buffer-overflow caused by integer-overflow in
> +image_load_gif() Closes: 984765 and fixes CVE-2021-20308
> +
> + -- Håvard Flaget Aasen   Mon, 10 May 2021 16:10:41 
> +0200
> +
>  htmldoc (1.9.11-2) unstable; urgency=medium
>  
>* Update build-dependency to libfltk1.3-dev Closes: #982276
> diff -Nru 
> htmldoc-1.9.11/debian/patches/Fix-crash-bug-with-bad-GIFs-Issue-423.patch 
> htmldoc-1.9.11/debian/patches/Fix-crash-bug-with-bad-GIFs-Issue-423.patch
> --- htmldoc-1.9.11/debian/patches/Fix-crash-bug-with-bad-GIFs-Issue-423.patch 
> 1970-01-01 01:00:00.0 +0100
> +++ htmldoc-1.9.11/debian/patches/Fix-crash-bug-with-bad-GIFs-Issue-423.patch 
> 2021-05-10 16:10:41.0 +0200
> @@ -0,0 +1,27 @@
> +From: Michael R Sweet 
> +Date: Wed, 31 Mar 2021 20:18:00 -0400
> +Subject: Fix crash bug with bad GIFs (Issue #423)
> +
> +CVE-2021-20308
> +
> +Origin: upstream, 
> https://github.com/michaelrsweet/htmldoc/commit/6a8322a718b2ba5c440bd33e6f26d9e281c39654
> +Bug: https://github.com/michaelrsweet/htmldoc/issues/423
> +Bug-Debian: https://bugs.debian.org/#984765
> +---
> + htmldoc/image.cxx | 3 +++
> + 1 file changed, 3 insertions(+)
> +
> +diff --git a/htmldoc/image.cxx b/htmldoc/image.cxx
> +index 68d6b92..8f53050 100644
> +--- a/htmldoc/image.cxx
>  b/htmldoc/image.cxx
> +@@ -1245,6 +1245,9 @@ image_load_gif(image_t *img,   /* I - Image pointer */
> +   img->height = (buf[9] << 8) | buf[8];
> +   ncolors = 2 << (buf[10] & 0x07);
> + 
> ++  if (img->width <= 0 || img->width > 32767 || img->height <= 0 || 
> img->height > 32767)
> ++return (-1);
> ++
> +   // If we are writing an encrypted PDF file, bump the use count so we 
> create
> +   // an image object (Acrobat 6 bug workaround)
> +   if (Encryption)
> diff -Nru htmldoc-1.9.11/debian/patches/series 
> htmldoc-1.9.11/debian/patches/series
> --- htmldoc-1.9.11/debian/patches/series  2021-02-08 14:38:12.0 
> +0100
> +++ htmldoc-1.9.11/debian/patches/series  2021-05-10 16:10:41.0 
> +0200
> @@ -5,3 +5,4 @@
>  autoheader_support.patch
>  disable_libz.patch
>  remove-os-check.patch
> +Fix-crash-bug-with-bad-GIFs-Issue-423.patch


-- 
Sebastian Ramacher

Bug#988332: [pre-approval] unblock: cyrus-imapd/3.2.6-2

[Sebastian Ramacher]

Control: tags -1 moreinfo confirmed

On 2021-05-10 19:30:17, Yadd wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> X-Debbugs-Cc: secur...@debian.org
> 
> Please unblock package cyrus-imapd

Please go ahead with the upload and remove the moreinfo tag once the
package is available in unstable.

> 
> [ Reason ]
> Cyrus-Imapd is vulnerable to CVE-2021-32056: it allows remote authenticated
> users to bypass intended access restrictions on server annotations and
> consequently cause replication to stall.
> 
> [ Impact ]
> Security issue (not yet tagged by Security Team
> 
> [ Tests ]
> No changes in test
> 
> [ Risks ]
> Patch seems trivial, just a better permission check
> 
> [ Checklist ]
>   [X] all changes are documented in the d/changelog
>   [X] I reviewed all changes and I approve them
>   [X] attach debdiff against the package in testing
> 
> Cheers,
> Yadd (from hospital ;-))

Get well soon

Cheers

> 
> unblock cyrus-imapd/3.2.6-2

> diff --git a/debian/changelog b/debian/changelog
> index bc383a9c..150929df 100644
> --- a/debian/changelog
> +++ b/debian/changelog
> @@ -1,3 +1,10 @@
> +cyrus-imapd (3.2.6-2) unstable; urgency=medium
> +
> +  * Update gbp.conf for Bullseye branch
> +  * annotate: don't allow everyone to write shared server entries (Closes: 
> CVE-2021-32056)
> +
> + -- Yadd   Mon, 10 May 2021 19:24:53 +0200
> +
>  cyrus-imapd (3.2.6-1) unstable; urgency=medium
>  
>* New upstream version 3.2.6
> diff --git a/debian/gbp.conf b/debian/gbp.conf
> index c747fcb7..ee87ac45 100644
> --- a/debian/gbp.conf
> +++ b/debian/gbp.conf
> @@ -1,7 +1,7 @@
>  [DEFAULT]
> -debian-branch = master
> +debian-branch = bullseye
>  debian-tag = debian/%(version)s
> -upstream-branch = upstream
> +upstream-branch = upstream-bullseye
>  upstream-tag = upstream/%(version)s
>  pristine-tar = True
>  
> diff --git a/debian/patches/CVE-2021-32056.patch 
> b/debian/patches/CVE-2021-32056.patch
> new file mode 100644
> index ..9a50abe1
> --- /dev/null
> +++ b/debian/patches/CVE-2021-32056.patch
> @@ -0,0 +1,50 @@
> +Description: annotate: don't allow everyone to write shared server entries
> +Author: Bron Gondwana 
> +Origin: upstream, https://github.com/cyrusimap/cyrus-imapd/commit/621f9e41
> +Bug: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32056
> +Forwarded: not-needed
> +Reviewed-By: Yadd 
> +Last-Update: 2021-05-10
> +
> +--- a/imap/annotate.c
>  b/imap/annotate.c
> +@@ -2788,15 +2788,20 @@
> + 
> + keylen = make_key(mboxname, uid, entry, userid, key, sizeof(key));
> + 
> +-if (mailbox) {
> +-struct annotate_metadata oldmdata;
> +-r = read_old_value(d, key, keylen, , );
> +-if (r) goto out;
> ++struct annotate_metadata oldmdata;
> ++r = read_old_value(d, key, keylen, , );
> ++if (r) goto out;
> ++
> ++/* if the value is identical, don't touch the mailbox */
> ++if (oldval.len == value->len && (!value->len || !memcmp(oldval.s, 
> value->s, value->len)))
> ++goto out;
> + 
> +-/* if the value is identical, don't touch the mailbox */
> +-if (oldval.len == value->len && (!value->len || !memcmp(oldval.s, 
> value->s, value->len)))
> +-goto out;
> ++if (!maywrite) {
> ++r = IMAP_PERMISSION_DENIED;
> ++if (r) goto out;
> ++}
> + 
> ++if (mailbox) {
> + if (!ignorequota) {
> + quota_t qdiffs[QUOTA_NUMRESOURCES] = 
> QUOTA_DIFFS_DONTCARE_INITIALIZER;
> + qdiffs[QUOTA_ANNOTSTORAGE] = value->len - (quota_t)oldval.len;
> +@@ -2804,11 +2809,6 @@
> + if (r) goto out;
> + }
> + 
> +-if (!maywrite) {
> +-r = IMAP_PERMISSION_DENIED;
> +-if (r) goto out;
> +-}
> +-
> + /* do the annot-changed here before altering the DB */
> + mailbox_annot_changed(mailbox, uid, entry, userid, , value, 
> silent);
> + 
> diff --git a/debian/patches/series b/debian/patches/series
> index 3fab10aa..27fc0ec9 100644
> --- a/debian/patches/series
> +++ b/debian/patches/series
> @@ -7,3 +7,4 @@
>  0011-Fix-extra-libpci-in-SNMP_LIBS.patch
>  0012-Use-UnicodeData.txt-from-system.patch
>  0018-increase-test-timeout.patch
> +CVE-2021-32056.patch


-- 
Sebastian Ramacher

Bug#988072: release.debian.org: unblick (pre-approval): hivex/1.3.20-1

[Sebastian Ramacher]

Control: tags -1 moreinfo

On 2021-05-10 21:33:18, Salvatore Bonaccorso wrote:
> Hi Release Team,
> 
> On Wed, May 05, 2021 at 12:37:20AM +0200, Hilko Bengen wrote:
> > Package: release.debian.org
> > Severity: normal
> > User: release.debian@packages.debian.org
> > Usertags: unblock
> > X-Debbugs-Cc: none, Hilko Bengen 
> > 
> > Dear release team,
> > 
> > I'd like to upload hivex to 1.3.20-1 to which fixes CVE-2021-3504 /
> > Debian bug #988024. Please unblock.
> > 
> > The security fix consists of a patch to lib/handle.c and is described in
> > upstream git history:
> > 
> > ,
> > | commit 8f1935733b10d974a1a4176d38dd151ed98cf381
> > | Author: Richard W.M. Jones 
> > | Date:   Thu Apr 15 15:50:13 2021 +0100
> > | 
> > | lib/handle.c: Bounds check for block exceeding page length 
> > (CVE-2021-3504)
> > | 
> > | Hives are encoded as fixed-sized pages containing smaller variable-
> > | length blocks:
> > | 
> > |   +---+---+---+--
> > |   | header|[ blk ][blk][ blk ]|[blk][blk][blk]|
> > |   +---+---+---+--
> > | 
> > | Blocks should not straddle a page boundary.  However because blocks
> > | contain a 32 bit length field it is possible to construct an invalid
> > | hive where the last block in a page overlaps either the next page or
> > | the end of the file:
> > | 
> > |   +---+---+
> > |   | header|[ blk ][blk][ blk . ]
> > |   +---+---+
> > | 
> > | Hivex lacked a bounds check and would process the registry.  Because
> > | the rest of the code assumes this situation can never happen it was
> > | possible to have a block containing some field (eg. a registry key
> > | name) which would extend beyond the end of the file.  Hivex mmaps or
> > | mallocs the file, causing hivex to read memory beyond the end of the
> > | mapped region, resulting in reading other memory structures or a
> > | crash.  (Writing beyond the end of the mapped region seems to be
> > | impossible because we always allocate a new page before writing.)
> > | 
> > | This commit adds a check which rejects the malformed registry on
> > | hivex_open.
> > | 
> > | Credit: Jeremy Galindo, Sr Security Engineer, Datto.com
> > | Signed-off-by: Richard W.M. Jones 
> > | Fixes: CVE-2021-3504
> > | Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1949687
> > `
> > 
> > The debdiff (see attachments) is not minimal; apart from the security
> > fix there's only the following functional fix (lib/hivex-internal.h)):
> >  
> > ,
> > | commit 35ebe62bef0c801fab8956fd36a131ad497a5cea
> > | Author: Matt Coleman 
> > | Date:   Thu Aug 13 15:48:16 2020 -0400
> > | 
> > | Increase HIVEX_MAX_VALUES
> > | 
> > | Due to unintended interaction between Windows and VMWare's snapshot
> > | functionality, HKLM\SYSTEM\MountedDevices can end up with more than
> > | 55,000 values.
> > `
> > 
> > The rest of the patch is made up of an update to the included gnulib
> > sources, localization updates, fuzzing instructions, and regenerated
> > Autotools build scripts.
> > 
> > There are no changes to the Debian packageing.
> 
> For buster DSA 4913-1 was released to fix this issue, so ideally this
> fix is present as well on bullseye. Does the debdiff look ok to you
> for inclusion based on rebasing to 1.3.20-1.

The bug report didn't make it to the list which is a good sign that the
debdiff is too big. Please provide a filtered debdiff without the
gnulib, auto*, etc. noise.

Cheers
-- 
Sebastian Ramacher

Bug#988072: release.debian.org: unblick (pre-approval): hivex/1.3.20-1

[Salvatore Bonaccorso]

Hi Release Team,

On Wed, May 05, 2021 at 12:37:20AM +0200, Hilko Bengen wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> X-Debbugs-Cc: none, Hilko Bengen 
> 
> Dear release team,
> 
> I'd like to upload hivex to 1.3.20-1 to which fixes CVE-2021-3504 /
> Debian bug #988024. Please unblock.
> 
> The security fix consists of a patch to lib/handle.c and is described in
> upstream git history:
> 
> ,
> | commit 8f1935733b10d974a1a4176d38dd151ed98cf381
> | Author: Richard W.M. Jones 
> | Date:   Thu Apr 15 15:50:13 2021 +0100
> | 
> | lib/handle.c: Bounds check for block exceeding page length 
> (CVE-2021-3504)
> | 
> | Hives are encoded as fixed-sized pages containing smaller variable-
> | length blocks:
> | 
> |   +---+---+---+--
> |   | header|[ blk ][blk][ blk ]|[blk][blk][blk]|
> |   +---+---+---+--
> | 
> | Blocks should not straddle a page boundary.  However because blocks
> | contain a 32 bit length field it is possible to construct an invalid
> | hive where the last block in a page overlaps either the next page or
> | the end of the file:
> | 
> |   +---+---+
> |   | header|[ blk ][blk][ blk . ]
> |   +---+---+
> | 
> | Hivex lacked a bounds check and would process the registry.  Because
> | the rest of the code assumes this situation can never happen it was
> | possible to have a block containing some field (eg. a registry key
> | name) which would extend beyond the end of the file.  Hivex mmaps or
> | mallocs the file, causing hivex to read memory beyond the end of the
> | mapped region, resulting in reading other memory structures or a
> | crash.  (Writing beyond the end of the mapped region seems to be
> | impossible because we always allocate a new page before writing.)
> | 
> | This commit adds a check which rejects the malformed registry on
> | hivex_open.
> | 
> | Credit: Jeremy Galindo, Sr Security Engineer, Datto.com
> | Signed-off-by: Richard W.M. Jones 
> | Fixes: CVE-2021-3504
> | Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1949687
> `
> 
> The debdiff (see attachments) is not minimal; apart from the security
> fix there's only the following functional fix (lib/hivex-internal.h)):
>  
> ,
> | commit 35ebe62bef0c801fab8956fd36a131ad497a5cea
> | Author: Matt Coleman 
> | Date:   Thu Aug 13 15:48:16 2020 -0400
> | 
> | Increase HIVEX_MAX_VALUES
> | 
> | Due to unintended interaction between Windows and VMWare's snapshot
> | functionality, HKLM\SYSTEM\MountedDevices can end up with more than
> | 55,000 values.
> `
> 
> The rest of the patch is made up of an update to the included gnulib
> sources, localization updates, fuzzing instructions, and regenerated
> Autotools build scripts.
> 
> There are no changes to the Debian packageing.

For buster DSA 4913-1 was released to fix this issue, so ideally this
fix is present as well on bullseye. Does the debdiff look ok to you
for inclusion based on rebasing to 1.3.20-1.

Regards,
Salvatore

Bug#988342: python-eventlet: CVE-2021-21419

[Salvatore Bonaccorso]

Source: python-eventlet
Version: 0.26.1-6
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 
Control: found -1 0.20.0-6

Hi,

The following vulnerability was published for python-eventlet.

CVE-2021-21419[0]:
| Eventlet is a concurrent networking library for Python. A websocket
| peer may exhaust memory on Eventlet side by sending very large
| websocket frames. Malicious peer may exhaust memory on Eventlet side
| by sending highly compressed data frame. A patch in version 0.31.0
| restricts websocket frame to reasonable limits. As a workaround,
| restricting memory usage via OS limits would help against overall
| machine exhaustion, but there is no workaround to protect Eventlet
| process.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-21419
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21419
[1] https://github.com/eventlet/eventlet/security/advisories/GHSA-9p9m-jm8w-94p2
[2] 
https://github.com/eventlet/eventlet/commit/1412f5e4125b4313f815778a1acb4d3336efcd07

Regards,
Salvatore

Bug#988341: unblock: nis/4.3

[Francesco P. Lovergine]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package nis

[ Reason ]

Fixes serious bug #988227 (bashism in postinst).

[ Impact ]

Upgrade not smoothly done from stable.

[ Tests ]

No autopkg test. Manually tested with dash.

[ Risks ]

None.

[ Checklist ]
   [x] all changes are documented in the d/changelog
   [x] I reviewed all changes and I approve them
   [x] attach debdiff against the package in testing

[ Other info ]

Native migration package only.

unblock nis/4.3

-- 
Francesco P. Lovergine
diff -Nru nis-4.2/debian/changelog nis-4.3/debian/changelog
--- nis-4.2/debian/changelog	2021-01-31 10:22:32.0 +0100
+++ nis-4.3/debian/changelog	2021-05-08 17:19:24.0 +0200
@@ -1,3 +1,10 @@
+nis (4.3) unstable; urgency=medium
+
+  * Fixed a sort-of bashism in postinst.
+(closes: #988227)
+
+ -- Francesco Paolo Lovergine   Sat, 08 May 2021 17:19:24 +0200
+
 nis (4.2) unstable; urgency=medium
 
   * Missed removing of /etc/init.d/nis at upgrade time added.
diff -Nru nis-4.2/debian/postinst nis-4.3/debian/postinst
--- nis-4.2/debian/postinst	2021-01-31 10:22:32.0 +0100
+++ nis-4.3/debian/postinst	2021-05-08 17:19:24.0 +0200
@@ -73,10 +73,13 @@
 case "$1" in
 configure)
 PREV_VER="$2"
-		if [ ! -z "$PREV_VER" -a $(dpkg --compare-versions "$PREV_VER" lt '4~'; echo $?) -eq 0 ]
-then
-upgrade_old
-fi
+		if [ ! -z "$PREV_VER" ]
+		then
+			if dpkg --compare-versions "$PREV_VER" lt '4~'
+	then
+	upgrade_old
+	fi
+		fi
 	  	rm -f /etc/init.d/nis
 ;;
 *)

Bug#987353: CVE-2020-8903 CVE-2020-8907 CVE-2020-8933

[Noah Meyerhans]

On Mon, May 10, 2021 at 09:00:34PM +0200, Moritz Mühlenhoff wrote:
> > Hi, since this package was brought into Debian in ~2018, there have been
> > several transformations in the GCE guest software stack and thus the
> > current landscape is very different. Google doesn't actually maintain the
> > official Debian package and we're not sure who is, if anyone. The Google
> > provided packages are shipped separately and will override the Debian
> > package if you use them from our repositories. Please see either our Google
> > Cloud docs 
> > or github readme
> >  for info on
> > the packages we are maintaining and shipping for Debian systems and on the
> > base Google provided GCE Debian images. Unfortunately, we never did find a
> > DD sponsor to help maintain our guest packages in Debian on the cadence
> > that we needed. I would advocate for removing this package from Debian if
> > we can't find a set of maintainers.
> 
> Hi Zach,
> as it stands google-compute-image-packages won't be part of the next Debian
> stable release. Givem the last upload was in Oct 2019 the package seems
> unmaintained anyway, so if noone steps up to maintain it in the next months
> it's probably best to remove it entirely.

