Bug#903788: znc: path traversal flaw
Control: retitle -1 znc: CVE-2018-14056: path traversal flaw On Sat, Jul 14, 2018 at 10:02:58PM +0200, Salvatore Bonaccorso wrote: > Source: znc > Version: 0.045-1 > Severity: grave > Tags: patch security upstream > Justification: user security hole > > Hi > > See https://github.com/znc/znc/commit/a4a5aeeb17d32937d8c7d743dae9a4cc755ce773 > allowing path traversal and can lead to expose some files which > shouldn't be, or potentially lead to a crash. This issue has been assigned CVE-2018-14056. Regards, Salvatore
Processed: Re: Bug#903788: znc: path traversal flaw
Processing control commands: > retitle -1 znc: CVE-2018-14056: path traversal flaw Bug #903788 [src:znc] znc: path traversal flaw Changed Bug title to 'znc: CVE-2018-14056: path traversal flaw' from 'znc: path traversal flaw'. -- 903788: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903788 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#903787: znc: privilege escalation to admin permission (injection of rogue values in znc.conf)
Processing control commands: > retitle -1 znc: CVE-2018-14055: privilege escalation to admin permission > (injection of rogue values in znc.conf) Bug #903787 [src:znc] znc: privilege escalation to admin permission (injection of rogue values in znc.conf) Changed Bug title to 'znc: CVE-2018-14055: privilege escalation to admin permission (injection of rogue values in znc.conf)' from 'znc: privilege escalation to admin permission (injection of rogue values in znc.conf)'. -- 903787: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903787 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#903787: znc: privilege escalation to admin permission (injection of rogue values in znc.conf)
Control: retitle -1 znc: CVE-2018-14055: privilege escalation to admin permission (injection of rogue values in znc.conf) On Sat, Jul 14, 2018 at 10:01:02PM +0200, Salvatore Bonaccorso wrote: > Source: znc > Version: 1.6.5-1 > Severity: grave > Tags: patch security upstream > Justification: user security hole > > Hi > > See > > https://github.com/znc/znc/commit/a7bfbd93812950b7444841431e8e297e62cb524e > https://github.com/znc/znc/commit/d22fef8620cdd87490754f607e7153979731c69d > > which would allow privilege escalation by a remote non-admin user. This issue has been assigned CVE-2018-14055. Regards, Salvatore
Bug#901114: marked as done (python-coverage: FTBFS when built with dpkg-buildpackage -A)
Your message dated Sun, 15 Jul 2018 05:04:14 + with message-id and subject line Bug#901114: fixed in python-coverage 4.5.1+dfsg.1-1 has caused the Debian Bug report #901114, regarding python-coverage: FTBFS when built with dpkg-buildpackage -A to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 901114: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901114 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:python-coverage Version: 4.5+dfsg.1-3 Severity: serious Dear maintainer: I tried to build this package in stretch with "dpkg-buildpackage -A" but it failed: [...] dpkg-buildpackage: info: source package python-coverage dpkg-buildpackage: info: source version 4.5+dfsg.1-3 dpkg-buildpackage: info: source distribution unstable dpkg-buildpackage: info: source changed by Ben Finney dpkg-source --before-build python-coverage-4.5+dfsg.1 fakeroot debian/rules clean debian/rules:166: warning: overriding recipe for target 'override_dh_auto_build' debian/rules:129: warning: ignoring old recipe for target 'override_dh_auto_build' dh clean --with python3,python2,pypy,sphinxdoc --buildsystem=pybuild dh: unable to load addon python2: Can't locate Debian/Debhelper/Sequence/python2.pm in @INC (you may need to install the Debian::Debhelper::Sequence::python2 module) (@INC contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.26.2 /usr/local/share/perl/5.26.2 /usr/lib/x86_64-linux-gnu/perl5/5.26 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl/5.26 /usr/share/perl/5.26 /usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base) at (eval 10) line 1. BEGIN failed--compilation aborted at (eval 10) line 1. debian/rules:74: recipe for target 'clean' failed make: *** [clean] Error 2 dpkg-buildpackage: error: fakeroot debian/rules clean subprocess returned exit status 2 To reproduce, please try "dpkg-buildpackage -A". (The error does not happen with "dpkg-buildpackage"). Thanks. --- End Message --- --- Begin Message --- Source: python-coverage Source-Version: 4.5.1+dfsg.1-1 We believe that the bug you reported is fixed in the latest version of python-coverage, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 901...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ben Finney (supplier of updated python-coverage package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 15 Jul 2018 12:25:30 +1000 Source: python-coverage Binary: python3-coverage pypy-coverage python-coverage python-coverage-doc Architecture: source all amd64 Version: 4.5.1+dfsg.1-1 Distribution: unstable Urgency: medium Maintainer: Ben Finney Changed-By: Ben Finney Description: pypy-coverage - code coverage tool for Python 2 PyPy python-coverage - code coverage tool for Python 2 python-coverage-doc - code coverage tool for Python — documentation python3-coverage - code coverage tool for Python 3 Closes: 901114 Changes: python-coverage (4.5.1+dfsg.1-1) unstable; urgency=medium . * The “Ahmedur Rashid Chowdhury” release. * New upstream version. Highlights since previous release: none documented. * Consolidate the ‘override_dh_auto_build’ packaging target. * Use a null command for ‘clean’ during ‘Git-BuildPackage’. * Correct build dependencies for both arch-dependent and -independent. Closes: bug#901114. Thanks to Santiago Vila for the report. * Declare “Standards-Version: 4.1.5”. * Specify current URL for upstream source repository. * Improve consistency of copyright grant in Debian packaging. * Remove ‘get-orig-source’ and ‘get-packaged-orig-source’ targets. These are no longer mentioned in Debian Policy 4.1.4 and later. * Use standard Debian packaging tools to repack upstream source. * Convert UScan configuration to format version 4. * Remove specification of minimum Python versions. These are now satisfied by all currently supported Debian releases. Checksums-Sha1: b1ca6ef3ed9776dd903c68c45bfac88e3
Bug#903800: linux-image-4.9.0-7-amd64: general protection fault / kernel panic at boot
Hi, I may be running into the same issue here, running Xen. I say "may", because after I updated to Debian 9.5 and linux 4.9.0-7-amd64, the server/Dom0 did not come back up after a reboot, and I had to request a manual reboot from datacenter staff. The staff did not provide any more error details from the console other than that the OS failed to boot. I also did not find anything useful or relevant in logs, so I cannot provide more information. They rebooted it into a rescue-mode for me to login and fix it, from there I made grub boot Xen with the previous linux 4.9.0-6-amd64 kernel and the system came back up normally. The Xen virtual machines/DomUs themselves, however, do seem to run just fine with linux 4.9.0-7-amd64.
Bug#903808: leela-zero: Not functional without downloading extra resources
Package: leela-zero Severity: serious Justification: Policy 2.2.1 Dear Maintainer, When I try to run leela-zero, it tells me there's no weights file, and I need to download extra file to make it functional. Thus I think this package breaks the policy 2.2.1 > In addition, the packages in main > * must not require or recommend a package outside of main for compilation >or execution (thus, the package must not declare a Pre-Depends, Depends, >Recommends, Build-Depends, Build-Depends-Indep, or Build-Depends-Arch >relationship on a non-main package unless that package is only listed >as a non-default alternative for a package in main), > The contrib archive area contains supplemental packages intended to work > with the Debian distribution, but which require software outside of the > distribution to either build or function. So I think you can include the weights file in package, or provide tool to generate this file(I think these are in upstream training dir), or leave this package to contrib. From -devel discussion, the pre-trained file may have problem to distribute, but I think you can distribute some "idiot" module, to make the program functional(not just print error/help info). signature.asc Description: PGP signature
Bug#903800: linux-image-4.9.0-7-amd64: general protection fault / kernel panic at boot
On Sun, 2018-07-15 at 02:27 +0200, Vincent Lefevre wrote: > Package: src:linux > Version: 4.9.110-1 > Severity: critical > Justification: breaks the whole system > > After upgrade to Debian 9.5, I get a kernel panic with 4.9.0-7-amd64: [...] Are you running it on Xen? Ben. -- Ben Hutchings One of the nice things about standards is that there are so many of them. signature.asc Description: This is a digitally signed message part
Bug#903803: puredata-gui: missing Breaks+Replaces: puredata-core (<< 0.48.1-6)
Package: puredata-gui Version: 0.48.1-6 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package fails to upgrade from 'testing'. It installed fine in 'testing', then the upgrade to 'sid' fails because it tries to overwrite other packages files without declaring a Breaks+Replaces relation. See policy 7.6 at https://www.debian.org/doc/debian-policy/#overwriting-files-and-replacing-packages-replaces >From the attached log (scroll to the bottom...): Preparing to unpack .../puredata-gui_0.48.1-6_all.deb ... Unpacking puredata-gui (0.48.1-6) ... dpkg: error processing archive /var/cache/apt/archives/puredata-gui_0.48.1-6_all.deb (--unpack): trying to overwrite '/usr/share/pixmaps/puredata.xpm', which is also in package puredata-core 0.48.1-4 Errors were encountered while processing: /var/cache/apt/archives/puredata-gui_0.48.1-6_all.deb cheers, Andreas puredata-core=0.48.1-4_puredata-gui=0.48.1-6.log.gz Description: application/gzip
Bug#903802: libomp5-7: missing Breaks+Replaces: libomp5
Package: libomp5-7 Version: 1:7~svn336894-1~exp1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package failed to install because it tries to overwrite other packages files without declaring a Breaks+Replaces relation. See policy 7.6 at https://www.debian.org/doc/debian-policy/#overwriting-files-and-replacing-packages-replaces >From the attached log (scroll to the bottom...): Preparing to unpack .../libomp5-7_1%3a7~svn336894-1~exp1_amd64.deb ... Unpacking libomp5-7:amd64 (1:7~svn336894-1~exp1) ... dpkg: error processing archive /var/cache/apt/archives/libomp5-7_1%3a7~svn336894-1~exp1_amd64.deb (--unpack): trying to overwrite '/usr/lib/x86_64-linux-gnu/libomp.so.5', which is also in package libomp5:amd64 6.0.1-1 Errors were encountered while processing: /var/cache/apt/archives/libomp5-7_1%3a7~svn336894-1~exp1_amd64.deb Maybe Conflicts+Replaces+Provides: libomp5 is the correct solution, otherwise we will have to revisit this issue for every new major llvm version. cheers, Andreas libomp5=6.0.1-1_libomp5-7=1%7~svn336894-1~exp1.log.gz Description: application/gzip
Bug#903801: python-pika,python-pika-doc: both ship /usr/share/doc/python-pika/README.rst
Package: python-pika,python-pika-doc Version: 0.11.0-2 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package failed to install because it tries to overwrite other packages files. This is probably caused by a behavioral change of dh_installdocs in debhelper compat level 11. >From the attached log (scroll to the bottom...): Selecting previously unselected package python-pika-doc. Preparing to unpack .../python-pika-doc_0.11.0-2_all.deb ... Unpacking python-pika-doc (0.11.0-2) ... dpkg: error processing archive /var/cache/apt/archives/python-pika-doc_0.11.0-2_all.deb (--unpack): trying to overwrite '/usr/share/doc/python-pika/README.rst', which is also in package python-pika 0.11.0-2 dpkg-deb: error: paste subprocess was killed by signal (Broken pipe) Errors were encountered while processing: /var/cache/apt/archives/python-pika-doc_0.11.0-2_all.deb cheers, Andreas python-pika=0.11.0-2_python-pika-doc=0.11.0-2.log.gz Description: application/gzip
Bug#903800: linux-image-4.9.0-7-amd64: general protection fault / kernel panic at boot
Package: src:linux Version: 4.9.110-1 Severity: critical Justification: breaks the whole system After upgrade to Debian 9.5, I get a kernel panic with 4.9.0-7-amd64: Loading Linux 4.9.0-7-amd64 ... Loading initial ramdisk ... [0.00] tsc: Unable to calibrate against PIT 17.14MiB 100% 7.83MiB/s ] [0.108076] cpu 0 spinlock event irq 1 [0.109159] NMI watchdog: disabled (cpu0): hardware events not enabled [0.183214] cpu 1 spinlock event irq 13 [0.184264] cpu 2 spinlock event irq 20 [0.184635] cpu 3 spinlock event irq 27 [0.184635] cpu 4 spinlock event irq 34 [0.184635] cpu 5 spinlock event irq 41 [0.188556] cpu 6 spinlock event irq 48 [0.188556] cpu 7 spinlock event irq 55 [0.188575] cpu 8 spinlock event irq 62 [0.188575] cpu 9 spinlock event irq 69 [0.192561] cpu 10 spinlock event irq 76 [0.192561] cpu 11 spinlock event irq 83 [0.192562] cpu 12 spinlock event irq 90 [0.196098] cpu 13 spinlock event irq 97 [0.196564] cpu 14 spinlock event irq 104 [0.196564] cpu 15 spinlock event irq 111 [0.201020] Grant table initialized [0.708216] dmi: Firmware registration failed. [0.708728] PCI: System does not support PCI [0.709146] PCI: System does not support PCI [2.161040] dmi-sysfs: dmi entry is absent. [2.161725] mce: Unable to init device /dev/mcelog (rc: -5) [2.183556] general protection fault: [#1] SMP [2.183799] Modules linked in: [2.183955] CPU: 0 PID: 1 Comm: init Not tainted 4.9.0-7-amd64 #1 Debian 4.9.110-1 [2.184010] task: 88001e6a3040 task.stack: c900400cc000 [2.184010] RIP: e030:[] [] ret_from_fork+0x2d/0x70 [2.184010] RSP: e02b:c900400cff50 EFLAGS: 00010006 [2.184010] RAX: 000c5cc9b000 RBX: 816076d0 RCX: ea794b1f [2.184010] RDX: 0002 RSI: 0002 RDI: c900400cff58 [2.184010] RBP: R08: R09: 880003073000 [2.184010] R10: 8080808080808080 R11: fefefefefefefeff R12: [2.184010] R13: R14: R15: [2.184010] FS: () GS:88001ea0() knlGS: [2.184010] CS: e033 DS: ES: CR0: 80050033 [2.184010] CR2: 7ffd02276609 CR3: 0309a000 CR4: 00042660 [2.184010] Stack: [2.184010] [2.184010] [2.184010] [2.184010] Call Trace: [2.184010] Code: c7 e8 b8 fe a8 ff 48 85 db 75 2f 48 89 e7 e8 5b ed 9e ff 50 90 0f 20 d8 65 48 0b 04 25 e0 02 01 00 78 08 65 88 04 25 e7 02 01 00 <0f> 22 d8 58 66 0f 1f 44 00 00 e9 c1 07 00 00 4c 89 e7 eb 11 e8 [2.184010] RIP [] ret_from_fork+0x2d/0x70 [2.184010] RSP [2.184010] ---[ end trace 4b76af717f0b50cf ]--- [2.190717] Kernel panic - not syncing: Attempted to kill init! exitcode=0x000b [2.190717] [2.191083] Kernel Offset: disabled -- Package-specific info: ** Kernel log: boot messages should be attached ** Model information ** Network interface configuration: auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 155.133.131.76 netmask 255.255.255.0 gateway 155.133.131.254 ** PCI devices: not available ** USB devices: not available -- System Information: Debian Release: 9.5 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-debug'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-6-amd64 (SMP w/1 CPU core) Locale: LANG=POSIX, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=POSIX (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages linux-image-4.9.0-7-amd64 depends on: ii initramfs-tools [linux-initramfs-tool] 0.130 ii kmod23-2 ii linux-base 4.5 Versions of packages linux-image-4.9.0-7-amd64 recommends: ii firmware-linux-free 3.4 ii irqbalance 1.1.0-2.3 Versions of packages linux-image-4.9.0-7-amd64 suggests: pn debian-kernel-handbook ii grub-efi-amd64 2.02~beta3-5 pn linux-doc-4.9 Versions of packages linux-image-4.9.0-7-amd64 is related to: pn firmware-amd-graphics pn firmware-atheros pn firmware-bnx2 pn firmware-bnx2x pn firmware-brcm80211 pn firmware-cavium pn firmware-intel-sound pn firmware-intelwimax pn firmware-ipw2x00 pn firmware-ivtv pn firmware-iwlwifi pn firmware-libertas pn firmware-linux-nonfree pn firmware-misc-nonfree pn firmware-myricom pn firmware-netxen pn firmware-qlogic pn firmware-
