Bug#1068207:
Hi, 'https://wiki.debian.org/qa.debian.org/FTBFS' see: 2024-03-13 -Werror=implicit-function-declaration ... In dpkg version 1.22.6, the compiler flag -Werror=implicit-function-declaration was enabled by default for all architectures in build flags ... ... You need to patch libnginx-mod-http-modsecurity source code: ~~~ diff --git a/config b/config index c6e7467..3bf06a8 100644 --- a/config +++ b/config @@ -10,7 +10,8 @@ ngx_feature_name= ngx_feature_run=no -ngx_feature_incs="#include " +ngx_feature_incs="#include +#include " ngx_feature_libs="-lmodsecurity" ngx_feature_test='printf("hello");' ngx_modsecurity_opt_I= ~~~ Jan
Bug#1069146: RM: aufs-tools -- RoQA; FTBFS since 2019, overlayfs available, not in bullseye, bookworm, trixie
I support as maintainer the removal. I am sorry that I orphaned the package and did not take care to ask for removal myself. Best, Jan Am 17. April 2024 08:56:45 MESZ schrieb Helmut Grohne : >Package: ftp.debian.org >Severity: normal >Tags: ftbfs >X-Debbugs-Cc: aufs-to...@packages.debian.org, Jan Luca Naumann > >Control: affects -1 + src:aufs-tools >User: ftp.debian@packages.debian.org >Usertags: remove > >Hi, > >I request removal of aufs-tools from unstable for the following reasons: > * FTBFS since 2019 > * No maintainer upload since 2019 > * Not part of bullseye, bookworm, trixie > * Similar functionality available via standard kernel module overlayfs > * Requires changes to complete the /usr-move transition > >Helmut
Bug#1069153: RM: aufs -- RoQA; FTBFS since 2020, not part of bullseye, bookworm or trixie, dead upstream
I support as maintainer the removal. I am sorry that I orphaned the package and did not take care to ask for removal myself. Best, Jan Naumann Am 17. April 2024 09:46:26 MESZ schrieb Helmut Grohne : >Package: ftp.debian.org >Severity: normal >Tags: ftbfs >X-Debbugs-Cc: a...@packages.debian.org, Jan Luca Naumann > >Control: affects -1 + src:aufs >User: ftp.debian@packages.debian.org >Usertags: remove > >Hi, > >I request removal of aufs from Debian unstable for the following >reasons: > * FTBFS since 2020 > * Alternative overlayfs exists > * No maintainer upload since 2019 > * Dead upstream: https://marc.info/?l=linux-kernel=123938442923108 > * aufs-tools also being removed: #1069146 > >Helmut
Bug#1068849: cryptsetup: Fails to unlock the filesystem with missing libgcc_s.so.1
below is not anymore relevant as both initrds now booted up, so whatever it is showing, it now works. > Erm no, that likely won't work since pthread functions have moved from > libpthread.so.1 to libc.so.6 with glibc 2.34. Otherwise copy_exec() > would have pulled in libgcc_s. New attempt: The following is with the 6.7.7 image, I just reran with the a freshly created 6.7.9 image and it showed basically the same output λ unmkinitramfs ./initrd.img-6.7.7-amd64 /tmp/initramfs-destdir λ for p in $(find /tmp/initramfs-destdir/main -type f | sort); do \ objdump -T "$p" 2>&1 | grep pthread_exit && echo "^^ $p"; \ done DF *UND* (GLIBC_2.2.5) pthread_exit ^^ /tmp/initramfs-destdir/main/usr/lib/x86_64-linux-gnu/libcrypto.so.3 00089560 w DF .text 0042 GLIBC_2.2.5 pthread_exit ^^ /tmp/initramfs-destdir/main/usr/lib/x86_64-linux-gnu/libc.so.6 DF *UND* (GLIBC_2.2.5) pthread_exit ^^ /tmp/initramfs-destdir/main/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.7800.4 λ dpkg -S ibcrypto.so.3 libssl3t64:amd64: /usr/lib/x86_64-linux-gnu/libcrypto.so.3 λ dpkg -S libc.so.6 libc6-dev:amd64: /usr/share/gdb/auto-load/lib/x86_64-linux-gnu/libc.so.6-gdb.py libc6:amd64: /lib/x86_64-linux-gnu/libc.so.6 λ dpkg -S libglib-2.0.so.0 libglib2.0-0t64:amd64: /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 libglib2.0-0t64:amd64: /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.7800.4 λ dpkg -s libglib2.0-0t64 | grep Version Version: 2.78.4-6 λ dpkg -s libssl3t64 | grep Version Version: 3.2.1-3 λ dpkg -s libc6 | grep Version Version: 2.37-16 And just because it was mentioned: λ dpkg -s libcryptsetup12 | grep Version Version: 2:2.7.2-1 -- Thanks! Jan
Bug#1068849: cryptsetup: Fails to unlock the filesystem with missing libgcc_s.so.1
On Fri, 12 Apr 2024 at 14:00, Chris Hofstaedtler wrote: > Can you tell us which part was wanting libgcc_s.so.1? > cryptsetup in the initramfs doesn't seem to be the (original) > problem of that. How would I find out? (I've never debugged such a problem, and have basically no clue what is happening behind the scenes during encrypted hd unlock and how to figure out "what wants it" :-( ) I basically inputted a password (both on the "UI" and the console after ctrl-alt-del) and on the console it showed me that error after pressing enter. It then showed the passwort entry box/line again. Given that it was the password validation, I figured I should file a bug here. Jan
Bug#1068849: cryptsetup: Fails to unlock the filesystem with missing libgcc_s.so.1
Package: cryptsetup Version: 2:2.7.2-1 Severity: normal Dear Maintainer, After a recent apt upgrade on a debian sid system (installed about 3 years ago with an installer, choosing to encrypt the filesystem, no idea what actually ended up on my system as a crypt setup. Since then, the laptop runs debian unstable), my system failed to unlock. After a ctrl-alt-del, I got to the console and there it showed an error about libgcc_s.so.1 not available and aborting. Thankfully, I still had another, still working, initrd around (I guess due to https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065698 ? If so: yay for bugs!). I snooped around in the source code a bit and found that libgcc_s seems to be dlopened and is special cased: https://salsa.debian.org/kernel-team/initramfs-tools/-/blob/master/hook-functions?ref_type=heads#L248-249 (original bugreport: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950254). So my guess is that nothing depends on libpthread anymore, and this is the case: `lsinitramfs initrd.img-6.7.9-amd64 |grep thread` shows no libpthread (actually nothing). I fixed it now by installing a update-initramfs hook (thanks to https://groups.google.com/g/linux.debian.bugs.dist/c/4fi2HaOEC_M): ``` λ cat /etc/initramfs-tools/hooks/libgcc #!/bin/sh -e PREREQS="" case $1 in prereqs) echo "${PREREQS}"; exit 0;; esac . /usr/share/initramfs-tools/hook-functions copy_file library /lib/x86_64-linux-gnu/libgcc_s.so.1 /lib/x86_64-linux-gnu/libgcc_s.so.1 ``` Not sure if that's the right solution, but i got my system back to boot up: ``` λ sudo update-initramfs -k 6.7.9-amd64 -u λ lsinitramfs initrd.img-6.7.9-amd64 |grep gcc usr/lib/x86_64-linux-gnu/libgcc_s.so.1 ``` It would also be nice if the "gui" view could show the error or at least tell the user to pres ctrl-alt-del to get to a more informative view, took me ages to figure out that one :-( -- Package-specific info: -- /proc/cmdline BOOT_IMAGE=/vmlinuz-6.7.9-amd64 root=/dev/mapper/bloodaxe--vg-root ro quiet splash -- /etc/crypttab nvme0n1p3_crypt UUID=8df352e7-81f1-457e-82bc-0d40aa06ea83 none luks,discard -- /etc/fstab # /etc/fstab: static file system information. # # Use 'blkid' to print the universally unique identifier for a # device; this may be used with UUID= as a more robust way to name devices # that works even if disks are added and removed. See fstab(5). # # systemd generates mount units based on this file, see systemd.mount(5). # Please run 'systemctl daemon-reload' after making changes here. # # /dev/mapper/bloodaxe--vg-root / ext4 errors=remount-ro 0 1 # /boot was on /dev/nvme0n1p2 during installation UUID=1fa0b711-60ed-4c97-b63e-63b57ea38220 /boot ext2 defaults0 2 # /boot/efi was on /dev/nvme0n1p1 during installation UUID=5AC9-21F9 /boot/efi vfatumask=0077 0 1 /dev/mapper/bloodaxe--vg-swap_1 noneswapsw 0 0 -- lsmod Module Size Used by xt_conntrack 12288 1 nft_chain_nat 12288 3 xt_MASQUERADE 16384 1 nf_nat 65536 2 nft_chain_nat,xt_MASQUERADE nf_conntrack_netlink61440 0 nf_conntrack 212992 4 xt_conntrack,nf_nat,nf_conntrack_netlink,xt_MASQUERADE nf_defrag_ipv6 24576 1 nf_conntrack nf_defrag_ipv4 12288 1 nf_conntrack xfrm_user 61440 1 xfrm_algo 16384 1 xfrm_user xt_addrtype12288 2 nft_compat 24576 4 br_netfilter 36864 0 bridge385024 1 br_netfilter stp12288 1 bridge llc16384 2 bridge,stp ctr12288 2 ccm20480 6 tun69632 2 rfcomm102400 4 uinput 20480 2 cmac 12288 3 algif_hash 12288 1 algif_skcipher 12288 1 af_alg 36864 6 algif_hash,algif_skcipher snd_seq_dummy 12288 0 snd_hrtimer12288 1 snd_seq 114688 7 snd_seq_dummy snd_seq_device 16384 1 snd_seq nf_tables 372736 57 nft_compat,nft_chain_nat qrtr 57344 4 overlay 212992 0 bnep 36864 2 binfmt_misc28672 1 snd_ctl_led24576 0 snd_soc_skl_hda_dsp24576 4 snd_soc_hdac_hdmi 45056 1 snd_soc_skl_hda_dsp snd_sof_probes 24576 0 snd_soc_intel_hda_dsp_common16384 1 snd_soc_skl_hda_dsp snd_hda_codec_hdmi 90112 1 snd_hda_codec_realtek 200704 1 snd_hda_codec_generic 114688 1 snd_hda_codec_realtek snd_soc_dmic 12288 1 snd_sof_pci_intel_cnl12288 0 snd_sof_intel_hda_common 221184 1 snd_sof_pci_intel_cnl intel_pmc_core_pltdrv12288 0 intel_pmc_core 81920 0 soundwire_intel73728 1 snd_sof_intel_hda_common soundwire_generic_allocation12288 1 soundwire_intel snd_sof_intel_hda_mlink40960 2
Bug#1068848: cryptsetup: Fails to unlock the filesystem with missing libgcc_s.so.1
Subject: cryptsetup: Fails to unlock the filesystem with missing libgcc_s.so.1 Package: cryptsetup Version: 2:2.7.2-1 Severity: normal Dear Maintainer, After a recent apt upgrade, my system failed to unlock. After a ctrl-alt-del, I got to the console and there it showed an error about libgcc_s.so.1 not available and aborting. Thankfully, I still had a other initrd around (I guess due to https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065698, yay for bugs!). I snooped around in the source code a bit and found that libgcc_s seems to be dlopened and is special cased: https://salsa.debian.org/kernel-team/initramfs-tools/-/blob/master/hook-functions?ref_type=heads#L248-249 (original bugreport: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950254). So my guess is that nothing depends on libpthread either anymore, and this is the case: `lsinitramfs initrd.img-6.7.9-amd64 |grep thread` shows no libpthread (actually nothing). I fixed it now by installing a update-initramfs hook (thanks to https://groups.google.com/g/linux.debian.bugs.dist/c/4fi2HaOEC_M): ``` λ cat /etc/initramfs-tools/hooks/libgcc #!/bin/sh -e PREREQS="" case $1 in prereqs) echo "${PREREQS}"; exit 0;; esac . /usr/share/initramfs-tools/hook-functions copy_file library /lib/x86_64-linux-gnu/libgcc_s.so.1 /lib/x86_64-linux-gnu/libgcc_s.so.1 ``` Not sure if that's the right solution, but i got my system back to boot up: ``` λ sudo update-initramfs -k 6.7.9-amd64 -u λ lsinitramfs initrd.img-6.7.9-amd64 |grep gcc usr/lib/x86_64-linux-gnu/libgcc_s.so.1 ``` It would also be nice if the "gui" view could show the error or at least tell the user to pres ctrl-alt-del to get to a more informative view, took me ages to figure out that one :-( -- Package-specific info: -- /proc/cmdline BOOT_IMAGE=/vmlinuz-6.7.9-amd64 root=/dev/mapper/bloodaxe--vg-root ro quiet splash -- /etc/crypttab nvme0n1p3_crypt UUID=8df352e7-81f1-457e-82bc-0d40aa06ea83 none luks,discard -- /etc/fstab # /etc/fstab: static file system information. # # Use 'blkid' to print the universally unique identifier for a # device; this may be used with UUID= as a more robust way to name devices # that works even if disks are added and removed. See fstab(5). # # systemd generates mount units based on this file, see systemd.mount(5). # Please run 'systemctl daemon-reload' after making changes here. # # /dev/mapper/bloodaxe--vg-root / ext4 errors=remount-ro 0 1 # /boot was on /dev/nvme0n1p2 during installation UUID=1fa0b711-60ed-4c97-b63e-63b57ea38220 /boot ext2 defaults0 2 # /boot/efi was on /dev/nvme0n1p1 during installation UUID=5AC9-21F9 /boot/efi vfatumask=0077 0 1 /dev/mapper/bloodaxe--vg-swap_1 noneswapsw 0 0 -- lsmod Module Size Used by xt_conntrack 12288 1 nft_chain_nat 12288 3 xt_MASQUERADE 16384 1 nf_nat 65536 2 nft_chain_nat,xt_MASQUERADE nf_conntrack_netlink61440 0 nf_conntrack 212992 4 xt_conntrack,nf_nat,nf_conntrack_netlink,xt_MASQUERADE nf_defrag_ipv6 24576 1 nf_conntrack nf_defrag_ipv4 12288 1 nf_conntrack xfrm_user 61440 1 xfrm_algo 16384 1 xfrm_user xt_addrtype12288 2 nft_compat 24576 4 br_netfilter 36864 0 bridge385024 1 br_netfilter stp12288 1 bridge llc16384 2 bridge,stp ctr12288 2 ccm20480 6 tun69632 2 rfcomm102400 4 uinput 20480 2 cmac 12288 3 algif_hash 12288 1 algif_skcipher 12288 1 af_alg 36864 6 algif_hash,algif_skcipher snd_seq_dummy 12288 0 snd_hrtimer12288 1 snd_seq 114688 7 snd_seq_dummy snd_seq_device 16384 1 snd_seq nf_tables 372736 57 nft_compat,nft_chain_nat qrtr 57344 4 overlay 212992 0 bnep 36864 2 binfmt_misc28672 1 snd_ctl_led24576 0 snd_soc_skl_hda_dsp24576 4 snd_soc_hdac_hdmi 45056 1 snd_soc_skl_hda_dsp snd_sof_probes 24576 0 snd_soc_intel_hda_dsp_common16384 1 snd_soc_skl_hda_dsp snd_hda_codec_hdmi 90112 1 snd_hda_codec_realtek 200704 1 snd_hda_codec_generic 114688 1 snd_hda_codec_realtek snd_soc_dmic 12288 1 snd_sof_pci_intel_cnl12288 0 snd_sof_intel_hda_common 221184 1 snd_sof_pci_intel_cnl intel_pmc_core_pltdrv12288 0 intel_pmc_core 81920 0 soundwire_intel73728 1 snd_sof_intel_hda_common soundwire_generic_allocation12288 1 soundwire_intel snd_sof_intel_hda_mlink40960 2 soundwire_intel,snd_sof_intel_hda_common x86_pkg_temp_thermal16384 0 soundwire_cadence 45056 1 soundwire_intel intel_powerclamp 16384 0
Bug#1068046: /etc/firehol/ifupdown-firehol.sh: 71: [: -o: unexpected operator
Package: firehol Version: 3.1.7+ds-3 Severity: normal X-Debbugs-Cc: jspam+...@mpxd.net Dear Maintainer, When running ifup / ifdown, I run into error messages along the lines of /etc/network/if-up.d/firehol: 71: [: -o: unexpected operator /etc/network/if-pre-up.d/zz-firehol: 71: [: -o: unexpected operator /etc/network/if-up.d/firehol: 71: [: -o: unexpected operator I've worked around them locally by modifying /etc/firehol/ifupdown-firehol.sh to run using /bin/bash rather than /bin/sh, but there may be a better solution. Thanks, Jan -- System Information: Debian Release: trixie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 6.7.9-amd64 (SMP w/4 CPU threads; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages firehol depends on: ii firehol-common 3.1.7+ds-3 ii init-system-helpers 1.66 Versions of packages firehol recommends: ii fireqos 3.1.7+ds-3 Versions of packages firehol suggests: pn firehol-doc pn firehol-tools pn ulogd2 -- Configuration Files: /etc/default/firehol changed [not included] /etc/firehol/firehol.conf changed [not included] /etc/firehol/ifupdown-firehol.sh changed [not included] -- no debconf information
Bug#1063576: O: virtualenv-clone -- script for cloning a non-relocatable virtualenv (Python3)
Package: wnpp Severity: normal X-Debbugs-Cc: virtualenv-cl...@packages.debian.org Control: affects -1 + src:virtualenv-clone I intend to orphan the virtualenv-clone package. I packaged virtualenv-clone because it was a dependency of virtualenvwrapper which I no longer use. The package description is: Virtualenv provides a way to make virtualenv's relocatable which could then be copied as wanted. However making a virtualenv relocatable this way breaks the no-site-packages isolation of the virtualenv as well as other aspects that come with relative paths and '/usr/bin/env' shebangs that may be undesirable. . Also, the .pth and .egg-link rewriting doesn't seem to work as intended. This attempts to overcome these issues and provide a way to easily clone an existing virtualenv. . This is the Python3 package.
