Bug#1036464: Acknowledgement (tzdata: [INTL:de] updated German debconf translation)

2023-05-27 Thread Helge Kreutzmann 
Hello tzdata maintainers,
a week ago I provided the update for the German Debconf translation. 

Since we are now in hard freeze and the release quickly approaching,
could you kindly upload this translation so that it reaches bookworm?

I'm pretty sure release managers will accept this small but important
change (one string in de.po only).

If you need help, please let me know.

Thanks!

Greetings

  Helge
-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#1036826: po4a: Escape sequence \c encountered. This is not completely handled yet.

2023-05-27 Thread Helge Kreutzmann 
Hello Bjarni,
On Sat, May 27, 2023 at 04:12:07PM +, Bjarni Ingi Gislason wrote:
> On Sat, May 27, 2023 at 01:59:40PM +0200, Helge Kreutzmann wrote:
> >[...]
> > .BI \-f " program-file\fR,\fP "\c
> > .BI \-\^\-file " program-file"
>   This is a wrong use of '\c', as its purpose is to join the output of
> two macros _without_ an intervening space character.
> 
>   So remove ' ' and '\c', changing
> 
> .BI \-f " program-file\fR,\fP "\c
> 
>   to
> 
> .BI \-f " program-file\fR,\fP"

Thanks, this make the build proceed, however, now it dies in the
following line:
.TP
.BI \-F " fs\fR, \fP"\c
.BI \-\^\-field-separator " fs"

Escape sequence \c encountered. This is not completely handled yet.

Note that here there is no space before the "

Removing also this (and subsequent) "\c" makes the build proceed,
however, in other files "\c" exists as well and I'm vary of removing
the as well. 

I *think* the difference is that the failing lines have a ".BI" at the
beginnig. (And the non failing do not.) Does this make sense to you?

Thanks for your support!

Greetings

 Helge
-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#1036829: libretro-mgba: Audio stutters horribly and sounds distorted

2023-05-27 Thread Ryan Tandy 
Hi, thanks for the report. I don't think I'll be able to get this fix 
into the initial Bookworm release, but we can most likely get it 
addressed in the first point release.

Bug#1001921: golang-github-go-kit-kit-dev: Please package kit/metrics

2023-05-27 Thread Mathias Gibbens 
Control: tags -1 + patch pending

  I've staged the changes to package kit/metrics in the salsa repo
branch "package-kit-metrics". Once golang-github-aws-aws-sdk-go-v2 is
upgraded to version 1.18.0, the last exclusion of
kit/metrics/cloudwatch2 can be removed.

Mathias


signature.asc
Description: This is a digitally signed message part

Bug#1036862: hackrf: please package new version: 2023.01.1

2023-05-27 Thread Paul Bransford 
Package: hackrf
Version: 2022.09.1-3
Severity: wishlist
X-Debbugs-Cc: drae...@gmail.com

Version 2023.01.1 was released on github 2023-02-01 and includes support
for new hardware revisions.

Please package when convenient.

Quoted from the github release:

> This release includes the hardware design and software support for HackRF One 
> r9. The firmware in this release is compatible with all manufactured HackRF 
> One hardware revisions from r1 through r9. Firmware from prior releases is 
> incompatible with HackRF One r9.
> 
> See the git log for a complete list of changes in HackRF One r9 and for 
> additional enhancements and bug fixes in this release.

If helpful: 
https://github.com/greatscottgadgets/hackrf/compare/v2022.09.1..v2023.01.1
> Showing 90 changed files with 150,461 additions and 38,784 deletions. 


-- System Information:
Debian Release: 12.0
  APT prefers testing-security
  APT policy: (500, 'testing-security'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 6.2.6-76060206-generic (SMP w/64 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: unable to detect

Versions of packages hackrf depends on:
ii  libc6 2.36-9
ii  libfftw3-single3  3.3.10-1
ii  libhackrf02022.09.1-3

hackrf recommends no packages.

hackrf suggests no packages.

-- no debconf information

Bug#1001964: ITP: golang-github-weaveworks-promrus -- Logrus hook to expose Prometheus metrics.

2023-05-27 Thread Mathias Gibbens 
Control: owner -1 !

On Sat, 12 Nov 2022 18:17:01 + Mathias Gibbens  wrote:
> Hi Sean,
> 
>   Have you made any progress on this ITP? I'd be happy to work on it if
> you'd like.

  Not having heard anything, I've worked on the packaging and will be
uploading it to NEW shortly.

Mathias


signature.asc
Description: This is a digitally signed message part

Bug#1036530: linux-signed-amd64: Hard lock up of system

2023-05-27 Thread Nick Hastings 
Control: tags -1 - moreinfo

Hi,

I repeated the git bisect, and the bad commit seems to be:

(git)-[v6.1-rc1~206^2~4^5~3|bisect] % git bisect bad
24867516f06dabedef3be7eea0ef0846b91538bc is the first bad commit
commit 24867516f06dabedef3be7eea0ef0846b91538bc
Author: Mario Limonciello 
Date:   Tue Aug 23 13:51:31 2022 -0500

ACPI: OSI: Remove Linux-Dell-Video _OSI string

This string was introduced because drivers for NVIDIA hardware
had bugs supporting RTD3 in the past.

Before proprietary NVIDIA driver started to support RTD3, Ubuntu had
had a mechanism for switching PRIME on and off, though it had required
to logout/login to make the library switch happen.

When the PRIME had been off, the mechanism had unloaded the NVIDIA
driver and put the device into D3cold, but the GPU had never come back
to D0 again which is why ODMs used the _OSI to expose an old _DSM
method to switch the power on/off.

That has been fixed by commit 5775b843a619 ("PCI: Restore config space
on runtime resume despite being unbound"). so vendors shouldn't be
using this string to modify ASL any more.

Reviewed-by: Lyude Paul 
Signed-off-by: Mario Limonciello 
Signed-off-by: Rafael J. Wysocki 

 drivers/acpi/osi.c | 9 -
 1 file changed, 9 deletions(-)

This machine is a Dell with an nvidia chip so it looks like this really
could be the commit that that is causing the problems. The description
of the commit also seems (to my untrained eye) to be consistent with the
error reported on the console when the lockup occurs:

[   58.729863] ACPI Error: Aborting method \_SB.PCI0.PGON due to previous error 
(AE_AML_LOOP_TIMEOUT) (20220331/psparse-529)
[   58.729904] ACPI Error: Aborting method \_SB.PCI0.PEG0.PG00._ON due to 
previous error (AE_AML_LOOP_TIMEOUT) (20220331/psparse-529)
[   60.083261] vfio-pci :01:00.0 Unable to change power state from D3cold 
to D0, device inaccessible

Hopefully this is enough information for experts to resolve this.

Regards,

Nick.

* Salvatore Bonaccorso  [230526 20:30]:
> Control: tags -1 + moreinfo
> 
> Hi Nick,
> 
> On Fri, May 26, 2023 at 09:25:23AM +0900, Nick Hastings wrote:
> > Hi Salvatore,
> > 
> > thanks for your help. However, I'm now not sure if I really have
> > identified the commit that causes my problems. I fear I may have made
> > one or more mistakes when setting "git bisect good". I had been under
> > the impression that the lock up would happen no more than a few tens of
> > minutes after booting, however it seems that sometimes it can take a few
> > hours to occur.
> > 
> > So, I'm running the git bisect again and will be more careful before
> > marking "git bisect good". It could take a few days.
> > 
> > Should this particular bug be closed?
> 
> Thanks a lot for reporting back, you time put in into bisect is very
> appreciated and valued! No, no need to close this one, as the bug
> still persist. Just followup please once you have identified the
> culprit with the fresh bisect.
> 
> Please do remove by then as well the moreinfo tag again (you can write
> a control message with tag -1 - moreinfo, so won't appear as bug
> needing information from reporter).
> 
> Thank you!
> 
> Regards,
> Salvatore

Bug#1036861: ITP: golang-github-grafana-gomemcache -- Go Memcached client library - forked and improved

2023-05-27 Thread Mathias Gibbens 
Package: wnpp
Severity: wishlist
Owner: Mathias Gibbens 
X-Debbugs-CC: debian-de...@lists.debian.org, debian...@lists.debian.org

* Package name: golang-github-grafana-gomemcache
  Version : 0.0~git20230502.851158f-1
  Upstream Author : Grafana Labs
* URL : https://github.com/grafana/gomemcache
* License : Apache-2.0
  Programming Lang: Go
  Description : Go Memcached client library - forked and improved

 gomemcache is a memcache client library for the Go programming
 language.

This is a dependency of golang-github-grafana-dskit (ITP #1001989)
which is needed to build the latest release of LXD and will be team-
maintained within the Go Packaging Team.


signature.asc
Description: This is a digitally signed message part

Bug#1036860: unblock: jupyter-notebook/6.4.12-2.2

2023-05-27 Thread Andreas Beckmann 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Control: block -1 with 1036850
Control: affects -1 + src:jupyter-notebook

Please unblock package jupyter-notebook

[ Reason ]
This is a followup to the cadabra2 unblock (#1036850) to restore
/usr/lib/python3/dist-packages/notebook/static/components/codemirror as
a symlink in case cadabra2 was installed first

[ Impact ]
/usr/lib/python3/dist-packages/notebook/static/components/codemirror
being a (nearly) empty directory instead a symlink to a directory tree
full of javascript might cripple python3-notebook functionality.

[ Tests ]
manual upgrade tests starting from the bad installation order

[ Risks ]
not worse than
/usr/lib/python3/dist-packages/notebook/static/components/codemirror
being an empty directory

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]

unblock jupyter-notebook/6.4.12-2.2

Andreas
diff -Nru jupyter-notebook-6.4.12/debian/changelog 
jupyter-notebook-6.4.12/debian/changelog
--- jupyter-notebook-6.4.12/debian/changelog2022-10-15 11:04:20.0 
+0200
+++ jupyter-notebook-6.4.12/debian/changelog2023-05-28 01:18:59.0 
+0200
@@ -1,3 +1,13 @@
+jupyter-notebook (6.4.12-2.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * python3-notebook: Add Breaks: cadabra2 (<< 2.4.3.2-1.1~).
+  * Add python3-notebook.maintscript to restore the
+/usr/lib/python3/dist-packages/notebook/static/components/codemirror
+symlink in case buggy cadabra2 was installed first.  (Closes: #1036021)
+
+ -- Andreas Beckmann   Sun, 28 May 2023 01:18:59 +0200
+
 jupyter-notebook (6.4.12-2.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru jupyter-notebook-6.4.12/debian/control 
jupyter-notebook-6.4.12/debian/control
--- jupyter-notebook-6.4.12/debian/control  2022-10-01 00:58:58.0 
+0200
+++ jupyter-notebook-6.4.12/debian/control  2023-05-28 00:58:48.0 
+0200
@@ -102,6 +102,7 @@
 Recommends: python3-ipykernel, python3-ipywidgets
 Suggests: python-notebook-doc
 Breaks: jupyter-nbextension-jupyter-js-widgets (<< 6.0.0-6~)
+ , cadabra2 (<< 2.4.3.2-1.1~)
 Description: Jupyter interactive notebook (Python 3)
  The Jupyter Notebook is a web application that allows you to create and
  share documents that contain live code, equations, visualizations, and
diff -Nru jupyter-notebook-6.4.12/debian/python3-notebook.maintscript 
jupyter-notebook-6.4.12/debian/python3-notebook.maintscript
--- jupyter-notebook-6.4.12/debian/python3-notebook.maintscript 1970-01-01 
01:00:00.0 +0100
+++ jupyter-notebook-6.4.12/debian/python3-notebook.maintscript 2023-05-28 
01:07:59.0 +0200
@@ -0,0 +1 @@
+dir_to_symlink 
/usr/lib/python3/dist-packages/notebook/static/components/codemirror 
../../../../../../share/javascript/codemirror 6.4.12-2.2~

Bug#1035543: init-system-helpers: new systemd units may not get enabled on upgrades from bullseye if systemd is installed

2023-05-27 Thread Theodore Ts'o 
On Sat, May 27, 2023 at 11:09:32PM +0200, Helmut Grohne wrote:
> Hi,
> 
> I sat down with Jochen in Hamburg to try and fix this.
> 
> On Sun, May 14, 2023 at 03:21:24PM -0400, Theodore Ts'o wrote:
> > Can someone send the instructions on how to fix this?
> 
> We wish we could give you. Instead, we document our findings, so maybe the
> next one looking into this bug has a better idea, but for now we give up
> as it is too late for bookworm anyway.

Helmut, Jochem, thanks so much for trying to look into this.  Here's
some additional context from my research.

First of all, the change to use WantedBy=default.target to
Wantedby-multi-user.target, as described in Message #19 of this bug,
was in response to a bug report from Ansgar, bug report #991349:

>I noticed that e2scrub_reap.service uses
>
>  WantedBy=default.target
>
>instead of the more usual
>
>  WantedBy=multi-user.target.
>
>As default.target is usually just an alias for multi-user.target or
>graphical.target, this means it will even be pulled in if someone uses
>some other custom target. This feels rather unexpected.
>
>Is there any reason not to use WantedBy=multi-user.target?

At the time, I thought to myself, sure, makes sense, and made the
change in commit b42c9788c75d ("e2scrub: use
WantedBy=multi-user.target in e2scrub_reap.service"), and in the
commit I noted "Addresses-Debian-Bug: #991349"

As near as I can tell, on a system that started with the Bullseye
version of e2fsprogs, and which has then updated to the Bookform
version e2fsprogs, via periodic updates to testing (Bookworm), the
default.target link still exists:

% ls -l /etc/systemd/system/default.target.wants/e2scrub_reap.service
0 lrwxrwxrwx 1 root root 40 Dec 19  2020 
/etc/systemd/system/default.target.wants/e2scrub_reap.service -> 
/lib/systemd/system/e2scrub_reap.service

... and this is enough for systemctl status to seem to think that
e2scrub_reap is still enabled:

% systemctl status e2scrub_reap
○ e2scrub_reap.service - Remove Stale Online ext4 Metadata Check Snapshots
 Loaded: loaded (/lib/systemd/system/e2scrub_reap.service; enabled; preset: 
enable>
 Active: inactive (dead) since Sat 2023-05-27 17:53:22 EDT; 1h 34min ago
   Docs: man:e2scrub_all(8)
Process: 1309 ExecStart=/sbin/e2scrub_all -A -r (code=exited, 
status=0/SUCCESS)
   Main PID: 1309 (code=exited, status=0/SUCCESS)
CPU: 12ms
 ...

So sure, /etc/systemd.d/system/multi-user.target.wants/e2scrub_reap.service
doesn't exist.  *But* it still exists in .../default.target.wants/...
which seems to be enough to keep the e2scrub_reap service enabled.  Right?

What am I missing?

In any case, I am still unclear (a) what is actually broken in this
particular setup, since according to systemctl status the systemd unit
is apparently still appropriate enabled, even if it isn't via the
expected Wanted-b: multi-user.target.

And secondly, (b) what is e2fsprogs's control scripts supposed to have
done differently?  That is, if this is indeed this is a bug in
e2fsprogs --- what did I do wrong, and how do I fix it?

And if the answer is you should never, ever, try to change a Wanted-by
line in a systemd script, because debian's systemd unit file
infrastructure is too fragile to handle this correctly, given that
bookworm is about to ship with "Wanted-by: multi-user.target", what's
the best path forward at this point?

I'll note that e2scrub_reap.service is just a helper unit file which
is only needed to clean up after a system crash while e2scrub is
running --- and that will only happen if the user has edited and
appropriately configured e2scrub in /etc/e2scrub.conf.

So from my maintainer's perspective, what I am going for is that
e2scrub_reap.service and e2scrub_all.timer should *always* be enabled,
since the real control point (as far as I am concerned) is
/etc/e2scrub.conf.  I really don't actually *care* whether it is
enabled via default.target.wanted or multi-user.target.wanted.

If I need to be sent to some systemd re-educational camp to understand
the finer points about default.target vs multi-user.target, and
whether it acctually makes any difference whether the systemd unit
file says "Wanted-by: multi-user.target", but in the upgraded
bullseye->bookworm installation, the symlink is still in
*/default.target.wanted/* --- please point me at the documentation.

Otherwise, I'm beginning to think that nothing is actually broken, and
the bullseye2bookworm piuparts tests is just being overly picky, but
nothing is actually broken in actual practice.  And perhaps I should
just close this bug as "Working as Intended".

Again, what am I missing? 

- Ted

P.S.  I really *am* trying to get with the systemd program, but this
all of this complexity is just hopelessly confusing.  :-( :-( :-(

P.P.S.  And there is actually a case where this will actually break a
real user, can someone give me clear reproduction instructions, which
starts with "install bookworm in a VM", then

Bug#1036021: cadabra2,python3-notebook: undeclared file conflict on /usr/lib/python3/dist-packages/notebook/static/components/codemirror

2023-05-27 Thread Andreas Beckmann 
Followup-For: Bug #1036021
Control: tag -1 patch

Here comes the followup patch for python3-notebook to restore the
/usr/lib/python3/dist-packages/notebook/static/components/codemirror
symlink in case buggy cadabra2 was installed first.

0-day NMU to get this into bookworm.

Andreas
diff -Nru jupyter-notebook-6.4.12/debian/changelog 
jupyter-notebook-6.4.12/debian/changelog
--- jupyter-notebook-6.4.12/debian/changelog2022-10-15 11:04:20.0 
+0200
+++ jupyter-notebook-6.4.12/debian/changelog2023-05-28 01:18:59.0 
+0200
@@ -1,3 +1,13 @@
+jupyter-notebook (6.4.12-2.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * python3-notebook: Add Breaks: cadabra2 (<< 2.4.3.2-1.1~).
+  * Add python3-notebook.maintscript to restore the
+/usr/lib/python3/dist-packages/notebook/static/components/codemirror
+symlink in case buggy cadabra2 was installed first.  (Closes: #1036021)
+
+ -- Andreas Beckmann   Sun, 28 May 2023 01:18:59 +0200
+
 jupyter-notebook (6.4.12-2.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru jupyter-notebook-6.4.12/debian/control 
jupyter-notebook-6.4.12/debian/control
--- jupyter-notebook-6.4.12/debian/control  2022-10-01 00:58:58.0 
+0200
+++ jupyter-notebook-6.4.12/debian/control  2023-05-28 00:58:48.0 
+0200
@@ -102,6 +102,7 @@
 Recommends: python3-ipykernel, python3-ipywidgets
 Suggests: python-notebook-doc
 Breaks: jupyter-nbextension-jupyter-js-widgets (<< 6.0.0-6~)
+ , cadabra2 (<< 2.4.3.2-1.1~)
 Description: Jupyter interactive notebook (Python 3)
  The Jupyter Notebook is a web application that allows you to create and
  share documents that contain live code, equations, visualizations, and
diff -Nru jupyter-notebook-6.4.12/debian/python3-notebook.maintscript 
jupyter-notebook-6.4.12/debian/python3-notebook.maintscript
--- jupyter-notebook-6.4.12/debian/python3-notebook.maintscript 1970-01-01 
01:00:00.0 +0100
+++ jupyter-notebook-6.4.12/debian/python3-notebook.maintscript 2023-05-28 
01:07:59.0 +0200
@@ -0,0 +1 @@
+dir_to_symlink 
/usr/lib/python3/dist-packages/notebook/static/components/codemirror 
../../../../../../share/javascript/codemirror 6.4.12-2.2~

Bug#1036856: bookworm-pu: package mutter/43.5-0+deb12u1

2023-05-27 Thread Simon McVittie 
On Sun, 28 May 2023 at 00:15:26 +0100, Simon McVittie wrote:
>   [x] attach debdiff against the package in [bookworm]

Sorry, here's the diff.

The attached diff is between patched trees, excluding the patches
themselves to avoid duplicating the changes, and is lightly filtered
to ignore translations (very verbose). I normally upload using dgit,
so if I'm the uploader, the uploaded .dsc will be checked for an exact
match to what's in git.

