Bug#991728: unblock: gemma/0.98.4+dfsg-4
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: 991...@bugs.debian.org Please unblock package gemma [ Reason ] To fix RC bug #991652 some tests that were causes by rounding errors had to be disabled. The patch to do so was provided by upstream so we are sure that we are not blindly excluding valid tests. [ Impact ] Package would not build from source. [ Tests ] Build time tests and autopkgtests are working (now). [ Risks ] Gemma is a leaf package so the risk to affect other packages is low. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock gemma/0.98.4+dfsg-4 diff -Nru gemma-0.98.4+dfsg/debian/changelog gemma-0.98.4+dfsg/debian/changelog --- gemma-0.98.4+dfsg/debian/changelog 2021-04-07 16:28:38.0 +0200 +++ gemma-0.98.4+dfsg/debian/changelog 2021-07-30 21:53:57.0 +0200 @@ -1,3 +1,14 @@ +gemma (0.98.4+dfsg-4) unstable; urgency=medium + + * Team upload. + * Apply patch from upstream who explained: +changed/disabled some other tests (attached). The problem is that +different AMD64 CPUs together with OpenBlas simply give different +results (mostly SIMD differences). +Closes: #991652 + + -- Andreas Tille Fri, 30 Jul 2021 21:53:57 +0200 + gemma (0.98.4+dfsg-3) unstable; urgency=medium * Team upload. diff -Nru gemma-0.98.4+dfsg/debian/patches/exclude_assertions_failing_under_some_circumstances.patch gemma-0.98.4+dfsg/debian/patches/exclude_assertions_failing_under_some_circumstances.patch --- gemma-0.98.4+dfsg/debian/patches/exclude_assertions_failing_under_some_circumstances.patch 2021-04-07 16:28:38.0 +0200 +++ gemma-0.98.4+dfsg/debian/patches/exclude_assertions_failing_under_some_circumstances.patch 2021-07-30 21:53:57.0 +0200 @@ -51,3 +51,88 @@ } +--- a/test/test_suite.sh b/test/test_suite.sh +@@ -27,7 +27,7 @@ testBslmm2() { +-gk 1 -o $outn + assertEquals 0 $? + outfn=output/$outn.cXX.txt +-assertEquals "579.50" `perl -nle 'foreach $x (split(/\s+/,$_)) { $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' $outfn` ++assertEquals "580" `perl -nle 'foreach $x (split(/\s+/,$_)) { $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.0f",$sum }' $outfn` + } + + testBslmm3() { +@@ -76,7 +76,7 @@ testBslmm5() { +-o $outn -seed 100 + assertEquals 0 $? + outfn=output/$outn.prdt.txt +-assertEquals "571.08" `perl -nle 'foreach $x (split(/\s+/,$_)) { $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' $outfn` ++# assertEquals "571.08" `perl -nle 'foreach $x (split(/\s+/,$_)) { $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' $outfn` + } + + testCenteredRelatednessMatrixKFullLOCO1() { +@@ -88,7 +88,7 @@ testCenteredRelatednessMatrixKFullLOCO1( + assertEquals 0 $? + outfn=output/$outn.cXX.txt + assertEquals "1940" `wc -l < $outfn` +-assertEquals "2246.49" `perl -nle 'foreach $x (split(/\s+/,$_)) { $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' $outfn` ++# assertEquals "2247" `perl -nle 'foreach $x (split(/\s+/,$_)) { $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.0f",$sum }' $outfn` + } + + testUnivariateLinearMixedModelFullLOCO1() { +@@ -106,7 +106,7 @@ testUnivariateLinearMixedModelFullLOCO1( + assertEquals 0 $? + outfn=output/$outn.assoc.txt + assertEquals "951" `wc -l < $outfn` +-assertEquals "267507852.03" `perl -nle 'foreach $x (split(/\s+/,$_)) { $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' $outfn` ++# assertEquals "267507852.03" `perl -nle 'foreach $x (split(/\s+/,$_)) { $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' $outfn` + } + + testCenteredRelatednessMatrixK() { +@@ -118,7 +118,7 @@ testCenteredRelatednessMatrixK() { + assertEquals "1940" `wc -l < $outfn` + assertEquals "3763600" `wc -w < $outfn` + assertEquals "0.335" `head -c 5 $outfn` +-assertEquals "1119.60" `perl -nle 'foreach $x (split(/\s+/,$_)) { $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' $outfn` ++assertEquals "1120" `perl -nle 'foreach $x (split(/\s+/,$_)) { $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.0f",$sum }' $outfn` + } + + testUnivariateLinearMixedModel() { +@@ -134,7 +134,7 @@ testUnivariateLinearMixedModel() { + assertEquals 0 $? + outfn=output/mouse_hs1940_CD8_lmm.assoc.txt + assertEquals "129228" `wc -w < $outfn` +-assertEquals "4038540440.81" `perl -nle 'foreach $x (split(/\s+/,$_)) { $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' $outfn` ++# assertEquals "4038540440.81" `perl -nle 'foreach $x (split(/\s+/,$_)) { $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf
Bug#991618: marked as done (unblock: ldh-gui-suite/0.1~20200908-4)
Your message dated Fri, 30 Jul 2021 21:37:08 + with message-id and subject line unblock ldh-gui-suite has caused the Debian Bug report #991618, regarding unblock: ldh-gui-suite/0.1~20200908-4 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991618: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991618 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package ldh-gui-suite * update portuguese (pt) translation; closes: Bug#982318; thanks to Américo Monteiro * add spanish (es) translation; closes: Bug#988374; thanks to Camaleón * copyright info: update coverage (changes by Jonas Smedegaard) debian/changelog | 18 debian/copyright | 30 ++- debian/copyright_hints | 33 ++-- debian/po/es.po| 166 + debian/po/pt.po|9 -- 5 files changed, 241 insertions(+), 15 deletions(-) That's only translation and documentation updates. unblock ldh-gui-suite/0.1~20200908-4 diff -Nru ldh-gui-suite-0.1~20200908/debian/changelog ldh-gui-suite-0.1~20200908/debian/changelog --- ldh-gui-suite-0.1~20200908/debian/changelog 2021-01-17 12:11:40.0 +0200 +++ ldh-gui-suite-0.1~20200908/debian/changelog 2021-05-11 17:40:26.0 +0300 @@ -1,3 +1,21 @@ +ldh-gui-suite (0.1~20200908-4) unstable; urgency=medium + + * update spanish (es) translation; +see Bug#988374; thanks to Camaleón + * copyright info: update coverage + + -- Jonas Smedegaard Tue, 11 May 2021 16:40:26 +0200 + +ldh-gui-suite (0.1~20200908-3) unstable; urgency=medium + + * update portuguese (pt) translation; +closes: Bug#982318; thanks to Américo Monteiro + * add spanish (es) translation; +closes: Bug#988374; thanks to Camaleón + * copyright info: update coverage + + -- Jonas Smedegaard Tue, 11 May 2021 16:01:44 +0200 + ldh-gui-suite (0.1~20200908-2) unstable; urgency=medium * update german (de) translation; diff -Nru ldh-gui-suite-0.1~20200908/debian/copyright ldh-gui-suite-0.1~20200908/debian/copyright --- ldh-gui-suite-0.1~20200908/debian/copyright 2020-09-08 22:49:38.0 +0300 +++ ldh-gui-suite-0.1~20200908/debian/copyright 2021-05-11 17:40:10.0 +0300 @@ -26,8 +26,8 @@ Files: debian/* Copyright: - 2016-2019, Jonas Smedegaard - 2019, Purism, SPC + 2016-2019,2021, Jonas Smedegaard + 2019,2021, Purism, SPC License-Grant: This program is free software; you can redistribute it and/or modify it @@ -36,6 +36,32 @@ either version 3 of the License, or (at your option) any later version. License: GPL-3+ +Files: debian/po/es.po +Copyright: + 2021, Camaleón +License-Grant: + This file is distributed + under the same license as the ldh-gui-suite package. +License: GPL-3+ + +Files: debian/po/fr.po +Copyright: + 2019, Jean-Philippe MENGUAL +License-Grant: + This file is distributed + under the same license as the ldh-gui-suite package. +License: GPL-3+ +Comment: + Copyright holder is assumed from later comment + +Files: debian/po/nl.po +Copyright: + 2019, Frans Spiesschaert +License-Grant: + This file is distributed + under the same license as the ldh-gui-suite package. +License: GPL-3+ + License: AGPL-3+ GNU AFFERO GENERAL PUBLIC LICENSE Version 3, 19 November 2007 diff -Nru ldh-gui-suite-0.1~20200908/debian/copyright_hints ldh-gui-suite-0.1~20200908/debian/copyright_hints --- ldh-gui-suite-0.1~20200908/debian/copyright_hints 2020-09-09 11:50:44.0 +0300 +++ ldh-gui-suite-0.1~20200908/debian/copyright_hints 2021-05-11 17:40:26.0 +0300 @@ -39,13 +39,6 @@ License: UNKNOWN FIXME -Files: debian/po/de.po - debian/po/nl.po - debian/po/templates.pot -Copyright: YEAR THE PACKAGE'S COPYRIGHT HOLDER -License: UNKNOWN - FIXME - Files: configure.ac Copyright: 2019-2020, Jonas Smedegaard 2019-2020, Purism, SPC @@ -97,6 +90,20 @@ License: UNKNOWN FIXME +Files: debian/po/es.po +Copyright: 2021, Camaleón + jelo en blanco para utilizar el valor predeterminado (actualmente " + n se utilizará esta URI por otros programas. Debe ser el " + n se utilizará este nombre descriptivo por otros programas. Debe ser " + n se utilizará este nombre por otros programas. Debe ser un nombre de " +License: UNKNOWN + FIXME + +Files: debian/po/nl.po +Copyright: 2019, Frans Spiesschaert +License: UNKNOWN + FIXME + Files: debian/source/lintian-overrides Copyright: GPL-3+ gpl-3+ @@ -115,7 +122,7 @@ m usado por outros programas.
