Processed: submitter 859655

Processing commands for cont...@bugs.debian.org: > submitter 859655 car...@debian.org Bug #859655 [src:golang-go.crypto] golang-go.crypto: CVE-2017-3204 Changed Bug submitter to 'car...@debian.org' from 'Michael Lustfield '. > thanks Stopping processing here. Please

Processed: ghostscript: diff for NMU version 9.20~dfsg-3.1

Processing control commands: > tags 859662 + patch Bug #859662 [src:ghostscript] ghostscript: CVE-2016-10217 Ignoring request to alter tags of bug #859662 to the same tags previously set > tags 859662 + pending Bug #859662 [src:ghostscript] ghostscript: CVE-2016-10217 Ignoring request to alter

Bug#861295: ghostscript: diff for NMU version 9.20~dfsg-3.1

Control: tags 859662 + patch Control: tags 859662 + pending Control: tags 859666 + pending Control: tags 859694 + pending Control: tags 859696 + pending Control: tags 861295 + patch Control: tags 861295 + pending Dear maintainer, I've prepared an NMU for ghostscript (versioned as 9.20~dfsg-3.1)

Processed: ghostscript: diff for NMU version 9.20~dfsg-3.1

Processing control commands: > tags 859662 + patch Bug #859662 [src:ghostscript] ghostscript: CVE-2016-10217 Ignoring request to alter tags of bug #859662 to the same tags previously set > tags 859662 + pending Bug #859662 [src:ghostscript] ghostscript: CVE-2016-10217 Ignoring request to alter

Processed: tagging 861295

Processing commands for cont...@bugs.debian.org: > tags 861295 + fixed-upstream Bug #861295 [src:ghostscript] ghostscript: CVE-2017-8291: shell injection Added tag(s) fixed-upstream. > thanks Stopping processing here. Please contact me if you need assistance. -- 861295:

Processed: ghostscript: diff for NMU version 9.20~dfsg-3.1

Processing control commands: > tags 859662 + patch Bug #859662 [src:ghostscript] ghostscript: CVE-2016-10217 Ignoring request to alter tags of bug #859662 to the same tags previously set > tags 859662 + pending Bug #859662 [src:ghostscript] ghostscript: CVE-2016-10217 Ignoring request to alter

Processed: ghostscript: diff for NMU version 9.20~dfsg-3.1

Processing control commands: > tags 859662 + patch Bug #859662 [src:ghostscript] ghostscript: CVE-2016-10217 Added tag(s) patch. > tags 859662 + pending Bug #859662 [src:ghostscript] ghostscript: CVE-2016-10217 Added tag(s) pending. > tags 859666 + pending Bug #859666 [src:ghostscript]

Processed: ghostscript: diff for NMU version 9.20~dfsg-3.1

Processing control commands: > tags 859662 + patch Bug #859662 [src:ghostscript] ghostscript: CVE-2016-10217 Ignoring request to alter tags of bug #859662 to the same tags previously set > tags 859662 + pending Bug #859662 [src:ghostscript] ghostscript: CVE-2016-10217 Ignoring request to alter

Bug#861366: Etherpuppet, unusuable on systems with unsigned char.

❦ 28 avril 2017 02:04 +0100, peter green  : > Etherpuppet has a bug with it's command line parsing that makes it > unusable on systems with unsigned char. Someone found an upstream fix > for me and submitted it to a raspbian bug report. > > A debdiff can be found at >

Bug#861295: ghostscript: CVE-2017-8291: shell injection

Hi Upstream commits are now available: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=04b37bbce174eed24edec7ad5b920eb93db4d47d https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=4f83478c88c2e05d6e8d79ca4557eb039354d2f3 Regards, Salvatore

Processed: Re: Bug#860817: kedpm: Information leak via the command history file

Processing control commands: > retitle -1 kedpm: CVE-2017-8296: Information leak via the command history file Bug #860817 [src:kedpm] kedpm: Information leak via the command history file Changed Bug title to 'kedpm: CVE-2017-8296: Information leak via the command history file' from 'kedpm:

Bug#860817: kedpm: Information leak via the command history file

Control: retitle -1 kedpm: CVE-2017-8296: Information leak via the command history file CVE-2017-8296 has been assigned for this vulnerability. Regards, Salvatore

Bug#861218: libgssapi-krb5-2: soname-independent files in shared library package (policy 8.2)