GNOME team (particularly Jeremy and Marco): This and the accompanying
gnome-shell update are particularly high-visibility and important to get
right, and the finer points of compositor behaviour are not my strong
point, so please check this. I have uploaded prerelease packages to
 and will upload to unstable if
given permission. If someone with more compositor expertise wants to
take these over, they are very welcome to do so.

smcv
git diff patch-queue/43.4.. | filterdiff -p1 -x'debian/patches/*.patch' -x'po/*.po'

diff --git a/NEWS b/NEWS
index 65e5d1cf8..27862914b 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,15 @@
+43.5
+
+* Fix recording windows on non-active workspaces [Robert; !2789]
+* Fixed crashes [Colin, Sebastian, Jonas; !2917, !2955, !2969]
+* Misc. bug fixes and cleanups [Ivan; !2928]
+
+Contributors:
+  Jonas Ådahl, Sebastian Keller, Colin Kinloch, Robert Mader, Ivan Molodetskikh
+
+Translators:
+  Nart Tlisha [ab]
+
 43.4
 
 * Do not overwrite previously set offsets on attach [Matthias; !2843]
diff --git a/debian/changelog b/debian/changelog
index d7daed123..1440b273e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,27 @@
+mutter (43.5-0+deb12u1) UNRELEASED; urgency=medium
+
+  * New upstream stable release
+- Always update surfaces belonging to a window that is being recorded
+  or included in a screencast, even if the window is not visible
+  on a local display (mutter#2538, mutter!2789)
+- Export previously-private meta_window_has_pointer(), needed by
+  screenshot UI fixes in gnome-shell 43.5 (mutter!2928)
+  + d/libmutter-11-0.symbols: Update to add that symbol
+- All other changes were already present in 43.4-2
+  * d/patches: Drop patches that were applied upstream
+  * d/patches: Update to upstream gnome-43 branch commit 43.5-2-g8d7e958b8
+for additional post-release fixes
+- d/p/compositor-view-Chain-up-finalize.patch:
+  Fix a resource leak when a compositor view is destroyed (mutter!2991)
+- d/p/wayland-xdg-shell-Dismiss-instead-of-destroy-invalid-popu.patch:
+  Update metadata to reflect upstream backport, no functional change
+  * d/p/wayland-outputs-Fix-potential-crash-when-output-has-no-mo.patch:
+Backport patch from 44~beta to fix a crash during suspend/resume in
+some circumstances (mutter#2570, potentially also resolves
+#1010478 and #1036268)
+
+ -- Simon McVittie   Sat, 27 May 2023 15:46:33 +0100
+
 mutter (43.4-2) unstable; urgency=medium
 
   * Team upload
diff --git a/debian/libmutter-11-0.symbols b/debian/libmutter-11-0.symbols
index 1128f2ab3..f3b181d85 100644
--- a/debian/libmutter-11-0.symbols
+++ b/debian/libmutter-11-0.symbols
@@ -780,6 +780,7 @@ libmutter-11.so.0 libmutter-11-0 #MINVER#
  meta_window_group_leader_changed@Base 43.0
  meta_window_has_attached_dialogs@Base 43.0
  meta_window_has_focus@Base 43.0
+ meta_window_has_pointer@Base 43.5
  meta_window_is_above@Base 43.0
  meta_window_is_always_on_all_workspaces@Base 43.0
  meta_window_is_ancestor_of_transient@Base 43.0
diff --git a/debian/patches/compositor-view-Chain-up-finalize.patch b/debian/patches/compositor-view-Chain-up-finalize.patch
new file mode 100644
index 0..383a1065d
diff --git a/debian/patches/series b/debian/patches/series
index 8be32b377..3068ed91d 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,9 +1,6 @@
-wayland-Skip-subsurface-desync-if-parent-is-NULL.patch
-Update-Abkhazian-translation.patch
-clutter-actor-Get-next-action-from-list-before-handling-c.patch
-cursor-tracker-Don-t-leak-window-cursor-on-exit.patch
-wayland-cursor-surface-Update-cursor-on-dispose.patch
+compositor-view-Chain-up-finalize.patch
 wayland-xdg-shell-Dismiss-instead-of-destroy-invalid-popu.patch
+wayland-outputs-Fix-potential-crash-when-output-has-no-mo.patch
 tests-Break-up-stacking-installed-tests-into-more-smaller.patch
 tests-Use-a-more-interoperable-path-to-bash.patch
 meson-add-back-default_driver-option.patch
diff --git a/debian/patches/wayland-outputs-Fix-potential-crash-when-output-has-no-mo.patch b/debian/patches/wayland-outputs-Fix-potential-crash-when-output-has-no-mo.patch
new file mode 100644
index 0..afcde4c38
diff --git a/meson.build b/meson.build
index ba881c36f..f307a4736 100644
--- a/meson.build
+++ b/meson.build
@@ -1,5 +1,5 @@
 project('mutter', 'c',
-  version: '43.4',
+  version: '43.5',
   meson_version: '>= 0.55.0',
   license: 'GPLv2+'
 )
diff --git a/src/backends/meta-screen-cast-window-stream.c

Bug#1036859: gnome-shell-extensions: Window List overlaps on maximized Gnome Terminal after screen unlock

2023-05-27 Thread gagz 
Package: gnome-shell-extensions
Version: 43.1-1
Severity: normal
X-Debbugs-Cc: g...@immerda.ch

Hello,

Since Bullseye, the Windows List extension is not taken into account by
some apps in miximized window size, including Gnome Terminal.

Precisely:
- Enable Window List
- Open Gnome Terminal
- Maximize the Terminal window
- Lock the session
- Unlock the session
- The Gnome Terminal window bottom is not joined with the Window List
  bar, but is drawned under
- Restore Gnome Terminal to regular size, then maximize again: window is
  now joined with the Window List bar


-- System Information:
Debian Release: 12.0
  APT prefers testing-security
  APT policy: (500, 'testing-security'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-9-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gnome-shell-extensions depends on:
ii  dconf-gsettings-backend [gsettings-backend]  0.40.0-4
ii  gir1.2-adw-1 1.2.2-1
ii  gir1.2-atk-1.0   2.46.0-5
ii  gir1.2-glib-2.0  1.74.0-3
ii  gir1.2-gmenu-3.0 3.36.0-1.1
ii  gir1.2-graphene-1.0  1.10.8-1
ii  gir1.2-gtk-4.0   4.8.3+ds-2
ii  gir1.2-pango-1.0 1.50.12+ds-1
ii  gnome-session-bin43.0-1
ii  gnome-settings-daemon43.0-4
ii  gnome-shell  43.4-1
ii  gvfs 1.50.3-1

Versions of packages gnome-shell-extensions recommends:
ii  gnome-shell-extension-prefs  43.4-1

gnome-shell-extensions suggests no packages.

-- no debconf information

Bug#1036858: bookworm-pu: package gnome-shell/43.5-0+deb12u1

2023-05-27 Thread Simon McVittie 
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: gnome-sh...@packages.debian.org
Control: affects -1 + src:gnome-shell
Control: block -1 by 1036856

The gnome-shell 43.5 release from GNOME upstream seems like something
we should have in a bookworm update. I don't think it's urgent enough
to break the full freeze for.

This could be converted into an unblock request if the release team or
other GNOME team members want to break full freeze for this.

This requires mutter 43.5, for which see #1036856.

[ Reason ]
New upstream stable release

[ Impact ]
If not accepted, our default desktop will have several known bugs.

[ Tests ]
Manual testing: I'm running this version on my main laptop and gaming PC.

[ Risks ]
There's the potential for regressions of similar magnitude to what we're
fixing. GNOME is our default desktop, so any regressions will be highly
visible; I'd like to mitigate this by getting some wider real-world testing
in unstable during the closing stages of the freeze.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [ ] the issue is verified as fixed in unstable

[ Changes ]
js/misc/objectManager.js:
- Receive notifications of removed objects from D-Bus ObjectManager
  instances correctly (gnome-shell!2730).
  This is utility code used in multiple places, I don't know what
  user-visible impact this has.

js/ui/appDisplay.js:
- Fix an assertion failure during shutdown (gnome-shell#6512)

js/ui/components/autorunManager.js:
- Fix a regression in 43~beta involving detection of hotplugged media
  with autorunnable content (gnome-shell!2745)

js/ui/dash.js:
- Avoid destroying labels twice, most commonly when using
  gnome-shell-extension-dash-to-dock (gnome-shell!2739)

js/ui/messageTray.js:
- Fix queued notifications getting into a state where they can no
  longer be removed (gnome-shell!2736)

js/ui/modalDialog.js:
- After 60 second timeout in logout/reboot/poweroff confirmation
  dialog, do the requested action instead of leaving the Shell in a
  broken state (gnome-shell#6506)

js/ui/panelMenu.js:
- Avoid keyboard navigation focus getting stuck on top bar buttons with
  no associated menu (gnome-shell!2734; does not solve #1032319 but is
  helpful when working around it)

js/ui/screenshot.js (first hunk), d/control.in:
- Fix a regression in which the cursor would not be included in
  screenshots since mutter 43.1 (gnome-shell!2710).
  This needs mutter 43.5; strictly speaking it isn't a required
  dependency, but if mutter is too old then the regression won't
  be fixed, so to simplify things I made it a dependency.

js/ui/screenshot.js (second and third hunks):
- Fix a cursor appearing at 0,0 in screenshots that should not
  include it (gnome-shell!2702)

js/ui/search.js:
- Make search results fill unused space as intended (gnome-shell#5924)

js/ui/status/location.js:
- Fix an assertion failure if Geoclue isn't D-Bus-activatable
  (gnome-shell!2689)

js/ui/windowPreview.js:
- Fix assertion failures after a window preview is destroyed
  (gnome-shell#5512, gnome-shell#6065)

js/ui/workspacesView.js:
- Update visibility of workspaces in workspace switcher when required
  (gnome-shell#6519)

src/shell-app-system.c:
- Improve matching of app StartupWMClass to a .desktop file, giving
  priority to apps that were not hidden by OnlyShowIn under the current
  desktop environment, in particular preferring gnome-system-monitor's
  non-KDE-specific .desktop file while running GNOME (gnome-shell!2721)

[ Other info ]
I have not uploaded to unstable due to the full freeze, and I can't
upload to experimental because GNOME 44 is already there.

May I upload this to unstable as 43.5-1 to get it some more testing,
on the understanding that if there is an unforeseen urgent change
to mutter, these fixes can either be included with it or avoided by
using t-p-u?  If I do that, presumably the upload to bookworm would
become 43.5-1~deb12u1.

The attached diff is between patched trees, excluding the patches
themselves to avoid duplicating the changes, and is lightly filtered to
ignore translations (very verbose) and upstream CI stuff (not used or
relevant in Debian). I normally upload using dgit, so if I'm the uploader,
the uploaded .dsc will be checked for an exact match to what's in git.
git diff patch-queue/43.4.. | filterdiff -p1 -x'debian/patches/*.patch' -x.gitlab-ci.yml -x'.gitlab-ci/*' -x'po/*.po'

diff --git a/NEWS b/NEWS
index d20f27985..16c30eea1 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,21 @@
+43.5
+
+* Fix window screenshots with pointer [Ivan; !2710, !2702]
+* Fix notifications getting stuck indefinitely [msizanoen1; !2736]
+* Fix keynav of menu-less buttons

Bug#1036857: anope: Sending mails using sendmail fails due to AppArmor

2023-05-27 Thread Thomas Deutschmann 
Package: anope
Version: 2.0.9-1
Severity: important
X-Debbugs-Cc: whi...@whissi.de

When you try to send a mail via anope, i.e. expecting verification mail
after

  /msg nickserv register

command, you will notice that anope will fail to send that mail.
Anope will log:

  Error delivering mail for Tester (tes...@exmple.org)

When you attach strace to anope, you will spot

> 1241673 execve("/bin/sh", ["sh", "-c", "/usr/sbin/sendmail"], 0x5593d1a32e40 
> /* 23 vars */) = -1 EACCES (Permission denied)

In dmesg you will see

> [Sun May 28 00:35:51 2023] audit: type=1400 audit(1685226997.426:16): 
> apparmor="DENIED" operation="exec" profile="/usr/sbin/anope" name="/bin/dash" 
> pid=1241413 comm="anope" requested_mask="x" denied_mask="x" fsuid=39 ouid=0


-- System Information:
Debian Release: 11.7
  APT prefers stable-security
  APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-23-amd64 (SMP w/6 CPU threads)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages anope depends on:
ii  init-system-helpers  1.60
ii  libc62.31-13+deb11u6
ii  libgcc-s110.2.1-6
ii  libgnutls30  3.7.1-5+deb11u3
ii  libldap-2.4-22.4.57+dfsg-3+deb11u1
ii  libmariadb3  1:10.5.19-0+deb11u2
ii  libpcre3 2:8.39-13
ii  libsqlite3-0 3.34.1-3
ii  libstdc++6   10.2.1-6
ii  lsb-base 11.1.0

Versions of packages anope recommends:
ii  exim4-daemon-light [mail-transport-agent]  4.94.2-7

anope suggests no packages.

-- no debconf information

Bug#1036856: bookworm-pu: package mutter/43.5-0+deb12u1

2023-05-27 Thread Simon McVittie 
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: mut...@packages.debian.org
Control: affects -1 + src:mutter

The mutter 43.5 release from GNOME upstream seems like something we should
have in a bookworm update. I don't think it's urgent enough to break
the full freeze for, although the suspend/resume crash is concerning.

This could be converted into an unblock request if the release team or
other GNOME team members want to break full freeze for this.

[ Reason ]
New upstream stable release

[ Impact ]
If not accepted, our default desktop will have several known bugs including
a crash during suspend/resume under some circumstances, and selectively
recording/screencasting a window that is not visible on a display not being
reliable. Additionally, this update is a prerequisite for a bug fix in
gnome-shell which I would also like to get fixed in bookworm (separate
bookworm-pu request to follow).

[ Tests ]
Manual testing: I'm running this version on my main laptop and gaming PC.
Automated testing: mutter's test-suite still passes at build-time and in
autopkgtest.

[ Risks ]
There's the potential for regressions of similar magnitude to what we're
fixing. GNOME is our default desktop, so any regressions will be highly
visible; I'd like to mitigate this by getting some wider real-world testing
in unstable during the closing stages of the freeze.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [ ] the issue is verified as fixed in unstable

[ Changes ]
src/backends/meta-screen-cast-window-stream.c,
src/backends/meta-screen-cast-window.c,
src/compositor/meta-surface-actor-wayland.c,
src/compositor/meta-window-actor.c: make sure that if a window is being
recorded or screencasted, it gets updated at the refresh rate of at least
some arbitrary display, even if it's not actually visible on any display
(for example because it's obscured by a window in front).

src/wayland/meta-wayland-actor-surface.c: consider updating windows even if
they're fully obscured, to make sure that single-window
recording/screencasting works as intended, at the cost of not optimizing
away as many non-user-visible window updates.

src/compositor/meta-compositor-view.c: simple change to fix a resource leak
by calling the parent class's destructor correctly

src/wayland/meta-wayland-outputs.c: backported patch from version 44
(not part of 43.x upstream) to avoid a known source of crashes during
suspend/resume, which might resolve Debian bug reports #1010478 and/or
#1036268

src/core/window-private.h, src/meta/window.h, debian/libmutter-11-0.symbols:
export a symbol needed by GNOME Shell 43.5 for a screenshot bug fix there,
already present in 44.1 in experimental

[ Other info ]
I have not uploaded to unstable due to the full freeze, and I can't
upload to experimental because GNOME 44 is already there.

May I upload this to unstable as 43.5-1 to get it some more testing,
on the understanding that if there is an unforeseen urgent change
to mutter, these fixes can either be included with it or avoided by
using t-p-u?  If I do that, presumably the upload to bookworm would
become 43.5-1~deb12u1.

Bug#1036698: RFS: fortune-dhp/0.1-1 -- Dhammapada Fortune

2023-05-27 Thread Bastian Germann 

Control: tags -1 moreinfo

On Wed, 24 May 2023 23:10:23 +1000 "Ko Ko Ye`"  wrote:

Changes for the initial release:

 fortune-dhp (0.1-1) unstable; urgency=medium
 .
   * Initial release


Please reference an ITP bug with this entry.

Bug#1036855: ITP: golang-github-muhlemmer-gu -- Generic Utilities for the Go programming language

2023-05-27 Thread Mathias Gibbens 
Package: wnpp
Severity: wishlist
Owner: Mathias Gibbens 
X-Debbugs-CC: debian-de...@lists.debian.org, debian...@lists.debian.org

* Package name: golang-github-muhlemmer-gu
  Version : 0.3.1-1
  Upstream Author : Tim Möhlmann
* URL : https://github.com/muhlemmer/gu
* License : Unlicense
  Programming Lang: Go
  Description : Generic Utilities for the Go programming language

 GU is a collection of Generic Utility functions, using Type Parameters
 featured in Go 1.18 and later. The author found himself writing
 boilerplate code for slices, maps, poitners etc. Since 1.18 he
 started using generics in some of his repositories and found that some
 functions often are the same between projects. The repository is a
 collection of those (utiltity) functions.
 .
 Although the functions are pretty basic and *almost* don't justify
 putting them in a package, he shared this code under the unlicense,
 with the purpose:
 .
  * Make his own life easier when reusing boiler plate code;
  * So that others can easily use these utilities;
  * People who want to learn more about generics in Go can read the
code;

This is a new dependency for building the latest release of LXD and
will be team-maintained within the Go Packaging Team.


signature.asc
Description: This is a digitally signed message part

Bug#1036854: ITP: golang-github-jeremija-gosubmit -- Library for parsing and submitting HTML forms

2023-05-27 Thread Mathias Gibbens 
Package: wnpp
Severity: wishlist
Owner: Mathias Gibbens 
X-Debbugs-CC: debian-de...@lists.debian.org, debian...@lists.debian.org

* Package name: golang-github-jeremija-gosubmit
  Version : 0.2.7-1
  Upstream Author : Jerko Steiner
* URL : https://github.com/jeremija/gosubmit
* License : Expat
  Programming Lang: Go
  Description : Library for parsing and submitting HTML forms

 Helps filling out plain html forms during testing. Will automatically
 take the existing values from the form so there is no need to manually
 set things like csrf tokens. Alerts about missing required fields, or
 when pattern validation does not match. See example_test.go for a
 full example.

This is a new dependency for building the latest release of LXD and
will be team-maintained within the Go Packaging Team.


signature.asc
Description: This is a digitally signed message part

Bug#1036853: ITP: golang-github-zitadel-oidc -- OpenID Connect client and server library certified by the OpenID Foundation

2023-05-27 Thread Mathias Gibbens 
Package: wnpp
Severity: wishlist
Owner: Mathias Gibbens 
X-Debbugs-CC: debian-de...@lists.debian.org, debian...@lists.debian.org

* Package name: golang-github-zitadel-oidc
  Version : 2.6.2-1
  Upstream Author : ZITADEL
* URL : https://github.com/zitadel/oidc
* License : Apache-2.0
  Programming Lang: Go
  Description : OpenID Connect client and server library certified by the 
OpenID Foundation

 This library is an easy-to-use client (RP) and server (OP)
 implementation for the OIDC (OpenID Connect) standard written for Go.
 .
 The RP is certified for the basic and config profile.
 .
 Whenever possible existing packages (like OAuth2 for Go) were reused /
 extended.

This is a new dependency for building the latest release of LXD and
will be team-maintained within the Go Packaging Team.


signature.asc
Description: This is a digitally signed message part

Bug#1036852: unblock: r-cran-pander/0.6.5+dfsg-3

2023-05-27 Thread Andreas Beckmann 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: Andreas Tille 

Please unblock package r-cran-pander

[ Reason ]
r-cran-pander needs jquery-1.7.2.js (it is unknown whether newer
versions would work, too), but that is no longer available in the Debian
archive, causing the package to ship a broken symlink.
Therefore let the package ship a copy of the old jquery version.

[ Impact ]
Some r-cran-pander functionality may be missing and/or cause errors due
to missing .js files.

[ Tests ]
piuparts stops reporting a broken symlink (in a lot of packages
depending on this one).

[ Risks ]
testing/porting r-cran-pander for use with newer jquery versions might
be more difficult and risky than using a known good version.
The node-jquery-ui dependency might now be superfluous.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [ ] attach debdiff against the package in testing

[ Other info ]

$ diffstat r-cran-pander_0.6.5+dfsg-3.dsc.diff.xz
 changelog  |8
 missing-sources/jquery/get |2
 missing-sources/jquery/jquery-1.7.2.js | 9404 +
 missing-sources/jquery/jquery-1.7.2.min.js |   23
 rules  |4
 5 files changed, 9438 insertions(+), 3 deletions(-)
(compressed diff is still > 90kb)

$ filterdiff -x '*.js' r-cran-pander_0.6.5+dfsg-3.dsc.diff
diff -Nru r-cran-pander-0.6.5+dfsg/debian/changelog 
r-cran-pander-0.6.5+dfsg/debian/changelog
--- r-cran-pander-0.6.5+dfsg/debian/changelog   2023-02-21 21:25:31.0 
+0100
+++ r-cran-pander-0.6.5+dfsg/debian/changelog   2023-05-19 12:38:06.0 
+0200
@@ -1,3 +1,11 @@
+r-cran-pander (0.6.5+dfsg-3) unstable; urgency=medium
+
+  * Provide source and compressed JS of jquery 1.7.2 since it is not
+provided by any other package any more
+Closes: #1035855
+
+ -- Andreas Tille   Fri, 19 May 2023 12:38:06 +0200
+
 r-cran-pander (0.6.5+dfsg-2) unstable; urgency=medium

   * Pre-compress jcaption.js to avoid calling closure-compiler at
diff -Nru r-cran-pander-0.6.5+dfsg/debian/missing-sources/jquery/get 
r-cran-pander-0.6.5+dfsg/debian/missing-sources/jquery/get
--- r-cran-pander-0.6.5+dfsg/debian/missing-sources/jquery/get  1970-01-01 
01:00:00.0 +0100
+++ r-cran-pander-0.6.5+dfsg/debian/missing-sources/jquery/get  2023-05-19 
12:38:06.0 +0200
@@ -0,0 +1,2 @@
+wget http://code.jquery.com/jquery-1.7.2.js
+yui-compressor  jquery-1.7.2.js > jquery-1.7.2.min.js
diff -Nru r-cran-pander-0.6.5+dfsg/debian/rules 
r-cran-pander-0.6.5+dfsg/debian/rules
--- r-cran-pander-0.6.5+dfsg/debian/rules   2023-02-21 21:25:31.0 
+0100
+++ r-cran-pander-0.6.5+dfsg/debian/rules   2023-05-19 12:38:06.0 
+0200
@@ -8,6 +8,7 @@
 override_dh_install:
dh_install
dh_install debian/missing-sources/jcaption/jcaption.min.js  
$(debRdir)/$(cranNameOrig)/includes/javascripts/
+   dh_install debian/missing-sources/jquery/jquery-1.7.2.min.js
$(debRdir)/$(cranNameOrig)/includes/javascripts/
dh_install debian/missing-sources/rapporter.net/*.gif   
$(debRdir)/$(cranNameOrig)/includes/images/
dh_install debian/missing-sources/stylesheets/*.css 
$(debRdir)/$(cranNameOrig)/includes/stylesheets/
sed -i \
@@ -18,6 +19,3 @@
-e '/html5shim/d' \
$(debRlib)/$(cranNameOrig)/includes/html/header.html
find  debian -name index.html | xargs sed -i 's|library|site-library|g'
-
-override_dh_link:
-   dh_link /usr/share/nodejs/jquery-ui/ui/jquery-1-7.min.js 
$(debRdir)/$(cranNameOrig)/includes/javascripts/jquery-1.7.2.min.js

unblock r-cran-pander/0.6.5+dfsg-3

Andreas

Bug#1036851: GNU indent 2.2.12 fix backport

2023-05-27 Thread Marek Vasut 

Package: indent
Version: 2.2.12-4
Severity: normal

Gstreamer MR [1] triggers a bug in GNU indent 2.2.12, which is already 
fixed in GNU indent upstream [2] and the fix is part of GNU indent 2.2.13 .


