NEW changes in stable-new
Processing changes file: python3.7_3.7.3-2+deb10u3_arm64-buildd.changes ACCEPT Processing changes file: python3.7_3.7.3-2+deb10u3_ppc64el-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: python3.7_3.7.3-2+deb10u3_armel-buildd.changes ACCEPT Processing changes file: python3.7_3.7.3-2+deb10u3_i386-buildd.changes ACCEPT Processing changes file: python3.7_3.7.3-2+deb10u3_mips-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: redis_5.0.3-4+deb10u3_mips-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: python3.7_3.7.3-2+deb10u3_mips64el-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: python3.7_3.7.3-2+deb10u3_s390x-buildd.changes ACCEPT Processing changes file: redis_5.0.3-4+deb10u3_armhf-buildd.changes ACCEPT Processing changes file: systemd_241-7~deb10u7_armel-buildd.changes ACCEPT Processing changes file: uim_1.8.8-4+deb10u4_mips-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: redis_5.0.3-4+deb10u3_ppc64el-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: iputils_20180629-2+deb10u2_mips-buildd.changes ACCEPT Processing changes file: redis_5.0.3-4+deb10u3_arm64-buildd.changes ACCEPT Processing changes file: redis_5.0.3-4+deb10u3_armel-buildd.changes ACCEPT Processing changes file: redis_5.0.3-4+deb10u3_i386.changes ACCEPT Processing changes file: redis_5.0.3-4+deb10u3_s390x.changes ACCEPT Processing changes file: uim_1.8.8-4+deb10u4_mips64el-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: systemd_241-7~deb10u7_amd64-buildd.changes ACCEPT Processing changes file: systemd_241-7~deb10u7_arm64-buildd.changes ACCEPT Processing changes file: systemd_241-7~deb10u7_armhf-buildd.changes ACCEPT Processing changes file: systemd_241-7~deb10u7_i386-buildd.changes ACCEPT Processing changes file: systemd_241-7~deb10u7_ppc64el-buildd.changes ACCEPT Processing changes file: uim_1.8.8-4+deb10u4_amd64-buildd.changes ACCEPT Processing changes file: uim_1.8.8-4+deb10u4_armhf-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: cloud-init_20.2-2~deb10u2_all.changes ACCEPT Processing changes file: fetchmail_6.4.0~beta4-3+deb10u1_mipsel-buildd.changes ACCEPT Processing changes file: iputils_20180629-2+deb10u2_amd64-buildd.changes ACCEPT Processing changes file: iputils_20180629-2+deb10u2_arm64-buildd.changes ACCEPT Processing changes file: iputils_20180629-2+deb10u2_armel-buildd.changes ACCEPT Processing changes file: iputils_20180629-2+deb10u2_armhf-buildd.changes ACCEPT Processing changes file: iputils_20180629-2+deb10u2_mips64el-buildd.changes ACCEPT Processing changes file: iputils_20180629-2+deb10u2_ppc64el-buildd.changes ACCEPT Processing changes file: m2crypto_0.31.0-4+deb10u2_mipsel-buildd.changes ACCEPT Processing changes file: systemd_241-7~deb10u7_s390x.changes ACCEPT Processing changes file: uim_1.8.8-4+deb10u4_all-buildd.changes ACCEPT Processing changes file: uim_1.8.8-4+deb10u4_arm64-buildd.changes ACCEPT Processing changes file: uim_1.8.8-4+deb10u4_armel-buildd.changes ACCEPT Processing changes file: uim_1.8.8-4+deb10u4_i386.changes ACCEPT Processing changes file: uim_1.8.8-4+deb10u4_ppc64el-buildd.changes ACCEPT Processing changes file: uim_1.8.8-4+deb10u4_s390x-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: fetchmail_6.4.0~beta4-3+deb10u1_mips64el-buildd.changes ACCEPT Processing changes file: groff_1.22.4-3+deb10u1_mips64el-buildd.changes ACCEPT Processing changes file: iputils_20180629-2+deb10u2_i386.changes ACCEPT Processing changes file: iputils_20180629-2+deb10u2_s390x.changes ACCEPT Processing changes file: m2crypto_0.31.0-4+deb10u2_mips64el-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: linux_4.19.181-1_arm64-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: linux_4.19.181-1_amd64-buildd.changes ACCEPT
Re: Bug#985556: flatpak/1.2.5-0+deb10u4 FTBFS on i386
On Fri, 19 Mar 2021 at 22:48:33 +0100, Salvatore Bonaccorso wrote: > While reviewing the current uploads for the upcoming point release I > noticed that the i386 build of flatpak was apparently not done, and > indeed it failed. > > Attached are two build logs. The failing test runs a simple Python web server (`python3 ${builddir}/tests/http-utils-test-server.py 0`), reads back the port number that was allocated for it, and uses it to test Flatpak's http client implementation by connecting to http://localhost:$port. Instead, in those logs, it gets "Could not connect: Connection refused". Could x86-conova-01.debian.org be an IPv6-only buildd? If so, this reminds me of https://bugs.debian.org/948834 and is perhaps even the same bug (briefly: with the getaddrinfo flags normally used in GLib, if you have no IPv4 addresses other than 127.0.0.1 - not even RFC1918 LAN addresses - then resolving 'localhost' in the obvious way will not yield 127.0.0.1 as expected). Post-buster versions of GLib avoid this by special-casing localhost to always resolve to 127.0.0.1 and/or ::1, like the major web browsers do. I think this should probably be something that glibc does, or at least something that glibc nsswitch plugins can do, rather than being individual network clients' responsibility, but that's not the way the nsswitch interface works right now. Or, if not that, could it be the case that this buildd is firewalled or otherwise restricted such that connections from the build to a test server listening on an arbitrary high port number on the loopback interface will fail? src:glib2.0 and src:dbus are examples of other packages that need to communicate with a TCP server on the loopback interface during their build-time tests. If the root cause for this is #948834, then this is also going to affect buster's glib2.0 next time we update that. smcv
NEW changes in stable-new
Processing changes file: linux_4.19.181-1_i386.changes ACCEPT
NEW changes in stable-new
Processing changes file: cloud-init_20.2-2~deb10u2_source.changes ACCEPT Processing changes file: iputils_20180629-2+deb10u2_source.changes ACCEPT Processing changes file: python3.7_3.7.3-2+deb10u3_amd64.changes ACCEPT Processing changes file: redis_5.0.3-4+deb10u3_amd64.changes ACCEPT Processing changes file: systemd_241-7~deb10u7_source.changes ACCEPT Processing changes file: uim_1.8.8-4+deb10u4_source.changes ACCEPT
Processed: systemd 241-7~deb10u7 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 985472 = buster pending Bug #985472 [release.debian.org] buster-pu: package systemd/241-7~deb10u6 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 985472: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985472 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#985472: systemd 241-7~deb10u7 flagged for acceptance
package release.debian.org tags 985472 = buster pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian buster. Thanks for your contribution! Upload details == Package: systemd Version: 241-7~deb10u7 Explanation: core: make sure to restore the control command id, too, fixing a segfault; seccomp: allow turning off of seccomp filtering via an environment variable
Processed: uim 1.8.8-4+deb10u4 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 985359 = buster pending Bug #985359 [release.debian.org] buster-pu: package uim/1.8.8-4+deb10u4 Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 985359: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985359 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: redis 5.0.3-4+deb10u3 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 983527 = buster pending Bug #983527 [release.debian.org] buster-pu: package redis/5:5.0.3-4+deb10u3 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 983527: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983527 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: python3.7 3.7.3-2+deb10u3 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 983134 = buster pending Bug #983134 [release.debian.org] buster-pu: package python3.7/3.7.3-2+deb10u3 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 983134: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983134 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: iputils 20180629-2+deb10u2 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 985115 = buster pending Bug #985115 [release.debian.org] buster-pu: package iputils/3:20180629-2+deb10u1 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 985115: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985115 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: cloud-init 20.2-2~deb10u2 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 985545 = buster pending Bug #985545 [release.debian.org] buster-pu: package cloud-init/20.2-2~deb10u1 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 985545: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985545 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#985545: cloud-init 20.2-2~deb10u2 flagged for acceptance
package release.debian.org tags 985545 = buster pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian buster. Thanks for your contribution! Upload details == Package: cloud-init Version: 20.2-2~deb10u2 Explanation: avoid logging generated passwords to world-readable log files [CVE-2021-3429]
Bug#985359: uim 1.8.8-4+deb10u4 flagged for acceptance
package release.debian.org tags 985359 = buster pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian buster. Thanks for your contribution! Upload details == Package: uim Version: 1.8.8-4+deb10u4 Explanation: libuim-data: Perform symlink_to_dir conversion of /usr/share/doc/libuim-data in the resurrected package for clean upgrades from stretch
Bug#985115: iputils 20180629-2+deb10u2 flagged for acceptance
package release.debian.org tags 985115 = buster pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian buster. Thanks for your contribution! Upload details == Package: iputils Version: 20180629-2+deb10u2 Explanation: fix ping rounding errors; fix tracepath target corruption
Bug#983527: redis 5.0.3-4+deb10u3 flagged for acceptance
package release.debian.org tags 983527 = buster pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian buster. Thanks for your contribution! Upload details == Package: redis Version: 5.0.3-4+deb10u3 Explanation: fix a series of integer overflow issues on 32-bit systems [CVE-2021-21309]
