Bug#891185: transition: re2

[Stefano Rivera]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition

Hi, re2 is C++ and likes to have transitions. Not many reverse-deps,
though :)

It's in experimental.

I've test built the reverse-depends, and didn't see any new failures. I
can't get chromium-browser to build before or after the transition, but
presumably it's fine, Google would be targeting the latest re2 anyway.

Reportbug Ben file:

title = "re2";
is_affected = .depends ~ "libre2-3" | .depends ~ "libre2-4";
is_good = .depends ~ "libre2-4";
is_bad = .depends ~ "libre2-3";

https://release.debian.org/transitions/html/auto-re2.html Looks good,
though.

SR

Bug#875297: new dracut version 047 supports microcode

[intrigeri]

Thomas Lange:
> The new version 047 now supports early microcode.

Great news!

> Please check if this also work in Debian or if we still need
> some changes.

The microcode flashed into my CPU is currently up-to-date so I can't
test this at the moment (regardless of the status of dracut support
for this feature, I would see no "microcode updated early to" in the
logs). Sorry!

Cheers,
-- 
intrigeri

Bug#891184: [PATCH] Add missing-xs-go-import-path-for-golang-package

[Michael Stapelberg]

Package: lintian
Version: 2.5.72
Severity: wishlist
Tags: patch

Please review and merge the attached patch. Thanks!

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 
'testing-debug'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, armel, mipsel, arm64

Kernel: Linux 4.13.0-1-amd64 (SMP w/12 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages lintian depends on:
ii  binutils  2.29.1-6
ii  bzip2 1.0.6-8.1
ii  diffstat  1.61-1+b1
ii  dpkg  1.19.0.5
ii  file  1:5.32-1
ii  gettext   0.19.8.1-4
ii  intltool-debian   0.35.0+20060710.4
ii  libapt-pkg-perl   0.1.33
ii  libarchive-zip-perl   1.59-1
ii  libclass-accessor-perl0.51-1
ii  libclone-perl 0.38-2+b2
ii  libdpkg-perl  1.19.0.5
ii  libemail-valid-perl   1.202-1
ii  libfile-basedir-perl  0.07-1
ii  libipc-run-perl   0.96-1
ii  liblist-moreutils-perl0.416-1+b3
ii  libparse-debianchangelog-perl 1.2.0-12
ii  libperl5.22 [libdigest-sha-perl]  5.22.2-5
ii  libperl5.26 [libdigest-sha-perl]  5.26.1-3
ii  libtext-levenshtein-perl  0.13-1
ii  libtimedate-perl  2.3000-2
ii  liburi-perl   1.72-2
ii  libxml-simple-perl2.24-1
ii  libyaml-libyaml-perl  0.63-2+b2
ii  man-db2.7.6.1-2
ii  patchutils0.3.4-2
ii  perl  5.26.1-3
ii  t1utils   1.41-1
ii  xz-utils  5.2.2-1.3

Versions of packages lintian recommends:
pn  libperlio-gzip-perl  

Versions of packages lintian suggests:
pn  binutils-multiarch 
ii  dpkg-dev   1.19.0.5
ii  libhtml-parser-perl3.72-3+b2
ii  libtext-template-perl  1.47-1

-- no debconf information
>From 17d3d7cfde705c91b39d09aef556705f340fbd05 Mon Sep 17 00:00:00 2001
From: Michael Stapelberg 
Date: Fri, 23 Feb 2018 08:38:27 +0100
Subject: [PATCH] add missing-xs-go-import-path-for-golang-package

---
 checks/control-file.desc   | 25 ++
 checks/control-file.pm |  8 +++--
 t/tests/binaries-golang/desc   |  4 ++-
 t/tests/binaries-golang/tags   |  1 +
 .../debian/Makefile| 16 +
 .../debian/basic.c | 12 +++
 .../debian/debian/control.in   | 40 ++
 t/tests/control-file-golang-xs-go-import-path/desc |  5 +++
 t/tests/control-file-golang-xs-go-import-path/tags |  0
 9 files changed, 108 insertions(+), 3 deletions(-)
 create mode 100644 
t/tests/control-file-golang-xs-go-import-path/debian/Makefile
 create mode 100644 t/tests/control-file-golang-xs-go-import-path/debian/basic.c
 create mode 100644 
t/tests/control-file-golang-xs-go-import-path/debian/debian/control.in
 create mode 100644 t/tests/control-file-golang-xs-go-import-path/desc
 create mode 100644 t/tests/control-file-golang-xs-go-import-path/tags

diff --git a/checks/control-file.desc b/checks/control-file.desc
index 3e6485f79..6e6963690 100644
--- a/checks/control-file.desc
+++ b/checks/control-file.desc
@@ -374,3 +374,28 @@ Info: This package builds a binary arch:all package which 
incorrectly
  .
  Please remove the Built-Using line from your package
  definition.
+
+Tag: missing-xs-go-import-path-for-golang-package
+Severity: wishlist
+Certainty: certain
+Info: This source package does not specify a XS-Go-Import-Path
+ control field.
+ .
+ The XS-Go-Import-Path makes available the import path of the Go
+ package to the Debian archive in an easily machine-readable form.
+ .
+ This is used in various tooling, such as dh-make-golang(1) to
+ resolve dependencies and avoid accidental duplication in the archive,
+ or in https://pkg-go.alioth.debian.org/ci.html.
+ .
+ For packages using dh-golang, the field should be set to the same
+ value as the DH_GOPKG variable in debian/rules. In fact,
+ dh-golang will automatically set DH_GOPKG to the
+ XS-Go-Import-Path value.
+ .
+ For packages which do not use dh-golang, or whose upstream does
+ not publish the source in a way that is compatible with go get
+ and hence does not have a canonical import path, it is preferred to
+ set a fake import path. Contact the pkg-go team at
+ https://pkg-go.alioth.debian.org/ for more specific advice in your
+ specific situation.
diff --git a/checks/control-file.pm b/checks/control-file.pm
index 

Bug#890097: src:django-anymail: New, minor WEBHOOK_AUTHORIZATION security issue

[Scott Kitterman]

On Sun, 11 Feb 2018 01:08:01 -0500 Scott Kitterman  
wrote:
> Package: src:django-anymail
> Version: 0.8-2
> Severity: important
> Tags: upstream,security
> 
> Security fix
> 
> This fixes a low severity security issue affecting Anymail v0.2–v1.3. (CVE
> Pending)
> 
> Django error reporting includes the value of your Anymail
> WEBHOOK_AUTHORIZATION setting. In a properly-configured deployment, this
> should not be cause for concern. But if you have somehow exposed your Django
> error reports (e.g., by mis-deploying with DEBUG=True or by sending error
> reports through insecure channels), anyone who gains access to those reports
> could discover your webhook shared secret. An attacker could use this to 
post
> fabricated or malicious Anymail tracking/inbound events to your app, if you
> are using those Anymail features.
> 
> The fix renames Anymail's webhook shared secret setting so that Django's 
error
> reporting mechanism will sanitize it.
> 
> If you are using Anymail's event tracking and/or inbound webhooks, you 
should
> upgrade to this release and change "WEBHOOK_AUTHORIZATION" to 
"WEBHOOK_SECRET"
> in the ANYMAIL section of your settings.py. You may also want to rotate the
> shared secret value, particularly if you have ever exposed your Django error
> reports to untrusted individuals.
> 
> If you are only using Anymail's EmailBackends for sending email and have not
> set up Anymail's webhooks, this issue does not affect you.
> 
> The old WEBHOOK_AUTHORIZATION setting is still allowed in this release, but
> will issue a system-check warning when running most Django management
> commands. It will be removed completely in a near-future release, as a
> breaking change.
> 
> Thanks to Charlie DeTar (@yourcelf) for responsibly reporting this security
> issue through private channels.
> 
> https://github.com/anymail/django-anymail/commit/1a6086f2b58478d71f89bf27eb034ed81aefe5ef
> 
> Given that the fix for this is problematic from a backward compatility
> perspective and that it requires a misconfigured django app before it is a
> problem, recommend No DSA for the security team.

This is now assigned CVE-2018-189.

https://github.com/anymail/django-anymail/releases/tag/v1.4

Scott K

Bug#891183: dblatex: Please add support for chapter->chapterinfo->author

[Petter Reinholdtsen]

Package: dblatex
Version: 0.3.10-2
X-Debbugs-CC: Benoit Guillon 

When building a book with individual authors per chapter, it is useful
to specify the authors using a  block per chapter.
Unfortunately this setup is not rendered properly in dblatex.  It is
rendered better by Docbook XSL.

Here is an example demonstrating the problem:


http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd;>

  
The part

  First chapter title
  

  First chapter
  Author

  
  
  First chapter, first paragraph.



  Second chapter title
  

  Second chapter
  Author

  
  
  Second chapter, first paragraph.


  


When building it, the chapter author is shown as the first words of the
first paragraph in each chapter, with no special formatting.  With
Docbook XSL, it is rendered between the title and the first paragraph,
with a slightly larger font than the body and a smaller font than the
title.

-- 
Happy hacking
Petter Reinholdtsen

Bug#885704: liblept5 negatively plays with paths in /tmp when opening TIFFs

[Jeff Breidenbach]

This is the patch I used for Leptonica 1.74. It should work fine for
earlier versions.
Upstream used a different approach for addressing the problem in version
1.75.


do-not-mess-with-paths.diff.gz
Description: GNU Zip compressed data

Bug#891150: drupal7: SA-CORE-2018-001: Several vulnerabilities

[Gunnar Wolf]

Salvatore Bonaccorso dijo [Thu, Feb 22, 2018 at 08:46:30PM +0100]:
> There was a new Drupal security advisory at
> 
> https://www.drupal.org/sa-core-2018-001
> 
> where several issues affect as well drupal7.
> 
>  * JavaScript cross-site scripting prevention is incomplete - Critical -
>Drupal 7 and Drupal 8
>  * Private file access bypass - Moderately Critical - Drupal 7
>  * jQuery vulnerability with untrusted domains - Moderately Critical
>- Drupal 7
>  * External link injection on 404 pages when linking to the current page
>- Less Critical - Drupal 7

I intend to work on this tomorrow; have been quite time-constrained,
so any help will be welcome. But I intend to upload a new version for,
at least, unstable and stable-security tomorrow afternoonish (@mex).

Thanks for the heads-up.

Bug#891182: RFS: ssh-tools/1.4-1

[Sven Wick]

Package: sponsorship-requests
Severity: wishlist

  Dear mentors,

  I am looking for a sponsor for my package "ssh-tools"

 * Package name: ssh-tools
   Version : 1.4-1
   Upstream Author : Sven Wick 
 * URL : https://github.com/vaporup/ssh-tools/
 * License : GPL-3+
   Section : utils

  It builds those binary packages:

ssh-tools  - ssh-ping, ssh-version, ssh-diff, ssh-facts

  To access further information about this package, please visit the following 
URL:

  https://mentors.debian.net/package/ssh-tools


  Alternatively, one can download the package with dget using this command:

dget -x 
https://mentors.debian.net/debian/pool/main/s/ssh-tools/ssh-tools_1.4-1.dsc


  Regards,
   Sven

Bug#891181: ITP: golang-github-containerd-typeurl -- Go package for managing marshaled types to protobuf.Any

[Arnaud Rebillout]

Package: wnpp
Severity: wishlist
Owner: Arnaud Rebillout 

* Package name: golang-github-containerd-typeurl
  Version : 0.0~git20170912.f694355-1
  Upstream Author : Arnaud Rebillout
* URL : https://github.com/containerd/typeurl
* License : Apache-2.0
  Programming Lang: Go
  Description : Go package for managing marshaled types to protobuf.Any
 A Go package for managing the registration, marshaling, and unmarshaling
 of encoded types.
 .
 This package helps when types are sent over a GRPC API and marshaled as a
 [protobuf.Any]().



- why is this package useful/relevant?

It is a dependency of containerd.

- how do you plan to maintain it?

I plan to maintain it within the golang packaging team.

Bug#718549:

[Ramon Simmler]

Bug#885152: ITP: intel-me-cleaner -- Tool for partial deblobbing of Intel ME/TXE firmware images

[Matthias Klumpp]

Hi!

Am 16.02.2018 um 12:55 schrieb Bálint Réczey:
> Hi Matthias,
> 
> On Dec 25, 2017 06:46, "Bálint Réczey"  wrote:
> 
> Hi Matthias,
> 
> Would you like to upload the PureOS package with small changes to Debian?
> I remember we talked about you possibly packaging it for Debian but I did
> not
> know it was already available for PureOS in the repo.

Sorry for the much delayed reply, I actually wanted to write a message
immediately after I saw the ITP report, but that task somehow got lost...

> If you don't plan uploading the version from PureOS I plan uploading mine
> which is a bit more recent.

I think uploading the older version when a more recent one is available
is just silly ;-)
So, go ahead!
It would be nice though if we could maybe collaborate easily on the
packaging, so maybe putting it under team-maintenance or into
collab-main would be nice :-)

Cheers,
Matthias


> 
> 2017-12-25 0:18 GMT+01:00 Jonas Smedegaard :
>> Quoting Balint Reczey (2017-12-25 00:02:20)
>>> Package: wnpp
>>> Owner: Balint Reczey 
>>> Severity: wishlist
>>> X-Debbugs-CC: debian-de...@lists.debian.org
>>>
>>> * Package name: intel-me-cleaner
>>>   Version : 1.0+git20171022.g2ff65c1
>>>   Upstream Author : Nicola Corna 
>>> * URL : https://github.com/corna/me_cleaner
>>> * License : GPL-3.0+
>>>   Programming Lang: Python
>>>   Description : Tool for partial deblobbing of Intel ME/TXE firmware
> images
>>>
>>> The Intel�� Management Engine (ME) is a microcontroller embedded in
>>> most Intel chipsets manufactured since 2006 that runs independently
>>> from the main CPU.
>>>
>>> It is not removable from the system and it runs a signed proprietary
>>> firmware, with full network and memory access, which poses a serious
>>> security threat. Even when disabled from the BIOS settings, Intel ME
>>> is active: the only way to be sure it is disabled is to remove its
>>> firmware from the flash chip.
>>>
>>> This package allows removing parts of the signed proprietary firmware
>>> effectively disabling the Management Engine.
>>
>> You might benefit from the .deb package done for PureOS:
>> https://repo.pureos.net/pureos/pool/main/m/me-cleaner/
> 
> Thanks Jonas!
> 
> Cheers,
> Balint
> 
>>
>>
>>  - Jonas
>>
>> --
>>  * Jonas Smedegaard - idealist & Internet-arkitekt
>>  * Tlf.: +45 40843136  Website: http://dr.jones.dk/
>>
>>  [x] quote me freely  [ ] ask before reusing  [ ] keep private
> 



signature.asc
Description: OpenPGP digital signature

Bug#789273: [Pkg-xfce-devel] Bug#789273: lightdm-gtk-greeter: add an option to scale the display

[Vincent Lefevre]

Control: found -1 2.0.4-1

On 2015-07-03 17:38:57 +0200, Vincent Lefevre wrote:
> I've attached a patch that adds such an option. If I use:
> 
> icon-size=64
> 
> I get icons with acceptable size on my laptop.

