Bug#768232: [Pkg-fonts-devel] Bug#768232: fonts-sil-andika: conffiles not removed
Quoting Christian Meyer (c2h...@web.de): Package: fonts-sil-andika Version: 1.004-2 Followup-For: Bug #768232 Hello there, I was bitten by this, too. I upgraded from wheezy and wondered about the error-messages, read your changelog, wondered again and removed /etc/fonts/conf.d/65-andika.conf manually. Bug was gone. Then I reinstalled the package again and the bug reappears, too. Obviously the file got reinstalled. Well, that's clearly bad handling of this conffile I just rebuilt fonts-sil-andika with the following added: debian/maintscript: rm_conffile /etc/fonts/conf.avail/65-andika.conf 1.004-2~ fonts-sil-andika Now, the conffile really goes away when the package is upgraded. My remaining problem is the /etc/fonts/conf.d/65-andika symling that is created when the wheezy package is installed. Even if I use this in debian/maintscript: rm_conffile /etc/fonts/conf.avail/65-andika.conf 1.004-2~ fonts-sil-andika rm_conffile /etc/fonts/conf.d/65-andika.conf 1.004-2~ fonts-sil-andika The symlink still remains after the package is upgraded. It is a dangling symlink but still there. Anyone with a clue about how to properly deal with this? PS: I plan to clean out the various good and bad conffile handling which we're doing in many font packages, in the jessie-stretch release cycle. signature.asc Description: Digital signature
Bug#784009: Segmentation fault
retitle 784009 [experimental] Lack of versioned symbols in nettle causes segfault severity 784009 serious thanks On 2015-05-02 積丹尼 Dan Jacobson jida...@jidanni.org wrote: Package: wget Version: 1.16.3-2 Severity: grave $ wget Segmentation fault Hello, thanks for the report. wget links both directly and indirectly against nettle (direct: libnettle4, indirect via gnutls: libnettle4 in unstable, libnettle5 in experimental). Since nettle 3.1 does not use versioned symbols this causes a segfault. nettle 3.1 provides versioned symbols but that does not help for the pending transition. A wget binary linked directly against libnettle4 (unversioned) and indirectly (via gnutls) against libnettle6 (versioned) still crashes. This needs changes on the nettle side of things, but I will keep the bug-report open here. Looks like we need a two-step transition: nettle 2.7 - nettle 2.7+versioned_symbols , nettle 2.7+versioned_symbols - nettle 3.1. cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784017: override: mailnag:mail/optional
Package: ftp.debian.org Severity: normal Hi, Please change mailnag's section from gnome to mail, reason being that mailnag has evolved from being GNOME-specific to being desktop-agnostic. Thanks! Regards, Vincent -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784019: freeciv: removal of bz2 support = inability to load old savegames?
Package: freeciv-server Version: 2.5.0-1 I haven't tested this at all, I'm afraid, but noticed this in the changelog of the new Freeciv packages in experimental: | - Remove libbz2-dev from Build-Depends. | We already support xz compression which is a superior compression format. I think this means that the new server won't be able to load .sav.bz2 savegames? That would be unfortunate, since the stable package generates them (and Freeciv is generally able to load savegames from older versions). Once you've released a package with support for a compression format, I think you can practically never remove it, even if you add a newer format. Sorry if I've misconstrued the situation. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784020: override: kivy:python/optional
Package: ftp.debian.org Severity: normal Hi, Kivy should be moved from extra - optional since it satisfies the requirements for being Priority: optional, as defined in Policy 2.5. (I've also changed the priority defined in d/control in the package itself as of kivy/1.9.0-1.) Regards, Vincent -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784022: lazarus: Compiler /usr/bin/fpc does not support target x86_64-linux on startup
Package: lazarus Version: 1.2.4+dfsg2-1 Severity: minor Hello, I have the same problem as mentioned in the now closed bug #774839 - but I never compiled Lazarus myself. I just installed it from the debian testing repository. When starting I get this message about not supporting x86_64 (there might have been some upgrades since I used it the last time - I actually don't remember whether it was there all the time on this machine or just appeared). Curious: I'm still able to use Lazarus after dismissing the error message. Everything else seems to work. I can run my programs and there is an executable after compiling. Here the file information for some test application I wrote and compiled: $ file test test: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.4.0, not stripped Since this bug doesn't seem to impair the functionality I'll mark it as minor. Some additional information about the files and packages on my pc: /usr/bin$ ll ppc* lrwxrwxrwx 1 root root 23 Okt 14 2014 ppcx64-2.6.4 - ../lib/fpc/2.6.4/ppcx64* lrwxrwxrwx 1 root root 24 Apr 2 05:09 ppcx64 - /etc/alternatives/ppcx64* /etc/alternatives$ ll ppc* lrwxrwxrwx 1 root root 25 Apr 2 05:09 ppcx64 - /usr/lib/fpc/2.6.4/ppcx64* lrwxrwxrwx 1 root root 37 Apr 2 05:09 ppcx64.1.gz - /usr/share/man/man1/ppcx64-2.6.4.1.gz /etc/alternatives$ ll fpc lrwxrwxrwx 1 root root 18 Apr 2 05:09 fpc - /usr/bin/fpc-2.6.4* $ dpkg -l | grep fpc ii fpc 2.6.4+dfsg-4 all Free Pascal - SDK suite dependency package ii fpc-2.6.42.6.4+dfsg-4 all Free Pascal - SDK-2.6.4 suite ii fpc-source 2.6.4+dfsg-4 all Free Pascal - SDK source code dependency package ii fpc-source-2.6.4 2.6.4+dfsg-4 all Free Pascal - SDK source code ii python-fpconst 0.7.2-5 all Utilities for handling IEEE 754 floating point special values $ dpkg -l | grep lazarus ii lazarus 1.2.4+dfsg2-1 all IDE for Free Pascal - SDK dependency package ii lazarus-1.2.41.2.4+dfsg2-1 all IDE for Free Pascal - suite ii lazarus-doc-1.2.41.2.4+dfsg2-1 all IDE for Free Pascal - documentation ii lazarus-ide-1.2.41.2.4+dfsg2-1 amd64IDE for Free Pascal - common IDE files ii lazarus-ide-gtk2-1.2.4 1.2.4+dfsg2-1 amd64IDE for Free Pascal - GTK+ version ii lazarus-src-1.2.41.2.4+dfsg2-1 all IDE for Free Pascal - LCL source code $ uname -srvmpio Linux 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt9-3 (2015-04-23) x86_64 unknown unknown GNU/Linux -- System Information: Debian Release: 8.0 APT prefers testing APT policy: (990, 'testing'), (500, 'testing-updates'), (500, 'stable- updates'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages lazarus depends on: ii lazarus-1.2.4 1.2.4+dfsg2-1 lazarus recommends no packages. lazarus suggests no packages. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#766750: libapache2-mod-apparmor: owned after purge (policy 6.8 + 10.7.3)
Control: tag -1 + pending The problem is rather that its postrm doesn't clean up the directories that are manually (as in: without any dh_* helper) created in its postinst. I'm on it. Fixed in r1555 on the collab-maint/apparmor-experimental branch: I installed the resulting libapache2-mod-apparmor in a sid chroot, then purged it, and there was no /etc/apparmor.d left. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784023: spamassassin: Please run test suite during build
Source: spamassassin Version: 3.4.1-1 Severity: wishlist Tags: patch Please consider applying the attached patch to run the upstream test suite during build. libberkeleydb-perl is required for t/bayesbdb.t netbase is required for t/dnsbl_sc_meta.t (needs /etc/protocols) The patch also fixes a bug that the build-indep-stamp target is run twice during the build. Thanks, Felix diff -Nru spamassassin-3.4.1/debian/control spamassassin-3.4.1/debian/control --- spamassassin-3.4.1/debian/control 2014-11-29 22:50:20.0 +0100 +++ spamassassin-3.4.1/debian/control 2015-05-02 10:31:46.0 +0200 @@ -4,7 +4,7 @@ Maintainer: Noah Meyerhans no...@debian.org Build-Depends: debhelper (= 7), perl, libssl-dev, libhtml-parser-perl (= 3.24), libnet-dns-perl (= 0.34), libnetaddr-ip-perl, - dh-systemd + dh-systemd, libberkeleydb-perl, netbase Standards-Version: 3.9.6 Homepage: http://www.spamassassin.org/ Vcs-Svn: svn://svn.debian.org/svn/collab-maint/deb-maint/spamassassin/trunk diff -Nru spamassassin-3.4.1/debian/rules spamassassin-3.4.1/debian/rules --- spamassassin-3.4.1/debian/rules 2014-11-29 22:50:20.0 +0100 +++ spamassassin-3.4.1/debian/rules 2015-05-02 10:59:05.0 +0200 @@ -64,11 +64,14 @@ build-indep: build-indep-stamp #build-indep-stamp: configure debian/po/templates.pot -build-indep-stamp: configure +build-indep-stamp: configure-stamp dh_testdir $(MAKE) CFOPTIMIZE=$(CFLAGS) CFCCFLAGS= CFLIBS= CFLDFLAGS=$(LDFLAGS) +ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS))) + $(MAKE) test +endif pod2man sa-awl.raw sa-awl.1p pod2man sa-check_spamd.raw sa-check_spamd.1p
Bug#768980: [pkg-apparmor] Bug#768980: apparmor_parser sometimes crashes with free(): invalid next size (normal): 0x00000000009915a0
Hi intrigeri, On Samstag, 2. Mai 2015, intrigeri wrote: this only happens with Squeeze's kernel, and AppArmor 2.9 is not intended to be used in such a context [...] * we could simply close this bug, on the grounds that a Jessie or newer userspace is generally not supported on a 2.6.32 kernel seems reasonable to me. cheers, Holger signature.asc Description: This is a digitally signed message part.
Bug#784027: apt: broken apt-get changelog command
Package: apt Version: 1.0.9.9 Severity: normal Hello, it seems that the changelog command of apt-get is broken: % apt-get changelog debhelper Err Changelog per debhelper (http://packages.debian.org/changelogs/pool/main/d/debhelper/debhelper_9.20150501/changelog) 404 Not Found Err Changelog per debhelper (http://httpredir.debian.org/debian/pool/main/d/debhelper/debhelper_9.20150501.changelog) 404 Not Found [IP: 129.187.10.100 80] E: changelog download failed The changelog is now available at: http://metadata.ftp-master.debian.org/changelogs/main/d/debhelper/unstable_changelog Cheers -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages apt depends on: ii debian-archive-keyring 2014.3 ii gnupg 1.4.18-7 ii libapt-pkg4.12 1.0.9.9 ii libc6 2.19-18 ii libgcc1 1:5.1.1-3 ii libstdc++6 5.1.1-3 apt recommends no packages. Versions of packages apt suggests: pn apt-doc none pn aptitude | synaptic | wajig none ii dpkg-dev 1.17.25 pn python-apt none -- no debconf information signature.asc Description: Digital signature
Bug#784013: RFP: apktool -- tool for reverse engineering Android apk files
Package: wnpp Severity: wishlist * Package name: apktool Version : 2.0.0 Upstream Author : Ryszard Wiśniewski brut.a...@gmail.com * URL : https://ibotpeaches.github.io/Apktool/ * License : Apache 2.0 Programming Lang: Java Description : tool for reverse engineering Android apk files A tool for reverse engineering 3rd party, closed, binary Android apps. It can decode resources to nearly original form and rebuild them after making some modifications; it makes possible to debug smali code step by step. Also it makes working with an app easier because of project-like file structure and automation of some repetitive tasks like building apk, etc. It is NOT intended for piracy and other non-legal uses. It could be used for localizing, adding some features or support for custom platforms, analyzing applications and much more. Features * Disassembling resources to nearly original form (including resources.arsc, classes.dex, 9.png. and XMLs) * Rebuilding decoded resources back to binary APK/JAR * Organizing and handling APKs that depend on framework resources * Smali Debugging * Helping with repetitive tasks -- أحمد المحمودي (Ahmed El-Mahmoudy) Digital design engineer GPG KeyID: 0xEDDDA1B7 GPG Fingerprint: 8206 A196 2084 7E6D 0DF8 B176 BC19 6A94 EDDD A1B7 signature.asc Description: Digital signature
Bug#778799: gcc-doc: gcc.info not viewable in Emacs
GUO Yixuan culu@gmail.com writes: The drawback is that with direntry stubs, there's no (gcc) top nodes, only (gcc-4.9) top nodes, etc. The plain (gcc) is important for the doc lookups in emacs and more. Alas I don't know the best ways to make multiple copies co-exist. Emacs does some stuff with subdirectories, but I don't know if that basically relies on emacs mangling its own info search path (to the directory of the running emacs). -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784014: Fwd: Feature wish: detox and non-existent files
Package: detox 2015-04-23 11:02 GMT+02:00 Ari Moisio ari.moi...@thp.nkl.fi: Hi May i suggesta new functionality on detox: a new parameter, for example -N that will pass the command line argument thru defined sequence but does not care if the file exists and of course will not try to rename it, olyn outputs a cleaned filename to the stdout. I'm asking this for a CD ripping script wwhere the filename comes from cddb and i would like to pass already valid file name for the lame encoder. Best regards -- Terveisin Ari Moisio Atk-suunnittelija Tiedonhallintapalvelut Näkövammaisten Keskusliitto ry. 050 401 5875 ari.moi...@thp.nkl.fi
Bug#783817: game-data-packager: consider new pseudo-Section for generated files?
