Bug#893184: artemis FTBFS with openjdk-9

Hi, Am 13.08.2018 um 13:23 schrieb Andreas Tille: [...] > I tried hard to add junit4.jar to the classpath but my attempts failed. > It should be done in the latest quilt patch in test/build-test.xml but > I have no idea how to use it properly (I actually think all *.jar in > /usr/share/java are

Bug#893302: Bug #893302 in lwjgl marked as pending

Control: tag -1 pending Hello, Bug #893302 in lwjgl reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below, and you can check the diff of the fix at:

Bug#897885: wbar: ftbfs with GCC-8

On Tue, 17 Jul 2018 22:18:57 +0300 Juhani Numminen wrote: [...] > Ah, it is the lovely -Werror. > > It seems that gcc-8 build succeeds when I add this line in debian/rules: > > export DEB_CXXFLAGS_MAINT_APPEND = -Wno-error I think this is sensible here. I will update the package as soon as

Bug#903916: undertow: Keep it out of Buster

Source: undertow Version: 1.4.25-1 Severity: serious I am filing this bug report to prevent the migration of undertow to testing and subsequently being part of the next stable release Debian 10, "Buster". This was also briefly discussed with the Security Team. Reasons: - Undertow is regularly

Bug#893312: Bug #893312 in lombok marked as pending

Control: tag -1 pending Hello, Bug #893312 in lombok reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below, and you can check the diff of the fix at:

Bug#897533: Bug #897533 in sunflow marked as pending

Control: tag -1 pending Hello, Bug #897533 in sunflow reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below, and you can check the diff of the fix at:

Bug#902774: jetty9: CVE-2017-7656 CVE-2017-7657 CVE-2017-7658 CVE-2018-12536 CVE-2018-12538

Package: jetty9 X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerabilities were published for jetty9. CVE-2017-7656[0]: | In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all | configurations), and 9.4.x (non-default configuration with RFC2616 |

Bug#897494: ditaa: FTBFS: src/org/stathissideris/ascii2image/core/JavadocTaglet.java:26: error: package com.sun.tools.doclets does not exist

+0200 @@ -1,3 +1,11 @@ +ditaa (0.10+ds1-1.2) unstable; urgency=medium + + * Non-maintainer upload. + * Work around the FTBFS with Java 10 by removing the JavadocTaglet class. +(Closes: #897494) + + -- Markus Koschany Wed, 13 Jun 2018 23:03:10 +0200 + ditaa (0.10+ds1-1.1) unstable; urgency

Bug#894045: libvncserver: CVE-2018-7225

Hi Salvatore, Am 08.06.2018 um 22:38 schrieb Salvatore Bonaccorso: > Hi Markus, > > On Tue, Jun 05, 2018 at 02:52:58PM +0200, Markus Koschany wrote: >> Control: tags -1 patch >> >> Dear maintainer, >> >> I've prepared a patch fixing CVE-2018-7225.

Bug#891957: netbeans "loading module" modules.netbinox NullPointerException

Control: reopen -1 It seems there is another issue with libequinox-osgi-java. Building Netbeans from source works again but I still get the NullPointerException. signature.asc Description: OpenPGP digital signature

Bug#248496: raise priority

Control: severity -1 normal Control: tags -1 moreinfo On Sat, 2 Jun 2018 12:18:22 +0200 Salvo Tomaselli wrote: > severity 248496 grave > thanks > > Raising priority, since the game does not run at all and the package > seems completely abandoned. > > If I'm right, the package will eventually

Bug#900598: [desmume] Include non free file

Control: severity -1 normal Control: retitle -1 desmume: clarify ConvertUTF license header Am 01.06.2018 um 22:25 schrieb Bastien ROUCARIES: > On Fri, Jun 1, 2018 at 10:21 PM, Markus Koschany wrote: >> >> Am 01.06.2018 um 22:16 schrieb Bastien ROUCARIES: >> [...] >>&

Bug#900598: [desmume] Include non free file

Am 01.06.2018 um 22:16 schrieb Bastien ROUCARIES: [...] > No it is not a lintian bug. Unicode withdraw this code before applying > the license change. > > Exhibit 1 does not apply in this case. > >> >> http://www.unicode.org/copyright.html#Exhibit1 >> >> Also see https://bugs.debian.org/864729

Bug#900598: [desmume] Include non free file

Hi, Am 01.06.2018 um 21:58 schrieb Bastien ROUCARIÈS: > Package: desmume > Severity: serious > > The following file source files include material under a non-free license > from > Unicode Inc. Therefore, it is not possible to ship this in main or contrib. > > src/utils/ConvertUTF.c > > This