New version of the patch attached, for lightdm-gtk-greeter 2.0.4-1.

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
Description: add icon-size option
Author: Vincent Lefevre 
Last-Update: 2018-02-23

Index: lightdm-gtk-greeter-2.0.4/src/greeterconfiguration.h
===
--- lightdm-gtk-greeter-2.0.4.orig/src/greeterconfiguration.h
+++ lightdm-gtk-greeter-2.0.4/src/greeterconfiguration.h
@@ -28,6 +28,7 @@
 #define CONFIG_KEY_PANEL_POSITION   "panel-position"
 #define CONFIG_KEY_KEYBOARD_POSITION"keyboard-position"
 #define CONFIG_KEY_A11Y_STATES  "a11y-states"
+#define CONFIG_KEY_ICON_SIZE"icon-size"
 
 #define CONFIG_GROUP_MONITOR"monitor:"
 #define CONFIG_KEY_BACKGROUND   "background"
Index: lightdm-gtk-greeter-2.0.4/src/lightdm-gtk-greeter.c
===
--- lightdm-gtk-greeter-2.0.4.orig/src/lightdm-gtk-greeter.c
+++ lightdm-gtk-greeter-2.0.4/src/lightdm-gtk-greeter.c
@@ -1054,9 +1054,9 @@ set_session (const gchar *session)
 gchar* icon_name = g_strdup_printf ("%s_badge-symbolic", 
session_name);
 g_free (session_name);
 if (gtk_icon_theme_has_icon (icon_theme, icon_name))
-gtk_image_set_from_icon_name (GTK_IMAGE 
(session_badge), icon_name, GTK_ICON_SIZE_MENU);
+gtk_image_set_from_icon_name (GTK_IMAGE 
(session_badge), icon_name, config_get_int (NULL, CONFIG_KEY_ICON_SIZE, 
GTK_ICON_SIZE_MENU));
 else
-gtk_image_set_from_icon_name (GTK_IMAGE 
(session_badge), "document-properties-symbolic", GTK_ICON_SIZE_MENU);
+gtk_image_set_from_icon_name (GTK_IMAGE 
(session_badge), "document-properties-symbolic", config_get_int (NULL, 
CONFIG_KEY_ICON_SIZE, GTK_ICON_SIZE_MENU));
 g_free (icon_name);
 break;
 }
@@ -3023,9 +3023,9 @@ main (int argc, char **argv)
 GSList *sessions = NULL;
 
 if (gtk_icon_theme_has_icon (icon_theme, 
"document-properties-symbolic"))
-session_badge = gtk_image_new_from_icon_name 
("document-properties-symbolic", GTK_ICON_SIZE_MENU);
+session_badge = gtk_image_new_from_icon_name 
("document-properties-symbolic", config_get_int (NULL, CONFIG_KEY_ICON_SIZE, 
GTK_ICON_SIZE_MENU));
 else
-session_badge = gtk_image_new_from_icon_name 
("document-properties", GTK_ICON_SIZE_MENU);
+session_badge = gtk_image_new_from_icon_name 
("document-properties", config_get_int (NULL, CONFIG_KEY_ICON_SIZE, 
GTK_ICON_SIZE_MENU));
 gtk_widget_show (session_badge);
 gtk_container_add (GTK_CONTAINER (session_menuitem), session_badge);
 
@@ -3087,9 +3087,9 @@ main (int argc, char **argv)
 if (gtk_widget_get_visible (a11y_menuitem))
 {
 if (gtk_icon_theme_has_icon (icon_theme, 
"preferences-desktop-accessibility-symbolic"))
-image = gtk_image_new_from_icon_name 
("preferences-desktop-accessibility-symbolic", GTK_ICON_SIZE_MENU);
+image = gtk_image_new_from_icon_name 
("preferences-desktop-accessibility-symbolic", config_get_int (NULL, 
CONFIG_KEY_ICON_SIZE, GTK_ICON_SIZE_MENU));
 else
-image = gtk_image_new_from_icon_name 
("preferences-desktop-accessibility", GTK_ICON_SIZE_MENU);
+image = gtk_image_new_from_icon_name 
("preferences-desktop-accessibility", config_get_int (NULL, 
CONFIG_KEY_ICON_SIZE, GTK_ICON_SIZE_MENU));
 gtk_widget_show (image);
 gtk_container_add (GTK_CONTAINER (a11y_menuitem), image);
 }
@@ -3116,9 +3116,9 @@ main (int argc, char **argv)
 if (gtk_widget_get_visible (power_menuitem))
 {
 if (gtk_icon_theme_has_icon (icon_theme, "system-shutdown-symbolic"))
-image = gtk_image_new_from_icon_name ("system-shutdown-symbolic", 
GTK_ICON_SIZE_MENU);
+image = gtk_image_new_from_icon_name ("system-shutdown-symbolic", 
config_get_int (NULL, CONFIG_KEY_ICON_SIZE, GTK_ICON_SIZE_MENU));
 else
-image = gtk_image_new_from_icon_name ("system-shutdown", 
GTK_ICON_SIZE_MENU);
+image = gtk_image_new_from_icon_name ("system-shutdown", 
config_get_int (NULL, CONFIG_KEY_ICON_SIZE, GTK_ICON_SIZE_MENU));
 gtk_widget_show (image);
 gtk_container_add (GTK_CONTAINER (power_menuitem), image);
 
Index: lightdm-gtk-greeter-2.0.4/data/lightdm-gtk-greeter.conf

Bug#688735: Some strings need to be set up for i18n

[Gunnar Hjalmarsson]

I have second thoughts about this. I think the cryptroot-script.sh file 
itself is fine, but probably we should avoid to mess with the upstream 
translation template.


The source includes debian/scripts/po/Makefile, which updates 
luksformat.pot and creates and installs luksformat.po files for 
available languages when called from debian/rules. Maybe we should do 
something similar for cryptroot-script.sh (and possibly other files in 
debian/initramfs). Or, instead of adding another distro specific 
template, maybe we should 'merge' them into one template with strings 
from files in both debian/scripts and debian/initramfs. In that case, 
would "cryptsetup-debian" be a suitable template name?


I want to complete the fix of this bug, but before spending more time on 
it I'd like to talk to some package maintainer, so we can agree on the 
approach.


--
Gunnar Hjalmarsson
https://launchpad.net/~gunnarhj

Bug#751808: ‘merge’ should not care about the order of blocking bugs

[Ben Finney]

Control: retitle -1 ‘merge’ should not care about the order of blocking bugs

On 16-Jun-2014, Mattia Rizzolo wrote:
> […]
>  In my opinion both: forcemerge shouldn't care of order and
> the bugs should be ordered, but that's up to you, from my point of
> view the important bit is: "it must work" :)
>  mapreri: yeah; that's how it should work. Please file
> a bug against debbugs so I have a record of it
>  dondelelcaro: ok.

This applies to ‘merge’ primarily (and ‘forcemerge’ has the problem
just because it uses ‘merge’). Re-titling this bug report.

An example of an error report from a ‘merge’ command:

> Bug #843021 [wnpp] ITP: node-yarnpkg -- a fast, reliable and secure npm
> Unable to merge bugs because:
> blockedby of #863704 is '886873 886844 886849 886866 886843' not '886849 
> 886866 886843 886844 886873'
> Failed to merge 843021: Did not alter merged bugs.

The ‘blockedby’ and ‘block’ sets are the same, ignoring order. The
‘merge’ command should ignore the order of items in those sets, when
comparing the sets.

-- 
 \  “He that would make his own liberty secure must guard even his |
  `\ enemy from oppression.” —Thomas Paine |
_o__)  |
Ben Finney 


signature.asc
Description: PGP signature

Bug#891179: In nvi, you can only search for ascii and latin-1 strings

[spagoveanu]

Package: nvi
Version: 1.81.6-13
Severity: important
Tags: patch upstream

In nvi, it's impossible to search for a string containing any unicode char
whose code point is > 0xff.

Example:
=
[working under an utf-8 locale]
$ cat /tmp/a.txt
tatătata
țațățața
țâțățâța
$ nvi /tmp/a.txt
... displays the file correctly
[inside nvi]
/ț
Pattern not found
/ă
Pattern not found
s/ă/A/g
No match found
=

And ':set extended' won't fix it, either.

[without the proper keyboard support, you can enter those characters
by copy-pasting them from this message]

This seems to have been always broken, but the "fix" for #523934
(14private_regex_fixes.patch) only made it worse.

The following patch fixes the search issue, and does not bring back
the "potential overflow" mentioned in the comment. Notice that the
'-' operator has precedence over '&'.

diff --git a/regex/regcomp.c b/regex/regcomp.c
index 12ee513..095ab7a 100644
--- a/regex/regcomp.c
+++ b/regex/regcomp.c
@@ -300,7 +300,7 @@ p_ere(register struct parse *p, int stop)
  
/* character this ERE should end at */
 {
-   register char c;
+   register int c;
register sopno prevback;
register sopno prevfwd;
register sopno conc;
@@ -344,7 +344,7 @@ p_ere(register struct parse *p, int stop)
 static void
 p_ere_exp(register struct parse *p)
 {
-   register char c;
+   register int c;
register sopno pos;
register int count;
register int count2;
@@ -624,7 +624,7 @@ p_simp_re(register struct parse *p, int starordinary)
/* FALLTHROUGH */
default:
  /* ordinary(p, c &~ BACKSL); -- Fix potential overflow */
-   ordinary(p, c & 0xff);
+   ordinary(p, c & BACKSL - 1);
break;
}
 

Bug#891177: vpnc-scripts: please upload new git snapshot (support for systemd-resolved)

[Mike Miller]

On Thu, Feb 22, 2018 at 16:18:12 -0800, Daniel Kahn Gillmor wrote:
> as of 6f87b0fe7b20d802a0747cc310217920047d58d3, upstream vpnc-scripts
> supports communicating with systemd-resolved.  It'd be great to have
> that feature available in debian.

Thanks, will do. I hesitated when this was first added because it wasn't
conditional on whether the user actually wanted to use systemd-resolved
or not. It looks like that has been addressed now.

-- 
mike


signature.asc
Description: PGP signature

Bug#891178: libclojure1.8-java and libclojure-java: error when trying to install together

[Ralf Treinen]

Package: libclojure-java,libclojure1.8-java
Version: libclojure-java/1.9.0~alpha15-1
Version: libclojure1.8-java/1.8.0-4
Severity: serious
User: trei...@debian.org
Usertags: edos-file-overwrite

Date: 2018-02-23
Architecture: amd64
Distribution: sid

Hi,

automatic installation tests of packages that share a file and at the
same time do not conflict by their package dependency relationships has
detected the following problem:


E: Sub-process false returned an error code (1)
E: Prior errors apply to 
/var/cache/apt/archives/libclojure-java_1.9.0~alpha15-1_all.deb
E: Prior errors apply to 
/var/cache/apt/archives/libclojure1.8-java_1.8.0-4_all.deb
debconf: apt-extracttemplates failed: No such file or directory
Selecting previously unselected package libjsr166y-java.
(Reading database ... 10982 files and directories currently installed.)
Preparing to unpack .../libjsr166y-java_1.7.0-2_all.deb ...
Unpacking libjsr166y-java (1.7.0-2) ...
Selecting previously unselected package libclojure-java.
Preparing to unpack .../libclojure-java_1.9.0~alpha15-1_all.deb ...
Unpacking libclojure-java (1.9.0~alpha15-1) ...
Selecting previously unselected package libclojure1.8-java.
Preparing to unpack .../libclojure1.8-java_1.8.0-4_all.deb ...
Unpacking libclojure1.8-java (1.8.0-4) ...
dpkg: error processing archive 
/var/cache/apt/archives/libclojure1.8-java_1.8.0-4_all.deb (--unpack):
 trying to overwrite '/usr/share/java/clojure.jar', which is also in package 
libclojure-java 1.9.0~alpha15-1
Errors were encountered while processing:
 /var/cache/apt/archives/libclojure1.8-java_1.8.0-4_all.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)


This is a serious bug as it makes installation fail, and violates
sections 7.6.1 and 10.1 of the policy. An optimal solution would
consist in only one of the packages installing that file, and renaming
or removing the file in the other package. Depending on the
circumstances you might also consider Replace relations or file
diversions. If the conflicting situation cannot be resolved then, as a
last resort, the two packages have to declare a mutual
Conflict. Please take into account that Replaces, Conflicts and
diversions should only be used when packages provide different
implementations for the same functionality.

Here is a list of files that are known to be shared by both packages
(according to the Contents file for sid/amd64, which may be
slightly out of sync):

  /usr/share/java/clojure.jar

This bug has been filed against both packages. If you, the maintainers of
the two packages in question, have agreed on which of the packages will
resolve the problem please reassign the bug to that package. You may then
also register in the BTS that the other package is affected by the bug.

-Ralf.

PS: for more information about the detection of file overwrite errors
of this kind see http://qa.debian.org/dose/file-overwrites.html.

Bug#891147: [Pkg-d-devel] Bug#891147: dub: HTTP status code 0 when downloading dependencies

[Matthias Klumpp]

2018-02-23 2:25 GMT+01:00 Marcus Stojcevich :
> It doesn't have the bug when I build it with LDC, so I'm assuming it's
> something to do with the GDC buildscript or GDC itself when linking libcurl.

Can you maybe file a bug against GDC at
https://bugzilla.gdcproject.org/enter_bug.cgi ?

(I will be on vacation for about a week, so I can't look into this much)
Cheers,
Matthias

-- 
I welcome VSRE emails. See http://vsre.info/

Bug#891147: [Pkg-d-devel] Bug#891147: dub: HTTP status code 0 when downloading dependencies

[Marcus Stojcevich]

It doesn't have the bug when I build it with LDC, so I'm assuming it's
something to do with the GDC buildscript or GDC itself when linking libcurl.

