Bug#1054180: openssl: FTBFS on loong64

[WANG Xuerui]

Hi,

This is likely upstream issue 
https://github.com/openssl/openssl/issues/21340, manifesting on Debian 
due to the packaged binutils not having Loongson SIMD support yet, and 
fixed by upstream commit 160f48941d143cf2682df4e938ba953c96ac3c7a.


I'd suggest including the upstream patch so we don't have to touch 
anywhere else.

Bug#1053729: RFP: SAIL image decoding library

[Dima Kogan]

Andrius Merkys  writes:

> Do you know any software already in Debian which would benefit from
> having SAIL in Debian?

There aren't many C image-reading libraries. libfreeimage is mostly-dead
upstream, and is kinda weird. If SAIL was in Debian and is all the
things that its website claims, I would consider moving my upstream
software to use it instead of libfreeimage. So I'd like to see this in
Debian, but have too much of a backlog to do the packaging myself,
sadly.

Bug#1030885: python-cogent: FTBFS (some tests require more than one CPU)

[Andreas Tille]

Hi Santiago,

Am Thu, Oct 19, 2023 at 11:55:47PM +0200 schrieb Santiago Vila:
> Anyway, I'll try to find a fix.

Great.  Meanwhile I've added you to the team on Salsa.

Thanks a lot for all your work
   Andreas. 

-- 
http://fam-tille.de

Bug#1053804: also at trixie

[Phil Wyett]

On Mon, 16 Oct 2023 21:44:27 +0200 Gert van de Kraats
 wrote:
> Same problem at Debian trixie(testing) with filezilla 3.65.0-3 :
> 2023-10-16T21:24:24.379086+02:00 debian systemd[1809]: Started 
> app-gnome-filezilla-4525.scope - Application launched by gnome-shell.
> 2023-10-16T21:24:26.646156+02:00 debian kernel: [ 5791.686214] traps:
> filezilla[4525] trap invalid opcode ip:b7dc7aa3 sp:bfdb57c0 error:0
in 
> libfzclient-private-3.65.0.so[b7d1b000+f9000]
> 
> 
> 

Hi,

Thank you for the additional info regarding trixie (testing).

As stated earlier. Could you give me the specification of the machine
you have this failure on? Until I get reproduction data, I will be
unable to move forward possibly rectifying this issue.

Regards

Phil

-- 
Playing the game for the games sake.

* Debian Maintainer

Web:

* Debian Wiki: https://wiki.debian.org/PhilWyett
* Website: https://kathenas.org

Social:

* Twitter: kathenasorg
* Instagram: kathenasorg




signature.asc
Description: This is a digitally signed message part

Bug#1054265: libinput-bin: Framework quirks file contains invalid/deprecated AttrEventCodeDisable key

[Brett Kosinski]

Package: libinput-bin
Version: 1.23.0-2
Severity: normal

Dear Maintainer,

Initially I noticed that disable-while-typing was not working.

Running "libinput list-devices" caused an error to be flagged that the selected
quirks file, /usr/share/libinput/50-framework.quirks, could not be loaded
because of the presence of the invalid AttrEventCodeDisable key.

Upon inspecting the file, I confirmed the presence of the key.  When I
consulted the documentation for the package, I concluded the key had been
replaced by a new AttrEventCode key with a slightly different syntax.

To confirm, I manually corrected /usr/share/libinput/50-framework.quirks and
replaced:

AttrEventCodeDisable=BTN_RIGHT

with

AttrEventCode=-BTN_RIGHT

Upon making this change, libinput no longer emitted the indicated error.  After
rebooting I confirmed that disable-while-typing was now working correctly.


-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.5.0-2-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_USER
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libinput-bin depends on:
ii  libc6  2.37-12
ii  libevdev2  1.13.1+dfsg-1
ii  libudev1   254.5-1
ii  libwacom9  2.8.0-1

libinput-bin recommends no packages.

libinput-bin suggests no packages.

-- no debconf information

Bug#1054167: [Pkg-javascript-devel] Bug#1054167: ftbfs: AssertionError in tests

[Yadd]

Control: severity -1 important

Hi,

not really a serious-bug since it exists only when using a color term. 
Fixed anyway in version 2.0.0-4


Cheers,
Yadd

Bug#1054101: webkit2gtk: No provider of eglCreateImage found. Requires one of: EGL 15, yelp can't start

[肖盛文]

在 2023/10/19 22:29, Alberto Garcia 写道:

The patch is this one:https://commits.webkit.org/267503@main

I rebuilt WebKitGTK 2.42.1-1~deb11u1 with this patch applied and I put
the binaries here so people can test them:

https://people.debian.org/~berto/webkit/

I download and installed these packages:

dpkg -l|grep 2.42.1-1~deb11u2~test
ii  gir1.2-javascriptcoregtk-4.0:amd64 
2.42.1-1~deb11u2~test    amd64    JavaScript engine 
library from WebKitGTK - GObject introspection data
ii  gir1.2-webkit2-4.0:amd64 2.42.1-1~deb11u2~test    
amd64    Web content engine library for GTK - GObject introspection data
ii  libjavascriptcoregtk-4.0-18:amd64 
2.42.1-1~deb11u2~test    amd64    JavaScript engine 
library from WebKitGTK
ii  libwebkit2gtk-4.0-37:amd64 2.42.1-1~deb11u2~test    
amd64    Web content engine library for GTK
ii  libwebkit2gtk-4.0-37-dbgsym:amd64 
2.42.1-1~deb11u2~test    amd64    debug symbols for 
libwebkit2gtk-4.0-37


When I run yelp or /usr/lib/x86_64-linux-gnu/webkit2gtk-4.0/MiniBrowser,
I get the crash.

dmesg has errors:

[  438.725059] yelp[3616]: segfault at 10 ip 7f211ee78bc8 sp 
7ffda9dd9318 error 4 in radeonsi_dri.so[7f211ee57000+d47000]
[  438.725075] Code: 4c 89 e0 5b 5d 41 5c c3 66 2e 0f 1f 84 00 00 00 00 
00 4c 89 e7 45 31 e4 e8 75 ff fd ff e9 4a ff ff ff 48 8b 7f 40 48 8b 47 
48 <48> 8b 40 10 48 85 c0 74 0f 48 8b 57 18 ff e0 66 0f 1f 84 00 00 00
[  459.979955] MiniBrowser[3712]: segfault at 10 ip 7f8bb6ac8bc8 sp 
7fffaefb0f98 error 4 in radeonsi_dri.so[7f8bb6aa7000+d47000]
[  459.979973] Code: 4c 89 e0 5b 5d 41 5c c3 66 2e 0f 1f 84 00 00 00 00 
00 4c 89 e7 45 31 e4 e8 75 ff fd ff e9 4a ff ff ff 48 8b 7f 40 48 8b 47 
48 <48> 8b 40 10 48 85 c0 74 0f 48 8b 57 18 ff e0 66 0f 1f 84 00 00 00



gdb infos please see attachments.


Thanks!


--
肖盛文 xiao sheng wen
https://www.atzlinux.com  《铜豌豆 Linux》基于 Debian 的 Linux 中文 桌面 操作系统
Debian QA page:https://qa.debian.org/developer.php?login=atzlinux%40sina.com
Debian salsa:https://salsa.debian.org/atzlinux-guest
GnuPG Public Key: 0x00186602339240CB

eading symbols from yelp...
Reading symbols from /usr/lib/debug/.build-id/14/9a75446155d73f55d6efb8c8ecca9fbcf40261.debug...
(gdb) run
Starting program: /usr/bin/yelp 
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x7fffeb829700 (LWP 4624)]
[New Thread 0x7fffeb028700 (LWP 4625)]
[New Thread 0x7fffe91ea700 (LWP 4626)]
[New Thread 0x7fffe89e9700 (LWP 4627)]
[New Thread 0x7fffe2cf0700 (LWP 4628)]
[New Thread 0x7fffe24ef700 (LWP 4629)]
[Thread 0x7fffe24ef700 (LWP 4629) exited]
[New Thread 0x7fffe1cee700 (LWP 4630)]
[Thread 0x7fffe89e9700 (LWP 4627) exited]
[New Thread 0x7fffe89e9700 (LWP 4631)]
[New Thread 0x7fffe0afa700 (LWP 4632)]
[New Thread 0x7fff782bf700 (LWP 4633)]
[New Thread 0x7fff73abe700 (LWP 4634)]
[New Thread 0x7fff77abe700 (LWP 4635)]
[New Thread 0x7fff772bd700 (LWP 4636)]
[New Thread 0x7fff76abc700 (LWP 4637)]
[New Thread 0x7fff762bb700 (LWP 4638)]
[New Thread 0x7fff75aba700 (LWP 4639)]
[New Thread 0x7fff752b9700 (LWP 4640)]
[New Thread 0x7fff74ab8700 (LWP 4641)]
[New Thread 0x7fff732bd700 (LWP 4642)]
[Thread 0x7fff732bd700 (LWP 4642) exited]
[Thread 0x7fff74ab8700 (LWP 4641) exited]
[Thread 0x7fff762bb700 (LWP 4638) exited]
[Thread 0x7fff75aba700 (LWP 4639) exited]
[Thread 0x7fff752b9700 (LWP 4640) exited]
[Thread 0x7fff76abc700 (LWP 4637) exited]
[Thread 0x7fff772bd700 (LWP 4636) exited]
[Thread 0x7fff77abe700 (LWP 4635) exited]
[Thread 0x7fff73abe700 (LWP 4634) exited]
[Thread 0x7fff782bf700 (LWP 4633) exited]
[Thread 0x7fffe0afa700 (LWP 4632) exited]
[Thread 0x7fffe89e9700 (LWP 4631) exited]
[New Thread 0x7fffe89e9700 (LWP 4643)]
[New Thread 0x7fff77abe700 (LWP 4644)]
[New Thread 0x7fff73abe700 (LWP 4645)]
[New Thread 0x7fff782bf700 (LWP 4646)]
[New Thread 0x7fffe0a9c700 (LWP 4647)]
[New Thread 0x7fff772bd700 (LWP 4648)]
[New Thread 0x7fff76abc700 (LWP 4649)]
[New Thread 0x7fff762bb700 (LWP 4650)]
[New Thread 0x7fff75aba700 (LWP 4651)]
[New Thread 0x7fff752b9700 (LWP 4652)]
[New Thread 0x7fff748b2700 (LWP 4653)]
[Thread 0x7fff748b2700 (LWP 4653) exited]
[New Thread 0x7fff748b2700 (LWP 4654)]
[New Thread 0x7fff712bd700 (LWP 4655)]
[New Thread 0x7fff70abc700 (LWP 4656)]
[Detaching after fork from child process 4657]
[Detaching after fork from child process 4658]
[New Thread 0x7fff48eca700 (LWP 4664)]
[New Thread 0x7fff3700 (LWP 4666)]
[New Thread 0x7fff3f7fe700 (LWP 4667)]
[New Thread 0x7fff3effd700 (LWP 4693)]
[New Thread 0x7fff3e7fc700 (LWP 4694)]
[New Thread 0x7fff3dffb700 (LWP 4695)]
[Thread 0x7fff3dffb700 (LWP 4695) exited]
--Type  for more, q to quit, c to continue without paging--c

Thread 1 "yelp" received signal SIGSEGV, Segmentation fault.
0x7fff7eaccbc8 in ?? () from /usr/lib/x86_64-linux-gnu/dri/radeonsi_dri.so
(gdb) bt
#0  0x7fff7eaccbc8 in ?? () from 

Bug#1054264: ITP: python3-pytest-flake8-path -- pytest fixture for testing flake8 plugins

[Guilherme Puida Moreira]

Package: wnpp
Severity: wishlist
Owner: Guilherme Puida Moreira 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: python3-pytest-flake8-path
  Version : 1.5.0
  Upstream Contact: Adam Johnson  
* URL : https://github.com/adamchainz/pytest-flake8-path
* License : MIT
  Programming Lang: Python
  Description : pytest fixture for testing flake8 plugins

  Provides a fixture that wraps Pytest's built-in tmp_path fixture,
  to create a temporary directory, allow adding files, and running
  flake8.
  .
  Pytest-flake8-path is the successor to pytest-flake8dir.
  Pytest-flake8dir was based upon pytest's tmpdir fixture,
  which returned a legacy py.path.local object. Since version
  3.9.0, pytest has provided the tmp_path fixture, which returns
  a standard library pathlib.Path object. Pytest-flake8-path is a
  rewrite of pytest-flake8dir to use tmp_path instead of tmpdir.

This is a dependency of flake8-spellcheck, that I also plan to
package.

I plan to maintain this package as part of the Python team.

Bug#1054263: faicd64-large_6.0.3.iso "Cannot find grub.cfg"

[Suresh Solomon]

Package: fai-server

Version: 6.0.3+deb12u1


Hi I am using the following faicd64-large_6.0.3.iso
My setup.
1. Hyper-V with 2 Virtual Machines.
2. VM-alpine as dhcp and gateway
3. Setup faicd64-large_6.0.3 on VM2
Boot selection: FAI server installation - using external DHCP server.
Install completes and rebooted as per prompt.
Reboot selection Boot OS from first partition on first disk.
returns error "Cannot find grub.cfg"
4. I have tried with 
faicd64-large_5.10.3.iso and able to complete the installation.
Thank you 
Suresh

Bug#1054262: faicd64-large_6.0.3.iso "Cannot find grub.cfg"

[Suresh Solomon]

Package: fai-serverVersion: 6.0.3+deb12u1


Hi I am using the following faicd64-large_6.0.3.iso
My setup.1. Hyper-V with 2 Virtual Machines.2. VM-alpine as dhcp and gateway3. 
Setup faicd64-large_6.0.3 on VM2 Boot selection: FAI server installation - 
using external DHCP server. Install completes and rebooted as per prompt.
 Reboot selection Boot OS from first partition on first disk.  returns error 
"Cannot find grub.cfg"
4. I have tried with   faicd64-large_5.10.3.iso and able to complete the 
installation.
Thank you 
Suresh

Bug#1054261: tint2 coredumps on startup

[Phil Dibowitz]

Package: tint2
Version: 17.0.1-1
Severity: grave
Justification: renders package unusable

Dear Maintainer,

tint2 crashes reliably on startup with this:

```
$ tint2
tint2: Using glib slice allocator (default). Run tint2 with environment 
variable G_SLICE=always-malloc in case of strange behavior or crashes
tint2: xRandr: Found crtc's: 6
tint2: xRandr: Linking output DisplayPort-1 with crtc 0, resolution 1920x1080, 
DPI 102
tint2: xRandr: Linking output HDMI-A-0 with crtc 1, resolution 1920x1080, DPI 
102
tint2: xRandr: crtc 2 seems disabled
tint2: xRandr: crtc 3 seems disabled
tint2: xRandr: crtc 4 seems disabled
tint2: xRandr: crtc 5 seems disabled
tint2: No XSETTINGS manager, tint2 uses config option 'launcher_icon_theme'.
tint2: Loading config file: /home/phil/.config/tint2/tint2rc
tint2: real transparency off depth: 24
tint2: panel items: TSC
tint2: Systray composited rendering off
tint2: systray_asb forced to 100 0 0
tint2: nb monitors 2, nb monitors used 2, nb desktops 4
tint2: panel 1 uses scale 1 
tint2: panel 2 uses scale 1 
tint2: Kernel uevent interface initialized...
tint2: systray window 27263052
tint2: systray started add_icon: 46137383 (), pid 24844, visual 0x55fcc6f9e1c0, 
colormap 46137384, depth 32, width 22, height 22
tint2: Couldn't get geometry of window! systray 823: cannot embed icon for 
window 46137383 () parent 27263080 pid 24844
tint2: remove_icon: 46137383 () Segmentation fault (core dumped) 
```

Despite what the message says, even if you define G_SLICE=always-malloc,
it still prints that message:

```
[phil@rider ~]$ export G_SLICE=always-malloc
[phil@rider ~]$ tint2
tint2: Using glib slice allocator (default). Run tint2 with environment 
variable G_SLICE=always-malloc in case of strange behavior or crashes
tint2: xRandr: Found crtc's: 6
```

The internet believes it's due to newer glibc2: 
https://bbs.archlinux.org/viewtopic.php?id=284293

I'm using openbox.



-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.5.0-1-amd64 (SMP w/12 CPU threads; PREEMPT)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages tint2 depends on:
ii  libc6 2.37-12
ii  libcairo2 1.18.0-1
ii  libgdk-pixbuf-2.0-0   2.42.10+dfsg-1+b1
ii  libglib2.0-0  2.78.0-2
ii  libgtk-3-03.24.38-5
ii  libimlib2 1.12.1-1
ii  libpango-1.0-01.51.0+ds-2
ii  libpangocairo-1.0-0   1.51.0+ds-2
ii  librsvg2-22.54.7+dfsg-2
ii  libstartup-notification0  0.12-6+b1
ii  libx11-6  2:1.8.7-1
ii  libxcomposite11:0.4.5-1
ii  libxdamage1   1:1.1.6-1
ii  libxext6  2:1.3.4-1+b1
ii  libxinerama1  2:1.1.4-3
ii  libxrandr22:1.5.2-2+b1
ii  libxrender1   1:0.9.10-1.1

tint2 recommends no packages.

tint2 suggests no packages.

-- no debconf information

Bug#1054254: Regression: Securty fix in webkit2gtk breaks gp-saml-gui

[Jaimos Skriletz]

On Thu, Oct 19, 2023 at 4:55 PM Alberto Garcia  wrote:
>
> On Thu, Oct 19, 2023 at 02:07:12PM -0600, Jaimos Skriletz wrote:
>
> > KMS: DRM_IOCTL_MODE_CREATE_DUMB failed: Permission denied
> > Failed to create GBM buffer of size 500x500: Permission denied
> > Failed to create EGL images for DMABufs with file descriptors -1, -1 and -1
> >
> > I am using the nvidia non-free driver, which might be related due to the 
> > KMS errors.
>
> Do you have the libnvidia-egl-gbm1 package installed, and if not can
> you install it and try again?

