Bug#805073: Current version is not compatible with node 4. Please update from upstream.

2015-11-14 Thread Stefano Rivoir 
Package: node-sqlite3
Version: 2.2.0+ds1-1+b1
Severity: grave



-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.1.3 (SMP w/1 CPU core)
Locale: LANG=C, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages node-sqlite3 depends on:
ii  libc6 2.19-22
ii  libgcc1   1:5.2.1-23
ii  libsqlite3-0  3.9.2-1
ii  libstdc++65.2.1-23
ii  nodejs4.2.2~dfsg-1+b1

node-sqlite3 recommends no packages.

node-sqlite3 suggests no packages.

-- no debconf information

Processed: reassign 804993 to libjs-pie-doc, fixed 804993 in 1.0.0+dfsg-2, affects 804993 ..., tagging 805060 ...

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> reassign 804993 libjs-pie-doc 1.0.0+dfsg-1
Bug #804993 {Done: Michael Fladischer } 
[libjs-pie-doc,python-django-classy-tags-doc] python-django-classy-tags-doc and 
libjs-pie-doc: error when trying to install together
Bug reassigned from package 'libjs-pie-doc,python-django-classy-tags-doc' to 
'libjs-pie-doc'.
Ignoring request to alter found versions of bug #804993 to the same values 
previously set
No longer marked as fixed in versions css3pie/1.0.0+dfsg-2.
Bug #804993 {Done: Michael Fladischer } [libjs-pie-doc] 
python-django-classy-tags-doc and libjs-pie-doc: error when trying to install 
together
Marked as found in versions css3pie/1.0.0+dfsg-1.
> fixed 804993 1.0.0+dfsg-2
Bug #804993 {Done: Michael Fladischer } [libjs-pie-doc] 
python-django-classy-tags-doc and libjs-pie-doc: error when trying to install 
together
Marked as fixed in versions css3pie/1.0.0+dfsg-2.
> affects 804993 + python-django-classy-tags-doc
Bug #804993 {Done: Michael Fladischer } [libjs-pie-doc] 
python-django-classy-tags-doc and libjs-pie-doc: error when trying to install 
together
Added indication that 804993 affects python-django-classy-tags-doc
> notfixed 804943 0.28.1-1
Bug #804943 {Done: Gianfranco Costamagna } 
[src:borgbackup] borgbackup: FTBFS: unable to load addon sphinxdoc
No longer marked as fixed in versions borgbackup/0.28.1-1.
> tags 805060 + sid stretch
Bug #805060 [src:postfix] Postfix ftbfs with Linux kernel version 4+
Added tag(s) stretch and sid.
> reassign 805002 libvirt-clients 1.2.21-1
Bug #805002 [libvirt-client] libvirt-client: "virsh attach-disk" fails with 
AppArmor enabled 
Warning: Unknown package 'libvirt-client'
Bug reassigned from package 'libvirt-client' to 'libvirt-clients'.
No longer marked as found in versions 1.2.21-1.
Ignoring request to alter fixed versions of bug #805002 to the same values 
previously set
Bug #805002 [libvirt-clients] libvirt-client: "virsh attach-disk" fails with 
AppArmor enabled 
Marked as found in versions libvirt/1.2.21-1.
> reassign 785132 src:xen 4.5.0-1
Bug #785132 [xen-hypervisor-4.5-amd64] No screen refresh on Windows 8.1 with 
xen-hypervisor-4.5-amd64
Warning: Unknown package 'xen-hypervisor-4.5-amd64'
Bug reassigned from package 'xen-hypervisor-4.5-amd64' to 'src:xen'.
No longer marked as found in versions xen/4.5.0-1.
Ignoring request to alter fixed versions of bug #785132 to the same values 
previously set
Bug #785132 [src:xen] No screen refresh on Windows 8.1 with 
xen-hypervisor-4.5-amd64
Marked as found in versions xen/4.5.0-1.
> reassign 795330 src:xen
Bug #795330 [xen-hypervisor-4.5-amd64] Suggests noapic but doesn't support it
Warning: Unknown package 'xen-hypervisor-4.5-amd64'
Bug reassigned from package 'xen-hypervisor-4.5-amd64' to 'src:xen'.
Ignoring request to alter found versions of bug #795330 to the same values 
previously set
Ignoring request to alter fixed versions of bug #795330 to the same values 
previously set
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
785132: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785132
795330: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795330
804943: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804943
804993: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804993
805002: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805002
805060: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805060
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#801059: marked as done (libxmu's debian/rules is not safe to execute in parallel)

2015-11-14 Thread Debian Bug Tracking System 
Your message dated Sat, 14 Nov 2015 09:35:56 +
with message-id 
and subject line Bug#801059: fixed in libxmu 2:1.1.2-2
has caused the Debian Bug report #801059,
regarding libxmu's debian/rules is not safe to execute in parallel
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
801059: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=801059
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

Package: src:libxmu
Version: 2:1.1.2-1
Severity: serious
Tags: sid stretch patch

seen in an Ubuntu test rebuild, however this may happen as well in a Debian 
build.

https://launchpadlibrarian.net/219669711/buildlog_ubuntu-wily-amd64.libxmu_2%3A1.1.2-1_BUILDING.txt.gz

the problem is that -j is added to MAKEFLAGS, and the binary-arch and 
binary-indep targets are executed in parallel.  The Ubuntu build now fails


dh_builddeb -s
[...]
dh_builddeb
dpkg-deb: building package 'libxmu6' in '../libxmu6_1.1.2-1_amd64.deb'.
tar: ./usr/lib/x86_64-linux-gnu/libXmu.so.6.2.0: file changed as we read it
dpkg-deb: error: subprocess tar -cf returned error exit status 1
[...]
debian/rules:101: recipe for target 'binary-indep' failed
make: *** [binary-indep] Error 1
make: *** Waiting for unfinished jobs

Every debhelper command for the architecture dependent packages are executed 
twice.

patch at
http://launchpadlibrarian.net/220316375/libxmu_2%3A1.1.2-1_2%3A1.1.2-1ubuntu1.diff.gz

(together with using dpkg-buildflags, maybe dh_autoreconf could be used as 
well).
--- End Message ---
--- Begin Message ---
Source: libxmu
Source-Version: 2:1.1.2-2

We believe that the bug you reported is fixed in the latest version of
libxmu, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 801...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Julien Cristau  (supplier of updated libxmu package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 14 Nov 2015 10:04:44 +0100
Source: libxmu
Binary: libxmu6 libxmu6-dbg libxmu-dev libxmuu1 libxmuu1-dbg libxmuu-dev 
libxmu-headers
Architecture: source
Version: 2:1.1.2-2
Distribution: unstable
Urgency: medium
Maintainer: Debian X Strike Force 
Changed-By: Julien Cristau 
Description:
 libxmu-dev - X11 miscellaneous utility library (development headers)
 libxmu-headers - X11 miscellaneous utility library headers
 libxmu6- X11 miscellaneous utility library
 libxmu6-dbg - X11 miscellaneous utility library (debug package)
 libxmuu-dev - X11 miscellaneous micro-utility library (development headers)
 libxmuu1   - X11 miscellaneous micro-utility library
 libxmuu1-dbg - X11 miscellaneous micro-utility library (debug package)
Closes: 801059
Changes:
 libxmu (2:1.1.2-2) unstable; urgency=medium
 .
   [ Andreas Boll ]
   * Switch to dh with the autoreconf and quilt addons, fixing possible FTBFS
 when building in parallel (closes: #801059).  Thanks, Matthias Klose!
 .
   [ Julien Cristau ]
   * Remove Cyril from Uploaders.
   * Bump Standards-Version to 3.9.6, update Vcs-* control fields.
Checksums-Sha1:
 e20f3479fdad17a3944961b71f01046770e00d26 2291 libxmu_1.1.2-2.dsc
 6422f6abe524be19986150fecc4985bbd38e0024 6054 libxmu_1.1.2-2.diff.gz
Checksums-Sha256:
 5ea3fe9dbed9d0df596d964b94aa1d45d56a0475a8b66b3f69d60ab29504 2291 
libxmu_1.1.2-2.dsc
 c01cbd09a15e71c0418d2689a0fd0b946bf4e40d1dbe9f594beb00a4818f0740 6054 
libxmu_1.1.2-2.diff.gz
Files:
 51abfe2cfaa93ed6f27ae180e4b741c8 2291 x11 optional libxmu_1.1.2-2.dsc
 05f8deb24e3e597fdad1e12e24922fc7 6054 x11 optional libxmu_1.1.2-2.diff.gz

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBCAAGBQJWRvrbAAoJEDEBgAUJBeQMpWsQALd/Nst3b8xl4YCpGu7kL3Mz
ovo+QHDgJ388Zo9XoeVH+DfXFNaBfYT0lrI247+i+FJMrAUejKkH62zaGpUIABEA
LfLzyIaQVB/Ye6FJKX/ZvHbN7RHKjOO46ggm+W6dsYmpMuaG8GtXKWsWVmM3tMKb
cE0LRik4UYI3HD5ms4OT0oQhA/eBe3gu/Tgky3Un0qMh1RgymhZG2mtNpgoi9gxI
Z+OBnM7pKAeNJzflM6A/BTqLXx+tQBMLn5h+/x48iChh6xRf5kl6C6cYFS7Stesj
dV/Fh5W/cHxiEin89+0DgivHkHdbNRAMaOlagQPWFTvMZLwz/a9WhJrOpGJkAjIV
exrusK2rtaPZnBx3VlFazbJGy43kKDnnA9mYL43Qkugp2RVROUapLfvwy4G+Whz6

Bug#804240: marked as done (libsane: scanning does not work with HPLIP backend)

2015-11-14 Thread Debian Bug Tracking System 
Your message dated Sat, 14 Nov 2015 10:19:58 +
with message-id 
and subject line Bug#804240: fixed in sane-backends 1.0.25-2
has caused the Debian Bug report #804240,
regarding libsane: scanning does not work with HPLIP backend
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
804240: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804240
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libsane
Version: 1.0.25-1
Severity: serious
Control: fixed -1 1.0.25+git20150927-1

With libsane 1.0.25-1 available in sid, I can't scan with my HP printer.

I use this to start the scanning process:
simple-scan hpaio:/net/HP_Color_LaserJet_2840?ip=192.168.1.10

With libsane 1.0.24-14 in testing, it works.
With libsane 1.0.25+git20150927-1 in experimental, it works.

So I'm filing this serious bug to avoid this regression in testing
and to keep a working package around for unstable users that can quickly
downgrade to the testing version.

-- System Information:
Debian Release: stretch/sid
  APT prefers squeeze-lts
  APT policy: (500, 'squeeze-lts'), (500, 'oldoldstable'), (500, 'unstable'), 
(500, 'testing'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.2.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libsane depends on:
ii  acl2.2.52-2
ii  adduser3.113+nmu3
ii  libavahi-client3   0.6.32~rc+dfsg-1
ii  libavahi-common3   0.6.32~rc+dfsg-1
ii  libc6  2.19-22
ii  libexif12  0.6.21-2
ii  libgphoto2-6   2.5.8-3
ii  libgphoto2-port12  2.5.8-3
ii  libieee1284-3  0.2.11-12
ii  libjpeg62-turbo1:1.4.1-2
ii  libsane-common 1.0.25+git20150927-1
ii  libtiff5   4.0.5-1
ii  libusb-1.0-0   2:1.0.20-1
ii  udev   227-2

Versions of packages libsane recommends:
ii  libsane-extras  1.0.22.3
ii  sane-utils  1.0.25+git20150927-1

Versions of packages libsane suggests:
ii  avahi-daemon  0.6.32~rc+dfsg-1
ii  hplip 3.14.6-1+b3

-- no debconf information
--- End Message ---
--- Begin Message ---
Source: sane-backends
Source-Version: 1.0.25-2

We believe that the bug you reported is fixed in the latest version of
sane-backends, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 804...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jörg Frings-Fürst  (supplier of updated 
sane-backends package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 07 Nov 2015 08:50:49 +0100
Source: sane-backends
Binary: sane-utils libsane-common libsane libsane-dev libsane-bin libsane-dbg
Architecture: source amd64 all
Version: 1.0.25-2
Distribution: unstable
Urgency: medium
Maintainer: Jörg Frings-Fürst 
Changed-By: Jörg Frings-Fürst 
Description:
 libsane- API library for scanners
 libsane-bin - API development library for scanners [sane-config binary]
 libsane-common - API library for scanners -- documentation and support files
 libsane-dbg - API development library for scanners [debug symbols]
 libsane-dev - API development library for scanners [development files]
 sane-utils - API library for scanners -- utilities
Closes: 804240
Changes:
 sane-backends (1.0.25-2) unstable; urgency=medium
 .
   * Undelete, refresh and rename debian/patches/
 0125-multiarch_dll_search_path.patch (Closes: #804240).
   * debian/rules:
 - Remove "UPSTREAM_VERSION" and use "VERSION" instead.
Checksums-Sha1:
 9ddd69b879e5d1aba32c1069d944cfdce54cedb0 2524 sane-backends_1.0.25-2.dsc
 0268b1ba60287a0482c8d2006338c791d1031bd4 100588 
sane-backends_1.0.25-2.debian.tar.xz
 5583d19da521a39fe72a003c4964ee242e34bd79 48848 libsane-bin_1.0.25-2_amd64.deb
 ab9e54da2d4a63104739d016f8056ab13fd028fc 1012254 
libsane-common_1.0.25-2_all.deb
 1d8f2a56f7680d0ba2a460ccdb3f817a2a614d10 6866620 libsane-dbg_1.0.25-2_amd64.deb

Bug#788708: Bug#799632: iceweasel: SIGSEGV when playing videos via gstreamer

2015-11-14 Thread Agustin Martin 
2015-11-12 16:13 GMT+01:00 Sebastian Dröge :
> On Do, 2015-11-12 at 15:35 +0100, Soeren D. Schulze wrote:
>> Am 12.11.2015 um 15:02 schrieb Sebastian Dröge:
>> > On Do, 2015-11-12 at 14:41 +0100, Soeren D. Schulze wrote:
>> > > Hello,
>> > >
>> > > the problem does not seem to occur any more with
>> > > gstreamer1.0-plugins-bad 1.6.1-1+b1 and iceweasel 38.4.0esr-1.
>> > >
>> > > Do you have any specific packages for me to test?
>> >
>> > Just a normal jessie installation without installing things from
>> > other
>> > sources, including sid :) It is definitely fixed since gst-plugins-
>> > bad
>> > 1.5.X, it's just not clear if the actual bug also exists in jessie
>> > or
>> > not (and if it doesn't, the fix will also have no effect for people
>> > who
>> > mix their packages with ones from other sources).
>>
>> I believe so.  I have had symptomatically similar crashes on two
>> different jessie systems, but I had not installed debugging symbols,
>> and it's hard to reproduce those crashes at command.
>
> It should crash always more or less immediately when you visit a
> website with AAC audio. Vimeo for example :)

I  am again in the problematic box and tried today with
http://www.vimeo.com. No failure, so I am a bit confused. Last weekend
I had a systematic failure when browsing facebook, but today it seems
to work well.

