NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: base-files_8+deb8u6_amd64.changes
  ACCEPT
Processing changes file: base-files_8+deb8u6_arm64.changes
  ACCEPT
Processing changes file: base-files_8+deb8u6_armel.changes
  ACCEPT
Processing changes file: base-files_8+deb8u6_armhf.changes
  ACCEPT
Processing changes file: base-files_8+deb8u6_i386.changes
  ACCEPT
Processing changes file: base-files_8+deb8u6_mips.changes
  ACCEPT
Processing changes file: base-files_8+deb8u6_mipsel.changes
  ACCEPT
Processing changes file: base-files_8+deb8u6_powerpc.changes
  ACCEPT
Processing changes file: base-files_8+deb8u6_ppc64el.changes
  ACCEPT
Processing changes file: base-files_8+deb8u6_s390x.changes
  ACCEPT

Bug#837458: jessie-pu: package mactelnet/0.4.0-1

[Salvatore Bonaccorso]

Hi,

Disclaimer, I'm not member of the release team/stable release managers.

> Request for uploading to stable, as there is posted a CVE for a bug
> in mactelnet-client.
> This update is a backport of the fix that is done upstream, that
> fixes only the mentioned bug.

Generally the stable release managers request that the fix should land
first in unstable, could you upload the fix as well there? Or Is there
a new upstream version which could be uploaded?

Regards,
Salvatore

Bug#837312: marked as done (nmu: cdist_4.3.1-1)

[Debian Bug Tracking System]

Your message dated Mon, 12 Sep 2016 00:03:35 +
with message-id 
and subject line Bug#837312: fixed in cdist 4.3.1-2
has caused the Debian Bug report #837312,
regarding nmu: cdist_4.3.1-1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
837312: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837312
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu

Hi,

cdist-doc depends on "sphinx-common (<< 1.4.5.0~), sphinx-common (>=
1.4.5)". This causes the following issues:

* It's uninstallable in unstable
* sphinx doesn't migrate to testing[0]

Rebuilding against sphinx 1.4.6-1 inside a clean chroot
(e.g. pbuilder) helps[1]. So please schedule a BinNMU on architecture
"all" for cdist:

nmu cdist_4.3.1-1 . all . unstable . -m "Rebuild documentation against sphinx 
1.4.6"

(Hope, I got the "Architecture: all" thing right in the line
above. :-)

[0] https://qa.debian.org/excuses.php?package=sphinx
[1] Be aware of https://bugs.debian.org/837311 (cdist FTBFS with
additional packages being installed; seems a Python 2 vs 3 issue)

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (600, 'testing'), (500, 'unstable-debug'), 
(500, 'buildd-unstable'), (110, 'experimental'), (1, 'experimental-debug'), (1, 
'buildd-experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.8.0-rc5-amd64 (SMP w/8 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
--- End Message ---
--- Begin Message ---
Source: cdist
Source-Version: 4.3.1-2

We believe that the bug you reported is fixed in the latest version of
cdist, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 837...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Dmitry Bogatov  (supplier of updated cdist package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 10 Sep 2016 16:33:38 +0300
Source: cdist
Binary: cdist cdist-doc
Architecture: source all
Version: 4.3.1-2
Distribution: unstable
Urgency: medium
Maintainer: Dmitry Bogatov 
Changed-By: Dmitry Bogatov 
Description:
 cdist  - Usable Configuration Management System
 cdist-doc  - Usable Configuration Management System (html documentation)
Closes: 837311 837312
Changes:
 cdist (4.3.1-2) unstable; urgency=medium
 .
   * Rebuild for unstable to get latest sphinx dependency (Closes: #837312)
   * Force `sphinx-build' use Python3 (Closes: #837311)
Checksums-Sha1:
 c346848569af0dac9961f396719b529e954701eb 1996 cdist_4.3.1-2.dsc
 980f9c1750131679b5b5e7eb281a39c5f7148725 7432 cdist_4.3.1-2.debian.tar.xz
 644ae84ca4c17ca793922374cd252c76b61f8b3e 144806 cdist-doc_4.3.1-2_all.deb
 8274b4845109345a123e6b85a0766a8ff86bb1a8 237004 cdist_4.3.1-2_all.deb
Checksums-Sha256:
 4d6922dffd019c67dc58afb918ca4b6a34dcdcb97195c38ae6f3eb329ba95e75 1996 
cdist_4.3.1-2.dsc
 e0fc48af2e46707794fdc78c99cac2532163d77346f046e364d512c8cdb6e5dc 7432 
cdist_4.3.1-2.debian.tar.xz
 000dbd2111e52046a3ccedafbcb878468f0d9df7b5e5df523ecccf2e03d5eb91 144806 
cdist-doc_4.3.1-2_all.deb
 182db0ba6ea6a299501fea321d0074a74bf706bd020a6f4c8743b3a594fa66aa 237004 
cdist_4.3.1-2_all.deb
Files:
 e0641a3af34e645f88bc9c39ad6a03c5 1996 admin optional cdist_4.3.1-2.dsc
 f74a0fb8a047fd861e6ccbc28c0ca465 7432 admin optional 
cdist_4.3.1-2.debian.tar.xz
 4b48bb6d72cc4aed7d5c609c6aca8b47 144806 doc optional cdist-doc_4.3.1-2_all.deb
 caa744c7156d2941f281fb668302ac49 237004 admin optional cdist_4.3.1-2_all.deb

-BEGIN PGP SIGNATURE-

iQIcBAEBCAAGBQJX1eswAAoJEGvmY8daNcl1phoP/i3yHOaQ8iA+hCttAAf4n8wt
UwxIAtJsC9cQvkorba9zHwMmIJNX8YpyjS0MEkKrAXkU1rxxpPnSHC47NYCoBfu8
I1VgHjlO5KLtu21VYKa+O5CH0bS+dAyf9nvFv9mExLEUpiRQP9PScqcARDLWj5hi
fss5j2zI8owKk5+QRatIgbWSdJPOXKktNGmCeZeIeVKDVUACzFm6pYWmwi0rvrgk
kS1heiyvh3sTaHe0kHVGkcHJhgZMdjsaiFW7Il6kii/vgMq1iahyh7FIZm2Lk4Cm
9n6kUMLId7tPU0Mnb8WPJgDt2ydayx4g8CHQ3Q4PqshgAzvl1CHeDLMJOJ7xsOq7

Bug#837312: Bug#837311: cdist: FTBFS with some additional packages being installed: ImportError: No module named sphinx_rtd_theme

[Axel Beckert]

Hi Dmitry,

Dmitry Bogatov wrote:
> > > I will add Build-Conflicts: in incoming 18 hours, ping you, you will
> > > upload, and bug will be closed.
[...]
> New version on mentors, with following changelog:
> 
>   * Rebuild for unstable to get latest sphinx dependency (Closes: #837312)
>   * Force `sphinx-build' use Python3 (Closes: #837311)

Thanks! Uploaded. 

Regards, Axel
-- 
 ,''`.  |  Axel Beckert , http://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-|  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: flashplugin-nonfree_3.6.1+deb8u1_i386.changes
  ACCEPT

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: base-files_8+deb8u6_source.changes
  ACCEPT

Bug#834854: jessie-pu: package charybdis/3.4.2-5~deb8u1

[Antoine Beaupré]

Control: tags -1 -moreinfo

Hi,

New developments on the Charybdis front: a patch has been developed
upstream to fix the issue, but it is pretty invasive. They have
basically rewritten the whole GNUTLS backend to make it on par with the
other implementations. It's a good thing: there were memory leaks and
all sorts of other issues, namely one that I mentioned earlier.

At the very least, we'd need to factor in this p-u a patch like this
one:

https://github.com/charybdis-ircd/charybdis/issues/215#issuecomment-246202759

... to fix timeout issues in the gnutls code that crashes the ssld. But
even with that, there are at least two major issues that should be fixed
here:

1. Charybdis 3.4 supports only SHA-1 for certificates, which has serious
security vulnerabilities. To give an unrelated example, the APT team
plans to remove all SHA-1 support in their repositories next year

2. 3.4 also has several memory leaks that are fixed by the gnutls
rewrite.

There are three way forward here:

1. ignore the above two extra issues and simply add the patch for #215
to the pile of patches in jessie
2. import the new gnutls.c module from an eventual new 3.5 release
upstream directly in jessie - this may be difficult because of internal
API changes
3. import 3.5.x directly in jessie

I would like to have feedback from the release team as to which approach
to take forward.

Thanks!

A.

-- 
Advertisers, not governments, are the primary censors of media content 
in the United States today.
- C. Edwin Baker

Processed: Re: Bug#834854: jessie-pu: package charybdis/3.4.2-5~deb8u1

[Debian Bug Tracking System]

Processing control commands:

> tags -1 -moreinfo
Bug #834854 [release.debian.org] jessie-pu: package charybdis/3.4.2-5~deb8u1
Removed tag(s) moreinfo.

-- 
834854: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834854
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#837469: nmu: dose3_5.0.1-1

[Johannes Schauer]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu

nmu dose3_5.0.1-1 . ANY . unstable . -m "rebuild for camlzip 1.06-1"

Re: Bug#836940: [buildd-tools-devel] Bug#836940: cowbuilder, sbuild: should behave identically in regard to default gnupg installation

[Julien Cristau]

On Thu, Sep  8, 2016 at 13:35:51 +0200, Lucas Nussbaum wrote:

> 1) packages failing to build when gnupg is not installed in the chroot.
> gnupg is priority: important, and is not installed by debootstrap
> --variant=buildd.
> 
> 2) packages failing to build when tzdata is not installed in the chroot.
> tzdata is priority: required, and it is installed by debootstrap
> --variant=buildd. But since it is not essential, not build-essential,
> and not a dependency of essential or build-essential packages, it can
> safely be removed (e.g. with debfoster -o MaxPriority=required).  I
> count about 150 packages failing in that case.
> 
> Both classes of bugs are valid bugs. However, I'm wondering if it's OK
> to consider both classes as release critical.
> 
I think they should both be serious, and tzdata's priority should be
fixed up by ftpmaster.

Cheers,
Julien

Bug#836910: jessie-pu: package kamailio/4.2.0-2+deb8u1

[Julien Cristau]

On Wed, Sep  7, 2016 at 11:48:46 +0200, Victor Seva wrote:

> diff -Nru kamailio-4.2.0/debian/patches/fix_tls.patch 
> kamailio-4.2.0/debian/patches/fix_tls.patch
> --- kamailio-4.2.0/debian/patches/fix_tls.patch   1970-01-01 
> 01:00:00.0 +0100
> +++ kamailio-4.2.0/debian/patches/fix_tls.patch   2016-09-07 
> 10:00:32.0 +0200
> @@ -0,0 +1,34 @@
> +From 0a5f99b28d01d79cf2675df6d2a6220167e2476e Mon Sep 17 00:00:00 2001
> +From: Daniel-Constantin Mierla 
> +Date: Tue, 7 Jun 2016 15:21:06 +0200
> +Subject: [PATCH] tls: proper check of libssl versions used for compilation 
> and
> + available on system
> +
> +- shift out the last 12bits, being the patch version and status (see man
> +  SSLeay)
> +- reported by Victor Seva, GH #662
> +
> +(cherry picked from commit c38b4c7345a6806f48a0cdb07841e10bc962e1bf)
> +(cherry picked from commit 253909bf673c0a59e7adf578bb5df73eb157d0f2)
> +(cherry picked from commit 5632abc108bf8ed8157a77806ea80b962db3fa4f)
> +---
> + modules/tls/tls_init.c | 6 --
> + 1 file changed, 4 insertions(+), 2 deletions(-)
> +
> +diff --git a/modules/tls/tls_init.c b/modules/tls/tls_init.c
> +index a381be1..7bfc10f 100644
> +--- a/modules/tls/tls_init.c
>  b/modules/tls/tls_init.c
> +@@ -543,8 +543,10 @@ int init_tls_h(void)
> + #endif
> + ssl_version=SSLeay();
> + /* check if version have the same major minor and fix level
> +- * (e.g. 0.9.8a & 0.9.8c are ok, but 0.9.8 and 0.9.9x are not) */
> +-if ((ssl_version>>8)!=(OPENSSL_VERSION_NUMBER>>8)){
> ++ * (e.g. 0.9.8a & 0.9.8c are ok, but 0.9.8 and 0.9.9x are not)
> ++ * - values is represented as 0xMMNNFFPPS: major minor fix patch status
> ++ *   0x00090705f == 0.9.7e release */
> ++if ((ssl_version>>12)!=(OPENSSL_VERSION_NUMBER>>12)){
> + LOG(L_CRIT, "ERROR: tls: init_tls_h: installed openssl library "
> + "version is too different from the library the 
> ser tls module "
> + "was compiled with: installed \"%s\" (0x%08lx), 
> compiled "

TBH, this seems just as wrong; libssl has a SONAME for a reason, no need
to reinvent broken checks in each user.

Cheers,
Julien

Bug#836592: jessie-pu: package gdcm/2.4.4-3

[Julien Cristau]

On Fri, Sep  9, 2016 at 17:33:08 +0100, Adam D. Barratt wrote:

> On Fri, 2016-09-09 at 17:08 +0200, Gert Wollny wrote:
> > > As far as I can tell, the problem isn't the documentation, it's:
> > >
> > > make[3]: *** No rule to make target
> > > '/usr/lib/jvm/default-java/jre/lib/ppc64/libjawt.so', needed by
> > > 'bin/libvtkgdcmJava.so'.  Stop.
> > >
> > >
> > Agreed, I didn't see this because I was scanning for "error:".
> > 
> > The compilation failure is still unrelated to the patches though, 
> > because the patches only touch the C++ code, the compilation error is a 
> > result of some problem on the part that cmake does.
> > 
> > At the beginning of the build log one can even see that the library is 
> > correctly detected in the JRE ppc64el sub-directory, but later it wants 
> > ppc64 only and I can't find the according code in the gdcm VTK java 
> > module definition.
> 
> I was wondering if this might be a similar issue to javatool's #833572
> (now fixed in p-u), but I don't know either gdcm or Java packaging in
> general well enough to immediately point to a solution I'm afraid.
> 
After apt-get build-dep gdcm:

(jessie_ppc64el-dchroot)jcristau@plummer:~$ rgrep ppc64/libjawt /usr/lib/
/usr/lib/vtk-5.8/VTKTargets-release.cmake:  
IMPORTED_LINK_INTERFACE_LIBRARIES_RELEASE 
"vtkGraphics;vtkFilteringJava;/usr/lib/jvm/default-java/jre/lib/ppc64/libjawt.so"
/usr/lib/vtk-5.8/VTKTargets-release.cmake:  
IMPORTED_LINK_INTERFACE_LIBRARIES_RELEASE 
"vtkRendering;vtkGraphicsJava;vtkImagingJava;/usr/lib/jvm/default-java/jre/lib/ppc64/libjawt.so"
/usr/lib/vtk-5.8/VTKTargets-release.cmake:  
IMPORTED_LINK_INTERFACE_LIBRARIES_RELEASE 
"vtkCharts;vtkViewsJava;/usr/lib/jvm/default-java/jre/lib/ppc64/libjawt.so"
/usr/lib/vtk-5.8/VTKConfig-Java.cmake:SET(VTK_JAVA_AWT_LIBRARY 
"/usr/lib/jvm/default-java/jre/lib/ppc64/libjawt.so")

cmake brain damage strikes again.

Cheers,
Julien

Bug#836795: jessie-pu: package samba/2:4.1.17+dfsg-2+deb8u2

[Julien Cristau]

On Sat, Sep 10, 2016 at 12:34:51 +0100, Adam D. Barratt wrote:

> On Sat, 2016-09-10 at 13:15 +0200, Salvatore Bonaccorso wrote:
> > Thanks for CC'ing. It's right we haven't marked it as no-dsa (yet).
> > But it's true we asked (originally Andrew Barlett), to have samba
> > updated via a point release to adresss remaining (minor) regressions
> > introduced by the original fixes. Samba upstream has released several
> > updates in meanwhile and the idea was to have the packages exposed to
> > more wider testing via the jessie-proposed-updates before beeing
> > included in stable.
> 
> Okay, thanks. That makes sense, although a package uploaded now will
> either not get much (if any) testing or have to wait for 8.7.
> 
Even if we wait for 8.7, it's not like p-u gets a lot of user attention.

Cheers,
Julien

Bug#837458: jessie-pu: package mactelnet/0.4.0-1

[haakon . nessjoen]

Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu

Request for uploading to stable, as there is posted a CVE for a bug in 
mactelnet-client.
This update is a backport of the fix that is done upstream, that fixes only the 
mentioned bug.

Mor information here: https://security-tracker.debian.org/tracker/CVE-2016-7115
and here: https://bugs.debian.org/836320

-- System Information:
Debian Release: stretch/sid
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.4.0-21-generic (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=UTF-8 (charmap=UTF-8) (ignored: LC_ALL set 
to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru mactelnet-0.4.0/debian/changelog mactelnet-0.4.0/debian/changelog
--- mactelnet-0.4.0/debian/changelog	2016-09-10 23:43:04.0 +0200
+++ mactelnet-0.4.0/debian/changelog	2016-09-10 23:46:41.0 +0200
@@ -1,3 +1,9 @@
+mactelnet (0.4.0-2) stable; urgency=low
+
+  * Backported bugfix of CVE 2016-7115 (closes: 836320)
+
+ -- Håkon Nessjøen   Sun, 10 Sep 2016 23:11:32 +0200
+
 mactelnet (0.4.0-1) unstable; urgency=low
 
   * Upstream release 0.4.0
diff -Nru mactelnet-0.4.0/debian/patches/CVE-2016-7115.patch mactelnet-0.4.0/debian/patches/CVE-2016-7115.patch
--- mactelnet-0.4.0/debian/patches/CVE-2016-7115.patch	1970-01-01 01:00:00.0 +0100
+++ mactelnet-0.4.0/debian/patches/CVE-2016-7115.patch	2016-09-10 23:49:20.0 +0200
@@ -0,0 +1,51 @@
+--- a/mactelnet.c
 b/mactelnet.c
+@@ -75,7 +75,7 @@
+ 
+ static int keepalive_counter = 0;
+ 
+-static unsigned char encryptionkey[128];
++static unsigned char pass_salt[16];
+ static char username[255];
+ static char password[255];
+ static char nonpriv_username[255];
+@@ -191,18 +191,21 @@
+ 	char *terminal = getenv("TERM");
+ 	char md5data[100];
+ 	unsigned char md5sum[17];
+-	int plen;
++	int plen, act_pass_len;
+ 	md5_state_t state;
+ 
+-	/* Concat string of 0 + password + encryptionkey */
++	/* calculate the actual password's length */
++	act_pass_len = strnlen(password, 82);
++
++	/* Concat string of 0 + password + pass_salt */
+ 	md5data[0] = 0;
+-	strncpy(md5data + 1, password, 82);
+-	md5data[83] = '\0';
+-	memcpy(md5data + 1 + strlen(password), encryptionkey, 16);
++	memcpy(md5data + 1, password, act_pass_len);
++	/* in case that password is long, calculate only using the used-up parts */
++	memcpy(md5data + 1 + act_pass_len, pass_salt, 16);
+ 
+ 	/* Generate md5 sum of md5data with a leading 0 */
+ 	md5_init();
+-	md5_append(, (const md5_byte_t *)md5data, strlen(password) + 17);
++	md5_append(, (const md5_byte_t *)md5data, 1 + act_pass_len + 16);
+ 	md5_finish(, (md5_byte_t *)md5sum + 1);
+ 	md5sum[0] = 0;
+ 
+@@ -279,9 +282,9 @@
+ 
+ 		while (success) {
+ 
+-			/* If we receive encryptionkey, transmit auth data back */
++			/* If we receive pass_salt, transmit auth data back */
+ 			if (cpkt.cptype == MT_CPTYPE_ENCRYPTIONKEY) {
+-memcpy(encryptionkey, cpkt.data, cpkt.length);
++memcpy(pass_salt, cpkt.data, 16);
+ send_auth(username, password);
+ 			}
+ 
diff -Nru mactelnet-0.4.0/debian/patches/series mactelnet-0.4.0/debian/patches/series
--- mactelnet-0.4.0/debian/patches/series	1970-01-01 01:00:00.0 +0100
+++ mactelnet-0.4.0/debian/patches/series	2016-09-10 23:49:03.0 +0200
@@ -0,0 +1 @@
+CVE-2016-7115.patch

NEW changes in stable-new

[Debian FTP Masters]

Processing changes file: flashplugin-nonfree_3.6.1+deb8u1_amd64.changes
  ACCEPT

Processed: tagging 833433

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 833433 + pending
Bug #833433 [release.debian.org] jessie-pu: package 
flashplugin-nonfree/1:3.6.1+deb8u1
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
833433: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833433
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#833433: jessie-pu: package flashplugin-nonfree/1:3.6.1+deb8u1

[Adam D. Barratt]

Control; tags -1 + pending

On Sun, 2016-09-11 at 08:04 +, Bart Martens wrote:
> On Sat, Sep 10, 2016 at 04:59:29PM +0100, Adam D. Barratt wrote:
> > Please go ahead, bearing in mind that the window for 8.6 closes this
> > weekend.
> 
> Apology accepted. I uploaded for stable just now.

Flagged for acceptance.

Regards,

Adam

Processed: block 836917 with 822021

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> block 836917 with 822021
Bug #836917 [release.debian.org] transition: openmpi
836917 was blocked by: 835680 831164 817690 811907 830440 837059 837061 837062 
837058 837055 825934 812036 811651 837012 837109 837030
836917 was not blocking any bugs.
Added blocking bug(s) of 836917: 822021
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
836917: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836917
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#837300: jessie-pu: package mariadb-10.0/10.0.27-0+deb8u1

[Adam D. Barratt]

On Sat, 2016-09-10 at 14:42 +0300, Otto Kekäläinen wrote:
> The powerpc build of the security release 10.0.26-0+deb8u1 fails to
> build due to an upstream regression (see Bug#832931). This has been
> fixed in 10.0.27, but as it is not a security release (at least not
> publicly at the moment) I propose it to be uploaded via
> stable-updates.

Unfortunately 10.0.27 still FTBFS on powerpc, with failures that look
the same as those seen for 10.0.26-0+deb8u1.

Regards,

Adam

Bug#836941: Acknowledgement (nmu: shibboleth-sp2_2.6.0+dfsg1-3)

[Ferenc Wágner]

Shall I file a serious bug against libshibsp7 to keep it out of testing
until these binNMUs are scheduled?
-- 
Thanks,
Feri

Bug#830997: release.debian.org: Permission to consider dpkg-buildpackage -A bugs as RC

[Santiago Vila]

On Sun, 11 Sep 2016, Niels Thykier wrote:

> On Mon, 1 Aug 2016 23:23:14 +0200 (CEST) Santiago Vila 
> wrote:
> > Greetings.
> > 
> > I've finally raised to "serious" all the known bugs regarding
> > "dpkg-buildpackage -A" that were still open.
> > 
> > Thanks.
> 
> AFAICT, this bug is now resolved - closing accordingly. :)

It is resolved in the sense it was agreed to make this RC,
but I still expected the release policy to be updated accordingly:

https://release.debian.org/stretch/rc_policy.txt

before closing this report.

[ Not that updating the policy is particularly helpful. In fact,
  current policy already says "packages must autobuild" and there are
  still people who downgrade RC bugs about missing build-dependencies
  to "normal"... ].

Thanks.

Bug#830997: marked as done (release.debian.org: Permission to consider dpkg-buildpackage -A bugs as RC)

[Debian Bug Tracking System]

Your message dated Sun, 11 Sep 2016 12:32:00 +
with message-id <1c189e6d-ff48-a179-8130-25d1290ed...@thykier.net>
and subject line Re: Bug#830997: release.debian.org: Permission to consider 
dpkg-buildpackage -A bugs as RC
has caused the Debian Bug report #830997,
regarding release.debian.org: Permission to consider dpkg-buildpackage -A bugs 
as RC
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
830997: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830997
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: wishlist

Dear Release Managers:

Back in November I started to check and report each and every source
package for which "dpkg-buildpackage -A" fails.

Approximately 293 bugs so far have been filed about this issue:

https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=binary-indep;users=sanv...@debian.org

Most of them (182) are already fixed and a bunch of the remaining ones
have patches available.


With this report I'd like to ask for permission to consider this as a
release goal for stretch. This way the bugs would be raised to serious
and they would be treated like any other FTBFS bug.

Making this a release goal would mean that each and every package in
stretch (once it's stable) would be suitable to be uploaded in
source-only form. I think this feature would be particularly
interesting for the security team.


If you agree on making this a release goal, I can think of two ways of
doing this:

1) The wording in this page could be modified:

https://release.debian.org/stretch/rc_policy.txt

Currently it says:

  Packages must autobuild without failure on all architectures on
  which they are supported.

Maybe adding "This requirement includes the traditional
architecture-specific autobuilders and also the "Arch: all" autobuilder".
or something alike.

2) Or maybe we could just state that "Packages must autobuild" implicitly
refers to all available autobuilders, but in such case an official
statement from you clarifying how the paragraph should be interpreted
would help.


In case this release goal is accepted, I'm open for suggestions about
how to proceed (for example, if a last warning mail should be sent to
the bug reports before raising severities, waiting for a week or two,
etc. things like that).

Thanks.
--- End Message ---
--- Begin Message ---
On Mon, 1 Aug 2016 23:23:14 +0200 (CEST) Santiago Vila 
wrote:
> Greetings.
> 
> I've finally raised to "serious" all the known bugs regarding
> "dpkg-buildpackage -A" that were still open.
> 
> Thanks.
> 
> 

AFAICT, this bug is now resolved - closing accordingly. :)

Thanks,
~Niels--- End Message ---

Bug#837412: transition: liblouis

[Samuel Thibault]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition

Hello,

liblouis 3.0.0 bumped ABI and thus soname, there are only two packages
that need a rebuild: liblouixml and liblouisutdml, both of which rebuild
fine with liblouis 3.0.0.  I have already uploaded it to experimental,
it builds fine on all archs (I just had to do it by hand on a porterbox
for mipsel, because the experimental apt resolver (apt-cudf) on the
mipsel buildds seems to be broken and aba didn't answer about it yet, it
will not be a problem in sid anyway)

Ben file:

title = "liblouis";
is_affected = .depends ~ "liblouis10" | .depends ~ "liblouis12";
is_good = .depends ~ "liblouis12";
is_bad = .depends ~ "liblouis10";


Generated from my experimental upload:

Affected: .depends ~ /\b(liblouis12|liblouis10)\b/
Good: .depends ~ /\b(liblouis12)\b/
Bad: .depends ~ /\b(liblouis10)\b/


-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 
'buildd-unstable'), (500, 'unstable'), (500, 'stable'), (500, 'oldstable'), (1, 
'experimental-debug'), (1, 'buildd-experimental'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.7.0 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#833433: jessie-pu: package flashplugin-nonfree/1:3.6.1+deb8u1

[Adam D. Barratt]

On Sun, 2016-09-11 at 08:04 +, Bart Martens wrote:
> Can I do a similar upload for
> oldstable? I have at least one user asking for this.

The Release Team no longer handle wheezy, that's in the hands of the LTS
Team; see https://wiki.debian.org/LTS

Regards,

Adam

Bug#837388: jessie-pu: package scons-doc/2.3.1-1

[Jörg Frings-Fürst]

Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hello,

the version 2.3.1-1 contains non free svg files[1].
The attached debdiff replace them with free files from upstream.

Many thanks!

CU
Jörg

[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787356

- -- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (900, 'testing'), (800, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.6.0-1-amd64 (SMP w/6 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)




-BEGIN PGP SIGNATURE-

iQIcBAEBCgAGBQJX1SBOAAoJEAn4nzyModJdHwYP/jv3cY54s5BHSk3nk5Yrjxiv
XcJVTzd2Xe15Sp8Mf56a9ggztVhJbMqEFIlkX8/0I+50yZDcjUaL7liZyjbq3lJB
B4l4mt8eQL2a48u8xIPd3GCUqvLw0dJJTEEQgXgiZef+kF32rLciki/CrMXmAEIb
6eJsQkuWrwqEP+FWQXspKcM25VvieHKGBncZ9B315pk7aSaRZM21nhcBN5aYxWaH
bn1iRXjDstYhqCJgriyNj9YcaBePALDtNW0BbPPFVjEr8AnyONGDupyf4C2Fi1Bw
8p6bDpLimDD3qVFsWeHTA5b+Gu7yvq0ajekiEZLUkTFTeKIw/LWA4+CH3IAWvA+o
sTlDDapbMCoizP853jDfevlLFG6ajRnvo9PJ0zQRFn8DZwwr0SRiBU2udNOlxo7v
6XnSijYQ3lHdYz/B6fscjUSb018wZKJyn7d47srZ/6BjoYqBp6tZfpxbMkZ+TeB3
Y01ZSePI9WZYLk5iRuo+Pw7VaTh3qvV1NpWqiu9vSHem3mFA5y5/nFrkERVFsbmn
tJDD0q6nb21CvWUtoK8B6TvvkhGxj07SoMd36LJ7J7+T/B26unPuQIgvkuDp7/Lc
Hg6oPbaxJFa3DeWasj7Je3ZQmL1i7TAqk83oTW/d1M4oBGl1AdlndrJzeIs5OWpm
xjwIj3m4ec7IitkMI3Al
=ZaBr
-END PGP SIGNATURE-
diff -Nru scons-doc-2.3.1/debian/changelog scons-doc-2.3.1/debian/changelog
--- scons-doc-2.3.1/debian/changelog	2014-04-27 12:05:51.0 +0200
+++ scons-doc-2.3.1/debian/changelog	2016-09-11 10:56:22.0 +0200
@@ -1,3 +1,10 @@
+scons-doc (2.3.1-1+deb8u1) stable; urgency=medium
+
+  * New debian/patches/0100_replace_nonfree_svgs.patch (Closes: #787356);
++ Replace nonfree svg files with free from upstream.
+
+ -- Jörg Frings-Fürst   Sun, 11 Sep 2016 10:56:22 +0200
+
 scons-doc (2.3.1-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru scons-doc-2.3.1/debian/patches/0100_replace_nonfree_svgs.patch scons-doc-2.3.1/debian/patches/0100_replace_nonfree_svgs.patch
--- scons-doc-2.3.1/debian/patches/0100_replace_nonfree_svgs.patch	1970-01-01 01:00:00.0 +0100
+++ scons-doc-2.3.1/debian/patches/0100_replace_nonfree_svgs.patch	2016-09-11 10:51:28.0 +0200
@@ -0,0 +1,196 @@
+Index: 2.3.1-1deb8u1/doc/design/titlepage/SConsBuildBricks_path.svg
+===
+--- 2.3.1-1deb8u1.orig/doc/design/titlepage/SConsBuildBricks_path.svg
 2.3.1-1deb8u1/doc/design/titlepage/SConsBuildBricks_path.svg
+@@ -14,9 +14,9 @@
+height="80.330002"
+id="svg2"
+sodipodi:version="0.32"
+-   inkscape:version="0.48.1 r9760"
++   inkscape:version="0.48.4 r9939"
+version="1.0"
+-   sodipodi:docname="SConsBuildBricks.svg"
++   sodipodi:docname="SConsBuildBricks_path.svg"
+inkscape:export-filename="Constructs-using-SCons.png"
+inkscape:export-xdpi="100"
+inkscape:export-ydpi="100">
+@@ -77,24 +77,22 @@
+   
+ 
+ http://creativecommons.org/licenses/by-nc-sa/2.0/; />
++   rdf:resource="http://creativecommons.org/licenses/by-sa/3.0/; />
+   
+   http://creativecommons.org/licenses/by-nc-sa/2.5/;>
++ rdf:about="http://creativecommons.org/licenses/by-sa/3.0/;>
+ http://web.resource.org/cc/Reproduction; />
++   rdf:resource="http://creativecommons.org/ns#Reproduction; />
+ http://web.resource.org/cc/Distribution; />
++   rdf:resource="http://creativecommons.org/ns#Distribution; />
+ http://web.resource.org/cc/Notice; />
++   rdf:resource="http://creativecommons.org/ns#Notice; />
+ http://web.resource.org/cc/Attribution; />
+-http://web.resource.org/cc/CommercialUse; />
++   rdf:resource="http://creativecommons.org/ns#Attribution; />
+ http://web.resource.org/cc/DerivativeWorks; />
++   rdf:resource="http://creativecommons.org/ns#DerivativeWorks; />
+ http://web.resource.org/cc/ShareAlike; />
++   rdf:resource="http://creativecommons.org/ns#ShareAlike; />
+   
+ 
+   
+Index: 2.3.1-1deb8u1/doc/man/titlepage/SConsBuildBricks_path.svg
+===
+--- 2.3.1-1deb8u1.orig/doc/man/titlepage/SConsBuildBricks_path.svg
 2.3.1-1deb8u1/doc/man/titlepage/SConsBuildBricks_path.svg
+@@ -14,9 +14,9 @@
+height="80.330002"
+id="svg2"
+sodipodi:version="0.32"
+-   inkscape:version="0.48.1 r9760"
++   inkscape:version="0.48.4 r9939"
+version="1.0"
+-   sodipodi:docname="SConsBuildBricks.svg"
++   sodipodi:docname="SConsBuildBricks_path.svg"
+inkscape:export-filename="Constructs-using-SCons.png"
+inkscape:export-xdpi="100"
+inkscape:export-ydpi="100">
+@@ -77,24 +77,22 @@
+   
+ 
+ 

Bug#833433: jessie-pu: package flashplugin-nonfree/1:3.6.1+deb8u1

[Bart Martens]

On Sat, Sep 10, 2016 at 04:59:29PM +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Sat, 2016-08-06 at 05:20 +, Bart Martens wrote:
> > Control: tag -1 - moreinfo
> > 
> > On Fri, Aug 05, 2016 at 11:02:40PM +0200, Julien Cristau wrote:
> > > Control: tag -1 moreinfo
> > > 
> > > The current code is not a guarantee for the future.  The function is
> > > named "human_time".  That makes it IMO wrong to use in a script.  It's
> > > also not stable across timezones.
> > 
> > Using %Y now, see attached debdiff. Permission to upload?
> 
> Sorry for the delay.
> 
> Please go ahead, bearing in mind that the window for 8.6 closes this
> weekend.

Apology accepted. I uploaded for stable just now. Can I do a similar upload for
oldstable? I have at least one user asking for this.

Regards,

Bart Martens