Bug#913558: libssl1.1: Breaks Lighttpd < 1.4.51

2018-11-12 Thread Sebastian Andrzej Siewior
Control: blocks -1 by 913251 On November 12, 2018 10:17:09 AM UTC, Olaf van der Spek wrote: >I think libssl1.1 breaks Lighttpd, Ondřej Surý requested I report this. >Does libssl1.1 need a versioned breaks on lighttpd? Yes, looks that way. According to the bug you listed there is not a fixed

Bug#904111: clamav-daemon causing deadlocks/blocking I/O

2018-11-10 Thread Sebastian Andrzej Siewior
On 2018-11-08 15:15:57 [-0800], Adam Lambert wrote: > What do you need me to do to provide debug info on this? I would like to reproduce this. I would need the clamd.conf, kernel command line if something non-standard and what it is you do. If I can reproduce this on my Stretch VM then I try to

Bug#904111: clamav-daemon causing deadlocks/blocking I/O

2018-11-08 Thread Sebastian Andrzej Siewior
On 2018-11-03 17:11:07 [+], Scott Kitterman wrote: > Does anyone still have this problem with 0.100.2? It's been out awhile and > this bug has gone quiet. I would suggest to close it. I never had any luck to reproduce it. It may or may not be a problem but without any additional help to get

Bug#913020: [Pkg-clamav-devel] Bug#913020: clamd: apparmor denials: cap net_admin, openssl.conf

2018-11-08 Thread Sebastian Andrzej Siewior
intrigeri, I added you on Cc since you were a help the last time apparmor came around. On 2018-11-06 10:45:15 [+0800], Paul Wise wrote: > Package: clamav-daemon > Version: 0.100.2+dfsg-1 > Severity: normal > File: /etc/apparmor.d/usr.sbin.clamd > Usertags: apparmor > > When I restart

Bug#912634: [Pkg-clamav-devel] Bug#912634: clamav scanner didn't unpack RAR archives

2018-11-08 Thread 'Sebastian Andrzej Siewior'
On 2018-11-06 08:41:47 [+0700], Dmitriy wrote: > > Yes. I compiled deb package from source and add to Clamav daemon. After this > it works. > I think in man page for clam antivirus must be menchioned that some non GNU > code are absent (like RAR code) > This is be very heplfull for users to

Bug#871056: transition: openssl

2018-11-08 Thread Sebastian Andrzej Siewior
On 2018-02-25 10:59:57 [+0100], Emilio Pozuelo Monfort wrote: > We're getting close. According to the transition tracker, the remaining rdeps > in > testing are: … > kopete - no fix upstream, optional for jingle (call) support in XMPP … This is the last one in testing. kopete's #858938 has been

Bug#859784: NMU for validns

2018-11-05 Thread Sebastian Andrzej Siewior
On 2018-11-03 18:12:07 [+0100], Christoph Biedl wrote: > Subject: Build against openssl 1.1. > Author: Chris West > Bug: https://github.com/tobez/validns/pull/64 > Bug-Debian: https://bugs.debian.org/859784 > Last-Update: 2018-11-03 > > --- a/dnskey.c > +++ b/dnskey.c > @@ -154,6 +154,7 @@ >

Bug#900152: nsca-ng: FTBFS against openssl 1.1.1

2018-11-04 Thread Sebastian Andrzej Siewior
On 2018-05-26 23:35:46 [+0200], To sub...@bugs.debian.org wrote: > The Error in the testsuite could be due to: > 1.1.1~~pre6-1 changelog): > | * Increase default security level from 1 to 2. This moves from the 80 bit > | security level to the 112 bit securit level and will require 2048 bit

Bug#912864: [Pkg-openssl-devel] Bug#912864: Bug#912864: openssl: new version of openssl breaks some openvpn clients

2018-11-04 Thread Sebastian Andrzej Siewior
On 2018-11-04 11:39:59 [-0800], James Bottomley wrote: > > > OK, so I'm weary of trying to construct a theory of what the bug > > > actually is, why don't you try to come up with one. The symptoms > > > are > > > that openvpn in openwrt works with server 1.1.0 and fails with > > > server > > >

Bug#912737: [Pkg-openssl-devel] Bug#912737: Bug#912737: openssl: SSL_read: error:1408F119:SSL routines:ssl3_get_record:decryption failed

2018-11-04 Thread Sebastian Andrzej Siewior
On 2018-11-04 15:10:42 [+0100], Julien Lecomte wrote: > Hello Hi, > Thanks to your remark I tried connecting my computer directly to the set-top > box. > > Connected directly, the file downloads fine (verified via md5sum). > Connected indirectly, the download shows the issues I encountered. > >

Bug#909545: python-boto: diff for NMU version 2.44.0-1.1

2018-11-04 Thread Sebastian Andrzej Siewior
). + + -- Sebastian Andrzej Siewior Sun, 04 Nov 2018 12:37:23 +0100 + python-boto (2.44.0-1) unstable; urgency=medium * New upstream release. only in patch2: unchanged: --- python-boto-2.44.0.orig/boto/connection.py +++ python-boto-2.44.0/boto/connection.py @@ -821,23 +821,24 @@ h

Bug#912087: openssh-server: Slow startup after the upgrade to 7.9p1

2018-11-03 Thread Sebastian Andrzej Siewior
On 2018-11-01 19:50:35 [-0400], Theodore Y. Ts'o wrote: > On Thu, Nov 01, 2018 at 11:18:14PM +0100, Sebastian Andrzej Siewior wrote: > > Okay. So you wrote what can be done for a system with HW-RNG/kvm. On > > bare metal with nothing fancy I have: > > [3.544985] systemd[1]