If we ever want to get to a point where the Debian cloud team is able to
publish useful images to the Google cloud service, we'll need to get
this package into shape for inclusion in a stable release.  The lack of
good maintenance of packages such as this one is a big factor in us not
being able to do so.  The package is nominally maintained by the cloud
team, but none of the current members is active in working with it.

As there seems to be interest within some members of the Debian
community in having Debian-published images available for GCE, we should
try to solicit help with package maintenance before we kick it out for
good.

noah



signature.asc
Description: PGP signature

Bug#988340: unblock: node-got/11.8.1+~cs53.13.17-2

[Yadd]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package node-got

Due to pkg-js-tools bug, some node-got submodule ar broken due to
missing package.json.

[ Reason ]
Some node-got features are broken (see #988194)

[ Impact ]
Part of node-got is unusable

[ Tests ]
No changes in test, this is just a rebuild

[ Risks ]
No risk but it requires pkg-js-tools unblock

[ Checklist ]
  [X] all changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in testing

[ Other ]
Patch includes debian/watch update due to GitHub changes

Cheers,
Yadd (from hospital)

unblock node-got/11.8.1+~cs53.13.17-2
diff --git a/debian/changelog b/debian/changelog
index b70fffc..c1ca5b3 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+node-got (11.8.1+~cs53.13.17-2) unstable; urgency=medium
+
+  * Team upload
+  * Fix GitHub tags regex
+  * Rebuild using pkg-js-tools ≥ 0.9.65 (Closes: #988334)
+
+ -- Yadd   Mon, 10 May 2021 20:06:44 +0200
+
 node-got (11.8.1+~cs53.13.17-1) unstable; urgency=medium
 
   * Team upload
diff --git a/debian/control b/debian/control
index 0b42ce9..9ac53ed 100644
--- a/debian/control
+++ b/debian/control
@@ -4,7 +4,7 @@ Priority: optional
 Maintainer: Debian Javascript Maintainers 

 Uploaders: Pirate Praveen 
 Build-Depends: debhelper-compat (= 13)
- , dh-sequence-nodejs
+ , dh-sequence-nodejs (>= 0.9.65~)
  , node-decompress-response
  , node-get-stream
  , node-json-buffer
diff --git a/debian/copyright b/debian/copyright
index 5c7586f..589318f 100644
--- a/debian/copyright
+++ b/debian/copyright
@@ -55,7 +55,7 @@ License: Expat
 
 Files: debian/*
 Copyright: 2017 Pirate Praveen 
- 2020 Xavier Guimard 
+ 2020 Yadd 
 License: Expat
 
 Files: debian/build_modules/*
diff --git a/debian/watch b/debian/watch
index cab480d..72f98c0 100644
--- a/debian/watch
+++ b/debian/watch
@@ -2,21 +2,21 @@ version=4
 opts=\
 dversionmangle=auto,\
 filenamemangle=s/.*\/v?([\d\.-]+)\.tar\.gz/node-got-$1.tar.gz/ \
- https://github.com/sindresorhus/got/tags .*/archive/v?([\d\.]+).tar.gz group
+ https://github.com/sindresorhus/got/tags .*/archive/.*/v?([\d\.]+).tar.gz 
group
 
 opts=\
 ctype=nodejs,\
 component=cacheable-lookup,\
 dversionmangle=auto,\
 filenamemangle=s/.*\/v?([\d\.-]+)\.tar\.gz/node-cacheable-lookup-$1.tar.gz/ \
- https://github.com/szmarczak/cacheable-lookup/tags 
.*/archive/v?([\d\.]+).tar.gz checksum
+ https://github.com/szmarczak/cacheable-lookup/tags 
.*/archive/.*/v?([\d\.]+).tar.gz checksum
 
 opts=\
 ctype=nodejs,\
 component=cacheable-request,\
 dversionmangle=auto,\
 filenamemangle=s/.*\/v?([\d\.-]+)\.tar\.gz/node-cacheable-request-$1.tar.gz/ \
- https://github.com/lukechilds/cacheable-request/tags 
.*/archive/v?([\d\.]+).tar.gz checksum
+ https://github.com/lukechilds/cacheable-request/tags 
.*/archive/.*/v?([\d\.]+).tar.gz checksum
 
 # It is not recommended use npmregistry. Please investigate more.
 # Take a look at https://wiki.debian.org/debian/watch/
@@ -28,21 +28,21 @@ ctype=nodejs,\
 component=clone-response,\
 dversionmangle=auto,\
 filenamemangle=s/.*\/v?([\d\.-]+)\.tar\.gz/node-clone-response-$1.tar.gz/ \
- https://github.com/lukechilds/clone-response/tags 
.*/archive/v?([\d\.]+).tar.gz checksum
+ https://github.com/lukechilds/clone-response/tags 
.*/archive/.*/v?([\d\.]+).tar.gz checksum
 
 opts=\
 ctype=nodejs,\
 component=defer-to-connect,\
 dversionmangle=auto,\
 filenamemangle=s/.*\/v?([\d\.-]+)\.tar\.gz/node-defer-to-connect-$1.tar.gz/ \
- https://github.com/szmarczak/defer-to-connect/tags 
.*/archive/v?([\d\.]+).tar.gz checksum
+ https://github.com/szmarczak/defer-to-connect/tags 
.*/archive/.*/v?([\d\.]+).tar.gz checksum
 
 opts=\
 ctype=nodejs,\
 component=http-cache-semantics,\
 dversionmangle=auto,\
 
filenamemangle=s/.*\/v?([\d\.-]+)\.tar\.gz/node-http-cache-semantics-$1.tar.gz/ 
\
- https://github.com/kornelski/http-cache-semantics/tags 
.*/archive/v?([\d\.]+).tar.gz checksum
+ https://github.com/kornelski/http-cache-semantics/tags 
.*/archive/.*/v?([\d\.]+).tar.gz checksum
 
 # It is not recommended use npmregistry. Please investigate more.
 # Take a look at https://wiki.debian.org/debian/watch/
@@ -59,7 +59,7 @@ ctype=nodejs,\
 component=keyv,\
 dversionmangle=auto,\
 filenamemangle=s/.*\/v?([\d\.-]+)\.tar\.gz/node-keyv-$1.tar.gz/ \
- https://github.com/lukechilds/keyv/tags .*/archive/v?([\d\.]+).tar.gz checksum
+ https://github.com/lukechilds/keyv/tags .*/archive/.*/v?([\d\.]+).tar.gz 
checksum
 
 # It is not recommended use npmregistry. Please investigate more.
 # Take a look at https://wiki.debian.org/debian/watch/
@@ -71,21 +71,21 @@ ctype=nodejs,\
 component=normalize-url,\
 dversionmangle=auto,\
 filenamemangle=s/.*\/v?([\d\.-]+)\.tar\.gz/node-normalize-url-$1.tar.gz/ \
- https://github.com/sindresorhus/normalize-url/tags 
.*/archive/v?([\d\.]+).tar.gz checksum
+ 

Bug#988327: dovecot-sieve: Request package create /var/lib/dovecot/sieve and /var/lib/dovecot/sieve/sieve.d directories

[Kurt Fitzner]

Package: dovecot-sieve
Version: 1:2.3.13+dfsg1-1
Severity: wishlist

Dear Maintainer,

Background:
Dovecot's sieve plugin allows for server-side mail filtering scripts.  These 
are typically stored on a per-user basis.  It also allows for a server default
script to be run if there are no user scripts for that user, and also both
"before" and "after" directories where a series of scripts will be run before
and after the user script is run.

Debian's dovecot-sieve package does not create the directory where the
server default script lives.  By (ug) default, this location is:
/usr/lib/dovecot/sieve
And the file to be put in that location would be default.sieve and then
compiled.

Debian also does not create the before or after directories.  There is
no default location for them, but the first suggested location for it given in
/etc/dovecot/90-sieve.conf is:
#sieve_before = /var/lib/dovecot/sieve.d

Request:
1) I propose that the dovecot-sieve package create the default directory that
holds default.sieve.

2) I propose a sample default.sieve script be stored in the above directory.
Less as an actual sample, and more as a marker for "this is where it goes"

3) I propose that the first suggested location for the "sieve_before" directory
be changed to be a subdirectory of the above:
#sieve_before = /var/lib/dovecot/sieve/sieve.d

4) I propose a short readme be placed in 3)'s directory.  Again, mostly just
as a marker for "this is where the before scripts go"


Thus the directory structure I propose is:

/var/lib/dovecot/sieve/ 
  ├── default.sieve.sample
  └── sieve.d/
 └── readme.before

I would be happy to provide the files proposed in #2 and #4.

-- Package-specific info:

-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-6-amd64 (SMP w/2 CPU threads)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages dovecot-sieve depends on:
ii  dovecot-core  1:2.3.13+dfsg1-1
ii  libc6 2.31-11
ii  ucf   3.0043

dovecot-sieve recommends no packages.

dovecot-sieve suggests no packages.

Versions of packages dovecot-sieve is related to:
ii  dovecot-core [dovecot-common]  1:2.3.13+dfsg1-1
pn  dovecot-dev
pn  dovecot-gssapi 
ii  dovecot-imapd  1:2.3.13+dfsg1-1
pn  dovecot-ldap   
ii  dovecot-lmtpd  1:2.3.13+dfsg1-1
ii  dovecot-managesieved   1:2.3.13+dfsg1-1
ii  dovecot-mysql  1:2.3.13+dfsg1-1
pn  dovecot-pgsql  
ii  dovecot-pop3d  1:2.3.13+dfsg1-1
ii  dovecot-sieve  1:2.3.13+dfsg1-1
pn  dovecot-sqlite 

-- no debconf information

Bug#988339: unblock: djvulibre/3.5.28-2

[Barak A. Pearlmutter]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package djvulibre

[ Reason ]

Address CVE-2021-3500 and some other potential security issues by
importing Fedora patches.

[ Impact ]

Programs using libdjvulibre to handle .djvu files will remain
vulnerable to crafted input.

[ Tests ]

n/a

[ Risks ]

All but one of these patches have been in Fedora for quite some time.
The last one is currently in Fedora, but recently. All the patches are
very simple: testing and bailing when various error conditions pop up,
like a memory allocation failure or page sizes that cause overflow.

[ Checklist ]
  [X] all changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in testing

unblock djvulibre/3.5.28-2



diff -Nru djvulibre-3.5.28/debian/changelog djvulibre-3.5.28/debian/changelog
--- djvulibre-3.5.28/debian/changelog   2020-11-23 13:10:15.0 +
+++ djvulibre-3.5.28/debian/changelog   2021-05-10 18:56:59.0 +0100
@@ -1,3 +1,26 @@
+djvulibre (3.5.28-2) unstable; urgency=high
+
+  * bump policy version
+  * Include Fedora 3.5.27 patches, foward ported, taken from djvulibre.spec in
+https://src.fedoraproject.org/rpms/djvulibre.git
+- Patch0: djvulibre-3.5.22-cdefs.patch(forward ported)
+- #Patch1: djvulibre-3.5.25.3-cflags.patch  (disabled in 
Fedora)
+- Patch2: djvulibre-3.5.27-buffer-overflow.patch(UPSTREAMED)
+- Patch3: djvulibre-3.5.27-infinite-loop.patch  (UPSTREAMED)
+- Patch4: djvulibre-3.5.27-stack-overflow.patch (UPSTREAMED)
+- Patch5: djvulibre-3.5.27-zero-bytes-check.patch   (UPSTREAMED)
+- Patch6: djvulibre-3.5.27-export-file.patch  (forward ported)
+- Patch7: djvulibre-3.5.27-null-dereference.patch   (UPSTREAMED)
+- Patch8: djvulibre-3.5.27-check-image-size.patch (forward ported)
+- Patch9: djvulibre-3.5.27-integer-overflow.patch (forward ported)
+- Patch10: djvulibre-3.5.27-check-input-pool.patch(forward ported)
+- Patch11: djvulibre-3.5.27-djvuport-stack-overflow.patch (forward ported)
+- Patch12: djvulibre-3.5.27-unsigned-short-overflow.patch (forward ported)
+These address a number of crashes and security issues, including
+CVE-2021-3500 (closes: #988215)
+
+ -- Barak A. Pearlmutter   Mon, 10 May 2021 18:56:59 +0100
+
 djvulibre (3.5.28-1) unstable; urgency=medium
 
   [ Leon Bottou ]
diff -Nru djvulibre-3.5.28/debian/control djvulibre-3.5.28/debian/control
--- djvulibre-3.5.28/debian/control 2020-11-23 13:10:15.0 +
+++ djvulibre-3.5.28/debian/control 2021-05-10 18:44:15.0 +0100
@@ -11,7 +11,7 @@
 Vcs-Git: https://salsa.debian.org/debian/djvulibre.git
 Vcs-Browser: https://salsa.debian.org/debian/djvulibre
 Homepage: http://djvu.sourceforge.net/
-Standards-Version: 4.5.0
+Standards-Version: 4.5.1
 Rules-Requires-Root: no
 
 Package: libdjvulibre-dev
diff -Nru 
djvulibre-3.5.28/debian/patches/0001-djvulibre-fedora-Patch0-djvulibre-3.5.22-cdefs.patch.patch
 
djvulibre-3.5.28/debian/patches/0001-djvulibre-fedora-Patch0-djvulibre-3.5.22-cdefs.patch.patch
--- 
djvulibre-3.5.28/debian/patches/0001-djvulibre-fedora-Patch0-djvulibre-3.5.22-cdefs.patch.patch
 1970-01-01 01:00:00.0 +0100
+++ 
djvulibre-3.5.28/debian/patches/0001-djvulibre-fedora-Patch0-djvulibre-3.5.22-cdefs.patch.patch
 2021-05-10 18:46:09.0 +0100
@@ -0,0 +1,21 @@
+From: "Barak A. Pearlmutter" 
+Date: Mon, 10 May 2021 15:43:26 +0100
+Subject: djvulibre-fedora Patch0 djvulibre-3.5.22-cdefs.patch
+
+---
+ libdjvu/GSmartPointer.h | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libdjvu/GSmartPointer.h b/libdjvu/GSmartPointer.h
+index 8a8bb8a..08540f7 100644
+--- a/libdjvu/GSmartPointer.h
 b/libdjvu/GSmartPointer.h
+@@ -62,6 +62,8 @@
+ # pragma interface
+ #endif
+ 
++#include 
++
+ /** @name GSmartPointer.h
+ 
+ Files #"GSmartPointer.h"# and #"GSmartPointer.cpp"# define a smart-pointer
diff -Nru 
djvulibre-3.5.28/debian/patches/0002-djvulibre-fedora-Patch6-djvulibre-3.5.27-export-file.patch
 
djvulibre-3.5.28/debian/patches/0002-djvulibre-fedora-Patch6-djvulibre-3.5.27-export-file.patch
--- 
djvulibre-3.5.28/debian/patches/0002-djvulibre-fedora-Patch6-djvulibre-3.5.27-export-file.patch
 1970-01-01 01:00:00.0 +0100
+++ 
djvulibre-3.5.28/debian/patches/0002-djvulibre-fedora-Patch6-djvulibre-3.5.27-export-file.patch
 2021-05-10 18:46:09.0 +0100
@@ -0,0 +1,24 @@
+From: "Barak A. Pearlmutter" 
+Date: Mon, 10 May 2021 15:47:32 +0100
+Subject: djvulibre-fedora Patch6 djvulibre-3.5.27-export-file.patch
+
+---
+ desktopfiles/Makefile.am | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/desktopfiles/Makefile.am b/desktopfiles/Makefile.am
+index 

Bug#988338: unblock: pkg-js-tools/0.9.65

[Yadd]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package pkg-js-tools

[ Reason ]
pkg-js-tools provides dh-sequence-nodejs. It simulates npm install
features to install node modules in the right places.
Since 0.9.52, it reads .npmignore to not install some files. But I
missed to force package.json install, this is fixed by this version
(0.9.65). This unblock is required to fix node-got RC bug (#988334)

[ Impact ]
If not unblocked, node-got and maybe some other node packages may be
broken

[ Tests ]
No specific test

[ Risks ]
This patch includes:
 * some doc fixes
 * GitHub tags update
 * package.json install even if removed by .npmignore

[ Checklist ]
  [X] all changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in testing

Cheers,
Yadd (from hospital)

unblock pkg-js-tools/0.9.65
diff --git a/debian/changelog b/debian/changelog
index 9647851..def7239 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,18 @@
+pkg-js-tools (0.9.65) unstable; urgency=medium
+
+  * Force package.json install even if removed by .npmignore (Closes: #988194)
+
+ -- Yadd   Mon, 10 May 2021 20:03:59 +0200
+
+pkg-js-tools (0.9.64) unstable; urgency=medium
+
+  * Fix doc, thanks to Andrius Merkys (Closes: #980549)
+  * Set SALSA_CI_CONFIG_PATH to "debian/salsa-ci.yml" in pkg-js-salsa.conf
+  * Fix GitHub tags template
+  * Update copyright
+
+ -- Yadd   Sat, 27 Mar 2021 07:12:38 +0100
+
 pkg-js-tools (0.9.63) unstable; urgency=medium
 
   * autopkgtest: fix regexp that parse debian/nodejs/ext* (Closes: #980195)
diff --git a/debian/control b/debian/control
index 6a1f4bd..9c2fef5 100644
--- a/debian/control
+++ b/debian/control
@@ -1,7 +1,7 @@
 Source: pkg-js-tools
 Maintainer: Debian Javascript Maintainers 

 Uploaders:
- Xavier Guimard ,
+ Yadd ,
 Section: devel
 Testsuite: autopkgtest-pkg-perl
 Priority: optional
@@ -65,12 +65,12 @@ Depends:
  libjson-perl,
  ${misc:Depends},
  ${perl:Depends},
-Description: collection of autopktest scripts for Nodejs packages
+Description: collection of autopkgtest scripts for Nodejs packages
  This package contains test runners
  to be used with the autopkgtest infrastructure for Nodejs packages.
  .
  Packages using the tests with autopkgtests in this package
- can simply set "Testsuite: autopkgtest-nodejs" in debian/control.
+ can simply set "Testsuite: autopkgtest-pkg-nodejs" in debian/control.
  .
- Cf. /usr/share/doc/pkg-js-autopkgtest/README.autopkgtest.md
+ Cf. /usr/share/doc/pkg-js-autopkgtest/README.md
  for information on the tests and how to tweak them.
diff --git a/debian/copyright b/debian/copyright
index 522c406..be27528 100644
--- a/debian/copyright
+++ b/debian/copyright
@@ -3,7 +3,7 @@ Upstream-Name: pkg-js-tools
 Source: https://salsa.debian.org/js-team/pkg-js-tools
 
