Bug#907881: Tag as pending

[Andrius Merkys]

Control: tags -1 + pending

Hello,

I have added missing Breaks+Replaces declaration.

Many thanks,
Andrius

-- 
Andrius Merkys
Vilnius University Institute of Biotechnology, Saulėtekio al. 7, room V325
LT-10257 Vilnius, Lithuania

Bug#907733: RFA: curlpp

[Juhani Numminen]

Hi,

On Fri, 31 Aug 2018 19:19:23 -0700 Ximin Luo  wrote:> I 
no longer have interest in maintaining this package.
> 
> There are 2 RC bugs which are fairly simple to fix but I'd like to focus my 
> attention elsewhere.
> 
> If someone is interested in becoming a Debian contributor, these two RC bugs 
> are pretty easy to fix, and are a good "starter material" to get you on board 
> with Debian packaging.
> 
> X

(I don't intend to become a maintainer for this package.)

One of those RC bugs is #907496 libcurlpp0: Always fails with "No URL set!".
Out of curiosity, I'd like to know what is your simple fix regarding that –
I was looking through RC bugs and tried to confirm that one but curlpp
seems to work just fine on my machine.

If you have some specific suggestions regarding #907496 please post them
there, for the benefit of a future maintainer/bug-squasher :)

Cheers,
J

Bug#907919: coreutils: chroot from 64 bits segfaults on older debootstrapped 64-bit distributions

[John Comeau]

Package: coreutils
Version: 8.28-1
Severity: normal

Dear Maintainer,

   * What led up to the situation?

I debootstrapped 64-bit wheezy and jessie into /opt/wheezy and /opt/jessie,
respectively. I tried chroot into both and segfaulted.

   * What exactly did you do (or not do) that was effective (or
 ineffective)?

Works: `chroot /`, `chroot /opt/wheezy32`, `chroot /opt/jessie32` (which latter
two I debootstrapped with `--arch=i386`.

Segfaults: `chroot /opt/wheezy`, `chroot /opt/jessie`

   * What was the outcome of this action?

Segmentation fault

   * What outcome did you expect instead?

Bash prompt into chrooted directory


-- System Information:
Debian Release: buster/sid
  APT prefers oldoldstable
  APT policy: (500, 'oldoldstable'), (500, 'testing'), (500, 'oldstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.16.12-ideapad320 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages coreutils depends on:
ii  libacl1  2.2.52-3+b1
ii  libattr1 1:2.4.47-2+b2
ii  libc62.27-5
ii  libselinux1  2.8-1+b1

coreutils recommends no packages.

coreutils suggests no packages.

-- no debconf information

Bug#907844:

[Nico Schlömer]

Where can I find this work. (Need Gmsh 4 for another project.)

Cheers,
Nico

Bug#907918: coreutils: chroot from 64 bits segfaults on older debootstrapped 64-bit distributions

[John Comeau]

Package: coreutils
Version: 8.28-1
Severity: normal

Dear Maintainer,

   * What led up to the situation?

I debootstrapped 64-bit wheezy and jessie into /opt/wheezy and /opt/jessie,
respectively. I tried chroot into both and segfaulted.

   * What exactly did you do (or not do) that was effective (or
 ineffective)?

Works: `chroot /`, `chroot /opt/wheezy32`, `chroot /opt/jessie32` (which latter
two I debootstrapped with `--arch=i386`.

Segfaults: `chroot /opt/wheezy`, `chroot /opt/jessie`

   * What was the outcome of this action?

Segmentation fault

   * What outcome did you expect instead?

Bash prompt into chrooted directory


-- System Information:
Debian Release: buster/sid
  APT prefers oldoldstable
  APT policy: (500, 'oldoldstable'), (500, 'testing'), (500, 'oldstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.16.12-ideapad320 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages coreutils depends on:
ii  libacl1  2.2.52-3+b1
ii  libattr1 1:2.4.47-2+b2
ii  libc62.27-5
ii  libselinux1  2.8-1+b1

coreutils recommends no packages.

coreutils suggests no packages.

-- no debconf information

Bug#907917: RM: qmapshack [armel mips mips64el ppc64el s390x] -- ROM; qtwebengine-opensource-src dependency not available

[Bas Couwenberg]

Package: ftp.debian.org
Severity: normal

Please remove qmapshack from the architectures where 
qtwebengine-opensource-src is not available.

Kind Regards,

Bas

Bug#901180: release notes fails to build in a clean checkout

[Miroslav Kure]

On Sat, Sep 01, 2018 at 12:14:22PM +0200, Baptiste Jammet wrote:
> Hello all,

Hi,

> I'm Cc-ing the last translators for ca & cs, if they want to give some
> input. But there were no update in 7 years, so these translations could
> be marked as obsolete ?

I believe cs translation was excluded from builds quite some years ago,
so if it got reactivated again, please disable it / mark as obsolete
as needed. AFAIK there is noone working on the translation and I do
not see this changing in the near future.

-- 
Miroslav Kure

Bug#798935: Starting dnsmasq deadlock with /etc/resolvconf/update-libc.d/squid3

[Amos Jeffries]

On Thu, 01 Dec 2016 20:41:57 -0500 Stefan Monnier wrote:
> > On a system with systemd, dnsmasq and resolvconf installed, the
> > /etc/resolvconf/update-libc.d/squid3 hook prevents dnsmasq from
> > starting. As far as I can see, the problem is caused by a deadlock of
> > "systemctl start dnsmasq.service" in conjunction with "systemctl
> > reload squid3.service". The latter one is finally called by the
> > /etc/resolvconf/update-libc.d/squid3 hook which is invoked by dnsmasq
> > on startup.
> 

With squid now at version 4 the situation leading to this issue has
changed quite significantly.

Can someone encountering this issue please check and confirm if it is
resolved or present with squid 4.2-2 or later. Older versions are
already known broken in ways that may affect the test result.


Cheers
Amos

Bug#907916: apt-secure: apt-secure should ignore local file: based repository not having a Release file

[Ariel]

Package: apt
Version: 1.4.8
Severity: normal
File: apt-secure

I have a file: based repository:
deb file:/ usr/src/deb/

But apt-get update complains:

W: The repository 'file: usr/src/deb/ Release' does not have a Release file.
N: Data from such a repository can't be authenticated and is therefore 
potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration 
details.

This is excessive. A local file based repository is not dangerous to use just 
because it doesn't have a Release file.

Adding a release file will in no way secure it - anyone with access to change 
anything, can also change the Release file.

-Ariel

-- System Information:
Debian Release: 9.5
  APT prefers stable
  APT policy: (990, 'stable')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 4.9.110 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE= 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages apt depends on:
ii  adduser 3.115
ii  debian-archive-keyring  2017.5
ii  gpgv2.1.18-8~deb9u2
ii  init-system-helpers 1.48
ii  libapt-pkg5.0   1.4.8
ii  libc6   2.24-11+deb9u3
ii  libgcc1 1:6.3.0-18+deb9u1
ii  libstdc++6  6.3.0-18+deb9u1

Versions of packages apt recommends:
ii  gnupg   2.1.18-8~deb9u2
ii  gnupg2  2.1.18-8~deb9u2

Versions of packages apt suggests:
pn  apt-doc 
ii  aptitude0.8.7-1
ii  dpkg-dev1.18.25
ii  powermgmt-base  1.31+nmu1
ii  python-apt  1.4.0~beta3
ii  synaptic0.84.2

-- no debconf information

Bug#907902: [Pkg-utopia-maintainers] Bug#907902: network-manager-openvpn won't save changes in username or password

[Jape Person]

On 09/03/2018 11:38 PM, Michael Biebl wrote:


On 9/4/18 05:34, Michael Biebl wrote:

This is what I'm getting on the console:

** Message: 05:28:17.858: Cannot save connection due to error: Invalid
setting VPN: ca: No key set


Nvm, seems to be a genuine upstream issue, see
https://gitlab.gnome.org/GNOME/network-manager-applet/issues/20

Aha! I need to remember to search outside of the Debian bug reports when 
I have an issue like this.


Thank you very much for your help.

And let me thank you for all of the hard work you do, and for the 
excellent information you've provided by writing and speaking.


Best regards,
JP

Bug#907897: gnome-shell-pomodoro: FTBFS

[Joseph Herlant]

Control tag -1 + pending

Hi,

The issue is related to the Vala upgrade to 0.42.0 which was released
on 09/02 in Debian and brings this commit in:
https://github.com/GNOME/vala/commit/0d396f7daaf34596b159380b8ee2a57799ac9336
which forces the absence of "default" to custom get accessors.

Anyway, after creating the issue I ended up pushing a PR upstream
(https://github.com/codito/gnome-pomodoro/pull/370) and creating a
quilt patch for
https://salsa.debian.org/debian/gnome-shell-pomodoro/commit/fa3c929bc201716fb5fa1f4805c5c8da69f8f689
Tested locally it works fine.

This will be included in the coming release.

Thanks
Joseph

Bug#907672: Rebasing cloud-init to the latest one

[Yanhui He]

Hi Martin and Debian team,
 
Thanks for your quick response.
 
The v0.7.9 of cloud-init was released on 2016, after that there’re many fixes 
and functions are added.
 
One of the problems is that on the Debian9.5, the 0.7.9 version of cloud-init 
will go to fail at the local stage during the gos customization process.
It had been tested on the latest version 18.3, the basic functions of gos 
customization can be implemented.
 
There are many fixes during the period from 0.7.9 to 18.3. Not only for gos 
customization, but also for all the other providers. Details pls refer to 
https://bugs.launchpad.net/cloud-init .
Currently Ubuntu 18.04 has already rebased to cloud-init 18.3, Amazon Linux 
rebased to v18.3, Sles 15 rebased to v18.2, and other Linux distros also has 
rebased or plan to the latest cloud-init.
 
If you have any concern for v18.3 stability we could do some regression test 
together if needed.
Wait for your response.



On Sun, 2 Sep 2018 09:56:06 +0200 Martin Zobel-Helas  wrote:
> Hi Yanhui, 
> 
> On Fri Aug 31, 2018 at 07:50:03 +, Yanhui He wrote:
> > 
> > The package of cloud-init v 0.7.9-5 shipped on Debian 9.5 cannot meet
> > the requirement when do some guest OS customization.
> 
> Could you give more technical details here? What exactly fails, what are
> the problems? If we can justify why the package needs to be updated,
> chances are higher the stable release team accepts it into a Debian 9
> Release. E.g. newer versions by product X is not supported any more...
> 
> Also we need to take care of all the other cloud providers that use
> cloud-init. We don't want to make cloud-init better for one of the cloud
> providers but break it for all the others. Means we need to test very
> carfully before we ask for acceptance of a newer version of cloud-init
> into Debian 9.
> 
> > Would you please upgrade cloud-init to the latest v 18.3?
> 
> We had the discussions of updating cloud-init at several meetings
> already. In the end this is the decission of the maintainer of the
> package and the Debian Stable Release team to accept this package into a
> stable release.
> 
> Best regards,
> Martin
> -- 
>  Martin Zobel-Helas Debian System Administrator
>  Debian & GNU/Linux Developer   Debian Listmaster
>  http://about.me/zobel   Debian Webmaster
>  GPG Fingerprint:  6B18 5642 8E41 EC89 3D5D  BDBB 53B1 AC6D B11B 627B 
> 
> 

Thanks!
Yanhui

Bug#907902: [Pkg-utopia-maintainers] Bug#907902: network-manager-openvpn won't save changes in username or password

[Michael Biebl]

On 9/4/18 05:34, Michael Biebl wrote:
> This is what I'm getting on the console:
> 
> ** Message: 05:28:17.858: Cannot save connection due to error: Invalid
> setting VPN: ca: No key set

Nvm, seems to be a genuine upstream issue, see
https://gitlab.gnome.org/GNOME/network-manager-applet/issues/20
-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#907902: [Pkg-utopia-maintainers] Bug#907902: network-manager-openvpn won't save changes in username or password

[Michael Biebl]

On 9/4/18 03:39, Jape Person wrote:
> On 09/03/2018 07:22 PM, Michael Biebl wrote:
>> On 9/4/18 00:25, Jape Person wrote:
>>> The software gives no indication that anything is wrong other than the
>>> fact that the "Editing " dialog that
>>> comes up doesn't activate the "Save" button when I change the contents
>>> of the user name or password fields.
>>
>> Can you share such a .ovpn file?
>>
> 
> Of Course. Attached is an example.
> 
> These are pre-rolled .ovpn files downloaded from Torguard. (I preferred
> using the openvpn packages available from Debian repositories to
> downloading and installing the Linux client that Torguard provides.)

So, I've started nm-connection-editor and created a new connection by
importing the .ovpn file. The Save button is indeed greyed out.

This is what I'm getting on the console:

** Message: 05:28:17.858: Cannot save connection due to error: Invalid
setting VPN: ca: No key set

You probably just need to fix that.


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#807648: (no subject)

[Tiago Bortoletto Vaz]

Hi, sorry for the long delay.

I'm doing a (late) cleanup in my packages and will update Zyne to the 
new upstream version, which now runs with python3 and python-wxgtk4.0. 
I'll have to package a new dependency as well: 
https://github.com/belangeo/pyo-tools. It will take some time, anyway 
just for the record that I didn't give up about this nice synth in Debian.


Bests,

Bug#907891: perl: MIME-Q (RFC2047 eMail header) encoding broken since post-stretch

[Russ Allbery]

Thorsten Glaser  writes:

> This is true, but the encoder API must normally, if it requires the
> name of the header to *not* be part of the to-be-encoded string, have
> a provision for the caller to provide the length of it (PHP’s does,
> you can have the header name inline or separate passing its length).

Ah, yes, good point.

> AIUI, the encode('MIME-Q', …) API doesn’t, so it must cope with
> the leading header field (actually, it must *require* it).

Yeah, I think you've convinced me that the correct fix would be to
document that the encoding interface has to be given the entire RFC 5322
header field (and then fix it to do the right thing in that case), given
the line length limits.

-- 
Russ Allbery (r...@debian.org)   

Bug#907915: developers-reference: language in manual

[Paul Hardy]

Package: developers-reference
Version: 3.4.20
Severity: wishlist

With Debian presenting itself as a distribution suitable for children
in educational environments, please consider removing the "f-bombs" in
this package.  As a fundamental document in Debian, it is something
that should be acceptable for school children to read so adding an
"offensive" tag to the package will not be enough to remedy the
situation.

There are three such occurrences:

* Section 5.13.2.1 Out-of-date: please find another term for
"architectures that don't keep up", and modify the update_out.py
mentioned in that section accordingly.

* 5.13.2.4 Influence of packaging in testing: same comment; please use
another term for such architectures.

* 6.3.4 Common errors in changelog entries: please remove the fsck
joke by finding a different example for "too many acronyms"--or just
make up an example to replace that one.

It would be nice to make these changes before the buster freeze if
possible, so a cleaned-up version gets into stable as soon as
possible.

Thank you,


Paul Hardy

Bug#907897: gnome-shell-pomodoro: FTBFS

[Joseph Herlant]

Control: forwarded -1 https://github.com/codito/gnome-pomodoro/issues/369
Control: owner -1 !

Hi Paul,

Thanks for the report. Perfect timing, I was preparing a release for
another FTBS! :)

Working on a fix right now. It should be available soon.

Thanks
Joseph

Bug#907902: [Pkg-utopia-maintainers] Bug#907902: network-manager-openvpn won't save changes in username or password

[Jape Person]

On 09/03/2018 07:22 PM, Michael Biebl wrote:

On 9/4/18 00:25, Jape Person wrote:

The software gives no indication that anything is wrong other than the
fact that the "Editing " dialog that
comes up doesn't activate the "Save" button when I change the contents
of the user name or password fields.


Can you share such a .ovpn file?



Of Course. Attached is an example.

These are pre-rolled .ovpn files downloaded from Torguard. (I preferred 
using the openvpn packages available from Debian repositories to 
downloading and installing the Linux client that Torguard provides.)



client
dev tun
proto udp
remote sa.west.usa.torguardvpnaccess.com 1912
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
tls-auth ta.key 1
auth SHA256
cipher AES-128-CBC
remote-cert-tls server
auth-user-pass
comp-lzo
verb 1
reneg-sec 0
fast-io
# Uncomment these directives if you have speed issues
;sndbuf 393216
;rcvbuf 393216
;push "sndbuf 393216"
;push "rcvbuf 393216"

Bug#907490: gnome-shell: Unrecoverable failure in required component org.gnome.Shell.desktop

[william l-k]

Could this be what we were looking for: 

Aug 28 09:30:54 user gnome-shell[3348]: JS ERROR: TypeError:
this._currentWindow is
null_setCurrentRect@resourc
e:///org/gnome/shell/ui/keyboard.js:536:13 
   wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:
22_init/<@resource:///org/g
nome/shell/ui/keyboard.js:503:13   
 setQuestion@resource:///org/gnome/shell/gdm/authPrompt.js:357:9   
 wrapper@resource:///org/gnome/
gjs/modules/_legacy.js:82:22   
 _askForUsernameAndBeginVerification@resource:///org/gnome/shell/gdm/lo
ginDialog.js:892:9wrapper@r
esource:///org/gnome/gjs/modules/_legacy.js:82:22  
  _hideUserListAskForUsernameAndBeginVerification@r
esource:///org/gnome/shell/gdm/loginDialog.js:1108:9   
 wrapper@resource:///org/gnome/gjs/modules/_leg
acy.js:82:22Aug 28 09:30:54 user gnome-shell[3348]: JS WARNING:
[resource:///org/gnome/shell/gdm/realmd.js 129]: reference to undefined
property "_loginFormatAug 28 09:30:54 user gnome-shell[3348]: JS
WARNING: [resource:///org/gnome/shell/gdm/realmd.js 141]: reference to
undefined property "_loginFormatAug 28 09:30:54 user gnome-shell[3348]: 
JS ERROR: TypeError: this._currentWindow is
null_setCurrentRect@resourc
e:///org/gnome/shell/ui/keyboard.js:536:13 
   wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:
22_init/<@resource:///org/g
nome/shell/ui/keyboard.js:503:13Aug 28 09:30:54 user gnome-shell[3348]: 
JS ERROR: TypeError: this._currentWindow is
null_setCurrentRect@resourc
e:///org/gnome/shell/ui/keyboard.js:536:13 
   wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:
22_init/<@resource:///org/g
nome/shell/ui/keyboard.js:503:13Aug 28 09:30:56 user gnome-shell[3348]: 
JS ERROR: TypeError: this._currentWindow is
null_setCurrentRect@resourc
e:///org/gnome/shell/ui/keyboard.js:536:13 
   wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:
22_init/<@resource:///org/g
nome/shell/ui/keyboard.js:503:13Aug 28 09:30:56 user gnome-shell[3348]: 
JS ERROR: TypeError: this._currentWindow is
null_setCurrentRect@resourc
e:///org/gnome/shell/ui/keyboard.js:536:13 
   wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:
22_init/<@resource:///org/g
nome/shell/ui/keyboard.js:503:13Aug 28 09:30:57 user gnome-shell[3348]: 
JS ERROR: TypeError: this._currentWindow is
null_setCurrentRect@resourc
e:///org/gnome/shell/ui/keyboard.js:536:13 
   wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:
22_init/<@resource:///org/g
nome/shell/ui/keyboard.js:503:13
On Sun, 2018-09-02 at 15:36 +0100, Simon McVittie wrote:
> Control: tags -1 + moreinfo> 
> 
> On Tue, 28 Aug 2018 at 12:45:05 -0500, william l-k wrote:
> The portion of the log near the times of start attempts had sections
> likethese:
> Aug 28 10:13:07 Username gnome-session-binary[8534]: Unrecoverable
> failure inrequired component
> org.gnome.SettingsDaemon.Power.desktopAug 28 10:13:07 Username dbus-
> daemon[603]: [system] Activating via systemd:service
> name='org.freedesktop.hostname1' unit='dbus-org.freedesktop.hostnaAug 
> 28 10:13:07 Username gnome-session-binary[8534]: Unrecoverable
> failure inrequired component
> org.gnome.SettingsDaemon.XSettings.desktopAug 28 10:13:07 Username
> gnome-session-binary[8534]: WARNING:
> App'org.gnome.SettingsDaemon.Wacom.desktop' exited with code 1Aug 28
> 10:13:07 Username gnome-session-binary[8534]: WARNING:
> App'org.gnome.SettingsDaemon.Clipboard.desktop' exited with code 1Aug
> 28 10:13:07 Username gnome-session[8534]: Unable to init server:
> Could notconnect: Connection refusedAug 28 10:13:07 Username
> unknown[8630]: Cannot open display:Aug 28 10:13:07 Username dbus-
> daemon[8532]: [session uid=1000 pid=8532]Activating via systemd:
> service name='org.gtk.vfs.Daemon' unit='gvfs-daemon.seAug 28 10:13:07
> Username gnome-session[8534]: Unable to init server: Could
> notconnect: Connection refused
> This looks as though these various programs were unable to connect to
> anX or Wayland display: that's a symptom, not a cause. If you go
> furtherback in the log, 

Bug#907914: RFS: elpy/1.24.0-1

[Nicholas D Steeves]

Package: sponsorship-requests
Severity: normal

Hi Chris, and dear mentors,

I am looking for a sponsor for my package "elpy".

Package name: elpy
Version : 1.24.0-1
URL : https://github.com/jorgenschaefer/elpy
License : GPL-3+
Section : devel

To address the last TODO list submitted for this package: I have not
yet pursued changes to lintian about the Informational message on
"wrong section".  I will ask an Emacsen and Policy team member about
where the appropriate place to pursue this issue would be, because I
believe lintian is currently doing the right thing in providing
Informational-level nagging, as if to say "Are you really sure the
declared section is more appropriate?"  Yes, I am certain that section
"devel" is most appropriate for an IDE addon ;-)

It builds this binary package:

  elpa-elpy  - Emacs Python Development Environment

To access further information about this package, please visit the following 
URL:

  https://mentors.debian.net/package/elpy

Alternatively, one can download the package with dget using this command:

  dget -x https://mentors.debian.net/debian/pool/main/e/elpy/elpy_1.24.0-1.dsc

Changes since the last upload:

elpy (1.24.0-1) unstable; urgency=medium

  * New upstream version.
  * Revert "Compress README.rst with gzip before installing" because
README.rst is only 2.8k and dh_compress already does the right thing
automatically; that is to say, README.rst is not "larger than 4k in
size" (dh_compress(1)) and should not be compressed.
  * Exclusively use Python 3 dependencies and configure the use of
/usr/bin/python3 by default. (Closes: #899212)
  * debian/README.Debian:  Document how Python 2 support is not enabled
in this Debian package.
  * debian/debian-autoloads.el:
- Add Debian-specific configuration to default to using Python 3.
- Document this customisation in README.Debian along with instructions
  on how to revert this when moving between Python 2 and Python 3
  virtualenvs.
- Additionally unset Elpy's custom PYTHONPATH, which is not needed in
  packages that use dh-python.  Previously Elpy unnecessarily searched
  site-lisp/elpa/elpy-1.23.0 for its associated Python modules.
  * debian/control:
- Drop python2 dependencies which are no longer needed
  for self-tests to pass.
- Put ELPA build-dep section before Python one (more alphabetical).
- Move python3-sphinx build dependency to the section for documentation.
- Add python3-jupyter-console to Suggests.  The upstream Elpy project
  recommends using Jupyter console for interactive Python.
- Rely on ${elpa:Depends} and drop explicitly declared ones in bin:pkg.
- Rely on ${python3:Depends} to generate dependency on python3-flake8.
- Add build and runtime dependency on flake8, which provides
  /usr/bin/flake8.  This wrapper script is still used in various places,
  and it is part of the flake8 package provided by PyPI/pip.
  * Declare Standards-Version: 4.2.1. (No additional changes required)

 -- Nicholas D Steeves   Mon, 03 Sep 2018 20:08:24 -0400

elpy (1.23.0-1) unstable; urgency=medium


Regards,
Nicholas D Steeves

Bug#907910: debian-installer: Not possible to reset root password

[eamanu15]

>
>
> It's been mentioned in the UI for a very long time. See
>
>
> https://salsa.debian.org/installer-team/user-setup/blob/master/debian/po/templates.pot#L67
>
> for the exact message.
>
Oh! you are right! So I directly ignore the messages!

