from:"Stephen"

Bug#1069480: bochs: FTBFS on armhf: build-dependency not installable: gcc-i686-linux-gnu

2024-04-20 Thread Stephen Kitt

Hi Lucas,

On Sat, 20 Apr 2024 14:46:39 +0200, Lucas Nussbaum  wrote:

> Source: bochs
> Version: 2.8+dfsg-1
> Severity: serious
> Justification: FTBFS
> Tags: trixie sid ftbfs
> User: lu...@debian.org
> Usertags: ftbfs-20240420 ftbfs-trixie ftbfs-t64-armhf
> 
> Hi,
> 
> During a rebuild of all packages in sid, your package failed to build
> on armhf.
> 
> 
> Relevant part (hopefully):
> > +--+
> > | Install package build dependencies
> >  |
> > +--+
> > 
> > 
> > Setup apt archive
> > -
> > 
> > Merged Build-Depends: bison, debhelper-compat (= 13), flex, libaa1-dev,
> > libasound2-dev, libgtk-3-dev, libice-dev, libltdl-dev, libncurses-dev,
> > libreadline-dev, libsdl2-dev, libsm-dev, libtool, libwxgtk3.2-dev,
> > libx11-dev, libxpm-dev, libz-dev, build-essential, fakeroot,
> > acpica-tools, bcc, bin86, docbook-dsssl, gcc-i686-linux-gnu Filtered
> > Build-Depends: bison, debhelper-compat (= 13), flex, libaa1-dev,
> > libasound2-dev, libgtk-3-dev, libice-dev, libltdl-dev, libncurses-dev,
> > libreadline-dev, libsdl2-dev, libsm-dev, libtool, libwxgtk3.2-dev,
> > libx11-dev, libxpm-dev, libz-dev, build-essential, fakeroot,
> > acpica-tools, bcc, bin86, docbook-dsssl, gcc-i686-linux-gnu dpkg-deb:
> > building package 'sbuild-build-depends-main-dummy' in
> > '/<>/apt_archive/sbuild-build-depends-main-dummy.deb'. Ign:1
> > copy:/<>/apt_archive ./ InRelease Get:2
> > copy:/<>/apt_archive ./ Release [609 B] Ign:3
> > copy:/<>/apt_archive ./ Release.gpg Get:4
> > copy:/<>/apt_archive ./ Sources [915 B] Get:5
> > copy:/<>/apt_archive ./ Packages [908 B] Fetched 2432 B in
> > 0s (0 B/s) Reading package lists... Reading package lists...
> > 
> > Install main build dependencies (apt-based resolver)
> > 
> > 
> > Installing build dependencies
> > Reading package lists...
> > Building dependency tree...
> > Reading state information...
> > Some packages could not be installed. This may mean that you have
> > requested an impossible situation or if you are using the unstable
> > distribution that some required packages have not yet been created
> > or been moved out of Incoming.
> > The following information may help to resolve the situation:
> > 
> > The following packages have unmet dependencies:
> >  sbuild-build-depends-main-dummy : Depends: gcc-i686-linux-gnu but it is
> > not installable E: Unable to correct problems, you have held broken
> > packages. apt-get failed.  

gcc-i686-linux-gnu is in Build-Depends-Indep, it’s only used to build Arch:
all packages. Is there a requirement that these build on armhf? Given that
armhf doesn’t have gcc-i686-linux-gnu, I’m not sure how I would go about
fixing this, short of asking for the cross-compiler to be added to armhf
(which doesn’t seem all that useful).

Regards,

Stephen


pgpOdtyiQY5dR.pgp
Description: OpenPGP digital signature

Bug#1068218: RM: chipmunk/experimental -- ROM; cruft from the 64-bit time_t transition

2024-04-01 Thread Stephen Kitt

Package: ftp.debian.org
Severity: normal

Dear FTP team,

Please remove chipmunk from experimental.

Regards,

Stephen

Bug#1067529: libonvif: Please package new upstream version

2024-03-24 Thread Stephen Rhodes

Hi Petter,

Hope you are having a nice day. I am researching my options for making a
Debian package for a python program, hope to have something soon.

Best Regards,

Stephen

On Sat, Mar 23, 2024 at 1:51 AM Petter Reinholdtsen  wrote:

>
> Package: onvif-tools
> Version: 1.4.4-1
> Severity: wishlist
>
> According to https://github.com/sr99622/libonvif/tags >, the
> latest upstream version of libonvif is 2.0.1, while the latest Debian
> package is 1.4.4.
>
> Please update to the latest upstream version in Debian to make recording
> and multistream support available.
>
> --
> Happy hacking
> Petter Reinholdtsen
>

Bug#1065924: ITP: lfanew -- tool to manipulate MZ stubs in NE/PE binaries

2024-03-10 Thread Stephen Kitt

Package: wnpp
Severity: wishlist
Owner: Stephen Kitt 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: lfanew
  Version : 0~20230825
  Upstream Author : TK Chia
* URL : https://codeberg.org/tkchia/lfanew
* License : MPL-2.0
  Programming Lang: C
  Description : tool to manipulate MZ stubs in NE/PE binaries

lfanew is a tool manipulating the e_lfanew header field in MZ (DOS)
binaries. It can
 - add a .e_lfanew field to an MZ binary, allowing it to be used as a
   DOS loader stub for a NE or PE binary;
 - stubify a NE/PE binary by combining it with an MZ stub;
 - extract a NE/PE binary from a stubified MZ/NE/PE binary pair.


This is required to build dosemu2.

Bug#1065664: ITP: smallerc -- single-pass C compiler for 16- and 32-bit platforms

2024-03-08 Thread Stephen Kitt

Package: wnpp
Severity: wishlist
Owner: Stephen Kitt 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: smallerc
  Version : 1.0.1
  Upstream Author : Alexey Frunze
* URL : https://github.com/alexfru/SmallerC
* License : BSD
  Programming Lang: C
  Description : single-pass C compiler for 16- and 32-bit x86/MIPS platforms

Smaller C is a simple single-pass C compiler with support for most of
C89 and C99. It targets 16- and 32-bit x86, and MIPS, on DOS,
Windows, Linux, and older versions of macOS.
.
Smaller C is primarily useful for building DOS and UEFI binaries.


This is a prerequisite for dosemu2.

Bug#1065378: ITP: libiir -- DSP IIR realtime filter library

2024-03-03 Thread Stephen Kitt

Package: wnpp
Severity: wishlist
Owner: Stephen Kitt 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: libiir
  Version : 1.9.4
  Upstream Author : Bernd Porr
* URL : https://github.com/berndporr/iir1
* License : MIT
  Programming Lang: C++
  Description : DSP IIR realtime filter library

libiir is an infinite impulse response library implementing
Butterworth, RBJ, and Chebychev filters. The filter processes data
sample by sample for realtime processing.


This is a dependency of dosbox-staging. The GH repository is named
iir1 but internally the library refers to itself as iir (e.g. for
pkg-config). The current soname is libiir.so.1 so the library binary
package will end up being called libiir1.

Bug#1062343: htmlcxx: NMU diff for 64-bit time_t transition

2024-02-14 Thread Stephen Kitt

On Wed, 14 Feb 2024 09:48:05 +0100, Adrien Nader  wrote:
> On Wed, Feb 14, 2024, Stephen Kitt wrote:
> > Would it be possible to re-run the analysis on htmlcxx with 0.87-4?  
> 
> I ran the analysis again but since the new package wasn't being picked
> up yet, I added the change as a quirk to the analysis script. The ABI
> isn't impacted by time_t nor LFS and I'm therefore also closing this
> issue. Thanks for also fixing the issue in the package!
> 
> Like I said in the other issue, consolidated results will not be
> available immediately but only in a couple days.

Fantastic, thanks for the quick turnaround on both issues!

Regards,

Stephen


pgpmCA4FJJySm.pgp
Description: OpenPGP digital signature

Bug#1062343: htmlcxx: NMU diff for 64-bit time_t transition

2024-02-14 Thread Stephen Kitt

Hi,

On Thu, Feb 01, 2024 at 05:57:37AM +, Graham Inggs wrote:
> As part of the 64-bit time_t transition required to support 32-bit
> architectures in 2038 and beyond
> (https://wiki.debian.org/ReleaseGoals/64bit-time), we have identified
> htmlcxx as a source package shipping runtime libraries whose ABI
> either is affected by the change in size of time_t, or could not be
> analyzed via abi-compliance-checker (and therefore to be on the safe
> side we assume is affected).

In htmlcxx's case, the analysis failed because of a missing include in
one of the headers. I've fixed that in 0.87-4 which is on its way to
unstable.

> If you have any concerns about this patch, please reach out ASAP.  Although
> this package will be uploaded to experimental immediately, there will be a
> period of several days before we begin uploads to unstable; so if information
> becomes available that your package should not be included in the transition,
> there is time for us to amend the planned uploads.

Would it be possible to re-run the analysis on htmlcxx with 0.87-4?

Thanks,

Stephen


signature.asc
Description: PGP signature

Bug#1062057: chipmunk: NMU diff for 64-bit time_t transition

2024-02-12 Thread Stephen Kitt

Hi,

On Wed, 31 Jan 2024 08:50:37 +, Steve Langasek  wrote:
> As part of the 64-bit time_t transition required to support 32-bit
> architectures in 2038 and beyond
> (https://wiki.debian.org/ReleaseGoals/64bit-time), we have identified
> chipmunk as a source package shipping runtime libraries whose ABI
> either is affected by the change in size of time_t, or could not be
> analyzed via abi-compliance-checker (and therefore to be on the safe
> side we assume is affected).

[…]

> If you have any concerns about this patch, please reach out ASAP.  Although
> this package will be uploaded to experimental immediately, there will be a
> period of several days before we begin uploads to unstable; so if
> information becomes available that your package should not be included in
> the transition, there is time for us to amend the planned uploads.

I’ve fixed the header problems preventing analysis in 7.0.3-6 (just uploaded
to unstable), would it be possible to re-run the ABI analysis?

Regards,

Stephen


pgpqEUBqjjZQk.pgp
Description: OpenPGP digital signature

Bug#1063146: fai-setup-storage: New dependency on /usr/lib/fai/subroutines

2024-02-06 Thread Stephen Quinney

Actually it's worse than that. Even with the fai-client package
installed I cannot run fai-disk-info

With version 6.0 I get:

/usr/lib/fai/fai-disk-info
sda

with version 6.2 I get:

/usr/lib/fai/fai-disk-info
bash: set_bootstick: command not found
bash: once_only: command not found
bash: all_disks_and_size: command not found
bash: checkdisk: command not found

which in turn breaks the setup-storage utility.

Regards,

Stephen Quinney

On Mon, 5 Feb 2024 at 11:45, Stephen Quinney  wrote:
>
> Package: fai-setup-storage
> Version: 6.2
> Severity: important
> X-Debbugs-Cc: step...@jadevine.org.uk
>
> We use the fai-setup-storage utility in a standalone way (i.e. not
> with the rest of FAI) as part of our local installation and
> configuration scripts. This has always worked perfectly up to version
> 6.0.
>
> With the recent changes in 6.2 the fai-disk-info script now requires
> /usr/lib/fai/subroutines which is in the fai-client package but there
> is no dependency declared. If the fai-client package is not installed
> setup-storage will now completely fail to run.
>
> Regards,
>
> Stephen Quinney
>
> -- System Information:
> Debian Release: 12.4
>   APT prefers stable-updates
>   APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 
> 'stable')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 6.1.0-17-amd64 (SMP w/8 CPU threads; PREEMPT)
> Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
> TAINT_UNSIGNED_MODULE
> Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
> LANGUAGE=en_GB:en
> Shell: /bin/sh linked to /usr/bin/dash
> Init: systemd (via /run/systemd/system)
> LSM: AppArmor: enabled
>
> Versions of packages fai-setup-storage depends on:
> ii  e2fsprogs 1.47.0-2
> pn  liblinux-lvm-perl 
> ii  libparse-recdescent-perl  1.967015+dfsg-4
> ii  parted3.5-3
> ii  perl  5.36.0-7+deb12u1
>
> Versions of packages fai-setup-storage recommends:
> ii  lvm2   2.03.16-2
> pn  mdadm  
>
> Versions of packages fai-setup-storage suggests:
> ii  cryptsetup 2:2.6.1-4~deb12u1
> ii  dmsetup2:1.02.185-2
> ii  dosfstools 4.2-1
> pn  jfsutils   
> ii  ntfs-3g1:2022.10.3-1+b1
> pn  reiserfsprogs  
> pn  xfsprogs

Bug#1063146: fai-setup-storage: New dependency on /usr/lib/fai/subroutines

2024-02-05 Thread Stephen Quinney

Package: fai-setup-storage
Version: 6.2
Severity: important
X-Debbugs-Cc: step...@jadevine.org.uk

We use the fai-setup-storage utility in a standalone way (i.e. not
with the rest of FAI) as part of our local installation and
configuration scripts. This has always worked perfectly up to version
6.0.

With the recent changes in 6.2 the fai-disk-info script now requires
/usr/lib/fai/subroutines which is in the fai-client package but there
is no dependency declared. If the fai-client package is not installed
setup-storage will now completely fail to run.

Regards,

Stephen Quinney

-- System Information:
Debian Release: 12.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-17-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages fai-setup-storage depends on:
ii  e2fsprogs 1.47.0-2
pn  liblinux-lvm-perl 
ii  libparse-recdescent-perl  1.967015+dfsg-4
ii  parted3.5-3
ii  perl  5.36.0-7+deb12u1

Versions of packages fai-setup-storage recommends:
ii  lvm2   2.03.16-2
pn  mdadm  

Versions of packages fai-setup-storage suggests:
ii  cryptsetup 2:2.6.1-4~deb12u1
ii  dmsetup2:1.02.185-2
ii  dosfstools 4.2-1
pn  jfsutils   
ii  ntfs-3g1:2022.10.3-1+b1
pn  reiserfsprogs  
pn  xfsprogs

Bug#985184: reminiscence not anymore licensed

2023-12-17 Thread Stephen Kitt

On Mon, 18 Dec 2023 00:38:26 +0100, Alexandre Detiste
 wrote:
> I think until the licensing problem is not resolved,
> this old version of the game should not be included in a release.

Why not? The license of the old version is still valid...

Regards,

Stephen


pgpyLcOab2FeX.pgp
Description: OpenPGP digital signature

Bug#1058491: add a "Date" control field (for reproducibility)

2023-12-12 Thread Stephen Gildea

Package: equivs
Version: 2.3.1
Tags: patch

Please accept this enhancement to add a "Date" field to the
equivs-build control file.

If supplied, the Date value will be used instead of the current time
to set the date/time in the generated debian/changelog file.

Sometimes the caller does not need to supply an entire changelog file
but just needs to set the package date.  Setting the date to a
specific time lets equivs-build be part of a reproducible build chain.


--- equivs-2.3.1/usr/bin/equivs-build
+++ equivs/usr/bin/equivs-build
@@ -339,9 +339,14 @@ sub make_changelog {
   my ($version, $suite, $date);
 
   $version = $control->{'Version'} || "1.0";
   $suite = $control->{'Suite'} || "unstable";
-  chomp ($date = qx(date -R));
+  my $date_to_use_arg = "";
+  if (my $control_dateq = $control->{'Date'}) {
+  $control_dateq =~ s/'/'\\\''/g;
+  $date_to_use_arg = "--date='$control_dateq'";
+  }
+  chomp ($date = qx(date -R $date_to_use_arg));
 
   open OUT, '>', "$builddir/debian/changelog" or
 die "Couldn't write changelog: $!\n";
   print OUT <.  If not specified, B
+will generate one.  Some parts of the generated F can be
+controlled; see the Version and Date fields.
 
 =item Version: 
 
 If you don't use a local changelog, equivs will create a
 dummy one. As the version of the package is defined in the
 changelog, equivs will assume the version 1.0. With this
 field, you can set an explicit version.
 
+=item Date:
+
+If B generates a F file, it will use this
+time as the package release date.  The date defaults to the current time.
+The Date string can be anything C> will accept.
+

Bug#1058049: [mk-build-deps] "arch all" packages are architecture-specific

2023-12-11 Thread Stephen Gildea

Package: devscripts
Version: 2.23.6
Tags: patch

The packages mk-build-deps builds work on only one architecture, even if the
built package architecture is "all".  This is because the generated package
always includes a dependency on "build-essential:", where  is a
specific architecture.

Because of this limitation, when I need a build-depends package for a second
architecture, I must re-run mk-build-deps.  This gives me a new package with
the same name and same architecture, but a different Depends line.

The problem is fixed with this 2-line patch, which removes the architecture
specification from "build-essential" when building an "all" package.

--- devscripts-2.23.6/scripts/mk-build-deps.pl
+++ devscripts/scripts/mk-build-deps.pl
@@ -566,7 +566,8 @@ sub build_equiv {
 deps_iterate($negative, $handle_native_archqual);
 
 my $pkgname;
-my $buildess = "build-essential:$buildarch";
+my $buildess = "build-essential";
+$buildess .= ":$buildarch" if $packagearch ne "all";
 if ($buildarch eq $hostarch) {
 $pkgname = "$opts->{name}-$opts->{type}";
 } else {

Bug#717778: checkinstall: mkdir -p fails (fstrans broken again?)

2023-10-29 Thread Stephen Gelman

 Sorry for the delay, I uploaded checkinstall 1.6.2+git20170426.d24a630-4
which has this fix.

