Bug#1034875: kitty: Should not handle application/x-sh mime type by executing the script

Package: kitty Version: 0.26.5-4 Severity: serious Tags: security X-Debbugs-Cc: Debian Security Team Hello, I was reading https://lists.debian.org/20230425190728.ga1471...@subdivi.de in mutt and that mail contains 3 shell scripts as attachments (application/x-sh). I wanted to have a look at the

Bug#1020056:

Hello, Le jeudi 13 octobre 2022, Thomas Braun a écrit : > so I think it should be as easy as adding cppzmq-dev to the build > dependencies. > > $diff -Nur control control.new > --- control 2022-10-13 16:19:07.384578078 +0200 > +++ control.new 2022-10-13 16:19:03.972578004 +0200 > @@ -7,6

Bug#1016090: python-django breaks lots of autopkgtests

Hi, On Mon, 01 Aug 2022, Chris Lamb wrote: > Regardless of that though, I think we have two options: > > a) Revert back to the 3.2.14 LTS version in Debian unstable. > > b) Wait for the 4.x stream to become designated LTS. I believe this >should happen with version 4.2, due for release in

Bug#1016090: python-django breaks lots of autopkgtests

On Tue, 26 Jul 2022, Paul Gevers wrote: > Source: python-django > Control: found -1 python-django/2:4.0.6-1 I'm surprised that we uploaded an non-LTS release to unstable. Chris, why did you do that? > I note that the changelog has this: > "This security release mitigates the issue, but we have

Bug#1013493: python-django-jsonfield: FTBFS: ImportError: cannot import name 'ugettext_lazy' from 'django.utils.translation' (/usr/lib/python3/dist-packages/django/utils/translation/__init__.py)

Hello, On Fri, 24 Jun 2022, Lucas Nussbaum wrote: > During a rebuild of all packages in sid, your package failed to build > on amd64. Thanks but I will not fix this bug. Intsead I have asked to remove this package from unstable since it has been superseded by a native field provided by Django:

Bug#1015174: lvm2-udeb: uninstallable, depends on non-udeb libsystemd0

Control: tags -1 + patch Control: user de...@kali.org Control: usertags -1 + kali-patch On Sun, 17 Jul 2022 05:50:20 +0200 Cyril Brulebois wrote: > I suppose the journal bits could be patched out for the udeb build (right > now, configure ends up defining SYSTEMD_JOURNAL_SUPPORT to 1 there), but

Bug#997522: logidee-tools: FTBFS: make[2]: kpsepath: No such file or directory

Control: tag -1 + wontfix On Sat, 23 Oct 2021, Lucas Nussbaum wrote: > Source: logidee-tools > Version: 1.2.19 > > During a rebuild of all packages in sid, your package failed to build > on amd64. Note that I requested removal of this package so I will not handle this bug. See

Bug#995445: logidee-tools: creates incorrect TeX code, breaks other packages via autopkgtests

Hello, On Fri, 01 Oct 2021, Norbert Preining wrote: > The failed autopkgtest can be boiled down to the following example (all > the code is as taken from the logidee-tools generated code): Sorry that logidee-tools created issues for you. For the record, I have just requested the removal of that

Bug#993204: Bug#996079: gnome-shell-timer: does not declare compatibility with GNOME Shell 41

Control: forcemerge 993204 996079 Le dimanche 10 octobre 2021, Simon McVittie a écrit : > Package: gnome-shell-timer > > The metadata.json for this extension doesn't declare compatibility with > GNOME 41. I don't know whether the actual code will need changes or not: > the conservative

Bug#970809: python3-venv is gone

Hi, the package has been dropped from testing a while ago due to this bug but it's not clear to me that there's a real bug here. On Wed, 23 Sep 2020, Matthias Klose wrote: > Package: pipx > Version: 0.12.3.1-3 > Severity: serious > Tags: sid bullseye > > This package depends or build-depends on

Bug#977354: libmagics++-dev: Invalid dependency on "i" package

Package: libmagics++-dev Version: 4.5.2-1 Severity: grave Justification: renders package unusable I was alerted by a strange log in the package tracker: /usr/lib/python3/dist-packages/debian/deb822.py:1403: UserWarning: cannot parse package relationship "i", returning it raw I looked up what

Bug#976633: gnome-shell-extension-hamster: crash: TypeError: this.panelWidget is null

Control: severity -1 important Control: tag -1 + unreproducible On Sun, 06 Dec 2020, Paul Wise wrote: > On Sun, 2020-12-06 at 10:49 +0100, Raphael Hertzog wrote: > > > Duh, I am using it with GNOME Shell 3.38 but I have 3.38.1-2+b1 right > > now and it's what I used to tes

Bug#976633: gnome-shell-extension-hamster: crash: TypeError: this.panelWidget is null