To trigger the failure, clone [1] and run:
$ ./scripts/gst-indent subprojects/gst-plugins-bad/gst/bayer/gstbayer2rgb.c
indent: Virtual memory exhausted.
free(): double free detected in tcache 2
Aborted

Please backport [2] into the GNU indent 2.2.12 debian package, so this 
issue would be fixed ?


Thank you !

[1] https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/4686
[2] 
https://git.savannah.gnu.org/cgit/indent.git/commit/?id=02d7fd4c426e4acfa591a6738dec72f7303c1e7e

Bug#1036021: cadabra2,python3-notebook: undeclared file conflict on /usr/lib/python3/dist-packages/notebook/static/components/codemirror

2023-05-27 Thread Andreas Beckmann 
Thanks. I applied this on top of cadabra2/experimental (which only had 
some useful metadata updates) and uploaded it to unstable. Unblock 
request filed.


Do we still need some Breaks and dir_to_symlink in python3-notebook to 
recover from a bad installation order?

probably something like
- cadabra2 2.4.3.2-0.1
- python3-notebook 6.4.12-2.1
- cadabra2 2.4.3.2-1.1

Once we have fully solved this for bookworm, we should look into 
backporting the fixes to bullseye, too, which seems to have the same issue.


Andreas

Bug#1036850: unblock: cadabra2/2.4.3.2-1.1

2023-05-27 Thread Andreas Beckmann 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: Martin Hostettler 
Control: affects -1 + src:cadabra2

Please unblock package cadabra2

[ Reason ]
This is a rare case (i.e. only a single occurence in sid) of a
directory vs. symlink conflict: two different packages in a release
ship a path as either directory (containing files) or symlink.
(The typical case is where such a conflict happens is within the same
package on upgrades between releases if dpkg-maintscript-helper
dir_to_symlink/symlink_to_dir was forgotten.)
What ends up in the file system depends on the installation order of
cadabra2 and python3-notebook ...
This is fixed in cadabra2 by shipping the file in question directly in
the canonical location (i.e. where the symlink in python3-notebook
points to.).

[ Impact ]
Depending on the installation order
/usr/lib/python3/dist-packages/notebook/static/components/codemirror may
be 
a) (the good case) a symlink to /usr/share/javascript/codemirror
containing a lot of javascript code or
b) (the bad case) a (nearly) empty directory, making python3-notebook
lose functionality

[ Tests ]
manual upgrade tests and debdiff inspection

[ Risks ]
It may well be that python3-notebook still needs some
  Breaks: cadabra2 (<< 2.4.3.2-1.1~)
and
  dpkg-maintscript-helper dir_to_symlink
to recover from bad installation order before the packages were fixed.
But making cadabra2 use the canonical location is mandatory for any
followup fixes.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]
The effective binary debdiff is

[The following lists of changes regard files as different if they have
different names, permissions or owners.]

Files in second .deb but not in first
-
-rw-r--r--  root/root   /usr/share/javascript/codemirror/mode/cadabra/cadabra.js

Files in first .deb but not in second
-
-rw-r--r--  root/root   
/usr/lib/python3/dist-packages/notebook/static/components/codemirror/mode/cadabra/cadabra.js

Control files: lines which differ (wdiff format)

Installed-Size: [-14644-] {+14642+}
Version: [-2.4.3.2-0.1-] {+2.4.3.2-1.1+}


unblock cadabra2/2.4.3.2-1.1

Andreas
diff -Nru cadabra2-2.4.3.2/debian/changelog cadabra2-2.4.3.2/debian/changelog
--- cadabra2-2.4.3.2/debian/changelog   2023-02-06 23:21:08.0 +0100
+++ cadabra2-2.4.3.2/debian/changelog   2023-05-26 08:41:29.0 +0200
@@ -1,3 +1,21 @@
+cadabra2 (2.4.3.2-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Move codemirror integration to canonical path to
+avoid symlink/directory conflict on
+/usr/lib/python3/dist-packages/notebook/static/components/codemirror
+(Closes: 1036021)
+
+ -- Martin Hostettler   Fri, 26 May 2023 06:41:29 +
+
+cadabra2 (2.4.3.2-1) experimental; urgency=medium
+
+  * d/control: Update Vcs fields.
+  * Bump standards version to 4.6.2.
+  * Acknowledge NMU, thanks to Adrian Bunk.
+
+ -- Gürkan Myczko   Thu, 30 Mar 2023 11:44:14 +0200
+
 cadabra2 (2.4.3.2-0.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru cadabra2-2.4.3.2/debian/control cadabra2-2.4.3.2/debian/control
--- cadabra2-2.4.3.2/debian/control 2022-08-14 20:25:58.0 +0200
+++ cadabra2-2.4.3.2/debian/control 2023-03-30 11:44:14.0 +0200
@@ -25,9 +25,9 @@
  uuid-dev,
 X-Python3-Version: >= 3.6
 Rules-Requires-Root: no
-Standards-Version: 4.6.1
-Vcs-Git: https://salsa.debian.org/myczko-guest/cadabra2.git
-Vcs-Browser: https://salsa.debian.org/myczko-guest/cadabra2
+Standards-Version: 4.6.2
+Vcs-Git: https://salsa.debian.org/debian/cadabra2.git
+Vcs-Browser: https://salsa.debian.org/debian/cadabra2
 Homepage: https://cadabra.science/
 
 Package: cadabra2
diff -Nru cadabra2-2.4.3.2/debian/rules cadabra2-2.4.3.2/debian/rules
--- cadabra2-2.4.3.2/debian/rules   2022-10-13 09:06:04.0 +0200
+++ cadabra2-2.4.3.2/debian/rules   2023-05-26 08:41:29.0 +0200
@@ -27,6 +27,9 @@
dh_auto_install
sed -i s,python3.10,python3,g debian/cadabra2/usr/bin/cadabra2
sed -i s,site-,dist-,g debian/cadabra2/usr/bin/cadabra2
+   mv 
debian/cadabra2/usr/lib/python3.*/site-packages/notebook/static/components 
debian/cadabra2/usr/share/javascript
+   rmdir debian/cadabra2/usr/lib/python3.*/site-packages/notebook/static
+   rmdir debian/cadabra2/usr/lib/python3.*/site-packages/notebook
 
 override_dh_shlibdeps:
@echo test

Bug#962629: rainloop: Rainloop stores passwords in cleartext in logfile

2023-05-27 Thread Guilhem Moulin 
Control: tag -1 unreproducible

On Wed, 10 Jun 2020 at 23:19:41 +0200, Marco Herrn wrote:
> When writing into a logfile, rainloop writes the passwords of all
> login attempts (successful or not) into the logfile in cleartext.

FWIW I'm not able to reproduce this with the version from Debian buster
(1.12.1-2).  Stock config, just replaced ‘enable = Off’ with ‘enable = On’
in /etc/rainloop/application.ini's ‘[logs]’ section.  (‘hide_passwords’
remains set as per default.)  I see my username in the log, but the
passphrase is replaced with (a fixed number of) asterisks in both in
succesful and failed sessions:

INFO[DATA]: 
[DATE:27.05.23][OFFSET:-00][RL:1.12.1][PHP:7.3.31-1~deb10u3][IP:127.0.0.1][PID:976085][nginx/1.14.2][fpm-fcgi]
INFO[DATA]: 
[Suhosin:off][APC:off][MB:off][PDO:~][Streams:tcp,udp,unix,udg,ssl,tls,tlsv1.0,tlsv1.1,tlsv1.2]
REQUEST[NOTE]: [POST] http://127.0.0.1/?/Ajax/[]=/0/
AJAX[NOTE]: Action: DoLogin
POST[DATA]: 
{"Email":"guil...@example.net","Login":"","Password":"***","Language":"","AdditionalCode":"","AdditionalCodeSignMe":"0","SignMe":"0","Action":"Login","XToken":"[…]"}
IMAP[NOTE]: Start connection to "ssl://imap.example.net:993"
IMAP[NOTE]: Connected (success)
IMAP[DATA]: < * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE 
IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN] howdy, ready.\r\n
IMAP[DATA]: > TAG1 AUTHENTICATE PLAIN\r\n
IMAP[DATA]: < + \r\n
IMAP[SECURE]: > ***\r\n
IMAP[DATA]: < TAG1 NO [AUTHENTICATIONFAILED] Authentication failed.\r\n
IMAP[WARNING]: MailSo\Imap\Exceptions\NegativeResponseException: 
MailSo-Imap-Exceptions-NegativeResponseException (ImapClient.php ~ 1874) in 
/usr/share/rainloop/app/libraries/MailSo/Imap/ImapClient.php:1874
Stack trace:
#0 /usr/share/rainloop/app/libraries/MailSo/Imap/ImapClient.php(1951): 
MailSo\Imap\ImapClient->validateResponse(Array)
#1 /usr/share/rainloop/app/libraries/MailSo/Imap/ImapClient.php(281): 
MailSo\Imap\ImapClient->parseResponseWithValidation()
#2 /usr/share/rainloop/app/libraries/MailSo/Mail/MailClient.php(92): 
MailSo\Imap\ImapClient->Login('guilhem@example', '***', '', true, false)
#3 /usr/share/rainloop/app/libraries/RainLoop/Model/Account.php(451): 
MailSo\Mail\MailClient->Login('guilhem@example', '***', '', true, false)
#4 /usr/share/rainloop/app/libraries/RainLoop/Actions.php(2078): 
RainLoop\Model\Account->IncConnectAndLoginHelper(Object(RainLoop\Plugins\Manager),
 Object(MailSo\Mail\MailClient), Object(RainLoop\Config\Application))
#5 /usr/share/rainloop/app/libraries/RainLoop/Actions.php(2329): 
RainLoop\Actions->CheckMailConnection(Object(RainLoop\Model\Account), true)
#6 /usr/share/rainloop/app/libraries/RainLoop/Actions.php(2381): 
RainLoop\Actions->LoginProcess('guilhem@example', '***', '', '', false)
#7 /usr/share/rainloop/app/libraries/RainLoop/ServiceActions.php(172): 
RainLoop\Actions->DoLogin()
#8 /usr/share/rainloop/app/libraries/RainLoop/Service.php(146): 
RainLoop\ServiceActions->ServiceAjax('')
#9 /usr/share/rainloop/app/libraries/RainLoop/Service.php(56): 
RainLoop\Service->localHandle()
#10 /usr/share/rainloop/app/libraries/RainLoop/Service.php(79): 
RainLoop\Service->__construct()
#11 /usr/share/rainloop/app/handle.php(94): RainLoop\Service::Handle()
#12 /usr/share/rainloop/include.php(228): include('/usr/share/rain...')
#13 /usr/share/rainloop/index.php(13): include('/usr/share/rain...')
#14 {main}
IMAP[NOTICE]: MailSo\Imap\Exceptions\NegativeResponseException: 
MailSo-Imap-Exceptions-NegativeResponseException (ImapClient.php ~ 1874) in 
/usr/share/rainloop/app/libraries/MailSo/Imap/ImapClient.php:1874
Stack trace:
#0 /usr/share/rainloop/app/libraries/MailSo/Imap/ImapClient.php(1951): 
MailSo\Imap\ImapClient->validateResponse(Array)
#1 /usr/share/rainloop/app/libraries/MailSo/Imap/ImapClient.php(281): 
MailSo\Imap\ImapClient->parseResponseWithValidation()
#2 /usr/share/rainloop/app/libraries/MailSo/Mail/MailClient.php(92): 
MailSo\Imap\ImapClient->Login('guilhem@example', '***', '', true, false)
#3 /usr/share/rainloop/app/libraries/RainLoop/Model/Account.php(451): 
MailSo\Mail\MailClient->Login('guilhem@example', '***', '', true, false)
#4 /usr/share/rainloop/app/libraries/RainLoop/Actions.php(2078): 
RainLoop\Model\Account->IncConnectAndLoginHelper(Object(RainLoop\Plugins\Manager),
 Object(MailSo\Mail\MailClient), Object(RainLoop\Config\Application))
#5 /usr/share/rainloop/app/libraries/RainLoop/Actions.php(2329): 
RainLoop\Actions->CheckMailConnection(Object(RainLoop\Model\Account), true)
#6 /usr/share/rainloop/app/libraries/RainLoop/Actions.php(2381): 
RainLoop\Actions->LoginProcess('guilhem@example', '***', '', '', false)
#7 /usr/share/rainloop/app/libraries/RainLoop/ServiceActions.php(172): 
RainLoop\Actions->DoLogin()
#8 /usr/share/rainloop/app/libraries/RainLoop/Service.php(146):

Bug#1036809: pre-unblock: reaver/1.6.6-1

2023-05-27 Thread Leandro Cunha 
On Sat, May 27, 2023 at 6:13 AM Sebastian Ramacher  wrote:
> Isthe new upstream release a bug fix only release? What's upstream's policy on
> that?

Looking through the emails, I think this went unanswered about being a
bugfix release and the answer would be yes.

Changelog upstream to 1.6.6:

several improvements have been made:
improved bruteforce mode using .wpc save files.
automatic pixiewps pin retrieval and live injection in current session
if pin is cracked before the timeout happens,
experimental uptime command line switch -u
lots of bugfixes and improvements

New debian changelog now fixes bugs (and one is release critical) only
and with NMU.

 reaver (1.6.6-0.1) unstable; urgency=high
 .
   * Non-maintainer upload.
   * New upstream version.
   * debian/watch:
 - Fix watch file is broken and generating errors. (Closes: #901595)
 - Change version of 3 to 4.
   * Fix segmentation fault. (Closes: #1036591)

-- 
Cheers,
Leandro Cunha

Bug#1035543: init-system-helpers: new systemd units may not get enabled on upgrades from bullseye if systemd is installed

2023-05-27 Thread Helmut Grohne 
Hi,

I sat down with Jochen in Hamburg to try and fix this.

On Sun, May 14, 2023 at 03:21:24PM -0400, Theodore Ts'o wrote:
> Can someone send the instructions on how to fix this?

We wish we could give you. Instead, we document our findings, so maybe the
next one looking into this bug has a better idea, but for now we give up
as it is too late for bookworm anyway.

As Michael pointed out, i-s-h does not support removing a WantedBy from
a unit. Arguably, this is a bug in i-s-h, but we wouldn't be changing
i-s-h at this time of the freeze.

In the upgrade scenario, debhelper inserts code that becomes d-s-h
unmask; d-s-h was-enabled; d-s-h enable. None of that code is able to
clean up the old link (in default.target). When working in a chroot, it
is sufficient to do:

d-s-h unmkas
if d-s-h was-enabled
d-s-h disable# added
d-s-h update-state   # added
d-s-h enable
else
d-s-h update-state

The disable would remove the old link from /etc. The update-state would
clean it from /var and then things would just work. However, when
running this in a VM with systemd running, the unit would then end up as
disabled, which is not what we want. Comparing the debug output from
d-s-h, we could not figure out why it ends up disabling the unit.

So all we can do now, is document this and attach the dysfunctional
patch (please don't apply).

Helmut and Jochen
diff -Nru e2fsprogs-1.47.0/debian/changelog e2fsprogs-1.47.0/debian/changelog
--- e2fsprogs-1.47.0/debian/changelog   2023-03-05 04:16:08.0 +0100
+++ e2fsprogs-1.47.0/debian/changelog   2023-05-27 16:11:40.0 +0200
@@ -1,3 +1,10 @@
+e2fsprogs (1.47.0-2.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * This fix does not work. Do not apply it.
+
+ -- Helmut Grohne   Sat, 27 May 2023 16:11:40 +0200
+
 e2fsprogs (1.47.0-2) unstable; urgency=medium
 
   * Don't enable metadata_csum_seed and orhpan_file by default (Closes:
diff -Nru e2fsprogs-1.47.0/debian/e2fsprogs.postinst 
e2fsprogs-1.47.0/debian/e2fsprogs.postinst
--- e2fsprogs-1.47.0/debian/e2fsprogs.postinst  2023-03-05 04:16:08.0 
+0100
+++ e2fsprogs-1.47.0/debian/e2fsprogs.postinst  2023-05-27 16:09:56.0 
+0200
@@ -10,4 +10,25 @@
 
 #DEBHELPER#
 
+# Manually added instead of the stuff that dh_installsystemd would have added
+if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = 
"abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then
+   # This will only remove masks created by d-s-h on package removal.
+   deb-systemd-helper unmask 'e2scrub_reap.service' >/dev/null || true
+
+   # was-enabled defaults to true, so new installations run enable.
+   if deb-systemd-helper --quiet was-enabled 'e2scrub_reap.service'; then
+   # Since we remove a WantedBy, we disable and update-state first
+   deb-systemd-helper disable e2scrub_reap.service >/dev/null || 
true
+   deb-systemd-helper update-state e2scrub_reap.service >/dev/null 
|| true
+   # Enables the unit on first installation, creates new
+   # symlinks on upgrades if the unit file has changed.
+   deb-systemd-helper enable 'e2scrub_reap.service' >/dev/null || 
true
+   else
+   # Update the statefile to add new symlinks (if any), which need 
to be
+   # cleaned up on purge. Also remove old symlinks.
+   deb-systemd-helper update-state 'e2scrub_reap.service' 
>/dev/null || true
+   fi
+fi
+# End of what should have worked automatically
+
 exit 0
diff -Nru e2fsprogs-1.47.0/debian/e2fsprogs.postrm 
e2fsprogs-1.47.0/debian/e2fsprogs.postrm
--- e2fsprogs-1.47.0/debian/e2fsprogs.postrm1970-01-01 01:00:00.0 
+0100
+++ e2fsprogs-1.47.0/debian/e2fsprogs.postrm2023-05-27 16:11:23.0 
+0200
@@ -0,0 +1,23 @@
+#!/bin/sh
+
+# Abort on error.
+set -e
+
+#DEBHELPER#
+
+# Manually added instead of the stuff that dh_installsystemd would have added
+if [ "$1" = "remove" ]; then
+   if [ -x "/usr/bin/deb-systemd-helper" ]; then
+   deb-systemd-helper mask e2scrub_reap.service >/dev/null || true
+   fi
+fi
+
+if [ "$1" = "purge" ]; then
+   if [ -x "/usr/bin/deb-systemd-helper" ]; then
+   deb-systemd-helper purge e2scrub_reap.service >/dev/null || true
+   deb-systemd-helper unmask e2scrub_reap.service >/dev/null || 
true
+   fi
+fi
+# End of what should have worked automatically
+
+exit 0
diff -Nru e2fsprogs-1.47.0/debian/e2fsprogs.prerm 
e2fsprogs-1.47.0/debian/e2fsprogs.prerm
--- e2fsprogs-1.47.0/debian/e2fsprogs.prerm 1970-01-01 01:00:00.0 
+0100
+++ e2fsprogs-1.47.0/debian/e2fsprogs.prerm 2023-05-27 16:11:07.0 
+0200
@@ -0,0 +1,14 @@
+#!/bin/sh
+
+# Abort on error.
+set -e
+
+#DEBHELPER#
+
+# Manually added instead of the stuff that dh_installsystemd would have added
+if [ -z "${DPKG_ROOT:-}" ] && [ "$1" = remove ] && [ -d /run/systemd/system ]

Bug#1036849: bookworm-pu: package gnome-software/43.5-0+deb12u1

2023-05-27 Thread Simon McVittie 
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: gnome-softw...@packages.debian.org
Control: affects -1 + src:gnome-software

GNOME upstream has done a stable point release of gnome-software. This
doesn't seem urgent enough to want to break the freeze for, but it would
be good to get it in 12.1.

