Bug#863690: python-dkim: dkim line over-length

[=]

Package: python-dkim
Version: 0.5.4-1
Severity: minor

Dear Maintainer,

during testing I was able to provoke aover-length line (82 octets) in a dkim
signature. as
I understand it this violates a SHOULD directive in the relevant RFC


DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=treshna.com;
i=@treshna.com;
 q=dns/txt; s=sgd2k; t=1496121847; h=From : Subject : To : Message-Id :
 Date; bh=qoHOIb6s/IoF2dz4yQePEAiAs6lyxZDuSOYaI+VXe14=;
 b=XCYa8/hC6AWGOMxAMqoCOBs0o58cJ3QVVsm3iJc5C7dRgskUU0HtulpZcgLwASq84IMMkf
 Ebu42w7PwHjGtEi2Nxz+/DFs01KTlVVVDbTH7/rM8eiwJN5VNuIX6OFGgD1rbXG6Nl35i1Sq
 nU5qpZ0QyNepHp4SqxEnIpJpQDlxkqKmTmhk1azEClKaNH8uyTN04VyxswT9wECY1hkWf8Na
 9qhM81LMR2sRf/gplaWMTIHi18mNDtGmDfaDhLbDja45ACinLQ1edzIJUzbN1MyeZhwGI/gQ
 IOCyzqBqh5yzKmPtm7rYAtObKYUlbC9y8v7oMkGwC9qf6F46vfwfZjZQ==

I'm guessing that the word-wrapping algorithm is not taking the header-name
into account.



*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
   * What was the outcome of this action?
   * What outcome did you expect instead?

*** End of the template - remove these template lines ***



-- System Information:
Debian Release: 8.8
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_NZ.utf8, LC_CTYPE=en_NZ.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages python-dkim depends on:
ii  python2.7.9-1
ii  python-dns2.3.6-3
ii  python-dnspython  1.12.0-1

python-dkim recommends no packages.

python-dkim suggests no packages.

-- no debconf information

Bug#863689: unblock: cracklib2/2.9.2-5

[Niels Thykier]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hi KiBi (X-CC'ed),

I would like to unblock cracklib2 as it fixes #854554.  To my knowlegde, it
has no changes that affects its udeb, the diff being:

"""
diff -Nru cracklib2-2.9.2/debian/changelog cracklib2-2.9.2/debian/changelog
--- cracklib2-2.9.2/debian/changelog2017-04-08 11:25:28.0 +
+++ cracklib2-2.9.2/debian/changelog2017-05-27 09:41:18.0 +
@@ -1,3 +1,10 @@
+cracklib2 (2.9.2-5) unstable; urgency=medium
+
+  * Add Breaks: cracklib-runtime (<< 2.9.2-4) to libcrack2 to configure
+cracklib-runtime in the correct order (Closes: #854554)
+
+ -- Jan Dittberner   Sat, 27 May 2017 11:41:18 +0200
+
 cracklib2 (2.9.2-4) unstable; urgency=medium
 
   * Migrate triggers to interest-noawait to avoid trigger-cycles (Closes:
diff -Nru cracklib2-2.9.2/debian/control cracklib2-2.9.2/debian/control
--- cracklib2-2.9.2/debian/control  2017-04-08 11:25:28.0 +
+++ cracklib2-2.9.2/debian/control  2017-05-27 09:06:18.0 +
@@ -28,6 +28,7 @@
 Pre-Depends: ${misc:Pre-Depends}
 Depends: ${misc:Depends}, ${shlibs:Depends}
 Recommends: cracklib-runtime
+Breaks: cracklib-runtime (<< 2.9.2-4)
 Description: pro-active password checker library
  Shared library for cracklib2 which contains a C function which may be
  used in a passwd like program. The idea is simple: try to prevent
"""

unblock cracklib2/2.9.2-5

I would age it so it migrates before this weekend.


Thanks,
~Niels

Bug#688336:

[Mike Mestnik]

Refresh and simplify the patches.
https://github.com/cheako/os-prober/tree/btrfs-subvol

Also note os-probe fork:
https://github.com/campadrenalin/os-prober/commit/b571c0c7c3fe8986cc17dd200173fb7d86ef0c24
This commit reorgs the project making merges with the fork difficult.
From af1753acff410e6984466f88233855ad971cbc87 Mon Sep 17 00:00:00 2001
From: Michael Mestnik 
Date: Tue, 30 May 2017 00:15:36 -0500
Subject: [PATCH 1/2] Add support for btrfs subvol.

---
 README.btrfs |  15 
 common.sh|  13 ++-
 linux-boot-prober| 133 ++-
 linux-boot-probes/mounted/common/40grub2 |  12 ++-
 os-prober|  28 ++-
 os-probes/common/50mounted-tests |  72 -
 os-probes/mounted/common/90linux-distro  |   8 +-
 7 files changed, 272 insertions(+), 9 deletions(-)
 create mode 100644 README.btrfs

diff --git a/README.btrfs b/README.btrfs
new file mode 100644
index 000..f9b4d45
--- /dev/null
+++ b/README.btrfs
@@ -0,0 +1,15 @@
+BTRFS is a new filesystem which combines the filesystem with logical volume
+management (subvolumes).  For further information, see:
+  https://btrfs.wiki.kernel.org/index.php/Main_Page
+  https://btrfs.wiki.kernel.org/index.php/FAQ
+
+In order to support BTRFS, a number of changes were necessary to os-prober,
+os-probes/common/50mounted-tests, os-probes/mounted/common/90linux-distro,
+linux-boot-prober, and linux-boot-probes/common/50mounted-tests.
+
+The biggest impact will be to grub2 where there is additional information
+output by os-prober and where, if a BTRFS subvolume is being used for root,
+the parameters for linux-boot-prober have changed.
+
+Sun 30 Dec 2012 11:49:52 AM EST Gene Czarcinski 
+
diff --git a/common.sh b/common.sh
index e1646d4..4045d05 100644
--- a/common.sh
+++ b/common.sh
@@ -155,6 +155,7 @@ parse_proc_mounts () {
 	done
 }
 
+# add forth parameter to pickup btrfs subvol info
 parsefstab () {
 	while read -r line; do
 		case "$line" in
@@ -165,12 +166,22 @@ parsefstab () {
 set -f
 set -- $line
 set +f
-printf '%s %s %s\n' "$1" "$2" "$3"
+printf '%s %s %s %s\n' "$1" "$2" "$3" "$4"
 			;;
 		esac
 	done
 }
 
+#check_btrfs_mounted $bootsv $bootuuid)
+check_btrfs_mounted () {
+	bootsv="$1"
+	bootuuid="$2"
+	bootdev=$(blkid | grep "$bootuuid" | cut -d ':' -f  1)
+	bindfrom=$(grep " btrfs " /proc/self/mountinfo |
+		   grep " $bootdev " | grep " /$bootsv " | cut -d ' ' -f 5)
+	printf "%s" "$bindfrom"
+}
+
 unescape_mount () {
 	printf %s "$1" | \
 		sed 's/\\011/	/g; s/\\012/\n/g; s/\\040/ /g; s/\\134/\\/g'
diff --git a/linux-boot-prober b/linux-boot-prober
index e32dc84..2a60fa2 100755
--- a/linux-boot-prober
+++ b/linux-boot-prober
@@ -5,16 +5,143 @@ set -e
 
 newns "$@"
 require_tmpdir
+ERR="n"
+
+tmpmnt=/var/lib/os-prober/mount
+if [ ! -d "$tmpmnt" ]; then
+	mkdir "$tmpmnt"
+fi
+
+mounted=
+bootmnt=
+bootsv=
+bootuuid=
 
 grep "^/dev/" /proc/mounts | parse_proc_mounts >"$OS_PROBER_TMP/mounted-map" || true
 
-partition="$1"
+if [ -z "$1" ]; then
+	ERR=y
+elif [ "$1" = btrfs -a -z "$2" ]; then
+	ERR=y
+elif [ "$1" = btrfs -a -z "$3" ]; then
+	ERR=y
+elif [ "$1" = btrfs ]; then
+	type=btrfs
+	echo "$2" | grep -q "^UUID=" || ERR=y
+	echo "$3" | grep -q "^subvol=" || ERR=y
+	export "$2"
+	export "$3"
+	partition=$(blkid | grep "$UUID" | cut -d ':' -f 1 | tr '\n' ' ' | cut -d ' ' -f 1)
+	debug "btrfs: partition=$partition, UUID=$UUID, subvol=$subvol"
+else
+	partition="$1"
+	type=other
+fi
 
-if [ -z "$partition" ]; then
+if [ "x$ERR" != xn ]; then
 	echo "usage: linux-boot-prober partition" >&2
+	echo "   linux-boot-prober btrfs UUID=<> subvol=<>" >&2
 	exit 1
 fi
 
+if [ "$type" = btrfs ]; then
+	# handle all of the btrfs stuff here
+	if [ ! -e "/proc/self/mountinfo" ]; then
+		warn "/proc/self/mountinfo does not exist, exiting"
+		umount "$tmpmnt" 2>/dev/null
+		rmdir "$tmpmnt" 2>/dev/null
+		exit 1
+	fi
+	mpoint=$(grep "btrfs" /proc/self/mountinfo | grep " /$subvol " | grep " $partition " | cut -d ' ' -f 5)
+	if [ "$mpoint" = "/" ]; then
+		warn "specifying active root not valid, exiting"
+		umount "$tmpmnt" 2>/dev/null
+		rmdir "$tmpmnt" 2>/dev/null
+		exit 1
+	fi
+	if [ "$mpoint" = "$tmpmnt" ]; then
+		warn "btrfs subvol=$subvool, UUID=$UUID, already mounted on $tmpmnt **ERROR**"
+		umount "$tmpmnt" 2>/dev/null
+		rmdir "$tmpmnt" 2>/dev/null
+		exit 1
+	fi
+	if [ -z "$mpoint" ]; then
+		# mount the btrfs root
+		if ! mount -o subvol=$subvol -t btrfs -U $UUID "$tmpmnt" 2>/dev/null; then
+			warn "error mounting btrfs subvol=$subvol UUID=$UUID"
+			umount "$tmpmnt/boot" 2>/dev/null
+			umount "$tmpmnt" 2>/dev/null
+			rmdir "$tmpmnt" 2>/dev/null
+			exit 1
+		fi
+	else
+		# bind-mount
+		if ! mount -o bind "$mpoint" "$tmpmnt" 2>/dev/null; then
+			warn "error mounting btrfs bindfrom=$mpoint subvol=$subvol UUID=$UUID"
+			

Bug#863688: os-prober: Source has witespace at end of lines.

[Mike Mestnik]

Package: os-prober
Version: 1.75
Severity: wishlist

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Please consider using some form of source buitification or tidy
to remove this whitespace.

- -- System Information:
Debian Release: 8.7
  APT prefers stable
  APT policy: (500, 'stable'), (490, 'testing'), (480, 'unstable'), (470, 
'experimental')
Architecture: i386 (x86_64)

Kernel: Linux 4.2.0-19-generic (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages os-prober depends on:
ii  grub-common  2.02~beta3-5
ii  libc62.24-9

os-prober recommends no packages.

os-prober suggests no packages.

- -- no debconf information

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBAgAGBQJZLQOhAAoJEOPRqa2O3KuKipcP/Ru3sg/RzqRZjRe/uaxL320j
pS2xfJiYDM+d4gXWLCwc/Pjb6NzXol382IxnFnz9x1O9SXvjyvOwibvZq0t33B4r
XWU5dewcWC69LclmdVtnbprzHnaGF/Cxc7tRODqNqUi3O4G94k9T6HkXhi0wZaJX
zkUk3XrR5AOOmyeD7VA1m762GXDKvYuYQu+p18iw29ZZEucahXnQJd091STfgng1
VHt9JA8Zqxgs+9OdBr5T8Ypv6yhZunohpIZjvZ79VZmBoxJH/dX9YA919tufKbQx
JOZl12BsvtZVFFUXIQnoQK9Mbzlvq36xRTUUJjWXKrmR2XVDwj9MDL6SFDQzu1c1
4RBwPfl6ZXYeTCOKO24IlMzZYC3g9ECPn8X/+tfEBPGiLLx07ucFnUzRzm2UF2jO
f6wWoc/gBfXjIYzr82LDMM0dd6N32EoJ9hq+ErYzPGOFBGjRd5XelKat4cciZ6rg
TZX8HMF0HCuIRuPjoFyXLZNvQNbcLcvqAc5HTIKsOCH/qOtwb4EJYr41zT/h3NmZ
BxmQJZqhKc09Fzg47Suc99qiT5jZAdpWw/JMzaLmbFWYFYkD/mxHap3UroJSHuou
xr8lSLUEAq0YcyWZMSpvXivvaYJYs1D/uLnkRPaocRfl58Pf0wzuwl+kLAFj0pUv
55YW9FAESj6krRSZEunl
=dMfT
-END PGP SIGNATURE-

Bug#859806: icinga-common: broken symlink: /usr/share/doc/icinga-common/README -> README.md

[Sebastiaan Couwenberg]

Control: tags -1 pending

Hi Andreas,

On Fri, 07 Apr 2017 16:37:41 +0200 Andreas Beckmann wrote:
> during a test with piuparts I noticed your package ships (or creates)
> a broken symlink.
> 
> >From the attached log (scroll to the bottom...):
> 
> 1m38.1s ERROR: FAIL: Broken symlinks:
>   /usr/share/doc/icinga-common/html -> ../../icinga/htdocs/docs
>   /usr/share/doc/icinga-common/README -> README.md
> 
> While the html link can be satisfied by installing icinga-doc (maybe add
> a Suggests: icinga-doc ?), I cannot find a possible candidate for
> README.md

README.md is included in the upstream source, but was not installed
along with the README file. I've pushed a fix in git.

Kind Regards,

Bas

-- 
 GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146  50D1 6750 F10A E88D 4AF1

Bug#846548: marked as pending

[Eric Dorland]

* Julien Cristau (jcris...@debian.org) wrote:
> On 05/29/2017 03:15 AM, Eric Dorland wrote:
> > * Julien Cristau (jcris...@debian.org) wrote:
> >> On Mon, May 22, 2017 at 03:42:57 +, Eric Dorland wrote:
> >>
> >>> tag 846548 pending
> >>> thanks
> >>>
> >>> Hello,
> >>>
> >>> Bug #846548 reported by you has been fixed in the Git repository. You can
> >>> see the changelog below, and you can check the diff of the fix at:
> >>>
> >>> 
> >>> https://anonscm.debian.org/cgit/pkg-opensc/libp11.git/commit/?id=e8d6da0
> >>>
> >> So, erm.  This seems like it would break using libengine-pkcs11-openssl
> >> in an application using libssl1.0.2.  As a SONAME bump it also seems
> >> rather inappropriate during the freeze.
> > 
> > That's a good point. I was trying to provide an alternative to the
> > broken NMU that was going to be uploaded, but yes this will break
> > applications built against libssl1.0.2. It does fix using this with
> > the openssl tool however.
> > 
> Right.
> 
> >> I'm very interested in having this fixed in stretch so I can get the
> >> secure-boot stuff working on ftp-master, but this doesn't look like the
> >> way to go.  Not to mention that you'd have to justify the bump from
> >> 0.4.3 to 0.4.4.
> >>
> >> Can you explain your plans here?
> > 
> > As you suggested in your followup, the way forward would appear to be
> > to upload a new libp11 source package that builds against
> > libssl1.0.2. I can also backport all of the changes to 0.4.3 and
> > upload to testing-proposed-updates. Does that sound reasonable?
> > 
> Having read through the 0.4.4 changes I think I'd be ok with getting
> that in if you're confident.  I guess the other question is should
> libp11-dev come from the openssl1.1-using package or the
> openssl1.0.2-using one.  At this late stage I guess it's safer to stay
> with 1.0.2, and have the libp11-openssl1.1 package (or however it's
> called) only provide a libengine-pkcs11-openssl1.1 binary?

