Followup-For: Bug #928640
Every hour, I receive the following email from cron:
/usr/sbin/tigercron: 127: /usr/lib/tiger/systems/default/config: expot: not
--ERROR-- [init001e] Don't have required command DIFF.
Attached is the patch I sent to the
on my uwsgi-emperor setup, I've noticed that uwsgi-emperor fails to
stop or restart. e.g. when running `systemctl stop uwsgi-emperor`, I get
(in `systemctl status uwsgi-emperor`):
systemd: Stopping LSB: Start/stop uWSGI server
libv8-3.14 is an outdated library with many security issue . It had
one reverse dependency which is ROM-RM also (#934243, done).
Then I think it should be removed from Debian.
On Mon, Apr 15, 2019 at 12:06:35PM +, Holger Levsen wrote:
> many thanks for all your fixes on this bug!
Can you please rerun the command:
~/Projects/debian-www/webwml$ ../cron/parts/10-check-advisories --mode DLA
I am loosing track of which DLAs are still missing, and it looks like
On Tue, 2019-08-13 at 13:12 +0200, Julian Andres Klode wrote:
> I think it's the wrong solution though. The correct solution is to bundle
> the offline system's state (/var/lib/apt, /var/lib/dpkg/status, /etc/apt),
> copy it to the online system, and then calculate and download the
Quoting William Blough (2019-08-14 02:52:00)
> To reproduce-
> 1. For an arbitrary package (I used hello in my example), create a new
> debian/changelog entry with the distribution set to UNRELEASED.
> 2. build with sbuild, specifying a target distribution, and enable lintian:
There is a new version available upstream (include a CVE fix already
distro patch but also a buffer overflow fix) which would be nice to get
In hook-funtions, dep_add_modules_mount() wants a real mount point
while zfs only presents its mount point as a virtual one named by the
underlying dataset in /proc/mounts, this makes the function abort
claiming unable to
Compiling from source and running in gdb, the crash happens in
In line 24, the variable uri is defined as:
but get_view().get_uri() turns out to be null,
Running with logging (SHOTWELL_LOG=1
Hello, looks like ndpi fails on armhf when built with a builder with an arm64
kernel, because of some aligment issue.
I forwarded the issue to github  , but I propose for now to just drop armhf,
and wait for an upstream fix
Hello, after trying to understand why firewalld was completely broken on s390x,
and discussing with nftables upstream, they found that a particular commit:
broke Big Endian machines.
this is the set of patches:
control: severity -1 important
I asked to remove the package on armhf, to avoid this bug being RC.
On Mon, 12 Aug 2019 16:27:47 +0200 Gianfranco Costamagna
> control: forwarded -1 https://github.com/ntop/nDPI/issues/763
> updating forwarded tag.
> And ubuntu is now shipping 1.0
AFAIK there is no "Kubernetes 1.0".
Kubernetes has an almost extreme cadence of new releases; we're at 1.15.2
right now and the next major release (1.16) is already in alpha.
> May this be synced back to
There is now an additional CVE that affects pdfresurrect in buster and
Neither this one or CVE-2019-14267 are deemed worthy of a DSA however.
If you approve the first upload I have prepared for buster and stretch, I
[Important disclaimer: not part of the release team]
On Tue, Aug 13, 2019 at 11:29:55PM -0700, Francois Marier wrote:
> There is now an additional CVE that affects pdfresurrect in buster and
Owner: Olivier Michel
* Package name : webots
Version : R2019b
Upstream Author : Olivier Michel
* URL : https://github.com/omichel/webots
* License : Apache 2.0
Programming Lang: C++
Description : Webots is robot
There is a new 0.20 version available, it would be nice to get it
uploaded to Debian
(in fact a .1 on https://ftp.gnu.org/pub/gnu/gettext/gettext-0.20.1.tar.xz)
Seconded. It also provides libv8-dev and that confuses other packagers
the latest libv8-dev is provided by libnode-dev.
Le mer. 14 août 2019 à 09:15, Xavier Guimard a écrit :
> Package: ftp.debian.org
> Severity: normal
> Hi all,
> libv8-3.14 is an outdated library with many
Tags: stretch d-i
glib2.0 in stretch has some minor security vulnerabilities for which
the security team have declined to issue DSAs: the most recent is also
pending review as a buster update
node-yawl never entered to testing due to FTBFS. Issue posted to
upstream , but nobody answers. node-yawl has no reverse dependencies.