Hi, On Sun, 06 Dec 2020, Paul Wise wrote: > When I try to load the Hamster extension, GNOME shell from unstable > prints the following traceback into the systemd user journal, I guess > it isn't compatible with GNOME shell 3.38 at this point in time. Duh, I am using it with GNOME Shell 3.38 but

Bug#975519: scapy fails autopkg test, blocking python3-defaults

Hi, On Mon, 23 Nov 2020, Matthias Klose wrote: > https://ci.debian.net/data/autopkgtest/testing/amd64/s/scapy/8359116/log.gz > > [...] > File "", line 25 > > ^ > SyntaxError: expression cannot contain assignment, perhaps you meant "=="? I see the following commit upstream:

Bug#930908: Letting mailcap and mime-support migrate

Control: severity -1 important I'm reducing the severity of this bug because this forbids mailcap and mime-support to migrate to testing and they have to migrate because the current mime-support is uninstallable in a freshly installed testing system because media-types (installed by default due

Bug#972858: zim FTBFS: FileNotFoundError: [Errno 2] No such file or directory: '/run/user/2952'

FWIW, this is really a bug in the build daemon that should not set XDG_RUNTIME_DIR to some incorrect value: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842565 But I'll work around it in the mean time. Cheers, -- ⢀⣴⠾⠻⢶⣦⠀ Raphaël Hertzog ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋The Debian Handbook:

Bug#972500: hamster-time-tracker does not launch on Buster using the backported package

Hi, Philipp, you uploaded the backport. Can you have a look at this report? Ulrike, did you restart your computer after the upgrade just to make sure that the dbus service was properly using the new code ? Thank you in advance. On Mon, 19 Oct 2020, Ulrike Uhlig wrote: > Package:

Bug#964399: Should ganglia be removed?

Hi, On Tue, 07 Jul 2020, Marcos Fouces wrote: > I also done some work on ganglia-web and ganglia-linux-modules packages > (also unpublished). > > I believe that it is still a good piece of software that deserve its > place on Debian so i would like to step up as uploader (co-uploaders >

Bug#963020: impacket breaks smbmap autopkgtest: No module named 'pkg_resources'

Hi, On Thu, 18 Jun 2020, Raphael Hertzog wrote: > Actually your fix does not work because pkg_resources is not documented in > setup.py or requirements.txt and thus it will not magically appear in > ${python3:Depends} just by adding it in Build-Depends. > > I opened htt

Bug#963020: impacket breaks smbmap autopkgtest: No module named 'pkg_resources'

On Wed, 17 Jun 2020, Emmanuel Arias wrote: > I've just pushed to salsa the fix, could anyone review it and sponsor > it, please? Actually your fix does not work because pkg_resources is not documented in setup.py or requirements.txt and thus it will not magically appear in ${python3:Depends} just

Bug#963020: impacket breaks smbmap autopkgtest: No module named 'pkg_resources'

Hi, On Wed, 17 Jun 2020, Emmanuel Arias wrote: > I've just pushed to salsa the fix, could anyone review it and sponsor > it, please? I'll take care of it right now. Cheers, -- ⢀⣴⠾⠻⢶⣦⠀ Raphaël Hertzog ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋The Debian Handbook: https://debian-handbook.info/get/ ⠈⠳⣄

Bug#938438: scap-security-guide: Python2 removal in sid/bullseye

Hi, On Fri, 08 May 2020, Jeremy Bicha wrote: > Maintainers, please indicate whether you are working on a fix or else > this package will be removed from Debian Unstable soon. (You can > always reintroduce the package if you remove the Python2 > dependencies.) I just looked at the upstream source

Bug#936206: binplist: Python2 removal in sid/bullseye

Hi, On Fri, 08 May 2020, Moritz Mühlenhoff wrote: > > Your package either build-depends, depends on Python2, or uses Python2 > > in the autopkg tests. Please stop using Python2, and fix this issue > > by one of the following actions. > > https://github.com/google/binplist/issues/6 is without

Bug#955474: FTBFS: fatal error: stropts.h: No such file or directory

Control: retitle 954582 FTBFS: fatal error: stropts.h: No such file or directory Control: forcemerge 954582 -1 I was mislead by the title of the other RC bug, it looks like both are reporting the same underlying issue. The proper solution seems to be to rebuild python 3.8 against glibc 2.30 and

Bug#944553: midori deletes my files

Control: severity -1 important On Tue, 18 Feb 2020, Sergio Durigan Junior wrote: > Thanks for the report. > > It's not clear from your description whether tmpa_crtoef.htm is the > only file that triggers this behaviour, or if this happens with any file > when you try opening it with Midori. > >

Bug#951120: hydra: Non-free licence exception

Control: forwarded -1 https://github.com/vanhauser-thc/thc-hydra/issues/497 On Tue, 11 Feb 2020, Dominik George wrote: > The licence of hydra states: Actually the LICENSE file does not contain that sentence. It's only in the README and it has been added 3 years ago > The additional