Bug#681726: Eclipse is 6 Years Behind in Debian

Hello, Am 25.05.2018 um 21:50 schrieb Josh Blagden: > Hi folks, > >     I just wanted to make the observation that Debian has had the same > version of Eclipse for the last six years. When can we expect to see a > new version to the Debian repository? Maybe when a solar and lunar eclipse happen

Bug#899332: CVE-2018-8012: Apache ZooKeeper Quorum Peer mutual authentication

Package: zookeeper X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Fixed: 3.4.10-1 Hi, The following vulnerability was published for zookeeper. CVE-2018-8012[0]: | No authentication/authorization is enforced when a server attempts to | join a quorum in Apache ZooKeeper

Bug#898483: PHYSFS_setWriteDir creates an empty file

Control: reassign 898483 libphysfs Control: retitle 898484 physfs: setWriteDir creates an empty file Control: found 898484 3.0.1-1 Hi, Am 17.05.2018 um 06:43 schrieb Ryan C. Gordon: > > Upstream patch is here: > > https://hg.icculus.org/icculus/physfs/rev/a29fef4a20fd > > I have one other

Bug#897542: raincat: FTBFS: Could not find module `Item.Items'

Control: tags -1 pending I still can't upgrade to the new SDL2 version of raincat because haskell-mixer-sdl2 and haskell-image-sdl2 or similar packages are currently not available in Debian. However the fix seems to be trivial. The import statement is wrong and should be Items.Items instead of

Bug#891956: Your mail

Am 14.05.2018 um 22:21 schrieb Rafi Rubin: > The dependencies for 3.8.1-11 end up requiring libequinox-osgi-java >= > 3.9.1 (through eclipse-rcp), which doesn't have > /usr/lib/eclipse/plugins/org.eclipse.osgi_3.8.1.dist.jar > > > Going back to stable, 3.8.1-10 for the eclipse packages at least

Bug#898483: PHYSFS_setWriteDir creates an empty file

Hello Patrick, Am 12.05.2018 um 16:19 schrieb James Cowgill: [...] > I think this is a bug in libphysfs 3.0.1. It seems that in this version > (unlike 2.0.3), PHYSFS_setWriteDir has the side effect of creating an > empty file if the path it is given does not exist. This will later cause >

Bug#898483: failed creating configuration directroy: unsupported

Control: tags -1 confirmed Am 12.05.2018 um 15:06 schrieb Lumin: > Package: lincity-ng > Version: 2.9~git20150314-3 > Severity: serious > > Dear lincity-ng maintainer, > > When there is no ~/.lincity-ng directory under user's home, lincity-ng > will fail on start. > > ~ ❯❯❯ lincity-ng >

Bug#897542: raincat: FTBFS: Could not find module `Item.Items'

I have pushed an update of raincat to https://salsa.debian.org/games-team/raincat I believe the new upstream release will address this issue but even if not it should be doable to fix this. I'm currently waiting for haskell-sdl2 which is in the NEW queue. Markus signature.asc Description:

Bug#898086: libequinox-osgi-java: Does not install symlinks into /usr/lib/eclipse/plugins

Control: reassign -1 src:eclipse Control: retitle: Missing symlink of org.eclipse.osgi jar Hello, thank you for the bug report. The symlink must be created in the eclipse package though. Regards, Markus signature.asc Description: OpenPGP digital signature

Bug#895778: jruby: Several security vulnerabilities

SS vulnerability in homepage attribute +when displayed via gem server. + * Fix CVE-2018-179: Directory Traversal vulnerability in gem installation +that can result in writing to arbitrary filesystem locations during +installation of malicious gems. + (Closes: #895778) + + -- Markus Kos

Bug#893302: lwjgl FTBFS with openjdk-9

Am 25.04.2018 um 03:09 schrieb Michael Gilbert: > On Mon, Apr 23, 2018 at 4:57 PM, Markus Koschany wrote: >> lwjgl 2.9.3 is a legacy release from 2015. It is the last version of the >> 2.x series and no longer supported. Upstream moved to lwjgl 3. If nobody >> can fix th

Bug#885264: childsplay: Depends on unmaintained pygtk

Control: forwarded -1 https://savannah.nongnu.org/bugs/index.php?53734 signature.asc Description: OpenPGP digital signature

Bug#893302: lwjgl FTBFS with openjdk-9

. Upstream moved to lwjgl 3. If nobody can fix this we should consider to remove lwjgl because the new version 3 would require new Kotlin build dependencies and more. Markus From: Markus Koschany <a...@debian.org> Date: Mon, 23 Apr 2018 22:30:13 +0200 Subject: java9 --- src/java/org/lwjg