So, we could close this bug?


What about the possibility to revert the "root disable"?



-- 
Arias Emmanuel
http://eamanu.com
Github/Gitlab; @eamanu
Debian: @eamanu-guest

Bug#907910: debian-installer: Not possible to reset root password

[Steve McIntyre]

On Tue, Sep 04, 2018 at 12:48:48AM +0200, Tuxicoman wrote:
>Package: debian-installer
>Severity: normal
>
>Dear Maintainer,
>
>I tested Debian testing installer the 4 september 2018
>
>At one step, the installer asks for setting the root password.
>I pressed Enter, without entering any password, and the installer went to the
>next step (creating user accounts)
>
>I tried to fix this by restarting at a previous step (network configuration)
>but the root password step doesn't show anymore. It jumps to user account
>creation step directly after network configuration.
>
>Bugs are :
>- maybe empty root password should not be allowed

That's a deliberate choice - see later.

>- the root password setting step should be replayable

But this is clearly a bug, yes. The code in user-setup-ask has a state
machine that doesn't cope with this. :-(

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
You raise the blade, you make the change... You re-arrange me 'til I'm sane...

Bug#905451: texlive-latex-recommended-doc: listings-devel.pdf not built and shipped

[Norbert Preining]

tags 905451 + pending
thanks

Hi Thorsten,

> Funnily, the Makefile with which listings-devel.pdf could be

A new version of listings has been uploaded to CTAN and is already in
the TL svn repository, thus the next upload to Debian will contain the
file.

Thanks for the suggestion

Norbert

--
PREINING Norbert   http://www.preining.info
Accelia Inc. +JAIST +TeX Live +Debian Developer
GPG: 0x860CDC13   fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13

Bug#907910: debian-installer: Not possible to reset root password

[Steve McIntyre]

On Mon, Sep 03, 2018 at 09:03:09PM -0300, eamanu15 wrote:
>
>Hello!
>
>
>If the root password is unset/blank, root is disabled and the first
>user is added to sudoers.  Perhaps this should be made explicit in the
>installer?
>
>I think that it will be a great idea, put a message that say: "if the root
>password is unset, root is ... ". I am using (and installing) Debian from some
>years ago, and this is new for me. =O

It's been mentioned in the UI for a very long time. See

https://salsa.debian.org/installer-team/user-setup/blob/master/debian/po/templates.pot#L67
 

for the exact message.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
Into the distance, a ribbon of black
Stretched to the point of no turning back

Bug#907913: Message: 'geckodriver' executable needs to be in PATH

[Mykola Nikishov]

Package: python-selenium
Version: 3.8.0+dfsg1-3
Severity: grave
Justification: renders package unusable

--8<---cut here---start->8---
Traceback (most recent call last):
  File "", line 70, in 
  File "", line 57, in main
  File 
"/usr/lib/python2.7/dist-packages/selenium/webdriver/firefox/webdriver.py", 
line 148, in __init__
self.service.start()
  File "/usr/lib/python2.7/dist-packages/selenium/webdriver/common/service.py", 
line 81, in start
os.path.basename(self.path), self.start_error_message)
selenium.common.exceptions.WebDriverException: Message: 'geckodriver' 
executable needs to be in PATH. 
--8<---cut here---end--->8---


-- System Information:
Debian Release: buster/sid
  APT prefers stable
  APT policy: (900, 'stable'), (190, 'testing'), (180, 'unstable'), (170, 
'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.17.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages python-selenium depends on:
ii  python  2.7.13-2

Versions of packages python-selenium recommends:
ii  phantomjs  2.1.1+dfsg-2

Versions of packages python-selenium suggests:
ii  firefoxdriver  3.8.0-1

-- no debconf information

Bug#907910: debian-installer: Not possible to reset root password

[eamanu15]

Hello!

If the root password is unset/blank, root is disabled and the first
> user is added to sudoers.  Perhaps this should be made explicit in the
> installer?
>

I think that it will be a great idea, put a message that say: "if the root
password is unset, root is ... ". I am using (and installing) Debian from
some years ago, and this is new for me. =O

That is my opinion.
Regards!
Emmanuel

Bug#895578: kakoune: Please update to official release v2018.04.13

[Timothy Allen]

Kakoune has just had another official release, v2018.09.04.

I'm really looking forward to having those new features without having
to build it myself from source. ;)

Bug#907910: debian-installer: Not possible to reset root password

[Nicholas D Steeves]

On Tue, Sep 04, 2018 at 12:48:48AM +0200, Tuxicoman wrote:
> Package: debian-installer
> Severity: normal
> 
> Dear Maintainer,
> 
> I tested Debian testing installer the 4 september 2018
> 
> At one step, the installer asks for setting the root password.
> I pressed Enter, without entering any password, and the installer went to the
> next step (creating user accounts)
> 
> I tried to fix this by restarting at a previous step (network configuration)
> but the root password step doesn't show anymore. It jumps to user account
> creation step directly after network configuration.
> 
> Bugs are :
> - maybe empty root password should not be allowed
> - the root password setting step should be replayable

If the root password is unset/blank, root is disabled and the first
user is added to sudoers.  Perhaps this should be made explicit in the
installer?

Cheers,
Nicholas


signature.asc
Description: PGP signature

Bug#907838: RFS: 2 pkgs once part of emacs-goodies-el: bm-el/201808-1, mutt-alias-el/1.5-1

[Nicholas D Steeves]

Hi Chris,

Thank you for sponsoring this upload!  Also, thank you for these
comments and critique.  By the way, replies to these RFSs are
automatically CCed to debian-mentors@d.o

  https://lists.debian.org/debian-mentors/2018/09/msg00033.html

If you would still prefer that I not reply post-RFS, please let me
know and I'll stop :-)  All but two points have been addressed in my
local copies.  Response to these follows:

On Mon, Sep 03, 2018 at 09:05:54AM +0100, Chris Lamb wrote:
> Nicholas,
> 
> Please separate upload requests for different packages regardless of
> their origin.
> 

ACK, will do.  I estimate a max of a half dozen emacs-goodies-el
related RFSs in the next week.

> > https://mentors.debian.net/debian/pool/main/b/bm-el/bm-el_201808-1.dsc
> 
> Uploaded. For your next upload please address:
> 
>   * Isn't:
> 
>  Files: bm-sync.el
>  Copyright: 2016 Jo Odland
>  License: GPL-2+
> 
> .. superfluous, given:
> 
>  Files: *
>  Copyright: 2000-2016 Jo Odland
>  License: GPL-2+

Personally, I agree.  The specifics are:

  bm.el: 2000-2015
  bm-sync.el: 2016
  bm-tests.el: no header, could be potentially 2000-2018.
   * git blame shows a 2013-2015 range.

Sean (from the Policy and Emacsen Team) prefers more strict, discrete
Copyright dates rather than globby ranges.  To be maximally strict
requires a Files section for bm.el as well, but other Emacsen Team
members ACKed merging it into "Files: *".

What approach would you prefer for future RFSs?

Cheers,
Nicholas


signature.asc
Description: PGP signature

Bug#906683: piuparts doesn't understand the option --ignore-regexp

[Paul Hardy]

This bug also appeared when checking the newly-uploaded package
utfcheck-1.2-1, which causes the package to look like it fails
piuparts testing:

 https://piuparts.debian.org/sid/fail/utfcheck_1.2-1.log

But piuparts passed on the previous version, utfcheck-1.1-2, without
that error.  That version entered unstable on 2018-08-11.

Thanks,


Paul Hardy

Bug#907902: [Pkg-utopia-maintainers] Bug#907902: network-manager-openvpn won't save changes in username or password

[Michael Biebl]

On 9/4/18 00:25, Jape Person wrote:
> The software gives no indication that anything is wrong other than the
> fact that the "Editing " dialog that
> comes up doesn't activate the "Save" button when I change the contents
> of the user name or password fields.

Can you share such a .ovpn file?

-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#907912: llvm-toolchain-7: Please disable libomp on unsupported architectures

[John Paul Adrian Glaubitz]

Source: llvm-toolchain-7
Version: 1:7~svn331965-1
Severity: normal
User: debian-sp...@lists.debian.org
Usertags: sparc64

Hi!

llvm-toolchain-7 currently fails to build from source on the
following architectures because the embedded libomp doesn't
support them:

 - powerpc
 - powerpcspe
 - riscv64
 - sparc64

And possibly:

 - armel
 - mips
 - mipsel

Although the latter three might be fixable by linking against
libatomic but I haven't looked into the details yet. Either way,
disabling libomp for the former four architectures or, better,
enabling it for supported architectures only, should fix the
FTBFS on multiple architectures.

Adrian

--
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer - glaub...@debian.org
`. `'   Freie Universitaet Berlin - glaub...@physik.fu-berlin.de
  `-GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913

Bug#907911: linux: Resetting chip after gpu hang (crash dump) when zooming on the opencaching.de map

[Thorsten Glaser]

Package: src:linux
Version: 4.17.17-1
Severity: normal

When I zoom on the opencaching.de map in Firefox, the GPU crashes pretty 
reliably.

I’m attaching the crash dump.

-- Package-specific info:
** Version:
Linux version 4.17.0-3-amd64 (debian-ker...@lists.debian.org) (gcc version 
7.3.0 (Debian 7.3.0-28)) #1 SMP Debian 4.17.17-1 (2018-08-18)

** Command line:
BOOT_IMAGE=/vmlinuz-4.17.0-3-amd64 root=/dev/sda4 ro rootdelay=5 syscall.x32=y 
vsyscall=emulate net.ifnames=0 kaslr pcie_aspm=force consoleblank=0

** Not tainted

** Kernel log:
[2.798289] sd 2:0:0:0: [sda] Write cache: enabled, read cache: enabled, 
doesn't support DPO or FUA
[2.800096] ata3.00: Enabling discard_zeroes_data
[2.802147]  sda: sda1 sda2 sda3 sda4
[2.803954] ata3.00: Enabling discard_zeroes_data
[2.805493] sd 2:0:0:0: [sda] Attached SCSI disk
[2.960353] psmouse serio1: trackpoint: IBM TrackPoint firmware: 0x0e, 
buttons: 3/3
[2.979661] input: TPPS/2 IBM TrackPoint as 
/devices/platform/i8042/serio1/input/input5
[7.910449] cryptd: max_cpu_qlen set to 1000
[8.075900] EXT4-fs (sda4): mounted filesystem with ordered data mode. Opts: 
(null)
[8.571302] parport_pc 00:06: reported by Plug and Play ACPI
[8.573106] parport0: PC-style at 0x378, irq 7 [PCSPP,TRISTATE,EPP]
[8.577685] ACPI: AC Adapter [AC] (on-line)
[8.598869] Non-volatile memory driver v1.3
[8.613853] shpchp: Standard Hot Plug PCI Controller Driver version: 0.4
[8.618969] ACPI: Battery Slot [BAT0] (battery present)
[8.636049] thinkpad_acpi: ThinkPad ACPI Extras v0.26
[8.637722] thinkpad_acpi: http://ibm-acpi.sf.net/
[8.639372] thinkpad_acpi: ThinkPad BIOS 7NET30WW (1.11 ), EC 7MHT24WW-1.02
[8.640972] thinkpad_acpi: Lenovo ThinkPad X61, model 7673AG4
[8.650574] iTCO_vendor_support: vendor-support=0
[8.663371] thinkpad_acpi: radio switch found; radios are enabled
[8.664943] thinkpad_acpi: This ThinkPad has standard ACPI backlight 
brightness control, supported by the ACPI video driver
[8.666473] thinkpad_acpi: Disabling thinkpad-acpi brightness events by 
default...
[8.67] yenta_cardbus :05:00.0: CardBus bridge found [17aa:20c6]
[8.679721] iTCO_wdt: Intel TCO WatchDog Timer Driver v1.11
[8.685779] iTCO_wdt: Found a ICH8M-E TCO device (Version=2, TCOBASE=0x1060)
[8.688734] thinkpad_acpi: Standard ACPI backlight interface available, not 
loading native one
[8.690621] sd 2:0:0:0: Attached scsi generic sg0 type 0
[8.692810] iTCO_wdt: initialized. heartbeat=30 sec (nowayout=0)
[8.693410] thinkpad_acpi: battery 1 registered (start 0, stop 0)
[8.694380] battery: new extension: ThinkPad Battery Extension
[8.703188] input: PC Speaker as /devices/platform/pcspkr/input/input8
[8.706785] input: ThinkPad Extra Buttons as 
/devices/platform/thinkpad_acpi/input/input7
[8.722056] snd_hda_intel :00:1b.0: probe_mask set to 0x1 for device 
17aa:20ac
[8.799156] intel_powerclamp: No package C-state available
[8.821071] yenta_cardbus :05:00.0: ISA IRQ mask 0x0c38, PCI irq 16
[8.822680] yenta_cardbus :05:00.0: Socket status: 3006
[8.829765] yenta_cardbus :05:00.0: pcmcia: parent PCI bridge window: 
[io  0x4000-0x7fff]
[8.831544] yenta_cardbus :05:00.0: pcmcia: parent PCI bridge window: 
[mem 0xd400-0xd7ef]
[8.833369] pcmcia_socket pcmcia_socket0: cs: memory probe 
0xd400-0xd7ef:
[8.834920]  excluding 0xd7b1-0xd7ef
[8.836503] yenta_cardbus :05:00.0: pcmcia: parent PCI bridge window: 
[mem 0xd800-0xdbff 64bit pref]
[8.838453] iwl4965: Intel(R) Wireless WiFi 4965 driver for Linux, in-tree:
[8.840202] iwl4965: Copyright(c) 2003-2011 Intel Corporation
[8.841333] pcmcia_socket pcmcia_socket0: cs: memory probe 
0xd800-0xdbff:
[8.843318] iwl4965 :03:00.0: Detected Intel(R) Wireless WiFi Link 
4965AGN, REV=0x4
[8.844841]  excluding 0xd800-0xdbff
[8.886448] iwl4965 :03:00.0: device EEPROM VER=0x36, CALIB=0x5
[8.887405] iwl4965 :03:00.0: Tunable channels: 13 802.11bg, 19 802.11a 
channels
[8.896935] ppdev: user-space parallel port driver
[8.900990] iwl4965 :03:00.0: firmware: direct-loading firmware 
iwlwifi-4965-2.ucode
[8.900996] iwl4965 :03:00.0: loaded firmware version 228.61.2.24
[8.941695] ieee80211 phy0: Selected rate control algorithm 'iwl-4965-rs'
[8.951790] pcmcia_socket pcmcia_socket0: cs: memory probe 0x0c-0x0f:
[8.951798]  excluding 0xc-0xd3fff 0xe-0xf
[8.951826] pcmcia_socket pcmcia_socket0: cs: memory probe 
0xa000-0xa0ff:
[8.951835]  excluding 0xa000-0xa0ff
[8.951855] pcmcia_socket pcmcia_socket0: cs: memory probe 
0x6000-0x60ff:
[8.951864]  excluding 0x6000-0x60ff
[9.124038] snd_hda_codec_analog hdaudioC0D0: autoconfig for AD1984: 
line_outs=1 (0x12/0x0/0x0/0x0/0x0) type:speaker
[9.124042] 

Bug#907910: debian-installer: Not possible to reset root password

[Tuxicoman]

Package: debian-installer
Severity: normal

Dear Maintainer,

I tested Debian testing installer the 4 september 2018

At one step, the installer asks for setting the root password.
I pressed Enter, without entering any password, and the installer went to the
next step (creating user accounts)

I tried to fix this by restarting at a previous step (network configuration)
but the root password step doesn't show anymore. It jumps to user account
creation step directly after network configuration.

Bugs are :
- maybe empty root password should not be allowed
- the root password setting step should be replayable



-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.17.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_BE.utf8, LC_CTYPE=fr_BE.utf8 (charmap=UTF-8), 
LANGUAGE=fr_BE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#907909: lighttpd: Startup warning about adding mod_openssl to the modules list

[Paul LeoNerd Evans]

Package: lighttpd
Version: 1.4.49-1.1
Severity: minor

If 10-ssl.conf is enabled, starting lighttpd creates a warning:

  (configfile.c.60) Warning: please add "mod_openssl" to server.modules
list in lighttpd.conf.  A future release of lighttpd 1.4.x *will not*
automatically load mod_openssl and lighttpd *will not* use SSL/TLS
where your lighttpd.conf contains ssl.* directives

This can be fixed by adding the following line to the 10-ssl.conf:

  server.modules += ( "mod_openssl" )

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.15.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages lighttpd depends on:
ii  libattr11:2.4.47-2+b2
ii  libbz2-1.0  1.0.6-8.1
ii  libc6   2.27-2
ii  libfam0 2.7.0-17.2+b1
ii  libldap-2.4-2   2.4.45+dfsg-1
ii  libmariadbclient18  1:10.1.35-1
ii  libpcre32:8.39-9
ii  libssl1.1   1.1.0g-2
ii  lsb-base9.20170808
ii  mime-support3.60
ii  zlib1g  1:1.2.8.dfsg-5

Versions of packages lighttpd recommends:
ii  spawn-fcgi  1.6.4-2

Versions of packages lighttpd suggests:
ii  apache2-utils  2.4.29-2
pn  lighttpd-doc   
ii  openssl1.1.0g-2
pn  php-cgi
pn  rrdtool

-- Configuration Files:
/etc/lighttpd/conf-available/10-ssl.conf changed:
server.modules += ( "mod_openssl" )
$SERVER["socket"] == "0.0.0.0:443" {
ssl.engine  = "enable"
ssl.pemfile = "/etc/lighttpd/server.pem"
ssl.cipher-list = 
"ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM"
ssl.honor-cipher-order = "enable"
}

/etc/lighttpd/lighttpd.conf changed:
server.modules = (
"mod_access",
"mod_alias",
"mod_compress",
"mod_rewrite", 
"mod_cgi",
"mod_fastcgi",
"mod_proxy"
)
server.document-root= "/var/www"
server.upload-dirs  = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/var/run/lighttpd.pid"
server.username = "www-data"
server.groupname= "www-data"
server.port = 80
index-file.names= ( "index.php", "index.html", 
"index.lighttpd.html" )
url.access-deny = ( "~", ".inc" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
dir-listing.encoding= "utf-8"
server.dir-listing  = "enable"
compress.cache-dir  = "/var/cache/lighttpd/compress/"
compress.filetype   = ( "application/javascript", "text/css", 
"text/html", "text/plain" )
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
include_shell "/etc/lighttpd/include-conf-sites.pl"


-- no debconf information

Bug#882510: freecad: Python module WebGUI missing

[Daniel Morrison]

I found the solution here:

https://techoverflow.net/2018/06/03/how-to-fix-freecad-no-module-named-webgui-on-ubuntu-18-04/

Obviously this person is aware of this bug, but has quite reasonably 
decided that Debian's response is hopeless, and the solution is to 
uninstall the Debian offering and go straight to the source, the FreeCAD 
ppa. Can't say I disagree.


However, it was the first hit using Google. Some users are never going 
to see this bug report, and will just follow the instructions. A.K.A. 
you are losing users due to inferior quality product. Better not to ship 
a FreeCAD package at all than ship a broken one, IMO.


-D.

Bug#907902: [Pkg-utopia-maintainers] Bug#907902: network-manager-openvpn won't save changes in username or password

[Jape Person]

On 09/03/2018 05:42 PM, Michael Biebl wrote:

Control: tags -1 moreinfo unreproducible

On 9/3/18 23:14, Jape Person wrote:

Package: network-manager-openvpn
Version: 1.8.4-1
Severity: important

Dear Maintainer,


To duplicate the issue, use Edit Connections function of network-manager.

Attempt to edit an imported openvpn configuration. Changes can be made to the
user name and password fields, but the Save button on the dialog never becomes
active.


Which program do you use to update the configuration,
nm-connection-editor, something else?
If you run that command from the command line, do you get any output?
Which environment do you run this program, GNOME, KDE etc?

Is the password saved per user (agent-owned) or system wide?


Sorry, I used the little gtk reporter and didn't notice it wasn't 
including info about the DE.


I'm using Xfce, and editing the configuration using the dialog named 
"Network Connections" that's called by right-clicking the NM icon in the 
notification Area on the panel and choosing Edit Connections.


The program is nm-connection-editory. When issued from within 
xfce4-terminal it results in this output:


wiz@wiz-nuc:~$ nm-connection-editor

(nm-connection-editor:7415): dbind-WARNING **: 18:13:19.754: Couldn't 
register with accessibility bus: Did not receive a reply. Possible 
causes include: the remote application did not send a reply, the message 
bus security policy blocked the reply, the reply timeout expired, or the 
network connection was broken.


The software gives no indication that anything is wrong other than the 
fact that the "Editing " dialog that 
comes up doesn't activate the "Save" button when I change the contents 
of the user name or password fields.


That dialog lets you choose between saving the password for the current 
user or for all users. I've been accustomed to using the all users setting.