Bug#939260: Ready for Python 3

FTR, upstream just notified me that the latest version available on GitHub is now ready for Python 3: https://github.com/websploit/websploit Cheers, -- ⢀⣴⠾⠻⢶⣦⠀ Raphaël Hertzog ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋The Debian Handbook: https://debian-handbook.info/get/ ⠈⠳⣄ Debian Long Term Support:

Bug#948257: Bug#948350: depmod: ERROR: ../libkmod/libkmod.c:515 lookup_builtin_file() could not open builtin file '[...]/lib/modules/[kernelversion]/modules.builtin.bin'

Hello, On Tue, 07 Jan 2020, Marco d'Itri wrote: > #948257 In https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948257#105, Ben is wondering whether the fix should not be done in kmod since the ERROR displayed is due to a Debian-specific patch that you applied

Bug#939260: websploit: Python2 removal in sid/bullseye

On Mon, 16 Dec 2019 14:28:33 +0100 Raphael Hertzog wrote: > Great. Looking forward to it. Do you have any idea how much time you need > to complete this Python 3 port of websploit? On the 21th, I got a private reply saying that he might need 20 days to complete the Python 3 port.

Bug#947387: [Python-modules-team] Bug#947387: python3-pcapy: missing Breaks+Replaces: python-pcapy

On Wed, 25 Dec 2019, Emmanuel Arias wrote: > Raphaël, please could you review my patch? Reviewed and uploaded. Cheers, -- ⢀⣴⠾⠻⢶⣦⠀ Raphaël Hertzog ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋The Debian Handbook: https://debian-handbook.info/get/ ⠈⠳⣄ Debian Long Term Support: https://deb.li/LTS

Bug#945723: Upstream progress on python 3 port

Hello, upstream seems to be close to release a Python 3 version, current WIP is in https://github.com/epinna/weevely3/tree/Debian-master according to https://github.com/epinna/weevely3/pull/119#issuecomment-568770367 Sending this mail to reset the auto-rm clock, hoping that Samuel will upload a

Bug#939260: websploit: Python2 removal in sid/bullseye

Hello, On Tue, 10 Dec 2019, 0X0Ptim0Us wrote: > Got it, thank you. I will work on it Great. Looking forward to it. Do you have any idea how much time you need to complete this Python 3 port of websploit? Regards, -- ⢀⣴⠾⠻⢶⣦⠀ Raphaël Hertzog ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋The Debian Handbook:

Bug#927135: src:rekall: Please update to python3 version

Hi, On Fri, 18 Oct 2019, Moritz Mühlenhoff wrote: > > I started having a look at packaging the new upstream release of > > rekall, to support python 3 (mostly because rekall is a r-dep of some > > of the packages i maintain). For now it looks like the most immediate > > need is to get aff4 ported

Bug#942487: [Pkg-rust-maintainers] Bug#942487: Bug#942487: Bug#942487: rust-web-sys: Provides header is more than 256K long and it breaks reprepro...

On Thu, 17 Oct 2019, Ximin Luo wrote: > Who is using reprepro to archive Debian Rust packages? That's the first Anybody who is mirroring Debian unstable with reprepro right now. I have no special interest in rust, but I do maintain a debian derivative that we build with reprepro merging debian

Bug#942487: [Pkg-rust-maintainers] Bug#942487: Bug#942487: rust-web-sys: Provides header is more than 256K long and it breaks reprepro...

Hello Ximin, On Thu, 17 Oct 2019, Ximin Luo wrote: > >> Do you have some concrete suggestions on how to improve the tool to reduce > >> this "abuse"? > > > > Yes, I gave you one. > > It doesn't work. Look, I'm not a cargo/rust expert, I won't design the tool for you but I implemented

Bug#942487: [Pkg-rust-maintainers] Bug#942487: Bug#942487: rust-web-sys: Provides header is more than 256K long and it breaks reprepro...

On Thu, 17 Oct 2019, Ximin Luo wrote: > Can you please explain why 256 KB provides field is "abuse"? Because that's the amount of metadata required for 250 common packages. > Do you have some concrete suggestions on how to improve the tool to reduce > this "abuse"? Yes, I gave you one. > BTW,

Bug#942487: [Pkg-rust-maintainers] Bug#942487: rust-web-sys: Provides header is more than 256K long and it breaks reprepro...

Hi, On Thu, 17 Oct 2019, Sylvestre Ledru wrote: > I will see how to add a lintian check to block that from happening again. FWIW, I already filed #942493 against lintian this morning. Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS:

Bug#942487: [Pkg-rust-maintainers] Bug#942487: rust-web-sys: Provides header is more than 256K long and it breaks reprepro...