[ Reason ]
User request on #1036312; upstream stable release fixing memory leaks

[ Impact ]
If not fixed, presumably gnome-software will gradually leak memory.
I've asked the reporter of #1036312 for further context.
The bug reporter describes these as security fixes, but I don't understand
the basis for saying this.

[ Tests ]
Manually tested on my laptop (mixed testing+unstable+experimental),
seems to be able to upgrade packages successfully. I'll test it further
on a more pure bookworm system.

[ Risks ]
Low risk, the changes are narrowly-targeted and look obviously correct.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in bookworm
  [ ] the issue is verified as fixed in unstable

[ Changes ]
New upstream release with memory leak fixes and no other changes.

[ Other info ]
I have not uploaded to unstable due to the full freeze, and I can't
upload to experimental because GNOME 44 is already there.

May I upload this to unstable as 43.5-1 to get it some more testing,
on the understanding that if there is an unforeseen urgent change to
gnome-software, these fixes can be included with it? If I do that,
presumably the upload to bookworm would become 43.5-1~deb12u1.
diff --git a/NEWS b/NEWS
index 1c3f395b5..535bae910 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,10 @@
+Version 43.5
+
+Released: 2023-03-03
+
+This is a stable release with the following change:
+ * Fix few memory leaks
+
 Version 43.4
 
 Released: 2023-02-10
diff --git a/data/metainfo/org.gnome.Software.metainfo.xml.in b/data/metainfo/org.gnome.Software.metainfo.xml.in
index 27b65fca0..a43e442d3 100644
--- a/data/metainfo/org.gnome.Software.metainfo.xml.in
+++ b/data/metainfo/org.gnome.Software.metainfo.xml.in
@@ -66,6 +66,14 @@
Validate with `appstreamcli validate *.metainfo.xml`
   -->
   
+
+  
+This is a stable release with the following change:
+
+  Fix few memory leaks
+
+  
+
 
   
 This is a stable release with the following changes:
diff --git a/debian/changelog b/debian/changelog
index a7a4411c4..21adfbac3 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,13 @@
+gnome-software (43.5-0+deb12u1) UNRELEASED; urgency=medium
+
+  * d/gbp.conf: Use upstream/43.x branch to import new upstream versions
+  * d/watch: Only watch for versions 43.x
+  * New upstream release 43.5
+- Fix some memory leaks (Closes: #1036312)
+  * Refresh patch series (no functional changes)
+
+ -- Simon McVittie   Sat, 27 May 2023 15:26:56 +0100
+
 gnome-software (43.4-1) unstable; urgency=medium
 
   * New upstream release
diff --git a/debian/gbp.conf b/debian/gbp.conf
index 50a9f77f2..4a341ca18 100644
--- a/debian/gbp.conf
+++ b/debian/gbp.conf
@@ -1,7 +1,7 @@
 [DEFAULT]
 pristine-tar = True
 debian-branch = debian/bookworm
-upstream-branch = upstream/latest
+upstream-branch = upstream/43.x
 
 [buildpackage]
 sign-tags = True
diff --git a/debian/patches/01_details-Use-custom-icon-for-verified-developers.patch b/debian/patches/01_details-Use-custom-icon-for-verified-developers.patch
index 93660036e..5f79360e2 100644
--- a/debian/patches/01_details-Use-custom-icon-for-verified-developers.patch
+++ b/debian/patches/01_details-Use-custom-icon-for-verified-developers.patch
@@ -29,7 +29,7 @@ index 000..57c0f11
 +
 \ No newline at end of file
 diff --git a/src/gnome-software.gresource.xml b/src/gnome-software.gresource.xml
-index 941dd40..2d1f2ff 100644
+index 4efe369..9f897a5 100644
 --- a/src/gnome-software.gresource.xml
 +++ b/src/gnome-software.gresource.xml
 @@ -54,6 +54,7 @@
@@ -41,7 +41,7 @@ index 941dd40..2d1f2ff 100644
../data/icons/system-component-addon.svg
../data/icons/system-component-application.svg
 diff --git a/src/gs-details-page.ui b/src/gs-details-page.ui
-index 8b0e88b..4c120ef 100644
+index d3fad10..37c657b 100644
 --- a/src/gs-details-page.ui
 +++ b/src/gs-details-page.ui
 @@ -173,7 +173,7 @@
diff --git a/debian/watch b/debian/watch
index 64675b41f..94c24ddb9 100644
--- a/debian/watch
+++ b/debian/watch
@@ -1,4 +1,4 @@
 version=4
 opts="searchmode=plain, uversionmangle=s/\.(alpha|beta|rc)/~$1/, downloadurlmangle=s|cache.json||" \
 https://download.gnome.org/sources/@PACKAGE@/cache.json \
-	[\d.]+/@PACKAGE@-([\d.]+)@ARCHIVE_EXT@
+	43/@PACKAGE@-([\d.]+)@ARCHIVE_EXT@
diff --git a/lib/gs-plugin-job-list-apps.c b/lib/gs-plugin-job-list-apps.c
index a556387e5..56a4e14be 100644
--- a/lib/gs-plugin-job-list-apps.c
+++ b/lib/gs-plugin-job-list-apps.c
@@

Bug#1036848: qt6-base: CVE-2023-33285

2023-05-27 Thread Salvatore Bonaccorso 
Source: qt6-base
Version: 6.4.2+dfsg-9
Severity: important
Tags: security upstream
Forwarded: https://codereview.qt-project.org/c/qt/qtbase/+/477644
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for qt6-base.

CVE-2023-33285[0]:
| An issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9,
| and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-
| read via a crafted reply from a DNS server.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-33285
https://www.cve.org/CVERecord?id=CVE-2023-33285
[1] https://codereview.qt-project.org/c/qt/qtbase/+/477644
[2] 
https://codereview.qt-project.org/gitweb?p=qt/qtbase.git;a=commitdiff;h=7dba2c87619d558a61a30eb30cc1d9c3fe6df94c

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#1035056: [pre-approval] plasma-desktop 5.27.X

2023-05-27 Thread Aurélien COUDERC 
Dear Paul,

Le mardi 16 mai 2023, 22:20:37 CEST Paul Gevers a écrit :

> > We don’t have the personpower to backport all these fixes to 5.27.2
> > individually and even if we did it would be a questionable option.
> 
> I think we are aligned on that. But having said that, are there bug you 
> have particularly on your radar? And would it be an option to not cherry 
> pick backport bug fixes, but cherry pick packages with their bug fixes?

I don’t have particular bugs in mind, I think the selection that upstream
makes of bugs that deserve a fix in their stable 5.27 branch makes sense for
us to follow.

You can get an idea of the kind of bugs fixed at [0].
There’s no « fixed in version » field in their bugzilla so I took the list of
bugs reported against 5.27.2..5.27.4 marked as fixed as an approximation.

[0] 
https://bugs.kde.org/buglist.cgi?query_format=advanced=FIXED=5.27.2=5.27.3=5.27.4

Also note that some package (build)depend on other packages in the Plasma set
having the exact same upstream version. While not a good argument in itself
that still means we would need to do some version-fu to make the package
cherry-pick option work.


I’ve made some statistics about the 56-package Plasma set and between 5.27.2
(in testing) and 5.27.5 (in experimental) we have :
- 4 packages with no change besides the version bump
- 20 packages with transaltion-only commits (upstream never mentions these in
their release notes)
- 32 remaining packages having code fixes and mentioned in the release note,
including 5 not having an explicit bug id linked

Please find the details in the table below.


Best,
--
Aurélien

| package   | has  | has non-transl | mentioned in | 
bug fixed in |
|   | translations | commits| rel notes| 
rel notes|
|---|--||--|--|
|breeze-grub|  ||  |
  |
|breeze-plymouth|  ||  |
  |
|layer-shell-qt |  ||  |
  |
|oxygen-sounds  |  ||  |
  |
|kactivitymanagerd  |   x  ||  |
  |
|kdecoration|   x  ||  |
  |
|kgamma5|   x  ||  |
  |
|khotkeys   |   x  ||  |
  |
|kmenuedit  |   x  ||  |
  |
|ksshaskpass|   x  ||  |
  |
|ksystemstats   |   x  ||  |
  |
|milou  |   x  ||  |
  |
|oxygen |   x  ||  |
  |
|plasma-bigscreen   |   x  ||  |
  |
|plasma-browser-integration |   x  ||  |
  |
|kwrited|   x  ||  |
  |
|plasma-disks   |   x  ||  |
  |
|plasma-firewall|   x  ||  |
  |
|plasma-nano|   x  ||  |
  |
|plasma-systemmonitor   |   x  ||  |
  |
|plasma-thunderbolt |   x  ||  |
  |
|plasma-vault   |   x  ||  |
  |
|plasma-workspace-wallpapers|   x  ||  |
  |
|plymouth-kcm   |   x  ||  |
  |
|qqc2-breeze-style  |  |x   |   x  |
  |
|drkonqi|   x  |x   |   x  |
  |
|kwallet-pam|   x  |x   |   x  |
  |
|libksysguard   |   x  |x   |   x  |
  |
|sddm-kcm   |   x  |x   |   x  |
  |
|breeze-gtk |  |x   |   x  |
   x  |
|bluedevil  |   x  |x   |   x  |
   x  |
|breeze |   x  |x   |   x  |
   x  |
|flatpak-kcm|   x  |x   |   x  |
   x  |
|kde-cli-tools

Bug#1036847: sofia-sip: CVE-2023-32307: heap-over-flow and integer-overflow in stun_parse_attr_error_code and stun_parse_attr_uint32

2023-05-27 Thread Salvatore Bonaccorso 
Source: sofia-sip
Version: 1.12.11+20110422.1+1e14eea~dfsg-5
Severity: grave
Tags: security upstream
Forwarded: https://github.com/freeswitch/sofia-sip/pull/214
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for sofia-sip.

CVE-2023-32307[0]:
| Sofia-SIP is an open-source SIP User-Agent library, compliant with the
| IETF RFC3261 specification. Referring to [GHSA-8599-x7rq-
| fr54](https://github.com/freeswitch/sofia-
| sip/security/advisories/GHSA-8599-x7rq-fr54), several other potential
| heap-over-flow and integer-overflow in stun_parse_attr_error_code and
| stun_parse_attr_uint32 were found because the lack of attributes
| length check when Sofia-SIP handles STUN packets. The previous patch
| of [GHSA-8599-x7rq-fr54](https://github.com/freeswitch/sofia-
| sip/security/advisories/GHSA-8599-x7rq-fr54) fixed the vulnerability
| when attr_type did not match the enum value, but there are also
| vulnerabilities in the handling of other valid cases. The OOB read and
| integer-overflow made by attacker may lead to crash, high consumption
| of memory or even other more serious consequences. These issue have
| been addressed in version 1.13.15. Users are advised to upgrade.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-32307
https://www.cve.org/CVERecord?id=CVE-2023-32307
[1] https://github.com/freeswitch/sofia-sip/pull/214
[2] 
https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-rm4c-ccvf-ff9c
[3] 
https://github.com/freeswitch/sofia-sip/commit/c3bbc50c88d168065de34ca01b9b1d98c1b0e810

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#1036312: Unfixed memory leaks in gnome-software in Bookworm

2023-05-27 Thread Simon McVittie 
Control: tags -1 + moreinfo

On Fri, 19 May 2023 at 07:43:15 +, Albrecht Schwenke wrote:
> In Gnome Software 43.4 there are several unfixed memory leaks, which where
> fixed in gnome-software 43.5:
> [1]https://gitlab.gnome.org/GNOME/gnome-software/-/blob/gnome-43/NEWS

Upgrading to gnome-software 43.5 can potentially happen as a bookworm
update, but we'll need enough information to be able to give the release
team the context they need. Are these memory leaks sufficiently large to
be measurable during normal use, or do you only know about them because
they were mentioned in NEWS? Is there a way to cause the memory leaks to
become more visible, perhaps by doing some action in the UI repeatedly?

I've uploaded a prerelease version of an updated gnome-software (among
other packages) to: 
If possible, please check whether that version resolves this.

> It would be nice if these security fixes could be applied to the 
> gnome-software
> package in Debian.

Is there a reason why you describe these as security fixes? My assumption
from that NEWS entry would have been that gnome-software's memory
use grows over time, but most likely not at a sufficient rate to be
immediately problematic, and most likely not in a way that an attacker
can trigger in order to cause denial of service. If that's the case, then
they aren't a security vulnerability, just an ordinary bug.

(If you believe these leaks are a security vulnerability for reasons that
are not known to the public, then please contact secur...@debian.org
privately, and do not reply to this bug address until the relevant
information becomes public.)

Thanks,
smcv

Bug#1036268: gnome-shell: Session crashes, thrown out to login screen, after the session has been idle & screen switched off

2023-05-27 Thread Simon McVittie 
On Thu, 18 May 2023 at 11:47:19 +0200, Amr Ibrahim wrote:
> After I leave the session idle for some time, with some apps open, and the
> screen has switched off, I come back to find that the whole session has been
> thrown out to the login screen, and I have to log myself in again to a new
> session.

This could be .

What is logged in the systemd journal when this crash occurs?

A backtrace from the crash would be very useful information for this or any
other crash. Please see :
usually the easiest way is to use the systemd-coredump package, as described
in .

smcv

Bug#1035748: unblock: modsecurity/3.0.9-1

2023-05-27 Thread Salvatore Bonaccorso 
Hi Alberto,

On Wed, May 24, 2023 at 12:26:33PM +0200, Paul Gevers wrote:
> control: tags -1 moreinfo
> 
> Hi,
> 
> On Mon, 08 May 2023 18:16:51 +0200 Alberto Gonzalez Iniesta
>  wrote:
> > A new upstream version of modsecurity fixes a security bug
> > (CVE-2023-28882, #1035083).
> > We also fixed a FTBFS in the meantime (#1034760).
> > Also nginx moved to pcre2, which we also did after the current version
> > in bookworm.
> 
> Your message didn't reach our mail list, which typically is a bad sign
> because it means your debdiff is big. New upstream releases are typically
> not what we consider targeted fixes which are all we accept in this phase of
> the release. Please read the FAQ [1] and provide all relevant information
> pointed out there, particularly about upstream's policy on new releases.

Did you saw Paul's query? I'm asking since the deadline for unblock
requests is tomorrow already.

Regards,
Salvatore

Bug#1036846: unblock: isa-support/15.1

2023-05-27 Thread Andreas Beckmann 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Control: affects -1 + src:isa-support

Please unblock package isa-support

[ Reason ]
Generated control files used a partially uppercase package name,
therefore the dpkg-maintscript-helper calls and the lintian overrides
were not effective.
Use the correct (lowercase) package name and bump the version s.t.
dpkg-maintscriot-helper dir_to_symlink actually performs the cleanup on
upgrades (from both stable and testing with the buggy packages).

[ Impact ]
/usr/share/doc/$PKG remaining as an empty directory after upgrades from
bullseye to bookworm, /usr/share/doc/$PKG/copyright missing.

[ Tests ]
Local piuparts tests showed clean bullseye->bookworm upgrades with the
fixed packages.

[ Risks ]
Low. If it still does not work, it won't be different from what is in
testing.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]
n/a

unblock isa-support/15.1

Andreas
diff -Nru isa-support-15/debian/@lcn...@-support.lintian-overrides.in 
isa-support-15.1/debian/@lcn...@-support.lintian-overrides.in
--- isa-support-15/debian/@lcn...@-support.lintian-overrides.in 2022-08-16 
22:59:09.0 +0200
+++ isa-support-15.1/debian/@lcn...@-support.lintian-overrides.in   
2023-05-25 21:44:40.0 +0200
@@ -1,2 +1,2 @@
 # debconf is optional, for nicer fail messages
-@NAME@-support: missing-debconf-dependency-for-preinst
+@LCNAME@-support: missing-debconf-dependency-for-preinst
diff -Nru isa-support-15/debian/@lcn...@-support.maintscript.in 
isa-support-15.1/debian/@lcn...@-support.maintscript.in
--- isa-support-15/debian/@lcn...@-support.maintscript.in   2022-08-17 
12:16:43.0 +0200
+++ isa-support-15.1/debian/@lcn...@-support.maintscript.in 2023-05-25 
21:43:56.0 +0200
@@ -1 +1 @@
-dir_to_symlink /usr/share/doc/@NAME@-support isa-support 8~
\ No newline at end of file
+dir_to_symlink /usr/share/doc/@LCNAME@-support isa-support 15.1~
diff -Nru isa-support-15/debian/altivec-support.maintscript 
isa-support-15.1/debian/altivec-support.maintscript
--- isa-support-15/debian/altivec-support.maintscript   2022-09-12 
12:52:10.0 +0200
+++ isa-support-15.1/debian/altivec-support.maintscript 2023-05-25 
21:44:40.0 +0200
@@ -1 +1 @@
-dir_to_symlink /usr/share/doc/altivec-support isa-support 8~
\ No newline at end of file
+dir_to_symlink /usr/share/doc/altivec-support isa-support 15.1~
diff -Nru isa-support-15/debian/armv6-support.lintian-overrides 
isa-support-15.1/debian/armv6-support.lintian-overrides
--- isa-support-15/debian/armv6-support.lintian-overrides   2022-09-12 
12:52:10.0 +0200
+++ isa-support-15.1/debian/armv6-support.lintian-overrides 2023-05-25 
21:44:40.0 +0200
@@ -1,2 +1,2 @@
 # debconf is optional, for nicer fail messages
-ARMv6-support: missing-debconf-dependency-for-preinst
+armv6-support: missing-debconf-dependency-for-preinst
diff -Nru isa-support-15/debian/armv6-support.maintscript 
isa-support-15.1/debian/armv6-support.maintscript
--- isa-support-15/debian/armv6-support.maintscript 2022-09-12 
12:52:10.0 +0200
+++ isa-support-15.1/debian/armv6-support.maintscript   2023-05-25 
21:44:40.0 +0200
@@ -1 +1 @@
-dir_to_symlink /usr/share/doc/ARMv6-support isa-support 8~
\ No newline at end of file
+dir_to_symlink /usr/share/doc/armv6-support isa-support 15.1~
diff -Nru isa-support-15/debian/armv6k-support.lintian-overrides 
isa-support-15.1/debian/armv6k-support.lintian-overrides
--- isa-support-15/debian/armv6k-support.lintian-overrides  2022-09-12 
12:52:10.0 +0200
+++ isa-support-15.1/debian/armv6k-support.lintian-overrides2023-05-25 
21:44:40.0 +0200
@@ -1,2 +1,2 @@
 # debconf is optional, for nicer fail messages
-ARMv6K-support: missing-debconf-dependency-for-preinst
+armv6k-support: missing-debconf-dependency-for-preinst
diff -Nru isa-support-15/debian/armv6k-support.maintscript 
isa-support-15.1/debian/armv6k-support.maintscript
--- isa-support-15/debian/armv6k-support.maintscript2022-09-12 
12:52:10.0 +0200
+++ isa-support-15.1/debian/armv6k-support.maintscript  2023-05-25 
21:44:40.0 +0200
@@ -1 +1 @@
-dir_to_symlink /usr/share/doc/ARMv6K-support isa-support 8~
\ No newline at end of file
+dir_to_symlink /usr/share/doc/armv6k-support isa-support 15.1~
diff -Nru isa-support-15/debian/armv7-support.lintian-overrides 
isa-support-15.1/debian/armv7-support.lintian-overrides
--- isa-support-15/debian/armv7-support.lintian-overrides   2022-09-12 
12:52:10.0 +0200
+++ isa-support-15.1/debian/armv7-support.lintian-overrides 2023-05-25 
21:44:40.0 +0200
@@ -1,2 +1,2 @@
 # debconf is optional, for nicer fail messages
-ARMv7-support: missing-debconf-dependency-for-preinst
+armv7-support:

Bug#1036844: lucene++: autopkgtest regression due to new CMake warning

2023-05-27 Thread Timo Röhling 
Source: lucene++
Version: 3.0.8-6
Severity: normal

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Dear maintainer,

starting with CMake 3.26, a new warning is issued if
cmake_minimum_required() is not called before project(),
as some policy settings affect the behavior of project().