Stephen

On Oct 23, 2023 at 9:58:53 AM, Stephen Gelman  wrote:

> It’s maintained, however the upstream no longer exists so I need to vet
> any patches myself. I will take a look at the provided patch and get it
> uploaded!
>
> Stephen
>
> On Oct 20, 2023 at 8:56:31 AM, Siddh Raman Pant  wrote:
>
>> Is the package no longer maintained? If it is, it should be removed from
>> the repo.
>>
>> It is 2023, and checkinstall is still broken.
>>
>> Thanks,
>> Siddh
>>
>> On Sat, 02 Jul 2022 02:18:35 + Geoffrey Hausheer <
>> debianbug...@pblue.org> wrote:
>>
>> Package: checkinstall
>>
>> Version: 1.6.2+git20170426.d24a630-2
>>
>> Followup-For: Bug #717778
>>
>> X-Debbugs-Cc: debianbug...@pblue.org
>>
>>
>> It appears that the root of this issue may be in instw_setpathrel
>>
>> Specifically, the 'stat' command that is used to get the length of a
>> symlink should
>>
>> be 'lstat' instead.
>>
>>
>> Here is a 1 line-patch that addressed the issue for me:
>>
>>
>> --- a/installwatch/installwatch.c
>>
>> +++ b/installwatch/installwatch.c
>>
>> @@ -1691,7 +1691,7 @@
>>
>>   if ( dirfd == AT_FDCWD ) return instw_setpath(instw, relpath);
>>
>>
>>
>>   snprintf(proc_path, PROC_PATH_LEN, "/proc/self/fd/%d", dirfd);
>>
>> - if(true_stat(proc_path, ) == -1)
>>
>> + if(true_lstat(proc_path, ) == -1)
>>
>>   goto out;
>>
>>   if(!(newpath = malloc(s.st_size+strlen(relpath)+2)))
>>
>>   goto out;
>>
>>
>>
>>
>> -- System Information:
>>
>> Debian Release: 11.3
>>
>>   APT prefers stable-updates
>>
>>   APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500,
>> 'stable')
>>
>> Architecture: amd64 (x86_64)
>>
>>
>> Kernel: Linux 5.10.67-zfs (SMP w/4 CPU threads)
>>
>> Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE,
>> TAINT_UNSIGNED_MODULE
>>
>> Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
>>
>> Shell: /bin/sh linked to /bin/dash
>>
>> Init: unable to detect
>>
>>
>> Versions of packages checkinstall depends on:
>>
>> ii  dpkg-dev1.20.10
>>
>> ii  file1:5.39-3
>>
>> ii  libc6   2.31-13+deb11u3
>>
>> ii  sensible-utils  0.0.14
>>
>>
>> Versions of packages checkinstall recommends:
>>
>> ii  make  4.3-4.1
>>
>>
>> Versions of packages checkinstall suggests:
>>
>> ii  gettext  0.21-4
>>
>>
>> -- Configuration Files:
>>
>> /etc/checkinstallrc changed [not included]
>>
>>
>> -- no debconf information
>>
>>
>>
>>

Bug#1031063: wormhole-william: FTBFS randomly (failing tests)

2023-10-24 Thread Stephen Gelman

Ah sorry, I meant to get to this and haven't had a chance. I'd really
appreciate it if you did a team upload!

Stephen

On Tue, Oct 24, 2023 at 3:03 AM Santiago Vila  wrote:
>
> reopen 1031063
> fixed 1031063 1.0.6-3
> owner 1031063 !
> thanks
>
> Hi. I'm going to do a "Team upload" to fix this in stable.
>
> Thanks.

Bug#717778: checkinstall: mkdir -p fails (fstrans broken again?)

2023-10-23 Thread Stephen Gelman

 It’s maintained, however the upstream no longer exists so I need to vet
any patches myself. I will take a look at the provided patch and get it
uploaded!

Stephen

On Oct 20, 2023 at 8:56:31 AM, Siddh Raman Pant  wrote:

> Is the package no longer maintained? If it is, it should be removed from
> the repo.
>
> It is 2023, and checkinstall is still broken.
>
> Thanks,
> Siddh
>
> On Sat, 02 Jul 2022 02:18:35 + Geoffrey Hausheer <
> debianbug...@pblue.org> wrote:
>
> Package: checkinstall
>
> Version: 1.6.2+git20170426.d24a630-2
>
> Followup-For: Bug #717778
>
> X-Debbugs-Cc: debianbug...@pblue.org
>
>
> It appears that the root of this issue may be in instw_setpathrel
>
> Specifically, the 'stat' command that is used to get the length of a
> symlink should
>
> be 'lstat' instead.
>
>
> Here is a 1 line-patch that addressed the issue for me:
>
>
> --- a/installwatch/installwatch.c
>
> +++ b/installwatch/installwatch.c
>
> @@ -1691,7 +1691,7 @@
>
>   if ( dirfd == AT_FDCWD ) return instw_setpath(instw, relpath);
>
>
>
>   snprintf(proc_path, PROC_PATH_LEN, "/proc/self/fd/%d", dirfd);
>
> - if(true_stat(proc_path, ) == -1)
>
> + if(true_lstat(proc_path, ) == -1)
>
>   goto out;
>
>   if(!(newpath = malloc(s.st_size+strlen(relpath)+2)))
>
>   goto out;
>
>
>
>
> -- System Information:
>
> Debian Release: 11.3
>
>   APT prefers stable-updates
>
>   APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500,
> 'stable')
>
> Architecture: amd64 (x86_64)
>
>
> Kernel: Linux 5.10.67-zfs (SMP w/4 CPU threads)
>
> Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE,
> TAINT_UNSIGNED_MODULE
>
> Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
>
> Shell: /bin/sh linked to /bin/dash
>
> Init: unable to detect
>
>
> Versions of packages checkinstall depends on:
>
> ii  dpkg-dev1.20.10
>
> ii  file1:5.39-3
>
> ii  libc6   2.31-13+deb11u3
>
> ii  sensible-utils  0.0.14
>
>
> Versions of packages checkinstall recommends:
>
> ii  make  4.3-4.1
>
>
> Versions of packages checkinstall suggests:
>
> ii  gettext  0.21-4
>
>
> -- Configuration Files:
>
> /etc/checkinstallrc changed [not included]
>
>
> -- no debconf information
>
>
>
>

Bug#1054183: RFP: pdfbox -- PDF utilities (based on Apache PDFBox)

2023-10-18 Thread Stephen Eisenhauer

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: bhs2...@gmail.com

* Package name: pdfbox
  Version : 3.0.0
  Upstream Contact: PDFBox Users Mailing List 
* URL : https://pdfbox.apache.org/
* License : Apache License 2.0
  Programming Lang: Java
  Description : PDF utilities (based on Apache PDFBox)

The Apache PDFBox® library is an open source Java tool for working with PDF
documents. This project allows creation of new PDF documents, manipulation of
existing documents and the ability to extract content from documents.

This package would provide the PDFBox command-line utility
(https://pdfbox.apache.org/3.0/commandline.html), including a
desktop launcher for the 'debug' subcommand which invokes the
graphical PDF Debugger application.

Debian already packages the PDFBox library (as libpdfbox-java
and libpdfbox2-java), but does not yet package these utilities
or the included PDF Debugger. This project shares similarities
with Poppler, but contains some valuable features which Poppler
alone does not.

Bug#1054148: mingw-w64: please enable support for the mcf thread model

2023-10-18 Thread Stephen Kitt

Package: mingw-w64
Version: 8.0.0-1
Severity: wishlist
X-Debbugs-Cc: LIU Hao 

Dear Maintainer,

On Wed, 4 Oct 2023 21:29:07 +0800, LIU Hao  wrote:
> I have submitted a new thread model for mingw-w64 targets, namely the `mcf`
> thread model [1], which can be enabled by passing `--enable-threads=mcf`
> when configuring GCC. The mcfgthread library [2] is required to have been
> built and installed after the mingw-w64 CRT; it doesn't depend on the CRT
> though, only depends on some import libraries for system DLLs.
> 
> AFAICT Debian provides GCC with the `posix` and `win32` thread model. Would
> you please consider providing an `mcf` one as well? So far I have made
> similar proposals to winlibs [3] and mingw-builds [4], hopefully we can
> have it on Debian as well.
> 
> 
> [1]
> https://github.com/gcc-mirror/gcc/commit/f036d759ecee538555fa8c6b11963e4033732463
> [2] https://github.com/lhmouse/mcfgthread [3]
> https://github.com/brechtsanders/winlibs_mingw/releases/tag/13.2.0mcf-16.0.6-11.0.0-ucrt-r1
> [4]
> https://github.com/niXman/mingw-builds/commit/b876df909372d7fb0ab21aa58ce1b7c0df813dbe

Bug#1052646: xrdp: New release with security fixes

2023-09-25 Thread Stephen Quinney

Source: xrdp
Version: 0.9.21.1-1
Severity: important
X-Debbugs-Cc: step...@jadevine.org.uk

Dear Maintainer,

A new version of xrdp - 0.9.23 - was released on 2023/08/31 which
contains an important security fix for CVE-2023-40184: "Improper
handling of session establishment errors allows bypassing OS-level
session restrictions". I just wanted to check, will this be available
in unstable soon and backported to stable?

Thanks for your work on maintaining the xrdp package, it's much
appreciated!

Regards,

Stephen Quinney

-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-12-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#1051753: dosbox-x: FTBFS on big-endian architectures

2023-09-12 Thread Stephen Kitt

Package: src:dosbox-x
Version: 2023.09.01+dfsg-1
Tags: upstream ftbfs
Forwarded: https://github.com/joncampbell123/dosbox-x/issues/3751

Dear Maintainer,

dosbox-x fails to build on big-endian platforms:

g++ -DHAVE_CONFIG_H -I. -I../../../src/cpu -I../..  -I../../../include 
-I../../../src -Wno-int-to-void-pointer-cast   -Wno-address-of-packed-member   
-Wno-format-zero-length   -Wno-missing-field-initializers   
-Wno-strict-aliasing   -Wno-implicit-fallthrough   -Wno-deprecated-declarations 
  -Wconversion-null   -Wsign-promo   -Wlogical-op   -Wno-error=format-security  
 -pedantic   -Wunused   -Wextra   -Wall  -Wdate-time -D_FORTIFY_SOURCE=2 
-I/usr/include/SDL2 -D_REENTRANT   -I/<> 
-I/<>/vs/sdlnet/linux-host/include 
-I/<>/vs/sdlnet/linux-host/include/SDL -I/usr/include/freetype2 
-I/usr/include/libpng16  -I/usr/include/slirp -I/usr/include/glib-2.0 
-I/usr/lib/s390x-linux-gnu/glib-2.0/include   -g 
-ffile-prefix-map=/<>=. -fstack-protector-strong -Wformat 
-Werror=format-security -std=gnu++14  -O2  -Wall   -Wextra   -Wunused   
-pedantic   -Wno-error=format-security   -Wlogical-op   -Wsign-promo   
-Wconversion-null   -Wno-deprecated-declarations   -Wno-implicit-fallthrough   
-Wno-strict-aliasing   -Wno-missing-field-initializers   
-Wno-format-zero-length   -Wno-address-of-packed-member   
-Wno-int-to-void-pointer-cast  -I/<> 
-I/<>/vs/sdlnet/linux-host/include 
-I/<>/vs/sdlnet/linux-host/include/SDL -D_XOPEN_SOURCE=700 
-D_POSIX_C_SOURCE=200809L  -c -o core_normal_8086.o 
../../../src/cpu/core_normal_8086.cpp
In file included from ../../../src/cpu/core_normal/prefix_0f.h:2180,
 from ../../../src/cpu/core_normal.cpp:181:
../../../src/cpu/core_normal/prefix_0f_mmx.h: In function ‘Bits 
CPU_Core_Normal_Run()’:
../../../src/cpu/core_normal/prefix_0f_mmx.h:1080:35: error: ‘union MMX_reg’ 
has no member named ‘uwa’; did you mean ‘uw’?
 1080 | dest->uw.w0 = src.uwa[ imm8 &3u]; /* uwa[0] is 
uw.w0, see MMX_reg union */
  |   ^~~
  |   uw
../../../src/cpu/core_normal/prefix_0f_mmx.h:1081:35: error: ‘union MMX_reg’ 
has no member named ‘uwa’; did you mean ‘uw’?
 1081 | dest->uw.w1 = src.uwa[(imm8>>2u)&3u];
  |   ^~~
  |   uw
../../../src/cpu/core_normal/prefix_0f_mmx.h:1082:35: error: ‘union MMX_reg’ 
has no member named ‘uwa’; did you mean ‘uw’?
 1082 | dest->uw.w2 = src.uwa[(imm8>>4u)&3u];
  |   ^~~
  |   uw
../../../src/cpu/core_normal/prefix_0f_mmx.h:1083:35: error: ‘union MMX_reg’ 
has no member named ‘uwa’; did you mean ‘uw’?
 1083 | dest->uw.w3 = src.uwa[(imm8>>6u)&3u];
  |   ^~~
  |   uw
In file included from ../../../src/cpu/core_normal/prefix_66_0f.h:541,
 from ../../../src/cpu/core_normal.cpp:183:
../../../src/cpu/core_normal/prefix_0f_mmx.h:1080:35: error: ‘union MMX_reg’ 
has no member named ‘uwa’; did you mean ‘uw’?
 1080 | dest->uw.w0 = src.uwa[ imm8 &3u]; /* uwa[0] is 
uw.w0, see MMX_reg union */
  |   ^~~
  |   uw
../../../src/cpu/core_normal/prefix_0f_mmx.h:1081:35: error: ‘union MMX_reg’ 
has no member named ‘uwa’; did you mean ‘uw’?
 1081 | dest->uw.w1 = src.uwa[(imm8>>2u)&3u];
  |   ^~~
  |   uw
../../../src/cpu/core_normal/prefix_0f_mmx.h:1082:35: error: ‘union MMX_reg’ 
has no member named ‘uwa’; did you mean ‘uw’?
 1082 | dest->uw.w2 = src.uwa[(imm8>>4u)&3u];
  |   ^~~
  |   uw
../../../src/cpu/core_normal/prefix_0f_mmx.h:1083:35: error: ‘union MMX_reg’ 
has no member named ‘uwa’; did you mean ‘uw’?
 1083 | dest->uw.w3 = src.uwa[(imm8>>6u)&3u];
  |   ^~~
  |   uw


Regards,

Stephen

Bug#1038023: angband: Depends on SDL 1.2

2023-09-08 Thread Stephen Kitt

Hi Chris,

On Thu, 7 Sep 2023 22:47:05 +0100, Chris Carr  wrote:
> I would also like to build a nonfree package (to replace angband-audio,
> which can safely be removed) – Angband ships with non-free graphical tiles
> as well as non-free sounds. I can create a DFSG-free orig.tar.gz, and a
> non-free one with the tiles and sounds. I can then configure debhelper to
> detect the presence or absence of the non-free tarball and build either two
> packages (angband and angband-data) or three (including the non-free one).
> 
> But I don’t know how if that will render the *source* package non-free. I
> and many others spent much of the late 2000s tracking down all the original
> contributors and persuading them to re-licence their code under the GPL
> (which wasn’t known when they wrote it), so it was a big achievement to get
> Angband into main from 3.0. So I would like to keep the source package free
> if possible, even if this means having to maintain two source packages
> (which I don’t know how to do).

In this scenario, you need two completely separate source packages: one with
a tarball containing only DFSG-free content, the other containing anything
non-free (and potentially DFSG-free stuff as well, if it makes sense).

This means separate packaging as well; at least that way you don’t have to
worry about trying to detect whether you’re building the free or non-free
package.

Maintaining two source packages isn’t any harder than maintaining one, you
just need to do it twice. And yes, that means two separate Salsa repos too
(you could technically combine everything using branches, but that’s a recipe
for mix-ups). Basically, the same situation as you have today with the
separate angband and angband-audio source packages.

> I have a number of questions about the packaging process (sbuild can’t
> install imagemagick; dh_autoconf rewrites install-sh; version deps of libc
> and sdl-mixer-dev have increased unnecessarily; many more) – would anyone
> be willing to mentor me to get these things fixed?

Feel free to ping me, or ask on debian-mentors.

Regards,

Stephen

pgpIY4EvARCjx.pgp
Description: OpenPGP digital signature

Bug#999977: qxw: depends on obsolete pcre3 library

2023-09-04 Thread Stephen Kitt

Hi,

On Mon, 31 Jul 2023 04:44:14 +0100, Nick Morrott 
wrote:

> On 2023/07/22 at 08:43, Stephen Kitt wrote:
> >aOn Sat, 22 Jul 2023 16:14:06 +0200, Bastian Germann 
> >wrote:  
> > > I suggest to remove the package. I do not think upstream will deal with 
> > > this.  
> > 
> > qxw’s usage of pcre seems simple enough, I’ll try to come up with a patch.
> 
> In the meantime, I will look to spend some time understanding the
> pcre3->pcre2 migration and patching qxw in the short term, if Stephen does
> not have time to do so.

It took me longer to get round to this than I hoped, but here is a patch for
qxw. I’ve already forwarded it upstream.

Regards,

Stephen
Description: Port to pcre2
Author: Stephen Kitt 
Forwarded: q...@quinapalus.com

--- a/Makefile
+++ b/Makefile
@@ -27,7 +27,7 @@
 PKG_CONFIG ?= pkg-config
 CFLAGS := -Wall -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -Wno-deprecated-declarations `$(PKG_CONFIG) --cflags glib-2.0` `$(PKG_CONFIG) --cflags gtk+-2.0` -I/opt/local/include `dpkg-buildflags --get CFLAGS` `dpkg-buildflags --get CPPFLAGS` -Wpedantic -Wextra -Wno-unused-parameter
 # CFLAGS := -Wall -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security `$(PKG_CONFIG) --cflags glib-2.0` `$(PKG_CONFIG) --cflags gtk+-2.0` -I/opt/local/include
-LFLAGS := -Wl,-Bsymbolic-functions -Wl,-z,relro -L/opt/local/lib `$(PKG_CONFIG) --libs glib-2.0` `$(PKG_CONFIG) --libs gtk+-2.0` -lm -ldl -lpcre -pthread -lgthread-2.0 `dpkg-buildflags --get LDFLAGS`
+LFLAGS := -Wl,-Bsymbolic-functions -Wl,-z,relro -L/opt/local/lib `$(PKG_CONFIG) --libs glib-2.0` `$(PKG_CONFIG) --libs gtk+-2.0` -lm -ldl `pcre2-config --libs8` -pthread -lgthread-2.0 `dpkg-buildflags --get LDFLAGS`
 # -lrt as well?
 ifneq ($(filter deb,$(MAKECMDGOALS)),)
   CFLAGS:= $(CFLAGS) -g
--- a/dicts.c
+++ b/dicts.c
@@ -23,7 +23,8 @@
 */
 
 
-#include 
+#define PCRE2_CODE_UNIT_WIDTH 8
+#include 
 #include// required for string conversion functions
 #include 
 
@@ -447,13 +448,13 @@
 
 // Add a new dictionary word with UTF-8 citation form s0
 // dictionary number dn, score f. Return 1 if added, 0 if not, -2 for out of memory
-static int adddictword(char*s0,int dn,pcre*sre,pcre*are,float f) {
+static int adddictword(char*s0,int dn,pcre2_code*sre,pcre2_code*are,float f) {
   int c,c0,i,l0,l1,l2;
   uchar t[MXLE+1],u;
   char s1[MXLE*16+1];
   char s2[MXLE+1];
   struct memblk*q;
-  int pcreov[120];
+  pcre2_match_data * pcremd;
 
   l0=strlen(s0);
   utf8touchars(t,s0,MXLE+1);
@@ -507,24 +508,28 @@
   //  s2 contains canonicalised form in internal character code, length l2 1<=l2<=MXLE
 
   dst_lines[dn]++;
+  pcremd = pcre2_match_data_create(120, NULL);
   if(sre) {
-i=pcre_exec(sre,0,s0,l0,0,0,pcreov,120);
+i=pcre2_match(sre,(PCRE2_SPTR)s0,l0,0,0,pcremd,NULL);
 DEB_DI if(i<-1) printf("PCRE error %d\n",i);
 if(i<0) {
   DEB_DV printf("  failed file filter\n");
+  pcre2_match_data_free(pcremd);
   return 0; // failed match
   }
 }
   dst_lines_f[dn]++;
   if(are) {
-i=pcre_exec(are,0,s1,l1,0,0,pcreov,120);
+i=pcre2_match(are,(PCRE2_SPTR)s1,l1,0,0,pcremd,NULL);
 DEB_DI if(i<-1) printf("PCRE error %d\n",i);
 if(i<0) {
   DEB_DV printf("  failed answer filter\n");
+  pcre2_match_data_free(pcremd);
   return 0; // failed match
   }
 }
   dst_lines_fa[dn]++;
+  pcre2_match_data_free(pcremd);
 
   if(memblkp==NULL||memblkl+2+l0+1+l2+1>MEMBLK) { // allocate more memory if needed (this always happens on first pass round loop)
 q=(struct memblk*)malloc(sizeof(struct memblk));
@@ -574,7 +579,7 @@
   }
 