Processed: bug 903784 is forwarded to https://github.com/geopython/pycsw/issues/570
Processing commands for cont...@bugs.debian.org: > forwarded 903784 https://github.com/geopython/pycsw/issues/570 Bug #903784 [python3-pycsw] python3-pycsw: fails to install: SyntaxError Set Bug forwarded-to-address to 'https://github.com/geopython/pycsw/issues/570'. > thanks Stopping processing here. Please contact me if you need assistance. -- 903784: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903784 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#903784: python3-pycsw: fails to install: SyntaxError
Control: tags -1 upstream On 07/14/2018 08:40 PM, Andreas Beckmann wrote: > File "/usr/lib/python3/dist-packages/pycsw/server.py", line 78 > self.async = False >^ > SyntaxError: invalid syntax > [...] > > Could this be related to python 3.7? Yes, see: #902788 async became a reserved keyword in Python 3.7. Upstream will need to rename for compatibility with Python 3.7. Kind Regards, Bas
Processed: Re: Bug#903784: python3-pycsw: fails to install: SyntaxError
Processing control commands: > tags -1 upstream Bug #903784 [python3-pycsw] python3-pycsw: fails to install: SyntaxError Added tag(s) upstream. -- 903784: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903784 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#902897: Info received (Bug#902897: virtualbox broken by binutils master (new R_X86_64_PLT32 relocation type))
(adding a few more pieces of information) ... and they also messed this up in SVN r73086; they fixed only the switch/case statement in RelocateSectionExecDyn(), exactly the function that is *not* exercised for VMMR0.r0 as that's an ET_REL file, not an ET_DYN. :) Reiterating: the rev2 patch in the upstream bugreport looks good; they imported the wrong version into SVN. Jan
Bug#903797: open-build-service: CVE-2018-7689
Source: open-build-service Version: 2.7.4-2 Severity: grave Tags: security upstream Forwarded: https://bugzilla.suse.com/show_bug.cgi?id=1094819 Hi, The following vulnerability was published for open-build-service. CVE-2018-7689[0]: | Lack of permission checks in the InitializeDevelPackage function in | openSUSE Open Build Service before 2.9.3 allowed authenticated users | to modify packages where they do not have write permissions. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-7689 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7689 [1] https://bugzilla.suse.com/show_bug.cgi?id=1094819 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
Processed: user debian...@lists.debian.org, usertagging 894618, tagging 902386
Processing commands for cont...@bugs.debian.org: > user debian...@lists.debian.org Setting user to debian...@lists.debian.org (was a...@debian.org). > usertags 894618 piuparts There were no usertags set. Usertags are now: piuparts. > tags 902386 + sid buster Bug #902386 [src:cvc3] cvc3: FTBFS in API tests Added tag(s) buster and sid. > thanks Stopping processing here. Please contact me if you need assistance. -- 894618: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894618 902386: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902386 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#903061: marked as done (python-base58 FTBFS: update Build-Depends: ruby-ronn -> ronn)
Your message dated Sat, 14 Jul 2018 21:53:25 + with message-id and subject line Bug#903061: fixed in python-base58 1.0.0-2 has caused the Debian Bug report #903061, regarding python-base58 FTBFS: update Build-Depends: ruby-ronn -> ronn to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 903061: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903061 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: python-base58 Version: 1.0.0-1 Severity: serious Since ronn got split out of ruby-ronn, python-base58 fails to build from source. It was not possible to have ruby-ronn temporarily depend on ronn, because that would have created a dependency cycle. Please update Build-Depends and replace ruby-ronn with ronn as python-base58 uses the command line tool. Helmut --- End Message --- --- Begin Message --- Source: python-base58 Source-Version: 1.0.0-2 We believe that the bug you reported is fixed in the latest version of python-base58, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 903...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sergio Durigan Junior (supplier of updated python-base58 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 14 Jul 2018 17:30:54 -0400 Source: python-base58 Binary: python3-base58 base58 Architecture: source all Version: 1.0.0-2 Distribution: unstable Urgency: medium Maintainer: Debian Python Modules Team Changed-By: Sergio Durigan Junior Description: base58 - base58 encode/decode: command-line interface python3-base58 - base58 encode/decode for Python Closes: 903061 Changes: python-base58 (1.0.0-2) unstable; urgency=medium . * Team upload. * Depend on ronn instead of ruby-ronn. (Closes: #903061) * Bump Standards-Version to 4.1.5. * Remove ancient X-Python3-Version field. Checksums-Sha1: 6c2118d6cd87e62f3ad03d66ca623cc361e1d771 2099 python-base58_1.0.0-2.dsc 2ac50286231f145629adb4bac27b9b42578589aa 2676 python-base58_1.0.0-2.debian.tar.xz adfa666e2f54990f447e4084d9f239597edc58ce 3848 base58_1.0.0-2_all.deb 8c8aed0674c7ef83d73d959d3a8859140eb67d1e 7381 python-base58_1.0.0-2_amd64.buildinfo bb4bffad8574776e32e5c43f4057cfd0761da6ec 5280 python3-base58_1.0.0-2_all.deb Checksums-Sha256: 16c1b0fe40b178310e402bb31bbc46b60b4777069a40910f5b2b869784bb2748 2099 python-base58_1.0.0-2.dsc 9788fc17c4db274688bb801125ad38b301ebda0f8ab7e5c480ea75083e621389 2676 python-base58_1.0.0-2.debian.tar.xz a0061645c31865d4af57ee33f6f9159bc7412396c3483a239831e1ab0abe9607 3848 base58_1.0.0-2_all.deb 2233c931c072d1a9d790e8d0b36807d98d78e3d9404e5f3e877dbea930d483e8 7381 python-base58_1.0.0-2_amd64.buildinfo 2a9e2ca611ca64d70741795c1e185e9826baa63cdf57fb4eb6bcfa5fc507c802 5280 python3-base58_1.0.0-2_all.deb Files: fa40c5ecd67e19819958ece42d87bb9f 2099 python optional python-base58_1.0.0-2.dsc 84672ef13ea802ff59de7d0de17b9b57 2676 python optional python-base58_1.0.0-2.debian.tar.xz 16e5884dcee903328255b76d4f2f993c 3848 devel optional base58_1.0.0-2_all.deb 1d6604ab0755d4c42e773480d2a3c032 7381 python optional python-base58_1.0.0-2_amd64.buildinfo 80aff3d5355c5d21388d364f2bd252c5 5280 python optional python3-base58_1.0.0-2_all.deb -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEI3pUsQKHKL8A7zH00Ot2KGX8XjYFAltKbAkACgkQ0Ot2KGX8 XjbgHg/5ATYQHGyEs9QFnhsmyQkj1XyEueZ5NY3p3XQpq93XDAZ1aoyW9e9j0Pdb vUmSNqV/8Wfx/fCWP8N+nSiDHh2tDYB4eoW8+xCQi63d2Q9RY4kXDMmMqArO8fv5 2ai07SOqr7Pvjm2Kme1cdLBX/J6c4OYAF/wRbH3CTgtzR4UBHM3IH5G7cF16a8M9 XLy94UtwWQP6ZyKGGJ1CfiIJAPKS9082UmFar77v8k5R2t3enqFhSu3OME6AebA+ MxRZF/hiEw0FitpV1yA4wW20uyjx8W3TSykVPMR3im4XCdTKhlBvtGjXq9PTgZ2Y 0YMMTcxUSTbHD/gUWhhvu2HnmfJKv+lpo/Knk81ofGj0crQr5jdT+dWi/Cyd3cMV 0OkHS3/2GtKMUcz0/jg3rd9J7GDxbp1Qv1K0R+o5yzfsJfdqILpX9pMbdV+WtjV/ zYqUGTmTXtKwGwNiE763PQwNqT71ol/WmGSHcMKnLpfCNNEwI3fB2htVTUNufR5Z o9NMjobt3RKastAB6Kov3mcf7n2Og3af7gI/IRDYXCJZYTG4XW799AFevDEMaAgo mNUqvitrif5ihA0OlfURTX1hwq3S25y3S+EMFBb4szl7g4rLOls8BBRrLUhtRwf4 hVmyO0USp/9AV7xzDv+O57xLHof+fOUmWebCQojuUBlO5kPQfZs= =Bqz7 -END PGP SIGNATURE End Message ---
Bug#903793: libgmap1-dev: broken symlink: /usr/lib/x86_64-linux-gnu/libgmap.so -> libgmap.so.1.0.0
Package: libgmap1-dev Version: 2017-11-15-1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package ships (or creates) a broken symlink. >From the attached log (scroll to the bottom...): 0m37.4s ERROR: FAIL: Broken symlinks: /usr/lib/x86_64-linux-gnu/libgmap.so -> libgmap.so.1.0.0 The package has these dependencies: Package: libgmap1-dev Source: gmap Version: 2017-11-15-1 Depends: gmap (= 2017-11-15-1) | libgmap1 (= 2017-11-15-1) which does not sound like a good idea if gmap does not provide the required shared library. cheers, Andreas libgmap1-dev_2017-11-15-1.log.gz Description: application/gzip
Bug#903380: libxmlada: FTBFS with unicode-data 11
Package: src:libxmlada Followup-For: Bug #903380 Hello. Updating libxmlada for a new unicode version requires a renaming of the -dev package for xmlada and all its reverse dependencies. Such migrations happen in experimental. Most packages are already renamed for unrelated reasons (gcc-8 migration and new XMLAda release). The XMLAda update should be straightforward, but will have to wait for the reupload of migrated packages to unstable, once all such changes are finished in experimental.
Processed: tagging 896309, tagging 903213, tagging 903124, tagging 903528, block 902788 with 903784 ...
Processing commands for cont...@bugs.debian.org: > tags 896309 + sid buster Bug #896309 {Done: Andreas Tille } [python-cfflib] python-cfflib: cfflib fails to import Added tag(s) buster and sid. > tags 903213 - stretch Bug #903213 {Done: Yaroslav Halchenko } [src:datalad] datalad: FTBFS in stretch/buster/sid Bug #903233 {Done: Yaroslav Halchenko } [src:datalad] datalad: FTBFS in stretch/buster/sid Removed tag(s) stretch. Removed tag(s) stretch. > tags 903124 - stretch Bug #903124 [src:libevent-rpc-perl] libevent-rpc-perl: 1.08-2 FTBFS: expired SSL certificate Removed tag(s) stretch. > tags 903528 + sid buster Bug #903528 [python3-seqdiag] python3-seqdiag fails to install with Python 3.7 as supported version Added tag(s) buster and sid. > block 902788 with 903784 Bug #902788 [python3.7] python3-minimal needs Breaks for software/modules broken by 3.7 902788 was blocked by: 902900 903145 903527 902646 903526 902757 902631 903016 903522 902766 903031 903218 902715 902650 903423 903030 903525 903558 903529 903528 902989 903388 903457 902794 902761 902788 was blocking: 902582 903432 Added blocking bug(s) of 902788: 903784 > found 902788 3.7.0~a2-1 Bug #902788 [python3.7] python3-minimal needs Breaks for software/modules broken by 3.7 Marked as found in versions python3.7/3.7.0~a2-1. > found 903218 3.1.0+dfsg-1 Bug #903218 [python3-opengl] python3-opengl: fails to install with python3.7 installed Marked as found in versions pyopengl/3.1.0+dfsg-1. > thanks Stopping processing here. Please contact me if you need assistance. -- 896309: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896309 902788: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902788 903124: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903124 903213: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903213 903218: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903218 903233: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903233 903528: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903528 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#872373: marked as done (CVE-2017-12877)
Your message dated Sat, 14 Jul 2018 21:02:11 + with message-id and subject line Bug#872373: fixed in imagemagick 8:6.9.7.4+dfsg-11+deb9u4 has caused the Debian Bug report #872373, regarding CVE-2017-12877 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 872373: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872373 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: imagemagick Version: 8:6.9.7.4+dfsg-16 Severity: grave Tags: security This was assigned CVE-2017-12877: https://github.com/ImageMagick/ImageMagick/issues/662 https://github.com/ImageMagick/ImageMagick/commit/98dda239ec398dd56453460849b4c9057fc424e5 Cheers, Moritz --- End Message --- --- Begin Message --- Source: imagemagick Source-Version: 8:6.9.7.4+dfsg-11+deb9u4 We believe that the bug you reported is fixed in the latest version of imagemagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 872...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Moritz Muehlenhoff (supplier of updated imagemagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 26 Dec 2017 12:24:39 + Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-3 libmagickcore-6.q16-3-extra libmagickcore-6.q16-dev libmagickwand-6.q16-3 libmagickwand-6.q16-dev libmagick++-6.q16-7 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-3 libmagickcore-6.q16hdri-3-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-3 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-7 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source all amd64 Version: 8:6.9.7.4+dfsg-11+deb9u4 Distribution: stretch-security Urgency: medium Maintainer: ImageMagick Packaging Team Changed-By: Moritz Muehlenhoff Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-7 - C++ interface to ImageMagick -- quantum depth Q16 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16) libmagick++-6.q16hdri-7 - C++ interface to ImageMagick -- quantum depth Q16HDRI libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI) libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-3 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-3-extra - low-level image manipulation library - extra codecs (Q16) libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16) libmagickcore-6.q16hdri-3 - low-level image manipulation library -- quantum depth Q16HDRI libmagickcore-6.q16hdri-3-extra - low-level image manipulation library - extra codecs (Q16HDRI) libmagickcore-6.q16hdri-dev - low-level image manipulation library - development files (Q16HDRI libmagickcore-dev - low-level image manipulation library -- dummy package l
Bug#902883: marked as done (FTBFS on arch != amd64 because different libpytalloc-util.*.so name)
Your message dated Sat, 14 Jul 2018 21:05:39 + with message-id and subject line Bug#902883: fixed in talloc 2.1.14-1 has caused the Debian Bug report #902883, regarding FTBFS on arch != amd64 because different libpytalloc-util.*.so name to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 902883: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902883 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:talloc Version: 2.1.13-1 Severity: serious Regression since python3 support: [...] dh_makeshlibs -ppython-talloc -ppython3-talloc -Xtalloc. -- -c3 dpkg-gensymbols: warning: new libraries appeared in the symbols file: libpytalloc-util.cpython-36m-aarch64-linux-gnu.so.2 dpkg-gensymbols: warning: some libraries disappeared in the symbols file: libpytalloc-util.cpython-36m-x86-64-linux-gnu.so.2 dpkg-gensymbols: warning: debian/python3-talloc/DEBIAN/symbols doesn't match completely debian/python3-talloc.symbols --- debian/python3-talloc.symbols (python3-talloc_2.1.13-1_arm64) +++ dpkg-gensymbolsYed6IE 2018-07-02 13:59:00.845850036 + @@ -1,26 +1,26 @@ -libpytalloc-util.cpython-36m-x86-64-linux-gnu.so.2 python3-talloc #MINVER# - PYTALLOC_UTIL.CPYTHON_36M_X86_64_LINUX_GNU_2.1.13@PYTALLOC_UTIL.CPYTHON_36M_X86_64_LINUX_GNU_2.1.13 2.1.13 - PYTALLOC_UTIL.PY3_2.1.10@PYTALLOC_UTIL.PY3_2.1.10 2.1.11 - PYTALLOC_UTIL.PY3_2.1.11@PYTALLOC_UTIL.PY3_2.1.11 2.1.11 - PYTALLOC_UTIL.PY3_2.1.12@PYTALLOC_UTIL.PY3_2.1.12 2.1.12 - PYTALLOC_UTIL.PY3_2.1.13@PYTALLOC_UTIL.PY3_2.1.13 2.1.13 - PYTALLOC_UTIL.PY3_2.1.5@PYTALLOC_UTIL.PY3_2.1.5 2.1.11 - PYTALLOC_UTIL.PY3_2.1.6@PYTALLOC_UTIL.PY3_2.1.6 2.1.11 - PYTALLOC_UTIL.PY3_2.1.7@PYTALLOC_UTIL.PY3_2.1.7 2.1.11 - PYTALLOC_UTIL.PY3_2.1.8@PYTALLOC_UTIL.PY3_2.1.8 2.1.11 - PYTALLOC_UTIL.PY3_2.1.9@PYTALLOC_UTIL.PY3_2.1.9 2.1.11 - _pytalloc_check_type@PYTALLOC_UTIL.PY3_2.1.9 2.1.11 - _pytalloc_get_mem_ctx@PYTALLOC_UTIL.PY3_2.1.6 2.1.11 - _pytalloc_get_ptr@PYTALLOC_UTIL.PY3_2.1.6 2.1.11 - _pytalloc_get_type@PYTALLOC_UTIL.PY3_2.1.6 2.1.11 - pytalloc_BaseObject_PyType_Ready@PYTALLOC_UTIL.PY3_2.1.6 2.1.11 - pytalloc_BaseObject_check@PYTALLOC_UTIL.PY3_2.1.6 2.1.11 - pytalloc_BaseObject_size@PYTALLOC_UTIL.PY3_2.1.6 2.1.11 - pytalloc_Check@PYTALLOC_UTIL.PY3_2.1.5 2.1.11 - pytalloc_GenericObject_reference_ex@PYTALLOC_UTIL.PY3_2.1.9 2.1.11 - pytalloc_GenericObject_steal_ex@PYTALLOC_UTIL.PY3_2.1.9 2.1.11 - pytalloc_GetBaseObjectType@PYTALLOC_UTIL.PY3_2.1.6 2.1.11 - pytalloc_GetObjectType@PYTALLOC_UTIL.PY3_2.1.5 2.1.11 - pytalloc_reference_ex@PYTALLOC_UTIL.PY3_2.1.5 2.1.11 - pytalloc_steal@PYTALLOC_UTIL.PY3_2.1.5 2.1.11 - pytalloc_steal_ex@PYTALLOC_UTIL.PY3_2.1.5 2.1.11 +libpytalloc-util.cpython-36m-aarch64-linux-gnu.so.2 python3-talloc #MINVER# + PYTALLOC_UTIL.CPYTHON_36M_AARCH64_LINUX_GNU_2.1.13@PYTALLOC_UTIL.CPYTHON_36M_AARCH64_LINUX_GNU_2.1.13 2.1.13-1 + PYTALLOC_UTIL.PY3_2.1.10@PYTALLOC_UTIL.PY3_2.1.10 2.1.13-1 + PYTALLOC_UTIL.PY3_2.1.11@PYTALLOC_UTIL.PY3_2.1.11 2.1.13-1 + PYTALLOC_UTIL.PY3_2.1.12@PYTALLOC_UTIL.PY3_2.1.12 2.1.13-1 + PYTALLOC_UTIL.PY3_2.1.13@PYTALLOC_UTIL.PY3_2.1.13 2.1.13-1 + PYTALLOC_UTIL.PY3_2.1.5@PYTALLOC_UTIL.PY3_2.1.5 2.1.13-1 + PYTALLOC_UTIL.PY3_2.1.6@PYTALLOC_UTIL.PY3_2.1.6 2.1.13-1 + PYTALLOC_UTIL.PY3_2.1.7@PYTALLOC_UTIL.PY3_2.1.7 2.1.13-1 + PYTALLOC_UTIL.PY3_2.1.8@PYTALLOC_UTIL.PY3_2.1.8 2.1.13-1 + PYTALLOC_UTIL.PY3_2.1.9@PYTALLOC_UTIL.PY3_2.1.9 2.1.13-1 + _pytalloc_check_type@PYTALLOC_UTIL.PY3_2.1.9 2.1.13-1 + _pytalloc_get_mem_ctx@PYTALLOC_UTIL.PY3_2.1.6 2.1.13-1 + _pytalloc_get_ptr@PYTALLOC_UTIL.PY3_2.1.6 2.1.13-1 + _pytalloc_get_type@PYTALLOC_UTIL.PY3_2.1.6 2.1.13-1 + pytalloc_BaseObject_PyType_Ready@PYTALLOC_UTIL.PY3_2.1.6 2.1.13-1 + pytalloc_BaseObject_check@PYTALLOC_UTIL.PY3_2.1.6 2.1.13-1 + pytalloc_BaseObject_size@PYTALLOC_UTIL.PY3_2.1.6 2.1.13-1 + pytalloc_Check@PYTALLOC_UTIL.PY3_2.1.5 2.1.13-1 + pytalloc_GenericObject_reference_ex@PYTALLOC_UTIL.PY3_2.1.9 2.1.13-1 + pytalloc_GenericObject_steal_ex@PYTALLOC_UTIL.PY3_2.1.9 2.1.13-1 + pytalloc_GetBaseObjectType@PYTALLOC_UTIL.PY3_2.1.6 2.1.13-1 + pytalloc_GetObjectType@PYTALLOC_UTIL.PY3_2.1.5 2.1.13-1 + pytalloc_reference_ex@PYTALLOC_UTIL.PY3_2.1.5 2.1.13-1 + pytalloc_steal@PYTALLOC_UTIL.PY3_2.1.5 2.1.13-1 + pytalloc_steal_ex@PYTALLOC_UTIL.PY3_2.1.5 2.1.13-1 dh_makeshlibs: failing due to earlier errors debian/rules:72: recipe for target 'override_dh_makeshlibs' failed -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.16.0-1-amd64 (SMP w/2 CPU cores) Local
Bug#881392: marked as done (imagemagick: CVE-2017-16546)
Your message dated Sat, 14 Jul 2018 21:02:11 + with message-id and subject line Bug#881392: fixed in imagemagick 8:6.9.7.4+dfsg-11+deb9u4 has caused the Debian Bug report #881392, regarding imagemagick: CVE-2017-16546 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 881392: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881392 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: patch security upstream Forwarded: https://github.com/ImageMagick/ImageMagick/issues/851 Hi, the following vulnerability was published for imagemagick. CVE-2017-16546[0]: | The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does | not properly validate the colormap index in a WPG palette, which allows | remote attackers to cause a denial of service (use of uninitialized | data or invalid memory allocation) or possibly have unspecified other | impact via a malformed WPG file. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-16546 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16546 [1] https://github.com/ImageMagick/ImageMagick/issues/851 [2] https://github.com/ImageMagick/ImageMagick/commit/e04cf3e9524f50ca336253513d977224e083b816 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: imagemagick Source-Version: 8:6.9.7.4+dfsg-11+deb9u4 We believe that the bug you reported is fixed in the latest version of imagemagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 881...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Moritz Muehlenhoff (supplier of updated imagemagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 26 Dec 2017 12:24:39 + Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-3 libmagickcore-6.q16-3-extra libmagickcore-6.q16-dev libmagickwand-6.q16-3 libmagickwand-6.q16-dev libmagick++-6.q16-7 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-3 libmagickcore-6.q16hdri-3-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-3 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-7 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source all amd64 Version: 8:6.9.7.4+dfsg-11+deb9u4 Distribution: stretch-security Urgency: medium Maintainer: ImageMagick Packaging Team Changed-By: Moritz Muehlenhoff Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-7 - C++ interface to ImageMagick -- quantum depth Q16 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16) libmagick++-6.q16hdri-7 - C++ interface to ImageMagick -- quantum depth Q16HDRI libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI) libmagick++-dev - object-oriented C++ interface to ImageM
Bug#885125: marked as done (imagemagick: CVE-2017-17879: heap-buffer-overflow in ReadOneMNGImage)
Your message dated Sat, 14 Jul 2018 21:02:11 + with message-id and subject line Bug#885125: fixed in imagemagick 8:6.9.7.4+dfsg-11+deb9u4 has caused the Debian Bug report #885125, regarding imagemagick: CVE-2017-17879: heap-buffer-overflow in ReadOneMNGImage to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 885125: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885125 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: imagemagick Version: 8:6.9.7.4+dfsg-1 Severity: important Tags: patch security upstream Forwarded: https://github.com/ImageMagick/ImageMagick/issues/906 Hi, the following vulnerability was published for imagemagick. CVE-2017-17879[0]: | In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based | buffer over-read in ReadOneMNGImage in coders/png.c, related to length | calculation and caused by an off-by-one error. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-17879 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17879 [1] https://github.com/ImageMagick/ImageMagick/issues/906 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: imagemagick Source-Version: 8:6.9.7.4+dfsg-11+deb9u4 We believe that the bug you reported is fixed in the latest version of imagemagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 885...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Moritz Muehlenhoff (supplier of updated imagemagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 26 Dec 2017 12:24:39 + Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-3 libmagickcore-6.q16-3-extra libmagickcore-6.q16-dev libmagickwand-6.q16-3 libmagickwand-6.q16-dev libmagick++-6.q16-7 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-3 libmagickcore-6.q16hdri-3-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-3 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-7 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source all amd64 Version: 8:6.9.7.4+dfsg-11+deb9u4 Distribution: stretch-security Urgency: medium Maintainer: ImageMagick Packaging Team Changed-By: Moritz Muehlenhoff Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-7 - C++ interface to ImageMagick -- quantum depth Q16 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16) libmagick++-6.q16hdri-7 - C++ interface to ImageMagick -- quantum depth Q16HDRI libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI) libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library -
Processed: Bug #902883 in talloc marked as pending
Processing control commands: > tag -1 pending Bug #902883 [src:talloc] FTBFS on arch != amd64 because different libpytalloc-util.*.so name Added tag(s) pending. -- 902883: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902883 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#902883: Bug #902883 in talloc marked as pending
Control: tag -1 pending Hello, Bug #902883 in talloc reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below, and you can check the diff of the fix at: https://salsa.debian.org/samba-team/talloc/commit/e91469a60fc3a99df9f83dba5f5b049ab29dd528 Revert python3 support (Reopen #802484, #814928; Closes: #902883) until it is ready - Without patch: the symbols are changing too often: + between arches, + between major python versions, + between minor talloc versions - All proposed patches so far break abi checking (this message was generated automatically) -- Greetings https://bugs.debian.org/902883
Bug#903698: sphinxbase: build appears broken for multiple python3 versions
Paul Gevers, le ven. 13 juil. 2018 13:46:45 +0200, a ecrit: > I think this is caused by the fact that we loop over $pyver in the > d/rules file, but apparently that is broken for multiple python3 versions. I don't think that's the problem: I tried to pause after the dh_install step, and we have this: € find debian | grep pyt debian/tmp/usr/lib/python2.7 debian/tmp/usr/lib/python2.7/dist-packages debian/tmp/usr/lib/python2.7/dist-packages/sphinxbase debian/tmp/usr/lib/python2.7/dist-packages/sphinxbase/sphinxbase.py debian/tmp/usr/lib/python2.7/dist-packages/sphinxbase/__init__.py debian/tmp/usr/lib/python2.7/dist-packages/sphinxbase/_sphinxbase.so.0.0.0 debian/tmp/usr/lib/python2.7/dist-packages/sphinxbase/sphinxbase.pyc debian/tmp/usr/lib/python2.7/dist-packages/sphinxbase/sphinxbase.pyo debian/tmp/usr/lib/python2.7/dist-packages/sphinxbase/__init__.pyc debian/tmp/usr/lib/python2.7/dist-packages/sphinxbase/_sphinxbase.so.0 debian/tmp/usr/lib/python2.7/dist-packages/sphinxbase/_sphinxbase.so debian/tmp/usr/lib/python2.7/dist-packages/sphinxbase/__init__.pyo debian/tmp/usr/lib/python3.6 debian/tmp/usr/lib/python3.6/site-packages debian/tmp/usr/lib/python3.6/site-packages/sphinxbase debian/tmp/usr/lib/python3.6/site-packages/sphinxbase/sphinxbase.py debian/tmp/usr/lib/python3.6/site-packages/sphinxbase/__init__.py debian/tmp/usr/lib/python3.6/site-packages/sphinxbase/_sphinxbase.so.0.0.0 debian/tmp/usr/lib/python3.6/site-packages/sphinxbase/_sphinxbase.so.0 debian/tmp/usr/lib/python3.6/site-packages/sphinxbase/_sphinxbase.so debian/tmp/usr/lib/python3.6/site-packages/sphinxbase/__pycache__ debian/tmp/usr/lib/python3.6/site-packages/sphinxbase/__pycache__/sphinxbase.cpython-36.pyc debian/tmp/usr/lib/python3.6/site-packages/sphinxbase/__pycache__/__init__.cpython-36.opt-1.pyc debian/tmp/usr/lib/python3.6/site-packages/sphinxbase/__pycache__/sphinxbase.cpython-36.opt-1.pyc debian/tmp/usr/lib/python3.6/site-packages/sphinxbase/__pycache__/__init__.cpython-36.pyc debian/tmp/usr/lib/python3.7 debian/tmp/usr/lib/python3.7/site-packages debian/tmp/usr/lib/python3.7/site-packages/sphinxbase debian/tmp/usr/lib/python3.7/site-packages/sphinxbase/sphinxbase.py debian/tmp/usr/lib/python3.7/site-packages/sphinxbase/__init__.py debian/tmp/usr/lib/python3.7/site-packages/sphinxbase/_sphinxbase.so.0.0.0 debian/tmp/usr/lib/python3.7/site-packages/sphinxbase/_sphinxbase.so.0 debian/tmp/usr/lib/python3.7/site-packages/sphinxbase/_sphinxbase.so debian/tmp/usr/lib/python3.7/site-packages/sphinxbase/__pycache__ debian/tmp/usr/lib/python3.7/site-packages/sphinxbase/__pycache__/sphinxbase.cpython-37.opt-1.pyc debian/tmp/usr/lib/python3.7/site-packages/sphinxbase/__pycache__/__init__.cpython-37.opt-1.pyc debian/tmp/usr/lib/python3.7/site-packages/sphinxbase/__pycache__/__init__.cpython-37.pyc debian/tmp/usr/lib/python3.7/site-packages/sphinxbase/__pycache__/sphinxbase.cpython-37.pyc debian/python3-sphinxbase.debhelper.log debian/python3-sphinxbase.install debian/python-sphinxbase debian/python-sphinxbase/usr debian/python-sphinxbase/usr/lib debian/python-sphinxbase/usr/lib/python2.7 debian/python-sphinxbase/usr/lib/python2.7/dist-packages debian/python-sphinxbase/usr/lib/python2.7/dist-packages/sphinxbase debian/python-sphinxbase/usr/lib/python2.7/dist-packages/sphinxbase/sphinxbase.py debian/python-sphinxbase/usr/lib/python2.7/dist-packages/sphinxbase/__init__.py debian/python-sphinxbase/usr/lib/python2.7/dist-packages/sphinxbase/_sphinxbase.so.0.0.0 debian/python-sphinxbase/usr/lib/python2.7/dist-packages/sphinxbase/sphinxbase.pyc debian/python-sphinxbase/usr/lib/python2.7/dist-packages/sphinxbase/sphinxbase.pyo debian/python-sphinxbase/usr/lib/python2.7/dist-packages/sphinxbase/__init__.pyc debian/python-sphinxbase/usr/lib/python2.7/dist-packages/sphinxbase/_sphinxbase.so.0 debian/python-sphinxbase/usr/lib/python2.7/dist-packages/sphinxbase/_sphinxbase.so debian/python-sphinxbase/usr/lib/python2.7/dist-packages/sphinxbase/__init__.pyo debian/python3-sphinxbase debian/python3-sphinxbase/usr debian/python3-sphinxbase/usr/lib debian/python3-sphinxbase/usr/lib/python3.6 debian/python3-sphinxbase/usr/lib/python3.6/site-packages debian/python3-sphinxbase/usr/lib/python3.6/site-packages/sphinxbase debian/python3-sphinxbase/usr/lib/python3.6/site-packages/sphinxbase/sphinxbase.py debian/python3-sphinxbase/usr/lib/python3.6/site-packages/sphinxbase/__init__.py debian/python3-sphinxbase/usr/lib/python3.6/site-packages/sphinxbase/_sphinxbase.so.0.0.0 debian/python3-sphinxbase/usr/lib/python3.6/site-packages/sphinxbase/_sphinxbase.so.0 debian/python3-sphinxbase/usr/lib/python3.6/site-packages/sphinxbase/_sphinxbase.so debian/python3-sphinxbase/usr/lib/python3.6/site-packages/sphinxbase/__pycache__ debian/python3-sphinxbase/usr/lib/python3.6/site-packages/sphinxbase/__pycache__/sphinxbase.cpython-36.pyc debian/python3-sphinxbase/usr/lib/python3.6/site-packages/sphinxbase/__pycache__/__init__.cpython-36.opt-1.pyc debian/python3-sphinxbase/usr
Bug#903713: plasma-browser-integration: "This_file_is_part_of_KDE" in debian/copyright?
severity 903713 important thanks Hi Luigi, > Finally, a request: please lower the severity of this bug. It's not a > regression, and I would assume good faith on something that has been the same > for the past 10+ years Don't worry; good faith assumed throughout. Downgrading to non-RC :-) Best wishes, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-
Processed: oops
Processing commands for cont...@bugs.debian.org: > notfound 902879 5.2.14-dfsg-4 Bug #902879 {Done: Guilhem Moulin } [cryptsetup-run] cryptdisks_start: fails on non-block-devices, "skipped, device $CRYPTTAB_SOURCE does not exist" There is no source info for the package 'cryptsetup-run' at version '5.2.14-dfsg-4' with architecture '' Unable to make a source version for version '5.2.14-dfsg-4' No longer marked as found in versions 5.2.14-dfsg-4. > found 902897 5.2.14-dfsg-4 Bug #902897 {Done: Gianfranco Costamagna } [virtualbox] virtualbox: fails to start vm (VERR_LDRELF_RELOCATION_NOT_SUPPORTED) Marked as found in versions virtualbox/5.2.14-dfsg-4 and reopened. > End of message, stopping processing here. Please contact me if you need assistance. -- 902879: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902879 902897: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902897 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#903713: plasma-browser-integration: "This_file_is_part_of_KDE" in debian/copyright?
Processing commands for cont...@bugs.debian.org: > severity 903713 important Bug #903713 [src:plasma-browser-integration] plasma-browser-integration: "This_file_is_part_of_KDE" in debian/copyright? Warning: Unknown package 'src:plasma-browser-integration' Severity set to 'important' from 'serious' Warning: Unknown package 'src:plasma-browser-integration' > thanks Stopping processing here. Please contact me if you need assistance. -- 903713: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903713 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#903788: znc: path traversal flaw
Source: znc Version: 0.045-1 Severity: grave Tags: patch security upstream Justification: user security hole Hi See https://github.com/znc/znc/commit/a4a5aeeb17d32937d8c7d743dae9a4cc755ce773 allowing path traversal and can lead to expose some files which shouldn't be, or potentially lead to a crash. Regards, Salvatore
Bug#903787: znc: privilege escalation to admin permission (injection of rogue values in znc.conf)
Source: znc Version: 1.6.5-1 Severity: grave Tags: patch security upstream Justification: user security hole Hi See https://github.com/znc/znc/commit/a7bfbd93812950b7444841431e8e297e62cb524e https://github.com/znc/znc/commit/d22fef8620cdd87490754f607e7153979731c69d which would allow privilege escalation by a remote non-admin user. Regards, Salvatore
Bug#901001: python3-minimal should Pre-Depend on python3.N-minimal
Followup-For: Bug #901001 Hi, are there known upgrade problems related to this bug when upgrading from jessie to stretch (python 3.4 -> 3.5) or could we tag this bug as 'sid buster'? Andreas
Bug#901312: elastix does not start: symbol lookup error: elastix: undefined symbol: _ZN8vnl_math5hypotEd
Control: notfixed -1 4.8-12 Control: close -1 On Mon, 11 Jun 2018 14:19:30 +0300 Juhani Numminen wrote: > Control: fixed -1 4.8-12 > Control: retitle -1 elastix does not start: symbol lookup error: elastix: > undefined symbol: _ZN8vnl_math5hypotEdd > > I'm not seeing this failure in buster (with the the newer ITK-4.12). > Unfortunately I don't know how to test if the program actually works > beyond not crashing at startup. > > Bug retitled because on stretch, I am seeing the error, but I get > two d's in the error message: "...Edd" instead of "...Ed". This was fixed by a binNMU in stretch, included in today's point release. binNMUs versions cannot be represented to the bts, therefore I'm clearing the fixed version of this bug s.t. bts treats it as 'invalid' and the bug can be closed and archived. Andreas
Processed: Re: Bug#901312: elastix does not start: symbol lookup error: elastix: undefined symbol: _ZN8vnl_math5hypotEd
Processing control commands: > notfixed -1 4.8-12 Bug #901312 [elastix] elastix does not start: symbol lookup error: elastix: undefined symbol: _ZN8vnl_math5hypotEdd No longer marked as fixed in versions elastix/4.8-12. > close -1 Bug #901312 [elastix] elastix does not start: symbol lookup error: elastix: undefined symbol: _ZN8vnl_math5hypotEdd Marked Bug as done -- 901312: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901312 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#903361: marked as done (haskell-tagsoup: FTBFS in buster/sid (dh_installexamples: Cannot find "Main.hs"))
Your message dated Sat, 14 Jul 2018 18:49:10 + with message-id and subject line Bug#903361: fixed in haskell-tagsoup 0.14.6-2 has caused the Debian Bug report #903361, regarding haskell-tagsoup: FTBFS in buster/sid (dh_installexamples: Cannot find "Main.hs") to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 903361: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903361 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:haskell-tagsoup Version: 0.14.6-1 Severity: serious Tags: ftbfs Dear maintainer: I tried to build this package in buster but it failed: [...] debian/rules build-indep test -x debian/rules mkdir -p "." CDBS WARNING:DEB_DH_STRIP_ARGS is deprecated since 0.4.85 CDBS WARNING:DEB_COMPRESS_EXCLUDE is deprecated since 0.4.85 . /usr/share/haskell-devscripts/Dh_Haskell.sh && \ make_setup_recipe Running ghc --make Setup.hs -o debian/hlibrary.setup [1 of 1] Compiling Main ( Setup.hs, Setup.o ) Linking debian/hlibrary.setup ... . /usr/share/haskell-devscripts/Dh_Haskell.sh && \ configure_recipe Running debian/hlibrary.setup configure --ghc -v2 --package-db=/var/lib/ghc/package.conf.d --prefix=/usr --libdir=/usr/lib/haskell-packages/ghc/lib --libexecdir=/usr/lib --builddir=dist-ghc --ghc-option=-optl-Wl\,-z\,relro --haddockdir=/usr/lib/ghc-doc/haddock/tagsoup-0.14.6/ --datasubdir=tagsoup --htmldir=/usr/share/doc/libghc-tagsoup-doc/html/ --enable-library-profiling -f download Configuring tagsoup-0.14.6... [... snipped ...] [ 4 of 13] Compiling Text.HTML.TagSoup.Match ( src/Text/HTML/TagSoup/Match.hs, dist-ghc/build/Text/HTML/TagSoup/Match.o ) [ 5 of 13] Compiling Text.HTML.TagSoup.Render ( src/Text/HTML/TagSoup/Render.hs, dist-ghc/build/Text/HTML/TagSoup/Render.o ) [ 6 of 13] Compiling Text.HTML.TagSoup.Options ( src/Text/HTML/TagSoup/Options.hs, dist-ghc/build/Text/HTML/TagSoup/Options.o ) [ 7 of 13] Compiling Text.HTML.TagSoup.Implementation ( src/Text/HTML/TagSoup/Implementation.hs, dist-ghc/build/Text/HTML/TagSoup/Implementation.o ) [ 8 of 13] Compiling Text.HTML.TagSoup.Specification ( src/Text/HTML/TagSoup/Specification.hs, dist-ghc/build/Text/HTML/TagSoup/Specification.o ) [ 9 of 13] Compiling Text.HTML.TagSoup.Manual ( src/Text/HTML/TagSoup/Manual.hs, dist-ghc/build/Text/HTML/TagSoup/Manual.o ) [10 of 13] Compiling Text.HTML.TagSoup.Generated ( src/Text/HTML/TagSoup/Generated.hs, dist-ghc/build/Text/HTML/TagSoup/Generated.o ) [11 of 13] Compiling Text.HTML.TagSoup.Parser ( src/Text/HTML/TagSoup/Parser.hs, dist-ghc/build/Text/HTML/TagSoup/Parser.o ) [12 of 13] Compiling Text.HTML.TagSoup ( src/Text/HTML/TagSoup.hs, dist-ghc/build/Text/HTML/TagSoup.o ) [13 of 13] Compiling Text.HTML.TagSoup.Tree ( src/Text/HTML/TagSoup/Tree.hs, dist-ghc/build/Text/HTML/TagSoup/Tree.o ) [ 1 of 13] Compiling Text.HTML.TagSoup.Entity ( src/Text/HTML/TagSoup/Entity.hs, dist-ghc/build/Text/HTML/TagSoup/Entity.p_o ) [ 2 of 13] Compiling Text.StringLike ( src/Text/StringLike.hs, dist-ghc/build/Text/StringLike.p_o ) [ 3 of 13] Compiling Text.HTML.TagSoup.Type ( src/Text/HTML/TagSoup/Type.hs, dist-ghc/build/Text/HTML/TagSoup/Type.p_o ) [ 4 of 13] Compiling Text.HTML.TagSoup.Match ( src/Text/HTML/TagSoup/Match.hs, dist-ghc/build/Text/HTML/TagSoup/Match.p_o ) [ 5 of 13] Compiling Text.HTML.TagSoup.Render ( src/Text/HTML/TagSoup/Render.hs, dist-ghc/build/Text/HTML/TagSoup/Render.p_o ) [ 6 of 13] Compiling Text.HTML.TagSoup.Options ( src/Text/HTML/TagSoup/Options.hs, dist-ghc/build/Text/HTML/TagSoup/Options.p_o ) [ 7 of 13] Compiling Text.HTML.TagSoup.Implementation ( src/Text/HTML/TagSoup/Implementation.hs, dist-ghc/build/Text/HTML/TagSoup/Implementation.p_o ) [ 8 of 13] Compiling Text.HTML.TagSoup.Specification ( src/Text/HTML/TagSoup/Specification.hs, dist-ghc/build/Text/HTML/TagSoup/Specification.p_o ) [ 9 of 13] Compiling Text.HTML.TagSoup.Manual ( src/Text/HTML/TagSoup/Manual.hs, dist-ghc/build/Text/HTML/TagSoup/Manual.p_o ) [10 of 13] Compiling Text.HTML.TagSoup.Generated ( src/Text/HTML/TagSoup/Generated.hs, dist-ghc/build/Text/HTML/TagSoup/Generated.p_o ) [11 of 13] Compiling Text.HTML.TagSoup.Parser ( src/Text/HTML/TagSoup/Parser.hs, dist-ghc/build/Text/HTML/TagSoup/Parser.p_o ) [12 of 13] Compiling Text.HTML.TagSoup ( src/Text/HTML/TagSoup.hs, dist-ghc/build/Text/HTML/TagSoup.p_o ) [13 of 13] Compiling Text.HTML.TagSoup.Tree ( src/Text/HTML/TagSoup/Tree.hs, dist-ghc/build/Text/HTML/TagSoup/Tree.p_o ) touch build-ghc-stamp debian/hlibrary.set
Bug#903332: marked as done (happy: FTBFS in buster/sid (dh_installdocs: Cannot find "README"))
Your message dated Sat, 14 Jul 2018 18:48:56 + with message-id and subject line Bug#903332: fixed in happy 1.19.9-4 has caused the Debian Bug report #903332, regarding happy: FTBFS in buster/sid (dh_installdocs: Cannot find "README") to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 903332: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903332 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:happy Version: 1.19.9-3 Severity: serious Tags: ftbfs Dear maintainer: I tried to build this package in buster but it failed: [...] debian/rules build-arch CDBS WARNING: copyright-check disabled - touch debian/copyright_hints to enable. test -x debian/rules mkdir -p "." CDBS WARNING:DEB_DH_STRIP_ARGS is deprecated since 0.4.85 CDBS WARNING:DEB_COMPRESS_EXCLUDE is deprecated since 0.4.85 Scanning upstream source for new/changed copyright notices... set -e; LC_ALL=C.UTF-8 /usr/bin/licensecheck --check '.*' --recursive --copyright --deb-fmt --ignore '^(debian/(changelog|copyright(|_hints|_newhints)))$' --lines 0 * | /usr/lib/cdbs/licensecheck2dep5 > debian/copyright_newhints /bin/bash: /usr/bin/licensecheck: No such file or directory 0 combinations of copyright and licensing found. diff: debian/copyright_hints: No such file or directory No new copyright notices found - assuming no news is good news... [... snipped ...] fakeroot debian/rules binary-arch CDBS WARNING: copyright-check disabled - touch debian/copyright_hints to enable. test -x debian/rules dh_testroot dh_prep dh_installdirs -A mkdir -p "." CDBS WARNING:DEB_DH_STRIP_ARGS is deprecated since 0.4.85 CDBS WARNING:DEB_COMPRESS_EXCLUDE is deprecated since 0.4.85 Scanning upstream source for new/changed copyright notices... set -e; LC_ALL=C.UTF-8 /usr/bin/licensecheck --check '.*' --recursive --copyright --deb-fmt --ignore '^(debian/(changelog|copyright(|_hints|_newhints)))$' --lines 0 * | /usr/lib/cdbs/licensecheck2dep5 > debian/copyright_newhints /bin/bash: /usr/bin/licensecheck: No such file or directory 0 combinations of copyright and licensing found. diff: debian/copyright_hints: No such file or directory No new copyright notices found - assuming no news is good news... touch debian/stamp-copyright-check touch debian/stamp-upstream-cruft # doc/configure is not shipped, generate it cd doc && autoconf && rm -r autom4te.cache && ./configure --prefix=/usr checking for xmllint... no configure: WARNING: cannot find xmllint in your PATH, you will not be able to validate your documentation checking for xsltproc... /usr/bin/xsltproc checking for DocBook XSL stylesheet directory... /usr/share/xml/docbook/stylesheet/nwalsh checking for dblatex... no configure: creating ./config.status config.status: creating config.mk config.status: creating happy.1 # used in build to stick version into man page ghc --make debian/get_version.hs -o debian/get_version /usr/bin/make -C doc html make[1]: Entering directory '/<>/doc' make[1]: Nothing to be done for 'html'. make[1]: Leaving directory '/<>/doc' sed -e "s#@LIBDIR@#/usr/share/happy-`debian/get_version`#g" \ -e "s#@DOCDIR@#/usr/share/doc/happy#g" \ -e "s#@VERSION@#`debian/get_version`#g" \ doc/happy.1.in > doc/happy.1 Adding cdbs dependencies to debian/happy.substvars dh_installdirs -phappy \ dh_haskell_blurbs "ghc" -phappy dh_installdocs -phappy ./TODO dh_installdocs: Cannot find (any matches for) "README" (tried in .) /usr/share/cdbs/1/rules/debhelper.mk:233: recipe for target 'binary-install/happy' failed make: *** [binary-install/happy] Error 2 dpkg-buildpackage: error: fakeroot debian/rules binary-arch subprocess returned exit status 2 The build was made with "dpkg-buildpackage -B" in my autobuilder. Most probably, it also fails here in reproducible builds: https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/happy.html [ Note: There has been a recent change in debhelper behaviour, the current behaviour is the intended one. See Bug #903133 for details ]. Thanks. --- End Message --- --- Begin Message --- Source: happy Source-Version: 1.19.9-4 We believe that the bug you reported is fixed in the latest version of happy, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments pleas
Bug#903784: python3-pycsw: fails to install: SyntaxError
Package: python3-pycsw Version: 2.2.0+dfsg-3 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package failed to install. As per definition of the release team this makes the package too buggy for a release, thus the severity. >From the attached log (scroll to the bottom...): Selecting previously unselected package python3-pycsw. (Reading database ... (Reading database ... 9155 files and directories currently installed.) Preparing to unpack .../python3-pycsw_2.2.0+dfsg-3_all.deb ... Unpacking python3-pycsw (2.2.0+dfsg-3) ... Setting up python3-pycsw (2.2.0+dfsg-3) ... File "/usr/lib/python3/dist-packages/pycsw/ogc/csw/csw2.py", line 1936 if self.parent.async: ^ SyntaxError: invalid syntax File "/usr/lib/python3/dist-packages/pycsw/ogc/csw/csw3.py", line 2013 if self.parent.async: ^ SyntaxError: invalid syntax File "/usr/lib/python3/dist-packages/pycsw/server.py", line 78 self.async = False ^ SyntaxError: invalid syntax dpkg: error processing package python3-pycsw (--configure): installed python3-pycsw package post-installation script subprocess returned error exit status 1 Errors were encountered while processing: python3-pycsw Could this be related to python 3.7? cheers, Andreas python3-pycsw_2.2.0+dfsg-3.log.gz Description: application/gzip
Bug#903111: marked as done (haskell-raaz FTBFS in buster)
Your message dated Sat, 14 Jul 2018 18:25:13 + with message-id and subject line Bug#903111: fixed in haskell-raaz 0.2.0-3 has caused the Debian Bug report #903111, regarding haskell-raaz FTBFS in buster to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 903111: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903111 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: haskell-raaz Severity: serious Version: 0.2.0-2 haskell-raaz recently failed to build in raspbian buster with dh_installexamples -plibghc-raaz-dev dh_installexamples: Cannot find (any matches for) "bin/Command/Checksum.lhs" (tried in .) The reproducible builds tests on amd64, armhf and arm64 (but strangely not i386) also show the same failure, so this doesn't appear to be raspbian specific. I do not know if this also affects sid, the tests on reproducible builds are all showing successful on sid, but they are much less recent than the tests on buster that failed. --- End Message --- --- Begin Message --- Source: haskell-raaz Source-Version: 0.2.0-3 We believe that the bug you reported is fixed in the latest version of haskell-raaz, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 903...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sean Whitton (supplier of updated haskell-raaz package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 14 Jul 2018 19:07:37 +0100 Source: haskell-raaz Binary: libghc-raaz-dev libghc-raaz-prof libghc-raaz-doc haskell-raaz-utils Architecture: source Version: 0.2.0-3 Distribution: unstable Urgency: medium Maintainer: Debian Haskell Group Changed-By: Sean Whitton Description: haskell-raaz-utils - ${haskell:ShortDescription}${haskell:ShortBlurb} libghc-raaz-dev - ${haskell:ShortDescription}${haskell:ShortBlurb} libghc-raaz-doc - ${haskell:ShortDescription}${haskell:ShortBlurb} libghc-raaz-prof - ${haskell:ShortDescription}${haskell:ShortBlurb} Closes: 903111 Changes: haskell-raaz (0.2.0-3) unstable; urgency=medium . [ Clint Adams ] * Set Rules-Requires-Root to no. . [ Sean Whitton ] * Stop trying to install no longer existent Checksum.lhs (Closes: #903111). Thanks Peter Green for the report. * Start installing new example Rand.lhs. Checksums-Sha1: 92b0e58e4ab04507727522635469a14b308772ad 2592 haskell-raaz_0.2.0-3.dsc 8469972c1e77a398fc2dcb2c5e81d80c24e19a9e 3416 haskell-raaz_0.2.0-3.debian.tar.xz adc45c06da41e1b3b411832ff6b9f28a32ab0ed6 7074 haskell-raaz_0.2.0-3_source.buildinfo Checksums-Sha256: 2cd11c2ea07097e41c0c46f2b6debe8fa5b0c7c436304ecdcb2e33ba1bd071a0 2592 haskell-raaz_0.2.0-3.dsc 0513958e89b51910de89c6f0f6ce1353e30b783fc2a0379a79912fbba46e7dd4 3416 haskell-raaz_0.2.0-3.debian.tar.xz 77cc8d0f2ef572b06dff97d0d3146f1304969c679e42375b1b98f373587a4f6f 7074 haskell-raaz_0.2.0-3_source.buildinfo Files: c15c5d4b65420aef88d19bc1d3b0fe76 2592 haskell optional haskell-raaz_0.2.0-3.dsc 683e04e7b1b885ff6cbc539e64f20a36 3416 haskell optional haskell-raaz_0.2.0-3.debian.tar.xz 0790fb1942c284686caeb990cfe4a37f 7074 haskell optional haskell-raaz_0.2.0-3_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEm5FwB64DDjbk/CSLaVt65L8GYkAFAltKPG8ACgkQaVt65L8G YkAFrRAAqsLdc3m0LIpqH6DAkgAV/3uH/8xDT4QbY3SufNm57olgr2HCnn/ESwXa bzQ5S3f4nwctGJopRVteYEg4Owg7eY8vVBpCcRLggFfM/IFm36CUkkWbdb/mSwPP XH0n8MVYOnVz/nXWVx1WBbDvvl+q357jJcLIR+L+y22lCgl+fUra8sdTIBJMW7Pz llWg/X9saoGVZLXJpTWOXjlQGcvyLVmAKdlv4Iy3z3Vc8Z10swbtjLDwoqgsjQxm 6j9JMQU+b4XG/uoQcldDSavjvEnoEkoYLdIrC/05vIbx+yI7RerxJFLfADABroH3 nwOHSLn1xzPwE9umt6wHfiNiVNr3jg3qobgmN4irxmoZSFBjPt4GgIKRJpPtoKoe rzdNAFbpLEOgVmzOenpBOGepLGlEsayx0pYIBX0jxu4l39bofEEAA3ZtmAYsVEse XhYXkdNDVgtQg/i7a48t1CmXfqSJcsMMOCcSFnfGwDoRuNS/mZK9E7Q/jsr1s9Vh D7pVje0gm367WeDWwS/okBTCsy06ZcnOQtgDfDOpqH3pZezqJe0YZ7HDgXqUxpFW lVFPaMdFMldr7kOWr96iFzAov6hpvIWB6z518YwwiLN+SL5EKR7VZIp5mkTDEeyU rGxZ62fwghoNdVIQlCdYBDsGl4N6OvDIJuL+DmbDYzhR1tAFfS0= =N6J7 -END PGP SIGNATURE End Message ---
Bug#903782: gitea: modifies conffiles (policy 10.7.3): /etc/gitea/conf/app.ini
Package: gitea Version: 1.3.2+dfsg-3 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package modifies conffiles. This is forbidden by the policy, see https://www.debian.org/doc/debian-policy/#configuration-files 10.7.3: "[...] The easy way to achieve this behavior is to make the configuration file a conffile. [...] This implies that the default version will be part of the package distribution, and must not be modified by the maintainer scripts during installation (or at any other time)." Note that once a package ships a modified version of that conffile, dpkg will prompt the user for an action how to handle the upgrade of this modified conffile (that was not modified by the user). Further in 10.7.3: "[...] must not ask unnecessary questions (particularly during upgrades) [...]" If a configuration file is customized by a maintainer script after having asked some debconf questions, it may not be marked as a conffile. Instead a template could be installed in /usr/share and used by the postinst script to fill in the custom values and create (or update) the configuration file (preserving any user modifications!). This file must be removed during postrm purge. ucf(1) may help with these tasks. See also https://wiki.debian.org/DpkgConffileHandling In https://lists.debian.org/debian-devel/2012/09/msg00412.html and followups it has been agreed that these bugs are to be filed with severity serious. debsums reports modification of the following files, from the attached log (scroll to the bottom...): /etc/gitea/conf/app.ini cheers, Andreas gitea_1.3.2+dfsg-3.log.gz Description: application/gzip
Bug#903780: gitlab: fails to install: Could not find gem 'fog-google (~> 0.5)'
Package: gitlab Version: 10.6.5+dfsg-2 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package failed to install. As per definition of the release team this makes the package too buggy for a release, thus the severity. >From the attached log (scroll to the bottom...): Selecting previously unselected package gitlab. (Reading database ... (Reading database ... 43843 files and directories currently installed.) Preparing to unpack .../gitlab_10.6.5+dfsg-2_all.deb ... Unpacking gitlab (10.6.5+dfsg-2) ... Setting up gitlab (10.6.5+dfsg-2) ... Creating/updating gitlab user account... adduser: Warning: The home directory `/var/lib/gitlab' does not belong to the user you are currently creating. Making gitlab owner of /var/lib/gitlab... [ESC][31mCould not find gem 'fog-google (~> 0.5)' in any of the gem sources listed in your Gemfile.[ESC][0m dpkg: error processing package gitlab (--configure): installed gitlab package post-installation script subprocess returned error exit status 1 Errors were encountered while processing: gitlab cheers, Andreas gitlab_10.6.5+dfsg-2.log.gz Description: application/gzip
Bug#903514:
Package: gimp Version: 2.10.2-1 Severity: grave Justification: renders package unusable Dear Maintainer, I may have the same problem. I updated many packages yesterday, and today gimp will not launch. Christoph reported that opening a .png file generated a splash screen then error messages about babl and python. However, I get nothing (no error message or splash screen) for any of these: gimp gimp foo.png# file does not exist gimp g14601.png # file does exist In each case, I got a segfault when I interrupted with ^C: home:~$ gimp foo.png ^CSegmentation fault (core dumped) I initially did not have gimp-python installed, but installing it didn't help. I then tried launching gimp with strace: strace -o /tmp/log gimp This time I got a splash screen (the first one I'd seen), with a progress bar stuck at 70%, the progress statement Querying new Plug-ins resynthesizer plus these messages: GEGL-Message: 12:45:41.515: Module '/usr/lib/x86_64-linux-gnu/gegl-0.4/ff-load.so' load error: /usr/lib/x86_64-linux-gnu/libhogweed.so.4: undefined symbol: __gmpn_cnd_sub_n GEGL-Message: 12:45:41.534: Module '/usr/lib/x86_64-linux-gnu/gegl-0.4/ff-save.so' load error: /usr/lib/x86_64-linux-gnu/libhogweed.so.4: undefined symbol: __gmpn_cnd_sub_n Missing fast-path babl conversion detected, Implementing missing babl fast paths accelerates GEGL, GIMP and other software using babl, warnings are printed on first occurance of formats used where a conversion has to be synthesized programmatically by babl based on format description *WARNING* missing babl fast path(s): "R'G'B' double" to "CIE Lab double" The strace file showed that the last file opened was /usr/lib/gimp/2.0/plug-ins/plugin-uncrop.py: home:~$ grep -n "open" /tmp/log |tail -22 39878:openat(AT_FDCWD, "/usr/lib/gimp/2.0/plug-ins/cml-explorer", O_RDONLY) = 14 39961:openat(AT_FDCWD, "/usr/lib/gimp/2.0/plug-ins/checkerboard", O_RDONLY) = 14 40059:openat(AT_FDCWD, "/usr/lib/gimp/2.0/plug-ins/cartoon", O_RDONLY) = 14 40147:openat(AT_FDCWD, "/usr/lib/gimp/2.0/plug-ins/border-average", O_RDONLY) = 14 40250:openat(AT_FDCWD, "/usr/lib/gimp/2.0/plug-ins/blur", O_RDONLY) = 14 40317:openat(AT_FDCWD, "/usr/lib/gimp/2.0/plug-ins/blinds", O_RDONLY) = 14 40413:openat(AT_FDCWD, "/usr/lib/gimp/2.0/plug-ins/animation-play", O_RDONLY) = 14 40505:openat(AT_FDCWD, "/usr/lib/gimp/2.0/plug-ins/animation-optimize", O_RDONLY) = 14 40712:openat(AT_FDCWD, "/usr/lib/gimp/2.0/plug-ins/align-layers", O_RDONLY) = 14 40799:openat(AT_FDCWD, "/usr/lib/gimp/2.0/plug-ins/webexport", O_RDONLY) = 14 40912:openat(AT_FDCWD, "/usr/lib/gimp/2.0/plug-ins/gap_wr_trans", O_RDONLY) = 14 41229:openat(AT_FDCWD, "/usr/lib/gimp/2.0/plug-ins/gap_wr_resynth", O_RDONLY) = 14 41337:openat(AT_FDCWD, "/usr/lib/gimp/2.0/plug-ins/gap_wr_opacity", O_RDONLY) = 14 41441:openat(AT_FDCWD, "/usr/lib/gimp/2.0/plug-ins/gap_wr_color_levels", O_RDONLY) = 14 41613:openat(AT_FDCWD, "/usr/lib/gimp/2.0/plug-ins/gap_wr_color_huesat", O_RDONLY) = 14 41765:openat(AT_FDCWD, "/usr/lib/gimp/2.0/plug-ins/wavelet-denoise", O_RDONLY) = 14 41874:openat(AT_FDCWD, "/usr/lib/gimp/2.0/plug-ins/streak", O_RDONLY) = 14 41955:openat(AT_FDCWD, "/usr/lib/gimp/2.0/plug-ins/separate_import", O_RDONLY) = 14 42063:openat(AT_FDCWD, "/usr/lib/gimp/2.0/plug-ins/separate", O_RDONLY) = 14 42610:openat(AT_FDCWD, "/usr/lib/gimp/2.0/plug-ins/resynthesizer_gui", O_RDONLY) = 14 42759:openat(AT_FDCWD, "/usr/lib/gimp/2.0/plug-ins/resynthesizer", O_RDONLY) = 14 42875:openat(AT_FDCWD, "/usr/lib/gimp/2.0/plug-ins/plugin-uncrop.py", O_RDONLY) = 14 The next time gimp froze again after opening the same file, but the progress statement in the splash screen was: Querying new Plug-ins plugin-uncrop.py (The last line is from memory. The splash screen got covered by other windows, and was not re-rendered when uncovered.) The second strace output ended like this: home:~$ tail -50 /tmp/log2 poll([{fd=3, events=POLLIN}, {fd=4, events=POLLIN}], 2, 0) = 0 (Timeout) recvmsg(3, {msg_namelen=0}, 0) = -1 EAGAIN (Resource temporarily unavailable) recvmsg(3, {msg_namelen=0}, 0) = -1 EAGAIN (Resource temporarily unavailable) recvmsg(3, {msg_namelen=0}, 0) = -1 EAGAIN (Resource temporarily unavailable) recvmsg(3, {msg_namelen=0}, 0) = -1 EAGAIN (Resource temporarily unavailable) recvmsg(3, {msg_namelen=0}, 0) = -1 EAGAIN (Resource temporarily unavailable) recvmsg(3, {msg_namelen=0}, 0) = -1 EAGAIN (Resource temporarily unavailable) recvmsg(3, {msg_namelen=0}, 0) = -1 EAGAIN (Resource temporarily unavailable) recvmsg(3, {msg_namelen=0}, 0) = -1 EAGAIN (Resource temporarily unavailable) poll([{fd=3, events=POLLIN|POLLOUT}], 1, -1) = 1 ([{fd=3, revents=POLLOUT}]) writev(3, [{iov_base="5\30\4\0,\2\300\3\3\0\300\3\0\5e\0\213\4\6\0-\2\300\3,\2\300\3\204\1\0\0"..., iov_len=1688}, {iov_base=NULL, iov_len=0}, {io
Bug#903779: emacs-nox: copyright file missing after upgrade (policy 12.5)
Package: emacs-nox Version: 1:25.2+1-7 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, a test with piuparts revealed that your package misses the copyright file after an upgrade, which is a violation of Policy 12.5: https://www.debian.org/doc/debian-policy/#copyright-information After the upgrade /usr/share/doc/$PACKAGE/ is just an empty directory. This was observed on the following upgrade paths: sid -> experimental >From the attached log (scroll to the bottom...): 0m25.0s ERROR: WARN: Inadequate results from running adequate! emacs-nox: missing-copyright-file /usr/share/doc/emacs-nox/copyright MISSING COPYRIGHT FILE: /usr/share/doc/emacs-nox/copyright # ls -lad /usr/share/doc/emacs-nox drwxr-xr-x 2 root root 40 May 28 18:55 /usr/share/doc/emacs-nox # ls -la /usr/share/doc/emacs-nox/ total 0 drwxr-xr-x 2 root root 40 May 28 18:55 . drwxr-xr-x 103 root root 2160 May 28 18:55 .. Additional info may be available here: https://wiki.debian.org/MissingCopyrightFile Note that dpkg intentionally does not replace directories with symlinks and vice versa, you need the maintainer scripts to do this. See in particular the end of point 4 in https://www.debian.org/doc/debian-policy/#details-of-unpack-phase-of-installation-or-upgrade It is recommended to use the dpkg-maintscript-helper commands 'dir_to_symlink' and 'symlink_to_dir' (available since dpkg 1.17.14) to perform the conversion, ideally using d/$PACKAGE.maintscript. Do not forget to add 'Pre-Depends: ${misc:Pre-Depends}' in d/control. See dpkg-maintscript-helper(1) and dh_installdeb(1) for details. cheers, Andreas emacs-nox_1:25.2+1-7.log.gz Description: application/gzip
Bug#903778: linux-image-amd64-signed-template: copyright file missing (policy 12.5)
Package: linux-image-amd64-signed-template Version: 4.18~rc4-1~exp1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, a test with piuparts revealed that your package misses the copyright file, which is a violation of Policy 12.5: https://www.debian.org/doc/debian-policy/#copyright-information >From the attached log (scroll to the bottom...): 0m28.3s ERROR: WARN: Inadequate results from running adequate! linux-image-amd64-signed-template: missing-copyright-file /usr/share/doc/linux-image-amd64-signed-template/copyright MISSING COPYRIGHT FILE: /usr/share/doc/linux-image-amd64-signed-template/copyright # ls -lad /usr/share/doc/linux-image-amd64-signed-template ls: cannot access '/usr/share/doc/linux-image-amd64-signed-template': No such file or directory # ls -la /usr/share/doc/linux-image-amd64-signed-template/ ls: cannot access '/usr/share/doc/linux-image-amd64-signed-template/': No such file or directory cheers, Andreas linux-image-amd64-signed-template_4.18~rc4-1~exp1.log.gz Description: application/gzip
Processed: user debian...@lists.debian.org, usertagging 883641, severity of 835508 is serious ...
Processing commands for cont...@bugs.debian.org: > user debian...@lists.debian.org Setting user to debian...@lists.debian.org (was a...@debian.org). > usertags 883641 piuparts Usertags were: piuparts. Usertags are now: piuparts. > severity 835508 serious Bug #835508 [ruby-leaflet-rails] ruby-leaflet-rails: should depend on libjs-leaflet (not ship convenience code copy) Severity set to 'serious' from 'important' > found 835508 0.7.7-1 Bug #835508 [ruby-leaflet-rails] ruby-leaflet-rails: should depend on libjs-leaflet (not ship convenience code copy) Marked as found in versions ruby-leaflet-rails/0.7.7-1. > found 885218 1.5-3 Bug #885218 [src:mpb] mpb: please migrate to guile-2.2 Marked as found in versions mpb/1.5-3. > found 885218 1.6.1-1 Bug #885218 [src:mpb] mpb: please migrate to guile-2.2 Marked as found in versions mpb/1.6.1-1. > affects 885218 + mpb-mpi Bug #885218 [src:mpb] mpb: please migrate to guile-2.2 Added indication that 885218 affects mpb-mpi > usertags 885218 piuparts There were no usertags set. Usertags are now: piuparts. > usertags 877259 piuparts There were no usertags set. Usertags are now: piuparts. > unarchive 890060 Bug #890060 {Done: Rafael Laboissiere } [src:biosig4c++] biosig4c++: Build-depends on dh-octave instead of octave-pkg-dev Unarchived Bug 890060 > found 890060 1.4.1-1.1 Bug #890060 {Done: Rafael Laboissiere } [src:biosig4c++] biosig4c++: Build-depends on dh-octave instead of octave-pkg-dev Marked as found in versions biosig4c++/1.4.1-1.1 and reopened. > tags 890060 + sid buster experimental Bug #890060 [src:biosig4c++] biosig4c++: Build-depends on dh-octave instead of octave-pkg-dev Added tag(s) sid, buster, and experimental. > severity 890060 serious Bug #890060 [src:biosig4c++] biosig4c++: Build-depends on dh-octave instead of octave-pkg-dev Severity set to 'serious' from 'important' > affects 890060 + octave-biosig Bug #890060 [src:biosig4c++] biosig4c++: Build-depends on dh-octave instead of octave-pkg-dev Added indication that 890060 affects octave-biosig > usertags 890060 piuparts There were no usertags set. Usertags are now: piuparts. > affects 901214 + libvtk-dicom-dev vtk-dicom-tools Bug #901214 [libvtkdicom0.8] libvtkdicom0.8: fails to upgrade from 'sid' - trying to overwrite /usr/lib/x86_64-linux-gnu/cmake/DICOMConfig.cmake Added indication that 901214 affects libvtk-dicom-dev and vtk-dicom-tools > affects 881713 + munin-doc munin-plugins-extra Bug #881713 [src:munin] munin: copyright file missing after upgrade (policy 12.5) Added indication that 881713 affects munin-doc and munin-plugins-extra > found 881713 2.999.8-1 Bug #881713 [src:munin] munin: copyright file missing after upgrade (policy 12.5) Marked as found in versions munin/2.999.8-1. > thanks Stopping processing here. Please contact me if you need assistance. -- 835508: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=835508 881713: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881713 885218: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885218 890060: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890060 901214: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901214 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#903770: nvidia-graphics-drivers: Cannot be upgraded in stretch 9.5 without removing several GNOME & KDE packages
On 07/14/2018 06:41 PM, Andreas Beckmann wrote: > On 2018-07-14 17:27, Sebastiaan Couwenberg wrote: >> On 07/14/2018 05:19 PM, Andreas Beckmann wrote: >>> On 2018-07-14 17:04, Bas Couwenberg wrote: The nvidia-driver packages cannot be updated as part of the stretch 9.5 stable update without removing several GNOME & KDE packages: >>> The following NEW packages will be installed: libgl1 libgl1:i386 libgl1-nvidia-glx libglvnd0 libglvnd0:i386 libglx-nvidia0:i386 libglx0 libglx0:i386 libnvidia-glcore:i386 >>> >>> Most of these packages are from stretch-backports, so you are not >>> upgrading a clean stretch system ... >> >> They are from stretch-backports because of the apt resolver, the only >> backports installed on that system are josm, qgis & libsfcgal1. >> >>> And the nvidia packages in stretch-backports now require mesa+libglvnd >>> from stretch-backports. >> >> But I don't want the backport. > > Probably blame it on apt for considering the backport at all ... > >> Disabling stretch-backports sources gives better results: >> >> The following packages will be REMOVED: >>libegl1-nvidia libgldispatch0-nvidia >> The following NEW packages will be installed: >>libegl1-glvnd-nvidia libglvnd0-nvidia libnvidia-egl-wayland1 >>nvidia-egl-common nvidia-egl-icd nvidia-egl-wayland-common >>nvidia-egl-wayland-icd >> The following packages will be upgraded: >>libegl-nvidia0 libgl1-glvnd-nvidia-glx libgl1-nvidia-glvnd-glx >>libgles-nvidia1 libgles-nvidia2 libgles1-glvnd-nvidia >>libgles2-glvnd-nvidia libglx-nvidia0 libglx0-glvnd-nvidia >>libnvidia-cfg1 libnvidia-eglcore libnvidia-glcore >>libnvidia-ml1 libopengl0-glvnd-nvidia nvidia-alternative >>nvidia-driver nvidia-driver-bin nvidia-driver-libs nvidia-kernel-dkms >>nvidia-kernel-support nvidia-vdpau-driver nvidia-vulkan-icd >>xserver-xorg-video-nvidia >> 23 upgraded, 7 newly installed, 2 to remove and 0 not upgraded. > > That looks like expected. It's a bit unfortunate, but the new upstream > release requires several new/renamed/removed packages. Hopefully this > was the last big nvidia-driver change needed in stable, switching to > 390.xx for the next CVE should be more smooth (and then we will finally > have reached a new legacy branch that has a longer support frame > upstream). > >> I shouldn't have to disable the backports sources for `apt-get >> dist-upgrade` to work correctly. > > That can't be solved differently in this case (unless we make the > backported packages use mesa from stretch (and *not* backports) again, > preventing installation of several backports requiring the newer mesa). > I couldn't get a working setup supporting both mesa versions (due to the > libglvnd switch), any invalid mixture of packages results in the > backported driver not working in stable-backports at all. Thanks for the feedback, since this cannot fixed, you can close this bug. Kind Regards, Bas
Bug#903775: libgradle-plugins-java: fails to upgrade from 'sid' - trying to overwrite /usr/share/maven-repo/org/gradle/gradle-workers/debian/gradle-workers-debian.pom
Package: libgradle-plugins-java Version: 4.4-1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package fails to upgrade from 'sid' to 'experimental'. It installed fine in 'sid', then the upgrade to 'experimental' fails because it tries to overwrite other packages files without declaring a Breaks+Replaces relation. See policy 7.6 at https://www.debian.org/doc/debian-policy/#overwriting-files-and-replacing-packages-replaces >From the attached log (scroll to the bottom...): Preparing to unpack .../4-libgradle-plugins-java_4.4-1_all.deb ... Unpacking libgradle-plugins-java (4.4-1) over (3.4.1-7) ... dpkg: error processing archive /tmp/apt-dpkg-install-l0IZ07/4-libgradle-plugins-java_4.4-1_all.deb (--unpack): trying to overwrite '/usr/share/maven-repo/org/gradle/gradle-workers/debian/gradle-workers-debian.pom', which is also in package libgradle-core-java 3.4.1-7 dpkg: considering deconfiguration of libgradle-plugins-java, which would be broken by installation of libgradle-core-java ... dpkg: yes, will deconfigure libgradle-plugins-java (broken by libgradle-core-java) Preparing to unpack .../5-libgradle-core-java_4.4-1_all.deb ... De-configuring libgradle-plugins-java (3.4.1-7) ... Unpacking libgradle-core-java (4.4-1) over (3.4.1-7) ... Replacing files in old package libgradle-plugins-java (3.4.1-7) ... Errors were encountered while processing: /tmp/apt-dpkg-install-l0IZ07/4-libgradle-plugins-java_4.4-1_all.deb cheers, Andreas libgradle-plugins-java_4.4-1.log.gz Description: application/gzip
Bug#903770: nvidia-graphics-drivers: Cannot be upgraded in stretch 9.5 without removing several GNOME & KDE packages
Control: tag -1 stretch wontfix Control: retitle -1 nvidia-graphics-drivers: Cannot be upgraded in stretch 9.5 with stretch-backports enabled (wants to remove several GNOME & KDE packages) On 2018-07-14 17:27, Sebastiaan Couwenberg wrote: > On 07/14/2018 05:19 PM, Andreas Beckmann wrote: >> On 2018-07-14 17:04, Bas Couwenberg wrote: >>> The nvidia-driver packages cannot be updated as part of the stretch 9.5 >>> stable update without removing several GNOME & KDE packages: >> >>> The following NEW packages will be installed: >>>libgl1 libgl1:i386 libgl1-nvidia-glx libglvnd0 libglvnd0:i386 >>> libglx-nvidia0:i386 libglx0 libglx0:i386 libnvidia-glcore:i386 >> >> Most of these packages are from stretch-backports, so you are not >> upgrading a clean stretch system ... > > They are from stretch-backports because of the apt resolver, the only > backports installed on that system are josm, qgis & libsfcgal1. > >> And the nvidia packages in stretch-backports now require mesa+libglvnd >> from stretch-backports. > > But I don't want the backport. Probably blame it on apt for considering the backport at all ... > Disabling stretch-backports sources gives better results: > > The following packages will be REMOVED: >libegl1-nvidia libgldispatch0-nvidia > The following NEW packages will be installed: >libegl1-glvnd-nvidia libglvnd0-nvidia libnvidia-egl-wayland1 >nvidia-egl-common nvidia-egl-icd nvidia-egl-wayland-common >nvidia-egl-wayland-icd > The following packages will be upgraded: >libegl-nvidia0 libgl1-glvnd-nvidia-glx libgl1-nvidia-glvnd-glx >libgles-nvidia1 libgles-nvidia2 libgles1-glvnd-nvidia >libgles2-glvnd-nvidia libglx-nvidia0 libglx0-glvnd-nvidia >libnvidia-cfg1 libnvidia-eglcore libnvidia-glcore >libnvidia-ml1 libopengl0-glvnd-nvidia nvidia-alternative >nvidia-driver nvidia-driver-bin nvidia-driver-libs nvidia-kernel-dkms >nvidia-kernel-support nvidia-vdpau-driver nvidia-vulkan-icd >xserver-xorg-video-nvidia > 23 upgraded, 7 newly installed, 2 to remove and 0 not upgraded. That looks like expected. It's a bit unfortunate, but the new upstream release requires several new/renamed/removed packages. Hopefully this was the last big nvidia-driver change needed in stable, switching to 390.xx for the next CVE should be more smooth (and then we will finally have reached a new legacy branch that has a longer support frame upstream). > I shouldn't have to disable the backports sources for `apt-get > dist-upgrade` to work correctly. That can't be solved differently in this case (unless we make the backported packages use mesa from stretch (and *not* backports) again, preventing installation of several backports requiring the newer mesa). I couldn't get a working setup supporting both mesa versions (due to the libglvnd switch), any invalid mixture of packages results in the backported driver not working in stable-backports at all. Andreas
Processed: Re: Bug#903770: nvidia-graphics-drivers: Cannot be upgraded in stretch 9.5 without removing several GNOME & KDE packages
Processing control commands: > tag -1 stretch wontfix Bug #903770 [src:nvidia-graphics-drivers] nvidia-graphics-drivers: Cannot be upgraded in stretch 9.5 without removing several GNOME & KDE packages Added tag(s) wontfix and stretch. > retitle -1 nvidia-graphics-drivers: Cannot be upgraded in stretch 9.5 with > stretch-backports enabled (wants to remove several GNOME & KDE packages) Bug #903770 [src:nvidia-graphics-drivers] nvidia-graphics-drivers: Cannot be upgraded in stretch 9.5 without removing several GNOME & KDE packages Changed Bug title to 'nvidia-graphics-drivers: Cannot be upgraded in stretch 9.5 with stretch-backports enabled (wants to remove several GNOME & KDE packages)' from 'nvidia-graphics-drivers: Cannot be upgraded in stretch 9.5 without removing several GNOME & KDE packages'. -- 903770: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903770 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#903770: nvidia-graphics-drivers: Cannot be upgraded in stretch 9.5 without removing several GNOME & KDE packages
On 07/14/2018 05:19 PM, Andreas Beckmann wrote: > On 2018-07-14 17:04, Bas Couwenberg wrote: >> The nvidia-driver packages cannot be updated as part of the stretch 9.5 >> stable update without removing several GNOME & KDE packages: > >> The following NEW packages will be installed: >>libgl1 libgl1:i386 libgl1-nvidia-glx libglvnd0 libglvnd0:i386 >> libglx-nvidia0:i386 libglx0 libglx0:i386 libnvidia-glcore:i386 > > Most of these packages are from stretch-backports, so you are not > upgrading a clean stretch system ... They are from stretch-backports because of the apt resolver, the only backports installed on that system are josm, qgis & libsfcgal1. > And the nvidia packages in stretch-backports now require mesa+libglvnd > from stretch-backports. But I don't want the backport. Disabling stretch-backports sources gives better results: The following packages will be REMOVED: libegl1-nvidia libgldispatch0-nvidia The following NEW packages will be installed: libegl1-glvnd-nvidia libglvnd0-nvidia libnvidia-egl-wayland1 nvidia-egl-common nvidia-egl-icd nvidia-egl-wayland-common nvidia-egl-wayland-icd The following packages will be upgraded: libegl-nvidia0 libgl1-glvnd-nvidia-glx libgl1-nvidia-glvnd-glx libgles-nvidia1 libgles-nvidia2 libgles1-glvnd-nvidia libgles2-glvnd-nvidia libglx-nvidia0 libglx0-glvnd-nvidia libnvidia-cfg1 libnvidia-eglcore libnvidia-glcore libnvidia-ml1 libopengl0-glvnd-nvidia nvidia-alternative nvidia-driver nvidia-driver-bin nvidia-driver-libs nvidia-kernel-dkms nvidia-kernel-support nvidia-vdpau-driver nvidia-vulkan-icd xserver-xorg-video-nvidia 23 upgraded, 7 newly installed, 2 to remove and 0 not upgraded. I shouldn't have to disable the backports sources for `apt-get dist-upgrade` to work correctly. Kind Regards, Bas
Bug#903770: nvidia-graphics-drivers: Cannot be upgraded in stretch 9.5 without removing several GNOME & KDE packages
On 2018-07-14 17:04, Bas Couwenberg wrote: > The nvidia-driver packages cannot be updated as part of the stretch 9.5 > stable update without removing several GNOME & KDE packages: > The following NEW packages will be installed: >libgl1 libgl1:i386 libgl1-nvidia-glx libglvnd0 libglvnd0:i386 > libglx-nvidia0:i386 libglx0 libglx0:i386 libnvidia-glcore:i386 Most of these packages are from stretch-backports, so you are not upgrading a clean stretch system ... And the nvidia packages in stretch-backports now require mesa+libglvnd from stretch-backports. Andreas
Processed: affects 903770
Processing commands for cont...@bugs.debian.org: > affects 903770 + release.debian.org Bug #903770 [src:nvidia-graphics-drivers] nvidia-graphics-drivers: Cannot be upgraded in stretch 9.5 without removing several GNOME & KDE packages Added indication that 903770 affects release.debian.org > thanks Stopping processing here. Please contact me if you need assistance. -- 903770: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903770 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#903770: nvidia-graphics-drivers: Cannot be upgraded in stretch 9.5 without removing several GNOME & KDE packages
Source: nvidia-graphics-drivers Version: 384.130-1 Severity: serious Justification: makes the package in question unusable or mostly so Dear Maintainer, The nvidia-driver packages cannot be updated as part of the stretch 9.5 stable update without removing several GNOME & KDE packages: The following packages were automatically installed and are no longer required: analitza-common apg avogadro-data bluez breeze breeze-cursor-theme breeze-icon-theme cheese-common cracklib-runtime crda cups-pk-helper dleyna-server dns-root-data dnsmasq-base folks-common fonts-hack-ttf fonts-oxygen frameworkintegration gir1.2-evince-3.0 gir1.2-gst-plugins-base-1.0 gir1.2-gstreamer-1.0 gir1.2-gtksource-3.0 gir1.2-javascriptcoregtk-4.0 gir1.2-webkit2-4.0 gnome-bluetooth gnome-control-center-data gnome-online-accounts gnome-user-share gstreamer1.0-libav gtk3-engines-breeze ieee-data iputils-arping iw kaccounts-providers kalzium-data kate5-data kde-cli-tools kde-cli-tools-data kde-config-gtk-style kde-config-sddm kde-style-breeze kde-style-breeze-qt4 kde-style-oxygen-qt5 kde-style-qtcurve-qt4 kde-style-qtcurve-qt5 kded5 khotkeys khotkeys-data kmenuedit ksysguard ksysguard-data ksysguardd kwin-style-breeze kwrited libaccounts-glib0 libaccounts-qt5-1 libanalitzaplot7 libanalitzawidgets7 libapache2-mod-dnssd libappstreamqt2 libavfilter6 libclutter-1.0-common libcogl-common libcolord-gtk1 libcrack2 libcryptui0a libdee-1.0-4 libdleyna-connector-dbus-1.0-1 libdleyna-core-1.0-3 libebur128-1 libedataserverui-1.2-1 libegl-nvidia0 libegl1-nvidia libevdocument3-4 libevview3-3 libfakekey0 libfolks-eds25 libfolks-telepathy25 libfolks25 libgadu3 libgles-nvidia1 libgles-nvidia2 libgles1-glvnd-nvidia libgles2-glvnd-nvidia libgnome-autoar-gtk-0-0 libgoa-backend-1.0-1 libgrilo-0.3-0 libgssdp-1.0-3 libgtksourceview-3.0-1 libgtksourceview-3.0-common libgtkspell3-3-0 libgupnp-1.0-4 libgupnp-av-1.0-2 libgupnp-dlna-2.0-3 libgxps2 libkaccounts1 libkf5activitiesstats1 libkf5bluezqt-data libkf5bluezqt6 libkf5calendarevents5 libkf5jsembed-data libkf5jsembed5 libkf5modemmanagerqt6 libkf5networkmanagerqt6 libkf5people-data libkf5people5 libkf5peoplebackend5 libkf5peoplewidgets5 libkf5plasmaquick5 libkf5purpose-bin libkf5purpose5 libkf5style5 libkf5su-bin libkf5su-data libkf5su5 libkf5sysguard-bin libkf5sysguard-data libkfontinst5 libkfontinstui5 libkopete4 libksgrd7 libksignalplotter7 libkworkspace5-5 libmeanwhile1 libmediaart-2.0-0 libmusicbrainz5-2 libndp0 libnma0 libnss-myhostname libnvidia-cfg1 libnvidia-eglcore libopenbabel4v5 libopenconnect5 libopengl0-glvnd-nvidia libortp9 libotr5 liboxygenstyle5-5 liboxygenstyleconfig5-5 libpgm-5.2-0 libplasma-geolocation-interface5 libpoppler-glib8 libpowerdevilcore2 libpowerdevilui5 libprocesscore7 libprocessui7 libprotobuf-c1 libpst4 libpwquality-common libpwquality1 libpython3.5 libqca2-plugin-ossl libqt5clucene5 libqt5concurrent5 libqt5designer5 libqt5designercomponents5 libqt5help5 libqtcurve-utils2 librubberband2 librygel-core-2.6-2 librygel-db-2.6-2 librygel-renderer-2.6-2 librygel-server-2.6-2 libscim8v5 libsignon-plugins-common1 libsignon-qt5-1 libsodium18 libstoken1 libtaskmanager6 libteamdctl0 libtomcrypt0 libtommath1 libuv1 libvulkan1 libweather-ion7 libxcb-dpms0 libxcb-glx0:i386 libxcb-record0 libxdamage1:i386 libytnef0 libzeitgeist-2.0-0 libzmq5 mobile-broadband-provider-info mousetweaks network-manager network-manager-gnome nodejs nvidia-driver-bin nvidia-persistenced oxygen-sounds plasma-desktop-data plasma-discover-common plasma-integration powerdevil powerdevil-data pulseaudio-module-bluetooth pulseaudio-module-gconf python-zeitgeist python3-pyqt5 python3-sip qdbus-qt5 qml-module-org-kde-activities qml-module-org-kde-analitza qml-module-org-kde-bluezqt qml-module-org-kde-draganddrop qml-module-org-kde-extensionplugin qml-module-org-kde-kcoreaddons qml-module-org-kde-kholidays qml-module-org-kde-kio qml-module-org-kde-kquickcontrols qml-module-org-kde-kwindowsystem qml-module-org-kde-purpose qml-module-org-kde-solid qml-module-qt-labs-folderlistmodel qml-module-qt-labs-settings qml-module-qtquick-controls-styles-breeze qml-module-qtquick-dialogs qml-module-qtquick-privatewidgets qttools5-dev-tools realmd rygel seahorse seahorse-daemon signon-plugin-oauth2 sni-qt software-properties-kde sshfs systemsettings user-manager wireless-regdb zeitgeist zeitgeist-core zeitgeist-datahub Use 'apt autoremove' to remove them. The following packages will be REMOVED: bluedevil evolution evolution-plugins gir1.2-clutter-1.0 gir1.2-clutter-gst-1.0 gir1.2-clutter-gst-3.0 gir1.2-cogl-1.0 gir1.2-coglpango-1.0 gir1.2-gtkclutter-1.0 gnome-contacts gnome-control-center gnome-sushi gstreamer1.0-clutter-3.0 kalgebra kalgebra-common kalzium kate kde kde-full kde-plasma-desktop kde-standard kdeconnect kdeedu kdemultimedia kdenetwork kinfocenter kopete kscreen libavogadro1 libchamplain-0.12-0 libchamplain-gtk-
Bug#900533: chromium 67.0.3396.62-1: youtube video, gif's, html5, and movies no longer work
I can confirm this bug in stable security. It needs to be reopened. Applying the patch mentioned by Jiri Palece ( https://salsa.debian.org/chromium-team/chromium/commit/402b98bb1079079a788696650e0a922b1e16bed8 ) Fixes the issue for me. So I advise to rebuild chromium with it. I built this package for Neptune so our users don't have a broken browser for too long. Greetings Leszek Lesner -- ZevenOS / Neptune Team http://www.zevenos.com / http://www.neptuneos.com Leszek Lesner
Bug#903655: marked as done (libopenmpi-dev: undefined symbol: OPAL_MCA_PMIX2X_PMIx_Get_version)
Your message dated Sat, 14 Jul 2018 13:35:47 + with message-id and subject line Bug#903655: fixed in openmpi 3.1.1.real-3 has caused the Debian Bug report #903655, regarding libopenmpi-dev: undefined symbol: OPAL_MCA_PMIX2X_PMIx_Get_version to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 903655: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903655 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libopenmpi-dev Version: 3.1.1.real-2 Severity: grave Justification: renders package unusable Did something get missed in 3.1.1.real-2? It still depends on libpmix2 (e.g. /usr/lib/x86_64-linux-gnu/openmpi/lib/openmpi3/mca_pmix_pmix2x.so), and petsc tests fail, reporting: cd src/snes/examples/tutorials >/dev/null; /usr/bin/make --no-print-directory PETSC_ARCH=x86_64-linux-gnu-real-debug PETSC_DIR=/home/drew/projects/petsc/build/petsc testex19 Possible error running C/C++ src/snes/examples/tutorials/ex19 with 1 MPI process See http://www.mcs.anl.gov/petsc/documentation/faq.html [grendel:25623] mca_base_component_repository_open: unable to open mca_pmix_pmix2x: /usr/lib/x86_64-linux-gnu/openmpi/lib/openmpi3/mca_pmix_pmix2x.so: undefined symbol: OPAL_MCA_PMIX2X_PMIx_Get_version (ignored) [grendel:25623] [[7790,0],0] ORTE_ERROR_LOG: Not found in file ess_hnp_module.c at line 325 -- It looks like orte_init failed for some reason; your parallel process is likely to abort. There are many reasons that a parallel process can fail during orte_init; some of which are due to configuration or environment problems. This failure appears to be an internal failure; here's some additional information (which may only be relevant to an Open MPI developer): opal_pmix_base_select failed --> Returned value Not found (-13) instead of ORTE_SUCCESS -- -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.16.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE=en_AU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages libopenmpi-dev depends on: ii libc62.27-4 ii libevent-2.1-6 2.1.8-stable-4 ii libevent-pthreads-2.1-6 2.1.8-stable-4 ii libhwloc-dev 1.11.10-2 ii libhwloc51.11.10-2 ii libibverbs-dev 19.0-1 ii libopenmpi3 3.1.1.real-2 ii openmpi-bin 3.1.1.real-2 ii openmpi-common 3.1.1.real-2 libopenmpi-dev recommends no packages. Versions of packages libopenmpi-dev suggests: pn openmpi-doc -- no debconf information --- End Message --- --- Begin Message --- Source: openmpi Source-Version: 3.1.1.real-3 We believe that the bug you reported is fixed in the latest version of openmpi, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 903...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Alastair McKinstry (supplier of updated openmpi package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 14 Jul 2018 13:47:37 +0100 Source: openmpi Binary: openmpi-bin libopenmpi-dev libopenmpi3 openmpi-common openmpi-doc Architecture: source amd64 all Version: 3.1.1.real-3 Distribution: unstable Urgency: medium Maintainer: Alastair McKinstry Changed-By: Alastair McKinstry Description: libopenmpi-dev - high performance message passing library -- header files libopenmpi3 - high performance message passing library -- shared library openmpi-bin - high performance message passing library -- binaries openmpi-common - high performance message passing library -- common files openmpi-doc - high performance message passing library -- man pages Closes: 903492 903549 903561 903655 Changes: openmpi (3.1.1.real-3) unstable; urgency=medium . * Patch ext2x to use pmix 3.0 Clos
Bug#903492: marked as done (Runtime error "PMIX-XFER-VALUE: UNSUPPORTED TYPE 28016")
Your message dated Sat, 14 Jul 2018 13:35:47 + with message-id and subject line Bug#903492: fixed in openmpi 3.1.1.real-3 has caused the Debian Bug report #903492, regarding Runtime error "PMIX-XFER-VALUE: UNSUPPORTED TYPE 28016" to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 903492: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903492 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: openmpi Version: 3.1.1.real-1 Severity: serious Dear maintainer, it looks like the version 3.1.1.real-1 introduces the regression in autopkgtest. We are preparing some set of autopkgtests for the boost libraries (not in the package yet) [1]. And the MPI-autopkgtests are failing, when they are built against 3.1.1.real-1 [2]: === build: OK [runner-103358cc-project-28133-concurrent-0:04241] PMIX-XFER-VALUE: UNSUPPORTED TYPE 28016 [runner-103358cc-project-28133-concurrent-0:04241] PMIX ERROR: ERROR in file ../../../src/server/pmix_server.c at line 332 ERROR: Job failed: exit code 1 === The compiled code is here [3] and the run-command is the following: mpirun --oversubscribe --allow-run-as-root -np 8 ./demo1 It compiles just fine in the Debian Buster against the version 3.1.0-7 [4]. [1] https://salsa.debian.org/gladk/boost/pipelines [2] https://salsa.debian.org/gladk/boost/-/jobs/30504 [3] https://salsa.debian.org/gladk/boost/blob/master/debian/tests/srcs/graph-parallel/demo1.cpp [4] https://salsa.debian.org/gladk/boost/-/jobs/30510 Thanks, Anton --- End Message --- --- Begin Message --- Source: openmpi Source-Version: 3.1.1.real-3 We believe that the bug you reported is fixed in the latest version of openmpi, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 903...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Alastair McKinstry (supplier of updated openmpi package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 14 Jul 2018 13:47:37 +0100 Source: openmpi Binary: openmpi-bin libopenmpi-dev libopenmpi3 openmpi-common openmpi-doc Architecture: source amd64 all Version: 3.1.1.real-3 Distribution: unstable Urgency: medium Maintainer: Alastair McKinstry Changed-By: Alastair McKinstry Description: libopenmpi-dev - high performance message passing library -- header files libopenmpi3 - high performance message passing library -- shared library openmpi-bin - high performance message passing library -- binaries openmpi-common - high performance message passing library -- common files openmpi-doc - high performance message passing library -- man pages Closes: 903492 903549 903561 903655 Changes: openmpi (3.1.1.real-3) unstable; urgency=medium . * Patch ext2x to use pmix 3.0 Closes: #903561, #903492, #903549, #903655 * Fix broken symlinks for libmpi_usempif08 Checksums-Sha1: b37609f5a55288a7ab3c2dfe270b3fb8cde46c30 2715 openmpi_3.1.1.real-3.dsc 8e008002b8a825bf7af29ddf6b349606da65269c 62240 openmpi_3.1.1.real-3.debian.tar.xz 657750c27d9fd3245e8e5da6ae6a6b3cbdf154b9 13032 libopenmpi-dev-dbgsym_3.1.1.real-3_amd64.deb 3aa9ede2e79cf82ace78bc3f77de47295da212ec 945544 libopenmpi-dev_3.1.1.real-3_amd64.deb 171652ac36f626aa0d432d9c56daeebdf681c4c3 28757664 libopenmpi3-dbgsym_3.1.1.real-3_amd64.deb e5fc0b735a5f32beda50269940188a99c7123754 2172716 libopenmpi3_3.1.1.real-3_amd64.deb 4073817f9235a035c92e1adecfce97a08dc8251d 207692 openmpi-bin-dbgsym_3.1.1.real-3_amd64.deb 735805ad5130c760bb87c6df133fc371443c46d7 196092 openmpi-bin_3.1.1.real-3_amd64.deb db1e6c547c866a4893221e9863aad81c7eddccd1 160996 openmpi-common_3.1.1.real-3_amd64.deb 4fe63d10a667961b751847d4636ffd7a6df3a6df 758036 openmpi-doc_3.1.1.real-3_all.deb 7fdea95c0d1f58c72ab27cfafee21b228840df45 13683 openmpi_3.1.1.real-3_amd64.buildinfo Checksums-Sha256: da0eb34ea10f1de49639cd2d3d46262f3c3e685e0dc5dbc29a385111d004e2ed 2715 openmpi_3.1.1.real-3.dsc a8eff5893a9e8471729fafb08a6c52ff7baff730291b8a2197f0f88685fd5a49 62240 openmpi_3.1.1.real-3.debian.tar.xz bad5e93d4fc38dc2504df7eff1a3264f31fcc5c4ed1e570749ce804b3014e751 13032 libopenmpi-dev-dbgsym_3.1.1.real-3_amd64.deb 53f9abf435182ba324a76
Bug#903561: marked as done (pmix 3.0.0 makes openmpi (and subsequent dependencies) unusable)
Your message dated Sat, 14 Jul 2018 13:35:47 + with message-id and subject line Bug#903561: fixed in openmpi 3.1.1.real-3 has caused the Debian Bug report #903561, regarding pmix 3.0.0 makes openmpi (and subsequent dependencies) unusable to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 903561: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903561 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: pmix Version: 3.0.0-1 Severity: grave Justification: renders package unusable pmix 3.0.0 is (or appears to be) incompatible with openmpi 3.1.1. This bug is to block its passage to testing (2.1.2rc1 works ok). The upcoming point release of openmpi (3.1.2) contains an internal release of pmix 2.1.2; when it is released, openmpi will be built with this internal pmix until openmpi compatability with pmix 3.0.0 is included. -- System Information: Debian Release: 9.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 4.9.0-6-686-pae (SMP w/1 CPU core) Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_IE.UTF-8), LANGUAGE=en_IE.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_IE.UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) --- End Message --- --- Begin Message --- Source: openmpi Source-Version: 3.1.1.real-3 We believe that the bug you reported is fixed in the latest version of openmpi, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 903...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Alastair McKinstry (supplier of updated openmpi package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 14 Jul 2018 13:47:37 +0100 Source: openmpi Binary: openmpi-bin libopenmpi-dev libopenmpi3 openmpi-common openmpi-doc Architecture: source amd64 all Version: 3.1.1.real-3 Distribution: unstable Urgency: medium Maintainer: Alastair McKinstry Changed-By: Alastair McKinstry Description: libopenmpi-dev - high performance message passing library -- header files libopenmpi3 - high performance message passing library -- shared library openmpi-bin - high performance message passing library -- binaries openmpi-common - high performance message passing library -- common files openmpi-doc - high performance message passing library -- man pages Closes: 903492 903549 903561 903655 Changes: openmpi (3.1.1.real-3) unstable; urgency=medium . * Patch ext2x to use pmix 3.0 Closes: #903561, #903492, #903549, #903655 * Fix broken symlinks for libmpi_usempif08 Checksums-Sha1: b37609f5a55288a7ab3c2dfe270b3fb8cde46c30 2715 openmpi_3.1.1.real-3.dsc 8e008002b8a825bf7af29ddf6b349606da65269c 62240 openmpi_3.1.1.real-3.debian.tar.xz 657750c27d9fd3245e8e5da6ae6a6b3cbdf154b9 13032 libopenmpi-dev-dbgsym_3.1.1.real-3_amd64.deb 3aa9ede2e79cf82ace78bc3f77de47295da212ec 945544 libopenmpi-dev_3.1.1.real-3_amd64.deb 171652ac36f626aa0d432d9c56daeebdf681c4c3 28757664 libopenmpi3-dbgsym_3.1.1.real-3_amd64.deb e5fc0b735a5f32beda50269940188a99c7123754 2172716 libopenmpi3_3.1.1.real-3_amd64.deb 4073817f9235a035c92e1adecfce97a08dc8251d 207692 openmpi-bin-dbgsym_3.1.1.real-3_amd64.deb 735805ad5130c760bb87c6df133fc371443c46d7 196092 openmpi-bin_3.1.1.real-3_amd64.deb db1e6c547c866a4893221e9863aad81c7eddccd1 160996 openmpi-common_3.1.1.real-3_amd64.deb 4fe63d10a667961b751847d4636ffd7a6df3a6df 758036 openmpi-doc_3.1.1.real-3_all.deb 7fdea95c0d1f58c72ab27cfafee21b228840df45 13683 openmpi_3.1.1.real-3_amd64.buildinfo Checksums-Sha256: da0eb34ea10f1de49639cd2d3d46262f3c3e685e0dc5dbc29a385111d004e2ed 2715 openmpi_3.1.1.real-3.dsc a8eff5893a9e8471729fafb08a6c52ff7baff730291b8a2197f0f88685fd5a49 62240 openmpi_3.1.1.real-3.debian.tar.xz bad5e93d4fc38dc2504df7eff1a3264f31fcc5c4ed1e570749ce804b3014e751 13032 libopenmpi-dev-dbgsym_3.1.1.real-3_amd64.deb 53f9abf435182ba324a761bc36616070007c49d41fc149a505c483f133f1c360 945544 libopenmpi-dev_3.1.1.real-3_amd64.deb 9c0fb4f3f6147dc89b7940c17758fd40bd8453f5ce4a0a8116f4f7b8c0efafaf 28757664 libopenmpi3-dbgsym_3.1.1.real-
Bug#903530: marked as done (pyresample FTBFS with Python 3.7 as supported version)
Your message dated Sat, 14 Jul 2018 13:36:04 + with message-id and subject line Bug#903530: fixed in pyresample 1.10.1-1 has caused the Debian Bug report #903530, regarding pyresample FTBFS with Python 3.7 as supported version to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 903530: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903530 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: pyresample Version: 1.9.3-2 Severity: serious Tags: ftbfs https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/pyresample.html ... creating build/temp.linux-amd64-3.7 creating build/temp.linux-amd64-3.7/pyresample creating build/temp.linux-amd64-3.7/pyresample/ewa x86_64-linux-gnu-gcc -pthread -DNDEBUG -g -fwrapv -O2 -Wall -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -fPIC -I/usr/include/python3.7m -I/usr/lib/python3/dist-packages/numpy/core/include -c pyresample/ewa/_ll2cr.c -o build/temp.linux-amd64-3.7/pyresample/ewa/_ll2cr.o -O3 -Wno-unused-function In file included from /usr/include/python3.7m/numpy/ndarraytypes.h:1816:0, from /usr/include/python3.7m/numpy/ndarrayobject.h:18, from /usr/include/python3.7m/numpy/arrayobject.h:4, from pyresample/ewa/_ll2cr.c:279: /usr/include/python3.7m/numpy/npy_1_7_deprecated_api.h:15:2: warning: #warning "Using deprecated NumPy API, disable it by " "#defining NPY_NO_DEPRECATED_API NPY_1_7_API_VERSION" [-Wcpp] #warning "Using deprecated NumPy API, disable it by " \ ^~~ pyresample/ewa/_ll2cr.c: In function '__Pyx__ExceptionSave': pyresample/ewa/_ll2cr.c:22410:21: error: 'PyThreadState {aka struct _ts}' has no member named 'exc_type'; did you mean 'curexc_type'? *type = tstate->exc_type; ^~~~ curexc_type pyresample/ewa/_ll2cr.c:22411:22: error: 'PyThreadState {aka struct _ts}' has no member named 'exc_value'; did you mean 'curexc_value'? *value = tstate->exc_value; ^ curexc_value pyresample/ewa/_ll2cr.c:22412:19: error: 'PyThreadState {aka struct _ts}' has no member named 'exc_traceback'; did you mean 'curexc_traceback'? *tb = tstate->exc_traceback; ^ curexc_traceback ... --- End Message --- --- Begin Message --- Source: pyresample Source-Version: 1.10.1-1 We believe that the bug you reported is fixed in the latest version of pyresample, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 903...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Antonio Valentino (supplier of updated pyresample package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 14 Jul 2018 11:50:40 + Source: pyresample Binary: python-pyresample python3-pyresample python-pyresample-doc python-pyresample-test Architecture: source amd64 all Version: 1.10.1-1 Distribution: unstable Urgency: medium Maintainer: Debian GIS Project Changed-By: Antonio Valentino Description: python-pyresample - Resampling of remote sensing data in Python 2 python-pyresample-doc - Resampling of remote sensing data in Python (documentation) python-pyresample-test - Resampling of remote sensing data in Python (test suite) python3-pyresample - Resampling of remote sensing data in Python 3 Closes: 903530 Changes: pyresample (1.10.1-1) unstable; urgency=medium . [ Bas Couwenberg ] * Bump Standards-Version to 4.1.5, no changes. . [ Antonio Valentino ] * New upstream release. * debian/control - require pykdtree >= 1.3.1. * debian/patches - drop test_spherical.patch, applied upstrem. - refresh remaining patches. - new 0003-Skip-TestXArrayResamplerNN-if-dask-is-not-available.patch: skip tests requiring dask if dask is not available. - new 0004-Regenerate-cython-extensions.patch Fixes a FTBFS with Python 3.7 (Closes: #903530). - New debian/patches/0005-Fix-StopIteration-handling.patch. Fix StopIteration handling for compatibility with Python 3.7 and PEP
Bug#903713: plasma-browser-integration: "This_file_is_part_of_KDE" in debian/copyright?
Maximiliano Curia ha scritto: ¡Hola Luigi! El 2018-07-14 a las 10:37 +0100, Chris Lamb escribió: My interpretation of this is that the intention is to assign the copyright to the kde project, although it's not a hundred percent clear. I should have been clearer, sorry — I understand you are going with whatever the file says but I am requesting that you make this clearer, perhaps by getting a statement from upstream or similar. "This_file_is_part_of_KDE" is really not suitable as an author, whatever the file says, after all. Chris raised the issue of the po files distributed by kde containing some (not very clear) template parts, in particular the copyright assignments to This_file_is_part_of_KDE. I'm not sure that's a copyright assignment. Usually we have the FLA for that: https://ev.kde.org/rules/fla.php I suspect that it was a replacement of the standard copyright assignation to the FSF which was there in the early days but it really did not fit. I tracked it back to this change, from 2006 (the string was later changed to used underscores instead of spaces): https://websvn.kde.org/?view=revision&revision=505466 The message is probably incorrect (without copyright is all reserved, not public domain) but it has been like that for a while. I'm not sure I'm allowed to decide if it's a copyright assignment or not. I'm probably going to ask the board of the KDE e.V., as it is a legal question. I added Albert Astal Cid, who is and has been in charge of in the i18n team more than me, he was part of the board in the past, and maybe we can discuss what to do. With your kde i18n team hat on, would you consider it feasible to replace these strings with something clearer? If the intention is for the translators to assign the copyright to kde it should be assigned to KDE.e.V, if the intention is for each translator to keep the copyright assignment the This_file_is_part_of_KDE part of the template needs to be updated to say AUTHOR . The first case should be "scriptable" the second case, would need to manually modifying each po file that contains the "This_file_is_part_of_KDE" text. As I said, I don't think it's the first case, but I can ask to the e.V. If it's going to be the second case, I don't think that's practical when the list of authors is still in the file. Shouldn't a string like Copyright (C) the respective authors (see below) work? Or something more legally fitting. Finally, a request: please lower the severity of this bug. It's not a regression, and I would assume good faith on something that has been the same for the past 10+ years, without having a "serious" bug in the middle. Ciao -- Luigi
Bug#895406: marked as done (libopenmpt: CVE-2018-10017)
Your message dated Sat, 14 Jul 2018 13:02:32 + with message-id and subject line Bug#895406: fixed in libopenmpt 0.2.7386~beta20.3-3+deb9u3 has caused the Debian Bug report #895406, regarding libopenmpt: CVE-2018-10017 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 895406: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895406 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: libopenmpt Version: 0.2.7025~beta20.1-1 Severity: grave Tags: security upstream fixed-upstream Hi, libopenmpt 0.3.8 was released with a security update. I requested a CVE and got CVE-2018-10017 assigned for it (the "[Sec]" line in the changelog). https://lib.openmpt.org/libopenmpt/2018/04/08/security-updates-0.3.8-0.2-beta31-0.2.7561-beta20.5-p8-0.2.7386-beta20.3-p11/ > libopenmpt 0.3.8 (2018-04-08) > [Sec] Possible out-of-bounds memory read with IT and MO3 files containing > many nested pattern loops (r10028). > > Keep track of active SFx macro during seeking. > The “note cut” duplicate note action did not volume-ramp the previously > playing sample. > A song starting with non-existing patterns could not be played. > DSM: Support restart position and 16-bit samples. > DTM: Import global volume. Thanks, James signature.asc Description: OpenPGP digital signature --- End Message --- --- Begin Message --- Source: libopenmpt Source-Version: 0.2.7386~beta20.3-3+deb9u3 We believe that the bug you reported is fixed in the latest version of libopenmpt, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 895...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. James Cowgill (supplier of updated libopenmpt package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 12 Apr 2018 10:14:53 +0100 Source: libopenmpt Binary: openmpt123 libopenmpt0 libopenmpt-dev libopenmpt-doc libopenmpt-modplug1 libopenmpt-modplug-dev Architecture: source Version: 0.2.7386~beta20.3-3+deb9u3 Distribution: stretch Urgency: medium Maintainer: Debian Multimedia Maintainers Changed-By: James Cowgill Description: libopenmpt-dev - module music library based on OpenMPT -- development files libopenmpt-doc - module music library based on OpenMPT -- documentation libopenmpt-modplug-dev - module music library based on OpenMPT -- modplug compat developme libopenmpt-modplug1 - module music library based on OpenMPT -- modplug compat library libopenmpt0 - module music library based on OpenMPT -- shared library openmpt123 - module music library based on OpenMPT -- music player Closes: 895406 Changes: libopenmpt (0.2.7386~beta20.3-3+deb9u3) stretch; urgency=medium . * Add patch to fix CVE-2018-10017 (Closes: #895406). - up11: Out-of-bounds read loading IT / MO3 files with many pattern loops. Checksums-Sha1: d18da24ce6efd21d712f1612d88295c8cdbd9a6f 2721 libopenmpt_0.2.7386~beta20.3-3+deb9u3.dsc e60257c13f93262cbb8ed98a8c850f84796b5d41 15604 libopenmpt_0.2.7386~beta20.3-3+deb9u3.debian.tar.xz 59acc0af77d8313e1731c3607edc65932cc83fe3 7620 libopenmpt_0.2.7386~beta20.3-3+deb9u3_source.buildinfo Checksums-Sha256: cd48ba2b9e319687195402e7579b520507941589ac056cce8ebab37c81db93d1 2721 libopenmpt_0.2.7386~beta20.3-3+deb9u3.dsc 288a50918943329406f9d605f8f479e7ca102d9bc6a7e1be88ff0fbab6b38630 15604 libopenmpt_0.2.7386~beta20.3-3+deb9u3.debian.tar.xz 292918421a6f6cdeddf0e32a8e1fc63c67076886a5e25e9b683ed894fd5d1d57 7620 libopenmpt_0.2.7386~beta20.3-3+deb9u3_source.buildinfo Files: a11c9cdd220dbc4d72f5bad1fb632ed2 2721 libs optional libopenmpt_0.2.7386~beta20.3-3+deb9u3.dsc 846923fa9697b7a8ee961f4553b35f9f 15604 libs optional libopenmpt_0.2.7386~beta20.3-3+deb9u3.debian.tar.xz 159c721b0b0c61745f04ff004ee3ec66 7620 libs optional libopenmpt_0.2.7386~beta20.3-3+deb9u3_source.buildinfo -BEGIN PGP SIGNATURE- iQJIBAEBCgAyFiEE+Ixt5DaZ6POztUwQx/FnbeotAe8FAltCgH0UHGpjb3dnaWxs QGRlYmlhbi5vcmcACgkQx/FnbeotAe+s+A//cc3hJ4oh0HGlSILv3fXnxYczvJkc L3mqk3A8y1CLwE8qF4PCu7E0zBk+/IDISGC3zN8Db4A6ctz9ATRTz9LJh31+2rEe YP9ip2V74EPMzvyYow7w62+A9KnfZ4YfWZOo/A5oCbrIu8Nn+Mojxfne8/QvcqbC eb7bx1WlWB0DMySzlv+48ve/SK6ebv058QHXmMKaOaCM0a139DMdYctQRxhR6t8H L
Bug#901913: marked as done (CVE-2018-3760)
Your message dated Sat, 14 Jul 2018 13:02:33 + with message-id and subject line Bug#901913: fixed in ruby-sprockets 3.7.0-1+deb9u1 has caused the Debian Bug report #901913, regarding CVE-2018-3760 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 901913: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901913 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: ruby-sprockets Severity: grave Tags: security Hi, please see http://www.openwall.com/lists/oss-security/2018/06/19/2 Cheers, Moritz --- End Message --- --- Begin Message --- Source: ruby-sprockets Source-Version: 3.7.0-1+deb9u1 We believe that the bug you reported is fixed in the latest version of ruby-sprockets, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 901...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso (supplier of updated ruby-sprockets package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 05 Jul 2018 23:29:49 +0200 Source: ruby-sprockets Binary: ruby-sprockets Architecture: source Version: 3.7.0-1+deb9u1 Distribution: stretch-security Urgency: high Maintainer: Debian Ruby Extras Maintainers Changed-By: Salvatore Bonaccorso Closes: 901913 Description: ruby-sprockets - Rack-based asset packaging system Changes: ruby-sprockets (3.7.0-1+deb9u1) stretch-security; urgency=high . * Non-maintainer upload by the Security Team. * Do not respond to http requests asking for a `file://` (CVE-2018-3760) (Closes: #901913) Checksums-Sha1: cb8d8d5abd67cad9d0601e982a5f9864205fa192 2344 ruby-sprockets_3.7.0-1+deb9u1.dsc 9ad7b23911ddb9860376036afd39cbdd921e74fe 70453 ruby-sprockets_3.7.0.orig.tar.gz d9cdb0b35f5aa8d7c8997b0d6327cc5eab95ffad 4376 ruby-sprockets_3.7.0-1+deb9u1.debian.tar.xz fcedef4b5a3f62c498ebde3afb91292ce410c88e 5752 ruby-sprockets_3.7.0-1+deb9u1_source.buildinfo Checksums-Sha256: d14463e1e23261fb10613e96928b2a76b55eeac6c9fdea40c4c2696c5098f3b2 2344 ruby-sprockets_3.7.0-1+deb9u1.dsc 6add73c1003196ecdd762e54230f63ca78fab26919ae7ed1170e9cb84bb506ed 70453 ruby-sprockets_3.7.0.orig.tar.gz 50d280eab840bd837b1c7fe6af312b63e5978d9f48fb97633edf7fb5af8f9488 4376 ruby-sprockets_3.7.0-1+deb9u1.debian.tar.xz 61f35971e26f3c3886781d571d5833defdc96a34b45ce7b2f894500ab4d82984 5752 ruby-sprockets_3.7.0-1+deb9u1_source.buildinfo Files: 79bab0e80ae75ff456a26b81d016ace9 2344 ruby optional ruby-sprockets_3.7.0-1+deb9u1.dsc 461c7ff4b50b6136c914056fa459af39 70453 ruby optional ruby-sprockets_3.7.0.orig.tar.gz e1846ed8d432132c9e42e4a46b81bf81 4376 ruby optional ruby-sprockets_3.7.0-1+deb9u1.debian.tar.xz 5edcea919cee8a99dc3eb53c5a94833e 5752 ruby optional ruby-sprockets_3.7.0-1+deb9u1_source.buildinfo -BEGIN PGP SIGNATURE- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAltB0lNfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EfOAP/16M2jXPkDwlXxGh86+z7NRQ8SqZItqW XsK6SpOnxLPRgYPn1ZDGNfub+ryOpJLvUBMtiYREN7IMidTOWOXoL78YtKGz73K4 gLmEkmfQ+vY0tl4PmFuWr0O+MIueizhP2P77AKGWdpZEvwwLx7y3DVEmD3qWbwcj YWwFwVYwqOTc/i+2k2vwW7y3MgMnHt5quLHgv3KGdnHj8K/KEkltH2j8whmTSV0N pYASQCzv+db/fx8Q1U1yaqxzU/7uGfH8juE6kD5pFOwA0wB6gBsvKd7y5nt5HbrJ B8O+U8N0cSWfkqRAfPYNYH7VEylKD9yZPSBTIoJb492nuBbh+dOqDes4SGefiaPM bCtViVvPu5jK8p96FNxWT6xyX2x4X66khoc1F2Qj+qv9SizzsN7aO0XwGxgO0UEy WppdHt4dGEpFbynMuzm6BTz9ZT1hIB2yjrlVeI69hhijFsen5Q48v7ugN8wD7UCX D/jX/Kevwta3HsPTG9su9lmyDAvb+PrKfAMrTxPUgLtnrRXTRlcFKm5O5TkzeTL+ Z8ySD4Qde6QsqkqCNyAlu9F147nO37VDbxMT/MVnXKIj6GUBFPTJPzU0aPRnu0WF b46yYHRvADmmFscJvgLjPwxMR9K3Vrxj4oMZkJRGdWvan/uAm7Dux+X5Y+nXfRmT NwFkWdquq1Ea =JCC+ -END PGP SIGNATURE End Message ---
Bug#902897: virtualbox broken by binutils master (new R_X86_64_PLT32 relocation type)
Hi Gianfranco, please include upstream's v2 patch, they missed one occurrence of _PC32 in ldrELFRelocatable.cpp.h in the first version... Jan
Bug#903763: exiv2: CVE-2018-14046
Source: exiv2 Version: 0.26-1 Severity: grave Tags: security upstream Justification: user security hole Forwarded: https://github.com/Exiv2/exiv2/issues/378 Hi, The following vulnerability was published for exiv2, filling with RC severity so that the only affected version in experimental does not enter buster. CVE-2018-14046[0]: | Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks | in webpimage.cpp. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-14046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14046 [1] https://github.com/Exiv2/exiv2/issues/378 Regards, Salvatore
Bug#903762: boinc-server-maker: fails to install: SyntaxError in /usr/lib/boinc-server-maker/sched/pymw_assimilator.py
Package: boinc-server-maker Version: 7.12.0+dfsg-1exp2 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package failed to install. As per definition of the release team this makes the package too buggy for a release, thus the severity. >From the attached log (scroll to the bottom...): Selecting previously unselected package boinc-server-maker. (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 11991 files and directories currently installed.) Preparing to unpack .../boinc-server-maker_7.12.0+dfsg-1exp2_amd64.deb ... Unpacking boinc-server-maker (7.12.0+dfsg-1exp2) ... Setting up boinc-server-maker (7.12.0+dfsg-1exp2) ... Adding user `www-data' to group `boincadm' ... Adding user www-data to group boincadm Done. File "/usr/lib/boinc-server-maker/sched/pymw_assimilator.py", line 50 except Exception,msg: ^ SyntaxError: invalid syntax dpkg: error processing package boinc-server-maker (--configure): installed boinc-server-maker package post-installation script subprocess returned error exit status 1 Errors were encountered while processing: boinc-server-maker cheers, Andreas boinc-server-maker_7.12.0+dfsg-1exp2.log.gz Description: application/gzip
Bug#903761: bind: fails to install: rndc-confgen: The -r option has been deprecated.
Package: bind Version: 1:9.13.1+dfsg-1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package failed to install. As per definition of the release team this makes the package too buggy for a release, thus the severity. >From the attached log (scroll to the bottom...): Selecting previously unselected package bind. (Reading database ... (Reading database ... 5477 files and directories currently installed.) Preparing to unpack .../bind_1%3a9.13.1+dfsg-1_amd64.deb ... Unpacking bind (1:9.13.1+dfsg-1) ... Setting up bind (1:9.13.1+dfsg-1) ... Adding group `bind' (GID 150) ... Done. Adding system user `bind' (UID 150) ... Adding new user `bind' (UID 150) with group `bind' ... Not creating home directory `/var/cache/bind'. rndc-confgen: The -r option has been deprecated. dpkg: error processing package bind (--configure): installed bind package post-installation script subprocess returned error exit status 1 Errors were encountered while processing: bind cheers, Andreas bind_1:9.13.1+dfsg-1.log.gz Description: application/gzip
Bug#903729: marked as done (isc-kea: CVE-2018-5739: failure to release memory may exhaust system resources)
Your message dated Sat, 14 Jul 2018 10:21:26 + with message-id and subject line Bug#903729: fixed in isc-kea 1.4.0.P1-1 has caused the Debian Bug report #903729, regarding isc-kea: CVE-2018-5739: failure to release memory may exhaust system resources to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 903729: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903729 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: isc-kea Version: 1.4.0-1 Severity: grave Tags: security upstream Hi, The following vulnerability was published for isc-kea. The version in unstable is not affected by the issue, but 1.4.0 was uploaded to experimental. To avoid the issue enters unstable, making the bug RC (technically would possibly not justify the RC severity). That is, can you please only upload a version >= 1.4.0-P1 to unstable? [In case though I missed something let me know please] CVE-2018-5739[0]: failure to release memory may exhaust system resources If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-5739 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5739 [1] https://kb.isc.org/article/AA-01626 Regards, Salvatore --- End Message --- --- Begin Message --- Source: isc-kea Source-Version: 1.4.0.P1-1 We believe that the bug you reported is fixed in the latest version of isc-kea, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 903...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ondřej Surý (supplier of updated isc-kea package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 14 Jul 2018 08:51:37 + Source: isc-kea Binary: kea-dhcp4-server kea-dhcp6-server kea-dhcp-ddns-server kea-doc kea-admin kea-dev kea-common Architecture: source Version: 1.4.0.P1-1 Distribution: unstable Urgency: medium Maintainer: Kea Changed-By: Ondřej Surý Description: kea-admin - Administration utilities for ISC KEA DHCP server kea-common - Common libraries for the ISC KEA DHCP server kea-dev- Development headers for ISC KEA DHCP server kea-dhcp-ddns-server - ISC KEA DHCP Dynamic DNS service kea-dhcp4-server - ISC KEA IPv4 DHCP server kea-dhcp6-server - ISC KEA IPv6 DHCP server kea-doc- Documentation for ISC KEA DHCP server Closes: 903729 Changes: isc-kea (1.4.0.P1-1) unstable; urgency=medium . * New upstream version 1.4.0.P1 + [CVE-2018-5739]: failure to release memory may exhaust system resources (Closes: #903729) Checksums-Sha1: 5ebb1a0d0f95ec969a196fe3ec52ebd7467057e8 2572 isc-kea_1.4.0.P1-1.dsc 316d76b7bdf8f152d99cf3122e29b2e5929ce50d 6645111 isc-kea_1.4.0.P1.orig.tar.gz d4e2f8787452ed5c510057f47fcab167aa5ede8c 14132 isc-kea_1.4.0.P1-1.debian.tar.xz 12b2a23a379ac6d1ade9203b7de18e56feb04a16 11825 isc-kea_1.4.0.P1-1_amd64.buildinfo Checksums-Sha256: 2b74f0d71a0f16079e36004cad83df3563b4866443055262f917428ff19b61f6 2572 isc-kea_1.4.0.P1-1.dsc 46356bd4594a73d269719a724042c43474e592e99476fb63dd8135e78c800411 6645111 isc-kea_1.4.0.P1.orig.tar.gz 76968b21e7f06f73008261e85232b2f4c60942dfd5d10be2917d637355fc 14132 isc-kea_1.4.0.P1-1.debian.tar.xz 62340f3369989fb5e67f70238fa8ec436dc8b85f4211f98cbbcd9ac441df6cb3 11825 isc-kea_1.4.0.P1-1_amd64.buildinfo Files: 23db3c32e58baf84807c733765854e98 2572 net extra isc-kea_1.4.0.P1-1.dsc d94d6121b2df3b03c60f7874b68ce945 6645111 net extra isc-kea_1.4.0.P1.orig.tar.gz 606e8641792964064ab0025b8227a5aa 14132 net extra isc-kea_1.4.0.P1-1.debian.tar.xz adf23d64e184c5378b9afd234512233e 11825 net extra isc-kea_1.4.0.P1-1_amd64.buildinfo -BEGIN PGP SIGNATURE- iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAltJviZfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u WcIuPBAAiEjuB62fn4D4t1AYlKmVOqjJelK+UMGfK1wC6mempxV1znB4iY4h1eTu sm+d2h5KKbALmkd6zDIT5qpZ2LBjvdE/Hl/+B1LXElnruFnmLiiEZ34OVcr5PJHr EZcD2fOAaR4b63r39/XnnmpccEzcYVf3efpboj0t/2/+wpwEZo/m4CLctAdOGIcF YZvHI7t
Bug#903713: plasma-browser-integration: "This_file_is_part_of_KDE" in debian/copyright?
¡Hola Luigi! El 2018-07-14 a las 10:37 +0100, Chris Lamb escribió: My interpretation of this is that the intention is to assign the copyright to the kde project, although it's not a hundred percent clear. I should have been clearer, sorry — I understand you are going with whatever the file says but I am requesting that you make this clearer, perhaps by getting a statement from upstream or similar. "This_file_is_part_of_KDE" is really not suitable as an author, whatever the file says, after all. Chris raised the issue of the po files distributed by kde containing some (not very clear) template parts, in particular the copyright assignments to This_file_is_part_of_KDE. With your kde i18n team hat on, would you consider it feasible to replace these strings with something clearer? If the intention is for the translators to assign the copyright to kde it should be assigned to KDE.e.V, if the intention is for each translator to keep the copyright assignment the This_file_is_part_of_KDE part of the template needs to be updated to say AUTHOR . The first case should be "scriptable" the second case, would need to manually modifying each po file that contains the "This_file_is_part_of_KDE" text. Happy hacking, -- "Brilliant opportunities are cleverly disguised as insolvable problems." -- Gardener's Philosophy "The reverse is also true." -- Corollary Saludos /\/\ /\ >< `/ signature.asc Description: PGP signature
Bug#903713: plasma-browser-integration: "This_file_is_part_of_KDE" in debian/copyright?
¡Hola!, > My interpretation of this is that the intention is to assign the copyright > to the kde project, although it's not a hundred percent clear. I should have been clearer, sorry — I understand you are going with whatever the file says but I am requesting that you make this clearer, perhaps by getting a statement from upstream or similar. "This_file_is_part_of_KDE" is really not suitable as an author, whatever the file says, after all. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-
Bug#903713: plasma-browser-integration: "This_file_is_part_of_KDE" in debian/copyright?
¡Hola Chris! El 2018-07-13 a las 16:39 +0100, Chris Lamb escribió: Source: plasma-browser-integration Version: 5.13.1-1 Severity: serious X-Debbugs-CC: Maximiliano Curia I just ACCEPTed plasma-browser-integration from NEW but noticed it declares "This_file_is_part_of_KDE" as an copyright holder. This seems very... odd. Agreed, this is caused by the templates used in po files. For example in po/ca/plasma_runner_browsertabs.po it says: # Translation of plasma_runner_browsertabs.po to Catalan # Copyright (C) 2017 This_file_is_part_of_KDE # This file is distributed under the license LGPL version 2.1 or # version 3 or later versions approved by the membership of KDE e.V. # # Josep Ma. Ferrer , 2017. Josep here is clearly the author, but there is no copyright assigment statement with his name. My interpretation of this is that the intention is to assign the copyright to the kde project, although it's not a hundred percent clear. So I go with whatever the file says. Happy hacking, -- "The best way to predict the future is to invent it." -- Alan Kay Saludos /\/\ /\ >< `/ signature.asc Description: PGP signature
Bug#903708: xfce4: xfce fails to start with all methods
Control: reassign -1 xserver-xorg-core Control: forcemerge 900550 -1 On 2018-07-13 10:55 -0400, annadane wrote: > Package: xfce4 > Version: 4.12.4 > Severity: grave > Justification: renders package unusable > > Dear Maintainer, > > On a fresh install of Sid (as in minimal Stable -> dist-upgrade), xfce > fails to start with any of sddm, lightdm, or startx. Here's my xorg > log; I'm really not certain how to fix it. (PS if it's wrong to > include paste.d.n links in here instead of full output please let me > know or just paste it verbatim) http://paste.debian.net/1033571/ Please include such logs directly in the bug report in the future, that makes them easier to access. Here is the relevant output: , | [ 1275.433] (EE) Backtrace: | [ 1275.433] (EE) 0: /usr/lib/xorg/Xorg (xorg_backtrace+0x4d) [0x55abecc798dd] | [ 1275.433] (EE) 1: /usr/lib/xorg/Xorg (0x55abecac6000+0x1b7599) [0x55abecc7d599] | [ 1275.433] (EE) 2: /lib/x86_64-linux-gnu/libpthread.so.0 (0x7f0b655d+0x128e0) [0x7f0b655e28e0] | [ 1275.433] (EE) 3: /usr/lib/xorg/Xorg (miRenderColorToPixel+0xe) [0x55abecbedbde] | [ 1275.433] (EE) 4: /usr/lib/xorg/modules/libexa.so (0x7f0b629f6000+0xf13b) [0x7f0b62a0513b] | [ 1275.433] (EE) 5: /usr/lib/xorg/Xorg (0x55abecac6000+0x13a8b6) [0x55abecc008b6] | [ 1275.433] (EE) 6: /usr/lib/xorg/Xorg (0x55abecac6000+0x12ec1c) [0x55abecbf4c1c] | [ 1275.433] (EE) 7: /usr/lib/xorg/Xorg (0x55abecac6000+0x5b008) [0x55abecb21008] | [ 1275.433] (EE) 8: /usr/lib/xorg/Xorg (0x55abecac6000+0x5f008) [0x55abecb25008] | [ 1275.433] (EE) 9: /lib/x86_64-linux-gnu/libc.so.6 (__libc_start_main+0xe7) [0x7f0b65435b17] | [ 1275.433] (EE) 10: /usr/lib/xorg/Xorg (_start+0x2a) [0x55abecb0ed0a] | [ 1275.433] (EE) | [ 1275.433] (EE) Segmentation fault at address 0x8 | [ 1275.433] (EE) | Fatal server error: | [ 1275.433] (EE) Caught signal 11 (Segmentation fault). Server aborting ` This is bug #900550 in xserver-xorg-core, I have just cherry-picked the upstream fix[1]. Cheers, Sven 1. https://salsa.debian.org/xorg-team/xserver/xorg-server/commit/aa7aaeb5223830a3670dc658152e28f125c17de8
Processed: Re: Bug#903708: xfce4: xfce fails to start with all methods
Processing control commands: > reassign -1 xserver-xorg-core Bug #903708 [xfce4] xfce4: xfce fails to start with all methods Bug reassigned from package 'xfce4' to 'xserver-xorg-core'. No longer marked as found in versions xfce4/4.12.4. Ignoring request to alter fixed versions of bug #903708 to the same values previously set > forcemerge 900550 -1 Bug #900550 [xserver-xorg-core] xserver-xorg-core: X server segfaults for xfce4+nouveau after 2:1.19.6-1 -> 2:1.20.0-2 upgrade Bug #903708 [xserver-xorg-core] xfce4: xfce fails to start with all methods Severity set to 'important' from 'grave' Added indication that 903708 affects xfce4-session Marked as found in versions xorg-server/2:1.20.0-2. Added tag(s) patch. Merged 900550 903708 -- 900550: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900550 903708: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903708 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems