Bug#1049955: bookworm-pu: package qemu/1:7.2+dfsg-7+deb12u2
23.09.2023 23:45, Adam D. Barratt wrote: Control: tags -1 confirmed On Thu, 2023-08-17 at 12:54 +0300, Michael Tokarev wrote: There's a next upstream qemu stable/bugfix release, fixing a big number of various issues, including 3 (minor) security issues too. The full list is in the changelog below and in the upstream git (mirrored in salsa too). ... Please go ahead. It is a "good" timing, Adam. Just 2 days ago I sent announcement for a new qemu stable-7.2.6 release fixing a bunch of more bugs, and fixing an important class of security issues too. https://lore.kernel.org/qemu-devel/bf422038-5f0a-e9ca-1eb3-ed25442c7...@tls.msk.ru/ "Good" because I forgot to send a note to this bug report about the upcoming release (it was planned) and as a result we clashed. I prepared debian package (based on this new 7.2.6), it is in testing now on my local machine. Will it be easier to upload the reviewed 7.2+dfsg-7+deb12u2 (based on 7.2.5) and close this bug#, and later make 7.2+dfsg-7+deb12u3 (based on 7.2.6), or update current bug# with new release? I guess it's better to do it step by step, closing this bug# and filing a new one. Thank you! /mjt
Bug#1050547: GNOME crashes with white screen after boot up
Hi, After updating the below packages yesterday, the GDM3 white screen issue returns. I have tried with reinstalling gnome-shell but it error still persists. I have performed a backtrace with debugging symbols. Results are as below. Thanks. Start-Date: 2023-09-23 17:10:36 Commandline: apt-get dist-upgrade -V Upgrade: gnome-text-editor:amd64 (45~beta-2, 45.0-1), libcups2:amd64 (2.4.2-5, 2.4.2-6), tecla:amd64 (45~rc-1, 45.0-1), gnome-user-docs:amd64 (44.3-2, 45.0-1), liferea:amd64 (1.15.2-1, 1.15.3-1),mutter-common-bin:amd64 (44.4-2, 44.5-1), eog:amd64 (45~rc-1, 45.0-1), libglib2.0-bin:amd64 (2.78.0-1, 2.78.0-2), cups-common:amd64 (2.4.2-5, 2.4.2-6), liferea-data:amd64 (1.15.2-1, 1.15.3-1), libgdm1:amd64 (45~beta-1, 45.0.1-1), libmutter-12-0:amd64 (44.4-2, 44.5-1), cups-client:amd64 (2.4.2-5, 2.4.2-6), cups-ppdc:amd64 (2.4.2-5, 2.4.2-6), cups-daemon:amd64 (2.4.2-5, 2.4.2-6), libshumate-common:amd64 (1.1~rc-1, 1.1.0-1), mutter-common:amd64 (44.4-2, 44.5-1), libglib2.0-data:amd64 (2.78.0-1, 2.78.0-2), gnome-calendar:amd64 (45~rc-1, 45.0-1), libshumate-1.0-1:amd64 (1.1~rc-1, 1.1.0-1), cups-ipp-utils:amd64 (2.4.2-5, 2.4.2-6), gdm3:amd64 (45~beta-1, 45.0.1-1), gir1.2-mutter-12:amd64 (44.4-2, 44.5-1), gir1.2-shumate-1.0:amd64 (1.1~rc-1, 1.1.0-1), gnome-music:amd64 (44.0-2, 45.0-1), gir1.2-gdm-1.0:amd64 (45~beta-1, 45.0.1-1), bash-completion:amd64 (1:2.11-7, 1:2.11-8), libglib2.0-0:amd64 (2.78.0-1, 2.78.0-2), cups-core-drivers:amd64 (2.4.2-5, 2.4.2-6), gnome-characters:amd64 (45~alpha-2, 45.0-1), cups:amd64 (2.4.2-5, 2.4.2-6), sysvinit-utils:amd64 (3.07-1, 3.08-1), libqt5designer5:amd64 (5.15.10-3, 5.15.10-5), cups-server-common:amd64 (2.4.2-5, 2.4.2-6), gnome-clocks:amd64 (44.0-2, 45.0-1), libqt5help5:amd64 (5.15.10-3, 5.15.10-5) End-Date: 2023-09-23 17:11:29 *Backtrace* Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". Core was generated by `/usr/bin/gnome-shell'. Program terminated with signal SIGSEGV, Segmentation fault. #0 meta_display_get_x11_display (display=0x0) at ../src/core/display.c:2513 Download failed: Invalid argument. Continuing without source file ./obj-x86_64-linux-gnu/../src/core/display.c. 2513 ../src/core/display.c: No such file or directory. [Current thread is 1 (Thread 0x7fb206184e00 (LWP 1761))] (gdb) bt #0 meta_display_get_x11_display (display=0x0) at ../src/core/display.c:2513 #1 0x7fb20aaf9b3b in meta_cursor_sprite_xfixes_initable_init (initable=0x55724b0cd7c0, cancellable=, error=0x7ffc13ebd0b0) at ../src/backends/x11/cm/meta-cursor-sprite-xfixes.c:134 #2 0x7fb20b26d3d3 in g_initable_new_valist (object_type=, first_property_name=0x7fb20abafb8e "display", var_args=var_args@entry=0x7ffc13ebcfa0, cancellable=cancellable@entry=0x0, error=error@entry=0x7ffc13ebd0b0) at ../../../gio/ginitable.c:250 #3 0x7fb20b26d4bd in g_initable_new (object_type=, cancellable=cancellable@entry=0x0, error=error@entry=0x7ffc13ebd0b0, first_property_name=first_property_name@entry=0x7fb20abafb8e "display") at ../../../gio/ginitable.c:164 #4 0x7fb20aaf9eda in meta_cursor_sprite_xfixes_new (display=0x0, cursor_tracker=cursor_tracker@entry=0x557249ae82c0, error=error@entry =0x7ffc13ebd0b0) at ../src/backends/x11/cm/meta-cursor-sprite-xfixes.c:110 #5 0x7fb20aafd6ee in ensure_xfixes_cursor (tracker_x11=tracker_x11@entry=0x557249ae82c0) at ../src/backends/x11/meta-cursor-tracker-x11.c:94 #6 0x7fb20aafd74d in meta_cursor_tracker_x11_get_sprite (tracker=0x557249ae82c0) at ../src/backends/x11/meta-cursor-tracker-x11.c:162 #7 0x7fb20aa8b05e in meta_cursor_tracker_get_sprite (tracker=) at ../src/backends/meta-cursor-tracker.c:365 #8 0x7fb20a0bbf7a in ffi_call_unix64 () at ../src/x86/unix64.S:104 #9 0x7fb20a0bb40e in ffi_call_int (cif=cif@entry=0x55724ad81410, fn=fn@entry=0x7fb20aa8b050 , rvalue=, rvalue@entry=0x7ffc13ebd2e8, avalue=, closure=closure@entry=0x0) at ../src/x86/ffi64.c:673 #10 0x7fb20a0bbb0d in ffi_call (cif=0x55724ad81410, fn=0x7fb20aa8b050 , rvalue=0x7ffc13ebd2e8, avalue=) at ../src/x86/ffi64.c:710 #11 0x7fb20af01fa7 in Gjs::Function::invoke (this=, context=0x55724a2f63e0, args=..., this_obj=..., r_value=) at ./obj-x86_64-linux-gnu/../gi/function.cpp:1048 #12 0x7fb20af02698 in Gjs::Function::call (context=0x55724a2f63e0, js_argc=, vp=) at ./obj-x86_64-linux-gnu/../gi/function.cpp:1228 #13 0x7fb208196650 in CallJSNative (args=..., reason=js::CallReason::Call, native=0x7fb20af025b0 , cx=0x55724a2f63e0) at ./js/src/vm/Interpreter.cpp:420 #14 js::InternalCallOrConstruct (cx=0x55724a2f63e0, args=..., construct=, reason=js::CallReason::Call) at ./js/src/vm/Interpreter.cpp:493 #15 0x7fb208189d97 in InternalCall (reason=, args=..., cx=) at ./js/src/vm/Interpreter.cpp:574 #16 js::CallFromStack (args=..., cx=) at ./js/src/vm/Interpreter.cpp:578 #17 Interpret (cx=0x55724a2f63e0, state=...) at ./js/src/vm/Interpreter.cpp:3314 #18
Bug#1052533: llvm-17-dev: cmake config unusable due to missing files
Package: llvm-17-dev Version: 1:17.0.1-1~exp1 Severity: serious the following minimized CMakeLists.txt cmake_minimum_required(VERSION 3.13.4) project(LLVM_SPIRV VERSION 17 LANGUAGES CXX C) find_package(LLVM 17 REQUIRED) fails with this error: -- Could NOT find LibEdit (missing: LibEdit_INCLUDE_DIRS LibEdit_LIBRARIES) -- Could NOT find ZLIB (missing: ZLIB_LIBRARY ZLIB_INCLUDE_DIR) -- Could NOT find zstd (missing: zstd_LIBRARY zstd_INCLUDE_DIR) -- Could NOT find CURL (missing: CURL_LIBRARY CURL_INCLUDE_DIR) CMake Error at /usr/lib/llvm-17/lib/cmake/llvm/LLVMExports.cmake:1857 (message): The imported target "omp" references the file "/usr/lib/llvm-17/lib/libomp.so.5" but this file does not exist. Possible reasons include: * The file was deleted, renamed, or moved to another location. * An install or uninstall procedure did not complete successfully. * The installation package was faulty and contained "/usr/lib/llvm-17/lib/cmake/llvm/LLVMExports.cmake" but not all the files it references. Call Stack (most recent call first): /usr/lib/llvm-17/cmake/LLVMConfig.cmake:369 (include) CMakeLists.txt:3 (find_package) -- Configuring incomplete, errors occurred! (found while preparing spirv-llvm-translator-17) Andreas
Bug#1038611: lightdm: Lightdm fails to start X after upgrade to 1.32.0
I tested this solution from Steev Klimaszewski and it worked. So we have a workaround for this problem. Maybe it can be used with sddm. But I need to see where the configuration is to do that. Best regards, Adilson -- Adilson dos Santos Dantas http://www.adilson.net.br http://twitter.com/adilsond
Bug#1052532: ITP: golang-github-containers-luksy -- offline encryption/decryption using LUKS formats
Package: wnpp Owner: Reinhard Tartler Severity: wishlist * Package name: golang-github-containers-luksy Version : git * URL or Web page : https://github.com/containers/luksy * License : Apache2 Description : offline encryption/decryption using LUKS formats luksy implements encryption and decryption using LUKSv1 and LUKSv2 formats. Think of it as a clunkier cousin of gzip/bzip2/xz that doesn't actually produce smaller output than input, but it encrypts, and that's nice. . The main goal is to be able to encrypt/decrypt when we don't have access to the Linux device mapper. Duplicating functions of cryptsetup that it can perform without accessing the Linux device mapper is not a priority.