That was the package I was missing, thanks. Things now work normally.

jaimos

Bug#1054259: [Pkg-javascript-devel] Bug#1054259: nodejs: cannot bootstrapped nodejs

[Jérémy Lal]

https://salsa.debian.org/js-team/nodejs/-/blob/master-18.x/debian/README.source


Le ven. 20 oct. 2023 à 01:27, Christopher Obbard 
a écrit :

> Source: nodejs
> Version: 18.13.0+dfsg1-1
> Severity: important
> X-Debbugs-Cc: chris.obb...@collabora.com
>
> Dear Maintainer,
>
> Bootstrapping nodejs version 18 FTBFS for me. There seems to be a couple
> of different issues when bootstrapping:
>
> 1) The created node binary fails with an error about the externalized
> builtins not being found. This renders the binary useless. This also
> causes an error in the bootstrap process, override_dh_auto_build-arch
> fails with:
>
> Cannot load externalized builtin:
> "internal/deps/cjs-module-lexer/lexer:/usr/share/nodejs/cjs-module-lexer/lexer.js".
>  1: 0x7f06454026cc node::Abort()
> [/mnt/_build/nodejs-18.13.0+dfsg1/out/Release/libnode.so.108]
>  2: 0x7f06453e1f1d
> [/mnt/_build/nodejs-18.13.0+dfsg1/out/Release/libnode.so.108]
>  3: 0x7f06453e2069 node::builtins::BuiltinLoader::BuiltinLoader()
> [/mnt/_build/nodejs-18.13.0+dfsg1/out/Release/libnode.so.108]
>  4: 0x7f064531db83
> [/mnt/_build/nodejs-18.13.0+dfsg1/out/Release/libnode.so.108]
>  5: 0x7f064782947e  [/lib64/ld-linux-x86-64.so.2]
>  6: 0x7f0647829568  [/lib64/ld-linux-x86-64.so.2]
>  7: 0x7f06478432ca  [/lib64/ld-linux-x86-64.so.2]
> Aborted (core dumped)
>
>
> 2) dh_install fails with:
>
> dh_install: warning: Cannot find (any matches for)
> "./<@(node_builtin_shareable_builtins)" (tried in ., debian/tmp)
> dh_install: warning: nodejs missing files:
> ./<@(node_builtin_shareable_builtins)
> dh_install: error: missing files, aborting
>
>
> I have a couple of patches which works around these issues and can create
> a bootstrapped nodejs (I can share my patches if that is useful); but the
> created binary is useless due to the "Cannot load externalized builtin"
> error.
>
> Thanks!
>
> -- System Information:
> Debian Release: trixie/sid
>   APT prefers unstable
>   APT policy: (500, 'unstable'), (1, 'experimental')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 6.5.0-2-amd64 (SMP w/16 CPU threads; PREEMPT)
> Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8),
> LANGUAGE=en_GB:en
> Shell: /bin/sh linked to /usr/bin/dash
> Init: systemd (via /run/systemd/system)
> LSM: AppArmor: enabled
>
> --
> Pkg-javascript-devel mailing list
> pkg-javascript-de...@alioth-lists.debian.net
>
> https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-javascript-devel
>

Bug#1054260: cvsweb is unmaintained upstream

[Denis 'GNUtoo' Carikli]

Package: cvsweb
Version: 3:3.0.6-8.1

Hi,

Debian has a cvsweb package.

Unfortunately in 2014 FreeBSD stopped maintaining cvsweb[1] and warned
that "There may be unpatched security issues with [cvsweb]".

Debian probably still assume that it's maintained by FreeBSD as the
package points to the cvsweb page on the FreeBSD website[2][3], but that
page was also removed from the FreeBSD website few years ago[4][5].

References:
---
[1]https://cgit.freebsd.org/doc/commit/?id=65402a3cc2b34ee34ddb598266b5cc30ef03d41b
[2]https://packages.debian.org//cvsweb
[3]http://www.freebsd.org/projects/cvsweb.html
[4]https://reviews.freebsd.org/D22957
[5]https://reviews.freebsd.org/file/data/2aucwpp5owujyob55met/PHID-FILE-pl362nfyqoek4ostdpdp/D22957.diff

Denis.


pgpxY9UwoNLcY.pgp
Description: OpenPGP digital signature

Bug#1054254: Regression: Securty fix in webkit2gtk breaks gp-saml-gui

[Alberto Garcia]

On Thu, Oct 19, 2023 at 02:07:12PM -0600, Jaimos Skriletz wrote:

> KMS: DRM_IOCTL_MODE_CREATE_DUMB failed: Permission denied
> Failed to create GBM buffer of size 500x500: Permission denied
> Failed to create EGL images for DMABufs with file descriptors -1, -1 and -1
> 
> I am using the nvidia non-free driver, which might be related due to the KMS 
> errors.

Do you have the libnvidia-egl-gbm1 package installed, and if not can
you install it and try again?

Berto

Bug#1054259: nodejs: cannot bootstrapped nodejs

[Christopher Obbard]

Source: nodejs
Version: 18.13.0+dfsg1-1
Severity: important
X-Debbugs-Cc: chris.obb...@collabora.com

Dear Maintainer,

Bootstrapping nodejs version 18 FTBFS for me. There seems to be a couple
of different issues when bootstrapping:

1) The created node binary fails with an error about the externalized
builtins not being found. This renders the binary useless. This also
causes an error in the bootstrap process, override_dh_auto_build-arch
fails with:

Cannot load externalized builtin: 
"internal/deps/cjs-module-lexer/lexer:/usr/share/nodejs/cjs-module-lexer/lexer.js".
 1: 0x7f06454026cc node::Abort() 
[/mnt/_build/nodejs-18.13.0+dfsg1/out/Release/libnode.so.108]
 2: 0x7f06453e1f1d  
[/mnt/_build/nodejs-18.13.0+dfsg1/out/Release/libnode.so.108]
 3: 0x7f06453e2069 node::builtins::BuiltinLoader::BuiltinLoader() 
[/mnt/_build/nodejs-18.13.0+dfsg1/out/Release/libnode.so.108]
 4: 0x7f064531db83  
[/mnt/_build/nodejs-18.13.0+dfsg1/out/Release/libnode.so.108]
 5: 0x7f064782947e  [/lib64/ld-linux-x86-64.so.2]
 6: 0x7f0647829568  [/lib64/ld-linux-x86-64.so.2]
 7: 0x7f06478432ca  [/lib64/ld-linux-x86-64.so.2]
Aborted (core dumped)


2) dh_install fails with:

dh_install: warning: Cannot find (any matches for) 
"./<@(node_builtin_shareable_builtins)" (tried in ., debian/tmp)
dh_install: warning: nodejs missing files: 
./<@(node_builtin_shareable_builtins)
dh_install: error: missing files, aborting


I have a couple of patches which works around these issues and can create
a bootstrapped nodejs (I can share my patches if that is useful); but the
created binary is useless due to the "Cannot load externalized builtin"
error.

Thanks!

-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.5.0-2-amd64 (SMP w/16 CPU threads; PREEMPT)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#1054009: RFS: runit-services/0.7.0 -- UNIX init scheme with service supervision (services)

[Lorenzo]

Hi Nicholas,

On Mon, 16 Oct 2023 15:26:50 -0400
Nicholas D Steeves  wrote:

> I'm unfamiliar with runit, but does anything need to be done in the
> mini-httpd package to support your work in this upload?

there's no need for anything on mini-httpd side, however I plan to do a
QA upload (a NEWS file) and later a RoQA for for mini-httpd-run. I
will really appreciate if you are available to help with this.

I didn't think deeply but my plan is roughly the following:

* have the mini-httpd runscript added to runit-services
* QA upload to mini-httpd-run, with a NEWS file (package scheduled for
  removal + instruction to migrate to runit-services).
  
> I'd recommend filing a bug against
> mini-httpd-run shortly after the upload of runit-services_0.7.0,
> because otherwise someone might potentially see a neglected package
> and then adopt it. This bug would make the plan from your commit
> message more visible and official. 
  Right, I need to file a bug at this point or shortly before the QA
  upload

* (after trixie): RoQA for removal of the mini-httpd-run package
  (reason: orphaned, low popcon count, maintained alternative exists,
  small package design rejected by FTP masters in the past)

> 
> Also, thank you for thinking about smoothing the transition for users
> by using Provides; although, I wonder how this will actually function,
> because mini-httpd-run's version 1.0+nmu1 >> runit-services' 0.7.0.
I'm not entirely sure how Provides works: my hope is that with the
current unversioned provides, when mini-httpd-run is removed and one
does
"apt-get install mini-httpd-run" apt will at least throw a warning
saying that the package has no candidate to install but
another package (runit-services) provides it.

> You're right, Conflicts isn't required and it doesn't seem like Breaks
> would be appropriate either.  Have you considered using versioned
> Provides?  This would make it more clear, in dependency resolution,
> that mini-httpd-run is now an obsolete cruft package.

I think mini-httpd-run is a leaf package but even if something depends
on it might not be sensible to automatically bring in a package
with 50 runscripts in place of a one with only one specific runscript.
At least I want to give mini-httpd-run users the chance to read the NEWS
file and react first.

Regards,
Lorenzo
> 
>   
> https://www.debian.org/doc/debian-policy/ch-relationships.html#virtual-packages-provides
> 
> Alternatively if the transition requires user/sysadmin intervention,
> then why wouldn't a debian/NEWS file be a good thing?
> 
> Kind regards,
> Nicholas

Bug#1054218: texlive-latex-base: pdflatex failures on big-endian architectures (s390x)

[Stuart Prescott]

Control: found -1 2022.20230122-3

Hi Hilmar

On 20/10/2023 01:13, Preuße, Hilmar wrote:

On 19.10.2023 14:20, Stuart Prescott wrote:

Hi Stuart,


The unittests of the 'plastex' package run pdflatex to generate some
figures, and then extract the text from the figures to verify that
various implementation details of the package are working. These tests
pass on all release architectures except s390x. They also fail on ppc64.
The common feature of the failures is that the architecture is
big-endian.



As you opened the issue for texlive-latex-base I'm wondering if the 
issue caused by the latest texlive-latex-base upgrade. Do you remember 
if it worked 2 weeks ago?


my assignment to texlive-latex-base was just on the basis of that 
shipping /usr/bin/pdflatex. I'm not familiar enough with the texlive 
packaging to know if it would be better assigned elsewhere, so please 
feel free to reassign. As for versions, I had only tested with the 
version in sid because that was where I was seeing the FTBFS.


Testing with the quick reproducer (test.tex attached to the bug report) 
and texlive in bookworm shows the bug is also present there:


(bookworm_s390x-dchroot)stuart@zelenka:~$ gs -q -sDEVICE=txtwrite -o 
%stdout% test.pdf |od -c

000  \0
020  \0  \r  \n
023

(should be "hi" not "\0\0")

I've added the bookworm version to the bug metadata.

plastex 3.0 (now in sid) has a better test coverage than version 2.4 
(that is in bookworm). I think the bug exists in the previous pdflatex 
version too (and I would guess that it has probably been there for a 
long time!) but we're only just seeing the test failure now because of 
the better test suite in the new plastex.


regards
Stuart


--
Stuart Prescott   http://www.nanonanonano.net/ stu...@nanonanonano.net
Debian Developer  http://www.debian.org/   stu...@debian.org
GPG fingerprint   90E2 D2C1 AD14 6A1B 7EBB 891D BBC1 7EBB 1396 F2F7

Bug#650479: iputils-ping: ping on an IP address doesn't do reverse DNS lookups

[Vincent Lefevre]

Control: tags -1 upstream
Control: forwarded -1 https://github.com/iputils/iputils/issues/421

On 2011-11-30 04:08:11 +0100, Vincent Lefevre wrote:
> According to the ping(8) man page, this is the -n option that
> controls whether reverse DNS lookup is done or not, not the
> fact that the destination is numeric or not.
> 
> If this is the wanted behavior, the man page should better
> describe this behavior.

This will be enhanced with a new -H option to force DNS resolution for
the output, where -n will be the default for a numeric destination and
-H otherwise.

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Bug#1054258: RFS: mdl/0.13.0-1 -- Markdown lint tool

[Norwid Behrnd]

Package: sponsorship-requests
Severity: wishlist

Dear mentors,

I am looking for a sponsor for my package "mdl":

 * Package name : mdl
   Version  : 0.13.0-1
   Upstream contact : ["p...@ipom.com"]
 * URL  : https://github.com/markdownlint/markdownlint
 * License  : MIT
 * Vcs  : https://salsa.debian.org/nbehrnd/mdl
   Section  : text

The source builds the following binary packages:

  mdl - Markdown lint tool

To access further information about this package, please visit the following
URL:

  https://mentors.debian.net/package/mdl/

Alternatively, you can download the package with 'dget' using this command:

  dget -x https://mentors.debian.net/debian/pool/main/m/mdl/mdl_0.13.0-1.dsc

Changes for the initial release:

 mdl (0.13.0-1) unstable; urgency=medium
 .
   * rename package (formerly `ruby-mdl`, now `mdl`) because it is an
 application
   * New upstream version 0.13.0, i.e.
   * added Sarif output
   * fixed rules MD007, MD027
   * changed rules MD009, MD033
   * new rules MD055, MD056, MD057

Regards,

Bug#1030885: python-cogent: FTBFS (some tests require more than one CPU)

[Santiago Vila]

found 1030885 2023.2.12a1+dfsg-2
owner 103088 !
thanks

Hi. This is happening again in version 2023.2.12a1+dfsg-2.

This is the way it fails:

=== FAILURES ===
 test_write_db_parallel 

[...]
else:
if max_workers <= 0:

  raise ValueError("max_workers must be greater than 0")

E   ValueError: max_workers must be greater than 0


My theory is that "test_write_db_parallel", which was disabled
in version 2022.10.31a1+dfsg-1, was inadvertedly reenabled
again in commit c0a8fffe ("Refresh patches"). Maybe because of
a git conflict.

Anyway, I'll try to find a fix.

Thanks.

Bug#1019202: dh-make-elpa: crashes with: Can't locate object method "gecos"

[Richard Lewis]

On Mon, 16 Oct 2023 at 09:00, Lev Lamberov  wrote:
> Вс 15 окт 2023 @ 19:37 Richard Lewis :
> > On Mon, 05 Sep 2022 19:44:27 -0300 David Bremner  wrote:
> >> Lev Lamberov  writes:

> > I also see this bug in bookwork: dh-make-elpa doesnt work at all
> > unless DEBFULLNAME (and maybe DEBEMAIL) is set.

> > I could send a patch to mention these variables in the man-page

> That would be great.

It turned out that i could do even better!

Have fixed the whole bug, and improved the detection of both name and
email address.
I've also added some tests, and refreshed the lintian overrides and
standards-version

MR is here https://salsa.debian.org/emacsen-team/dh-make-elpa/-/merge_requests/3

Bug#1054257: openjdk-17-jdk-headless: please package hsdis library with jdks

[benjamin]

Package: openjdk-17-jdk-headless
Severity: wishlist

Dear Maintainer,

Please consider packaging the hotspot disassembler library (hsdis) from 
https://github.com/openjdk/jdk/tree/master/src/utils/hsdis. This library is 
loaded by HotSpot to print JIT assembly and is useful for debugging and 
performance analysis of the JVM.

-- System Information:
Debian Release: 12.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-13-cloud-amd64 (SMP w/16 CPU threads; PREEMPT)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages openjdk-17-jdk-headless depends on:
ii  libc62.36-9+deb12u3
pn  openjdk-17-jre-headless  
ii  zlib1g   1:1.2.13.dfsg-1

openjdk-17-jdk-headless recommends no packages.

Versions of packages openjdk-17-jdk-headless suggests:
pn  openjdk-17-demo
pn  openjdk-17-source  

Bug#1054112: mariadb-server-10.5: extreme query slowdown since upgrade from 10.5.19 to 10.5.21

[Otto Kekäläinen]

Hi Pavel!

This is very unlikely due to any packaging changes in Debian. I
recommend you serach jira.mariadb.org if somebody has identified this
upstream.

On Tue, 17 Oct 2023 at 02:18, Pavel Krejca  wrote:
>
> Package: mariadb-server-10.5
> Version: 1:10.5.21-0+deb11u1
> Severity: normal
>
> Dear Maintainer,
>
> after upgrading from 10.5.19-0+deb11u2 to 10.5.21-0+deb11u1, execution
> of one particular SELECT query became extremely slow (approx 1000 to
> 1 times).
>
> The configuration (server, client) remained the same.
>
> Before upgrade (expected):
>
> MariaDB [test]> SELECT ...
> ...
> 4 rows in set (1.014 sec)
>
> After upgrade (actual):
>
> MariaDB [test]> SELECT ...
> ...
> 4 rows in set (25 min 54.964 sec)
>
> SHOW CREATE statements of tables included in query (these are standard
> WordPress tables), ANALYZE SELECT for both versions and full server
> config are attached.
>
> All tables have ~50k to 400k rows.
>
> FYI, the same problem appears in latest version of MariaDB 10.11 (probably).
>
> Best regards,
> Pavel
>
> -- System Information:
> Debian Release: 11.8
>APT prefers oldstable-updates
>APT policy: (500, 'oldstable-updates'), (500, 'oldstable-security'),
> (500, 'oldstable')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 5.10.0-25-amd64 (SMP w/4 CPU threads)
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
> LANGUAGE=en_US:en
> Shell: /bin/sh linked to /usr/bin/dash
> Init: systemd (via /run/systemd/system)
>
> Versions of packages mariadb-server-10.5 depends on:
> ii  adduser   3.118+deb11u1
> ii  debconf [debconf-2.0] 1.5.77
> ii  galera-4  26.4.11-0+deb11u1
> ii  gawk  1:5.1.0-1
> ii  iproute2  5.10.0-4
> ii  libc6 2.31-13+deb11u7
> ii  libdbi-perl   1.643-3+b1
> ii  libpam0g  1.4.0-9+deb11u1
> ii  libssl1.1 1.1.1w-0+deb11u1
> ii  libstdc++610.2.1-6
> ii  lsb-base  11.1.0
> ii  lsof  4.93.2+dfsg-1.1
> ii  mariadb-client-10.5   1:10.5.21-0+deb11u1
> ii  mariadb-common1:10.5.21-0+deb11u1
> ii  mariadb-server-core-10.5  1:10.5.21-0+deb11u1
> ii  passwd1:4.8.1-1
> ii  perl  5.32.1-4+deb11u2
> ii  procps2:3.3.17-5
> ii  psmisc23.4-2
> ii  rsync 3.2.3-4+deb11u1
> ii  socat 1.7.4.1-3
> ii  zlib1g1:1.2.11.dfsg-2+deb11u2
>
> Versions of packages mariadb-server-10.5 recommends:
> ii  libhtml-template-perl  2.97-1.1
>
> Versions of packages mariadb-server-10.5 suggests:
> pn  mailx   
> pn  mariadb-test
> pn  netcat-openbsd  
>
> -- debconf information:
>mariadb-server-10.5/old_data_directory_saved:
>mariadb-server-10.5/nis_warning:
>mariadb-server-10.5/postrm_remove_databases: false

Bug#1054256: ruby-blade: uninstallable in unstable (ruby-blade : Depends: ruby-thin (>= 1.6.0) but it is not installable)

[Antonio Terceiro]

Package: ruby-blade
Version: 0.7.1-4
Severity: serious
Justification: uninstallable

After the last upload, ruby-blade ended up with a dependency on
ruby-thin, which does not exist.

8<8<8<-
$ LANG=C sudo apt install ruby-blade/unstable
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Selected version '0.7.1-4' (Debian:unstable [all]) for 'ruby-blade'
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
 ruby-blade : Depends: ruby-thin (>= 1.6.0) but it is not installable
E: Unable to correct problems, you have held broken packages.
8<8<8<-

The correct dependency would be on `thin`.

This is actually caused by a bug in gem2deb (unreported), which was not
finding the correct mapping between gem names and Debian package names
for architecture dependent packages. In any case, ruby-blade will need a
no changes upload to be rebuilt once gem2deb 2.2, just uploaded, is
available.

See 
https://salsa.debian.org/ruby-team/gem2deb/-/commit/827cb954c941872e24bb8f489d1a54cba416694b
for more details.

-- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (900, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: arm64 (aarch64)

Kernel: Linux 6.5.0-1-arm64 (SMP w/32 CPU threads)
Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages ruby-blade depends on:
ii  ruby  1:3.1
ii  ruby-activesupport2:6.1.7.3+dfsg-2
ii  ruby-blade-qunit-adapter  2.0.1-2
ii  ruby-curses   1.4.4-1+b2
ii  ruby-eventmachine 1.3~pre20220315-df4ab006-3+b1
ii  ruby-faye 1.4.0-1
ii  ruby-sprockets3.7.2-4
pn  ruby-thin 
ii  ruby-thor 1.2.2-1
ii  ruby-useragent0.16.8-1.1
ii  thin  1.8.1-2

ruby-blade recommends no packages.

ruby-blade suggests no packages.


signature.asc
Description: PGP signature

Bug#1027085: Still hapening on 5.10.0-26-amd64

[Benoît-Pierre Demaine]

Still hapening on 5.10.0-26-amd64 , but this fixed the system:

update-initramfs -u ; update-grub

=> something is updating /boot not properly.

Here is a list of recent AUTO-updates from 2023-10-09 . I don't think 
the issue was happening before; the faulty package should be below. We 
will cross check this list with a further one, when I meet the bug again.


cat /var/log/apt/history.log | grep Upgrade:
Upgrade: libgssapi-krb5-2:amd64 (1.18.3-6+deb11u3, 1.18.3-6+deb11u4), 
libgssapi-krb5-2:i386 (1.18.3-6+deb11u3, 1.18.3-6+deb11u4), 
libkrb5support0:amd64 (1.18.3-6+deb11u3, 1.18.3-6+deb11u4), 
libkrb5support0:i386 (1.18.3-6+deb11u3, 1.18.3-6+deb11u4), 
libkrb5-3:amd64 (1.18.3-6+deb11u3, 1.18.3-6+deb11u4), libkrb5-3:i386 
(1.18.3-6+deb11u3, 1.18.3-6+deb11u4)

Upgrade: libfontembed1:amd64 (1.28.7-1+deb11u1, 1.28.7-1+deb11u2)
Upgrade: libreoffice-common:amd64 (1:7.0.4-4+deb11u6, 1:7.0.4-4+deb11u7)
Upgrade: dpkg:amd64 (1.20.12, 1.20.13)
Upgrade: autofs:amd64 (5.1.7-1, 5.1.7-1+deb11u2)
Upgrade: librsvg2-common:amd64 (2.50.3+dfsg-1, 2.50.3+dfsg-1+deb11u1), 
librsvg2-common:i386 (2.50.3+dfsg-1, 2.50.3+dfsg-1+deb11u1), 
librsvg2-dev:amd64 (2.50.3+dfsg-1, 2.50.3+dfsg-1+deb11u1), 
librsvg2-2:amd64 (2.50.3+dfsg-1, 2.50.3+dfsg-1+deb11u1), librsvg2-2:i386 
(2.50.3+dfsg-1, 2.50.3+dfsg-1+deb11u1), gir1.2-rsvg-2.0:amd64 
(2.50.3+dfsg-1, 2.50.3+dfsg-1+deb11u1)
Upgrade: python2.7-minimal:amd64 (2.7.18-8, 2.7.18-8+deb11u1), 
python2.7:amd64 (2.7.18-8, 2.7.18-8+deb11u1), libpython2.7-minimal:amd64 
(2.7.18-8, 2.7.18-8+deb11u1), libpython2.7-stdlib:amd64 (2.7.18-8, 
2.7.18-8+deb11u1)
Upgrade: libavdevice58:amd64 (7:4.3.5-0+deb11u1, 7:4.3.6-0+deb11u1), 
ffmpeg:amd64 (7:4.3.5-0+deb11u1, 7:4.3.6-0+deb11u1), libpostproc55:amd64 
(7:4.3.5-0+deb11u1, 7:4.3.6-0+deb11u1), libavcodec58:amd64 
(7:4.3.5-0+deb11u1, 7:4.3.6-0+deb11u1), libavcodec58:i386 
(7:4.3.5-0+deb11u1, 7:4.3.6-0+deb11u1), libavutil56:amd64 
(7:4.3.5-0+deb11u1, 7:4.3.6-0+deb11u1), libavutil56:i386 
(7:4.3.5-0+deb11u1, 7:4.3.6-0+deb11u1), libswscale5:amd64 
(7:4.3.5-0+deb11u1, 7:4.3.6-0+deb11u1), libswresample3:amd64 
(7:4.3.5-0+deb11u1, 7:4.3.6-0+deb11u1), libswresample3:i386 
(7:4.3.5-0+deb11u1, 7:4.3.6-0+deb11u1), libavformat58:amd64 
(7:4.3.5-0+deb11u1, 7:4.3.6-0+deb11u1), libavresample4:amd64 
(7:4.3.5-0+deb11u1, 7:4.3.6-0+deb11u1), libavresample4:i386 
(7:4.3.5-0+deb11u1, 7:4.3.6-0+deb11u1), libavfilter7:amd64 
(7:4.3.5-0+deb11u1, 7:4.3.6-0+deb11u1)
Upgrade: libx11-xcb1:amd64 (2:1.7.2-1, 2:1.7.2-1+deb11u1), 
libx11-xcb1:i386 (2:1.7.2-1, 2:1.7.2-1+deb11u1), libx11-dev:amd64 
(2:1.7.2-1, 2:1.7.2-1+deb11u1), libx11-6:amd64 (2:1.7.2-1, 
2:1.7.2-1+deb11u1), libx11-6:i386 (2:1.7.2-1, 2:1.7.2-1+deb11u1)

Upgrade: openssl:amd64 (1.1.1n-0+deb11u4, 1.1.1w-0+deb11u1)
Upgrade: xorgxrdp:amd64 (1:0.2.12-1, 1:0.2.12-1+deb11u1)
Upgrade: dnsutils:amd64 (1:9.16.37-1~deb11u1, 1:9.16.44-1~deb11u1)
Upgrade: libvpx6:amd64 (1.9.0-1, 1.9.0-1+deb11u1), libvpx6:i386 
(1.9.0-1, 1.9.0-1+deb11u1)
Upgrade: libreoffice-calc:amd64 (1:7.0.4-4+deb11u6, 1:7.0.4-4+deb11u7), 
libreoffice-base-core:amd64 (1:7.0.4-4+deb11u6, 1:7.0.4-4+deb11u7), 
libreoffice-core:amd64 (1:7.0.4-4+deb11u6, 1:7.0.4-4+deb11u7), 
libreoffice-draw:amd64 (1:7.0.4-4+deb11u6, 1:7.0.4-4+deb11u7), 
libreoffice-impress:amd64 (1:7.0.4-4+deb11u6, 1:7.0.4-4+deb11u7), 
libreoffice-writer:amd64 (1:7.0.4-4+deb11u6, 1:7.0.4-4+deb11u7), 
libreoffice-base-drivers:amd64 (1:7.0.4-4+deb11u6, 1:7.0.4-4+deb11u7), 
libreoffice:amd64 (1:7.0.4-4+deb11u6, 1:7.0.4-4+deb11u7), 
python3-uno:amd64 (1:7.0.4-4+deb11u6, 1:7.0.4-4+deb11u7), 
libreoffice-base:amd64 (1:7.0.4-4+deb11u6, 1:7.0.4-4+deb11u7), 
libreoffice-math:amd64 (1:7.0.4-4+deb11u6, 1:7.0.4-4+deb11u7)
Upgrade: libcups2:amd64 (2.3.3op2-3+deb11u2, 2.3.3op2-3+deb11u6), 
libcups2:i386 (2.3.3op2-3+deb11u2, 2.3.3op2-3+deb11u6), cups-bsd:amd64 
(2.3.3op2-3+deb11u2, 2.3.3op2-3+deb11u6), cups-common:amd64 
(2.3.3op2-3+deb11u2, 2.3.3op2-3+deb11u6), cups-client:amd64 
(2.3.3op2-3+deb11u2, 2.3.3op2-3+deb11u6), cups-daemon:amd64 
(2.3.3op2-3+deb11u2, 2.3.3op2-3+deb11u6), cups-ipp-utils:amd64 
(2.3.3op2-3+deb11u2, 2.3.3op2-3+deb11u6), cups-core-drivers:amd64 
(2.3.3op2-3+deb11u2, 2.3.3op2-3+deb11u6), cups:amd64 
(2.3.3op2-3+deb11u2, 2.3.3op2-3+deb11u6), cups-server-common:amd64 
(2.3.3op2-3+deb11u2, 2.3.3op2-3+deb11u6)
Upgrade: libssl1.1:amd64 (1.1.1n-0+deb11u4, 1.1.1w-0+deb11u1), 
libssl1.1:i386 (1.1.1n-0+deb11u4, 1.1.1w-0+deb11u1)

Upgrade: libxenforeignmemory1:amd64 (4.14.5+94-ge49571868d-1, 4.14.6-1)
Upgrade: gstreamer1.0-plugins-base:amd64 (1.18.4-2, 1.18.4-2+deb11u1), 
gstreamer1.0-plugins-base:i386 (1.18.4-2, 1.18.4-2+deb11u1)
Upgrade: libtinfo-dev:amd64 (6.2+20201114-2+deb11u1, 
6.2+20201114-2+deb11u2), libtinfo6:amd64 (6.2+20201114-2+deb11u1, 
6.2+20201114-2+deb11u2), libtinfo6:i386 (6.2+20201114-2+deb11u1, 
6.2+20201114-2+deb11u2), libncurses-dev:amd64 (6.2+20201114-2+deb11u1, 
6.2+20201114-2+deb11u2), libncursesw6:amd64 (6.2+20201114-2+deb11u1, 
6.2+20201114-2+deb11u2), libncursesw6:i386 

Bug#1054255: : consider using d/watch from source repository when available

[Alexandre Detiste]

I find this an awesome idea.

(... and remotely linked to this I also think that git should be
mandated for all source packages)

Bug#1054255: qa.debian.org: UDD/upstream: consider using d/watch from source repository when available

[Xiyue Deng]

Package: qa.debian.org
User: qa.debian@packages.debian.org
Severity: wishlist
Usertags: udd
X-Debbugs-Cc: none, Xiyue Deng 

The uscan results provided by UDD are based on d/watch file from the
latest released version of the package which it fetches using .dsc[1].
While this works, it also means that fixing any existing uscan errors
requires a new release of the package.  This shouldn't be a big issue if
the upstream provides regular releases.  However, for upstream that is
not very active, making a new release just to fix uscan errors may be a
bit overkill.

Alternatively, I wonder whether it can be considered that if the
d/control provides the location of Debian packaging source repository
either through Vcs-* or Dgit, UDD can optionally use that information to
checkout the repository and use the d/watch file there to update uscan
results so that any errors can be fixed through a commit only.

Of course this adds some more complexities and points of failure such as
- invalid Vcs-* or Dgit, or
- broken d/watch in the repo.
In such cases we may just fall back to the old ways to use the d/watch
in the release package which effectively reverts to the current
behavior.

Just wondering whether this is a direction that's worth considering.

[1] https://salsa.debian.org/qa/udd/-/blob/master/rimporters/upstream.rb#L20-35

Bug#967799: RM: vte / depends on deprecated GTK 2

[Simon McVittie]

On Thu, 19 Oct 2023 at 08:33:42 +0200, Alexandre Detiste wrote:
> Nothings depends on old vte anymore, (*)
> it can now be removed.

No, unfortunately cdebconf-gtk-terminal (part of debian-installer) still
needs it.

smcv

Bug#1054254: Regression: Securty fix in webkit2gtk breaks gp-saml-gui

[Jaimos Skriletz]

Source: gir1.2-webkit2-4.0
Version: 2.42.1-1~deb12u1
Severity: normal
X-Debbugs-Cc: jaimosskril...@gmail.com, t...@security.debian.org

Dear Maintainer,

With the security fix to webkit2gtk, I am no longer able to use gp-saml-gui to 
connect to my VPN.  The webbrowser window that is opened shows a blank (white) 
screen, and I am not able to login as a result. The errors I get from 
gp-saml-gui are:

KMS: DRM_IOCTL_MODE_CREATE_DUMB failed: Permission denied
Failed to create GBM buffer of size 500x500: Permission denied
Failed to create EGL images for DMABufs with file descriptors -1, -1 and -1

I am using the nvidia non-free driver, which might be related due to the KMS 
errors.

Downgrading the following packages to the version in bookworm 
(2.40.5-1~deb12u1) fixes the issue, verifying this is a regression.

gir1.2-javascriptcoregtk-4.0
gir1.2-webkit2-4.0
libjavascriptcoregtk-4.0-18
libwebkit2gtk-4.0-37

Thanks for your time,

jaimos

-- System Information:
Debian Release: 12.2
  APT prefers stable-security
  APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-13-amd64 (SMP w/16 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_CPU_OUT_OF_SPEC, 
TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

-- no debconf information

Bug#946244: pretty please

[Yaroslav Halchenko]

Current versions is way too old.


-- 
Yaroslav O. Halchenko
Center for Open Neuroscience http://centerforopenneuroscience.org
Dartmouth College, 419 Moore Hall, Hinman Box 6207, Hanover, NH 03755
WWW:   http://www.linkedin.com/in/yarik

Bug#1054253: icu FTBFS with gcc 13 on i386

[Adrian Bunk]

Source: icu
Version: 72.1-3
Severity: serious
Tags: ftbfs patch trixie sid experimental

https://tests.reproducible-builds.org/debian/rb-pkg/unstable/i386/icu.html

...
-
| *** FAILING TEST SUMMARY FOR:  intltest  
 TestFixedDecimal
  IntlTestDecimalFormatAPI
 TestCurrencyFormatForMixParsing
  NumberFormatTest
 Test4118594
  MessageFormatRegressionTest
 Test4243108
  NumberFormatRegressionTest
roundingIncrementRegressionTest
 NumberFormatterApiTest
  NumberTest
   format
| *** END FAILING TEST SUMMARY FOR:  intltest
---
ALL TESTS SUMMARY:
ok:  testdata iotest cintltst
= ERRS:  intltest
make[3]: *** [Makefile:91: check-recursive] Error 1
...


Fix:

--- debian/rules.old2023-10-19 19:46:14.664980859 +
+++ debian/rules2023-10-19 19:46:34.536970355 +
@@ -16,6 +16,8 @@
 export DEB_CPPFLAGS_MAINT_APPEND = 
-DU_TIMEZONE_FILES_DIR=/usr/share/zoneinfo-icu/44/be/
 endif
 
+export DEB_CXXFLAGS_MAINT_APPEND += -fexcess-precision=fast
+
 include /usr/share/dpkg/buildflags.mk
 
 l_SONAME=70

Bug#1054111: liferea crashes (SIGABRT) in libwebkit2gtk/libepoxy

[Christian Henz]

On 19.10.23 11:52, Alberto Garcia wrote:

We are currently investigating the problem, would it be possible to
get a stack trace with symbols? It should work with debuginfod

export DEBUGINFOD_URLS="https://debuginfod.debian.net;



Attached, but it does not seem to have downloaded Webkit symbols
(libepoxy ones though).


Another question: is libgles2 installed, and if not can you try
installing it and see if the problem disappears?



libgles2 is (and was) installed.


To work around the problem users can disable compositing mode:

export WEBKIT_DISABLE_COMPOSITING_MODE=1



I can confirm this works (WEBKIT_DISABLE_DMABUF_RENDERER=1 does as well).

Thanks,
Christian
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1  0x72746537 in __GI_abort () at abort.c:79
#2  0x72458bd8 in egl_provider_resolver
(name=name@entry=0x7247fadf  "eglCreateImage", 
providers=providers@entry=0x7fffd9f6, 
entrypoints=entrypoints@entry=0x7fffd9ec) at 
src/egl_generated_dispatch.c:3911
#3  0x72458c20 in egl_single_resolver 
(provider=provider@entry=PROVIDER_EGL_15, entrypoint_offset=, 
entrypoint_offset@entry=415) at src/egl_generated_dispatch.c:3924
#4  0x72459305 in epoxy_eglCreateImage_resolver () at 
src/egl_generated_dispatch.c:4063
#5  epoxy_eglCreateImage_global_rewrite_ptr (dpy=0x55beafe0, ctx=0x0, 
target=12912, buffer=0x0, attrib_list=0x7fffda010c00)
at src/egl_generated_dispatch.c:5036
#6  0x74542758 in  () at 
/usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.0.so.37
#7  0x74542279 in  () at 
/usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.0.so.37
#8  0x74542f96 in  () at 
/usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.0.so.37
#9  0x74542e68 in  () at 
/usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.0.so.37
#10 0x7406b4be in  () at 
/usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.0.so.37
#11 0x742d8e4f in  () at 
/usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.0.so.37
#12 0x743e9dea in  () at 
/usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.0.so.37
#13 0x742d162e in  () at 
/usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.0.so.37
#14 0x742d17e8 in  () at 
/usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.0.so.37
#15 0x742d1e65 in  () at 
/usr/lib/x86_64-linux-gnu/libwebkit2gtk-4.0.so.37
#16 0x71e0fc60 in  () at 
/usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
#17 0x71e6fdb6 in  () at 
/usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
#18 0x71e6f24a in  () at 
/usr/lib/x86_64-linux-gnu/libjavascriptcoregtk-4.0.so.18
#19 0x72ab1d6f in g_main_dispatch (context=0x55630b80) at 
../../../glib/gmain.c:3325
#20 g_main_context_dispatch (context=0x55630b80) at 
../../../glib/gmain.c:4043
#21 0x72ab2118 in g_main_context_iterate
(context=context@entry=0x55630b80, block=block@entry=1, 
dispatch=dispatch@entry=1, self=)
at ../../../glib/gmain.c:4119
#22 0x72ab21cf in g_main_context_iteration 
(context=context@entry=0x55630b80, may_block=may_block@entry=1)
at ../../../glib/gmain.c:4184
#23 0x72d00545 in g_application_run (application=0x5562f120 
[LifereaApplication], argc=-8188, 
argc@entry=1, argv=argv@entry=0x7fffe168) at 
../../../gio/gapplication.c:2559
#24 0x55585399 in liferea_application_new (argc=1, argv=0x7fffe168) 
at ../liferea_application.c:351
#25 0x72747d0a in __libc_start_main (main=0x55574400 , 
argc=1, argv=0x7fffe168, init=, fini=, 
rtld_fini=, stack_end=0x7fffe158) at ../csu/libc-start.c:308
#26 0x555744ba in _start ()

Bug#1054252: g2o: binary-all FTBFS

[Adrian Bunk]

Source: g2o
Version: 0~20230806-2
Severity: serious
Tags: ftbfs

https://buildd.debian.org/status/fetch.php?pkg=g2o=all=0~20230806-2=1696411342=0

...
The following tests FAILED:
  1 - unittest_general (Not Run)
  2 - unittest_data (Not Run)
  3 - unittest_stuff (Not Run)
  4 - unittest_sclam2d (Not Run)
  5 - unittest_slam2d (Not Run)
  6 - unittest_slam2d_addons (Not Run)
  7 - unittest_slam3d (Not Run)
  8 - unittest_slam3d_addons (Not Run)
  9 - unittest_sim3 (Not Run)
 10 - unittest_sba (Not Run)
 11 - unittest_solver (Not Run)
Errors while running CTest
make[1]: *** [Makefile:94: test] Error 8

Bug#1053825: Screensaver with only blank does not work after suspend

[Salvatore Bonaccorso]

Hi,

On Thu, Oct 12, 2023 at 06:57:20AM +0100, Klaus Ethgen wrote:
> Package: src:linux
> Version: 6.5.6-1
> Severity: critical
> Tags: security
> X-Debbugs-Cc: Debian Security Team 
> 
> It is not fully clear for me, where exactly this bug happens. First I
> was thinking about xscreensaver but that package got not updated for
> ages. The bug happens with updates from kernel 6.4.0 to 6.5.0.

So you are saying this happens solely after switching from 6.4.y
series to 6.5.y series. Thus I assume 6.5.3-1 in testing as well
exposes the issue.

> I use xscreensaver with fvwm3 on my amd laptop. xscreensaver is set up
> to only blank the screen.
> 
> When I lock the screen and press a key or moving the mouse, everything
> is fine. But when I go to suspend too ram after locking and waking up
> the laptop, the password dialog gets showed as usual but I can see the
> full desktop content with probably sensitive material on in. Although, I
> cannot interact with the desktop, it is a security break to reveal the
> content without authenticating.
> 
> It might be related, when I have a PSI chat window on the screen but on
> different desktop, it gets moved to the current one. That definitively
> also came with the new kernel.

Can you please attach as well the kernel log once you triggered the
behaviour? Anything suspicious logged? 

Next, can you bisect the kernel between a good known upstream version
and 6.5.6? Can you as well test 6.5.7 upstream to see if it fixes the
issue?

Currently there is nothing which sound similar in the kernel
regression tracking status, TTBOMK.

Regards,
Salvatore

Bug#1054111: liferea crashes (SIGABRT) in libwebkit2gtk/libepoxy

[Christian Henz]

On 19.10.23 11:49, Paul Gevers wrote:

Control: tags -1 moreinfo

Dear Christian,

On 19-10-2023 11:38, Paul Gevers wrote:

Can you please help to see if this bug report (quoted below) is caused
by the security update in oldstable/bullseye? And if so, what can be
done about it (on your side or on the side of liferea).


I've just read bug #1052055 [1].



WEBKIT_DISABLE_DMABUF_RENDERER=1 works
WEBKIT_DMABUF_RENDERER_DISABLE_GBM=1 does *not* work
WEBKIT_DISABLE_COMPOSITING_MODE=1 works


Do you have a nvidia chipset and do you have libnvidia-egl-gbm1
installed (from contrib)?


No, this is with an AMD APU.


Do you install packages without their recommends?



Not usually.

Greetings,
Christian

Bug#1054251: rust-base64: please update to v0.21.4

[Jonas Smedegaard]

Source: rust-base64
Version: 0.21.2-1
Severity: normal
Tags: upstream

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Please update to (at least) newer upstream release v0.21.4.
-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAmUxhDoACgkQLHwxRsGg
ASGhPBAAn+bZhNoTOQrVhkrfV1yyh0JUgahsksTuWh6NUx2G3W4zESrkiUJ8dOLq
E3jVZlCf839R8Ivk6312ElDaxkE2qRWN9bvZLu0Ha04N2nsbxptxQVnGo3luVGms
4nz1ApeIhyUdtWtM/f7TQjJqH2jHcmK/l2iX7OT+McksW6iPjMAn7cvvYuZoisSV
aYutnXjR13rfZra+FezvLzSYhy5CoL9P7gkORP6CgrJX4j/wuBB5wwVw4yMdeOOU
BfvdX5i1eIfUgiZLN6xF15/dCsy79uKXdbtkpRTv5MaMVWnkRgIZeH+/9tEqr1W0
3Yxv/+CV0LHyJO0DBX9cHsWHW2iKcfZTIKntZeiEumvf91MgTrsPIA47DaEzP5+c
pvMPMngLl4CIy8YXALh4+Uu+cxuMdOx39dlGcdOqkxQXlpVjGUppwj4fUcbo1bbW
GV7XE1unqQfhfez2GsqekBT6X4OUrhAjaBWpg8gxKwyxRAtFzutgQuG42GKfdyVf
m/q0mIcD3JdBAJ5xx2HpJfg8wH/yVkeAtlwe9Oql5gykPmQCgtubngSopsPwdDKH
EDGvGQgcvMEW8JQJZcc7mnN1tXMOdxI7g2t6PwUZrxwrgQdX6u/AR9KvKVGZcoum
P7WF3cdtXkc5kK8sulcaKS/WyfzBUfuJUGDSMewmvxxgTQU5aYU=
=5L5u
-END PGP SIGNATURE-

Bug#1054250: rust-sha2: please update to v0.10.8

[Jonas Smedegaard]

Source: rust-sha2
Version: 0.10.7-1
Severity: normal
Tags: upstream

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Please update to (at least) newer upstream release v0.10.8.
-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAmUxg7sACgkQLHwxRsGg
ASGPpRAAjVfMUs0vdcmwSAfbo1MzBEWbYXs3dUJB1lcbKng5WcXgqYjTnvOwaFvw
a0TM08bKsMubmNllCmRLYyQfiZtMj+AeApPzaex3MCL1BPqlqp2YcVjIPPkZsR49
UUVAPy7Bodvjr03csf2hAhFbVK/i4xext8dbp1RPbUg6pUZ9RuuJYUHAshAmQTK1
S2MTzP27mRQmgngMEG3cUuN3cduxdp4KmRH3fY0X0Uh0oQtVUDmKQ3r5oCYAB4jo
KCLoFjN1OUPeDB+4A7UuGgQYWeiTCadrGzD4Ng4aBhDI5dAZftWIDR/R3cbWSOhr
hwu/bd6Z1erFHlKsfAOs+Qmw7duLNv/8ssFwUPhYZ1lxOlroLGXpbNmCAqd4INpX
jDSnO4x9PgwrFVpGwSzWSbpz+wJgrOk7qpWdT9nFDbY1MZmLjU0PLf3qTue5uToS
5c1Et9vqtZ6IBmw2VhR4wwuH8UFwzOT1AhpE3icBJeo1miwe6Obz7H3iB1K09v+1
GZOTXw/bI5C5gELx5pTBe9An0IQpprCWU5Q5JWwQmd8GPkvXwi5IonQr1DlK/On5
1KrnguDiU568ZRXFuLuePrq8A4Ezu7wpA1VwwOqBCvHeqNVdLcuWSx5Xjrmbtu51
yp6EZyxjBG8DI7Jx3aRmb/0G9MbGTP2uZFeXtwhcohHdNlUNu6o=
=kEZR
-END PGP SIGNATURE-

Bug#1054249: python3-certbot-dns-gandi: Break with API key deprecation

[doriancoding]

Package: python3-certbot-dns-gandi
Version: 1.4.3-1
Severity: grave
Tags: newcomer
Justification: renders package unusable
X-Debbugs-Cc: dorian.le...@icloud.com

Dear Maintainer,

Due to recent changes in Gandi LiveDNS, api key are deprecated and the script 
cannot work anymore with new keys.

The solution is developed on the Github to solve this issue.

As of today, anyone using new keys cannot use the script.

Thank you.

-- System Information:
Distributor ID: Raspbian
Description:Raspbian GNU/Linux trixie/sid
Release:n/a
Codename:   trixie
Architecture: armv7l

Kernel: Linux 6.1.21-v7+ (SMP w/4 CPU threads)
Kernel taint flags: TAINT_CRAP
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages python3-certbot-dns-gandi depends on:
ii  certbot  2.1.0-4
ii  python3  3.11.4-5
ii  python3-certbot [python3-certbot-abi-2]  2.1.0-4
ii  python3-requests 2.31.0+dfsg-1

python3-certbot-dns-gandi recommends no packages.

python3-certbot-dns-gandi suggests no packages.

-- no debconf information

Bug#1054248: Fails to show weather information

[Sergio Vavassori]

Package: libmateweather1
Version: 1.26.0-1.1

The system is Debian testing: Linux debian 6.5.0-1-amd64 #1 SMP
PREEMPT_DYNAMIC Debian 6.5.3-1 (2023-09-13) x86_64 GNU/Linux

Since a couple of days, clock-applet has stopped showing weather information.

Looking at the upstream, it has recently been patched, so it should be
just a matter of updating the debian package to version 1.26.2. (see
https://git.mate-desktop.org/libmateweather/log/?h=1.26 and
https://git.mate-desktop.org/libmateweather/commit/?h=1.26=b75056f5bccf506959a2075305f7e8abbb2502dd
)

By patching the library with this command, as suggested here (
https://ubuntu-mate.community/t/clock-applet-has-stopped-showing-weather-information/22013/11
) and reloading it by killing the clock-applet process makes the
applet to show again the weather information.

sed -i 
's|https://www.aviationweather.gov/adds/dataserver_current/httpparam|https://www.aviationweather.gov/cgi-bin/data/dataserver.php\x0\x0\x0\x0\x0\x0|g'
libmateweather.so.1.6.9

kill $(ps -ef | grep "[m]ate-panel/clock-applet" | awk '{ print $2 }'

Regards,
Sergio

Bug#1054246: /usr/bin/irb: irb crashes with "no implicit conversion of nil into String (TypeError)"

[Braun Gábor]

Package: ruby
Version: 1:3.1
Severity: normal
File: /usr/bin/irb
X-Debbugs-Cc: braung...@gmail.com

In a terminal I start irb, type the following, and irb always crashes
(at new lines I press enter, crash happens at typing } ):

[1, 2, 3].map {
<<~HEREDOC   
#{_1[}

This is the output on the terminal, showing everything I have typed
including starting irb, except the final }:

$ irb
irb(main):001:1* [1, 2, 3].map {
irb(main):002:1"   <<~HEREDOC
irb(main):002:2"   #{_1[/usr/lib/ruby/3.1.0/reline/line_editor.rb:1177:in `+': 
no implicit conversion of nil into String (TypeError)   
from /usr/lib/ruby/3.1.0/reline/line_editor.rb:1177:in `render_partial'
from /usr/lib/ruby/3.1.0/reline/line_editor.rb:508:in `rerender'
from /usr/lib/ruby/3.1.0/reline.rb:330:in `block (3 levels) in 
inner_readline' 
from /usr/lib/ruby/3.1.0/reline.rb:328:in `each'   
from /usr/lib/ruby/3.1.0/reline.rb:328:in `block (2 levels) in 
inner_readline' 
from /usr/lib/ruby/3.1.0/reline.rb:403:in `block in read_io'
from /usr/lib/ruby/3.1.0/reline.rb:373:in `loop'   
from /usr/lib/ruby/3.1.0/reline.rb:373:in `read_io'
from /usr/lib/ruby/3.1.0/reline.rb:326:in `block in inner_readline'
from /usr/lib/ruby/3.1.0/reline.rb:324:in `loop'   
from /usr/lib/ruby/3.1.0/reline.rb:324:in `inner_readline'
from /usr/lib/ruby/3.1.0/reline.rb:254:in `readmultiline'
from /usr/lib/ruby/3.1.0/forwardable.rb:238:in `readmultiline'
from /usr/lib/ruby/3.1.0/forwardable.rb:238:in `readmultiline'
from /usr/lib/ruby/3.1.0/irb/input-method.rb:417:in `gets'
from /usr/lib/ruby/3.1.0/irb.rb:539:in `block (2 levels) in eval_input'
from /usr/lib/ruby/3.1.0/irb.rb:770:in `signal_status'
from /usr/lib/ruby/3.1.0/irb.rb:538:in `block in eval_input'
from /usr/lib/ruby/3.1.0/irb/ruby-lex.rb:284:in `lex'
from /usr/lib/ruby/3.1.0/irb/ruby-lex.rb:253:in `block (2 levels) in 
each_top_level_statement'
from /usr/lib/ruby/3.1.0/irb/ruby-lex.rb:250:in `loop'
from /usr/lib/ruby/3.1.0/irb/ruby-lex.rb:250:in `block in 
each_top_level_statement'
from /usr/lib/ruby/3.1.0/irb/ruby-lex.rb:249:in `catch'
from /usr/lib/ruby/3.1.0/irb/ruby-lex.rb:249:in 
`each_top_level_statement'
from /usr/lib/ruby/3.1.0/irb.rb:557:in `eval_input'
from /usr/lib/ruby/3.1.0/irb.rb:491:in `block in run'
from /usr/lib/ruby/3.1.0/irb.rb:490:in `catch'
from /usr/lib/ruby/3.1.0/irb.rb:490:in `run'
from /usr/lib/ruby/3.1.0/irb.rb:419:in `start'
from /usr/lib/ruby/gems/3.1.0/gems/irb-1.4.1/exe/irb:11:in `'
from /usr/bin/irb:25:in `load'
from /usr/bin/irb:25:in `'



-- System Information:
Debian Release: 12.0
merged-usr: no
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-13-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=hu_HU.UTF-8, LC_CTYPE=hu_HU.UTF-8 (charmap=UTF-8), 
LANGUAGE=hu:en_US:de
Shell: /bin/sh linked to /bin/dash
Init: runit (via /run/runit.stopit)
LSM: AppArmor: enabled

Versions of packages ruby depends on:
ii  libruby1:3.1
ii  ruby-rubygems  3.3.15-2
ii  ruby3.13.1.2-7

ruby recommends no packages.

Versions of packages ruby suggests:
pn  ri
ii  ruby-dev  1:3.1

-- no debconf information

Bug#1054245: RFS: scienceplots/2.1.0-1 [ITP] -- Matplotlib styles for scientific figures

[Yogeswaran Umasankar]

Package: sponsorship-requests
Severity: wishlist

Dear mentors,

I am looking for a sponsor for my package "scienceplots":

 * Package name : scienceplots
   Version  : 2.1.0-1
   Upstream contact : John Garrett 
 * URL  : https://github.com/garrettj403/SciencePlots
 * License  : MIT
 * Vcs  : https://github.com/garrettj403/SciencePlots
   Section  : science

The source builds the following binary packages:

  scienceplots - Matplotlib styles for scientific figures

To access further information about this package, please visit the 
following URL:


  https://mentors.debian.net/package/scienceplots/

Alternatively, you can download the package with 'dget' using this command:

  dget -x 
https://mentors.debian.net/debian/pool/main/s/scienceplots/scienceplots_2.1.0-1.dsc


Changes for the initial release:

 scienceplots (2.1.0-1) unstable; urgency=medium
 .
   * Initial release. Closes: #1054242

Regards,
--
  Yogeswaran Umasankar

Bug#1054096: llvm-toolchain-16 16.0.6-15~deb12u1 flagged for acceptance

[Adam D Barratt]

package release.debian.org
tags 1054096 = bookworm pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bookworm.

Thanks for your contribution!

Upload details
==

Package: llvm-toolchain-16
Version: 16.0.6-15~deb12u1

Explanation: new backported package to support builds of newer chromium versions

Bug#1054244: poweralertd warns me about my battery at 99/100% constantly

[Antoine Beaupre]

Package: poweralertd
Version: 0.2.0-1+b1
Severity: normal

I keep getting those messages from poweralertd:

Power status: Framework
Battery fully charged
Current level: 100%

And then, shortly after:

Power status: Framework
Battery status: discharging
Current level: 100%

And then, it loops back above.

This is quite irritating, and keeps happening. It's not that big of a
deal because notifications do go away after a while, but it would be
great if this could be just a tad more silent.

It seems to me like a case where some hysteresis could control the
messaging here. I'm not sure exactly *how* that could be implemented
however... Upstream there are two discussions about how to fix this,
one about filtering notifications:

https://todo.sr.ht/~kennylevinsen/poweralertd/1

and another about adding a threshold for notifications:

https://lists.sr.ht/~kennylevinsen/poweralertd-devel/patches/43895

Perfection being the ennemy of good here, I think the latter patch is
our best hope for sanity.

-- System Information:
Debian Release: 12.2
  APT prefers stable-security
  APT policy: (500, 'stable-security'), (500, 'stable-debug'), (500, 'stable'), 
(1, 'experimental'), (1, 'unstable'), (1, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 6.5.0-1-amd64 (SMP w/16 CPU threads; PREEMPT)
Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages poweralertd depends on:
ii  init-system-helpers  1.65.2
ii  libc62.36-9+deb12u3
ii  libsystemd0  252.17-1~deb12u1
ii  upower   0.99.20-2

poweralertd recommends no packages.

poweralertd suggests no packages.

-- no debconf information

Bug#1054243: ocrmypdf: please recommend jbig2

[Jonas Smedegaard]

Package: ocrmypdf
Version: 14.0.1+dfsg1-1
Severity: normal

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

ocrmypdf supports using external helper tool jbi2 to compress greyscale
images.  This helper tool is now in Debian, so please recommend it.

 - Jonas
-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAmUxdJ0ACgkQLHwxRsGg
ASHwsg//SoXG0Y54i3xLotapCe7t2f7aRwTr55u0LTc2+SDk47p/Hodq57IMc2mO
bmz8DZypwcP4KhDdrenOwOGSDSCPgTWkf1fhHa9Ye1xM3KTWt21Z1OHYwo3//bjy
a81obbyBInnI2sNd1JQ9+A/lvqonthfCEsq4Rzw1KlcYmjNclhuJstCi2tI7bogr
S5S+4WhlmoPwlDTDJObnGr4gfgmtAiJxOoEz7uVEWXDznZ2RDVbGiZsudfiiSLNf
iG4NsAVjkhScWjQ6sOx/6wydzhv1/NA1olWMOtfMGlWwVQzbNYaLXlH85CKO2FKv
WYyINCMWvZrXTOUFgVsc1PZpRoaxvNy60+WX5KSpnx8+FiKVMDMNigwOiSOiKZjO
ph/kQN6IHWCL3g0heE7r9sV2kyUZwgiO4pXnehExRg2c8KhuYpLGI60jC0sor4BB
aFuxCdObSVixnUHG5mNqc4y2K0aoVm4cdCjVHassIdcotTqJVG3qS6trSRn9hO86
czgioWr9PxO7PQG6RM3mno9LKbchgvKQY4Csi4QBOclSbuAzuaD3ZDjnclR8k/+n
WexnSI4VN/whTrOCVy1ltDVj0DByEUp+2rYRb6Oyyxv2DGK1qAevkyELchuaRHFp
4C8PPh1NBT5htRotQG6B9EylRLsfwSTUQSNlI9vY9a3D+F03YlQ=
=zyF5
-END PGP SIGNATURE-

Bug#1032495: (no subject)

[Paride Legovini]

Luigi Baldoni wrote on 15/10/2023:
> Same deal here, but on bookworm using systemd and the installation is some 10 
> days old.

Hello Luigi, that is likely a different issue. Can you please file a ne
bug report, describing the problem you are facing in more detail, possibly
providing steps to reproduce from a clean Bookworm system?

Thank you,

Paride

Bug#1023649: ghc: FTBFS haskell-random powerpc (ghc Segmentation fault)

[John Paul Adrian Glaubitz]

On Wed, 2023-10-11 at 18:02 +0300, Ilias Tsitsimpis wrote:
> A small update here. I didn't manage to use the LLVM backend on i386,
> seems to be broken [1].

I am trying to figure out now what it takes to build GHC using the LLVM
backed on 32-bit PowerPC but it currently doesn't seem to be supported.

I am not sure what needs to be patched to enable LLVM code generation
for this target, but we will most likely need at least modify the script
utils/llvm-targets/gen-data-layout.sh and probably a little more.

If enabling LLVM support for a given target is not too involved, we could
also look into enabling it for loong64, m68k and sparc64 which also have
LLVM backends although the one for m68k is still in development.

Adrian

-- 
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer
`. `'   Physicist
  `-GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913

Bug#1054242: ITP: scienceplots/2.1.0-1 -- Matplotlib styles for scientific figures

[Yogeswaran Umasankar]

Package: wnpp
Owner: Yogeswaran Umasankar 
Severity: wishlist

* Package name     : scienceplots
   Version          : 2.1.0-1
   Upstream contact : John Garrett 
 * URL              : https://github.com/garrettj403/SciencePlots
 * License          : MIT
 * Vcs              : https://github.com/garrettj403/SciencePlots 


   Section          : science
   Description: Matplotlib styles for scientific figures

Matplotlib styles to format your figures for scientific papers,
 presentations and theses.

To access further information about this package, please visit:

https://mentors.debian.net/package/scienceplots/

Alternatively, you can download the package with 'dget' using this command:

  dget -x 
https://mentors.debian.net/debian/pool/main/s/scienceplots/scienceplots_2.1.0-1.dsc


Changes for the initial release:

 scienceplots (2.1.0-1) unstable; urgency=medium
 .
   * Initial release.

Regards,
--
  Yogeswaran Umasankar

Bug#1054241: nastran: Demonstration problems fail.

[Chris Fisichella]

Package: nastran
Version: 0.1.95-2
Severity: grave
Justification: renders package unusable
X-Debbugs-Cc: ch...@communityrenewables.com

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
   I installed nastran from the debian distribution. 
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
 I read the man page. I made a copy of the examples that come with the 
distribution to my home directory. I downloaded the NASTRAN demonstration 
problem manual and read it over. I sucessively copied about ten demonstration 
problems to another directory in my home directory and on each .inp file, 
executed nastran .inp, where  is the example file name that came with 
the distribution.
   * What was the outcome of this action?
   Nastran ran successfully. Nastran found errors on its own and reported them. 
A popular error was
   0*** USER FATAL MESSAGE 8020, SYNTAX ERROR NEAR COLUMN  16 IN THE FOLLOWING 
CARD- 
SBST   1,  3

01 2 3 4 5 
6 7 8
10 0 0 0 0 
0 0 0
this error can be found in the .out file NASTRAN creates. 
   * What outcome did you expect instead?
   I expected the example problems to run successfully. The are used to test 
the system NASTRAN is running on against published known results. 

*** End of the template - remove these template lines ***


-- System Information:
Debian Release: 11.5
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-18-amd64 (SMP w/2 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages nastran depends on:
ii  libc6 2.31-13+deb11u4
ii  libgcc-s1 10.2.1-6
ii  libgfortran5  10.2.1-6

nastran recommends no packages.

nastran suggests no packages.

-- no debconf information

Bug#1054240: Grub install failure with grub-cloud-amd64

[Bastian Blank]

On Thu, Oct 19, 2023 at 07:31:08PM +0200, Alexis CAMILLERI wrote:
> I suggest using grub-probe -t disk instead of grub-probe -t device.
> Disk param will return the disk name instead of the partition, so the sed
> command can be removed and raid device will work.
> 
> local basedev=$(grub-probe -t disk /boot/)

Hmm, not sure why I missed that when I built that.  Will take a look
later.

Bastian

-- 
If there are self-made purgatories, then we all have to live in them.
-- Spock, "This Side of Paradise", stardate 3417.7

Bug#1054146: nmu: libalien-wxwidgets-perl_0.69+dfsg-6+b2

[Scott Talbert]

On Thu, 19 Oct 2023, Cyril Brulebois wrote:


Indeed, libwx-perl has to be binMNU'd next.  Was waiting for the s390x build
of libalien-wxwidgets-perl, but went ahead and submitted the binNMU request
for libwx-perl anyway so we can get other arches fixed.


It would make sense to mention both packages from the get-go, we have
dep-waits to ensure one finishes before the other one starts?


My bad, I will do that next time.


PS, what on the d-i uses libwx-perl?


The unifont-bin build-dep pulls it.


Interesting.  Getting a bit off-topic here, but it probably would be good 
to see if that dependency could be removed.  libwx-perl is unmaintained 
upstream - I've basically been maintaining it downstream, mainly just to 
keep it compiling, but not much more.


Regards,
Scott

Bug#1054240: Grub install failure with grub-cloud-amd64

[Bastian Blank]

On Thu, Oct 19, 2023 at 07:31:08PM +0200, Alexis CAMILLERI wrote:
> Installing grub on an i386 server with raid partitioning does not work
> because the script does not manage a raid mount for /boot, due to
> https://salsa.debian.org/cloud-team/grub-cloud/-/blob/debian/0.1.0/debian/grub-cloud-amd64.postinst#L6

You missed the description of this package:

| You don't want to use this package outside of cloud images.

Bastian

-- 
It is a human characteristic to love little animals, especially if
they're attractive in some way.
-- McCoy, "The Trouble with Tribbles", stardate 4525.6

Bug#1054227: /usr/bin/josm: Randomly stops processing hotkeys until mouse is clicked

[Sebastiaan Couwenberg]

On 10/19/23 19:16, Matija Nalis wrote:

I usually use icewm window manager (no any desktop environment); however I've 
reproduced the same problem in aewm++,
evilwm, flwm, fvwm3, lwm and icewm out of several that I tried, and the issue 
is reproducable in all of them (in some
even quicker; i.e. it blocks every time, not just every second or third or 
forth time as it does in icewm).

However, much to my surprise, I've found that the issue does not seem to happen 
(or at least happen much more rarely,
i.e. I can't easily reproduce it in ~30+ keypresses) in openbox, twm and i3 
window managers!


Try KDE, that works for me.


Does that gives a clue? It seems like it might be some strange interaction 
between JOSM (or maybe java itself, that is,
some of its GUI components) and window managers?

Can you reproduce it with one of window managers above?
Anything else I could try to pinpoint it down?


It seems unlikely you're using Wayland with the above, but if you do, 
try X11 that's what KDE uses and I haven't been able to reproduce the 
issue there.


Kind Regards,

Bas

--
 GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146  50D1 6750 F10A E88D 4AF1

Bug#1051980: FTBFS on i386: angle-test/bezier-test fail

[Adrian Bunk]

Control: forwarded -1 https://gitlab.com/inkscape/lib2geom/-/issues/67

On Sat, Sep 16, 2023 at 03:21:21PM +0800, Shengjing Zhu wrote:
> Control: tag -1 + patch
> 
> Hi,
> 
> On Fri, Sep 15, 2023 at 4:27 PM Shengjing Zhu  wrote:
> > The following tests FAILED:
> >   2 - angle-test (Failed)
> >   3 - bezier-test (Failed)
> 
> They are caused by gcc-13 which defaults to -fexcess-precision=standard for 
> c++.
> 
> Please see the attached patch.

That solves only part of the problem for experimental, adding
  export DEB_CXXFLAGS_MAINT_APPEND += -ffloat-store -fexcess-precision=fast
to debian/rules is the easiest fix to get all tests passing in both 
unstable and experimental.

> Shengjing Zhu

cu
Adrian

Bug#1054233: LV2 plugin install path

[Robin Gareus]

The LV2 FHS that Jeremy mention can be found at
https://lv2plug.in/pages/filesystem-hierarchy-standard.html

Now you may not like, or disagree with the official standard, but 
breaking it is not acceptable. This affects various 3rd party software, 
notably Reaper, Harrison Mixbus, Ardour and other non-free DAWs that 
expect LV2 plugins in /usr/lib/lv2/


LV2s are to be installed $PREFIX/lib/lv2 (unrelated to $LIBDIR).
Most LV2 plugin build systems use LV2DIR = $PREFIX/lib/lv2 for this.

Thanks in advance,
robin

PS. VST3 has a similar spec using /usr/lib/vst3/ - 
https://steinbergmedia.github.io/vst3_dev_portal/pages/Technical+Documentation/Locations+Format/Plugin+Locations.html


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1054240: Grub install failure with grub-cloud-amd64

[Alexis CAMILLERI]

Package: grub-cloud-amd64
Version: 0.0.5

Installing grub on an i386 server with raid partitioning does not work
because the script does not manage a raid mount for /boot, due to
https://salsa.debian.org/cloud-team/grub-cloud/-/blob/debian/0.1.0/debian/grub-cloud-amd64.postinst#L6

mdadm: cannot open /dev/md: No such file or directory
> grub-install: error: cannot open `/dev/md': No such file or directory.
> dpkg: error processing package grub-cloud-amd64 (--configure):
>  installed grub-cloud-amd64 package post-installation script subprocess 
> returned error exit status 1
>
>
I suggest using grub-probe -t disk instead of grub-probe -t device.
Disk param will return the disk name instead of the partition, so the sed
command can be removed and raid device will work.

local basedev=$(grub-probe -t disk /boot/)
>


Best regards,
Alexis Camilleri

Bug#1054227: /usr/bin/josm: Randomly stops processing hotkeys until mouse is clicked

[Matija Nalis]

Package: josm
Version: 0.0.svn18822+dfsg-1~bpo12+1
Followup-For: Bug #1054227
X-Debbugs-Cc: mnalis-debian...@voyager.hr


Still happens with bookworm-backports JOSM version.

See the screencast at 
https://mnalis.com/tmp/simplescreenrecorder-2023-10-19_18.35.02.mp4

(the issue happens even without screenkey and SimpleScreenRecoreder, of course, 
 there are in the video to show when I press the keys that they don't work 
anymore)

It seem main actors problem is F3 key for opening list of presets, but also 
other hotkeys that open separate window
(like ctrl-f for finding objects, or ctrl-h for history). Changing editing mode 
(e.g. 's' / 'a') even when pressed many 
times do not seem to trigger the problem.

You can note I remove previous JOSM directories and start fresh.
Issue happens both when dismissing presets window with "ESC" as well as with 
clicking cancel button.

I usually use icewm window manager (no any desktop environment); however I've 
reproduced the same problem in aewm++,
evilwm, flwm, fvwm3, lwm and icewm out of several that I tried, and the issue 
is reproducable in all of them (in some
even quicker; i.e. it blocks every time, not just every second or third or 
forth time as it does in icewm).

However, much to my surprise, I've found that the issue does not seem to happen 
(or at least happen much more rarely,
i.e. I can't easily reproduce it in ~30+ keypresses) in openbox, twm and i3 
window managers!

All other apps (browser, video players, libreoffice etc) show no problem with 
any of the window managers.
I do not use any other java GUI apps, though.
Also, as noted before, even JOSM worked perfectly in Bullseye for years, and 
the bug only manifested itself in Bookworm.

Does that gives a clue? It seems like it might be some strange interaction 
between JOSM (or maybe java itself, that is,
some of its GUI components) and window managers?

Can you reproduce it with one of window managers above?
Anything else I could try to pinpoint it down?

-- System Information:
Debian Release: 12.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-13-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=hr_HR.UTF-8, LC_CTYPE=hr_HR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: sysvinit (via /sbin/init)
LSM: AppArmor: enabled

Versions of packages josm depends on:
ii  default-jre [java9-runtime] 2:1.17-74
ii  fonts-noto  20201225-1
ii  jmapviewer  2.16+dfsg-2
ii  libcommons-compress-java1.22-1
ii  libgettext-commons-java 0.9.6-6
ii  openjdk-17-jre [java9-runtime]  17.0.8+7-1~deb12u1
ii  openjfx 11.0.11+1-3
ii  proj-data   9.1.1-1

Versions of packages josm recommends:
pn  josm-l10n  

josm suggests no packages.

-- no debconf information

Bug#1054239: libixion FTBFS with gcc 13 on i386

[Adrian Bunk]

Source: libixion
Version: 0.17.0-3
Severity: serious
Tags: ftbfs trixie sid patch

https://buildd.debian.org/status/fetch.php?pkg=libixion=i386=0.19.0-1=1697292545=0

...
FAIL: document-test
===

test_basic_calc: --begin
document-test: document_test.cpp:50: void test_basic_calc(): Assertion 
`doc.get_numeric_value(A1) == 1.1' failed.
FAIL document-test (exit status: 134)

FAIL: general-test
==

test_size: --begin
test size
* int: 4
* long: 4
* double: 8
* size_t: 4
* string_id_t: 4 (min:0; max:4294967295)
* celltype_t: 1
* formula_cell: 4
* formula_tokens_t: 12
test_size: --end (duration: 0 sec)
test_string_to_double: --begin
test_string_to_double: --end (duration: 0 sec)
test_string_pool: --begin
string count: 4
* 0: 'Table1' (0x57251a98)
* 1: 'Table2' (0x57251ab0)
* 2: 'Category' (0x57251ac8)
* 3: 'Value' (0x57251ae0)
string map count: 4
* key: 'Value' (0x57251ae0; 5), value: 3
* key: 'Category' (0x57251ac8; 8), value: 2
* key: 'Table2' (0x57251ab0; 6), value: 1
* key: 'Table1' (0x57251a98; 6), value: 0
test_string_pool: --end (duration: 0 sec)
test_formula_tokens_store: --begin
test_formula_tokens_store: --end (duration: 0 sec)
test_matrix: --begin
test_matrix: --end (duration: 0 sec)
test_matrix_non_numeric_values: --begin
general-test: general_test.cpp:166: void 
{anonymous}::test_matrix_non_numeric_values(): Assertion `mtx.get_numeric(0, 0) 
== 1.1' failed.
FAIL general-test (exit status: 134)


Testsuite summary for libixion 0.19.0

# TOTAL: 6
# PASS:  4
# SKIP:  0
# XFAIL: 0
# FAIL:  2
# XPASS: 0
# ERROR: 0

See src/libixion/test-suite.log

make[6]: *** [Makefile:1101: test-suite.log] Error 1



There are two ways to fix this:


--- debian/rules.old2023-10-19 17:03:33.109096000 +
+++ debian/rules2023-10-19 17:03:52.569079353 +
@@ -5,6 +5,8 @@
 
 include /usr/share/dpkg/architecture.mk
 
+export DEB_CXXFLAGS_MAINT_APPEND += -fexcess-precision=fast
+
 %:
dh $@
 


OR


--- configure.ac.old2023-10-19 17:04:03.837069635 +
+++ configure.ac2023-10-19 17:04:13.189061522 +
@@ -19,7 +19,7 @@
 AC_CONFIG_HEADERS([config.h])
 AM_INIT_AUTOMAKE([1.11 foreign dist-bzip2 dist-xz])
 m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
-AX_CXX_COMPILE_STDCXX_17([noext], [mandatory])
+AX_CXX_COMPILE_STDCXX_17([ext], [mandatory])
 CXXFLAGS="$CXXFLAGS -fvisibility=hidden -Wall -Wshadow -Wno-write-strings 
-pthread"
 
 AC_CANONICAL_HOST

Bug#1054238: ruby-mdl: the package provides an application, not a library

[Norwid Behrnd]

Package: ruby-mdl
Version: 0.12.0-3
Severity: normal
X-Debbugs-Cc: nbeh...@yahoo.com

Dear Maintainer,

by convention, a package should carry the prefix `ruby-` only if it
is a library.[1]  As a syntax checker, the binary however provides an
application.

[1] https://wiki.debian.org/Teams/Ruby/Packaging/Conventions


-- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.5.0-1-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages ruby-mdl depends on:
ii  ruby  1:3.1
ii  ruby-kramdown 2.4.0-2
ii  ruby-kramdown-parser-gfm  1.1.0-3
ii  ruby-mixlib-cli   2.1.6-1
ii  ruby-mixlib-config3.0.6-1
ii  ruby-mixlib-shellout  3.2.5-2

ruby-mdl recommends no packages.

ruby-mdl suggests no packages.

-- no debconf information

Bug#1054237: jdupes: data loss behaviour from fdupes

[Joao Eriberto Mota Filho]

Package: jdupes
Version: 1.12-1
Severity: grave
Tags: upstream patch
Justification: causes non-serious data loss

>From the upstream in a private message:

jdupes inherited interactive deletion from fdupes and there were zero
input safeguards. A user tried to use ranges "2-4" and files 3 and 4 were
deleted, not preserved. This is a major data loss concern because the
behavior is destructive and contrary to user expectations. In the latest
commit I've placed heavy safeguards in the interactive deletion code that
should prevent all of the invalid input scenarios I can conceive.

The commit 4888e85[1] can and should be immediately applied to ALL
versions of jdupes that are being distributed. It should cleanly apply
and work without modification to every remotely recent version spanning
several years back.

[1] https://codeberg.org/jbruchon/jdupes/commit/4888e85

Bug#1054236: ITP: python-nvchecker -- new version checker

[Jakub Ružička]

Package: wnpp
Severity: wishlist
Owner: Jakub Ružička 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: python-nvchecker
  Version : 2.12
  Upstream Contact: lilydjwg 
* URL : https://github.com/lilydjwg/nvchecker
* License : Expat
  Programming Lang: Python
  Description : new version checker

nvchekcer (short for new version checker) is a Python library and CLI for
checking if a new version of some software has been released.

It's a handy tool for querying various sources (such as deb/rpm repos or
repology) for software versions.

Individual version sources are modular and can be easily reused from python
code, making nvchecker useful both as a CLI and as a reusable library.

Upstream is friendly and active.

I plan to maintain this as a part of PythonTeam.

Bug#1052747: ortp: FTBFS: b64.h:293: error: unable to resolve link to 'b64::b64_encode2' for \link command (warning treated as error, aborting now)

[Dennis Filder]

Control: close -1 1:5.2.98-1
X-Debbugs-Cc: lu...@debian.org

I'm closing this as this was fixed with 1:5.2.98-1 in experimental.

Reopen at will.

Regards.

Bug#1053310: closed by Debian FTP Masters (reply to Andreas Metzler ) (Bug#1053310: fixed in exim4 4.97~RC2-2)

[Salvatore Bonaccorso]

On Mon, Oct 16, 2023 at 04:51:03PM +, Debian Bug Tracking System wrote:
> This is an automatic notification regarding your Bug report
> which was filed against the exim4-base package:
> 
> #1053310: exim4-base: Various severe CVE reports are outstanding
> 
> It has been closed by Debian FTP Masters  
> (reply to Andreas Metzler ).
> 
> Their explanation is attached below along with your original report.
> If this explanation is unsatisfactory and you have not received a
> better one in a separate message then please contact Debian FTP Masters 
>  (reply to Andreas Metzler 
> ) by
> replying to this email.
> 
> 
> -- 
> 1053310: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053310
> Debian Bug Tracking System
> Contact ow...@bugs.debian.org with problems

> From: Debian FTP Masters 
> Reply-To: Andreas Metzler 
> Date: Mon, 16 Oct 2023 16:49:09 +
> To: 1053310-cl...@bugs.debian.org
> Subject: Bug#1053310: fixed in exim4 4.97~RC2-2
> Message-Id: 
> 
> Source: exim4
> Source-Version: 4.97~RC2-2
> Done: Andreas Metzler 
> 
> We believe that the bug you reported is fixed in the latest version of
> exim4, which is due to be installed in the Debian FTP archive.
> 
> A summary of the changes between this version and the previous one is
> attached.
> 
> Thank you for reporting the bug, which will now be closed.  If you
> have further comments please address them to 1053...@bugs.debian.org,
> and the maintainer will reopen the bug report if appropriate.
> 
> Debian distribution maintenance software
> pp.
> Andreas Metzler  (supplier of updated exim4 package)
> 
> (This message was generated automatically at their request; if you
> believe that there is a problem with it please contact the archive
> administrators by mailing ftpmas...@ftp-master.debian.org)
> 
> 
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
> 
> Format: 1.8
> Date: Mon, 16 Oct 2023 18:26:40 +0200
> Source: exim4
> Architecture: source
> Version: 4.97~RC2-2
> Distribution: unstable
> Urgency: high
> Maintainer: Exim4 Maintainers 
> Changed-By: Andreas Metzler 
> Closes: 1053310
> Changes:
>  exim4 (4.97~RC2-2) unstable; urgency=high
>  .
>* 76_changesfrom_4.96.2.diff: Pull fixes for CVE-2023-42117 and
>  CVE-2023-41227 from upstream GIT master. Closes: #1053310

This should have been CVE-2023-42117 and CVE-2023-42119 AFAICT.

Regards,
Salvatore

Bug#1054235: zchunk: CVE-2023-46228

[Salvatore Bonaccorso]

Source: zchunk
Version: 1.3.1+ds1-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for zchunk.

CVE-2023-46228[0]:
| zchunk before 1.3.2 has multiple integer overflows via malformed
| zchunk files to lib/comp/comp.c, lib/comp/zstd/zstd.c,
| lib/dl/multipart.c, or lib/header.c.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-46228
https://www.cve.org/CVERecord?id=CVE-2023-46228
[1] 
https://github.com/zchunk/zchunk/commit/08aec2b4dfd7f709b6e3d511411ffcc83ed4efbe
[2] https://bugzilla.suse.com/show_bug.cgi?id=1216268

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#1054234: netty: CVE-2023-44487

[Salvatore Bonaccorso]

Source: netty
Version: 1:4.1.48-7
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 
Control: found -1 1:4.1.48-4

Hi,

The following vulnerability was published for netty.

CVE-2023-44487[0]:
| The HTTP/2 protocol allows a denial of service (server resource
| consumption) because request cancellation can reset many streams
| quickly, as exploited in the wild in August through October 2023.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-44487
https://www.cve.org/CVERecord?id=CVE-2023-44487
[1] https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p
[2] 
https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#1054233: liblilv-0-0: Package does not follow FHS, it adds /usr/lib/$(DEB_HOST_MULTIARCH) to the --default-lv2-path waf configure option, see rules file, line 21.

[Jeremy Jongepier]

Package: liblilv-0-0
Version: 0.24.14-1
Severity: important

Package does not follow FHS, it adds /usr/lib/$(DEB_HOST_MULTIARCH) to the 
--default-lv2-path waf configure option, see rules file, line 21. The addition 
of this line indicates that something fundamental has changed, namely the 
default path where Debian installs its LV2 plugins. These go into 
/usr/lib/$(DEB_HOST_MULTIARCH) too now which breaks setups running software 
that uses the FHS as a starting point for LV2 plugin discovery. The LV2 plugin 
packages that Debian now installs are now not discovered anymore.

-- System Information:
Debian Release: 12.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.5.7-1-liquorix-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages liblilv-0-0 depends on:
ii  libc6  2.36-9+deb12u3
ii  libserd-0-00.30.16-1
ii  libsord-0-00.16.14+git221008-1
ii  libsratom-0-0  0.6.14-1

liblilv-0-0 recommends no packages.

liblilv-0-0 suggests no packages.

-- no debconf information

Bug#1054232: h2o: CVE-2023-44487

[Salvatore Bonaccorso]

Source: h2o
Version: 2.2.5+dfsg2-7
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for h2o.

CVE-2023-44487[0]:
| The HTTP/2 protocol allows a denial of service (server resource
| consumption) because request cancellation can reset many streams
| quickly, as exploited in the wild in August through October 2023.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-44487
https://www.cve.org/CVERecord?id=CVE-2023-44487
[1] https://github.com/h2o/h2o/commit/28fe15117b909588bf14269a0e1c6ec4548579fe

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#1034590: precedence of /etc/containers/storage.conf should higher than /usr/share/containers/storage.conf

[鐘翊修]

it's resolved.

verified with podman 4.6.2+ds1-2 trixie/main.

thanks

Reinhard Tartler 於 2023/9/18 20:30 寫道:

Control: tag -1 upstream

Hi,

Thanks for taking the time to report this. It doesn't sound like a 
problem that we could fix in the packaging, but needs some code 
changes.  For this, I'd like to ask you a favor. Can you please check 
if this was reported before at 
https://github.com/containers/podman/issues ? If not yet, please 
report it as https://github.com/containers/podman/issues/new/choose


In any case, please report back with the upstream issue number so that 
we can track progress on resolving it.



On Fri, Jul 14, 2023 at 5:39 PM 鐘翊修  wrote:

So

    |   Before upgrade to 4.4.0+ds1-1 (4.3)  | 4.4.0+
/etc/containers/strorage.conf        |   use btrfs |    btrfs
/usr/share/containers/storage.conf  |   use
overlayfs | overlayfs



When use 4.3, podman takes /etc/containers/storage.conf, so the
storage
is btrfs.
But after upgrade 4.4.0+ (at least when it was April).
Podman takes values in /usr/share/containers/storage.conf instead of
/etc/containers/strorage.conf (wrong behavior)
So just get the following

User-selected graph driver \"overlay\" overwritten by graph driver
\"btrfs\" from database

That is the observed error. But not expected error.

The expected behavior is

Podman follows man 5 containers-storage.conf.
Prefer values from /etc/containers/storage.conf.

After version upgrade from 4.3 to 4.4, no configuration required, no
reset required.


Faidon Liambotis 於 2023/7/15 02:02 寫道:
> Control: tags -1 moreinfo
>
> On Wed, Apr 19, 2023 at 09:24:21AM +0800, 鐘翊修 wrote:
>> following man 5 containers-storage.conf,
>> when a system have both /etc/containers/storage.conf and
/usr/share/containers/storage.conf
>>
>> the values in /etc/containers/storage.conf overwrite the value
in /usr/share/containers/storage.conf
>>
>> But in 4.4.0+ds1-1. with both files, podman takes the config
from /usr/share/containers/stroage.conf
>>
>> To reproduce this
>>
>> Create podman graph database on podman 4.3.1 with btrfs (config
in /etc/containers/storage.conf)
>>
>> upgrade from 4.3.1 to 4.4.0
>>
>> run the following command
>>
>> sudo podman info
>>
>> expected error message
>>
>> User-selected graph driver \"overlay\" overwritten by graph
driver \"btrfs\" from database
> I'm not sure I follow. Could you elaborate on the exact steps
you took?
> Do you mean that you expected to get this error message but
didn't, or
> that you got that error message even though you shouldn't have?
>
> Are you aware that you need to run "podman system reset" before
changing
> storage.conf? See podman-system-reset(1).
>
> Thanks,
> Faidon



--
regards,
    Reinhard

Bug#1054231: WatchDog broken since version 5.17

[программист некто]

Source: linux
Version: 6.5.3-1
Severity: normal

Hello. WatchDog broken since version 5.17. Kernel write an error to syslog.
Tested versions: 5.10, 5.15, 5.16, 5.17, 5.19, 6.1, 6.5.

>From syslog:
KERNEL 5.16 (and lower)
Oct 19 12:24:12 debian-gateway kernel: Linux version 5.16.0-6-amd64 
(debian-ker...@lists.debian.org) (gcc-11 (Debian 11.2.0-19) 11.2.0, GNU ld (GNU 
Binutils for Debian) 2.38) #1 SMP PREEMPT Debian 5.16.18-1 (2022-03-29)
...
Oct 19 12:24:13 debian-gateway kernel: sp5100_tco: SP5100/SB800 TCO WatchDog 
Timer Driver

KERNEL 5.17 (and higher)
Oct 18 20:36:00 debian-gateway kernel: Linux version 5.17.0-3-amd64 
(debian-ker...@lists.debian.org) (gcc-11 (Debian 11.3.0-3) 11.3.0, GNU ld (GNU 
Binutils for Debian) 2.38) #1 SMP PREEMPT Debian 5.17.11-1 (2022-05-26)
...
Oct 18 20:36:01 debian-gateway kernel: sp5100_tco: SP5100/SB800 TCO WatchDog 
Timer Driver
Oct 18 20:36:01 debian-gateway kernel: sp5100-tco sp5100-tco: Failed to reserve 
MMIO or alternate MMIO region
Oct 18 20:36:01 debian-gateway kernel: sp5100-tco: probe of sp5100-tco failed 
with error -16

$ lspci | grep SB
00:12.0 SATA controller: Advanced Micro Devices, Inc. [AMD/ATI] SB600 
Non-Raid-5 SATA
00:13.0 USB controller: Advanced Micro Devices, Inc. [AMD/ATI] SB600 USB (OHCI0)
00:13.1 USB controller: Advanced Micro Devices, Inc. [AMD/ATI] SB600 USB (OHCI1)
00:13.3 USB controller: Advanced Micro Devices, Inc. [AMD/ATI] SB600 USB (OHCI3)
00:13.4 USB controller: Advanced Micro Devices, Inc. [AMD/ATI] SB600 USB (OHCI4)
00:13.5 USB controller: Advanced Micro Devices, Inc. [AMD/ATI] SB600 USB 
Controller (EHCI)
00:14.0 SMBus: Advanced Micro Devices, Inc. [AMD/ATI] SBx00 SMBus Controller 
(rev 14)
00:14.1 IDE interface: Advanced Micro Devices, Inc. [AMD/ATI] SB600 IDE
00:14.2 Audio device: Advanced Micro Devices, Inc. [AMD/ATI] SBx00 Azalia 
(Intel HDA)
00:14.3 ISA bridge: Advanced Micro Devices, Inc. [AMD/ATI] SB600 PCI to LPC 
Bridge
00:14.4 PCI bridge: Advanced Micro Devices, Inc. [AMD/ATI] SBx00 PCI to PCI 
Bridge

Bug#1025581: lxsession: diff for NMU version 0.5.5-2.1

[Simon McVittie]

Control: tags 1025581 + patch pending

Because this bug has been RC for a while with no maintainer response,
and lxsession is now one of only two packages in trixie with dependencies
on policykit-1 (the other is fwupd), I've prepared an NMU for lxsession
versioned as 0.5.5-2.1 and uploaded it. Please see attached debdiff,
or alternatively, the attached patches.

Thanks,
smcv
diffstat for lxsession-0.5.5 lxsession-0.5.5

 changelog |   15 +++
 control   |6 +++---
 2 files changed, 18 insertions(+), 3 deletions(-)

diff -Nru lxsession-0.5.5/debian/changelog lxsession-0.5.5/debian/changelog
--- lxsession-0.5.5/debian/changelog	2020-03-20 19:05:34.0 +
+++ lxsession-0.5.5/debian/changelog	2023-10-19 08:53:46.0 +0100
@@ -1,3 +1,18 @@
+lxsession (0.5.5-2.1) unstable; urgency=medium
+
+  * Non-maintainer upload
+  * lxpolkit, lxsession-logout: Depend on polkitd, not policykit-1.
+The polkitd package replaces the transitional policykit-1, which
+should be removed before Debian 13 and also depends on pkexec. These
+components don't seem to use pkexec. (Closes: #1025581)
+  * lxsession: Add Suggests on pkexec.
+This can be used for apport-gtk integration (but that feature is off
+by default) and for apt integration via synaptic-pkexec (but that
+feature has been patched out because it depends on direct access to
+internal dpkg files).
+
+ -- Simon McVittie   Thu, 19 Oct 2023 08:53:46 +0100
+
 lxsession (0.5.5-2) unstable; urgency=medium
 
   * Rename debian/TODO.Debian to fix lintian warning.
diff -Nru lxsession-0.5.5/debian/control lxsession-0.5.5/debian/control
--- lxsession-0.5.5/debian/control	2020-03-20 18:05:10.0 +
+++ lxsession-0.5.5/debian/control	2023-10-19 08:53:46.0 +0100
@@ -25,7 +25,7 @@
  lxde-session, lxsession-default-apps | lxsession-edit,
  openssh-client | ssh-client
 Suggests:
- gpicview, lxpanel, pcmanfm,
+ gpicview, lxpanel, pcmanfm, pkexec,
  consolekit | libpam-systemd [linux-any]
 Provides: x-session-manager, lxde-settings-daemon
 Breaks: lxsession-data (<< 0.5.3-1)
@@ -64,7 +64,7 @@
 Package: lxpolkit
 Architecture: any
 Multi-Arch: allowed
-Depends: ${shlibs:Depends}, ${misc:Depends}, lxsession-data, policykit-1
+Depends: ${shlibs:Depends}, ${misc:Depends}, lxsession-data, polkitd
 Breaks: lxsession (<< 0.5.3-1)
 Replaces: lxsession (<< 0.5.3-1)
 Provides: polkit-1-auth-agent
@@ -92,7 +92,7 @@
 Multi-Arch: allowed
 Depends: ${shlibs:Depends}, ${misc:Depends},
  lxsession-data, lxlock | xdg-utils,
- policykit-1
+ polkitd
 Recommends:
  lsb-release, consolekit | logind [linux-any] | default-logind [linux-any]
 Breaks: lxsession (<< 0.5.3-1)
>From 7223999bb2fb761c51977d786233cbe41a3cb4bc Mon Sep 17 00:00:00 2001
From: Simon McVittie 
Date: Thu, 19 Oct 2023 08:47:09 +0100
Subject: [PATCH 1/3] lxpolkit, lxsession-logout: Depend on polkitd, not
 policykit-1

The polkitd package replaces the transitional policykit-1, which should
be removed before Debian 13 and also depends on pkexec. These components
don't seem to use pkexec.

Closes: #1025581
Signed-off-by: Simon McVittie 
---
 debian/control | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/debian/control b/debian/control
index 6b5f1c3..0312ea2 100644
--- a/debian/control
+++ b/debian/control
@@ -64,7 +64,7 @@ Description: configure what application start up automatically in LXDE
 Package: lxpolkit
 Architecture: any
 Multi-Arch: allowed
-Depends: ${shlibs:Depends}, ${misc:Depends}, lxsession-data, policykit-1
+Depends: ${shlibs:Depends}, ${misc:Depends}, lxsession-data, polkitd
 Breaks: lxsession (<< 0.5.3-1)
 Replaces: lxsession (<< 0.5.3-1)
 Provides: polkit-1-auth-agent
@@ -92,7 +92,7 @@ Architecture: any
 Multi-Arch: allowed
 Depends: ${shlibs:Depends}, ${misc:Depends},
  lxsession-data, lxlock | xdg-utils,
- policykit-1
+ polkitd
 Recommends:
  lsb-release, consolekit | logind [linux-any] | default-logind [linux-any]
 Breaks: lxsession (<< 0.5.3-1)
-- 
2.42.0

>From 7eedbe0823ae137a4d9086fb99903d070895866a Mon Sep 17 00:00:00 2001
From: Simon McVittie 
Date: Thu, 19 Oct 2023 08:50:10 +0100
Subject: [PATCH 2/3] lxsession: Add Suggests on pkexec

This can be used for apport-gtk integration (but that feature is off
by default) and for apt integration via synaptic-pkexec (but that
feature has been patched out because it depends on direct access to
internal dpkg files).

Signed-off-by: Simon McVittie 
---
 debian/control | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/debian/control b/debian/control
index 0312ea2..b67eacc 100644
--- a/debian/control
+++ b/debian/control
@@ -25,7 +25,7 @@ Recommends:
  lxde-session, lxsession-default-apps | lxsession-edit,
  openssh-client | ssh-client
 Suggests:
- gpicview, lxpanel, pcmanfm,
+ gpicview, lxpanel, pcmanfm, pkexec,
  consolekit | libpam-systemd [linux-any]
 Provides: x-session-manager, lxde-settings-daemon
 Breaks: lxsession-data (<< 0.5.3-1)
-- 
2.42.0

>From 

Bug#1054111: liferea crashes (SIGABRT) in libwebkit2gtk/libepoxy

[Paul Gevers]

Control: reassign -1 src:webkit2gtk 2.42.1-1~deb11u1
Control: forcemerge 1054101 -1

On 19-10-2023 17:10, Alberto Garcia wrote:

See also #1054101 (I guess both bugs can be merged?)


Doing so now (I hope).

Paul


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1053204: [Pkg-privacy-maintainers] Bug#1053204: onionprobe: Tor warns when generating hashed passwords

[Antoine Beaupré]

On 2023-10-19 15:17:44, Georg Faerber wrote:
> Hi,
>
> On 23-10-19 10:49:26, Antoine Beaupré wrote:
>> What's the status of this bug? are you planning a release update for
>> this?
>
> Yes, I do, swamped with work currently. Expect the unstable update
> within the upcoming four days. Once done, I'll take care of the stable
> update, although that will take a while to be officially released,
> still. 

Let me know if you need help in any way. I'd love to test a package,
from unstable or anywhere..

A.

-- 
La publicité est la dictature invisible de notre société.
- Jacques Ellul

Bug#1053204: [Pkg-privacy-maintainers] Bug#1053204: onionprobe: Tor warns when generating hashed passwords

[Georg Faerber]

Hi,

On 23-10-19 10:49:26, Antoine Beaupré wrote:
> What's the status of this bug? are you planning a release update for
> this?

Yes, I do, swamped with work currently. Expect the unstable update
within the upcoming four days. Once done, I'll take care of the stable
update, although that will take a while to be officially released,
still. 

Cheers,
Georg

Bug#1054230: Please change permissions on /var/lib/libvirt/images/

[Lee Garrett]

Package: libvirt-daemon-system
Version: 9.0.0-4
Severity: wishlist
X-Debbugs-Cc: deb...@rocketjump.eu

Hi,

Currently, the permissions for /var/lib/libvirt/images are root:root u=rwx,go=x.
It would be nice to change those to root:libvirt ug=rwx,o=x. This should not
change anything from the security standpoint, as users of the libvirt group can
already interact with libvirtd and add/remove/modify VMs.

The upside would be that virt-v2v can run without root permissions, as it
directly writes to that dir. I have verified that changing the permissions
allows virt-v2v to run rootless.

For completeness, this is the command line I've tested it with:
virt-v2v -i ova -o libvirt -of qcow2 -oo compressed -oc 'qemu:///system' 
win11.zip -on win11trial

Regards,
Lee


-- System Information:
Debian Release: 12.2
  APT prefers stable-updates
  APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-13-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libvirt-daemon-system depends on:
ii  adduser 3.134
ii  debconf [debconf-2.0]   1.5.82
ii  gettext-base0.21-12
ii  iptables1.8.9-2
ii  libvirt-clients 9.0.0-4
ii  libvirt-daemon  9.0.0-4
ii  libvirt-daemon-config-network   9.0.0-4
ii  libvirt-daemon-config-nwfilter  9.0.0-4
ii  libvirt-daemon-system-systemd   9.0.0-4
ii  logrotate   3.21.0-1
ii  polkitd 122-3

Versions of packages libvirt-daemon-system recommends:
ii  dmidecode3.4-1
ii  dnsmasq-base [dnsmasq-base]  2.89-1
ii  iproute2 6.1.0-3
ii  mdevctl  1.2.0-3+b1
ii  parted   3.5-3

Versions of packages libvirt-daemon-system suggests:
ii  apparmor3.0.8-3
pn  auditd  
pn  nfs-common  
pn  open-iscsi  
pn  pm-utils
ii  systemd 252.17-1~deb12u1
pn  systemtap   
pn  zfsutils

-- Configuration Files:
/etc/default/libvirt-guests changed [not included]
/etc/libvirt/qemu.conf [Errno 13] Permission denied: '/etc/libvirt/qemu.conf'

-- debconf information excluded

Bug#1054111: liferea crashes (SIGABRT) in libwebkit2gtk/libepoxy

[Alberto Garcia]

On Thu, Oct 19, 2023 at 11:38:47AM +0200, Paul Gevers wrote:
> Dear webkit2gtk maintainers,
> 
> Can you please help to see if this bug report (quoted below) is
> caused by the security update in oldstable/bullseye? And if so, what
> can be done about it (on your side or on the side of liferea).

I discussed this with upstream and we're going to disable the WebKit
DMABuf renderer by default in bullseye, I'm preparing a new security
update. Liferea does not need to do anything.

See also #1054101 (I guess both bugs can be merged?)

Berto

Bug#1054229: libcgns-dev: please also ship src/cgns_f.F90 to support Fortran compilers beyond gfortran

[Francesco Poli (wintermute)]

Package: libcgns-dev
Version: 3.4.0-3
Severity: wishlist

Hello and thanks for maintaining this useful library in Debian!

The CGNS library may be used from C/C++ programs/libraries and also
from Fortran programs/libraries.

In order to use the library from Fortran code, the

  use cgns

statement is required, which requires access to the 'cgns.mod' module
file, correctly shipped in package libcgns-dev as /usr/include/cgns.mod .

This works like a charm, as long you compile your own Fortran
program/library with the same Fortran compiler which was used to
generate the 'cgns.mod' module file.
But it may fail, when the two compilers are different, since,
unfortunately!, Fortran module files are [not portable] across
different compilers. 

[not portable]: 

Obviously, the 'cgns.mod' module file shipped in package libcgns-dev as
/usr/include/cgns.mod was compiled with gfortran.
As a consequence, if you also compile your own Fortran program/library
with gfortran, there's no issue at all in using libcgns-dev.

But, if you want to support compilation of your own Fortran program/library
with more than one compiler (for instance gfortran and the Intel 'ifort'
Fortran compiler), you cannot use the official Debian package libcgns-dev.

Well, I seem to have found a strategy to work around this issue.

I downloaded the 'src/cgns_f.F90' source file (from the libcgns Debian
source package, same exact version as the installed Debian binary package)
and compiled it with the incompatible Fortran compiler (e.g.: the Intel
'ifort' Fortran compiler), thus obtaining a 'cgns.mod' module file
compatible with the used Fortran compiler. Among the options passed to
the compiler, there were the following:

  -I/usr/include -c

Then I compiled my own Fortran program source files with the previously
obtained 'cgns.mod' module file in the same directory.
Again with:

  -I/usr/include -c

among the compiler options.
Finally, I linked my own Fortran program .o object files together, with the
following:

  -lcgns

among the passed options.

The strategy works and produces an executable, which is dynamically linked
(among other libraries) to the CGNS library:

  $ ldd my_own_fortran_program | grep cgns
libcgns.so.3.4 => /lib/x86_64-linux-gnu/libcgns.so.3.4 
(0x7f3a4e9f3000)

The executable works correctly.



In conclusion, I would like to suggest to also ship the 'src/cgns_f.F90'
source file in package libcgns-dev, so that the CGNS library in Debian
becomes usable with Fortran compilers other than gfortran.

This would be highly useful, as it would increase the cross-compiler
compatibility of the CGNS library, as shipped in Debian!
And this would just require to ship one more file (less than 200 kbyte)
simply copied from the source Debian package to the libcgns-dev binary
Debian package.

Please consider accepting this proposal.
Thanks for your time and your dedication!

  
-- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (800, 'testing'), (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.5.0-1-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_FIRMWARE_WORKAROUND
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libcgns-dev depends on:
ii  libcgns3.4  3.4.0-3

libcgns-dev recommends no packages.

libcgns-dev suggests no packages.

-- no debconf information

Bug#1053204: onionprobe: Tor warns when generating hashed passwords

[Antoine Beaupré]

Hello!

What's the status of this bug? are you planning a release update for
this?

Thanks!
-- 
What this country needs is more unemployed politicians.
- Angela Davis

Bug#1054101: webkit2gtk: No provider of eglCreateImage found. Requires one of: EGL 15, yelp can't start

[Alberto Garcia]

On Thu, Oct 19, 2023 at 07:58:04PM +0800, xiao sheng wen wrote:
> I download and installed yelp-dbgsym_3.38.3-1_amd64.deb
> 
> $ gdb yelp

Thanks, that backtrace is useful.

We have a patch that might help with this but I cannot test it myself
because I cannot reproduce the problem.

The patch is this one: https://commits.webkit.org/267503@main

I rebuilt WebKitGTK 2.42.1-1~deb11u1 with this patch applied and I put
the binaries here so people can test them:

   https://people.debian.org/~berto/webkit/

The integrity of the files can be checked using the SHA256 sums, which
are signed with my public key.

If you would be so kind to test these packages and tell me if they
help it would be great.

(if you prefer not to install out-of-repo packages I understand it)

Thanks,

Berto

Bug#1054228: pam FTBFS: No series file found

[Helmut Grohne]

Source: pam
Version: 1.5.2-7
Tags: ftbfs patch
Severity: serious
User: helm...@debian.org
Usertags: rebootstrap

pam fails to build from source in unstable, because quilt no longer
recognizes the QUILT_PATCHES_DIR variable and therefore does not find a
series file. Renaming it to QUILT_PATCHES fixes the build. I'm attaching
a patch for your convenience. This bug happens to break architecture
bootstrap for all architectures.

Helmut
diff --minimal -Nru pam-1.5.2/debian/changelog pam-1.5.2/debian/changelog
--- pam-1.5.2/debian/changelog  2023-08-17 01:22:53.0 +0200
+++ pam-1.5.2/debian/changelog  2023-10-19 16:24:44.0 +0200
@@ -1,3 +1,10 @@
+pam (1.5.2-7.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix FTBFS: s/QUILT_PATCHES_DIR/QUILT_PATCHES/. (Closes: #-1)
+
+ -- Helmut Grohne   Thu, 19 Oct 2023 16:24:44 +0200
+
 pam (1.5.2-7) unstable; urgency=medium
 
   [ Steve Langasek ]
diff --minimal -Nru pam-1.5.2/debian/rules pam-1.5.2/debian/rules
--- pam-1.5.2/debian/rules  2023-08-17 01:22:53.0 +0200
+++ pam-1.5.2/debian/rules  2023-10-19 16:24:44.0 +0200
@@ -13,7 +13,7 @@
 LC_COLLATE=C
 export LC_COLLATE
 
-export QUILT_PATCH_DIR = debian/patches-applied
+export QUILT_PATCHES = debian/patches-applied
 
 d = $(CURDIR)/debian
 dl = $(d)/local

Bug#1054227: /usr/bin/josm: Randomly stops processing hotkeys until mouse is clicked

[Sebastiaan Couwenberg]

Control: tags -1 moreinfo

On Thu, 19 Oct 2023 16:10:59 +0200 Matija Nalis wrote:

Version: 0.0.svn18646+dfsg-1


Please update the josm package to version in bookworm-backports.

I cannot reproduce the issue with josm from bookworm-backports.

Can you still reproduce the issue after updating the package?

Kind Regards,

Bas

--
 GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146  50D1 6750 F10A E88D 4AF1

Bug#1054218: texlive-latex-base: pdflatex failures on big-endian architectures (s390x)

[Preuße]

On 19.10.2023 14:20, Stuart Prescott wrote:

Hi Stuart,


The unittests of the 'plastex' package run pdflatex to generate some
figures, and then extract the text from the figures to verify that
various implementation details of the package are working. These tests
pass on all release architectures except s390x. They also fail on ppc64.
The common feature of the failures is that the architecture is
big-endian.



As you opened the issue for texlive-latex-base I'm wondering if the 
issue caused by the latest texlive-latex-base upgrade. Do you remember 
if it worked 2 weeks ago?


Hilmar
--
sigfault



OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1054175: [Pkg-javascript-devel] Bug#1054175: node-require-main-filename: failing dh_auto_test

[Yadd]

Control: tags -1 + moreinfo

On 10/18/23 20:27, Tianyu Chen wrote:

Source: node-require-main-filename
Version: 2.0.0-2
Severity: serious
Tags: ftbfs
Justification: fails to build from source
X-Debbugs-Cc: sweetyf...@deepin.org

Hi,

During a rebuild of your package in unstable, your package fails to
build from source.

Full log can be accessed at:


https://build.opensuse.org/package/live_build_log/home:utsweetyfish:node-202309/node-require-main-filename/Debian_Unstable/aarch64

Tail of log for your package:

# Subtest: should default to process.cwd() if require.main is 
undefined
not ok 1 - expected '/usr/src/packages/BUILD' to match 
/(?:.*autopkgtest.*|require-main-filename)/
  ---
[...]

1..1
# failed 1 test
# time=95.325ms
not ok 1 - test.js # time=95.325ms
  ---
  env: {}
  file: test.js
  timeout: 3
  command: /usr/bin/node
  args:
- test.js
  stdio:
- 0
- pipe
- 2
  cwd: /usr/src/packages/BUILD
  exitCode: 1
  ...

1..1
# failed 1 test
# time=1113.041ms
--|-|--|-|-|---
File  | % Stmts | % Branch | % Funcs | % Lines | Uncovered Line #s
--|-|--|-|-|---
All files | 100 |  100 | 100 | 100 |
 index.js | 100 |  100 | 100 | 100 |
--|-|--|-|-|---
dh_auto_test: error: /bin/sh -ex debian/tests/pkg-js/test returned exit 
code 1
make: *** [debian/rules:8: binary] Error 25
dpkg-buildpackage: error: debian/rules binary subprocess returned exit 
status 2

Thanks!
Tianyu Chen @ deepin


Hi,

I'm not able to reproduce this issue

Bug#982663: trapperkeeper-scheduler-clojure: testsuite hangs on buildds

[Paul Gevers]

Hi,

On Thu, 23 Mar 2023 17:35:16 +0100 Paul Gevers  wrote:
The results on ci.debian.org are also not great. The autopkgtest 
"upstream" test regularly times out, but because the test is marked 
flaky (which seems warranted because it also fails often when not timing 
out), the result is considered "neutral". However, this timing out after 
2:47 hours is not nice for our infra if a non-hanging test passes in 
several minutes.


I'm adding this package to our reject list. Please let me know when this 
issue is resolved.


Paul


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1054227: /usr/bin/josm: Randomly stops processing hotkeys until mouse is clicked

[Matija Nalis]

Package: josm
Version: 0.0.svn18646+dfsg-1
Severity: normal
File: /usr/bin/josm
X-Debbugs-Cc: mnalis-debian...@voyager.hr

After upgrade from Bullseye to Bookworm, JOSM very frequently stops processing 
all hotkeys.
Problem never occured in Bullseye.

Once it happens, no keyboard input is processed until a mouse is clicked on 
some element, when it seems to work again
for some time.

I can reliably reproduce it with unmodified /etc/default/josm, as well as new 
user with no JOSM 
configurations/plugins/caches in HOME.

Easieast way to reproduce it to download some area with buildings, click on
building to select it, and then press F3 to bring up preset chooser, and exit
it with ESC. After several "F3 / ESC" combos (usually less then 10), the bug
triggers, so new press on F3 will NOT bring up preset window, neither will
other keyboard shortcuts (like "s" to select, "a" to add etc) work.


-- System Information:
Debian Release: 12.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-13-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=hr_HR.UTF-8, LC_CTYPE=hr_HR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: sysvinit (via /sbin/init)
LSM: AppArmor: enabled

Versions of packages josm depends on:
ii  default-jre [java9-runtime] 2:1.17-74
ii  fonts-noto  20201225-1
ii  jmapviewer  2.16+dfsg-2
ii  libcommons-compress-java1.22-1
ii  libgettext-commons-java 0.9.6-6
ii  openjdk-17-jre [java9-runtime]  17.0.8+7-1~deb12u1
ii  openjfx 11.0.11+1-3
ii  proj-data   9.1.1-1

Versions of packages josm recommends:
pn  josm-l10n  

josm suggests no packages.

-- Configuration Files:
/etc/default/josm changed:
JAVA_OPTS="${JAVA_OPTS} -Xmx4096m"
JAVA_OPTS="${JAVA_OPTS} -Dsun.java2d.opengl=True"


-- no debconf information

Bug#1054226: python-urllib3: CVE-2023-45803

[Salvatore Bonaccorso]

Source: python-urllib3
Version: 1.26.17-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for python-urllib3.

CVE-2023-45803[0]:
| urllib3 is a user-friendly HTTP client library for Python. urllib3
| previously wouldn't remove the HTTP request body when an HTTP
| redirect response using status 301, 302, or 303 after the request
| had its method changed from one that could accept a request body
| (like `POST`) to `GET` as is required by HTTP RFCs. Although this
| behavior is not specified in the section for redirects, it can be
| inferred by piecing together information from different sections and
| we have observed the behavior in other major HTTP client
| implementations like curl and web browsers. Because the
| vulnerability requires a previously trusted service to become
| compromised in order to have an impact on confidentiality we believe
| the exploitability of this vulnerability is low. Additionally, many
| users aren't putting sensitive data in HTTP request bodies, if this
| is the case then this vulnerability isn't exploitable. Both of the
| following conditions must be true to be affected by this
| vulnerability: 1. Using urllib3 and submitting sensitive information
| in the HTTP request body (such as form data or JSON) and 2. The
| origin service is compromised and starts redirecting using 301, 302,
| or 303 to a malicious peer or the redirected-to service becomes
| compromised. This issue has been addressed in versions 1.26.18 and
| 2.0.7 and users are advised to update to resolve this issue. Users
| unable to update should disable redirects for services that aren't
| expecting to respond with redirects with `redirects=False` and
| disable automatic redirects with `redirects=False` and handle 301,
| 302, and 303 redirects manually by stripping the HTTP request body.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-45803
https://www.cve.org/CVERecord?id=CVE-2023-45803
[1] https://github.com/urllib3/urllib3/security/advisories/GHSA-g4mx-q9vg-27p4
[2] 
https://github.com/urllib3/urllib3/commit/b594c5ceaca38e1ac215f916538fb128e3526a36
 

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#1054225: redis: CVE-2023-45145

[Salvatore Bonaccorso]

Source: redis
Version: 5:7.0.13-2
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for redis.

CVE-2023-45145[0]:
| Redis is an in-memory database that persists on disk. On startup,
| Redis begins listening on a Unix socket before adjusting its
| permissions to the user-provided configuration. If a permissive
| umask(2) is used, this creates a race condition that enables, during
| a short period of time, another process to establish an otherwise
| unauthorized connection. This problem has existed since Redis
| 2.6.0-RC1. This issue has been addressed in Redis versions 7.2.2,
| 7.0.14 and 6.2.14. Users are advised to upgrade. For users unable to
| upgrade, it is possible to work around the problem by disabling Unix
| sockets, starting Redis with a restrictive umask, or storing the
| Unix socket file in a protected directory.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-45145
https://www.cve.org/CVERecord?id=CVE-2023-45145
[1] https://github.com/redis/redis/security/advisories/GHSA-ghmp-889m-7cvx
[2] 
https://github.com/redis/redis/commit/7f486ea6eebf0afce74f2e59763b9b82b78629dc

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#1054224: zookeeper: CVE-2023-44981

[Salvatore Bonaccorso]

Source: zookeeper
Version: 3.8.0-11
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 
Control: found -1 3.4.13-6

Hi,

The following vulnerability was published for zookeeper.

CVE-2023-44981[0]:
| Authorization Bypass Through User-Controlled Key vulnerability in
| Apache ZooKeeper. If SASL Quorum Peer authentication is enabled in
| ZooKeeper (quorum.auth.enableSasl=true), the authorization is done
| by verifying that the instance part in SASL authentication ID is
| listed in zoo.cfg server list. The instance part in SASL auth ID is
| optional and if it's missing, like 'e...@example.com', the
| authorization check will be skipped. As a result an arbitrary
| endpoint could join the cluster and begin propagating counterfeit
| changes to the leader, essentially giving it complete read-write
| access to the data tree. Quorum Peer authentication is not enabled
| by default.  Users are recommended to upgrade to version 3.9.1,
| 3.8.3, 3.7.2, which fixes the issue.  Alternately ensure the
| ensemble election/quorum communication is protected by a firewall as
| this will mitigate the issue.  See the documentation for more
| details on correct cluster administration.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-44981
https://www.cve.org/CVERecord?id=CVE-2023-44981
[1] https://www.openwall.com/lists/oss-security/2023/10/11/4
[2] 
https://github.com/apache/zookeeper/commit/96b3172ca249a8580e9a315d589d319286cee4ee

Regards,
Salvatore

Bug#1054223: golang-github-crewjam-saml: CVE-2023-45683

[Salvatore Bonaccorso]

Source: golang-github-crewjam-saml
Version: 0.4.12-2
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for golang-github-crewjam-saml.

CVE-2023-45683[0]:
| github.com/crewjam/saml is a saml library for the go language. In
| affected versions the package does not validate the ACS Location URI
| according to the SAML binding being parsed. If abused, this flaw
| allows attackers to register malicious Service Providers at the IdP
| and inject Javascript in the ACS endpoint definition, achieving
| Cross-Site-Scripting (XSS) in the IdP context during the redirection
| at the end of a SAML SSO Flow. Consequently, an attacker may perform
| any authenticated action as the victim once the victim’s browser
| loaded the SAML IdP initiated SSO link for the malicious service
| provider. Note: SP registration is commonly an unrestricted
| operation in IdPs, hence not requiring particular permissions or
| publicly accessible to ease the IdP interoperability. This issue is
| fixed in version 0.4.14. Users unable to upgrade may perform
| external validation of URLs provided in SAML metadata, or restrict
| the ability for end-users to upload arbitrary metadata.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-45683
https://www.cve.org/CVERecord?id=CVE-2023-45683
[1] https://github.com/crewjam/saml/security/advisories/GHSA-267v-3v32-g6q5

Regards,
Salvatore

Bug#999610: Firefox-Esr won't to open AppStream urls in KDE Discover

[Sheik]

Hi Bernard,


Thanks for the finding this. It helped me out too.


Found a similar problem in that Firefox-Esr wouldn't open appstream urls 
in KDE/Discover. Tried the same thing with Chromium and it opened as 
expected.


After finding this bug report, I installed desktop-file-utils and 
Firefox-Esr opened the appstream url as expected in KDE/Discover.


Tested using appstream://org.kde.dolphin.desktop


Thanks

Sheik

Bug#916475: [Pkg-electronics-devel] Bug#916475: ghdl: various suggestions to simplify the packaging

[Nicolas Boulenguez]

> This breaks the build for me since I build the source package on bookworm
> (via gbp). I might hold off on this one until dh-builtusing is backported.

Passing -nc to dpkg-buildpackage may fix this, see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054125

Else, there is no problem with postponing the change.
Dh-builtusing is convenient but not necessary.

> > Subject: [PATCH 12/14] Various minor improvements in the test driver
> > test $1 = 2

> This is kind of obscure, think of the (lack of an) error message. If we
> skip this we'll get an "undefined $2" error due to set -u, which I find is
> more helpful than a quiet exit rv>0.

Please use the attached commit instead.
>From 610cb15f44cf9c9d1f582a816f1deefe63ac26a1 Mon Sep 17 00:00:00 2001
From: Nicolas Boulenguez 
Date: Thu, 5 Oct 2023 14:39:35 +0200
Subject: [PATCH 1/3] Various minor improvements in the test driver

Enable more alerts by the shell.

Check the argument count.

Replace test cascades with 'case' constructs.

There is no need to create RUNDIR because the script is called after a
'make install'.

There is no need to check that the RUNDIR variable is not empty, it is
set in all branches of the previous construct.
---
 debian/tests/ghdl-tests | 48 -
 1 file changed, 23 insertions(+), 25 deletions(-)

diff --git a/debian/tests/ghdl-tests b/debian/tests/ghdl-tests
index 5868e16c..9ef0a66d 100755
--- a/debian/tests/ghdl-tests
+++ b/debian/tests/ghdl-tests
@@ -1,39 +1,38 @@
 #!/bin/sh
 
-set -e
+set -C -e -f -u
 
 # The pyunit tests are not run here. These parts are not activated in
 # Debian yet.
 TESTS="sanity gna vests synth vpi vhpi"
 
+error() {
+echo >&2 "$0: $1"
+exit 1
+}
 
-if [ "$2" = mcode ]; then
-	BACKEND=mcode
-elif [ "$2" = llvm ]; then
-	BACKEND=llvm
-elif [ "$2" = gcc ]; then
-	BACKEND=gcc
-else
-	echo >&2 "Invalid backend specification"
-	exit 1
-fi
+test $# = 2 || error "bad argument count: $#"
 
-if [ "$1" = buildtest ]; then
+case "$2" in
+gcc|llvm|mcode)
+	BACKEND=$2
+	;;
+*)
+	error "invalid backend specification: $2"
+esac
+
+case "$1" in
+buildtest)
 	RUNDIR=testrundir/$BACKEND
-	mkdir -p "$RUNDIR"
 	GHDL="$PWD/$RUNDIR/usr/bin/ghdl-$BACKEND"
-elif [ "$1" = autopkgtest ]; then
+	;;
+autopkgtest)
 	RUNDIR="$AUTOPKGTEST_TMP"
 	GHDL=/usr/bin/ghdl-$BACKEND
-else
-	echo >&2 "Invalid test environment specification"
-	exit 1
-fi
-
-if [ -z "$RUNDIR" ]; then
-	echo >&2 "RUNDIR is empty string"
-	exit 1
-fi
+	;;
+*)
+	error "invalid test environment specification: $1"
+esac
 
 # Copy testsuite into $RUNDIR to execute there, so that no cleanup is necessary
 # (entire $RUNDIR will be deleted later). Also copy src/grt as at least one test
@@ -54,6 +53,5 @@ if ./testsuite.sh $TESTS -- --keep-going; then
 elif test $BACKEND = llvm; then
 echo "Tests for backend llvm failed (but ignored for now)."
 else
-echo >&2 "Tests for backend $BACKEND failed."
-exit 1
+error "tests for backend $BACKEND failed."
 fi
-- 
2.39.2

Bug#1053872: systemd with high load after 19-01-2038

[Michael Biebl]

Control: tags -1 + unreproducible

On 10/13/23 13:00, Tony de Goede wrote:

Package: systemd
Version: 252.12-1~deb12u1
Severity: serious
Justification: linux system unstable

Dear Maintainer,

    When setting the time to 19 Jan 2038 3:14 GMT using "date 
011903142038" the systemd gets high load.

    At 7 seconds after 3:14 the date is correct in the kernel but systemd
    get high load.


I'm not able to reproduce the problem.
So I'm not going to forward this issue to upstream.

If you can reliably reproduce the issue, please file this directly at
https://github.com/systemd/systemd/issues

Thanks
Michael


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1054222: chrony: installs some units twice once dh_installsystemd installs to /usr

[Vincent Blut]

Package: chrony
Version: 4.4-2
Severity: normal
User: helm...@debian.org
Usertags: dep17m2

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

chrony is among the packages that will become RC buggy as soon as
dh_installsystemd installs systemd units in /usr/lib/systemd/system due to some
of those units being also installed into /lib/systemd/system via dh_install.

My plan is to drop the systemd units listed in the d/install file and symlink
the units provided in the examples/ directory into debian/ to let
dh_installsystemd handle them.

A new chrony revision implementing this plan is expected this weekend.

Cheers,
Vincent

-BEGIN PGP SIGNATURE-

iHUEARYKAB0WIQSRJQjHKbAUfuoc+DAQn1qAt/bgAQUCZTEw8wAKCRAQn1qAt/bg
Abv4AQDnZArfFNIKH9sDTMAjkjzt94OMk+87bG+vAypTb87SxgEAwW0eWISic+UB
RIQBzs27W81gFRF9KeRygfUhY95dDgU=
=9Qne
-END PGP SIGNATURE-

Bug#1054211: systemd: ystemd-networkd-wait-online.service reports a timeout error while network is activated

[Eric Valette]

On 19/10/2023 15:23, Michael Biebl wrote:

On 10/19/23 10:47, eric wrote:

Package: systemd
Version: 254.5-1
Severity: normal




Do you have any network interfaces managed by systemd-networkd?
If not, why is systemd-networkd-wait-online.service enabled?


How do I specify/know that? I havent changed my network config besides 
regular package update.


I've no /etc/network/interface file and my config should be managed by
network manager. Currently ethernet cable but wifi sometimes.

-- eric

Bug#1054211: systemd: ystemd-networkd-wait-online.service reports a timeout error while network is activated

[Michael Biebl]

On 10/19/23 10:47, eric wrote:

Package: systemd
Version: 254.5-1
Severity: normal

I think this is related to the new version of package network manager

systemd-analyze blame
2min 117ms systemd-networkd-wait-online.service


Do you have any network interfaces managed by systemd-networkd?
If not, why is systemd-networkd-wait-online.service enabled?





OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1054219: "breaks beamer theme metropolis" - actually only old versions of metropolis

[Joachim Wuttke]

With latest metropolis 1.2 from https://github.com/matze/mtheme,
my presentation compiles again.

As it would be a lot of work to extract a minimal example from
the horribly complicated beamer code, I suggest we better close
this issue.

Sorry, Joachim


smime.p7s
Description: S/MIME Cryptographic Signature

Bug#1053502: mailman3-web: Package failed to install during upgrade from Debian 11 to 12

[Steven Verhulst]

Hello Pierre-Elliot,

Here is the log you requested.

Kind regards,

Steven Verhulst
SISC (Shared ICT Services Centre) - SoftWeb
[M] sverhu...@vub.be


From: Pierre-Elliott Bécue
Sent: Friday, October 06, 2023 15:07
To: Steven Verhulst
Cc: 1053...@bugs.debian.org
Subject: Re: Bug#1053502: mailman3-web: Package failed to install during 
upgrade from Debian 11 to 12

Please keep the bug report CC-ed.

Steven Verhulst  wrote on 06/10/2023 at 13:16:09+0200:

> Hi,
>
>
>
> /etc/mysql/debian.cnf is a config file auto generated by some debian scripts.
>
> It contains host / user information for mysql connection.
>
> According to the contents this file is deprecated and should no longer be 
> used:
>
>
>
> # THIS FILE IS OBSOLETE. STOP USING IT IF POSSIBLE.
>
> # This file exists only for backwards compatibility for
>
> # tools that run '--defaults-file=/etc/mysql/debian.cnf'
>
> # and have root level access to the local filesystem.
>
> # With those permissions one can run 'mariadb' directly
>
> # anyway thanks to unix socket authentication and hence
>
> # this file is useless. See package README for more info.
>
> # THIS FILE WILL BE REMOVED IN A FUTURE DEBIAN RELEASE.
>
>
>
>
>
> “sed: -e expression #2, char 82: unterminated `s' command”
>
> Makes me believe that there is an issue with with one the sed
> expression in the post-installation script.

Yes, I am aware of your beliefs, and they're probably founded, but to be
able to dig in I need some context.

If you did not fix manually the issue, could you add "set -x" at the
beginning of /var/lib/dpkg/info/mailman3-web.postinst script and run a
dpkg --configure mailman3-web and give me the output?

If some passwords fall in the output, of course feel free to censor
them.

--
PEB
Determining localhost credentials from /etc/mysql/debian.cnf: failed (hosts not 
equal).
+ . /usr/share/debconf/confmodule
+ [ ! 1 ]
+ [ -z  ]
+ exec
+ [  ]
+ exec
+ DEBCONF_REDIR=1
+ export DEBCONF_REDIR
+ . /usr/share/dbconfig-common/dpkg/postinst
+ dbc_dbfile_owner=www-data:www-data
+ dbc_dbfile_perms=0640
+ dbc_go mailman3-web configure 0+20200530-2.1
+ local importing_from_non_dbc upgrading reconfiguring f tsubstfile 
upgrades_pending dbc_dumpfile _dbc_asuser reinstall nowtime need_adminpw 
_tmp_result
+ . /usr/share/dbconfig-common/dpkg/common
+ . /usr/share/dbconfig-common/internal/common
+ [  ]
+ _dbc_logfile=/var/log/dbconfig-common/dbc.log
+ _dbc_debug (postinst) dbc_go() mailman3-web configure 0+20200530-2.1
+ [  ]
+ dbc_no_thanks
+ local no_thanks_status
+ dpkg-query -W -f=${db:Status-Want} dbconfig-no-thanks
+ no_thanks_status=unknown
+ [ unknown = install ]
+ [ unknown = hold ]
+ return 1
+ dbc_config mailman3-web configure 0+20200530-2.1
+ _dbc_debug dbc_config() mailman3-web configure 0+20200530-2.1
+ [  ]
+ dbc_share=/usr/share/dbconfig-common
+ dbc_package=mailman3-web
+ echo mailman3-web
+ cut -d_ -f1
+ dbc_basepackage=mailman3-web
+ dbc_command=configure
+ dbc_oldversion=0+20200530-2.1
+ _dbc_sanity_check package command
+ [ 2 -ne 0 ]
+ [ -z mailman3-web ]
+ shift
+ [ 1 -ne 0 ]
+ [ -z configure ]
+ shift
+ [ 0 -ne 0 ]
+ dbc_confdir=/etc/dbconfig-common
+ dbc_globalconfig=/etc/dbconfig-common/config
+ dbc_packageconfig=/etc/dbconfig-common/mailman3-web.conf
+ dbc_standard_templates=database-type dbconfig-install dbconfig-upgrade 
dbconfig-remove dbconfig-reinstall password-confirm app-password-confirm purge 
upgrade-backup passwords-do-not-match install-error upgrade-error remove-error 
internal/reconfiguring internal/skip-preseed missing-db-package-error
+ dbc_mysql_templates=mysql/authplugin mysql/method remote/host remote/newhost 
mysql/app-pass mysql/admin-user mysql/admin-pass remote/port db/dbname 
db/app-user
+ dbc_pgsql_templates=pgsql/method remote/host remote/newhost pgsql/app-pass 
pgsql/admin-user pgsql/admin-pass remote/port pgsql/authmethod-admin 
pgsql/authmethod-user pgsql/changeconf pgsql/manualconf db/dbname db/app-user 
pgsql/no-empty-passwords
+ dbc_sqlite_templates=db/dbname db/basepath
+ dbc_authenticated_dbtypes=mysql pgsql
+ dbc_remote_dbtypes=mysql pgsql
+ dbc_fs_dbtypes=sqlite sqlite3
+ [ -f /etc/dbconfig-common/config ]
+ . /etc/dbconfig-common/config
+ dbc_remember_admin_pass=false
+ dbc_remote_questions_default=false
+ [ !  ]
+ dbc_prio_low=low
+ [ !  ]
+ dbc_prio_medium=medium
+ [ !  ]
+ dbc_prio_high=high
+ [ !  ]
+ dbc_prio_critical=critical
+ [ false = true ]
+ dbc_remote_questions_priority=low
+ dbc_default_pgsql_authmethod_admin=ident
+ dbc_set_dbtype_defaults
+ local happy supported_dbtypes comma
+ _dbc_debug dbc_set_dbtype_defaults() 
+ [  ]
+ [  ]
+ [  ]
+ dbc_default_basepath=
+ dbc_db_installed_cmd=dbc__db_installed
+ dbc_register_templates=database-type dbconfig-install dbconfig-upgrade 
dbconfig-remove dbconfig-reinstall password-confirm app-password-confirm purge 
upgrade-backup passwords-do-not-match install-error upgrade-error remove-error 
internal/reconfiguring 

Bug#1054219: Font Fira not found, breaks beamer theme metropolis

[Preuße]

On 19.10.2023 14:25, Joachim Wuttke wrote:

Hi,


As nothing has changed in the beamer theme, I presume the problem
comes from changes in texlive-fonts-extra.



Could you provide a minimal example (TeX file)?

H.
--
sigfault



OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1054221: RFS: xmake/2.8.2+ds-1 [ITP] -- cross-platform build utility based on Lua

[Lin Qigang]

Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "xmake":

 * Package name : xmake
   Version  : 2.8.2+ds-1
   Upstream contact : ruki 
 * URL  : http://xmake.io
 * License  : Apache-2, Expat, GPL-2+
 * Vcs  : https://salsa.debian.org/xmake-team/xmake
   Section  : devel

The source builds the following binary packages:

  xmake - cross-platform build utility based on Lua
  xmake-data - Data for xmake

To access further information about this package, please visit the 
following URL:


  https://mentors.debian.net/package/xmake/

Alternatively, you can download the package with 'dget' using this command:

  dget -x 
https://mentors.debian.net/debian/pool/main/x/xmake/xmake_2.8.2+ds-1.dsc


Changes since the last upload:

 xmake (2.8.2+ds-1) unstable; urgency=medium
 .
   * Initial release (Closes: #986736).

Regards,
--
Lance Lin
GPG Fingerprint: 4A31 DB5A 1EE4 096C 8739 9880 9036 4929 4C33 F9B7


OpenPGP_0x903649294C33F9B7.asc
Description: OpenPGP public key


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1054220: Off-by-one when selecting days in activity window

[Lee Garrett]

Package: hamster-time-tracker
Version: 3.0.2-4
Severity: important
X-Debbugs-Cc: deb...@rocketjump.eu

Hi,

steps to reproduce:

- click on the + icon ("add activity") in the main window
- on the start time, clik on the arrow next to the date
- (a calendar pops up)
- click on e.g. Wednesday, October 18
- notice that the cmdline sets it to 2023-10-17, a whole day wrong

This also happens when editing previous activities to update them. Clicking back
and forth on the calendar will make the offset increase, being ±2 days, then ±3
days, etc.

I suspected it might be related to locale, but running `LC_ALL=C hamster` did
not change the outcome of the bug.

severity "important" as this tool is probably used by many freelancers to track
time, and wrong timetracking results in loss of income or overbilling.

Regards,
Lee


-- System Information:
Debian Release: 12.2
  APT prefers stable-updates
  APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-13-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages hamster-time-tracker depends on:
ii  dconf-gsettings-backend [gsettings-backend]  0.40.0-4
ii  gir1.2-gtk-3.0   3.24.38-2~deb12u1
ii  libjs-jquery 3.6.1+dfsg+~3.5.14-1
ii  libjs-jquery-ui  1.13.2+dfsg-1
ii  python3  3.11.2-1+b1
ii  python3-cairo1.20.1-5+b1
ii  python3-dbus 1.3.2-4+b1
ii  python3-distutils3.11.2-3
ii  python3-gi   3.42.2-3+b1
ii  python3-xdg  0.28-2

Versions of packages hamster-time-tracker recommends:
ii  gnome-shell-extension-hamster  0.10.0+git20210628-4
ii  yelp   42.2-1

hamster-time-tracker suggests no packages.

-- no debconf information

Bug#1054219: Font Fira not found, breaks beamer theme metropolis

[Joachim Wuttke]

Package: texlive-fonts-extra
Version: 2023.20231007-2

Beamer theme metropolis uses font Fira.

Worked fine under several Debian releases up to Bookworm.

Broken in Trixie: Throws warnings about
  Could not find Fira Sans fonts ...
  Could not find Fira Mono fonts ...
then terminates with error
  ! Package beamerfontthememetropolis Error: Patching frame title failed.

As nothing has changed in the beamer theme, I presume the problem comes
from changes in texlive-fonts-extra.


smime.p7s
Description: S/MIME Cryptographic Signature