Your package is affected:


  autopkgtest [22:48:02]: test cmake-test:  - - - - - - - - - - results - - - - 
- - - - - -
  cmake-test   FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  autopkgtest [22:48:02]: test cmake-test:  - - - - - - - - - - stderr - - - - 
- - - - - -
  CMake Warning (dev) at CMakeLists.txt:1 (project):
cmake_minimum_required() should be called prior to this top-level project()
call.  Please see the cmake-commands(7) manual for usage documentation of
both commands.
  This warning is for project developers.  Use -Wno-dev to suppress it.
  
  autopkgtest [22:48:02]:  summary
  cmake-test   FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):


Cheers
Timo

-BEGIN PGP SIGNATURE-

iQGzBAEBCgAdFiEEJvtDgpxjkjCIVtam+C8H+466LVkFAmRyZsMACgkQ+C8H+466
LVkZWAv/V4dYuMuIvF3EKbMsDXm+eRVg1z67w440n9wiml7u2bjEjf8t0vXT4og+
QCVhLjU8Evq2LgdwHWzSoikw7aX50e3T7csPQJXnmCUSm6BNESDERBLfyJZD6Dnf
MuVHK3sl1HFeEqJEUkRP5sx3f/e+ZJ+QkvnSw9Q/ucIgTkwrMU9MoTiWc1ZItH/n
wstxo7jwvsn7rwNbBMCg57BN1hq7F0bKOfbxuWLvOp4uZohkOnpWJdEw5iNWCZsH
9MYOH7CGSrn/LRmUN2/5ktZTN7GQ2v4edh6tptC27swoVqbvymJD3ZN5asVuCpcr
hutjRwyti0oUI9iazHifqLwJ/NuHBgb42HtpTQAlxiXAYIpHOQDQ8LNwT7maDAO5
WZTaUXfxpj1YVF5c8EcSO3F7DNn1TJfhV/RDiv5MLpDYNAXKZ3wqT0HuBHMoKTwF
yrMbh5H0jJQNJ+icTmdbqgIhMfr/OGPHOFrm8K7+ouBAjAR2ZUBwwSsVpg1gyisK
VzE9xMgp
=v8Fl
-END PGP SIGNATURE-

Bug#1036845: qca2: autopkgtest regression due to new CMake warning

2023-05-27 Thread Timo Röhling 
Source: qca2
Version: 2.3.5-2
Severity: normal

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Dear maintainer,

starting with CMake 3.26, a new warning is issued if
cmake_minimum_required() is not called before project(),
as some policy settings affect the behavior of project().

Your package is affected:


  autopkgtest [22:59:59]: test ciphertest-qt5:  - - - - - - - - - - results - - 
- - - - - - - -
  ciphertest-qt5   FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  autopkgtest [22:59:59]: test ciphertest-qt5:  - - - - - - - - - - stderr - - 
- - - - - - - -
  CMake Warning (dev) at CMakeLists.txt:1 (project):
cmake_minimum_required() should be called prior to this top-level project()
call.  Please see the cmake-commands(7) manual for usage documentation of
both commands.
  This warning is for project developers.  Use -Wno-dev to suppress it.
  
  autopkgtest [22:59:59]:  summary
  acc  PASS
  ciphertest-qt5   FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):


Cheers
Timo


-BEGIN PGP SIGNATURE-

iQGzBAEBCgAdFiEEJvtDgpxjkjCIVtam+C8H+466LVkFAmRyZzIACgkQ+C8H+466
LVnNzAwAl25LOo4/QaOlyWcbkSo0ockzDV/GTFY6Xc9M10hAzkBh0CFrJWwQceq/
0nH5If/i7r47vguN8zu+a6G18iE+aUTjgMqdI8GaooM3ipWBZoYOOAelvDoAClFz
GnxHFmrfag7qnQVyQATjodsax6jZ4+qidq19GqZuNqICxmuYE2+OhrCvCKWm+D9m
1dIKhw//JDPRrdGXBNKqJ6/oWmpatEt2BotyFE8XoXU6kr14CYE+SvJXkzG40d/V
c1MWrex7yeAQ3nHHPmjhHd3PVFJhw2zCys8Ut7pwlqsU7W25DYjS+CpOjiSB/F0C
Dy4pcm6hFL8b16CmO0PZeifhmPgYiiQgD5g42ODN3JwNyFFVlMgjOkb3UMpIZZ06
YgUYrXYAQwjoI3+JVsB1pVZwhhNUkHQ7oJYWzJUgRDQI7zDmsF2bhxizyUGHwoRt
U1BeTUJ9ibZOBaugz3FUKh9w5MZs+63UogDdECxFel3bZmHL/36c5hMJpnUYGQ8a
7IVifWiW
=HqAp
-END PGP SIGNATURE-

Bug#1036843: coin3: autopkgtest regression due to new CMake warning

2023-05-27 Thread Timo Röhling 
Source: coin3
Version: 4.0.0+ds-3
Severity: normal

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Dear maintainer,

starting with CMake 3.26, a new warning is issued if
cmake_minimum_required() is not called before project(),
as some policy settings affect the behavior of project().

Your package is affected:


  [...]
  autopkgtest [22:29:30]: test build3:  - - - - - - - - - - results - - - - - - 
- - - -
  build3   FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(PROJECT):
  autopkgtest [22:29:30]: test build3:  - - - - - - - - - - stderr - - - - - - 
- - - -
  CMake Warning (dev) at CMakeLists.txt:1 (PROJECT):
cmake_minimum_required() should be called prior to this top-level project()
call.  Please see the cmake-commands(7) manual for usage documentation of
both commands.
  This warning is for project developers.  Use -Wno-dev to suppress it.
  
  autopkgtest [22:29:30]:  summary
  build1   PASS
  build2   FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(PROJECT):
  build3   FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(PROJECT):


Cheers
Timo


-BEGIN PGP SIGNATURE-

iQGzBAEBCgAdFiEEJvtDgpxjkjCIVtam+C8H+466LVkFAmRyZlEACgkQ+C8H+466
LVmMfgv/Qwigb0RXDmNJ/QnlyjEJRO3YaMPWF/AObzetfSd2ueNx3Edie23kAm5c
tx/EDPx6r3Iv1OKGS57E52UnOAUj9S9oDlF/JgIYS51qS1PiYaW7XSdNXsiDYH62
T2vuIqH88W9UFMTlWV0kmLiAZfIBscWR3mar55OVQtUo77gCOTC8WT2gWkpaUsiq
hRuvfO/4/LxbclycBGHfdJY6GXEKcVjbG8YdD9Iplilz6AkQswmXh/P4KMIljS/Y
naT3POiTPd5ul0zJ/aZbPnEtwM7ZBiTZwnJL0cyDuvUJ0u8t/WJ36u1DHgtEElFj
pr7Zf8zjHaDpXMHrukA/7UvFQyJsC/IcnUICCO5xuyNU6ZF8lyPJAGU11yycD3YR
GvHAuLDr61jdHQEWWe1NdELE5F9o5vhbaJlGJpy1ZGNoNVmBBsY9n6uhzUWeja8t
ANnNxJZucMiiE+aPIHuM/QWmbTk2Xg1K4orjO0s6frZInunDI9MEZnPMqzQMBJI4
Gr19mBSJ
=oLrH
-END PGP SIGNATURE-

Bug#1036842: RM: raidutils -- RoQA; Depends on kernel driver that has been removed

2023-05-27 Thread Ben Hutchings 
Package: ftp.debian.org
Severity: normal
User: ftp.debian@packages.debian.org
Usertags: remove
X-Debbugs-Cc: raidut...@packages.debian.org, Barak A. Pearlmutter 

Control: affects -1 + src:raidutils

raidutils supports Adaptec (formerly DPT) I2O RAID controllers that
were handled by the Linux dpt_i2o driver.

The driver had some serious bugs that resulted in it being removed in
Linux 6.0.  As a result, raidutils can no longer be used with the
kernel in testing or unstable.

Bug#1036841: boost1.81: autopkgtest regression due to new CMake warning

2023-05-27 Thread Timo Röhling 
Source: boost1.81
Version: 1.81.0-5
Severity: normal

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Dear maintainer,

starting with CMake 3.26, a new warning is issued if
cmake_minimum_required() is not called before project(),
as some policy settings affect the behavior of project().

Your package is affected:


  autopkgtest [23:01:45]:  summary
  atomic   FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  chrono   FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  context  FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  containerFAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  coroutineFAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  datetime FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  exceptionPASS
  fiberFAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  filesystem   FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  graphPASS
  graph-parallel   PASS
  iostreamsFAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  locale   FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  log  PASS
  math FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  mpi  PASS
  mpi-python   PASS
  program-options  FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  python   PASS
  random   FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  regexFAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  serializationFAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  stacktrace   FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  system   PASS
  test PASS
  thread   PASS
  timerFAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  type-erasure FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  wave FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):


Cheers
Timo


-BEGIN PGP SIGNATURE-

iQGzBAEBCgAdFiEEJvtDgpxjkjCIVtam+C8H+466LVkFAmRyZbwACgkQ+C8H+466
LVlDDgwAuXaQMPbFPiCyEDCWhLIJBESMMdNInnGNalutnqdM5xAGrCDoNcR5nmHl
9hyvWMSlpZ1uC4aqXSJOHiLlvr2i3gwedDwsStmucU3fuQfRZKRT4MtQQ4RnO+WA
VL58uH0rsy7zxrgMrCIFLg+nO2XmCDC1qkGHP2qYsu/D5pf4HYUA5rN9JB64Yt/1
nZpeQ4a/T8XOsSUtVFV8UvMpD2Hr9LvB6idStC1qlJgXzN3f4KcvMh2bXiwwaNwf
EdRbCE6cDnb5A6MV3mHG6EzyW48a1wJD1dkMkftKg/HBczs7K/Xs/3pQB/lUYYmW
HCedsGNgIIsqZ1IGpxN3uHPbRoYyXtpGWmTXJviWPrX6EOhPgL91CG91JRanxPEY
PCEkfDmxmlBLkzumh6txD0m5oUzvcou4mRSS+6jvXRym3xn5i1pEhtopl35TFsid
947VIdov5er2Pu8EJkUDEZQxLk9VM9s6l2tr7JjX0UtUI9tFPQ4vC8akTpsHsJs3
TFwh6r8h
=SJTC
-END PGP SIGNATURE-

Bug#1036840: boost1.74: autopkgtest regression due to new CMake warning

2023-05-27 Thread Timo Röhling 
Source: boost1.74
Version: 1.74.0+ds1-21
Severity: normal

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Dear maintainer,

starting with CMake 3.26, a new warning is issued if
cmake_minimum_required() is not called before project(),
as some policy settings affect the behavior of project().

Your package is affected:


  autopkgtest [23:01:13]:  summary
  atomic   FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  chrono   FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  context  FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  containerFAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  coroutineFAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  datetime FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  exceptionPASS
  fiberFAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  filesystem   FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  graphPASS
  graph-parallel   PASS
  iostreamsFAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  locale   FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  log  PASS
  math FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  mpi  PASS
  mpi-python   PASS
  program-options  FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  python   PASS
  random   FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  regexFAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  serializationFAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  stacktrace   FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  system   PASS
  test PASS
  thread   PASS
  timerFAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  type-erasure FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):
  wave FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(project):


Cheers
Timo


-BEGIN PGP SIGNATURE-

iQGzBAEBCgAdFiEEJvtDgpxjkjCIVtam+C8H+466LVkFAmRyZTsACgkQ+C8H+466
LVnitAwAqQOWDf2i1d4xgIIExhLW4LIX3FHz2jrz7rtZrKuxyBg5pChyGP6575eu
PC8AZzx2KpCrKhVDrzRnTK+DMAsGgh2kiqhwFUidxID5EmzJshQYbydgrTDvZnqE
yYQp/N8KooOgkm5z1tHa/1+v9IitZAUTtiAsnOZ5E365rKTJjAuvwYV7eiT0bVbl
UdU7/7A+HerxU39DY1xhAn2Y9Vps8gjZkNyypEu38WJKSu70u1gYLd/iFqdY3Dwf
FIjdkT4kJWrK7VkvD1JZOyfC1ApSWS15r0cYDLO6tAjFEClJlXAhuDlTD8taqjZp
i4DOmOfLh9qWrBho006fLs917B+MvbylUORsWYFPej8HXNBbAgatXE6UswqXd11Z
1sC0lBBsPs3LzX1+PO4nyCElVLpod2kTqTnkTYPLP3g+J+zYRf9k9mvKsR/jcgys
RC+O7zN/7A6F5GUZP0mq+9+6T/2GXxwu3SA1vzOrBAfF2V61mJyG1quF/TURtVzn
p1qzPjeU
=s2Zt
-END PGP SIGNATURE-

Bug#1036263: guestfs-tools: FTBFS in testing: make[6]: *** [Makefile:1716: test-suite.log] Error 1

2023-05-27 Thread Salvatore Bonaccorso 
Hi,

On Sat, May 27, 2023 at 09:36:42PM +0200, Martin Hostettler wrote:
> tags -1 + unreproducible
> thanks
> 
> On Thu, 25 May 2023 21:00:18 +0200 Bastian Germann  wrote:
> > I cannot reproduce this.
> > 
> 
> I can't reproduce this either.
> 
> I tried 2 variants and both build fine (using an up to date sid VM to
> run the build using bookworm docker container or pbuilder).
> 
> docker run -it debian:bookworm /bin/bash
> apt install devscripts build-essential aptitude pbuilder
> dget 
> https://deb.debian.org/debian/pool/main/g/guestfs-tools/guestfs-tools_1.48.2-1.dsc
> /usr/lib/pbuilder/pbuilder-satisfydepends
> debuild -uc -us -j4
> 
> Variant B
> docker run --privileged -it debian:bookworm /bin/bash
> apt install devscripts pbuilder
> pbuilder create --distribution bookworm
> dget 
> https://deb.debian.org/debian/pool/main/g/guestfs-tools/guestfs-tools_1.48.2-1.dsc
> pbuilder build --distribution bookworm guestfs-tools_1.48.2-1.dsc 

FWIW, this might be in part the same as #1031471 and can likely be
merged?

Note that to address CVE-2022-2211 I did as well upload guestfs-tools
to the security-archive (not yet published) for bookworm, and the
package did build on all architectures (with the exception that I had
to give it back on ppc64el. 

As guestfs-tools cannot migrate trough unstable, we will release
guestfs-tools 1.48.2-1+deb12u1 via the security-archive for
bookworm-security soonish.

Regards,
Salvatore

Bug#1036839: unblock: sane-backends/1.2.1-2

2023-05-27 Thread Andreas Beckmann 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package sane-backends

[ Reason ]
Some preinst script performed cleanup which resulted in deletion of
files now owned by other packages.
The preinst was unneccessary since the handled files were shipped by the
package, so dpkg will perform all neccessary cleanup if the files get
removed (or moved to another package), no manual cleanup is needed.

[ Impact ]
debsums reports missing files, manpages are missing.

[ Tests ]
Local piuparts tests showed clean bullseye->bookworm upgrades with the
fixed packages.

[ Risks ]

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]
n/a

unblock sane-backends/1.2.1-2

Andreas
diff -Nru sane-backends-1.2.1/debian/changelog 
sane-backends-1.2.1/debian/changelog
--- sane-backends-1.2.1/debian/changelog2023-02-13 19:25:08.0 
+0100
+++ sane-backends-1.2.1/debian/changelog2023-05-16 18:49:09.0 
+0200
@@ -1,3 +1,10 @@
+sane-backends (1.2.1-2) unstable; urgency=medium
+
+  * Fix remove wrong remove manpage (Closes: #1035677):
+- Remove debian/sane-utils.preinst.
+
+ -- Jörg Frings-Fürst   Tue, 16 May 2023 18:49:09 +0200
+
 sane-backends (1.2.1-1) unstable; urgency=medium
 
   * New upstream release:
diff -Nru sane-backends-1.2.1/debian/sane-utils.preinst 
sane-backends-1.2.1/debian/sane-utils.preinst
--- sane-backends-1.2.1/debian/sane-utils.preinst   2022-02-28 
08:15:57.0 +0100
+++ sane-backends-1.2.1/debian/sane-utils.preinst   1970-01-01 
01:00:00.0 +0100
@@ -1,27 +0,0 @@
-#!/bin/sh
-
-set -e
-
-MANPAGE=/usr/share/man/man5/sane-umax_pp.5.gz
-MANLINK=/usr/share/man/man5/umax_pp.5.gz
-
-
-if [ "$1" = upgrade ]; then
-
-## Remove obsolete manpages that are now provided by sane-common
-if dpkg --compare-versions "$2" le "1.1.1-2"; then
-
-   if [ -f "$MANLINK" ] && [ -L "$MANLINK" ]; then
-   rm -rf "$MANLINK"
-   fi
-
-
-   if [ -f "$MANPAGE" ]; then
-   rm -rf "$MANPAGE"
-   fi
-fi
-fi
-
-
-
-#DEBHELPER#

Bug#1034577: Bug exists also for banks using Fiducia

2023-05-27 Thread S. Seide 
Same problem exists for old Fiducia based HBCI servers as GAD and 
Fiducia joined now to Atruvia...


My bank uses https://hbci11.fiducia.de/cgi-bin/hbciservlet as HBCI url 
with the same problem.


New certificate CN is "fints2.atruvia.de" and old fiducia DNS name are 
listed as SubjectAltNames. But AQBanking shows an certificate warning.


As this problem affects a lot of german users - is there a change to 
promote this package to stable to fix this false security warning?


Thanks for the fast fix,
S. Seide

Bug#1036838: assimp: autopkgtest regression due to new CMake warning

2023-05-27 Thread Timo Röhling 
Source: assimp
Version: 5.2.5~ds0-1
Severity: normal
Tags: patch

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Dear maintainer,

starting with CMake 3.26, a new warning is issued if
cmake_minimum_required() is not called before project(),
as some policy settings affect the behavior of project().

Your package is affected:


  autopkgtest [22:29:36]: test command3: ---]
  command3 FAIL stderr: CMake Warning (dev) at CMakeLists.txt:1 
(PROJECT):
  autopkgtest [22:29:36]: test command3:  - - - - - - - - - - results - - - - - 
- - - - -
  autopkgtest [22:29:36]: test command3:  - - - - - - - - - - stderr - - - - - 
- - - - -
  CMake Warning (dev) at CMakeLists.txt:1 (PROJECT):
cmake_minimum_required() should be called prior to this top-level project()
call.  Please see the cmake-commands(7) manual for usage documentation of
both commands.
  This warning is for project developers.  Use -Wno-dev to suppress it.


Please fix debian/tests/CMakeLists_sample.txt by swapping the first two
lines. Thanks!

Cheers
Timo


-BEGIN PGP SIGNATURE-

iQGzBAEBCgAdFiEEJvtDgpxjkjCIVtam+C8H+466LVkFAmRyYowACgkQ+C8H+466
LVk4kAwAm4zxuVGazvSNQ2CLGe4Zequb6C7fBkU9eImrnSKe87NLoX+AVuzso4u3
Z6hjgQW5qKlIKra956tv+nVRoGar+1FresLmHA/Z0QdmWhgu7MrfCcSt7b9GepsN
bWcZHIi/W1y/iPKLc01asbYb5wdiWDDVD618VDITdk3d6eq1IwPM1kQI5h6Gk41x
MKN+hcFbDwq/m/Ah83y4/xuwrjPDKohhFKd+AhjAY3c3XNnePywV6h1hVkoSUOst
VG89snhyVUAGD4dQ8pDYIez2HfbAyHeI1/+jLJOEEJVNceEdB7ReR7KrzoPlp5l9
CWdGseBSwLwWQcSlvPwAgxCSqdc+Afvvf0Fjjh+241rHEBCXF370ehp7dI0Ks6p1
pLr/SZZti3b1yYnE2TxriAVWFc6FPx/Wb0Zi0M432qGdnPxUv2o+shnRM7svJAHN
rs8BMCwR+oYqF97ry6FTtKVEd0AxM2P9BdWXgvEMZI34USRnOK1calLWbD5yC2Dg
eceHkCSf
=mzG0
-END PGP SIGNATURE-

Bug#1036081: pre-unblock: mariadb/1:10.11.3-1

2023-05-27 Thread Otto Kekäläinen 
Status: I've sent requests for comments about
https://salsa.debian.org/mariadb-team/mariadb-server/-/merge_requests/45
this week to maintainer team mailing list and recent contributors and DDs
who have reported bugs in 2023.

I will wait for 6h more for opinions and then finalize the next upload
version.

Bug#1036837: unblock: pyrlp/0.5.1-3.1

2023-05-27 Thread Andreas Beckmann 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Control: affects -1 + src:pyrlp

Please unblock package pyrlp

[ Reason ]
/usr/share/doc/$PKG was changed from a diretory to a symlink,
but the corresponding dpkg-maintscript-helper dir_to_symlnk call was
missing.

[ Impact ]
/usr/share/doc/$PKG remaining as an empty directory,
/usr/share/doc/$PKG/copyright missing.

[ Tests ]
Local piuparts tests showed clean bullseye->bookworm upgrades.

[ Risks ]
Low. One line source change, similar changes have been applied to
dozens other packages in the past, fixing the same issue.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]
n/a

unblock pyrlp/0.5.1-3.1

Andreas
>From 53cca3a3b1ba2992e9a4f5d298c1c5c3bc8398ad Mon Sep 17 00:00:00 2001
From: Andreas Beckmann 
Date: Sat, 27 May 2023 21:27:06 +0200
Subject: [PATCH] perform dir to symlink conversion of
 /usr/share/doc/python-rlp-doc

---
 debian/changelog  | 8 
 debian/python-rlp-doc.maintscript | 1 +
 2 files changed, 9 insertions(+)
 create mode 100644 debian/python-rlp-doc.maintscript

diff --git a/debian/changelog b/debian/changelog
index 8d50671..9d11f64 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+pyrlp (0.5.1-3.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Perform dir to symlink conversion of /usr/share/doc/python-rlp-doc.
+(Closes: #1035765)
+
+ -- Andreas Beckmann   Sat, 27 May 2023 21:26:57 +0200
+
 pyrlp (0.5.1-3) unstable; urgency=medium
 
   * Update UScan configuration for changes in upstream releases page.
diff --git a/debian/python-rlp-doc.maintscript 
b/debian/python-rlp-doc.maintscript
new file mode 100644
index 000..3457c0e
--- /dev/null
+++ b/debian/python-rlp-doc.maintscript
@@ -0,0 +1 @@
+dir_to_symlink /usr/share/doc/python-rlp-doc python3-rlp 0.5.1-3.1~
-- 
2.20.1

Bug#1036836: unblock: curlpp/0.8.1-5.1

2023-05-27 Thread Andreas Beckmann 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Control: affects -1 + src:curlpp

Please unblock package curlpp

[ Reason ]
Some path was changed from a symlink to a directory containing files,
but the corresponding dpkg-maintscript-helper symlink_to_dir call was
missing.

[ Impact ]
Files ending up at a location in the file system where dpkg does not
track them, possibly silently overwriting other files.

[ Tests ]
Local piuparts tests showed clean bullseye->bookworm upgrades.

[ Risks ]
Low. One line source change, similar changes have been applied to
dozens other packages in the past.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]
n/a

unblock curlpp/0.8.1-5.1

Andreas
diff -Nru curlpp-0.8.1/debian/changelog curlpp-0.8.1/debian/changelog
--- curlpp-0.8.1/debian/changelog   2021-09-03 09:36:39.0 +0200
+++ curlpp-0.8.1/debian/changelog   2023-05-25 15:39:56.0 +0200
@@ -1,3 +1,11 @@
+curlpp (0.8.1-5.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * libcurlpp-dev: Perform symlink to directory conversion of
+/usr/share/doc/libcurlpp-dev.  (Closes: #1035631)
+
+ -- Andreas Beckmann   Thu, 25 May 2023 15:39:56 +0200
+
 curlpp (0.8.1-5) unstable; urgency=medium
 
   * Do not ship symbols at the moment.
diff -Nru curlpp-0.8.1/debian/libcurlpp-dev.maintscript 
curlpp-0.8.1/debian/libcurlpp-dev.maintscript
--- curlpp-0.8.1/debian/libcurlpp-dev.maintscript   1970-01-01 
01:00:00.0 +0100
+++ curlpp-0.8.1/debian/libcurlpp-dev.maintscript   2023-05-25 
15:38:51.0 +0200
@@ -0,0 +1 @@
+symlink_to_dir /usr/share/doc/libcurlpp-dev libcurlpp0 0.8.1-5.1~

Bug#1035691: python3-aiosmtpd: unhandled symlink to directory conversion: /usr/share/doc/python3-aiosmtpd/html/_sources -> ../rst

2023-05-27 Thread Andreas Beckmann 

On 26/05/2023 14.21, Pierre-Elliott Bécue wrote:

Could you upload the patch on salsa (branch=master)?

Done


Will you file the unblock bug or should I do it?

Done

Andreas

Bug#1036263: guestfs-tools: FTBFS in testing: make[6]: *** [Makefile:1716: test-suite.log] Error 1

2023-05-27 Thread Martin Hostettler 
tags -1 + unreproducible
thanks

On Thu, 25 May 2023 21:00:18 +0200 Bastian Germann  wrote:
> I cannot reproduce this.
> 

I can't reproduce this either.

I tried 2 variants and both build fine (using an up to date sid VM to
run the build using bookworm docker container or pbuilder).

docker run -it debian:bookworm /bin/bash
apt install devscripts build-essential aptitude pbuilder
dget 
https://deb.debian.org/debian/pool/main/g/guestfs-tools/guestfs-tools_1.48.2-1.dsc
/usr/lib/pbuilder/pbuilder-satisfydepends
debuild -uc -us -j4

Variant B
docker run --privileged -it debian:bookworm /bin/bash
apt install devscripts pbuilder
pbuilder create --distribution bookworm
dget 
https://deb.debian.org/debian/pool/main/g/guestfs-tools/guestfs-tools_1.48.2-1.dsc
pbuilder build --distribution bookworm guestfs-tools_1.48.2-1.dsc

Bug#1036835: unblock: python-aiosmtpd/1.4.3-1.1

2023-05-27 Thread Andreas Beckmann 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Control: affects -1 + src:python-aiosmtpd

Please unblock package python-aiosmtpd

[ Reason ]
Some path was changed from a symlink to a directory containing files,
but the corresponding dpkg-maintscript-helper symlink_to_dir call was
missing.

[ Impact ]
Files ending up at a location in the file system where dpkg does not
track them, possibly silently overwriting other files.

[ Tests ]
Local piuparts tests showed clean bullseye->bookworm upgrades.

[ Risks ]
Low. One line source change, similar changes have been applied to
dozens other packages in the past.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]
n/a

unblock python-aiosmtpd/1.4.3-1.1

Andreas
>From 8d9d96a7dd7875670b96ace93c18de1b056d3111 Mon Sep 17 00:00:00 2001
From: Andreas Beckmann 
Date: Thu, 25 May 2023 16:10:24 +0200
Subject: [PATCH] perform symlink to directory conversion of
 /usr/share/doc/python3-aiosmtpd/html/_sources

---
 debian/changelog| 8 
 debian/python3-aiosmtpd.maintscript | 1 +
 2 files changed, 9 insertions(+)
 create mode 100644 debian/python3-aiosmtpd.maintscript

diff --git a/debian/changelog b/debian/changelog
index 50c5ce5..72e5698 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+python-aiosmtpd (1.4.3-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Perform symlink to directory conversion of
+/usr/share/doc/python3-aiosmtpd/html/_sources.  (Closes: #1035691)
+
+ -- Andreas Beckmann   Thu, 25 May 2023 16:09:53 +0200
+
 python-aiosmtpd (1.4.3-1) unstable; urgency=medium
 
   * New upstream release 1.4.3 (Closes: #1026471, #1025019)
diff --git a/debian/python3-aiosmtpd.maintscript 
b/debian/python3-aiosmtpd.maintscript
new file mode 100644
index 000..265ff02
--- /dev/null
+++ b/debian/python3-aiosmtpd.maintscript
@@ -0,0 +1 @@
+symlink_to_dir /usr/share/doc/python3-aiosmtpd/html/_sources ../rst 1.4.3-1.1~
-- 
2.20.1

Bug#1036834: mark libmunge2 Multi-Arch: same

2023-05-27 Thread Étienne Mollier 
Package: libmunge2
Version: 0.5.15-2
Severity: wishlist
Tags: patch
Control: affects -1 + src:abyss
X-Debbugs-Cc: debian-cr...@list.debian.org
User: debian-cr...@lists.debian.org
Usertag: cross-satisfiability

Dear Maintainer,

While discussing with Helmut Grohne on the feasibility of cross
building the source package abyss, we noticed that the cross
build environment couldn't install the necessary (although not
sufficient) cross build dependency on libmunge2 for the host
architecture.

After rebuilding a local copy of munge with the Multi-Arch: same
marker per hinter for the libmunge2 package, per patch below,
the cross build environment could satisfy the build dependency
on libmunge2.

--- a/debian/control
+++ b/debian/control
@@ -50,6 +50,7 @@
 Package: libmunge2
 Section: libs
 Architecture: any
+Multi-Arch: same
 Depends: ${shlibs:Depends}, ${misc:Depends}
 Description: authentication service for credential -- library package
  MUNGE (MUNGE Uid 'N' Gid Emporium) is an authentication service

Have a nice day,  :)
Étienne.


signature.asc
Description: PGP signature

Bug#1036833: unblock: haskell-cabal-install/3.4.1.0-3

2023-05-27 Thread Ilias Tsitsimpis 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Control: affects -1 + src:haskell-cabal-install

Please rebuild (binNMU) and unblock package haskell-cabal-install on
32-bit architectures.

  nmu haskell-cabal-install_3.4.1.0-3 . armel armhf i386 mipsel . -m 'rebuild 
with libghc-lukko-dev_0.1.1.3-3'
  unblock haskell-cabal-install/3.4.1.0-3

[ Impact ]
The current version of haskell-cabal-install in testing/unstable is
broken on all 32-bit architectures. This was reported here:

  https://bugs.debian.org/1036023

and the upstream bug for this is:

  https://github.com/haskell/cabal/issues/6602

[ Reason ]
As noted in the upstream bug report, the problem is that the
haskell-lukko library that haskell-cabal-install is using is broken, and
needs to be compiled without OFD locking on 32-bit architectures (see
https://github.com/haskellari/lukko/issues/15).

Fortunately, we have already fixed haskell-lukko on Debian and disabled
OFD locking on 32-bit architectures (see
https://tracker.debian.org/news/1357169/accepted-haskell-lukko-0113-3-source-into-unstable/).
In order to fix haskell-cabal-install, we need to rebuild it on 32-bit
architectures.

[ Tests ]
I have manually rebuilt haskell-cabal-install on i386 (barriere) and
armhf (abel) and verified that this bug was resolved.

Thanks,

-- 
Ilias

Bug#1033730: [release-notes] adduser changes in bookworm

2023-05-27 Thread Paul Gevers 

Control: tags -1 patch pending

Hi,

On 28-04-2023 10:22, Marc Haber wrote:

On Thu, Apr 27, 2023 at 11:00:59PM +0200, Holger Wansing wrote:

Maybe we just want some more generic text like:


I'm fine with that.


I created this text with Marc:

https://salsa.debian.org/ddp-team/release-notes/-/merge_requests/179

Paul


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1036832: should have update date near the title

2023-05-27 Thread Marc Haber 
Package: release-notes
Severity: minor

Hi,

while talking to Paul, we have found out that it might be a good idea to
teach our users that the release notes DO get updated after the release,
something that even I didn't know after 20 years of Debian.

Having the date of last update (of the English translation) prominently
visible, preferable on the first screen of release notes being
displayed, would be a good idea to share this information that way.

Greetings
Marc

Bug#1036081: pre-unblock: mariadb/1:10.11.3-1

2023-05-27 Thread Salvatore Bonaccorso 
Hi Otto,

On Wed, May 24, 2023 at 05:47:58PM +0200, Paul Gevers wrote:
> Hi Otto,
> 
> On 24-05-2023 17:44, Otto Kekäläinen wrote:
> > The CI
> > detected a couple days ago a regression in Piuparts, potentially due
> > to recent adduser 1.133 upload, which I still need to debug and decide
> > what to do on.
> 
> You can ignore it. It's known and being worked on.

Any news on the upload for unstable? The deadline for unblock requests
is *tomorrow*.

Regards,
Salvatore

Bug#1036818: linux on armel/armhf: Perl library unable to access get CPU info from /proc/cpu or kstat

2023-05-27 Thread Salvatore Bonaccorso 
Control: reassign -1 src:lxcfs 5.0.3-1
Control: forwarded -1 https://github.com/lxc/lxcfs/issues/553
Control: affects -1 src:mariadb

Hi,

On Sat, May 27, 2023 at 11:51:26AM +0200, Salvatore Bonaccorso wrote:
> Hi,
> 
> On Sat, May 27, 2023 at 11:50:06AM +0200, Salvatore Bonaccorso wrote:
> > Hi Helge, hi Otto,
> > 
> > On Sat, May 27, 2023 at 09:26:06AM +0200, Helge Deller wrote:
> > > Just wondering / guessing:
> > > 
> > > Are the ARM machines on ci.debian.net (ci-worker-arm??-??)
> > > physical machines, or are they running on qemu-user VMs?
> > > 
> > > If they run qemu, this bug report
> > >  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024653
> > > might be similiar.
> > > 
> > > If so, then qemu probably needs fixing of the output of /proc/cpuinfo
> > > for ARM, e.g. like this:
> > > https://gitlab.com/qemu-project/qemu/-/commit/e0174afeea23e56765db56fbbe465ed1fcbdd07a
> > 
> > The suspect is that /proc/cpuinfo is empty or not readable, and this
> > seems to be a problem with lxcfs after mentioning the issue today to
> > Paul and Jochen.
> > 
> > Jochen, understanding you correctly there is already an upstream fix
> > which is supposed to addres the issue?
> 
> The upstream issue should be: https://github.com/lxc/lxcfs/issues/553

Now reassigning to the lxcfs package. lxcfs maintainers, can you
please adjust the severity as needed. It affects at least mariadb's
autopkgtests.

Otto, spaking of the issue, I guess Paul will agree, that you can
ignore it for now for the mariadb upload to unstable.

Regards,
Salvatore

Bug#1036809: pre-unblock: reaver/1.6.6-1

2023-05-27 Thread Leandro Cunha 
Hi Sebastian,

On Sat, May 27, 2023 at 11:33 AM Leandro Cunha
 wrote:
>
> Hi Sebastian,
>
> On Sat, May 27, 2023 at 6:13 AM Sebastian Ramacher  
> wrote:
> >
> > Control: tags -1 moreinfo
> >
> > Hi
> >
> > On 2023-05-26 15:00:34 -0300, Leandro Cunha wrote:
> > > [ Other info ]
> > > The package has been moved to the pkg-security-team as maintainer and
> > > has changed the previous maintainer to uploader. Samuel agrees to
> > > upload the package.
> > > This request has the build log and debdiff attached.
> > > It's available at debian-mentors in 
> > > https://mentors.debian.net/package/reaver.
> >
> > From the changelog:
> >
> >  reaver (1.6.6-1) unstable; urgency=high
> >  .
> >* Team upload.
> >* New upstream version. (Closes: #1036591)
> >* Several improvements have been made by upstream.
> >* Fix debian/watch to get new versions:
> >  - Watch file is broken and generating errors. (Closes: #901595)
> >  - Bump version of 3 to 4.
> >* debian/control:
> >  - Set Debian Security Tools Team (pkg-security-team) as maintainer.
> >  - Set Bartosz Fenski as uploader.
> >  - Change debhelper 9 to debhelper-compat and update version to 13,
> >causes removal of debian/compat.
> >  - Bump Standards-Version to 4.6.2.
> >  - Add Vcs-Browser, Vcs-Git to Salsa and to pkg-security-team group.
> >  - Add Rules-Requires-Root: no.
> >* Lintian reports fixes:
> >  - Include trailing whitespace removal.
> >* debian/copyright:
> >  - Add myself contribution.
> >* Add salsa-ci.yml.
> >* debian/upstream/metadata: created.
> >
> >
> > At least the debhelper compat level change is not acceptable at this
> > stage. The other changes to debian/ add additional noise. Isthe new
> > upstream release a bug fix only release? What's upstream's policy on
> > that?
> >
> > Cheers
> >
> > --
> > Sebastian Ramacher

I switched to an NMU focusing on closing the RC bug.
And I dropped the changes in debian/ which included changes in debhelper.
Now the changelog has changed.

recover (1.6.6-0.1) unstable; urgency=high

   * Non-maintainer upload.
   * New upstream version.
   * debian/watch:
 - Fix watch file is broken and generating errors. (Closes: #901595)
 - Change version from 3 to 4.
   * Fix segmentation fault. (Closes: #1036591)

Coming soon at https://mentors.debian.net/package/reaver.


It's available at debian-mentors in https://mentors.debian.net/package/reaver.

--
Cheers,
Leandro Cunha

Bug#1036826: po4a: Escape sequence \c encountered. This is not completely handled yet.

2023-05-27 Thread Helge Kreutzmann 
Hello Bjarni,
On Sat, May 27, 2023 at 04:12:07PM +, Bjarni Ingi Gislason wrote:
> On Sat, May 27, 2023 at 01:59:40PM +0200, Helge Kreutzmann wrote:
> >[...]
> > .BI \-f " program-file\fR,\fP "\c
> > .BI \-\^\-file " program-file"
>   This is a wrong use of '\c', as its purpose is to join the output of
> two macros _without_ an intervening space character.
> 
>   So remove ' ' and '\c', changing
> 
> .BI \-f " program-file\fR,\fP "\c
> 
>   to
> 
> .BI \-f " program-file\fR,\fP"

I'm currently looking for the best regular expressions to catch all
occurences on the fly before converting.

And I'll report this to the source package, i.e. the author of this
page. This was introduced recently, i.e. in bullseye it is not
present.

Thanks for the quick analysis.

Greetings

Helge

-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#1035096: GRUB not installed or installed to the wrong device

2023-05-27 Thread Pascal Hambourg 

On 27/05/2023 at 17:08, Peter Ehlert wrote:


I suppose this use case is rather rare


I do not know how rare your use case is, but I can tell this bug has 
been around for several Debian releases. I have observed it several 
times, and I have seen several other people reporting it over time. 
However the more UEFI boot takes over from legacy BIOS boot, the more 
rare it is going to be as it affects only BIOS boot.

Bug#1036826: po4a: Escape sequence \c encountered. This is not completely handled yet.

2023-05-27 Thread Bjarni Ingi Gislason 
On Sat, May 27, 2023 at 01:59:40PM +0200, Helge Kreutzmann wrote:
>[...]
> .BI \-f " program-file\fR,\fP "\c
> .BI \-\^\-file " program-file"
  This is a wrong use of '\c', as its purpose is to join the output of
two macros _without_ an intervening space character.

  So remove ' ' and '\c', changing

.BI \-f " program-file\fR,\fP "\c

  to

.BI \-f " program-file\fR,\fP"

Bug#1036827: coreutils: split: --additional-suffix= doesn't always find the /, but also shouldn't look for it?

2023-05-27 Thread Pádraig Brady 

On 27/05/2023 13:54, наб wrote:

Package: coreutils
Version: 8.32-4+b1
Version: 9.1-1
Severity: normal

Dear Maintainer,
   $ echo | split --additional-suffix=asd/
   split: xaaasd/: Is a directory
   $ echo | split --additional-suffix=asd/asd/
   split: invalid suffix ‘asd/asd/’, contains directory separator
   Try 'split --help' for more information.
   $ echo | split --additional-suffix=asd/asd
   split: invalid suffix ‘asd/asd’, contains directory separator
   Try 'split --help' for more information.
   $ echo | split --additional-suffix=/
   split: invalid suffix ‘/’, contains directory separator
   Try 'split --help' for more information.

Also, I don't really see a reason to reject slashes in there anyway?
Forbidding
   $ printf abcd > a
   $ printf ABCD > A
   $ mkdir 0 1 2 3
   $ split -b1 --additional-suffix=/a -da1 a ''
   $ split -b1 --additional-suffix=/A -da1 A ''
   $ find
   .
   ./0
   ./0/A
   ./0/a
   ./3
   ./3/A
   ./3/a
   ./2
   ./2/A
   ./2/a
   ./1
   ./1/A
   ./1/a
   ./A
   ./a
   $ grep . ?/*
   0/a:a
   0/A:A
   1/a:b
   1/A:B
   2/a:c
   2/A:C
   3/a:d
   3/A:D
seems relatively pointless.



Yes we should fix the inconsistency here at least.
The "slash detection" logic was copied from mktemp,
so we'll need to look at that too.

$ mktemp --tmpdir=. --suffix=a/
mktemp: failed to create file via template ‘./tmp.XXa/’: Is a directory
$ mktemp --suffix=a/
mktemp: failed to create file via template ‘/tmp/tmp.XXa/’: Is a 
directory

Though mktemp can create dirs, so perhaps the trailing / is allowed for that?
Though docs say a slash isn't allowed in suffix, so it's probably an oversight.

Note templates for mktemp can contain dirs,
so it's only the combo of dirs with /tmp
or sub dirs in --suffix that are disallowed,
which makes sense for mktemp.

For split it may well be simplest to just remove the restriction.

cheers,
Pádraig

Bug#1035096: GRUB not installed or installed to the wrong device

2023-05-27 Thread Cyril Brulebois 
Hi Peter,

Peter Ehlert  (2023-05-27):
> On 5/27/23 05:51, Pascal Hambourg wrote:
> > Unfortunately I guess it is too late for inclusion in Bookworm's
> > initial release. Maybe in the next point release.
> > 
> that is unfortunate.
> 
> pardon me for being so slow to test and respond

For the record, even if you had responded earlier, this wouldn't have
changed our decision to stop touching grub-installer at this stage
(Steve with his GRUB maintainer hat, and myself with my release manager
hat).

> > Meanwhile, the workaround is to enter the boot device manually.
> > 
> I suppose this use case is rather rare, but I really hate it when
> people Try to install Debian and then move on to some other distro
> when they have and apparent brick wall.

I can assure you the same goes for me.

Unfortunately, the closer we get to a release, the lesser we should be
touching things, esp. if that means risking anything for all the other
use cases that are already OK.


Thanks for testing Pascal's patches. Let's see if we can get that
included early in the Trixie release cycle, before possibly thinking
about some backports via a point release.


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#1035096: GRUB not installed or installed to the wrong device

2023-05-27 Thread Peter Ehlert 



On 5/27/23 05:51, Pascal Hambourg wrote:

Control: tags -1 patch

On 27/05/2023 at 13:29, Peter Ehlert wrote:

On 17/05/2023 at 16:47, Peter Ehlert wrote:
On May 17, 2023 5:48:14 AM Pascal Hambourg  
wrote:


The proposed patch has not been accepted yet so is not applied to 
RC3.


Thanks, I was not aware of that.


If you are still willing to test it I can send you instructions.


Yes, I would like to try.

(...)

the patch works perfectly. no glitches or "odd" behavior

the resulting GRUB menu has the newly installed rc2 at the top as 
default, and the other three systems below that. They all boot properly.