The files generated by game-data-packager are not trivially distinguishable from non-free games obtained from Debian (doom-wad-shareware) or from some other source (e.g. gog.com), and show up in e.g. aptitude under Obsolete and Locally Created - games - non-free Unless you have your own repo, then they are completely mixed with the rest. However, most of them are in fact worse than non-free: they cannot be redistributed at all without copyright infringement. I'm tempted to say that we should put them in some new pseudo-component and/or pseudo-section, like maybe non-distributable/game-data-packager. Thoughts? I'd realy like to keep the '/games' suffix, this is recognized by everyone. I would go for 'local/games'; as there may be other ways of building local packages (equivs ?) and this is short. local = this file can only be installed localy on a single computer. aptitude already gives a tip when you browse down 'non-free' sections; it could also give a tip about 'local' packages; https://www.debian.org/legal/licenses/index.en.html Additionally, some software is not distributable (for example, has no license at all), even in non-free. I see that most commercial games erroneously ships .debs with section = (free/)games. (WorldOfGoo, TicketToRide,...) If there was some officialy recommend way to ship local package; this would happen less. What do you think to propose a change in the policy ? https://www.debian.org/doc/debian-policy/ch-archive.html I found this, but haven't read it yet: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704233 Alexandre
Bug#783225: RFS: corebird/1.0-1 [ITP] -- Modern, easy and fun Twitter client
On Fri, Apr 24, 2015 at 4:32 PM, Edward Betts wrote: corebird - Modern, easy and fun Twitter client I don't intend to sponsor this but here is a review: Harlan's review is good, please take a look at it. examples/media*.jpg do not look like they were created by or are owned by upstream, so they are probably illegal to redistribute. Please remove the package from mentors until this is fixed. autotools-dev almost always isn't needed when you have dh-autoreconf. NOCONFIGURE has to be set when calling autogen.sh, otherwise the it will run ./configure, but that should only happen from dh_auto_configure. Many of the comments in debian/rules are not needed. override_dh_installman is not needed as the upstream build system installs the manual page. Why do you disable the upstream test suite? That is usually not a good idea. I would suggest wrapping debian/menu at whitespace. I would suggest adding a longtitle and icon to debian/menu, probably the one from the upstream .desktop file. https://www.debian.org/doc/manuals/maint-guide/dother.en.html#menu The upstream README.md contains dependency, distro and compiling info. None of this is useful to people installing binary packages, you might want to strip it out during the build process using sed. You might want to run `wrap-and-sort -sa` to wrap debian/control and other files so debdiffs are more readable. debian/clean shouldn't be needed, unless the upstream build system isn't cleaning up properly. I'd suggest that upstream should remove the PNG files from git and render them from the SVG files at build time. vapi/gdk-pixbuf-2.0.vapi is a generated file but I can't find the source code for it. I'd suggest upstream remove it from git and generate it at build time instead. Automated checks: https://lintian.debian.org/ https://anonscm.debian.org/cgit/collab-maint/check-all-the-things.git $ lintian P: corebird source: debian-watch-may-check-gpg-signature may be more if the package was buildable $ bashate --ignore E002 E010: Do not on same line as for: 'for size in ${sizes[@]}' - ./assets/render-icons.sh: L7 E003: Indent not multiple of 4: ' rsvg-convert ./corebird.svg --width=${size} --height=${size} \' - ./assets/render-icons.sh: L9 E003: Indent not multiple of 4: ' --format=png -o ./${size}x${size}/corebird.png' - ./assets/render-icons.sh: L10 3 bashate error(s) found # Check with upstream where the GIMP XCF source files are. $ find -type f \( -iname '*.png' -o -iname '*.gif' -o -iname '*.jpg' -o -iname '*.jpeg' \) -exec grep -iF gimp {} + Binary file ./assets/no_banner.png matches $ codespell --quiet-level=3 ./README.md:28: distrubution == distribution ./data/org.baedert.corebird.appdata.xml.in:12: abilty == ability $ fdupes -q -r . ./tests/__sql_init1.sql ./tests/_sql_init1.sql $ find -type f \( -iname '*.po' -o -iname '*.pot' \) -exec POFileChecker {} + lots of output $ find -type f \( -iname '*.po' -o -iname '*.pot' \) -exec POFileSpell {} + lots of output $ find -type f \( -iname '*.po' -o -iname '*.pot' -o -iname '*.mo' -o -iname '*.gmo' \) -exec i18nspector {} + lots of output $ find -type f \( -iname '*.po' -o -iname '*.pot' \) -exec msgfmt --check --check-compatibility --check-accelerators --output-file=/dev/null {} \; lots of output $ find -type f -iname '*.sh' -exec shellcheck {} + In ./assets/render-icons.sh line 7: for size in ${sizes[@]} ^-- SC2068: Double quote array expansions, otherwise they're like $* and break on spaces. In ./autogen.sh line 3: srcdir=`dirname $0` ^-- SC2006: Use $(..) instead of deprecated `..` ^-- SC2086: Double quote to prevent globbing and word splitting. In ./autogen.sh line 6: ORIGDIR=`pwd` ^-- SC2006: Use $(..) instead of deprecated `..` In ./autogen.sh line 16: cd $ORIGDIR || exit $? ^-- SC2086: Double quote to prevent globbing and word splitting. $ grep -riE 'fixme|todo|hack|xxx' . lots of output -- bye, pabs https://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#783237: CVE-2014-9462
On Fri, May 01, 2015 at 08:53:28PM +0200, Alessandro Ghedini wrote: On Fri, May 01, 2015 at 07:16:07PM +0100, Javi Merino wrote: On Fri, Apr 24, 2015 at 01:21:56PM +0200, Moritz Muehlenhoff wrote: Package: mercurial Severity: important Tags: security Please see http://chargen.matasano.com/chargen/2015/3/17/this-new-vulnerability-mercurial-command-injection-cve-2014-9462.html Fix: http://selenic.com/hg/rev/e3f30068d2eb I've prepared a fix for this, find the diff attached. Can I upload it to stable-security? Index: debian/changelog === --- debian/changelog(revisión: 11645) +++ debian/changelog(copia de trabajo) @@ -1,3 +1,11 @@ +mercurial (3.1.2-2+deb8u1) stable-security; urgency=high Please use jessie-security instead of stable-security. Ok Otherwise the upload looks good. Once the above is fixed you can go ahead and upload to security-master. Remember to build the package with full upstream sources (dpkg-buildpackage -sa), since this would be the first upload to jessie-security for mercurial. Uploaded with full upstream sources. Also, the vulnerability seems to affect the wheezy version as well, could you please prepare an upload targeting wheezy-security as well? Sure, I'll do that soon. Cheers, Javi signature.asc Description: Digital signature
Bug#784021: pu: sqlite3/3.8.7.1-1+deb8u1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi, There are three security bugs in SQLite3 which needs to be fixed for Jessie. I've already prepared the update and debdiff is attached. Security team is in the Cc in case they also working on it or would like to take over. In short, vulnerabilities are the following. CVE-2015-3414 - uninitialized memory denial of service (remote). CVE-2015-3415 - vdbe.c sqlite3VdbeExec denial of service (remote). CVE-2015-3415 - printf.c sqlite3VXPrintf buffer overflow (remote). Regards, Laszlo/GCS unblock sqlite3/3.8.7.1-1+deb8u1 [1] http://bugs.debian.org/783968 diff -Nru sqlite3-3.8.7.1/debian/changelog sqlite3-3.8.7.1/debian/changelog --- sqlite3-3.8.7.1/debian/changelog 2014-11-06 16:25:11.0 + +++ sqlite3-3.8.7.1/debian/changelog 2015-05-02 08:12:43.0 + @@ -1,3 +1,14 @@ +sqlite3 (3.8.7.1-1+deb8u1) jessie-security; urgency=high + + * Fix CVE-2015-3414 , use of uninitialized memory when parsing collation +sequences. + * Fix CVE-2015-3415 , properly implement comparison operators in +sqlite3VdbeExec() . + * Fix CVE-2015-3416 , properly handle precision and width values during +floating-point conversions in sqlite3VXPrintf() . + + -- Laszlo Boszormenyi (GCS) g...@debian.org Sat, 02 May 2015 07:59:48 + + sqlite3 (3.8.7.1-1) unstable; urgency=medium * New upstream bugfix release. diff -Nru sqlite3-3.8.7.1/debian/patches/40-CVE-2015-3414.patch sqlite3-3.8.7.1/debian/patches/40-CVE-2015-3414.patch --- sqlite3-3.8.7.1/debian/patches/40-CVE-2015-3414.patch 1970-01-01 00:00:00.0 + +++ sqlite3-3.8.7.1/debian/patches/40-CVE-2015-3414.patch 2015-05-02 08:27:20.0 + @@ -0,0 +1,187 @@ +Description: fix a problem causing collation sequence names to be dequoted multiple times under some circumstances + SQLite before 3.8.9 does not properly implement the dequoting of + collation-sequence names, which allows context-dependent attackers to cause a + denial of service (uninitialized memory access and application crash) or + possibly have unspecified other impact via a crafted COLLATE clause, as + demonstrated by COLLATE at the end of a SELECT statement. +Bug-Debian: https://bugs.debian.org/783968 +Author: Dan Kennedy +Origin: upstream, https://www.sqlite.org/src/info/eddc05e7bb31fae74daa86e0504a3478b99fa0f2 +Last-Update: 2015-05-02 + +--- + +--- sqlite3-3.8.7.1.orig/src/expr.c sqlite3-3.8.7.1/src/expr.c +@@ -69,10 +69,11 @@ char sqlite3ExprAffinity(Expr *pExpr){ + Expr *sqlite3ExprAddCollateToken( + Parse *pParse, /* Parsing context */ + Expr *pExpr, /* Add the COLLATE clause to this expression */ +- const Token *pCollName /* Name of collating sequence */ ++ const Token *pCollName, /* Name of collating sequence */ ++ int dequote /* True to dequote pCollName */ + ){ + if( pCollName-n0 ){ +-Expr *pNew = sqlite3ExprAlloc(pParse-db, TK_COLLATE, pCollName, 1); ++Expr *pNew = sqlite3ExprAlloc(pParse-db, TK_COLLATE, pCollName, dequote); + if( pNew ){ + pNew-pLeft = pExpr; + pNew-flags |= EP_Collate|EP_Skip; +@@ -86,7 +87,7 @@ Expr *sqlite3ExprAddCollateString(Parse + assert( zC!=0 ); + s.z = zC; + s.n = sqlite3Strlen30(s.z); +- return sqlite3ExprAddCollateToken(pParse, pExpr, s); ++ return sqlite3ExprAddCollateToken(pParse, pExpr, s, 0); + } + + /* +--- sqlite3-3.8.7.1.orig/src/parse.y sqlite3-3.8.7.1/src/parse.y +@@ -854,7 +854,7 @@ expr(A) ::= VARIABLE(X). { + spanSet(A, X, X); + } + expr(A) ::= expr(E) COLLATE ids(C). { +- A.pExpr = sqlite3ExprAddCollateToken(pParse, E.pExpr, C); ++ A.pExpr = sqlite3ExprAddCollateToken(pParse, E.pExpr, C, 1); + A.zStart = E.zStart; + A.zEnd = C.z[C.n]; + } +@@ -1200,14 +1200,14 @@ uniqueflag(A) ::= .{A = OE_None; + idxlist_opt(A) ::= . {A = 0;} + idxlist_opt(A) ::= LP idxlist(X) RP. {A = X;} + idxlist(A) ::= idxlist(X) COMMA nm(Y) collate(C) sortorder(Z). { +- Expr *p = sqlite3ExprAddCollateToken(pParse, 0, C); ++ Expr *p = sqlite3ExprAddCollateToken(pParse, 0, C, 1); + A = sqlite3ExprListAppend(pParse,X, p); + sqlite3ExprListSetName(pParse,A,Y,1); + sqlite3ExprListCheckLength(pParse, A, index); + if( A ) A-a[A-nExpr-1].sortOrder = (u8)Z; + } + idxlist(A) ::= nm(Y) collate(C) sortorder(Z). { +- Expr *p = sqlite3ExprAddCollateToken(pParse, 0, C); ++ Expr *p = sqlite3ExprAddCollateToken(pParse, 0, C, 1); + A = sqlite3ExprListAppend(pParse,0, p); + sqlite3ExprListSetName(pParse, A, Y, 1); + sqlite3ExprListCheckLength(pParse, A, index); +--- sqlite3-3.8.7.1.orig/src/sqliteInt.h sqlite3-3.8.7.1/src/sqliteInt.h +@@ -3451,7 +3451,7 @@ int sqlite3ReadSchema(Parse *pParse); + CollSeq *sqlite3FindCollSeq(sqlite3*,u8 enc, const char*,int); + CollSeq *sqlite3LocateCollSeq(Parse *pParse, const char*zName); + CollSeq *sqlite3ExprCollSeq(Parse *pParse, Expr *pExpr); +-Expr
Bug#766750: libapache2-mod-apparmor: owned after purge (policy 6.8 + 10.7.3)
Hi, intrigeri wrote (10 Nov 2014 16:57:46 GMT) : Holger Levsen wrote (25 Oct 2014 14:00:22 GMT) : 0m32.3s ERROR: FAIL: Package purging left files on system: /etc/apparmor.d/ owned by: libapache2-mod-apparmor /etc/apparmor.d/disable/ not owned May you please test if the attached patch fixes this bug? Actually this bug has nothing to do with #773870, since libapache2-mod-apparmor doesn't use dh-apparmor. The problem is rather that its postrm doesn't clean up the directories that are manually (as in: without any dh_* helper) created in its postinst. I'm on it. Cheers, -- intrigeri -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#766937: apparmor-profiles: Patch - abstraction profile for desktop themes and images
Hi parspes, ping regarding what follows? intrigeri wrote (30 Oct 2014 09:18:30 GMT) : parspes wrote (30 Oct 2014 00:46:38 GMT) : This access is neccessary for many GUI programs when Gnome is not installed. It would be useful to provide at least one specific example. I agree that it should be added to some other abstractions if needed. The idea occurred to me that the code should have been in the Freedesktop.org abstraction, or perhaps just a generic desktop abstraction. Makes sense. Care to submit a patch upstream about it? Best would be to submit a Launchpad pull request against http://bazaar.launchpad.net/~apparmor-dev/apparmor/master/ but sending a patch (against current Bazaar) to appar...@lists.ubuntu.com would work too. Cheers, -- intrigeri -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784028: tftpy: Please package 0.6.2 of python-tftpy
Source: tftpy Version: 0.6.0-1 Severity: wishlist Dear Maintainer, There is a newer version of tftpy available. I would appreciate if a new version could be uploaded. Many thanks! -- Ruben -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#783982: D-i: preseed from floppy no longer works !