On Thu, 17 Oct 2019, Ximin Luo wrote: > Control: tags -1 + wontfix This is clearly not acceptable. You can't ignore problems like this one. I saw you already broke debian-installer once with the former packages that overflowed the 16K limit of cdebootstrap. Now it's the turn of reprepro and this

Bug#942487: rust-web-sys: Provides header is more than 256K long and it breaks reprepro...

On Thu, 17 Oct 2019, Raphaël Hertzog wrote: > For this reason, I'm going to NMU the package and disable/reduce the Provides > field until you find a reasonable solution. Uploaded rust-web-sys_0.3.28-1.1_source.changes. It's still 150K but should make reprepro happy. I believe it's unreasonable

Bug#939626: Upstream

Control: tag -1 fixed-upstream On Wed, 11 Sep 2019 14:00:54 +0200 =?utf-8?Q?S=C3=A9bastien?= Delafond wrote: > Upstream indicates that: > > We are working actively on that subject. So the next release of > centreon-broker won't need qt4 nor qt5. Qt will be completely removed > from it.

Bug#875190: [shiboken] Future Qt4 removal from Buster

On Tue, 01 Oct 2019, Didier 'OdyX' Raboud wrote: > > There are no reverse dependencies of src:shiboken in unstable and it has > > been replaced by src:pyside2, let's remove from the archive? > > As maintainer: agreed! Can you file the RM request then? Thank you. -- Raphaël Hertzog ◈ Debian

Bug#934691: rekall: maintainer address bounces

Control: tag -1 + pending On Tue, 13 Aug 2019, peter green wrote: > While sending https://lists.debian.org/debian-python/2019/08/msg00072.html I > got > > forensics-de...@lists.alioth.debian.org > (generated fromrek...@packages.debian.org) > host alioth-lists-mx.debian.net

Bug#927135: src:rekall: Please update to python3 version

Hi, On Sun, 25 Aug 2019, Scott Kitterman wrote: > If you have lost interest in the package, please let me know so I can ask to > have it removed. Don't remove rekall please. There's a new upstream release with Python 3 support. We will get to it eventually. Cheers, -- Raphaël Hertzog ◈ Debian

Bug#934483: virtualbox-guest-dkms: Doesn't build with latest kernel in unstable 5.2.0-2-686-pae

On Sun, 11 Aug 2019, Christian Marillat wrote: > But bevare fixind the include file path (drm/ttm/ttm_page_alloc.h) doesn't > work at all the virtualbox doesn't start. I fixed the path, the build went through. I rebooted my VM and it worked. What exactly was the failure that you had? Did you

Bug#934483: virtualbox-guest-dkms: Doesn't build with latest kernel in unstable 5.2.0-2-686-pae

Hi, On Thu, 15 Aug 2019, Darsey Litzenberger wrote: > I haven't gotten around to testing, but it looks like maybe all that needs > to be done is to disable building some of these modules after a certain > kernel version. At least I can confirm that if you disable "vboxvideo" from the dkms

Bug#932506: elastalert: (build-)depends on cruft packages.

Control: tag -1 + confirmed upstream fixed-upstream Hi, On Sat, 20 Jul 2019, peter green wrote: > elastalert (build-)depends on the python-croniter binary package which > is no longer built by the python-croniter binary package. > > If you want to keep your package in Debian you will probablly

Bug#930929: [Pkg-libvirt-maintainers] Bug#930929: marked as done (libvirt: is no longer able to use kvm)

Hi, On Sun, 23 Jun 2019, Guido Günther wrote: > > But after a reboot with the good systemd, it began again to work... sorry > > for the noise! > > Thanks for reporting all the details! Should we expect issues with newer > systemd then or do you deem the problems related to the patches you >

Bug#930929: libvirt: is no longer able to use kvm

On Sat, 22 Jun 2019, Raphael Hertzog wrote: > And despite this I still have the error and yet the libvirt-qemu user > is part of the kvm group: > $ id libvirt-qemu > uid=124(libvirt-qemu) gid=130(kvm) groupes=130(kvm),132(libvirt-qemu) Still I confirm that the libvirt-qemu user

Bug#930929: libvirt: is no longer able to use kvm

Control: found -1 5.0.0-3 Control: found -1 5.2.0-2 On Sat, 22 Jun 2019, Raphaël Hertzog wrote: > For a few days/weeks (I'm not sure when it started exactly), I can no > longer run my VM with virt-manager. I tried downgrading to the version in testing, but the problem stayed the same. I also

Bug#929469: systemd-networkd: systemd-networkd: fails with "could not set address: Permission denied"

Hi, On Wed, 05 Jun 2019, Michael Biebl wrote: > systemd-networkd.service in v241 is locked down more tightly then v232. > It might be worth a try to comment out the hardening features one by one > to see if one of them causes your problem. Thanks for the idea! I tried that but it did not help. I