Bug#991659: marked as done (unblock: syncthing/1.12.1~ds1-4)
Your message dated Fri, 30 Jul 2021 21:35:36 + with message-id and subject line unblock syncthing has caused the Debian Bug report #991659, regarding unblock: syncthing/1.12.1~ds1-4 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991659: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991659 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package syncthing. [ Reason ] It contains a fix for #990330 which can lead to missing files on initial sync. Upstreams considers this bug important, and it was upstream that provided the patch in bug #990330. [ Impact ] Other than fixing the bug, none that I am aware of. Thank you for reviewing unblock requests :) -- Alexandre Viau av...@debian.org syncthing.debdiff Description: Binary data --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Bug#991667: marked as done (unblock: astropy/4.2-6)
Your message dated Fri, 30 Jul 2021 21:32:54 + with message-id and subject line unblock astropy has caused the Debian Bug report #991667, regarding unblock: astropy/4.2-6 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991667: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991667 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: oleb...@debian.org Please unblock package astropy [ Reason ] The upload fixes the RC bug #991654. [ Impact ] Astropy is a base astronomy package and a dependency of a big part of the debian-astro ecosystem. [ Tests ] The code is (almost) completely covered by automated build time and debci tests. [ Risks ] The change disables the conversion of a warning into an error during the test. There is no known risk for other packages. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock astropy/4.2-6 diff -Nru astropy-4.2/debian/changelog astropy-4.2/debian/changelog --- astropy-4.2/debian/changelog2021-02-12 11:05:34.0 +0100 +++ astropy-4.2/debian/changelog2021-07-29 18:12:43.0 +0200 @@ -1,3 +1,9 @@ +astropy (4.2-6) unstable; urgency=medium + + * Ignore IERSStaleWarning in pytest (Closes: #991654) + + -- Ole Streicher Thu, 29 Jul 2021 18:12:43 +0200 + astropy (4.2-5) unstable; urgency=medium * Fix leap second update when using a non english locale diff -Nru astropy-4.2/debian/patches/Updated-tests-to-WCSLIB-7.4.patch astropy-4.2/debian/patches/Updated-tests-to-WCSLIB-7.4.patch --- astropy-4.2/debian/patches/Updated-tests-to-WCSLIB-7.4.patch 2021-02-12 11:05:29.0 +0100 +++ astropy-4.2/debian/patches/Updated-tests-to-WCSLIB-7.4.patch 2021-07-29 18:12:43.0 +0200 @@ -220,13 +220,13 @@ for kw in keys_to_remove: if kw in header: diff --git a/setup.cfg b/setup.cfg -index b22d12d..c499c0a 100644 +index 76a186e..7de7eb4 100644 --- a/setup.cfg +++ b/setup.cfg -@@ -134,6 +134,7 @@ filterwarnings = - ignore:The toolz.compatibility module is no longer needed:DeprecationWarning +@@ -135,6 +135,7 @@ filterwarnings = ignore:parallel reading does not currently work, so falling back to serial ignore::DeprecationWarning + ignore::astropy.utils.iers.iers.IERSStaleWarning +ignore:'datfix' made the change:astropy.wcs.wcs.FITSFixedWarning doctest_norecursedirs = */setup_package.py diff -Nru astropy-4.2/debian/patches/Weaken-leap-second-validity-requirement-for-tests.patch astropy-4.2/debian/patches/Weaken-leap-second-validity-requirement-for-tests.patch --- astropy-4.2/debian/patches/Weaken-leap-second-validity-requirement-for-tests.patch 2021-02-12 11:05:29.0 +0100 +++ astropy-4.2/debian/patches/Weaken-leap-second-validity-requirement-for-tests.patch 2021-07-29 18:12:43.0 +0200 @@ -4,7 +4,8 @@ --- astropy/utils/iers/tests/test_leap_second.py | 5 + - 1 file changed, 1 insertion(+), 4 deletions(-) + setup.cfg| 1 + + 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/astropy/utils/iers/tests/test_leap_second.py b/astropy/utils/iers/tests/test_leap_second.py index ce19225..b2c9624 100644 @@ -22,3 +23,15 @@ self._auto_open_files = iers.LeapSeconds._auto_open_files.copy() def teardown(self): +diff --git a/setup.cfg b/setup.cfg +index b22d12d..76a186e 100644 +--- a/setup.cfg b/setup.cfg +@@ -134,6 +134,7 @@ filterwarnings = + ignore:The toolz.compatibility module is no longer needed:DeprecationWarning + ignore:parallel reading does not currently work, so falling back to serial + ignore::DeprecationWarning ++ignore::astropy.utils.iers.iers.IERSStaleWarning + doctest_norecursedirs = + */setup_package.py + doctest_subpackage_requires = --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Bug#991674: marked as done (unblock: python-uflash/1.2.4+dfsg-8)
Your message dated Fri, 30 Jul 2021 21:32:02 + with message-id and subject line unblock python-uflash has caused the Debian Bug report #991674, regarding unblock: python-uflash/1.2.4+dfsg-8 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991674: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991674 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package python-uflash [ Reason ] The upload fixes RC bug #991280. Source package python-uflash provides a convenience package (firmware-microbit-micropython-dl) which downloads a pre-compiled MicroPython runtime for the micro:bit computer. The downloaded file is checksummed to ensure it is compatible with the installed version of python3-uflash; the package will fail to install on checksum error (as seen in the bug report). During the bullseye hard freeze, upstream replaced this file with a new runtime that supports a new version of the micro:bit computer that is not supported by our packages in bullseye. The changed file has a different checksum, and fails to install, causing the package installation to abort. Bug report #991280 was received after bullseye went into full freeze. [ Impact ] Very serious for users of mu-editor, as the editor would be removed from bullseye as a result of its dependency on python3-uflash. mu-editor is a popular editor used globally by children and adults learning Python, with increasing popularity indicated by popcon. Bullseye provides the separate firmware-microbit-micropython package, which is a Recommended dependency of python3-uflash and which almost all users will install. Only a tiny proportion of users install the affected -dl package. However, all mu-editor users will be affected if the updated package does not migrate and mu-editor is removed from bullseye. [ Tests ] The firmware-microbit-micropython-dl binary package has been tested locally to ensure that it downloads the correct runtime file. There are no upstream code changes at all; autopkgtests are unaffected and still pass. [ Risks ] The debdiff is trivial: one updated URL to ensure the correct file is downloaded on package installation. There are no changes to any upstream code. No other packages are impacted by this change. The affected binary package (firmware-microbit-micropython-dl) is a leaf package, and is only Suggested by python3-uflash. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] The offending binary package (firmware-microbit-micropython-dl) was added to Debian during the buster development cycle to improve the end-user experience whilst the firmware-microbit-micropython package was being developed. Most mu-editor/uflash users will not install it. unblock python-uflash/1.2.4+dfsg-8 diff -Nru python-uflash-1.2.4+dfsg/debian/changelog python-uflash-1.2.4+dfsg/debian/changelog --- python-uflash-1.2.4+dfsg/debian/changelog 2021-02-07 09:27:01.0 + +++ python-uflash-1.2.4+dfsg/debian/changelog 2021-07-30 04:26:04.0 +0100 @@ -1,3 +1,10 @@ +python-uflash (1.2.4+dfsg-8) unstable; urgency=medium + + * d/firmware-microbit-micropython-dl.postinst: +- Update firmware URL (Closes: #991280) + + -- Nick Morrott Fri, 30 Jul 2021 04:26:04 +0100 + python-uflash (1.2.4+dfsg-7) unstable; urgency=medium * d/python-uflash-doc.links: diff -Nru python-uflash-1.2.4+dfsg/debian/firmware-microbit-micropython-dl.postinst python-uflash-1.2.4+dfsg/debian/firmware-microbit-micropython-dl.postinst --- python-uflash-1.2.4+dfsg/debian/firmware-microbit-micropython-dl.postinst 2021-02-07 09:27:01.0 + +++ python-uflash-1.2.4+dfsg/debian/firmware-microbit-micropython-dl.postinst 2021-07-30 04:26:04.0 +0100 @@ -4,7 +4,7 @@ # Adapted from firmware downloader for bladeRF (source package: bladerf) -UPSTREAM='https://raw.githubusercontent.com/ntoll/uflash/master/firmware.hex' +UPSTREAM='https://github.com/ntoll/uflash/raw/867468d386da0aa20212b69a152ce8bfc0972366/firmware.hex' CHECKSUM='81d92bccd9f26046aa3ba6a43ec553e0' DATAFILE='/usr/share/firmware-microbit-micropython/firmware.hex' DESCRIPT='micro:bit MicroPython runtime' --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Bug#991661: marked as done (unblock: node-superagent/6.1.0-4)