On Sat, May 02, 2015 at 01:09:34AM +0300, Alexey Eromenko wrote: On Fri, May 01, 2015 at 11:28:32PM +0200, Geert Stappers wrote: I think you are looking for providing a preseed file, hence my advice https://www.google.nl/search?q=virtualbox+host+http+server+for+guests You're correct in that I'm looking to provide preseed file. But host-side HTTP server won't work for my needs, unless VirtualBox has it integrated. My technology is aimed at people, who require *zero* configuration, and should work across all hosts. Like click, click, click... In my words: In an attempt to make some technology available your are hidding other technology with old technology like floppies. Basically I need very minimal (and portable) host-side logic (and move as much complexity into the guest as possible). Do an attended install. Verify that reading from floppy is possible. That is important. It proofs that the Virtualbox host provides a floppy disk controller and that the Vbox guest has a kernel kernel for the f.d.c. Also it shows there is /dev/fd0 (IIRC) Well... you'r right ! /dev/fd0 is the problem ! Yes, I ensured, that VM has floppy controller configured, plus floppy.img inserted. Debian 8 (mini-)kernel (inside amd64-DVD) does NOT see /dev/fd0 ! (part of debian-installer); This works just fine with Debian 6 and 7 ! Post-install Debian 8 kernel _does_ see /dev/fd0, can loop-mount and can read files from it. (after installing from Debian 8 amd64-DVD), so no problem here. Okay, do `ls -l /dev/fd0` in the working system and write down the major and minor node numbers. Next is reading the manaul page of mknod(1). Create a fake /dev/fd1, or even a real /dev/fd1 if virtualbox can provide a second floppy drive. Reboot in the vbox guest into Debian Installer. Get to a shell for commandline access. Use your new skills to create /dev/fd0 Then these commands mkdir floppy mount /dev/fd0 floppy And please report back The natural question: Are those kernels different ? Yes. Think several generations technology, example given i386, i486 and i586. All generations can boot with the oldest. Or thihk All those drivers for audio, blue tooth, printers image scanners. Install without those drivers. (I always assumed it is the *same* kernel) :-) It seems the mini-kernel does not provide me with /proc/config.gz, so I have no clue what's included and what's excluded. How can I check ? Debian ships kernel with the config file. Thanks for finding the problem ! I want the name and location of kernel config of d-i.:-) Groeten Geert Stappers -- Leven en laten leven signature.asc Description: Digital signature
Bug#761403: Add patch
Hi, Arto Jantunen wrote (02 May 2015 07:59:08 GMT) : intrigeri intrig...@debian.org writes: 1. Was this tested with pluggable transports, e.g. obfs4proxy? [...] No, it was not tested with pluggable transports. I'll do that and report back. Great :) Do we know if the upstream provided service file supports them as is, without my changes? It used to, last time I worked on the upstream service file, but it has been changed a lot since then, and I still didn't find time to review and test those changes on Debian. 2. The unit file doesn't seem to confine the Tor service with AppArmor when available, [...] I wouldn't know where to start with apparmor, so it would probably be better if this was handled by someone else. Fair enough. That's tracked by #761404 anyway, so it shouldn't be a blocker here. Cheers, -- intrigeri -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#783733: [Pkg-haskell-maintainers] Bug#783733: Bug#783733: pandoc does not find templates/default.html
Hi Antonio, Quoting Antonio Terceiro (2015-05-01 22:58:18) On Thu, Apr 30, 2015 at 11:24:47PM +0200, Jonas Smedegaard wrote: Quoting Helmut Grohne (2015-04-30 21:32:04) On Wed, Apr 29, 2015 at 07:04:02PM +0200, Jonas Smedegaard wrote: Quoting Tobias Hansen (2015-04-29 17:19:37) with Pandoc from unstable, allegro5 (2:5.0.10-3) FTBFS with the following error. It works with the pandoc version in jessie, 1.12.4.2. I can still reproduce something similar in the version currently in unstable (1.13.2.1~dfsg-1), but with the man output, when passing (-s/--standalone). Do you want a separate bug report? Yes, please file as separate bugreport: Symptoms are similar but cause is (possibly related but) not the same, so better to keep separate to avoid confusion. Thanks, - Jonas -- * Jonas Smedegaard - idealist Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private signature.asc Description: signature
Bug#784009: Segmentation fault
Andreas Metzler ametz...@bebt.de writes: Looks like we need a two-step transition: nettle 2.7 - nettle 2.7+versioned_symbols , nettle 2.7+versioned_symbols - nettle 3.1. I'm considering making a nettle-2.7.2 release with version symbols. The version string would simply be derived from the version in the soname, NETTLE_4 and HOGWEED_2. Would that help? Also see http://lists.lysator.liu.se/pipermail/nettle-bugs/2015/003383.html (not sure crossposting between the nettle list and debbugs is a good idea). Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26. Internet email is subject to wholesale government surveillance. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#690677: phplint packaging for Debian
Hi Jari, Your phplint ITP has expired so I took liberty to upgrade package to latest upstream version and introduced some improvements as well, see http://anonscm.debian.org/cgit/collab-maint/phplint.git However I'm not sure if I want to finish the job -- phplint seems too radical and report too many warnings to adopt it for existing project. If you're still interested in phplint or need sponsorship then please let me know. I did not see anything from you for a while -- have you become a DM? I remember you have applied some time ago... Thanks. -- Regards, Dmitry Smirnov. --- Free speech is the bedrock of liberty and a free society. And yes, it includes the right to blaspheme and offend. -- Ayaan Hirsi Ali, 2010 signature.asc Description: This is a digitally signed message part.
Bug#768980: apparmor_parser sometimes crashes with free(): invalid next size (normal): 0x00000000009915a0
Control: retitle -1 apparmor_parser crashes with free(): invalid next size (normal): 0x009915a0 on Linux 2.6.32-5-xen-amd64 Hi team-mates, this only happens with Squeeze's kernel, and AppArmor 2.9 is not intended to be used in such a context (we didn't even try to backport it for Wheezy, so, Squeeze). So I'm not sure what to do with this bug report: * we could try to express a dependency on Linux = 3.2, but: - I've not found how to do that - a suitable linux-image-* package being installed doesn't imply that it's the running kernel, so we would need a postinst check * we could simply close this bug, on the grounds that a Jessie or newer userspace is generally not supported on a 2.6.32 kernel Thoughts, opinions? Cheers, -- intrigeri -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#783692: systemd: systemctl output is unreadable on light background
On Sat, 2 May 2015 02:41:19 +0200 m...@linux.it (Marco d'Itri) wrote: On Apr 29, Juergen Stuber juer...@jstuber.net wrote: I use a light gray background, so green becomes completely unreadable. I checked the attached image and I can read it well on a business matte LCD. Maybe the settings for your screen should be tuned? Are your eyesight and colors perception OK? This is a T420s, and my eyes are as good as can be expected at my age, color vision included (not everybody will be as fortunate). And no, I won't start tuning my screen just to read messages of one misbehaving software. Jürgen -- Jürgen Stuber juer...@jstuber.net http://www.jstuber.net/ 1B78 A579 E159 2A85 67BB 1314 C083 224B 0F9C DA21 pgpUFP_vwnNpR.pgp Description: OpenPGP digital signature
Bug#784016: [debhelper-devel] Bug#784016: debhelper: dh_compress gzips html documents
Control: tags -1 confirmed On 2015-05-02 09:58, Sven Joachim wrote: Package: debhelper Version: 9.20150501 Severity: grave When building ncurses, I saw a lintian error: , | E: ncurses-doc: doc-base-file-references-missing-file ncurses-doc:20 /usr/share/doc/ncurses-doc/html/man/*.html ` Looking into the ncurses-doc deb, all HTML files except index.html under /usr/share/doc/ncurses-doc/html are gzipped. [...] Thanks, I suspect I found the guilty commit - I will just be confirming my suspicion. ~Niels -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784024: reprepro: Possible error in flood description
Package: reprepro Version: 4.16.0-1 Severity: minor Dear Maintainer, while looking for a way to clone a distribution (probably some magic around copysrc, different story), I came across the description of the flood command: | flood distribution [architecture] | For each architecture of distribution or for the one | specified add architecture all packages from another | architectures (but the same component or packagetype) | under the following conditions: | (...) | There are mostly two use cases for this command: If + you added an new distribution and want to copy all | architecture all packages to it. (...) It seems this should be about a new architecture, not about a new distribution. I might be wrong, though. Additionally, shouldn't this be singular architecture in the third line? Christoph -- System Information: Debian Release: 8.0 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.14.39 (SMP w/4 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages reprepro depends on: ii libarchive13 3.1.2-11 ii libbz2-1.0 1.0.6-7+b3 ii libc62.19-18 ii libdb5.3 5.3.28-9 ii libgpg-error01.17-3 ii libgpgme11 1.5.1-6 ii liblzma5 5.1.1alpha+20120614-2+b3 ii pinentry-curses 0.8.3-2 ii zlib1g 1:1.2.8.dfsg-2+b1 Versions of packages reprepro recommends: ii apt 1.0.9.8 Versions of packages reprepro suggests: ii gnupg-agent 2.0.26-6 pn inoticoming none pn lzip none -- no debconf information signature.asc Description: Digital signature
Bug#784018: dh_linktree: introduce unit tests
Source: dh-linktree Version: 0.4 Severity: wishlist Note to self: introduce unit tests for all actions. -- All the best, Dmitry Smirnov. signature.asc Description: This is a digitally signed message part.
Bug#740405: [debhelper-devel] Bug#784016: debhelper: dh_compress gzips html documents
Control: reopen 740405 On 2015-05-02 10:12, Niels Thykier wrote: Control: tags -1 confirmed On 2015-05-02 09:58, Sven Joachim wrote: Package: debhelper Version: 9.20150501 Severity: grave When building ncurses, I saw a lintian error: , | E: ncurses-doc: doc-base-file-references-missing-file ncurses-doc:20 /usr/share/doc/ncurses-doc/html/man/*.html ` Looking into the ncurses-doc deb, all HTML files except index.html under /usr/share/doc/ncurses-doc/html are gzipped. [...] Thanks, I suspect I found the guilty commit - I will just be confirming my suspicion. ~Niels Got it! Reverting d5c08b71d7a59dfa5e082672ae2548eee7503fda[1] fixes the problem. Expect an upload to unstable shortly. Osamu: Lets look into a revised version of your patch for the next release. :) Thanks, ~Niels [1] https://anonscm.debian.org/cgit/debhelper/debhelper.git/commit/?id=d5c08b71d7a59dfa5e082672ae2548eee7503fda -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#783987: ghc: ghci on arm64
I noticed that there were a couple of aarch64-related commits on Apr 20/21: https://git.haskell.org/ghc.git/commit/0bbc2ac6dae9ce2838f23a75a6a989826c06f3f5 https://git.haskell.org/ghc.git/commit/1e8c9b81a819da8eb54405a029fc33a9f5220321 I wondered what would happen if I applied them on top of Debian's 7.8.4-3. I was able to apply the second patch, modifying mk/config.mk.in, with a small offset. I wasn't able to apply the first patch, modifying aclocal.m4, so I thought, sod it, it's just a big set of macros, I'll just copy the aclocal.m4 from the commit into the build tree. So in effect I modified these two files: d9d4bef616d3e7dde976227c80baa9a4 aclocal.m4 9292ce20044d931dc0cb7d3447dc1511 mk/config.mk.in I wasn't really expecting anything good to come out of such a simple-minded change, but in fact the patched 7.8.4-3 successfully built an arm64 deb, which includes a ghci, which appears to work, at least to the extent of evaluating some simple expressions on the command line. (And the unpatched 7.8.4-3 failed for me as it did on the buildd, so it's not just that my environment is different.) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784025: perl-depends: not working on Jessie?
Package: perl-depends Version: 2012.0701+gitb1fd535-1 Severity: normal On Jessie I tried perl-depends with multiple perl files but none of the resulting .tmp files printed any dependencies... Looks like perl-depends is not working... -- Cheers, Dmitry Smirnov GPG key : 4096R/53968D1B signature.asc Description: This is a digitally signed message part.