On Thu, Feb 22, 2018 at 2:21 PM, Matthias Klumpp  wrote:

> 2018-02-22 20:11 GMT+01:00 Marcus Stojcevich :
> > Package: dub
> > Version: 1.7.2-1
> > Severity: important
> >
> > Dear Maintainer,
> >
> > When trying to build a project with dub, it fails to download
> dependencies.
> > These errors do not occur when using dub from d-apt
> > (http://d-apt.sourceforge.net/).
> >
> > To reproduce: Run "dub build" on a project that you don't have the
> dependencies
> > for.
> >
> > I attached the error messages and the dub.json for the project that won't
> > build.
>
> I have no idea why that happens, any help with investigating this
> issue is greatly appreciated.
>
> Cheers,
> Matthias
>
> --
> I welcome VSRE emails. See http://vsre.info/
>

Bug#863704: duplicate of 843021

[Ben Finney]

Control: merge 843021 -1

On 01-Dec-2017, Paolo Greppi wrote:
> sorry I did not notice this earlier !
> https://bugs.debian.org/843021

Thanks for finding the existing bug report for packaging Yarn.

-- 
 \ “The aim of science is not to open the door to infinite wisdom, |
  `\but to set some limit on infinite error.” —Bertolt Brecht, |
_o__)_Leben des Galilei_, 1938 |
Ben Finney 


signature.asc
Description: PGP signature

Bug#891036: Proposal - how to make usbip more resistant to misconfiguration

[wzabo...@elektron.elka.pw.edu.pl]

Hi,

I have found that the
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891036 is not the only
one related to misconfiguration of the usbip driver and tools.
A few weeks ago the similar bug
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878866 was discovered.
It seems that the configuration of usbip is fragile, and it is easy to
make a mistake leading to the setup that doesn't work correctly.
I suppose, that additional mechanisms should be added to prevent such
problems:

 1. It should be checked DURING THE COMPILATION, that the number of
ports in a single virtual hub does not exceed 128.
 2. The MAXNPORT constant in tools/usb/usbip/libsrc/vhci_driver.h should
be defined as:
#define MAXNPORT ( VHCI_PORTS * VHCI_NR_HCS )

I have not tested the above modifications. If I find some time to verify
them, and if they are correct, I'll submit the official patches.

With best regards,
Wojtek

-- 
Wojciech M Zabolotny, PhD
Institute of Electronic Systems
Faculty of Electronics and Information Technology
Warsaw University of Technology

Bug#891177: vpnc-scripts: please upload new git snapshot (support for systemd-resolved)

[Daniel Kahn Gillmor]

Package: vpnc-scripts
Version: 0.1~git20160829-1
Severity: wishlist

Dear Maintainer,

as of 6f87b0fe7b20d802a0747cc310217920047d58d3, upstream vpnc-scripts
supports communicating with systemd-resolved.  It'd be great to have
that feature available in debian.

 --dkg

-- System Information:
Debian Release: buster/sid
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing'), (500, 'oldstable'), 
(200, 'unstable-debug'), (200, 'unstable'), (1, 'experimental-debug'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages vpnc-scripts depends on:
ii  iproute2   4.14.1-2
ii  net-tools  1.60+git20161116.90da8a0-2

vpnc-scripts recommends no packages.

Versions of packages vpnc-scripts suggests:
pn  dnsmasq 
ii  openssh-server  1:7.6p1-4
pn  resolvconf  

-- no debconf information

Bug#891128: debmake-doc: FTBFS on Debian unstable; FTBFS on reproducible-builds machines

[Boyuan Yang]

X-Debbugs-CC: os...@debian.org

2018-02-22 22:20 GMT+08:00 Boyuan Yang <073p...@gmail.com>:
> Package: debmake-doc
> Version: 1.9-1
> Severity: important
>
> Okay, take a look at [1] and you will find some strange test outputs:
> debmake-doc
> FTBFS on amd64 and armhf architectures with reproducible-builds
> project machines. Buildlogs can be found online and they all look
> strange.
>
> When building on my local machine, the situation becomes weird too: the 
> package
> will FTBFS due to another reason (seems to be related to TTY in sbuild
> instance).
> Buildlog attached.
>
> Please consider investigating into this issue.
>
> --
> Thanks,
> Boyuan Yang
>
> [1] 
> https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/debmake-doc.html

I've tried again on another sbuild instance. The build was sucessful
but there come another
problem: every call to "script" would append an extra line as output.
For example:

==

8.1. Cherry-pick templates

Here is an example of creating a simple Debian package from a zero
content source on an empty directory.

This is a good platform to get all the template files without making
mess in the upstream source tree you are working on.

Let’s assume this empty directory to be debhello-0.1.

 $ mkdir debhello-0.1
 $ tree
.
└── debhello-0.1

1 directory, 0 files

Script done on 2018-02-22 14:32:17+

Let’s generate the maximum amount of template files by specifying the
-x4 option.

[...]

===

Perhaps it is caused by the recent upgrade of package "bsdutils",
which provides "script"
tool. It is part of "util-linux" src package.

--
Thanks,
Boyuan Yang

Bug#891173: pavucontrol segfaults on wayland

[Felipe Sateler]

Control: tags -1 moreinfo

On Thu, Feb 22, 2018 at 8:28 PM, Jakobus Schürz
 wrote:
> Package: pavucontrol
> Version: 3.0-4
> Severity: important
>
> Dear Maintainer,
>
> the subject says all. pavucontrol segfaults in gnome-wayland session. It
> works on X11-session.

I can't reproduce the problem. Could you install the debug symbols of
relevant packages and get a back trace?

https://wiki.debian.org/HowToGetABacktrace

-- 

Saludos,
Felipe Sateler

Bug#890391: libjs-jquery-atwho: ReferenceError: Controller is not defined

[Ben Finney]

Control: tags -1 + unreproducible

On 16-Feb-2018, Ben Finney wrote:

> What I need is some simple script that I can run in a minimal Debian
> environment, first to show the behaviour in this package and, after
> making changes to the package, then to test whether the behaviour is
> correct.

Lacking that, I am unable to reproduce the reported behaviour.

-- 
 \   “If you make people think they're thinking, they'll love you; |
  `\ but if you really make them think, they'll hate you.” —Donald |
_o__) Robert Perry Marquis |
Ben Finney 


signature.asc
Description: PGP signature

Bug#891176: pylint: please package version 1.8.2

[Joseph Herlant]

Package: pylint
Version: 1.8.1-1
Severity: wishlist

Hi Sandro,

For another package (pylint-django) I'd need pylint 1.8.2 in unstable.
I can help you on that if you want.

Thanks
Joseph



-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages pylint depends on:
ii  python2.7.14-4
ii  python-astroid1.6.0-1
ii  python-backports.functools-lru-cache  1.4-2
ii  python-configparser   3.5.0-1
ii  python-isort  4.2.5+ds1-3
ii  python-logilab-common 1.4.1-1
ii  python-mccabe 0.6.1-2
ii  python-setuptools 38.4.0-1
ii  python-singledispatch 3.4.0.3-2
ii  python-six1.11.0-2
ii  python2.7 2.7.14-6

Versions of packages pylint recommends:
ii  python-tk  2.7.14-2

Versions of packages pylint suggests:
pn  pylint-doc  

Bug#840014: webcheckout: missing URL sanitization

[Paul Wise]

Control: tags -1 + fixed-upstream patch upstream
Control: forwarded -1 
http://source.myrepos.branchable.com/?p=source.git;a=commitdiff;h=40a3df21c73f1bb1b6915cc6fa503f50814664c8

On Thu, 2018-02-22 at 22:09 +0100, Jakub Wilk wrote:

> Uppercase letter should be allowed in usernames and domains, I guess?

Added.

> This regexp matches "foo://bar"; but this URL would make git execute 
> remote helper "foo", which might be unsafe. I suggest replacing
> 
>(?:[^:]|$)
> 
> with
> 
>(?!:|//)

Replaced.

> qw(git -c protocol.file.allow=user clone --) would be better here. 
> The difference is that the former unnecessarily puts 
> protocol.file.allow=user in the repo's .git/config.

Used that instead.

I've pushed the commit upstream to the URL above.

-- 
bye,
pabs

https://wiki.debian.org/PaulWise


signature.asc
Description: This is a digitally signed message part

Bug#891050: gap-autpgrp: please make the build reproducible

[Bill Allombert]

On Thu, Feb 22, 2018 at 08:51:05AM +, Chris Lamb wrote:
> Dear Bill,
> 
> > Upstream will never take it. This is not the right way to fix this bug
> > and you know it.
> 
> I'm afraid I was a little disappointed to read your response. 

Sorry, but I was also a little disappointed to see such patch
coming from an experienced Debian developer.

TeX-based build systems should be fixed to use SOURCE_DATE_EPOCH etc. to
generate reproducible timestamp rather than TeX documents to be altered to
avoid timestamps. Indeed reproducible builds has the potential to make
timestamp much more accurate and useful, so it would be a waste to remove
them. Avoiding timestamps is also unsustainable in the long run.

We should favor the long term solution over the quick fix.

In the event you did not actually intend the patch to be applied, then
sorry for the confusion.

> It is entirely feasible that upstream would agree with the sentiment
> that such timestamps are not useful (or even misleading) and thus
> should be removed. I have convinced countless developers in the past
> using this or similar arguments.

Alas, the upstream of this package does not even provide a Makefile to
build the documentation. Instead the PDF file is included in the
tarball. So as far as they are concerned the timestamp are always correct
and the user has no business rebuilding the documentation.

But what is magic with SOURCE_DATE_EPOCH and other improvements from the
reproducible build project is that we can arrange for the build system
to generate the exact same timestamps than in the upstream tarball,
which is much better than removing them.

Cheers,
-- 
Bill. 

Imagine a large red swirl here. 

Bug#888928: gource FTBFS with libglm-dev 0.9.9~a2-1

[Andrew Caudwell]

This bug was triggered by the libglm-dev package being updated to an alpha
version of glm 0.9.9 a2. I believe this was done to fix an issue compiling
with GCC 7.3 present in the current release 0.9.8.5. While it's relatively
trivial for me to add the extra define to get it to get my software to
compile, this version of GLM also includes a major change of behavior by
removing the default initialization of vector, matrix and quaternion types.
In the case of gource and logstalgia, there is quite a bit of code relying
on the previous behavior so this has created a number of uninitialized
value bugs. Any other software using libglm-dev that depends on this
behavior will have the same issue.

I've raised a bug with the upstream regarding this change:
https://github.com/g-truc/glm/issues/735

IMO the best solution is for libglm-dev to continue to package the current
release 0.9.8.5 but apply a patch fixing the GCC compilation issue.

On Wed, Jan 31, 2018 at 10:23 PM, Adrian Bunk  wrote:

> Source: gource
> Version: 0.47-1
> Severity: serious
>
> https://tests.reproducible-builds.org/debian/rb-pkg/
> unstable/amd64/gource.html
>
> ...
> In file included from /usr/include/glm/gtx/norm.hpp:18:0,
>  from src/core/vectors.h:37,
>  from src/core/gl.h:27,
>  from src/core/texture.h:34,
>  from src/gource_settings.h:23,
>  from src/user.h:21,
>  from src/action.h:21,
>  from src/action.cpp:18:
> /usr/include/glm/gtx/quaternion.hpp:23:3: error: #error "GLM:
> GLM_GTX_quaternion is an experimental extension and may change in the
> future. Use #define GLM_ENABLE_EXPERIMENTAL before including it, if you
> really want to use it."
>  # error "GLM: GLM_GTX_quaternion is an experimental extension and may
> change in the future. Use #define GLM_ENABLE_EXPERIMENTAL before including
> it, if you really want to use it."
>^
>

Bug#891175: leiningen-clojure: Build depend on libwagon-java instead of libwagon2-java

[Emmanuel Bourg]

Source: leiningen-clojure
Severity: normal

leiningen-clojure builds depend on libwagon2-java but this package is now
deprecated and on its way out, it should be replaced with libwagon-java.

Bug#891036: Workaround found, the problem is with Debian configuration of kernel

[wzabo...@elektron.elka.pw.edu.pl]

I have recompiled the kernel with modifed settings:

In the debian/config/config I have changed:
from
CONFIG_USBIP_VHCI_NR_HCS=8
to
CONFIG_USBIP_VHCI_NR_HCS=4

After installing the modified kernel I was able to get my remote device
attached and it worked correctly.

Probably the problem could be also solved by increasing the  MAXNPORT
from 128 to  240 or even to 256 in tools/usb/usbip/libsrc/vhci_driver.h
(modifying the kernel sources instead of the Debian configuration), but
I have not verified yet if that approach works.

-- 
Wojciech M Zabolotny, PhD
Institute of Electronic Systems
Faculty of Electronics and Information Technology
Warsaw University of Technology

Bug#889533: leiningen-clojure build dependencies need 1.8 adjustments

[Elana Hashman]

Thanks for reopening this! Not sure why the clojure1.8 changelog marked
it as done, as it specified the issues were only partially addressed. I
will be uploading all the bd fixes for leiningen and its multitude of
dependencies in the next day or two :)

- e


signature.asc
Description: Digital signature

Bug#891174: [PATCH] Fix for bug #497342: nvi keeps files open for writing, making their execution fail with ETXTBSY

[spagoveanu]

Package: nvi
Version: 1.81.6-13
Severity: important
Tags: patch upstream

[sorry for opening another bug report instead of replying to the bug log,
but replies to the bug log seem to go *completely* ignored by everybody;
just check the end of https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497342;
that virus/phishing message is there since more than a year!]

Opening the file read-only is enough for flock() -- please notice that
ep->fd is only used to keep the lock hot, that's not the descriptor that
is used for reading or writing data to the file.

--- nvi-1.81.6.orig/common/exf.c
+++ nvi-1.81.6/common/exf.c
@@ -408,7 +408,7 @@ postinit:
 * an error.
 */
if (rcv_name == NULL && ep->refcnt == 0) {
-   if ((ep->fd = open(oname, O_RDWR)) == -1)
+   if ((ep->fd = open(oname, O_RDONLY)) == -1)
goto no_lock;
 
switch (file_lock(sp, oname, >fcntl_fd, ep->fd, 1)) {

Bug#886968: btrfs-progs-udeb: depends on non-udeb: libzstd1

[Nicholas D Steeves]

On Mon, Jan 15, 2018 at 02:20:28PM +, Dimitri John Ledkov wrote:
> On 15 January 2018 at 00:27, Cyril Brulebois  wrote:
> > Hi,
> >
> > Cyril Brulebois  (2018-01-12):
> >> Your package is no longer installable (along with its rev-dep
> >> partman-btrfs) because it now depends on libzstd1, which isn't
> >> a udeb.
> >
> > It seems zstd is only an option for btrfs-progs, and I've just confirmed
> > that setting --disable-zstd on the dh_auto_configure line lets btrfs-progs
> > build just fine, without the libzstd1 dependency. As far as I can tell,
> > there's no absolute need for this feature in d-i, and we could consider
> > building the udeb without zstd support, instead of requesting the addition
> > of a libzstd1-udeb. What do you think?
> >
> 
> That's an oversight on my part. From the recovery point of view, it
> would be desired to have zstd compression support built-into
> btrfs-progs-udeb such that one can use d-i recovery mode to
> backup/restore btrfs filesystems with zstd compression.
> 
> -- 
> Regards,
> 
> Dimitri.