Your message dated Fri, 30 Jul 2021 21:30:14 + with message-id and subject line unblock node-superagent has caused the Debian Bug report #991661, regarding unblock: node-superagent/6.1.0-4 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991661: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991661 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package node-superagent [ Reason ] node-superagent fails to rebuild because it checks if node-caniuse-lite is the latest available version (#991656). [ Impact ] FTBFS [ Tests ] Test passed (both build & autopkgtest) [ Risks ] No risk. Patch only avoid checking for last node-caniuse-lite/node-caniuse-db [ Checklist ] [X] all changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in testing Cheers, Yadd unblock node-superagent/6.1.0-4 diff --git a/debian/changelog b/debian/changelog index c548473..9195095 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,14 @@ +node-superagent (6.1.0-4) unstable; urgency=medium + + [ Yadd ] + * Fix GitHub tags regex + * Uploaders: replace Leo Iannacone by myself, thanks for your work! + + [ Pirate Praveen ] + * Drop browsers option in .lib.babelrc file (Closes: #991656) + + -- Yadd Thu, 29 Jul 2021 22:01:16 +0200 + node-superagent (6.1.0-3) unstable; urgency=medium * Team upload diff --git a/debian/control b/debian/control index 032f1c5..9f6ccd3 100644 --- a/debian/control +++ b/debian/control @@ -3,7 +3,7 @@ Section: javascript Testsuite: autopkgtest-pkg-nodejs Priority: optional Maintainer: Debian Javascript Maintainers -Uploaders: Leo Iannacone +Uploaders: Yadd Build-Depends: debhelper-compat (= 13) , dh-sequence-nodejs , node-babel7 diff --git a/debian/copyright b/debian/copyright index ac0162e..b6cf45a 100644 --- a/debian/copyright +++ b/debian/copyright @@ -22,7 +22,7 @@ License: Expat Files: debian/* Copyright: 2014 Leo Iannacone - 2019, Xavier Guimard + 2019, Yadd License: Expat Files: debian/tests/test_modules/append-field/* diff --git a/debian/patches/remove-browsers-option-in-babelrc.patch b/debian/patches/remove-browsers-option-in-babelrc.patch new file mode 100644 index 000..abed9ee --- /dev/null +++ b/debian/patches/remove-browsers-option-in-babelrc.patch @@ -0,0 +1,23 @@ +Description: Drop targets option to force .browserslistrc file +Author: Pirate Praveen +Bug-Debian: https://bugs.debian.org/991656 +Forwarded: not-needed +Reviewed-By: Yadd +Last-update: 2021-07-29 + +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991656 + +--- a/.lib.babelrc b/.lib.babelrc +@@ -1,11 +1,3 @@ + { +- "presets": [ +-["@babel/env", { +- "targets": { +-"node": "6.4.0", +-"browsers": [ "> 1%", "last 2 versions", "ie 9" ] +- } +-}] +- ], + "sourceMaps": "inline" + } diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 000..afa1432 --- /dev/null +++ b/debian/patches/series @@ -0,0 +1 @@ +remove-browsers-option-in-babelrc.patch diff --git a/debian/watch b/debian/watch index 24bcf2b..07e16a3 100644 --- a/debian/watch +++ b/debian/watch @@ -2,7 +2,7 @@ version=4 opts=\ dversionmangle=auto,\ filenamemangle=s/.*\/v?([\d\.-]+)\.tar\.gz/node-superagent-$1.tar.gz/ \ - https://github.com/visionmedia/superagent/tags .*/archive/v?([\d\.]+).tar.gz + https://github.com/visionmedia/superagent/tags .*/archive/.*/v?([\d\.]+).tar.gz # It is not recommended use npmregistry. Please investigate more. # Take a look at https://wiki.debian.org/debian/watch/ --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Bug#991724: unblock: python-fakeredis/1.4.5-4
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package python-fakeredis [ Reason ] The last upstream release of Redis (with security updates) changed the semantics of the SINTER[STORE] commands. This broke the autopkgtests of python-fakeredis which compared the results against the real Redis. [ Impact ] Currently the security update of Redis is blocked from migrating to testing and would need help.. [ Tests ] fakeredis has a big test suite and I did some manual tests as well. [ Risks ] The change is a behaviour change but Redis upstream considers it more correct: https://github.com/redis/redis/issues/9273 Given that fakeredis tries to mimic the Redis behaviour and the change is pretty minimal, I think the risk is rather small. I've tested the only reverse build dependency in the archive (cachy) to build fine with the new fakeredis version. Also fakeredis upstream acknowledged the patch: https://github.com/jamesls/fakeredis/pull/303 [ Checklist ] [X] all changes are documented in the d/changelog and in the patch [X] I reviewed all changes and I approve them [X] attach debdiff against the package in testing unblock python-fakeredis/1.4.5-4 diff --git a/debian/changelog b/debian/changelog index 820c656..0aad551 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,17 @@ +python-fakeredis (1.4.5-4) unstable; urgency=medium + + * Team upload. + * Bump tests dependency for new Redis behaviour + + -- Jochen Sprickerhof Fri, 30 Jul 2021 22:40:47 +0200 + +python-fakeredis (1.4.5-3) unstable; urgency=medium + + * Team upload. + * Add patch for new Redis 6.0.15 SINTER behaviour (Closes: #991451) + + -- Jochen Sprickerhof Fri, 30 Jul 2021 14:32:28 +0200 + python-fakeredis (1.4.5-2) unstable; urgency=medium * Lift pytest version cap. diff --git a/debian/patches/0002-SINTER-STORE-requires-keys-to-be-sets.patch b/debian/patches/0002-SINTER-STORE-requires-keys-to-be-sets.patch new file mode 100644 index 000..0e3fccb --- /dev/null +++ b/debian/patches/0002-SINTER-STORE-requires-keys-to-be-sets.patch @@ -0,0 +1,56 @@ +From: Jochen Sprickerhof +Date: Fri, 30 Jul 2021 13:50:25 +0200 +Subject: SINTER[STORE] requires keys to be sets + +Starting with Redis 6.0.15 this behaviour changed. +The definition of SINTER[STORE] states: + +"Keys that do not exist are considered to be empty sets." + +At the same time SINTER only accepts set: + +"intersection of all the given sets" + +Both quotes from: https://redis.io/commands/sinter. + +The behaviour of Redis 6.0.14 was that it ignored the type of later keys +if it found an empty set and returned that. Radis 6.0.15 changed this +behaviour to return a WRONGTYPE if it finds a non set key in the +arguments. + +Example to reproduce: + +127.0.0.1:6379> FLUSHALL +OK +127.0.0.1:6379> SINTER a b +(empty array) +127.0.0.1:6379> SET b something +OK +127.0.0.1:6379> SINTER a b +(error) WRONGTYPE Operation against a key holding the wrong kind of value + +Cf. https://github.com/redis/redis/issues/9273. +--- + fakeredis/_server.py | 6 ++ + 1 file changed, 2 insertions(+), 4 deletions(-) + +diff --git a/fakeredis/_server.py