That's why I propose to remove it from Debian
On Tue, 2019-08-13 at 23:16 +, brian m. carlson wrote:
> On 2019-08-13 at 06:12:30, Philip Withnall wrote:
> > Hi,
> > I can’t speak for the Debian project, but as an upstream GLib
> > developer
> > I can say such an environment variable would not be welcome
> > upstream.
> > Hiding
Excellent, thank you very much Dmitry!
I am really happy that src:lsb found a new home!
13 août 2019 20:54 "Debian Bug Tracking System" a écrit:
> This is an automatic notification regarding your Bug report
> which was filed against the wnpp package:
> #924519: RFA: lsb --
jscommunicator has been removed from testing 3 years ago. 26 issues are
opened upstream , but there is no changes for 4 years. jscommunicator
has no reverse dependencies.
That's why I think it should be removed from Debian.
-BEGIN PGP SIGNED MESSAGE-
It would be great if the integration with dh could be improved.
The first step would be to enable --with=apparmor support with a script
diff -Nru captagent-184.108.40.206/debian/changelog
--- captagent-220.127.116.11/debian/changelog 2017-01-15 21:09:31.0 +0100
+++ captagent-18.104.22.168/debian/changelog 2019-08-14 09:59:44.0 +0200
@@ -1,3 +1,11 @@
control: tags -1 patch pending
On Mon, 26 Feb 2018 15:22:58 +0200 Adrian Bunk wrote:
> Source: captagent
> Version: 22.214.171.124-3
> Severity: serious
> Tags: buster sid
> checking whether make sets
On Wed, Aug 14, 2019 at 05:16:46PM +1000, Brian May wrote:
> On Mon, Apr 15, 2019 at 12:06:35PM +, Holger Levsen wrote:
> > many thanks for all your fixes on this bug!
> Can you please rerun the command:
> ~/Projects/debian-www/webwml$ ../cron/parts/10-check-advisories --mode DLA
Control: block 933577 by -1
Folks needs updating for EDS 3.33, which is in experimental now. It's
fixed upstream and I filed an MR with the required fix:
On Thu, 08 Aug 2019 19:39:08 +0530 Pirate Praveen
> Package: rainloop
> Version: 1.12.1-2
> Severity: important
> I'd like to update node-raw-loader to 1.0.0 for gitlab and uploaded it
> to experimental. Please confirm if this version is compatible with
> rainloop so I can upload it
> Should I push directly to master, send a patcht o the mailing list or propose
> a pull request in salsa, or other?
The fix has been pushed to master.
Any upload planned? Or should I prepare an upload on mentors.d.o?
Also, I'm pondering raising the severity of this bug. uwsgi-plugin-php
Followup-For: Bug #933752
The attached patch was cherry-picked from  and fixes the problem
Could you include it for the next package upload to fix the problem
on Debian powerpc?
When opening welle.io, the top left (menu - 3 horizontal bars) & top right
(options) icons are missing.
Loudspeaker (in service overview widget) icon is missing too
Same problem with the dropdown menu "Favorites" which is
-BEGIN PGP SIGNED MESSAGE-
Dear Lintian maintainers,
While working on a new upload of haveged, I noticed that Lintian reports
package-name-doesnt-match-sonames against haveged-udeb.
This is technically correct (the non-udeb
On Tue, 09 Jul 2019 19:30:24 +0900 Jongmin Kim wrote:
> libgit2 0.28 is now available in experimental. Please make sure your
> package is ready for this version by the time we upload this package to
> unstable in one to two weeks. The severity of this report will be
On Wed, 14 Aug 2019 07:17:28 +0900 Jongmin Kim wrote:
> No error reported on chroot without ccache. When I tried with ccache
> installed chroot, following same issue was occurred:
> Compiler stderr:
>ccache: error: Failed to create directory
As Debian CI logs  show, python-pbr 5.1.3-3 is consistently failing
its autopkgtest. This regression is blocking its migration to testing.