Hi Cyril! 

I agree that it's not essential for d-i; although, it's worth
mentioning that zstd seems like it will more likely satisfy users who
are coming from zfs' "lz4 compression is usually beneficial" school of
thought than lzo will.

Dmitri, does btrfs send/receive actually require userspace libzstd?
Or is it needed for defrag? (rewrites files, and also optionally
applies, removes, or changes compression type) I'm guessing that
btrfs-check requires it. (check --repair is, broadly speaking,
equivalent to 'fsck.ext4 -p')

The worst-case d-i bloat for an official arch seems to be 193.4kB for
i386, before compression.  Would you please 'reassign -1 libzstd' if
you agree that Debian's rescue mode should support cloning/restoring
subvolumes with compressed files, and/or being able to repair the
(unmounted) rootfs?  It seems strange that buster's initramfs has this
functionality and that rescue mode doesn't.  Alternatively, the btrfs
binary in the udeb could be statically linked...

Thanks,
Nicholas


signature.asc
Description: PGP signature

Bug#891026: [zfs-dkms]

[Antonio Russo]

Control: severity 889795 serious
Control: merge 889795 891026

I've raised the severity of the existing bug given the presence of Linux 4.15
in the repository.

Both spl and zfs packages are pulled into, and merged with, the existing
Debian packaging in

https://github.com/aerusso/pkg-zfsonlinux-zfs
and
https://github.com/aerusso/pkg-zfsonlinux-spl

in branch pulls/proposed-0.7.6. This also includes some other compatibility
fixes from zfsonlinux master (890576).

Bug#891173: pavucontrol segfaults on wayland

[Jakobus Schürz]

Package: pavucontrol
Version: 3.0-4
Severity: important

Dear Maintainer,

the subject says all. pavucontrol segfaults in gnome-wayland session. It
works on X11-session.

jakob


-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (990, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages pavucontrol depends on:
ii  libatk1.0-0  2.26.1-3
ii  libatkmm-1.6-1v5 2.24.2-3
ii  libc62.26-6
ii  libcairo-gobject21.15.10-1
ii  libcairo21.15.10-1
ii  libcairomm-1.0-1v5   1.12.2-3
ii  libcanberra-gtk3-0   0.30-6
ii  libcanberra0 0.30-6
ii  libgcc1  1:8-20180207-2
ii  libgdk-pixbuf2.0-0   2.36.11-1
ii  libglib2.0-0 2.54.3-2
ii  libglibmm-2.4-1v52.54.1-3
ii  libgtk-3-0   3.22.28-1
ii  libgtkmm-3.0-1v5 3.22.2-2
ii  libpango-1.0-0   1.40.14-1
ii  libpangocairo-1.0-0  1.40.14-1
ii  libpangomm-1.4-1v5   2.40.1-4
ii  libpulse-mainloop-glib0  11.1-4
ii  libpulse011.1-4
ii  libsigc++-2.0-0v52.10.0-1
ii  libstdc++6   8-20180207-2
ii  libx11-6 2:1.6.4-3

Versions of packages pavucontrol recommends:
ii  pulseaudio  11.1-4

pavucontrol suggests no packages.

-- no debconf information

Bug#890268: [Pkg-puppet-devel] Bug#890268: puppet: non-agent commands fail on puppet agent when environment is set

[Apollon Oikonomopoulos]

Control: tags -1 upstream fixed-upstream pending

Hi Alex :)

Thanks for the report!

On 20:47 Mon 12 Feb , Alex Kiousis wrote:
> Dear Maintainer,
> puppet4 seems to always look inside 'environmentpath' for the currently
> configured environment before doing any operation.
> This doesn't make sense when a host acts as an agent.
> 
> By default environmentpath is set to '/etc/puppet/code/environments'.
> 
> Running any puppet command (except puppet agent) with an environment set
> fails like this:
> 
> puppet config print --environment=testaki
> /usr/lib/ruby/vendor_ruby/puppet/environments.rb:38:in `get!': Could not find 
> a directory environment named 'testaki' anywhere in the path: 
> /etc/puppet/code/environments. Does the directory exist?  
> (Puppet::Environments::EnvironmentNotFound)
>   from /usr/lib/ruby/vendor_ruby/puppet/application_support.rb:29:in 
> `push_application_context'
>   from /usr/lib/ruby/vendor_ruby/puppet/application.rb:337:in `run'
>   from /usr/lib/ruby/vendor_ruby/puppet/util/command_line.rb:132:in `run'
>   from /usr/lib/ruby/vendor_ruby/puppet/util/command_line.rb:72:in 
> `execute'
>   from /usr/bin/puppet:5:in `'
> 
> Running puppet agent works fine though.

This was fixed upstream in 4.10.10[1]. I'll update the package in sid 
soon-ish and probably queue this up for a stable update if it can be 
backported easily.

Regards,
Apollon

[1] 
https://github.com/puppetlabs/puppet/commit/430f22be04c8d888e6a85b4095a33a2fe0e3f7f2

Bug#889527: [Pkg-puppet-devel] Bug#889527: puppet: Puppet master/agent on testing/buster fails with SSL errors

[Apollon Oikonomopoulos]

Control: tags -1 upstream fixed-upstream

Hi,

On 16:28 Sun 04 Feb , clayton wrote:
> Warning: Unable to fetch my node definition, but the agent run will 
> continue:
> Warning: SSL_read: decryption failed or bad record mac

This is a bug in the webrick puppet master, exposed by ruby 2.3.6 and 
fixed upstream in 4.10.10. I'll update the package soonish.

Regards,
Apollon

Bug#891136: deja vu

[Elana Hashman]

This ITP is currently blocked on
https://dev.clojure.org/jira/browse/TDEPS-44

Upstream depends on a version of Maven that is unavailable in the
archive. Because of significant API changes between Maven 3.3.9
(currently required) and Maven 3.5 (in Debian), it doesn't make sense
for me to attempt a Debian-specific patch.

- e


signature.asc
Description: Digital signature

Bug#891172: libhmsbeagle: please drop the spurious B-D: libpoclu-dev

[Andreas Beckmann]

Source: libhmsbeagle
Version: 2.1.2+20160831-5
Severity: serious
Tags: sid buster

Hi,

please drop the spurious B-D on libpoclu-dev, the libpoclu-dev and
libpoclu2 packages will be dropped in pocl 1.1.

Maybe you want/need to use
  ocl-icd-opencl-dev | opencl-dev
instead?


Andreas

Bug#891171: RM: gtk-d [ppc64el] -- ROM; Compiler doesn't support the ppc64 architecture

[Matthias Klumpp]

Package: ftp.debian.org
Severity: normal

Hi!
This package built on ppc64el before, but doesn't anymore. The problem
lies in the LDC compiler, and since upstream doesn't see ppc64 as
officially supported architecture, the problem will not be addressed
anytime soon.
After 4 months, it does not make sense to hold this and other packages
hostage because they now fail to build on ppc64el.
Therefore, please remove the old ppc64el binaries of gtk-d.
(future build attempts on this architecture will be done with GDC,
unless ppc64(el) gets fully supported by LDC upstream)

Kind regards,
Matthias

Relevant upstream report: https://github.com/ldc-developers/ldc/issues/2356

Bug#891170: ITP: ignition-tools -- Entry point for helper provided by all the suite of ignition robotics

[Jose Luis Rivero]

Package: wnpp
Severity: wishlist
Owner: Jose Luis Rivero 

* Package name: ignition-tools
  Version : 0.1.0
  Upstream Author : Open Robotics
* URL : https://ignitionrobotics.org/libs/tools
* License : Apache2
  Programming Lang: ruby
  Description : Entry point for helper provided by all the suite of 
ignition robotics

Ignition tools provide the ign command line tool that accepts multiple
subcommands. Each subcommand is implemented in a plugin that belongs
to a specific Ignition project.

Bug#891036: The problem is related to the number of ports created in vhci_hcd.0

[wzabo...@elektron.elka.pw.edu.pl]

In fact I don't understand how the vhci_hcd is supposed to work.

The constants are defined as follows:
https://elixir.bootlin.com/linux/v4.15.4/source/drivers/usb/usbip/vhci.h#L75

/* Number of supported ports. Value has an upperbound of USB_MAXCHILDREN */
#ifdef CONFIG_USBIP_VHCI_HC_PORTS
#define VHCI_HC_PORTS CONFIG_USBIP_VHCI_HC_PORTS
#else
#define VHCI_HC_PORTS 8
#endif

/* Each VHCI has 2 hubs (USB2 and USB3), each has VHCI_HC_PORTS ports */
#define VHCI_PORTS    (VHCI_HC_PORTS*2)

#ifdef CONFIG_USBIP_VHCI_NR_HCS
#define VHCI_NR_HCS CONFIG_USBIP_VHCI_NR_HCS
#else
#define VHCI_NR_HCS 1
#endif

#define MAX_STATUS_NAME 16

Then in the line
https://elixir.bootlin.com/linux/v4.15.4/source/drivers/usb/usbip/vhci_hcd.c#L46
we can see:

int vhci_num_controllers = VHCI_NR_HCS;

But, when I have unpacked the sources of the Debian kernel:

("apt source usbip" downloads and unpacks the kernel sources)

In the debian/config/config I can see:

CONFIG_USBIP_CORE=m
CONFIG_USBIP_VHCI_HCD=m
CONFIG_USBIP_VHCI_HC_PORTS=15
CONFIG_USBIP_VHCI_NR_HCS=8
CONFIG_USBIP_HOST=m

So the number of created controllers is equal to 8, and for each
controller there are 30 ports created (2 * 15)

That results in 240 ports, that is above the MAXNPORT number defined in

https://elixir.bootlin.com/linux/v4.15.4/source/tools/usb/usbip/libsrc/vhci_driver.h#L16
#define MAXNPORT 128

To obtain the working configuration it is necessary either to increase
the MAXNPORT to 240 or even to 256 or to decrease the
CONFIG_USBIP_VHCI_NR_HCS to 4


-- 
Wojciech M Zabolotny, PhD
Institute of Electronic Systems
Faculty of Electronics and Information Technology
Warsaw University of Technology

Bug#886399: RFS: opencascade/7.2.0-1 [ITP]

[Kurt Kremitzki]

I'm still addressing some of the feedback given by you and Tobias, but I 
thought I would post an update.


On 02/12/2018 05:44 AM, Anton Gladky wrote:

Hi Kurt,

Just a short review. I did not test the package. But some
stuff should be fixed before it will be uploaded.

As I understand you want to maintain the package under the
umbrella of debian science team? If so, please fix some
corresponding fields (maintaner etc) in d/control.

=
1. source/include-binaries remove
2. source/options - remove
3. quilt debian/control : quilt - remove
4. VCS - salsa under d/science
5. all lib-packages should be numbered according to its API-version,
something like libopencascade-modeling-algorithms7.2
6. Install files of lib-packages should have something like
usr/lib/*/libTKMath.so.*, not the particular version
7. --parallel option is not needed with debhelper > 10


All of the above are done (but not pushed yet.)


8. Not sure about option -DCMAKE_BUILD_TYPE=Release.


Neither am I--normally when I run eg `ccmake` on the OpenCASCADE source 
this variable is already set to `Release`, but without this I get an 
error suggesting it's being set to `none`. I chalked it up to an 
idiosyncracy in OpenCASCADE.



9. Simplify d/rules. All cp-commands should be replaces by the lines
in d/install-files


Got it--the only one I had a question about was the 
opencascade-draw7.2.desktop file I have in the debian directory. Is it 
ok that I now have something like this in opencascade-draw7.2.install?:


../opencascade-draw*.desktop usr/share/applications/


10. Check whether you need mkdir-commands in d/rules


They were superfluous.


11. override_dh_makeshlibs looks questionable


Removed.


12. Use dh_missing --fail-missing to be sure that all files are installed.


Good suggestion, there were about 300 files not being included, most of 
them part of opencascade-draw, which isn't used by FreeCAD and thus I 
hadn't noticed a problem from this.


However, with all the files included the package now FTBFS with a ton of 
errors like this:


dpkg-shlibdeps: error: cannot find library libTKBinTObj.so.7 needed by 
debian/opencascade-draw7.2/usr/lib/x86_64-linux-gnu/libTKTObjDRAW.so.7.2.0 
(ELF format: 'elf64-x86-64' abi: '0201003e'; RPATH: '')


All the libraries mentioned are files provided by the libopencascade- 
packages, so I tried adding them to opencascade-draw7.2's Depends: but 
that didn't resolve it, so I'm a little stuck.



13. Point the first upload into the experimental.


Updated.


14. Double-check __all__ the files and their licenses to save the time
for FTP-masters.


Will do once I clean up my current work and before I push.

Bug#889990: gnome-boxes: Unable to start VMs because CPU mode 'custom' for x86_64 kvm domain on x86_64 host is not supported

[nquinnathome1]

On Thu, 22 Feb 2018 19:05:25 +0100 Guido =?iso-8859-1?Q?G=FCnther?=  wrote:
> On Thu, Feb 15, 2018 at 09:45:03AM -0800, Josh Triplett wrote:
> > Package: gnome-boxes
> > Version: 3.26.2-3
> > Followup-For: Bug #889990
> > 
> > I've encountered this issue as well, with the current version in
> > unstable.
> 
> Likely your user is not in the libvirt group and so the list of CPUs
> available for KVM is empty. Could you try 
> 
> adduser  kvm
> 
> If that helps we should probably give rw permissions to the currently
> logged in user via logind (as done with the audio and video devices
> already).
> 
> Cheers,
>  -- Guido
> 
> 

This solves the issue for me; thanks.

Bug#889533: leiningen-clojure build dependencies need 1.8 adjustments

[Adrian Bunk]

Control: reopen -1

The leiningen-clojure build dependencies need adjustments
to use 1.8 packages.

cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

Bug#891169: kismet: [INTL:pt_BR] Brazilian Portuguese debconf templates translation

[Adriano Rafael Gomes]

Package: kismet
Tags: l10n patch
Severity: wishlist

Hello,

Please, Could you update the Brazilian Portuguese Translation?

Attached you will find the file pt_BR.po. It is UTF-8 encoded and it is
tested with msgfmt and podebconf-display-po.