As a side note, this box has an onboard nvidia GeForce 6150SE graphics
engine, known to have serious problems with jessie's kernel, including
system freezes (see e.g. #758460), with some apparent connection with
iceweasel. As a matter of fact I am running sid kernel here to
mitigate that.

This means that there is a good alternative candidate for my iceweasel
failures. I still wonder why after installing plugins-bad with that
change the iceweasel+facebook crash disappeared, but since after
reverting gstreamer-plugins-bad packages to those shipped with jessie
the problem was still gone, I do not think gstreamer-plugins-bad
packages can be clearly blamed for my iceweasel crashes.

I will keep an eye on this and try to get a backtrace if crashes
reappear, but for now I think this
#788708 bug report can be allowed to be archived once the two
iceweasel asociated bug reports (#797385  and #799632) are reassigned
and closed/forcemerged properly.

Thanks a lot for your feedback,

-- 
Agustin

Bug#804603: courier: FTBFS: undefined reference to `SSLv3_method'

2015-11-14 Thread peter green 

Tags 804603 +patch
thanks

The package fails to build, as openssl have dropped sslv3 support:

./.libs/libcouriertls.a(libcouriertls.o): In function `tls_create':
/courier-0.73.1/libs/tcpd/libcouriertls.c:530: undefined reference to 
`SSLv3_method'
collect2: error: ld returned 1 exit status
Makefile:524: recipe for target 'couriertls' failed
I just fixed this in raspbian, debdiff at 
http://debdiffs.raspbian.org/main/c/courier/courier_0.73.1-1.6%2brpi1.debdiff  
. No intent to NMU in Debian

Bug#804604: fetchmail: FTBFS: undefined reference to `SSLv3_client_method'

2015-11-14 Thread peter green 

Tags 804604 +patch
thanks


socket.o: In function `SSLOpen':
/fetchmail-6.3.26/socket.c:917: undefined reference to `SSLv3_client_method'
collect2: error: ld returned 1 exit status
Makefile:699: recipe for target 'fetchmail' failed
make[3]: *** [fetchmail] Error 1


I just fixed this in raspbian, debdiff at 
http://debdiffs.raspbian.org/main/f/fetchmail/fetchmail_6.3.26-1%2brpi1.debdiff 
. No intent to NMU in Debian

Bug#800496: evolution-ews: Unable to store Host URI / OAB URI

2015-11-14 Thread Michael Biebl 
On Wed, 30 Sep 2015 09:13:36 +0200 Yusuf Iskenderoglu
 wrote:
> Package: evolution-ews
> Version: 3.16.3-1
> Severity: grave
> Justification: renders package unusable
> 
> Dear Maintainer,
> 
> Currently, evolution cannot access EWS anymore and prevents me from using
> company mail.
> 

Hi, could you please try the latest version 3.18.0 from unstable and
report back with your findings.

Thanks,
Michael

-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#804605: heirloom-mailx: FTBFS: undefined reference to `SSLv3_client_method'

2015-11-14 Thread peter green 

Tags 804605 +patch
thanks


openssl.o: In function `ssl_select_method':
/heirloom-mailx-12.5/openssl.c:220: undefined reference to `SSLv3_client_method'
collect2: error: ld returned 1 exit status
Makefile:92: recipe for target 'mailx' faile



I just fixed this in raspbian, debdiff at 
http://debdiffs.raspbian.org/main/h/heirloom-mailx/heirloom-mailx_12.5-5%2brpi1.debdiff. 
No intent to NMU in Debian

Bug#804326: ace: FTBFS: SSLv3 methods removed

2015-11-14 Thread peter green 


I think we can make it Debian specific until it gets integrated
upstream.
   
I took the diff submitted as a pull request upstream, applied it to the 
source package from debian (which required some path tweaks and 
defuzzing) and uploaded it to raspbian. Debdiff at 
http://debdiffs.raspbian.org/main/a/ace/ace_6.3.2%2bdfsg-1%2brpi1.debdiff . 
No intent to NMU in Debian.

Bug#804604: [pkg-fetchmail-maint] Bug#804604: fetchmail: FTBFS: undefined reference to `SSLv3_client_method'

2015-11-14 Thread GCS 
Hi Peter,

On Sun, Nov 15, 2015 at 6:00 AM, peter green  wrote:
>> socket.o: In function `SSLOpen':
>> /fetchmail-6.3.26/socket.c:917: undefined reference to
>> `SSLv3_client_method'
>> collect2: error: ld returned 1 exit status
>> Makefile:699: recipe for target 'fetchmail' failed
>> make[3]: *** [fetchmail] Error 1
>
>
> I just fixed this in raspbian, debdiff at
> http://debdiffs.raspbian.org/main/f/fetchmail/fetchmail_6.3.26-1%2brpi1.debdiff
 Thanks, but it seems a quick and dirty solution; it doesn't offer any
alternative to SSLv3. If you can, please test my proposed package[1]
(offers TLSv1.2 support) and report back.

Kind regards,
Laszlo/GCS
[1] dget -x http://www.barcikacomp.hu/gcs/fetchmail_6.3.26-2.dsc

Processed: block 797926 with 804607

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> block 797926 with 804607
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 804324 804089 803975 803886 804336 804452 803972 803889 
804457 804334 803881 804326 804327 804455 803974
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 804607
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#799186: konqueror: now comes with built-in keylogger

2015-11-14 Thread Luigi Toscano 
retitle 799186 kdelibs/ktextedit: keypresses are logged
reassign 799186 libkdeui5 kde4libs/4:4.14.10-3
thanks

On Wed, 16 Sep 2015 23:04:24 +0200 M4:4.14.13-1artin Steigerwald
 wrote:
> Am Mittwoch, 16. September 2015, 22:55:23 CEST schrieb Dominik George:
> > > I think this is an upstream bug – of course I´d go for fixing it in 
> > > Debian
> > > without waiting for upstream fix.
> > > 
> > > Thorsten, will you report upstream as well?
> > 
> > I could do, because I am active in the KDE bugtracker.
> 
> Sure, go ahead. It might be wise to search for the kdelibs4.11 fix first 
> though, see my last mail to the bug report.
> 

I didn't find an upstream bug, but this issue was fixed in kdelibs commit
150d983674e9d61e2809316e062e5d91c7855609, see:

https://quickgit.kde.org/?p=kdelibs.git=commit=150d983674e9d61e2809316e062e5d91c7855609

This commit is part of any kdelibs >= 4.14.11. Right now 4.14.13 is available
in sid and testing.

I also tried the steps described above (go to a website with a text area, like
pastebin.com, using the KHTML part) and indeed no keys are logged anymore.

Therefore I'm going to close this bug.

Ciao
-- 
Luigi

Processed: Re: Bug#799186: konqueror: now comes with built-in keylogger

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> retitle 799186 kdelibs/ktextedit: keypresses are logged
Bug #799186 [konqueror] konqueror: now comes with built-in keylogger
Changed Bug title to 'kdelibs/ktextedit: keypresses are logged' from 
'konqueror: now comes with built-in keylogger'
> reassign 799186 libkdeui5 kde4libs/4:4.14.10-3
Bug #799186 [konqueror] kdelibs/ktextedit: keypresses are logged
Bug reassigned from package 'konqueror' to 'libkdeui5'.
No longer marked as found in versions kde-baseapps/4:15.04.3-1.
Ignoring request to alter fixed versions of bug #799186 to the same values 
previously set
Bug #799186 [libkdeui5] kdelibs/ktextedit: keypresses are logged
Marked as found in versions kde4libs/4:4.14.10-3.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
799186: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=799186
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#788708: Bug#799632: iceweasel: SIGSEGV when playing videos via gstreamer

2015-11-14 Thread Agustin Martin 
2015-11-14 12:22 GMT+01:00 Agustin Martin :
> 2015-11-12 16:13 GMT+01:00 Sebastian Dröge :
>> On Do, 2015-11-12 at 15:35 +0100, Soeren D. Schulze wrote:
>>> Am 12.11.2015 um 15:02 schrieb Sebastian Dröge:
>>> > On Do, 2015-11-12 at 14:41 +0100, Soeren D. Schulze wrote:
>>> > > Hello,
>>> > >
>>> > > the problem does not seem to occur any more with
>>> > > gstreamer1.0-plugins-bad 1.6.1-1+b1 and iceweasel 38.4.0esr-1.
>>> > >
>>> > > Do you have any specific packages for me to test?
>>> >
>>> > Just a normal jessie installation without installing things from
>>> > other
>>> > sources, including sid :) It is definitely fixed since gst-plugins-
>>> > bad
>>> > 1.5.X, it's just not clear if the actual bug also exists in jessie
>>> > or
>>> > not (and if it doesn't, the fix will also have no effect for people
>>> > who
>>> > mix their packages with ones from other sources).
>>>
>>> I believe so.  I have had symptomatically similar crashes on two
>>> different jessie systems, but I had not installed debugging symbols,
>>> and it's hard to reproduce those crashes at command.
>>
>> It should crash always more or less immediately when you visit a
>> website with AAC audio. Vimeo for example :)
[...]
> As a side note, this box has an onboard nvidia GeForce 6150SE graphics
> engine, known to have serious problems with jessie's kernel, including
> system freezes (see e.g. #758460), with some apparent connection with
> iceweasel. As a matter of fact I am running sid kernel here to
> mitigate that.
[...]
> I will keep an eye on this and try to get a backtrace if crashes
> reappear,

I finally reproduced the iceweasel jessie crash and could get a
backtrace (attached). I do not have any experience at looking at
backtraces but it seems like an iceweasel threads issue. Tried again
with patched gstreamer-plugins-bad packages to see if problem is gone,
even if as an obscure side effect, but this time I got the crash even
with the patched packages.

Please find backtraces attached, both in iceweasel's normal and safe modes.

--
Agustin
$ gdb --args iceweasel
GNU gdb (Debian 7.7.1+dfsg-5) 7.7.1
Copyright (C) 2014 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
.
Find the GDB manual and other documentation resources online at:
.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from iceweasel...Reading symbols from 
/usr/lib/debug//usr/lib/iceweasel/iceweasel...done.
done.
(gdb) set pagination off
(gdb) run
Starting program: /usr/bin/iceweasel 
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x7fffe900a700 (LWP 10491)]
[Thread 0x7fffe900a700 (LWP 10491) exited]

(process:10487): GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size 
== 0' failed
[New Thread 0x7fffe900a700 (LWP 10493)]
[New Thread 0x7fffe0eff700 (LWP 10494)]
[New Thread 0x7fffe06fe700 (LWP 10495)]
[New Thread 0x77f76700 (LWP 10496)]
[New Thread 0x77ef5700 (LWP 10497)]
[New Thread 0x76def700 (LWP 10498)]
[New Thread 0x7fffdfefd700 (LWP 10499)]
[New Thread 0x7fffdfaf3700 (LWP 10500)]
[New Thread 0x7fffde9ff700 (LWP 10501)]
[New Thread 0x7fffddeff700 (LWP 10502)]
[New Thread 0x7fffdd6fe700 (LWP 10503)]
[New Thread 0x7fffdc7ff700 (LWP 10504)]
[New Thread 0x7fffdbcff700 (LWP 10505)]
[New Thread 0x7fffdfe2a700 (LWP 10506)]
[New Thread 0x7fffda288700 (LWP 10507)]
[New Thread 0x7fffd9a87700 (LWP 10508)]
[New Thread 0x7fffd8eff700 (LWP 10509)]
[New Thread 0x7fffd86fe700 (LWP 10510)]
[New Thread 0x7fffd6e41700 (LWP 10511)]
[New Thread 0x7fffd60ff700 (LWP 10512)]
[New Thread 0x7fffd4fff700 (LWP 10513)]
[New Thread 0x7fffd47fe700 (LWP 10514)]
[New Thread 0x7fffd45fd700 (LWP 10515)]
[New Thread 0x7fffd3bff700 (LWP 10516)]
[New Thread 0x7fffd39fe700 (LWP 10517)]
[New Thread 0x7fffd2cff700 (LWP 10518)]
[Thread 0x7fffd86fe700 (LWP 10510) exited]
[New Thread 0x7fffd22ff700 (LWP 10519)]
[New Thread 0x7fffd86fe700 (LWP 10520)]
[New Thread 0x7fffd16ff700 (LWP 10521)]
[New Thread 0x7fffd04f2700 (LWP 10522)]
[New Thread 0x7fffcfcf1700 (LWP 10523)]
[New Thread 0x7fffcf4f0700 (LWP 10524)]
[New Thread 0x7fffce4f6700 (LWP 10525)]
[New Thread 0x7fffcdaff700 (LWP 10526)]
[New Thread 0x7fffcc9ff700 (LWP 10527)]
console.error: 
  [CustomizableUI]
  Custom widget with id loop-button does not return a valid node
[New Thread 0x7fffcb4ff700 (LWP 10528)]
console.error: 
  [CustomizableUI]
  Custom widget with id loop-button does not return a

Processed: re: anon-proxy: FTBFS on kfreebsd-*: missing -pthread/-lpthread?

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> Severity 754681 important
Bug #754681 [src:anon-proxy] anon-proxy: FTBFS on kfreebsd-*: missing 
-pthread/-lpthread?
Severity set to 'important' from 'serious'
> Thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
754681: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=754681
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: block 797926 with 804623

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> block 797926 with 804623
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 803889 804334 804457 804336 803975 803881 804089 803886 
804326 804455 803972 804327 804607 803974 804452 804324
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 804623
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#754681: anon-proxy: FTBFS on kfreebsd-*: missing -pthread/-lpthread?

2015-11-14 Thread peter green 

Severity 754681 important
Thanks

kfreebsd is no longer a release architecture.

Bug#804620: pavuk: SSLv3 method

2015-11-14 Thread Kurt Roeckx 
Hi,

The code looks like this:
#ifndef OPENSSL_NO_SSL2
  case 2:
method = SSLv2_client_method();
break;
#endif
  case 3:
method = SSLv3_client_method();
break;
#ifdef WITH_SSL_TLS1
  case 4:
method = TLSv1_client_method();
break;
#endif
  default:
method = SSLv23_client_method();
break;

You really should only be using the SSLv23_* method, it's the only
one that supports multiple versions.