Bug#779278: thc-ipv6: new upstream version 2.7 available
On 26/02/15 13:52, Noël Köthe wrote: https://www.thc.org/thc-ipv6/ list 2.7 from 2014-12-30 as latest release. Maybe you can update the package. Started packaging it. Cheers, maykel -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784015: undeclared file conflict between libc6-i386 and libc6-mipsn32
Package: libc6-i386,libc6-mipsn32 Version: 2.19-18 User: helm...@debian.org Usertags: rebootstrap | dpkg: error processing archive /tmp/repo/pool/main/g/glibc/libc6-mipsn32_2.19-18_mips.deb (--unpack): | trying to overwrite '/usr/lib32/gconv/ANSI_X3.110.so', which is also in package libc6-i386 2.19-18 I am filing this as a new bug report instead of merging it into #745552, because I believe that this instance is easily fixable. It should be possible to have the multilib packages with matching multilib directories declare conflicts against each other as no M-A:same is involved here. The loader conflict issue shall remain with #745552. Helmut -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#783040: gerbview: unprintable outputs
It looks fine in Application: gerbview Version: (2015-05-01 BZR 5636)-kicad Release build wxWidgets: Version 3.0.2 (debug,wchar_t,compiler with C++ ABI 1002,GCC 4.9.2,wx containers,compatible with 2.8) Platform: Linux 3.19.3-3-ARCH x86_64, 64 bit, Little endian, wxGTK Boost version: 1.58.0 USE_WX_GRAPHICS_CONTEXT=OFF USE_WX_OVERLAY=OFF KICAD_SCRIPTING=ON KICAD_SCRIPTING_MODULES=ON KICAD_SCRIPTING_WXPYTHON=ON USE_FP_LIB_TABLE=HARD_CODED_ON BUILD_GITHUB_PLUGIN=ON I guess this is only to be fixed by upgrading. 2015-05-02 3:18 GMT+02:00 Adam Majer ad...@zombino.com: On Fri, May 01, 2015 at 09:20:40PM +0200, Nick Østergaard wrote: 2015-05-01 20:43 GMT+02:00 Adam Majer ad...@zombino.com: retitle 783040 gerbview: unprintable outputs thanks On Fri, May 01, 2015 at 08:11:38PM +0200, Nick Østergaard wrote: Gerbv is _not_ part of KiCad. Gerbview is part of KiCad. In any case you should be more explicit about what the error of the output is, and give a test case to help the developers and packagers. gerbv produces buggy and unprintable PDF and PS and SVG files. gerbview has correct output and prints correctly. Sorry, I got this completely backwards. gerbv works. Gerbview print does not work. I've attached simple kicad project along with PDF and PS output from gerbview - those even crash evince and produce no output. The correct output from gerbv is also in the tarball, for comparison. Sorry about the confusion. Right package, wrong name! I don't see anything attached. But in the case of KiCad, around bzr rev 4022, which this is reported against is very old. It is probably not worth investing time to debug this, you should try the latest from the product branch. attached now. -- Adam Majer ad...@zombino.com -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#768433: apparmor: Vcs: headers refer to experimental branch
Control: tag -1 + pending Holger Levsen wrote (07 Nov 2014 11:29:51 GMT) : the Vcs: headers refer to the experimental branch, which aint appropriate anymore now that 2.9.0 has been released. Good catch! Fixed in r1521 on the collab-maint/apparmor branch. Hopefully I won't mess it up again next time I merge the experimental branch in there.. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784021: pu: sqlite3/3.8.7.1-1+deb8u1
user release.debian@packages.debian.org usertags 784021 = pu tags 784021 + moreinfo jessie thanks On 2015-05-02 10:42, László Böszörményi wrote: Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock No. Testing isn't frozen and this is a request for an update to stable; fixed. (Oddly you got the tag in the subject (mostly) correct.) There are three security bugs in SQLite3 which needs to be fixed for Jessie. I've already prepared the update and debdiff is attached. Security team is in the Cc in case they also working on it or would like to take over. In short, vulnerabilities are the following. CVE-2015-3414 - uninitialized memory denial of service (remote). CVE-2015-3415 - vdbe.c sqlite3VdbeExec denial of service (remote). CVE-2015-3415 - printf.c sqlite3VXPrintf buffer overflow (remote). As none of those are currently tagged no-dsa in the security tracker, I'd prefer to wait for confirmation on that. I'd have thought it made more sense to talk to them first tbh but never mind. :) Regards, Adam -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#773768: jenkins reproduces this issue
Helmut Grohne, le Fri 01 May 2015 10:57:34 +0200, a écrit : Then I compared strace of /usr/lib/ghc/bin/ghc in both my pbuilder --login and a fresh sid debootstrap and it occurred to me: You must mount /proc. And indeed after mounting /proc, ghc just works. What do we do with this knowledge? Is it a bug? Is it a bad error message from the linker? The linker needs /proc/self/exe in order to compute $ORIGIN, used by ghc in rpath to find the libraries. Samuel -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#783904: dh-linktree: fails on invalid actions
On Fri, 01 May 2015, Dmitry Smirnov wrote: Actually it makes sense but then I'd prefer to have an equivalent of dh_install's --fail-missing (or the opposite) to have more flexibility in controlling this behaviour. Then it should be something like --ignore-unknown-actions and still fail by default. I'm not sure it really brings anything until you have a concrete use case of a possible usage extension of the .linktree file... Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#783906: dh-linktree: action replace may be insufficient
On Fri, 01 May 2015, Dmitry Smirnov wrote: Yes, positive. dh_linktree adds files to destination and this is very useful behaviour that I rely upon. [...] If embed doesn't do what you want, we might consider a new action but I'm not convinced yet that it's needed. Possibly an embed-weakdep that behaves like embed but generates a weak dependency ? Yes, that new action would be useful. Thanks. [...] “The deduplicate action will not create new files” [...] “The replace action is like deduplicate except that it does replace existing files even if their content is different from the content of the source files.” So if you what you say is true, it's actually a bug since it doesn't behave like the documentation says it should. May be but then it would be a documentation bug... I think it would not be a win if you change replace action to avoid adding new content... Given your answer about embed-weakdep, I think that it would make sense to fix replace to behave like the documentation says and to introduce the other variant of embed. Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#783952: libconfig-model-openssh-perl: autopkgtest regression: ssh_config.t failure
Le vendredi 1 mai 2015, 17:35:36 Niko Tyni a écrit : This package recently started failing its autopkgtest checks on ci.debian.net: Ack. I've fixed an issue with Config::Model::Xorg (which is barely used) and end up breaking libconfig-model-openssh-perl :-( I'll fix this soon. All the best -- https://github.com/dod38fr/config-model/ -o- http://search.cpan.org/~ddumont/ http://ddumont.wordpress.com/-o- irc: dod at irc.debian.org -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784019: freeciv: removal of bz2 support = inability to load old savegames?
On 2 May 2015 at 11:52, Jacob Nevins jacobn+deb...@chiark.greenend.org.uk wrote: Package: freeciv-server Version: 2.5.0-1 I haven't tested this at all, I'm afraid, but noticed this in the changelog of the new Freeciv packages in experimental: | - Remove libbz2-dev from Build-Depends. | We already support xz compression which is a superior compression format. I think this means that the new server won't be able to load .sav.bz2 savegames? That would be unfortunate, since the stable package generates them (and Freeciv is generally able to load savegames from older versions). Once you've released a package with support for a compression format, I think you can practically never remove it, even if you add a newer format. They can be deprecated and then obsoleted over long time in upstream - or by similar sources patching in downstream (I think we should start that process in upstream for bz2). Anyway, dropping the support for compression format that has been the default (assuming Debian uses upstream default) to create savegames in previous version is certainly no way to go. Sorry if I've misconstrued the situation. - ML -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784026: ITP: python-spur -- Run commands and manipulate files locally or over SSH using the same interface
Package: wnpp Severity: wishlist Owner: Ruben Undheim ruben.undh...@gmail.com * Package name: python-spur Version : 0.3.13 Upstream Author : Michael Williamson * URL : https://github.com/mwilliamson/spur.py * License : BSD 2-clause Programming Lang: Python Description : Run commands and manipulate files locally or over SSH using the same interface This Python module makes it simple to remotely run commands over an SSH connection. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#782365: Crashes on clean Jessie install
On Fri, May 1, 2015 at 12:37 PM, coekbe coe...@gmail.com wrote: Hi If I comment out the X_INIT_THREADS macro in main.c (see the attached patch) the startup works. Apparently XInitThreads used to not be called, but it was introduced here (HAVE_XCB is defined in Jessie): http://anonscm.debian.org/hg/xine-lib/gxine/rev/e05f58d2b749 However, at least when watching DVB tv, changing channels don't work and gxine eventually crashes another way: This may be a xine-lib (1.2.6-1+b2) bug in Jessie. I unpacked Wheezy's libxine2 (1.2.2-5) binary packages (+ some other libs it depends on) to a directory and set LD_LIBRARY_PATH accordingly. Now changing channels works again like it did on Wheezy. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#698995: comix: please add unar support
tag 698995 +patch thanks Hi, Attached is a patch that adds support to open cbr archives with unar. I simply replaced the unrar support with unar, as this gets rid of an unfree suggests. It would probably be better to rewrite comix to use libarchive, but that's quite a bit more work. -- Cheers, Sven Arvidsson http://www.whiz.se PGP Key ID 6FAB5CD5 diff -urp comix-4.0.4/debian/changelog comix-4.0.4-patch/debian/changelog --- comix-4.0.4/debian/changelog 2015-04-04 20:56:16.0 +0200 +++ comix-4.0.4-patch/debian/changelog 2015-04-04 20:59:13.068719082 +0200 @@ -1,3 +1,12 @@ +comix (4.0.4-2) UNRELEASED; urgency=medium + + [ Sven Arvidsson ] + * Apply patch to use unar in place of unrar (Closes: #698995). + * Recommends unar in place of suggesting non-free unrar (Closes: #415915). + * Update description to mention unar. + + -- Sven Arvidsson s...@whiz.se Sat, 04 Apr 2015 20:41:36 +0200 + comix (4.0.4-1) unstable; urgency=low * New upstream release diff -urp comix-4.0.4/debian/control comix-4.0.4-patch/debian/control --- comix-4.0.4/debian/control 2015-04-04 20:56:16.0 +0200 +++ comix-4.0.4-patch/debian/control 2015-04-04 20:59:23.532917509 +0200 @@ -9,7 +9,8 @@ Standards-Version: 3.7.2 Package: comix Architecture: all Depends: ${misc:Depends}, python (= 2.4), python-gtk2 (= 2.12), python-imaging (= 1.1.5) -Suggests: unrar, python (=2.5)|python-sqllite2 +Recommends: unar +Suggests: python (=2.5)|python-sqllite2 Description: GTK Comic Book Viewer Comix is a comic book viewer. It reads zip, rar, tar, tar.gz and tar.bz2 archives (often called .cbz, .cbr and .cbt) as well as @@ -37,7 +38,7 @@ Description: GTK Comic Book Viewer * Translated to English, Swedish, Simplified Chinese, Spanish, Brazilian Portuguese and German. * Reads the JPEG, PNG, TIFF, GIF, BMP, ICO, XPM and XBM image formats. - * Reads ZIP and tar archives natively, and RAR archives through the unrar + * Reads ZIP and tar archives natively, and RAR archives through the unar program. * Runs on Linux, FreeBSD, NetBSD and virtually any other UNIX-like OS. * More! Only in comix-4.0.4-patch/debian: .pc diff -urp comix-4.0.4/src/archive.py comix-4.0.4-patch/src/archive.py --- comix-4.0.4/src/archive.py 2009-04-03 19:11:43.0 +0200 +++ comix-4.0.4-patch/src/archive.py 2015-04-04 20:55:21.628330407 +0200 @@ -14,6 +14,7 @@ import process ZIP, RAR, TAR, GZIP, BZIP2 = range(5) _rar_exec = None +_rar_list = None class Extractor: @@ -57,19 +58,20 @@ class Extractor: self._files = self._tfile.getnames() elif self._type == RAR: global _rar_exec +global _rar_list if _rar_exec is None: -_rar_exec = _get_rar_exec() +_rar_exec, _rar_list = _get_rar_exec() if _rar_exec is None: print '! Could not find RAR file extractor.' dialog = gtk.MessageDialog(None, 0, gtk.MESSAGE_WARNING, gtk.BUTTONS_CLOSE, _(Could not find RAR file extractor!)) dialog.format_secondary_markup( -_(You need either the irar/i or the iunrar/i program installed in order to read RAR (.cbr) files.)) +_(You need the iunar/i program installed in order to read RAR (.cbr) files.)) dialog.run() dialog.destroy() return None -proc = process.Process([_rar_exec, 'vb', '--', src]) +proc = process.Process([_rar_list, '--', src]) fd = proc.spawn() self._files = [name.rstrip(os.linesep) for name in fd.readlines()] fd.close() @@ -173,8 +175,7 @@ class Extractor: print '! Non-local tar member:', name, '\n' elif self._type == RAR: if _rar_exec is not None: -proc = process.Process([_rar_exec, 'x', '-kb', '-p-', -'-o-', '-inul', '--', self._src, name, self._dst]) +proc = process.Process([_rar_exec, '-q', '-f', '-o', self._dst, '--', self._src, name]) proc.spawn() proc.wait() else: @@ -331,7 +332,8 @@ def _get_rar_exec(): Return the name of the RAR file extractor executable, or None if no such executable is found. -for command in ('unrar', 'rar'): -if process.Process([command]).spawn() is not None: -return command -return None +commands = ('unar', 'lsar') +if process.Process(commands[1]).spawn() is not None: +return commands +else: +return (None, None) signature.asc Description: This is a digitally signed message part
Bug#784034: RFA: ocamlmod -- generate OCaml modules from source files
Package: wnpp Severity: normal Hello, Currently, ocamlmod has no human maintainers. It is maintained by the Debian OCaml team because of the need of transition coordination, but needs more love and a dedicated maintainer. A potential maintainer should get familiar with [1], and in particular with our policy and practices, and get subscribed to our mailing-list. [1] http://wiki.debian.org/Teams/OCamlTaskForce Cheers, -- Sylvain Le Gall -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784033: RFA: gmetadom -- GDome2 DOM implementation
Package: wnpp Severity: normal Hello, Currently, gmetadom has no human maintainers. It is maintained by the Debian OCaml team because of the need of transition coordination, but needs more love and a dedicated maintainer. A potential maintainer should get familiar with [1], and in particular with our policy and practices, and get subscribed to our mailing-list. [1] http://wiki.debian.org/Teams/OCamlTaskForce Cheers, -- Sylvain Le Gall -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#783685: valgrind: False positive with openmp: ??? (in /usr/lib/x86_64-linux-gnu/libgomp.so.1.0.0)
Control: tags -1 pending On mer, apr 29, 2015 at 09:56:51 +0200, Mathieu Malaterre wrote: Package: valgrind Version: 1:3.10.0-4 Severity: normal Dear Maintainer, It feels like there is a missing suppression for openmp on valgring+openmp (jessie amd64). Steps: $ cat t.c int main() { } $ gcc -o t t.c -fopenmp $ valgrind --leak-check=full --show-leak-kinds=all ./t ==4125== Memcheck, a memory error detector ==4125== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al. ==4125== Using Valgrind-3.10.0 and LibVEX; rerun with -h for copyright info ==4125== Command: ./t ==4125== ==4125== ==4125== HEAP SUMMARY: ==4125== in use at exit: 8 bytes in 1 blocks ==4125== total heap usage: 2 allocs, 1 frees, 32,824 bytes allocated ==4125== ==4125== 8 bytes in 1 blocks are still reachable in loss record 1 of 1 ==4125==at 0x4C28C20: malloc (vg_replace_malloc.c:296) ==4125==by 0x4E3B628: ??? (in /usr/lib/x86_64-linux-gnu/libgomp.so.1.0.0) ==4125==by 0x4E447C7: ??? (in /usr/lib/x86_64-linux-gnu/libgomp.so.1.0.0) ==4125==by 0x4E39D2C: ??? (in /usr/lib/x86_64-linux-gnu/libgomp.so.1.0.0) ==4125==by 0x400E9F9: call_init.part.0 (dl-init.c:78) ==4125==by 0x400EAE2: call_init (dl-init.c:36) ==4125==by 0x400EAE2: _dl_init (dl-init.c:126) ==4125==by 0x40011C9: ??? (in /lib/x86_64-linux-gnu/ld-2.19.so) ==4125== ==4125== LEAK SUMMARY: ==4125==definitely lost: 0 bytes in 0 blocks ==4125==indirectly lost: 0 bytes in 0 blocks ==4125== possibly lost: 0 bytes in 0 blocks ==4125==still reachable: 8 bytes in 1 blocks ==4125== suppressed: 0 bytes in 0 blocks ==4125== ==4125== For counts of detected and suppressed errors, rerun with: -v ==4125== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) I just added the following suppression to the debian.supp file: { openmp with libgomp bug#783685 Memcheck:Leak fun:malloc fun:gomp_malloc fun:gomp_init_num_threads fun:initialize_env fun:call_init.part.0 fun:call_init } Thanks for reporting. Cheers signature.asc Description: Digital signature
Bug#784019: freeciv: removal of bz2 support = inability to load old savegames?
indeed I deliberately dropped support for bz2 compression because I think it is an outdated and deprecated format. [...] Debian's Freeciv package in stable is not affected and those who have old savegames are able to convert them to gz or xz simply by recompressing. I don't see a reason to force people to do so. The location of savegames and compression format is essentially invisible to many users. I can mention that in README.Debian but I really don't see the need for supporting three different compression formats. Is there a significant cost to doing so? Performance and technical arguments about the compression format are germane to the creation of new files, but I don't think they trump convenience and backward compatibility. I'd have thought that libbz2 is likely to be installed on Debian systems regardless of Freeciv's choice for some time to come. I think the user experience will be poor; Freeciv doesn't handle unsupported compression formats very well. From a quick hacked test, the user will see the savegames listed in the client UI (without the .bz2 suffix) but it will fail to load without a good explanation. Clearly this could be improved upstream, but I don't see any reason to force players to jump through this hoop. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784051: RM: python-kmip -- ROM; duplicate package
Package: ftp.debian.org Severity: normal Dear FTP masters, I did the mistake to upload kmip twice, once as python-kmip and once as python-pykmip. Since everyone will use pykmip as Python requirements, please remove python-kmip from the Debian archive. Sorry for this mistake, Cheers, Thomas Goirand (zigo) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#783718: linux-image-3.16.0-4-kirkwood: Regression: mv_cesa crypto driver fails a self-test
Control: forwarded -1 https://mail.gna.org/public/cryptodev-linux-devel/2015-04/msg00011.html On Wed, 2015-04-29 at 15:06 +0200, JM wrote: Following the update from Wheezy to Jessie, mv_cesa crypto module fails two kernel self-checks: Hi JM, Looks like you've already took this to upstream, which is what I was about to ask you to do anyway. Please keep us informed of any progress by writing to 783...@bugs.debian.org. It might also be worth trying the 4.0 kernel from experimental to see if this has already been fixed upstream (I looked at the git log and nothing obvious jumped out, but it is worth checking). Ian. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#706897: Bug is reproducible again
Bug is present in 14.05-07:i386. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784019: freeciv: removal of bz2 support = inability to load old savegames?