 // Attempt to load a .TSD file. Return number of words >=0 on success, <0 on error.
-static int loadtsd(FILE*fp,int format,int dn,pcre*sre,pcre*are) {
+static int loadtsd(FILE*fp,int format,int dn,pcre2_code*sre,pcre2_code*are) {
   int c,i,j,l,m,ml,n,u,nw;
   int hoff[MXLE+1]; // file offsets into Huffman coded block
   int dcount[MXLE+1]; // number of words of each length
@@ -683,9 +688,10 @@
 
   float f;
   int mode,owd,rc;
-  pcre*sre,*are;
-  const char*pcreerr;
-  int pcreerroff;
+  pcre2_code*sre,*are;
+  int pcreerr;
+  PCRE2_SIZE pcreerroff;
+  PCRE2_UCHAR pcreerrmsg[256];
   char sfilter[SLEN+1];
   char afilter[SLEN+1];
   GError *error = NULL;
@@ -709,18 +715,20 @@
   strcpy(sfilter,dsfilters[dn]);
   if(!strcmp(sfilter,"")) sre=0;
   else {
-sre=pcre_compile(sfilter,PCRE_CASELESS|PCRE_UTF8|PCRE_UCP,,,0);
-if(pcreerr) {
-  sprintf(t,"Dictionary %d\nBad file filter syntax: %.100s",dn+1,pcreerr);
+sre=pcre2_compile((PCRE2_SPTR)sfilter,PCRE2_ZERO_TERMINATED,PCRE2_CASELESS|PCRE2_UTF|PCRE2_UCP,,,0);
+if(sre == NULL) {
+  pcre2_get_error_message(pcreerr, pcreerrmsg, sizeof pcreerrmsg);
+  sprintf(t,"Diction

Bug#1050316: apt-setup: Unable to use local repo when installing older release

2023-08-22 Thread Stephen Gelman

Source: apt-setup
Version: 1:0.183
Severity: normal
Tags: d-i
X-Debbugs-Cc: ssg...@debian.org

I sometimes use the current stable d-i to install the n-1 release when I
need to install on hardware that requires a newer kernel, then I install
the backport kernel in the preseed so the system boots. With the
bookworm debian-installer, my local apt repo does not get successfully
added to the system.

After some debugging, I determined the issue is here: 
https://salsa.debian.org/installer-team/apt-setup/-/blob/master/generators/60local#L46
The /etc/apt/keyrings directory wasn't added to the apt package until
apt 2.4.0, but bullseye only ships with 2.2.4. The fix here is simple
and I believe it to be low risk: the generator just needs to run
"mkdir -p /etc/apt/keyrings" at the beginning of 60local. Since newer
versions of apt already create that empty directory it will be a no-op
for them.

In case anyone else runs into this issue and stumbles onto this bug, I
was able to work around it by adding the following to my preseed:

d-i partman/early_command string printf "#!/bin/sh\nmkdir -p 
\$ROOT/etc/apt/keyrings\n" > /usr/lib/apt-setup/generators/02fixbug && chmod +x 
/usr/lib/apt-setup/generators/02fixbug

I understand that the current release is the main priority of d-i but
given the fix seems to be low risk it would be appreciated if it could
be fixed in stable!


-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.3.0-2-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_US.UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#1050056: libz-mingw-w64 build-depends on pev

2023-08-19 Thread Stephen Kitt

Hi David,

On Fri, 18 Aug 2023 23:05:29 -0300, David da Silva Polverari
 wrote:
> Your package build-depends on pev, but it has been renamed to readpe due
> to upstream changes.
> 
> readpe is still in experimental. I will wait 15 days before uploading it
> to unstable. Please let me know if you need more time, or if you had any
> problems with it. Any feedback/testing is appreciated.

Since there’s a transitional pev package depending on readpe, there shouldn’t
be any adverse effect: libz-mingw-w64 will still be buildable, since its
build-dependency on pev will pull in readpe. Once readpe is in unstable I’ll
upload an updated libz-mingw-w64 package build-depending only on readpe.

Regards,

Stephen

pgpGqz_nqR30z.pgp
Description: OpenPGP digital signature

Bug#967356: fyre: depends on deprecated GTK 2

2023-08-17 Thread Stephen Kitt

Hi Bastian,

On Sat, 12 Aug 2023 15:12:06 +0200, Bastian Germann  wrote:
> Is it worth to keep such an ancient program as fyre in Debian?
> It might be time to drop it.

You’re right, it isn’t worth it, I’ll file a removal request.

Regards,

Stephen


pgpzjFhby3m96.pgp
Description: OpenPGP digital signature

Bug#1049941: RM: fyre -- ROM; abandoned upstream, low popcon

2023-08-17 Thread Stephen Kitt

Package: ftp.debian.org
Severity: normal

Dear FTP team,

Please remove fyre, it’s abandoned upstream, depends on obsolete
libraries and has a very low popcon.

Regards,

Stephen

Bug#1043539: project: Forwarding of @debian.org mails to gmail broken

2023-08-13 Thread Stephen Frost

Greetings,

* Cord Beermann (c...@debian.org) wrote:
> As listmaster i can confirm that it is a big problem to deliver Mails to
> gmail/outlook/yahoo. Yahoo Subscribers are mostly gone by now because they
> bounced a lot, for gmail it is so much that we just ignore bounces because of
> those rules. 

As a maintainer or some pretty big lists ... we don't have *that* much
trouble delivering to gmail, or others for that matter.

> | helgefjell.de descriptive text "v=spf1 ip4:142.132.201.35 mx ~all"
> 
> so you flagged your mail has to come from that IP (or the MX) and from other
> sources it should be considered suspicious.

... but if it's DKIM signed, then it'll generally get delivered
properly.

> SRS/ARC and so on are just dirty patches that try to fix things that were
> broken before, but they will break even more things like Mail signing.

ARC doesn't break DKIM signatures (unless someone's got a very broken
DKIM setup which over-signs ARC headers ... but if so, then that's on
them).

Thanks,

Stephen

signature.asc
Description: PGP signature

Bug#1043539: project: Forwarding of @debian.org mails to gmail broken

2023-08-13 Thread Stephen Frost

Greetings,

* Mattia Rizzolo (mat...@debian.org) wrote:
> Alternatively, I wonder if ARC nowadays is respected enough (and if
> Google cares about it)... I personally don't have any system with ARC
> under my care.

Sadly, no, they don't seem to care one bit about ARC, except possibly if
it's their own ARC sigs.

If someone has some idea how to get them to care about ARC, I'd love to
hear about it, as I have folks on the one hand who view DKIM/DMARC as
too painful to set up but then they end up with bounces from gmail due
to my forwarding of messages through my server (which are being
ARC-signed by it and pass on that the SPF check was successful when they
arrived to my server)...

I'd encourage everyone running their own email servers to please get
DKIM/DMARC/ARC/SPF set up.  Yeah, it's annoying, but it's not actually
all *that* bad to do.

Thanks,

Stephen

signature.asc
Description: PGP signature

Bug#1042415: ruby-aws-partitions: Package missing partitions.json

2023-07-27 Thread Stephen Gelman

Package: ruby-aws-partitions
Version: 1.653.0-1
Severity: grave
Tags: patch
Justification: renders package unusable
X-Debbugs-Cc: ssg...@debian.org

In version 1.653.0-1, 
/usr/share/rubygems-integration/all/gems/aws-partitions-1.653.0/partitions.json 
is not present. It is there in version 1.354.0-2 in bullseye. Without that 
file, any actual use of this gem fails:

$ irb
irb(main):001:0> require 'aws-partitions'
=> true
irb(main):002:1* Aws::Partitions.each do |partition|
irb(main):003:1*   puts partition.name
irb(main):004:0> end
/usr/share/rubygems-integration/all/gems/aws-partitions-1.653.0/lib/aws-partitions.rb:225:in
 `read': No such file or directory @ rb_sysopen - 
/usr/share/rubygems-integration/all/gems/aws-partitions-1.653.0/partitions.json 
(Errno::ENOENT)
from 
/usr/share/rubygems-integration/all/gems/aws-partitions-1.653.0/lib/aws-partitions.rb:225:in
 `defaults'
from 
/usr/share/rubygems-integration/all/gems/aws-partitions-1.653.0/lib/aws-partitions.rb:214:in
 `default_partition_list'
from 
/usr/share/rubygems-integration/all/gems/aws-partitions-1.653.0/lib/aws-partitions.rb:137:in
 `each'
from (irb):2:in `'
from /usr/lib/ruby/gems/3.1.0/gems/irb-1.4.1/exe/irb:11:in `'
from /usr/bin/irb:25:in `load'
from /usr/bin/irb:25:in `'

Patch to fix is attached


-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.3.0-2-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_US.UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages ruby-aws-partitions depends on:
ii  ruby  1:3.1

ruby-aws-partitions recommends no packages.

ruby-aws-partitions suggests no packages.

-- no debconf information
diff -Nru ruby-aws-partitions-1.653.0/debian/changelog 
ruby-aws-partitions-1.653.0/debian/changelog
--- ruby-aws-partitions-1.653.0/debian/changelog2022-10-30 
08:49:35.0 -0500
+++ ruby-aws-partitions-1.653.0/debian/changelog2023-07-27 
17:39:10.0 -0500
@@ -1,3 +1,11 @@
+ruby-aws-partitions (1.653.0-1.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Change DH_RUBY_GEM_INSTALL_WHITELIST_APPEND to DH_RUBY_GEM_INSTALL_INCLUDE
+in debian/rules to work with newer gem2deb
+
+ -- Stephen Gelman   Thu, 27 Jul 2023 17:39:10 -0500
+
 ruby-aws-partitions (1.653.0-1) unstable; urgency=medium
 
   * Team Upload
diff -Nru ruby-aws-partitions-1.653.0/debian/rules 
ruby-aws-partitions-1.653.0/debian/rules
--- ruby-aws-partitions-1.653.0/debian/rules2022-10-30 08:49:35.0 
-0500
+++ ruby-aws-partitions-1.653.0/debian/rules2023-07-27 17:36:38.0 
-0500
@@ -2,7 +2,7 @@
 
 export GEM2DEB_TEST_RUNNER = --check-dependencies
 export DH_RUBY = --gem-install
-export DH_RUBY_GEM_INSTALL_WHITELIST_APPEND := partitions.json
+export DH_RUBY_GEM_INSTALL_INCLUDE := partitions.json
 
 %:
dh $@ --buildsystem=ruby --with ruby

Bug#999977: qxw: depends on obsolete pcre3 library

2023-07-22 Thread Stephen Kitt

On Sat, 22 Jul 2023 16:14:06 +0200, Bastian Germann  wrote:
> I suggest to remove the package. I do not think upstream will deal with 
> this.

qxw’s usage of pcre seems simple enough, I’ll try to come up with a patch.

Regards,

Stephen


pgpj3AFhwSrrc.pgp
Description: OpenPGP digital signature

Bug#1041151: libxmp-dev: invalid cmake configuration

2023-07-15 Thread Stephen Kitt

Package: libxmp-dev
Version: 4.6.0-1
Severity: important

Dear Maintainer,

The new cmake configuration files shipped with libxmp-dev don’t take
multiarch paths into account; this produces an invalid path for includes
(/usr/lib/include).

Regards,

Stephen


-- System Information:
Debian Release: 11.7
  APT prefers oldstable-updates
  APT policy: (500, 'oldstable-updates'), (500, 'oldstable-security'), (500, 
'oldstable-debug'), (500, 'oldstable'), (100, 'unstable-debug'), (100, 
'testing-debug'), (100, 'unstable'), (100, 'testing'), (1, 
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, arm64

Kernel: Linux 5.10.0-23-amd64 (SMP w/8 CPU threads)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libxmp-dev depends on:
ii  libxmp4  4.4.1-3

libxmp-dev recommends no packages.

libxmp-dev suggests no packages.

-- no debconf information

Bug#837108: gcc-mingw-w64-i686's libgcc dll is not found by wine

2023-06-24 Thread Stephen Kitt

Control: tag -1 + wontfix

Hi Niels,

On Thu, 08 Sep 2016 21:56:38 +0200, ni...@lysator.liu.se (Niels Möller) wrote:
> The default dll search path used by wine32 does not include the location
> of the libgcc_s_sjlj-1.dll library supplied with gcc-mingw-w64-i686.
> 
> I can't say if it's wine, mingw, or both, which are wrong here. Wine's
> dll directory, /usr/lib/i386-linux-gnu/wine/, seems reasonable, so I'm
> filing it on mingw. But maybe it's no good idea to have
> gcc-mingw-w64-i686 install files in the same directory. So we might need
> to extend wine's dll path to add some suitable directory for other
> packages to install dlls in.

gcc-mingw-w64 ships different variants of libgcc, so it can’t just drop one
in a directory on the default Wine DLL path — Windows programs built with
gcc-mingw-w64 have to ensure that the appropriate DLLs are available
alongside them.

> My expectation is that if I compile a program using i686-w64-mingw32-gcc
> or i686-w64-mingw32-g++, I should be able to run that executable using
> wine. I've used to be able to do that, not sure at which package upgrade
> it stopped working. Here's an example where this fails:

I don’t think it was ever possible to do that; even when gcc-mingw-w64 (or
gcc-mingw32) shipped a single version of libgcc, it wasn’t provided in a
directory Wine would use on its own. What *is* possible is that previous
versions of the compiler didn’t produce binaries needing libgcc in as many
cases, so you might end up with a binary which just works whereas now you
don’t.

>   #include 
>   #include 
>   
>   int
>   main(int argc, char **argv)
>   {
> printf("foo\n");
> return 0;
>   }
> 
> To reproduce, save into a file "hello.cxx", compile using 
> 
>i686-w64-mingw32-g++ hello.cxx 
> 
> and run it using
> 
>WINEDEBUG=err+all wine ./a.exe
> 
> Expected result is a line "foo" written to stdout. Instead, I get
> the error
> 
>   err:module:import_dll Library libgcc_s_sjlj-1.dll (which is needed by
> L"Z:\\home\\nisse\\hack\\test\\a.exe") not found
> err:module:LdrInitializeThunk Main exe initialization for
> L"Z:\\home\\nisse\\hack\\test\\a.exe" failed, status c135
> 
> By strace (strace -f -e open wine a.exe), I see that wine attempts to open
> 
>   [pid 31177]
> open("/usr/lib/wine/../i386-linux-gnu/wine/./libgcc_s_sjlj-1.dll.so",
> O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 31177]
> open("/usr/lib/wine/../i386-linux-gnu/wine/./libgcc_s_sjlj-1.dll.so",
> O_RDONLY|O_LARGEFILE) = -1 ENOENT (No such file or directory) which seems
> ok, /usr/lib/i386-linux-gnu/wine/ exists and there are a lot of dll files
> there. But not libgcc. 
> 
>   $ apt-file search libgcc_s_sjlj
>   gcc-mingw-w64-i686:
> /usr/lib/gcc/i686-w64-mingw32/4.9-posix/libgcc_s_sjlj-1.dll
> gcc-mingw-w64-i686:
> /usr/lib/gcc/i686-w64-mingw32/4.9-win32/libgcc_s_sjlj-1.dll
> 
> I have this package installed, and the files exist on my system, they
> just aren't found by wine. Besides the different location, also note the
> different file name, ".dll" vs ".dll.so".

Yes, .dll.so files are Wine-specific. The goal of the mingw-w64 packages is
to produce binaries which work on Windows (and incidentally, Wine).

> The debian wine* packages I have installed are wine, wine32 and wine64,
> all version 1.8.4-1.
> 
> The debian gcc-mingw* packages installed are gcc-mingw-w64,
> gcc-mingw-w64-base, gcc-mingw-w64-i686, gcc-mingw-w64-x86-64, all
> version 4.9.1-19+14.3.
> 
> I'm running this on an x86_64 machine running mostly debian stable,
> but certain packages, including wine, installed from testing (apt-get
> install -t testing wine).
> 
> Some curiosities: 
> 
>   * Switching the order of the two includes, or deleting the include of
> , makes this example work. It then prints out the message
> "foo", as expected. (The executable then no longer depends on the
> libgcc dll, I guess).
> 
>   * The strace output also shows that wine attempts to open
> "/usr/lib/wine/../i386-linux-gnu/wine/./%1.dll.so"

Regards,

Stephen


pgpwV2cZqpSjk.pgp
Description: OpenPGP digital signature

Bug#1038023: angband: Depends on SDL 1.2

2023-06-24 Thread Stephen Kitt

Hi Alexandre,

I see you’re already taken care of importing the last upload and preparing a
new release. If you’re interested in the history of the Alioth VCS
repository, it was archived at
https://alioth-archive.debian.org/git/collab-maint/ (there are three
tarballs, angband-audio.git.tar.xz, angband-debian.git.tar.xz, and
angband.git.tar.xz; I haven’t checked their contents).

Regards,

Stephen

On Fri, 23 Jun 2023 22:32:32 +0200, Alexandre Detiste
 wrote:

> tag 1038023 +fixed-upstream
> thanks
> 
> The new upstream releases 4.x provide SDL2 and a lot of other niceties
> 
> The VCS Url still point to Alioth.
> 
> Can the last upload be imported on Salsa ?
> 
> Greetings
> 
> https://angband.readthedocs.io/en/latest/customize.html#interface-details
> >Interface details
> >
> >Below are brief descriptions for what you can configure with the standard
> >Windows, X11, SDL, SDL2 and Mac front ends.  
> 
> 

pgpCHTgS0Ksxf.pgp
Description: OpenPGP digital signature

Bug#1038210: please provide a way to use UCRT instead of MSVCRT

2023-06-17 Thread Stephen Kitt

On Fri, 16 Jun 2023 17:00:19 +0200, Sébastien Villemot 
wrote:
> Le vendredi 16 juin 2023 à 16:42 +0200, Sébastien Villemot a écrit :
> > 2. at runtime, by passing a modified specs file to the cross-compiler
> > (more specifically, replacing -lmsvcrt by -lucrt in the libgcc section)  
> 
> Actually I realize that this solution probably does not work very
> reliably, in particular for C++ programs (because libstdc++ would still
> be built against MSVCRT).

Right, that wouldn’t work — or rather, it would work in some cases but not in
others...