Hi Helmut, On Wed, Apr 26, 2017 at 06:52:58AM +0200, Helmut Grohne wrote: > Package: libgssapi-krb5-2 > Version: 1.15-1 > Severity: serious > Justification: violates policy section 8.2 > > libgssapi-krb5-2 is a shared library package and contains > /etc/gss/mech.d/README. The latter filename

Processed: your mail

Processing commands for cont...@bugs.debian.org: > block 859655 by 860429 Bug #859655 [src:golang-go.crypto] golang-go.crypto: CVE-2017-3204 859655 was not blocked by any bugs. 859655 was not blocking any bugs. Added blocking bug(s) of 859655: 860429 > thanks Stopping processing here. Please

Bug#859655: (still in progress)

Control: reopen 859655 ! This is obviously not resolved yet, but the fix is in unstable. I'm currently discussing the idea of unblocking this package and requesting nmu rebuilds. If this works out, it shouldn't take too long to get this closed. -- Michael Lustfield

Processed: (still in progress)

Processing control commands: > reopen 859655 ! Bug #859655 {Done: Michael Lustfield } [src:golang-go.crypto] golang-go.crypto: CVE-2017-3204 'reopen' may be inappropriate when a bug has been closed with a version; all fixed versions will be cleared, and you may need to

Bug#861366: Etherpuppet, unusuable on systems with unsigned char.

Package: etherpuppet Severity: grave Tags: patch Etherpuppet has a bug with it's command line parsing that makes it unusable on systems with unsigned char. Someone found an upstream fix for me and submitted it to a raspbian bug report. A debdiff can be found at

Bug#861175: [Python-modules-team] Bug#861175: cairocffi: Please drop Build-Depends and Recommends on xcffib

Hey Sandro, I’m overwhelmed by academic job applications. I assume Stretch’s release date is coming soon enough that this should fix ASAP so I think It would be better if you could have a look. If I have some time later this week, I might give also a look at it but nothing is sure. BTW,

Bug#861333: r-base: R packages uploaded to Debian before 14 April 2017 that use .C or .Fortran fail to find objects

On 28 April 2017 at 00:31, Johannes Ranke wrote: | > | Packages compiled locally can simply be rebuilt using | > | | > | update.packages(lib.loc="/usr/local/lib/R/site-library", | > | checkBuilt=TRUE) | > | | > | However the packages provided by Debian packages are installed in a | > |

Bug#861175: [Python-modules-team] Bug#861175: cairocffi: Please drop Build-Depends and Recommends on xcffib

Hey Jean-Christophe, do you have time to work on this or would you be ok with me having a look at fixing it? thanks! On Tue, Apr 25, 2017 at 8:44 AM, Niels Thykier wrote: > Source: cairocffi > Version: 0.7.2-1 > Severity: grave > Justification: stretch-is-blocker / Depends on

Processed: esperanza package useless without binary

Processing commands for cont...@bugs.debian.org: > severity 861271 grave Bug #861271 {Done: Benjamin Drung } [esperanza] esperanza: contains no binary, only documentation Severity set to 'grave' from 'important' > thanks Stopping processing here. Please contact me if you need

Bug#861333: r-base: R packages uploaded to Debian before 14 April 2017 that use .C or .Fortran fail to find objects

> | Packages compiled locally can simply be rebuilt using > | > | update.packages(lib.loc="/usr/local/lib/R/site-library", > | checkBuilt=TRUE) > | > | However the packages provided by Debian packages are installed in a > | directory only writable by privileged users. > > That's irrelevant.

Bug#801564: squid: prompting due to modified conffiles which were not modified by the user: /etc/squid/squid.conf

Followup-For: Bug #801564 Control: found -1 3.5.23-2 Control: tag -1 + patch Hi, the way the fix was implemented has a small issue: it retains even an unmodified configuration file from squid 2.7. This is no problem now, but it will make the error show up again the next time the shipped

Processed: Re: squid: prompting due to modified conffiles which were not modified by the user: /etc/squid/squid.conf

Processing control commands: > found -1 3.5.23-2 Bug #801564 {Done: Amos Jeffries } [squid] squid: prompting due to modified conffiles which were not modified by the user: /etc/squid/squid.conf Marked as found in versions squid3/3.5.23-2; no longer marked as fixed in

Processed: unarchiving 801564

Processing commands for cont...@bugs.debian.org: > unarchive 801564 Bug #801564 {Done: Amos Jeffries } [squid] squid: prompting due to modified conffiles which were not modified by the user: /etc/squid/squid.conf Unarchived Bug 801564 > thanks Stopping processing here.

Bug#860699: marked as done (golang-google-cloud: FTBFS on i386: Test failures)

Your message dated Thu, 27 Apr 2017 21:04:14 + with message-id and subject line Bug#860699: fixed in golang-google-cloud 0.5.0-2 has caused the Debian Bug report #860699, regarding golang-google-cloud: FTBFS on i386: Test failures to be marked as done.

Bug#860657: marked as done (cppad: FTBFS on i386: dh_auto_test: make -j64 check ARGS+=-j64 returned exit code 2)

Your message dated Thu, 27 Apr 2017 21:03:49 + with message-id and subject line Bug#860657: fixed in cppad 2017.00.00.4-2 has caused the Debian Bug report #860657, regarding cppad: FTBFS on i386: dh_auto_test: make -j64 check ARGS+=-j64 returned exit code

Bug#860657: marked as done (cppad: FTBFS on i386: dh_auto_test: make -j64 check ARGS+=-j64 returned exit code 2)

Your message dated Thu, 27 Apr 2017 21:03:59 + with message-id and subject line Bug#860657: fixed in cppad 2017.00.00.4-3 has caused the Debian Bug report #860657, regarding cppad: FTBFS on i386: dh_auto_test: make -j64 check ARGS+=-j64 returned exit code

Processed: Pending fixes for bugs in the golang-google-cloud package

Processing commands for cont...@bugs.debian.org: > tag 860699 + pending Bug #860699 [src:golang-google-cloud] golang-google-cloud: FTBFS on i386: Test failures Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 860699:

Bug#860699: Pending fixes for bugs in the golang-google-cloud package

tag 860699 + pending thanks Some bugs in the golang-google-cloud package are closed in revision a3da766231743b9df31f7648dc098bd9d4cec6c5 in branch 'master' by Dr. Tobias Quathamer The full diff can be seen at

Processed: freetype: diff for NMU version 2.6.3-3.2

Processing control commands: > tags 861220 + pending Bug #861220 [src:freetype] freetype: CVE-2017-8105 Ignoring request to alter tags of bug #861220 to the same tags previously set > tags 861308 + pending Bug #861308 [src:freetype] freetype: CVE-2017-8287: out-of-bounds write via

Processed: freetype: diff for NMU version 2.6.3-3.2

Processing control commands: > tags 861220 + pending Bug #861220 [src:freetype] freetype: CVE-2017-8105 Added tag(s) pending. > tags 861308 + pending Bug #861308 [src:freetype] freetype: CVE-2017-8287: out-of-bounds write via t1_builder_close_contour function Added tag(s) pending. -- 861220:

Bug#861220: freetype: diff for NMU version 2.6.3-3.2

Control: tags 861220 + pending Control: tags 861308 + pending Dear maintainer, I've prepared an NMU for freetype (versioned as 2.6.3-3.2) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer. Regards, Salvatore diff -u freetype-2.6.3/debian/changelog

Processed: nodm: diff for NMU version 0.13-1.1

Processing control commands: > tags 860463 + patch Bug #860463 [nodm] nodm: Missing handling of plymouth (#782456) Added tag(s) patch. > tags 860463 + pending Bug #860463 [nodm] nodm: Missing handling of plymouth (#782456) Added tag(s) pending. -- 860463:

Bug#860463: nodm: diff for NMU version 0.13-1.1

Control: tags 860463 + patch Control: tags 860463 + pending Dear maintainer, I've prepared an NMU for nodm (versioned as 0.13-1.1) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer. Regards, S diffstat for nodm-0.13 nodm-0.13 changelog

Bug#861333: API transition of R packages

On Thu, 27 Apr 2017, Dirk Eddelbuettel wrote: > I feel like we have had the substitution of R (>= 'currentBuildVersion') for > a decade. I didn't realize that it was the current build version; I just assumed it was updated manually. -- Don Armstrong

Bug#861333: API transition of R packages

On 27 April 2017 at 11:37, Don Armstrong wrote: | On Thu, 27 Apr 2017, Dirk Eddelbuettel wrote: | > I don't know, and I tend not to run dated r-base-core packages. | | I'll try to check this out later. Thanks! | > Is that what debian/control ensures? | | Cool; I didn't check to see whether

Bug#859520: marked as done ([apt-cacher-ng] RequiresMountsFor should be in Unit section, rather than Service)