Bug#907908: healpy: FTBFS randomly (failing tests)

[Santiago Vila]

Package: src:healpy
Version: 1.12.4-2
Severity: important
Tags: ftbfs

Dear maintainer:

I tried to build this package in buster but it failed:


[...]
 debian/rules build-indep
I: Activating LinkTimeOptimisation
dh build-indep --with python2,python3 --buildsystem=pybuild
   dh_update_autotools_config -i -O--buildsystem=pybuild
   dh_autoreconf -i -O--buildsystem=pybuild
   dh_auto_configure -i -O--buildsystem=pybuild
I: pybuild base:217: python2.7 setup.py config 
running config
I: pybuild base:217: python3.6 setup.py config 
running config
   dh_auto_build -i -O--buildsystem=pybuild
I: pybuild base:217: /usr/bin/python setup.py build 
running build
running build_py

[... snipped ...]

healpy/test/test_visufunc.py::TestNoCrash::test_mollview_nocrash PASSED  [ 95%]
healpy/test/test_visufunc.py::TestNoCrash::test_mollzoom_histnocrash PASSED [ 
96%]
healpy/test/test_visufunc.py::TestNoCrash::test_mollzoom_ma_hist_nocrash PASSED 
[ 96%]
healpy/test/test_visufunc.py::TestNoCrash::test_mollzoom_ma_nocrash PASSED [ 
97%]
healpy/test/test_visufunc.py::TestNoCrash::test_mollzoom_nocrash PASSED  [ 98%]
healpy/test/test_visufunc.py::TestNoCrash::test_orthview_ma_nocrash PASSED [ 
99%]
healpy/test/test_visufunc.py::TestNoCrash::test_orthview_nocrash PASSED  [100%]

=== FAILURES ===
__ test_rotate_map_polarization_with_spectrum __

def test_rotate_map_polarization_with_spectrum():
"""Rotation of reference frame should not change the angular power 
spectrum.
In this test we create a map from a spectrum with a pure EE signal and 
check
that the spectrum of this map and the spectrum of the same map rotated
from Galactic to Ecliptic agrees.
This test checks if the QU rotation is correct"""
nside = 32
cl = np.zeros((6, 96), dtype=np.double)
# Set ell=1 for EE to 1
cl[1][2] = 1
gal2ecl = Rotator(coord=["G", "E"])
m_original = hp.synfast(cl, nside=nside, new=True)
cl_from_m_original = hp.anafast(m_original)
m_rotated = gal2ecl.rotate_map(m_original)
cl_from_m_rotated = hp.anafast(m_rotated)

>   assert np.abs(cl_from_m_rotated - cl_from_m_original).sum() < 0.011
E   AssertionError: assert 0.011555226184421424 < 0.011
E+  where 0.011555226184421424 = ()
E+where  = array([[  0.e+00,   0.e+00,   
0.e+00,\n  0.e+00,   0.e+00,   0....
0.e+00,   0.e+00,   0.e+00,\n  0.e+00,  
 0.e+00,   0.e+00]]).sum
E+  where array([[  0.e+00,   0.e+00,   
0.e+00,\n  0.e+00,   0.e+00,   0....
0.e+00,   0.e+00,   0.e+00,\n  0.e+00,  
 0.e+00,   0.e+00]]) = ((array([[  
0.e+00,   0.e+00,   0.e+00,\n  0.e+00,  
 0.e+00,   0....0.e+00,   0.e+00,   
0.e+00,\n  0.e+00,   0.e+00,   
0.e+00]]) - array([[  0.e+00,   0.e+00,   
0.e+00,\n  0.e+00,   0.e+00,   0....
0.e+00,   0.e+00,   0.e+00,\n  0.e+00,  
 0.e+00,   0.e+00]])))
E+where  = np.abs

healpy/test/test_rotator.py:54: AssertionError
- Captured stdout call -
Sigma is 0.00 arcmin (0.00 rad) 
-> fwhm is 0.00 arcmin
 1 failed, 127 passed in 10.47 seconds =
E: pybuild pybuild:338: test: plugin distutils failed with: exit code=1: cd 
/<>/.pybuild/cpython3_3.6_healpy/build; python3.6 -m pytest 
--doctest-modules
dh_auto_test: pybuild --test --test-pytest -i python{version} -p 3.6 returned 
exit code 13
make[1]: *** [debian/rules:38: override_dh_auto_test] Error 25
make[1]: Leaving directory '/<>'
make: *** [debian/rules:27: build-indep] Error 2
dpkg-buildpackage: error: debian/rules build-indep subprocess returned exit 
status 2


This is just how the build ends. I've put full build logs here:

https://people.debian.org/~sanvila/build-logs/healpy/

I've just reported a bug like this in garli. Apparently, the tests
perform some kind of simulation based on random numbers.

Please make this reproducible by using a fixed seed, so that the
random numbers are always the same. Otherwise the package will always
fail with a probability > 0.

To reproduce, just build the package a few times with sbuild on a
single-CPU machine as I did. If you need a test machine where this
happens please say so.

If this is really a bug in one 

Bug#907907: golang-google-cloud: FTBFS randomly (failing tests)

[Santiago Vila]

Package: src:golang-google-cloud
Version: 0.9.0-5
Severity: important
Tags: ftbfs

Hello Tincho et al.

I tried to build this package in buster but it failed:


[...]
 debian/rules build-indep
dh build-indep --buildsystem=golang --with=golang 
--builddir=/<>/build
   dh_update_autotools_config -i -O--buildsystem=golang 
-O--builddir=/<>/build
   dh_autoreconf -i -O--buildsystem=golang -O--builddir=/<>/build
   debian/rules override_dh_auto_configure
make[1]: Entering directory '/<>'
# Prevent dh-golang from creating a symlink here.
mkdir -p `dirname /<>/build/src/google.golang.org/cloud`
dh_auto_configure
dh_auto_configure: "cloud.google.com/go" is already installed. Please check for 
circular dependencies.

# Remove examples.
rm -vrf /<>/build/src/cloud.google.com/go/examples
# Duplicate source tree into new namespace, for compatibility during

[... snipped ...]

--- PASS: TestTraceServicePatchTracesError (0.00s)
=== RUN   TestTraceServiceGetTrace
--- PASS: TestTraceServiceGetTrace (0.00s)
=== RUN   TestTraceServiceGetTraceError
--- PASS: TestTraceServiceGetTraceError (0.00s)
=== RUN   TestTraceServiceListTraces
--- PASS: TestTraceServiceListTraces (0.00s)
=== RUN   TestTraceServiceListTracesError
--- PASS: TestTraceServiceListTracesError (0.00s)
PASS
ok  cloud.google.com/go/trace/apiv1 0.006s
=== RUN   TestTranslateURL
--- PASS: TestTranslateURL (0.00s)
=== RUN   TestTranslateOneInput
--- SKIP: TestTranslateOneInput (0.00s)
translate_test.go:43: integration tests skipped in short mode
=== RUN   TestTranslateModel
--- SKIP: TestTranslateModel (0.00s)
translate_test.go:43: integration tests skipped in short mode
=== RUN   TestTranslateMultipleInputs
--- SKIP: TestTranslateMultipleInputs (0.00s)
translate_test.go:43: integration tests skipped in short mode
=== RUN   TestTranslateErrors
--- SKIP: TestTranslateErrors (0.00s)
translate_test.go:43: integration tests skipped in short mode
=== RUN   TestDetectLanguage
--- SKIP: TestDetectLanguage (0.00s)
translate_test.go:43: integration tests skipped in short mode
=== RUN   TestSupportedLanguages
--- SKIP: TestSupportedLanguages (0.00s)
translate_test.go:43: integration tests skipped in short mode
PASS
ok  cloud.google.com/go/translate   0.005s
?   cloud.google.com/go/translate/internal/translate/v2 [no test files]
=== RUN   TestVideoIntelligenceServiceAnnotateVideo
--- PASS: TestVideoIntelligenceServiceAnnotateVideo (0.00s)
=== RUN   TestVideoIntelligenceServiceAnnotateVideoError
--- PASS: TestVideoIntelligenceServiceAnnotateVideoError (0.00s)
PASS
ok  cloud.google.com/go/videointelligence/apiv1beta10.006s
dh_auto_test: cd build && go test -vet=off -v -p 1 -short cloud.google.com/go 
cloud.google.com/go/bigquery cloud.google.com/go/bigtable 
cloud.google.com/go/bigtable/bttest cloud.google.com/go/bigtable/cmd/cbt 
cloud.google.com/go/bigtable/cmd/emulator 
cloud.google.com/go/bigtable/cmd/loadtest 
cloud.google.com/go/bigtable/cmd/scantest 
cloud.google.com/go/bigtable/internal/cbtconfig 
cloud.google.com/go/bigtable/internal/gax 
cloud.google.com/go/bigtable/internal/option 
cloud.google.com/go/bigtable/internal/stat cloud.google.com/go/civil 
cloud.google.com/go/compute/metadata cloud.google.com/go/container 
cloud.google.com/go/datastore cloud.google.com/go/debugger/apiv2 
cloud.google.com/go/errorreporting/apiv1beta1 cloud.google.com/go/errors 
cloud.google.com/go/iam cloud.google.com/go/iam/admin/apiv1 
cloud.google.com/go/internal cloud.google.com/go/internal/atomiccache 
cloud.google.com/go/internal/fields cloud.google.com/go/internal/optional 
cloud.google.com/go/internal/pretty cloud.google.c
 om/go/internal/readme cloud.google.com/go/internal/rpcreplay 
cloud.google.com/go/internal/rpcreplay/proto/intstore 
cloud.google.com/go/internal/rpcreplay/proto/rpcreplay 
cloud.google.com/go/internal/testutil cloud.google.com/go/internal/tracecontext 
cloud.google.com/go/internal/version cloud.google.com/go/language/apiv1 
cloud.google.com/go/language/apiv1beta2 cloud.google.com/go/logging 
cloud.google.com/go/logging/apiv2 cloud.google.com/go/logging/internal 
cloud.google.com/go/logging/internal/testing 
cloud.google.com/go/logging/logadmin cloud.google.com/go/longrunning 
cloud.google.com/go/longrunning/autogen cloud.google.com/go/monitoring/apiv3 
cloud.google.com/go/profiler cloud.google.com/go/profiler/mocks 
cloud.google.com/go/pubsub cloud.google.com/go/pubsub/apiv1 
cloud.google.com/go/pubsub/loadtest cloud.google.com/go/pubsub/loadtest/cmd 
cloud.google.com/go/pubsub/loadtest/pb cloud.google.com/go/spanner 
cloud.google.com/go/spanner/admin/database/apiv1 cloud.google.com/go/spanner/a
 dmin/instance/apiv1 cloud.google.com/go/spanner/internal/testutil 
cloud.google.com/go/speech/apiv1 cloud.google.com/go/speech/apiv1beta1 
cloud.google.com/go/storage cloud.google.com/go/trace 

Bug#907906: stretch-pu: package openssl/1.1.0f-3+deb9u2

[Sebastian Andrzej Siewior]

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: pu
Tags: stretch
Severity: normal

I prepared an update for OpenSSL to synchronize it with upstream's
latest stable release (i).  The i release is an OpenSSL stable release
within the 1.1.0 series with no additional features. It contains only
fixes which don't fix anything security related but still qualify as
something that should be fixed with a stable release.
The BTS bugs #903566 and #907457 are two examples which were raised
within Debian.

As part of my QA I rebuilt all openssl's and libssl1.1 reverse
dependencies [0]. Some packages (like nova) failed to build against this
and current (currently Stretch) openssl due its testsuite and it might
have something todo with by sbuild setup since it succeeded in the
"reproducible builds" build. However, openbsc also FTBFS in
"reproducible builds". Everything that FTBFS against that i also FTBFS
against the current openssl in my setup except for one package.

The package python-cryptography fails to build due to an API change of
BIO_callback_ctrl() in OpenSSL. While is a no-no in a stable release, it
has been explained [1] that the function / callback was always used with
a different prototype. I fixed this by removing the function / prototype
from the python wrapper while upstream removed the almost all BIO
related wrappers [2].
I would submit a pu bugs for python-cryptography if there is nothing
wrong with this one.

I am attaching a diff of the debian/ folder of the update (the openssl
part is replaced with the new version). The whole diff is 24MiB in size
and can be fetched from [4] compressed.

If the release team would like some additional tests, please let me
know.

[0] https://breakpoint.cc/openssl-rebuild/2018-09-02-rebuild-stretch-1.1.0i/
[1] https://github.com/openssl/openssl/pull/4493#discussion_r143505277
[2] https://github.com/pyca/cryptography/pull/4220
[3] 
https://breakpoint.cc/openssl-rebuild/2018-09-02-rebuild-stretch-python-cryptography/
[4] 
https://breakpoint.cc/openssl-rebuild/2018-09-02-rebuild-stretch-1.1.0i/ossl_1.1.0f-3deb9u2_to_1.1.0i.patch.xz

Sebastian
diff --git a/debian/changelog b/debian/changelog
index 3c231b9b2cf9a..886d06e39674d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,13 @@
+openssl (1.1.0i-1~deb9u1) stretch; urgency=medium
+
+  * Import 1.1.0i
+- Fix segfault ERR_clear_error (Closes: #903566)
+- Fix commandline option for CAengine (Closes: #907457)
+  * Abort the build if symbols are discovered which are not part of the
+symbols file.
+
+ -- Sebastian Andrzej Siewior   Mon, 03 Sep 2018 23:59:02 +0200
+
 openssl (1.1.0f-3+deb9u2) stretch-security; urgency=high
 
   * CVE-2017-3738 (rsaz_1024_mul_avx2 overflow bug on x86_64)
diff --git a/debian/libssl1.1.symbols b/debian/libssl1.1.symbols
index 9d70f3748ca03..84875cff36446 100644
--- a/debian/libssl1.1.symbols
+++ b/debian/libssl1.1.symbols
@@ -4,6 +4,9 @@ libcrypto.so.1.1 libssl1.1 #MINVER#
  *@OPENSSL_1_1_0c 1.1.0c
  *@OPENSSL_1_1_0d 1.1.0d
  *@OPENSSL_1_1_0f 1.1.0f
+ *@OPENSSL_1_1_0g 1.1.0g
+ *@OPENSSL_1_1_0h 1.1.0h
+ *@OPENSSL_1_1_0i 1.1.0i
 libssl.so.1.1 libssl1.1 #MINVER#
  *@OPENSSL_1_1_0 1.1.0
  *@OPENSSL_1_1_0d 1.1.0d
diff --git a/debian/patches/0001-Only-release-thread-local-key-if-we-created-it.patch b/debian/patches/0001-Only-release-thread-local-key-if-we-created-it.patch
deleted file mode 100644
index 835b95d00696e..0
diff --git a/debian/patches/CVE-2017-3735.patch b/debian/patches/CVE-2017-3735.patch
deleted file mode 100644
index d152ddd387949..0
diff --git a/debian/patches/CVE-2017-3736.patch b/debian/patches/CVE-2017-3736.patch
deleted file mode 100644
index e60063fb65544..0
diff --git a/debian/patches/Fix-a-Proxy-race-condition.patch b/debian/patches/Fix-a-Proxy-race-condition.patch
deleted file mode 100644
index a2b72b8b79f66..0
diff --git a/debian/patches/Fix-race-condition-in-TLSProxy.patch b/debian/patches/Fix-race-condition-in-TLSProxy.patch
deleted file mode 100644
index 24b05c7e14139..0
diff --git a/debian/patches/Limit-ASN.1-constructed-types-recursive-definition-d.patch b/debian/patches/Limit-ASN.1-constructed-types-recursive-definition-d.patch
deleted file mode 100644
index 45e0feb25dc07..0
diff --git a/debian/patches/bn-asm-rsaz-avx2.pl-fix-digit-correction-bug-in-rsaz.patch b/debian/patches/bn-asm-rsaz-avx2.pl-fix-digit-correction-bug-in-rsaz.patch
deleted file mode 100644
index dbd3573187081..0
diff --git a/debian/patches/c_rehash-compat.patch b/debian/patches/c_rehash-compat.patch
index de24948e8dfac..199480af27e4d 100644
--- a/debian/patches/c_rehash-compat.patch
+++ b/debian/patches/c_rehash-compat.patch
@@ -1,15 +1,16 @@
-From 83f318d68bbdab1ca898c94576a838cc97df4700 Mon Sep 17 00:00:00 2001
 From: Ludwig Nussel 
 Date: Wed, 21 Apr 2010 15:52:10 +0200
 Subject: [PATCH] also create old hash for compatibility
 
 ---
- tools/c_rehash.in |   

Bug#907905: garli: FTBFS randomly (failing tests)

[Santiago Vila]

Package: src:garli
Version: 2.1-2
Tags: ftbfs

Hello Andreas et al.

I tried to build this package in buster but it failed:


[...]
 debian/rules build-indep
dh build-indep
   dh_update_autotools_config -i
   dh_autoreconf -i
aclocal: warning: couldn't open directory 'config/m4': No such file or directory
configure.ac:355: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in 
body
../../lib/autoconf/lang.m4:193: AC_LANG_CONFTEST is expanded from...
../../lib/autoconf/general.m4:2601: _AC_COMPILE_IFELSE is expanded from...
../../lib/autoconf/general.m4:2617: AC_COMPILE_IFELSE is expanded from...
configure.ac:355: the top level
configure.ac:355: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in 
body
../../lib/autoconf/lang.m4:193: AC_LANG_CONFTEST is expanded from...
../../lib/autoconf/general.m4:2601: _AC_COMPILE_IFELSE is expanded from...
../../lib/autoconf/general.m4:2617: AC_COMPILE_IFELSE is expanded from...

[... snipped ...]

pass 14: -480.5087   (branch= 0.  subset rates= 0.)
Looking for minimum length branches...
Final score = -480.5086
Time used = 0 hours, 0 minutes and 0 seconds
Writing site likelihoods for tree 1 ...

###

Completed 1 replicate search(es) (of 1).
Results:
Replicate 1 : -480.5086   

Parameter estimates:

Partition model subset 1:
 Model contains no estimated parameters

Partition model subset 2:
 Model contains no estimated parameters

Partition model subset 3:
 Model contains no estimated parameters

Treelengths and subset rate multipliers:
  TL   R(1)  R(2)  R(3)
rep 1:  16.376 0.637 1.899 2.724

NOTE: collapsebranches setting ignored when writing and comparing optimized 
trees...

Writing optimized trees and models to scr.p.mkO.ssr.best.all.tre
***TEST**
***Score is 480.50865
***Expected is 477.6848
***SCORE DIFFERENCE IS 2.82385
***ALLOWED ERROR IS 0.05
***Scoring test failed for ./scoring/p.mkO.ssr.conf ***
make[3]: *** [Makefile:425: check-local] Error 1
make[3]: Leaving directory '/<>/tests'
make[2]: *** [Makefile:308: check-am] Error 2
make[2]: Leaving directory '/<>/tests'
make[1]: *** [Makefile:394: check-recursive] Error 1
make[1]: Leaving directory '/<>'
dh_auto_test: make -j1 check VERBOSE=1 returned exit code 2
make: *** [debian/rules:6: build-indep] Error 2
dpkg-buildpackage: error: debian/rules build-indep subprocess returned exit 
status 2


That's how the build ends and not necessarily the relevant part, but
I've put several build logs here:

https://people.debian.org/~sanvila/build-logs/garli/

I estimate that the failure rate might be around 10% so I leave the severity to 
you.

Please note, however, that there has been a failure on mips for this
version:

https://buildd.debian.org/status/fetch.php?pkg=garli=mips=2.1-2%2Bb1=1534400116=0

(but I've not checked if it's the same type of failure).

The tests seem to perform simulations based on random numbers, this is
the perfect recipe to make the failure rate to be a number strictly
greater than zero, which is a pity.

A simple fix would be to use a fixed random seed for those random numbers,
that way at least the random numbers would always be the same.

Thanks.

Bug#907891: perl: MIME-Q (RFC2047 eMail header) encoding broken since post-stretch

[Thorsten Glaser]

Russ Allbery dixit:

>Thorsten Glaser  writes:
>
>> (sid)$ printf '%s' 'Subject: UNNAMED PROJECT branch bnewplus updated. 
>> f9dfb215c29bc17b5ca12c0e8bb509aa4949787e' | perl -C7 -0777 -Mutf8 -MEncode 
>> -e "print encode('MIME-Q', <>);"; echo
>> =?UTF-8?Q?Subject=3A_UNNAMED_PROJECT_branch_bnewplus_updated=2E_f9dfb215c?=
>>  =?UTF-8?Q?29bc17b5ca12c0e8bb509aa4949787e?=
>
>This doesn't directly address the rest of your bug report, but I'm fairly
>sure that including the email header in the text you're encoding is a bug
>in your code.  RFC 2047 encoding is defined on a string, and the encoder
>has no way of knowing that the initial "Subject: " is magical and should
>be treated not as part of the string.  It could well be part of the
>content of the header field.

This is true, but the encoder API must normally, if it requires the
name of the header to *not* be part of the to-be-encoded string, have
a provision for the caller to provide the length of it (PHP’s does,
you can have the header name inline or separate passing its length).

This is because the encoding scheme is like:

Subject: =?UTF-8?B?xxx?=
 =?UTF-8?B?xxx?=
 =?UTF-8?B?xxx?=
 =?UTF-8?B?xxx?=
 =?UTF-8?B?xxx?=

That is, the first line MUST be shorter, for the 76 octet limit.

AIUI, the encode('MIME-Q', …) API doesn’t, so it must cope with
the leading header field (actually, it must *require* it).

bye,
//mirabilos
-- 
tarent solutions GmbH
Rochusstraße 2-4, D-53123 Bonn • http://www.tarent.de/
Tel: +49 228 54881-393 • Fax: +49 228 54881-235
HRB 5168 (AG Bonn) • USt-ID (VAT): DE122264941
Geschäftsführer: Dr. Stefan Barth, Kai Ebenrett, Boris Esser, Alexander Steeg

Bug#907902: [Pkg-utopia-maintainers] Bug#907902: network-manager-openvpn won't save changes in username or password

[Michael Biebl]

Control: tags -1 moreinfo unreproducible

On 9/3/18 23:14, Jape Person wrote:
> Package: network-manager-openvpn
> Version: 1.8.4-1
> Severity: important
> 
> Dear Maintainer,
> 
> 
> To duplicate the issue, use Edit Connections function of network-manager.
> 
> Attempt to edit an imported openvpn configuration. Changes can be made to the
> user name and password fields, but the Save button on the dialog never becomes
> active.

Which program do you use to update the configuration,
nm-connection-editor, something else?
If you run that command from the command line, do you get any output?
Which environment do you run this program, GNOME, KDE etc?

Is the password saved per user (agent-owned) or system wide?


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#907903: powerline: [INTL:pt] Portuguese translation for debconf messages

[Traduz PT]

Package: powerline
Version: 2.6-2
Tags: l10n, patch
Severity: wishlist

Portuguese translation for powerline's debconf messages.
Feel free to use it.

For translation updates please contact 'Last Translator' or the
Portuguese Translation Team .
-- 
Best regards,

"Traduz" - Portuguese Translation Team
http://www.DebianPT.org
# Portuguese translation of powerline debconf template
# Copyright (C) 2018 THE PACKAGE'S COPYRIGHT HOLDER
# This file is distributed under the same license as the powerline package.
#
# Rui Branco - DebianPT , 2018.
msgid ""
msgstr ""
"Project-Id-Version: powerline 2.6-2\n"
"Report-Msgid-Bugs-To: powerl...@packages.debian.org\n"
"POT-Creation-Date: 2018-05-21 06:54+0200\n"
"PO-Revision-Date: 2018-09-03 21:34+\n"
"Last-Translator: Rui Branco - DebianPT \n"
"Language-Team: Portuguese \n"
"Language: pt\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"

#. Type: title
#. Description
#: ../powerline.templates:1001
msgid "powerline: Setup"
msgstr "powerline: Configuração"

#. Type: boolean
#. Description
#: ../powerline.templates:2001
msgid "Enable powerline globally?"
msgstr "Activar o powerline globalmente?"