Bug#929469: systemd-networkd: systemd-networkd: fails with "could not set address: Permission denied"

Hi, On Wed, 05 Jun 2019, Michael Biebl wrote: > What's the status of this bug? No progress. > Can you reproduce it with v242 from experimental? Yes. > I guess upstream is waiting for your feedback: > https://github.com/systemd/systemd/issues/12656#issuecomment-496293294 I will provide my

Bug#924042: tomb: Multiple package relations for optionally used tools are missing (steghide, dcfldd, gettext-base, qrencode, unoconv, lsof, swish-e)

Control: severity -1 important On Fri, 08 Mar 2019, Axel Beckert wrote: > tomb's exhume subcommand calls steghide: > > ~ → tomb exhume /tmp/example.jpg > tomb [E] Steghide not installed: cannot exhume keys from images. The failure mode is rather clean, I don't think the missing

Bug#920377: dpkg > 1.19.3 breaks reprepro

Hi, On Thu, 24 Jan 2019, Alf Gaida wrote: > Commit > https://salsa.debian.org/dpkg-team/dpkg/commit/4a4619831de8b8972f86b489660dc98f187cfa34.patch > breaks reprepro. For reference, that commit says this: | dpkg-genchanges: Only reference binary packages being uploaded | | The .changes file

Bug#891670: pymssql FTBFS with freetds-dev 1.00.82-2

Hi, On Sun, 24 Jun 2018, Geoffrey Thomas wrote: > Upstream is being slow to put out a new release, there's some blocker > involving the new freetds. I asked if that was resolved yet: > > https://github.com/pymssql/pymssql/issues/528 > > At some point (probably in a month or two, honestly...)

Bug#920366: developers-reference: ftbfs in sid, builds fine in stable

Hi, On Sat, 26 Jan 2019, Norbert Preining wrote: > FIrst of all, I cannot reproduce this error on sid, so with all packages > properly upgraded. > > That means, I assume you have a mixed upgrade of packages where it > fails, is this correct? Yes, debci triggers autopkgtest of reverse

Bug#919578: rozofs: FTBFS with undefined references to major, minor

Hi, On Thu, 17 Jan 2019, Andreas Beckmann wrote: > rozofs recently started to FTBFS in an up-to-date sid+experimental > pbuilder environment: FWIW, I filed earlier today an RM bug: https://bugs.debian.org/919568 So I don't plan to handle this bug. Cheers, -- Raphaël Hertzog ◈ Debian Developer

Bug#822586: Upstream status update

Hello, just FYI since upstream was unable to port the code to the GObject Introspection bindings, he started to rewrite the application in C++ using GTKmm. This is happening in the "future" directory of the upstream git repository (master branch) and the author shares some progress information

Bug#917199: pivy, unbuildable on mips* due to testsuite failures in patchelf.

Hi, On Sun, 13 Jan 2019, Adrian Bunk wrote: > Test cases that passed in patchelf 0.8 fail since 0.9, > and segmentation fault on things like setting rpath > might be close enough to "entirely broken". In that case, it would certainly help upstream if someone (maintainer/porter) could try to "git

Bug#917199: pivy, unbuildable on mips* due to testsuite failures in patchelf.

Hi, On Sat, 12 Jan 2019, Adrian Bunk wrote: > pyside2 is now built without patchelf on mips64el. > > Doing the same for mips and mipsel should fix the problem for pivy. Yeah, but this is not going in the right direction. This means that pyside will be built with the embedded patchelf. The

Bug#849308: Please let wireguard migrate to testing

Hello Daniel, we want wireguard in Kali and Kali is based on Debian testing. For now we imported it manually from Debian Unstable but it's counter-productive, we have rolling distributions (kali and testing) and an upstream following a rolling model and yet we don't have its packages

Bug#853310: android-platform-system-core: ftbfs with GCC-7

Hi, On Thu, 13 Sep 2018, 殷啟聰 | Kai-Chung Yan wrote: > > It would have helped if you had given me the URL of the repository. > > Anyway, I'm willing to sponsor the update (even though I don't know much > > about Android Tools) but I have a few comments: > > Thank you for the sponsor, it will help

Bug#853310: android-platform-system-core: ftbfs with GCC-7

Hello, On Tue, 11 Sep 2018, 殷啟聰 | Kai-Chung Yan wrote: > Sorry for being dormant on the matter. We had been in the process of > updating the whole SDK suite to Oreo but it is blocked by an upload of > this package. The latest update produces several new packages so I don't > have the permission

Bug#853310: android-platform-system-core: ftbfs with GCC-7

Hello, this bug on android-platform-system-core is the reason why apktool got dropped from Debian Testing. I would like it to go back to Debian Testing. I saw that the package has many updates in the git repository. I guess the FTBFS issue is fixed in the new upstream version that you packaged