Kind regards.


pt_BR.po.gz
Description: application/gzip


signature.asc
Description: Digital signature

Bug#81077: clarify

[Josip Rodin]

retitle 81077 links: Cyrillic transliteration not aware of varieties
thanks

My original bug report was insufficiently informed - there are a variety
of transliteration methods, and the default one picked is in fact the
most common one for the Russian language and character sets.

It would, however, be nice if it was able to detect other languages and
character set combinations. I checked Serbian and it doesn't use the
most relevant transliteration there.

There's an informative list of various options at the Firefox addon site
http://www.benya.com/transliterator

TIA

-- 
 2. That which causes joy or happiness.

Bug#863199: mkdir -p /usr/share/man/man1

[Hans-Christoph Steiner]

mkdir -p /usr/share/man/man1 fixed it for me:
https://salsa.debian.org/eighthave/fdroidserver/-/jobs/7947

Bug#891036: The problem is related to the number of ports created in vhci_hcd.0

[wzabo...@elektron.elka.pw.edu.pl]

On the system where I have installed the 4.15.xxx kernel and usbip from
Debian/sid, I get the following results from "usbip --debug port":

[...]
usbip: debug: names.c:428:[parse] line 18068 subclass fe:02 IRDA Bridge
usbip: debug: names.c:428:[parse] line 18069 subclass fe:03 Test and
Measurement
usbip: debug: names.c:461:[parse] line 18070 protocol fe:03:01 TMC
usbip: debug: names.c:461:[parse] line 18071 protocol fe:03:02 USB488
usbip: debug: names.c:374:[parse] line 18072 class ff Vendor Specific Class
usbip: debug: names.c:428:[parse] line 18073 subclass ff:ff Vendor
Specific Subclass
usbip: debug: names.c:461:[parse] line 18074 protocol ff:ff:ff Vendor
Specific Protocol
libusbip: debug: vhci_driver.c:264:[usbip_vhci_driver_open] available
ports: 240
libusbip: error: port number exceeds 128
usbip: error: open vhci_driver
usbip: error: list imported devices

The line where the condition is checked is
https://elixir.bootlin.com/linux/v4.15.4/source/tools/usb/usbip/libsrc/vhci_driver.c#L263

vhci_driver
->nports = 
get_nports ();
dbg ("available
ports: %d", vhci_driver
->nports);

if (vhci_driver
->nports <= 0) {
err("no available ports");
goto err;
} else if (vhci_driver
->nports > MAXNPORT 
) {
err("port number exceeds %d", MAXNPORT 
);
goto err;
}

Maybe the viable workaround would be just to increase the MAXNPORT number?

-- 

Wojciech M Zabolotny, PhD
Institute of Electronic Systems
Faculty of Electronics and Information Technology
Warsaw University of Technology

Bug#891168: miniupnpd: [INTL:pt_BR] Brazilian Portuguese debconf templates translation

[Adriano Rafael Gomes]

Package: miniupnpd
Tags: l10n patch
Severity: wishlist

Hello,

Please, Could you update the Brazilian Portuguese Translation?

Attached you will find the file pt_BR.po. It is UTF-8 encoded and it is
tested with msgfmt and podebconf-display-po.

Kind regards.


pt_BR.po.gz
Description: application/gzip


signature.asc
Description: Digital signature

Bug#891167: metaphlan2-data: [INTL:pt_BR] Brazilian Portuguese debconf templates translation

[Adriano Rafael Gomes]

Package: metaphlan2-data
Tags: l10n patch
Severity: wishlist

Hello,

Please, Could you update the Brazilian Portuguese Translation?

Attached you will find the file pt_BR.po. It is UTF-8 encoded and it is
tested with msgfmt and podebconf-display-po.

Kind regards.


pt_BR.po.gz
Description: application/gzip


signature.asc
Description: Digital signature

Bug#891166: matrix-synapse: [INTL:pt_BR] Brazilian Portuguese debconf templates translation

[Adriano Rafael Gomes]

Package: matrix-synapse
Tags: l10n patch
Severity: wishlist

Hello,

Please, Could you update the Brazilian Portuguese Translation?

Attached you will find the file pt_BR.po. It is UTF-8 encoded and it is
tested with msgfmt and podebconf-display-po.

Kind regards.


pt_BR.po.gz
Description: application/gzip


signature.asc
Description: Digital signature

Bug#891165: ucf: [INTL:pt_BR] Brazilian Portuguese debconf templates translation

[Adriano Rafael Gomes]

Package: ucf
Tags: l10n patch
Severity: wishlist

Hello,

Please, Could you update the Brazilian Portuguese Translation?

Attached you will find the file pt_BR.po. It is UTF-8 encoded and it is
tested with msgfmt and podebconf-display-po.

Kind regards.


pt_BR.po.gz
Description: application/gzip


signature.asc
Description: Digital signature

Bug#891163: kstars FTBFS: dh_install: Cannot find "usr/lib/*/libexec/kauth/kauth_kstars_helper"

[Adrian Bunk]

Source: kstars
Version: 4:17.08.3-2
Severity: serious

Some recent change in unstable makes kstars FTBFS:

https://tests.reproducible-builds.org/debian/history/kstars.html
https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/kstars.html

...
dh_install  
dh_install: Cannot find (any matches for) 
"usr/lib/*/libexec/kauth/kauth_kstars_helper" (tried in ., debian/tmp)

dh_install: kstars missing files: usr/lib/*/libexec/kauth/kauth_kstars_helper
dh_install: missing files, aborting
make[1]: *** [/usr/share/pkg-kde-tools/qt-kde-team/3/dhmk.mk:97: 
pre_install_dh_install] Error 25
make[1]: Leaving directory '/build/1st/kstars-17.08.3'
make: *** [/usr/share/pkg-kde-tools/qt-kde-team/3/dhmk.mk:112: 
debian/dhmk_install] Error 2

Bug#891164: igtf-policy-bundle: [INTL:pt_BR] Brazilian Portuguese debconf templates translation

[Adriano Rafael Gomes]

Package: igtf-policy-bundle
Tags: l10n patch
Severity: wishlist

Hello,

Please, Could you update the Brazilian Portuguese Translation?

Attached you will find the file pt_BR.po. It is UTF-8 encoded and it is
tested with msgfmt and podebconf-display-po.

Kind regards.


pt_BR.po.gz
Description: application/gzip


signature.asc
Description: Digital signature

Bug#886329: [Filesystems-devel] Bug#886329: Bug#886329: Bug#886329: aufs-dkms: Cannot use aufs union mount with Linux 4.14.7-1: kernel BUG at /var/lib/dkms/aufs/4.14+20171218/build/fs/aufs/finfo.c:113

[sfjro]

sf...@users.sourceforge.net:
> Thanx for the interesting bug report.
> Although I could not reproduce the bug, I'm afraid it is an aufs
> problem. I will try more and investigate it, but it may take some time.

On the report, I can see that you use aufs in qemu.
Would you kindly tell me how you invoked it? I mean the exact command
line. Because I cannot reproduce the problem on my test machine, intel
core2duo (I know this is old machine). Do you have more cpu cores? Do
you think that more and more cores get more chances to reproduce?


J. R. Okajima

Bug#855879: Please add blapi.h to libnss3-dev

[Timo Aaltonen]

Timo Aaltonen kirjoitti 21.12.2017 klo 11:43:
> Hi, I need nss-pem for certmonger which is used on a FreeIPA client to
> refresh certificates. Without it shipping FreeIPA server with a CA is
> pointless.
> 
> Six months have passed, how about just merging this patch? It wouldn't
> affect packages using libnss3-dev.

It's not just freeipa client, setting up current freeipa server fails if
libnsspem.so is not available. https://pagure.io/freeipa/issue/7422

Upstream/nss-pem folks are quite clear that nssb can't be made dynamic,
and they won't touch the others either. So while nss-pem could
technically just copy the necessary headers, it would still require the
libs from nss..
https://bugzilla.mozilla.org/show_bug.cgi?id=1429692

I've filed a bug on Ubuntu to add libnss3-pkcs11-dev
https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1751140

because bionic can't wait any longer.


-- 
t

Bug#891162: RM: kirigami -- ROM; old version, no more used

[Pino Toscano]

Package: ftp.debian.org
Severity: normal

Hi,

the kirigami source is the old version, and the new version is
kirigami2.  Since kirigami is no more used, please remove it.

Thanks,
-- 
Pino

Bug#881339: marked as done (allow node-babel-preset-env to build depend on itself)

[Philip Hands]

On Thu, 22 Feb 2018, Wookey  wrote:
...
> Anyway, Pirate - I suggest you ask about this on debian-devel where we
> can have a pulic discussion about policy and whether there is anything
> special about this case which makes it not suitable software for the
> archive.

This would probably have been a much better approach than the course
that was taken.

The private discussion with Thorsten that was forwarded to the bug
seemed not to have been followed through to any sort of conclusion
before escalation to the TC.

Also, the questions that Don was trying to explore about why there was a
need for the dependencies in the first place went unanswered. Presumably
because the whole thing is moot now that the package has been accepted.

If that was the reason for not responding to Don, it would have been
polite to close the bug at that point.

If on the other hand one is still expecting clarification on some
outstanding point (despite the fact that the original purpose of the bug
is now gone) then it would probably be wise to say so explicitly.

In the absence of any of that, my only regret is that we didn't reject
the bug at the outset for not really having bothered with steps 1-3 here:

  https://www.debian.org/devel/tech-ctte

I'm confident that we can all learn from this experience, and hope we
will do a better job next time.

Cheers, Phil.
-- 
|)|  Philip Hands  [+44 (0)20 8530 9560]  HANDS.COM Ltd.
|-|  http://www.hands.com/http://ftp.uk.debian.org/
|(|  Hugo-Klemm-Strasse 34,   21075 Hamburg,GERMANY


signature.asc
Description: PGP signature

Bug#891161: cwidget: FTBFS with libncursesw6

[Sven Joachim]

On 2018-02-22 22:23 +0100, Sven Joachim wrote:

> I should note that the person who first requested this 5th button
> support in Debian is Daniel Burrows, original author of aptitude and
> cwidget.  See https://bugs.debian.org/bug=230990.

Gah, that should read https://bugs.debian.org/230990 instead, did not
shorten the URL correctly. :-(

Cheers,
   Sven

Bug#890590: libcomerr2:i386: no available i386 variant of transitional package

[Theodore Ts'o]

On Thu, Feb 22, 2018 at 09:32:53AM -0700, Adam Conrad wrote:
> 
> In Ubuntu, the attached patch was applied to achieve the following:
> 
>   * Make transitional library packages be Arch: any and Multi-Arch: same
> so that upgrades actually function correctly when two or more exist.
> 
> It's clear from the multiarch spec that only one arch:all package
> can be installed (ie: you can't have an amd64 and i386 version of
> the same arch:all package, that's nonsensical), and thus this upgrade
> path just doesn't work for people who had multiple versions of the
> libraries installed.  Flipping the transitionals back to arch:any
> and m-a:same fixes the upgrade.

Thanks for the patch and the explatnation.  Hmmm... so that memans
that if a package is every Arch:all, it's impossible to ever
transition to Arch:any without running afoul of the potential for the
package to be installed for multiple architectures.  Grump.

It doesn't matter here, since this is only at transitional package,
but this seems unfortunate.

- Ted

Bug#890262: (no subject)

[Martin Michlmayr]

* Arthur  [2018-02-21 23:03]:
> I now have another problem (should I file another bugs?), openning up

These are different issues so please don't follow up here.

Let's continue this on the thread on debian-arm:
https://lists.debian.org/debian-arm/2018/02/msg00086.html

-- 
Martin Michlmayr
http://www.cyrius.com/

Bug#891161: cwidget: FTBFS with libncursesw6

[Sven Joachim]

Source: cwidget
Version: 0.5.17-7

With the upcoming libncursesw6 package (which is not available yet, but
everything is ready in git and I have asked for an upload to
experimental), cwidget FTBFS.  This is the relevant part, I have
attached the full build log for reference:

,
| text_layout.cc: In member function 'virtual void 
cwidget::widgets::text_layout::dispatch_mouse(short int, int, int, int, 
mmask_t)':
| text_layout.cc:89:57: error: no matching function for call to 'max(int, 
size_t)'
|set_start(std::max(0, start - mouse_wheel_scroll_lines));
|  ^
`

This is the offending function:

,
| void text_layout::dispatch_mouse(short id, int x, int y, int z, mmask_t 
bstate)
| {
|   // Only do something if this system's ncurses has both button 4
|   // and button 5 (older ones didn't).
| #if defined(BUTTON4_PRESSED) && defined(BUTTON5_PRESSED)
|   const int mouse_wheel_scroll_lines =
|   std::max(1, std::min(getmaxy() - 1, 3));
| 
|   if((bstate & BUTTON4_PRESSED) != 0)
|   {
| if((bstate & BUTTON5_PRESSED) == 0)
|   {
| freshen_contents(lastst);
| if(start > 0)
|   set_start(std::max(0, start - mouse_wheel_scroll_lines));
|   }
|   }
|   else if((bstate & BUTTON5_PRESSED) != 0)
|   {
| freshen_contents(lastst);
| if(start + getmaxy() < contents.size())
|   set_start(std::min(contents.size() - getmaxy(),
|  start + mouse_wheel_scroll_lines));
|   }
| #endif
| }
`

Indeed, one difference between libncursesw5 and libncursesw6 is that the
latter _does_ have support for button 5.  So the whole block between
"#if defined(...)" and "#endif" had never been compiled with Debian's
ncurses packages, and it is not very surprising that it bit-rotted.

I should note that the person who first requested this 5th button
support in Debian is Daniel Burrows, original author of aptitude and
cwidget.  See https://bugs.debian.org/bug=230990.


-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (101, 'experimental')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 4.15.4-nouveau (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)



cwidget_0.5.17-7_i386.build.xz
Description: build log

Bug#891160: libgaminggear FTBFS with cmake 3.10

[Adrian Bunk]

Source: libgaminggear
Version: 0.15.1-6
Severity: serious
Tags: patch

https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/libgaminggear.html

...
dh_missing --fail-missing
dh_missing: usr/share/cmake-3.10/Modules/FindGAMINGGEAR0.cmake exists in 
debian/tmp but is not installed to anywhere
dh_missing: missing files, aborting


Fix:

--- debian/not-installed.old2018-02-22 13:51:54.803336922 +
+++ debian/not-installed2018-02-22 13:53:08.511336219 +
@@ -1,2 +1,2 @@
 usr/lib/x86_64-linux-gnu/gaminggear_plugins
-usr/share/cmake-3.9/Modules/FindGAMINGGEAR0.cmake
+usr/share/cmake-*/Modules/FindGAMINGGEAR0.cmake

Bug#840014: webcheckout: missing URL sanitization

[Jakub Wilk]

$git_url !~ 
m{^(?:(?:https?|git|ssh):[^:]|(?:[-_.a-z0-9]+@)?[-_.a-z0-9]+:(?:[^:]|$))}) {


Uppercase letter should be allowed in usernames and domains, I guess?

