date:20170721

Bug#869258: virtualbox-dkms: fails to build on kernel version 4.11.0-1

2017-07-21 Thread Daniel Koszta

Package: virtualbox-dkms
Version: 5.1.10-dfsg-1
Severity: grave
Justification: renders package unusable

Dear Maintainer,

After a recent dist-upgrade, VirtualBox fails to strart VMs with the
following error message:

> Kernel driver not installed (rc=-1908)
>
> The VirtualBox Linux kernel driver (vboxdrv) is either not loaded or there is 
> a permission problem with /dev/vboxdrv. Please reinstall virtualbox-dkms 
> package and load the kernel module by executing
>
> 'modprobe vboxdrv'
>
> as root.
>
> where: suplibOsInit what: 3 VERR_VM_DRIVER_NOT_INSTALLED (-1908) - The 
> support driver is not installed. On linux, open returned ENOENT.

I tried to run "dpkg-reconfigure virtualbox-dkms" which resulted in the
following error:

> Error! Bad return status for module build on kernel: 4.11.0-1-amd64
> (x86_64)
> Consult /var/lib/dkms/virtualbox/5.1.10/build/make.log for more
> information.

The relevant section of the log file is as follows:

>  CC [M] 
> /var/lib/dkms/virtualbox/5.1.10/build/vboxdrv/r0drv/linux/mp-r0drv-linux.o
> /var/lib/dkms/virtualbox/5.1.10/build/vboxdrv/r0drv/linux/memobj-r0drv-linux.c:
>  In function ‘rtR0MemObjNativeLockUser’:
> /var/lib/dkms/virtualbox/5.1.10/build/vboxdrv/r0drv/linux/memobj-r0drv-linux.c:1067:18:
>  error: too few arguments to function ‘get_user_pages_remote’
>  rc = get_user_pages_remote(
>   ^
> In file included from 
> /var/lib/dkms/virtualbox/5.1.10/build/vboxdrv/r0drv/linux/the-linux-kernel.h:98:0,
>  from 
> /var/lib/dkms/virtualbox/5.1.10/build/vboxdrv/r0drv/linux/memobj-r0drv-linux.c:31:
> /usr/src/linux-headers-4.11.0-1-common/include/linux/mm.h:1326:6: note: 
> declared here
>  long get_user_pages_remote(struct task_struct *tsk, struct mm_struct *mm,
>   ^
> /usr/src/linux-headers-4.11.0-1-common/scripts/Makefile.build:299: recipe for 
> target 
> '/var/lib/dkms/virtualbox/5.1.10/build/vboxdrv/r0drv/linux/memobj-r0drv-linux.o'
>  failed

As a workaround, I found that switching back to the older kernel version
(4.9.0-3) works.



-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.11.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=hu_HU.utf8, LC_CTYPE=hu_HU.utf8 (charmap=UTF-8), 
LANGUAGE=hu_HU.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages virtualbox-dkms depends on:
ii  dkms  2.3-3

Versions of packages virtualbox-dkms recommends:
ii  virtualbox  5.1.10-dfsg-1

virtualbox-dkms suggests no packages.

-- no debconf information

Bug#868280: [Pkg-privacy-maintainers] Bug#868280: even after purging and installing fresh torbrowser-launcher doesn't work.

2017-07-21 Thread intrigeri

Hi shirish!

> I purged and reinstalled amd getting the same error -

Do you mean you purged the package, or also ~/.local/share/torbrowser/?

Bug#866629: debian-installer: Installer showes Debootstrap Error debian stretch live installation

2017-07-21 Thread Dhanar Adi Dewandaru

On Sat, 8 Jul 2017 12:25:44 +0530 Pirate Praveen 
wrote:
> On Thu, 6 Jul 2017 00:35:21 +0530 Prahlad Yeri 
> wrote:
> > Can confirm this bug on the live installer - tried both XFCE and LXDE
> > versions.
> >
> > Never expected such goof up on a debian stable version!
>
> I agree it was a let down and frustrating.
>
> > Granted that its just released, but we do go through ages of testing
> > before reaching stable, don't we? The reason a user comes to debian in
> > the first place is stability. If you don't even get that, then what is
> > the rationale for using debian stable against something like Ubuntu LTS
> > where you get both stability and newer packages?
>
> The reason why debian is stable is because of the extensive testing.
> Unfortunately the live installer did not receive the extensive testing
> as the regular installer or the rest of debian. Only live installer had
> this problem and if more people volunteer to test pre-releases of live
> installer, we can avoid the situation in future.
>

Well, I am also affected by this bug. I am using
"debian-live-9.0.1-amd64-mate+nonfree.iso". The workaround for me is to
make bootable USB disk from the ISO and add the following:

1. "base_installable" in ".disk" folder
2. "grub-pc" deb package and its dependencies to "pool" folder (and update
the corresponding Packages file)

After this, the installation can finish without having to connect to the
internet. Tested on VirtualBox on my PC.

I hope this bug can be fixed soon.

Processed: (no subject)

2017-07-21 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> tags 868500 + upstream fixed-upstream jessie stretch
Bug #868500 [src:atril] atril: CVE-2017-183
Added tag(s) jessie, stretch, upstream, and fixed-upstream.
> forwarded 868500 https://github.com/mate-desktop/atril/issues/257
Bug #868500 [src:atril] atril: CVE-2017-183
Set Bug forwarded-to-address to 
'https://github.com/mate-desktop/atril/issues/257'.
>
End of message, stopping processing here.

Please contact me if you need assistance.
-- 
868500: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868500
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#868500: (no subject)

2017-07-21 Thread ZenWalker

we don't need to remove the tar support

it was fixed in the upstream with this patch:

https://github.com/mate-desktop/atril/commit/f4291fd62f7dfe6460d2406a979ccfac0c68dd59.patch

Processed: notfixed 842240 in 0.8.0-1, notfound 866397 in 233-9, notfixed 868429 in 1.12.2-1 ...

2017-07-21 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> #unconfuse the bts: found+fixed in the same version
> notfixed 842240 0.8.0-1
Bug #842240 {Done: Yves-Alexis Perez } [xfce4-terminal] 
xfce4-terminal: xfcde4-terminal --dropdown fals after some time
No longer marked as fixed in versions 0.8.0-1.
> notfound 866397 233-9
Bug #866397 {Done: Vincent Danjean } [udev] udev: 
regression: no escape key on HP ZBook anymore
No longer marked as found in versions systemd/233-9.
> notfixed 868429 1.12.2-1
Bug #868429 {Done: Sebastian Dröge } [gstreamer1.0-vaapi] 
1.12.2 uninstallable
No longer marked as fixed in versions gstreamer-vaapi/1.12.2-1.
> found 868647 2.0.0-3
Bug #868647 {Done: Anthony Fok } 
[golang-etcd-dev,golang-github-coreos-go-etcd-dev] 
golang-github-coreos-go-etcd-dev and golang-etcd-dev: error when trying to 
install together
There is no source info for the package 'golang-etcd-dev' at version '2.0.0-3' 
with architecture ''
Marked as found in versions golang-etcd/2.0.0-3.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
842240: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842240
866397: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866397
868429: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868429
868647: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868647
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#869251: java-allocation-instrumenter FTBFS: Unable to JarJar: /build/1st/java-allocation-instrumenter-3.0.1/target/classes cause: RemappingClassAdapter is deprecated, use ClassRemapper instead

2017-07-21 Thread Adrian Bunk

Source: java-allocation-instrumenter
Version: 3.0.1-1
Severity: serious
Tags: buster sid

Some recent change in unstable makes java-allocation-instrumenter FTBFS:

https://tests.reproducible-builds.org/debian/history/java-allocation-instrumenter.html
https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/java-allocation-instrumenter.html

...
Picked up JAVA_TOOL_OPTIONS: -Dfile.encoding=UTF-8
[[1;34mINFO[m] Scanning for projects...
[[1;33mWARNING[m] The POM for 
org.apache.maven.plugins:maven-eclipse-plugin:jar:2.9 is missing, no dependency 
information available
[[1;33mWARNING[m] Failed to retrieve plugin descriptor for 
org.apache.maven.plugins:maven-eclipse-plugin:2.9: Plugin 
org.apache.maven.plugins:maven-eclipse-plugin:2.9 or one of its dependencies 
could not be resolved: Cannot access central 
(https://repo.maven.apache.org/maven2) in offline mode and the artifact 
org.apache.maven.plugins:maven-eclipse-plugin:jar:2.9 has not been downloaded 
from it before.
[[1;33mWARNING[m] The POM for 
org.apache.maven.plugins:maven-release-plugin:jar:2.5.1 is missing, no 
dependency information available
[[1;33mWARNING[m] Failed to retrieve plugin descriptor for 
org.apache.maven.plugins:maven-release-plugin:2.5.1: Plugin 
org.apache.maven.plugins:maven-release-plugin:2.5.1 or one of its dependencies 
could not be resolved: Cannot access central 
(https://repo.maven.apache.org/maven2) in offline mode and the artifact 
org.apache.maven.plugins:maven-release-plugin:jar:2.5.1 has not been downloaded 
from it before.
[[1;33mWARNING[m] The POM for 
org.apache.maven.plugins:maven-eclipse-plugin:jar:2.9 is missing, no dependency 
information available
[[1;33mWARNING[m] Failed to retrieve plugin descriptor for 
org.apache.maven.plugins:maven-eclipse-plugin:2.9: Plugin 
org.apache.maven.plugins:maven-eclipse-plugin:2.9 or one of its dependencies 
could not be resolved: Cannot access central 
(https://repo.maven.apache.org/maven2) in offline mode and the artifact 
org.apache.maven.plugins:maven-eclipse-plugin:jar:2.9 has not been downloaded 
from it before.
[[1;33mWARNING[m] The POM for 
org.apache.maven.plugins:maven-release-plugin:jar:2.5.1 is missing, no 
dependency information available
[[1;33mWARNING[m] Failed to retrieve plugin descriptor for 
org.apache.maven.plugins:maven-release-plugin:2.5.1: Plugin 
org.apache.maven.plugins:maven-release-plugin:2.5.1 or one of its dependencies 
could not be resolved: Cannot access central 
(https://repo.maven.apache.org/maven2) in offline mode and the artifact 
org.apache.maven.plugins:maven-release-plugin:jar:2.5.1 has not been downloaded 
from it before.
[[1;34mINFO[m] 
[[1;34mINFO[m] 
[1m[m
[[1;34mINFO[m] [1mBuilding java-allocation-instrumenter 3.0.1[m
[[1;34mINFO[m] 
[1m[m
[[1;33mWARNING[m] The POM for 
org.apache.maven.plugins:maven-eclipse-plugin:jar:2.9 is missing, no dependency 
information available
[[1;33mWARNING[m] Failed to retrieve plugin descriptor for 
org.apache.maven.plugins:maven-eclipse-plugin:2.9: Plugin 
org.apache.maven.plugins:maven-eclipse-plugin:2.9 or one of its dependencies 
could not be resolved: Cannot access central 
(https://repo.maven.apache.org/maven2) in offline mode and the artifact 
org.apache.maven.plugins:maven-eclipse-plugin:jar:2.9 has not been downloaded 
from it before.
[[1;33mWARNING[m] The POM for 
org.apache.maven.plugins:maven-release-plugin:jar:2.5.1 is missing, no 
dependency information available
[[1;33mWARNING[m] Failed to retrieve plugin descriptor for 
org.apache.maven.plugins:maven-release-plugin:2.5.1: Plugin 
org.apache.maven.plugins:maven-release-plugin:2.5.1 or one of its dependencies 
could not be resolved: Cannot access central 
(https://repo.maven.apache.org/maven2) in offline mode and the artifact 
org.apache.maven.plugins:maven-release-plugin:jar:2.5.1 has not been downloaded 
from it before.
[[1;34mINFO[m] 
[[1;34mINFO[m] [1m--- [0;32mmaven-resources-plugin:2.6:resources[m 
[1m(default-resources)[m @ [36mjava-allocation-instrumenter[0;1m ---[m
[[1;34mINFO[m] Using 'UTF-8' encoding to copy filtered resources.
[[1;34mINFO[m] skip non existing resourceDirectory 
/build/1st/java-allocation-instrumenter-3.0.1/src/main/resources
[[1;34mINFO[m] 
[[1;34mINFO[m] [1m--- [0;32mmaven-compiler-plugin:3.6.1:compile[m 
[1m(default-compile)[m @ [36mjava-allocation-instrumenter[0;1m ---[m
[[1;33mWARNING[m] The POM for org.codehaus.plexus:plexus-compiler-api:jar:2.x 
is invalid, transitive dependencies (if any) will not be available, enable 
debug logging for more details
[[1;33mWARNING[m] The POM for 
org.codehaus.plexus:plexus-compiler-javac:jar:2.x is invalid, transitive 
dependencies (if any) will not be available, enable debug logging for more 
details
[[1;34mINFO[m] Changes detected - recompiling the

Bug#869250: dnssecjava FTBFS: Execution default-bundle of goal org.apache.felix:maven-bundle-plugin:2.5.4:bundle failed: An API incompatibility was encountered

2017-07-21 Thread Adrian Bunk

Source: dnssecjava
Version: 1.1.3-1
Severity: serious
Tags: buster sid

Some recent change in usntable makes dnssecjava FTBFS:

https://tests.reproducible-builds.org/debian/history/java-allocation-instrumenter.html
https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/dnssecjava.html

...
[[1;34mINFO[m] Changes detected - recompiling the module!
[[1;34mINFO[m] Compiling 15 source files to 
/build/1st/dnssecjava-1.1.3/target/classes
[[1;34mINFO[m] 
[[1;34mINFO[m] [1m--- [0;32mmaven-resources-plugin:3.0.0:testResources[m 
[1m(default-testResources)[m @ [36mdnssecjava[0;1m ---[m
[[1;34mINFO[m] Using 'UTF-8' encoding to copy filtered resources.
[[1;34mINFO[m] Copying 305 resources
[[1;34mINFO[m] 
[[1;34mINFO[m] [1m--- [0;32mmaven-compiler-plugin:3.6.1:testCompile[m 
[1m(default-testCompile)[m @ [36mdnssecjava[0;1m ---[m
[[1;34mINFO[m] Changes detected - recompiling the module!
[[1;34mINFO[m] Compiling 32 source files to 
/build/1st/dnssecjava-1.1.3/target/test-classes
[[1;34mINFO[m] 
[[1;34mINFO[m] [1m--- [0;32mmaven-surefire-plugin:2.19.1:test[m 
[1m(default-test)[m @ [36mdnssecjava[0;1m ---[m
[[1;34mINFO[m] Tests are skipped.
[[1;34mINFO[m] 
[[1;34mINFO[m] [1m--- [0;32mmaven-bundle-plugin:2.5.4:bundle[m 
[1m(default-bundle)[m @ [36mdnssecjava[0;1m ---[m
[[1;34mINFO[m] 
[[1;34mINFO[m] 
[1m[m
[[1;34mINFO[m] [1mSkipping dnssecjava[m
[[1;34mINFO[m] This project has been banned from the build due to previous 
failures.
[[1;34mINFO[m] 
[1m[m
[[1;34mINFO[m] 
[1m[m
[[1;34mINFO[m] [1;31mBUILD FAILURE[m
[[1;34mINFO[m] 
[1m[m
[[1;34mINFO[m] Total time: 25.047 s
[[1;34mINFO[m] Finished at: 2017-07-21T11:47:53-12:00
[[1;34mINFO[m] Final Memory: 25M/699M
[[1;34mINFO[m] 
[1m[m
[[1;31mERROR[m] Failed to execute goal 
[32morg.apache.felix:maven-bundle-plugin:2.5.4:bundle[m 
[1m(default-bundle)[m on project [36mdnssecjava[m: [1;31mExecution 
default-bundle of goal org.apache.felix:maven-bundle-plugin:2.5.4:bundle 
failed: An API incompatibility was encountered while executing 
org.apache.felix:maven-bundle-plugin:2.5.4:bundle: java.lang.NoSuchMethodError: 
org.apache.maven.archiver.MavenArchiver.getManifest(Lorg/apache/maven/project/MavenProject;Lorg/apache/maven/archiver/MavenArchiveConfiguration;)Lorg/codehaus/plexus/archiver/jar/Manifest;[m
[[1;31mERROR[m] 
[1;31m-[m
[[1;31mERROR[m] [1;31mrealm =
extension>org.apache.felix:maven-bundle-plugin:2.5.4[m
[[1;31mERROR[m] [1;31mstrategy = 
org.codehaus.plexus.classworlds.strategy.SelfFirstStrategy[m
[[1;31mERROR[m] [1;31murls[0] = 
file:/build/1st/dnssecjava-1.1.3/debian/maven-repo/org/apache/felix/maven-bundle-plugin/2.5.4/maven-bundle-plugin-2.5.4.jar[m
[[1;31mERROR[m] [1;31murls[1] = 
file:/build/1st/dnssecjava-1.1.3/debian/maven-repo/org/osgi/org.osgi.core/debian/org.osgi.core-debian.jar[m
[[1;31mERROR[m] [1;31murls[2] = 
file:/build/1st/dnssecjava-1.1.3/debian/maven-repo/biz/aQute/bnd/bndlib/debian/bndlib-debian.jar[m
[[1;31mERROR[m] [1;31murls[3] = 
file:/build/1st/dnssecjava-1.1.3/debian/maven-repo/org/apache/felix/org.apache.felix.bundlerepository/debian/org.apache.felix.bundlerepository-debian.jar[m
[[1;31mERROR[m] [1;31murls[4] = 
file:/build/1st/dnssecjava-1.1.3/debian/maven-repo/org/easymock/easymock/debian/easymock-debian.jar[m
[[1;31mERROR[m] [1;31murls[5] = 
file:/build/1st/dnssecjava-1.1.3/debian/maven-repo/cglib/cglib/debian/cglib-debian.jar[m
[[1;31mERROR[m] [1;31murls[6] = 
file:/build/1st/dnssecjava-1.1.3/debian/maven-repo/org/ow2/asm/asm/debian/asm-debian.jar[m
[[1;31mERROR[m] [1;31murls[7] = 
file:/build/1st/dnssecjava-1.1.3/debian/maven-repo/org/objenesis/objenesis/debian/objenesis-debian.jar[m
[[1;31mERROR[m] [1;31murls[8] = 
file:/build/1st/dnssecjava-1.1.3/debian/maven-repo/org/apache/felix/org.apache.felix.utils/debian/org.apache.felix.utils-debian.jar[m
[[1;31mERROR[m] [1;31murls[9] = 
file:/build/1st/dnssecjava-1.1.3/debian/maven-repo/org/osgi/org.osgi.compendium/debian/org.osgi.compendium-debian.jar[m
[[1;31mERROR[m] [1;31murls[10] = 
file:/build/1st/dnssecjava-1.1.3/debian/maven-repo/org/apache/maven/wagon/wagon-file/debian/wagon-file-debian.jar[m
[[1;31mERROR[m] [1;31murls[11] = 
file:/build/1st/dnssecjava-1.1.3/debian/maven-repo/org/apache/maven/wagon/wagon-http-lightweight/debian/wagon-http-lightweight-debian.jar[m
[[1;31mERROR[m] [1;31murls[12] =

Bug#869249: haskell-argon2 FTBFS: error: 'ARGON2_FLAG_CLEAR_MEMORY' undeclared

2017-07-21 Thread Adrian Bunk

Source: haskell-argon2
Version: 1.2.0-3
Severity: serious
Tags: buster sid

Some recent change in unstable makes haskell-argon2 FTBFS:

https://tests.reproducible-builds.org/debian/history/haskell-argon2.html
https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/haskell-argon2.html

...
Building argon2-1.2.0...
Preprocessing library argon2-1.2.0...
In file included from dist-ghc/build/Crypto/Argon2/FFI_hsc_make.c:1:0:
FFI.hsc: In function 'main':
FFI.hsc:93:16: error: 'ARGON2_FLAG_CLEAR_MEMORY' undeclared (first use in this 
function)
/usr/lib/ghc/template-hsc.h:35:10: note: in definition of macro 'hsc_const'
 if ((x) < 0)  \
  ^
FFI.hsc:93:16: note: each undeclared identifier is reported only once for each 
function it appears in
/usr/lib/ghc/template-hsc.h:35:10: note: in definition of macro 'hsc_const'
 if ((x) < 0)  \
  ^
compiling dist-ghc/build/Crypto/Argon2/FFI_hsc_make.c failed (exit code 1)
command was: /usr/bin/gcc -c dist-ghc/build/Crypto/Argon2/FFI_hsc_make.c -o 
dist-ghc/build/Crypto/Argon2/FFI_hsc_make.o -fno-stack-protector 
-fno-stack-protector -D__GLASGOW_HASKELL__=800 -Dlinux_BUILD_OS=1 
-Dx86_64_BUILD_ARCH=1 -Dlinux_HOST_OS=1 -Dx86_64_HOST_ARCH=1 
-Idist-ghc/build/autogen -include dist-ghc/build/autogen/cabal_macros.h 
-I/usr/lib/ghc/bytestring-0.10.8.1/include -I/usr/lib/ghc/base-4.9.1.0/include 
-I/usr/lib/ghc/integer-gmp-1.0.0.1/include -I/usr/lib/ghc/include 
-I/usr/lib/ghc/include/
/usr/share/cdbs/1/class/hlibrary.mk:147: recipe for target 'build-ghc-stamp' 
failed
make: *** [build-ghc-stamp] Error 1

Processed: notfound 868695 in 233-10

2017-07-21 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> notfound 868695 233-10
Bug #868695 {Done: Michael Biebl } [systemd] systemd: leaves 
empty LC_CTYPE what breaks X11 ssh password prompt
No longer marked as found in versions systemd/233-10.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
868695: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868695
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#868083: marked as done (CVE-2017-7506)

2017-07-21 Thread Debian Bug Tracking System

Your message dated Fri, 21 Jul 2017 22:35:19 +
with message-id 
and subject line Bug#868083: fixed in spice 0.12.8-2.2
has caused the Debian Bug report #868083,
regarding CVE-2017-7506
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
868083: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868083
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: spice
Severity: grave
Tags: security

Please see:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7506

Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: spice
Source-Version: 0.12.8-2.2

We believe that the bug you reported is fixed in the latest version of
spice, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 868...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Markus Koschany  (supplier of updated spice package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 21 Jul 2017 23:34:38 +0200
Source: spice
Binary: libspice-server1 libspice-server-dev
Architecture: source
Version: 0.12.8-2.2
Distribution: unstable
Urgency: medium
Maintainer: Liang Guo 
Changed-By: Markus Koschany 
Description:
 libspice-server-dev - Header files and development documentation for 
spice-server
 libspice-server1 - Implements the server side of the SPICE protocol
Closes: 868083
Changes:
 spice (0.12.8-2.2) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Fix CVE-2017-7506: (Closes: #868083)
 Possible buffer overflow via invalid monitor configurations.
Checksums-Sha1:
 9e3adb702ec341bf74e473eb3ea1e74067d96024 2543 spice_0.12.8-2.2.dsc
 ddf556bd2048681c8680bfd97814264e69078161 11572 spice_0.12.8-2.2.debian.tar.xz
 516fabae54d51f7540126b053035f1e8ca91fd2f 7564 spice_0.12.8-2.2_amd64.buildinfo
Checksums-Sha256:
 5720fdd3eebd9afd3c1814bff89c55b908d8709c5f9058ab5cfc11f02f962f44 2543 
spice_0.12.8-2.2.dsc
 df6e4849496a4fdab77e5454bfc15052cc01adbcf04c6ddb058d4961081cb2f5 11572 
spice_0.12.8-2.2.debian.tar.xz
 533e89c0e7ea66adb3e6a0cff3d1943e0ab5edd8295a0d50d06812569789d3ee 7564 
spice_0.12.8-2.2_amd64.buildinfo
Files:
 75666ef961538ff3033be8fd6185e909 2543 misc optional spice_0.12.8-2.2.dsc
 89aff010bac313eeeaec77b1ff7a1f8f 11572 misc optional 
spice_0.12.8-2.2.debian.tar.xz
 7587ff3a95dc77c7bf5f3d86eea46574 7564 misc optional 
spice_0.12.8-2.2_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAllydvxfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkDo8P/ReTjEwouWXvBWewDJ4IjSyDzXSggKPPxAaN
arf8Rp3d8BseiroC9YGKLMMrn9nHedyJGK93J/tNcRbI8RYFrCl0D9+zahkaJmiM
gp1UlQXKyFWutsBnejx3plnEYQkCcZE0mal5E21yw77ZLA5IE9zkiPFvPpmeiVpu
zIDQQohEF0MqgSJoIox4uHBgJ/AtmhFg8Bljah5pS7QJuqjoauAteZf2gx3Sg5d8
7SYhJBEmUpQYUFjusLP+uM54RPW9AmUxd0STN6LrMrJT3xilsGMvo0va9aNJ5HqX
SsbvhNZPhJcCNuQV7Y+owkIDgc30oQ/yKL7DAxwgLBgecIEBKg605eI2pip2iEju
7A36tnYmPcIhMOVPUaW7gh3CoAKqKhin9xLo6vay81UKYBDJcIVPeRNgl0G4PT+v
zkDpNWEi+44o7kyX2dkvxNcglABS9EV4auwwumWqni5zyb5jJbSd3JbPUWvGtn1S
BLXxzYgswut+V6mQWUPHggfwRVDomK3Ly/CZZZG+hlt3ttD/qtaWYhQuWwoI7rv+
jVvxrHlSQRyZ28O8YPc/J7y+3HcL6ZN5v/HKddyQ/35t2mLvs5U0XhPx4eN+4SZm
9nDLkombyjvqBjsa+1U/FSR4b2uLUmS0+6Jvl+7x+Xv4c7YhGpN1qaKUpjUfXN7Y
6uZzAVC3
=nBMS
-END PGP SIGNATURE End Message ---

Bug#868280: even after purging and installing fresh torbrowser-launcher doesn't work.