> So the only reliable solution may be to provide different binary
> packages with cross-compilers for UCRT.

I’m leaning towards taking the same approach as Fedora, using a new triplet,
...-w64-mingw32ucrt (see https://fedoraproject.org/wiki/Changes/F37MingwUCRT
for details and
https://sourceforge.net/p/mingw-w64/mailman/mingw-w64-public/thread/CAMxuvax0nSO5%2BMRNQG%3DkBiN%3DPPAFbXrzAR-OVgS0kiKoVPeWSw%40mail.gmail.com/
for a very brief discussion with upstream).

Regards,

Stephen

pgp6iwNzeM5RL.pgp
Description: OpenPGP digital signature

Bug#1037974: ddcci-dkms: code fails to build and package fails to install with Linux 6.3 headers

2023-06-15 Thread Stephen Kitt

Hi Paul,

On Thu, 15 Jun 2023 10:32:56 +0800, Paul Wise  wrote:
> When I try to install ddcci-dkms with the Linux 6.3 headers installed,
> the build of the code fails and then the install of the package fails.
> 
> I think there are two problems here:
> 
>  * The code needs to be adapted to the latest Linux kernel version.

I’ve applied candidate patches from the upstream repo to handle up to 6.4.

>  * The package should not fail to install when the module build fails.
>    This might be a problem in dkms itself, or in ddcci's integration.

This is the more interesting issue, but see #1029063. Admittedly the absence
of a ddcci module is unlikely to ever prevent a system from booting, so
perhaps we could have a way of telling dkms that build failures in a given
module shouldn’t be treated as errors. Andreas, what do you think?

Regards,

Stephen

pgpNUPqVo_amU.pgp
Description: OpenPGP digital signature

Bug#1037228: ITP: pycrc -- CRC C source code generator

2023-06-08 Thread Stephen Kitt

Package: wnpp
Severity: wishlist
Owner: Stephen Kitt 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: pycrc
  Version : 0.10.0
  Upstream Author : Thomas Pircher 
* URL : https://pycrc.org
* License : MIT
  Programming Lang: Python
  Description : CRC C source code generator

pycrc is a Cyclic Redundancy Check (CRC) C source code generator.
.
It supports different implementations, with various speed-space
compromises. The CRC parameters can be freely chosen, and pycrc
includes a number of well-known CRC models (CRC-16, CRC-32 etc.).


This is a build-dependency for dosbox-x. It will be maintained in the
Python packaging team.

Bug#1036033: upgrade-reports: bullseye -> bookworm kernel package upgrade fails when ddcci-dkms package installed

2023-05-28 Thread Stephen Kitt

Control: severity -1 normal
Control: tag -1 +moreinfo

Hi Tim,

On Sun, 14 May 2023 22:44:41 +0200, Andreas Beckmann  wrote:
> On 14/05/2023 19.43, Paul Gevers wrote:
> >> /etc/kernel/postinst.d/dkms:
> >> dkms: running auto installation service for kernel 6.1.0-7-amd64.
> >> Error! Could not locate dkms.conf file.
> >> File: /var/lib/dkms/ddcci/0.3.3/source/dkms.conf does not exist.
> >> dkms: autoinstall for kernel: 6.1.0-7-amd64 failed!  
> 
> How has ddcci-dkms been installed?
> How did the dkms.conf go missing?
> Please show the current layout of the source tree:
>ls -laR /usr/src/ddcci-*
> Why hasn't ddcci been upgraded to the bookworm version (0.4.2)?

Would it be possible for you to provide an update with the information
requested above? It would also be useful if you could provide the information
requested in the upgrade-reports template (the output of COLUMNS=200 dpkg
-l). I’m downgrading the bug’s severity pending this, since yours is the only
report so far with an upgrade error related to ddcci-dkms.

I’ve been trying to reproduce this, but have so far been unable to,
regardless of the upgrade order or combination (upgrading dkms but not
ddcci-dkms, upgrading the kernel, etc.).

In particular, I would very much like to understand why dkms is complaining
about /var/lib/dkms/ddcci/0.3.3/source/dkms.conf even though the ddcci-dkms
package has seemingly been upgraded.

> PS: I don't see any errors during piuparts upgrade tests of ddcci-dkms + 
> linux-headers-amd64
> 
> PPS: Of course the bullseye version (0.3.3) will fail to build for a 6.1 
> kernel (if it gets that far), but that's nothing unexpected
> 
> PPPS: if you install the bookworm version of ddcci-dkms, it should a) 
> restore the missing file and b) be compatible with current kernels

Regards,

Stephen Kitt


pgpQXk30MAMaD.pgp
Description: OpenPGP digital signature

Bug#1036708: ITS: dosbox is dead, move to active, high quality dosbox-staging successor

2023-05-24 Thread Stephen Kitt

Hi,

On Wed, 24 May 2023 16:43:56 +0200, David Heidelberg  wrote:
> DOSBox upstream is dead for a long time. Since upstream is dead,
> multiple good or worse quality forks emerged over the time.
> 
> One of serious ones is DOSBox-staging, which implemented testing, using
> recent SDL 2, modern programming language and tries hard to solve issues
> previously carried patch by patch from downstream forks.
> 
> I (and probably few others listed in [1]) would love to see working
> DOSBox.
> 
> Current DOSBox due to usage of SDL 1.2 is hardly usable on Wayland based
> environments, so my main motivation is use DOSBox on Wayland and
> Mobian/PureOS (Debian adapted to mobile phones).

DOSBox-X is in NEW:
https://ftp-master.debian.org/new/dosbox-x_2023.05.01%2Bdfsg-1.html

You have an existing ITP for dosbox-staging, https://bugs.debian.org/973822.
Are you still working on that?

It’s not clear to me why you want to salvage the dosbox package, could you
clarify?

Regards,

Stephen


pgpxGGh8zP9ce.pgp
Description: OpenPGP digital signature

Bug#1035539: unblock: binutils-mingw-w64/10.4

2023-05-04 Thread Stephen Kitt

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Dear release team,

Please unblock package binutils-mingw-w64.

[ Reason ]
Version 10.4 includes a two-line upstream fix for a crash when
handling certain import libraries.

[ Impact ]
Users with affected libraries can’t use Bookworm’s binutils-mingw-w64
at all; this is a regression from Bullseye.

[ Tests ]
The reporter of https://bugs.debian.org/1029841 provided a test case;
see also https://sourceware.org/bugzilla/show_bug.cgi?id=30079

[ Risks ]
The fix is tiny:

diff --git a/ld/ldlang.c b/ld/ldlang.c
index 84a2914fc26..b5e0d026ae4 100644
--- a/upstream/ld/ldlang.c
+++ b/upstream/ld/ldlang.c
@@ -649,7 +649,8 @@ wild_sort (lang_wild_statement_type *wild,
 looking at the sections for this file.  */
 
   /* Find the correct node to append this section.  */
-  if (compare_section (sec->spec.sorted, section, (*tree)->section) < 0)
+  if (sec && sec->spec.sorted != none && sec->spec.sorted != by_none
+ && compare_section (sec->spec.sorted, section, (*tree)->section) < 0)
tree = &((*tree)->left);
   else
tree = &((*tree)->right);

The risk is minute.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing


unblock binutils-mingw-w64/10.4


Regards,

Stephen
diff -Nru binutils-mingw-w64-10.3/debian/changelog 
binutils-mingw-w64-10.4/debian/changelog
--- binutils-mingw-w64-10.3/debian/changelog2023-01-11 13:02:20.0 
+0100
+++ binutils-mingw-w64-10.4/debian/changelog2023-05-03 08:49:22.0 
+0200
@@ -1,3 +1,9 @@
+binutils-mingw-w64 (10.4) unstable; urgency=medium
+
+  * Apply upstream patch to fix an internal error. Closes: #1029841.
+
+ -- Stephen Kitt   Wed, 03 May 2023 08:49:22 +0200
+
 binutils-mingw-w64 (10.3) unstable; urgency=medium
 
   * Drop another failing codeview test.
diff -Nru binutils-mingw-w64-10.3/debian/patches/pr30079.patch 
binutils-mingw-w64-10.4/debian/patches/pr30079.patch
--- binutils-mingw-w64-10.3/debian/patches/pr30079.patch1970-01-01 
01:00:00.0 +0100
+++ binutils-mingw-w64-10.4/debian/patches/pr30079.patch2023-05-03 
08:49:22.0 +0200
@@ -0,0 +1,26 @@
+commit b7eab2a9d4f4e92692daf14b09fc95ca11b72e30
+Author: Michael Matz 
+Date:   Thu Feb 9 15:29:00 2023 +0100
+
+Fix PR30079: abort on mingw
+
+the early-out in wild_sort is not enough, it might still be
+that filenames are equal _and_ the wildcard list doesn't specify
+a sort order either.  Don't call compare_section then.
+
+Tested on all targets.
+
+diff --git a/ld/ldlang.c b/ld/ldlang.c
+index 84a2914fc26..b5e0d026ae4 100644
+--- a/upstream/ld/ldlang.c
 b/upstream/ld/ldlang.c
+@@ -649,7 +649,8 @@ wild_sort (lang_wild_statement_type *wild,
+looking at the sections for this file.  */
+ 
+   /* Find the correct node to append this section.  */
+-  if (compare_section (sec->spec.sorted, section, (*tree)->section) < 0)
++  if (sec && sec->spec.sorted != none && sec->spec.sorted != by_none
++&& compare_section (sec->spec.sorted, section, (*tree)->section) < 0)
+   tree = &((*tree)->left);
+   else
+   tree = &((*tree)->right);
diff -Nru binutils-mingw-w64-10.3/debian/patches/series 
binutils-mingw-w64-10.4/debian/patches/series
--- binutils-mingw-w64-10.3/debian/patches/series   2021-10-25 
10:49:54.0 +0200
+++ binutils-mingw-w64-10.4/debian/patches/series   2023-05-03 
08:46:34.0 +0200
@@ -3,3 +3,4 @@
 dont-run-objcopy.patch
 disable-flags.patch
 reproducible-import-libraries.patch
+pr30079.patch

Bug#1029841: binutils-mingw-w64-x86-64: x86_64-w64-mingw32-ld internal error in ldlang.c

2023-05-03 Thread Stephen Kitt

Hi Dennis,

On Tue, 2 May 2023 14:10:46 -0700, Dennis Kempin 
wrote:
> would you be able to build a new release that includes the upstream patch?
> 
> We currently have the version of binutils-mingw-w64-x86-64 pinned to an
> older version to avoid the issue.

This had slipped my mind, thanks for the reminder. I’ve pushed a new package,
I’ll ask for an unblock so it can get into Debian 12.

Regards,

Stephen

pgpbPIg2LdcQA.pgp
Description: OpenPGP digital signature

Bug#1034308: RM: lcab -- RoQA; orphaned, abandoned upstream, has alternative

2023-04-12 Thread Stephen Kitt

Package: ftp.debian.org
Severity: normal

Dear FTP team,

Please remove lcab; it was last released upstream in 2007, has been
orphaned since 2019, has had no significant upload since 2013, and
everything it does can be done with gcab.

Regards,

Stephen

Bug#1034252: colord: please consider splitting out colord-sane

2023-04-11 Thread Stephen Kitt

Package: colord
Version: 1.4.5-3
Severity: wishlist
Tags: patch

Dear Maintainer,

colord-sane scans for SANE devices every time colord scans for
devices, e.g. on my system whenever a USB device is connected (or
wakes up). This wakes my multi-function printer up, which is noisy and
wasteful (it's a laser printer, so it heats up every time this
happens). See https://github.com/hughsie/colord/issues/118 and the
links there for more on this.

Would it be possible to split colord-sane out to a separate package?
The attached patch implements this. This has the side-benefit that the
main colord package no longer depends on libsane1.

Regards,

Stephen


-- System Information:
Debian Release: 11.6
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 
'stable-debug'), (500, 'stable'), (100, 'unstable-debug'), (100, 
'testing-debug'), (100, 'unstable'), (100, 'testing'), (1, 
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, arm64

Kernel: Linux 5.10.0-21-amd64 (SMP w/8 CPU threads)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages colord depends on:
ii  acl  2.2.53-10
ii  adduser  3.118
ii  colord-data  1.4.5-3
ii  dconf-gsettings-backend [gsettings-backend]  0.38.0-2
ii  libc62.31-13+deb11u5
ii  libcolord2   1.4.5-3
ii  libcolorhug2 1.4.5-3
ii  libdbus-1-3  1.12.24-0+deb11u1
ii  libglib2.0-0 2.66.8-1
ii  libgudev-1.0-0   234-1
ii  libgusb2 0.3.5-1
ii  liblcms2-2   2.12~rc1-2
ii  libpolkit-gobject-1-00.105-31+deb11u1
ii  libsane1 1.0.31-4.1
ii  libsqlite3-0 3.34.1-3
ii  libsystemd0  247.3-7+deb11u1
ii  policykit-1  0.105-31+deb11u1

colord recommends no packages.

colord suggests no packages.

-- no debconf information

-- debsums errors found:
debsums: missing file /usr/libexec/colord-sane (from colord package)
diff --git a/debian/changelog b/debian/changelog
index 462aaf30..2b9039f5 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,13 @@
+colord (1.4.6-2.3) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Split SANE support out to a separate package, to allow installation of
+colord without triggering SANE devices (this wakes up network
+multi-function printers supported by SANE whenever colord scans for
+supported devices).
+
+ -- Stephen Kitt   Tue, 11 Apr 2023 17:23:30 +0200
+
 colord (1.4.6-2.2) unstable; urgency=medium
 
   * Non-maintainer upload
diff --git a/debian/colord-plugin-sane.install 
b/debian/colord-plugin-sane.install
new file mode 100644
index ..5ef0687f
--- /dev/null
+++ b/debian/colord-plugin-sane.install
@@ -0,0 +1,2 @@
+usr/lib/*/colord-plugins/libcolord_sensor_sane.so
+usr/libexec/colord-sane
diff --git a/debian/colord.install b/debian/colord.install
index 42cc99bc..6ad61798 100644
--- a/debian/colord.install
+++ b/debian/colord.install
@@ -1,7 +1,8 @@
 lib/systemd/system/*.service
 lib/udev/rules.d/
 usr/bin/
-usr/lib/*/colord-plugins
+usr/lib/*/colord-plugins/libcolord_sensor_camera.so
+usr/lib/*/colord-plugins/libcolord_sensor_scanner.so
 usr/lib/*/colord-sensors/libcolord_sensor_colorhug.so
 usr/lib/*/colord-sensors/libcolord_sensor_dtp94.so
 usr/lib/*/colord-sensors/libcolord_sensor_dummy.so
@@ -9,7 +10,6 @@ usr/lib/*/colord-sensors/libcolord_sensor_huey.so
 usr/lib/systemd/user/
 usr/lib/tmpfiles.d/
 usr/libexec/colord
-usr/libexec/colord-sane
 usr/libexec/colord-session
 usr/share/bash-completion
 usr/share/dbus-1
diff --git a/debian/control b/debian/control
index 9f190d09..6df76ed1 100644
--- a/debian/control
+++ b/debian/control
@@ -116,6 +116,27 @@ Description: system service to manage device colour 
profiles -- argyll sensor pl
  This package contains a sensor plugin that uses the Argyll tools, allowing
  colord to support colourimeters that are supported by Argyll.
 
+Package: colord-plugin-sane
+Architecture: linux-any
+Depends:
+ ${misc:Depends},
+ ${shlibs:Depends},
+Replaces:
+ colord (<< 1.4.6-2.2~),
+Breaks:
+ colord (<< 1.4.6-2.2~),
+Enhances:
+ colord,
+Description: system service to manage device colour profiles -- SANE plugin
+ colord is a system service that makes it easy to manage, install and generate
+ colour profiles to accurately colour manage input and output devices.
+ .
+ It provides a D-Bus API for system frameworks to query, a persistent

Bug#1032642: iproute2: ip tunnel change ip6gre to gre crashes with stack smash

2023-04-10 Thread Stephen Hemminger

On Mon, 3 Apr 2023 20:47:01 -0600
David Ahern  wrote:

> On 4/3/23 9:24 AM, Stephen Hemminger wrote:
> > ted  
> >>
> >> This happens because iproute2 just assumes the tunnel is ipv4, but the
> >> kernel "knows" it's actually ip6gre so when calling the SIOCGETTUNNEL
> >> ioctl it writes back a struct ip6_tnl_parm2 into the struct
> >> ip_tunnel_parm which is smaller, so the stack gets overwritten. Is
> >> there any way to tell from userspace whether a gre is v4 or v6 before
> >> doing an ioctl? The ioctls don't take/return a size parameter as far
> >> as I can see...  
> > 
> > Ip uses and IPv4 UDP socket when it thinks it is talking to GRE.
> > And a IPv6 UDP socket when it is talking to GRE6.
> > 
> > So the kernel could check and error out?
> >   
> 
> Does seem like a kernel bug and a well known design flaw in ioctl
> interface (assuming buffer of a specific size). The best iproute2 can do
> is have `old_p` be a larger size (e.g., ip6_tnl_parm2) to avoid the
> overrun, but then the result is nonsense with no way for it no an ipv6
> struct was passed back. The crash at least indicates something is off.

I started to look into redoing the whole 'ip tunnel XXX' as just a remapping
of arguments and calling the equivalent 'ip link ... type YYY' and it is doable
for the basic stuff.

Then starting looking at the Potential Router List (PRL) stuff.
Looks like this is only supported through ioctl().
Definitely a dusty dark corner of networking code with rarely used features.

Plus things like, the code to get PRL will allow bigger get if called
from root vs non-root user??

Bug#1032642: iproute2: ip tunnel change ip6gre to gre crashes with stack smash

2023-04-04 Thread Stephen Hemminger

On Mon, 3 Apr 2023 20:47:01 -0600
David Ahern  wrote:

> On 4/3/23 9:24 AM, Stephen Hemminger wrote:
> > ted  
> >>
> >> This happens because iproute2 just assumes the tunnel is ipv4, but the
> >> kernel "knows" it's actually ip6gre so when calling the SIOCGETTUNNEL
> >> ioctl it writes back a struct ip6_tnl_parm2 into the struct
> >> ip_tunnel_parm which is smaller, so the stack gets overwritten. Is
> >> there any way to tell from userspace whether a gre is v4 or v6 before
> >> doing an ioctl? The ioctls don't take/return a size parameter as far
> >> as I can see...  
> > 
> > Ip uses and IPv4 UDP socket when it thinks it is talking to GRE.
> > And a IPv6 UDP socket when it is talking to GRE6.
> > 
> > So the kernel could check and error out?
> >   
> 
> Does seem like a kernel bug and a well known design flaw in ioctl
> interface (assuming buffer of a specific size). The best iproute2 can do
> is have `old_p` be a larger size (e.g., ip6_tnl_parm2) to avoid the
> overrun, but then the result is nonsense with no way for it no an ipv6
> struct was passed back. The crash at least indicates something is off.