Bug#896604: lucene-solr: CVE-2018-1308 XXE in DataImportHandler

Package: lucene-solr X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerability was published for lucene-solr. CVE-2018-1308[0]: | This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 | relates to an XML external entity expansion (XXE) in

Bug#896128: glusterfs: CVE-2018-1088 privilege escalation flaw

Package: glusterfs X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerability was published for glusterfs. CVE-2018-1088[0]: | A privilege escalation flaw was found in gluster 3.x snapshot | scheduler. Any gluster client allowed to mount gluster

Bug#889530: acm FTBFS with gdbm 1.14.1-2

buildflag variable CFLAGS instead of +DEBCFLAGS. This will also ensure that the -dbgsym package is created +correctly. + * Fix error "format-not-a-string-literal". + + -- Markus Koschany <a...@debian.org> Wed, 18 Apr 2018 03:18:08 +0200 + acm (5.0-29.1) unstable; urgency=m

Bug#893312: lombok FTBFS with openjdk-9

I've fixed the original errors in Javac.java but there are more later on due to our friend OpenPain 9. I had no choice but to upgrade to a newer lombok version. Now I'm stuck because ecj can't be found. Markus signature.asc Description: OpenPGP digital signature

Bug#895920: ecj: only a virtual package and not installable

Source: ecj Version: 3.13.2-2 Severity: serious while I was having some fun with lombok, I discovered that ecj is just a virtual package and not installable. I don't think that's intended. Markus

Bug#875547: animals: can't be played as non root user

ian/rules that prevented the use of +correct file permissions and thus made the game unusable. +Thanks to Aaron Howell for the report. (Closes: #875547) + + -- Markus Koschany <a...@debian.org> Mon, 16 Apr 2018 19:21:27 +0200 + animals (201207131226-2) unstable; urgency=medium * Swi

Bug#895778: jruby: Several security vulnerabilities

I intend to work on the patches for Jessie and Stretch. Unstable could be a bit more complicated due to the FTBFS with OpenJDK 9. Markus signature.asc Description: OpenPGP digital signature

Bug#895778: jruby: Several security vulnerabilities

Package: jruby X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerabilities were published for jruby. Apparently rubygems is embedded into jruby which makes it vulnerable to. CVE-2018-179[0]: | RubyGems version Ruby 2.2 series: 2.2.9 and earlier,

Bug#893129: dita-ot FTBFS with openjdk-9

-08-29 08:18:47.0 +0200 +++ dita-ot-1.5.3/debian/changelog 2018-04-14 00:56:09.0 +0200 @@ -1,3 +1,10 @@ +dita-ot (1.5.3-2.1) unstable; urgency=medium + + * Non-maintainer upload. + * Add encoding.patch and fix FTBFS with Java 9. (Closes: #893129) + + -- Markus Koschany

Bug#893411: sat4j FTBFS with openjdk-9

-11-04 23:10:51.0 +0100 +++ sat4j-2.3.5/debian/changelog2018-04-13 18:54:47.0 +0200 @@ -1,3 +1,10 @@ +sat4j (2.3.5-0.3) unstable; urgency=medium + + * Non-maintainer upload. + * Add encoding.patch and fix FTBFS with Java 9. (Closes: #893411) + + -- Markus Koschany

Bug#893252: libjdbm-java FTBFS with openjdk-9

This package has no reverse-dependencies. It has been in "maintenance mode" upstream since 2012. https://sourceforge.net/projects/jdbm/ https://github.com/jankotek/JDBM3 The author then worked on JDBM4 https://github.com/jankotek/JDBM4 which became mapdb https://github.com/jankotek/mapdb

Bug#893240: libhibernate3-java FTBFS with openjdk-9

Control: tags -1 confirmed I had a look at this package. Despite the fact that we use the magic --ignore-source-errors option we get a ClassCastException from OpenJDK 9. I wonder if this is rather a bug in OpenJDK 9 than in libhibernate3-java. Markus signature.asc Description: OpenPGP digital

Bug#894330: apktool FTBFS with openjdk-9

Control: reassign -1 src:proguard Hi, this is a proguard bug. Version 5.3.3-1 works for me but 6.0.1-1 fails. The reason is that the gradle.ProguardTask class is not included in proguard-base.jar. The gradle/build.sh script requires the existence of Gradle, fails to detect it because proguard

Bug#893561: libtablelayout-java: license does not seem to meet the DFSG

Am 28.03.2018 um 23:34 schrieb Francesco Poli: > On Sat, 24 Mar 2018 15:22:12 +0100 Markus Koschany wrote: > >> Am 24.03.2018 um 00:17 schrieb Francesco Poli: > [...] >>> Was the debian-legal discussion pointed out to the FTP Masters? >>> Did they explain th