Bug#912634: [Pkg-clamav-devel] Bug#912634: clamav scanner didn't unpack RAR archives

2018-11-03 Thread Sebastian Andrzej Siewior
On 2018-11-02 08:11:49 [+0700], Dmitriy wrote: > I've some problems with scanning RAR archives in emails. Clamav daemon in > debug mode don't show any info about do you have libclamunrar7 installed? Sebastian

Bug#912087: openssh-server: Slow startup after the upgrade to 7.9p1

2018-11-01 Thread Sebastian Andrzej Siewior
On 2018-10-31 18:41:06 [-0400], Theodore Y. Ts'o wrote: > On Wed, Oct 31, 2018 at 11:21:59AM +0000, Sebastian Andrzej Siewior wrote: > > On October 30, 2018 8:51:36 PM UTC, "Theodore Y. Ts'o" > > wrote: > > > > > >So it's complicated. It's not a

Bug#912604: [Pkg-openssl-devel] Bug#912604: libssl1.1: libssl version 1.1.1 breaks burp backup buster clients with stretch server

2018-11-01 Thread Sebastian Andrzej Siewior
control: reassign -1 src:burp On 2018-11-01 18:56:30 [+0100], Antoine Sirinelli wrote: > I have a setup with a burp backup server running with an up to date > stretch distribution. The backup clients are running on either stretch > or buster workstation. Since the recent update of libssl1.1 from

Bug#912087: openssh-server: Slow startup after the upgrade to 7.9p1

2018-10-31 Thread Sebastian Andrzej Siewior
On October 30, 2018 8:51:36 PM UTC, "Theodore Y. Ts'o" wrote: > >So it's complicated. It's not a binary trusted/untrusted sort of >thing. What about RNDRESEEDCRNG? Would it be reasonable to issue it after writing the seed as part of the boot process? >Cheers, > >

Bug#912087: openssh-server: Slow startup after the upgrade to 7.9p1

2018-10-29 Thread Sebastian Andrzej Siewior
On 2018-10-29 23:33:34 [+0100], Kurt Roeckx wrote: > On Mon, Oct 29, 2018 at 09:58:20PM +0100, Sebastian Andrzej Siewior wrote: > > On 2018-10-29 18:22:08 [+0100], Kurt Roeckx wrote: > > > So I believe this is not an openssl issue, but something in the > > >

Bug#912087: [Pkg-openssl-devel] Bug#912087: Bug#912087: openssh-server: Slow startup after the upgrade to 7.9p1

2018-10-29 Thread Sebastian Andrzej Siewior
On 2018-10-29 18:22:08 [+0100], Kurt Roeckx wrote: > So I believe this is not an openssl issue, but something in the > order that the kernel's RNG is initialized and openssh is started. > Potentionally the RNG isn't initialized at all and you actually > have to wait for the kernel to get it's

Bug#858938: fixed in kopete 4:18.04.1-1

2018-10-28 Thread Sebastian Andrzej Siewior
On 2018-10-21 12:31:45 [+0200], Kurt Roeckx wrote: > On Tue, Sep 25, 2018 at 11:29:28PM +0200, Sebastian Andrzej Siewior wrote: > > On 2018-08-25 10:33:54 [+0200], Kurt Roeckx wrote: > > > On Fri, Jun 01, 2018 at 11:22:09AM +, Sandro Knauß wrote: > > > > Source:

Bug#897882: Bug#859784: NMU for validns

2018-10-28 Thread Sebastian Andrzej Siewior
On 2018-10-27 18:36:12 [+0200], Christoph Biedl wrote: > +--- a/ipseckey.c > b/ipseckey.c > +@@ -111,8 +111,11 @@ > + default: > + strcpy(gw, "??"); > + } > ++#pragma GCC diagnostic push > ++#pragma GCC diagnostic ignored "-Wformat-truncation" > + snprintf(s, 1024, "(

Bug#907631: [Pkg-openssl-devel] Bug#907631: Problème de connexion avec OpenSSL v1.1.1~~pre9-1 / connection problem with OpenSSL v1.1.1~~pre9-1

2018-10-28 Thread Sebastian Andrzej Siewior
On 2018-08-30 13:35:27 [+0200], David BERCOT wrote: > With OpenSSL vv1.1.1~~pre9-1, I can't connect to my entreprise network (Wifi, > PEAP\MSCHAPv2). > > The connection attempt arrives at the Radius server but, obviously, the > exchange is "disturbed" and raises the following error: > wlp60s0:

Bug#912067: [Pkg-openssl-devel] Bug#912067: Bug#912067: libssl1.1: please add getmail/getmail4 to the dependencies to check

2018-10-27 Thread Sebastian Andrzej Siewior
On 2018-10-27 17:18:22 [-0400], ant wrote: > here is the message: > > = > getmail version 5.6 > Copyright (C) 1998-2012 Charles Cazabon. Licensed under the GNU GPL version > 2. > SimplePOP3SSLRetriever:a...@anthive.com@mail.anthive.com:995: > rc-03ant: socket error ([SSL:

Bug#911389: libssl1.1: loss of WLAN connectivity after upgrading; it's not the library's job to disable TLSv1.0

2018-10-27 Thread Sebastian Andrzej Siewior
On 2018-10-19 21:26:13 [+], Thorsten Glaser wrote: > Ondřej Surý dixit: > > >Your initial bug report was inappropriate. > > No, it was not. I think it was. I don't care much about the tone here others might. From the technical point of view you used severity `grave' which is wrong because