#. Type: boolean
#. Description
#: ../powerline.templates:2001
msgid "powerline can be enabled globally for all Bash users of this system."
msgstr ""
"O powerline pode ser activado globalmente para todos os utilizadores "
"de Bash deste sistema."

Bug#907904: glewlwyd: [INTL:pt] Portuguese translation for debconf messages

[Traduz PT]

Package: glewlwyd
Version: 1.4.6-1
Tags: l10n, patch
Severity: wishlist

Portuguese translation for glewlwyd's debconf messages.
Feel free to use it.

For translation updates please contact 'Last Translator' or the
Portuguese Translation Team .
-- 
Best regards,

"Traduz" - Portuguese Translation Team
http://www.DebianPT.org
# Portuguese translation of glewlwyd debconf template
# Copyright (C) 2018 THE PACKAGE'S COPYRIGHT HOLDER
# This file is distributed under the same license as the glewlwyd package.
#
# Rui Branco - DebianPT , 2018.
msgid ""
msgstr ""
"Project-Id-Version: glewlwyd 1.4.6-1\n"
"Report-Msgid-Bugs-To: glewl...@packages.debian.org\n"
"POT-Creation-Date: 2018-05-23 13:35-0400\n"
"PO-Revision-Date: 2018-09-03 22:04+\n"
"Last-Translator: Rui Branco - DebianPT \n"
"Language-Team: Portuguese \n"
"Language: pt\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"

#. Type: select
#. Choices
#. Type: select
#. Default
#: ../templates:1001 ../templates:1002
msgid "Personalized"
msgstr "Personalizado"

#. Type: select
#. Choices
#: ../templates:1001
msgid "No configuration"
msgstr "Sem configuração"

#. Type: select
#. Description
#: ../templates:1003
msgid "Glewlwyd setup"
msgstr "Configuração do Glewlwyd"

#. Type: select
#. Description
#: ../templates:1003
msgid "You can configure it later if needed"
msgstr "Se necessário pode configurar mais tarde"

#. Type: string
#. Description
#: ../templates:2001
msgid "External address to access Glewlwyd:"
msgstr "Endereço externo para aceder ao Glewlwyd:"

#. Type: boolean
#. Description
#: ../templates:3001
msgid "Enable password reset for users?"
msgstr ""
"Habilitar o restabelecimento de palavras-chave para "
"utilizadores?"

#. Type: string
#. Description
#: ../templates:4001
msgid "Enter SMTP Host:"
msgstr "Introduza o Host SMTP:"

#. Type: string
#. Description
#: ../templates:5001
msgid "Enter sender e-mail address:"
msgstr "Introduza o endereço e-mail do remetente:"

#. Type: string
#. Description
#: ../templates:6001
msgid "Enter reset password e-mail subject:"
msgstr ""
"Introduza o assunto do e-mail de redefinição da "
"palavra-chave:"

#. Type: select
#. Description
#: ../templates:7001
msgid "Algorithm used to sign/verify JWT"
msgstr "Algoritmo utilizado para assinar/verificar JWT"

#. Type: select
#. Description
#: ../templates:7001
msgid ""
"JWT: Json Web Token Algorithms available: - RSA algorithm (asymetric) - "
"ECDSA algorithm (asymetric) - SHA algorithm (symetric)"
msgstr ""
"JWT: Algoritmos disponíveis Json Web Token: - Algoritmo RSA (assimétrico) - "
"Algoritmo ECDSA (assimétrico) - Algoritmo SHA (simétrico)"

#. Type: string
#. Description
#: ../templates:8001
msgid "Enter JWT key size:"
msgstr "Introduza a dimensão da chave JWT:"

#. Type: string
#. Description
#: ../templates:8001
msgid "Values available are 256, 384 or 512"
msgstr "Os valores disponíveis são 256, 384 ou 512"

#. Type: boolean
#. Description
#: ../templates:9001
msgid "Generate a pair key/certificate?"
msgstr "Gerar um par chave/certificado?"

#. Type: string
#. Description
#: ../templates:10001
msgid "Enter SHA secret:"
msgstr "Introduza o segredo SHA:"

#. Type: string
#. Description
#: ../templates:10001
msgid "SHA secret is a string that will be used to sign and verify JWTs"
msgstr ""
"O segredo SHA é uma sequência de caracteres utilizada para "
"assinar e verificar JWTs"

Bug#907049: OpenVPN: OpenSSL: error:1425F18C:SSL routines:ssl_choose_client_version:version too low

[Thorsten Glaser]

Hi *,

I was also bit by this error after “apt-get --purge dist-upgrade”
in sid, and I was able to fix this by adding…

tls-version-min 1.0
tls-version-max 1.0

… to the OpenVPN client configuration.

bye,
//mirabilos
-- 
tarent solutions GmbH
Rochusstraße 2-4, D-53123 Bonn • http://www.tarent.de/
Tel: +49 228 54881-393 • Fax: +49 228 54881-235
HRB 5168 (AG Bonn) • USt-ID (VAT): DE122264941
Geschäftsführer: Dr. Stefan Barth, Kai Ebenrett, Boris Esser, Alexander Steeg

Bug#907805: syslinux.efi uses the TFTP server IP for the HTTP domain

[Lukas Schwaighofer]

Hi Marco,

On Sun, 2 Sep 2018 14:08:09 +0200
Marco d'Itri  wrote:

> When providing to syslinux.efi an http URL in option 67:
> 
> dhcp-option=option:bootfile-name,http://pxe.example.net/EFI/SYSLINUX/syslinux.efi
> 
> then it will try to download the modules like ldlinux.e64, the 
> configuration file and the payload by sending an HTTP request to the 
> TFTP server address (with pxe.example.net as virtual host) instead of 
> resolving pxe.example.net and using that IP as expected.

I checked the source code and found that efi network support was added
here:
http://repo.or.cz/syslinux.git/commit/fe283b78c973268f2d1f0309826ceeb5c9e8978d
The commit mentions in the TODO part that DNS resolve code is still
missing.

This still seems to be the case, since the pxe_dns function in efi/pxe.c
in the current HEAD
(http://repo.or.cz/syslinux.git/blob/HEAD:/efi/pxe.c, lines 38-49) will
`return 0` in all cases.

The connection to your TFTP server address is the fallback behavior
that's implemented for DNS resolve failures in core/fs/pxe/pxe.c
(http://repo.or.cz/syslinux.git/blob/HEAD:/core/fs/pxe/pxe.c, lines
251-256).

I will do a bit of testing and then forward your report to upstream.

Regards
Lukas

Bug#907902: network-manager-openvpn won't save changes in username or password

[Jape Person]

Package: network-manager-openvpn
Version: 1.8.4-1
Severity: important

Dear Maintainer,


To duplicate the issue, use Edit Connections function of network-manager.

Attempt to edit an imported openvpn configuration. Changes can be made to the
user name and password fields, but the Save button on the dialog never becomes
active.

Functions of openvpn appear normal otherwise.

This behavior is weird enough that I'm tempted to suspect apparmor.

Apparmor, network-manager, openvpn, etc. have all been updated several times
recently. No idea when the problem appeared exactly, but has to have been
since end of July. I changed user names and passwords on all openvpn configur-
ations at that time with no difficulty.



-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.17.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), 
LANGUAGE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages network-manager-openvpn depends on:
ii  adduser  3.117
ii  libc62.27-5
ii  libglib2.0-0 2.56.1-2
ii  libnm0   1.12.2-2
ii  network-manager  1.12.2-2
ii  openvpn  2.4.6-1

network-manager-openvpn recommends no packages.

network-manager-openvpn suggests no packages.

-- no debconf information

Bug#866513: haveged fails to start on some amd64 nodes

[Mattia Rizzolo]

Control: fixed -1 1.9.1-5+deb9u1

On Mon, Sep 03, 2018 at 09:33:58PM +0200, Nicolas Braud-Santoni wrote:
> This was very likely fixed by Lunar and Jan Echternach in haveged/1.9.1-6
> (uploaded in July last year).
> 
> As such, I am closing the bug, but feel free to reopen it if that's wrong.

What can I say..
At the very least we are not seeing any other problems with haveged
after 1.9.1-5+deb9u1, so I'll also add a fixed for that version as well.

Maybe all the problems we were facing here were just the tmpfile thing.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#907895: contributors.debian.org: Second "To create a new one" link on /sources page returns 404 Not Found error

[Mattia Rizzolo]

On Mon, Sep 03, 2018 at 02:58:46PM -0400, Joseph R. Justice wrote:
> At the instant this message is written, on the page
> https://contributors.debian.org/sources/ ("Debian Contributors data
> sources"), in the section about how to create a new data source, the second
> link there (which is currently to the URL "
> https://anonscm.debian.org/cgit/nm/python-debiancontributors.git/tree/README.md;)
> goes to a 404 Not Found error page with text "The requested URL
> /cgit/nm/python-debiancontributors.git/tree/README.md was not found on this
> server."
> 
> Going to the root site page "https://anonscm.debian.org/;, there is text
> about how alioth has been discontinued in favor of repositories at
> salsa.debian.org .

Uh, thanks for noticing!

> After poking around some, it looks like the new link *might* possibly be
> https://salsa.debian.org/python-team/modules/python-debiancontributors/blob/master/README.md
> ?

That's right indeed, even if I wonder whether that information should
instead be moving elsewhere.

> Hope this is of some use, interest.  Thanks for your time.  FWIW, I did
> first check to see if this had already been reported; AFAICT it has not
> been.

I'm fixing it now by changing the link, thanks for reporting! :)

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#907901: RM: instant -- ROM; deprecated (no longer used)

[Drew Parsons]

Package: ftp.debian.org
Severity: normal

instant (python3-instant) was a core component of FEniCS up to version
2017.2.0.

>From version 2018.1.0 FEniCS switched from swig to pybind11 to provide
python bindings to the core C++ dolfin library. 

Consequently instant is no longer required and can now be removed.

Bug#866306: patch for haveged

[Vagrant Cascadian]

On 2018-09-03, Nicolas Braud-Santoni wrote:
> Hi Natanael !
>
> Thanks for providing the patch.
>
> Did you forward this patch upstream, and do you know whether it was
> included in the latest upstream release?
>
>
> Hi Vagrant !
>
> Could you confirm whether the patch solves the bug on your hardware?

I'd be happy to try it out! Unfortunately, the patch sent to the debian
BTS is some xml representation of a patch; I'm not sure how to apply
it. Would it be possible to resend the patch in a more conventional
patch format?

It looks like there's a diff somewhere in here:

diff --git a/src/havegetune.c b/src/havegetune.c
index f1a99f2..de39c53 100644
--- a/src/havegetune.c
+++
b/src/havegetune.c
 -795,6 +795,8  static int vfs_configInfoCache(
  ctype = vfs_configFile(pAnchor, path, vfs_configType);
  strcpy(path+plen, size);
  size  = vfs_configFile(pAnchor, path, vfs_configInt);
+  if (size == -1)
+  size = ctype ==
I ? GENERIC_ICACHE : GENERIC_DCACHE;
  cfg_cacheAdd(pAnchor, SRC_VFS_INDEX,  pArgs[1], level, ctype,
  size);
  }
  }


live well,
  vagrant


signature.asc
Description: PGP signature

Bug#907704: choose-mirror: default to deb.debian.org

[Nicholas D Steeves]

On Mon, Sep 03, 2018 at 08:54:56PM +0100, Ben Hutchings wrote:
> On Mon, 2018-09-03 at 20:13 +0200, Karsten Merker wrote:
> > On Mon, Sep 03, 2018 at 04:41:10PM +0200, Julien Cristau wrote:
> > > Control: tag -1 + patch
> > > 
> > > On 08/31/2018 06:27 PM, Julien Cristau wrote:
> > > > Package: choose-mirror
> > > > Severity: wishlist
> > > > X-Debbugs-Cc: tfh...@debian.org
> > > > 
> > > > I think it's time for choose-mirror to stop asking by default.  AFAIK
> > > > deb.debian.org works well enough now that we don't need users to
> > > > manually select a mirror close to them.
[...]
> > 
> > Hello,
> > 
> > I can see the argument for not asking to select a mirror when
> > there is a well-working mechanism for automatically choosing a
> > "near" (in networking terms) mirror.  Does deb.debian.org fulfill
> > everybody's needs in this regard?  ISTR that there were some
> > discussions in the past that deb.debian.org didn't resolve to
> > particularly useful mirrors for some parts of the world, but I
> > have no idea whether that is still a problem.  My personal
> > experience with deb.debian.org hasn't been that great - instead
> > of redirecting me to the Debian mirror that is run by my local
> > ISP (and that is in d-i's mirrorlist), it redirects me to an AWS
> > instance hosted rather "far" away in networking terms.
> [...]
> 
> The existing mirror network has several longstanding problems:
> 
> 1. Many mirrors don't reliably update
> 2. Some mirrors aren't reliably available at all
> 3. Many mirrors don't carry all release architectures (even a few
>of the "primary" ones don't)
> 4. Most mirrors don't support TLS
> 
> httpredir.debian.org attempted to solve the first 3 problems while
> still doing what you want: it redirected to local mirrors known to have
> up-to-date files.  This would have been almost ideal as a default.  But
> apparently it required a lot of maintenance work, which no-one was
> prepared to continue doing.
> 
> That's why deb.debian.org is a plain CDN which doesn't rely on the
> existing mirror network.  It also supports TLS (which I think should
> also be enabled by default in the installer).
> 
> If deb.debian.org still doesn't provide reasonably fast service in some
> countries, then maybe we should still ask—but then we should put
> deb.debian.org at the top of the mirror list for most countries.

/\ +1 /\

Like Karsten, my experience with deb.debian.org has been inconsistent.
With a 50 Mb/s ADSL line in Montréal, most of the top candidates
mirrors from netselect will consistently deliver ~6200 kB/s, but
deb.debian.org often connects to an AWS instance where the download
proceeds no more than 350 KB/s...

Additionally, I think that it is reasonable that users look at the
mirror list for the following reason: Our mirrors are a list of
organisations and universities who donate storage and bandwidth.
Having users look at this list provides the opportunity for the user
to recognise their donation--something like "oh, these are the
entities who support FLOSS in my country".

Thus, I believe that hiding this from the user reduces the reciprocity
with these donors, and reduces the incentive to donate
storage/bandwidth.

That said, I think there should be some sort of mechanism to reward
those mirrors who provide TLS.  It's becoming normal for a browser to
display "insecure site" for those which don't support SSL...

Cheers,
Nicholas


signature.asc
Description: PGP signature

Bug#907900: hplip: Printing is not possible b/c of missing foomatic-rip-hplip filter

[Dimitri Chausson]

Package: hplip
Version: 3.17.10+repack0-5
Severity: important

Dear Maintainer,

I just bought an HP 3639 printer and wanted to use it. Configuring it via the
CUPS UI went fine : I use the suggested driver = HP Deskjet 3630 Series hpijs, 
3.17.10 (color)

Unfortunately, nothing happens when I try to print, and the CUPS error log file
gives the following details:

E [03/Sep/2018:21:35:59 +0200] HP_DeskJet_3630_series: File 
\"/usr/lib/cups/filter/foomatic-rip-hplip\" not available: No such file or 
directory
E [03/Sep/2018:21:35:59 +0200] [Job 192] Unable to start filter 
"foomatic-rip-hplip" - Success.
E [03/Sep/2018:21:35:59 +0200] [Job 192] Stopping job because the scheduler 
could not execute a filter.

Having a look on HP suport site did not really helped me, since they just
suggest to drop the package, download the sources and compile. 

I really appreciate your help and time, please don't hesitate to ask for more
details.

Dimitri

-- Package-specific info:
Saving output in log file: /home/dimitri/hp-check.log

HP Linux Imaging and Printing System (ver. 3.17.10)
Dependency/Version Check Utility ver. 15.1

Copyright (c) 2001-15 HP Development Company, LP
This software comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to distribute it
under certain conditions. See COPYING file for more details.

Note: hp-check can be run in three modes:
1. Compile-time check mode (-c or --compile): Use this mode before compiling 
the HPLIP supplied tarball (.tar.gz or .run) to determine if the proper 
 
dependencies are installed to successfully compile HPLIP.   
  
2. Run-time check mode (-r or --run): Use this mode to determine if a distro 
supplied package (.deb, .rpm, etc) or an already built HPLIP supplied tarball 
has
the proper dependencies installed to successfully run.  
  
3. Both compile- and run-time check mode (-b or --both) (Default): This mode 
will check both of the above cases (both compile- and run-time dependencies).   
 

Check types:
  
a. EXTERNALDEP - External Dependencies  
  
b. GENERALDEP - General Dependencies (required both at compile and run time)
  
c. COMPILEDEP - Compile time Dependencies   
  
d. [All are run-time checks]
  
PYEXT SCANCONF QUEUES PERMISSION
  

Status Types:
OK
MISSING   - Missing Dependency or Permission or Plug-in
INCOMPAT  - Incompatible dependency-version or Plugin-version

warning: 2-buster/sid version is not supported. Using 2-9.1 versions 
dependencies to verify and install...

---
| SYSTEM INFO |
---

 Kernel: 4.17.0-3-amd64 #1 SMP Debian 4.17.17-1 (2018-08-18) GNU/Linux
 Host: keats
 Proc: 4.17.0-3-amd64 #1 SMP Debian 4.17.17-1 (2018-08-18) GNU/Linux
 Distribution: 2 buster/sid
 Bitness: 64 bit


---
| HPLIP CONFIGURATION |
---

HPLIP-Version: HPLIP 3.17.10
HPLIP-Home: /usr/share/hplip
warning: HPLIP-Installation: Auto installation is not supported for 2 distro  
buster/sid version 

Current contents of '/etc/hp/hplip.conf' file:
# hplip.conf.  Generated from hplip.conf.in by configure.

[hplip]
version=3.17.10

[dirs]
home=/usr/share/hplip
run=/var/run
ppd=/usr/share/ppd/hplip/HP
ppdbase=/usr/share/ppd/hplip
doc=/usr/share/doc/hplip
html=/usr/share/doc/hplip-doc
icon=no
cupsbackend=/usr/lib/cups/backend
cupsfilter=/usr/lib/cups/filter
drv=/usr/share/cups/drv
bin=/usr/bin
apparmor=/etc/apparmor.d
# Following values are determined at configure time and cannot be changed.
[configure]
network-build=yes
libusb01-build=no
pp-build=yes
gui-build=yes
scanner-build=yes
fax-build=yes
dbus-build=yes
cups11-build=no
doc-build=yes
shadow-build=no
hpijs-install=yes
foomatic-drv-install=yes
foomatic-ppd-install=yes
foomatic-rip-hplip-install=no
hpcups-install=yes
cups-drv-install=yes
cups-ppd-install=no
internal-tag=3.17.10
restricted-build=no
ui-toolkit=qt5
qt3=no
qt4=no
qt5=yes
policy-kit=yes
lite-build=no
udev_sysfs_rules=no
hpcups-only-build=no
hpijs-only-build=no
apparmor_build=no


Current contents of '/var/lib/hp/hplip.state' file:
Plugins are not installed. Could 

Bug#907899: stretch-pu: package mailman/1:2.1.23-1+deb9u4

[Salvatore Bonaccorso]

Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu

Hi

Mailman in stretch is affected by the minor issue CVE-2018-13796,
allowing to inject text in the "No such list" error response. See
https://bugs.launchpad.net/mailman/+bug/1780874 . This won't warrant a
DSA.

debian/changelog entry:

> mailman (1:2.1.23-1+deb9u4) stretch; urgency=medium
> 
>   * Non-maintainer upload.
>   * Arbitrary text injection vulnerability in Mailman CGIs (CVE-2018-13796)
> (Closes: #903674)
> 
>  -- Salvatore Bonaccorso   Mon, 03 Sep 2018 22:00:38 +0200

and full debdiff attached against the 1:2.1.23-1+deb9u3 version.

The issue has been tested in a container instance with the hint given by
https://bugs.launchpad.net/mailman/+bug/1780874 .

Regards,
Salvatore
diff -Nru mailman-2.1.23/debian/changelog mailman-2.1.23/debian/changelog
--- mailman-2.1.23/debian/changelog 2018-07-14 23:26:09.0 +0200
+++ mailman-2.1.23/debian/changelog 2018-09-03 22:00:38.0 +0200
@@ -1,3 +1,11 @@
+mailman (1:2.1.23-1+deb9u4) stretch; urgency=medium
+
+  * Non-maintainer upload.
+  * Arbitrary text injection vulnerability in Mailman CGIs (CVE-2018-13796)
+(Closes: #903674)
+
+ -- Salvatore Bonaccorso   Mon, 03 Sep 2018 22:00:38 +0200
+
 mailman (1:2.1.23-1+deb9u3) stretch-security; urgency=high
 
   * Non-maintainer upload by the Security Team.
diff -Nru mailman-2.1.23/debian/patches/94_CVE-2018-13796.patch 
mailman-2.1.23/debian/patches/94_CVE-2018-13796.patch
--- mailman-2.1.23/debian/patches/94_CVE-2018-13796.patch   1970-01-01 
01:00:00.0 +0100
+++ mailman-2.1.23/debian/patches/94_CVE-2018-13796.patch   2018-09-03 
22:00:38.0 +0200
@@ -0,0 +1,49 @@
+Description: Arbitrary text injection vulnerability in Mailman CGIs
+Origin: upstream, 
https://bugs.launchpad.net/mailman/+bug/1780874/+attachment/5167324/+files/patch.txt
+Bug: https://bugs.launchpad.net/mailman/+bug/1780874
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2018-13796
+Bug-Debian: https://bugs.debian.org/903674
+Forwarded: not-needed
+Author: Mark Sapiro 
+Reviewed-by: Salvatore Bonaccorso 
+Last-Update: 2018-07-25
+Applied-Upstream: 2.1.29
+
+=== modified file 'Mailman/Utils.py'
+--- a/Mailman/Utils.py 2018-07-11 06:52:22 +
 b/Mailman/Utils.py 2018-07-24 21:48:54 +
+@@ -280,17 +280,28 @@
+ def GetPathPieces(envar='PATH_INFO'):
+ path = os.environ.get(envar)
+ if path:
++remote = os.environ.get('HTTP_FORWARDED_FOR',
++ os.environ.get('HTTP_X_FORWARDED_FOR',
++ os.environ.get('REMOTE_ADDR',
++'unidentified origin')))
+ if CRNLpat.search(path):
+ path = CRNLpat.split(path)[0]
+-remote = os.environ.get('HTTP_FORWARDED_FOR',
+- os.environ.get('HTTP_X_FORWARDED_FOR',
+- os.environ.get('REMOTE_ADDR',
+-'unidentified origin')))
+ syslog('error',
+ 'Warning: Possible malformed path attack domain=%s remote=%s',
+get_domain(),
+remote)
+-return [p for p in path.split('/') if p]
++# Check for listname injections that won't be websafed.
++pieces = [p for p in path.split('/') if p]
++# Get the longest listname or 20 if none.
++if list_names():
++longest = max([len(x) for x in list_names()])
++else:
++longest = 20
++if pieces and len(pieces[0]) > longest:
++syslog('mischief',
++   'Hostile listname: listname=%s: remote=%s', pieces[0], remote)
++pieces[0] = pieces[0][:longest] + '...'
++return pieces
+ return None
+ 
+ 
+
diff -Nru mailman-2.1.23/debian/patches/series 
mailman-2.1.23/debian/patches/series
--- mailman-2.1.23/debian/patches/series2018-07-14 23:26:09.0 
+0200
+++ mailman-2.1.23/debian/patches/series2018-09-03 22:00:38.0 
+0200
@@ -12,3 +12,4 @@
 91_utf8.patch
 92_CVE-2018-5950.patch
 93_CVE-2018-0618.patch
+94_CVE-2018-13796.patch

Bug#907845: Warn if compat level 11 is used and dh_system_*-arch helpers are used too

[Chris Lamb]

Hi Niels,

> There is also an -indep variant of override targets.  :)

Thanks, fixed in:
  
  
https://salsa.debian.org/lintian/lintian/commit/1da811c44cfbdc6f70b233a3807adf789c3528e2


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#907888: [Pkg-openssl-devel] Bug#907888: opopenssl: Breaks wpa_supplicant (and NetworkManager) which fail with error "ee key too small"

[Kurt Roeckx]

On Mon, Sep 03, 2018 at 06:26:05PM +0200, Gianpaolo Cugola wrote:
> TLS: Got certificate from PKCS12:
> subject='/C=IT/ST=Lombardia/L=Milano/O=Politecnico di Milano/OU=Area
> Sistemi ICT/CN=x...@xxx.xx'
> TLS: Got private key from PKCS12
> TLS - SSL error: error:140C618F:SSL routines:SSL_use_certificate:ee key too
> small
> OpenSSL: tls_connection_private_key - Failed to load private key
> error::lib(0):func(0):reason(0)
> TLS: Failed to load private key '/home/cugola/wifiCert_nopass.p12'
> TLS: Failed to set TLS connection parameters

The fix it to tell your administrator to use 2048 (or more) bit
keys. I assume there are certificates on both sides, so they both
need to get replaced.

You can work around this issue by putting something like this in
your config file:
openssl_ciphers=DEFAULT@SECLEVEL=1

But you really should use a certificate with a stronger key.


Kurt

Bug#907898: gmap: autopkgtest regression

[Paul Gevers]

Source: gmap
Version: 2018-07-04-3
X-Debbugs-CC: debian...@lists.debian.org
User: debian...@lists.debian.org
Usertags: regression

Dear maintainers,

With the upload of 2018-07-04-3 the autopkgtest of your package started
to fail in testing. I copied the output below.

Currently this regression is contributing to the delay of the migration
to testing [1]. Could you please investigate the situation and fix it?
If needed, please change the bug's severity as appropriate.

More information about this bug and the reason for filing it can be found on
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation

Paul

[1] https://qa.debian.org/excuses.php?package=gmap

https://ci.debian.net/data/autopkgtest/testing/amd64/g/gmap/929653/log.gz

autopkgtest [16:21:02]: test gmap-tests: [---
align.test
Note: gmap.sse42 does not exist.  For faster speed, may want to compile
package on an SSE4.2 machine
Note: gmap.sse41 does not exist.  For faster speed, may want to compile
package on an SSE4.1 machine
Note: gmap.ssse3 does not exist.  For faster speed, may want to compile
package on an SSSE3 machine
Note: gmap.sse2 does not exist.  For faster speed, may want to compile
package on an SSE2 machine
autopkgtest [16:21:03]: test gmap-tests: ---]



signature.asc
Description: OpenPGP digital signature

Bug#907897: gnome-shell-pomodoro: FTBFS

[Paul Gevers]

Source: gnome-shell-pomodoro
Version: 0.13.4-2
Tags: ftbfs
Severity: serious
X-Debbugs-CC: debian...@lists.debian.org
User: debian...@lists.debian.org
Usertags: needs-update

Dear maintainers,

With a recent upload of gobject-introspection the autopkgtest of
gnome-shell-pomodoro started to fail in testing, which triggered me to
check it. Luckily for gobject-introspection I was able to "fix" the
failure by including glib2.0 in the set of packages, so the migration
test currently passes. However, in unstable the autopkgtest fails and on
reproducible-builds. I copied the error below.

https://tests.reproducible-builds.org/debian/rb-pkg/gnome-shell-pomodoro.html

More information about this bug and the reason for filing it can be found on
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation

Paul

https://ci.debian.net/data/autopkgtest/testing/amd64/g/gnome-shell-pomodoro/928035/log.gz

libtool: compile:  gcc -DHAVE_CONFIG_H -I. -I../..
-I/tmp/autopkgtest-lxc.7iokt8kk/downtmp/build.wCd/src
-I/tmp/autopkgtest-lxc.7iokt8kk/downtmp/build.wCd/src/lib
-DGETTEXT_PACKAGE=\"gnome-pomodoro\"
-DPACKAGE_LOCALE_DIR=\"/usr/share/locale\"
-DPACKAGE_DATA_DIR=\"/usr/share/gnome-pomodoro\" -Wdate-time
-D_FORTIFY_SOURCE=2 -pthread -I/usr/include/gtk-3.0
-I/usr/include/at-spi2-atk/2.0 -I/usr/include/at-spi-2.0
-I/usr/include/dbus-1.0 -I/usr/lib/x86_64-linux-gnu/dbus-1.0/include
-I/usr/include/gtk-3.0 -I/usr/include/gio-unix-2.0/ -I/usr/include/cairo
-I/usr/include/pango-1.0 -I/usr/include/harfbuzz
-I/usr/include/pango-1.0 -I/usr/include/fribidi -I/usr/include/atk-1.0
-I/usr/include/cairo -I/usr/include/pixman-1 -I/usr/include/uuid
-I/usr/include/freetype2 -I/usr/include/libpng16
-I/usr/include/gdk-pixbuf-2.0 -I/usr/include/libpng16
-I/usr/include/libpeas-1.0 -I/usr/include/gobject-introspection-1.0
-I/usr/include/glib-2.0 -I/usr/lib/x86_64-linux-gnu/glib-2.0/include
-pthread -D_REENTRANT -I/usr/include/gstreamer-1.0
-I/usr/include/glib-2.0 -I/usr/lib/x86_64-linux-gnu/glib-2.0/include -w
-g -O2
-fdebug-prefix-map=/tmp/autopkgtest-lxc.7iokt8kk/downtmp/build.wCd/src=.
-fstack-protector-strong -Wformat -Werror=format-security -c resources.c
-o libsounds_la-resources.o >/dev/null 2>&1
/usr/lib/x86_64-linux-gnu/glib-2.0/glib-compile-schemas --strict
--dry-run  --schema-file=org.gnome.pomodoro.plugins.sounds.gschema.xml
&& mkdir -p . && touch org.gnome.pomodoro.plugins.sounds.gschema.valid
sound-player.vala:130.9-130.33: error: Property
`SoundsPlugin.GStreamerPlayer.volume_fade' with custom `get' accessor
and/or `set' mutator cannot have `default' value
public double volume_fade {
^
sound-player.vala:120.9-120.28: error: Property
`SoundsPlugin.GStreamerPlayer.volume' with custom `get' accessor and/or
`set' mutator cannot have `default' value
public double volume {

../../lib/gnome-pomodoro.vapi:176.3-176.19: warning: DBus methods are
recommended to throw at least `GLib.Error' or `GLib.DBusError, GLib.IOError'
public void pause ();
^
../../lib/gnome-pomodoro.vapi:177.3-177.18: warning: DBus methods are
recommended to throw at least `GLib.Error' or `GLib.DBusError, GLib.IOError'
public void quit ();

../../lib/gnome-pomodoro.vapi:178.3-178.19: warning: DBus methods are
recommended to throw at least `GLib.Error' or `GLib.DBusError, GLib.IOError'
public void reset ();
^
../../lib/gnome-pomodoro.vapi:179.3-179.20: warning: DBus methods are
recommended to throw at least `GLib.Error' or `GLib.DBusError, GLib.IOError'
public void resume ();
^^
../../lib/gnome-pomodoro.vapi:180.3-180.23: warning: DBus methods are
recommended to throw at least `GLib.Error' or `GLib.DBusError, GLib.IOError'
public void set_state (string name, double timestamp);
^
../../lib/gnome-pomodoro.vapi:181.3-181.30: warning: DBus methods are
recommended to throw at least `GLib.Error' or `GLib.DBusError, GLib.IOError'
public void show_main_window (uint32 timestamp);

../../lib/gnome-pomodoro.vapi:182.3-182.30: warning: DBus methods are
recommended to throw at least `GLib.Error' or `GLib.DBusError, GLib.IOError'
public void show_preferences (uint32 timestamp);

../../lib/gnome-pomodoro.vapi:183.3-183.18: warning: DBus methods are
recommended to throw at least `GLib.Error' or `GLib.DBusError, GLib.IOError'
public void skip ();

../../lib/gnome-pomodoro.vapi:184.3-184.19: warning: DBus methods are
recommended to throw at least `GLib.Error' or `GLib.DBusError, GLib.IOError'
public void start ();
^

Bug#874627: haveged: Please drop -dbg package in favour of automatic -dbgsym

[Nicolas Braud-Santoni]

Control: tag -1 + pending

Hi intri !

I prepared an upload which happens to fix that, back in February, but I'm
waiting for the upstream to finally sign the latest release (they released
a tarball, but forgot to sign it, it seems?) so I can import it.


Best,

  nicoo

On Fri, Sep 08, 2017 at 10:25:17AM +0200, intrig...@debian.org wrote:
> Package: haveged
> Version: 1.9.1-6
> Severity: minor
> 
> Hi,
> 
> tl;dr: https://wiki.debian.org/AutomaticDebugPackages
> 
> (Noticed because the -dbg package is unreproducible on Buster
> currently:
> https://tests.reproducible-builds.org/debian/rb-pkg/buster/amd64/diffoscope-results/haveged.html)
> 
> Cheers,
> -- 
> intrigeri
> 


signature.asc
Description: PGP signature

Bug#791944: /etc/init.d/sendsigs kills systemd-udevd upon shutdown, causing dmsetup to hang

[Trek]

On Mon, 3 Sep 2018 16:41:58 +0200
Michael Biebl  wrote:

> The patch looks fine to me from a cursory glance. I haven't tested it
> though. Trek, I assume you built a test package and did a test-upgrade
> checking it works as expected?

I haven't built a test package, but instead I have patched the compiled
deb package with dpkg-deb -R and dpkg-deb -b and tested the upgrade
process

I'll build udev from the source package in the next days, then I'll
test again the upgrade process (manually removing rc*.d/K* symlinks
before install the new package) and the shutdown fix



> If you don't mind, would you send a git formatted patch so the changes
> are properly attributed to you?

I think it should not be attributed to me, as it's the result of a very
collaborative work, especially (in order of appearance) Guilhem Moulin,
Theppitak Karoonboonyanan, Felipe Sateler, Michael Biebl, Pali Rohár
and at last me


> The git commit message should follow gbp-dch style, with a Closes:
> #791944. A MR via https://salsa.debian.org/systemd-team/systemd would
> be even nicer. It's not a pre-requisite it just makes things more
> convenient for us and speeds up processing.

I'll try to do it

many thanks to you!
Trek

Bug#907704: choose-mirror: default to deb.debian.org

[Ben Hutchings]

On Mon, 2018-09-03 at 20:13 +0200, Karsten Merker wrote:
> On Mon, Sep 03, 2018 at 04:41:10PM +0200, Julien Cristau wrote:
> > Control: tag -1 + patch
> > 
> > On 08/31/2018 06:27 PM, Julien Cristau wrote:
> > > Package: choose-mirror
> > > Severity: wishlist
> > > X-Debbugs-Cc: tfh...@debian.org
> > > 
> > > I think it's time for choose-mirror to stop asking by default.  AFAIK
> > > deb.debian.org works well enough now that we don't need users to
> > > manually select a mirror close to them.
> > > 
> > > PoC patch, completely untested:
> > > 
> > 
> > Updated patch, at least somewhat tested.  It downgrades the debconf
> > priority for mirror/http/countries and mirror/http/mirrors so they're
> > not asked by default (previous patch would still ask for a country).
> > Only the "proxy" question remains; I'd kind of want to skip it by
> > default unless we find out we can't get at the mirror directly, but
> > that's something for another bug/patch.
> 
> Hello,
> 
> I can see the argument for not asking to select a mirror when
> there is a well-working mechanism for automatically choosing a
> "near" (in networking terms) mirror.  Does deb.debian.org fulfill
> everybody's needs in this regard?  ISTR that there were some
> discussions in the past that deb.debian.org didn't resolve to
> particularly useful mirrors for some parts of the world, but I
> have no idea whether that is still a problem.  My personal
> experience with deb.debian.org hasn't been that great - instead
> of redirecting me to the Debian mirror that is run by my local
> ISP (and that is in d-i's mirrorlist), it redirects me to an AWS
> instance hosted rather "far" away in networking terms.
[...]

The existing mirror network has several longstanding problems:

1. Many mirrors don't reliably update
2. Some mirrors aren't reliably available at all
3. Many mirrors don't carry all release architectures (even a few
   of the "primary" ones don't)
4. Most mirrors don't support TLS

httpredir.debian.org attempted to solve the first 3 problems while
still doing what you want: it redirected to local mirrors known to have
up-to-date files.  This would have been almost ideal as a default.  But
apparently it required a lot of maintenance work, which no-one was
prepared to continue doing.

That's why deb.debian.org is a plain CDN which doesn't rely on the
existing mirror network.  It also supports TLS (which I think should
also be enabled by default in the installer).

If deb.debian.org still doesn't provide reasonably fast service in some
countries, then maybe we should still ask—but then we should put
deb.debian.org at the top of the mirror list for most countries.

Ben.

-- 
Ben Hutchings
I say we take off; nuke the site from orbit.
It's the only way to be sure.




signature.asc
Description: This is a digitally signed message part

Bug#866306: patch for haveged

[Nicolas Braud-Santoni]

Control: tag -1 + patch upstream moreinfo
Control: severity -1 important

Hi Natanael !

Thanks for providing the patch.

Did you forward this patch upstream, and do you know whether it was
included in the latest upstream release?


Hi Vagrant !

Could you confirm whether the patch solves the bug on your hardware?


Best,

  nicoo

On Fri, May 18, 2018 at 04:58:10PM +0200, Natanael Copa wrote:
> Tag: Patch
> 
> Hi,
> 
> I bumped into this issue on Alpine Linux. It appears that the sysfs not
> always report the cpu cache size on arm (both 32bit and 64 bit). It
> reports size to be -1 and haveged does not handle that case.
> 
> I have seen the case on xgene and thunderx machines.
> 
> I have attached a patch that should fix the issue.
> 
> Thanks!
> 
> -nc




signature.asc
Description: PGP signature

Bug#906294: haveged: New upstream version

[Nicolas Braud-Santoni]

X-Debbugs-CC: g...@issiweb.com, g...@issihosts.com

Hi Lunar, Steffen,

I've been keeping an eye on haveged since I contributed some fixes, 2 years
ago; in particular, I've prepared some packaging fixes and moved the repo
to Salsa in February, and I would be very happy to (co-)maintain it.


The main reason the upload for the changes made in February (and the import
of the new upstream version) didn't happen yet, is that upstream failed to
publish a signature file along the release tarball.

I've tried emailing them several times about it, but it doesn't look like
they got my messages at all; I put them in X-Debbugs-CC in case the BTS
somehow gets through.


Best,

  nicoo


On Tue, Aug 28, 2018 at 10:35:25PM +0200, Jérémy Bobbio wrote:
> On 16/08/2018 19:22, Steffen Moeller wrote:
> > Package: haveged
> > Version: 1.9.1-6
> > Severity: wishlist
> > 
> > Dear Maintainer,
> > 
> > Version 1.9.6 is available. Please kindly inform me if you would appreciate 
> > to be helped out.
> 
> The package is in collab-maint, please go ahead!
> 
> I'm now set on retiring from Debian but I'm still haven't found a large
> enough time window to do so. If you want to be listed as the maintainer,
> feel free to do so.
> 
> Thanks!
> -- 
> Lunar
> 





signature.asc
Description: PGP signature

Bug#907845: Warn if compat level 11 is used and dh_system_*-arch helpers are used too

[Niels Thykier]

Chris Lamb:
> tags 907845 + pending
> retitle 907845 lintian: Warn if compat level 11 is used and dh_system_*-arch 
> helpers are used too
> thanks
> 
>> I wonder why it didn't trigger for sysstat
>> https://salsa.debian.org/debian/sysstat/blob/master/debian/rules#L68
>>
>> Is the -arch prefix confusing lintian?
> 
> Indeed. Now fixed in Git, pending upload:
> 
>   
> https://salsa.debian.org/lintian/lintian/commit/c4923ba1353f6238955bef6f6c0a4c2175f010cf
> 
>   checks/debhelper.pm| 2 +-
>   debian/changelog   | 3 +++
>   t/tests/rules-uses-deprecated-systemd-override/debian/debian/rules | 3 +++
>   t/tests/rules-uses-deprecated-systemd-override/tags| 1 +
>   4 files changed, 8 insertions(+), 1 deletion(-)
> 
> 
> Regards,
> 

There is also an -indep variant of override targets.  :)

Thanks,
~Niels

Bug#907896: tracker-miners FTBFS in autopkgtest with latest glib2.0

[Paul Gevers]

Source: tracker-miners
Control: found -1 tracker-miners/2.0.4-2
Tags: ftbfs
Severity: serious
X-Debbugs-CC: debian...@lists.debian.org, glib...@packages.debian.org
User: debian...@lists.debian.org
Usertags: needs-update
Control: affects -1 glib2.0

Dear maintainers,

With a recent upload of glib2.0 the autopkgtest of tracker-miners
started to fail in unstable and testing, because the requested build
fails. I copied the output below. To be honest, the error indicates to
me that the test suite needs to be updated for a changed mime-type. But
you may disagree with me on that.

For your info, also the builds on reproducible-builds fail, although
that seems to be due to different reasons, as that already happens for a
long time:
https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/tracker-miners.html

Currently this regression is contributing to the delay of the migration
of glib2.0 to testing [1]. Could you please investigate the situation
and reassign the bug if you think the issues lies elsewhere?

More information about this bug and the reason for filing it can be found on
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation

Paul

[1] https://qa.debian.org/excuses.php?package=glib2.0

https://ci.debian.net/data/autopkgtest/testing/amd64/t/tracker-miners/928021/log.gz

ERROR: tracker-file-utils
=

**
Tracker:ERROR:tracker-file-utils-test.c:234:test_file_get_mime_type:
assertion failed (result == "text/plain"): ("application/x-zerosize" ==
"text/plain")
Aborted
# random seed: R02Sc1c5ab41dd178938e53952e83fd10d19
1..14
# Start of libtracker-common tests
# Start of file-utils tests
ok 1 /libtracker-common/file-utils/path_evaluate_name
PASS: tracker-file-utils 1 /libtracker-common/file-utils/path_evaluate_name
# Tracker-DEBUG: Removing path:'/usr/share/local', it is in path:'/usr/'
# Tracker-DEBUG: Removing path:'/home/ivan', it is in path:'/home'
ok 2 /libtracker-common/file-utils/path_list_filter_duplicates
PASS: tracker-file-utils 2
/libtracker-common/file-utils/path_list_filter_duplicates
# Tracker-DEBUG: Removing path:'/home/user/MyDocs/visible', it is in
path:'/home/user/MyDocs'
# Tracker-DEBUG: Removing path:'/home/user/MyDocs/.sounds', it is in
path:'/home/user/MyDocs'
ok 3
/libtracker-common/file-utils/path_list_filter_duplicates_with_exceptions
PASS: tracker-file-utils 3
/libtracker-common/file-utils/path_list_filter_duplicates_with_exceptions
Bail out!
Tracker:ERROR:tracker-file-utils-test.c:234:test_file_get_mime_type:
assertion failed (result == "text/plain"): ("application/x-zerosize" ==
"text/plain")
ERROR: tracker-file-utils - Bail out!
Tracker:ERROR:tracker-file-utils-test.c:234:test_file_get_mime_type:
assertion failed (result == "text/plain"): ("application/x-zerosize" ==
"text/plain")




signature.asc
Description: OpenPGP digital signature

Bug#907750: freesweep: Hangs very bad when terminal size is changed

[Markus Koschany]

Control: forwarded -1 https://github.com/rwestlund/freesweep/issues/3

Thanks for reporting! I can confirm that the game segfaults when the
terminal size is smaller than the current board size. However I can't
reproduce that the system hangs. Instead I receive this error message
from the game:

***Segmentation Fault detected. Cleaning up

Thanks for also raising this issue upstream. I have just uploaded the
latest upstream release but I can still reproduce the problem.

Regards,

Markus



signature.asc
Description: OpenPGP digital signature

Bug#907895: contributors.debian.org: Second "To create a new one" link on /sources page returns 404 Not Found error

[Joseph R. Justice]

Package: nm.debian.org
Version: 2018-07-30 19:28:39
Severity: minor
Tags: patch

At the instant this message is written, on the page
https://contributors.debian.org/sources/ ("Debian Contributors data
sources"), in the section about how to create a new data source, the second
link there (which is currently to the URL "
https://anonscm.debian.org/cgit/nm/python-debiancontributors.git/tree/README.md;)
goes to a 404 Not Found error page with text "The requested URL
/cgit/nm/python-debiancontributors.git/tree/README.md was not found on this
server."

Going to the root site page "https://anonscm.debian.org/;, there is text
about how alioth has been discontinued in favor of repositories at
salsa.debian.org .

After poking around some, it looks like the new link *might* possibly be
https://salsa.debian.org/python-team/modules/python-debiancontributors/blob/master/README.md
?

Hope this is of some use, interest.  Thanks for your time.  FWIW, I did
first check to see if this had already been reported; AFAICT it has not
been.

Joseph

Bug#907891: perl: MIME-Q (RFC2047 eMail header) encoding broken since post-stretch

[Russ Allbery]

Thorsten Glaser  writes:

> (sid)$ printf '%s' 'Subject: UNNAMED PROJECT branch bnewplus updated. 
> f9dfb215c29bc17b5ca12c0e8bb509aa4949787e' | perl -C7 -0777 -Mutf8 -MEncode -e 
> "print encode('MIME-Q', <>);"; echo
> =?UTF-8?Q?Subject=3A_UNNAMED_PROJECT_branch_bnewplus_updated=2E_f9dfb215c?=
>  =?UTF-8?Q?29bc17b5ca12c0e8bb509aa4949787e?=

This doesn't directly address the rest of your bug report, but I'm fairly
sure that including the email header in the text you're encoding is a bug
in your code.  RFC 2047 encoding is defined on a string, and the encoder
has no way of knowing that the initial "Subject: " is magical and should
be treated not as part of the string.  It could well be part of the
content of the header field.