This regexp matches "foo://bar"; but this URL would make git execute 
remote helper "foo", which might be unsafe. I suggest replacing


  (?:[^:]|$)

with

  (?!:|//)


qw(git clone -c protocol.file.allow=user --)


qw(git -c protocol.file.allow=user clone --) would be better here. 
The difference is that the former unnecessarily puts 
protocol.file.allow=user in the repo's .git/config.


--
Jakub Wilk

Bug#891159: usbauth-notifier: Install fails with "preinst: db_stop: not found" and leave package in bad inconsistent state

[Yannick Roehlly]

Package: usbauth-notifier
Version: 1.0~git20180119-1
Severity: grave
Justification: renders package unusable

Hi,

Installing usbauth-notifier fails with:

/var/lib/dpkg/tmp.ci/preinst: 15: /var/lib/dpkg/tmp.ci/preinst: db_stop: not 
found

Apparently, ". /usr/share/debconf/confmodule" is missing from the preinst (and
others) script. See bug #443823 for a similar problem.

I used severity "grave" because this leaves the package in "bad inconsistent
state" difficult to handle without having a corrected package.

Yannick

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.15.4 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8), LANGUAGE= 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-- no debconf information

Bug#230990: Finally this is going to get fixed

[Sven Joachim]

Control: tags -1 = pending

Everything for the transition has been prepared in git, and I have just
asked Craig to upload libncurses6 etc to experimental.  It took only 14
years!

Cheers,
   Sven

Bug#887395: [Pkg-puppet-devel] Bug#887395: vim-puppet: package vim plugin from rodjek

[Apollon Oikonomopoulos]

Control: reassign -1 wnpp
Control: severity -1 wishlist
Control: merge -1 866879

Hi,

On 09:38 Tue 16 Jan , Gabriel Filion wrote:
> oh, fair point!
> 
> Apparently, someone else thought of the same thing than you did (and
> also for debian packaging!) and already opened an issue on the project
> about licensing:
> 
> https://github.com/rodjek/vim-puppet/issues/79
> 

I already have an ITP filed on this, blocked on the issue you found :) 
I'll ping upstream to see if we can get this sorted.

Thanks,
Apollon

Bug#891158: icewm: Please add icewm-extra-themes to Debian.

[Jose A. Fernandez Gonzalez]

Subject: icewm: Please add icewm-extra-themes to Debian.
Package: icewm
Severity: wishlist

The package icewm ships just a few themes and there isn't a package like in
the past icewm-themes in Debian repositories so the unique way to install
themes righ now is by hand.

https://github.com/bbidulock/icewm

https://github.com/bbidulock/icewm-extra-themes

Part of its README:

Package icewm-extra-themes-1.0 was released under GPLv2 license 2017-08-02.

"This is a set of extra themes for IceWM that were too numerous to include
in the base IceWM release. The purpose is to provide an adequate
replacement for the Debian icewm-themes package and to act as a source of
themes for distro maintainers of IceWM to select from when building and
installing IceWM."

Regards.

Bug#276655: synaptic: 'lock version' harmful; another suggestion : replace with apt-mark hold

[Serge Le Tyrant]

Package: synaptic
Version: 0.84.2
Followup-For: Bug #276655

I have reported the bug #890668 about unattended-upgrades package
In it's recent version (0.99), this package upgrade all Debian packages (not
only security packages) even if they are blocked on Synaptic.

The maintainer of this package tells me to use :
apt-mark hold 
to hold a package.

I suggest to use this function on Synaptic



-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Foreign Architectures: 64, x32, 32

Kernel: Linux 4.15.0-1-686-pae (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), 
LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages synaptic depends on:
ii  hicolor-icon-theme   0.17-1
ii  libapt-inst2.0   1.6~alpha7
ii  libapt-pkg5.01.6~alpha7
ii  libatk1.0-0  2.26.1-3
ii  libc62.26-6
ii  libcairo-gobject21.15.10-1
ii  libcairo21.15.10-1
ii  libept1.5.0  1.1+nmu3+b1
ii  libgcc1  1:8-20180218-1
ii  libgdk-pixbuf2.0-0   2.36.11-1
ii  libglib2.0-0 2.54.3-2
ii  libgnutls30  3.5.18-1
ii  libgtk-3-0   3.22.28-1
ii  libpango-1.0-0   1.40.14-1
ii  libpangocairo-1.0-0  1.40.14-1
ii  libpcre2-8-0 10.22-6
ii  libstdc++6   8-20180218-1
ii  libvte-2.91-00.50.2-4
ii  libx11-6 2:1.6.4-3
ii  libxapian30  1.4.5-1
ii  policykit-1  0.105-18
ii  zlib1g   1:1.2.8.dfsg-5

Versions of packages synaptic recommends:
ii  libgtk2-perl   2:1.24992-1+b1
ii  rarian-compat  0.8.1-6+b1
ii  xdg-utils  1.1.2-1

Versions of packages synaptic suggests:
ii  apt-xapian-index 0.49
ii  deborphan1.7.28.8-0.3+b1
pn  dwww 
ii  menu 2.1.47+b1
ii  software-properties-gtk  0.96.20.2-1
ii  tasksel  3.43

-- no debconf information

Bug#886329: [Filesystems-devel] Bug#886329: Bug#886329: Bug#886329: aufs-dkms: Cannot use aufs union mount with Linux 4.14.7-1: kernel BUG at /var/lib/dkms/aufs/4.14+20171218/build/fs/aufs/finfo.c:113

[sfjro]

intrigeri:
> OK, sorry. I got confused by:
>
>I am interested in why you set '1' to the aufs module parameter "debug".
>If you had not set, this bug would not appear I guess. Did you see
>something wrong without setting "debug"?
>
> =E2=80=A6 which seemed to refer to that module parameter. Anyway, moving on:

Ah, that is my bad. Sorry.


> Confirmed! So indeed, this problem only happens when CONFIG_AUFS_DEBUG
> is enabled, which is the default setting in aufs4-standalone.git's
> config.mk and the Debian aufs-dkms package does not change that.
> So let me ask: is it recommended to disable this compilation option
> for production use?

Glad to hear that!
Generally for production use, all debugging feature should be disabled.
The reason I release aufs with CONFIG_AUFS_DEBUG enabled is I secretly
expect a bug report such like this. :-)


J. R. Okajima

Bug#891156: mutter: Incomplete debian/copyright?

[Chris Lamb]

Source: mutter
Version: 3.27.91-1
Severity: serious
Justication: Policy 12.5
X-Debbugs-CC: Jeremy Bicha 

Hi,

I just ACCEPTed mutter from NEW but noticed it was missing 
attribution in debian/copyright for at least Endless Mobile
(for src/wayland/meta-wayland-region.c) but others in that
dir too.

(This is not exhaustive so please check over the entire package 
carefully and address these on your next upload.)


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#891157: r-cran-animation: Incomplete debian/copyright?

[Chris Lamb]

Source: r-cran-animation
Version: 2.5+dfsg-1
Severity: serious
Justication: Policy 12.5
X-Debbugs-CC: Andreas Tille 

Hi,

I just ACCEPTed r-cran-animation from NEW but noticed it was missing 
attribution in debian/copyright for at least Brent Ertz for 
inst/misc/scianimator/css/scianimator.blue.css.

(This is not exhaustive so please check over the entire package 
carefully and address these on your next upload.)


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#891155: Typo in the package description

[Louis-Philippe Véronneau]

Package: node-is-npm
Severity: minor

The description of this package includes a typo. One can read:

"Is-npm checks *wheather* your code is running as an npm or yarn script."

It should be:

"Is-npm checks *whether* your code is running as an npm or yarn script."

-- 
pollo



signature.asc
Description: OpenPGP digital signature

Bug#891151: dune-uggrid FTBFS with cmake 3.10.2-1

[Adrian Bunk]

Source: dune-uggrid
Version: 2.5.1-1
Severity: serious
Tags: patch
Control: fixed -1 2.6~20180108-1
Control: close -1

https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/dune-uggrid.html

...
cd /build/1st/dune-uggrid-2.5.1/build/parallel/dddif && /usr/bin/c++  
-D-pthread -DENABLE_MPI=1 -DFOR_DUNE -DHAVE_CONFIG_H -DMPICH_SKIP_MPICXX 
-DMPIPP_H -DModelP -DUGLIB -DUG_DIM_3 -DUG_USE_NEW_DIMENSION_DEFINES 
-DUG_USE_SYSTEM_HEAP=1 -I/build/1st/dune-uggrid-2.5.1/build 
-I/build/1st/dune-uggrid-2.5.1 
-I/usr/lib/x86_64-linux-gnu/openmpi/include/openmpi 
-I/usr/lib/x86_64-linux-gnu/openmpi/include/openmpi/opal/mca/event/libevent2022/libevent
 
-I/usr/lib/x86_64-linux-gnu/openmpi/include/openmpi/opal/mca/event/libevent2022/libevent/include
 -I/usr/lib/x86_64-linux-gnu/openmpi/include -I/build/1st/dune-uggrid-2.5.1/low 
-I/build/1st/dune-uggrid-2.5.1/gm -I/build/1st/dune-uggrid-2.5.1/dev 
-I/build/1st/dune-uggrid-2.5.1/dom -I/build/1st/dune-uggrid-2.5.1/np 
-I/build/1st/dune-uggrid-2.5.1/ui -I/build/1st/dune-uggrid-2.5.1/np/algebra 
-I/build/1st/dune-uggrid-2.5.1/np/udm -I/build/1st/dune-uggrid-2.5.1/parallel 
-I/build/1st/dune-uggrid-2.5.1/parallel/ddd 
-I/build/1st/dune-uggrid-2.5.1/parallel/pp
 if -I/build/1st/dune-uggrid-2.5.1/parallel/dddif 
-I/build/1st/dune-uggrid-2.5.1/parallel/util 
-I/build/1st/dune-uggrid-2.5.1/parallel/ddd/include  -g -O2 
-fstack-protector-strong -Wformat -Werror=format-security -Wdate-time 
-D_FORTIFY_SOURCE=2 -std=c++14  -fPIC   -o CMakeFiles/dddif3.dir/memmgr.cc.o -c 
/build/1st/dune-uggrid-2.5.1/parallel/dddif/memmgr.cc
:0:1: error: macro names must be identifiers


Felix Geyer mentioned that the root cause is that the
COMPILE_DEFINITIONS in parallel/CMakeLists.txt should
be replaced with COMPILE_OPTIONS.

The version in experimental seems already fixed.

Bug#890982: closed by Adolfo Jayme Barrientos <f...@libreoffice.org> (Re: libreoffice-style-sifr: White background in some icons)

[jEsuSdA 8)]

El 21/02/18 a las 20:54, Debian Bug Tracking System escribió:

This is an automatic notification regarding your Bug report
which was filed against the libreoffice-style-sifr package:

#890982: libreoffice-style-sifr: White background in some icons

It has been closed by Adolfo Jayme Barrientos .

Their explanation is attached below along with your original report.
If this explanation is unsatisfactory and you have not received a
better one in a separate message then please contact Adolfo Jayme Barrientos 
 by
replying to this email.




Thank you!

I tried to use the previous version of sifr and it appears to work fine.

I hope the designers consider to remove the white backgrounds cause they 
looks very extrange. ;)



Cheers!


--
jEsuSdA 8)

Bug#891150: drupal7: SA-CORE-2018-001: Several vulnerabilities

[Salvatore Bonaccorso]

Control: clone -1 -2 -3 -4
Control: retitle -1 drupal7: SA-CORE-2018-001: JavaScript cross-site scripting 
prevention is incomplete
Control: retitle -2 drupal7: SA-CORE-2018-001: Private file access bypass
Control: retitle -3 drupal7: SA-CORE-2018-001: jQuery vulnerability with 
untrusted domains
Control: retitle -4 drupal7: SA-CORE-2018-001: External link injection on 404 
pages when linking to the current page

Hi

On Thu, Feb 22, 2018 at 08:46:30PM +0100, Salvatore Bonaccorso wrote:
> Source: drupal7
> Version: 7.56-1
> Severity: grave
> Tags: security upstream
> 
> Hi
> 
> There was a new Drupal security advisory at
> 
> https://www.drupal.org/sa-core-2018-001
> 
> where several issues affect as well drupal7.
> 
>  * JavaScript cross-site scripting prevention is incomplete - Critical -
>Drupal 7 and Drupal 8
>  * Private file access bypass - Moderately Critical - Drupal 7
>  * jQuery vulnerability with untrusted domains - Moderately Critical
>- Drupal 7
>  * External link injection on 404 pages when linking to the current page
>- Less Critical - Drupal 7

Let's split this up actually in the individual issues affecting Drupal
7 since there are no CVE yet available to identify the issues.

Regards,
Salvatore

Bug#891150: drupal7: SA-CORE-2018-001: Several vulnerabilities

[Salvatore Bonaccorso]

Source: drupal7
Version: 7.56-1
Severity: grave
Tags: security upstream

Hi

There was a new Drupal security advisory at

https://www.drupal.org/sa-core-2018-001

where several issues affect as well drupal7.

 * JavaScript cross-site scripting prevention is incomplete - Critical -
   Drupal 7 and Drupal 8
 * Private file access bypass - Moderately Critical - Drupal 7
 * jQuery vulnerability with untrusted domains - Moderately Critical
   - Drupal 7
 * External link injection on 404 pages when linking to the current page
   - Less Critical - Drupal 7

and fixed with 7.57 (others are affecting only Drupal 8, which is not
going to be packaged in Debian).

Regards,
Salvatore

Bug#889059: FTBFS with (miniupnpc) 2.0.20171212 (warzone2100)

[peter green]

to build with multiple versions of libminiupnpc-dev, replace

I think your suggested replacement is a bit over the top. I don't think there 
is any mileage in debian patches adding support for very old versions of 
miniupnpc.

Also your suggested fix seems to have a couple of issues. Firstly it seems to 
be missing a newline and secondly
it seems to have a wrong variable name in it.

Finally it seems that warzone2100 upstream was using the "API 14+" version of 
the call. Debian then patched it to support the API 8-13 version of the call and broke 
support for API 14+.

So taking this all into account I whipped up a patch to support both the API 
14+ version of that call and the API 8-13 version but not the older versions.