Bug#1063575: O: virtualenvwrapper -- extension to virtualenv for managing multiple environments
Package: wnpp Severity: normal X-Debbugs-Cc: virtualenvwrap...@packages.debian.org Control: affects -1 + src:virtualenvwrapper I intend to orphan the virtualenvwrapper package. I no longer use virtualenvwrapper, pipenv and poetry are better alternatives for all of my use cases. The package description is: virtualenvwrapper is a set of extensions to Ian Bicking's virtualenv tool. The extensions include wrappers for creating and deleting virtual environments and otherwise managing your development workflow, making it easier to work on more than one project at a time without introducing conflicts in their dependencies.
Bug#1063574: O: sysconftool -- development tool to install and update configuration files
Package: wnpp Severity: normal X-Debbugs-Cc: sysconft...@packages.debian.org Control: affects -1 + src:sysconftool I intend to orphan the sysconftool package. I have no use for the package and it had no uploads for ages. The package description is: sysconftool is a development utility that helps to install application configuration files. sysconftool allows an existing application to be upgraded without losing the older version's configuration settings, but that's the advantage over plain dpkg upgrading, will add new configuration settings (and remove unneeded).
Bug#1062339: Cross-building broken for riscv64 due to libgssapi-krb5-2 version mismatch
Package: release.debian.org Please align the uploaded versions of libgssapi-krb5-2 so that cross-building is working again for riscv64. TIA, Jan
Bug#1062063: bookworm-pu: package monitoring-plugins/2.3.3-5+deb12u2
Hi Adam, > > Am 31.01.2024 um 18:59 schrieb Adam D. Barratt : > >> On Wed, 2024-01-31 at 09:50 +0100, Jan Wagner wrote: >> As reported in #1061956, check_http fails when called with --no-body >> and >> Transfer-Encoding: chunked is used > > Please go ahead. I uploaded the package to proposed-updates. Many thanks.
Bug#1061956: [Pkg-nagios-devel] Bug#1061956: monitoring-plugins-basic: check_http --no-body fails when Transfer-Encoding: chunked
Hi Cyprien, Am 30.01.24 um 14:27 schrieb Cyprien Nicolas: This issue is related to `check_http` failing to handle the --no-body or -N argument when a server sends the Transfer-Encoding: chunked header. We use this argument for checking only the HTTP status code, as we don't need the full body of the response. The issue is already fixed upstream since 2.3.4 [1] and I can't reproduce the issue with 2.3.5-1 from testing. thanks for reporting. Would it be possible to get a fix in current stable? In next point-release maybe? I opened #1062063 for this. 1. https://github.com/monitoring-plugins/monitoring-plugins/pull/1901 Maybe as in https://github.com/monitoring-plugins/monitoring-plugins/pull/1901#issuecomment-1771021923 suggested you might want to migrate over to check_curl? With kind regards, Jan. -- Never write mail to , you have been warned! -BEGIN GEEK CODE BLOCK- Version: 3.12 GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS PE Y++ PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y --END GEEK CODE BLOCK--
Bug#1062063: bookworm-pu: package monitoring-plugins/2.3.3-5+deb12u2
Package: release.debian.org Severity: normal Tags: bookworm User: release.debian@packages.debian.org Usertags: pu X-Debbugs-Cc: monitoring-plug...@packages.debian.org Control: affects -1 + src:monitoring-plugins [ Reason ] As reported in #1061956, check_http fails when called with --no-body and Transfer-Encoding: chunked is used [ Impact ] check_http is unusable when called with --no-body and Transfer-Encoding: chunked is used [ Tests ] Upstream test suite, It was verified to work in the upstream issue tracker (https://github.com/monitoring-plugins/monitoring-plugins/pull/1901) and 2.3.5-1 has also this fix, which is since some time in testing. [ Risks ] Low, trivial change. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable [ Changes ] The patch is required to fix the check_http regression. [ Other info ] This is a request for pre approval, if you are okay with the changes, I'll upload it. Kind Regards, Jan -- Never write mail to , you have been warned! -BEGIN GEEK CODE BLOCK- Version: 3.12 GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS PE Y++ PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y --END GEEK CODE BLOCK--diff --git a/debian/changelog b/debian/changelog index d0b7b5b..1e067a3 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +monitoring-plugins (2.3.3-5+deb12u2) bookworm; urgency=medium + + * [c45bc15] Adding d/p/23_check_http_fix_unchunking_body from upstream +(Closes: #1061956) + + -- Jan Wagner Wed, 31 Jan 2024 09:40:18 +0100 + monitoring-plugins (2.3.3-5+deb12u1) bookworm; urgency=medium * [85eed74] Adding d/p/22_check_disk_avoid_mount from upstream diff --git a/debian/patches/23_check_http_fix_unchunking_body b/debian/patches/23_check_http_fix_unchunking_body new file mode 100644 index 000..b14 --- /dev/null +++ b/debian/patches/23_check_http_fix_unchunking_body @@ -0,0 +1,22 @@ +From a6802bd5f50a5c12ed5bafa4fe9ee14fede7c1e1 Mon Sep 17 00:00:00 2001 +From: Thoralf Rickert-Wendt <30341294+tricker...@users.noreply.github.com> +Date: Tue, 8 Aug 2023 10:22:53 +0200 +Subject: [PATCH] Fix issue #1872 + +--- + plugins/check_http.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/plugins/check_http.c b/plugins/check_http.c +index 1288c415d..718c8ee71 100644 +--- a/plugins/check_http.c b/plugins/check_http.c +@@ -1279,7 +1279,7 @@ check_http (void) + + regmatch_t chre_pmatch[1]; // We actually do not care about this, since we only want to know IF it was found + +- if (regexec(_header_regex, header, 1, chre_pmatch, 0) == 0) { ++ if (!no_body && regexec(_header_regex, header, 1, chre_pmatch, 0) == 0) { + if (verbose) { + printf("Found chunked content\n"); + } diff --git a/debian/patches/series b/debian/patches/series index b024b25..d8711a4 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -9,3 +9,4 @@ 15_check_swap_remove_includes 16_check_snmp_disable_multiplier_when_unused 22_check_disk_avoid_mount +23_check_http_fix_unchunking_body
Bug#1061140: Cross-building against sqlite3 broken for riscv64
Package: release.debian.org Please align the uploaded versions of sqlite3 packages so that cross-building against some lib of this source is working for riscv64. TIA, Jan
Bug#1060262: linux-image-6.6.9-amd64: Please enable CONFIG_INTEL_VSC and CONFIG_IPU_BRIDGE
Package: src:linux Version: 6.6.9-1 Severity: wishlist Dear Maintainer, please enable CONFIG_INTEL_VSC and CONFIG_IPU_BRIDGE, doing so makes using the integrated camera on some Alder lake laptops easier. -- Package-specific info: ** Version: Linux version 6.6.9-amd64 (debian-ker...@lists.debian.org) (gcc-13 (Debian 13.2.0-9) 13.2.0, GNU ld (GNU Binutils for Debian) 2.41.50.20231227) #1 SMP PREEMPT_DYNAMIC Debian 6.6.9-1 (2024-01-01) ** Command line: BOOT_IMAGE=/vmlinuz-6.6.9-amd64 root=/dev/mapper/vg--flunder-root ro mitigations=off ** Tainted: OE (12288) * externally-built ("out-of-tree") module was loaded * unsigned module was loaded ** Kernel log: Unable to read kernel log; any relevant messages should be attached ** Model information sys_vendor: LENOVO product_name: 21CDCTO1WW product_version: ThinkPad X1 Yoga Gen 7 chassis_vendor: LENOVO chassis_version: None bios_vendor: LENOVO bios_version: N3AET77W (1.42 ) board_vendor: LENOVO board_name: 21CDCTO1WW board_version: NO DPK ** Loaded modules: ccm nft_masq rfcomm snd_seq_dummy snd_hrtimer snd_seq cmac algif_hash algif_skcipher af_alg xt_CHECKSUM xt_MASQUERADE xt_conntrack ipt_REJECT nf_reject_ipv4 xt_tcpudp nft_compat nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 nf_tables bridge stp llc r8153_ecm cdc_ether usbnet r8152 mii binder_linux qrtr bnep uinput snd_ctl_led btusb btrtl snd_soc_skl_hda_dsp snd_usb_audio btintel btbcm snd_soc_intel_hda_dsp_common btmtk snd_sof_probes snd_soc_hdac_hdmi snd_usbmidi_lib bluetooth snd_rawmidi snd_seq_device gpio_ljca(OE) spi_ljca(OE) i2c_ljca(OE) ecdh_generic ljca(OE) snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_codec_generic binfmt_misc snd_soc_dmic snd_sof_pci_intel_tgl snd_sof_intel_hda_common soundwire_intel soundwire_generic_allocation snd_sof_intel_hda_mlink soundwire_cadence iwlmvm snd_sof_intel_hda snd_sof_pci snd_sof_xtensa_dsp snd_sof nls_ascii intel_uncore_frequency snd_sof_utils intel_uncore_frequency_common nls_cp437 snd_soc_hdac_hda vfat mac80211 snd_hda_ext_core x86_pkg_temp_thermal fat snd_soc_acpi_intel_match intel_powerclamp snd_soc_acpi snd_soc_core coretemp kvm_intel snd_compress snd_pcm_dmaengine libarc4 soundwire_bus kvm snd_hda_intel snd_intel_dspcfg snd_intel_sdw_acpi irqbypass iwlwifi snd_hda_codec intel_ipu6_isys(OE) rapl snd_hda_core videobuf2_dma_contig thinkpad_acpi pmt_telemetry mei_hdcp videobuf2_memops mei_pxp intel_rapl_msr pmt_class intel_cstate nxp_nci_i2c videobuf2_v4l2 hid_sensor_gyro_3d hid_sensor_accel_3d snd_hwdep think_lmi nxp_nci nvram intel_uncore processor_thermal_device_pci snd_pcm hid_sensor_trigger ledtrig_audio cfg80211 firmware_attributes_class videobuf2_common nci iTCO_wdt snd_timer processor_thermal_device platform_profile hid_sensor_iio_common processor_thermal_rfim intel_pmc_bxt industrialio_triggered_buffer snd iTCO_vendor_support ucsi_acpi wmi_bmof kfifo_buf processor_thermal_mbox intel_ipu6_psys(OE) nfc typec_ucsi watchdog industrialio soundcore processor_thermal_rapl mei_me roles intel_rapl_common intel_vsec igen6_edac intel_ipu6(OE) typec mei_vsc(OE) int3403_thermal mei soc_button_array int340x_thermal_zone ac rfkill ov2740(OE) intel_skl_int3472_tps68470 v4l2_fwnode int3400_thermal intel_hid v4l2_async intel_pmc_core acpi_thermal_rel intel_skl_int3472_discrete sparse_keymap acpi_tad joydev acpi_pad hid_multitouch serio_raw evdev v4l2loopback(OE) videodev mc msr parport_pc ppdev lp parport loop efi_pstore configfs nfnetlink ip_tables x_tables autofs4 ext4 crc16 mbcache jbd2 dm_crypt dm_mod efivarfs raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c crc32c_generic raid1 raid0 multipath linear md_mod hid_logitech_hidpp hid_logitech_dj hid_sensor_custom hid_sensor_hub intel_ishtp_hid i915 crc32_pclmul crc32c_intel drm_buddy ghash_clmulni_intel wacom i2c_algo_bit nvme sha512_ssse3 drm_display_helper usbhid nvme_core sha256_ssse3 cec sha1_ssse3 xhci_pci t10_pi rc_core hid_generic xhci_hcd crc64_rocksoft_generic crc64_rocksoft ttm crc_t10dif i2c_hid_acpi i2c_hid crct10dif_generic drm_kms_helper usbcore aesni_intel video intel_lpss_pci intel_ish_ipc crct10dif_pclmul i2c_i801 hid intel_lpss crypto_simd crc64 cryptd psmouse drm thunderbolt usb_common i2c_smbus crct10dif_common intel_ishtp button idma64 fan battery wmi ** PCI devices: 00:00.0 Host bridge [0600]: Intel Corporation Device [8086:4621] (rev 02) Subsystem: Lenovo Device [17aa:22e6] Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx- Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=fast >TAbort- SERR- Kernel driver in use: igen6_edac Kernel modules: igen6_edac 00:02.0 VGA compatible controller [0300]: Intel Corporation Alder Lake-P GT2 [Iris Xe Graphics] [8086:46a6] (rev 0c) (prog-if 00 [VGA controller]) Subsystem: Lenovo Alder Lake-P Integrated Graphics Controller [17aa:22e6] Control: I/O+ Mem+ BusMaster+ SpecCycle-
Bug#1060079: RM: python-smstrade -- ROM; smstrade service has been aquired by cm.com which uses a different API
Package: ftp.debian.org Severity: normal User: ftp.debian@packages.debian.org Usertags: remove X-Debbugs-Cc: python-smstr...@packages.debian.org Control: affects -1 + src:python-smstrade Dear ftp-masters, please remove python-smstrade from unstable, the service that this package is for has been aquired by cm.com a while ago. cm.com provides a different SMS gateway API that cannot be used with the packaged client code. Best regards Jan Dittberner
Bug#1059698: Please do a maintainer upload to enable riscv64 cross-building
Package: libkeyutils1 Version: 1.6.3-2+b1 Currently, libkeyutils1 is the last blocker to automatically set up an essential cross-build environments for riscv64: $ docker run --rm -it debian:sid root@d897052b9483:/# dpkg --add-architecture riscv64 root@d897052b9483:/# apt update ... root@032073e91e5f:/# apt install build-essential libc6-dev:riscv64 Reading package lists... Done Building dependency tree... Done Reading state information... Done Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. The following information may help to resolve the situation: The following packages have unmet dependencies: libkrb5-3:riscv64 : Depends: libkeyutils1:riscv64 (>= 1.5.9) but it is not installable E: Unable to correct problems, you have held broken packages. root@032073e91e5f:/# apt-get install build-essential libc6-dev:riscv64 Reading package lists... Done Building dependency tree... Done Reading state information... Done Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. The following information may help to resolve the situation: The following packages have unmet dependencies: libkrb5-3:riscv64 : Depends: libkeyutils1:riscv64 (>= 1.5.9) but it is not installable E: Unable to correct problems, you have held broken packages. It looks like this is caused by libkeyutils1:amd64 and libkeyutils1:riscv64 having different versions and, thus, refuse to be installed at the same time. I've resolved it locally by rebuilding keyutils for riscv64 using the same version as for the other archs. Would be great to resolve that by performing a maintainer upload for this package to sid for all architectures (not sure if libkeyutils1:riscv64 could be "downgraded" from 1.6.3-2+b1 to 1.6.3-2, I suspect not).
Bug#1059490: Freeradius init script - mariadb dependency
Package: freeradius Version: 3.2.1+dfsg-4+deb12u1 Debian stable (12.4). Hello. There is a missing dependency in freeradius init script. We have radius accounts in mariadb database. Please can you apply this trivial fix? Thanks. diff /etc/init.d/freeradius.original /etc/init.d/freeradius 7c7 < # Should-Start: $time mysql slapd postgresql samba krb5-kdc --- > # Should-Start: $time mysql slapd postgresql samba krb5-kdc mariadb Best regards, J.K.
Bug#1059278: systemd: CVE-2023-7008
Hi, I'm the reporter of the bug at https://github.com/systemd/systemd/issues/25676. I'm sorry that I have to add to the bug at this time. The commit[0] that was determined to have introduced this vulnerability is incorrect. Looking at the relevant diff[1] the commit merely introduced the use of the `FLAGS_SET` macro, but did not change the flag being read from the incorrect variable `t`. In the fix[2] this was changed to `dt`. Note that the vulnerability has been previously reported[3] in March 2020 on systemd v243+v244. Hence systemd v248 is definitely not the first version introducing the vulnerable code. In fact, I have reproduced the issue right now on both Debian buster (10.13) with systemd 241-7~deb10u10 and Debian bullseye (11.8) with systemd 247.3-7+deb11u4. I assume the vulnerability was introduced with the initial version[4] of the `dns_transaction_requires_rrsig` function, which already read the flag from `t`. This would have been in systemd v229, but I did not test any version older than v241. I would add this information to the GitHub issue, but it has been locked. Perhaps a systemd contributor could relay this update, so that the misleading information does not spread. Regards, Jan Erik Petersen [0] https://github.com/systemd/systemd/commit/6f055e43b817b66e6d4f6e4022f0a115dc35651b [1] https://github.com/systemd/systemd/commit/6f055e43b817b66e6d4f6e4022f0a115dc35651b#diff-d63d6fd38d6a715e4ca052fc0fb65eda859f3822dbddffa4a87a3ee872e25eafL2621 [2] https://github.com/systemd/systemd/commit/3b4cc1437b51fcc0b08da8cc3f5d1175eed25eb1 [3] https://github.com/systemd/systemd/issues/15158 [4] https://github.com/systemd/systemd/commit/105e151299dc1208855380be2b22d0db2d66ebc6 OpenPGP_signature.asc Description: OpenPGP digital signature
Bug#1055742: libnginx-mod-http-cache-purge: Segmentation fault caused by PURGE requests
Hi, how can I reproduce the segmentation fault? I prepared a simple autopkg test here: "https://salsa.debian.org/nginx-team/libnginx-mod-http-cache-purge/-/blob/main/debian/tests/purgetest?ref_type=heads; but I didn't catch the segfault, the autopkgtest works with the 1.22.1 / 1.24.0 nginx version. The problem will probably be some special case related to the proxy_cookie_flags option. Before applying the patch, I would like to have an autopkgtest to verify that the patch works. Jan
Bug#1058424: [PATCH] First step towards reproducibility
Hi! It seems this is a good part of what needs to be done: diff --git a/Pristine/Tar/Delta/Tarball.pm b/Pristine/Tar/Delta/Tarball.pm index 121b85e..e8b5ce0 100644 --- a/Pristine/Tar/Delta/Tarball.pm +++ b/Pristine/Tar/Delta/Tarball.pm @@ -26,7 +26,13 @@ sub write { } } - doit("tar", "czf", $deltafile, "-C", $tempdir, keys %$delta); + doit("tar", "--sort=name", + "--mtime=\@0", + "--owner=0", + "--group=0", + "--numeric-owner", + "--pax-option=exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime", + "-czf", $deltafile, "-C", $tempdir, sort keys %$delta); return $delta; } With this patch applied, invoking `GZIP=-n pristine-tar gendelta foo.tar.gz` does almost do the right thing, except the "wrapper" file contained within the delta file (tarball.) That "wrapper" is compressed with pristine-tar's internal "zgz" tool and unfortunately still embeds a timestamp into the "wrapper" file (with actually is a .gz, but just generated with this `zgz` tool.) MfG, JBG -- signature.asc Description: PGP signature
Bug#1058424: pristine-tar gendelta: Make output file reproducible
Package: pristine-tar Version: 1.50 Severity: wishlist Running `pristine-tar gendelta` two times on the very same input tarball generates two different delta files. They contain files in filesystem order and with "current" timestamps. I suggest to use something along this: tar --sort=name \ --mtime="@${SOURCE_DATE_EPOCH:-$(date +%s)}" \ --owner=0 \ --group=0 \ --numeric-owner \ --pax-option=exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime \ -czf "${artifacts_dir}/${tarball_filename}" "${basename_dir}" For $SOURCE_DATE_EPOCH, I suggest to use the tarball's mtime. I'm unfortunately not a Perl guy, but looking at the sources, it seems it's just the sub write() in Pristine/Tar/Delta/Tarball.pm that needs to be extended, and mtime being handed down all the way. Thanks, Jan-Benedict -- signature.asc Description: PGP signature
Bug#1057260: iwlwifi: `N' invalid for parameter `enable_ini'
Hi all, Just to add to the discussion, I ran into the same problem after upgrading stable Debian from 12.2 to 12.4, i.e. from kernel 6.1.0-13 to 6.1.0-15. Similary to others, I have in the past created a file /etc/modprobe.d/iwlwifi.conf with a single line: options iwlwifi enable_ini=N Luckily, I have notes that record a rationale for this. Without this file, on every boot there were these spurious error messages: firmware: failed to load iwl-debug-yoyo.bin (-2) Direct firmware load for iwl-debug-yoyo.bin failed with error -2 Creating iwlwifi.conf with said contents silenced those messages. After the upgrade to 6.1.0-15: * the line "options iwlwifi enable_ini=N" prevents wifi from working * removing the file entirely enables wifi but also brings back above error messages about firmware * replacing "enable_ini=N" with "enable_ini=0" silences the messages and allows wifi to work Hope this helps, Janek
Bug#1055067: isc-dhcp-client: network-manager 1.44.2-3 changed path to nm-dhcp-helper, apparmor need update
Package: isc-dhcp-client Version: 4.4.3-P1-4 Followup-For: Bug #1055067 I can confirm this, after a recent upgrade I lost network connectivity and it took some digging to determine the cause. Using dhclient with NetworkManager is probably not uncommon (especially since it's NetworkManager's default behaviour if dhclient is installed), so this should probably be fixed soon so that other people don't suddenly lose their network as well. Cheers, Jan -- System Information: Debian Release: trixie/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable'), (102, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.5.0-1-amd64 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_WARN Locale: LANG=en_NZ.UTF-8, LC_CTYPE=en_NZ.UTF-8 (charmap=UTF-8), LANGUAGE=en_NZ:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages isc-dhcp-client depends on: ii debianutils 5.14 ii iproute2 6.6.0-1 ii libc6 2.37-12 Versions of packages isc-dhcp-client recommends: ii isc-dhcp-common 4.4.3-P1-4 Versions of packages isc-dhcp-client suggests: ii avahi-autoipd 0.8-13 pn isc-dhcp-client-ddns ii systemd-resolved [resolvconf] 255~rc2-2 -- Configuration Files: /etc/apparmor.d/sbin.dhclient changed [not included] -- no debconf information
Bug#1054401: bookworm-pu: package nagios-plugins-contrib/42.20230308+deb12u1
Hi, Am 05.11.23 um 15:41 schrieb Jan Wagner: Am 23.10.23 um 19:43 schrieb Holger Levsen: On Mon, Oct 23, 2023 at 01:19:25PM +0200, Jan Wagner wrote: [ Reason ] As reported in #1033791, check_running_kernel fails to find version on bookworm/(arm64|armhf). [ Impact ] check_running_kernel doesn't work on arm64 and armhf as expected, this is a regression. [ Tests ] The patch was verified to work in #1033791 I've rebuild the package on arm64 and can confirm /usr/lib/nagios/plugins/check_running_kernel now works on those arm64 systems where the version currently in bookworm does not work. is there anything I can do to get the package into bookworm? I would enjoy to hear from the RM about this. Thanks, Jan
Bug#1054401: bookworm-pu: package nagios-plugins-contrib/42.20230308+deb12u1
Hi there, Am 23.10.23 um 19:43 schrieb Holger Levsen: On Mon, Oct 23, 2023 at 01:19:25PM +0200, Jan Wagner wrote: [ Reason ] As reported in #1033791, check_running_kernel fails to find version on bookworm/(arm64|armhf). [ Impact ] check_running_kernel doesn't work on arm64 and armhf as expected, this is a regression. [ Tests ] The patch was verified to work in #1033791 I've rebuild the package on arm64 and can confirm /usr/lib/nagios/plugins/check_running_kernel now works on those arm64 systems where the version currently in bookworm does not work. is there anything I can do to get the package into bookworm? Cheers, Jan
Bug#1054391: systemd-journal-remote aborts when getting remote messages complaining about field size
L.S., this turned out to be something really specific. https://github.com/systemd/systemd/issues/29676 Root cause found, at least: as far as I can dig. The system running the sink is connected to two networks and is accepting journals from 1 system on one and 6 on the other network. All systems have the above mentioned versions (Debian 12.2, kernel 6.1.0-13-amd64, systemd 252.17-1~deb12u1), all are using the systemd-journal-upload. The six on the first network were working fine, dumping to their hearts content. The single system on the second was having the above mentioned problems. Working with precision, the systemd-journal-remote.socket's ListenStreams were configured to be listening on the ip addresses reserved for that specific purpose. This was done with the edit/override possibility on the socket: $ sudo systemctl edit systemd-journal-remote.socket : ... [Socket] ListenStream= ListenStream=10.0.0.202:19532 ListenStream=10.1.1.202:19532 ... Guess what: the 6 working clients were on the first ip, the 1 that didn't on the second. - Changing the order resulted in 1 working and 6 failing clients. - Adding an additional ListenStream with 127.0.0.1 didn't change anything. - Removing all ListenStream settings resulting in listening on 0.0.0.0:19532 made all 7 systems working. JdH. -- "Piracy is simply demand where supply does not exist."
Bug#1054401: bookworm-pu: package nagios-plugins-contrib/42.20230308+deb12u1
Package: release.debian.org Severity: normal Tags: bookworm User: release.debian@packages.debian.org Usertags: pu X-Debbugs-Cc: monitoring-plug...@packages.debian.org Control: affects -1 + src:nagios-plugins-contrib [ Reason ] As reported in #1033791, check_running_kernel fails to find version on bookworm/(arm64|armhf). [ Impact ] check_running_kernel doesn't work on arm64 and armhf as expected, this is a regression. [ Tests ] The patch was verified to work in #1033791 [ Risks ] Low, trivial change. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable [ Changes ] The patch is required to fix check_running_kernel on arm64 and armhf. [ Other info ] This is a request for pre approval, if you are okay with the changes, I'll upload it. Kind Regards, Jan -- Never write mail to , you have been warned! -BEGIN GEEK CODE BLOCK- Version: 3.12 GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS PE Y++ PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y --END GEEK CODE BLOCK--diff --git a/debian/changelog b/debian/changelog index 1ce2330..2360b0b 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +nagios-plugins-contrib (42.20230308+deb12u1) bookworm; urgency=medium + + [ Manfred Stock ] + * [f5a0186] Extend fix for on-disk version detection on Bookworm +(Closes: #1033791) + + -- Jan Wagner Mon, 23 Oct 2023 13:03:28 +0200 + nagios-plugins-contrib (42.20230308) unstable; urgency=high * [4ab7834] Adding d/p/dsa/check_running_kernel_bookworm_fix diff --git a/debian/patches/dsa/check_running_kernel_bookworm_fix b/debian/patches/dsa/check_running_kernel_bookworm_fix index fe5e75d..d98b929 100644 --- a/debian/patches/dsa/check_running_kernel_bookworm_fix +++ b/debian/patches/dsa/check_running_kernel_bookworm_fix @@ -9,3 +9,12 @@ if [ -x /usr/bin/lsb_release ] ; then vendor=$(lsb_release -i -s) if [ -n "$vendor" ] && [ "xDebian" != "x$vendor" ] ; then +@@ -211,7 +211,7 @@ + fi + fi + [ -z "$on_disk_version" ] || continue +- on_disk_version="`cat "$on_disk" | $STRINGS | grep 'Linux version' | head -n1`" ++ on_disk_version="`cat "$on_disk" | $STRINGS | grep 'Linux version' | tail -n1`" + [ -z "$on_disk_version" ] || continue + + echo "UNKNOWN: Failed to get a version string from image $on_disk"
Bug#1053568: ITP: python-lib25519 -- Python wrapper around lib25519 library
Package: wnpp X-Debbugs-Cc: debian-de...@lists.debian.org Owner: Jan Mojzis Severity: wishlist * Package name: python-lib25519 Version : 20231006 Upstream Contact: Jan Mojzis * URL : https://github.com/janmojzis/python-lib25519 * License : CC0 Programming Lang: Python Description : Python wrapper around lib25519 library lib25519 is a microlibrary for the X25519 encryption system and the Ed25519 signature system, both of which use the Curve25519 elliptic curve. lib25519 has a very simple stateless API based on the SUPERCOP API, with wire-format inputs and outputs, providing functions that directly match the central cryptographic operations in X25519 and Ed25519: lib25519.x25519.keypair(pk, sk): X25519 key generation lib25519.x25519.dh(k, pk, sk): shared-secret generation lib25519.ed25519.keypair(pk, sk): Ed25519 key generation lib25519.ed25519.sign(sm, , m, mlen, sk): signing lib25519.ed25519.open(m, , sm, smlen, pk): verification + message recovery This package is related to: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051553 I'm going to maintain the package using https://salsa.debian.org/ It is being prepared here: https://salsa.debian.org/janmojzis/python-lib25519 I need sponsor for the first upload (I'm DM). Jan
Bug#1053569: ITP: python-mceliece -- Python wrapper around libmceliece library
Package: wnpp X-Debbugs-Cc: debian-de...@lists.debian.org Owner: Jan Mojzis Severity: wishlist * Package name: python-mceliece Version : 20231006 Upstream Contact: Jan Mojzis * URL : https://github.com/janmojzis/python-mceliece * License : CC0 Programming Lang: Python Description : Python wrapper around libmceliece library libmceliece is a Classic McEliece microlibrary. libmceliece has a very simple stateless API based on the SUPERCOP API, with wire-format inputs and outputs, providing functions that directly match the KEM operations provided by Classic McEliece, such as functions mceliece6960119.keypair() mceliece6960119.enc() mceliece6960119.dec() for the mceliece6960119 KEM This package is related to: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050531 I'm going to maintain the package using https://salsa.debian.org/ It is being prepared here: https://salsa.debian.org/janmojzis/python-mceliece I need sponsor for the first upload (I'm DM). Jan
Bug#1053557: squid: Squid autopkgtest failures prevents squid from entering testing
fcf-protection -march=native -c -o stub_fatal.o stub_fatal.cc 156s g++ -std=c++17 -DHAVE_CONFIG_H -DDEFAULT_CONFIG_FILE=\"/etc/squid.conf\" -DDEFAULT_SQUID_DATA_DIR=\"/usr/share\" -DDEFAULT_SQUID_CONFIG_DIR=\"/etc\" -I.. -I../include -I../lib -I../src -I../include -isystem /usr/include/mit-krb5 -I. -I/usr/include/libxml2 -Wdate-time -D_FORTIFY_SOURCE=2 -Wall -Wextra -Wimplicit-fallthrough=5 -Wpointer-arith -Wwrite-strings -Wcomments -Wshadow -Wmissing-declarations -Woverloaded-virtual -Werror -pipe -D_REENTRANT -I/usr/include/p11-kit-1-g -O2 -ffile-prefix-map=/tmp/autopkgtest-lxc.mpw063si/downtmp/build.lxu/src=. -fstack-protector-strong -fstack-clash-protection -Wformat -Werror=format-security -fcf-protection -march=native -c -o ESIExpressions.o ESIExpressions.cc 156s g++ -std=c++17 -DHAVE_CONFIG_H -DDEFAULT_CONFIG_FILE=\"/etc/squid.conf\" -DDEFAULT_SQUID_DATA_DIR=\"/usr/share\" -DDEFAULT_SQUID_CONFIG_DIR=\"/etc\" -I.. -I../include -I../lib -I../src -I../include -isystem /usr/include/mit-krb5 -I. -I/usr/include/libxml2 -Wdate-time -D_FORTIFY_SOURCE=2 -Wall -Wextra -Wimplicit-fallthrough=5 -Wpointer-arith -Wwrite-strings -Wcomments -Wshadow -Wmissing-declarations -Woverloaded-virtual -Werror -pipe -D_REENTRANT -I/usr/include/p11-kit-1-g -O2 -ffile-prefix-map=/tmp/autopkgtest-lxc.mpw063si/downtmp/build.lxu/src=. -fstack-protector-strong -fstack-clash-protection -Wformat -Werror=format-security -fcf-protection -march=native -c -o stub_libmem.o stub_libmem.cc 156s g++ -std=c++17 -DHAVE_CONFIG_H -DDEFAULT_CONFIG_FILE=\"/etc/squid.conf\" -DDEFAULT_SQUID_DATA_DIR=\"/usr/share\" -DDEFAULT_SQUID_CONFIG_DIR=\"/etc\" -I.. -I../include -I../lib -I../src -I../include -isystem /usr/include/mit-krb5 -I. -I/usr/include/libxml2 -Wdate-time -D_FORTIFY_SOURCE=2 -Wall -Wextra -Wimplicit-fallthrough=5 -Wpointer-arith -Wwrite-strings -Wcomments -Wshadow -Wmissing-declarations -Woverloaded-virtual -Werror -pipe -D_REENTRANT -I/usr/include/p11-kit-1-g -O2 -ffile-prefix-map=/tmp/autopkgtest-lxc.mpw063si/downtmp/build.lxu/src=. -fstack-protector-strong -fstack-clash-protection -Wformat -Werror=format-security -fcf-protection -march=native -c -o ../src/esi/Expression.o ../src/esi/Expression.cc 157s make[1]: *** No rule to make target '../src/debug/libdebug.la', needed by 'ESIExpressions'. Stop. 157s make[1]: Leaving directory '/tmp/autopkgtest-lxc.mpw063si/downtmp/build.lxu/src/test-suite' 157s make: *** [Makefile:1292: check-am] Error 2 157s make: Leaving directory '/tmp/autopkgtest-lxc.mpw063si/downtmp/build.lxu/src/test-suite' 157s autopkgtest [01:14:50]: test upstream-test-suite: ---] 157s autopkgtest [01:14:50]: test upstream-test-suite: - - - - - - - - - - results - - - - - - - - - - 157s upstream-test-suite FAIL non-zero exit status 2 158s autopkgtest [01:14:51]: test squid: preparing testbed 201s autopkgtest [01:15:34]: testbed dpkg architecture: amd64 201s autopkgtest [01:15:34]: testbed apt version: 2.7.6 201s autopkgtest [01:15:34]: test bed setup Would be great to have that fixed soon, so squid can enter testing. Thanks Jan. -- Never write mail to , you have been warned! -BEGIN GEEK CODE BLOCK- Version: 3.12 GIT d-@ s+:()>- a+ C$ UL$ P+ L$ !E--- W+++$ N+++ o++ K++ !w---? O M+ !V- PS+ PE Y++ PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y+ --END GEEK CODE BLOCK--
Bug#1052218: bookworm-pu: package monitoring-plugins/2.3.3-5+deb12u1
Am 23.09.23 um 21:42 schrieb Adam D. Barratt: Control: tags -1 confirmed On Tue, 2023-09-19 at 08:35 +0200, Jan Wagner wrote: As reported in #1051768, check_disk has gotten very slow on a machine with a huge number of mount points (in excess of 16000). [ Impact ] check_disk used to take around 10 seconds on bullseye in this scenario, now it is more than one hour Please go ahead. monitoring-plugins_2.3.3-5+deb12u1 was uploaded to proposed-updates. with best regards, Jan
Bug#1051768: [Pkg-nagios-devel] Bug#1051768: monitoring-plugins-basic: check_disk is very slow
Am 12.09.23 um 13:06 schrieb Arnaud Gomes: Could you please cherry-pick commit 0dd1110 in a future release of the package? I've requested approval with #1052218 for this
Bug#1052218: bookworm-pu: package monitoring-plugins/2.3.3-5+deb12u1
Package: release.debian.org Severity: normal Tags: bookworm User: release.debian@packages.debian.org Usertags: pu X-Debbugs-Cc: monitoring-plug...@packages.debian.org Control: affects -1 + src:monitoring-plugins [ Reason ] As reported in #1051768, check_disk has gotten very slow on a machine with a huge number of mount points (in excess of 16000). [ Impact ] check_disk used to take around 10 seconds on bullseye in this scenario, now it is more than one hour [ Tests ] Upstream test suite, It was verified to work in the upstream issue tracker (https://github.com/monitoring-plugins/monitoring-plugins/issues/1919#issuecomment-1715348368) and 2.3.3-6 has also this fix, which is since some time in testing. [ Risks ] Low, trivial change. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable [ Changes ] The patch is required to speed up check_disk with a huge number of mount points. [ Other info ] This is a request for pre approval, if you are okay with the changes, I'll upload it. Kind Regards, Jan -- Never write mail to , you have been warned! -BEGIN GEEK CODE BLOCK- Version: 3.12 GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS PE Y++ PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y --END GEEK CODE BLOCK--diff --git a/debian/changelog b/debian/changelog index d938ad6..d0b7b5b 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +monitoring-plugins (2.3.3-5+deb12u1) bookworm; urgency=medium + + * [85eed74] Adding d/p/22_check_disk_avoid_mount from upstream +(Closes: #1051768) + + -- Jan Wagner Tue, 19 Sep 2023 07:54:14 +0200 + monitoring-plugins (2.3.3-5) unstable; urgency=medium * [6fb8e25] Adding d/p/14_check_curl_fix_SSL_with_multiple_IPs from upstream diff --git a/debian/patches/22_check_disk_avoid_mount b/debian/patches/22_check_disk_avoid_mount new file mode 100644 index 000..49a7113 --- /dev/null +++ b/debian/patches/22_check_disk_avoid_mount @@ -0,0 +1,47 @@ +From 0dd11100aa92bab172293ec9615a8a56b0e35ee6 Mon Sep 17 00:00:00 2001 +From: Stefan Taferner +Date: Wed, 10 May 2023 19:28:05 +0200 +Subject: [PATCH] avoid mounting when searching for matching mount points + +--- + lib/utils_disk.c | 17 + + 1 file changed, 9 insertions(+), 8 deletions(-) + +diff --git a/lib/utils_disk.c b/lib/utils_disk.c +index 468769b19..582d3ea17 100644 +--- a/lib/utils_disk.c b/lib/utils_disk.c +@@ -147,24 +147,25 @@ np_set_best_match(struct parameter_list *desired, struct mount_entry *mount_list + + /* set best match if path name exactly matches a mounted device name */ + for (me = mount_list; me; me = me->me_next) { +- if (get_fs_usage(me->me_mountdir, me->me_devname, ) < 0) +-continue; /* skip if permissions do not suffice for accessing device */ +-if (strcmp(me->me_devname, d->name)==0) +- best_match = me; ++if (strcmp(me->me_devname, d->name)==0) { ++ if (get_fs_usage(me->me_mountdir, me->me_devname, ) >= 0) { ++best_match = me; ++ } ++} + } + + /* set best match by directory name if no match was found by devname */ + if (! best_match) { + for (me = mount_list; me; me = me->me_next) { +-if (get_fs_usage(me->me_mountdir, me->me_devname, ) < 0) +- continue; /* skip if permissions do not suffice for accessing device */ + size_t len = strlen (me->me_mountdir); + if ((exact == FALSE && (best_match_len <= len && len <= name_len && + (len == 1 || strncmp (me->me_mountdir, d->name, len) == 0))) + || (exact == TRUE && strcmp(me->me_mountdir, d->name)==0)) + { +-best_match = me; +-best_match_len = len; ++if (get_fs_usage(me->me_mountdir, me->me_devname, ) >= 0) { ++ best_match = me; ++ best_match_len = len; ++} + } + } + } diff --git a/debian/patches/series b/debian/patches/series index ae89285..b024b25 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -8,3 +8,4 @@ 14_check_curl_fix_SSL_with_multiple_IPs 15_check_swap_remove_includes 16_check_snmp_disable_multiplier_when_unused +22_check_disk_avoid_mount
Bug#1051553: ITP: lib25519 -- X25519/Ed25519 microlibrary
> > Great! > > I have created it -- can you push everything there, and I will do a > review via a merge request to that repository? > Ready for the review: Note: - currently all ASM implementations are disabled, so that we don't have a problem with a reproducible-build/symbols/PIC/etc... in the first phase Jan
Bug#1051553: ITP: lib25519 -- X25519/Ed25519 microlibrary
> I would be happy to help review, co-maintain and upload this package. Great, thank You. First prototype for review: 'https://salsa.debian.org/janmojzis/lib25519' if it's ok can you please create 'salsa.debian.org/debian/lib25519 <http://salsa.debian.org/debian/lib25519>', I will move it there. Currently without autopkgtest, I will add it when librandombytes package arrives in unstable. Thanks Jan
Bug#1051553: ITP: lib25519 -- X25519/Ed25519 microlibrary
Package: wnpp Severity: wishlist Owner: Jan Mojzis X-Debbugs-Cc: debian-de...@lists.debian.org * Package name: lix25519 Version : 20230630 Upstream Authort: Daniel J. Bernstein * URL : https://lib25519.cr.yp.to/ * License : LicenseRef-PD-hp OR CC0-1.0 OR 0BSD OR MIT-0 OR MIT Programming Lang: C Description : X25519 microlibrary lib25519 is a microlibrary for the X25519 encryption system and the Ed25519 signature system, both of which use the Curve25519 elliptic curve. Curve25519 is the fastest curve in TLS 1.3, and the only curve in Wireguard, Signal, and many other applications (see Nicolai Brown's page https://ianix.com/pub/curve25519-deployment.html). lib25519 has a very simple stateless API based on the SUPERCOP API, with wire-format inputs and outputs, providing functions that directly match the central cryptographic operations in X25519 and Ed25519: lib25519_dh_keypair(pk,sk): X25519 key generation lib25519_dh(k,pk,sk): shared-secret generation lib25519_sign_keypair(pk,sk): Ed25519 key generation lib25519_sign(sm,,m,mlen,sk): signing lib25519_sign_open(m,,sm,smlen,pk): verification + message recovery Internally, lib25519 includes implementations designed for performance on various CPUs, implementations designed to work portably across CPUs, and automatic run-time selection of implementations. lib25519 is intended to be called by larger multi-function libraries, including libraries in other languages via FFI. The idea is that lib25519 will take responsibility for the details of X25519/Ed25519 computation, including optimization, timing-attack protection, and eventually verification, freeing up the calling libraries to concentrate on application-specific needs such as protocol integration. Applications can also call lib25519 directly. I'm using this library and I'm going to maintain using https://salsa.debian.org/ I need sponsor for the first upload (I'm DM).
Bug#1051326: systemsettings: A lot of icons are just black squares
Package: systemsettings Version: 4:5.27.7-1 Severity: important Dear Maintainer, opening systemsettings while running gnome-shell most of the interface is just black squares. The Appearance tab is completly empty. This also results in black squares in ohter Qt based applications like kdenlive. Opening systemsettings in a temrinal I get some errors that might be relevant: QSocketNotifier: Can only be used with threads started with QThread kf.kirigami: Failed to find a Kirigami platform plugin file:///usr/lib/x86_64-linux-gnu/qt5/qml/org/kde/kirigami.2/ScrollablePage.qml:200:9: QML MouseArea: Binding loop detected for property "width" file:///usr/lib/x86_64-linux-gnu/qt5/qml/org/kde/kirigami.2/ScrollablePage.qml:200:9: QML MouseArea: Binding loop detected for property "width" kf.kirigami: Failed to find a Kirigami platform plugin QSGTextureAtlas: texture atlas allocation failed, code=501 QSGTextureAtlas: texture atlas allocation failed, code=501 qt.qpa.wayland: Wayland does not support QWindow::requestActivate() org.kde.kf5.kwindowsystem.kwayland: This compositor does not support the Shadow interface -- System Information: Debian Release: trixie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 6.5.0-0-amd64 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages systemsettings depends on: ii kio 5.107.0-1 ii kpackagetool5 5.107.0-1 ii libc6 2.37-7 ii libkf5activities5 5.107.0-1 ii libkf5auth5 5.107.0-1 ii libkf5authcore5 5.107.0-1 ii libkf5completion5 5.107.0-1 ii libkf5configcore5 5.107.0-1 ii libkf5configgui55.107.0-1 ii libkf5configwidgets55.107.0-2 ii libkf5coreaddons5 5.107.0-1 ii libkf5crash55.107.0-1 ii libkf5dbusaddons5 5.107.0-1 ii libkf5i18n5 5.107.0-1+b1 ii libkf5iconthemes5 5.107.0-1+b1 ii libkf5itemmodels5 5.107.0-1 ii libkf5itemviews55.107.0-1 ii libkf5kcmutils5 5.107.0-2 ii libkf5kiocore5 5.107.0-1 ii libkf5kiogui5 5.107.0-1 ii libkf5kiowidgets5 5.107.0-1 ii libkf5kirigami2-5 5.107.0-1+b1 ii libkf5notifications55.107.0-1 ii libkf5package5 5.107.0-1 ii libkf5runner5 5.107.0-1 ii libkf5service-bin 5.107.0-1 ii libkf5service5 5.107.0-1 ii libkf5widgetsaddons55.107.0-1 ii libkf5windowsystem5 5.107.0-1 ii libkf5xmlgui5 5.107.0-1+b1 ii libkworkspace5-54:5.27.7-2 ii libqt5core5a5.15.10+dfsg-3 ii libqt5gui5 5.15.10+dfsg-3 ii libqt5qml5 5.15.10+dfsg-2 ii libqt5quick5-gles 5.15.10+dfsg-2 ii libqt5quickwidgets5 5.15.10+dfsg-2 ii libqt5widgets5 5.15.10+dfsg-3 ii libstdc++6 13.2.0-3 ii qml-module-org-kde-kcm 5.107.0-1 ii qml-module-org-kde-kcmutils 5.107.0-2 ii qml-module-org-kde-kirigami25.107.0-1+b1 ii qml-module-org-kde-kitemmodels 5.107.0-1 ii qml-module-org-kde-newstuff 5.107.0-1 ii qml-module-qtquick-controls 5.15.10-2 ii qml-module-qtquick-layouts 5.15.10+dfsg-2 ii qml-module-qtquick-shapes 5.15.10+dfsg-2 ii qml-module-qtquick2 5.15.10+dfsg-2 systemsettings recommends no packages. systemsettings suggests no packages. -- no debconf information
Bug#998834: Multiple subsystem options in sshd_config prevent sshd from starting
Hi, Am 09.05.23 um 09:43 schrieb Jan Wagner: https://bugzilla.mindrot.org/attachment.cgi?id=3591=diff==1=raw has a patch for this what needs to happen to raise the chance to get that integrated? It's super annoying to work around this and (re)integrate this back after every dist upgrade. If Debian wants to be user friedly this is a feature which might underline it. If there is anything I can help to move things forward, please let me know and I will try my best to do so. Many thanks, Jan
Bug#1050186: [Pkg-nginx-maintainers] Bug#1050186: Bug#1050186: Bug#1050186: libnginx-mod-http-lua: depends on obsolete pcre3 library
> https://github.com/swananan/lua-resty-core/tree/support_pcre2 uploaded: 0.1.27-2~exp1 > https://github.com/swananan/lua-nginx-module/commits/support_pcre2 uploaded: 1:0.10.25-2~exp2 > https://github.com/swananan/stream-lua-nginx-module/commits/support_pcre2 not in debian
Bug#1050186: [Pkg-nginx-maintainers] Bug#1050186: Bug#1050186: libnginx-mod-http-lua: depends on obsolete pcre3 library
Hi, I've uploaded experimental version with the PCRE2 patch included 1:0.10.25-2~exp1 to the experimental. Jan On Tue, 29 Aug 2023 15:50:52 +0200 =?UTF-8?B?SsOpcsOpbXkgTGFs?= wrote: > Le mar. 29 août 2023 à 15:43, Thomas Ward a écrit : > > > I apoligize I was thinking Lua deps not PCRE. > > > > However, I did more digging. OpenResty has been on NGINX cofe version > > 1.21.4 for the longest time. They do not have PCRE2 support in their > > system. As this is an OpenResty-originating module the 4th requirement as > > stated in the linked GitHub issue is not met. > > > > I would not be so sure that "next update" will have a fix if OpenResty > > core does not support PRCE2 (1.21.5 nginx introduced PCRE2 core > > requirement/build fixes, OpenResty never inccuded that). The reason PCRE3 > > is still used here in the Lua module is the custom workaround of mixing > > PCRE2 nginx and PCRE3 Lua which use different build flags at compile time > > with the linking options. > > > > Therefore, we need to not make assumptions and watch this closely. If > > there is not movement in a reasonable time period, then we may have to drop > > this module from Debian due to PCRE3 being obsolete. > > > > Actually, openresty has started supporting nginx 1.25.1 recently: > > [feature: upgrade nginx core to 1.25.1 which supports HTTP3]( > https://github.com/openresty/openresty/commit/6278b1aeae0593b17d3143aeb60a216f73b6bb1d)[feature: > [upgrade nginx core to 1.25.1]( > https://github.com/openresty/stream-lua-nginx-module/commit/d48f057f18eb1f33123bf62be49c735c5cb98f16 > ) > [upgrade nginx core to 1.25.1]( > https://github.com/openresty/lua-nginx-module/commit/e69fd3de281f31804857aa6dc0b8e79055716138 > ) > > > > > Considering the work of the author of these patches, I'd be surprised if it > wasn't finished soon (right now, only stream-lua-nginx has no support for > pcre2).