b/fakeredis/_server.py +index f408ab7..a4f8599 100644 +--- a/fakeredis/_server.py b/fakeredis/_server.py +@@ -1866,13 +1866,11 @@ class FakeSocket: + def sdiffstore(self, dst, *keys): + return self._setop(lambda a, b: a - b, False, dst, *keys) + +-# The following keys can't be marked as sets because of the +-# stop_if_empty early-out. +-@command((Key(set),), (Key(),)) ++@command((Key(set),), (Key(set),)) + def sinter(self, *keys): + return self._setop(lambda a, b: a & b, True, None, *keys) + +-@command((Key(), Key(set)), (Key(),)) ++@command((Key(), Key(set)), (Key(set),)) + def sinterstore(self, dst, *keys): + return self._setop(lambda a, b: a & b, True, dst, *keys) + diff --git a/debian/patches/series b/debian/patches/series index d448f15..87b0361 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1 +1,2 @@ skip-flaky-test.patch +0002-SINTER-STORE-requires-keys-to-be-sets.patch diff --git a/debian/tests/control b/debian/tests/control index 91f1d97..9e7c574 100644 --- a/debian/tests/control +++ b/debian/tests/control @@ -12,6 +12,6 @@ Depends: python3-setuptools, python3-six, python3-sortedcontainers, - redis-server, + redis-server (>= 5:6.0.15), Restrictions: allow-stderr, isolation-container Test-Command: set -e; for py in $(py3versions -i); do echo "[*] testing on $py:"; $py -Wd -m pytest -v -x --ignore=test/test_aioredis.py 2>&1; done
Bug#991716: unblock: neomutt/20201127+dfsg.1-1.2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package neomutt. It fixes a security issue, which was already fixed in buster. Debdiff below. unblock neomutt/20201127+dfsg.1-1.2 Cheers, Moritz diff -Nru neomutt-20201127+dfsg.1/debian/changelog neomutt-20201127+dfsg.1/debian/changelog --- neomutt-20201127+dfsg.1/debian/changelog2021-03-16 20:37:31.0 +0100 +++ neomutt-20201127+dfsg.1/debian/changelog2021-07-29 23:13:20.0 +0200 @@ -1,3 +1,10 @@ +neomutt (20201127+dfsg.1-1.2) unstable; urgency=medium + + * Non-maintainer upload. + * Fix CVE-2021-32055 (Closes: #988107) + + -- Moritz Muehlenhoff Thu, 29 Jul 2021 23:13:20 +0200 + neomutt (20201127+dfsg.1-1.1) unstable; urgency=medium * Non-maintainer upload. diff -Nru neomutt-20201127+dfsg.1/debian/patches/series neomutt-20201127+dfsg.1/debian/patches/series --- neomutt-20201127+dfsg.1/debian/patches/series 2021-03-16 20:37:31.0 +0100 +++ neomutt-20201127+dfsg.1/debian/patches/series 2021-07-29 23:13:12.0 +0200 @@ -4,3 +4,4 @@ misc/smime.rc.patch upstream/981306-mime-forwarding.patch upstream/redraw-on-sigwinch.patch +upstream/CVE-2021-32055.patch diff -Nru neomutt-20201127+dfsg.1/debian/patches/upstream/CVE-2021-32055.patch neomutt-20201127+dfsg.1/debian/patches/upstream/CVE-2021-32055.patch --- neomutt-20201127+dfsg.1/debian/patches/upstream/CVE-2021-32055.patch 1970-01-01 01:00:00.0 +0100 +++ neomutt-20201127+dfsg.1/debian/patches/upstream/CVE-2021-32055.patch 2021-07-29 23:12:31.0 +0200 @@ -0,0 +1,34 @@ +From fa1db5785e5cfd9d3cd27b7571b9fe268d2ec2dc Mon Sep 17 00:00:00 2001 +From: Kevin McCarthy +Date: Mon, 3 May 2021 13:11:30 -0700 +Subject: [PATCH] Fix seqset iterator when it ends in a comma + +If the seqset ended with a comma, the substr_end marker would be just +before the trailing nul. In the next call, the loop to skip the +marker would iterate right past the end of string too. + +The fix is simple: place the substr_end marker and skip past it +immediately. +--- + imap/util.c | 4 +--- + 1 file changed, 1 insertion(+), 3 deletions(-) + +diff --git a/imap/util.c b/imap/util.c +index 52aff7da0a..27fb862954 100644 +--- a/imap/util.c b/imap/util.c +@@ -1119,13 +1119,11 @@ int mutt_seqset_iterator_next(struct SeqsetIterator *iter, unsigned int *next) + if (iter->substr_cur == iter->eostr) + return 1; + +-while (!*(iter->substr_cur)) +- iter->substr_cur++; + iter->substr_end = strchr(iter->substr_cur, ','); + if (!iter->substr_end) + iter->substr_end = iter->eostr; + else +- *(iter->substr_end) = '\0'; ++ *(iter->substr_end++) = '\0'; + + char *range_sep = strchr(iter->substr_cur, ':'); + if (range_sep)
Bug#991703: unblock: openjdk-11/11.0.12+7-2
Hi Paul, Le 2021-07-30 15:29, Paul Gevers a écrit : Matthias is asking for an unblock of openjdk-11, but it breaks openjdk-11-jre-dcevm. Are you in the position to fix this soon? I'll give it a look. I was considering a stable update after the release but if it's still time to update it before the release I'll do it. As I understand it, this version is a release version. I would have expected from you that you're on top of this and that you would have uploaded openjdk-11-jre-dcevm already. Otherwise I'm not sure if it makes sense to ship openjdk-11-jre-dcevm in a stable release anyways, because it will constantly be broken by newer versions of openjdk-11. Or am I misunderstanding the situation? DCEVM is a development tools, it's not the end of the world if it lags a bit behind OpenJDK. Fortunately it's not always broken by OpenJDK updates. Emmanuel Bourg
Bug#991707: marked as done (unblock: nodejs/12.22.4~dfsg-1)
Your message dated Fri, 30 Jul 2021 16:32:35 +0200 with message-id and subject line Re: Bug#991707: Acknowledgement (unblock: nodejs/12.22.4~dfsg-1) has caused the Debian Bug report #991707, regarding unblock: nodejs/12.22.4~dfsg-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991707: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991707 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: secur...@debian.org Please unblock package nodejs [ Reason ] Debian security team plans to upload nodejs security updates "as-is", at least while upstream still maintain nodejs 12.x. This is what was done in Buster. Latest security update is 12.22.4 (severity high). I did not try to get nodejs > 12.21.0 into bullseye up until now because upstream changes were essentially not concerning the debian package. However the 12.22.4 release has many v8 fixes, and a security fix (high). [ Impact ] If not in Bullseye, it will require users to download nodejs a second time just after installation, through security updates. So it will postpone any issue post-release. [ Tests ] Usual thorough upstream test suite + all dependents packages tests. [ Risks ] Low, but when considering the regressions i saw false positives: - node-chokidar seems to have a flaky test - node-esquery, node-caniuse-api, node-browserslist suites fail on their own, for an unrelated problem - node-websocket-driver was already broken, probably for a long time. I opened #991700 and will ask its removal from testing. Also an undocumented internal api has been deprecated, and old modules trying accessing it will now print a warning (process.binding('http_parser')). Only node-websocket-driver is actually using it... A code search shows node-http-signature, node-fastcgi are using it in their test suites, but it doesn't pose any problem. https://codesearch.debian.net/search?q=process%5C.binding%5C%28%5B%27%22%5Dhttp_parser%5B%27%22%5D%5C%29=0 [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] debdiff is without deps/cares (not used), deps/openssl (not used), test/*, benchmark/*, tools/msvs/*. Still waiting for armhf test results when writing this request. unblock nodejs/12.22.4~dfsg-1 diff -Nru --exclude '*.md' --exclude '*.html' --exclude '*.json' --exclude '*.ts' nodejs-12.21.0~dfsg/common.gypi nodejs-12.22.4~dfsg/common.gypi --- nodejs-12.21.0~dfsg/common.gypi 2021-02-23 03:58:04.0 +0100 +++ nodejs-12.22.4~dfsg/common.gypi 2021-07-29 12:35:21.0 +0200 @@ -34,7 +34,7 @@ # Reset this number to 0 on major V8 upgrades. # Increment by one for each non-official patch applied to deps/v8. -'v8_embedder_string': '-node.45', +'v8_embedder_string': '-node.56', # V8 