Actually any change tunnel can have similar issues where the tunnel
is of one type and the request wants to change parameters.
The two structs (ip_param and ip6_tunnel_param) are different enough
that getting the incorrect type will be complete garbage.

There doesn't seem to be a good way to identify the tunnel type.
The only way I can see is to look at the link type (ifi_type)
but this is ARPHRD_XXX value and not the ip protocol.

The other way would be to query link info (with netlink)
and make sure that IFLA_INFO_KIND (in IFLA_LINKINFO) matches when
changing.

Or maybe get rid of the ip tunnel command and just use ip link
which is all netlink based.  The iptunnel stuff was introduced long ago
when the only way to make tunnels was with ioctl.  Now you can do
same operations with ip link.

to

Bug#1032642: iproute2: ip tunnel change ip6gre to gre crashes with stack smash

2023-04-03 Thread Stephen Hemminger

ted
> 
> This happens because iproute2 just assumes the tunnel is ipv4, but the
> kernel "knows" it's actually ip6gre so when calling the SIOCGETTUNNEL
> ioctl it writes back a struct ip6_tnl_parm2 into the struct
> ip_tunnel_parm which is smaller, so the stack gets overwritten. Is
> there any way to tell from userspace whether a gre is v4 or v6 before
> doing an ioctl? The ioctls don't take/return a size parameter as far
> as I can see...

Ip uses and IPv4 UDP socket when it thinks it is talking to GRE.
And a IPv6 UDP socket when it is talking to GRE6.

So the kernel could check and error out?

Bug#1032642: iproute2: ip tunnel change ip6gre to gre crashes with stack smash

2023-04-03 Thread Stephen Hemminger

On Sun, 2 Apr 2023 23:58:52 +0100
Luca Boccassi  wrote:

> On Sat, 25 Mar 2023 at 00:39, Bernhard Übelacker  
> wrote:
> >
> > Dear Maintainer,
> > I tried to find out where exactly the stack smashing takes place.
> > And found the ioctl SIOCCHGTUNNEL did write more than the 52 bytes
> > allocated in variable old_p, by that overwriting the stack canary.
> >
> > Kind regards,
> > Bernhard
> >
> >
> > (gdb)
> > 0x5557589f  62  {
> > 1: x/i $pc  
> > => 0x5557589f :  mov%fs:0x28,%rax  
> > (gdb)
> > 0x555758a8  62  {
> > 1: x/i $pc  
> > => 0x555758a8 :  mov%rax,0x68(%rsp)  
> > (gdb) print/x $rax
> > $1 = 0xbf9b77d893accd00
> > (gdb) print/x $rsp + 0x68
> > $2 = 0x7fffea28
> >
> >
> > (gdb)
> > 0x77e575f5  120 in ../sysdeps/unix/syscall-template.S
> > 1: x/i $pc  
> > => 0x77e575f5 :syscall  
> > 2: /x *(uint64_t*)0x7fffea28 = 0xbf9b77d893accd00
> > (gdb) bt
> > #0  0x77e575f5 in ioctl () at ../sysdeps/unix/syscall-template.S:120
> > #1  0x55578230 in tnl_get_ioctl (basedev=0x7fffee8f "gre1", 
> > p=) at tunnel.c:77
> > #2  0x55576243 in parse_args (argc=9, argv=0x7fffec50, 
> > cmd=35315, p=0x7fffea70) at iptunnel.c:181
> > #3  0x555762fb in do_add (cmd=35315, argc=, 
> > argv=) at iptunnel.c:260
> > #4  0x5556258b in do_cmd (argv0=0x7fffee81 "tunnel", argc=11, 
> > argv=0x7fffec40) at ip.c:133
> > #5  0x55561fc2 in main (argc=12, argv=0x7fffec38) at ip.c:344
> > (gdb) stepi
> > 0x77e575f7  120 in ../sysdeps/unix/syscall-template.S
> > 1: x/i $pc  
> > => 0x77e575f7 :cmp$0xf001,%rax  
> > 2: /x *(uint64_t*)0x7fffea28 = 0x200
> >
> > (gdb) print _p
> > $7 = (struct ip_tunnel_parm *) 0x7fffe9f0
> > (gdb) print sizeof(old_p)
> > $8 = 52
> > (gdb) print/x 0x7fffe9f0 + 52
> > $9 = 0x7fffea24
> >
> > (gdb) list iptunnel.c:181
> > 178 if (cmd == SIOCCHGTUNNEL && count == 0) {
> > 179 struct ip_tunnel_parm old_p = {};
> > 180
> > 181 if (tnl_get_ioctl(*argv, _p))
> > 182 return -1;  
> 
> Hi David and Stephen,
> 
> To reproduce, build iproute2 with -fstack-protector-strong in CFLAGS, and run:
> 
> ip tunnel add gre1 mode ip6gre local 2001:db8::1 remote 2001:db8::2 ttl 255
> ip tunnel change gre1 mode gre local 192.168.0.0 remote 192.168.0.1 ttl 255
> 
> You'll get:
> 
> *** stack smashing detected ***: terminated
> Aborted
> 
> This happens because iproute2 just assumes the tunnel is ipv4, but the
> kernel "knows" it's actually ip6gre so when calling the SIOCGETTUNNEL
> ioctl it writes back a struct ip6_tnl_parm2 into the struct
> ip_tunnel_parm which is smaller, so the stack gets overwritten. Is
> there any way to tell from userspace whether a gre is v4 or v6 before
> doing an ioctl? The ioctls don't take/return a size parameter as far
> as I can see...

Is setting IPv4 addresses on an IPv6 tunnel even a valid operation?
Assuming the ioctl to get is fixed, is there a reason to allow it?

One more reason netlink is better than ioctl.

Bug#1031930: nmu: binutils-mingw-w64_10.3, gdb-mingw-w64_12

2023-02-25 Thread Stephen Kitt

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
X-Debbugs-Cc: Matthias Klose 

Dear release team,

Please binNMU binutils-mingw-w64 and gdb-mingw-w64:

nmu binutils-mingw-w64_10.3 . ANY . unstable . -m "Rebuild for outdated 
Built-Using"
nmu gdb-mingw-w64_12 . ANY . unstable . -m "Rebuild for outdated Built-Using"

Thanks,

Stephen

Bug#1027130: Bug may still be open

2023-02-21 Thread Stephen Lyons

Dear Maintainer;

This "grave" bug has been marked as closed in 1.0.0-dfsg-1 however it is
still open in 0.103.7-dfsg-0+deb11u1 and there is no indication that it
has been resolved in 0.103.8+dfsg-0+deb11u1 which is promulgated to
solve the "serious" CVEs handled in
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031509 for "Buster".

As such trying to upgrade my system is warning me that this grave bug is
present. It is not clear whether this is indeed the case or not.

I must note that I am running Devuan Stable "Chimaera" but it seems that
this issue will also arise for Debian Stable "Bulleye".

Regards

Stephen Lyons

Bug#1031387: supertuxkart: Fails to compile due to inescaped +, bug in shaderc

2023-02-16 Thread Stephen Kitt

Control: severity normal

Hi Rishi,

On Thu, 16 Feb 2023 00:29:33 -0800, Rishi Cutchin 
wrote:
>* What led up to the situation?
> Attempting to backport supertuxkart, necessary to backport glslang
> aswell.
> 
>* What exactly did you do (or not do) that was effective (or
>  ineffective)?
> Compiled with fakeroot debian/rules binary
>  
>* What was the outcome of this action?
> Failed to build due to 
> 
> cd
> /home/rishi/build/supertuxkart/supertuxkart-1.4+dfsg/obj-x86_64-linux-gnu/lib/shaderc/libshaderc
> && /usr/bin/ar -M < shaderc_combined.ar +Syntax error in archive script,
> line 1
> 
> Appears to be an issue with cmake and shadercc not properly escaping '+'
> character:
> https://github.com/google/shaderc/issues/473
> 
>
>* What outcome did you expect instead?
> Successful (test) compile

The package builds correctly in unstable, including from a directory
containing a +.

This *might* mean that other packages need to be backported too, I haven’t
checked.

Regards,

Stephen


pgp9gV7aKxheY.pgp
Description: OpenPGP digital signature

Bug#1031386: supertuxkart: Depends on newer version of glslang

2023-02-16 Thread Stephen Kitt

Control: severity wishlist

Hi Rishi,

On Thu, 16 Feb 2023 00:25:54 -0800, Rishi Cutchin 
wrote:
>* What led up to the situation?
> Attempted to backport package to stable. Installed build-dependencies
> with mk-build-deps --install --remove 
> 
>* What exactly did you do (or not do) that was effective (or
>  ineffective)?
> Attempted to build with fakeroot debian/rules binary.
> 
>* What was the outcome of this action?
> Recieved error relating to glslang::EShTargetSpv_1_6, and compilation
> failed. Was able to continue compilation after backporting glslang and
> it's dependencies
> 
>* What outcome did you expect instead?
> Build-dependency should require newer version so that mk-build-deps
> errors to force new version.

Package dependencies are supposed to make sense within a given release.
supertuxkart builds fine in unstable, so this isn’t a serious issue. When you
backport, it’s part of the backporting work to determine when the stable
dependencies aren’t sufficient, as you did; but insufficient dependencies for
a backport to stable don’t constitute a bug.

It *is* useful to have versioned dependencies where appropriate, so I’m
leaving this open, but as a wishlist bug.

Regards,

Stephen

pgpN4py2qYZZm.pgp
Description: OpenPGP digital signature

Bug#1030726: marked as pending in intelrdfpmath

2023-02-12 Thread Stephen Kitt

On Tue, 7 Feb 2023 15:17:05 -0500, Roberto C. Sánchez 
wrote:
> On Tue, Feb 07, 2023 at 08:44:50PM +0100, Stephen Kitt wrote:
> > Yes, it seems like we’d really need a mips_macros.h implementation on
> > MIPS. 
> That was my suspicion as well.
> 
> > I enabled the test suite, and the result is basically that the library
> > only works fully on amd64, i386 (nearly, with two test failures out of
> > ~120,000 test cases), and ia64, which matches the architectures which the
> > library claims to support. On other architectures, the number of failures
> > varies, up to 12.5% of test cases on s390x.
> > 
> > So really I should change the library to [amd64 i386 ia64]...
> >   
> That's unfortunate.
> 
> > Do you have a good way of validating whether the library is good enough
> > for libmongocrypt’s purposes on non-Intel architectures?
> >   
> libmonogocrypt has a test suite, which we don't execute as part of the
> package build because of upstream's robust CI.  However, we could
> definitely enable it and it would be sufficient to let us know that the
> library is adequate for what libmongocrypt needs.
> 
> That said, upstream is quite close validating that libmongocrypt works
> with libdfp, so that might provide a near-term alternative if you decide
> that the best thing to do from a quality perspective is to restrict the
> architecture list of intelrdfpmath.

Given how late we are in the Bookworm release process, I’ve updated the
package description to mention that the library is only fully functional on
x86 architectures and ia64, but may be sufficient on others (for free42, it
is, at least on ARM), and haven’t restricted the architectures. That doesn’t
help on MIPS of course...

Does libdfp work on MIPS? I got the impression it’s mainly supported on IBM
platforms (POWER and S/390) but perhaps that’s outdated!

Regards,

Stephen


pgphXQ5ZbYEOl.pgp
Description: OpenPGP digital signature

Bug#1030726: marked as pending in intelrdfpmath

2023-02-07 Thread Stephen Kitt

On Mon, 6 Feb 2023 16:37:57 -0500, Roberto C. Sánchez 
wrote:

> And even with the build continuing on mips64el I see this:
> 
> float128/dpml_ux_trig.c: In function '__dpml_bid_ux_degree_reduce__':
> float128/dpml_ux_trig.c:254:9: warning: implicit declaration of function
> 'UMULH' [-Wimplicit-f unction-declaration]
>   254 | UMULH((UX_FRACTION_DIGIT_TYPE) exponent, RECIP_TWELVE, k);
>   | ^
> 
> 
> When I build libmongocrypt against the resulting libintelrdfp-math, the
> libmongocrypt will then fail at link time:
> 
> /usr/bin/ld:
> /home/roberto/mips64el/intelrdfpmath-2.0u2/debian/libintelrdfpmath-dev/usr/lib/mips64el-linux-gnuabi64/libbidgcc000.a(dpml_ux_ops_64.o):
> in function `__eval_pos_poly': (.text+0xe4): undefined reference to `UMULH'
> /usr/bin/ld: (.text+0xfc): undefined reference to `UMULH' /usr/bin/ld:
> (.text+0x144): undefined reference to `UMULH' /usr/bin/ld: (.text+0x160):
> undefined reference to `UMULH' /usr/bin/ld: (.text+0x168): undefined
> reference to `UMULH' /usr/bin/ld:
> /home/roberto/mips64el/intelrdfpmath-2.0u2/debian/libintelrdfpmath-dev/usr/lib/mips64el-linux-gnuabi64/libbidgcc000.a(dpml_ux_ops_64.o):(.text+0x17c):
> more undefined references to `UMULH' follow
> 
> It might be better to simply declare intelrdfpmath '[!mipsel
> !mips64el]'.  Sadly, my experience with Intel libraries (I maintained
> TBB in Debian for several years) is that they only put effort into the
> architectures that are important to them and that you can't assume that
> their code will work on other architectures.  That could well be the
> case here.

Yes, it seems like we’d really need a mips_macros.h implementation on MIPS.

I enabled the test suite, and the result is basically that the library only
works fully on amd64, i386 (nearly, with two test failures out of ~120,000
test cases), and ia64, which matches the architectures which the library
claims to support. On other architectures, the number of failures varies, up
to 12.5% of test cases on s390x.

So really I should change the library to [amd64 i386 ia64]...

Do you have a good way of validating whether the library is good enough for
libmongocrypt’s purposes on non-Intel architectures?

Regards,

Stephen


pgpt5tua0m1VP.pgp
Description: OpenPGP digital signature

Bug#1030701: intelrdfpmath: FTBFS on alpha/hppa/mips and likely misbuilt on several architectures

2023-02-06 Thread Stephen Kitt

On Mon, 6 Feb 2023 21:21:46 +0200, Adrian Bunk  wrote:

> On Mon, Feb 06, 2023 at 08:04:13PM +0100, Stephen Kitt wrote:
> > On Mon, 06 Feb 2023 17:53:31 +0200, Adrian Bunk  wrote:
> >...  
> > > The RC severity is based on looking at a related question:
> > > How did intelrdfpmath compile on new platforms like powerpc/arm/s390x
> > > that never had any explicit support in intelrdfpmath?
> > > 
> > > intelrdfpmath (2.0u2-2) unstable; urgency=medium
> > >   * Assume unknown architectures are “EFI2”.
> > > 
> > > LIBRARY/float128/architecture.h:
> > >   #if defined(ct) || defined(efi2)
> > >   #   undef  _M_AMD64
> > >   #   define _M_AMD64
> > >   #endif
> > > 
> > > This builds, but the (used) definition
> > >   #   define ENDIANESS little_endian
> > > isn't correct on s390x, and neither is
> > >   #   define BITS_PER_LONG   64
> > > on 32bit arm.  
> > 
> > Ah, I knew that would bite me some day...
> > 
> > I’m updating intelrdfpmath to apply the architecture definitions used in
> > libmongocrypt (see
> > <https://github.com/mongodb/libmongocrypt/blob/master/cmake/IntelDFP.cmake>):
> > armel/armhf are assumed to behave like i386 (I haven’t checked whether
> > that makes sense), arm64/ppc64el/riscv64 are assumed to behave like
> > amd64, and s390x is supported explicitly.
> >
> > If you want to track the unsupported architectures, please open a new
> > bug. As far as I can tell, even if libmongocrypt were built in Debian
> > using its embedded copy of intelrdfpmath, it would fail on the same
> > architectures.  
> 
> If arm64/ppc64el/riscv64 are assumed to behave like amd64 (little endian
> 64bit), and armel/armhf are assumed to behave like i386 (little endian
> 32bit), and s390x is big endian so clearly different, could you add
> mips64el and mipsel as little endian 64/32bit architectures there?
> 
> This feels like the easiest way for getting the new version of 
> libmongocrypt into bookworm.

Another way would be to remove the MIPS packages in Bookworm ;-). (I haven’t
checked the impact of that

I’ll wait for the results of Roberto’s tests and add the MIPS patch if it’s
appropriate. (intelrdfpmath has a built-in test suite but it hits an endless
loop even on x86...)

Regards,

Stephen


pgp7WJKaQr9Jr.pgp
Description: OpenPGP digital signature

Bug#1030701: intelrdfpmath: FTBFS on alpha/hppa/mips and likely misbuilt on several architectures

2023-02-06 Thread Stephen Kitt

On Mon, 06 Feb 2023 17:53:31 +0200, Adrian Bunk  wrote:
> intelrdfpmath FTBFS on the older platforms alpha/hppa/mips where
> it seems to used to have support for, but that support is now so
> broken that even the headers necessary for compilation are missing:
> 
> float128/dpml_exception.h:315:17: fatal error: alpha_linux_exception.h: No
> such file or directory 315 | #   include "alpha_linux_exception.h"
> 
> float128/dpml_private.h:215:14: fatal error: mips_macros.h: No such file or
> directory 215 | #include "mips_macros.h"
> 
> (The hppa FTBFS looks different, I haven't checked whether that's also
>  related to the stale hp_pa code.)
> 
> 
> This is a problem for libmongocrypt, which started to use intelrdfpmath
> but whose new version is currently blocked from testing migration due
> to libintelrdfpmath-dev not being available on mipsel/mips64el.

I’m afraid there isn’t much I can do about that, other than ask upstream to
add MIPS support.

Given the RC severity of this bug, I’ll consider the main point of the bug to
be the latter part:

> The RC severity is based on looking at a related question:
> How did intelrdfpmath compile on new platforms like powerpc/arm/s390x
> that never had any explicit support in intelrdfpmath?
> 
> intelrdfpmath (2.0u2-2) unstable; urgency=medium
>   * Assume unknown architectures are “EFI2”.
> 
> LIBRARY/float128/architecture.h:
>   #if defined(ct) || defined(efi2)
>   #   undef  _M_AMD64
>   #   define _M_AMD64
>   #endif
> 
> This builds, but the (used) definition
>   #   define ENDIANESS little_endian
> isn't correct on s390x, and neither is
>   #   define BITS_PER_LONG   64
> on 32bit arm.

Ah, I knew that would bite me some day...

I’m updating intelrdfpmath to apply the architecture definitions used in
libmongocrypt (see
<https://github.com/mongodb/libmongocrypt/blob/master/cmake/IntelDFP.cmake>):
armel/armhf are assumed to behave like i386 (I haven’t checked whether that
makes sense), arm64/ppc64el/riscv64 are assumed to behave like amd64, and
s390x is supported explicitly.

If you want to track the unsupported architectures, please open a new bug. As
far as I can tell, even if libmongocrypt were built in Debian using its
embedded copy of intelrdfpmath, it would fail on the same architectures.

Regards,

Stephen

pgpYCIWa6fBgX.pgp
Description: OpenPGP digital signature

Bug#1029841: binutils-mingw-w64-x86-64: x86_64-w64-mingw32-ld internal error in ldlang.c

2023-02-05 Thread Stephen Kitt

Hi Didier,

On Sat, 4 Feb 2023 16:27:17 +0100, Didier Smets  wrote:
> Thank you, I did some more testing in order to isolate it better, and have
> now uploaded a bug report upstream. I'll report depending on the outcome.
> 
> (https://sourceware.org/bugzilla/show_bug.cgi?id=30079)

Fantastic, thank you very much! I’ve linked the Debian bug to the upstream
bug.

Regards,

Stephen


pgpM7hZjTQmcG.pgp
Description: OpenPGP digital signature

Bug#1029841: binutils-mingw-w64-x86-64: x86_64-w64-mingw32-ld internal error in ldlang.c

2023-01-29 Thread Stephen Kitt

Hi Didier,

On Sat, 28 Jan 2023 18:07:12 +0100, Didier Smets  wrote:
> I have a C project that I cross-compile for Win64 from Linux using
> mingw-w64.
> 
> One of the targets is a dll which fails to build with the following :
> 
>[ 96%] Linking C shared library libXPSV.dll
>/usr/bin/x86_64-w64-mingw32-ld: internal error: aborting at
> ./upstream/ld/ldlang.c:527 in compare_section
> /usr/bin/x86_64-w64-mingw32-ld: please report this bug collect2: error: ld
> returned 1 exit status
> 
> The same project builds fine in bullseye.

This appears to be an upstream bug; would you mind reporting it to
<https://sourceware.org/bugzilla/>? You’ll probably have to provide more
details. The CMake setup isn’t necessarily relevant; if at all possible, it
would be useful to see the full commands used at each step, notably the ld
invocation.

The failure occurs at an abort() line, so it would also be useful to know
what’s calling it; to see that, run the linker command using gdb, and note
the output of "bt" when the linker aborts.

Regards,

Stephen

pgpp5UNbgHTxQ.pgp
Description: OpenPGP digital signature

Bug#1029752: tests fail with nmh 1.8~RC-2, blocking nmh from entering testing

2023-01-27 Thread Stephen Gildea

Thank you for this bug report!  I had noticed that the xlbiff test
fails in some chroots, but I had not yet identified that nmh 1.8 was
the difference.

I will upload a fix in the next few days.

 < Stephen

Bug#1029464: gnucash: Missing Dependency or Suggestion

2023-01-22 Thread Stephen R. Marenka


Package: gnucash
Version: 1:4.4-1
Severity: minor
X-Debbugs-Cc: none, step...@marenka.net

Dear Maintainer,

gnucash throws the following error on launch from cli, although I'm not 
aware of anything that doesn't work.


| Traceback (most recent call last):
|   File "/usr/share/gnucash/python/init.py", line 6, in 
| from gi import require_version
| ModuleNotFoundError: No module named 'gi'

Installing python3-gi yields the following.

| Traceback (most recent call last):
|   File "/usr/share/gnucash/python/init.py", line 7, in 
|require_version('Gtk', '3.0')
|  File "/usr/lib/python3/dist-packages/gi/__init__.py", line 126, in 
require_version

|raise ValueError('Namespace %s not available' % namespace)
| ValueError: Namespace Gtk not available

Installing gobject-introspection gir1.2-gtk-3.0 remediates that but 
brings quite a few dependencies (FWIW). At least now we get no errors.


Maybe add a Suggests: python3-gi gobject-introspection gir1.2-gtk-3.0?

Thanks,

Stephen


-- System Information:
Debian Release: 11.6
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 
'stable')

Architecture: amd64 (x86_64)

Kernel: Linux 5.10.153-20432-gaa06ea936644 (SMP w/4 CPU threads; 
PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE 
not set

Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages gnucash depends on:
ii  gnucash-common 1:4.4-1
ii  guile-3.0  3.0.5-4
ii  guile-3.0-libs 3.0.5-4
ii  libaqbanking44 6.2.10-1
ii  libboost-filesystem1.74.0  1.74.0-9
ii  libboost-locale1.74.0  1.74.0-9
ii  libboost-program-options1.74.0 1.74.0-9
ii  libboost-regex1.74.0 [libboost-regex1.74.0-icu67]  1.74.0-9
ii  libc6  2.31-13+deb11u5
ii  libcairo2  1.16.0-5
ii  libcrypt-ssleay-perl   0.73.06-1+b3
ii  libdate-manip-perl 6.83-1
ii  libdbi10.9.0-6
ii  libfinance-quote-perl  1.50~rc2-2
ii  libgcc-s1  10.2.1-6
ii  libgdk-pixbuf-2.0-0
2.42.2+dfsg-1+deb11u1

ii  libglib2.0-0   2.66.8-1
ii  libgtk-3-0 3.24.24-4+deb11u2
ii  libgwengui-gtk3-79 5.6.0-2
ii  libgwenhywfar795.6.0-2
ii  libhtml-tableextract-perl  2.15-1.1
ii  libhtml-tree-perl  5.07-2
ii  libicu67   67.1-7
ii  libofx71:0.9.15-3
ii  libpango-1.0-0 1.46.2-3
ii  libpangocairo-1.0-01.46.2-3
ii  libpython3.9   3.9.2-1
ii  libsecret-1-0  0.20.4-2
ii  libstdc++6 10.2.1-6
ii  libwebkit2gtk-4.0-37   2.38.3-1~deb11u1
ii  libwww-perl6.52-1
ii  libxml2
2.9.10+dfsg-6.7+deb11u3

ii  perl   5.32.1-4+deb11u2
ii  zlib1g 
1:1.2.11.dfsg-2+deb11u2


Versions of packages gnucash recommends:
ii  gnucash-docs 4.4-1
ii  python3-gnucash  1:4.4-1
ii  yelp 3.38.3-1

Versions of packages gnucash suggests:
pn  libdbd-mysql
pn  libdbd-pgsql
pn  libdbd-sqlite3  

--
Stephen R. Marenka If life's not fun, you're not doing it right!

Bug#1029093: solaar doesn't enable plugdev when plugdev requested

2023-01-17 Thread Stephen Kitt

Control: forcemerge 1028922 -1
Control: severity 1028922 important

Hi Mason,

On Tue, 17 Jan 2023 11:05:46 -0500, Mason Loring Bliss 
wrote:
> My previous bug, BZ#1028922, was closed inappropriately, given that the
> bug is not fixed in Bookworm, and will impact Bullseye users until Bullseye
> leaves support.

The Debian bug tracker (which isn’t Bugzilla ;-) takes version information
into account; if you look at the diagram on the right-hand side of
https://bugs.debian.org/1028922 you’ll see that the only fixed version is the
version currently in unstable, and that the versions currently in stable
(Bullseye) and testing (Bookworm) are marked as unfixed. Likewise, if you
compare https://bugs.debian.org/solaar;dist=stable and
https://bugs.debian.org/solaar;dist=unstable you’ll see that the former still
lists 1028922 as outstanding, i.e. unresolved.

I’m merging this bug with 1028922 and upgrading the importance of the latter,
so that it can be fixed in an upcoming Bullseye point release (if the stable
release managers approve).

Regards,

Stephen

pgpYWWwnXEZiU.pgp
Description: OpenPGP digital signature

Bug#1028073: libonvif: Fix build problem on hurd

2023-01-06 Thread Stephen Rhodes

The header has been removed from source code, as well as other unneeded
headers in that section.
Only  and  are needed.

On Fri, Jan 6, 2023 at 9:33 AM Petter Reinholdtsen  wrote:

>
> Package: libonvif
> Version: 1.4.4-1
> Tags: patch
>
> The code enumerating all network interfaces using getifaddrs() include a
> linux specific header file.  As far as I can tell from getifaddrs(3),
> there is no need for the  include, only the 
> one is needed.  The latter is available on Hurd, while the former is
> not.
>
> This patch get the code building on Debian Hurd.
>
> diff --git a/onvif-gui/src/settingspanel.cpp
> b/onvif-gui/src/settingspanel.cpp
> index b0c6e72..ff0cc52 100644
> --- a/onvif-gui/src/settingspanel.cpp
> +++ b/onvif-gui/src/settingspanel.cpp
> @@ -31,7 +31,6 @@
>  #include 
>  #include 
>  #include 
> -#include 
>  #endif
>
>  #include 
>
> --
> Happy hacking
> Petter Reinholdtsen
>

Bug#1028050: ITP: pyqt6-charts -- Python 3 bindings for Qt6's Charts module

2023-01-06 Thread Stephen Kitt

Package: wnpp
Severity: wishlist
Owner: Stephen Kitt 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: pyqt6-charts
  Version : 6.4.0
  Upstream Author : Riverbank Computing
* URL : https://riverbankcomputing.com/software/pyqtchart/
* License : GPL-3
  Programming Lang: C++
  Description : Python 3 bindings for Qt6's Charts module

The Charts module of PyQt6 provides widgets and utility classes
for chart rendering in a PyQt6 application.


This will be maintained in the Debian Python team.

Bug#1027941: O: keras-preprocessing -- data preprocessing module for the Keras deep learning framework

2023-01-04 Thread Stephen Sinclair

Package: wnpp
Severity: normal
X-Debbugs-Cc: keras-preprocess...@packages.debian.org
Control: affects -1 + src:keras-preprocessing

I intend to orphan the keras-preprocessing package, as it is no longer 
maintained upstream
as an independent software from tensorflow, and the base package keras is now 
giving
errors with the latest version of numpy that I cannot resolve.

The package description is:
 Keras is a Python library for machine learning based on deep (multi-
 layered) artificial neural networks (DNN), which follows a minimalistic
 and modular design with a focus on fast experimentation.
 .
 Features of DNNs like neural layers, cost functions, optimizers,
 initialization schemes, activation functions and regularization schemes
 are available in Keras a standalone modules which can be plugged together
 as wanted to create sequence models or more complex architectures.
 Keras supports convolutions neural networks (CNN, used for image
 recognition resp. classification) and recurrent neural networks (RNN,
 suitable for sequence analysis like in natural language processing).
 .
 It runs as an abstraction layer on the top of Theano (math expression
 compiler) by default, which makes it possible to accelerate the computations
 by using (GP)GPU devices. Alternatively, Keras could run on Google's
 TensorFlow (not yet available in Debian).
 .
 Keras Preprocessing is the data preprocessing and data augmentation
 module of the Keras deep learning library. It provides utilities for
 working with image data, text data, and sequence data.

Bug#1027940: O: keras-applications -- popular models and pre-trained weights for the Keras deep learning framework

2023-01-04 Thread Stephen Sinclair

Package: wnpp
Severity: normal
X-Debbugs-Cc: keras-applicati...@packages.debian.org
Control: affects -1 + src:keras-applications

I intend to orphan the keras-applications package, as the upstream package is 
no longer
maintained as an independent software from tensorflow, and its base package 
keras now has
errors with the latest version of numpy that I cannot resolve.

The package description is:
 Keras is a Python library for machine learning based on deep (multi-
 layered) artificial neural networks (DNN), which follows a minimalistic
 and modular design with a focus on fast experimentation.
 .
 Features of DNNs like neural layers, cost functions, optimizers,
 initialization schemes, activation functions and regularization schemes
 are available in Keras a standalone modules which can be plugged together
 as wanted to create sequence models or more complex architectures.
 Keras supports convolutions neural networks (CNN, used for image
 recognition resp. classification) and recurrent neural networks (RNN,
 suitable for sequence analysis like in natural language processing).
 .
 It runs as an abstraction layer on the top of Theano (math expression
 compiler) by default, which makes it possible to accelerate the computations
 by using (GP)GPU devices. Alternatively, Keras could run on Google's
 TensorFlow (not yet available in Debian).
 .
 Keras Applications is the applications module of the Keras deep
 learning library. It provides model definitions and pre-trained
 weights for a number of popular architectures, such as VGG16, ResNet50,
 Xception, MobileNet, and more.

Bug#1027938: O: keras -- deep learning framework running on Theano or TensorFlow

2023-01-04 Thread Stephen Sinclair

Package: wnpp
Severity: normal
X-Debbugs-Cc: ke...@packages.debian.org
Control: affects -1 + src:keras

I intend to orphan the keras package, as it is no longer updated as an 
independent package
outside of tensorflow, and the last independent problem now has difficult to 
resolve
errors with the latest version of numpy.

The package description is:
 Keras is a Python library for machine learning based on deep (multi-
 layered) artificial neural networks (DNN), which follows a minimalistic
 and modular design with a focus on fast experimentation.
 .
 Features of DNNs like neural layers, cost functions, optimizers,
 initialization schemes, activation functions and regularization schemes
 are available in Keras a standalone modules which can be plugged together
 as wanted to create sequence models or more complex architectures.
 Keras supports convolutions neural networks (CNN, used for image
 recognition resp. classification) and recurrent neural networks (RNN,
 suitable for sequence analysis like in natural language processing).
 .
 It runs as an abstraction layer on the top of Theano (math expression
 compiler) by default, which makes it possible to accelerate the computations
 by using (GP)GPU devices. Alternatively, Keras could run on Google's
 TensorFlow (not yet available in Debian).

Bug#1027668: mc: Copying with fish fails when the local temporary directory fills up

2023-01-01 Thread Stephen Kitt

Package: mc
Version: 3:4.8.26-1.1
Severity: normal

Dear Maintainer,

When copying files remotely using fish, if the local temporary
directory fills up, the copy fails saying that there is no disk space
to copy the file. This is somewhat confusing since the target may well
have plenty of space.

This isn’t helped by the fact that fish keeps its local copies even
when they have been transferred to the remote. Thus copying a set of
files larger than the available disk space on the local temporary file
system is guaranteed to fail, even if the files are individually small
enough to fit in the local temporary directory.

(The failure isn’t drastic: only the last copied file is affected, and
another copy can be started to continue copying.)

Regards,

Stephen


-- System Information:
Debian Release: 11.6
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 
'stable-debug'), (500, 'stable'), (100, 'unstable-debug'), (100, 
'testing-debug'), (100, 'unstable'), (100, 'testing'), (1, 
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, arm64

Kernel: Linux 5.10.0-20-amd64 (SMP w/8 CPU threads)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages mc depends on:
ii  libc6 2.31-13+deb11u5
ii  libext2fs21.46.2-2
ii  libglib2.0-0  2.66.8-1
ii  libgpm2   1.20.7-8
ii  libslang2 2.3.2-5
ii  libssh2-1 1.9.0-2
ii  mc-data   3:4.8.26-1.1

Versions of packages mc recommends:
ii  mime-support3.66
ii  perl5.32.1-4+deb11u2
ii  sensible-utils  0.0.14
ii  unzip   6.0-26+deb11u1

Versions of packages mc suggests:
ii  arj   3.10.22-24
ii  bzip2 1.0.8-4
ii  catdvi0.14-12.1+b1
ii  dbview1.0.4-4
ii  djvulibre-bin 3.5.28-2
pn  epub-utils
ii  evince [pdf-viewer]   3.38.2-1
ii  file  1:5.39-3
ii  genisoimage   9:1.1.11-3.2
ii  gv [pdf-viewer]   1:3.7.4-2+b1
ii  imagemagick   8:6.9.11.60+dfsg-1.3
ii  imagemagick-6.q16 [imagemagick]   8:6.9.11.60+dfsg-1.3
pn  libaspell-dev 
ii  lynx  2.9.0dev.6-3~deb11u1
ii  odt2txt   0.5-7
ii  okular [pdf-viewer]   4:20.12.3-2
ii  poppler-utils 20.09.0-3.1+deb11u1
pn  python
pn  python-boto   
pn  python-tz 
ii  texlive-binaries  2020.20200327.54578-7
ii  unar  1.10.1-2+b6
ii  w3m   0.5.3+git20210102-6
pn  wimtools  
ii  xpdf [pdf-viewer] 3.04+git20210103-3
ii  zathura-pdf-poppler [pdf-viewer]  0.3.0-1
ii  zip   3.0-12

-- no debconf information

Bug#1025137: bullseye-pu: package g810-led/0.4.2-1

2022-11-29 Thread Stephen Kitt

Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu

Dear release team,

g810-led has a security issue in stable; it leaves /dev/input/eventXX
device nodes world-readable and writable (CVE-2022-46338). The issue
is marked no-dsa, but I would like to provide a fix in the next
point-release. The fix is already in unstable (0.4.2-3).

The attached debdiff fixes the issue by patching the udev rules file:
the affected device nodes have their mode set to 660 instead of 666,
and uaccess is used to provide access to the user at the console. I
own relevant hardware and have verified the fix myself on a multi-user
system.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

Regards,

Stephen
diff -Nru g810-led-0.4.2/debian/changelog g810-led-0.4.2/debian/changelog
--- g810-led-0.4.2/debian/changelog 2020-05-23 20:33:29.0 +0200
+++ g810-led-0.4.2/debian/changelog 2022-11-30 08:24:25.0 +0100
@@ -1,3 +1,11 @@
+g810-led (0.4.2-1+deb11u1) bullseye; urgency=medium
+
+  * Control device access with uaccess instead of making everything
+world-writable. Thanks to Xavi Drudis Ferran for the report!
+Closes:#1024998. (CVE-2022-46338.)
+
+ -- Stephen Kitt   Wed, 30 Nov 2022 08:24:25 +0100
+
 g810-led (0.4.2-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru g810-led-0.4.2/debian/patches/device-permissions.patch 
g810-led-0.4.2/debian/patches/device-permissions.patch
--- g810-led-0.4.2/debian/patches/device-permissions.patch  1970-01-01 
01:00:00.0 +0100
+++ g810-led-0.4.2/debian/patches/device-permissions.patch  2022-11-30 
08:23:44.0 +0100
@@ -0,0 +1,74 @@
+commit e2b486fd1bc21e0b784e1b4c959770772dfced24
+Author: Stephen Kitt 
+Date:   Mon Nov 28 21:05:05 2022 +0100
+
+Rely on uaccess to control device access
+
+The udev rules currently make supported device nodes world-readable
+and writable, which means that any process on the system can read
+traffic from keyboards including passwords etc. To avoid this, while
+still allowing the "controlling" user to run g810-led without being
+root, this patch adds a uaccess tag; this ensures that the user at the
+console has write access to the devices. The mode is also changed to
+660 to ensure that existing device nodes are fixed on upgrade.
+
+Thanks to Xavi Drudis Ferran for bringing this to my attention.
+
+Fixes: #293
+Signed-off-by: Stephen Kitt 
+
+diff --git a/udev/g810-led.rules b/udev/g810-led.rules
+index 90b743b..ea05726 100644
+--- a/udev/g810-led.rules
 b/udev/g810-led.rules
+@@ -1,25 +1,25 @@
+-ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c336", MODE="666" RUN+="/usr/bin/g213-led -p 
/etc/g810-led/profile"
+-ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c330", MODE="666" RUN+="/usr/bin/g410-led -p 
/etc/g810-led/profile"
+-ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c33a", MODE="666" RUN+="/usr/bin/g413-led -p 
/etc/g810-led/profile"
+-ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c342", MODE="666" RUN+="/usr/bin/g512-led -p 
/etc/g810-led/profile"
+-ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c33c", MODE="666" RUN+="/usr/bin/g513-led -p 
/etc/g810-led/profile"
+-ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c333", MODE="666" RUN+="/usr/bin/g610-led -p 
/etc/g810-led/profile"
+-ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c338", MODE="666" RUN+="/usr/bin/g610-led -p 
/etc/g810-led/profile"
+-ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c331", MODE="666" RUN+="/usr/bin/g810-led -p 
/etc/g810-led/profile"
+-ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c337", MODE="666" RUN+="/usr/bin/g810-led -p 
/etc/g810-led/profile"
+-ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="046d", 
ATTRS{idProduct}=="c33f", MODE="666" RUN+="/usr/bin/g815-led -p 
/etc/g810-led/profile"
+-ACTION=="add", SUBSYSTEMS=="u

Bug#1024998: g810-led: Security risk: Leaves /dev/input/event* with read and write permissions for all users

2022-11-29 Thread Stephen Kitt

On Wed, 30 Nov 2022 06:59:41 +0100, Salvatore Bonaccorso 
wrote:
> The issue got CVE-2022-46338 assigned by MITRE.
> 
> Stephen, the issue is marked no-dsa for bullseye, but a fix might go
> still trough the upcoming point release (scheduled for 17th december).

Thanks, I’ll submit a stable update.

Regards,

Stephen


pgpsjkR9gwwEH.pgp
Description: OpenPGP digital signature

Bug#1024998: g810-led: Security risk: Leaves /dev/input/event* with read and write permissions for all users

2022-11-28 Thread Stephen Kitt

Hi,

On Mon, 28 Nov 2022 15:45:16 +0100, Xavi Drudis Ferran 
wrote:
> I hesitate to file as critical, but I came across a bug report in
> upstream that looked serious enough since it would allow all local
> processes to eavesdrop on keyboard input, including passwords, etc. I
> haven't tried an exploit, but it seemed better to just restrict
> /dev/input/event* permissions to those of other event dev files.
> 
> Without this patch, I can read /dev/input/event2 and /dev/input/event3 as a
> normal user. I see bytes in /dev/input/event2 when typing as a normal
> user and also typing in another terminal (Konsole) typing as
> root. event3 only shows the characters typed by the normal user.
> 
> With the patch I can't read /dev/input/event* as a normal user.

Thanks for bringing this up! I’d rather use uaccess, see
https://github.com/MatMoul/g810-led/pull/297

I’ll upload a fixed package shortly and see about a security update for
stable.

Regards,

Stephen


pgpNel_TR6FzR.pgp
Description: OpenPGP digital signature

Bug#1024434: osslsigncode: Fails to sign code with pkcs12

2022-11-19 Thread Stephen Kitt

On Sat, 19 Nov 2022 14:59:57 +0100, Stefan Weil  wrote:
> Am 19.11.22 um 14:03 schrieb Stephen Kitt:
> > Since you have a working build, could you run ldd on it and reply with the
> > result?  
> 
[...]
> 
> That differs from the non-working one which does not use 
> libcrypto.so.1.1 (that's the only difference).
> 
> It looks like libcrypto.so.1.1 is essential: after libssl1.1 (which 
> provides libcrypto.so.1.1) was uninstalled, a fresh build also produces 
> a failing osslsigncode.
> 
> So it works with libssl1, but not with libssl3.

Thanks! This is an upstream bug:
https://github.com/mtrojnar/osslsigncode/issues/178

libssl1.1 is no longer available for packages to build against, so we’ll have
to wait for an upstream fix.

Regards,

Stephen


pgp5ieSH2z7XQ.pgp
Description: OpenPGP digital signature

Bug#1024434: osslsigncode: Fails to sign code with pkcs12

2022-11-19 Thread Stephen Kitt

Hi Stefan,

On Sat, 19 Nov 2022 12:59:07 +0100, Stefan Weil  wrote:
> Code signing no longer works with the package from Debian bookworm,
> while Debian bullseye and a local build based on
> https://github.com/mtrojnar/osslsigncode works fine.

Thanks for taking the time to report this!

Since you have a working build, could you run ldd on it and reply with the
result?

Regards,

Stephen


pgpReeJAUS5bX.pgp
Description: OpenPGP digital signature

Bug#1022921: wine: broken packages after running dist-upgrade

2022-10-28 Thread Stephen Kitt

Hi Tobias,

On Thu, 27 Oct 2022 17:53:29 +0200, Tobias Koeck  wrote:
> unfortunately the system installed or wanted to install the newer
> version after running.
> 
> apt-get dist-upgrade -t bullseye-backports

This is generally a bad idea, backports repositories shouldn’t be enabled
globally for upgrades. However that’s not the problem here...

>  libwine : Depends: libz-mingw-w64 (>= 1.2.11+dfsg-4) but 1.2.11+dfsg-2 is
> to be installed

Phil, wine’s debian/control hard-codes the above version as a minimum
requirement on libz-mingw-w64, but there is no satisfactory version available
in stable or backports. Presumably Wine needs a version of the libz DLL with
no GCC dependencies, so we’d have to backport libz-mingw-w64 too. I can take
care of that this weekend.

Regards,

Stephen

pgp1Ju1e4vs6h.pgp
Description: OpenPGP digital signature

Bug#1022779: dosbox: could dosbox-x be a future to dosbox?

2022-10-27 Thread Stephen Kitt

I’ve heard of DOSBox Staging, but AFAICT all its features are in DOSBox-X.
Someone else is working on packaging that, see
https://bugs.debian.org/973822

Regards,

Stephen


On Wed, 26 Oct 2022 19:53:22 +0200, Patrice  wrote:

> So nice!
> 
> Do you know this one https://github.com/dosbox-staging/dosbox-staging ?
> I found some packagings on Salsa like:
> https://salsa.debian.org/okias/dosbox-staging
> but it remained at the version 0.76.0 and now the upstream is 0.79.1.
> I haven't tried it yet.
> 
> Best,
> Patrice
> 
> On Wed, 26 Oct 2022 11:59:29 +0200 Stephen Kitt  wrote:
> > Hi Patrice,
> > 
> > Le 25/10/2022 19:55, Patrice Duroux a écrit :  
> > > The dosbox-x project (https://dosbox-x.com/) is currently version 
> > > 0.84.3
> > > (2022.09.0)
> > > and seems to be SDL 2 compatible.
> > > Have you tried it?  
> > 
> > I have, and I’m actually working on packaging it. I’ve just filed an ITP 
> > to trace that fact, https://bugs.debian.org/1022800
> > 
> > Regards,
> > 
> > Stephen
> > 
> >   


pgpl6nL3AvU2B.pgp
Description: OpenPGP digital signature

Bug#1022779: dosbox: could dosbox-x be a future to dosbox?

2022-10-26 Thread Stephen Kitt


Hi Patrice,

Le 25/10/2022 19:55, Patrice Duroux a écrit :
The dosbox-x project (https://dosbox-x.com/) is currently version 
0.84.3

(2022.09.0)
and seems to be SDL 2 compatible.
Have you tried it?


I have, and I’m actually working on packaging it. I’ve just filed an ITP 
to trace that fact, https://bugs.debian.org/1022800


Regards,

Stephen

Bug#1022800: ITP: dosbox-x -- DOS emulator with complete, accurate hardware emulation

2022-10-26 Thread Stephen Kitt

Package: wnpp
Severity: wishlist
Owner: Stephen Kitt 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: dosbox-x
  Version : 0.84.3
  Upstream Author : Jonathan Campbell
* URL : https://dosbox-x.com/
* License : GPL-2+
  Programming Lang: C, C++
  Description : DOS emulator with complete, accurate hardware emulation

DOSBox-X is a comprehensive DOS emulator, supporting DOS applications
including Windows 3.x and Windows 9x, and striving to provide accurate
hardware emulation. It is based on the original DOSBox and includes
features from a number of forks including SVN Daum, ECE, DOSBox
Staging, DOSVAX, and vDosPlus.

Its features include:
* a built-in drop-down menu
* a graphical configuration tool
* support for save-states
* NEC PC-98, AX, and J-3100 emulations
* DOS/V support for Chinese, Japanese, and Korean language support
* support for CONFIG.SYS commands
* printing support
* long filename support
* DOS SHARE emulation
* wheel mouse support (including the CuteMouse wheel mouse API)
* 3Dfx Voodoo chip and Glide emulation
* NE2000 emulation
* MT-32 emulation

DOSBox-X isn't a direct upgrade from DOSBox, but DOSBox users should
be able to use DOSBox-X without difficulty.

Bug#1022051: /boot/vmlinuz-5.10.0-19-amd64: Same Here

2022-10-20 Thread Boyd Stephen Smith Jr.

Package: src:linux
Version: 5.10.149-1
Followup-For: Bug #1022051

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Dear Maintainer,

   * What led up to the situation?

Normal kernal package upgrade and reboot.

   * What exactly did you do (or not do) that was effective (or
 ineffective)?

5.10.0-18 works fine.  5.10.0-19 always hangs with "flip_done timed out" before
I can get even a text console.

   * What was the outcome of this action?

Using older kernel for now.

   * What outcome did you expect instead?

5.10.0-19 bootable.

- -- Package-specific info:
** Kernel log: boot messages should be attached

** Model information
sys_vendor: To Be Filled By O.E.M.
product_name: To Be Filled By O.E.M.
product_version: To Be Filled By O.E.M.
chassis_vendor: Default string
chassis_version: Default string
bios_vendor: American Megatrends Inc.
bios_version: P2.00
board_vendor: ASRock
board_name: X399 Taichi
board_version: 

** Network interface configuration:
*** /etc/network/interfaces:

auto lo
iface lo inet loopback

** PCI devices:
00:00.0 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] Family 17h 
(Models 00h-0fh) Root Complex [1022:1450]
Subsystem: ASRock Incorporation Family 17h (Models 00h-0fh) Root 
Complex [1849:1450]
Control: I/O- Mem- BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap- 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- SERR- 

00:01.0 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] Family 17h 
(Models 00h-1fh) PCIe Dummy Host Bridge [1022:1452]
Control: I/O- Mem- BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap- 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- SERR- TAbort- Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: 
Kernel driver in use: pcieport

00:01.2 PCI bridge [0604]: Advanced Micro Devices, Inc. [AMD] Family 17h 
(Models 00h-0fh) PCIe GPP Bridge [1022:1453] (prog-if 00 [Normal decode])
Subsystem: Advanced Micro Devices, Inc. [AMD] Family 17h (Models 
00h-0fh) PCIe GPP Bridge [1022:1453]
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: 
Kernel driver in use: pcieport

00:02.0 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] Family 17h 
(Models 00h-1fh) PCIe Dummy Host Bridge [1022:1452]
Control: I/O- Mem- BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap- 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: 
Kernel driver in use: pcieport

00:08.0 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] Family 17h 
(Models 00h-1fh) PCIe Dummy Host Bridge [1022:1452]
Control: I/O- Mem- BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap- 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- SERR- TAbort- Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: 
Kernel driver in use: pcieport

00:14.0 SMBus [0c05]: Advanced Micro Devices, Inc. [AMD] FCH SMBus Controller 
[1022:790b] (rev 59)
Subsystem: ASRock Incorporation FCH SMBus Controller [1849:]
Control: I/O+ Mem+ BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap- 66MHz+ UDF- FastB2B- ParErr- DEVSEL=medium >TAbort- 
SERR- TAbort- 
SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- 
Kernel driver in use: xhci_hcd
Kernel modules: xhci_pci

01:00.1 SATA controller [0106]: Advanced Micro Devices, Inc. [AMD] X399 Series 
Chipset SATA Controller [1022:43b6] (rev 02) (prog-if 01 [AHCI 1.0])
Subsystem: ASMedia Technology Inc. X399 Series Chipset SATA Controller 
[1b21:1062]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: ahci
Kernel modules: ahci

01:00.2 PCI bridge [0604]: Advanced Micro Devices, Inc. [AMD] X399 Series 
Chipset PCIe Bridge [1022:43b1] (rev 02) (prog-if 00 [Normal decode])
Subsystem: ASMedia Technology Inc. X399 Series Chipset PCIe Bridge 
[1b21:0201]
Control:

Bug#1020935: Old Version of go used to build git-lfs

2022-10-11 Thread Stephen Gelman

On Sep 28, 2022 at 4:49:29 PM, "Bower, Jesse (LNG-HBE)" <
jesse.bo...@lexisnexis.com> wrote:

> Package: git-lfs
>
> Version: 2.13.2-1+b5
>
> After I install git-lfs the docker image is seen as having the following 
> cve’s:
>
> CVE-2022-23806
> CVE-2021-38297
> CVE-2022-27664
> CVE-2022-30631
> CVE-2022-32189
> CVE-2022-30632
> CVE-2022-30635
> CVE-2022-28131
> CVE-2022-30630
> CVE-2022-30633
> CVE-2022-23773
> CVE-2022-24921
> CVE-2022-24675
> CVE-2022-28327
> CVE-2022-30580
> CVE-2021-41772
> CVE-2021-41771
> CVE-2021-44716
> CVE-2021-39293
> CVE-2022-23772
> CVE-2021-33194
> CVE-2021-33195
> CVE-2021-33196
> CVE-2021-33198
> CVE-2021-29923
>
> Seen from the version of go used to build git-lfs,
>
> "name": "go",
> "version": "1.15.9",
> "path": "/usr/bin/git-lfs",
> "layerTime": 0,
> "knownVulnerabilities": 72
>
> Example Dockerfile used for testing
>
> FROM debian:stable-slim
>
> RUN apt-get update && apt-get upgrade -y && apt-get install -y git-lfs
>
>
>
> I suggest that the version of go used to build git-lfs is updated to a
> current version.
>
>
>
> Thank you,
>
> Jesse Bower
>

Jesse,

The way that go packages are built in Debian is that they are required to
use the version of the go compiler in the current release. Therefore, any
CVEs that are patched there are also patched in this version of git-lfs. If
there are unpatched vulnerabilities with the debian go compiler, you will
instead need to file a bug against the golang-go package.

Stephen

Bug#1021349: RFA: wput -- tiny wget-like ftp-client for uploading files

2022-10-06 Thread Stephen Kitt

Package: wnpp
Severity: normal
Control: affects -1 src:wput

I request an adopter for the wput package. I no longer use the
package, everything I used it for can be done with curl; wput hasn't
been maintained upstream for a long time, whereas curl is very
actively maintained. (All this means that it may be better to drop
wput entirely.)


The package description is:
 Wput is a tiny ftp-client, that uploads files or directories to a
 remote ftp-server.
 .
 Main features are: resuming, time-stamping, wget-like interface,
 proxy-support and speed-limit.

Bug#1021346: RM: osslsigncode [s390x] -- ROM; no longer builds on s390x

2022-10-06 Thread Stephen Kitt

Package: ftp.debian.org
Severity: normal

Dear FTP team,

Please remove osslsigncode on s390x; its test suite fails there, which
means the package doesn't work correctly on that architecture.

Regards,

Stephen

Bug#1020544: siconos: FTBFS on s390x: Cholesky solve kNM_test failed

2022-09-26 Thread Stephen Sinclair

On Fri, Sep 23, 2022 at 5:33 AM Aron Xu  wrote:

> Package: siconos
> Version: 4.4.0+dfsg-1
> Severity: important
>
> The new version FTBFS on s390x in test suite 23, relevant log entry:
>
> > Cholesky solve preserving matrix
> > Cholesky solve kNM_test: ./numerics/src/tools/NumericsMatrix.c:3023:
> NM_csc: > Assertion `A->matrix2->csc->m == A->size0 && "inconsistent size
>
> Full build log is
>
> https://buildd.debian.org/status/fetch.php?pkg=siconos=s390x=4.4.0%2Bdfsg-1=1663797112=0
>
> Regards,
> Aron
>
>
Thanks for this bug report.  I was able to reproduce the problem under
qemu, and it is unclear to me whether the problem is actually a missing
step in dense-to-sparse conversion, or simply a problematic assert after.
It seems to be an issue showing up only on this architecture, because the
numerical results of the test are slightly different, but this is possibly
revealing a logical error in how dense to sparse is working or how the
results are checked.  Therefore, I have reported it upstream [0] and will
try to include a patch in a package update if/when we are able to determine
what is going on here.

[0] https://github.com/siconos/siconos/issues/467

regards,
Steve

Bug#1020738: RM: hubicfuse -- ROM; service is shutting down

2022-09-25 Thread Stephen Kitt

Package: ftp.debian.org
Severity: normal

Dear FTP team,

hubicfuse is only useful with the hubiC service, and that is shutting
down on September 30. The replacement is Nextcloud-based so hubicfuse
won't be any use with it.

Regards,

Stephen

Bug#1019855: Fwd: libc6: immediately crashes with SIGILL on 4th gen Intel Core CPUs (seems related to AVX2 instructions), bricking the whole system

2022-09-24 Thread Stephen Kitt

Hi Aurelien,

On Tue, Sep 20, 2022 at 11:20:26PM +0200, Aurelien Jarno wrote:
> Have you been able to progress on that? Do you need some help for a
> specific step?

For what it’s worth, I’ve upgraded libc6 on my Haswell system (Xeon
E3-1245v3) and everything seems to be working fine.

Regards,

Stephen

signature.asc
Description: PGP signature

Bug#1020398: ITP: jqp -- A TUI playground to experiment with jq

2022-09-20 Thread Stephen Gelman

Package: wnpp
Severity: wishlist
Owner: Stephen Gelman 

* Package name: jqp
  Version : 0.1.0-1
  Upstream Author : Noah Gorstein
* URL : https://github.com/noahgorstein/jqp
* License : Expat
  Programming Lang: Go
  Description : A TUI playground to experiment with jq

 A TUI tool that allows for experimentation with jq with fast iteration. This
 application utilizes itchny's (https://github.com/itchyny) implementation of
 jq written in Go, gojq (https://github.com/itchyny/gojq).

This package will be team maintained by the go team.

Bug#1020218: vcmi: luajit got removed on ppc64el, please either drop vcmi on ppc64el or switch to lua

2022-09-19 Thread Stephen Kitt


Hi josch,

Le 19/09/2022 11:00, Johannes Schauer Marin Rodrigues a écrit :

Quoting Paul Gevers (2022-09-18 11:44:07)

vcmi build depends on libluajit-5.1-dev but that got removed on
ppc64el because it doesn't work correcty on that architecture and
noone volunteers to fix *and maintain* it on that architecture. See
bug #1014853.

Please investigate if you can just use liblua or if your package needs
to be removed on ppc64el.


