Source: frr
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerabilities were published for frr.
CVE-2022-43681[0]:
| An out-of-bounds read exists in the BGP daemon of FRRouting FRR
| through 8.4. When sending a malformed BGP OPEN message that ends
Control: tag -1 pending
Hello,
Bug #1034976 in gensio reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
Processing control commands:
> tag -1 pending
Bug #1034976 [gensio-bin] gensio-bin: missing Breaks+Replaces for libgensio-dev
when upgrading from bullseye
Added tag(s) pending.
--
1034976: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034976
Debian Bug Tracking System
Contact
I am uploading a NMU to fix this. The debdiff is attached.diff -Nru libtsm-4.0.2/debian/changelog libtsm-4.0.2/debian/changelog
--- libtsm-4.0.2/debian/changelog 2022-04-29 21:18:06.0 +0200
+++ libtsm-4.0.2/debian/changelog 2023-05-09 17:47:55.0 +0200
@@ -1,3 +1,13 @@
Control: tag -1 pending
Hello,
Bug #1034976 in gensio reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
Processing control commands:
> tag -1 pending
Bug #1034976 [gensio-bin] gensio-bin: missing Breaks+Replaces for libgensio-dev
when upgrading from bullseye
Ignoring request to alter tags of bug #1034976 to the same tags previously set
--
1034976:
Source: cpptraj
Version: 5.1.0+dfsg-3
Severity: serious
User: debian...@lists.debian.org
Usertags: fails-always
Dear maintainer(s),
You package cpptraj has an autopkgtest, great.
However, it fails everywhere except on amd64. Can you please investigate the
situation and fix it?
I copied some
Processing control commands:
> found -1 29.0.6-27
Bug #1034982 {Done: Roger Shimizu } [android-libnativehelper]
android-libnativehelper: missing Breaks+Replaces for
android-libnativehelper-dev when upgrading from bullseye
Marked as found in versions android-platform-tools/29.0.6-27; no longer
Followup-For: Bug #1034982
Control: found -1 29.0.6-27
Hi,
this bug was not fixed correctly, yet.
The .so link actually moved from android-libnativehelper-dev to
android-libnativehelper (that's the unusual direction, since usually the
.so belongs to the -dev package). (Commit 306d8baf that
Control: tag -1 - unreproducible
Control: reassign -1 lvm2 2.03.15-1
Control: forcemerge 1018730 -1
Control: affects -1 cryptsetup-initramfs
Thanks for the the reproducer! Much appreciated. So the problem is
that your VG spans over multiple PVs, but the LVs that are required at
early boot stage
Processing control commands:
> tag -1 - unreproducible
Bug #1034836 [cryptsetup-initramfs] initramfs-tools: After bullseye -> bookworm
upgrade boot stuck in the initramfs shell
Removed tag(s) unreproducible.
> reassign -1 lvm2 2.03.15-1
Bug #1034836 [cryptsetup-initramfs] initramfs-tools: After
Your message dated Tue, 09 May 2023 19:48:49 +
with message-id
and subject line Bug#1035764: fixed in libtsm 4.0.2-0.4
has caused the Debian Bug report #1035764,
regarding libtsm-dev: copyright file missing after upgrade (policy 12.5)
to be marked as done.
This means that you claim that the
Your message dated Wed, 10 May 2023 00:56:04 +
with message-id
and subject line Bug#1034955: fixed in slurm-wlm 22.05.8-4
has caused the Debian Bug report #1034955,
regarding slurm-wlm-influxdb-plugin: missing Breaks+Replaces for
slurm-wlm-basic-plugins when upgrading from bullseye
to be
Your message dated Wed, 10 May 2023 00:56:04 +
with message-id
and subject line Bug#1034978: fixed in slurm-wlm 22.05.8-4
has caused the Debian Bug report #1034978,
regarding slurm-wlm-jwt-plugin: missing Breaks+Replaces for
slurm-wlm-basic-plugins when upgrading from bullseye
to be marked
Your message dated Wed, 10 May 2023 00:56:04 +
with message-id
and subject line Bug#1034950: fixed in slurm-wlm 22.05.8-4
has caused the Debian Bug report #1034950,
regarding slurm-wlm-hdf5-plugin: missing Breaks+Replaces in multiple situations
when upgrading from bullseye
to be marked as
Your message dated Wed, 10 May 2023 00:56:04 +
with message-id
and subject line Bug#1034992: fixed in slurm-wlm 22.05.8-4
has caused the Debian Bug report #1034992,
regarding slurm-wlm-rrd-plugin: missing Breaks+Replaces for
slurm-wlm-basic-plugins when upgrading from bullseye
to be marked
Processing control commands:
> severity -1 serious
Bug #1018730 [lvm2] lvm2: Initramfs does not activate root LVs if VG is
incomplete since 2.03.15 or 2.03.16, boot failure
Bug #1034836 [lvm2] initramfs-tools: After bullseye -> bookworm upgrade boot
stuck in the initramfs shell
Severity set to
Package: jed-common
Version: 1:0.99.20~pre.178+dfsg-3
Severity: serious
Hi,
I'm sorry to say, but it now fails elsewhere to upgrade from
1:0.99.20~pre.178+dfsg-1 to 1:0.99.20~pre.178+dfsg-3:
Preparing to unpack .../01-jed_1%3a0.99.20~pre.178+dfsg-3_amd64.deb ...