defaults for Node.js # diff -Nru --exclude '*.md' --exclude '*.html' --exclude '*.json' --exclude '*.ts' nodejs-12.21.0~dfsg/debian/changelog nodejs-12.22.4~dfsg/debian/changelog --- nodejs-12.21.0~dfsg/debian/changelog2021-07-03 20:50:29.0 +0200 +++ nodejs-12.22.4~dfsg/debian/changelog2021-07-30 01:02:46.0 +0200 @@ -1,3 +1,12 @@ +nodejs (12.22.4~dfsg-1) unstable; urgency=medium + + * New upstream version 12.22.4~dfsg +Fixed vulnerabilities: ++ CVE-2021-22930: Use after free on close http2 + on stream canceling (High) + + -- Jérémy Lal Fri, 30 Jul 2021 01:02:46 +0200 + nodejs (12.21.0~dfsg-5) unstable; urgency=medium * Patch uvwasi.gyp to honour --shared-libuv. Closes: #990569. diff -Nru --exclude '*.md' --exclude '*.html' --exclude '*.json' --exclude '*.ts' nodejs-12.21.0~dfsg/deps/cjs-module-lexer/lexer.js nodejs-12.22.4~dfsg/deps/cjs-module-lexer/lexer.js --- nodejs-12.21.0~dfsg/deps/cjs-module-lexer/lexer.js 2021-02-23 03:58:04.0 +0100 +++ nodejs-12.22.4~dfsg/deps/cjs-module-lexer/lexer.js 2021-07-29 12:35:21.0 +0200 @@ -37,8 +37,6 @@ const ExportAssign = 1; const ExportStar = 2; -const strictReserved = new Set(['implements', 'interface', 'let', 'package', 'private', 'protected', 'public', 'static', 'yield', 'enum']); - function parseCJS (source, name = '@') { resetState(); try { @@ -49,14 +47,39 @@ e.loc = pos; throw e; } - const result = { exports: [..._exports].filter(expt => !unsafeGetters.has(expt)), reexports: [...reexports] }; + const result = {
Bug#991709: unblock: python-defaults/2.7.18-3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package python-defaults (just uploaded, so needs few more days but hopefully it will make it into Bullseye) [ Reason ] pyclean and pycomile scripts (and debpython module stripped down to code needed by mentioned scripts) were accidentally removed in 2.7.18-1 from python2-minimal package. There's a fallback code in maintainer scripts (in python-foo packages) so nobody noticed for almost a year but fortunately Jakub Wilk pinged us about the problem. [ Impact ] We're almost done with removing Python 2.X stack, but these scripts are still used and cover few more cases than the fallback code. At least pyclean will be used a lot while removing old packages. unblock python-defaults/2.7.18-3 diff -Nru python-defaults-2.7.18/debian/changelog python-defaults-2.7.18/debian/changelog --- python-defaults-2.7.18/debian/changelog 2020-08-04 10:22:34.0 +0200 +++ python-defaults-2.7.18/debian/changelog 2021-07-28 13:17:06.0 +0200 @@ -1,3 +1,9 @@ +python-defaults (2.7.18-3) unstable; urgency=medium + + * Install pycompile and pyclean accidentally removed in -1 + + -- Piotr Ożarowski Wed, 28 Jul 2021 13:17:06 +0200 + python-defaults (2.7.18-2) unstable; urgency=medium * Don't ship a duplicate README.Debian in python2-doc. Closes: #966823. diff -Nru python-defaults-2.7.18/debian/rules python-defaults-2.7.18/debian/rules --- python-defaults-2.7.18/debian/rules 2020-08-04 10:20:50.0 +0200 +++ python-defaults-2.7.18/debian/rules 2021-07-28 13:16:09.0 +0200 @@ -112,6 +112,7 @@ dh_testroot # dh_installdirs -ppython usr/share/doc/python dh_install + DESTDIR=debian/python2-minimal PREFIX=/usr make install-runtime touch stamp-install signature.asc Description: PGP signature
Bug#991708: RM: node-websocket-driver/0.3.5-1.1 -- RC-buggy, ROM
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm X-Debbugs-Cc: 991...@bugs.debian.org This package is too buggy. See #991700 for details. Reverse deps and build-deps: node-faye-websocket Reverse deps and build-deps of node-faye-websocket: none Do i need to RM node-faye-websocket too ? Jérémy
Bug#991703: unblock: openjdk-11/11.0.12+7-2
Hi Emmanuel, On 30-07-2021 14:41, Matthias Klose wrote: > Please unblock openjdk-11, the next openjdk-11 security release. That could be > done as a security update as well, the unblock would just avoid that extra > work. > > The only packaging change is to mark the early-access version in the Debian > package versions, which is a no-op for the final release build. Matthias is asking for an unblock of openjdk-11, but it breaks openjdk-11-jre-dcevm. Are you in the position to fix this soon? As I understand it, this version is a release version. I would have expected from you that you're on top of this and that you would have uploaded openjdk-11-jre-dcevm already. Otherwise I'm not sure if it makes sense to ship openjdk-11-jre-dcevm in a stable release anyways, because it will constantly be broken by newer versions of openjdk-11. Or am I misunderstanding the situation? Paul OpenPGP_signature Description: OpenPGP digital signature
Bug#991707: unblock: nodejs/12.22.4~dfsg-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: secur...@debian.org Please unblock package nodejs [ Reason ] Debian security team plans to upload nodejs security updates "as-is", at least while upstream still maintain nodejs 12.x. This is what was done in Buster. Latest security update is 12.22.4 (severity high). I did not try to get nodejs > 12.21.0 into bullseye up until now because upstream changes were essentially not concerning the debian package. However the 12.22.4 release has many v8 fixes, and a security fix (high). [ Impact ] If not in Bullseye, it will require users to download nodejs a second time just after installation, through security updates. So it will postpone any issue post-release. [ Tests ] Usual thorough upstream test suite + all dependents packages tests. [ Risks ] Low, but when considering the regressions i saw false positives: - node-chokidar seems to have a flaky test - node-esquery, node-caniuse-api, node-browserslist suites fail on their own, for an unrelated problem - node-websocket-driver was already broken, probably for a long time. I opened #991700 and will ask its removal from testing. Also an undocumented internal api has been deprecated, and old modules trying accessing it will now print a warning (process.binding('http_parser')). Only node-websocket-driver is actually using it... A code search shows node-http-signature, node-fastcgi are using it in their test suites, but it doesn't pose any problem. https://codesearch.debian.net/search?q=process%5C.binding%5C%28%5B%27%22%5Dhttp_parser%5B%27%22%5D%5C%29=0 [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] debdiff is without deps/cares (not used), deps/openssl (not used), test/*, benchmark/*, tools/msvs/*. Still waiting for armhf test results when writing this request. unblock nodejs/12.22.4~dfsg-1 diff -Nru --exclude '*.md' --exclude '*.html' --exclude '*.json' --exclude '*.ts' nodejs-12.21.0~dfsg/common.gypi nodejs-12.22.4~dfsg/common.gypi --- nodejs-12.21.0~dfsg/common.gypi 2021-02-23 03:58:04.0 +0100 +++ nodejs-12.22.4~dfsg/common.gypi 2021-07-29 12:35:21.0 +0200 @@ -34,7 +34,7 @@ # Reset this number to 0 on major V8 upgrades. # Increment by one for each non-official patch applied to deps/v8. -'v8_embedder_string': '-node.45', +'v8_embedder_string': '-node.56', # V8 defaults for Node.js # diff -Nru --exclude '*.md' --exclude '*.html' --exclude '*.json' --exclude '*.ts' nodejs-12.21.0~dfsg/debian/changelog nodejs-12.22.4~dfsg/debian/changelog --- nodejs-12.21.0~dfsg/debian/changelog2021-07-03 20:50:29.0 +0200 +++ nodejs-12.22.4~dfsg/debian/changelog2021-07-30 01:02:46.0 +0200 @@ -1,3 +1,12 @@ +nodejs (12.22.4~dfsg-1) unstable; urgency=medium + + * New upstream version 12.22.4~dfsg +Fixed vulnerabilities: ++ CVE-2021-22930: Use after free on close http2 + on stream canceling (High) + + -- Jérémy Lal Fri, 30 Jul 2021 01:02:46 +0200 + nodejs (12.21.0~dfsg-5) unstable; urgency=medium * Patch uvwasi.gyp to honour --shared-libuv. Closes: #990569. diff -Nru --exclude '*.md' --exclude '*.html' --exclude '*.json' --exclude '*.ts' nodejs-12.21.0~dfsg/deps/cjs-module-lexer/lexer.js nodejs-12.22.4~dfsg/deps/cjs-module-lexer/lexer.js --- nodejs-12.21.0~dfsg/deps/cjs-module-lexer/lexer.js 2021-02-23 03:58:04.0 +0100 +++ nodejs-12.22.4~dfsg/deps/cjs-module-lexer/lexer.js 2021-07-29 12:35:21.0 +0200 @@ -37,8 +37,6 @@ const ExportAssign = 1; const ExportStar = 2; -const strictReserved = new Set(['implements', 'interface', 'let', 'package', 'private', 'protected', 'public', 'static', 'yield', 'enum']); - function parseCJS (source, name = '@') { resetState(); try { @@ -49,14 +47,39 @@ e.loc = pos; throw e; } - const result = { exports: [..._exports].filter(expt => !unsafeGetters.has(expt)), reexports: [...reexports] }; + const result = { exports: [..._exports].filter(expt => expt !