It looks like the test infrastructure is trying to run Python 2 tests,
even though Python 2 support was removed from
On Wed, 14 Aug 2019 at 13:39, Jörg Frings-Fürst wrote:
> Package: sponsorship-requests
> Severity: normal [important for RC bugs, wishlist for new packages]
> Dear mentors,
> I am looking for a sponsor for my package "shotwell"
>Package name: shotwell
* Package name: linux-hardened
Version : 5.2
Upstream Author : linux-hardened
* URL : https://github.com/anthraxx/linux-hardened
* License : GPL-2
Programming Lang: C
Control: tags -1 patch
On Sun, 07 Jan 2018 18:45:00 + Niels Thykier wrote:
> On Sun, 4 Sep 2016 15:57:55 -0400 (EDT) Anders Kaseorg
> > Package: debhelper
> > Version: 9.20160814
> > It would be useful to have dh $@ --with-indep ADDON, an analogue of dh $@
> > --with ADDON
Finally I've managed to install a fully working grub on the system. The grub
installation process from the installer still fails, with the output attached
to the previous message, but I found a way to install a fully functional grub
in the system following these steps:
1) When the
Justification: renders package unusable
for several weeks now, rtorrent crashes when I start it (no changes have
been made to either its configuration nor its torrents list for many
Here is the
Severity: normal [important for RC bugs, wishlist for new packages]
I am looking for a sponsor for my package "shotwell"
Package name: shotwell
Version : 0.30.4-2
Upstream Author : Jens Georg
* Roman Savochenko:
>> Is there a way to reproduce your results easily? Upstream, we're
>> looking for workloads which are difficult to handle for glibc's malloc
>> and its default settings, so that we hopefully can improve things
> This way of the ready builds of the
On 2019-08-14 19:21:01 +, Dmitry Bogatov wrote:
> [2019-08-13 16:48] Thorsten Glaser
> > > Please, change format to following:
> > just run:
> > sudo sh -c 'echo FANCYTTY=0 >>/etc/lsb-base-logging.sh'
> > (On the other hand, now that “most” people, and especially the target
we have a vm with kernel 4.9.0-5-amd64 running dabian oldstable
if we run an "npm run build" on one of the virtual machines, the whole xen-host
system will restart (reset)
there is no
On Tue, Aug 13, 2019 at 09:09:35PM +0200, Sebastian Andrzej Siewior wrote:
> Yes, please. As an openssl dev you might have more luck. With a template
> I would ping the ssllabs folks :)
I've opened https://github.com/ssllabs/ssllabs-scan/issues/740
I think they're actually know enough about TLS
Control: retitle -1 ITP: ocaml-mccs -- Stripped-down version of mccs, a CUDF
problem solver, with OCaml bindings
Control: owner -1 !
Control: block 907636 by -1
Control: block 908203 by -1
I started the packaging work while preparing opam/2.0.5-1.
Hopefully I can get this out this
Please remove python-pdftools; sdaps, the only rdep has already been notified
at https://gitlab.com/egh/ledger-autosync (new home for this project) they
describe the tool as "ledger-autosync is developed on Linux with ledger 3 and
Please upgrade to a python3 compatible version, so that you can drop the
Severity 929949 serious
Upstream rolled out a 0.8 version which is finally compatible with
python3, it would be nice to have it uploaded to Debian
The python-monotonic and python-fasteners packages have now dropped support for
python2, so if duplicity is going to stay around it needs
Upstream developer/maintainer here.
Leonardo informed me of this bug, so I investigated the issue. It is
indeed related to the ink level implementation, but I do NOT regard
this as a bug.
Based on the logfile provided:
>From the report in ReadData it has:
The release team have decreed that non-buildd binaries can no longer migrate to
testing, please make a source-only upload so your package can migrate.
Followup-For: Bug #931873
The attached patch should fix the issue. It just enables the alignment
fixes the code has for ARM and Solaris for Linux on SPARC which means
all machines where the compiler defines
So the libvpx transition prompted me to take a look at this, I added some code
to debian/rules to create a fake homedir, use it for the build and remove it in
the clean target.
Unfortunately I then ran into another failure.
mrboom fails to cross build from source, because it does not pass cross
tools to make. The easiest way of doing so is using dh_auto_build. Then
it fails stripping during make install with the wrong
supertuxkart currently fails to build from source on armel, mips,
mipsel, m68k, powerpc and sh4 with the following error during final
| /usr/bin/ld: CMakeFiles/supertuxkart.dir/src/graphics/irr_driver.cpp.o:
Tags: patch upstream
conmon fails to cross build from source, because the upstream Makefile
hard codes the build architecture pkg-config. After making it
substitutable, conmon cross builds successfully. Please
We're trying to remove Python 2.x from Bullseye. Please switch this package to
Python 3. I had a quick look into it, and it does seem Py3 ready. Is there
Thomas Goirand (zigo)
On 2019-08-14 at 07:09:19, Philip Withnall wrote:
> In every situation where I’ve seen warnings (compile time, or run time)
> hidden from developers, those warnings have very rarely been fixed.
> Making them visible has increased the number of warnings which have
> been fixed.
> Filing bugs
On Wednesday, August 14, 2019 9:20:13 PM EDT you wrote:
> I'm not being snarky here - this is a safety issue.
How so? It doesn't seem to have any security issues
Description: This is a digitally signed message
I've had a chance to do some more exploration.
Lintian is indeed getting run with a different .changes file than what
is output to screen/disk.
The package build creates a changes file in the temporary
that contains a Distribution of UNRELEASED. This happens even if the
On 14.8.2019 19.36, Thorsten Glaser wrote:
> Package: xserver-xorg-video-intel
> Version: 2:2.99.917+git20180925-2
> Severity: wishlist
> Please replace “it’s” (short for “it is”) with “its” (genitive form)
> in the package long Description.
> (That being said, what benefits has the
Archive-architecture: ALL amd64 arm64 armel armhf hurd-i386 i386 kfreebsd-amd64
kfreebsd-i386 mips mips64el mipsel powerpc ppc64el s390x
-BEGIN PGP SIGNED MESSAGE-
haveged/1.9.4-1 failed tests on arm64, resulting in a build failure:
> ../src/haveged -n 16384k -v 1
Installed gdb, updated sources, installed the two debug symbol packages,
and ran those commands. (I had not rebooted since the crash on Tuesday.)
The output of coredumpctl is attached.
I also copied the core dump file in case it's wanted later.
sfoley@sethix:~$ sudo coredumpctl
> 1) The current bug metadata suggests it affects sid. Please ensure the
> bug is resolved in sid (by fixing it in sid or correcting bug
> metadata as appropriate).
I cannot reproduce in buster, sid or experimental and have thus
adjusting the metadata of #934034 to match.
nm-applet produces the following warning to standard error:
(nm-applet:3764): Gdk-CRITICAL **: 02:59:58.580:
'window->update_and_descendants_freeze_count > 0' failed
I suspect this
On Thu, Aug 15, 2019 at 03:16:20AM +0100, peter green wrote:
> So the libvpx transition prompted me to take a look at this, I added some
> code to debian/rules to create a fake homedir, use it for the build and
> remove it in the clean target.
Control: tags -1 + pending
I've prepared an NMU for libgtop2 (versioned as 2.38.0-4.1) and
uploaded it to DELAYED/5. Please feel free to tell me if I
should delay it longer.
GPG Fingerprint = 0B29 D88E 42E6 B765 B8D8 EA50 7839 619D D439 668E
On 2019-08-14 at 07:09:19, Philip Withnall wrote:
> Sorry, I think you’re conflating two different types of programs here.
> Command line applications like git have very different output
> requirements on stderr/stdout from graphical programs. Command line
> programs don’t normally use GTK, so
I'm surprised to see no reply from the maintainer(s) when this bug has
been opened in 2016. This isn't reassuring, and likely to cause the
package to drop from Debian, especially as the Python team is actively
doing Python 2 removal.
Is this transition to Python 3 planned? What does upstream
When running atril from the command line, it sometimes prints the
following error message when it exits:
(atril:308857): GLib-CRITICAL **: 23:34:21.398: g_source_set_ready_time:
assertion 'source->priv != NULL' failed
This does not always
* Package Name : nattable
Version : 1.5.0
Upstream author : NatTable developers
* URL : https://www.eclipse.org/nattable/
* License : Eclipse Public License 1.0
Programming language : Java
On Wed, 14 Aug 2019 21:25:35 -0400 John Scott wrote:
> On Wednesday, August 14, 2019 9:20:13 PM EDT you wrote:
> > I'm not being snarky here - this is a safety issue.
> How so? It doesn't seem to have any security issues
Quick excerpt from the release notes for the versions unavailable on
i reported this upstream at https://bugzilla.redhat.com/show_bug.cgi?id=1741016.
it is apparently a known outstanding bug but the other bugzilla
entries are private.
$ cat debian/tests/control
$ autopkgtest -B . -- lxc --sudo autopkgtest-stable-amd64
autopkgtest [19:08:21]: version 5.10
Please find a patch enclosed, which updates the CODENAME2SUITE and
mappings in utils.py, resolving this bug.
The patch is also available as a merge request on salsa.d.o:
GTK+ produces the following warning when attempting to register a client
with the session manager and the client is already registered:
(caja:3729): Gtk-WARNING **: 02:59:57.229: Failed to register client:
Has this package been orphaned? It seems unlikely that a security tool such as
manager would lag one year behind upstream's current version?
Should we just call it quit and switch to the upstream AppImage?
I'm not being snarky here - this is a safety issue. A word of reassurance (or
i wonder how to unsubscribe from this list.
