Bug#929603: unblock: webkit2gtk/2.24.2-1

[Paul Gevers]

Control: tags -1 moreinfo

Hi Alberto,

On Sun, 26 May 2019 23:08:03 +0200 Alberto Garcia  wrote:
> Please unblock package webkit2gtk
> 
> The new upstream stable release contains (among others) fixes
> for these three security bugs: CVE-2019-8595, CVE-2019-8607 and
> CVE-2019-8615.

Just to get it clear, the security support of webkit2gtk in buster will
be done by following upstream releases? Does this involve specific
stable release branches? And this upload/unblock is the same what the
security team would accept if we would already have released?

If your response is in line with my understanding (or obviously
otherwise satisfactory) I'll unblock it.

Paul



signature.asc
Description: OpenPGP digital signature

Bug#925955: simple-cdd: Fails to import correct package version from security mirror

[Vagrant Cascadian]

On 2019-03-29, Sebastien Delafond wrote:
> Using a very basic configuration for simple-cdd, I can't build a stretch
> image:
>
>   # cat > cdd.conf
>   debian_mirror=http://deb.debian.org/debian
>   security_mirror=http://security.debian.org/
>   dist=stretch
>   profiles=test
>   ^D
>   # mkdir -p profiles
>   # echo nano > profiles/test.packages
>   # build-simple-cdd --conf cdd.conf
>   [...]
>   WARNING Found uninstallable packages in 
> /root/cdd/tmp/mirror/dists/stretch/main/binary-amd64/Packages:
>   WARNING   output-version: 1.2
>   WARNING   report:
>   WARNING-
>   WARNING package: libpam-systemd
>   WARNING version: 232-25+deb9u8
>   WARNING architecture: amd64
>   WARNING status: broken
>   WARNING reasons:
>   WARNING  -
>   WARNING   missing:
>   WARNINGpkg:
>   WARNING package: libpam-systemd
>   WARNING version: 232-25+deb9u8
>   WARNING architecture: amd64
>   WARNING unsat-dependency: systemd (= 232-25+deb9u8)
>   WARNING
>   WARNING   total-packages: 364
>   WARNING   broken-packages: 1
>
> libpam-systemd is version 232-25+deb9u8 in stretch, but 232-25+deb9u9 in
> stretch/updates, so 232-25+deb9u9 should of course be selected.

I haven't confirmed exactly, but this is not terribly surprising; the
dependency resolver doesn't do any versioned dependency checking, it
simply loops through trying to find more depends/recommends and then
stops once no new packages are found.

Maybe just doing 1 or more extra passes in the loop would fix it, making
sure all packages are updated... I might try and reproduce this kind of
issue and see if that wouldn't fix it. Though I have my doubts, as the
package should already be added to the list of packages to
include in the repository...


The proper thing to do is use dose-distcheck or another more
sophisticated tool to actually resolve the dependencies; that's what's
used to check if there are missing dependencies, but actually using them
to resolve the dependency tree up-front might very well result in a more
reliable and quite possibly faster process all around.


> If I explicitely add libpam-systemd to my list of packages, everything
> works as it should:
>
>   # echo libpam-systemd >> profiles/test.packages
>   # build-simple-cdd --conf cdd.conf
>   # echo $?
>   0
>
> When running with --debug, you see 232-25+deb9u8 being downloaded from
> stretch in both cases. However, when libpam-systemd is listed in
> test.packages, 232-25+deb9u9 is also later downloaded from
> stretch/updates, and used to correctly satisfy the dependency.

At the moment, that's unfortunately the recommended workaround for these
situations. It particularly comes up with multiple repositories, such as
the primary repository and the security repository, or when pulling
packages from backports.


live well,
  vagrant


signature.asc
Description: PGP signature

Bug#929745: cinnamon-core: cinnamon needs python-gi for certain downloadable applets

[Christian Hawkins]

Package: cinnamon-core
Version: 3.8
Severity: important

Dear Maintainer,

   * What led up to the situation?
 Installing World Clock Calendar from Cinnamon Applet Installer

   * What exactly did you do (or not do) that was effective (or
 ineffective)?
 Trying to change the world clocks

   * What was the outcome of this action?
 configuration of world clocks is not showing

   * What outcome did you expect instead?
 configuration of world clocks working

After poking around in the sourcecode for World Clock Calendar I found that
python-gi is referenced, but was not installed. Please add python-gi as
dependency.



-- System Information:
Debian Release: 10.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-5-amd64 (SMP w/16 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8), 
LANGUAGE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages cinnamon-core depends on:
ii  cinnamon 3.8.8-1
ii  cinnamon-control-center  3.8.1-1
ii  cinnamon-screensaver 3.8.2-1
ii  cinnamon-session 3.8.2-1
ii  cinnamon-settings-daemon 3.8.4-2
ii  dconf-gsettings-backend [gsettings-backend]  0.30.1-2
ii  desktop-base 10.0.2
ii  muffin   3.8.2-1
ii  nemo 3.8.5-1+b1

Versions of packages cinnamon-core recommends:
ii  cinnamon-l10n3.8.2-1
ii  gnome-themes-extra   3.28-1
ii  gstreamer1.0-plugins-good1.14.4-dmo2
ii  gvfs-fuse1.38.1-3
ii  lightdm [x-display-manager]  1.26.0-4

Versions of packages cinnamon-core suggests:
pn  cinnamon-desktop-environment  

-- no debconf information

Bug#929740: RFS: elpy/1.28.0-2

[Chris Lamb]

tags 929740 + moreinfo
thanks

Nicholas D Steeves wrote:

> Alternatively, one can download the package with dget using this command:
> 
> dget -x 
> https://mentors.debian.net/debian/pool/main/e/elpy/elpy_1.28.0-2.dsc

Uploaded; thanks. :)


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org 🍥 chris-lamb.co.uk
   `-

Bug#929744: mkfs.ext4 incorrect "last mounted" location

[Jim Popovitch]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Package: e2fsprogs
Version: 1.43.4-2
Architecture: amd64

mkfs.ext4 incorrectly reports the "last mounted" location.  In the 
details below, /home/backups was last mounted 2 days ago.  The
correct last mount was /mnt at "Thu May 30 03:03:42 2019"


~$ fdisk -l
Disk /dev/vda: 400 GiB, 429496729600 bytes, 838860800 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x000dcb5c

Device Boot Start   End   Sectors  Size Id Type
/dev/vda1  * 2048 417330815 417328768  199G 83 Linux
/dev/vda2   417331200 450885631  33554432   16G 83 Linux
/dev/vda3   450885632 838860799 387975168  185G 83 Linux


~$ mount /dev/vda3 /mnt/

~$ ll /mnt/
total 20
drwx--  2 root root 16384 Apr 13 13:59 lost+found

~$ umount /mnt

~$ mkfs.ext4 /dev/vda3 
mke2fs 1.43.4 (31-Jan-2017)
/dev/vda3 contains a ext4 file system
last mounted on /home/backups on Thu May 30 03:03:42 2019
Proceed anyway? (y,N) y
Creating filesystem with 48496640 4k blocks and 12147840 inodes
Filesystem UUID: be199742-4354-4586-9b25-3bceaa67f64a
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
4096000, 7962624, 11239424, 2048, 23887872

Allocating group tables: done
Writing inode tables: done
Creating journal (262144 blocks): done
Writing superblocks and filesystem accounting information: done

~$ date
Thu May 30 03:04:37 UTC 2019



-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEECPbAhaBWEfiXj/kxdRlcPb헹ᐔॳ봼�⠤䇔数
fkXK6A/9E0/5eqIl9qwJrHoAFmSYcCJeVPSuWiOucqy54Rx鴳捳铺䄆
Xl6UXdxdZqhy2UMZxgqmqjHo1ugR㎴礵勄ꂛ遑虄糴ꄢ�䳬際ﯦ䠿
eVWJHbDLabd4Yj/bGCXv/N8iCh庅漫ꥐ㹊㎓ᮜꑥ䄺聢悈ꯊ뢢
EIu6QAXAHmbSYYd2CNVdPq㣣鸤Გ�眺큜㕕䏟䗚ꢈ⊋阎㉀Ⰶ
OTl6IV2lZKNcGhM56tIb87zRFrqSJarJ4/iMEB4yXcHirnI/DZMmVK7WBDqk3eD6
pfsIW8Jtyfi4dR㶫Ṩ�㙇Â懶녠ᓧ幂꼋捱귡ꊥា츈귵版
JT5JearagpY4m0IVmmv2w24ol3GosqX9cALHMMkYhfrKbXLRCWKtPpshOBB0qaPd
A9EiXv�䶧曤텍踄浇랬奂诋�ﺩ妛�᾵౬屈Ӏ኿脿
0zv֢媵ࠤ⻷ⳕ旧�〿䠊딻︉ꏑ⫃蛨㳣響毬�偒씟
FHKNnQJxNkJDo3x3EEj8HGTJtk9DOIHlXoVWk6NTLrnoz0tn3vb5zgDbCQMn35KX
kUrWmSOhz/3mXSzwktI6UbRTymSFL3ON0Y丬愃홺똏♬=
=f9PR
-END PGP SIGNATURE-

Bug#929743: boinc-client: Default installation miss "slots" directory made the boincmgr gray out.

[Zhang Xiaowei]

Package: boinc-client
Version: 7.14.2+dfsg-3
Severity: important

Dear Maintainer,

   * What led up to the situation?

As title says. I just apt-get install and run boincmgr as usual at the first 
time.

   * What exactly did you do (or not do) that was effective (or
 ineffective)?

When I run the boincmgr, all items grayed out.

   * What was the outcome of this action?

This is my systctl status says:
● boinc-client.service - Berkeley Open Infrastructure Network Computing Client
   Loaded: loaded (/lib/systemd/system/boinc-client.service; enabled; vendor 
preset: enabled)
   Active: active (running) since Thu 2019-05-30 08:59:17 CST; 8min ago
 Docs: man:boinc(1)
 Main PID: 8352 (boinc)
Tasks: 2 (limit: 4915)
   Memory: 6.3M
   CGroup: /system.slice/boinc-client.service
   └─8352 /usr/bin/boinc

30-May-2019 08:59:20 [---]suspend work if non-BOINC CPU load exceeds 25%
30-May-2019 08:59:20 [---](to change preferences, visit a project web site 
or select Preferences in the Manager)
30-May-2019 08:59:20 [---] Setting up project and slot directories
dir_open: Could not open directory 'slots' from '/var/lib/boinc-client'.
30-May-2019 08:59:20 [---] Checking active tasks
30-May-2019 08:59:20 [---] Setting up GUI RPC socket
30-May-2019 08:59:20 [---] gui_rpc_auth.cfg is empty - no GUI RPC password 
protection
30-May-2019 08:59:20 [---] Checking presence of 0 project files
30-May-2019 08:59:20 [---] This computer is not attached to any projects
30-May-2019 08:59:20 Initialization completed

After mkdir under /var/lib/boinc, it's all perfect and rainbowed in.

● boinc-client.service - Berkeley Open Infrastructure Network Computing Client
   Loaded: loaded (/lib/systemd/system/boinc-client.service; enabled; vendor 
preset: enabled)
   Active: active (running) since Thu 2019-05-30 09:10:21 CST; 4s ago
 Docs: man:boinc(1)
 Main PID: 10947 (boinc)
Tasks: 2 (limit: 4915)
   Memory: 6.3M
   CGroup: /system.slice/boinc-client.service
   └─10947 /usr/bin/boinc

30-May-2019 09:10:23 [---]don't use GPU while active
30-May-2019 09:10:23 [---]suspend work if non-BOINC CPU load exceeds 25%
30-May-2019 09:10:23 [---](to change preferences, visit a project web site 
or select Preferences in the Manager)
30-May-2019 09:10:23 [---] Setting up project and slot directories
30-May-2019 09:10:23 [---] Checking active tasks
30-May-2019 09:10:23 [---] Setting up GUI RPC socket
30-May-2019 09:10:23 [---] gui_rpc_auth.cfg is empty - no GUI RPC password 
protection
30-May-2019 09:10:23 [---] Checking presence of 0 project files
30-May-2019 09:10:23 [---] This computer is not attached to any projects
30-May-2019 09:10:23 Initialization completed

Bondezirojn.

From Zhang Xiaowei

-- Package-specific info:
-- Contents of /etc/default/boinc-client:
# This file is /etc/default/boinc-client, it is a configuration file for the
# /etc/init.d/boinc-client init script.

# Set this to 1 to enable and to 0 to disable the init script.
ENABLED="1"

# Set this to 1 to enable advanced scheduling of the BOINC core client and
# all its sub-processes (reduces the impact of BOINC on the system's
# performance).
SCHEDULE="1"

# The BOINC core client will be started with the permissions of this user.
BOINC_USER="boinc"

# This is the data directory of the BOINC core client.
BOINC_DIR="/var/lib/boinc-client"

# This is the location of the BOINC core client, that the init script uses.
# If you do not want to use the client program provided by the boinc-client
# package, you can specify here an alternative client program.
#BOINC_CLIENT="/usr/local/bin/boinc"
BOINC_CLIENT="/usr/bin/boinc"

# Here you can specify additional options to pass to the BOINC core client.
# Type 'boinc --help' or 'man boinc' for a full summary of allowed options.
#BOINC_OPTS="--allow_remote_gui_rpc"
BOINC_OPTS=""

# Scheduling options

# Set SCHEDULE="0" if prefering to run with upstream default priority
# settings.

# Nice levels. When systems are truly busy, e.g. because of too many active
# scientific applications started by the boinc client, there is a chance for
# the boinc client not to be granted sufficient opportunity to check for
# scientific applications to be alive and make the (wrong) decision to
# terminate the scientific app. This is particularly an issue with many
# apps started in parallel on modern multi-core systems and extra overheads
# for the download and uploads of files with the project servers. Another
# concern is the latency for scientific applications to communicate with the
# graphics card, which should be low. All such values should be set and
# controled from within the BOINC client. The Debian init script also sets
# extra constrains via chrt on real time performance and via ionice on 
# I/O performance, which is beyond the regular BOINC client. It then was
# too easy to use that code to also constrain minimal nice levels. We still
# think about how to best distinguish GPU applications from regular apps

Bug#525579: fails with misleading error if it cannot write backup

[Trent W. Buck]

martin f krafft wrote (ten years ago!):
> Package: lvm2
> Version: 2.02.44-3
> Severity: minor
>
> If /etc happens to be read-only, almost every operation yields an
> "error 5". This is misleading, and the error message should be
> better. Also, I should be able to specify an alternate/more
> appropriate location for the backup...

FYI, I have been doing this for nearly ten years:

sed -i /etc/lvm/lvm.conf -e '/backup_dir/  c  backup_dir = 
"/var/backups/lvm/backup"'
sed -i /etc/lvm/lvm.conf -e '/archive_dir/ c archive_dir = 
"/var/backups/lvm/archive"'

My reason was much simpler:
If LVM archives to /etc/, my etckeeper git history fills with distracting crap.
(My LVM state changes every night, when I rsync from temporary LVM snapshots.)

Why doesn't Debian (or upstream) make that the default?
Attached is an (untested) draft patch for debian/patches/ to do just that.


As a test, I used systemd's ProtectSystem=full to block lvm2's write
access to /etc, to see if it still failed with no message.
Here the test unit:

# /etc/systemd/system/delete-me-525579.service
[Service]
Type=oneshot
# Make /etc read-only, as a test.
ProtectSystem=full

ExecStartPre=/usr/sbin/zfs create -V 8G omega/ZVOLs/delete-me-525579
ExecStart=/usr/sbin/pvcreate /dev/zvol/omega/ZVOLs/delete-me-525579
ExecStart=/usr/sbin/vgcreate VG0 /dev/zvol/omega/ZVOLs/delete-me-525579
ExecStart=/usr/sbin/lvcreate --name=foo --size=100M VG0
ExecStart=/usr/sbin/lvextend --size=200M VG0/foo
ExecStart=/usr/sbin/vgchange -an
ExecStopPost=/usr/sbin/zfs destroy omega/ZVOLs/delete-me-525579

Here is it working without ProtectSystem=full:

May 30 12:33:47 not-omega systemd[1]: delete-me-525579.service: Service has 
more than one ExecStart= setting, which is only allowed for Type=oneshot 
services. Refusing.
May 30 12:34:45 not-omega systemd[1]: Starting delete-me-525579.service...
May 30 12:34:48 not-omega pvcreate[19672]:   Physical volume 
"/dev/zvol/omega/ZVOLs/delete-me-525579" successfully created.
May 30 12:34:52 not-omega vgcreate[19877]:   Volume group "VG0" 
successfully created
May 30 12:34:57 not-omega lvcreate[20028]:   Logical volume "foo" created.
May 30 12:34:59 not-omega lvextend[20208]:   Size of logical volume VG0/foo 
changed from 100.00 MiB (25 extents) to 200.00 MiB (50 extents).
May 30 12:34:59 not-omega lvextend[20208]:   Logical volume VG0/foo 
successfully resized.
May 30 12:35:01 not-omega vgchange[20322]:   0 logical volume(s) in volume 
group "VG0" now active
May 30 12:35:04 not-omega systemd[1]: delete-me-525579.service: Succeeded.
May 30 12:35:04 not-omega systemd[1]: Started delete-me-525579.service.
May 30 12:35:04 not-omega systemd[1]: delete-me-525579.service: Consumed 
340ms CPU time, no IP traffic.

Here is it failing with ProtectSystem=full:

May 30 12:36:28 not-omega systemd[1]: Starting delete-me-525579.service...
May 30 12:36:31 not-omega pvcreate[22588]:   Physical volume 
"/dev/zvol/omega/ZVOLs/delete-me-525579" successfully created.
May 30 12:36:34 not-omega vgcreate[22731]:   Cannot archive volume group 
metadata for VG0 to read-only filesystem.
May 30 12:36:34 not-omega systemd[1]: delete-me-525579.service: Main 
process exited, code=exited, status=5/NOTINSTALLED
May 30 12:36:35 not-omega systemd[1]: delete-me-525579.service: Failed with 
result 'exit-code'.
May 30 12:36:35 not-omega systemd[1]: Failed to start 
delete-me-525579.service.
May 30 12:36:35 not-omega systemd[1]: delete-me-525579.service: Consumed 
175ms CPU time, no IP traffic.

So you can see that at least vgcreate is giving a useful error message now.


By doing each step by hand prior to the systemd ProtectSystem=full, I can also 
get:

May 30 12:40:44 not-omega lvcreate[24889]:   Cannot archive volume group 
metadata for VG0 to read-only filesystem.
May 30 12:41:35 not-omega lvextend[25653]:   Cannot archive volume group 
metadata for VG0 to read-only filesystem.
May 30 12:41:56 not-omega vgchange[26201]:   0 logical volume(s) in volume 
group "VG0" now active

That last one wasn't an error; it succeeded.
Description: Backup to /var/backup/lvm/ (not /etc/lvm/) by default.
 See also discussion on https://bugs.debian.org/525579
 (This patch does NOT fix that bug, though!)
Author: Trent W. Buck 

---
The information above should follow the Patch Tagging Guidelines, please
checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here
are templates for supplementary fields that you might want to add:

Origin: , 
Bug: 
Bug-Debian: https://bugs.debian.org/
Bug-Ubuntu: https://launchpad.net/bugs/
Forwarded: 
Reviewed-By: 
Last-Update: 2019-05-30

--- lvm2-2.03.02.orig/conf/example.conf.in
+++ lvm2-2.03.02/conf/example.conf.in
@@ -758,7 +758,7 @@ backup {
 	# Configuration option backup/backup_dir.
 	# Location of the metadata backup files.
 	# Remember to back up this directory regularly!
-	backup_dir = "@

Bug#910124: network-manager-gnome: option to import/export WiFi config as a QR code

[Paul Wise]

On Wed, 2019-05-29 at 12:57 +0200, Michael Biebl wrote:

> > This has been implemented in 1.8.22.
> This is apparently implemented as well.

Thanks for the notice.

> https://gitlab.gnome.org/GNOME/network-manager-applet/merge_requests/45

This appears to introduce an embedded code copy, you might want to let
the security team know about that once it reaches Debian.

https://wiki.debian.org/EmbeddedCodeCopies

-- 
bye,
pabs

https://wiki.debian.org/PaulWise



signature.asc
Description: This is a digitally signed message part

Bug#866758: Please close this bug

[Hideki Yamane]

Hi Roger,

On Wed, 29 May 2019 13:47:07 -0500 "Roger T. Imai"  
wrote:
> I can't find a method or instructions for closing bug 866758, possibly
> because I was a contributor, not the original submitter. A subsequent
> kernel or Intel microcode update resolved the issue in my case.

 It's easy, just send mail to -d...@bugs.debian.org.
 However, I want to wait original reporter's reply for it.


-- 
Hideki Yamane 

Bug#929113: gimp crashed while editing

[Bernhard Übelacker]

Dear Maintainer,
I just tried to have a look at this
backtrace by the submitter:

Thread 1 (Thread 0x7f81021b1e00 (LWP 3464)):
...
#6  0x7f810411f 730 in  () at libpthread.so.0
#7  0x56302b0c9 97f in  ()
#8  0x56302b0c9 c28 in  ()
#9  0x7f8104303 dd8 in g_main_context_dispatch () at libglib-2.0.so.0
#10 0x7f8104304 1c8 in  () at libglib-2.0.so.0
#11 0x7f8104304 4c2 in g_main_loop_run () at libglib-2.0.so.0
#12 0x56302ad56 cb7 in app_run ()
#13 0x56302ad56 5b5 in main ()

I think that translates to these symbols:

#0  0x55997 97f in gimp_projection_chunk_render_iteration () at 
gimpprojection.c:1416
#1  0x55997 c28 in gimp_projection_chunk_render_callback () at 
gimpprojection.c:857
#2  0x76eb1 dd8 in g_main_dispatch () at ../../../glib/gmain.c:3182
#3  0x76eb1 dd8 in g_main_context_dispatch () at 
../../../glib/gmain.c:3847
#4  0x76eb2 1c8 in g_main_context_iterate () at 
../../../glib/gmain.c:3920
#5  0x76eb2 4c2 in g_main_loop_run () at ../../../glib/gmain.c:4116
#6  0x55624 cb7 in app_run () at app.c:440
#7  0x55624 5b5 in main () at main.c:524

Unfortuantely at this offset 97f is just a idiv instruction.
Without having the registers values I could
not make a clue out of it.

(gdb) disassemble 0x5599797f-0x10,0x5599797f+0x8
Dump of assembler code from 0x5599796f to 0x55997987:
   0x55997 96f : cmp
%r13d,%eax
   0x55997 972 : mov
%eax,%r12d
   0x55997 975 : mov
0x4c(%rbx),%eax
   0x55997 978 : cmovg  
%r13d,%r12d
   0x55997 97c : xor
%edi,%edi
   0x55997 97e : cltd   
=> 0x55997 97f : idiv   
%r12d
   0x55997 982 : 
cvtsi2sd %eax,%xmm0
   0x55997 986 : callq  
0x55997500 
End of assembler dump.


Unfortunately gimp seems to call gdb but does just
retrieve backtraces but not registers.

Maybe in libgimpbase/gimputils.c a line
like following could do that:

   gchar *args[9] = { "gdb", "-batch",
+ "-ex", "info reg",
  "-ex", "info threads",
  "-ex", "thread apply all backtrace full",


Register $r12d might have been 0, in that case
gimp would throw a similar exception.

Also I could not find a matching upstream bug report.

Kind regards,
Bernhard

# Debian Buster amd64 qemu VM


apt update
apt dist-upgrade


apt install systemd-coredump xserver-xorg dbus-x11 lightdm openbox gdb mc gimp 
gimp-dbgsym libglib2.0-0-dbgsym
apt build-dep gimp



mkdir /home/benutzer/source/gimp/orig -p
cd/home/benutzer/source/gimp/orig
apt source gimp
cd



export DISPLAY=:0

gdb -q --args gimp

set width 0
set pagination off
run

ctrl+c

generate-core-file ~/gimp.core



gdb -q /usr/bin/gimp --core  gimp.core

set width 0
set pagination off
directory /home/benutzer/source/gimp/orig/gimp-2.10.8/app/core
b *0x556245b0
b *0x55624cb2
b *0x76eb64bd
b *0x76eb61c3
b *0x76eb5dd5
b *0x55997c23
b *0x5599797f

###

# From submitter:
Thread 1 (Thread 0x7f81021b1e00 (LWP 3464)):
#0  0x7f810411e 544 in __libc_read (nbytes=256, buf=0x7ffe67e0a850, fd=14) at 
../sysdeps/unix/sysv/linux/read.c:26
#1  0x7f810411e 544 in __libc_read (fd=14, buf=0x7ffe67e0a850, nbytes=256) at 
../sysdeps/unix/sysv/linux/read.c:24
#2  0x7f8104e17 d34 in gimp_stack_trace_print () at libgimpbase-2.0.so.0
#3  0x56302ad57 4a0 in  ()
#4  0x56302ad57 8d8 in  ()
#5  0x56302ad58 037 in  ()
#6  0x7f810411f 730 in  () at libpthread.so.0
#7  0x56302b0c9 97f in  ()
#8  0x56302b0c9 c28 in  ()
#9  0x7f8104303 dd8 in g_main_context_dispatch () at libglib-2.0.so.0
#10 0x7f8104304 1c8 in  () at libglib-2.0.so.0
#11 0x7f8104304 4c2 in g_main_loop_run () at libglib-2.0.so.0
#12 0x56302ad56 cb7 in app_run ()
#13 0x56302ad56 5b5 in main ()


   0x5599797f <+383>:   idiv   %r12d
Breakpoint 7 at 0x5599797f: file gimpprojection.c, line 1416.