== undefined && !unsafeGetters.has(expt)), reexports: [...reexports].filter(reexpt => reexpt !== undefined) }; resetState(); return result; } -function addExport (name) { - if (!strictReserved.has(name)) -_exports.add(name); +function decode (str) { + if (str[0] === '"' || str[0] === '\'') { +try { + const decoded = (0, eval)(str); + // Filter to exclude non-matching UTF-16 surrogate strings + for (let i = 0; i < decoded.length; i++) { +const surrogatePrefix = decoded.charCodeAt(i) & 0xFC00; +if (surrogatePrefix < 0xD800) { + // Not a surrogate + continue; +} +else if (surrogatePrefix === 0xD800) { + // Validate surrogate pair + if ((decoded.charCodeAt(++i) & 0xFC00) !==
Bug#991703: unblock: openjdk-11/11.0.12+7-2
Am Fri, Jul 30, 2021 at 02:41:35PM +0200 schrieb Matthias Klose: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > X-Debbugs-CC: secur...@debian.org > > Please unblock openjdk-11, the next openjdk-11 security release. And for context: openjdk-11 also follows the upstream releases within buster-security already, so moving this to testing will also fix the current situation where stable has a higher version than testing. Cheers, Moritz
Bug#991703: unblock: openjdk-11/11.0.12+7-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-CC: secur...@debian.org Please unblock openjdk-11, the next openjdk-11 security release. That could be done as a security update as well, the unblock would just avoid that extra work. The only packaging change is to mark the early-access version in the Debian package versions, which is a no-op for the final release build. The debdiff is a bit large, I put it at https://people.debian.org/~doko/tmp/openjdk.debdiff.xz openjdk-11 (11.0.12+7-2) unstable; urgency=high * OpenJDK 11.0.12+7 build (release). * Security fixes: - JDK-8256157: Improve bytecode assembly. - JDK-8256491: Better HTTP transport. - JDK-8258432, CVE-2021-2341: Improve file transfers. - JDK-8260453: Improve Font Bounding. - JDK-8260960: Signs of jarsigner signing. - JDK-8260967, CVE-2021-2369: Better jar file validation. - JDK-8262380: Enhance XML processing passes. - JDK-8262403: Enhanced data transfer. - JDK-8262410: Enhanced rules for zones. - JDK-8262477: Enhance String Conclusions. - JDK-8262967: Improve Zip file support. - JDK-8264066, CVE-2021-2388: Enhance compiler validation. - JDK-8264079: Improve abstractions. - JDK-8264460: Improve NTLM support. * Encode the early-access status into the package version. LP: #1934895. -- Matthias Klose Wed, 21 Jul 2021 09:03:54 +0200 openjdk-11 (11.0.12+6-1) unstable; urgency=medium * OpenJDK 11.0.12+6 build (early access). -- Matthias Klose Wed, 07 Jul 2021 12:00:44 +0200 openjdk-11 (11.0.12+4-1) unstable; urgency=medium * OpenJDK 11.0.12+4 build (early access). * Don't apply the m68k-support patch, needs an update. -- Matthias Klose Thu, 27 May 2021 11:37:31 +0200
Bug#991701: unblock: python-a38/0.1.3-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package python-a38 [ Reason ] The attached debdiff provides a fix for bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991648 , a test suite failure caused by an expired certificate that causes an FTBFS. Upstream fixed this by updating the certificate used by the tests, but as in this context a certificate with no expiration wouldn't work they also added code to let the tests be skipped when even that certificate expires. Since backporting that patch resulted in an unwieldy debdiff, I opted to just skip the affected tests in the resulting package. Both upstream and me are sure that this is purely a broken test issue, and not a hint of a problem in the code. [ Tests ] [ Risks ] The change only affects the unit tests of the package, and won't change the behaviour of the library. The only risk I can see is that this would make the automated tests less effective at detecting potential future breakage, but I'd expect that to happen in testing rather than stable, and I intend to upload a version that re-enables the tests (by using the upstream fix) as soon as development for bookworm starts. [ Checklist ] [✓] all changes are documented in the d/changelog [✓] I reviewed all changes and I approve them [✓] attach debdiff against the package in testing [ Other info ] thanks in advance unblock python-a38/0.1.3-2 diff -Nru python-a38-0.1.3/debian/changelog python-a38-0.1.3/debian/changelog --- python-a38-0.1.3/debian/changelog 2020-12-18 11:44:31.0 +0100 +++ python-a38-0.1.3/debian/changelog 2021-07-30 12:01:58.0 +0200 @@ -1,3 +1,9 @@ +python-a38 (0.1.3-2) unstable; urgency=medium + + * Skip tests that fail because of an expired certificate. (Closes: #991648) + + -- Elena Grandi Fri, 30 Jul 2021 12:01:58 +0200 + python-a38 (0.1.3-1) unstable; urgency=medium [ Ondřej Nový ] diff -Nru python-a38-0.1.3/debian/patches/0001-Skip-tests-that-fail-because-of-an-expired-certifica.patch python-a38-0.1.3/debian/patches/0001-Skip-tests-that-fail-because-of-an-expired-certifica.patch --- python-a38-0.1.3/debian/patches/0001-Skip-tests-that-fail-because-of-an-expired-certifica.patch 1970-01-01 01:00:00.0 +0100 +++ python-a38-0.1.3/debian/patches/0001-Skip-tests-that-fail-because-of-an-expired-certifica.patch 2021-07-30 12:01:58.0 +0200 @@ -0,0 +1,30 @@ +From: Elena Grandi +Date: Fri, 30 Jul 2021 12:00:27 +0200 +Forwarded: not-needed +Subject: Skip tests that fail because of an expired certificate. + +--- + tests/test_p7m.py | 6 -- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/tests/test_p7m.py b/tests/test_p7m.py +index e955bd4..fe982e7 100644 +--- a/tests/test_p7m.py b/tests/test_p7m.py +@@ -1,4 +1,4 @@ +-from unittest import TestCase ++from unittest import TestCase, skip + import tempfile + from contextlib import contextmanager + import os +@@ -39,7 +39,9 @@ WGPH+t5X7ZMMERXn8Z/2LTYWuj9w1+WeieY= + + CA_CERT_HASH = "af603d58.0" + +- ++# The following tests are failing because of an expired certificate, and ++# a certificate with no expiration wouldn't work in this context. ++@skip("certificate expired") + class TestAnagrafica(TestCase): + @contextmanager + def capath(self): diff -Nru python-a38-0.1.3/debian/patches/series python-a38-0.1.3/debian/patches/series --- python-a38-0.1.3/debian/patches/series 1970-01-01 01:00:00.0 +0100 +++ python-a38-0.1.3/debian/patches/series 2021-07-30 12:01:58.0 +0200 @@ -0,0 +1 @@ +0001-Skip-tests-that-fail-because-of-an-expired-certifica.patch
libapache2-mod-auth-openidc in Bullseye