Regardless of the rest of the issues here with excessive encoding, your
code should be encoding the contents of the field and then separately
adding the header field name.  This happens to accidentally work if the
encoding reproduces pure ASCII words in the output text without encoding
them, but it's technically incorrect because it's not valid in the email
format to encode the header field name using RFC 2047 encoding.

-- 
Russ Allbery (r...@debian.org)   

Bug#907894: Ingame music is missing - normal ingame sound works

[Bernhard]

Package: d1x-rebirth
Version: 0.58.1-1
Severity: normal

The ingame music is missing.
I had a look with the commandline options -verbose and -debug.
There are no error messages regarding the music.

Here the console output:

> bernhard@CR-Bernhard:~$ d1x-rebirth -verbose -debug
> 
> Type d1x-rebirth -help' for a list of command-line options.
> 
> PHYSFS: Listing contents of Search Path.
> PHYSFS: [/home/bernhard/.d1x-rebirth/] is in the Search Path.
> PHYSFS: [/usr/share/games/d1x-rebirth/] is in the Search Path.
> PHYSFS: [/usr/share/games/d1x-rebirth/Data] is in the Search Path.
> PHYSFS: * We've got [Data].
> PHYSFS: * We've got [descent.cfg].
> PHYSFS: * We've got [descent.hog].
> PHYSFS: * We've got [descent.pig].
> PHYSFS: * We've got [gamelog.txt].
> PHYSFS: * We've got [jt.plr].
> PHYSFS: * We've got [jt.plx].
> PHYSFS: * We've got [jt.sg0].
> 
> PHYSFS: Checking supported archive types.
> PHYSFS: Supported archive: [ZIP], which is [PkZip/WinZip/Info-Zip compatible].
> PHYSFS: Supported archive: [7Z], which is [7zip archives].
> PHYSFS: Supported archive: [GRP], which is [Build engine Groupfile format].
> PHYSFS: Supported archive: [PAK], which is [Quake I/II format].
> PHYSFS: Supported archive: [HOG], which is [Descent I/II HOG file format].
> PHYSFS: Supported archive: [MVL], which is [Descent II Movielib format].
> PHYSFS: Supported archive: [WAD], which is [DOOM engine format].
> PHYSFS: Supported archive: [SLB], which is [I-War / Independence War Slab 
> file].
> PHYSFS: Supported archive: [ISO], which is [ISO9660 image file].
> PHYSFS: Supported archive: [VDF], which is [Gothic I/II engine format].
> D1X-Rebirth v0.58.1  Aug  3 2013 20:24:09
> This is a MODIFIED version of Descent, based on Registered v1.5 Jan 5, 1996.
> Copyright (C) 1994, 1995 Parallax Software Corporation
> DESCENT is a trademark of Interplay Productions, Inc.
> Copyright (C) 2005-2011 Christian Beckhaeuser
> 
> Getting settings from DESCENT.CFG...
> PHYSFS: Adding archives to the game.
> Using SDL_mixer library
> sdl-joystick: found 0 joysticks
> Going into graphics mode...
> OpenGL: vendor: X.Org
> OpenGL: renderer: AMD ARUBA (DRM 2.50.0 / 4.17.0-3-amd64, LLVM 6.0.1)
> OpenGL: version: 3.1 Mesa 18.1.7
> ogl_maxanisotropy:16.00
> Initializing palette system...
> Initializing font system...
> Sending event EVENT_WINDOW_ACTIVATED to window of dimensions 2048x1152
> Sending event EVENT_KEY_COMMAND:  ENTER
> Sending event EVENT_WINDOW_DEACTIVATED to window of dimensions 2048x1152
> Sending event EVENT_WINDOW_CLOSE to window of dimensions 2048x1152
> Sending event EVENT_WINDOW_ACTIVATED to window of dimensions 2048x1152
> Sending event EVENT_KEY_RELEASE:  ENTER
> Sending event EVENT_KEY_COMMAND:  ENTER
> Sending event EVENT_WINDOW_DEACTIVATED to window of dimensions 2048x1152
> Sending event EVENT_WINDOW_CLOSE to window of dimensions 2048x1152
> Sending event EVENT_WINDOW_ACTIVATED to window of dimensions 2048x1152
> Sending event EVENT_KEY_RELEASE:  ENTER
> Sending event EVENT_KEY_COMMAND:  ENTER
> Sending event EVENT_WINDOW_DEACTIVATED to window of dimensions 2048x1152
> Sending event EVENT_WINDOW_CLOSE to window of dimensions 2048x1152
> 
> Doing gamedata_init...
> Initializing texture caching system...
> Running game...
> Sending event EVENT_WINDOW_ACTIVATED to window of dimensions 888x862
> Sending event EVENT_WINDOW_DEACTIVATED to window of dimensions 888x862
> Sending event EVENT_WINDOW_ACTIVATED to window of dimensions 946x656
> Sending event EVENT_KEY_RELEASE:  ENTER
> Sending event EVENT_KEY_COMMAND:  ENTER
> Sending event EVENT_WINDOW_DEACTIVATED to window of dimensions 946x656
> Sending event EVENT_WINDOW_CLOSE to window of dimensions 946x656
> Sending event EVENT_WINDOW_ACTIVATED to window of dimensions 888x862
> Sending event EVENT_KEY_RELEASE:  ENTER
> Sending event EVENT_KEY_COMMAND:  UP
> Sending event EVENT_KEY_RELEASE:  UP
> Sending event EVENT_KEY_COMMAND:  ENTER
> Sending event EVENT_WINDOW_DEACTIVATED to window of dimensions 888x862
> Sending event EVENT_WINDOW_CLOSE to window of dimensions 888x862
> Sending event EVENT_WINDOW_ACTIVATED to window of dimensions 2048x1152
> Sending event EVENT_KEY_COMMAND:  ENTER
> Sending event EVENT_WINDOW_DEACTIVATED to window of dimensions 2048x1152
> Sending event EVENT_WINDOW_CLOSE to window of dimensions 2048x1152
> 
> Cleanup...
> bernhard@CR-Bernhard:~$ mc
> 

The normal ingame sound is working like shoots and explosions.

I also installed the additional packages:
- freepats (version 20060219-1)
- timidity (version 2.14.0-8)

If you need further informations, please let me know.

Best regards and thank you for the support.
Bernhard



signature.asc
Description: This is a digitally signed message part

Bug#860523: python-dogtail: /bin/sniff fails to start on a merged-/usr system

[Juhani Numminen]

Control: tags -1 patch

On Tue, 18 Apr 2017 09:20:58 +0200 intrig...@debian.org wrote:
> Hi!
> 
> I have usrmerge installed so sniff will be started from /bin/sniff
> by default. It fails like this:
> 
> Traceback (most recent call last):
>   File "/bin/sniff", line 783, in 
> main()
>   File "/bin/sniff", line 780, in main
> sniff = SniffApp()
>   File "/bin/sniff", line 65, in __init__
> self.app.set_icon_from_file(os.path.join(path, 
> 'share/icons/hicolor/scalable/apps/dogtail-head.svg'))
> Error: g-file-error-quark: Failed to open file 
> '/share/icons/hicolor/scalable/apps/dogtail-head.svg': No such file or 
> directory (4)
> 
> But starting /usr/bin/sniff explicitly works.
> 
> It looks like sniff is assuming too much wrt. the location of icons
> relatively to the location of the executable.

It seems to me the upstream made an effort to load data from
/usr/share even if the script is in /bin, they just got one
comparison wrong.

I hope you can test that the software still works with my patch
applied, as I don't use dogtail myself.


Cheers,
Juhani
Description: Comparison with is will always fail, use == instead
 Allows the script to be started as /bin/sniff, while the icon
 is located under /usr/share/.
Author: Juhani Numminen 
Bug-Debian: https://bugs.debian.org/860523
Forwarded: no
Last-Update: 2018-09-03

--- a/sniff/sniff
+++ b/sniff/sniff
@@ -60,7 +60,7 @@
 import os
 path = os.path.abspath(
 os.path.join(__file__, os.path.pardir, os.path.pardir))
-if path is '/':
+if path == '/':
 path = '/usr'
 self.app.set_icon_from_file(os.path.join(path, 'share/icons/hicolor/scalable/apps/dogtail-head.svg'))
 self.setUpWidgets()

Bug#907845: Warn if compat level 11 is used and dh_system_*-arch helpers are used too

[Chris Lamb]

tags 907845 + pending
retitle 907845 lintian: Warn if compat level 11 is used and dh_system_*-arch 
helpers are used too
thanks

> I wonder why it didn't trigger for sysstat
> https://salsa.debian.org/debian/sysstat/blob/master/debian/rules#L68
>
> Is the -arch prefix confusing lintian?

Indeed. Now fixed in Git, pending upload:

  
https://salsa.debian.org/lintian/lintian/commit/c4923ba1353f6238955bef6f6c0a4c2175f010cf

  checks/debhelper.pm| 2 +-
  debian/changelog   | 3 +++
  t/tests/rules-uses-deprecated-systemd-override/debian/debian/rules | 3 +++
  t/tests/rules-uses-deprecated-systemd-override/tags| 1 +
  4 files changed, 8 insertions(+), 1 deletion(-)


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#907493: ghostscript causes multiple autopkgtests to time out

[Paul Gevers]

Hi Jonas, all,

Does ghostscript and/or cups do anything with ssl? I can't find it in
the (build) depends, nor in the build log, but somehow, somewhere the
"topsecret.pdf" name and other tests that time out due to it triggered
something in my mind. This is not unlikely to be a red haring, but here
it goes.

Openssl in unstable is updated some time ago to upstream version 1.1.1.
See
https://wiki.debian.org/ContinuousIntegration/TriagingTips/openssl-1.1.1,
which contains:
'''
TLS 1.3 has lots of changes that might cause issues. See
https://wiki.openssl.org/index.php/TLS1.3 for more information.

One of those changes may cause time out:

SSL_MODE_AUTO_RETRY is enabled by default. Applications that use
blocking I/O in combination with something like select() or poll() will
hang. This can be turned off again using SSL_CTX_clear_mode().
Many applications do not properly handle non-application data records,
and TLS 1.3 sends more of such records. Setting SSL_MODE_AUTO_RETRY
works around the problems in those applications, but can also break
some. It's recommended to read the manpages about SSL_read(),
SSL_write(), SSL_get_error(), SSL_shutdown(), SSL_CTX_set_mode() and
SSL_CTX_set_read_ahead() again.
'''

If this would be true, than building the package in testing as opposed
to unstable should not have the time out issue. I think that is
something that could be tested.

Paul



signature.asc
Description: OpenPGP digital signature

Bug#907123: [Ceph-maintainers] Bug#907123: Ceph Mimic v13.2.x long term stable release series

[Gaudenz Steinlin]

Hi Milan

Milan Kupcevic  writes:

> Package: ceph
> Version: 10.2.5-7.2
> Severity: normal
>
>
> Please update ceph package to Mimic v13.2.x long term stable release
> series.[0]

Thanks for your report. I'm aware of the new release. As an upgrade from
Jewel to Mimic directly is not supported I would like to first get at
least one usable version of Luminous into the Debian archive. This way
we can point users at least to packages on snapshots.debian.org for the
Upgrade from Stretch to Buster.

I'm currently working on this. The progress can be seen in the
luminous/wip-gaudenz branch on salsa.debian.org.

The ceph maintainers team currently only consists of myself. I would be
happy to have more people on the team. Are you interested?

Gaudenz
-- 
PGP: 836E 4F81 EFBB ADA7 0852 79BF A97A 7702 BAF9 1EF5

Bug#907862: gtkpod segfaults on startup

[Bernhard Übelacker]

Hello,
just tried to get some more information from this backtrace.


This is what I assume the last frames look like when not optimizing:
g_type_check_value_holds
playcounts_plist_read, line 1115
playcounts_init
itdb_parse_internal
...
main


playcounts_plist_read:
...
1114for (i = 0; i < array->len; i++) {
1115   if (!G_VALUE_HOLDS (g_array_index (array, GValue *, i), 
G_TYPE_HASH_TABLE)) {
1116  continue;
...


Unfortunately without having the hardware and debugging a live process
or getting a core dump, investigation would stop here.

One can let create core dumps by installing the systemd-coredump package.

Kind regards,
Bernhard

# from the bug report:

(gdb) bt
#0  0x7652b57d in g_type_check_value_holds () at 
/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#1  0x75da5319 in  () at /usr/lib/x86_64-linux-gnu/libgpod.so.4
#2  0x75daa1f3 in itdb_parse () at 
/usr/lib/x86_64-linux-gnu/libgpod.so.4
#3  0x77d6268d in gp_import_itdb () at 
/usr/lib/x86_64-linux-gnu/libgtkpod.so.1
#4  0x77d63268 in gp_load_ipod () at 
/usr/lib/x86_64-linux-gnu/libgtkpod.so.1
#5  0x77d7b64f in  () at /usr/lib/x86_64-linux-gnu/libgtkpod.so.1
#6  0x76c790a0 in  () at /usr/lib/x86_64-linux-gnu/libgdk-3.so.0
#7  0x7622bb73 in  () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#8  0x7622b0f5 in g_main_context_dispatch () at 
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#9  0x7622b4c0 in  () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#10 0x7622b7d2 in g_main_loop_run () at 
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#11 0x77171e85 in gtk_main () at /usr/lib/x86_64-linux-gnu/libgtk-3.so.0
#12 0xc833 in main ()


apt install xserver-xorg sddm openbox gdb gtkpod-dbg libgtk-3-0-dbgsym 
libglib2.0-0-dbgsym libgtk-3-0-dbgsym libgpod4-dbgsym
apt install dpkg-dev devscripts


mkdir libgpod4/orig -p
cdlibgpod4/orig
apt source libgpod4
cd ../..



export DISPLAY=:0
gdb -q --args gtkpod

set height 0
set width 0
set pagination off
directory /home/benutzer/libgpod4/orig/libgpod-0.8.3/bindings/python/examples
run


disassemble main
disassemble gtk_main
disassemble g_main_loop_run
disassemble g_main_context_iterate
disassemble g_main_context_dispatch
disassemble 0x7622bb73-0x20,+0x7622bb73+0x10
disassemble gp_load_ipod
disassemble gp_import_itdb
disassemble itdb_parse
disassemble itdb_parse_internal
disassemble g_type_check_value_holds



#00x7636057d <+61>:testb  $0x8,0x16(%rbx)

#10x75bda314 <+4676>:  callq  0x75bc9540 

  0x75bda319 <+4681>:  test   %eax,%eax

#20x75bdf1ee <+78>:callq  0x75bd90d0 
  0x75bdf1f3 <+83>:mov%rbx,%rdi

#30x77d94688 <+552>:   callq  0x77d84b50 
  0x77d9468d <+557>:   mov%rax,%rbp

#40x77d95263 <+547>:   callq  0x77d85130 
  0x77d95268 <+552>:   mov%rax,%r13

#5???

#6???

#7???

#80x760600f3 <+339>:   callq  *%rax ???
  0x760600f5 <+341>:   mov0x18(%rsp),%rcx

#9   0x760604bb <+507>:   callq  0x7605ffa0 

  0x760604c0 <+512>:   jmpq   0x760603ee 


#10   0x760607cd <+189>:   callq  0x760602c0 

  0x760607d2 <+194>:   mov0x8(%rbx),%eax

#11   0x76fa6e80 <+128>:   callq  0x76dfe110 
  0x76fa6e85 <+133>:   callq  0x76dff6f0 

#12   0xc82e <+286>:   callq  0xb610 
  0xc833 <+291>:   xor%eax,%eax

  

disassemble /m 0x75bda314-0x100,0x75bda314+0x20
...
1114for (i = 0; i < array->len; i++) {
   0x75bda2d4 :   mov0x8(%rax),%ecx
   0x75bda2d7 :   test   %ecx,%ecx
   0x75bda2d9 :   je 0x75bda472 

   0x75bda2df :   mov%r13,0x38(%rsp)
   0x75bda2e4 :   mov0x30(%rsp),%r13
   0x75bda2e9 :   mov%rax,%rbp
   0x75bda2ec :   mov%ebx,0x30(%rsp)
   0x75bda2f0 :   mov%r12,0x40(%rsp)
   0x75bda2f5 :   nopl   (%rax)

1115   if (!G_VALUE_HOLDS (g_array_index (array, GValue *, i), 
G_TYPE_HASH_TABLE)) {
   0x75bda2f8 :   mov0x0(%rbp),%rax
   0x75bda2fc :   mov
(%rax,%r14,8),%rbx
   0x75bda300 :   test   %rbx,%rbx
   0x75bda303 :   je 0x75bda456 

   0x75bda309 :   cmp(%rbx),%r13
   0x75bda30c :   je 0x75bda321 

   0x75bda30e :   mov%r13,%rsi
   0x75bda311 :   mov%rbx,%rdi
   0x75bda314 :   callq  0x75bc9540 

   0x75bda319 :   test   %eax,%eax
   0x75bda31b :   je 0x75bda456 


1116  continue;
1117   }
1118
1119   track_dict = g_value_get_boxed (g_array_index (array, 

Bug#907893: elpa-ess: R-initialize-on-start looks for .load.R in the wrong place

[Zack Weinberg]

Package: elpa-ess
Version: 17.11-5
Severity: normal

When you start an R process from inside ESS, it's supposed to load a
file ".load.R" that, among other things, sets it up so C-c C-v works.
R-initialize-on-start is looking for this file in the wrong place.
I get these error messages in *Messages*:

Type C-h m for help on ESS version 17.11
Cannot read history file /home/zack/.Rhistory
ess-tracebug mode enabled
load ESSR: + + + Error in file(filename, "r", encoding = encoding) : 
  cannot open the connection
In addition: Warning message:
In file(filename, "r", encoding = encoding) :
  cannot open file ’/usr/share/ess/etc/ESSR/R/.load.R’: No such file or 
directory

The directory /usr/share/ess does not exist.
The package has actually installed .load.R in
/usr/share/emacs/site-lisp/elpa-src/ess-17.11/etc/ESSR/R/.load.R
If I manually do

source("/usr/share/emacs/site-lisp/elpa-src/ess-17.11/etc/ESSR/R/.load.R")
load.ESSR("/usr/share/emacs/site-lisp/elpa-src/ess-17.11/etc/ESSR/R")

then C-c C-v starts working again.

The bad path is coming from the 'ess-etc-directory' variable.  C-h v says:

ess-etc-directory is a variable defined in ‘ess-site.el’.
Its value is "/usr/share/ess/etc/"

However, the string 'ess-etc-directory' does not appear anywhere in
ess-site.el.  It appears actually to be defined in ess-utils.el, but
if I try to re-execute the code in ess-utils.el that sets its value,
that doesn't work either:

ERROR:ess-site.el:ess-etc-directory
Relative to ess-lisp-directory, one of the following must exist:
../etc/ess, ../etc, ../../etc/ess or ./etc

C-h v ess-lisp-directory says:

ess-lisp-directory is a variable defined in ‘ess-site.el’.
Its value is "/usr/share/emacs/site-lisp/ess"

That directory does exist, but it's not part of the package and I
don't know how to debug this any further. In case it helps:

$ ls -l /usr/share/emacs/site-lisp/ess
total 1224
-rw-r--r-- 1 root root   1670 Aug 18 11:30 ess-arc-d.elc
-rw-r--r-- 1 root root   6913 Aug 18 11:30 ess-bugs-d.elc
-rw-r--r-- 1 root root   7732 Aug 18 11:30 ess-bugs-l.elc
-rw-r--r-- 1 root root   1275 Aug 18 11:30 ess-compat.elc
-rw-r--r-- 1 root root   1022 Aug 18 11:30 ess-comp.elc
-rw-r--r-- 1 root root  92727 Aug 18 11:30 ess-custom.elc
-rw-r--r-- 1 root root   5008 Aug 18 11:30 ess-dde.elc
-rw-r--r-- 1 root root   1483 Aug 18 11:30 ess-debug.elc
-rw-r--r-- 1 root root   6471 Aug 18 11:30 essd-els.elc
-rw-r--r-- 1 root root   2658 Aug 18 11:30 ess.elc
-rw-r--r-- 1 root root551 Aug 18 11:30 ess-eldoc.elc
-rw-r--r-- 1 root root   4222 Aug 18 11:30 ess-font-lock.elc
-rw-r--r-- 1 root root   3457 Aug 18 11:30 ess-generics.elc
-rw-r--r-- 1 root root  17029 Aug 18 11:30 ess-gretl.elc
-rw-r--r-- 1 root root  30779 Aug 18 11:30 ess-help.elc
-rw-r--r-- 1 root root  95795 Aug 18 11:30 ess-inf.elc
-rw-r--r-- 1 root root   3242 Aug 18 11:30 ess-install.elc
-rw-r--r-- 1 root root   6140 Aug 18 11:30 ess-jags-d.elc
-rw-r--r-- 1 root root  15544 Aug 18 11:30 ess-julia.elc
-rw-r--r-- 1 root root   1282 Aug 18 11:30 ess-lsp-l.elc
-rw-r--r-- 1 root root  28374 Aug 18 11:30 ess-mode.elc
-rw-r--r-- 1 root root   6168 Aug 18 11:30 ess-mouse.elc
-rw-r--r-- 1 root root   2436 Aug 18 11:30 ess-noweb.elc
-rw-r--r-- 1 root root   7374 Aug 18 11:30 ess-noweb-font-lock-mode.elc
-rw-r--r-- 1 root root  46287 Aug 18 11:30 ess-noweb-mode.elc
-rw-r--r-- 1 root root   2527 Aug 18 11:30 ess-omg-d.elc
-rw-r--r-- 1 root root   2880 Aug 18 11:30 ess-omg-l.elc
-rw-r--r-- 1 root root526 Aug 18 11:30 ess-pkg.elc
-rw-r--r-- 1 root root   2792 Aug 18 11:30 ess-r-a.elc
-rw-r--r-- 1 root root   2901 Aug 18 11:30 ess-r-args.elc
-rw-r--r-- 1 root root  15170 Aug 18 11:30 ess-r-completion.elc
-rw-r--r-- 1 root root  14133 Aug 18 11:30 ess-rd.elc
-rw-r--r-- 1 root root  10279 Aug 18 11:30 ess-rdired.elc
-rw-r--r-- 1 root root   6136 Aug 18 11:30 ess-r-gui.elc
-rw-r--r-- 1 root root  63776 Aug 18 11:30 ess-r-mode.elc
-rw-r--r-- 1 root root  30334 Aug 18 11:30 ess-roxy.elc
-rw-r--r-- 1 root root  16162 Aug 18 11:30 ess-r-package.elc
-rw-r--r-- 1 root root  40232 Aug 18 11:30 ess-r-syntax.elc
-rw-r--r-- 1 root root  11715 Aug 18 11:30 ess-rutils.elc
-rw-r--r-- 1 root root   1785 Aug 18 11:30 ess-s3-d.elc
-rw-r--r-- 1 root root   1914 Aug 18 11:30 ess-s4-d.elc
-rw-r--r-- 1 root root  38396 Aug 18 11:30 ess-sas-a.elc
-rw-r--r-- 1 root root   6830 Aug 18 11:30 ess-sas-d.elc
-rw-r--r-- 1 root root  41313 Aug 18 11:30 ess-sas-l.elc
-rw-r--r-- 1 root root   1283 Aug 18 11:30 ess-send2.elc
-rw-r--r-- 1 root root   1121 Aug 18 11:30 ess-send.elc
-rw-r--r-- 1 root root   3821 Aug 18 11:30 ess-site.elc
-rw-r--r-- 1 root root  19292 Aug 18 11:30 ess-s-lang.elc
-rw-r--r-- 1 root root   2001 Aug 18 11:30 ess-sp3-d.elc
-rw-r--r-- 1 root root  11131 Aug 18 11:30 ess-sp4-d.elc
-rw-r--r-- 1 root root   2024 Aug 18 11:30 ess-sp5-d.elc
-rw-r--r-- 1 root root   7989 Aug 18 11:30 ess-sp6-d.elc
-rw-r--r-- 1 root root  17563 Aug 18 11:30 ess-sp6w-d.elc
-rw-r--r-- 1 root root  22380 Aug 18 11:30 

Bug#904669: xmds2: autopkgtest times out since 2018-07-19

[Paul Gevers]

Hi Rafael,

On 03-09-18 09:51, Rafael Laboissière wrote:
>> I'll manually trigger a run (actually already did before even checking
>> if the package was available). If it succeeds, I'll lift the blacklist.
> 
> Did it work?