2017-07-21 Thread shirish शिरीष

Dear maintainer,

I purged and reinstalled amd getting the same error -

[$] LC_ALL=C torbrowser-launcher

Tor Browser Launcher
By Micah Lee, licensed under MIT
version 0.2.7
https://github.com/micahflee/torbrowser-launcher
Launching './Browser/start-tor-browser --detach'...
./Browser/execdesktop: line 14: ./Browser/start-tor-browser: No such
file or directory

Here are the depends and whatever else is needed to make a call -

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (600, 'testing'), (500, 'unstable-debug'), (500,
'stable-debug'), (1, 'experimental-debug'), (1, 'experimental'), (1,
'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.11.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages torbrowser-launcher depends on:
ii  ca-certificates  20161130+nmu1
ii  gnupg2.1.18-8
ii  python   2.7.13-2
ii  python-gtk2  2.24.0-5.1
ii  python-lzma  0.5.3-3
ii  python-parsley   1.2-1
ii  python-psutil5.0.1-1+b1
ii  python-twisted   16.6.0-2
ii  python-txsocksx  1.15.0.2-1

Versions of packages torbrowser-launcher recommends:
ii  tor  0.3.0.9-1

Versions of packages torbrowser-launcher suggests:
pn  apparmor   
ii  python-pygame  1.9.1release+dfsg-10+b2

-- no debconf information

-- 
  Regards,
  Shirish Agarwal  शिरीष अग्रवाल
  My quotes in this email licensed under CC 3.0
http://creativecommons.org/licenses/by-nc/3.0/
http://flossexperiences.wordpress.com
EB80 462B 08E1 A0DE A73A  2C2F 9F3D C7A4 E1C4 D2D8

Bug#868083: spice: diff for NMU version 0.12.8-2.2

2017-07-21 Thread Markus Koschany

Control: tags 868083 + patch
Control: tags 868083 + pending

Dear maintainer,

I've prepared an NMU for spice (versioned as 0.12.8-2.2) and
uploaded it to unstable without delay. Since the versions in Stretch
and Sid are identical, I have just applied the patches from the stable
version.

Regards,

Markus
diff -Nru spice-0.12.8/debian/changelog spice-0.12.8/debian/changelog
--- spice-0.12.8/debian/changelog	2017-02-13 21:42:01.0 +0100
+++ spice-0.12.8/debian/changelog	2017-07-21 23:34:38.0 +0200
@@ -1,3 +1,11 @@
+spice (0.12.8-2.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix CVE-2017-7506: (Closes: #868083)
+Possible buffer overflow via invalid monitor configurations.
+
+ -- Markus Koschany   Fri, 21 Jul 2017 23:34:38 +0200
+
 spice (0.12.8-2.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru spice-0.12.8/debian/patches/CVE-2017-7506-1.patch spice-0.12.8/debian/patches/CVE-2017-7506-1.patch
--- spice-0.12.8/debian/patches/CVE-2017-7506-1.patch	1970-01-01 01:00:00.0 +0100
+++ spice-0.12.8/debian/patches/CVE-2017-7506-1.patch	2017-07-21 23:34:38.0 +0200
@@ -0,0 +1,73 @@
+From 257f69d619fed407493156c8a7b952abc8a51314 Mon Sep 17 00:00:00 2001
+From: Frediano Ziglio 
+Date: Mon, 15 May 2017 15:57:28 +0100
+Subject: [spice-server 1/3] reds: Disconnect when receiving overly big
+ ClientMonitorsConfig
+
+Total message size received from the client was unlimited. There is
+a 2kiB size check on individual agent messages, but the MonitorsConfig
+message can be split in multiple chunks, and the size of the
+non-chunked MonitorsConfig message was never checked. This could easily
+lead to memory exhaustion on the host.
+
+Signed-off-by: Frediano Ziglio 
+---
+ server/reds.c | 25 +++--
+ 1 file changed, 23 insertions(+), 2 deletions(-)
+
+diff --git a/server/reds.c b/server/reds.c
+index f439a3668..7be85fdfc 100644
+--- a/server/reds.c
 b/server/reds.c
+@@ -993,19 +993,34 @@ static void reds_client_monitors_config_cleanup(void)
+ static void reds_on_main_agent_monitors_config(
+ MainChannelClient *mcc, void *message, size_t size)
+ {
++const unsigned int MAX_MONITORS = 256;
++const unsigned int MAX_MONITOR_CONFIG_SIZE =
++   sizeof(VDAgentMonitorsConfig) + MAX_MONITORS * sizeof(VDAgentMonConfig);
++
+ VDAgentMessage *msg_header;
+ VDAgentMonitorsConfig *monitors_config;
+ RedsClientMonitorsConfig *cmc = >client_monitors_config;
+ 
++// limit size of message sent by the client as this can cause a DoS through
++// memory exhaustion, or potentially some integer overflows
++if (sizeof(VDAgentMessage) + MAX_MONITOR_CONFIG_SIZE - cmc->buffer_size < size) {
++goto overflow;
++}
+ cmc->buffer_size += size;
+ cmc->buffer = realloc(cmc->buffer, cmc->buffer_size);
+ spice_assert(cmc->buffer);
+ cmc->mcc = mcc;
+ memcpy(cmc->buffer + cmc->buffer_pos, message, size);
+ cmc->buffer_pos += size;
++if (sizeof(VDAgentMessage) > cmc->buffer_size) {
++spice_debug("not enough data yet. %d", cmc->buffer_size);
++return;
++}
+ msg_header = (VDAgentMessage *)cmc->buffer;
+-if (sizeof(VDAgentMessage) > cmc->buffer_size ||
+-msg_header->size > cmc->buffer_size - sizeof(VDAgentMessage)) {
++if (msg_header->size > MAX_MONITOR_CONFIG_SIZE) {
++goto overflow;
++}
++if (msg_header->size > cmc->buffer_size - sizeof(VDAgentMessage)) {
+ spice_debug("not enough data yet. %d", cmc->buffer_size);
+ return;
+ }
+@@ -1013,6 +1028,12 @@ static void reds_on_main_agent_monitors_config(
+ spice_debug("%s: %d", __func__, monitors_config->num_of_monitors);
+ red_dispatcher_client_monitors_config(monitors_config);
+ reds_client_monitors_config_cleanup();
++return;
++
++overflow:
++spice_warning("received invalid MonitorsConfig request from client, disconnecting");
++red_channel_client_disconnect(main_channel_client_get_base(mcc));
++reds_client_monitors_config_cleanup();
+ }
+ 
+ void reds_on_main_agent_data(MainChannelClient *mcc, void *message, size_t size)
+-- 
+2.13.0
diff -Nru spice-0.12.8/debian/patches/CVE-2017-7506-2.patch spice-0.12.8/debian/patches/CVE-2017-7506-2.patch
--- spice-0.12.8/debian/patches/CVE-2017-7506-2.patch	1970-01-01 01:00:00.0 +0100
+++ spice-0.12.8/debian/patches/CVE-2017-7506-2.patch	2017-07-21 23:34:38.0 +0200
@@ -0,0 +1,29 @@
+From ff2b4ef70181087d5abd50bad76d026ec5088a93 Mon Sep 17 00:00:00 2001
+From: Frediano Ziglio 
+Date: Mon, 15 May 2017 15:57:28 +0100
+Subject: [spice-server 2/3] reds: Avoid integer overflows handling monitor
+ configuration
+
+Avoid VDAgentMessage::size integer overflows.
+
+Signed-off-by: Frediano Ziglio 
+---
+ server/reds.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/server/reds.c b/server/reds.c

Processed: spice: diff for NMU version 0.12.8-2.2

2017-07-21 Thread Debian Bug Tracking System

Processing control commands:

> tags 868083 + patch
Bug #868083 [src:spice] CVE-2017-7506
Added tag(s) patch.
> tags 868083 + pending
Bug #868083 [src:spice] CVE-2017-7506
Added tag(s) pending.

-- 
868083: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868083
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#858539: should ca-certificates certdata.txt synchronize across all suites?

2017-07-21 Thread Guido Günther

Hi,
On Fri, Jul 21, 2017 at 11:03:22PM +0200, Moritz Mühlenhoff wrote:
> On Fri, Jul 21, 2017 at 09:51:45AM -0400, Antoine Beaupré wrote:
> > On 2017-07-20 18:15:00, Philipp Kern wrote:
> > > On 07/17/2017 09:41 PM, Antoine Beaupré wrote:
> > >> Let's not jump the gun here. We're not shipping NSS in ca-certificates,
> > >> just a tiny part of it: one text file, more or less.
> > >
> > > Yeah, and the consensus of the world external to Debian seems to be that
> > > this might not be the smartest choice.
> > 
> > I'm not sure I understand what you are proposing as an alternative
> > here. Should we stop shipping ca-certificates? Or make it a binary
> > package of the NSS source package?
> 
> Most distros rebase to the latest NSS release across all supported suites.
> 
> We also did this once or twice in -security (for changes which were too
> instrusive to backport) and upstream apparently usually supports this.
> 
> But it's quite some effort to test all the reverse deps (that's why 
> backporting
> isolated fixes is easier in such cases) to ensure no breakage creeps in, so
> this would need a volunteer to deal with testing reverse deps.

Which could be mitigated via p-u since this at least allows others
(including machines that build all the rdeps and run the autopkg tests)
to see things before the hit everybody running stable.
Cheers,
 -- Guido

Processed: Add libclang-perl to affects

2017-07-21 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> affects 866354 src:libclang-perl
Bug #866354 [libstdc++6] armel: symbol _ZTINSt13__future_base12_Result_baseE, 
version GLIBCXX_3.4.15 not defined in file libstdc++.so.6
Added indication that 866354 affects src:libclang-perl
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
866354: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866354
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#868500: atril: CVE-2017-1000083

2017-07-21 Thread Mike Gabriel

On  Fr 21 Jul 2017 12:01:13 CEST, Santiago Ruano Rincón wrote:

El 21/07/17 a las 09:50, Mike Gabriel escribió:

Hi Santiago,

On  Fr 21 Jul 2017 11:46:08 CEST, Santiago Ruano Rincón wrote:

> Hi,
>
> El 20/07/17 a las 21:50, Salvatore Bonaccorso escribió:
> > Hi Santiago
> >
> > On Wed, Jul 19, 2017 at 03:05:29PM +0200, Santiago Ruano Rincón wrote:
> > > El 18/07/17 a las 15:21, Santiago Ruano Rincón escribió:
> > > > Control: tags -1 + patch
> > > >
> > > > On Sun, 16 Jul 2017 08:19:43 +0200 Salvatore Bonaccorso

[…]

Please provide the .debdiff of your upload with the original bug report, so
we can weave it into the packaging Git.

Sorry, here it is.

Santiago

Thanks! Git has been updated for the 1.16.1-2.1 upload.

Mike
--

mike gabriel aka sunweaver (Debian Developer)
mobile: +49 (1520) 1976 148
landline: +49 (4354) 8390 139

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
mail: sunwea...@debian.org, http://sunweavers.net

pgpMozKpIWEG3.pgp
Description: Digitale PGP-Signatur

Bug#858539: should ca-certificates certdata.txt synchronize across all suites?

2017-07-21 Thread Moritz Mühlenhoff

On Fri, Jul 21, 2017 at 09:51:45AM -0400, Antoine Beaupré wrote:
> On 2017-07-20 18:15:00, Philipp Kern wrote:
> > On 07/17/2017 09:41 PM, Antoine Beaupré wrote:
> >> Let's not jump the gun here. We're not shipping NSS in ca-certificates,
> >> just a tiny part of it: one text file, more or less.
> >
> > Yeah, and the consensus of the world external to Debian seems to be that
> > this might not be the smartest choice.
> 
> I'm not sure I understand what you are proposing as an alternative
> here. Should we stop shipping ca-certificates? Or make it a binary
> package of the NSS source package?

Most distros rebase to the latest NSS release across all supported suites.

We also did this once or twice in -security (for changes which were too
instrusive to backport) and upstream apparently usually supports this.

But it's quite some effort to test all the reverse deps (that's why backporting
isolated fixes is easier in such cases) to ensure no breakage creeps in, so
this would need a volunteer to deal with testing reverse deps.

Cheers,
Moritz

Bug#869241: python-libnacl FTBFS: Illegal instruction

2017-07-21 Thread Adrian Bunk

Source: python-libnacl
Version: 1.5.2-1
Severity: serious

https://buildd.debian.org/status/fetch.php?pkg=python-libnacl=all=1.5.2-1=1500664052=0

...
   dh_auto_test -i -O--buildsystem=pybuild
I: pybuild base:184: cd /<>/.pybuild/pythonX.Y_2.7/build; 
python2.7 -m nose tests
Illegal instruction
E: pybuild pybuild:283: test: plugin distutils failed with: exit code=132: cd 
/<>/.pybuild/pythonX.Y_2.7/build; python2.7 -m nose tests
dh_auto_test: pybuild --test -i python{version} -p 2.7 returned exit code 13
debian/rules:7: recipe for target 'build-indep' failed
make: *** [build-indep] Error 25

Processed: fixed 865712 in 4.05.0-1

2017-07-21 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> fixed 865712 4.05.0-1
Bug #865712 {Done: Ximin Luo } [src:ocaml] ocaml: 
CVE-2017-9772: local privilege escalation issue with ocaml binaries
Marked as fixed in versions ocaml/4.05.0-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
865712: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865712
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#858539: should ca-certificates certdata.txt synchronize across all suites?

2017-07-21 Thread Antoine Beaupré

On 2017-07-21 22:19:20, Philipp Kern wrote:
> My point was that you state what your delta is and essentially boils 
> down to attach the diff of what will actually happen to the .deb. I 
> think it's generally fine to add new CAs and remove fully distrusted 
> ones, instead of saying "it should just be in sync with unstable". The 
> latter contains a lot more nuance if you know that some of the rules are 
> only available in code.

Thank you for taking the time to clarify your position, I understand it
much better now. :)

Makes perfect sense, I'll try to be clearer in future communications to
avoid such confusion.

A.

-- 
Si les triangles avaient un Dieu, ils lui donneraient trois côtés.
- Montesquieu, Lettres persanes

Bug#869239: haskell-hoogle FTBFS: Expecting one more argument to `Type'

2017-07-21 Thread Adrian Bunk

Source: haskell-hoogle
Version: 5.0.1+dfsg1-3
Severity: serious

https://buildd.debian.org/status/package.php?p=haskell-hoogle=sid

...
[ 4 of 28] Compiling General.Util ( src/General/Util.hs, 
dist-ghc/build/General/Util.o )

src/General/Util.hs:75:14: error:
* Expecting one more argument to `Type'
  Expected a type, but `Type' has kind `* -> *'
* In the type signature:
applyType :: Type -> [Type] -> Type

src/General/Util.hs:75:23: error:
* Expecting one more argument to `Type'
  Expected a type, but `Type' has kind `* -> *'
* In the type signature:
applyType :: Type -> [Type] -> Type

src/General/Util.hs:75:32: error:
* Expecting one more argument to `Type'
  Expected a type, but `Type' has kind `* -> *'
* In the type signature:
applyType :: Type -> [Type] -> Type

src/General/Util.hs:79:15: error:
* Expecting one more argument to `Type'
  Expected a type, but `Type' has kind `* -> *'
* In the type signature:
applyFun1 :: [Type] -> Type

src/General/Util.hs:79:24: error:
* Expecting one more argument to `Type'
  Expected a type, but `Type' has kind `* -> *'
* In the type signature:
applyFun1 :: [Type] -> Type

src/General/Util.hs:83:15: error:
* Expecting one more argument to `Type'
  Expected a type, but `Type' has kind `* -> *'
* In the type signature:
unapplyFun :: Type -> [Type]

src/General/Util.hs:83:24: error:
* Expecting one more argument to `Type'
  Expected a type, but `Type' has kind `* -> *'
* In the type signature:
unapplyFun :: Type -> [Type]

src/General/Util.hs:88:13: error:
* Expecting one more argument to `Name'
  Expected a type, but `Name' has kind `* -> *'
* In the type signature:
fromName :: Name -> String

src/General/Util.hs:92:14: error:
* Expecting one more argument to `QName'
  Expected a type, but `QName' has kind `* -> *'
* In the type signature:
fromQName :: QName -> String

src/General/Util.hs:104:18: error:
* Expecting one more argument to `TyVarBind'
  Expected a type, but `TyVarBind' has kind `* -> *'
* In the type signature:
fromTyVarBind :: TyVarBind -> Name

src/General/Util.hs:104:31: error:
* Expecting one more argument to `Name'
  Expected a type, but `Name' has kind `* -> *'
* In the type signature:
fromTyVarBind :: TyVarBind -> Name

src/General/Util.hs:108:14: error:
* Expecting one more argument to `Decl'
  Expected a type, but `Decl' has kind `* -> *'
* In the type signature:
declNames :: Decl -> [String]

src/General/Util.hs:119:14: error:
* Expecting one more argument to `Decl'
  Expected a type, but `Decl' has kind `* -> *'
* In the type signature:
isTypeSig :: Decl -> Bool
/usr/share/cdbs/1/class/hlibrary.mk:147: recipe for target 'build-ghc-stamp' 
failed
make: *** [build-ghc-stamp] Error 1

Bug#869238: haskell-hoogle FTBFS on binary-all: Haddock failed (no modules?), refusing to create empty documentation package.

2017-07-21 Thread Adrian Bunk

Source: haskell-hoogle
Version: 5.0.1+dfsg1-3
Severity: serious

https://buildd.debian.org/status/fetch.php?pkg=haskell-hoogle=all=5.0.1%2Bdfsg1-3=1500664103=0

...
Haddock coverage:
   0% (  0 /  9) in 'Paths_hoogle'
  Missing documentation for:
Module header
version (dist-ghc/build/autogen/Paths_hoogle.hs:28)
getBinDir (dist-ghc/build/autogen/Paths_hoogle.hs:39)
getLibDir (dist-ghc/build/autogen/Paths_hoogle.hs:39)
getDynLibDir (dist-ghc/build/autogen/Paths_hoogle.hs:39)
getDataDir (dist-ghc/build/autogen/Paths_hoogle.hs:39)
getLibexecDir (dist-ghc/build/autogen/Paths_hoogle.hs:39)
getDataFileName (dist-ghc/build/autogen/Paths_hoogle.hs:47)
getSysconfDir (dist-ghc/build/autogen/Paths_hoogle.hs:39)
  67% (  2 /  3) in 'Input.Settings'
  Missing documentation for:
Settings (src/Input/Settings.hs:31)
  25% (  1 /  4) in 'Input.Set'
  Missing documentation for:
Module header
setPlatform (src/Input/Set.hs:22)
setGHC (src/Input/Set.hs:30)
Haddock failed (no modules?), refusing to create empty documentation package.
/usr/share/cdbs/1/class/hlibrary.mk:173: recipe for target 
'build-haddock-stamp' failed
make: *** [build-haddock-stamp] Error 1

Bug#868903: not-yet-commons-ssl: FTBFS: error: package org.junit does not exist (patch)

2017-07-21 Thread Hans Joachim Desserud


tags 868903 patch
thanks

Adds the missing junit4 dependency.

--
mvh / best regards
Hans Joachim Desserud
http://desserud.orgdiff --git a/debian/control b/debian/control
index e43d416..0dca661 100644
--- a/debian/control
+++ b/debian/control
@@ -8,6 +8,7 @@ Build-Depends:
  cdbs,
  debhelper (>= 10),
  default-jdk,
+ junit4,
  libbcprov-java,
  libcommons-httpclient-java,
  liblog4j1.2-java,

Bug#868165: emacs25: FTBFS on arm64

2017-07-21 Thread Edmund Grimley Evans

The Ubuntu bug:
https://bugs.launchpad.net/ubuntu/+source/emacs25/+bug/1656474

Memory corruption reported on mailing list:
http://lists.gnu.org/archive/html/emacs-devel/2017-03/msg00827.html

It looks like Emacs Lisp may be involved. Does Emacs Lisp use tagged
pointers? Pointers have fairly recently become 48-bit on arm64, which
has broken some other programs.

(However, the symptoms aren't a very good match: breakage from the
move to 48 bits would typically give you a consistent failure on
systems that use 48-bit pointers with the faulting address looking
like a correct address but with the top bits wrong, which isn't what's
described on the mailing list; see link above.)