Bug#893359: marked as done (jboss-xnio FTBFS with openjdk-9)

Am 28.03.2018 um 22:35 schrieb Emmanuel Bourg: > Le 28/03/2018 à 22:29, Markus Koschany a écrit : > >> I'm just wondering, we never had 3.0.0-3 of maven-bundle-plugin in >> Debian. How did it get fixed and what does maven-bundle-plugin do now to >> make those Java modul

Bug#893359: marked as done (jboss-xnio FTBFS with openjdk-9)

Hi, I'm just wondering, we never had 3.0.0-3 of maven-bundle-plugin in Debian. How did it get fixed and what does maven-bundle-plugin do now to make those Java modules accessible? I thought this was an issue of the application build system and not a general tool chain problem. Just asking because

Bug#893382: closed by Markus Koschany <a...@debian.org> (Re: osgi-foundation-ee FTBFS with openjdk-9)

Am 28.03.2018 um 15:13 schrieb Adrian Bunk: > Control: reopen -1 > >> Date: Wed, 28 Mar 2018 14:19:30 +0200 >> From: Markus Koschany <a...@debian.org> >> To: 893382-d...@bugs.debian.org >> Subject: Re: osgi-foundation-ee FTBFS with openjdk-9 >> >&

Bug#893247: Intend to take over libjbzip2-java and libnanoxml2-java into Debian Med team

Am 26.03.2018 um 07:55 schrieb Andreas Tille: > On Sun, Mar 25, 2018 at 11:56:18PM +0200, Emmanuel Bourg wrote: >> Le 25/03/2018 à 19:55, tony mancill a écrit : [...] >>> (b) relaxing the default pkg-java permissions to be like those of the >>> Debian Perl Team and allow all DDs by default >>

Bug#893359: jboss-xnio FTBFS with openjdk-9

I could solve one part of the build issues with Java 9 but I am stuck with "/build/jboss-xnio-3.6.2/api/src/main/java/java/nio/channels/FileChannel.java:[19,1] package exists in another module: java.base " I have read about the new --patch-modules option but I am not sure if this is the right

Bug#873227: Please upgrade to 4.1: Java 9 support

Hi tony, Am 25.03.2018 um 06:26 schrieb tony mancill: [...] > I'm going to upload to experimental momentarily and ask others on the > Java Team if there any concern about uploading Gradle 3.4 to unstable. Let's do it. I remember there were two failing packages with Gradle 3.4 but BND might be

Bug#893561: libtablelayout-java: license does not seem to meet the DFSG

Am 24.03.2018 um 00:17 schrieb Francesco Poli: > On Thu, 22 Mar 2018 18:30:53 +0100 Markus Koschany wrote: > >> Am 19.03.2018 um 22:28 schrieb Francesco Poli (wintermute): > [...] >>> I noticed that the license was >>> [discussed](https://lists.debian.org/d

Bug#893098: axis FTBFS with openjdk-9

Am 20.03.2018 um 23:13 schrieb Emmanuel Bourg: > I got a quick look, the source encoding is easily fixed and the > org.apache.axis.enum was long deprecated and can be removed. But there > is more than that. Axis implements interfaces from javax.xml.soap that > were upgraded in Java 9, so Axis

Bug#893236: activemq FTBFS with openjdk-9

clone 893236 -1 reassign -1 src:openjdk-9 retitle -1 openjdk9: NullPointerException when building MethodSubHeader forwarded -1 https://bugs.openjdk.java.net/browse/JDK-8199307 thanks The NullPointerException looks like an OpenJDK bug to me. This was already reported upstream. The doclint feature

Bug#893454: libjloda-java: FTBFS with java 9

Am 19.03.2018 um 09:30 schrieb Andreas Tille: > package com.sun.istack.internal is not visible With OpenJDK 9 com.sun.* API is no longer accessible unless you explicitly tell the compiler to export the module which provides said functionality. I presume passing --add-exports

Bug#893298: libsbml FTBFS with openjdk-9

Hello Andreas, Am 18.03.2018 um 09:30 schrieb Andreas Tille: > Control: tags -1 help > > On Sat, Mar 17, 2018 at 10:07:50PM +0200, Adrian Bunk wrote: >> ... >> CMake Error at docs/CMakeLists.txt:212 (message): >> Cannot generate java documentation, please specify the Java_JAVADOC_JAR. > > I