 Files: *
-Copyright: 2019-2020, Xavier Guimard 
+Copyright: 2019-2020, Yadd 
 License: GPL-2+
 
 Files: lintian/*
@@ -12,7 +12,7 @@ Copyright: 2013, Niels Thykier 
2013, 2014, Axel Beckert 
2014, Damyan Ivanov 
2018, Florian Schlichting 
-   2019, Xavier Guimard 
+   2019-2021, Yadd 
 License: GPL-2+
 
 Files: tools/dh-make-node
diff --git a/doc/tools/README.md b/doc/tools/README.md
index 5f8a885..5be8c51 100644
--- a/doc/tools/README.md
+++ b/doc/tools/README.md
@@ -146,7 +146,7 @@ Example:
 
 ```
 ...
-Testsuite: autopkgtest-nodejs
+Testsuite: autopkgtest-pkg-nodejs
 Build-Depends: dh-sequence-nodejs
 ...
 ```
diff --git a/lib/Debian/Debhelper/Buildsystem/nodejs.pm 
b/lib/Debian/Debhelper/Buildsystem/nodejs.pm
index 8e060ac..d02138c 100644
--- a/lib/Debian/Debhelper/Buildsystem/nodejs.pm
+++ b/lib/Debian/Debhelper/Buildsystem/nodejs.pm
@@ -390,7 +390,8 @@ sub install_module {
 $mainFile = "$mainFile/index.js" if -d $mainFile;
 warning "MAIN: $mainFile\n" if (DEBUG);
 $mainFile =~ s#//+#/#g;
-my $foundMain = 0;
+my $foundMain= 0;
+my $foundPkgJson = 0;
 
 foreach my $p (@files) {
 my $pattern;
@@ -466,7 +467,9 @@ sub install_module {
 else {
 unless ( grep { $_ } @tests ) {
 push @dest, [ $d, $File::Find::name ];
-$foundMain = 1 if $File::Find::name eq $mainFile;
+$foundMain= 1 if $File::Find::name eq $mainFile;
+$foundPkgJson = 1
+  if $File::Find::name eq 'package.json';
 }
 
 # Debug
@@ -507,6 +510,9 @@ EOF
 push @dest, [ $ldir, $mainFile ];
 }
 }
+unless ($foundPkgJson) {
+push @dest, [ '', "$dir/package.json" ];
+}
 foreach (@dest) {
 $self->doit_in_builddir( 'mkdir', '-p', "$path/$_->[0]" )
   unless doit_noerror( { chdir => $self->get_buildpath },
diff --git a/lib/Debian/PkgJs/Lib.pm 

Bug#988337: weston: Fails to start with `environment variable XDG_RUNTIME_DIR is not set.`

[Paul Menzel]

Package: weston
Version: 9.0.0-4
Severity: normal


Dear Debian folks,


Installing a minimal Debian system, then installing Weston with `sudo 
apt install weston`, then trying to start it, it fails to start (even 
with the user added to the group `weston-launch`, Weston fails to start 
and shows the error below.


fatal: environment variable XDG_RUNTIME_DIR is not set.
Refer to your distribution on how to get it, or
http://www.freedesktop.org/wiki/Specifications/basedir-spec
on how to implement it.

the error below is shown.

`systemd-logind.service` is running, but `loginctl list-sessions` does 
not show anything.


Installing `libpam-systemd` gets that working.


Kind regards,

Paul

Bug#987353: CVE-2020-8903 CVE-2020-8907 CVE-2020-8933

[Moritz Mühlenhoff]

Am Thu, Apr 22, 2021 at 09:53:24AM -0700 schrieb Zach Marano:
> Hi, since this package was brought into Debian in ~2018, there have been
> several transformations in the GCE guest software stack and thus the
> current landscape is very different. Google doesn't actually maintain the
> official Debian package and we're not sure who is, if anyone. The Google
> provided packages are shipped separately and will override the Debian
> package if you use them from our repositories. Please see either our Google
> Cloud docs 
> or github readme
>  for info on
> the packages we are maintaining and shipping for Debian systems and on the
> base Google provided GCE Debian images. Unfortunately, we never did find a
> DD sponsor to help maintain our guest packages in Debian on the cadence
> that we needed. I would advocate for removing this package from Debian if
> we can't find a set of maintainers.

Hi Zach,
as it stands google-compute-image-packages won't be part of the next Debian
stable release. Givem the last upload was in Oct 2019 the package seems
unmaintained anyway, so if noone steps up to maintain it in the next months
it's probably best to remove it entirely.

Cheers,
Moritz

Bug#988325: unblock: htmldoc/1.9.11-3

[Håvard Flaget Aasen]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: haavard_aa...@yahoo.no

Please unblock package htmldoc

The bug #984765 [0] is only of severity normal, but it got a CVE number some 
days
ago, it has been deemed unimportant by the security team.

The patch is cherry-picked from upstream.

[ Reason ]
buffer-overflow caused by integer-overflow in image_load_gif(), which is
CVE-2021-20308 [1]

[ Impact ]
Probably quite small.

[ Tests ]
None.

[ Risks ]
Small risk.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

unblock htmldoc/1.9.11-3

Regards,
Håvard

[0] https://bugs.debian.org/#984765
[1] https://security-tracker.debian.org/tracker/CVE-2021-20308
diff -Nru htmldoc-1.9.11/debian/changelog htmldoc-1.9.11/debian/changelog
--- htmldoc-1.9.11/debian/changelog 2021-02-08 15:46:44.0 +0100
+++ htmldoc-1.9.11/debian/changelog 2021-05-10 16:10:41.0 +0200
@@ -1,3 +1,10 @@
+htmldoc (1.9.11-3) unstable; urgency=medium
+
+  * Add patch to mitigate buffer-overflow caused by integer-overflow in
+image_load_gif() Closes: 984765 and fixes CVE-2021-20308
+
+ -- Håvard Flaget Aasen   Mon, 10 May 2021 16:10:41 
+0200
+
 htmldoc (1.9.11-2) unstable; urgency=medium
 
   * Update build-dependency to libfltk1.3-dev Closes: #982276
diff -Nru 
htmldoc-1.9.11/debian/patches/Fix-crash-bug-with-bad-GIFs-Issue-423.patch 
htmldoc-1.9.11/debian/patches/Fix-crash-bug-with-bad-GIFs-Issue-423.patch
--- htmldoc-1.9.11/debian/patches/Fix-crash-bug-with-bad-GIFs-Issue-423.patch   
1970-01-01 01:00:00.0 +0100
+++ htmldoc-1.9.11/debian/patches/Fix-crash-bug-with-bad-GIFs-Issue-423.patch   
2021-05-10 16:10:41.0 +0200
@@ -0,0 +1,27 @@
+From: Michael R Sweet 
+Date: Wed, 31 Mar 2021 20:18:00 -0400
+Subject: Fix crash bug with bad GIFs (Issue #423)
+
+CVE-2021-20308
+
+Origin: upstream, 
https://github.com/michaelrsweet/htmldoc/commit/6a8322a718b2ba5c440bd33e6f26d9e281c39654
+Bug: https://github.com/michaelrsweet/htmldoc/issues/423
+Bug-Debian: https://bugs.debian.org/#984765
+---
+ htmldoc/image.cxx | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/htmldoc/image.cxx b/htmldoc/image.cxx
+index 68d6b92..8f53050 100644
+--- a/htmldoc/image.cxx
 b/htmldoc/image.cxx
+@@ -1245,6 +1245,9 @@ image_load_gif(image_t *img, /* I - Image pointer */
+   img->height = (buf[9] << 8) | buf[8];
+   ncolors = 2 << (buf[10] & 0x07);
+ 
++  if (img->width <= 0 || img->width > 32767 || img->height <= 0 || 
img->height > 32767)
++return (-1);
++
+   // If we are writing an encrypted PDF file, bump the use count so we create
+   // an image object (Acrobat 6 bug workaround)
+   if (Encryption)
diff -Nru htmldoc-1.9.11/debian/patches/series 
htmldoc-1.9.11/debian/patches/series
--- htmldoc-1.9.11/debian/patches/series2021-02-08 14:38:12.0 
+0100
+++ htmldoc-1.9.11/debian/patches/series2021-05-10 16:10:41.0 
+0200
@@ -5,3 +5,4 @@
 autoheader_support.patch
 disable_libz.patch
 remove-os-check.patch
+Fix-crash-bug-with-bad-GIFs-Issue-423.patch

Bug#988336: pidgin: SIGFPE during a voice call

[Bohdan Horbeshko]

Package: pidgin
Version: 2.14.1-1
Severity: normal

Dear Maintainer,

Pidgin crashed when I tested voice calls to Gajim. Backtrace:
```
Thread 128 "rtpjitterbuffer" received signal SIGFPE, Arithmetic exception.
[Switching to Thread 0x7fff8f7fe700 (LWP 2790412)]
0x7fffef41158d in gst_audio_buffer_clip () from 
/usr/lib/x86_64-linux-gnu/libgstaudio-1.0.so.0
@(gdb) bt
#0  0x7fffef41158d in gst_audio_buffer_clip () at 
/usr/lib/x86_64-linux-gnu/libgstaudio-1.0.so.0
#1  0x7fffe616ca8b in  () at 
/usr/lib/x86_64-linux-gnu/gstreamer-1.0/libgstaudioconvert.so
#2  0x76a11920 in  () at /usr/lib/x86_64-linux-gnu/libgstbase-1.0.so.0
#3  0x77dba99d in  () at /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#4  0x77dbcc19 in  () at /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#5  0x77dc40c2 in gst_pad_push () at 
/usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#6  0x77da7e0b in gst_proxy_pad_chain_default () at 
/usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#7  0x77dba99d in  () at /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#8  0x77dbcc19 in  () at /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#9  0x77dc40c2 in gst_pad_push () at 
/usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#10 0x7fffd902becd in  () at 
/usr/lib/x86_64-linux-gnu/gstreamer-1.0/libgstcoreelements.so
#11 0x77dba99d in  () at /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#12 0x77dbcc19 in  () at /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#13 0x77dc40c2 in gst_pad_push () at 
/usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#14 0x77da7e0b in gst_proxy_pad_chain_default () at 
/usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#15 0x77dba99d in  () at /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#16 0x77dbcc19 in  () at /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#17 0x77dc40c2 in gst_pad_push () at 
/usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#18 0x7fffd91a73e9 in gst_rtp_base_depayload_push () at 
/usr/lib/x86_64-linux-gnu/libgstrtp-1.0.so.0
@--Type  for more, q to quit, c to continue without paging--
#19 0x7fffd91a7aae in  () at /usr/lib/x86_64-linux-gnu/libgstrtp-1.0.so.0
#20 0x77dba99d in  () at /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#21 0x77dbcc19 in  () at /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#22 0x77dc40c2 in gst_pad_push () at 
/usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#23 0x77da7e0b in gst_proxy_pad_chain_default () at 
/usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#24 0x77dba99d in  () at /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#25 0x77dbcc19 in  () at /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#26 0x77dc40c2 in gst_pad_push () at 
/usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#27 0x76a11a17 in  () at /usr/lib/x86_64-linux-gnu/libgstbase-1.0.so.0
#28 0x77dba99d in  () at /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#29 0x77dbcc19 in  () at /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#30 0x77dc40c2 in gst_pad_push () at 
/usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#31 0x7fffd902becd in  () at 
/usr/lib/x86_64-linux-gnu/gstreamer-1.0/libgstcoreelements.so
#32 0x77dba99d in  () at /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#33 0x77dbcc19 in  () at /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#34 0x77dc40c2 in gst_pad_push () at 
/usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#35 0x77da7e0b in gst_proxy_pad_chain_default () at 
/usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#36 0x77dba99d in  () at /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#37 0x77dbcc19 in  () at /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
@--Type  for more, q to quit, c to continue without paging--
#38 0x77dc40c2 in gst_pad_push () at 
/usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#39 0x7fffd914a55d in  () at 
/usr/lib/x86_64-linux-gnu/gstreamer-1.0/libgstrtpmanager.so
#40 0x77dba99d in  () at /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#41 0x77dbcc19 in  () at /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#42 0x77dc40c2 in gst_pad_push () at 
/usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#43 0x7fffd9144576 in  () at 
/usr/lib/x86_64-linux-gnu/gstreamer-1.0/libgstrtpmanager.so
#44 0x7fffd914572b in  () at 
/usr/lib/x86_64-linux-gnu/gstreamer-1.0/libgstrtpmanager.so
#45 0x77df373f in  () at /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
#46 0x76fec9a4 in g_thread_pool_thread_proxy (data=) at 
../../../glib/gthreadpool.c:354
#47 0x76fec0bd in g_thread_proxy (data=0x5b4a7360) at 
../../../glib/gthread.c:820
#48 0x76cc9ea7 in start_thread (arg=) at 
pthread_create.c:477
#49 0x76bf9def in clone () at 
../sysdeps/unix/sysv/linux/x86_64/clone.S:95
@(gdb)
```


-- System Information:
Debian Release: bullseye/sid
  

Bug#947795: weston fails to start on one machine.

[Paul Menzel]

Dear Peter,


Am 30.12.19 um 21:20 schrieb Peter Easthope:

Package: weston
Version: 5.0.0-3
Severity: important



* What led up to the situation?

Installed weston on two machines.  Works on one; not on the other.

* What exactly did you do (or not do) that was effective (or
  ineffective)?

Installed weston, xwayland & etc.  Configured as in the working system.

* What was the outcome of this action?

weston failed to start.  Display problem on this machine?


Were you able to figure out the problem? How did you start Weston? 
Typing `weston` in a tty, did it print an error message?



* What outcome did you expect instead?

I expected weston to work as in another machine.



Kind regards,

Paul

Bug#988236: roundcube-core: Install breaks lighttpd if fastcgi-php-fpm module is active

[Guilhem Moulin]

On Sun, 09 May 2021 at 17:48:28 +0200, Guilhem Moulin wrote:
> That said I'm not sure to how to fix this.  I'm not really familiar with
> lighttpd but I don't see a way to list enabled modules other than
> looking in /etc/lighttpd/conf-enabled which I'm not really keen to do.
> […]
> lighttpd maintainers (CC'ed): What's the best way to express “enable
> fastcgi-php (or fastcgi-php-fpm) unless fastcgi.server already has a
> handler for .php”?  Or if that's not possible “enable fastcgi-php unless
> fastcgi-php-fpm is already enabled”?  Simply expand
> /etc/lighttpd/conf-enabled/*-fastcgi-php-fpm.conf and check for a match,
> or is there a more robust way?

Here is a workaround that seems to work:


https://salsa.debian.org/roundcube-team/roundcube/-/commit/4638e975366c980280bd3b63020eaee45df88f52

lighttpd maintainers: is it acceptable to look for matches in
/etc/lighttpd/conf-enabled/*-fastcgi-php.conf and …/*-fastcgi-php-*.conf?
The aim would be to ship a fix in Bullseye; we can always refine the
logic during the Bookworm release cycle.

Cheers,
-- 
Guilhem.


signature.asc
Description: PGP signature

Bug#988297: README.Debian contains instructions that result in RC bugs in other packages

[Sean Whitton]

Hello Raúl,

On Mon 10 May 2021 at 09:36AM -07, Raúl Benencia wrote:

> Hello Nicholas,
>
> On Sun, May 09, 2021 at 06:32:13PM -0400, Nicholas D Steeves wrote:
>> README.Debian contains the obsolete and now harmful requirement to run
>> (package-initialize) in init.el.
>
> Thanks for reporting this bug. I've prepared a fix[0] but it will need
> a sponsored upload.
>
>   [0] 
> https://salsa.debian.org/emacsen-team/zenburn-emacs/-/commit/b6aae5d7d18aa4088803c998d11dcfcfef90f4ad

Firstly, due to my mistake, we have to revert all your other changes
except perhaps the Uploader field if we want to ask for an unblock.  I
should have uploaded your new package to experimental.  This means using
a 2.7.0-1+really2.6-4 version number or something like that.

Please don't push something like that to master yet, however.  I think
that it is unlikely the release team would grant an unblock for a
documentation fix of this nature, as I disagree with Nicholas that the
issue is RC.  So I think you need to ask them first whether they would
accept it before uploading.

-- 
Sean Whitton


signature.asc
Description: PGP signature

Bug#981347: [debian-mysql] Bug#981347: Bug#981347: Bug#981347: mariadb-10.5 FTBFS on kfreebsd

[gs-debian . org]

On Mon, May 10, 2021 at 08:00:00AM -0700, Otto Kekäläinen wrote:
> Hello!
> 
> If you want to help improve MariaDB in Debian in the open source way,
> you could for example:
> 
> - submit your suggestion for a fix as a Merge Request at
> https://salsa.debian.org/mariadb-team/mariadb-10.5
> - help with documentation/testing to improve our understanding on what
> exactly the bug is about

I diagnosed and submitted a patch, which was merged a couple months ago.
https://salsa.debian.org/mariadb-team/mariadb-10.5/-/merge_requests/3

Bug#868095: base-files: clean up legacy conffiles

[Santiago Vila]

On Mon, May 10, 2021 at 07:27:41PM +0200, Christoph Anton Mitterer wrote:
> Hey.
> 
> Anything new on this?

Patches are welcome.

But I've just asked RM to accept 11.1 for bullseye. If the patch is
trivial enough and the RM agree I could make another 11.2 for bullseye.

(But I'm not sure if it does worth the effort at this time for bullseye,
people will not remove base-files so I believe the consequences of this
file still being an obsolete conffile are minor).

Thanks.

Bug#988304: exim4: rsyslog log files not getting any new info

[Andreas Metzler]

On 2021-05-10 GSR  wrote:
> Package: exim4
> Version: 4.94.2-2
> Severity: normal

> After updating from 4.94.2-1 any info stopped appearing in rsyslog
> (8.2102.0-2) files like /var/log/mail.log. Mail can be sent and
> received, and /var/log/exim4/mainlog gets new lines. So it seems to be
> something about talking with syslog.

Hello,

what log_file_path setting are you using? I am aware that 
log_file_path = :syslog
does not duplicate the entries to syslog but only logs to /var/log/exim4
(See https://bugs.exim.org/show_bug.cgi?id=2733#c5 and later.)

cu Andreas
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'

Bug#988332: [pre-approval] unblock: cyrus-imapd/3.2.6-2

[Yadd]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: secur...@debian.org

Please unblock package cyrus-imapd

[ Reason ]
Cyrus-Imapd is vulnerable to CVE-2021-32056: it allows remote authenticated
users to bypass intended access restrictions on server annotations and
consequently cause replication to stall.