Processed: Re: not-yet-commons-ssl: FTBFS: error: package org.junit does not exist (patch)

2017-07-21 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> tags 868903 patch
Bug #868903 [src:not-yet-commons-ssl] not-yet-commons-ssl: FTBFS: [javac] 
/<>/src/test/org/apache/commons/httpclient/contrib/ssl/TestHttpclientContrib.java:3:
 error: package org.junit does not exist
Added tag(s) patch.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
868903: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868903
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: bug 864800 is forwarded to https://rt.cpan.org/Ticket/Display.html?id=122559

2017-07-21 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> forwarded 864800 https://rt.cpan.org/Ticket/Display.html?id=122559
Bug #864800 [src:libmail-deliverystatus-bounceparser-perl] 
Mail::DeliveryStatus::BounceParser contains a live virus and some real 
spam/phishing mails
Changed Bug forwarded-to-address to 
'https://rt.cpan.org/Ticket/Display.html?id=122559' from 'Ricardo Signes 
'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
864800: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864800
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#869208: marked as done (libalgorithm-svm-perl FTBFS on 32bit: SVM.c: loadable library and perl binaries are mismatched (got handshake key 0x80c0080, needed 0x81c0080))

2017-07-21 Thread Debian Bug Tracking System

Your message dated Fri, 21 Jul 2017 18:19:04 +
with message-id 
and subject line Bug#869208: fixed in libalgorithm-svm-perl 0.13-2
has caused the Debian Bug report #869208,
regarding libalgorithm-svm-perl FTBFS on 32bit: SVM.c: loadable library and 
perl binaries are mismatched (got handshake key 0x80c0080, needed 0x81c0080)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
869208: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869208
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: libalgorithm-svm-perl
Version: 0.13-1
Severity: serious

https://buildd.debian.org/status/package.php?p=libalgorithm-svm-perl=sid

...
make[1]: Entering directory '/<>'
cp lib/Algorithm/SVM/DataSet.pm blib/lib/Algorithm/SVM/DataSet.pm
cp lib/Algorithm/SVM.pm blib/lib/Algorithm/SVM.pm
AutoSplitting blib/lib/Algorithm/SVM.pm (blib/lib/auto/Algorithm/SVM)
Running Mkbootstrap for Algorithm::SVM ()
chmod 644 "SVM.bs"
"/usr/bin/perl" "/usr/share/perl/5.24/ExtUtils/xsubpp"  -C++ -noprototypes 
-typemap "/usr/share/perl/5.24/ExtUtils/typemap" -typemap "typemap"  SVM.xs > 
SVM.xsc && mv SVM.xsc SVM.c
g++ -c   -Wall -g -O2 -fdebug-prefix-map=/<>=. 
-fstack-protector-strong -Wformat -Werror=format-security -Wdate-time 
-D_FORTIFY_SOURCE=2   -DVERSION=\"0.13\" -DXS_VERSION=\"0.13\" -fPIC 
"-I/usr/lib/i386-linux-gnu/perl/5.24/CORE"   SVM.c
g++ -c   -Wall -g -O2 -fdebug-prefix-map=/<>=. 
-fstack-protector-strong -Wformat -Werror=format-security -Wdate-time 
-D_FORTIFY_SOURCE=2   -DVERSION=\"0.13\" -DXS_VERSION=\"0.13\" -fPIC 
"-I/usr/lib/i386-linux-gnu/perl/5.24/CORE"   bindings.cpp
rm -f blib/arch/auto/Algorithm/SVM/SVM.so
i686-linux-gnu-gcc -g -O2 -fdebug-prefix-map=/<>=. 
-fstack-protector-strong -Wformat -Werror=format-security -Wl,-z,relro 
-Wl,-z,now  -shared -L/usr/local/lib -fstack-protector-strong SVM.o bindings.o  
-o blib/arch/auto/Algorithm/SVM/SVM.so   \
   -lsvm\
  
chmod 755 blib/arch/auto/Algorithm/SVM/SVM.so
"/usr/bin/perl" -MExtUtils::Command::MM -e 'cp_nonempty' -- SVM.bs 
blib/arch/auto/Algorithm/SVM/SVM.bs 644
Manifying 2 pod documents
make[1]: Leaving directory '/<>'
   dh_auto_test -a
make -j1 test TEST_VERBOSE=1
make[1]: Entering directory '/<>'
Running Mkbootstrap for Algorithm::SVM ()
chmod 644 "SVM.bs"
PERL_DL_NONLAZY=1 PERL_USE_UNSAFE_INC=1 "/usr/bin/perl" "-Iblib/lib" 
"-Iblib/arch" test.pl
1..1
# Running under perl version 5.024001 for linux
# Current time local: Fri Jul 21 10:06:22 2017
# Current time GMT:   Fri Jul 21 10:06:22 2017
# Using Test.pm version 1.28_01
SVM.c: loadable library and perl binaries are mismatched (got handshake key 
0x80c0080, needed 0x81c0080)
Makefile:1002: recipe for target 'test_dynamic' failed
make[1]: *** [test_dynamic] Error 1
--- End Message ---
--- Begin Message ---
Source: libalgorithm-svm-perl
Source-Version: 0.13-2

We believe that the bug you reported is fixed in the latest version of
libalgorithm-svm-perl, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 869...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
gregor herrmann  (supplier of updated libalgorithm-svm-perl 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 21 Jul 2017 19:58:14 +0200
Source: libalgorithm-svm-perl
Binary: libalgorithm-svm-perl
Architecture: source
Version: 0.13-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Perl Group 
Changed-By: gregor herrmann 
Closes: 869208
Description: 
 libalgorithm-svm-perl - bindings for the libsvm Support Vector Machine library
Changes:
 libalgorithm-svm-perl (0.13-2) unstable; urgency=medium
 .
   * Team upload.
   * Add patch to add $Config{ccflags} in Makefile.PL.
 This is needed to get the CCFLAGS Perl itself was compiled with.
 Thanks to Adrian Bunk for the bug report. (Closes: #869208)
Checksums-Sha1: 
 c3d2f273375128db9852e5203416190bc4a2811c 2256 libalgorithm-svm-perl_0.13-2.dsc
 1965f130f6884858c5a25f998e568d8c6d8faf48 4748 
libalgorithm-svm-perl_0.13-2.debian.tar.xz

Processed: Pending fixes for bugs in the libalgorithm-svm-perl package

2017-07-21 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> tag 869208 + pending
Bug #869208 [src:libalgorithm-svm-perl] libalgorithm-svm-perl FTBFS on 32bit: 
SVM.c: loadable library and perl binaries are mismatched (got handshake key 
0x80c0080, needed 0x81c0080)
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
869208: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869208
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#869208: Pending fixes for bugs in the libalgorithm-svm-perl package

2017-07-21 Thread pkg-perl-maintainers

tag 869208 + pending
thanks

Some bugs in the libalgorithm-svm-perl package are closed in revision
55c14dd8b933127ca2798e57fd64bd6f7be480a9 in branch 'master' by gregor
herrmann

The full diff can be seen at
https://anonscm.debian.org/cgit/pkg-perl/packages/libalgorithm-svm-perl.git/commit/?id=55c14dd

Commit message:

Add patch to add $Config{ccflags} in Makefile.PL.

This is needed to get the CCFLAGS Perl itself was compiled with.

Thanks: Adrian Bunk for the bug report.
Closes: #869208

Bug#868720: marked as done (sympa FTBFS: configure: error: invalid value /usr/sbin/newaliases for newaliases command)

2017-07-21 Thread Debian Bug Tracking System

Your message dated Fri, 21 Jul 2017 17:51:36 +
with message-id 
and subject line Bug#868720: fixed in sympa 6.2.16~dfsg-5
has caused the Debian Bug report #868720,
regarding sympa FTBFS: configure: error: invalid value /usr/sbin/newaliases for 
newaliases command
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
868720: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868720
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: sympa
Version: 6.2.16~dfsg-4
Severity: serious

https://buildd.debian.org/status/package.php?p=sympa=sid

...
checking for pod2man... /usr/bin/pod2man
checking for makemap... /usr/bin/makemap
checking user-supplied newaliases command... non-existing
configure: error: invalid value /usr/sbin/newaliases for newaliases command
--- End Message ---
--- Begin Message ---
Source: sympa
Source-Version: 6.2.16~dfsg-5

We believe that the bug you reported is fixed in the latest version of
sympa, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 868...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Stefan Hornburg (Racke)  (supplier of updated sympa package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 21 Jul 2017 19:14:00 +0200
Source: sympa
Binary: sympa
Architecture: source amd64
Version: 6.2.16~dfsg-5
Distribution: unstable
Urgency: medium
Maintainer: Debian Sympa team 
Changed-By: Stefan Hornburg (Racke) 
Description:
 sympa  - Modern mailing list manager
Closes: 868720
Changes:
 sympa (6.2.16~dfsg-5) unstable; urgency=medium
 .
   * Fix configure error by reverting change to locate newaliases binary
 (Closes: #868720).
Checksums-Sha1:
 a6c96fdcff99af7251b6852d939b8e4d205bd9e0 2502 sympa_6.2.16~dfsg-5.dsc
 2405f161ad814b03c44468fb722f974dc6411417 173260 
sympa_6.2.16~dfsg-5.debian.tar.xz
 576780d9ed5799b5a872b0042fa9685ad92a5890 18642 
sympa-dbgsym_6.2.16~dfsg-5_amd64.deb
 512190dbda2e823421c47fb87d985bd1576bbf84 7250 
sympa_6.2.16~dfsg-5_amd64.buildinfo
 aa3678877572b250c287faf3e2e012f5a5c5dedb 3609430 sympa_6.2.16~dfsg-5_amd64.deb
Checksums-Sha256:
 708f27e084ed2e6dfc278f4fd9bacc564e487dbec7e4402b018e50270bd7003e 2502 
sympa_6.2.16~dfsg-5.dsc
 06371ea2c89407d96326ecc860cd8ea2c3ef7aa6c7228fd788538d262d759c85 173260 
sympa_6.2.16~dfsg-5.debian.tar.xz
 2a60da3cea3643ec8a0100ebb4a1f61e769d1497c3ffdb9c4e6cd53b432560a8 18642 
sympa-dbgsym_6.2.16~dfsg-5_amd64.deb
 d721ece76044abd36d8e47a05880a2f220582f4c35e5fef77c3da5aa526be867 7250 
sympa_6.2.16~dfsg-5_amd64.buildinfo
 8b3b11cf05dc39315e551c9aa43262bd52ef880d1e82a7d6c862c38e2d58ed11 3609430 
sympa_6.2.16~dfsg-5_amd64.deb
Files:
 17ed6f35395604e864060ac05694cfcf 2502 mail optional sympa_6.2.16~dfsg-5.dsc
 7cbc0e60b09eac5f74bd60e8c0010fdc 173260 mail optional 
sympa_6.2.16~dfsg-5.debian.tar.xz
 9eb91898a34cf3387c931a0d2efff663 18642 debug extra 
sympa-dbgsym_6.2.16~dfsg-5_amd64.deb
 f7f33be50dd77d2388ac508504073285 7250 mail optional 
sympa_6.2.16~dfsg-5_amd64.buildinfo
 bcc6affa8d71f7c5bc7c29b9f1f23213 3609430 mail optional 
sympa_6.2.16~dfsg-5_amd64.deb

-BEGIN PGP SIGNATURE-

iQJFBAEBCAAvFiEE1oFJdaJ3d0yY0N/vW5MBW/onIPgFAllyOKwRHHJhY2tlQGxp
bnV4aWEuZGUACgkQW5MBW/onIPhlTw/9GdDJBbmMfn0hkw1HU6gvbJ4bhfpPIXGx
LBjnTg4gnbEvk3CQlVG8MoWvIXZcXOjZ9/me1oFbtM3dOg1q8fAsKNmTm3ORS9y1
kgeSRH8WQJeMDMaLRDVCDDeWpCrYpIoSbVgV3oJHBd91+Hewxsz7ZDwq6dYmNqEV
JJAiaaO0NJPSTjV9bZ1K86HLJhBlBzY+boXdVgc62HHV8D5iahTjP2T5SAz++xLs
7VTBxoZ2GX6gj1tSZjpHcNKXeGFu5OMIiGoGVuur4+gztQxZUBjX3oG2bLng2G8i
H93GQpmdlZZtVhvoNWN7i1yHW0PHY4fAKefeS5HKW+gAK3RovOWT8/pc36y5hHeZ
LLBs1gjm2hjPIkFiVLAwIqdi8sxJyWHl3nT906nLSaWP8T/NAIgSCz7qvoXzA3eL
Pyt6jcPbOOTJV30N4Zy81UtOnGjvPbkKnIVcsOOgV53s+jcel3BnKIArpKDa0pSd
RZC6cYuHa8H4B5iCg4wRW8SpFLf7Mw2OLKkREvGDU7lW3MNhRq+xwaLDGKy5bDZb
2ynLA4cS+ovv58aY196fgD2+71oH9HW2Qqbj+CRiJYhOkEMRoTEGHRXLaXjPvEZ8
s/+OJSzLFTyakH1r8yulnWLnXXXA7MjrNiyAPef8X4RN4xQn5bMUgxbN1/8HTrpM
Xazw1TZkW64=
=xfHQ
-END PGP SIGNATURE End Message ---

Bug#869120: marked as done (hamlib FTBFS: dh_install: Cannot find (any matches for) "usr/lib/x86_64-linux-gnu/lua/5.2/Hamliblua.so")

2017-07-21 Thread Debian Bug Tracking System

Your message dated Fri, 21 Jul 2017 17:19:48 +
with message-id 
and subject line Bug#869120: fixed in hamlib 3.1-5
has caused the Debian Bug report #869120,
regarding hamlib FTBFS: dh_install: Cannot find (any matches for) 
"usr/lib/x86_64-linux-gnu/lua/5.2/Hamliblua.so"
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
869120: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869120
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: hamlib
Version: 3.1-3
Severity: serious

https://buildd.debian.org/status/package.php?p=hamlib=sid

...
# libhamlib2, libhamlib-dev, libhamlib2++c2, libhamlib++-dev,
# libhamlib-utils and libhamlib2-tcl files handled by dh_install
dh_install
dh_install: Cannot find (any matches for) 
"usr/lib/x86_64-linux-gnu/lua/5.2/Hamliblua.so" (tried in ., debian/tmp)

dh_install: lua-hamlib2 missing files: 
usr/lib/x86_64-linux-gnu/lua/5.2/Hamliblua.so
dh_install: Cannot find (any matches for) 
"usr/lib/x86_64-linux-gnu/liblua5.2-hamlib2.so.*" (tried in ., debian/tmp)

dh_install: lua-hamlib2 missing files: 
usr/lib/x86_64-linux-gnu/liblua5.2-hamlib2.so.*
dh_install: Cannot find (any matches for) 
"usr/lib/x86_64-linux-gnu/lua/5.3/Hamliblua.so" (tried in ., debian/tmp)

dh_install: lua-hamlib2 missing files: 
usr/lib/x86_64-linux-gnu/lua/5.3/Hamliblua.so
dh_install: Cannot find (any matches for) 
"usr/lib/x86_64-linux-gnu/liblua5.3-hamlib2.so.*" (tried in ., debian/tmp)

dh_install: lua-hamlib2 missing files: 
usr/lib/x86_64-linux-gnu/liblua5.3-hamlib2.so.*
dh_install: missing files, aborting
debian/rules:76: recipe for target 'install-other' failed
make: *** [install-other] Error 25
--- End Message ---
--- Begin Message ---
Source: hamlib
Source-Version: 3.1-5

We believe that the bug you reported is fixed in the latest version of
hamlib, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 869...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Colin Tuckley  (supplier of updated hamlib package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 21 Jul 2017 17:29:53 +0100
Source: hamlib
Binary: libhamlib2 libhamlib2++c2 libhamlib-dev libhamlib++-dev libhamlib2-perl 
libhamlib2-tcl python-libhamlib2 libhamlib-utils libhamlib-doc lua-hamlib2
Architecture: source amd64 all
Version: 3.1-5
Distribution: unstable
Urgency: medium
Maintainer: Debian Hamradio Maintainers 
Changed-By: Colin Tuckley 
Description:
 libhamlib++-dev - Development C++ library to control radio transceivers and 
receive
 libhamlib-dev - Development library to control radio transceivers and receivers
 libhamlib-doc - Documentation for the hamlib radio control library
 libhamlib-utils - Utilities to support the hamlib radio control library
 libhamlib2 - Run-time library to control radio transceivers and receivers
 libhamlib2++c2 - Run-time C++ library to control radio transceivers and 
receivers
 libhamlib2-perl - Run-time perl library to control radio transceivers and 
receivers
 libhamlib2-tcl - Run-time Tcl library to control radio transceivers and 
receivers
 lua-hamlib2 - Run-time Lua library to control radio transceivers and receivers
 python-libhamlib2 - Run-time Python library to control radio transceivers and 
receive
Closes: 869120
Changes:
 hamlib (3.1-5) unstable; urgency=medium
 .
   * Remove lua .install files from debian/ in clean step.
 Closes: #869120.
Checksums-Sha1:
 40c541ec72be0742476f4d99a7e514d4c601bdc4 2656 hamlib_3.1-5.dsc
 d5db0fe424fd2bf3d14682354813dc07798c66d5 16108 hamlib_3.1-5.debian.tar.xz
 5031253875e088afa1708f68cc76dd762aa7c26a 13352 hamlib_3.1-5_amd64.buildinfo
 2eaeb53e84748fd659fe16f9671e5d8c8c9a4fdf 20590 libhamlib++-dev_3.1-5_amd64.deb
 81132894366e2e1a604037c09b9c39e24c4bdefa 34678 libhamlib-dev_3.1-5_amd64.deb
 5ecd94d9285b068fdde0f897e0c7a551d4fa378c 372400 libhamlib-doc_3.1-5_all.deb
 91386fdf1338bbcc94778f2f407c815b8e2376cc 347604 
libhamlib-utils-dbgsym_3.1-5_amd64.deb
 115f6a94a6777f01378a09a724b591be98c6f5ef 114754 libhamlib-utils_3.1-5_amd64.deb

Processed: found 869210 in 8:6.8.9.9-5

2017-07-21 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> found 869210 8:6.8.9.9-5
Bug #869210 [src:imagemagick] endless loop in ReadTXTImage
Marked as found in versions imagemagick/8:6.8.9.9-5.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
869210: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869210
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: found 869209 in 8:6.8.9.9-5

2017-07-21 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> found 869209 8:6.8.9.9-5
Bug #869209 [src:imagemagick] [imagemagick] Null-Point reference in 
WriteOnePNGImage
Marked as found in versions imagemagick/8:6.8.9.9-5.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
869209: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869209
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#869221: eclipse-xsd FTBFS: Problem: failed to create task or type emf.Ecore2Java

2017-07-21 Thread Adrian Bunk

Source: eclipse-xsd
Version: 2.9.0-1
Severity: serious
Tags: buster sid

Some recent change in unstable makes eclipse-xsd FTBFS:

https://tests.reproducible-builds.org/debian/history/eclipse-xsd.html
https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/eclipse-xsd.html

...
# Regenerate java code from ecore model
/usr/lib/eclipse/eclipse \
-application org.eclipse.ant.core.antRunner  \
-configuration debian/.eclipse-build/.platform/configuration \
-buildfile debian/ecoreToJava.xml\
-data debian/.eclipse-build/plugins  \
-Dosgi.sharedConfiguration.area=debian/.eclipse-build/build/home \
-consoleLog -noSplash
OpenJDK 64-Bit Server VM warning: ignoring option MaxPermSize=256m; support was 
removed in 8.0
Buildfile: debian/ecoreToJava.xml

ecore.regenerate:

BUILD FAILED
/build/1st/eclipse-xsd-2.9.0/debian/ecoreToJava.xml:22: The following error 
occurred while executing this line:
/build/1st/eclipse-xsd-2.9.0/debian/ecoreToJava.xml:18: Problem: failed to 
create task or type emf.Ecore2Java
Cause: The name is undefined.
Action: Check the spelling.
Action: Check that any custom tasks/types have been declared.
Action: Check that any / declarations have taken place.


Total time: 0 seconds
!SESSION 2017-07-19 18:15:08.522 ---
eclipse.buildId=debbuild
java.version=1.8.0_131
java.vendor=Oracle Corporation
BootLoader constants: OS=linux, ARCH=x86_64, WS=gtk, NL=en_US
Framework arguments:  -application org.eclipse.ant.core.antRunner -buildfile 
debian/ecoreToJava.xml 
-Dosgi.sharedConfiguration.area=debian/.eclipse-build/build/home
Command-line arguments:  -os linux -ws gtk -arch x86_64 -application 
org.eclipse.ant.core.antRunner -buildfile debian/ecoreToJava.xml -data 
debian/.eclipse-build/plugins 
-Dosgi.sharedConfiguration.area=debian/.eclipse-build/build/home -consoleLog

!ENTRY org.eclipse.osgi 2 0 2017-07-19 18:15:16.580
!MESSAGE One or more bundles are not resolved because the following root 
constraints are not resolved:
!SUBENTRY 1 org.eclipse.osgi 2 0 2017-07-19 18:15:16.581
!MESSAGE Bundle 
reference:file:plugins/org.eclipse.ecf.provider.filetransfer.httpclient_4.0.200.dist.jar
 was not resolved.
!SUBENTRY 2 org.eclipse.ecf.provider.filetransfer.httpclient 2 0 2017-07-19 
18:15:16.581
!MESSAGE Missing imported package 
org.apache.commons.httpclient.protocol_[3.0.1,3.1.0].
!SUBENTRY 2 org.eclipse.ecf.provider.filetransfer.httpclient 2 0 2017-07-19 
18:15:16.582
!MESSAGE Missing imported package 
org.apache.commons.httpclient.methods_[3.0.1,3.1.0].
!SUBENTRY 2 org.eclipse.ecf.provider.filetransfer.httpclient 2 0 2017-07-19 
18:15:16.583
!MESSAGE Missing imported package 
org.apache.commons.httpclient.util_[3.0.1,3.1.0].
!SUBENTRY 2 org.eclipse.ecf.provider.filetransfer.httpclient 2 0 2017-07-19 
18:15:16.583
!MESSAGE Missing imported package org.apache.commons.httpclient_[3.0.1,3.1.0].
!SUBENTRY 2 org.eclipse.ecf.provider.filetransfer.httpclient 2 0 2017-07-19 
18:15:16.584
!MESSAGE Missing imported package 
org.apache.commons.httpclient.auth_[3.0.1,3.1.0].
!SUBENTRY 2 org.eclipse.ecf.provider.filetransfer.httpclient 2 0 2017-07-19 
18:15:16.585
!MESSAGE Missing imported package 
org.apache.commons.httpclient.params_[3.0.1,3.1.0].
!SUBENTRY 1 org.eclipse.osgi 2 0 2017-07-19 18:15:16.586
!MESSAGE Bundle 
reference:file:plugins/org.eclipse.ecf.provider.filetransfer.httpclient.ssl_1.0.0.dist.jar
 was not resolved.
!SUBENTRY 2 org.eclipse.ecf.provider.filetransfer.httpclient.ssl 2 0 2017-07-19 
18:15:16.586
!MESSAGE Missing required capability Require-Capability: osgi.ee; 
filter="(|(&(osgi.ee=CDC/Foundation)(version=1.1))(&(osgi.ee=JavaSE)(version=1.4)))".

!ENTRY org.eclipse.osgi 2 0 2017-07-19 18:15:16.604
!MESSAGE The following is a complete list of bundles which are not resolved, 
see the prior log entry for the root cause if it exists:
!SUBENTRY 1 org.eclipse.osgi 2 0 2017-07-19 18:15:16.604
!MESSAGE Bundle org.eclipse.ecf.provider.filetransfer.httpclient_4.0.200.dist 
[52] was not resolved.
!SUBENTRY 2 org.eclipse.ecf.provider.filetransfer.httpclient 2 0 2017-07-19 
18:15:16.604
!MESSAGE Missing imported package org.apache.commons.httpclient_[3.0.1,3.1.0].
!SUBENTRY 2 org.eclipse.ecf.provider.filetransfer.httpclient 2 0 2017-07-19 
18:15:16.604
!MESSAGE Missing imported package 
org.apache.commons.httpclient.auth_[3.0.1,3.1.0].
!SUBENTRY 2 org.eclipse.ecf.provider.filetransfer.httpclient 2 0 2017-07-19 
18:15:16.604
!MESSAGE Missing imported package 
org.apache.commons.httpclient.methods_[3.0.1,3.1.0].
!SUBENTRY 2 org.eclipse.ecf.provider.filetransfer.httpclient 2 0 2017-07-19 
18:15:16.605
!MESSAGE Missing imported package 
org.apache.commons.httpclient.params_[3.0.1,3.1.0].
!SUBENTRY 2 org.eclipse.ecf.provider.filetransfer.httpclient 2 0 2017-07-19 
18:15:16.605

Bug#869214: Acknowledgement (gosa-plugin-mailaddress: Incompatible with gosa in stable)

2017-07-21 Thread Vincent Danjean

  Hi,

  The same change is also required in 
admin/groups/mailaddress/class_groupMail.inc

  I opened a pull request upstream:
https://github.com/gosa-project/gosa-plugin-mailaddress/pull/1

  Regards,
Vincent

-- 
Vincent Danjean   GPG key ID 0xD17897FA vdanj...@debian.org
GPG key fingerprint: 621E 3509 654D D77C 43F5  CA4A F6AE F2AF D178 97FA
Unofficial pkgs: http://moais.imag.fr/membres/vincent.danjean/deb.html
APT repo:  deb http://people.debian.org/~vdanjean/debian unstable main

Bug#865712: marked as done (ocaml: CVE-2017-9772: local privilege escalation issue with ocaml binaries)

2017-07-21 Thread Debian Bug Tracking System

Your message dated Fri, 21 Jul 2017 16:19:23 +
with message-id 
and subject line Bug#865712: fixed in ocaml 4.05.0-2
has caused the Debian Bug report #865712,
regarding ocaml: CVE-2017-9772: local privilege escalation issue with ocaml 
binaries
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
865712: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865712
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: ocaml
Version: 4.04.0-2
Severity: grave
Tags: security upstream
Justification: user security hole
Forwarded: https://caml.inria.fr/mantis/view.php?id=7557

Hi,

the following vulnerability was published for ocaml.