Bug#1052531: ITP: golang-github-aead-serpent -- Serpent block cipher
Package: wnpp Owner: Reinhard Tartler Severity: wishlist * Package name: golang-github-aead-serpent Version : git Upstream Author : Andreas Auernhammer * URL or Web page : https://github.com/aead/serpent * License : Expat Description : Serpent block cipher Serpent is a symmetric key block cipher that was a finalist in the Advanced Encryption Standard (AES) contest, where it was ranked second to Rijndael. Serpent was designed by Ross Anderson, Eli Biham, and Lars Knudsen.
Bug#1052530: installation-reports: HP 15-ef2033dx likes bookworm w/plasma
Package: installation-reports Severity: normal Boot method: usb Image version: Official Debian GNU/Linux Live 12.1.0 kde 2023-07-22T09:48:34Z] Date: 27 Sep 21 12:22 Machine: HP 15-ef2033dx Partitions: Disk /dev/nvme0n1: 500118192 sectors, 238.5 GiB Model: SK hynix BC711 HFM256GD3JX013N Sector size (logical/physical): 512/512 bytes Disk identifier (GUID): BEFEDC3E-B565-4089-86B1-A8D2EFC41469 Partition table holds up to 128 entries Main partition table begins at sector 2 and ends at sector 33 First usable sector is 34, last usable sector is 500118158 Partitions will be aligned on 2048-sector boundaries Total free space is 58722925 sectors (28.0 GiB) Number Start (sector)End (sector) Size Code Name 12048 1050623 512.0 MiB EF00 2 105062468159487 32.0 GiB8300 bookworm 368159488 435161087 175.0 GiB 8300 storage 4 493881344 500117503 3.0 GiB 8200 Linux swap Base System Installation Checklist: [O] = OK, [E] = Error (please elaborate below), [ ] = didn't try it Initial boot: [O] Detect network card:[O] Configure network: [ ] Detect media: [O] Load installer modules: [O] Clock/timezone setup: [ ] User/password setup:[O] Detect hard drives: [O] Partition hard drives: [O] Install base system:[O] Install tasks: [ ] Install boot loader:[O] Overall install:[O] Comments/Problems: It was very pleasant. Thank you. Too much cleanup of pkgs installed for no reason, no big deal, used to it... I think installer logs are attached if not I'll follow upand attach them. The attachment file /var/log/installer/installer.tar size is bigger than the maximum of 10485760 bytes: reduce its size else the report cannot be sent Much obliged, this very brand new computer is very happy with bookworm. I really appreciate the free os. L8r, bw
Bug#1051302: bookworm-pu: package jekyll/4.3.1+dfsg-3+deb12u1
On Sat, Sep 23, 2023 at 08:32:43PM +0100, Adam D. Barratt wrote: > Control: tags -1 confirmed > > This update fixes processing user configuration that used YAML > > aliases. > > > > [ Impact ] > > User configuration with YAML aliases will cause jekyll to crash while > > parsing it, and therefore jekyll will not work at all. > > > > Please go ahead. Uploaded. signature.asc Description: PGP signature
Bug#1052506: weechat: Recurrent crashes of the app
Package: weechat Followup-For: Bug #1052506 The crashes are likely fixed in weechat 4.0.4. You can install it yourself from the weechat homepage, they provide debian packages. The package in debian is out of date most of the time. Test if the problem exists in newer version of weechat and if not, then just keep using the upstream weechat version. If it still crashes, then report the bug upstream instead.
Bug#1052483: emacs-gtk: rcirc doesn't rejoin channels on reconnecting
FYI I seems to be able to convince the upstream to backport the fix to 29 branch, so it will be part of 29.2. So please feel free to wait for the next point release. -- Manphiz
Bug#967729: ripperx: depends on deprecated GTK 2
I suggest removing ripperx in favour of grimripper.
Bug#1052529: proftpd: provide debug symbols for amd64 platform in sid
Package: proftpd-core-dbgsym Version: 1.3.8+dfsg-8 Severity: wishlist Dear ProFTPd maintainers, Would be great to provide proftpd-*-dbgsym packages for amd64 platform. Current [1] platforms are: alpha hppa ia64 m68k ppc64 riscv64 sh4 sparc64 x32 [1] https://packages.debian.org/search?keywords=proftpd -- With best regards, Dmitry
Bug#1052528: grub-efi-amd64: Loading initial ramdisk... Error: out of memory
Package: grub-efi-amd64 Version: 2.06-13 Severity: important After upgrading from Debian 11 to Debian 12 I have been getting the error when booting my system about 2/3 of the times: Loading initial ramdisk... error: out of memory The other 1/3 of the times I boot, it works fine. The error happens with the 6.1.0-12 kernel as well as 6.1.0-11. I still have 5.10.0-23 installed and it doesn't seem to happen with that kernel. /boot/initrd.img-6.1.0-12-amd64 (which often failed) was 87 MB. /boot/initrd.img-5.10.0-23-amd64 (which always worked) was 77 MB. I found this Ubuntu bug report which shares a lot of similarities: https://bugs.launchpad.net/oem-priority/+bug/1842320 Similar to others in that bug report, my system is a Dell XPS 9550 with 32 GB of RAM. It has a 4k screen and the nvidia drivers. Following the advice on that bug report, I checked my /etc/initramfs-tools/initramfs.conf and found that I was using "COMPRESS=zstd" I changed this to "COMPRESS=xz" and "COMPRESSLEVEL=9" and ran update-initramfs -c to rebuild this kernel's initrd.img. After doing so, /boot/initrd.img-6.1.0-12-amd64 was compressed down to 64 MB. I rebooted the system about 8 times after that and it booted successfully each time, so I believe this workaround worked. So it seems like there is a problem booting with initrd.img files that are bigger than somewhere around 77-87 MB. I'm not sure why it would sometimes work, though. -- Package-specific info: *** BEGIN /boot/grub/grub.cfg # # DO NOT EDIT THIS FILE # # It is automatically generated by grub-mkconfig using templates # from /etc/grub.d and settings from /etc/default/grub # ### BEGIN /etc/grub.d/00_header ### if [ -s $prefix/grubenv ]; then set have_grubenv=true load_env fi if [ "${next_entry}" ] ; then set default="${next_entry}" set next_entry= save_env next_entry set boot_once=true else set default="0" fi if [ x"${feature_menuentry_id}" = xy ]; then menuentry_id_option="--id" else menuentry_id_option="" fi export menuentry_id_option if [ "${prev_saved_entry}" ]; then set saved_entry="${prev_saved_entry}" save_env saved_entry set prev_saved_entry= save_env prev_saved_entry set boot_once=true fi function savedefault { if [ -z "${boot_once}" ]; then saved_entry="${chosen}" save_env saved_entry fi } function load_video { if [ x$feature_all_video_module = xy ]; then insmod all_video else insmod efi_gop insmod efi_uga insmod ieee1275_fb insmod vbe insmod vga insmod video_bochs insmod video_cirrus fi } if [ x$feature_default_font_path = xy ] ; then font=unicode else insmod part_gpt insmod zfs search --no-floppy --fs-uuid --set=root 0499156567a2c9a6 font="/BOOT/debian@/grub/unicode.pf2" fi if loadfont $font ; then set gfxmode=1280x1024x32 load_video insmod gfxterm set locale_dir=$prefix/locale set lang=en_US insmod gettext fi terminal_output gfxterm if [ "${recordfail}" = 1 ] ; then set timeout=30 else if [ x$feature_timeout_style = xy ] ; then set timeout_style=menu set timeout=5 # Fallback normal timeout code in case the timeout_style feature is # unavailable. else set timeout=5 fi fi ### END /etc/grub.d/00_header ### ### BEGIN /etc/grub.d/05_debian_theme ### insmod part_gpt insmod zfs search --no-floppy --fs-uuid --set=root 0499156567a2c9a6 insmod png if background_image /BOOT/debian@/grub/.background_cache.png; then set color_normal=white/black set color_highlight=black/white else set menu_color_normal=cyan/blue set menu_color_highlight=white/blue fi ### END /etc/grub.d/05_debian_theme ### ### BEGIN /etc/grub.d/10_linux ### function gfxmode { set gfxpayload="${1}" } set linux_gfx_mode= export linux_gfx_mode menuentry 'Debian GNU/Linux' --class debian --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-simple-/dev/nvme0n1p7' { load_video insmod gzio if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi insmod part_gpt insmod zfs search --no-floppy --fs-uuid --set=root 0499156567a2c9a6 echo'Loading Linux 6.1.0-12-amd64 ...' linux /BOOT/debian@/vmlinuz-6.1.0-12-amd64 root=ZFS=/ROOT/debian ro root=ZFS=rpool/ROOT/debian root=ZFS=rpool/ROOT/debian echo'Loading initial ramdisk ...' initrd /BOOT/debian@/initrd.img-6.1.0-12-amd64 } submenu 'Advanced options for Debian GNU/Linux' $menuentry_id_option 'gnulinux-advanced-/dev/nvme0n1p7' { menuentry 'Debian GNU/Linux, with Linux 6.1.0-12-amd64' --class debian --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-6.1.0-12-amd64-advanced-/dev/nvme0n1p7' { load_video insmod gzio if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi insmod part_gpt insmod zfs search --no-floppy --fs-uuid --set=root
Bug#1052527: nagios4: New upstream release available
Source: nagios4 Severity: wishlist Dear Maintainer, Please update nagios4 in Debian as, at the time of this writing, 4.4.14 is available upstream and Debian is on 4.4.6. If the added depend of openssl is a concern, nowdays openssl is apache licensed so compatible with this package (which also has apache licensed code) Thanks! ~Unit 193 Unit193 @ OFTC Unit193 @ Libera -- System Information: Debian Release: trixie/sid APT prefers testing APT policy: (500, 'testing'), (300, 'unstable'), (100, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 6.4.0-1-amd64 (SMP w/8 CPU threads; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Bug#1039427: xsp: ships sysv-init script without systemd unit
Control: severity -1 grave The package installation fails with the following message now: "Failed to stop mono-xsp4.service: Unit mono-xsp4.service not loaded."