Bug#900158: python3.5: FTBFS against openssl 1.1.1

2018-10-27 Thread Sebastian Andrzej Siewior
On 2018-10-26 16:13:35 [+0200], intrigeri wrote: > Hi! Hi, > Given python3.5 was removed from testing, won't be shipped in Buster, > and has no reverse dependencies left for release architectures (see > #883630, situation today is almost entirely the same as since > 3 months), I don't see any

Bug#911186: stretch-pu: package clamav/0.100.1+dfsg-0+deb9u1

2018-10-20 Thread Sebastian Andrzej Siewior
On 2018-10-20 10:42:06 [+0100], Adam D. Barratt wrote: > On Wed, 2018-10-17 at 00:26 +0200, Sebastian Andrzej Siewior wrote: > > clamav upstream published a new version which contains security > > relevant bug fixes, one of them has CVE-2018-15378 assigned. > > Is the expect

Bug#907015: openssl version 1.1.1 breaks multiple reverse dependencies; versioned Breaks needed

2018-10-17 Thread Sebastian Andrzej Siewior
On 2018-10-17 21:21:29 [+0200], Kurt Roeckx wrote: > > - src:foolscap #898800: foolscap: FTBFS against openssl 1.1.1 > > I'm not sure if this is actually still a problem, there have been > fixes on the python and openssl side for this. reproducible builds > shows it as having problems trying to

Bug#911272: RM: python-txtorcon -- NBS; decruft

2018-10-17 Thread Sebastian Andrzej Siewior
Package: ftp.debian.org Severity: normal Hi, The source package txtorcon no longer builds the binary package python-txtorcon. The binary package is still in archive and was not auto-decrufted. Removing the package breakds two other packages: |bigeasy@coccia:~$ dak rm -Rnb python-txtorcon |Will

Bug#911271: foolscap: (Build) Depends on non existing python-txtorcon

2018-10-17 Thread Sebastian Andrzej Siewior
Package: foolscap Version: 0.13.1-1 Severity: serious txtorcon does not build the Python2 variant (python-txtorcon) since its last upload, only the python3 one (python3-txtorcon) remains. As of now the package can't be built due to missing packages. Sebastian

Bug#911186: stretch-pu: package clamav/0.100.1+dfsg-0+deb9u1

2018-10-16 Thread Sebastian Andrzej Siewior
--- clamav-0.100.1+dfsg/debian/changelog 2018-07-21 13:13:59.00000 +0200 +++ clamav-0.100.2+dfsg/debian/changelog2018-10-12 23:44:44.0 +0200 @@ -1,3 +1,14 @@ +clamav (0.100.2+dfsg-0+deb9u1) stretch; urgency=medium + + * Import new upstream +- Bump symbol version d

Bug#911101: nmu: kannel-sqlbox_0.7.2-5

2018-10-15 Thread Sebastian Andrzej Siewior
Package: release.debian.org User: release.debian@packages.debian.org Usertags: binnmu Severity: normal Hi, kannel-sqlbox was uploaded slightly after kannel 1.4.5-2. On most architectures, kannel-sqlbox was built against newer kannel-dev resulting in a dependency on libssl1.1. On a few

Bug#904111: clamav-daemon causing deadlocks/blocking I/O

2018-10-10 Thread Sebastian Andrzej Siewior
On 2018-08-05 13:18:26 [+0200], To Marc Dequènes wrote: > I didn't manage to reproduce it yet. My plan was to to gather enough this is still the case. > informations to reproduce it and forward it upstream. > Is there anything wrong / different with my setup compared to your? > Maybe different

Bug#909545: SSL CERTIFICATE_VERIFY_FAILED when using gs (Google Cloud Storage) backend.

2018-10-04 Thread Sebastian Andrzej Siewior
if self.key_file: > 127 context.load_cert_chain(certfile=self.cert_file, > keyfile=self.key_file) Thank you. Attached the fixed version and forwarded upstream. Sebastian >From f5e7f6c98b46ff622f60a4661ffc9ce07216d109 Mon Sep 17 00:00:00 2001 From: Sebastian Andrzej Siewior Date

Bug#909545: SSL CERTIFICATE_VERIFY_FAILED when using gs (Google Cloud Storage) backend.

2018-09-29 Thread Sebastian Andrzej Siewior
:726) It looks like missing SNI support. Could you please try if the patch attached works? It is completly untested it just looks like it might work… Sebastian >From 978e87c8f0dfb93c26814b5e5806d2f2332db164 Mon Sep 17 00:00:00 2001 From: Sebastian Andrzej Siewior Date: Sat, 29 Sep 2018 21:4

Bug#907427: openssl 1.1.1 breaks ssl tests

2018-09-29 Thread Sebastian Andrzej Siewior
On 2018-08-27 22:52:06 [+0200], Sandro Knauß wrote: > Source: qtbase-opensource-src, kimap > Version: kimap/18.07.90-1 > Control: block 907015 by -1 > > When I built my KDE PIM packages locally I built against openssl 1.1.0h-4 and > I had no issues running the KIMAP tests. > With openssl

Bug#907807: After upgrading to OpenSSL 1.1.1, many sites are unreachable

2018-09-29 Thread Sebastian Andrzej Siewior
On 2018-09-05 10:30:23 [-0400], Antoine Beaupré wrote: > Control: block 907807 by 907015 > > On 2018-09-05 15:53:46, Vincent Bernat wrote: > > ❦ 5 septembre 2018 09:30 -0400, Antoine Beaupré : > > > >> So I've forwarded the bug upstream to see if we can get a hint there. I > >> originally

Bug#907118: error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small

2018-09-29 Thread Sebastian Andrzej Siewior
On 2018-08-29 11:38:54 [-0600], dann frazier wrote: > > > error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small > > > > > > I found that backporting bip 0.9.0~rc3-1 to jessie worked. I further found > > > that just cherry-picking the following commit back to bip 0.8.9 seems to > > >

Bug#907788: "dh key too small" since openssl upgrade

2018-09-29 Thread Sebastian Andrzej Siewior
control: unblock 907015 by 907788 On 2018-09-02 09:59:11 [+0200], VA wrote: > Since openssl upgrade to 1.1.1~~pre9-1, curl is not able anymore to do > requests to some sites. For example: > > % curl https://www.credit-cooperatif.coop/ > curl: (35) error:141A318A:SSL

Bug#907790: ruby2.5: FTBFS due to openssl 1.1.1: test suite times out

2018-09-29 Thread Sebastian Andrzej Siewior
On 2018-09-02 10:20:13 [+0200], Paul Gevers wrote: > Dear ruby2.5 maintainers, > > Recently openssl was updated to upstream version 1.1.1. There have been > multiple changes to increase security. As a result, some packages > started to time out during autopkgtest and/or building of the package. >

Bug#828475: openssh and OpenSSL 1.1

2018-09-26 Thread Sebastian Andrzej Siewior
On 2018-09-26 11:44:14 [+0100], Colin Watson wrote: > > Upstream committed the necessary changes to switch to the 1.1 API > earlier this month, so that should be in OpenSSH 7.9. There's usually a > release every few months, so I think we should be OK to just wait for > that now. okay, thanks

Bug#891872: transition: curl

2018-09-25 Thread Sebastian Andrzej Siewior
On 2018-07-31 21:40:25 [+0200], To Emilio Pozuelo Monfort wrote: > On 2018-07-28 10:11:47 [+0200], Emilio Pozuelo Monfort wrote: > > We never break packages in testing (unless it's a critical situation, and > > this > > obviously isn't). Also the cruft package in unstable doesn't hurt much, so >

Bug#858938: fixed in kopete 4:18.04.1-1

2018-09-25 Thread Sebastian Andrzej Siewior
On 2018-08-25 10:33:54 [+0200], Kurt Roeckx wrote: > On Fri, Jun 01, 2018 at 11:22:09AM +, Sandro Knauß wrote: > > Source: kopete > > Source-Version: 4:18.04.1-1 > > > > We believe that the bug you reported is fixed in the latest version of > > kopete, which is due to be installed in the

Bug#828475: openssh and OpenSSL 1.1

2018-09-25 Thread Sebastian Andrzej Siewior
On 2018-07-28 07:56:58 [+0200], Kurt Roeckx wrote: > Hi, Hi, > Any update on this? ... > There are very few packages in testing that still use OpenSSL > 1.0.2, and it looks like openssh is the only reason to keep it > around. we are down to two users in testing with one of them fixed in

Bug#907079: Not using SNI

2018-09-14 Thread Sebastian Andrzej Siewior
control: tags -1 patch https://github.com/jcristau/imaplib2/commit/a7ce7da1d573849ac2e1d740d8f3238e0ad8d88c Sebastian

Bug#907774: Bug#908567: libssl 1.1.1 TLS_MAX_VERSION ABI breakage

2018-09-11 Thread Sebastian Andrzej Siewior
On 2018-09-11 16:11:02 [+0300], Adrian Bunk wrote: > Dmitry already implemented my short-term workaround: > https://tracker.debian.org/news/986618/accepted-qtbase-opensource-src-5111dfsg-8-source-into-unstable/ > > When this has been built on all release architectures openssl can bump > the

Bug#907774: [Pkg-openssl-devel] Bug#908567: libssl 1.1.1 TLS_MAX_VERSION ABI breakage

2018-09-11 Thread Sebastian Andrzej Siewior
On 2018-09-11 12:57:17 [+0300], Adrian Bunk wrote: > > I'm on buster and with the latest updates from yesterday came > > qtbase-opensource-src 5.11.1+dfsg-7 > > and SSL started to fail in Qt5 programs. This was reported in bug 907774 ~ > > 2 weeks ago. > > > > Basically libssl 1.1.1 (in

Bug#907015: openssl version 1.1.1 breaks multiple reverse dependencies; versioned Breaks needed

2018-09-05 Thread Sebastian Andrzej Siewior
On 2018-08-23 09:07:31 [+0200], Paul Gevers wrote: > 2) enable the openssl package to collect information which packages it > breaks and which version of those package fix the issue. With that > information the openssl package can add versioned Breaks > > We believe that the versioned Breaks are

Bug#907906: stretch-pu: package openssl/1.1.0f-3+deb9u2

2018-09-03 Thread Sebastian Andrzej Siewior
+- Fix segfault ERR_clear_error (Closes: #903566) +- Fix commandline option for CAengine (Closes: #907457) + * Abort the build if symbols are discovered which are not part of the +symbols file. + + -- Sebastian Andrzej Siewior Mon, 03 Sep 2018 23:59:02 +0200 + openssl (1.1.0f-3+deb9

Bug#904111: clamav-daemon causing deadlocks/blocking I/O

2018-08-05 Thread Sebastian Andrzej Siewior
On 2018-07-27 23:56:53 [+0200], To Marc Dequènes wrote: > On 2018-07-25 22:03:46 [+0200], To Marc Dequènes wrote: > > > I just tried loading Adam's configuration on another system to test the > > > ScanOnAccess, copied a clamav test file in one of the protected directory > > > and hit the problem.

Bug#891872: transition: curl

2018-07-31 Thread Sebastian Andrzej Siewior
On 2018-07-28 10:11:47 [+0200], Emilio Pozuelo Monfort wrote: > We never break packages in testing (unless it's a critical situation, and this > obviously isn't). Also the cruft package in unstable doesn't hurt much, so it > can be left around for a while longer. What we want to do here is to get

Bug#904199: stretch-pu: package clamav/ 0.100.0+dfsg-0+deb9u2

2018-07-31 Thread Sebastian Andrzej Siewior
On 2018-07-29 22:01:20 [+0100], Adam D. Barratt wrote: > > ClamAV is an AntiVirus toolkit for Unix. > > Upstream published version 0.100.1. > > This is a mostly a bug-fix release. The changes are not strictly > required for operation, but users of the previous version in stretch > may not be

Bug#904199: stretch-pu: package clamav/ 0.100.0+dfsg-0+deb9u2

2018-07-28 Thread Sebastian Andrzej Siewior
On 2018-07-28 09:24:28 [+0100], Adam D. Barratt wrote: > Was the intent that the package would be pushed via -updates? Yes, please. If you need additinal information I can provide then on Sunday evening. > Regards, > > Adam Sebastian

Bug#904111: clamav-daemon causing deadlocks/blocking I/O

2018-07-27 Thread Sebastian Andrzej Siewior
On 2018-07-25 22:03:46 [+0200], To Marc Dequènes wrote: > > I just tried loading Adam's configuration on another system to test the > > ScanOnAccess, copied a clamav test file in one of the protected directory > > and hit the problem. After that the whole machine becomes totally > > unresponsive

Bug#904111: [Pkg-clamav-devel] Bug#904111: clamav-daemon causing deadlocks/blocking I/O

2018-07-25 Thread Sebastian Andrzej Siewior
On 2018-07-25 12:14:17 [+0900], Marc Dequènes (duck) wrote: > Quack, > > I did not try to switch on ScanOnAccess on my production system, but with my > configuration, which is not that different, I do not have the problem. > > I just tried loading Adam's configuration on another system to test

Bug#891872: transition: curl

2018-07-25 Thread Sebastian Andrzej Siewior
On 2018-07-25 10:47:50 [+0200], Emilio Pozuelo Monfort wrote: > > Any suggestions from the D-Science folks? > > Maybe send this to the scilab bug rather than the curl transition one? I Cced the scilab folks. I was more interrested in the release team's opinion if it is worth fixing those and get

Bug#904111: [Pkg-clamav-devel] Bug#904111: Bug#904111: Bug#904111: clamav-daemon causing deadlocks/blocking I/O.

2018-07-24 Thread Sebastian Andrzej Siewior
On 2018-07-24 11:06:01 [+], Scott Kitterman wrote: > On July 24, 2018 10:42:44 AM UTC, richard lucassen > wrote: > >http://tmp.xaq.nl/clamd.strace … > >plus a vanilla install of clamav-unofficial-sigs. > > That looks like a different issue. Does it still happen if you remove >

Bug#904111: [Pkg-clamav-devel] Bug#904111: clamav-daemon causing deadlocks/blocking I/O

2018-07-24 Thread Sebastian Andrzej Siewior
On 2018-07-23 17:54:44 [+0900], Marc Dequènes wrote: > Quack, Hi, > I just upgraded and cannot reproduce this problem. I'm not using the > ScanOnAccess feature. just to confirm: you can not reproduce the problem. > Follows collected config info. > \_o< Sebastian

Bug#904111: [Pkg-clamav-devel] Bug#904111: clamav-daemon causing deadlocks/blocking I/O.

2018-07-24 Thread Sebastian Andrzej Siewior
On 2018-07-23 18:26:04 [+0200], Richard Lucassen wrote: > Same here (6 Postfix front-end servers), non-systemd, non-GUI system > running Debian Stretch. Downgrading to 0.99 is a workaround. > ScanOnAccess is set to false. Is the kernel complaining about something like in the other report where it

Bug#903834: [Pkg-clamav-devel] Bug#903834: clamav-freshclam: AppArmor denies access to /procp//status

2018-07-22 Thread Sebastian Andrzej Siewior
On 2018-07-22 20:10:08 [+0800], intrigeri wrote: > Looking at the Journal, it looks very much like the clamav-freshclam > service is started before the /usr/bin/freshclam AppArmor profile > is loaded. > > I think this is potentially racy, which might be why the problem can't > trivially be

Bug#891872: transition: curl

2018-07-21 Thread Sebastian Andrzej Siewior
On 2018-07-19 00:39:27 [+0200], To Emilio Pozuelo Monfort wrote: > - scilab > rebuilt everywhere except for i386. Plus > #891351 [G| | ] [scilab] scilab segfaults at startup > #875790 [S|⛺+| ] [src:scilab] scilab: depends on openjdk-8 > #884033 [S| |☣] [scilab] scilab segfaults

Bug#904213: stretch-pu: package libclamunrar/0.99-3+deb9u1

2018-07-21 Thread Sebastian Andrzej Siewior
spack ],[yes],[$mspack_msg]) if test "x$XML_LIBS" = "x"; then CL_MSG_STATUS([libxml2 ],[no],[]) else CL_MSG_STATUS([libxml2 ],[yes, from $XML_HOME],[]) fi CL_MSG_STATUS([yara],[$enable_yara],[$enable_yara]) +CL_MSG_STATUS([fts ],[yes],[$lfs

Bug#904156: [Pkg-openssl-devel] Bug#904156: openssl: ALPN protocol: http/1.1, instead of h2. This occured on my server after updating.

2018-07-20 Thread Sebastian Andrzej Siewior
On 2018-07-20 17:16:40 [-0400], Mike Rotondo wrote: >I expected an update to roll out that fixed the problem Thank you for the informative bug report. If I put the pieces correctly together then since the point release you have your apache2 server not serving ALPN/h2 but only "normal"

Bug#904158: glibc: pthread_cond_wait() is broken in the pshared case

2018-07-20 Thread Sebastian Andrzej Siewior
g the behavior of the wake functions. Signed-off-by: John Ogness Acked-by: Sebastian Andrzej Siewior Reviewed-by: Kurt Kanzenbach Signed-off-by: Kurt Kanzenbach --- nptl/pthread_cond_timedwait.c | 4 +++- nptl/pthread_cond_wait.c | 4 +++- 2 files changed, 6 insertions(+

Bug#904111: clamav-daemon causing deadlocks/blocking I/O.

2018-07-19 Thread Sebastian Andrzej Siewior
On 2018-07-19 13:38:04 [-0700], Adam Lambert wrote: > clamd (28514): Using fanotify permission checks may lead to deadlock; > tainting kernel > and shortly thereafter This seems to become true. > INFO: task clamd:28512 blocked for more than 120 seconds. That is deadlock that happens. > I

Bug#901879: RM wvdial, no more info for wvstreams

2018-07-19 Thread Sebastian Andrzej Siewior
control: tags 901361 - moreinfo control: reassign 901879 ftp.debian.org control: retitle 901879 RM: wvdial -- unmaintained, dead upstream, depends on wvdial here I am one month later. Nobody tried to adopt wvdial or wvstreams within the last month. Please remove both from unstable. Sebastian

Bug#891872: transition: curl

2018-07-18 Thread Sebastian Andrzej Siewior
On 2018-05-28 17:43:15 [+0200], Emilio Pozuelo Monfort wrote: > Let's go with this. I'll schedule the binNMUs soon. atm we have: - netsurf (sid only) #867694 [G| | ] [netsurf-fb] netsurf-fb: Completely unusable due to missing dependencies, symlinks and documentation #859230 [S| | ]

Bug#901430: freeipa: diff for NMU version 4.6.3-1.1

2018-07-18 Thread Sebastian Andrzej Siewior
: #901430). + + -- Sebastian Andrzej Siewior Thu, 19 Jul 2018 00:03:21 +0200 + freeipa (4.6.3-1) unstable; urgency=medium * New upstream release. diff -Nru freeipa-4.6.3/debian/control freeipa-4.6.3/debian/control --- freeipa-4.6.3/debian/control 2018-02-01 13:14:03.0 +0100 +++ freeipa

Bug#896793: openalpr: diff for NMU version 2.3.0-1.1

2018-07-18 Thread Sebastian Andrzej Siewior
-depends (Closes: #896793). + + -- Sebastian Andrzej Siewior Wed, 18 Jul 2018 23:52:45 +0200 + openalpr (2.3.0-1) unstable; urgency=low * Added plate detection mask and prewarp config changes via API diff -Nru openalpr-2.3.0/debian/control openalpr-2.3.0/debian/control --- openalpr-2.3.0/debian

Bug#859230: netsurf: diff for NMU version 3.6-3.2

2018-07-18 Thread Sebastian Andrzej Siewior
: #869600). + + -- Sebastian Andrzej Siewior Wed, 18 Jul 2018 23:25:47 +0200 + netsurf (3.6-3.1) unstable; urgency=medium * Non-maintainer upload. diff -Nru netsurf-3.6/debian/control netsurf-3.6/debian/control --- netsurf-3.6/debian/control 2017-02-08 21:08:27.0 +0100 +++ netsurf-3.6

Bug#903566: libssl1.1.0f: segfault in ERR_clear_error

2018-07-11 Thread Sebastian Andrzej Siewior
On 2018-07-11 14:25:46 [+0200], Bernd Zeimetz wrote: > Hi, Hi, > This is fixed since one year in the openssl 1.1.0 stable branch. so I do have a little side project where I try to bring the latest 1.1.0 stable release into Debian stable via p-u for reasons like this. Do I understand this

Bug#902899: me too

2018-07-10 Thread Sebastian Andrzej Siewior
On 2018-07-09 22:45:15 [+0200], Matija Nalis wrote: > I got bitten by this too in jessie-updates (after wasting some time > being *sure* local signature I was just creating at the time made > clamd crash silently)... wasn't there an assert which made clamd exit? … > Still wondering how much of

Bug#875423: [Pkg-openssl-devel] Bug#875423: Bug#875423: openssl: Please re-enable TLS 1.0 and TLS 1.1 (at least in testing)

2018-07-09 Thread Sebastian Andrzej Siewior
On 2018-07-10 04:05:58 [+0200], Philippe Metzger wrote: > For now it seems that OpenSSL 1.1.0f-3+deb9u2 available in stretch/security > force TLS 1.2 only in https when using Apache (whatever SSLProtocol > Directive specify). This is not true. Stretch has TLS1.0 and up enabled by default. > Is

Bug#903148: libssl1.1: no debug package

2018-07-07 Thread Sebastian Andrzej Siewior
On 7 July 2018 04:24:20 CEST, Shawn Landden wrote: >I would like it if there was a debug package for libssl1.1 so I could >better profile transmission with perf. What is wrong with dbgsym we currently provide? Take a look at https://wiki.debian.org/AutomaticDebugPackages on how to install them.

Bug#898805: fixed in nodejs 8.11.2~dfsg-1

2018-07-06 Thread Sebastian Andrzej Siewior
control: reopen -1 control: notfixed -1 8.11.2~dfsg-1 On 2018-05-17 18:10:35 [+], Jérémy Lal wrote: > Source: nodejs > Source-Version: 8.11.2~dfsg-1 … >* Upstream openssl 1.1.1 wip patches (Closes: #898805) > Also make sure tests still run with openssl 1.1.0 I rebuilt 8.11.2~dfsg-1

Bug#902899: clamd: yara_exec.c:177: yr_execute_code: Assertion `sp == 0' failed in stable update

2018-07-06 Thread Sebastian Andrzej Siewior
On 2018-07-05 23:52:31 [+0200], Bernhard Schmidt wrote: > Hi Sebastian, Hi Bernhard, > I totally agree and I have already done this. I have filed a bug because > I assume this will hit at least some people on the next Stretch point > release hard. Not sure whether one can workaround this in

Bug#902899: clamd: yara_exec.c:177: yr_execute_code: Assertion `sp == 0' failed in stable update

2018-07-05 Thread Sebastian Andrzej Siewior
control: forwarded -1 https://bugzilla.clamav.net/show_bug.cgi?id=12077 On 2018-07-05 22:54:58 [+0200], Bernhard Schmidt wrote: > On 04.07.2018 14:00, Sebastian Andrzej Siewior wrote: > > Hi Sebastian, Hi Bernhard, > Attached. Note that antidebug_antivm.yar is the one wit

Bug#903005: stretch-pu: package clamav/0.100.0+dfsg-0+deb9u1

2018-07-05 Thread Sebastian Andrzej Siewior
On 2018-07-05 06:25:45 [+0100], Adam D. Barratt wrote: > Please go ahead. uploaded, thanks. > Regards, > > Adam Sebastian

Bug#903005: stretch-pu: package clamav/0.100.0+dfsg-0+deb9u1

2018-07-04 Thread Sebastian Andrzej Siewior
g-0+deb9u2) stretch; urgency=medium + + * Don't fail on recently removed config options (Closes: #902290). + + -- Sebastian Andrzej Siewior Wed, 04 Jul 2018 23:14:43 +0200 + clamav (0.100.0+dfsg-0+deb9u1) stretch; urgency=medium [ Sebastian Andrzej Siewior ] diff -Nru clamav-0.100.0+dfsg/debia

Bug#902290: Too abrupt removal of configuration option in stable update

2018-07-04 Thread Sebastian Andrzej Siewior
control: tags -1 patch On 2018-07-04 14:06:54 [+0200], To Hans van Kranenburg wrote: > On 2018-06-24 17:12:19 [+0200], Hans van Kranenburg wrote: > > My mailserver logs now contain 'ERROR: Parse error at line 74: Unknown > > option StatsHostID', and when that's removed, it reports the next option

Bug#902290: [Pkg-clamav-devel] Bug#902290: Too abrupt removal of configuration option in stable update

2018-07-04 Thread Sebastian Andrzej Siewior
On 2018-06-24 17:12:19 [+0200], Hans van Kranenburg wrote: > My mailserver logs now contain 'ERROR: Parse error at line 74: Unknown > option StatsHostID', and when that's removed, it reports the next option > that is removed, 'StatsPEDisabled', and so on. … > Or, alternatively when throwing newer

Bug#902899: [Pkg-clamav-devel] Bug#902899: clamd: yara_exec.c:177: yr_execute_code: Assertion `sp == 0' failed in stable update

2018-07-04 Thread Sebastian Andrzej Siewior
On 2018-07-03 09:04:21 [+0200], Bernhard Schmidt wrote: > Jul 03 07:30:24 mail clamd[21927]: LibClamAV Error: yyerror(): > /var/lib/clamav/antidebug_antivm.yar line 544 undefined identifier "pe" > Jul 03 07:30:24 mail clamd[21927]: LibClamAV Error: yyerror(): >

Bug#895482: Bug#895473: Bug#895482: Fails to upgrade: installed ca-certificates package post-installation script subprocess returned error exit status 4

2018-06-20 Thread Sebastian Andrzej Siewior
On 2018-06-13 08:19:32 [+0200], To Axel Beckert wrote: > I asked upstream what they thing about ignoring these errors because the > perl script does so. On the other hand what about cleaning up these > dangling symlinks? ca-certificate maintainers: what do we do here? [ ] we intend to figure out

Bug#901879: O: wvdial -- intelligent Point-to-Point Protocol dialer

2018-06-19 Thread Sebastian Andrzej Siewior
Package: wnpp Severity: normal I intend to orphan the wvdial package. The package has been removed from testing because wvstreams is RC-buggy due to the its dependency on libssl1.0.2. The whole story is in #901361 [0]. The persons that intends to adopt wvdial should also look after wvstreams.

Bug#859719: sslscan: Please migrate to openssl1.1 in Buster

2018-06-14 Thread Sebastian Andrzej Siewior
Marvin, do you have any plans here? Upstream made it clear that they won't support openssl 1.1.0+ and I doubt that an embedded copy of the ssl library will work here (not saying it won't, it is not my decision). Sebastian

Bug#895482: Bug#895473: Bug#895482: Fails to upgrade: installed ca-certificates package post-installation script subprocess returned error exit status 4

2018-06-13 Thread Sebastian Andrzej Siewior
On 2018-06-13 00:10:57 [+0200], Axel Beckert wrote: > Hi Sebastian, Hi Axel, > Sebastian Andrzej Siewior wrote: > > > I don't think so unless a future upload of OpenSSL to unstable fixes > > > this. The recent one to unstable didn't. > > > > forwarded https

Bug#895482: Bug#895473: Bug#895482: Fails to upgrade: installed ca-certificates package post-installation script subprocess returned error exit status 4

2018-06-12 Thread Sebastian Andrzej Siewior
On 2018-06-12 22:29:42 [+0200], Axel Beckert wrote: > Shall I try the version from Experimental, too? no. > > (Should some Breaks be added, Depends made stricter?) > > I don't think so unless a future upload of OpenSSL to unstable fixes > this. The recent one to unstable didn't. forwarded

Bug#901361: RM: wvstreams -- unmaintained, dead upstream, depends on libssl1.0.2

2018-06-11 Thread Sebastian Andrzej Siewior
Package: ftp.debian.org wvstreams is rc-buggy due to its libssl1.0.2 requirement, QA maintained. I asked about its status on d-qa-packages@l.d.o [0] and later on d-devel@l.d.o [1]. wvstreams is dead upstream, last github commit is from 2011. Its only reverse dependency is wvdial (Debian

Bug#833692: pinot: links GPLv2+ code with OpenSSL

2018-05-30 Thread Sebastian Andrzej Siewior
On 2017-03-01 12:53:23 [+1300], Olly Betts wrote: > Upstream addressed this by avoiding linking libxapianbackend.so to > openssl (apparently it doesn't use it anyway): > > https://github.com/FabriceColin/pinot/commit/3a40d5abe159a106f3aabaedf1a199020946b3b5 pinot has currently two RC bugs and

Bug#895482: Fails to upgrade: installed ca-certificates package post-installation script subprocess returned error exit status 4

2018-05-30 Thread Sebastian Andrzej Siewior
On 2018-04-22 16:55:21 [+0200], Axel Beckert wrote: > Hi Michael, Hi, > Michael Shuler wrote: > > Thanks for the details. #895473 reported a similar error on locally > > installed CA certificates, which I think may be related. > > That other bug report indeed looks similar albeit not identical.

Bug#900160: ruby-eventmachine: FTBFS against openssl 1.1.1

2018-05-26 Thread Sebastian Andrzej Siewior
Source: ruby-eventmachine Version: 1.0.7-4 Severity: important User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-1.1.1 The new openssl 1.1.1 is currently in experimental [0]. This package failed to build against this new package [1] while it built fine against the openssl version

Bug#900161: ruby-openssl: FTBFS against openssl 1.1.1

2018-05-26 Thread Sebastian Andrzej Siewior
Source: ruby-openssl Version: 2.0.5-1 Severity: important User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-1.1.1 The new openssl 1.1.1 is currently in experimental [0]. This package failed to build against this new package [1] while it built fine against the openssl version

Bug#900159: python-glanceclient: FTBFS against openssl 1.1.1

2018-05-26 Thread Sebastian Andrzej Siewior
Source: python-glanceclient Version: 1:2.9.1-2 Severity: important User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-1.1.1 The new openssl 1.1.1 is currently in experimental [0]. This package failed to build against this new package [1] while it built fine against the openssl

Bug#900158: python3.5: FTBFS against openssl 1.1.1

2018-05-26 Thread Sebastian Andrzej Siewior
Source: python3.5 Version: 3.5.5-1 Severity: important User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-1.1.1 The new openssl 1.1.1 is currently in experimental [0]. This package failed to build against this new package [1] while it built fine against the openssl version

Bug#900156: puma: FTBFS against openssl 1.1.1

2018-05-26 Thread Sebastian Andrzej Siewior
Source: puma Version: 3.11.3-1 Severity: important User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-1.1.1 The new openssl 1.1.1 is currently in experimental [0]. This package failed to build against this new package [1] while it built fine against the openssl version currently in

Bug#900157: python2.7: FTBFS against openssl 1.1.1

2018-05-26 Thread Sebastian Andrzej Siewior
Source: python2.7 Version: 2.7.15-1 Severity: important User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-1.1.1 The new openssl 1.1.1 is currently in experimental [0]. This package failed to build against this new package [1] while it built fine against the openssl version

Bug#900154: pion: FTBFS against openssl 1.1.1

2018-05-26 Thread Sebastian Andrzej Siewior
Source: pion Version: 5.0.7+dfsg-4 Severity: important User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-1.1.1 The new openssl 1.1.1 is currently in experimental [0]. This package failed to build against this new package [1] while it built fine against the openssl version

Bug#900153: openvswitch: FTBFS against openssl 1.1.1

2018-05-26 Thread Sebastian Andrzej Siewior
Source: openvswitch Version: Severity: important User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-1.1.1 The new openssl 1.1.1 is currently in experimental [0]. This package failed to build against this new package [1] while it built fine against the openssl version currently in

Bug#900152: nsca-ng: FTBFS against openssl 1.1.1

2018-05-26 Thread Sebastian Andrzej Siewior
Source: nsca-ng Version: 1.5-2 Severity: important User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-1.1.1 The new openssl 1.1.1 is currently in experimental [0]. This package failed to build against this new package [1] while it built fine against the openssl version currently in

Bug#898807: nova: FTBFS against openssl 1.1.1

2018-05-15 Thread Sebastian Andrzej Siewior
Source: nova Version: 2:17.0.0-4 Severity: important User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-1.1.1 The new openssl 1.1.1 is currently in experimental [0]. This package failed to build against this new package [1] while it built fine against the openssl version currently

Bug#898805: nodejs: FTBFS against openssl 1.1.1

2018-05-15 Thread Sebastian Andrzej Siewior
Source: nodejs Version: 8.11.1~dfsg-2 Severity: important User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-1.1.1 The new openssl 1.1.1 is currently in experimental [0]. This package failed to build against this new package [1] while it built fine against the openssl version

Bug#898804: myproxy: FTBFS against openssl 1.1.1

2018-05-15 Thread Sebastian Andrzej Siewior
Source: myproxy Version: 6.1.28-2 Severity: important User: pkg-openssl-de...@lists.alioth.debian.org Usertags: openssl-1.1.1 The new openssl 1.1.1 is currently in experimental [0]. This package failed to build against this new package [1] while it built fine against the openssl version currently

  1   2   3   4   5   6   7   8   9   10   >