Bug#893248: libjchart2d-java FTBFS with openjdk-9

On Sat, 17 Mar 2018 16:23:26 +0200 Adrian Bunk wrote: > Source: libjchart2d-java > Version: 3.2.2+dfsg2-1 > Severity: serious > > https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/libjchart2d-java.html > > ... > BUILD FAILED >

Bug#887785: javacc-maven-plugin, javacc, and the jtb update

Koschany <a...@debian.org> Sun, 04 Mar 2018 16:22:40 +0100 + jtb (1.4.12-1) unstable; urgency=medium [ Markus Koschany ] diff -Nru jtb-1.4.12/debian/jtb.poms jtb-1.4.12/debian/jtb.poms --- jtb-1.4.12/debian/jtb.poms 2018-01-07 19:46:40.0 +0100 +++ jtb-1.4.12/debian/jtb.poms 2018

Bug#887785: javacc-maven-plugin, javacc, and the jtb update

reassign -1 src:jtb On Fri, 2 Mar 2018 12:54:36 +0100 Markus Koschany <a...@debian.org> wrote: > Hi, > > Am 02.03.2018 um 06:33 schrieb Tiago Daitx: > > Hi, > > > > A simple relocation in jtb fixed the FTBFS - tested for surefire, > > javacc-maven-p

Bug#891928: CVE-2018-1048: ALLOW_ENCODED_SLASH option not taken into account in the AjpRequestParser

Link to patch: https://github.com/undertow-io/undertow/commit/1bc0c275aadf5835abfbd3835d5d78095c2f1cf5 signature.asc Description: OpenPGP digital signature

Bug#891957: netbeans no starting "loading module" modules.netbinox NullPointerException

Control: severity -1 grave Control: block -1 by 882525 Am 03.03.2018 um 05:30 schrieb Gustavo Castro: > Package: netbeans > Version: 8.1+dfsg3-4 > Severity: critical > Justification: breaks unrelated software > Tags: a11y It does not really break unrelated software but thanks for reporting. I

Bug#880886: maven-bundle-plugin FTBFS with libmaven-dependency-tree-java

Am 03.03.2018 um 11:32 schrieb 殷啟聰 | Kai-Chung Yan: > I propose to bring back Maven Dependency Tree 2.x as a new package that > coexists with its latest version. > > Even in the latest (3.5.0) version, Maven Bundle Plugin still uses those > deprecated APIs in Maven Dependency Tree 2.x. These

Bug#891929: CVE-2018-1047: information disclosure of arbitrary local files

Control: severity -1 important I am no longer sure undertow is affected. The issue is marked resolved upstream and one of the fixing commits https://github.com/wildfly/wildfly/pull/10748/files indicates the bug was in WildFly's undertow extension but not in Undertow itself. I keep this bug

Bug#891929: CVE-2018-1047: information disclosure of arbitrary local files

Source: undertow Version: 1.4.8-1+deb9u1 Severity: grave Tags: security Forwarded: https://issues.jboss.org/browse/WFLY-9620 A flaw was found in Wildfly 9.x. A path traversal vulnerability through the org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource method could lead

Bug#891928: CVE-2018-1048: ALLOW_ENCODED_SLASH option not taken into account in the AjpRequestParser

Source: undertow Version: 1.4.8-1+deb9u1 Severity: grave Tags: security Forwarded: https://issues.jboss.org/browse/UNDERTOW-1245 It was found that the AJP connector in undertow, as shipped in Jboss EAP 7.1.0.GA, does not use the ALLOW_ENCODED_SLASH option and thus allow the the slash / anti-slash

Bug#887785: javacc-maven-plugin, javacc, and the jtb update

Hi, Am 02.03.2018 um 06:33 schrieb Tiago Daitx: > Hi, > > A simple relocation in jtb fixed the FTBFS - tested for surefire, > javacc-maven-plugin, hawtbuf, avro-java, and activemq-protobuf. Thank you very much for the investigation. I can NMU the package if Ludovico is currently to busy.

Bug#856086: Bug#885037: monster-masher: Please don't (Build-)Depend on gconfmm2.6

Am 28.02.2018 um 04:52 schrieb Jeremy Bicha: > monster-masher is one of the last two packages in Debian unstable > depending on esound. (And even if that were fixed, monster-masher > depends on several other GNOME2 libraries that are being removed.) > > monster-masher has been unmaintained

Bug#885735: gamazons: Raising severity for libgnome dependencies

FTR: I don't intend to port this game to Gnome 3 and there is no upstream activity at the moment. If nobody steps up to fix this issue I will request the removal of gamazons before Buster freezes. Markus signature.asc Description: OpenPGP digital signature