   0x55997 c23 :   callq  
0x55997800 
   0x55997 c28 :   test   
%eax,%eax
Breakpoint 6 at 0x55997c23: file gimpprojection.c, line 857.


   0x76eb5 dd5 <+341>:   callq  *%r15
   0x76eb5 dd8 <+344>:   mov0x10(%rsp),%rcx
Breakpoint 5 at 0x76eb5dd5: file ../../../glib/gmain.c, line 3182.


   0x76eb6 1c3 <+515>:   callq  0x76eb5c80 
   0x76eb6 1c8 <+520>:   jmpq   0x76eb60ee 

Breakpoint 4 at 0x76eb61c3: file ../../../glib/gmain.c, line 3920.


   0x76eb6 4bd <+173>:   callq  0x76eb5fc0 
   0x76eb6 4c2 <+178>:   mov0x8(%rbx),%eax
Breakpoint 3 at 0x76eb64bd: file ../../../glib/gmain.c, line 4116.


   0x55624 cb2 <+850>:   callq  0x556207e0 
   0x55624 cb7 <+855>:   mov%rbx,%rdi
Breakpoint 2 at 0x55624cb2: file app.c, line 440.


   0x55624 5b0 <+912>:   callq  0x55624960 
   0x55624 5b5

Bug#929742: kaddressbook: Kaddressbook not parsing gmail contacts

[Arnout Boelens]

Package: kaddressbook
Version: 4:18.08.3-3
Severity: normal
Tags: patch

My contacts are showing up like this in kaddressbook:

Contact Name 

This bug has been reported upstream:

https://bugs.kde.org/show_bug.cgi?id=398847

and I was hoping that the patch provided there could be backported to the
version of kaddressbook in Debian.

Regards,

Arnout

-- System Information:
Debian Release: 10.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-4-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages kaddressbook depends on:
ii  akonadi-server   4:18.08.3-5
ii  kdepim-runtime   4:18.08.3-4
ii  libc62.28-10
ii  libgcc1  1:8.3.0-6
ii  libkf5akonadicontact54:18.08.3-1
ii  libkf5akonadicore5abi2   4:18.08.3-5
ii  libkf5akonadisearch-bin  4:18.08.3-1
ii  libkf5akonadisearch-plugins  4:18.08.3-1
ii  libkf5akonadisearchdebug54:18.08.3-1
ii  libkf5akonadiwidgets5abi14:18.08.3-5
ii  libkf5completion55.54.0-1
ii  libkf5configcore55.54.0-1
ii  libkf5configgui5 5.54.0-1
ii  libkf5configwidgets5 5.54.0-1
ii  libkf5contacts5  4:18.08.3-1
ii  libkf5coreaddons55.54.0-1
ii  libkf5crash5 5.54.0-1
ii  libkf5grantleetheme-plugins  18.08.3-1
ii  libkf5grantleetheme5 18.08.3-1
ii  libkf5i18n5  5.54.0-1
ii  libkf5iconthemes55.54.0-1
ii  libkf5itemmodels55.54.0-1
ii  libkf5kaddressbookgrantlee5  4:18.08.3-2
ii  libkf5kaddressbookimportexport5  4:18.08.3-2
ii  libkf5kcmutils5  5.54.0-1
ii  libkf5kontactinterface5  18.08.3-1
ii  libkf5libkdepim-plugins  4:18.08.3-2
ii  libkf5libkdepim5 4:18.08.3-2
ii  libkf5parts5 5.54.0-1
ii  libkf5pimcommon5abi2 4:18.08.3-2
ii  libkf5pimcommonakonadi5abi1  4:18.08.3-2
ii  libkf5widgetsaddons5 5.54.0-1
ii  libkf5xmlgui55.54.0-1
ii  libqt5core5a 5.11.3+dfsg1-1
ii  libqt5dbus5  5.11.3+dfsg1-1
ii  libqt5gui5   5.11.3+dfsg1-1
ii  libqt5printsupport5  5.11.3+dfsg1-1
ii  libqt5widgets5   5.11.3+dfsg1-1
ii  libstdc++6   8.3.0-6

Versions of packages kaddressbook recommends:
ii  kdepim-addons  18.08.3-2

kaddressbook suggests no packages.

-- no debconf information

Bug#929741: ITP: wham -- Wisconsin's High-Throughput Alignment Method

[Steffen Moeller]

Package: wnpp
Severity: wishlist
Owner: Steffen Moeller 

* Package name: wham
* URL : http://www.cs.wisc.edu/wham/
* License : GPL
  Programming Lang: C
  Description : Wisconsin's High-Throughput Alignment Method

To be team-maintained on salsa.debian.org/med-team/wham or wham-align.

Bug#929740: RFS: elpy/1.28.0-2

[Nicholas D Steeves]

Package: sponsorship-requests
Severity: important
Control: block 928913 by -1

Dear mentors, (CCing lamby, who I have been working with on this package)

I am looking for a sponsor for my package "elpy".  I filed the unblock
request blocked by this bug.  This upload imports/backports fixes for
two upstream bugs.  The new user experience is greatly enhanced by
fixing those bugs, by fixing significant clarity issues in
README.Debian documentation, by importing the new upstream QuickStart
guide, and finally by adding documentation in the format that seems to
be expected/preferred by Python developers (html).

Package name: elpy
Version : 1.28.0-2
URL : https://github.com/jorgenschaefer/elpy
License : GPL-3+
Section : devel

It builds this binary package:

  elpa-elpy - Emacs Python Development Environment

To access further information about this package, please visit the following 
URL:

  https://mentors.debian.net/package/elpy

Alternatively, one can download the package with dget using this command:

dget -x https://mentors.debian.net/debian/pool/main/e/elpy/elpy_1.28.0-2.dsc

Changes since the last upload:

elpy (1.28.0-2) unstable; urgency=medium

  * debian/rules: Disable DH_VERBOSE.
  * Use sphinx to generate documentation in html format, and use
debian/docs to install it.
(Closes: #928633)
  * Add libjs-sphinxdoc to Recommends.  This package's html doc search page
fails gracefully with "Please activate JavaScript to enable the search
functionality" if a user chooses not to install libjs-sphinxdoc.
  * debian/README.Debian: Make explicit how Debian's Elpy package does
not ship with support for Python 2. (Closes: #927084)
  * debian/control: Clarify comment explaining why the Python 2 package
python-autopep8 is a build dependency.
  * Add 0002-Add-a-quickstart-section-to-the-documentation-1598.patch
(Closes: #927085)
  * Add 0004-Enable-elpy-mode-in-python-buffer-when-enabling-Elpy.patch,
and its prerequisite 0003-Make-sure-we-cannot-load-Elpy-twice.patch.
Also add 0005-Fix-typo.patch, which is a fixup for the 0003-* patch.
See DEP-3 headers of patches for more information. (Closes: #926326)

 -- Nicholas D Steeves   Wed, 29 May 2019 18:05:30 -0400

elpy (1.28.0-1) unstable; urgency=medium


Regards,
Nicholas

Bug#904044: Acknowledgement (RFP: openvpn3 -- Next generation OpenVPN client for Linux)

[David Sommerseth]

We have now provided our own Debian and Ubuntu repositories for the time
being, to have a chance to more easily provide packages to these users.  This
packaging can most likely be improved a lot, which we are aware of.  But it is
at least packages which works and can act as a starting point.

More information can be seen in the announcement sent earlier today:


If someone would be willing to bring the OpenVPN 3 package into the official
repositories, it would be highly appreciated.


-- 
kind regards,

David Sommerseth
OpenVPN Inc




signature.asc
Description: OpenPGP digital signature

Bug#929321: unblock: sqlalchemy/1.2.18+ds1-2 (CVE-2019-7164 CVE-2019-7548)

[Mike Bayer]

On Wed, May 29, 2019, at 5:28 PM, Thomas Goirand wrote:
> 
> Dear Debian release team,
> 
> Please note that, even though I was the person who updated SQLAlchemy to
> apply the upstream CVE fix, I am not the official maintainer of the
> package, and that this is probably up to Piotr to do the work. I'm
> happily replying though. :)
> 
> I'm CC-ing Piotr and Mike Bayer (upstream for SQLAlchemy).
> 
> On 5/28/19 8:59 PM, Paul Gevers wrote:
> > Control: tags -1 moreinfo confirmed
> > 
> > Hi Zigo,
> > 
> > On Tue, 21 May 2019 17:50:28 +0200 Thomas Goirand  wrote:
> >> Note that it may (or not) break some reverse dependencies, though according
> >> to upstream, OpenStack (the biggest SQLAlchemy consumer in Debian) behaves
> >> correctly with it. If this happens, then these reverse dependencies will
> >> have to be fixed.
> > 
> > Do you already have indications that this may be the case?
> 
> For all things OpenStack, I'm pretty sure that everything is ok, because
> the upstream author of SQLAlchemy has been hired by Red Hat to make sure
> OpenStack uses SQLAlchemy the proper way.
> 
> For other dependencies, it's harder to know.
> 
> > How you
> > already warned the reverse dependencies to check? I would appreciate it
> > if you do such that we can also have those fixed reverse dependencies in
> > buster.
> > 
> > Paul
> 
> Here's the list of reverse dependencies for python3-sqlalchemy:
> 
> * buildbot
> * changeme
> * db2twitter
> * dms-core [amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x]
> * mailman3
> * openlp
> * python3-agatesql
> * python3-geoalchemy2
> * python3-osmalchemy
> * python3-pybel
> * python3-sadisplay
> * python3-sqlsoup
> * retweet
> * sqlacodegen
> * yokadi
> 
> Here are those for python-sqlalchemy:
> 
> * archipel-core
> * bauble
> * blogofile-converters
> * childsplay
> * epigrass [amd64 arm64 armel armhf i386 kfreebsd-amd64 mips mips64el
> mipsel ppc64el s390x]
> * gnukhata-core
> * gourmet
> * griffith
> * kamcli
> * pegasus-wms
> * pycsw-wsgi
> * python-elixir
> * python-pywps
> * python-sprox
> * python-sqlkit
> * python-sqlsoup
> * python-zope.sqlalchemy
> * pytrainer
> * vistrails
> * yhsm-yubikey-ksm
> 
> I removed all-things-openstack and libraries who are very unlikely to
> have issues, such as sqlalchemy-utils and others.
> 
> I don't know any of the above package. It would be hard to tell who's
> affected by a related problem, though the miss-use of SQLAlchemy
> (because that's really what we're talking about here... a miss-use that
> should have been considered a bug to begin with, even without the
> applied patch to SQLAlchemy) is quite rare.
> 
> I very much think it's safer to just allow SQLAchemy to migrate right
> now, to fix the potential SQL insertion vulnerability, rather than
> waiting for any (potential, but likely rare) issue in the above reverse
> dependencies.
> 
> I do think a gentle ping to the maintainers of the above packages would
> be nice, but probably mass-filling of bugs isn't needed. How can I
> easily gather the list of maintainer? Is there a script somewhere to do
> this, or should I write it myself (which shouldn't be hard with some
> apt-cache show in a loop...)?
> 
> Piotr, Mike, is what I wrote above accurate?

I can confirm Openstack is likely OK, most packages are likely OK, and if a 
package is not OK, it's a trivial fix for them.


> 
> Cheers,
> 
> Thomas Goirand (zigo)
> 

Bug#927667: gnome: please confirm or revert choice of Wayland for default desktop

[Samuel Thibault]

Hello,

Just so that the info is recorded here as well: as discussed on

https://lists.debian.org/debian-accessibility/2019/02/msg4.html

Wayland does not provide yet the support that the Orca screen reader
needs to provide proper support for blind people (keyboard shortcuts for
GUI review, basically).

Samuel

Bug#929731: unblock: flash-kernel/3.99

[Cyril Brulebois]

Hi,

Niels Thykier  (2019-05-29):
> Vagrant Cascadian:
> > Package: release.debian.org
> > Severity: normal
> > User: release.debian@packages.debian.org
> > Usertags: unblock
> > X-Debbugs-Cc: vagr...@debian.org, debian-b...@lists.debian.org
> > 
> > Please unblock package flash-kernel
> > 
> > This upload adds support for two additional boards, one additional name
> > for another board, and updates the Uploaders list. The changes should be
> > very low risk to existing platforms, and really appreciated by people
> > with the added boards.
> > 
> > 
> > [...]
> > 
> > unblock flash-kernel/3.99

No objections, thanks.


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#929519: unblock: matrix-synapse/0.99.5.1-2

[Andrej Shadura]

Hi,

On Wed, 29 May 2019 at 23:43, Paul Gevers  wrote:
> You're not going to like it.
>
> On Sat, 25 May 2019 12:46:12 +0100 Andrej Shadura 
> wrote:
> > I’m attaching a git diff between patches-applied trees of 0.99.2-5
> > currently in buster and 0.99.5.1-1 currently in experimental (the
> > version in testing ships with a few security fixes backported from
> > 0.99.3). The proposed 0.99.5.1-2 would be a no-change upload with just
> > a changelog bump.
>
>  381 files changed, 20100 insertions(+), 16629 deletions(-)
>
> This isn't re-viewable and is very much not in line with our freeze policy.

Heh. I was hoping for an exception :)

> Shall I proceed and remove the package from buster?

Not yet. I will discuss this with the Synapse upstream to see what is
more suitable. An alternative would be a NEWS/README entry telling
users to upgrade to a version from backports if they want to be able
to use v4 or v5 rooms.

-- 
Cheers,
  Andrej

Bug#929519: unblock: matrix-synapse/0.99.5.1-2

[Paul Gevers]

Control: tags -1 moreinfo

Hi Andrej,

You're not going to like it.

On Sat, 25 May 2019 12:46:12 +0100 Andrej Shadura 
wrote:
> I’m attaching a git diff between patches-applied trees of 0.99.2-5
> currently in buster and 0.99.5.1-1 currently in experimental (the
> version in testing ships with a few security fixes backported from
> 0.99.3). The proposed 0.99.5.1-2 would be a no-change upload with just
> a changelog bump.

 381 files changed, 20100 insertions(+), 16629 deletions(-)

This isn't re-viewable and is very much not in line with our freeze policy.

Shall I proceed and remove the package from buster?

Paul

Bug#909561: simple-cdd: configuration file can't rely on $simple_cdd_dir and other variables

[Vagrant Cascadian]

Control: clone 909561 -1
Control: retitle -1 simple-cdd: support variables in configuration files
Control: tags 909561 pending

On 2019-05-29, Vagrant Cascadian wrote:
> On 2018-09-25, Raphaël Hertzog wrote:
>> I'm putting this as important because it's a regression compared to
>> before the python rewrite and because the sample configuration files shipped
>> in the package make you believe that you can rely on this variable.
>>
>> I'm referring to those lines for example in
>> /usr/share/doc/simple-cdd/examples/simple-cdd.conf.detailed.gz:
>>
>> #debian_cd_dir=$simple_cdd_dir/debian-cd
>> #simple_cdd_temp="$simple_cdd_dir/tmp/"
>> # export SPLASHPNG="$simple_cdd_dir/yourimage.png"
>> #hd_img="$simple_cdd_dir/qemu-test.hd.img"
>>
>> I just checked by putting "env >/tmp/foo" in the configuration file that I
>> passed to the --conf parameter and I confirm that "simple_cdd_dir" is not
>> set in the environment.
>
>> You can decide to set it or not, I don't really care but it should be either
>> documented and supported, or unsupported and with no misleading references
>> to it in the configuration file.

I've added a commit upstream which removes references to variables in
the example configuration files and profiles, since the fix may take
longer.


> I think this extends to setting any variables within variables any of
> simple-cdd's configuration files.
>
> I definitely consider it a bug.

Cloning this bug to track fixing the actual issue.


live well,
  vagrant


signature.asc
Description: PGP signature

Bug#929151: netdata-core: version in stretch-backports newer than version in buster

[Daniel Baumann]

Hi,

I'm on VAC until end of week, will ask for an unblock of 1.12.1-2 next
week (there are a bunch of fixes in that version that need to be in
buster anyway).

Regards,
Daniel

Bug#929486: unblock: debootstick/2.3

[Paul Gevers]

Control: tags -1 confirmed moreinfo

On Fri, 24 May 2019 14:20:54 + =?utf-8?q?Etienne_Dubl=C3=A9?=
 wrote:
> Package 2.3 of debootstick was just uploaded to experimental by my sponsor 
> (Vincent Danjean).
> If you accept this unblock request, he will upload it to unstable.

You're probably aware, but keep in mind that the version needs to be
bumped. Please go ahead and remove the moreinfo tag from this bug when
there is something to unblock.

Paul



signature.asc
Description: OpenPGP digital signature

Bug#929737: gnumail.app: gnumail freezes when 'quit' is clicked

[Svetlana Tkachenko]

Package: gnumail.app
Version: 1.3.0-1+b1
Severity: important

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?

I opened gnumail for the first time. There are no email accounts set up.

   * What exactly did you do (or not do) that was effective (or
 ineffective)?

I clicked 'quit'.

   * What was the outcome of this action?

The 'quit' menu item remained highlighted and gnumail remained open.

   * What outcome did you expect instead?

Instant quit.

*** End of the template - remove these template lines ***


-- System Information:
Debian Release: buster/sid
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8), 
LANGUAGE=ru_RU:ru (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gnumail.app depends on:
ii  addressmanager.app0.4.8-3+b1
ii  gnumail.app-common1.3.0-1
ii  gnustep-back0.27  0.27.0-2
ii  gnustep-base-runtime  1.26.0-4
ii  gnustep-gui-runtime   0.27.0-5
ii  libaddresses0 0.4.8-3+b1
ii  libaddressview0   0.4.8-3+b1
ii  libc6 2.28-5
ii  libgcc1   1:8.3.0-6
ii  libgnustep-base1.26   1.26.0-4
ii  libgnustep-gui0.270.27.0-5
ii  libobjc4  8.3.0-6
ii  libpantomime1.3   1.3.0+dfsg1-3

gnumail.app recommends no packages.

Versions of packages gnumail.app suggests:
ii  gnupg 2.2.12-1
pn  steptalk  

-- no debconf information

Bug#929738: gnumail.app: gnumail freezes when i click 'info > preferences'

[Svetlana Tkachenko]

Package: gnumail.app
Version: 1.3.0-1+b1
Severity: normal

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
open gnumail
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
click info>preferences
   * What was the outcome of this action?
it stays highlighted this menu item and does not open preferences
   * What outcome did you expect instead?
open the preferences dialog where i can add my email accounts

*** End of the template - remove these template lines ***


-- System Information:
Debian Release: buster/sid
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8), 
LANGUAGE=ru_RU:ru (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gnumail.app depends on:
ii  addressmanager.app0.4.8-3+b1
ii  gnumail.app-common1.3.0-1
ii  gnustep-back0.27  0.27.0-2
ii  gnustep-base-runtime  1.26.0-4
ii  gnustep-gui-runtime   0.27.0-5
ii  libaddresses0 0.4.8-3+b1
ii  libaddressview0   0.4.8-3+b1
ii  libc6 2.28-5
ii  libgcc1   1:8.3.0-6
ii  libgnustep-base1.26   1.26.0-4
ii  libgnustep-gui0.270.27.0-5
ii  libobjc4  8.3.0-6
ii  libpantomime1.3   1.3.0+dfsg1-3

gnumail.app recommends no packages.

Versions of packages gnumail.app suggests:
ii  gnupg 2.2.12-1
pn  steptalk  

-- no debconf information

Bug#929321: unblock: sqlalchemy/1.2.18+ds1-2 (CVE-2019-7164 CVE-2019-7548)

[Thomas Goirand]

Dear Debian release team,

Please note that, even though I was the person who updated SQLAlchemy to
apply the upstream CVE fix, I am not the official maintainer of the
package, and that this is probably up to Piotr to do the work. I'm
happily replying though. :)

I'm CC-ing Piotr and Mike Bayer (upstream for SQLAlchemy).

On 5/28/19 8:59 PM, Paul Gevers wrote:
> Control: tags -1 moreinfo confirmed
> 
> Hi Zigo,
> 
> On Tue, 21 May 2019 17:50:28 +0200 Thomas Goirand  wrote:
>> Note that it may (or not) break some reverse dependencies, though according
>> to upstream, OpenStack (the biggest SQLAlchemy consumer in Debian) behaves
>> correctly with it. If this happens, then these reverse dependencies will
>> have to be fixed.
> 
> Do you already have indications that this may be the case?

For all things OpenStack, I'm pretty sure that everything is ok, because
the upstream author of SQLAlchemy has been hired by Red Hat to make sure
OpenStack uses SQLAlchemy the proper way.

For other dependencies, it's harder to know.

> How you
> already warned the reverse dependencies to check? I would appreciate it
> if you do such that we can also have those fixed reverse dependencies in
> buster.
> 
> Paul

Here's the list of reverse dependencies for python3-sqlalchemy:

* buildbot
* changeme
* db2twitter
* dms-core [amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x]
* mailman3
* openlp
* python3-agatesql
* python3-geoalchemy2
* python3-osmalchemy
* python3-pybel
* python3-sadisplay
* python3-sqlsoup
* retweet
* sqlacodegen
* yokadi

Here are those for python-sqlalchemy:

* archipel-core
* bauble
* blogofile-converters
* childsplay
* epigrass [amd64 arm64 armel armhf i386 kfreebsd-amd64 mips mips64el
mipsel ppc64el s390x]
* gnukhata-core
* gourmet
* griffith
* kamcli
* pegasus-wms
* pycsw-wsgi
* python-elixir
* python-pywps
* python-sprox
* python-sqlkit
* python-sqlsoup
* python-zope.sqlalchemy
* pytrainer
* vistrails
* yhsm-yubikey-ksm

I removed all-things-openstack and libraries who are very unlikely to
have issues, such as sqlalchemy-utils and others.

I don't know any of the above package. It would be hard to tell who's
affected by a related problem, though the miss-use of SQLAlchemy
(because that's really what we're talking about here... a miss-use that
should have been considered a bug to begin with, even without the
applied patch to SQLAlchemy) is quite rare.

I very much think it's safer to just allow SQLAchemy to migrate right
now, to fix the potential SQL insertion vulnerability, rather than
waiting for any (potential, but likely rare) issue in the above reverse
dependencies.

I do think a gentle ping to the maintainers of the above packages would
be nice, but probably mass-filling of bugs isn't needed. How can I
easily gather the list of maintainer? Is there a script somewhere to do
this, or should I write it myself (which shouldn't be hard with some
apt-cache show in a loop...)?

Piotr, Mike, is what I wrote above accurate?

Cheers,

Thomas Goirand (zigo)

Bug#929591: unblock: golang-github-seccomp-libseccomp-golang/0.9.0-2

[Paul Gevers]

Control: tags -1 moreinfo

On 28-05-2019 21:35, Shengjing Zhu wrote:
>> I'll binNMU that first, let's see if it doesn't pick up anything else.
>> Otherwise, you know the drill by now.
> 
> It(snapd) would,
> 
> snapd Build-Dpends golang-golang-x-sys.
> 
> Let's binNMU after the mess is cleaned up.

Ok, please remove the moreinfo tag when that is done.

Paul



signature.asc
Description: OpenPGP digital signature

Bug#929736: unblock: firejail/0.9.58.2-2

[Reiner Herrmann]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package firejail

The version in unstable fixes two security issues:

#929732 (debian/patches/seccomp-join.patch):
This issue allowed someone to run a program inside a jail that is protected
by seccomp filters without any seccomp filtering.
The location of the filters inside the jail was writable, so it could
be overwritten/deleted, so programs that were afterwards joined into the jail
had no filter applied.

#929733 (debian/patches/truncation.patch):
A race was possible that allowed someone inside the jail to truncate
the firejail binary outside the jail under certain conditions.
(The jailed program needs to be run as root, and it needs to be terminated
from the outside as root.)

Thanks in advance.