OK, I like this plan. We should get the naming right going forward
though for the libengine-pkcs11-openssl1.1 package. Is that how other
packages are handling naming when they depend on a particular version
of openssl?

I should be able to get fixed uploads to unstable in a couple of days.

-- 
Eric Dorland 
43CF 1228 F726 FD5B 474C  E962 C256 FBD5 0022 1E93


signature.asc
Description: PGP signature

Bug#863687: Please update scribus to 1.5.3 with complex rendering support

[Pirate Praveen]

Package: scribus
Version: 1.4.6+dfsg-4
Severity: important

https://wiki.scribus.net/canvas/1.5.3_Release

This version adds support for complex rendering support and it makes it useable 
for a large number of people (Arabic, Thai, Indic), hense the important 
severity.

It could be added to experimental if ready before stretch release.

Bug#863686: freemat: fails to start with llvm error

[Stuart Prescott]

Package: freemat
Version: 4.2+dfsg1-3+b2
Severity: serious
Justification: package is unusable

Dear Maintainer,

Starting a fresh installation of freemat fails:

$ freemat
: CommandLine Error: Option 'x86-machine-combiner' registered more than once!
LLVM ERROR: inconsistency in registered CommandLine options

By the looks of the buildd logs, the package doesn't seem to run the
tests at build time and they are not enabled as autopkgtest tests
for use on ci.debian.net so I can't easily see what has cause this
situation. (Perhaps it's possible to at least put a smoke test of
freemat into both places even if the entire test suite isn't run?)

cheers
Stuart


-- System Information:
Debian Release: 9.0
  APT prefers testing-proposed-updates
  APT policy: (550, 'testing-proposed-updates'), (500, 'testing-debug'), (500, 
'testing'), (60, 'unstable')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages freemat depends on:
ii  freemat-data  4.2+dfsg1-3
ii  libarpack23.4.0-1+b1
ii  libboost-math1.62.0   1.62.0+dfsg-4
ii  libc6 2.24-10
ii  libclang1-3.8 1:3.8.1-23
ii  libffi6   3.2.1-6
ii  libfftw3-double3  3.3.5-3
ii  libfftw3-single3  3.3.5-3
ii  libgcc1   1:6.3.0-18
ii  libgfortran3  6.3.0-18
ii  libgl1-mesa-glx [libgl1]  13.0.6-1+b2
ii  libglu1-mesa [libglu1]9.0.0-2.1
ii  libncurses5   6.0+20161126-1
ii  libpcre3  2:8.39-3
ii  libportaudio2 19.6.0-1
ii  libqt4-network4:4.8.7+dfsg-11
ii  libqt4-opengl 4:4.8.7+dfsg-11
ii  libqt4-svg4:4.8.7+dfsg-11
ii  libqt4-xml4:4.8.7+dfsg-11
ii  libqtcore44:4.8.7+dfsg-11
ii  libqtgui4 4:4.8.7+dfsg-11
ii  libquadmath0  6.3.0-18
ii  libstdc++66.3.0-18
ii  libtinfo5 6.0+20161126-1
ii  zlib1g1:1.2.8.dfsg-5

Versions of packages freemat recommends:
ii  freemat-help  4.2+dfsg1-3

freemat suggests no packages.

-- no debconf information

Bug#863661: openvswitch: CVE-2017-9264

[Salvatore Bonaccorso]

Hi

On Mon, May 29, 2017 at 04:35:30PM -0700, Ben Pfaff wrote:
> severity 863661 normal
> thanks
> 
> On Mon, May 29, 2017 at 10:14:49PM +0200, Salvatore Bonaccorso wrote:
> > Source: openvswitch
> > Version: 2.6.2~pre+git20161223-3
> > Severity: important
> > Tags: patch upstream security
> > 
> > Hi,
> > 
> > the following vulnerability was published for openvswitch.
> > 
> > CVE-2017-9264[0]:
> > | In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS)
> > | 2.6.1, there is a buffer over-read while parsing malformed TCP, UDP,
> > | and IPv6 packets in the functions `extract_l3_ipv6`, `extract_l4_tcp`,
> > | and `extract_l4_udp` that can be triggered remotely.
> > 
> > If you fix the vulnerability please also make sure to include the
> > CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
> 
> This only affects the userspace datapath, most often used in the context
> of DPDK, which isn't enabled in the Debian packaging.  In addition, the
> fact that it's a buffer overread (which makes it difficult to use to
> crash OVS or change its behavior) and the fact that end-to-end TCP
> checksum verification would catch it leads me to believe that this is
> only "normal" severity, so I'm updating it (with this email).

Thanks for the analysis.

In this case I think normal is ok.

Regards,
Salvatore

Bug#863655: openvswitch: CVE-2017-9263

[Salvatore Bonaccorso]

HI Ben,

On Mon, May 29, 2017 at 01:35:58PM -0700, Ben Pfaff wrote:
> notfound 863655 2.3.0+git20140819-1
> found 863655 2.6.2~pre+git20161223-3
> severity 863655 normal
> thanks
> 
> On Mon, May 29, 2017 at 09:44:13PM +0200, Salvatore Bonaccorso wrote:
> > Source: openvswitch
> > Version: 2.3.0+git20140819-1
> > Severity: important
> > Tags: security upstream patch
> > 
> > Hi,
> > 
> > the following vulnerability was published for openvswitch.
> > 
> > CVE-2017-9263[0]:
> > | In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status
> > | message, there is a call to the abort() function for undefined role
> > | status reasons in the function `ofp_print_role_status_message` in
> > | `lib/ofp-print.c` that may be leveraged toward a remote DoS attack by a
> > | malicious switch.
> 
> This doesn't really make sense.  For a "malicious switch" to leverage
> this as a remote DoS, the controller that it talks to has to be
> implemented using the OVS code in question.  OVS 2.3 as packaged for
> Debian doesn't include a controller,
> 
> Open vSwitch 2.6.2 includes two controllers.  The first one,
> ovs-testcontroller, is not vulnerable to this in the default
> configuration, because it does not print such messages even if it
> receives them, unless it is specially configured to do so.  The second
> one, ovn-controller, only talks to Open vSwitch directly, not to
> arbitrary switches, and only over a trusted Unix domain socket anyway.
> In any case, if either of these crashes due to this bug, they
> automatically restart themselves.

Thanks for your reply (much appreciated) and this analysis! I adjusted
the security-tracker information.

> So, while it is a good idea to fix this, it's not high severity.

Yes might be ok indeed.

Regards,
Salvatore

Bug#861666: UTF-8 does not help

[fin4478 fin4478]

When the automount did not work, I did have set:
CONFIG_FAT_DEFAULT_IOCHARSET="ascii"
FAT_DEFAULT_UTF8=y

Bug#840003: [Reportbug-maint] Bug#840003: reportbug: wrong reporting about bug

[Ritesh Raj Sarraf]

On Mon, 2017-05-29 at 13:23 -0400, Sandro Tosi wrote:
> On Fri, Oct 7, 2016 at 1:14 PM, Ritesh Raj Sarraf  wrote:
> > > were there actual timeouts/network issues at that time? it could also
> > > be something on the BTS side
> > 
> > There was an actual power outage affecting my ISP cable modem. My wifi
> > router
> > was on because it was backed by my UPS.
> > 
> > So, for this bug report, it was an actual network issue.
> 
> well, so you know what caused the issue closing
> 

Yes. But the bug report is about reportbug giving the false impression that 'No
report is available', which is incorrect. It should have reported a Network
Error.


-- 
Ritesh Raj Sarraf | http://people.debian.org/~rrs
Debian - The Universal Operating System

signature.asc
Description: This is a digitally signed message part

Bug#863362: RFA: pep8-naming -- check for PEP 8 naming conventions (flake8 plugin for Python2)

[陳昌倬]

Control: retitle -1 ITA: pep8-naming -- check for PEP 8 naming conventions 
(flake8 plugin for Python2)
Control: owner -1 !

On Thu, May 25, 2017 at 09:07:32PM +0200, Daniel Stender wrote:
> Package: wnpp
> Severity: normal
> 
> I request an adopter for the pep8-naming package [1].

I will adopt this package.


-- 
ChangZhuo Chen (陳昌倬) czchen@{czchen,debian}.org
http://czchen.info/
Key fingerprint = BA04 346D C2E1 FE63 C790  8793 CC65 B0CD EC27 5D5B


signature.asc
Description: PGP signature

Bug#863685: ITP: jbibtex -- Java BibTeX and LaTeX parser and formatter library

[tony mancill]

Package: wnpp
Severity: wishlist
Owner: tony mancill 

* Package name: jbibtex
  Version : 1.0.15
  Upstream Author : Villu Ruusmann, University of Tartu
* URL : https://github.com/jbibtex/jbibtex
* License : BSD-3-clause
  Programming Lang: Java
  Description : Java BibTeX and LaTeX parser and formatter library

jbibtex provides a BibTeX parser, writer, and methods to iterate over
entries in a BibTex database.  It additionally provides utility classes
to parse LaTeX strings into plain text representations.

This library is a dependency of citeproc-java [1], which is in turn a
dependency for packaging of JabRef 4.x.  The package will be maintained
by the Java Team.  It is unrelated to the "Japanized BibTeX"
jbibtex-base package [2] (src:ptex-base).

[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=841020
[2] https://packages.debian.org/unstable/jbibtex-base


signature.asc
Description: PGP signature

Bug#768510: This can happen for other reasons.

[Mike Mestnik]

For me I though I discovered this bug, but instead it had to do with
btrfs subvolumes.

I chrooted into a subvolume and assumed that I could set it up to
boot, but it was lacking an entry in /proc/mounts.  After I mounted
the subvolume and chrooted to this mount point grub worked as
expected...  at least it didn't error.

Bug#799157: Importer also vanished

[Karl Schmidt]

I'm running Stretch and One of the best features was the importer which would rename the file based 
on the date.. is GONE...


Good news is - it appears someone put it back in:

http://agateau.com/2016/gwenview-importer-is-back/

I built it today - works for me.. 17.04.2

git://anongit.kde.org/gwenview.git

I see the openwith is there  - print dialog is part of other software..




Karl Schmidt  EMail k...@xtronics.com
3209 West 9th Street Ph (785) 841-3089
Lawrence, KS 66049

Borrow money from pessimists - they don't expect it back.

Bug#863497: marked as pending

[Kentaro Hayashi]

Hi,

On Sat, 27 May 2017 20:41:33 + Mattia Rizzolo  wrote:
> tag 863497 pending
> thanks
> 
> Hello,
> 
> Bug #863497 reported by you has been fixed in the Git repository. You can
> see the changelog below, and you can check the diff of the fix at:
> 
> 
> https://anonscm.debian.org/cgit/collab-maint/devscripts.git/commit/?id=51e909f

Thank you for fixing this problem.
But I've found that debsign shows a bit redundant output.

Here is the way to reproduce this issue.

1. debsign --re-sign multiple .dsc
2. debsign prints "Successfully signed dsc, dsc, dsc ... files"

Here is the actual results:

  debsign -pgpg2 --re-sign -k45499429 *.dsc

   unsignfile tmp/groonga_7.0.0-1.dsc
   signfile dsc tmp/groonga_7.0.0-1.dsc 45499429

  Successfully signed dsc file
   unsignfile tmp/groonga_7.0.2-1.dsc
   signfile dsc tmp/groonga_7.0.2-1.dsc 45499429

  Successfully signed dsc, dsc files
   unsignfile tmp/groonga_7.0.3-1.dsc
   signfile dsc tmp/groonga_7.0.3-1.dsc 45499429

  Successfully signed dsc, dsc, dsc files

If you debsign against 100 dsc, debsign prints dsc, dsc, dsc, ... dsc
files. (100 times!)  It seems that it's redundant because previous command 
execution
already shows whether it succeeds or not.

Does it expected behavior?


pgp6It_bwi66e.pgp
Description: PGP signature

Bug#863684: qtikz: outdated dependency on pgf, please update to texlive-pictures

[Norbert Preining]

Package: qtikz
Version: 0.11~git20161122-1
Severity: important

Dear qtikz/ktikz maintainer,

your package depends on pgf, which has been a virtual package through the
stretch dev cycle.

With TL2017 currently in experimental, for stretch+1 we will not provide
pgf as package name anymore. Please convert your dependencies to
texlive-pictures

Thanks a lot

Norbert

-- System Information:
Debian Release: 9.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (200, 'experimental')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.12.0-rc2+ (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#863317: apt: susceptible to replay attacks

[Jakub Wilk]

* David Kalnischkies , 2017-05-28, 10:35:
Unfortunately, this protection is ineffective. All the attacker needs to do 
to hide security updates is to replace all the files from 
http://security.debian.org/dists/$DIST/updates/ with the ones from 
http://deb.debian.org/debian/dists/$DIST/ .


That's easily fixable by enabling key pinning for the security repository, see
https://wiki.debian.org/DebianRepository/Format?action=show=RepositoryFormat#Signed-By 


Interesting. I didn't know about this feature.

89901946f936 says "the pinning is in effect as long as the (then old) Release 
file is considered valid". If this is accurate, then the attacker could keep 
serving stale (but still valid) security.d.o/d/jessie/updates until the release 
file expires, then immediately switch to jessie.


I am working on having apt error out/asking for explicit confirmation if a 
repository changes metadata information like suite/codename (or label/origin 
which is more related here) which should help a bit here, too


Awesome.


– but its hard to get right as some changes are legit


Right. Suite or Codename could naturally change, though not both at the same 
time.


Practically you have some added complications in the attack as Release files 
need to go forward in time, so if your user happened to have updated its 
security data before the Date is likely newer than that of any stable release 
you can use (that isn't the case for < 1.0 which you were testing, but for >= 
1.1).


Is there a warning if Date goes back in time?

--
Jakub Wilk

Bug#863683: dblatex: outdated dep on texlive-math-extra, should be texlive-science

[Norbert Preining]

Package: dblatex
Version: 0.3.9-2
Severity: important

Dear dblatex maintainers,

texlive-math-extra has been a virtual package all through stretch dev,
provided by texlive-science.

Starting with TL2017 (currently in experimental) I will drop the
provides of texlive-math-extra.

Please convert the dependency to texlive-science.

Thanks

Norbert


-- System Information:
Debian Release: 9.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (200, 'experimental')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.12.0-rc2+ (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#689508: ignore obsolete conffiles which are not owned by the package

[Andreas Beckmann]

Hi Axel,

On 2017-05-03 02:45, Axel Beckert wrote:
>>> If your feedback is positive, I'd upload it as 2.2.1 to unstable and
>>> try to get this into stretch.

Can you upload debsums 2.2.2 to jessie-backports?


Thanks.

Andreas

Bug#839894: Last chance for d-i changes in stretch

[Roger Shimizu]

On Tue, May 30, 2017 at 4:27 AM, Samuel Thibault  wrote:

> That would also match partitions, might that not pose concerns?

So maybe the following?

> -/dev/[hsv]d[a-z0-9]|
> +/dev/[hsv]d[a-z0-9]|/dev/[hsv]d[a-z][a-z]*|

-- 
Roger Shimizu, GMT +9 Tokyo
PGP/GPG: 4096R/6C6ACD6417B3ACB1

Bug#860926: zh translation for badblocks drifting due to bad column counting

[Theodore Ts'o]

tags 860926 +pending
thanks

On Fri, Apr 21, 2017 at 07:30:13PM -0400, Mingye Wang (Arthur2e5) wrote:
> Package: e2fsprogs
> Version: 1.43.4-2
> 
> The current version of e2fsprogs ships a complete Chinese translation. This
> is normally good news, just not quite so with badblocks which miscounts
> columns and gives too few `\b`'s for stepping back.
> 
> The fix is simple and straightforward -- just store the wstring and do some
> wcswidth counting on it.