If you want to have support for limiting the protocol versions you
should use SSL_(CTX_)set_options with something like
SSL_OP_NO_SSLv3.


Kurt

Processed: block 797926 with 804138

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> block 797926 with 804138
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 804457 804623 804620 803972 804326 803886 804089 803974 
804336 804455 803975 804452 803889 804327 804324 804334 804607 803881
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 804138
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#804607: lua-sec: SSLv3 method

2015-11-14 Thread Kurt Roeckx 
Looking at the code it has:
static LSEC_SSL_METHOD* str2method(const char *method)
{
  if (!strcmp(method, "sslv23"))  return SSLv23_method();
  if (!strcmp(method, "sslv3"))   return SSLv3_method();
  if (!strcmp(method, "tlsv1"))   return TLSv1_method();
#if (OPENSSL_VERSION_NUMBER >= 0x1000100fL)
  if (!strcmp(method, "tlsv1_1")) return TLSv1_1_method();
  if (!strcmp(method, "tlsv1_2")) return TLSv1_2_method();
#endif
  return NULL;
}

And almost all the samples seems to be doing:
./samples/info/client.lua:   protocol = "sslv3",
./samples/info/client.lua:   options = {"all", "no_sslv2"},

A few use tlsv1 which isn't much better.

This is all completly wrong.

The only method supporting multiple versions in SSLv23_*.  All the
other are version specific and the no_sslv2 / SSL_OP_NO_SSLv2
doesn't have any effect on them.

I suggest you always use SSLv23_method().  Maybe you should get
rid of the protocol thing, or just don't let it have any effect.


Kurt

Processed: polygraph: FTBFS: SSlv3 method

2015-11-14 Thread Debian Bug Tracking System 
Processing control commands:

> block 797926 by -1
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 803889 804138 803886 804620 804324 803972 804455 803975 
804336 804089 804327 804457 803974 803881 804623 804607 804334 804452 804326
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 805083

-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
805083: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805083
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed (with 1 error): Re: Should this package be removed?

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> reassign 802995 ftp.debian.org
Bug #802995 [alarm-clock] Should this package be removed?
Bug reassigned from package 'alarm-clock' to 'ftp.debian.org'.
Ignoring request to alter found versions of bug #802995 to the same values 
previously set
Ignoring request to alter fixed versions of bug #802995 to the same values 
previously set
> retitle 802995: RM: alarm-clock - unmaintained, dead upstream, depends on 
> gstreamer 0.10
Unknown command or malformed arguments to command.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
802995: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802995
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#805083: polygraph: FTBFS: SSlv3 method

2015-11-14 Thread Kurt Roeckx 
Source: polygraph
Version: 4.3.2-1.2
Severity: serious
Control: block 797926 by -1

Hi,

The SSLv3 method has been disabled in openssl and as a result your
package no longer build.

The code looks like this:
switch(protocol) {
case SSLv2:
#ifndef OPENSSL_NO_SSL2
theCtx = ::SSL_CTX_new(::SSLv2_method());
#endif
break;
case TLSv1:
theCtx = ::SSL_CTX_new(::TLSv1_method());
break;
case SSLv3:
theCtx = ::SSL_CTX_new(::SSLv3_method());
break;
case SSLv23:
theCtx = ::SSL_CTX_new(::SSLv23_method());
break;
default:
theCtx = ::SSL_CTX_new(::SSLv23_method());
Should(false);
}

I suggest you remove all of that and only use SSLv23_method().
All the other are version specific methods, only SSLv23_* speaks
multiple versions.

If you want to support selection of versions, I suggest you use
SSL_(CTX)_set_options with something like SSL_OP_NO_SSLv3.


Kurt

Bug#802995: Should this package be removed?

2015-11-14 Thread Moritz Mühlenhoff 
reassign 802995 ftp.debian.org
retitle 802995: RM: alarm-clock - unmaintained, dead upstream, depends on 
gstreamer 0.10
thanks

On Sun, Oct 25, 2015 at 09:37:55PM +0100, Moritz Muehlenhoff wrote:
> Package: alarm-clock
> Severity: serious
> 
> alarm-clock hasn't seen a maintainer upload since 2009, seems
> dead upstream and depends on legacy libs scheduled for removal
> from the archive (gstreamer 0.10).

No objections in three weeks, reassigning to ftp.debian.org

Cheers,
 Moritz

Bug#804611: socat: FTBFS: SSLv3 methods

2015-11-14 Thread Kurt Roeckx 
Hi,

You already had to apply a patch like that for SSLv2.  You could
just do the same for SSLv3.

But I recommend you get rid of all the methods other than
SSLv23_*.  Only the SSLv23_* methods support multiple versions.

If you want to limit the support of supported protocols I suggest
you use SSL_(CTX_)_set_options with something like
SSL_OP_NO_SSLv3.


Kurt

Bug#799186: marked as done (kdelibs/ktextedit: keypresses are logged)

2015-11-14 Thread Debian Bug Tracking System 
Your message dated Sat, 14 Nov 2015 16:27:38 +0100
with message-id <564752ea.4080...@tiscali.it>
and subject line Closing bug 799186, solved
has caused the Debian Bug report #799186,
regarding kdelibs/ktextedit: keypresses are logged
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
799186: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=799186
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: konqueror
Version: 4:15.04.3-1
Severity: grave
Tags: security
Justification: user security hole

I was just typing a geocaching log in a konqueror that popped up
when activating a link in a mail (to the cache listing) and noticed
small decimal digits scrolling by, one on a line, in the xterm that
was not fully hidden from view by the konqueror window. Sometimes,
the number was 32. I was on full alert.

Natureshadow managed to reproduce this on sid amd64, so it’s not an
x32 issue, although he had to switch back to KHTML from Webkit (via
menu V̲iew → V̲iew Mode → K̲HTML) to reproduce it.

Shortest reproducer, even if using a proprietary service:

$ konqueror pastebin.com

Then just start typing (after switching to KHTML if needed).

-- System Information:
Debian Release: stretch/sid
  APT prefers unreleased
  APT policy: (500, 'unreleased'), (500, 'buildd-unstable'), (500, 'unstable')
Architecture: x32 (x86_64)
Foreign Architectures: i386, amd64

Kernel: Linux 4.1.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=C, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/lksh
Init: sysvinit (via /sbin/init)

Versions of packages konqueror depends on:
ii  install-info6.0.0.dfsg.1-3
ii  kde-baseapps-bin4:15.04.3-1
ii  kde-baseapps-data   4:15.04.3-1
ii  kde-runtime 4:15.08.0-2
ii  libc6   2.19-20
ii  libkactivities6 4:4.13.3-1
ii  libkcmutils44:4.14.10-3
ii  libkde3support4 4:4.14.10-3
ii  libkdecore5 4:4.14.10-3
ii  libkdesu5   4:4.14.10-3
ii  libkdeui5   4:4.14.10-3
ii  libkfile4   4:4.14.10-3
ii  libkhtml5   4:4.14.10-3
ii  libkio5 4:4.14.10-3
ii  libkonq5abi14:15.04.3-1
ii  libkonqsidebarplugin4a  4:15.04.3-1
ii  libkparts4  4:4.14.10-3
ii  libqt4-dbus 4:4.8.7+dfsg-3
ii  libqt4-qt3support   4:4.8.7+dfsg-3
ii  libqt4-xml  4:4.8.7+dfsg-3
ii  libqtcore4  4:4.8.7+dfsg-3
ii  libqtgui4   4:4.8.7+dfsg-3
ii  libstdc++6  5.2.1-17
ii  libx11-62:1.6.3-1

Versions of packages konqueror recommends:
ii  dolphin  4:15.04.3-1
ii  kfind4:15.04.3-1
pn  konqueror-nsplugins  
ii  kpart-webkit 1.3.4-2

Versions of packages konqueror suggests:
ii  konq-plugins  4:15.04.3-1

-- no debconf information
--- End Message ---
--- Begin Message ---
Source: kde4libs
Source-Version: 4:4.14.12-1

Closing as previously explained.

-- 
Luigi--- End Message ---

Bug#805083: polygraph: FTBFS: SSlv3 method

2015-11-14 Thread Kurt Roeckx 
On Sat, Nov 14, 2015 at 08:34:47AM -0700, Alex Rousskov wrote:
> On 11/14/2015 06:39 AM, Kurt Roeckx wrote:
> > Source: polygraph
> > Version: 4.3.2-1.2
> > Severity: serious
> > Control: block 797926 by -1
> 
> > I suggest you remove all of that and only use SSLv23_method().
> > All the other are version specific methods, only SSLv23_* speaks
> > multiple versions.
> 
> Removal of other methods is not a good idea because users need to
> control which methods are used (including the ones unsupported by the
> latest OpenSSL). We will provide a different fix.

The other methods will go away in the future because people misuse
them.  You really should only use the SSLv23_* methods.

Your users don't have a need to support a specific method that
only supports a given protocol.  What they might need is to be
able to limit the supported versions.  As I said you should use
SSL_set_options() for that.


Kurt

Bug#804623: osptoolkit: SSLv3 method

2015-11-14 Thread Kurt Roeckx 
Hi,

You should change the call from SSLv3_client_method() to
SSLv23_client_method().

The SSLv3_* call only talks SSLv3 while the SSLv23_* call is the
only one supporting multiple protocol version.

I suggest you also get that fixed in the stable branches.


Kurt

Processed: block 797926 with 804620

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> block 797926 with 804620
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 803881 804334 804623 804457 804336 804455 804452 804327 
804607 804324 804326 803975 803972 803974 804089 803886 803889
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 804620
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#805082: pjproject FTBFS, references to removed SSLv3 functions.

2015-11-14 Thread peter green 



Package: pjproject
Version:**2.4~dfsg-1
Severity: serious

Openssl in stretch/sid has dropped the SSLv3 functions. This makes your package 
fail to build (at an earlier point in the build than previously reported build 
failures

gcc -o ../bin/pjlib-test-x86_64-pc-linux-gnu \
 output/pjlib-test-x86_64-pc-linux-gnu/main.o  
output/pjlib-test-x86_64-pc-linux-gnu/activesock.o  
output/pjlib-test-x86_64-pc-linux-gnu/atomic.o  
output/pjlib-test-x86_64-pc-linux-gnu/echo_clt.o  
output/pjlib-test-x86_64-pc-linux-gnu/errno.o  
output/pjlib-test-x86_64-pc-linux-gnu/exception.o  
output/pjlib-test-x86_64-pc-linux-gnu/fifobuf.o  
output/pjlib-test-x86_64-pc-linux-gnu/file.o  
output/pjlib-test-x86_64-pc-linux-gnu/hash_test.o  
output/pjlib-test-x86_64-pc-linux-gnu/ioq_perf.o  
output/pjlib-test-x86_64-pc-linux-gnu/ioq_udp.o  
output/pjlib-test-x86_64-pc-linux-gnu/ioq_unreg.o  
output/pjlib-test-x86_64-pc-linux-gnu/ioq_tcp.o  
output/pjlib-test-x86_64-pc-linux-gnu/list.o  
output/pjlib-test-x86_64-pc-linux-gnu/mutex.o  
output/pjlib-test-x86_64-pc-linux-gnu/os.o  
output/pjlib-test-x86_64-pc-linux-gnu/pool.o  
output/pjlib-test-x86_64-pc-linux-gnu/pool_perf.o  
output/pjlib-test-x86_64-pc-linux-gnu/rand.o  
output/pjlib-test-x86_64-pc-linux-gnu/rbtree.o  
output/pjlib-test-x86_64-pc-linux-gnu/select.o  
output/pjlib-test-x86_64-pc-linux-gnu/sleep.o  
output/pjlib-test-x86_64-pc-linux-gnu/sock.o  
output/pjlib-test-x86_64-pc-linux-gnu/sock_perf.o  
output/pjlib-test-x86_64-pc-linux-gnu/ssl_sock.o  
output/pjlib-test-x86_64-pc-linux-gnu/string.o  
output/pjlib-test-x86_64-pc-linux-gnu/test.o  
output/pjlib-test-x86_64-pc-linux-gnu/thread.o  
output/pjlib-test-x86_64-pc-linux-gnu/timer.o  
output/pjlib-test-x86_64-pc-linux-gnu/timestamp.o  
output/pjlib-test-x86_64-pc-linux-gnu/udp_echo_srv_sync.o  
output/pjlib-test-x86_64-pc-linux-gnu/udp_echo_srv_ioqueue.o  
output/pjlib-test-x86_64-pc-linux-gnu/util.o -lpj  -Wl,-z,relro -lm -lrt 
-lpthread  -L/usr/lib/x86_64-linux-gnu -lSDL2  -lavformat-ffmpeg 
-lavcodec-ffmpeg -lswscale-ffmpeg -lavutil-ffmpeg  -lv4l2 -lopencore-amrnb 
-lopencore-amrwb   -L/build/pjproject-2.4~dfsg/pjlib/lib 
-L/build/pjproject-2.4~dfsg/pjlib-util/lib 
-L/build/pjproject-2.4~dfsg/pjnath/lib -L/build/pjproject-2.4~dfsg/pjmedia/lib 
-L/build/pjproject-2.4~dfsg/pjsip/lib 
-L/build/pjproject-2.4~dfsg/third_party/lib -Wl,-z,relro -Wl,-z,relro
/build/pjproject-2.4~dfsg/pjlib/lib/libpj.so: undefined reference to 
`SSLv3_method'
/build/pjproject-2.4~dfsg/pjlib/lib/libpj.so: undefined reference to 
`SSLv3_server_method'
collect2: error: ld returned 1 exit status

I have seen this on both a raspbian stretch autobuilder and on the Debian 
reproducable builds project.

Bug#804431: zeroinstall-injector: FTBFS: error: The implementation support/hash.ml does not match the interface support/hash.cmi

2015-11-14 Thread Thomas Leonard 
On 12 November 2015 at 11:28, Chris Lamb  wrote:
> Hi Thomas,
>
>> I think this was fixed in 2.9:
>
> Great stuff.
>
>> [ I'm still working on getting my GPG key upgraded, so can't upload
>> new packages to Debian at the moment. ]
>
> No problem. Let me know if you need sponsorship in the meantime, but I
> don't think there is a massive rush.

That would be very useful. I've uploaded the new package here:

https://mentors.debian.net/package/zeroinstall-injector

Thanks,


-- 
Dr Thomas Leonardhttp://roscidus.com/blog/
GPG: DA98 25AE CAD0 8975 7CDA  BD8E 0713 3F96 CA74 D8BA

Processed: closing 803756

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> # This was a bug in boost, fixed in boost
> close 803756
Bug #803756 [src:pion] pion: FTBFS: error: '::SSLv3_method' has not been 
declared
Marked Bug as done
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
803756: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803756
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Should this package be removed?

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> reassign 802993 ftp.debian.org
Bug #802993 [g2ipmsg] Should this package be removed?
Bug reassigned from package 'g2ipmsg' to 'ftp.debian.org'.
Ignoring request to alter found versions of bug #802993 to the same values 
previously set
Ignoring request to alter fixed versions of bug #802993 to the same values 
previously set
> retitle 802993 RM: g2ipmsg - dead upstream, unmaintained, unused, depends on 
> gstreamer 0.10
Bug #802993 [ftp.debian.org] Should this package be removed?
Changed Bug title to 'RM: g2ipmsg - dead upstream, unmaintained, unused, 
depends on gstreamer 0.10' from 'Should this package be removed?'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
802993: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802993
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#802993: Should this package be removed?

2015-11-14 Thread Moritz Mühlenhoff 
reassign 802993 ftp.debian.org
retitle 802993 RM: g2ipmsg - dead upstream, unmaintained, unused, depends on 
gstreamer 0.10
thanks

On Sun, Oct 25, 2015 at 09:33:53PM +0100, Moritz Muehlenhoff wrote:
> Package: g2ipmsg
> Severity: serious
> 
> - Dead upstream (last release from 2008)
> - Unmaintained (last maintainer upload in 2009)
> - Virtually unused in popcon
> - Depends on legacy libs (gstreamer 0.10)

No objections in three weeks, reassigning to ftp.debian.org

Cheers,
Moritz

Bug#805084: python-srp: Hardcoded dependency on libssl1.0.0

2015-11-14 Thread Kurt Roeckx 
Source: python-srp
Version: 1.0.4-1
Severity: serious
Control: block 797926 by -1

Hi,

It seems you have a hardcoded dependency on libssl1.0.0.  The
package has been renamed to libssl1.0.2 and you now depend on both
of them.  Please remove the hardcoded dependency.


Kurt

Processed: python-srp: Hardcoded dependency on libssl1.0.0

2015-11-14 Thread Debian Bug Tracking System 
Processing control commands:

> block 797926 by -1
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 804327 804607 803881 804334 803975 805083 804324 804336 
804452 804620 803974 804138 803972 804623 804089 804455 804326 803889 804457 
803886
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 805084

-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
805084: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805084
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#801866: update-flashplugin-nonfree fails to install last flash version (again)

2015-11-14 Thread Virgo Pärna 
Package: flashplugin-nonfree
Version: 1:3.6.1
Followup-For: Bug #801866


Same problem is also now:
installed version = 11.2.202.540
upstream version = 11.2.202.548

downloading 
http://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp.11.2.202.548.sha512.i386.pgp.asc
 ...
--2015-11-14 15:44:00--  
http://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp.11.2.202.548.sha512.i386.pgp.asc
Resolving people.debian.org (people.debian.org)... 5.153.231.30, 
2001:41c8:1000:21::21:30
Connecting to people.debian.org (people.debian.org)|5.153.231.30|:80... 
connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: 
https://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp.11.2.202.548.sha512.i386.pgp.asc
 [following]
--2015-11-14 15:44:00--  
https://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp.11.2.202.548.sha512.i386.pgp.asc
Connecting to people.debian.org (people.debian.org)|5.153.231.30|:443... 
connected.
HTTP request sent, awaiting response... 404 Not Found
2015-11-14 15:44:01 ERROR 404: Not Found.

And new version is not installed.

-- Package-specific info:
Debian version: 8.2
Architecture: i386
Package version: 1:3.6.1
Adobe Flash Player version: LNX 11,2,202,540
MD5 checksums:
160a01dd00527304e5291e65eb0c65e2  
/var/cache/flashplugin-nonfree/get-upstream-version.pl
6c16fe02dd4024a3067db346414f57d7  
/var/cache/flashplugin-nonfree/install_flash_player_11_linux.i386.tar.gz
e56b6879dc375a091811b8b9d1d4a61a  
/usr/lib/flashplugin-nonfree/libflashplayer.so
Alternatives:
flash-mozilla.so - auto mode
  link currently points to 
/usr/lib/flashplugin-nonfree/libflashplayer.so
/usr/lib/flashplugin-nonfree/libflashplayer.so - priority 50
Current 'best' version is 
'/usr/lib/flashplugin-nonfree/libflashplayer.so'.
lrwxrwxrwx 1 root root 34 Aug 17 14:41 
/usr/lib/mozilla/plugins/flash-mozilla.so -> /etc/alternatives/flash-mozilla.so
/usr/lib/mozilla/plugins/flash-mozilla.so: symbolic link to 
/etc/alternatives/flash-mozilla.so

-- System Information:
Debian Release: 8.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 3.16.0-4-686-pae (SMP w/1 CPU core)
Locale: LANG=et_EE.UTF-8, LC_CTYPE=et_EE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages flashplugin-nonfree depends on:
ii  binutils   2.25-5
ii  ca-certificates20141019
ii  debconf [debconf-2.0]  1.5.56
ii  gnupg  1.4.18-7
ii  libatk1.0-02.14.0-1
ii  libcairo2  1.14.0-2.1
ii  libcurl3-gnutls7.38.0-4+deb8u2
ii  libfontconfig1 2.11.0-6.3
ii  libfreetype6   2.5.2-3+deb8u1
ii  libgcc11:4.9.2-10
ii  libglib2.0-0   2.42.1-1
ii  libgtk2.0-02.24.25-3
ii  libnspr4   2:4.10.7-1
ii  libnss32:3.17.2-1.1+deb8u2
ii  libpango1.0-0  1.36.8-3
ii  libstdc++6 4.9.2-10
ii  libx11-6   2:1.6.2-3
ii  libxext6   2:1.3.3-1
ii  libxt6 1:1.1.4-1+b1
ii  wget   1.16-1

flashplugin-nonfree recommends no packages.

Versions of packages flashplugin-nonfree suggests:
pn  flashplugin-nonfree-extrasound  
ii  fonts-dejavu2.34-1
pn  hal 
ii  iceweasel   42.0-1~bpo80+1
pn  konqueror-nsplugins 
pn  ttf-mscorefonts-installer   
pn  ttf-xfree86-nonfree 

-- no debconf information

Bug#803248: marked as done (openscad: B-D on obsolete *-swx11 packages)

2015-11-14 Thread Debian Bug Tracking System 
Your message dated Sat, 14 Nov 2015 16:20:52 +
with message-id 
and subject line Bug#803248: fixed in openscad 2015.03-1+dfsg-3
has caused the Debian Bug report #803248,
regarding openscad: B-D on obsolete *-swx11 packages
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
803248: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803248
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: openscad
Version: 2015.03-1+dfsg-2
Severity: serious
Justification: fails to build from source (but built successfully in the past)

MESA 11.x has dropped the *-swx11* packages, causing openscad to FTBFS
in sid due to unavailable B-D.


Andreas
--- End Message ---
--- Begin Message ---
Source: openscad
Source-Version: 2015.03-1+dfsg-3

We believe that the bug you reported is fixed in the latest version of
openscad, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 803...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Christian M. Amsüss  (supplier of updated openscad package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Mon, 09 Nov 2015 14:00:17 +0100
Source: openscad
Binary: openscad openscad-testing openscad-testing-data openscad-dbg
Architecture: source amd64 all
Version: 2015.03-1+dfsg-3
Distribution: unstable
Urgency: medium
Maintainer: Christian M. Amsüss 
Changed-By: Christian M. Amsüss 
Description:
 openscad   - script file based graphical CAD environment
 openscad-dbg - script file based graphical CAD environment (debugging symbols)
 openscad-testing - script file based graphical CAD environment (test suite)
 openscad-testing-data - script file based graphical CAD environment (test 
suite data)
Closes: 803248
Changes:
 openscad (2015.03-1+dfsg-3) unstable; urgency=medium
 .
   * Use libgl1-mesa-dri instead of the abandoned libgl1-mesa-swx11 (Closes:
 #803248)
   * Build-depend on libcgal-qt5-dev (see #804539)
   * Add lintian override against source-is-missing (see #798900)
   * Change repository URIs to collab-maint
   * Add a note about the build logs to README.source
Checksums-Sha1:
 cb0d8cc4d2aaa8bd35e80818ca863084876db2a5 2725 openscad_2015.03-1+dfsg-3.dsc
 dc73cc53249de5e69781b308f3a9b113a23a4538 25744 
openscad_2015.03-1+dfsg-3.debian.tar.xz
 2e1b5cf638abe5f79c2e24e15a7e11dea79d6124 44407124 
openscad-dbg_2015.03-1+dfsg-3_amd64.deb
 1f9d1d11cc3636ec0c02d5cf276a4a2b6d9ead98 6483418 
openscad-testing-data_2015.03-1+dfsg-3_all.deb
 6201f59f58d7a0a0015ba669f5cb610ab700a890 493346 
openscad-testing_2015.03-1+dfsg-3_amd64.deb
 686a2a0091d9c063342e579e88f93dd5e7d0cb62 2146624 
openscad_2015.03-1+dfsg-3_amd64.deb
Checksums-Sha256:
 dfbd4ed91e562591fcf692cba587ad13349e09c71459b80c0309f22ae9972aed 2725 
openscad_2015.03-1+dfsg-3.dsc
 d4f5bc9a94666396908814645df25f421abf943170f06ce63af185ba478a4cfb 25744 
openscad_2015.03-1+dfsg-3.debian.tar.xz
 57d3c47f18e3e2b4b803ec2231840b21109a0b297b00c93497feb82eb3029eab 44407124 
openscad-dbg_2015.03-1+dfsg-3_amd64.deb
 30569665581a539134cedebdabb4aa5517fb529d57a1693c7f1ddd3f918f1b33 6483418 
openscad-testing-data_2015.03-1+dfsg-3_all.deb
 30e4deba1d036ac8f6480d8dba683ca6d25b538365e1fd78c17aba369f5821e5 493346 
openscad-testing_2015.03-1+dfsg-3_amd64.deb
 0cb579fe150fae4a56024ab67d2ee7b3f054b91e6977757ab8cb0d6bb4ded41c 2146624 
openscad_2015.03-1+dfsg-3_amd64.deb
Files:
 2c961d7f2d290a37064d63306725a6c2 2725 graphics optional 
openscad_2015.03-1+dfsg-3.dsc
 d68cfc474256467067a63ec16f33dbf0 25744 graphics optional 
openscad_2015.03-1+dfsg-3.debian.tar.xz
 ba87e96fc9ea4ed2cf6da402058cb428 44407124 debug extra 
openscad-dbg_2015.03-1+dfsg-3_amd64.deb
 7160148243014cebd4e2030d7de746eb 6483418 graphics optional 
openscad-testing-data_2015.03-1+dfsg-3_all.deb
 d8886f88dd88eb1336092f51f7f10596 493346 graphics optional 
openscad-testing_2015.03-1+dfsg-3_amd64.deb
 fa88b88ce809580617f2771ad300daa8 2146624 graphics optional 
openscad_2015.03-1+dfsg-3_amd64.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJWQ13uAAoJEDmNERLTpL3hvhEP/3DWej18Xjq+sdrYk/hv72hq

Processed: block 797926 with 804611

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> block 797926 with 804611
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 803889 804138 804326 804455 803886 803881 805083 804089 
804620 803974 804607 804452 804336 804457 804334 803975 804324 803972 804327 
804623 805084
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 804611
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: block 797926 with 804616

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> block 797926 with 804616
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 804607 805084 803889 804138 803974 803975 804324 803886 
803881 804623 804334 804089 804455 804611 804452 804327 805083 804620 804336 
803972 804326 804457
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 804616
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#788708: Bug#799632: iceweasel: SIGSEGV when playing videos via gstreamer

2015-11-14 Thread Soeren D. Schulze 
I am not sure about those SIGPIPEs.  They occured to me, too, but I 
could just press 'c' in gdb and continue using iceweasel until the 
SIGSEGV.  On the other hand, they are apparently gone now in stretch.


Could you press 'c' next time it happens, and wait for a SIGSEGV to occur?

Bug#805083: polygraph: FTBFS: SSlv3 method

2015-11-14 Thread Alex Rousskov 
On 11/14/2015 06:39 AM, Kurt Roeckx wrote:
> Source: polygraph
> Version: 4.3.2-1.2
> Severity: serious
> Control: block 797926 by -1

> I suggest you remove all of that and only use SSLv23_method().
> All the other are version specific methods, only SSLv23_* speaks
> multiple versions.

Removal of other methods is not a good idea because users need to
control which methods are used (including the ones unsupported by the
latest OpenSSL). We will provide a different fix.


Thank you,

Alex.

Bug#805083: polygraph: FTBFS: SSlv3 method

2015-11-14 Thread Alex Rousskov 
On 11/14/2015 08:47 AM, Kurt Roeckx wrote:
> On Sat, Nov 14, 2015 at 08:34:47AM -0700, Alex Rousskov wrote:
>> On 11/14/2015 06:39 AM, Kurt Roeckx wrote:
>>> Source: polygraph
>>> Version: 4.3.2-1.2
>>> Severity: serious
>>> Control: block 797926 by -1
>>
>>> I suggest you remove all of that and only use SSLv23_method().
>>> All the other are version specific methods, only SSLv23_* speaks
>>> multiple versions.
>>
>> Removal of other methods is not a good idea because users need to
>> control which methods are used (including the ones unsupported by the
>> latest OpenSSL). We will provide a different fix.
> 
> The other methods will go away in the future because people misuse
> them.  You really should only use the SSLv23_* methods.
> 
> Your users don't have a need to support a specific method that
> only supports a given protocol.  What they might need is to be
> able to limit the supported versions.  As I said you should use
> SSL_set_options() for that.


You might be thinking of some general-use program. Web Polygraph is a
test tool. Testers often have unusual needs, including the need to test
with a method that only supports a given [deprecated] protocol.

If we can provide a small better fix, we will. If a better fix requires
too many unrelated changes to this Polygraph version, we will provide a
patch that disables SSLv3 (until a recent Polygraph version with a
comprehensive fix is released).


Thank you,

Alex.

Processed: block 797926 with 804463

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> block 797926 with 804463
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 804455 804616 804807 804457 804334 803974 804623 804324 
803975 804611 804452 804326 804327 803972 805084 804607 803889 804089 805083 
804620 803886 804336 804138 803881
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 804463
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: block 797926 with 804807

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> block 797926 with 804807
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 804089 804455 805084 804138 804616 803889 804452 804620 
803886 804334 803975 805083 804623 803881 804336 804611 803972 804607 804324 
804326 804327 804457 803974
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 804807
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: block 797926 with 804605

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> block 797926 with 804605
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 804623 804611 805084 804138 804457 804616 803886 803975 
804326 803881 804455 805083 804604 803889 804089 804607 804463 804327 804334 
804336 803972 803974 804807 804620 804324 804452
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 804605
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: block 797926 with 804604

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> block 797926 with 804604
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 804089 803881 805084 804452 804327 804457 804455 804336 
804326 803886 803889 804623 804138 804334 803974 803972 804616 804807 805083 
804607 804324 804463 804611 804620 803975
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 804604
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: closing 803753

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> # Was issue in boost that's already fixed
> close 803753
Bug #803753 [src:reconserver] reconserver: FTBFS: context.ipp:92:29: error: 
'::SSLv3_method' has not been declared
Marked Bug as done
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
803753: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803753
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: block 797926 with 804615

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> block 797926 with 804615
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 804336 804604 804327 804611 805083 803972 804607 803975 
803889 804457 804463 804334 803881 804807 804326 804605 804455 804623 804616 
804089 804324 803886 804620 805084 803753 804138 804452 803974
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 804615
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: sslsplit: FTBFS: Removed SSLv3 method

2015-11-14 Thread Debian Bug Tracking System 
Processing control commands:

> block 797926 by -1
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 803974 805083 804604 803889 803881 803753 804605 803975 
803886 804336 804452 803972 804457 804623 804455 805084 804611 804620 804324 
804089 804616 804463 804807 804334 804607 804327 804326 804615 804138
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 805097

-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
805097: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805097
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#805097: sslsplit: FTBFS: Removed SSLv3 method

2015-11-14 Thread Kurt Roeckx 
Source: sslsplit
Version: 0.4.11+dfsg-1
Severity: serious
Control: block 797926 by -1

Hi,

The SSLv3 method has been disabled in Debian so your package now
fails to build.  You have this code:
#ifdef SSL_OP_NO_SSLv3
if (!strcmp(optarg, "ssl3")) {
opts->sslmethod = SSLv3_method;
} else
#endif /* SSL_OP_NO_SSLv3 */

I suggest you replace that by OPENSSL_NO_SSL3 (or
OPENSSL_NO_SSL3_METHOD).  The SSL_OP_NO_SSLv3 actually still
exists for backwards compatibility.

I'm not sure why you don't just always use the SSLv23_method.  I
suggest you use things like SSL_OP_NO_SSLv3 to disable protocol
version instead.


Kurt

Processed: block 797926 with 804431

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> block 797926 with 804431
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 804457 804463 803974 804324 803972 805084 804620 804327 
804607 804089 804611 804452 803886 805097 804138 804615 804605 804619 804336 
804623 803881 804604 804455 804334 803753 804326 805083 804807 803975 803889 
804616
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 804431
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#804619: tlsdate: FTBFS: SSLv3 method removed

2015-11-14 Thread Kurt Roeckx 
Hi,

So the code looks like:
  if (0 == strcmp("sslv23", protocol))
  {
verb ("V: using SSLv23_client_method()");
ctx = SSL_CTX_new(SSLv23_client_method());
  } else if (0 == strcmp("sslv3", protocol))
  {
verb ("V: using SSLv3_client_method()");
ctx = SSL_CTX_new(SSLv3_client_method());
  } else if (0 == strcmp("tlsv1", protocol))
  {
verb ("V: using TLSv1_client_method()");
ctx = SSL_CTX_new(TLSv1_client_method());
  } else
die("Unsupported protocol `%s'", protocol);


And the documetation says:
.IP "\-P | \-\-protocol [sslv23|sslv3|tlsv1]"
Set protocol to use when communicating with server (default: 'tlsv1')

I suggest you only support the SSLv23_* method.  It's the only
method supporting multiple protocol versions.  If you want to be
able to control the version I suggest you use
SSL_(CTX_)set_options with something like SSL_OP_NO_SSLv3.


Kurt

Bug#804431: zeroinstall-injector: FTBFS: error: The implementation support/hash.ml does not match the interface support/hash.cmi

2015-11-14 Thread Chris Lamb 
> That would be very useful. I've uploaded the new package here:
> 
> https://mentors.debian.net/package/zeroinstall-injector

"Successfully uploaded zeroinstall-injector_2.10-1_amd64.changes to
ftp.upload.debian.org for ftp-master."

:)


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#805102: liblog-dispatch-message-passing-perl: FTBFS: t/basic.t failure

2015-11-14 Thread Niko Tyni 
Package: liblog-dispatch-message-passing-perl
Version: 0.009-2 
Severity: serious
Tags: sid

This package fails to build on current sid:

  Can't locate JSON.pm in @INC (you may need to install the JSON module) (@INC 
contains: /<>/inc /<>/blib/lib 
/<>/blib/arch /etc/perl 
/usr/local/lib/x86_64-linux-gnu/perl/5.20.2 /usr/local/share/perl/5.20.2 
/usr/lib/x86_64-linux-gnu/perl5/5.20 /usr/share/perl5 
/usr/lib/x86_64-linux-gnu/perl/5.20 /usr/share/perl/5.20 
/usr/local/lib/site_perl .) at /usr/share/perl5/Message/Passing/Role/Output.pm 
line 3.
  BEGIN failed--compilation aborted at 
/usr/share/perl5/Message/Passing/Role/Output.pm line 3.
  Compilation failed in require at /usr/share/perl5/Module/Runtime.pm line 317.
  Compilation failed in require at /usr/share/perl5/Module/Runtime.pm line 317.
  Compilation failed in require at t/basic.t line 8.
  [...]
  Test Summary Report
  ---
  t/basic.t (Wstat: 512 Tests: 0 Failed: 0)
Non-zero exit status: 2
Parse errors: No plan found in TAP output
  
  
This is a regression between 2015-10-29 and 2015-11-10 (see
 
https://reproducible.debian.net/history/liblog-dispatch-message-passing-perl.html
). It looks like the root is libmessage-passing-perl missing a
runtime dependency on libjson-perl, but this used to be masked by
libmoox-options-perl depending on libjson-perl until recently (4.020-1).
-- 
Niko Tyni   nt...@debian.org

Processed: Re: libatombus-perl: FTBFS: Atompub::DateTime does not export: datetime

2015-11-14 Thread Debian Bug Tracking System 
Processing control commands:

> reassign -1 libatompub-perl 0.3.7-2
Bug #805105 [libatombus-perl] libatombus-perl: FTBFS: Atompub::DateTime does 
not export: datetime
Bug reassigned from package 'libatombus-perl' to 'libatompub-perl'.
No longer marked as found in versions libatombus-perl/1.0405-2.
Ignoring request to alter fixed versions of bug #805105 to the same values 
previously set
Bug #805105 [libatompub-perl] libatombus-perl: FTBFS: Atompub::DateTime does 
not export: datetime
Marked as found in versions libatompub-perl/0.3.7-2.
> retitle -1 libatompub-perl: doesn't work with Perl6::Export::Attrs-0.0.4
Bug #805105 [libatompub-perl] libatombus-perl: FTBFS: Atompub::DateTime does 
not export: datetime
Changed Bug title to 'libatompub-perl: doesn't work with 
Perl6::Export::Attrs-0.0.4' from 'libatombus-perl: FTBFS: Atompub::DateTime 
does not export: datetime'
> affects -1 libatombus-perl
Bug #805105 [libatompub-perl] libatompub-perl: doesn't work with 
Perl6::Export::Attrs-0.0.4
Added indication that 805105 affects libatombus-perl

-- 
805105: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805105
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#805105: libatombus-perl: FTBFS: Atompub::DateTime does not export: datetime

2015-11-14 Thread Niko Tyni 
Control: reassign -1 libatompub-perl 0.3.7-2 
Control: retitle -1 libatompub-perl: doesn't work with 
Perl6::Export::Attrs-0.0.4
Control: affects -1 libatombus-perl

On Sat, Nov 14, 2015 at 09:19:14PM +0200, Niko Tyni wrote:
> Package: libatombus-perl
> Version: 1.0405-2
> Severity: serious
> 
> This package fails to build on current sid:
> 
>   Atompub::DateTime does not export: datetime

> Looking at https://reproducible.debian.net/history/libatombus-perl.html
> this regressed in sid between 2015-10-18 and 2015-10-27.

This was apparently broken by libperl6-export-attrs-perl_0.04-2.

See https://rt.cpan.org/Public/Bug/Display.html?id=108287
and https://rt.cpan.org/Public/Bug/Display.html?id=107627

-- 
Niko Tyni   nt...@debian.org

Processed: block 797926 with 803753

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> block 797926 with 803753
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 804336 803886 804623 804807 804607 804334 805084 804457 
804452 803889 803881 804604 804611 804324 804620 803975 805083 803972 803974 
804616 804605 804326 804455 804327 804138 804089 804463
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 803753
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#804605: heirloom-mailx: SSLv3 method

2015-11-14 Thread Kurt Roeckx 
Hi,

So you currently have:
static const SSL_METHOD *
ssl_select_method(const char *uhp)
{
const SSL_METHOD *method;
char*cp;

cp = ssl_method_string(uhp);
if (cp != NULL) {
if (equal(cp, "ssl3"))
method = SSLv3_client_method();
else if (equal(cp, "tls1"))
method = TLSv1_client_method();
else {
fprintf(stderr, catgets(catd, CATSET, 244,
"Invalid SSL method \"%s\"\n"), cp);
method = SSLv23_client_method();
}
} else
method = SSLv23_client_method();
return method;
}

You already removed the call to the SSLv2 method, and so now the
SSLv3 method has also been removed.

I suggest to only use the SSLv23_client_method().  It's the only
method that supports multiple versions.

If you want to able to restrict the versions please use
SSL(_CTX)_set_options() with something like SSL_OP_NO_SSLv3.


Kurt

Bug#803778: marked as done (wine-development: arch all FTBFS on 64-bit architectures)

2015-11-14 Thread Debian Bug Tracking System 
Your message dated Sat, 14 Nov 2015 18:06:37 +
with message-id 
and subject line Bug#803778: fixed in wine-development 1.7.54-2
has caused the Debian Bug report #803778,
regarding wine-development: arch all FTBFS on 64-bit architectures
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
803778: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803778
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: wine-development
Version: 1.7.54-1
Severity: serious
Justification: arch indep FTBFS on 64-bit architectures

Hi

The manpages are now built by upstream together with the binaries [1,
2]. The wine manpage is built together with wine32 (there is no separate
manpage for  wine64). So manpages are only built in arch specific
builds, but not in arch independent.
Since atm the manpages are part of the package wine-development (arch
all), there is a FTBFS on arch "all" if the buildd for "all" is 64-bit.

The amd64 and arm64 builds only succeeded because the buildds only build
arch specific packages there.

I'm filing this bug to prevent the incomplete builds to migrate to
testing (don't know if this would be possible).

Currently I'm testing a fix by simply installing the manpages in the
wine32-development package. I will commit that soon.

This fix implies that the wine script and the links in /usr/bin don't
have a manpage if only wine64 is installed, but not wine32. Since this
setup isn't supported upstream, I don't see this as a real issue. (Note
todo: lintian-overrides).


[1]
commit da340169d6518cf42f1cbe169fbf120383202bdc
Author: Alexandre Julliard 
Date:   Thu Oct 29 14:32:45 2015 +0900
makefiles: Generate rules for installing programs.

[2] Follow-up discussion:
https://www.winehq.org/pipermail/wine-devel/2015-November/110097.html


Greets
jre

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (100, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.3.0-rc7-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages wine-development depends on:
ii  wine32-development  1.7.54-1
ii  wine64-development  1.7.54-1

wine-development recommends no packages.

wine-development suggests no packages.

Versions of packages wine-development is related to:
ii  fonts-wine-development1.7.54-1
ii  libwine-development   1.7.54-1
pn  libwine-development-dbg   
ii  libwine-development-dev   1.7.54-1
ii  wine-development  1.7.54-1 (local build on i386)
ii  wine32-development1.7.54-1
pn  wine32-development-preloader  
pn  wine32-development-tools  
ii  wine64-development1.7.54-1
pn  wine64-development-preloader  
ii  wine64-development-tools  1.7.54-1

-- no debconf information
--- End Message ---
--- Begin Message ---
Source: wine-development
Source-Version: 1.7.54-2

We believe that the bug you reported is fixed in the latest version of
wine-development, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 803...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Michael Gilbert  (supplier of updated wine-development 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 14 Nov 2015 17:42:24 +
Source: wine-development
Binary: wine-development wine32-development wine64-development 
wine32-development-preloader wine64-development-preloader 
wine32-development-tools wine64-development-tools fonts-wine-development 
libwine-development libwine-development-dev libwine-development-dbg
Architecture: source all
Version: 1.7.54-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Wine Party 
Changed-By: Michael Gilbert 
Description:
 fonts-wine-development - Windows API implementation - fonts
 libwine-development - Windows API implementation - library
 libwine-development-dbg

Bug#804046: marked as done (No wine-development package and so not binary available anymore)

2015-11-14 Thread Debian Bug Tracking System 
Your message dated Sat, 14 Nov 2015 18:06:37 +
with message-id 
and subject line Bug#803778: fixed in wine-development 1.7.54-2
has caused the Debian Bug report #803778,
regarding No wine-development package and so not binary available anymore
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
803778: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803778
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Package: wine64-development
Version: 1.7.54-1
Severity: grave

With 1.7.54-1 there is no wine-development package anymore so there is
no /usr/bin/wine-development to start wine.

That renders the whole package suit unusable for most people.

- -- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (800, 'unstable'), (500, 'testing'), (110, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.0.7 (SMP w/8 CPU cores)
Locale: LANG=de_DE, LC_CTYPE=de_DE (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages wine64-development depends on:
ii  libc62.19-22
ii  libwine-development  1.7.52-1
ii  x11-utils7.7+3

Versions of packages wine64-development recommends:
ii  libasound2-plugins  1:1.0.29-dmo1
pn  libwine-gecko-2.40  
pn  wine-development
pn  wine32-development  

Versions of packages wine64-development suggests:
pn  wine64-development-preloader  

Versions of packages wine64-development is related to:
pn  fonts-wine-development
ii  libwine-development   1.7.52-1
pn  libwine-development-dbg   
pn  libwine-development-dev   
pn  wine-development  
pn  wine32-development
pn  wine32-development-preloader  
pn  wine32-development-tools  
ii  wine64-development1.7.52-1
pn  wine64-development-preloader  
pn  wine64-development-tools  

- -- no debconf information

- -- 
Klaus Ethgen  http://www.ethgen.ch/
pub  4096R/4E20AF1C 2011-05-16   Klaus Ethgen 
Fingerprint: 85D4 CA42 952C 949B 1753  62B3 79D0 B06F 4E20 AF1C
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQGcBAEBCgAGBQJWOe5hAAoJEKZ8CrGAGfaszYEL/3MY2ByL7w4h7NF2gorlpD67
eEZMrmVm0V3RpGOI8zMLSU+/dcKuUoXBCfMgGcTHQJtJsGbdOOr4o1WpoR3FHEbM
tDsK7y2SmvNZnSgfiVw6VF4FqNOhFuM/na+RQ0radrACmru6VxETytSMHFujau+m
DANBDrkDTTYQ68DFJaNvQTWNVnZLGvCTcqAIeeuJ/EHl74uiFrt82gxtDHPvoySu
lgusr06jCd6Mv69IQxyKmLgsqTy9tyyMqScBU0prwk+8RTiLuI42DanNf0cBQm2s
d6m8Jy1QegH0hntqJMMRkhk14oPKrOw5sQGr6ZWwTtFdWNegvMQuHnrOgULOU5P/
MQR3NepZpwk5DRFGYz4FhC5LvCFNWVp5ah1beR7vUQ4n5SmRRur9Vu/vDrYc1b6A
R8W6oJYMZTo8bdBX1ME+LnPVrEXgtnQ7osSABzR0vmhBlJQXBvp75q5EHoj9ztYq
WAJJNtoc3wloPgc+ae8UUMax8+wM9XCGc0/ZMtPYag==
=nUVB
-END PGP SIGNATURE-
--- End Message ---
--- Begin Message ---
Source: wine-development
Source-Version: 1.7.54-2

We believe that the bug you reported is fixed in the latest version of
wine-development, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 803...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Michael Gilbert  (supplier of updated wine-development 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 14 Nov 2015 17:42:24 +
Source: wine-development
Binary: wine-development wine32-development wine64-development 
wine32-development-preloader wine64-development-preloader 
wine32-development-tools wine64-development-tools fonts-wine-development 
libwine-development libwine-development-dev libwine-development-dbg
Architecture: source all
Version: 1.7.54-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Wine Party 
Changed-By: Michael Gilbert 
Description:
 fonts-wine-development - Windows API implementation - fonts
 libwine-development - Windows API implementation - library
 libwine-development-dbg - Windows API implementation - debugging symbols
 libwine-development-dev - Windows API implementation - development files

Processed: block 797926 with 804619

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> block 797926 with 804619
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 803886 804607 803881 804615 804455 804138 804807 804324 
805097 804623 804463 804611 804605 803889 803974 803975 804616 803753 804334 
804452 804620 804336 804457 805083 804089 804326 805084 804604 803972 804327
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 804619
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#805102: liblog-dispatch-message-passing-perl: FTBFS: t/basic.t failure

2015-11-14 Thread Niko Tyni 
retitle 805102 libmessage-passing-perl: missing runtime and build dependencies 
on libjson-perl
reassign 805102 libmessage-passing-perl 0.116-1 
affects 805102 liblog-dispatch-message-passing-perl
thanks

On Sat, Nov 14, 2015 at 08:55:33PM +0200, Niko Tyni wrote:
> Package: liblog-dispatch-message-passing-perl
> Version: 0.009-2 
> Severity: serious
> Tags: sid
> 
> This package fails to build on current sid:
> 
>   Can't locate JSON.pm in @INC (you may need to install the JSON module) 
> (@INC contains: /<>/inc /<>/blib/lib 
> /<>/blib/arch /etc/perl 
> /usr/local/lib/x86_64-linux-gnu/perl/5.20.2 /usr/local/share/perl/5.20.2 
> /usr/lib/x86_64-linux-gnu/perl5/5.20 /usr/share/perl5 
> /usr/lib/x86_64-linux-gnu/perl/5.20 /usr/share/perl/5.20 
> /usr/local/lib/site_perl .) at 
> /usr/share/perl5/Message/Passing/Role/Output.pm line 3.

> This is a regression between 2015-10-29 and 2015-11-10 (see
>  
> https://reproducible.debian.net/history/liblog-dispatch-message-passing-perl.html
> ). It looks like the root is libmessage-passing-perl missing a
> runtime dependency on libjson-perl, but this used to be masked by
> libmoox-options-perl depending on libjson-perl until recently (4.020-1).

I see libmessage-passing-perl is failing to build too because
of a missing build dependency on libjson-perl. I'm reassigning
and retitling this, no use tracking two bugs about it.
-- 
Niko Tyni   nt...@debian.org

Bug#805103: libmessage-passing-filter-regexp-perl: FTBFS: missing build-dependency on libjson-perl

2015-11-14 Thread Niko Tyni 
Package: libmessage-passing-filter-regexp-perl
Version: 0.05-1
Severity: serious
Tags: sid

This package fails to build on current sid:

  Can't locate JSON.pm in @INC (you may need to install the JSON module) (@INC 
contains: lib /<>/blib/lib /<>/blib/arch /etc/perl 
/usr/local/lib/x86_64-linux-gnu/perl/5.20.2 /usr/local/share/perl/5.20.2 
/usr/lib/x86_64-linux-gnu/perl5/5.20 /usr/share/perl5 
/usr/lib/x86_64-linux-gnu/perl/5.20 /usr/share/perl/5.20 
/usr/local/lib/site_perl .) at t/003-Message-Passing-Filter-Regexp.t line 7.
  BEGIN failed--compilation aborted at t/003-Message-Passing-Filter-Regexp.t 
line 7.
  t/003-Message-Passing-Filter-Regexp.t .. 
  Dubious, test returned 2 (wstat 512, 0x200)
  No subtests run 
  
  Test Summary Report
  ---
  t/003-Message-Passing-Filter-Regexp.t (Wstat: 512 Tests: 0 Failed: 0)
Non-zero exit status: 2
Parse errors: No plan found in TAP output
  
This is a recent regression, very similar to #805102.
However, even though it will go away by making libmessage-passing-perl
depend on libjson-perl, that is not quite the correct fix as
t/003-Message-Passing-Filter-Regexp.t is using the JSON module directly.
So it looks like libmessage-passing-filter-regexp-perl needs an
explicit build dependency on libjson-perl.
-- 
Niko Tyni   nt...@debian.org

Processed: Re: Bug#805102: liblog-dispatch-message-passing-perl: FTBFS: t/basic.t failure

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> retitle 805102 libmessage-passing-perl: missing runtime and build 
> dependencies on libjson-perl
Bug #805102 [liblog-dispatch-message-passing-perl] 
liblog-dispatch-message-passing-perl: FTBFS: t/basic.t failure
Changed Bug title to 'libmessage-passing-perl: missing runtime and build 
dependencies on libjson-perl' from 'liblog-dispatch-message-passing-perl: 
FTBFS: t/basic.t failure'
> reassign 805102 libmessage-passing-perl 0.116-1
Bug #805102 [liblog-dispatch-message-passing-perl] libmessage-passing-perl: 
missing runtime and build dependencies on libjson-perl
Bug reassigned from package 'liblog-dispatch-message-passing-perl' to 
'libmessage-passing-perl'.
No longer marked as found in versions 
liblog-dispatch-message-passing-perl/0.009-2.
Ignoring request to alter fixed versions of bug #805102 to the same values 
previously set
Bug #805102 [libmessage-passing-perl] libmessage-passing-perl: missing runtime 
and build dependencies on libjson-perl
Marked as found in versions libmessage-passing-perl/0.116-1.
> affects 805102 liblog-dispatch-message-passing-perl
Bug #805102 [libmessage-passing-perl] libmessage-passing-perl: missing runtime 
and build dependencies on libjson-perl
Added indication that 805102 affects liblog-dispatch-message-passing-perl
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
805102: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805102
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#805105: libatombus-perl: FTBFS: Atompub::DateTime does not export: datetime

2015-11-14 Thread Niko Tyni 
Package: libatombus-perl
Version: 1.0405-2
Severity: serious

This package fails to build on current sid:

  Atompub::DateTime does not export: datetime
  use Atompub::DateTime failed at /<>/lib/AtomBus.pm line 5.
  BEGIN failed--compilation aborted at /<>/lib/AtomBus.pm line 5.
  Compilation failed in require at t/01-basic.t line 16.
  [...]
  Test Summary Report
  ---
  t/01-basic.t (Wstat: 65280 Tests: 0 Failed: 0)
Non-zero exit status: 255
Parse errors: Bad plan.  You planned 12 tests but ran 0.
  t/02-paging.t (Wstat: 65280 Tests: 0 Failed: 0)
Non-zero exit status: 255
Parse errors: Bad plan.  You planned 21 tests but ran 0.
  Files=2, Tests=0,  1 wallclock secs ( 0.06 usr  0.00 sys +  0.76 cusr  0.06 
csys =  0.88 CPU)
  Result: FAIL

Looking at https://reproducible.debian.net/history/libatombus-perl.html
this regressed in sid between 2015-10-18 and 2015-10-27.
-- 
Niko Tyni   nt...@debian.org

Bug#805095: sflphone: Uses ALL ciphers

2015-11-14 Thread Kurt Roeckx 
Source: sflphone
Severity: grave
Tags: security

I just saw this in the code:
SSL_CTX_set_cipher_list(ctx, "ALL");

This enables ciphers you don't want, it might include those that
don't provide authentication or encryption.


Kurt

Bug#804615: sflphone: SSLv3 method

2015-11-14 Thread Kurt Roeckx 
Hi,

I see various things like:
typedef enum pj_ssl_sock_proto
{
PJ_SSL_SOCK_PROTO_DEFAULT,  /**< Default protocol of backend.   */
PJ_SSL_SOCK_PROTO_TLS1, /**< TLSv1.0 protocol.  */
PJ_SSL_SOCK_PROTO_SSL3, /**< SSLv3.0 protocol.  */
PJ_SSL_SOCK_PROTO_SSL23,/**< SSLv3.0 but can roll back to
 SSLv2.0.   */
PJ_SSL_SOCK_PROTO_SSL2, /**< SSLv2.0 protocol.  */
PJ_SSL_SOCK_PROTO_DTLS1 /**< DTLSv1.0 protocol. */
} pj_ssl_sock_proto;


At least that description for PJ_SSL_SOCK_PROTO_SSL23 is wrong.
It supports more protocols, including things like TLS 1.2.

It's used in this code:
/* Determine SSL method to use */
switch (ssock->param.proto) {
case PJ_SSL_SOCK_PROTO_DEFAULT:
case PJ_SSL_SOCK_PROTO_TLS1:
ssl_method = (SSL_METHOD*)TLSv1_method();
break;
#ifndef OPENSSL_NO_SSL2
case PJ_SSL_SOCK_PROTO_SSL2:
ssl_method = (SSL_METHOD*)SSLv2_method();
break;
#endif
case PJ_SSL_SOCK_PROTO_SSL3:
ssl_method = (SSL_METHOD*)SSLv3_method();
break;
case PJ_SSL_SOCK_PROTO_SSL23:
ssl_method = (SSL_METHOD*)SSLv23_method();
break;
//case PJ_SSL_SOCK_PROTO_DTLS1:
//ssl_method = (SSL_METHOD*)DTLSv1_method();
//break;
default:
return PJ_EINVAL;
}

So this seems to mean the default only supports TLS 1.0, and not
newer protocols like TLS 1.2.

I recommend you remove almost all of this.  You should only use
the SSLv23_* method and the DTLS_*.  Those are the only methods
that support multiple versions.

If you have a need to restrict the supported protocols please use
SSL_(CTX_)_set_options with something like SSL_OP_NO_SSLv3.


There is also code like this:
meth = (SSL_METHOD*)SSLv23_server_method();
if (!meth)
meth = (SSL_METHOD*)TLSv1_server_method();
if (!meth)
meth = (SSL_METHOD*)SSLv3_server_method();
#ifndef OPENSSL_NO_SSL2
if (!meth)
meth = (SSL_METHOD*)SSLv2_server_method();
#endif

This doesn't make any sense.  They will all always succeed, and
you only want the first one anyway.


Kurt

Processed: block 797926 with 804603

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> block 797926 with 804603
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 804138 804616 804336 804334 803753 804607 805097 804619 
805114 804324 804327 804326 804463 803975 803886 805112 804615 804455 804604 
805083 804452 803974 804623 804431 804089 803889 804440 804457 804605 804611 
805084 803972 804807 803881 804620
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 804603
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#804603: courier: FTBFS: SSLv3 method removed

2015-11-14 Thread Kurt Roeckx 
Hi,

So looking at the code your currently have:
method=((!protocol || !*protocol)
? NULL:
strcmp(protocol, "SSL3") == 0
? SSLv3_method():
strcmp(protocol, "SSL23") == 0
? SSLv23_method():
strcmp(protocol, "TLSv1") == 0
? TLSv1_method():
#ifdef HAVE_TLSV1_1_METHOD
strcmp(protocol, "TLSv1.1") == 0
? TLSv1_1_method():
#endif
#ifdef HAVE_TLSV1_2_METHOD
strcmp(protocol, "TLSv1.2") == 0
? TLSv1_2_method():
#endif
NULL);

if (!method)
{
method=SSLv23_method();
options|=SSL_OP_NO_SSLv2;
}

The SSLv23_* methods are the only ones that support multiple
protocol versions, SSLv3_* has just been removed in unstable.

The others will be removed in the future, so I suggest you only
use the SSLv23_method().  If you want to disable protocols I
suggest you do it with the options like the SSL_OP_NO_SSLv2 you
already have there.


Kurt

Processed: block 797926 with 804606

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> block 797926 with 804606
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 805112 804463 804615 804431 803975 803886 804327 805097 
803881 804605 804440 804452 803753 804619 804334 804089 804138 805083 804457 
803972 804455 804620 804324 803974 804604 804807 803889 805084 804326 804616 
804611 804623 804336 804603 805114 804607
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 804606
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#804606: httest: FTBFS: SSLv3 method removed

2015-11-14 Thread Kurt Roeckx 
Hi,

So you have code like this for both client and server:
static int worker_set_client_method(worker_t * worker, const char
*sslstr) {
  int is_ssl = 0;
  ssl_wconf_t *config = ssl_get_worker_config(worker);

  if (strcasecmp(sslstr, "SSL") == 0) {
is_ssl = 1;
config->meth = SSLv23_client_method();
  }
#ifndef OPENSSL_NO_SSL2
  else if (strcasecmp(sslstr, "SSL2") == 0) {
is_ssl = 1;
config->meth = SSLv2_client_method();
  }
#endif
  else if (strcasecmp(sslstr, "SSL3") == 0) {
is_ssl = 1;
config->meth = SSLv3_client_method();
  }
  else if (strcasecmp(sslstr, "TLS1") == 0) {
is_ssl = 1;
config->meth = TLSv1_client_method();
  }
#if (OPENSSL_VERSION_NUMBER >= 0x1000100fL)
  else if (strcasecmp(sslstr, "TLS1.1") == 0) {
is_ssl = 1;
config->meth = TLSv1_1_client_method();
  }
  else if (strcasecmp(sslstr, "TLS1.2") == 0) {
is_ssl = 1;
config->meth = TLSv1_2_client_method();
  }
#endif
  else if (strcasecmp(sslstr, "DTLS1") == 0) {
is_ssl = 1;
config->meth = DTLSv1_client_method();
  }
  return is_ssl;
}

The SSLv3 method has just been disabled in Debian.

I recommand you use the SSLv23_* and DTLS_* method.  They are the
only one supporting multiple versions of the protocol.  It would
also get you DTLS 1.2 support.

If you want to be able to disable protocols I suggest you use 
SSL_(CTX_)set_options with something like SSL_OP_NO_SSLv3.



Kurt

Processed: block 797926 with 804467

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> block 797926 with 804467
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 804605 804463 805084 804440 804620 804611 804336 804089 
804603 803972 805112 803881 804606 803974 803975 804623 805117 804604 803886 
804455 804326 804334 804431 804607 804452 804327 804457 804619 805114 804615 
804138 805083 803753 804616 805097 804324 803889 804807
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 804467
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: kannel-sqlbox: FTBFS: Can't satisfy build-depends

2015-11-14 Thread Debian Bug Tracking System 
Processing control commands:

> block 797926 by -1
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 804605 803975 804620 804615 804440 804606 803881 804326 
804607 803974 804603 804619 804334 805112 803886 804611 804327 804324 804336 
804604 804431 803972 804463 804807 804616 805097 805114 804455 805083 804452 
805084 804623 804138 804457 804089 803889 803753
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 805117

-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
805117: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805117
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#805117: kannel-sqlbox: FTBFS: Can't satisfy build-depends

2015-11-14 Thread Kurt Roeckx 
Source: kannel-sqlbox
Version: 0.7.2-3
Severity: serious
Control: block 797926 by -1

Hi,

You have a build-depedency on kannel-dev (<< 1.4.4), but the
current version in unstable is 1.4.4-1+b1.


Kurt

Processed: block 797926 with 804386

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> block 797926 with 804386
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 804334 804603 804623 804611 803886 803753 803972 804431 
804463 804440 804607 804452 805114 803881 804467 804616 805083 804457 804604 
803975 804605 804619 804606 804327 804089 803889 805117 804324 804807 805112 
804138 805084 803974 804336 804620 804326 805097 804615 804455
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 804386
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: galera-3: FTBFS on s390x

2015-11-14 Thread Debian Bug Tracking System 
Processing control commands:

> block 797926 by -1
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 805112 804336 805114 803889 804467 803972 804623 804807 
804606 804463 804334 804604 804611 804457 804440 805084 804431 804452 804616 
803753 803886 804603 804455 804607 804605 804326 804089 804619 803975 803881 
803974 804620 804138 804324 805083 804386 805097 805117 804615 804327
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 805118

-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
805118: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805118
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#805118: galera-3: FTBFS on s390x

2015-11-14 Thread Kurt Roeckx 
Source: galera-3
Version: 25.3.12-3
Severity: serious
Control: block 797926 by -1

Hi,

Your package FTBFS on s390x.  It's unclear to me what the error
is.  For a full log see:
https://buildd.debian.org/status/fetch.php?pkg=galera-3=s390x=25.3.12-3=1447450818


Kurt

Processed: unblock 797926 with 804336

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> unblock 797926 with 804336
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 804324 803974 804386 804603 804463 803753 804611 804619 
803972 804440 805118 804089 804623 804604 805084 803889 804336 804620 803886 
804327 804431 804457 804607 804605 804467 803975 804615 805097 805112 804455 
804334 803881 804138 804326 805114 804606 805083 804616 804807 805117 804452
797926 was not blocking any bugs.
Removed blocking bug(s) of 797926: 804336
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#799840: marked as done (libpam-smbpass: installed libpam-smbpass break all local login)

2015-11-14 Thread Debian Bug Tracking System 
Your message dated Sat, 14 Nov 2015 22:22:40 +
with message-id 
and subject line Bug#799840: fixed in samba 2:4.3.1+dfsg-1
has caused the Debian Bug report #799840,
regarding libpam-smbpass: installed libpam-smbpass break all local login
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
799840: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=799840
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libpam-smbpass
Version: 4.1.20+dfsg-1
Severity: critical
Justification: breaks the whole system

On one of my computer, when libpam-smbpass is installed, all local login
attempt fail.

su, sudo, login on console, using gdm or sddm all break. Only ssh succed

I've report in log like :

  *** Error in `/usr/lib/x86_64-linux-gnu/sddm/sddm-helper': double free or 
corruption (fasttop): 0x00a38a70 ***
  *** Error in `gdm-session-worker [pam/gdm-password]': double free or 
corruption (fasttop): 0x0226c960

and error from su like :

  *** Error in `su': double free or corruption (fasttop): 0x55846363b500 ***

and mostly the same from sudo.

Uninstalling libpam-smbpass fix the problem.

Note that libpam-smbpass was installed but not used nor configured. I could
reinstall it to try debugging stuff.

Thanks
-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (700, 'testing'), (291, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.1.0-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libpam-smbpass depends on:
ii  dpkg1.18.3
ii  libbsd0 0.7.0-2
ii  libc6   2.19-20
ii  libpam-runtime  1.1.8-3.1
ii  libpam0g1.1.8-3.1
ii  libtalloc2  2.1.3-1
ii  libwbclient02:4.1.20+dfsg-1
ii  samba-common2:4.1.20+dfsg-1
ii  samba-libs  2:4.1.20+dfsg-1

libpam-smbpass recommends no packages.

Versions of packages libpam-smbpass suggests:
ii  samba  2:4.1.20+dfsg-1
--- End Message ---
--- Begin Message ---
Source: samba
Source-Version: 2:4.3.1+dfsg-1

We believe that the bug you reported is fixed in the latest version of
samba, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 799...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jelmer Vernooij  (supplier of updated samba package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Thu, 01 Oct 2015 21:37:48 +
Source: samba
Binary: samba samba-libs samba-common samba-common-bin smbclient 
samba-testsuite registry-tools libparse-pidl-perl samba-dev python-samba 
samba-dsdb-modules samba-vfs-modules libsmbclient libsmbclient-dev winbind 
libpam-winbind libnss-winbind samba-dbg libwbclient0 libwbclient-dev ctdb
Architecture: source amd64 all
Version: 2:4.3.1+dfsg-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Samba Maintainers 
Changed-By: Jelmer Vernooij 
Description:
 ctdb   - clustered database to store temporary data
 libnss-winbind - Samba nameservice integration plugins
 libpam-winbind - Windows domain authentication integration plugin
 libparse-pidl-perl - IDL compiler written in Perl
 libsmbclient - shared library for communication with SMB/CIFS servers
 libsmbclient-dev - development files for libsmbclient
 libwbclient-dev - Samba winbind client library - development files
 libwbclient0 - Samba winbind client library
 python-samba - Python bindings for Samba
 registry-tools - tools for viewing and manipulating the Windows registry
 samba  - SMB/CIFS file, print, and login server for Unix
 samba-common - common files used by both the Samba server and client
 samba-common-bin - Samba common files used by both the server and the client
 samba-dbg  - Samba debugging symbols
 samba-dev  - tools for extending Samba
 samba-dsdb-modules - Samba Directory Services Database
 samba-libs - Samba core libraries
 samba-testsuite - test suite from

Bug#805121: kumofs: FTBFS on ppc64el: ICE

2015-11-14 Thread Kurt Roeckx 
Source: kumofs
Version: 0.4.13-6.1
Severity: serious
Control: block 797926 by -1

Hi,

Your package is failing to build on ppc64el with the following
error:
cluster.cc: In member function 'void 
rpc::cluster_transport::init_message(rpc::msgobj, rpc::auto_zone)':
cluster.cc:134:1: error: unrecognizable insn:
 }
 ^
(insn 977 976 978 78 (set (reg:CC 433)
(compare:CC (reg:SI 431)
(const_int 65535 [0x]))) cluster.cc:87 -1
 (nil))
cluster.cc:134:1: internal compiler error: in extract_insn, at recog.c:2343
0x10752c93 _fatal_insn(char const*, rtx_def const*, char const*, int, char 
const*)
../../src/gcc/rtl-error.c:110
0x10752cf7 _fatal_insn_not_found(rtx_def const*, char const*, int, char const*)
../../src/gcc/rtl-error.c:118
0x1071a207 extract_insn(rtx_insn*)
../../src/gcc/recog.c:2343
0x10509e17 instantiate_virtual_regs_in_insn
../../src/gcc/function.c:1598
0x10509e17 instantiate_virtual_regs
../../src/gcc/function.c:1966
0x10509e17 execute
../../src/gcc/function.c:2015
Please submit a full bug report,
with preprocessed source if appropriate.
Please include the complete backtrace with any bug report.
See  for instructions.
Preprocessed source stored into /tmp/ccqLvjEA.out file, please attach this to 
your bugreport.

For a full log see:
https://buildd.debian.org/status/fetch.php?pkg=kumofs=ppc64el=0.4.13-6.1%2Bb1=1446633792


Kurt

Processed: kumofs: FTBFS on ppc64el: ICE

2015-11-14 Thread Debian Bug Tracking System 
Processing control commands:

> block 797926 by -1
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 804463 803886 804138 804455 804431 804603 804452 804326 
804089 804324 804604 804611 804623 804620 804616 803972 804615 805097 803975 
803974 804619 804807 803881 804605 804467 805114 804327 804606 805084 803889 
803753 804457 804334 805118 805117 805083 805112 804386 804607 804440
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 805121

-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
805121: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805121
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#785867: morituri: Please update to GStreamer 1.x

2015-11-14 Thread Moritz Muehlenhoff 
On Wed, May 20, 2015 at 04:03:06PM +0300, sl...@debian.org wrote:
> Source: morituri
> Severity: important
> User: sl...@debian.org
> Usertags: gstreamer0.10-removal
> 
> Hi maintainer,
> 
> your package morituri currently still depends on GStreamer 0.10.
> 
> GStreamer 0.10 is no longer maintained and supported by the upstream
> project since almost 3 years, and contains many known bugs that are
> fixed in the new 1.x release series of GStreamer. Next to many bug
> fixes, the new release series also contains many other improvements,
> new features and a more streamlined API.

upstream doesn't seem to plan a port, are you planning to port it
yourself or shall we remove it for now (it can still be re-added
if fixed at a later point in time)?

https://github.com/thomasvs/morituri/issues/47

Cheers,
Moritz

Bug#804666: marked as done (simutrans: FTBFS: convert convert: Unrecognized option (-alpha).)

2015-11-14 Thread Debian Bug Tracking System 
Your message dated Sat, 14 Nov 2015 22:35:25 +
with message-id 
and subject line Bug#804666: fixed in simutrans 120.1.1+repack-1
has caused the Debian Bug report #804666,
regarding simutrans: FTBFS: convert convert: Unrecognized option (-alpha).
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
804666: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804666
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: simutrans
Version: 111.3.1-1
Severity: serious
Justification: fails to build from source (but built successfully in the past)

simutrans FTBFS in experimental, see e.g.

https://buildd.debian.org/status/fetch.php?pkg=simutrans=amd64=111.3.1-1%2Bb2=1447096039

[...]
make[2]: Leaving directory '/«PKGBUILDDIR»/nettools'
convert simutrans.ico -alpha on debian/simutrans.xpm
convert convert: Unrecognized option (-alpha).
debian/rules:21: recipe for target 'override_dh_auto_build' failed
make[1]: *** [override_dh_auto_build] Error 1
make[1]: Leaving directory '/«PKGBUILDDIR»'
debian/rules:18: recipe for target 'build-arch' failed
make: *** [build-arch] Error 2


Andreas
--- End Message ---
--- Begin Message ---
Source: simutrans
Source-Version: 120.1.1+repack-1

We believe that the bug you reported is fixed in the latest version of
simutrans, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 804...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jörg Frings-Fürst  (supplier of updated simutrans 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 14 Nov 2015 19:01:56 +0100
Source: simutrans
Binary: simutrans simutrans-data simutrans-makeobj
Architecture: source
Version: 120.1.1+repack-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Games Team 
Changed-By: Jörg Frings-Fürst 
Description:
 simutrans  - transportation simulator
 simutrans-data - transportation simulator (base data)
 simutrans-makeobj - data file compiler for Simutrans
Closes: 708837 783887 804666
Changes:
 simutrans (120.1.1+repack-1) unstable; urgency=medium
 .
   [ Jörg Frings-Fürst ]
   * New upstream release (Closes: #708837).
   * Upload to unstable.
   * debian/control:
 - Add myself as new uploader (Closes: #783887).
 - Bump Standards-Version to 3.9.6 (No changes required).
 - Rewrite Depends.
 - Rewrite Vcs* to canonical URI.
 - Remove obsolete Pre-Depends.
   * debian/source/options:
 - Removed because xz is now standard compression.
   * debian/rules:
 - Remove override_dh_builddeb because compression xz is now standard.
 - Remove obsolete nettools and skin.
 - To prevent FTBFS with sbuild add dh_quilt_patch to
   override_dh_auto_clean.
 - Remove BROKEN_LANG loop.
 - Split override_dh_install into override_dh_install-arch and
   override_dh_install-indep.
   * debian/copyright:
 - Add myself to debian/*
 - Remove obsolete utils/dr_rdgif.c.
 - Rewrite for the new upstream release.
   * Remove debian/patches/sha1-replacement.diff.
   * Remove double debian/patches/path-for-game-data.diff.
   * Refresh debian/patches/*.
   * Rewrite source handling:
 - New debian/repack.sh.
 - debian/watch: add parameter "debian debian/repack.sh".
 - Rewrite debian/README.source.
   * New d/p/0510-missing_uncommon_mk.patch to include missing uncommon.mk.
   * Update debian/translations.
   * New debian/gbp.conf.
   * Remove convert of simutrans.xpm and install it direct (Closes: #804666).
 - debian/rules: Remove convert call.
 - debian/control: Remove imagemagick from Build-Depends.
 - New debian/pixmaps/simutrans.xpm
Checksums-Sha1:
 aa340ad78be1aaf8779bf42f61de6576195c0ef7 2354 simutrans_120.1.1+repack-1.dsc
 bd6f9ed2ee150aec5e16c7f8fd60fa05d24d387c 2291608 
simutrans_120.1.1+repack.orig.tar.xz
 452f0c5a5d7e93a45463db67fde9ae7ab6cf5f9d 270008 
simutrans_120.1.1+repack-1.debian.tar.xz
Checksums-Sha256:
 951948ce0ff32db00ae9b9e719d84c51af7192d4622abafaf3bec9acec1b72fd 2354 
simutrans_120.1.1+repack-1.dsc

Bug#805123: swi-prolog: FTBFS on ppc64el

2015-11-14 Thread Kurt Roeckx 
Source: swi-prolog
Version: 7.2.0-2
Severity: serious
Control: block 797926 by -1

Hi,

Your package is failing to build with the following error on
ppc64el:
JUNIT=/usr/share/java/junit.jar JAVA=java JAVA_PRELOAD= ./test-java.sh
Welcome to SWI-Prolog (Multi-threaded, 64 bits, Version 7.2.0)
Copyright (c) 1990-2015 University of Amsterdam, VU Amsterdam
SWI-Prolog comes with ABSOLUTELY NO WARRANTY. This is free software,
and you are welcome to redistribute it under certain conditions.
Please visit http://www.swi-prolog.org for details.

For help, use ?- help(Topic). or ?- apropos(Word).


% halt
ERROR: /«PKGBUILDDIR»/packages/jpl/jpl.pl:4164:
'$open_shared_object'/3: libjpl: cannot open shared object file: No 
such file or directory
Failed to invoke suite():java.lang.UnsatisfiedLinkError: no jpl in 
java.library.path
Makefile:66: recipe for target 'check_java' failed
make[2]: *** [check_java] Error 1

A full log is available at:
https://buildd.debian.org/status/fetch.php?pkg=swi-prolog=ppc64el=7.2.0-2%2Bb1=1446804933


Kurt

Processed: swi-prolog: FTBFS on ppc64el

2015-11-14 Thread Debian Bug Tracking System 
Processing control commands:

> block 797926 by -1
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 804603 804327 803972 804615 804604 804606 804324 803881 
804440 804467 805083 804334 805117 804326 805084 803886 804611 804463 803975 
803974 804457 804089 805114 804607 804138 804620 804616 804455 804452 803889 
804807 804605 804619 805097 805121 804386 804431 805118 803753 804623 805112
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 805123

-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
805123: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805123
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: trafficserver: FTBFS on ppc64el: Uses -mcx16

2015-11-14 Thread Debian Bug Tracking System 
Processing control commands:

> block 797926 by -1
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 805121 804605 804324 804334 804615 804606 804604 805117 
803975 804467 805097 804607 804138 804431 804611 805083 803753 804603 803889 
804623 804326 804457 805114 804440 804807 804455 804452 803972 804620 805112 
804619 803974 804089 803881 805123 805118 804386 803886 804463 804327 805084 
804616
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 805124

-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
805124: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805124
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#805124: trafficserver: FTBFS on ppc64el: Uses -mcx16

2015-11-14 Thread Kurt Roeckx 
Source: trafficserver
Version: 6.0.0-2
Severity: serious
Control: block 797926 by -1

Hi,

Your package is failing to build on ppc64el.  It looks like this
is the error:
configure:25484: cc -c -g -O2 -fPIE -fstack-protector-strong -Wformat 
-Werror=format-security -O3 -std=gnu99 -pipe -Wall 
-feliminate-unused-debug-symbols -fno-strict-aliasing -mcx16 
-D_FORTIFY_SOURCE=2 -Dlinux -D_LARGEFILE64_SOURCE=1 -D_COMPILE64BIT_SOURCE=1 
-D_GNU_SOURCE -D_REENTRANT -D__STDC_LIMIT_MACROS=1 -D__STDC_FORMAT_MACROS=1 
-DOPENSSL_NO_SSL_INTERN -I/usr/include/tcl8.6 -I/usr/include/libxml2 conftest.c 
>&5
cc: error: unrecognized command line option '-mcx16'

A full log can be seen at:
https://buildd.debian.org/status/fetch.php?pkg=trafficserver=ppc64el=6.0.0-2=1446769250


Kurt

Processed: tagging 804454 ...

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 804454 + upstream
Bug #804454 [soundconverter] [soundconverter] Does not write any output files.
Added tag(s) upstream.
> forwarded 804454 
> https://bugs.launchpad.net/ubuntu/+source/soundconverter/+bug/1516319
Bug #804454 [soundconverter] [soundconverter] Does not write any output files.
Set Bug forwarded-to-address to 
'https://bugs.launchpad.net/ubuntu/+source/soundconverter/+bug/1516319'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
804454: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804454
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: transgui: Fixed dependency on libssl1.0.0

2015-11-14 Thread Debian Bug Tracking System 
Processing control commands:

> block 797926 by -1
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 804603 803972 804138 804619 804326 804452 804455 804324 
804615 803974 804623 805124 804334 804089 804440 804611 804327 803889 804463 
805114 804616 805112 804807 804620 805121 804605 805123 804431 804457 805117 
804607 803881 804606 804604 803975 805084 805083 804467 803886 803753 804386 
805118 805097
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 805125

-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
805125: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805125
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#805125: transgui: Fixed dependency on libssl1.0.0

2015-11-14 Thread Kurt Roeckx 
Source: transgui
Version: 5.0.1-2
Severity: serious
Control: block 797926 by -1

Hi,

Your package seems to have a dependency on libssl1.0.0.  It  has
just been renamed to libssl1.0.2.  After a rebuild you still
depend on libss1.0.0.

It seems the library is loaded using:
LoadLibrary(PChar('libssl.so.' + OpenSSLVersions[i]));

So you might need to fix both that and the dependency.


Kurt

Processed: severity of 802118 is important

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> severity 802118 important
Bug #802118 [libengine-pkcs11-openssl] libengine-pkcs11-openssl: Functions to 
set static global data may cause memory leak.
Severity set to 'important' from 'grave'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
802118: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802118
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Bug#613674: Subject: xutils-dev: Can't get have_xmlto_text unless I add some content to the conftest.xml

2015-11-14 Thread Debian Bug Tracking System 
Processing control commands:

> severity -1 serious
Bug #613674 [xutils-dev] Subject: xutils-dev: Can't get have_xmlto_text unless 
I add some content to the conftest.xml
Severity set to 'serious' from 'normal'
> affects -1 src:libxdmcp
Bug #613674 [xutils-dev] Subject: xutils-dev: Can't get have_xmlto_text unless 
I add some content to the conftest.xml
Added indication that 613674 affects src:libxdmcp
> tags -1 + patch
Bug #613674 [xutils-dev] Subject: xutils-dev: Can't get have_xmlto_text unless 
I add some content to the conftest.xml
Added tag(s) patch.

-- 
613674: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=613674
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#805113: CVE-2015-8126: buffer overflow

2015-11-14 Thread Josh Triplett 
Package: libpng12-0
Version: 1.2.50-2+b2
Severity: critical
Tags: security upstream

Quoting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8126
> Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE
> functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and
> 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote
> attackers to cause a denial of service (application crash) or possibly have
> unspecified other impact via a small bit-depth value in an IHDR (aka image
> header) chunk in a PNG image.

In particular, "1.1.x and 1.2.x before 1.2.54".

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.3.0-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libpng12-0 depends on:
ii  libc6  2.19-22
ii  multiarch-support  2.19-22
ii  zlib1g 1:1.2.8.dfsg-2+b1

libpng12-0 recommends no packages.

libpng12-0 suggests no packages.

-- no debconf information

Processed: block 797926 with 804440

2015-11-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> block 797926 with 804440
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 804455 803974 804605 805097 804604 804616 804807 805084 
804620 804457 804611 804452 804431 805112 804463 805083 803975 803972 804327 
804623 804615 804138 803881 804336 804334 804619 803886 804324 804089 804326 
803889 803753 804607
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 804440
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: zorp: FTBFS: SSLv3 method removed

2015-11-14 Thread Debian Bug Tracking System 
Processing control commands:

> block 797926 by -1
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 804457 805084 804431 804455 803753 804334 805083 804604 
804607 804619 803881 804605 804324 803975 804138 804615 803974 804611 804327 
803889 804807 803972 804616 805097 804089 803886 804326 804463 804623 804620 
804452 804336
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 805112

-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
805112: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805112
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#805112: zorp: FTBFS: SSLv3 method removed

2015-11-14 Thread Kurt Roeckx 
Source: zorp
Version: 3.9.5-7
Severity: serious
Control: block 797926 by -1

Hi,

The SSLv3 methods in the openssl package have been removed and as
a result your package can't be build anymore.

The code looks like:
  if (strcmp(self->ssl_opts.ssl_method[side]->str, "SSLv23") == 0)
{
  if (side == EP_CLIENT)
ctx = SSL_CTX_new(SSLv23_server_method());
  else
ctx = SSL_CTX_new(SSLv23_client_method());
}
#ifndef OPENSSL_NO_SSL2
  else if (strcmp(self->ssl_opts.ssl_method[side]->str, "SSLv2") == 0)
{
  if (side == EP_CLIENT)
ctx = SSL_CTX_new(SSLv2_server_method());
  else
ctx = SSL_CTX_new(SSLv2_client_method());
}
#endif
  else if (strcmp(self->ssl_opts.ssl_method[side]->str, "SSLv3") == 0)
{
  if (side == EP_CLIENT)
ctx = SSL_CTX_new(SSLv3_server_method());
  else
ctx = SSL_CTX_new(SSLv3_client_method());
}
  else if (strcmp(self->ssl_opts.ssl_method[side]->str, "TLSv1") == 0)
{
  if (side == EP_CLIENT)
ctx = SSL_CTX_new(TLSv1_server_method());
  else
ctx = SSL_CTX_new(TLSv1_client_method());
}
  else
{
  z_proxy_log(self, CORE_POLICY, 1, "Bad SSL method; method='%s', 
side='%s'",
  self->ssl_opts.ssl_method[side]->str, EP_STR(side));
  z_proxy_return(self, FALSE);
}


And the documentation like:
  

  Constants for SSL/TLS protocol selection


  SSL_METHOD_SSLV23
  
   Permit the use of SSLv2 and v3.
  


  SSL_METHOD_SSLV2
  
   Permit the use of SSLv2 exclusively.
  


  SSL_METHOD_SSLV3
  
Permit the use of SSLv3 exclusively.
  


  SSL_METHOD_TLSV1
  
Permit the use of TLSv1 exclusively.
  


  SSL_METHOD_ALL
  
   Permit the use of all the supported (SSLv2, SSLv3, and TLSv1) 
protocols.
  

  

There is also:
SSL_METHOD_SSLV23   = "SSLv23"
SSL_METHOD_SSLV2= "SSLv2"
SSL_METHOD_SSLV3= "SSLv3"
SSL_METHOD_TLSV1= "TLSv1"
SSL_METHOD_ALL  = "SSLv23"

So at least the documentation about SSL_METHOD_SSLV23 is wrong,
since it's actually the same as SSL_METHOD_ALL.  The SSLv23_*
methods are the only ones that support multiple protocol versions,
and that currently includes up to TLS 1.2.

I recommend to only use the SSLv23_* methods, the others will go
away in the future.  If you want to limit the support to a
protocol version I suggest you use the SSL(_CTX)_set_options()
options with something like SSL_OP_NO_SSLv3.


Kurt

Processed: medusa: FTBFS: SSLv3 method removed

2015-11-14 Thread Debian Bug Tracking System 
Processing control commands:

> block 797926 by -1
Bug #797926 [release.debian.org] transition: openssl: remove SSLv3 methods
797926 was blocked by: 804615 804326 804457 804431 804327 804336 804623 804463 
804089 804452 805112 803886 804607 805084 804807 804620 803753 803881 805097 
804440 805083 803972 804611 804455 803975 803889 804334 804604 804138 804619 
803974 804605 804616 804324
797926 was not blocking any bugs.
Added blocking bug(s) of 797926: 805114

-- 
797926: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797926
805114: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805114
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#805114: medusa: FTBFS: SSLv3 method removed

2015-11-14 Thread Kurt Roeckx 
Source: medusa
Version: 2.1.1-1
Severity: serious
Control: block 797926 by -1

Hi,

SSLv3 support has been removed in Debian and as a result your
package now fails to build.  The code looks like this:
  /* The SSL context can support SSLv2, SSLv3, or both. The default is to use 
whatever
 the server demands. The module can override this by setting nSSLVersion. */

  /* Debian's OpenSSL has SSLv2 support disabled. */
#ifndef OPENSSL_NO_SSL2
  if (pParams->nSSLVersion == 2)
sslContext = SSL_CTX_new(SSLv2_client_method());
  else
#endif
  if (pParams->nSSLVersion == 3)
sslContext = SSL_CTX_new(SSLv3_client_method());
  else if (pParams->nSSLVersion == (float)3.1)
sslContext = SSL_CTX_new(TLSv1_client_method());
  else
sslContext = SSL_CTX_new(SSLv23_client_method());


And then you seem to have various code doing things like:
params.nSSLVersion = 3.1; /* Force the use of TLSv1 */

And one location doing:
params.nSSLVersion = 3; /* VMware Authentication Daemon requires 
SSLv3 */

There doesn't seem to be a default value for nSSLVersion, so I
assume it's 0 in which case you should end up at the
SSLv23_* method.

Please note that SSLv3 support has been completly removed in
the new version.  If that VMware Authentication Daemon still
requires SSLv3 it's just not going to work anymore.

The SSLv23_* methods are the only ones that support multiple
protocol versions and I suggest you only use those.  The others
will go away in the future.

If there is a need to limit the protocol please use
SSL_(CTX_)set_options with something like SSL_OP_NO_SSLv3.


Kurt

  1   2   >