On 02.05.2015 16:05, Jacob Nevins wrote: indeed I deliberately dropped support for bz2 compression because I think it is an outdated and deprecated format. [...] Debian's Freeciv package in stable is not affected and those who have old savegames are able to convert them to gz or xz simply by recompressing. I don't see a reason to force people to do so. The location of savegames and compression format is essentially invisible to many users. Personally I don't perceive this as forced or an issue at all. Disk space is cheap nowadays and xz has been around for a long time now. But bz2 is history and obsolete and I prefer to build-depend only on really required libraries. Debian already provides a lot of options other distributions already don't care about. From my point of view the documentation should be improved and it should be explained how the compression format can be changed. This is mainly an upstream issue. I can mention that in README.Debian but I really don't see the need for supporting three different compression formats. Is there a significant cost to doing so? Performance and technical arguments about the compression format are germane to the creation of new files, but I don't think they trump convenience and backward compatibility. I don't think it is fair to blame downstream or the users for choosing another compression format if it is provided so readily. If bz2 compression is mandatory, the build should fail without libz2-dev, otherwise I assume this compression format is optional. At some point in the future libraries become obsolete, that's the way of life. In this case we are not talking about some obscure binary format but simply about changing the compression from bz2 to gz or xz. Such a change is not intrusive and only old savegames are affected. I'd have thought that libbz2 is likely to be installed on Debian systems regardless of Freeciv's choice for some time to come. I think the user experience will be poor; Freeciv doesn't handle unsupported compression formats very well. From a quick hacked test, the user will see the savegames listed in the client UI (without the .bz2 suffix) but it will fail to load without a good explanation. Clearly this could be improved upstream, but I don't see any reason to force players to jump through this hoop. libbz2 is an important library but not essential thus every package has to explicitly depend on it. Freeciv should report an error message to users explaining that they have to manually change the compression format to the desired format, if the engine is unable to handle it. Freeciv should detect whether a compression is supported or not and show an error message. Obviously this is a general problem because there might be other distributions which have chosen different defaults than Debian a long time ago. signature.asc Description: OpenPGP digital signature
Bug#765967: [mesa-vdpau-drivers]
Package: mesa-vdpau-drivers Version: 10.4.2-2 today I have upgraded my Debian installation from the testing branch and I continue to experience the same problem I report here a (maybe useful) output of the command $ VLC_VERBOSE=1 vlc VLC media player 2.2.1 Terry Pratchett (Weatherwax) (revision 2.2.1-0-ga425c42) [0804c8f8] core libvlc warning: This doesn't look like a valid plugins cache [0804c8f8] core libvlc: Esecuzione di vlc con l'interfaccia predefinita. Usa 'cvlc' per utilizzare vlc senza interfaccia. [aaa02ac0] avcodec decoder: Using G3DVL VDPAU Driver Shared Library version 1.0 for hardware decoding. [ab600c40] core vout display warning: VoutDisplayEvent 'pictures invalid' [ab600c40] core vout display warning: VoutDisplayEvent 'pictures invalid' [aad04130] core video output warning: picture is too late to be displayed (missing 86 ms) VLC notify me a warning that not happens for other type of contents core video output warning: picture is too late to be displayed this can have some correlation with the problem described above? --- System information. --- Architecture: i386 Kernel: Linux 3.16.7 Debian Release: 8.0 500 testing http.debian.net --- Package information. --- Depends (Version) | Installed ==-+-== libvdpau1 | 0.8-3 libc6 (= 2.17) | 2.19-18 libdrm-nouveau2 (= 2.4.38) | 2.4.60-3 libdrm-radeon1 (= 2.4.31) | 2.4.60-3 libdrm2 (= 2.4.38) | 2.4.60-3 libelf1 (= 0.142) | 0.159-4.2 libffi6 (= 3.0.4) | 3.1-2+b2 libgcc1 (= 1:4.7) | 1:4.9.2-10 libllvm3.4 | 1:3.4.2-13 libstdc++6 (= 4.9) | 4.9.2-10 libtinfo5 | 5.9+20140913-1+b1 libx11-6 | 2:1.6.2-3 libx11-xcb1 | 2:1.6.2-3 libxcb-dri2-0 (= 1.8) | 1.10-3+b1 libxcb1 | 1.10-3+b1 xserver-xorg-core (= 2:1.15.0.901) | 2:1.16.4-1 xserver-xorg-video-all | 1:7.7+7 OR xorg-driver-video | xserver-xorg-input-all | 1:7.7+7 OR xorg-driver-input | xserver-xorg-input-evdev | 1:2.9.0-2 libc6 (= 2.7) | 2.19-18 xkb-data (= 1.4) | 2.14-1 x11-xkb-utils | 7.7+1 xserver-common (= 2:1.16.0-1) | 2:1.16.4-1 keyboard-configuration | 1.123 udev (= 149) | 215-17 libegl1-mesa | 10.4.2-2 OR libegl1 | libaudit1 (= 1:2.2.1) | 1:2.4-1+b1 libc6 (= 2.17) | 2.19-18 libdrm2 (= 2.3.1) | 2.4.60-3 libepoxy0 (= 1.0) | 1.2-1 libgbm1 (= 8.1~0) | 10.4.2-2 libgcrypt11 (= 1.5.1) | 1.5.4-3 libgl1-mesa-glx | 10.4.2-2 OR libgl1 | libpciaccess0 (= 0.12.902) | 0.13.3-1 libpixman-1-0 (= 0.30.0) | 0.32.6-3 libselinux1 (= 2.0.82) | 2.3-2 libudev1 (= 183) | 215-17 libxau6 | 1:1.0.8-1 libxdmcp6 | 1:1.1.2-1 libxfont1 (= 1:1.4.2) | 1:1.5.1-1 libxshmfence1 | 1.2-1 Recommends (Version) | Installed =-+-== libgl1-mesa-dri | 10.4.2-2 libgl1-mesa-dri (= 7.10.2-4) | 10.4.2-2 Suggests (Version) | Installed ==-+-=== xfonts-100dpi | 1:1.0.4 OR xfonts-75dpi | 1:1.0.4 xfonts-scalable | 1:1.0.3-1 -8---8---8---8---8---8---8---8---8-- Please attach the file: /tmp/reportbug-ng-mesa-vdpau-drivers-z67bPW.txt to the mail. I'd do it myself if the output wasn't too long to handle. Thank you! -8---8---8---8---8---8---8---8---8-- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#782364: linux-image-3.16.0-4-armmp: please configure drivers for both Cubox i4pro real time clocks
On Wed, 2015-04-29 at 09:57 +0100, Russell King - ARM Linux wrote: On Sat, Apr 11, 2015 at 01:08:50AM +0100, Ben Hutchings wrote: If this RTC is not battery backed, it seems like it ought to be disabled in this board's device tree. It's not that simple. On the lower-end models, the on-SoC RTC is the only RTC there is. If it were disabled, there would be no RTC available at all, so there would be no preservation of time-of-day across reboots. On the Pro models, the battery backed RTC is fitted. However, the battery backed RTC has no wakeup facility. Only the on-SoC RTC has that ability, so in order to perform time-based wakeup, the on-SoC RTC needs to be synchronised with the current ToD and its alarm set. Not having the on-SoC RTC enabled means that there is no ToD based wakeup possible. So is your advice for a multi platform kernel supporting all Cubox devices to just enable both and to sort out any syncing/naming etc in userspace? Thanks, Ian. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#740841: Move to udisks2, udisks 1 is deprecated
Dear Michael, I began working on this issue some months ago. There is still some work to do, however I think that I will be able to upload a valid revision soon. Best regards, Georges. Michael Biebl a écrit : Control: severity -1 serious This bug has been open for about a year. I plan to ask for the removal of udisks1 in about 2 weeks. Therefor bumping the severity to serious. Please get your package ready by that time. -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? -- Georges KHAZNADAR et Jocelyne FOURNIER 22 rue des mouettes, 59240 Dunkerque France. Téléphone +33 (0)3 28 29 17 70 signature.asc Description: Digital signature
Bug#784031: RFA: camltemplate -- library for generating text from templates
Package: wnpp Severity: normal Hello, Currently, camltemplate has no human maintainers. It is maintained by the Debian OCaml team because of the need of transition coordination, but needs more love and a dedicated maintainer. A potential maintainer should get familiar with [1], and in particular with our policy and practices, and get subscribed to our mailing-list. [1] http://wiki.debian.org/Teams/OCamlTaskForce Cheers, -- Sylvain Le Gall -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784046: pandoc: can't produce manpages with the --standalone option
Package: pandoc Version: 1.13.2.1~dfsg-1 Severity: normal This makes at least one package of mine to FTBFS. $ dpkg-query --show pandoc pandoc 1.13.2.1~dfsg-1 $ cat foo.md # test this is a test $ pandoc -f markdown -t man foo.md .SH test .PP this is a test $ pandoc -s -f markdown -t man foo.md pandoc: Could not find data file templates/default.man [97]$ dpkg -L pandoc-data | grep default.man /usr/share/data/templates/default.man -- System Information: Debian Release: 8.0 APT prefers buildd-unstable APT policy: (500, 'buildd-unstable'), (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages pandoc depends on: ii libc62.19-18 ii libffi6 3.1-2+b2 ii libgmp10 2:6.0.0+dfsg-6 ii libicu52 52.1-8 ii liblua5.1-0 5.1.5-7.1 ii libpcre3 2:8.35-3.3 ii libyaml-0-2 0.1.6-3 ii pandoc-data 1.13.2~dfsg-4 ii zlib1g 1:1.2.8.dfsg-2+b1 pandoc recommends no packages. Versions of packages pandoc suggests: pn etoolbox none pn pandoc-citeprocnone ii texlive-latex-recommended 2014.20141024-2 ii texlive-luatex 2014.20141024-2 pn texlive-xetex none -- no debconf information -- Antonio Terceiro terce...@debian.org signature.asc Description: Digital signature
Bug#784058: ITP: lua-dkjson -- JSON module written in Lua
Package: wnpp Severity: wishlist Owner: Jason Pleau ja...@jpleau.ca * Package name: lua-dkjson Version : 2.5 Upstream Author : David Heiko Kolf da...@dkolf.de * URL : http://dkolf.de/src/dkjson-lua.fsl/home * License : MIT Programming Lang: Lua Description : JSON module written in Lua dkjson is a JSON (JavaScript Object Notation) encoder / decoder. It supports UTF-8. . It is written in Lua without any dependencies, but when LPeg (provided in Debian by lua-lpeg) is installed dkjson uses it to speed up decoding. This package is a dependency of busted (#783044), which in turn is a dependency to run tests for neovim (#752264). I plan to maintain it in pkg-lua. Additionnal note: This Lua library is currently shipped / embedded with 3 other packages: vlc, ntopng and sysdig [1]. Once this package is included in this archive I plan to contact the maintainers of this package to see what could be done to depend on lua-dkjson, instead of shipping it directly with their packages. [1]: http://codesearch.debian.net/perpackage-results/dkjson/2/page_0 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#783073: bootscripts: Support using fdtfile variable passed from u-boot
On Tue, 2015-04-21 at 08:54 -0700, Vagrant Cascadian wrote: Package: flash-kernel Version: 3.35 Severity: wishlist Tags: patch Hi Vagrant, The following patch prefers the use of the dtb file identified by the u-boot variable ${fdtfile}, which makes it easier to support installs where a single u-boot image can support multiple boards, but need to load different fdt files at boot. It essentially makes a second copy of the .dtb file in /boot/dtbs-${kver}/${fdtfile}. Ideally, it would copy all of the .dtb files (to support the widest number of boards), but that should be made conditional for resource-constrained systems, so I started off with simply making a second copy. There were moves at one point to consolidate/standardise this across distros: https://lists.linaro.org/pipermail/cross-distro/2014-May/000676.html From https://lists.linaro.org/pipermail/cross-distro/2014-June/000727.html it seems that the preferred path was /boot/dtbs/$(uname -r) so I suppose we ought to follow that here. I don't expect to see this in jessie, but hopefully something like this could be considered for jessie+1. Absolutely. diff --git a/functions b/functions index a7ff6de..fc2c21b 100644 --- a/functions +++ b/functions @@ -420,13 +420,18 @@ handle_dtb() { local dtb=/usr/lib/linux-image-$kvers/$dtb_id if [ x$FK_KERNEL_HOOK_SCRIPT = xpostrm.d ] ; then - rm -f /boot/dtb-$kvers + rm -f /boot/dtb-$kvers /boot/dtbs-$kvers The second one is a directory, so I think this won't work. I think best is to rm the expected file and then rmdir --ignore-fail-on-non-empty the dir. else if [ -e $dtb ]; then echo Installing $dtb_id into /boot/dtb-$kvers 2 cp $dtb /boot/dtb-$kvers.new backup_and_install /boot/dtb-$kvers.new /boot/dtb-$kvers ln -nfs dtb-$kvers /boot/dtb + echo Installing $dtb_id into /boot/dtbs-$kvers/$dtb_id 2 + mkdir -p /boot/dtbs-$kvers/ + cp $dtb /boot/dtbs-$kvers/$dtb_id.new + backup_and_install /boot/dtbs-$kvers/$dtb_id.new /boot/dtbs-$kvers/ + ln -nfs dtbs-$kvers /boot/dtbs Do we really need the symlink too? else echo $dtb not found 2 fi live well, vagrant -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#617874: Please package new upstream release of Jansi 1.5
Package: libjansi-java Version: 1.4-3 Followup-For: Bug #617874 Hi Miguel, This update is also required to update jline2 to 2.12.1. Cheers, tony -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#783974: pulseaudio: No sound on boot till pulseaudio is killed and restarted