发件人: Christoph Berg
发送时间: 2019年8月13日 8:12
收件人: tony mancill ; 934...@bugs.debian.org
主题: Bug#934446: wsjtx: debian/patches/0001-add-start-script.patch no longer
Re: tony mancill
Tags: security upstream
Justification: user security hole
The following vulnerability was published for ruby-nokogiri.
Tags: security upstream
The following vulnerability was published for kubernetes.
Bearer tokens are revealed in logs
If you fix the vulnerability
Can you please explain what is uncler in my description?
"If openvswitch is used as_a__main ethernet por__t _on host, any VPN services
failing to start."
The route on host goes via this Ethernet and openvswitch
On 8/14/2019 11:21 PM, Debian Bug Tracking System wrote:
This is an
severity 934758 important
tags 934758 + fixed-upstream pending
On Wed, Aug 14, 2019 at 09:53:40AM -0400, Ryan Kavanagh wrote:
> Package: openafs-modules-dkms
> Version: 1.8.2-1
> Severity: grave
> Justification: renders package unusable
> The openafs DKMS module fails to build for Linux
I found out that the problem is actually the package "qml-module-org-kde-
qqc2desktopstyle" which is installed with plasma/kde
When one uses that desktop, this package can not be removed. Moreover, this is
the style that is used as soon as one uses KDE/Plasma
However, when I rename the
Hello Seth Foley,
if possible you could now install gdb
and the following debug symbol packages.
The latter are stored in a separate
repository, more details in :
Then if you have not rebooted since the last
handbrake crash, you can use following
Upstream bugreport can be found here :
Tags: security upstream
The following vulnerability was published for mongodb.
| After user deletion in MongoDB Server the improper invalidation of
On Mon, Aug 12, 2019 at 2:09 PM Chris Lamb wrote:
> I would concede that RST might be more suitable for more complex
> requirements indeed.
Ok, I am going to merge this soon. At least it's a step in the right
direction. Let's see if we all can get comfortable with the RST
tag 934779 + moreinfo
On Wed, Aug 14, 2019 at 09:51:33PM +0300, Сергей Фёдоров wrote:
> Debian Release: bullseye/sid
> APT prefers unstable
> APT policy: (500, 'unstable')
The package fails to include the lis.so module.
Which is odd, because I did a local build and lis.so is indeed built
and included with the 'lcdproc' package.
-- System Information:
Debian Release: 10.0
APT prefers stable
APT policy: (990,
I recently installed Debian Buster and the gnome-calendar application seems
to behave weirdly with events lasting for a whole day.
Each time I save an existing event with the "all day" box ticked, the event
Hi Yaroslav and Andreas,
On Fri, Aug 9, 2019 at 6:57 AM Yaroslav Halchenko
> > Remark: Since it seems the package is not really maintained by the
> > Uploader inside the PAPT team and entering the PAPT team might take a
> > bit longer I'd consider it a sensible step to take over the
When building a live medium, the `console-setup` package will *not*
be installed in the live-medium by default.
The consequence is that keyboard configuration parameters passed via
live-config, as described in the manual:
tags 934723 + pending
forwarded 934723 https://gitlab.gnome.org/GNOME/shotwell/issues/158
thank you for spending your time helping to make Debian better with
this bug report.
I have forward this bug to upstream. He has fixed it, so that I prepare
a bugfix release.
If NetworkManager service restarts, it gets a new dbus unix process id.
The python-networkmanager remains with the old id. since this process
doesn't exist any more, a
On Wed, 14 Aug 2019 at 11:19:31 +0200, Ana Rodriguez Lopez wrote:
> If NetworkManager service restarts, it gets a new dbus unix process id.
The term you're looking for here is "D-Bus unique name".
> The parameter follow_name_owner_changes can be used in get_object()
> calls to prevent this.
On Tue, Aug 13, 2019 at 08:33:41PM +0200, Gerardo Ballabio wrote:
> I ticked off everything: Try to block advertisements, Try to block
> web trackers, and even Try to block dangerous websites. Didn't work
> (sending this from Firefox).
If it still works with the MiniBrowser but not with Epiphany
Dear installation package maintainers,
the current installation procedure of Buster (but also the previous versions),
manual and graphical,
uses an inconsistent wording and is highly confusing upon installing the boot
On 7/29/19 11:49 PM, Hilmar Preuße wrote:
>> FWIW, we have another machine set up for sparc64 which is part of the gcc
>> compile farm . If you request an account there, the answer should usually
>> not take more than 24 hours. Since I have admin rights on all of these
1 - 100 of 176 matches
Mail list logo