Bug#1050531: ITP: libmceliece -- Classic McEliece microlibrary
Package: wnpp Severity: wishlist Owner: Jan Mojzis X-Debbugs-Cc: debian-de...@lists.debian.org * Package name: libmceliece Version : 20230612 Upstream Authort: Daniel J. Bernstein * URL : https://lib.mceliece.org * License : CC0 Programming Lang: C Description : Classic McEliece microlibrary libmceliece is a Classic McEliece microlibrary. libmceliece has a very simple stateless API based on the SUPERCOP API, with wire-format inputs and outputs, providing functions that directly match the KEM operations provided by Classic McEliece, such as functions mceliece6960119_keypair mceliece6960119_enc mceliece6960119_dec for the mceliece6960119 KEM. Internally, libmceliece is based on the official Classic McEliece software, specifically the vec implementation (designed to work portably across CPUs) and he avx implementation (designed for higher performance on Intel/AMD CPUs with AVX2 instructions). libmceliece includes automatic run-time selection of implementations. libmceliece is intended to be called by larger multi-function libraries (such as traditional cryptographic libraries), including libraries in other languages via FFI. The idea is that libmceliece takes responsibility for the details of Classic McEliece computation, including optimization, timing-attack protection, and (in ongoing work) verification, freeing up the calling libraries to concentrate on application-specific needs such as protocol integration. Applications can also call libmceliece directly. I'm using this library and I'm going to maintain using https://salsa.debian.org/ I need sponsor for the first upload (I'm DM).
Bug#1050098: systemd: Using systemd-networkd as DHCP server static leases are ignored
Package: systemd Version: 252.12-1~deb12u1 Severity: normal X-Debbugs-Cc: j...@dorniak.me Dear Maintainer, Using two Bookworm systems, one as a DHCP server, one as a DHCP client. The server does not respect static leases. The issue has been fixed in systemd 254. For description, see: https://github.com/systemd/systemd/issues/21368 For the patch, see: https://github.com/systemd/systemd/pull/27313 Jan -- Package-specific info: -- System Information: Debian Release: 12.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.15.108-1-pve (SMP w/32 CPU threads) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages systemd depends on: ii libacl12.3.1-3 ii libaudit1 1:3.0.9-1 ii libblkid1 2.38.1-5+b1 ii libc6 2.36-9+deb12u1 ii libcap21:2.66-4 ii libcryptsetup122:2.6.1-4~deb12u1 ii libfdisk1 2.38.1-5+b1 ii libgcrypt201.10.1-3 ii libkmod2 30+20221128-1 ii liblz4-1 1.9.4-1 ii liblzma5 5.4.1-0.2 ii libmount1 2.38.1-5+b1 ii libp11-kit00.24.1-2 ii libseccomp22.5.4-1+b3 ii libselinux13.4-1+b6 ii libssl33.0.9-1 ii libsystemd-shared 252.12-1~deb12u1 ii libsystemd0252.12-1~deb12u1 ii libzstd1 1.5.4+dfsg2-5 ii mount 2.38.1-5+b1 Versions of packages systemd recommends: ii dbus [default-dbus-system-bus] 1.14.8-2~deb12u1 ii systemd-timesyncd [time-daemon] 252.12-1~deb12u1 Versions of packages systemd suggests: ii libfido2-1 1.12.0-2+b1 pn libqrencode4 pn libtss2-esys-3.0.2-0 pn libtss2-mu0 pn libtss2-rc0 pn polkitd | policykit-1 pn systemd-boot pn systemd-container pn systemd-homed pn systemd-resolved pn systemd-userdbd Versions of packages systemd is related to: pn dbus-user-session pn dracut pn initramfs-tools ii libnss-systemd 252.12-1~deb12u1 ii libpam-systemd 252.12-1~deb12u1 ii udev 252.12-1~deb12u1 -- no debconf information
Bug#1050038: foomuuri: Package does not include any documentation
Package: foomuuri Version: 0.19-2~bpo12+1 Severity: wishlist X-Debbugs-Cc: janpr...@gmail.com Dear Maintainer, Package does not include any documentation inside /usr/share/doc/foomuuri/ . Creating a file with mentioning (pointing to) the package official wiki would be usefull. https://github.com/FoobarOy/foomuuri/wiki/ Best regards, Jan -- System Information: Debian Release: 12.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-11-amd64 (SMP w/4 CPU threads; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages foomuuri depends on: ii nftables 1.0.6-2+deb12u1 ii python3 3.11.2-1+b1 ii python3-dbus 1.3.2-4+b1 ii python3-gi3.42.2-3+b1 ii python3-requests 2.28.1+dfsg-1 ii python3-systemd 235-1+b2 Versions of packages foomuuri recommends: ii fping 5.1-1 Versions of packages foomuuri suggests: ii foomuuri-firewalld 0.19-2~bpo12+1 -- no debconf information
Bug#1049350: virtualbox-dkms: DKMS cannot build the module with Linux kernel 6.4.10 (and perhaps higher 6.4.x)
Package: virtualbox-dkms Version: 7.0.10-dfsg-2 Severity: important Tags: patch X-Debbugs-Cc: j...@ucw.cz Dear Maintainer, including is required for DKMS to compile /usr/src/virtualbox-7.0.10/vboxnetflt/linux/VBoxNetFlt-linux.c against the 6.4.10 linux kernel. Since this was handled correctly for 6.5.x kernel, the following patch seems rather straightforward: 50c50 < #if RTLNX_VER_MIN(6,5,0) --- > #if RTLNX_VER_MIN(6,4,10) Cheers, Jan -- System Information: Debian Release: trixie/sid APT prefers experimental APT policy: (800, 'experimental'), (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.4.7-x64v4-xanmod1 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_CPU_OUT_OF_SPEC, TAINT_USER Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages virtualbox-dkms depends on: ii dkms 3.0.11-3 Versions of packages virtualbox-dkms recommends: ii virtualbox 7.0.10-dfsg-2 virtualbox-dkms suggests no packages. -- no debconf information 50c50 < #if RTLNX_VER_MIN(6,5,0) --- > #if RTLNX_VER_MIN(6,4,10)
Bug#1043458: libhttp-parser-dev multi-arch hints
Package: libhttp-parser-dev Version: 2.9.4-5 Hi! Different arch flavors of libhttp-parser-dev can not be co-installed - this would be convenient for unified cross-compilation environments. Can you please add the Multi-Arch hints to the debian/control file. This has already been reported by the 'multiarch hinter' back in 2016. Multiarch hinter reports 1 issue(s)normal There are issues with the multiarch metadata for this package. libhttp-parser-dev could be marked Multi-Arch: same Thank you -- Smets Jan j...@smets.cx
Bug#1029435: The describes bug is fixed
Dear Maintainers, the aformentioned bug is fixed as of linux-image-amd64 6.1.38-1. Thanks a lot! Best regards Jan
Bug#1042975: libnspr4-dev multi arch co-install
Package: nspr Version: 2:4.35-1.1 Hi! Different arch flavors of libnspr4-dev can not be co-installed. Please add the Multi-Arch: same hints to the debian/control file Also, nspr-config - which is a shell script - contains the library path - making it different. if test -z "$libdir"; then libdir=/usr/lib/x86_64-linux-gnu fi This can be dynamically queried from dpkg-architecture -qDEB_HOST_MULTIARCH Much appreciated. Thank you -- Smets Jan j...@smets.cx
Bug#1042944: libboost multi-arch hints
Package: boost1.81 Version: 1.81.0-6 Hi Can you please add the multi-arch hints on to (-dev) packages, so these can be co-installed for multi-arch development/cross compiling. I'm specifically requesting libboost-python1.81(-dev) The multi-arch hints can go here: https://salsa.debian.org/debian/boost/-/blob/1.81.0/debian/control#L1074 https://salsa.debian.org/debian/boost/-/blob/1.81.0/debian/control#L1099 The content of the libboost-python1.81(-dev) arm64/amd64 packages does not conflict. These problems were also detected by the Multi Arch Hinter Multiarch hinter reports 5 issue(s)normal There are issues with the multiarch metadata for this package. libboost1.81-doc could be marked Multi-Arch: foreign libboost-log1.81.0 could be marked Multi-Arch: same libboost-mpi1.81.0 could be marked Multi-Arch: same libboost-nowide1.81.0 could be marked Multi-Arch: same libboost-python1.81.0 could be marked Multi-Arch: same Thank you -- Smets Jan j...@smets.cx
Bug#1042106: Regression: CONFIG_VIDEO_V4L2_SUBDEV_API=y not present anymore, was present in 6.3.0-2
Source: linux Version: 6.4.0-1 Severity: normal Dear Maintainer, as of 6.4.0-1, the kernel is missing the previously enabled config CONFIG_VIDEO_V4L2_SUBDEV_API=y which is needed for some webcams on Intel Alder Lake laptops. Please enable this config option again. -- System Information: Debian Release: trixie/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.4.0-1-amd64 (SMP w/16 CPU threads; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Bug#1041611: dmidecode --dump-bin segfaults
Package: dmidecode Version: 3.5-1 Hi, dmidecode --dump-bin segfaults on 64-bit architectures because does not provide a declaration for fdopen() in ANSI mode, so the returned pointer is implicitly truncated to int: [...] x86_64-linux-gnu-gcc -g -O2 -ffile-prefix-map=/tmp/dmidecode-3.5=. -fstack-protector-strong -Wformat -Werror=format-security -fPIE -Wdate-time -D_FORTIFY_SOURCE=2 -Os -ansi -c dmidecode.c -o dmidecode.o dmidecode.c: In function ‘dmi_table_dump’: dmidecode.c:5427:11: warning: assignment to ‘FILE *’ from ‘int’ makes pointer from integer without a cast [-Wint-conversion] 5427 | f = fdopen(fd, "wb"); | ^ [...] Cheers, Jan
Bug#1040898: tp-smapi-dkms: Update to support Kernel 6.4+
Package: tp-smapi-dkms Version: 0.43-3 Severity: critical Justification: breaks unrelated software X-Debbugs-Cc: j...@ucw.cz Dear Maintainer, DKMS fails to compile the module with the 6.4 kernels; see https://github.com/linux-thinkpad/tp_smapi, and the patch https://github.com/linux-thinkpad/tp_smapi/commit/0c3398b1acf2a2cabd9cee91dc3fe3d35805fa8b Jan -- System Information: Debian Release: trixie/sid APT prefers experimental APT policy: (800, 'experimental'), (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.3.12-x64v4-xanmod1 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_USER, TAINT_WARN Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages tp-smapi-dkms depends on: ii dkms 3.0.11-3 tp-smapi-dkms recommends no packages. tp-smapi-dkms suggests no packages. -- no debconf information
Bug#1039913: Please add hook for self-signing systemd-boot after upgrade
Package: systemd-boot Version: 253-4 Severity: minor Dear maintainers, the systemd-boot package calls `bootctl update` after the upgrade of the package. Therefore, it overwrites the currently installed systemd-boot image (which could be signed for secure boot with a local key) on the ESP with a new, but unsigned image. Could you please add a hook to the postinst that either a local script can be called on installation time which takes care of signing the image (similar to the `/etc/kernel/postinst.d/ mechamism) or add some call to `sbsign` yourself if e.g. the signing key is available at a specific path. Thank you very much in advance Jan Naumann -- System Information: Debian Release: trixie/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.3.0-1-amd64 (SMP w/8 CPU threads; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages systemd-boot depends on: ii libc6 2.36-9 ii libsystemd-shared 253-4 ii systemd-boot-efi 253-4 Versions of packages systemd-boot recommends: ii efibootmgr 17-2 systemd-boot suggests no packages. -- no debconf information
Bug#1039741: libapache-poi-java: reproducible builds: timezone-specific timestamp in poi.jar
On Wed, 2023-06-28 13:34:31 -0700, Vagrant Cascadian wrote: > diff --git a/debian/rules b/debian/rules > index c94adb7..9ddad46 100755 > --- a/debian/rules > +++ b/debian/rules > @@ -10,7 +10,7 @@ VERSION := $(shell echo $(DEB_VERSION_UPSTREAM) | sed > 's/+dfsg//') > dh $@ --with maven-repo-helper --with javahelper > > override_dh_auto_build: > - dh_auto_build -- -Dversion.id=$(VERSION) -DDSTAMP=$(shell date > '--date=@$(SOURCE_DATE_EPOCH)' +%Y%m%d) jar maven-poms javadocs > + dh_auto_build -- -Dversion.id=$(VERSION) -DDSTAMP=$(shell date '--utc > --date=@$(SOURCE_DATE_EPOCH)' +%Y%m%d) jar maven-poms javadocs > > override_dh_auto_test: > ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS))) IMHO the `--utc` is misplaced within the `--date` quoting. MfG, JBG -- signature.asc Description: PGP signature
Bug#1038385: linux-image-amd64: Please enable CONFIG_INTEL_SKL_INT3472 for the Intel Skylake power controller
Package: linux-image-amd64 Version: 6.3.7-1 Severity: wishlist Dear Maintainer, please set CONFIG_INTEL_SKL_INT3472=m to build the intel-skl-int3472 module. This module is necessary to use some cameras built into Intel Skylake laptops. -- System Information: Debian Release: trixie/sid APT prefers stable-security APT policy: (500, 'stable-security'), (500, 'unstable'), (500, 'stable'), (500, 'oldstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.3.0-1-amd64 (SMP w/16 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages linux-image-amd64 depends on: ii linux-image-6.3.0-1-amd64 6.3.7-1 linux-image-amd64 recommends no packages. linux-image-amd64 suggests no packages. -- no debconf information
Bug#1038264: wmusic: fails to display remaining time for songs longer than 35 minutes
Package: wmusic Version: 2.1.0-2 Severity: normal Dear Maintainer, When I play a song that's longer than 35 minutes, the remaining time indicator fails to display correctly. This is because it overflows the length field. Attached is a patch to fix the bug. Thank you, Jan Hasebos = 64c64 < void DrawTime(int time); --- > void DrawTime(gint64 time); 601c601,602 < int time = 0, length = 0, position = 100; --- > gint64 time = 0, length = 0; > int position = 100; 641c642 < length = atoi(length_str); --- > length = g_ascii_strtoll(length_str, NULL, 10); 695c696 < void DrawTime(int time) --- > void DrawTime(gint64 time) 710c711 < sprintf(timestr, "%02d%02d", time / 60, time % 60); --- > sprintf(timestr, "%02" G_GINT64_FORMAT "%02" G_GINT64_FORMAT, > time / 60, time % 60); 714c715 < sprintf(timestr, "%02d%02d", time / 3600, --- > sprintf(timestr, "%02" G_GINT64_FORMAT "%02" > G_GINT64_FORMAT, time / 3600, = -- System Information: Debian Release: trixie/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.1.0-9-amd64 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_DK.UTF-8, LC_CTYPE=en_DK.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages wmusic depends on: ii libc6 2.36-9 ii libdockapp31:0.7.3-2+b1 ii libglib2.0-0 2.74.6-2 ii libplayerctl2 2.4.1-2 ii libx11-6 2:1.8.4-2 wmusic recommends no packages. wmusic suggests no packages. -- no debconf information
Bug#1037450: procps: [pgrep] [regression]: >15 characters warning when long regex doesn't match
Craig Small schrob: > I'm thinking of adding a quick and dirty check for a regex. A very quick > set of characters to say "this is a regex" and suppress the warning. > The first idea is just look for a '[' or a '|'. I think that covers most > simple conditions. I'm not looking for some sort odd corner cases, just the > main ones. I agree. | and [ should catch the vast majority of regexes already, and you'll always be able to add [] around a literal char just to disable the warning in the remaining cases. > I'm not even going to bother with checking if the regex is too long (e.g. > somethingverylonghere|somethingelsethatisverylong) because this is a simple > check. Yes, you'd go mad trying to figure out things like something(verylonghere|elsethatislong) anyway. Better to just assume that people writing regexes know (or test) what they're matching. cheers, Jan signature.asc Description: PGP signature
Bug#1037450: procps: [pgrep] [regression]: >15 characters warning when long regex doesn't match
Package: procps Version: 2:4.0.3-1 Severity: normal Dear Maintainer, Bug #896062 has come back from the grave: | $ pgrep "something|otherthing" | pgrep: pattern that searches for process name longer than 15 characters will result in zero matches | Try `pgrep -f' option to match against the complete command line. | $ Note *the regex* is longer than 15 chars, what gets matched is shorter. The 2018 fix was "new kernels have 64 char process names anyway", so I'm surprised to see that I'm having process names limited to 15 chars in 2023. But regardless of the actual limit, the warning is bogus. See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896062 for full rationale; everything there applies again, including my offer to help. Thank you for maintaining procps, Jan -- System Information: Debian Release: 12.0 APT prefers stable-debug APT policy: (800, 'stable-debug'), (800, 'stable'), (650, 'testing-debug'), (650, 'testing'), (550, 'unstable'), (10, 'experimental') Architecture: armel (armv5tel) Kernel: Linux 6.1.0-9-marvell (UP) Locale: LANG=C.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: runit (via /run/runit.stopit) Versions of packages procps depends on: ii init-system-helpers 1.65.2 ii libc62.36-9 ii libncursesw6 6.4-4 ii libproc2-0 2:4.0.3-1 ii libtinfo66.4-4 Versions of packages procps recommends: ii psmisc 23.6-1 procps suggests no packages. -- no debconf information signature.asc Description: PGP signature
Bug#1037015: MOZ_APP_REMOTINGNAME should contain lowercase firefox-esr to have correct window icons with MOZ_ENABLE_WAYLAND=1 on KDE Wayland
Package: firefox-esr Version: 102.11.0esr-1 Debian's MOZ_APP_REMOTINGNAME is Firefox-esr, it should be lowercase firefox-esr as it is in builds from https://download.mozilla.org/?product=firefox-esr-latest-ssl=linux64. MOZ_APP_REMOTINGNAME must match - MOZ_APP_REMOTINGNAME.desktop to avoid https://bugzilla.mozilla.org/show_bug.cgi?id=1826330 on KDE Wayland - StartupWMClass=MOZ_APP_REMOTINGNAME $ cat /usr/share/applications/firefox-esr.desktop | grep StartupWMClass > StartupWMClass=Firefox-esr Wayland: $ WAYLAND_DEBUG=1 MOZ_ENABLE_WAYLAND=1 firefox-esr |& grep 'xdg_toplevel@[0-9]\+\.set_app_id' > [ 947103.838] -> xdg_toplevel@43.set_app_id("Firefox-esr") About/Downloads/bookmarks windows have a wrong window icon (the Wayland W icon). With browser.tabs.inTitlebar=0, the main window has a wrong icon as well. X11 / Xwayland: When the cursor becomes a "+", click on Firefox' window: $ firefox-esr & xprop WM_CLASS > WM_CLASS(STRING) = "Navigator", "Firefox-esr" Proposed fix: https://salsa.debian.org/mozilla-team/firefox/-/blob/b2698cd93ded2aa17bb6a2756ee85f015b63dbe8/debian/rules#L76 > export MOZ_APP_REMOTINGNAME := $(call uc_first,$($(PRODUCT))) I assume MOZ_APP_REMOTINGNAME needs to become PRODUCT, without uc_first. MOZ_APP_REMOTINGNAME is used by Firefox to call `g_set_prgname(gAppData->remotingName);` for correct window icon and grouping on Wayland (it can be overridden with --name argument) to call `gdk_set_program_class(gAppData->remotingName);` for correct window grouping on X11 (it can be overriden with --class argument) And https://salsa.debian.org/mozilla-team/firefox/-/blob/b2698cd93ded2aa17bb6a2756ee85f015b63dbe8/debian/browser.desktop.in#L103 > StartupWMClass=@MOZ_APP_REMOTINGNAME@ can become StartupWMClass=@browser@ Offtopic, but further fixes for the .desktop file: You can use the longer MimeType string from Mozilla's Nightly debian package (https://bugzilla.mozilla.org/show_bug.cgi?id=1836205#c3) to fix https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031041. "MimeType" doesn't change default apps and its order doesn't matter (https://specifications.freedesktop.org/desktop-entry-spec/desktop-entry-spec-latest.html#mime-types). You could also adopt "Actions" (plus "Desktop Action"s) and translations from it.
Bug#1036870: sane-backends: Please update .tarball-version
Source: sane-backends Version: 1.2.1-2 Severity: minor Dear Maintainer, please consider updating the .tarball-version file that 0040-remove_git.patch creates to accurately reflect the version of the source code. The version in that file does show up in debug traces. -- System Information: Debian Release: 12.0 APT prefers testing-security APT policy: (500, 'testing-security'), (500, 'unstable'), (500, 'testing'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.1.25+ (SMP w/16 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Bug#998834: Multiple subsystem options in sshd_config prevent sshd from starting
tags 998834 + patch thanks https://bugzilla.mindrot.org/attachment.cgi?id=3591=diff==1=raw has a patch for this
Bug#1035759: RFA: sniproxy -- Transparent TLS and HTTP layer 4 proxy with SNI support
Package: wnpp Severity: normal X-Debbugs-Cc: snipr...@packages.debian.org Control: affects -1 + src:sniproxy I request an adopter for the sniproxy package. The package description is: Proxies incoming HTTP and TLS connections based on the hostname contained in the initial request of the TCP session. This enables HTTPS name-based virtual hosting to separate backend servers without installing the private key on the proxy machine.
Bug#1035424: saods9: Connection to catalogs is not working
Package: saods9 Version: 8.2+repack-2 Severity: normal X-Debbugs-Cc: str...@asu.cas.cz Dear Maintainer, The ds9 has problems connecting to the catalogs. Reproduce it by opening a fits file with a valid WCS, then use Analysis->Catalogs->Optical->Tycho-2 (or any other catalog). The newly opened window claims "Status Loading", but nothing really happens. If you then hit the "Cancel" or "Close" button, the pop-up will appear with the message 'An internal error has been detected invalid command name "xml::parser"'. Exactly the same happens when trying to use the "Name resolution" functionality (Analysis->Name Resolution). The problem is related to all versions in Debian and Ubuntu as well. However, the binary version at the author's site (https://sites.google.com/cfa.harvard.edu/saoimageds9/download) doesn't suffer from this problem. My guess - maybe there is a bug in compilation or missing dependency? Cheers, Jan Strobl. -- System Information: Debian Release: 11.7 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-0.deb11.6-amd64 (SMP w/16 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages saods9 depends on: ii libtk-img 1:1.4.13+dfsg-1 ii tcl-awthemes 10.2.0-1 ii tcl-signal 1.4.4-1 ii tcl-tls1.7.22-2 ii tcl-ttkthemes 3.2.0-1 ii tcl-xpa2.1.20-1 ii tclfitsy 8.2+repack-2 ii tcliis 8.2+repack-2 ii tcllib 1.20+dfsg-1 ii tclxml 1:3.2.7-5 ii tk 8.6.11+1 ii tk-html1 1.04-2 ii tk-mpeg1.0.9-1 ii tk-table 2.10.6-1 ii tkblt 3.2.23-1 ii tkcon 2:2.7.3-1 ii tksao 8.2+repack-2 Versions of packages saods9 recommends: ii saods9-doc 8.2+repack-2 Versions of packages saods9 suggests: pn python3-pyds9 pn xpa-tools -- no debconf information
Bug#1034871: podman: "sudo podman system reset" can delete current working directory
Package: podman Version: 4.3.1+ds1-6+b2 Severity: normal Tags: newcomer X-Debbugs-Cc: deb...@jfarr.cc Dear Maintainer, if /etc/containers/storage.conf does not include the runRoot variable, then running "sudo podman system reset" will delete the current working directory. This is already fixed in upstream, I hope this can be backported and included in Debian 12. upstream issue: https://github.com/containers/podman/issues/18349 upstream fix: https://github.com/containers/storage/pull/1510 Including this fix in Debian 12 has a really low chance of affecting other packages, but if this fix is not included there will inevitably be more people like me that accidentally remove their home directory. With kind regards Jan -- System Information: Debian Release: 12.0 APT prefers testing-security APT policy: (500, 'testing-security'), (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 6.2.11 (SMP w/4 CPU threads; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages podman depends on: ii conmon 2.1.6+ds1-1 ii crun 1.8.1-1+b1 ii golang-github-containers-common 0.50.1+ds1-4 ii libc62.36-9 ii libdevmapper1.02.1 2:1.02.185-2 ii libgpgme11 1.18.0-3+b1 ii libseccomp2 2.5.4-1+b3 ii libsubid41:4.13+dfsg1-1+b1 ii runc 1.1.5+ds1-1+b1 Versions of packages podman recommends: ii buildah1.28.2+ds1-1+b2 ii catatonit 0.1.7-1+b1 ii dbus-user-session 1.14.6-1 ii fuse-overlayfs 1.10-1 ii slirp4netns1.2.0-1 ii tini 0.19.0-1 ii uidmap 1:4.13+dfsg1-1+b1 Versions of packages podman suggests: pn containers-storage pn docker-compose ii iptables1.8.9-2 -- no debconf information
Bug#1034781: [Pkg-nagios-devel] Bug#1034781: monitoring-plugins-contrib: Dependency 'bc' missing for check_ssl_cert
Hi Johannes, Am 24.04.23 um 13:10 schrieb Drexl Johannes: since a couple of versions check_ssl_cert uses bc to calculate floating point values. The commit was https://github.com/matteocorti/check_ssl_cert/commit/6bedeb49bd1523a1d90adeb3ef21e46b7190aada Hence now bc needs to go from the Recommends section of the package to actually being a dependency: Depends: bc looking into /usr/share/doc/monitoring-plugins-contrib/README.Debian.plugins: Some plugins require additional libraries. To prevent you from having to install dozens of further packages that you don't actually need, there is no strict dependency on those libraries. Rather, they are listed as recommenda-tions or suggestions. apt-get(8) and aptitude(8) will install recommended packages automatically by default. If you did not disable this feature you will have everything in place to operate all plugins when installing the "nagios-plugins-contrib" package. Else you have to install missing dependencies manually (see the section "Plugin dependencies" below). So it's intention that bc is "just" a Recommend. See https://salsa.debian.org/nagios-team/nagios-plugins-contrib/-/commit/013199bb350af8e2a91213ecb1fc168d37405d94 for this. With kind regards, Jan -- Never write mail to , you have been warned! -BEGIN GEEK CODE BLOCK- Version: 3.12 GIT d-@ s+:()>- a+ C$ UL$ P+ L$ !E--- W+++$ N+++ o++ K++ !w---? O M+ !V- PS+ PE Y++ PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y+ --END GEEK CODE BLOCK--
Bug#1034800: lualib5.4 is missing expected symbols
Package: liblua5.4 Version: 5.4.4-3 liblua5.4.so.0.0.0 is not exporting symbols that are expected to be present in Lua 5.4. Some examples: - luaL_addgsub - lua_closeslot - lua_setcstacklimit and likely many more The header file from liblua5.4-dev still define those functions, leading to undefined references.
Bug#1034453: gcc-snaphot: Bad practice for LD_LIBRARY_PATH (and PATH)
Package: gcc-snapshot Hi! Installing the `gcc-snapshot` binary package, there's README.Debian (in the source package, this is README.snapshot), which (in two places) shows how to assign LD_LIBRARY_PATH (and PATH) extended values to allow to use the snapshot compiler. These two assignments are unintendedly wrong. While this usually isn't a problem for PATH (as it is almost always set beforehand), is actually is an issue for LD_LIBRARY_PATH: LD_LIBRARY_PATH=/usr/lib/gcc-snapshot/lib:$LD_LIBRARY_PATH With this assignment, the outcome will usually be LD_LIBRARY_PATH=/usr/lib/gcc-snapshot/lib: which has an empty path component at the end. While, in earlier days, I believed that this would be ignored, it actually expands to the current(!) directory. (With LD_LIBRARY_PATH exported, I had quite a fun time tracking down a build problem when cross-building NetBSD configured for amd64 from a Debian amd64 system. ld.so ended up using freshly built target components from NetBSD to fulfill host tool's library dependencies, but that target lib was then missing NetBSD's libc.) I suggest to change it to: LD_LIBRARY_PATH="/usr/lib/gcc-snapshot/lib${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}" The same principle applies to PATH, but as previous PATH is typically non-empty, this won't probably break in obscure ways. Thanks, Jan-Benedict -- signature.asc Description: PGP signature
Bug#1033439: pre-unblock: monitoring-plugins/2.3.3-5
Hi, Am 27.03.23 um 08:28 schrieb Jan Wagner: here are the upstream fixes, related upstream CI pipelines and issues: while we are at fixing bugs. I'd also like to include https://patch-diff.githubusercontent.com/raw/monitoring-plugins/monitoring-plugins/pull/1850.patch, which fixes https://github.com/monitoring-plugins/monitoring-plugins/issues/1849 (check_snmp: unit removed from check result) https://github.com/monitoring-plugins/monitoring-plugins/actions/runs/4531646296/jobs/7982048943?pr=1850 has a successfull upstream CI test run. Thanks Jan
Bug#1033439: pre-unblock: monitoring-plugins/2.3.3-5
Hi Sebastian, Am 26.03.23 um 19:36 schrieb Sebastian Ramacher: Hi Jan On 2023-03-25 16:58:12 +0100, Jan Wagner wrote: Hi Sebastian, Am 25.03.23 um 10:31 schrieb Sebastian Ramacher: What's the rationale to include these patches? Do they fix bugs reported in the BTS or upstream? upstream I was hoping to get some more details on the bugs and why fixing them warrants an unblock. here are the upstream fixes, related upstream CI pipelines and issues: * [953ee52] Adding d/p/13_check_icmp_improvements from upstream This is https://github.com/monitoring-plugins/monitoring-plugins/pull/1807 which fixes https://github.com/monitoring-plugins/monitoring-plugins/issues/1752. https://github.com/monitoring-plugins/monitoring-plugins/actions/runs/4216517133/jobs/7318393872?pr=1807 has a successfull CI run with running upstream testsuite on Debian testing. * [6fb8e25] Adding d/p/14_check_curl_fix_SSL_with_multiple_IPs from upstream This is https://github.com/monitoring-plugins/monitoring-plugins/pull/1847 which fixes https://github.com/monitoring-plugins/monitoring-plugins/issues/1844. https://github.com/monitoring-plugins/monitoring-plugins/actions/runs/4391896655/jobs/769170?pr=1847 has a successfull CI run with running upstream testsuite on Debian testing. * [eab1e1d] Adding d/p/15_check_swap_remove_includes from upstream This is https://github.com/monitoring-plugins/monitoring-plugins/pull/1854 which fixes https://github.com/monitoring-plugins/monitoring-plugins/issues/1853. https://github.com/monitoring-plugins/monitoring-plugins/actions/runs/4438159520/jobs/7788839977?pr=1854 has a successfull CI run with running upstream testsuite on Debian testing. If you need more information, I'm happy to provide those. With kind regards, Jan
Bug#1033439: pre-unblock: monitoring-plugins/2.3.3-5
Hi Sebastian, Am 25.03.23 um 10:31 schrieb Sebastian Ramacher: What's the rationale to include these patches? Do they fix bugs reported in the BTS or upstream? upstream With kind regards, Jan
Bug#1033439: pre-unblock: monitoring-plugins/2.3.3-5
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: pkg-nagios-de...@lists.alioth.debian.org Control: affects -1 + src:monitoring-plugins Please see these changes for monitoring-plugins. 2.3.3-4 is already uploaded into unstable (containing one fix from upstream) but is blocked due missing autopkgtests. I prepared another upload containing two fixes from upstream, which is not uploaded yet. [ Reason ] This release targets several fixes that should go into bookworm: * [953ee52] Adding d/p/13_check_icmp_improvements from upstream * [6fb8e25] Adding d/p/14_check_curl_fix_SSL_with_multiple_IPs from upstream * [eab1e1d] Adding d/p/15_check_swap_remove_includes from upstream [ Impact ] Included patches fixes regressions from latest upstream release. [ Tests ] Upstream testsuite passes as well as Salsa CI (https://salsa.debian.org/nagios-team/monitoring-plugins/-/pipelines/514242) tests (ignoring the blhc). [ Risks ] The code changes are trivial enough to not expect regressions. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] unblock monitoring-plugins/2.3.3-5diff --git a/debian/changelog b/debian/changelog index caf2e31..c738c88 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,16 @@ +monitoring-plugins (2.3.3-5) unstable; urgency=medium + + * [6fb8e25] Adding d/p/14_check_curl_fix_SSL_with_multiple_IPs from upstream + * [eab1e1d] Adding d/p/15_check_swap_remove_includes from upstream + + -- Jan Wagner Fri, 24 Mar 2023 19:16:16 + + +monitoring-plugins (2.3.3-4) unstable; urgency=medium + + * [953ee52] Adding d/p/13_check_icmp_improvements from upstream + + -- Jan Wagner Tue, 07 Mar 2023 13:29:35 + + monitoring-plugins (2.3.3-3) unstable; urgency=medium * [15d0c56] Adding d/p/12_check_curl_improvements from upstream diff --git a/debian/patches/13_check_icmp_improvements b/debian/patches/13_check_icmp_improvements new file mode 100644 index 000..0eb2748 --- /dev/null +++ b/debian/patches/13_check_icmp_improvements @@ -0,0 +1,200 @@ +From 413af1955538b06803458c628099f1ba9da1966b Mon Sep 17 00:00:00 2001 +From: RincewindsHat <12514511+rincewinds...@users.noreply.github.com> +Date: Fri, 4 Nov 2022 16:51:32 +0100 +Subject: [PATCH 1/5] Remove trailing whitespaces + +--- + plugins-root/check_icmp.c | 24 + 1 file changed, 12 insertions(+), 12 deletions(-) + +diff --git a/plugins-root/check_icmp.c b/plugins-root/check_icmp.c +index f8f153512..abd88c4e7 100644 +--- a/plugins-root/check_icmp.c b/plugins-root/check_icmp.c +@@ -1,39 +1,39 @@ + /* +-* ++* + * Monitoring check_icmp plugin +-* ++* + * License: GPL + * Copyright (c) 2005-2008 Monitoring Plugins Development Team + * Original Author : Andreas Ericsson +-* ++* + * Description: +-* ++* + * This file contains the check_icmp plugin +-* ++* + * Relevant RFC's: 792 (ICMP), 791 (IP) +-* ++* + * This program was modeled somewhat after the check_icmp program, + * which was in turn a hack of fping (www.fping.org) but has been + * completely rewritten since to generate higher precision rta values, + * and support several different modes as well as setting ttl to control. + * redundant routes. The only remainders of fping is currently a few + * function names. +-* +-* ++* ++* + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. +-* ++* + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. +-* ++* + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. +-* +-* ++* ++* + */ + + /* progname may change */ + +From 7d074091dba8c1d4081971bf62e694d0b1a03d41 Mon Sep 17 00:00:00 2001 +From: RincewindsHat <12514511+rincewinds...@users.noreply.github.com> +Date: Fri, 4 Nov 2022 16:53:57 +0100 +Subject: [PATCH 2/5] Remove hardcoded DBL_MAX definition + +--- + plugins-root/check_icmp.c | 4 + 1 file changed, 4 deletions(-) + +diff --git a/plugins-root/check_icmp.c b/plugins-root/check_icmp.c +index abd88c4e7..0d10d22db 100644 +--- a/plugins-root/check_icmp.c b/plugins-root/check_icmp.c +@@ -95,10 +95,6 @@ const char *email = "de...@monitoring-plugins.org"; + # define ICMP_UNREACH_PRECEDENCE_CUTOFF 15 + #endif + +-#ifnde
Bug#1032471: gxemul: non-working TAP networking support
Hi! How about adding the patch I suggested to gxemul's Debian package? That works and makes gxemul _much_ more useable. Thanks, Jan-Benedict -- signature.asc Description: PGP signature
Bug#1033184: AnyMeal: The desktop file is missing an additional category 'Viewer'
On Sun, 19 Mar 2023, Joerg Schiermeier, Bielefeld/Germany wrote: Hello! The desktop file for Linux/Debian (/usr/share/applications/de.wedesoft.anymeal.desktop) is missing the additional category: 'Viewer'. For further information please see the documentation about desktop files here: <https://specifications.freedesktop.org/menu-spec/latest/apas02.html> As a viwer for recipes this additional category should be added. - -- Yours sincerely Joerg Schiermeier Hi, Thanks for reporting the bug. I have fixed it upstream. I guess I need to wait for the end of the freeze before getting it uploaded to unstable. Kind regards Jan
Bug#1032942: ITS: tnetstring3
Hi Bastian! On Tue, Mar 14, 2023 at 02:31:08PM +0100, Bastian Germann wrote: > Source: tnetstring3 > Severity: important > > I am filing this intend to salvage the tnetstring3 package which is > unmaintained. > The ITS is meant to remove the package from the archive when the waiting > period is over. No need to wait: I just reassigned 1028349 to ftp.debian.org, as suggested by you in that ticket. Sorry of not doing it earlier, and causing you additional work. I obviously didn't care enough about that package. In fact I should have removed it when the FTBFS bug was filed half a year ago. Jan
Bug#1032517: [Pkg-nginx-maintainers] Bug#1032517:
Unless we find a better solution, then we will need to rollback the configuration back to nginx-common package.
Bug#516097: [Pkg-nagios-devel] Bug#516097: nagios-plugins-basic: Please implement --ignore-inaccessible: PR request merged.
Hi Hilmar, Am 11.03.23 um 12:16 schrieb Hilmar Preusse: Package: nagios-plugins-basic Version: 2.3.3-4 Followup-For: Bug #516097 Please note that the PR related to the upstream issue was merged to the master branch today so it will be part in one of the next releases. Consider the patch in one of the next uploads. thanks for picking up here. I'm closely monitoring upstream changes and will include this soon. As we are in freeze for bookworm now and this is (just) a new feature, it is very unlikely that it will make into bookworm itself. But I'm planing to upload this short after the release into unstable and will backport it to bookworm-backports as well. Cheers Jan. P.S. Maybe uploads to experimental might happen -- Never write mail to , you have been warned! -BEGIN GEEK CODE BLOCK- Version: 3.12 GIT d-@ s+:()>- a+ C$ UL$ P+ L$ !E--- W+++$ N+++ o++ K++ !w---? O M+ !V- PS+ PE Y++ PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y+ --END GEEK CODE BLOCK--
Bug#1032471: Preliminary patch to fix tap networking under Linux
Hi! As a follow-up, I'm currenrly testing the attached patch. It basically works, but a PMAX configuration running NetBSD won't be responsive on the console during network I/O. However, I think that's not due to this patch, but because limitatiins in the emulation. Will look into this, but this (hackish) patch is at least in the ticket. (I've also sent it to gxemul's author.) MfG, JBG -- diff --git a/src/net/net_tap.c b/src/net/net_tap.c index 188276e..d920695 100644 --- a/src/net/net_tap.c +++ b/src/net/net_tap.c @@ -48,6 +48,11 @@ #include "misc.h" #include "net.h" +#ifdef __linux__ +# include +# include +#endif + /* * net_tap_rx_for_nic(): * @@ -166,7 +171,11 @@ bool net_tap_init(struct net *net, const char *tapdev) int fd; int one = 1; +#ifdef __linux__ + fd = open("/dev/net/tun", O_RDWR); +#else fd = open(tapdev, O_RDWR); +#endif if (fd < 0) { debugmsg(SUBSYS_NET, "tap", VERBOSITY_ERROR, "unable to open tap device '%s': %s", @@ -174,6 +183,22 @@ bool net_tap_init(struct net *net, const char *tapdev) return false; } +#ifdef __linux__ + struct ifreq ifr; + + memset(, 0, sizeof(ifr)); + ifr.ifr_flags = IFF_TAP | IFF_NO_PI; + strncpy(ifr.ifr_name, tapdev, IFNAMSIZ); + + if (ioctl(fd, TUNSETIFF, ) < 0) { + debugmsg(SUBSYS_NET, "tap", VERBOSITY_ERROR, + "unable to attach to " + "tap device '%s': %s", tapdev, strerror(errno)); + close(fd); + return false; + } +#endif + if (ioctl(fd, FIONBIO, ) < 0) { debugmsg(SUBSYS_NET, "tap", VERBOSITY_ERROR, "unable to set non-blocking mode on " signature.asc Description: PGP signature
Bug#1032517: [Pkg-nginx-maintainers] Bug#1032517:
> > Jan, > Did default config files in /etc/nginx/ moved from nginx-common to nginx ? Yes, config files moved to the nginx package, and nginx-common is empty metapackage (since 1.22.1-6). Jan
Bug#998708: Another vote for an update
Hi! Just tried to build Ghidra (with the goal of adding support for the VAX processors), but I cannot even download the build dependencies due to gradle being too old. Ghidra requests version 7.3+. It would be really nice to have this package updated. Anything I can help with? Thanks, Jan-Benedict Glaw -- signature.asc Description: PGP signature
Bug#1032517:
Hello, can You please send me the steps how i can reproduce it - packages list/versions before the upgrade - exact apt/apt-get command - packages list/versions after the upgrade Jan
Bug#1032471: [gxemul] Fix tap device support
Package: gxemul Version: 0.7.0+dfsg-1+b1 Hi! I couldn't get tap networking to work at all. Looking at the source (net_tap_init()), my impression is that this is using the BSD interface. Googling around, there are forks on eg. Github that added/fixed tap networking so that it works with Linux. That would be a great thing to have! Thanks, Jan-Benedict -- signature.asc Description: PGP signature
Bug#1032156: gnome-multi-writer does not show connected USB sticks in LXDE on Debian
Package: gnome-multi-writer Version: 3.32.1-1 Severity: important X-Debbugs-Cc: jangi...@gmail.com Dear Maintainer, * What led up to the situation? I was trying to make a bootable USB stick. * What exactly did you do (or not do) that was effective (or ineffective)? It just flat out would not work. No USB stick detection, I tried several. The system detects them and even gnome-disk-utiliti has no problem finding them. * What outcome did you expect instead? That the program shows the USB files. Just drop me an email if you need more info like a screenshot. It was a netinstall of debian 11 with LXDE as a desktop environment. -- System Information: Debian Release: 11.6 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-21-amd64 (SMP w/4 CPU threads) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages gnome-multi-writer depends on: ii dconf-gsettings-backend [gsettings-backend] 0.38.0-2 ii libc62.31-13+deb11u5 ii libcanberra-gtk3-0 0.30-7 ii libcanberra0 0.30-7 ii libglib2.0-0 2.66.8-1 ii libgtk-3-0 3.24.24-4+deb11u2 ii libgudev-1.0-0 234-1 ii libgusb2 0.3.5-1 ii libpolkit-gobject-1-00.105-31+deb11u1 ii libudisks2-0 2.9.2-2+deb11u1 gnome-multi-writer recommends no packages. gnome-multi-writer suggests no packages. -- no debconf information
Bug#1032155: gnome-multi-writer: Settings button not displayed in LXDE
Package: gnome-multi-writer Version: 3.32.1-1 Severity: important X-Debbugs-Cc: jangi...@gmail.com Dear Maintainer, * What led up to the situation? I was trying to make a bootable USB stick. * What exactly did you do (or not do) that was effective (or ineffective)? It just flat out would not work. No settings button to choose an image file like an ISO and no USB stick detection, but that is the other bug. * What was the outcome of this action? NA * What outcome did you expect instead? That the program shows the gearwheel menu to choose the file. Just drop me an email if you need more info like a screenshot. It was a netinstall of debian 11 with LXDE as a desktop environment. Best, Jan Girke -- System Information: Debian Release: 11.6 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-21-amd64 (SMP w/4 CPU threads) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages gnome-multi-writer depends on: ii dconf-gsettings-backend [gsettings-backend] 0.38.0-2 ii libc62.31-13+deb11u5 ii libcanberra-gtk3-0 0.30-7 ii libcanberra0 0.30-7 ii libglib2.0-0 2.66.8-1 ii libgtk-3-0 3.24.24-4+deb11u2 ii libgudev-1.0-0 234-1 ii libgusb2 0.3.5-1 ii libpolkit-gobject-1-00.105-31+deb11u1 ii libudisks2-0 2.9.2-2+deb11u1 gnome-multi-writer recommends no packages. gnome-multi-writer suggests no packages. -- no debconf information
Bug#1032152: pcmanfm: Silent fail rightclick on ISO file "Disk Image Writer"
Package: pcmanfm X-Debbugs-Cc: jangi...@gmail.com Version: 1.3.2-1 Severity: normal Dear Maintainer, * What led up to the situation? I right clicked an ISO file and it did nothing. * What exactly did you do (or not do) that was effective (or ineffective)? See above * What was the outcome of this action? Nothing * What outcome did you expect instead? At least an error messagebox that tells me what's wrong. Are permissions missing? Where and how can I add them? gnome-disk-utility just works even in userspace. This package is part of the bigger seudo package lxde the LXDE desktop environment for Debian 11 something see below. If you need more information write an email to me. Best, Jan Girke -- System Information: Debian Release: 11.6 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-21-amd64 (SMP w/4 CPU threads) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages pcmanfm depends on: ii libatk1.0-0 2.36.0-2 ii libc62.31-13+deb11u5 ii libcairo21.16.0-5 ii libfm-gtk4 1.3.2-1 ii libfm4 1.3.2-1 ii libgdk-pixbuf-2.0-0 2.42.2+dfsg-1+deb11u1 ii libglib2.0-0 2.66.8-1 ii libgtk2.0-0 2.24.33-2 ii libpango-1.0-0 1.46.2-3 ii libpangocairo-1.0-0 1.46.2-3 ii libx11-6 2:1.7.2-1 ii shared-mime-info 2.0-1 Versions of packages pcmanfm recommends: ii gnome-icon-theme 3.12.0-3 ii gvfs-backends1.46.2-1 ii gvfs-fuse1.46.2-1 ii lxde-icon-theme 0.5.1-2.1 ii lxpolkit [polkit-1-auth-agent] 0.5.5-2 ii policykit-1-gnome [polkit-1-auth-agent] 0.105-7 pcmanfm suggests no packages. -- no debconf information
Bug#1029720: [Pkg-nagios-devel] Bug#1029720: Bug#1029720: monitoring-plugins-contrib: false positive w bookworm kernel: "running kernel does not match on-disk kernel image'
Thanks for all your input. As the release is coming closer and I'm very short on time at the moment patches are very appreciated. Thanks Jan
Bug#983645: laminard: SIGPIPE kills it
Hi! I see that you already imported Laminar 1.2 into the Debian repository. Thanks a lot for doing the work! I'm really looking forward for when it shows up in the Debian unstable repo! Thanks, Jan-Benedict -- signature.asc Description: PGP signature
Bug#1029842: ITP: randombytes -- Library generating fresh randomness
> On 28. 1. 2023, at 21:42, Sam Hartman wrote: > >>>>>> "Jan" == Jan Mojzis writes: > > * Package name: randombytes > Version : 20230126 > Upstream Author : Daniel J. Bernstein > * URL : https://randombytes.cr.yp.to/ > * License : Public domain > > Public domain is problematic as a license. > At least under US copyright law, there are very few circumstances when > something can actually be public domain. > One example is software written by US government employees. > But I don't think any of those circumstances apply to this library. > So I'm not sure the license is okay. If I understand it correctly, CC0-style public-domain declaration in debian/copyright solves the problem. (learned here: https://lists.debian.org/debian-mentors/2017/09/msg00171.html) ~~~ License: public-domain-CC0-1.0 Public domain. . Upstream library is marked as public-domain https://randombytes.cr.yp.to/index.html. . Public-domain mark does not have the same meaning in all jurisdictions, to avoid confusion, please follow CC0 1.0 Universal. The complete text of the CC0 license, version 1.0, can be found in /usr/share/common-licenses/CC0-1.0. ~~~ Or am I wrong? > > I'll also admit to being skepticle of the utility of such a library > given the getrandom() API in libc. The library internally uses getrandom(). The primary bonus is in portability and usability. The library (namely randombytes-kernel) uses one of the variants getrandom(), getentropy(), "/dev/urandom" and the user/aplication doesn't need to care what resource is on a given operating system available. And the user/aplication also doesn't have to worry about whether the system has enough entropy (e.g. /dev/urandom initialized). Randombytes() simply waits/blocks until there is enough entropy. Jan
Bug#1029720: [Pkg-nagios-devel] Bug#1029720: monitoring-plugins-contrib: false positive w bookworm kernel: "running kernel does not match on-disk kernel image'
Hi Holger, Am 30.01.23 um 12:33 schrieb Holger Levsen: $ scp ./nagios-plugins-contrib-38.20230124/dsa/checks/dsa-check-running-kernel osuosl168-amd64.debian.net: and then there: holger@osuosl168-amd64:~ $ bash dsa-check-running-kernel WARNING: Running kernel does not match on-disk kernel image: [Linux version 6.1.0-1-amd64 (debian-ker...@lists.debian.org) (gcc-12 (Debian 12.2.0-13) 12.2.0, GNU ld (GNU Binutils for Debian) 2.39.90.20221231) #1 SMP PREEMPT_DYNAMIC Debian 6.1.4-1 (2023-01-07) != Linux version 6.1.0-1-amd64 (debian-ker...@lists.debian.org) (gcc-12 (Debian 12.2.0-13) 12.2.0, GNU ld (GNU Binutils for Debian) 2.39.90.20221231) # SMP PREEMPT_DYNAMIC Debian 6.1.4-1 (2023-01-07)] holger@osuosl168-amd64:~ $ md5sum dsa-check-running-kernel 155205740a07f98f13bf6045b317c505 dsa-check-running-kernel so, no, doesnt help. thanks for confirming. As I don't have a bookworm system (with running kernel) at hand, I can't go deeper into debugging this issue until I get hands on it. Sorry Jan
Bug#1029720: [Pkg-nagios-devel] Bug#1029720: monitoring-plugins-contrib: false positive w bookworm kernel: "running kernel does not match on-disk kernel image'
Hi Holger, Am 26.01.23 um 17:41 schrieb Holger Levsen: on a system running bookworm and the latest amd64 kernel /usr/lib/nagios/plugins/check_running_kernel warns me that the running kernel doesnt match the on-disk kernel, while it*is* running the latest kernel. (line breaks added for better readability.) thanks for your bugreport. can you try the version from unstable (https://packages.debian.org/sid/nagios-plugins-contrib) which I uploaded a few days ago? Thank Jan
Bug#1029931: pushpin: build-dependencies unsatisfiable on mips*, ppc64el and s390x.
On Sun, Jan 29, 2023 at 01:10:17PM +0200, Adrian Bunk wrote: > Keeping it "Architecture: any" will automatically (re)add it on > architectures whenever they gain ring support. [...] > Yes, since there are no reverse (build) dependencies > "reportbug ftp.debian.org" to remove the stale binaries > on "mips64el mipsel ppc64el s390x" is all that is needed. I came to the same conclusion and already opened https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029943 Jan
Bug#1029943: RM: pushpin [mips64el mipsel ppc64el s390x alpha hppa hurd-i386 ia64 kfreebsd-amd64 kfreebsd-i386 m68k powerpc ppc64 riscv64 sh4 sparc64] -- RoM; FTBFS
Package: ftp.debian.org Dear ftpmasters, please remove pushpin for the listed architectures from unstable. It's currently not possible to build them, because a build-depencency, librust-ring-0.16+default-dev, is not available there. See #1029931 for details in case you are interested. Jan
Bug#1029931: pushpin: build-dependencies unsatisfiable on mips*, ppc64el and s390x.
On Sun, Jan 29, 2023 at 04:28:54AM +, Peter Michael Green wrote: > Package: pushpin > Version: 1.36.0-1 > Severity: serious > > The new version of pushpin added a dependency on jsonwebtoken, > unfortunately jsonwebtoken depends in ring, which is only available > on x86* and arm*. There is work upstream to make ring more > portable but it seems unlikely to feature in a stable release before > the bookworm freeze. > > Not sure what can be done about this, I tried reverting the > upstream commit in question using a Debian patch, but it did not > seem to revert cleanly. While I'm a huge fan of portable packages, I think in this case it's better to just restrict the list of available architectures. I doubt pushpin is actively used on any other architecture than amd64, in practice. Doing heavy changes to make pushpin portable to architectures which don't provide ring may introduce bugs, even security issues, which would affect users on all architectures. So I'd say we should remove pushpin from the archive for all architectures where librust-ring-0.16+default-dev is not available.
Bug#1029842: ITP: randombytes -- Library generating fresh randomness
Package: wnpp Severity: wishlist Owner: Jan Mojzis X-Debbugs-Cc: debian-de...@lists.debian.org * Package name: randombytes Version : 20230126 Upstream Author : Daniel J. Bernstein * URL : https://randombytes.cr.yp.to/ * License : Public domain Programming Lang: C Description : Library generating fresh randomness librandombytes is a public-domain library providing a simple API for applications generating fresh randomness: include , call randombytes(x, xbytes) whenever desired to generate fresh random bytes x[0], x[1], ..., x[xbytes-1], and link with -lrandombytes. . Random bytes are often used directly in applications. Random bytes are also the foundation of more complicated random objects, such as random integers in a limited interval, random floating-point numbers from a (nearly) normal distribution, and random keys used in public-key cryptosystems. librandombytes is dedicated to obtaining fresh random bytes in the first place, and leaves it to higher-level libraries to convert those bytes into other types of random objects. . librandombytes aims for the following stringent randomness goal: no feasible computation will ever be able to tell the difference between the output bytes and true randomness (independent uniformly distributed random bytes). This makes the randombytes() output suitable for use in applications ranging from simulations to cryptography. I'm using this library and I'm going to maintain using https://salsa.debian.org/ I need sponsor for the first upload (I'm DM).
Bug#977294: nagios-plugins-contrib: (another) check_uptime is shipped with monitoring-plugins 2.3
Am 13.12.20 um 18:10 schrieb Jan Wagner: Package: nagios-plugins-contrib Severity: normal Monitoring Plugins ships a check_uptime since version 2.3, see https://github.com/monitoring-plugins/monitoring-plugins/commits/v2.3/plugins-scripts/check_uptime.pl I would suggest to remove check_uptime from the package. If removing is not an option, we should rename the script. The check_uptime in monitoring-plugins is a script which has to be executed on the system that has to be monitored. The check_uptime of this package is working via SNMP and remote, so it's a completely different usecase.
Bug#1029435: linux-image-6.1.0-1-amd64: internal battery and removable battery have a switched priority order
Package: src:linux Version: 6.1.4-1 Severity: normal X-Debbugs-Cc: yan...@web.de Dear Maintainer, after upgrading from linx-5.19.x to linux-6.0.x the priority order of the internal battery (nonremovable) and the removable battery have switched. The internal battery is considered nr. 0 by `acpi -bi` and is used first. This is not sensible and makes it impossible to switch the removable battery upon depletion. This happens on a thinkpad t470. Similiar problems seem to have cropped up and were fixed according to the changelog.gz of the kernel package. e.g.: " - [x86] platform/x86: thinkpad_acpi: Add BAT1 is primary battery quirk for Thinkpad Yoga 11e 4th gen" I'd guess this is an upstream bug, but thought it sensible to run this via debian. I'll happyly test any fixes or run additional diagnostics. Best regards Jan -- Package-specific info: ** Version: Linux version 6.1.0-1-amd64 (debian-ker...@lists.debian.org) (gcc-12 (Debian 12.2.0-13) 12.2.0, GNU ld (GNU Binutils for Debian) 2.39.90.20221231) #1 SMP PREEMPT_DYNAMIC Debian 6.1.4-1 (2023-01-07) ** Command line: BOOT_IMAGE=/vmlinuz-6.1.0-1-amd64 root=/dev/mapper/monster--vg-root ro quiet ** Not tainted ** Kernel log: [54011.400926] ata3.00: ACPI cmd f5/00:00:00:00:00:a0(SECURITY FREEZE LOCK) filtered out [54011.400938] ata3.00: ACPI cmd ef/10:03:00:00:00:a0(SET FEATURES) filtered out [54011.401331] ata3.00: supports DRM functions and may not be fully accessible [54011.404981] ata3.00: configured for UDMA/133 [54011.416011] ata3.00: Enabling discard_zeroes_data [54011.475603] usb 1-7: reset full-speed USB device number 3 using xhci_hcd [54011.835133] psmouse serio1: synaptics: queried max coordinates: x [..5676], y [..4690] [54011.868310] psmouse serio1: synaptics: queried min coordinates: x [1266..], y [1162..] [54011.987248] OOM killer enabled. [54011.987251] Restarting tasks ... [54012.002371] Bluetooth: hci0: Bootloader revision 0.0 build 26 week 38 2015 [54012.003615] done. [54012.003631] random: crng reseeded on system resumption [54012.003636] Bluetooth: hci0: Device revision is 16 [54012.003639] Bluetooth: hci0: Secure boot is enabled [54012.003641] Bluetooth: hci0: OTP lock is enabled [54012.003642] Bluetooth: hci0: API lock is enabled [54012.003643] Bluetooth: hci0: Debug lock is disabled [54012.003645] Bluetooth: hci0: Minimum firmware build 1 week 10 2014 [54012.003649] Bluetooth: hci0: Found device firmware: intel/ibt-12-16.sfi [54012.078037] PM: suspend exit [54013.204341] mei_hdcp :00:16.0-b638ab7e-94e2-4ea2-a552-d1c54b627f04: bound :00:02.0 (ops i915_hdcp_component_ops [i915]) [54013.544036] Bluetooth: hci0: Waiting for firmware download to complete [54013.544514] Bluetooth: hci0: Firmware loaded in 1504754 usecs [54013.544538] Bluetooth: hci0: Waiting for device to boot [54013.557666] Bluetooth: hci0: Device booted in 12837 usecs [54013.557682] Bluetooth: hci0: Found Intel DDC parameters: intel/ibt-12-16.ddc [54013.560556] Bluetooth: hci0: Applying Intel DDC parameters completed [54013.561558] Bluetooth: hci0: Firmware revision 0.1 build 19 week 44 2021 [54013.613881] Bluetooth: MGMT ver 1.22 [54016.132567] wlp4s0: authenticate with 3c:a6:2f:63:60:3d [54016.142891] wlp4s0: send auth to 3c:a6:2f:63:60:3d (try 1/3) [54016.288508] wlp4s0: authenticate with 3c:a6:2f:63:60:3d [54016.288535] wlp4s0: send auth to 3c:a6:2f:63:60:3d (try 1/3) [54016.346800] wlp4s0: authenticated [54016.350881] wlp4s0: associate with 3c:a6:2f:63:60:3d (try 1/3) [54016.354411] wlp4s0: RX AssocResp from 3c:a6:2f:63:60:3d (capab=0x1511 status=0 aid=1) [54016.357782] wlp4s0: associated [54016.611609] IPv6: ADDRCONF(NETDEV_CHANGE): wlp4s0: link becomes ready [54018.513393] wlp4s0: Limiting TX power to 27 (30 - 3) dBm as advertised by 3c:a6:2f:63:60:3d [58166.652144] sd 2:0:0:0: [sda] Synchronizing SCSI cache [58166.655595] sd 2:0:0:0: [sda] Stopping disk [58172.472157] ata3: SATA link up 6.0 Gbps (SStatus 133 SControl 300) [58172.475004] ata3.00: ACPI cmd f5/00:00:00:00:00:a0(SECURITY FREEZE LOCK) filtered out [58172.475017] ata3.00: ACPI cmd ef/10:03:00:00:00:a0(SET FEATURES) filtered out [58172.475568] ata3.00: supports DRM functions and may not be fully accessible [58172.479657] ata3.00: ACPI cmd f5/00:00:00:00:00:a0(SECURITY FREEZE LOCK) filtered out [58172.479669] ata3.00: ACPI cmd ef/10:03:00:00:00:a0(SET FEATURES) filtered out [58172.480158] ata3.00: supports DRM functions and may not be fully accessible [58172.483700] ata3.00: configured for UDMA/133 [58172.494034] sd 2:0:0:0: [sda] Starting disk [58172.494761] ata3.00: Enabling discard_zeroes_data [58196.095883] sd 2:0:0:0: [sda] Synchronizing SCSI cache [58196.099331] sd 2:0:0:0: [sda] Stopping disk [58197.040305] ata3: SATA link up 6.0 Gbps (SStatus 133 SControl 300) [58197.043178] ata3.00: ACPI cmd f5/00:00:00:00:00:a0(SECURITY FREEZE LOCK) filtered out [58197.043191] ata3.00: ACPI cmd ef/10:03:00:00:00:a0(SET FEATURES) filtered out [58197.043689] ata3.00: supports DRM
Bug#1029433: luajit2: new upstream version 2.1-20230119
Package: luajit2 Version: 2.1-20220411-5 Severity: normal Dear Maintainer, the latest version of luajit2 2.1-20230119 has been released, contains mostly bug fixes, so it would be worth updating the debian version as well before bookworm freeze. Thanks Jan
Bug#1004784: aiscm: FTBFS with ffmpeg 5.0
Not sure how to orphan it. I read that I need to change the package maintainer to Debian QA Group but I can't create a new release any more since it won't build on Debian unstable because of FFPMEG 5.0 changes. On Wed, 14 Dec 2022, Bastian Germann wrote: Am 14.12.22 um 16:51 schrieb Jan Wedekind: No, I didn't manage to fix it. Is it possible to remove the package? Yes. But if you do not want to maintain it anymore, orphaning would usually the step that maintainers take.
Bug#1027845: kdevelop-python: Plugin crashes on encountering Python code
Package: kdevelop-python X-Debbugs-Cc: erbur...@gmail.com Version: 22.12.0-2 Severity: important Dear Maintainer, after the Python 3.11 transition, the Python plugin for KDevelop crashes on on my setup after loading a Python code. I have filed an upstream bugreport https://bugs.kde.org/show_bug.cgi?id=463802 which contains the full backtrace. Regards, Jan Kriho -- System Information: Debian Release: bookworm/sid APT prefers testing APT policy: (950, 'testing'), (900, 'unstable'), (850, 'experimental'), (800, 'stable'), (500, 'testing-debug'), (500, 'stable-security') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.0.0-6-amd64 (SMP w/16 CPU threads; PREEMPT) Locale: LANG=cs_CZ.UTF-8, LC_CTYPE=cs_CZ.UTF-8 (charmap=UTF-8), LANGUAGE=cs:en_US Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages kdevelop-python depends on: ii kdevelop-python-data 22.12.0-2 ii kdevelop510-libs 4:22.12.0-2 ii libc6 2.36-7 ii libkf5configcore5 5.101.0-1 ii libkf5coreaddons5 5.101.0-1 ii libkf5i18n5 5.101.0-1+b1 ii libkf5parts5 5.101.0-1 ii libkf5texteditor5 5.101.0-2 ii libkf5threadweaver5 5.101.0-1 ii libkf5widgetsaddons5 5.101.0-1 ii libkf5xmlgui5 5.101.0-1+b1 ii libpython3.11 3.11.1-2 ii libqt5core5a 5.15.7+dfsg-2 ii libqt5gui55.15.7+dfsg-2 ii libqt5widgets55.15.7+dfsg-2 ii libstdc++612.2.0-13 ii python3.113.11.1-2 Versions of packages kdevelop-python recommends: ii kdevelop 4:22.12.0-2 ii pycodestyle 2.10.0-1 ii python3-autopep8 2.0.0-1 Versions of packages kdevelop-python suggests: pn kdevelop-python-l10n -- no debconf information