Many thanks for the bugreport and the suggested fix.  I've just
checked the following into my repository:

>From 0c574883dda4a44eeb4586fd7784373de3d8c030 Mon Sep 17 00:00:00 2001
From: Theodore Ts'o 
Date: Mon, 29 May 2017 20:04:56 -0400
Subject: [PATCH] badblocks: support languages which use multi-column wide
 characters

CJK characters take up two columns for each character; teach badblocks
to take this into account.

Addresses-Debian-Bug: #860926

Signed-off-by: Theodore Ts'o 
Reported-by: "Mingye Wang (Arthur2e5)" 
---
 misc/badblocks.c | 11 ++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/misc/badblocks.c b/misc/badblocks.c
index 0c4019a8..e4593918 100644
--- a/misc/badblocks.c
+++ b/misc/badblocks.c
@@ -50,6 +50,9 @@ extern int optind;
 #include 
 #include 
 #include 
+#ifdef HAVE_MBSTOWCS
+#include 
+#endif
 
 #include 
 #include 
@@ -216,6 +219,9 @@ static void print_status(void)
 {
struct timeval time_end;
char diff_buf[32], line_buf[128];
+#ifdef HAVE_MBSTOWCS
+   wchar_t wline_buf[128];
+#endif
int len;
 
gettimeofday(_end, 0);
@@ -229,7 +235,10 @@ static void print_status(void)
   num_write_errors,
   num_corruption_errors);
 #ifdef HAVE_MBSTOWCS
-   len = mbstowcs(NULL, line_buf, sizeof(line_buf));
+   mbstowcs(wline_buf, line_buf, sizeof(line_buf));
+   len = wcswidth(wline_buf, sizeof(line_buf));
+   if (len < 0)
+   len = strlen(line_buf); /* Should never happen... */
 #endif
fputs(line_buf, stderr);
memset(line_buf, '\b', len);
-- 
2.11.0.rc0.7.gbe5a750

Bug#752485: libp11-kit0:amd64: Please create /etc/pkcs11 directory structure

[David Jaša]

> Hi,
> 
> p11-kit is using /etc/pkcs11(/modules) directories to store its
> configuration files but the directory structure is not created by the
> package.
> 
> Could you please create this (empty) directory structure from the
> package, this would make it a bit easier for a local admin to add a
> configuration file there.
> 
> Cheers,
> 
> Laurent Bigonville
> 

FWIW, /etc/pki/ca-trust directory structure required for shared system
certificates is missing as well:

# trust anchor /path/to/cacert.pem 
p11-kit: no configured writable location to store anchors

# cat /etc/debian_version ; dpkg -l 'p11-kit*' | grep '^ii'
9.0
ii  p11-kit   0.23.3-2 amd64p11-glue utilities
ii  p11-kit-modules:amd64 0.23.3-2 amd64p11-glue proxy and trust 
modules

Cheers,

David

Bug#863491: Spams the journal with debug messages

[Jason Crain]

On Sat, May 27, 2017 at 08:58:23PM +0200, Michael Biebl wrote:
> I've been running tilix for a couple of days now and I noticed that
> tilix is very chatty. My journal get's "spammed" with what seems to me
> are debug messages: Here is an excerpt:

It's being built with debugging enabled.  From what I see in d/rules,
there is a "DCFLAGS=XXX" line which is supposed to make a release build,
but it's being overridden by this line in configure.ac:

DCFLAGS='-O'

I think changing this line to ": ${DCFLAGS='-O'}" would work better.  It
will set DCFLAGS only if it is not already set.

Bug#863682: jessie-pu: package intel-microcode/3.20170511.1~deb8u1

[Henrique de Moraes Holschuh]

Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu

I'd like to update the intel-microcode package in Debian jessie.

Usually, I'd wait for an extra month before sending this request,
however I have received word from the OCamn community that this
microcode update fixes an extremely serious erratum...  and that OCaml
code compiled with the gcc backend (including the OCaml compiler itself)
could trivially trigger it.

The OCaml bug report is here:
https://caml.inria.fr/mantis/view.php?id=7452

>From the intel-microcode package changelog:

   SKL150 - Short loops using both the AH/BH/CH/DH registers and
   the corresponding wide register *may* result in unpredictable
   system behavior.  Requires both logical processors of the same
   core (i.e. sibling hyperthreads) to be active to trigger, as
   well as a "complex set of micro-architectural conditions"

This microcode update also fixes other important errata, including one
that makes it safe to have intel-microcode installed on some recent
high-end models of the E7v4 and possibly E5v4 Xeons (previous versions
of intel-microcode are likely to hang these processors during boot,
refer to bug #862606 for details[1])... but the SKL150 fix takes the
cake.

[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862606


As usual, I have removed the noise caused by the binary blob changes
from upstream from the debdiff output for clarity.  The abridged debdiff
is attached.

Full diffstat:
 changelog  |   13 
 debian/changelog   |   58 
 microcode-20161104.dat |61630 
 microcode-20170511.dat |61886 +
 releasenote|   41 
 5 files changed, 61998 insertions(+), 61630 deletions(-)

Abridged diffstat:
 changelog|   13 
 debian/changelog |   58 +++
 releasenote  |   41 ++
 3 files changed, 112 insertions(+)

Other than the microcode blob, the changes are only to documentation and
the changelogs.

Please note that the new upstream "releasenote" file is not going to be
shipped in the binary packages, since it has way too much incorrect
information.  It is present only in the source package.

Thank you!

-- 
  Henrique Holschuh
diff -Nru intel-microcode-3.20161104.1~deb8u1/changelog 
intel-microcode-3.20170511.1~deb8u1/changelog
--- intel-microcode-3.20161104.1~deb8u1/changelog   2016-12-16 
08:53:58.0 -0200
+++ intel-microcode-3.20170511.1~deb8u1/changelog   2017-05-26 
08:24:17.0 -0300
@@ -1,3 +1,16 @@
+2017-05-11:
+  * Updated Microcodes:
+sig 0x000306c3, pf_mask 0x32, 2017-01-27, rev 0x0022, size 22528
+sig 0x000306d4, pf_mask 0xc0, 2017-01-27, rev 0x0025, size 17408
+sig 0x000306f2, pf_mask 0x6f, 2017-01-30, rev 0x003a, size 32768
+sig 0x000306f4, pf_mask 0x80, 2017-01-30, rev 0x000f, size 16384
+sig 0x00040651, pf_mask 0x72, 2017-01-27, rev 0x0020, size 20480
+sig 0x00040661, pf_mask 0x32, 2017-01-27, rev 0x0017, size 24576
+sig 0x00040671, pf_mask 0x22, 2017-01-27, rev 0x0017, size 11264
+sig 0x000406e3, pf_mask 0xc0, 2017-04-09, rev 0x00ba, size 98304
+sig 0x000406f1, pf_mask 0xef, 2017-03-01, rev 0xb21, size 26624
+sig 0x000506e3, pf_mask 0x36, 2017-04-09, rev 0x00ba, size 98304
+
 2016-11-04:
   * New Microcodes:
 sig 0x00050663, pf_mask 0x10, 2016-10-12, rev 0x70d, size 20480
diff -Nru intel-microcode-3.20161104.1~deb8u1/debian/changelog 
intel-microcode-3.20170511.1~deb8u1/debian/changelog
--- intel-microcode-3.20161104.1~deb8u1/debian/changelog2016-12-16 
09:42:12.0 -0200
+++ intel-microcode-3.20170511.1~deb8u1/debian/changelog2017-05-29 
19:06:07.0 -0300
@@ -1,3 +1,61 @@
+intel-microcode (3.20170511.1~deb8u1) stable; urgency=high
+
+  * This is the same package as 3.20170511.1 from unstable/testing and
+3.20170511.1~bpo8+1, from jessie-backports.  It has been present in
+unstable since 2017-05-15, testing since 2017-05-26, and jessie-backports
+since 2017-05-29.
+  * Urgency updated to high:
++ Confirmed fix: nightmare-level Skylake erratum SKL150
++ Confirmed: gcc may generate the code patterns that trigger SKL150
+  (unpredictable behavior).  The OCaml community was hit by this erratum
+  and has been investigating the issue since 2017-01.  It affected the
+  OCaml compiler, and OCaml programs when gcc was used as the backend.
+  https://caml.inria.fr/mantis/view.php?id=7452
+
+ -- Henrique de Moraes Holschuh   Mon, 29 May 2017 19:06:06 
-0300
+
+intel-microcode (3.20170511.1) unstable; urgency=medium
+
+  * New upstream microcode datafile 20170511
++ Updated Microcodes:
+  sig 0x000306c3, pf_mask 0x32, 2017-01-27, rev 0x0022, size 22528
+  sig 0x000306d4, pf_mask 0xc0, 2017-01-27, rev 0x0025, 

Bug#863661: openvswitch: CVE-2017-9264

[Ben Pfaff]

severity 863661 normal
thanks

On Mon, May 29, 2017 at 10:14:49PM +0200, Salvatore Bonaccorso wrote:
> Source: openvswitch
> Version: 2.6.2~pre+git20161223-3
> Severity: important
> Tags: patch upstream security
> 
> Hi,
> 
> the following vulnerability was published for openvswitch.
> 
> CVE-2017-9264[0]:
> | In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS)
> | 2.6.1, there is a buffer over-read while parsing malformed TCP, UDP,
> | and IPv6 packets in the functions `extract_l3_ipv6`, `extract_l4_tcp`,
> | and `extract_l4_udp` that can be triggered remotely.
> 
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

This only affects the userspace datapath, most often used in the context
of DPDK, which isn't enabled in the Debian packaging.  In addition, the
fact that it's a buffer overread (which makes it difficult to use to
crash OVS or change its behavior) and the fact that end-to-end TCP
checksum verification would catch it leads me to believe that this is
only "normal" severity, so I'm updating it (with this email).

Thanks,

Ben.

Bug#842261: make: Typo in french translation

[Adrien]

Hello,

Indeed, this is the typo:

> Makefile:17 : la recette pour la cible « mytarget » a échouée

This should be: "la recette pour la cible « mytarget » a échoué",
without the ending E.

Thanks,

-- 
Adrien P.


On Thu, 27 Oct 2016 15:08:17 +0200 Samuel Thibault
 wrote:
> Package: make
> Version: 4.1-9
> Severity: wishlist
> Tags: patch
>
> Hello,
>
> There is a small typo in the french translation of make messages, see
> attached patch (compressed to avoid charset conversions).
>
> Samuel
>
> -- System Information:
> Debian Release: stretch/sid
> APT prefers testing
> APT policy: (990, 'testing'), (500, 'unstable-debug'), (500,
'testing-debug'), (500, 'buildd-unstable'), (500, 'unstable'), (500,
'stable'), (500, 'oldstable'), (1, 'experimental-debug'), (1,
'buildd-experimental'), (1, 'experimental')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
>
> Kernel: Linux 4.8.0 (SMP w/4 CPU cores)
> Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
>
> Versions of packages make depends on:
> ii libc6 2.24-5
>
> make recommends no packages.
>
> Versions of packages make suggests:
> ii make-doc 4.1-3
>
> -- no debconf information
>
> --
> Samuel
> Les roots ne sont plus ce qu'ils étaient...Maintenant il sont dioxinés,
> c'est de la m... ! Avant on les élevaient avec du bon unix mais ça été
> remplacé par des farines industrielles nouvelles technologies (NT).
> -+- JdK in NPC : Exigez un root élevé sous la mère ! -+-

-- 
Adrien.

Bug#863499: [Pkg-xfce-devel] Bug#863499: Trash: sort the files/folders by "time of deletion"

[c.buhtz]

On 2017-05-28 21:42 Yves-Alexis Perez  wrote:
> What about sorting by modification date?

Not really working.
 - The folders are shown on top. That can only be deactivated for all
   folders and not for Trash only.
 - From the users point of view is the "modification date" not the
   deletiton date. If it is technical the same: Just rename that
   menupoint it when Trash is shown.

regards

Bug#816781: [Aptitude-devel] Bug#816781: aptitude: Can not cancel pending upgrade actions

[Cesare Leonardi]

On 29/05/2017 11:31, Axel Beckert wrote:

Before you press the corresponding menu entry, but after already
having selected it, aptitude will show the following long description
in the status line:

  Cancel all pending actions from this session

So this menu entry only cancels actions which weren't scheduled in
previous sessions on purpose.


Thank you Axel for the detailed and clear explanation.
I admit i've never noted the string in the status bar...


So maybe we should be a little bit more verbose with the short
description in the menu or maybe even split "Cancel pending actions"
into two separate menu entries:

* Cancel pending actions of this session
* Cancel all pending actions

or similar.


It will be wonderful to have two entries, because "Cancel all pending 
actions" is quite self explanatory, will match the previous behaviour 
and users should not be surprised upgrading from Debian 8 to 9.


But isn't it too late for Stretch?

Anyway, I think that making a note at least in NEWS.Debian could be helpful.

Cesare.

Bug#863620: gdb: breakpoints disappear after recompiling

[Lu Wang]

Dear Héctor Orón Martínez

My problem is that the breakpoint set at the first time do noting if I compile 
the code again.

The test code is

//test.c
1 #include 
2 #include 
3
4 int main()
5 {
6  int a=1, b=2, c=3;
7  int s;
8  s=a+b;
9  s+=c;
10  printf("%d+%d+%d = %d\n", a, b, c, s);
11
12 return 0;
13 }

 I compile the code with
$ gcc -Wall -g test.c -o test

Then I run gdb
$ gdb test

I set a breakpoint at line 8
(gdb)  :break 8

And run the program in gdb
(gdb)  :run

Then I compile the same code at the second time with the same command
$ gcc -Wall -g test.c -o test

And run the probram in gdb again. The breakpoint do nothing. If I check the 
status of the breakpoint with
(gdb)  :info breakpoints
the output is
Num Type   Disp Enb AddressWhat
1   breakpoint keep n   0x46cd in main at test.c:8

The output means the breakpoint is NOT enabled. I think the status of the 
breakpoint should NOT be changed.

Best Regards

Lu Wang



From: Héctor Orón Martínez 
Sent: Monday, May 29, 2017 11:04 PM
To: Lu Wang; 863...@bugs.debian.org
Subject: Re: Bug#863620: gdb: breakpoints disappear after recompiling

Hello,

2017-05-29 13:02 GMT+02:00 Lu Wang :
> I have set some breakpoints. If I recompile the code for debugging.
> Then I execute the program using the command
> run and the breakpoints disappear. This ought to work, but doesn't
> restore my breakpoints.
>
> the output is
>
> `/home/tw/Documents/test1/xxx' has changed; re-reading symbols.
> Error in re-setting breakpoint 1: Cannot access memory at address
> 0x46f0
> Starting program: /home/tw/Documents/test1/xxx
> [Switching to thread 1 (process 11336)](running)
> [Inferior 1 (process 11336) exited normally]

Not sure if I understand correctly, but break points work for me...

/tmp/hello-2.10$ gdb hello
GNU gdb (Debian 7.12-6) 7.12.0.20161007-git
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
.
Find the GDB manual and other documentation resources online at:
.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from hello...done.
(gdb) b main
Breakpoint 1 at 0x15f0: file src/hello.c, line 41.
(gdb) run
Starting program: /tmp/hello-2.10/hello

Breakpoint 1, main (argc=1, argv=0x7fffe0a8) at src/hello.c:41
41  {
(gdb)


However, what do you mean with you recompile the code for debugging?
Can you show a reproducible testcase?

Regards


--
 Héctor Orón  -.. . -... .. .- -.   -.. . ...- . .-.. --- .--. . .-.

Bug#863657: debian-edu-config: fails to configure the exim4 environment after installation of the main server

[Holger Levsen]

On Mon, May 29, 2017 at 09:51:41PM +0200, Wolfgang Schweer wrote:
> Reason: The cfengine exim4-create-environment shellscript is executed
> too early, the Kerberos SMTP keytab isn't yet available, copying the
> file fails. If the fifth pass of the cfengine run is used instead of the
> first one, the file should be available.
 
*why* is it more likely to be available in the 5th run?


-- 
cheers,
Holger


signature.asc
Description: Digital signature

Bug#863679: /usr/sbin/pm-powersave: repeatedly runs until /var/log/pm-powersave.log fills up disk

[Vagrant Cascadian]

Package: pm-utils
Version: 1.4.1-17
Severity: critical
File: /usr/sbin/pm-powersave
Justification: breaks the whole system

In the last few days, pm-powersave is being called roughly once per
second, which is logging to /var/log/pm-powersave.log until there's no
disk space left. I don't think I have any custom configuration of
pm-utils or related software.

I've worked around the issue by installing a script that sleeps 600
seconds into /etc/pm/power.d/zzzsleep, but this obviously isn't a real
solution...

It appears to be getting called by acpid, so maybe the problem really
lies there:

  ├─acpid
  │   └─sh -c /etc/acpi/power.sh
  │   └─power.sh /etc/acpi/power.sh
  │   └─pm-powersave /usr/sbin/pm-powersave false
  │   └─zzzsleep /etc/pm/power.d/zzzsleep false
  │   └─sleep 600

One iteration loop in /var/log/pm-powersave.log looks like this:

  Running hook /usr/lib/pm-utils/power.d/95hdparm-apm false:
  /usr/lib/pm-utils/power.d/95hdparm-apm false: success.

  Running hook /usr/lib/pm-utils/power.d/anacron false:
  /usr/lib/pm-utils/power.d/anacron false: success.

  Running hook /usr/lib/pm-utils/power.d/disable_wol false:
  Setting Wake On Lan for enp2s0 to enable...Done.
  /usr/lib/pm-utils/power.d/disable_wol false: success.

  Running hook /usr/lib/pm-utils/power.d/intel-audio-powersave false:
  Setting power savings for snd_hda_intel to 0...Done.
  /usr/lib/pm-utils/power.d/intel-audio-powersave false: success.

  Running hook /usr/lib/pm-utils/power.d/laptop-mode false:
  Laptop mode disabled.
  /usr/lib/pm-utils/power.d/laptop-mode false: success.

  Running hook /usr/lib/pm-utils/power.d/pci_devices false:
  Setting Host Bridge :00:00.0 to on
  Setting Audio device :00:03.0 to on
  Setting Audio device :00:1b.0 to on
  Setting Ethernet device :02:00.0 to on
  Setting Wireless device :03:00.0 to on
  /usr/lib/pm-utils/power.d/pci_devices false: success.

  Running hook /usr/lib/pm-utils/power.d/pcie_aspm false:
  sh: echo: I/O error
  /usr/lib/pm-utils/power.d/pcie_aspm false: success.

  Running hook /usr/lib/pm-utils/power.d/sata_alpm false:
  Setting SATA ALPM on host0 to max_performance...Done.
  Setting SATA ALPM on host1 to max_performance...Done.
  /usr/lib/pm-utils/power.d/sata_alpm false: success.

  Running hook /usr/lib/pm-utils/power.d/sched-powersave false:
  **sched policy powersave OFF
  /usr/lib/pm-utils/power.d/sched-powersave false: success.

  Running hook /usr/lib/pm-utils/power.d/usb_bluetooth false:
  /usr/lib/pm-utils/power.d/usb_bluetooth false: success.

  Running hook /usr/lib/pm-utils/power.d/wireless false:
  Turning powersave for wlp3s0 off...Error for wireless request "Set Power 
Management" (8B2C) :
  SET failed on device wlp3s0 ; Operation not supported.
  Failed.
  /usr/lib/pm-utils/power.d/wireless false: success.

  Running hook /usr/lib/pm-utils/power.d/xfs_buffer false:
  /usr/lib/pm-utils/power.d/xfs_buffer false: not applicable.

Any sugestions for further debugging appreciated!

live well,
  vagrant

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing'), (120, 'unstable'), (1, 'experimental')
Architecture: amd64
 (x86_64)
Foreign Architectures: armhf, arm64

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages pm-utils depends on:
ii  powermgmt-base  1.31+nmu1

Versions of packages pm-utils recommends:
ii  ethtool  1:4.8-1+b1
ii  hdparm   9.51+ds-1
ii  kbd  2.0.3-2+b1
ii  procps   2:3.3.12-3
ii  vbetool  1.1-4

Versions of packages pm-utils suggests:
pn  cpufrequtils
pn  radeontool  
ii  wireless-tools  30~pre9-12+b1

-- no debconf information


signature.asc
Description: PGP signature

Bug#863681: hexchat-otr: confusing and noisy messages

[Holger Levsen]

package: hexchat-otr
x-debbugs-cc: 863...@bugs.debian.org

Hi,

in #863660 Mattia asked the hexchat package to be changed (at the end of the
stretch freeze) to not recommend hexchat-otr anymore, because of this:

On Mon, May 29, 2017 at 10:49:46PM +0200, Mattia Rizzolo wrote:
> Upstream contact me about sevaral (apparently too many) users having
> issues with an hexchat external plugin being too noisy [1] and causing
> other issues for unexperienced users.

… and if this behaviour of hexchat-otr is *so* annoying, there should be a bug
about this, thus filing one here. 
 
> All considered probably such barely maintained plugin shouldn't be
> instaled by default indeed, therefore I'm asking for permission to
> upload the following debdiff and having it in stretch.
> 
> [1] "OTR: Error saving instance tags: No such file or directory
> (gcrypt)" for every query started if not configured

disclaimer: I'm not a hexchat user, I just care about OTR.


-- 
cheers,
Holger


signature.asc
Description: Digital signature

Bug#863680: gobby: fails to upgrade squeeze -> wheezy -> jessie -> stretch

[Andreas Beckmann]

Package: gobby
Version: 0.5.0-8
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package fails to upgrade from
'squeeze' to 'wheezy' to 'jessie'.
It installed fine in 'squeeze', and upgraded to 'wheezy' and 'jessie'
successfully, but then the upgrade to 'stretch' failed.

>From the attached log (scroll to the bottom...):

  Unpacking gobby (0.5.0-8) over (0.5.0-4) ...
  dpkg: error processing archive /var/cache/apt/archives/gobby_0.5.0-8_i386.deb 
(--unpack):
   trying to overwrite '/usr/share/pixmaps/gobby.xpm', which is also in package 
gobby-0.4 0.4.13-2

Looks like gobby is missing Breaks+Replaces: gobby-0.4


cheers,

Andreas


gobby_0.5.0-8.log.gz
Description: application/gzip

Bug#863632: [Pkg-puppet-devel] Bug#863632: puppetmaster: The broken compatibility with older agents

[Apollon Oikonomopoulos]

Control: severity -1 important
Control: tags -1 wontfix

Dear Martin,

On 15:12 Mon 29 May , Martin Duspiva wrote:
> Dear Maintainer,
> 
> fter install the last security update 3.7.2-4+deb8u1, the puppet 
> master doesn't work with puppet agents ( clients ) on Debian Squeezy 
> and Wheezy.  The error on agent is:

Thank you for the report.

Unfortunately this is a known and well-documented issue. It's documented 
in both the package's debian/NEWS, and the Debian Security 
Announcement[1] on the debian-security-announce mailing list.

[1] https://lists.debian.org/debian-security-announce/2017/msg00122.html

It is (at least currently) impossible to retain compatibility and fix 
the vulnerability at the same time, as the 2.7 agent sends everything 
using YAML while the 3.7 master will reject YAML as unsafe. The 
recommended approach is to use the 3.7 packages from wheezy-backports on 
wheezy agents. I know this is not ideal, but 2.7 is unsupported upstream 
for quite a while now.

Regards,
Apollon

Bug#863678: wipefs: does not delete btrgs label/signature

[Mike Mestnik]

Package: util-linux
Version: 2.29.1-1
Severity: wishlist

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Used wipefs followed by pvcreate and pvcreate indecated
that the block device was formated btrfs.

- -- System Information:
Debian Release: 8.7
  APT prefers stable
  APT policy: (500, 'stable'), (490, 'testing'), (480, 'unstable'), (470, 
'experimental')
Architecture: i386 (x86_64)

Kernel: Linux 4.2.0-19-generic (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages util-linux depends on:
ii  libblkid1  2.25.2-6
ii  libc6  2.24-9
ii  libfdisk1  2.29.1-1
ii  libmount1  2.29.1-1
ii  libncursesw5   6.0+20161126-1
ii  libpam0g   1.1.8-3.1+deb8u2
ii  libselinux12.6-3
ii  libsmartcols1  2.29.1-1
ii  libsystemd0232-18
ii  libtinfo5  6.0+20161126-1
ii  libudev1   232-18
ii  libuuid1   2.25.2-6
ii  zlib1g 1:1.2.8.dfsg-2+b1

util-linux recommends no packages.

Versions of packages util-linux suggests:
ii  dosfstools  3.0.27-1
ii  kbd 2.0.3-2
ii  util-linux-locales  2.25.2-6

- -- no debconf information

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBAgAGBQJZLJquAAoJEOPRqa2O3KuKEVIP/21uI2sFhp5/ZPTAnicX5vRJ
1gWKXv74PYlTkJikKkGPfgf3gMSyY6kaS7LLZOa9uviQKPyPJWyZzAEtTZf/3zF/
7C7mwyFaqT3gDfKfB4fAEp/D349Q8PHzK1IvvSTR5vFF3RrJzftGq32NQx8Gr4N0
JW/4FC0nv6XZLeM0CHBx/cz+5XbW6sIkJNLqN9ckveLUc5obbQsLxO5toH31r4P1
5KapBINKkyhEoQrOk0BtzsYhwiLArFMJsbZiLcXJ5Bhtn/j3Y/VrewDWIbPokfHf
Y3IutzWv9GEoV12cJHBi3rACn8dsQ/qfjjseahLOP3VZW3cnx86Dyd9BVBjzRxp1
OE8clmEzYOtt6y+yJqK2p9sWuA9t38nGFE4vVgb6RsCCt0Aj3poDHXUYB2VmoI7f
5l8fJCOhLBTkS1PsS4aDNNLkXMq575Wipmh01YJTW/VVb94t86tHg2OFV+KTlHYT
aVzEWs1p2blsjZLLP4ZG0m0oYEXCr4c7eF8Nnq+MCVn8biSqVOKVmy61Gdug9yyp
/YiqHptDFfu55yTTiX+5OXxEjqOAPMBL9LE3rvIa2spEdcj7Fyce8kVP2HMO27Lf
mQ73R8GDnVi96CztbWexdvqEKunfPJH8Eh2Z33ycHHJHrF50mAHZ6mf77Y7C+Xgf
70kD6SYZFDAPZfatd/kL
=ELSo
-END PGP SIGNATURE-

Bug#863634: unblock (pre-approval): systemd/232-24

[Jonathan Wiltshire]

Control: tag -1 confirmed moreinfo

On 2017-05-29 15:37, Michael Biebl wrote:

I'd like to make another upload of systemd if possible.
It fixes a remote DoS in resolved (#863277). We don't enable resolved
by default in Debian, so this bug is not super critical.
But since an (upstream) fix exists, I would prefer to have this fix in
stretch. The attached debdiff also has two smaller fixes which have
piled up in the stretch branch in the mean time.

Please let me know if I can proceed with the upload.
If you want me to postpone that for 9.1, I'm fine as well. Uploading it
now would have the benefit though of at least some testing in unstable.


Please go ahead and remove the moreinfo tag when it is ready to be 
unblocked.


Thanks,

--
Jonathan Wiltshire  j...@debian.org
Debian Developer http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

 i have six years of solaris sysadmin experience, from
8->10. i am well qualified to say it is made from bonghits
layered on top of bonghits

Bug#863651: debian-installer: no bcache support

[Ben Hutchings]

On Mon, 2017-05-29 at 23:22 +0200, Cyril Brulebois wrote:
> Hi Mike,
> 
> Mike Mestnik  (2017-05-29):
> > I created bcache backing store and was unable to install into it.
> 
> I have no idea about bcache, but for those who might stumble upon this
> bug report, it might be worthwhile to specify what steps you tried, what
> the results were, and what the expected results are.

I think we would need a new partman module to support it, same as for
md and lvm.

Ben.

-- 
Ben Hutchings
Beware of programmers who carry screwdrivers. - Leonard Brandwein



signature.asc
Description: This is a digitally signed message part

Bug#863677: spambayes: symlink loop detected in path 'usr/bin/sb_bnfilter.py'

[Andreas Beckmann]

Package: spambayes
Version: 1.1b1-2
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package ships (or creates)
a broken symlink.

>From the attached log (scroll to the bottom...):

0m35.0s ERROR: FAIL: debsums reports modifications inside the chroot:
  debsums: Error: symlink loop detected in path 'usr/bin/sb_bnfilter.py'. 
Please file a bug again spambayes.


cheers,

Andreas


spambayes_1.1b1-2.log.gz
Description: application/gzip

Bug#863676: libcaf-mpi1: missing Breaks+Replaces: libcoarrays0d (<< 1.8.10)

[Andreas Beckmann]

Package: libcaf-mpi1
Version: 1.8.10-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Control: affects -1 + open-coarrays-bin

Hi,

during a test with piuparts I noticed your package fails to upgrade from
'sid' to 'experimental'.
It installed fine in 'sid', then the upgrade to 'experimental' fails
because it tries to overwrite other packages files without declaring a
Breaks+Replaces relation.

See policy 7.6 at
https://www.debian.org/doc/debian-policy/ch-relationships.html#s-replaces

>From the attached log (scroll to the bottom...):

  Selecting previously unselected package libcaf-mpi1:amd64.
  Preparing to unpack .../libcaf-mpi1_1.8.10-1_amd64.deb ...
  Unpacking libcaf-mpi1:amd64 (1.8.10-1) ...
  dpkg: error processing archive 
/var/cache/apt/archives/libcaf-mpi1_1.8.10-1_amd64.deb (--unpack):
   trying to overwrite '/usr/lib/x86_64-linux-gnu/libcaf_mpi.so.1', which is 
also in package libcoarrays0d:amd64 1.8.6-2
  Preparing to unpack .../open-coarrays-bin_1.8.10-1_amd64.deb ...
  Unpacking open-coarrays-bin:amd64 (1.8.10-1) over (1.8.6-2) ...
  Errors were encountered while processing:
   /var/cache/apt/archives/libcaf-mpi1_1.8.10-1_amd64.deb


cheers,

Andreas


open-coarrays-bin_1.8.10-1.log.gz
Description: application/gzip

Bug#862992: systemd: avoid attempt to re-create /etc/mtab by systemd-tmpfiles-setup.service

[Cyril Brulebois]

Michael Biebl  (2017-05-29):
> Nah, that would be for buster. I didn't mean to imply we should change
> the status quo for stretch.

Ah, all good then. Feel free to request the code change in finish-install
to turn current code into rm so that the installed system no longer gets
that remnant from the past. :)


KiBi.


signature.asc
Description: Digital signature

Bug#863634: unblock (pre-approval): systemd/232-24

[Cyril Brulebois]

Michael Biebl  (2017-05-29):
> I'd like to make another upload of systemd if possible.
> It fixes a remote DoS in resolved (#863277). We don't enable resolved
> by default in Debian, so this bug is not super critical.
> But since an (upstream) fix exists, I would prefer to have this fix in
> stretch. The attached debdiff also has two smaller fixes which have
> piled up in the stretch branch in the mean time.
> 
> Please let me know if I can proceed with the upload.
> If you want me to postpone that for 9.1, I'm fine as well. Uploading it
> now would have the benefit though of at least some testing in unstable.
> 
> The changes don't touch d-i, but I've CCed debian-boot@ anyway for an
> ack.
> 
> Full debdiff attached.

Changes look fine to me, be it for r0 or r1. If that's candidate for r0,
it needs to have migrated a few days before the last week, so that d-i
can be prepared with all components from testing.


KiBi.


signature.asc
Description: Digital signature

Bug#863675: libmariadbd-dev: fails to upgrade from 'sid' - trying to overwrite /usr/bin/mysql_config

[Andreas Beckmann]

Package: libmariadbd-dev
Version: 10.3.0-0+exp2
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package fails to upgrade from
'sid' to 'experimental'.
It installed fine in 'sid', then the upgrade to 'experimental' fails
because it tries to overwrite other packages files without declaring a
Breaks+Replaces relation.

See policy 7.6 at
https://www.debian.org/doc/debian-policy/ch-relationships.html#s-replaces

>From the attached log (scroll to the bottom...):

  Selecting previously unselected package libmariadb-dev:amd64.
  Preparing to unpack .../10-libmariadb-dev_10.3.0-0+exp2_amd64.deb ...
  Unpacking libmariadb-dev:amd64 (10.3.0-0+exp2) ...
  dpkg: error processing archive 
/tmp/apt-dpkg-install-vvkKED/10-libmariadb-dev_10.3.0-0+exp2_amd64.deb 
(--unpack):
   trying to overwrite '/usr/bin/mysql_config', which is also in package 
libmariadbclient-dev 10.1.23-8


cheers,

Andreas


libmariadbd-dev_10.3.0-0+exp2.log.gz
Description: application/gzip

Bug#862992: systemd: avoid attempt to re-create /etc/mtab by systemd-tmpfiles-setup.service

[Michael Biebl]

Am 29.05.2017 um 21:23 schrieb Cyril Brulebois:
> Michael Biebl  (2017-05-29):

>> I guess you mean stretch, but yeah, we had this fixup rule for two
>> release cycles (via debian-fixup.service in jessie and via the
>> tmpfiles snippet in stretch). Maybe it's time to drop that in buster.
>> Should we get d-i (and FAI) updated to drop the creation of /etc/mtab
>> as well then?
> 
> d-i only gets that file into place because some of its components need
> it (or used to need it). It's technically easy to modify the code above
> to drop /target/etc/mtab instead of converting from a static file to a
> symlink.
> 
> That being said, changing this so late in the release cycle makes me a
> bit uneasy. :/

Nah, that would be for buster. I didn't mean to imply we should change
the status quo for stretch.


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#863651: debian-installer: no bcache support

[Cyril Brulebois]

Hi Mike,

Mike Mestnik  (2017-05-29):
> I created bcache backing store and was unable to install into it.

I have no idea about bcache, but for those who might stumble upon this
bug report, it might be worthwhile to specify what steps you tried, what
the results were, and what the expected results are.


KiBi.


signature.asc
Description: Digital signature

Bug#862151: libetpan: CVE-2017-8825

[Moritz Muehlenhoff]

On Tue, May 09, 2017 at 08:04:58AM +0200, Salvatore Bonaccorso wrote:
> Source: libetpan
> Version: 1.6-2
> Severity: important
> Tags: upstream patch security
> Forwarded: https://github.com/dinhviethoa/libetpan/issues/274
> 
> Hi,
> 
> the following vulnerability was published for libetpan.
> 
> CVE-2017-8825[0]:
> | A null dereference vulnerability has been found in the MIME handling
> | component of LibEtPan before 1.8, as used in MailCore and MailCore 2. A
> | crash can occur in low-level/imf/mailimf.c during a failed parse of a
> | Cc header containing multiple e-mail addresses.

What's the status, can you please upload a fix prior to the stretch
release?

Cheers,
Moritz


> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
> 
> For further information see:
> 
> [0] https://security-tracker.debian.org/tracker/CVE-2017-8825
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8825
> [1] https://github.com/dinhviethoa/libetpan/issues/274
> [2] 
> https://github.com/dinhviethoa/libetpan/commit/1fe8fbc032ccda1db9af66d93016b49c16c1f22d
> 
> Please adjust the affected versions in the BTS as needed.
> 
> Regards,
> Salvatore
> 

Bug#863673: CVE-2017-9148: FreeRADIUS TLS resumption authentication bypass

[Guido Günther]

Package: freeradius
Version: 3.0.12+dfsg-4
severity: grave

Hi,

the following vulnerability was published for freeradius.

CVE-2017-9148[0]: FreeRADIUS TLS resumption authentication bypass

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-9148
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9148

Please adjust the affected versions in the BTS as needed.
Cheers,
 -- Guido

Bug#863672: performance critical libyuv built with Os

[Julian Taylor]

Package: firefox
Version:  53.0.is.52.0.2-1
Severity: normal


libyuv which is a performance critical library for firefix is built with
-Os which is horrible for performance for it.
In particular row_common.cc which contains the generic parts of the
color transformation code:

See:
https://buildd.debian.org/status/fetch.php?pkg=firefox=amd64=53.0.is.52.0.2-1=1492644908=0

/usr/bin/g++ -std=gnu++11 -o row_common.o -c  ...   -fPIC
-DMOZILLA_CLIENT -include
/PKGBUILDDIR/build-browser/mozilla-config.h -MD -MP -MF
.deps/row_common.o.pp -Wdate-time -D_FORTIFY_SOURCE=2 -Wall
-Wc++11-compat -Wempty-body -Wignored-qualifiers -Woverloaded-virtual
-Wpointer-arith -Wsign-compare -Wtype-limits -Wunreachable-code
-Wwrite-strings -Wno-invalid-offsetof -Wc++14-compat
-Wno-error=maybe-uninitialized -Wno-error=deprecated-declarations
-Wno-error=array-bounds -fno-lifetime-dse -fstack-protector-strong
-Wformat -Werror=format-security -fno-schedule-insns2 -fno-lifetime-dse
-fno-delete-null-pointer-checks -fno-exceptions -fno-strict-aliasing
-fno-rtti -ffunction-sections -fdata-sections -fno-exceptions
-fno-math-errno -pthread -pipe  -g -freorder-blocks -Os
-fomit-frame-pointer
/PKGBUILDDIR/media/libyuv/source/row_common.cc


The problematic part is the YuvPixel function which is called in loops
and in turn calls tiny clamp functions.
Os disables inlining so this causes massive overhead.
This is the top cpu profile on sites which e.g. display videos.
  17.25%  libxul.so   [.] YuvPixel▒
   6.58%  libxul.so   [.] Clamp   ▒
   6.46%  libxul.so   [.] clamp255

The problem is not as bad as it looks as this generic code is only
executed on machines that do not have SSSE3, AVX2 or NEON (see
convert_argb.cc)
But there are still plenty useful cpus that do not have these
instruction sets and are crippled by the compiler flags used.

Is it possible to compile this library with O3 to allow the compiler to
vectorize it with the best available generic instruction set (e.g. SSE2
on x64).

cheers,
Julian Taylor



signature.asc
Description: OpenPGP digital signature

Bug#845134: dllvm-3.9: --enable-llvm in configure does not work for llvm-3.9 only llv-3.8

[Sylvestre Ledru]

Why don't you think it isn't a mesa issue?



Le 29/05/2017 à 22:59, Ryan David Larrowe a écrit :
> Package: llvm-3.9
> Version: 1:3.9.1-8
> Followup-For: Bug #845134
>
> Dear Maintainer,
>
> *** Reporter, please consider answering these questions, where appropriate ***
>
>* What led up to the situation?
> Trying to build mesa from RadeonFeature driver.
>* What exactly did you do (or not do) that was effective (or
>  ineffective)? I installed the most recent version of llvm (3.9) and
> removed 3.8.
>* What was the outcome of this action? Same problem.
>* What outcome did you expect instead? I expected for configure to find the
> right version of llvm.
>
> *** End of the template - remove these template lines ***
>
>
>
> -- System Information:
> Debian Release: 9.0
>   APT prefers testing
>   APT policy: (500, 'testing')
> Architecture: amd64
>  (x86_64)
> Foreign Architectures: i386
>
> Kernel: Linux 4.9.0-3-amd64 (SMP w/8 CPU cores)
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
>
> Versions of packages llvm-3.9 depends on:
> ii  libc6 2.24-10
> ii  libgcc1   1:6.3.0-18
> ii  libjsoncpp1   1.7.4-3
> ii  libllvm3.91:3.9.1-8
> ii  libstdc++66.3.0-18
> ii  libtinfo5 6.0+20161126-1
> ii  llvm-3.9-runtime  1:3.9.1-8
> ii  zlib1g1:1.2.8.dfsg-5
>
> Versions of packages llvm-3.9 recommends:
> ii  llvm-3.9-dev  1:3.9.1-8
>
> Versions of packages llvm-3.9 suggests:
> pn  llvm-3.9-doc  
>
> -- no debconf information
>

Bug#827122: liboasis3-0d: libpsmile.so is a broken symbolic link to libpsmile.MPI1.so.0d

[Andreas Beckmann]

Followup-For: Bug #827122
Control: found -1 3.mct+dfsg.121022-8
Control: affects -1 + liboasis3-doc

Hi,

still present in the latest upload:

0m59.2s ERROR: FAIL: Broken symlinks:
  /usr/lib/i386-linux-gnu/libpsmile.so -> libpsmile.MPI1.so.0d
0m59.5s DEBUG: Starting command: ['umount', '/tmp/piupartss/tmpANSro6/dev/shm']


Andreas

Bug#661485: smartmontools: smartd-runner fails to send email to more than one recipient

[Jawaad Ahmad]

Gabriele's fix will only work for two recipients.

I modified the smartd-runner script as follows for additional recipients as
I needed three:

#run-parts --report --lsbsysinit --arg=$tmp --arg="$1" \
#--arg="$2" --arg="$3" -- /etc/smartmontools/run.d
subject_opt="${1}"
shift

subject="${1}"
shift

recipients="${@}"

run-parts --report --lsbsysinit --arg=$tmp --arg="${subject_opt}" \
--arg="${subject}" --arg="${recipients}" -- /etc/smartmontools/run.d

Bug#863671: CVE-2015-9059

[Moritz Muehlenhoff]

Package: picocom
Severity: grave
Tags: security

2015 CVE ID, but only recently assigned:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9059

Cheers,
Moritz

Bug#852261: upstream patch

[Elena ``of Valhalla'']

I'm attaching a quilt patch that applies to version 0.5.0-0.1 with the
two commits from the upstream repo that solve the issue.

I've tried to build it: it does and it seems to be working fine on my
armhf board.

I'm not attaching a full debdiff because as far as I understand it
upstream is only waiting for confirmation from Jack Henschel that the
code is also working for him before closing the issue, and then it would
be available in the next upstream release, which I expect is probably
worth waiting for (at least for a while) at this stage, since it's going
to end up in buster anyway.

I did build on a machine with an UTF-8 locale, however.
-- 
Elena ``of Valhalla''
Index: profanity-0.5.0/src/common.c
===
--- profanity-0.5.0.orig/src/common.c	2016-09-15 23:53:43.0 +0200
+++ profanity-0.5.0/src/common.c	2017-05-29 22:21:35.722237804 +0200
@@ -509,13 +509,25 @@
 return *result;
 }
 
-if (g_str_has_prefix([offset], needle)) {
+gchar *haystack_curr = g_utf8_offset_to_pointer(haystack, offset);
+if (g_str_has_prefix(haystack_curr, needle)) {
 if (whole_word) {
-char *prev = g_utf8_prev_char([offset]);
-char *next = g_utf8_next_char([offset] + strlen(needle) - 1);
-gunichar prevu = g_utf8_get_char(prev);
-gunichar nextu = g_utf8_get_char(next);
-if (!g_unichar_isalnum(prevu) && !g_unichar_isalnum(nextu)) {
+gchar *needle_last_ch = g_utf8_offset_to_pointer(needle, g_utf8_strlen(needle, -1)- 1);
+int needle_last_ch_len = mblen(needle_last_ch, MB_CUR_MAX);
+
+gunichar before = NULL;
+gchar *haystack_before_ch = g_utf8_find_prev_char(haystack, haystack_curr);
+if (haystack_before_ch) {
+before = g_utf8_get_char(haystack_before_ch);
+}
+
+gunichar after = NULL;
+gchar *haystack_after_ch = g_utf8_find_next_char(haystack_curr + strlen(needle) - needle_last_ch_len, NULL);
+if (haystack_after_ch) {
+after = g_utf8_get_char(haystack_after_ch);
+}
+
+if (!g_unichar_isalnum(before) && !g_unichar_isalnum(after)) {
 *result = g_slist_append(*result, GINT_TO_POINTER(offset));
 }
 } else {
@@ -523,8 +535,9 @@
 }
 }
 
-if (haystack[offset+1] != '\0') {
-*result = prof_occurrences(needle, haystack, offset+1, whole_word, result);
+offset++;
+if (g_strcmp0(g_utf8_offset_to_pointer(haystack, offset), "\0") != 0) {
+*result = prof_occurrences(needle, haystack, offset, whole_word, result);
 }
 
 return *result;
Index: profanity-0.5.0/tests/unittests/test_common.c
===
--- profanity-0.5.0.orig/tests/unittests/test_common.c	2016-09-15 23:53:43.0 +0200
+++ profanity-0.5.0/tests/unittests/test_common.c	2017-05-29 22:21:29.225862420 +0200
@@ -444,6 +444,13 @@
 assert_true(_lists_equal(prof_occurrences("boothj5", "boothj5, hi",  0, TRUE, ), expected)); g_slist_free(actual); actual = NULL;
 g_slist_free(expected); expected = NULL;
 
+expected = g_slist_append(expected, GINT_TO_POINTER(0));
+assert_true(_lists_equal(prof_occurrences("我能吞下玻璃而", "我能吞下玻璃而",  0, TRUE, ), expected)); g_slist_free(actual); actual = NULL;
+assert_true(_lists_equal(prof_occurrences("我能吞下玻璃而", "我能吞下玻璃而 hi",   0, TRUE, ), expected)); g_slist_free(actual); actual = NULL;
+assert_true(_lists_equal(prof_occurrences("我能吞下玻璃而", "我能吞下玻璃而: hi",  0, TRUE, ), expected)); g_slist_free(actual); actual = NULL;
+assert_true(_lists_equal(prof_occurrences("我能吞下玻璃而", "我能吞下玻璃而, hi",  0, TRUE, ), expected)); g_slist_free(actual); actual = NULL;
+g_slist_free(expected); expected = NULL;
+
 expected = g_slist_append(expected, GINT_TO_POINTER(6));
 assert_true(_lists_equal(prof_occurrences("boothj5", "hello boothj5",0, TRUE, ), expected)); g_slist_free(actual); actual = NULL;
 assert_true(_lists_equal(prof_occurrences("boothj5", "hello boothj5 there",  0, TRUE, ), expected)); g_slist_free(actual); actual = NULL;
@@ -451,6 +458,12 @@
 g_slist_free(expected); expected = NULL;
 
 expected = g_slist_append(expected, GINT_TO_POINTER(6));
+assert_true(_lists_equal(prof_occurrences("我能吞下玻璃而", "hello 我能吞下玻璃而",0, TRUE, ), expected)); g_slist_free(actual); actual = NULL;
+assert_true(_lists_equal(prof_occurrences("我能吞下玻璃而", "hello 我能吞下玻璃而 there",  0, TRUE, ), expected)); g_slist_free(actual); actual = NULL;
+assert_true(_lists_equal(prof_occurrences("我能吞下玻璃而", "heyy @我能吞下玻璃而, there", 0, TRUE, ), expected)); g_slist_free(actual); actual = NULL;
+g_slist_free(expected); expected = NULL;
+
+expected = g_slist_append(expected, GINT_TO_POINTER(6));
 expected = g_slist_append(expected, GINT_TO_POINTER(26));
 

Bug#863670: node-timers-browserify: broken symlink: /usr/share/doc/node-timers-browserify/example/enroll/node_modules/timers-browserify -> ../../../../../nodejs/timers-browserify

[Andreas Beckmann]

Package: node-timers-browserify
Version: 2.0.2+dfsg-1
Severity: normal
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package ships (or creates)
a broken symlink.

>From the attached log (scroll to the bottom...):

0m46.2s ERROR: FAIL: Broken symlinks:
  
/usr/share/doc/node-timers-browserify/example/enroll/node_modules/timers-browserify
 -> ../../../../../nodejs/timers-browserify

That link resolves to /usr/share/nodejs/timers-browserify, but the
package ships /usr/lib/nodejs/timers-browserify


cheers,

Andreas


node-timers-browserify_2.0.2+dfsg-1.log.gz
Description: application/gzip

Bug#845134: dllvm-3.9: --enable-llvm in configure does not work for llvm-3.9 only llv-3.8

[Ryan David Larrowe]

Package: llvm-3.9
Version: 1:3.9.1-8
Followup-For: Bug #845134

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
Trying to build mesa from RadeonFeature driver.
   * What exactly did you do (or not do) that was effective (or
 ineffective)? I installed the most recent version of llvm (3.9) and
removed 3.8.
   * What was the outcome of this action? Same problem.
   * What outcome did you expect instead? I expected for configure to find the
right version of llvm.

*** End of the template - remove these template lines ***



-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages llvm-3.9 depends on:
ii  libc6 2.24-10
ii  libgcc1   1:6.3.0-18
ii  libjsoncpp1   1.7.4-3
ii  libllvm3.91:3.9.1-8
ii  libstdc++66.3.0-18
ii  libtinfo5 6.0+20161126-1
ii  llvm-3.9-runtime  1:3.9.1-8
ii  zlib1g1:1.2.8.dfsg-5

Versions of packages llvm-3.9 recommends:
ii  llvm-3.9-dev  1:3.9.1-8

Versions of packages llvm-3.9 suggests:
pn  llvm-3.9-doc  

-- no debconf information

Bug#863652: system-config-lvm: crash on stretch, python gtk bug?

[Chris Lamb]

Hi Gregory,

> Severity: critical
> Justification: causes serious data loss

Whilst I see the crash/traceback can you explain how it causes data loss?


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#863668: qstardict does not have dictionary installation instructions

[Svetlana Tkachenko]

Package: qstardict
Version: 0.12.9-1.2
Severity: important

Dear Maintainer,

qstardict does not have dictionary installation instructions. Please add
them to the 'help' menu. These instructions may be found at the official
website wiki,
http://wiki.qstardict.ylsoftware.com/Dictionaries_installation .


-- System Information:
Debian Release: 8.8
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 4.5.0-0.bpo.1-686 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages qstardict depends on:
ii  libc6   2.19-18+deb8u9
ii  libgcc1 1:4.9.2-10
ii  libglib2.0-02.42.1-1+b1
ii  libqt4-network  4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
ii  libqt4-xml  4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
ii  libqtcore4  4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
ii  libqtgui4   4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
ii  libstdc++6  4.9.2-10
ii  libx11-62:1.6.2-3
ii  zlib1g  1:1.2.8.dfsg-2+b1

qstardict recommends no packages.

Versions of packages qstardict suggests:
ii  festival  1:2.1~release-8

-- no debconf information

Bug#863669: seqan-apps: broken symlink on i386: /usr/bin/splazers -> ../lib/seqan/bin/splazers

[Andreas Beckmann]

Package: seqan-apps
Version: 2.3.1+dfsg-3
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package ships (or creates)
a broken symlink.

>From the attached log (scroll to the bottom...):

0m29.7s ERROR: FAIL: Broken symlinks:
  /usr/bin/splazers -> ../lib/seqan/bin/splazers

There is a /usr/lib/seqan/bin/splazers on amd64, but not on i386.
I did not check the other architectures.


cheers,

Andreas


seqan-apps_2.3.1+dfsg-3.log.gz
Description: application/gzip

Bug#863667: unblock: hexchat (pre-approval)

[Mattia Rizzolo]

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock

Upstream contact me about sevaral (apparently too many) users having
issues with an hexchat external plugin being too noisy [1] and causing
other issues for unexperienced users.

All considered probably such barely maintained plugin shouldn't be
instaled by default indeed, therefore I'm asking for permission to
upload the following debdiff and having it in stretch.

[1] "OTR: Error saving instance tags: No such file or directory
(gcrypt)" for every query started if not configured


diff --git a/debian/changelog b/debian/changelog
index ea6265b..2052824 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+hexchat (2.12.4-3) UNRELEASED; urgency=medium
+
+  * Demote hexchat-otr from Recommends to Suggests.
+It reportely causes noise and problems for unexperienced users, and it's
+mostly unmaintained plugin, so don't install it by default.
+
+ -- Mattia Rizzolo   Mon, 29 May 2017 22:45:42 +0200
+
 hexchat (2.12.4-2) unstable; urgency=medium
 
   * Also apply patch 4c178782a779f013fafab476506f7d4dae372b8a.patch on ubuntu.
diff --git a/debian/control b/debian/control
index a221a8a..bec6ba4 100644
--- a/debian/control
+++ b/debian/control
@@ -33,11 +33,11 @@ Depends:
  ${shlibs:Depends},
 Recommends:
  gvfs-bin,
- hexchat-otr,
  hexchat-perl,
  hexchat-plugins,
  hexchat-python3,
 Suggests:
+ hexchat-otr,
  unifont,
 Description: IRC client for X based on X-Chat 2
  HexChat is a graphical IRC client with a GTK+ GUI. Features include Python


-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#863666: xrandr: manpage does not document RandR 1.5 options

[Benjamin Barenblat]

Package: x11-xserver-utils
Version: 7.7+7+b1
Severity: normal
Tags: upstream
Forwarded: https://bugs.freedesktop.org/show_bug.cgi?id=101228

The xrandr man page does not document the options introduced with
RandR 1.5 functionality –

--listmonitors
--listactivemonitors
--setmonitor  {auto|/x/++}
{none|,,...}
--delmonitor 

These do, however, appear in the --help output.

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing'), (1, 'experimental')
Architecture: amd64
 (x86_64)

Kernel: Linux 4.11.0-trunk-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages x11-xserver-utils depends on:
ii  cpp  4:6.3.0-4
ii  libc62.24-10
ii  libice6  2:1.0.9-2
ii  libx11-6 2:1.6.4-3
ii  libxaw7  2:1.0.13-1+b2
ii  libxcursor1  1:1.1.14-1+b4
ii  libxext6 2:1.3.3-1+b2
ii  libxi6   2:1.7.9-1
ii  libxmu6  2:1.1.2-2
ii  libxmuu1 2:1.1.2-2
ii  libxrandr2   2:1.5.1-1
ii  libxrender1  1:0.9.10-1
ii  libxt6   1:1.1.5-1
ii  libxxf86vm1  1:1.1.4-1+b2

x11-xserver-utils recommends no packages.

Versions of packages x11-xserver-utils suggests:
pn  cairo-5c
pn  nickle  
ii  xorg-docs-core  1:1.7.1-1

-- no debconf information

Bug#863655: openvswitch: CVE-2017-9263

[Ben Pfaff]

notfound 863655 2.3.0+git20140819-1
found 863655 2.6.2~pre+git20161223-3
severity 863655 normal
thanks

On Mon, May 29, 2017 at 09:44:13PM +0200, Salvatore Bonaccorso wrote:
> Source: openvswitch
> Version: 2.3.0+git20140819-1
> Severity: important
> Tags: security upstream patch
> 
> Hi,
> 
> the following vulnerability was published for openvswitch.
> 
> CVE-2017-9263[0]:
> | In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status
> | message, there is a call to the abort() function for undefined role
> | status reasons in the function `ofp_print_role_status_message` in
> | `lib/ofp-print.c` that may be leveraged toward a remote DoS attack by a
> | malicious switch.

This doesn't really make sense.  For a "malicious switch" to leverage
this as a remote DoS, the controller that it talks to has to be
implemented using the OVS code in question.  OVS 2.3 as packaged for
Debian doesn't include a controller,

Open vSwitch 2.6.2 includes two controllers.  The first one,
ovs-testcontroller, is not vulnerable to this in the default
configuration, because it does not print such messages even if it
receives them, unless it is specially configured to do so.  The second
one, ovn-controller, only talks to Open vSwitch directly, not to
arbitrary switches, and only over a trusted Unix domain socket anyway.
In any case, if either of these crashes due to this bug, they
automatically restart themselves.

So, while it is a good idea to fix this, it's not high severity.

Bug#822896: debci-worker: cronjob produces output after package removal

[Andreas Beckmann]

Followup-For: Bug #822896
Control: found -1 1.6

Hi,

now we get

1m3.9s DEBUG: Starting command: ['chroot', '/tmp/piupartss/tmpyG3Xa8', 
'/etc/cron.daily/debci-worker']
1m3.9s DUMP: 
  /etc/cron.daily/debci-worker: 17: /etc/cron.daily/debci-worker: debci: not 
found
1m3.9s ERROR: Command failed (status=127): ['chroot', 
'/tmp/piupartss/tmpyG3Xa8', '/etc/cron.daily/debci-worker']


Andreas

Bug#863658: pd-flite: pd can't find help patch for flite

[zmoelnig+debian]

Control: tags -1 + confirmed
Control: clone -1 -2
Control: reassign -2 pd-pdstring
Control: retitle -2 pd-pdstring: pd can't find help patches
thanks


On 05/29/2017 09:46 PM, Claude Heiland-Allen wrote:
> 
> The help patch to be opened.  It seems to have been installed in
> /usr/lib/pd/doc/5.reference/
> 

indeed this is the problem.
the Debian package "puredata" uses /usr/lib/puredata/doc/5.reference/,
rather than /usr/lib/pd/...
so the bug could arguably be in puredata (rather than pd-flite)
however, i'd rather have it fixed in the pd-libraries (so they install
everything into a single directory, following the pd-libdir standard)


gfamsdr
IOhannes



signature.asc
Description: OpenPGP digital signature

Bug#863664: uim-gtk2.0: gtk{2,3}/qt/qt5 IM plugins are not multi-arch co-installable

[Yuriy M. Kaminskiy]

Package: uim-gtk2.0
Version: 1:1.8.6-8
Severity: important

Dear Maintainer,

gtk{2,3}, qt and qt5 IM plugins
/usr/lib/$ARCH/gtk-2.0/2.10.0/immodules/im-uim.so
/usr/lib/$ARCH/gtk-3.0/3.0.0/immodules/im-uim.so
/usr/lib/$ARCH/qt4/plugins/inputmethods/libuiminputcontextplugin.so
/usr/lib/$ARCH/qt5/plugins/platforminputcontexts/libuimplatforminputcontextplugin.so
are supposed to be used and installed for all enabled architectures, but 
shipped in non-multi-arched packages uim-{gtk2.0,gtk3,qt,qt5}. I guess, 
they should be splitted off to separate packages with Multi-Arch: same; 
also uim-{gtk2.0,gtk3,qt,qt5} should
be marked as Multi-Arch: foreign, as (with exception of those gtk/qt 
plugins) they contain non-arch-specific tools, that can be called by 
different-arch programs.


(TBD: why /usr/lib/i386-linux-gnu/uim/uim-candwin-{*gtk{,3},qt[45]} are 
in architecture-specific locations? (they either should be moved 
together with gtk/qt plugins, or moved to non-arch-specific directories, 
have not checked code yet).)


Also, I think uim-skk, uim-anthy, uim-m17nlib should be marked 
Multi-Arch: same, as they are also should be used by each arch plugin 
(and, obviously, co-installable).


And almost all remaining non-marked utilities/plugins packages
(especially Arch:all) should be marked Multi-Arch: foreign (otherwise 
they are satisfied as dependency only for primary architecture).


(I'm on jessie, but I checked packaging and file lists of
uim 1:1.8.6+gh20161003.0.d63dadd-2 from stretch/sid, it seems to be
affected too).

-- System Information:
Debian Release: 8.8
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable'), (100, 
'proposed-updates')

Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages uim-gtk2.0 depends on:
ii  libatk1.0-0  2.14.0-1
ii  libc62.19-18+deb8u7
ii  libcairo21.14.0-2.1+deb8u2
ii  libfontconfig1   2.11.0-6.3+deb8u1
ii  libfreetype6 2.5.2-3+deb8u2
ii  libgcroots0  0.8.5-4.1
ii  libgdk-pixbuf2.0-0   2.31.1-2+deb8u5
ii  libglib2.0-0 2.42.1-1+b1
ii  libgtk2.0-0  2.24.25-3+deb8u1
ii  libpango-1.0-0   1.36.8-3
ii  libpangocairo-1.0-0  1.36.8-3
ii  libpangoft2-1.0-01.36.8-3
ii  libuim-custom2   1:1.8.6-8
ii  libuim-data  1:1.8.6-8
ii  libuim-scm0  1:1.8.6-8
ii  libuim8  1:1.8.6-8
ii  libx11-6 2:1.6.2-3
ii  uim-common   1:1.8.6-8
ii  uim-utils1:1.8.6-8

uim-gtk2.0 recommends no packages.

Versions of packages uim-gtk2.0 suggests:
ii  uim-dict-gtk  1:1.8.6-8

-- no debconf information

Bug#845255: debian-policy: Include best practices for packaging database applications

[Bill Allombert]

On Mon, May 29, 2017 at 09:44:44PM +0200, Paul Gevers wrote:
> Hi all,
> 
> I hate to ping bugs, but is there anything I can do to help this move
> forward? (The policy 4.0.0 release reminded me of this bug).

You should ask database applications maintainers to second this proposal.

Cheers,
-- 
Bill. 

Imagine a large red swirl here. 

Bug#863663: libgstreamer1.0-0: plays MJPEG AVI files (and possibly other formats) at degraded quality

[Francesco Poli (wintermute)]

Package: libgstreamer1.0-0
Version: 1.10.4-1
Severity: important

Hello maintainers of GStreamer packages!
First off, thanks for maintaining these packages in Debian.

I am experiencing an issue with GStreamer: I noticed it inside
pdf-presenter-console (which uses libgstreamer1.0-0 to play back
movies in PDF documents). But I can reproduce the same exact issue
outside pdf-presenter-console, with the following command:

  $ gst-launch-1.0 filesrc location=movie.avi \! decodebin \! autovideosink

where movie.avi is an MJPEG AVI file (created with paraview, by using
the default Save Animation... menu entry and by choosing to save the
animation as an AVI file).

Well, the above quoted gst-launch-1.0 command displays the AVI file
at degraded quality, while using mpv plays the same file without visible
quality degradation:

  $ mpv movie.avi


I am filing this bug report against version 1.10.4-1 (current version
in Debian testing), but I have also given version 1.12.0-2 (from
experimental) a try: I am able to reproduce the same exact bug with
libgstreamer1.0-0/1.12.0-2 ...

Please try to reproduce the bug and to fix it and/or forward my bug
report upstream.

I really hope to hear back from you very soon.
Thanks for your time!


-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (800, 'testing'), (500, 'unstable')
Architecture: amd64
 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libgstreamer1.0-0 depends on:
ii  libc6 2.24-10
ii  libcap2   1:2.25-1
ii  libcap2-bin   1:2.25-1
ii  libglib2.0-0  2.50.3-2

libgstreamer1.0-0 recommends no packages.

Versions of packages libgstreamer1.0-0 suggests:
ii  gstreamer1.0-tools  1.10.4-1

-- no debconf information

Bug#863662: openvswitch: CVE-2017-9265

[Salvatore Bonaccorso]

Source: openvswitch
Version: 2.6.2~pre+git20161223-3
Severity: normal
Tags: upstream patch security

Hi,

the following vulnerability was published for openvswitch.

CVE-2017-9265[0]:
| In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing
| the group mod OpenFlow message sent from the controller in
| `lib/ofp-util.c` in the function `ofputil_pull_ofp15_group_mod`.

this should be only in the OpenFlow 1.5+ support, not sure the message
mentions this is not enabled by default. Affected source it as least
there.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-9265
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9265
[1] https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332965.html

Regards,
Salvatore

Bug#863661: openvswitch: CVE-2017-9264

[Salvatore Bonaccorso]

Source: openvswitch
Version: 2.6.2~pre+git20161223-3
Severity: important
Tags: patch upstream security

Hi,

the following vulnerability was published for openvswitch.

CVE-2017-9264[0]:
| In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS)
| 2.6.1, there is a buffer over-read while parsing malformed TCP, UDP,
| and IPv6 packets in the functions `extract_l3_ipv6`, `extract_l4_tcp`,
| and `extract_l4_udp` that can be triggered remotely.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-9264
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9264
[1] https://mail.openvswitch.org/pipermail/ovs-dev/2017-March/329323.html

Regards,
Salvatore

Bug#857013: [reportbug/master] fix a crash when parsing the config files lines in the package information; patch by Nis Martensen; Closes: #857013, #846053, #826534

[Sandro Tosi]

tag 857013 pending
tag 857013 pending
thanks

Date:   Mon May 29 15:15:41 2017 -0400
Author: Sandro Tosi 
Commit ID: 95a7ba332681d53ffb81501f706257020e822755
Commit URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff;h=95a7ba332681d53ffb81501f706257020e822755
Patch URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff_plain;h=95a7ba332681d53ffb81501f706257020e822755

fix a crash when parsing the config files lines in the package information; 
patch by Nis Martensen; Closes: #857013, #846053, #826534

  

Bug#859274: [reportbug/master] Finish open_url return type conversion: url_open() now returns a string and no longer an HTTPRespons object; patch by Nis Martensen; extends the fix for #859274

[Sandro Tosi]

tag 859274 pending
thanks

Date:   Mon May 29 14:06:36 2017 -0400
Author: Sandro Tosi 
Commit ID: f1b1cade0aae009171553ea93821750307895659
Commit URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff;h=f1b1cade0aae009171553ea93821750307895659
Patch URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff_plain;h=f1b1cade0aae009171553ea93821750307895659

Finish open_url return type conversion: url_open() now returns a string and 
no longer an HTTPRespons object; patch by Nis Martensen; extends the fix for 
#859274

  

Bug#861153: [reportbug/master] get_command_output() doesnt strip a trailing new-line, so deal with that behavior when running lsb_release and dpkg --print-architecture; patch by Nis Martensen; Closes:

[Sandro Tosi]

tag 861153 pending
tag 861153 pending
thanks

Date:   Mon May 29 11:20:36 2017 -0400
Author: Sandro Tosi 
Commit ID: db28cae36d4b0bebe97dc8a37b7f8016a5b662ea
Commit URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff;h=db28cae36d4b0bebe97dc8a37b7f8016a5b662ea
Patch URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff_plain;h=db28cae36d4b0bebe97dc8a37b7f8016a5b662ea

get_command_output() doesnt strip a trailing new-line, so deal with that 
behavior when running lsb_release and dpkg --print-architecture; patch by Nis 
Martensen; Closes: #861153

  

Bug#862801: [reportbug/master] update suites names: fade out squeeze (wheezy is now oldoldstable) and introduce buster (testing), bullseye (next-testing); Closes: #862801

[Sandro Tosi]

tag 862801 pending
tag 862801 pending
thanks

Date:   Mon May 29 11:26:42 2017 -0400
Author: Sandro Tosi 
Commit ID: bcf0adfba5222957ac7b2de7ef59e6e91b1dbb69
Commit URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff;h=bcf0adfba5222957ac7b2de7ef59e6e91b1dbb69
Patch URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff_plain;h=bcf0adfba5222957ac7b2de7ef59e6e91b1dbb69

update suites names: fade out squeeze (wheezy is now oldoldstable) and 
introduce buster (testing), bullseye (next-testing); Closes: #862801

  

Bug#863322: [reportbug/master] fix description regex to match only textual description (and not the MD5); patch by Nis Martensen; Closes: #863322

[Sandro Tosi]

tag 863322 pending
tag 863322 pending
thanks

Date:   Mon May 29 11:12:48 2017 -0400
Author: Sandro Tosi 
Commit ID: 7d4ccfab3e9f14cf3ce87aa387f7cce744d8d116
Commit URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff;h=7d4ccfab3e9f14cf3ce87aa387f7cce744d8d116
Patch URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff_plain;h=7d4ccfab3e9f14cf3ce87aa387f7cce744d8d116

fix description regex to match only textual description (and not the MD5); 
patch by Nis Martensen; Closes: #863322

  

Bug#863660: unblock: reportbug/7.1.7

[Sandro Tosi]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package reportbug

This is the final upload for stretch: it contains several bugfixes and
improvement that would make reportbug in stretch much more robust for our users.

A source packages diff is attached

unblock reportbug/7.1.7

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.2.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE= 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru reportbug-7.1.6/bin/querybts reportbug-7.1.7/bin/querybts
--- reportbug-7.1.6/bin/querybts2017-04-18 21:12:02.0 -0400
+++ reportbug-7.1.7/bin/querybts2017-05-29 16:00:17.0 -0400
@@ -168,16 +168,16 @@
 url = debbugs.get_report_url(options.system, num, 
options.archived, mbox=True)
 try:
 report = urlutils.open_url(url, 
timeout=options.timeout)
-sys.stdout.write(report.read())
-except urlutils.urllib2.URLError as ex:
+sys.stdout.write(report)
+except NoNetwork as ex:
 print("Error while accessing mbox report (%s)." % ex, 
file=sys.stderr)
 else:
 num = int(m.group(1))
 url = debbugs.get_report_url(options.system, num, 
options.archived, mbox=True)
 try:
 report = urlutils.open_url(url, timeout=options.timeout)
-sys.stdout.write(report.read())
-except urlutils.urllib2.URLError as ex:
+sys.stdout.write(report)
+except NoNetwork as ex:
 print("Error while accessing mbox report (%s)." % ex, 
file=sys.stderr)
 sys.exit(1)
 return
diff -Nru reportbug-7.1.6/bin/reportbug reportbug-7.1.7/bin/reportbug
--- reportbug-7.1.6/bin/reportbug   2017-04-18 21:12:02.0 -0400
+++ reportbug-7.1.7/bin/reportbug   2017-05-29 16:00:17.0 -0400
@@ -1051,7 +1051,7 @@
 if options.draftpath:
 options.draftpath = os.path.expanduser(options.draftpath)
 if not os.path.exists(options.draftpath):
-print("The directory % does not exist; exiting." % 
options.draftpath)
+ewrite("The directory %s does not exist; exiting.\n" % 
options.draftpath)
 sys.exit(1)
 
 if options.mua and not options.template:
diff -Nru reportbug-7.1.6/debian/changelog reportbug-7.1.7/debian/changelog
--- reportbug-7.1.6/debian/changelog2017-04-18 21:12:02.0 -0400
+++ reportbug-7.1.7/debian/changelog2017-05-29 16:00:17.0 -0400
@@ -1,3 +1,51 @@
+reportbug (7.1.7) unstable; urgency=medium
+
+  * reportbug/utils.py
+- fix description regex to match only textual description (and not the 
MD5);
+  patch by Nis Martensen; Closes: #863322
+- switch to use apt-cache instead of dpkg --print-avail; patch by Nis
+  Martensen
+- get_command_output() doesnt strip a trailing new-line, so deal with that
+  behavior when running lsb_release and dpkg --print-architecture; patch by
+  Nis Martensen; Closes: #861153
+- update suites names: fade out squeeze (wheezy is now oldoldstable) and
+  introduce buster (testing), bullseye (next-testing); Closes: #862801
+- in search_path_for, split PATH directories using ':'; patch by Kamaraju
+  Kusumanchi; Closes: #827088
+- strip arch-qualifier when looking up dependencies information; patch by
+  Nis Martensen; Closes: #749884
+- fix a crash when parsing the config files lines in the package
+  information; patch by Nis Martensen; Closes: #857013, #846053, #826534
+  * reportbug/debbugs.py
+- add manpages.debian.org to pseudo-packages list; Closes: #861859
+  * debian/control
+- update emacs dependencies to emacs24 (default) and emacs25 (alternative)
+- remove Chris Lawrence from Uploaders, thanks for all you've done for
+  reportbug!!
+- switch Vcs-* URLs to HTTPS
+  * remove double imports
+  * debian/desktop
+- add Danish translation to desktop file; patch by scootergrisen;
+  Closes: #855973
+  * reportbug/bugreport.py
+- add LANGUAGE env var to locales bugreport section; Closes: #840898
+  * bin/querybts
+- url_open() now returns a string, no need to read() it anymore; also
+  replace URLError exception handling with NoNetwork; Closes: #859274
+  * reportbug/debbugs.py, reportbug/utils.py
+- Finish open_url return type conversion: url_open() now returns a string
+  and no longer an HTTPRespons object; patch by Nis Martensen; extends the
+  fix for #859274
+  * bin/reportbug

Bug#855973: [reportbug/master] add Danish translation to desktop file; patch by scootergrisen; Closes: #855973

[Sandro Tosi]

tag 855973 pending
tag 855973 pending
thanks

Date:   Mon May 29 12:02:16 2017 -0400
Author: Sandro Tosi 
Commit ID: 477ab8c1775e3b6f6dc5dfe9be84b59aa6f3713b
Commit URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff;h=477ab8c1775e3b6f6dc5dfe9be84b59aa6f3713b
Patch URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff_plain;h=477ab8c1775e3b6f6dc5dfe9be84b59aa6f3713b

add Danish translation to desktop file; patch by scootergrisen; Closes: 
#855973

  

Bug#862152: crash when $DISPLAY is defined

[Nis Martensen]

On 29-05-2017 21:58, Erwan David wrote:
> X display is remote (on a mac in my case, but remote). Direct access to
> driver is thus not possible.

If you do X remote display (which ssh is capable of doing), then
something must communicate with some driver. Is any of your local
machine or the remote machine using the mentioned driver?

> But, reportbug is configured to use a text interface, no graphic layer
> should interfere with this.

We agree here :)

Bug#861859: [reportbug/master] add manpages.debian.org to pseudo-packages list; Closes: #861859

[Sandro Tosi]

tag 861859 pending
tag 861859 pending
thanks

Date:   Mon May 29 11:49:08 2017 -0400
Author: Sandro Tosi 
Commit ID: 658fdfbee04e08c98ee16ef7858a579155b1746d
Commit URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff;h=658fdfbee04e08c98ee16ef7858a579155b1746d
Patch URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff_plain;h=658fdfbee04e08c98ee16ef7858a579155b1746d

add manpages.debian.org to pseudo-packages list; Closes: #861859

  

Bug#827002: [reportbug/master] update README.source to the current source layout; Closes: #827002

[Sandro Tosi]

tag 827002 pending
tag 827002 pending
thanks

Date:   Mon May 29 15:45:48 2017 -0400
Author: Sandro Tosi 
Commit ID: 9012330b239b5348dd11671a3b29345127cde3de
Commit URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff;h=9012330b239b5348dd11671a3b29345127cde3de
Patch URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff_plain;h=9012330b239b5348dd11671a3b29345127cde3de

update README.source to the current source layout; Closes: #827002

  

Bug#859274: [reportbug/master] url_open() now returns a string, no need to read() it anymore; also replace URLError exception handling with NoNetwork; Closes: #859274

[Sandro Tosi]

tag 859274 pending
tag 859274 pending
thanks

Date:   Mon May 29 14:03:25 2017 -0400
Author: Sandro Tosi 
Commit ID: bd599273175cb554ccaaf8d91e795da6dfde7c09
Commit URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff;h=bd599273175cb554ccaaf8d91e795da6dfde7c09
Patch URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff_plain;h=bd599273175cb554ccaaf8d91e795da6dfde7c09

url_open() now returns a string, no need to read() it anymore; also replace 
URLError exception handling with NoNetwork; Closes: #859274

  

Bug#840898: [reportbug/master] add LANGUAGE env var to locales bugreport section; Closes: #840898

[Sandro Tosi]

tag 840898 pending
tag 840898 pending
thanks

Date:   Mon May 29 13:15:30 2017 -0400
Author: Sandro Tosi 
Commit ID: 6bc084628d78092bb4e194025c90dcf0afde21c4
Commit URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff;h=6bc084628d78092bb4e194025c90dcf0afde21c4
Patch URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff_plain;h=6bc084628d78092bb4e194025c90dcf0afde21c4

add LANGUAGE env var to locales bugreport section; Closes: #840898

  

Bug#749884: [reportbug/master] strip arch-qualifier when looking up dependencies information; patch by Nis Martensen; Closes: #749884

[Sandro Tosi]

tag 749884 pending
tag 749884 pending
thanks

Date:   Mon May 29 15:07:35 2017 -0400
Author: Sandro Tosi 
Commit ID: 1b35fd781c63f26b81bfebb14e88685270fef446
Commit URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff;h=1b35fd781c63f26b81bfebb14e88685270fef446
Patch URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff_plain;h=1b35fd781c63f26b81bfebb14e88685270fef446

strip arch-qualifier when looking up dependencies information; patch by Nis 
Martensen; Closes: #749884

  

Bug#816375: [reportbug/master] fix error formatting when printing the error for draft directory non-existing; patch by Gaetano Guerriero; Closes: #816375

[Sandro Tosi]

tag 816375 pending
tag 816375 pending
thanks

Date:   Mon May 29 14:15:15 2017 -0400
Author: Sandro Tosi 
Commit ID: 345aac4a22c9848156fa96cb81311706dc2d65b4
Commit URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff;h=345aac4a22c9848156fa96cb81311706dc2d65b4
Patch URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff_plain;h=345aac4a22c9848156fa96cb81311706dc2d65b4

fix error formatting when printing the error for draft directory 
non-existing; patch by Gaetano Guerriero; Closes: #816375

  

Bug#827088: [reportbug/master] in search_path_for, split PATH directories using ':'; patch by Kamaraju Kusumanchi; Closes: #827088

[Sandro Tosi]

tag 827088 pending
tag 827088 pending
thanks

Date:   Mon May 29 14:24:16 2017 -0400
Author: Sandro Tosi 
Commit ID: 3877ff8865c291f1c4c0939dc2372e58a7657158
Commit URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff;h=3877ff8865c291f1c4c0939dc2372e58a7657158
Patch URL: 
https://anonscm.debian.org/cgit/reportbug/reportbug.git;a=commitdiff_plain;h=3877ff8865c291f1c4c0939dc2372e58a7657158

in search_path_for, split PATH directories using ':'; patch by Kamaraju 
Kusumanchi; Closes: #827088

  

Bug#863659: debian/copyright puts LGPL-2.1+ text in GPL-2.1+ license block

[Benjamin Barenblat]

Package: libgpg-error0
Version: 1.26-2
Severity: minor

/usr/share/doc/libgpg-error0/copyright contains a block headed
“License: GPL-2.1+”, but it contains the license text for the LGPL.

License: GPL-2.1+
 This program is free software; you can redistribute it and/or modify
 it under the terms of the GNU Lesser General Public License as
 published by the Free Software Foundation; either version 2.1
 of the License, or (at your option) any later version.
 […]

I believe libgpg-error0 is in fact licensed under the LGPL, so only the
heading needs to change.

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing'), (1, 'experimental')
Architecture: amd64
 (x86_64)

Kernel: Linux 4.11.0-trunk-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libgpg-error0 depends on:
ii  libc6  2.24-10

libgpg-error0 recommends no packages.

libgpg-error0 suggests no packages.

-- no debconf information

Bug#861878: nvidia-cuda-toolkit: nvcc needs to pass -fpie to compiler

[Andreas Beckmann]

On 2017-05-22 09:58, lumin wrote:
> This patch simply discussed about the way getting NVCC
> working with the compiler in README.Debian.
> 
> Please review.

Thanks, just uploaded.


Andreas

Bug#863589: [Pkg-pascal-devel] Bug#863589: fpc: Please adjust fp-units-gfx.install.in for linux-m68k

[John Paul Adrian Glaubitz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 05/29/2017 08:17 PM, Paul Gevers wrote:
> On 28-05-17 23:25, John Paul Adrian Glaubitz wrote:
>> I just bootstrapped fpc for m68k.
> 
> Great, thanks.

Also bootstrapped fpc for sparc64. It's a bit more tricky though as we
need to force the build to be 32 bits. Will follow up with a properly
tested patch later. Also working on powerpcspe and ppc64el.

>> In order for the build to work the next time the buildds are building it, 
>> the debian/fp-units-gfx.install.in needs to be adjusted so that
>> usr/lib/fpc/*/*/*/graph* and usr/lib/fpc/*/*/*/opencl* aren't missing during 
>> dh_install.
> 
> Sure, will do (or notice that I forgot it and fix it with a second upload). :)

Just commit the change to the fpc Debian git repository now and upload
later after the Stretch release ;-).

Adrian

- -- 
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer - glaub...@debian.org
`. `'   Freie Universitaet Berlin - glaub...@physik.fu-berlin.de
  `-GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913
-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEYv+KdYTgKVaVRgAGdCY7N/W1+RMFAlksfdkACgkQdCY7N/W1
+ROWAg/+LfH4yv8TRwA7QJE/4mFNjr/SbDQWrxv8QIhYl1uFLCTiLdPGkMKvLwx3
Iqx1qbRPMznaIxexXRsYc013sloXGM4UCKwTQP+lgmXnRgYx37SsKC+02sy2bOX4
gBmymxLlJj23UwfpInMBj5JbS34yZL4WBLojSmHLdd7+CugOAe+GAevu8/bmKs3b
q16KYgdD/YK8WTCz5X+lRTm9oLdmczwLgRxzixiyChwRuhPNGGk+HFFG1KDOxZz6
fu5auza4OfdyYULMMKVCDKUzwb6fofK6cw/ljVguSrriYXjdclWzMeThDCdt8Cj3
JOIhAdoY3z2PD9vhf7PUEigHW/JnnbAfggwGo1WqEDADALIpMRzcIfnkavQJQHW1
sWZFpvbcbJU63A4rRXbQz424samg3GMxM6D2ej7TB2HppP+SkVaOab+2MFdm5uxv
PqbZw/Fo7UMhwOFR8OT99P3+tTcaARRi9mQlHWYUQ8T63Qyu9yylZrjEwmo/f+qz
7aR3koTWR9fwVk6c3JdiMxkRwNrATxa+azuzwLY1dIXnAF+2smeFE5ZkDXplB+FA
CyF1pvjVP8s/wrsNxzup1FLdpmJ1Em+LDngTj/mgEt0GjRoU0luqe1DsLubTKdkC
y5FuWMPP7W34fCJK4Iv8XqjkGAZd7/Aa3zOM+fdlPY0r1oV3Ll8=
=fvdb
-END PGP SIGNATURE-

Bug#863658: pd-flite: pd can't find help patch for flite

[Claude Heiland-Allen]

Package: pd-flite
Version: 0.02.3-2
Severity: normal

Dear Maintainer,

   * What led up to the situation?

I selected help from the right-click context menu of a [flite] object in Pd.

   * What was the outcome of this action?

tried /usr/lib/pd/extra/flite/flite-help.pd and failed
tried /usr/lib/puredata/doc/5.reference/flite-help.pd and failed
tried /home/claude/.local/lib/pd/extra/flite-help.pd and failed
tried /home/claude/pd-externals/flite-help.pd and failed
tried /usr/local/lib/pd-externals/flite-help.pd and failed
tried /usr/lib/puredata/extra/flite-help.pd and failed
tried /usr/lib/pd/extra/flite-help.pd and failed
tried /usr/lib/pd/extra/flite/help-flite.pd and failed
tried /usr/lib/puredata/doc/5.reference/help-flite.pd and failed
tried /home/claude/.local/lib/pd/extra/help-flite.pd and failed
tried /home/claude/pd-externals/help-flite.pd and failed
tried /usr/local/lib/pd-externals/help-flite.pd and failed
tried /usr/lib/puredata/extra/help-flite.pd and failed
tried /usr/lib/pd/extra/help-flite.pd and failed
sorry, couldn't find help patch for "flite.pd"

   * What outcome did you expect instead?

The help patch to be opened.  It seems to have been installed in
/usr/lib/pd/doc/5.reference/


-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.7.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages pd-flite depends on:
ii  libc6   2.24-10
ii  libflite1   2.0.0-release-3+b1
ii  puredata-core [pd]  0.47.1-3

pd-flite recommends no packages.

pd-flite suggests no packages.

-- no debconf information

Bug#862152: crash when $DISPLAY is defined

[Erwan David]

Le 05/29/17 à 21:55, Nis Martensen a écrit :
> On Tue, 09 May 2017 07:55:20 +0200 Erwan David  wrote:
>> Package: reportbug
>> Version: 7.1.6
>> Severity: important
>>
>> When launching reportbug with $DISPLAY defined I get errors :
>> @erdavid-dt:~ 8m34s % reportbug emacs
>> libGL error: No matching fbConfigs or visuals found
>> libGL error: failed to load driver: swrast
>> zsh: segmentation fault  reportbug emacs
> 
> Searching the web for the libGL errors suggests that this could be a
> problem with the NVIDIA driver. Are you using this graphics driver?

X display is remote (on a mac in my case, but remote). Direct access to
driver is thus not possible.

But, reportbug is configured to use a text interface, no graphic layer
should interfere with this.

Bug#862152: crash when $DISPLAY is defined

[Nis Martensen]

On Tue, 09 May 2017 07:55:20 +0200 Erwan David  wrote:
> Package: reportbug
> Version: 7.1.6
> Severity: important
> 
> When launching reportbug with $DISPLAY defined I get errors :
> @erdavid-dt:~ 8m34s % reportbug emacs
> libGL error: No matching fbConfigs or visuals found
> libGL error: failed to load driver: swrast
> zsh: segmentation fault  reportbug emacs

Searching the web for the libGL errors suggests that this could be a
problem with the NVIDIA driver. Are you using this graphics driver?

This only manages to crash reportbug because we try to load all its UIs
to detect which ones are available, but I think this is a minor bug
only. The crash itself does not seem to be caused by the reportbug code.

To work around the problem, Sandro already suggested you could try:

  DISPLAY= reportbug emacs

If that does not help, you could try unsetting DISPLAY in a subshell:

  (unset DISPLAY; reportbug emacs)

Bug#863653: easytag: I cannot batch remove images from id3tag

[James Cowgill]

Hi,

On 29/05/17 20:20, max wrote:
> Package: easytag
> Version: 2.4.3-1
> Severity: normal
> 
> Dear Maintainer,
> 
> I try to batch remove all images from id3tag selecting all files
> list then remove Images. Unfortunately only the first file
> selected results without images.

On the toolbar at the bottom of the images tag there are 5 buttons. The
button on the far right is "Tag selected files with these images". Did
you press that button before saving all the files?

James



signature.asc
Description: OpenPGP digital signature

Bug#862511: (no subject)

[Michael Lustfield]

severity 862511 wishlist
thanks

The package version in unstable was mistakingly upgraded to a newer version.
It needed to be downgraded so a CVE fix could make it's way to testing. This
package won't be updated until after freeze.

-- 
Michael Lustfield

Bug#863657: debian-edu-config: fails to configure the exim4 environment after installation of the main server

[Wolfgang Schweer]

Package: debian-edu-config
Version: 1.928
Severity: important

The Kerberos SMTP keytab is missing in /var/lib/exim4/etc/ after
installation of the main server.

Reason: The cfengine exim4-create-environment shellscript is executed
too early, the Kerberos SMTP keytab isn't yet available, copying the
file fails. If the fifth pass of the cfengine run is used instead of the
first one, the file should be available.

While the fix is simple (run either the script 
'/usr/share/debian-edu-config/tools/exim4-create-environment' after 
installation of the main server or run 'cfengine-debian-edu -D 
installation'), the severity might as well be 'serious' because Exim 
doesn't work out-of-the-box.

Wolfgang


signature.asc
Description: PGP signature

Bug#863656: RFP: qdirstat -- Qt-based directory statistics (KDirStat without any KDE)

[Evgeni Golov]

Package: wnpp
Severity: wishlist

* Package name: qdirstat
  Version : 1.3
  Upstream Author : Stefan Hundhammer 
* URL : https://github.com/shundhammer/qdirstat
* License : GPLv2
  Programming Lang: C++
  Description : Qt-based directory statistics (KDirStat without any KDE)

QDirStat is a graphical application to show where your disk space
has gone and to help you to clean it up.

This is a Qt-only port of the old Qt3/KDE3-based KDirStat,
now based on the latest Qt 5. It does not need any KDE libs
or infrastructure. It runs on every X11-based desktop on Linux,
BSD and other Unix-like systems.

QDirStat has a number of new features compared to KDirStat.

To name a few:
* Multi-selection in both the tree and the treemap.
* Unlimited number of user-defined cleanup actions.
* Properly show errors of cleanup actions (and their output, if desired).
* File categories (MIME types) and their treemap color are now configurable.
* Exclude rules for directories are easily configurable.
* Desktop-agnostic; no longer relies on KDE or any other specific desktop.

qdirstat is useful on its own and to visualize obnam backup stats.

Bug#845255: debian-policy: Include best practices for packaging database applications

[Paul Gevers]

Hi all,

I hate to ping bugs, but is there anything I can do to help this move
forward? (The policy 4.0.0 release reminded me of this bug).

On Mon, 21 Nov 2016 21:17:55 +0100 Paul Gevers  wrote:
> It has been a while since the first version of the "Best practices for
> packaging database applications" was drafted by Sean Finney as the creator of
> dbconfig-common. The discussion on the document has died down a long time ago,
> but as the new (since last year) maintainer of dbconfig-common, I think would
> be appropriate to include or attach the database policy in the Debain policy. 
> I
> asked the audience during my dbconfig-common BoF at Debconf 16 if they agreed
> with me, and the consensus was yes (for whatever it is worth).
> 
> The current text of the "Best practices for packaging database applications" 
> is
> contained in the dbconfig-common package and can be found on
> www.debian.org/doc¹. I attach current source to this bug report as a base-line
> of the content for discussion.
> 
> What would be the best way forward? Is this appropriate for the policy?
> 
> ¹ https://www.debian.org/doc/manuals/dbapp-policy/ch-dbapps.html

Paul



signature.asc
Description: OpenPGP digital signature

Bug#863655: openvswitch: CVE-2017-9263

[Salvatore Bonaccorso]

Source: openvswitch
Version: 2.3.0+git20140819-1
Severity: important
Tags: security upstream patch

Hi,

the following vulnerability was published for openvswitch.

CVE-2017-9263[0]:
| In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status
| message, there is a call to the abort() function for undefined role
| status reasons in the function `ofp_print_role_status_message` in
| `lib/ofp-print.c` that may be leveraged toward a remote DoS attack by a
| malicious switch.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-9263
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9263
[1] https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332966.html

Regards,
Salvatore

Bug#787434: not fixed

[Hilmar Preuße]

On 29.05.2017 14:22, debian-bugtrac...@conemu.de wrote:
> Am 05.09.2016 um 13:22 schrieb Hilmar Preuße:

Hi,

>> I have test packages on https://freeshell.de/~hille42/proftpd/ .
>>
>> There are far from being finished, they just contain the patch. Could
>> you test if they solve the problem?
> 
> finally i tested your packages containing the patch.
> The issue is gone using the package
> proftpd-basic_1.3.5-1.1+deb8u2_amd64.deb you built.
> 
> It would be very nice to have this in the next point-release or even
> earlier.
> 
I'm afraid it is to late now. Currently the release date for Debian
stretch is 207-06-17, i.e. in less than 3 weeks. There won't be a point
release any more.
I suggest to use my fixed packages until stretch is released and then
upgrade ASAP.

Thanks,
  Hilmar
-- 
http://www.hilmar-preusse.de.vu/   #206401 http://counter.li.org

Bug#863646: [Pkg-nagios-devel] Bug#863646: nagios-nrpe-plugin: corrupted size vs. prev_size

[Stephane Bortzmeyer]

On Mon, May 29, 2017 at 08:36:25PM +0200,
 Sebastiaan Couwenberg  wrote 
 a message of 23 lines which said:

> > CHECK_NRPE: Error - Could not complete SSL handshake with 
> > 2605:4500:2:245b:483a:663a:623a:633a: 1
> 
> Have you configured SSL,

It worked before (before I upgraded to 3.0.1, the version in
unstable), so it is probably not one of the usual SSL problems. tshark
shows that the server indeed sends back a:

Secure Sockets Layer
TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Handshake Failure)
Content Type: Alert (21)
Version: TLS 1.2 (0x0303)
Length: 2
Alert Message
Level: Fatal (2)
Description: Handshake Failure (40)

> and specifically read the NEWS entry about the incompatibility
> between versions?

/usr/share/doc/nagios-nrpe-plugin/NEWS.Debian.gz has nothing about
3.1. The entry about 3.0 seems to say that there is zero chance it
will work between Debian unstable and stable :-(

Bug#863654: ITP: golang-github-codedellemc-goscaleio -- ScaleIO API bindings for Go

[Potter, Tim]

X-Debbugs-CC: debian-de...@lists.debian.org, 
pkg-go-maintain...@lists.alioth.debian.org
Package: wnpp
Severity: wishlist
Owner: Tim Potter 

* Package name: golang-github-codedellemc-goscaleio
  Version : 0.0~git20161213.0.8ed64a0-1
  Upstream Author : Clinton Kitson
* URL : https://github.com/codedellemc/goscaleioitp
* License : Apache-2.0
  Programming Lang: Go
  Description : ScaleIO API bindings for Go

 The Goscaleio project represents API bindings that can be used to
 provide ScaleIO functionality into other Go applications. ScaleIO is
 a software-defined storage product from Dell EMC.


signature.asc
Description: Message signed with OpenPGP using GPGMail

Bug#839894: Last chance for d-i changes in stretch

[Samuel Thibault]

Cyril Brulebois, on lun. 29 mai 2017 21:16:54 +0200, wrote:
> And thanks for the ping on that topic.
> 
> Roger Shimizu  (2017-05-29):
> > Maybe it's too late for r0, but I'm still want to ask whether it's feasible
> > to include the patch mentioned here:
> >   https://bugs.debian.org/839894#30
> > 
> > henrich provided the patch and he verified it worked well in his virtualbox
> > environment.
> 
> I think we want to do this instead:
> -/dev/[hsv]d[a-z0-9]|
> +/dev/[hsv]d[a-z0-9][a-z0-9]*|

That would also match partitions, might that not pose concerns?

Samuel