Kind regards,
   Reiner

unblock firejail/0.9.58.2-2
diff -Nru firejail-0.9.58.2/debian/changelog firejail-0.9.58.2/debian/changelog
--- firejail-0.9.58.2/debian/changelog  2019-02-08 20:06:02.0 +0100
+++ firejail-0.9.58.2/debian/changelog  2019-05-29 21:06:42.0 +0200
@@ -1,3 +1,16 @@
+firejail (0.9.58.2-2) unstable; urgency=high
+
+  * Cherry-pick security fix for seccomp bypass issue. (Closes: #929732)
+Seccomp filters were writable inside the jail, so they could be
+overwritten/truncated. Another jail that was then joined with the first
+one, had no seccomp filters applied.
+  * Cherry-pick security fix for binary truncation issue. (Closes: #929733)
+When the jailed program was running as root, and firejail was killed
+from the outside (as root), the jailed program had the possibility to
+truncate the firejail binary outside the jail.
+
+ -- Reiner Herrmann   Wed, 29 May 2019 21:06:42 +0200
+
 firejail (0.9.58.2-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru firejail-0.9.58.2/debian/patches/seccomp-join.patch 
firejail-0.9.58.2/debian/patches/seccomp-join.patch
--- firejail-0.9.58.2/debian/patches/seccomp-join.patch 1970-01-01 
01:00:00.0 +0100
+++ firejail-0.9.58.2/debian/patches/seccomp-join.patch 2019-05-29 
18:57:28.0 +0200
@@ -0,0 +1,91 @@
+From: smitsohu 
+Subject: [PATCH] mount runtime seccomp files read-only (#2602)
+Bug: https://github.com/netblue30/firejail/issues/2718
+Bug-Debian: https://bugs.debian.org/929732
+Origin: upstream, https://github.com/netblue30/firejail/commit/eecf35c
+
+avoid creating locations in the file system that are both writable and
+executable (in this case for processes with euid of the user).
+
+for the same reason also remove user owned libfiles
+when it is not needed any more
+
+--- a/src/firejail/firejail.h
 b/src/firejail/firejail.h
+@@ -57,13 +57,14 @@
+ #define RUN_LIB_FILE  "/run/firejail/mnt/libfiles"
+ #define RUN_DNS_ETC   "/run/firejail/mnt/dns-etc"
+ 
+-#define RUN_SECCOMP_LIST  "/run/firejail/mnt/seccomp.list"// list 
of seccomp files installed
+-#define RUN_SECCOMP_PROTOCOL  "/run/firejail/mnt/seccomp.protocol"// 
protocol filter
+-#define RUN_SECCOMP_CFG   "/run/firejail/mnt/seccomp" 
// configured filter
+-#define RUN_SECCOMP_32"/run/firejail/mnt/seccomp.32"  // 
32bit arch filter installed on 64bit architectures
+-#define RUN_SECCOMP_MDWX  "/run/firejail/mnt/seccomp.mdwx"
// filter for memory-deny-write-execute
+-#define RUN_SECCOMP_BLOCK_SECONDARY   
"/run/firejail/mnt/seccomp.block_secondary" // secondary arch blocking 
filter
+-#define RUN_SECCOMP_POSTEXEC  "/run/firejail/mnt/seccomp.postexec"
// filter for post-exec library
++#define RUN_SECCOMP_DIR   "/run/firejail/mnt/seccomp"
++#define RUN_SECCOMP_LIST  "/run/firejail/mnt/seccomp/seccomp.list"
// list of seccomp files installed
++#define RUN_SECCOMP_PROTOCOL  "/run/firejail/mnt/seccomp/seccomp.protocol"
// protocol filter
++#define RUN_SECCOMP_CFG   "/run/firejail/mnt/seccomp/seccomp" 
// configured filter
++#define RUN_SECCOMP_32"/run/firejail/mnt/seccomp/seccomp.32"  
// 32bit arch filter installed on 64bit architectures
++#define RUN_SECCOMP_MDWX  "/run/firejail/mnt/seccomp/seccomp.mdwx"
// filter for memory-deny-write-execute
++#define RUN_SECCOMP_BLOCK_SECONDARY   
"/run/firejail/mnt/seccomp/seccomp.block_secondary" // secondary arch 
blocking filter
++#define RUN_SECCOMP_POSTEXEC  "/run/firejail/mnt/seccomp/seccomp.postexec"
// filter for post-exec library
+ #define PATH_SECCOMP_DEFAULT (LIBDIR "/firejail/seccomp") 
// default filter built during make
+ #define PATH_SECCOMP_DEFAULT_DEBUG (LIBDIR "/firejail/seccomp.debug") // 
default filter built during make
+ #define PATH_SECCOMP_32 (LIBDIR "/firejail/seccomp.32")   
// 32bit arch filter built during make
+@@ -94,7 +95,6 @@
+ #define RUN_ASOUNDRC_FILE "/run/firejail/mnt/.asoundrc"
+ #define RUN_HOSTNAME_F

Bug#929735: ltsp-client-builder: fails to build ltsp client environment when installing from CD

[Vagrant Cascadian]

Package: ltsp-client-builder
Version: 5.18.12-1
Severity: serious
Tags: patch

ltsp-client-builder defaults are targeted at unsigned CD images, and
currently fail because it does not pass the --trust-file-mirror to
ltsp-build-client, which was introduced to solve this issue in:

  https://bugs.debian.org/911380

But the defaults for ltsp-client-builder were not updated to include
--trust-file-mirror, the following one-line patch adds it:

diff --git a/debian/ltsp-client-builder.templates 
b/debian/ltsp-client-builder.templates
index 996dbda7..a85884a7 100644
--- a/debian/ltsp-client-builder.templates
+++ b/debian/ltsp-client-builder.templates
@@ -29,7 +29,7 @@ _Description: Compressing thin client image...
 
 Template: ltsp-client-builder/build-client-opts
 Type: string
-Default: --mirror file:///media/cdrom --security-mirror none --updates-mirror 
none --accept-unsigned-packages
+Default: --mirror file:///media/cdrom --security-mirror none --updates-mirror 
none --accept-unsigned-packages --trust-file-mirror
 # Only used for preseeding arguments to ltsp-client-builder.
 Description: for internal use: arguments for ltsp-build-client:
  this option is meant to be used with debconf preseeding.


live well,
  vagrant


signature.asc
Description: PGP signature

Bug#929734: unblock: nova/18.1.0-6

[Thomas Goirand]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Dear release team,
Please unblock package nova 18.1.0-6.

During normal operation, it may happen that nova-conductor doesn't
work as expected when requesting a (live) migration of a virtual
machine from one compute node to another. Indeed, some information
may be missing in the json object generated by nova-conductor,
leading to a HTTP 500 error.

This patch fixes the mess if a VM gets into this broken state.

I'm sorry if this isn't a full explanation of how things work, but
it'd be hard to get into the full details of how Nova works. Though
please trust me, this is an important patch that really needs to
be in Buster, and I have tested this patch with success in production.

Cheers,

Thomas Goirand (zigo)

unblock nova/18.1.0-6
diff -Nru nova-18.1.0/debian/changelog nova-18.1.0/debian/changelog
--- nova-18.1.0/debian/changelog2019-03-07 17:24:19.0 +0100
+++ nova-18.1.0/debian/changelog2019-05-29 14:56:05.0 +0200
@@ -1,3 +1,11 @@
+nova (2:18.1.0-6) unstable; urgency=medium
+
+  * Add upstream patch to fix broken request_spec, which in certain cases lead
+to breaking instance migration:
+- Workaround_missing_RequestSpec.instance_group.uuid.patch
+
+ -- Thomas Goirand   Wed, 29 May 2019 14:56:05 +0200
+
 nova (2:18.1.0-5) unstable; urgency=medium
 
   * Revert using uwsgi for nova-api: this breaks the metadata server.
diff -Nru nova-18.1.0/debian/patches/revert-restore-async-keyword.patch 
nova-18.1.0/debian/patches/revert-restore-async-keyword.patch
--- nova-18.1.0/debian/patches/revert-restore-async-keyword.patch   
2019-03-07 17:24:19.0 +0100
+++ nova-18.1.0/debian/patches/revert-restore-async-keyword.patch   
2019-05-29 14:56:05.0 +0200
@@ -6,11 +6,11 @@
 Forwarded: not-needed
 Last-Update: 2018-09-25
 
-diff --git a/nova/db/sqlalchemy/api.py b/nova/db/sqlalchemy/api.py
-index a67747e408..59f0a8c292 100644
 a/nova/db/sqlalchemy/api.py
-+++ b/nova/db/sqlalchemy/api.py
-@@ -202,7 +202,7 @@ def select_db_reader_mode(f):
+Index: nova/nova/db/sqlalchemy/api.py
+===
+--- nova.orig/nova/db/sqlalchemy/api.py
 nova/nova/db/sqlalchemy/api.py
+@@ -204,7 +204,7 @@ def select_db_reader_mode(f):
  use_slave = keyed_args.get('use_slave', False)
  
  if use_slave:
diff -Nru nova-18.1.0/debian/patches/series nova-18.1.0/debian/patches/series
--- nova-18.1.0/debian/patches/series   2019-03-07 17:24:19.0 +0100
+++ nova-18.1.0/debian/patches/series   2019-05-29 14:56:05.0 +0200
@@ -3,3 +3,4 @@
 remove-crashing-blockdiag-doc-line.patch
 revert-restore-async-keyword.patch
 fix-python3-compatibility-ceph.patch
+Workaround_missing_RequestSpec.instance_group.uuid.patch
diff -Nru 
nova-18.1.0/debian/patches/Workaround_missing_RequestSpec.instance_group.uuid.patch
 
nova-18.1.0/debian/patches/Workaround_missing_RequestSpec.instance_group.uuid.patch
--- 
nova-18.1.0/debian/patches/Workaround_missing_RequestSpec.instance_group.uuid.patch
 1970-01-01 01:00:00.0 +0100
+++ 
nova-18.1.0/debian/patches/Workaround_missing_RequestSpec.instance_group.uuid.patch
 2019-05-29 14:56:05.0 +0200
@@ -0,0 +1,45 @@
+Author: Matt Riedemann 
+Date: Tue, 28 May 2019 11:24:11 -0400
+Subject: [PATCH] Workaround missing RequestSpec.instance_group.uuid
+ It's clear that we could have a RequestSpec.instance_group
+ without a uuid field if the InstanceGroup is set from the
+ _populate_group_info method which should only be used for
+ legacy translation of request specs using legacy filter
+ properties dicts.
+ .
+ To workaround the issue, we look for the group scheduler hint
+ to get the group uuid before loading it from the DB.
+ .
+ The related functional regression recreate test is updated
+ to show this solves the issue.
+Change-Id: I20981c987549eec40ad9762e74b0db16e54f4e63
+Closes-Bug: #1830747
+Origin: upstream, https://review.opendev.org/#/c/661786
+Last-Update: 2019-05-29
+
+Index: nova/nova/objects/request_spec.py
+===
+--- nova.orig/nova/objects/request_spec.py
 nova/nova/objects/request_spec.py
+@@ -225,6 +225,8 @@ class RequestSpec(base.NovaObject):
+ policies = list(filter_properties.get('group_policies'))
+ hosts = list(filter_properties.get('group_hosts'))
+ members = list(filter_properties.get('group_members'))
++# TODO(mriedem): We could try to get the group uuid from the
++# group hint in the filter_properties.
+ self.instance_group = objects.InstanceGroup(policy=policies[0],
+ hosts=hosts,
+ members=members)
+@@ -502,6 +504,12 @@ class RequestSpec(base.NovaObject):
+ spec._context = context
+ 
+ 

Bug#929130: falkon: Falkon crash at start

[Bernhard Übelacker]

Control: tags -1 - moreinfo


Hello Bardot Jerome,
unfortunately the debug information did not yet cover
all functions in the backtrace.
The backtrace would be perfect if libdrm-nouveau2-dbgsym
would be installed.

But from the visible parts, following issues seem simliar,
at least the "Assertion `kref' failed." seems equal:


https://bugs.debian.org/927954
https://bugs.freedesktop.org/show_bug.cgi?id=91632


You might also want to look through "dmesg -T" output
if there is anything related to nouveau in the given time.
That might also be helpful for the maintainer.

The output of "lspci -nn | grep VGA" might be helpful too.


This bug might then also be forwarded to libdrm-nouveau2.

Kind regards,
Bernhard

Bug#866758: Fwd: Please close this bug

[Roger T. Imai]

CORRECTION: ...a subsequent AMD microcode update... (I have since switched
from AMD to Intel hardware.)

> I can't find a method or instructions for closing bug 866758, possibly
because I was a contributor, not the original submitter.
> A subsequent kernel or Intel microcode update resolved the issue in my
case.

--Roger T. Imai

Bug#866758: Please close this bug

[Roger T. Imai]

I can't find a method or instructions for closing bug 866758, possibly
because I was a contributor, not the original submitter. A subsequent
kernel or Intel microcode update resolved the issue in my case.

--Roger T. Imai

Bug#928185: unblock: openjdk-11/11.0.3+7-4

[Paul Gevers]

Control: tags -1 928185 moreinfo
Control: reopen -1

Hi,

On 28-05-2019 23:50, Emmanuel Bourg wrote:
> Tony Mancill has prepared the tpu upload yesterday and Matthias was ok
> with 11.0.3+7 in testing [1].

Can I see a debdiff please?

> Unless Buster is expected at the end of July I'd advise against having
> 11.0.4+2 in testing. This version is an early access release, the final
> 11.0.4 release is expected on July 16th [2]. Debian is currently being
> criticized [3] for allowing EA versions of OpenJDK in Debian stable, I
> think it's important to ship Buster with a GA release.

Then please refrain from uploading the wrong version to unstable, we
have experimental for that. TPU doesn't get much testing, and for sure
isn't covered well by our QA yet. So having such a high profile package
with so much changes going through tpu is awkward.

Paul
/me still not amused



signature.asc
Description: OpenPGP digital signature

Bug#928631:

[Alex Korobkin]

Exactly the same issue with AMD Vega 56 videocard, also depends on
vega10_gpu_info.bin:

May 29 11:49:37 debian1 kernel: [4.351872] amdgpu :1a:00.0:
firmware: direct-loading firmware amdgpu/vega10_gpu_info.bin
<..>
May 29 11:49:37 debian1 kernel: [4.352869] amdgpu :1a:00.0:
firmware: direct-loading firmware amdgpu/vega10_sos.bin
May 29 11:49:37 debian1 kernel: [4.352895] amdgpu :1a:00.0:
firmware: direct-loading firmware amdgpu/vega10_asd.bin
May 29 11:49:37 debian1 kernel: [4.352971] amdgpu :1a:00.0:
firmware: direct-loading firmware amdgpu/vega10_acg_smc.bin
May 29 11:49:37 debian1 kernel: [4.352996] amdgpu :1a:00.0:
firmware: direct-loading firmware amdgpu/vega10_pfp.bin
May 29 11:49:37 debian1 kernel: [4.353008] amdgpu :1a:00.0:
firmware: direct-loading firmware amdgpu/vega10_me.bin
May 29 11:49:37 debian1 kernel: [4.353019] amdgpu :1a:00.0:
firmware: direct-loading firmware amdgpu/vega10_ce.bin
May 29 11:49:37 debian1 kernel: [4.353031] amdgpu :1a:00.0:
firmware: direct-loading firmware amdgpu/vega10_rlc.bin
May 29 11:49:37 debian1 kernel: [4.353109] amdgpu :1a:00.0:
firmware: direct-loading firmware amdgpu/vega10_mec.bin
May 29 11:49:37 debian1 kernel: [4.353188] amdgpu :1a:00.0:
firmware: direct-loading firmware amdgpu/vega10_mec2.bin
May 29 11:49:37 debian1 kernel: [4.355194] amdgpu :1a:00.0:
firmware: direct-loading firmware amdgpu/vega10_sdma.bin
May 29 11:49:37 debian1 kernel: [4.355209] amdgpu :1a:00.0:
firmware: direct-loading firmware amdgpu/vega10_sdma1.bin


-- 
-Alex

Bug#929346: atril: Segmentation when launche atril on wayland on chromeos

[Bernhard Übelacker]

Control: tags -1 patch


Dear Maintainer,
I am just looking at some random bug reports with crashes.

In this case I think atril is or was not prepared to run
in a wayland session.

Attached patch is based on some porting guide to wayland and
with that atril shows its main window. Nothing more was tested.

I tested with a current Buster VM too - there this crash was
not to observe. But, as far as I see, atril got no changes
in ev_application_open_window like in my patch.
Therefore maybe Gtk got a fix to avoid this?

Should this bug marked fixed for atril/1.20.3-1 ?
Or marked as closed as Buster does not show it?

Kind regards,
Bernhard


(gdb) bt
#0  0x in  ()
#1  0x7fe7bfec2129 in g_hash_table_lookup_node (hash_return=, key=0x67, hash_table=0x565449548100) at ././glib/ghash.c:375
#2  0x7fe7bfec2129 in g_hash_table_lookup (hash_table=0x565449548100, 
key=key@entry=0x67) at ././glib/ghash.c:1147
#3  0x7fe7c1d4850c in lookup_cached_xatom (atom=0x67, 
display=0x565449535040 [GdkWaylandDisplay]) at ././gdk/x11/gdkproperty-x11.c:76
#4  0x7fe7c1d4850c in gdk_x11_atom_to_xatom_for_display 
(display=0x565449535040 [GdkWaylandDisplay], atom=0x67) at 
././gdk/x11/gdkproperty-x11.c:109
#5  0x7fe7c1d574c9 in gdk_x11_get_server_time 
(window=window@entry=0x56544953b7e0 [GdkWaylandWindow]) at 
././gdk/x11/gdkwindow-x11.c:5534
#6  0x565447e18c8b in ev_application_open_window (application=, screen=, timestamp=0) at ev-application.c:718
#7  0x565447e148bc in load_files (files=0x0) at main.c:168
#8  0x565447e148bc in main (argc=, argv=) at 
main.c:268
Description: Avoid crash running within wayland

Author: Bernhard Übelacker 
Bug-Debian: https://bugs.debian.org/929346
Forwarded: no
Last-Update: 2019-05-29

--- atril-1.16.1.orig/shell/ev-application.c
+++ atril-1.16.1/shell/ev-application.c
@@ -623,11 +623,14 @@ ev_application_open_uri_in_window (EvApp
 
 	gdk_window = gtk_widget_get_window (GTK_WIDGET (ev_window));
 
-	if (timestamp <= 0)
-		timestamp = gdk_x11_get_server_time (gdk_window);
-	gdk_x11_window_set_user_time (gdk_window, timestamp);
-
-	gtk_window_present (GTK_WINDOW (ev_window));
+#ifdef GDK_WINDOWING_X11
+	if (GDK_IS_X11_WINDOW (gdk_window)) {
+		if (timestamp <= 0)
+			timestamp = gdk_x11_get_server_time (gdk_window);
+		gdk_x11_window_set_user_time (gdk_window, timestamp);
+	} else
+#endif
+		gtk_window_present (GTK_WINDOW (ev_window));
 }
 
 static void
@@ -714,11 +717,14 @@ ev_application_open_window (EvApplicatio
 
 	gdk_window = gtk_widget_get_window (GTK_WIDGET (new_window));
 
-	if (timestamp <= 0)
-		timestamp = gdk_x11_get_server_time (gdk_window);
-	gdk_x11_window_set_user_time (gdk_window, timestamp);
-
-	gtk_window_present (GTK_WINDOW (new_window));
+#ifdef GDK_WINDOWING_X11
+	if (GDK_IS_X11_WINDOW (gdk_window)) {
+		if (timestamp <= 0)
+			timestamp = gdk_x11_get_server_time (gdk_window);
+		gdk_x11_window_set_user_time (gdk_window, timestamp);
+	} else
+#endif
+		gtk_window_present (GTK_WINDOW (new_window));
 }
 
 #ifdef ENABLE_DBUS

# Stretch amd64 qemu VM 2019-05-29


apt update
apt dist-upgrade


apt install systemd-coredump gnome fakeroot mc linux-perf-4.9 gdb valgrind 
atril atril-dbgsym libgtk-3-0-dbgsym libglib2.0-0-dbg
apt build-dep atril



mkdir /home/benutzer/source/atril/orig -p
cd/home/benutzer/source/atril/orig
apt source atril
cd


reboot
# login with Gnome with Wayland


atril


#

benutzer@debian:~$ atril
WaylandCompositor requires eglCreateImage and eglDestroyImage.
Nested Wayland compositor could not initialize EGL
Speicherzugriffsfehler (Speicherabzug geschrieben)



dmesg
[  949.126009] atril[1898]: segfault at 0 ip   (null) sp 
7fff20006c58 error 14 in atril[565447df7000+66000]


journalctl --no-pager
Mai 29 13:31:30 debian kernel: atril[1898]: segfault at 0 ip   (null) 
sp 7fff20006c58 error 14 in atril[565447df7000+66000]
Mai 29 13:31:30 debian systemd[1]: Created slice 
system-systemd\x2dcoredump.slice.
Mai 29 13:31:30 debian systemd[1]: Started Process Core Dump (PID 1926/UID 0).
Mai 29 13:31:30 debian systemd-coredump[1927]: Process 1898 (atril) of user 
1000 dumped core.
   
   Stack trace of thread 1898:
   #0  0x n/a (n/a)


root@debian:~# coredumpctl list
TIMEPID   UID   GID SIG COREFILE EXE
Wed 2019-05-29 13:31:30 CEST   1898  1000  1000  11 present  /usr/bin/atril


root@debian:~# coredumpctl gdb 1898
   PID: 1898 (atril)
   UID: 1000 (benutzer)
   GID: 1000 (benutzer)
Signal: 11 (SEGV)
 Timestamp: Wed 2019-05-29 13:31:30 CEST (3min 31s ago)
  Command Line: atril
Executable: /usr/bin/atril
 Control Group: 
/user.slice/user-1000.slice/user@1000.service/gnome-terminal-server.service
  Unit: user@1000.service
 User Unit: gnome-te

Bug#929733: firejail: binary can be truncated by root under certain conditions

[Reiner Herrmann]

Source: firejail
Version: 0.9.58.2-1
Severity: important
Tags: security upstream pending fixed-upstream
Forwarded: https://github.com/netblue30/firejail/issues/2401
X-Debbugs-CC: t...@security.debian.org

Firejail is affected by an issue similar to CVE-2019-5736.

Under certain conditions the firejail binary outside the jail
can be truncated [0]:

> * The sandbox must be running exploit code.
> * The sandbox must be running as root.
> * The sandbox parent is killed instantly by an unhandled signal, i.e. 
> something different from SIGTERM (kill ) or SIGINT (ctrl+c). This cannot 
> be done from inside the sandbox (because of the pid namespace), and also it 
> cannot be done from the outside without root privileges. As only root 
> him/herself is able to kill the sandbox in this way, this kind of attack is 
> not relevant with regards to Firejail's SUID property.

Which can also be exploited with firejail's --shutdown command:
> And that was wrong, --shutdown also had this problem (now fixed in shutdown.c)

I set severity to important, as it requires root privileges inside and outside
the jail to exploit it.

It is fixed in [1] (and amended in [2]), and in the new upstream release 0.9.60.
The earliest affected version is currently unknown.

I will upload the fix to unstable soon, together with #929732.

[0] https://github.com/netblue30/firejail/issues/2401
[1] https://github.com/netblue30/firejail/commit/fcba07c
[2] https://github.com/netblue30/firejail/commit/faa1ec7


signature.asc
Description: PGP signature

Bug#929731: unblock: flash-kernel/3.99

[Niels Thykier]

Control: tags -1 confirmed d-i

Vagrant Cascadian:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> X-Debbugs-Cc: vagr...@debian.org, debian-b...@lists.debian.org
> 
> Please unblock package flash-kernel
> 
> This upload adds support for two additional boards, one additional name
> for another board, and updates the Uploaders list. The changes should be
> very low risk to existing platforms, and really appreciated by people
> with the added boards.
> 
> 
> [...]
> 
> unblock flash-kernel/3.99
> 
> 
> Thanks for considering!
> 
> live well,
>   vagrant
> 

Hi,

Thanks, this is marked OK from a release team PoV.  Adding KiBi for a
d-i ack before the final unblock.

Thanks,
~Niels

Bug#929728: systemd autopkgtest 'storage' fails adding/rmmoding scsi_debug

[Dan Streetman]

On Wed, May 29, 2019 at 12:08 PM Michael Biebl  wrote:
>
> Am 29.05.19 um 18:02 schrieb Dan Streetman:
> > Package: systemd
> > Version: 241-5
> > Severity: normal
> > Tags: patch
> > User: ubuntu-de...@lists.ubuntu.com
> > Usertags: origin-ubuntu eoan ubuntu-patch
> >
> > Dear Maintainer,
> >
> > 'storage' test fails on some archs/releases trying to modprobe and/or rmmod 
> > scsi_debug.
> >
>
> I've never seen this failure. Can you eloborate on the conditions when
> this happens?

a couple examples - search for scsi_debug:
https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-eoan/eoan/amd64/s/systemd/20190529_064803_7dbf0@/log.gz
https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-cosmic/cosmic/amd64/s/systemd/20190216_115842_cf8d3@/log.gz



>
>
> --
> Why is it that all of the instruments seeking intelligent life in the
> universe are pointed away from Earth?
>

Bug#929730: systemd: boot-and-services test expects first kernel log line, but not always in logs

[Dan Streetman]

On Wed, May 29, 2019 at 12:35 PM Michael Biebl  wrote:
>
> Am 29.05.19 um 18:19 schrieb Dan Streetman:
> > Package: systemd
> > Version: 241-5
> > Severity: normal
> > Tags: patch
> > User: ubuntu-de...@lists.ubuntu.com
> > Usertags: origin-ubuntu eoan ubuntu-patch
> >
> > Dear Maintainer,
> >
> > boot-and-services test expects the first(ish) kernel log line to be in the 
> > system logs, but that is not guaranteed to be in the logs.
> >
> > -- Package-specific info:
> >
> >
> >   * d/t/boot-and-services:
> > - don't fail if some kernel msgs are missed (LP: #1830479)
>
>
> Afair, this is due to the kernel ring buffer being too small (on arm64)
> Wouldn't it be better to address that? After all, you also want early
> boot messages when running systemd in production.

that's one reason; is systemd missing kernel messages due to no fault
of its own really something that should fail the test case?

note that unless systemd-journald explicitly noted that kernel
messages were missed, it still checks for the command-line kernel line

>
>
> --
> Why is it that all of the instruments seeking intelligent life in the
> universe are pointed away from Earth?
>

Bug#929732: firejail: seccomp bypass when joining jails

[Reiner Herrmann]

Source: firejail
Version: 0.9.52-1
Severity: critical
Tags: security upstream pending fixed-upstream
Forwarded: https://github.com/netblue30/firejail/issues/2718
X-Debbugs-CC: t...@security.debian.org

A bug in firejail allows bypassing seccomp protection when
an existing jail is joined with another one [2].

Upstream description [0]:
> Seccomp filters are copied into /run/firejail/mnt, and are writable
> within the jail. A malicious process can modify files from inside the
> jail. Processes that are later joined to the jail will not have seccomp
> filters applied.

A fix is available [1] and also released in the new upstream version 0.9.60.
I will upload a backported fix to 0.9.58.2-1 to unstable soon.

The earliest acknowledged version that is affected is 0.9.52 (upstream
provides a patch for this version in [0]), but likely earlier versions
are affected as well.

According to [2], a CVE number has been requested.