Bug#888316: jackson-databind: CVE-2018-5968

Am 11.02.2018 um 08:42 schrieb Sébastien Delafond: [...] > Hi Markus, > > thanks a lot for patches. I've reviewed them, and your approach is > sound: please upload. > > Cheers, > > --Seb Hi Seb, thanks for the review. I've just uploaded both packages. Cheers, Markus signature.asc

Bug#890001: libspring-java: CVE-2018-1199 Security bypass with static resources

Package: libspring-java X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, the following vulnerability was published for libspring-java. I intend to fix this in sid/buster by uploading 4.3.14. CVE-2018-1199[0]: Security bypass with static resources If you fix the

Bug#880888: maven-enforcer FTBFS with libmaven-dependency-tree-java 3.0.1-1

So apparently in libmaven-dependency-tree-java 3.0.1-1 the devs decided to rename the word tree to graph...There were some other issues though and I was not sure how to proceed. I had a look at the Fedora package and they patched maven-enforcer to work with Maven 3 but they also added a dependency

Bug#681726: Time to remove eclipse from Testing?

On Wed, 15 Nov 2017 18:01:07 +0200 Adrian Bunk wrote: [...] > I tried to sort out what I could find as required for getting the > ancient eclipse out of testing in [1]: > > 1. src:bnd > You fixed that already. > > 2. batik -> maven -> guice -> libspring-java -> aspectj ->

Bug#871142: eclipse: FTBFS: /<>/build.xml:413: Could not find suitable system JAR for org.apache.commons.httpclient_3.1.0.v201012070820.jar. Tried: /usr/share/java/commons-httpclient.jar

Am 01.02.2018 um 23:29 schrieb Emmanuel Bourg: > Le 01/02/2018 à 23:02, Markus Koschany a écrit : > >> This issue was caused by commons-httpclient due to the switch from Ant >> to Maven in version 3.1-13. The OSGi metadata is currently missing in >> the Manifest file

Bug#871142: eclipse: FTBFS: /<>/build.xml:413: Could not find suitable system JAR for org.apache.commons.httpclient_3.1.0.v201012070820.jar. Tried: /usr/share/java/commons-httpclient.jar

Control: reassign -1 commons-httpclient Control: retitle -1 Missing OSGi metadata breaks Eclipse Control: tags -1 pending Control: affects -1 src:eclipse On Sun, 6 Aug 2017 17:55:36 -0400 Lucas Nussbaum wrote: > Source: eclipse > Version: 3.8.1-10 > Severity: serious > Tags:

Bug#888316: jackson-databind: CVE-2018-5968

Hi folks, Am 25.01.2018 um 15:23 schrieb Salvatore Bonaccorso: > Hi Markus, > > On Thu, Jan 25, 2018 at 02:40:10PM +0100, Markus Koschany wrote: >> Hi, >> >> On Wed, 24 Jan 2018 23:02:44 +0100 Salvatore Bonaccorso >> <car...@debian.org> wrote: >>&g

Bug#888316: jackson-databind: CVE-2018-5968

Hi, On Wed, 24 Jan 2018 23:02:44 +0100 Salvatore Bonaccorso wrote: > Source: jackson-databind > Version: 2.9.1-1 > Severity: grave > Tags: patch security upstream > Forwarded: https://github.com/FasterXML/jackson-databind/issues/1899 > Control: found -1 2.8.6-1+deb9u2 >

Bug#885749: I plan to ask for removal of gnomekiss from the achive

Am 10.01.2018 um 22:30 schrieb Juhani Numminen: > Hi, > > Markus Koschany kirjoitti 10.01.2018 klo 18:46: > >> there are even more candidates. I don't intend to port them to Gnome 3 >> and will eventually request their removal from Debian. There is still >> time un

Bug#886394: java.lang.ClassNotFoundException: javafx.scene.layout.HBox

Control: severity -1 important Am 05.01.2018 um 11:55 schrieb Ludovic CHEVALIER: > Package: pdfsam > Version: 3.3.5-1 > Severity: grave > Justification: renders package unusable > > Dear Maintainer, > > I can't launch pdfsam. Here is the traceback: > > Exception in thread "main"

Bug#885401: openmw uninstallable

Hi, I suggest to continue the conversation in private. You can contact me for future uploads directly. Should I be unresponsive, please ask for sponsorship on the debian-games mailing list and someone will hopefully help you. Have you considered to become a Debian maintainer? Am 28.12.2017 um

Bug#885401: openmw uninstallable

On Thu, 28 Dec 2017 12:47:01 +0100 bret curtis wrote: > Hello Bret, > > There are two things going on here. One is that libopenscenegraph > needs to be rebuilt since that specific (version) gdal package (so > many dependencies down) is no longer available. Look at the apt >