I thought according to the recent threat on d-devel [1] packages that 
FTBFS on
some arches should rather just let it FTBFS instead of maintaining a 
list of

architectures the package can be built on?

[1] https://lists.debian.org/20220911150857.xedt2an2vye3qrc7@begin


I don’t think Paul was necessarily asking to remove ppc64el from the 
list of architectures in debian/control, but rather asking to remove the 
ppc64el binary package if we can’t get it working with liblua.


The best course of action IMO is to file a RM bug for vcmi on ppc64el so 
that the package can migrate to testing, and then if someone fixes the 
Lua situation (either on pcc64el globally, or by switching vcmi to 
liblua) the package will become available on ppc64el again.


Regards,

Stephen

Bug#1020272: ITP: wormhole-william -- End-to-end encrypted file transfer. A magic wormhole CLI and API in Go (golang).

2022-09-18 Thread Stephen Gelman

Package: wnpp
Severity: wishlist
Owner: Stephen Gelman 

* Package name: wormhole-william
  Version : 1.0.6-1
  Upstream Author : Peter Sanford
* URL : https://github.com/psanford/wormhole-william
* License : Expat
  Programming Lang: Go
  Description : End-to-end encrypted file transfer. A magic wormhole CLI 
and API in Go (golang).

 wormhole-william

 wormhole-william is a Go (golang) implementation of magic wormhole
 (https://magic-wormhole.readthedocs.io/en/latest/). It provides secure
 end-to-end encrypted file transfers between computers. The endpoints are
 connected using the same "wormhole code".

 wormhole-william is compatible with the official python magic wormhole
 cli tool (https://github.com/warner/magic-wormhole).

 Currently, wormhole-william supports:

  * sending and receiving text over the wormhole protocol
  * sending and receiving files over the transit protocol
  * sending and receiving directories over the transit protocol

This is a dependency of termshark 2.4.0. It will be team maintained by the go
team.

Bug#1020271: ITP: golang-nhooyr-websocket -- Minimal and idiomatic WebSocket library for Go

2022-09-18 Thread Stephen Gelman

Package: wnpp
Severity: wishlist
Owner: Stephen Gelman 

* Package name: golang-nhooyr-websocket
  Version : 1.8.7-1
  Upstream Author : Anmol Sethi
* URL : https://github.com/nhooyr/websocket
* License : Expat
  Programming Lang: Go
  Description : Minimal and idiomatic WebSocket library for Go

 websocket is a minimal and idiomatic WebSocket library for Go.

 Highlights

  * Minimal and idiomatic API
  * First class context.Context (https://blog.golang.org/context) support
  * Fully passes the WebSocket autobahn-testsuite
(https://github.com/crossbario/autobahn-testsuite)
  * Single dependency
(https://pkg.go.dev/nhooyr.io/websocket?tab=imports)
  * JSON and protobuf helpers in the wsjson
(https://pkg.go.dev/nhooyr.io/websocket/wsjson) and wspb
(https://pkg.go.dev/nhooyr.io/websocket/wspb) subpackages
  * Zero alloc reads and writes
  * Concurrent writes
  * Close handshake (https://pkg.go.dev/nhooyr.io/websocket#Conn.Close)
  * net.Conn (https://pkg.go.dev/nhooyr.io/websocket#NetConn) wrapper
  * Ping pong (https://pkg.go.dev/nhooyr.io/websocket#Conn.Ping) API
  * RFC 7692 (https://tools.ietf.org/html/rfc7692) permessage-deflate
compression
  * Compile to Wasm (https://pkg.go.dev/nhooyr.io/websocket#hdr-Wasm)

This is a dependency for wormhole-william, which is in turn a dependency for
the new release of termshark. This package will be team maintaned by the go
team.

Bug#1020270: ITP: golang-debian-vasudev-gospake2 -- Go SPAKE2 Implementation

2022-09-18 Thread Stephen Gelman

Package: wnpp
Severity: wishlist
Owner: Stephen Gelman 

* Package name: golang-debian-vasudev-gospake2
  Version : 0.2.1+git20210510.d916299-1
  Upstream Author : Vasudev Kamath 
* URL : https://salsa.debian.org/vasudev/gospake2
* License : Expat or GPL-3
  Programming Lang: Go
  Description : Go SPAKE2 Implementation (library)

 Implementation of SPAKE2 key exchange protocol which interoperates with Rust
 Haskell and Python versions.

 This package defines the behavior of group and its element as package groups.
 It also implements 2 groups ed25519 and multiplicative group over integer as
 2 packages. SPAKE2 calculation uses ed25519 as default group and
 allows user to switch to group of his choice.

This is a dependency for wormhole-william, which is in turn a dependency for
the new release of termshark. This package will be team maintaned by the go
team.

Bug#1019139: ITP: zpaqfranz -- Swiss army knife for backup and disaster recovery

2022-09-18 Thread Stephen Kitt

Hi,

On Tue, 13 Sep 2022 22:09:10 +0200, Bastian Germann  wrote:
> X-Debbugs-Cc: sk...@debian.org
> 
> On Sun, 04 Sep 2022 14:53:45 +0200 root  wrote:
> > Package: wnpp
> > Severity: wishlist
> > Owner: Franco Corbelli 
> > 
> > * Package name: zpaqfranz
> >   Version : 55.14
> >   Upstream Author : Franco Corbelli 
> > * URL : https://github.com/fcorbelli/zpaqfranz
> > * License : MIT
> >   Programming Lang: C, C++
> >   Description : Swiss army knife for backup and disaster recovery
> > 
> > Like 7z or RAR on steroids,with deduplicated "snapshots" (versions)
> > Conceptually similar to Mac time machine, but much more efficiently
> > Keeps backup always-to-always, no need to ever prune (CryptoLocker)
> > Easily handles millions of files and TBs of data, non-latin support
> > Cloud backups with full encryption, minimal data transfer/bandwidth
> > Data integrity check CRC32+XXHASH|SHA-1|SHA-2|SHA-3|MD5|XXH3|BLAKE3
> > Thorough data verification, multithread support (real world 1GB+/s)
> > Specific zfs handling functions,full multiplatform interoperability
> > Particularly suitable for minimal space storage of virtual machines
> > 
> > Windows, FreeBSD, OpenBSD, Linux, MacOS, Solaris, OmniOS and others
> > 
> > 
> > __
> > This is a fork of zpaq 7.15 (already in Debian) which was abandoned 
> > by the developer (Matt Mahoney) in 2016.  
> 
> As zpaqfranz is supposed to be a compatible replacement for zpaq,
> I suggest to make it the new upstream of the existing zpaq package.
> 
> Stephen, any opinions on this?

I agree, this should replace zpaq. In fact Franco Corbelli asked me about
this quite a while ago but I never looked into it in detail, sorry about that!

Franco, if you need help getting this into Debian, feel free to ping me, I’d
be happy to review and sponsor your package, or help you package zpaqfranz if
appropriate.

Regards,

Stephen


pgpV1cOha_4V7.pgp
Description: OpenPGP digital signature

Bug#823061: Greetings from Mr. Stephen Melvin!!!

2022-09-16 Thread Mr. Stephen Melvin

Hello Dear, I have called you several times but didn't get through the
phone. Please contact me at my email address, I have an important thing to
discuss with you:   mmrstephe...@gmail.com

Bug#1019867: ITP: qrterminal -- Display QR Codes in terminal

2022-09-14 Thread Stephen Gelman

Package: wnpp
Severity: wishlist
Owner: Stephen Gelman 

* Package name: qrterminal
  Version : 3.0.0-1
  Upstream Author : Mark Percival
* URL : https://github.com/mdp/qrterminal
* License : Expat
  Programming Lang: Go
  Description : Display QR Codes in terminal

 A golang library for generating QR codes in the terminal.
 
 Originally this was a port of the NodeJS version. Recently it's been updated
 to allow for smaller code generation using ASCII 'half blocks'

This package will be team maintained by the go team. This is a dependency of
wormhole-william, which is in turn a dependency of termshark 4.2.0

Bug#1019859: ITP: golang-gitlab-jonas.jasas-condchan -- TODO

2022-09-14 Thread Stephen Gelman

Package: wnpp
Severity: wishlist
Owner: Stephen Gelman 

* Package name: golang-gitlab-jonas.jasas-condchan
  Version : 0.0~git20190210.36637ad-1
  Upstream Author : Jonas Jasas
* URL : https://gitlab.com/jonas.jasas/condchan
* License : Expat
  Programming Lang: Go
  Description : Cancellable sync.Cond

 CondChan is a sync.Cond with the ability to wait in select statement.

 - Adds waiting in select statement feature
 - Implements all sync.Cond interface
 - Passes all sync.Cond tests
 - Implemented using channels
 - Just ~37% slower comparing to sync.Cond

This package will be team-maintaned. This is a dependency of termshark

Bug#1019856: ITP: golang-github-flytam-filenamify -- Convert a string to a valid safe filename on Golang

2022-09-14 Thread Stephen Gelman

Package: wnpp
Severity: wishlist
Owner: Stephen Gelman 

* Package name: golang-github-flytam-filenamify
  Version : 1.1.1-1
  Upstream Author : tanjiahui
* URL : https://github.com/flytam/filenamify
* License : Expat
  Programming Lang: Go
  Description : Convert a string to a valid safe filename

 Converts a string to a valid safe filename.

Package will be team maintained by the go team. A new dependency of termshark
2.4.0

Bug#1016600: siconos: vtk[6,7] removal

2022-09-02 Thread Stephen Sinclair

On Thu, Sep 1, 2022 at 10:56 PM Adrian Bunk  wrote:
>
> On Wed, Aug 03, 2022 at 10:42:08PM +0200, Sebastian Ramacher wrote:
> > Source: siconos
> > Version: 4.3.1+dfsg-2
> > Severity: serious
> > X-Debbugs-Cc: sramac...@debian.org
> > Tags: sid bookworm
> > Control: block 1016597 by -1
> > User: gl...@debian.org
> > Usertags: vtk6_vtk7_removal
> >
> > Based on #1013156 and similar bugs:
> >
> > Dear maintainer,
> >
> > Debian archive has now three major versions of the VTK (The
> > Visualization Toolkit) package: vtk6, vtk7 and vtk9. Old vesions
> > (vtk6 and vtk7) are not supported by upstream and the package itself
> > is not easy for the mainance.
> >
> > We aim to drop old and deprecated version vtk6 and vtk7 packages before
> > the freeze of the Debian 12 Bookworm. Your package depends on vtk6 or
> > vtk7. Thus we ask you to migrate it to the latest vtk9 package.
>
> Two observations regarding the usage of VTK in siconos:
>
> There is WITH_VTK in siconos that does not seem to build with VTK 9,
> but it's anyway not enabled.
>
> The only current usage of VTK is python3-vtk7 in siconos-mechanics-tools.
> This might need upstrream fixes like
>   https://github.com/siconos/siconos/pull/437
>
> > Cheers


Thank you Adrian.  I have an update to the package for a newer
upstream version that has been under construction for a while, but I
haven't been available until recently to work on it more.  I'll try to
get this done soon.

Steve

Bug#967353: freeciv: depends on deprecated GTK 2

2022-08-30 Thread Stephen Kitt

On Mon, 29 Aug 2022 20:43:01 +0200, Tobias Frost  wrote:
> On Mon, Aug 29, 2022 at 08:33:12PM +0200, Stephen Kitt wrote:
> > On Mon, 29 Aug 2022 20:06:12 +0200, Tobias Frost  wrote:
> > > On Tue, 04 Aug 2020 11:38:27 +0100 s...@debian.org wrote:  
> > > > Source: freeciv
> > > > Severity: normal
> > > > User: pkg-gnome-maintain...@lists.alioth.debian.org
> > > > Usertags: gtk2 oldlibs
> > > > Control: block 947713 by -1
> > > > 
> > > > This package has Build-Depends on GTK 2 (libgtk2.0-dev), or produces
> > > > binary packages with a Depends on GTK 2.
> > > 
> > > (...)
> > > 
> > > Upstream says in 3.0.3 (doc/README.packaging):  
> > > > * Gtk2-client is no longer considered maintained client
> > > 
> > > So I guess the gtk2 client should not be released with bookworm…
> > > 
> > > Any thoughts (question directed to the games team)?  
> > 
> > It’s gone entirely in 3.0.3, isn’t it? So if you’re upgrading to that
> > release, it seems the freeciv-gtk package should be dropped (or rather,
> > turned into a transitional package pulling freeciv-gtk3).  
> 
> The client is still there in 3.0.3 (but needs to be enabled manually,
> at least it builds; not yet there to see if it works…)

Ah yes, I started with the main branch and didn’t check 3.0.3 thoroughly
enough.

However given that GTK 2 is obsolete in general, and the existence of other
(maintained) Freeciv clients, I don’t think it’s all useful to keep the GTK 2
client for Bookworm.

Regards,

Stephen


pgpg5UpEajORr.pgp
Description: OpenPGP digital signature

Bug#967353: freeciv: depends on deprecated GTK 2

2022-08-29 Thread Stephen Kitt

Hi,

On Mon, 29 Aug 2022 20:06:12 +0200, Tobias Frost  wrote:
> On Tue, 04 Aug 2020 11:38:27 +0100 s...@debian.org wrote:
> > Source: freeciv
> > Severity: normal
> > User: pkg-gnome-maintain...@lists.alioth.debian.org
> > Usertags: gtk2 oldlibs
> > Control: block 947713 by -1
> > 
> > This package has Build-Depends on GTK 2 (libgtk2.0-dev), or produces
> > binary packages with a Depends on GTK 2.  
> 
> (...)
> 
> Upstream says in 3.0.3 (doc/README.packaging):
> > * Gtk2-client is no longer considered maintained client  
> 
> So I guess the gtk2 client should not be released with bookworm…
> 
> Any thoughts (question directed to the games team)?

It’s gone entirely in 3.0.3, isn’t it? So if you’re upgrading to that
release, it seems the freeciv-gtk package should be dropped (or rather,
turned into a transitional package pulling freeciv-gtk3).

Regards,

Stephen


pgpeaw_jMrz5W.pgp
Description: OpenPGP digital signature

Bug#1017132: opentracing-cpp: diff for NMU version 1.6.0-2.1

2022-08-29 Thread Stephen Gelman

On Aug 29, 2022 at 6:52:06 AM, Luca Falavigna  wrote:

> Il giorno lun 29 ago 2022 alle ore 07:34 Stephen Gelman
>  ha scritto:
>
> Would you be interested in creating a MR for your changes to salsa? If not
> that’s fine, just let me know and I will pull in the changes myself.
>
>
> Sure, here it is:
> https://salsa.debian.org/ssgelm/opentracing-cpp/-/merge_requests/1
>
> --
> Cheers,
> Luca
>

This looks awesome; I merged it. Would you like to cancel your NMU and I
can release 1.6.0-3 now, or would you prefer to wait for your NMU? I don’t
have particularly strong feelings in either direction.

Stephen

Bug#1017132: opentracing-cpp: diff for NMU version 1.6.0-2.1

2022-08-28 Thread Stephen Gelman

On Aug 28, 2022 at 4:29:03 AM, Luca Falavigna  wrote:

> Control: tags 1017132 + patch
> Control: tags 1017132 + pending
>
>
> Dear maintainer,
>
> I've prepared an NMU for opentracing-cpp (versioned as 1.6.0-2.1) and
> uploaded it to DELAYED/7. Please feel free to tell me if I
> should delay it longer.
>
> Regards,
> Luca
>

This is awesome, thanks so much! It was on my todo list to fix but I hadn’t
gotten around to it yet… Would you be interested in creating a MR for your
changes to salsa? If not that’s fine, just let me know and I will pull in
the changes myself.

Stephen

Bug#1018078: hdparm: new upstream release(s) available

2022-08-25 Thread Stephen Kitt

Package: hdparm
Version: 9.60+ds-1
Severity: wishlist

Dear Maintainer,

Multiple upstream releases have been made available since 9.60; the
current release is 9.64. It would be great if hdparm could be updated
before the next release of Debian.

In particular, 9.61 fixes set-sector-size handling.

Regards,

Stephen


-- System Information:
Debian Release: 11.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 
'stable-debug'), (500, 'stable'), (100, 'unstable-debug'), (100, 
'testing-debug'), (100, 'unstable'), (100, 'testing'), (1, 
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, arm64

Kernel: Linux 5.10.0-16-amd64 (SMP w/8 CPU threads)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages hdparm depends on:
ii  libc6 2.31-13+deb11u3
ii  lsb-base  11.1.0

Versions of packages hdparm recommends:
ii  powermgmt-base  1.36

hdparm suggests no packages.

-- no debconf information

Bug#1017955: bugs.debian.org: 1017155 is innaccessible

2022-08-22 Thread Stephen Kitt

Package: bugs.debian.org
Severity: normal

Dear Maintainer,

Attempting to access https://bugs.debian.org/1017155 results in

> An error occurred. Error was: Bad bug log for Bug 1017155. Unable to
> read records: state kill-init at end at
> /usr/local/lib/site_perl/Debbugs/Log.pm line 320.

I'm afraid that's all I have. 1017154 and 1017156 are fine.

Regards,

Stephen

Bug#1016091: RFS: tinymux/2.12.0.10-1 [RC] -- text-based multi-user virtual world server

2022-07-27 Thread Stephen Dennis

Reproduce this by adding 'sleep 100' into the libmux.so: part of the
Makefile. It reproduces in the initial submission. It does not reproduce in
the second. So, I am confident it has been fixed.

On Tue, Jul 26, 2022 at 8:03 PM Adam Borowski  wrote:

> On Tue, Jul 26, 2022 at 03:29:03PM -0600, Stephen Dennis wrote:
> >  * Package name: tinymux
> >Version : 2.12.0.10-1
>
> >  tinymux (2.12.0.10-1) unstable; urgency=medium
> >  .
> >* New upstream release
> >  + fixes ftbfs with GCC-12. (Closes: #1013053)
> >* Update Standards-Version in debian/control from 4.0.1 to 4.6.1.
> >  + Removed build date and number for reproducible build.
> >(Closes: #866945)
>
> Alas, it fails to build:
> g++ -std=c++14 -g -O2 -ffile-prefix-map=/<>=.
> -fstack-protector-strong -Wformat -Werror=format-security -g -O
>  -DSTUB_SLAVE   -o stubslave stubslave.o -L. -lm -lcrypt   -lmux
> /usr/bin/ld: cannot find -lmux: No such file or directory
>
>
> Meow!
> --
> ⢀⣴⠾⠻⢶⣦⠀
> ⣾⠁⢠⠒⠀⣿⡁ Imagine there are bandits in your house, your kid is bleeding out,
> ⢿⡄⠘⠷⠚⠋⠀ the house is on fire, and seven giant trumpets are playing in the
> ⠈⠳⣄ sky.  Your cat demands food.  The priority should be obvious...
>

1 2 3 4 5 6 7 8 9 10 >

1 - 100 of 5128 matches

Mail list logo