Bug#1052526: juman: the result is nothing
Package: juman Version: 7.0-3.5 Severity: important X-Debbugs-Cc: u...@uaa.org.uk Dear Maintainer, I found juman package is not working on Debian-12/amd64, here is example: uaa@emeraude:~$ echo "$B4y$N>e(B" | juman EOS uaa@emeraude:~$ Normally, it should be (this result is juman on Ubuntu/WSL2): uaa@DESKTOP-251U0UF:~$ echo "$B4y$N>e(B" | juman $B4y(B $B$D$/$((B $B4y(B $BL>;l(B 6 $BIaDLL>;l(B 1 * 0 * 0 "$BBeI=I=5-(B:$B4y(B/$B$D$/$((B $B4A;zFI$_(B:$B71(B $B%+%F%4%j(B:$B?M9)J*(B-$B$=$NB>(B $B%I%a%$%s(B:$B650i!&3X=,(B;$B%S%8%M%9(B" $B$N(B $B$N(B $B$N(B $B=u;l(B 9 $B@\B3=u;l(B 3 * 0 * 0 NIL $B>e(B $B$&$((B $B>e(B $BL>;l(B 6 $BI{;lE*L>;l(B 9 * 0 * 0 "$BBeI=I=5-(B:$B>e(B/$B$&$((B" EOS uaa@DESKTOP-251U0UF:~$ I compiled juman from GitHub (https://github.com/ku-nlp/juman) with gcc-12(default) and gcc-11, nothing changed. And, I tried to build juman (GitHub version) on OpenBSD-7.3/amd64, there is no problem. It uses clang-13.0.0. I think this issue is Debian specific and no compiler related. -- System Information: Debian Release: 12.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386, armhf, armel Kernel: Linux 6.1.0-12-amd64 (SMP w/8 CPU threads; PREEMPT) Locale: LANG=ja_JP.UTF-8, LC_CTYPE=ja_JP.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages juman depends on: ii libc6 2.36-9+deb12u1 ii libjuman4 7.0-3.5 juman recommends no packages. Versions of packages juman suggests: ii juman-dic 7.0-3.5 -- no debconf information
Bug#1015754: man-db: man should hint about uninstalled manpages
On Wed, Jul 20, 2022 at 05:05:03PM +0200, Martin Quinson wrote: > It would be great if man-db could hint about uninstalled manpages. One > possible > use-case would be when requesting the manpage of pthread_mutex_create when > glibc-doc is not installed. > > Right now, it displays: "No manual entry for pthread_mutex_create" > > My idea is that it would be much more user-friendly to display something like > "The manual entry of pthread_mutex_create is not available. Please install the > package glibc-doc to retrieve it." > > I understand that the information requires a global knowledge over the archive > and that it will be outdated very easily. I still think that it'd be a good > improvement for our users to provide this information. Several implementations > are possible, such as an external package providing the information about all > existing packages in the Debian archive. It should be possible to keep it > kinda > up to date in testing, and almost perfectly up to date in stable, I think. > > I would be interested in helping here, but I first need to know about your > feeling about this feature. There is no point thinking of an infrastructure to > retrieve the info if you don't want to include this feature at the end. I agree it would be helpful to have such a feature. My first instinct is that it would make a lot of sense to work rather similarly to command-not-found or AppStream, ideally sharing infrastructure if possible; it would be a shame to have to add another piece of infrastructure like that when there are at least two that already exist and are somewhat similar. (I think the approach of having to keep a package up-to-date in the archive with all the data is a rather old-fashioned one that we should try to avoid if possible.) The job is a bit harder than for today's command-not-found though, because it would need to handle things like .so links in manual pages that can't be derived solely from file names. Maybe it would make sense for debhelper to scan pages at package build time and add control fields, or perhaps something like the machinery that builds the AppStream catalog could run lexgrog over everything and see what names it reports. Anyway, in terms of what could be done in man-db, I think I'd be willing to add some kind of simple hook interface along the lines of bash's command_not_found_handle, and then something could be plugged into that. I don't think I have time to work on the infrastructure for implementing such a hook, but I do have some experience with implementing this sort of thing in Ubuntu and would be happy to give advice on things that seem like they'd fit most easily into archive infrastructure (both in Ubuntu's which I know professionally, and in what I know of Debian's). Thanks, and sorry for the slow response, -- Colin Watson (he/him) [cjwat...@debian.org]
Bug#1052525: php-pda-pheanstalk: leaves beanstalkd process running after build
Source: php-pda-pheanstalk Version: 5.0.1-1 Severity: important while rebuilding some packaes from experimental locally with pbuilder in a sid+experimental environment, I noticed that php-pda-pheanstalk causes this to hang because a beanstalkd process is still running after php-pda-pheanstalk has been built successfully. Andreas
Bug#1005989: RFP: owncast -- simple video live streaming and chat server
Control: retitle RFP: owncast -- simple video live streaming and chat server I won't be able to do the packaging in the near future, so I have to cancel my ITP OpenPGP_signature Description: OpenPGP digital signature
Bug#1052420: bullseye-pu: package flameshot/0.9.0+ds1-2+deb11u1
Control: tags -1 confirmed On Thu, 2023-09-21 at 13:37 -0400, Boyuan Yang wrote: > As reported in https://bugs.debian.org/1051408 , current flameshot > in Debian 11 (Bullseye) will silently upload the current captured > screenshot to imgur without confirmation whenever the corresponding > hotkey is pressed. This imposes a security risk of leaking sensitive > information. > > In order to mitigate this issue, I propose to upload flameshot > 0.9.0+ds1-2+deb11u1, which strips the embedded imgur token hardcoded > in the source code. Users who wish to utilize the img uploading > feature can fill in their own imgur token in flameshot config > window to re-enable the feature. > Please go ahead. Regards, Adam
Bug#1052363: bullseye-pu: cups/2.3.3op2-3+deb11u4
Control: tags -1 moreinfo On Wed, 2023-09-20 at 21:40 +, Thorsten Alteholz wrote: > The attached debdiff for cups fixes CVE-2023-4504 and CVE-2023-32360 > in > Bullseye. These CVEs have been marked as no-dsa by the security team, > but > at least CVE-2023-32360 got anRC bug (#1051953). > +cups (2.4.2-6) unstable; urgency=low + + In case this is not a fresh installation of cups, please double check + whether your cupsd.conf really does contain the limitiation for + "CUPS-Get-Document" (see patch 0019-CVE-2023-32360.patch) The same query as for bookworm applies here - do we expect users to know how to find the patch? Regards, Adam
Bug#1052288: bullseye-pu: package qemu/1:5.2+dfsg-11+deb11u3
Control: tags -1 confirmed On Tue, 2023-09-19 at 23:11 +0200, Moritz Muehlenhoff wrote: > Various low severity security issues in qemu, debdiff below. > I've tested this on a Bullseye ganeti cluster using the > updated qemu. > Please go ahead. Regards, Adam
Bug#1052222: bullseye-pu: package python2.7/2.7.18-8+deb11u1
Control: tags -1 confirmed On Tue, 2023-09-19 at 10:36 +0200, Helmut Grohne wrote: > I know that officially, we do not consider Python 2.7 covered by > security support. In bullseye, it has merely been kept to support a > small minority of applications that would otherwise have been > removed. > Freexian SARL has an interest in updating it anyway. I am therefore > proposing a PU that fixes know security issues in Python 2.7. Do you > think we can accept this into bullseye? I recognize that such an > update > could be seen as a promise of support. Therefore, I've Cc'ed the > security team to have them veto if desired. In effect, Freexian > currently makes this promise to customers and will continue to update > security issues in Python 2.7 as it enters LTS. So we might as well > do it now already. > Please go ahead. Regards, Adam
Bug#1052479: bookworm-pu: package lxc/1:5.0.2-1+deb12u1
On Sat, 2023-09-23 at 21:29 +0100, Adam D. Barratt wrote: > > Please go ahead. Uploaded, thanks! Mathias signature.asc Description: This is a digitally signed message part
Bug#1052150: bullseye-pu: package openssh/1:8.4p1-5+deb11u2
Control: tags -1 confirmed On Mon, 2023-09-18 at 09:03 +0100, Colin Watson wrote: > https://bugs.debian.org/1042460 is a security issue affecting > bullseye. > The security team doesn't think it warrants a DSA, but thinks it's > worth > fixing in a point release. I agree. > > [ Impact ] > Forwarding an SSH agent to a remote system may be exploitable by > administrators of that remote system in complicated conditions. See > https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt. > Please go ahead. Regards, Adam
Bug#1052524: postgresql-16: Ow that hurts! On the short description.
Package: postgresql-16 Severity: minor X-Debbugs-Cc: benatt...@gezapig.nl Dear Maintainer, Is it really not The World's Most Advanced Relational Database? Please, do not tell me it is true, it hurts me so badly. Please change the short description to a friendlier one. (while you're doing, please also remove free and open-source (sounds pretty dumb while you're in main) from the long description? Else I have to make a separate bug report for that) -- System Information: Debian Release: 12.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-12-amd64 (SMP w/4 CPU threads; PREEMPT) Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Bug#1052523: conda-package-handling: please remove extraneous dependency on python3-six
Source: conda-package-handling Version: 2.2.0-1 Severity: minor User: python3-...@packages.debian.org Usertags: python3-six-removal conda-package-handling as been cleaned up from Python2/six code https://github.com/conda/conda-package-handling/pull/92 There remain a stale (build-)Depends: on python3-six, can you prune those ? Greetings -- System Information: Debian Release: trixie/sid APT prefers testing APT policy: (501, 'testing'), (450, 'unstable'), (400, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.4.0-4-amd64 (SMP w/2 CPU threads; PREEMPT) Locale: LANG=fr_BE.UTF-8, LC_CTYPE=fr_BE.UTF-8 (charmap=UTF-8), LANGUAGE=fr_BE:fr Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system)
Bug#1050538: bullseye-pu: package batik/1.12-4+deb11u2
Control: tags -1 confirmed On Fri, 2023-08-25 at 22:27 +0200, Pierre Gruet wrote: > I would like to propose an upload of batik in the next point release. > > [ Reason ] > CVE-2022-44729 and CVE-2022-44730 have been filed against batik. They > are fixed > in sid (and soon trixie). I discussed with Security team, they said a > DSA is > not needed but suggested to fix the CVE in bullseye in a point > release. > Please go ahead. Regards, Adam
Bug#1050332: bullseye-pu: package inetutils/2:2.0-1+deb11u2
Control: tags -1 confirmed On Wed, 2023-08-23 at 12:44 +0200, Guillem Jover wrote: > This update fixes a minor security issue, that the security team did > not feel worth a DSA. It is now fixed already in unstable and > testing. > Please go ahead. Regards, Adam
Bug#959090: deepin-notifications: unnecessary build-dependency on GTK 2
I am uploading a NMU to DELAYED/10 in order to fix this. The debdiff is attached.diff -Nru deepin-notifications-3.3.4/debian/changelog deepin-notifications-3.3.4/debian/changelog --- deepin-notifications-3.3.4/debian/changelog 2018-06-21 09:42:58.0 +0200 +++ deepin-notifications-3.3.4/debian/changelog 2023-09-23 22:56:46.0 +0200 @@ -1,3 +1,10 @@ +deepin-notifications (3.3.4-1.1) unstable; urgency=medium + + * Non-maintainer upload. + * Drop unnecessary GTK 2 build dependency. (Closes: #959090) + + -- Bastian Germann Sat, 23 Sep 2023 22:56:46 +0200 + deepin-notifications (3.3.4-1) unstable; urgency=medium * Team upload. diff -Nru deepin-notifications-3.3.4/debian/control deepin-notifications-3.3.4/debian/control --- deepin-notifications-3.3.4/debian/control 2018-06-13 08:36:44.0 +0200 +++ deepin-notifications-3.3.4/debian/control 2023-09-23 22:56:39.0 +0200 @@ -10,7 +10,6 @@ libdframeworkdbus-dev, libdtkwidget-dev, libgsettings-qt-dev, - libgtk2.0-dev, libqt5svg5-dev, pkg-config, qtdeclarative5-dev,
Bug#1049982: bullseye-pu: package riemann-c-client/1.10.4-2+b2
Control: tags -1 confirmed On Sat, 2023-08-19 at 10:41 -1000, Romain Tartière wrote: > On Thu, Aug 17, 2023 at 10:52:17PM +0100, Adam D. Barratt wrote: > > Please supply an appropriate debdiff. > > Sorry for the confusion, here is an updated debdiff. Thank you! Please go ahead. Regards, Adam
Bug#1050121: bullseye-pu: package cryptmount/5.3.3-1+deb11u1
Control: tags -1 confirmed On Sun, 2023-08-20 at 11:11 +0100, RW Penney wrote: > When cryptmount is passed invalid command-line arguments, it is > likely > to crash with a SEGV error due to inappropriately zeroed memory > passed > to getopt_long(). > Please go ahead. Regards, Adam
Bug#1035464: bullseye-pu: package lttng-modules/2.12.5-1+deb11u1
Control: tags -1 confirmed On Wed, 2023-05-03 at 11:34 -0400, Michael Jeanson wrote: > Fix the dkms build of lttng-modules against the current bullseye > kernel 5.10.0-22. > Please go ahead; sorry for the delay. Regards, Adam
Bug#1042057: bullseye-pu: package pandoc/2.9.2.1-1+deb11u1
Control: tags -1 confirmed On Tue, 2023-07-25 at 23:39 +0200, Guilhem Moulin wrote: > pandoc 2.9.2.1-1 is vulnerable to CVE-2023-35936: Arbitrary file > write > vulnerability via specially crafted image element in the input when > generating > files using the `--extract-media` option or outputting to PDF format. > > The Security Team decided not to issue a DSA for that CVE, but it's > now fixed in > buster-security (2.2.1-3+deb10u1) as well as sid (2.17.1.1-2), so it > makes sense > to fix it via (o)s-pu too. > Please go ahead; sorry for the delay. Regards, Adam
Bug#1051024: bookworm-pu: package igtf-policy-bundle/1.22-1~deb12u1
On 23-09-2023 22:36, Adam D. Barratt wrote: [ Checklist ] [*] *all* changes are documented in the d/changelog [*] I reviewed all changes and I approve them [*] attach debdiff against the package in (old)stable You appear to have forgotten the debdiff. It could not be attached on the initial submission for some reason, so I attached it in message #12: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051024#12 [ ] the issue is verified as fixed in unstable Is this fixed in unstable or not? Yes, 1.122 is accepted into unstable in the mean time.
Bug#1036083: bullseye-pu: package galera-4 26.4.14-0+deb11u1
Control: tags -1 confirmed On Tue, 2023-07-25 at 14:52 -0700, Otto Kekäläinen wrote: > Sorry - attached now. Please go ahead; sorry for the delay. Regards, Adam
Bug#1035466: bullseye-pu: package postfix/3.5.18-0+deb11u1
Control: tags -1 confirmed On Sun, 2023-06-25 at 14:06 -0400, Scott Kitterman wrote: > While this has been pending, another postfix maintenance update has > been > released for 3.5. Postfix 3.5.20 provides the relevant fixes already > provided > to Bookworm via the 3.7.6 update. Debdiff attached is oldstable to > proposed > change (not just the additional changes brought by 3.5.20). > Please go ahead; sorry for the delays. Regards, Adam
Bug#1042903: bookworm-pu: package firewalld/1.3.3-1~deb12u1
Control: tags -1 confirmed On Wed, 2023-08-02 at 16:47 +0200, Michael Biebl wrote: > Sorry, forgot the attach the actual files. Please go ahead; sorry for the delay. Regards, Adam
Bug#1049955: bookworm-pu: package qemu/1:7.2+dfsg-7+deb12u2
Control: tags -1 confirmed On Thu, 2023-08-17 at 12:54 +0300, Michael Tokarev wrote: > There's a next upstream qemu stable/bugfix release, fixing a > big number of various issues, including 3 (minor) security > issues too. The full list is in the changelog below and > in the upstream git (mirrored in salsa too). > > There's also another fix for bookworm qemu xen build, which > is missing 9pfs support (#1049925). This is an easy one, as > it does not change runtime dependencies. > > [ Tests ] > The upstream qemu release passed the upstream testsuite (well, > almost, besides a few corner cases which didn't work before, > such as msys-win32 build takes too much time on gitlab.com). > Also, debian build of this qemu release works fine with my > collection of qemu guests, and qemu-user works too, - I used > it in my regular work. > Please go ahead. Regards, Adam
Bug#1051171: bookworm-pu: package qtlocation-opensource-src/5.15.8+dfsg-3+deb12u1
Hi Adam! On Sat, Sep 23, 2023 at 08:28:32PM +0100, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Sun, 2023-09-03 at 22:29 +0300, Dmitry Shachnev wrote: > > This fixes bug which made applications using Qt Location freeze when > > trying to > > load the map tiles. > > > > Please go ahead. Thank you! Uploaded. -- Dmitry Shachnev signature.asc Description: PGP signature
Bug#1049988: bookworm-pu: package riemann-c-client/1.10.4-2
Control: tags -1 confirmed On Sat, 2023-08-19 at 10:42 -1000, Romain Tartière wrote: > On Sat, Aug 19, 2023 at 04:58:51PM +0100, Jonathan Wiltshire wrote: > > This seems to be a copy of the most recent upload to unstable; > > please > > consult the developers' reference and prepare an appropriate diff > > for a > > stable update. > > Sorry for the confusion, here is an updated debdiff. Thank you! > Please go ahead. Regards, Adam
Bug#1049974: bookworm-pu: package plasma-workspace/5.27.5-2+deb12u1
Control: tags -1 confirmed On Thu, 2023-08-17 at 20:01 +0200, Patrick Franz wrote: > krunner (a launcher built into KDE Plasma capable of doing all > sorts of things) crashes when characters or numbers are typed > in a rapid fashion. > The bug was sadly introduced in Plasma 5.27.5, but subsequently > fixed in Plasma 5.27.6. The Debian bug report can be found under > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1037557 > Please go ahead. Regards, Adam
Bug#1051024: bookworm-pu: package igtf-policy-bundle/1.22-1~deb12u1
Control: tags -1 moreinfo On Fri, 2023-09-01 at 13:30 +0200, Dennis van Dok wrote: > The IGTF bundle provides important trust anchors for the Research and > Education communities. Both for reliance on the identity of servers > for compute and storage services, as well as user identification > based > on personal certificates. > > A recent change in the rules for S/MIME certificates[1] has urged a > change in the profiles for end user and robot certificates, > effectively > by 28 August 2023. Relying parties who need to authenticate users > should install this update as soon as possible. > > 1. https://cabforum.org/smime-br/ > [...] > [ Checklist ] > [*] *all* changes are documented in the d/changelog > [*] I reviewed all changes and I approve them > [*] attach debdiff against the package in (old)stable You appear to have forgotten the debdiff. > [ ] the issue is verified as fixed in unstable Is this fixed in unstable or not? Regards, Adam
Bug#1052007: bookworm-pu: package lxcfs/5.0.3-1+deb12u1
On Sat, 2023-09-23 at 20:36 +0100, Adam D. Barratt wrote: > Please go ahead. Uploaded, thanks! Mathias signature.asc Description: This is a digitally signed message part
Bug#1050997: bookworm-pu: package lemonldap-ng/2.16.1+ds-deb12u1
Control: tags -1 confirmed On Fri, 2023-09-01 at 12:34 +0400, Yadd wrote: > Version 2.17.0 of lemonldap-ng fixes two low-level security issues: > * the "login" security regex wasn't applied when using AuthSlave > * lemonldap-ng portal can be used as open-redirection due to > incorrect >escape handling > Please go ahead. Regards, Adam
Bug#1036818: lxcfs: /proc/cpuinfo is empty inside lxc on armel and armhf
Control: fixed -1 5.0.3-1+deb12u1 Also fixed in version 5.0.3-1+deb12u1 which was just accepted into stable-p-u. signature.asc Description: This is a digitally signed message part
Bug#1050537: bookworm-pu: package batik/1.16+dfsg-1+deb12u1
Control: tags -1 confirmed On Fri, 2023-08-25 at 22:26 +0200, Pierre Gruet wrote: > CVE-2022-44729 and CVE-2022-44730 have been filed against batik. They > are fixed > in sid (and soon trixie). I discussed with Security team, they said a > DSA is > not needed but suggested to fix the CVE in bookworm in a point > release. > > The two CVE are corrected by backporting upstream changes. > > [ Impact ] > The two CVE would remain: > ``A malicious SVG can probe user profile / data and send it directly > as > parameter to a URL.'' > and > ``A malicious SVG could trigger loading external resources by > default, causing > resource consumption or in some cases even information disclosure.'' > Please go ahead. Regards, Adam
Bug#1001982: ITP: golang-github-weaveworks-common -- Libraries used in multiple Weave projects
This library is no longer a dependency of golang-github-grafana- dskit. Additionally, it appears that upstream is dead: https://github.com/weaveworks/common/issues/296. Mathias signature.asc Description: This is a digitally signed message part
Bug#1052479: bookworm-pu: package lxc/1:5.0.2-1+deb12u1
Control: tags -1 confirmed On Fri, 2023-09-22 at 16:59 +, Mathias Gibbens wrote: > lxc 1:5.0.2-1 contains a typo in its IPv6 NAT rules, as reported in > #1049976. This prevents the lxc-net service from starting if > LXC_IPV6_NAT is set to true. > Please go ahead. Regards, Adam
Bug#1052522: python3-hiro: please remove extraneous, obsolete, dependency on python3-six
Package: python3-hiro Version: 1.1.1-1 Severity: normal User: python3-...@packages.debian.org Usertags: python3-six-removal Hi, Usage of python3-six was dropped shortly before releasing 1.1.1. Please remove this from the hardcoded dependencies. Greetings, https://sources.debian.org/src/hiro/1.1.1-1/HISTORY.rst/#L42 grep six -r /usr/lib/python3/dist-packages/hiro* /usr/lib/python3/dist-packages/hiro-1.1.1.dist-info/METADATA: > * Update sources to not need six for compatibility -- System Information: Debian Release: trixie/sid APT prefers testing APT policy: (501, 'testing'), (450, 'unstable'), (400, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.4.0-4-amd64 (SMP w/2 CPU threads; PREEMPT) Locale: LANG=fr_BE.UTF-8, LC_CTYPE=fr_BE.UTF-8 (charmap=UTF-8), LANGUAGE=fr_BE:fr Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages python3-hiro depends on: ii python3 3.11.4-5+b1 ii python3-mock 4.0.3-4 ii python3-six 1.16.0-4 python3-hiro recommends no packages. Versions of packages python3-hiro suggests: pn python-hiro-doc -- no debconf information
Bug#967251: alsaplayer: depends on deprecated GTK 2
Please consider dropping binary package alsaplayer-gtk.
Bug#1052425: dpdk 22.11.3-1~deb12u1 flagged for acceptance
package release.debian.org tags 1052425 = bookworm pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm. Thanks for your contribution! Upload details == Package: dpdk Version: 22.11.3-1~deb12u1 Explanation: new upstream stable release
Bug#1052402: dpdk 20.11.9-1~deb11u1 flagged for acceptance
package release.debian.org tags 1052402 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: dpdk Version: 20.11.9-1~deb11u1 Explanation: new upstream stable release
Bug#1001989: ITP: golang-github-grafana-dskit -- Distributed systems kit
Control: block -1 by 994083 Control: unblock -1 by 1001982 golang-github-grafana-dskit no longer depends on golang-github- weaveworks-common: https://github.com/grafana/dskit/pull/342. Mathias signature.asc Description: This is a digitally signed message part
Bug#1052068: dbus 1.14.10-1~deb12u1 flagged for acceptance
package release.debian.org tags 1052068 = bookworm pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm. Thanks for your contribution! Upload details == Package: dbus Version: 1.14.10-1~deb12u1 Explanation: new upstream stable release; fix a dbus-daemon crash during policy reload if a connection belongs to a user account that has been deleted, or if a Name Service Switch plugin is broken, on kernels not supporting SO_PEERGROUPS; report the error correctly if getting the groups of a uid fails; dbus-user-session: Copy XDG_CURRENT_DESKTOP to activation environment
Bug#1052455: bookworm-pu: package freetype/2.12.1+dfsg-5+deb12u1
Control: tags -1 moreinfo On Fri, 2023-09-22 at 22:16 +1000, Hugh McMaster wrote: > FreeType 2.12.1 shipped with experimental COLRv1 support enabled. > This was > unintentional, as the implementation shipped in this release was > incomplete and > incompatible with the final COLRv1 API. > > Upstream's intention was to enable COLRv1 support in FreeType 2.13.0. > > Applications attempting to use the partial COLRv1 API in FreeType > 2.12.1 will > get unexpected (and incorrect) results. > Do we know if any applications shipped in bookworm attempt to use this partial API? If so, do we know how they'll handle the change? Regards, Aam
Bug#1052400: php-zumba-json-serializer: correction to short description
Package: php-zumba-json-serializer Followup-For: Bug #1052400 X-Debbugs-Cc: benatt...@gezapig.nl Dear Maintainer, Thank you for acting and asking me. I'm not really the person you should ask. I think it's good with "library". The short description contained basically a repeating of the package name. I should have put some references in that bug report: policy 3.4.1 The single line synopsis developers reference 6.2.2 The package synopsis, or short description -- System Information: Debian Release: 12.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-12-amd64 (SMP w/4 CPU threads; PREEMPT) Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages php-zumba-json-serializer depends on: ii php-common 2:93 ii php-mbstring2:8.2+93 ii php8.2-mbstring [php-mbstring] 8.2.7-1~deb12u1 php-zumba-json-serializer recommends no packages. php-zumba-json-serializer suggests no packages.
Bug#1052361: bookworm-pu: cups/2.4.2-3+deb12u2
Control: tags -1 moreinfo On Wed, 2023-09-20 at 21:05 +, Thorsten Alteholz wrote: > The attached debdiff for cups fixes CVE-2023-4504 and CVE-2023-32360 > in > Bookworm. These CVEs have been marked as no-dsa by the security > team, > but at least CVE-2023-32360 got an RC bug (#1051953). > +cups (2.4.2-6) unstable; urgency=low + + In case this is not a fresh installation of cups, please double check + whether your cupsd.conf really does contain the limitiation for + "CUPS-Get-Document" (see patch 0015-CVE-2023-32360.patch) Hmm. Is there a better way we can point users to the required change here that doesn't require them knowing how to find patches applied to the source package? Regards, Adam
Bug#1052229: bookworm-pu (pre-approval): gnome-shell/43.9-0+deb12u1
Control: tags -1 confirmed On Tue, 2023-09-19 at 11:40 +0100, Simon McVittie wrote: > Several new upstream bugfix releases. I've been trying to get these > into > a suitable state for a stable update since 12.1, but every time I've > been testing one long enough to think about asking for upload > approval, > there have been more bugfixes upstream and the cycle starts again. > > This is probably going to be the last upstream release in the 43.x > series, > although we might get a 43.10. > Please go ahead. Regards, Adam
Bug#1052238: [pkg-php-pear] Bug#1052238: php-net-smtp: Please, consider this email address
I'm sorry, My code and the example from https://pear.php.net/manual/en/package.mail.mail-mime.example.php, both use the statement: $mail =Mail::factory('mail'); this statement forced the use of the mail driver based on the php intrinsic function mail() and is this function the one who has the bug I reported. Changing this statement to: $mail =Mail::factory('smtp'); the smtp driver based on php-net-smtp is used and its behavior is correct. Conclusion: the php-net-smtp package works fine and the bug might be closed. Thansk very much for your attention and I regret the inconveniences. On 21/9/23 14:57, Guilhem Moulin wrote: On Thu, 21 Sep 2023 at 13:58:18 +0200, J.L. Fernandez Jambrina wrote: Unfortunatelly I don't know how to use setDebug() to see what's is being passed to send() Please see https://github.com/pear/Net_SMTP#debugging to debug Net_SMTP. but I used two calls to var_dump() to see it: AFAICT this show what's being passed to Mail_Mime or Mail, not Net_SMTP. Net_SMTP treats data as as opaque string containing both the header and body parts, just like the SMTP protocol itself.
Bug#1052227: bookworm-pu (pre-approval): mutter/43.8-0+deb12u1
Control: tags -1 confirmed On Tue, 2023-09-19 at 11:26 +0100, Simon McVittie wrote: > Several new upstream bugfix releases. I've been trying to get these > into > a suitable state for a stable update since 12.1, but every time I've > been testing one long enough to think about asking for upload > approval, > there have been more bugfixes upstream and the cycle starts again. > > This might be the last upstream bugfix release in the 43.x series, > or we might get a 43.9. > Please go ahead. Regards, Adam
Bug#1052218: bookworm-pu: package monitoring-plugins/2.3.3-5+deb12u1
Control: tags -1 confirmed On Tue, 2023-09-19 at 08:35 +0200, Jan Wagner wrote: > As reported in #1051768, check_disk has gotten very slow on a > machine > with a huge number of mount points (in excess of 16000). > > [ Impact ] > check_disk used to take around 10 seconds on bullseye in this > scenario, > now it is more than one hour > Please go ahead. Regards, Adam
Bug#1052149: bookworm-pu: package openssh/1:9.2p1-2+deb12u1
Control: tags -1 confirmed On Mon, 2023-09-18 at 08:59 +0100, Colin Watson wrote: > https://bugs.debian.org/1042460 is a security issue affecting > bookworm. > The security team doesn't think it warrants a DSA, but thinks it's > worth > fixing in a point release. I agree. > > [ Impact ] > Forwarding an SSH agent to a remote system may be exploitable by > administrators of that remote system in complicated conditions. See > https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt. > Please go ahead. Regards, Adam
Bug#1052070: bookworm-pu: package mutt/2.2.12-0.1~deb12u1
Control: tags -1 confirmed On Sat, 2023-09-16 at 23:34 +0200, Sebastian Andrzej Siewior wrote: > On 2023-09-16 23:30:44 [+0200], To sub...@bugs.debian.org wrote: > > forgot to attach the debdiff. Here it comes… > Please go ahead. Regards, Adam
Bug#1052007: bookworm-pu: package lxcfs/5.0.3-1+deb12u1
Control: tags -1 confirmed On Fri, 2023-09-15 at 22:03 +, Mathias Gibbens wrote: > lxcfs 5.0.3-1 has a bug where /proc/cpuinfo is not properly reported > within a 32bit arm container when the 64bit host has more than ~13 > CPUs. This was initially reported in #1036818 and impacts some > autopkgtests run on the ci.debian.net arm hosts. > > Please go ahead. Regards, Adam
Bug#1051594: bookworm-pu: package samba/2:4.17.11+dfsg-0+deb12u1
Control: tags -1 confirmed On Sun, 2023-09-10 at 13:11 +0300, Michael Tokarev wrote: > There's a next upstream stable/bugfix release of samba series 4.17, > with a next share of bugfixes. This is the last regular stable > release, 4.17 switched to security-only bugfix mode once 4.19 is > out. > Please go ahead (including the CI change). Regards, Adam
Bug#1051302: bookworm-pu: package jekyll/4.3.1+dfsg-3+deb12u1
Control: tags -1 confirmed This update fixes processing user configuration that used YAML > aliases. > > [ Impact ] > User configuration with YAML aliases will cause jekyll to crash while > parsing it, and therefore jekyll will not work at all. > Please go ahead. Regards, Adam
Bug#1051239: bookworm-pu: package dar/2.7.8-2
Control: tags -1 confirmed On Mon, 2023-09-04 at 15:57 -0500, John Goerzen wrote: > A bug was recently reported to Debian as #1050663, and subsequently > to upstream. > This bug causes dar to create isolated catalog files that cannot be > read by a > future dar invocation. The catalog files are used as the basis for > backups, so > this breaks users' backup flows. > +dar (2.7.8-2) bookworm; urgency=high The conventional version here would be 2.7.8-1+deb12u1, but -2 is acceptable in this case, as no such version ever appears to have been uploaded to Debian. Please go ahead. Regards, Adam
Bug#1052298: metafun broken?
On Sat, Sep 23, 2023 at 05:33:44PM +0200, Mojca Miklavec wrote: > V sob., 23. sep. 2023, 11:13 je oseba Siep Kroonenberg napisala: > > > On Sat, Sep 23, 2023 at 07:47:32AM +0900, Norbert Preining wrote: > > > > > > Why have the mkii files been dropped from TL2022 in the first > > > place, was there an urgent reason for that? > > > > > > Thanks and best regards > > > > > > Norbert > > > > They are no longer in the ConTeXt distribution. The only mkii files > > in it are in add-on modules. So it seems that > > keeping them would mean adopting them, as was done with mptopdf. > > > > The files are not in the "minimal distribution" (which includes binaries, > fonts etc.), but they are still present in the context zip itself. That would greatly simplify putting them back, although I am first going to take a closer look. Should I just re-add them, or should these extra files be turned into a separate package? -- Siep Kroonenberg
Bug#1051910: mirror submission for ossmirror.mycloud.services
Thanks Adam for the clarification and kind assistance! On 24 Sep 2023, at 2:56 AM, Adam D. Barratt wrote: On Sun, 2023-09-24 at 01:57 +0800, OSSMirror@OnboardCloud wrote: > Hi Adam, > > Thanks for the reply. Could you elaborate further what do you mean as > the /debian/ works: > > http://ossmirror.mycloud.services/debian/ > Ah, right - I was mislead by the index of http://ossmirror.mycloud.services implying that only /os/ existed, and didn't check for an alias. Regards, Adam
Bug#1051171: bookworm-pu: package qtlocation-opensource-src/5.15.8+dfsg-3+deb12u1
Control: tags -1 + confirmed On Sun, 2023-09-03 at 22:29 +0300, Dmitry Shachnev wrote: > This fixes bug which made applications using Qt Location freeze when > trying to > load the map tiles. > Please go ahead. Regards, Adam
Bug#1052521: debmake-doc: instructions for adding user to sbuild group have a bug and are (maybe) incomplete
Package: debmake-doc Version: 1.17-7 Severity: minor 1) Section 3.6 of the debmake doc says to run `adduser sbuild` but there should be `sudo` at the beginning of that command. 2) It also says "Logout and login to check you are a member of sbuild group using id command." I don't know how universal this is, but if a user has done `loginctl enable-linger` or has a user-level systemd daemon configured, logging out logging back in won't work; they still won't be in the group. They would need to either reboot or run `kill -TERM -1` (NOT as root) to make all of their processes die and thereby get the user-level systemd to restart. I know you're trying to keep the guide simple so you you may not want to get into the nitty-gritty details, but perhaps it is worth mentioning that if logging out and logging back in doesn't work the user should try restarting their computer. -- System Information: Debian Release: trixie/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 6.4.0-4-amd64 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled debmake-doc depends on no packages. Versions of packages debmake-doc recommends: ii debmake 4.4.0-1 Versions of packages debmake-doc suggests: pn debian-policy pn developers-reference -- no debconf information
Bug#1052480: libpam-mklocaluser 0.18+deb12u1 flagged for acceptance
package release.debian.org tags 1052480 = bookworm pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm. Thanks for your contribution! Upload details == Package: libpam-mklocaluser Version: 0.18+deb12u1 Explanation: pam-auth-update: ensure the module is ordered before other session type modules
Bug#1052463: debian-edu-doc 2.12.18~deb12u1 flagged for acceptance
package release.debian.org tags 1052463 = bookworm pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm. Thanks for your contribution! Upload details == Package: debian-edu-doc Version: 2.12.18~deb12u1 Explanation: update Debian Edu Bookworm manual
Bug#1052433: pam 1.5.2-6+deb12u1 flagged for acceptance
package release.debian.org tags 1052433 = bookworm pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm. Thanks for your contribution! Upload details == Package: pam Version: 1.5.2-6+deb12u1 Explanation: fix pam-auth-update --disable; update Turkish translation
Bug#1052325: systemd 252.17-1~deb12u1 flagged for acceptance
package release.debian.org tags 1052325 = bookworm pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm. Thanks for your contribution! Upload details == Package: systemd Version: 252.17-1~deb12u1 Explanation: fix minor security issue in arm64 and riscv64 systemd-boot (EFI) with device tree blobs loading
Bug#1052283: mozjs102 102.15.1-1~deb12u1 flagged for acceptance
package release.debian.org tags 1052283 = bookworm pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm. Thanks for your contribution! Upload details == Package: mozjs102 Version: 102.15.1-1~deb12u1 Explanation: new upstream stable release; fix "incorrect value used during WASM compilation" [CVE-2023-4046], potential use after free issue [CVE-2023-37202], memory safety issues [CVE-2023-37211 CVE-2023-34416]
Bug#1051395: pywinrm 0.3.0-4+deb12u1 flagged for acceptance
package release.debian.org tags 1051395 = bookworm pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm. Thanks for your contribution! Upload details == Package: pywinrm Version: 0.3.0-4+deb12u1 Explanation: fix compatibility with Python 3.11
Bug#837060: debootstrap: Do not install packages of Priority:required for buildd variant
On Sat, 23 Sept 2023 at 19:13, Johannes Schauer Marin Rodrigues wrote: > > Hi all, > > On Sun, 25 Jun 2017 06:01:13 +0200 Johannes Schauer wrote: > > Quoting Cyril Brulebois (2017-06-24 20:23:25) > > > Julien Cristau (2016-09-12): > > > > This is a transient situation because some Essential packages' > > > > dependencies changed. I'd consider this a bug in the archive, not in > > > > debootstrap. > > > Any reasons to keep this bug report open then? Seen no objections, so I'm > > > tempted to close it. > > > > But... the buildd variant still explicitly (and not only implicitly through > > dependencies of essential:yes packages) installs Priority:required packages, > > no? > > as we are at the beginning of the trixie development cycle, I have opened a > merge request against debootstrap which avoids installing priority:required > packages with the buildd variant: > > https://salsa.debian.org/installer-team/debootstrap/-/merge_requests/106#note_430035 > > I've put Ansgar and Julien in CC as they were opposed to this change. > > I'm putting Luca and Guillem in CC who wrote in favour of this change also in > policy bug #1029831. > > Santiago is in CC as the driver of the mass bug filing for source packages > that > fail to build in a chroot environment with just Essential:yes and > build-essential installed. > > According to the last MBF from December 2022 and January 2023, there are 13 > source packages that would FTBFS after this change because they are missing an > explicit build dependency on tzdata or mount. > > As part of the thread starting at > 9b40f6f2-4942-acfc-2f9c-4668f05d9...@debian.org a number of arguments were > made > for and against this change. I still believe that the arguments for this > change > weigh stronger than those against it and thus I filed that merge request > above. > > Luca, as the debootstrap maintainer, what are your thoughts? Sounds fine by me if people are ok with it, impact is minimal and fix is very simple and sounds correct from a conceptual point of view.
Bug#1051910: mirror submission for ossmirror.mycloud.services
On Sun, 2023-09-24 at 01:57 +0800, OSSMirror@OnboardCloud wrote: > Hi Adam, > > Thanks for the reply. Could you elaborate further what do you mean as > the /debian/ works: > > http://ossmirror.mycloud.services/debian/ > Ah, right - I was mislead by the index of http://ossmirror.mycloud.services implying that only /os/ existed, and didn't check for an alias. Regards, Adam
Bug#1051613: stable-security
Hi, On Sat, Sep 23, 2023 at 09:00:58AM +0200, Josef Friedl wrote: > > The bug has been around since September 10th. > On September 13th were released on kernel.org 6.1.53 released and on 19.9. > 6.1.54 released. In both the bug is fixed. > The meta package linux-image-amd64 still points to the faulty 6.1.52-1 > > If a kernel error made over 100 drivers unusable, most of which had been > working without any problems for over 10 years, I was hoping for a quicker > approach. The change is pending for the next upload aimed for the upcoming point release (including a rebase to 6.1.55 and several other bufixes). Regards, Salvatore
Bug#1052520: librust-tiny-skia-dev: What is?! Please be more informative on short and long description
Package: librust-tiny-skia-dev Severity: minor X-Debbugs-Cc: benatt...@gezapig.nl Dear Maintainer, short synopsis and extended description It's something, effectively nothing. Reference Debian Policy Manual (Release 4.6.2.0) 3.4 The description of a package Debian Developer’s Reference (Release 13.3) 6.2.2 The package synopsis, or short description 6.2.3 The long description -- System Information: Debian Release: 12.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-12-amd64 (SMP w/4 CPU threads; PREEMPT) Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages librust-tiny-skia-dev depends on: pn librust-arrayref-0.3+default-dev pn librust-arrayvec-0.7-dev pn librust-bytemuck-1+aarch64-simd-dev pn librust-bytemuck-1+default-dev pn librust-cfg-if-1+default-dev pn librust-png-0.17+default-dev pn librust-tiny-skia-path-0.8+no-std-float-dev pn librust-tiny-skia-path-0.8+std-dev pn librust-tiny-skia-path-0.8-dev librust-tiny-skia-dev recommends no packages. librust-tiny-skia-dev suggests no packages.
Bug#908274: debvm for autopkgtests with multiple host?
Hi Ian, On Sat, Sep 23, 2023 at 11:19:27AM +0100, Ian Jackson wrote: > To summarise that discussion: at that time the best available solution > that worked in ci.d.n seemed to be to write an ad-hoc script to run > the tests in qemu; three packes had done that, each separately, with > complex scripts with many moving parts. In principle, debvm is supposed to target that particular use case. There are two limitations that currently make this infeasible. > I saw debvm, and wondered if it was suitable for this purpose. > But, then I looked at its debian/test/control and I see that the tests > are marked as flaky.[2] So maybe it isn't reliable enough :-/. The reliability of tests is ok. The reason for marking them flaky is that they currently test the "wrong" packages. ci.d.n sets up chroots in a delicate way to combine particular packages to see which combinations cause breakage. Then debvm just creates an unstable system and tests that. In effect, it currently tests unstable (inside those virtual machines) rather than what it is supposed to be testing. Johannes solved this problem on the mmdebstrap side and mmdebstrap's tests no longer are flaky in this way. Therefore this should be solvable on the debvm side. I just haven't gotten do figuring out the right runes thus far. Roughly speaking, the hosts' apt configuration, pinning and sources.lists should be used inside the created virtual machine. > I have other questions too, particularly to do with the way I would > need autopkgtest to be able to influence package selection in the > nested testbeds. Exactly. That's currently the missing piece to remove the flakiness annotation. There is another practical problem. None of the autopkgtest nodes support kvm. Emulation will always use tcg. For one thing, tcg is slow. It can be so slow on some architectures that RCU becomes unhappy as its grace periods become too long. For another, tcg is buggy. It has emulation bugs even on release architectures that make some expected functionality fail. For instance, gdb reliably segfaults when run in s390x tcg emulation. That kvm aspect kinda seems like an unresolvable blocker. While most autopkgtest machines are physical machines, they use kvm for running the actual autopkgtest nodes and then lxc for individual test isolation. We'd have to use nested kvm here and somehow get it through lxc. > Everyone else: has there been any other progress on the multi-node > autopkgtest problem ? Disregarding these two aspects, debvm should get you quite far. You probably need to take network management into your own hands. I expect that vde2 would be a good way to implement this in an unprivileged way. Your debvm invocations may become a little longer that way, but that should be fine given that you store all of that in scripts. Helmut
Bug#837060: debootstrap: Do not install packages of Priority:required for buildd variant
Hi all, On Sun, 25 Jun 2017 06:01:13 +0200 Johannes Schauer wrote: > Quoting Cyril Brulebois (2017-06-24 20:23:25) > > Julien Cristau (2016-09-12): > > > This is a transient situation because some Essential packages' > > > dependencies changed. I'd consider this a bug in the archive, not in > > > debootstrap. > > Any reasons to keep this bug report open then? Seen no objections, so I'm > > tempted to close it. > > But... the buildd variant still explicitly (and not only implicitly through > dependencies of essential:yes packages) installs Priority:required packages, > no? as we are at the beginning of the trixie development cycle, I have opened a merge request against debootstrap which avoids installing priority:required packages with the buildd variant: https://salsa.debian.org/installer-team/debootstrap/-/merge_requests/106#note_430035 I've put Ansgar and Julien in CC as they were opposed to this change. I'm putting Luca and Guillem in CC who wrote in favour of this change also in policy bug #1029831. Santiago is in CC as the driver of the mass bug filing for source packages that fail to build in a chroot environment with just Essential:yes and build-essential installed. According to the last MBF from December 2022 and January 2023, there are 13 source packages that would FTBFS after this change because they are missing an explicit build dependency on tzdata or mount. As part of the thread starting at 9b40f6f2-4942-acfc-2f9c-4668f05d9...@debian.org a number of arguments were made for and against this change. I still believe that the arguments for this change weigh stronger than those against it and thus I filed that merge request above. Luca, as the debootstrap maintainer, what are your thoughts? Thank you! cheers, josch signature.asc Description: signature
Bug#1052446: msktutil: invalid argument unwrapping for AUTOUPDATE_OPTIONS
On Fri, Sep 22, 2023 at 09:02:55AM +0200, Francesco wrote: > Package: msktutil > Version: 1.2-2 > > > bug fix for issue #1009904 doesn't look good for me: > > "/etc/cron.daily/msktutil: > Error: unknown parameter: -N -h ldap-pp-01.example.org --service host > --computer-name ldap-pp-01 > > For help, try running msktutil --help > > run-parts: /etc/cron.daily/msktutil exited with return code 1" > > On my Debian GNU/Linux 12 (bookworm) the following script update works: > > $ cat /etc/cron.daily/msktutil > #!/bin/sh > > test -x /usr/sbin/msktutil || exit 0 > > # These options are overridden in /etc/default/msktutil. > # Edit there, not here. > AUTOUPDATE_ENABLED="false" > AUTOUPDATE_OPTIONS="" > > [ -r /etc/default/msktutil ] && . /etc/default/msktutil > > [ "$AUTOUPDATE_ENABLED" = "true" ] || exit 0 > cmd="/usr/sbin/msktutil --auto-update ${AUTOUPDATE_OPTIONS}" > > exec $cmd Hello François, Thank you for the bug report. It is timely, because I am in the process of preparing an upload of 1.2.1. I will get this fixed against 1.2 so it is a candidate for stable-proposed-updates. The expansion of $cmd in your version has the same impact as the eval suggested in the bug report. My mistake, and thank you for the correction. Cheers, tony
Bug#1052037: fasttext: Can't be imported on armel
Something like this may suffice as a workaround: diff --git a/debian/rules b/debian/rules index 9ebd14e..ab49761 100755 --- a/debian/rules +++ b/debian/rules @@ -6,6 +6,11 @@ export DEB_BUILD_MAINT_OPTIONS = hardening=+all DPKG_EXPORT_BUILDFLAGS = 1 include /usr/share/dpkg/buildflags.mk +include /usr/share/dpkg/architecture.mk + +ifneq (,$(filter $(DEB_BUILD_ARCH),armel)) +export DEB_LDFLAGS_MAINT_APPEND = -latomic +endif # see ENVIRONMENT in dpkg-buildflags(1) # package maintainers to append CFLAGS Something like this would be better: https://github.com/ccache/ccache/pull/723/files Kind Regards, Bas -- GPG Key ID: 4096R/6750F10AE88D4AF1 Fingerprint: 8182 DE41 7056 408D 6146 50D1 6750 F10A E88D 4AF1
Bug#1051910: mirror submission for ossmirror.mycloud.services
Hi Adam, Thanks for the reply. Could you elaborate further what do you mean as the /debian/ works: http://ossmirror.mycloud.services/debian/ Best regards, On 23 Sep 2023, at 10:15 PM, Adam D. Barratt wrote: ossmirror.mycloud.services
Bug#1036437: please provide a simple example to reproduce the bug
Hello Alexis, Alexis Murzeau a écrit : > [...] > That error can be fixed by changing the first line of furo.js > from this: > `import Gumshoe from "./gumshoe-patched.js";` > > to this: > `import * as Gumshoe from "./gumshoe-patched.js";` "import * as Gumshoe" looks out like a weird fix. It assumes that gumshoe-patched.js has only one importable item doesn't it? > As a side note (as you are the uploader of python-sumpy-doc, you might be > interested), I found that the version of python-sumpy-doc in testing and > unstable is missing many files in the html directory: [...] Thank you for pointing this mess! It was due to the use of intersphinx inventories, which cannot be downloaded from Internet during an official Debian build (accessing the Internet is not possible when a package is built in Debian's build farm). I could inject the inventory files, so they are now local to the file tree during the build, and python-sympy-doc provides HTML contents again. I added a short script to add `type="module"` when necessary in HTML files. Best regards, Georges. signature.asc Description: PGP signature
Bug#1052519: New upstream version 7.2
Package: sweethome3d Severity: wishlist Dear maintainer(s), Thanks for for maintaining sweethome3d in Debian! A new upstream version has just been released yesterday with nice features. It may be fast for this request - sorry about that - but could you consider to upload it? Best regards, Jérôme
Bug#1052172: gnome-terminal: crash during scroll-up
Up to now, it is stable! Le sam. 23 sept. 2023 à 17:43, Samuel Thibault a écrit : > > Patrice Duroux, le sam. 23 sept. 2023 16:53:36 +0200, a ecrit: > > Much more stable and harder to crash but still got one doing in this > > case some ample resizes of the terminal window. > > Ok, good! > > Could you try version 0.73.99-1+fix3 from > > https://people.debian.org/~sthibault/tmp/bookworm-tmp/ > > Thanks, > Samuel
Bug#999962: RFS to solve bug#999962 (silversearcher-ag: depends on obsolete pcre3 library)
Manphiz writes: > Nicholas D Steeves writes: >> Manphiz writes: >>> Manphiz writes: [snip] >> Then finalise the changelog and build the package. >> > > Done as well. Thanks! >> Finally, learn about what an "nmudiff" is, and file one at the relevant >> bug. >> > > To be careful I'd like to have you take another look before doing so[1] > :) I pulled from your remote and noted the requested updates. It looks good to me :) > BTW, I'm not a DD or DMD yet so I'm probably not able to submit to > delayed queue yet, right? Right, the upload to the delayed queue using dput is something else, and any uploads you make to ftp-master will not succeed. I'm not sure if mentors.debian.net has a delayed queue, and I can't see how that would be useful--other than for practise. Did you find the relevant section in the Developer's Reference? Before we get to the upload you need to submit an nmudiff of the source package. On a related note, if you don't know about these yet, "msmtp-mta" and "apt-file" are really useful. Msmtp-mta is an alternative to other MTAs (useful for laptops, and Spwhitton told me about apt-file :) It's technically possible to use debdiff, but "nmudiff" is a tool like "reportbug", but I'm not sure if nmudiff will function without an mta, unlike reportbug. Best, Nicholas signature.asc Description: PGP signature
Bug#1052518: RM: gtkguitune -- RoQA; dead upstream; depends on gtk2; alternative exists
Source: gtkguitune Severity: serious I intend to file a RM bug for gtkguitune. It is dead upstream and the last Debian upload was over a decade ago. With lingot, there is a better alternative available in Debian. Also, this would help getting rid of gtkmm-2.4.
Bug#1051560: jpeg-xl: diff for NMU version 0.7.0-10.1
Control: tags -1 +patch +pending X-Debbugs-CC: ma...@debian.org Dear maintainer, I've prepared an NMU for jpeg-xl (versioned as 0.7.0-11) and uploaded it to DELAYED/14. Please feel free to tell me if I should delay it longer. Regards. diff -Nru jpeg-xl-0.7.0/debian/changelog jpeg-xl-0.7.0/debian/changelog --- jpeg-xl-0.7.0/debian/changelog 2023-01-29 07:01:36.0 -0500 +++ jpeg-xl-0.7.0/debian/changelog 2023-09-23 12:52:43.0 -0400 @@ -1,3 +1,17 @@ +jpeg-xl (0.7.0-10.1) unstable; urgency=medium + + * Non-maintainer upload. + + [ Boyuan Yang ] + * debian/patches/: ++ 0007-tools-CMakeLists.txt-Fix-compatibility-with-static-l.patch: + Fix compatibility with libwebp 1.3.x. (Closes: #1052486) +* 0008-Fix-conformance-test.patch: Fix unit test that was previously + skipped but now failing. (Closes: #1051560) + * debian/control: Require libwebp-dev (>= 1.3) due to patch 0007. + + -- Boyuan Yang Sat, 23 Sep 2023 12:52:43 -0400 + jpeg-xl (0.7.0-10) unstable; urgency=medium * d/patches: Improve cjxl/djxl manpages. Closes: #1023641 diff -Nru jpeg-xl-0.7.0/debian/control jpeg-xl-0.7.0/debian/control --- jpeg-xl-0.7.0/debian/control2023-01-29 06:59:42.0 -0500 +++ jpeg-xl-0.7.0/debian/control2023-09-23 12:34:14.0 -0400 @@ -23,7 +23,7 @@ liblcms-dev | liblcms2-dev (>= 2.13), libopenexr-dev, libpng-dev, - libwebp-dev, + libwebp-dev (>= 1.3), ninja-build, pkg-config Build-Depends-Indep: doxygen, graphviz diff -Nru jpeg-xl-0.7.0/debian/patches/0007-tools-CMakeLists.txt-Fix-compatibility-with-static-l.patch jpeg-xl-0.7.0/debian/patches/0007-tools-CMakeLists.txt-Fix- compatibility-with-static-l.patch --- jpeg-xl-0.7.0/debian/patches/0007-tools-CMakeLists.txt-Fix-compatibility-with-static-l.patch 1969-12-31 19:00:00.0 -0500 +++ jpeg-xl-0.7.0/debian/patches/0007-tools-CMakeLists.txt-Fix-compatibility-with-static-l.patch 2023-09-23 12:31:13.0 -0400 @@ -0,0 +1,27 @@ +From: Boyuan Yang +Date: Fri, 22 Sep 2023 17:12:33 -0400 +Subject: tools/CMakeLists.txt: Fix compatibility with static libwebp 1.3.x + +Bug-Debian: https://bugs.debian.org/1052486 + +--- + tools/CMakeLists.txt | 5 + + 1 file changed, 5 insertions(+) + +diff --git a/tools/CMakeLists.txt b/tools/CMakeLists.txt +index 934ed89..6556845 100644 +--- a/tools/CMakeLists.txt b/tools/CMakeLists.txt +@@ -249,7 +249,12 @@ if(JPEGXL_ENABLE_BENCHMARK AND JPEGXL_ENABLE_TOOLS) + message(WARNING "Using dynamic libwebp") + target_link_libraries(benchmark_xl PkgConfig::WebP) + else() ++ # Debian-specific patch ++ # libwebp 1.3.x: libsharpyuv static library must be linked as well ++ find_library(SHARPYUV_STATIC_LINK_LIBRARY NAMES libsharpyuv.a ++ PATHS "${WebP_LIBDIR}" REQUIRED) + target_link_libraries(benchmark_xl "${WebP_STATIC_LINK_LIBRARY}") ++ target_link_libraries(benchmark_xl "${SHARPYUV_STATIC_LINK_LIBRARY}") + target_include_directories(benchmark_xl + PRIVATE ${WebP_STATIC_INCLUDE_DIRS}) + target_compile_options(benchmark_xl PRIVATE ${WebP_STATIC_CFLAGS_OTHER}) diff -Nru jpeg-xl-0.7.0/debian/patches/0008-Fix-conformance-test.patch jpeg-xl-0.7.0/debian/patches/0008-Fix-conformance-test.patch --- jpeg-xl-0.7.0/debian/patches/0008-Fix-conformance-test.patch 1969-12-31 19:00:00.0 -0500 +++ jpeg-xl-0.7.0/debian/patches/0008-Fix-conformance-test.patch 2023-09-23 12:31:32.0 -0400 @@ -0,0 +1,36 @@ +From: Boyuan Yang +Date: Fri, 22 Sep 2023 17:34:23 -0400 +Subject: Fix conformance test + +Bug-Debian: https://bugs.debian.org/1051560 + +--- + tools/conformance/generator.py| 2 +- + tools/conformance/tooling_test.sh | 1 + + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/tools/conformance/generator.py b/tools/conformance/generator.py +index e2a9b2e..d59c3f4 100755 +--- a/tools/conformance/generator.py b/tools/conformance/generator.py +@@ -67,7 +67,7 @@ def GenerateConformanceCorpus(args): + cmd.extend(['--icc_out', pixel_prefix + '.icc']) + + # Decode and generate the reference files. +-subprocess.check_call(cmd) ++subprocess.check_call(' '.join(cmd), shell=True) + + with open(metadata_filename, 'r') as f: + metadata = json.load(f) +diff --git a/tools/conformance/tooling_test.sh b/tools/conformance/tooling_test.sh +index 95adefb..892b7a2 100755 +--- a/tools/conformance/tooling_test.sh b/tools/conformance/tooling_test.sh +@@ -41,6 +41,7 @@ main() { + build_dir=$(realpath "${MYDIR}/../../build") + fi + ++ export LD_LIBRARY_PATH=${build_dir} + local decoder="${build_dir}/tools/djxl" + "${MYDIR}/generator.py" \ + --decoder="${decoder}" \ diff -Nru jpeg-xl-0.7.0/debian/patches/series jpeg-xl-0.7.0/debian/patches/series ---
Bug#1035802: RM: repsnapper -- RoQA; gtkglextmm dependency
Hi Paul, On #1042739 you mentioned that repsnapper can be removed. Would it be okay to file a RM bug? Thanks, Bastian
Bug#967719: fixed in qtractor 0.9.21-1
Okay, I see there is actually no gtk3 support. I have added a commit that disables the GTKMM2 support, which can at least unblock #967497. I do not think that gtkmm-2.4 will survive until trixie is released, so we should make the change as early as possible. Please add a comment here if there is a really important reason to keep it.
Bug#1021001: mirror-prg.webglobe.com: out-of-date
On Mon, 2022-10-03 at 11:23 +0200, Jiří Luňáček wrote: > We had some issues with storage provider software. > It should be fixed now and the mirror is in sync. > It looks like something still isn't set up as expected. http://mirror-prg.webglobe.com/debian/project/trace/ has current trace files for upstream mirrors, but the local file - i.e. http://mirror-prg.webglobe.com/debian/project/trace/mirror-prg.webglobe.com - is from May. Regards, Adam
Bug#1052298: metafun broken?
On 23.09.2023 17:33, Mojca Miklavec wrote: Hi Mojca, The files are not in the "minimal distribution" (which includes binaries, fonts etc.), but they are still present in the context zip itself. I built my package from the context.r67039.tar.xz, which is part of the TL 2023 distribution. hille@sid-amd64:~/devel/TeXLive/zzz_upstream_raw/ctan.mirror.norbert-ruehl.de_20230613/archive$ ls -l context.tar* lrwxrwxrwx 1 hille hille 21 May 7 17:11 context.tar.xz -> context.r67039.tar.xz hille@sid-amd64:~/devel/TeXLive/zzz_upstream_raw/ctan.mirror.norbert-ruehl.de_20230613/archive$ ls -l context.r67039.tar.xz -rw-rw-r-- 1 hille hille 8269444 May 7 17:11 context.r67039.tar.xz hille@sid-amd64:~/devel/TeXLive/zzz_upstream_raw/ctan.mirror.norbert-ruehl.de_20230613/archive$ tar tf context.r67039.tar.xz|grep mkii texmf-dist/bibtex/bst/context/mkii/ texmf-dist/bibtex/bst/context/mkii/cont-ab.bst texmf-dist/bibtex/bst/context/mkii/cont-au.bst texmf-dist/bibtex/bst/context/mkii/cont-no.bst texmf-dist/bibtex/bst/context/mkii/cont-ti.bst texmf-dist/tex/context/modules/mkiv/m-mkii.mkiv I just run rsync right now but the file did not change. Hilmar -- sigfault OpenPGP_signature Description: OpenPGP digital signature
Bug#1052365: systemd: DHCP client fails if multiple DHCP servers on network
Hi Alexandre Am 21.09.23 um 01:59 schrieb Alexandre Ferreira: DHCP client on systemd-networkd sends requests as broadcast so if there is more than one DHCP server on the network all but one will answer NAK: wrong server-ID. DHCP client stops at the first NAK and ignores the ACK that will be sent. THe attached patch included a test refusing any NAK that does not come from the same IP that the request was sent. Patches like this one, should be submitted upstream and reviewed there. Can you please create a PR at https://github.com/systemd/systemd/pulls Thanks, Michael OpenPGP_signature.asc Description: OpenPGP digital signature
Bug#1052517: apticron should have same apt-listchanges default as apt
Package: apticron Version: 1.2.7 Severity: wishlist I would argue that apticron should default to apt-listchanges showing news rather than changelog entries just like apt does. I suppose this would happen automatically if bug 1052514 were fixed as I propose, i.e., if news were made the default in apt-listchanges. Whether or not that happens, though, I believe apticron and apt should be consistent by default. I don't know if this is feasible, but I'd argue that the ideal behavior would be for apticron to use the "apticron" apt-listchanges profile if it exists, or the "apt" profile otherwise. If there is interest in this I could try to put together a patch. However, considering that apticron bugs I submitted two and a half years ago with patches (bug 985794, bug 985795) haven't had any activity, perhaps this package is not being actively maintained? Would it help if I offered to help with maintaining the package? -- System Information: Debian Release: trixie/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 6.4.0-4-amd64 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages apticron depends on: ii apt 2.7.3 ii bzip2 1.0.8-5+b1 ii cron [cron-daemon] 3.0pl1-175 ii dpkg1.22.0 ii mailutils [mailx] 1:3.16-1+b1 ii ucf 3.0043+nmu1 Versions of packages apticron recommends: ii apt-listchanges 3.27 ii gpg 2.2.40-1.1 ii iproute2 6.5.0-4 apticron suggests no packages. -- no debconf information
Bug#1052516: apticron man page doesn't say how to configure, doesn't refer user to the file that does
Package: apticron Version: 1.2.7 Severity: minor Both the README.Debian file for apticron and the man page say that it is configurable but don't say how. Ideally the man page would document the configuration options, but at the very least it should reference /usr/lib/apticron/apticron.conf in the FILES section and mention that configuration settings are documented there. -- System Information: Debian Release: trixie/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 6.4.0-4-amd64 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages apticron depends on: ii apt 2.7.3 ii bzip2 1.0.8-5+b1 ii cron [cron-daemon] 3.0pl1-175 ii dpkg1.22.0 ii mailutils [mailx] 1:3.16-1+b1 ii ucf 3.0043+nmu1 Versions of packages apticron recommends: ii apt-listchanges 3.27 ii gpg 2.2.40-1.1 ii iproute2 6.5.0-4 apticron suggests no packages. -- no debconf information