Unpacking jed
Processing commands for cont...@bugs.debian.org:
> tags 1035841 + patch
Bug #1035841 [amavisd-new] amavisd-new fails to purge without adduser -
userdel: not found
Added tag(s) patch.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
1035841:
Hey Guilhem.
> There might be a better way to detect an initramfs-tools environment
I once faced the same question when writing a (cryptsetup) keyscript,
i.e. how to definitely find out whether one's "within" the initramfs.
With crypsetup it may seem easy - check for e.g. /scripts/local-
Your message dated Wed, 10 May 2023 00:56:04 +
with message-id
and subject line Bug#1034987: fixed in slurm-wlm 22.05.8-4
has caused the Debian Bug report #1034987,
regarding slurm-wlm-elasticsearch-plugin: missing Breaks+Replaces for
slurm-wlm-basic-plugins when upgrading from bullseye
to
Andreas Beckmann writes:
> There are some elpa packages from bullseye that won't be in bookworm and
> that are incompatible with emacs 28, i.e. upgrading emacs will fail if
> these packages are still installed.
> Therefore emacs-common needs to add Breaks against them s.t. they get
> removed
Rob Browning writes:
> Rob Browning writes:
>
>> Right, I'm actually working on a release for this. I think I should be
>> able to upload today or tomorrow, and not sure if we need to wait for
>> preapproval aince we'd want this in any other future migrations from
>> unstable to
Your message dated Wed, 10 May 2023 05:03:48 +
with message-id
and subject line Bug#1035839: fixed in jed 1:0.99.20~pre.178+dfsg-4
has caused the Debian Bug report #1035839,
regarding jed-common: Fails to upgrade: new jed-common package
pre-installation script subprocess returned error exit
Rob Browning writes:
> Right, I'm actually working on a release for this. I think I should be
> able to upload today or tomorrow, and not sure if we need to wait for
> preapproval aince we'd want this in any other future migrations from
> unstable to testing/bullseye.
Oh, and possibly cf.
Package: amavisd-new
Version: 1:2.13.0-2
Severity: serious
User: jo...@debian.org
Usertags: adduserpurge
Hi,
the packages passwd and adduser are not part of the Essential:yes set.
According to policy §7.2 maintainer scripts cannot assume them being installed
when purging a package. If one
Package: jed-common
Version: 1:0.99.20~pre.178+dfsg-2
Severity: serious
jed-common fails to upgrade from 1:0.99.20~pre.178+dfsg-1 to
1:0.99.20~pre.178+dfsg-2 for me as follows:
Preparing to unpack .../4-jed-common_1%3a0.99.20~pre.178+dfsg-2_all.deb ...
Unpacking jed-common
Package: matrix-sydent
Version: 2.5.1-1.1
Severity: serious
User: jo...@debian.org
Usertags: adduserpurge
Control: tag -1 + patch
Hi,
the packages passwd and adduser are not part of the Essential:yes set.
According to policy §7.2 maintainer scripts cannot assume them being installed
when
Processing control commands:
> tag -1 + patch
Bug #1035844 [matrix-sydent] matrix-sydent fails to purge without adduser
Added tag(s) patch.
--
1035844: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035844
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Your message dated Tue, 9 May 2023 12:15:42 +0200
with message-id
and subject line Re: closing as invalid
has caused the Debian Bug report #967144,
regarding gpaint: Unversioned Python removal in sid/bullseye
to be marked as done.
This means that you claim that the problem has been dealt with.
Package: libphp8.2-embed
Version: 8.2.5-2
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Hi,
during a test with piuparts I noticed your package does not ship the
SONAME link for its library (Policy 8.1).