CVE-2017-9772[0]:
| Insufficient sanitisation in the OCaml compiler versions 4.04.0 and
| 4.04.1 allows external code to be executed with raised privilege in
| binaries marked as setuid, by setting the CAML_CPLUGINS,
| CAML_NATIVE_CPLUGINS, or CAML_BYTE_CPLUGINS environment variable.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-9772
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9772
[1] https://caml.inria.fr/mantis/view.php?id=7557

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: ocaml
Source-Version: 4.05.0-2

We believe that the bug you reported is fixed in the latest version of
ocaml, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 865...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ximin Luo  (supplier of updated ocaml package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 21 Jul 2017 18:01:04 +0200
Source: ocaml
Binary: ocaml-base-nox ocaml-base ocaml-nox ocaml ocaml-source ocaml-interp 
ocaml-compiler-libs ocaml-mode
Architecture: source
Version: 4.05.0-2
Distribution: experimental
Urgency: medium
Maintainer: Debian OCaml Maintainers 
Changed-By: Ximin Luo 
Description:
 ocaml  - ML language implementation with a class-based object system
 ocaml-base - Runtime system for OCaml bytecode executables
 ocaml-base-nox - Runtime system for OCaml bytecode executables (no X)
 ocaml-compiler-libs - OCaml interpreter and standard libraries
 ocaml-interp - OCaml interactive interpreter and standard libraries
 ocaml-mode - major mode for editing Objective Caml in Emacs
 ocaml-nox  - ML implementation with a class-based object system (no X)
 ocaml-source - Sources for Objective Caml
Closes: 865712
Changes:
 ocaml (4.05.0-2) experimental; urgency=medium
 .
   * Update conditional-install rules for easier maintenance. This fixes FTBFS
 on arm64 and s390x where libasmrunp.a is not available.
   * Disable failing dup3/pipe2-related tests on kfreebsd-*.
   * Close old bug reports. (Closes: #865712)
Checksums-Sha1:
 9dbbcd889faf9b8c96c5c96c026c940ab3162e88 2604 ocaml_4.05.0-2.dsc
 c3138945a6b6d27dbb86aa2550467f59772c7c73 43716 ocaml_4.05.0-2.debian.tar.xz
 c30485b69f51f7872b36db2644ec68323774954f 6220 ocaml_4.05.0-2_source.buildinfo
Checksums-Sha256:
 94bb20d25b862065944397a92dd24f4ddb93cdc6f328be579095cd04de343712 2604 
ocaml_4.05.0-2.dsc
 9eb0107a8f418b8e9dc611cc233095f6617a45ae7f00be179cf3a1c2950e3ad7 43716 
ocaml_4.05.0-2.debian.tar.xz
 9703282991d827d6693d60122c3dcac6f20858a1f39e541f83ba9d73311ac615 6220 
ocaml_4.05.0-2_source.buildinfo
Files:
 11dc7e83c8860ceba53d432826d075fb 2604 ocaml optional ocaml_4.05.0-2.dsc
 d1e21791545a73e5463bd78f6696c31a 43716 ocaml optional 
ocaml_4.05.0-2.debian.tar.xz
 88238e4db74876d0a43cbc4feb2e1f4f 6220 ocaml optional 
ocaml_4.05.0-2_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJJBAEBCgAzFiEENmdIajJtsnZtJVVGhg3vO49lC3kFAllyJVgVHGluZmluaXR5
MEBkZWJpYW4ub3JnAAoJEIYN7zuPZQt5fuoQAJMQb3+F6PgtB09XVcWgXSWZmj0W
vTrVUOVRrOJt+xdfwBnXZacZwRz7KERLGSflyRlpwb8Wdmbr0EmHyZ9LQWr1qqO8
mGm6zFBYIBbOT5gTh1HL2SUp4fL4iDHzvBACqIGQJVt+yeqEwUdEwiLND6aJXkxo
tSjqLZ9Aa5UARJLhwGYFq0pNYuIU1w/rvOvLzLeuPN851oiKXw9FkwDj5eIVX1NS

Bug#869214: gosa-plugin-mailaddress: Incompatible with gosa in stable

2017-07-21 Thread Vincent Danjean

Package: gosa-plugin-mailaddress
Version: 0.99.5-2
Severity: serious
Tags: patch
Justification: do not work and forbid global gosa use if installed

  I just upgraded a system to stretch with gosa and this plugin installed.
Trying to add a new user fails with the following error:

Fatal error: Call to undefined method plugin::plugin() in
/usr/share/gosa/plugins/personal/mailaddress/class_mailAccount.inc on
line 65

  It seems that changing
plugin::plugin ($config,$dn);
into
plugin::__construct ($config,$dn);
in /usr/share/gosa/plugins/personal/mailaddress/class_mailAccount.inc on
line 65 fixes the problem.

  This small change should probably be pushed into the next stable update
point.

  Note that I did not look if other change are required.

  Regards,
   Vincent

-- System Information:
Debian Release: buster/sid
  APT prefers oldstable-updates
  APT policy: (500, 'oldstable-updates'), (500, 'unstable'), (500, 'testing'), 
(200, 'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, armel, mipsel

Kernel: Linux 4.7.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8), 
LANGUAGE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages gosa-plugin-mailaddress depends on:
pn  gosa  

gosa-plugin-mailaddress recommends no packages.

gosa-plugin-mailaddress suggests no packages.

Bug#869120: closed by Ervin Hegedus <airw...@gmail.com> (Bug#869120: fixed in hamlib 3.1-4)

2017-07-21 Thread Adrian Bunk

Control: reopen -1

On Fri, Jul 21, 2017 at 02:54:05PM +, Debian Bug Tracking System wrote:
>...
>  hamlib (3.1-4) unstable; urgency=medium
>  .
>* Team upload
>* Fixed Lua related packages build error on non x86_amd ARCH
>  Closes: #869120.
>...

3.1-4 still FTBFS this way:
  https://buildd.debian.org/status/package.php?p=hamlib

cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

Processed: Re: Bug#869120 closed by Ervin Hegedus <airw...@gmail.com> (Bug#869120: fixed in hamlib 3.1-4)

2017-07-21 Thread Debian Bug Tracking System

Processing control commands:

> reopen -1
Bug #869120 {Done: Ervin Hegedus } [src:hamlib] hamlib 
FTBFS: dh_install: Cannot find (any matches for) 
"usr/lib/x86_64-linux-gnu/lua/5.2/Hamliblua.so"
'reopen' may be inappropriate when a bug has been closed with a version;
all fixed versions will be cleared, and you may need to re-add them.
Bug reopened
No longer marked as fixed in versions hamlib/3.1-4.

-- 
869120: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869120
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: endless loop in ReadTXTImage

2017-07-21 Thread Debian Bug Tracking System

Processing control commands:

> found -1  8:6.9.7.4+dfsg-11+deb9u1
Bug #869210 [src:imagemagick] endless loop in ReadTXTImage
Marked as found in versions imagemagick/8:6.9.7.4+dfsg-11+deb9u1.
> found -1 8:6.8.9.9-5+deb8u10
Bug #869210 [src:imagemagick] endless loop in ReadTXTImage
Marked as found in versions imagemagick/8:6.8.9.9-5+deb8u10.
> found -1 8:6.7.7.10-5+deb7u14
Bug #869210 [src:imagemagick] endless loop in ReadTXTImage
The source 'imagemagick' and version '8:6.7.7.10-5+deb7u14' do not appear to 
match any binary packages
Marked as found in versions imagemagick/8:6.7.7.10-5+deb7u14.

-- 
869210: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869210
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#869210: endless loop in ReadTXTImage

2017-07-21 Thread Bastien ROUCARIES

Source: imagemagick
Version: 8:6.9.7.4+dfsg-12
Severity: serious
Tags: security upstream
X-Debbugs-CC: t...@security.debian.org
X-Debbugs-CC: Salvatore Bonaccorso 
control: found -1  8:6.9.7.4+dfsg-11+deb9u1
control: found -1 8:6.8.9.9-5+deb8u10
control: found -1 8:6.7.7.10-5+deb7u14
forwarded: https://github.com/ImageMagick/ImageMagick/issues/591

original reported will open a bug

fixed by:
https://github.com/ImageMagick/ImageMagick/commit/83e0f8ffd7eeb7661b0ff83257da23d24ca7f078

Bug#869209: [imagemagick] Null-Point reference in WriteOnePNGImage

2017-07-21 Thread Bastien ROUCARIES

Source: imagemagick
Version: 8:6.9.7.4+dfsg-12
Severity: serious
Tags: security upstream
X-Debbugs-CC: t...@security.debian.org
X-Debbugs-CC: Salvatore Bonaccorso 
control: found -1  8:6.9.7.4+dfsg-11+deb9u1
control: found -1 8:6.8.9.9-5+deb8u10
control: found -1 8:6.7.7.10-5+deb7u14
forwarded: https://github.com/ImageMagick/ImageMagick/issues/586



Original reporter will open a CVE

Processed: [imagemagick] Null-Point reference in WriteOnePNGImage

2017-07-21 Thread Debian Bug Tracking System

Processing control commands:

> found -1  8:6.9.7.4+dfsg-11+deb9u1
Bug #869209 [src:imagemagick] [imagemagick] Null-Point reference in 
WriteOnePNGImage
Marked as found in versions imagemagick/8:6.9.7.4+dfsg-11+deb9u1.
> found -1 8:6.8.9.9-5+deb8u10
Bug #869209 [src:imagemagick] [imagemagick] Null-Point reference in 
WriteOnePNGImage
Marked as found in versions imagemagick/8:6.8.9.9-5+deb8u10.
> found -1 8:6.7.7.10-5+deb7u14
Bug #869209 [src:imagemagick] [imagemagick] Null-Point reference in 
WriteOnePNGImage
The source 'imagemagick' and version '8:6.7.7.10-5+deb7u14' do not appear to 
match any binary packages
Marked as found in versions imagemagick/8:6.7.7.10-5+deb7u14.

-- 
869209: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869209
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#869208: libalgorithm-svm-perl FTBFS on 32bit: SVM.c: loadable library and perl binaries are mismatched (got handshake key 0x80c0080, needed 0x81c0080)

2017-07-21 Thread Adrian Bunk

Source: libalgorithm-svm-perl
Version: 0.13-1
Severity: serious

https://buildd.debian.org/status/package.php?p=libalgorithm-svm-perl=sid

...
make[1]: Entering directory '/<>'
cp lib/Algorithm/SVM/DataSet.pm blib/lib/Algorithm/SVM/DataSet.pm
cp lib/Algorithm/SVM.pm blib/lib/Algorithm/SVM.pm
AutoSplitting blib/lib/Algorithm/SVM.pm (blib/lib/auto/Algorithm/SVM)
Running Mkbootstrap for Algorithm::SVM ()
chmod 644 "SVM.bs"
"/usr/bin/perl" "/usr/share/perl/5.24/ExtUtils/xsubpp"  -C++ -noprototypes 
-typemap "/usr/share/perl/5.24/ExtUtils/typemap" -typemap "typemap"  SVM.xs > 
SVM.xsc && mv SVM.xsc SVM.c
g++ -c   -Wall -g -O2 -fdebug-prefix-map=/<>=. 
-fstack-protector-strong -Wformat -Werror=format-security -Wdate-time 
-D_FORTIFY_SOURCE=2   -DVERSION=\"0.13\" -DXS_VERSION=\"0.13\" -fPIC 
"-I/usr/lib/i386-linux-gnu/perl/5.24/CORE"   SVM.c
g++ -c   -Wall -g -O2 -fdebug-prefix-map=/<>=. 
-fstack-protector-strong -Wformat -Werror=format-security -Wdate-time 
-D_FORTIFY_SOURCE=2   -DVERSION=\"0.13\" -DXS_VERSION=\"0.13\" -fPIC 
"-I/usr/lib/i386-linux-gnu/perl/5.24/CORE"   bindings.cpp
rm -f blib/arch/auto/Algorithm/SVM/SVM.so
i686-linux-gnu-gcc -g -O2 -fdebug-prefix-map=/<>=. 
-fstack-protector-strong -Wformat -Werror=format-security -Wl,-z,relro 
-Wl,-z,now  -shared -L/usr/local/lib -fstack-protector-strong SVM.o bindings.o  
-o blib/arch/auto/Algorithm/SVM/SVM.so   \
   -lsvm\
  
chmod 755 blib/arch/auto/Algorithm/SVM/SVM.so
"/usr/bin/perl" -MExtUtils::Command::MM -e 'cp_nonempty' -- SVM.bs 
blib/arch/auto/Algorithm/SVM/SVM.bs 644
Manifying 2 pod documents
make[1]: Leaving directory '/<>'
   dh_auto_test -a
make -j1 test TEST_VERBOSE=1
make[1]: Entering directory '/<>'
Running Mkbootstrap for Algorithm::SVM ()
chmod 644 "SVM.bs"
PERL_DL_NONLAZY=1 PERL_USE_UNSAFE_INC=1 "/usr/bin/perl" "-Iblib/lib" 
"-Iblib/arch" test.pl
1..1
# Running under perl version 5.024001 for linux
# Current time local: Fri Jul 21 10:06:22 2017
# Current time GMT:   Fri Jul 21 10:06:22 2017
# Using Test.pm version 1.28_01
SVM.c: loadable library and perl binaries are mismatched (got handshake key 
0x80c0080, needed 0x81c0080)
Makefile:1002: recipe for target 'test_dynamic' failed
make[1]: *** [test_dynamic] Error 1

Bug#869120: marked as done (hamlib FTBFS: dh_install: Cannot find (any matches for) "usr/lib/x86_64-linux-gnu/lua/5.2/Hamliblua.so")

2017-07-21 Thread Debian Bug Tracking System

Your message dated Fri, 21 Jul 2017 14:52:14 +
with message-id 
and subject line Bug#869120: fixed in hamlib 3.1-4
has caused the Debian Bug report #869120,
regarding hamlib FTBFS: dh_install: Cannot find (any matches for) 
"usr/lib/x86_64-linux-gnu/lua/5.2/Hamliblua.so"
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
869120: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869120
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: hamlib
Version: 3.1-3
Severity: serious

https://buildd.debian.org/status/package.php?p=hamlib=sid

...
# libhamlib2, libhamlib-dev, libhamlib2++c2, libhamlib++-dev,
# libhamlib-utils and libhamlib2-tcl files handled by dh_install
dh_install
dh_install: Cannot find (any matches for) 
"usr/lib/x86_64-linux-gnu/lua/5.2/Hamliblua.so" (tried in ., debian/tmp)

dh_install: lua-hamlib2 missing files: 
usr/lib/x86_64-linux-gnu/lua/5.2/Hamliblua.so
dh_install: Cannot find (any matches for) 
"usr/lib/x86_64-linux-gnu/liblua5.2-hamlib2.so.*" (tried in ., debian/tmp)

dh_install: lua-hamlib2 missing files: 
usr/lib/x86_64-linux-gnu/liblua5.2-hamlib2.so.*
dh_install: Cannot find (any matches for) 
"usr/lib/x86_64-linux-gnu/lua/5.3/Hamliblua.so" (tried in ., debian/tmp)

dh_install: lua-hamlib2 missing files: 
usr/lib/x86_64-linux-gnu/lua/5.3/Hamliblua.so
dh_install: Cannot find (any matches for) 
"usr/lib/x86_64-linux-gnu/liblua5.3-hamlib2.so.*" (tried in ., debian/tmp)

dh_install: lua-hamlib2 missing files: 
usr/lib/x86_64-linux-gnu/liblua5.3-hamlib2.so.*
dh_install: missing files, aborting
debian/rules:76: recipe for target 'install-other' failed
make: *** [install-other] Error 25
--- End Message ---
--- Begin Message ---
Source: hamlib
Source-Version: 3.1-4

We believe that the bug you reported is fixed in the latest version of
hamlib, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 869...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ervin Hegedus  (supplier of updated hamlib package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Thu, 20 Jul 2017 21:00:27 +0200
Source: hamlib
Binary: libhamlib2 libhamlib2++c2 libhamlib-dev libhamlib++-dev libhamlib2-perl 
libhamlib2-tcl python-libhamlib2 libhamlib-utils libhamlib-doc lua-hamlib2
Architecture: source amd64 all
Version: 3.1-4
Distribution: unstable
Urgency: medium
Maintainer: Debian Hamradio Maintainers 
Changed-By: Ervin Hegedus 
Description:
 libhamlib++-dev - Development C++ library to control radio transceivers and 
receive
 libhamlib-dev - Development library to control radio transceivers and receivers
 libhamlib-doc - Documentation for the hamlib radio control library
 libhamlib-utils - Utilities to support the hamlib radio control library
 libhamlib2 - Run-time library to control radio transceivers and receivers
 libhamlib2++c2 - Run-time C++ library to control radio transceivers and 
receivers
 libhamlib2-perl - Run-time perl library to control radio transceivers and 
receivers
 libhamlib2-tcl - Run-time Tcl library to control radio transceivers and 
receivers
 lua-hamlib2 - Run-time Lua library to control radio transceivers and receivers
 python-libhamlib2 - Run-time Python library to control radio transceivers and 
receive
Closes: 869120
Changes:
 hamlib (3.1-4) unstable; urgency=medium
 .
   * Team upload
   * Fixed Lua related packages build error on non x86_amd ARCH
 Closes: #869120.
Checksums-Sha1:
 e36825d3312a6ac828d0bc49241d9f3f32db27c0 2656 hamlib_3.1-4.dsc
 fd97ff3ea197ca406e414e16a151c00f30b87e25 16144 hamlib_3.1-4.debian.tar.xz
 77dc6ebbb6fc96c4507bf8152e212aa317a71e36 13352 hamlib_3.1-4_amd64.buildinfo
 2ab15f3d31a94125ae9a1d87bb89fcff38764389 20550 libhamlib++-dev_3.1-4_amd64.deb
 81342216420e9f1f7a8de435e026f50b6d848e42 34622 libhamlib-dev_3.1-4_amd64.deb
 eb51c6a89362d9e333dc44075787f7afa9339ffa 372196 libhamlib-doc_3.1-4_all.deb
 777df9db1e4843b14e9e78b608621077c7f76660 347608 
libhamlib-utils-dbgsym_3.1-4_amd64.deb
 3fd4c731527cce7ed972ba40b24d348e294c1359 114594

Bug#869132: curvedns: Incomplete debian/copyright?

2017-07-21 Thread phil


On 2017-07-21 14:52, Stéphane Neveu wrote:

Chris,

Is it ok on debomatic ?
http://debomatic-amd64.debian.net/distribution#unstable/curvedns/0.87-2/buildlog
My package on mentors has been removed...

Regards,
Stephane


Hoho ! tu t'est fait valider le paquet par le grand patron en personne !
--
Philippe THIERRY
Doctor - Engineer
RT and hardened Embedded Systems
+33(0)6.64.16.97.30

Bug#868958: [Debian-med-packaging] Bug#868958: Bug#868958: bcftools FTBFS on 32bit: test failures

2017-07-21 Thread Graham Inggs


On 21/07/2017 13:34, Graham Inggs wrote:
The two test_vcf_norm failures are caused by the following differing 
output on 32-bit architectures:


The tests were modified here:

https://github.com/samtools/bcftools/commit/e43ca8c70bbc78a4ef29be723c60a2ec7a029436

The difference was introduced here:

https://github.com/samtools/bcftools/commit/25d042b833987d32e5de1fc3a109d357c4d0f738

--- a/vcfnorm.c
+++ b/vcfnorm.c
...
+static inline int has_non_acgtn(char *seq, int nseq)
+{
+char *end = nseq ? seq + nseq : seq + UINT32_MAX;   // arbitrary 
large number

...

Changing UINT32_MAX above to (UINT32_MAX >> 2) allows the tests to succeed.

Bug#868469: imagemagick: Incomplete fix for CVE-2017-9144

2017-07-21 Thread Salvatore Bonaccorso

Control: notfixed -1 8:6.8.9.9-5+deb8u10
Control: found -1 8:6.8.9.9-5+deb8u10

Hi

Looks this one was not fixed in jessie.

Regards,
Salvatore

Processed: Version tracking fix

2017-07-21 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> found 865399 1.24.1.0-1
Bug #865399 [libghc-cabal-dev] libghc-cabal-dev and ghc: error when trying to 
install together
Marked as found in versions haskell-cabal/1.24.1.0-1.
> tags 865399 buster sid
Bug #865399 [libghc-cabal-dev] libghc-cabal-dev and ghc: error when trying to 
install together
Added tag(s) buster and sid.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
865399: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865399
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Bug#868469: imagemagick: Incomplete fix for CVE-2017-9144

2017-07-21 Thread Debian Bug Tracking System

Processing control commands:

> notfixed -1 8:6.8.9.9-5+deb8u10
Bug #868469 [src:imagemagick] imagemagick: CVE-2017-11352 (Incomplete fix for 
CVE-2017-9144)
No longer marked as fixed in versions imagemagick/8:6.8.9.9-5+deb8u10.
> found -1 8:6.8.9.9-5+deb8u10
Bug #868469 [src:imagemagick] imagemagick: CVE-2017-11352 (Incomplete fix for 
CVE-2017-9144)
Marked as found in versions imagemagick/8:6.8.9.9-5+deb8u10.

-- 
868469: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868469
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#869132: curvedns: Incomplete debian/copyright?

2017-07-21 Thread Gianfranco Costamagna


Hello,

>Cool. I'll review it once it hits NEW. :)


it was already accepted, and we didn't change control file, the package
is already in incoming, I don't think it will hit NEW for a while :)

G.

Bug#858539: should ca-certificates certdata.txt synchronize across all suites?

2017-07-21 Thread Antoine Beaupré

On 2017-07-20 18:15:00, Philipp Kern wrote:
> On 07/17/2017 09:41 PM, Antoine Beaupré wrote:
>> Let's not jump the gun here. We're not shipping NSS in ca-certificates,
>> just a tiny part of it: one text file, more or less.
>
> Yeah, and the consensus of the world external to Debian seems to be that
> this might not be the smartest choice.

I'm not sure I understand what you are proposing as an alternative
here. Should we stop shipping ca-certificates? Or make it a binary
package of the NSS source package?

>> Also, what Mozilla enforced in NSS, we enforced in ca-certificates in
>> other ways, through the use of a blacklist.txt file. So we can
>> definitely fix #858539 without syncing all of NSS to wheezy.
>
> That is incorrect. nss/lib/certhigh/certvfy.c contains code specific to
> the StartCom/WoSign mitigation. Now the time has come for full distrust,
> we can sync dropping the certs entirely by adding them to blacklist.txt,
> sure. (Although they will continue to live on in the NSS source
> additionally.)

I don't understand this: how is it incorrect? #858539 applies only to
ca-certificates, and can be fixed without patching NSS.

Now to update the NSS package itself is another question, again.

> But my point stands that in the next round of distrust (say, uh,
> Symantec), we might actually need to push code changes to NSS.

Sure, but that doesn't necessarily affect ca-certificates directly, in
that we can update ca-certificates orthogonally right now.

>> The proposed patch here, is more or less only to merge that very file,
>> blacklist.txt. The *other* thing proposed to the release team (in
>> #867461) is to sync the *other* changes to certdata.txt from sid. But
>> considering *that* work seems mostly stalled, I wonder how hard to push
>> on that. Of course, we could also just decide, in LTS, to sync with
>> jessie at least: we do not need release-team approval for this. This
>> would be (let's be honest here) really to get Let's Encrypt directly in
>> wheezy, and I think it would be worthwhile.
>
> I think it's useful to phrase the goal which is:
>
> - Remove StartCom
> - Remove WoSign
> - Add Let's Encrypt
>
> Which is easier to get behind than "should we synchronize the file".

Sure. The point I was trying to make here was that we seem to be
favoring certain well-known CAs over other less well-known. I'm actually
with that (e.g. because I don't like Amazon very much), but I'm not sure
that's a position that should be reflected in our work.

> What's the timeline on Let's Encrypt dropping the cross certification?
> Is that actually planned? Because the whole point of that was that
> adding LE directly isn't actually critical. (And people should use the
> chain provided by ACME rather than relying on certificates shipped by
> Debian.)

I can't answer those questions, unfortunately, but it's a fair point.

Pabs? What was the idea behind migrating LE down to wheezy?

A.

-- 
La publicité est la dictature invisible de notre société.
- Jacques Ellul

Bug#869132: curvedns: Incomplete debian/copyright?

2017-07-21 Thread Chris Lamb

Hi,

> I did sponsor the package once I saw the pending tag, it was looking good
> to me
> https://incoming.debian.org/debian-buildd/pool/main/c/curvedns/curvedns_0.87-2.dsc

Cool. I'll review it once it hits NEW. :)


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb, Debian Project Leader
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Processed: Re: Bug#869186: [Pkg-mutt-maintainers] Bug#869186: mutt: Install missing required dependencies (libxapian30)

2017-07-21 Thread Debian Bug Tracking System

Processing control commands:

> reassign -1 libxapian30
Bug #869186 [mutt] mutt: Install missing required dependencies (libxapian30)
Bug reassigned from package 'mutt' to 'libxapian30'.
No longer marked as found in versions mutt/1.7.2-1.
Ignoring request to alter fixed versions of bug #869186 to the same values 
previously set
> forcemerge 863705 -1
Bug #863705 {Done: Olly Betts } [libxapian30] aptitude: symbol 
lookup error: aptitude: undefined symbol:
Bug #869186 [libxapian30] mutt: Install missing required dependencies 
(libxapian30)
Severity set to 'grave' from 'serious'
Marked Bug as done
Marked as fixed in versions xapian-core/1.4.1-1 and xapian-core/1.4.3-2~bpo8+1.
Marked as found in versions xapian-core/1.4.1-1~bpo8+1.
Merged 863705 869186

-- 
863705: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863705
869186: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869186
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#869186: [Pkg-mutt-maintainers] Bug#869186: mutt: Install missing required dependencies (libxapian30)

2017-07-21 Thread Adrian Bunk

Control: reassign -1 libxapian30
Control: forcemerge 863705 -1

On Fri, Jul 21, 2017 at 07:54:58AM -0400, Boruch Baum wrote:
>...
> Agreed. Can you re-assign it, or should I re-file, or should we drop
> this? There is still the possibility that this really isn't a debian
> issue at all, but a devuan one, but its something easy to check.
>...

This is a duplicate of #863705 in jessie-backports,
which was solved by https://tracker.debian.org/news/851348

cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

Bug#866077: marked as done (solvespace FTBFS: recipe for target 'src/generated/bitmapfont.table.h' failed)

2017-07-21 Thread Debian Bug Tracking System

Your message dated Fri, 21 Jul 2017 16:05:46 +0300
with message-id <20170721130546.sqpki64b3a42ewxz@localhost>
and subject line Re: Bug#866077: solvespace FTBFS: recipe for target 
'src/generated/bitmapfont.table.h' failed
has caused the Debian Bug report #866077,
regarding solvespace FTBFS: recipe for target 
'src/generated/bitmapfont.table.h' failed
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
866077: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866077
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: solvespace
Version: 2.3+repack1-2
Severity: serious
Tags: buster sid

Some recent change in unstable makes solvespace FTBFS:

https://tests.reproducible-builds.org/debian/history/solvespace.html
https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/solvespace.html

...
cd /build/1st/solvespace-2.3+repack1/obj-x86_64-linux-gnu/src && ../tools/lff2c 
/build/1st/solvespace-2.3+repack1/obj-x86_64-linux-gnu/src/generated/vectorfont.table.h
 /build/1st/solvespace-2.3+repack1/src/fonts/unicode.lff.gz
parse unifont character
Aborted
src/CMakeFiles/solvespace.dir/build.make:125: recipe for target 
'src/generated/bitmapfont.table.h' failed
make[3]: *** [src/generated/bitmapfont.table.h] Error 134
make[3]: *** Waiting for unfinished jobs
make[3]: Leaving directory 
'/build/1st/solvespace-2.3+repack1/obj-x86_64-linux-gnu'
CMakeFiles/Makefile2:282: recipe for target 'src/CMakeFiles/solvespace.dir/all' 
failed
make[2]: *** [src/CMakeFiles/solvespace.dir/all] Error 2
make[2]: Leaving directory 
'/build/1st/solvespace-2.3+repack1/obj-x86_64-linux-gnu'
Makefile:130: recipe for target 'all' failed
make[1]: *** [all] Error 2
make[1]: Leaving directory 
'/build/1st/solvespace-2.3+repack1/obj-x86_64-linux-gnu'
dh_auto_build: make -j15 returned exit code 2
debian/rules:4: recipe for target 'build' failed
make: *** [build] Error 2
--- End Message ---
--- Begin Message ---
On Tue, Jun 27, 2017 at 09:24:14AM +0300, Adrian Bunk wrote:
>...
> Some recent change in unstable makes solvespace FTBFS:
> 
> https://tests.reproducible-builds.org/debian/history/solvespace.html
> https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/solvespace.html
> 
> ...
> cd /build/1st/solvespace-2.3+repack1/obj-x86_64-linux-gnu/src && 
> ../tools/lff2c 
> /build/1st/solvespace-2.3+repack1/obj-x86_64-linux-gnu/src/generated/vectorfont.table.h
>  /build/1st/solvespace-2.3+repack1/src/fonts/unicode.lff.gz
> parse unifont character
> Aborted
> src/CMakeFiles/solvespace.dir/build.make:125: recipe for target 
> 'src/generated/bitmapfont.table.h' failed
> make[3]: *** [src/generated/bitmapfont.table.h] Error 134
> make[3]: *** Waiting for unfinished jobs
> make[3]: Leaving directory 
> '/build/1st/solvespace-2.3+repack1/obj-x86_64-linux-gnu'
> CMakeFiles/Makefile2:282: recipe for target 
> 'src/CMakeFiles/solvespace.dir/all' failed
> make[2]: *** [src/CMakeFiles/solvespace.dir/all] Error 2
> make[2]: Leaving directory 
> '/build/1st/solvespace-2.3+repack1/obj-x86_64-linux-gnu'
> Makefile:130: recipe for target 'all' failed
> make[1]: *** [all] Error 2
> make[1]: Leaving directory 
> '/build/1st/solvespace-2.3+repack1/obj-x86_64-linux-gnu'
> dh_auto_build: make -j15 returned exit code 2
> debian/rules:4: recipe for target 'build' failed
> make: *** [build] Error 2

Whatever caused this problem seems fixed now. closing.

cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed--- End Message ---

Bug#869132: curvedns: Incomplete debian/copyright?

2017-07-21 Thread Stéphane Neveu

Chris,

Is it ok on debomatic ?
http://debomatic-amd64.debian.net/distribution#unstable/curvedns/0.87-2/buildlog
My package on mentors has been removed...

Regards,
Stephane

2017-07-21 14:13 GMT+02:00 Chris Lamb :
> (readding bug to CC)
>
> Please directly  link to a .dsc instead, or the mentors.debian.net entry.
>
> /lamby
>
> Stéphane Neveu wrote:
>
>> Of course, you can download it here :
>> http://dl.free.fr/g5zaQBZcy
>>
>> Regards,
>> Stéphane
>>
>> 2017-07-21 13:23 GMT+02:00 Chris Lamb :
>> >
>> > Stéphane,
>> >
>> > Please upload your (built)  package somewhere and I will have a look.
>> >
>> > /lamby
>> >
>> >> Hi Chris,
>> >>
>> >> Thank you for your review. I had a look at the entire package but I
>> >> did not see anything else.
>> >> I hope the copyright is fine now :
>> >> https://anonscm.debian.org/cgit/pkg-security/curvedns.git/commit/?id=dccc20efc28f4bfbf1d157bedaa46a6d9b56676b
>> >>
>> >> I also used cme update dpkg-copyright command and license-reconcile.
>> >>
>> >> Just tell me if it's ok for you and I'll ask my DD to re-upload it.
>> >>
>> >> Best regards,
>> >>
>> >> Stephane
>> >>
>> >>
>> >> 2017-07-20 20:55 GMT+02:00 Chris Lamb :
>> >> > Source: curvedns
>> >> > Version: 0.87-1
>> >> > Severity: serious
>> >> > Justication: Policy 12.5
>> >> > X-Debbugs-CC: NEVEU Stephane 
>> >> >
>> >> > Hi,
>> >> >
>> >> > I just ACCEPTed curvedns from NEW but noticed it was missing
>> >> > attribution in debian/copyright for at least:
>> >> >
>> >> >   nacl/crypto_scalarmult/curve25519/donna_c64/smult.c
>> >> >
>> >> >
>> >> > (This is not exhaustive so please check over the entire package
>> >> > carefully and address these on your next upload.)
>> >> >
>> >> >
>> >> > Regards,
>> >> >
>> >> > --
>> >> >   ,''`.
>> >> >  : :'  : Chris Lamb, Debian Project Leader
>> >> >  `. `'`  la...@debian.org / chris-lamb.co.uk
>> >> >`-
>> >
>> >
>> > Regards,
>> >
>> > --
>> >   ,''`.
>> >  : :'  : Chris Lamb, Debian Project Leader
>> >  `. `'`  la...@debian.org / chris-lamb.co.uk
>> >`-
>
>
> Regards,
>
> --
>   ,''`.
>  : :'  : Chris Lamb, Debian Project Leader
>  `. `'`  la...@debian.org / chris-lamb.co.uk
>`-

Bug#869098: python2.7 2.7.13-4 causes EOFError breakage in python-sphinx

2017-07-21 Thread Neil Williams

On Fri, 21 Jul 2017 13:17:36 +0200
Matthias Klose  wrote:

> On 21.07.2017 09:43, Neil Williams wrote:
> > On Thu, 20 Jul 2017 22:23:31 +0200
> > Matthias Klose  wrote:
> >   
> >> On 20.07.2017 16:40, Neil Williams wrote:  
> >>> Package: python2.7
> >>> Version: 2.7.13-4
> >>> Severity: serious
> >>> Justification: causes other packages to FTBFS
> >>>
> >>> With 2.7.13-4 installed, I am unable to build documentation as
> >>> sphinx errors out:
> >>
> >> please could you check if it builds with the debug interpreter?
> >>  
> > 
> > $ make SPHINXBUILD="python -m
> > pdb /usr/share/sphinx/scripts/python2/sphinx-build" -C doc/v2 html
> > make: Entering directory '/home/neil/code/lava/lava-server/doc/v2'
> > python -m pdb /usr/share/sphinx/scripts/python2/sphinx-build -b
> > html -d _build/doctrees  -n -j 4 .   
> 
> no, not debugging the standard interpreter, but using the debug
> interpreter, calling python-dbg

Sorry.

I don't see a change:

$ make SPHINXBUILD='python-dbg /usr/bin/sphinx-build' -C doc/v2 html
make: Entering directory '/home/neil/code/lava/lava-server/doc/v2'
python-dbg /usr/bin/sphinx-build -b html -d _build/doctrees  -n -j 4 . 
_build/html
Running Sphinx v1.5.6
loading pickled environment... not yet created
loading intersphinx inventory from https://docs.python.org/2/objects.inv...
building [mo]: targets for 0 po files that are out of date
building [html]: targets for 91 source files that are out of date
updating environment: 91 added, 0 changed, 0 removed
reading sources... [100%] test-repositories .. writing-tests
waiting for workers...

Exception occurred:
  File "/usr/lib/python2.7/dist-packages/sphinx/util/parallel.py", line 98, in 
_join_one
exc, result = pipe.recv()
EOFError
The full traceback has been saved in /tmp/sphinx-err-gq8BHS.log, if you want to 
report the issue to the developers.
Please also report this if it was a user error, so that a better error message 
can be provided next time.
A bug report can be filed in the tracker at 
. Thanks!
^CError in atexit._run_exitfuncs:
Traceback (most recent call last):
  File "/usr/lib/python2.7/atexit.py", line 24, in _run_exitfuncs
func(*targs, **kargs)
  File "/usr/lib/python2.7/multiprocessing/util.py", line 328, in _exit_function
p.join()
  File "/usr/lib/python2.7/multiprocessing/process.py", line 148, in join
res = self._popen.wait(timeout)
  File "/usr/lib/python2.7/multiprocessing/forking.py", line 154, in wait
return self.poll(0)
  File "/usr/lib/python2.7/multiprocessing/forking.py", line 135, in poll
pid, sts = os.waitpid(self.pid, flag)
KeyboardInterrupt
Error in sys.exitfunc:
Traceback (most recent call last):
  File "/usr/lib/python2.7/atexit.py", line 24, in _run_exitfuncs
func(*targs, **kargs)
  File "/usr/lib/python2.7/multiprocessing/util.py", line 328, in _exit_function
p.join()
  File "/usr/lib/python2.7/multiprocessing/process.py", line 148, in join
res = self._popen.wait(timeout)
  File "/usr/lib/python2.7/multiprocessing/forking.py", line 154, in wait
return self.poll(0)
  File "/usr/lib/python2.7/multiprocessing/forking.py", line 135, in poll
pid, sts = os.waitpid(self.pid, flag)
KeyboardInterrupt
[357925 refs]
Makefile:45: recipe for target 'html' failed
make: *** [html] Error 1

$ cat /tmp/sphinx-err-gq8BHS.log
# Sphinx version: 1.5.6
# Python version: 2.7.13+ (CPython)
# Docutils version: 0.13.1 release
# Jinja2 version: 2.9.6
# Last messages:
#   91 added, 0 changed, 0 removed
#   reading sources... [ 14%] actions-boot .. data-export
#   reading sources... [ 28%] debian .. explain_first_job
#   reading sources... [ 42%] first-devices .. ipxe
#   reading sources... [ 57%] lava-dashboard-image-reports .. migrate-lava
#   reading sources... [ 71%] migrating-admin-example .. pipeline-writer
#   reading sources... [ 85%] pipeline-writer-secondary .. tables
#   reading sources... [100%] test-repositories .. writing-tests
#   
#   waiting for workers...
# Loaded extensions:
#   sphinx.ext.coverage (1.5.6) from 
/usr/lib/python2.7/dist-packages/sphinx/ext/coverage.pyc
#   sphinx.ext.viewcode (1.5.6) from 
/usr/lib/python2.7/dist-packages/sphinx/ext/viewcode.pyc
#   sphinx.ext.todo (1.5.6) from 
/usr/lib/python2.7/dist-packages/sphinx/ext/todo.pyc
#   sphinx.ext.autodoc (1.5.6) from 
/usr/lib/python2.7/dist-packages/sphinx/ext/autodoc.pyc
#   sphinx.ext.intersphinx (1.5.6) from 
/usr/lib/python2.7/dist-packages/sphinx/ext/intersphinx.pyc
#   sphinx.ext.doctest (1.5.6) from 
/usr/lib/python2.7/dist-packages/sphinx/ext/doctest.pyc
#   alabaster (0.7.8) from 
/usr/lib/python2.7/dist-packages/alabaster/__init__.pyc
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/sphinx/cmdline.py", line 296, in main
app.build(opts.force_all, filenames)
  File "/usr/lib/python2.7/dist-packages/sphinx/application.py", line 333, in 
build

Bug#869132: curvedns: Incomplete debian/copyright?

2017-07-21 Thread Gianfranco Costamagna

Hello,

>Please directly  link to a .dsc instead, or the mentors.debian.net entry. 


I did sponsor the package once I saw the pending tag, it was looking good
to me
https://incoming.debian.org/debian-buildd/pool/main/c/curvedns/curvedns_0.87-2.dsc

G.

Bug#865692: marked as done (sprng hides build failures)

2017-07-21 Thread Debian Bug Tracking System

Your message dated Fri, 21 Jul 2017 12:21:44 +
with message-id 
and subject line Bug#865692: fixed in sprng 2.0a-11
has caused the Debian Bug report #865692,
regarding sprng hides build failures
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
865692: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865692
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: sprng
Version: 2.0a-2
Severity: serious
Justification: policy 4.6
User: helm...@debian.org
Usertags: rebootstrap

sprng's build system hides build failures. It's Makefile uses
constructs such as:

(cd $somewhere; $(MAKE); cd ..)

If there is a failure in the submake, it is not propagated and the build
continues. This violates Debian Policy section 4.6. For chaining shell
commands, "set -e" should be used. In this case however, "$(MAKE) -C
$somedir" would be even better.

Helmut
--- End Message ---
--- Begin Message ---
Source: sprng
Source-Version: 2.0a-11

We believe that the bug you reported is fixed in the latest version of
sprng, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 865...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Dirk Eddelbuettel  (supplier of updated sprng package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 21 Jul 2017 06:30:15 -0500
Source: sprng
Binary: libsprng2 libsprng2-dev libsprng2-doc
Architecture: source amd64 all
Version: 2.0a-11
Distribution: unstable
Urgency: medium
Maintainer: Dirk Eddelbuettel 
Changed-By: Dirk Eddelbuettel 
Description:
 libsprng2  - SPRNG Scalable Parallel RNG library -- library package
 libsprng2-dev - SPRNG Scalable Parallel RNG library -- development package
 libsprng2-doc - SPRNG Scalable Parallel RNG library -- documentation package
Closes: 865692
Changes:
 sprng (2.0a-11) unstable; urgency=medium
 .
   * Makefile: Minor pedantic issue addressed   (Closes: #865692)
Checksums-Sha1:
 036a896a14f84d489d99b055942d6b5ac0c02a0a 1703 sprng_2.0a-11.dsc
 cd732306fd53c49441daf6d63af8651b4f2b7b18 8933 sprng_2.0a-11.diff.gz
 ebcde66e5d726c604c6017bdc532d40f9274ff04 4466 
libsprng2-dbgsym_2.0a-11_amd64.deb
 d227ce3896a38ba9020e57149cd34c9671baab8c 77986 libsprng2-dev_2.0a-11_amd64.deb
 3d513c9e90f565d30eae6d8ae877143844d7 1158736 libsprng2-doc_2.0a-11_all.deb
 06aa8100cc2bdf00507d06735ce33e7970c0342f 75726 libsprng2_2.0a-11_amd64.deb
 d7c2ae6e9886895e00f40601c21bea9b3b3240c8 5482 sprng_2.0a-11_amd64.buildinfo
Checksums-Sha256:
 526395e3d9461e23a4f55a3544d1fd6e511600a1ba5990d88c6f4d0ca8a3ad07 1703 
sprng_2.0a-11.dsc
 9ea954f85db5bb8adc942e38f955520d2bc1942de0dc120942912b657277d2a7 8933 
sprng_2.0a-11.diff.gz
 22d4dbac689ecdb3db94f2670b009a2d26155ff89c6f4e1b10b1356b79a3629d 4466 
libsprng2-dbgsym_2.0a-11_amd64.deb
 369216443dbdafdb2488593b6fea2cc49e9e6b9765a79e72ea4c73bd80f38c15 77986 
libsprng2-dev_2.0a-11_amd64.deb
 f17f971e5239113292c0ea9a08297d9742d03a01e99e85ee466f414e83018e50 1158736 
libsprng2-doc_2.0a-11_all.deb
 948f11ca6e1c13a971e0ba1a97b2bcb196df9a85e059157f17469dfdcfdf559e 75726 
libsprng2_2.0a-11_amd64.deb
 27e43e81ba96519dbd09eca3141ded06011db2545f3be71c428f1f8f469c97cf 5482 
sprng_2.0a-11_amd64.buildinfo
Files:
 7eead7ed4243e7e6fdc21742b36615a4 1703 math optional sprng_2.0a-11.dsc
 422f1db8548665d12ae03325566786ac 8933 math optional sprng_2.0a-11.diff.gz
 fd022db90f7589ec75278ee864b4db8a 4466 debug extra 
libsprng2-dbgsym_2.0a-11_amd64.deb
 f6b7d4893c96f95b658011db4800fd02 77986 libdevel optional 
libsprng2-dev_2.0a-11_amd64.deb
 d2bc0b19e4438c20de3bab2bb109ec77 1158736 doc optional 
libsprng2-doc_2.0a-11_all.deb
 01a509aaf14cba97dd5342f770df9537 75726 libs optional 
libsprng2_2.0a-11_amd64.deb
 772552b51252d8d43e1e2a133483e2e5 5482 math optional 
sprng_2.0a-11_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIVAwUBWXHq1aFIn+KrmaIaAQjFdg//Y5ifdNzFfsYHr05Ikpr/frGiHibAXSH5
KeH5ShvrV6YJo0lphmwHrH94fkXLpVZ+K3u0LYK4NqnMY6vtL8bBHCnJ4vYmhJUT
f2W4zKkBURh8H2zKRMkMM4dO5C5x3trFLvH88cd2icoQ7ja6QGQSxisxnQeywY7E
8QyH4jMMFiBpk5qLwmPUwFpqISD8b5/BxQQdUA2vhCso2hGa9ETMtJg0krMkXFPD

Bug#868572: marked as done (ruby-mixlib-archive: CVE-2017-1000026)

2017-07-21 Thread Debian Bug Tracking System

Your message dated Fri, 21 Jul 2017 12:21:27 +
with message-id 
and subject line Bug#868572: fixed in ruby-mixlib-archive 0.4.1-1
has caused the Debian Bug report #868572,
regarding ruby-mixlib-archive: CVE-2017-126
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
868572: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868572
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: ruby-mixlib-archive
Version: 0.2.0-1
Severity: important
Tags: upstream patch security fixed-upstream
Forwarded: https://github.com/chef/mixlib-archive/pull/6

Hi,

the following vulnerability was published for ruby-mixlib-archive.

CVE-2017-126[0]:
| Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable
| to a directory traversal attack allowing attackers to overwrite
| arbitrary files by using ".." in tar archive entries

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-126
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-126
[1] https://github.com/chef/mixlib-archive/pull/6

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: ruby-mixlib-archive
Source-Version: 0.4.1-1

We believe that the bug you reported is fixed in the latest version of
ruby-mixlib-archive, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 868...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Lucas Kanashiro  (supplier of updated ruby-mixlib-archive 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 21 Jul 2017 07:57:55 -0300
Source: ruby-mixlib-archive
Binary: ruby-mixlib-archive
Architecture: source
Version: 0.4.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Ruby Extras Maintainers 

Changed-By: Lucas Kanashiro 
Description:
 ruby-mixlib-archive - simple interface to various archive formats
Closes: 868572
Changes:
 ruby-mixlib-archive (0.4.1-1) unstable; urgency=medium
 .
   * Team upload.
   * New upstream version 0.4.1: fixes CVE-2017-126 (Closes: #868572)
   * Bump debhelper compatibility level to 10
   * Declare compliance with Debian Policy 4.0.0
Checksums-Sha1:
 26a021801559286b85cd98bf41b108021a0cd8a3 2136 ruby-mixlib-archive_0.4.1-1.dsc
 b7ee15f315f742f306bf5329b6f72324965a7e62 9258 
ruby-mixlib-archive_0.4.1.orig.tar.gz
 0616021ead77d0849af6e0c2d38cdaf444c62da1 2192 
ruby-mixlib-archive_0.4.1-1.debian.tar.xz
 08216f17399ee4dc0072471dd32f6713a3f693f5 6704 
ruby-mixlib-archive_0.4.1-1_amd64.buildinfo
Checksums-Sha256:
 df473b019c62a08ee572bf450214e578cfacf995bc71f7a0e938072e84583f59 2136 
ruby-mixlib-archive_0.4.1-1.dsc
 de2259d8a81c26606e568470fe3fcf75b195877fbfdbad34d9ef1cd0c95d9c49 9258 
ruby-mixlib-archive_0.4.1.orig.tar.gz
 7b18f53ae79c1f6e475a2e19f4fcd4df7a56d9f903eee6acd3dfa0dd4aca44e5 2192 
ruby-mixlib-archive_0.4.1-1.debian.tar.xz
 26728617c923ea5c95eb935d0f5c200dcbd9f60be9138d0da780ad8d9d43d571 6704 
ruby-mixlib-archive_0.4.1-1_amd64.buildinfo
Files:
 f6d0362669aa8fda0a4aaa830026d465 2136 ruby optional 
ruby-mixlib-archive_0.4.1-1.dsc
 ed20531e8727486f451adaeb41ae61d9 9258 ruby optional 
ruby-mixlib-archive_0.4.1.orig.tar.gz
 f456dff969cf05f7f5fac4af354a748f 2192 ruby optional 
ruby-mixlib-archive_0.4.1-1.debian.tar.xz
 092fa8daacec2fa4e0520e1be467785d 6704 ruby optional 
ruby-mixlib-archive_0.4.1-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEjtbD+LrJ23/BMKhw+COicpiDyXwFAllx6zQACgkQ+COicpiD
yXy2bw/9HUQg3No8Cmp7CKrA07NIMJLeOProre6/4iljJbnHBrMjgwk0ugLOFr6y
Xui3+JEn4J8GNfz/sH/zsCYg/ijomLyMjtlZVfXRzZwoSRBa0g69+z7ENfe7rxHz
FJAsbccMe52ek4envJ/ASpZEkiH/eapN1OuTOzsTaPh2dHmaFuEUEQ/31gvt4xqd
OYuXP3bmOCSJyMJudrzQvHE7sHdXvg/GExFJhrn1c02RbxYeFhbAilYbbilGIf89
b4IhXgrXbRThrleGKzFsiuiYy3wdU4rv43EXDYq+A66Cmxd+sMzdjb2rSokANs9h
uG0MGryRgRjp8xNk/euecbm/N/0qhJau04MP5XZUbewcn3UKdloBp3+HUIF4u6mK

Bug#869199: knot binary-all FTBFS: dh_missing: missing files, aborting

2017-07-21 Thread Adrian Bunk

Source: knot
Version: 2.5.3-1
Severity: serious

https://buildd.debian.org/status/package.php?p=knot=sid

...
   dh_install -i -O--parallel "-O--dbgsym-migration=knot-dbg (<< 2.2.0-2~)" 
-O--exclude=.la -O--exclude=example.com.zone -O--fail-missing
dh_install: Please use dh_missing --list-missing/--fail-missing instead
dh_install: This feature will be removed in compat 11.
dh_missing: etc/knot/knot.sample.conf exists in debian/tmp but is not installed 
to anywhere
dh_missing: missing files, aborting
The following debhelper tools have reported what they installed (with 
files per package)
 * dh_install: knot (17), knot-dnsutils (4), knot-doc (26), knot-host 
(2), libdnssec4 (2), libknot-dev (11), libknot6 (2), libzscanner1 (2)
If the missing files are installed by another tool, please file a bug 
against it.
When filing the report, if the tool is not part of debhelper itself, 
please reference the
"Logging helpers and dh_missing" section from the "PROGRAMMING" guide 
for debhelper (10.6.3+).
  (in the debhelper package: /usr/share/doc/debhelper/PROGRAMMING.gz)
Be sure to test with dpkg-buildpackage -A/-B as the results may vary 
when only a subset is built
For a short-term work-around: Add the files to debian/not-installed
dh_install: dh_missing --exclude .la --exclude example.com.zone --fail-missing 
returned exit code 255
debian/rules:33: recipe for target 'binary-indep' failed
make: *** [binary-indep] Error 25

Bug#869132: curvedns: Incomplete debian/copyright?

2017-07-21 Thread Chris Lamb

(readding bug to CC) 

Please directly  link to a .dsc instead, or the mentors.debian.net entry. 

/lamby 

Stéphane Neveu wrote:

> Of course, you can download it here :
> http://dl.free.fr/g5zaQBZcy
> 
> Regards,
> Stéphane
> 
> 2017-07-21 13:23 GMT+02:00 Chris Lamb :
> >
> > Stéphane,
> >
> > Please upload your (built)  package somewhere and I will have a look.
> >
> > /lamby
> >
> >> Hi Chris,
> >>
> >> Thank you for your review. I had a look at the entire package but I
> >> did not see anything else.
> >> I hope the copyright is fine now :
> >> https://anonscm.debian.org/cgit/pkg-security/curvedns.git/commit/?id=dccc20efc28f4bfbf1d157bedaa46a6d9b56676b
> >>
> >> I also used cme update dpkg-copyright command and license-reconcile.
> >>
> >> Just tell me if it's ok for you and I'll ask my DD to re-upload it.
> >>
> >> Best regards,
> >>
> >> Stephane
> >>
> >>
> >> 2017-07-20 20:55 GMT+02:00 Chris Lamb :
> >> > Source: curvedns
> >> > Version: 0.87-1
> >> > Severity: serious
> >> > Justication: Policy 12.5
> >> > X-Debbugs-CC: NEVEU Stephane 
> >> >
> >> > Hi,
> >> >
> >> > I just ACCEPTed curvedns from NEW but noticed it was missing
> >> > attribution in debian/copyright for at least:
> >> >
> >> >   nacl/crypto_scalarmult/curve25519/donna_c64/smult.c
> >> >
> >> >
> >> > (This is not exhaustive so please check over the entire package
> >> > carefully and address these on your next upload.)
> >> >
> >> >
> >> > Regards,
> >> >
> >> > --
> >> >   ,''`.
> >> >  : :'  : Chris Lamb, Debian Project Leader
> >> >  `. `'`  la...@debian.org / chris-lamb.co.uk
> >> >`-
> >
> >
> > Regards,
> >
> > --
> >   ,''`.
> >  : :'  : Chris Lamb, Debian Project Leader
> >  `. `'`  la...@debian.org / chris-lamb.co.uk
> >`-


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb, Debian Project Leader
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#869195: python-blosc: building of sphinx-docs breaks

2017-07-21 Thread Daniel Stender

Package: python-blosc
Version: 1.4.4+ds1-3+b1
Severity: serious
Justification: fails to build from source (but built successfully in the past)
Control: forwarded -1 https://github.com/Blosc/python-blosc/issues/125

The building of python-blosc currenty breaks:


Running Sphinx v1.5.6
making output directory...
loading pickled environment... not yet created
loading intersphinx inventory from http://docs.python.org/objects.inv...
WARNING: intersphinx inventory 'http://docs.python.org/objects.inv' not 
fetchable due to : 
HTTPConnectionPool(host='127.0.0.1', port=9): Max retries exceeded with url: 
http://docs.python.org/objects.inv (Caused by ProxyError('Cannot connect to 
proxy.', 
NewConnectionError(': Failed to establish a new connection: [Errno 111] 
Connection refused',)))
building [mo]: targets for 0 po files that are out of date
building [html]: targets for 5 source files that are out of date
updating environment: 5 added, 0 changed, 0 removed
reading sources... [ 20%] index
reading sources... [ 40%] install
reading sources... [ 60%] intro
reading sources... [ 80%] reference

Exception occurred:
  File "/usr/lib/python2.7/re.py", line 155, in sub
return _compile(pattern, flags).sub(repl, string, count)
TypeError: expected string or buffer
The full traceback has been saved in /tmp/sphinx-err-A00fVX.log, if you want to 
report the issue to the developers.
Please also report this if it was a user error, so that a better error message 
can be provided next time.
A bug report can be filed in the tracker at 
. Thanks!
debian/rules:12: recipe for target 'override_dh_auto_install' failed


The package builds on python3-sphinx, but this happens with python-sphinx 
either.

Thanks,
DS

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.5.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8), 
LANGUAGE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages python-blosc depends on:
ii  libblosc1  1.11.1+ds2-2
ii  libc6  2.24-12
ii  python 2.7.13-2

python-blosc recommends no packages.

Versions of packages python-blosc suggests:
ii  python-blosc-doc  1.4.4+ds1-3

-- no debconf information

Processed: python-blosc: building of sphinx-docs breaks

2017-07-21 Thread Debian Bug Tracking System

Processing control commands:

> forwarded -1 https://github.com/Blosc/python-blosc/issues/125
Bug #869195 [python-blosc] python-blosc: building of sphinx-docs breaks
Set Bug forwarded-to-address to 
'https://github.com/Blosc/python-blosc/issues/125'.

-- 
869195: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869195
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#865692: Suggested patch

2017-07-21 Thread Dirk Eddelbuettel


On 21 July 2017 at 07:08, Andreas Tille wrote:
| I stumbled upon this since the Debian Med package tree-puzzle
| is affected.  Wouldn't the patch as easy as
| 
| cd $somewhere && $(MAKE) && cd ..

I went with   $(MAKE) -C somewhereas suggested in the original report.

Dirk

-- 
http://dirk.eddelbuettel.com | @eddelbuettel | e...@debian.org

Processed: Bug#868572 marked as pending

2017-07-21 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> tag 868572 pending
Bug #868572 [src:ruby-mixlib-archive] ruby-mixlib-archive: CVE-2017-126
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
868572: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868572
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#868572: marked as pending

2017-07-21 Thread Lucas Kanashiro

tag 868572 pending
thanks

Hello,

Bug #868572 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:


https://anonscm.debian.org/cgit/pkg-ruby-extras/ruby-mixlib-archive.git/commit/?id=9419324

---
commit 9419324f729aabcc337a15e5719a7339686dec54
Author: Lucas Kanashiro 
Date:   Fri Jul 21 07:57:51 2017 -0300

fix CVE-2017-126 in debian/changelog

diff --git a/debian/changelog b/debian/changelog
index 4f2cd46..5fd05b1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,6 @@
 ruby-mixlib-archive (0.4.1-1) UNRELEASED; urgency=medium
 
-  * New upstream version 0.4.1
+  * New upstream version 0.4.1: fixes CVE-2017-126 (Closes: #868572)
   * Bump debhelper compatibility level to 10
   * Declare compliance with Debian Policy 4.0.0

Bug#869186: [Pkg-mutt-maintainers] Bug#869186: mutt: Install missing required dependencies (libxapian30)

2017-07-21 Thread Boruch Baum

Thanks Evgeni for the quick response. It's gratifying to see a debian
maintainer so alert and responsive.

This may *possibly* be what some folks say is _my bad_, so let me add
some details, that I didn't realize until after I hit 'send'.

On 2017-07-21 13:32, Evgeni Golov wrote:
> On Fri, Jul 21, 2017 at 07:02:50AM -0400, Boruch Baum wrote:
> > Upon upgrading `mutt' from the stable to testing repositories, mutt
> > ceased to function, offering the following error message:
>
> There is no mutt 1.7.2-1 in testing. Did you mean upgrading
> jessie→stretch?

I meant upgrading from 1.5.xx to 1.7.2-1.

This next indented section is tangential, but important:

  My bug report may be valid for debian, or not. The main problem with
  my report is that it was intended to be sent to your ?evil? or at
  least "more-challenged" twin, the devuan project. I am running their
  version of 'stable' which has mutt 1.5.xxx and upgraded to their
  'testing' version 1.7.2-1.

  Their package `reportbug' in their stable repository sends bug reports
  to debian, not devuan (aaargh!). I have since upgraded to their
  'testing' version, and filed a bug report against their 'stable'
  version, but I see that even their 'testing' version is flawed in that
  it seems to always send reports to BOTH devuan and debian (aaargh!).
  So, I will file another bug report (manually) to them.

  It might be a good idea if you could join me in complaining to the
  devuan folks. For me this is embarassing, but really, I wasn't
  expecting this incompetence.

> mutt has a dependency on libnotmuch4, libnotmuch4 has a dependency on
> libxapian30, mutt is not using any xapian directly AFAIK.

This issue is that libnotmuch4 links to a whole lot of xapian symbols
that will be undefined until the correct version of the xapian library
is installed.

> so we might discuss this as being a not-strong-enough dep between
> libnotmuch4 and libxapian30, but not a serios bug in mutt.

Agreed. Can you re-assign it, or should I re-file, or should we drop
this? There is still the possibility that this really isn't a debian
issue at all, but a devuan one, but its something easy to check.

Apologies again,

-- 
hkp://keys.gnupg.net
CA45 09B5 5351 7C11 A9D1  7286 0036 9E45 1595 8BC0

Bug#869192: golang-github-pingcap-check FTBFS: FAIL: benchmark_test.go:40: BenchmarkS.TestBenchmark

2017-07-21 Thread Adrian Bunk

Source: golang-github-pingcap-check
Version: 0.0~git20161122.0.9b26663-1
Severity: serious

https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/golang-github-pingcap-check.html

...
--
FAIL: benchmark_test.go:40: BenchmarkS.TestBenchmark

benchmark_test.go:60:
c.Assert(output.value, Matches, expected)
... value string = "PASS: check_test.go:144: FixtureHelper.Benchmark1\t 
100\t393348 ns/op\n"
... regex string = "PASS: check_test\\.go:[0-9]+: FixtureHelper\\.Benchmark1\t 
*100\t *[12][0-9]{5} ns/op\n"

OOPS: 129 passed, 1 FAILED
--- FAIL: Test (0.59s)
FAIL
exit status 1
FAILgithub.com/pingcap/check0.598s
dh_auto_test: go test -v -p 15 github.com/pingcap/check returned exit code 1
debian/rules:4: recipe for target 'build' failed
make: *** [build] Error 1

Bug#869190: golang-github-minio-cli FTBFS: FAIL: TestFlagsFromEnv

2017-07-21 Thread Adrian Bunk

Source: golang-github-minio-cli
Version: 1.3.0+git20170313.0.8683fa7-1
Severity: serious

https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/golang-github-minio-cli.html

...
=== RUN   TestFlagsFromEnv
--- FAIL: TestFlagsFromEnv (0.00s)
flag_test.go:102: expected error could not parse 1.2,2 as int slice 
value for flag seconds: strconv.ParseInt: parsing "1.2": invalid syntax, got 
error could not parse 1.2,2 as int slice value for flag seconds: strconv.Atoi: 
parsing "1.2": invalid syntax
flag_test.go:102: expected error could not parse foobar as int slice 
value for flag seconds: strconv.ParseInt: parsing "foobar": invalid syntax, got 
error could not parse foobar as int slice value for flag seconds: strconv.Atoi: 
parsing "foobar": invalid syntax
...
dh_auto_test: go test -v -p 16 github.com/minio/cli github.com/minio/cli/altsrc 
returned exit code 1
debian/rules:4: recipe for target 'build' failed
make: *** [build] Error 1

Bug#869186: [Pkg-mutt-maintainers] Bug#869186: mutt: Install missing required dependencies (libxapian30)

2017-07-21 Thread Evgeni Golov

Hi,

On Fri, Jul 21, 2017 at 07:02:50AM -0400, Boruch Baum wrote:
> Upon upgrading `mutt' from the stable to testing repositories, mutt
> ceased to function, offering the following error message:

There is no mutt 1.7.2-1 in testing. Did you mean upgrading
jessie→stretch?

>#+BEGIN_SRC conf
>mutt: symbol lookup error:  /usr/lib/x86_64-linux-gnu/libnotmuch.so.4:
>undefined symbol:
> _ZN6Xapian9Compactor26resolve_duplicate_metadataERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEmPS7_
>#+End_SRC
> 
> Performing the following fixed the problem for me:
> 
>#+BEGIN_SRC conf
>apt-get install libxapian30
> 
>The following packages will be upgraded:
>  libxapian-dev libxapian30 xapian-tools
>#+END_SRC

¯\_(ツ)_/¯

mutt has a dependency on libnotmuch4, libnotmuch4 has a dependency on
libxapian30, mutt is not using any xapian directly AFAIK.

so we might discuss this as being a not-strong-enough dep between
libnotmuch4 and libxapian30, but not a serios bug in mutt.

> -- System Information:
> Distributor ID:   Devuan
> Description:  Devuan GNU/Linux 1.0 (jessie)
> Release:  1.0
> Codename: jessie
> Architecture: x86_64

Why do you have mutt from stretch on a jessie(-derived) system?

Bug#868958: [Debian-med-packaging] Bug#868958: bcftools FTBFS on 32bit: test failures

2017-07-21 Thread Graham Inggs


On 19/07/2017 23:12, Adrian Bunk wrote:

test_vcf_query:
/<>/bcftools view -Ob /tmp/f0hqBlggDJ/view.filter.vcf.gz | 
/<>/bcftools query -f'%POS %CIGAR\n' -i'strlen(CIGAR[*])=4'
*** Error in `/<>/bcftools': free(): invalid next size (fast): 
0x80abd7a0 ***
/bin/bash: line 1: 11930 Done/<>/bcftools view 
-Ob /tmp/f0hqBlggDJ/view.filter.vcf.gz
  11931 Aborted | /<>/bcftools query -f'%POS 
%CIGAR\n' -i'strlen(CIGAR[*])=4'

Non-zero status 134
.. failed ...
...


The crash in test_vcf_query is already fixed upstream in the following 
commit:


https://github.com/samtools/bcftools/commit/8bfb9d5a94aaab4617bc38cfefa8332729dbd837#diff-f200ee7e516d3b752a03f395b72c8cd5


The two test_vcf_norm failures are caused by the following differing 
output on 32-bit architectures:


--- test/norm.out
+++ test/norm.out.new
@@ -55,4 +55,5 @@
 3  17  .   CA  C   999 PASSINDEL;AN=0 
GT:DP   ./.:0   ./.:0
 4  25  .   T   TT,*999 PASSINDEL;AN=0 
GT:DP   ./.:0   ./.:0
 4  36  .   TC  C,TT,TTC999 PASS 
INDEL;AN=0  GT:DP   ./.:0   ./.:0
+4  37  .   C   I   999 PASSINDEL;AN=0 
GT:DP   ./.:0   ./.:0
 5  21  .   A   AAG 999 PASSINDEL;AN=0 
GT:DP   ./.:0   ./.:0

Bug#865692: Suggested patch

2017-07-21 Thread Dirk Eddelbuettel


On 21 July 2017 at 07:08, Andreas Tille wrote:
| Hi Dirk,
| 
| I stumbled upon this since the Debian Med package tree-puzzle
| is affected.  Wouldn't the patch as easy as
| 
| cd $somewhere && $(MAKE) && cd ..

Sure.

The bigger problem is that SPRNG is really outdated, as is the package itself
(and its packaging).  We have better parallel RNGs now, and those should
probably be used.  So maybe it is time for this package to die ...

Dirk

-- 
http://dirk.eddelbuettel.com | @eddelbuettel | e...@debian.org

Bug#869132: curvedns: Incomplete debian/copyright?

2017-07-21 Thread Chris Lamb


Stéphane, 

Please upload your (built)  package somewhere and I will have a look. 

/lamby

> Hi Chris,
> 
> Thank you for your review. I had a look at the entire package but I
> did not see anything else.
> I hope the copyright is fine now :
> https://anonscm.debian.org/cgit/pkg-security/curvedns.git/commit/?id=dccc20efc28f4bfbf1d157bedaa46a6d9b56676b
> 
> I also used cme update dpkg-copyright command and license-reconcile.
> 
> Just tell me if it's ok for you and I'll ask my DD to re-upload it.
> 
> Best regards,
> 
> Stephane
> 
> 
> 2017-07-20 20:55 GMT+02:00 Chris Lamb :
> > Source: curvedns
> > Version: 0.87-1
> > Severity: serious
> > Justication: Policy 12.5
> > X-Debbugs-CC: NEVEU Stephane 
> >
> > Hi,
> >
> > I just ACCEPTed curvedns from NEW but noticed it was missing
> > attribution in debian/copyright for at least:
> >
> >   nacl/crypto_scalarmult/curve25519/donna_c64/smult.c
> >
> >
> > (This is not exhaustive so please check over the entire package
> > carefully and address these on your next upload.)
> >
> >
> > Regards,
> >
> > --
> >   ,''`.
> >  : :'  : Chris Lamb, Debian Project Leader
> >  `. `'`  la...@debian.org / chris-lamb.co.uk
> >`-


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb, Debian Project Leader
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#869132: curvedns: Incomplete debian/copyright?

2017-07-21 Thread Stéphane Neveu

Hi Chris,

Thank you for your review. I had a look at the entire package but I
did not see anything else.
I hope the copyright is fine now :
https://anonscm.debian.org/cgit/pkg-security/curvedns.git/commit/?id=dccc20efc28f4bfbf1d157bedaa46a6d9b56676b

I also used cme update dpkg-copyright command and license-reconcile.

Just tell me if it's ok for you and I'll ask my DD to re-upload it.

Best regards,

Stephane


2017-07-20 20:55 GMT+02:00 Chris Lamb :
> Source: curvedns
> Version: 0.87-1
> Severity: serious
> Justication: Policy 12.5
> X-Debbugs-CC: NEVEU Stephane 
>
> Hi,
>
> I just ACCEPTed curvedns from NEW but noticed it was missing
> attribution in debian/copyright for at least:
>
>   nacl/crypto_scalarmult/curve25519/donna_c64/smult.c
>
>
> (This is not exhaustive so please check over the entire package
> carefully and address these on your next upload.)
>
>
> Regards,
>
> --
>   ,''`.
>  : :'  : Chris Lamb, Debian Project Leader
>  `. `'`  la...@debian.org / chris-lamb.co.uk
>`-

Bug#869098: python2.7 2.7.13-4 causes EOFError breakage in python-sphinx

2017-07-21 Thread Matthias Klose

On 21.07.2017 09:43, Neil Williams wrote:
> On Thu, 20 Jul 2017 22:23:31 +0200
> Matthias Klose  wrote:
> 
>> On 20.07.2017 16:40, Neil Williams wrote:
>>> Package: python2.7
>>> Version: 2.7.13-4
>>> Severity: serious
>>> Justification: causes other packages to FTBFS
>>>
>>> With 2.7.13-4 installed, I am unable to build documentation as
>>> sphinx errors out:  
>>
>> please could you check if it builds with the debug interpreter?
>>
> 
> $ make SPHINXBUILD="python -m pdb 
> /usr/share/sphinx/scripts/python2/sphinx-build" -C doc/v2 html
> make: Entering directory '/home/neil/code/lava/lava-server/doc/v2'
> python -m pdb /usr/share/sphinx/scripts/python2/sphinx-build -b html -d 
> _build/doctrees  -n -j 4 . 

no, not debugging the standard interpreter, but using the debug interpreter,
calling python-dbg

Bug#869132: marked as done (curvedns: Incomplete debian/copyright?)

2017-07-21 Thread Debian Bug Tracking System

Your message dated Fri, 21 Jul 2017 11:18:51 +
with message-id 
and subject line Bug#869132: fixed in curvedns 0.87-2
has caused the Debian Bug report #869132,
regarding curvedns: Incomplete debian/copyright?
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
869132: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869132
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: curvedns
Version: 0.87-1
Severity: serious
Justication: Policy 12.5
X-Debbugs-CC: NEVEU Stephane 

Hi,

I just ACCEPTed curvedns from NEW but noticed it was missing 
attribution in debian/copyright for at least:

  nacl/crypto_scalarmult/curve25519/donna_c64/smult.c


(This is not exhaustive so please check over the entire package 
carefully and address these on your next upload.)


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb, Debian Project Leader
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-
--- End Message ---
--- Begin Message ---
Source: curvedns
Source-Version: 0.87-2

We believe that the bug you reported is fixed in the latest version of
curvedns, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 869...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
NEVEU Stephane  (supplier of updated curvedns package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 21 Jul 2017 12:38:34 +0200
Source: curvedns
Binary: curvedns
Architecture: source
Version: 0.87-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Security Tools Packaging Team 

Changed-By: NEVEU Stephane 
Description:
 curvedns   - DNS/DNSCurve forwarding name server - binaries
Closes: 869132
Changes:
 curvedns (0.87-2) unstable; urgency=medium
 .
   * Update copyright file (Closes:#869132)
Checksums-Sha1:
 647dcd52e60c1e40f763c8dd9cfad379c12ee9e1 1903 curvedns_0.87-2.dsc
 bf18d5c55a39a79a7a86c1e1936c09339872d765 8504 curvedns_0.87-2.debian.tar.xz
Checksums-Sha256:
 5b62b163592bcaf2361128b50400402483cc828d20ebc7e7e4d37d16fcb6a44f 1903 
curvedns_0.87-2.dsc
 899e74099a869a98615a7823cacf2f320f23885c22f960beeb5e8c9d939f2571 8504 
curvedns_0.87-2.debian.tar.xz
Files:
 763f5d1e4386b0bb1d58b981d059be0f 1903 net standard curvedns_0.87-2.dsc
 d019350124aed68e160a3e45c1ab3ed5 8504 net standard 
curvedns_0.87-2.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQIcBAEBCAAGBQJZceHVAAoJEPNPCXROn13ZE2gP/2H9cM04M0HNhqlV/9sXWUqg
vNensz2dM0iX7hHuFt56hw0ueF/Kj9sl0vqllOVYuKLOacB0LMKN2qzzBKk8zYlO
KvVPv7GUgFL5HkFseIVkAgQEXMFl4PNy9uI1EA1GR2UhqHFnXqca4m6bDdVtdTXV
/Lt+UbBdVeVaimq2iBeU3g7vHmUOYLNnMlzuUfnPKb8ubtEM4AXfWRZDZGpTgizx
v/0lYKweM9lZrS4WhFZ92AHrMMFOIAEQZlFmmTUMaeGvAIjASn9grvqqjrZ5XVKA
n4oYcetUu8ibfar09pebtOwBRBNbe2wZWUYd5mzBsRzTWftX1R/eF9M285+qzlRd
gGDZ4DQod9eGDId7W0PMWdaKrEhHkCG2hH0YNJqP4oog9XCrp0kV+l4SMI6AIR68
28+m6E/ZttRHXHlnAbyuXuukH4zkliLAp4X2XNfeMf7Kgb+pLBcu7d0lEPwbcvdJ
5dLWHD+cOJov/f2azDDByL62hakEKb861GiqF3tpN6BEh+k9PJKzzRM4ypRgdBew
fa8tW1cOzXJ9iuV2Kk646wN8rz8D5xLQcsv1rqlj/dYZELuFCFXxsLa6Ivj8lhi7
UryQKLb4t7mhPLK+ljkslYrP5UCAwhl6jxVQDHm5ta4MwEMERi28zGb4+W6uDfQG
YPuYlcJ7uDLOrjQiOubw
=O1Fz
-END PGP SIGNATURE End Message ---

Bug#869186: mutt: Install missing required dependencies (libxapian30)

2017-07-21 Thread Boruch Baum

Subject: mutt: Install missing required dependencies (libxapian30)
Package: mutt
Version: 1.7.2-1
Severity: serious

Dear Maintainer,

Upon upgrading `mutt' from the stable to testing repositories, mutt
ceased to function, offering the following error message:

   #+BEGIN_SRC conf
   mutt: symbol lookup error:  /usr/lib/x86_64-linux-gnu/libnotmuch.so.4:
   undefined symbol:
_ZN6Xapian9Compactor26resolve_duplicate_metadataERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEmPS7_
   #+End_SRC

Performing the following fixed the problem for me:

   #+BEGIN_SRC conf
   apt-get install libxapian30

   The following packages will be upgraded:
 libxapian-dev libxapian30 xapian-tools
   #+END_SRC


-- Package-specific info:
NeoMutt 20170113 (1.7.2)
Copyright (C) 1996-2016 Michael R. Elkins and others.
Mutt comes with ABSOLUTELY NO WARRANTY; for details type `mutt -vv'.
Mutt is free software, and you are welcome to redistribute it
under certain conditions; type `mutt -vv' for details.

System: Linux 4.9.0-2-grsec-amd64 (x86_64)
libidn: 1.29 (compiled with 1.33)
hcache backends: tokyocabinet

Compiler:
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/6/lto-wrapper
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Debian 6.3.0-2' 
--with-bugurl=file:///usr/share/doc/gcc-6/README.Bugs 
--enable-languages=c,ada,c++,java,go,d,fortran,objc,obj-c++ --prefix=/usr 
--program-suffix=-6 --program-prefix=x86_64-linux-gnu- --enable-shared 
--enable-linker-build-id --libexecdir=/usr/lib --without-included-gettext 
--enable-threads=posix --libdir=/usr/lib --enable-nls --with-sysroot=/ 
--enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes 
--with-default-libstdcxx-abi=new --enable-gnu-unique-object 
--disable-vtable-verify --enable-libmpx --enable-plugin --enable-default-pie 
--with-system-zlib --disable-browser-plugin --enable-java-awt=gtk 
--enable-gtk-cairo --with-java-home=/usr/lib/jvm/java-1.5.0-gcj-6-amd64/jre 
--enable-java-home --with-jvm-root-dir=/usr/lib/jvm/java-1.5.0-gcj-6-amd64 
--with-jvm-jar-dir=/usr/lib/jvm-exports/java-1.5.0-gcj-6-amd64 
--with-arch-directory=amd64 --with-ecj-jar=/usr/share/java/eclipse-ecj.jar 
--with-target-system-zlib --enable-objc-gc=auto --enable-multiarch 
--with-arch-32=i686 --with-abi=m64 --with-multilib-list=m32,m64,mx32 
--enable-multilib --with-tune=generic --enable-checking=release 
--build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu
Thread model: posix
gcc version 6.3.0 20161229 (Debian 6.3.0-2)

Configure options: '--build=x86_64-linux-gnu' '--prefix=/usr' 
'--includedir=\${prefix}/include' '--mandir=\${prefix}/share/man' 
'--infodir=\${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' 
'--disable-silent-rules' '--libdir=\${prefix}/lib/x86_64-linux-gnu' 
'--libexecdir=\${prefix}/lib/x86_64-linux-gnu' '--disable-maintainer-mode' 
'--disable-dependency-tracking' '--with-mailpath=/var/mail' 
'--enable-compressed' '--enable-debug' '--enable-fcntl' '--enable-hcache' 
'--enable-gpgme' '--enable-imap' '--enable-smtp' '--enable-pop' 
'--enable-sidebar' '--enable-nntp' '--enable-notmuch' '--disable-fmemopen' 
'--with-curses' '--with-gnutls' '--with-gss' '--with-idn' '--with-mixmaster' 
'--with-sasl' '--without-gdbm' '--without-bdb' '--without-qdbm' 
'--with-tokyocabinet' 'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 
-fdebug-prefix-map=/build/mutt-K2ak0h/mutt-1.7.2=. -fstack-protector-strong 
-Wformat -Werror=format-security' 'LDFLAGS=-Wl,-z,relro -Wl,-z,now' 
'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2'

Compilation CFLAGS: -Wall -pedantic -Wno-long-long -g -O2 
-fdebug-prefix-map=/build/mutt-K2ak0h/mutt-1.7.2=. -fstack-protector-strong 
-Wformat -Werror=format-security -fno-delete-null-pointer-checks

Compile options:
+CRYPT_BACKEND_CLASSIC_PGP +CRYPT_BACKEND_CLASSIC_SMIME +CRYPT_BACKEND_GPGME
+DEBUG +DL_STANDALONE +ENABLE_NLS -EXACT_ADDRESS -HOMESPOOL -LOCALES_HACK
-SUN_ATTACHMENT +HAVE_BKGDSET +HAVE_COLOR +HAVE_CURS_SET +HAVE_FUTIMENS
+HAVE_GETADDRINFO +HAVE_GETSID +HAVE_ICONV +HAVE_LANGINFO_CODESET
+HAVE_LANGINFO_YESEXPR +HAVE_LIBIDN +HAVE_META +HAVE_REGCOMP +HAVE_RESIZETERM
+HAVE_START_COLOR +HAVE_TYPEAHEAD +HAVE_WC_FUNCS +ICONV_NONTRANS
+USE_COMPRESSED +USE_DOTLOCK +USE_FCNTL -USE_FLOCK -USE_FMEMOPEN -USE_GNU_REGEX
+USE_GSS +USE_HCACHE +USE_IMAP +USE_NOTMUCH +USE_NNTP +USE_POP +USE_SASL
+USE_SETGID +USE_SIDEBAR +USE_SMTP +USE_SSL_GNUTLS -USE_SSL_OPENSSL
-DOMAIN
MIXMASTER="mixmaster"
-ISPELL
SENDMAIL="/usr/sbin/sendmail"
MAILPATH="/var/mail"
PKGDATADIR="/usr/share/mutt"
SYSCONFDIR="/etc"
EXECSHELL="/bin/sh"

patch-attach-headers-color-neomutt
patch-compose-to-sender-neomutt
patch-compress-neomutt
patch-cond-date-neomutt
patch-encrypt-to-self-neomutt
patch-fmemopen-neomutt
patch-forgotten-attachments-neomutt
patch-forwref-neomutt
patch-ifdef-neomutt
patch-index-color-neomutt
patch-initials-neomutt
patch-keywords-neomutt
patch-kyoto-neomutt

Processed: found 865678 in 1.6.0-1

2017-07-21 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> found 865678 1.6.0-1
Bug #865678 {Done: Yves-Alexis Perez } [src:knot] knot: 
CVE-2017-11104: Improper TSIG validity period check can allow TSIG forgery
Marked as found in versions knot/1.6.0-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
865678: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865678
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#869132: marked as pending

2017-07-21 Thread Stephane Neveu

tag 869132 pending
thanks

Hello,

Bug #869132 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:

https://anonscm.debian.org/cgit/pkg-security/curvedns.git/commit/?id=8c89cc8

---
commit 8c89cc85f59549bbea2295f008d8bc4109e1071b
Author: Stephane Neveu 
Date:   Fri Jul 21 12:44:35 2017 +0200

update copyright file (Closes:#869132)

diff --git a/debian/changelog b/debian/changelog
index cb9df30..ac4d832 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+curvedns (0.87-2) unstable; urgency=medium
+
+  * Update copyright file (Closes:#869132)
+
+ -- NEVEU Stephane   Fri, 21 Jul 2017 12:38:34 +0200
+
 curvedns (0.87-1) unstable; urgency=medium
 
   * Initial release (Closes: #655220)

Processed: Bug#869132 marked as pending

2017-07-21 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> tag 869132 pending
Bug #869132 [src:curvedns] curvedns: Incomplete debian/copyright?
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
869132: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869132
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Fixed upstream

2017-07-21 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> tags 840748 - moreinfo
Bug #840748 [edb] edb: install script failed for emacs25 because of :indent 
keyword
Removed tag(s) moreinfo.
> tags 840748 fixed-upstream
Bug #840748 [edb] edb: install script failed for emacs25 because of :indent 
keyword
Added tag(s) fixed-upstream.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
840748: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840748
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#869180: src:hydrogen-drumkits: source contains unlicensed material (bogusly treated as GPL-2)

2017-07-21 Thread Jonas Smedegaard

Control: retitle -1 src:hydrogen-drumkits: Some sources lack licensing

Quoting James Cowgill (2017-07-21 11:56:15)
> On 21/07/17 10:49, Jonas Smedegaard wrote:
> > Package: src:hydrogen-drumkits
> > Version: 2015.09.28-1
> > Severity: serious
> > Justification: Policy 2.2.1
> > 
> > These drumkits are in upstream metadata listed _without_ license:
> > 
> > ColomboAcousticDrumkit (sf)
> > EasternHop (sf)
> > Electric Empire (sf)
> > HardElectro (sf)
> > HipHop-1 (sf)
> > HipHop-2 (sf)
> > Millo's MultiLayered 2 (sf)
> > Synthie-1 (sf)
> > VariBreaks (sf)
> > 
> > In Debian copyright file those are listed as licensed GPL-2.
> 
> The fact that the metadata doesn't contain a license, does not imply 
> that these files are not GPL-2. Have you actually checked the license 
> of any of these?

The issue here is that information about licensing is unavailable in the 
source package.  Title now rephrased to not avoid assumption.

If licensing is based on external information and/or guesswork, then 
that should be documented in debian/copyright.


> For instance, a brief google search seems to indicate that the first one
> on your list (ColomboAcousticDrumkit) is GPL-2 licensed:
> http://freepats.zenvoid.org/Percussion/acoustic-drum-kit.html

Thanks for the valuable info - now added to debian/copyright.

Do you have similar info for the other sources?


 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private


signature.asc
Description: signature

Processed: Re: Bug#869180: src:hydrogen-drumkits: source contains unlicensed material (bogusly treated as GPL-2)

2017-07-21 Thread Debian Bug Tracking System

Processing control commands:

> retitle -1 src:hydrogen-drumkits: Some sources lack licensing
Bug #869180 [src:hydrogen-drumkits] src:hydrogen-drumkits: source contains 
unlicensed material (bogusly treated as GPL-2)
Changed Bug title to 'src:hydrogen-drumkits: Some sources lack licensing' from 
'src:hydrogen-drumkits: source contains unlicensed material (bogusly treated as 
GPL-2)'.

-- 
869180: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869180
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#866026: volunteer for pygpgme to python[3]-gpg pivot

2017-07-21 Thread Mike Gabriel


HI Paul

On  Mi 12 Jul 2017 19:09:59 CEST, draeath wrote:


Thanks Mike.

I'm working on the refactor. It'll take me some time to get it done, but
I've absorbed what it's doing and how to accomplish it with the new
bindings.

As soon as I have it tested and verified to work with the other patches,
I'll send it your way. Will you handle the changes to the control file,
quilt, etc, once you've got it in your hands?

I also noticed an error potentially further down in the as-installed
script, line 1395. urllib is not imported (urllib2 is, and doesn't have a
declaration for _urlopener) and DropboxURLopener isn't declared anywhere
that I can see. I wonder if this is proxy code is even utilized?

One final question. The public key has a URL commented above it. They do
not match currently. Leave the key as is, or include the new public key?

Thanks,
Paul Bransford


Thanks for providing this patch. I have been afk for the last two  
weeks forcefully, due to illness.


Trying to catch up with things now... I'll forward your patch to  
upstream (if they haven't spotted it, yet).


Greets,
Mike
--

DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
mobile: +49 (1520) 1976 148
landline: +49 (4354) 8390 139

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de



pgpGy2o6LurM7.pgp
Description: Digitale PGP-Signatur

Bug#869180: src:hydrogen-drumkits: source contains unlicensed material (bogusly treated as GPL-2)

2017-07-21 Thread James Cowgill

Hi,

On 21/07/17 10:49, Jonas Smedegaard wrote:
> Package: src:hydrogen-drumkits
> Version: 2015.09.28-1
> Severity: serious
> Justification: Policy 2.2.1
> 
> These drumkits are in upstream metadata listed _without_ license:
> 
> ColomboAcousticDrumkit (sf)
> EasternHop (sf)
> Electric Empire (sf)
> HardElectro (sf)
> HipHop-1 (sf)
> HipHop-2 (sf)
> Millo's MultiLayered 2 (sf)
> Synthie-1 (sf)
> VariBreaks (sf)
> 
> In Debian copyright file those are listed as licensed GPL-2.

The fact that the metadata doesn't contain a license, does not imply
that these files are not GPL-2. Have you actually checked the license of
any of these?

For instance, a brief google search seems to indicate that the first one
on your list (ColomboAcousticDrumkit) is GPL-2 licensed:
http://freepats.zenvoid.org/Percussion/acoustic-drum-kit.html

James



signature.asc
Description: OpenPGP digital signature

Bug#869181: librospack-dev: Incorrect libtinyxml dependency

2017-07-21 Thread Adrian Bunk

Package: librospack-dev
Version: 2.4.1-1
Severity: serious
Control: affects -1 src:ros-pluginlib src:ros-resource-retriever

$ pkg-config --libs rospack
-lrospack -l:/usr/lib/x86_64-linux-gnu/libpython2.7.so 
-l:/usr/lib/x86_64-linux-gnu/libboost_filesystem.so 
-l:/usr/lib/x86_64-linux-gnu/libboost_program_options.so 
-l:/usr/lib/x86_64-linux-gnu/libboost_system.so 
-l:/usr/lib/x86_64-linux-gnu/libtinyxml2.so
$

libtinyxml2.so is in libtinyxml2-dev, but librospack-dev
still depends on libtinyxml-dev.

Processed: librospack-dev: Incorrect libtinyxml dependency

2017-07-21 Thread Debian Bug Tracking System

Processing control commands:

> affects -1 src:ros-pluginlib src:ros-resource-retriever
Bug #869181 [librospack-dev] librospack-dev: Incorrect libtinyxml dependency
Added indication that 869181 affects src:ros-pluginlib and 
src:ros-resource-retriever

-- 
869181: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869181
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: fixed 865678 in knot/2.5.3-1

2017-07-21 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> fixed 865678 knot/2.5.3-1
Bug #865678 {Done: Yves-Alexis Perez } [src:knot] knot: 
CVE-2017-11104: Improper TSIG validity period check can allow TSIG forgery
The source knot and version 2.5.3-1 do not appear to match any binary packages
Marked as fixed in versions knot/2.5.3-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
865678: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865678
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#869180: src:hydrogen-drumkits: source contains unlicensed material (bogusly treated as GPL-2)

2017-07-21 Thread Jonas Smedegaard

Package: src:hydrogen-drumkits
Version: 2015.09.28-1
Severity: serious
Justification: Policy 2.2.1

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

These drumkits are in upstream metadata listed _without_ license:

ColomboAcousticDrumkit (sf)
EasternHop (sf)
Electric Empire (sf)
HardElectro (sf)
HipHop-1 (sf)
HipHop-2 (sf)
Millo's MultiLayered 2 (sf)
Synthie-1 (sf)
VariBreaks (sf)

In Debian copyright file those are listed as licensed GPL-2.

 - Jonas

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAllxzkMACgkQLHwxRsGg
ASElKBAApwwOF1ii7YQvV3qaTvt6MwfMUkARW4+FII9CEsqf2UQEbNUwm7oN07jL
4faAXhQ94Xdb1NwmTKmq82QmmD9y8MuaEps8EvfLn5cvML21+54Kwr5upt8uEnF+
wKFKD/6nRqab8qGnu0u6cryGKFLE6jyV7dEGYrh4NB0DKcpv6f322c970v9p9wqK
tx8hBklGm+cWH9aZ/91avuAQJQ/wLhEESKohWTGfUSWQJn6bw0gEgqw+xI1QCi04
L+6brY7cck5T0ZomebDOfCcm05fshBsi7XuYxL4WnVtDGcwiDWkhEvTIDXcVPUbN
WzVyhn78e1aCtZ5wGT73OmaJXMhHzM1N3dRxg9JY+uB2I6uA65bxIj6EAkxXDMge
3lZUgO6ETSQS250AH4k2jcEMC6FPIK/KEEI7iWWa/7jIvT7uhM3cchs2fQZXxFLy
EgL2RCn/sGtPHvaefCyMNYFPhZDcGYPeGCONKPzg9y+K35iihc7BM0KmVwHSUQ9r
ScaUdOuUWUg9RocpAEKbVTxkn5E0ygrtH7eIb/GBK/qJVoRh1+xKOjp9BqYgHVHe
eGsEvSV1WIACzc3XU8uLa0NmInPbSGtKNMGbfT7MCrrtwtSSEFsuoHL4pRcibs1v
Z3ooVdnfz9K4Serzd4+o2+2E9ZBrpyQ9L3CDuLlHwEV0Hkn1lSM=
=YS/0
-END PGP SIGNATURE-

Bug#869176: itamae: FTBFS: can't satisfy 'net-ssh (< 4.0, >= 2.7)', already activated 'net-ssh-4.1.0' (Gem::LoadError)

2017-07-21 Thread Lucas Nussbaum

Source: itamae
Version: 1.9.10-1
Severity: serious
Tags: buster sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20170721 qa-ftbfs
Justification: FTBFS on amd64

Hi,

During a rebuild of all packages in sid, your package failed to build on
amd64.

Relevant part (hopefully):
> /usr/bin/ruby2.3 /usr/bin/gem2deb-test-runner
> 
> ┌──┐
> │ Checking Rubygems dependency resolution on ruby2.3  
>  │
> └──┘
> 
> GEM_PATH=debian/itamae/usr/share/rubygems-integration/all:/var/lib/gems/2.3.0:/usr/lib/x86_64-linux-gnu/rubygems-integration/2.3.0:/usr/share/rubygems-integration/2.3.0:/usr/share/rubygems-integration/all
>  ruby2.3 -e gem\ \"itamae\"
> /usr/lib/ruby/2.3.0/rubygems/specification.rb:1436:in `block in 
> activate_dependencies': can't satisfy 'net-ssh (< 4.0, >= 2.7)', already 
> activated 'net-ssh-4.1.0' (Gem::LoadError)
>   from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1428:in `each'
>   from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1428:in 
> `activate_dependencies'
>   from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1410:in `activate'
>   from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1442:in `block in 
> activate_dependencies'
>   from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1428:in `each'
>   from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1428:in 
> `activate_dependencies'
>   from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1410:in `activate'
>   from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_gem.rb:68:in `block 
> in gem'
>   from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_gem.rb:67:in 
> `synchronize'
>   from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_gem.rb:67:in `gem'
>   from -e:1:in `'
> ansi (1.5.0)
> asciidoctor (1.5.5)
> bcrypt_pbkdf (1.0.0)
> bigdecimal (1.2.8)
> did_you_mean (1.0.0)
> diff-lcs (1.3)
> fakefs (0.6.7)
> ffi (1.9.10)
> hashie (3.4.4)
> io-console (0.4.5)
> json (1.8.3)
> minitest (5.10.2)
> net-scp (1.2.1)
> net-ssh (4.1.0)
> net-telnet (0.1.1)
> power_assert (0.2.7)
> psych (2.1.0)
> rake (12.0.0)
> rbnacl (5.0.0)
> rdoc (4.2.1)
> rspec (3.5.0)
> rspec-core (3.5.3)
> rspec-expectations (3.5.0)
> rspec-mocks (3.5.0)
> rspec-support (3.5.0)
> schash (0.1.2)
> specinfra (2.66.0)
> test-unit (3.2.5)
> thor (0.19.4)
> thread_order (1.1.0)
> ERROR: Test "ruby2.3" failed.

The full build log is available from:
   http://aws-logs.debian.net/2017/07/21/itamae_1.9.10-1_unstable.log

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on EC2 VM instances from
Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
failed build was retried once to eliminate random failures.

Bug#869178: test-kitchen: FTBFS: can't satisfy 'net-ssh (< 4.0, >= 2.9)', already activated 'net-ssh-4.1.0' (Gem::LoadError)

2017-07-21 Thread Lucas Nussbaum

Source: test-kitchen
Version: 1.11.1-1
Severity: serious
Tags: buster sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20170721 qa-ftbfs
Justification: FTBFS on amd64

Hi,

During a rebuild of all packages in sid, your package failed to build on
amd64.

Relevant part (hopefully):
> /usr/bin/ruby2.3 /usr/bin/gem2deb-test-runner
> 
> ┌──┐
> │ Checking Rubygems dependency resolution on ruby2.3  
>  │
> └──┘
> 
> fatal: Not a git repository (or any of the parent directories): .git
> GEM_PATH=debian/test-kitchen/usr/share/rubygems-integration/all:/var/lib/gems/2.3.0:/usr/lib/x86_64-linux-gnu/rubygems-integration/2.3.0:/usr/share/rubygems-integration/2.3.0:/usr/share/rubygems-integration/all
>  ruby2.3 -e gem\ \"test-kitchen\"
> /usr/lib/ruby/2.3.0/rubygems/specification.rb:1436:in `block in 
> activate_dependencies': can't satisfy 'net-ssh (< 4.0, >= 2.9)', already 
> activated 'net-ssh-4.1.0' (Gem::LoadError)
>   from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1428:in `each'
>   from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1428:in 
> `activate_dependencies'
>   from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1410:in `activate'
>   from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_gem.rb:68:in `block 
> in gem'
>   from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_gem.rb:67:in 
> `synchronize'
>   from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_gem.rb:67:in `gem'
>   from -e:1:in `'
> aruba (0.14.2)
> bcrypt_pbkdf (1.0.0)
> bigdecimal (1.2.8)
> blankslate (3.1.3)
> builder (3.2.2)
> childprocess (0.5.9)
> coderay (1.1.1)
> contracts (0.14.0)
> cucumber (2.4.0)
> cucumber-core (1.5.0)
> cucumber-wire (0.0.1)
> did_you_mean (1.0.0)
> diff-lcs (1.3)
> fakefs (0.6.7)
> ffi (1.9.10)
> gherkin (4.0.0)
> io-console (0.4.5)
> json (1.8.3)
> metaclass (0.0.4)
> method_source (0.8.2)
> minitest (5.10.2)
> mixlib-install (1.1.0)
> mixlib-shellout (2.2.6)
> mixlib-versioning (1.1.0)
> mocha (1.2.1)
> multi_json (1.12.1)
> multi_test (0.1.2)
> net-scp (1.2.1)
> net-ssh (4.1.0)
> net-ssh-gateway (1.2.0)
> net-telnet (0.1.1)
> power_assert (0.2.7)
> pry (0.10.3)
> psych (2.1.0)
> rake (12.0.0)
> rbnacl (5.0.0)
> rdoc (4.2.1)
> rspec-expectations (3.5.0)
> rspec-support (3.5.0)
> safe_yaml (1.0.4)
> test-unit (3.2.5)
> thor (0.19.4)
> ERROR: Test "ruby2.3" failed.

The full build log is available from:
   http://aws-logs.debian.net/2017/07/21/test-kitchen_1.11.1-1_unstable.log

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on EC2 VM instances from
Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
failed build was retried once to eliminate random failures.

Bug#869179: chef: FTBFS: Could not find 'net-ssh' (< 4.0, >= 2.9) - did find: [net-ssh-4.1.0] (Gem::LoadError)

2017-07-21 Thread Lucas Nussbaum

Source: chef
Version: 12.14.60-2
Severity: serious
Tags: buster sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20170721 qa-ftbfs
Justification: FTBFS on amd64

Hi,

During a rebuild of all packages in sid, your package failed to build on
amd64.

Relevant part (hopefully):
> /usr/bin/ruby2.3 /usr/bin/gem2deb-test-runner
> 
> ┌──┐
> │ Checking Rubygems dependency resolution on ruby2.3  
>  │
> └──┘
> 
> GEM_PATH=debian/ruby-chef-config/usr/share/rubygems-integration/all:debian/chef/usr/share/rubygems-integration/all:/var/lib/gems/2.3.0:/usr/lib/x86_64-linux-gnu/rubygems-integration/2.3.0:/usr/share/rubygems-integration/2.3.0:/usr/share/rubygems-integration/all
>  ruby2.3 -e gem\ \"chef\"
> /usr/lib/ruby/2.3.0/rubygems/dependency.rb:319:in `to_specs': Could not find 
> 'net-ssh' (< 4.0, >= 2.9) - did find: [net-ssh-4.1.0] (Gem::LoadError)
> Checked in 
> 'GEM_PATH=debian/ruby-chef-config/usr/share/rubygems-integration/all:debian/chef/usr/share/rubygems-integration/all:/var/lib/gems/2.3.0:/usr/lib/x86_64-linux-gnu/rubygems-integration/2.3.0:/usr/share/rubygems-integration/2.3.0:/usr/share/rubygems-integration/all',
>  execute `gem env` for more information
>   from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1439:in `block in 
> activate_dependencies'
>   from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1428:in `each'
>   from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1428:in 
> `activate_dependencies'
>   from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1410:in `activate'
>   from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_gem.rb:68:in `block 
> in gem'
>   from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_gem.rb:67:in 
> `synchronize'
>   from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_gem.rb:67:in `gem'
>   from -e:1:in `'
> addressable (2.4.0)
> bcrypt_pbkdf (1.0.0)
> bigdecimal (1.2.8)
> bundler (1.15.1)
> chef-config (12.14.60)
> chef-zero (5.1.1)
> cheffish (4.0.0)
> compat_resource (12.10.5)
> did_you_mean (1.0.0)
> diff-lcs (1.3)
> erubis (2.7.0)
> ffi (1.9.10)
> ffi-yajl (2.2.3)
> fuzzyurl (0.8.0)
> hashie (3.4.4)
> highline (1.7.8)
> iniparse (1.4.2)
> io-console (0.4.5)
> ipaddress (0.8.3)
> json (1.8.3)
> minitest (5.10.2)
> mixlib-archive (0.2.0)
> mixlib-authentication (1.4.1)
> mixlib-cli (1.7.0)
> mixlib-config (2.2.1)
> mixlib-log (1.7.1)
> mixlib-shellout (2.2.6)
> molinillo (0.5.0)
> multi_json (1.12.1)
> net-http-persistent (2.9.4)
> net-scp (1.2.1)
> net-sftp (2.1.2)
> net-ssh (4.1.0)
> net-ssh-gateway (1.2.0)
> net-ssh-multi (1.2.1)
> net-telnet (0.1.1)
> ohai (8.21.0)
> plist (3.2.0)
> power_assert (0.2.7)
> proxifier (1.0.3)
> psych (2.1.0)
> rack (1.6.4)
> rake (12.0.0)
> rbnacl (5.0.0)
> rdoc (4.2.1)
> rspec (3.5.0)
> rspec-core (3.5.3)
> rspec-expectations (3.5.0)
> rspec-its (1.2.0)
> rspec-mocks (3.5.0)
> rspec-support (3.5.0)
> serverspec (2.37.2)
> specinfra (2.66.0)
> syslog-logger (1.6.8)
> systemu (2.6.5)
> test-unit (3.2.5)
> thor (0.19.4)
> thread_order (1.1.0)
> uuidtools (2.1.5)
> ERROR: Test "ruby2.3" failed.

The full build log is available from:
   http://aws-logs.debian.net/2017/07/21/chef_12.14.60-2_unstable.log

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on EC2 VM instances from
Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
failed build was retried once to eliminate random failures.

Bug#869174: ruby-net-sftp: FTBFS: ERROR: Test "ruby2.3" failed: => 142: assert_raises(ArgumentError) { sftp.download("/path/to/remote", StringIO.new, :recursive => true) }

2017-07-21 Thread Lucas Nussbaum

Source: ruby-net-sftp
Version: 1:2.1.2-3
Severity: serious
Tags: buster sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20170721 qa-ftbfs
Justification: FTBFS on amd64

Hi,

During a rebuild of all packages in sid, your package failed to build on
amd64.

Relevant part (hopefully):
>   => 142: assert_raises(ArgumentError) { sftp.download("/path/to/remote", 
> StringIO.new, :recursive => true) }
>  143:   end
>  144: 
>  145:   private
> 
>  expected but was
> <TypeError()>
> 
> diff:
> ? ArgumentError
> ? Typ  ()
> ===
> : (0.006559)
> test_download_directory_with_progress_should_report_progress:.: (0.008648)
> test_download_file_should_transfer_remote_to_local:   .: (0.005581)
> test_download_file_should_transfer_remote_to_local_buffer:.: (0.005837)
> 
> test_download_file_should_transfer_remote_to_local_in_spite_of_fragmentation:.:
>  (0.003106)
> test_download_large_file_should_handle_too_large_read_size:.: (0.009755)
> test_download_large_file_should_transfer_remote_to_local:.: (0.017387)
> test_download_large_file_with_progress_should_report_progress:.: 
> (0.007272)
>   FileFactoryTest: 
> test_directory_should_be_false_for_non_directory: .: (0.000422)
> test_directory_should_be_true_for_directory:  .: (0.000312)
> test_open_with_block_should_close_file_even_if_exception_is_raised:.: 
> (0.000386)
> test_open_with_block_should_yield_and_close_handle:   .: (0.000339)
> test_open_without_block_should_return_new_file:   .: (0.000327)
>   FileOperationsTest: 
> test_close_should_close_handle_and_set_handle_to_nil:.: (0.000314)
> test_eof_should_be_false_if_at_eof_but_data_remains_in_buffer:.: 
> (0.000202)
> test_eof_should_be_true_if_at_eof_and_no_data_in_buffer:.: (0.000209)
> test_gets_at_EOF_should_return_nil:   .: (0.000218)
> test_gets_when_no_such_delimiter_exists_in_stream_should_read_to_EOF:.: 
> (0.000220)
> test_gets_with_argument_should_read_until_first_instance_of_argument:.: 
> (0.000217)
> test_gets_with_empty_argument_should_read_until_double_dollar_fslash:.: 
> (0.000220)
> test_gets_without_argument_should_read_until_first_dollar_fslash:.: 
> (0.000220)
> test_pos_assignment_should_reset_eof: .: (0.000213)
> test_pos_assignment_should_set_position:  .: (0.000105)
> test_print_with_arguments_should_write_all_arguments:.: (0.000326)
> 
> test_print_with_no_arguments_should_write_dollar_bslash_if_dollar_bslash_is_not_nil:.:
>  (0.000190)
> 
> test_print_with_no_arguments_should_write_nothing_if_dollar_bslash_is_nil:.: 
> (0.000206)
> test_puts_should_not_append_newline_if_argument_ends_in_newline:.: 
> (0.000479)
> test_puts_should_recursively_puts_array_arguments:.: (0.002200)
> test_read_after_pos_assignment_should_read_from_specified_position:.: 
> (0.000223)
> test_read_with_argument_should_read_and_return_n_bytes_and_set_pos:.: 
> (0.000206)
> 
> test_read_without_argument_should_read_and_return_remainder_of_file_and_set_pos:.:
>  (0.000212)
> test_readline_should_raise_exception_on_EOF:  .: (0.000238)
> test_stat_should_return_attributes_object_for_handle:.: (0.000211)
> test_write_after_pos_assignment_should_write_at_position:.: (0.000203)
> test_write_should_write_data_and_increment_pos_and_return_data_length:.: 
> (0.000213)
>   PacketTest: 
> test_packet_should_auto_read_type_byte:   .: (0.000196)
>   Protocol::TestBase: 
> test_parse_with_attrs_packet_should_delegate_to_parse_attrs_packet:.: 
> (0.000537)
> test_parse_with_data_packet_should_delegate_to_parse_data_packet:.: 
> (0.000821)
> test_parse_with_handle_packet_should_delegate_to_parse_handle_packet:.: 
> (0.000513)
> test_parse_with_name_packet_should_delegate_to_parse_name_packet:.: 
> (0.000389)
> test_parse_with_status_packet_should_delegate_to_parse_status_packet:.: 
> (0.000390)
> test_parse_with_unknown_packet_should_raise_exception:.: (0.000295)
>   Protocol::V01::TestAttributes: 
> test_attributes_to_s_should_build_binary_representation:.: (0.000273)
> 
> test_attributes_to_s_should_build_binary_representation_when_subset_is_present:.:
>  (0.000124)
> 
> test_attributes_to_s_with_owner_and_group_should_translate_to_uid_and_gid:.: 
> (0.000715)
> 
> test_from_buffer_should_correctly_parse_buffer_and_return_attribute_object:.: 
> (0.000216)
> 
> test_from_buffer_should_correctly_parse_b

Bug#869177: ruby-serverspec: FTBFS: can't satisfy 'net-ssh (< 4.0, >= 2.7)', already activated 'net-ssh-4.1.0' (Gem::LoadError)

2017-07-21 Thread Lucas Nussbaum

Source: ruby-serverspec
Version: 2.37.2-1
Severity: serious
Tags: buster sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20170721 qa-ftbfs
Justification: FTBFS on amd64

Hi,

During a rebuild of all packages in sid, your package failed to build on
amd64.

Relevant part (hopefully):
> Invalid gemspec in [serverspec.gemspec]: No such file or directory - git
> GEM_PATH=debian/ruby-serverspec/usr/share/rubygems-integration/all:/var/lib/gems/2.3.0:/usr/lib/x86_64-linux-gnu/rubygems-integration/2.3.0:/usr/share/rubygems-integration/2.3.0:/usr/share/rubygems-integration/all
>  ruby2.3 -e gem\ \"serverspec\"
> /usr/lib/ruby/2.3.0/rubygems/specification.rb:1436:in `block in 
> activate_dependencies': can't satisfy 'net-ssh (< 4.0, >= 2.7)', already 
> activated 'net-ssh-4.1.0' (Gem::LoadError)
>   from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1428:in `each'
>   from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1428:in 
> `activate_dependencies'
>   from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1410:in `activate'
>   from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1442:in `block in 
> activate_dependencies'
>   from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1428:in `each'
>   from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1428:in 
> `activate_dependencies'
>   from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1410:in `activate'
>   from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_gem.rb:68:in `block 
> in gem'
>   from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_gem.rb:67:in 
> `synchronize'
>   from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_gem.rb:67:in `gem'
>   from -e:1:in `'
> bcrypt_pbkdf (1.0.0)
> bigdecimal (1.2.8)
> did_you_mean (1.0.0)
> diff-lcs (1.3)
> ffi (1.9.10)
> io-console (0.4.5)
> json (1.8.3)
> minitest (5.10.2)
> multi_json (1.12.1)
> net-scp (1.2.1)
> net-ssh (4.1.0)
> net-telnet (0.1.1)
> power_assert (0.2.7)
> psych (2.1.0)
> rake (12.0.0)
> rbnacl (5.0.0)
> rdoc (4.2.1)
> rspec (3.5.0)
> rspec-core (3.5.3)
> rspec-expectations (3.5.0)
> rspec-its (1.2.0)
> rspec-mocks (3.5.0)
> rspec-support (3.5.0)
> specinfra (2.66.0)
> test-unit (3.2.5)
> thread_order (1.1.0)
> ERROR: Test "ruby2.3" failed: 

The full build log is available from:
   http://aws-logs.debian.net/2017/07/21/ruby-serverspec_2.37.2-1_unstable.log

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on EC2 VM instances from
Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
failed build was retried once to eliminate random failures.

Bug#869175: ruby-specinfra: FTBFS: can't satisfy 'net-ssh (< 4.0, >= 2.7)', already activated 'net-ssh-4.1.0' (Gem::LoadError)

2017-07-21 Thread Lucas Nussbaum

Source: ruby-specinfra
Version: 2.66.0-1
Severity: serious
Tags: buster sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20170721 qa-ftbfs
Justification: FTBFS on amd64

Hi,

During a rebuild of all packages in sid, your package failed to build on
amd64.

Relevant part (hopefully):
> Invalid gemspec in [specinfra.gemspec]: No such file or directory - git
> GEM_PATH=debian/ruby-specinfra/usr/share/rubygems-integration/all:/var/lib/gems/2.3.0:/usr/lib/x86_64-linux-gnu/rubygems-integration/2.3.0:/usr/share/rubygems-integration/2.3.0:/usr/share/rubygems-integration/all
>  ruby2.3 -e gem\ \"specinfra\"
> /usr/lib/ruby/2.3.0/rubygems/specification.rb:1436:in `block in 
> activate_dependencies': can't satisfy 'net-ssh (< 4.0, >= 2.7)', already 
> activated 'net-ssh-4.1.0' (Gem::LoadError)
>   from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1428:in `each'
>   from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1428:in 
> `activate_dependencies'
>   from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1410:in `activate'
>   from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_gem.rb:68:in `block 
> in gem'
>   from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_gem.rb:67:in 
> `synchronize'
>   from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_gem.rb:67:in `gem'
>   from -e:1:in `'
> bcrypt_pbkdf (1.0.0)
> bigdecimal (1.2.8)
> bundler (1.15.1)
> did_you_mean (1.0.0)
> diff-lcs (1.3)
> ffi (1.9.10)
> io-console (0.4.5)
> json (1.8.3)
> minitest (5.10.2)
> molinillo (0.5.0)
> net-http-persistent (2.9.4)
> net-scp (1.2.1)
> net-ssh (4.1.0)
> net-telnet (0.1.1)
> power_assert (0.2.7)
> psych (2.1.0)
> rake (12.0.0)
> rbnacl (5.0.0)
> rdoc (4.2.1)
> rspec (3.5.0)
> rspec-core (3.5.3)
> rspec-expectations (3.5.0)
> rspec-its (1.2.0)
> rspec-mocks (3.5.0)
> rspec-support (3.5.0)
> test-unit (3.2.5)
> thor (0.19.4)
> thread_order (1.1.0)
> ERROR: Test "ruby2.3" failed: 

The full build log is available from:
   http://aws-logs.debian.net/2017/07/21/ruby-specinfra_2.66.0-1_unstable.log

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on EC2 VM instances from
Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
failed build was retried once to eliminate random failures.

Bug#868863: marked as done (django-guardian FTBFS with sphinx 1.5.6-2)

2017-07-21 Thread Debian Bug Tracking System

Your message dated Fri, 21 Jul 2017 09:04:16 +
with message-id 
and subject line Bug#868863: fixed in django-guardian 1.4.9-2
has caused the Debian Bug report #868863,
regarding django-guardian FTBFS with sphinx 1.5.6-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
868863: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868863
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: django-guardian
Version: 1.4.9-1
Severity: serious

https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/django-guardian.html

...
make[2]: Leaving directory '/build/1st/django-guardian-1.4.9/docs'
# rename file license.txt
mv -f /build/1st/django-guardian-1.4.9/docs/build/html/_sources/license.txt \
/build/1st/django-guardian-1.4.9/docs/build/html/_sources/lic.txt 
mv: cannot stat 
'/build/1st/django-guardian-1.4.9/docs/build/html/_sources/license.txt': No 
such file or directory
debian/rules:9: recipe for target 'override_dh_auto_build' failed
make[1]: *** [override_dh_auto_build] Error 1
--- End Message ---
--- Begin Message ---
Source: django-guardian
Source-Version: 1.4.9-2

We believe that the bug you reported is fixed in the latest version of
django-guardian, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 868...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Brian May  (supplier of updated django-guardian package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 21 Jul 2017 18:25:42 +1000
Source: django-guardian
Binary: python-django-guardian python3-django-guardian 
python-django-guardian-doc
Architecture: source all
Version: 1.4.9-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Modules Team 

Changed-By: Brian May 
Description:
 python-django-guardian - per object permissions of django
 python-django-guardian-doc - per object permissions of django (documentation)
 python3-django-guardian - per object permissions of django for Python3
Closes: 868863
Changes:
 django-guardian (1.4.9-2) unstable; urgency=medium
 .
   * Remove license.txt kludge. Closes: #868863.
Checksums-Sha1:
 438bfff9831cda42ce992bfcb2c26823569686f0 2667 django-guardian_1.4.9-2.dsc
 2ddae7532cbb3976fa148ef3a13945bf85d5a2b9 152433 
django-guardian_1.4.9.orig.tar.gz
 a2b21bdb4e0cb86d6f5960ab4d7bc2b5ec8c3449 34944 
django-guardian_1.4.9-2.debian.tar.xz
 ed44ce4b46f33d508127558b82f3cad32f090dd0 8713 
django-guardian_1.4.9-2_i386.buildinfo
 ce11728a267bb30c2d0ac7350448e65f69f8b352 1397306 
python-django-guardian-doc_1.4.9-2_all.deb
 d8c26ce6e841bbbdd1b8db043e3ac7c434b410b5 61866 
python-django-guardian_1.4.9-2_all.deb
 b564be71b537b50c802d4c4104319f1a333465ae 60526 
python3-django-guardian_1.4.9-2_all.deb
Checksums-Sha256:
 82116bce12e0dbe78afaf3661fb9a423dc963fbb543a600ba5ecdc26aea27f95 2667 
django-guardian_1.4.9-2.dsc
 c3c0ab257c9d94ce154b9ee32994e3cff8b350c384040705514e14a9fb7c8191 152433 
django-guardian_1.4.9.orig.tar.gz
 3ff14d2d8c4cc523a39d91b90ff6d91b1c56ac12a5b9231ecc40b8799f0501c1 34944 
django-guardian_1.4.9-2.debian.tar.xz
 0ae52c305fa01d3c45a83a15f608a9ea7770ed516d49c89289a90b003600f016 8713 
django-guardian_1.4.9-2_i386.buildinfo
 ca3180b76f0c119b06d0fb410a54e2e5ea342af346035662e7ffcdc2a56b3690 1397306 
python-django-guardian-doc_1.4.9-2_all.deb
 240134ee6929049030f9e0c4b2e32c4f3820ddc3d1421944533e356b2b4d893a 61866 
python-django-guardian_1.4.9-2_all.deb
 273bc7f8c2392617d75ecca54c4963f16d842debf8b03355a8da125883a3c5b1 60526 
python3-django-guardian_1.4.9-2_all.deb
Files:
 e9aa57eb5d47655e41558da4d017fe50 2667 python optional 
django-guardian_1.4.9-2.dsc
 4341992d30a7793ab3d6f75f2d7f8d35 152433 python optional 
django-guardian_1.4.9.orig.tar.gz
 6700716d8eb5a40a25aa34d60cf3c03b 34944 python optional 
django-guardian_1.4.9-2.debian.tar.xz
 f87f95200f09b502cbe313c2d3fda618 8713 python optional 
django-guardian_1.4.9-2_i386.buildinfo
 511a27965d39e7dff79c695de324242d 1397306 doc optional 
python-django-guardian-doc_1.4.9-2_all.deb
 2bd227ec881ded806533536b37fd7ec7 61866

Bug#869161: libreoffice-base crashes with code 139 when creating a new base or opening an existing one

2017-07-21 Thread Rene Engelhard

reassign 869161 src:linux
severity 865303 grave
forcemerge 865303 869161
affects 869161 libreoffice-base
thanks

Hi,

On Fri, Jul 21, 2017 at 10:00:15AM +0200, thierry wrote:
> I have just upgraded from Jessie to Stretch and libreoffice-base always 
> crashes when creating a new file or opening a file created with Jessie.
> strace shows an error code 139

Backtrace please?

I believe you ran into

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865303
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865866
https://lwn.net/Articles/727206/

and more (e.g. the LO build on i386 also is affected when running its
tests)

Short: Anything using Java in LO will crash on i386 after the Stack Clash
security fixes which happened after the stretch release.

> -- System Information:
> Debian Release: 9.0
>   APT prefers unstable
>   APT policy: (500, 'unstable'), (500, 'stable')
> Architecture: i386 (i686)

You might want to use amd64...

Anyways: Reassigning to the kernel.

Regards,

Rene

1 2 >

1 - 100 of 112 matches

Mail list logo