On 2 May 2015 at 02:25, L. Guruprasad lgp171...@gmail.com wrote: On Saturday 02 May 2015 12:53 AM, Felipe Sateler wrote: On 1 May 2015 at 16:06, L. Guruprasad lgp171...@gmail.com wrote: Please do the following: Modify /etc/pulse/daemon.conf to set: log-level = debug log-time = true log-target = file:/tmp/pulselog Then restart the machine. After login, please attach the generated log (/tmp/pulselog). There is no such file /tmp/pulselog generated after restart. OK, then set log-target = journal. I see you are using systemd as init, so you can do the following: journalctl -b /usr/bin/pulseaudio To get the log. Also, I have assumed you do not have a local configuration. What are the contents of ~/.config/pulse ? -- Saludos, Felipe Sateler -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#783974: pulseaudio: No sound on boot till pulseaudio is killed and restarted
On 2 May 2015 at 12:27, L. Guruprasad lgp171...@gmail.com wrote: On Saturday 02 May 2015 08:44 PM, Felipe Sateler wrote: OK, then set log-target = journal. I see you are using systemd as init, so you can do the following: journalctl -b /usr/bin/pulseaudio To get the log. guruprasad@kal-el:~$ journalctl -b /usr/bin/pulseaudio No journal files were found. Also, I have assumed you do not have a local configuration. What are the contents of ~/.config/pulse ? guruprasad@kal-el:~$ ls ~/.config/pulse/ 21544ca2d6123577f1d4e77452766946-card-database.tdb 21544ca2d6123577f1d4e77452766946-default-sink 21544ca2d6123577f1d4e77452766946-default-source 21544ca2d6123577f1d4e77452766946-device-volumes.tdb 21544ca2d6123577f1d4e77452766946-stream-volumes.tdb client.conf cookie guruprasad@kal-el:~$ cat ~/.config/pulse/client.conf autospawn = no This is the problem. Why do you have disabled autospawn? So, a bit of background: In pulseaudio up to version 5, the script start-pulseaudio-x11 started pulseaudio and loaded some modules. But in version 6, systemd support was added so that you could start pa as a user service. This meant that starting pulseaudio from outside systemd could interfere with starting it with inside, so start-pulseaudio-x11 was changed to no longer start pa, instead relying on either systemd support or autospawn to start the server. In debian we have not enabled systemd by default because of problems with dbus, so we rely on autospawn. All this is a fairly long way of saying that you have disabled pulseaudio by disabling autospawn. So please remove that client.conf file and see if it works (and undo the changes to /etc/pulse/*). -- Saludos, Felipe Sateler -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#782364: linux-image-3.16.0-4-armmp: please configure drivers for both Cubox i4pro real time clocks
On Sat, May 02, 2015 at 05:01:04PM +0100, Ian Campbell wrote: On Wed, 2015-04-29 at 09:57 +0100, Russell King - ARM Linux wrote: On Sat, Apr 11, 2015 at 01:08:50AM +0100, Ben Hutchings wrote: If this RTC is not battery backed, it seems like it ought to be disabled in this board's device tree. It's not that simple. On the lower-end models, the on-SoC RTC is the only RTC there is. If it were disabled, there would be no RTC available at all, so there would be no preservation of time-of-day across reboots. On the Pro models, the battery backed RTC is fitted. However, the battery backed RTC has no wakeup facility. Only the on-SoC RTC has that ability, so in order to perform time-based wakeup, the on-SoC RTC needs to be synchronised with the current ToD and its alarm set. Not having the on-SoC RTC enabled means that there is no ToD based wakeup possible. So is your advice for a multi platform kernel supporting all Cubox devices to just enable both and to sort out any syncing/naming etc in userspace? I don't see a problem locally, because I have both built in to my kernel: hub 2-0:1.0: USB hub found hub 2-0:1.0: 1 port detected mousedev: PS/2 mouse device common for all mice rtc-pcf8523 0-0068: rtc core: registered rtc-pcf8523 as rtc0 snvs_rtc 20cc034.snvs-rtc-lp: rtc core: registered 20cc034.snvs-rtc-lp as rtc1 i2c /dev entries driver and so the battery-backed one gets the primary RTC device. I guess the problem comes when you have them as modules, and then systemd or udev, or whatever init daemon flavour you're using can load the modules in a random order (or even in parallel) so you've no idea which RTC is which. Yes, I believe this is a userspace problem, because: 1. You need the snvs_rtc if you wish to do wakeup-by-RTC time. 2. You need pcf8523 if you want time to be preserved across power cycles. One use case is I want time preserved across power cycles which means you want the pcf8523. Another use case is I want to do time of day based wakeup in which case you need snvs_rtc. Disabling one RTC or the other just because someone doesn't like it really isn't a valid argument - what you're effectively saying is that your use-case is somehow more important than other use cases, which is grossly unfair. Ideally, you always want the PCF8523 to be the primary or default RTC if it is present (the one which will be used for hctosys/systohc stuff) and fallback to snvs_rtc if it's not present. But you also must have snvs_rtc if we are to offer wakeup by ToD. I'm not sure that we have any good way to expose whether a RTC is properly wakeup-capable to userspace (in that it's an I2C RTC and we correctly set device_can_wakeup() according to the entire system capabilities.) That would be a bug since in this case, it's something that userspace needs to know so that it can program the appropriate RTC. -- FTTC broadband for 0.8mile line: currently at 10.5Mbps down 400kbps up according to speedtest.net. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784029: RFH: libcdio-paranoia
Package: wnpp Severity: normal Hello, the version of libcdio 0.83 in Debian is stale. The upstream libcdio- paranoia component has been updated to use a newer cdparanoia code base and also is now split into its own work. The maintainer of libcdio appears busy. Please help with packaging. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#716649: logrotate: default taboo extension list does not include .dpkg-bak
Followup-For: Bug #716649 Package: logrotate Version: 3.8.7-1+b1 Control: user debian-ad...@lists.debian.org Control: usertags -1 + needed-by-DSA-Team On Fri, 12 Jul 2013 09:49:06 +0100 Paul Martin p...@debian.org wrote: On Thu, Jul 11, 2013 at 02:42:18PM -0700, Jayen Ashar wrote: cron-apt, which would call apt-get, which would call dpkg, which would call dpkg-maintscript-helper rm_conffile. perhaps a bug in cups for calling this method in prerm, or a bug in dpkg for having the wrong name? This is definitely something logrotate should add to its taboo list. This appears to have missed the jessie release, could you please submit an update for the next Debian point release? This will annoy sysadmins. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#784039: RFA: ocaml-gettext -- OCaml internationalization library
Package: wnpp Severity: normal Hello, Currently, ocaml-gettext has no human maintainers. It is maintained by the Debian OCaml team because of the need of transition coordination, but needs more love and a dedicated maintainer. A potential maintainer should get familiar with [1], and in particular with our policy and practices, and get subscribed to our mailing-list. [1] http://wiki.debian.org/Teams/OCamlTaskForce Cheers, -- Sylvain Le Gall -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784037: RFA: ocaml-inotify -- OCaml bindings for the inotify API
Package: wnpp Severity: normal Hello, Currently, ocaml-inotify has no human maintainers. It is maintained by the Debian OCaml team because of the need of transition coordination, but needs more love and a dedicated maintainer. A potential maintainer should get familiar with [1], and in particular with our policy and practices, and get subscribed to our mailing-list. [1] http://wiki.debian.org/Teams/OCamlTaskForce Cheers, -- Sylvain Le Gall -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784038: Remove uses of phppkginfo
Package: debpear Version: 0.4 Severity: important Hello, I plan to remove the phppkginfo script from the pkg-php-tools package before the stretch release. Any use of it should be replaced by pkgtools. Partial Roseta stone: phppkginfo [name|summary|description|channel|...] - pkgtools phppear [name|summary|description|channel|...] phppkginfo debian_pkgname channel name - pkgtools phppear debianname channel name (introduced in 1.29) phppkginfo debian_version version - pkgtools phppear debianversion version Regards Mathieu Parent -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#783982: D-i: preseed from floppy no longer works !
I have created /dev/fd0 via. # mknod /dev/fd0 b 2 0 # mkdir floppy Results: mknod never reported any problem, But (!) # mount /dev/fd0 floppy Works in Debian 7 (d-i), and fails in Debain 8 (d-i) with message: mount: mounting /dev/fd0 on floppy failed: No such device or address -- -Alexey Eromenko Technologov -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784011: [Pkg-xen-devel] Bug#784011: xen: CVE-2015-3340: Information leak through XEN_DOMCTL_gettscinfo (XSA-132)
Hi Bastian, On Sat, May 02, 2015 at 02:03:10PM +0200, Bastian Blank wrote: On Sat, May 02, 2015 at 07:04:34AM +0200, Salvatore Bonaccorso wrote: the following vulnerability was published for xen. I consider this issue as unimportant. Not sure how I can mark it this way in the security tracker. Basically the severities behind the status in brackets. But note that in this case it was already marked low, with the meaning of severities in http://security-team.debian.org/security_tracker.html#severity-levels Basically then adding (unimportant) in the line for the package, in this case - xen unfixed (unimportant; bug #784011). I have changed that now, refering to your comment in this bug. Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784054: RFP: libgcrypt11 -- LGPL Crypto library
Package: wnpp Severity: wishlist Hello, It seems libgcrypt11 has been removed from Jessie. But it is needed by external packages like Spotify (cf. https://community.spotify.com/t5/Help-Desktop-Linux- Mac-and/spotify-error-while-loading-shared-libraries-libgcrypt- so-11/td-p/970485) or Brackets. I tried to rebuild the Wheezy package on Jessie (http://mentors.debian.net/package/libgcrypt11) and it seems to work correctly. Would it be possible to reintegrate this package in Jessie? Regards, -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784056: RFS: libcdio-paranoia/10.2+0.93+1-1 [ITP] -- upstream split of libcdio-paranoia
Package: sponsorship-requests Severity: normal Package: sponsorship-requests Severity: wishlist Dear mentors, I am looking for a sponsor for my package libcdio-paranoia * Package name: libcdio-paranoia Version : 10.2+0.93+1-1 Upstream Author : Rocky Bernstein ro...@gnu.org * URL : http://www.gnu.org/software/libcdio/ * License : GPL-3+ Section : libs It builds those binary packages: libcdio-cdda2 - library to read and control digital audio CDs libcdio-paranoia-dev - library to read digital audio CDs with error correction (developm libcdio-paranoia-utils - Compact Disc Input and Control (sample applications) libcdio-paranoia2 - library to read digital audio CDs with error correction To access further information about this package, please visit the following URL: http://mentors.debian.net/package/libcdio-paranoia Alternatively, one can download the package with dget using this command: dget -x http://mentors.debian.net/debian/pool/main/libc/libcdio-paranoia /libcdio-paranoia_10.2+0.93+1-1.dsc Changes since the last upload: * Upstream libcdio = 0.90 split of libcdio-paranoia. (Closes: #784029) Regards, Eric Shattow -- System Information: Debian Release: 8.0 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.0.0-trunk-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#783323: Broken configuration for OpenBlocks AX3-4
On Sun, 2015-04-26 at 00:39 +0100, Ben Hutchings wrote: On Sat, 25 Apr 2015 23:39:44 +0100 Ben Hutchings b...@decadent.org.uk wrote: Secondly, if the installation uses LVM, /dev/sda1 is the /boot partition, not the root partition. After fixing the first problem, flash-kernel fails like this: Actually, this doesn't depend on LVM. The installer always creates a separate /boot partition using the ext2 filesystem, and this makes sense as u-boot generally doesn't support ext4. So I think that the /boot prefix should be removed from the paths for this entry. (And maybe many other entries.) I think you are likely correct. I'm considering declaring that all such db fields are always relative to /boot and having f-k decide if it needs to prepend /boot or not, perhaps based on stat -c %m /boot or something similar. (I know u-boot has optional support for ext4 now, but there's no sign of it in this version. For reference, that's: U-Boot 2011.12 (Aug 26 2013 - 13:08:34) Plat'Home version: 2.0.7 (Marvell version: 2012_Q4.0p17) ) Typical ancient u-boot, oh well! Ian. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781742: upgrade-reports: armel wheezy-jessie on QNAP: flash-kernel error in dist-upgrade and various glitches but mostly successful
On Sat, 2015-04-04 at 14:13 +0200, debbug.jessie.upgradereport.nospam@sub.noloop.net wrote: On Sat, Apr 04, 2015 at 10:52:35 +0100, Ian Campbell wrote: On Thu, 2015-04-02 at 13:04 +0200, reportbug wrote: ** error: apt-get dist-upgrade broke during a flash-kernel This happened on the two QNAP TS-419P+ devices but not on the QNAP TS-219P II Turbo device. The apt-get dist-upgrade stage aborted in a flash-kernel trigger that failed, because it seemed to try to flash the jessie 3.16 kernel before it was properly unpacked. Unfortunately I don't have the error message Did you upgrade with apt-get update ; apt-get upgrade ; apt-get dist-upgrade as recommended by the installation guide or did you follow a different path? I tried an update+upgrade+dist-upgrade from a freshly installed Wheezy system and I didn't see this. Yep, update, then upgrade (no problems there), then dist-upgrade which failed, then apt-get -f install to keep going, then another dist-upgrade to wrap it up. I found I had logged the output of dpkg -l on one of the failing machines just before the update started, attaching that to this mail. I also just now discovered a /var/log/apt/term.log that contains the entire upgrade process recorded! It does seem to contain the entire terminal output, including the interactive diffs and manual root shell sessions (Z) shown during file conflicts (which contain local and perhaps confidential information) so I don't feel like attaching the whole log, Understood. but here is everything from Log started to Log ended for the particular dist-upgrade run that failed, plus everything from Log started to Log ended for apt-get -f install just after that. Not shown are the first upgrade and the final dist-ugprade. Thanks. I had a go at reproducing this back when you first reported it, without much luck. Perhaps the dpkg -l will give some clue as to what the difference is. The last lines of the attached log for dist-upgrade are: Preparing to unpack .../module-init-tools_18-3_all.deb ... Unpacking module-init-tools (18-3) over (9-3) ... Selecting previously unselected package linux-image-3.16.0-4-kirkwood. Preparing to unpack .../linux-image-3.16.0-4-kirkwood_3.16.7-ckt7-1_armel.deb ... Unpacking linux-image-3.16.0-4-kirkwood (3.16.7-ckt7-1) ... Processing triggers for initramfs-tools (0.119) ... update-initramfs: Generating /boot/initrd.img-3.2.0-4-kirkwood Can't find /boot/vmlinuz-3.16.0-4-kirkwood or /boot/initrd.img-3.16.0-4-kirkwood Checking and logging those two separately might make sense so we can see which one failed if this happens again. And perhaps logging /boot/*$kver* would be a good idea too. In the absence of being able to repro that might the best we can manage. run-parts: /etc/initramfs/post-update.d//flash-kernel exited with return code 1 dpkg: error processing package initramfs-tools (--unpack): subprocess installed post-installation script returned error exit status 1 Processing triggers for install-info (5.2.0.dfsg.1-6) ... Errors were encountered while processing: initramfs-tools -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781888: cinnamon-session: session does not start
I'm experiencing exactly the same problem on one of my systems: $ dpkg -l *cinnamon* *cjs* | grep ii ii cinnamon 2.4.8-1 amd64 Innovative and comfortable desktop ii cinnamon-common 2.4.8-1 all Innovative and comfortable desktop (Common data files) ii cinnamon-control-center 2.4.2-1 amd64 utilities to configure the Cinnamon desktop ii cinnamon-control-center-data 2.4.2-1 all configuration applets for Cinnamon - data files ii cinnamon-core 2.2.4all Cinnamon desktop environment - essential components ii cinnamon-desktop-data 2.4.2-1 all Common files for Cinnamon desktop apps ii cinnamon-desktop-environment 2.2.4all Cinnamon desktop environment - full desktop with extra components ii cinnamon-l10n 2.2.4-1 all Translation files for the Cinnamon desktop ii cinnamon-screensaver 2.4.2-1 amd64Cinnamon screen saver and locker ii cinnamon-session 2.4.3-1 amd64Cinnamon Session Manager - Minimal runtime ii cinnamon-session-common 2.2.2-5 all Cinnamon Session Manager - common files ii cinnamon-settings-daemon 2.4.3-1 amd64daemon handling the Cinnamon session settings ii cjs 2.4.2-1 amd64 Mozilla-based javascript bindings for the GNOME platform ii gir1.2-cinnamondesktop-3.02.4.2-1 amd64 Introspection data for CinnamonDesktop ii libcinnamon-control-center1:amd64 2.2.11-4 amd64 utilities to configure the Cinnamon desktop ii libcinnamon-desktop4:amd642.4.2-1 amd64Cinnamon library for loading .desktop files ii libcinnamon-menu-3-0 2.2.0-3 amd64Cinnamon implementation of the freedesktop menu specification ii libcjs0:amd64 2.4.2-1 amd64 Mozilla-based javascript bindings for the GNOME platform -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#783323: Broken configuration for OpenBlocks AX3-4
(CCing Nobuhiro who contributed the flash-kernel db entry for this device) On Sat, 2015-05-02 at 15:40 +0100, Ian Campbell wrote: On Sun, 2015-04-26 at 00:39 +0100, Ben Hutchings wrote: On Sat, 25 Apr 2015 23:39:44 +0100 Ben Hutchings b...@decadent.org.uk wrote: Secondly, if the installation uses LVM, /dev/sda1 is the /boot partition, not the root partition. After fixing the first problem, flash-kernel fails like this: Actually, this doesn't depend on LVM. The installer always creates a separate /boot partition using the ext2 filesystem, and this makes sense as u-boot generally doesn't support ext4. So I think that the /boot prefix should be removed from the paths for this entry. (And maybe many other entries.) I think you are likely correct. I'm considering declaring that all such db fields are always relative to /boot and having f-k decide if it needs to prepend /boot or not, perhaps based on stat -c %m /boot or something similar. Actually, thinking a bit harder... Looking back at your original error: mv: cannot move '/tmp/flash-kernel.3ft8lyny/uImage' to '/tmp/flash-kernel.V2iwAjyz//boot/uImage': No such file or directory I think this is because the db entry includes a Boot-Device. This is supposed to be used for devices where the firmware boots from a partition which is not typically mounted (i.e. a special VFAT partition), hence things in /tmp before copying there. For device which can boot from a sensible filesystem then Boot-Device shouldn't be used and things will end up in /boot (separate or otherwise). Essentially if Boot-Device is set then Boot-*-Path should be relative to that device, if Boot-Device is not set then Boot-*-Path are relative to /. I think /dev/sda1 is your actual /boot and using Boot-Device in that case is wrong. If you remove it do things improve? It seems that the code which handles the Boot-Device case is buggy in the face of a firmware partition which has some hierarchy to it. Ian. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784054: RFP: libgcrypt11 -- LGPL Crypto library
On 2015-05-02 Pierre Rudloff cont...@rudloff.pro wrote: Package: wnpp Severity: wishlist Hello, It seems libgcrypt11 has been removed from Jessie. But it is needed by external packages like Spotify (cf. https://community.spotify.com/t5/Help-Desktop-Linux- Mac-and/spotify-error-while-loading-shared-libraries-libgcrypt- so-11/td-p/970485) or Brackets. I tried to rebuild the Wheezy package on Jessie (http://mentors.debian.net/package/libgcrypt11) and it seems to work correctly. Would it be possible to reintegrate this package in Jessie? Hello, No, jessie is closed, only security issues and rc-bugs are fixed, no new packages. Also with libgcrypt20 jessie includes upstream's current stable release of gcrypt. I suggest contacting spotify support and ask for a rebuild against libgcrypt20. cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#782156: grub-xen: unowned files after purge (policy 6.8, 10.8): /boot/grub/{locale, x86_64-xen}/* and some more
On Wed, 2015-04-08 at 18:16 +0200, Andreas Beckmann wrote: [...] This seems to be the only grub-* package leaving (lots of) stuff around after purge. Looking at the postinst/postrm code it seems that actually the inverse is true, only grub-pc is cleaning up after itself (and then only conditionally based on debconf). Most of the other grub-* are either !x86 (which I think piuparts doesn't test yet) or do not actually install any grub binaries for some reason (e.g. the postinst for grub-efi-* checks for existence of /boot/efi/EFI/debian, which I bet doesn't exist in the piuparts chroot). Actually grub-efi-ia32|grub-efi-amd64 do partially clean up, but only the /boot/grub/unicode.pf2 which is installed by the postinst outside the /boot/efi/EFI/debian check. Anyway, IIRC when I was doing the grub-xen packaging stuff Colin indicated that it was considered a feature not a bug that stuff was left in /boot on purge, essentially because removing them might render the system unbootable. IMHO either /boot/grub/* should be whitelisted for piuparts (based on the above argument regarding making systems unbootable) or the existing debconf template and postrm code for grub-pc should be applied to all grub-* and not just extended to cover grub-xen. BTW, the grub-pc debconf question grub-pc/postrm_purge_boot_grub defaults to false, meaning it shouldn't be cleaning up after itself. I'm not sure then why it apparently passes piuparts... Ian. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784009: Segmentation fault
On 2015-05-02 Niels Möller ni...@lysator.liu.se wrote: Andreas Metzler ametz...@bebt.de writes: Looks like we need a two-step transition: nettle 2.7 - nettle 2.7+versioned_symbols , nettle 2.7+versioned_symbols - nettle 3.1. I'm considering making a nettle-2.7.2 release with version symbols. The version string would simply be derived from the version in the soname, NETTLE_4 and HOGWEED_2. Would that help? [...] Hello Niels, /I/ think that would help, afaict we would need to either package a nettle-2.7 with versioned symbols or patch Debian's version. But let's wait for Magnus' opinion on this. cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784011: [Pkg-xen-devel] Bug#784011: xen: CVE-2015-3340: Information leak through XEN_DOMCTL_gettscinfo (XSA-132)
On Sat, May 02, 2015 at 07:04:34AM +0200, Salvatore Bonaccorso wrote: the following vulnerability was published for xen. I consider this issue as unimportant. Not sure how I can mark it this way in the security tracker. Bastian -- Knowledge, sir, should be free to all! -- Harry Mudd, I, Mudd, stardate 4513.3 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784032: RFA: xstr -- OCaml library for frequent string operations
Package: wnpp Severity: normal Hello, Currently, xstr has no human maintainers. It is maintained by the Debian OCaml team because of the need of transition coordination, but needs more love and a dedicated maintainer. A potential maintainer should get familiar with [1], and in particular with our policy and practices, and get subscribed to our mailing-list. [1] http://wiki.debian.org/Teams/OCamlTaskForce Cheers, -- Sylvain Le Gall -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#772680: lxc-start-ephemeral not working for unprivileged containers
close 772680 thanks closing since post-jessie kernels have overlayfs. -- Address:Daniel Baumann, Donnerbuehlweg 3, CH-3012 Bern Email: daniel.baum...@progress-technologies.net Internet: http://people.progress-technologies.net/~daniel.baumann/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#783982: D-i: preseed from floppy no longer works !
On Sat, 2015-05-02 at 16:15 +0300, Alexey Eromenko wrote: I have created /dev/fd0 via. # mknod /dev/fd0 b 2 0 # mkdir floppy Results: mknod never reported any problem, But (!) # mount /dev/fd0 floppy Works in Debian 7 (d-i), and fails in Debain 8 (d-i) with message: mount: mounting /dev/fd0 on floppy failed: No such device or address Right, this was an intentional change. From the kernel changelog, regarding modules to be included in the installer: * udeb: Remove obsolete and unsupported drivers and filesystems - Remove ppa from scsi-modules - Remove floppy-modules, irda-modules, parport-modules, plip-modules, qnx4-modules, reiserfs-modules, ufs-modules Ben. -- Ben Hutchings Q. Which is the greater problem in the world today, ignorance or apathy? A. I don't know and I couldn't care less. signature.asc Description: This is a digitally signed message part
Bug#759657: console-setup w/ systemd forgets font setting
On Fri, Aug 29, 2014 at 09:53:20AM +0200, Karsten Hilbert wrote: When systemd was introduced console-setup started to forget setting the I don't known how exactly systemd works but it seems Bug#783976 may be related to this: Package: console-cyrillic Severity: normal Dear Maintainer, When booting under systemd, the /etc/init.d/console-cyrillic init script launches /usr/bin/cyr, which expects linux console as its terminal. However, LSB compatibility for systemd captures the init script's STDOUT and STDERR, so cyr fails with the error message: cyr: This command may be executed only in Linux console. Sorry for not having a patch ready. There can be several approaches, from setting 'Conflicts: systemd-sysv' to providing a systemd unit file which sets the TTY as needed. I like the solution 'Conflicts: systemd-sysv'. :) Anton Zinoviev -- Ако не отговарям на писмата ви: http://6lyokavitza.org/mail -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#783982: D-i: preseed from floppy no longer works !
I ask to reverse decision about floppy-modules, because while physical floppies aren't used in years, this functionality is very much used for virtualization. Like my vbox-unattened patch; Without floppy driver there will not be an automated installer for Debian 8 VMs in VirtualBox. -- -Alexey Eromenko Technologov -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784050: RFA: ocaml-deriving -- deriving functions from type declarations in OCaml
Package: wnpp Severity: normal Hello, Currently, ocaml-deriving has no human maintainers. It is maintained by the Debian OCaml team because of the need of transition coordination, but needs more love and a dedicated maintainer. A potential maintainer should get familiar with [1], and in particular with our policy and practices, and get subscribed to our mailing-list. [1] http://wiki.debian.org/Teams/OCamlTaskForce Cheers, -- Sylvain Le Gall -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784059: RFS: galera-3/25.3.10-1 [ITP] -- wsrep clustering provider for MariaDB/MySQL/Percona
Package: sponsorship-requests Severity: wishlist Dear mentors, I am looking for a sponsor for my package galera-3 * Package name: galera-3 Version : 25.3.10-1 Upstream Author : www.codership.com * URL : www.galeracluster.com * License : GPL-2 Section : database Debian git-buildpackage tree: https://anonscm.debian.org/cgit/pkg-mysql/galera-3.git/ It builds those binary packages: galera-3 - Replication framework for transactional applications galera-3-dbg - debugging symbols for galera-3 galera-arbitrator-3 - Galera arbitrator daemon galera-arbitrator-3-dbg - debugging symbols for galera-arbitrator-3 To access further information about this package, please visit the following URL: http://mentors.debian.net/package/galera-3 https://wiki.debian.org/Teams/MySQL/Galera Alternatively, one can download the package with dget using this command: dget -x http://mentors.debian.net/debian/pool/main/g/galera-3/galera-3_25.3.10-1.dsc Changes since the last upload: * Initial upload (Closes: #562666) The package is fairly small and easy to review. It has no Lintian errors or warnings. I am a Debian maintainer and I have already contributed in the packaging of MariaDB, the MariaDB connector for C and MySQL 5.6 in Debian. I also have some upstream commits in both MySQL, MariaDB and Galera. I am not a DD so I need somebody to sponsor here. The DDs in the pkg-mysql-maint team are quite overworked/unresponsive to I seek for a DD to sponsor me via mentors now. Regards, Otto Kekäläinen -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#783929: [mnemosyne-proj-devel] SM-2 bug with patch
Hi, Thanks for looking into this! However, when I wrote this code many years ago, I had a feeling the original SM2 algorithm could use a few tweaks, especially when dealing with early / late review, and the fact that there should be a small difference between grades 0 and 1. So, I'm afraid the scheduler is working as intended as far as I'm concerned. Of course, if you really want to run an 'orthodox' version of SM2, you can easily write a plugin which e.g. implements the changes you suggest. Cheers, Peter PS: Mnemosyne's own bug tracker is here: https://bugs.launchpad.net/mnemosyne-proj -Original Message- From: mnemosyne-proj-de...@googlegroups.com [mailto:mnemosyne- proj-de...@googlegroups.com] On Behalf Of ast...@syonax.net Sent: 02 May 2015 12:39 To: mnemosyne-proj-de...@googlegroups.com Subject: [mnemosyne-proj-devel] SM-2 bug with patch Dear Mnemosyne developers, Thanks for mnemosyne! It's very handy and I have been happily using it for about 2 weeks now. However, I have found a strange bug. The E-factor is not updated in the way the SM-2 algorithm describes that it should be, especially if the uesr has a lapse. I use Debian GNU/Linux testing, which still has 2.2.1, so I filed a bug report in the Debian bug tracking system yesterday. I included a patch. I've just checked and the latest 2.3.3 tarball for linux is also affected, so I thought I should post the bug report on this list as well. You can find all the details about the bug and the patch on the Debian bug tracking system (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783929). Best regards, Astrid -- You received this message because you are subscribed to the Google Groups mnemosyne-proj-devel group. To unsubscribe from this group and stop receiving emails from it, send an email to mnemosyne-proj-devel+unsubscr...@googlegroups.com. To post to this group, send email to mnemosyne-proj- de...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/mnemosyne-proj-devel/a7faa672-b6cc- 43f0-a3d0-2606701d5043%40googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#782364: Cubox i4pro real time clock(s)
On Wed, 2015-04-29 at 15:33 -0700, Rick Thomas wrote: On Apr 29, 2015, at 12:35 PM, Karsten Merker wrote: On Tue, Apr 28, 2015 at 04:55:40AM -0700, Rick Thomas wrote: On Apr 10, 2015, at 4:20 AM, Karsten Merker mer...@debian.org wrote: On Fri, Apr 10, 2015 at 03:07:31AM -0700, Rick Thomas wrote: Please, all, try and keep the BTS in the loop rather than splitting the relevant information over various different locations. Checking /boot/config-3.16.0-4-armmp, I see what I think is an explanation, because # CONFIG_RTC_DRV_PCF8523 is not set and CONFIG_RTC_DRV_SNVS=y Other Linux systems (e.g. Arch) appear (according to the above mentioned googling) to have their kernel compiled so as to provide both /dev/rtc0 attached to the SNVS clock, and /dev/rtc1 attached to the PFC8523 clock. Would it be possible to configure the default Debian Jessie kernel to do the same? Hi Karsten, Can you give me a guess as to when this will be available in sid/unstable? Hello, unfortunately I cannot really provide an estimate. I do not have write access to the Debian kernel repository, so I cannot commit the change myself and I also do not know when the kernel maintainers plan to upload the next kernel update. Ian, could you perhaps enable CONFIG_RTC_DRV_PCF8523 for the armhf kernel builds in SVN (bug #782364)? Regards, Karsten Hi Karsten, It's OK. It will happen when it happens. I've got time. I was just being impatient... /-; If Ian enables CONFIG_RTC_DRV_PCF8523, without disabling CONFIG_RTC_DRV_SNVS, will that cause problems for the cubox models that do not have a battery backed clock??? Or will they just ignore the driver for hardware that they don't have? I don't know, which is why I'm wary of just making either change. I know next to nothing about which cubox models there are nor what features/rtcs they might each have. Does anyone have a cu-box with only the SNVS driver they can try? At the moment my inclination is to enable both drivers and see what happens. Ian. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784062: openshot: Trying to import image sequence from new location segfaults
Package: openshot Version: 1.4.3-1.1 Severity: normal Dear Maintainer, 1) Start openshot 2) Click File - Import image sequence 3) In the Image Folder: selection, select Other... Expected result: A file selection dialog opens Actual result: Program crashes. When started from the command line, the following exception is reported: /usr/lib/pymodules/python2.7/openshot/windows/SimpleGtkBuilderApp.py:49: GtkWarning: gtk_tree_model_filter_get_value: assertion 'GTK_TREE_MODEL_FILTER (model)-priv-stamp == iter-stamp' failed gtk.main() /usr/lib/pymodules/python2.7/openshot/windows/SimpleGtkBuilderApp.py:49: Warning: /build/glib2.0-etimD8/glib2.0-2.44.0/./gobject/gtype.c:4268: type id '0' is invalid gtk.main() /usr/lib/pymodules/python2.7/openshot/windows/SimpleGtkBuilderApp.py:49: Warning: can't peek value table for type 'invalid' which is not currently referenced gtk.main() Segmentation fault -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages openshot depends on: ii fontconfig 2.11.0-6.3 ii gtk2-engines-pixbuf 2.24.25-3 ii librsvg2-common 2.40.5-1 ii melt 0.9.6-1 ii python 2.7.9-1 ii python-gtk2 2.24.0-4 ii python-httplib2 0.9+dfsg-2 ii python-imaging 2.6.1-2 ii python-mlt 0.9.6-1 ii python-pygoocanvas 0.14.1-1+b3 ii python-support 1.0.15 ii python-xdg 0.25-4 Versions of packages openshot recommends: ii frei0r-plugins 1.4-3 ii openshot-doc1.4.3-1.1 Versions of packages openshot suggests: ii blender 2.74+dfsg0-2 ii inkscape 0.91-4 -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#783931: libcommons-httpclient-java-doc: Paragraphs in the package description not properly separated
On 05/01/2015 04:39 AM, Beatrice Torracca wrote: Package: libcommons-httpclient-java-doc Severity: minor Hi! the line that separates the 2 paragraphs of the package's description has been recently modified from a line containing only a single dot to one that has 2 dots. Hi Beatrice, Thank you for noticing this. The description has been updated in the packaging repo and will be part of the next upload. Cheers, tony signature.asc Description: OpenPGP digital signature
Bug#783980: Old mplayer bug exposed by kplayer: Unknown option on command line: --fontconfig
On Fri, 01 May 2015 15:28:53 -0400 Edward C. Jones edcjo...@comcast.net wrote: Package: kplayer Version: 1: 0.7-2.1 ... The correct version is 1:0.7-2.1 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#767978: #767978 minidlna does not strart at boot time
Hi everyone, On Tue, 3 Mar 2015 11:18:28 +0300 Alexander GQ Gerasiov g...@cs.msu.su wrote: Could you try version 1.1.4 from unstable to check is this version still affected? I think we can assume that this bug was fixed in 1.1.1, see the release notes: - Don't require a configured network interface to start up. Unless someone on jessie / stretch / sid reports that they still experience this issue. Regards, Florian -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784019: freeciv: removal of bz2 support = inability to load old savegames?
On 02.05.2015 12:46, Marko Lindqvist wrote: On 2 May 2015 at 11:52, Jacob Nevins jacobn+deb...@chiark.greenend.org.uk wrote: Package: freeciv-server Version: 2.5.0-1 I haven't tested this at all, I'm afraid, but noticed this in the changelog of the new Freeciv packages in experimental: | - Remove libbz2-dev from Build-Depends. | We already support xz compression which is a superior compression format. I think this means that the new server won't be able to load .sav.bz2 savegames? That would be unfortunate, since the stable package generates them (and Freeciv is generally able to load savegames from older versions). Once you've released a package with support for a compression format, I think you can practically never remove it, even if you add a newer format. They can be deprecated and then obsoleted over long time in upstream - or by similar sources patching in downstream (I think we should start that process in upstream for bz2). Anyway, dropping the support for compression format that has been the default (assuming Debian uses upstream default) to create savegames in previous version is certainly no way to go. Sorry if I've misconstrued the situation. Hi, indeed I deliberately dropped support for bz2 compression because I think it is an outdated and deprecated format. gz compression is superior in terms of speed and memory requirements whereas xz is much better in producing smaller file sizes and it is even very close or even better than gz in terms of speed when used with XZ_OPT=-0. Debian's Freeciv package in stable is not affected and those who have old savegames are able to convert them to gz or xz simply by recompressing. I can mention that in README.Debian but I really don't see the need for supporting three different compression formats. I can file the upstream bug report about changing the savegame compression to xz, if you want me to do that. Regards, Markus signature.asc Description: OpenPGP digital signature
Bug#784030: cryptsetup not installed by default in Debian Live DVD 8.0.0 Lxde
Package: cdimage.debian.org Severity: important Dear Maintainer, Jessie Live DVD 8.0.0 Lxde fails to load cryptsetup. The cryptsetup package is included in the DVD but it's not installed. If you invoke cryptsetup from the command line, the command is not found. This should not work like this and it should just work out of the box like it does with Wheezy. It should not be necessary to install cryptsetup manually in order to get it to work. -- System Information: Debian Release: 8.0 Architecture: i386 (i686) Kernel: Linux 3.16.0-4-586 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Sent using Crazymailing.com
Bug#784036: RFA: ocamlgsl -- GNU scientific library for OCaml
Package: wnpp Severity: normal Hello, Currently, ocamlgsl has no human maintainers. It is maintained by the Debian OCaml team because of the need of transition coordination, but needs more love and a dedicated maintainer. A potential maintainer should get familiar with [1], and in particular with our policy and practices, and get subscribed to our mailing-list. [1] http://wiki.debian.org/Teams/OCamlTaskForce Cheers, -- Sylvain Le Gall -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#784043: Debian Live DVD 8.0.0 ssh server enabled by default
Subject: cdimage.debian.org: Debian Live DVD 8.0.0 ssh server enabled by default Package: cdimage.debian.org Severity: important Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? I was testing my system's security when I discovered this. * What exactly did you do (or not do) that was effective (or ineffective)? I invoked this command: sudo service ssh stop * What was the outcome of this action? Success but not enough. The command stopped the ssh service successfully but inexperienced users are probably not aware of this. * What outcome did you expect instead? The ssh service should be disabled by default because an attacker could exploit this. The Live DVD comes with a default username and password making the threat very real. *** End of the template - remove these template lines *** -- System Information: Debian Release: 8.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 3.16.0-4-586 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Sent using Crazymailing.com
Bug#784041: exceptions.OSError: [Errno 2] No such file or directory
Package: torbrowser-launcher Version: 0.1.9-1 Severity: important Hello, I get an error when trying to launch torbrowser: Tor Browser Launcher By Micah Lee, licensed under MIT version 0.1.9 https://github.com/micahflee/torbrowser-launcher Initializing Tor Browser Launcher Importing keys gpg: key 63FEE659: Erinn Clark er...@torproject.org not changed gpg: Total number processed: 1 gpg: unchanged: 1 gpg: key 93298290: Tor Browser Developers (signing key) torbrow...@torproject.org not changed gpg: Total number processed: 1 gpg: unchanged: 1 Starting launcher dialog LATEST VERSION 4.5 Checked for update within 24 hours, skipping TBB is not installed, attempting to install 4.5 Running task: download_sha256 Downloading https://dist.torproject.org/torbrowser/4.5/sha256sums.txt Updating over Tor Finished receiving body: Response body fully received Running task: download_sha256_sig Downloading https://dist.torproject.org/torbrowser/4.5/sha256sums.txt.asc Updating over Tor Finished receiving body: Response body fully received Running task: download_tarball Downloading https://dist.torproject.org/torbrowser/4.5/tor-browser-linux64-4 ..5_en-US.tar.xz Updating over Tor Finished receiving body: Response body fully received Running task: verify Verifying signature gpg: assuming signed data in `/home/pierre/.cache/torbrowser/download/sha256sums.txt' gpg: Signature made Mon Apr 27 14:46:17 2015 CEST using RSA key ID D40814E0 gpg: Good signature from Tor Browser Developers (signing key) torbrow...@torproject.org gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290 Subkey fingerprint: BA1E E421 BBB4 5263 180E 1FC7 2E1A C68E D408 14E0 Running task: extract Extracting tor-browser-linux64-4.5_en-US.tar.xz Running task: run Running /home/pierre/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US /start-tor-browser Unhandled Error Traceback (most recent call last): File /usr/lib/python2.7/dist-packages/twisted/web/_newclient.py, line 911, in dispatcher return func(*args, **kwargs) File /usr/lib/python2.7/dist-packages/twisted/web/_newclient.py, line 1462, in _finishResponse_WAITING self._giveUp(Failure(reason)) File /usr/lib/python2.7/dist-packages/twisted/web/_newclient.py, line 1515, in _giveUp self._disconnectParser(reason) File /usr/lib/python2.7/dist-packages/twisted/web/_newclient.py, line 1503, in _disconnectParser parser.connectionLost(reason) --- exception caught here --- File /usr/lib/python2.7/dist-packages/twisted/web/_newclient.py, line 532, in connectionLost self.response._bodyDataFinished() File /usr/lib/python2.7/dist-packages/twisted/web/_newclient.py, line 911, in dispatcher return func(*args, **kwargs) File /usr/lib/python2.7/dist-packages/twisted/web/_newclient.py, line 1154, in _bodyDataFinished_CONNECTED self._bodyProtocol.connectionLost(reason) File /usr/lib/python2.7/dist-packages/torbrowser_launcher/launcher.py, line 378, in connectionLost self.all_done(reason) File /usr/lib/python2.7/dist-packages/torbrowser_launcher/launcher.py, line 395, in response_finished self.run_task() File /usr/lib/python2.7/dist-packages/torbrowser_launcher/launcher.py, line 332, in run_task self.verify() File /usr/lib/python2.7/dist-packages/torbrowser_launcher/launcher.py, line 565, in verify self.run_task() File /usr/lib/python2.7/dist-packages/torbrowser_launcher/launcher.py, line 336, in run_task self.extract() File /usr/lib/python2.7/dist-packages/torbrowser_launcher/launcher.py, line 609, in extract self.run_task() File /usr/lib/python2.7/dist-packages/torbrowser_launcher/launcher.py, line 340, in run_task self.run() File /usr/lib/python2.7/dist-packages/torbrowser_launcher/launcher.py, line 640, in run subprocess.call([self.common.paths['tbb']['start']]) File /usr/lib/python2.7/subprocess.py, line 522, in call return Popen(*popenargs, **kwargs).wait() File /usr/lib/python2.7/subprocess.py, line 710, in __init__ errread, errwrite) File /usr/lib/python2.7/subprocess.py, line 1335, in _execute_child raise child_exception exceptions.OSError: [Errno 2] No such file or directory Regards, -- System Information: Debian Release: 8.0 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages torbrowser-launcher depends on: ii gnupg1.4.18-7 ii python 2.7.9-1 ii python-gtk2 2.24.0-4 ii python-lzma 0.5.3-2+b1 ii python-parsley 1.2-1 ii python-psutil2.1.1-1+b1 ii python-twisted 14.0.2-3 ii