Unfortunately after doing so it seems that the package still failed to build in 
Raspbian buster, the next error was:


netplay.cpp:978:106: error: too few arguments to function ‘void* 
miniwget_getaddr(const char*, int*, char*, int, unsigned int, int*)’
descXML = (char *)miniwget_getaddr(dev->descURL, , lanaddr, 
sizeof(lanaddr), dev->scope_id);


Some searching lead me to 
https://github.com/miniupnp/miniupnp/commit/c4991916e5c12a7754e935e71a5313e75af6aeb9#diff-9813014a8c763f65cfbd4caec9552ddd
 and based on the changes to the testminiwget code in that commit I whipped up 
a patch.

With these fixes I was able to get a succesful build in Raspbian buster.

Debdiff attatched and uploaded to Raspbian, no intent to NMU in Debian.

diff -Nru warzone2100-3.2.1/debian/changelog warzone2100-3.2.1/debian/changelog
--- warzone2100-3.2.1/debian/changelog  2016-11-28 19:51:47.0 +
+++ warzone2100-3.2.1/debian/changelog  2018-02-22 18:35:47.0 +
@@ -1,3 +1,10 @@
+warzone2100 (3.2.1-2+rpi1) buster-staging; urgency=medium
+
+  * Fix build with miniupnpc API 16 (Closes: 889059)
++ Replace fix-upnpDiscover.patch with new patch miniupnpc-api.patch
+
+ -- Peter Michael Green   Thu, 22 Feb 2018 18:35:47 
+
+
 warzone2100 (3.2.1-2) unstable; urgency=medium
 
   * Team upload.
diff -Nru warzone2100-3.2.1/debian/patches/fix-upnpDiscover.patch 
warzone2100-3.2.1/debian/patches/fix-upnpDiscover.patch
--- warzone2100-3.2.1/debian/patches/fix-upnpDiscover.patch 2016-11-28 
19:51:47.0 +
+++ warzone2100-3.2.1/debian/patches/fix-upnpDiscover.patch 1970-01-01 
00:00:00.0 +
@@ -1,23 +0,0 @@
-From: Russell Coker 
-Date: Mon, 19 Sep 2016 23:24:25 +0200
-Subject: fix-upnpDiscover
-
-remove extra arg from upnpDiscover()
-Forwarded: no

- lib/netplay/netplay.cpp | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/lib/netplay/netplay.cpp b/lib/netplay/netplay.cpp
-index 6c14dde..14266db 100644
 a/lib/netplay/netplay.cpp
-+++ b/lib/netplay/netplay.cpp
-@@ -951,7 +951,7 @@ static int upnp_init(void *asdf)
-   if (NetPlay.isUPNP)
-   {
-   debug(LOG_NET, "Searching for UPnP devices for automatic port 
forwarding...");
--  devlist = upnpDiscover(3000, NULL, NULL, 0, 0, 2, );
-+  devlist = upnpDiscover(3000, NULL, NULL, 0, 0, );
-   debug(LOG_NET, "UPnP device search finished.");
-   if (devlist)
-   {
diff -Nru warzone2100-3.2.1/debian/patches/miniupnpc-api.patch 
warzone2100-3.2.1/debian/patches/miniupnpc-api.patch
--- warzone2100-3.2.1/debian/patches/miniupnpc-api.patch1970-01-01 
00:00:00.0 +
+++ warzone2100-3.2.1/debian/patches/miniupnpc-api.patch2018-02-22 
18:24:14.0 +
@@ -0,0 +1,49 @@
+support both mininupnp API
+versions 14+ and the version previously used in Debian.
+
+Thanks to Thomas Bernard for pointing out what the problem with upnpDiscover
+was and providing the #if conditions to use.
+
+miniwget fix based on changes to testminiwget.c at 
+https://github.com/miniupnp/miniupnp/commit/c4991916e5c12a7754e935e71a5313e75af6aeb9#diff-9813014a8c763f65cfbd4caec9552ddd
+
+This patch replaces fix-upnpDiscover.patch by Russel corker 

+which made the package build with the version of miniupnpc in Debian at the 
time 
+but broke support for API version 14+
+
+Author: Peter Michael Green 
+Bug-debian: http://bugs.debian.org/889059
+
+Index: warzone2100-3.2.1/lib/netplay/netplay.cpp
+===
+--- warzone2100-3.2.1.orig/lib/netplay/netplay.cpp
 warzone2100-3.2.1/lib/netplay/netplay.cpp
+@@ -951,7 +951,11 @@ static int upnp_init(void *asdf)
+   if (NetPlay.isUPNP)
+   {
+   debug(LOG_NET, "Searching for UPnP devices for automatic port 
forwarding...");
++#if defined(MINIUPNPC_API_VERSION) && (MINIUPNPC_API_VERSION >= 14)
+   devlist = upnpDiscover(3000, NULL, NULL, 0, 0, 2, );
++#else
++  devlist = upnpDiscover(3000, NULL, NULL, 0, 0, );
++#endif
+   debug(LOG_NET, "UPnP device search finished.");
+   

Bug#885455: live-boot: Please drop wget from initrd (busybox provides wget)

[Benjamin Drung]

Am Mittwoch, den 21.02.2018, 10:08 +0100 schrieb Raphael Hertzog:
> Hello,
> 
> On Wed, 27 Dec 2017, Benjamin Drung wrote:
> > The wget binary depends on many libraries. On Debian 9 (stretch)
> > these
> > are: libffi6, libgnutls30, libhogweed4, libidn11, libidn2-0,
> > libnettle6,
> > libp11-kit0, libpsl5, libtasn1-6, libunistring0. In total 8
> > megabytes.
> > This increases the initramfs size a lot. To save space, use wget
> > from
> > busybox instead. Commit 4328832d0 that adds wget does not give a
> > reason
> > why busybox's wget is not used. A patch is tested and attached.
> 
> The usual reason is for "https" support. Have you tried to use https
> URLs in the various places where we can use URLs?

Okay. I did some tests in a minimal schroot environment:

(stretch)root@konstrukt:~# dpkg -s busybox | grep ^Version
Version: 1:1.22.0-19+b3
(stretch)root@konstrukt:~# busybox wget https://bugs.debian.org/
wget: not an http or ftp url: https://bugs.debian.org/

(buster)root@konstrukt:~# dpkg -s busybox | grep ^Version
Version: 1:1.27.2-2
(buster)root@konstrukt:~# busybox wget https://bugs.debian.org/
Connecting to bugs.debian.org (209.87.16.39:443)
Connecting to www.debian.org (5.153.231.4:443)
index.html   100% |***| 18089   0:00:00 ETA

So busybox in stretch does not support HTTPS, but it supports HTTPS in
testing/unstable.

I also verified that running wget on a https URL inside the minimal
boot=live initramfs works.

-- 
Benjamin Drung
System Developer
Debian & Ubuntu Developer

ProfitBricks GmbH
Greifswalder Str. 207
D - 10405 Berlin

Email: benjamin.dr...@profitbricks.com
URL: https://www.profitbricks.de

Sitz der Gesellschaft: Berlin
Registergericht: Amtsgericht Charlottenburg, HRB 125506 B
Geschäftsführer: Achim Weiss, Matthias Steinberg

Bug#889990: gnome-boxes: Unable to start VMs because CPU mode 'custom' for x86_64 kvm domain on x86_64 host is not supported

[Julien Viard de Galbert]

Package: gnome-boxes
Version: 3.26.2-3
Followup-For: Bug #889990

Dear Maintainer,

I was having the same issue on a derivative distribution (pureos).
After discussing on their bug system they found that the user should be
in the kvm group.
You can see the discussion there: https://tracker.pureos.net/T320

so you can try:
   sudo adduser  kvm
   newgrp kvm
   gnome-boxes

And see if it works for you !

Hope this helps,

Julien VdG

-- System Information:
Distributor ID: PureOS
Description:PureOS GNU/Linux 8
Release:8
Codename:   green
Architecture: x86_64

Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), 
LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gnome-boxes depends on:
ii  dconf-gsettings-backend [gsettings-backend]  0.26.1-3
ii  libarchive13 3.2.2-3.1
ii  libc62.26-6
ii  libcairo-gobject21.15.10-1
ii  libcairo21.15.10-1
ii  libgdk-pixbuf2.0-0   2.36.11-1
ii  libglib2.0-0 2.54.3-2
ii  libgovirt2   0.3.4-2
ii  libgtk-3-0   3.22.26-2
ii  libgtk-vnc-2.0-0 0.7.1-1
ii  libgudev-1.0-0   232-2
ii  libosinfo-1.0-0  1.1.0-1
ii  libosinfo-bin1.1.0-1
ii  libpango-1.0-0   1.40.14-1
ii  libpangocairo-1.0-0  1.40.14-1
ii  librest-0.7-00.8.0-2
ii  libsecret-1-00.18.5-6
ii  libsoup2.4-1 2.60.3-1
ii  libspice-client-glib-2.0-8   0.34-1.1
ii  libspice-client-gtk-3.0-50.34-1.1
ii  libtracker-sparql-2.0-0  2.0.3-1
ii  libusb-1.0-0 2:1.0.21-2
ii  libvirt-daemon   4.0.0-2
ii  libvirt-glib-1.0-0   1.0.0-1
ii  libxml2  2.9.4+dfsg1-6.1
ii  mtools   4.0.18-2+b1
ii  tracker  2.0.3-1

Versions of packages gnome-boxes recommends:
ii  qemu-system-x86  1:2.11+dfsg-1

gnome-boxes suggests no packages.

-- no debconf information

Bug#891147: [Pkg-d-devel] Bug#891147: dub: HTTP status code 0 when downloading dependencies

[Matthias Klumpp]

2018-02-22 20:11 GMT+01:00 Marcus Stojcevich :
> Package: dub
> Version: 1.7.2-1
> Severity: important
>
> Dear Maintainer,
>
> When trying to build a project with dub, it fails to download dependencies.
> These errors do not occur when using dub from d-apt
> (http://d-apt.sourceforge.net/).
>
> To reproduce: Run "dub build" on a project that you don't have the 
> dependencies
> for.
>
> I attached the error messages and the dub.json for the project that won't
> build.

I have no idea why that happens, any help with investigating this
issue is greatly appreciated.

Cheers,
Matthias

-- 
I welcome VSRE emails. See http://vsre.info/

Bug#891148: sat-xmpp-primitivus : Depends: python-urwid-satext (< 0.7~) but 0.7.0d-1 is to be installed

[Adrian Bunk]

Package: sat-xmpp-primitivus
Version: 0.6.1-2
Severity: serious
Tags: buster sid

The following packages have unmet dependencies:
 sat-xmpp-primitivus : Depends: python-urwid-satext (< 0.7~) but 0.7.0d-1 is to 
be installed

Bug#890668: unattended-upgrades: All Debian packages are updated (not only Debian-Security) including blocked packages

[Goupil]

Dear Bálint,

Sorry, i wasn't informed of thoses changes and i did not know this 
command (apt-mark hold ).
This modification affect the behavior of Synaptic whose 'locking' 
functionality is no longer operational when this package is installed.


I'm going to make a bug report about synaptic.

This issue is solved.

Thank you very much for your time and your answer, and sorry for the 
inconvenience.


Cheers,

Serge Le Tyrant.


Le 21/02/2018 à 18:41, Bálint Réczey a écrit :

Control: tags -1 moreinfo

Dear Serge,

2018-02-17 22:20 GMT+07:00 Serge Le Tyrant :

Package: unattended-upgrades
Version: 0.99
Severity: important
Tags: d-i

With unattended-upgrades 0.99: All Debian packages are updated (not only
Debian-Security) including blocked packages

Yes, this is a result of a recent intentional change to fix #597061 and #787945.


I don't wan't to upgrade Tellico 3.1-0.3, because the last version (3.1.1-0.1)
has an annoying bug (sorry i don't report it). So i have blocked this 3.1-0.3
version on Synaptic.

Unfortunately this 'locking' affect's only Synaptic. To hold a package
for most package management interfaces please use:

  apt-mark hold 


I hadn't this probleme before this 0.99 version (upgraded on the 02.10.2018)

Yes, the change took place in 0.99.


/etc/apt/apt.conf.d/10periodic (i never edited it) :
APT::Periodic::Update-Package-Lists "0";
APT::Periodic::Unattended-Upgrade "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "0";

If i understand Debian Wiki correctly :
APT::Periodic::Download-Upgradeable-Packages "1" mean Do "apt-get upgrade
--download-only" so unattended-upgrades must only download upgradable packages,
and not to update all the system, and let alone update blocked packets.

No, this option is documented in /usr/lib/apt/apt.systemd.daily and
controls only the interval packages are downloaded.


This can cause a severe malfunction of my system if I dont want to update a
kernel or a library whose top version does not work

Please use the apt-mark hold  command to lock packages
and u-u will honor that. You can also choose set
Unattended-Upgrade::Package-Blacklist, but that affects
unattended-upgrades only and not for example apt-get dselect-upgrade.

Cheers,
Balint

Bug#891082: xvkbd: Regression in using some definition for mouse "back" and "forward" buttons

[Paul Gevers]

Control: forwarded 891082 vef00...@nifty.com

Hi Jean-Luc

Thanks for your report. I have forwarded your bug to the upstream
maintainer.

Paul



signature.asc
Description: OpenPGP digital signature

Bug#890517: killer's CRON logs out users once per hour

[Wolfgang Schweer]

On Tue, Feb 20, 2018 at 12:54:26PM +0100, Wolfgang Schweer wrote:
> Seems to be X2Go Bug #1171 Create wtmp entry for x2go sessions
> 
> See: https://bugs.x2go.org/cgi-bin/bugreport.cgi?bug=1171

After testing x2goserver on a Stretch system I noticed that X2Go 
sessions can be detected reliably due to some command using a param 
string containing 'X2GO'.

This change would work around the x2go bug running the killer cron job 
only in case an X2Go session isn't detected:

--- a/cron.hourly   2014-06-11 11:15:55.0 +0200
+++ b/cron.hourly   2018-02-22 19:42:36.419963949 +0100
@@ -1,3 +1,3 @@
 #!/bin/sh
 
-if [ -x /usr/sbin/killer ] ; then /usr/sbin/killer; fi
+if [ -x /usr/sbin/killer ] && [ $(ps ax | grep X2GO | wc -l) -le 1 ] ; then 
/usr/sbin/killer; fi

Mike: could you test and give some feedback?

Wolfgang


signature.asc
Description: PGP signature

Bug#891139: ifupdown: New ifupdown-wait-online.service stops package upgrading

[Guus Sliepen]

On Thu, Feb 22, 2018 at 04:30:17PM +0100, Sven-Haegar Koch wrote:

> With ifupdown 0.8.30 my systems tries to install a new service:
> 
> Setting up ifupdown (0.8.30) ...
> Created symlink 
> /etc/systemd/system/network-online.target.wants/ifupdown-wait-online.service 
> → /lib/systemd/system/ifupdown-wait-online.service.

Actually, it always installed that service, but after upgrading to
debhelper compat level 11, I accidentily made it enable that service by
default. I will undo that.

> And yes, there are currently no interfaces active with ifupdown,
> but eth0 is activated by wicd - but this should not block upgrading
> or booting.

With the ifup method, it checks for interfaces marked auto and hotplug.

> auto lo:2
> iface lo:2 inet static
>   address 127.0.0.2
>   netmask 255.255.255.255

This one matches too. It only excludes lo. Note, it's probably better to
just have two iface lo statements than using the ancient interface
aliases. So:

auto lo
iface lo inet loopback
iface lo inet static
address 127.0.0.2/32

> # kabelnetz
> auto eth0
> mapping eth0
>   script /sbin/ifscheme-mapping

Looks like something ifupdown will manage to me... Also, I'm afraid
reportbug helpfully copied your /etc/network/interfaces file in its
entirety, including wireless passwords.

-- 
Met vriendelijke groet / with kind regards,
  Guus Sliepen 


signature.asc
Description: PGP signature

Bug#891146: pylint: Consider a package that ships the tests

[Joseph Herlant]

Package: pylint
Version: 1.8.1-1
Severity: wishlist

Dear Maintainer,

Some packages like pylint-django rely on the tests functions of pylint to
create their tests.
Especially the test_functional.py file.

In the installation process you explicitly delete the test folder so I'm
unable to run the tests for my package (see
https://github.com/PyCQA/pylint-django/blob/master/test/test_func.py
for how upstream uses it).

Could you consider a pylint-tests package that ships just the test directory
please?

Thanks for your help,
Joseph



-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages pylint depends on:
ii  python2.7.14-4
ii  python-astroid1.6.0-1
ii  python-backports.functools-lru-cache  1.4-2
ii  python-configparser   3.5.0-1
ii  python-isort  4.2.5+ds1-3
ii  python-logilab-common 1.4.1-1
ii  python-mccabe 0.6.1-2
ii  python-setuptools 38.4.0-1
ii  python-singledispatch 3.4.0.3-2
ii  python-six1.11.0-2
ii  python2.7 2.7.14-6

Versions of packages pylint recommends:
ii  python-tk  2.7.14-2

Versions of packages pylint suggests:
pn  pylint-doc  

Bug#890877: gitlab: javascript locales not precompiled

[Pirate Praveen]

On ചൊവ്വ 20 ഫെബ്രുവരി 2018 02:29 വൈകു, Libor Klepáč wrote:
> Package: gitlab
> Version: 9.5.4+dfsg-5
> Severity: normal
> 
> Hello,
> it seems, that javascript locales are not precompiled before running webpack.
> Upstream changed to yarn based build system and fixed it here.
> https://gitlab.com/gitlab-org/gitlab-ce/commit/4c57d5ad188fe59e0c85798ccc4c81405652048c
> 
> You can run
> bundle exec rake gettext:po_to_json 
> 
> before webpack to fix it.
> Problem is, it needs to write to 
> /usr/share/gitlab/app/assets/javascripts/locale/
> So it must be set writeable by user gitlab or run as root.
> 
> Without this step, javascript is broken, it fails to load timeago.js, 
> screenshot in attachement

I have pushed a fix to git, but now it fails to install (possibly
unrelated to this change because I'm trying on a clean system now), so
not uploaded a new version yet.

I, [2018-02-22T18:19:13.958461 #7774]  INFO -- : Writing
/usr/share/gitlab/public/assets/print-87b4ace0db1f79d91e4fe6e74435b66b71d70fee57ffbb72d0fade17374fcc6b.css
I, [2018-02-22T18:19:13.959968 #7774]  INFO -- : Writing
/usr/share/gitlab/public/assets/print-87b4ace0db1f79d91e4fe6e74435b66b71d70fee57ffbb72d0fade17374fcc6b.css.gz
I, [2018-02-22T18:19:14.128913 #7774]  INFO -- : Writing
/usr/share/gitlab/public/assets/notify-abfe30822d82207505a29881cc27c46d0cf2f8bf68481bd421ba1ce23ca7c508.css
I, [2018-02-22T18:19:14.129177 #7774]  INFO -- : Writing
/usr/share/gitlab/public/assets/notify-abfe30822d82207505a29881cc27c46d0cf2f8bf68481bd421ba1ce23ca7c508.css.gz
I, [2018-02-22T18:19:14.850053 #7774]  INFO -- : Writing
/usr/share/gitlab/public/assets/katex-e46cafe9c3fa73920a7c2c063ee8bb0613e0cf85fd96a3aea25f8419c4bfcfba.css
I, [2018-02-22T18:19:14.850316 #7774]  INFO -- : Writing
/usr/share/gitlab/public/assets/katex-e46cafe9c3fa73920a7c2c063ee8bb0613e0cf85fd96a3aea25f8419c4bfcfba.css.gz
rake aborted!

ExecJS::ProgramError: TypeError: UglifyJS.Compressor is not a function
apply.source (eval at  ((execjs):4108:8), :23:35)
eval (eval at  ((execjs):4108:8), :63:2)
(execjs):4108:8
(execjs):4114:14
(execjs):1:102
Object. ((execjs):1:120)
Module._compile (module.js:635:30)
Object.Module._extensions..js (module.js:646:10)
Module.load (module.js:554:32)
tryModuleLoad (module.js:497:12)




signature.asc
Description: OpenPGP digital signature

Bug#538067: Moved packaging of OpenCPN from SVN to Git

[Andreas Tille]

Hi,

since I once touched OpenCPN as my first SoB project[1] I wanted to save
the work done at that time and moved the packaging from SVN to Git[2].  I
do not plan to do any further work on this package - may be somebody else
is motivated to keep on the work.

Kind regards

 Andreas.


[1] https://wiki.debian.org/DebianPureBlends/SoB
[2] https://salsa.debian.org/debian-gis-team/opencpn.git

-- 
http://fam-tille.de

Bug#890243: [Pkg-tcltk-devel] Bug#890243: tcl8.6: Please stop linking with libieee.a, removed in glibc 2.27

[Aurelien Jarno]

On 2018-02-22 20:11, Sergei Golovan wrote:
> Hi Aurelien,
> 
> On Thu, Feb 22, 2018 at 7:40 PM, Aurelien Jarno  wrote:
> >
> > Thanks a lot for that. Do you also plan to upload tk in the next days?
> 
> Yes, I'll upload tk (8.5, 8.6, 8.7) tomorrow.

Thanks! 

-- 
Aurelien Jarno  GPG: 4096R/1DDD8C9B
aurel...@aurel32.net http://www.aurel32.net

Bug#891145: pytest: Add trailing tilde to pypy-hypothesis min version dependency

[Corey Bryant]

Package: pytest
Version: 3.2.5-2
Severity: minor
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu bionic ubuntu-patch

Dear Maintainer,

In Ubuntu, the attached patch was applied to achieve the following:

  * d/control: Add trailing tilde to pypy-hypothesis min version to enable
backport to Ubuntu cloud-archive: pypy-hypothesis (>= 3.44.1-2~).


Thanks for considering the patch.


-- System Information:
Debian Release: buster/sid
  APT prefers bionic
  APT policy: (500, 'bionic'), (500, 'artful-updates')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.13.0-32-generic (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru pytest-3.2.5/debian/control pytest-3.2.5/debian/control
--- pytest-3.2.5/debian/control 2018-02-16 04:47:47.0 -0500
+++ pytest-3.2.5/debian/control 2018-02-22 13:03:52.0 -0500
@@ -8,7 +8,7 @@
  debhelper (>= 11),
  dh-python,
  pypy,
- pypy-hypothesis (>= 3.44.1-2) ,
+ pypy-hypothesis (>= 3.44.1-2~) ,
  pypy-py (>= 1.4.29),
  pypy-setuptools,
  pypy-setuptools-scm,

Bug#190887: the "sizeof" hash is missing

[Declercq Laurent]

This is a far long outstanding issue indeed.

Well, one way could be to build the %sizeof hash through a C program. We 
are doing that for us.


For instance: 
https://github.com/i-MSCP/imscp/tree/hotfixes/engine/PerlLib/h2ph


--

Laurent Declercq
iHMS/i-MSCP CEO & Lead Developer



This message and any attachment are intended solely for the addressees 
and are
confidential. iHMS/i-MSCP, including any part representing these 
entities may
not be held responsible for their contents whose accuracy and 
completeness cannot
be guaranteed over the Internet. Unauthorized use, disclosure, 
distribution, copying,
or any part thereof is strictly prohibited. If you are not the intended 
recipient of

this message, please notify the sender immediately and delete it.


<>

Bug#889990: gnome-boxes: Unable to start VMs because CPU mode 'custom' for x86_64 kvm domain on x86_64 host is not supported

[Guido Günther]

On Thu, Feb 15, 2018 at 09:45:03AM -0800, Josh Triplett wrote:
> Package: gnome-boxes
> Version: 3.26.2-3
> Followup-For: Bug #889990
> 
> I've encountered this issue as well, with the current version in
> unstable.

Likely your user is not in the libvirt group and so the list of CPUs
available for KVM is empty. Could you try 

adduser  kvm

If that helps we should probably give rw permissions to the currently
logged in user via logind (as done with the audio and video devices
already).

Cheers,
 -- Guido

Bug#862024: Status of this bug?

[Sebastian Dröge]

On Sat, 2018-01-20 at 10:19 +0200, Sebastian Dröge wrote:
> On Fri, 2018-01-19 at 13:26 -0800, Josh Triplett wrote:
> > I'd love to see this fixed as well, and a gstreamer1.0-plugins-
> > opencv 
> > or
> > similar introduced.
> > 
> > Would it help to have a patch?
> 
> Yes, please go ahead :) Thanks! I had no time yet to do this
> properly.
> 
> Note that there's also an OpenCV library in GStreamer, so multiple
> binary packages would be needed here.

I've implemented something like this in GIT for gst-plugins-bad. Will
finish and upload it hopefully during this weekend, or early next week
otherwise.

signature.asc
Description: This is a digitally signed message part

Bug#891076: docker.io: docker version (1.13.1) in sid reached EOL

[Tianon Gravi]

On 22 February 2018 at 00:27, Jan Christoph Uhde  wrote:
> we had a look at https://success.docker.com/article/Maintenance_Lifecycle and
> noticed that the docker version in sid reached EOL.

Just to be clear, that table _only_ applies to Docker EE, which is a
commercial offering from Docker Inc.  For the open source edition of
Docker CE, Docker 1.13 was EOL as soon as 17.03.0 was released (Mar 2,
2017).

For the releases with the new date-based version format, I find the
graphic in https://blog.docker.com/2017/03/docker-enterprise-edition/
helpful.  The gist of it is that every release whose month number is
divisible by three is a "stable" release, and the other releases are
monthly "edge" releases.  Stable releases are supported for 4 months,
edge releases are supported for 1 month.

The primary reason that Docker hasn't been updated further is one of
dependency sprawl (same as it ever was); every new release adds new
dependencies, and usually updates quite a few others.  I believe there
are some folks from Collabora who have been working on packaging those
Go dependencies, but this is definitely more than a one-day effort (or
else it might've been already done sooner).

Cheers!

♥,
- Tianon
  4096R / B42F 6819 007F 00F8 8E36  4FD4 036A 9C25 BF35 7DD4

Bug#726589: lintian: version-substvar-for-external-package false positive if the package name contains substvars, too

[Chris Lamb]

tags 726589 + pending
thanks

> It's just overridden ... without overrides I get
[…]

I'm *really* sorry about the confusion here; I should have spotted this
as well as that this was about the "package" part of a binary relation
rather than about the main "Package" field of the binary package paragraph.

Anyway, fixed in Git, pending upload:

  
https://anonscm.debian.org/git/lintian/lintian.git/commit/?id=55437163f287f366cffea440871014974e49ed24


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#889827: linux-image-4.15.0-rc8-amd64: IP offloading does not work

[Ben Hutchings]

Control: tag -1 moreinfo

On Thu, 2018-02-22 at 17:50 +0100, Vincent Danjean wrote:
> Le 07/02/2018 à 15:46, Vincent Danjean a écrit :
> [...]
> >   So, it seems there is an issue with checksum offloading with this driver
> > and hardware.
> >   Note that I got this bug with previous kernels (such as 4.14*) but I did 
> > not
> > note the exact versions and I did not think to disable offloading at this 
> > time.
> 
>   I just found this on the internet. I think it is exactly my problem.
> https://patchwork.kernel.org/patch/10072391/
> 
>   I do not know if a patch has been committed eventually, or if the
> real problem has been fixed.
> 
>   For now, I manually run "sudo ethtool -K en-wired rx off" when the
> problem occurs.

Interesting.  So it sounds like the USB device is working correctly but
the hub (or wiring) is faulty.

There is an upstream commit that looks like it should fix this:
https://git.kernel.org/linus/0b1655143df00ac5349f27b765b2ed13a3ac40ca
This went into 4.15-rc9, so this should now be fixed in unstable with
version 4.15.4-1.

Does the new version work for you?

Ben.

-- 
Ben Hutchings
[W]e found...that it wasn't as easy to get programs right as we had
thought. ... I realized that a large part of my life from then on was
going to be spent in finding mistakes in my own programs. - Maurice
Wilkes, 1949


signature.asc
Description: This is a digitally signed message part

Bug#886179: foo2zjs: Don't recommend tk

[Didier 'OdyX' Raboud]

Control: tags -1 +pending

Le mardi, 2 janvier 2018, 22.21:14 h CET Jeremy Bicha a écrit :
> foo2zjs used to recommend tix and tk until they were dropped to
> suggests after complaints. See https://bugs.debian.org/601591
> 
> It was silently re-promoted to recommends at
> https://anonscm.debian.org/cgit/printing/foo2zjs.git/commit/?id=859e9b
> 
> I don't know much about the foo2zjs package but I thought the
> recommends were only for the /usr/share/applications/hplj1020.desktop
> which is hidden by default.
> 
> 1. At least on Ubuntu, we don't want the tk and tix recommends. I am
> attaching a patch for this in my next email (so that it includes this
> bug number).

I don't have much brain-time to spend on that package unfortunately, so I've 
integrated your patch, which makes total sense.

Feel free to beat me for the upload! :-)

Cheers,
OdyX

signature.asc
Description: This is a digitally signed message part.