date:20230826

Package: dlint
Version: 1.4.0-8
Severity: normal

Dear Maintainer,

-- >8 --
$ dlint nabijaczleweli.xyz
WARNING: tempfile is deprecated; consider using mktemp instead.
WARNING: tempfile is deprecated; consider using mktemp instead.
WARNING: tempfile is deprecated; consider using mktemp instead.
WARNING: tempfile is deprecated; consider using mktemp instead.
WARNING: tempfile is deprecated; consider using mktemp instead.
WARNING: tempfile is deprecated; consider using mktemp instead.
WARNING: tempfile is deprecated; consider using mktemp instead.
WARNING: tempfile is deprecated; consider using mktemp instead.
;; dlint version 1.4.0, Copyright (C) 1998 Paul A. Balyoz 
;; Dlint comes with ABSOLUTELY NO WARRANTY.
;; This is free software, and you are welcome to redistribute it
;; under certain conditions.  Type 'man dlint' for details.
;; command line: /bin/dlint nabijaczleweli.xyz
;; flags: normal-domain recursive.
;; using dig version 9.18.16
;; run starting: Sun 27 Aug 04:00:17 CEST 2023
;; 
;; Now linting nabijaczleweli.xyz
;; Checking serial numbers per nameserver
;; 2314792318 dom.ns.cloudflare.com.
;; 2314792318 karina.ns.cloudflare.com.
;; All nameservers agree on the serial number.
;; Now caching whole zone (this could take a minute)
;; trying nameserver dom.ns.cloudflare.com.
ERROR: no A records found.
;; no subzones found below nabijaczleweli.xyz, so no recursion will take place.
;; 
;; dlint of nabijaczleweli.xyz run ending with errors.
;; run ending: Sun 27 Aug 04:00:17 CEST 2023
-- >8 --

Naturally, "nabijaczleweli.xyz" does in fact have A records,
but the blaring warning is more pressing.

Best,
наб

-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 
'stable-debug'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-9-amd64 (SMP w/24 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_FIRMWARE_WORKAROUND, 
TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages dlint depends on:
ii  bind9-dnsutils [dnsutils]  1:9.18.16-1~deb12u1
ii  dnsutils   1:9.18.16-1~deb12u1
ii  perl   5.36.0-7

dlint recommends no packages.

dlint suggests no packages.

-- no debconf information


signature.asc
Description: PGP signature

Bug#1050117: The patch has been applied to the Linux kernel repository.

2023-08-26 Thread Takashi Yano

I have been notified that the patch has been applied to
5.15-stable tree, 6.1-stable tree and 6.4-stable tree.
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

I hope it will be incorporated into the Debian kernel.
Thanks in advance.

-- 
Takashi Yano

Bug#1050586: kmod: Updating to kmod to 30+20230601-1 results in a non booting system modules cannot be decompressed

On Aug 26, Jon Westgate <0...@fsck.tv> wrote:

> The error message it gave was "decompresson failed with status 6"
Status 6 is XZ_OPTIONS_ERROR, which means "Input was encoded with 
settings that are not supported by this XZ decoder".
So it looks like you have compressed the modules (how?) with XZ settings 
which are supported by the userspace loader but not by the kernel one.

-- 
ciao,
Marco


signature.asc
Description: PGP signature

Bug#1050608: /etc/nsd/nsd.conf: links to nonexistent /usr/share/doc/nsd/examples/nsd.conf

Package: nsd
Version: 4.7.0-1
Severity: normal
File: /etc/nsd/nsd.conf

Dear Maintainer,

-- >8 --
$ cat /etc/nsd/nsd.conf
# NSD configuration file for Debian.
#
# See the nsd.conf(5) man page.
#
# See /usr/share/doc/nsd/examples/nsd.conf for a commented
# reference config file.

server:
# log only to syslog.
log-only-syslog: yes


# The following line includes additional configuration files from the
# /etc/nsd/nsd.conf.d directory.

include: "/etc/nsd/nsd.conf.d/*.conf"
$ cat /usr/share/doc/nsd/examples/nsd.conf
cat: /usr/share/doc/nsd/examples/nsd.conf: No such file or directory
$ ls -l /usr/share/doc/nsd/examples/nsd.conf.sample
-rw-r--r-- 1 root root 18131 06-19 11:04 
/usr/share/doc/nsd/examples/nsd.conf.sample
-- >8 --

-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: x32 (x86_64)
Foreign Architectures: amd64, i386

Kernel: Linux 6.3.0-2-amd64 (SMP w/2 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_WARN, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages nsd depends on:
ii  adduser  3.137
ii  init-system-helpers  1.65.2
ii  libc62.37-6
ii  libevent-2.1-7   2.1.12-stable-8
ii  libfstrm00.6.1-1
ii  libprotobuf-c1   1.4.1-1+b1
ii  libssl3  3.0.10-1
ii  libsystemd0  254.1-3
ii  openssl  3.0.10-1

nsd recommends no packages.

nsd suggests no packages.

-- no debconf information


signature.asc
Description: PGP signature

Bug#1041552: HFS/HFS+ are insecure

Control: reassign -1 udisks2
Control: retitle -1 do not mount automatically unmaintained file systems

On Jul 20, md wrote:

> You are totally correct.
> Kernel team, please blacklist HFS/HFS+ for automounting.
As discussed on debian-devel@, this policy should not be handled by the 
kernel because modules autoloading of file systems drivers should not be
disabled.

So I propose this content for a file like
/usr/lib/udev/rules.d/75-insecure-fs.rules:

# Do not automatically mount these file systems because their drivers are
# marked as "orphan" or "odd fixes" in the kernel MAINTAINERS file and so
# are more at risk of having security-sensitive defects which could be
# exploited by a crafted file system.
SUBSYSTEM!="block", GOTO="udisks_insecure_fs_end"

ENV{ID_FS_TYPE}=="affs", ENV{UDISKS_AUTO}="0"
ENV{ID_FS_TYPE}=="ecryptfs", ENV{UDISKS_AUTO}="0"
ENV{ID_FS_TYPE}=="efs", ENV{UDISKS_AUTO}="0"
ENV{ID_FS_TYPE}=="hfs", ENV{UDISKS_AUTO}="0"
ENV{ID_FS_TYPE}=="hfsplus", ENV{UDISKS_AUTO}="0"
ENV{ID_FS_TYPE}=="jffs2", ENV{UDISKS_AUTO}="0"
ENV{ID_FS_TYPE}=="jfs", ENV{UDISKS_AUTO}="0"
ENV{ID_FS_TYPE}=="qnx6", ENV{UDISKS_AUTO}="0"
ENV{ID_FS_TYPE}=="sysv", ENV{UDISKS_AUTO}="0"

LABEL="udisks_insecure_fs_end"

-- 
ciao,
Marco

signature.asc
Description: PGP signature

Bug#1050600: pdns-server: pdns_control list-zones (no filters) segfaults pdns?

Control: tags -1 + fixed-upstream

Broken upstream by f115fbc97b9760bdfbff307e4de72a9cb3df0990, fixed
upstream by 0928e129fbd21c17a2f2e6e6066a58dad8102943.

$ git tag --contains 0928e129fbd21c17a2f2e6e6066a58dad8102943  | grep auth
auth-4.8.0-alpha1
auth-4.8.0-beta1
auth-4.8.0
auth-4.8.1

And what's worse, packages.d.o says
  sid (unstable) (net): extremely powerful and versatile nameserver
  4.8.1-2: amd64 arm64 ia64 mips64el ppc64 ppc64el riscv64 s390x sparc64
  4.8.1-1 [debports]: alpha
  4.7.1-1 [debports]: x32
  4.4.1-4 [debports]: hppa m68k sh4 
so release arches and alpha
(and hppa m68k sh4,
 since f115fbc97b9760bdfbff307e4de72a9cb3df0990 appears in 4.7)
have a working version but x32 doesn't?

https://buildd.debian.org/status/package.php?p=pdns for 4.8.1-2 for x32
says "BD-Uninstallable", with
  Dependency installability problem for pdns on x32:
  pdns build-depends on missing:
  - architecture-is-64-bit:x32
?!?

d/changelog says
  pdns (4.7.3-2) unstable; urgency=medium
  
* Build-Depend on architecture-is-64-bit (for time_t) (Closes: #1011259)
  
   -- Chris Hofstaedtler   Sun, 25 Dec 2022 10:43:16 +
which. idk bro. x32 has a 64-bit time_t. Hell. x32 /only/ has 64-bit time_t!

Quoth /usr/include/x86_64-linux-gnux32/bits/timesize.h:
-- >8 --
/* Bit size of the time_t type at glibc build time, x86-64 and x32 case.
   Copyright (C) 2018-2023 Free Software Foundation, Inc.
   This file is part of the GNU C Library.

   The GNU C Library is free software; you can redistribute it and/or
   modify it under the terms of the GNU Lesser General Public
   License as published by the Free Software Foundation; either
   version 2.1 of the License, or (at your option) any later version.

   The GNU C Library is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   Lesser General Public License for more details.

   You should have received a copy of the GNU Lesser General Public
   License along with the GNU C Library; if not, see
   .  */

#include 

#if defined __x86_64__ && defined __ILP32__
/* For x32, time is 64-bit even though word size is 32-bit.  */
# define __TIMESIZE 64
#else
/* For others, time size is word size.  */
# define __TIMESIZE __WORDSIZE
#endif
/* Bit size of the time_t type at glibc build time, x86-64 and x32 case.
   Copyright (C) 2018-2023 Free Software Foundation, Inc.
   This file is part of the GNU C Library.

   The GNU C Library is free software; you can redistribute it and/or
   modify it under the terms of the GNU Lesser General Public
   License as published by the Free Software Foundation; either
   version 2.1 of the License, or (at your option) any later version.

   The GNU C Library is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   Lesser General Public License for more details.

   You should have received a copy of the GNU Lesser General Public
   License along with the GNU C Library; if not, see
   .  */

#include 

#if defined __x86_64__ && defined __ILP32__
/* For x32, time is 64-bit even though word size is 32-bit.  */
# define __TIMESIZE 64
#else
/* For others, time size is word size.  */
# define __TIMESIZE __WORDSIZE
#endif
-- >8 --

I'm hoping this is an "i forgor " moment.

Attaching patch against current Salsa HEAD
(e993d4ff18ff126c43aa9a4d8dd79f301d8db055),
also opened
  https://salsa.debian.org/dns-team/pdns/-/merge_requests/2

Best,


signature.asc
Description: PGP signature

Bug#1050600: pdns-server: pdns_control list-zones (no filters) segfaults pdns?

From 543748746e1d1db41e43a5d0bd45de3f1992d303 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= 
Date: Sun, 27 Aug 2023 01:57:40 +0200
Subject: [PATCH] Fix architecture-has-64-bit-time_t check by allowing builds
 on x32 (Closes: #1050600)
X-Mutt-PGP: OS

---
 debian/control | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/debian/control b/debian/control
index 9b6c4f934..3c1859cf8 100644
--- a/debian/control
+++ b/debian/control
@@ -5,7 +5,8 @@ Standards-Version: 4.5.1
 Maintainer: pdns packagers 
 Uploaders: Chris Hofstaedtler ,
Marc Haber 
-Build-Depends: architecture-is-64-bit,
+# "architecture-has-64-bit-time_t"
+Build-Depends: architecture-is-64-bit [!x32],
bison,
curl,
debhelper-compat (= 13),
-- 
2.39.2



signature.asc
Description: PGP signature

Bug#1050607: xcb: bookworm xcb won't paste from selected cut buffer

2023-08-26 Thread Phil Chadwick

Package: xcb
Version: 2.4-8
Severity: grave
Justification: renders package unusable

Dear Maintainer,

With standard bookworm Gnome desktop... 
[farlap.949] $ whence xcb
'xcb -n 33 -l v -geometry -0+0'
[farlap.950] $ which xcb
/bin/xcb
[farlap.951] $ strings /bin/xcb | grep "^lib"
libXaw.so.7
libXt.so.6
libX11.so.6
libc.so.6

1.  Cut something and paste into first cut buffer.
2.  Cut something different and paste into second cut buffer.
3.  Single click on FIRST cut buffer box.  Paste anywhere.
4.  What gets pasted is the contents of the SECOND cut buffer.

This bug renders xcb pretty much useless.

I found the source for an old version of xcb in my archives.  It's 
xcb-2.4 with PATCHLEVEL: 3.  I compiled it from source, and tested.
I got the same problem. 

-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-10-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_AU:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages xcb depends on:
ii  libc6 2.36-9+deb12u1
ii  libx11-6  2:1.8.4-2+deb12u1
ii  libxaw7   2:1.0.14-1
ii  libxt61:1.2.1-1.1

xcb recommends no packages.

xcb suggests no packages.

-- no debconf information

Bug#1050586: kmod: Updating to kmod to 30+20230601-1 results in a non booting system modules cannot be decompressed

2023-08-26 Thread Jon Westgate


Dear Marco,
I'm using XZ if I turn off compression my initrd fails it's too big.

Jon

On 26/08/2023 22:25, Marco d'Itri wrote:

On Aug 26, Jon Westgate  wrote:


Yes I am using compressed modules

And are these modules compressed with xz or something else?

This new code was introduced in the latest snapshot, and apparently it
fails when used with kernels with compressed modules support enabled
(which so far is not the default for Debian kenrels).





OpenPGP_0x420652A8C309A3B2.asc
Description: OpenPGP public key


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1050606: find: ‘/lib/systemd/system-sleep’: No such file or directory

Package: cryptsetup-suspend
Version: 2:2.6.1-4
Severity: serious

The cryptsetup-suspend wrapper makes unconditional use of the
/lib/systemd/system-sleep directory.

This directory was removed from the systemd package as a result of the
discussion in https://salsa.debian.org/systemd-team/systemd/-/merge_requests/208

The failing autopkgtest of cryptsetup is now blocking the testing
migration of the systemd package (thus the RC severity).

Please update cryptsetup-suspend-wrapper to handle the case where the
directory /lib/systemd/system-sleep is missing.

Regards,
Michael

Bug#1050600: pdns-server: pdns_control list-zones (no filters) segfaults pdns?

Control: tags -1 + patch

On Sat, Aug 26, 2023 at 11:50:52PM +0200, наб wrote:
> GDB says
> │  402if (kind == DomainInfo::All) {  
>│
> │  >   403  ret<│
> │  404}   
>│
> │  405else {  
>│
> │  406  ret<<"All zonecount:"<│
> │  407}   
>│
> 
> 
> But the function starts with
> │  378  string DLListZones(const vector, Utility::pid_t 
> ppid)  │
> │  379  { 
>│
> │  380UeberBackend B; 
>│
> │  381g_log<│
> ...
> │  386if (parts.size() > 1) { 
>│
> │  387  kind = DomainInfo::stringToKind(parts[1]);
>│
> │  388}   
>│
> │  389else {  
>│
> │  390  kind = DomainInfo::All;   
>│
> │  391}   
>│
> 
> So... (kind == DomainInfo::All) <=> (parts.size() == 0)
"(kind == DomainInfo::All) <=> (parts.size() == 1)" of course.

Confirmed and fixed by 403s/1/0/
  # pdns_control list-zones master
  All zonecount:0
  # pdns_control list-zones slave
  All zonecount:0
  # pdns_control list-zones native
  ws.co.ls.
  All zonecount:1
  # pdns_control list-zones
  ws.co.ls.
  LIST-ZONES zonecount:1

Patch attached.

Best,
--- pdns-4.7.1.orig/pdns/dynhandler.cc
+++ pdns-4.7.1/pdns/dynhandler.cc
@@ -400,7 +400,7 @@ string DLListZones(const vector&
   }
 
   if (kind == DomainInfo::All) {
-ret<

signature.asc
Description: PGP signature

Bug#1050600: pdns_control: list-zones appears to require a type filter, returns empty without

2023-08-26 Thread Peter van Dijk

This was fixed upstream in https://github.com/PowerDNS/pdns/pull/12181
which is part of version 4.7.3

Bug#979151: Need more info, I cannot reproduce

2023-08-26 Thread Roland Clobus


Control: tags 979151 +moreinfo

Hello Sergio,

Even though it is a long time ago, I took another look at this bug report.

In the code of installer_debian-installer, I found 2 URLs that are used 
for the installer:


URL="${LB_PARENT_MIRROR_DEBIAN_INSTALLER}/dists/${LB_PARENT_DEBIAN_INSTALLER_DISTRIBUTION}/main/installer-${LB_ARCHITECTURE}/current/images"
Download_file Packages.gz 
"${LB_PARENT_MIRROR_CHROOT}"/dists/"${LB_PARENT_DEBIAN_INSTALLER_DISTRIBUTION}"/main/debian-installer/binary-"${LB_ARCHITECTURE}"/Packages.gz


I've seen that bookworm-backports also only provides Packages.xz, 
similar to buster-backports from the original bug report, so I guess the 
issue is still relevant.
However in bookworm-backports, there is not main/installer-amd64, which 
will fail the installer script before the .xz-compressed file is 
attempted to be downloaded.


I tried with:
lb config --distribution bookworm --debian-installer-distribution 
bookworm-backports --debian-installer live


Do you have a full configuration available? I'm currently unable to 
reproduce the issue.


With kind regards,
Roland Clobus


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1050605: linux-image-6.4.0-3-amd64: Unable to boot on 2009 13inch MacBook Pro

2023-08-26 Thread Xiyue Deng

Package: src:linux
Version: 6.4.11-1
Severity: grave
Justification: renders package unusable

The recent update of linux-image to version 6.4.0-3 causes this laptop unable to
boot.  As the boot was not successful I could not check the log through dmesg so
I will attach a photo later.

The relevant part of the error of the end of the boot messages when trying to
boot in recovery mode is hand-typed below:

,
| [3.453462] ACPI Warning: \_SB.PCI0.IXVE.IGPU._DSM: Argument #4 type 
mismatch - Found [Buffer], ACPI requires [Package] (20230331/nsarguments-61)
| [3.454515] ACPI: \_SB_.PCI0.IXVE.IGPU: failed to evaluate _DSM
| [3.455576] nouveau :02:00.0: enabling device (0002 -> 0003)
| [3.456812] ACPI: \_SB_.PCI0.LGPU: Enabled at IRQ 18
`

After this the boot process stuck like when trying to boot normally.

Using linux-image-6.4.0-2-amd64 and early kernel versions the laptop can boot
without issues.

I saw there is #1050460 reporting a similar error error on nVidia GPU but as my
laptop cannot even boot I figured it may be better to file a separate bug and
let the maintainer to decide whether to merge the bugs.

Note that the system info is generated when booted with a 6.4.0-2 kernel.

-- Package-specific info:
** Kernel log: boot messages should be attached

** Model information
sys_vendor: Apple Inc.
product_name: MacBookPro5,5
product_version: 1.0
chassis_vendor: Apple Inc.
chassis_version: Mac-F2268AC8
bios_vendor: Apple Inc.
bios_version:MBP55.88Z.00AC.B03.0906151708
board_vendor: Apple Inc.
board_name: Mac-F2268AC8
board_version: 

** PCI devices:
00:00.0 Host bridge [0600]: NVIDIA Corporation MCP79 Host Bridge [10de:0a82] 
(rev b1)
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap- 66MHz+ UDF- FastB2B+ ParErr- DEVSEL=fast >TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- 
Kernel driver in use: nForce2_smbus
Kernel modules: i2c_nforce2, nv_tco

00:03.3 RAM memory [0500]: NVIDIA Corporation MCP79 Memory Controller 
[10de:0a89] (rev b1)
Control: I/O- Mem- BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap- 66MHz+ UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- 
Kernel driver in use: ohci-pci
Kernel modules: ohci_pci

00:04.1 USB controller [0c03]: NVIDIA Corporation MCP79 EHCI USB 2.0 Controller 
[10de:0aa6] (rev b1) (prog-if 20 [EHCI])
Subsystem: NVIDIA Corporation Apple iMac 9,1 [10de:cb79]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz+ UDF- FastB2B+ ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: ehci-pci
Kernel modules: ehci_pci

00:06.0 USB controller [0c03]: NVIDIA Corporation MCP79 OHCI USB 1.1 Controller 
[10de:0aa7] (rev b1) (prog-if 10 [OHCI])
Subsystem: NVIDIA Corporation Apple iMac 9,1 [10de:cb79]
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz+ UDF- FastB2B+ ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: ohci-pci
Kernel modules: ohci_pci

00:06.1 USB controller [0c03]: NVIDIA Corporation MCP79 EHCI USB 2.0 Controller 
[10de:0aa9] (rev b1) (prog-if 20 [EHCI])
Subsystem: NVIDIA Corporation Apple iMac 9,1 [10de:cb79]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz+ UDF- FastB2B+ ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: ehci-pci
Kernel modules: ehci_pci

00:08.0 Audio device [0403]: NVIDIA Corporation MCP79 High Definition Audio 
[10de:0ac0] (rev b1)
Subsystem: NVIDIA Corporation Apple iMac 9,1 [10de:cb79]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz+ UDF- FastB2B+ ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: snd_hda_intel
Kernel modules: snd_hda_intel

00:09.0 PCI bridge [0604]: NVIDIA Corporation MCP79 PCI Bridge [10de:0aab] (rev 
b1) (prog-if 01 [Subtractive decode])
Subsystem: NVIDIA Corporation Apple iMac 9,1 [10de:cb79]
Control: I/O- Mem- BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz+ UDF- FastB2B+ ParErr- DEVSEL=fast >TAbort- SERR- TAbort- 
Reset- FastB2B-
PriDiscTmr- SecDiscTmr+ DiscTmrStat- DiscTmrSERREn-
Capabilities: 

00:0a.0 Ethernet controller [0200]: NVIDIA Corporation MCP79 Ethernet 
[10de:0ab0] (rev b1)
Subsystem: NVIDIA Corporation Apple iMac 9,1 [10de:cb79]
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz+ UDF-

Bug#1050604: python3-binwalk: Fails to extract cramfs

2023-08-26 Thread Shorrer

Package: python3-binwalk
Version: 2.3.4+dfsg1-1
Severity: normal
Tags: upstream
X-Debbugs-Cc: shor...@yandex.by

Dear Maintainer,

While trying to unpack everything from a blob that contains a cramfs
using the "binwalk -e blob_name.bin" I've encountered an error:

WARNING: Extractor.execute failed to run external extractor 'cramfsck -x 
'cramfs-root' '%e'': [Errno 2] No such file or directory: 'cramfsck', 'cramfsck 
-x 'cramfs-root' '%e'' might not be installed correctly

Sure enough, there truly is no "cramfsck" executable, neither in /usr/bin
nor in /usr/sbin. I've found it in "cramfs-tools" repository
(https://github.com/npitre/cramfs-tools/blob/master/cramfsck.c) but
there is no such package in Debian. There is an "fsck.cramfs" from the
"util-linux" package that is doing what "cramfsck" is, albeit with
a different arguments: "-x" is "--extract" in "fsck.cramfs".

The bug was reported upstream some time ago
(https://github.com/ReFirmLabs/binwalk/issues/623) with not much
attention (and latest commit in the repository was around 7 months ago).
Issue is also present with two other Linux distributions: Arch Linux
(tested by myself right now) and it's derivative Manjaro (encountered by
at least one user 2.5 years ago
https://forum.manjaro.org/t/how-to-install-cramfsswap/48970)

While so far it seems that this is the problem of the upstream to adapt
to distributions using "util-linux"'s "fsck.cramfs" instead of
"cramfsck" the issue is also in the fact that "fsck.cramfs" is in
/usr/sbin, which is not in the PATH of non-root users on Debian by
default. As I don't think anyone would try to install a whole another
package for functionality that is present in "util-linux" and neither
it is possible to just symlink "cramfsck" to "fsck.cramfs" due to
argument incompatibility, the only probable way of this is to patch
"binwalk" to try "fsck.cramfs" and maybe symlink "fsck.cramfs" to
/usr/bin for non-root users to see.

However, of course, maybe you can see a better resolution of this. I
will try to figure out some way of patching the "binwalk" for the new
utility in the meantime, if nobody beats me to it.

-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-11-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages python3-binwalk depends on:
ii  libmagic1  1:5.44-3
ii  python33.11.2-1+b1

Versions of packages python3-binwalk recommends:
ii  arj3.10.22-26
ii  bzip2  1.0.8-5+b1
ii  cramfsswap 1.4.2
ii  mtd-utils  1:2.1.5-1
ii  ncompress  4.2.4.6-6
ii  p7zip  16.02+dfsg-8
ii  p7zip-full 16.02+dfsg-8
ii  python3-pyqtgraph  0.13.1-4
ii  sleuthkit  4.11.1+dfsg-1+b1
ii  squashfs-tools 1:4.5.1-1

python3-binwalk suggests no packages.

-- no debconf information

Bug#1050603: syncthing: Reenable QUIC feature

2023-08-26 Thread Nicholas D Steeves

Control: reopen -1
Control: notfixed -1 syncthing/1.19.2~ds1-3
Control: fixed -1 syncthing/1.19.2~ds1-2

I've created this bug as a TODO for Syncthing 1.24, and cloned 1049983
for context rather than resubmitting.

Bug#1050578:

2023-08-26 Thread Joshua Hudson

Bug verified *upstream* on stock kernel version 6.4.12

Bug#1050600: pdns-server: pdns_control list-zones (no filters) segfaults pdns?

GDB says
│  402if (kind == DomainInfo::All) {
 │
│  >   403  ret<, Utility::pid_t ppid) 
 │
│  379  {   
 │
│  380UeberBackend B;   
 │
│  381g_log< 1) {   
 │
│  387  kind = DomainInfo::stringToKind(parts[1]);  
 │
│  388} 
 │
│  389else {
 │
│  390  kind = DomainInfo::All; 
 │
│  391} 
 │

So... (kind == DomainInfo::All) <=> (parts.size() == 0)
but it'sreading parts[1]?

Reeks of a lua momento :v

Best,


signature.asc
Description: PGP signature

Bug#992916: Works for me

2023-08-26 Thread Roland Clobus


Control: tags 992916 +wontfix

More than a year ago (2022-02-10) I wrote in the MR that is associated 
with this bug report [1]:



In this case, the issue might be resolved by using --variant=minbase as 
well:
With lb config --debootstrap-options "--variant=minbase --include 
sysvinit-core" --initsystem sysvinit followed by echo "user-setup sudo 
ifupdown isc-dhcp-client" > config/package-lists/recommends.list.chroot 
one can obtain an image without packages that have systemd in their name 
(except for libsystemd0, which is pulled in by apt)

So there might be no need to change the live-build code.


So I consider this bug report handled. Even though not trivial, it is 
possible to create a live image without systemd code.


With kind regards,
Roland Clobus

[1] https://salsa.debian.org/live-team/live-build/-/merge_requests/257


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1050600: pdns_control: list-zones appears to require a type filter, returns empty without

Control: retitle -1 pdns-server: pdns_control list-zones (no filters) segfaults 
pdns?

An unrelated run with journalctl -f& revealed:
-- >8 --
nabijaczleweli@szarotka:/etc/powerdns$ sudo pdns_control list-zones

nabijaczleweli@szarotka:/etc/powerdns$ Aug 26 23:17:13 szarotka sudo[17695]: 
nabijaczleweli : TTY=pts/2 ; PWD=/etc/powerdns ; USER=root ; 
COMMAND=/bin/pdns_control list-zones
Aug 26 23:17:13 szarotka sudo[17695]: pam_unix(sudo:session): session opened 
for user root(uid=0) by (uid=1000)
Aug 26 23:17:13 szarotka pdns_server[17668]: Got a signal 11, attempting to 
print trace:
Aug 26 23:17:13 szarotka pdns_server[17668]: /usr/sbin/pdns_server(+0x14d282) 
[0x56776282]
Aug 26 23:17:13 szarotka pdns_server[17668]: 
/lib/x86_64-linux-gnux32/libc.so.6(+0x35160) [0xf705f160]
Aug 26 23:17:13 szarotka pdns_server[17668]: 
/lib/x86_64-linux-gnux32/libc.so.6(+0x166d40) [0xf7190d40]
Aug 26 23:17:13 szarotka pdns_server[17668]: 
/lib/x86_64-linux-gnux32/libstdc++.so.6(_ZNSt15basic_streambufIcSt11char_traitsIcEE6xsputnEPKci+0x4f)
 [0xf732387f]
Aug 26 23:17:13 szarotka pdns_server[17668]: 
/lib/x86_64-linux-gnux32/libstdc++.so.6(_ZSt16__ostream_insertIcSt11char_traitsIcEERSt13basic_ostreamIT_T0_ES6_PKS3_i+0x16f)
 [0xf731648f]
Aug 26 23:17:13 szarotka pdns_server[17668]: 
/usr/sbin/pdns_server(_Z11DLListZonesRKSt6vectorINSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEESaIS5_EEi+0x5aa)
 [0x5682c38a]
Aug 26 23:17:13 szarotka pdns_server[17668]: 
/usr/sbin/pdns_server(_ZN11DynListener11theListenerEv+0x41a) [0x5683536a]
Aug 26 23:17:13 szarotka pdns_server[17668]: 
/lib/x86_64-linux-gnux32/libstdc++.so.6(+0xbe2b5) [0xf72be2b5]
Aug 26 23:17:13 szarotka pdns_server[17668]: 
/lib/x86_64-linux-gnux32/libc.so.6(+0x8215b) [0xf70ac15b]
Aug 26 23:17:13 szarotka pdns_server[17668]: 
/lib/x86_64-linux-gnux32/libc.so.6(__clone+0x40) [0xf712be10]
Aug 26 23:17:14 szarotka sudo[17695]: pam_unix(sudo:session): session closed 
for user root
Aug 26 23:17:14 szarotka systemd[1]: pdns.service: Main process exited, 
code=killed, status=6/ABRT
Aug 26 23:17:14 szarotka systemd[1]: pdns.service: Failed with result 'signal'.
Aug 26 23:17:15 szarotka systemd[1]: pdns.service: Scheduled restart job, 
restart counter is at 5.
Aug 26 23:17:15 szarotka systemd[1]: Starting pdns.service - PowerDNS 
Authoritative Server...
Aug 26 23:17:15 szarotka pdns_server[17707]: Loading 
'/usr/lib/x86_64-linux-gnux32/pdns/libbindbackend.so'
Aug 26 23:17:15 szarotka pdns_server[17707]: This is a standalone pdns
Aug 26 23:17:15 szarotka pdns_server[17707]: Listening on controlsocket in 
'/run/pdns/pdns.controlsocket'
Aug 26 23:17:15 szarotka pdns_server[17707]: UDP server bound to 0.0.0.0:53
Aug 26 23:17:15 szarotka pdns_server[17707]: TCP server bound to 0.0.0.0:53
Aug 26 23:17:15 szarotka pdns_server[17707]: PowerDNS Authoritative Server 
4.7.1 (C) 2001-2022 PowerDNS.COM BV
Aug 26 23:17:15 szarotka pdns_server[17707]: Using 32-bits mode. Built using 
gcc 12.2.0.
Aug 26 23:17:15 szarotka pdns_server[17707]: PowerDNS comes with ABSOLUTELY NO 
WARRANTY. This is free software, and you are welcome to redistribute it 
according to the terms of the GPL version 2.
Aug 26 23:17:15 szarotka pdns_server[17707]: [bindbackend] Parsing 1 domain(s), 
will report when done
Aug 26 23:17:15 szarotka pdns_server[17707]: [bindbackend] Done parsing 
domains, 0 rejected, 1 new, 0 removed
Aug 26 23:17:15 szarotka pdns_server[17707]: Creating backend connection for TCP
Aug 26 23:17:15 szarotka pdns_server[17707]: Only asked for 1 backend thread - 
operating unthreaded
Aug 26 23:17:15 szarotka systemd[1]: Started pdns.service - PowerDNS 
Authoritative Server.
-- >8 --

Installed -dbgsyms, attached debugger, got
-- >8 --
Thread 2 "pdns/ctrlListen" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xf5ddc900 (LWP 20241)]
__memcpy_ssse3 () at ../sysdeps/x86_64/multiarch/memmove-ssse3.S:90
90  ../sysdeps/x86_64/multiarch/memmove-ssse3.S: No such file or directory.
(gdb) bt
#0  __memcpy_ssse3 () at ../sysdeps/x86_64/multiarch/memmove-ssse3.S:90
#1  0xf732387f in std::char_traits::copy (__n=5, __s2=0x0, 
__s1=)
at 
/build/gcc-13-wGgrWt/gcc-13-13.2.0/build/x86_64-linux-gnux32/libstdc++-v3/include/bits/char_traits.h:445
#2  std::basic_streambuf >::xsputn 
(this=0xf5ddba04, __s=0x0, __n=37)
at 
/build/gcc-13-wGgrWt/gcc-13-13.2.0/build/x86_64-linux-gnux32/libstdc++-v3/include/bits/streambuf.tcc:90
#3  0xf731648f in std::basic_streambuf >::sputn 
(__n=37, __s=0x0, this=)
at 
/build/gcc-13-wGgrWt/gcc-13-13.2.0/build/x86_64-linux-gnux32/libstdc++-v3/include/streambuf:457
#4  std::__ostream_write > (__n=37, __s=0x0, 
__out=...)
at 
/build/gcc-13-wGgrWt/gcc-13-13.2.0/build/x86_64-linux-gnux32/libstdc++-v3/include/bits/ostream_insert.h:53
#5  std::__ostream_insert > (__out=..., __s=0x0, 
__n=37)
at 
/build/gcc-13-wGgrWt/gcc-13-13.2.0/build/x86_64-linux-gnux32/libstdc++-v3/include/bits/ostream_insert.h:104
#6  0x5676538a in std::operator<< ,

Bug#1050546: bookworm-pu: package vorta/0.8.10-1+deb12u1

2023-08-26 Thread Nicholas D Steeves

Control: tags -1 - moreinfo

"Adam D. Barratt"  writes:

> On Fri, 2023-08-25 at 21:17 -0400, Nicholas D Steeves wrote:
>> 
>> <#part type="application/octet-stream"
>> filename="/home/sten/Dropbox/tmp/0.8.10-1_to_0.8.10-
>> 1+deb12u1.debdiff" disposition=attachment>
>> <#/part>
>> 
> That seems to have been missed.

Ah, I see I failed to use reportbug's special attachment method.  My
bad.  Thanks for letting me know, and this should now be fixed!

diff -Nru vorta-0.8.10/debian/changelog vorta-0.8.10/debian/changelog
--- vorta-0.8.10/debian/changelog	2023-01-23 15:06:42.0 -0500
+++ vorta-0.8.10/debian/changelog	2023-07-31 11:10:53.0 -0400
@@ -1,3 +1,11 @@
+vorta (0.8.10-1+deb12u1) bookworm; urgency=medium
+
+  * Add 0006-Handle-ctime-and-mtime-diff-changes-1675.patch, which is a
+cherry-picked fix from upstream that adapts Vorta 0.8.10 to Borg 1.2.4
+(Closes: #1042671).
+
+ -- Nicholas D Steeves   Mon, 31 Jul 2023 11:10:53 -0400
+
 vorta (0.8.10-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru vorta-0.8.10/debian/patches/0006-Handle-ctime-and-mtime-diff-changes-1675.patch vorta-0.8.10/debian/patches/0006-Handle-ctime-and-mtime-diff-changes-1675.patch
--- vorta-0.8.10/debian/patches/0006-Handle-ctime-and-mtime-diff-changes-1675.patch	1969-12-31 19:00:00.0 -0500
+++ vorta-0.8.10/debian/patches/0006-Handle-ctime-and-mtime-diff-changes-1675.patch	2023-07-31 11:10:53.0 -0400
@@ -0,0 +1,452 @@
+From: Henry Spanka 
+Date: Sat, 1 Apr 2023 21:10:56 +0200
+Subject: Handle ctime and mtime diff changes (#1675)
+
+Bug: https://github.com/borgbase/vorta/issues/1672
+Bug-Debian: https://bugs.debian.org/1042671
+Applied-Upstream: 0.8.11, https://github.com/borgbase/vorta/commit/e3451ed49e4a760d2a0d037ef45f22155eeb2ed9
+
+Borg v1.2.4 added new change types called `mtime` and `ctime` for the modification and the creation time of a file.
+Our diff json parser doesn't support these changes yet.
+The plain text parser doesn't need to be updated since it is only used for earlier versions of borg.
+This also extends the tooltip in the diff view to show changes in `ctime` or `mtime` in a localised manner.
+
+* src/vorta/views/diff_result.py (ChangeType): Add `CTIME` and `MTIME` linking to `MODIFIED`.
+
+* src/vorta/views/diff_result.py (DiffData): Add fields `ctime_change` and `mtime_change`.
+
+* src/vorta/views/diff_result.py (parse_diff_json): Parse the new change types.
+
+* src/vorta/views/diff_result.py (DiffTree.data): Add time changes to tooltip in a human readable format.
+
+* tests/test_diff.py : Update test data to include new change types. Add additional test cases for unittesting the new change types.
+---
+ src/vorta/views/diff_result.py |  55 -
+ tests/test_diff.py | 176 ++---
+ 2 files changed, 217 insertions(+), 14 deletions(-)
+
+diff --git a/src/vorta/views/diff_result.py b/src/vorta/views/diff_result.py
+index 6a8e5ba..cf8b936 100644
+--- a/src/vorta/views/diff_result.py
 b/src/vorta/views/diff_result.py
+@@ -6,7 +6,7 @@
+ from pathlib import PurePath
+ from typing import List, Optional, Tuple
+ from PyQt5 import uic
+-from PyQt5.QtCore import QMimeData, QModelIndex, QPoint, Qt, QThread, QUrl
++from PyQt5.QtCore import QDateTime, QLocale, QMimeData, QModelIndex, QPoint, Qt, QThread, QUrl
+ from PyQt5.QtGui import QColor, QKeySequence
+ from PyQt5.QtWidgets import QApplication, QHeaderView, QMenu, QShortcut, QTreeView
+ from vorta.utils import get_asset, pretty_bytes, uses_dark_mode
+@@ -206,6 +206,8 @@ def parse_diff_json(diffs: List[dict], model: 'DiffTree'):
+ change_type: ChangeType = None
+ mode_change: Optional[Tuple[str, str]] = None
+ owner_change: Optional[Tuple[str, str, str, str]] = None
++ctime_change: Optional[Tuple[QDateTime, QDateTime]] = None
++mtime_change: Optional[Tuple[QDateTime, QDateTime]] = None
+ modified: Optional[Tuple[int, int]] = None
+ 
+ # added link, removed link, changed link
+@@ -213,6 +215,8 @@ def parse_diff_json(diffs: List[dict], model: 'DiffTree'):
+ # added directory, removed directory
+ # owner (old_user, new_user, old_group, new_group))
+ # mode (old_mode, new_mode)
++# ctime (old_ctime, new_ctime)
++# mtime (old_mtime, new_mtime)
+ for change in item['changes']:
+ # if more than one type of change has happened for this file/dir/link, then report the most important
+ # (higher priority)
+@@ -269,6 +273,22 @@ def parse_diff_json(diffs: List[dict], model: 'DiffTree'):
+ change['new_user'],
+ change['new_group'],
+ )
++
++elif change['type'] == 'ctime':
++# ctime change can occur along with previous changes
++change_type = ChangeType.MODIFIED
++ctime_change = (
++

Bug#1050602: linux: kernel 6.4.11-1 does not recognize TPM on lenovo 14IAU7 (Flex 7i)

2023-08-26 Thread Justin King-Lacroix

Looks like this is an upstream bug that affects all Alder Lake (and maybe
newer) systems.

https://bugzilla.kernel.org/show_bug.cgi?id=217804

https://github.com/NixOS/nixpkgs/issues/250166

Bug#1050586: kmod: Updating to kmod to 30+20230601-1 results in a non booting system modules cannot be decompressed

On Aug 26, Jon Westgate  wrote:

> Yes I am using compressed modules
And are these modules compressed with xz or something else?

This new code was introduced in the latest snapshot, and apparently it 
fails when used with kernels with compressed modules support enabled 
(which so far is not the default for Debian kenrels).

-- 
ciao,
Marco


signature.asc
Description: PGP signature

Bug#1050602: linux: kernel 6.4.11-1 does not recognize TPM on lenovo 14IAU7 (Flex 7i)

2023-08-26 Thread Justin King-Lacroix

Source: linux
Version: 6.4.11-1
Severity: important
X-Debbugs-Cc: justin.kinglacr...@gmail.com

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?

I use clevis-tpm2 to automatically unlock my harddisk on a 14IAU7 (Flex 7i),
and have been successfully using it for several months.


   * What exactly did you do (or not do) that was effective (or
 ineffective)?

Update from linux-image-6.4.0-2-amd64 to linux-image-6.4.0-3-amd64

   * What was the outcome of this action?

Machine boots successfully, but TPM-based auto-unlock no longer works. In fact,
the following shows up in `dmesg`:

```
$ sudo dmesg |grep -i tpm
[0.00] efi: ACPI=0x1ef6 ACPI 2.0=0x1ef60014 TPMFinalLog=0x1ee34000
SMBIOS=0x21489000 SMBIOS 3.0=0x2147c000 MEMATTR=0x5398d018 ESRT=0x55328118
MOKvar=0x21478000 RNG=0x1ef5f018 TPMEventLog=0x1d82b018
[0.004648] ACPI: SSDT 0x2148B000 00060E (v02 LENOVO Tpm2Tabl
1000 INTL 20200717)
[0.004651] ACPI: TPM2 0x2148A000 4C (v04 LENOVO CB-01
0002 LENO 0001)
[0.004709] ACPI: Reserving TPM2 table memory at [mem 0x2148a000-0x2148a04b]
[1.217243] tpm_crb: probe of INTC6001:00 failed with error 378
[1.256600] ima: No TPM chip found, activating TPM-bypass!
[9.117870] systemd[1]: systemd 254.1-2 running in system mode (+PAM +AUDIT
+SELINUX +APPARMOR +IMA +SMACK +SECCOMP +GCRYPT -GNUTLS +OPENSSL +ACL +BLKID
+CURL +ELFUTILS +FIDO2 +IDN2 -IDN +IPTC +KMOD +LIBCRYPTSETUP +LIBFDISK +PCRE2
-PWQUALITY +P11KIT +QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD -BPF_FRAMEWORK
-XKBCOMMON +UTMP +SYSVINIT default-hierarchy=unified)
[9.270983] systemd[1]: systemd-pcrmachine.service - TPM2 PCR Machine ID
Measurement was skipped because of an unmet condition check
(ConditionPathExists=/sys/firmware/efi/efivars/StubPcrKernelImage-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f).
$
```

(Note the line that says "No TPM chip found".)

TPM-related stuff is also gone from /sys/kernel/security.

   * What outcome did you expect instead?

TPM continues to be recognized and used by linux.


*** End of the template - remove these template lines ***


-- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (500, 'testing'), (1, 'oldoldstable'), (1, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.4.0-3-amd64 (SMP w/12 CPU threads; PREEMPT)
Kernel taint flags: TAINT_USER
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#1050601: feedbackd: package documentation files are not installed into /usr/share/doc/

2023-08-26 Thread Boud Roukema


Package: feedbackd
Version: 0.2.0-2
Severity: normal

Dear Maintainer,

   * What led up to the situation?

I tried to find out how to customise my feedbackd settings and searched
in /usr/share/doc/feedbackd/


   * What exactly did you do (or not do) that was effective (or
 ineffective)?

I searched for information starting with https://tracker.debian.org/feedbackd .


   * What was the outcome of these actions?

I found /usr/share/doc/feedbackd/ only contains:

changelog.Debian.gz
copyright

I found that 
https://salsa.debian.org/DebianOnMobile-team/feedbackd/-/tree/debian/latest/debian
is missing the files:

debian/feedbackd.docs
debian/libfeedbackd.docs

These should each contain a list of files to install into 
/usr/share/doc/feedbackd/
and (currently) /usr/share/doc/libfeedback-0.0-0/  , respectively.


   * What outcome did you expect instead?

I expected to find upstream files such as

README.md  (possibly renamed to README.source)
NEWS.gz
NEWS.Debian.gz

installed in /usr/share/doc/feedbackd/ .

The README.md file is especially useful for customisation.


   * Related packages:

ii  feedbackd-device-themes   0.0.r3-1


-- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: arm64 (aarch64)

Kernel: Linux 6.1-sunxi64 (SMP w/4 CPU threads)
Kernel taint flags: TAINT_CRAP, TAINT_UNSIGNED_MODULE
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages feedbackd depends on:
ii  feedbackd-common 0.2.0-2
ii  libc62.37-7
ii  libfeedback-0.0-00.2.0-2
ii  libglib2.0-0 2.77.2-1
ii  libgsound0   1.0.3-2
ii  libgudev-1.0-0   237-2
ii  libjson-glib-1.0-0   1.6.6-1
ii  sound-theme-freedesktop  0.8-3

Versions of packages feedbackd recommends:
ii  gsettings-desktop-schemas  44.0-2

feedbackd suggests no packages.

-- no debconf information

Bug#1050600: pdns_control: list-zones appears to require a type filter, returns empty without

Package: pdns-server
Version: 4.7.1-1
Severity: normal
File: /usr/bin/pdns_control

Dear Maintainer,

pdns_control(1):
   list-zones [primary,secondary,native]
   Show a list of zones, optionally filter on the type of zones to show.
but
  # pdns_control list-zones slave
  All zonecount:0
  # pdns_control list-zones master
  All zonecount:0
  # pdns_control list-zones native
  ws.co.ls.
  All zonecount:1
  # pdns_control list-zones
  

Clearly this is wrong.

Best,
наб

-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: x32 (x86_64)
Foreign Architectures: amd64, i386

Kernel: Linux 6.3.0-2-amd64 (SMP w/2 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_WARN, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages pdns-server depends on:
ii  adduser 3.137
ii  libboost-program-options1.74.0  1.74.0+ds1-22
ii  libc6   2.37-6
ii  libcurl47.86.0-2
ii  libgcc-s1   13.1.0-8
ii  liblua5.3-0 5.3.6-2
ii  libp11-kit0 0.25.0-3
ii  libsodium23 1.0.18-1
ii  libsqlite3-03.42.0-1
ii  libssl3 3.0.10-1
ii  libstdc++6  13.1.0-8
ii  libsystemd0 254~rc3-3

Versions of packages pdns-server recommends:
ii  pdns-backend-bind  4.7.1-1

Versions of packages pdns-server suggests:
ii  pdns-backend-bind [pdns-backend]  4.7.1-1

-- Configuration Files:
/etc/powerdns/pdns.conf [Errno 13] Permission denied: '/etc/powerdns/pdns.conf'

-- no debconf information


signature.asc
Description: PGP signature

Bug#1050119: bullseye-pu: package unrar-nonfree/1:6.0.3-1+deb11u1

2023-08-26 Thread Markus Koschany

Another security vulnerability was discovered in unrar-nonfree, CVE-2023-40477.
This issue has been corrected in 1:6.0.3-1+deb11u3. I'm attaching the new
debdiff.

Regards,

Markus
diff -Nru unrar-nonfree-6.0.3/debian/changelog unrar-nonfree-6.0.3/debian/changelog
--- unrar-nonfree-6.0.3/debian/changelog	2022-05-10 13:26:16.0 +0200
+++ unrar-nonfree-6.0.3/debian/changelog	2023-08-23 17:36:17.0 +0200
@@ -1,3 +1,19 @@
+unrar-nonfree (1:6.0.3-1+deb11u3) bullseye; urgency=high
+
+  * Fix CVE-2023-40477
+
+ -- YOKOTA Hiroshi   Thu, 24 Aug 2023 00:36:17 +0900
+
+unrar-nonfree (1:6.0.3-1+deb11u2) bullseye; urgency=high
+
+  [ Markus Koschany ]
+  * Fix CVE-2022-48579:
+It was discovered that UnRAR, an unarchiver for rar files, allows
+extraction of files outside of the destination folder via symlink chains.
+(Closes: #1050080)
+
+ -- YOKOTA Hiroshi   Thu, 17 Aug 2023 21:04:50 +0900
+
 unrar-nonfree (1:6.0.3-1+deb11u1) bullseye; urgency=high
 
   * Fix CVE-2022-30333 (Closes: #1010837)
diff -Nru unrar-nonfree-6.0.3/debian/patches/0013-CVE-2022-48579.patch unrar-nonfree-6.0.3/debian/patches/0013-CVE-2022-48579.patch
--- unrar-nonfree-6.0.3/debian/patches/0013-CVE-2022-48579.patch	1970-01-01 01:00:00.0 +0100
+++ unrar-nonfree-6.0.3/debian/patches/0013-CVE-2022-48579.patch	2023-08-23 17:36:17.0 +0200
@@ -0,0 +1,429 @@
+From: Markus Koschany 
+Date: Mon, 14 Aug 2023 15:43:54 +0200
+Subject: CVE-2022-48579
+
+Origin: https://github.com/pmachapman/unrar/commit/2ecab6bb5ac4f3b88f270218445496662020205f
+---
+ arcread.cpp   |  4 ++-
+ extinfo.cpp   | 89 +++
+ extinfo.hpp   |  3 +-
+ extract.cpp   | 44 +
+ extract.hpp   |  6 
+ hardlinks.cpp |  2 --
+ model.cpp |  6 ++--
+ os.hpp|  1 +
+ pathfn.cpp| 14 +++---
+ timefn.hpp| 11 
+ ulinks.cpp|  6 ++--
+ win32stm.cpp  |  9 --
+ 12 files changed, 170 insertions(+), 25 deletions(-)
+
+diff --git a/arcread.cpp b/arcread.cpp
+index d1df6c0..63858d9 100644
+--- a/arcread.cpp
 b/arcread.cpp
+@@ -1441,7 +1441,9 @@ bool Archive::ReadSubData(Array *UnpData,File *DestFile,bool TestMode)
+   {
+ if (SubHead.UnpSize>0x100)
+ {
+-  // So huge allocation must never happen in valid archives.
++  // Prevent the excessive allocation. When reading to memory, normally
++  // this function operates with reasonably small blocks, such as
++  // the archive comment, NTFS ACL or "Zone.Identifier" NTFS stream.
+   uiMsg(UIERROR_SUBHEADERUNKNOWN,FileName);
+   return false;
+ }
+diff --git a/extinfo.cpp b/extinfo.cpp
+index 5cb90a4..0f25f31 100644
+--- a/extinfo.cpp
 b/extinfo.cpp
+@@ -112,6 +112,68 @@ static bool LinkInPath(const wchar *Name)
+ }
+ 
+ 
++// Delete symbolic links in file path, if any, and replace them by directories.
++// Prevents extracting files outside of destination folder with symlink chains.
++bool LinksToDirs(const wchar *SrcName,const wchar *SkipPart,std::wstring )
++{
++  // Unlike Unix, Windows doesn't expand lnk1 in symlink targets like
++  // "lnk1/../dir", but converts the path to "dir". In Unix we need to call
++  // this function to prevent placing unpacked files outside of destination
++  // folder if previously we unpacked "dir/lnk1" -> "..",
++  // "dir/lnk2" -> "lnk1/.." and "dir/lnk2/anypath/poc.txt".
++  // We may still need this function to prevent abusing symlink chains
++  // in link source path if we remove detection of such chains
++  // in IsRelativeSymlinkSafe. This function seems to make other symlink
++  // related safety checks redundant, but for now we prefer to keep them too.
++  //
++  // 2022.12.01: the performance impact is minimized after adding the check
++  // against the previous path and enabling this verification only after
++  // extracting a symlink with ".." in target. So we enabled it for Windows
++  // as well for extra safety.
++//#ifdef _UNIX
++  wchar Path[NM];
++  if (wcslen(SrcName)>=ASIZE(Path))
++return false;  // It should not be that long, skip.
++  wcsncpyz(Path,SrcName,ASIZE(Path));
++
++  size_t SkipLength=wcslen(SkipPart);
++
++  if (SkipLength>0 && wcsncmp(Path,SkipPart,SkipLength)!=0)
++SkipLength=0; // Parameter validation, not really needed now.
++
++  // Do not check parts already checked in previous path to improve performance.
++  for (uint I=0;Path[I]!=0 && ISkipLength)
++  SkipLength=I;
++
++  wchar *Name=Path;
++  if (SkipLength>0)
++  {
++// Avoid converting symlinks in destination path part specified by user.
++Name+=SkipLength;
++while (IsPathDiv(*Name))
++  Name++;
++  }
++
++  for (wchar *s=Path+wcslen(Path)-1;s>Name;s--)
++if (IsPathDiv(*s))
++{
++  *s=0;
++  FindData FD;
++  if (FindFile::FastFind(Path,,true) && FD.IsLink)
++#ifdef _WIN_ALL
++if (!DelDir(Path))
++#else
++if (!DelFile(Path))
++#endif
++  return false; //

Bug#1050599: openscenegraph: Downgrade to lua5.1


Source: openscenegraph
Severity: wishlist
Version: 3.6.5+dfsg1-8

Please build openscenegraph with lua5.1 so we can drop v5.2 from the archive.
The build system supports it as fallback but you can certainly also try 
patching to a more up to date lua version.

Bug#1050598: imapfilter: Update to lua5.3


Source: imapfilter
Severity: wishlist
Version: 1:2.8.1-1

Please update haserl to build with lua5.3 so we can drop v5.2 from the archive.
I did not see any issue with it.

Bug#1050597: haserl: Update to lua5.3


Source: haserl
Severity: wishlist
Version: 0.9.36-2

Please update haserl to build with lua5.3 so we can drop v5.2 from the archive.
I did not see any issue with it.

Bug#1050596: RM: eja -- RoQA; unmaintained; severely outdated


Source: eja
Severity: serious
Version: 9.5.20-1

eja does not seem to be used a lot anymore. I intend to file a RM bug. If you have any reasons to keep it in Debian 
please voice them here. To get people's attention, I am filing as a serious bug and will reassign to the FTP team when 
the package is autoremoved from testing.

Bug#1050595: thunderbird: Menus are mangled

2023-08-26 Thread Hilary Snaden

Package: thunderbird
Version: 1:115.1.1-1
Severity: normal
Tags: a11y
X-Debbugs-Cc: hilary.sna...@zoho.com

Dear Maintainer,

Three menubars are displayed, the first where the titlebar should be, then two 
more beneath it. All but the active item is in black text on a near-black 
background.

https://ufile.io/9o6dr0k5


-- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-6-amd64 (SMP w/2 CPU threads; PREEMPT)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages thunderbird depends on:
ii  debianutils  5.8-1
ii  fontconfig   2.14.2-4
ii  libasound2   1.2.9-2
ii  libatk1.0-0  2.49.90-5
ii  libc62.37-7
ii  libcairo-gobject21.16.0-7
ii  libcairo21.16.0-7
ii  libdbus-1-3  1.14.8-2
ii  libdbus-glib-1-2 0.112-3
ii  libevent-2.1-7   2.1.12-stable-8
ii  libffi8  3.4.4-1
ii  libfontconfig1   2.14.2-4
ii  libfreetype6 2.13.1+dfsg-1
ii  libgcc-s113.2.0-2
ii  libgdk-pixbuf-2.0-0  2.42.10+dfsg-1+b1
ii  libglib2.0-0 2.77.2-1
ii  libgtk-3-0   3.24.38-4
ii  libnspr4 2:4.35-1.1
ii  libnss3  2:3.92-1
ii  libotr5  4.1.1-5
ii  libpango-1.0-0   1.51.0+ds-2
ii  librnp0  0.17.0-3
ii  libstdc++6   13.2.0-2
ii  libvpx7  1.12.0-1
ii  libx11-6 2:1.8.6-1
ii  libx11-xcb1  2:1.8.6-1
ii  libxcb-shm0  1.15-1
ii  libxcb1  1.15-1
ii  libxext6 2:1.3.4-1+b1
ii  libxrandr2   2:1.5.2-2+b1
ii  psmisc   23.6-1
ii  x11-utils7.7+5
ii  zenity   3.44.2-1
ii  zlib1g   1:1.2.13.dfsg-3

Versions of packages thunderbird recommends:
ii  hunspell-en-gb [hunspell-dictionary]  1:7.5.0-1
ii  hunspell-en-us [hunspell-dictionary]  1:2020.12.07-2

Versions of packages thunderbird suggests:
ii  apparmor  3.0.12-1
ii  fonts-lyx 2.3.7-1
ii  libgssapi-krb5-2  1.20.1-3

-- no debconf information

Bug#1033548: 02:00 timers dont run in DST transition night

2023-08-26 Thread Marc Haber

On Sat, Aug 26, 2023 at 02:41:23PM +0200, Michael Biebl wrote:
> What was/is the output of
> systemctl list-timers
> before and after such a (DST) time jump?

No clue, sorry. I just noticed that the timers didn't run. In aide, I
have worked around that by moving the jo to 01:50. That is a good enough
fix for me for the moment.

> I.e., is there a way to reproduce this somehow?

I think it would be possible by establishing a timer to 02:00 and
setting the time to DST night.

Greetings
Marc

-- 
-
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany|  lose things."Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature |  How to make an American Quilt | Fax: *49 6224 1600421

Bug#1050594: libpixelif: diff for NMU version 0.8.4-3.2

2023-08-26 Thread Boyuan Yang

Package: libpixelif
Version: 0.8.4-3.1
Severity: normal
Tags: patch  pending

Dear maintainer,

I've prepared an NMU for libpixelif (versioned as 0.8.4-3.2) and
uploaded it to DELAYED/14. Please feel free to tell me if I
should delay it longer.

Regards.

diff -Nru libpixelif-0.8.4/debian/changelog libpixelif-0.8.4/debian/changelog
--- libpixelif-0.8.4/debian/changelog   2021-01-04 11:08:17.0 -0500
+++ libpixelif-0.8.4/debian/changelog   2023-08-26 14:33:11.0 -0400
@@ -1,3 +1,11 @@
+libpixelif (0.8.4-3.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * debian/control: Replace obsolete dependency package:
+libfreetype6-dev => libfreetype-dev. (Closes: -1)
+
+ -- Boyuan Yang   Sat, 26 Aug 2023 14:33:11 -0400
+
 libpixelif (0.8.4-3.1) unstable; urgency=medium
 
   * Non maintainer upload by the Reproducible Builds team.
diff -Nru libpixelif-0.8.4/debian/control libpixelif-0.8.4/debian/control
--- libpixelif-0.8.4/debian/control 2018-02-23 12:30:00.0 -0500
+++ libpixelif-0.8.4/debian/control 2023-08-26 14:32:52.0 -0400
@@ -7,7 +7,7 @@
  automake,
  autoconf,
  pkg-config,
- libfreetype6-dev,
+ libfreetype-dev,
  libfizmo-dev (>= 0.7.15),
  libdrilbo-dev (>= 0.2.11)
 Standards-Version: 4.1.3
@@ -29,7 +29,7 @@
 Depends: libpixelif-common (>= 0.8.3),
  libfizmo-dev (>= 0.7.15),
  libdrilbo-dev (>= 0.2.11),
- libfreetype6-dev,
+ libfreetype-dev,
  ${shlibs:Depends},
  ${misc:Depends}
 Description: Interface translating fizmo output into pixel data


signature.asc
Description: This is a digitally signed message part

Bug#1050593: python3-ldns: Should not be Priority: extra

2023-08-26 Thread Boyuan Yang

Package: python3-ldns
Version: 1.8.3-1
Severity: normal
X-Debbugs-CC: m...@tls.msk.ru d...@fifthhorseman.net

Currently the archive recognizes package python3-ldns as Priority: extra:

-> % apt show python3-ldns
Package: python3-ldns
Version: 1.8.3-1+b1
Priority: extra
Section: python
Source: ldns (1.8.3-1)
Maintainer: Debian DNS Team 
Installed-Size: 1,466 kB
Depends: python3 (<< 3.12), python3 (>= 3.11~), python3:any, libc6 (>= 2.28), 
libldns3 (>= 1.8.3), libpython3.11 (>= 3.11.0)
Homepage: https://www.nlnetlabs.nl/projects/ldns/about/
Download-Size: 222 kB
APT-Sources: http://deb.debian.org/debian unstable/main amd64 Packages
Description: ldns library for DNS programming - Python3 bindings
[...]

However, Priority: extra has been deprecated for a long time and we
should not use it anymore. I see that you are not using Priority: extra
in debian/control file.

You may need to submit an override request against Debian FTP Masters (see
https://wiki.debian.org/FtpMaster/Override ) to solve this problem.

Thanks,
Boyuan Yang


signature.asc
Description: This is a digitally signed message part

Bug#1042711: debian-archive-keyring 2023.3+deb12u1 flagged for acceptance

2023-08-26 Thread Adam D Barratt

package release.debian.org
tags 1042711 = bookworm pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bookworm.

Thanks for your contribution!

Upload details
==

Package: debian-archive-keyring
Version: 2023.3+deb12u1

Explanation: clean up leftover keyrings in trusted.gpg.d

Bug#1050590: liferea: Having plugin Webkit Setting enabled crashes on startup "libsoup2 and libsoup3 in the same process"

2023-08-26 Thread Paul Gevers


Control: tags -1 confirmed

Hi Martin,

Thanks for reporting issues you're experiencing.

On 26-08-2023 19:38, Martin Bergström wrote:

Also crashes immediatly if the Webkit Setting plugin is enabled in UI after 
startup.


For me it even hang my computer, I could move the mouse, but nothing was 
responding anymore.



Workaround: Install 1.14.4-3 and disable Webkit Setting plugin then upgrade to 
1.15.1-2


I'll report this upstream and hope they can help to figure out how to 
prevent this.


Paul


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1050582: kmod update corrupts systemd uefi boot

2023-08-26 Thread Antonio


Found this:

# CONFIG_MODULE_COMPRESS_NONE is not set
# CONFIG_MODULE_COMPRESS_GZIP is not set
CONFIG_MODULE_COMPRESS_XZ=y
# CONFIG_MODULE_COMPRESS_ZSTD is not set


Il 26/08/23 19:57, Marco d'Itri ha scritto:

On Aug 26, antonio  wrote:


Kernel: Linux 6.4.12-1-liquorix-amd64 (SMP w/24 CPU threads; PREEMPT)

I see that you are using a custom kernel. What is the status of the
CONFIG_MODULE_COMPRESS_* kernel configuration options?

Bug#1050592: perl: F_GETLK / F_GETLK64 confusion on ppc64el breaking libfile-fcntllock-perl

2023-08-26 Thread Niko Tyni

Package: perl
Version: 5.36.0-8
Severity: serious
X-Debbugs-Cc: debian-powe...@lists.debian.org
Control: affects -1 libfile-fcntllock-perl

Hi,

debugging an unexpected autopkgtest failure of
libfile-fcntllock-perl_0.22-4+b1 with perl_5.36.0-8 on ppc64el [1] I found
it's because the old perl binary (5.36.0-7) was built with the fcntl(2)
constant F_GETLK == 12, but the new one with F_GETLK == 5 [2].

There are no source or build system changes in perl that would have caused
this change. The failure is currently blocking perl testing migration,
so filing at 'serious'.

Perl is built with -D_FILE_OFFSET_BITS=64, and I see that on bullseye
this causes F_GETLK == F_GETLK64 == 12, but on bookworm and later
F_GETLK == 5 while F_GETLK64 == 12 [3]. I didn't find the exact
change that caused this yet.

As can be expected from the above, building libfile-fcntllock-perl on
bookworm against perl_5.36.0-7 makes it fail its test suite in a similar
way. And rebuilding it on sid against perl_5.36.0-8 makes it pass.

On amd64 the constants have stayed equal (== 5) from bullseye to sid,
and _FILE_OFFSET_BITS=64 doesn't affect them. What's the deal on ppc64el?

Copying the powerpc porters list. Could you please look into this?

[1] 
https://ci.debian.net/data/autopkgtest/unstable/ppc64el/libf/libfile-fcntllock-perl/34669085/log.gz
[2] perl -MPOSIX -E 'say F_GETLK'
[3] printf '#include \nF_GETLK\nF_GETLK64\n' | cpp 
-D_FILE_OFFSET_BITS=64 | tail -2

-- 
Niko Tyni   nt...@debian.org

Bug#1050589: gcc-13: [x32] -fbuiltin-strchr miscompiles

2023-08-26 Thread Thorsten Glaser

Dixi quod…

>Package: gcc-13
>Version: 13.2.0-1

This is a regression against gcc-12 (= 12.3.0-8); if I install that
and export CC='diet -Os gcc-12' it works.

>./mksh -c 'x=q; x=${ echo a; typeset e=2; return 3; echo x$e;}; echo .$x.'

In case this is relevant: that codepath uses setjmp/longjmp quite a bit,
and builds for glibc, musl or klibc don’t trigger this, so it’s probably
a combination of several things. Using dietlibc/amd64 is also fine, and
dietlibc-wise, they are good as identical: differ only in start.S and
syscall numbers, and a few sections in header files.

bye,
//mirabilos
-- 
 you introduced a merge commit│ % g rebase -i HEAD^^
 sorry, no idea and rebasing just fscked │ Segmentation
 should have cloned into a clean repo  │  fault (core dumped)
 if I rebase that now, it's really ugh │ wuahh

Bug#1050591: bullseye-pu: package awstats/7.8-2+deb11u2

2023-08-26 Thread Lourisvaldo Figueredo Junior

Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: awst...@packages.debian.org, lourisva...@figueredo.tec.br
Control: affects -1 + src:awstats

[ Reason ]
The package has a policy violation bug, caused by an error in posting file.

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1037213


The bug was introduced in version 7.8-2+deb11u1 (bullseye), and I am fixing it
backwards.


[ Impact ]
If not fixed, the package will not be able to move on to testing and will be
out of trixie.

[ Tests ]
Manual tests only. I have tested following the upgrade from buster to bullseye
and then to bookworm, testing and sid.

[ Risks ]
Trivial

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

[ Changes ]
  * debian/awstats.postinst: part of the code was moved to the awstats.preinst
file, to avoid creating the
/etc/logrotate.d/httpd-prerotate/awstats.dpkg-new file, and thus requiring
user interaction when updating. (Closes: #1037213)
  * debian/awstats.preinst: created.
diffstat for awstats-7.8 awstats-7.8

 awstats.postinst |7 ---
 awstats.preinst  |   28 
 changelog|   11 +++
 3 files changed, 39 insertions(+), 7 deletions(-)

diff -Nru awstats-7.8/debian/awstats.postinst 
awstats-7.8/debian/awstats.postinst
--- awstats-7.8/debian/awstats.postinst 2022-12-07 17:47:25.0 -0300
+++ awstats-7.8/debian/awstats.postinst 2023-08-22 22:57:27.0 -0300
@@ -17,13 +17,6 @@
chown www-data:www-data /var/cache/awstats
chmod 750 /var/cache/awstats
fi
-   # clean-up old script that didn't run
-   if [ -n "$2" ]; then
-   if dpkg --compare-versions "$2" lt '7.8-1~'; then
-   rm -f /etc/logrotate.d/httpd-prerotate/awstats/prerotate.sh
-   rmdir /etc/logrotate.d/httpd-prerotate/awstats/ || true
-   fi
-   fi
 ;;
 
 abort-upgrade|abort-remove|abort-deconfigure)
diff -Nru awstats-7.8/debian/awstats.preinst awstats-7.8/debian/awstats.preinst
--- awstats-7.8/debian/awstats.preinst  1969-12-31 21:00:00.0 -0300
+++ awstats-7.8/debian/awstats.preinst  2023-07-08 15:51:53.0 -0300
@@ -0,0 +1,28 @@
+#! /bin/sh
+
+set -e
+
+case "$1" in
+upgrade)
+   # clean-up old script that didn't run
+   if [ -n "$2" ]; then
+   if dpkg --compare-versions "$2" lt '7.8-1~'; then
+   rm -f /etc/logrotate.d/httpd-prerotate/awstats/prerotate.sh
+   rmdir /etc/logrotate.d/httpd-prerotate/awstats/ || true
+   fi
+   fi
+;;
+
+install|abort-upgrade|abort-remove|abort-deconfigure)
+
+;;
+
+*)
+echo "preinst called with unknown argument \`$1'" >&2
+exit 0
+;;
+esac
+
+#DEBHELPER#
+
+exit 0
diff -Nru awstats-7.8/debian/changelog awstats-7.8/debian/changelog
--- awstats-7.8/debian/changelog2022-12-07 17:47:25.0 -0300
+++ awstats-7.8/debian/changelog2023-08-22 22:57:27.0 -0300
@@ -1,3 +1,14 @@
+awstats (7.8-2+deb11u2) bullseye; urgency=medium
+
+  * QA upload.
+  * debian/awstats.postinst: part of the code was moved to the awstats.preinst
+file, to avoid creating the
+/etc/logrotate.d/httpd-prerotate/awstats.dpkg-new file, and thus requiring
+user interaction when updating. (Closes: #1037213)
+  * debian/awstats.preinst: created.
+
+ -- Lourisvaldo Figueredo Junior   Tue, 22 Aug 
2023 22:57:27 -0300
+
 awstats (7.8-2+deb11u1) bullseye; urgency=medium
 
   * QA upload.

Bug#1050582: kmod update corrupts systemd uefi boot

On Aug 26, antonio  wrote:

> Kernel: Linux 6.4.12-1-liquorix-amd64 (SMP w/24 CPU threads; PREEMPT)
I see that you are using a custom kernel. What is the status of the
CONFIG_MODULE_COMPRESS_* kernel configuration options?

-- 
ciao,
Marco


signature.asc
Description: PGP signature

Bug#1050590: liferea: Having plugin Webkit Setting enabled crashes on startup "libsoup2 and libsoup3 in the same process"

2023-08-26 Thread Martin Bergström

Package: liferea
Version: 1.15.1-2
Severity: important

Also crashes immediatly if the Webkit Setting plugin is enabled in UI after 
startup.

Workaround: Install 1.14.4-3 and disable Webkit Setting plugin then upgrade to 
1.15.1-2

Outputs:

> (liferea:31085): libsoup-ERROR **: 19:00:36.344: libsoup3 symbols detected. 
> Using libsoup2 and libsoup3 in the same process is not supported.

Severity important because inexperinced users would have a difficult time 
discovering
what is wrong, and can not simply turn off the plugin in the UI since the 
application
does not start. Downgrading the package just to do this could be considered 
advanced.


-- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.4.0-3-amd64 (SMP w/32 CPU threads; PREEMPT)
Locale: LANG=sv_SE.UTF-8, LC_CTYPE=sv_SE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages liferea depends on:
ii  dbus-user-session [default-dbus-session-bus]  1.14.8-2
ii  dbus-x11 [dbus-session-bus]   1.14.8-2
ii  gir1.2-freedesktop1.76.1-5
ii  gir1.2-gtk-3.03.24.38-4
ii  gir1.2-peas-1.0   1.36.0-2
ii  libc6 2.37-7
ii  libfribidi0   1.0.13-3
ii  libgdk-pixbuf-2.0-0   2.42.10+dfsg-1+b1
ii  libgirepository-1.0-1 1.76.1-5
ii  libglib2.0-0  2.77.2-1
ii  libgtk-3-03.24.38-4
ii  libjavascriptcoregtk-4.1-02.40.5-1
ii  libjson-glib-1.0-01.6.6-1
ii  libpango-1.0-01.51.0+ds-2
ii  libpeas-1.0-0 1.36.0-2
ii  libsoup-3.0-0 3.4.2-4
ii  libsqlite3-0  3.42.0-1
ii  libwebkit2gtk-4.1-0   2.40.5-1
ii  libxml2   2.9.14+dfsg-1.3
ii  libxslt1.11.1.35-1
ii  liferea-data  1.15.1-2
ii  python3   3.11.4-5+b1
ii  python3-cairo 1.24.0-1.1
ii  python3-gi3.44.1-2
ii  python3-gi-cairo  3.44.1-2
ii  python3-notify2   0.3-5
ii  python3.113.11.4-1

Versions of packages liferea recommends:
ii  gir1.2-gstreamer-1.0  1.22.5-1
ii  gir1.2-notify-0.7 0.8.2-1

Versions of packages liferea suggests:
pn  kget 
ii  network-manager  1.44.0-1

-- no debconf information

Bug#1050586: kmod: Updating to kmod to 30+20230601-1 results in a non booting system modules cannot be decompressed

On Aug 26, Jon Westgate <0...@fsck.tv> wrote:

> Kernel: Linux 6.4.11 (SMP w/12 CPU threads; PREEMPT)
I see that you are using a custom kernel. What is the status of the
CONFIG_MODULE_COMPRESS_* kernel configuration options?

-- 
ciao,
Marco


signature.asc
Description: PGP signature

Bug#1050588: bookworm-pu: package nsis/nsis 3.08-3

2023-08-26 Thread Adam D. Barratt

Control: tags -1 + moreinfo

On Sat, 2023-08-26 at 19:35 +0200, Christian Franke wrote:
> Please update nsis 3.08-3 to 3.09.
> 

You appear to have missed the "attach a diff of the proposed package
that you have prepared and tested on stable and intend to upload" step.
Either that, or fundamentally misunderstood the role of the Release
Team in the process.

Regards,

Adam

Bug#1050589: gcc-13: [x32] -fbuiltin-strchr miscompiles

2023-08-26 Thread Thorsten Glaser

Package: gcc-13
Version: 13.2.0-1
Severity: normal
X-Debbugs-Cc: t...@mirbsd.de

I've got miscompiles of mksh with gcc-13 on x32 with dietlibc.

I could reproduce this in a chroot by doing…

export CC='diet -Os gcc'
export CFLAGS='-g -Wformat -Werror=format-security -Wall -Wextra'
export CPPFLAGS='-Wdate-time -D_FORTIFY_SOURCE=2 -DMKSH_BUILDMEAT'
sh Build.sh -r -j
./mksh -c 'x=q; x=${ echo a; typeset e=2; return 3; echo x$e;}; echo .$x.'

… in an mksh source tree. (Output is “..” but “.a.” was expected.)

Adding -fno-builtin-strchr to CFLAGS makes the problem go away.

This is as far as I could reduce this; more would involve diving
into the gcc internals.


-- System Information:
Debian Release: trixie/sid
  APT prefers unreleased
  APT policy: (500, 'unreleased'), (500, 'unstable')
Architecture: x32 (x86_64)

Kernel: Linux 5.10.0-23-amd64 (SMP w/4 CPU threads)
Kernel taint flags: TAINT_FIRMWARE_WORKAROUND
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) (ignored: LC_ALL set to C), 
LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: unable to detect

Versions of packages gcc-13 depends on:
ii  binutils   2.41-4
ii  cpp-13 13.2.0-1
ii  gcc-13-base13.2.0-1
ii  libc6  2.37-7
ii  libcc1-0   13.2.0-1
ii  libgcc-13-dev  13.2.0-1
ii  libgcc-s1  13.2.0-1
ii  libgmp10   2:6.3.0+dfsg-2
ii  libisl23   0.26-3
ii  libmpc31.3.1-1
ii  libmpfr6   4.2.0-1
ii  libstdc++6 13.2.0-1
ii  libzstd1   1.5.5+dfsg2-1
ii  zlib1g 1:1.2.13.dfsg-3

Versions of packages gcc-13 recommends:
ii  libc6-dev  2.37-7

Versions of packages gcc-13 suggests:
pn  gcc-13-doc   
pn  gcc-13-locales   
pn  gcc-13-multilib  

-- no debconf information

Bug#1050586: kmod: Updating to kmod to 30+20230601-1 results in a non booting system modules cannot be decompressed

On Aug 26, Jon Westgate <0...@fsck.tv> wrote:

> The system partially booted but systemd then prevented boot due to missing
> modules,
> The error message it gave was "decompresson failed with status 6"
Are you using compressed modules?

-- 
ciao,
Marco


signature.asc
Description: PGP signature

Bug#1041374: fwknop-client: Cannot resolve own IP address

2023-08-26 Thread Francois Marier

Sorry for the long delay Patrick.

On 2023-07-18 at 00:26:18, pa...@mailbox.org (pa...@mailbox.org) wrote:
> currently it is not possible to create a SPA packet without configuring a 
> RESOLVE_URL in .fwknoprc file. The error message is:
> 
> [-] Could not resolve IP via: '/usr/bin/wget -U Fwknop/2.6.10 
> --secure-protocol=auto --quiet -O - https://www.cipherdyne.org/cgi-bin/myip'

I also noticed this on one of my machines.

> I expect this to be an upstream problem – but I'm not 100% sure :-)

Yes, I would say so. It would be good if the fallback could cases like
these, though maybe it's not easy to do, I'm not sure.

Would you like to suggest this upstream
(https://github.com/mrash/fwknop/issues), or would you prefer I do it?

The only somewhat related issue I could find is
https://github.com/mrash/fwknop/issues/168 (from 8 years ago).

Francois

-- 
https://fmarier.org/

Bug#1050588: bookworm-pu: package nsis/nsis 3.08-3

2023-08-26 Thread Christian Franke

Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: n...@packages.debian.org, christian.fra...@t-online.de
Control: affects -1 + src:nsis

Please update nsis 3.08-3 to 3.09.

[ Reason ]
Generated installers contain invalid relocation information, see
Bug#1050288.  This is a regression introduced by a changed behavior
of the MinGW-w64 toolchain.
nsis 3.06.1-1 on bullseye is not affected because an older version
of the toolchain is used.
nsis-3.09-1 on trixie is not affected because NSIS upstream
addressed this problem in release 3.09.

This update also fixes security vulnerability CVE-2023-37378,
see Bug#1040880.

[ Impact ]
Large installers may work on Windows, but small installers do not.
Even if an installer works, warning messages from security scanners
may be triggered because the file is considered corrupt.

[ Tests ]
Create a small installer with makensis.
The problem is fixed if 'objdump -p' does no longer complain
"BFD: error: FILE.exe(.reloc) is too large"
and the size of the '.reloc' section is 0.
See Bug#1050288 for details.

[ Risks ]
NSIS 3.09 is the official upstream release proven to work for
some time now.

Bug#1050303: extension no longer works with Gnome 44

2023-08-26 Thread Francois Marier

On 2023-08-22 at 14:31:31, Sébastien Villemot (sebast...@debian.org) wrote:
> Actually I reported this problem in the Debian BTS because I was not
> 100%
> sure that this is an upstream issue (the error message is actually
> compatible
> with a missing file in the .deb).

You're right. It turns out the reason why that 2.0 typelib file was missing
is that it requires that GTK4 support be enabled:

https://github.com/rcaelers/workrave/commit/5fe6e9c0060cae3a4bf1210c92c26b01022ddb1e#diff-67b94d110f4fed7b4a0ea8d4f780209ebbf5b69010701e5e3c646f641c730425

and there was a missing build dependency preventing the GTK4 support from
being built.

Francois

Bug#1050587: linux: cpufreq-dt requires manually loading cpufreq-dt-platdev (6.5 regression)

2023-08-26 Thread Aurelien Jarno

Source: linux
Version: 6.5~rc7-1~exp1
Severity: normal
Tags: upstream

Starting with kernel 6.5, the cpufreq-dt-platdev driver can be built as
module [1]. This is done through the CPUFREQ_DT_PLATDEV config, which is
selected by CPUFREQ_DT. However the cpufreq-dt-platdev is not
autoloaded.

On the configs enabling the CPUFREQ_DT module, that is armel/rpi, armhf
and arm64, this means that CPUFREQ_DT_PLATDEV is changed from built-in
in 6.4 to module in 6.5. In turns this means that cpufreq is not
supported anymore unless the cpufreq-dt-platdev is manually loaded.
Tested on a RK3568 based ODROID-M1 board.

We should probably force CPUFREQ_DT_PLATDEV=y on the configs where
CPUFREQ_DT=m.

[1] 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v6.5-rc7=3b062a086984d35a3c6d3a1c7841d0aa73aa76af

Bug#1050205: wlsunset: Out of date package

2023-08-26 Thread Peymaneh


Hi Mae,


As per suggestion from the debian-mentors channel, I'm filing a bug
report for this package being out of date. I accidentally made my own local 
version of the updated version and it seems there's no complications with the 
new version that I can see. Please excuse me if this is improper procedure 
though.


Thanks for your effort :) Feel free to do an NMU upload.
Otherwise, I can take care of it myself end of next week.

kind regards,
Peymaneh


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1017111: fixed in opencolorio 2.1.2+dfsg1-4.1

2023-08-26 Thread Gianfranco Costamagna


control: reopen -1
control: notfixed -1 2.1.2+dfsg1-4.1
control: tags -1 patch pending


I made a mistake while editing the manpage, confused the 1 for the "first of 
august" instead of manpage number.

Updated diff attached and uploaded.
G.

On Sat, 26 Aug 2023 13:04:06 + Debian FTP Masters 
 wrote:

Source: opencolorio
Source-Version: 2.1.2+dfsg1-4.1
Done: Gianfranco Costamagna 

We believe that the bug you reported is fixed in the latest version of
opencolorio, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1017...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Gianfranco Costamagna  (supplier of updated 
opencolorio package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 26 Aug 2023 13:55:36 +0200
Source: opencolorio
Built-For-Profiles: noudeb
Architecture: source
Version: 2.1.2+dfsg1-4.1
Distribution: unstable
Urgency: medium
Maintainer: Debian PhotoTools Maintainers 

Changed-By: Gianfranco Costamagna 
Closes: 1017111 1050366 1050570
Changes:
 opencolorio (2.1.2+dfsg1-4.1) unstable; urgency=medium
 .
   [ Gianfranco Costamagna ]
   * Non-maintainer upload.
   * Fix FTBFS with newer yaml-cpp (Closes: #1050366)
   * Update manpages (Closes: #1017111)
 .
   [ Olivier Gayot ]
   * Include header file in binary package (change in d/rules and
 d/python3-pyopencolorio.install) (Closes: #1050570)
   * d/patches/0002-fix-documentation-cmake-syntax.patch Fix generation of
 documentation.
Checksums-Sha1:
 3b533409186279d63cac908408869f7c2f4eaa54 2764 opencolorio_2.1.2+dfsg1-4.1.dsc
 99cd32299e4cd3ed9d77c45fc8d9f36d205f08d1 11316 
opencolorio_2.1.2+dfsg1-4.1.debian.tar.xz
 bcd2e4cb95ae70b975b0bbc7ddf7c9754d0e59f7 13430 
opencolorio_2.1.2+dfsg1-4.1_source.buildinfo
Checksums-Sha256:
 5ebffe0ed99110af74c50b925ca16c490758e5859685da779987fbc41f363114 2764 
opencolorio_2.1.2+dfsg1-4.1.dsc
 d3fadb092bd7b000ae36d484fbbe8d8813ccfee640e4a3061b0050e5c262bb15 11316 
opencolorio_2.1.2+dfsg1-4.1.debian.tar.xz
 5eb938268a74a3757a4d5563269455ae665122426a2e74fd21e32311286d6aa4 13430 
opencolorio_2.1.2+dfsg1-4.1_source.buildinfo
Files:
 a7ece94aa72d1823ded865b4c71e5a33 2764 libs optional 
opencolorio_2.1.2+dfsg1-4.1.dsc
diff -Nru opencolorio-2.1.2+dfsg1/debian/changelog 
opencolorio-2.1.2+dfsg1/debian/changelog
--- opencolorio-2.1.2+dfsg1/debian/changelog2023-08-26 13:55:36.0 
+0200
+++ opencolorio-2.1.2+dfsg1/debian/changelog2023-08-26 16:47:44.0 
+0200
@@ -1,3 +1,10 @@
+opencolorio (2.1.2+dfsg1-4.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Fixup manpage failure (Closes: #1017111)
+
+ -- Gianfranco Costamagna   Sat, 26 Aug 2023 
16:47:44 +0200
+
 opencolorio (2.1.2+dfsg1-4.1) unstable; urgency=medium
 
   [ Gianfranco Costamagna ]
diff -Nru opencolorio-2.1.2+dfsg1/debian/manpages/ociobakelut.1 
opencolorio-2.1.2+dfsg1/debian/manpages/ociobakelut.1
--- opencolorio-2.1.2+dfsg1/debian/manpages/ociobakelut.1   2023-08-26 
13:55:36.0 +0200
+++ opencolorio-2.1.2+dfsg1/debian/manpages/ociobakelut.1   2023-08-26 
16:47:44.0 +0200
@@ -1,4 +1,4 @@
-.TH OCIOBAKELUT "26" "August 2023" "create a new LUT or ICC profile from an 
OCIO config or LUT file(s)" "User Commands"
+.TH OCIOBAKELUT "1" "August 2023" "create a new LUT or ICC profile from an 
OCIO config or LUT file(s)" "User Commands"
 .SH NAME
 ociobakelut \- create a new LUT or ICC profile from an OCIO config or LUT 
file(s)
 .PP
diff -Nru opencolorio-2.1.2+dfsg1/debian/manpages/ociocheck.1 
opencolorio-2.1.2+dfsg1/debian/manpages/ociocheck.1
--- opencolorio-2.1.2+dfsg1/debian/manpages/ociocheck.1 2023-08-26 
13:55:36.0 +0200
+++ opencolorio-2.1.2+dfsg1/debian/manpages/ociocheck.1 2023-08-26 
16:47:44.0 +0200
@@ -1,4 +1,4 @@
-.TH OCIOCHECK "26" "August 2023" "ociocheck -- validate an OpenColorIO 
configuration" "User Commands"
+.TH OCIOCHECK "1" "August 2023" "ociocheck -- validate an OpenColorIO 
configuration" "User Commands"
 .SH NAME
 ociocheck \- validate an OpenColorIO configuration
 .PP
diff -Nru opencolorio-2.1.2+dfsg1/debian/manpages/ociochecklut.1 
opencolorio-2.1.2+dfsg1/debian/manpages/ociochecklut.1
--- opencolorio-2.1.2+dfsg1/debian/manpages/ociochecklut.1  2023-08-26 
13:55:36.0 +0200
+++ opencolorio-2.1.2+dfsg1/debian/manpages/ociochecklut.1  2023-08-26 
16:47:44.0 +0200
@@ -1,4 +1,4 @@
-.TH OCIOCHECKLUT "26" "August 2023" "ociochecklut -- check any LUT file and 
optionally convert a pixel" "User Commands"
+.TH OCIOCHECKLUT "1" "August 2023" "ociochecklut --

Bug#1041982: transition: symfony 6

2023-08-26 Thread Graham Inggs

Hi David

On Tue, 25 Jul 2023 at 11:57, David Prévot  wrote:
> Do you have a way to spot packages in Sid currently depending on
> symfony (<< 6~) in order to file bugs and eventually provide patches?

You could use a ben tracker for this.
I've set up something basic [1].
Feel free to submit MRs in Salsa [2] with improvements.

Regards
Graham


[1] https://release.debian.org/transitions/html/symfony6.html
[2] https://salsa.debian.org/release-team/transition-data

Bug#1040782: bug not present in 2.99.16

2023-08-26 Thread graeme vetterlein

To help in narrowing this down, I installed the version from  the 
experimental repo.



I got 2.99.16. This does not appear to show the bug, so I guess it's a 
Debian packaging issue.


    "This is an unstable development release commit d3c5536"

graeme@real:~/Documents/Remote/Bugs/Gimp/1040782$ apt-cache policy gimp
gimp:
  Installed: 2.99.16-2
  Candidate: 2.99.16-2
  Version table:
 *** 2.99.16-2 100
  1 https://deb.debian.org/debian experimental/main amd64 Packages
    100 /var/lib/dpkg/status
 2.10.34-1 500
    500 http://ftp.uk.debian.org/debian unstable/main amd64 Packages

Bug#1050432: rpy2: FTBFS on mips64el

2023-08-26 Thread Dirk Eddelbuettel



Hi all,

As the test failures for complex valued variables appeared to be systemic on
the 'mips64el' platform, I buckled down, taught myself some Python ==:-) and
conditioned the number of failing tests away via

  @pytest.mark.skipif(platform.machine() == 'mips64' and sys.byteorder == 
'little',
  reason="Complex tests fails for 'mips64el'.")

Maybe the porters team can shed some light on why we needed it, and if this
worked (the autobuilders will tell us soon enough) I can pass the patch on to
Laurent for a possible inclusion upstream.

Cheers,  Dirk

-- 
dirk.eddelbuettel.com | @eddelbuettel | e...@debian.org

Bug#1050586: kmod: Updating to kmod to 30+20230601-1 results in a non booting system modules cannot be decompressed

2023-08-26 Thread Jon Westgate

Package: kmod
Version: 30+20230601-1
Severity: grave
Justification: renders system unusable

Dear Maintainer,

I just did a normal apt upgrade and the following packages were upgraded:
kmod 30+20230519-1 to 30-2.230601-1
libkmod2 30+20230519-1 to 30-2.230601-1

The system partially booted but systemd then prevented boot due to missing
modules,
The error message it gave was "decompresson failed with status 6"

I had to boot from a rescue usb stick, set a root password, then I was able to
interact with systemd's idea of a diagnotic console - I'm not systemd's biggest
fan
I used another system to download the older versions of kmod and libkmod2 and
as able to use dpkg to downgrade them.

I installed both on another system and it does the same.
I'm not sure if this effects other system's with sysvinit or non efi.

Regards
Jon Westgate


-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.4.11 (SMP w/12 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_FIRMWARE_WORKAROUND, 
TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages kmod depends on:
ii  libc6 2.37-7
ii  libkmod2  30+20230601-1
ii  liblzma5  5.4.1-0.2
ii  libssl3   3.0.10-1
ii  libzstd1  1.5.5+dfsg2-1

kmod recommends no packages.

kmod suggests no packages.

-- no debconf information

Bug#1050585: repetier-host: unsatisfiable dependency


Package: repetier-host
Severity: important
Version: 0.85+dfsg-3

The package depends on libmono-addins-gui0.2-cil which is not available anymore.
I can run it without having that package installed (after dropping the 
dependency),
so the Depends should just be dropped.

Bug#1050558: prometheus-alertmanager: CVE-2023-40577

2023-08-26 Thread Daniel Swarbrick


Disregard my previous comment - I was mistaken.

prometheus-alertmanager ships with a generate-ui.sh script which in the 
past fetched the Elm compiler from upstream (since it was not available 
in Debian), but the script has always used the Alertmanager web UI 
sources as shipped in the package.


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1050397: 1: yosys-src is huge

2023-08-26 Thread Daniel Gröber

Hi,

On Thu, Aug 24, 2023 at 03:00:36AM +0200, Daniel Gröber wrote:
> As long as nobody installs this package at least it won't waste space in
> the archive as the deb is compressed anyway. Post mortem wise, I'm not sure
> what's going on here. When I unpack the tarball the directory only ends up
> being around 50M (as it should be).

Ok so the deb(s) are actually still around 350-400M depending depending on
the architecture, because I also forgot to set Arch:all (ouch) and the
buildd built amd64 deb is actually 2.2G when unpacked.

The yosys-src I had build locally didn't end up that large tho.

I'm not entirely sure why the tarball got so big. Due to a misplaced
dependency the tarball was packed after dh_auto_build/_test, but I used
--files-from to prevent including any build artifacts.

This is the d/rule that builds yosys.tar:

ORIG_TARBALL := ../$(DEB_SOURCE)_$(DEB_VERSION_UPSTREAM).orig.tar.gz
debian/yosys-src/usr/src/yosys/yosys.tar: SHELL := /bin/bash
debian/yosys-src/usr/src/yosys/yosys.tar: FORCE
mkdir -p debian/yosys-src/usr/src/yosys
tar --files-from <(tar -taf $(ORIG_TARBALL) | sed -r -e 
's,[^/]+/,,') \
--ignore-failed-read --transform 's,^,yosys/,' \
--sort=name --mtime=@"$$SOURCE_DATE_EPOCH" \
--owner=0 --group=0 --numeric-owner --format=gnu \
-cf $@ \
debian/{control,changelog,source,patches,rules}

Testing this again now on a dirty build tree that's 2.6G in size I get a
yosys.tar that's 70k. What the hell went wrong on the buildds?

Looking at the amd64 log I see no (relevant) errors and the expanded tar
command looks right:

make[1]: Entering directory '/<>'
mkdir -p debian/yosys-src/usr/src/yosys
tar --files-from <(tar -taf ../yosys_0.30.orig.tar.gz | sed -r -e 
's,[^/]+/,,') \
--ignore-failed-read --transform 's,^,yosys/,' \
--sort=name --mtime=@"$SOURCE_DATE_EPOCH" \
--owner=0 --group=0 --numeric-owner --format=gnu \
-cf debian/yosys-src/usr/src/yosys/yosys.tar \
debian/{control,changelog,source,patches,rules}
tar: tests/simple_abc9/abc9.v: Warning: Cannot stat: No such file or 
directory

The abc9.v thing is expected, hence --ignore-failed-read. Yet yosys.tar
ends up huge.

-rw-r--r-- root/root 2289633280 2023-08-23 14:40 ./usr/src/yosys/yosys.tar

Looking at the file sizes of top offenders inside the buildd built amd64
yosys-src:

$ tar -tvf ./usr/src/yosys/yosys.tar | sort -n -k3 -r | head -n20

-rwxr-xr-x 0/022706286 2023-08-23 16:40 
yosys/tests/bram/temp/tb_00_03.tb
-rw-r--r-- 0/019693600 2023-08-23 16:40 yosys/passes/sat/sim.o
-rw-r--r-- 0/018143464 2023-08-23 16:40 yosys/kernel/rtlil.o
-rw-r--r-- 0/016335168 2023-08-23 16:40 yosys/passes/sat/qbfsat.o
-rw-r--r-- 0/015009576 2023-08-23 16:40 yosys/passes/opt/share.o
-rw-r--r-- 0/014109856 2023-08-23 16:40 
yosys/backends/cxxrtl/cxxrtl_backend.o
-rw-r--r-- 0/014010040 2023-08-23 16:40 
yosys/passes/sat/recover_names.o
-rw-r--r-- 0/013766864 2023-08-23 16:40 yosys/passes/opt/opt_expr.o
-rw-r--r-- 0/013337960 2023-08-23 16:40 yosys/passes/techmap/abc.o
-rw-r--r-- 0/013268272 2023-08-23 16:40 
yosys/passes/techmap/abc9_ops.o
-rw-r--r-- 0/013182088 2023-08-23 16:40 yosys/backends/smt2/smt2.o
-rw-r--r-- 0/012897840 2023-08-23 16:40 
yosys/passes/memory/memory_libmap.o
-rw-r--r-- 0/012610552 2023-08-23 16:40 
yosys/passes/pmgen/xilinx_dsp.o
-rw-r--r-- 0/012223360 2023-08-23 16:40 
yosys/passes/pmgen/test_pmgen.o
-rw-r--r-- 0/012123208 2023-08-23 16:40 
yosys/passes/techmap/flowmap.o
-rw-r--r-- 0/012104440 2023-08-23 16:40 
yosys/passes/techmap/techmap.o
-rw-r--r-- 0/012051072 2023-08-23 16:40 
yosys/libs/subcircuit/subcircuit.o
-rw-r--r-- 0/011872992 2023-08-23 16:40 yosys/passes/sat/sat.o
-rwxr-xr-x 0/011443185 2023-08-23 16:40 
yosys/tests/bram/temp/tb_01_03.tb
-rwxr-xr-x 0/011413171 2023-08-23 16:40 
yosys/tests/memlib/t_async_big_block.out/t_async_big_block_tb_syn0

That's all build output that shouldn't have been included because of the
explicit --files-files.

I'm mystified.

--Daniel

Bug#1050462: gtg: crashes on startup often

2023-08-26 Thread Antonio Terceiro

On Fri, Aug 25, 2023 at 08:52:49PM +0200, François Mazen wrote:
> Dear Antonio,
> 
> thanks for the crash report! I can reproduce it easily with unstable
> distribution and the call stack points to pango_font_description_to_string
> method.
> 
> The issues seems to have been already reported upstream [1] and the suggested
> worj around is to add "font_name = Sans 11" in the [browser] section of the
> ~/.config/gtg/gtg.conf config file.

Thanks, this indeed seem to work around the issue.

> I've checked the fix and no more crash occurs, so it could be integrated as a
> quilt patch for the Debian package.

We probably want to fix the code to *not* segfault when the workaround
is not in place. I'm not sure whether this is a bug in gtg itself, or
in pango.


signature.asc
Description: PGP signature

Bug#1048718: tar: Fails to build source after successful build

2023-08-26 Thread Gioele Barabucci


Control: tags -1 patch

On Sun, 13 Aug 2023 21:21:29 +0200 Lucas Nussbaum  wrote:

This package fails to build a source package after a successful build
(dpkg-buildpackage ; dpkg-buildpackage -S).


A fix for this issue is included in 
.


Tested via the `test-build-twice` test on salsa-ci.

Regards,

--
Gioele Barabucci

Bug#1050584: trocla: broken by ruby-highline 2.1.0-1

Source: trocla
Version: 0.5.1-1
Severity: serious

Hi,

I just uploaded ruby-highline 2.1.0-1. While testing reverse
dependencies, I noticed that it breaks this package.

Lucas

Bug#1050583: ruby-commander: broken by ruby-highline 2.1.0-1

Source: ruby-commander
Version: 4.6.0-1
Severity: serious

Hi,

I just uploaded ruby-highline 2.1.0-1. While testing reverse
dependencies, I noticed that it breaks this package.

Lucas

Bug#1049886: btllib: FTBFS on armhf due to tests timing out

2023-08-26 Thread Andreas Tille

Hi Emanuele,

Am Fri, Aug 25, 2023 at 02:33:28PM +0200 schrieb Emanuele Rocca:
> > btllib (1.4.10+dfsg-1) unstable; urgency=medium
> 
> [...] 
>  
> > So I'm wondering why this bug came up at all and closing it hereby.
> 
> Ah yes, the reason why it came up is that btllib-tools is still Architecture:
> any. The buildds are attempting to build the package, and it fails. See for
> example 1.4.10+dfsg-1 on i386:
> https://buildd.debian.org/status/fetch.php?pkg=btllib=i386=1.4.10%2Bdfsg-1=1685883214=0

This is perfectly sensible if the package does not build on some
architecture if a precondition does not exist on that architecture.

IMHO this bug should be closed.

Kind regards
Andreas. 

-- 
http://fam-tille.de

Bug#1050581: ruby-html-proofer: broken by ruby-nokogiri 1.15.4

Source: ruby-html-proofer
Version: 3.19.2-7
Severity: serious

Hi,

I just uploaded ruby-nokogiri 1.15.4, and while testing reverse
dependencies, noticed that it breaks this package.

Lucas

Bug#1050580: ruby-roxml: broken by ruby-nokogiri 1.15.4

Source: ruby-roxml
Version: 4.2.0-1
Severity: serious

Hi,

I just uploaded ruby-nokogiri 1.15.4, and while testing reverse
dependencies, noticed that it breaks this package.

Lucas

Bug#1050578: linux-image-6.1.0-11-amd64: kernel disk device cache coherency issue: stale reads on /dev/sda1

2023-08-26 Thread Joshua

Package: src:linux
Version: 6.1.38-4
Severity: important

Dear Maintainer,

   * What led up to the situation?

Upgrade to bookworm fragmented the EFI paritition (due to changing boot logo) 
and defrag was in order. As this BIOS
currently has broken legacy boot, I used dosbox-x to defrag the EFI partition 
rather than boot the FreeDOS CD-ROM.
Thus this uncovered the bug. On minimizing the bug, it got very simple. I can 
reliably reproduce as follows:

# hexedit /dev/sda
G 10  (your value may vary)
PgDn
PgDn
^C
# hexedit /dev/sda1
PgDn
write a marker to the padding between the BPB and the first FAT sector.
(If your system doesn't have one, edit an error message in the boot sector)
# hexedit /dev/sda1
G 10
PgDn
PgDn
Look for marker written above, find it's not there !!!
^C

For demonstration of the fact the cache is wrong but the data is sved, you can 
do the following:

# reboot
# hexedit /dev/sda
G 1
PgDn
PgDn
Look for marker written above, find it's there !!!

   * What exactly did you do (or not do) that was effective (or
 ineffective)?

Only effective workaround I could find was reboot at certain locations.

   * What outcome did you expect instead?

I seriously expect no possability of block level cache incoherency between
different partition devices on the same block device.
Quite frankly, I am amazed this doesn't cause tons and tons of issues.

-- Package-specific info:
** Version:
Linux version 6.1.0-11-amd64 (debian-ker...@lists.debian.org) (gcc-12 (Debian 
12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40) #1 SMP 
PREEMPT_DYNAMIC Debian 6.1.38-4 (2023-08-08)

** Command line:
BOOT_IMAGE=/vmlinuz-6.1.0-11-amd64 root=/dev/mapper/NOVA-lvol2 ro video=960x540 
net.ifnames=0 biosdevname=0 quiet

(Note that I'm working on the EFI parititon, which is not inside LVM due to 
incompatibilities.)

** Not tainted

** Kernel log:

There is nothing useful in the log. The last log entry is before reproducing 
the issue.

** Model information
sys_vendor: Micro-Star International Co., Ltd.
product_name: MS-7C56
product_version: 2.0
chassis_vendor: Micro-Star International Co., Ltd.
chassis_version: 2.0
bios_vendor: American Megatrends International, LLC.
bios_version: A.C0
board_vendor: Micro-Star International Co., Ltd.
board_name: B550-A PRO (MS-7C56)
board_version: 2.0

** Loaded modules:
8021q
garp
stp
mrp
llc
bnep
bluetooth
jitterentropy_rng
drbg
ansi_cprng
ecdh_generic
rfkill
ecc
binfmt_misc
uinput
fuse
nft_chain_nat
xt_MASQUERADE
nf_nat
nf_conntrack
nf_defrag_ipv6
nf_defrag_ipv4
nft_compat
x_tables
nf_tables
nfnetlink
nls_ascii
nls_cp437
vfat
fat
dm_crypt
amdgpu
snd_hda_codec_realtek
snd_hda_codec_generic
ledtrig_audio
intel_rapl_msr
intel_rapl_common
snd_hda_codec_hdmi
edac_mce_amd
gpu_sched
snd_hda_intel
drm_buddy
snd_intel_dspcfg
snd_intel_sdw_acpi
drm_display_helper
kvm_amd
snd_hda_codec
cec
snd_hda_core
joydev
rc_core
snd_hwdep
drm_ttm_helper
kvm
ttm
snd_pcm_oss
irqbypass
drm_kms_helper
snd_mixer_oss
rapl
snd_pcm
drm
snd_timer
k10temp
evdev
wmi_bmof
sp5100_tco
efi_pstore
snd
ccp
sg
i2c_algo_bit
soundcore
watchdog
rng_core
acpi_cpufreq
button
efivarfs
ext4
crc16
mbcache
jbd2
dm_mirror
dm_region_hash
dm_log
raid1
dm_raid
raid456
async_raid6_recov
async_memcpy
async_pq
async_xor
async_tx
md_mod
xor
raid6_pq
libcrc32c
crc32c_generic
dm_mod
hid_generic
crc32_pclmul
crc32c_intel
sd_mod
t10_pi
usbhid
crc64_rocksoft_generic
hid
crc64_rocksoft
crc_t10dif
ghash_clmulni_intel
crct10dif_generic
sr_mod
crct10dif_pclmul
crc64
cdrom
sha512_ssse3
crct10dif_common
sha512_generic
ahci
xhci_pci
libahci
xhci_hcd
libata
r8169
aesni_intel
realtek
usbcore
mdio_devres
scsi_mod
crypto_simd
libphy
cryptd
i2c_piix4
video
usb_common
scsi_common
wmi
gpio_amdpt
gpio_generic

** PCI devices:
00:00.0 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] Renoir/Cezanne 
Root Complex [1022:1630]
Subsystem: Micro-Star International Co., Ltd. [MSI] Renoir/Cezanne Root 
Complex [1462:7c56]
Control: I/O- Mem- BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap- 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- SERR- 

00:01.0 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] Renoir PCIe 
Dummy Host Bridge [1022:1632]
Control: I/O- Mem- BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap- 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: 
Kernel driver in use: pcieport

00:08.0 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] Renoir PCIe 
Dummy Host Bridge [1022:1632]
Control: I/O- Mem- BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap- 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- SERR- TAbort- Reset- FastB2B-

Bug#1050515: gtk-sharp3: Move to GLibSharp/GtkSharp upstream

Ignore my previous comment. That second fork targets the dotnet system 
and not mono. It even uses a "cake" build system. What the heck!

Bug#1050577: emacs: please limit number of native-compilation workers

2023-08-26 Thread David Bremner

Package: emacs
Version: 1:29.1+1-2
Severity: wishlist

native-comp-async-jobs-number is a variable defined in ‘comp.el’.

Its value is 0

Default number of subprocesses used for async native compilation.
Value of zero means to use half the number of the CPU’s execution units,
or one if there’s just one execution unit.

I think the upstream default is too aggressive, and we should set it
to a smaller number to reduce the "fork bomb" like behaviour of
spawning NUM_PHYSICAL_CORES worker processes for each user created
emacs process. This particularly manifests itself if the user is
running more than one emacs process. As an example, prior to patching
the notmuch test suite, I got 200 native compilation processes on my
desktop.

Upstream may be correct that "one emacs process per machine" is the
most common scenario, but the bad outcome of having the limit too
small seems better than the bad outcome of having it too high.  People
do use emacs in lots of other scenarios (e.g. servers and automated
processes), and expecting them all to customize their emacs to avoid a
performance / UX regression seems unkind.  AFAICT since the native
compilation is asynchronous, there is no obvious pause by queuing the
compilation jobs.


-- System Information: Debian Release: trixie/sid APT prefers testing
APT policy: (500, 'testing') Architecture: amd64 (x86_64)

Kernel: Linux 6.4.0-2-amd64 (SMP w/12 CPU threads; PREEMPT)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_CA:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages emacs depends on:
ii  emacs-gtk  1:29.1+1-2

emacs recommends no packages.

emacs suggests no packages.

-- no debconf information

Bug#1050576: RFP: bindinator -- generates C# binding projects from gir files


Package: wnpp
Severity: wishlist
Control: affects -1 gnome-subtitles
Control: block -1 by 1050515
Control: block 742729 by -1

* Package name: bindinator
* URL : https://github.com/GLibSharp/bindinator
* License : Expat

Please package the bindinator project that is already contained in 
gnome-subtitles. It is a prerequisite for gstreamer-sharp. Please mind 
the URL, which is a fork from the originial project with the build 
system ported to meson.

Bug#1050515: gtk-sharp3: Move to GLibSharp/GtkSharp upstream


Control: retitle -1 gtk-sharp3: Move to GtkSharp upstream

On Fri, 25 Aug 2023 17:16:32 +0200 Bastian Germann  wrote:
gnome-subtitles has vendored the https://github.com/GLibSharp/GtkSharp 
fork.
It seems like the fork at https://github.com/GtkSharp/GtkSharp is more 
up to date.

Bug#1027976: ITP: libcpucycles -- Microlibrary for counting CPU cycles

2023-08-26 Thread Miguel Landaeta

https://ftp-master.debian.org/new/libcpucycles_0~20230115-1.html

Bug#1050575: gnome randomly ignoring my keybinding settings

2023-08-26 Thread Michael P. Soulier

Package: gnome
Version: 1:43+1
Severity: important
X-Debbugs-Cc: msoul...@digitaltorque.ca

Dear Maintainer,

I set my keybindings to change workspaces on Super+1 to 4, for each of the 4
workspaces. Suddenly when I login, Super+3 opens the damned calendar instead.
But that's on a default X session. If I login with Wayland, suddenly 1-3 work
but Super+4 opens my browser.

None of this shows up in the settings. 

The quality of Gnome, which was already buggy, seems much lower in Debian 12.

-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-11-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_CA:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gnome depends on:
ii  avahi-daemon 0.8-10
ii  cheese   43.0-1
ii  cups-pk-helper   0.2.6-1+b1
ii  desktop-base 12.0.6+nmu1~deb12u1
ii  evolution3.46.4-2
ii  evolution-plugins3.46.4-2
ii  file-roller  43.0-1
ii  gnome-calendar   43.1-2
ii  gnome-clocks 43.0-1
ii  gnome-color-manager  3.36.0-1+b1
ii  gnome-core   1:43+1
ii  gnome-maps   43.5-2~deb12u1
ii  gnome-music  42.1-1
ii  gnome-sound-recorder 43~beta-1
ii  gnome-tweaks 42~beta-4
ii  gnome-weather43.0-1
ii  gstreamer1.0-libav   1:1.22.3-dmo1
ii  gstreamer1.0-plugins-ugly1:1.22.3-dmo1+deb12u1
ii  libgsf-bin   1.14.50-1
ii  libproxy1-plugin-networkmanager  0.4.18-1.2
ii  libreoffice-calc 4:7.4.7-1
ii  libreoffice-gnome4:7.4.7-1
ii  libreoffice-impress  4:7.4.7-1
ii  libreoffice-writer   4:7.4.7-1
ii  network-manager-gnome1.30.0-2
ii  orca 43.1-1
ii  rhythmbox3.4.6-2+b1
ii  rhythmbox-plugin-cdrecorder  3.4.6-2+b1
ii  rhythmbox-plugins3.4.6-2+b1
ii  rygel-playbin0.42.1-1
ii  rygel-tracker0.42.1-1
ii  seahorse 43.0-1
ii  shotwell 0.30.17-1+b1
ii  simple-scan  42.5-2
ii  totem-plugins43.0-2
ii  xdg-user-dirs-gtk0.11-1

Versions of packages gnome recommends:
ii  gnome-games   1:43+1
ii  gnome-initial-setup   43.2-6
ii  gnome-remote-desktop  43.3-1
ii  transmission-gtk  3.00-2.1+b1

Versions of packages gnome suggests:
pn  alacarte  
pn  empathy   
pn  firefox-esr-l10n-all | firefox-l10n-all   
pn  goobox | sound-juicer 
pn  polari
pn  vinagre   
pn  webext-ublock-origin-firefox | webext-ublock-origin-chromium  

Versions of packages gnome-core depends on:
ii  adwaita-icon-theme43-1
ii  at-spi2-core  2.46.0-5
ii  baobab43.0-1
ii  dconf-cli 0.40.0-4
ii  dconf-gsettings-backend   0.40.0-4
ii  eog   43.2-1
ii  evince43.1-2+b1
ii  evolution-data-server 3.46.4-2
ii  fonts-cantarell   0.303.1-1
ii  gdm3  43.0-3
ii  gkbd-capplet  3.28.1-1
ii  glib-networking   2.74.0-4
ii  gnome-backgrounds 43.1-1
ii  gnome-bluetooth-sendto42.5-3
ii  gnome-calculator  1:43.0.1-2
ii  gnome-characters  43.1-1
ii  gnome-contacts43.1-1
ii  gnome-control-center  1:43.6-2~deb12u1
ii  gnome-disk-utility43.0-1
ii  gnome-font-viewer 43.0-1
ii  gnome-keyring 42.1-1+b2
ii  gnome-logs43.0-1
ii  gnome-menus   3.36.0-1.1
ii  gnome-online-accounts 3.46.0-1
ii  gnome-session 43.0-1
ii  gnome-settings-daemon 43.0-4
ii  gnome-shell   43.6-1~deb12u1
ii  gnome-shell-extensions43.1-1
ii  gnome-software43.5-1~deb12u1
ii  gnome-sushi   43.0-2
ii  gnome-system-monitor  42.0-2
ii  gnome-terminal3.46.8-1
ii  gnome-text-editor 43.2-1
ii  gnome-themes-extra3.28-2
ii  gnome-user-docs   43.0-2
ii  gnome-user-share

Bug#1050571: [Pkg-nginx-maintainers] Bug#1050571: reportbug: nginx normalises "Status: 123 " and "Status: 123" to invalid "HTTP/1.1 123" (must be "HTTP/1.1 123 ")

2023-08-26 Thread Jérémy Lal

Le sam. 26 août 2023 à 14:21, наб  a
écrit :

> Package: nginx
> Version: 1.24.0-1
> Severity: normal
>
> Dear Maintainer,
>
> Test setup:
> -- >8 --
> #!/bin/sh
> printf '%s\n' "Status: ${DOCUMENT_URI##*/}" 'Content-Type: text/plain' ''
> "${DOCUMENT_URI##*/}"
> -- >8 --
> in /tmp/cgi and
> -- >8 --
> server {
> listen 127.1.2.3:80;
> location / {
> fastcgi_pass unix:/run/fcgiwrap.socket;
> include /etc/nginx/fastcgi_params;
> fastcgi_param SCRIPT_FILENAME /tmp/cgi;
> }
> }
> -- >8 --
> in /etc/nginx/sites-enabled/demo.
>
> Naturally, this program returns "Status: {request path without /}",
> with body "{request path without /}" and whatever padding to make
> it palatable to nginx.
>
> Now, the abridged bug (full log attached, but it's not exciting):
> -- >8 --
> $ curl -s -vvv http://127.1.2.3/'404%20Zupa' 2>&1 | cat -A
> > GET /404%20Zupa HTTP/1.1^M$
> < HTTP/1.1 404 Zupa^M$
> < Server: nginx/1.24.0^M$
> 404 Zupa$
>
> $ curl -s -vvv http://127.1.2.3/'404%20' 2>&1 | cat -A
> > GET /404%20 HTTP/1.1^M$
> < HTTP/1.1 404^M$
> < Server: nginx/1.24.0^M$
> 404 $
>
> $ curl -s -vvv http://127.1.2.3/'404' 2>&1 | cat -A
> > GET /404 HTTP/1.1^M$
> < HTTP/1.1 404^M$
> < Server: nginx/1.24.0^M$
> 404$
>
> $ curl -s -vvv http://127.1.2.3/'40' 2>&1 | cat -A
> > GET /40 HTTP/1.1^M$
> < HTTP/1.1 502 Bad Gateway^M$
> < Server: nginx/1.24.0^M$
> ^M$
> 502 Bad Gateway^M$
> ^M$
> 502 Bad Gateway^M$
> nginx/1.24.0^M$
> ^M$
> ^M$
> -- >8 --
> (yes, I straced fcgiwrap, it doesn't mangle the Status lines).
>
> Case-wise:
>   "404 Zupa" correct! it's a valid 404
>   "40"   correct! it's invalid, 502ing is sensible
> but
>   "404 " wrong!
>   "404"  wrong!
>
> Both are normalised by nginx to "HTTP/1.1 404",
> which is invalid accd'g to RFC9112 (I think that's the current standard?):
>   https://www.rfc-editor.org/rfc/rfc9112.html#name-collected-abnf
> which says
>   start-line = request-line / status-line
>   status-code = 3DIGIT
>   status-line = HTTP-version SP status-code SP [ reason-phrase ]
>
> Naturally, nginx is producing a status-line without the second SP,
> which is wrong!
>
> Repros on sid and bookworm.
>

Forwarded to nginx mailing list, should appear here:
https://mailman.nginx.org/pipermail/nginx/2023-August/thread.html

Jérémy

Bug#1047290: statsprocessor: Fails to build source after successful build

2023-08-26 Thread Peter Wienemann


Control: tags -1 + patch

See 
https://salsa.debian.org/pkg-security-team/statsprocessor/-/merge_requests/1

Bug#1029202: snippy: Error when using snpeff 5.1

2023-08-26 Thread Andreas Tille

Hi Pierre,

writing from some weak connection while traveling.

Am Fri, Aug 25, 2023 at 02:30:45PM +0200 schrieb Pierre Gruet:

> I found some time :-D
> Upstream changed the location of the build-time tests, putting them in a
> more canonical place. I updated the patches and d/rules accordingly. This is
> all pushed to the Salsa repo.

Thanks a lot.
 
> However, the script you provided in the bug report [0] is still not working
> with this newly packaged version 5.1+f+dfsg (tested locally), so probably we
> should do as you suggested there [1] and provide 5.1+d+dfsg-really5.0+f in
> unstable, as the script is working with version 5.0+f.
> 
> Admittedly this is a step back for the library, but as least one would have
> the use case of your colleagues working. If you still think this is a good
> idea, I offer to finalize this step back.

Network here is to weak to check for upstream tracker.  I would add the
action we take to the tracker and if we do not get any response we do so
and roll back to 5.0+f.


Thanks a lot for caring
  Andreas.

PS: You probably will keep the current version in some branch on Salsa ...

> [0] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029202#5
> [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029202#37




-- 
http://fam-tille.de

Bug#1050545: reportbug: plymouth uses cp -a to create initramfs but cp -r works better for SE Linux and in gneral

2023-08-26 Thread Russell Coker

On Saturday, 26 August 2023 22:29:56 AEST Holger Levsen wrote:
> I'm wondering whether "cp -rpd" wouldn't be better still as the resulting
> initramfs would be more reproducible, due to not variying timestamps...

That seems OK to me.  A quick test shows that it will work.

-- 
My Main Blog http://etbe.coker.com.au/
My Documents Bloghttp://doc.coker.com.au/

Bug#1031721: udev fails to autoload kernel modules (wifi, sound, video, bluetooth, thermals)


Am 07.05.23 um 02:53 schrieb Sohum Banerjea:
Yes, the problem reproduces on my system on udev 253-1. The debug log 
you requested is attached, I believe.


It seems the main takeaway from it is that my hwdb is missing? But I do 
have a `/usr/lib/udev/hwdb.bin` and a `/usr/lib/udev/hwdb.d`, and udev 
250 picks up that hwdb just fine.




How do you conclude that there is problem your your hwdb?
If you refer to

May 07 10:42:44 dynast systemd-udevd[1656]: Trying to open 
"/etc/systemd/hwdb/hwdb.bin"...
May 07 10:42:44 dynast systemd-udevd[1656]: Trying to open 
"/etc/udev/hwdb.bin"...



This just means, it tries those locations (which apparently don't 
exist), before it tries /usr/lib/udev/hwdb.bin


The log doesn't reveal anything unusual afaics.


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1050519: lxc: Drop lua Build-Depends

2023-08-26 Thread Mathias Gibbens

Control: tags -1 + pending

  Thanks for catching that. I've pushed the change up to salsa, and it
will be included in the next upload of lxc.

Mathias


signature.asc
Description: This is a digitally signed message part

Bug#1039913: Please add hook for self-signing systemd-boot after upgrade

tags 1039913 + wontfix
thanks

On Thu, 29 Jun 2023 15:56:31 +0200 Marco d'Itri wrote:

On Jun 29, Jan Naumann wrote:

> Could you please add a hook to the postinst that either a local script can be
> called on installation time which takes care of signing the image (similar to
> the `/etc/kernel/postinst.d/ mechamism) or add some call to `sbsign` yourself
if
> e.g. the signing key is available at a specific path.
I am working on packaging sbctl (which I believe is *much* nicer[1] than
sbsigntool and mokutil), so I plan to do some work in this area in the
future.

But I am not sure yet of which shape this interface should have.

Part of the issue is that at least sbctl signs the installed binaries in
place, while bootctl looks for .efi.signed files in the source
directory, and "bootctl install" could also be run manually at any time.

But since systemd-bootx64.efi comes from /usr/lib/systemd/boot/efi/ it
would not be right to have something which is not the package manager
install a .efi.signed file there, so I suspect that this cannot be
solved just with some shell scripting.
And for the time being there are zero chances that Debian (or anybody
else, I understand) will be able to ship a signed systemd-boot, so this
is not a useful interface right now.

[1] https://blog.bofh.it/debian/id_465

I'm a bit concerned to add such a hook interface without a clear scope
of that this interface is supposed to provide.

And to be somewhat consistent, I assume such a hook interface would
actually have to be added to bootctl directly, which is then no longer
ad Debian specific issue.

For your specific use case, you can probably use a dpkg hook as detailed in
https://unix.stackexchange.com/questions/199511/is-it-possible-to-install-a-hook-that-will-be-called-before-removal-of-a-packa

to do what you want.

I'm thus closing the issue as wontfix.

Regards,
Michael

OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1050574: xfsprogs: I/O errors and desktop locks up on mkfs

2023-08-26 Thread Michael P. Soulier

Package: xfsprogs
Version: 6.1.0-1
Severity: important
X-Debbugs-Cc: msoul...@digitaltorque.ca

Dear Maintainer,

I was trying to format a 4TB usb external drive. Every time I tried, I saw I/O
errors and my gnome desktop froze, requiring a complete power-cycle to recover. 

I finally used ext4 with no problems. Could be hardware but the enclusure and
drive are both brand new, and I don't know why one would succeed and the other
fail.

Some dmesg output:

Aug 26 08:58:37 anton sudo[6470]: msoulier : TTY=pts/0 ; PWD=/home/msoulier ; US
ER=root ; COMMAND=/usr/sbin/mkfs -t xfs -f /dev/sdc1
Aug 26 08:58:37 anton sudo[6470]: pam_unix(sudo:session): session opened for use
r root(uid=0) by (uid=1000)
Aug 26 08:58:37 anton kernel: DMAR: DRHD: handling fault status reg 3
Aug 26 08:58:37 anton kernel: xhci_hcd :00:14.0: WARNING: Host System Error
Aug 26 08:58:37 anton kernel: DMAR: [DMA Read NO_PASID] Request device [00:14.0]
 fault addr 0xff58f000 [fault reason 0x06] PTE Read access is not set
Aug 26 08:58:39 anton kernel: usb 2-3: device not accepting address 2, error -10
8
Aug 26 08:58:42 anton kernel: usb 2-3: USB disconnect, device number 2
Aug 26 08:59:08 anton kernel: sd 2:0:0:0: [sdc] tag#4 uas_eh_abort_handler 0 uas
-tag 11 inflight: CMD OUT
Aug 26 08:59:08 anton kernel: sd 2:0:0:0: [sdc] tag#4 CDB: Write(16) 8a 00 00 00
 00 00 e8 e1 34 48 00 00 04 00 00 00
Aug 26 08:59:08 anton kernel: sd 2:0:0:0: [sdc] tag#2 uas_eh_abort_handler 0 uas
-tag 10 inflight: CMD OUT
Aug 26 08:59:08 anton kernel: sd 2:0:0:0: [sdc] tag#2 CDB: Write(16) 8a 00 00 00
 00 00 e8 e1 30 48 00 00 04 00 00 00
Aug 26 08:59:08 anton kernel: sd 2:0:0:0: [sdc] tag#1 uas_eh_abort_handler 0 uas
-tag 9 inflight: CMD OUT
Aug 26 08:59:08 anton kernel: sd 2:0:0:0: [sdc] tag#1 CDB: Write(16) 8a 00 00 00
 00 00 e8 e1 2c 48 00 00 04 00 00 00
Aug 26 08:59:08 anton kernel: sd 2:0:0:0: [sdc] tag#0 uas_eh_abort_handler 0 uas
-tag 8 inflight: CMD OUT
Aug 26 08:59:08 anton kernel: sd 2:0:0:0: [sdc] tag#0 CDB: Write(16) 8a 00 00 00
 00 00 e8 e1 28 48 00 00 04 00 00 00
Aug 26 08:59:09 anton kernel: scsi host2: uas_eh_device_reset_handler start
Aug 26 08:59:09 anton kernel: usb 2-1: device not accepting address 4, error -10
8
Aug 26 08:59:10 anton kernel: usb 2-1: device not accepting address 4, error -10
8
Aug 26 08:59:10 anton kernel: usb 2-1: device not accepting address 4, error -10
8
Aug 26 08:59:11 anton kernel: usb 2-1: device not accepting address 4, error -10
8



-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-11-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_CA:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages xfsprogs depends on:
ii  libblkid1   2.38.1-5+b1
ii  libc6   2.36-9+deb12u1
ii  libdevmapper1.02.1  2:1.02.185-2
ii  libedit23.1-20221030-2
ii  libicu7272.1-3
ii  libinih155-1
ii  liburcu80.13.2-1
ii  libuuid12.38.1-5+b1
ii  python3 3.11.2-1+b1

xfsprogs recommends no packages.

Versions of packages xfsprogs suggests:
ii  acl  2.3.1-3
pn  attr 
pn  quota
ii  xfsdump  3.1.11-0.1

-- no debconf information

Bug#1017111: patch NMU ongoing

2023-08-26 Thread Gianfranco Costamagna


control: tags -1 patch pending

Hello, attached debdiff uploaded to sid.
diff -Nru opencolorio-2.1.2+dfsg1/debian/changelog 
opencolorio-2.1.2+dfsg1/debian/changelog
--- opencolorio-2.1.2+dfsg1/debian/changelog2022-08-20 23:39:40.0 
+0200
+++ opencolorio-2.1.2+dfsg1/debian/changelog2023-08-26 13:55:36.0 
+0200
@@ -1,3 +1,18 @@
+opencolorio (2.1.2+dfsg1-4.1) unstable; urgency=medium
+
+  [ Gianfranco Costamagna ]
+  * Non-maintainer upload.
+  * Fix FTBFS with newer yaml-cpp (Closes: #1050366)
+  * Update manpages (Closes: #1017111)
+
+  [ Olivier Gayot ]
+  * Include header file in binary package (change in d/rules and
+d/python3-pyopencolorio.install) (Closes: #1050570)
+  * d/patches/0002-fix-documentation-cmake-syntax.patch Fix generation of
+documentation.
+
+ -- Gianfranco Costamagna   Sat, 26 Aug 2023 
13:55:36 +0200
+
 opencolorio (2.1.2+dfsg1-4) unstable; urgency=medium
 
   [ Pino Toscano ]
diff -Nru opencolorio-2.1.2+dfsg1/debian/manpages/ociobakelut.1 
opencolorio-2.1.2+dfsg1/debian/manpages/ociobakelut.1
--- opencolorio-2.1.2+dfsg1/debian/manpages/ociobakelut.1   2022-08-11 
23:25:53.0 +0200
+++ opencolorio-2.1.2+dfsg1/debian/manpages/ociobakelut.1   2023-08-26 
13:55:36.0 +0200
@@ -1,4 +1,4 @@
-.TH OCIOBAKELUT "1" "August 2022" "create a new LUT or ICC profile from an 
OCIO config or LUT file(s)" "User Commands"
+.TH OCIOBAKELUT "26" "August 2023" "create a new LUT or ICC profile from an 
OCIO config or LUT file(s)" "User Commands"
 .SH NAME
 ociobakelut \- create a new LUT or ICC profile from an OCIO config or LUT 
file(s)
 .PP
@@ -73,89 +73,3 @@
 .TP
 \fB\-\-copyright\fR %s
 a copyright field added in the file (default: "No copyright. Use freely.")
-.PP
-ociobakelut \fB\-\-\fR create a new LUT or ICC profile from an OCIO config or 
LUT file(s)
-.PP
-usage:  ociobakelut [options] 
-.PP
-example:  ociobakelut \fB\-\-inputspace\fR lg10 \fB\-\-outputspace\fR srgb8 
\fB\-\-format\fR flame lg_to_srgb.3dl
-example:  ociobakelut \fB\-\-lut\fR filmlut.3dl \fB\-\-lut\fR calibration.3dl 
\fB\-\-format\fR flame display.3dl
-example:  ociobakelut \fB\-\-cccid\fR 0 \fB\-\-lut\fR cdlgrade.ccc 
\fB\-\-lut\fR calibration.3dl \fB\-\-format\fR flame graded_display.3dl
-example:  ociobakelut \fB\-\-lut\fR look.3dl \fB\-\-offset\fR 0.01 
\fB\-0\fR.02 0.03 \fB\-\-lut\fR display.3dl \fB\-\-format\fR flame 
display_with_look.3dl
-example:  ociobakelut \fB\-\-inputspace\fR lg10 \fB\-\-outputspace\fR srgb8 
\fB\-\-format\fR icc \fI\,~/Library/ColorSync/Profiles/test.icc\/\fP
-example:  ociobakelut \fB\-\-lut\fR filmlut.3dl \fB\-\-lut\fR calibration.3dl 
\fB\-\-format\fR icc \fI\,~/Library/ColorSync/Profiles/test.icc\/\fP
-.PP
-Using Existing OCIO Configurations
-.TP
-\fB\-\-inputspace\fR %s
-Input OCIO ColorSpace (or Role)
-.TP
-\fB\-\-outputspace\fR %s
-Output OCIO ColorSpace (or Role)
-.TP
-\fB\-\-shaperspace\fR %s
-the OCIO ColorSpace or Role, for the shaper
-.TP
-\fB\-\-looks\fR %s
-the OCIO looks to apply
-.TP
-\fB\-\-iconfig\fR %s
-Input .ocio configuration file (default: $OCIO)
-.PP
-Config\-Free LUT Baking
-.IP
-(all options can be specified multiple times, each is applied in order)
-\fB\-\-cccid\fR %s   Specify a CCCId for any following LUTs
-\fB\-\-lut\fR %s Specify a LUT (forward direction)
-\fB\-\-invlut\fR %s  Specify a LUT (inverse direction)
-\fB\-\-slope\fR %f %f %f slope
-\fB\-\-offset\fR %f %f %foffset (float)
-\fB\-\-offset10\fR %f %f %f  offset (10\-bit)
-\fB\-\-power\fR %f %f %f power
-\fB\-\-sat\fR %f saturation (ASC\-CDL luma coefficients)
-.PP
-Baking Options
-.TP
-\fB\-\-format\fR %s
-the LUT format to bake: flame (.3dl), lustre (.3dl), Academy/ASC Common LUT 
Format (.clf), Color Transform Format (.ctf), cinespace (.csp), houdini (.lut), 
iridas_cube (.cube), iridas_itx (.itx), resolve_cube (.cube), truelight (.cub), 
icc (.icc)
-.TP
-\fB\-\-shapersize\fR %d
-size of the shaper (default: format specific)
-.TP
-\fB\-\-cubesize\fR %d
-size of the cube (default: format specific)
-.TP
-\fB\-\-stdout\fR
-Write to stdout (rather than file)
-.TP
-\fB\-\-v\fR
-Verbose
-.TP
-\fB\-\-help\fR
-Print help message
-.PP
-ICC Options
-.TP
-\fB\-\-whitepoint\fR %d
-whitepoint for the profile (default: 6505)
-.TP
-\fB\-\-displayicc\fR %s
-an ICC profile which matches the OCIO profiles target display
-.TP
-\fB\-\-description\fR %s
-a meaningful description, this will show up in UI like photoshop (defaults to 
"filename.icc")
-.TP
-\fB\-\-copyright\fR %s
-a copyright field added in the file (default: "No copyright. Use freely.")
-.SH "SEE ALSO"
-The full documentation for
-.B Invalid
-is maintained as a Texinfo manual.  If the
-.B info
-and
-.B Invalid
-programs are properly installed at your site, the command
-.IP
-.B info Invalid
-.PP
-should give you access to the complete manual.
diff -Nru opencolorio-2.1.2+dfsg1/debian/manpages/ociocheck.1 
opencolorio-2.1.2+dfsg1/debian/manpages/ociocheck.1
---

Bug#1045031: dhcpig: Fails to build source after successful build

2023-08-26 Thread Peter Wienemann


Control: tags -1 + patch

See https://salsa.debian.org/pkg-security-team/dhcpig/-/merge_requests/2

Bug#1033548: 02:00 timers dont run in DST transition night


Control: tags -1 + moreinfo

Hi Marc

On Mon, 27 Mar 2023 11:29:32 +0200 Marc Haber 
 wrote:

Package: systemd
Version: 252.6-1
Severity: minor

Hi,

aide-common ships the following timer:

[Unit]
Description=Daily AIDE check

[Timer]
OnCalendar=*-*-* 02:00:00
RandomizedDelaySec=2h
Persistent=true

[Install]
WantedBy=timers.target

This didn't run in DST transition night. I think this might be caused by
the clock jumping from 01:59 to 03:00, with 02:00 not existing.

Is there a notation to have a systemd timer run even if the exact time
the timer is supposed to run doesn't happen? I guess this might also be
the case in case of a grossly misticking clock and a timesync daemon
stepping the time, for example, from 01:59:50 to 02:02:00?

Or would be probably be a better idea to trigger a timer if systemd
finds the trigger time in the past without the timer having been
triggered?

Not running at all came as kind of surprise for me.

I might be holding things wrong but I'd like your opinion.


What was/is the output of
systemctl list-timers
before and after such a (DST) time jump?

I.e., is there a way to reproduce this somehow?


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1033567: systemd: move /usr/bin/kernel-install to package systemd-boot

tags 1033567 + wontfix
thanks

Hi Emanuele

On Mon, 27 Mar 2023 18:19:23 +0200 Michael Biebl  wrote:

Control: tags -1 + moreinfo

Am 27.03.23 um 16:29 schrieb Emanuele Rocca:

> the systemd binary package currently ships the following files:
> 
>   /usr/bin/kernel-install

>   /usr/share/bash-completion/completions/kernel-install
>   /usr/share/man/man8/kernel-install.8.gz
>   /usr/share/zsh/vendor-completions/_kernel-install
> 
> Given that AFAIU kernel-install is not particularly useful without

> systemd-boot, please consider moving the files mentioned above to the
> systemd-boot binary package.
> 

See
https://salsa.debian.org/systemd-team/systemd/-/merge_requests/138#note_292202

As mentioned by Martin, kernel-install is (in theory) agnostic of the 
used boot loader.
As such, it makes sense to keep it out of systemd-boot and in the more 
general systemd package.

Given that the size of kernel-install is rather tiny and it doesn't drag 
in any additional dependencies, I would for now not see any strong 
incentives to move it out of the main systemd package.

I'm thus tentatively closing this bug report as wontfix, unless we are 
presented with stronger reasons why the tool should be moved.

Regards,
Michael

OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1050545: reportbug: plymouth uses cp -a to create initramfs but cp -r works better for SE Linux and in gneral

2023-08-26 Thread Holger Levsen

On Sat, Aug 26, 2023 at 10:18:50AM +1000, Russell Coker wrote:
> The solution is to use "cp -r" to copy the files in question, I've attached
> a patch to do this.  Another option would be to use "cp -rpd" which gets
> closer to the original but shouldn't be necessary.

I'm wondering whether "cp -rpd" wouldn't be better still as the resulting
initramfs would be more reproducible, due to not variying timestamps...

-- 
cheers,
Holger

 ⢀⣴⠾⠻⢶⣦⠀
 ⣾⠁⢠⠒⠀⣿⡁  holger@(debian|reproducible-builds|layer-acht).org
 ⢿⡄⠘⠷⠚⠋⠀  OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C
 ⠈⠳⣄

Cholera is over. It's safe to put sewage in our drinking water again.
(@stimmyskye)

signature.asc
Description: PGP signature

Bug#1050288: nsis 3.08-3 (bookworm) generates bogus relocation information (regression)

2023-08-26 Thread Thomas Gaugler


Thank you for your detailed bug report.

I built the nsis_3.09-1 and nsis-common_3.09-1 packages on Debian 
Bookworm, installed the resulting packages and can confirm with the two 
Nullsoft Installer (.nsi) scripts provided by you that the resulting 
installer executables no longer show the "(.reloc) is too large" error 
with objdump.


Therefore I would appreciate if you create a "bookworm proposed updates 
request" by issuing the "reportbug release.debian.org" command on a 
Debian system.


Please mention in "reportbug" this bug report, provide your observations 
and results of your tests and also refer to the fixed security 
vulnerability (Bug#1040880: nsis: CVE-2023-37378) in nsis_3.09-1.

Bug#1042048: python-ase: FTBFS: E: Build killed with signal TERM after 150 minutes of inactivity

2023-08-26 Thread Graham Inggs

Control: severity -1 important
Control: tags -1 + unreproducible

Hi Lucas

I'm unable to reproduce this failure locally, also python-ase builds
successfully on reproducible builds [1].

Regards
Graham


[1] https://tests.reproducible-builds.org/debian/rb-pkg/python-ase.html

Bug#1050571: reportbug: nginx normalises "Status: 123 " and "Status: 123" to invalid "HTTP/1.1 123" (must be "HTTP/1.1 123 ")