Thank you for taking the time to test the patch and provide feedback.

Unfortunately I guess it is too late for inclusion in Bookworm's 
initial release. Maybe in the next point release.



that is unfortunate.

pardon me for being so slow to test and respond



Meanwhile, the workaround is to enter the boot device manually.

I suppose this use case is rather rare, but I really hate it when people 
Try to install Debian and then move on to some other distro when they 
have and apparent brick wall.



Thanks again for your assistance and tutelage.

Bug#1036809: pre-unblock: reaver/1.6.6-1

2023-05-27 Thread Leandro Cunha 
Hi Sebastian,

On Sat, May 27, 2023 at 6:13 AM Sebastian Ramacher  wrote:
>
> Control: tags -1 moreinfo
>
> Hi
>
> On 2023-05-26 15:00:34 -0300, Leandro Cunha wrote:
> > [ Other info ]
> > The package has been moved to the pkg-security-team as maintainer and
> > has changed the previous maintainer to uploader. Samuel agrees to
> > upload the package.
> > This request has the build log and debdiff attached.
> > It's available at debian-mentors in 
> > https://mentors.debian.net/package/reaver.
>
> From the changelog:
>
>  reaver (1.6.6-1) unstable; urgency=high
>  .
>* Team upload.
>* New upstream version. (Closes: #1036591)
>* Several improvements have been made by upstream.
>* Fix debian/watch to get new versions:
>  - Watch file is broken and generating errors. (Closes: #901595)
>  - Bump version of 3 to 4.
>* debian/control:
>  - Set Debian Security Tools Team (pkg-security-team) as maintainer.
>  - Set Bartosz Fenski as uploader.
>  - Change debhelper 9 to debhelper-compat and update version to 13,
>causes removal of debian/compat.
>  - Bump Standards-Version to 4.6.2.
>  - Add Vcs-Browser, Vcs-Git to Salsa and to pkg-security-team group.
>  - Add Rules-Requires-Root: no.
>* Lintian reports fixes:
>  - Include trailing whitespace removal.
>* debian/copyright:
>  - Add myself contribution.
>* Add salsa-ci.yml.
>* debian/upstream/metadata: created.
>
>
> At least the debhelper compat level change is not acceptable at this
> stage. The other changes to debian/ add additional noise. Isthe new
> upstream release a bug fix only release? What's upstream's policy on
> that?
>
> Cheers
>
> --
> Sebastian Ramacher

The repository presents as abandonment, I say because the last commit
was made more than 1 year ago and exists issues and pull requests
waiting for reply. The changes inserted in /debian, starting with the
debhelper change, would be an update because it was using an obsolete
one (it was version 9) and other corrections like /debian/watch makes
corrections for errors.
Other changes were reported by Lintian, which reduced the number of
warnings and improved the situation of the package it was in.
The last update was 5 years ago and upstream has not released new
versions for 3 years (this being the last one).

Having two options: the removal that I suggest of the package in
bookworm (since it is not possible to use it in the state it is) can
be included in backports later or I release this newer version
(focusing on bug fixing) on top of an obsolete debhelper version that
I didn't find it correct. But I can make this change which is the
second option, it just won't be cool using the obsolete debhelper
version and I can still do that today.

-- 
Cheers,
Leandro Cunha

Bug#1036831: unblock: mobile-broadband-provider-info/20230416-1

2023-05-27 Thread Graham Inggs 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: mobile-broadband-provider-i...@packages.debian.org
Control: affects -1 + src:mobile-broadband-provider-info

Please unblock package mobile-broadband-provider-info

[ Reason ]
This is an update of a data-only package containing settings for
mobile broadband providers.

[ Impact ]
Users will miss out on up-to-date settings.

[ Tests ]
mobile-broadband-provider-info has no autopkgtests, but data files are
validated during the build.

[ Risks ]
It is possible that some new settings are incorrect, but only users of
those particular providers would be affected.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]
None

unblock mobile-broadband-provider-info/20230416-1


m-bb-p-i.debdiff
Description: Binary data

Bug#1036830: elpa-lsp-haskell: recommends missing package - perhaps a typo?

2023-05-27 Thread Jonas Smedegaard 
Package: elpa-lsp-haskell
Version: 1.0.20211214-1
Severity: important

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

elpa-lsp-haskell depends on lsp-ui which does not exist.

I notice that a package elpa-lsp-ui exists, perhaps that was intended?

 - Jonas

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAmRyCuwACgkQLHwxRsGg
ASGvjw/+Jsi/b/ZJWnE6DEVjykpp01nZlB+EL4/3LyZwL1BNdPPMBw4DKZ+krtSJ
A8Ujiw//VaqjSCyMCWL8sPguXdSBdZekkWHu8+AHMhHQWmUPCYgjaSMYoMaeAulg
K2CrWjNvcYKRLRTCO9nU9kl+E0rIXBGiFU5OzNz8GHXQ0gVz6Tell5fKVDFAGNdN
GW8b8JohHB25zyAP5/zz7A447dWjrn8xr+tPBhGxGks/0OeibXtpyBnVbJ4D5r1v
vVN43Tri+XXnzvTD6Ua0zNXrpdqSKaRrSUkM78/8UCgdIHZ516Z5ynMRrcDt+lXl
jIXne0LcjsWxXsB7VOIr/LwG3W5F42TtCH/2jhURkmdYHIPjherZ7Rn0uVehRbjr
YHrkz0x9EkdPE/uEvYzoI3lqswNSINkNHsL8ir7t1O9rP3bbjzJ7DpZLPyfWvwAH
OKKut3xDdwuf8XJCm17/QUeGTW6m5au+6hDKws5uD2UPXA3lDdt/n+hY6D3BhAzC
AN94tEY2E5jtMkguJmJVlk+58nQIS5WCFaSenbFK5JqhhOJ55pUjPk6CnNgXvYB8
ieJSF2md9hLgXzmVgX30ysmVbnodO8bwZuhCt1CPnqfqBz4SMUcOwcUp1HD/S+d7
3Xo27jOIJ7dKKS0dy12JIDPJNQFSiDJ6uetPkMbcR1utyuPMCsc=
=O6ux
-END PGP SIGNATURE-

Bug#1036828: debian-cd: wrong firmware archives built and published for D-I releases?

2023-05-27 Thread Cyril Brulebois 
Package: debian-cd
Severity: serious

Hi,

During a previous release, I spotted we had two firmware builds, but let
the topic go once I was reassured that was to be expected. For RC 4:

1/43: Starting firmware_bookworm build at 2023-05-27:09:03:53
[…]
9/43: Starting firmware_sid build at 2023-05-27:09:04:01
[…]
  firmware_bookworm finished successfully (started at 2023-05-27:09:03:53, 
ended at 2023-05-27:09:06:31, took 0h02m38s)
[…]
  firmware_sid finished successfully (started at 2023-05-27:09:04:01, ended 
at 2023-05-27:09:07:07, took 0h03m06s)

Now, waiting to see if someone would join the testing efforts, I diffed
firmware lists between rc3 and rc4, and spotted those differences:

-./firmware-sof-signed_2.2.4-1_all.deb
-./intel-microcode_3.20230214.1_amd64.deb
-./intel-microcode_3.20230214.1_i386.deb
+./firmware-sof-signed_2.2.5-1_all.deb
+./intel-microcode_3.20230512.1_amd64.deb
+./intel-microcode_3.20230512.1_i386.deb

The intel-microcode bits are OK:

intel-microcode | 3.20230512.1  | testing/non-free-firmware  | source, 
amd64, i386
intel-microcode | 3.20230512.1  | unstable/non-free-firmware | source, 
amd64, i386

The firmware-sof-signed, not so much:

firmware-sof-signed | 2.2.4-1   | testing/non-free-firmware  | all
firmware-sof-signed | 2.2.5-1   | unstable/non-free-firmware | all

It's a relatively new upload, and it's of course blocked at the moment:

[2023-05-15] Accepted firmware-sof 2.2.5-1 (all source) into unstable (Mark 
Pearson) (signed by: Vincent Bernat)

For the record, those archives end up being published in locations like
the following, and I definitely expected those to match the firmware
packages getting shipped into the images, not be some kind of snapshot of
what's in unstable at the time the release is built!

https://cdimage.debian.org/cdimage/firmware/bookworm/bookworm_di_rc3/

We should definitely clarify the situation, and get to the bottom of that
double firmware build.

From the log lines quoted above, if both bookworm and sid builds end up
shipping files in the same destination directory, the last build wins and
overrides the first one entirely?


See also the “rsync noise” that seemed somewhat OK to ignore. Not sure
whether that's directly related though… ISTR it was probably about some
timestamp discrepancy due to the underlying filesystem. For RC 4:

file has vanished: 
"/home/debian-cd/publish/.bookworm_di_rc4/firmware/firmware.zip"
rsync: stat 
"/dsa/cdimage/.incoming/.bookworm_di_rc4/firmware/.firmware.tar.gz.VQGfUC" 
failed: No such file or directory (2)
rsync: rename 
"/dsa/cdimage/.incoming/.bookworm_di_rc4/firmware/.firmware.tar.gz.VQGfUC" -> 
"firmware.tar.gz": No such file or directory (2)


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant

Bug#930532: xymon: imaps reports "unexpected service response"

2023-05-27 Thread Roland Rosenfeld 
tags 930532 + patch
thanks

Andreas Oberritter schrieb am Dienstag, den 11. Mai 2021:

> The root cause is xymonnet ignoring requests by the OpenSSL library
> to retry reading.
> 
> I submitted a merge request today:
> https://salsa.debian.org/debian/xymon/-/merge_requests/1

After ignoring the flapping imaps/pop3s for years now, I tried your
patch today and this solves the issue for me.
Many thanks for finding this fix!
It would be nice to have this incorporated into the Debian package.

Greetings
Roland

Bug#1036827: coreutils: split: --additional-suffix= doesn't always find the /, but also shouldn't look for it?

2023-05-27 Thread наб 
Package: coreutils
Version: 8.32-4+b1
Version: 9.1-1
Severity: normal

Dear Maintainer,
  $ echo | split --additional-suffix=asd/
  split: xaaasd/: Is a directory
  $ echo | split --additional-suffix=asd/asd/
  split: invalid suffix ‘asd/asd/’, contains directory separator
  Try 'split --help' for more information.
  $ echo | split --additional-suffix=asd/asd
  split: invalid suffix ‘asd/asd’, contains directory separator
  Try 'split --help' for more information.
  $ echo | split --additional-suffix=/
  split: invalid suffix ‘/’, contains directory separator
  Try 'split --help' for more information.

Also, I don't really see a reason to reject slashes in there anyway?
Forbidding
  $ printf abcd > a
  $ printf ABCD > A
  $ mkdir 0 1 2 3
  $ split -b1 --additional-suffix=/a -da1 a ''
  $ split -b1 --additional-suffix=/A -da1 A ''
  $ find
  .
  ./0
  ./0/A
  ./0/a
  ./3
  ./3/A
  ./3/a
  ./2
  ./2/A
  ./2/a
  ./1
  ./1/A
  ./1/a
  ./A
  ./a
  $ grep . ?/*
  0/a:a
  0/A:A
  1/a:b
  1/A:B
  2/a:c
  2/A:C
  3/a:d
  3/A:D
seems relatively pointless.

Best,
наб

-- System Information:
Debian Release: 12.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: x32 (x86_64)
Foreign Architectures: amd64, i386

Kernel: Linux 6.1.0-2-amd64 (SMP w/2 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages coreutils depends on:
ii  libacl1  2.3.1-3
ii  libattr1 1:2.5.1-4
ii  libc62.36-9
ii  libgmp10 2:6.2.1+dfsg1-1.1
ii  libselinux1  3.4-1+b5

coreutils recommends no packages.

coreutils suggests no packages.

-- no debconf information


signature.asc
Description: PGP signature

Bug#1035096: GRUB not installed or installed to the wrong device

2023-05-27 Thread Pascal Hambourg 

Control: tags -1 patch

On 27/05/2023 at 13:29, Peter Ehlert wrote:

On 17/05/2023 at 16:47, Peter Ehlert wrote:
On May 17, 2023 5:48:14 AM Pascal Hambourg  
wrote:


The proposed patch has not been accepted yet so is not applied to RC3.


Thanks, I was not aware of that.


If you are still willing to test it I can send you instructions.


Yes, I would like to try.

(...)

the patch works perfectly. no glitches or "odd" behavior

the resulting GRUB menu has the newly installed rc2 at the top as 
default, and the other three systems below that. They all boot properly.


Thank you for taking the time to test the patch and provide feedback.

Unfortunately I guess it is too late for inclusion in Bookworm's initial 
release. Maybe in the next point release.


Meanwhile, the workaround is to enter the boot device manually.

Bug#1036821: Acknowledgement (NTP does not keep accurate time on bookworm)

2023-05-27 Thread Rob Janssen 
status before I removed ntp:

root@**-video:~# ntpq -p
 remote   refid  st t when poll reach   delay   offset   jitter
===
+router.**.**    216.239.35.4 2 u   50   64  377   0.3705 -1604.11   1.2697
+**-linux.**.**  35.73.197.144    2 u   44   64  377   0.4070 -1604.26   1.2953

root@**-video:~# ntpq -p
 remote   refid  st t when poll reach   delay   offset   jitter
===
+router.**.**    216.239.35.4 2 u   51   64  377   0.3606 -1623.06   1.2701
+**-linux.**.**  44.137.41.102    2 u   34   64  377   0.4630 -1623.29   1.2684

Bug#1036272: youtube-dl - Should this be released with Bookworm?

2023-05-27 Thread Paul Gevers 

Control: tags -1 bookworm-ignore

Hi

On Sat, 27 May 2023 03:27:00 -0400 Andres Salomon  
wrote:
There are still packages in the archive that depend upon youtube-dl. I 
have ensured that they don't break with the transitional package (most 
upstream packages either check for yt-dlp and youtube-dl, or just fall 
back to doing something reasonable if youtube-dl doesn't exist), but it 
seems pretty late in the release process to go changing stuff like that.


Once bookworm is released, youtube-dl can be dropped and packages that 
depend upon it can have RC bugs filed to change their dependencies.


This is documented in the release notes [1], so totally fine for bookworm.

Paul

[1] 
https://www.debian.org/releases/bookworm/amd64/release-notes/ch-information.en.html#youtube-dl


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1036825: po4a: Gracefully handle unsupported fonts in man module

2023-05-27 Thread Helge Kreutzmann 
Hello,
On Sat, May 27, 2023 at 01:57:46PM +0200, Helge Kreutzmann wrote:
> So there are two solutions:
> a) Reword the message to clearly state that the build is aborted
> b) Ignore the font change, i.e. actually build the pot file
>In this case, the warning can remain as is.
> 
> Obviously, I would prefer a) (and potentially a sane workaround until
> then).

I would prefer *b)*. Sorry for the typo.

Greetings

 Helge
-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#1036826: po4a: Escape sequence \c encountered. This is not completely handled yet.

2023-05-27 Thread Helge Kreutzmann 
Package: po4a
Version: 0.69-1
Severity: minor

some man pages we translate have the following:

.SH OPTIONS
.I Gawk
accepts the following options.
Standard options are listed first, followed by options for
.I gawk
extensions, listed alphabetically by short option.
.TP
.BI \-f " program-file\fR,\fP "\c
.BI \-\^\-file " program-file"
Read the \*(AK program source from the file

The "\c" causes the following (fatal) warning, i.e. no output:

Escape sequence \c encountered. This is not completely handled yet.

As a workaround I'm currently considering patching the source files "on
the fly" to get the build to proceed.

Until recently I was ignoring this message, because it implies that
just some detail is not properly handled; however I did not realize that
the build fails.

(This is now urgent as some man pages build for bullseye, but no
longer for bookworm, and once bullseye translations are gone, the
entire translation is gone - no good).

So there are two solutions:
a) Reword the message to clearly state that the build is aborted
b) Ignore the escape sequence (or properly handle it) change, i.e. 
   actually build the pot file
   In this case, the warning might remain as is.

Obviously, I would prefer b) (and potentially a sane workaround until
then).


-- System Information:
Debian Release: 12.0
  APT prefers testing-security
  APT policy: (500, 'testing-security'), (500, 'testing')
Architecture: amd64 (x86_64)

Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to de_DE.UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages po4a depends on:
ii  gettext 0.21-12
ii  libpod-parser-perl  1.65-1
ii  libsgmls-perl   1.03ii-38
ii  libsyntax-keyword-try-perl  0.28-1
ii  libyaml-tiny-perl   1.73-1
ii  opensp  1.5.2-13+b2
ii  perl5.36.0-7

Versions of packages po4a recommends:
ii  liblocale-gettext-perl 1.07-5
ii  libterm-readkey-perl   2.38-2+b1
ii  libtext-wrapi18n-perl  0.06-10
ii  libunicode-linebreak-perl  0.0.20190101-1+b5

po4a suggests no packages.

-- no debconf information

-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#1036825: po4a: Gracefully handle unsupported fonts in man module

2023-05-27 Thread Helge Kreutzmann 
Package: po4a
Version: 0.69-1
Severity: minor

some man pages we translate have the following:

.sp
To create and activate a swapfile run the following commands:
.INDENT 0.0
.INDENT 3.5
.sp
.nf
.ft C
# truncate \-s 0 swapfile
# chattr +C swapfile
# fallocate \-l 2G swapfile
# chmod 0600 swapfile
# mkswap swapfile
# swapon swapfile
.ft P
.fi

The ".INDENT" creates warnings (which I can remove/ignore). However, the
.ft C
.ft P

creates the following error:
LC_ALL=C po4a-updatepo -f man --no-deprecation --option groff_code=verbatim 
--option generated --option 
untranslated="rstReportMargin,INDENT,UNINDENT,UN,a.RE,\|"  --option 
unknown_macros=untranslated --master
+"../upstream/archlinux/man5/btrfs.5" -M utf-8 -p /tmp/bfoo
../upstream/archlinux/man5/btrfs.5:844: (po4a::man)
   Unsupported font in: '\fC# truncate \-s 0 swapfile
   # chattr +C swapfile
   # fallocate \-l 2G swapfile
   # chmod 0600 swapfile
   # mkswap swapfile
   # swapon swapfile
   '.

If I comment out the two lines, i.e.
.ft C → ".ft C
and
.ft P → ".ft P

then processing proceeds.

As a workaround I'm currently considering patching the source files "on 
the fly" to get the build to proceed.

Until recently I was ignoring this message, because it implies that
just a font is not properly handled; however I did not realize that
the build fails. 

(This is now urgent as some man pages build for bullseye, but no
longer for bookworm, and once bullseye translations are gone, the
entire translation is gone - no good).

So there are two solutions:
a) Reword the message to clearly state that the build is aborted
b) Ignore the font change, i.e. actually build the pot file
   In this case, the warning can remain as is.

Obviously, I would prefer a) (and potentially a sane workaround until
then).


-- System Information:
Debian Release: 12.0
  APT prefers testing-security
  APT policy: (500, 'testing-security'), (500, 'testing')
Architecture: amd64 (x86_64)

Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to de_DE.UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages po4a depends on:
ii  gettext 0.21-12
ii  libpod-parser-perl  1.65-1
ii  libsgmls-perl   1.03ii-38
ii  libsyntax-keyword-try-perl  0.28-1
ii  libyaml-tiny-perl   1.73-1
ii  opensp  1.5.2-13+b2
ii  perl5.36.0-7

Versions of packages po4a recommends:
ii  liblocale-gettext-perl 1.07-5
ii  libterm-readkey-perl   2.38-2+b1
ii  libtext-wrapi18n-perl  0.06-10
ii  libunicode-linebreak-perl  0.0.20190101-1+b5

po4a suggests no packages.

-- no debconf information

-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#1036824: po4a: Describe how to create/maintain pot file from man page

2023-05-27 Thread Helge Kreutzmann 
Package: po4a
Version: 0.69-1
Severity: wishlist

Some time ago several po4a tools started emitting warnings and ceased
working as before. I read that "po4a" is the way to go, however, we
seriously lack the man power (and knowledge) to rewrite the entire
machinery. However, I'm gradully trying to improve the system where
and when possible.

For this, I have the follwing question/request:
Given that I have a man page (in nroff or mdoc format) and I want to
create a pot file from it (not po file, as this page is not yet
translated). How is this done best/correctly?

Quite a few explanations in the po4a man pages assume you already have
some translated text.

Currently I use something like:

po4a-updatepo -f man \
--option groff_code=verbatim \
--option generated \
--option untranslated="a.RE,\|" \
--option unknown_macros=untranslated \
--master "$upstream_manpage" -M utf-8 \
-p $tmp1 | grep -v "po4a-updatepo is deprecated. The unified po4a(1) 
program is more convenient and less error prone."

(Until very recently this used po4a-gettextize, but this stopped working)

It would be great if you could document the proper solution in the 
very well written and extensive documentation.