Bug#901572: acccheck: CVE-2018-12268: Patch proposal

Control: affects 904200 acccheck On Mon, 03 Sep 2018, p...@reseau-libre.net wrote: > I've updated the acccheck.pl behavior to correct (i hope) the > CVE-2018-12268. User and password input files are sanitized before any use > in the generated commandline string. The patch is given attached to

Bug#906139: debian-policy: versioned depends on libjs-sphinxdoc unsatisfiable on stretch

Hi, On Mon, 27 Aug 2018, Sean Whitton wrote: > On Mon 27 Aug 2018 at 12:58PM +0200, Raphael Hertzog wrote: > > Or you could have read dh_linktree's manual page and see that you can > > use "replace" instead of "deduplicate" to get a weak dependency. > >

Bug#906139: debian-policy: versioned depends on libjs-sphinxdoc unsatisfiable on stretch

Hi, On Sat, 25 Aug 2018, Sean Whitton wrote: > Urgh. > > I am reluctantly (yet gratefully!) working on implementing Ian's > substvar hack. Or you could have read dh_linktree's manual page and see that you can use "replace" instead of "deduplicate" to get a weak dependency. $ git diff diff

Bug#902812: wcc FTBFS

Hi, On Wed, 18 Jul 2018, Axel Beckert wrote: > > Axel mentioned failed bin-nmu but it looks like the bin-nmu worked: > > https://buildd.debian.org/status/fetch.php?pkg=wcc=amd64=0.0.2%2Bdfsg-3%2Bb2=1531313043=0 > > Sorry, I deduced that from "uninstallable + FTBFS". > > > I downgraded the bug

Bug#902812: wcc FTBFS

Control: severity -1 important Control: tag -1 + unreproducible Philippe, if you don't put Sylvestre and Axel in copy, they won't get your mail sent only to 902...@bugs.debian.org. On Wed, 18 Jul 2018, Philippe Thierry wrote: > I take a look at the bug you reported and I didn't managed to

Bug#875885: netkit-tftp: does not trap ./configure errors

Hello Alberto, it's been 8 years that you haven't touched netkit-tftp and the package has been removed from Debian testing due to the bug I'm replying to. Can you take care of fixing the bug and/or properly orphaning the package if you are no longer interested in it? Regards, On Fri, 15 Sep

Bug#899688: Bug#899851: schroot: Invalid maintainer address buildd-tools-de...@lists.alioth.debian.org

Hi Simon, On Wed, 06 Jun 2018, Simon McVittie wrote: > Since nobody seems to have objected to this and I found myself wanting to > refer to up-to-date schroot/sbuild source code today, I've imported both > projects into Salsa using `git push --mirror` from the archives in >

Bug#899851: schroot: Invalid maintainer address buildd-tools-de...@lists.alioth.debian.org

Hi, On Thu, 24 May 2018, Johannes Schauer wrote: > yes, I read about this possibility on debian-devel@ and it sounds intriguing. > But I neither know how to set up that team on tracker, nor am I convinced yet, > that it would make sense to do so. Which packages would be maintained by that > team?

Bug#899851: schroot: Invalid maintainer address buildd-tools-de...@lists.alioth.debian.org

Hi, On Thu, 24 May 2018, Christoph Biedl wrote: > as you've probably heard, Debian's alioth services are shutting down. > This affects your package schroot since the list address > buildd-tools-de...@lists.alioth.debian.org used in the Maintainer: > field was not transferred to the alioth-lists

Bug#896071: debootstrap fails to retrive Release file over https

On Mon, 23 Apr 2018, Hideki Yamane wrote: > Hi, > > On Sun, 22 Apr 2018 09:40:54 +1000 > David Margerison wrote: > > > "$@" is extracted as '' and wget tries to fetch it and fails, > > > then returns 1. > > > > Regarding the proposed fix, in general using $@

Bug#896071: debootstrap fails to retrive Release file over https

Hi, On Tue, 24 Apr 2018, Hideki Yamane wrote: > I'll revert below your commit since this regression fix also solve it. > > > commit c1c20ed48e83fe9d4f3512c524f7734d4e1469ac > > Author: Raphaël Hertzog > > Date: Thu Apr 12 12:18:29 2018 +0200 > > > > Do not use HTTPS

Bug#890043: wcc: diff for NMU version 0.0.2+dfsg-2.1

On Fri, 09 Mar 2018, Adrian Bunk wrote: > I've prepared an NMU for wcc (versioned as 0.0.2+dfsg-2.1) and uploaded > it to DELAYED/3. Please feel free to tell me if I should cancel it. Thanks for this, but I just uploaded a new version with this change and other cleanups too. Cheers, -- Raphaël

Bug#889187: [Pkg-e-devel] Bug#889187: e17-dbg is empty

Control: severity -1 important On Sat, 03 Feb 2018, Andreas Metzler wrote: > > Debug information is in e17-dbgsym, > > likely the fix is to drop e17-dbg. > > This is fixed in experimental. Why not in unstable? This bug was marked as grave (it probably did not deserve this severity, but nobody

Bug#887062: [Pkg-raspi-maintainers] Bug#887062: raspi3-firmware: postinst fails, makes bad assumption about existence of /boot/firmware/

Hello Michael, On Thu, 18 Jan 2018, Michael Stapelberg wrote: > Given that the package’s only purpose is to populate /boot/firmware, may I > ask why it’s being installed in your builds at all? I’d like to understand > the use-case before adding code to deal with it. The package name contains

Bug#886506: busybox sh broken on i386 with glibc 2.26, leads to kernel panic

Hello, On Wed, 17 Jan 2018, Aurelien Jarno wrote: > busybox is compiled with -mpreferred-stack-boundary=2 on i386 which has > the same effect of reducing the default stack alignment from 16 bytes to > 2 bytes. This comes from arch/i386/Makefile: > > | # -mpreferred-stack-boundary=2 is essential

Bug#828483: osslsigncode: FTBFS with openssl 1.1.0

[ Copy to upstream author to know his plans wrt openssl 1.1 and to invite him to review the current patches ] Hello Stephen, On Sun, 26 Jun 2016, Stephen Kitt wrote: > On Sun, 26 Jun 2016 12:23:30 +0200, Kurt Roeckx wrote: > > If you have problems making things work, feel free

Bug#887062: [Pkg-raspi-maintainers] Bug#887062: raspi3-firmware: postinst fails, makes bad assumption about existence of /boot/firmware/

On Sat, 13 Jan 2018, Michael Stapelberg wrote: > The only change that seems in any way related to me is > https://anonscm.debian.org/cgit/pkg-raspi/raspi3-firmware.git/commit/?id=c977f0210ab5c577b9d5296e4e4391225a7f85ca This change is not the cause of the regression. The package fails at initial

Bug#882372: Processed: Bug fix for ohcount #882372

Hello Sylvestre, On Thu, 07 Dec 2017, Sylvestre Ledru wrote: > I don't see the patch fixing the issue?! The debian security tracker has a note with this patch: https://github.com/blackducksoftware/ohcount/commit/6bed45d6fb7c080ae5c163c12b4eb8749a3492ac It looks like the problematic "file"

Bug#881097: To be removed from wheezy as well

On Tue, 19 Dec 2017, Emilio Pozuelo Monfort wrote: > > Chris or Thorsten, could you possibly look into what it involves and see > > whether > > it's doable on the ftpmaster side ? > > Another, easier option would be to declare these packages as unsupported > security-wise. I pushed a commit

Bug#881097: To be removed from wheezy as well

Hi, On Tue, 19 Dec 2017, Salvatore Bonaccorso wrote: > > Actually it got removed from wheezy in the mean time. Since it was > > marked that way in dla-needed.txt, I pinged the ftp.d.o bug report and > > pinged Chris Lamb (as ftp assistant) and the package is gone from wheezy: > > > > $ rmadison

Bug#881097: To be removed from wheezy as well

Hello, On Sun, 17 Dec 2017, Ola Lundqvist wrote: > After some more reading I think removing it should be ok anyway. I'll > change the wording from "will be removed" to "may be removed" to allow > us the freedom to keep it if nobody takes the action to actually > remove it. Actually it got

Bug#882769: Cannot upgrade from Stretch: cp: target '/lib/live/mount/medium/live/vmlinuz.new' is not a directory

On Tue, 28 Nov 2017, Goirand Thomas (aka zigo) wrote: > I did try to purge and it didn't help. The issue is indeed about 2 > kernels installed, though as I wrote, upgrading linux-image-amd64 first > works arround the problem. So I'm not sure what's going on, really. Any > hint/clue ? Run

Bug#882769: Cannot upgrade from Stretch: cp: target '/lib/live/mount/medium/live/vmlinuz.new' is not a directory

Hi Thomas, On Sun, 26 Nov 2017, Thomas Goirand wrote: > After booting a Stretch live image, I tried to upgrade it to Sid, and > it fails with this error: > > update-initramfs: deferring update (trigger activated) > cp: target '/lib/live/mount/medium/live/vmlinuz.new' is not a directory This is

Bug#882463: Wheezy update of xrdp?

Hello Dominik, The Debian LTS team would like to fix the security issues which are currently open in the Wheezy version of xrdp: https://security-tracker.debian.org/tracker/CVE-2017-16927 Would you like to take care of this yourself? If yes, please follow the workflow we have defined here:

Bug#882372: Wheezy update of ohcount?

Hello Sylvestre, The Debian LTS team would like to fix the security issues which are currently open in the Wheezy version of ohcount: https://security-tracker.debian.org/tracker/CVE-2017-16926 Would you like to take care of this yourself? I tried to file an upstream bug as a first step (since

Bug#880902: RC bug on zfs-linux that has to be fixed

Hello, This bug should be quickly fixed because ZFS is broken in Debian Testing right now, spl-linux migrated already and zfs-linux did not migrate due to this bug. Someone reported this problematic mismatch in Kali (which is based on Debian testing): https://bugs.kali.org/view.php?id=4351

Bug#880409: python-django: add Breaks: openstack-dashboard (<< 3:12)

Hi, On Tue, 31 Oct 2017, Chris Lamb wrote: > > Oh, #867254 was only filed for the "trivial" case in sid. But the > > problem also occurs on upgrades from stretch (openstack-dashboard gets > > triggered after python-django was upgraded and blows up), which is the > > case we need the Breaks for. >

Bug#875423: [Pkg-openssl-devel] Bug#875423: openssl: Please re-enable TLS 1.0 and TLS 1.1 (at least in testing)

Hello Kurt, On Fri, 22 Sep 2017, Kurt Roeckx wrote: > I have to admit that I didn't consider derivatives that take a > snapshot of testing, and we also seem to have a large amount of > people that do use testing. My intention was to target the more > advanced users, and having it in testing might

Bug#879002: Should the package be removed?

Source: libpam4j Severity: serious Hello, I just came across libpam4j while handlinge CVE-2017-12197 and I noticed that: - the package has not seen an update since 2012 - the package has no reverse dependency in Debian - upstream seems to have disappeared (the current Homepage URL is dead and

Bug#879001: CVE-2017-12197: libpam4j: Account check bypass

Source: libpam4j Version: 1.4-2 Severity: grave Tags: security Hi, the following vulnerability was published for libpam4j. CVE-2017-12197[0]: libpam4j: Account check bypass PAM.authentication() does not call pam_acct_mgmt(). As a consequence, the PAM account is not properly verified. Any user

Bug#870873: exiv2: FTBFS: some symbols or patterns disappeared in the symbols file

On Sat, 05 Aug 2017, Jakub Wilk wrote: > exiv2 FTBFS on i386: And on amd64 currently too: dh_makeshlibs -O--parallel -O--buildsystem=cmake dpkg-gensymbols: avertissement: certains nouveaux symboles sont apparus dans le fichier des symboles : Veuillez consulter le fichier de différences

Bug#875423: openssl: Please re-enable TLS 1.0 and TLS 1.1 (at least in testing)

Hi, On Thu, 21 Sep 2017, Sebastian Andrzej Siewior wrote: > The changes Kurt asked about is something that openssl upstream supports > and is something that openssl 1.1 considers the right way of doing > things (in contrast to the disable TLS-version X thingy which are marked > deprecated or

Bug#875423: [Pkg-openssl-devel] Bug#875423: openssl: Please re-enable TLS 1.0 and TLS 1.1 (at least in testing)

Hi Kurt, On Fri, 22 Sep 2017, Kurt Roeckx wrote: > I have to admit that I didn't consider derivatives that take a > snapshot of testing, and we also seem to have a large amount of > people that do use testing. My intention was to target the more > advanced users, and having it in testing might be

Bug#876093: openvas-libraries FTBFS on amd64: override_dh_auto_configure failed

Control: tag -1 + patch Hello, On Mon, 18 Sep 2017, SZ Lin wrote: > CMake Error at nasl/CMakeLists.txt:147 (add_library): > Target "openvas_nasl_shared" links to item " -lpcap" which has leading or > trailing whitespace. This is now an error according to policy CMP0004. > > This issue is caused

Bug#875423: openssl: Please re-enable TLS 1.0 and TLS 1.1 (at least in testing)

On Mon, 11 Sep 2017, Philipp Kern wrote: > https://packages.qa.debian.org/o/openssl/news/20170824T211015Z.html seems to > have pushed this onto client applications? I.e. it's no longer hard disabled > but client applications need to explicitly enable them? Yes, I'm aware of that but Kurt never

Bug#873718: Fixes for security vulnerabilities on libgig?

[ Copy to the Debian bugtracker ] Hello Christian, a few security issues have been reported against libgig: http://seclists.org/fulldisclosure/2017/Aug/39 The reproducer files are attached too: http://seclists.org/fulldisclosure/2017/Aug/att-39/poc_zip.bin I wanted to check that you were aware

Bug#873718: Multiple security issues (CVE-2017-12950 to CVE-2017-12954)

Source: libgig X-Debbugs-CC: t...@security.debian.org secure-testing-t...@lists.alioth.debian.org Severity: grave Tags: security Hi, the following vulnerabilities were published for libgig. See http://seclists.org/fulldisclosure/2017/Aug/39 for the initial report with reproducer files.

  1   2   3   4   5   6   7   >