[ Impact ]
Security issue (not yet tagged by Security Team

[ Tests ]
No changes in test

[ Risks ]
Patch seems trivial, just a better permission check

[ Checklist ]
  [X] all changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in testing

Cheers,
Yadd (from hospital ;-))

unblock cyrus-imapd/3.2.6-2
diff --git a/debian/changelog b/debian/changelog
index bc383a9c..150929df 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+cyrus-imapd (3.2.6-2) unstable; urgency=medium
+
+  * Update gbp.conf for Bullseye branch
+  * annotate: don't allow everyone to write shared server entries (Closes: 
CVE-2021-32056)
+
+ -- Yadd   Mon, 10 May 2021 19:24:53 +0200
+
 cyrus-imapd (3.2.6-1) unstable; urgency=medium
 
   * New upstream version 3.2.6
diff --git a/debian/gbp.conf b/debian/gbp.conf
index c747fcb7..ee87ac45 100644
--- a/debian/gbp.conf
+++ b/debian/gbp.conf
@@ -1,7 +1,7 @@
 [DEFAULT]
-debian-branch = master
+debian-branch = bullseye
 debian-tag = debian/%(version)s
-upstream-branch = upstream
+upstream-branch = upstream-bullseye
 upstream-tag = upstream/%(version)s
 pristine-tar = True
 
diff --git a/debian/patches/CVE-2021-32056.patch 
b/debian/patches/CVE-2021-32056.patch
new file mode 100644
index ..9a50abe1
--- /dev/null
+++ b/debian/patches/CVE-2021-32056.patch
@@ -0,0 +1,50 @@
+Description: annotate: don't allow everyone to write shared server entries
+Author: Bron Gondwana 
+Origin: upstream, https://github.com/cyrusimap/cyrus-imapd/commit/621f9e41
+Bug: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32056
+Forwarded: not-needed
+Reviewed-By: Yadd 
+Last-Update: 2021-05-10
+
+--- a/imap/annotate.c
 b/imap/annotate.c
+@@ -2788,15 +2788,20 @@
+ 
+ keylen = make_key(mboxname, uid, entry, userid, key, sizeof(key));
+ 
+-if (mailbox) {
+-struct annotate_metadata oldmdata;
+-r = read_old_value(d, key, keylen, , );
+-if (r) goto out;
++struct annotate_metadata oldmdata;
++r = read_old_value(d, key, keylen, , );
++if (r) goto out;
++
++/* if the value is identical, don't touch the mailbox */
++if (oldval.len == value->len && (!value->len || !memcmp(oldval.s, 
value->s, value->len)))
++goto out;
+ 
+-/* if the value is identical, don't touch the mailbox */
+-if (oldval.len == value->len && (!value->len || !memcmp(oldval.s, 
value->s, value->len)))
+-goto out;
++if (!maywrite) {
++r = IMAP_PERMISSION_DENIED;
++if (r) goto out;
++}
+ 
++if (mailbox) {
+ if (!ignorequota) {
+ quota_t qdiffs[QUOTA_NUMRESOURCES] = 
QUOTA_DIFFS_DONTCARE_INITIALIZER;
+ qdiffs[QUOTA_ANNOTSTORAGE] = value->len - (quota_t)oldval.len;
+@@ -2804,11 +2809,6 @@
+ if (r) goto out;
+ }
+ 
+-if (!maywrite) {
+-r = IMAP_PERMISSION_DENIED;
+-if (r) goto out;
+-}
+-
+ /* do the annot-changed here before altering the DB */
+ mailbox_annot_changed(mailbox, uid, entry, userid, , value, 
silent);
+ 
diff --git a/debian/patches/series b/debian/patches/series
index 3fab10aa..27fc0ec9 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -7,3 +7,4 @@
 0011-Fix-extra-libpci-in-SNMP_LIBS.patch
 0012-Use-UnicodeData.txt-from-system.patch
 0018-increase-test-timeout.patch
+CVE-2021-32056.patch

Bug#868095: base-files: clean up legacy conffiles

[Christoph Anton Mitterer]

Hey.

Anything new on this?

Cheers,
Chris.

Bug#988323: fail2ban: Debian's custom roundcube log location not reflected in fail2ban's debian paths

[Kurt Fitzner]

Package: fail2ban
Version: 0.11.2-1
Severity: normal
Tags: patch

Dear Maintainer,

When the Debian roundcube packages are used, Debian places its error log in
/var/log/roundcube/errors.log

While fail2ban's default paths has it at:
/var/log/roundcube/errors

This means that activating fail2ban's built-in roundcube rules will cause
fail2ban to be unable to start.

Since Debian moved the log from its common location, the omission of the
path in paths-debian.conf is a bug as it makes the built-in rule fail.

Attached is a patch to correct this.  It simply adds the correct path to
path-debian.conf.



-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-6-amd64 (SMP w/2 CPU threads)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages fail2ban depends on:
ii  lsb-base  11.1.0
ii  python3   3.9.2-3

Versions of packages fail2ban recommends:
ii  iptables   1.8.7-1
ii  python3-pyinotify  0.9.6-1.3
ii  python3-systemd234-3+b4
ii  whois  5.5.9

Versions of packages fail2ban suggests:
ii  bsd-mailx [mailx]8.1.2-0.20180807cvs-2
pn  monit
ii  rsyslog [system-log-daemon]  8.2102.0-2
pn  sqlite3  

-- no debconf information

*** /home/kfitzner/fail2ban_debian_roundcube.diff
--- paths-debian.conf   2020-11-23 16:43:03.0 -0400
+++ paths-debian.conf.fixed 2021-05-10 09:48:41.193223094 -0300
@@ -24,5 +24,7 @@
 exim_main_log = /var/log/exim4/mainlog
 
 # was in debian squeezy but not in wheezy
 # /etc/proftpd/proftpd.conf (SystemLog)
 proftpd_log = /var/log/proftpd/proftpd.log
+
+roundcube_errors_log = /var/log/roundcube/errors.log
--- paths-debian.conf   2020-11-23 16:43:03.0 -0400
+++ paths-debian.conf.fixed 2021-05-10 09:48:41.193223094 -0300
@@ -24,5 +24,7 @@
 exim_main_log = /var/log/exim4/mainlog
 
 # was in debian squeezy but not in wheezy
 # /etc/proftpd/proftpd.conf (SystemLog)
 proftpd_log = /var/log/proftpd/proftpd.log
+
+roundcube_errors_log = /var/log/roundcube/errors.log

Bug#988297: README.Debian contains instructions that result in RC bugs in other packages

[Raúl Benencia]

Hello Nicholas,

On Sun, May 09, 2021 at 06:32:13PM -0400, Nicholas D Steeves wrote:
> README.Debian contains the obsolete and now harmful requirement to run
> (package-initialize) in init.el.

Thanks for reporting this bug. I've prepared a fix[0] but it will need
a sponsored upload.

  [0] 
https://salsa.debian.org/emacsen-team/zenburn-emacs/-/commit/b6aae5d7d18aa4088803c998d11dcfcfef90f4ad

> And on the topic of unblocks, I see that zenburn-emacs doesn't have
> autopkgtests, which are an automatic migration requirement.  As this
> package does not appear to contain tests of any kind, it may be
> advantageous to Raúl if this bug was RC, because an RC bug that
> justifies an unblock will allow his work to be included in Bullseye.

This makes sense to me. My only concern is if it's really justifiable
to put extra load on the release team for something that seems
minor. If you think it is, please feel free to raise the severity. The
fix is already on the git repo. :-)

> I'm also wondering if src:emacs should also do something like provide
> a NEWS file and/or check user config for 'package-initialize' and warn
> in the modeline.

I think a note on the NEWS file could be useful. It would have helped
me for sure, as I wasn't aware of the package-initialize change.

By the way, I think you may have the fastest record on the time it
takes between adopting a package and getting a new bug reported on
it. :-)

Best,
--
Raúl Benencia


signature.asc
Description: PGP signature

Bug#977805: ntopng: FTBFS in sid

[Dan Bungert]

tags 977805 + security buster sid
thanks

There is a security angle to this FTBFS.  Because ntopng is currently
unable to build against ndpi 3.4, it still links against ndpi 3.0, a
known vulnerable version, and users of ntopng are thus getting this
vulnerable ndpi 3.0 library.

ndpi (3.4-1) unstable; urgency=medium
[...]
  * New upstream version 3.4 (Closes: #972050)
- CVE-2020-11939 CVE-2020-11940 CVE-2020-15471
- CVE-2020-15472 CVE-2020-15473 CVE-2020-15474
- CVE-2020-15475 CVE-2020-15476

-Dan

Bug#988330: libbusiness-us-usps-webtools-perl: HTTP access shutting down June 24th, 2021

[Ivan Kohler]

Package: libbusiness-us-usps-webtools-perl
Version: 1.124-1
Severity: grave
Tags: upstream
Justification: renders package unusable
Forwarded: https://github.com/ssimms/business-us-usps-webtools/issues/2

USPS is sending notices that HTTP access will be turned off shortly, in favor
of HTTPS.

Given that is a web service that will break in the wild, in addition to a
regular update for unstable, we should update buster (and stretch) via
stable-updates (and oldstable-updates).

I can confirm that a package built with a simple s/http/https/ replacement
works with a live USPS account, at least on buster.  Note that since buster,
the module has been rewritten to use Mojo::UserAgent instead of LWP::UserAgent.

-- 
Ivan Kohler
President and Head Geek, Freeside Internet Services, Inc.  http://freeside.biz/
Debian GNU/Linux developer  |  CPAN author  |  pet person  |  ski addict

Bug#988328: golang-github-pquerna-cachecontrol: FTBFS in tests constant 9223372036854775807 overflows int

[Ritesh Raj Sarraf]

Source: golang-github-pquerna-cachecontrol
Severity: serious
Tags: ftbfs
Justification: fails to build from source
User: de...@lists.apertis.org
Usertags: apertis-ftbfs
X-Debbugs-Cc: de...@lists.apertis.org

Dear Maintainer,

Not sure if this package had built successfully in the past or not.
Buildd is down while I'm writing this bug report, so I can't really be
sure. I did check reproducible builds and it has been reported to be
failing there.


During a rebuild of the package, it is seen that the package fails in
one of the tests, commonly on 32 bit systems. So far, I can see it fails
on armhf and i386.

*
   dh_auto_test -O--buildsystem=golang
cd obj-i686-linux-gnu && go test -vet=off -v -p 8 
github.com/pquerna/cachecontrol github.com/pquerna/cachecontrol/cacheobject 
github.com/pquerna/cachecontrol/examples 
github.com/pquerna/cachecontrol/examples/lowlevel
# github.com/pquerna/cachecontrol/cacheobject 
[github.com/pquerna/cachecontrol/cacheobject.test]
src/github.com/pquerna/cachecontrol/cacheobject/directive_test.go:262:43: 
constant 9223372036854775807 overflows int
=== RUN   TestCachableResponsePublic
--- PASS: TestCachableResponsePublic (0.00s)
=== RUN   TestCachableResponsePrivate
--- PASS: TestCachableResponsePrivate (0.00s)
=== RUN   TestResponseWriter
--- PASS: TestResponseWriter (0.00s)
PASS
ok  github.com/pquerna/cachecontrol 0.007s
FAILgithub.com/pquerna/cachecontrol/cacheobject [build failed]
?   github.com/pquerna/cachecontrol/examples[no test files]
?   github.com/pquerna/cachecontrol/examples/lowlevel   [no test files]
FAIL
dh_auto_test: error: cd obj-i686-linux-gnu && go test -vet=off -v -p 8 
github.com/pquerna/cachecontrol github.com/pquerna/cachecontrol/cacheobject 
github.com/pquerna/cachecontrol/examples 
github.com/pquerna/cachecontrol/examples/lowlevel returned exit code 2
make: *** [debian/rules:7: build] Error 2
dpkg-buildpackage: error: debian/rules build subprocess returned exit status 2
Command `dpkg-buildpackage --changes-option=-DDistribution=bullseye` failed.

*

Bug#987576: linux: Please enable CONFIG_SND_AUDIO_GRAPH_CARD

[Diederik de Haas]

There's an upstream commit (part of 5.12) that Vincent referenced that nicely
illustrates the difference between what I want to achieve with this bug report
and a possible solution applied in that commit (IIUC):
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=25572fb5aa986bdbb35d06c0fb52a9b9d9b3b2c9

In that commit there's a switch from 'audio-graph-card' to 'simple-audio-card'.
If that change were applied to Debian, that should make the audio work (too)
on a Rock64. And if upstream would backport that commit to 5.10, Debian would
only have to upgrade to a latter 5.10 version to get it.

But there's a line in that commit message that illustrates what I want to 
achieve with this bug report:

"For newly adding nodes, ASoC guys recommend to use audio-graph-card."

What I get from that and is what I assumed previously, is that 
'audio-graph-card' is seen as 'basic building block' for audio in SBCs.
(Just like 'simple-audio-card' is). And that is why I want it enabled in 
the Debian kernel(s).
Just a 'backport' of above referenced commit would fix my issue on my Rock64s,
but afaic it wouldn't fix this bug.

Cheers,
  Diederik

signature.asc
Description: This is a digitally signed message part.

Bug#988108: gitlab: Repeated issues resolving dependencies on upgrade

[Maximilian Stein]

Hi,

We cannot support more than one version of gitlab at any time. Gitlab by nature 
has fast releases and only way to keep up is keep updating gitlab. Only if 
upstream provides a long term supported version, we can support a gitlab 
version for longer than a month. Currently our goal is to go along with the 
upstream releases.

If there are more volunteers we can probably extend it up to 3 months. Even 
more resources will be required if we want to provide support for more than 
that.


Yes, I can fully understand this, and this is basically ok. My issue is 
simply that I am kind of forced to upgrade as soon as possible and 
cannot even delay that for a week or so. Usually I automatically update 
all packages each night except Gitlab which is on hold, but since there 
might be updates to dependencies of Gitlab, Gitlab can still break 
easily… I do not see a very good solution to that either apart from 
holding all ruby packages.



Best,
Maximilian




OpenPGP_signature
Description: OpenPGP digital signature

Bug#970045: [debian-mysql] Bug#970045: galera-4: Use user "_galera" instead of "nobody" to run the daemon

[Faustin Lammler]

Hi,
I'll try to implement this.

Cheers!

-- 
Faustin Lammler
GPG: F652 BCD1 1AA8 8975 F010 48A5 390A 2F27 832A 5C79


signature.asc
Description: PGP signature

Bug#988326: libboost-python-dev: Linking against boost_python requires the python version number ex: -lboost_python39

[Grégory David]

Package: libboost-python-dev
Version: 1.74.0.3
Severity: grave
Justification: renders package unusable
X-Debbugs-Cc: d...@groolot.net

Dear Maintainer,

   * What led up to the situation?
 When I try to compile `mididings' and link against
 `-lboost_python' the linker failed with undefined reference to
 'libboost_python'.
   
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
 I try with a minimal `main.c' example and:
   * link against `-lboost_python', INEFFECTIVE
   * link against `-lboost_python39', EFFECTIVE
   * symlink `libboost_python.so' to `libboost_python39.so' and
 link against `-lboost_python', EFFECTIVE

-- System Information:
Debian Release: 11.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.11.0-19.1-liquorix-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libboost-python-dev depends on:
ii  libboost-python1.74-dev  1.74.0-9

libboost-python-dev recommends no packages.

libboost-python-dev suggests no packages.

-- no debconf information

Bug#833035: linux-image-3.16.0-4-amd64: Keyspan USB serial adapter USA-49WLC failed to load firmware

[Paul Fox]

salvatore wrote:
 > Control: tags -1 + moreinfo
 > 
 > Hi,
 > 
 > On Thu, Oct 19, 2017 at 05:29:41PM -0400, Paul Fox wrote:
 > > chris wrote:
 > >  > On 10/16/2017 11:32 AM, Paul Fox wrote:
 > >  > > ben, chris -- regarding this bug:
 > >  > >   Bug#833035:  linux-image-3.16.0-4-amd64:  Keyspan USB serial adapter
 > >  > >   USA-49WLC failed to load firmware
 > >  > >
 > >  > > whatever became of the proposed patch.  i'm running ubuntu 16.04.3,
 > >  > > kernel 4.4.0-97-generic, and the failure is still present there.
 > >  > >
 > >  > > paul
 > >  > > .
 > >  > >
 > >  > The patch provided fixed the bug.   I think I responded with the news.
 > > 
 > > yes -- sorry for not being clear.  i was wondering whether the fix had
 > > gone upstream, and if not, why not.
 > 
 > Has the fix been upstreamed or the issue fixed in meanwhile with a
 > recent kernel?
 > 
 > Regards,
 > Salvatore
 > 

I just dug out the device and tried it.  The bug persists in:
Linux grass 5.4.0-72-generic #80-Ubuntu SMP Mon Apr 12 17:35:00 UTC 2021 
x86_64 x86_64 x86_64 GNU/Linux

dmesg log looks much the same as those originally posted, though somewhat
different, and the returned error number (-2) is different than the -5 reported
by Chris Rhodin:
 [860822.854435] usb 2-1.8: new full-speed USB device number 5 using ehci-pci
 [860822.963452] usb 2-1.8: New USB device found, idVendor=06cd, 
idProduct=011a, bcdDevice=c0.01
 [860822.963455] usb 2-1.8: New USB device strings: Mfr=0, Product=0, 
SerialNumber=0
 [860822.963986] keyspan 2-1.8:1.0: Keyspan - (without firmware) converter 
detected
 [860822.964036] usb 2-1.8: Direct firmware load for keyspan/usa49wlc.fw failed 
with error -2
 [860822.964041] usb 2-1.8: ezusb_ihex_firmware_download - request 
"keyspan/usa49wlc.fw" failed
 [860822.965538] usb 2-1.8: failed to load firmware "keyspan/usa49wlc.fw"
 [860822.967366] keyspan: probe of 2-1.8:1.0 failed with error -2
 [860848.230938] usb 2-1.8: USB disconnect, device number 5

paul
=--
paul fox, p...@foxharp.boston.ma.us (arlington, ma, where it's 50.4 degrees)

Bug#981347: [debian-mysql] Bug#981347: Bug#981347: Bug#981347: mariadb-10.5 FTBFS on kfreebsd

[Otto Kekäläinen]

Hello!

If you want to help improve MariaDB in Debian in the open source way,
you could for example:

- submit your suggestion for a fix as a Merge Request at
https://salsa.debian.org/mariadb-team/mariadb-10.5
- help with documentation/testing to improve our understanding on what
exactly the bug is about
- triage the other bugs filed against MariaDB in Debian so there is
time freed up to work on this bug

Thanks!

On Sat, 6 Mar 2021 at 10:18, Otto Kekäläinen  wrote:
>
> The freebsd build still fails, now on some files that are not built:
>
> From 
> https://buildd.debian.org/status/fetch.php?pkg=mariadb-10.5=kfreebsd-amd64=1%3A10.5.9-1=1614977404=0
> *
> dh_install: warning: Cannot find (any matches for)
> "lib/systemd/system/mariadb@bootstrap.service.d/use_galera_new_cluster.conf"
> (tried in ., debian/tmp)
> dh_install: warning: mariadb-server-10.5 missing files:
> lib/systemd/system/mariadb@bootstrap.service.d/use_galera_new_cluster.conf
> dh_install: warning: Cannot find (any matches for)
> "lib/systemd/system/mysql.service" (tried in ., debian/tmp)
> dh_install: warning: mariadb-server-10.5 missing files:
> lib/systemd/system/mysql.service
> dh_install: warning: Cannot find (any matches for)
> "lib/systemd/system/mysqld.service" (tried in ., debian/tmp)
> dh_install: warning: mariadb-server-10.5 missing files:
> lib/systemd/system/mysqld.service
> dh_install: warning: Cannot find (any matches for)
> "usr/bin/galera_new_cluster" (tried in ., debian/tmp)
> dh_install: warning: mariadb-server-10.5 missing files:
> usr/bin/galera_new_cluster
> dh_install: warning: Cannot find (any matches for)
> "usr/bin/galera_recovery" (tried in ., debian/tmp)
> dh_install: warning: mariadb-server-10.5 missing files: 
> usr/bin/galera_recovery
> dh_install: warning: Cannot find (any matches for)
> "usr/bin/mariadb-service-convert" (tried in ., debian/tmp)
> dh_install: warning: mariadb-server-10.5 missing files:
> usr/bin/mariadb-service-convert
> dh_install: warning: Cannot find (any matches for)
> "usr/lib/mysql/plugin/disks.so" (tried in ., debian/tmp)
> dh_install: warning: mariadb-server-10.5 missing files:
> usr/lib/mysql/plugin/disks.so
> *
>
> These are various files referenced from the
> mariadb-server-10.5.install file. All have a direct relation to
> systemd, apart from maybe disks.so (I don't know what it does at all).
>
> I suspect that these files are missing as the debian/control defines
> "libsystemd-dev [linux-any]" as the package is not available for
> kfreebsd (https://packages.debian.org/sid/libsystemd-dev).
>
> Feel free to open a new merge request if you figure out a sensible
> solution to this.
>
> ___
> pkg-mysql-maint mailing list
> pkg-mysql-ma...@alioth-lists.debian.net
> https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-mysql-maint



-- 
- Otto

Bug#988315: xterm menu display garbled

[Philipp Marek]

Package: xterm
Version: 367-1
Severity: minor
X-Debbugs-Cc: phil...@marek.priv.at

Please see the attached screenshot.

It doesn't matter which menu I open (Ctrl+left, Ctrl+right, ctrl+middle 
mouse button) - the right and bottom borders are always missing.

I can't be sure there aren't menu entries missing at the end.


Depending on the pixel position the right border sometimes partly exists 
(but the few existing pixels blink!).


Thanks for your patience!


-- System Information:
Debian Release: 11.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 
'testing-debug'), (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-6-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_WARN
Locale: LANG=de_AT.UTF-8, LC_CTYPE=de_AT.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_AT:de
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages xterm depends on:
ii  libc6   2.31-11
ii  libfontconfig1  2.13.1-4.2
ii  libfreetype62.10.4+dfsg-1
ii  libice6 2:1.0.10-1
ii  libtinfo6   6.2+20201114-2
ii  libutempter01.2.1-2
ii  libx11-62:1.7.0-2
ii  libxaw7 2:1.0.13-1.1
ii  libxext62:1.3.3-1.1
ii  libxft2 2.3.2-2
ii  libxinerama12:1.1.4-2
ii  libxmu6 2:1.1.2-2+b3
ii  libxpm4 1:3.5.12-1
ii  libxt6  1:1.2.0-1
ii  xbitmaps1.1.1-2.1

Versions of packages xterm recommends:
ii  x11-utils  7.7+5

Versions of packages xterm suggests:
pn  xfonts-cyrillic  

-- no debconf information

Bug#972900: pychess: diff for NMU version 1.0.0-1.2

[Adrian Bunk]

Control: tags 972900 + patch
Control: tags 972900 + pending
Control: tags 986315 + patch
Control: tags 986315 + pending

Dear maintainer,

I've prepared an NMU for pychess (versioned as 1.0.0-1.2) and uploaded 
it to DELAYED/2. Please feel free to tell me if I should cancel it.

cu
Adrian
diff -Nru pychess-1.0.0/debian/changelog pychess-1.0.0/debian/changelog
--- pychess-1.0.0/debian/changelog	2020-05-15 20:53:40.0 +0300
+++ pychess-1.0.0/debian/changelog	2021-05-10 16:59:46.0 +0300
@@ -1,3 +1,11 @@
+pychess (1.0.0-1.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Add the missing dependenies on python3-pexpect, python3-sqlalchemy
+and python3-psutil. (Closes: #972900, #986315)
+
+ -- Adrian Bunk   Mon, 10 May 2021 16:59:46 +0300
+
 pychess (1.0.0-1.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru pychess-1.0.0/debian/control pychess-1.0.0/debian/control
--- pychess-1.0.0/debian/control	2020-05-15 20:53:40.0 +0300
+++ pychess-1.0.0/debian/control	2021-05-10 16:59:46.0 +0300
@@ -34,6 +34,9 @@
 	 python3-cairo,
 	 python3-gi,
 	 python3-gi-cairo,
+	 python3-pexpect,
+	 python3-sqlalchemy,
+	 python3-psutil,
 	 python3-websockets,
 	 gobject-introspection,
 	 gir1.2-glib-2.0,

Bug#810584: needrestart: add an as-installed DEP-8 test suite

[Lukasz Zemczak]

Tags: patch

Hello!

In Ubuntu we have created a very very simple sanity testing
autopkgtest (in version 3.5-2ubuntu2) for needrestart, checking for
very basic functionality as we wanted to have at least a quick smoke
test to identify any obvious breakages. It creates a dummy service
file, causes an artificial refresh of a dependent library, runs
needrestart in batch mode, checks if it succeeds, checks if the dummy
service is marked for restart and - if possible - checks if the kernel
checks are performed.

Forwarding it here in case it's of any use! And I'd love to get rid of
the delta in Ubuntu - either by getting this accepted, or having
someone prepare something much better!

Thank you!

On Sun, 10 Jan 2016 12:51:58 +0800 Paul Wise  wrote:
> Package: needrestart
> Severity: wishlist
>
> It would be nice for needrestart to have a test suite that could verify
> that it is working. At the moment it appears to produce different
> results to checkrestart so I'm worried it isn't working, but I don't
> have time to write a proper bug report about this. A DEP-8 test would
> mean that users don't have to file bugs as the CI system would
> automatically and continuously test the package.
>
> http://dep.debian.net/deps/dep8/
> https://ci.debian.net/
>
> --
> bye,
> pabs
>
> https://wiki.debian.org/PaulWise
>
>
diff -Nru needrestart-3.5/debian/tests/control needrestart-3.5/debian/tests/control
--- needrestart-3.5/debian/tests/control	1970-01-01 01:00:00.0 +0100
+++ needrestart-3.5/debian/tests/control	2021-03-05 18:01:10.0 +0100
@@ -0,0 +1,3 @@
+Tests: sanity-test.sh
+Restrictions: needs-root
+Depends: needrestart, dpkg-dev
diff -Nru needrestart-3.5/debian/tests/sanity-test.sh needrestart-3.5/debian/tests/sanity-test.sh
--- needrestart-3.5/debian/tests/sanity-test.sh	1970-01-01 01:00:00.0 +0100
+++ needrestart-3.5/debian/tests/sanity-test.sh	2021-03-23 12:47:33.0 +0100
@@ -0,0 +1,27 @@
+#!/bin/sh
+
+set -e
+
+# Create a dummy service file and emulate library change in the background
+systemd-run -u dummy-background sleep infinity 2>/dev/null
+ARCH=$(dpkg-architecture -qDEB_HOST_MULTIARCH 2>/dev/null)
+LIBC=$(realpath /lib/$ARCH/libc.so.6)
+cp "$LIBC" "${LIBC}.new"
+mv -f "${LIBC}.new" "$LIBC"
+
+OUTPUT=$(needrestart -b)
+
+echo "Check if the mandatory version number is printed"
+echo "$OUTPUT" | grep -q "^NEEDRESTART-VER:"
+
+# Kernel checks are disabled when running in a container
+if ! /usr/bin/systemd-detect-virt --container --quiet; then
+echo "Check if the correct kernel was detected"
+echo "$OUTPUT" | grep -q "^NEEDRESTART-KCUR: $(uname -r)$"
+
+echo "Check if the kernel status value is present as well"
+echo "$OUTPUT" | grep -q "^NEEDRESTART-KSTA: [0-3]$"
+fi
+
+echo "Check if outdated library was detected and dummy marked for restart"
+echo "$OUTPUT" | grep -q "^NEEDRESTART-SVC: dummy-background.service$"

Bug#988308: unblock: mir/1.8.0+dfsg1-18

[Mike Gabriel]

Hi again,

On  Mo 10 Mai 2021 10:43:29 CEST, Mike Gabriel wrote:


[ Impact ]
No real impact, except possibly for developers who want to try out the
Mir Display Server.


I just realized (i.e. I forgot to mention), that several Ayatana  
System Indicators would be affected by a removal from the Mir Display  
Server from Debian 11 (due to their entanglement with Mir via  
lomiri-url-dispatcher).


So, keeping Mir in Debian 11 is essential for keeping Ayatana System  
Indicators in Debian 11. Thanks.


Btw: I sent this unblock request before the mir package actually  
landed. It will arrive soon.


Mike

--

DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de



pgpBtBpFAk1Uv.pgp
Description: Digitale PGP-Signatur

Bug#988324: falkon: how well to integrate spellcheck

[Ritesh Raj Sarraf]

Package: falkon
Version: 3.1.0+dfsg1-11
Severity: normal

Dear Georges,

I realized that you start noticing a feature when you miss it. Such is
the case with spell-check. Falkon doesn't support spell-check
out-of-the-box. And that is when I realized how important the
spell-check feature really is.


So, following the documentation, I am able to get Falkon understand the
converted .bdic files. I was wondering if this can we done better than
doing manually.

While this is a Falkon problem, I wonder 2 things:

1. Why can't/doesn't Falkon make use of KDE libs, like the rest of KDE,
for spell check

2. If going by the way Falkon recommends, would it make sense to
add some post-installation script in place, which could detect the list
of installed dictionaries on the system and upon user consent extract a
.bdict format out of it


Option 2 is currently manual and it'd be nice to have it done automatic.


-- System Information:
Debian Release: 11.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 
'testing-debug'), (500, 'stable-updates'), (500, 'unstable'), (500, 'stable'), 
(100, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-6-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_USER
Locale: LANG=en_IN.UTF-8, LC_CTYPE=en_IN.UTF-8 (charmap=UTF-8), LANGUAGE=en_US
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages falkon depends on:
ii  kio  5.82.0-1~np1
ii  libc62.31-12
ii  libgcc-s110.2.1-6
ii  libkf5coreaddons55.82.0-1~np1
ii  libkf5crash5 5.82.0-1~np1
ii  libkf5kiocore5   5.82.0-1~np1
ii  libkf5kiowidgets55.82.0-1~np1
ii  libkf5purpose-bin5.82.0-1~np1
ii  libkf5purpose5   5.82.0-1~np1
ii  libkf5wallet-bin 5.82.0-1~np1
ii  libkf5wallet55.82.0-1~np1
ii  libqt5core5a 5.15.2+dfsg-5
ii  libqt5dbus5  5.15.2+dfsg-5
ii  libqt5gui5   5.15.2+dfsg-5
ii  libqt5network5   5.15.2+dfsg-5
ii  libqt5printsupport5  5.15.2+dfsg-5
ii  libqt5qml5   5.15.2+dfsg-5
ii  libqt5quickwidgets5  5.15.2+dfsg-5
ii  libqt5sql5   5.15.2+dfsg-5
ii  libqt5sql5-sqlite5.15.2+dfsg-5
ii  libqt5webchannel55.15.2-2
ii  libqt5webenginecore5 5.15.2+dfsg-3
ii  libqt5webenginewidgets5  5.15.2+dfsg-3
ii  libqt5widgets5   5.15.2+dfsg-5
ii  libqt5x11extras5 5.15.2-2
ii  libssl1.11.1.1k-1
ii  libstdc++6   10.2.1-6
ii  libxcb1  1.14-3
ii  qml-module-qtwebengine   5.15.2+dfsg-3

falkon recommends no packages.

Versions of packages falkon suggests:
ii  qtwebengine5-dev-tools  5.15.2+dfsg-3

-- no debconf information

Bug#975555: sshguard on buster does not work.

[Pat Suwalski]

On 2021-05-05 8:56 p.m., Trent W. Buck wrote:

Debian 10 defaults to nftables, and iptables(8) is a backcompat wrapper:

 bash5$ mmdebstrap --quiet buster /dev/null --include=iptables 
--customize-hook='chroot $1 readlink -f /usr/sbin/iptables'
 /usr/sbin/xtables-nft-multi

sshguard should Just Work even if your main firewall is still using xtables 
directly.
Linux will happily operate with some firewall rules in xtables, and some 
firewall rules in nft --- but it can be VERY hard to debug!


I guess the problem is that upon upgrade to buster, that default doesn't 
change, but the backend in sshguard's config file does.


So, you upgrade, reboot. You watch the log, see IPs getting added, but 
nothing is actually being blocked.


--Pat

Bug#988322: brave-browser: random crashes since latest upgrade

[Michael P. Soulier]

Package: brave-browser
Version: 1.22.71
Severity: grave
Justification: causes non-serious data loss

Dear Maintainer,

I have noticed since my latest upgrade that brave-browser is randomly crashing
when it seemed quite solid before. I have maybe 20 random tabs open, sometimes
multiple to youtube and one to a video conference site.

When it comes back up it offers to restore pages, and I try to pick up where it
left off.



-- System Information:
Debian Release: 10.9
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-16-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_CA:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages brave-browser depends on:
ii  brave-keyring   1.10
ii  ca-certificates 20200601~deb10u2
ii  dpkg1.19.7
ii  fonts-liberation1:1.07.4-9
ii  libasound2  1.1.8-1
ii  libatk-bridge2.0-0  2.30.0-5
ii  libatk1.0-0 2.30.0-2
ii  libatspi2.0-0   2.30.0-7
ii  libc6   2.28-10
ii  libcairo2   1.16.0-4+deb10u1
ii  libcups22.2.10-6+deb10u4
ii  libdbus-1-3 1.12.20-0+deb10u1
ii  libdrm2 2.4.97-1
ii  libexpat1   2.2.6-2+deb10u1
ii  libgbm1 18.3.6-2+deb10u1
ii  libgcc1 1:8.3.0-6
ii  libgdk-pixbuf2.0-0  2.38.1+dfsg-1
ii  libglib2.0-02.58.3-2+deb10u2
ii  libgtk-3-0  3.24.5-1
ii  libnspr42:4.20-1
ii  libnss3 2:3.42.1-1+deb10u3
ii  libpango-1.0-0  1.42.4-8~deb10u1
ii  libx11-62:1.6.7-1+deb10u1
ii  libxcb1 1.13.1-2
ii  libxcomposite1  1:0.4.4-2
ii  libxdamage1 1:1.1.4-3+b3
ii  libxext62:1.3.3-1+b2
ii  libxfixes3  1:5.0.3-1
ii  libxkbcommon0   0.8.2-1
ii  libxrandr2  2:1.5.1-1
ii  libxshmfence1   1.3-1
ii  wget1.20.1-1.1
ii  xdg-utils   1.1.3-1+deb10u1

Versions of packages brave-browser recommends:
ii  libu2f-udev  1.1.9-1
ii  libvulkan1   1.1.97-2

brave-browser suggests no packages.

-- no debconf information

Bug#988309: unblock: qtmir/0.6.1-7

[Mike Gabriel]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package qtmir

The recent version in unstable has been fixed in regards to launching
a graphical qtmir shell from the command line nested on X11.

QtMir and the QtMir Shell are basic components of Ubuntu Touch's
operating environment Lomiri.

Additionally, builds on some more architectures have been fixed
(due to upates of the .symbols files).

[ Reason ]
I forgot to file this unblock request several weeks ago, the changes
provided allow developers to really test qtmir and develop on it
using qtmir from upcoming Debian 11.

[ Impact ]
No impact for other packages, really. (Lomiri is not in Debian, yet).

[ Tests ]
The code changes / fixes have been tested manually on a Debian testing
system.

[ Risks ]
None known.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]
None

unblock qtmir/0.6.1-7
diff -Nru qtmir-0.6.1/debian/changelog qtmir-0.6.1/debian/changelog
--- qtmir-0.6.1/debian/changelog2020-12-16 16:32:50.0 +0100
+++ qtmir-0.6.1/debian/changelog2021-03-14 21:36:52.0 +0100
@@ -1,3 +1,28 @@
+qtmir (0.6.1-7) unstable; urgency=medium
+
+  * debian/libqtmirserver1.symbols:
++ Update for architectures arm64, m68k, mips64el and sh4.
+
+ -- Mike Gabriel   Sun, 14 Mar 2021 21:36:52 +0100
+
+qtmir (0.6.1-6) unstable; urgency=medium
+
+  * debian/control:
++ Limit qtmir to linux-any architecture builds.
+  * debian/patches:
++ Add 0001_demo-fix-detecting-running-installed.patch,
+  0002_demos-fix-application-name.patch. Fix loading demo shell and demo
+  client.
++ Add 2004_qml-demo-shell-work-without-ui-toolkit.patch. Make 
qml-demo-shell
+  work without lomiri-ui-toolkit.
+  * debian/rules:
++ Move qtmir-demo-shell files to the correct location.
+  * debian/qtmir-tests.install:
++ Pick up files for qtmir-demo-shell and qtmir-demo-client from the correct
+  location (as moved around by d/rules).
+
+ -- Mike Gabriel   Wed, 10 Mar 2021 21:08:51 +0100
+
 qtmir (0.6.1-5) unstable; urgency=medium
 
   * debian/control:
diff -Nru qtmir-0.6.1/debian/control qtmir-0.6.1/debian/control
--- qtmir-0.6.1/debian/control  2020-12-16 16:31:24.0 +0100
+++ qtmir-0.6.1/debian/control  2020-12-19 13:58:58.0 +0100
@@ -70,7 +70,7 @@
  This variant of the package is for Android-based phones and tablets.
 
 Package: qtmir-desktop
-Architecture: any
+Architecture: linux-any
 Multi-Arch: same
 Conflicts: qtmir-android,
qtubuntu-android,
@@ -88,7 +88,7 @@
 
 Package: libqtmirserver-dev
 Section: libdevel
-Architecture: any
+Architecture: linux-any
 Multi-Arch: same
 Pre-Depends: ${misc:Pre-Depends}
 Depends: qtmir-desktop (= ${binary:Version}) | qtmir-android (= 
${binary:Version}),
@@ -115,7 +115,7 @@
  Contains the shared library containing QtMir server API.
 
 Package: qml-module-qtmir
-Architecture: any
+Architecture: linux-any
 Multi-Arch: same
 Pre-Depends: ${misc:Pre-Depends},
 Depends: qtmir-desktop (= ${binary:Version}) | qtmir-android (= 
${binary:Version}),
@@ -134,7 +134,7 @@
 
 Package: qtmir-tests
 Section: libdevel
-Architecture: any
+Architecture: linux-any
 Multi-Arch: foreign
 Pre-Depends: ${misc:Pre-Depends},
 Depends: littler,
diff -Nru qtmir-0.6.1/debian/libqtmirserver1.symbols 
qtmir-0.6.1/debian/libqtmirserver1.symbols
--- qtmir-0.6.1/debian/libqtmirserver1.symbols  2020-10-30 19:54:45.0 
+0100
+++ qtmir-0.6.1/debian/libqtmirserver1.symbols  2021-03-14 21:35:19.0 
+0100
@@ -1,4 +1,4 @@
-# SymbolsHelper-Confirmed: 0.6.1 amd64 armel armhf i386 mipsel ppc64el
+# SymbolsHelper-Confirmed: 0.6.1 amd64 arm64 armel armhf i386 m68k mips64el 
mipsel ppc64el sh4
 libqtmirserver.so.1 libqtmirserver1 #MINVER#
 * Build-Depends-Package: libqtmirserver-dev
  _Z10QTMIR_DBUSv@Base 0.6.1
@@ -629,7 +629,7 @@
  _ZN5qtmir17SessionAuthorizerD0Ev@Base 0.6.1
  _ZN5qtmir17SessionAuthorizerD1Ev@Base 0.6.1
  _ZN5qtmir17SessionAuthorizerD2Ev@Base 0.6.1
- (optional=templinst|arch=armel 
armhf)_ZN5qtmir17compressTimestampINSt6chrono8durationImSt5ratioILx1ELx1000EET_NS2_IxS3_ILx1ELx10@Base
 0.6.1
+ (optional=templinst|arch=armel armhf 
m68k)_ZN5qtmir17compressTimestampINSt6chrono8durationImSt5ratioILx1ELx1000EET_NS2_IxS3_ILx1ELx10@Base
 0.6.1
  _ZN5qtmir18dispatchInputEventERKN5miral6WindowEPK13MirInputEvent@Base 0.6.1
  _ZN5qtmir19WindowModelNotifier11qt_metacallEN11QMetaObject4CallEiPPv@Base 
0.6.1
  _ZN5qtmir19WindowModelNotifier11qt_metacastEPKc@Base 0.6.1
@@ -826,12 +826,12 @@
  _ZN7QStringC2ERKS_@Base 0.6.1
  _ZN7QStringD1Ev@Base 0.6.1
  _ZN7QStringD2Ev@Base 0.6.1
- (optional=templinst|arch=!amd64 !ppc64el)_ZN7QVectorI5QRectEC1ERKS1_@Base 
0.6.1
- (optional=templinst|arch=!amd64 !ppc64el)_ZN7QVectorI5QRectEC2ERKS1_@Base 
0.6.1
+ 

Bug#988321: debian-security-support: bump version to 1:10+

[Andreas Beckmann]

Package: debian-security-support
Version: 2020.06.21~deb10u1
Severity: normal
User: debian...@lists.debian.org
Usertags: piuparts

debian-security-support cannot be upgraded from stretch-lts to buster
since stretch-security has a newer version than buster(-security)

 debian-security-support | 2020.06.21~deb9u1  | stretch  | 
source
 debian-security-support | 2020.06.21~deb10u1 | buster   | 
source
 debian-security-support | 1:9+2021.01.23 | stretch-security | 
source
 debian-security-support | 1:11+2021.03.19| bullseye | 
source
 debian-security-support | 1:11+2021.03.19| sid  | 
source

Andreas

PS: I primarily wanted a bug for piuparts-analyze to mark this failure
as bugged. ;-)

Bug#988308: unblock: mir/1.8.0+dfsg1-18

[Mike Gabriel]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package mir

(Please provide enough (but not too much) information to help
the release team to judge the request efficiently. E.g. by
filling in the sections below.)

[ Reason ]
Mir is a relatively new package in Debian and unit tests behave flaky on
not-so-standard CPU architectures. The new version fixes RC bug #987909.

Furthermore, the d/watch file has been updated because Github changed
some URL scheme for upstream tarball retrieval.

[ Impact ]
No real impact, except possibly for developers who want to try out the
Mir Display Server.

[ Tests ]
Unit tests run at build time, but they are sometimes flaky.

[ Risks ]
No known risks.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]
None.

unblock mir/1.8.0+dfsg1-18
diff -Nru mir-1.8.0+dfsg1/debian/changelog mir-1.8.0+dfsg1/debian/changelog
--- mir-1.8.0+dfsg1/debian/changelog2021-03-30 09:59:45.0 +0200
+++ mir-1.8.0+dfsg1/debian/changelog2021-05-10 10:35:42.0 +0200
@@ -1,3 +1,18 @@
+mir (1.8.0+dfsg1-18) unstable; urgency=medium
+
+  * debian/rules:
++ Run unit tests, but ignore test failures for now, they tend to be flaky
+  on some architectures. (Closes: #987909).
+
+ -- Mike Gabriel   Mon, 10 May 2021 10:35:42 +0200
+
+mir (1.8.0+dfsg1-17) unstable; urgency=medium
+
+  * debian/watch:
++ Fix Github watch URL and switch to format version 4.
+
+ -- Mike Gabriel   Thu, 29 Apr 2021 14:35:55 +0200
+
 mir (1.8.0+dfsg1-16) unstable; urgency=medium
 
   * debian/control:
diff -Nru mir-1.8.0+dfsg1/debian/rules mir-1.8.0+dfsg1/debian/rules
--- mir-1.8.0+dfsg1/debian/rules2020-12-19 13:58:20.0 +0100
+++ mir-1.8.0+dfsg1/debian/rules2021-05-10 10:33:19.0 +0200
@@ -18,7 +18,7 @@
 ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS)))
 ifeq ($(filter mipsel riscv64,$(DEB_HOST_ARCH)),)
 ifeq ($(DEB_HOST_ARCH_ENDIAN),little)
-   GTEST_OUTPUT=xml:./ dh_auto_build -- ARGS="-V" ptest
+   -GTEST_OUTPUT=xml:./ dh_auto_build -- ARGS="-V" ptest
 else
echo "Testsuite disabled on $(DEB_HOST_ARCH) due to lack of big-endian 
support."
 endif
diff -Nru mir-1.8.0+dfsg1/debian/watch mir-1.8.0+dfsg1/debian/watch
--- mir-1.8.0+dfsg1/debian/watch2020-02-03 13:02:30.0 +0100
+++ mir-1.8.0+dfsg1/debian/watch2021-04-29 14:35:19.0 +0200
@@ -1,3 +1,3 @@
-version=3
+version=4
 
opts=dversionmangle=s/\+dfsg1//,repacksuffix=+dfsg1,filenamemangle=s/.*\/v?([\d\.-]+)\.tar\.gz/mir-$1.tar.gz/
 \
-https://github.com/MirServer/mir/tags .*/archive/v?([\d\.]+).tar.gz
+https://github.com/MirServer/mir/tags .*/archive/refs/tags/v?([\d\.]+).tar.gz

Bug#830303: mmc0: Unexpected interrupt 0x04000000.

[Alexandros Kosiaris]

On Mon, May 10, 2021 at 2:51 PM Alexandros Kosiaris  wrote:
>
> On Sun, May 9, 2021 at 11:06 PM Salvatore Bonaccorso  
> wrote:
> >
> > Contol: tags -1 + moreinfo
> >
> > On Mon, Feb 18, 2019 at 11:54:23PM +0200, Alexandros Kosiaris wrote:
> > > Hi,
> > >
> > > For what it's worth, it seems on this specific hardware:
> > >
> > > Broadcom Limited BCM57765/57785 SDXC/MMC Card Reader [14e4:16bc]
> > >
> > > the problem can be resolved by passing:
> > >
> > > debug_quirks2=0x4 to sdhci kernel module.
> > >
> > > Note that there is also the debug_quirks param. I did set some values
> > > for it but the working one is the default, namely 0
> > >
> > > For more information have a look at
> > > https://bugzilla.kernel.org/show_bug.cgi?id=73241#c55
> > >
> > > I just tested it on a Macmini7,1Debian having Stretch with
> > > 4.19+101~bpo9+1 kernel. I 'll be using it for the next few days, I am
> > > hoping everything will work out ok and I won't have to report more
> > > stuff
> >
> > is the issue still reproducible with a recent kernel? If not we might
> > go ahead and close the bugreport.
>
> It is. I just tried on buster's 4.19.0-16-amd64 and the issue persists
> for me. I 'll also try to reproduce with bullseye's 5.10.28-1 and
> report results here.

Reproduced on bullseye with 5.10.28-1 as well. The fix remains to have
in a file in /etc/modprobe.d (e.g. sdhci.conf) the following:

options sdhci debug_quirks2=0x4

Regards,

Bug#988320: RFS: gorm.app/1.2.28-1 -- Visual Interface Builder for GNUstep

[Gürkan Myczko]

Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "gorm.app":

 * Package name: gorm.app
   Version : 1.2.28-1
   Upstream Author : Gregory John Casamento 
 * URL : http://www.gnustep.org/experience/Gorm.html
 * License : LGPL-2.1+, LGPL-3+, GPL-3+, other, GPL-2+
 * Vcs : https://salsa.debian.org/gnustep-team/gorm.app
   Section : gnustep

It builds those binary packages:

  gorm.app - Visual Interface Builder for GNUstep
  libgorm-dev - Clone of the InterfaceBuilder framework - development 
files

  libgorm1 - Clone of the InterfaceBuilder framework - runtime library

To access further information about this package, please visit the 
following URL:


  https://mentors.debian.net/package/gorm.app/

Alternatively, one can download the package with dget using this 
command:


  dget -x 
https://mentors.debian.net/debian/pool/main/g/gorm.app/gorm.app_1.2.28-1.dsc


Changes since the last upload:

 gorm.app (1.2.28-1) experimental; urgency=medium
 .
   * New upstream version.
   * Bump standards version to 4.5.1.
   * Bump debhelper version to 13, drop d/compat.
   * d/watch: bump version to 4.
   * d/control: added Rules-Requires-Root.
   * d/copyright:
 - update copyright years.
 - added Upstream-Contact.
   * d/upstream/metadata: added.

Regards,
--
  Gürkan Myczko

Bug#988319: RFS: fonts-elstob/1.015+ds-1 -- font for medievalists

[Gürkan Myczko]

Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "fonts-elstob":

 * Package name: fonts-elstob
   Version : 1.015+ds-1
   Upstream Author : The Elstob Project Authors 
 * URL : https://github.com/psb1558/Elstob-font
 * License : OFL-1.1
 * Vcs : https://salsa.debian.org/fonts-team/fonts-elstob
   Section : fonts

It builds those binary packages:

  fonts-elstob - font for medievalists

To access further information about this package, please visit the 
following URL:


  https://mentors.debian.net/package/fonts-elstob/

Alternatively, one can download the package with dget using this 
command:


  dget -x 
https://mentors.debian.net/debian/pool/main/f/fonts-elstob/fonts-elstob_1.015+ds-1.dsc


Changes since the last upload:

 fonts-elstob (1.015+ds-1) experimental; urgency=medium
 .
   * New upstream version.

Regards,
--
  Gürkan Myczko

Bug#988318: RFS: rtl-433/21.05-1 -- Decode 433.9 Mhz data

[Gürkan Myczko]

Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "rtl-433":

 * Package name: rtl-433
   Version : 21.05-1
   Upstream Author : Christian W. Zuckschwerdt 
 * URL : https://github.com/merbanan/rtl_433
 * License : LGPL-2.1+, GPL-2+, BSL-1.0, Apache-2.0
 * Vcs : 
https://salsa.debian.org/debian-hamradio-team/rtl-433

   Section : hamradio

It builds those binary packages:

  rtl-433 - Decode 433.9 Mhz data

To access further information about this package, please visit the 
following URL:


  https://mentors.debian.net/package/rtl-433/

Alternatively, one can download the package with dget using this 
command:


  dget -x 
https://mentors.debian.net/debian/pool/main/r/rtl-433/rtl-433_21.05-1.dsc


Changes since the last upload:

 rtl-433 (21.05-1) experimental; urgency=medium
 .
   * New upstream version.

Regards,
--
  Gürkan Myczko

Bug#988197: [Pkg-samba-maint] Bug#988197: patch for samba which fixes legacy printing support

[Mathieu Parent]

OK. Then I'll try to add this fix in bullseye.

Le lun. 10 mai 2021 à 12:40, Mateusz Mikołajczyk
 a écrit :
>
> not sure how to check this. I googled for "debian source code" and that's the 
> source for samba version in bullseye (I think):
>
> https://sources.debian.org/src/samba/2:4.13.5+dfsg-1/source3/smbd/reply.c/#L7094
>
> I marked the line that has the patch on samba's gitlab
>
> the patch was made in upstream literally days ago so I don't think it made to 
> bullseye yet. especially given the fact that upstream samba is at 4.14.x and 
> this is 4.13.x
>
> pon., 10 maj 2021 o 12:14 Mathieu Parent  napisał(a):
>>
>> I think the bug is not present in bullseye.
>>
>> Le lun. 10 mai 2021 à 12:09, Mateusz Mikołajczyk
>>  a écrit :
>> >
>> > sorry, I'm a bit confused. did you mean bullseye is frozen? Does it mean 
>> > that this patch won't make it to bullseye either and I'd have to switch to 
>> > sid instead? the patch is definetely not a feature implementation, it 
>> > simply makes samba conform with the SMB protocol. this particular function 
>> > was bugged for quite a while now, but on the other hand I totally 
>> > understand that only a minority of a percentage of users will benefit from 
>> > this.
>> >
>> > if it would make it to bullseye, how would I know this?
>> >
>> > pon., 10 maj 2021 o 11:48 Mathieu Parent  
>> > napisał(a):
>> >>
>> >> Le lun. 10 mai 2021 à 11:29, Mateusz Mikołajczyk
>> >>  a écrit :
>> >> >
>> >> > actually, I thought that I couldn't do this but on a second thought as 
>> >> > I understand I'd simply have to change all my entries in sources.list 
>> >> > from buster to bullseye ? I'm using armbian if that's relevant to the 
>> >> > story :)
>> >> >
>> >>
>> >> I don't know for Raspian, but upgrades notes are here:
>> >>
>> >> https://www.debian.org/releases/bullseye/armhf/release-notes/ch-upgrading.en.html
>> >>
>> >> Please note that Debian buster is the future Debian stable, and is
>> >> currently "frozen" (i.e only stabibilty fixes are allowed).
>> >>
>> >> Regards
>> >> --
>> >> Mathieu Parent
>> >
>> >
>> >
>> > --
>> > pozdrawiam serdecznie,
>> > Mateusz Mikołajczyk, a.k.a. toudi
>>
>>
>>
>> --
>> Mathieu
>
>
>
> --
> pozdrawiam serdecznie,
> Mateusz Mikołajczyk, a.k.a. toudi



-- 
Mathieu

Bug#988306: unblock: php-horde-crypt/2.7.12-6

[Mike Gabriel]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package php-horde-crypt

[ Reason ]
php-horde-crypt showed symptoms of flaky autopkgtest caused by a third
party GPG keyserver that sometimes fails to behave correctly. The
php-horde-crypt unit tests rely on correct functionality of the keyserver
in use, which does not work all of the time.

Thus, I have adjusted the unit tests in a way that GPG keyserver tests
get ignored if they fail.

[ Impact ]
php-horde-crypt is required for IMP, the webmail component in Horde.

[ Tests ]
See above, unit tests run via autopkgtests.

[ Risks ]
None that I know of.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]
None

unblock php-horde-crypt/2.7.12-6
diff -Nru php-horde-crypt-2.7.12/debian/changelog 
php-horde-crypt-2.7.12/debian/changelog
--- php-horde-crypt-2.7.12/debian/changelog 2020-11-23 12:12:33.0 
+0100
+++ php-horde-crypt-2.7.12/debian/changelog 2021-04-29 11:24:16.0 
+0200
@@ -1,3 +1,13 @@
+php-horde-crypt (2.7.12-6) unstable; urgency=medium
+
+  * debian/patches:
++ Avoid Debian CI failures due to flakiness of public GPG keyservers.
+  (Closes: #987684).
+  * d/t/control:
++ Add 'needs-internet' restriction.
+
+ -- Mike Gabriel   Thu, 29 Apr 2021 11:24:16 +0200
+
 php-horde-crypt (2.7.12-5) unstable; urgency=medium
 
   * d/patches:
diff -Nru 
php-horde-crypt-2.7.12/debian/patches/2001_ignore-failing-keyserver-tests-for-Debian-builds.patch
 
php-horde-crypt-2.7.12/debian/patches/2001_ignore-failing-keyserver-tests-for-Debian-builds.patch
--- 
php-horde-crypt-2.7.12/debian/patches/2001_ignore-failing-keyserver-tests-for-Debian-builds.patch
   1970-01-01 01:00:00.0 +0100
+++ 
php-horde-crypt-2.7.12/debian/patches/2001_ignore-failing-keyserver-tests-for-Debian-builds.patch
   2021-04-29 11:24:16.0 +0200
@@ -0,0 +1,32 @@
+Description: Ignore flaky keyserver tests (due to occasional flakiness on 
public keyservers) during Debian builds / CI.
+Author: Mike Gabriel 
+
+--- a/Horde_Crypt-2.7.12/test/Horde/Crypt/PgpKeyserverTest.php
 b/Horde_Crypt-2.7.12/test/Horde/Crypt/PgpKeyserverTest.php
+@@ -45,7 +45,7 @@
+ if ($e->getPrevious() instanceof Horde_Http_Exception) {
+ $this->markTestSkipped($e->getMessage());
+ } else {
+-throw $e;
++$this->markTestSkipped("testKeyserverRetrieve: Ignoring 
sometimes flaky keyservers during Debian (CI) builds");
+ }
+ }
+ }
+@@ -61,7 +61,7 @@
+ if ($e->getPrevious() instanceof Horde_Http_Exception) {
+ $this->markTestSkipped($e->getMessage());
+ } else {
+-throw $e;
++$this->markTestSkipped("testKeyserverRetrieveByEmail: 
Ignoring sometimes flaky keyservers during Debian (CI) builds");
+ }
+ }
+ }
+@@ -83,7 +83,7 @@
+ if ($e->getPrevious() instanceof Horde_Http_Exception) {
+ $this->markTestSkipped($e->getMessage());
+ } else {
+-throw $e;
++$this->markTestSkipped("testBrokenKeyserver: Ignoring 
sometimes flaky keyservers during Debian (CI) builds");
+ }
+ }
+ }
diff -Nru php-horde-crypt-2.7.12/debian/patches/series 
php-horde-crypt-2.7.12/debian/patches/series
--- php-horde-crypt-2.7.12/debian/patches/series2020-11-23 
12:12:33.0 +0100
+++ php-horde-crypt-2.7.12/debian/patches/series2021-04-29 
11:24:16.0 +0200
@@ -1,3 +1,4 @@
 1010_phpunit-8.x+9.x.patch
 1001_strong-pgp-keys-by-default.patch
 1002_Horde_Crypt_Pgp_Backend-Fix-generateKey-method-with-.patch
+2001_ignore-failing-keyserver-tests-for-Debian-builds.patch
diff -Nru php-horde-crypt-2.7.12/debian/tests/control 
php-horde-crypt-2.7.12/debian/tests/control
--- php-horde-crypt-2.7.12/debian/tests/control 2020-11-23 12:12:33.0 
+0100
+++ php-horde-crypt-2.7.12/debian/tests/control 2021-04-29 11:24:16.0 
+0200
@@ -1,2 +1,3 @@
 Tests: phpunit
+Restrictions: needs-internet
 Depends: @, php-cli, php-horde-test, gnupg, php-horde-http

Bug#987969: privoxy: leftovers on purge

[Christoph Anton Mitterer]

On Mon, 2021-05-03 at 08:55 +0200, Roland Rosenfeld wrote:
> It seems to be consensus that deleting users on purge is a bad idea,
> see policy bug reports
> https://bugs.debian.org/228692
> https://bugs.debian.org/291177
> https://bugs.debian.org/621833
> but it is still not written to the policy, but only in the above wiki
> page and bug reports.
> 
> So it seems to be best practice to keep the user on purge.
> 
> Is it okay to close this bug report accordingly or do yo prefer to
> keep it open and tag it "wontfix"?

I made some comments on #621833. Especially, cleaning up the users
isn't really much worse than creating them in the first place.

Actually I'd even say it's better, from a security PoV, cause deleting
them will likely just loudly break things - while creating/using a user
which may already be used by someone likely introduces a privilege
issue.


Cheers,
Chris.

Bug#988206: webkit2gtk: Experimental support for webrtc

[Alberto Garcia]

On Mon, May 10, 2021 at 04:39:06PM +0530, Pirate Praveen wrote:

> >The problem is that you won't be able to test much because the
> >source is not going to compile.
> 
> Well, I built it successfully with help from Nilesh and mic is
> detected (camera was not detected) in webrtc tests, though audio was
> not working in jitsi.

Ok, I thought it would not even compile, but in any case it's not
going to work, the code has not been merged.

Berto

Bug#988312: libslf4j-java: misses liblog4j1.2-java as a dependency

[Emmanuel Bourg]

Le 2021-05-10 11:23, Pierre Gruet a écrit :

Version 1.7.30-1 of libslf4j does not declare liblog4j1.2-java as a 
dependency,

it is only declared within the "Suggests:" field in debian/control.

Yet the classes of liblog4j1.2-java are needed by many classes in
slf4j-migrator.jar, slf4j-log4j12.jar, log4j-over-slf4j.jar. 
log4j:log4j is

also a declared dependency with scope runtime in slf4j-log4j12/pom.xml.
For this reason, other projects depending on the artifact slf4j-log4j12 
fail to

resolve log4j:log4j:1.2.x.


The dependency on log4j is only suggested because it's optional. The 
right
solution I think it to move slf4j-log4j12 into its own 
libslf4j-log4j12-java

package with a hard dependency on liblog4j1.2-java.

Emmanuel Bourg

Bug#830303: mmc0: Unexpected interrupt 0x04000000.

[Alexandros Kosiaris]

On Sun, May 9, 2021 at 11:06 PM Salvatore Bonaccorso  wrote:
>
> Contol: tags -1 + moreinfo
>
> On Mon, Feb 18, 2019 at 11:54:23PM +0200, Alexandros Kosiaris wrote:
> > Hi,
> >
> > For what it's worth, it seems on this specific hardware:
> >
> > Broadcom Limited BCM57765/57785 SDXC/MMC Card Reader [14e4:16bc]
> >
> > the problem can be resolved by passing:
> >
> > debug_quirks2=0x4 to sdhci kernel module.
> >
> > Note that there is also the debug_quirks param. I did set some values
> > for it but the working one is the default, namely 0
> >
> > For more information have a look at
> > https://bugzilla.kernel.org/show_bug.cgi?id=73241#c55
> >
> > I just tested it on a Macmini7,1Debian having Stretch with
> > 4.19+101~bpo9+1 kernel. I 'll be using it for the next few days, I am
> > hoping everything will work out ok and I won't have to report more
> > stuff
>
> is the issue still reproducible with a recent kernel? If not we might
> go ahead and close the bugreport.

It is. I just tried on buster's 4.19.0-16-amd64 and the issue persists
for me. I 'll also try to reproduce with bullseye's 5.10.28-1 and
report results here.

>
> Regards,
> Salvatore

Bug#988316: debsecan: Alert on already upgraded packages with higher version number

[Mike Morraye]

Package: debsecan
Version: 0.4.19
Severity: normal

Debsecan alerts on an issue, where it should not:

root@eb7632717672:# debsecan --suite=buster --only-fixed --format detail
CVE-2020-27350 (fixed)
  APT had several integer overflows and underflows while parsing .deb pa 
...

  installed: apt 1.8.2.3
 (built from apt 1.8.2.3)
  fixed in unstable: apt 2.1.13 (source package)
  fixed on branch:   apt 1.4.11 (source package)
  fixed on branch:   apt 1.8.2.2 (source package)
  fix is available for the selected suite (buster)

Debsecan recommends version 1.8.2.2, but detected the
installed version to be 1.8.2.3.

The content of /var/lib/dpkg/status for apt is:

Package: apt
Status: install ok installed
Priority: important
Section: admin
Installed-Size: 4064
Maintainer: APT Development Team 
Architecture: amd64
Version: 1.8.2.3


The expected behaviour would be to not have this listed as vulnerable 
since the version number dictates it to be fixed.


I have compared this with following previous issues:
* https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823664
* https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898458

I deemed these to be not relevant enough as the version string changed 
quite a bit more.


-- System Information:
Debian Release: 10.9
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.121-linuxkit (SMP w/2 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_RANDSTRUCT
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) (ignored: 
LC_ALL set to en_US.utf8), LANGUAGE=en_US:en (charmap=UTF-8) (ignored: 
LC_ALL set to en_US.utf8)

Shell: /bin/sh linked to /bin/dash
Init: unable to detect

Versions of packages debsecan depends on:
ii  ca-certificates20200601~deb10u2
ii  debconf [debconf-2.0]  1.5.71
ii  python 2.7.16-1
ii  python-apt 1.8.4.3

Versions of packages debsecan recommends:
ii  cronie [cron]  1.5.5-3
ii  exim4-daemon-light [mail-transport-agent]  4.92-8+deb10u6

debsecan suggests no packages.

-- debconf information:
  debsecan/mailto: root
  debsecan/report: true
  debsecan/suite: GENERIC
  debsecan/source:

Bug#988317: Missing apparmor rule for Ceph

[Thomas Goirand]

Source: libvirt
Version: 7.0.0-3
Severity: important

Hi,

Using libvirt with OpenStack + Ceph leads to:
Feb  9 08:48:46 pub1-compute-6 kernel: [504499.802457] audit: type=1400 
audit(1612860526.903:6409): apparmor="DENIED" operation="open" 
profile="libvirt-86976887-cdb9-4499-b7c1-cffa827f394a" 
name="/etc/ceph/ceph.client.openstack.keyring"pid=1746384comm="qemusystem-x86" 
requested_mask="r" denied_mask="r" fsuid=64055 ouid=0

Please fix the default apparmor profile. It'd be nice if the fix could reach
Bullseye in time.

Cheers,

Thomas Goirand (zigo)

Bug#988206: webkit2gtk: Experimental support for webrtc

[Pirate Praveen]

On Mon, May 10, 2021 at 1:01 pm, Alberto Garcia  
wrote:

On Mon, May 10, 2021 at 04:26:55PM +0530, Pirate Praveen wrote:


 I thought some of the changes we had to make in packaging to get
 this building would be useful when it is ready for packaging (the
 new build dependencies and build flags). I created the bug to share
 notes. But if you think this is not useful, then fine.


The problem is that you won't be able to test much because the source
is not going to compile.



Well, I built it successfully with help from Nilesh and mic is detected 
(camera was not detected) in webrtc tests, though audio was not working 
in jitsi.


Built deps are here https://people.debian.org/~praveen/gstwebrtc/


When everything is supported upstream the changes to the packaging
should be fairly small.



ok.

Thanks anyway for trying to help!



I was very curious to test is as missing webrtc support in epiphany is 
the major missing feature in epiphany. I use it as my main browser for 
all other things.


Anyway I also discovered falkon browser by KDE which already has webrtc 
support (though they are probably unaware of the license 
incompatibility as I can see falkon is also under GPL).



Berto

Bug#988197: [Pkg-samba-maint] Bug#988197: patch for samba which fixes legacy printing support

[Mateusz Mikołajczyk]

not sure how to check this. I googled for "debian source code" and that's
the source for samba version in bullseye (I think):

https://sources.debian.org/src/samba/2:4.13.5+dfsg-1/source3/smbd/reply.c/#L7094

I marked the line that has the patch on samba's gitlab

the patch was made in upstream literally days ago so I don't think it made
to bullseye yet. especially given the fact that upstream samba is at 4.14.x
and this is 4.13.x

pon., 10 maj 2021 o 12:14 Mathieu Parent  napisał(a):

> I think the bug is not present in bullseye.
>
> Le lun. 10 mai 2021 à 12:09, Mateusz Mikołajczyk
>  a écrit :
> >
> > sorry, I'm a bit confused. did you mean bullseye is frozen? Does it mean
> that this patch won't make it to bullseye either and I'd have to switch to
> sid instead? the patch is definetely not a feature implementation, it
> simply makes samba conform with the SMB protocol. this particular function
> was bugged for quite a while now, but on the other hand I totally
> understand that only a minority of a percentage of users will benefit from
> this.
> >
> > if it would make it to bullseye, how would I know this?
> >
> > pon., 10 maj 2021 o 11:48 Mathieu Parent 
> napisał(a):
> >>
> >> Le lun. 10 mai 2021 à 11:29, Mateusz Mikołajczyk
> >>  a écrit :
> >> >
> >> > actually, I thought that I couldn't do this but on a second thought
> as I understand I'd simply have to change all my entries in sources.list
> from buster to bullseye ? I'm using armbian if that's relevant to the story
> :)
> >> >
> >>
> >> I don't know for Raspian, but upgrades notes are here:
> >>
> >>
> https://www.debian.org/releases/bullseye/armhf/release-notes/ch-upgrading.en.html
> >>
> >> Please note that Debian buster is the future Debian stable, and is
> >> currently "frozen" (i.e only stabibilty fixes are allowed).
> >>
> >> Regards
> >> --
> >> Mathieu Parent
> >
> >
> >
> > --
> > pozdrawiam serdecznie,
> > Mateusz Mikołajczyk, a.k.a. toudi
>
>
>
> --
> Mathieu
>


-- 
pozdrawiam serdecznie,
Mateusz Mikołajczyk, a.k.a. toudi

Bug#988206: webkit2gtk: Experimental support for webrtc

[Alberto Garcia]

On Mon, May 10, 2021 at 04:26:55PM +0530, Pirate Praveen wrote:

> I thought some of the changes we had to make in packaging to get
> this building would be useful when it is ready for packaging (the
> new build dependencies and build flags). I created the bug to share
> notes. But if you think this is not useful, then fine.

The problem is that you won't be able to test much because the source
is not going to compile.

When everything is supported upstream the changes to the packaging
should be fairly small.

Thanks anyway for trying to help!

Berto

Bug#988206: webkit2gtk: Experimental support for webrtc

[Pirate Praveen]

On Mon, May 10, 2021 at 12:40 pm, Alberto Garcia  
wrote:

On Fri, May 07, 2021 at 11:02:00PM +0530, Pirate Praveen wrote:


 Webkit now has experimental support for webrtc and I'm trying to
 build it with this support enabled.


Hello,

WebKit does not have WebRTC support using GstWebRTC yet, we will
enable it in the package as soon as it's ready.

Because of that I don't think it makes much sense to have this
bug report open, this is not about the Debian packaging, it's a
functionality that does not exist upstream yet.



I thought some of the changes we had to make in packaging to get this 
building would be useful when it is ready for packaging (the new build 
dependencies and build flags). I created the bug to share notes. But if 
you think this is not useful, then fine.



Berto

Bug#987920: ypbind-mt: /etc/defaultdomain should be created at installation time

[Yasuhiro Kimura]

From: "Francesco P. Lovergine" 
Subject: Re: Bug#987920: ypbind-mt: /etc/defaultdomain should be created at 
installation time
Date: Mon, 10 May 2021 11:57:36 +0200

> Just set all vars in /etc/default/nis, this is the same approach used
> in the old package and init file. Of course it is also possible to
> override the default unit file with and administrator provided one in
> /etc/systemd

Thank you for replay. I tried the former and it worked fine as following.

--
rootz@rolling-vm-debian1[134]# cat /etc/default/nis
YPBINDARGS=-no-ping
rootz@rolling-vm-debian1[135]# systemctl restart ypbind.service
rootz@rolling-vm-debian1[136]# ps auxwww | grep ypbind
rootz   2001  0.0  0.0  9  2688 ?Sl   19:17   0:00 
/usr/sbin/ypbind -no-ping
rootz   2006  0.0  0.0   7220   648 pts/3S+   19:17   0:00 grep ypbind
rootz@rolling-vm-debian1[137]#
--

And it seems to come from following line of
/lib/systemd/system/ypbind.service

--
Environment=YPBINDARGS=
EnvironmentFile=-/etc/default/nis
--

But it isn't good that user need to check unit file to know how to
configure this package. So please also document it.

Bug#988197: [Pkg-samba-maint] Bug#988197: patch for samba which fixes legacy printing support

[Mathieu Parent]

I think the bug is not present in bullseye.

Le lun. 10 mai 2021 à 12:09, Mateusz Mikołajczyk
 a écrit :
>
> sorry, I'm a bit confused. did you mean bullseye is frozen? Does it mean that 
> this patch won't make it to bullseye either and I'd have to switch to sid 
> instead? the patch is definetely not a feature implementation, it simply 
> makes samba conform with the SMB protocol. this particular function was 
> bugged for quite a while now, but on the other hand I totally understand that 
> only a minority of a percentage of users will benefit from this.
>
> if it would make it to bullseye, how would I know this?
>
> pon., 10 maj 2021 o 11:48 Mathieu Parent  napisał(a):
>>
>> Le lun. 10 mai 2021 à 11:29, Mateusz Mikołajczyk
>>  a écrit :
>> >
>> > actually, I thought that I couldn't do this but on a second thought as I 
>> > understand I'd simply have to change all my entries in sources.list from 
>> > buster to bullseye ? I'm using armbian if that's relevant to the story :)
>> >
>>
>> I don't know for Raspian, but upgrades notes are here:
>>
>> https://www.debian.org/releases/bullseye/armhf/release-notes/ch-upgrading.en.html
>>
>> Please note that Debian buster is the future Debian stable, and is
>> currently "frozen" (i.e only stabibilty fixes are allowed).
>>
>> Regards
>> --
>> Mathieu Parent
>
>
>
> --
> pozdrawiam serdecznie,
> Mateusz Mikołajczyk, a.k.a. toudi



-- 
Mathieu

Bug#988197: [Pkg-samba-maint] Bug#988197: patch for samba which fixes legacy printing support

[Mateusz Mikołajczyk]

sorry, I'm a bit confused. did you mean bullseye is frozen? Does it mean
that this patch won't make it to bullseye either and I'd have to switch to
sid instead? the patch is definetely not a feature implementation, it
simply makes samba conform with the SMB protocol. this particular function
was bugged for quite a while now, but on the other hand I totally
understand that only a minority of a percentage of users will benefit from
this.

if it would make it to bullseye, how would I know this?

pon., 10 maj 2021 o 11:48 Mathieu Parent  napisał(a):

> Le lun. 10 mai 2021 à 11:29, Mateusz Mikołajczyk
>  a écrit :
> >
> > actually, I thought that I couldn't do this but on a second thought as I
> understand I'd simply have to change all my entries in sources.list from
> buster to bullseye ? I'm using armbian if that's relevant to the story :)
> >
>
> I don't know for Raspian, but upgrades notes are here:
>
>
> https://www.debian.org/releases/bullseye/armhf/release-notes/ch-upgrading.en.html
>
> Please note that Debian buster is the future Debian stable, and is
> currently "frozen" (i.e only stabibilty fixes are allowed).
>
> Regards
> --
> Mathieu Parent
>


-- 
pozdrawiam serdecznie,
Mateusz Mikołajczyk, a.k.a. toudi

Bug#987920: ypbind-mt: /etc/defaultdomain should be created at installation time

[Francesco P. Lovergine]

On Mon, May 10, 2021 at 06:45:40PM +0900, Yasuhiro Kimura wrote:

From: Francesco Paolo Lovergine 
Subject: Re: Bug#987920: ypbind-mt: /etc/defaultdomain should be created at 
installation time
Date: Sun, 02 May 2021 08:48:06 +0200


Indeed, the general NIS howto included in the nis package provides the full 
documentation for who upgrades
or install both servers and clients. A small per program README could probably 
be a good idea for minimal
setup. My original idea was having the nis package as a doc only package after 
bullseye. It is now a
migration package, instead. Well, I think that a simple README file could be 
added at this stage of
release...


According to the unit file of ypbind.service, the value of YPBINDARGS
environment variable is passed as arguments when systemd starts ypbind
process. Then how does user set it if he wants to start ypbind with
arguments? As far as I see the unit file this package doesn't seem to
provide the way to set it. I'm not familiar with systemd but does
systemd itself provide such functionality?



Just set all vars in /etc/default/nis, this is the same approach used in the 
old package and init file. Of course it is also possible to override the 
default unit file with and administrator provided one in /etc/systemd


--
Francesco P. Lovergine

Bug#987920: ypbind-mt: /etc/defaultdomain should be created at installation time

[Yasuhiro Kimura]

From: Francesco Paolo Lovergine 
Subject: Re: Bug#987920: ypbind-mt: /etc/defaultdomain should be created at 
installation time
Date: Sun, 02 May 2021 08:48:06 +0200

> Indeed, the general NIS howto included in the nis package provides the full 
> documentation for who upgrades
> or install both servers and clients. A small per program README could 
> probably be a good idea for minimal
> setup. My original idea was having the nis package as a doc only package 
> after bullseye. It is now a
> migration package, instead. Well, I think that a simple README file could be 
> added at this stage of
> release...

Though it doesn't cause problem for me, I have an unanswered question
about setting of this packages.

--
yasu@rolling-vm-debian1[1030]% cat /lib/systemd/system/ypbind.service
[Unit]
Description=NIS Binding Service
Requires=rpcbind.service
Wants=network-online.target
After=network-online.target rpcbind.service
Before=systemd-user-sessions.service
Before=nss-user-lookup.target

[Service]
Type=forking
PIDFile=/run/ypbind.pid
Environment=YPBINDARGS=
EnvironmentFile=-/etc/default/nis
ExecStartPre=/bin/domainname -F /etc/defaultdomain
ExecStart=/usr/sbin/ypbind $YPBINDARGS

[Install]
WantedBy=multi-user.target
yasu@rolling-vm-debian1[1030]%
--

According to the unit file of ypbind.service, the value of YPBINDARGS
environment variable is passed as arguments when systemd starts ypbind
process. Then how does user set it if he wants to start ypbind with
arguments? As far as I see the unit file this package doesn't seem to
provide the way to set it. I'm not familiar with systemd but does
systemd itself provide such functionality?

Bug#988197: [Pkg-samba-maint] Bug#988197: patch for samba which fixes legacy printing support

[Mathieu Parent]

Le lun. 10 mai 2021 à 11:29, Mateusz Mikołajczyk
 a écrit :
>
> actually, I thought that I couldn't do this but on a second thought as I 
> understand I'd simply have to change all my entries in sources.list from 
> buster to bullseye ? I'm using armbian if that's relevant to the story :)
>

I don't know for Raspian, but upgrades notes are here:

https://www.debian.org/releases/bullseye/armhf/release-notes/ch-upgrading.en.html

Please note that Debian buster is the future Debian stable, and is
currently "frozen" (i.e only stabibilty fixes are allowed).

Regards
-- 
Mathieu Parent

Bug#988314: buster-pu: package uim/1.8.8-4+deb10u5

[Andreas Beckmann]

Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu

After fixing the symlink_to_dir issue, the remaining uim packages became
testable again and piuparts found some more issues.
The dependency setup and the transitional libuim-data package are, well,
complicated. E.g. libuim-data does not depend on its successor uim-data
(but vice versa, to ensure libuim-data gets installed to replace the
maintainer scripts from old versions that would delete stuff now in the
realm of uim-data). But that means libuim-data needs to break all
packages expecting that it ships certain files, otherwise they may fail
to deconfigure.
I've tried to test all upgrade paths from stretch to buster involving
libuim-data with the fix applied and have not found any further issues.
The package is already uploaded.

Andreas
diff -Nru uim-1.8.8/debian/changelog uim-1.8.8/debian/changelog
--- uim-1.8.8/debian/changelog  2021-03-16 15:29:59.0 +0100
+++ uim-1.8.8/debian/changelog  2021-05-10 11:26:03.0 +0200
@@ -1,3 +1,11 @@
+uim (1:1.8.8-4+deb10u5) buster; urgency=medium
+
+  * Non-maintainer upload.
+  * libuim-data: Copy Breaks from uim-data as the contents will be temporarily
+unavailable during the transition to uim-data.  (Closes: #988275)
+
+ -- Andreas Beckmann   Mon, 10 May 2021 11:26:03 +0200
+
 uim (1:1.8.8-4+deb10u4) buster; urgency=medium
 
   * Non-maintainer upload.
@@ -15,7 +23,7 @@
   * d/libuim-data.postint: add uim-mozc (See #939588)
 
   [ HIGUCHI Daisuke (VDR dai) ]
-  * d/libuim-data.postint: add uim-chewing
+  * d/libuim-data.postinst: add uim-chewing
 
   [ YOSHINO Yoshihito ]
   * d/libuim-data.postinst: unregister not-installed modules (Closes: #945344).
diff -Nru uim-1.8.8/debian/control uim-1.8.8/debian/control
--- uim-1.8.8/debian/control2020-01-12 11:42:26.0 +0100
+++ uim-1.8.8/debian/control2021-05-09 10:55:26.0 +0200
@@ -126,6 +126,15 @@
 Depends: ${misc:Depends}, ${shlibs:Depends}
 Architecture: all
 Section: oldlibs
+Breaks: uim-anthy (<< 1:1.8.6+gh20161003.0.d63dadd-5~),
+   uim-m17nlib (<< 1:1.8.6+gh20161003.0.d63dadd-5~),
+   uim-byeoru (<< 1:1.8.6+gh20161003.0.d63dadd-5~),
+   uim-latin (<< 1:1.8.6+gh20161003.0.d63dadd-5~),
+   uim-pinyin (<< 1:1.8.6+gh20161003.0.d63dadd-5~),
+   uim-viqr (<< 1:1.8.6+gh20161003.0.d63dadd-5~),
+   uim-ipa-x-sampa (<< 1:1.8.6+gh20161003.0.d63dadd-5~),
+   uim-look (<< 1:1.8.6+gh20161003.0.d63dadd-5~),
+   uim-common (<< 1:1.8.6+gh20161003.0.d63dadd-5~)
 Description: transitional package for uim-data
  This is a transitional package. It will be removed next release.
 

Bug#988313: libgccjit-8-dev: Smoke test of libgccjit fails

[Holger Schurig]

Package: libgccjit-8-dev
Version: 8.3.0-6
Severity: normal

Dear Maintainer,

Short: the libgccjit example from the GNU GCC tutorial on JIT segfaults.


I tried to compile Emacs from GIT HEAD 
(aa354dd55b213b86ee8e3aa0365a6ad915838458), but
during ./configure --with-native-compilation it spit out this text:

...
checking for library containing inflateEnd... -lz
checking for dladdr... yes
checking for dlfunc... no
checking for gcc_jit_context_acquire in -lgccjit... yes
checking libgccjit.h usability... yes
checking libgccjit.h presence... yes
checking for libgccjit.h... yes
configure: error: Installed libgccjit has failed passing the smoke test.
You can verify it yourself compiling:
.
Please report the issue to your distribution if libgccjit was installed through
that.
Here instructions on how to compile and install libgccjit from source:
.




I then tried the tutorial01.html example as well, and the compilation step of 
that
page worked so far. But running it gave me this error:

$ ./tut01-hello-world
Segmentation fault




While I wrote this error report, I also install libgccjit-8-dbg via apt-get and 
used GDB.
The following backtrace happens:

$ gdb ./tut01-hello-world
Reading symbols from ./tut01-hello-world...(no debugging symbols found)...done.
(gdb) r
Starting program: /home/schurig/.doom.d/emacs.git/tut01-hello-world 

Program received signal SIGSEGV, Segmentation fault.
0xb74c07ba in do_add_prefix (pprefix=0xb250, prefix=0x4446b0 
"/home/schurig/.local/bin/", first=false)
at ../../src/gcc/file-find.c:139
139 ../../src/gcc/file-find.c: No such file or directory.
(gdb) bt
#0  0xb74c07ba in do_add_prefix (pprefix=0xb250, prefix=0x4446b0 
"/home/schurig/.local/bin/", first=false)
at ../../src/gcc/file-find.c:139
#1  0xb74c07ee in add_prefix (pprefix=0xb250, prefix=0x4446b0 
"/home/schurig/.local/bin/")
at ../../src/gcc/file-find.c:147
#2  0xb74c08e8 in prefix_from_string (
p=0xbf44 
"/home/schurig/.local/bin:/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games",
 
pprefix=0xb250) at ../../src/gcc/file-find.c:201
#3  0xb74c09ac in prefix_from_env (env=0xb755b6ec "PATH", pprefix=0xb250) 
at ../../src/gcc/file-find.c:168
#4  0xb67fc4e4 in gcc::jit::playback::context::invoke_embedded_driver 
(this=0xb414, argvec=0xb2b4)
at ../../src/gcc/jit/jit-playback.c:2513
#5  0xb67fee9d in gcc::jit::playback::context::invoke_driver (this=0xb414, 
ctxt_progname=0xb754eec8 "libgccjit.so", input_file=0x40ae90 
"/tmp/libgccjit-wIeDdd/fake.s", 
output_file=0x40aec0 "/tmp/libgccjit-wIeDdd/fake.so", tv_id=TV_ASSEMBLE, 
shared=true, run_linker=true)
at ../../src/gcc/jit/jit-playback.c:2492
#6  0xb67ffeb7 in gcc::jit::playback::context::convert_to_dso (this=0xb414, 
ctxt_progname=0xb754eec8 "libgccjit.so") at 
../../src/gcc/jit/jit-tempdir.h:59
#7  0xb67fff26 in gcc::jit::playback::compile_to_memory::postprocess 
(this=0xb414, 
ctxt_progname=0xb754eec8 "libgccjit.so") at 
../../src/gcc/jit/jit-playback.c:1900
#8  0xb67fe93d in gcc::jit::playback::context::compile (this=0xb414) at 
../../src/gcc/jit/jit-playback.c:1873
#9  0xb67f4911 in gcc::jit::recording::context::compile (this=0x40a8c0) at 
../../src/gcc/jit/jit-recording.c:1352
#10 0xb67e85b9 in gcc_jit_context_compile (ctxt=0x40a8c0) at 
../../src/gcc/jit/libgccjit.c:2679
#11 0x00401466 in main ()


Note that this is on i386, not on amd64, maybe this is related. However, 
because I develop for
embedded x86 devices, I'd rather stay on i386 as long as possible.





-- System Information:
Debian Release: 10.9
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 4.19.0-16-686-pae (SMP w/8 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C 
(charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libgccjit-8-dev depends on:
ii  gcc-8-base  8.3.0-6
ii  libgccjit0  8.3.0-6

libgccjit-8-dev recommends no packages.

Versions of packages libgccjit-8-dev suggests:
pn  libgccjit-8-dbg  

5H-- no debconf information

Bug#987921: [RFS] Re: Bug#987921: linbox FTBFS on 32bit with gcc 10

[Torrance, Douglas]

On Sun 09 May 2021 05:16:38 PM EDT, Anton Gladky wrote:
> I will review/upload the package tomorrow,
> Please file a pre-approval request against release.debian.org. Thanks

Thanks!  Pre-approval request: https://bugs.debian.org/988296

Doug

Bug#988286: plocate: missing Breaks: mlocate

[Andreas Beckmann]

On 10/05/2021 11.29, Steinar H. Gunderson wrote:

The backup plan would possibly be that I move to updatedb.plocate.conf;
I'm not sure whether I should cp updatedb.conf updatedb.plocate.conf in
postinst (assuming it exists) or not.


That sounds complicated.


Or, yes, add breaks; there's limited
value to having both installed now that plocate has stabilized. What do you
think?


That would be the least intrusive change, and it could be revisited for 
bookworm if there is still interest for co-installability. Or mlocate 
could go away in bookworm (or become a transitional package for 
switching to plocate).



Andreas

PS: I have no clue what any of them do ;-)

Bug#986286: disporta-installer 0.7.15

[Narcis Garcia]

This guide recommends to use buster-backports repositories on Stable
installations:
https://wiki.debian.org/Diaspora

Please update buster-backports with this fixed package.

-- 

Narcis Garcia

__
I'm using this dedicated address because personal addresses aren't
masked enough at this tracker archive. Public archive administrator
should fix this against automated addresses collectors.

Bug#988286: plocate: missing Breaks: mlocate

[Steinar H. Gunderson]

On Mon, May 10, 2021 at 11:23:05AM +0200, Andreas Beckmann wrote:
>> What is a good alternative? Can I “give it back” to mlocate in prerm if
>> mlocate is installed?
> Looks like a '$foo-locate-common' package is needed owning the conffile and
> its manpage and then have ?locate depend on it. (What about plain locate?
> Does it use the same config file, too? 'locate-common' looks like it would
> belong to 'locate's namespace.) Perhaps updatedb-common?

I guess this is a pretty large change to make in a freeze, though. The file
is only used for mlocate and plocate; locate.findutils doesn't have an
updatedb.conf IIRC.

The backup plan would possibly be that I move to updatedb.plocate.conf;
I'm not sure whether I should cp updatedb.conf updatedb.plocate.conf in
postinst (assuming it exists) or not. Or, yes, add breaks; there's limited
value to having both installed now that plocate has stabilized. What do you
think?

/* Steinar */
-- 
Homepage: https://www.sesse.net/

Bug#982884: marked as done (regina-rexx: Consider migration to debhelper)

[Agustin Martin]

El jue, 6 may 2021 a las 17:36, Debian Bug Tracking System
() escribió:
>
> Changes:
>  regina-rexx (3.6-2.3) unstable; urgency=medium
>  .
>* Non-maintainer upload with maintaner agreement.
>* Migrate to (still old-style) debhelper (Closes: #982884).
>  - Make package multiarch.
>  - Fix reproducibility problems (Closes: #854294).
>* Split original az-patch-01 patch into smaller _AZ_*.diff patches.
>* debian/control: Add "Rules-Requires-Root: no"

Hi, Alen,

Noticed a minor issue after this, libregina3 and libregina-dev were
not tagged as Multi-Arch: same. I am also proposing another couple of
minor issues, On the one hand, installing HACKERS.txt into -dev
package, on the other hand revert file ordering in HISTORY, so newer
changelogs are shown first. I am attaching three patches with the
proposed changes for your consideration in next upload.

Regards,

-- 
Agustin
From 57b7f0d23e878e87d57d29a7f9b3876f3363 Mon Sep 17 00:00:00 2001
From: Agustin Martin Domingo 
Date: Mon, 10 May 2021 00:12:10 +0200
Subject: [PATCH 1/3] debian/control: Mark libregina3 and libregina-dev
 "Multi-Arch: same"

Signed-off-by: Agustin Martin Domingo 
---
 debian/control | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/debian/control b/debian/control
index 14e0106..c81a5e3 100644
--- a/debian/control
+++ b/debian/control
@@ -16,6 +16,7 @@ Depends: ${shlibs:Depends},
 	 ${misc:Depends}
 Conflicts: regina3
 Replaces: regina3
+Multi-Arch: same
 Description: Regina REXX interpreter, run-time library
  Regina is an ANSI compliant REXX interpreter for multiple platforms.
  .
@@ -36,6 +37,7 @@ Conflicts: regina2-dev,
 	   regina3-dev
 Replaces: regina2-dev,
 	  regina3-dev
+Multi-Arch: same
 Description: Regina REXX interpreter, development files
  Regina is an ANSI compliant REXX interpreter for multiple platforms.
  .
-- 
2.31.1

From 514da86934a33579e9c5e5b60adef398573468d3 Mon Sep 17 00:00:00 2001
From: Agustin Martin Domingo 
Date: Fri, 7 May 2021 17:16:35 +0200
Subject: [PATCH 2/3] debian/libregina3-dev.docs: Install HACKERS.txt.

Signed-off-by: Agustin Martin Domingo 
---
 debian/libregina3-dev.docs | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 debian/libregina3-dev.docs

diff --git a/debian/libregina3-dev.docs b/debian/libregina3-dev.docs
new file mode 100644
index 000..50ca005
--- /dev/null
+++ b/debian/libregina3-dev.docs
@@ -0,0 +1 @@
+HACKERS.txt
-- 
2.31.1

From 856566881972e2bfd04277f7152d1cb8d7fd0397 Mon Sep 17 00:00:00 2001
From: Agustin Martin Domingo 
Date: Fri, 7 May 2021 19:21:04 +0200
Subject: [PATCH 3/3] debian/rules: Revert file ordering in HISTORY file. Newer
 first.

Signed-off-by: Agustin Martin Domingo 
---
 debian/rules | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/debian/rules b/debian/rules
index 1d8b4cf..5bcb163 100755
--- a/debian/rules
+++ b/debian/rules
@@ -58,8 +58,8 @@ build-stamp: configure-stamp
 
 	# Add here commands to compile the package.
 	$(MAKE) CFLAGS="$(CFLAGS) $(CPPFLAGS)" LDFLAGS="$(LDFLAGS)"
-	#docbook-to-man debian/pam-encfs.sgml > pam-encfs.1
-	cat README.0* README.2* README.3* > $(HISTORY)
+	# Bundle all READMEs into a single HISTORY file
+	cat $(shell echo  README.0* README.2* README.3* | tr -s ' ' '\n' | sort -r) > $(HISTORY)
 
 	touch build-stamp
 
-- 
2.31.1

Bug#988197: [Pkg-samba-maint] Bug#988197: patch for samba which fixes legacy printing support

[Mateusz Mikołajczyk]

actually, I thought that I couldn't do this but on a second thought as I
understand I'd simply have to change all my entries in sources.list from
buster to bullseye ? I'm using armbian if that's relevant to the story :)

pon., 10 maj 2021 o 10:44 Mathieu Parent  napisał(a):

> Le ven. 7 mai 2021 à 15:24, Mateusz Mikołajczyk
>  a écrit :
> >
> > Package: samba
> > Version: 4.9.5+dfsg-5+deb10u1
> >
> > I was testing samba with an really old DOS client. it turns out that
> ever since samba 3.2.0 there was an upstream change that broke this legacy
> printing support. It was already merged upstream but the patch is super
> tiny - a one liner:
> >
> >
> https://gitlab.com/samba-team/samba/-/commit/47d79d7e7e406f7dd204ded7c72cfed3e0761ad5
> >
> > I was wondering, would it be possible to add it as a patch to debian
> buster? Currently I figured out a way to apply it - I simply build samba
> .deb package from source (i.e. deb-src), manually apply the patch and then
> install local version of the package. That's all great until I'm testing
> this on x86 architecture (because the compilation is relatively quick),
> however I intend to put everything to sbc board as a headless print server.
> In order to avoid compilation on the sbc, I could create a virtual machine
> and do a cross-compilation but it seems like a massive overkill just to
> introduce a one-liner patch, plus it wouldn't survive any of the potential
> upgrades
>
> Hi,
>
> I'm sorry, but I won't apply this patch to buster. You can use bullseye
> instead.
>
> Regards
> --
> Mathieu Parent
>


-- 
pozdrawiam serdecznie,
Mateusz Mikołajczyk, a.k.a. toudi