-- System Information:
Debian Release: 12.0
  APT prefers testing-security
  APT policy: (500, 'testing-security'), (500, 'testing')
Architecture: amd64 (x86_64)

Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to de_DE.UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages po4a depends on:
ii  gettext 0.21-12
ii  libpod-parser-perl  1.65-1
ii  libsgmls-perl   1.03ii-38
ii  libsyntax-keyword-try-perl  0.28-1
ii  libyaml-tiny-perl   1.73-1
ii  opensp  1.5.2-13+b2
ii  perl5.36.0-7

Versions of packages po4a recommends:
ii  liblocale-gettext-perl 1.07-5
ii  libterm-readkey-perl   2.38-2+b1
ii  libtext-wrapi18n-perl  0.06-10
ii  libunicode-linebreak-perl  0.0.20190101-1+b5

po4a suggests no packages.

-- no debconf information

-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#1002470:

2023-05-27 Thread Fioddor Superconcentrado 
Any update here?

Do you have your (unfinished) work publicly available? I don't see this in
salsa (https://salsa.debian.org/users/merkys-guest/projects or
https://salsa.debian.org/users/merkys/projects)

Bug#1035096: GRUB not installed or installed to the wrong device

2023-05-27 Thread Peter Ehlert 



On 5/17/23 10:14, Pascal Hambourg wrote:

On 17/05/2023 at 16:47, Peter Ehlert wrote:
On May 17, 2023 5:48:14 AM Pascal Hambourg  
wrote:


The proposed patch has not been accepted yet so is not applied to RC3.


Thanks, I was not aware of that.


If you are still willing to test it I can send you instructions.


Yes, I would like to try.
Instructions need to be simple. This is obviously new to me.


1. Copy the attached patched grub-installer onto a second USB drive 
formatted with FAT, ext* or any filesystem type the installer can read.


2. Start the installer (expert install recommended).

3. Between the steps "Load installer components from installation 
media" and "Install the GRUB boot loader", switch to a shell with 
Ctrl+Alt+F2.


4. Connect and mount the second USB drive seen as /dev/sdXY :
# mount -r /dev/sdXY /mnt

5. Copy the file (check the executable permission is preserved):
# cp /mnt/grub-installer /usr/bin/grub-installer

6. Unmount and disconnect the USB drive:
# umount /mnt

7. Switch back to the installer with Alt+F1 if text or Alt+F5 if 
graphic, and resume the installation.


the patch works perfectly. no glitches or "odd" behavior

the resulting GRUB menu has the newly installed rc2 at the top as 
default, and the other three systems below that. They all boot properly.



PS: step 3. > I waited until After the popcon opt-out question (the 
select and install soft menu) before I switched into a shell. User Error

Bug#1036820: libsdl2-dev include headers not found by cmake since usr merge

2023-05-27 Thread Simon McVittie 
Control: tags -1 + moreinfo

On Sat, 27 May 2023 at 10:14:51 +0200, Jaka wrote:
>   CMake Error at /lib/x86_64-linux-gnu/cmake/SDL2/sdl2-config.cmake:13 
> (message):
> File or directory //include/SDL2 referenced by variable SDL2_INCLUDE_DIR
> does not exist !
>   Call Stack (most recent call first):
> /lib/x86_64-linux-gnu/cmake/SDL2/sdl2-config.cmake:29 (set_and_check)
> CMakeLists.txt:331 (find_package)

I was not able to reproduce this error: on my merged-/usr system, CMake
detects SDL's prefix as /usr, then ends up with SDL2_INCLUDE_DIR set to
/usr/include/SDL2 as expected.

If you download and unpack the libsdl2 source package, you'll find several
simple test projects in debian/tests/cmake-*/ which are all run by the
test script debian/tests/cmake - it's intended to be run via autopkgtest,
but you can just run it as ./debian/tests/cmake from an unpacked libsdl2
source package. Do those tests pass or fail on your system?

If those tests pass, perhaps you could modify one of them into a
simplified version of whatever project is failing for you?

Or if you are invoking cmake with special options, please try to edit
./debian/tests/cmake so that it uses similar options and reproduces
this error.

>   APT prefers lunar-updates
>   APT policy: (500, 'lunar-updates'), (500, 'lunar-security'), (500, 'lunar')

It seems you are not actually running Debian, so please report this to
Ubuntu if you haven't already. Debian contributors cannot generally
provide support for the packages in Ubuntu, many of which have been
modified (even if libsdl2 itself is the same in Debian and Ubuntu,
other relevant packages like cmake and the compiler might not be).

smcv

Bug#1036781: gnome-shell segfaults on boot shortly after realmd starts working

2023-05-27 Thread Simon McVittie 
On Thu, 25 May 2023 at 23:57:17 +, Al Ma wrote:
> Who is the real culprit and what to do?

Any time you are seeing a segfault or other crash, a backtrace
 would be useful information.
systemd-coredump is usually the easiest way to get this:


However, since you are running a mixed stable/testing system, you are on
your own: Debian does not have the resources to support every possible
combination of packages.

> I run Debian stable, kernel 5.10.0-23-amd64, with a few updated packages from
> testing. Probably related packages: linux-image-amd64 5.10.179-1, realmd
> 0.16.3-3, systemd 247.3-7+deb11u2, dbus 1.12.24-0+deb11u1.

As I've said on another of your bug reports, mixing stable and testing is
not a supportable situation, and even if we found a fix for this crash,
if you don't upgrade then you will never receive that fix. Please upgrade
to a fully testing system and see whether the crash persists.

A mixed Debian stable/testing system or a non-up-to-date Debian testing
system are both higher-risk environments than an up-to-date system that is
entirely Debian testing. After you have got onto the "upgrade to testing"
train, you should stay on it until the next station.

Debian testing is currently in hard freeze and is expected to be released
as Debian 12 in mid June, with the same packages that are currently in
testing, so at the moment it is just as tightly-controlled as stable
normally is.

smcv

Bug#1036821: NTP does not keep accurate time on bookworm

2023-05-27 Thread Rob Janssen 
Package: ntpsec
Version: 1.2.2+dfsg1-1

I upgraded a system running on VMware from bullseye to bookworm.
It had a simple NTP setup with two local servers (no pool servers).
Before the upgrade, all was OK.

After the upgrade, the system does not keep accurate time.  It is synced,
but it hovers at a ~1300 msec offset from the servers.
I have rebooted the system and restarted ntpd, left it running for
several days, but problem remains.

On another system that runs on a physical machine, all is OK.
No timesync is configured on VMware.

I removed ntp+ntpsec and installed chrony.  Timesync is OK now.

Bug#1036818: linux on armel/armhf: Perl library unable to access get CPU info from /proc/cpu or kstat

2023-05-27 Thread Salvatore Bonaccorso 
Hi Helge, hi Otto,

On Sat, May 27, 2023 at 09:26:06AM +0200, Helge Deller wrote:
> Just wondering / guessing:
> 
> Are the ARM machines on ci.debian.net (ci-worker-arm??-??)
> physical machines, or are they running on qemu-user VMs?
> 
> If they run qemu, this bug report
>  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024653
> might be similiar.
> 
> If so, then qemu probably needs fixing of the output of /proc/cpuinfo
> for ARM, e.g. like this:
> https://gitlab.com/qemu-project/qemu/-/commit/e0174afeea23e56765db56fbbe465ed1fcbdd07a

The suspect is that /proc/cpuinfo is empty or not readable, and this
seems to be a problem with lxcfs after mentioning the issue today to
Paul and Jochen.

Jochen, understanding you correctly there is already an upstream fix
which is supposed to addres the issue?

Regards,
Salvatore

Bug#1036818: linux on armel/armhf: Perl library unable to access get CPU info from /proc/cpu or kstat

2023-05-27 Thread Salvatore Bonaccorso 
Hi,

On Sat, May 27, 2023 at 11:50:06AM +0200, Salvatore Bonaccorso wrote:
> Hi Helge, hi Otto,
> 
> On Sat, May 27, 2023 at 09:26:06AM +0200, Helge Deller wrote:
> > Just wondering / guessing:
> > 
> > Are the ARM machines on ci.debian.net (ci-worker-arm??-??)
> > physical machines, or are they running on qemu-user VMs?
> > 
> > If they run qemu, this bug report
> >  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024653
> > might be similiar.
> > 
> > If so, then qemu probably needs fixing of the output of /proc/cpuinfo
> > for ARM, e.g. like this:
> > https://gitlab.com/qemu-project/qemu/-/commit/e0174afeea23e56765db56fbbe465ed1fcbdd07a
> 
> The suspect is that /proc/cpuinfo is empty or not readable, and this
> seems to be a problem with lxcfs after mentioning the issue today to
> Paul and Jochen.
> 
> Jochen, understanding you correctly there is already an upstream fix
> which is supposed to addres the issue?

The upstream issue should be: https://github.com/lxc/lxcfs/issues/553

Regards,
Salvatore

Bug#1035499: crowdsec-custom-bouncer: fails to install with --install-recommends: open /etc/crowdsec/config.yaml: no such file or directory

2023-05-27 Thread Paul Gevers 

tags 1035499 bookworm-ignore
user release.debian@packages.debian.org
usertag 1035499 bookworm-can-defer

Hi Cyril,

On 27-05-2023 10:18, Cyril Brulebois wrote:

At this point, I'd like to formally request a bookworm-ignore tag.


As agree, I'm marking this bug as such. Normally I'd only use the 
usertag, but those don't influence the autoremoval. I intent to remove 
the regular tag after the release such that it's clear that the bug 
should be fixed in bookworm.


Paul


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1036809: pre-unblock: reaver/1.6.6-1

2023-05-27 Thread Sebastian Ramacher 
Control: tags -1 moreinfo

Hi

On 2023-05-26 15:00:34 -0300, Leandro Cunha wrote:
> [ Other info ]
> The package has been moved to the pkg-security-team as maintainer and
> has changed the previous maintainer to uploader. Samuel agrees to
> upload the package.
> This request has the build log and debdiff attached.
> It's available at debian-mentors in https://mentors.debian.net/package/reaver.

>From the changelog:

 reaver (1.6.6-1) unstable; urgency=high
 .
   * Team upload.
   * New upstream version. (Closes: #1036591)
   * Several improvements have been made by upstream.
   * Fix debian/watch to get new versions:
 - Watch file is broken and generating errors. (Closes: #901595)
 - Bump version of 3 to 4.
   * debian/control:
 - Set Debian Security Tools Team (pkg-security-team) as maintainer.
 - Set Bartosz Fenski as uploader.
 - Change debhelper 9 to debhelper-compat and update version to 13,
   causes removal of debian/compat.
 - Bump Standards-Version to 4.6.2.
 - Add Vcs-Browser, Vcs-Git to Salsa and to pkg-security-team group.
 - Add Rules-Requires-Root: no.
   * Lintian reports fixes:
 - Include trailing whitespace removal.
   * debian/copyright:
 - Add myself contribution.
   * Add salsa-ci.yml.
   * debian/upstream/metadata: created.


At least the debhelper compat level change is not acceptable at this
stage. The other changes to debian/ add additional noise. Isthe new
upstream release a bug fix only release? What's upstream's policy on
that?

Cheers

-- 
Sebastian Ramacher

Bug#1034824: tomcat9 should not be released with Bookworm

2023-05-27 Thread Timo Aaltonen 

Paul Gevers kirjoitti 26.5.2023 klo 22.14:

Hi,

On 26-05-2023 10:58, Moritz Muehlenhoff wrote:

Can't we just do the pragmatic fix of updating src:tomcat9 to only ship
libtomcat9-java and libtomcat9-embed-java? The maintenance burden for
security updates lies within the server stack, the percentage of issues
affecting the libtomcat9-java binary packages as used by rdeps will be 
small

to none?


I have just added removal hints for tomcatjss and dogtag-pki. As 
mentioned in my previous message, I want the changes in logback 
reverted. You can do the reduced upload of tomcat9.


Huh, that was a surprising outcome of the discussion..

--
t

Bug#1036805: libreoffice's toolbar buttons became hard to see after upgrading to Debian 12

2023-05-27 Thread Rene Engelhard 

tag 1036805 + moreinfo

# unless it's really a problem, look fine here

severity 1036805 minor

thanks


Am 26.05.23 um 19:22 schrieb José Luis González:

Package: libreoffice-writer
Version: 4:7.4.5-2
Severity: important

After upgrading to Debian 12, writer's toolbar buttons became hard
to see,

Pretty subjective. Especially without any prooof or screenshot or so.

looking liquid.


Screenshot?


Which icon set? Which desktop? I assume GNOME?



I have checked with the other components and it's happening with all.


Of course, it's one iconset..

Please, reassign if appropriate.

>  You could have assigned it to -common if you didn't know which 
iconset (libreoffice-style-*) you have installed (or use, that one is in 
the Settings), but a individual component is so obviously wrong...


And this is a case of "I didn't do any research, let the maintainer 
reassign it" which imho is bad.



Regards,


Rene

Bug#1035499: crowdsec-custom-bouncer: fails to install with --install-recommends: open /etc/crowdsec/config.yaml: no such file or directory

2023-05-27 Thread Cyril Brulebois 
Hi,

Andreas Beckmann  (2023-05-04):
> during a test with piuparts I noticed your package failed to install.
> As per definition of the release team this makes the package too buggy
> for a release, thus the severity.

For some reason, I didn't receive this bug report or the autoremoval
notification.

I've just confirmed that requesting the bouncer's installation, in a
freshly-installed bookworm VM, leads to the same issue. That's something
that definitely worked when the bouncer was first introduced, I'm not
exactly sure why that's no longer the case; I'd be happy to have some
time to gather my thoughts, and upstream's, regarding this issue.

At this point, I'd like to formally request a bookworm-ignore tag.
Cc-ing Paul who initially contacted me about this.


Cheers,
-- 
Cyril Brulebois -- Debian Consultant @ DEBAMAX -- https://debamax.com/


signature.asc
Description: PGP signature

Bug#1036820: libsdl2-dev include headers not found by cmake since usr merge

2023-05-27 Thread Jaka 
Package: libsdl2-dev
Version: 2.26.3+dfsg-1
Severity: normal
X-Debbugs-Cc: smgl+debiansa...@lynxlynx.info

Dear Maintainer,

I've upgraded an old system and now one program does not build any more.
When trying to configure it via cmake:

  CMake Error at /lib/x86_64-linux-gnu/cmake/SDL2/sdl2-config.cmake:13 
(message):
File or directory //include/SDL2 referenced by variable SDL2_INCLUDE_DIR
does not exist !
  Call Stack (most recent call first):
/lib/x86_64-linux-gnu/cmake/SDL2/sdl2-config.cmake:29 (set_and_check)
CMakeLists.txt:331 (find_package)

One can see "usr" is missing in the file path, since there is no /include.
On the old system the usr migration hasn't happened yet, so it worked fine,
but now cmake starts looking for its files and first considers /lib, only then
/usr/lib.

sdl2-config.cmake does a relative path lookup, so that becomes a problem:

  get_filename_component(prefix "${CMAKE_CURRENT_LIST_DIR}/../../../.." 
ABSOLUTE)

4 dirs up of /lib/x86_64-linux-gnu/cmake/SDL2/sdl2-config.cmake is /, while it
was /usr before ... Changing the cmake lookup to explicitly resolve symlinks
does not help, since only the dirs are linked, not the file it's considering.

I'm inclined to think this should be fixed in Debian, not cmake. The hackiest
solution is to just replace the line with

  set(prefix "/usr")

A bit safer would be to just do it if the previous call resolved to /, but I
don't know what all layouts are supported. If someone installed via chroot,
both ways would be broken. So a better solution would be something like: 
copy CMAKE_CURRENT_LIST_DIR to a new var, replace /lib with /usr/lib in it,
use the new var for the prefix lookup instead.

This report is against 2.26.3, but I didn't see anything relevant in the 
changelog
for .5, hence the report.


-- System Information:
Debian Release: bookworm/sid
  APT prefers lunar-updates
  APT policy: (500, 'lunar-updates'), (500, 'lunar-security'), (500, 'lunar')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.2.0-20-generic (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=sl_SI.UTF-8, LC_CTYPE=sl_SI.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_US.UTF-8), LANGUAGE=en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libsdl2-dev depends on:
ii  libasound2-dev  1.2.8-1build1
ii  libdbus-1-dev   1.14.4-1ubuntu1
ii  libdecor-0-dev  0.1.1-2
ii  libdrm-dev  2.4.114-1
ii  libegl-dev  1.6.0-1
ii  libgbm-dev  23.0.2-1ubuntu1
ii  libgl-dev   1.6.0-1
ii  libgles-dev 1.6.0-1
ii  libibus-1.0-dev 1.5.28-3
ii  libpulse-dev1:16.1+dfsg1-2ubuntu3
ii  libsamplerate0-dev  0.2.2-3
ii  libsdl2-2.0-0   2.26.3+dfsg-1
ii  libsndio-dev1.9.0-0.3
ii  libudev-dev 252.5-2ubuntu3
ii  libwayland-dev  1.21.0-1
ii  libx11-dev  2:1.8.4-2
ii  libxcursor-dev  1:1.2.1-1
ii  libxext-dev 2:1.3.4-1build1
ii  libxfixes-dev   1:6.0.0-2
ii  libxi-dev   2:1.8-1build1
ii  libxinerama-dev 2:1.1.4-3
ii  libxkbcommon-dev1.5.0-1
ii  libxrandr-dev   2:1.5.2-2
ii  libxss-dev  1:1.2.3-1build2
ii  libxt-dev   1:1.2.1-1
ii  libxv-dev   2:1.0.11-1.1
ii  libxxf86vm-dev  1:1.1.4-1build3

libsdl2-dev recommends no packages.

libsdl2-dev suggests no packages.

-- no debconf information

Bug#1036818: linux on armel/armhf: Perl library unable to access get CPU info from /proc/cpu or kstat

2023-05-27 Thread Helge Deller 

Just wondering / guessing:

Are the ARM machines on ci.debian.net (ci-worker-arm??-??)
physical machines, or are they running on qemu-user VMs?

If they run qemu, this bug report
 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024653
might be similiar.

If so, then qemu probably needs fixing of the output of /proc/cpuinfo
for ARM, e.g. like this:
https://gitlab.com/qemu-project/qemu/-/commit/e0174afeea23e56765db56fbbe465ed1fcbdd07a

Helge

Bug#1036592: pre-approval: unblock: c-ares/1.18.1-3

2023-05-27 Thread Gregor Jasny 

Control: tags -1 - moreinfo

Hello,

On 27.05.23 08:19, Paul Gevers wrote:
Please go ahead, taking into account that the build needs to be done 
before tomorrow 12:00 UTC. Remove the moreinfo tag once the upload 
happened.


I just uploaded to ftp-master.

Thanks,
Gregor

Bug#1036592: pre-approval: unblock: c-ares/1.18.1-3

2023-05-27 Thread Paul Gevers 

Control: tags -1 confirmed moreinfo

Hi,

On 23-05-2023 08:44, Gregor Jasny wrote:

yesterday a version 1.19.1 of c-ares was release which fixes four CVEs.


Please go ahead, taking into account that the build needs to be done 
before tomorrow 12:00 UTC. Remove the moreinfo tag once the upload happened.



On the experimental branch I enabled the unit and integration tests:
would you consider that commit as acceptable, too?
https://salsa.debian.org/debian/c-ares/-/commit/25f515f728eeae82013a9c1cb8aa6ce80e913d09


If I understand correctly that this thus works on all architectures, 
yes. I don't want the risk it causes a build to fail at this moment 
because we have no time to repair.


Paul


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1035933: linux-image-6.1.0-8-amd64-unsigned: fails to build (llvm-strip not found, missing dependency?)

2023-05-27 Thread Jochen Sprickerhof 

Control: severity -1 minor
Control: tags -1 + moreinfo

Hi Claude,

given your information and that the package builds fine on the buildds I 
downgrade this to minor and add a moreinfo tag. 


Cheers Jochen

* Jochen Sprickerhof  [2023-05-25 14:56]:
Thanks for the information. I don't see why it should use llvm, on the 
other hand the kernel Makefile is rather clear when to use it. Can you 
check if you an still reproduce the problem?


* Claude Heiland-Allen  [2023-05-25 11:47]:

Hi Jochen,

I didn't set any non-standard compiler options as far as I recall.
I certainly was not intending to build with LLVM.
Unfortunately I have not kept the log of the failing build,
but I remember seeing that gcc was used for the majority of the 
compilation.


Regards,


Claude


signature.asc
Description: PGP signature

Bug#1017079: ITP: netbox -- WebUI based tool designed to manage and document computer networks

2023-05-27 Thread Carsten Schoenert 
Since my last email about the status usptream did finalize the first
version 3.5.x.

One major release goal was the moving to the OpenAPI 3.0 spec, which
means a switching of the B-D drf-yasg [1] to drf-spectacular-sidecar [2].

>From a packaging POV the new dependency has the quit ethe same issues as
the olde ones, also drf-spectacular-sidecar use precompiled minimized JS
libraries which are not easy rebuildable as no source of the used data
is included in the upstream project. Also it's unclear right now how we
might get the correct sources to recompile the files.

Besides that there are no new additionl Debian packages needed to get a
recent version of NetBox build and packaged. I was able to update the
Graphene related packages in Debian to the most recent versions.

The nearly similar problem to rebuild the minimized files in the NetBox
source is still not solved, I haven't figured out yet how to do this.

[1] https://github.com/axnsan12/drf-yasg
[2] https://github.com/tfranzel/drf-spectacular-sidecar

Regards
Carsten