Bug#885037: monster-masher: Please don't (Build-)Depend on gconfmm2.6

Am 23.12.2017 um 04:32 schrieb Jeremy Bicha: > Source: monster-masher > Version: 1.8.1-7 > Severity: serious > User: pkg-gnome-maintain...@lists.alioth.debian.org > Usertags: oldlibs gconf gconfmm > Tags: sid buster > X-Debbugs-CC: vch...@debian.org > > monster-masher Build-Depends and Depends on

Bug#884241: bouncycastle: CVE-2017-13098

Control: owner -1 ! I'm working on a fix right now. Markus signature.asc Description: OpenPGP digital signature

Bug#877941: igv: FTBFS: SVGTest.java:111: error: cannot access Localizable

Am 05.12.2017 um 19:13 schrieb Andreas Tille: > On Tue, Dec 05, 2017 at 07:05:23PM +0100, Emmanuel Bourg wrote: >> Le 05/12/2017 à 18:48, Andreas Tille a écrit : >> >>> So either I'm doing this CLASSPATH definition wrong or it does not help. >> >> I think you have to use "export CLASSPATH" in

Bug#883387: libjaxb-java 2.3.0-3 causes FTBFS in eclipselink

Control: reassign -1 src:eclipselink I am going to fix this bug in eclipselink. It is still not clear to me why absolute classpaths don't work for eclipselink but there is a solution, so no need to keep the package in this FTBFS state. Markus signature.asc Description: OpenPGP digital

Bug#831094: attal: FTBFS with GCC 6: cmath:568:33: error: 'FP_NAN' was not declared in this scope

Am 01.12.2017 um 13:49 schrieb Juhani Numminen: > Control: tags -1 patch > > Hello! > > I made attal to build again by removing "#undef __USE_ISOC99", so I'm > adding the patch tag. > > However, as I don't know why those undefs were added in the first place, > so this change might be breaking

Bug#882181: mockito: FTBFS - java.lang.UnsupportedOperationException: Cannot nest operations in the same thread

Control: reassign -1 src:gradle Control: found -1 3.2.1-5 Control: fixed -1 3.4.1-2 Hi, I'm going to reassign this bug to gradle because the issue is really in gradle 3.2.1. It is fixed in 3.4.1-2 in experimental. Mockito will build from source again as soon as gradle 3.4.1 is uploaded to

Bug#883387: libjaxb-java 2.3.0-3 causes FTBFS in eclipselink

Am 03.12.2017 um 13:29 schrieb Adrian Bunk: > Package: libjaxb-java > Version: 2.3.0-3 > Severity: serious > Control: affects -1 src:eclipselink Hi, Thanks for reporting. I had a look at this but I can't find the mistake in libjaxb-java. The difference between 2.3.0-2 and 2.3.0-3 is that we use

Bug#882525: netbeans FTBFS with jaxb 2.3.0

Control: reassign -1 src:jaxb Control: found -1 2.3.0-1 Control: forwarded -1 https://github.com/javaee/jaxb-v2/issues/1144 Control: affects -1 src:netbeans I'm going to reassign this bug to jaxb because there are currently two issues with this package. The jar files on the classpath used

Bug#882181: mockito: FTBFS - java.lang.UnsupportedOperationException: Cannot nest operations in the same thread

Control: tags -1 confirmed Am 20.11.2017 um 00:27 schrieb Gilles Filippini: > Source: mockito > Version: 1.10.19-2 > Severity: serious > Justification: FTBFS > > Hi, > > While testing a build of mockito against a new json-simple releae I've > experienced a FTBFS which is reproducible when

Bug#881589: d2x-rebirth: FTBFS: include/physfsrwops.h:47:1: error: unknown type name '__EXPORT__'

Control: tags -1 patch Hi, I had to fix the same issue in asc. https://anonscm.debian.org/git/pkg-games/asc.git/tree/debian/patches/libphysfs-3.0.1.patch Regards, Markus signature.asc Description: OpenPGP digital signature

Bug#681726: Time to remove eclipse from Testing?

Am 09.11.2017 um 21:34 schrieb Jeremy Bicha: [...] > Have you considered dropping the libswt-webkit-gtk-3-jni dependency > from eclipse-rcp? Then the swt-gtk source package could stop building > libswt-webkit-gtk-3-jni and we could complete the webkitgtk removal > from Debian Testing. > > Thanks,

Bug#881162: tomcat7: Server reports 404 on any request, even /

Hello, updated packages for testing are available at: https://people.debian.org/~roberto/ Any feedback is appreciated. Roberto's analysis of the problem can be found at: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881162#41 Thanks Markus signature.asc Description: OpenPGP digital

Bug#881162: tomcat7: Server reports 404 on any request, even /

Thank you for the report. There was a recent security update of Tomcat 7 which is the likely cause for this issue. Roberto can you take a look please? Regards, Markus signature.asc Description: OpenPGP digital signature

Bug#879001: Bug#879002: Patch for CVE-2017-12197

On Fri, 3 Nov 2017 21:48:21 +0100 Salvatore Bonaccorso wrote: [...] > It's likely that Red Hat just used the approeach as > https://github.com/letonez/libpam4j/commit/84f32f4001fc6bdcc125ccc959081de022d18b6d > and referenced from https://github.com/kohsuke/libpam4j/issues/18 .

Bug#879001: Bug#879002: Patch for CVE-2017-12197

Am 03.11.2017 um 21:48 schrieb Salvatore Bonaccorso: [...] > It's likely that Red Hat just used the approeach as > https://github.com/letonez/libpam4j/commit/84f32f4001fc6bdcc125ccc959081de022d18b6d > and referenced from https://github.com/kohsuke/libpam4j/issues/18 . > > The issue arises because

Bug#879001: Bug#879002: Should the package be removed?

On Wed, 18 Oct 2017 13:29:19 +0200 Emmanuel Bourg wrote: > Upstream has moved to GitHub [1] and the last update was released in > 2014 but the security issue is still not fixed [2]. > > This was a dependency of Jenkins which is now gone. There is a slim > chance that this

Bug#880116: CVE-2017-15953 / CVE-2017-15954 / CVE-2017-15955

-2017-15953, CVE-2017-15954 and CVE-2017-15955. +bchunk was vulnerable to a heap-based buffer overflow with an resultant +invalid free when processing a malformed CUE (.cue) file that may lead to +the execution of arbitrary code or a application crash. + + -- Markus Koschany <a...@debian.

Bug#681726: Time to remove eclipse from Testing?

Am 01.11.2017 um 22:04 schrieb Adrian Bunk: > On Wed, Nov 01, 2017 at 09:23:32PM +0100, Markus Koschany wrote: >> Am 01.11.2017 um 20:47 schrieb Jeremy Bicha: >>> On Fri, Oct 20, 2017 at 6:24 PM, Emmanuel Bourg <ebo...@apache.org> wrote: >>>> Le 20/1

Bug#681726: Time to remove eclipse from Testing?

Am 01.11.2017 um 20:47 schrieb Jeremy Bicha: > On Fri, Oct 20, 2017 at 6:24 PM, Emmanuel Bourg wrote: >> Le 20/10/2017 à 23:52, Jeremy Bicha a écrit : >> >>> Never mind. I tried doing the dak queries and I eventually got more >>> than 500 reverse-depends before I gave up.

Bug#877225: jblas FTBFS with multiarch libatlas-base-dev

Control: owner -1 ! I am working on this bug and jblas and I intend to package the latest upstream release. signature.asc Description: OpenPGP digital signature

Bug#681726: Time to remove eclipse from Testing?

Am 21.10.2017 um 00:24 schrieb Emmanuel Bourg: > Le 20/10/2017 à 23:52, Jeremy Bicha a écrit : > >> Never mind. I tried doing the dak queries and I eventually got more >> than 500 reverse-depends before I gave up. (Attached) > > Funny, I never realized that src:eclipse was basically holding most

Bug#879123: glee: source for configure is missing

Am 20.10.2017 um 15:26 schrieb Simon McVittie: > On Fri, 20 Oct 2017 at 14:36:06 +0200, Markus Koschany wrote: >> If you insist on severity >> serious for such a problem, then bug reports with the same severity >> should be filed against packages >> >> a) that d

Bug#879123: glee: source for configure is missing

Am 20.10.2017 um 06:42 schrieb Helmut Grohne: > On Thu, Oct 19, 2017 at 10:52:41PM +0200, Markus Koschany wrote: >> I am quoting: >> >> https://sources.debian.net/src/glee/5.4.0-2/configure/ >> >> The license is very liberal. You can argue that it should be

Bug#879123: glee: source for configure is missing

Am 19.10.2017 um 22:34 schrieb Adrian Bunk: > On Thu, Oct 19, 2017 at 08:23:24PM +0200, Markus Koschany wrote: >> ... >> In my opinion the configure script of glee is DFSG-compliant and >> suitable for main. The license states: >> >> # Copyright (C) 2

<    1   2   3   4   5   6   7   8   9   10   >