[0] 
https://github.com/netblue30/firejail/commit/30f6000e72bd8d9eee6a0d2e700d69ed9be3aa29
[1] 
https://github.com/netblue30/firejail/commit/eecf35c2f8249489a1d3e512bb07f0d427183134
[2] https://github.com/netblue30/firejail/issues/2718


signature.asc
Description: PGP signature

Bug#929717: golang-fsnotify: FTBFS: dh_auto_test: cd obj-x86_64-linux-gnu && go test -vet=off -v -p 4 github.com/fsnotify/fsnotify returned exit code 1

[Shengjing Zhu]

Control: severity -1 important

On Wed, May 29, 2019 at 10:39 PM Lucas Nussbaum  wrote:
> > --- FAIL: TestInotifyOverflow (4.69s)
> > inotify_test.go:442: Could not trigger overflow

Unfortunately, this test expects your system's
fs.inotify.max_queued_events is not greater than 128*1024.
This is usually fine, as the default is 16384. Thus I also don't think
this is RC.

--
Shengjing Zhu

Bug#929716: notary: FTBFS: dh_auto_test: cd _build && go test -vet=off -v -p 4 github.com/theupdateframework/notary [...] github.com/theupdateframework/notary/version returned exit code 1

[Shengjing Zhu]

Control: severity -1 normal

On Wed, May 29, 2019 at 10:39 PM Lucas Nussbaum  wrote:
>
[...]

> > --- FAIL: TestSetupNetListener (0.00s)
> > require.go:794:
> >   Error Trace:config_test.go:61
> >   Error:  Received unexpected error:
> >   listen tcp 127.0.0.1:: bind: address 
> > already in use
> >   Test:   TestSetupNetListener
> > FAIL

This test need to listen on .

I don't think this would be RC, so I will downgrade this bug.

-- 
Shengjing Zhu

Bug#929721: golang-github-gin-gonic-gin: FTBFS: dh_auto_test: cd obj-x86_64-linux-gnu && go test -vet=off -v -p 4 github.com/gin-gonic/gin github.com/gin-gonic/gin/binding github.com/gin-gonic/gin/gin

[Shengjing Zhu]

Control: severity -1 normal

On Wed, May 29, 2019 at 10:39 PM Lucas Nussbaum  wrote:
>
[...]
> > [GIN-debug] GET/test --> 
> > github.com/gin-gonic/gin.setupHTMLGlob.func1.1 (1 handlers)
> > [GIN-debug] GET/raw  --> 
> > github.com/gin-gonic/gin.setupHTMLGlob.func1.2 (1 handlers)
> > [GIN-debug] Listening and serving HTTPS on :
> > [GIN-debug] [ERROR] listen tcp :: bind: address already in use

This test needs to listen on .

I don't think this would be RC, so I will downgrade this bug.


--
Shengjing Zhu

Bug#929730: systemd: boot-and-services test expects first kernel log line, but not always in logs

[Michael Biebl]

Am 29.05.19 um 18:19 schrieb Dan Streetman:
> Package: systemd
> Version: 241-5
> Severity: normal
> Tags: patch
> User: ubuntu-de...@lists.ubuntu.com
> Usertags: origin-ubuntu eoan ubuntu-patch
> 
> Dear Maintainer,
> 
> boot-and-services test expects the first(ish) kernel log line to be in the 
> system logs, but that is not guaranteed to be in the logs.
> 
> -- Package-specific info:
> 
> 
>   * d/t/boot-and-services:
> - don't fail if some kernel msgs are missed (LP: #1830479)


Afair, this is due to the kernel ring buffer being too small (on arm64)
Wouldn't it be better to address that? After all, you also want early
boot messages when running systemd in production.


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#929731: unblock: flash-kernel/3.99

[Vagrant Cascadian]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: vagr...@debian.org, debian-b...@lists.debian.org

Please unblock package flash-kernel

This upload adds support for two additional boards, one additional name
for another board, and updates the Uploaders list. The changes should be
very low risk to existing platforms, and really appreciated by people
with the added boards.


diff -Nru flash-kernel-3.98/db/all.db flash-kernel-3.99/db/all.db
--- flash-kernel-3.98/db/all.db 2019-04-04 14:37:13.0 -0700
+++ flash-kernel-3.99/db/all.db 2019-05-23 09:54:49.0 -0700
@@ -481,6 +481,13 @@
 U-Boot-Script-Name: bootscr.sunxi
 Required-Packages: u-boot-tools
 
+Machine: FriendlyARM NanoPi NEO 2
+Kernel-Flavors: arm64
+Boot-Script-Path: /boot/boot.scr
+DTB-Id: allwinner/sun50i-h5-nanopi-neo2.dtb
+U-Boot-Script-Name: bootscr.uboot-generic
+Required-Packages: u-boot-tools
+
 Machine: Gemei G9 Tablet
 Kernel-Flavors: armmp
 Boot-Script-Path: /boot/boot.scr
@@ -945,12 +952,20 @@
 Required-Packages: u-boot-tools
 
 Machine: Marvell 8040 MACCHIATOBin
+Machine: Marvell 8040 MACCHIATOBin Double-shot
 Machine: Marvell 8040 MACHIATOBin
 Kernel-Flavors: arm64
 DTB-Id: marvell/armada-8040-mcbin.dtb
 Boot-Script-Path: /boot/boot.scr
 U-Boot-Script-Name: bootscr.uboot-generic
 Required-Packages: u-boot-tools
+
+Machine: Marvell 8040 MACCHIATOBin Single-shot
+Kernel-Flavors: arm64
+DTB-Id: marvell/armada-8040-mcbin-singleshot.dtb
+Boot-Script-Path: /boot/boot.scr
+U-Boot-Script-Name: bootscr.uboot-generic
+Required-Packages: u-boot-tools
 
 # Marvell dev board has different names depending on how it's booted,
 # via DTB or older ATAGS
diff -Nru flash-kernel-3.98/debian/changelog flash-kernel-3.99/debian/changelog
--- flash-kernel-3.98/debian/changelog  2019-04-04 14:38:42.0 -0700
+++ flash-kernel-3.99/debian/changelog  2019-05-24 18:36:25.0 -0700
@@ -1,3 +1,18 @@
+flash-kernel (3.99) unstable; urgency=medium
+
+  [ Domenico Andreoli ]
+  * Add support for NanoPi NEO2 (Closes: #928861).
+
+  [ Cyril Brulebois ]
+  * Remove Christian Perrier from Uploaders, with many thanks for all
+his contributions over the years! (Closes: #927488)
+
+  [ Heinrich Schuchardt ]
+  * Add Marvell 8040 MACCHIATOBin Double-shot and Single-shot.
+(Closes: #928951)
+
+ -- Vagrant Cascadian   Fri, 24 May 2019 18:36:25 -0700
+
 flash-kernel (3.98) unstable; urgency=medium
 
   [ Vagrant Cascadian ]
diff -Nru flash-kernel-3.98/debian/control flash-kernel-3.99/debian/control
--- flash-kernel-3.98/debian/control2019-02-27 22:52:45.0 -0800
+++ flash-kernel-3.99/debian/control2019-05-12 14:42:39.0 -0700
@@ -2,8 +2,7 @@
 Section: utils
 Priority: optional
 Maintainer: Debian Install System Team 
-Uploaders: Christian Perrier ,
-   Vagrant Cascadian ,
+Uploaders: Vagrant Cascadian ,
Karsten Merker 
 Build-Depends: debhelper (>= 9), devio, linux-base (>= 3.2), dash
 Standards-Version: 3.9.6

unblock flash-kernel/3.99


Thanks for considering!

live well,
  vagrant


signature.asc
Description: PGP signature

Bug#929127: geeqie: build with ffmpegthumbnailer

[Andreas Ronnquist]

tags 929127 + pending
thanks

Thanks for your report - I have committed a fix in the packaging git
repository, so it will be included in the next release of geeqie in
Debian after the Debian freeze.

best
-- Andreas Rönnquist
gus...@debian.org

Bug#929730: systemd: boot-and-services test expects first kernel log line, but not always in logs

[Dan Streetman]

Package: systemd
Version: 241-5
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu eoan ubuntu-patch

Dear Maintainer,

boot-and-services test expects the first(ish) kernel log line to be in the 
system logs, but that is not guaranteed to be in the logs.

-- Package-specific info:


  * d/t/boot-and-services:
- don't fail if some kernel msgs are missed (LP: #1830479)


Thanks for considering the patch.


-- System Information:
Debian Release: buster/sid
  APT prefers disco-updates
  APT policy: (500, 'disco-updates'), (500, 'disco-security'), (500, 'disco'), 
(100, 'disco-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.0.0-13-generic (SMP w/24 CPU cores)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages systemd is related to:
pn  dracut   
ii  initramfs-tools  0.131ubuntu19
ii  udev 240-6ubuntu5
diff -Nru systemd-241/debian/tests/boot-and-services 
systemd-241/debian/tests/boot-and-services
--- systemd-241/debian/tests/boot-and-services  2019-05-24 16:58:59.0 
-0400
+++ systemd-241/debian/tests/boot-and-services  2019-05-29 12:17:13.0 
-0400
@@ -108,8 +108,15 @@
 with open('/var/log/syslog') as f:
 log = f.read()
 if not is_container:
+out = subprocess.check_output(['journalctl'])
+if re.search(b'Missed.*kernel messages', out):
+# if we missed some, just check for any kernel msg
+kernel_regex = 'kernel:.*'
+else:
+# otherwise, check for the first(ish) kernel msg
+kernel_regex = 'kernel:.*[cC]ommand line:'
 # has kernel messages
-self.assertRegex(log, 'kernel:.*[cC]ommand line:')
+self.assertRegex(log, kernel_regex)
 # has init messages
 self.assertRegex(log, 'systemd.*Reached target Graphical Interface')
 # has other services
@@ -185,8 +192,14 @@
 def test_no_options(self):
 out = subprocess.check_output(['journalctl'])
 if not is_container:
+if re.search(b'Missed.*kernel messages', out):
+# if we missed some, just check for any kernel msg
+kernel_regex = b'kernel:.*'
+else:
+# otherwise, check for the first(ish) kernel msg
+kernel_regex = b'kernel:.*[cC]ommand line:'
 # has kernel messages
-self.assertRegex(out, b'kernel:.*[cC]ommand line:')
+self.assertRegex(out, kernel_regex)
 # has init messages
 self.assertRegex(out, b'systemd.*Reached target Graphical Interface')
 # has other services

Bug#924147: geeqie-common: Please add Multi-Arch: foreign

[Andreas Ronnquist]

tags 924147 + pending
thanks

Thanks for your report - I have committed a fix for this in the
packaging git repository, so it will be fixed in the next upload after
the Debian freeze.

best
-- Andreas Rönnquist
gus...@debian.org

Bug#929728: systemd autopkgtest 'storage' fails adding/rmmoding scsi_debug

[Michael Biebl]

Am 29.05.19 um 18:02 schrieb Dan Streetman:
> Package: systemd
> Version: 241-5
> Severity: normal
> Tags: patch
> User: ubuntu-de...@lists.ubuntu.com
> Usertags: origin-ubuntu eoan ubuntu-patch
> 
> Dear Maintainer,
> 
> 'storage' test fails on some archs/releases trying to modprobe and/or rmmod 
> scsi_debug.
> 

I've never seen this failure. Can you eloborate on the conditions when
this happens?


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#929726: ask-password: prevent buffer overrow when reading from keyring

[Dan Streetman]

On Wed, May 29, 2019 at 11:58 AM Michael Biebl  wrote:
>
> Thanks for the patch, Dan.
> I see this has already been committed upstream, which is great.
>
> Am 29.05.19 um 17:50 schrieb Dan Streetman:
> > +Subject: [PATCH] ask-password: prevent buffer overrow when reading from
>  ^
> I assume this is a typo and you meant either buffer overrun or overflow

yes, sorry, i just copied from the github bug:
https://github.com/systemd/systemd/pull/12566

>
> --
> Why is it that all of the instruments seeking intelligent life in the
> universe are pointed away from Earth?
>

Bug#929729: lintian: \n in filenames cause "md5sum: ...: No such file or directory"

[Jakub Wilk]

Package: lintian
Version: 2.15.0
Severity: minor

Newlines in filenames make Lintian very unhappy:

  $ lintian newline_1_all.deb
  md5sum: 'usr/share/newline/\n/etc/issue': No such file or directory
  command failed with error code 123 at /usr/share/perl5/Lintian/Command.pm 
line 344.
Lintian::Command::reap(HASH(0x57efd804)) called at 
/usr/share/lintian/collection/md5sums line 60
Lintian::coll::md5sums::collect("newline", "binary", 
"/tmp/temp-lintian-lab-oLpiOKhXw6/pool/n/newline/newline_1_all"...) called at 
/usr/share/perl5/Lintian/CollScript.pm line 227
Lintian::CollScript::collect(Lintian::CollScript=HASH(0x582cec54), "newline", 
"binary", "/tmp/temp-lintian-lab-oLpiOKhXw6/pool/n/newline/newline_1_all"...) called at 
/usr/share/perl5/Lintian/Unpacker.pm line 396
eval {...} called at /usr/share/perl5/Lintian/Unpacker.pm line 396
Lintian::Unpacker::__ANON__() called at 
/usr/share/perl5/IO/Async/Loop.pm line 2109
eval {...} called at /usr/share/perl5/IO/Async/Loop.pm line 2109
IO::Async::Loop::fork(IO::Async::Loop::Poll=HASH(0x59142200), "code", 
CODE(0x5915e704), "on_exit", CODE(0x5914c430)) called at 
/usr/share/perl5/Lintian/Unpacker.pm line 444
eval {...} called at /usr/share/perl5/Lintian/Unpacker.pm line 369
Lintian::Unpacker::__ANON__("md5sums-binary:newline/1/all", 
Lintian::CollScript=HASH(0x582cec54), Lintian::Lab::Entry=HASH(0x57d40bac), 
Lintian::DepMap::Properties=HASH(0x590f4e18)) called at 
/usr/share/perl5/Lintian/Unpacker.pm line 436
Lintian::Unpacker::__ANON__(1750, 0) called at 
/usr/share/perl5/IO/Async/Loop.pm line 2770
IO::Async::Loop::_reap_children(HASH(0x59118dc8)) called at 
/usr/share/perl5/IO/Async/Loop.pm line 2829
IO::Async::Loop::__ANON__() called at /usr/share/perl5/IO/Async/Loop.pm 
line 805
IO::Async::Loop::__ANON__() called at /usr/share/perl5/IO/Async/OS.pm 
line 577
IO::Async::OS::_Base::__ANON__(IO::Async::Handle=HASH(0x59119688)) 
called at /usr/share/perl5/IO/Async/Loop/Poll.pm line 172

IO::Async::Loop::Poll::post_poll(IO::Async::Loop::Poll=HASH(0x59142200)) called 
at /usr/share/perl5/IO/Async/Loop/Poll.pm line 285

IO::Async::Loop::Poll::loop_once(IO::Async::Loop::Poll=HASH(0x59142200), undef) 
called at /usr/share/perl5/IO/Async/Loop.pm line 524
IO::Async::Loop::run(IO::Async::Loop::Poll=HASH(0x59142200)) called at 
/usr/share/perl5/Lintian/Unpacker.pm line 463
Lintian::Unpacker::process_tasks(Lintian::Unpacker=HASH(0x57f3fe94), 
HASH(0x57aba954)) called at /usr/share/lintian/commands/lintian.pm line 949
main::unpack_group("newline/1", 
Lintian::ProcessableGroup=HASH(0x57d40904)) called at 
/usr/share/lintian/commands/lintian.pm line 731
main::__ANON__() called at /usr/share/lintian/commands/lintian.pm line 
1645
main::timed_task(CODE(0x5912bc18)) called at 
/usr/share/lintian/commands/lintian.pm line 734
main::__ANON__() called at /usr/share/lintian/commands/lintian.pm line 
1645
main::timed_task(CODE(0x5912b394)) called at 
/usr/share/lintian/commands/lintian.pm line 767
main::main() called at /usr/bin/lintian line 46
eval {...} called at /usr/bin/lintian line 46
main::__ANON__("/usr/share/lintian/commands/lintian.pm") called at 
/usr/bin/lintian line 114
dplint::run_tool("/usr/bin/lintian", "lintian") called at 
/usr/bin/lintian line 290
dplint::main() called at /usr/bin/lintian line 359
  warning: collect info md5sums about package newline failed (512)
  warning: skipping check of binary package newline


The source package for this deb is here:
https://github.com/jwilk/newline.deb
You will probably need very old dpkg (<< 1.18.1) to build it; see 
#929727.



-- System Information:
Architecture: i386

Versions of packages lintian depends on:
ii  binutils   2.31.1-16
ii  bzip2  1.0.6-9
ii  diffstat   1.62-1
ii  dpkg   1.19.6
ii  dpkg-dev   1.19.6
ii  file   1:5.35-4
ii  gettext0.19.8.1-9
ii  gpg2.2.13-2
ii  intltool-debian0.35.0+20060710.5
ii  libapt-pkg-perl0.1.34+b1
ii  libarchive-zip-perl1.64-1
ii  libcapture-tiny-perl   0.48-1
ii  libcgi-pm-perl 4.40-1
ii  libclass-accessor-perl 0.51-1
ii  libclone-perl  0.41-1+b1
un  libdigest-sha-perl 
ii  libdpkg-perl   1.19.6
ii  libemail-valid-perl1.202-1
ii  libfile-basedir-perl   0.08-1
ii  libio-async-perl   0.72-1
ii  libipc-run-perl20180523.0-1
ii  liblist-moreutils-perl 0.416-1+b4
ii  libparse-debianchangelog-perl  1.2.0-13
ii  libpath-tiny-perl  0.108-1
ii  libtext-levenshtein-perl   0.13-1
ii  libtimedate-perl  

Bug#924913: trackpad on L480 unusable after upgrade to testing

[Alois Schlögl]

On 3/26/19 9:03 PM, Romain Perier wrote:
> On Wed, Mar 20, 2019 at 08:24:33AM +0100, Alois Schlögl wrote:
>> On 3/18/19 7:46 PM, Romain Perier wrote:
>>> On Mon, Mar 18, 2019 at 12:43:10PM +0100, Alois Schlögl wrote:
 On 3/18/19 12:20 PM, Romain Perier wrote:
> Hello,
>
> On Mon, Mar 18, 2019 at 11:27:41AM +0100, Alois Schlögl wrote:
>> Source: linux
>> Severity: normal
>>
>> Dear Maintainer,
>>
>>    On a Lenovo L480 laptop, I've upgraded Debian from 9 (stretch) to 10
>> (testing).
>>    After the upgrade, the touchpad and the trackpoint was not usable
>> anymore.
>>
>>
>>    This already has some bug report here,
>>    https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1803600
>>
>>    As a workaround, one can run the command,
>>    sudo sh -c 'echo -n "elantech">
>> /sys/bus/serio/devices/serio1/protocol'
>>    in order to use the touchpad. However, on a GUI Interface and without
>>    an external mouse, it's impossible to apply this workaround
>>   (switching to the terminal -F1, login, and run the command
>> above might work)
>>
>>    I expect to be able to use the touchpad just out of the box, not 
>> needing
>>    to run the above workaround
>>
> Could you :
>
> - Test with the last kernel uploaded to unstable (4.19.0-4:4.19.28) and 
> confirm or
>   not is the problem still exists ?
 Dear Romain


 I upgraded the kernel and rebooted:

 schloegl@debian10:~$ uname -a
 Linux debian10 4.19.0-4-amd64 #1 SMP Debian 4.19.28-2 (2019-03-15)
 x86_64 GNU/Linux


 With this kernel the trackpoint is working, the trackpad is still not
 usable.

 (This improves the situation because now at least one pointer device is
 available).


>>> Good, we did some progress :)
>>>
> - According to the bug on launchpad and to the fix pushed upstream, the
>   fix seems to be an hardware quirks, could you give me the output of the
>   following command :
>   $ /sys/bus/serio/devices/serio1/firmware_id
 root@debian10:~# cat /sys/bus/serio/devices/serio1/firmware_id
 PNP: LEN2036 PNP0f13

>>> Could you test the patch attached to this reply ?
>>> (if you don't know how to do this, I can provide support)
>>>
>>> Regards,
>>> Romain
>>
>>
>> I tried to followed these instructions:
>>
>> https://kernel-team.pages.debian.net/kernel-handbook/ch-comm
>>
>> 4.5. Building a custom kernel from Debian kernel source
>>
>> Specifically using the patched the sources,
>>
>> *scripts/config --disable MODULE_SIG*
>> **scripts/config --disable DEBUG_INFO**
>> ||*|make clean|* ||*|make deb-pkg
>>
>> |*
>>
>> and ended up with a kernel that does not boot (missing HD audio firmware),
>>
>>
>> Which procedure do you recommend to build and install a modified kernel ?
>>
>>
> Hi,
>
> Section 4.2 from
> https://kernel-team.pages.debian.net/kernel-handbook/ch-common-tasks.html#s-common-official
> , until test-patches should work. For the test-patches script, use the 
> flavour and a
> featureset as argument, when you invoke it, like this :
>
> # debian/bin/test-patches -f amd64 -s none 
> /path/to/0001-Input-elantech-disable-elan-i2c-for-L480.patch
>
> This will apply the patch on the fly, configure the kernel for amd64
> and build a version with a special changelog entry and a special suffix
> version dedicated to the test version you generate.
>
>
> In case of troubles, I can provide another way, from git with few
> commands.
>
>
> Hope this helps,
> Regards,
> Romain


Dear Romain,


your instructions to build the kernel worked fine, when trying to
install the kernel,

   sudo dpkg -i linux-headers-4.19.0-5-amd64_4.19.37-3a~test_amd64.deb 
linux-image-4.19.0-5-amd64-unsigned_4.19.37-3a~test_amd64.deb

I run into problem, getting this warning. 


 │ You are running a kernel (version 4.19.0-5-amd64) and attempting to
remove the same
version.
   
│
 │  

  
│
 │ This can make the system unbootable as it will remove
/boot/vmlinuz-4.19.0-5-amd64 and all modules under the directory
/lib/modules/4.19.0-5-amd64. This can only be fixed with a copy  │
 │ of the kernel image and the corresponding
modules.
 
│
 │  

  
│
 │ It is highly recommended to abort the kernel removal unless you are
prepared to fix the system after
removal.   

Bug#929728: systemd autopkgtest 'storage' fails adding/rmmoding scsi_debug

[Dan Streetman]

Package: systemd
Version: 241-5
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu eoan ubuntu-patch

Dear Maintainer,

'storage' test fails on some archs/releases trying to modprobe and/or rmmod 
scsi_debug.

-- Package-specific info:


  * d/t/storage:
- fix handling of scsi_debug module, test drives (LP: #1829347)


Thanks for considering the patch.


-- System Information:
Debian Release: buster/sid
  APT prefers disco-updates
  APT policy: (500, 'disco-updates'), (500, 'disco-security'), (500, 'disco'), 
(100, 'disco-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.0.0-13-generic (SMP w/24 CPU cores)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages systemd is related to:
pn  dracut   
ii  initramfs-tools  0.131ubuntu19
ii  udev 240-6ubuntu5
diff -Nru systemd-241/debian/tests/storage systemd-241/debian/tests/storage
--- systemd-241/debian/tests/storage2019-05-24 16:58:59.0 -0400
+++ systemd-241/debian/tests/storage2019-05-29 11:52:19.0 -0400
@@ -12,40 +12,69 @@
 from glob import glob
 
 
-@unittest.skipIf(os.path.isdir('/sys/module/scsi_debug'),
- 'The scsi_debug module is already loaded')
+SCSI_DEBUG_DIR='/sys/bus/pseudo/drivers/scsi_debug'
+
 class FakeDriveTestBase(unittest.TestCase):
 @classmethod
 def setUpClass(klass):
-# create a fake SCSI hard drive
-subprocess.check_call(['modprobe', 'scsi_debug', 'dev_size_mb=32'])
+if not os.path.isdir(SCSI_DEBUG_DIR):
+subprocess.call(['modprobe', 'scsi_debug', 'dev_size_mb=32'],
+stderr=subprocess.DEVNULL)
+# if still not available, we can't run any of our tests
+if not os.path.isdir(SCSI_DEBUG_DIR):
+klass.skipTest('scsi_debug module not loaded')
+
+def setUp(self):
+# remove any existing drives, then add back one for us to use
+self.remove_scsi_debug_drives()
+with open(os.path.join(SCSI_DEBUG_DIR, 'add_host'), 'r+') as f:
+print('Adding scsi_debug drive')
+f.write('1')
+for wait in range(10):
+f.seek(0)
+if f.read().strip() == '1':
+break
+time.sleep(0.1)
+else:
+self.skipTest('Could not add scsi_debug drive to test')
 # wait until drive got created
 sys_dirs = []
-while not sys_dirs:
-sys_dirs = 
glob('/sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*:*/block')
+for tries in range(100):
+sys_dirs = glob(os.path.join(SCSI_DEBUG_DIR,
+ 'adapter*/host*/target*/*:*/block'))
+if sys_dirs:
+break
 time.sleep(0.1)
-assert len(sys_dirs) == 1
+if len(sys_dirs) < 1:
+self.skipTest('could not find scsi_debug block device')
+elif len(sys_dirs) > 1:
+self.skipTest('too many scsi_debug block devices (%s)' % 
len(sys_dirs))
 devs = os.listdir(sys_dirs[0])
 assert len(devs) == 1
-klass.device = '/dev/' + devs[0]
-
-@classmethod
-def tearDownClass(klass):
-# create a fake SCSI hard drive
-subprocess.check_call(['rmmod', 'scsi_debug'])
+self.device = '/dev/' + devs[0]
 
 def tearDown(self):
-# clear drive
-with open(self.device, 'wb') as f:
-block = b'0' * 1048576
-try:
-while True:
-f.write(block)
-except OSError:
-pass
+self.remove_scsi_debug_drives()
 subprocess.check_call(['udevadm', 'settle'])
 subprocess.check_call(['systemctl', 'daemon-reload'])
 
+def remove_scsi_debug_drives(self):
+with open(os.path.join(SCSI_DEBUG_DIR, 'add_host'), 'r+') as f:
+n = f.read().strip()
+f.seek(0)
+if n == '0':
+return
+print('Removing %s scsi_debug test drive(s)' % n)
+f.write('-%s' % n)
+for wait in range(50):
+f.seek(0)
+n = f.read().strip()
+if n == '0':
+break
+time.sleep(0.1)
+else:
+self.skipTest('Could not remove %s scsi_debug drives' % n)
+
 
 class CryptsetupTest(FakeDriveTestBase):
 def setUp(self):
@@ -215,6 +244,7 @@
 self.format_luks()
 with open('/etc/crypttab', 'w') as f:
 f.write('%s %s none luks,tmp\n' % (self.plaintext_name, 
self.device))
+self.apply('cryptsetup.target')
 
 mountpoint = '/run/crypt1.systemdtest'
 os.mkdir(moun

Bug#929726: ask-password: prevent buffer overrow when reading from keyring

[Michael Biebl]

Thanks for the patch, Dan.
I see this has already been committed upstream, which is great.

Am 29.05.19 um 17:50 schrieb Dan Streetman:
> +Subject: [PATCH] ask-password: prevent buffer overrow when reading from
 ^
I assume this is a typo and you meant either buffer overrun or overflow

-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#929727: dpkg: "newline not allowed in pathname" despite --nocheck

[Jakub Wilk]

Package: dpkg
Version: 1.19.6
Severity: minor

I tried to build a package with \n in filenames, but to no avail:

  dpkg-deb --nocheck --build debian/newline ../newline_1_all.deb
  dpkg-deb: warning: not checking contents of control area
  dpkg-deb: building an unknown package in '../newline_1_all.deb'.
  dpkg-deb: error: newline not allowed in pathname './usr/share/newline/
  '

The man page promises that with the --nocheck option, "you can build any 
archive you want, no matter how broken", so I expected this to work.


The source package that I used for testing is here:
https://github.com/jwilk/newline.deb 



-- System Information:
Architecture: i386

Versions of packages dpkg depends on:
ii  libbz2-1.0   1.0.6-9
ii  libc62.28-10
ii  liblzma5 5.2.4-1
ii  libselinux1  2.8-1+b1
ii  zlib1g   1:1.2.11.dfsg-1
ii  tar  1.30+dfsg-6

--
Jakub Wilk

Bug#929726: ask-password: prevent buffer overrow when reading from keyring

[Dan Streetman]

Package: systemd
Version: 241-5
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu eoan ubuntu-patch

Dear Maintainer,

When we read from keyring, a temporary buffer is allocated in order to
determine the size needed for the entire data. However, when zeroing that area,
we use the data size returned by the read instead of the lesser size allocate
for the buffer.

That will cause memory corruption that causes systemd-cryptsetup to crash
either when a single large password is used or when multiple passwords have
already been pushed to the keyring

  * d/p/ask-password-prevent-buffer-overrow-when-reading-fro.patch:
- prevent buffer overflow when reading keyring (LP: #1814373)


Thanks for considering the patch.


-- System Information:
Debian Release: buster/sid
  APT prefers disco-updates
  APT policy: (500, 'disco-updates'), (500, 'disco-security'), (500, 'disco'), 
(100, 'disco-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.0.0-13-generic (SMP w/24 CPU cores)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages systemd is related to:
pn  dracut   
ii  initramfs-tools  0.131ubuntu19
ii  udev 240-6ubuntu5
diff -Nru 
systemd-241/debian/patches/ask-password-prevent-buffer-overrow-when-reading-fro.patch
 
systemd-241/debian/patches/ask-password-prevent-buffer-overrow-when-reading-fro.patch
--- 
systemd-241/debian/patches/ask-password-prevent-buffer-overrow-when-reading-fro.patch
   1969-12-31 19:00:00.0 -0500
+++ 
systemd-241/debian/patches/ask-password-prevent-buffer-overrow-when-reading-fro.patch
   2019-05-29 11:44:09.0 -0400
@@ -0,0 +1,35 @@
+From 59c55e73eaee345e1ee67c23eace8895ed499693 Mon Sep 17 00:00:00 2001
+From: Thadeu Lima de Souza Cascardo 
+Date: Mon, 13 May 2019 16:58:01 -0300
+Subject: [PATCH] ask-password: prevent buffer overrow when reading from
+ keyring
+
+When we read from keyring, a temporary buffer is allocated in order to
+determine the size needed for the entire data. However, when zeroing that area,
+we use the data size returned by the read instead of the lesser size allocate
+for the buffer.
+
+That will cause memory corruption that causes systemd-cryptsetup to crash
+either when a single large password is used or when multiple passwords have
+already been pushed to the keyring.
+
+Signed-off-by: Thadeu Lima de Souza Cascardo 
+
+Origin: upstream, 
https://github.com/systemd/systemd/commit/59c55e73eaee345e1ee67c23eace8895ed499693
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1814373
+
+---
+ src/shared/ask-password-api.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/src/shared/ask-password-api.c
 b/src/shared/ask-password-api.c
+@@ -81,7 +81,7 @@
+ if (n < m)
+ break;
+ 
+-explicit_bzero_safe(p, n);
++explicit_bzero_safe(p, m);
+ free(p);
+ m *= 2;
+ }
diff -Nru systemd-241/debian/patches/series systemd-241/debian/patches/series
--- systemd-241/debian/patches/series   2019-05-24 16:58:59.0 -0400
+++ systemd-241/debian/patches/series   2019-05-29 11:44:29.0 -0400
@@ -35,3 +35,4 @@
 debian/Let-graphical-session-pre.target-be-manually-started.patch
 debian/Add-env-variable-for-machine-ID-path.patch
 debian/Drop-seccomp-system-call-filter-for-udev.patch
+ask-password-prevent-buffer-overrow-when-reading-fro.patch

Bug#929725: ddd: Window does not close when killed with ctrl-z

[Shawn Landden]

Package: ddd
Version: 1:3.3.12-5.1+b2
Severity: normal

If I do ctrl-z to kill ddd, the window remains open. I have to use xkill to 
close it.

-- System Information:
Debian Release: 10.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 
'experimental-debug'), (1, 'experimental')
Architecture: ppc64el (ppc64le)

Kernel: Linux 5.1.0-gfe9812cb9 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages ddd depends on:
ii  libc6   2.28-10
ii  libgcc1 1:9.1.0-1
ii  libstdc++6  9.1.0-1
ii  libtinfo6   6.1+20181013-2
ii  libx11-62:1.6.7-1
ii  libxaw7 2:1.0.13-1+b2
ii  libxm4  2.3.8-2
ii  libxmu6 2:1.1.2-2+b3
ii  libxpm4 1:3.5.12-1
ii  libxt6  1:1.1.5-1+b3

Versions of packages ddd recommends:
ii  gdb  8.2.50.20190222-1

Versions of packages ddd suggests:
pn  cups-bsd | lpr   
pn  ddd-doc  
pn  glibc-doc
pn  gnuplot  
pn  info 
ii  openssh-client [rsh-client]  1:7.9p1-10
ii  perl 5.28.1-6
pn  pydb 
pn  x11-utils
pn  xterm

-- no debconf information

Bug#929724: unblock: shim-signed/1.32

[Steve McIntyre]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package shim-signed

I've tweaked the shim-signed packaging to make what I believe are all
the changes wanted before we get our latest signed binaries back from
the Microsoft CA. Summary:

  * Add Breaks/Replaces to shim-signed-common for
update-secureboot-policy etc. Closes: #929673
  * update-secureboot-policy: fix error if /var/lib/dkms does not
exist. Closes: #923718
  * Separate the helper scripts into a new shim-signed-common package,
apart from the actual signed shim binaries so that we can
sensibly support co-installability using Multi-Arch.
Closes: #928486
  * Add/update translations:
+ Italian (Closes: #915993, thanks to Beatrice Torracca)
+ Swedish (Closes: #921410, thanks to Matrin Bagge)
+ Russian (Closes: #99, thanks to Lev Lamberov)
+ Dutch (Closes: #917580, #926664, thanks to Frans Spiesschaert)
  * Remove doc link used to quieten old lintian versions

The main fixes are for #928486 (which is blocking some users building
multi-arch live media), but I've also rolled in a trivial fix for
#923718 (cosmetic) and a bunch of translation updates (filtered out
here). #929673 showed I made a daft mistake with the 1.31 upload. :-(

I expect to make one more shim-signed upload before buster, just
adding the new signed binaries. I'm doing all the other changes here
and now to make that final change as small and as easy to review as
possible.

This package still has the same outstanding RC bug as version 1.30
(#928107), which is impossible to fix right now. When they arrive, the
new signed binaries will allow us to fix this with the 1.33 upload.

debdiff attached.

unblock shim-signed/1.32

-- System Information:
Debian Release: 10.0
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru shim-signed-1.30/debian/changelog shim-signed-1.32/debian/changelog
--- shim-signed-1.30/debian/changelog   2019-04-23 00:01:10.0 +0100
+++ shim-signed-1.32/debian/changelog   2019-05-28 14:23:54.0 +0100
@@ -1,3 +1,27 @@
+shim-signed (1.32) unstable; urgency=medium
+
+  * Add Breaks/Replaces to shim-signed-common for
+update-secureboot-policy etc. Closes: #929673
+
+ -- Steve McIntyre <93...@debian.org>  Tue, 28 May 2019 14:23:54 +0100
+
+shim-signed (1.31) unstable; urgency=medium
+
+  * update-secureboot-policy: fix error if /var/lib/dkms does not
+exist. Closes: #923718
+  * Separate the helper scripts into a new shim-signed-common package,
+apart from the actual signed shim binaries so that we can
+sensibly support co-installability using Multi-Arch.
+Closes: #928486
+  * Add/update translations:
++ Italian (Closes: #915993, thanks to Beatrice Torracca)
++ Swedish (Closes: #921410, thanks to Matrin Bagge)
++ Russian (Closes: #99, thanks to Lev Lamberov)
++ Dutch (Closes: #917580, #926664, thanks to Frans Spiesschaert)
+  * Remove doc link used to quieten old lintian versions
+
+ -- Steve McIntyre <93...@debian.org>  Mon, 27 May 2019 23:02:10 +0100
+
 shim-signed (1.30) unstable; urgency=medium
 
   * Force the built-using version to be 15+1533136590.3beb971-6. That
diff -Nru shim-signed-1.30/debian/control shim-signed-1.32/debian/control
--- shim-signed-1.30/debian/control 2019-04-22 23:59:15.0 +0100
+++ shim-signed-1.32/debian/control 2019-05-28 14:23:54.0 +0100
@@ -18,6 +18,7 @@
 
 Package: shim-signed
 Architecture: amd64 i386 arm64
+Multi-Arch: same
 Depends: ${misc:Depends},
  grub-efi-amd64-bin [amd64],
  shim-helpers-amd64-signed (>= 1+15+1533136590.3beb971+5) [amd64],
@@ -25,8 +26,7 @@
  shim-helpers-i386-signed (>= 1+15+1533136590.3beb971+5) [i386],
  grub-efi-arm64-bin [arm64],
  shim-helpers-arm64-signed (>= 1+15+1533136590.3beb971+5) [arm64],
- grub2-common (>= 2.02+dfsg1-16),
- mokutil
+ grub2-common (>= 2.02+dfsg1-16)
 Recommends: secureboot-db
 Built-Using: shim (= 15+1533136590.3beb971-6)
 Description: Secure Boot chain-loading bootloader (Microsoft-signed binary)
@@ -38,3 +38,19 @@
  .
  This package contains the version of the bootloader binary signed by the
  Microsoft UEFI CA.
+
+Package: shim-signed-common
+Multi-Arch: foreign
+Architecture: all
+Depends: ${misc:Depends}, mokutil
+Replaces: shim-signed (<< 1.32+15+1533136590.3beb971-5)
+Breaks: shim-signed (<< 1.32+15+1533136590.3beb971-5)
+Description: Secure Boot chain-loading bootloader (common helper scripts)
+ This package provides a minimalist boot loader which allows verifying
+ signatures of other UEFI binaries against either the Secure Boot DB/DBX or
+ against a built-in signature database.  Its pu

Bug#879741: next steps / request for help with phpmyadmin for debian buster

[Blümel Matthias]

Here we go: unit-tests are back in debian/rules :D.

I'm stuggling at the moment with my setup for selenium-tests. This has
nothing to do with package-related suff, the tests on a git-checkout
are also failing.

As long as I can see, the unit-tests are only testing basic stuff.
There seems to be nothing with twig-templates, shapefiles, 2fa,  pdf-
export, …

Tomorrow is public holiday in Germany, but I already "catched" one of
our trainees for testing the package and it's dependencies starting on
friday.

@felipe: can you enable the issues-feature on the project? Are you fine
with the way I mentioned in comment #62 to update to the current
version? If so, who triggers the update? Am I able to push to master
with the "developer"-role?

Grüße
Matthias

Am Mittwoch, den 29.05.2019, 07:54 +0200 schrieb Michal Čihař:
> Hi
> 
> There are phpunit tests including Selenium ones. Running unit tests
> should be quite easy to achieve and should verify that PHP code works
> well, for the Selenium tests the setup would be probably more complex
> to do (it should be possible with the chromium-driver package, but I
> have no experience here).
> 
> See upstream script for execution examples:
> 
> https://github.com/phpmyadmin/phpmyadmin/blob/QA_4_8/test/ci-test
> 
> 
> https://github.com/phpmyadmin/phpmyadmin/blob/QA_4_8/test/ci-selenium
> 
> 

Bug#929723: RM: python-json-schema-validator -- ROM; RC buggy, no longer maintained

[Neil Williams]

Package: ftp.debian.org
Severity: normal

The package is RC buggy due to: 918632 where
I declared the intention to remove the package.
There has been no comment on that from anyone
and I would like to have the package removed
from Debian.

Thanks

Neil Williams

Bug#929130: falkon: Falkon crash at start

[Bardot Jérôme]

Hello,

First thx because you make a clear response to my email.
With clear step even if i m not even advance developer & debian power
user to understand all the command line.

For next time i just add 2 LC_ALL=C.

And the command line become :

LC_ALL=C script -a ~/gdb-falkon_$(date +%Y-%m-%d_%H-%M-%S).log -c
"LC_ALL=C gdb -q -ex 'set width 0' -ex 'set pagination off' -ex 'run'
-ex 'info reg' -ex 'display/i \$pc' -ex 'bt' -ex 'info share' -ex 'bt
full' -ex detach -ex quit --args falkon"

To your question about graphic driver yes i always try to use Free
Drivers. It’s a little non sense to use a free distro with non free stuff.


Let me know if you need more information

Jerome

Le 28/05/2019 à 18:08, Bernhard Übelacker a écrit :
> Control: tags -1 moreinfo
>
>
>
> Hello Bardot Jerome,
> I am just looking at some random bug reports with crashes.
>
> The last page of the strace output might point into the
> direction of the graphic driver, you are using the free
> nouveau driver?
>
> For more information you might consider adding the dbgsym
> repositories to your system like described here:
>
> 
> https://wiki.debian.org/HowToGetABacktrace#Installing_the_debugging_symbols
>
> Then the following packages would be needed:
>
> gdb falkon-dbgsym libgl1-mesa-dri-dbgsym
>
> And then start in an terminal window falkon with this command:
>
> script -a ~/gdb-falkon_$(date +%Y-%m-%d_%H-%M-%S).log -c "gdb -q -ex 'set 
> width 0' -ex 'set pagination off' -ex 'run' -ex 'info reg' -ex 'display/i 
> \$pc' -ex 'bt' -ex 'info share' -ex 'bt full' -ex detach -ex quit --args 
> falkon"
>
> That should create a gdb-galkon_*.log text file in your
> home directory, that you could forward to this bug.
>
> Kind regards,
> Bernhard


Script started on 2019-05-29 16:38:11+02:00 [TERM="xterm" TTY="/dev/pts/2" COLUMNS="127" LINES="44"]
Reading symbols from falkon...Reading symbols from /usr/lib/debug/.build-id/c9/06ac282d61fcba1ad37663e0dfb1583d82385a.debug...done.
done.
Starting program: /usr/bin/falkon 
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x7fffe2a6d700 (LWP 2018)]
qt5ct: using qt5ct plugin
[New Thread 0x7fffd85ea700 (LWP 2019)]
[New Thread 0x7fffd7839700 (LWP 2020)]
[Detaching after fork from child process 2021]
[New Thread 0x7fffd7038700 (LWP 2022)]
[New Thread 0x7fffd6837700 (LWP 2023)]
[New Thread 0x7fffd6036700 (LWP 2024)]
[New Thread 0x7fffd5835700 (LWP 2025)]
[New Thread 0x7fffd5034700 (LWP 2026)]
[New Thread 0x7fffd4833700 (LWP 2027)]
[New Thread 0x7fffb7fff700 (LWP 2028)]
[New Thread 0x7fffb77fe700 (LWP 2029)]
[New Thread 0x7fffb6ffd700 (LWP 2030)]
[New Thread 0x7fffb67fc700 (LWP 2031)]
[New Thread 0x7fffb5ffb700 (LWP 2032)]
[New Thread 0x7fffb57fa700 (LWP 2033)]
[New Thread 0x7fffb4ff9700 (LWP 2034)]
[New Thread 0x7fff9bfff700 (LWP 2035)]
[New Thread 0x7fff9b7fe700 (LWP 2036)]
[New Thread 0x7fff9affd700 (LWP 2037)]
[New Thread 0x7fff9a7fc700 (LWP 2038)]
[New Thread 0x7fff99ffb700 (LWP 2039)]
[New Thread 0x7fff997fa700 (LWP 2040)]
[New Thread 0x7fff98ff9700 (LWP 2041)]
[New Thread 0x7fff77fff700 (LWP 2042)]
[New Thread 0x7fff777fe700 (LWP 2043)]
Falkon: 1 extensions loaded
qt5ct: D-Bus global menu: no
QObject::connect: invalid null parameter
qt5ct: custom style sheet is disabled
[New Thread 0x7fff766fa700 (LWP 2044)]
[New Thread 0x7fff75917700 (LWP 2064)]
[New Thread 0x7fff63fff700 (LWP 2093)]
[Thread 0x7fff63fff700 (LWP 2093) exited]
falkon: ../nouveau/pushbuf.c:723: nouveau_pushbuf_data: Assertion `kref' failed.

Thread 1 "falkon" received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
50	../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
rax0x0 0
rbx0x6 6
rcx0x7fffef0e97bb  140737204099003
rdx0x0 0
rsi0x7fffce10  140737488342544
rdi0x2 2
rbp0x7fffef236ee0  0x7fffef236ee0
rsp0x7fffce10  0x7fffce10
r8 0x0 0
r9 0x7fffce10  140737488342544
r100x8 8
r110x246   582
r120x7fffe0930052  140736961118290
r130x7fffe0930068  140736961118312
r140x2d3   723
r150x0 0
rip0x7fffef0e97bb  0x7fffef0e97bb <__GI_raise+267>
eflags 0x246   [ PF ZF IF ]
cs 0x3351
ss 0x2b43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
1: x/i $pc
=> 0x7fffef0e97bb <__GI_raise+267>:	mov0x108(%rsp),%rcx
#0  0x7fffef0e97bb in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1  0x7fffef0d4535 in __GI_abort () at 

Bug#929722: unblock: python-debian/0.1.35

[Stuart Prescott]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Dear Release Team,

There are two important bugs in python-debian that I would like to fix in
buster. I don't think the changes are sufficiently large or problematic to
prevent that, but I seek your pre-approval for them prior to uploading
(diff against 0.1.34 attached).

* debian_support.PackageFile is completely broken with non-ASCII Packages
  and Sources files when used with Python 3. (#928655)
* when processing debian/copyright files, NotMachineReadableError is not
  raised when the file is not copyright-format/1.0. (not filed in the bts,
  MR submitted directly, would be severity:important since it makes the
  debian.copyright  module almost unusable for consumers like
  sources.debian.net)

There are additionally two other minor bugs that are already fixed in git.
Fixing them seems reasonable to me but your input is sought.

* Stop using the deprecated autopkgtest needs-recommends restriction.
* Prevent accidental overwriting of abc.Mapping and typing.Mapping with
  Python 3.

regards
Stuart


unblock python-debian/0.1.35

-- System Information:
Debian Release: 10.0
  APT prefers testing
  APT policy: (550, 'testing'), (500, 'testing-proposed-updates'), (500, 
'testing-debug'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_AU:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff --git a/debian/changelog b/debian/changelog
index 5d1db94..60d9f95 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,18 @@
+python-debian (0.1.35) unstable; urgency=medium
+
+  [ Stuart Prescott ]
+  * Fix decode error when using debian_support.PackageFile by allowing the
+caller to specify an encoding, defaulting to UTF-8 (Closes: #928655).
+  * Remove needs-recommends from autopkgtest definitions.
+
+  [ Jan Teske ]
+  * Fix overwriting of names in importing abc.Mapping and typing.Mapping.
+
+  [ Jelmer Vernooij ]
+  * Correctly raise NotMachineReadableError when no format is set.
+
+ -- Stuart Prescott   Thu, 30 May 2019 00:23:06 +1000
+
 python-debian (0.1.34) unstable; urgency=medium
 
   [ Jelmer Vernooij ]
diff --git a/debian/tests/control b/debian/tests/control
index ecb50a4..386071d 100644
--- a/debian/tests/control
+++ b/debian/tests/control
@@ -1,17 +1,19 @@
 Tests: python3-debian
-Restrictions: allow-stderr needs-recommends
+Restrictions: allow-stderr
 Depends:
  binutils (>= 2.23),
  python3-all,
+ python3-apt,
  python3-debian,
  debian-keyring,
  debian-archive-keyring
 
 Tests: python-debian
-Restrictions: allow-stderr needs-recommends
+Restrictions: allow-stderr
 Depends:
  binutils (>= 2.23),
  python2.7,
+ python-apt,
  python-debian,
  python-unittest2,
  debian-keyring,
diff --git a/lib/debian/copyright.py b/lib/debian/copyright.py
index cfe587b..d360784 100644
--- a/lib/debian/copyright.py
+++ b/lib/debian/copyright.py
@@ -639,7 +639,7 @@ class Header(deb822.RestrictedWrapper):
 super(Header, self).__init__(data)
 
 fmt = self.format   # type: ignore
-if fmt != _CURRENT_FORMAT:
+if fmt != _CURRENT_FORMAT and fmt is not None:
 # Add a terminal slash onto the end if missing
 if not fmt.endswith('/'):
 fmt += "/"
diff --git a/lib/debian/deb822.py b/lib/debian/deb822.py
index 3dbd41c..0686cdb 100644
--- a/lib/debian/deb822.py
+++ b/lib/debian/deb822.py
@@ -222,16 +222,11 @@ from __future__ import absolute_import, print_function
 import collections
 try:
 # Python 3
-from collections.abc import (
-Mapping,
-MutableMapping,
-)
+import collections.abc as collections_abc
 except ImportError:
 # Python 2.7 cruft
-from collections import (
-Mapping,
-MutableMapping,
-)
+# pylint: disable=reimported
+import collections as collections_abc# type: ignore
 
 import datetime
 import email.utils
@@ -321,7 +316,7 @@ class RestrictedFieldError(Error):
 """Raised when modifying the raw value of a field is not allowed."""
 
 
-class TagSectionWrapper(Mapping):
+class TagSectionWrapper(collections_abc.Mapping):
 """Wrap a TagSection object, using its find_raw method to get field values
 
 This allows us to pick which whitespace to strip off the beginning and end
@@ -423,7 +418,7 @@ class OrderedSet(object):
 # ###
 
 
-class Deb822Dict(MutableMapping):
+class Deb822Dict(collections_abc.MutableMapping):
 """A dictionary-like object suitable for storing RFC822-like data.
 
 Deb822Dict behaves like a normal dict, except:
diff --git a/lib/debian/debian_support.py b/lib/debian/debian_support.py
index 851eb90..cf4a26e 100644
--- a/lib/debian/debian_support.py
+++ b/lib/debian/debian_support.py
@@ -379,7 +379,7 @@ class Packa

Bug#929718: gdcm: FTBFS: dh_makeshlibs: failing due to earlier errors

[Lucas Nussbaum]

Source: gdcm
Version: 2.8.8-6
Severity: serious
Tags: buster sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20190529 qa-ftbfs
Justification: FTBFS in buster on amd64

Hi,

During a rebuild of all packages in buster (in a buster chroot, not a
sid chroot), your package failed to build on amd64.

Relevant part (hopefully):
> make[1]: Entering directory '/<>'
> # do not compress .map file for doxygen graph
> dh_compress -X.map -X.pdf
> make[1]: Leaving directory '/<>'
>dh_fixperms -O--buildsystem=cmake\+ninja
>dh_clifixperms -O--buildsystem=cmake\+ninja
>dh_missing -O--buildsystem=cmake\+ninja
>dh_strip -O--buildsystem=cmake\+ninja
>dh_makeshlibs -O--buildsystem=cmake\+ninja
> dpkg-gensymbols: error: some symbols or patterns disappeared in the symbols 
> file: see diff output below
> dpkg-gensymbols: warning: debian/libvtkgdcm2.8a/DEBIAN/symbols doesn't match 
> completely debian/libvtkgdcm2.8a.symbols
> --- debian/libvtkgdcm2.8a.symbols (libvtkgdcm2.8a_2.8.8-6_amd64)
> +++ dpkg-gensymbolspIQKll 2019-05-29 05:16:07.185014757 +
> @@ -855,17 +855,17 @@
>   _ZN31vtkImageMapToWindowLevelColors2D1Ev@Base 2.8.7
>   _ZN31vtkImageMapToWindowLevelColors2D2Ev@Base 2.8.7
>   _ZN4gdcm11DataElement12SetByteValueEPKcNS_2VLE@Base 2.8.7
> - (arch-bits=64)_ZN4gdcm12SmartPointerINS_15SequenceOfItemsEEaSEPS1_@Base 
> 2.8.7-2~
> +#MISSING: 2.8.8-6# 
> (arch-bits=64)_ZN4gdcm12SmartPointerINS_15SequenceOfItemsEEaSEPS1_@Base 
> 2.8.7-2~
>   _ZN4gdcm12SmartPointerINS_5ValueEEaSEPS1_@Base 2.8.7
>   _ZN4gdcm20BitmapToBitmapFilterD1Ev@Base 2.8.7
>   _ZN4gdcm20BitmapToBitmapFilterD2Ev@Base 2.8.7
> - 
> _ZN4gdcm22EncodingImplementationILi74550907EE4ReadINS_6StringILc92ELj16ELc32EvPT_mRSi@Base
>  2.8.7
> +#MISSING: 2.8.8-6# 
> _ZN4gdcm22EncodingImplementationILi74550907EE4ReadINS_6StringILc92ELj16ELc32EvPT_mRSi@Base
>  2.8.7
>   
> _ZN4gdcm22EncodingImplementationILi74550907EE4ReadINS_6StringILc92ELj64ELc0EvPT_mRSi@Base
>  2.8.7
>   
> _ZN4gdcm22EncodingImplementationILi74550907EE4ReadINS_6StringILc92ELj64ELc32EvPT_mRSi@Base
>  2.8.7
>   _ZN4gdcm22EncodingImplementationILi74550907EE4ReadIdEEvPT_mRSi@Base 2.8.7
>   _ZN4gdcm22EncodingImplementationILi74550907EE4ReadIiEEvPT_mRSi@Base 2.8.7-2~
>   
> _ZN4gdcm22EncodingImplementationILi74550907EE5WriteINS_6StringILc92ELj64ELc0EvPKT_mRSo@Base
>  2.8.7
> - 
> (arch-bits=64)_ZN4gdcm22EncodingImplementationILi74550907EE5WriteINS_6StringILc92ELj64ELc32EvPKT_mRSo@Base
>  2.8.7-2~
> +#MISSING: 2.8.8-6# 
> (arch-bits=64)_ZN4gdcm22EncodingImplementationILi74550907EE5WriteINS_6StringILc92ELj64ELc32EvPKT_mRSo@Base
>  2.8.7-2~
>   _ZN4gdcm4ItemD1Ev@Base 2.8.7
>   _ZN4gdcm4ItemD2Ev@Base 2.8.7
>   _ZN4gdcm6Object10UnRegisterEv@Base 2.8.7
> dh_makeshlibs: failing due to earlier errors
> make: *** [debian/rules:49: binary] Error 2

The full build log is available from:
   http://qa-logs.debian.net/2019/05/29/gdcm_2.8.8-6_testing.log

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on EC2 VM instances from
Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
failed build was retried once to eliminate random failures.

Bug#929721: golang-github-gin-gonic-gin: FTBFS: dh_auto_test: cd obj-x86_64-linux-gnu && go test -vet=off -v -p 4 github.com/gin-gonic/gin github.com/gin-gonic/gin/binding github.com/gin-gonic/gin/gin

[Lucas Nussbaum]

Source: golang-github-gin-gonic-gin
Version: 1.3.0+dfsg1-3
Severity: serious
Tags: buster sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20190529 qa-ftbfs
Justification: FTBFS in buster on amd64

Hi,

During a rebuild of all packages in buster (in a buster chroot, not a
sid chroot), your package failed to build on amd64.

Relevant part (hopefully):
>  debian/rules build
> dh build --buildsystem=golang --with=golang
>dh_update_autotools_config -O--buildsystem=golang
>dh_autoreconf -O--buildsystem=golang
>dh_auto_configure -O--buildsystem=golang
>dh_auto_build -O--buildsystem=golang
>   cd obj-x86_64-linux-gnu && go install 
> -gcflags=all=\"-trimpath=/<>/golang-github-gin-gonic-gin-1.3.0\+dfsg1/obj-x86_64-linux-gnu/src\"
>  
> -asmflags=all=\"-trimpath=/<>/golang-github-gin-gonic-gin-1.3.0\+dfsg1/obj-x86_64-linux-gnu/src\"
>  -v -p 4 github.com/gin-gonic/gin github.com/gin-gonic/gin/binding 
> github.com/gin-gonic/gin/ginS github.com/gin-gonic/gin/json 
> github.com/gin-gonic/gin/render
> internal/race
> errors
> internal/cpu
> runtime/internal/atomic
> runtime/internal/sys
> sync/atomic
> unicode
> unicode/utf8
> crypto/subtle
> internal/bytealg
> math/bits
> math
> encoding
> internal/testlog
> unicode/utf16
> container/list
> runtime
> crypto/internal/subtle
> vendor/golang_org/x/crypto/cryptobyte/asn1
> vendor/golang_org/x/net/dns/dnsmessage
> internal/nettrace
> runtime/cgo
> strconv
> vendor/golang_org/x/crypto/curve25519
> crypto/rc4
> sync
> io
> math/rand
> reflect
> syscall
> internal/singleflight
> bytes
> strings
> bufio
> hash
> hash/crc32
> crypto/cipher
> crypto
> crypto/internal/randutil
> crypto/sha512
> time
> internal/syscall/unix
> crypto/aes
> crypto/hmac
> crypto/md5
> crypto/sha1
> crypto/sha256
> vendor/golang_org/x/text/transform
> path
> html
> github.com/mattn/go-isatty
> internal/poll
> encoding/binary
> sort
> os
> regexp/syntax
> encoding/base64
> crypto/des
> vendor/golang_org/x/crypto/internal/chacha20
> encoding/pem
> vendor/golang_org/x/crypto/poly1305
> path/filepath
> fmt
> vendor/golang_org/x/crypto/chacha20poly1305
> io/ioutil
> regexp
> compress/flate
> encoding/xml
> encoding/json
> context
> math/big
> compress/gzip
> encoding/hex
> net
> net/url
> log
> vendor/golang_org/x/text/unicode/bidi
> vendor/golang_org/x/text/unicode/norm
> vendor/golang_org/x/text/secure/bidirule
> vendor/golang_org/x/net/http2/hpack
> mime
> crypto/rand
> crypto/elliptic
> encoding/asn1
> crypto/rsa
> crypto/dsa
> vendor/golang_org/x/net/idna
> mime/quotedprintable
> net/http/internal
> crypto/ecdsa
> crypto/x509/pkix
> vendor/golang_org/x/crypto/cryptobyte
> github.com/gin-gonic/gin/json
> github.com/golang/protobuf/proto
> encoding/gob
> text/template/parse
> text/template
> gopkg.in/yaml.v2
> html/template
> crypto/x509
> net/textproto
> vendor/golang_org/x/net/http/httpproxy
> gopkg.in/go-playground/validator.v8
> vendor/golang_org/x/net/http/httpguts
> mime/multipart
> crypto/tls
> net/http/httptrace
> net/http
> github.com/gin-contrib/sse
> net/rpc
> net/http/httputil
> github.com/ugorji/go/codec
> github.com/gin-gonic/gin/binding
> github.com/gin-gonic/gin/render
> github.com/gin-gonic/gin
> github.com/gin-gonic/gin/ginS
>dh_auto_test -O--buildsystem=golang
>   cd obj-x86_64-linux-gnu && go test -vet=off -v -p 4 
> github.com/gin-gonic/gin github.com/gin-gonic/gin/binding 
> github.com/gin-gonic/gin/ginS github.com/gin-gonic/gin/json 
> github.com/gin-gonic/gin/render
> === RUN   TestBasicAuth
> --- PASS: TestBasicAuth (0.00s)
> === RUN   TestBasicAuthFails
> --- PASS: TestBasicAuthFails (0.00s)
> === RUN   TestBasicAuthSearchCredential
> --- PASS: TestBasicAuthSearchCredential (0.00s)
> === RUN   TestBasicAuthAuthorizationHeader
> --- PASS: TestBasicAuthAuthorizationHeader (0.00s)
> === RUN   TestBasicAuthSecureCompare
> --- PASS: TestBasicAuthSecureCompare (0.00s)
> === RUN   TestBasicAuthSucceed
> --- PASS: TestBasicAuthSucceed (0.00s)
> === RUN   TestBasicAuth401
> --- PASS: TestBasicAuth401 (0.00s)
> === RUN   TestBasicAuth401WithCustomRealm
> --- PASS: TestBasicAuth401WithCustomRealm (0.00s)
> === RUN   TestContextFormFile
> --- PASS: TestContextFormFile (0.00s)
> === RUN   TestContextMultipartForm
> --- PASS: TestContextMultipartForm (0.00s)
> === RUN   TestSaveUploadedOpenFailed
> --- PASS: TestSaveUploadedOpenFailed (0.00s)
> === RUN   TestSaveUploadedCreateFailed
> --- PASS: TestSaveUploadedCreateFailed

Bug#929717: golang-fsnotify: FTBFS: dh_auto_test: cd obj-x86_64-linux-gnu && go test -vet=off -v -p 4 github.com/fsnotify/fsnotify returned exit code 1

[Lucas Nussbaum]

Source: golang-fsnotify
Version: 1.4.7-2
Severity: serious
Tags: buster sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20190529 qa-ftbfs
Justification: FTBFS in buster on amd64

Hi,

During a rebuild of all packages in buster (in a buster chroot, not a
sid chroot), your package failed to build on amd64.

Relevant part (hopefully):
>  debian/rules build
> dh build --buildsystem=golang --with=golang
>dh_update_autotools_config -O--buildsystem=golang
>dh_autoreconf -O--buildsystem=golang
>dh_auto_configure -O--buildsystem=golang
>dh_auto_build -O--buildsystem=golang
>   cd obj-x86_64-linux-gnu && go install 
> -gcflags=all=\"-trimpath=/<>/obj-x86_64-linux-gnu/src\" 
> -asmflags=all=\"-trimpath=/<>/obj-x86_64-linux-gnu/src\" -v -p 4 
> github.com/fsnotify/fsnotify
> internal/race
> errors
> internal/cpu
> runtime/internal/atomic
> runtime/internal/sys
> sync/atomic
> unicode
> unicode/utf8
> internal/testlog
> internal/bytealg
> math
> math/bits
> runtime
> vendor/golang_org/x/net/dns/dnsmessage
> internal/nettrace
> runtime/cgo
> strconv
> sync
> internal/singleflight
> io
> reflect
> syscall
> math/rand
> bytes
> strings
> internal/syscall/unix
> time
> internal/poll
> encoding/binary
> sort
> os
> path/filepath
> fmt
> context
> net
> golang.org/x/sys/unix
> github.com/fsnotify/fsnotify
>dh_auto_test -O--buildsystem=golang
>   cd obj-x86_64-linux-gnu && go test -vet=off -v -p 4 
> github.com/fsnotify/fsnotify
> === RUN   TestEventStringWithValue
> --- PASS: TestEventStringWithValue (0.00s)
> === RUN   TestEventOpStringWithValue
> --- PASS: TestEventOpStringWithValue (0.00s)
> === RUN   TestEventOpStringWithNoValue
> --- PASS: TestEventOpStringWithNoValue (0.00s)
> === RUN   TestWatcherClose
> === PAUSE TestWatcherClose
> === RUN   TestPollerWithBadFd
> --- PASS: TestPollerWithBadFd (0.00s)
> === RUN   TestPollerWithData
> --- PASS: TestPollerWithData (0.00s)
> === RUN   TestPollerWithWakeup
> --- PASS: TestPollerWithWakeup (0.00s)
> === RUN   TestPollerWithClose
> --- PASS: TestPollerWithClose (0.00s)
> === RUN   TestPollerWithWakeupAndData
> --- PASS: TestPollerWithWakeupAndData (0.00s)
> === RUN   TestPollerConcurrent
> --- PASS: TestPollerConcurrent (0.15s)
> === RUN   TestInotifyCloseRightAway
> --- PASS: TestInotifyCloseRightAway (0.05s)
> === RUN   TestInotifyCloseSlightlyLater
> --- PASS: TestInotifyCloseSlightlyLater (0.10s)
> === RUN   TestInotifyCloseSlightlyLaterWithWatch
> --- PASS: TestInotifyCloseSlightlyLaterWithWatch (0.10s)
> === RUN   TestInotifyCloseAfterRead
> --- PASS: TestInotifyCloseAfterRead (0.10s)
> === RUN   TestInotifyCloseCreate
> --- PASS: TestInotifyCloseCreate (0.05s)
> === RUN   TestInotifyStress
> --- PASS: TestInotifyStress (0.14s)
> === RUN   TestInotifyRemoveTwice
> --- PASS: TestInotifyRemoveTwice (0.00s)
> === RUN   TestInotifyInnerMapLength
> --- PASS: TestInotifyInnerMapLength (0.05s)
> === RUN   TestInotifyOverflow
> --- FAIL: TestInotifyOverflow (4.69s)
> inotify_test.go:442: Could not trigger overflow
> === RUN   TestFsnotifyMultipleOperations
> --- PASS: TestFsnotifyMultipleOperations (0.67s)
> integration_test.go:104: event received: 
> "/tmp/fsnotify244767993/TestFsnotifySeq.testfile": CREATE
> integration_test.go:104: event received: 
> "/tmp/fsnotify244767993/TestFsnotifySeq.testfile": WRITE
> integration_test.go:104: event received: 
> "/tmp/fsnotify244767993/TestFsnotifySeq.testfile": RENAME
> integration_test.go:104: event received: 
> "/tmp/fsnotify244767993/TestFsnotifySeq.testfile": CREATE
> integration_test.go:180: calling Close()
> integration_test.go:182: waiting for the event channel to become closed...
> integration_test.go:185: event channel closed
> === RUN   TestFsnotifyMultipleCreates
> --- PASS: TestFsnotifyMultipleCreates (0.80s)
> integration_test.go:217: event received: 
> "/tmp/fsnotify693647763/TestFsnotifySeq.testfile": CREATE
> integration_test.go:217: event received: 
> "/tmp/fsnotify693647763/TestFsnotifySeq.testfile": WRITE
> integration_test.go:217: event received: 
> "/tmp/fsnotify693647763/TestFsnotifySeq.testfile": REMOVE
> integration_test.go:217: event received: 
> "/tmp/fsnotify693647763/TestFsnotifySeq.testfile": CREATE
> integration_test.go:217: event received: 
> "/tmp/fsnotify693647763/TestFsnotifySeq.testfile": WRITE
> integration_test.go:217: event received: 
> "/tmp/fsnotify693647763/TestFsnotifySeq.testfile": WRITE
> integration_tes

Bug#929720: hkl: FTBFS: ../../hkl/ccan/generator/generator.h:23:2: error: #error Generators require coroutines

[Lucas Nussbaum]

Source: hkl
Version: 5.0.0.2456-1
Severity: serious
Tags: buster sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20190529 qa-ftbfs
Justification: FTBFS in buster on amd64

Hi,

During a rebuild of all packages in buster (in a buster chroot, not a
sid chroot), your package failed to build on amd64.

Relevant part (hopefully):
> /bin/bash ../../libtool  --tag=CC   --mode=compile gcc -DHAVE_CONFIG_H -I. 
> -I../..   -Wdate-time -D_FORTIFY_SOURCE=2 -I../.. -g -O2 
> -fdebug-prefix-map=/<>=. -fstack-protector-strong -Wformat 
> -Werror=format-security -c -o generator/generator.lo generator/generator.c
> libtool: compile:  gcc -DHAVE_CONFIG_H -I. -I../.. -Wdate-time 
> -D_FORTIFY_SOURCE=2 -I../.. -g -O2 -fdebug-prefix-map=/<>=. 
> -fstack-protector-strong -Wformat -Werror=format-security -c noerr/noerr.c  
> -fPIC -DPIC -o noerr/.libs/noerr.o
> libtool: compile:  gcc -DHAVE_CONFIG_H -I. -I../.. -Wdate-time 
> -D_FORTIFY_SOURCE=2 -I../.. -g -O2 -fdebug-prefix-map=/<>=. 
> -fstack-protector-strong -Wformat -Werror=format-security -c str/str.c  -fPIC 
> -DPIC -o str/.libs/str.o
> libtool: compile:  gcc -DHAVE_CONFIG_H -I. -I../.. -Wdate-time 
> -D_FORTIFY_SOURCE=2 -I../.. -g -O2 -fdebug-prefix-map=/<>=. 
> -fstack-protector-strong -Wformat -Werror=format-security -c 
> generator/generator.c  -fPIC -DPIC -o generator/.libs/generator.o
> libtool: compile:  gcc -DHAVE_CONFIG_H -I. -I../.. -Wdate-time 
> -D_FORTIFY_SOURCE=2 -I../.. -g -O2 -fdebug-prefix-map=/<>=. 
> -fstack-protector-strong -Wformat -Werror=format-security -c str/debug.c  
> -fPIC -DPIC -o str/.libs/debug.o
> In file included from generator/generator.c:8:
> ../../hkl/ccan/generator/generator.h:23:2: error: #error Generators require 
> coroutines
>  #error Generators require coroutines
>   ^
> make[5]: *** [Makefile:605: generator/generator.lo] Error 1

The full build log is available from:
   http://qa-logs.debian.net/2019/05/29/hkl_5.0.0.2456-1_testing.log

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on EC2 VM instances from
Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
failed build was retried once to eliminate random failures.

Bug#929719: gucharmap: FTBFS: unsatisfiable build-dependency: unicode-data (< 11.1) but 12.1.0~pre1-2 is to be installed

[Lucas Nussbaum]

Source: gucharmap
Version: 1:11.0.3-2
Severity: serious
Tags: buster sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20190529 qa-ftbfs
Justification: FTBFS in buster on amd64

Hi,

During a rebuild of all packages in buster (in a buster chroot, not a
sid chroot), your package failed to build on amd64.

Relevant part (hopefully):
> +--+
> | Install package build dependencies  
>  |
> +--+
> 
> 
> Setup apt archive
> -
> 
> Merged Build-Depends: debhelper-compat (= 12), desktop-file-utils, 
> gobject-introspection (>= 1.0.0), valac (>= 0.24.0-2~), 
> libgirepository1.0-dev (>= 0.9.0), libgtk-3-dev (>= 3.4.0), libglib2.0-dev 
> (>= 2.32.0), libpopt-dev, gnome-pkg-tools, gtk-doc-tools (>= 1.0), 
> yelp-tools, intltool (>= 0.40), libglib2.0-doc, libpango1.0-doc, 
> libgtk-3-doc, unicode-data (>= 11.0), unicode-data (<< 11.1)
> Filtered Build-Depends: debhelper-compat (= 12), desktop-file-utils, 
> gobject-introspection (>= 1.0.0), valac (>= 0.24.0-2~), 
> libgirepository1.0-dev (>= 0.9.0), libgtk-3-dev (>= 3.4.0), libglib2.0-dev 
> (>= 2.32.0), libpopt-dev, gnome-pkg-tools, gtk-doc-tools (>= 1.0), 
> yelp-tools, intltool (>= 0.40), libglib2.0-doc, libpango1.0-doc, 
> libgtk-3-doc, unicode-data (>= 11.0), unicode-data (<< 11.1)
> dpkg-deb: building package 'sbuild-build-depends-gucharmap-dummy' in 
> '/<>/resolver-RxwaiM/apt_archive/sbuild-build-depends-gucharmap-dummy.deb'.
> dpkg-scanpackages: warning: Packages in archive but missing from override 
> file:
> dpkg-scanpackages: warning:   sbuild-build-depends-core-dummy 
> sbuild-build-depends-gucharmap-dummy
> dpkg-scanpackages: info: Wrote 2 entries to output Packages file.
> Ign:1 copy:/<>/resolver-RxwaiM/apt_archive ./ InRelease
> Get:2 copy:/<>/resolver-RxwaiM/apt_archive ./ Release [963 B]
> Ign:3 copy:/<>/resolver-RxwaiM/apt_archive ./ Release.gpg
> Get:4 copy:/<>/resolver-RxwaiM/apt_archive ./ Sources [655 B]
> Get:5 copy:/<>/resolver-RxwaiM/apt_archive ./ Packages [742 B]
> Fetched 2360 B in 0s (0 B/s)
> Reading package lists...
> Reading package lists...
> 
> Install gucharmap build dependencies (apt-based resolver)
> -
> 
> Installing build dependencies
> Reading package lists...
> Building dependency tree...
> Reading state information...
> Some packages could not be installed. This may mean that you have
> requested an impossible situation or if you are using the unstable
> distribution that some required packages have not yet been created
> or been moved out of Incoming.
> The following information may help to resolve the situation:
> 
> The following packages have unmet dependencies:
>  sbuild-build-depends-gucharmap-dummy : Depends: unicode-data (< 11.1) but 
> 12.1.0~pre1-2 is to be installed
> E: Unable to correct problems, you have held broken packages.
> apt-get failed.

The full build log is available from:
   http://qa-logs.debian.net/2019/05/29/gucharmap_11.0.3-2_testing.log

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on EC2 VM instances from
Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
failed build was retried once to eliminate random failures.

Bug#929715: strace: FTBFS: open: /dev/kvm: No such file or directory

[Lucas Nussbaum]

Source: strace
Version: 4.26-0.2
Severity: serious
Tags: buster sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20190529 qa-ftbfs
Justification: FTBFS in buster on amd64

Hi,

During a rebuild of all packages in buster (in a buster chroot, not a
sid chroot), your package failed to build on amd64.

Relevant part (hopefully):
> make[8]: Entering directory '/<>/build-udeb/tests-m32'
> make[8]: Nothing to be done for 'all-am'.
> make[8]: Leaving directory '/<>/build-udeb/tests-m32'
> make[7]: Leaving directory '/<>/build-udeb/tests-m32'
> ===
>strace 4.26: tests-m32/test-suite.log
> ===
> 
> # TOTAL: 631
> # PASS:  589
> # SKIP:  38
> # XFAIL: 0
> # FAIL:  4
> # XPASS: 0
> # ERROR: 0
> 
> .. contents:: :depth: 2
> 
> SKIP: bpf-obj_get_info_by_fd.gen
> 
> 
> + ../strace -V
> + TIMEOUT=timeout -k 5 -s XCPU 600
> + timeout -k 5 -s XCPU 600 true
> + [ 1 -eq 0 ]
> + exec timeout -k 5 -s XCPU 600 
> ../../tests-m32/bpf-obj_get_info_by_fd.gen.test
> + run_strace_match_diff -a20 -y -e trace=bpf
> + args=-a20 -y -e trace=bpf
> + [ -n -a20 -y -e trace=bpf -a -z  ]
> + run_prog
> + [ 0 -eq 0 ]
> + set -- ../bpf-obj_get_info_by_fd
> + args=../bpf-obj_get_info_by_fd
> + ../bpf-obj_get_info_by_fd
> BPF_OBJ_GET_INFO_BY_FD map failed: Invalid argument
> + rc=77
> + [ 77 -eq 77 ]
> + skip_ ../bpf-obj_get_info_by_fd exited with code 77
> + warn_ bpf-obj_get_info_by_fd.gen.test: skipped test: 
> ../bpf-obj_get_info_by_fd exited with code 77
> + printf %s\n bpf-obj_get_info_by_fd.gen.test: skipped test: 
> ../bpf-obj_get_info_by_fd exited with code 77
> bpf-obj_get_info_by_fd.gen.test: skipped test: ../bpf-obj_get_info_by_fd 
> exited with code 77
> + exit 77
> 
> SKIP: bpf-obj_get_info_by_fd-v.gen
> ==
> 
> + ../strace -V
> + TIMEOUT=timeout -k 5 -s XCPU 600
> + timeout -k 5 -s XCPU 600 true
> + [ 1 -eq 0 ]
> + exec timeout -k 5 -s XCPU 600 
> ../../tests-m32/bpf-obj_get_info_by_fd-v.gen.test
> + run_strace_match_diff -a20 -y -v -e trace=bpf
> + args=-a20 -y -v -e trace=bpf
> + [ -n -a20 -y -v -e trace=bpf -a -z  ]
> + run_prog
> + [ 0 -eq 0 ]
> + set -- ../bpf-obj_get_info_by_fd-v
> + args=../bpf-obj_get_info_by_fd-v
> + ../bpf-obj_get_info_by_fd-v
> BPF_OBJ_GET_INFO_BY_FD map failed: Invalid argument
> + rc=77
> + [ 77 -eq 77 ]
> + skip_ ../bpf-obj_get_info_by_fd-v exited with code 77
> + warn_ bpf-obj_get_info_by_fd-v.gen.test: skipped test: 
> ../bpf-obj_get_info_by_fd-v exited with code 77
> + printf %s\n bpf-obj_get_info_by_fd-v.gen.test: skipped test: 
> ../bpf-obj_get_info_by_fd-v exited with code 77
> bpf-obj_get_info_by_fd-v.gen.test: skipped test: ../bpf-obj_get_info_by_fd-v 
> exited with code 77
> + exit 77
> 
> SKIP: bpf-obj_get_info_by_fd-prog.gen
> =
> 
> + ../strace -V
> + TIMEOUT=timeout -k 5 -s XCPU 600
> + timeout -k 5 -s XCPU 600 true
> + [ 1 -eq 0 ]
> + exec timeout -k 5 -s XCPU 600 
> ../../tests-m32/bpf-obj_get_info_by_fd-prog.gen.test
> + run_strace_match_diff -a20 -y -e trace=bpf
> + args=-a20 -y -e trace=bpf
> + [ -n -a20 -y -e trace=bpf -a -z  ]
> + run_prog
> + [ 0 -eq 0 ]
> + set -- ../bpf-obj_get_info_by_fd-prog
> + args=../bpf-obj_get_info_by_fd-prog
> + ../bpf-obj_get_info_by_fd-prog
> BPF_OBJ_GET_INFO_BY_FD map failed: Invalid argument
> + rc=77
> + [ 77 -eq 77 ]
> + skip_ ../bpf-obj_get_info_by_fd-prog exited with code 77
> + warn_ bpf-obj_get_info_by_fd-prog.gen.test: skipped test: 
> ../bpf-obj_get_info_by_fd-prog exited with code 77
> + printf %s\n bpf-obj_get_info_by_fd-prog.gen.test: skipped test: 
> ../bpf-obj_get_info_by_fd-prog exited with code 77
> bpf-obj_get_info_by_fd-prog.gen.test: skipped test: 
> ../bpf-obj_get_info_by_fd-prog exited with code 77
> + exit 77
> 
> SKIP: bpf-obj_get_info_by_fd-prog-v.gen
> ===
> 
> + ../strace -V
> + TIMEOUT=timeout -k 5 -s XCPU 600
> + timeout -k 5 -s XCPU 600 true
> + [ 1 -eq 0 ]
> + exec timeout -k 5 -s XCPU 600 
> ../../tests-m32/bpf-obj_get_info_by_fd-prog-v.gen.test
> + run_strace_match_diff -a20 -y -v -e trace=bpf
> + args=-a20 -y -v -e trace=bpf
> + [ -n -a20 -y -v -e trace=bpf -a -z  ]
> + run_prog
> + [ 0 -eq 0 ]
> + set -- ../bpf-obj_get_info_by_fd-prog-v
> + args=../bpf-obj_get_info_by_fd-prog-v
> + ../bpf-obj_get_info_by_fd-prog-v
> BPF_OBJ_GET_INFO_BY_FD map failed: Invalid argument
> + rc=77
> + [ 77 -eq 77 ]
> + skip_ ../bpf-obj_get_info_by_fd-prog-v exited with code 77
> + w

Bug#929714: python-acora: FTBFS: dpkg-buildpackage: error: dpkg-source -b . subprocess returned exit status 2

[Lucas Nussbaum]

Source: python-acora
Version: 2.2-1
Severity: serious
Tags: buster sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20190529 qa-ftbfs
Justification: FTBFS in buster on amd64

Hi,

During a rebuild of all packages in buster (in a buster chroot, not a
sid chroot), your package failed to build on amd64.

Relevant part (hopefully):
> make[1]: Entering directory '/<>'
> rm -f acora/_acora.c acora/_cacora.c
> dh_auto_clean
> I: pybuild base:217: python2.7 setup.py clean 
> WARNING: Generated .c files are missing, enabling Cython compilation
> Building with Cython 0.29.2
> Compiling acora/_acora.py because it changed.
> Compiling acora/_cacora.pyx because it changed.
> [1/2] Cythonizing acora/_acora.py
> [2/2] Cythonizing acora/_cacora.pyx
> running clean
> removing '/<>/.pybuild/cpython2_2.7_acora/build' (and everything 
> under it)
> 'build/bdist.linux-amd64' does not exist -- can't clean it
> 'build/scripts-2.7' does not exist -- can't clean it
> I: pybuild base:217: python3.7 setup.py clean 
> running clean
> removing '/<>/.pybuild/cpython3_3.7_acora/build' (and everything 
> under it)
> 'build/bdist.linux-amd64' does not exist -- can't clean it
> 'build/scripts-3.7' does not exist -- can't clean it
> make[1]: Leaving directory '/<>'
>dh_autoreconf_clean -O--buildsystem=pybuild
>dh_clean -O--buildsystem=pybuild
>  dpkg-source -b .
> dpkg-source: info: using source format '3.0 (quilt)'
> dpkg-source: info: building python-acora using existing 
> ./python-acora_2.2.orig.tar.gz
> dpkg-source: info: local changes detected, the modified files are:
>  python-acora-2.2/acora/_acora.c
>  python-acora-2.2/acora/_acora.html
>  python-acora-2.2/acora/_cacora.c
>  python-acora-2.2/acora/_cacora.html
> dpkg-source: error: aborting due to unexpected upstream changes, see 
> /tmp/python-acora_2.2-1.diff.VWSw_l
> dpkg-source: info: you can integrate the local changes with dpkg-source 
> --commit
> dpkg-buildpackage: error: dpkg-source -b . subprocess returned exit status 2
> 
> Build finished at 2019-05-29T05:05:39Z

The full build log is available from:
   http://qa-logs.debian.net/2019/05/29/python-acora_2.2-1_testing.log

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on EC2 VM instances from
Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
failed build was retried once to eliminate random failures.

Bug#929713: openhft-chronicle-bytes: FTBFS: [ERROR] /<>/src/main/java/net/openhft/chronicle/bytes/NativeBytesStore.java:[78,48] cannot find symbol

[Lucas Nussbaum]

Source: openhft-chronicle-bytes
Version: 1.1.15-1
Severity: serious
Tags: buster sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20190529 qa-ftbfs
Justification: FTBFS in buster on amd64

Hi,

During a rebuild of all packages in buster (in a buster chroot, not a
sid chroot), your package failed to build on amd64.

Relevant part (hopefully):
>  debian/rules build
> dh build --buildsystem=maven
>dh_update_autotools_config -O--buildsystem=maven
>dh_auto_configure -O--buildsystem=maven
>   mh_patchpoms -plibopenhft-chronicle-bytes-java --debian-build 
> --keep-pom-version --maven-repo=/<>/debian/maven-repo
>dh_auto_build -O--buildsystem=maven
>   /usr/lib/jvm/default-java/bin/java -noverify -cp 
> /usr/share/maven/boot/plexus-classworlds-2.x.jar 
> -Dmaven.home=/usr/share/maven 
> -Dmaven.multiModuleProjectDirectory=/<> 
> -Dclassworlds.conf=/etc/maven/m2-debian.conf 
> -Dproperties.file.manual=/<>/debian/maven.properties 
> org.codehaus.plexus.classworlds.launcher.Launcher 
> -s/etc/maven/settings-debian.xml -Ddebian.dir=/<>/debian 
> -Dmaven.repo.local=/<>/debian/maven-repo --batch-mode package 
> -DskipTests -Dnotimestamp=true -Dlocale=en_US
> WARNING: An illegal reflective access operation has occurred
> WARNING: Illegal reflective access by 
> com.google.inject.internal.cglib.core.$ReflectUtils$1 
> (file:/usr/share/maven/lib/guice.jar) to method 
> java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain)
> WARNING: Please consider reporting this to the maintainers of 
> com.google.inject.internal.cglib.core.$ReflectUtils$1
> WARNING: Use --illegal-access=warn to enable warnings of further illegal 
> reflective access operations
> WARNING: All illegal access operations will be denied in a future release
> [INFO] Scanning for projects...
> [INFO] 
> [INFO] < net.openhft:chronicle-bytes 
> >-
> [INFO] Building OpenHFT/Chronicle-Bytes 1.1.15
> [INFO] ---[ bundle 
> ]---
> [INFO] 
> [INFO] --- maven-resources-plugin:3.1.0:resources (default-resources) @ 
> chronicle-bytes ---
> [WARNING] Using platform encoding (ANSI_X3.4-1968 actually) to copy filtered 
> resources, i.e. build is platform dependent!
> [INFO] skip non existing resourceDirectory /<>/src/main/resources
> [INFO] 
> [INFO] --- maven-compiler-plugin:3.8.0:compile (default-compile) @ 
> chronicle-bytes ---
> [INFO] Changes detected - recompiling the module!
> [INFO] Compiling 52 source files to /<>/target/classes
> [INFO] 
> /<>/src/main/java/net/openhft/chronicle/bytes/MappedBytes.java: 
> Some input files use unchecked or unsafe operations.
> [INFO] 
> /<>/src/main/java/net/openhft/chronicle/bytes/MappedBytes.java: 
> Recompile with -Xlint:unchecked for details.
> [INFO] -
> [WARNING] COMPILATION WARNING : 
> [INFO] -
> [WARNING] 
> /<>/src/main/java/net/openhft/chronicle/bytes/BytesStore.java:[23,18]
>  sun.nio.ch.DirectBuffer is internal proprietary API and may be removed in a 
> future release
> [WARNING] 
> /<>/src/main/java/net/openhft/chronicle/bytes/NativeBytesStore.java:[27,18]
>  sun.nio.ch.DirectBuffer is internal proprietary API and may be removed in a 
> future release
> [WARNING] 
> /<>/src/main/java/net/openhft/chronicle/bytes/HeapBytesStore.java:[23,16]
>  sun.misc.Unsafe is internal proprietary API and may be removed in a future 
> release
> [WARNING] 
> /<>/src/main/java/net/openhft/chronicle/bytes/HeapBytesStore.java:[24,18]
>  sun.nio.ch.DirectBuffer is internal proprietary API and may be removed in a 
> future release
> [WARNING] 
> /<>/src/main/java/net/openhft/chronicle/bytes/BytesStore.java:[42,76]
>  sun.nio.ch.DirectBuffer is internal proprietary API and may be removed in a 
> future release
> [WARNING] 
> /<>/src/main/java/net/openhft/chronicle/bytes/NativeBytesStore.java:[142,22]
>  sun.nio.ch.DirectBuffer is internal proprietary API and may be removed in a 
> future release
> [WARNING] 
> /<>/src/main/java/net/openhft/chronicle/bytes/NativeBytesStore.java:[144,21]
>  sun.nio.ch.DirectBuffer is internal proprietary API and may be removed in a 
> future release
> [WARNING] 
> /<>/src/main/java/net/openhft/chronicle/bytes/NativeBytesStore.java:[426,33]
>  sun.nio.ch.DirectBuffer is internal proprietary API and may be removed in a 
> future release
> [WARNING] 
> /<>/src/main/java/net/openhft/chronicle/bytes/VanillaBytes.java:[263,58]
>  appendUTF(long,char[],int,int)

Bug#926074: (kein Betreff)

[c . buhtz]

https://docs.djangoproject.com/en/2.2/ref/middleware/#module-django.middleware.http

Bug#929712: perlfunc: "do EXPR" documentation issues concerning error checking

[Vincent Lefevre]

Package: perl-doc
Version: 5.28.1-6
Severity: normal

In the perlfunc(1) man page (or with "perldoc -f do"):

  If "do" can read the file but cannot compile it, it returns "undef"
  and sets an error message in $@.  If "do" cannot read the file, it
  returns undef and sets $! to the error.  Always check $@ first, as
  compilation could fail in a way that also sets $!.  If the file is
  successfully compiled, "do" returns the value of the last
  expression evaluated.

with the example

unless ($return = do $file) {
warn "couldn't parse $file: $@" if $@;
warn "couldn't do $file: $!"unless defined $return;
warn "couldn't run $file"   unless $return;
}

The last warn

warn "couldn't run $file"   unless $return;

does not match the documentation about errors, which does not say
anything in the case where $return is defined but not regarded as
true.

Moreover, what happens if the file can be run, but the last
expression evaluated returned undef?

And what if there are no expressions evaluated (e.g., empty file)?

-- System Information:
Debian Release: 10.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'stable-updates'), (500, 
'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-5-amd64 (SMP w/12 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=POSIX, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=POSIX 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages perl-doc depends on:
ii  perl  5.28.1-6

perl-doc recommends no packages.

Versions of packages perl-doc suggests:
ii  groff-base1.22.4-3
ii  man-db [man-browser]  2.8.5-2

-- no debconf information

Bug#929513: marsshooter: Segfaults a few seconds after starting

[Markus Koschany]

Am 28.05.19 um 11:05 schrieb Bernhard Übelacker:
[...]
> I tried to have a look at this crash and I think I found something.

Hi Bernhard,

thanks for the patch! Although I still can't reproduce the crash, I
think the patch makes sense and I trust you with your assessment. I have
just uploaded a new revision and intend to request an unblock for Buster.

Regards,

Markus



signature.asc
Description: OpenPGP digital signature

Bug#929711: RFP: elpa-ethan-wspace -- opinionate whitespace helper mode for emacs

[David Bremner]

Package: wnpp
Severity: wishlist

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

* Package name: elpa-ethan-wspace
  Version : 0.7.1
  Upstream Author : Ethan Glasser-Camp
* URL : https://github.com/glasserc/ethan-wspace
* License : BSD
  Programming Lang: Emacs lisp
  Description : opinionate whitespace helper mode for emacs

ethan-wspace takes the approach of do no harm. Specifically, when you open a 
file:

- - If the whitespace is already clean, ethan-wspace inserts hooks to
  clean the whitespace before every save.

- - If the whitespace is not already clean, ethan-wspace highlights
 errors. It doesn't clean the whitespace without you asking for
 it, so you don't get spurious whitespace changes in your
 diffs. It doesn't prevent you from introducing new errors, but
 hopefully you will be cognizant of the errors in the file.

A notmuch (https://notmuchmail.org) collaborator who is good at
finding my whitespace mistakes pointed me at this package.

I'll sponsor it if someone wants to maintain it within the
emacs-addons team.

The last tagged release was about a year ago, so it might be worth
looking at a snapshot.

-BEGIN PGP SIGNATURE-

iQGzBAEBCAAdFiEE3VS2dnyDRXKVCQCp8gKXHaSnniwFAlzug4IACgkQ8gKXHaSn
nizHmgv+NhCDo1bc4Q6J17X6B4ocx5H5oiAxxKZw1aHiiOzvSgR2dzSvW89LXOBM
k/A4KjDjFuQde50/N/uQKkD7OlT9BKwG+kbBOr9c3Tr1LgVPqjSvA5WFDtypvhSx
eYxl7VyB6ls0KTnH8qjJYQ6YQ8A8J+6kRiODrv6TVJh6ZLcl0d7KtDfJlDIg8+gG
21aTn9Sehwy/2tqe2Ku8AcQ2rf3SbStKLxsHS6BefbDaMX91Y2UKR3kJXzZHedmK
M0PTCTBbPLc8xXT4KNbuRLfdtfFqAG6MUjYVWYM6rJUHT/OdoPkT6HJI18zfbBr/
DUoFDdya0wUdH6tpM8yw8oAlrPLGX2gwC3VZ4eBmPrfe8MdzjNts+3wkRNVd45zc
+qu+b23BN3o9hnZxJv5BeyjIjfoSKDBtaevxHBxqu2hUVJEwsN3XUWCMrvd/5nkk
j8j9g/B5spO3eSLQnlGxB+uRy/LF8h8APtFM6F3oqNvDbrhVwshhbOnmrkeXwKQo
WAU6RDZE
=EthI
-END PGP SIGNATURE-

Bug#929666: ITP: conmon -- An OCI container runtime monitor

[Reinhard Tartler]

On Tue, May 28, 2019 at 2:18 PM Birger Schacht 
wrote:

> On 5/28/19 6:49 PM, Reinhard Tartler wrote:
> > Thanks for working on this package.
> >
> > Do you plan to have this package team maintained in the golang team? If
> so,
> > please let us know where on salsa you maintain the source package. I may
> be
> > able to help out.
>
> I maintain the source package on
> https://salsa.debian.org/bisco-guest/conmon - but conmon is not a golang
> project, it is C. But if there is another team that package fits, I'd be
> happy to team maintain ;)
>

Thanks for the clarification.

I notice that you chose a packaging style that does not include
the upstream sources, which is not my personal preference.

Any chance to convince you to use a style that makes it possible
to use dgit(1)? If so, I'd be happy to help you with moving this
package to the "debian" namespace (formerly known as collab-maint)
which provides access to a audience and thus makes collaboration
easier, and to sponsor uploads as necessary.

Best,
-rt


-- 
regards,
Reinhard

Bug#929710: libopenzwave1.6-dev: missing Breaks+Replaces: libopenzwave1.5-dev

[Andreas Beckmann]

Package: libopenzwave1.6-dev
Version: 1.6+ds-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package fails to upgrade from
'sid' to 'experimental'.
It installed fine in 'sid', then the upgrade to 'experimental' fails
because it tries to overwrite other packages files without declaring a
Breaks+Replaces relation.

See policy 7.6 at
https://www.debian.org/doc/debian-policy/ch-relationships.html#overwriting-files-and-replacing-packages-replaces

>From the attached log (scroll to the bottom...):

  Preparing to unpack .../libopenzwave1.6-dev_1.6+ds-1_amd64.deb ...
  Unpacking libopenzwave1.6-dev (1.6+ds-1) ...
  dpkg: error processing archive 
/var/cache/apt/archives/libopenzwave1.6-dev_1.6+ds-1_amd64.deb (--unpack):
   trying to overwrite '/usr/include/openzwave/Bitfield.h', which is also in 
package libopenzwave1.5-dev 1.5+ds-6
  dpkg-deb: error: paste subprocess was killed by signal (Broken pipe)
  Errors were encountered while processing:
   /var/cache/apt/archives/libopenzwave1.6-dev_1.6+ds-1_amd64.deb


cheers,

Andreas


libopenzwave1.5-dev=1.5+ds-6_libopenzwave1.6-dev=1.6+ds-1.log.gz
Description: application/gzip

Bug#929709: libgdbm6: file exists in libgdbm-dev as well as gdbm

[lkcl]

Package: libgdbm6
Version: 1.18.1-4
Severity: serious
Justification: 2

Unpacking libgdbm-dev:amd64 (1.18.1-4) ...
dpkg: error processing archive 
/var/cache/apt/archives/libgdbm-dev_1.18.1-4_amd64.deb (--unpack):
 trying to overwrite '/usr/share/info/gdbm.info.gz', which is also in package 
libgdbm3:amd64 1.8.3-11
Errors were encountered while processing:
 /var/cache/apt/archives/libgdbm-dev_1.18.1-4_amd64.deb


-- System Information:
Debian Release: 8.1
  APT prefers oldoldstable
  APT policy: (500, 'oldoldstable'), (500, 'testing'), (500, 'stable'), (500, 
'oldstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.13.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages libgdbm6 depends on:
ii  libc6  2.28-2

libgdbm6 recommends no packages.

Versions of packages libgdbm6 suggests:
pn  gdbm-l10n  

-- no debconf information

Bug#929708: ITP: python-geneimpacts -- wraps tools to assess variants in gene sequences

[Steffen Moeller]

Package: wnpp
Severity: wishlist
Owner: Steffen Moeller 

* Package name: python-geneimpacts
* URL : https://github.com/brentp/geneimpacts
* License : MIT/X
  Programming Lang: Python
  Description : wraps tools to assess variants in gene sequences

To be team-maintained on salsa.debian.org/med-team/python-geneimpacts

It is a runtime dependency for bcbio.

Bug#929707: mariadb-client-10.1: import of "mysqldump --all-databases" fails with "ERROR 1062 (23000): Duplicate entry"

[Matija Nalis]

Package: mariadb-client-10.1
Version: 10.1.38-0+deb9u1
Severity: normal

Dear Maintainer,

Doing "mysqldump --all-databases" on one mariadb 10.1 instance,
and trying to import it on another mariadb 10.1 instance fails with:

I would expect it to suceed without errors (like it did all the time in mysql 
in Jessie)

I traced it down and it happens if dump contains one db with tables with 
indexes, and mysql db.
machine1# mysqldump -uroot --max_allowed_packet=2147483648 --hex-blob 
--lock-all-tables --master-data --flush-privileges --databases video1 mysql > 
backup.sql
machine2# mysql < backup.sql
ERROR 1062 (23000) at line 796: Duplicate entry 
'video1-test2-PRIMARY-n_diff_pfx01' for key 'PRIMARY'

Digging deeper it seems that bug happens when mysql tryies to restore 
mysql.innodb_index_stats table

I've found two workarounds:

1) modify order of databases, so mysql table is backed up (and restored) first, 
   and all other later; eg "mysqldump  ... --databases mysql video1"

2) before starting mysql for import, do "SET global innodb_stats_persistent=0" 
   (and restore it afterwards)

Perhaps one of those (or some other) workaround should be implemented
automatically (at least when using "mysqldump --flush-privileges" and/or
"--all-databases" which implies backup/import of mysql DB)? 

I would assume backup up and restoring whole mariadb server is one of
relatively common operations which should not involve such debugging.


-- System Information:
Debian Release: 9.9
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-9-amd64 (SMP w/24 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages mariadb-client-10.1 depends on:
ii  debianutils   4.8.1.1
ii  libaio1   0.3.110-3
ii  libc6 2.24-11+deb9u4
ii  libconfig-inifiles-perl   2.94-1
ii  libjemalloc1  3.6.0-9.1
ii  libstdc++66.3.0-18+deb9u1
ii  libsystemd0   232-25+deb9u11
ii  mariadb-client-core-10.1  10.1.38-0+deb9u1
ii  perl  5.24.1-3+deb9u5
ii  zlib1g1:1.2.8.dfsg-5

Versions of packages mariadb-client-10.1 recommends:
ii  libdbd-mysql-perl 4.041-2
ii  libdbi-perl   1.636-1+b1
ii  libterm-readkey-perl  2.37-1

mariadb-client-10.1 suggests no packages.

-- no debconf information

Bug#929706: sgml-base: preinst may fail *silently*

[Ralf Treinen]

Package: sgml-base
Version: 1.29
Tags: patch
User: trei...@debian.org
Usertags: colis-shparser

Hello,

the preinst of sgml-base contains

  if [ ! -d /var/lib/sgml-base ]
  then
mkdir /var/lib/sgml-base 2>/dev/null
  fi

and then the same for /etc/sgml. The problem is that this fails
when /var/lib/sgml-base or /etc/sgml is a regular file, and will do
that without any error message.

I suggest to replace the whole preinst script by

if [ "$1" = "install" -o "$1" = "upgrade" ]
then
  mkdir -p /var/lib/sgml-base /etc/sgml
fi

-Ralf.
-- 
Ralf Treinen
Institut de Recherche en Informatique Fondamentale
Équipe Preuves, Programmes et Systèmes
Université Paris Diderot, Paris, France.
http://www.irif.fr/~treinen/

Bug#929705: unblock: nautilus/3.30.5-2

[Iain Lane]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package nautilus.

Nautilus contains an embedded copy of the thumbnailing code from
`gnome-desktop3'. This has received several updates upstream, which it'd
be great to get into buster. Here's my changelog entry, to avoid
repeating myself too much:

  * Update gnome-desktop code. Nautilus contains a copy of this code,
which originated in gnome-desktop3.
  + Fixes a potential crash during thumbnailing
  + Fixes thumbnailer on 32-bit systems where /lib64 is not available.
  + Also improves handling of usrmerged and non-usrmerged systems.
  + Mounts the fontconfig cache dir, to improve performance if fontconfig
is used
- Add a corresponding BD on libfontconfig1-dev, to fetch the needed
  variable from its pcfile.
  + Fixes seccomp filter bypass. CVE-2019-11461
  + Closes: #928054

I don't actually know how the CVE could be triggered from Nautilus, but
it got 'medium' severity and a request from the security team to be
fixed. That's the main reason for this upload, but there are also other
important fixes in this code too. I'd be grateful if you could consider
it for buster.

unblock nautilus/3.30.5-2

Cheers,

-- 
Iain Lane  [ i...@orangesquash.org.uk ]
Debian Developer   [ la...@debian.org ]
Ubuntu Developer   [ la...@ubuntu.com ]
diff -Nru nautilus-3.30.5/debian/changelog nautilus-3.30.5/debian/changelog
--- nautilus-3.30.5/debian/changelog2018-12-22 13:53:04.0 +
+++ nautilus-3.30.5/debian/changelog2019-05-29 12:47:33.0 +0100
@@ -1,3 +1,20 @@
+nautilus (3.30.5-2) unstable; urgency=medium
+
+  * debian/control{,.in}, gbp.conf: Update debian branch to debian/buster
+  * Update gnome-desktop code. Nautilus contains a copy of this code,
+which originated in gnome-desktop3.
+  + Fixes a potential crash during thumbnailing
+  + Fixes thumbnailer on 32-bit systems where /lib64 is not available.
+  + Also improves handling of usrmerged and non-usrmerged systems.
+  + Mounts the fontconfig cache dir, to improve performance if fontconfig
+is used
+- Add a corresponding BD on libfontconfig1-dev, to fetch the needed
+  variable from its pcfile.
+  + Fixes seccomp filter bypass. CVE-2019-11461
+  + Closes: #928054
+
+ -- Iain Lane   Wed, 29 May 2019 12:47:33 +0100
+
 nautilus (3.30.5-1) unstable; urgency=medium
 
   * New upstream release
diff -Nru nautilus-3.30.5/debian/control nautilus-3.30.5/debian/control
--- nautilus-3.30.5/debian/control  2018-12-22 13:53:04.0 +
+++ nautilus-3.30.5/debian/control  2019-05-29 12:47:33.0 +0100
@@ -15,6 +15,7 @@
gobject-introspection (>= 0.9.12-4~),
gtk-doc-tools (>= 1.10),
libatk1.0-dev (>= 1.32.0),
+   libfontconfig1-dev,
libgail-3-dev,
libgexiv2-dev (>= 0.10.0),
libgirepository1.0-dev (>= 0.10.7-1~),
@@ -41,7 +42,7 @@
 Rules-Requires-Root: no
 Homepage: https://wiki.gnome.org/action/show/Apps/Nautilus
 Vcs-Browser: https://salsa.debian.org/gnome-team/nautilus
-Vcs-Git: https://salsa.debian.org/gnome-team/nautilus.git
+Vcs-Git: https://salsa.debian.org/gnome-team/nautilus.git -b debian/buster
 Standards-Version: 4.2.1
 
 Package: nautilus
diff -Nru nautilus-3.30.5/debian/control.in nautilus-3.30.5/debian/control.in
--- nautilus-3.30.5/debian/control.in   2018-12-22 13:53:04.0 +
+++ nautilus-3.30.5/debian/control.in   2019-05-29 12:47:33.0 +0100
@@ -11,6 +11,7 @@
gobject-introspection (>= 0.9.12-4~),
gtk-doc-tools (>= 1.10),
libatk1.0-dev (>= 1.32.0),
+   libfontconfig1-dev,
libgail-3-dev,
libgexiv2-dev (>= 0.10.0),
libgirepository1.0-dev (>= 0.10.7-1~),
@@ -37,7 +38,7 @@
 Rules-Requires-Root: no
 Homepage: https://wiki.gnome.org/action/show/Apps/Nautilus
 Vcs-Browser: https://salsa.debian.org/gnome-team/nautilus
-Vcs-Git: https://salsa.debian.org/gnome-team/nautilus.git
+Vcs-Git: https://salsa.debian.org/gnome-team/nautilus.git -b debian/buster
 Standards-Version: 4.2.1
 
 Package: nautilus
diff -Nru nautilus-3.30.5/debian/gbp.conf nautilus-3.30.5/debian/gbp.conf
--- nautilus-3.30.5/debian/gbp.conf 2018-12-22 13:53:04.0 +
+++ nautilus-3.30.5/debian/gbp.conf 2019-05-29 12:47:33.0 +0100
@@ -1,6 +1,6 @@
 [DEFAULT]
 pristine-tar = True
-debian-branch = debian/master
+debian-branch = debian/buster
 upstream-branch = upstream/latest
 upstream-vcs-tag = %(version)s
 
diff -Nru 
nautilus-3.30.5/debian/patches/Define-symbol-needed-for-gnome-desktop.patch 
nautilus-3.30.5/debian/patches/Define-symbol-needed-for-gnome-desktop.patch
--- nautilus-3.30.5/debian/pa

Bug#929704: borgbackup: New upstream release

[Sylvestre Ledru]

Package: borgbackup
Version: 1.1.9-2
Severity: wishlist

Dear Maintainer,

Could you please package and upload borg 1.1.10 ?
(in experimental until buster is released)

Thanks
Sylvestre

-- System Information:
Debian Release: 10.0
  APT prefers testing
  APT policy: (900, 'testing'), (600, 'unstable'), (500, 'buildd-unstable'), 
(500, 'stable'), (300, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-4-amd64 (SMP w/28 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), 
LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages borgbackup depends on:
ii  fuse   2.9.9-1
ii  libacl12.2.53-4
ii  libb2-10.98.1-1
ii  libc6  2.28-10
ii  liblz4-1   1.8.3-1
ii  libssl1.1  1.1.1b-2
ii  libzstd1   1.3.8+dfsg-3
ii  python33.7.2-1
ii  python3-llfuse 1.3.6+dfsg-1
ii  python3-msgpack0.5.6-1+b1
ii  python3-pkg-resources  40.8.0-1

borgbackup recommends no packages.

Versions of packages borgbackup suggests:
pn  borgbackup-doc  

-- no debconf information

Bug#929703: ITP: ruby-doorkeeper-i18n--Translations for doorkeeper ruby-gem

[Samyak Jain]

Package: wnpp
Severity: wishlist
Owner: Samyak Jain 

* Package name: ruby-doorkeeper-i18n
  Version : 5.0.2
  Upstream Author : Tute Costa
* URL : https://github.com/doorkeeper-gem/doorkeeper-i18n
* License : Expat
  Programming Lang: Ruby
  Description : Translations for doorkeeper ruby-gem

 This gem intends for translations for doorkeeper ruby-gem.
 Doorkeeper is a gem (Rails engine) that makes it easy to introduce OAuth 2
 provider functionality to your Ruby on Rails or Grape application.


It is a dependency for loomio and hence needs to be packaged.

Thanks,
Samyak Jain

Bug#843703: please allow users to create multi-user chatrooms

[Victor Seva]

>  Is it already too late to consider changing name?

Not at all, there is only one room 'rtc' and this is us.


> 
>  id="d55828bd-6b97-4326-8b12-b9619147181b" from="
> vs...@debian.org/gajim.BA9QCKUE">
> http://jabber.org/protocol/disco#items"; />
> 
> 
> 
> 
>  type="result" id="d55828bd-6b97-4326-8b12-b9619147181b" from="
> conference.debian.org">
> http://jabber.org/protocol/disco#items";>
> 
> 
> 

Bug#923091: That merged-usr is mandatory is RC

[Sam Hartman]

> "Ivo" == Ivo De Decker  writes:

Ivo> Hi, Given that there is still discussion about the impact of
Ivo> merged /usr at this very late point of the freeze, I think
Ivo> having merged /usr by default for new installations should be
Ivo> reconsidered.

What discussion are you seeing other than this discussion here?
Things seem to have been fairly quiet on the merged /usr front since the
 TC decision.

What am I missing?

Bug#843703: please allow users to create multi-user chatrooms

[Jonas Smedegaard]

For the record I didn't propose conference.xmpp.debian.org (I think 
debacle did).

I like muc.debian.org: It is short, reasonably well known in XMPP lingo, 
and does not clash with other lingo in Debian (unlike conference).

I was unaware that conference.debian.org was already used internally.  
Does that affect many actively used MUC rooms?  Is it possible to move 
those rooms or will we have to go through the hassle of requesting 
current users to "reset" and manually switch rooms?

In other words: Is it already too late to consider changing name?


 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private


signature.asc
Description: signature

Bug#928756: debian-edu-config: search domain not configured correctly on diskless workstations in subnet00

[Wolfgang Schweer]

On Fri, May 10, 2019 at 03:10:22PM +0200, Dominik George wrote:
> The following misbehaviour occurs reproducibly in a new installation of
> Debian Edu buster.
> 
>  1. Install a combined server like normal.
>  2. Add a machine on the LTSP network 192.168.0.0/32 as in the screenshot.
>  3. Boot that machine as diskless workstation.
> 
> If done like that, the /etc/resolv.conf generated at boot by ltsp-init with
> the information provided by 08-edu-hostname is missing a search domain entry
> (it should probably be subnet00.intern intern).

The 08-edu-hostname script is unrelated to this issue, it's only 
about Debian Edu compliant hostname setting.
 
> The configuration of the search domain works perfectly on the main network
> 10.0.0.0/16.

Yes, that's because the PXE configuration for the main 10.0.0.0/8 subnet 
uses 'ipappend 2'; this option makes sure that all DHCP server 
information gets through to the LTSP client.
 
LTSP switched to using 'ipappend 3' instead of 'ipappend 2' during the 
Buster development cycle. While this option is useful for a simple LTSP 
setup w/o a proper DHCP server, it prevents the DHCP server information 
to get through to the client in the Debian Edu case.

For the dedicated LTSP subnets to show the same behaviour like the main 
subnet, the related PXE option needs to be adjusted for the LTSP setup.

I've tested the following patch to work on a fresh installation using 
the latest amd64 BD ISO image. (Replaced 001-ltsp-settings inside d-i 
environment.) It works like expected.

diff --git 
a/share/ltsp/plugins/ltsp-build-client/Debian-custom/001-ltsp-settings
+b/share/ltsp/plugins/ltsp-build-client/Debian-custom/001-ltsp-settings
index 81946b3d..039ef6ac 100644
--- 
a/share/ltsp/plugins/ltsp-build-client/Debian-custom/001-ltsp-settings
+++ 
b/share/ltsp/plugins/ltsp-build-client/Debian-custom/001-ltsp-settings
@@ -18,4 +18,8 @@ case $MODE in
 echo 'APT::Cmdline::ignore-trust-violations "true";'
 ) >> $ROOT/etc/apt/apt.conf.d/90ltsp-build-client
   ;;
+after-install)
+mkdir -p $ROOT/etc/ltsp/update-kernels.conf.d
+echo 'IPAPPEND="2"' > $ROOT/etc/ltsp/update-kernels.conf.d/pxe
+;;
 esac

While at it, I've also tested the changed finish-install script (like 
found in git) once again, works like expected (with haveged present).

Wolfgang


signature.asc
Description: PGP signature

Bug#843703: please allow users to create multi-user chatrooms

[Victor Seva]

MUC service is already enabled for debian.org as conference.debian.org. The
only problem with this is that users from outside debian.org can't use it.

This was my initial decision in order not to get more spam and noise that
was already high at that moment.

deba...@debian.org suggested to open MUC to external users adding
conference.debian.org to the DNS.

> On Wed, 29 May 2019 at 11:32, Jonas Smedegaard
> (I find conference@... a little bit too generic, maybe it can be
> changed to conference.xmpp.debian.org or whatever later.)

fine then, can We agree in the name then?

I propose muc.debian.org

Cheers,
Victor

Bug#910124: network-manager-gnome: option to import/export WiFi config as a QR code

[Michael Biebl]

Am 29.05.19 um 12:48 schrieb Michael Biebl:
> On Wed, 03 Oct 2018 11:38:47 +0800 Paul Wise  wrote:
>> Package: network-manager-gnome
>> Version: 1.8.18-1
>> Severity: wishlist
>>
>> I recently discovered that there is a defacto standard for converting
>> WiFi configs to QR codes and back again.
>>
>> https://qifi.org/
>> https://github.com/zxing/zxing/wiki/Barcode-Contents#wifi-network-config-android
>>
>> It would be nice if the NetworkManager user interface could support
>> this by allowing users to:
>>
>> * show a QR code on the screen
> 
> This has been implemented in 1.8.22.
> 
>> * print a QR code onto paper

This is apparently implemented as well.
That said, it's only enabled for WiFi Hotspots
See
https://gitlab.gnome.org/GNOME/network-manager-applet/merge_requests/45


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#910124: network-manager-gnome: option to import/export WiFi config as a QR code

[Michael Biebl]

On Wed, 03 Oct 2018 11:38:47 +0800 Paul Wise  wrote:
> Package: network-manager-gnome
> Version: 1.8.18-1
> Severity: wishlist
> 
> I recently discovered that there is a defacto standard for converting
> WiFi configs to QR codes and back again.
> 
> https://qifi.org/
> https://github.com/zxing/zxing/wiki/Barcode-Contents#wifi-network-config-android
> 
> It would be nice if the NetworkManager user interface could support
> this by allowing users to:
> 
> * show a QR code on the screen

This has been implemented in 1.8.22.

> * print a QR code onto paper
> * import config from a QR code in a photo
> * import config from a QR code from webcam output


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#929702: bash-builtins: Please add loadables 'rm' and 'cat'

[Tim Ruehsen]

Package: bash-builtins
Version: 5.0-4
Severity: wishlist

Dear Maintainer,

as developer, I make use of the 'rm' and 'cat' bash loadables to speed up 
./configure runs.

Currently, I have to build my own bash + builtins because the package 
'bash-builtins' does not
contain these two builtins.

To build them, you have to execute make target 'others' in examples/loadables,
'make -C examples/loadables others'.

With best Regards, Tim

-- System Information:
Debian Release: 10.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-5-amd64 (SMP w/12 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set 
to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages bash-builtins depends on:
ii  bash  5.0-4

bash-builtins recommends no packages.

bash-builtins suggests no packages.

-- no debconf information

Bug#929521: Conflicts in upgrade to 418.74-1 with optimus setup

[Andreas Beckmann]

On 2019-05-28 09:40, Stefan Tsanev wrote:
> I agree with Ghis, maybe a little more information before this update
> could be in great use here. Some people with bumblebee and enabled
> multiarch may find difficulties understanding why their system doesn't
> want to continue updating anymore via apt. I sitll feel odd about this
> upgrade and I'm glad, that I'm not the only one.

In most cases you would not care about the removed support for i386. You
would care about removed support for your GPU - you will get notified
about this (news (always) and debconf (if legacy hardware present) and
that you need to switch to the legacy driver.
amd64 + foreign arch i386 is not (yet) part of our test matrix ...

Could someone please define the minimal set of packages to be installed
for a working optimus setup, as there is probably no metapackage
covering that. I.e. something that I can run in a minimal chroot to test
upgrades afterwards. I need this for both stretch and buster. (And an
upgrade from stretch usually should result in the buster set being
installed.)

e.g.

stretch# apt-get install --install-recommends bumblebee-nvidia


Thanks

Andreas

Bug#924403: modem-manager-gui: "double free or corruption (out)" after enabling mobile broadband

[Graham Inggs]

Hi Andrzej

On 2019/05/25 19:39, anfi wrote:

I have made extra tests with modem-manager-gui 0.0.19.1-1+b1.


Are you able to test with modem-manager-gui 0.0.19.1-2 ?

Regards
Graham

Bug#929701: pymol: missing module Pmw

[Martin Lutz]

Package: pymol
Version: 2.2.0+dfsg-4
Severity: normal

Dear Maintainer,

during startup of the program pymol we obtain the following warning:
No module named 'Pmw'

As far as I know, there is no python3 package of Pmw in the debian distribution.
I had to install it using pip3.


-- System Information:
Debian Release: 10.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-5-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages pymol depends on:
ii  python3-pymol  2.2.0+dfsg-4

Versions of packages pymol recommends:
ii  apbs  1.4-1+b1

pymol suggests no packages.

-- no debconf information

Bug#929700: pymol: Deprecation warning during startup

[Martin Lutz]

Package: pymol
Version: 2.2.0+dfsg-4
Severity: normal

Dear Maintainer,

during startup of the program pymol we obtain the following warning:

-c:1: DeprecationWarning: the imp module is deprecated in favour of importlib; 
see the module's documentation for alternative uses



-- System Information:
Debian Release: 10.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-5-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages pymol depends on:
ii  python3-pymol  2.2.0+dfsg-4

Versions of packages pymol recommends:
ii  apbs  1.4-1+b1

pymol suggests no packages.

-- no debconf information

Bug#923351: RFA: osc -- OpenSUSE (buildsystem) commander

[Andrej Shadura]

Control: retitle -1 ITA: osc -- OpenSUSE (buildsystem) commander

> I request an adopter for the rpm package. I don't use it anymore and I
> don't really have time and motivation to maintain it properly.
> 
> Technically it's maintained under the rpm team, but nobody did anything
> on the package so far, that's why I'm opening a RFA.

Thanks! We use this tool quite a lot at Collabora, so I am going to
adopt it.

-- 
Cheers,
  Andrej

Bug#929699: mirror submission for mirror.xaas.ir

[ali bahramiyan]

Package: mirrors
Severity: wishlist
User: mirr...@packages.debian.org
Usertags: mirror-submission

Submission-Type: new
Site: mirror.xaas.ir
Type: leaf
Archive-architecture: ALL amd64 arm64 armel armhf hurd-i386 i386 kfreebsd-amd64 
kfreebsd-i386 mips mips64el mipsel powerpc ppc64el s390x
Archive-http: /debian/
Archive-rsync: debian/
Maintainer: ali bahramiyan 
Country: IR Iran, Islamic Republic of
Location: Tehran
Sponsor: XaaS Cloud Computing https://www.xaas.ir




Trace Url: http://mirror.xaas.ir/debian/project/trace/
Trace Url: http://mirror.xaas.ir/debian/project/trace/ftp-master.debian.org
Trace Url: http://mirror.xaas.ir/debian/project/trace/mirror.xaas.ir

Bug#923091: That merged-usr is mandatory is RC

[Ivo De Decker]

Hi,

Given that there is still discussion about the impact of merged /usr at this
very late point of the freeze, I think having merged /usr by default for new
installations should be reconsidered.

On Sun, May 19, 2019 at 07:22:08AM -0400, Sam Hartman wrote:
> I've been debating doing this, but continue to believe that it's
> important after several days of pondering.  So, per constitution 5.1
> (2), I'd like to explicitly lend support to the idea that it would be
> really good if we provide our users a way to install buster without
> merged /usr.  I think that if we do not do so now, we need to be open to
> the possibility that if users are stymied in doing their work, we will
> need to do so in a buster point release even if we would not normally
> add something some might consider a feature in a point release.
> 
> I'm not speaking to whether I think it should be RC or even whether an
> expert only option is good enough.
> I am simply saying that with my DPL hat on, I think this issue is
> important enough it deserves real consideration.
> 
> 
> I think that the TC's ruling and ongoing experience suggests we have
> carefully considered how we want to approach merged /usr for our own
> internal work developing Debian and come to a position that at least for
> the moment seems to be working.
> 
> What I'm most concerned about is people who use Debian to develop
> software they plan to use on Debian but who are not part of Debian.
> Examples of this include people within organizations who build programs
> to distribute within their organization.  People who build upstream
> programs using configure from source.  That sort of thing.
> 
> These people may not use packages.  These people may not use chroots.

People who develop software often do this on different machines than the one
the software runs on. When the production server gets upgraded, and a new
development machine is installed, one will have merged /usr and the other
doesn't. This probably isn't very good. Having an option to change this during
the install probably won't help these users.

In general, I think that if merged /usr is the default for new installations
for a Debian release, it should be the default on upgrades to that release as
well. This is not the case for buster. Obviously changing the default on
upgrades needs carefull planning and should be started at the beginning of a
release cycle.

> They are our users; they are our priority.  Even if we believe using
> chroots or containers would be better for them, I don't think we should
> force people into changing their build processes.
> 
> 
> I don't think we have a good idea how big the impact will be for these
> users, and so, I think we should be conservative.
> 
> If we don't choose to be conservative, I think we should be extra
> willing to revisit our decision if we find we are wrong.

Please note that there were a number of bugs triggered by merged /usr that
were discovered during the freeze. Most of them were actual bugs in the
packages, but they were (only) triggered with merged /usr. The fact that they
were only discovered late in the release cycle isn't a good sign.

> Again, all I'm saying is that I think this issue is important enough to
> consider seriously.  I am not in a position to balance this issue
> against other things before us.
> I'm speaking as the DPL because I'm trying to consider something that is
> a project level concern.  However, this statement has no actual force as
> clearly spelled out in the constitution.
> I'm speaking in the hopes of getting people to take a moment, think
> about this issue and come to their own conclusions.

Having an option to allow experienced user to change the default doesn't
really solve this. So the way forward is to change the default back to not
having merged /usr on new installs.

Thanks,

Ivo

Bug#929698: yad: `--pulsate` option of the `--progress` mode has no effect

[Yvan Masson]

Package: yad
Version: 0.40.0-1
Severity: normal

Dear Maintainer,

The `--pulsate` option of the `--progress` mode has no effect
in yad. You can test it very simply by running `yad --progress
--pulsate`: it gives exactly the same result has `yad --progress`.

You can compare against zenity (which works properly) by running `zenity
--progress --pulsate`.

Best regards,
Yvan

-- System Information:
Debian Release: 10.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.28 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8),
LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages yad depends on:
ii  libatk1.0-0  2.30.0-2
ii  libc62.28-10
ii  libcairo-gobject21.16.0-4
ii  libcairo21.16.0-4
ii  libgdk-pixbuf2.0-0   2.38.1+dfsg-1
ii  libglib2.0-0 2.58.3-1
ii  libgtk-3-0   3.24.5-1
ii  libpango-1.0-0   1.42.4-6
ii  libpangocairo-1.0-0  1.42.4-6

yad recommends no packages.

yad suggests no packages.

-- no debconf information



signature.asc
Description: OpenPGP digital signature

Bug#929686: vlc: Crash when playing MPEG2 video with VAAPI enabled

[Sebastian Ramacher]

Control: tags -1 + moreinfo

On 2019-05-28 21:52:32, Dan wrote:
> Package: src:vlc
> Version: 3.0.6-0+deb9u1
> Severity: important
> 
> Dear Maintainer,
> 
> playing back MPEG2 files with VLC causes the application to crash
> instantly. It looks like it's a vaapi issue, however the same files
> plays back correctly with "mpv" and vaapi enabled.

Please install the debug symbols and send as a backtrace of the crash.
This should help us identify the component that makes vlc crash.

Cheers

> 
> H264 and H265 both work as expected with VLC, only MPEG2 is troublesome.
> 
> Debug Output:
> 
> $ LC_ALL=C vlc -vvv title00.mkv 
> VLC media player 3.0.6 Vetinari (revision 3.0.6-0-g5803e85f73)
> [564d334591d0] main libvlc debug: VLC media player - 3.0.6 Vetinari
> [564d334591d0] main libvlc debug: Copyright © 1996-2018 the VideoLAN team
> [564d334591d0] main libvlc debug: revision 3.0.6-0-g5803e85f73
> [564d334591d0] main libvlc debug: configured with ./configure  
> '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=${prefix}/include' 
> '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' 
> '--sysconfdir=/etc' '--localstatedir=/var' '--disable-silent-rules' 
> '--libdir=${prefix}/lib/x86_64-linux-gnu' 
> '--libexecdir=${prefix}/lib/x86_64-linux-gnu' '--disable-maintainer-mode' 
> '--disable-dependency-tracking' '--config-cache' '--disable-update-check' 
> '--enable-fast-install' '--docdir=/usr/share/doc/vlc' 
> '--with-binary-version=3.0.6-0+deb9u1' '--enable-a52' '--enable-aa' 
> '--enable-bluray' '--enable-avahi' '--enable-caca' '--enable-chromaprint' 
> '--enable-chromecast' '--enable-dbus' '--enable-dca' '--enable-dvbpsi' 
> '--enable-dvdnav' '--enable-faad' '--enable-flac' '--enable-fluidsynth' 
> '--enable-freerdp' '--enable-freetype' '--enable-fribidi' '--enable-gles2' 
> '--enable-gnutls' '--enable-harfbuzz' '--enable-jack' '--enable-kate' 
> '--enable-libass' '--enable-libmpeg2' '--enable-libxml2' '--enable-lirc' 
> '--enable-live555' '--enable-mad' '--enable-matroska' '--enable-mod' 
> '--enable-mpc' '--enable-mpg123' '--enable-mtp' '--enable-ncurses' 
> '--enable-notify' '--enable-ogg' '--enable-opus' '--enable-pulse' 
> '--enable-qt' '--enable-realrtsp' '--enable-samplerate' '--enable-sdl-image' 
> '--enable-sftp' '--enable-shine' '--enable-shout' '--enable-skins2' 
> '--enable-sndio' '--enable-soxr' '--enable-speex' '--enable-svg' 
> '--enable-svgdec' '--enable-taglib' '--enable-theora' '--enable-twolame' 
> '--enable-upnp' '--enable-vdpau' '--enable-vnc' '--enable-vorbis' 
> '--enable-x264' '--enable-x265' '--enable-zvbi' 
> '--with-kde-solid=/usr/share/solid/actions/' '--disable-aribsub' 
> '--disable-d3d11va' '--disable-decklink' '--disable-directx' '--disable-dsm' 
> '--disable-dxva2' '--disable-fdkaac' '--disable-fluidlite' '--disable-goom' 
> '--disable-gst-decode' '--disable-libplacebo' '--disable-libtar' 
> '--disable-macosx' '--disable-macosx-avfoundation' '--disable-macosx-qtkit' 
> '--disable-mfx' '--disable-opencv' '--disable-projectm' 
> '--disable-schroedinger' '--disable-sparkle' '--disable-srt' '--disable-telx' 
> '--disable-vpx' '--disable-vsxu' '--disable-wasapi' '--enable-alsa' 
> '--enable-dc1394' '--enable-dv1394' '--enable-linsys' '--enable-nfs' 
> '--enable-omxil' '--enable-udev' '--enable-v4l2' '--enable-wayland' 
> '--enable-libva' '--enable-vcd' '--enable-smbclient' '--disable-oss' 
> '--enable-crystalhd' '--enable-mmx' '--enable-sse' '--disable-neon' 
> '--disable-altivec' 'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 
> -fdebug-prefix-map=/build/vlc-BDgjGt/vlc-3.0.6=. -fstack-protector-strong 
> -Wformat -Werror=format-security ' 'LDFLAGS=-Wl,-z,relro -Wl,-z,now 
> -Wl,--as-needed' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2' 'CXXFLAGS=-g -O2 
> -fdebug-prefix-map=/build/vlc-BDgjGt/vlc-3.0.6=. -fstack-protector-strong 
> -Wformat -Werror=format-security ' 'OBJCFLAGS=-g -O2 
> -fdebug-prefix-map=/build/vlc-BDgjGt/vlc-3.0.6=. -fstack-protector-strong 
> -Wformat -Werror=format-security'
> [564d334591d0] main libvlc debug: searching plug-in modules
> [564d334591d0] main libvlc debug: loading plugins cache file 
> /usr/lib/x86_64-linux-gnu/vlc/plugins/plugins.dat
> [564d334591d0] main libvlc debug: recursively browsing 
> `/usr/lib/x86_64-linux-gnu/vlc/plugins'
> [564d334591d0] main libvlc debug: plug-ins loaded: 518 modules
> [564d334591d0] main libvlc debug: opening config file 
> (/home/user/.config/vlc/vlcrc)
> [564d33459540] main logger debug: looking for logger module matching 
> "any": 4 candidates
> [564d33459540] main logger debug: using logger module "console"
> [564d334591d0] main libvlc debug: translation test: code is "C"
> [564d3345a490] main keystore debug: looking for keystore module matching 
> "memory": 4 candidates
> [564d3345a490] main keystore debug: using keystore module "memory"
> [564d334591d0] main libvlc debug: CPU has capabilities MMX MMXEXT SSE 
> SSE2 SSE3 SSSE3 SSE4.1 SSE4.