Bug#983134: python3.7 3.7.3-2+deb10u3 flagged for acceptance
package release.debian.org tags 983134 = buster pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian buster. Thanks for your contribution! Upload details == Package: python3.7 Version: 3.7.3-2+deb10u3 Explanation: fix CRLF injection in http.client [CVE-2020-26116]; fix buffer overflow in PyCArg_repr in _ctypes/callproc.c [CVE-2021-3177]
Bug#985560: unblock: wp2latex/3.94+ds-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package wp2latex (Please provide enough (but not too much) information to help the release team to judge the request efficiently. E.g. by filling in the sections below.) [ Reason ] The new Debian version contains a small fix to fix EPS file generation for a few corner cases. [ Impact ] If the new version is not unblocked, some EPS files (generated by wp2latex) will be syntactically incorrect and will not be processed by ghostscript. This will make some converted documents unusable. [ Tests ] Upstream provided a test file, which can't be converted into valid EPS code using the old version, but works fine for the new version. [ Risks ] Rather trivial code change to prefix curly braces properly. [ Checklist ] [X] all changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in testing [ Other info ] (Anything else the release team should know.) unblock wp2latex/3.94+ds-2 -- sigmentation fault diff -Nru wp2latex-3.94+ds/debian/changelog wp2latex-3.94+ds/debian/changelog --- wp2latex-3.94+ds/debian/changelog 2021-02-14 23:32:46.0 +0100 +++ wp2latex-3.94+ds/debian/changelog 2021-03-18 21:28:50.0 +0100 @@ -1,3 +1,10 @@ +wp2latex (3.94+ds-2) unstable; urgency=medium + + * Fix a nasty bug, which could lead to invalid eps files. Got +notification and patch from upstream. Thanks Jaroslav Fojtik! + + -- Hilmar Preusse Thu, 18 Mar 2021 21:28:50 +0100 + wp2latex (3.94+ds-1) unstable; urgency=medium * New upstream release, remove merged patches. diff -Nru wp2latex-3.94+ds/debian/patches/invalid_eps_files wp2latex-3.94+ds/debian/patches/invalid_eps_files --- wp2latex-3.94+ds/debian/patches/invalid_eps_files 1970-01-01 01:00:00.0 +0100 +++ wp2latex-3.94+ds/debian/patches/invalid_eps_files 2021-03-18 21:26:24.0 +0100 @@ -0,0 +1,26 @@ +Description: Fix nasty bug leading to invalid eps files. +Origin: Jaroslav Fojtik +Forwarded: Patch is from upstream, not needed. +Author: Jaroslav Fojtik +Last-Update: 20210318 + +Index: wp2latex.git/sources.cc/images/vecimage.cc +=== +--- wp2latex.git.orig/sources.cc/images/vecimage.cc2021-03-18 13:20:12.699391018 +0100 wp2latex.git/sources.cc/images/vecimage.cc 2021-03-18 13:20:12.691391041 +0100 +@@ -1068,9 +1068,12 @@ + { + if(str[len-2]=='(' && str[len-1]==')') + { +- if(len>=3 && str[len-3]==' ') len--;//Remove orphaned space. +- str = copy(str,0,len-2); +- return; ++ if(len>=3 && str[len-3]!='\\') // Is the curly brace preffixed? ++{ ++if(len>=3 && str[len-3]==' ') len--; //Remove orphaned space. ++str = copy(str,0,len-2); ++return; ++} + } + } + str += "\nshow"; diff -Nru wp2latex-3.94+ds/debian/patches/series wp2latex-3.94+ds/debian/patches/series --- wp2latex-3.94+ds/debian/patches/series 2021-02-14 22:40:59.0 +0100 +++ wp2latex-3.94+ds/debian/patches/series 2021-03-18 13:20:07.0 +0100 @@ -5,3 +5,4 @@ #fix_groff-errors #vecimage.cc_crash #de.po_typo_adaption +invalid_eps_files signature.asc Description: PGP signature
NEW changes in stable-new
Processing changes file: linux_4.19.181-1_armel-buildd.changes ACCEPT Processing changes file: linux_4.19.181-1_s390x-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: fwupd_1.2.13-3+deb10u2_mips-buildd.changes ACCEPT Processing changes file: groff_1.22.4-3+deb10u1_mips-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: fetchmail_6.4.0~beta4-3+deb10u1_mips-buildd.changes ACCEPT Processing changes file: fwupd_1.2.13-3+deb10u2_mipsel-buildd.changes ACCEPT Processing changes file: m2crypto_0.31.0-4+deb10u2_mips-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: fetchmail_6.4.0~beta4-3+deb10u1_amd64-buildd.changes ACCEPT Processing changes file: fetchmail_6.4.0~beta4-3+deb10u1_armhf-buildd.changes ACCEPT Processing changes file: fetchmail_6.4.0~beta4-3+deb10u1_i386-buildd.changes ACCEPT Processing changes file: fwupd_1.2.13-3+deb10u2_armhf-buildd.changes ACCEPT Processing changes file: fwupd_1.2.13-3+deb10u2_i386-buildd.changes ACCEPT Processing changes file: fwupd_1.2.13-3+deb10u2_mips64el-buildd.changes ACCEPT Processing changes file: groff_1.22.4-3+deb10u1_amd64-buildd.changes ACCEPT Processing changes file: groff_1.22.4-3+deb10u1_armhf-buildd.changes ACCEPT Processing changes file: groff_1.22.4-3+deb10u1_i386-buildd.changes ACCEPT Processing changes file: linux_4.19.181-1_ppc64el-buildd.changes ACCEPT Processing changes file: m2crypto_0.31.0-4+deb10u2_armel-buildd.changes ACCEPT Processing changes file: m2crypto_0.31.0-4+deb10u2_armhf-buildd.changes ACCEPT Processing changes file: m2crypto_0.31.0-4+deb10u2_i386-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: fetchmail_6.4.0~beta4-3+deb10u1_all-buildd.changes ACCEPT Processing changes file: fetchmail_6.4.0~beta4-3+deb10u1_arm64-buildd.changes ACCEPT Processing changes file: fetchmail_6.4.0~beta4-3+deb10u1_armel-buildd.changes ACCEPT Processing changes file: fetchmail_6.4.0~beta4-3+deb10u1_ppc64el-buildd.changes ACCEPT Processing changes file: fetchmail_6.4.0~beta4-3+deb10u1_s390x.changes ACCEPT Processing changes file: fwupd_1.2.13-3+deb10u2_all-buildd.changes ACCEPT Processing changes file: fwupd_1.2.13-3+deb10u2_amd64-buildd.changes ACCEPT Processing changes file: fwupd_1.2.13-3+deb10u2_arm64-buildd.changes ACCEPT Processing changes file: fwupd_1.2.13-3+deb10u2_armel-buildd.changes ACCEPT Processing changes file: fwupd_1.2.13-3+deb10u2_s390x.changes ACCEPT Processing changes file: groff_1.22.4-3+deb10u1_arm64-buildd.changes ACCEPT Processing changes file: groff_1.22.4-3+deb10u1_armel-buildd.changes ACCEPT Processing changes file: groff_1.22.4-3+deb10u1_ppc64el-buildd.changes ACCEPT Processing changes file: groff_1.22.4-3+deb10u1_s390x.changes ACCEPT Processing changes file: linux_4.19.181-1_all.changes ACCEPT Processing changes file: m2crypto_0.31.0-4+deb10u2_all-buildd.changes ACCEPT Processing changes file: m2crypto_0.31.0-4+deb10u2_amd64-buildd.changes ACCEPT Processing changes file: m2crypto_0.31.0-4+deb10u2_arm64-buildd.changes ACCEPT Processing changes file: m2crypto_0.31.0-4+deb10u2_ppc64el-buildd.changes ACCEPT Processing changes file: m2crypto_0.31.0-4+deb10u2_s390x.changes ACCEPT
Bug#985541: unblock: dtkcore/5.2.2.5-3
Control: tags -1 + moreinfo On 2021-03-19 12:17:46 -0400, Boyuan Yang wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > X-Debbugs-CC: pkg-deepin-de...@lists.alioth.debian.org > > Please unblock package dtkcore > > [ Reason ] > Current version of dtkcore would cause all Deepin applications to crash > when clicking the "About" menu. The new dtkcore/5.2.2.5-3 provides a > targeted patch coming from Deepin upstream to solve this bug. > > The bug is documented as https://bugs.debian.org/985480 . > > [ Impact ] > If the bug is not fixed, all deepin applications (deepin-*) will crash > when the user clicks the "About" menu. > > [ Tests ] > Click the "About" menu with different versions of libdtkcore5 > installed. The new version will not crash. > > All buildd build in Debian sid on release architectures have succeeded. > > [ Risks ] > The risk of introducing regression should be minimal according to my > understanding to the patch. > > [ Checklist ] > [X] all changes are documented in the d/changelog > [X] I reviewed all changes and I approve them > [X] attach debdiff against the package in testing > > unblock dtkcore/5.2.2.5-3 > diff -Nru dtkcore-5.2.2.5/debian/changelog dtkcore-5.2.2.5/debian/changelog > --- dtkcore-5.2.2.5/debian/changelog 2020-12-21 04:20:28.0 -0500 > +++ dtkcore-5.2.2.5/debian/changelog 2021-03-18 22:57:38.0 -0400 > @@ -1,3 +1,11 @@ > +dtkcore (5.2.2.5-3) unstable; urgency=high > + > + * debian/patches/0001-fix-access-null-pointer.patch: Apply upstream > +patch to avoid program crash when clicking "About" menu in Deepin > +Applications. (Closes: #985480) > + > + -- Boyuan Yang Thu, 18 Mar 2021 22:57:38 -0400 > + > dtkcore (5.2.2.5-2) unstable; urgency=medium > >* debian/libdtkcore5.symbols: > diff -Nru dtkcore-5.2.2.5/debian/libdtkcore5.symbols > dtkcore-5.2.2.5/debian/libdtkcore5.symbols > --- dtkcore-5.2.2.5/debian/libdtkcore5.symbols2020-12-21 > 04:20:28.0 -0500 > +++ dtkcore-5.2.2.5/debian/libdtkcore5.symbols2021-03-18 > 22:44:46.0 -0400 > @@ -199,6 +199,7 @@ > _ZN3Dtk4Core15DSysInfoPrivate16ensureDeepinInfoEv@Base 5.2.2 > _ZN3Dtk4Core15DSysInfoPrivate17ensureReleaseInfoEv@Base 5.2.2 > _ZN3Dtk4Core15DSysInfoPrivate18ensureComputerInfoEv@Base 5.2.2 > + _ZN3Dtk4Core15DSysInfoPrivate22ensureDistributionInfoEv@Base 5.2.2 Should these symbols really be part of the public ABI? Cheers > _ZN3Dtk4Core15DSysInfoPrivateC1Ev@Base 5.2.2 > _ZN3Dtk4Core15DSysInfoPrivateC2Ev@Base 5.2.2 > _ZN3Dtk4Core15QSettingBackend11doSetOptionERK7QStringRK8QVariant@Base 5.2.2 > diff -Nru dtkcore-5.2.2.5/debian/patches/0001-fix-access-null-pointer.patch > dtkcore-5.2.2.5/debian/patches/0001-fix-access-null-pointer.patch > --- dtkcore-5.2.2.5/debian/patches/0001-fix-access-null-pointer.patch > 1969-12-31 19:00:00.0 -0500 > +++ dtkcore-5.2.2.5/debian/patches/0001-fix-access-null-pointer.patch > 2021-03-18 22:57:38.0 -0400 > @@ -0,0 +1,65 @@ > +Description: fix access null pointer > + TODO: fix access null pointer > +Author: Hu Feng > + > +Forwarded: not-needed > +Reviewed-By: Boyuan Yang > +Last-Update: 2021-03-02 > + > +--- dtkcore-5.4.0.orig/src/dsysinfo.cpp > dtkcore-5.4.0/src/dsysinfo.cpp > +@@ -48,6 +48,7 @@ public: > + #ifdef Q_OS_LINUX > + void ensureDeepinInfo(); > + bool ensureOsVersion(); > ++void ensureDistributionInfo(); > + #endif > + void ensureReleaseInfo(); > + void ensureComputerInfo(); > +@@ -97,6 +98,16 @@ DSysInfoPrivate::DSysInfoPrivate() > + } > + > + #ifdef Q_OS_LINUX > ++void DSysInfoPrivate::ensureDistributionInfo() > ++{ > ++if (distributionInfo) > ++return; > ++ > ++const QString distributionInfoFile(DSysInfo::distributionInfoPath()); > ++// Generic DDE distribution info > ++distributionInfo.reset(new DDesktopEntry(distributionInfoFile)); > ++} > ++ > + void DSysInfoPrivate::ensureDeepinInfo() > + { > + if (static_cast(deepinType) >= 0) > +@@ -168,11 +179,6 @@ void DSysInfoPrivate::ensureDeepinInfo() > + } else { > + deepinType = DSysInfo::UnknownDeepin; > + } > +- > +-const QString distributionInfoFile(DSysInfo::distributionInfoPath()); > +-// Generic DDE distribution info > +-distributionInfo.reset(new DDesktopEntry(distributionInfoFile)); > +-QSettings distributionInfo(distributionInfoFile, QSettings::IniFormat); > // TODO: treat as `.desktop` format instead of `.ini` > + } > + > + bool DSysInfoPrivate::ensureOsVersion() > +@@ -734,7 +740,7 @@ QString DSysInfo::distributionInfoSectio > + QString DSysInfo::distributionOrgName(DSysInfo::OrgType type, const QLocale > ) > + { > + #ifdef Q_OS_LINUX > +-siGlobal->ensureDeepinInfo(); > ++siGlobal->ensureDistributionInfo(); > + #endif > + > + QString fallback = type == Distribution ? QStringLiteral("Deepin") : > QString(); > +@@ -757,7 +763,7 @@
Processed: Re: Bug#985541: unblock: dtkcore/5.2.2.5-3
Processing control commands: > tags -1 + moreinfo Bug #985541 [release.debian.org] unblock: dtkcore/5.2.2.5-3 Added tag(s) moreinfo. -- 985541: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985541 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
NEW changes in stable-new
Processing changes file: debian-archive-keyring_2019.1+deb10u1_amd64.changes ACCEPT Processing changes file: fetchmail_6.4.0~beta4-3+deb10u1_source.changes ACCEPT Processing changes file: fwupd_1.2.13-3+deb10u2_source.changes ACCEPT Processing changes file: groff_1.22.4-3+deb10u1_source.changes ACCEPT Processing changes file: m2crypto_0.31.0-4+deb10u2_source.changes ACCEPT Processing changes file: shibboleth-sp_3.0.4+dfsg1-1+deb10u1_source.changes ACCEPT Processing changes file: shibboleth-sp_3.0.4+dfsg1-1+deb10u1_all.changes ACCEPT Processing changes file: shibboleth-sp_3.0.4+dfsg1-1+deb10u1_amd64-buildd.changes ACCEPT Processing changes file: shibboleth-sp_3.0.4+dfsg1-1+deb10u1_arm64-buildd.changes ACCEPT Processing changes file: shibboleth-sp_3.0.4+dfsg1-1+deb10u1_armel-buildd.changes ACCEPT Processing changes file: shibboleth-sp_3.0.4+dfsg1-1+deb10u1_armhf-buildd.changes ACCEPT Processing changes file: shibboleth-sp_3.0.4+dfsg1-1+deb10u1_i386.changes ACCEPT Processing changes file: shibboleth-sp_3.0.4+dfsg1-1+deb10u1_mips-buildd.changes ACCEPT Processing changes file: shibboleth-sp_3.0.4+dfsg1-1+deb10u1_mips64el-buildd.changes ACCEPT Processing changes file: shibboleth-sp_3.0.4+dfsg1-1+deb10u1_mipsel-buildd.changes ACCEPT Processing changes file: shibboleth-sp_3.0.4+dfsg1-1+deb10u1_ppc64el-buildd.changes ACCEPT Processing changes file: shibboleth-sp_3.0.4+dfsg1-1+deb10u1_s390x.changes ACCEPT Processing changes file: tor_0.3.5.14-1_weasel.changes ACCEPT Processing changes file: tor_0.3.5.14-1_all.changes ACCEPT Processing changes file: tor_0.3.5.14-1_amd64-buildd.changes ACCEPT Processing changes file: tor_0.3.5.14-1_arm64-buildd.changes ACCEPT Processing changes file: tor_0.3.5.14-1_armel-buildd.changes ACCEPT Processing changes file: tor_0.3.5.14-1_armhf-buildd.changes ACCEPT Processing changes file: tor_0.3.5.14-1_i386.changes ACCEPT Processing changes file: tor_0.3.5.14-1_mips-buildd.changes ACCEPT Processing changes file: tor_0.3.5.14-1_mips64el-buildd.changes ACCEPT Processing changes file: tor_0.3.5.14-1_mipsel-buildd.changes ACCEPT Processing changes file: tor_0.3.5.14-1_ppc64el-buildd.changes ACCEPT Processing changes file: tor_0.3.5.14-1_s390x-buildd.changes ACCEPT
Bug#985472: buster-pu: package systemd/241-7~deb10u6
Control: tags -1 + confirmed On Thu, 2021-03-18 at 21:12 +0100, Michael Biebl wrote: > systemd (241-7~deb10u7) buster; urgency=medium > > * core: make sure to restore the control command id, too. > Fixes a segfault in systemd that can be triggered when both > daemon-reload and a service restart happen concurrently. (Closes: > #984495) > > https://salsa.debian.org/systemd-team/systemd/-/commit/99b743134a64d35506bdea0aac36eda47a19fc1a > > Happens rarely and is not easy to trigger. But a segfault in PID 1 is > never nice, so seems worthwile to fix. > > * seccomp: allow turning off of seccomp filtering via env var. > Since glibc 2.33 faccessat() is implemented via faccessat2(), > which > is breaking running containers that use such a version of glibc > under > systemd-nspawn in Buster. > Turning off seccomp filtering via the SYSTEMD_SECCOMP env var > makes it > possible to run such new containers. (Closes: #984573) > Please go ahead. Regards, Adam
Processed: Re: Bug#985472: buster-pu: package systemd/241-7~deb10u6
Processing control commands: > tags -1 + confirmed Bug #985472 [release.debian.org] buster-pu: package systemd/241-7~deb10u6 Added tag(s) confirmed. -- 985472: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985472 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: m2crypto 0.31.0-4+deb10u2 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 983485 = buster pending Bug #983485 [release.debian.org] buster-pu: package m2crypto/0.31.0-4+deb10u2 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 983485: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983485 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: fetchmail 6.4.0~beta4-3+deb10u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 981453 = buster pending Bug #981453 [release.debian.org] buster-pu: package fetchmail/6.4.0~beta4-3+deb10u1 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 981453: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=981453 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#985371: debian-archive-keyring 2019.1+deb10u1 flagged for acceptance
package release.debian.org tags 985371 = buster pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian buster. Thanks for your contribution! Upload details == Package: debian-archive-keyring Version: 2019.1+deb10u1 Explanation: add bullseye keys; retire jessie keys
Processed: groff 1.22.4-3+deb10u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 982311 = buster pending Bug #982311 [release.debian.org] buster-pu: package groff/1.22.4-3+deb10u1 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 982311: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982311 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#985466: buster-pu: package libpano13/2.9.19+dfsg-3+deb10u1
Processing control commands: > tags -1 + confirmed Bug #985466 [release.debian.org] buster-pu: package libpano13/2.9.19+dfsg-3+deb10u1 Added tag(s) confirmed. -- 985466: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985466 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: debian-archive-keyring 2019.1+deb10u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 985371 = buster pending Bug #985371 [release.debian.org] buster-pu: package debian-archive-keyring/2019.1+deb10u1 Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 985371: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985371 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#983485: m2crypto 0.31.0-4+deb10u2 flagged for acceptance
package release.debian.org tags 983485 = buster pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian buster. Thanks for your contribution! Upload details == Package: m2crypto Version: 0.31.0-4+deb10u2 Explanation: fix test failure with recent OpenSSL
Bug#985466: buster-pu: package libpano13/2.9.19+dfsg-3+deb10u1
Control: tags -1 + confirmed On Thu, 2021-03-18 at 18:01 +0100, Andreas Metzler wrote: > I would like to fix 985249 for buster. It is a straightforward format > string issue, as documented in the respective report. The issue is > fixed > in unstable (2.9.20~rc3+dfsg-1) but not yet in testing. +libpano13 (2.9.19+dfsg-3+deb10u1) buster; urgency=medium + + * 850_f02459498cb4_Prevent_string_vulnerability_by_refusing.diff +cherry-picked from 2.9.20 rc3: Fixes format string bug, pasing along +format strings in user specified output filename to printf. s/pasing/passing/ Please go ahead. Regards, Adam
Bug#981453: fetchmail 6.4.0~beta4-3+deb10u1 flagged for acceptance
package release.debian.org tags 981453 = buster pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian buster. Thanks for your contribution! Upload details == Package: fetchmail Version: 6.4.0~beta4-3+deb10u1 Explanation: no longer report "System error during SSL_connect(): Success"; remove OpenSSL version check
Bug#982311: groff 1.22.4-3+deb10u1 flagged for acceptance
package release.debian.org tags 982311 = buster pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian buster. Thanks for your contribution! Upload details == Package: groff Version: 1.22.4-3+deb10u1 Explanation: rebuild against ghostscript 9.27
Bug#985450: buster-pu: package exim4/4.92-8+deb10u5
Control: tags -1 + confirmed On Thu, 2021-03-18 at 13:53 +0100, Andreas Metzler wrote: > I would like to fix two issues in buster: > #1 Fix use of concurrent TLS connections under GnuTLS. When a > callout was >done during a receiving connection, and both used TLS, global info > was >used rather than per-connection info for tracking the state of > data >queued for transmission. This could result in a connection hang. > > #2 Fix issues related to certificate checking: > a) Cherry-pick a bugfix to get proper hostname checking with CNAMES. > Without this patch when connecting to a CNAME the server provided > cert > is checked against the A record instead of the original cname. > #985243 > > b) Document limitation/extent of server certificate checking that is > done by default and how to change it. #985244 and #985344 > Please go ahead. Regards, Adam
Processed: Re: Bug#985450: buster-pu: package exim4/4.92-8+deb10u5
Processing control commands: > tags -1 + confirmed Bug #985450 [release.debian.org] buster-pu: package exim4/4.92-8+deb10u5 Added tag(s) confirmed. -- 985450: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985450 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#985495: marked as done (unblock: sddm/0.19.0-3)
Your message dated Fri, 19 Mar 2021 19:18:32 + with message-id and subject line unblock sddm has caused the Debian Bug report #985495, regarding unblock: sddm/0.19.0-3 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 985495: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985495 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: debian-qt-...@lists.debian.org Please unblock package sddm [ Reason ] SDDM currently has a bug where users having fish as their default shell don’t get proper sourcing of the standard /etc/profile and $HOME/.profile files. [ Impact ] Users with fish as their default shell get an incorrect environment setup. [ Tests ] - Manually tested the impact on environment variables of the versions before and after patch for a user with fish shell as default. - Used for a week with my usual user having bash as default shell and checked that I didn’t notice any impact. [ Risks ] The changes are in fish-specific branches of the code, and the commit is backported from upstream so I consider the risk to be very low. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] <3 <3 <3 unblock sddm/0.19.0-3 diff -Nru sddm-0.19.0/debian/changelog sddm-0.19.0/debian/changelog --- sddm-0.19.0/debian/changelog2020-11-09 20:38:45.0 +0100 +++ sddm-0.19.0/debian/changelog2021-03-17 22:41:58.0 +0100 @@ -1,3 +1,10 @@ +sddm (0.19.0-3) unstable; urgency=medium + + * Cherry-pick upstream commit to re-add sourcing of /etc/profile and +$HOME/.profile for users with fish as their default shell. + + -- Aurélien COUDERC Wed, 17 Mar 2021 22:41:58 +0100 + sddm (0.19.0-2) unstable; urgency=medium [ Norbert Preining ] diff -Nru sddm-0.19.0/debian/patches/series sddm-0.19.0/debian/patches/series --- sddm-0.19.0/debian/patches/series 2020-11-09 20:38:45.0 +0100 +++ sddm-0.19.0/debian/patches/series 2021-03-17 22:39:38.0 +0100 @@ -5,3 +5,4 @@ 05_add_debian_themes.diff 06_nvidia_prime_setup.diff upstream-2f034906d-use-only-basename-of-session.patch +upstream-8ad3c5afd-re-add-fish-profile-sourcing.diff diff -Nru sddm-0.19.0/debian/patches/upstream-8ad3c5afd-re-add-fish-profile-sourcing.diff sddm-0.19.0/debian/patches/upstream-8ad3c5afd-re-add-fish-profile-sourcing.diff --- sddm-0.19.0/debian/patches/upstream-8ad3c5afd-re-add-fish-profile-sourcing.diff 1970-01-01 01:00:00.0 +0100 +++ sddm-0.19.0/debian/patches/upstream-8ad3c5afd-re-add-fish-profile-sourcing.diff 2021-03-17 22:39:38.0 +0100 @@ -0,0 +1,31 @@ +Origin: https://github.com/sddm/sddm/commit/cf65e99eb8abfe2ee1ef7e2f7dc43862e83bf0ab +From: soredake +Date: Tue, 9 Mar 2021 07:28:11 + +Subject: Add fish /etc/profile and $HOME/.profile sourcing +--- +diff --git a/data/scripts/Xsession b/data/scripts/Xsession +index 54498101..d0c2605f 100755 +--- a/data/scripts/Xsession b/data/scripts/Xsession +@@ -39,6 +39,8 @@ case $SHELL in + rm -f $xsess_tmp + ;; + */fish) ++[ -f /etc/profile ] && . /etc/profile ++[ -f $HOME/.profile ] && . $HOME/.profile + xsess_tmp=`mktemp /tmp/xsess-env-XX` + $SHELL --login -c "/bin/sh -c 'export -p' > $xsess_tmp" + . $xsess_tmp +diff --git a/data/scripts/wayland-session b/data/scripts/wayland-session +index 1f905543..552a39f5 100755 +--- a/data/scripts/wayland-session b/data/scripts/wayland-session +@@ -43,6 +43,8 @@ case $SHELL in + rm -f $wlsess_tmp + ;; + */fish) ++[ -f /etc/profile ] && . /etc/profile ++[ -f $HOME/.profile ] && . $HOME/.profile + xsess_tmp=`mktemp /tmp/xsess-env-XX` + $SHELL --login -c "/bin/sh -c 'export -p' > $xsess_tmp" + . $xsess_tmp diff -Nru sddm-0.19.0/debian/wayland-session sddm-0.19.0/debian/wayland-session --- sddm-0.19.0/debian/wayland-session 2020-11-09 20:38:45.0 +0100 +++ sddm-0.19.0/debian/wayland-session 2021-03-17 22:41:25.0 +0100 @@ -36,9 +36,8 @@ rm -f $wlsess_tmp ;; */fish) -# Fish is not a POSIX 1003.1 compatible shell -# https://github.com/fish-shell/fish-shell/issues/3665 -# [ -f /etc/profile ] && . /etc/profile +[ -f /etc/profile ] && . /etc/profile +[ -f $HOME/.profile ] && . $HOME/.profile xsess_tmp=`mktemp /tmp/xsess-env-XX` $SHELL --login -c "/bin/sh -c 'export -p' > $xsess_tmp" .
Bug#985229: unblock: musescore2/2.3.2+dfsg4-14, musescore3/3.2.3+dfsg2-10, musescore-general-soundfont/0.2-3, timgm6mb-soundfont/1.3-5
Dixi quod… >[ Other info ] >I have another set of uploads for musescore2 and musescore3 fixing >crash bugs coming up (not uploading them today, I want upstream to >have a go at reviewing the change first). How should this be handled? >Should I first wait until the current set of packages is unblocked >and has migrated to testing? Otherwise, if I upload now musescore2 >would get AUTORM’d which is suboptimal. Waiting so long will however >delay availability of the fix even to sid users. On second thought, this fix (involving crashes caused by soundfonts) needs to go some rounds through affected parties (MuseScore upstream, soundfont author, even input from FluidSynth upstream) so I’d prefer for all four to be unblocked as-is with the #984592 fix only and will handle the other fix once it’s there and tested. Thanks, //mirabilos -- "Using Lynx is like wearing a really good pair of shades: cuts out the glare and harmful UV (ultra-vanity), and you feel so-o-o COOL." -- Henry Nelson, March 1999
Processed: Re: Bug#985545: buster-pu: package cloud-init/20.2-2~deb10u1
Processing control commands: > tags -1 + confirmed Bug #985545 [release.debian.org] buster-pu: package cloud-init/20.2-2~deb10u1 Added tag(s) confirmed. -- 985545: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985545 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#985545: buster-pu: package cloud-init/20.2-2~deb10u1
Control: tags -1 + confirmed On Fri, 2021-03-19 at 09:56 -0700, Noah Meyerhans wrote: > I have prepared a update for cloud-init in buster targeting CVE-2021- > 3429. > After consulation with the security team, we've decided that this > doesn't > warrant a DSA on its own but that it should be included with a stable > point release. > Please go ahead. Regards, Adam
Bug#985552: unblock: cloud-init/20.4.1-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package cloud-init cloud-init 20.4.1-2 includes a targeted fix for bug #985540 (CVE-2021-3429). The fix was cherry-picked with minimal modifications from upstream's git repository and has been tested to validate the expected change in behavior (passwords are no longer logged to world-readable files). debdiff against the current bullseye version is attached. unblock cloud-init/20.4.1-2 diff -Nru cloud-init-20.4.1/debian/changelog cloud-init-20.4.1/debian/changelog --- cloud-init-20.4.1/debian/changelog 2021-01-19 10:27:39.0 -0800 +++ cloud-init-20.4.1/debian/changelog 2021-03-19 09:18:59.0 -0700 @@ -1,3 +1,10 @@ +cloud-init (20.4.1-2) unstable; urgency=high + + * Avoid logging generated passwords to world-readable log files. +CVE-2021-3429. (Closes: #985540) + + -- Noah Meyerhans Fri, 19 Mar 2021 09:18:59 -0700 + cloud-init (20.4.1-1) unstable; urgency=medium * d/watch: switch upstream to github diff -Nru cloud-init-20.4.1/debian/patches/dont_log_generated_passwords.patch cloud-init-20.4.1/debian/patches/dont_log_generated_passwords.patch --- cloud-init-20.4.1/debian/patches/dont_log_generated_passwords.patch 1969-12-31 16:00:00.0 -0800 +++ cloud-init-20.4.1/debian/patches/dont_log_generated_passwords.patch 2021-03-19 09:18:59.0 -0700 @@ -0,0 +1,316 @@ +Description: Don't log generated passwords +Origin: upstream +Bug-Debian: https://bugs.debian.org/985540 +Applied-Upstream: https://github.com/canonical/cloud-init/commit/b794d426b9ab43ea9d6371477466070d86e10668 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +diff --git a/cloudinit/config/cc_set_passwords.py b/cloudinit/config/cc_set_passwords.py +index d6b5682db..433de751f 100755 +--- a/cloudinit/config/cc_set_passwords.py b/cloudinit/config/cc_set_passwords.py +@@ -78,7 +78,6 @@ + """ + + import re +-import sys + + from cloudinit.distros import ug_util + from cloudinit import log as logging +@@ -214,7 +213,9 @@ def handle(_name, cfg, cloud, log, args): + if len(randlist): + blurb = ("Set the following 'random' passwords\n", + '\n'.join(randlist)) +-sys.stderr.write("%s\n%s\n" % blurb) ++util.multi_log( ++"%s\n%s\n" % blurb, stderr=False, fallback_to_stdout=False ++) + + if expire: + expired_users = [] +diff --git a/cloudinit/config/tests/test_set_passwords.py b/cloudinit/config/tests/test_set_passwords.py +index daa1ef518..bbe2ee8fa 100644 +--- a/cloudinit/config/tests/test_set_passwords.py b/cloudinit/config/tests/test_set_passwords.py +@@ -74,10 +74,6 @@ class TestSetPasswordsHandle(CiTestCase): + + with_logs = True + +-def setUp(self): +-super(TestSetPasswordsHandle, self).setUp() +-self.add_patch('cloudinit.config.cc_set_passwords.sys.stderr', 'm_err') +- + def test_handle_on_empty_config(self, *args): + """handle logs that no password has changed when config is empty.""" + cloud = self.tmp_cloud(distro='ubuntu') +@@ -129,10 +125,12 @@ def test_bsd_calls_custom_pw_cmds_to_set_and_expire_passwords( + mock.call(['pw', 'usermod', 'ubuntu', '-p', '01-Jan-1970'])], + m_subp.call_args_list) + ++@mock.patch(MODPATH + "util.multi_log") + @mock.patch(MODPATH + "util.is_BSD") + @mock.patch(MODPATH + "subp.subp") +-def test_handle_on_chpasswd_list_creates_random_passwords(self, m_subp, +- m_is_bsd): ++def test_handle_on_chpasswd_list_creates_random_passwords( ++self, m_subp, m_is_bsd, m_multi_log ++): + """handle parses command set random passwords.""" + m_is_bsd.return_value = False + cloud = self.tmp_cloud(distro='ubuntu') +@@ -146,10 +144,32 @@ def test_handle_on_chpasswd_list_creates_random_passwords(self, m_subp, + self.assertIn( + 'DEBUG: Handling input for chpasswd as list.', + self.logs.getvalue()) +-self.assertNotEqual( +-[mock.call(['chpasswd'], +- '\n'.join(valid_random_pwds) + '\n')], +-m_subp.call_args_list) ++ ++self.assertEqual(1, m_subp.call_count) ++args, _kwargs = m_subp.call_args ++self.assertEqual(["chpasswd"], args[0]) ++ ++stdin = args[1] ++user_pass = { ++user: password ++for user, password ++in (line.split(":") for line in stdin.splitlines()) ++} ++ ++self.assertEqual(1, m_multi_log.call_count) ++self.assertEqual( ++mock.call(mock.ANY, stderr=False, fallback_to_stdout=False), ++m_multi_log.call_args ++) ++ ++self.assertEqual(set(["root", "ubuntu"]), set(user_pass.keys())) ++written_lines =
NEW changes in stable-new
Processing changes file: linux_4.19.181-1_source.changes ACCEPT
Bug#985545: buster-pu: package cloud-init/20.2-2~deb10u1
Package: release.debian.org Severity: normal Tags: buster User: release.debian@packages.debian.org Usertags: pu I have prepared a update for cloud-init in buster targeting CVE-2021-3429. After consulation with the security team, we've decided that this doesn't warrant a DSA on its own but that it should be included with a stable point release. The issue in question is that cloud-init can be configured to generate and apply a random password for an account on the system where it's running. When it does so, the password is logged to a world-readable file. The immediate fix is to stop logging to that file, and Ubuntu is also going to stop making that file world-readable in the future. In the future we may consider changing the default permissions of the log file, but for buster we won't do that. The proposed debdiff, backported from upstream's fix, is attached. I have verified that functionality is preserved but the password is no longer logged to /var/log/cloud-init-output.log. It is still logged to the console as expected (access to which is typically access-controlled in cloud environments). Please note that, since the details of this issue were just made public, the fix has been uploaded to unstable only within the past few minutes. Thanks noah diff -Nru cloud-init-20.2/debian/changelog cloud-init-20.2/debian/changelog --- cloud-init-20.2/debian/changelog2020-06-30 17:20:38.0 -0700 +++ cloud-init-20.2/debian/changelog2021-03-19 09:43:23.0 -0700 @@ -1,3 +1,10 @@ +cloud-init (20.2-2~deb10u2) buster; urgency=high + + * Avoid logging generated passwords to world-readable log files. +CVE-2021-3429. (Closes: #985540) + + -- Noah Meyerhans Fri, 19 Mar 2021 09:43:23 -0700 + cloud-init (20.2-2~deb10u1) buster; urgency=medium * Release for buster. No further changes. diff -Nru cloud-init-20.2/debian/patches/dont_log_generated_passwords.patch cloud-init-20.2/debian/patches/dont_log_generated_passwords.patch --- cloud-init-20.2/debian/patches/dont_log_generated_passwords.patch 1969-12-31 16:00:00.0 -0800 +++ cloud-init-20.2/debian/patches/dont_log_generated_passwords.patch 2021-03-19 09:41:57.0 -0700 @@ -0,0 +1,278 @@ +Description: Don't log generated passwords +Origin: upstream +Bug-Debian: https://bugs.debian.org/985540 +Applied-Upstream: https://github.com/canonical/cloud-init/commit/b794d426b9ab43ea9d6371477466070d86e10668 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: cloud-init/cloudinit/config/cc_set_passwords.py +=== +--- cloud-init.orig/cloudinit/config/cc_set_passwords.py cloud-init/cloudinit/config/cc_set_passwords.py +@@ -78,7 +78,6 @@ password. + """ + + import re +-import sys + + from cloudinit.distros import ug_util + from cloudinit import log as logging +@@ -213,7 +212,9 @@ def handle(_name, cfg, cloud, log, args) + if len(randlist): + blurb = ("Set the following 'random' passwords\n", + '\n'.join(randlist)) +-sys.stderr.write("%s\n%s\n" % blurb) ++util.multi_log( ++"%s\n%s\n" % blurb, stderr=False, fallback_to_stdout=False ++) + + if expire: + expired_users = [] +Index: cloud-init/cloudinit/config/tests/test_set_passwords.py +=== +--- cloud-init.orig/cloudinit/config/tests/test_set_passwords.py cloud-init/cloudinit/config/tests/test_set_passwords.py +@@ -74,10 +74,6 @@ class TestSetPasswordsHandle(CiTestCase) + + with_logs = True + +-def setUp(self): +-super(TestSetPasswordsHandle, self).setUp() +-self.add_patch('cloudinit.config.cc_set_passwords.sys.stderr', 'm_err') +- + def test_handle_on_empty_config(self, *args): + """handle logs that no password has changed when config is empty.""" + cloud = self.tmp_cloud(distro='ubuntu') +@@ -129,10 +125,11 @@ class TestSetPasswordsHandle(CiTestCase) + mock.call(['pw', 'usermod', 'ubuntu', '-p', '01-Jan-1970'])], + m_subp.call_args_list) + ++@mock.patch(MODPATH + "util.multi_log") + @mock.patch(MODPATH + "util.is_BSD") + @mock.patch(MODPATH + "util.subp") + def test_handle_on_chpasswd_list_creates_random_passwords(self, m_subp, +- m_is_bsd): ++ m_is_bsd, m_multi_log): + """handle parses command set random passwords.""" + m_is_bsd.return_value = False + cloud = self.tmp_cloud(distro='ubuntu') +@@ -146,10 +143,32 @@ class TestSetPasswordsHandle(CiTestCase) + self.assertIn( + 'DEBUG: Handling input for chpasswd as list.', + self.logs.getvalue()) +-self.assertNotEqual( +-[mock.call(['chpasswd'], +-
Re: 10.9 planning
On Fri, Mar 19, 2021 at 05:18:43PM +0100, Julien Cristau wrote: >On Fri, Mar 19, 2021 at 04:14:31PM +, Steve McIntyre wrote: >> In fact, how about: we *could* go ahead with the 10.9 point release as >> already planned, and expect to do a 10.10 a couple of weeks later with >> basically *just* the shim/SB changes? I'm OK to go with that option if >> that's our preferred route as a group. >> >Is there actually a rush to get 10.10 out? Are people eager to push out >revocations? Or can we do it on our normal cadence, some time in May or >thereabouts, without adverse consequences? There's a distinct push to try and get things out ASAP so we can fix the revocation cycles killing EFI storage space. That's worrying a lot of people. I don't have a good idea of the ETA for issuing that last round of revocations, as that's a sore subject. -- Steve McIntyre, Cambridge, UK.st...@einval.com You lock the door And throw away the key There's someone in my head but it's not me
Bug#985541: unblock: dtkcore/5.2.2.5-3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-CC: pkg-deepin-de...@lists.alioth.debian.org Please unblock package dtkcore [ Reason ] Current version of dtkcore would cause all Deepin applications to crash when clicking the "About" menu. The new dtkcore/5.2.2.5-3 provides a targeted patch coming from Deepin upstream to solve this bug. The bug is documented as https://bugs.debian.org/985480 . [ Impact ] If the bug is not fixed, all deepin applications (deepin-*) will crash when the user clicks the "About" menu. [ Tests ] Click the "About" menu with different versions of libdtkcore5 installed. The new version will not crash. All buildd build in Debian sid on release architectures have succeeded. [ Risks ] The risk of introducing regression should be minimal according to my understanding to the patch. [ Checklist ] [X] all changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in testing unblock dtkcore/5.2.2.5-3 diff -Nru dtkcore-5.2.2.5/debian/changelog dtkcore-5.2.2.5/debian/changelog --- dtkcore-5.2.2.5/debian/changelog 2020-12-21 04:20:28.0 -0500 +++ dtkcore-5.2.2.5/debian/changelog 2021-03-18 22:57:38.0 -0400 @@ -1,3 +1,11 @@ +dtkcore (5.2.2.5-3) unstable; urgency=high + + * debian/patches/0001-fix-access-null-pointer.patch: Apply upstream +patch to avoid program crash when clicking "About" menu in Deepin +Applications. (Closes: #985480) + + -- Boyuan Yang Thu, 18 Mar 2021 22:57:38 -0400 + dtkcore (5.2.2.5-2) unstable; urgency=medium * debian/libdtkcore5.symbols: diff -Nru dtkcore-5.2.2.5/debian/libdtkcore5.symbols dtkcore-5.2.2.5/debian/libdtkcore5.symbols --- dtkcore-5.2.2.5/debian/libdtkcore5.symbols 2020-12-21 04:20:28.0 -0500 +++ dtkcore-5.2.2.5/debian/libdtkcore5.symbols 2021-03-18 22:44:46.0 -0400 @@ -199,6 +199,7 @@ _ZN3Dtk4Core15DSysInfoPrivate16ensureDeepinInfoEv@Base 5.2.2 _ZN3Dtk4Core15DSysInfoPrivate17ensureReleaseInfoEv@Base 5.2.2 _ZN3Dtk4Core15DSysInfoPrivate18ensureComputerInfoEv@Base 5.2.2 + _ZN3Dtk4Core15DSysInfoPrivate22ensureDistributionInfoEv@Base 5.2.2 _ZN3Dtk4Core15DSysInfoPrivateC1Ev@Base 5.2.2 _ZN3Dtk4Core15DSysInfoPrivateC2Ev@Base 5.2.2 _ZN3Dtk4Core15QSettingBackend11doSetOptionERK7QStringRK8QVariant@Base 5.2.2 diff -Nru dtkcore-5.2.2.5/debian/patches/0001-fix-access-null-pointer.patch dtkcore-5.2.2.5/debian/patches/0001-fix-access-null-pointer.patch --- dtkcore-5.2.2.5/debian/patches/0001-fix-access-null-pointer.patch 1969-12-31 19:00:00.0 -0500 +++ dtkcore-5.2.2.5/debian/patches/0001-fix-access-null-pointer.patch 2021-03-18 22:57:38.0 -0400 @@ -0,0 +1,65 @@ +Description: fix access null pointer + TODO: fix access null pointer +Author: Hu Feng + +Forwarded: not-needed +Reviewed-By: Boyuan Yang +Last-Update: 2021-03-02 + +--- dtkcore-5.4.0.orig/src/dsysinfo.cpp dtkcore-5.4.0/src/dsysinfo.cpp +@@ -48,6 +48,7 @@ public: + #ifdef Q_OS_LINUX + void ensureDeepinInfo(); + bool ensureOsVersion(); ++void ensureDistributionInfo(); + #endif + void ensureReleaseInfo(); + void ensureComputerInfo(); +@@ -97,6 +98,16 @@ DSysInfoPrivate::DSysInfoPrivate() + } + + #ifdef Q_OS_LINUX ++void DSysInfoPrivate::ensureDistributionInfo() ++{ ++if (distributionInfo) ++return; ++ ++const QString distributionInfoFile(DSysInfo::distributionInfoPath()); ++// Generic DDE distribution info ++distributionInfo.reset(new DDesktopEntry(distributionInfoFile)); ++} ++ + void DSysInfoPrivate::ensureDeepinInfo() + { + if (static_cast(deepinType) >= 0) +@@ -168,11 +179,6 @@ void DSysInfoPrivate::ensureDeepinInfo() + } else { + deepinType = DSysInfo::UnknownDeepin; + } +- +-const QString distributionInfoFile(DSysInfo::distributionInfoPath()); +-// Generic DDE distribution info +-distributionInfo.reset(new DDesktopEntry(distributionInfoFile)); +-QSettings distributionInfo(distributionInfoFile, QSettings::IniFormat); // TODO: treat as `.desktop` format instead of `.ini` + } + + bool DSysInfoPrivate::ensureOsVersion() +@@ -734,7 +740,7 @@ QString DSysInfo::distributionInfoSectio + QString DSysInfo::distributionOrgName(DSysInfo::OrgType type, const QLocale ) + { + #ifdef Q_OS_LINUX +-siGlobal->ensureDeepinInfo(); ++ siGlobal->ensureDistributionInfo(); + #endif + + QString fallback = type == Distribution ? QStringLiteral("Deepin") : QString(); +@@ -757,7 +763,7 @@ QString DSysInfo::deepinDistributorName( + QPair DSysInfo::distributionOrgWebsite(DSysInfo::OrgType type) + { + #ifdef Q_OS_LINUX +-siGlobal->ensureDeepinInfo(); ++ siGlobal->ensureDistributionInfo(); + #endif + + QString fallbackSiteName = type == Distribution ? QStringLiteral("www.deepin.org") : QString(); diff -Nru dtkcore-5.2.2.5/debian/patches/series dtkcore-5.2.2.5/debian/patches/series ---
Re: 10.9 planning
On Fri, Mar 19, 2021 at 04:14:31PM +, Steve McIntyre wrote: > In fact, how about: we *could* go ahead with the 10.9 point release as > already planned, and expect to do a 10.10 a couple of weeks later with > basically *just* the shim/SB changes? I'm OK to go with that option if > that's our preferred route as a group. > Is there actually a rush to get 10.10 out? Are people eager to push out revocations? Or can we do it on our normal cadence, some time in May or thereabouts, without adverse consequences? Thanks, Julien
Re: 10.9 planning
On Fri, Mar 19, 2021 at 04:07:59PM +, Steve McIntyre wrote: >On Fri, Mar 19, 2021 at 12:24:45PM +, Adam Barratt wrote: >>Hi Steve, >> >>On Fri, 2021-03-19 at 11:42 +, Steve McIntyre wrote: >>> Houston, we have a problem. I know that you've announced the 27th for >>> the point release, but we're not going to have a new shim ready for >>> then. >>> >>> We've been hard at work testing and fixing things for the last couple >>> of weeks, but it's been slow going. We've *just* had a 15.3-rc3 >>> release candidate published last night. Even if that all looks OK and >>> we don't find any more bugs in testing (fingers crossed!), we're not >>> going to have a proper 15.3 release ready to go for >>> review/testing/signing in time for it to make it into a buster point >>> release next weekend. >> >>Thanks for the update. :-( >> >>Do you have a sense of when things _might_ be ready? Depending on >>timings it might be worth us getting the bulk of 10.9 out of the way >>and working out what to do about shim later on. > >At this point, I do not have a lot of confidence to pick a reliable >substitute date. Once we have a 15.3 release *done*, I'm thinking >adding a couple of weeks after that point is probably the most >sensible thing we can do. That's enough notice for the teams, I hope? >And it will be enough time to get stuff reviewed and signed. I'll be >one of the people driving the review process, and the reviews for this >round should be minimal - we'll be using a totally vanilla new release >with no local patches. > >I'll keep you updated as soon as i have any news. In fact, how about: we *could* go ahead with the 10.9 point release as already planned, and expect to do a 10.10 a couple of weeks later with basically *just* the shim/SB changes? I'm OK to go with that option if that's our preferred route as a group. (Obviously, either of these options will be eating into time for fixing things for a Bullseye release.) -- Steve McIntyre, Cambridge, UK.st...@einval.com Into the distance, a ribbon of black Stretched to the point of no turning back
Re: 10.9 planning
On Fri, Mar 19, 2021 at 12:24:45PM +, Adam Barratt wrote: >Hi Steve, > >On Fri, 2021-03-19 at 11:42 +, Steve McIntyre wrote: >> Houston, we have a problem. I know that you've announced the 27th for >> the point release, but we're not going to have a new shim ready for >> then. >> >> We've been hard at work testing and fixing things for the last couple >> of weeks, but it's been slow going. We've *just* had a 15.3-rc3 >> release candidate published last night. Even if that all looks OK and >> we don't find any more bugs in testing (fingers crossed!), we're not >> going to have a proper 15.3 release ready to go for >> review/testing/signing in time for it to make it into a buster point >> release next weekend. > >Thanks for the update. :-( > >Do you have a sense of when things _might_ be ready? Depending on >timings it might be worth us getting the bulk of 10.9 out of the way >and working out what to do about shim later on. At this point, I do not have a lot of confidence to pick a reliable substitute date. Once we have a 15.3 release *done*, I'm thinking adding a couple of weeks after that point is probably the most sensible thing we can do. That's enough notice for the teams, I hope? And it will be enough time to get stuff reviewed and signed. I'll be one of the people driving the review process, and the reviews for this round should be minimal - we'll be using a totally vanilla new release with no local patches. I'll keep you updated as soon as i have any news. -- Steve McIntyre, Cambridge, UK.st...@einval.com Can't keep my eyes from the circling sky, Tongue-tied & twisted, Just an earth-bound misfit, I...
Bug#983526: buster-pu: package python-django/1:1.11.29-1+deb10u1
Hi Julien, > I'm not convinced the regression risk here, of changing the longstanding > behaviour, is worth it. People using a caching reverse proxy with a > different config wrt query strings can just as well fix the issue on > that end. Fair enough. However, do note that this changelog was superseded by the following: python-django (1:1.11.29-1~deb10u2) buster; urgency=medium * CVE-2020-24583: Fix incorrect permissions on intermediate-level directories on Python 3.7+. FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files and to intermediate-level collected static directories when using the collectstatic management command. You should review and manually fix permissions on existing intermediate-level directories. (Closes: #969367) * CVE-2020-24584: Correct permission escalation vulnerability in intermediate-level directories of the file system cache. On Python 3.7 and above, the intermediate-level directories of the file system cache had the system's standard umask rather than 0o077 (no group or others permissions). (Closes: #969367) * CVE-2021-3281: Fix a potential directory-traversal exploit via archive.extract(). The django.utils.archive.extract() function, used by startapp --template and startproject --template, allowed directory traversal via an archive with absolute paths or relative paths with dot segments. (Closes: #981562) * CVE-2021-23336: Prevent a web cache poisoning attack via "parameter cloaking". Django contains a copy of urllib.parse.parse_qsl() which was added to backport some security fixes. A further security fix has been issued recently such that parse_qsl() no longer allows using ";" as a query parameter separator by default. (Closes: #983090) Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org chris-lamb.co.uk `-
Re: 10.9 planning
Hi Steve, On Fri, 2021-03-19 at 11:42 +, Steve McIntyre wrote: > Houston, we have a problem. I know that you've announced the 27th for > the point release, but we're not going to have a new shim ready for > then. > > We've been hard at work testing and fixing things for the last couple > of weeks, but it's been slow going. We've *just* had a 15.3-rc3 > release candidate published last night. Even if that all looks OK and > we don't find any more bugs in testing (fingers crossed!), we're not > going to have a proper 15.3 release ready to go for > review/testing/signing in time for it to make it into a buster point > release next weekend. Thanks for the update. :-( Do you have a sense of when things _might_ be ready? Depending on timings it might be worth us getting the bulk of 10.9 out of the way and working out what to do about shim later on. Regards, Adam
Bug#985475: marked as done (unblock: starpu/1.3.7+dfsg-3)
Your message dated Fri, 19 Mar 2021 13:17:39 +0100 with message-id <20210319121739.gc28...@ramacher.at> and subject line Re: Bug#985475: unblock: starpu/1.3.7+dfsg-3 has caused the Debian Bug report #985475, regarding unblock: starpu/1.3.7+dfsg-3 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 985475: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985475 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hello, Please unblock package starpu [ Reason ] #985436 reported a broken symlink in libstarpu-dev which is due to a mere missing dependency. [ Impact ] Without it, the user has to install the libstarpurm-1.3-1 binary package by hand in addition to libstarpu-dev, so as to be able to link with -lstarpurm [ Tests ] Issue detected by piupart, seen as fixed by piuparts. [ Risks ] Code is trivial: just an additional dependency that should have been there from the start. [ Checklist ] [X] all changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in testing unblock starpu/1.3.7+dfsg-3 diff -Nru starpu-1.3.7+dfsg/debian/changelog starpu-1.3.7+dfsg/debian/changelog --- starpu-1.3.7+dfsg/debian/changelog 2021-01-16 13:37:36.0 +0100 +++ starpu-1.3.7+dfsg/debian/changelog 2021-03-18 22:50:37.0 +0100 @@ -1,3 +1,10 @@ +starpu (1.3.7+dfsg-3) unstable; urgency=medium + + * control: Make libstarpu-dev depend on libstarpurm-1.3-1 +(Closes: Bug#985436). + + -- Samuel Thibault Thu, 18 Mar 2021 22:50:37 +0100 + starpu (1.3.7+dfsg-2) unstable; urgency=medium * control: Fix libstarpurm providing libstarpu-anyrm. diff -Nru starpu-1.3.7+dfsg/debian/control starpu-1.3.7+dfsg/debian/control --- starpu-1.3.7+dfsg/debian/control2020-12-31 14:48:16.0 +0100 +++ starpu-1.3.7+dfsg/debian/control2021-03-18 22:49:38.0 +0100 @@ -30,7 +30,7 @@ Package: libstarpu-dev Section: libdevel Architecture: any -Depends: libstarpu-1.3-5 (= ${binary:Version}) | libstarpu-any-1.3-5, libstarpufft-1.3-2 (= ${binary:Version}) | libstarpu-anyfft-1.3-2, libstarpumpi-1.3-3 (= ${binary:Version}) | libstarpu-anympi-1.3-3, libsocl-1.3-0 (= ${binary:Version}) | libsocl-any-1.3-0, ${misc:Depends}, libhwloc-dev, opencl-headers, ocl-icd-opencl-dev +Depends: libstarpu-1.3-5 (= ${binary:Version}) | libstarpu-any-1.3-5, libstarpufft-1.3-2 (= ${binary:Version}) | libstarpu-anyfft-1.3-2, libstarpumpi-1.3-3 (= ${binary:Version}) | libstarpu-anympi-1.3-3, libsocl-1.3-0 (= ${binary:Version}) | libsocl-any-1.3-0, libstarpurm-1.3-1 (= ${binary:Version}) | libstarpu-anyrm-1.3-1, ${misc:Depends}, libhwloc-dev, opencl-headers, ocl-icd-opencl-dev Conflicts: libstarpu-contrib-dev Provides: libstarpu-any-dev Description: Task scheduler for heterogeneous multicore machines - dev --- End Message --- --- Begin Message --- On 2021-03-18 23:13:51, Samuel Thibault wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > > Hello, > > Please unblock package starpu > > [ Reason ] > #985436 reported a broken symlink in libstarpu-dev which is due to a > mere missing dependency. > > [ Impact ] > Without it, the user has to install the libstarpurm-1.3-1 binary package > by hand in addition to libstarpu-dev, so as to be able to link with > -lstarpurm > > [ Tests ] > Issue detected by piupart, seen as fixed by piuparts. > > [ Risks ] > Code is trivial: just an additional dependency that should have been > there from the start. > > [ Checklist ] > [X] all changes are documented in the d/changelog > [X] I reviewed all changes and I approve them > [X] attach debdiff against the package in testing > > unblock starpu/1.3.7+dfsg-3 The package has a autopkgtest and isn't a key package, so doesn't require an action from our side. Cheers > diff -Nru starpu-1.3.7+dfsg/debian/changelog > starpu-1.3.7+dfsg/debian/changelog > --- starpu-1.3.7+dfsg/debian/changelog2021-01-16 13:37:36.0 > +0100 > +++ starpu-1.3.7+dfsg/debian/changelog2021-03-18 22:50:37.0 > +0100 > @@ -1,3 +1,10 @@ > +starpu (1.3.7+dfsg-3) unstable; urgency=medium > + > + * control: Make libstarpu-dev depend on libstarpurm-1.3-1 > +(Closes: Bug#985436). > + > + -- Samuel Thibault Thu, 18 Mar 2021 22:50:37 +0100 > + > starpu (1.3.7+dfsg-2) unstable; urgency=medium > >* control: Fix libstarpurm providing libstarpu-anyrm. > diff -Nru
Bug#985488: unblock: pinball/0.3.20201218-2
Control: tags -1 + moreinfo On 2021-03-19 09:29:45, Yadd wrote: > diff --git a/debian/changelog b/debian/changelog > index d89bef9..4d8dcd6 100644 > --- a/debian/changelog > +++ b/debian/changelog > @@ -1,3 +1,10 @@ > +pinball (0.3.20201218-2) unstable; urgency=medium > + > + * d/control: Update preferred libstdc++ version (Closes: #985440) > + * d/control: Update standards to latest > + > + -- Philippe Coval Thu, 18 Mar 2021 12:06:12 +0100 > + > pinball (0.3.20201218-1) unstable; urgency=medium > >* New upstream release > diff --git a/debian/control b/debian/control > index cedb1ec..0f6bdf7 100644 > --- a/debian/control > +++ b/debian/control > @@ -22,7 +22,7 @@ Build-Depends: debhelper-compat (= 13), > libtool-bin, > libltdl-dev, > pkg-config > -Standards-Version: 4.5.0 > +Standards-Version: 4.5.1 > Vcs-Browser: https://sourceforge.net/p/pinball/code/ci/master/tree/ > Vcs-Git: https://git.code.sf.net/p/pinball/code.git > Homepage: https://sourceforge.net/projects/pinball/ > @@ -51,7 +51,7 @@ Architecture: any > Depends: ${misc:Depends}, > libc6-dev, > pinball (= ${binary:Version}), > - libstdc++6-4.4-dev | libstdc++-dev > + libstdc++-10-dev | libstdc++-dev > Description: Development files for the Emilia Pinball Emulator > The Emilia Pinball Project is a pinball simulator for Linux and other Unix > systems. There are only two levels to play with, but they are very > addictive. The actual debdiff between the version currently in testing and unstable is a little bit more verbose: pinball (0.3.20201218-1) unstable; urgency=medium * New upstream release -- debian/control: Adopt package (Closes: #922911) -- debian: Drop applied patches -- debian/clean: Remove objects -- debian/clean: Clean generated files -- debian: Clean more files -- debian/copyright: List appdata copyright -- debian: Support gbp -- debian/control: Lint before upgrade -- debian/control: Remove non used libs -- debian/rules: use boostrap -- debian/control: Add pkg-config as dep -- debian/control: Drop libaa1-dev -- debian: Drop libtiff from deps -- debian: Prefer jpeg turbo -- debian: Clean README link -- debian/control: Suggests related packages -- debian: Add debian/upstream/metadata -- debian: Fix manual typos -- debian/copyright: Update upstream contact -- debian/control: Lint file -- debian/control: Update URL -- debian/control: Install libtool -- debian/upstream/metadata: Update code URL -- debian/copyright: Lint file - * Revert "debian: Add snapshot subpackage" - * debian/changelog: Adopt package for latest release (Closes: #922911) - * debian: Bump standards to current - * debian/watch: Update watch file version - * debian/copyright: use spaces rather than tabs to start continuation lines. - * debian/changelog: Fix day-of-week for changelog entry 0.3.1-7. - * debian/control: Fix maybe-not-arch-all-binnmuable lintian warning - * debian: Fix Repository URL - -- Philippe Coval Fri, 18 Dec 2020 22:43:37 +0100 + -- Philippe Coval Fri, 18 Dec 2020 17:53:27 +0100 diff -Nru pinball-0.3.20201218/debian/copyright pinball-0.3.20201218/debian/copyright --- pinball-0.3.20201218/debian/copyright 2020-12-18 20:46:47.0 + +++ pinball-0.3.20201218/debian/copyright 2021-03-18 11:06:12.0 + @@ -14,15 +14,15 @@ Files: debian/* Copyright: 2002 Didier Dhollande - 2002 Yann Dirson - 2004 Helge Kreutzmann - 2004 Matt Zimmerman - 2004-2010 Jochen Friedrich - 2006 Matthias Klose - 2011 Regis Boudin - 2014-2016 Markus Koschany - 2016 Neil Roeth - 2018 Innocent De Marchi + 2002 Yann Dirson + 2004 Helge Kreutzmann + 2004 Matt Zimmerman + 2004-2010 Jochen Friedrich + 2006 Matthias Klose + 2011 Regis Boudin + 2014-2016 Markus Koschany + 2016 Neil Roeth + 2018 Innocent De Marchi License: GPL-2 Files: pinball.appdata.xml and some smaller changes in debian/control. Were some changes from a previous version dropped by accident? Cheers -- Sebastian Ramacher
Processed: Re: Bug#985488: unblock: pinball/0.3.20201218-2
Processing control commands: > tags -1 + moreinfo Bug #985488 [release.debian.org] unblock: pinball/0.3.20201218-2 Added tag(s) moreinfo. -- 985488: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985488 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Re: 10.9 planning
Hey folks, On Mon, Mar 15, 2021 at 02:36:47PM +, Steve McIntyre wrote: >On Mon, Mar 15, 2021 at 12:33:15PM +, Adam Barratt wrote: >>Hi, >> >>It's that time again, when we should look at organising the next point >>release. >> >>Please could you confirm your availability, and any preferences, for >>the following: >> >>- March 27th >>- April 3rd >>- April 10th >> >>I'd prefer to avoid April 10th if possible, for slightly selfish >>reasons. :-) > >Any of those are possible, but I'#d much prefer the 27th if >possible. The 3rd is Easter weekend, and I do have tentative plans. AAARGH. Houston, we have a problem. I know that you've announced the 27th for the point release, but we're not going to have a new shim ready for then. We've been hard at work testing and fixing things for the last couple of weeks, but it's been slow going. We've *just* had a 15.3-rc3 release candidate published last night. Even if that all looks OK and we don't find any more bugs in testing (fingers crossed!), we're not going to have a proper 15.3 release ready to go for review/testing/signing in time for it to make it into a buster point release next weekend. Sorry. :-( -- Steve McIntyre, Cambridge, UK.st...@einval.com Is there anybody out there?
Bug#982311: buster-pu: package groff/1.22.4-3+deb10u1
On Sat, Mar 13, 2021 at 05:18:09PM +, Adam D. Barratt wrote: > On Mon, 2021-02-08 at 16:08 +, Colin Watson wrote: > > https://bugs.debian.org/982302 reports that groff/buster is built > > with references to ghostscript 9.26, despite 9.27 having been > > uploaded to buster in August 2020. I think the path of least > > resistance/risk would be to do a simple rebuild of groff against the > > new version. Would that be OK? > > Please go ahead; sorry for the delay. Uploaded, thanks. -- Colin Watson (he/him) [cjwat...@debian.org]
Bug#983527: buster-pu: package redis/5:5.0.3-4+deb10u3
Hi Adam, > > redis (5:5.0.3-4+deb10u3) buster; urgency=medium > > . > > * CVE-2021-21309: Fix a series of integer overflow issues on 32- > > bit systems. > > (Closes: #983446) > > > > Please go ahead. Thanks, done: Uploading redis_5.0.3-4+deb10u3.dsc Uploading redis_5.0.3.orig.tar.gz Uploading redis_5.0.3-4+deb10u3.debian.tar.xz Uploading redis-sentinel_5.0.3-4+deb10u3_amd64.deb Uploading redis-server_5.0.3-4+deb10u3_amd64.deb Uploading redis-tools-dbgsym_5.0.3-4+deb10u3_amd64.deb Uploading redis-tools_5.0.3-4+deb10u3_amd64.deb Uploading redis_5.0.3-4+deb10u3_all.deb Uploading redis_5.0.3-4+deb10u3_amd64.buildinfo Uploading redis_5.0.3-4+deb10u3_amd64.changes $ Best wishes, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org chris-lamb.co.uk `-
Uploading linux (5.10.24-1)
Hi I'm aiming to upload linux version 5.10.24-1 today or tomorrow. It imports stable versions up to 5.10.24 with an usual round of important bugfixes upstream, and including security fixes for CVE-2021-27363, CVE-2021-27364, CVE-2021-27365, CVE-2021-28038, CVE-2021-28039, CVE-2021-28375 and CVE-2021-28660. An ABI bump is included. There are as well a couple of changes on top included, which we think are still safe at this stage of the release preparation, even though in hard freeze (and in particular as well because we would need to rebase to further 5.10.y versions in upcoming bullseye point releases). * Bump ABI to 5 * [rt] Refresh "printk: remove logbuf_lock" * [rt] Refresh "printk: remove safe buffers" * [rt] Refresh "printk: remove deferred printing" * [rt] Refresh "mm/memcontrol: Replace local_irq_disable with local locks" * [rt] Update to 5.10.21-rt34 * Refresh "Include package version along with kernel release in stack traces" Those were needed due to the new upstream stable versions import. * bpf: Prohibit alu ops for pointer types not defining ptr_limit (CVE-2020-27170) * bpf: Fix off-by-one for area size in creating mask to left (CVE-2020-27171) * bpf: Simplify alu_limit masking for pointer arithmetic * bpf: Add sanity check for upper ptr_limit * bpf, selftests: Fix up some test_verifier cases for unprivileged The bpf fixes were cherry-picked as they are upcoming included for 5.10.25 and are needed to address CVE-2020-27170 and CVE-2020-27171. The selftest commit is just added for consistency. There is one change for improving "hardware support", enabling some PMU event monitoring on arm64, closing #981186, where I asked Wookey and Vincent if they can confirm. This might be included as well. Regards, Salvatore signature.asc Description: PGP signature
Bug#985495: unblock: sddm/0.19.0-3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: debian-qt-...@lists.debian.org Please unblock package sddm [ Reason ] SDDM currently has a bug where users having fish as their default shell don’t get proper sourcing of the standard /etc/profile and $HOME/.profile files. [ Impact ] Users with fish as their default shell get an incorrect environment setup. [ Tests ] - Manually tested the impact on environment variables of the versions before and after patch for a user with fish shell as default. - Used for a week with my usual user having bash as default shell and checked that I didn’t notice any impact. [ Risks ] The changes are in fish-specific branches of the code, and the commit is backported from upstream so I consider the risk to be very low. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] <3 <3 <3 unblock sddm/0.19.0-3 diff -Nru sddm-0.19.0/debian/changelog sddm-0.19.0/debian/changelog --- sddm-0.19.0/debian/changelog2020-11-09 20:38:45.0 +0100 +++ sddm-0.19.0/debian/changelog2021-03-17 22:41:58.0 +0100 @@ -1,3 +1,10 @@ +sddm (0.19.0-3) unstable; urgency=medium + + * Cherry-pick upstream commit to re-add sourcing of /etc/profile and +$HOME/.profile for users with fish as their default shell. + + -- Aurélien COUDERC Wed, 17 Mar 2021 22:41:58 +0100 + sddm (0.19.0-2) unstable; urgency=medium [ Norbert Preining ] diff -Nru sddm-0.19.0/debian/patches/series sddm-0.19.0/debian/patches/series --- sddm-0.19.0/debian/patches/series 2020-11-09 20:38:45.0 +0100 +++ sddm-0.19.0/debian/patches/series 2021-03-17 22:39:38.0 +0100 @@ -5,3 +5,4 @@ 05_add_debian_themes.diff 06_nvidia_prime_setup.diff upstream-2f034906d-use-only-basename-of-session.patch +upstream-8ad3c5afd-re-add-fish-profile-sourcing.diff diff -Nru sddm-0.19.0/debian/patches/upstream-8ad3c5afd-re-add-fish-profile-sourcing.diff sddm-0.19.0/debian/patches/upstream-8ad3c5afd-re-add-fish-profile-sourcing.diff --- sddm-0.19.0/debian/patches/upstream-8ad3c5afd-re-add-fish-profile-sourcing.diff 1970-01-01 01:00:00.0 +0100 +++ sddm-0.19.0/debian/patches/upstream-8ad3c5afd-re-add-fish-profile-sourcing.diff 2021-03-17 22:39:38.0 +0100 @@ -0,0 +1,31 @@ +Origin: https://github.com/sddm/sddm/commit/cf65e99eb8abfe2ee1ef7e2f7dc43862e83bf0ab +From: soredake +Date: Tue, 9 Mar 2021 07:28:11 + +Subject: Add fish /etc/profile and $HOME/.profile sourcing +--- +diff --git a/data/scripts/Xsession b/data/scripts/Xsession +index 54498101..d0c2605f 100755 +--- a/data/scripts/Xsession b/data/scripts/Xsession +@@ -39,6 +39,8 @@ case $SHELL in + rm -f $xsess_tmp + ;; + */fish) ++[ -f /etc/profile ] && . /etc/profile ++[ -f $HOME/.profile ] && . $HOME/.profile + xsess_tmp=`mktemp /tmp/xsess-env-XX` + $SHELL --login -c "/bin/sh -c 'export -p' > $xsess_tmp" + . $xsess_tmp +diff --git a/data/scripts/wayland-session b/data/scripts/wayland-session +index 1f905543..552a39f5 100755 +--- a/data/scripts/wayland-session b/data/scripts/wayland-session +@@ -43,6 +43,8 @@ case $SHELL in + rm -f $wlsess_tmp + ;; + */fish) ++[ -f /etc/profile ] && . /etc/profile ++[ -f $HOME/.profile ] && . $HOME/.profile + xsess_tmp=`mktemp /tmp/xsess-env-XX` + $SHELL --login -c "/bin/sh -c 'export -p' > $xsess_tmp" + . $xsess_tmp diff -Nru sddm-0.19.0/debian/wayland-session sddm-0.19.0/debian/wayland-session --- sddm-0.19.0/debian/wayland-session 2020-11-09 20:38:45.0 +0100 +++ sddm-0.19.0/debian/wayland-session 2021-03-17 22:41:25.0 +0100 @@ -36,9 +36,8 @@ rm -f $wlsess_tmp ;; */fish) -# Fish is not a POSIX 1003.1 compatible shell -# https://github.com/fish-shell/fish-shell/issues/3665 -# [ -f /etc/profile ] && . /etc/profile +[ -f /etc/profile ] && . /etc/profile +[ -f $HOME/.profile ] && . $HOME/.profile xsess_tmp=`mktemp /tmp/xsess-env-XX` $SHELL --login -c "/bin/sh -c 'export -p' > $xsess_tmp" . $xsess_tmp diff -Nru sddm-0.19.0/debian/Xsession sddm-0.19.0/debian/Xsession --- sddm-0.19.0/debian/Xsession 2020-11-09 20:38:45.0 +0100 +++ sddm-0.19.0/debian/Xsession 2021-03-17 22:39:38.0 +0100 @@ -38,9 +38,8 @@ rm -f $xsess_tmp ;; */fish) -# Fish is not a POSIX 1003.1 compatible shell -# https://github.com/fish-shell/fish-shell/issues/3665 -# [ -f /etc/profile ] && . /etc/profile +[ -f /etc/profile ] && . /etc/profile +[ -f $HOME/.profile ] && . $HOME/.profile xsess_tmp=`mktemp /tmp/xsess-env-XX` $SHELL --login -c "/bin/sh -c 'export -p' > $xsess_tmp" . $xsess_tmp
Bug#985488: unblock: pinball/0.3.20201218-2
diff --git a/debian/changelog b/debian/changelog index d89bef9..4d8dcd6 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +pinball (0.3.20201218-2) unstable; urgency=medium + + * d/control: Update preferred libstdc++ version (Closes: #985440) + * d/control: Update standards to latest + + -- Philippe Coval Thu, 18 Mar 2021 12:06:12 +0100 + pinball (0.3.20201218-1) unstable; urgency=medium * New upstream release diff --git a/debian/control b/debian/control index cedb1ec..0f6bdf7 100644 --- a/debian/control +++ b/debian/control @@ -22,7 +22,7 @@ Build-Depends: debhelper-compat (= 13), libtool-bin, libltdl-dev, pkg-config -Standards-Version: 4.5.0 +Standards-Version: 4.5.1 Vcs-Browser: https://sourceforge.net/p/pinball/code/ci/master/tree/ Vcs-Git: https://git.code.sf.net/p/pinball/code.git Homepage: https://sourceforge.net/projects/pinball/ @@ -51,7 +51,7 @@ Architecture: any Depends: ${misc:Depends}, libc6-dev, pinball (= ${binary:Version}), - libstdc++6-4.4-dev | libstdc++-dev + libstdc++-10-dev | libstdc++-dev Description: Development files for the Emilia Pinball Emulator The Emilia Pinball Project is a pinball simulator for Linux and other Unix systems. There are only two levels to play with, but they are very addictive.
Bug#985490: unblock: flamerobin/0.9.3.6-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package flamerobin Version 0.9.3.6-2 fixes a serious bug in handling dir->symlink and symlink->dir migration when the package is upgraded from stable (https://bugs.debian.org/985289). Full source debdiff attached. First I confirmed that the problem is present: removed the package, installed stable version (0.9.3~+20160512.c75f8618-2), upgraded to testing version (0.9.3.6-1), noted /usr/share/doc/flamerobin/html is still a symlink to /usr/share/flamerobin/docs instead of the reverse. Then I tested whether the new package fixes the problem: removed the package again, installed the stable version and upgraded to the proposed version (0.9.3.6-2). /usr/share/doc/flamerobin/html now is a directory, and /usr/share/flamerobin/docs is a symlink to it. This is the wanted state, and this is what happens if the proposed version is installed anew. I also checked that the small in-built documentation browser still finds its docs. unblock flamerobin/0.9.3.6-2 Thanks, dam diff -Nru flamerobin-0.9.3.6/debian/changelog flamerobin-0.9.3.6/debian/changelog --- flamerobin-0.9.3.6/debian/changelog 2021-01-11 10:07:02.0 +0200 +++ flamerobin-0.9.3.6/debian/changelog 2021-03-19 07:54:27.0 +0200 @@ -1,3 +1,25 @@ +flamerobin (0.9.3.6-2) unstable; urgency=medium + + * ensure proper migration from docs symlink to directory and vice versa +. +In 0.9.3.5-1 /usr/share/flamerobin/docs was moved to +/usr/share/doc/flamerobin/html with a symlink at the old location +. +Old state + /usr/share/doc/flamerobin/html -> ../../flamerobin/docs + /usr/share/flamerobin/docs -- a directory with HTML files +New state + /usr/share/doc/flamerobin/html -- a directory with HTML files + /usr/share/flamerobin/docs -> ../doc/flamerobin/html +. +Since dpkg won't do dir<->symlink conversions, add maintscript for the +two transitions. Also add Pre-Depends on dpkg 1.17.14 for maintscript +support. +. +Thanks to Andreas Beckmann for reporting (Closes: #985289) + + -- Damyan Ivanov Fri, 19 Mar 2021 05:54:27 + + flamerobin (0.9.3.6-1) unstable; urgency=medium * New upstream snapshot release diff -Nru flamerobin-0.9.3.6/debian/control flamerobin-0.9.3.6/debian/control --- flamerobin-0.9.3.6/debian/control 2021-01-11 10:02:34.0 +0200 +++ flamerobin-0.9.3.6/debian/control 2021-03-19 07:49:24.0 +0200 @@ -17,6 +17,7 @@ Package: flamerobin Architecture: any +Pre-Depends: dpkg (>= 1.17.14) Depends: ${shlibs:Depends}, ${misc:Depends} Suggests: firebird3.0-server Description: graphical database administration tool for Firebird DBMS diff -Nru flamerobin-0.9.3.6/debian/flamerobin.maintscript flamerobin-0.9.3.6/debian/flamerobin.maintscript --- flamerobin-0.9.3.6/debian/flamerobin.maintscript1970-01-01 02:00:00.0 +0200 +++ flamerobin-0.9.3.6/debian/flamerobin.maintscript2021-03-19 07:49:24.0 +0200 @@ -0,0 +1,3 @@ +symlink_to_dir /usr/share/doc/flamerobin/html ../../flamerobin/docs 0.9.3.4-1 + +dir_to_symlink /usr/share/flamerobin/docs ../doc/flamerobin/html 0.9.3.4-1
Bug#985488: unblock: pinball/0.3.20201218-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: r...@users.sf.net Please unblock package pinball [ Reason ] pinball has a RC bug due to a bad build dependency to libstdc++ [ Impact ] Unusable for Bullseye [ Tests ] Upstream provided no test for this game [ Risks ] No risk, the change is just a better build-dependency version [ Checklist ] [X] all changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in testing unblock pinball/0.3.20201218-2
Re: firmware-nonfree 20210208-1 upload
Dear release team, > thank you for unblocking 20210208-4 firmware-nofree. this landed in testing. (: > > or have it together with latest 20210315-1, which includes thoses fixes, > > but adds more support for intel iwlwifi/bluetooth and AMD green sardine > > support - (gpu seen on current lenovo laptops)? > > the latest hardware support with 20210315 is uploaded to experimental > for further processing. As experimental gives only mild coverage (tried to increase via bug pings), and that the additional hardware support would be great for upcoming bullseye, I plan to upload this weekend 20210315-1 to sid. The source diff is quite minor (mainly removing patches from 20210208-4 that went upstream) and the new additional hardware support. I will sent an unblock request once everything looks good. thank you. -- maks signature.asc Description: PGP signature