Your message dated Thu, 27 Apr 2017 18:48:42 + with message-id and subject line Bug#859520: fixed in apt-cacher-ng 3-5 has caused the Debian Bug report #859520, regarding [apt-cacher-ng] RequiresMountsFor should be in Unit section, rather than Service to

Bug#861333: API transition of R packages

On Thu, 27 Apr 2017, Dirk Eddelbuettel wrote: > I don't know, and I tend not to run dated r-base-core packages. I'll try to check this out later. > Is that what debian/control ensures? Cool; I didn't check to see whether the substitution variable had been updated. > I uploaded one beta build

Bug#860463: nodm: Missing handling of plymouth (#782456)

Simon McVittie: > On Mon, 17 Apr 2017 at 12:05:41 +0200, Niels Thykier wrote: >> I have reviewed the nodm systemd service file plus the init.d script >> and I cannot see that it takes plymouth into account (which leads to >> #782456). To the best of my knowledge, #782456 have to be fixed in >>

Bug#861333: API transition of R packages

On 27 April 2017 at 12:49, Don Armstrong wrote: | Control: severity -1 serious | | Do we know if this issue may also mean that any packages built with this | new version are incompatible with older R versions? [I'm thinking so, | but my ABI-fu is not super strong.] I don't know, and I tend not

Bug#861333: r-base: R packages uploaded to Debian before 14 April 2017 that use .C or .Fortran fail to find objects

On 27 April 2017 at 15:45, Johannes Ranke wrote: | Package: r-base | Version: 3.4.0-1 | Severity: normal | | With current R, R packages built for Debian before the upload of R | 3.3.3.20170413-1 | on 14 April that use .C or .Fortran do no work properly, because the functions | calling .C or

Bug#860668: marked as pending

tag 860668 pending thanks Hello, Bug #860668 reported by you has been fixed in the Git repository. You can see the changelog below, and you can check the diff of the fix at: https://anonscm.debian.org/cgit/python-modules/packages/sorl-thumbnail.git/commit/?id=07c0494 --- commit

Processed: Bug#860668 marked as pending

Processing commands for cont...@bugs.debian.org: > tag 860668 pending Bug #860668 {Done: deba...@debian.org (W. Martin Borgert)} [src:sorl-thumbnail] sorl-thumbnail: FTBFS on i386: segfault during tests Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need

Processed: [bts-link] source package python-iptables

Processing commands for cont...@bugs.debian.org: > # > # bts-link upstream status pull for source package python-iptables > # see http://lists.debian.org/debian-devel-announce/2006/05/msg1.html > # > user bts-link-upstr...@lists.alioth.debian.org Setting user to

Bug#860463: nodm: Missing handling of plymouth (#782456)

On Mon, 17 Apr 2017 at 12:05:41 +0200, Niels Thykier wrote: > I have reviewed the nodm systemd service file plus the init.d script > and I cannot see that it takes plymouth into account (which leads to > #782456). To the best of my knowledge, #782456 have to be fixed in > the DMs. I tried

Processed: API transition of R packages

Processing control commands: > severity -1 serious Bug #861333 [r-base] r-base: R packages uploaded to Debian before 14 April 2017 that use .C or .Fortran fail to find objects Severity set to 'serious' from 'normal' -- 861333: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861333 Debian Bug

Processed: [bts-link] source package firefox-esr

Processing commands for cont...@bugs.debian.org: > # > # bts-link upstream status pull for source package firefox-esr > # see http://lists.debian.org/debian-devel-announce/2006/05/msg1.html > # > user bts-link-upstr...@lists.alioth.debian.org Setting user to

Processed: [bts-link] source package src:ariba

Processing commands for cont...@bugs.debian.org: > # > # bts-link upstream status pull for source package src:ariba > # see http://lists.debian.org/debian-devel-announce/2006/05/msg1.html > # > user bts-link-upstr...@lists.alioth.debian.org Setting user to

Bug#861295: ghostscript: CVE-2017-8291: shell injection

SuSE has caputred the initial report including a reproducer to verify the issue (and verify the fix upstream once landed there): https://bugzilla.suse.com/show_bug.cgi?id=1036453 Regards, Salvatore

Bug#854554: dpkg: trigger problem with cracklib-runtime while upgrading libcrypt-cracklib-perl from jessie to stretch

Followup-For: Bug #854554 Control: found -1 2.9.2-4 Control: affects -1 + libcrypt-cracklib-perl Hi, this problem has been solved completely, yet, since nothing prevents the old cracklib-runtime from being triggered during the upgrade. (Could be a problem in jessie's apt and therefore needs to

Processed: Re: dpkg: trigger problem with cracklib-runtime while upgrading libcrypt-cracklib-perl from jessie to stretch

Processing control commands: > found -1 2.9.2-4 Bug #854554 {Done: Jan Dittberner } [cracklib-runtime] dpkg: trigger problem with cracklib-runtime while upgrading libcrypt-cracklib-perl from jessie to stretch Bug #859307 {Done: Jan Dittberner }

Bug#858633: closed by Innocent De Marchi <tangram.pe...@gmail.com> (Bug#858633: fixed in dmaths 4.3.0.0+dfsg1-1)

Hi Adrian, > You can try send an unblock request for the version in unstable with > that rationale. > > Worst case is that the release team says "No", which isn't different > from what you get if you aren't asking... > > See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859887. Thanks! I.

Bug#858633: closed by Innocent De Marchi <tangram.pe...@gmail.com> (Bug#858633: fixed in dmaths 4.3.0.0+dfsg1-1)

Hi Adrian, 2017-04-26 21:49 GMT+02:00 Adrian Bunk : > On Mon, Apr 24, 2017 at 09:24:17PM +, Gianfranco Costamagna wrote: > > Hello, > > > > >This fixed the bug for unstable, but the new upstream version won't be > > >acceptable for fixing the bug in stretch. > > > > >

Bug#861225: [Regression] Soft lockup in KVM/QEMU virtual machine

On Thu, 2017-04-27 at 11:34 +0200, Olav Seyfarth wrote: > Hi Ben, > > > [Reply to all, not just to me] > > sorry, using my mobile phone email client I did not notice that. > > > You cut too much. > > Below my message is what I did cut (running the older, stable kernel). > > Might any of the

Bug#860710: golang-google-api: FTBFS on i386: dh_auto_test

Control: tag -1 +patch I pushed a fix commit to stretch branch in git repo. Confirmed that FTBFS fixed on DoM: http://debomatic-i386.debian.net/distribution#unstable/golang-google-api/0.0~git20161128.3cc2e59-2/buildlog Package also uploaded to mentors for RFS. Please help to upload. Thank

Processed: Re: Bug#860710: golang-google-api: FTBFS on i386: dh_auto_test

Processing control commands: > tag -1 +patch Bug #860710 [src:golang-google-api] golang-google-api: FTBFS on i386: dh_auto_test: go test -v -p 64 [...] returned exit code 2 Added tag(s) patch. -- 860710: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860710 Debian Bug Tracking System Contact

Processed: Pending fixes for bugs in the golang-google-api package

Processing commands for cont...@bugs.debian.org: > tag 860710 + pending Bug #860710 [src:golang-google-api] golang-google-api: FTBFS on i386: dh_auto_test: go test -v -p 64 [...] returned exit code 2 Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need

Bug#860710: Pending fixes for bugs in the golang-google-api package

tag 860710 + pending thanks Some bugs in the golang-google-api package are closed in revision d89b2e89defa1dbfecf789411e9a6601e21d5958 in branch ' stretch' by Roger Shimizu The full diff can be seen at https://anonscm.debian.org/cgit/pkg-go/packages/golang-google-api.git/commit/?id=d89b2e8

Bug#860225: bind9: CVE-2017-3137: A response packet can cause a resolver to terminate when processing an answer containing a CNAME or DNAME

Package: bind9 Version: 1:9.9.5.dfsg-9+deb8u10 Followup-For: Bug #860225 Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? * What exactly did you do (or not do) that was effective (or ineffective)? *

Bug#860817: kedpm: Information leak via the command history file

On 2017-04-27 06:24:25, Salvatore Bonaccorso wrote: > Hi, > > On Wed, Apr 26, 2017 at 05:01:30PM -0400, Antoine Beaupr?? wrote: >> Control: tags -1 +patch >> >> I have requested a CVE on the oss-security mailing list. > > Please note that requests are done now via > > https://cveform.mitre.org/

Bug#860225: Assertion failure with bind9 1:9.9.5.dfsg-9+deb8u10

Hi, In have both my DNS resolv servers aborting randomly with assertion failure since beginning of last week. Since then we have these crashes almost every day, and sometimes in both servers almost at the time. I see that ISC already publish a fixed version last week, but it seems that Debian

Bug#861303: marked as done (hdf4-tools: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE)

Your message dated Thu, 27 Apr 2017 11:03:56 + with message-id and subject line Bug#861303: fixed in libhdf4 4.2.12-3 has caused the Debian Bug report #861303, regarding hdf4-tools: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE to be

Processed: reassign 861313 to src:linux, found 861313 in 3.16.43-1

Processing commands for cont...@bugs.debian.org: > reassign 861313 src:linux Bug #861313 [linux-image-3.16.0-4-amd64] kernel BUG with kvm Bug reassigned from package 'linux-image-3.16.0-4-amd64' to 'src:linux'. No longer marked as found in versions linux/3.16.43-1. Ignoring request to alter fixed

Bug#861303: hdf4-tools: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE

On 2017-04-27 11:59, Sebastiaan Couwenberg wrote: > Since we cannot fix the squeeze version of the package, adding the and that also wouldn't help long grown systems that are already past squeeze ... > following hdf4-tools.maintscript should fix the upgrade in the stretch > package: > >

Bug#861306: marked as done (fte-docs: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE)

Your message dated Thu, 27 Apr 2017 10:03:54 + with message-id and subject line Bug#861306: fixed in fte 0.50.2b6-20110708-2 has caused the Debian Bug report #861306, regarding fte-docs: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE to

Processed (with 1 error): your mail

Processing commands for cont...@bugs.debian.org: > user reproducible-bui...@lists.alioth.debian.org Setting user to reproducible-bui...@lists.alioth.debian.org (was mat...@debian.org). > archive 830097 Bug #830097 {Done: Lucas Albuquerque Medeiros de Moura }

Bug#861303: hdf4-tools: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE

Control: tags -1 - moreinfo Control: tags -1 + pending On 04/27/2017 10:57 AM, Sebastiaan Couwenberg wrote: > libhdf4g is a transitional package, and has been for quite some time > (several releases). > > It seems you want us to fix the package in lenny or squeeze to resolve > this issue. That's

Processed: Re: Bug#861303: hdf4-tools: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE

Processing control commands: > tags -1 - moreinfo Bug #861303 [hdf4-tools] hdf4-tools: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE Removed tag(s) moreinfo. > tags -1 + pending Bug #861303 [hdf4-tools] hdf4-tools: unhandled symlink to directory conversion:

Bug#861313: kernel BUG with kvm

Package: linux-image-3.16.0-4-amd64 Version: 3.16.43-1 Severity: serious Hi, upgrading to 3.16.43-1 led to a "kernel BUG" after kvm virtual machines started. Downgrading to 3.16.39-1+deb8u2 fixed the issue. The "BUG" lines in short (see attached file for full log): --- Apr 27 11:11:42 audria

Bug#861225: [Regression] Soft lockup in KVM/QEMU virtual machine

Hi Ben, > [Reply to all, not just to me] sorry, using my mobile phone email client I did not notice that. > You cut too much. Below my message is what I did cut (running the older, stable kernel). Might any of the packages unattendedly installed tonight have any influence on the "Soft lockup

Bug#848368: marked as done (llvm-toolchain-3.9: Please add ELF symbols versions to the libraries)

Your message dated Thu, 27 Apr 2017 09:36:28 + with message-id and subject line Bug#848368: fixed in llvm-toolchain-snapshot 1:5.0~svn301421-1 has caused the Debian Bug report #848368, regarding llvm-toolchain-3.9: Please add ELF symbols versions to the

Bug#849098: marked as done (llvm-toolchain-3.9: Please add ELF symbols versions to the libraries)

Your message dated Thu, 27 Apr 2017 09:36:28 + with message-id and subject line Bug#849098: fixed in llvm-toolchain-snapshot 1:5.0~svn301421-1 has caused the Debian Bug report #849098, regarding llvm-toolchain-3.9: Please add ELF symbols versions to the

Processed: closing 860657

Processing commands for cont...@bugs.debian.org: > close 860657 2017.00.00.4-1 Bug #860657 [src:cppad] cppad: FTBFS on i386: dh_auto_test: make -j64 check ARGS+=-j64 returned exit code 2 Marked as fixed in versions cppad/2017.00.00.4-1. Bug #860657 [src:cppad] cppad: FTBFS on i386: dh_auto_test:

Bug#860657: closing 860657

close 860657 2017.00.00.4-1 thanks test failure, apparently fixed upstream

Processed: Re: Bug#860648: gap-radiroot: FTBFS on i386: not enough memory during build on i386

Processing commands for cont...@bugs.debian.org: > severity 860648 normal Bug #860648 [src:gap-radiroot] gap-radiroot: FTBFS on i386: not enough memory during build on i386 Severity set to 'normal' from 'serious' > quit Stopping processing here. Please contact me if you need assistance. --

Bug#860648: gap-radiroot: FTBFS on i386: not enough memory during build on i386

severity 860648 normal quit On Wed, Apr 19, 2017 at 09:37:57AM +0200, Lucas Nussbaum wrote: > Source: gap-radiroot > Version: 2.7-2 > Severity: serious > Tags: stretch sid > User: debian...@lists.debian.org > Usertags: qa-ftbfs-20170418-i386 qa-ftbfs > Justification: FTBFS in stretch on i386 > >

Bug#860657: cppad: FTBFS on i386: dh_auto_test: make -j64 check ARGS+=-j64 returned exit code 2

I'm always happy to have someone else upload a fix, just go ahead and do it. But in this case, the latest upstream no longer manifests the problem. Since there was no fix to the div.cpp test case, I suspect it was an actual bug that the test case picked up and upstream fixed. But I have not

Bug#861308: freetype: CVE-2017-8287: out-of-bounds write via t1_builder_close_contour function

Source: freetype Version: 2.5.2-3 Severity: grave Tags: upstream security patch Justification: user security hole Hi, the following vulnerability was published for freetype. CVE-2017-8287[0]: | FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a | heap-based buffer overflow

Bug#861298: oggvideotools: FTBFS: can not open file for reading

On Thu, Apr 27, 2017 at 09:27:41AM +0200, Petter Reinholdtsen wrote: > [Chris Lamb] > > info: Copy Ogg Vorbis file using oggJoin. > > + «BUILDDIR»/obj-x86_64-linux-gnu/src/binaries/oggJoin out.ogv > > /usr/lib/python*/dist-packages/pygame/examples/data/house_lo.ogg > > FileRepository::open

Processed: Re: Bug#861303: hdf4-tools: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE

Processing control commands: > tags -1 moreinfo Bug #861303 [hdf4-tools] hdf4-tools: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE Added tag(s) moreinfo. -- 861303: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861303 Debian Bug Tracking System Contact

Bug#861303: hdf4-tools: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE

Control: tags -1 moreinfo Hi Andreas, libhdf4g is a transitional package, and has been for quite some time (several releases). It seems you want us to fix the package in lenny or squeeze to resolve this issue. That's not something that is likely to happen. I'm tempted to downgrade the severity

Bug#861306: fte-docs: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE

Package: fte-docs Version: 0.50.2b6-20110708-1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, an upgrade test with piuparts revealed that your package installs files over existing symlinks and possibly overwrites files owned by other packages. This usually means an old

Bug#861305: python-cairo-dbg: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE

Package: python-cairo-dbg Version: 1.8.8-2.1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, an upgrade test with piuparts revealed that your package installs files over existing symlinks and possibly overwrites files owned by other packages. This usually means an old

Bug#861303: hdf4-tools: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE

Package: hdf4-tools Version: 4.2.12-2 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, an upgrade test with piuparts revealed that your package installs files over existing symlinks and possibly overwrites files owned by other packages. This usually means an old version

Bug#859111: [Debian-med-packaging] Bug#859111: Bug#859111: ariba: FTBFS: FAIL: Test run_bowtie2 unsorted

tags 859111 pending thanks > bowtie2 2.3.1 introduced different default values for one of the > parameters [1], it might be likely that it's connected to that. I > have contacted upstream Upstream have added support for Bowtie2 2.3.1 [1] and I can confirm that the tests -- and hence the build --

Processed: Re: [Debian-med-packaging] Bug#859111: Bug#859111: ariba: FTBFS: FAIL: Test run_bowtie2 unsorted

Processing commands for cont...@bugs.debian.org: > tags 859111 pending Bug #859111 [src:ariba] ariba FTBFS with bowtie2 2.3.1-1 Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 859111: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859111

Bug#861295: ghostscript: CVE-2017-8291: shell injection

On Thu, Apr 27, 2017 at 07:03:05AM +0200, Salvatore Bonaccorso wrote: > Forwarded: https://bugs.ghostscript.com/show_bug.cgi?id=697808 FTR, the bug has been restricted in meanwhile, but did contain a reproducer to demonstrate the issue. Regards, Salvatore

Bug#861281: rnahybrid: FTBFS on armel

Hi Gianfranco, On Thu, Apr 27, 2017 at 07:23:20AM +, Gianfranco Costamagna wrote: > > rnahybrid FTBFS on armel: > > the warning above is somewhat important > (too many nested loops), and this usually relates badly with > high optimization levels > > gcc -DHAVE_CONFIG_H -I. -I..

Bug#861238: libc-bin: prompting due to modified conffiles which were not modified by the user: /etc/ld.so.conf

On 2017-04-26 14:18, Andreas Beckmann wrote: > Package: libc-bin > Version: 2.19-18+deb8u7 > Severity: serious > User: debian...@lists.debian.org > Usertags: piuparts > > Hi, > > during a test with piuparts I noticed your package failed the piuparts > upgrade test because dpkg detected a

Processed: found 860817 in 0.5.0-1, bug 860817 is forwarded to https://sourceforge.net/p/kedpm/bugs/6/

Processing commands for cont...@bugs.debian.org: > found 860817 0.5.0-1 Bug #860817 [src:kedpm] kedpm: Information leak via the command history file Marked as found in versions kedpm/0.5.0-1. > forwarded 860817 https://sourceforge.net/p/kedpm/bugs/6/ Bug #860817 [src:kedpm] kedpm: Information

Bug#861298: oggvideotools: FTBFS: can not open file for reading

[Chris Lamb] > info: Copy Ogg Vorbis file using oggJoin. > + «BUILDDIR»/obj-x86_64-linux-gnu/src/binaries/oggJoin out.ogv > /usr/lib/python*/dist-packages/pygame/examples/data/house_lo.ogg > FileRepository::open failed: No such file or directory > Warning: can not open file > > for

Bug#861281: rnahybrid: FTBFS on armel

Hello, > rnahybrid FTBFS on armel: > the warning above is somewhat important (too many nested loops), and this usually relates badly with high optimization levels gcc -DHAVE_CONFIG_H -I. -I.. -I/usr/include -Wdate-time -D_FORTIFY_SOURCE=2 -g -O0

Bug#861279: marked as done (/bin/dd: dd writes ISO image to non-existent device and after connected some programs don't detect it.)

Your message dated Thu, 27 Apr 2017 09:12:03 +0200 with message-id <6a625bf1-0523-a766-ae34-5efe436fa...@physik.fu-berlin.de> and subject line Re: /bin/dd: dd writes ISO image to non-existent device and after connected some programs don't detect it. has caused the Debian Bug report #861279,

Bug#861246: marked as done (hddemux: FTBFS: missing pkg-config; undefined references)

Your message dated Thu, 27 Apr 2017 06:48:44 + with message-id and subject line Bug#861246: fixed in hddemux 0.2-2 has caused the Debian Bug report #861246, regarding hddemux: FTBFS: missing pkg-config; undefined references to be marked as done. This

Bug#861298: oggvideotools: FTBFS: can not open file for reading

Source: oggvideotools Version: 0.9.1-3 Severity: serious Justification: fails to build from source User: reproducible-bui...@lists.alioth.debian.org Usertags: ftbfs X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org Dear Maintainer, oggvideotools fails to build from source in

Bug#861178: marked as done (nodejs-dev: broken/uninstallable backports)

Your message dated Thu, 27 Apr 2017 08:11:46 +0200 with message-id <99033363-cd31-4df9-3594-be0cac208...@debian.org> and subject line Re: nodejs-dev: broken/uninstallable backports has caused the Debian Bug report #861178, regarding nodejs-dev: broken/uninstallable backports to be marked as done.

Processed: severity of 861220 is grave

Processing commands for cont...@bugs.debian.org: > severity 861220 grave Bug #861220 [src:freetype] freetype: CVE-2017-8105 Severity set to 'grave' from 'important' > thanks Stopping processing here. Please contact me if you need assistance. -- 861220:

Bug#860657: cppad: FTBFS on i386: dh_auto_test: make -j64 check ARGS+=-j64 returned exit code 2

Hi Miles and Barak, I noticed that the FTBFS is caused by a single failure inside build time tests. Did you tried tracking this down? While I do not know this specific package and can't estimate myself in how far this test is important it could be that deactivating this test might be a sensible