Dear Release Team, currently the version 2.4.4.1-2 of libapache2-mod-auth-openidc is in testing/bullseye . Some days ago four CVE security bugs were published which are fixed in version 2.4.9 . The fix to CVE-2021-32791 looks quite big, so that I think it is not safe to backport it to 2.4.4.1 like the others could be. I prefer to upload the latest upstream (2.4.9) rather than try to backport the fixes to 2.4.4. What do you think of this? Regards Christoph https://security-tracker.debian.org/tracker/CVE-2021-32785 https://security-tracker.debian.org/tracker/CVE-2021-32786 https://security-tracker.debian.org/tracker/CVE-2021-32791 https://security-tracker.debian.org/tracker/CVE-2021-32792 OpenPGP_signature Description: OpenPGP digital signature
Bug#991681: unblock: telegram-desktop/2.8.10+ds-1 (pre-approval)
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: 991...@bugs.debian.org Dear release team, This request is for discuss the present situation with the telegram-desktop package. On July 16, under CVE-2021-36769 were disclosed some weakness of the MtProto implementation in Telegram Desktop before 2.8.8. So the version currently in testing, 2.6.1, has the security issue. I examined commits from an upstream Git repository which potentially may fix the issue, and I found they do not apply cleanly on top of 2.6.1 version. Even if they have applied, or if I have solved merge conflicts with them, I could not guarantee the efficiency in light of the issue. So I see two possible options here: 1. Update the package to the latest upstream release. That is what this request is about. The release brings a lot of new code and many new features which we will not be able to test carefully on tight deadlines before bullseye. We will need to update satellite packages also, libtgowt with fresh upstream commit and libtgvoip with no-source-change rebuild. Approximate size of debdiffes is about 20MB. You can currently view the difference in Git on salsa.d.o. https://salsa.debian.org/debian/telegram-desktop/-/merge_requests/37 https://salsa.debian.org/debian/libtgowt/-/merge_requests/6 This type of issue is that it is better to have the fix now than not to fix at all. If you permit the update, I will proceed and properly supplement this bug report with complete diffes. But on the other hand... 2. We can do nothing at the moment. And fix the issue later for bookworm. And then backport the update to bullseye and buster. Telegram team assured me the issue is not too risky in practice and it has only theoretical interest. [ Reason ] Fix security issue in implementation of underlying Telegram protocol, MtProto. CVE-2021-36769. [ Tests ] Not fully, only manual smoke-test has been done. The app still starts. [ Risks ] Complex code in leaf and related packages. The libtgowt and the libtgvoip packages carry static libraries. Their update does not affect anything immediately. We also need to rebuild the telegram-desktop package. [ Checklist ] [x] all changes are documented in the d/changelog [ ] I reviewed all changes and I approve them [ ] attach debdiff against the package in testing unblock telegram-desktop/2.8.10+ds-1 unblock libtgowt/0~git20210627.91d836d+dfsg-1 unblock libtgvoip/2.4.4+git20210101.13a5fcb+ds-3 signature.asc Description: This is a digitally signed message part
Bug#991660: marked as done (unblock: libhttp-cookiejar-perl/0.010-2)
Your message dated Fri, 30 Jul 2021 06:55:47 + with message-id and subject line unblock libhttp-cookiejar-perl has caused the Debian Bug report #991660, regarding unblock: libhttp-cookiejar-perl/0.010-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991660: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991660 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Good day, Please unblock package libhttp-cookiejar-perl [ Reason ] libhttp-cookiejar-perl 0.010-2 fixes #991649; a long standing test in the suite contained expiry dates which finally went overdue causing a test failure. [ Impact ] If the unblock is not granted, libhttp-cookiejar-perl will FTBFS and won't make it to bullseye, transitively putting at risk its reverse (build) dependencies, which are numerous due libhttp-tiny-perl being one of them. [ Tests ] I checked the build time test and autopkgtest were fixed in the newer version. [ Risks ] Risks are probably very low: only the test suite is altered by the patch. The change brought made its way to the package in upstream version 0.011. [ Checklist ] [*] all changes are documented in the d/changelog [*] I reviewed all changes and I approve them [*] attach debdiff against the package in testing unblock libhttp-cookiejar-perl/0.010-2 Have a nice day, :) -- Étienne Mollier Fingerprint: 8f91 b227 c7d6 f2b1 948c 8236 793c f67e 8f0d 11da Sent from /dev/pts/6, please excuse my verbosity. diff -Nru libhttp-cookiejar-perl-0.010/debian/changelog libhttp-cookiejar-perl-0.010/debian/changelog --- libhttp-cookiejar-perl-0.010/debian/changelog 2020-09-24 21:44:19.0 +0200 +++ libhttp-cookiejar-perl-0.010/debian/changelog 2021-07-29 19:32:27.0 +0200 @@ -1,3 +1,10 @@ +libhttp-cookiejar-perl (0.010-2) unstable; urgency=medium + + * Team upload. + * add postpone-test-expiry.patch from David Golden (Closes: #991649) + + -- Étienne Mollier Thu, 29 Jul 2021 19:32:27 +0200 + libhttp-cookiejar-perl (0.010-1) unstable; urgency=medium [ Salvatore Bonaccorso ] diff -Nru libhttp-cookiejar-perl-0.010/debian/patches/postpone-test-expiry.patch libhttp-cookiejar-perl-0.010/debian/patches/postpone-test-expiry.patch --- libhttp-cookiejar-perl-0.010/debian/patches/postpone-test-expiry.patch 1970-01-01 01:00:00.0 +0100 +++ libhttp-cookiejar-perl-0.010/debian/patches/postpone-test-expiry.patch 2021-07-29 19:25:13.0 +0200 @@ -0,0 +1,47 @@ +Description: postpone expiry dates in test suites to 2041 +Author: David Golden +Origin: upstream, https://github.com/dagolden/HTTP-CookieJar/commit/7a3b9b163526784bf18a69172df736d190c15940 +Bug: https://github.com/dagolden/HTTP-CookieJar/issues/11 +Bug-Debian: https://bugs.debian.org/991649 +Applied-Upstream: 0.011 +Reviewed-by: Étienne Mollier +Last-Update: 2021-07-29 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +--- libhttp-cookiejar-perl.orig/t/examples.t libhttp-cookiejar-perl/t/examples.t +@@ -38,7 +38,7 @@ + + subtest "expiration" => sub { + $jar->clear; +-$jar->add( $req, "lang=en-US; Expires=Wed, 09 Jun 2021 10:18:14 GMT" ); ++$jar->add( $req, "lang=en-US; Expires=Sun, 09 Jun 2041 10:18:14 GMT" ); + is( $jar->cookie_header($req), "lang=en-US" ); + $jar->add( $req, "lang=; Expires=Sun, 06 Nov 1994 08:49:37 GMT" ); + is( $jar->cookie_header($req), "" ); +--- libhttp-cookiejar-perl.orig/t/parse.t libhttp-cookiejar-perl/t/parse.t +@@ -83,19 +83,19 @@ + } + }, + { +-cookie => "lang=en-US; Expires = Wed, 09 Jun 2021 10:18:14 GMT", ++cookie => "lang=en-US; Expires = Sun, 09 Jun 2041 10:18:14 GMT", + parse => { + name=> "lang", + value => "en-US", +-expires => 1623233894, ++expires => 2254385894, + } + }, + { +-cookie => "lang=en-US; Expires = Wed, 09 Jun 2021 10:18:14 GMT; Max-Age=3600", ++cookie => "lang=en-US; Expires = Sun, 09 Jun 2041 10:18:14 GMT; Max-Age=3600", + parse => { + name => "lang", + value => "en-US", +-expires => 1623233894, ++expires => 2254385894, + 'max-age' => 3600, + } + }, diff -Nru libhttp-cookiejar-perl-0.010/debian/patches/series libhttp-cookiejar-perl-0.010/debian/patches/series --- libhttp-cookiejar-perl-0.010/debian/patches/series 1970-01-01 01:00:00.0
Bug#991621: marked as done (unblock: util-linux/2.36.1-8)
Your message dated Fri, 30 Jul 2021 06:52:14 + with message-id and subject line unblock util-linux has caused the Debian Bug report #991621, regarding unblock: util-linux/2.36.1-8 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991621: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991621 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package util-linux [ Reason ] Fix for security bug CVE-2021-37600, reported as Debian bug #991619 [ Impact ] Security issue remains open. From an util-linux perspective, I think this is a local (=non-remote) issue. [ Tests ] util-linux build-time tests cover ipcs and lsipc, which are the two affected commands. [ Risks ] The security bug is in a shared static .c file, used by the ipcs and lsipc commands. I hope that ipc shmem/queue/semaphore users do not shell out to ipcs/lsipc, and instead use some library. If this is true, only "inspection" use cases of local admins would possibly break. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] util-linux builds udebs. debian-boot@ is x-cc'ed. unblock util-linux/2.36.1-8 diff -Nru util-linux-2.36.1/debian/changelog util-linux-2.36.1/debian/changelog --- util-linux-2.36.1/debian/changelog 2021-02-07 14:38:19.0 + +++ util-linux-2.36.1/debian/changelog 2021-07-28 19:09:07.0 + @@ -1,3 +1,9 @@ +util-linux (2.36.1-8) unstable; urgency=medium + + * Apply upstream patch for CVE-2021-37600 (Closes: #991619) + + -- Chris Hofstaedtler Wed, 28 Jul 2021 19:09:07 + + util-linux (2.36.1-7) unstable; urgency=medium * libmount: allow --read-only for not-root users. diff -Nru util-linux-2.36.1/debian/patches/series util-linux-2.36.1/debian/patches/series --- util-linux-2.36.1/debian/patches/series 2021-02-07 14:38:19.0 + +++ util-linux-2.36.1/debian/patches/series 2021-07-28 19:09:07.0 + @@ -6,3 +6,4 @@ debian/verbose-tests.patch upstream/libmount-do-not-canonicalize-ZFS-source-dataset.patch upstream/libmount-allow-read-only-for-not-root-users.patch +upstream/CVE-2021-37600-sys-utils-ipcutils-be-careful-when-call-calloc.patch diff -Nru util-linux-2.36.1/debian/patches/upstream/CVE-2021-37600-sys-utils-ipcutils-be-careful-when-call-calloc.patch util-linux-2.36.1/debian/patches/upstream/CVE-2021-37600-sys-utils-ipcutils-be-careful-when-call-calloc.patch --- util-linux-2.36.1/debian/patches/upstream/CVE-2021-37600-sys-utils-ipcutils-be-careful-when-call-calloc.patch 1970-01-01 00:00:00.0 + +++ util-linux-2.36.1/debian/patches/upstream/CVE-2021-37600-sys-utils-ipcutils-be-careful-when-call-calloc.patch 2021-07-28 19:09:07.0 + @@ -0,0 +1,23 @@ +From: Karel Zak +Date: Tue, 27 Jul 2021 11:58:31 +0200 +Subject: sys-utils/ipcutils: be careful when call calloc() for uint64 nmembs + +Fix: https://github.com/karelzak/util-linux/issues/1395 +Signed-off-by: Karel Zak +--- + sys-utils/ipcutils.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/sys-utils/ipcutils.c b/sys-utils/ipcutils.c +index 674b612..f2b04dd 100644 +--- a/sys-utils/ipcutils.c b/sys-utils/ipcutils.c +@@ -218,7 +218,7 @@ static void get_sem_elements(struct sem_data *p) + { + size_t i; + +- if (!p || !p->sem_nsems || p->sem_perm.id < 0) ++ if (!p || !p->sem_nsems || p->sem_nsems > SIZE_MAX || p->sem_perm.id < 0) + return; + + p->elements = xcalloc(p->sem_nsems, sizeof(struct sem_elem)); --- End Message --- --- Begin Message --- Unblocked.--- End Message ---
Bug#991621: unblock: util-linux/2.36.1-8
On 2021-07-29 16:50:05, Chris Hofstaedtler wrote: > Hi, > > * Sebastian Ramacher [210729 10:23]: > > On 2021-07-29 10:15:30, Chris Hofstaedtler wrote: > [..] > > Besides the missing unblocks, util-linux would be blocked by: > > > > autopkgtest for ocfs2-tools/1.8.6-6: amd64: Pass, arm64: Pass, armhf: > > Regression ♻ (reference ♻), i386: Pass, ppc64el: Pass > > > > I haven't checked if that's a regression or a flaky test, but that needs > > to be looked at first. > > from the armhf log: > --- > mkfs.ocfs2: Could not open device > /tmp/autopkgtest-lxc.id1lago7/downtmp/autopkgtest_tmp/disk: Invalid argument > --- > > That really does not mean anything to me. I can see the kernel > version also changed between the migration reference and the new > test. > > ocf2s-tools does not seem to use ipcs/lsipc in any way. Indeed, the migration-reference run now also failed. Cheers > > Chris > -- Sebastian Ramacher
Bug#991674: unblock: python-uflash/1.2.4+dfsg-8
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package python-uflash [ Reason ] The upload fixes RC bug #991280. Source package python-uflash provides a convenience package (firmware-microbit-micropython-dl) which downloads a pre-compiled MicroPython runtime for the micro:bit computer. The downloaded file is checksummed to ensure it is compatible with the installed version of python3-uflash; the package will fail to install on checksum error (as seen in the bug report). During the bullseye hard freeze, upstream replaced this file with a new runtime that supports a new version of the micro:bit computer that is not supported by our packages in bullseye. The changed file has a different checksum, and fails to install, causing the package installation to abort. Bug report #991280 was received after bullseye went into full freeze. [ Impact ] Very serious for users of mu-editor, as the editor would be removed from bullseye as a result of its dependency on python3-uflash. mu-editor is a popular editor used globally by children and adults learning Python, with increasing popularity indicated by popcon. Bullseye provides the separate firmware-microbit-micropython package, which is a Recommended dependency of python3-uflash and which almost all users will install. Only a tiny proportion of users install the affected -dl package. However, all mu-editor users will be affected if the updated package does not migrate and mu-editor is removed from bullseye. [ Tests ] The firmware-microbit-micropython-dl binary package has been tested locally to ensure that it downloads the correct runtime file. There are no upstream code changes at all; autopkgtests are unaffected and still pass. [ Risks ] The debdiff is trivial: one updated URL to ensure the correct file is downloaded on package installation. There are no changes to any upstream code. No other packages are impacted by this change. The affected binary package (firmware-microbit-micropython-dl) is a leaf package, and is only Suggested by python3-uflash. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] The offending binary package (firmware-microbit-micropython-dl) was added to Debian during the buster development cycle to improve the end-user experience whilst the firmware-microbit-micropython package was being developed. Most mu-editor/uflash users will not install it. unblock python-uflash/1.2.4+dfsg-8 diff -Nru python-uflash-1.2.4+dfsg/debian/changelog python-uflash-1.2.4+dfsg/debian/changelog --- python-uflash-1.2.4+dfsg/debian/changelog 2021-02-07 09:27:01.0 + +++ python-uflash-1.2.4+dfsg/debian/changelog 2021-07-30 04:26:04.0 +0100 @@ -1,3 +1,10 @@ +python-uflash (1.2.4+dfsg-8) unstable; urgency=medium + + * d/firmware-microbit-micropython-dl.postinst: +- Update firmware URL (Closes: #991280) + + -- Nick Morrott Fri, 30 Jul 2021 04:26:04 +0100 + python-uflash (1.2.4+dfsg-7) unstable; urgency=medium * d/python-uflash-doc.links: diff -Nru python-uflash-1.2.4+dfsg/debian/firmware-microbit-micropython-dl.postinst python-uflash-1.2.4+dfsg/debian/firmware-microbit-micropython-dl.postinst --- python-uflash-1.2.4+dfsg/debian/firmware-microbit-micropython-dl.postinst 2021-02-07 09:27:01.0 + +++ python-uflash-1.2.4+dfsg/debian/firmware-microbit-micropython-dl.postinst 2021-07-30 04:26:04.0 +0100 @@ -4,7 +4,7 @@ # Adapted from firmware downloader for bladeRF (source package: bladerf) -UPSTREAM='https://raw.githubusercontent.com/ntoll/uflash/master/firmware.hex' +UPSTREAM='https://github.com/ntoll/uflash/raw/867468d386da0aa20212b69a152ce8bfc0972366/firmware.hex' CHECKSUM='81d92bccd9f26046aa3ba6a43ec553e0' DATAFILE='/usr/share/firmware-microbit-micropython/firmware.hex' DESCRIPT='micro:bit MicroPython runtime'