Without wanting to sound too confident I say: of course not, as version
-10 was tested.

> Unfortunately, the autobuild failed [*].  It is certainly
> a problem related to MPI and it is very hard to debug.  I was convinced
> that I have fixed it in version 2.2.3+dfsg-11 of the package.

I just noticed. I'll be waiting for the next version to test then.

Paul



signature.asc
Description: OpenPGP digital signature

Bug#907892: libcache-memcached-fast-perl: upstream URL update

[Matt Taggart]

Package: libcache-memcached-fast-perl
Version: 0.25-1

Hi,
The upstream URLs listed in control (and also the upstream README) are
out of date.

The page in control: http://openhack.ru/Cache-Memcached-Fast
doesn't seem to work anymore.

In README:
http://search.cpan.org/dist/Cache-Memcached-Fast/ now redirects to
https://metacpan.org/release/Cache-Memcached-Fast

https://github.com/kroki/Cache-Memcached-Fast now now redirects to
https://github.com/JRaspass/Cache-Memcached-Fast

For Homepage I guess use the metacpan page?

Thanks,

-- 
Matt Taggart
tagg...@debian.org




signature.asc
Description: OpenPGP digital signature

Bug#907889: Uses --without systemd and overrides for dh_installsystemd

[Michael Biebl]

On Mon, 03 Sep 2018 19:07:40 +0200 Michael Biebl  wrote:

> My suggestion:
> - Add a debian/compat containing 11

I was just pointed at
https://nthykier.wordpress.com/2018/03/04/prototyping-a-new-packaging-papercut-fix-dry-debhelper-compat-level/
So this point is moot

> - Drop --without systemd from dh arguments

I think this point still holds though. See the debhelper man page
"
The dh_systemd_enable and dh_systemd_start helpers have been replaced by
the new
dh_installsystemd helper.  For the same reason, the systemd sequence for
dh has also been
removed.  If you need to disable the dh_installsystemd helper tool,
please use an empty
override target.
"



-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#907891: perl: MIME-Q (RFC2047 eMail header) encoding broken since post-stretch

[Thorsten Glaser]

Package: perl
Version: 5.26.2-7
Severity: normal

(sid)$ printf '%s' 'Subject: UNNAMED PROJECT branch bnewplus updated. 
f9dfb215c29bc17b5ca12c0e8bb509aa4949787e' | perl -C7 -0777 -Mutf8 -MEncode -e 
"print encode('MIME-Q', <>);"; echo
=?UTF-8?Q?Subject=3A_UNNAMED_PROJECT_branch_bnewplus_updated=2E_f9dfb215c?=
 =?UTF-8?Q?29bc17b5ca12c0e8bb509aa4949787e?=

In stretch, this was… questionable, but still valid:

(stretch)$ printf '%s' 'Subject: UNNAMED PROJECT branch bnewplus updated. 
f9dfb215c29bc17b5ca12c0e8bb509aa4949787e' | perl -C7 -0777 -Mutf8 -MEncode -e 
"print encode('MIME-Q', <>);"; echo
Subject: =?UTF-8?Q?UNNAMED=20PROJECT=20branc?=
 =?UTF-8?Q?h=20bnewplus=20updated=2E=20f?= =?UTF-8?Q?9dfb215c29bc17b5ca12c?=
 =?UTF-8?Q?0e8bb509aa4949787e?=

In jessie, it recognised there was nothing to encode,
but still decided to wrap; unconventional but valid:

(jessie)$ printf '%s' 'Subject: UNNAMED PROJECT branch bnewplus updated. 
f9dfb215c29bc17b5ca12c0e8bb509aa4949787e' | perl -C7 -0777 -Mutf8 -MEncode -e 
"print encode('MIME-Q', <>);"; echo
Subject:
  UNNAMED PROJECT branch bnewplus updated. 
f9dfb215c29bc17b5ca12c0e8bb509aa4949787e

In MirBSD, this worked well:

(mirbsd)$ perl -v | sed /./q

This is perl, v5.8.8 built for i386-mirbsd
(mirbsd)$ printf '%s' 'Subject: UNNAMED PROJECT branch bnewplus updated. 
f9dfb215c29bc17b5ca12c0e8bb509aa4949787e' | perl -C7 -0777 -Mutf8 -MEncode -e 
"print encode('MIME-Q', <>);"; echo
Subject: UNNAMED PROJECT branch bnewplus updated.
  f9dfb215c29bc17b5ca12c0e8bb509aa4949787e

As I said in #879204, #879205, #787512, #881955, #787511,
#787513, #819155 (wow, is the list getting long), so far,
PHP seems to be the only ones getting it right (5 and 7.2):

(sid)$ printf '%s' 'Subject: UNNAMED PROJECT branch bnewplus updated. 
f9dfb215c29bc17b5ca12c0e8bb509aa4949787e' | php5 -r 
'mb_internal_encoding("UTF-8"); echo 
mb_encode_mimeheader(file_get_contents("php://stdin"), "UTF-8", "Q", "\012");'; 
echo
Subject: UNNAMED PROJECT branch bnewplus updated.
 f9dfb215c29bc17b5ca12c0e8bb509aa4949787e
(sid)$ printf '%s' 'Subject: UNNAMED PROJECT branch bnewplus updated. 
f9dfb215c29bc17b5ca12c0e8bb509aa4949787e' | php7.2 -r 
'mb_internal_encoding("UTF-8"); echo 
mb_encode_mimeheader(file_get_contents("php://stdin"), "UTF-8", "Q", "\012");'; 
echo
Subject: UNNAMED PROJECT branch bnewplus updated.
 f9dfb215c29bc17b5ca12c0e8bb509aa4949787e

This breaks my git post-receive-hook eMail sending script,
which uses the Perl way by default to encode the Subject
header (among others) as it’s the only one installed by
default, and people rightfully wish to avoid installing PHP.


-- System Information:
Debian Release: buster/sid
  APT prefers unreleased
  APT policy: (500, 'unreleased'), (500, 'buildd-unstable'), (500, 'unstable'), 
(100, 'experimental')
Architecture: x32 (x86_64)
Foreign Architectures: i386, amd64

Kernel: Linux 4.17.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=C (charmap=UTF-8)
Shell: /bin/sh linked to /bin/lksh
Init: sysvinit (via /sbin/init)

Versions of packages perl depends on:
ii  dpkg   1.19.0.5+b1
ii  libperl5.265.26.2-7
ii  perl-base  5.26.2-7
ii  perl-modules-5.26  5.26.2-7

Versions of packages perl recommends:
ii  netbase  5.4

Versions of packages perl suggests:
ii  libterm-readline-gnu-perl  1.35-4
ii  make   4.2.1-1.2
ii  perl-doc   5.26.2-7

-- no debconf information

Bug#907753: gnome-shell: Shell crash after blank screen

[Michael Ott]

Hi Simon!

On Sat, 01 Sep 2018 at 14:39:26 +0200, Michael Ott wrote:
> > 1. Screen is blank
> > 2. Press any key
> 
> Please give a specific example of the key you press? You will get
> different results if you press a modifier key like Shift (screen
> wakes
> up but password prompt does not appear), or a key that could be part
> of
> your password like "a" (password prompt appears and that letter is
> typed
> into the password box).
For example my box resumed from suspend. The lock screen image is
visible. I press space to get to my desktop. 
> 
> > 3. Wipe to close screen saver picture
> 
> What exactly do you mean by "wipe"? Click the mouse button and drag
> upwards? Click the mouse button and drag downwards? Touch a
> touchscreen
> and drag in some direction?
Nearly the same as on the last "chapter". I want to "close" the lock
screen.

> > 4. Gnome shell start again like alt + F2 and r
> 
> Please look for more information about this crash in the systemd
> journal
> or in /var/log/syslog, and send it to the bug report.
I will add the syslog file after the resume is finished.


> 
A backtrace from the crash is also likely to be useful. Since you are
using systemd, here is a convenient way to get backtraces:

- Install the systemd-coredump package
- Enable the debug archive
  
https://wiki.debian.org/HowToGetABacktrace#Installing_the_debugging_symbols
  and install relevant debug symbols
- Reproduce the bug, causing the crash to happen
- Use "coredumpctl gdb" to debug the most recent core dump
- Use the "bt" command as in
  https://wiki.debian.org/HowToGetABacktrace#Running_gdb
This i will try the next time

CU
  Michael
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) systemd-logind: got resume for 13:71
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) systemd-logind: got resume for 13:70
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) systemd-logind: got resume for 13:69
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) systemd-logind: got resume for 13:64
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) systemd-logind: got resume for 13:68
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) systemd-logind: got resume for 13:66
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) systemd-logind: got resume for 226:0
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) AIGLX: Resuming AIGLX clients after VT switch
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) modeset(0): EDID vendor "LGD", prod id 1005
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) modeset(0): Printing DDC gathered Modelines:
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) modeset(0): Modeline "1366x768"x0.0   74.80  1366 1414 1446 1578  768 770 775 790 -hsync -vsync (47.4 kHz eP)
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) event2  - Power Button: is tagged by udev as: Keyboard
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) event2  - Power Button: device is a keyboard
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) event5  - Logitech USB Receiver: is tagged by udev as: Mouse
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) event5  - Logitech USB Receiver: device is a pointer
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) event6  - Logitech USB Receiver: is tagged by udev as: Keyboard
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) event6  - Logitech USB Receiver: device is a keyboard
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) event0  - AT Translated Set 2 keyboard: is tagged by udev as: Keyboard
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) event0  - AT Translated Set 2 keyboard: device is a keyboard
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (--) synaptics: SynPS/2 Synaptics TouchPad: touchpad found
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) event7  - TPPS/2 IBM TrackPoint: is tagged by udev as: Mouse Pointingstick
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) event7  - TPPS/2 IBM TrackPoint: trackpoint does not have a specified range, guessing... see https://wayland.freedesktop.org/libinput/doc/1.11.3/trackpoints.html
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) event7  - TPPS/2 IBM TrackPoint: trackpoint device set to range 31
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) event7  - TPPS/2 IBM TrackPoint: device is a pointer
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) systemd-logind: got resume for 13:86
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) event22 - Integrated Camera: Integrated C: is tagged by udev as: Keyboard
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) event22 - Integrated Camera: Integrated C: device is a keyboard
Sep  3 18:59:10 k-c13 /usr/lib/gdm3/gdm-x-session[]: (II) systemd-logind: got resume for 13:67
Sep  3 18:59:10 

Bug#907890: lockfile-progs: Please add Multi-Arch: foreign

[Elrond]

Package: lockfile-progs
Version: 0.1.17+b1
Severity: wishlist
User: multiarch-de...@lists.alioth.debian.org
Usertags: multiarch

Hi,

It looks like lockfile-progs offers an
architecture independent (process/cli level) interface
to its users.
Would you mind setting it to Multi-Arch: foreign?
It's usually a matter of adding one line to debian/control.

This would hopefully improve install options for different
architectures.  Like for example using the x32 variant on a
mixed amd64/x32 system.


Cheers

Elrond

Bug#907889: Uses --without systemd and overrides for dh_installsystemd

[Michael Biebl]

Source: dante
Version: 1.4.2+dfsg-3
Severity: normal

Hi,

I noticed that your package uses dh '@' --without systemd
and at the same time overrides for dh_installsystemd.
As you are using dh_installsystemd, it means you must be using dh compat
11 (btw, you should add a debian/compat for that).
But in compat level 11, the systemd sequence has been removed, so it's
rather pointless to have a --without systemd.

My suggestion:
- Add a debian/compat containing 11
- Drop --without systemd from dh arguments


-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (200, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.17.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#907886: sshpubkeys: Please package the newest upstream release

[Vincent Bernat]

 ❦  3 septembre 2018 17:07 +0200, Nicolas Braud-Santoni 
:

> Hi Vincent !
>
> Upstream released a new (major) version, that is stricter on which SSH keys
> it will accept, in February.  I think this will eventually cause issues if
> we keep shipping sshpubkeys 2.x when people might expect 3.x
>
> Could you please package the newest version?

Yes. I can't do anything until next week-end. If you have the rights,
feel free to upload a new version.
-- 
AWAKE! FEAR! FIRE! FOES! AWAKE!
FEAR! FIRE! FOES!
AWAKE! AWAKE!
-- J. R. R. Tolkien


signature.asc
Description: PGP signature

Bug#896810: Packaging node-lemonldap-ng-handler

[Xavier]

Dear ftp masters,

here is a resume of dependencies of node-* packages needed for
node-lemonldap-ng-handler.

node-lemonldap-ng-handler is an alternative engine for lemonldap-ng
Web-SSO (when used with Nginx). It will be usable also to provide
SSO-as-a-Service which comes with lemonldap-ng 2.0 (will be released
around 2018-10).

Here is the tree of its dependencies (new only):

* Required:
  - node-file-cache-simple:
- node-fs-jetpack
  - node-inireader
  - js-md5
  - aes-js

* Recommended
  - node-modern-syslog

Session backends are inspired from Apache::Session (Perl) to be
compliant with lemonldap-ng. Usr has to choose between: File (native),
LDAP, SQL or MongoDB. Theses new packages are proposed in this goal:
- node-ldap-client
- node-nodedbi
- node-mongodb:
  - node-mongodb-core:
- node-bson
- node-require-optional
  - node-bson (build)

I hope this resume will clarify this proposed packages. Some of them
will be also useful for many other packages (node-nodedbi,
node-ldap-client, node-mongodb,...)

Best regards,
Xavier

Bug#907807: After upgrading to OpenSSL 1.1.1, many sites are unreachable

[Antoine Beaupré]

On 2018-09-03 18:17:07, Vincent Bernat wrote:
>  ❦  3 septembre 2018 09:49 -0400, Antoine Beaupré :
>
>>> Since the upgrade to OpenSSL 1.1.1pre9 in sid, linkchecker is unable
>>> to check many sites including:
>>>
>>>  - ones without SNI
>
> Don't remember for this one.
>
>>>  - ones with DH parameters too small
>
> Result:  SSLError: HTTPSConnectionPool(host='www.nada.kth.se', port=443): Max 
> retries exceeded with url: 
> /~snilsson/publications/IP-address-lookup-using-LC-tries/ (Caused by 
> SSLError(SSLError(1, u'[SSL: DH_KEY_TOO_SMALL] dh key too small (_ssl.c:726...
>
>>>  - ones using TLS 1.0
>
> Result:  SSLError: HTTPSConnectionPool(host='caniuse.com', port=443): Max 
> retries exceeded with url: / (Caused by SSLError(SSLError(1, u'[SSL: 
> VERSION_TOO_LOW] version too low (_ssl.c:726)'),))
>
>>>  - ones still using SHA1 for the signature (get.adobe.com)
>
> Result:  SSLError: HTTPSConnectionPool(host='get.adobe.com', port=443): Max 
> retries exceeded with url: /flashplayer/?loc=fr (Caused by 
> SSLError(SSLError(1, u'[SSL: WRONG_SIGNATURE_TYPE] wrong signature type 
> (_ssl.c:726)'),))

Thanks!

-- 
Il n'existe aucune limite sacrée ou non à l'action de l'homme dans
l'univers. Depuis nos origines nous avons le choix: être aveuglé par
la vérité ou coudre nos paupières.
- [no one is innocent]

Bug#905885: diffoscope: skipping tests on ci.debian.net is perhaps wrong?

[Holger Levsen]

Control: retitle -1 'allow to override @skip_unless_tools_exist during tests 
and fail the test if the tool is missing'


-- 
cheers,
Holger

---
   holger@(debian|reproducible-builds|layer-acht).org
   PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C

Bug#907863: libeclipse-osgi-java, libequinox-osgi-java: error when trying to install together

[Emmanuel Bourg]

Le 03/09/2018 à 17:29, Markus Koschany a écrit :

> Just updating libequinox-osgi-java would have been
> a straightforward solution.

I agree this is mostly a change in the name of the binary package. I
could have kept the libequinox-osgi-java name with some contortions and
avoid updating the reverse dependencies, or at least provide a dummy
transitional package in src:equinox-framework.

However updating src:libequinox-osgi-java was not possible with the
packaging strategy adopted, because the eclipse-osgi bundle is just a
small part of the wider equinox-framework project, and I opted to use
the whole project as the upstream source instead of cutting source
packages at the bundle level. There is now a 1:1 mapping between the
upstream Git repositories and the Debian source packages (which allows
perfect debian/watch tracking), and there is a 1:1 mapping between the
OSGi bundles and the Debian binary packages (with the name of the
package derived automatically from the bundle name).

This model allowed me to efficiently package ~60 bundles so far with a
uniform naming and versioning scheme. And we could have even more
bundles in the future if we go deeper in the Eclipse ecosystem
(equinox-p2 alone could add ~50 bundles). From this perspective the fate
of a single bundle is not that significant, but I should have better
explained.

Bug#907888: opopenssl: Breaks wpa_supplicant (and NetworkManager) which fail with error "ee key too small"

[Gianpaolo Cugola]

Package: openssl
Version: 1.1.1~~pre9-1
Severity: important

Dear Maintainer,
version 1.1.1~~pre9-1 of the openssl package breaks wpa_supplicant (and
NetworkManager) when using EAP TLS connections. In particular, launching:

> wpa_supplicant -dd -i wlp2s0 -c ./eduroam.conf

where /eduroam.conf is:

network={
  ssid="eduroam"
  key_mgmt=WPA-EAP
  pairwise=CCMP
  group=CCMP TKIP
  eap=TLS
  ca_cert="/tmp/ca.pem"
  identity="x...@xxx.xx"
  domain_suffix_match="wifi.polimi.it"
  private_key="/tmp/wifiCert_nopass.p12"
  private_key_passwd=""
}

I get the error (excerpt of the wpa_supplicant log, with username changed to
avoid disclosing sensitive info)

...
EAP: EAP entering state GET_METHOD
wlp2s0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=13
EAP: Status notification: accept proposed method (param=TLS)
EAP: Initialize selected EAP method: vendor 0 method 13 (TLS)
TLS: using phase1 config options
TLS: Trusted root certificate(s) loaded
TLS: Successfully parsed PKCS12 data
TLS: Got certificate from PKCS12:
subject='/C=IT/ST=Lombardia/L=Milano/O=Politecnico di Milano/OU=Area
Sistemi ICT/CN=x...@xxx.xx'
TLS: Got private key from PKCS12
TLS - SSL error: error:140C618F:SSL routines:SSL_use_certificate:ee key too
small
OpenSSL: tls_connection_private_key - Failed to load private key
error::lib(0):func(0):reason(0)
TLS: Failed to load private key '/home/cugola/wifiCert_nopass.p12'
TLS: Failed to set TLS connection parameters
ENGINE: engine deinit
...

If I go back to openssl_1.1.0h-4_amd64.deb everything works fine. Here is
the same excerpt above when old version of the package is used:

...
EAP: EAP entering state GET_METHOD
wlp2s0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=13
EAP: Status notification: accept proposed method (param=TLS)
EAP: Initialize selected EAP method: vendor 0 method 13 (TLS)
TLS: using phase1 config options
TLS: Trusted root certificate(s) loaded
TLS: Successfully parsed PKCS12 data
TLS: Got certificate from PKCS12:
subject='/C=IT/ST=Lombardia/L=Milano/O=Politecnico di Milano/OU=Area
Sistemi ICT/CN=x...@xxx.xx'
TLS: Got private key from PKCS12
OpenSSL: Reading PKCS#12 file --> OK
SSL: Private key loaded successfully
wlp2s0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 13 (TLS) selected
EAP: EAP entering state METHOD
...

Please, do not hesitate contacting me for further tests.

Regards
  G.

-- System Information:
Debian Release: buster/sid
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'unstable'), (500, 'testing'),
(500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.18.5-xps13 (SMP w/8 CPU cores; PREEMPT)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8),
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages openssl depends on:
ii  libc6  2.27-5
ii  libssl1.1  1.1.1~~pre9-1

openssl recommends no packages.

Versions of packages openssl suggests:
ii  ca-certificates  20180409

-- no debconf information

Bug#907807: After upgrading to OpenSSL 1.1.1, many sites are unreachable

[Vincent Bernat]

 ❦  3 septembre 2018 09:49 -0400, Antoine Beaupré :

>> Since the upgrade to OpenSSL 1.1.1pre9 in sid, linkchecker is unable
>> to check many sites including:
>>
>>  - ones without SNI

Don't remember for this one.

>>  - ones with DH parameters too small

Result:  SSLError: HTTPSConnectionPool(host='www.nada.kth.se', port=443): Max 
retries exceeded with url: 
/~snilsson/publications/IP-address-lookup-using-LC-tries/ (Caused by 
SSLError(SSLError(1, u'[SSL: DH_KEY_TOO_SMALL] dh key too small (_ssl.c:726...

>>  - ones using TLS 1.0

Result:  SSLError: HTTPSConnectionPool(host='caniuse.com', port=443): Max 
retries exceeded with url: / (Caused by SSLError(SSLError(1, u'[SSL: 
VERSION_TOO_LOW] version too low (_ssl.c:726)'),))

>>  - ones still using SHA1 for the signature (get.adobe.com)

Result:  SSLError: HTTPSConnectionPool(host='get.adobe.com', port=443): Max 
retries exceeded with url: /flashplayer/?loc=fr (Caused by SSLError(SSLError(1, 
u'[SSL: WRONG_SIGNATURE_TYPE] wrong signature type (_ssl.c:726)'),))
-- 
I'll burn my books.
-- Christopher Marlowe


signature.asc
Description: PGP signature

Bug#907887: dnsmasq: Update root DNSSEC trust anchor in stretch and jessie

[Moritz Muehlenhoff]

On Mon, Sep 03, 2018 at 05:18:41PM +0200, Santiago R.R. wrote:
> Source: dnsmasq
> Version: 2.72-3+deb8u2
> Severity: important
> Tags: patch
> 
> Hi Simon,
> 
> The DNS Root Key Signing Key (KSK) Rollover is scheduled for 11 October
> 2018 [1]. After this date, DNS resolvers will need to have the new key
> (KSK-2017) to perform DNSSEC validation.
> 
> [1] https://www.icann.org/news/announcement-2018-08-22-en
> 
> AFAICS, dnsmasq in stretch and jessie [2] currently lacks the new key,
> and unless the dns-root-data package is additionally installed, users
> relying on dnsmasq for DNS resolution may encounter problems once the
> rollover occurs.
> 
> [2] https://sources.debian.org/src/dnsmasq/2.76-5+deb9u1/trust-anchors.conf/
> https://sources.debian.org/src/dnsmasq/2.72-3+deb8u2/trust-anchors.conf/
> 
> I think cherry-picking the commit [3] should prevent this in both
> suites.
> 
> [3] 
> http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=05da782f8f45933915af0ef3cc1ba35e31d20c59
> 
> Would you agree on this change, and, would you like to prepare the
> uploads by yourself?
> 
> I am CCing the security team to have their opinion, whether this should
> be handled via a security or a stable upload in stretch.

Previous updates of DNS root keys have all been handled via stretch-updates,
e.g. https://lists.debian.org/debian-stable-announce/2017/09/msg0.html

Cheers,
Moritz

Bug#907874: trans-de-en: 2x transposed letters: "Pirmarschule" instead of "Primarschule"

[Roland Rosenfeld]

Hi Frank!

I received the following typo "Pirmarschule" instead of "Primarschule"
against the Debian package of your de-en dictionary, maybe you want to
fix it in your dictionary, too.

A patch is attached.

Greetings
Roland

- Forwarded message from Axel Beckert  -

From: Axel Beckert 
Subject: Bug#907874: trans-de-en: 2x transposed letters: "Pirmarschule" instead 
of "Primarschule"
To: Debian Bug Tracking System 
Date: Mon, 3 Sep 2018 14:11:33 +0200
Reply-To: Axel Beckert , 907...@bugs.debian.org

Package: trans-de-en
Version: 1.8.1-1
Severity: normal
Tags: upstream
Control: found -1 1.8.1-4

Hi Roland,

the following entry contains 2x transposed letters in the words
"Primarschule" and "Primarschulen":

Grundschule {f} [Dt.] [Südtirol]; Klippschule {f} [Nordostdt.]; Elementarschule 
{f} [hist.]; Volksschule {f} [Ös.]; Pirmarschule {f} [Schw.]; Primärschule {f} 
[Lux.] [school] | Grundschulen {pl}; Klippschulen {pl}; Elementarschulen {pl}; 
Volksschulen {pl}; Pirmarschulen {pl}; Primärschulen {pl} :: primary school 
[Br.]; elementary school [Am.]; grammar school [Am.]; grade school [Am.] | 
primary schools; elementary schools; grammar schools; grade schools

Please replace "Pirmarschule" and "Pirmarschulen" with "Primarschule"
and "Primarschulen".

This seems to be an upstream issue since
https://dict.tu-chemnitz.de/dings.cgi?service=deen=0=0=primary+schools=
also shows these transposed characters.

P.S.: http://dict.tu-chemnitz.de/ redirects to
https://dict.tu-chemnitz.de/, so maybe the upstream URL in the long
package description should be updated to HTTPS, too. (Maybe it even
makes even sense to give the binary package trans-de-en its own distinct
Homepage header and to move the URL from the package description there.)

-- System Information:
Debian Release: 9.5
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-debug'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-7-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

trans-de-en depends on no packages.

trans-de-en recommends no packages.

Versions of packages trans-de-en suggests:
ii  ding  1.8.1-1

-- no debconf information


- End forwarded message -
From: Axel Beckert 
Date: Mon, 3 Sep 2018 14:11:33 +0200
Subject: Fix typo Pirmarschule -> Primarschule
Bug-Debian: http://bugs.debian.org/907874

--- a/de-en.txt
+++ b/de-en.txt
@@ -42450,7 +42450,7 @@ Grundschleppnetzfischerei {f} :: demersa
 Grundschulbildung {f}; Grundschulwesen {n}; Primärschulwesen {n}; Primärausbildung {f} :: primary education
 Grundschuld {f} :: land charge; real charge
 Grundschuld {f} :: mortgage
-Grundschule {f} [Dt.] [Südtirol]; Klippschule {f} [Nordostdt.]; Elementarschule {f} [hist.]; Volksschule {f} [Ös.]; Pirmarschule {f} [Schw.]; Primärschule {f} [Lux.] [school] | Grundschulen {pl}; Klippschulen {pl}; Elementarschulen {pl}; Volksschulen {pl}; Pirmarschulen {pl}; Primärschulen {pl} :: primary school [Br.]; elementary school [Am.]; grammar school [Am.]; grade school [Am.] | primary schools; elementary schools; grammar schools; grade schools
+Grundschule {f} [Dt.] [Südtirol]; Klippschule {f} [Nordostdt.]; Elementarschule {f} [hist.]; Volksschule {f} [Ös.]; Primarschule {f} [Schw.]; Primärschule {f} [Lux.] [school] | Grundschulen {pl}; Klippschulen {pl}; Elementarschulen {pl}; Volksschulen {pl}; Primarschulen {pl}; Primärschulen {pl} :: primary school [Br.]; elementary school [Am.]; grammar school [Am.]; grade school [Am.] | primary schools; elementary schools; grammar schools; grade schools
 Grundschüler {m}; Grundschülerin {f} [school] :: primary school pupil [Br.]; elementary school pupil [Am.]; grade school pupil [Am.]
 Grundschullehrer {m}; Grundschullehrerin {f} [Dt.] [Südtirol]; Volksschullehrer {m} [Ös.]; Primarlehrer {m} [Schw.] [school] | Grundschullehrer {pl}; Grundschullehrerinnen {pl}; Volksschullehrer {pl}; Primarlehrer {pl} :: primary school teacher [Br.]; elementary/grammar/grade school teacher [Am.] | primary school teachers; elementary/grammar/grade school teachers
 Grundsee {f} (Wellenbildung im flachen Wasser) [naut.] :: groundswell

Bug#907863: libeclipse-osgi-java, libequinox-osgi-java: error when trying to install together

[Markus Koschany]

Am 03.09.2018 um 15:38 schrieb Emmanuel Bourg:
> Hi Markus,
> 
> Le 03/09/2018 à 14:48, Markus Koschany a écrit :
> 
>> I think this could have been better communicated. I was the one who
>> split libequinox-osgi-java off from Eclipse. Why can't we just use the
>> existing package and update it accordingly? In any case giving a reason
>> for a package takeover by another package even for team-maintained
>> packages seems appropriate to me. A bug report would have been ideal for
>> this sort of discussion.
> 
> Sorry if this wasn't clear but I did mention taking over
> libequinox-osgi-java with src:equinox-framework in July when I exposed
> my plan to package the Eclipse dependencies required by AspectJ [1] on
> the debian-java mailing list. I didn't receive any feedback on this
> point and I didn't expect it would be controversial.

At that point the discussion was mostly about how do we want to name
packages. I simply did not realize that you wanted to create the same
source package again and call it libeclipse-osgi-java. I thought we were
talking about entirely new packages. This is really only a name change.
Using the upstream sources from Git instead of Maven Central is merely a
packaging detail and could have been implemented in
src:libequinox-osgi-java too. As this bug report demonstrates the
resulting jar file is the same.

> Don't get me wrong, this is definitely not a disapprobation of your work
> and I apologize if it looks like it. Your move to split
> libequinox-osgi-java from src:eclipse was the right decision to move
> things forward and I fully support it. But after having packaged a large
> set of Eclipse modules the libequinox-osgi-java package now appears at
> odds with the newly introduced packages (Maven Central as upstream vs
> Eclipse Git repository, different naming convention, different build
> system, no upstream version tracking). That's why I think it's more
> consistent to replace libequinox-osgi-java now.

No worries, I don't perceive this as a disapprobation of my work. But
frankly I find this whole process unnecessary because it is merely a
name change and it creates work for the ftp team (package review and
package removal), for you/us because the reverse-dependencies have to be
updated because of the name change and last but not least we have an RC
bug now (which also had to be discovered and reported by someone). I
know you will fix this and it is not hard to fix but all that could have
been easily avoided. Just updating libequinox-osgi-java would have been
a straightforward solution.





signature.asc
Description: OpenPGP digital signature

Bug#906921: tango-starter does not start after a reboot

[PICCA Frederic-Emmanuel]

> Ok, I did it. It is right?


It would be nice to hqve q one line explqinqtion of the fix.

sort of

d/tango-starter.init.d
  -Added network to Should-[Start|Stop]. (Closes: #...)


It is important to have something understandable in the debian changelog.

thansk

Fred

Ps: What about the patch ;)

Bug#907887: dnsmasq: Update root DNSSEC trust anchor in stretch and jessie

[Santiago R.R.]

Source: dnsmasq
Version: 2.72-3+deb8u2
Severity: important
Tags: patch

Hi Simon,

The DNS Root Key Signing Key (KSK) Rollover is scheduled for 11 October
2018 [1]. After this date, DNS resolvers will need to have the new key
(KSK-2017) to perform DNSSEC validation.

[1] https://www.icann.org/news/announcement-2018-08-22-en

AFAICS, dnsmasq in stretch and jessie [2] currently lacks the new key,
and unless the dns-root-data package is additionally installed, users
relying on dnsmasq for DNS resolution may encounter problems once the
rollover occurs.

[2] https://sources.debian.org/src/dnsmasq/2.76-5+deb9u1/trust-anchors.conf/
https://sources.debian.org/src/dnsmasq/2.72-3+deb8u2/trust-anchors.conf/

I think cherry-picking the commit [3] should prevent this in both
suites.

[3] 
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=05da782f8f45933915af0ef3cc1ba35e31d20c59

Would you agree on this change, and, would you like to prepare the
uploads by yourself?

I am CCing the security team to have their opinion, whether this should
be handled via a security or a stable upload in stretch.

Concerning jessie, following the LTS workflow is required:
https://wiki.debian.org/LTS/Development
If that LTS workflow is a burden for you, a member of the LTS team could
take care of it.

Best regards,

 -- Santiago

P.S. The hypothetical upload could also fix CVE-2017-15107 [3] ?

[3] https://security-tracker.debian.org/tracker/CVE-2017-15107


signature.asc
Description: PGP signature

Bug#907884: vlc: Debian 9.5 hangs when opening the mkv file in vlc 3.0.4-1

[Sebastian Ramacher]

Control: tags -1 + moreinfo

On 2018-09-03 17:59:43, Сергей Фёдоров wrote:
> To: sub...@bugs.debian.org
> Subject: vlc: Debian 9.5 hangs when opening the mkv file in vlc 3.0.4-1
> Package: vlc
> Version: 3.0.4-1
> Severity: critical
> Justification: breaks the whole system
> Tags: a11y
> 
> Debian 9.5 hangs when opening the mkv file in vlc 3.0.4-1

The version infor below points to buster/unstable. What are you testing exactly?

> In Debian 9.5 Sid opening a media file {avi,mkv and others} in vlc 3.0.4-1 
> (and libvlc* 3.0.4-1)
> opens a window with black content, the mouse cursor moves freely across the 
> screen, but the keyboard
> and mouse buttons are locked, i.e. Debian hangs.

Please provide the output of vlc -vvv when this happens. But in general, this
seems like a driver issues to me. Please also try again with disabling hardware
accerlation and let us know if that fixes things.

Best

> 
> When after rebooting we install vlc 3.0.2-0+deb9u1 (and libvlc* 
> 3.0.2-0+deb9u1) (from the Debian 9.5 Stable repository)
> everything works fine.
> 
> -- System Information:
> Debian Release: buster/sid
>   APT prefers unstable
>   APT policy: (500, 'unstable')
> Architecture: amd64 (x86_64)
> 
> Kernel: Linux 4.17.0-3-amd64 (SMP w/8 CPU cores)
> Locale: LANG=ru_RU.utf8, LC_CTYPE=ru_RU.utf8 (charmap=UTF-8), 
> LANGUAGE=ru_RU.utf8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
> LSM: AppArmor: enabled
> 
> Versions of packages vlc depends on:
> ii  vlc-bin  3.0.4-1
> ii  vlc-plugin-base  3.0.4-1
> ii  vlc-plugin-qt3.0.4-1
> ii  vlc-plugin-video-output  3.0.4-1
> 
> Versions of packages vlc recommends:
> ii  vlc-l10n   3.0.4-1
> ii  vlc-plugin-notify  3.0.4-1
> ii  vlc-plugin-samba   3.0.4-1
> ii  vlc-plugin-skins2  3.0.4-1
> ii  vlc-plugin-video-splitter  3.0.4-1
> ii  vlc-plugin-visualization   3.0.4-1
> 
> vlc suggests no packages.
> 
> Versions of packages libvlc-bin depends on:
> ii  libc62.27-5
> ii  libvlc5  3.0.4-1
> 
> Versions of packages libvlc5 depends on:
> ii  libc62.27-5
> ii  libvlccore9  3.0.4-1
> 
> Versions of packages libvlc5 recommends:
> ii  libvlc-bin  3.0.4-1
> 
> Versions of packages vlc-bin depends on:
> ii  libc6   2.27-5
> ii  libvlc-bin  3.0.4-1
> ii  libvlc5 3.0.4-1
> 
> Versions of packages vlc-plugin-base depends on:
> ii  liba52-0.7.4 0.7.4-19
> ii  libarchive13 3.2.2-5
> ii  libaribb24-0 1.0.3-2
> ii  libasound2   1.1.6-1
> ii  libass9  1:0.14.0-2
> ii  libavahi-client3 0.7-4
> ii  libavahi-common3 0.7-4
> ii  libavc1394-0 0.5.4-5
> ii  libavcodec58 7:4.0.2-1+b1
> ii  libavformat587:4.0.2-1+b1
> ii  libavutil56  7:4.0.2-1+b1
> ii  libbasicusageenvironment12018.08.28a-1
> ii  libbluray2   1:1.0.2-3
> ii  libc62.27-5
> ii  libcairo21.15.12-1
> ii  libcddb2 1.3.2-6
> ii  libchromaprint1  1.4.3-2+b1
> ii  libcrystalhd31:0.0~git20110715.fdd2f19-13
> ii  libdbus-1-3  1.12.10-1
> ii  libdc1394-22 2.2.5-1
> ii  libdca0  0.0.6-1
> ii  libdvbpsi10  1.3.2-1
> ii  libdvdnav4   6.0.0-1
> ii  libdvdread4  6.0.0-1
> ii  libebml4v5   1.3.6-2
> ii  libfaad2 2.8.8-1
> ii  libflac8 1.3.2-3
> ii  libfontconfig1   2.13.0-5
> ii  libfreetype6 2.8.1-2
> ii  libfribidi0  1.0.5-3
> ii  libgcc1  1:8.2.0-4
> ii  libgcrypt20  1.8.3-1
> ii  libglib2.0-0 2.58.0-1
> ii  libgnutls30  3.5.19-1
> ii  libgpg-error01.32-1
> ii  libgroupsock82018.08.28a-1
> ii  libharfbuzz0b1.8.8-2
> ii  libjpeg62-turbo  1:1.5.2-2+b1
> ii  libkate1 0.4.1-8
> ii  liblirc-client0  0.10.0-2+b1
> ii  liblivemedia62   2018.08.28a-1
> ii  liblua5.2-0  5.2.4-1.1+b2
> ii  libmad0  0.15.1b-9
> ii  libmatroska6v5   1.4.9-1
> ii  libmicrodns0 0.0.10-1
> ii  libmpcdec6   2:0.1~r495-1+b2
> ii  libmpeg2-4   0.5.1-8
> ii  libmpg123-0  1.25.10-2
> ii  libmtp9 

Bug#907886: sshpubkeys: Please package the newest upstream release

[Nicolas Braud-Santoni]

Source: sshpubkeys
Version: 2.2.0-1
Severity: normal

Hi Vincent !

Upstream released a new (major) version, that is stricter on which SSH keys
it will accept, in February.  I think this will eventually cause issues if
we keep shipping sshpubkeys 2.x when people might expect 3.x

Could you please package the newest version?


Best,

  nicoo

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.17.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set 
to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#907885: vlc: Debian 9.5 hangs when opening the mkv file in vlc 3.0.4-1

[Сергей Фёдоров]

To: sub...@bugs.debian.org
Subject: vlc: Debian 9.5 hangs when opening the mkv file in vlc 3.0.4-1
Package: vlc
Version: 3.0.4-1
Severity: critical
Justification: breaks the whole system
Tags: a11y

Debian 9.5 hangs when opening the mkv file in vlc 3.0.4-1

In Debian 9.5 Sid opening a media file {avi,mkv and others} in vlc 3.0.4-1 (and 
libvlc* 3.0.4-1)
opens a window with black content, the mouse cursor moves freely across the 
screen, but the keyboard
and mouse buttons are locked, i.e. Debian hangs.

When after rebooting we install vlc 3.0.2-0+deb9u1 (and libvlc* 3.0.2-0+deb9u1) 
(from the Debian 9.5 Stable repository)
everything works fine.

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.17.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=ru_RU.utf8, LC_CTYPE=ru_RU.utf8 (charmap=UTF-8), 
LANGUAGE=ru_RU.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages vlc depends on:
ii  vlc-bin  3.0.4-1
ii  vlc-plugin-base  3.0.4-1
ii  vlc-plugin-qt3.0.4-1
ii  vlc-plugin-video-output  3.0.4-1

Versions of packages vlc recommends:
ii  vlc-l10n   3.0.4-1
ii  vlc-plugin-notify  3.0.4-1
ii  vlc-plugin-samba   3.0.4-1
ii  vlc-plugin-skins2  3.0.4-1
ii  vlc-plugin-video-splitter  3.0.4-1
ii  vlc-plugin-visualization   3.0.4-1

vlc suggests no packages.

Versions of packages libvlc-bin depends on:
ii  libc62.27-5
ii  libvlc5  3.0.4-1

Versions of packages libvlc5 depends on:
ii  libc62.27-5
ii  libvlccore9  3.0.4-1

Versions of packages libvlc5 recommends:
ii  libvlc-bin  3.0.4-1

Versions of packages vlc-bin depends on:
ii  libc6   2.27-5
ii  libvlc-bin  3.0.4-1
ii  libvlc5 3.0.4-1

Versions of packages vlc-plugin-base depends on:
ii  liba52-0.7.4 0.7.4-19
ii  libarchive13 3.2.2-5
ii  libaribb24-0 1.0.3-2
ii  libasound2   1.1.6-1
ii  libass9  1:0.14.0-2
ii  libavahi-client3 0.7-4
ii  libavahi-common3 0.7-4
ii  libavc1394-0 0.5.4-5
ii  libavcodec58 7:4.0.2-1+b1
ii  libavformat587:4.0.2-1+b1
ii  libavutil56  7:4.0.2-1+b1
ii  libbasicusageenvironment12018.08.28a-1
ii  libbluray2   1:1.0.2-3
ii  libc62.27-5
ii  libcairo21.15.12-1
ii  libcddb2 1.3.2-6
ii  libchromaprint1  1.4.3-2+b1
ii  libcrystalhd31:0.0~git20110715.fdd2f19-13
ii  libdbus-1-3  1.12.10-1
ii  libdc1394-22 2.2.5-1
ii  libdca0  0.0.6-1
ii  libdvbpsi10  1.3.2-1
ii  libdvdnav4   6.0.0-1
ii  libdvdread4  6.0.0-1
ii  libebml4v5   1.3.6-2
ii  libfaad2 2.8.8-1
ii  libflac8 1.3.2-3
ii  libfontconfig1   2.13.0-5
ii  libfreetype6 2.8.1-2
ii  libfribidi0  1.0.5-3
ii  libgcc1  1:8.2.0-4
ii  libgcrypt20  1.8.3-1
ii  libglib2.0-0 2.58.0-1
ii  libgnutls30  3.5.19-1
ii  libgpg-error01.32-1
ii  libgroupsock82018.08.28a-1
ii  libharfbuzz0b1.8.8-2
ii  libjpeg62-turbo  1:1.5.2-2+b1
ii  libkate1 0.4.1-8
ii  liblirc-client0  0.10.0-2+b1
ii  liblivemedia62   2018.08.28a-1
ii  liblua5.2-0  5.2.4-1.1+b2
ii  libmad0  0.15.1b-9
ii  libmatroska6v5   1.4.9-1
ii  libmicrodns0 0.0.10-1
ii  libmpcdec6   2:0.1~r495-1+b2
ii  libmpeg2-4   0.5.1-8
ii  libmpg123-0  1.25.10-2
ii  libmtp9  1.1.13-1
ii  libncursesw6 6.1+20180714-1
ii  libnfs11 2.0.0-1~exp1
ii  libogg0  1.3.2-1+b1
ii  libopenmpt-modplug1  0.3.11-1
ii  libopus0 1.3~beta+20180518-1
ii  libpng16-16  1.6.34-2
ii  libpostproc557:4.0.2-1+b1
ii  libprotobuf-lite10   3.0.0-9.1
ii  libpulse012.0-1
ii  libraw1394-112.1.2-1+b1
ii  libresid-builder0c2a 2.1.1-15

Bug#907845: Warn if compat level 11 is used and dh_system_* helpers are used

[Michael Biebl]

On Mon, 03 Sep 2018 06:19:28 +0200 Michael Biebl  wrote:
> Package: lintian
> Version: 2.5.99
> Severity: wishlist
> 
> Hi,
> 
> in compat level 11, dh_systemd_start and dh_systemd_enable have been
> deprecated in favour of dh_installsystemd.
> dh will also no longer run the dh_systemd_{start,enable} helpers during
> build.
> I've seen a couple of packages which have updated their compat level to
> 11 but still use a dh_systemd_{start,enable} override.
> It would be nice if lintian could detect (grep for usage of
> override_dh_systemd_{start,enable} in debian/rules) and warn accordingly.

Hm, I completely missed
https://lintian.debian.org/tags/debian-rules-uses-deprecated-systemd-override.html
which was added in 2.5.72 is supposed to do exactly that.

I wonder why it didn't trigger for sysstat
https://salsa.debian.org/debian/sysstat/blob/master/debian/rules#L68

Is the -arch prefix confusing lintian?


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature