Bug#1059385: r-cran-ggally: autopkgtest regression

[Graham Inggs]

Source: r-cran-ggally
Version: 2.2.0-1
Severity: serious
User: debian...@lists.debian.org
Usertags: regression

Hi Maintainer

Since the upload of 2.2.0-1, r-cran-ggally fails its own autopkgtests
[1].  I've copied what I hope is the relevant part of the log below.

Regards
Graham


[1] https://ci.debian.net/packages/r/r-cran-ggally/testing/amd64/


118s == Failed tests

118s -- Error ('test-ggnet.R:231:5'): examples
--
118s Error in `asIgraph(n)`: could not find function "asIgraph"
118s Backtrace:
118s x
118s 1. \-GGally::ggnet(asIgraph(n)) at test-ggnet.R:231:5
118s -- Error ('test-ggnet2.R:265:5'): examples
-
118s Error in `asIgraph(n)`: could not find function "asIgraph"
118s Backtrace:
118s x
118s 1. \-GGally::ggnet2(asIgraph(n), color = "group") at test-ggnet2.R:265:5
118s
118s [ FAIL 2 | WARN 0 | SKIP 27 | PASS 415 ]
118s Error: Test failures
118s Execution halted
119s autopkgtest [06:14:59]: test run-unit-test: ---]

Bug#1059382: kitty: Text rendering change

[Nilesh Patra]

Hi Weasley,

On 24 December 2023 8:58:14 am IST, Wesley Schwengle  
wrote:
>Package: kitty
>Version: 0.31.0-3
>Severity: normal
>X-Debbugs-Cc: wes...@schwengle.net
>
>Dear Maintainer,
>
>On Debian stable version 0.26.5 of kitty is running, on testing/unstable this
>is 0.31.0. In 0.28.0 a change in text rendering is made by upstream, this is
>mentioned in the changelog.
>
>
>Text rendering change: Use sRGB correct linear gamma blending for nicer font
>rendering and better color accuracy with transparent windows. See the option
>text_composition_strategy for details. The obsolete macos_thicken_font will
>make the font too thick and needs to be removed manually if it is configured.
>(#5969)
>
>I didn't spot it and went in full bisect mode to figure out which commit caused
>it. I found it and could relate it to the Changelog entry.

Thanks for reporting it and taking the time to bisect it as well!

>The issue is that on a dark background with light text everything is made bold,
>whereas previously this was not bold. I think it is wise to inform users that
>`text_composition_strategy legacy` restores the old defaults (similar to the
>version in stable) and/or refer to the manual page:
>
>https://sw.kovidgoyal.net/kitty/conf/#opt-kitty.text_composition_strategy
>
>If kitty can read a system-wide config it might be set there.

It can, but honestly I don't want to diverge from upstream here. Everyone may 
not like the said change and enforcing a system wide config for a composition 
change isn't something that I'm willing to do.

If you could, please consider opening up an upstream issue to see if we can 
reach a common ground. If not, I'll just add a d/NEWS entry informing 
users/sysadmin about this change.

Thanks,
Nilesh

Bug#634127: still has CPU use problems and no way to manage it

[Russell Coker]

https://longnow.org/ideas/controlling-nature-might-be-in-our-nature/

This is an example of a web page that uses a lot of CPU time, on a laptop with 
a i5-6300U running KDE with Wayland it takes 50% of a CPU core for the total 
of the WebKitWebProces and epiphany processes and it makes kwin_wayland take 
over 10% when the above web page is visible.  To reproduce this the web page 
in question has to be in a foreground tab and the web browser window has to be 
visible.  Putting another tab in the foreground or putting another window in 
front of the browser reduces it to almost zero.

On a PinePhonePro this page takes almost 100% of a CPU core between the two 
processes for Epiphany and runs the battery out quickly.

Having the same page open in Google Chrome doesn't take any noticeable CPU 
time on my laptop.

Also epiphany doesn't seem to have an equivalent to the SHIFT-ESC in Chrome to 
bring up a browser task list.  It would be good to have something like that.

-- 
My Main Blog http://etbe.coker.com.au/
My Documents Bloghttp://doc.coker.com.au/

Bug#1059352: src:apt: fails to migrate to testing for too long: autopkgtest regression on armhf

[Paul Gevers]

Hi Julian,

On 23-12-2023 20:40, Julian Andres Klode wrote:

I know this is automated but I feel lije it would be sensible to scan


It's *mostly* automated.


the logs for well known bugs so that you don't end up filing bugs
against every package broken by valgrind's missing support for the new
NOP sequences in binutils.


I do *some* minor triaging, but I didn't know this to be a common 
problem. Where do you think I should have picked this up?


Anyways, this bug is already closed (when I submitted) and because apt 
is a key package, it doesn't even do anything against apt, so the bug 
serves mostly for tracking purposes.


Paul


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1058522: (no subject)

[Lev Lamberov]

Hi Jeremy,

Чт 21 дек 2023 @ 15:06 Jeremy Sowden :

> On 2023-12-21, at 11:21:48 +, Jeremy Sowden wrote:
>> On 2023-12-21, at 11:10:28 +0500, Lev Lamberov wrote:
>> > Since I cannot reproduce the bug, I'm downgrading the severity of
>> > this bug report.
>> 
>> I cloned the git repo, ran `gbp buildpackage --git-pbuilder` and
>> reproduced it (log attached).  I'll see if I can work out what's going
>> on.

Thanks for your input. I double checked this bug report both under
git-pbuilder and sbuild. E. g., here is the sbuild environment:

$ sudo sbuild-shell unstable
I: /bin/sh
# bash
(unstable-amd64-sbuild)root@shakva:/# du --version
du (GNU coreutils) 9.4
Copyright (C) 2023 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later .
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Written by Torbjörn Granlund, David MacKenzie, Paul Eggert,
and Jim Meyering.
(unstable-amd64-sbuild)root@shakva:/# exit

But I still cannot reproduce the bug. Don't know...

Best,
Lev

Bug#1059384: ipv6calc: IPv6 link-local multicast with transient flag not detected as ll

[Linus Lüssing]

Package: ipv6calc
Version: 4.1.0-0.1
Severity: normal
X-Debbugs-Cc: linus.luess...@c0d3.blue

Dear Maintainer,

With the following I'm getting the "Address type" as expected:

```
$ echo "ff02::123" | ipv6calc -i
Address type: multicast, link-local
Registry for address: reserved(RFC4291#2.7)
Interface identifier: :::0123
Interface identifier is probably manual set
```

However when setting the transient flag then ipv6calc is not able to
detect it as link-local anymore:

```
$ echo "ff12::123" | ipv6calc -i
Address type: multicast
Registry for address: reserved(RFC4291#2.7)
```

I would have expected an "Address type" with "link-local" in the second
example, similar to the output of the first command

Regards, Linus

-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, arm64

Kernel: Linux 6.5.0-4-amd64 (SMP w/16 CPU threads; PREEMPT)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages ipv6calc depends on:
ii  libc6  2.37-12
ii  libmaxminddb0  1.8.0-1

ipv6calc recommends no packages.

Versions of packages ipv6calc suggests:
ii  bind9-host [host]  1:9.19.17-1

-- no debconf information

Bug#1059383: neomutt: conffiles not removed: /etc/neomuttrc.d/smime.rc /etc/neomuttrc.d/gpg.rc

[Paul Wise]

Package: neomutt
Version: 20231103+dfsg1-1
Severity: normal
User: debian...@lists.debian.org
Usertags: obsolete-conffile adequate

The recent upgrade did not deal with obsolete conffiles properly.
Please use the dpkg-maintscript-helper support provided by
dh_installdeb to remove these obsolete conffiles on upgrade.

https://www.debian.org/doc/debian-policy/ch-files.html#s-config-files
https://manpages.debian.org/man/1/dh_installdeb

This bug report brought to you by adequate:

https://bonedaddy.net/pabs3/log/2013/02/23/inadequate-software/

$ p=neomutt ; adequate $p ; dpkg-query -W -f='${Conffiles}\n' $p | grep obsolete
neomutt: obsolete-conffile /etc/neomuttrc.d/smime.rc
neomutt: obsolete-conffile /etc/neomuttrc.d/gpg.rc
 /etc/neomuttrc.d/smime.rc d25e75a8d59c32061f275fb823da07a1 obsolete
 /etc/neomuttrc.d/gpg.rc fa01d034c3ba43eb0899bcca8e8b4903 obsolete

-- System Information:
Debian Release: trixie/sid
  APT prefers testing-debug
  APT policy: (900, 'testing-debug'), (900, 'testing'), (800, 
'unstable-debug'), (800, 'unstable'), (790, 'buildd-unstable'), (700, 
'experimental-debug'), (700, 'experimental'), (690, 'buildd-experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.5.0-5-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8), LANGUAGE=en_AU:en
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages neomutt depends on:
hi  libc6 2.37-12
ii  libgnutls30   3.8.2-1
ii  libgpgme11    1.18.0-4+b1
ii  libgsasl18    2.2.0-2
ii  libgssapi-krb5-2  1.20.1-5
ii  libidn2-0 2.3.4-1+b1
ii  liblmdb0  0.9.31-1
ii  liblua5.4-0   5.4.6-1
ii  liblz4-1  1.9.4-1
ii  libncursesw6  6.4+20231209-1
ii  libnotmuch5   0.38.2-1
ii  libpcre2-8-0  10.42-4
ii  libsqlite3-0  3.44.2-1
ii  libtinfo6 6.4+20231209-1
ii  libtokyocabinet9  1.4.48-15
ii  libzstd1  1.5.5+dfsg2-2
ii  sensible-utils    0.0.20
ii  zlib1g    1:1.3.dfsg-3

Versions of packages neomutt recommends:
ii  locales  2.37-12
ii  mailcap  3.70+nmu1

Versions of packages neomutt suggests:
ii  aspell 0.60.8-6
ii  ca-certificates    20230311
ii  exim4-daemon-light [mail-transport-agent]  4.97-2
ii  gnupg  2.2.40-1.1
ii  ispell 3.4.05-1
ii  openssl    3.1.4-2
pn  urlview    

Versions of packages neomutt is related to:
ii  neomutt  20231103+dfsg1-1

-- no debconf information

-- 
bye,
pabs

https://wiki.debian.org/PaulWise


signature.asc
Description: This is a digitally signed message part

Bug#1056764: grub-efi-amd64: can't boot with GRUB 2.12~rc1-12

[Nicolas Haller]

Hi Mate,

Sorry for the delay, I was abroad and wasn't able to work on your questions.

I tried to add the set debug=linux and the rmmod peimage by editing the 
command list Debian deploys and this is what I get:


---
   Booting a command line

error: no such module  <= I guess that's about the rmmod peimage
Loading Linux 6.5.0-4-and64 ...
loader/efi/linux.c:101:linux: UEFI stub kernel:
loader/efi/linux.c:102:linux: PE/COFF header @ 0082
loader/efi/linux.c:128:linux: LoadFile2 initrd loading enabled
loader/efi/linux.c:495:linux: kernel file size: 9120128
loader/efi/linux.c:497:linux: kernel numpages: 2227
loader/efi/linux.c:514:linux: kernel @ 0x72a51000
Loading initial ramdisk ...
loader/efi/linux.c:416:linux: Using LoadFile2 initrd loading protocol

Press any key to continue...
---

And that's it.
Let me know if you need me to do more tests.

Thanks

--
Nicolas

On 2023-11-26 04:01, Mate Kukri wrote:

Hi Nicolas,

The mechanism used to load the kernel has changed from GRUB 2.06 to
GRUB 2.12, it is possible that there are unfortunate bugs in either in
GRUB and/or your firmware that is stopping the new mechanism from
loading the kernel.

Would you be able to attempt these two things to gather some information?

- Run `set debug=linux`, then `linux
PATH_TO_KERNEL_THAT_FAILS_TO_BOOT`. The output of the Linux command
should contain extra information with the debug mode enabled.

- (Make sure to have Secure Boot disabled), then run `rmmod peimage`
at the GRUB console, and then try running your boot entry (or
alternatively edit the boot entry with E and add that command on top).

Mate Kukri

On Sat, Nov 25, 2023 at 10:45 PM Nicolas Haller  wrote:


Package: grub-efi-amd64
Version: 2.06-13
Severity: critical
Justification: breaks the whole system

Dear Maintainer,

My old laptop (Lenovo 11e) runs Sid and all was right before I updated
it the other day (I don't do that very often). After that upgrade, GRUB
wasn't able to load any kernel with the pretty much generic error
"Error: can't load image". The version of GRUB was 2.12~rc1-12.
If I try to boot again, GRUB tells me that I need to load the image
first (I guess it somehow ignores the linux command and sends that when
trying to load the initrd).

I tried to reinstall grub, grub-install /dev/sda, update-grub, reinstall
the kernel, update-initramfs from the rescue mode but nothing worked.
The "file" command was able to read the vmlinuz file and none seemed
truncated. The system has one partition with both / and /boot and isn't
running out of space.
I did not see any error message during those operation besides GRUB
saying it wasn't able to update EFI parameters.

I don't know if there is a way to get more logs or error message during
the boot explaining why it wasn't able to load the image.

I tried to get the last version of GRUB from Bookworm, that is
2.06-13, and now I'm able to boot. The kernel version did not change,
   the only change I did is to downgrade GRUB (and dependencies apt was
   asking for).

I'm not sure which GRUB package I should use for reporting so I took the
one that seems the most specific to my system. Apologies if it is not
correct.

Let me know if you need more info.

Thanks,

--
Nicolas Haller

*** Reporter, please consider answering these questions, where appropriate ***

* What led up to the situation?
* What exactly did you do (or not do) that was effective (or
  ineffective)?
* What was the outcome of this action?
* What outcome did you expect instead?

*** End of the template - remove these template lines ***


-- Package-specific info:

*** BEGIN /proc/mounts
/dev/sda2 / ext4 rw,relatime,errors=remount-ro 0 0
/dev/sda1 /boot/efi vfat 
rw,relatime,fmask=0077,dmask=0077,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro
 0 0
*** END /proc/mounts

*** BEGIN /boot/grub/grub.cfg
#
# DO NOT EDIT THIS FILE
#
# It is automatically generated by grub-mkconfig using templates
# from /etc/grub.d and settings from /etc/default/grub
#

### BEGIN /etc/grub.d/00_header ###
if [ -s $prefix/grubenv ]; then
   set have_grubenv=true
   load_env
fi
if [ "${next_entry}" ] ; then
set default="${next_entry}"
set next_entry=
save_env next_entry
set boot_once=true
else
set default="0"
fi

if [ x"${feature_menuentry_id}" = xy ]; then
   menuentry_id_option="--id"
else
   menuentry_id_option=""
fi

export menuentry_id_option

if [ "${prev_saved_entry}" ]; then
   set saved_entry="${prev_saved_entry}"
   save_env saved_entry
   set prev_saved_entry=
   save_env prev_saved_entry
   set boot_once=true
fi

function savedefault {
   if [ -z "${boot_once}" ]; then
 saved_entry="${chosen}"
 save_env saved_entry
   fi
}
function load_video {
   if [ x$feature_all_video_module = xy ]; then
 insmod all_video
   else
 insmod efi_gop
 insmod efi_uga
 insmod ieee1275_fb
 insmod vbe
 insmod vga
 insmod 

Bug#1059382: kitty: Text rendering change

[Wesley Schwengle]

Package: kitty
Version: 0.31.0-3
Severity: normal
X-Debbugs-Cc: wes...@schwengle.net

Dear Maintainer,

On Debian stable version 0.26.5 of kitty is running, on testing/unstable this
is 0.31.0. In 0.28.0 a change in text rendering is made by upstream, this is
mentioned in the changelog.


Text rendering change: Use sRGB correct linear gamma blending for nicer font
rendering and better color accuracy with transparent windows. See the option
text_composition_strategy for details. The obsolete macos_thicken_font will
make the font too thick and needs to be removed manually if it is configured.
(#5969)

I didn't spot it and went in full bisect mode to figure out which commit caused
it. I found it and could relate it to the Changelog entry.

The issue is that on a dark background with light text everything is made bold,
whereas previously this was not bold. I think it is wise to inform users that
`text_composition_strategy legacy` restores the old defaults (similar to the
version in stable) and/or refer to the manual page:

https://sw.kovidgoyal.net/kitty/conf/#opt-kitty.text_composition_strategy

If kitty can read a system-wide config it might be set there.

Cheers,
Wesley


-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (900, 'unstable'), (500, 'experimental'), (500, 'testing'), (10, 
'stable-updates'), (10, 'stable-security'), (10, 'oldstable-security'), (10, 
'oldoldstable'), (10, 'stable'), (10, 'oldstable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.6.8-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages kitty depends on:
ii  kitty-shell-integration  0.31.0-3
ii  kitty-terminfo   0.31.0-3
ii  libc62.37-13
ii  libdbus-1-3  1.14.10-3
ii  libharfbuzz0b8.0.1-1
ii  liblcms2-2   2.14-2
ii  libpng16-16  1.6.40-2
ii  libpython3.113.11.7-2
ii  libssl3  3.1.4-2
ii  libwayland-client0   1.22.0-2.1
ii  libx11-6 2:1.8.7-1
ii  libx11-xcb1  2:1.8.7-1
ii  libxcursor1  1:1.2.1-1
ii  libxkbcommon-x11-0   1.6.0-1
ii  libxkbcommon01.6.0-1
ii  libxxhash0   0.8.2-2
ii  python3  3.11.6-1
ii  python3.11   3.11.7-2
ii  zlib1g   1:1.3.dfsg-3

Versions of packages kitty recommends:
ii  kitty-doc 0.31.0-3
ii  libcanberra0  0.30-11

Versions of packages kitty suggests:
pn  imagemagick  

-- no debconf information

Bug#896016: strace: please make the build reproducible

[James Addison]

Source: strace
Followup-For: Bug #896016
X-Debbugs-Cc: la...@debian.org, reproducible-b...@lists.alioth.debian.org

Looking at the Reproducible Builds build history[1] for strace on Debian,
all _successful_ builds I see between Y2019 and today, across all four
architectures listed (amd64, arm64, armhf, i386) have produced reproducible
results.

As a result of that, I agree that the Apr 2018 fix[2] (released Jun 2018)
mentioned by Chris has provided reproducibility for strace.

Unfortunately there are plenty of FTBFS failures -- mostly test timeouts on
some architectures, alongside libfaketime errors that seem to affect i386 --
but those seem like separate problems.  Perhaps we could close this bug?

[1] - 
https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/strace.html

[2] - 
https://github.com/strace/strace/commit/fc8294cbc2ac907737d85abca55b854bd426ab50

Bug#1059278: systemd: CVE-2023-7008

[Jan Erik Petersen]

Hi,

I'm the reporter of the bug at 
https://github.com/systemd/systemd/issues/25676. I'm sorry that I have 
to add to the bug at this time.


The commit[0] that was determined to have introduced this vulnerability 
is incorrect. Looking at the relevant diff[1] the commit merely 
introduced the use of the `FLAGS_SET` macro, but did not change the flag 
being read from the incorrect variable `t`. In the fix[2] this was 
changed to `dt`.


Note that the vulnerability has been previously reported[3] in March 
2020 on systemd v243+v244. Hence systemd v248 is definitely not the 
first version introducing the vulnerable code.


In fact, I have reproduced the issue right now on both Debian buster 
(10.13) with systemd 241-7~deb10u10 and Debian bullseye (11.8) with 
systemd 247.3-7+deb11u4.


I assume the vulnerability was introduced with the initial version[4] of 
the `dns_transaction_requires_rrsig` function, which already read the 
flag from `t`. This would have been in systemd v229, but I did not test 
any version older than v241.


I would add this information to the GitHub issue, but it has been 
locked. Perhaps a systemd contributor could relay this update, so that 
the misleading information does not spread.


Regards,
Jan Erik Petersen

[0] 
https://github.com/systemd/systemd/commit/6f055e43b817b66e6d4f6e4022f0a115dc35651b
[1] 
https://github.com/systemd/systemd/commit/6f055e43b817b66e6d4f6e4022f0a115dc35651b#diff-d63d6fd38d6a715e4ca052fc0fb65eda859f3822dbddffa4a87a3ee872e25eafL2621
[2] 
https://github.com/systemd/systemd/commit/3b4cc1437b51fcc0b08da8cc3f5d1175eed25eb1

[3] https://github.com/systemd/systemd/issues/15158
[4] 
https://github.com/systemd/systemd/commit/105e151299dc1208855380be2b22d0db2d66ebc6


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1027988: click: please make the build reproducible

[James Addison]

Followup-For: Bug #1027988
Control: forwarded -1 
https://gitlab.com/ubports/development/core/click/-/issues/6

Bug#1059324: subversion: "svn revert -R" signals reverted files with no changes

[Vincent Lefevre]

Control: retitle -1 subversion: "svn revert -R" signals reverted files with no 
changes if seen as read-only, e.g. caused by a different owner

Let's have a bug title with more details...

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Bug#1059324: subversion: "svn revert -R" signals reverted files with no changes

[Vincent Lefevre]

Control: tags -1 upstream
Control: forwarded -1 https://issues.apache.org/jira/browse/SVN-4622
Control: severity -1 normal

But see also the following thread I've started:
  https://lists.apache.org/thread/p1ky889bxwy8okqly7h1lgckxfpldnxs

There are actually 2 related issues:

1. "svn revert" wants to set the write permission (even if there
   are no changes), and if the file was regarded as read-only, a
   confusing "Reverted" message is output.

2. The consequence of 1 is possibly repeated "Reverted" messages
   if the file belongs to a different user.

In my case, the cause was that the concerned files were belonging to
root (this was a mistake). So this was issue 2 (and partially 1).

The upstream bug currently corresponds to issue 2 only.

But I think that issue 1 should also be regarded as a bug, unless
there is a good reason for "svn revert" to set the write permission
(to be discussed upstream). In case the behavior will not change,
the output message would need a clarification.

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Bug#1059381: inkscape: Crashes when setting circle radius in document with tiny scale (huge viewBox extents)

[Jean-Paul Larocque]

Package: inkscape
Version: 1.2.2-2+b1
Severity: normal

Dear Maintainer,

I have a document containing a circle.  I think the actual radius of the circle
is 3.985 cm, but Inkscape shows a radius value of 0.000 cm.  When I try
changing the radius of the circle, Inkscape crashes with the message:

Inkscape encountered an internal error and will close now.  Automatic backups 
of unsaved documents were done to the following locations:
...

This is printed to standard error:

---
terminate called after throwing an instance of 'Geom::Exception'
  what():  lib2geom exception: assertion failed: B.isFinite() 
(./src/2geom/sbasis-to-bezier.cpp:485)

Emergency save activated!

Emergency save document locations:
  [... omitted ...].svg
Emergency save completed. Inkscape will close now.
If you can reproduce this crash, please file a bug at 
https://inkscape.org/report
with a detailed description of the steps leading to the crash, so we can fix it.
---

Also: if I draw a new circle in this document and try setting the radius values
the same way, the same symptoms occur.


The issue also occurs in the upstream Inkscape AppImage (version 1.3.2
(091e20e, 2023-11-25)), so I've already reported it upstream as well:

https://gitlab.com/inkscape/inbox/-/issues/9723

However, in the newer AppImage version, Inkscape doesn't crash, but prints a
similar message to standard error and behaves incorrectly (scales the circle to
be too large).  I don't know if the difference in behavior is because of
changes between versions 1.2.2 and 1.3.2, or if it is because of build options
chosen by Debian to favor a crash instead of trying to proceed through a failed
assertion.

There may not be much point in this Debian bug report since what is essentially
the same issue appears upstream, but hopefully this helps Debian users who are
experiencing the issue and might be searching bug reports.  I hope any upstream
fix can be expedited for Debian stable users in the next point release.


The issue occurs specifically in this document (attached), which was originally
generated by the SVG plot function in pcbnew 6.0.11 (the KiCad PCB Editor).  I
performed some edits to the SVG document with Inkscape and hit this issue on
one circle in particular.  This is a cut-down test case, with all objects other
than the circle deleted.

My guess is that the large viewBox extents (`0 0 297002200 210007200`) that
pcbnew chose for the root `` element are triggering this issue.  It seems
like pcbnew chose these viewBox extents for the convenience of using nanometer
values when writing the document, and letting the `viewBox` and
`width`/`height` attributes scale the object sizes and positions to the right
real distance units.  The document is probably valid, but I'm not an SVG
expert; I don't know if the specification warns against or forbids huge values.

There's no indication to Inkscape users that there's anything unusual with the
document scaling through normal editing.  All the object sizes and positions
look fine.  You have to check the Document Properties or read the SVG file to
notice this issue (or run into this Inkscape issue).


The issue seems to follow the document.  For a simple document like this one
with just one layer, I can adjust the viewBox extents to work around the bug:

  1. Select all objects and cut to the clipboard.
  
  2. Open Document Properties.
  
  3. Choose a reasonable Scale value.  It was previously set to 0.01 cm per
 user unit in this document, so I chose 1 cm per user unit.
  
  4. Paste In Place to restore the objects.

Or, more simply:

  1. Select all objects and copy to the clipboard.
  
  2. Create a new document.
  
  3. Paste In Place to transfer the objects.

-- System Information:
Debian Release: 12.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-10-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=C, LC_CTYPE=C (charmap=UTF-8) (ignored: LC_ALL set to 
en_US.UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages inkscape depends on:
ii  lib2geom1.2.0  1.2.2-3
ii  libatkmm-1.6-1v5   2.28.3-1
ii  libboost-filesystem1.74.0  1.74.0+ds1-21
ii  libc6  2.36-9+deb12u3
ii  libcairo-gobject2  1.16.0-7
ii  libcairo2  1.16.0-7
ii  libcairomm-1.0-1v5 1.14.4-2
ii  libcdr-0.1-1   0.1.6-2+b2
ii  libfontconfig1 2.14.1-4
ii  libfreetype6   2.12.1+dfsg-5
ii  libgc1 1:8.2.2-3
ii  libgcc-s1  12.2.0-14
ii  libgdk-pixbuf-2.0-02.42.10+dfsg-1+b1
ii  libglib2.0-0   2.74.6-2
ii  libglibmm-2.4-1v5  2.66.5-2
ii  libgomp1   12.2.0-14
ii  libgsl27   2.7.1+dfsg-5
ii  libgspell-1-2  1.12.0-1+b2
ii  libgtk-3-0 

Bug#1059380: RFP: python-pytest-socket -- pytest plugin to disable all network calls flowing through Python's socket interface

[Carles Pina i Estany]

Package: wnpp
Severity: wishlist

* Package name: python-pytest-socket
  Version : 0.6.0
  Upstream Contact: Mike Fiedler 
* URL : https://github.com/miketheman/pytest-socket
* License : MIT/X
  Programming Lang: Python
  Description : pytest plugin to disable all network calls flowing through 
Python's socket interface

Run pytest --disable-socket, tests should fail on any access to socket
or libraries using socket with a SocketBlockedError.

I am packaging some other package and, in order to run the unit tests, I
need pytest-socket.

I've seen some other packages disabling the unit tests because
pytest-socket is not available, e.g.: 
https://sources.debian.org/src/twine/4.0.2-1/debian/patches/no-pytest-socket/?hl=3#L3

Bug#1039607: libjansi-java: causes maven to always output escape character

[tony mancill]

On Sat, Jul 15, 2023 at 03:56:01PM +0200, Emmanuel Bourg wrote:
> On 08/07/2023 20:22, tony mancill wrote:
> 
> > Emmanuel, do you recall what prompted the change?
> 
> I think the issue is that when Maven runs in pbuilder, the TTY isn't
> detected and colors get disabled (batch mode isn't used for Debian builds
> though). If anything is changed please ensure that building with pdebuild
> preserves the colors.

Looking at the sources (finally), jansi already supports a mode to
"force" [1] escape sequences, even when the output is not a terminal.  I
propose that we revert the patch and update the Java build tooling to
set the property as desired for our builds.

Once I get this tested and the property configured, I'll upload to
experimental.

Thanks,
tony

[1] 
https://salsa.debian.org/java-team/jansi/-/blob/738159f052f027fc0816c95ecc38a424f8aa3637/src/main/java/org/fusesource/jansi/AnsiConsole.java#L83-86

Bug#988200: xserver-xorg-video-nvidia: user-specified xorg configuration can't find nvidia driver

[Ian Eure]

Just want to pipe in that I’m also affected by this bug, which 
seems very severe.  I don’t see how this package is usable /at 
all/, in any configuration, in its current state.


I’m on a ThinkStation P360, which has both Intel and nVidia GPUs 
-- but I only use the nVidia GPU.  Spread through a few files in 
/etc/X11/xorg.conf.d, I have this configuration:


Section "Device"
   Identifier "nVidia T400 4gb"
   # BusID "pci:1:0:0"
Driver "nvidia"
   Option "Monitor-DP-4" "Lenovo ThinkVision P32p-20"
   Option "ForceFullCompositionPipeline" "On"
EndSection

Section "Monitor"
   Identifier "Lenovo ThinkVision P32p-20"
   VendorName "Lenovo"
   ModelName "ThinkVision P32p-20"
   Option "Primary" "true"
   Option "LeftOf" "Lenovo ThinkVision LT1913p"
   EndSection

Section "Monitor"
   Identifier "Lenovo ThinkVision LT1913p"
   VendorName "Lenovo"
   ModelName "ThinkVision LT1913p"
   Option "Primary" "false"
   Option "RightOf" "Lenovo ThinkVision P32p-20"
EndSection

Section "Screen"
   Identifier "Primary"
   Device "nVidia T400 4gb"
   Monitor "Lenovo ThinkVision LT1913p"
   DefaultDepth 24
   Option "nvidiaXineramaInfoOrder" "DFP-4"
   # Option "metamodes" "nvidia-auto-select +0+0 
   {ForceCompositionPipeline=On, 
   ForceFullCompositionPipeline=On}"

EndSection


With this configuration, the X server fails to start, with:

[   200.858] (II) LoadModule: "nvidia"
[   200.858] (WW) Warning, couldn't open module nvidia

This is because the server’s default ModulePath is 
/usr/lib/xorg/modules -- which can be seen in the server log:


[   286.124] (==) ModulePath set to "/usr/lib/xorg/modules"

But this package installs it into 
/usr/lib/nvidia/current/nvidia_drv.so -- so the X server can’t 
load it, and fails to start.


This package either needs to either:

1. Install the driver into /usr/lib/xorg/drivers
2. Create a symlink there pointing to 
/usr/lib/nvidia/current/nvidia_drv.so
3. Include an xorg configuration file in 
/usr/share/X11/xorg.conf.d which adds /usr/lib/nvidia/current/ to 
the ModulePath.


I’ve been working around this with option 2, but have found that 
various package updates tend to remove the link for some reason, 
which then breaks my setup.


I’m on an up-to-date Debian bookworm, xserver-xorg-video-nvidia 
version 525.147.05-4~deb12u1.


Please let me know if I’m doing something wrong here -- I don’t 
believe I am, but this also seems like a ridiculously severe bug 
to have gotten no response whatsoever for over a year, and I find 
it difficult to believe it could be this broken for that long. 
But I also don’t see any way it could work without manual effort.


Thanks,

 — Ian

Bug#1059370: Installation did not work: Kernel panic, see below

[Pascal Hambourg]

On 23/12/2023 at 20:52, Christian Kirsch wrote:


When booting (first item), message on Debian screen: "Arbeitsspeicher
erschöpft" ("Memory exhausted").


It matches the German translation for "out of memory" in GRUB.


Then start in a black terminal screen with Kernel panic: "Kernel panic
- not syncing: VHS Unable to mount root fs on unknown-block(0,0)"


It looks like a consequence of GRUB failure to load the initramfs properly.

Bug#1053731: atop crashes with a floating point exception when atopaccdt service fails

[Witold Baryluk]

Package: atop
Version: 2.9.0-2
Followup-For: Bug #1053731
X-Debbugs-Cc: witold.bary...@gmail.com



Version 2.9.0-2

This is still broken in current version:

Program received signal SIGFPE, Arithmetic exception.
0x555685d0 in acctprocnt () at ./acctproc.c:673
673 ./acctproc.c: No such file or directory.
(gdb) bt
#0  0x555685d0 in acctprocnt () at ./acctproc.c:673
#1  0x55562038 in engine () at ./atop.c:787
#2  main (argc=, argv=) at ./atop.c:563
(gdb) 


This is a default configuration (zero modifications, just install
packages). First time startup. Subsequent startups also fail the same
way. This causes systemd unit atop.service to be always in failed state,
and restarting it does not help.

atopacct.service also fails to start. But I am not sure if this is
because atop fails, or reverse.


Regards,
Witold

Bug#738575: pthread: segfault in libpthread on Intel Galileo board

[James Addison]

Followup-For: Bug #738575
X-Debbugs-Cc: raykinsell...@gmail.com

On Thu, 16 Nov 2023 12:47:40 +, James wrote:
> I've been thinking more about how to improve the chances that the
> package could be accepted into Debian -- my suggestion would be to
> rebuild it and upload it to the mentors[1] portal, where it can
> (hopefully) receive review.  I've considered uploading it myself, but
> I don't have hardware to test the results on, so I'd be navigating
> without a way to test the results.  From personal experience
> attempting packaging: the mentoring guidelines and making sure to run
> lintian checks are both worthwhile.

I now have an X1000 Quark board to test this on (thanks, Ray), and am hoping
to find some time over the next week or two to try that out in combination with
the libx1000.git source-and-packaging repo.

Bug#1034867: smplayer: crash when playing video files using mplayer under Wayland

[James Addison]

Followup-For: Bug #1034867
Control: fixed -1 smplayer/23.6.0+ds0-1
Control: close -1

On Sat, 09 Dec 2023 22:18:12 + I wrote:
> On Tue, 14 Nov 2023 20:31:38 + I wrote:
> > The separate issue of mplayer breakage when using an invalid wid parameter 
> > in
> > combination with the nokeepaspect option still seems replicable to me using
> > mplayer at version 1.5+svn38423-2+b1 -- a version that _should_ include the
> > potential fix from r38428 I think..
>
> Nope, my mistake there - according to upstream[1], a fix for the wid/nka issue
> landed in r38428 and that's a few commits _after_ svn38423 - so I'll check on
> that again in future.
>
> [1] - http://trac.mplayerhq.hu/ticket/2411#comment:5

Ok -- I can confirm that the quoted floating-point crash error in mplayer (not
smplayer) is indeed fixed in mplayer 2:1.5+svn38446-1 in Debian, which includes
the r38428 fix, as expected.

Meanwhile: the problem with smplayer passing a legacy X11 Window-ID (wid)
parameter to _either_ mpv or mplayer using QT on Wayland (resulting in no
video output and BadWindow error messages) was resolved in smplayer v23.6.0
upstream by requesting that the video player use an X-compatible plugin (xcb).

I think what this means is that the way that smplayer creates a subprocess to
render video back to its' own window is dependent on Xwayland and the xcb
compatibility layer in QT.

Bug#1039615: Workaround for too many backslashes

[Oleg Broytman]

Hello. There is a workaround: use the `--old-args` argument:

rsync --old-args localhost:file\\\ with\\\ space

Found at https://askubuntu.com/a/1495090 . Works for me.

Oleg.
-- 
Oleg Broytmanhttps://phdru.name/p...@phdru.name
   Programmers don't die, they just GOSUB without RETURN.

Bug#1059379: f2fs-tools: install files into /usr (instead of /)

[Chris Hofstaedtler]

Source: f2fs-tools
Version: 1.16.0-1
Severity: normal
Tags: patch
User: helm...@debian.org
Usertags: dep17m2

Hi!

Your package installs files directly into /. For the ongoing Debian
UsrMerge effort [1] these files should move to /usr in the trixie
cycle.

I'm attaching a trivial patch to implement such a move.

However, please still read the wiki page on moving files, especially
if you intend to backport to bookworm or earlier. The patch has
already been checked by a local dumat copy.

If during the trixie cycle your package will undergo structural
changes or any other file moves, please also see the wiki and upload
to experimental first when these changes are done.

Chris

[1] https://wiki.debian.org/UsrMerge
diff -Nru f2fs-tools-1.16.0/debian/changelog f2fs-tools-1.16.0/debian/changelog
--- f2fs-tools-1.16.0/debian/changelog	2023-07-17 06:03:45.0 +0200
+++ f2fs-tools-1.16.0/debian/changelog	2023-12-23 23:41:17.0 +0100
@@ -1,3 +1,10 @@
+f2fs-tools (1.16.0-1.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Install files into /usr instead of /. (Closes: #-1)
+
+ -- Chris Hofstaedtler   Sat, 23 Dec 2023 23:41:17 +0100
+
 f2fs-tools (1.16.0-1) unstable; urgency=medium
 
   [ Vincent Cheng ]
diff -Nru f2fs-tools-1.16.0/debian/f2fs-tools.install f2fs-tools-1.16.0/debian/f2fs-tools.install
--- f2fs-tools-1.16.0/debian/f2fs-tools.install	2023-07-17 06:02:17.0 +0200
+++ f2fs-tools-1.16.0/debian/f2fs-tools.install	2023-12-23 23:39:28.0 +0100
@@ -1,4 +1,4 @@
 # All but sbin/sg_write_buffer
-sbin/*f2fs*
+usr/sbin/*f2fs*
 
 usr/share/man/man8/*.8
diff -Nru f2fs-tools-1.16.0/debian/f2fs-tools-udeb.install f2fs-tools-1.16.0/debian/f2fs-tools-udeb.install
--- f2fs-tools-1.16.0/debian/f2fs-tools-udeb.install	2023-07-17 06:02:17.0 +0200
+++ f2fs-tools-1.16.0/debian/f2fs-tools-udeb.install	2023-12-23 23:39:40.0 +0100
@@ -1,2 +1,2 @@
 # All but sbin/sg_write_buffer
-sbin/*f2fs*
+usr/sbin/*f2fs*
diff -Nru f2fs-tools-1.16.0/debian/rules f2fs-tools-1.16.0/debian/rules
--- f2fs-tools-1.16.0/debian/rules	2023-07-17 06:02:17.0 +0200
+++ f2fs-tools-1.16.0/debian/rules	2023-12-23 23:40:13.0 +0100
@@ -10,8 +10,8 @@
 	dh $@
 
 override_dh_auto_configure:
-	dh_auto_configure -- --sbindir=/sbin --disable-shared \
-		--with-root-libdir=/lib/$(DEB_HOST_MULTIARCH)
+	dh_auto_configure -- --sbindir=/usr/sbin --disable-shared \
+		--with-root-libdir=/usr/lib/$(DEB_HOST_MULTIARCH)
 
 # dh_dwz when run on f2fs-tools-udeb ends up installing the
 # /usr/lib/debug/.dwz files into the udeb.  I think that's a bug,

Bug#1054644: xfsprogs-udeb: causes D-I to fail, reporting errors about missing partition devices

[Cyril Brulebois]

Hi,

Anthony Iliopoulos  (2023-10-30):
> On Mon, Oct 30, 2023 at 04:19:32PM +0100, Philip Hands wrote:
> > Anthony Iliopoulos  writes:
> > 
> > > On Sun, Oct 29, 2023 at 09:02:01PM +0100, Philip Hands wrote:
> > ...
> > >>   error: invalid XFS directory entry.
> > ...
> > > This issue exists independently of the large extent counter, and it is
> > > related to grub commit ef7850c75 ("fs/xfs: Fix issues found while
> > > fuzzing the XFS filesystem"). That's actually the issue described in
> > > #1051543.
> > 
> > Ah, yes -- good point.
> > 
> > > There's a proposed fix at [1], and it works as expected with that patch
> > > applied.
> > ...
> > > [1] 
> > > https://lore.kernel.org/grub-devel/20231018030347.36174-1-n...@vault24.org/
> > 
> > I can confirm that having applied both patches:
> > 
> >   https://salsa.debian.org/philh/grub2/-/pipelines/596346
> > 
> > it now succeeds at both installing grub, and then booting the system:
> > 
> >   https://openqa.debian.net/tests/200503#details
> 
> Thanks for confirming, perhaps then you can add your tested-by in the
> respective patches upstream.
> 
> BTW, another handy way to test if this works is via grub-mount.

Any chance we could have an updated grub2 package to fix this?


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#1059369: htop: file listing view shows bottom 4 bytes in the SIZE column

[наб]

Control: tags -1 + patch
Control: forwarded -1 https://github.com/htop-dev/htop/pull/1351

On Sat, Dec 23, 2023 at 08:52:11PM +0100, roz@rozbrajacz.futbol wrote:
> Package: htop
> Version: 3.2.2-2
> Severity: normal
> 
> I see
>   Snapshot of files open in process 3291819 - qemu-img convert -f vmdk -O 
> qcow2 WinDev2311Eval-disk001.vmdk WinDev2311E...
>  FD TYPEMODE DEVICE   SIZE OFFSET   NODE  NAME
>   0 CHR u0x170  0  7  /dev/pts/4
>   1 CHR u0x170  0  7  /dev/pts/4
>   2 CHR u0x170  0  7  /dev/pts/4
>   3 a_inode u0xe0   2075  [signalfd]
>   4 REG r0x55   2299244800 0x55a74ea0  15530  
> /mnt/filling/store/user2/WinDev2311Eval-disk001.vmdk
>   5 a_inode u0xe0   2075  [eventfd:26]
>   6 a_inode u0xe0   2075  [eventfd:28]
>   7 a_inode u0xe0   2075  [eventfd:27]
>   8 REG u0x55   2580558643 198608   4170  
> /mnt/filling/store/user2/WinDev2311Eval-disk001.qcow2
> cwd DIR  0x55   4634  
> /mnt/filling/store/user2
> but
>   $ ls -lh WinDev2311Eval-disk001.*
>   -rw-r--r-- 1 user2 users 28G Dec 23 20:50 WinDev2311Eval-disk001.qcow2
>   -rw-r- 1 user2 users 22G Nov 15 04:34 WinDev2311Eval-disk001.vmdk
> 
> This clearly displays the bottom four bytes of the 8-byte off_t.
Shockingly, I don't think it does, this is actually much worse.

OpenFilesScreen.c sayeth:
  226   struct stat st;
  227   if (stat(filename, ) == 0) {
  228  char fileSizeBuf[21]; /* 20 (long long) + 1 (NULL) */
  229  xSnprintf(fileSizeBuf, sizeof(fileSizeBuf), "%"PRIu64, 
(uint64_t)st.st_size); /* st.st_size is long long on macOS, long on linux */
  230  free_and_xStrdup(>data[fileSizeIndex], fileSizeBuf);
  231   }
and tracing confirms it's correct. Indeed, both the number and the
string are 23622320128 for a 22G file. But the displayed
string is  2362232012.

Y'know. Like it's truncated by a digit. Indeed,
  4 REG r0x71   2362232012  0   10840201  
/home/nabijaczleweli/uwu/htop/22G
  5 REG w0x71  546  0   10840820  
/home/nabijaczleweli/uwu/htop/log
  6 REG r0x71   2362232012  0   10840828  
/home/nabijaczleweli/uwu/htop/220G
  7 REG r0x71   2362232012  0   10840829  
/home/nabijaczleweli/uwu/htop/2200G
  8 REG r0x71   2362232012  0   10840830  
/home/nabijaczleweli/uwu/htop/22000G
only the first ten digits are shown in either case.
There's space for like 17 without widening the hole!

Indeed, it looks like for some reason with the format being (spaces
substituted) "%5.5sQ%-7.7sW%-4.4sE%-10.10sR%10.10sT%10.10sY%10.10s  %s")
the device hole is a full 10 bytes:
 FD TYPEMODE DEVICE   SIZE OFFSET   NODE  NAME
  8QREGWr   E0x71  R2362232012T 0Y  10840830  
/home/nabijaczleweli/uwu/htop/22000G

The diff below can be applied to instead produce correct results for up
to single-digit-petabyte files:
  Snapshot of files open in process 66238 - htop│./htop
 FD TYPEMODE DEVICE   SIZE OFFSET   NODE  NAME
  0 CHR u0x170  0  9  /dev/pts/6
  1 CHR u0x170  0  9  /dev/pts/6
  2 CHR u0x170  0  9  /dev/pts/6
  3 FIFOr0xd0  875953773  pipe
  4 REG r0x71  23622320128  0   10840201  
/home/nabijaczleweli/uwu/htop/22G
  5 REG w0x710  0   10840820  
/home/nabijaczleweli/uwu/htop/log
  6 REG r0x71 236223201280  0   10840828  
/home/nabijaczleweli/uwu/htop/220G
  7 REG r0x712362232012800  0   10840829  
/home/nabijaczleweli/uwu/htop/2200G
  8 REG r0x71   23622320128000  0   10840830  
/home/nabijaczleweli/uwu/htop/22000G
  9 REG r0x71  23622320128  0   10840846  
/home/nabijaczleweli/uwu/htop/22G
 10 REG r0x71 236223201280  0   10840847  
/home/nabijaczleweli/uwu/htop/220G
cwd DIR  0x71 5220  10839773  
/home/nabijaczleweli/uwu/htop
mem REG  0x2227028614730  
/usr/lib/x86_64-linux-gnu/gconv/gconv-modules.cache
mem REG  0x2247288334232  
/usr/lib/x86_64-linux-gnu/libcap.so.2.66
mem REG  0x22   210968613682  
/usr/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2
mem REG  0x22   216368440144  

Bug#1056972: diod: diff for NMU version 1.0.24-5.1

[Chris Hofstaedtler]

Control: tags 1056972 + patch
Control: tags 1056972 + pending


Dear maintainer,

I've prepared an NMU for diod (versioned as 1.0.24-5.1) and
uploaded it to DELAYED/10. Please feel free to tell me if I
should delay it longer.

Chris

diff -Nru diod-1.0.24/debian/changelog diod-1.0.24/debian/changelog
--- diod-1.0.24/debian/changelog	2020-03-16 23:20:44.0 +0100
+++ diod-1.0.24/debian/changelog	2023-11-27 12:39:55.0 +0100
@@ -1,3 +1,11 @@
+diod (1.0.24-5.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Move mount.diod symlink into /usr. (Closes: #1056972)
+  * Update Build-Depends libncurses5-dev to libncurses-dev.
+
+ -- Chris Hofstaedtler   Mon, 27 Nov 2023 12:39:55 +0100
+
 diod (1.0.24-5) unstable; urgency=medium
 
   * Don't depend on libattr1-dev for  use  from
diff -Nru diod-1.0.24/debian/control diod-1.0.24/debian/control
--- diod-1.0.24/debian/control	2020-03-16 23:20:44.0 +0100
+++ diod-1.0.24/debian/control	2023-11-27 12:39:55.0 +0100
@@ -3,7 +3,7 @@
 Priority: optional
 Maintainer: Євгеній Мещеряков 
 Build-Depends: debhelper (>= 10~), libpopt-dev, liblua5.1-0-dev,
-   libmunge-dev, libcap-dev, libncurses5-dev, libwrap0-dev,
+   libmunge-dev, libcap-dev, libncurses-dev, libwrap0-dev,
valgrind [amd64 i386 powerpc], pkg-config
 Build-Conflicts: valgrind [armel]
 Standards-Version: 4.5.0
diff -Nru diod-1.0.24/debian/diod.dirs diod-1.0.24/debian/diod.dirs
--- diod-1.0.24/debian/diod.dirs	2020-03-16 23:20:44.0 +0100
+++ diod-1.0.24/debian/diod.dirs	2023-11-27 12:39:55.0 +0100
@@ -1,2 +1,2 @@
-sbin
+usr/sbin
 usr/share/doc/diod/examples
diff -Nru diod-1.0.24/debian/diod.links diod-1.0.24/debian/diod.links
--- diod-1.0.24/debian/diod.links	2020-03-16 23:20:44.0 +0100
+++ diod-1.0.24/debian/diod.links	2023-11-27 12:39:55.0 +0100
@@ -1,2 +1,2 @@
-usr/sbin/diodmount sbin/mount.diod
+usr/sbin/diodmount usr/sbin/mount.diod
 usr/share/man/man8/diodmount.8.gz usr/share/man/man8/mount.diod.8.gz

Bug#1059378: dahdi-firmware: install files into /usr (instead of /)

[Chris Hofstaedtler]

Source: dahdi-firmware
Version: 2.11.1.0.20170917-2
Severity: normal
Tags: patch
User: helm...@debian.org
Usertags: dep17m2

Hi!

Your package installs files directly into /. For the ongoing Debian
UsrMerge effort [1] these files should move to /usr in the trixie
cycle.

I'm attaching a patch to implement such a move. The patch does not
try to update various paths in helper scripts or Makefiles, as that
is of limited value from my point of view.

However, please still read the wiki page on moving files, especially
if you intend to backport to bookworm or earlier. The patch has
already been checked by a local dumat copy.

If during the trixie cycle your package will undergo structural
changes or any other file moves, please also see the wiki and upload
to experimental first when these changes are done.

Chris

[1] https://wiki.debian.org/UsrMerge
diff -Nru dahdi-firmware-2.11.1.0.20170917/debian/changelog dahdi-firmware-2.11.1.0.20170917/debian/changelog
--- dahdi-firmware-2.11.1.0.20170917/debian/changelog	2023-01-28 02:07:36.0 +0100
+++ dahdi-firmware-2.11.1.0.20170917/debian/changelog	2023-12-23 22:20:01.0 +0100
@@ -1,3 +1,10 @@
+dahdi-firmware (2.11.1.0.20170917-2.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Install files into /usr instead of /. (Closes: #-1)
+
+ -- Chris Hofstaedtler   Sat, 23 Dec 2023 22:20:01 +0100
+
 dahdi-firmware (2.11.1.0.20170917-2) unstable; urgency=medium
 
   * Move source and binary from non-free/comm to non-free-firmware/comm
diff -Nru dahdi-firmware-2.11.1.0.20170917/debian/install dahdi-firmware-2.11.1.0.20170917/debian/install
--- dahdi-firmware-2.11.1.0.20170917/debian/install	2016-04-19 21:43:39.0 +0200
+++ dahdi-firmware-2.11.1.0.20170917/debian/install	2023-12-23 22:19:54.0 +0100
@@ -3,4 +3,4 @@
 debian/get-digium-firmware		usr/share/dahdi
 debian/OCT6104E-256D.ima		usr/share/dahdi
 build_tools/install_firmware		usr/share/dahdi
-drivers/dahdi/dahdi-fw-*.bin		lib/firmware/ 
+drivers/dahdi/dahdi-fw-*.bin		usr/lib/firmware/ 

Bug#1057687: telegram-desktop: calls broken due to old libsrtp not supporting openssl 3.0 on libtgowt (stable)

[Nicholas Guriev]

Control: tags -1 unreproducible

Hello!

I just retested in the current stable, bookworm, peer-to-peer calls and video 
chats (or group calls) and they work. Audio, video, and screenshare work okay. 
I checked both versions, 4.6.5+ds-2 and backported 4.8.1+ds-2~bpo12+1. These 
versions were built against libtgowt (= 0~git20230615.a45d8b8+dfsg-2) and 
depend on libsrtp2-1 (>= 2.0.0+20161214) as well as libssl3 (>= 3.0.0). I see 
these packages are installed on your system (as per your report).

Version 0~git20230615.a45d8b8+dfsg-2 is the first where I unbundled the SRTP 
library, so I have no clue why calls are not working in your case. No camera 
or no microphone may be connected or Telegram Desktop does not detect the 
devices.

If this issue is still relevant, can you please provide the log at path 
~/.local/share/TelegramDesktop/log.txt ?


signature.asc
Description: This is a digitally signed message part.

Bug#1059377: sundials: FTBFS: Imported target "MPI::MPI_Fortran" includes non-existent path

[Sebastian Ramacher]

Source: sundials
Version: 6.4.1+dfsg1-3
Severity: serious
Tags: ftbfs
Justification: fails to build from source (but built successfully in the past)
X-Debbugs-Cc: sramac...@debian.org

https://buildd.debian.org/status/fetch.php?pkg=sundials=arm64=6.4.1%2Bdfsg1-3%2Bb3=1703364135=0

-- Found MPI_CXX: /usr/lib/aarch64-linux-gnu/openmpi/lib/libmpi_cxx.so (found 
suitable version "3.1", minimum required is "2.0.0") 
CMake Error in 
/<>/debian/build/CMakeFiles/CMakeScratch/TryCompile-yumbt7/CMakeLists.txt:
  Imported target "MPI::MPI_Fortran" includes non-existent path

"/usr/include/x86_64-linux-gnu/fortran/gfortran-mod-15/openmpi"

  in its INTERFACE_INCLUDE_DIRECTORIES.  Possible reasons include:

  * The path was deleted, renamed, or moved to another location.

  * An install or uninstall procedure did not complete successfully.

  * The installation package was faulty and references files it does not
  provide.



CMake Error at /usr/share/cmake-3.28/Modules/FindMPI.cmake:1278 (try_compile):
  Failed to generate test project build system.
Call Stack (most recent call first):
  /usr/share/cmake-3.28/Modules/FindMPI.cmake:1297 (_MPI_try_staged_settings)
  /usr/share/cmake-3.28/Modules/FindMPI.cmake:1645 (_MPI_check_lang_works)
  cmake/tpl/SundialsMPI.cmake:71 (find_package)
  cmake/SundialsSetupTPLs.cmake:27 (include)
  CMakeLists.txt:174 (include)


-- Configuring incomplete, errors occurred!

Cheers
-- 
Sebastian Ramacher

Bug#1059376: lcl is wrongly marked Multi-Arch: foreign

[Helmut Grohne]

Package: lcl
Version: 2.0.2+dfsg-2
Severity: important
User: debian-cr...@lists.debian.org
Usertags: ftcbfs
Control: affects -1 + src:ddrescueview

lcl is Multi-Arch: foreign. This is an assertion that interfacing with
it works the same way irrespective of its architcture. Moreover, it's an
empty package forwarding to lcl-2.2. Hence, the only way for this to be
true is that lcl-2.2 is also Multi-Arch: foreign, but in fact lcl-2.2 is
Multi-Arch: same (and I think this is correct). lcl-2.2 is a dependency
package of its own and forwards to e.g. lcl-units-2.2 which contains
object files on architecture-dependent paths and that's quite definitely
not Multi-Arch: foreign. Hence lcl must not be Multi-Arch: foreign.
Quite probably, it should do the same as lcl-2.2 and be Arch:any +
M-A:same.

Helmut

Bug#1059375: appstream: requires source-only upload for migration

[Sebastian Ramacher]

Source: appstream
Version: 1.0.1-2
Severity: serious
X-Debbugs-Cc: sramac...@debian.org

>From appstream's excuses:

∙ ∙ Not built on buildd: arch amd64 binaries uploaded by matth...@tenstral.net
∙ ∙ Not built on buildd: arch all binaries uploaded by matth...@tenstral.net, a 
new source-only upload is needed to allow migration

See https://qa.debian.org/excuses.php?package=appstream

Cheers
-- 
Sebastian Ramacher

Bug#1059374: bluez-firmware: install files into /usr (instead of /)

[Chris Hofstaedtler]

Source: bluez-firmware
Version: 1.2-9
Severity: normal
Tags: patch
User: helm...@debian.org
Usertags: dep17m2

Hi!

Your package installs files directly into /. For the ongoing Debian UsrMerge
effort [1] these files should move to /usr in the trixie cycle.

I'm attaching a patch to implement such a move.

However, please still read the wiki page on moving files, especially if you
intend to backport to bookworm or earlier. The patch has already been checked
by a local dumat copy.

If during the trixie cycle your package will undergo structural changes or any
other file moves, please also see the wiki and upload to experimental first
when these changes are done.

Chris

[1] https://wiki.debian.org/UsrMerge
diff -Nru bluez-firmware-1.2/debian/changelog bluez-firmware-1.2/debian/changelog
--- bluez-firmware-1.2/debian/changelog	2023-01-28 04:00:16.0 +0100
+++ bluez-firmware-1.2/debian/changelog	2023-12-23 21:28:15.0 +0100
@@ -1,3 +1,10 @@
+bluez-firmware (1.2-9.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Install files into /usr instead of /. (Closes: #-1)
+
+ -- Chris Hofstaedtler   Sat, 23 Dec 2023 21:28:15 +0100
+
 bluez-firmware (1.2-9) unstable; urgency=medium
 
   * Move source and binary from non-free/kernel to non-free-firmware/kernel
diff -Nru bluez-firmware-1.2/debian/rules bluez-firmware-1.2/debian/rules
--- bluez-firmware-1.2/debian/rules	2023-01-17 00:01:20.0 +0100
+++ bluez-firmware-1.2/debian/rules	2023-12-23 21:28:14.0 +0100
@@ -6,14 +6,14 @@
 	dh $@
 
 override_dh_auto_configure:
-	dh_auto_configure -- --libdir=/lib
+	dh_auto_configure -- --libdir=/usr/lib
 
 override_dh_auto_install:
 	dh_auto_install
 	mkdir -p $(DEB_DESTDIR)/usr/share/doc/bluez-firmware
-	mv $(DEB_DESTDIR)/lib/firmware/BCM-LEGAL.txt  \
+	mv $(DEB_DESTDIR)/usr/lib/firmware/BCM-LEGAL.txt  \
 		$(DEB_DESTDIR)/usr/share/doc/bluez-firmware/
 	# Copy firmware of Raspberry Pi
-	mkdir -p $(DEB_DESTDIR)/lib/firmware/brcm
+	mkdir -p $(DEB_DESTDIR)/usr/lib/firmware/brcm
 	cp $(CURDIR)/debian/firmware/broadcom/*.hcd \
-		$(DEB_DESTDIR)/lib/firmware/brcm/.
+		$(DEB_DESTDIR)/usr/lib/firmware/brcm/.

Bug#1058999: linux-image-6.5.0-5-amd64: System hangs when connecting an ethernet NIC to network which was not connected on boot

[Erwan David]

Le 19/12/2023 à 19:34, Diederik de Haas a écrit :

On Tuesday, 19 December 2023 19:16:33 CET Erwan David wrote:

Same behaviour with 6.6.3-1 from experimental (that's what apt gave me,
maybe tomoroow the 6.6.4).

Either your APT cache should be updated or you're using a mirror which is
rather severely out of date.
6.6.4-1 was uploaded to Debian on 2023-12-03, a day after .3-1.


it was 6.6.4. I tried with my Aten Dock : same thing.

I disabled the virtualbox service so that the virtualbox modules are not 
loaded : it does not hang immediately, but waits a few minutes before 
doing it.

Bug#1059373: bcachefs-tools: install files into /usr (instead of /)

[Chris Hofstaedtler]

Source: bcachefs-tools
Version: 24+really1.3.4-1
Severity: normal
Tags: patch
User: helm...@debian.org
Usertags: dep17m2

Hi!

Your package installs files directly into /. For the ongoing Debian UsrMerge
effort [1] these files should move to /usr in the trixie cycle.

I'm attaching a patch to implement such a move.

However, please still read the wiki page on moving files, especially if you
intend to backport to bookworm or earlier. The patch has already been checked
by a local dumat copy.

If during the trixie cycle your package will undergo structural changes or any
other file moves, please also see the wiki and upload to experimental first
when these changes are done.

Chris

[1] https://wiki.debian.org/UsrMerge
diff -Nru bcachefs-tools-24+really1.3.4/debian/changelog bcachefs-tools-24+really1.3.4/debian/changelog
--- bcachefs-tools-24+really1.3.4/debian/changelog	2023-11-21 16:26:13.0 +0100
+++ bcachefs-tools-24+really1.3.4/debian/changelog	2023-12-23 21:19:30.0 +0100
@@ -1,3 +1,10 @@
+bcachefs-tools (24+really1.3.4-1.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Install files into /usr instead of /. (Closes: #-1)
+
+ -- Chris Hofstaedtler   Sat, 23 Dec 2023 21:19:30 +0100
+
 bcachefs-tools (24+really1.3.4-1) unstable; urgency=medium
 
   * New upstream release
diff -Nru bcachefs-tools-24+really1.3.4/debian/rules bcachefs-tools-24+really1.3.4/debian/rules
--- bcachefs-tools-24+really1.3.4/debian/rules	2023-10-28 19:12:56.0 +0200
+++ bcachefs-tools-24+really1.3.4/debian/rules	2023-12-23 21:19:30.0 +0100
@@ -5,6 +5,7 @@
 export NO_RUST=-true
 
 PREFIX := /usr
+ROOT_SBINDIR := /usr/sbin
 
 DEB_BUILD_ARCH ?= $(shell dpkg-architecture -qDEB_BUILD_ARCH)
 
@@ -17,6 +18,6 @@
 	dh $@
 
 override_dh_auto_install:
-	dh_auto_install -- "PREFIX=$(PREFIX)"
+	dh_auto_install -- "PREFIX=$(PREFIX)" "ROOT_SBINDIR=$(ROOT_SBINDIR)"
 
 override_dh_auto_test:

Bug#1059372: amd64-microcode: install files into /usr (instead of /)

[Chris Hofstaedtler]

Source: amd64-microcode
Version: 3.20231019.1
Severity: normal
Tags: patch
User: helm...@debian.org
Usertags: dep17m2

Hi!

Your package installs files directly into /. For the ongoing Debian UsrMerge
effort [1] these files should move to /usr in the trixie cycle.

I'm attaching a trivial patch to implement such a move.

However, please still read the wiki page on moving files, especially if you
intend to backport to bookworm or earlier. The patch has already been checked
by a local dumat copy.

If during the trixie cycle your package will undergo structural changes or any
other file moves, please also see the wiki and upload to experimental first
when these changes are done.

Chris

[1] https://wiki.debian.org/UsrMerge
diff -Nru amd64-microcode-3.20231019.1/debian/amd64-microcode.dirs amd64-microcode-3.20231019.1+nmu1/debian/amd64-microcode.dirs
--- amd64-microcode-3.20231019.1/debian/amd64-microcode.dirs	2023-10-21 20:01:08.0 +0200
+++ amd64-microcode-3.20231019.1+nmu1/debian/amd64-microcode.dirs	2023-12-23 21:05:37.0 +0100
@@ -1,4 +1,4 @@
 etc/default
 etc/modprobe.d
-lib/firmware/amd-ucode
-lib/firmware/amd
+usr/lib/firmware/amd-ucode
+usr/lib/firmware/amd
diff -Nru amd64-microcode-3.20231019.1/debian/amd64-microcode.install amd64-microcode-3.20231019.1+nmu1/debian/amd64-microcode.install
--- amd64-microcode-3.20231019.1/debian/amd64-microcode.install	2023-10-21 20:01:08.0 +0200
+++ amd64-microcode-3.20231019.1+nmu1/debian/amd64-microcode.install	2023-12-23 21:05:37.0 +0100
@@ -1,2 +1,2 @@
-amd-ucode/*bin	lib/firmware/amd-ucode
-amd/*sev*bin	lib/firmware/amd
+amd-ucode/*bin	usr/lib/firmware/amd-ucode
+amd/*sev*bin	usr/lib/firmware/amd
diff -Nru amd64-microcode-3.20231019.1/debian/changelog amd64-microcode-3.20231019.1+nmu1/debian/changelog
--- amd64-microcode-3.20231019.1/debian/changelog	2023-10-21 20:06:29.0 +0200
+++ amd64-microcode-3.20231019.1+nmu1/debian/changelog	2023-12-23 21:05:37.0 +0100
@@ -1,3 +1,10 @@
+amd64-microcode (3.20231019.1+nmu1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Install files into /usr instead of /. (Closes: #-1)
+
+ -- Chris Hofstaedtler   Sat, 23 Dec 2023 21:05:37 +0100
+
 amd64-microcode (3.20231019.1) unstable; urgency=medium
 
   * Update package data from linux-firmware 20231019
diff -Nru amd64-microcode-3.20231019.1/debian/initramfs.hook amd64-microcode-3.20231019.1+nmu1/debian/initramfs.hook
--- amd64-microcode-3.20231019.1/debian/initramfs.hook	2023-10-21 19:59:34.0 +0200
+++ amd64-microcode-3.20231019.1+nmu1/debian/initramfs.hook	2023-12-23 21:05:37.0 +0100
@@ -31,7 +31,7 @@
 :
 }
 
-AUCODE_FW_DIR=/lib/firmware/amd-ucode
+AUCODE_FW_DIR=/usr/lib/firmware/amd-ucode
 AMD64UCODE_INITRAMFS=auto
 [ -r ${AMD64UCODE_CONFIG} ] && . ${AMD64UCODE_CONFIG}
 

Bug#958682: [Pkg-javascript-devel] Bug#958682: node-jsonld: Remove dependency to node-request

[Jonas Smedegaard]

Quoting Jérémy Lal (2023-12-23 20:45:21)
> Le sam. 23 déc. 2023 à 20:15, Jonas Smedegaard  a écrit :
> 
> > Quoting Pirate Praveen (2023-12-22 20:53:46)
> > > On Sun, 29 Oct 2023 21:37:08 +0100 Jonas Smedegaard  wrote:
> > > > Yes, I still want to work on node-jsonld - I will make time to look at
> > > > this soon...
> > >
> > > yarnpkg 4.0.2 was recently uploaded to unstable, so this and
> > > node-matrix-js-sdk are the only remaining reverse dependencies for
> > > node-request. We have an ack from its maintainer to remove it
> > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=958692#42 so this is
> > > the only real blocker remaining to remove node-request.
> >
> > You gave a second warning.  Only 24 hours but I guess I should be
> > thankful.
> 
> 
> Hi Jonas,
> 
> Is there some humor in this tone ?
> This bug has been opened more than three years ago, and it's starting to
> look as if you wanted to block it.

There was sarcasm.

No, I am not trying to obstruct.  I genuinely wanted to address it but
forgot, and last night I began look at doing a feverish stunt before I
got involved in other stuff today.  Then tonight I saw that the package
apparently got dropped, so assumed that someone requested kicking
node-jsonld as well.

...but as I double-checked now, I see that node-jsonld is still in
Debian - great. I may then still have time for avoiding a revisit to NEW
queue.


 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/
 * Sponsorship: https://ko-fi.com/drjones

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

signature.asc
Description: signature

Bug#1059371: snoopy: installs library into /lib

[Chris Hofstaedtler]

Source: snoopy
Version: 2.5.1-1
User: helm...@debian.org
Usertags: dep17m2

Hi,

snoopy installs its library into /lib/. For the currently
ongoing Debian UsrMerge effort [1] the library should move into
/usr/lib/.

While checking your package more carefully I noticed it can change
/etc/ld.so.preload (depending on a debconf prompt). Without any
modification I think the current code would do nothing on upgrading
from a current version to a moved-into-usr version. This might be
okay, but it would seem cleaner to clean up the old path.

Please investigate what the best option is here and then move the
files. Please also see [1] about how to move, and uploading to
experimental.

Idle question: how does this work in multiarch scenarios?

Chris

[1] https://wiki.debian.org/UsrMerge

Bug#1059370: Installation did not work: Kernel panic, see below

[Christian Kirsch]

Package: installation-reports

Boot method: Loading iso and put it on an USB-Stick with 'USB-
Abbilderstellung' (ministick.py)
Image version: debian-12.4.0-amd64-DVD-1.iso  
(https://cdimage.debian.org/debian-cd/current/amd64/iso-dvd/debian-12.4.0-amd64-DVD-1.iso
)
Date: 23.12.23, 19:00

Machine: 

Bug#1059369: htop: file listing view shows bottom 4 bytes in the SIZE column

[roz]

Package: htop
Version: 3.2.2-2
Severity: normal

Dear Maintainer,

I see
  Snapshot of files open in process 3291819 - qemu-img convert -f vmdk -O qcow2 
WinDev2311Eval-disk001.vmdk WinDev2311E...
 FD TYPEMODE DEVICE   SIZE OFFSET   NODE  NAME
  0 CHR u0x170  0  7  /dev/pts/4
  1 CHR u0x170  0  7  /dev/pts/4
  2 CHR u0x170  0  7  /dev/pts/4
  3 a_inode u0xe0   2075  [signalfd]
  4 REG r0x55   2299244800 0x55a74ea0  15530  
/mnt/filling/store/user2/WinDev2311Eval-disk001.vmdk
  5 a_inode u0xe0   2075  [eventfd:26]
  6 a_inode u0xe0   2075  [eventfd:28]
  7 a_inode u0xe0   2075  [eventfd:27]
  8 REG u0x55   2580558643 198608   4170  
/mnt/filling/store/user2/WinDev2311Eval-disk001.qcow2
cwd DIR  0x55   4634  
/mnt/filling/store/user2
but
  $ ls -lh WinDev2311Eval-disk001.*
  -rw-r--r-- 1 user2 users 28G Dec 23 20:50 WinDev2311Eval-disk001.qcow2
  -rw-r- 1 user2 users 22G Nov 15 04:34 WinDev2311Eval-disk001.vmdk

I saw similar numbers (never breaching 4G) at these points:
  $ ls -lh WinDev2311Eval-disk001.*
  -rw-r--r-- 1 user2 users 4.0G Dec 23 20:46 WinDev2311Eval-disk001.qcow2
  -rw-r- 1 user2 users  22G Nov 15 04:34 WinDev2311Eval-disk001.vmdk
  $ ls -lh WinDev2311Eval-disk001.*
  -rw-r--r-- 1 user2 users 4.5G Dec 23 20:46 WinDev2311Eval-disk001.qcow2
  -rw-r- 1 user2 users  22G Nov 15 04:34 WinDev2311Eval-disk001.vmdk
  $ ls -lh WinDev2311Eval-disk001.*
  -rw-r--r-- 1 user2 users 5.2G Dec 23 20:46 WinDev2311Eval-disk001.qcow2
  -rw-r- 1 user2 users  22G Nov 15 04:34 WinDev2311Eval-disk001.vmdk

This clearly displays the bottom four bytes of the 8-byte off_t.

~ roz

-- System Information:
Debian Release: trixie/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.5.0-5-amd64 (SMP w/16 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages htop depends on:
ii  libc6 2.37-13
ii  libncursesw6  6.4+20231121-1
ii  libnl-3-200   3.7.0-0.2+b1
ii  libnl-genl-3-200  3.7.0-0.2+b1
ii  libtinfo6 6.4+20231121-1

htop recommends no packages.

Versions of packages htop suggests:
ii  lm-sensors  1:3.6.0-8
ii  lsof4.95.0-1
ii  strace  6.5-0.1

-- no debconf information

Bug#958682: [Pkg-javascript-devel] Bug#958682: node-jsonld: Remove dependency to node-request

[Jérémy Lal]

Le sam. 23 déc. 2023 à 20:15, Jonas Smedegaard  a écrit :

> Quoting Pirate Praveen (2023-12-22 20:53:46)
> > On Sun, 29 Oct 2023 21:37:08 +0100 Jonas Smedegaard  wrote:
> > > Yes, I still want to work on node-jsonld - I will make time to look at
> > > this soon...
> >
> > yarnpkg 4.0.2 was recently uploaded to unstable, so this and
> > node-matrix-js-sdk are the only remaining reverse dependencies for
> > node-request. We have an ack from its maintainer to remove it
> > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=958692#42 so this is
> > the only real blocker remaining to remove node-request.
>
> You gave a second warning.  Only 24 hours but I guess I should be
> thankful.


Hi Jonas,

Is there some humor in this tone ?
This bug has been opened more than three years ago, and it's starting to
look as if you wanted to block it.

Jérémy

Bug#1059352: src:apt: fails to migrate to testing for too long: autopkgtest regression on armhf

[Julian Andres Klode]

On Sat, Dec 23, 2023 at 08:46:27AM +0100, Paul Gevers wrote:
> Source: apt
> Version: 2.7.6
> Severity: serious
> Control: close -1 2.7.7
> Tags: sid trixie
> User: release.debian@packages.debian.org
> Usertags: out-of-sync
> 
> Dear maintainer(s),
> 
> The Release Team considers packages that are out-of-sync between testing and
> unstable for more than 30 days as having a Release Critical bug in testing
> [1]. Your package src:apt has been trying to migrate for 31 days [2]. Hence,
> I am filing this bug. The version in unstable fails its own autopkgtest on
> armhf.
> 
> If a package is out of sync between unstable and testing for a longer
> period, this usually means that bugs in the package in testing cannot be
> fixed via unstable. Additionally, blocked packages can have impact on other
> packages, which makes preparing for the release more difficult. Finally, it
> often exposes issues with the package and/or
> its (reverse-)dependencies. We expect maintainers to fix issues that hamper
> the migration of their package in a timely manner.
> 
> This bug will trigger auto-removal when appropriate. As with all new bugs,
> there will be at least 30 days before the package is auto-removed.
> 
> I have immediately closed this bug with the version in unstable, so if that
> version or a later version migrates, this bug will no longer affect testing.
> I have also tagged this bug to only affect sid and trixie, so it doesn't
> affect (old-)stable.
> 
> If you believe your package is unable to migrate to testing due to issues
> beyond your control, don't hesitate to contact the Release Team.

I know this is automated but I feel lije it would be sensible to scan
the logs for well known bugs so that you don't end up filing bugs
against every package broken by valgrind's missing support for the new
NOP sequences in binutils.

Like this work is tracked in
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057693

and normally we would forcemerge this into it.

-- 
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer  i speak de, en

Bug#1059368: nsncd: installs new files into /

[Chris Hofstaedtler]

Source: nsncd
Version: 1.4.1-1
User: helm...@debian.org
Usertags: dep17m2

Hi,

your package nsncd started installing new files into /, instead of
placing them below /usr. For the Debian UsrMerge effort [1], these
need to move to /usr.

Filelist:
 ./lib/
 ./lib/systemd/
 ./lib/systemd/system/
 ./lib/systemd/system/nsncd.service

Please see wiki page [1] about moving files.

Given this is just a systemd service unit, it can be beneficial to
use dh_installsystemd, instead of installing it as a file.
Alternatively, `pkg-config --variable=systemdsystemunitdir systemd`
also knows the "correct" place (this is usually suitable for fixing
upstream).

Thanks,
Chris

[1] https://wiki.debian.org/UsrMerge

Bug#1056785: reverse dependency

[Thorsten Alteholz]

Control: tags -1 + moreinfo

Hi Matthias,

there is a reverse dependency that needs to be taken care of:


Checking reverse dependencies...
# Broken Depends:
python3.10: libpython3.10-dbg
libpython3.10-stdlib

# Broken Build-Depends:
python3.10: libmpdec-dev (2.5.1~ >=)


In case they matter, this needs to be addressed first. Please remove the 
moreinfo tag once that is done.


  Thorsten

Bug#1050069: reverse dependencies

[Thorsten Alteholz]

Control: tags -1 + moreinfo

Hi Sylvestre,

there are reverse dependencies that need to be taken care of:

Checking reverse dependencies...
# Broken Depends:
aflplusplus: afl++
bpftrace: bpftrace [amd64 arm64 armhf ppc64el s390x]
castxml: castxml [mips64el]
clazy: clazy [amd64 arm64 armel armhf mips64el ppc64el riscv64 s390x]
   clazy-tests [amd64 arm64 armel armhf mips64el ppc64el riscv64 
s390x]

crystal: crystal [amd64]
emscripten: emscripten
ghdl: ghdl-llvm [arm64]
google-android-installers/non-free: 
google-android-extras-google-auto-installer [amd64]

halide: libhalide14-0 [i386]
libhalide14-0-dev [i386]
intel-graphics-compiler: libigc-tools [amd64]
 libigc1 [amd64 i386]
 libigdfcl1 [amd64 i386]
iwyu: iwyu
llvmlite: python3-llvmlite [amd64 arm64 armel armhf i386 mips64el ppc64el 
s390x]
oclgrind: liboclgrind-21.10 [amd64 arm64 armel armhf i386 mips64el ppc64el 
riscv64]

opencl-clang-14: libopencl-clang14
openvdb: libopenvdb-ax-tools
 libopenvdb-ax10.0
spirv-llvm-translator-14: libllvmspirvlib14
  llvm-spirv-14
starpu-contrib/contrib: starpu-contrib-examples [amd64]

# Broken Build-Depends:
aflplusplus: clang-14
 lld-14
 llvm-14-dev
aspectc++: libclang-14-dev
   libpolly-14-dev
   llvm-14-dev
bpftrace: clang-14
  libclang-14-dev
  llvm-14-dev
crystal: lld-14
 llvm-14-dev
emscripten: clang-14
lld-14
llvm-14
firefox: clang-14
 libc++-14-dev-wasm32
 libclang-14-dev
 libclang-rt-14-dev-wasm32
 lld-14
 llvm-14-dev
firefox-esr: clang-14
 libc++-14-dev-wasm32
 libclang-14-dev
 libclang-rt-14-dev-wasm32
 lld-14
 llvm-14-dev
intel-graphics-compiler: clang-14
 liblld-14-dev
 llvm-14-dev
intel-vc-intrinsics: llvm-14-dev
iwyu: clang-14
  libclang-14-dev
  llvm-14-dev
llvmlite: llvm-14-dev
oclgrind: clang-14
  libclang-14-dev
  libpolly-14-dev
  llvm-14-dev
opencl-clang-14: clang-14
 libclang-14-dev
 libclang-cpp14-dev
 llvm-14-dev
openvdb: llvm-14-dev
spirv-llvm-translator-14: clang-14
  libclang-14-dev
  llvm-14-dev
triton: libmlir-14-dev
mlir-14-tools
vboot-utils: clang-14
 libfuzzer-14-dev
wasi-libc: clang-14
   llvm-14


In case they matter, this needs to be addressed first. Please remove the 
moreinfo tag once that is done.


  Thorsten

Bug#1052199: reverse dependencies

[Thorsten Alteholz]

Control: tags -1 + moreinfo

Hi David,

there are reverse dependencies that need to be taken care of:


Checking reverse dependencies...
# Broken Depends:
forensics-extra: forensics-extra

# Broken Build-Depends:
libz-mingw-w64: pev


In case they matter, this needs to be addressed first. Please remove the 
moreinfo tag once that is done.


  Thorsten

Bug#1059367: clickhouse: CVE-2023-48704

[Moritz Mühlenhoff]

Source: clickhouse
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security

Hi,

The following vulnerability was published for clickhouse.

CVE-2023-48704[0]:
| ClickHouse is an open-source column-oriented database management
| system that allows generating analytical data reports in real-time.
| A heap buffer overflow issue was discovered in ClickHouse server. An
| attacker could send a specially crafted payload to the native
| interface exposed by default on port 9000/tcp, triggering a bug in
| the decompression logic of Gorilla codec that crashes the ClickHouse
| server process. This attack does not require authentication. This
| issue has been addressed in ClickHouse Cloud version 23.9.2.47551
| and ClickHouse versions 23.10.5.20, 23.3.18.15, 23.8.8.20, and
| 23.9.6.20.

https://github.com/ClickHouse/ClickHouse/security/advisories/GHSA-5rmf-5g48-xv63
https://github.com/ClickHouse/ClickHouse/pull/57107
  

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-48704
https://www.cve.org/CVERecord?id=CVE-2023-48704

Please adjust the affected versions in the BTS as needed.

Bug#958682: node-jsonld: Remove dependency to node-request

[Jonas Smedegaard]

Quoting Pirate Praveen (2023-12-22 20:53:46)
> On Sun, 29 Oct 2023 21:37:08 +0100 Jonas Smedegaard  wrote:
> > Yes, I still want to work on node-jsonld - I will make time to look at
> > this soon...
> 
> yarnpkg 4.0.2 was recently uploaded to unstable, so this and 
> node-matrix-js-sdk are the only remaining reverse dependencies for 
> node-request. We have an ack from its maintainer to remove it 
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=958692#42 so this is 
> the only real blocker remaining to remove node-request.

You gave a second warning.  Only 24 hours but I guess I should be
thankful.

Hm.


 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/
 * Sponsorship: https://ko-fi.com/drjones

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

signature.asc
Description: signature

Bug#1059366: mgetty: install files into /usr (instead of /)

[Chris Hofstaedtler]

Source: mgetty
Version: 1.2.1-1.2
Severity: normal
Tags: patch
User: helm...@debian.org
Usertags: dep17m2

Hi!

Your package installs files directly into /. For the ongoing Debian UsrMerge
effort [1] these files should move to /usr in the trixie cycle.

I'm attaching a patch to implement such a move.

However, please still read the wiki page on moving files, especially if you
intend to backport to bookworm or earlier. The patch has already been checked
by a local dumat copy.

If during the trixie cycle your package will undergo structural changes or any
other file moves, please also see the wiki and upload to experimental first
when these changes are done.

Chris

[1] https://wiki.debian.org/UsrMerge
diff -Nru mgetty-1.2.1/debian/changelog mgetty-1.2.1/debian/changelog
--- mgetty-1.2.1/debian/changelog	2022-04-14 17:12:32.0 +0200
+++ mgetty-1.2.1/debian/changelog	2023-12-23 19:26:37.0 +0100
@@ -1,3 +1,10 @@
+mgetty (1.2.1-1.3) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Install files into /usr instead of /. (Closes: #-1)
+
+ -- Chris Hofstaedtler   Sat, 23 Dec 2023 19:26:37 +0100
+
 mgetty (1.2.1-1.2) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru mgetty-1.2.1/debian/mgetty.dirs mgetty-1.2.1/debian/mgetty.dirs
--- mgetty-1.2.1/debian/mgetty.dirs	2022-04-14 15:50:17.0 +0200
+++ mgetty-1.2.1/debian/mgetty.dirs	2023-12-23 19:26:37.0 +0100
@@ -1,7 +1,6 @@
 usr/share/mgetty/templates/etc
 usr/bin
 usr/sbin
-sbin
 var/spool
 var/log/mgetty
 etc/mgetty
diff -Nru mgetty-1.2.1/debian/rules mgetty-1.2.1/debian/rules
--- mgetty-1.2.1/debian/rules	2022-04-14 15:50:53.0 +0200
+++ mgetty-1.2.1/debian/rules	2023-12-23 19:26:37.0 +0100
@@ -120,10 +120,6 @@
 	cp voice/ChangeLog \
 		$(DEBIAN_DIR)/mgetty-voice/usr/share/doc/mgetty/changelog.voice
 
-#	Enforce debian standard for location of getty's
-	mv $(DEBIAN_DIR)/mgetty/usr/sbin/?getty \
-		$(DEBIAN_DIR)/mgetty/sbin/
-
 #	And usr/sbin stuff
 	mv $(DEBIAN_DIR)/mgetty/usr/bin/faxrunq \
 		$(DEBIAN_DIR)/mgetty-fax/usr/bin/

Bug#1059365: mergerfs: install files into /usr (instead of /)

[Chris Hofstaedtler]

Source: mergerfs
Version: 2.33.5-1
Severity: normal
Tags: patch
User: helm...@debian.org
Usertags: dep17m2

Hi!

Your package installs files directly into /. For the ongoing Debian UsrMerge
effort [1] these files should move to /usr in the trixie cycle.

I'm attaching a patch to implement such a move.

However, please still read the wiki page on moving files, especially if you
intend to backport to bookworm or earlier. The patch has already been checked
by a local dumat copy.

If during the trixie cycle your package will undergo structural changes or any
other file moves, please also see the wiki and upload to experimental first
when these changes are done.

Chris

[1] https://wiki.debian.org/UsrMerge
diff -Nru mergerfs-2.33.5/debian/changelog mergerfs-2.33.5/debian/changelog
--- mergerfs-2.33.5/debian/changelog	2022-09-02 13:30:28.0 +0200
+++ mergerfs-2.33.5/debian/changelog	2023-12-23 19:01:58.0 +0100
@@ -1,3 +1,10 @@
+mergerfs (2.33.5-1.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Install into /usr/sbin instead of /sbin. (Closes: #-1)
+
+ -- Chris Hofstaedtler   Sat, 23 Dec 2023 19:01:58 +0100
+
 mergerfs (2.33.5-1) unstable; urgency=medium
 
   * New upstream version 2.33.5
diff -Nru mergerfs-2.33.5/debian/rules mergerfs-2.33.5/debian/rules
--- mergerfs-2.33.5/debian/rules	2021-08-17 12:05:44.0 +0200
+++ mergerfs-2.33.5/debian/rules	2023-12-23 18:58:33.0 +0100
@@ -23,4 +23,4 @@
 	# Because there's no auto* files shipped anymore
 
 override_dh_auto_install:
-	$(MAKE) DESTDIR=$(CURDIR)/debian/mergerfs PREFIX=/usr install STRIP=true
+	$(MAKE) DESTDIR=$(CURDIR)/debian/mergerfs PREFIX=/usr SBINDIR=/usr/sbin install STRIP=true

Bug#1056222: bookworm-pu: package debian-edu-artwork/2.12.4-1~deb12u1

[Holger Levsen]

control: forcemerge -1 1057891
control: retitle -1 bookworm-pu: package debian-edu-artwork/2.12.4-1~deb12u1
thanks

Hi,

I've just uploaded debian-edu-artwork/2.12.4-1 to unstable and expect that we'd
want to at least update in bookworm to this. However I'm not sure which debdiff
you'd like to see, to the one in bookworm or the one in bookworm-pu?


-- 
cheers,
Holger

 ⢀⣴⠾⠻⢶⣦⠀
 ⣾⠁⢠⠒⠀⣿⡁  holger@(debian|reproducible-builds|layer-acht).org
 ⢿⡄⠘⠷⠚⠋⠀  OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C
 ⠈⠳⣄

The law, in its majestic equality, forbids the rich as well as the poor to
sleep under bridges, to beg in the streets, and to steal bread. (Anatole France)


signature.asc
Description: PGP signature

Bug#1000112: kjs: depends on obsolete pcre3 library

[Yavor Doganov]

Control: tags -1 + patch

Please find attached a patch; build-tested only.

I was unsure what to do with the recursion limit code in the match
method.  In the old PCRE3, PCRE_CONFIG_STACKRECURSE is 1 because of
the recursion implementation, which is stack-based.  In PCRE2, the
corresponding parameter PCRE2_CONFIG_STACKRECURSE is obsolete and
always 0.

Furthermore, according to pcre2api(3), if the recursion is great
enough, workspace vectors are allocated on the heap from version 10.32
onwards.  It also says that only local variables are allocated on the
stack and even a small stack can support a lot of recursion.  So I
concluded that limiting the stack space is unnecessary with PCRE2.  I
guess that only runtime tests can show if this is true, but as I am
not a Qt/KDE person I am unable to perform them, I'm afraid.

In any case, it is trivial to limit both the stack and the heap via a
match context -- just let me know and I'll make the required
modifications.

P.S.  This patch applies cleanly to the latest upstream release
  (5.113.0) but I haven't made a build test with it.
Description: Port to PCRE2.
Bug-Debian: https://bugs.debian.org/1000112
Bug: https://bugs.kde.org/show_bug.cgi?id=457338
Author: Yavor Doganov 
Forwarded: no
Last-Update: 2023-12-23
---

--- kjs-5.107.0.orig/cmake/FindPCRE.cmake
+++ kjs-5.107.0/cmake/FindPCRE.cmake
@@ -11,10 +11,10 @@
 # For details see the accompanying COPYING-CMAKE-SCRIPTS file.
 
 
-if (PCRE_INCLUDE_DIR AND PCRE_PCREPOSIX_LIBRARY AND PCRE_PCRE_LIBRARY)
+if (PCRE_INCLUDE_DIR AND PCRE_PCRE_LIBRARY)
   # Already in cache, be silent
   set(PCRE_FIND_QUIETLY TRUE)
-endif (PCRE_INCLUDE_DIR AND PCRE_PCREPOSIX_LIBRARY AND PCRE_PCRE_LIBRARY)
+endif (PCRE_INCLUDE_DIR AND PCRE_PCRE_LIBRARY)
 
 
 if (NOT WIN32)
@@ -22,23 +22,21 @@
   # in the FIND_PATH() and FIND_LIBRARY() calls
   find_package(PkgConfig)
 
-  pkg_check_modules(PC_PCRE QUIET libpcre)
+  pkg_check_modules(PC_PCRE QUIET libpcre2-8)
 
   set(PCRE_DEFINITIONS ${PC_PCRE_CFLAGS_OTHER})
 
 endif (NOT WIN32)
 
-find_path(PCRE_INCLUDE_DIR pcre.h 
+find_path(PCRE_INCLUDE_DIR pcre2.h
   HINTS ${PC_PCRE_INCLUDEDIR} ${PC_PCRE_INCLUDE_DIRS} 
-  PATH_SUFFIXES pcre)
+  )
 
-find_library(PCRE_PCRE_LIBRARY NAMES pcre pcred HINTS ${PC_PCRE_LIBDIR} 
${PC_PCRE_LIBRARY_DIRS})
-
-find_library(PCRE_PCREPOSIX_LIBRARY NAMES pcreposix pcreposixd HINTS 
${PC_PCRE_LIBDIR} ${PC_PCRE_LIBRARY_DIRS})
+find_library(PCRE_PCRE_LIBRARY NAMES pcre2-8 HINTS ${PC_PCRE_LIBDIR} 
${PC_PCRE_LIBRARY_DIRS})
 
 include(FindPackageHandleStandardArgs)
-find_package_handle_standard_args(PCRE DEFAULT_MSG PCRE_INCLUDE_DIR 
PCRE_PCRE_LIBRARY PCRE_PCREPOSIX_LIBRARY )
+find_package_handle_standard_args(PCRE DEFAULT_MSG PCRE_INCLUDE_DIR 
PCRE_PCRE_LIBRARY)
 
-set(PCRE_LIBRARIES ${PCRE_PCRE_LIBRARY} ${PCRE_PCREPOSIX_LIBRARY})
+set(PCRE_LIBRARIES ${PCRE_PCRE_LIBRARY})
 
-mark_as_advanced(PCRE_INCLUDE_DIR PCRE_LIBRARIES PCRE_PCREPOSIX_LIBRARY 
PCRE_PCRE_LIBRARY)
+mark_as_advanced(PCRE_INCLUDE_DIR PCRE_LIBRARIES PCRE_PCRE_LIBRARY)
--- kjs-5.107.0.orig/src/kjs/regexp.h
+++ kjs-5.107.0/src/kjs/regexp.h
@@ -26,7 +26,8 @@
 #include "global.h"
 
 #if HAVE_PCREPOSIX
-#include 
+#define PCRE2_CODE_UNIT_WIDTH 8
+#include 
 #else  // POSIX regex - not so good...
 extern "C" { // bug with some libc5 distributions
 #include 
@@ -115,7 +116,7 @@
 #endif
 private:
 #if HAVE_PCREPOSIX
-pcre *_regex;
+pcre2_code *_regex;
 #else
 regex_t _regex;
 #endif
--- kjs-5.107.0.orig/src/kjs/regexp.cpp
+++ kjs-5.107.0/src/kjs/regexp.cpp
@@ -273,8 +273,8 @@
 #if HAVE_PCREPOSIX
 // Determine whether libpcre has unicode support if need be..
 if (utf8Support == Unknown) {
-int supported;
-pcre_config(PCRE_CONFIG_UTF8, (void *));
+uint32_t supported;
+pcre2_config(PCRE2_CONFIG_UNICODE, );
 utf8Support = supported ? Supported : Unsupported;
 }
 #endif
@@ -282,50 +282,49 @@
 UString intern = sanitizePattern(p);
 
 #if HAVE_PCREPOSIX
-int options = 0;
+uint32_t options = 0;
 
 // we are close but not 100% the same as Perl
-#ifdef PCRE_JAVASCRIPT_COMPAT // introduced in PCRE 7.7
-options |= PCRE_JAVASCRIPT_COMPAT;
-#endif
+options |= (PCRE2_ALT_BSUX | PCRE2_MATCH_UNSET_BACKREF);
 
 // Note: the Global flag is already handled by RegExpProtoFunc::execute.
 // FIXME: That last comment is dubious. Not all RegExps get run through 
RegExpProtoFunc::execute.
 if (flags & IgnoreCase) {
-options |= PCRE_CASELESS;
+options |= PCRE2_CASELESS;
 }
 if (flags & Multiline) {
-options |= PCRE_MULTILINE;
+options |= PCRE2_MULTILINE;
 }
 
 if (utf8Support == Supported) {
-options |= (PCRE_UTF8 | PCRE_NO_UTF8_CHECK);
+options |= (PCRE2_UTF | PCRE2_NO_UTF_CHECK);
 }
 
-const char *errorMessage;
-int errorOffset;
+PCRE2_UCHAR errorMessage[120];
+PCRE2_SIZE errorOffset;
+int errCode;
 bool secondTry = false;
 

Bug#1059233: RFS: python-dbutils/3.0.3-1 [ITP] -- tools for providing connections to a database (Python 3)

[Dale Richards]

Control: tags -1 - moreinfo

Hi Jeroen,

Thank you for your feedback.

On 23/12/2023 11:37, Jeroen Ploemen wrote:
> * d/python-dbutils-doc.docs: globbing is supported, might want to
>make use of that (docs/*).

The lack of globbing was intentional here, since upstream provides a 
copy of the changelog inside the docs directory. Using the glob causes a 
duplicate changelog to be installed, which lintian doesn't like. I've 
left the file as-is for now, but please let me know if you think there's 
a better way to handle this.

> * control: 'Testsuite: autopkgtest-pkg-python' is of little use when
>combined with a non-trivial autopkgtest.

Very true - removed.

> * d/tests/control specifies a dependency on python3-pytest, which is
>probably unnecessary as the testsuite runs fine on build without
>it (a cursory glance suggest it only uses stdlib's unittest).

Thanks. I've got so used to running pytest I missed that it wasn't 
needed here. I've modified the the autopkgtest files to call unittest 
directly and removed the dependency on python3-pytest.

> * lintian hit: P: python-dbutils source: trailing-whitespace
>[debian/control:27]

Oops, IDE was trying to be helpful - fixed!

> Please remove the moreinfo tag (and CC me directly) once you have an
> updated package ready.

I've reuploaded the package to Mentors with the above modifications. 
Please let me know if you'd like me to do something different with 
d/python-dbutils-doc.docs.

> PS: your domain has its DMARC policy set to 'reject', which is a bad
> idea if you're sending mail to mailing lists; 'quarantine' is usually
> the better choice.

Good shout - fixed.

Many thanks,
Dale Richards


OpenPGP_0x9D693E5DAA146CE0.asc
Description: application/pgp-keys


OpenPGP_signature.asc
Description: PGP signature

Bug#1059364: plymouth: Please package the new upstream version

[Simon Quigley]

Package: plymouth
Version: 22.02.122-4
Severity: wishlist

Hello,

23.51.283 looks like it's been released, and it seems to bring a lot of 
new, useful features[1].

Could we please get plymouth in Debian updated?

[1] 
https://9to5linux.com/plymouth-linux-graphical-boot-manager-now-better-handles-display-rendering

Thanks in advance for your help,
--
Simon Quigley
si...@tsimonq2.net
tsimonq2 on LiberaChat and OFTC
@tsimonq2:ubuntu.com on Matrix
5C7A BEA2 0F86 3045 9CC8
C8B5 E27F 2CF8 458C 2FA4

Bug#1051358: manpages: Mention the Users and Groups Debian document in SEE ALSO for the group(5) man page

[Karl O. Pinc]

reassign 1051358 coreutils
tags 1051358 - moreinfo
thanks

Hi Helge,

On Sat, 23 Dec 2023 16:04:11 +
Helge Kreutzmann  wrote:

> Am Wed, Sep 06, 2023 at 02:30:45PM -0500 schrieb Karl O. Pinc:
> > It'd be nice if the groups(5) man page mentioned the "Users and
> > Groups  
> 
> At least in stable and unstable there is no groups(5) page. However,
> there is groups(1), which belongs to coreutils.
> 
> Do you mean groups(1)?
> 
> If so, please reassign this bug to coreutils.

Done.  Thanks for the correction.  I must have meant groups(1).

Regards,

Karl 
Free Software:  "You don't pay back, you pay forward."
 -- Robert A. Heinlein

Bug#1058672: lsp-plugins: Bug in msmatrix code can cause speaker damage

[Andreas Henriksson]

On Sat, Dec 23, 2023 at 05:34:55PM +0100, Andreas Henriksson wrote:
> Hello again,
> 
> lsp-plugins 1.2.14 is now out according to
> https://github.com/lsp-plugins/lsp-plugins/tags

I've published updated git repo at:
https://salsa.debian.org/ah/lsp-plugins/

arm64 build available from:
https://people.debian.org/~ah/lsp-plugins/


Regards,
Andreas Henriksson

Bug#1055192: RFS: golang-github-apenella-go-ansible

[Nilesh Patra]

I finally got some time to look at this. From what I see, this is just a library
package (and no binary) and this seems to be the final package you want to get 
uploaded.

Generally, all go library packages 'are'/'should be' present in Debian because 
they are needed
for a target (binary) package which a user is interested in using. No-one would 
be keen
on apt installing golang libraries and fiddling with GOPATH/GOROOT
rather than a simpler `go get -u` if they want to use them to write code.

Hence, unless you have any target packages for which these libs are needed, I 
do not see
a lot of use of getting this in. Let me know what you'd think. I *do* expect 
your reponse on this.

Thanks!

Best,
Nilesh


signature.asc
Description: PGP signature

Bug#1057442: onboard ftbfs with Python 3.12

[Mike Gabriel]

Hi Bo,

thanks for proposing a patch... (more: see below).

On  Mi 06 Dez 2023 10:31:52 CET, Bo YU wrote:


Source: onboard
Version: 1.4.1-5
Followup-For: Bug #1057442
Tags: patch

Dear Maintainer,

I think it is okay to remove `-Wdeclaration-after-statement` option
which to support Arch linux build from code comment.

please notice here also, even if the issue is fixed, the package will be
build failed again when running tests:

```
...
 dh_auto_test -O--buildsystem=pybuild
I: pybuild base:310: cd  
/<>/.pybuild/cpython3_3.12_onboard/build; python3.12 -m  
unittest discover -v
/<>/.pybuild/cpython3_3.12_onboard/build/Onboard/utils.py:151:  
SyntaxWarning: invalid escape sequence '\d'

  """
/<>/.pybuild/cpython3_3.12_onboard/build/Onboard/utils.py:220:  
SyntaxWarning: invalid escape sequence '\s'

  pattern = re.compile('>\n\s+([^<>\s].*?)\n\s+/<>/.pybuild/cpython3_3.12_onboard/build/Onboard/utils.py:221:  
SyntaxWarning: invalid escape sequence '\g'

  pretty_xml = pattern.sub('>\g<1>/<>/.pybuild/cpython3_3.12_onboard/build/Onboard/utils.py:356:  
SyntaxWarning: invalid escape sequence '\:'

  """
/<>/.pybuild/cpython3_3.12_onboard/build/Onboard/utils.py:1542:  
SyntaxWarning: invalid escape sequence '\w'

  """(?:
Onboard (unittest.loader._FailedTest.Onboard) ... ERROR

==
ERROR: Onboard (unittest.loader._FailedTest.Onboard)
--
ImportError: Failed to import test module: Onboard
Traceback (most recent call last):
  File "/usr/lib/python3.12/unittest/loader.py", line 427, in _find_test_path
package = self._get_module_from_name(name)
  
  File "/usr/lib/python3.12/unittest/loader.py", line 337, in  
_get_module_from_name

__import__(name)
  File  
"/<>/.pybuild/cpython3_3.12_onboard/build/Onboard/__init__.py",  
line 23, in 

from Onboard.utils import Translation
  File  
"/<>/.pybuild/cpython3_3.12_onboard/build/Onboard/utils.py",  
line 933, in 

import cairo
  File "/usr/lib/python3/dist-packages/cairo/__init__.py", line 1,  
in 

from ._cairo import *  # noqa: F401,F403
^
ModuleNotFoundError: No module named 'cairo._cairo'


--
Ran 1 test in 0.000s

FAILED (errors=1)
E: pybuild pybuild:395: test: plugin distutils failed with: exit  
code=1: cd /<>/.pybuild/cpython3_3.12_onboard/build;  
python3.12 -m unittest discover -v
I: pybuild base:310: cd  
/<>/.pybuild/cpython3_3.11_onboard/build; python3.11 -m  
unittest discover -v


--
Ran 0 tests in 0.000s

OK

```

I do think this is one issue from python-cairo even depend on the
latest version[0]. But if look back its buildd log[1] these tests are
also not executed correctly. I am not sure how to deal with this and if
skip test explicit it willl be okay.


[0]:  
https://tracker.debian.org/news/1483436/accepted-pycairo-1251-1-source-into-unstable/
[1]:  
https://buildd.debian.org/status/fetch.php?pkg=onboard=amd64=1.4.1-5%2Bb8=1701806362=0



The underlying cause of the cairo import issue is that  
/usr/lib/python3/dist-packages/cairo/_cairo.cpython-312-x86_64-linux-gnu.so
 is not yet contained in python3-cairo. Only the  
_cairo.cpython-311-x86_64-linux-gnu.so build is in that package. I  
just pinged the #debian-python IRC channel to check how this could  
best be fixed (likely via a binNMU).


I might assume that other packages could be affected by a missing binNMU...

Waiting for IRC feedback...

Mike

--

mike gabriel aka sunweaver (Debian Developer)
mobile: +49 (1520) 1976 148
landline: +49 (4351) 486 14 27

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
mail: sunwea...@debian.org, http://sunweavers.net



pgpFDpfVSiuDT.pgp
Description: Digitale PGP-Signatur

Bug#1057391: cinnamon and private GIR XML

[Fabio Fantoni]

Big thanks to Simon McVittie for good explain about some things I 
couldn't find enough information about.


Combined with what I had already seen, we need to move the cinnamon gir 
to a private path, then once done I can move it to cinnamon-common to 
align with the upstream.


Cinnamon girs are not used by other packages or non-packaged software 
but only recently added upon request and therefore used only in rare 
cases by developers (based on what I found). So I don't think it's a 
problem for them to do additional manual operations such as installing 
the necessary -dev packages. If it were up to me it wouldn't be a 
problem to add the cinnamon-dev package in which to move the girs and 
have all the necessary dependencies but I fear that the upstream 
wouldn't want it and I want to avoid confict with upstream is possible. 
However there doesn't seem to be a need for this package if I'm not 
mistaken.


About dh_girepository so is not needed use it with private gir, so I 
could remove it and it will only be necessary to manage it if any future 
changes are made that will automatically scan for any gir (even private 
ones), right? If future changes will scan for private gir add of 
"--no-dev-dependencies" can be useful but given the rare case it doesn't 
seem very important to me and we could manage with the override. Or you 
are sure to do this changes so I keep override to avoid another future 
fail to build?


About muffin gir private (as actually) is needed for fork of integrated 
things, muffin packages on debian seems ok now, or I'm wrong? upstream 
also had improved packaging when a rebase was done, only one thing seems 
missed, the move of /usr/libexec/muffin-restart-helper out of libmuffin0 
package (upstream moved from muffin package to libmuffin0 in 4.0 and 
keeped it). On debian packages we don't moved same of upstream or it 
would go against shared library package policies. or am I wrong?






OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1058672: lsp-plugins: Bug in msmatrix code can cause speaker damage

[Andreas Henriksson]

Hello again,

lsp-plugins 1.2.14 is now out according to
https://github.com/lsp-plugins/lsp-plugins/tags

Regards,
Andreas Henriksson

Bug#1059353: manpages: Update to latest upstream possible

[Helge Kreutzmann]

Hello Tobias,
Am Sat, Dec 23, 2023 at 04:52:00PM +0100 schrieb Dr. Tobias Quathamer:
> Am 23.12.23 um 10:55 schrieb Helge Kreutzmann:
> > Since September the salsa git repository indicates that the latest
> > upstream is ready for upload.
> > 
> > Could you maybe upload this as Christmas present or for a happy new
> > year?
> 
> Sure, I've just uploaded. :-)

Thanks a lot.

I took the liberty to triage the manpage bugs, hope this helps.

Greetings

   Helge

-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#171681: man5/filesystems.5: updated list and descriptions of supported filesystems

[Helge Kreutzmann]

tags 171681 + moreinfo
thanks

Am Fri, Jan 28, 2022 at 08:48:27PM +0100 schrieb Florian Ernst:
> On Tue, Feb 16, 2016 at 10:35:15PM +0100, Stéphane Aulery wrote:
> > [...]
> > About this bug I had send this first patch to M. Kerrisk. He rejected it.
> > Too long for a good review. See this thread on linux-...@vger.kernel.org
> > [1].

First info.

> > I started to break my patch and some passages were corrected (see patches
> > accepted from March 2015) [2].
> > 
> > The list is long and it must be controlled because my initial patch was only
> > to add all FS. Then I wanted to check every description with the kernel doc.
> > [...]
> 
> JFTR, those FS mainly referred to in the original bugreport (i.e.
> "jfs,xfs or reiserfs") have already been added to man-pages-2.73 whose
> Changes accordingly list
> 
> | filesystems.5
> | mtk
> | Added Reiserfs, XFS, JFS to list of file systems.

So we have a resolution for the "main" pages.

> The others contained in the patch have not, however, but for some of
> them there exist dedicated man pages in their respective packages:
> 
> afs in openafs-client
> btrfs in btrfs-progs
> ecryptfs in ecryptfs-utils
> gfs2 in gfs2-utils
> ocfs2 in ocfs2-tools
> spufs in manpages ;-)
> sysfs in manpages ;-)
> (this list may be neither exhaustive nor entirely accurate)

Filesystems come (and go), so probably an complete and exhaustive list
is not possible in one place.

Given this, I propose to close this bug.

If further file systems should be mentioned in filesystems.5, then
please report them individually and they can be reviewed on a case by
case basis. 

Also, it is probably best to contact upstream directly and not using
Debian as proxy. Upstream is just one e-mail (and a CC) away:
E-Mail a...@kernel.org and CC linux-...@vger.kernel.org

Greetings

  Helge


-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#1033477: linux: symlink in sticky directory not owned 0:0 behaves weirdly (EACCES if mode 1777, okay if 1755, )

[Helge Kreutzmann]

tags 1033477 + pending
thanks

Hello Tobias,
Am Sun, Apr 02, 2023 at 01:36:15AM +0200 schrieb наб:
> Control: forwarded -1 
> https://lore.kernel.org/linux-man/7818bd3c-0351-a738-fd69-14b59838c...@gmail.com/t/#mcf38b6c9ad9e6ae8f4d4ebc7d5373fe7b7f5e1f9
> Control: tags -1 + fixed-upstream
> 
> Applied as
>   
> https://git.kernel.org/pub/scm/docs/man-pages/man-pages.git/commit/?id=92964433bd8547aefbae1fd002d4a6534eecf9d7
>   
> https://git.kernel.org/pub/scm/docs/man-pages/man-pages.git/commit/?id=2e1c1a57f138eedd35b7b2a825002fddb12d240f

I just double checked - this is contained in the latest upstream
release (i.e. man-pages 6.05.01), so you can close this bug on your
next upload.

Greetings

Helge

-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#1059363: gbp-import-dsc crashes when changelog contains leap seconds ("Sun, 1 Jan 2006, 00:59:60 +0100")

[Gioele Barabucci]

Control: tags -1 patch

Hi Guido,

On 23/12/23 16:57, Guido Günther wrote:

the gbp-import-dsc script crashes while parsing changelogs that include leap
seconds.

dateutil.parser._parser.ParserError: second must be in 0..59: Sun,  1 Jan
2006 00:59:60 +0100


This looks like a bug in dateutil, can you reassign there?


Not really:


As of 2023-12 there is an open issue asking for support for leap seconds in
dateutils [3].


That issue has been open for almost three years. The dateutils 
developers say that Python's datetime does not handle leap seconds, so 
they are not going to mess around with it.


In order to deal with Debian policy's request to support :60, 
application-level workarounds are needed.


Please find attached a small patch that fix this issue.

Regards,

--
Gioele BarabucciFrom 5dd36d1a7ed44f7cd10eb7afeb58e6c747558e91 Mon Sep 17 00:00:00 2001
From: Gioele Barabucci 
Date: Sat, 23 Dec 2023 17:03:39 +0100
Subject: [PATCH] git: rfc822_date_to_git: Handle leap seconds

Closes: #1059363
---
 gbp/git/__init__.py | 5 +
 1 file changed, 5 insertions(+)

diff --git a/gbp/git/__init__.py b/gbp/git/__init__.py
index 3d0bb0b9..773ba822 100644
--- a/gbp/git/__init__.py
+++ b/gbp/git/__init__.py
@@ -17,6 +17,7 @@
 """Accessing Git from python"""
 
 import calendar
+import datetime
 import dateutil.parser
 
 from gbp.git.modifier import GitModifier   # noqa: F401
@@ -41,7 +42,11 @@ def rfc822_date_to_git(rfc822_date, fuzzy=False):
 >>> rfc822_date_to_git('So, 26 Feb 1998 8:50:00 +0100', fuzzy=True)
 '888479400 +0100'
 """
+rfc822_date_orig = rfc822_date
+rfc822_date = rfc822_date.replace(":60 ", ":59 ")
 d = dateutil.parser.parse(rfc822_date, fuzzy=fuzzy)
+if rfc822_date != rfc822_date_orig: # Handle leap seconds.
+d += datetime.timedelta(seconds=1)
 seconds = calendar.timegm(d.utctimetuple())
 tz = d.strftime("%z")
 return '%d %s' % (seconds, tz)
-- 
2.43.0

Bug#1051358: manpages: Mention the Users and Groups Debian document in SEE ALSO for the group(5) man page

[Helge Kreutzmann]

tags 1051358 + moreinfo
thanks

Hello Karl,
Am Wed, Sep 06, 2023 at 02:30:45PM -0500 schrieb Karl O. Pinc:
> It'd be nice if the groups(5) man page mentioned the "Users and Groups

At least in stable and unstable there is no groups(5) page. However,
there is groups(1), which belongs to coreutils.

Do you mean groups(1)?

If so, please reassign this bug to coreutils.

Thanks!

Greetings

Helge
-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#1059363: gbp-import-dsc crashes when changelog contains leap seconds ("Sun, 1 Jan 2006, 00:59:60 +0100")

[Guido Günther]

Hi,
On Sat, Dec 23, 2023 at 04:48:51PM +0100, Gioele Barabucci wrote:
> Package: git-buildpackage
> Version: 0.9.33
> 
> Dear git-buildpackage maintainer,
> 
> the gbp-import-dsc script crashes while parsing changelogs that include leap
> seconds.
> 
> For example, while parsing the changelog of unicode/5.0, gbp-import-dsc
> crashes with
> 
> ```
>   File "/usr/lib/python3/dist-packages/gbp/scripts/import_dsc.py", line 116,
> in get_author_from_changelog
> date = rfc822_date_to_git(dch.date, fuzzy=True)
>
>   File "/usr/lib/python3/dist-packages/gbp/git/__init__.py", line 44, in
> rfc822_date_to_git
> d = dateutil.parser.parse(rfc822_date, fuzzy=fuzzy)
> ^^^
>   File "/usr/lib/python3/dist-packages/dateutil/parser/_parser.py", line
> 1368, in parse
> return DEFAULTPARSER.parse(timestr, **kwargs)
>^^
>   File "/usr/lib/python3/dist-packages/dateutil/parser/_parser.py", line
> 651, in parse
> six.raise_from(ParserError(str(e) + ": %s", timestr), e)
>   File "", line 3, in raise_from
> dateutil.parser._parser.ParserError: second must be in 0..59: Sun,  1 Jan
> 2006 00:59:60 +0100
> ```

This looks like a bug in dateutil, can you reassign there?
Cheers,
 -- Guido

> 
> Leap seconds (:60) are explicitly permitted by Debian Policy [1] and RFC
> 5322 [2] and produced by `date -R`.
> 
> As of 2023-12 there is an open issue asking for support for leap seconds in
> dateutils [3].
> 
> A possible solution to this issue, suggested by olasd, would to parse the
> date using the stdlib method `email.utils.parsedate_tz` and handle the leap
> seconds manually:
> 
> ```
> import email, datetime
> 
> add_leap_second = False
> dateinfo = list(email.utils.parsedate_tz(rfc822_date))
> if dateinfo[5] == 60:
> dateinfo[5] = 59
> add_leap_second = True
> 
> date = datetime.datetime(*dateinfo[:6])
> 
> if add_leap_second:
> date += datetime.timedelta(seconds=1)
> ```
> 
> Alternatively:
> 
> ```
> dhc_date = dch.date.replace(":60 ", ":59 ")
> date = rfc822_date_to_git(dch.date, fuzzy=True)
> if dch_date != dch.date:
> date += datetime.timedelta(seconds=1)
> ```
> 
> Regards,
> 
> [1] «ss is the two-digit seconds (00-60)»
> https://www.debian.org/doc/debian-policy/ch-source.html#s-dpkgchangelog
> 
> [2] «the time-of-day MUST be in the range 00:00:00 through 23:59:60 (the
> number of seconds allowing for a leap second; see [RFC1305])»
> https://datatracker.ietf.org/doc/html/rfc5322#section-3.3
> 
> [3] https://github.com/dateutil/dateutil/issues/1018
> 
> -- 
> Gioele Barabucci
> 

Bug#958235: manpages: Please remove memusage.1 from the package

[Helge Kreutzmann]

tags 958235 + wontfix
# Not removing man pages for existing commands due to statistic issues
thanks

Hello Jean-Philippe,
Am Mon, Apr 20, 2020 at 12:33:22AM +0200 schrieb Jean-Philippe MENGUAL:

> memusage has not been in Debian for a long time, at least a decade.

This is not correct:
$ apt-file search memusage | grep bin\/mem | less
libc-devtools: /usr/bin/memusage
libc-devtools: /usr/bin/memusagestat

>* What exactly did you do (or not do) that was effective (or
>  ineffective)?
> 
> Translating the manpages-l10n, I see that memusage is still
> present. Upstream cannot remove it, as the command exists in gcc-toools
> on Fedora, but Debian should do it.

If the translation/tool is not relevant, simply stop translating it.

However, remember that manpages-l10n is upstream, i.e. you translate
for other distros as well.

> Would help for translation stats and not to have a useless page

If you bother about the statistics, you can move the current
translation into the archive.

Greetings

  Helge
-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#1058701: pm-utils: unauthorised and uncommunicated removal

[Ian Jackson]

Joerg Jaspert writes ("Re: pm-utils: unauthorised and uncommunicated removal"):
> It wouldn't have made the review any noticable amount harder.

Fair enough.

> I do suggest fixing those things, Ancient Standard version and debhelper
> 7 do make it *really* easy to accept "This is unmaintained".

Yes.

Thanks,
Ian.

-- 
Ian JacksonThese opinions are my own.  

Pronouns: they/he.  If I emailed you from @fyvzl.net or @evade.org.uk,
that is a private address which bypasses my fierce spamfilter.

Bug#1059353: manpages: Update to latest upstream possible

[Dr. Tobias Quathamer]

Am 23.12.23 um 10:55 schrieb Helge Kreutzmann:

Since September the salsa git repository indicates that the latest
upstream is ready for upload.

Could you maybe upload this as Christmas present or for a happy new
year?


Sure, I've just uploaded. :-)

Regards,
Tobias



OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#980034: manpages: Better documentation of environ configuration

[Helge Kreutzmann]

Hello Tobias,
Am Wed, Jan 13, 2021 at 09:17:57AM + schrieb Bastien Roucariès:
> Tags: upstream patch

> Modern system use loginctl and pam to set environ.
> 
> It avoid error in graphical application.
> 
> Setting environ with pam_env is the way to go.
> 
> Document it.

Has this patch been presented/discussed with upstream?

Greetings

Helge

-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#1057787: [pkg-apparmor] Bug#1057787: apparmor scripts give SyntaxWarning messages with python3.12

[Christian Boltz]

Hello,

Am Freitag, 8. Dezember 2023, 15:13:10 CET schrieb richardn:
> python3.12 starts giving SyntaxWarning messages for invalid escape
> sequences in the apparmor python scripts. With python3.11 these were
> only DeprecationWarning messages, not shown by default. According to
> release notes, in a future Python version SyntaxError will eventually
> be raised, instead of SyntaxWarning
>
> These all seem to have been fixed upstream
> 
> https://gitlab.com/apparmor/apparmor/-/commit/d94731ddf42f9a5f5db5ceb5
> 165d18547f010f63

I backported the fixes to the 3.1 branch, see
https://gitlab.com/apparmor/apparmor/-/merge_requests/1130
AppArmor 3.1.7 (no release date planned yet) will include these fixes.

Unfortunately backporting to the 3.0 branch results in lots of conflicts 
in a dozen of files, and I slightly ;-) doubt that supporting the latest 
Python in an older branch is worth the effort.

Therefore I'd recommend that the Debian package gets upgraded to 3.1.x.


Regards,

Christian Boltz
-- 
> Well I must admit I feel like an idiot,
A typical feeling for each software developer ;)
[> Dave Plater and Adrian Schröter in opensuse-buildservice]


signature.asc
Description: This is a digitally signed message part.

Bug#1059363: gbp-import-dsc crashes when changelog contains leap seconds ("Sun, 1 Jan 2006, 00:59:60 +0100")

[Gioele Barabucci]

Package: git-buildpackage
Version: 0.9.33

Dear git-buildpackage maintainer,

the gbp-import-dsc script crashes while parsing changelogs that include 
leap seconds.


For example, while parsing the changelog of unicode/5.0, gbp-import-dsc 
crashes with


```
  File "/usr/lib/python3/dist-packages/gbp/scripts/import_dsc.py", line 
116, in get_author_from_changelog

date = rfc822_date_to_git(dch.date, fuzzy=True)
   
  File "/usr/lib/python3/dist-packages/gbp/git/__init__.py", line 44, 
in rfc822_date_to_git

d = dateutil.parser.parse(rfc822_date, fuzzy=fuzzy)
^^^
  File "/usr/lib/python3/dist-packages/dateutil/parser/_parser.py", 
line 1368, in parse

return DEFAULTPARSER.parse(timestr, **kwargs)
   ^^
  File "/usr/lib/python3/dist-packages/dateutil/parser/_parser.py", 
line 651, in parse

six.raise_from(ParserError(str(e) + ": %s", timestr), e)
  File "", line 3, in raise_from
dateutil.parser._parser.ParserError: second must be in 0..59: Sun,  1 
Jan 2006 00:59:60 +0100

```

Leap seconds (:60) are explicitly permitted by Debian Policy [1] and RFC 
5322 [2] and produced by `date -R`.


As of 2023-12 there is an open issue asking for support for leap seconds 
in dateutils [3].


A possible solution to this issue, suggested by olasd, would to parse 
the date using the stdlib method `email.utils.parsedate_tz` and handle 
the leap seconds manually:


```
import email, datetime

add_leap_second = False
dateinfo = list(email.utils.parsedate_tz(rfc822_date))
if dateinfo[5] == 60:
dateinfo[5] = 59
add_leap_second = True

date = datetime.datetime(*dateinfo[:6])

if add_leap_second:
date += datetime.timedelta(seconds=1)
```

Alternatively:

```
dhc_date = dch.date.replace(":60 ", ":59 ")
date = rfc822_date_to_git(dch.date, fuzzy=True)
if dch_date != dch.date:
date += datetime.timedelta(seconds=1)
```

Regards,

[1] «ss is the two-digit seconds (00-60)» 
https://www.debian.org/doc/debian-policy/ch-source.html#s-dpkgchangelog


[2] «the time-of-day MUST be in the range 00:00:00 through 23:59:60 (the 
number of seconds allowing for a leap second; see [RFC1305])» 
https://datatracker.ietf.org/doc/html/rfc5322#section-3.3


[3] https://github.com/dateutil/dateutil/issues/1018

--
Gioele Barabucci

Bug#1020531: dia: creating a text element kills all GUI fonts

[Prof. Dr. Christian Baun]

This issue is solved in dia version 0.97.3+git20220525-5 of Debian
testing (trixie) with libpango 1.51.0+ds-3 and libfreetype
2.13.2+dfsg-1.

Bug#1059362: linux: Add the Intel On Demand (intel_sdsi) kernel tool

[Jair Gonzalez]

Source: linux
Version: 6.6.7-1~exp1
Severity: wishlist
Tags: patch
X-Debbugs-Cc: miguel.bernal.ma...@linux.intel.com,
jair.gonza...@linux.intel.com

Dear Maintainer,

Please add the Intel On Demand (intel_sdsi) kernel tool, which can be
used for provisioning certificates and activation payloads on supported
cpus.

Intel Xeon family processors with support for Intel On Demand (formerly
known as Software Defined Silicon or SDSi) allow the configuration of
additional CPU features through a license activation process.

On BTS #1027953, there was a request to enable CONFIG_INTEL_SDSI, which
was merged at linux 5e631707bc22 ("Enable Intel VSEC, SDSi and PMT as
module") with version 6.1.4-1.

Link: https://github.com/intel/intel-sdsi

A MR was created with this proposal at:
https://salsa.debian.org/kernel-team/linux/-/merge_requests/964

Thanks,
Jair Gonzalez

Bug#1059361: ITP: chr -- terminal-based text editor

[Christoph Hueffelmann]

Package: wnpp
Severity: wishlist
Owner: 'Christoph Hueffelmann' 
X-Debbugs-CC: debian-de...@lists.debian.org, textsh...@uchuujin.de

*Package Name : chr
 Version : 0.1.75
 Upstream Author : Christoph Hueffelmann , Martin 
Hostettler 

*URL :  https://github.com/istoph/editor
*License : BSL-1.0
*Description :  terminal-based text editor

A terminal based text editor.

Keyboard shortcuts are similar to the default editors in Gnome, KDE and 
other desktop environments. This is to ease workflows alternating 
between GUIs and terminal.


The look and feel is a blend of modern GUI editors and late 90s PC text 
mode editors (e.g. Turbo Vision based or edit.com) adapted to fit into 
terminal based workflows.


It has been written from scratch using Tui Widget.

It implements many features like:
  - selecting text by holding Shift
  - usable without a complicated config file
  - block selection
  - multi windows (overlapping, tiled, fullscreen)
  - text from full width windows can be copied from the terminal without
window borders, scrollbars or additional spaces interfering.
  - syntax highlighting
  - undo/redo
  - display line numbers
  - soft-wrapping of long lines
  - interactive search and replace (with regular expression support)
  - go-to line (and column) command
  - support stdin buffers
  - drop down menus

Bug#1058670: python3-poetry: fail with Can't instantiate abstract class IsolatedEnv with abstract methods executable, scripts_dir

[Tomas Janousek]

Control: severity 1058670 important
Control: forwarded 1058670 https://github.com/python-poetry/poetry/issues/8803

Hi,

On Thu, Dec 14, 2023 at 12:14:12PM +0200, George Shuklin wrote:

According to github bug: https://github.com/python-poetry/poetry/issues/8458 it
is caused by conflict (interactions?) with python3-build package.

python3-build  0.10.0-1


Indeed, as https://github.com/python-poetry/poetry/issues/8803 explains, 
poetry 1.7.1 needs python3-build ^= 1.0.3 [1], yet the Debian 
python3-poetry package just depends on python3-build without any version 
constraints and python3-build is still at 0.10.0-1 in Debian unstable. 

Additionally, python3-poetry version 1.6.1+dfsg-2 also has an unbounded 
dependency on python3-build despite its 
/usr/lib/python3/dist-packages/poetry-1.6.1.dist-info/METADATA clearly 
specifying the dependency as "Requires-Dist: build (>=0.10.0,<0.11.0)".


Something is seriously wrong with dh_python it seems :-(

[1]: https://github.com/python-poetry/poetry/blob/1.7.1/pyproject.toml#L37

--
Tomáš "liskin" ("Pivník") Janoušek, https://lisk.in/

Bug#1058890: more info

[Dr . André Desgualdo Pereira]

sedutil seems to be working

`$ cat /sys/module/libata/parameters/allow_tpm` result "1" 
and 
`sedutil-cli --scan` shows the disk correctly ("/dev/sda2  KINGSTON 
SKC600256G  S4800105")

If there are any further tests that can help elucidate the problem, please let 
me know.

-- 
André Desgualdo Pereira

Bug#1059360: sbuild: How to use it in combination with faketime?

[Santiago Vila]

Package: sbuild
Version: 0.85.0
Severity: wishlist

Hello.

I'm trying to use faketime with sbuild. Currently, I managed to
make it work by replacing dpkg-buildpackage inside the chroot
with a wrapper script:

#!/bin/sh
faketime -f "@2028-12-31 12:00:00" real-dpkg-buildpackage

But I would prefer not to fiddle with the contents of the chroot.
Is there a less intrusive way?

Somewhere in the source I see this hardcoded:

system('/usr/bin/dpkg-buildpackage',

so maybe we would just need some new environment variable
string to be used as a prefix for that.

Thanks.

Bug#1059359: gimp: GIMP corrupts alpha layer when saving as .PNG

[Gary Dale]

Package: gimp
Version: 2.10.36-2
Severity: normal

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
I add an alpha layer to an image, make some areas transparent then export the 
image as a .PNG file

   * What exactly did you do (or not do) that was effective (or ineffective)?
I can expost the image to a .GIF file but when I export it as a .PNG, the 
transparent areas as mostly 
filled with garbage

   * What was the outcome of this action?
   * What outcome did you expect instead?

*** End of the template - remove these template lines ***


-- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.4.0-2-amd64 (SMP w/24 CPU threads; PREEMPT)
Locale: LANG=iu_CA.UTF-8, LC_CTYPE=C.UTF-8 (charmap=locale: Cannot set 
LC_MESSAGES to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
UTF-8), LANGUAGE=en_GB
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gimp depends on:
ii  gimp-data2.10.36-2
ii  graphviz 2.42.2-7+b3
ii  libaa1   1.4p5-50
ii  libbabl-0.1-01:0.1.106-3
ii  libbz2-1.0   1.0.8-5+b1
ii  libc62.37-12
ii  libcairo21.18.0-1
ii  libfontconfig1   2.14.2-6
ii  libfreetype6 2.13.2+dfsg-1
ii  libgcc-s113.2.0-7
ii  libgdk-pixbuf-2.0-0  2.42.10+dfsg-3
ii  libgegl-0.4-01:0.4.46-4
ii  libgexiv2-2  0.14.2-2
ii  libgimp2.0   2.10.36-2
ii  libglib2.0-0 2.78.3-1
ii  libgs10  10.02.1~dfsg-1
ii  libgtk2.0-0  2.24.33-2
ii  libgudev-1.0-0   238-3
ii  libharfbuzz0b8.0.1-1
ii  libheif1 1.17.4-1
ii  libjpeg62-turbo  1:2.1.5-2
ii  libjson-glib-1.0-0   1.8.0-2
ii  libjxl0.70.7.0-10.2
ii  liblcms2-2   2.14-2
ii  liblzma5 5.4.5-0.1
ii  libmng1  1.0.10+dfsg-3.1+b5
ii  libmypaint-1.5-1 1.6.0-2
ii  libopenexr-3-1-303.1.5-5.1
ii  libopenjp2-7 2.5.0-2
ii  libpango-1.0-0   1.51.0+ds-3
ii  libpangocairo-1.0-0  1.51.0+ds-3
ii  libpangoft2-1.0-01.51.0+ds-3
ii  libpng16-16  1.6.40-2
ii  libpoppler-glib8 22.12.0-2+b1
ii  librsvg2-2   2.54.7+dfsg-2
ii  libstdc++6   13.2.0-7
ii  libtiff6 4.5.1+git230720-3
ii  libwebp7 1.3.2-0.3
ii  libwebpdemux21.3.2-0.3
ii  libwebpmux3  1.3.2-0.3
ii  libwmf-0.2-7 0.2.13-1.1
ii  libwmflite-0.2-7 0.2.13-1.1
ii  libx11-6 2:1.8.7-1
ii  libxcursor1  1:1.2.1-1
ii  libxext6 2:1.3.4-1+b1
ii  libxfixes3   1:6.0.0-2
ii  libxmu6  2:1.1.3-3
ii  libxpm4  1:3.5.17-1
ii  xdg-utils1.1.3-4.1
ii  zlib1g   1:1.3.dfsg-3

Versions of packages gimp recommends:
ii  ghostscript  10.02.1~dfsg-1

Versions of packages gimp suggests:
pn  gimp-data-extras  
pn  gimp-help-en | gimp-help  
ii  gvfs-backends 1.52.1-1
ii  libasound21.2.10-3

-- debconf information:
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_GB",
LC_ALL = (unset),
LC_TIME = "en_CA.UTF-8",
LC_MONETARY = "en_CA.UTF-8",
LC_CTYPE = "C.UTF-8",
LC_COLLATE = "en_CA.UTF-8",
LC_MEASUREMENT = "en_CA.UTF-8",
LC_NUMERIC = "en_CA.UTF-8",
LANG = "iu_CA.UTF-8"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
locale: Cannot set LC_MESSAGES to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory

-- debsums errors found:
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_GB",
LC_ALL = (unset),
LC_TIME = "en_CA.UTF-8",
LC_MONETARY = "en_CA.UTF-8",
LC_CTYPE = "C.UTF-8",
LC_COLLATE = "en_CA.UTF-8",
LC_MEASUREMENT = "en_CA.UTF-8",
LC_NUMERIC = "en_CA.UTF-8",
LANG = "iu_CA.UTF-8"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").

Bug#1052037: closed by Debian FTP Masters (reply to Bastian Germann ) (Bug#1052037: fixed in fasttext 0.9.2+ds-5)

[Andrey Rakhmatullin]

Control: found -1 0.9.2+ds-5+b1


> Package: python3-fasttext
> Version: 0.9.2+ds-4
> Severity: serious
> 
> Found in dateparser autopkgtest logs and confirmed on the armel porterbox:
> 
> >>> import fasttext_pybind
> Traceback (most recent call last):
>   File "", line 1, in 
> ImportError: /usr/lib/python3/dist-packages/fasttext_pybind.cpython-311-arm-
> linux-gnueabi.so: undefined symbol: __atomic_load_8
All of this still applies to 0.9.2+ds-5+b1.

Bug#1052132: proc(5): Missing documentation of drops in /proc/net/udp

[Helge Kreutzmann]

tags 1052132 + upstream
thanks

Hello Tobias,
Am Mon, Sep 18, 2023 at 06:15:39AM +0930 schrieb Viru Gajanayake:
> The manual page for proc "man proc" provides some documentation of
> /proc/net/udp but it does not document everything.  In particular it
> does not document the last column "drops".  Specifically I was looking
> for confirmation of whether the value is the number of packets or bytes.
> Please add documentation for the missing columns.

I propose to forward this to upstream, which is quite responsive.

Greetings

 Helge

-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#1057755: Qt WebEngine Security Support In Stable

[Ratchanan Srirattanamet]

Hello,

I'm Ratchanan Srirattanamet, and I'm a "maintainer" of the QtWebEngine 
for Ubuntu Touch (I usually pull from Debian unstable and add our 
patches). As such, I have a few insights and ideas regarding this.


On 07-12-2023 18:49, Soren Stoutner wrote:

> If this is deemed inappropriate for stable-security, it might be
> possible to cherry-pick just the security updates from the Qt
> WebEngine LTS releases and manually apply them to the current tarball
> in stable.  Is anyone familiar with how well documented Qt’s commits
> are as to which are security related and which are not?

At least for the Chromium side, for between a QtWebEngine patch versions 
(where the Chromium base has not been updated), The Qt Company tags the 
backported commits from Chromium with "[Backport] CVE-such-and-such" or 
"[Backport] Security bug ". Commits usually appear in the 
qtwebengine-chromium before the release time, so for certain grave issue 
one can cherry-pick a commit from qtwebengine-chromium side of thing and 
apply to Debian packaging. Obviously that depends on The Qt Company 
deciding to backport such commit/fix from Chromium in the first place, 
which might not happen in a timely manner.


That said, I don't see such tagging on the Qt-side qtwebengine 
repository. So if a vulnerability appears on that side it could be more 
difficult to identify. And I still think it's better to just include the 
whole new version of QtWebEngine rather than cherry-picking certain patches.


> 
>
> 4.
> It has been suggested that security support in stable might be
> provided through stable-backports instead of stable-security.  For LTS
> releases this should be fairly simple (assuming the problems with
> private headers described in point #1 above are resolved).  For non-
> LTS releases this could become overly complex because a newer version
> of Qt WebEngine probably requires backporting every Qt and KDE
> package, which feels unmanageable

Qt actually allows building QtWebEngine with an earlier Qt versions 
(down to the last LTS release) [1]. We are doing this all the time; what 
Mike Gabriel didn't mention is we're still based on Qt 5.12.8 shipped in 
Ubuntu 20.04, which means we build QtWebEngine 5.15.x line against Qt 
5.12.8 with no problem whatsoever (in practice we have to patch 
QtWebEngine a bit in the documentation building part). At one point in 
time, we even used to build QtWebEngine 5.14.x line against Qt 5.9.x 
with a relatively minor patching. So, there's really no need to backport 
the rest of Qt and KDE stack in order to provide a more up-to-date 
QtWebEngine (or stick with LTS Qt in stable), except for maybe QtWebView 
and Angelfish.


If you're willing to do a bit mind-bending, it might even be possible to 
stay with the LTS release of QtWebEngine while upgrading the rest of the 
Qt stack up. Can't say if that is desirable though. :D


[1]: 
https://doc.qt.io/qt-5/qtwebengine-platform-notes.html#using-earlier-qt-versions-to-build-qt-webengine


---

Ratchanan Srirattanamet

Bug#944388: tzfile(5): missing field charcnt in description of fields after the header

[Helge Kreutzmann]

Hello Tobias,
Am Thu, Jan 27, 2022 at 09:01:02PM +0100 schrieb Florian Ernst:
> On Sat, Nov 09, 2019 at 02:00:58AM +0200, Omer Zak wrote:
> > In 'man 5 tzfile', after the header description, six fields are
> > described: tzh_timecnt*4, tzh_timecnt*1, tzh_typecnt*6, tzh_leapcnt*8,
> > tzh_ttisstdcnt*1, tzh_ttisgmtcnt*1.
> > 
> > According to https://tools.ietf.org/html/rfc8536 (section 3.2. TZif
> > Data Block), there should be also a tzh_charcnt field after the first
> > three fields (i.e. total of seven fields).
> 
> The current manpage seems to match https://tools.ietf.org/html/rfc8536,
> and for tzh_charcnt it states
> 
> | tzh_charcnt
> |The number of bytes of time zone abbreviation strings stored in the 
> file.
> 
> As such I think this bug could just be closed.

I concur.

> Hmm, I found tzh_charcnt to be listed in that manpage all the way back
> to upstream 3.27, and according to rfc8536 that field is part of the
> header. So maybe there was something missed when filing this bug?

Well, the submitter did not responded in the last ~ 2 years (I
acknowledged, that he was not explicitly CCed, unfortuantely, by
Florian). So I would suggest to close it as well, speculating about
different potential bugs is not sensible.

Greetings

   Helge

-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#1059358: transition: wolfssl

[Bastian Germann]

Package: release.debian.org
Control: affects -1 wolfssl
X-Debbugs-Cc: wolf...@packages.debian.org
User: release.debian@packages.debian.org
Usertags: transition
Severity: normal
Control: forwarded -1 
https://release.debian.org/transitions/html/auto-wolfssl.html

wolfssl is available in experimental with libwolfssl42.
This transition is from libwolfssl41.
The auto-generated Ben file is okay and all reverse dependencies build fine.

Bug#1035465: tmpfs.5 refers to removed kernel option CONFIG_TRANSPARENT_HUGE_PAGECACHE

[Helge Kreutzmann]

Hello Tobias,
Am Wed, May 03, 2023 at 05:40:35PM +0200 schrieb Christoph Biedl:
> the tmpfs.5 manpages states in the description of the huge= mount option:
> 
> | Set the huge table memory allocation policy for all files in this
> | instance (if CONFIG_TRANSPARENT_HUGE_PAGECACHE is enabled).
> 
> That kernel option was removed more than three years ago, in commit
> v5.6-11468-g396bcc5299c2 ("mm: remove CONFIG_TRANSPARENT_HUGE_PAGECACHE").
> Reading the commit message, it's possibly sufficient to refer to
> CONFIG_TRANSPARENT_HUGEPAGE instead, but I might be completely wrong
> here.
> 
> This problem still exists in upstream version 6.04.

And also in 6.05.01. 

I propose to forward this to upstream, which is quite responsive.

Greetings

 Helge

-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#1014536: manpages: Hardware capabilities section would need updating to latest glibc

[Helge Kreutzmann]

tags 1014536 +upstream
thanks

Hello Tobias,
Am Thu, Jul 07, 2022 at 05:46:18PM +0200 schrieb Mathieu Malaterre:
> Currently the manpage for ld.so contains some of the magic strings for
> proper subfolder names. However this list does not seems to reflect the
> current glibc (bullseye system) release.
> 
> Typically:
> 
> % sudo ldconfig -p | grep hwcap
> libx264.so.160 (libc6,x86-64, hwcap: 0x0004) => 
> /lib/x86_64-linux-gnu/haswell/libx264.so.160
> libx264.so.160 (libc6,x86-64, hwcap: 0x0004) => 
> /lib/x86_64-linux-gnu/avx512_1/libx264.so.160
> 
> It would be nice to document the latest known valid subfolder names
> handled by ldconfig.

Should this be forwarded to upstream? Upstream is quite responsive.

Greetings

   Helge

-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#1058204: alembic: FTBFS: dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p "3.12 3.11" returned exit code 13

[Bastian Germann]

Dear Uploaders,

Would you please check if the new experimental versions fits the reverse 
dependencies' needs?
I am going to move it to unstable soon enough to prevent the mass autoremoval if nobody comments on 
this.


Thanks,
Bastian

Bug#1059357: wolfssl: CVE-2023-6935 CVE-2023-6936 CVE-2023-6937

[Salvatore Bonaccorso]

Source: wolfssl
Version: 5.6.4-2
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 
Control: fixed -1 5.6.6-1

Hi,

The following vulnerabilities were published for wolfssl.

CVE-2023-6935[0], CVE-2023-6936[1] and  CVE-2023-6937[2].

They were already fixed with 5.6.6-1 upload to experimental, add
atracking bug stil for them.

If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-6935
https://www.cve.org/CVERecord?id=CVE-2023-6935
[1] https://security-tracker.debian.org/tracker/CVE-2023-6936
https://www.cve.org/CVERecord?id=CVE-2023-6936
[2] https://security-tracker.debian.org/tracker/CVE-2023-6937
https://www.cve.org/CVERecord?id=CVE-2023-6937
[3] 
https://github.com/wolfSSL/wolfssl/blob/v5.6.6-stable/ChangeLog.md#vulnerabilities

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#232996: this bug/#232996: wrong information in packet(7)

[Helge Kreutzmann]

tags 232996 - moreinfo
# The submitter provided a test script and further information
# And no furter information request was made in the last 16 years
thanks

Hello Tobias,
Am Mon, Jan 08, 2007 at 02:53:46PM +0100 schrieb Francesco Potorti`:
> >Sorry that nobody has commented on this bug.  Can you check if it still
> >applies to recent linux/glibc/manpages releases?  If so, can you provide
> >test code?
> >
> >[0] http://bugs.debian.org/232996
> 
> I use a Debian testing, just upgraded.  The man page says the same as
> before, and the behaviour has not changed.  Kernel is 2.6.18.

The man page is almost the same as given in this old report, except
the last sentence is missing (which does not seem relevant here).

> Appended is a test program and here is the output of tcpdump when the
> test program is launched (as root):
> 
>  00:00:00:00:00:00 (oui Ethernet) > 00:00:00:00:00:00 (oui Ethernet) Null 
> Information
>  00:00:00:00:00:00 (oui Ethernet) > 00:00:00:00:00:00 (oui Ethernet), 
> ethertype Unknown (0x2007)
>  00:00:00:00:00:00 (oui Ethernet) > 00:00:00:00:00:00 (oui Ethernet), 
> ethertype Unknown (0x2008)
> 
> The first packet has type 0x, the second one has type 0x2007, the
> third one has type 0x2008.  If the man page were correct, all three
> would have type 0x2006.

I propose to forward this to upstream. If this is not a bug in the man
page, then it should be reassigned to the proper package.

(Apologies, if upstream has already been informed, this is not
visisble from the bug).

Greetings

 Helge

-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#1057315: src:tiles added to security-support-limited.(13|12|11|10)

[Holger Levsen]

hi,

so I'm adding src:tiles to security-support-limited.(13|12|11|10),
as no removal is planned (and it's dead upstream etc).


-- 
cheers,
Holger

 ⢀⣴⠾⠻⢶⣦⠀
 ⣾⠁⢠⠒⠀⣿⡁  holger@(debian|reproducible-builds|layer-acht).org
 ⢿⡄⠘⠷⠚⠋⠀  OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C
 ⠈⠳⣄

If you upload your address book to "the cloud", I don't want to be in it.


signature.asc
Description: PGP signature

Bug#1021052: /usr/share/man/man7/kernel_lockdown.7.gz: kernel_lockdown(7): Rule about "unencrypted hibernation" is unclear

[Helge Kreutzmann]

tags 1021052 + upstream
thanks

Hello Tobias,
Am Sat, Oct 01, 2022 at 10:21:37AM +0200 schrieb Jonathan Neuschäfer:
> Please clarify the kernel_lockdown(7) manpage with regards to this
> relatively common situation of swap on LVM on LUKS.

Should this be forwarded to upstream? (Or maybe you did so already?)
Upstream is quite responsive.

Greetings

Helge
-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#1059356: python3-poetry: No module named 'poetry_plugin_export'

[Tomas Janousek]

Package: python3-poetry
Version: 1.7.1+dfsg-1
Severity: important

Poetry fails whenever it tries to list the available sub-commands, which 
it does whenever invoked without arguments or when asked to do so 
("list"):

$ poetry

No module named 'poetry_plugin_export'

$ poetry list

No module named 'poetry_plugin_export'

I believe this is because it depends [1] on poetry-plugin-export, but 
that dependency is completely ignored in the Debian package (shouldn't 
the build fail if that dep is unavailable? I don't see that dep being 
patched away anywhere in debian/).

That dependency has been there for a while (since 1.2.0 [2]) but it 
"worked" without it as the export sub-command was being discovered at 
runtime. Since [3], that dependency is an actual hard dependency, and 
thus the Debian packaging will have to catch up.

(But I'd really love to also understand wtf is going on with the 
dependency being silently ignored for a year and a half.)

[1]: https://github.com/python-poetry/poetry/blob/1.7.1/pyproject.toml#L36
[2]: 
https://github.com/python-poetry/poetry/commit/d52780c53723ac397f4e854a1d62d6cc1015e1ce
[3]: 
https://github.com/python-poetry/poetry/commit/f59728d74b1252a0105ce5b8062f8fa28535084f

-- System Information:
Debian Release: trixie/sid
  APT prefers stable-security
  APT policy: (990, 'stable-security'), (990, 'testing'), (500, 
'unstable-debug'), (500, 'testing-debug'), (500, 'stable-debug'), (500, 
'unstable'), (500, 'stable'), (1, 'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.5.0-3-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_CPU_OUT_OF_SPEC, TAINT_USER, TAINT_WARN
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages python3-poetry depends on:
ii  python3 [python3-supported-min]  3.11.4-5+b1
ii  python3-build0.10.0-1
ii  python3-cachecontrol 0.13.1-1
ii  python3-cleo 2.1.0-2
ii  python3-crashtest0.4.1-1
ii  python3-dulwich  0.21.6-1+b1
ii  python3-fastjsonschema   2.19.0-1
ii  python3-importlib-metadata   4.12.0-1
ii  python3-installer0.7.0+dfsg1-2
ii  python3-keyring  24.3.0-1
ii  python3-lockfile 1:0.12.2-3
ii  python3-packaging23.2-1
ii  python3-pexpect  4.8.0-4
ii  python3-pkginfo  1.8.2-2
ii  python3-platformdirs 4.1.0-1
ii  python3-poetry-core  1.8.1-1
ii  python3-pyproject-hooks  1.0.0-2
ii  python3-requests 2.31.0+dfsg-1
ii  python3-requests-toolbelt1.0.0-2
ii  python3-shellingham  1.5.4-1
ii  python3-tomli2.0.1-2
ii  python3-tomlkit  0.12.1-1
ii  python3-trove-classifiers2023.9.19-1
ii  python3-virtualenv   20.25.0+ds-1

python3-poetry recommends no packages.

python3-poetry suggests no packages.

-- no debconf information

-- 
Tomáš "liskin" ("Pivník") Janoušek, https://lisk.in/

Bug#935781: manpages: nsswitch.conf should document automount option

[Helge Kreutzmann]

Hello Herbert,
Am Mon, Aug 26, 2019 at 05:42:35PM +1000 schrieb Herbert Xu:
> There is an undocumented automount option in nsswitch.conf which can
> be used to control how auto.master(5) looks up sources starting with
> the plus sign.  This should be documented.  Please see:
> 
> http://web.mit.edu/rhel-doc/5/RHEL-5-manual/Deployment_Guide-en-US/s1-nfs-client-config-autofs.html

The link does not work anymore.

Could you provide an accessible source, or even better, propose some
text? Then this could be forwarded to upstream.

Greetings

   Helge

-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#1058701: pm-utils: unauthorised and uncommunicated removal

[Joerg Jaspert]

On 17085 March 1977, Ian Jackson wrote:


Yes, please do so.

Thanks.  This has now been done.
I chose to *not* fix anything about the package now (not even the
wrong VCS fields, for example) in order to simplify review.



The diff against the version previously in sid, and currently in
testing, is attached.


It wouldn't have made the review any noticable amount harder.

I do suggest fixing those things, Ancient Standard version and debhelper
7 do make it *really* easy to accept "This is unmaintained".

--
bye, Joerg

Bug#846368: ipv6: binding to a link-local ipv6 address without sin6_scope_id return EINVAL

[Helge Kreutzmann]

tags 846368 + upstream
thanks

Am Wed, Nov 30, 2016 at 06:29:52PM +0100 schrieb Uwe Kleine-König:
> ipv6(7) says in the ERROR paragraph that binding to a link-local v6
> address without specifying a valid interface index in sin6_scope_id
> returns the error ENODEV. This is a bit misleading because specifying 0
> or a valid but wrong interface index returns EINVAL or EADDRNOTAVAIL
> respectively.

Can you propose some text to send to upstream? 

Thanks!

Greetings

 Helge
-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#806446: resolv.conf(5): single-request-reopen description misleading

[Helge Kreutzmann]

Hello Philippe,
Am Fri, Nov 27, 2015 at 09:58:31AM -0500 schrieb Philippe Cloutier:
> Option single-request-reopen was documented following ticket #699387:
> The resolver uses the same socket for the A and  requests. Some hardware 
> mistakenly sends back only one reply. When that happens the client system 
> will sit and wait for the second reply. Turning this option on changes this 
> behavior so that if two requests from the same port are not handled correctly 
> it will close the socket and open a new one before sending the second request.
> 
> While the description is correct, it seems to imply that the option is only 
> meant to workaround broken hardware (presumably routers). This may have been 
> the original intent, but as I personally found out, the option also works 
> around broken Windows Server DNS servers. In my case, this was Windows Server 
> 2008 [R1], which is relatively obsolete, but according to 
> http://robert.penz.name/902/slow-dns-resolving-with-linux-systems-against-windows-dns-server/
>  this persists in current versions, so even though the fault seems to be 
> Microsoft's, this better be as clear as possible.
> 
> As a minimum, we should use a generic designation (something like "DNS 
> servers" rather than "hardware"). It may even be warranted to mention 
> specific examples, as if I understand correctly, this affects default Debian 
> clients using default Windows Server DNS servers.

Can you propose some text? Then this could be forwarded to upstream.

Greetings

 Helge
-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#803731: manpages: tcp_ecn details out of date

[Helge Kreutzmann]

Hello Tobias,
Am Thu, Jan 27, 2022 at 09:00:15PM +0100 schrieb Florian Ernst:
> On Mon, Nov 02, 2015 at 11:24:51AM +0900, c wrote:
> > man tcp:
> > 
> > tcp_ecn section refers to deprecates version and talks to a boolean value 
> > defaulting to disabled.
> > This is not the case as kernel defaults to '2'; ip-sysctl.txt text should 
> > prevale.
> > 
> > tcp_ecn - INTEGER
> > Control use of Explicit Congestion Notification (ECN) by TCP.
> > ECN is used only when both ends of the TCP connection indicate
> > support for it.  This feature is useful in avoiding losses due
> > to congestion by allowing supporting routers to signal
> > congestion before having to drop packets.
> > Possible values are:
> > 0 Disable ECN.  Neither initiate nor accept ECN.
> > 1 Enable ECN when requested by incoming connections and
> >   also request ECN on outgoing connection attempts.
> > 2 Enable ECN when requested by incoming connections
> >   but do not request ECN on outgoing connections.
> > Default: 2
> 
> The current manpage instead reads
> 
> | tcp_ecn (Integer; default: see below; since Linux 2.4)
> |Enable RFC 3168 Explicit Congestion Notification.
> |
> |This file can have one of the following values:
> |
> |0  Disable ECN.  Neither initiate nor accept ECN.  This was
> |the default up to and including Linux 2.6.30.
> |
> |1  Enable ECN when requested by incoming connections and
> |also request ECN on outgoing connection attempts.
> |
> |2  Enable ECN when requested by incoming connections, but do
> |not request ECN on outgoing connections.  This value is
> |supported, and is the default, since Linux 2.6.31.
> |
> |When enabled, connectivity to some destinations could be
> |affected due to older, misbehaving middle boxes along the path,
> |causing connections to be dropped.  However, to facilitate and
> |encourage deployment with option 1, and to work around such
> |buggy equipment, the tcp_ecn_fallback option has been
> |introduced.
> 
> I.e. the defaults are stated correctly. As such I think this bug could
> just be closed.
> 
> This seems to have been fixed in man-pages-4.03 (first present in Debian
> with 4.04-0.1) whose Changes lists
> 
> | tcp.7
> | Daniel Borkmann  [Michael Kerrisk]
> | Improve paragraphs on tcp_ecn and add tcp_ecn_fallback bullet
> | Improve description of tcp_ecn, fix the RFC number and it's
> | not a boolean anymore since long time, and add a description
> | for tcp_ecn_fallback.
> | 
> | See also kernel doc under Documentation/networking/ip-sysctl.txt
> | on tcp_ecn and tcp_ecn_fallback.

This analysis sounds sensible, should this bug be closed?

Greetings

 Helge


-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#1059233: RFS: python-dbutils/3.0.3-1 [ITP] -- tools for providing connections to a database (Python 3)

[Jeroen Ploemen]

Control: tags -1 moreinfo

On Thu, 21 Dec 2023 18:59:32 +
Dale Richards  wrote:

> I am looking for a sponsor for my package python-dbutils:

hi Dale,

package looks pretty good, with only some minor issues:
* d/python-dbutils-doc.docs: globbing is supported, might want to
  make use of that (docs/*).
* control: 'Testsuite: autopkgtest-pkg-python' is of little use when
  combined with a non-trivial autopkgtest.
* d/tests/control specifies a dependency on python3-pytest, which is
  probably unnecessary as the testsuite runs fine on build without
  it (a cursory glance suggest it only uses stdlib's unittest).
* lintian hit: P: python-dbutils source: trailing-whitespace
  [debian/control:27]

Please remove the moreinfo tag (and CC me directly) once you have an
updated package ready.

PS: your domain has its DMARC policy set to 'reject', which is a bad
idea if you're sending mail to mailing lists; 'quarantine' is usually
the better choice.


pgp0Y7Und4nDv.pgp
Description: OpenPGP digital signature

Bug#1059355: ITP: sway-contrib -- A collection of user-contributed scripts for sway

[Birger Schacht]

Package: wnpp
Severity: wishlist
Owner: Birger Schacht 
X-Debbugs-Cc: debian-de...@lists.debian.org, bir...@debian.org

* Package name: sway-contrib
  Version : no version tag yet
  Upstream Contact: Sungjoon Moon 
* URL : https://github.com/OctopusET/sway-contrib
* License : MIT
  Programming Lang: Python, Shell
  Description : A collection of user-contributed scripts for sway

I plan to maintain this package in the swaywm-team.

Bug#1052740: graphite2: FTBFS: graph_legend.dot:1: error: Problems running dot: exit code=1, command='dot', arguments='"/<>/build/doc/doxygen/html/graph_legend.dot" -Tpng -o "/<

[Rene Engelhard]

Hi,
Am 23.12.23 um 02:40 schrieb Bastian Germann:

graph_legend.dot should have quotes around the font name references.

Ah, thanks. Unfortunately this is a generated file...

This is probably a doxygen bug.
Probably. That's why there's no action here. TBH I don't think this is 
the only occurance archive-wise?

A workaround would be removing doxygen from Build-Depends
and the two doxgen output files from debian/libgraphite2-doc.docs


Thought abozt  this, too. But that would loose the API documentation


Regards,


Rene