That link got created later by ldconfig.
>From the attached log
Hi Witold,
The friendly people in #debian-apt proposed to run:
sudo apt install -o Debug::pkgProblemResolver=true -o
Debug::pkgDepCache::Marker=1 -o Debug::pkgDepCache::AutoInstall=1 gnome-core
And could you also send your /var/lib/dpkg/status file?
More information on this:
Processing control commands:
> tag -1 pending
Bug #1035598 [kanboard] /var/lib/dpkg/info/kanboard.postinst: 24:
lighty-enable-mod: not found
Added tag(s) pending.
--
1035598: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035598
Debian Bug Tracking System
Contact ow...@bugs.debian.org with
Control: tag -1 pending
Hello,
Bug #1035598 in kanboard reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
Processing commands for cont...@bugs.debian.org:
> user debian...@lists.debian.org
Setting user to debian...@lists.debian.org (was a...@debian.org).
> found 1035713 google-android-ndk-r23b-installer/23.1.7779620+1675172737
Bug #1035713 [google-android-ndk-r23b-installer]
Processing commands for cont...@bugs.debian.org:
> tags 1031874 + pending
Bug #1031874 [src:upx-ucl] upx-ucl: CVE-2023-23457
Ignoring request to alter tags of bug #1031874 to the same tags previously set
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
1031874:
Processing commands for cont...@bugs.debian.org:
> tags 1033258 + pending
Bug #1033258 [src:upx-ucl] upx-ucl: CVE-2023-23456
Added tag(s) pending.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
1033258: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033258
Package: node-source-map
Version: 0.7.0++dfsg2+really.0.6.1-13
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Hi,
a test with piuparts revealed that your package misses the copyright
file after an upgrade, which is a violation of Policy 12.5:
Your message dated Tue, 09 May 2023 12:18:51 +
with message-id
and subject line Bug#1035780: fixed in jed 1:0.99.20~pre.178+dfsg-3
has caused the Debian Bug report #1035780,
regarding jed-common: Fails to upgrade: unable to install new version of
'/usr/share/jed/doc/txt/abbrev.txt': No such
Package: libricohcamerasdk
Version: 1.1.0-3
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Hi,
during a test with piuparts I noticed your package does not ship the
SONAME link for its library (Policy 8.1).
That link got created later by ldconfig.
The SONAME of this
Package: nuitka
Version: 1.3.5+ds-1
Severity: grave
Tags: upstream
Justification: renders package unusable
X-Debbugs-Cc: tipos...@tiscali.it
Dear Maintainer,
this is what happens when I tried to run nuitka on localslackirc
nuitka3 --standalone localslackirc
Nuitka-Options:INFO: Used command
The later versions of Nuitka with less problems didn't make it to unstable
yet, they would only give an error. However, I
expect to make an upload in the next 2 weeks that will then close this bug.
Yours,
Kay
Processing commands for cont...@bugs.debian.org:
> user debian...@lists.debian.org
Setting user to debian...@lists.debian.org (was a...@debian.org).
> usertags 1012464 piuparts
Usertags were: piuparts edos-uninstallable.
Usertags are now: piuparts edos-uninstallable.
> affects 1012464 +
Package: retroarch-assets
Version: 1.7.6+git20221024+dfsg-2
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Hi,
during a test with piuparts I noticed your package ships (or creates)
a broken symlink.
0m19.4s ERROR: FAIL: Broken symlinks:
Package: emacs-common
Version: 1:28.2+1-14
Severity: serious
There are some elpa packages from bullseye that won't be in bookworm and
that are incompatible with emacs 28, i.e. upgrading emacs will fail if
these packages are still installed.
Therefore emacs-common needs to add Breaks against them
Package: qt6-charts-dev
Version: 6.4.2-2
Severity: serious
Dear Maintainer,
When trying to build pyside6 I see :
,
| CMake Error at
/usr/lib/x86_64-linux-gnu/cmake/Qt6Qml/QmlPlugins/Qt6qtchartsqml2Targets.cmake:96
(message):
| The imported target "Qt6::qtchartsqml2" references the file
Package: qt6-datavisualization-dev
Version: 6.4.2-2
Severity: serious
Dear Maintainer,
When trying toi build pyside6 I see :
,
| CMake Error at
/usr/lib/x86_64-linux-gnu/cmake/Qt6Qml/QmlPlugins/Qt6DataVisualizationQmlpluginTargets.cmake:96
(message):
| The imported target
Package: cpl-plugin-xshoo-calib
Version: 3.5.3+dfsg-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Hi,
during a test with piuparts I noticed your package failed to install. As
per definition of the release team this makes the package too buggy for
a release, thus the
On 5/8/23 21:22, Paul Gevers wrote:
Hi Tobias,
On Sat, 6 May 2023 10:24:41 + Tobias Hansen wrote:
Note that we could also just remove python3-sage and the autopkgtest.
I assume you mean python3-brial here.
Yes indeed.
Nothing in Debian depends on it
Not true (and it's too
Your message dated Tue, 09 May 2023 14:33:51 +
with message-id
and subject line Bug#1034443: fixed in brial 1.2.11-2.1
has caused the Debian Bug report #1034443,
regarding python3-brial: uninstallable on arcitectures where sagemath is
unavailable, breaks building of singular
to be marked as
Package: 9base
Version: 1:6-13
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Hi,
during a test with piuparts I noticed your package leaves modifications
in /etc/shells after upgrading from bullseye to bookworm and purging the
package.
9base/bullseye called
Your message dated Tue, 09 May 2023 14:56:51 +
with message-id
and subject line Bug#1035752: Removed package(s) from unstable
has caused the Debian Bug report #978237,
regarding xfce4-equake-plugin: FTBFS: build-dependency not installable:
xfce4-panel (= 4.14.4-1)
to be marked as done.
This
Processing control commands:
> forcemerge 1033167 -1
Bug #1033167 [usrmerge] usrmerge: messes with /etc/shells
Unable to merge bugs because:
package of #1035820 is '9base' not 'usrmerge'
Failed to forcibly merge 1033167: Did not alter merged bugs.
> affects 1033167 + 9base
Failed to mark 1033167
Your message dated Tue, 09 May 2023 14:59:09 +
with message-id
and subject line Bug#1035774: Removed package(s) from unstable
has caused the Debian Bug report #965490,
regarding dbmix: Removal of obsolete debhelper compat 5 and 6 in bookworm
to be marked as done.
This means that you claim
On 09/05/2023 16.55, Helmut Grohne wrote:
9base/bookworm no longer does, because it now uses dpkg-triggers to
Good to know that there is a better way nowadays ...
>From the attached log (scroll to the bottom...):
0m45.2s ERROR: FAIL: After purging files have been modified:
/etc/shells
Processing control commands:
> tag -1 + unreproducible moreinfo
Bug #1034836 [cryptsetup-initramfs] initramfs-tools: After bullseye -> bookworm
upgrade boot stuck in the initramfs shell
Added tag(s) moreinfo and unreproducible.
--
1034836:
Control: tag -1 + unreproducible moreinfo
On Tue, 09 May 2023 at 17:10:03 +0200, Pásztor János wrote:
> The machine and the disks are having two snapshots named 'good' and 'bad' so
> it is easy to jump between the states.
> I am willing to share with you the VM(disks + virsh dump) via a
Control: forcemerge 1033167 -1
Control: affects 1033167 + 9base
Hi Andreas,
On Tue, May 09, 2023 at 04:39:21PM +0200, Andreas Beckmann wrote:
> during a test with piuparts I noticed your package leaves modifications
> in /etc/shells after upgrading from bullseye to bookworm and purging the
>
Your message dated Tue, 09 May 2023 14:58:04 +
with message-id
and subject line Bug#1035755: Removed package(s) from unstable
has caused the Debian Bug report #965536,
regarding gbase: Removal of obsolete debhelper compat 5 and 6 in bookworm
to be marked as done.
This means that you claim
Your message dated Tue, 09 May 2023 14:58:04 +
with message-id
and subject line Bug#1035755: Removed package(s) from unstable
has caused the Debian Bug report #998989,
regarding gbase: missing required debian/rules targets build-arch and/or
build-indep
to be marked as done.
This means that
Your message dated Tue, 09 May 2023 14:59:09 +
with message-id
and subject line Bug#1035774: Removed package(s) from unstable
has caused the Debian Bug report #998988,
regarding dbmix: missing required debian/rules targets build-arch and/or
build-indep
to be marked as done.
This means that
Control: tag -1 - unreproducible - moreinfo
Dear Dennis,
On 2023-05-05 18:10, Dennis Filder wrote:
X-Debbugs-CC: Pásztor János
On Wed, May 03, 2023 at 11:20:07PM +0200, Pásztor János wrote:
I have checked #902943 and the fine print from
Processing control commands:
> tag -1 - unreproducible - moreinfo
Bug #1034836 [cryptsetup-initramfs] initramfs-tools: After bullseye -> bookworm
upgrade boot stuck in the initramfs shell
Removed tag(s) unreproducible.
Bug #1034836 [cryptsetup-initramfs] initramfs-tools: After bullseye ->
On Thu, 19 Jan 2023 15:17:26 +0100 mat...@linuxmint.pl wrote:
openbox-menu should not be shipped in bookworm.
Will you also file a RM bug or are you going to update the package for later
releases?
Processing commands for cont...@bugs.debian.org:
> tags 1035793 + pending
Bug #1035793 [retroarch-assets] retroarch-assets: missing Depends:
fonts-droid-fallback
Added tag(s) pending.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
1035793:
Control: tag -1 - moreinfo
On Tue, 09 May 2023 at 18:39:33 +0200, Pásztor János wrote:
> I have attached the machine definition and already sent the vm images for
> you (via filesender.hu).
Many thanks! Will have something to put teeth into once the images have
been downloaded :-)
--
Guilhem.
Processing control commands:
> tag -1 - moreinfo
Bug #1034836 [cryptsetup-initramfs] initramfs-tools: After bullseye -> bookworm
upgrade boot stuck in the initramfs shell
Removed tag(s) moreinfo.
--
1034836: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034836
Debian Bug Tracking System
On Sun, 11 Sep 2022 20:06:18 -0400 Jeremy Bicha
wrote:
ogmrip is basically the last package keeping gconf in Debian. There
has been plenty of notice and ogmrip was already removed from Testing
months ago.
Unfortunately, alarm-clock-applet reentered Debian, which also depends on gconf.
In
Your message dated Tue, 09 May 2023 17:19:52 +
with message-id
and subject line Bug#1023267: fixed in sc-im 0.8.3+ds-2
has caused the Debian Bug report #1023267,
regarding sc-im: scopen fails with gvim not found (if it is not installed)
to be marked as done.
This means that you claim that
Your message dated Tue, 09 May 2023 17:19:52 +
with message-id
and subject line Bug#1029559: fixed in sc-im 0.8.3+ds-2
has caused the Debian Bug report #1029559,
regarding sc-im FTBFS: link error
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is
Your message dated Tue, 09 May 2023 17:19:52 +
with message-id
and subject line Bug#1029570: fixed in sc-im 0.8.3+ds-2
has caused the Debian Bug report #1029570,
regarding sc-im: debian/copyright file seems to be inaccurate
to be marked as done.
This means that you claim that the problem has
Your message dated Tue, 09 May 2023 17:19:43 +
with message-id
and subject line Bug#1035445: fixed in openvlbi 1.23.5-2
has caused the Debian Bug report #1035445,
regarding libopenvlbi-dev: missing Depends: libopenvlbi1 (= ${binary:Version})
to be marked as done.
This means that you claim
Your message dated Tue, 09 May 2023 16:03:31 +
with message-id
and subject line Bug#1035793: fixed in retroarch-assets 1.7.6+git20221024+dfsg-3
has caused the Debian Bug report #1035793,
regarding retroarch-assets: missing Depends: fonts-droid-fallback
to be marked as done.
This means that
Processing control commands:
> tag -1 pending
Bug #1035713 [google-android-ndk-r23b-installer]
google-android-ndk-r23b-installer: broken symlinks:
/usr/lib/android-sdk/ndk/23.1.7779620/toolchains/llvm/prebuilt/linux-x86_64/*/bin/as
-> /buildbot/src/android/...
Added tag(s) pending.
--
Control: tag -1 pending
Hello,
Bug #1035713 in google-android-installers reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
On Fri, 5 May 2023 13:38:52 +0200 Michael Biebl wrote:
Am 05.05.23 um 11:14 schrieb Luca Boccassi:
> On Fri, 05 May 2023 11:04:29 +0200 Andreas Beckmann
>> This is a new systemd unit in package e2fsprogs.
It's not, both bullseye and bookworm ship this file in e2fsprogs. The
difference is
Dear Guilhem,
On 2023-05-09 17:34, Guilhem Moulin wrote:
Control: tag -1 + unreproducible moreinfo
On Tue, 09 May 2023 at 17:10:03 +0200, Pásztor János wrote:
The machine and the disks are having two snapshots named 'good' and 'bad' so
it is easy to jump between the states.
I am willing to
77 matches
Mail list logo