Bug#1042484: util-linux-locales: /usr/share/man/fr/man1/lastb.1.gz is also in package manpages-fr 4.19.0-5

[Jean-Marc]

Package: util-linux-locales
Version: 2.39.1-3
Severity: serious
Justification: 6
X-Debbugs-Cc: jean-m...@6jf.be

Dear Maintainer,

Upgrading util-linux-locales from 2.38.1-6 to 2.39.1-3 failed and returned this 
error message:


Preparing to unpack .../util-linux-locales_2.39.1-3_all.deb ...
Unpacking util-linux-locales (2.39.1-3) over (2.38.1-6) ...
dpkg: error processing archive 
/var/cache/apt/archives/util-linux-locales_2.39.1-3_all.deb (--unpack):
 trying to overwrite '/usr/share/man/fr/man1/lastb.1.gz', which is also in 
package manpages-fr 4.19.0-5
Errors were encountered while processing:
 /var/cache/apt/archives/util-linux-locales_2.39.1-3_all.deb

Please, fix this problem.

Thank you so much.

Regards,

Jean-Marc

-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.4.0-1-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=fr_BE.UTF-8, LC_CTYPE=fr_BE.UTF-8 (charmap=UTF-8), 
LANGUAGE=fr_BE:fr
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages util-linux-locales depends on:
ii  util-linux  2.39.1-3

util-linux-locales recommends no packages.

util-linux-locales suggests no packages.

-- no debconf information

Bug#1042483: debhelper: dh_shlibdeps -l with undocumented absolute forcing

[Niels Thykier]

Package: debhelper
Version: 13.11.4
Severity: minor
X-Debbugs-Cc: ni...@thykier.net, guil...@debian.org

Refile of https://github.com/Debian/debhelper/issues/8 to the Debian 
BTS, where I am more likely to remember it exists.  CC'ing Guillem 
because he did the `dpkg-shlibdeps -l` transition and might shed some 
light on whether the absolute path behaviour (still?) makes sense.



--- 8< --- Original message --- 8< ---


It took me forever to sort out why I was getting "dpkg-shlibdeps: 
warning: cannot find library" for an internal library in my package, 
even as I was using the -l parameter to point to it.


I eventually realized that by calling dpkg-shlibdeps -l directly it 
would work fine. dh_shlibdeps wasn't passing along the -l as specified. 
The workaround was to use -- and then pass -l directly to dpkg-shlibdeps 
unchanged.


Looking into the code, dh_shlibdeps will prepend a slash to make the 
path absolute. I also found that this used to be documented, but it's 
been dropped from the man page.


This came up when I was using pdebuild, so maybe it's something related 
to the chroot? I really don't know the reason for the absolute forcing 
in the first place; it seems to work fine without.


Anyway, I'd at least restore the mention of relative paths being made 
absolute in the man page, or reevaluate the forcing altogether.


--- 8< --- End message --- 8< ---

Last time we touched the -l parameter (AFAICT) was in 
54bfb4207966f78b6412e84b12480e8a5c901cf6 (#717505) where Guillem Jover 
moved the code around and migrated to `dpkg-shlibdeps -l`.  The "force 
path to be absolute" was present back (prior to that commit).


There is no remark about whether the "force absolute path" still made 
sense with the transition to `dpkg-shlibdeps -l`, so I assume it did.


But this as far as I am willing to dig right now.

Best regards,
Niels

Bug#1008813: Dringend lesen und antworten

[Rayanne Merhy]

Hallo, 58 Jahre alt und habe die französisch-belgische Staatsangehörigkeit. Das 
mag verdächtig klingen, aber es stimmt, dass sie mich nicht kennt und ich sie 
nicht kenne.

Lassen Sie es mich erklären: Ich habe eine unheilbare neurologische Erkrankung. 
Mein Arzt hat mir gerade gesagt, dass meine Tage gezählt sind, weil sich mein 
Gesundheitszustand verschlechtert. Der Arzt sagte mir, dass sich eine Kugel in 
meinem Gehirnkäfig befindet und ich seit mehr als vier Jahren an dieser 
Krankheit leide.

Ich habe eine Kakaoimportfirma in Frankreich, Finnland, Belgien, Italien, der 
Schweiz ... Und ich habe vor ein paar Jahren meinen Mann verloren, was mich 
sehr verletzt hat, und ich konnte erst heute wieder heiraten, wir haben keine 
Kinder. Heirat Die Situation ist so, dass ich keinen Mann und noch weniger 
Kinder habe, denen ich das Erbe hinterlassen kann.

Deshalb möchte ich Menschen helfen, die Mitgefühl und Fürsorge brauchen. Bitte 
nehmen Sie meine Spende an.
Ich habe eine Spende von 382.000 Euro.

 Bitte akzeptieren Sie diesen Betrag, da es sich um ein Geschenk handelt, 
das ich Ihnen gebe, ohne eine Gegenleistung zu verlangen.
„Ich kann nicht sterben, ohne all dieses Geld zu geben, sonst würde ich es für 
eine Verschwendung halten.“
(Die Bibel sagt dies alles zu gegebener Zeit und es ist Zeit für Sie, dieses 
Geld für die Werke des Herrn zu empfangen. Bitten Sie und Sie werden empfangen, 
suchen Sie und Sie werden finden, klopfen Sie an und es wird Ihnen geöffnet. 
Matthäus 7: 07 >> J Ich vertraue auf deinen guten Willen und auf den guten 
Willen des Herrn.

Ich zähle auf Ihr Wohlwollen und vor allem auf den richtigen Einsatz dieser 
Ressourcen für Ihre Arbeit. Mir geht es sehr schlecht und ich habe große Angst, 
ich kann weder nachts noch tagsüber schlafen. Teilen Sie mir per E-Mail mit, ob 
Sie mein Angebot annehmen. Senden Sie eine E-Mail an diese persönliche 
E-Mail-Adresse.
Zum Schluss kopieren und einfügen, um keinen Fehler zu machen. Vielen Dank und 
alles Gute für Sie.
Mit freundlichen Grüße
, Nancy D.

Bug#1042482: multilib lsan packages: dysfunctional?

[Helmut Grohne]

Package: lib32lsan0,lib64lsan0,libx32lsan0
Version: 13.1.0-9
Severity: important

Hi Matthias,

I am a bit confused about lib*lsan0. These are support libraries for the
leak sanitizer, but the multilib ones are empty (and the package
description even says so). However, these packages don't seem to work.

$ printf "int main(){}" | gcc -fsanitize=leak -xc -
$ printf "int main(){}" | gcc -fsanitize=leak -xc - -m32
/usr/bin/ld: skipping incompatible /usr/lib/gcc/x86_64-linux-gnu/13/liblsan.so 
when searching for -llsan
/usr/bin/ld: skipping incompatible /usr/lib/gcc/x86_64-linux-gnu/13/liblsan.a 
when searching for -llsan
/usr/bin/ld: cannot find -llsan: No such file or directory
/usr/bin/ld: skipping incompatible /usr/lib/gcc/x86_64-linux-gnu/13/liblsan.so 
when searching for -llsan
collect2: error: ld returned 1 exit status
$

This is in unstable with gcc-multilib, libgcc-13-dev and lib32lsan0
installed. Another hint that something is wrong is a comparison with the
address sanitizer. lib32asan8 is non-empty and -fsanitize=address tends
to work with a multilib.

I conclude that this is not working as intended. At this point, the best
course of action from my point of view is removing the multilib lsan
packages as they evidently do not work at all. Do you agree?

Why did I look into this? The multilib lsan packages happen to ship
empty directories /usr/lib{32,64,x32}. These directories are technically
susceptible to loss due to the /usr-merge. Quite probably, these
directories can be removed from the binary packages without loss of
functionality (which?), but that effort is wasted if we end up removing
these packages altogether.

Helmut

Bug#1033907: numba: autopkgtest regression: segmentation fault on arm64

[Diane Trout]

Debian's llvmlite package was updated recently

So I updated numba to 0.57.1 and released it to unstable, but even with
the updates it still crashes on arm64.

I forwarded it to upstream.

Diane

On Mon, 3 Jul 2023 13:36:53 +0200 Andreas Tille 
wrote:
> Hi
> 
> On Sun, 21 May 2023 11:39:29 -0700 Diane Trout wrote:
> > Unfortunately it also wants llvmlite 0.40.0.
> 
> Could you please be more verbose about this "unfortunately"?
> 
> > It'd probably be easier to get upstream to help with debugging 0.57
> 
> I fully agree that we should target at latest upstream instead of
> trying to stick to our heavily patched old version.
> 
> Kind regards
>  Andreas.
> 
> -- 
> http://fam-tille.de
> 
> 

Bug#1042481: phalanx: moves that checkmate/stalement/draw are not written to log file

[Michael G Soyka]

Package: phalanx
Version: 25-1~mx21
Severity: normal
Tags: patch
X-Debbugs-Cc: mssr...@gmail.com

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?

I setup a position and had the program play both sides.  The game ended with a
checkmate.

   * What exactly did you do (or not do) that was effective (or
 ineffective)?

See the example that follows for an illustrative case.


   * What was the outcome of this action?

The game's last move and outcome were printed to stdout but not to the logfile
which I had specified using the "-g" command line option.

   * What outcome did you expect instead?

A complete listing of the moves and outcome.

   * This is an example that demonstrates the problem.

 $ phalanx -g logfile.out
  setboard 7Q/8/3K4/2q5/6P1/4q3/5k2/8 w - - 0 0
  both
  machine plays both
  my move is Kd6-d7
  move d6d7
  my move is Qe3-e7
  move e3e7
  0-1 {Black mates}
  quit
  $ cat logfile.out
<< other stuff snipped>>
opponent plays Kd6-d7
<>
>From e0d44aa391619275677c3d51986a7b99bbc06410 Mon Sep 17 00:00:00 2001
From: Michael Soyka 
Date: Thu, 27 Jul 2023 17:26:24 -0400
Subject: [PATCH 1/4] ensure game-ending move is logged

When logging is enabled via the "-g" option and a move is made that
causes checkmate, stalemate, or draws by the 50-move or 3-time
repetition, that move would not be recorded in the logfile.  This patch
fixes the problem.
---
 io.c | 41 -
 1 file changed, 32 insertions(+), 9 deletions(-)

diff --git a/io.c b/io.c
index cd4b7e3..e83c148 100644
--- a/io.c
+++ b/io.c
@@ -1776,16 +1776,39 @@ while( command() )
printf("move "); gnuprintm(m); puts("");
}
 
-   switch( ( ter = terminal() ) )
+   /*
+* Test for game-over
+*/
+   ter = terminal();
+   if ( (1 <= ter) && (ter <= 3) )
{
-   case 1: puts("1/2-1/2 {Drawn game}"); continue;
-   case 2: puts("1/2-1/2 {Stalemate}"); continue;
-   case 3:
-   if( Color == WHITE )
-   puts("0-1 {Black mates}");
-   else
-   puts("1-0 {White mates}");
-   continue;
+   const char *gameResult;
+   switch (ter)
+   {
+   case 1:
+   gameResult = "1/2-1/2 {Drawn game}";
+   break;
+   case 2:
+   gameResult = "1/2-1/2 {Stalemate}";
+   break;
+   case 3:
+   if (Color == WHITE)
+   gameResult = "0-1 {Black mates}";
+   else
+   gameResult = "1-0 {White mates}";
+   break;
+   }
+   puts(gameResult);
+   if (Flag.log != NULL)
+   {
+   char pb[640];
+   printm( G[Counter-1].m, pb );
+   fprintf(Flag.log,"\n  opponent plays %s\n",pb);
+   printboard(pb);
+   fprintf(Flag.log, pb);
+   fprintf(Flag.log, "\n%s\n", gameResult);
+   }
+   continue;
}
 
if(   Flag.ponder == 1
-- 
2.30.2

Bug#1039758: Fixed in experimental

[Athos Ribeiro]

It seems that version 10 in experimental, uploaded by David, already
supports phpunit 10.

--
Athos Ribeiro

Bug#1042479: Acknowledgement (avahi-daemon[…]: chroot.c: open() failed: No such file or directory)

[Al Ma]

By the way, here's the contents of /etc/resolv.conf (which is a symlink to 
/run/NetworkManager/resolv.conf):
# Generated by NetworkManager
search AnonymizedRouterName
nameserver 192.168.2.1
nameserver fe80::1%wlp3s0
wlp3s0 is the logical name of the wireless interface provided by the wireless 
card Intel Centrino Ultimate-N 6300 built into the laptop. The wireless-card 
driver is iwlwifi.

Bug#849400: debian-installer: LUKS on rootfs and boot

[Jinesh Choksi]

> Can you provide a series of steps to replicate the failure case reported in
> this bug?


Reproduction Steps

- Boot using debian-12.1.0-amd64-netinst.iso in a VM

- At the Grub boot menu, select Advanced options > Expert Install

- Go through the following install steps using defaults or as desired:

  - Choose language
  - Configure the keyboard
  - Detect and mount installation media
  - Load installer components from installation media
  - Detect network hardware
  - Configure the network
  - Set up users and password
  - Configure the clocks
  - Detect disks

- When you reach the "Partition disks" step, choose "Manual" disk partitioning 
method

- Setup a GPT partition table

- Setup an EFI partition (min 100MB), mounted as /boot/efi

- Setup a DMCRYPT partition using remaining free space. (i.e. use as "Physical 
volume for encryption")

- Choose to "Configure encrypted volumes"

- Set a password for the encrypted volume (also to speed up the process, set 
Erase data to: No)

- At this point, switch to TTY2, activate console and type in (the following is 
needed as it is not possible to select luks version):

  - cryptsetup luksClose sda2_crypt

  - cryptsetup luksFormat --type luks1 /dev/sda2

  - cryptsetup luksOpen /dev/sda2 sda2_crypt

- Switch back to TTY1 and select "Go back", and select "Detect Disks" (needed 
to refresh partman's state)

- Select "Partition Disks" again

- Set the file system for the encrypted volume to "XFS" (i.e. use as XFS 
journaling file system) and set the mount point to /.

- To reduces reproduction steps, we won't set up a swap partition.

- Finally, select "Finish partitioning and write changes to disk"

- You will see a dialog saying:

  Encryption configuration failure

  You have selected the root file system to be stored on an encrypted 
partition. This feature requires a separate /boot partition on which the kernel 
and initrd can be stored.

  You should go back and setup a /boot partition.

 

- It is not possible to get past this dialog.

- Note: If it was possible to get past this dialog, then you can proceed with 
installation as per normal until you get to the "Install Grub Boot Loader" 
stage. You will find that this stage errors at the "grub-install (dummy)" step.

- If you look at msgs on TTY4, you will note it says to add the line 
"GRUB_ENABLE_CRYPTODISK=y" to the /etc/default/grun file. So, switch console on 
TTY2 and edit /target/etc/default/grub file and add this line.

- Run the "Install Grub Boot Loader" stage again and it will work and rest of 
the install will progress normally.

- The missing "GRUB_ENABLE_CRYPTODISK=y" line is a seperate bug #925134.

Bug#1042479: avahi-daemon[…]: chroot.c: open() failed: No such file or directory

[Al Ma]

Package: avahi-daemon
Version: 0.8-10
In my journal.conf, we see this:
Jul 29 00:10:33 AnonymizedMachineName avahi-daemon[712]: Found user 'avahi' 
(UID 107) and group 'avahi' (GID 117).
Jul 29 00:10:33 AnonymizedMachineName avahi-daemon[712]: Successfully dropped 
root privileges.
Jul 29 00:10:33 AnonymizedMachineName avahi-daemon[712]: avahi-daemon 0.8 
starting up.
Jul 29 00:10:33 AnonymizedMachineName systemd[1]: Starting lm-sensors.service - 
Initialize hardware monitoring sensors...
Jul 29 00:10:34 AnonymizedMachineName systemd[1]: Started 
low-memory-monitor.service - Low Memory Monitor.
Jul 29 00:10:34 AnonymizedMachineName /usr/sbin/gpm[721]: *** info 
[daemon/startup.c(131)]:
Jul 29 00:10:34 AnonymizedMachineName /usr/sbin/gpm[721]: Started gpm 
successfully. Entered daemon mode.
Jul 29 00:10:34 AnonymizedMachineName systemd[1]: Starting polkit.service - 
Authorization Manager...
Jul 29 00:10:34 AnonymizedMachineName systemd[1]: Starting 
power-profiles-daemon.service - Power Profiles daemon...
Jul 29 00:10:34 AnonymizedMachineName systemd[1]: Starting rsyslog.service - 
System Logging Service...
Jul 29 00:10:34 AnonymizedMachineName systemd[1]: Starting rtkit-daemon.service 
- RealtimeKit Scheduling Policy Service...
Jul 29 00:10:34 AnonymizedMachineName systemd[1]: Starting 
smartmontools.service - Self Monitoring and Reporting Technology (SMART) 
Daemon...
Jul 29 00:10:34 AnonymizedMachineName systemd[1]: Starting sysfsutils.service - 
LSB: Set sysfs variables from /etc/sysfs.conf...
Jul 29 00:10:34 AnonymizedMachineName polkitd[723]: Started polkitd version 122
Jul 29 00:10:34 AnonymizedMachineName systemd[1]: Starting 
systemd-logind.service - User Login Management...
Jul 29 00:10:34 AnonymizedMachineName systemd[1]: Starting udisks2.service - 
Disk Manager...
Jul 29 00:10:34 AnonymizedMachineName systemd[1]: Mounted run-rpc_pipefs.mount 
- RPC Pipe File System.
Jul 29 00:10:34 AnonymizedMachineName systemd[1]: Reached target 
rpc_pipefs.target.
Jul 29 00:10:34 AnonymizedMachineName systemd[1]: rpc-gssd.service - RPC 
security service for NFS client and server was skipped because of an unmet 
condition check (ConditionPathExists=/etc/krb5.keytab).
Jul 29 00:10:34 AnonymizedMachineName systemd[1]: Reached target 
nfs-client.target - NFS client services.
Jul 29 00:10:34 AnonymizedMachineName systemd[1]: Reached target 
remote-fs-pre.target - Preparation for Remote File Systems.
Jul 29 00:10:34 AnonymizedMachineName systemd[1]: Reached target 
remote-fs.target - Remote File Systems.
Jul 29 00:10:34 AnonymizedMachineName systemd[1]: Starting atd.service - 
Deferred execution scheduler...
Jul 29 00:10:34 AnonymizedMachineName systemd[1]: Started cron.service - 
Regular background program processing daemon.
Jul 29 00:10:34 AnonymizedMachineName systemd[1]: systemd-pcrphase.service - 
TPM2 PCR Barrier (User) was skipped because of an unmet condition check 
(ConditionPathExists=/sys/firmware/efi/efivars/StubPcrKernelImage-SomeLongUUID).
Jul 29 00:10:34 AnonymizedMachineName rsyslogd[726]: imuxsock: Acquired UNIX 
socket '/run/systemd/journal/syslog' (fd 3) from systemd.  [v8.2302.0]
Jul 29 00:10:34 AnonymizedMachineName rsyslogd[726]: [origin 
software="rsyslogd" swVersion="8.2302.0" x-pid="726" 
x-info="https://www.rsyslog.com;] start
Jul 29 00:10:34 AnonymizedMachineName systemd[1]: Started rsyslog.service - 
System Logging Service.
Jul 29 00:10:34 AnonymizedMachineName sensors[741]: coretemp-isa-
Jul 29 00:10:34 AnonymizedMachineName sensors[741]: Adapter: ISA adapter
Jul 29 00:10:34 AnonymizedMachineName sensors[741]: Package id 0:  +78.0°C  
(high = +87.0°C, crit = +105.0°C)
Jul 29 00:10:34 AnonymizedMachineName sensors[741]: Core 0:        +75.0°C  
(high = +87.0°C, crit = +105.0°C)
Jul 29 00:10:34 AnonymizedMachineName sensors[741]: Core 1:        +77.0°C  
(high = +87.0°C, crit = +105.0°C)
Jul 29 00:10:34 AnonymizedMachineName sensors[741]: Core 2:        +78.0°C  
(high = +87.0°C, crit = +105.0°C)
Jul 29 00:10:34 AnonymizedMachineName sensors[741]: Core 3:        +75.0°C  
(high = +87.0°C, crit = +105.0°C)
Jul 29 00:10:34 AnonymizedMachineName sensors[741]: radeon-pci-0100
Jul 29 00:10:34 AnonymizedMachineName sensors[741]: Adapter: PCI adapter
Jul 29 00:10:34 AnonymizedMachineName sensors[741]: temp1:        +58.0°C  
(crit = +120.0°C, hyst = +90.0°C)
Jul 29 00:10:34 AnonymizedMachineName sensors[741]: acpitz-acpi-0
Jul 29 00:10:34 AnonymizedMachineName sensors[741]: Adapter: ACPI interface
Jul 29 00:10:34 AnonymizedMachineName sensors[741]: temp1:        +61.5°C  
(crit = +107.0°C)
Jul 29 00:10:34 AnonymizedMachineName sensors[741]: dell_smm-isa-
Jul 29 00:10:34 AnonymizedMachineName sensors[741]: Adapter: ISA adapter
Jul 29 00:10:34 AnonymizedMachineName sensors[741]: Processor Fan:    0 RPM  
(min =    0 RPM, max = 4900 RPM)
Jul 29 00:10:34 AnonymizedMachineName sensors[741]: Video Fan:        0 RPM  
(min =    0 RPM, max = 4900 RPM)
Jul 29 00:10:34 AnonymizedMachineName 

Bug#1042478: Tasks missing in tasksel and its task-description file

[d3vf4n]

Package: tasksel
Version: 3.73

There are tasksel tasks that
 1. The command "tasksel --list-tasks" does not list.
 2. They do not show either in the task description file 
"/usr/share/tasksel/descs/debian-tasks.desc"

Some examples are the tasks "science-tasks", "electronic-tasks", 
"education-tasks", and quite a few more:
https://packages.debian.org/search?suite=bookworm=all=any=all=tasksel
https://packages.debian.org/search?suite=bookworm=all=any=names=live-task-

Despite all this, tasksel can actually install them: for instance, "tasksel -t 
install science-tasks".

I am on: Debian 12.1 (bookworm),
kernel version (output of "uname -v"): #1 SMP PREEMPT_DYNAMIC Debian 6.1.38-1 
(2023-07-14)

Bug#1017988: (uetoothd)[…]: ConfigurationDirectory 'bluetooth' already exists but the mode is different. (File system: 755 ConfigurationDirectoryMode: 555)

[Al Ma]

severity 1017988 normal
found 1017988 5.66-1
thanks
Raising severity as this warning concerns more than one user. My journal has 
this:
Jul 29 00:10:33 AnonymizedMachineName kernel: Bluetooth: hci0: BCM: firmware 
Patch file not found, tried:
Jul 29 00:10:33 AnonymizedMachineName kernel: Bluetooth: hci0: BCM: 
'brcm/BCM20702A1-413c-8197.hcd'
Jul 29 00:10:33 AnonymizedMachineName kernel: Bluetooth: hci0: BCM: 
'brcm/BCM-413c-8197.hcd'
Jul 29 00:10:33 AnonymizedMachineName systemd[1]: Starting 
accounts-daemon.service - Accounts Service...
Jul 29 00:10:33 AnonymizedMachineName systemd[1]: Started acpi-fakekey.service 
- ACPI fakekey daemon.
Jul 29 00:10:33 AnonymizedMachineName kernel: ACPI: AC: AC Adapter [AC] 
(off-line)
Jul 29 00:10:33 AnonymizedMachineName kernel: input: ACPI Virtual Keyboard 
Device as /devices/virtual/input/input23
Jul 29 00:10:33 AnonymizedMachineName systemd[1]: Started acpi-support.service 
- ACPI support daemon.
Jul 29 00:10:33 AnonymizedMachineName systemd[1]: Started acpid.service - ACPI 
event daemon.
Jul 29 00:10:33 AnonymizedMachineName systemd[1]: anacron.service - Run anacron 
jobs was skipped because of an unmet condition check (ConditionACPower=true).
Jul 29 00:10:33 AnonymizedMachineName systemd[1]: Starting avahi-daemon.service 
- Avahi mDNS/DNS-SD Stack...
Jul 29 00:10:33 AnonymizedMachineName systemd[1]: Starting bluetooth.service - 
Bluetooth service...
Jul 29 00:10:33 AnonymizedMachineName (uetoothd)[713]: ConfigurationDirectory 
'bluetooth' already exists but the mode is different. (File system: 755 
ConfigurationDirectoryMode: 555)
Let's take a look at various bluetooth-related directories:
# find / -type d -iname \*blue\* -exec ls -lad {} \;
…
find: ‘/run/user/1000/doc’: Keine Berechtigung
find: ‘/run/user/1000/gvfs’: Keine Berechtigung
drw--- 2 root root 40 29. Jul 00:10 /run/systemd/propagate/bluetooth.service
drwx-- 3 root root 4096  3. Okt 2012  /var/lib/bluetooth
drwxr-xr-x 2 root root 4096 27. Apr 2015  
/var/lib/systemd/deb-systemd-helper-enabled/bluetooth.target.wants
drwx-- 3 root root 4096 29. Jul 00:10 
/var/tmp/systemd-private-1b81fdf5b8874508bc9eae082c60fc15-bluetooth.service-HCJpfF
drwxr-xr-x 2 root root 4096 13. Jul 16:43 /etc/bluetooth
drwxr-xr-x 2 root root 4096 27. Apr 2015  
/etc/systemd/system/bluetooth.target.wants
…
drwxr-xr-x 2 root root 4096 13. Jul 16:42 /usr/libexec/bluetooth
drwxr-xr-x 3 root root 4096 28. Apr 2015  /usr/lib/x86_64-linux-gnu/bluetooth
drwxr-xr-x 2 root root 4096 13. Jul 22:54 
/usr/lib/x86_64-linux-gnu/spa-0.2/bluez5
drwxr-xr-x 2 root root 4096 14. Jul 03:08 
/usr/lib/x86_64-linux-gnu/qt5/qml/org/kde/bluezqt
drwxr-xr-x 6 root root 4096 22. Jul 17:25 
/usr/lib/modules/6.1.0-10-amd64/kernel/net/bluetooth
drwxr-xr-x 2 root root 4096 22. Jul 17:25 
/usr/lib/modules/6.1.0-10-amd64/kernel/drivers/bluetooth
drwxr-xr-x 2 root root 4096 13. Jul 22:44 /usr/share/wireplumber/bluetooth.lua.d
…
drwxr-xr-x 2 root root 4096 13. Jul 22:44 
/usr/share/doc/gir1.2-gnomebluetooth-3.0
drwxr-xr-x 2 root root 4096 13. Jul 16:42 /usr/share/doc/bluez-cups
drwxr-xr-x 2 root root 4096 14. Jul 03:08 /usr/share/doc/libkf5bluezqt-data
drwxr-xr-x 2 root root 4096 13. Jul 16:42 /usr/share/doc/bluez-obexd
drwxr-xr-x 2 root root 4096 13. Jul 22:54 /usr/share/doc/libspa-0.2-bluetooth
drwxr-xr-x 2 root root 4096 13. Jul 16:42 /usr/share/doc/bluetooth
drwxr-xr-x 2 root root 4096 13. Jul 16:42 /usr/share/doc/libbluetooth3
drwxr-xr-x 2 root root 4096 13. Jul 22:44 
/usr/share/doc/libgnome-bluetooth-ui-3.0-13
drwxr-xr-x 2 root root 4096 14. Jul 03:08 /usr/share/doc/libkf5bluezqt6
drwxr-xr-x 2 root root 4096 13. Jul 16:42 /usr/share/doc/bluez
drwxr-xr-x 2 root root 4096 13. Jul 22:39 
/usr/share/doc/libgnome-bluetooth-3.0-13
…
drwxr-xr-x 2 root root 4096 13. Jul 22:39 
/usr/share/doc/gnome-bluetooth-3-common
drwxr-xr-x 2 root root 4096 13. Jul 22:44 /usr/share/doc/gnome-bluetooth-sendto
drwxr-xr-x 2 root root 4096 14. Jul 03:08 
/usr/share/doc/qml-module-org-kde-bluezqt
drwxr-xr-x 2 root root 4096 13. Jul 22:54 /usr/share/spa-0.2/bluez5
drwxr-xr-x 2 root root 4096 13. Jul 22:39 /usr/share/gnome-bluetooth-3.0
drwx-- 3 root root 60 29. Jul 00:10 
/tmp/systemd-private-1b81fdf5b8874508bc9eae082c60fc15-bluetooth.service-Y0ZhEd
drwxr-xr-x 3 root root 0 29. Jul 00:10 /sys/kernel/debug/bluetooth
drwxr-xr-x 2 root root 0 29. Jul 00:10 /sys/class/bluetooth
drwxr-xr-x 3 root root 0 29. Jul 00:10 
/sys/devices/pci:00/:00:1a.0/usb3/3-1/3-1.4/3-1.4:1.0/bluetooth
drwxr-xr-x 2 root root 0 29. Jul 00:10 
/sys/fs/cgroup/system.slice/bluetooth.service
drwxr-xr-x 6 root root 0 29. Jul 00:10 /sys/module/bluetooth
These are many directories. Running
# find / -type d -iname \*blue\* -exec dpkg -S {} \;
yields /etc/bluetooth, /usr/libexec/bluetooth, 
/usr/lib/x86_64-linux-gnu/bluetooth, /usr/share/doc/bluez as belonging to the 
package bluez, so (regardless of which permissions of which directories should 
be set differently, why, and how) the warning better 

Bug#1041007: linux-image-6.1.0-0.deb11.7-amd64: Please enable TPM hardware RNG support (CONFIG_HW_RANDOM_TPM)

[Vincent Blut]

Hello,

Le 2023-07-13 23:10, jflf_ker...@gmx.com a écrit :
> Package: src:linux
> Version: 6.1.20-2~bpo11+1
> Severity: normal
> X-Debbugs-Cc: jflf_ker...@gmx.com
> 
> Dear Maintainer,
> 
> Currently no Debian kernel enables support for TPM hardware RNG. On one of my
> systems:
> 
> $ uname -a
> Linux XXX 6.1.0-0.deb11.7-amd64 #1 SMP PREEMPT_DYNAMIC Debian
> 6.1.20-2~bpo11+1 (2023-04-23) x86_64 GNU/Linux
> 
> $ cat /sys/class/tpm/tpm0/device/description
> TPM 2.0 Device
> 
> $ ls /dev/tpm*
> /dev/tpm0  /dev/tpmrm0
> 
> $ sudo tpm2_getrandom 16 | xxd -p
> 7ba65632453b191385a3989485ac80a3
> 
> $ grep HW_RANDOM_TPM /boot/config-$(uname -r)
> 
> 
> $ find /lib/modules/$(uname -r) -iname \*tpm\*rng\*
> 
> 
> $ ls /dev/hwrng
> ls: cannot access '/dev/hwrng': No such file or directory
> 
> 
> I have checked the current bookworm and trixie kernel debs, and they don't
> include it either. It should be enabled there too.
> 
> I manage multiple older amd64 machines that have discrete TPM chips, but no
> RDRAND instruction or any other hardware RNG. Enabling support for the TPM RNG
> would provide the kernel with additional entropy earlier in the boot process.

Indeed, this regression compared to the kernel provided in bullseye is due to
a configuration issue.
For HW_RANDOM_TPM to be enabled, the TCG_TPM and HW_RANDOM config symbols are
required but there is a subtlety in the way they have to be built. If TCG_TPM
is built-in then HW_RANDOM must not be loadable (built as a module).

If we take a look at the kernel configuration files prior being constructed, we
can see that both TCG_TPM and HW_RANDOM config symbols should be built as
modules:

$ grep -Er "TCG_TPM|HW_RANDOM="
arm64/config:CONFIG_TCG_TPM=m
kernelarch-x86/config:CONFIG_TCG_TPM=m
config:CONFIG_HW_RANDOM=m
config.cloud:CONFIG_TCG_TPM=m
 
However after these files have been constructed, the TCG_TPM config symbol is
no longer provided as module but built-in:

$ grep TCG_TPM /boot/config-6.3.0-1-amd64
CONFIG_TCG_TPM=y

This change is what causes HW_RANDOM_TPM to be disabled and is probably due to
[1].

Ben, Salvatore, to fix this regression we should either force TCG_TPM to be
built as a module or make HW_RANDOM built-in. The second solution have my
preference, WDYT?

Cheers,
Vincent

[1] 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=644f17412f5acf01a19af9d04a921937a2bc86c6


signature.asc
Description: PGP signature

Bug#1041014: Permission of /lib64 were wrong

[Алекс ______]

In the meantime, I tried to see which file runs /lib/systemd/systemd-timesyncd:
# file /lib/systemd/systemd-timesyncd
… interpreter /lib64/ld-linux-x86-64.so.2 …
So I took a look at its directory:
# ls -la /lib64
… /lib64 -> usr/lib64
# ls -la /usr/lib64
drw--  3 root root 4096 22. Jul 17:23 .
…
I thought, someone else than root might try to execute whatever is inside there 
and went on with
# chmod +rx /usr/lib64
so that I got
drwr-xr-x  3 root root 4096 22. Jul 17:23 .
This solved the problem at least once:
# systemctl restart systemd-timesyncd
worked now:
# systemctl status systemd-timesyncd
…
Active: active (running) …
…
I'm absolutely sure I had NOT altered the permissions of /usr/lib64 or any 
other system directories myself before having issued the aforementioned chmod 
command today at all, so some part of or the system or of the upgrade from 
Debian 11 to Debian 12 must have set the directory persmissions to drw-- 
(presumably, for a good reason?). Are the new permissions drwr-xr-x fine?  If 
they are normal, is there anything else I need to do?  If they are too 
permissive, should I change them back and still run strace on 
/lib/systemd/systemd-timesyncd (and if not, what else to do)?
Gratefully,
Alma

Bug#947222: marked as pending in bsdgames

[Asher Gordon]

Hi Tobias,

Thanks for fixing this bug. I believe #723808 can now be closed as well.

Thanks,
Asher

-- 
Brian Kernighan has an automobile which he helped design.
Unlike most automobiles, it has neither speedometer, nor gas gauge, nor
any of the numerous idiot lights which plague the modern driver.
Rather, if the driver makes any mistake, a giant "?" lights up in the
center of the dashboard.  "The experienced driver", he says, "will
usually know what's wrong."
   
I prefer to send and receive mail encrypted. Please send me your
public key, and if you do not have my public key, please let me
know. Thanks.

GPG fingerprint: 38F3 975C D173 4037 B397  8095 D4C9 C4FC 5460 8E68


signature.asc
Description: PGP signature

Bug#1042476: gimp: Crash when applying color filters/effects and choosing "Convert pixels to built-in sRGB (slow)" - happens only sometimes.

[Arthur Maurer]

Package: gimp (maybe gimp-dds as well, imo)
Version: 2.10.34-1
Severity: normal
X-Debbugs-Cc: aidsistgra...@gmail.com

Dear Maintainer, I have made some mediocre experiences actually often with GIMP
and certain functions of it...

GNU Image Manipulation Program version 2.10.34
git-describe: GIMP_2_10_34
Build: unknown rev 0 for linux
# C compiler #
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/12/lto-wrapper
OFFLOAD_TARGET_NAMES=nvptx-none:amdgcn-amdhsa
OFFLOAD_TARGET_DEFAULT=1
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Debian
12.2.0-14' --with-bugurl=file:///usr/share/doc/gcc-12/README.Bugs --enable-
languages=c,ada,c++,go,d,fortran,objc,obj-c++,m2 --prefix=/usr --with-gcc-
major-version-only --program-suffix=-12 --program-prefix=x86_64-linux-gnu-
--enable-shared --enable-linker-build-id --libexecdir=/usr/lib --without-
included-gettext --enable-threads=posix --libdir=/usr/lib --enable-nls
--enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes
--with-default-libstdcxx-abi=new --enable-gnu-unique-object --disable-vtable-
verify --enable-plugin --enable-default-pie --with-system-zlib --enable-
libphobos-checking=release --with-target-system-zlib=auto --enable-objc-gc=auto
--enable-multiarch --disable-werror --enable-cet --with-arch-32=i686 --with-
abi=m64 --with-multilib-list=m32,m64,mx32 --enable-multilib --with-tune=generic
--enable-offload-targets=nvptx-
none=/build/gcc-12-bTRWOB/gcc-12-12.2.0/debian/tmp-nvptx/usr,amdgcn-
amdhsa=/build/gcc-12-bTRWOB/gcc-12-12.2.0/debian/tmp-gcn/usr --enable-offload-
defaulted --without-cuda-driver --enable-checking=release --build=x86_64-linux-
gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu
Thread model: posix
Supported LTO compression algorithms: zlib zstd
gcc version 12.2.0 (Debian 12.2.0-14)

# Libraries #
using babl version 0.1.98 (compiled against version 0.1.98)
using GEGL version 0.4.42 (compiled against version 0.4.42)
using GLib version 2.74.6 (compiled against version 2.74.5)
using GdkPixbuf version 2.42.10 (compiled against version 2.42.10)
using GTK+ version 2.24.33 (compiled against version 2.24.33)
using Pango version 1.50.12 (compiled against version 1.50.12)
using Fontconfig version 2.14.1 (compiled against version 2.14.1)
using Cairo version 1.16.0 (compiled against version 1.16.0)

```
> fatal error: Aborted

Stack trace:
```

# Stack traces obtained from PID 499583 - Thread 499583 #

[New LWP 499584]
[New LWP 499587]
[New LWP 499588]
[New LWP 499590]
[New LWP 499628]
[New LWP 499642]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
__GI___libc_read (nbytes=256, buf=0x7fffd44d43f0, fd=20) at
../sysdeps/unix/sysv/linux/read.c:26
  Id   Target IdFrame
* 1Thread 0x7f9277a31300 (LWP 499583) "gimp-2.10"   __GI___libc_read
(nbytes=256, buf=0x7fffd44d43f0, fd=20) at ../sysdeps/unix/sysv/linux/read.c:26
  2Thread 0x7f9276f896c0 (LWP 499584) "worker"  syscall () at
../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
  3Thread 0x7f9274fff6c0 (LWP 499587) "gmain"   0x7f927846203f in
__GI___poll (fds=0x55c4948a21c0, nfds=2, timeout=-1) at
../sysdeps/unix/sysv/linux/poll.c:29
  4Thread 0x7f9275df46c0 (LWP 499588) "gdbus"   0x7f927846203f in
__GI___poll (fds=0x55c4948b61e0, nfds=2, timeout=-1) at
../sysdeps/unix/sysv/linux/poll.c:29
  5Thread 0x7f92515166c0 (LWP 499590) "async"   syscall () at
../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
  6Thread 0x7f924b1ff6c0 (LWP 499628) "dashboard"   syscall () at
../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
  7Thread 0x7f924a1fd6c0 (LWP 499642) "swap writer" syscall () at
../sysdeps/unix/sysv/linux/x86_64/syscall.S:38

Thread 7 (Thread 0x7f924a1fd6c0 (LWP 499642) "swap writer"):
#0  syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
#1  0x7f92786d13cf in g_cond_wait () at /lib/x86_64-linux-
gnu/libglib-2.0.so.0
#2  0x7f9278c59a29 in  () at /lib/x86_64-linux-gnu/libgegl-0.4.so.0
#3  0x7f92786a6cfd in  () at /lib/x86_64-linux-gnu/libglib-2.0.so.0
#4  0x7f92783ef044 in start_thread (arg=) at
./nptl/pthread_create.c:442
ret = 
pd = 
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140266285553344,
987589741701938502, -1152, 11, 140736755220416, 140266277163008,
-968261152184812218, -968150916761600698}, mask_was_saved = 0}}, priv = {pad =
{0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
not_first_call = 
#5  0x7f927846f5fc in clone3 () at
../sysdeps/unix/sysv/linux/x86_64/clone3.S:81

Thread 6 (Thread 0x7f924b1ff6c0 (LWP 499628) "dashboard"):
#0  syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
#1  0x7f92786d150c in g_cond_wait_until () at /lib/x86_64-linux-
gnu/libglib-2.0.so.0
#2  

Bug#1036176: MR on Salsa which fixes these bugs

[Diederik de Haas]

Control: tag -1 - patch

On 13 Jun 2023 15:32:28 +0200 Diederik de Haas  wrote:
> Control: tag -1 patch
> 
> I've created a MR which fixes this bug here:
> https://salsa.debian.org/xorg-team/lib/mesa/-/merge_requests/27

Removed the source format change from the MR, so remove the tag here too.

signature.asc
Description: This is a digitally signed message part.

Bug#1042475: modsecurity: CVE-2023-38285

[Salvatore Bonaccorso]

Source: modsecurity
Version: 3.0.9-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for modsecurity.

CVE-2023-38285[0]:
| Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic
| Complexity.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-38285
https://www.cve.org/CVERecord?id=CVE-2023-38285
[1] 
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/modsecurity-v3-dos-vulnerability-in-four-transformations-cve-2023-38285/

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#1042474: golang-github-elazarl-goproxy: CVE-2023-37788

[Salvatore Bonaccorso]

Source: golang-github-elazarl-goproxy
Version: 1.1-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/elazarl/goproxy/issues/502
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for golang-github-elazarl-goproxy.

CVE-2023-37788[0]:
| goproxy v1.1 was discovered to contain an issue which can lead to a
| Denial of service (DoS) via unspecified vectors.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-37788
https://www.cve.org/CVERecord?id=CVE-2023-37788
[1] https://github.com/elazarl/goproxy/issues/502

Regards,
Salvatore

Bug#1042473: frr: CVE-2023-3748

[Salvatore Bonaccorso]

Source: frr
Version: 8.4.4-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/FRRouting/frr/issues/11808
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for frr.

CVE-2023-3748[0]:
| A flaw was found in FRRouting when parsing certain babeld unicast
| hello messages that are intended to be ignored. This issue may allow
| an attacker to send specially crafted hello messages with the
| unicast flag set, the interval field set to 0, or any TLV that
| contains a sub-TLV with the Mandatory flag set to enter an infinite
| loop and cause a denial of service.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-3748
https://www.cve.org/CVERecord?id=CVE-2023-3748
[1] https://github.com/FRRouting/frr/issues/11808
[2] 
https://github.com/FRRouting/frr/commit/0a95d121ca8e1f43d41d952d6c82d111ca850085

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#1042371: Acknowledgement (ITP: libchdr -- libchdr is a standalone library for reading MAME CHDv1-v5 formats.)

[Alexandre Detiste]

Source tree is here:

https://salsa.debian.org/games-team/libchdr

Bug#1042472: zbarcam-qt should be in section utils

[Jörg Sommer]

Package: zbarcam-qt
Version: 0.23.92-7
Severity: normal

Hi,

having zbarcam-qt in the section lib makes tools like deborphan misdetect
them as unused library. I think this package belongs in section utils.

Regards Jörg


-- System Information:
Debian Release: trixie/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.4.0-1-amd64 (SMP w/16 CPU threads; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages zbarcam-qt depends on:
ii  libc6   2.37-6
ii  libgcc-s1   13.1.0-9
ii  libqt5core5a5.15.10+dfsg-3
ii  libqt5gui5  5.15.10+dfsg-3
ii  libqt5widgets5  5.15.10+dfsg-3
ii  libstdc++6  13.1.0-9
ii  libzbarqt0  0.23.92-7

zbarcam-qt recommends no packages.

zbarcam-qt suggests no packages.

-- no debconf information


signature.asc
Description: PGP signature

Bug#1037579: Patch for FTBFS

[François Mazen]

tags 1037579 + patch
thanks

Dear maintainers,

please find attached a patch to fix the FTBFS with gcc13. The main
issue was missing headers for the uint32_t and uint64_t definitions.

I can prepare an NMU in case you don't have time to upload new package.

Best Regards,
François
Author: Francois Mazen 
Description: Fix fail to build from source due to missing header with GCC13.
Forwarded: not-needed

--- a/src/armnnUtils/VerificationHelpers.hpp
+++ b/src/armnnUtils/VerificationHelpers.hpp
@@ -4,6 +4,7 @@
 //
 
 #include 
+#include 
 #include 
 
 #include 
--- a/include/armnn/profiling/ISendTimelinePacket.hpp
+++ b/include/armnn/profiling/ISendTimelinePacket.hpp
@@ -6,6 +6,7 @@
 #pragma once
 
 #include 
+#include 
 #include 
 #include 
 


signature.asc
Description: This is a digitally signed message part

Bug#684128: src:debian-installer: allow use of binary units in disk partitioner

[Thorsten Glaser]

Holger Wansing dixit:

>>Could this information (valid unit sufficēs) be added to the dialogue
>>where the size is entered? Screen space should suffice.
>
>Yes, I already thought about if changing the template would make sense here.

Thanks!

Could we also get the size output in both formats? I realise that
will most likely not be a change as simple…

bye,
//mirabilos
-- 
15:41⎜ Somebody write a testsuite for helloworld :-)

Bug#1041538: dh-python: Unhelpful inclusion of optional packages in Depends

[Scott Kitterman]

On Friday, July 28, 2023 3:42:50 PM EDT Emmanuel Arias wrote:
> Control: reassign -1 poetry-core
> 
> Hi,
> 
> Sorry for this delay. Yes as you mentioned Scott, you need to add the
> optional dependency in the extras section, not only marked it as
> optional=true.
> 
> Poetry documentation[0] is not very explicit with that.
> 
> There's an issue open [1]. I can work in a patch to at least raise an
> exception o message when a dependency is marked as optional and is not
> added to extras. But I agree that mark a deps as optional and then is
> not optional is confusing.
> 
> [0] https://python-poetry.org/docs/pyproject/#extras
> [1] https://github.com/python-poetry/poetry/issues/2357

Thanks,

For this particular package I pointed this out to upstream and it's fixed in 
their latest bug fix update.  They were quite surprised that marking a 
dependency optional didn't actually do anything, so I think it would be good 
to get poetry to handle this better.

Scott K

signature.asc
Description: This is a digitally signed message part.

Bug#1042471: ITP: u-boot-asahi -- u-boot bootloader for Apple silicon systems

[Tobias Heider]

Package: wnpp
Severity: wishlist
Owner: Tobias Heider 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: u-boot-asahi
  Version : 2023.04-2
  Upstream Authors: Mark Kettenis 
  URL : https://github.com/AsahiLinux/u-boot
* License : GPL-2
  Description : A u-boot bootloader for Apple silicon systems

Das U-Boot is a cross platform bootloader for embedded systems,
used as the default boot loader by several board vendors.  It is
intended to be easy to port and to debug, and runs on many
supported architectures, including PPC, ARM, MIPS, x86, m68k,
NIOS, and Microblaze.

u-boot is used as a second stage bootloader for Linux on M1/M2 Apple macs.
This will be maintained by the Debian Bananas team.

Bug#1042297: qt6-virtualkeyboard: FTBFS: dh_missing: error: missing files, aborting

[Lisandro Damián Nicanor Pérez Meyer]

Version: 6.4.2+dfsg-3

Hi Lucas!

This was actually fixed already in the archive by version -3, so closing.

Thanks for your work, Lisandro.

El miércoles, 26 de julio de 2023 17:14:13 -03 Lucas Nussbaum escribió:
> Source: qt6-virtualkeyboard
> Version: 6.4.2+dfsg-2
> Severity: serious
> Justification: FTBFS
> Tags: trixie sid ftbfs
> User: lu...@debian.org
> Usertags: ftbfs-20230726 ftbfs-trixie
> 
> Hi,
> 
> During a rebuild of all packages in sid, your package failed to build
> on amd64.
> 
> 
> Relevant part (hopefully):
> > make[1]: Entering directory '/<>'
> > # Reproducible builds: remove build paths from .prl files
> > sed -i -e '/^QMAKE_PRL_BUILD_DIR/d' 
> > debian/tmp/usr/lib/x86_64-linux-gnu/libQt6*.prl
> > make[1]: Leaving directory '/<>'
> >dh_install -O--buildsystem=cmake\+ninja
> >dh_installdocs -O--buildsystem=cmake\+ninja
> >dh_installchangelogs -O--buildsystem=cmake\+ninja
> >dh_installsystemduser -O--buildsystem=cmake\+ninja
> >dh_perl -O--buildsystem=cmake\+ninja
> >dh_link -O--buildsystem=cmake\+ninja
> >dh_strip_nondeterminism -O--buildsystem=cmake\+ninja
> >dh_compress -O--buildsystem=cmake\+ninja
> >dh_fixperms -O--buildsystem=cmake\+ninja
> >dh_missing -O--buildsystem=cmake\+ninja
> > dh_missing: warning: 
> > usr/lib/x86_64-linux-gnu/qt6/examples/virtualkeyboard/basic/basic exists in 
> > debian/tmp but is not installed to anywhere 
> > dh_missing: error: missing files, aborting
> > The following debhelper tools have reported what they installed (with 
> > files per package)
> >  * dh_install: libqt6hunspellinputmethod6 (2), libqt6virtualkeyboard6 
> > (2), qml6-module-qtquick-virtualkeyboard (71), qt6-virtualkeyboard-dev 
> > (56), qt6-virtualkeyboard-plugin (1)
> >  * dh_installdocs: libqt6hunspellinputmethod6 (0), 
> > libqt6virtualkeyboard6 (0), qml6-module-qtquick-virtualkeyboard (0), 
> > qt6-virtualkeyboard-dev (0), qt6-virtualkeyboard-plugin (0)
> > If the missing files are installed by another tool, please file a bug 
> > against it.
> > When filing the report, if the tool is not part of debhelper itself, 
> > please reference the
> > "Logging helpers and dh_missing" section from the "PROGRAMMING" guide 
> > for debhelper (10.6.3+).
> >   (in the debhelper package: /usr/share/doc/debhelper/PROGRAMMING.gz)
> > Be sure to test with dpkg-buildpackage -A/-B as the results may vary 
> > when only a subset is built
> > If the omission is intentional or no other helper can take care of this 
> > consider adding the
> > paths to debian/not-installed.
> > 
> > Remember to be careful with paths containing "x86_64-linux-gnu", where 
> > you might need to
> > use a wildcard or (assuming compat 13+) e.g. ${DEB_HOST_MULTIARCH} in 
> > debian/not-installed
> > to ensure it works on all architectures (see #961104).
> > make: *** [debian/rules:12: binary] Error 25
> 
> 
> The full build log is available from:
> http://qa-logs.debian.net/2023/07/26/qt6-virtualkeyboard_6.4.2+dfsg-2_unstable.log
> 
> All bugs filed during this archive rebuild are listed at:
> https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=ftbfs-20230726;users=lu...@debian.org
> or:
> https://udd.debian.org/bugs/?release=na=ign=7=7=only=ftbfs-20230726=lu...@debian.org=1=1=1=1#results
> 
> A list of current common problems and possible solutions is available at
> http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!
> 
> If you reassign this bug to another package, please mark it as 'affects'-ing
> this package. See https://www.debian.org/Bugs/server-control#affects
> 
> If you fail to reproduce this, please provide a build log and diff it with 
> mine
> so that we can identify if something relevant changed in the meantime.
> 
> 



signature.asc
Description: This is a digitally signed message part.

Bug#1042470: node-lodash: please add lodash-es

[Bastien Roucariès]

Package: node-lodash
Version: 4.17.21+dfsg+~cs8.31.198.20210220-9
Severity: important

Dear Maintainer,

Could you add lodash-es mini package to lodash

It is only running
lodash modularize exports=es -o ./
and installing to right part.

it is needed for ckeditor5

Thanks


signature.asc
Description: This is a digitally signed message part.

Bug#1041538: dh-python: Unhelpful inclusion of optional packages in Depends

[Emmanuel Arias]

Control: reassign -1 poetry-core

Hi,

Sorry for this delay. Yes as you mentioned Scott, you need to add the
optional dependency in the extras section, not only marked it as
optional=true.

Poetry documentation[0] is not very explicit with that.

There's an issue open [1]. I can work in a patch to at least raise an
exception o message when a dependency is marked as optional and is not
added to extras. But I agree that mark a deps as optional and then is
not optional is confusing.

[0] https://python-poetry.org/docs/pyproject/#extras
[1] https://github.com/python-poetry/poetry/issues/2357


Cheers,
Emmanuel



signature.asc
Description: PGP signature

Bug#1030587: strace FTBFS on hppa

[Helge Deller]

Hello Andreas,

sorry, I somehow missed your follow-up on this bug, but just stumbled
over it again now...

On Sat, 11 Feb 2023 18:27:25 +0100 Andreas Henriksson  wrote:

Could you please have a look at
https://salsa.debian.org/debian/strace/-/commits/wip/hppa
and see if it builds (and if you think I cherry-picked the right set of
patches)? (I took everything in recent history with your name on it.)


I think I tried it once, but failed quite hard I think it wasn't easy
to fix up.

I see strace v6.4 is out now, couldn't you switch to that version instead
(which includes all fixes for hppa)?

Helge

Bug#1042469: ocamldap FTBFS without pcre-ocaml

[Adrian Bunk]

Source: ocamldap
Version: 2.4.2-3
Severity: serious
Tags: ftbfs

https://buildd.debian.org/status/fetch.php?pkg=ocamldap=arm64=2.4.2-3%2Bb3=1690571368=0

...
   dh_auto_build -a -O--buildsystem=ocaml_dune
dune build -p ldap
File "src/ldap/dune", line 9, characters 17-21:
9 |   (libraries str pcre ssl))
 
Error: Library "pcre" not found.
-> required by library "ldap" in _build/default/src/ldap
-> required by _build/default/META.ldap
-> required by _build/install/default/lib/ldap/META
-> required by _build/default/ldap.install
-> required by alias install
dh_auto_build: error: dune build -p ldap returned exit code 1
make: *** [debian/rules:7: binary-arch] Error 25

Bug#1038207: 6.4 is now the default kernel

[Francois Marier]

I just hit this bug upgrading the kernel package in unstable.

The patch worked for me as well. It would be good to get that uploaded as
soon as possible since it's going to affect lots of people now that 6.4 is
the default.

Francois

Bug#1042423: manpages-de still contains pages from new util-linux-locales

[Helge Kreutzmann]

Hello Ingo,
On Fri, Jul 28, 2023 at 06:42:13AM +0200, Ingo Saitz wrote:
> The experimental version of manpages-de still seems to contain manpages
> which are shipped with util-linux 2.39.1-3, namely:
> 
> /usr/share/man/de/man1/eject.1.gz
> /usr/share/man/de/man1/lastb.1.gz
> /usr/share/man/de/man8/swapoff.8.gz

Thanks for spotting.

The first I really missed because linux manpages has another source
for this as well (will resolve this later), added to the removal list.

The other two I missed because they are symlinks and I only looked at
real files. The potential complete list is:

man1/ncal.1.gz man1/cal.1.gz
man1/hexdump.1.gz man1/hd.1.gz
man8/swapon.8.gz man8/swapoff.8.gz
man3/uuid_generate.3.gz man3/uuid_generate_random.3.gz
man3/uuid_generate.3.gz man3/uuid_generate_time.3.gz
man3/uuid_generate.3.gz man3/uuid_generate_time_safe.3.gz

And for man pages in section 2/3 the rm path was incorrect.

Now fixing those thre …

Greetings

 Helge

-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#1041767: Subject: eln-cache piling up

[Sean Whitton]

Hello,

On Thu 27 Jul 2023 at 09:15am GMT, Juergen Schraten wrote:

> Would it at least be possible to provide an alternative package without
> `--with-native-compilation`?

We don't want to try to support both at present.

-- 
Sean Whitton


signature.asc
Description: PGP signature

Bug#1042468: scrcpy: import version 2.1.1 into debian

[suuh0q+f5e71fh1wisok]

Package: scrcpy
Severity: normal

Dear Maintainer,

Please upgrade the version of scrcpy in debian to at least version 2.1.1.

Thank you.

-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-10-amd64 (SMP w/1 CPU thread; PREEMPT)
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#1042467: sysv-rc-conf: from bullseye want to uninstall many packages without dependency when trying upgrading it

[Jiff]

Package: sysv-rc-conf
Version: 0.99-7.1
Severity: normal

Dear Maintainer,

   * What led up to the situation?

After an upgrade from bullseye to bookworm, sysv-rc-conf was tagged
as upgrading possible.

   * What exactly did you do (or not do) that was effective (or
 ineffective)?

Using synaptic I tried to upgrade it but it ranted throwing a long
list of packages it wanted to uninstall, such as colord, gparted,
haruna, gufw, etc, however when I check those 4 they have been
upgraded correctly and moreover do not show any dependency with
sysv-rc-conf !

   * What was the outcome of this action?

I backed off.

   * What outcome did you expect instead?

sysv-rc-conf to upgrade smoothly, not trying to remove at least
30 packages that don't know it.

Ziziz vely stlange, limit weild.

Cheers,

Jean-Yves


-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 
'proposed-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-10-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages sysv-rc-conf depends on:
ii  libcurses-ui-perl  0.9609-1.1
ii  sysv-rc3.06-4

sysv-rc-conf recommends no packages.

sysv-rc-conf suggests no packages.

-- no debconf information

Bug#1039472: Fix for bookworm available as well?

[Andreas B. Mundt]

Hi Andreas, all,

we suffer from this issue on bookworm desktops (KDE plasma desktop)
where installing arduino causes the troubles described above (… error
processing package ca-certificates-java …).  For the time being, we
decided to skip arduino, but this is no solution in the long run.

Are there any plans to fix this in bookworm too?  Or is there a
workaround available to get rid of the problem?

Many thanks and best regards,

  Andi

Bug#1042018: qt6-declarative: FTBFS on hppa - Segmentation fault in /usr/lib/qt6/bin/qsb

[Lisandro Damián Nicanor Pérez Meyer]

reassign 1042018 src:qt6-base 6.4.2+dfsg-1
thanks


signature.asc
Description: This is a digitally signed message part.

Bug#1042018: qt6-declarative: FTBFS on hppa - Segmentation fault in /usr/lib/qt6/bin/qsb

[Lisandro Damián Nicanor Pérez Meyer]

El viernes, 28 de julio de 2023 08:52:37 -03 John David Anglin escribió:
> On 2023-07-25 4:29 p.m., Patrick Franz wrote:
> > Due to the lack of resources, it's unlikely we'll even investigate this.
> > However, if you have a patch, I'm happy to apply it.
> The attached change fixes the reported segmentation fault in qsb. The change 
> is to
> src/3rdparty/forkfd/forkfd_linux.c in the qt6-base package. The problem is 
> the system_vforkfd
> routine assumes the stack direction is down, but on hppa the stack grows up. 
> This causes
> the childFn argument to be clobbered on the stack and the segmentation fault.
> 
> With this change to qt6-base, qt6-declarative builds successfully on hppa.  I 
> believe it will also fix the
> qt6-multimedia build as it appears to fail for the same reason.
> 
> Somehow, we need to get this installed in the 3rdparty forkfd source so all 
> packages that use it
> are fixed.
> 
> Regards,
> Dave Anglin

I'll be happy to apply this one.


signature.asc
Description: This is a digitally signed message part.

Bug#788660: closed by Debian FTP Masters (Bug#1032736: Removed package(s) from unstable)

[Paranoia Remailer]

This message is being sent to you automatically in response to an email
that you sent to .

Most likely, you tried to reply to an email that has been sent through
this service. If you did not send an email to ,
please ignore this message.

The Anonymous Remailer is a free service that
allows individuals including crime victims, domestic violence victims,
persons in recovery, and others, such as those living under oppressive
regimes, to communicate confidentially in a manner that ensures their
privacy under even the most adverse conditions.

To block individuals using this remailer from sending email to your
address in the future, please send a message to 

containing the line

destination-block 788...@bugs.debian.org

anywhere in the body text of the email.  You can simply forward this
entire email to  using your email
program for your current email address to be permanently blocked
from users of the Anonymous Remailer.

For more information about the Anonymous Remailer Administrator's
strict anti-abuse policy, please send a blank email to


Sincerely,

-- The Anonymous Remailer Administrator

Bug#1041675: lintian: missing-dep-for-interpreter does not recognize lua5.4 as lua

[Sebastian Crane]

Dear Phil,

This bug will be resolved by pending merge request 475 on Salsa:

https://salsa.debian.org/lintian/lintian/-/merge_requests/475

Best wishes,

Sebastian

Bug#1042102: Also fixed in upstream stable-4.17 branch

[Maximilian Engelhardt]

This commit got also included in the upstream stable-4.17 branch:

https://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=a91b946345b0c0550d0ee28816a15d3fc16abc50

signature.asc
Description: This is a digitally signed message part.

Bug#1042466: AttributeError: module 'eventlet.green.select' has no attribute 'epoll'

[Gregor Riepl]

Package: python3-eventlet
Version: 0.33.1-4
Severity: important
Tags: upstream
Forwarded: https://github.com/eventlet/eventlet/issues/805
X-Debbugs-Cc: onit...@gmail.com
Control: affects -1 cura

Dear Maintainer,

The eventlet module has a known incompatibility with dnspython 0.24, that
causes it to throw exceptions of the form: AttributeError: module
'eventlet.green.select' has no attribute 'epoll'

One example is cura 5.0.0, which won't start start any more due to this bug
(full report further below):

/usr/lib/python3/dist-packages/eventlet/support/greenlets.py:6:
DeprecationWarning: distutils Version classes are deprecated. Use
packaging.version instead.
  preserves_excinfo = (distutils.version.LooseVersion(greenlet.__version__)
...
  File "/usr/bin/cura", line 30, in 
import sentry_sdk
...
  File "/usr/lib/python3/dist-packages/trio/_core/_io_epoll.py", line 190, in
EpollIOManager
_epoll = attr.ib(factory=select.epoll)
 
AttributeError: module 'eventlet.green.select' has no attribute 'epoll'

Please provide a fix for this issue as soon as one is available from upstream,
or pin to dnspython to 0.23 until this is fixed (which would break on
sid/trixie, because dnspython 0.23 isn't available there).

Thanks.


Full output from cura:

/usr/lib/python3/dist-packages/UM/PluginRegistry.py:4: DeprecationWarning: the
imp module is deprecated in favour of importlib and slated for removal in
Python 3.12; see the module's documentation for alternative uses
  import imp
/usr/lib/python3/dist-packages/eventlet/support/greenlets.py:6:
DeprecationWarning: distutils Version classes are deprecated. Use
packaging.version instead.
  preserves_excinfo = (distutils.version.LooseVersion(greenlet.__version__)
Traceback (most recent call last):
  File "/usr/bin/cura", line 30, in 
import sentry_sdk
  File "/usr/lib/python3/dist-packages/sentry_sdk/__init__.py", line 1, in

from sentry_sdk.hub import Hub, init
  File "/usr/lib/python3/dist-packages/sentry_sdk/hub.py", line 8, in 
from sentry_sdk.scope import Scope
  File "/usr/lib/python3/dist-packages/sentry_sdk/scope.py", line 7, in

from sentry_sdk.utils import logger, capture_internal_exceptions
  File "/usr/lib/python3/dist-packages/sentry_sdk/utils.py", line 925, in

HAS_REAL_CONTEXTVARS, ContextVar = _get_contextvars()
   ^^
  File "/usr/lib/python3/dist-packages/sentry_sdk/utils.py", line 895, in
_get_contextvars
if not _is_contextvars_broken():
   
  File "/usr/lib/python3/dist-packages/sentry_sdk/utils.py", line 856, in
_is_contextvars_broken
from eventlet.patcher import is_monkey_patched  # type: ignore
^^
  File "/usr/lib/python3/dist-packages/eventlet/__init__.py", line 17, in

from eventlet import convenience
  File "/usr/lib/python3/dist-packages/eventlet/convenience.py", line 7, in

from eventlet.green import socket
  File "/usr/lib/python3/dist-packages/eventlet/green/socket.py", line 21, in

from eventlet.support import greendns
  File "/usr/lib/python3/dist-packages/eventlet/support/greendns.py", line 79,
in 
setattr(dns, pkg, import_patched('dns.' + pkg))
  
  File "/usr/lib/python3/dist-packages/eventlet/support/greendns.py", line 61,
in import_patched
return patcher.import_patched(module_name, **modules)
   ^^
  File "/usr/lib/python3/dist-packages/eventlet/patcher.py", line 132, in
import_patched
return inject(
   ^^^
  File "/usr/lib/python3/dist-packages/eventlet/patcher.py", line 109, in
inject
module = __import__(module_name, {}, {}, module_name.split('.')[:-1])
 
  File "/usr/lib/python3/dist-packages/dns/asyncquery.py", line 38, in 
from dns.query import (
  File "/usr/lib/python3/dist-packages/dns/query.py", line 63, in 
import httpcore
  File "/usr/lib/python3/dist-packages/httpcore/__init__.py", line 1, in

from ._api import request, stream
  File "/usr/lib/python3/dist-packages/httpcore/_api.py", line 5, in 
from ._sync.connection_pool import ConnectionPool
  File "/usr/lib/python3/dist-packages/httpcore/_sync/__init__.py", line 1, in

from .connection import HTTPConnection
  File "/usr/lib/python3/dist-packages/httpcore/_sync/connection.py", line 12,
in 
from .._synchronization import Lock
  File "/usr/lib/python3/dist-packages/httpcore/_synchronization.py", line 13,
in 
import trio
  File "/usr/lib/python3/dist-packages/trio/__init__.py", line 19, in 
from ._core import TASK_STATUS_IGNORED as TASK_STATUS_IGNORED  # isort:
skip
^
  File "/usr/lib/python3/dist-packages/trio/_core/__init__.py", line 21, in

from ._local import RunVar
 

Bug#1035304: Bug#1038451: bullseye-pu: package systemd/247.3-7+deb11u4

[Jonathan Wiltshire]

Hi,

It is my intention to publish systemd 247.3-7+deb11u4 as a stable update
before the next point release (i.e. through bullseye-updates), probably
over the coming weekend. The proposed explanation is below:

| udev, a component of systemd in Debian 11, does not create symlinks
| in /dev/serial/by-id for USB serial devices, causing failures for USB
| modems and other peripherals.
| 
| An issue with certain calendar spec calculations may also cause
| systemd to hang for users with timers in the Europe/Dublin timezone.
| 
| This update corrects both problems.

If you have feedback on the text please let me know as soon as possible.

Thanks,

-- 
Jonathan Wiltshire  j...@debian.org
Debian Developer http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51
ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1

Bug#1039753: Add support for phpunit 10

[Athos Ribeiro]

Control: tags -1 patch

A fix proposal was submitted as a salsa MR at
https://salsa.debian.org/php-team/pear/matthiasmullie-minify/-/merge_requests/1


--
Athos Ribeiro

Bug#1042465: python3-hypercorn: Aioquic now in the archive, so please update Recommends/Suggests

[Scott Kitterman]

Package: python3-hypercorn
Version: 0.14.4-1
Severity: normal

As of today, aioquic (python3-aioquic) is in the archive, so it might be
good to update either the package Recommends or Suggests to take
advantage of this.  I seen it's already mentioned in the package
description.

Scott K

Bug#1042464: dhclient rewrites resolv.conf even if its content didn't change

[Alex K]

Package: isc-dhcp-client
Version: 4.4.1-2.3+deb11u2

We have a file integrity checking system installed and it alerts constantly b/c 
/etc/resolv.conf updates its timestamp on almost every invocation of dhclient 
tool. The fix is simple:
--- /sbin/dhclient-script.orig 2023-02-20 08:19:43.0 +
+++ /sbin/dhclient-script 2023-07-28 15:45:31.927151674 +
@@ -84,7 +84,7 @@
chown --reference=$resolv_conf $new_resolv_conf
chmod --reference=$resolv_conf $new_resolv_conf
fi
-mv -f $new_resolv_conf $resolv_conf
+   diff $new_resolv_conf $resolv_conf >/dev/null || mv -f $new_resolv_conf 
$resolv_conf
 # DHCPv6
 elif [ -n "$new_dhcp6_domain_search" ] || [ -n "$new_dhcp6_name_servers" 
]; then
 resolv_conf=$(readlink -f "/etc/resolv.conf" 2>/dev/null) ||

Please, incorporate.

root@ip-172-26-5-140:/usr/sbin# uname -a
Linux ip-172-26-5-140 5.10.0-23-cloud-amd64 #1 SMP Debian 5.10.179-1 
(2023-05-12) x86_64 GNU/Linux

root@ip-172-26-5-140:/usr/sbin# cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NAME="Debian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=debian

-- 
Best regards,
 Alex

Bug#1041789: RM: unison-2.51+4.13.1 -- RoQA; newer version packaged

[Stéphane Glondu]

Control: reassign -1 ftp.debian.org

Le 23/07/2023 à 18:49, Bastian Germann a écrit :

Source: unison-2.51+4.13.1
Version: 2.51.5-1
Severity: serious

Why is unison-2.51+4.13.1 not removed yet when unison-2.52 is available?


It is OK to remove unison-2.51+4.13.1 from unstable now.

Note that I would like to keep unison-2.52 (even if a newer version is 
packaged) at least in trixie, to allow synchronizing between bookworm 
and trixie.



Cheers,

--
Stéphane

Bug#1042463: lintian does not accept overrides in the syntax used on ftp-master

[Julian Andres Klode]

Package: lintian,ftp.debian.org
Severity: important
X-Debbugs-Cc: juli...@ubuntu.com

lintian in the archive needs to restore support for the old override
format, or ftpmaster needs to be updated to the new lintian.

Normal source-only uploads do not trigger the issue usually, but
there surely have been people adopting their overrides to the new
format who now get stuck (like me) at binary-NEW with a reject when
having to do a binary upload.

For an orderly transition, lintian needs to regain support for
the old override format as otherwise uploads to old series don't
work.

-- System Information:
Debian Release: trixie/sid
  APT prefers mantic
  APT policy: (500, 'mantic')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.3.0-7-generic (SMP w/16 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_WARN, TAINT_OOT_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

-- 
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer  i speak de, en

Bug#1042462: ITP: xeus-zmq -- ZeroMQ middleware for Xeus

[Gordon Ball]

Package: wnpp
Severity: wishlist
Owner: Gordon Ball 
X-Debbugs-Cc: gor...@chronitis.net

* Package name: xeus-zmq
  Version : 1.1.0
  Upstream Contact: Jupyter-Xeus project
* URL : https://github.com/jupyter-xeus/xeus-zmq
* License : BSD-3-clause
  Programming Lang: C++
  Description : ZeroMQ middleware for Xeus

Xeus is a C++ implementation of the jupyter kernel protocol designed to
make it more robust to interact with an interpreter from Jupyter
notebook by moving the notebook <-> interpreter communication out of the
interpreter itself. This package contains the ZMQ transport, which was
previously part of the core xeus library but was split out in xeus 3.

This is a new dependency to update xeus-python, and likely any other
xeus kernels in future.

Bug#1042408: pyglet: requires update for ffmpeg 6.0

[Timo Röhling]

Hi,

On Thu, 27 Jul 2023 21:05:04 +0200 Sebastian Ramacher  
wrote:

python3-pyglet hard-codes dependencies of libraries from ffmpeg. As
ffmpeg is currently undergoing a transition due to SONAME bumps, please
update the package accordingly.

I can update the dependencies manually again, but I'd prefer a more
automated option in the long run. Maybe d/rules could look for the
installed ffmpeg library packages and construct a substitution
variable?


Cheers
Timo

--
⢀⣴⠾⠻⢶⣦⠀   ╭╮
⣾⠁⢠⠒⠀⣿⡁   │ Timo Röhling   │
⢿⡄⠘⠷⠚⠋⠀   │ 9B03 EBB9 8300 DF97 C2B1  23BF CC8C 6BDD 1403 F4CA │
⠈⠳⣄   ╰╯


signature.asc
Description: PGP signature

Bug#1042374: linux-image-6.1.0-0.deb11.9-amd64: After the removal of a module package, the system reboots infinitively

[rpnpif]

Le 28/07/2023 à 14:47, Ben Hutchings a écrit :

Control: tag -1 moreinfo

On Thu, 2023-07-27 at 09:30 +0200, rpnpif wrote:

>...

The rescue mode from grub work fine almost all the time but not always.

I checked temperature and RAM and disks status that are normal.


Have you checked voltages?


Sensors says :

f71868a-isa-0290
Adapter: ISA adapter
+3.3V: 3.34 V
in1: 904.00 mV
in2:   1.51 V
in3: 976.00 mV
in4:   1.09 V
in5:   1.10 V
in6:   1.10 V
3VSB:  3.34 V
Vbat:  3.34 V
5VSB:  4.99 V
fan1:1435 RPM
fan2:   0 RPM  ALARM
fan3:   0 RPM  ALARM
temp1:+39.0°C  (high = +85.0°C, hyst = +81.0°C)
   (crit = +100.0°C, hyst = +96.0°C)  sensor = 
thermistor

temp2:+35.0°C  (high = +85.0°C, hyst = +81.0°C)
   (crit = +100.0°C, hyst = +96.0°C)  sensor = 
thermistor

temp3:+34.0°C  (high = +70.0°C, hyst = +68.0°C)
   (crit = +85.0°C, hyst = +83.0°C)  sensor = 
transistor


radeon-pci-0008
Adapter: PCI adapter
Radeon temp:  +38.8°C  (crit = +83.4°C, hyst = +71.6°C)

k10temp-pci-00c3
Adapter: PCI adapter
CPU Temp: +42.5°C  (high = +70.0°C)
   (crit = +70.0°C, hyst = +69.6°C)

Note that the k10temp and Radeon temps are computed from my formulas 
because they are referenced from 0°C on ambient without my settings.
I do not note problems but I have not check at startup. The Bios seems 
agreed with me.



How many physical storage devices (SSDs or hard disks) are in the
computer?


There are 3 hard disks included one that is old.


My workaround had been to remove the line
hubicfuse /mnt/hubic fuse user,noauto 0 0
from /etc/fstab.
After this workaround, the system seems to be working normally for two
days.


This mount is marked as noauto, so it should not be mounted during boot
anyway.  So I wonder whether this change actually did anything.


Yes and now I can says that this module is not the culprit.


I am not sure that linux-image-6.1.0-0.deb11.9-amd64 is the culprit.
Systemd and udev 252.5-2~bpo11+1 packages was updated at the same time.

Expected: Even a module for a secondary mounting from /etc/fstab is missing, 
the system
should not reboot but displays or logs a warning.

[...]

I agree, but a silent reboot is almost always the result of a hardware
fault.


Ok, I will change a disk as soon as possible to see if it fixes that issue.
In the meantime, I am testing the 6.4 kernel from SID to see if it fix 
also this issue.


Thank you for your attention.

--
Rpnpif

Bug#1041524: logcheck: badly handles "rsyslog + journalctl" checking

[Thomas Parmelan]

Le jeudi 27 juillet 2023 à 18:44, d'après
Richard Lewis  :

> The possibility of setting JOURNALCTL_OPTS would be great! I think the
> pre/post-processing customisation is a good idea too, to move all that
> logic from the code to the configuration.
> 
> cool.  this does seem the way to go (there are other priorities, but consider
> it on the todo list!)

Great! Thanks.

-- 
Thomas Parmelan

Bug#1042461: gstreamer1.0-plugins-base: GStreamer failed to play MP3 audio with decodebin

[Umaru Doma]

Package: gstreamer1.0-plugins-base
Version: 1.22.0-3+deb12u1
Severity: normal
X-Debbugs-Cc: leninkagam...@gmail.com

Dear Maintainer,

I found all GStreamer-based applications failed to play MP3 audio. After
some attempts, I suspect "decodebin" from gstreamer1.0-plugins-base of
causing this issue.

I tried decodebin and decodebin3, both of which failed to preroll the
pipeline. Manually specifing mpegaudioparse and mpg123audiodec makes
GStreamer work.

I can reproduce this bug on Debian live 12.1.0 (Xfce) running in
VirtualBox VM.

Given a valid MP3 audio file at "/tmp/test.mp3".

-- Failed playback with decodebin
$ gst-launch-1.0 filesrc location=/tmp/test.mp3 ! decodebin ! pulsesink
Setting pipeline to PAUSED ...
Pipeline is PREROLLING ...
ERROR: from element 
/GstPipeline:pipeline0/GstDecodeBin:decodebin0/GstMpegAudioParse:mpegaudioparse0:
 Internal data stream error.
Additional debug info:
../libs/gst/base/gstbaseparse.c(3694): gst_base_parse_loop (): 
/GstPipeline:pipeline0/GstDecodeBin:decodebin0/GstMpegAudioParse:mpegaudioparse0:
streaming stopped, reason not-negotiated (-4)
ERROR: pipeline doesn't want to preroll.
Setting pipeline to NULL ...
Freeing pipeline ...

-- Failed playback with decodebin3
```
$ gst-launch-1.0 filesrc location=/tmp/test.mp3 ! decodebin3 ! pulsesink
Setting pipeline to PAUSED ...
Pipeline is PREROLLING ...
ERROR: from element 
/GstPipeline:pipeline0/GstDecodebin3:decodebin3-0/GstParseBin:parsebin0/GstMpegAudioParse:mpegaudioparse0:
 Internal data stream error.
Additional debug info:
../libs/gst/base/gstbaseparse.c(3694): gst_base_parse_loop (): 
/GstPipeline:pipeline0/GstDecodebin3:decodebin3-0/GstParseBin:parsebin0/GstMpegAudioParse:mpegaudioparse0:
streaming stopped, reason not-negotiated (-4)
ERROR: pipeline doesn't want to preroll.
Setting pipeline to NULL ...
Freeing pipeline ...
```

-- Successful playback with mpegaudioparse and mpg123audiodec
$ gst-launch-1.0 filesrc location=/tmp/test.mp3 ! mpegaudioparse ! 
mpg123audiodec ! pulsesink
Setting pipeline to PAUSED ...
Pipeline is PREROLLING ...
Redistribute latency...
Pipeline is PREROLLED ...
Setting pipeline to PLAYING ...
Redistribute latency...
New clock: GstPulseSinkClock
0:00:03.8 / 0:03:39.7 (1.7 %)

-- System Information:
Debian Release: 12.0
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-10-amd64 (SMP w/12 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gstreamer1.0-plugins-base depends on:
ii  libc6   2.36-9
ii  libcdparanoia0  3.10.2+debian-14
ii  libglib2.0-02.74.6-2
ii  libgstreamer-plugins-base1.0-0  1.22.0-3+deb12u1
ii  libgstreamer1.0-0   1.22.0-2
ii  libogg0 1.3.5-3
ii  libopus01.3.1-3
ii  liborc-0.4-01:0.4.33-2
ii  libtheora0  1.1.1+dfsg.1-16.1+b1
ii  libvisual-0.4-0 0.4.0-19
ii  libvorbis0a 1.3.7-1
ii  libvorbisenc2   1.3.7-1

gstreamer1.0-plugins-base recommends no packages.

Versions of packages gstreamer1.0-plugins-base suggests:
ii  gvfs  1.50.3-1

-- no debconf information

Bug#1042460: openssh-client: ssh-agent CVE-2023-38408

[Matija Nalis]

Package: openssh-client
Version: 1:8.4p1-5+deb11u1
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: mnalis-debian...@voyager.hr, Debian Security Team 



"The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an
insufficiently trustworthy search path, leading to remote code execution if
an agent is forwarded to an attacker-controlled system."

While it does not affect all users of ssh-agent, it does affect many of them
and commonly suggested workaround (using jumphosts instead of agent forwarding)
is not applicable to many use cases (git push over ssh, using
libpam-ssh-agent-auth, etc.)

https://security-tracker.debian.org/tracker/CVE-2023-38408 indicates that
the new fixed version 1:9.3p2-1 has been uploaded in sid and trixie, however
bookworm (stable) and bullseye (oldstable) still have no security fix since 
CVE release on 2023-07-20.

(workaround by pinning fixed version from trixie is not possible, due to
significant libraries clash; and there are no Debian backports either)

-- System Information:
Debian Release: 11.7
  APT prefers oldstable-updates
  APT policy: (500, 'oldstable-updates'), (500, 'oldstable-security'), (500, 
'oldstable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-23-amd64 (SMP w/1 CPU thread)
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages openssh-client depends on:
ii  adduser   3.118
ii  dpkg  1.20.12
ii  libc6 2.31-13+deb11u6
ii  libedit2  3.1-20210910-1
ii  libfido2-11.6.0-2
ii  libgssapi-krb5-2  1.18.3-6+deb11u3
ii  libselinux1   3.1-3
ii  libssl1.1 1.1.1n-0+deb11u5
ii  passwd1:4.8.1-1
ii  zlib1g1:1.2.11.dfsg-2+deb11u2

Versions of packages openssh-client recommends:
pn  xauth  

Versions of packages openssh-client suggests:
pn  keychain  
pn  libpam-ssh
pn  monkeysphere  
pn  ssh-askpass   

-- no debconf information

Bug#1042433: libcerf: FTBFS on mipsel

[Adrian Bunk]

Control: forcemerge 1042434 -1

On Fri, Jul 28, 2023 at 10:15:37AM +0200, Sebastian Ramacher wrote:
> Source: libcerf
> Version: 2.3-1
> Severity: serious
> Tags: ftbfs
> Justification: fails to build from source (but built successfully in the past)
> X-Debbugs-Cc: sramac...@debian.org
> 
> https://buildd.debian.org/status/fetch.php?pkg=libcerf=mipsel=2.3-1=1690485564=0
> 
> cd /<>/obj-mipsel-linux-gnu/lib && /usr/bin/cc -Dcerf_EXPORTS  
> -g -O2 -ffile-prefix-map=/<>=. -fstack-protector-strong -Wformat 
> -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -O3 -DNDEBUG 
> -std=gnu99 -fPIC -pedantic -Wall -Wno-sign-compare -fno-omit-frame-pointer 
> -march=native -O3 -MD -MT lib/CMakeFiles/cerf.dir/err_fcts.c.o -MF 
> CMakeFiles/cerf.dir/err_fcts.c.o.d -o CMakeFiles/cerf.dir/err_fcts.c.o -c 
> /<>/lib/err_fcts.c
> cc1: error: ‘-march=mips1’ requires ‘-mfp32’
> cc1: error: ‘-march=mips1’ requires ‘-mfp32’
>...

This was effectively the same issue as #1042434, -march=native is known 
to be buggy on the oldest of the MIPS buildds.

> Cheers

cu
Adrian

Bug#1042419: rust-ureq - update for new cookie-store

[Peter Green]

On 28/07/2023 08:07, Jonas Smedegaard wrote:

Control: block -1 by 1042427

Quoting Peter Green (2023-07-28 05:20:53)

I just updated rust-cookie-store. Ureq needs it's debian
dependencies adjusting to account for this (the cargo
dependencies already allow the new version.

Thanks for the update, and the notice.
Your package update is however blocked by bug#1042427 :-(


Looks like this is now fixed.

https://tracker.debian.org/news/1448563/accepted-rust-digest-0107-2-source-into-unstable/

* Enable oid feature and const-oid optional dependency

Bug#1042417: zenity: symbol lookup error: /lib/x86_64-linux-gnu/libwebkit2gtk-4.1.so.0

[Scrat Squirrel]

Thank you, indeed I had a stale version:

# dpkg-query -W gstreamer1.0-plugins-bad

gstreamer1.0-plugins-bad:amd64  1:1.18.4-dmo4+deb11u1

Issue has now been resolved by:

# apt-get remove --purge gstreamer1.0-plugins-bad libgstreamer-plugins-bad1.0-0

and then reinstalling those packages that were dependent on those above:

# apt-get install zenity atril font-manager geany-plugin-markdown geany-plugins 
yelp

Thank a lot for the help! This ticket can be closed.

Bug#1041076: dolphin-emu FTBFS with imgui 1.89.6

[Sébastien Noel]

Upstream is dealing with this here :
https://github.com/dolphin-emu/dolphin/pull/12065

Please find a minimal patch in attachement.


On Fri, 14 Jul 2023 20:09:01 +0300 Adrian Bunk  wrote:
> Source: dolphin-emu
> Version: 5.0-19368+dfsg-2
> Severity: serious
> Tags: ftbfs
> 
>
https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/dolphin-emu.html
> 
> ...
> In file included from /build/1st/dolphin-emu-5.0-
19368+dfsg/Externals/implot/implot/implot_internal.h:39,
>  from /build/1st/dolphin-emu-5.0-
19368+dfsg/Externals/implot/implot/implot_items.cpp:26:
> /usr/include/imgui/imgui_internal.h:101:2: error: #error Please
'#define IMGUI_DEFINE_MATH_OPERATORS' _BEFORE_ including imgui.h!
>   101 | #error Please '#define IMGUI_DEFINE_MATH_OPERATORS' _BEFORE_
including imgui.h!
>   |  ^
> In file included from /build/1st/dolphin-emu-5.0-
19368+dfsg/Externals/implot/implot/implot_internal.h:39,
>  from /build/1st/dolphin-emu-5.0-
19368+dfsg/Externals/implot/implot/implot.cpp:126:
> /usr/include/imgui/imgui_internal.h:101:2: error: #error Please
'#define IMGUI_DEFINE_MATH_OPERATORS' _BEFORE_ including imgui.h!
>   101 | #error Please '#define IMGUI_DEFINE_MATH_OPERATORS' _BEFORE_
including imgui.h!
>   |  ^
> ...
> 
> 

--- a/Externals/implot/implot/implot.cpp
+++ b/Externals/implot/implot/implot.cpp
@@ -122,6 +122,7 @@
 
 */
 
+#define IMGUI_DEFINE_MATH_OPERATORS
 #include "implot.h"
 #include "implot_internal.h"
 
--- a/Externals/implot/implot/implot_internal.h
+++ b/Externals/implot/implot/implot_internal.h
@@ -31,10 +31,6 @@
 
 #pragma once
 
-#ifndef IMGUI_DEFINE_MATH_OPERATORS
-#define IMGUI_DEFINE_MATH_OPERATORS
-#endif
-
 #include 
 #include "imgui_internal.h"
 
--- a/Externals/implot/implot/implot_items.cpp
+++ b/Externals/implot/implot/implot_items.cpp
@@ -22,6 +22,7 @@
 
 // ImPlot v0.14
 
+#define IMGUI_DEFINE_MATH_OPERATORS
 #include "implot.h"
 #include "implot_internal.h"
 
--- a/Source/Core/VideoCommon/OnScreenUI.cpp
+++ b/Source/Core/VideoCommon/OnScreenUI.cpp
@@ -356,35 +356,37 @@
 }
 void OnScreenUI::SetKeyMap(const DolphinKeyMap& key_map)
 {
-  // Right now this is a 1:1 mapping. But might not be true later
   static constexpr DolphinKeyMap dolphin_to_imgui_map = {
   ImGuiKey_Tab,   ImGuiKey_LeftArrow, ImGuiKey_RightArrow, ImGuiKey_UpArrow,
   ImGuiKey_DownArrow, ImGuiKey_PageUp,ImGuiKey_PageDown,   ImGuiKey_Home,
   ImGuiKey_End,   ImGuiKey_Insert,ImGuiKey_Delete, ImGuiKey_Backspace,
-  ImGuiKey_Space, ImGuiKey_Enter, ImGuiKey_Escape, ImGuiKey_KeyPadEnter,
+  ImGuiKey_Space, ImGuiKey_Enter, ImGuiKey_Escape, ImGuiKey_KeypadEnter,
   ImGuiKey_A, ImGuiKey_C, ImGuiKey_V,  ImGuiKey_X,
   ImGuiKey_Y, ImGuiKey_Z,
   };
-  static_assert(dolphin_to_imgui_map.size() == ImGuiKey_COUNT);  // Fail if ImGui adds keys
 
   auto lock = GetImGuiLock();
 
   if (!ImGui::GetCurrentContext())
 return;
 
+  m_dolphin_to_imgui_map.clear();
   for (int dolphin_key = 0; dolphin_key <= static_cast(DolphinKey::Z); dolphin_key++)
   {
-int imgui_key = dolphin_to_imgui_map[DolphinKey(dolphin_key)];
+const int imgui_key = dolphin_to_imgui_map[DolphinKey(dolphin_key)];
 if (imgui_key >= 0)
-  ImGui::GetIO().KeyMap[imgui_key] = (key_map[DolphinKey(dolphin_key)] & 0x1FF);
+{
+  const int mapped_key = key_map[DolphinKey(dolphin_key)];
+  m_dolphin_to_imgui_map[mapped_key & 0x1FF] = imgui_key;
+}
   }
 }
 
 void OnScreenUI::SetKey(u32 key, bool is_down, const char* chars)
 {
   auto lock = GetImGuiLock();
-  if (key < std::size(ImGui::GetIO().KeysDown))
-ImGui::GetIO().KeysDown[key] = is_down;
+  if (auto iter = m_dolphin_to_imgui_map.find(key); iter != m_dolphin_to_imgui_map.end())
+ImGui::GetIO().AddKeyEvent((ImGuiKey)iter->second, is_down);
 
   if (chars)
 ImGui::GetIO().AddInputCharactersUTF8(chars);
--- a/Source/Core/VideoCommon/OnScreenUI.h
+++ b/Source/Core/VideoCommon/OnScreenUI.h
@@ -3,6 +3,7 @@
 
 #pragma once
 
+#include 
 #include 
 #include 
 #include 
@@ -65,6 +66,7 @@
   std::unique_ptr m_imgui_vertex_format;
   std::vector> m_imgui_textures;
   std::unique_ptr m_imgui_pipeline;
+  std::map m_dolphin_to_imgui_map;
   std::mutex m_imgui_mutex;
   u64 m_imgui_last_frame_time = 0;
 

Bug#849400: debian-installer: LUKS on rootfs and boot

[James Addison]

Package: debian-installer
Followup-For: Bug #849400
X-Debbugs-Cc: jin...@onelittlehope.com

Hi Jinesh,

Can you provide a series of steps to replicate the failure case reported in
this bug?

I'll try to find time within the next two weeks to confirm the results that you
and others have seen here, and to check what we can do from the points of the
code that you linked to.

Thank you,
James

Bug#1028157: cython: please upgrade to 3.0.0 alpha

[Drew Parsons]

affects 1028157 - src:scipy
thanks

cython 0.29.36 has now been uploaded.  The cython version is not 
blocking the scipy upgrade now.

Bug#1042459: python3-doit: please upgrade to latest version

[Drew Parsons]

Package: python3-doit
Version: 0.31.1-3.4
Severity: normal
Control: affects -1 src:scipy

Could doit be upgraded to the latest version (currently 0.36)?

The latest version of scipy uses doit to manage tests via
doit.api.run_tasks, which was recently introduced into doit.

Bug#1042456: /usr/bin/ldap-createuser-krb5 does not work

[Mike Gabriel]

On  Fr 28 Jul 2023 14:48:43 CEST, Guido Berhoerster wrote:


$ /usr/bin/ldap-createuser-krb5 gber 'Guido Berhoerster,,,'
error: unable to find sambaDomain LDAP object


The Samba NT4 domain support has been removed since Debian Edu 11 and  
the script should be amended in the way that it does not do any  
Samba+LDAP interaction. It should rather create a user account for  
TJENER's local Samba daemon via "smbpasswd -A ".


Mike
--

DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de



pgphoVhRvgT8s.pgp
Description: Digitale PGP-Signatur

Bug#1038441: Horde uses obsolete each() function throughout its code.

[Ondrej Zary]

Package: php-horde-imp
Version: 6.2.27-3
Severity: grave
Tags: upstream
Justification: renders package unusable
Followup-For: Bug #1038441
X-Debbugs-Cc: z...@gsystem.sk

Dear Maintainer,
the bug severity should be grave as Horde IMP web UI does not work at all.

Quick fix below, but there are more bugs - e.g. when clicking on "new message" 
in IMP.

diff -urp imp-/lib/Ajax/Application/ListMessages.php 
imp/lib/Ajax/Application/ListMessages.php
--- imp-/lib/Ajax/Application/ListMessages.php  2023-02-03 19:10:03.0 
+0100
+++ imp/lib/Ajax/Application/ListMessages.php   2023-07-28 15:04:24.994178543 
+0200
@@ -434,8 +434,7 @@ class IMP_Ajax_Application_ListMessages
 ));

 /* Display message information. */
-reset($overview['overview']);
-while (list(,$ob) = each($overview['overview'])) {
+foreach ($overview['overview'] as $ob) {
 /* Get all the flag information. */
 $msg = array(
 'flag' => $flags
diff -urp imp-/lib/Basic/Mailbox.php imp/lib/Basic/Mailbox.php
--- imp-/lib/Basic/Mailbox.php  2023-02-03 19:10:03.0 +0100
+++ imp/lib/Basic/Mailbox.php   2023-07-28 14:55:46.286208770 +0200
@@ -843,7 +843,7 @@ class IMP_Basic_Mailbox extends IMP_Basi
 $search_view = clone $view;
 $summary_view = clone $view;

-while (list(,$ob) = each($mbox_info['overview'])) {
+foreach ($mbox_info['overview'] as $ob) {
 if ($search_mbox) {
 if (empty($lastMbox) || ($ob['mailbox'] != $lastMbox)) {
 if (!empty($lastMbox)) {
diff -urp imp-/lib/Contents.php imp/lib/Contents.php
--- imp-/lib/Contents.php   2023-02-03 19:10:03.0 +0100
+++ imp/lib/Contents.php2023-07-28 15:13:17.486162022 +0200
@@ -1480,8 +1480,7 @@ class IMP_Contents
 continue;
 }

-reset($render_part);
-while (list($id, $info) = each($render_part)) {
+foreach ($render_part as $id => $info) {
 $display_ids[$id] = 1;

 if (empty($info)) {
@@ -1534,8 +1533,7 @@ class IMP_Contents
 uksort($msgtext, 'strnatcmp');
 }

-reset($msgtext);
-while (list($id, $part) = each($msgtext)) {
+foreach ($msgtext as $id => $part) {
 while (!empty($wrap_ids) &&
!Horde_Mime::isChild(end($wrap_ids), $id)) {
 array_pop($wrap_ids);
diff -urp imp-/lib/Mime/Viewer/Plain.php imp/lib/Mime/Viewer/Plain.php
--- imp-/lib/Mime/Viewer/Plain.php  2023-02-03 19:10:03.0 +0100
+++ imp/lib/Mime/Viewer/Plain.php   2023-07-28 15:02:40.726183385 +0200
@@ -277,8 +277,7 @@ class IMP_Mime_Viewer_Plain extends Hord
 $text_part->setContents(preg_replace("/begin [0-7]{3} 
.+\r?\n.+\r?\nend/Us", "\n", $text));
 $new_part->addPart($text_part);

-reset($files);
-while (list(,$file) = each($files)) {
+foreach ($files as $file) {
 $uupart = new Horde_Mime_Part();
 $uupart->setType('application/octet-stream');
 $uupart->setContents($file['data']);
diff -urp imp-/lib/Minimal/Mailbox.php imp/lib/Minimal/Mailbox.php
--- imp-/lib/Minimal/Mailbox.php2023-02-03 19:10:03.0 +0100
+++ imp/lib/Minimal/Mailbox.php 2023-07-28 14:54:34.266214279 +0200
@@ -123,7 +123,7 @@ class IMP_Minimal_Mailbox extends IMP_Mi
 $mbox_info = $imp_mailbox->getMailboxArray(range($pageOb['begin'], 
$pageOb['end']), array('headers' => true));
 $msgs = array();

-while (list(,$ob) = each($mbox_info['overview'])) {
+foreach ($mbox_info['overview'] as $ob) {
 /* Initialize the header fields. */
 $msg = array(
 'buid' => $imp_mailbox->getBuid($ob['mailbox'], $ob['uid']),
diff -urp kronolith-/lib/FreeBusy/View.php kronolith/lib/FreeBusy/View.php
--- kronolith-/lib/FreeBusy/View.php2023-01-03 07:33:57.0 +0100
+++ kronolith/lib/FreeBusy/View.php 2023-07-28 15:22:13.650136020 +0200
@@ -305,9 +305,7 @@ abstract class Kronolith_FreeBusy_View
 $template = $GLOBALS['injector']->createInstance('Horde_Template');
 $template->set('label', $label);

-reset($periods);
-list($periodStart, $periodEnd) = each($periods);
-
+foreach ($periods as $periodStart => $periodEnd) {
 $blocks = '';
 foreach ($this->_timeBlocks as $span) {
 /* Horde_Icalendar_Vfreebusy only supports timestamps at the
@@ -343,6 +341,7 @@ abstract class Kronolith_FreeBusy_View
 $blocks .= $template->fetch(KRONOLITH_TEMPLATES . 
'/fbview/emptyblock.html');
 }
 }
+}

 return $blocks;
 }


-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 
'oldoldstable-updates'), (500, 'oldoldstable'), (500, 'stable'), (100, 

Bug#1042452: Please move big 7zz binary from 7zip package to separate package, for example 7zip-noplugins or split like p7zip

[yokota]

Hello Mantas,

> My suggestion is to move the big 7zz binary from 7zip package to
> separate package, for example 7zip-noplugins, then most regular users
> will use 7zip package and 7zip-noplugins package is only for these,
> who want "special" 7zz binary.

Currently, 7-Zip upstream only provides 7zz for Linux pre-compiled
distribution archives.
I think 7z/7za/7zr are might works for you, but not guaranteed by
7-Zip upstream.
This is the point that 7zip package includes 7zz binary.

--
YOKOTA

Bug#1042458: nmu: dolfinx-mpc_0.6.1-3 mshr_2019.2.0~git20200924.c27eb18+dfsg1-8

[Drew Parsons]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
X-Debbugs-Cc: dolfinx-...@packages.debian.org
Control: affects -1 + src:dolfinx-mpc src:mshr

nmu dolfinx-mpc_0.6.1-3 . ANY . unstable . -m "rebuild for dolfinx with gcc-13"
nmu mshr_2019.2.0~git20200924.c27eb18+dfsg1-8 . ANY . unstable . -m "rebuild 
for dolfin with gcc-13"

Bug#1042456: /usr/bin/ldap-createuser-krb5 does not work

[Guido Berhoerster]

Package: debian-edu-config
Version: 2.12.33

Running ldap-createuser-krb5 in order to create a user as recommended
in the documentation does not work and returns a LDAP error, e.g.

$ /usr/bin/ldap-createuser-krb5 gber 'Guido Berhoerster,,,'
error: unable to find sambaDomain LDAP object

This is rather unfortunate since creating users via gosa is broken as
well due to bug #1039699.

-- 
Guido Berhoerster

Bug#1042374: linux-image-6.1.0-0.deb11.9-amd64: After the removal of a module package, the system reboots infinitively

[Ben Hutchings]

Control: tag -1 moreinfo

On Thu, 2023-07-27 at 09:30 +0200, rpnpif wrote:
> Package: src:linux
> Version: 6.1.27-1~bpo11+1
> Severity: important
> File: linux-image-6.1.0-0.deb11.9-amd64
> 
> Dear Maintainer,
> 
> After the obsolete removal of hubicfuse package automatically by apt, the 
> kernel boots normally 
> but while mounting devices, the system reboots.
> This rebooting was randomly but occured about 2 times out of 3, or 4
> times out of 5 and rarely reboots while working.
> 
> The rescue mode from grub work fine almost all the time but not always.
> 
> I checked temperature and RAM and disks status that are normal.

Have you checked voltages?

How many physical storage devices (SSDs or hard disks) are in the
computer?

> My workaround had been to remove the line
> hubicfuse /mnt/hubic fuse user,noauto 0 0
> from /etc/fstab.
> After this workaround, the system seems to be working normally for two
> days.

This mount is marked as noauto, so it should not be mounted during boot
anyway.  So I wonder whether this change actually did anything.

> I am not sure that linux-image-6.1.0-0.deb11.9-amd64 is the culprit.
> Systemd and udev 252.5-2~bpo11+1 packages was updated at the same time.
> 
> Expected: Even a module for a secondary mounting from /etc/fstab is missing, 
> the system
> should not reboot but displays or logs a warning.
[...]

I agree, but a silent reboot is almost always the result of a hardware
fault.

Ben.


-- 
Ben Hutchings
Design a system any fool can use, and only a fool will want to use it.



signature.asc
Description: This is a digitally signed message part

Bug#1042457: php-net-dns2: incompatible with PHP 8.x: Uncaught ValueError: fread()

[Ondrej Zary]

Package: php-net-dns2
Version: 1.5.0-1
Severity: grave
Tags: upstream
Justification: renders package unusable
X-Debbugs-Cc: z...@gsystem.sk

Dear Maintainer,
after upgrading to Debian 12, Horde stopped working. It logs messages like:
PHP Fatal error:  Uncaught ValueError: fread(): Argument #2 ($length) must be 
greater than 0 in /usr/share/php/Net/DNS2/Cache/File.php:142
Stack trace:
#0 /usr/share/php/Net/DNS2/Cache/File.php(142): fread()
#1 [internal function]: Net_DNS2_Cache_File->__destruct()
#2 {main}
  thrown in /usr/share/php/Net/DNS2/Cache/File.php on line 142, referer: 
https://localhost/horde/imp/dynamic.php?page=mailbox

It's a known bug of Net_DNS2, already fixed upstream.

A quick fix:
--- /usr/share/php/Net/DNS2/Cache/File.php- 2020-10-19 22:19:24.0 
+0200
+++ /usr/share/php/Net/DNS2/Cache/File.php  2023-07-28 14:41:16.342298660 
+0200
@@ -139,7 +139,11 @@
 //
 // read the file contents
 //
-$data = @fread($fp, filesize($this->cache_file));
+$data = false;
+$file_size = @filesize($this->cache_file);
+if ( ($file_size !== false) && ($file_size > 0) ) {
+$data = @fread($fp, $file_size);
+}
 if ( ($data !== false) && (strlen($data) > 0) ) {

 //

-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 
'oldoldstable-updates'), (500, 'oldoldstable'), (500, 'stable'), (100, 
'bookworm-fasttrack'), (100, 'bookworm-backports-staging')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-23-amd64 (SMP w/2 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=sk_SK.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages php-net-dns2 depends on:
ii  php-common  2:93

php-net-dns2 recommends no packages.

php-net-dns2 suggests no packages.

-- no debconf information

Bug#1042423: manpages-de still contains pages from new util-linux-locales

[Ernesto Domato]

Package: manpages-es
Version: 4.19.0-4
Followup-For: Bug #1042423
X-Debbugs-Cc: edo...@gmail.com

Hi,

It also happens with Spanish locales and probably with others too.

Thanks.
Ernesto


-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.4.0-1-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=es_AR.UTF-8, LC_CTYPE=es_AR.UTF-8 (charmap=UTF-8), 
LANGUAGE=es_AR:es
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

manpages-es depends on no packages.

manpages-es recommends no packages.

Versions of packages manpages-es suggests:
ii  man-db [man-browser]  2.11.2-3
ii  manpages  6.03-2

-- no debconf information

Bug#1042398: debhelper: should disable Python byte-compilation when building .deb with Meson

[Niels Thykier]

Jussi Pakkanen:

On Thu, 27 Jul 2023 at 17:45, Simon McVittie  wrote:


As far as I'm aware, we never want to include .pyc in Debian packages,
so I think debhelper's meson build system plugin should be turning this off
as a standard setting for all Debian packages (similar to the way it
sets --prefix=/usr as a standard setting for all Debian packages).

Do the Meson maintainers agree?


Obviously the defaults should do the correct thing. In fact until
yesterday that is what I thought the code does not do byte
compilation. We might even consider changing the default for this as I
would imagine all distros will hit the same issue.



If meson changes the default here upstream, then I would say that is 
preferable to changing debhelper.



Is there a way this can be done, without making packages FTBFS if debhelper
is backported to an older suite but Meson is not? -Dpython.bytecompile=-1
will cause `meson setup` to fail if Meson is an older version, and I'm not
aware of a way to say "set this option if supported, ignore if not" without
parsing `meson --version` and comparing it with a threshold.


Is there ever a case where debhelper would be backported byt Meson is
not? Now an expert but Meson sees a fair number of backports so I'd
imagine it to be the more up to date of the two packages.



If we can rely on meson in stable(-backports) having the feature, a 
simple Breaks in debhelper + unconditional use in the parameter is how I 
would go about it if we need to change debhelper



Further, debhelper updates would be gated on test failures, right? So
if someone did try to update it then there would be immediate errors?
This would be the simplest solution if it is acceptable.


The debhelper package does not have any tests covering the meson build 
system (or most of its other build systems).  In fact, debhelper just 
has a "handful" of tests for a dozen of its 50+ helpers.


It should not be so, but sadly it is.  Unless you mean "the archive 
breaking" as a test suite/failure (but that is hardly "gated"), then 
debhelper is going to disappoint you here.


Best regards,
Niels

Bug#1042455: golang-github-evanw-esbuild: Please build node-esbuild on armel

[Yadd]

Source: golang-github-evanw-esbuild
Version: 0.14.8-2
Severity: normal
Tags: patch

Hi,

starting from version 0.14.8-2, node-esbuild isn't built for armel 
hurd-i386 powerpc riscv64 architectures.
Since Nodejs 18.7.0+dfsg-2, armel is now supported by Node.js.

The Merge request !3 in your salsa repository fixes this issue.

Best regards,
Yadd

Bug#1042404: redis-server postinst script gets stuck when disk is low

[Chris Lamb]

Hi Shai,

> This seems quite odd to me -- I thought Redis, at least in its default
> configuration (which is what I use), was an in-memory database. Why
> would it get stuck over low disk space?

Well, when stopping or restarting, redis will persist the contents of
memory to disk.

> And, if it does get stuck -- why wouldn't we just kill it? And how
> come the postinst script is SIGINT-resistant?

Oh no, we can't just kill it: we need to wait until the contents of
memory are persisted or we will encounter data loss. (This is achieved
through TimeoutStopSec=0 in the systemd unit file.)

What is perhaps happening on your system is that Redis does not
realise that there is (now) more disk space available and it should
really try to continue. (What do the logs say? strace might be able to
tell you more as well.) In either case, this is almost certainly
something for the upstream developers to address.


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org  chris-lamb.co.uk
   `-

Bug#1042404: redis-server postinst script gets stuck when disk is low

[Shai Berger]

Hi Chris,

On Fri, 28 Jul 2023 10:17:49 +0100
"Chris Lamb"  wrote:

> 
> Hm. Do you know what part of the postinst script is sticking? You may
> be able to find out by looking at your process table eg. via top or
> htop.
> 
> (My initial guess is that redis process itself gets wedged when it has
> no diskspace, and then—even after freeing some space—the postinst is
> waiting for it to restart?)
> 

I think I saw something like that, indeed, one of my probes into the
system showed that a "systemctl stop redis" or something very similar
was still running.

This seems quite odd to me -- I thought Redis, at least in its default
configuration (which is what I use), was an in-memory database. Why
would it get stuck over low disk space? And, if it does get stuck --
why wouldn't we just kill it? And how come the postinst script is
SIGINT-resistant?

Bug#1041613: LDAP user authentication of students/teachers does not work

[Guido Berhoerster]

The above method of creating users is apparently missing something.
After swapping out the bookworm main server against a bullseye main
server I have been able to log into student/teacher accounts from
the same bookworm workstation. So bookworm workstations seem to be
configured and working correctly at least.

Note to self: testing this required adding the workstation with
gosa on the server, as well as running copy-host-keytab and
manually removing Debian-Edu_rootCA.crt on the workstation with
a reboot afterwards.

-- 
Guido Berhoerster

Bug#1042454: mariadb-server ignores bind-address

[zanyfac...@t-online.de]

Package: mariadb-server
Version: 1:10.11.3-1
Severity: normal

Dear Maintainer,

after upgrading from Bullseye to Bookworm, MariaDB seems to ignore the
bind-address config option.

In /etc/mysql/mariadb.conf.d/50-server.cnf I have

bind-address= 127.0.0.1

in the [mysqld] section and apparently mariadbd accepted this option:

# mariadbd --help --verbose | grep ^bind
bind-address 127.0.0.1

Nevertheless it actually listens on 0.0.0.0:

# netstat -tlnp | grep mariadb
tcp0  0 0.0.0.0:33060.0.0.0:* LISTEN  4299/mariadbd
tcp6   0  0 :::3306 :::*  LISTEN  4299/mariadbd


I tried MYSQLD_OPTS="--bind-address=127.0.0.1" in /etc/default/mysql to no 
avail.


-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-10-amd64 (SMP w/6 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages mariadb-server depends on:
ii  adduser3.134
ii  debconf [debconf-2.0]  1.5.82
ii  galera-4   26.4.13-1
ii  gawk   1:5.2.1-2
ii  iproute2   6.1.0-3
ii  libc6  2.36-9+deb12u1
ii  libdbi-perl1.643-4
ii  libpam0g   1.5.2-6
ii  libssl33.0.9-1
ii  libstdc++6 12.2.0-14
ii  lsof   4.95.0-1
ii  mariadb-client 1:10.11.3-1
ii  mariadb-common 1:10.11.3-1
ii  mariadb-server-core1:10.11.3-1
ii  passwd 1:4.13+dfsg1-1+b1
ii  perl   5.36.0-7
ii  procps 2:4.0.2-3
ii  psmisc 23.6-1
ii  rsync  3.2.7-1
ii  socat  1.7.4.4-2
ii  zlib1g 1:1.2.13.dfsg-1

Versions of packages mariadb-server recommends:
ii  libhtml-template-perl   2.97-2
ii  mariadb-plugin-provider-bzip2   1:10.11.3-1
ii  mariadb-plugin-provider-lz4 1:10.11.3-1
ii  mariadb-plugin-provider-lzma1:10.11.3-1
ii  mariadb-plugin-provider-lzo 1:10.11.3-1
ii  mariadb-plugin-provider-snappy  1:10.11.3-1
ii  pv  1.6.20-1

Versions of packages mariadb-server suggests:
ii  bsd-mailx [mailx]  8.1.2-0.20220412cvs-1
pn  mariadb-test   
pn  netcat-openbsd 

-- Configuration Files:
/etc/mysql/mariadb.conf.d/50-server.cnf changed:
[server]
[mysqld]
user= mysql
pid-file= /run/mysqld/mysqld.pid
basedir = /usr
datadir = /var/lib/mysql
tmpdir  = /tmp
lc-messages-dir = /usr/share/mysql
lc-messages = en_US
skip-external-locking
bind-address= 127.0.0.1
log_error = /var/log/mysql/error.log
expire_logs_days= 10
character-set-server  = utf8mb4
collation-server  = utf8mb4_general_ci
[embedded]
[mariadb]
plugin_load_add = auth_ed25519
[mariadb-10.11]


-- debconf information:
  mariadb-server/old_data_directory_saved:
  mariadb-server/nis_warning:
  mariadb-server/postrm_remove_databases: false
Thank you for using reportbug


Bug#1042449: libprotocol-http2-perl: Test-suite fails if OpenSSL configured with seclevel 2

[Olivier Gayot]

On 7/28/23 13:48, gregor herrmann wrote:
> On Fri, 28 Jul 2023 12:30:38 +0200, Olivier Gayot wrote:
> 
>> Debian is currently unaffected (I assume the security level is set to 1
>> at build-time) but in the future OpenSSL 3.1 will reject TLSv1 at
>> security level 1.
> 
> Thanks for forwarding before this hits Debian!
Anytime, thanks for applying the fix so quickly!

Olivier

Bug#1042398: debhelper: should disable Python byte-compilation when building .deb with Meson

[Simon McVittie]

On Fri, 28 Jul 2023 at 13:41:14 +0300, Jussi Pakkanen wrote:
> Obviously the defaults should do the correct thing. In fact until
> yesterday that is what I thought the code does not do byte
> compilation. We might even consider changing the default for this as I
> would imagine all distros will hit the same issue.

According to https://mesonbuild.com/Builtin-options.html, the default
since 1.2.0 is -Dpython.bytecompile=0, which installs un-optimized
bytecode as part of `meson install`. The argument is a bit confusing
because it's an optimization level, not a boolean, so 0 (or 1 or 2) turns
it on, and -1 turns it off.

Older versions didn't implement byte-compilation at all, which is
essentially equivalent to the new -Dpython.bytecompile=-1. If you're
willing to change the default to -1 in Meson 1.2.1 in the near future,
then that would bypass this failure mode.

This bug can be reassigned to meson, if it's being treated as an
unintended compatibility break in meson.

> On Thu, 27 Jul 2023 at 17:45, Simon McVittie  wrote:
> > Is there a way this can be done, without making packages FTBFS if debhelper
> > is backported to an older suite but Meson is not?
> 
> Is there ever a case where debhelper would be backported byt Meson is
> not?

Yes, debhelper is often one of the first packages to be backported to a
new suite, either in official backports or as part of someone constructing
an unofficial backport of some package.

If a new version of debhelper doesn't work with an old version of Meson,
then the backport would need Breaks: meson (<< 1.2.0~) or similar,
to avoid it being possible to install a known-broken situation. Backports
are normally used selectively, with as many packages as possible coming
from the base suite, and a minimum number of packages backported.

It will be much easier to deal with backports if debhelper and meson
can be more loosely-coupled, like debhelper and Autotools, or debhelper
and CMake.

> Further, debhelper updates would be gated on test failures, right?

Only if debhelper's build-time tests catch this, or if the uploader runs
autopkgtests themselves before uploading. There is currently no equivalent
of the unstable -> testing progression for backports: official backports
are uploaded directly to bookworm-backports or similar.

smcv

Bug#1041685: foot-terminfo: Please let ncurses-term take over the foot terminfo entries

[Sven Joachim]

On 2023-07-28 12:37 +0200, Birger Schacht wrote:

> On 7/28/23 11:14, Diederik de Haas wrote:
>> Sorry if this is a dumb question, but will it (automatically) still get the
>> latest foot terminfo 'data'?
>
> Not a dumb question at all and the answer is no. A quote from foots
> INSTALL.md
>
>> As of ncurses 2021-07-31, ncurses includes a version of foot’s
>> terminfo. The recommendation is to use those, and only install the
>> terminfo definitions from this git repo if the system’s ncurses
>> predates 2021-07-31.
>> But, note that the foot terminfo definitions in ncurses’ lack the
>> non-standard capabilities. This mostly affects tmux; without them,
>> terminal-overrides must be configured to enable truecolor
>> support. For this reason, it is possible to install “our” terminfo
>> definitions as well, either in a non-default location, or under a
>> different name.
>> Both have their set of issues. 
> [...]
>> Hence the recommendation to simply use ncurses’ terminfo definitions
>> if available.
>
> I am considering reintroducing foots terminfo definitions in a
> separate package - apparently alpine ships them in
> `foot-extra-terminfo` and with the terminfo name `foot-extra`.

I have not checked alpine, but Arch Linux does that, see
https://archlinux.org/packages/extra/x86_64/foot-terminfo/.

> But I'm not sure yet if its worth it.

There are a few user defined capabilities which will probably not make
it into ncurses anytime soon.  See
https://codeberg.org/dnkl/foot/wiki#user-content-foot-s-terminfo-vs-ncurses-terminfo.

Cheers,
   Sven

Bug#1042018: qt6-declarative: FTBFS on hppa - Segmentation fault in /usr/lib/qt6/bin/qsb

[John David Anglin]

On 2023-07-25 4:29 p.m., Patrick Franz wrote:

Due to the lack of resources, it's unlikely we'll even investigate this.
However, if you have a patch, I'm happy to apply it.

The attached change fixes the reported segmentation fault in qsb. The change is 
to
src/3rdparty/forkfd/forkfd_linux.c in the qt6-base package. The problem is the 
system_vforkfd
routine assumes the stack direction is down, but on hppa the stack grows up. 
This causes
the childFn argument to be clobbered on the stack and the segmentation fault.

With this change to qt6-base, qt6-declarative builds successfully on hppa.  I 
believe it will also fix the
qt6-multimedia build as it appears to fail for the same reason.

Somehow, we need to get this installed in the 3rdparty forkfd source so all 
packages that use it
are fixed.

Regards,
Dave Anglin

--
John David Anglin  dave.ang...@bell.net
--- ./src/3rdparty/forkfd/forkfd_linux.c.save   2023-07-27 12:04:02.940466337 
+
+++ ./src/3rdparty/forkfd/forkfd_linux.c2023-07-27 12:06:53.522077424 
+
@@ -168,7 +168,12 @@
 }
 *system = 1;
 
+#if defined(__hppa__)
+/* Stack grows up */
+pid = clone(childFn, childStack, cloneflags, token, , NULL, NULL);
+#else
 pid = clone(childFn, childStack + sizeof(childStack), cloneflags, token, 
, NULL, NULL);
+#endif
 if (pid < 0)
 return pid;
 if (ppid)

Bug#1041685: foot-terminfo: Please let ncurses-term take over the foot terminfo entries

[Sven Joachim]

On 2023-07-28 11:14 +0200, Diederik de Haas wrote:

> On Sat, 22 Jul 2023 08:36:26 +0200 Sven Joachim  wrote:
>> Package: foot-terminfo
>>
>> Two years ago the foot and foot-direct terminfo entries were added to
>> ncurses upstream, and I would like to include them in the ncurses-term
>> package, replacing the ones shipped currently in the foot-terminfo
>> package.
>
> Sorry if this is a dumb question, but will it (automatically) still get the
> latest foot terminfo 'data'?
>
> https://codeberg.org/dnkl/foot/commits/branch/master/foot.info indicates there
> were changes to that file (even) a month ago and foot is at version 1.15.1
>
> https://invisible-island.net/ncurses/terminfo.ti.html#toc-_Foot OTOH mentions
> Version 1.8.2

> I couldn't find an official git repo, but on 
> https://github.com/mirror/ncurses/
> I only found 2 commits wrt foot and the latest was from 2021-11-14.

That mirror is several months out of date, the official on can be found
at https://github.com/ThomasDickey/ncurses-snapshots.  There have been
two foot related commits this year, both following bug reports by the
foot developer:

,
| 20230610
|   + add xterm+focus to foot+base (patch by Daniel Ekloef).
|
| 20230401
|   + remove DECCOLM+DECSCLM from foot (patch by Daniel Ekloef).
`

In addition the following change also changes the foot entry:

,
| 20221224
|   + add/use bracketed+paste to help identify terminals supporting this
`

If you look at the recent commits to foot's terminfo file, you can see
that they either follow or precede corresponding changes in ncurses:

https://codeberg.org/dnkl/foot/commits/branch/master/foot.info

> So that gives me* the impression that we'd get outdated terminfo for foot with
> the take over? I hope I'm wrong, but figured I'd ask.

My impression at the moment is different, otherwise I would not have
filed this bug in the first place.

Cheers,
   Sven

Bug#1042449: libprotocol-http2-perl: Test-suite fails if OpenSSL configured with seclevel 2

[gregor herrmann]

On Fri, 28 Jul 2023 12:30:38 +0200, Olivier Gayot wrote:

> Debian is currently unaffected (I assume the security level is set to 1
> at build-time) but in the future OpenSSL 3.1 will reject TLSv1 at
> security level 1.

Thanks for forwarding before this hits Debian!


Cheers,
gregor
 

-- 
 .''`.  https://info.comodo.priv.at -- Debian Developer https://www.debian.org
 : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D  85FA BB3A 6801 8649 AA06
 `. `'  Member VIBE!AT & SPI Inc. -- Supporter Free Software Foundation Europe
   `-   


signature.asc
Description: Digital Signature

Bug#1042452: Please move big 7zz binary from 7zip package to separate package, for example 7zip-noplugins or split like p7zip

[Mantas Kriaučiūnas Baltix]

Package: 7zip

7zip binary package currently contains 4 executables and this misleads
users a little:
 7z Full featured with plugin support
 7zzFull featured single binary executable without plugin support
 7zaSupports major formats only, but smaller excutable size
 7zrOnly supports LZMA codec and related formats (7z, lzma, xz),
but smallest binary size

7zip uncompressed size: 8661 k

"Original" p7zip source package in Debian produces 2 binary packages:

1. p7zip (uncompressed size: 1014k) - 7zr file archiver with high
compression ratio. p7zip provides:
  * /usr/bin/7zr a standalone minimal version of the 7-zip tool that
only handles 7z, LZMA and XZ archives.
  * /usr/bin/p7zip a gzip-like wrapper around 7zr.
2.  p7zip-full (uncompressed size: 4833k) - 7z and 7za file archivers
with high compression ratio. p7zip-full provides:
 * /usr/bin/7za a stand-alone executable, handles fewer archive formats than 7z
 * /usr/bin/7z Full featured executable, uses plugins to handle
archives, so it might be slightly slower than 7za but can handle more
archive formats.

Compared to the p7zip + p7zip-full , 7zip package contains one more
big executable - 7zz (size: 2489k), which doesn't provide any features
to regular users compared to 7z executable.

My suggestion is to move the big 7zz binary from 7zip package to
separate package, for example 7zip-noplugins, then most regular users
will use 7zip package and 7zip-noplugins package is only for these,
who want "special" 7zz binary.

Also it would be nice to have /usr/bin/7zip - a gzip-like wrapper
around 7zr , then 7zip package could fully replace p7zip packages.

-- 
Naudokite laisvą Linux operacinę sistemą savo kompiuteryje - http://baltix.eu
Mantas Kriaučiūnas
Prekyba kompiuterine ir buitine technika, IT paslaugos:
http://tinklas.eu/prekyba
Use Baltix GNU/Linux OS ! http://launchpad.net/baltix

Bug#1042398: debhelper: should disable Python byte-compilation when building .deb with Meson

[Jussi Pakkanen]

On Thu, 27 Jul 2023 at 17:45, Simon McVittie  wrote:

> As far as I'm aware, we never want to include .pyc in Debian packages,
> so I think debhelper's meson build system plugin should be turning this off
> as a standard setting for all Debian packages (similar to the way it
> sets --prefix=/usr as a standard setting for all Debian packages).
>
> Do the Meson maintainers agree?

Obviously the defaults should do the correct thing. In fact until
yesterday that is what I thought the code does not do byte
compilation. We might even consider changing the default for this as I
would imagine all distros will hit the same issue.

> Is there a way this can be done, without making packages FTBFS if debhelper
> is backported to an older suite but Meson is not? -Dpython.bytecompile=-1
> will cause `meson setup` to fail if Meson is an older version, and I'm not
> aware of a way to say "set this option if supported, ignore if not" without
> parsing `meson --version` and comparing it with a threshold.

Is there ever a case where debhelper would be backported byt Meson is
not? Now an expert but Meson sees a fair number of backports so I'd
imagine it to be the more up to date of the two packages.

Further, debhelper updates would be gated on test failures, right? So
if someone did try to update it then there would be immediate errors?
This would be the simplest solution if it is acceptable.

Bug#1042451: backintime: Remove lintian-overrides

[Christian Buhtz]

Package: backintime
Version: 1.3.3-4
Severity: normal

Dear Maintainer,

this is upstream maintainer also preparing for debian(!) packaging the upcoming
release.

There is a file "debian/backintime-common.lintian-overrides/" [1] contain this
two lines

# Necessary for the license to show up in Help->About
extra-license-file [usr/share/doc/backintime-common/LICENSE]

I see no need to override a lintian rule. If there is a rule I'll try to follow
it.
I couldn't find a changelog entry explaining that exception.

But I can see in the upstream source that there are two license files
installed.

ll /usr/share/doc/backintime-*/LICENSE
-rw-r--r-- 1 root root 18K 28. Jul 12:22 /usr/share/doc/backintime-
common/LICENSE
-rw-r--r-- 1 root root 18K 28. Jul 12:23 /usr/share/doc/backintime-qt/LICENSE

Please give advice where the LICENSE usually should be located. Couldn't find
an answer to that in DPT Policy [2]. But in [3] (section 30.4.13) it seems that
/usr/share/doc/package-name is the correct location.

So why do we need an lintian override?

I checked "lintian-explain-tags -t extra-license-file" which tells me
everything should go into debian/copyright file. We do have one, no matter that
it is outdated.

I can find better solutions at upstream to display license text. But I'm not
sure how to proceed further.

[1] -- 
[2] -- 

Bug#1041685: foot-terminfo: Please let ncurses-term take over the foot terminfo entries

[Birger Schacht]

Hi,

On 7/28/23 11:14, Diederik de Haas wrote:

Sorry if this is a dumb question, but will it (automatically) still get the
latest foot terminfo 'data'?


Not a dumb question at all and the answer is no. A quote from foots 
INSTALL.md



As of ncurses 2021-07-31, ncurses includes a version of foot’s terminfo. The 
recommendation is to use those, and only install the terminfo definitions from 
this git repo if the system’s ncurses predates 2021-07-31.

But, note that the foot terminfo definitions in ncurses’ lack the non-standard 
capabilities. This mostly affects tmux; without them, terminal-overrides must 
be configured to enable truecolor support. For this reason, it is possible to 
install “our” terminfo definitions as well, either in a non-default location, 
or under a different name.

Both have their set of issues. 

[...]
> Hence the recommendation to simply use ncurses’ terminfo definitions
> if available.

I am considering reintroducing foots terminfo definitions in a separate 
package - apparently alpine ships them in `foot-extra-terminfo` and with 
the terminfo name `foot-extra`. But I'm not sure yet if its worth it.


cheers,
Birger

Bug#1042450: elpa-org: #+LANGUAGE: de-de is not working in LaTeX export

[H . -Dirk Schmitt]

Package: elpa-org
Version: 9.6.7+dfsg-1-c42-bpo-1
Severity: normal
X-Debbugs-Cc: none, H.-Dirk Schmitt 

I use a backport from sid/trixie below bookworm.
In difference to the 9.5 version the setting `#+LANGUAGE: de-de` is not working 
any more.
The option of the babel LaTeX package is in this case now empty.

An easy mitigation is to use instead `de-de` the `de` language code.

May somebody please check if this is a backport problem or reproducible in a 
„clean“ trixie setup.


-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (600, 'stable-updates'), (600, 'stable-security'), (600, 
'stable'), (500, 'oldstable-security'), (99, 'oldstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-10-amd64 (SMP w/16 CPU threads; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE:de:en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages elpa-org depends on:
ii  dh-elpa-helper  2.0.16
ii  elpa-htmlize1.56-1
ii  emacsen-common  3.0.5

Versions of packages elpa-org recommends:
ii  elpa-org-contrib   0.4+git20220927.1.6422b26-1
ii  elpa-org-drill 2.7.0+20200412+dfsg1-2
ii  emacs  1:28.2+1-15
ii  emacs-gtk [emacs]  1:28.2+1-15

Versions of packages elpa-org suggests:
ii  ditaa  0.10+ds1-1.2
ii  org-mode-doc   9.5.2-1
ii  texinfo6.8-6+b1
ii  texlive-fonts-recommended  2022.20230122-3
ii  texlive-latex-extra2022.20230122-4
pn  xprintidle 

-- no debconf information


-- 

---

H.-Dirk_Schmitt
Dipl.Math.
eMail:dirk.schm...@computer42.org
pgp: http://www.computer42.org/~dirk/OpenPGP-fingerprint.html

Bug#1042449: libprotocol-http2-perl: Test-suite fails if OpenSSL configured with seclevel 2

[Olivier Gayot]

Package: libprotocol-http2-perl
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu mantic ubuntu-patch

Dear Maintainer,

The package uses the hardcoded tlsv1 value in its test-suite.

When OpenSSL has been built with security level 2 (or is set to level 2
at runtime), the TLSv1 protocol is rejected. This makes the
libprotocol-http2-perl build / autopkgtest fail.

There is an upstream bug report:
https://github.com/vlet/p5-Protocol-HTTP2/issues/15

And a PR was opened usptream:
https://github.com/vlet/p5-Protocol-HTTP2/pull/16

Debian is currently unaffected (I assume the security level is set to 1
at build-time) but in the future OpenSSL 3.1 will reject TLSv1 at
security level 1.

In Ubuntu, the attached patch was applied to achieve the following:

  * Do not hardcode the test-suite TLS version to tlsv1 - which is disabled by
OpenSSL seclevel 2 on Ubuntu (LP: #2023586).


Thanks for considering the patch.


-- System Information:
Debian Release: bookworm/sid
  APT prefers lunar-updates
  APT policy: (500, 'lunar-updates'), (500, 'lunar-security'), (500, 'lunar'), 
(100, 'lunar-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-16-generic (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru libprotocol-http2-perl-1.10/debian/patches/no-tlsv1.patch 
libprotocol-http2-perl-1.10/debian/patches/no-tlsv1.patch
--- libprotocol-http2-perl-1.10/debian/patches/no-tlsv1.patch   1970-01-01 
01:00:00.0 +0100
+++ libprotocol-http2-perl-1.10/debian/patches/no-tlsv1.patch   2023-07-28 
11:43:40.0 +0200
@@ -0,0 +1,32 @@
+Description: Remove hardcoded tlsv1 protocol version
+ The test-suite of libprotocol-http2-perl uses a hardcoded value of tlsv1 -
+ which is disabled in Ubuntu by means of OpenSSL seclevel. Specifying another
+ version like tlsv1_2 would work but it seems sensible to leave that up to the
+ system decide.
+Author: Olivier Gayot 
+Bug-Ubuntu: https://launchpad.net/bugs/2023586
+Forwarded: https://github.com/vlet/p5-Protocol-HTTP2/pull/16
+Last-Update: 2023-07-28
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+Index: b/t/lib/PH2ClientServerTest.pm
+===
+--- a/t/lib/PH2ClientServerTest.pm 2023-07-28 11:35:33.957861624 +0200
 b/t/lib/PH2ClientServerTest.pm 2023-07-28 11:43:04.843734902 +0200
+@@ -43,7 +43,6 @@
+ if ( !$h{upgrade} && ( $h{npn} || $h{alpn} ) ) {
+ eval {
+ $tls = AnyEvent::TLS->new(
+-method=> 'tlsv1',
+ cert_file => $tls_crt,
+ key_file  => $tls_key,
+ );
+@@ -122,7 +121,7 @@
+ }
+ elsif ( $h{npn} || $h{alpn} ) {
+ eval {
+-$tls = AnyEvent::TLS->new( method => 'tlsv1', );
++$tls = AnyEvent::TLS->new();
+ 
+ if ( delete $h{npn} ) {
+ 
diff -Nru libprotocol-http2-perl-1.10/debian/patches/series 
libprotocol-http2-perl-1.10/debian/patches/series
--- libprotocol-http2-perl-1.10/debian/patches/series   1970-01-01 
01:00:00.0 +0100
+++ libprotocol-http2-perl-1.10/debian/patches/series   2023-07-28 
11:43:11.0 +0200
@@ -0,0 +1 @@
+no-tlsv1.patch

Bug#1042448: crmsh: HA_GROUP permission regression after upgrading bullseye to bookworm

[Florent CARLI]

Package: crmsh
Version: 4.4.1-1
Severity: normal
X-Debbugs-Cc: fca...@gmail.com

Dear Maintainer,

I encounter a regression with crmsh on debian12. On debian 11, I used
to be able to issue crm commands with a standard user as long as it
was a member of haclient group.
On debian 12, this same user cannot use crm because of some chown that
it's not allowed to do:

virtu@virtu-elabo1:~$ id
uid=1000(virtu) gid=1000(virtu) groups=1000(virtu),110(haclient),118(libvirt)
virtu@virtu-elabo1:~$ crm status
Traceback (most recent call last):
  File "/usr/sbin/crm", line 31, in 
log.setup_logging()
  File "/usr/lib/python3/dist-packages/crmsh/log.py", line 445, in setup_logging
shutil.chown(CRMSH_LOG_FILE, constants.HA_USER, constants.HA_GROUP)
  File "/usr/lib/python3.11/shutil.py", line 1385, in chown
os.chown(path, _user, _group)
PermissionError: [Errno 1] Operation not permitted: '/var/log/crmsh/crmsh.log'


Ferenc Wágner did a first analysis and concluded that:

it's a bug introduced in 4.4.0 by
Fix: log: Change the log file owner as hacluster:haclient (bsc#1194619)
https://github.com/ClusterLabs/crmsh/commit/b4ef13cd8c9a8c37f2bf671abb803b24d93125ee

and fixed in 4.5.0 by
fix: log: fail to open log file even if user is in haclient group (bsc#1204670)
https://github.com/ClusterLabs/crmsh/commit/b4abe21d2fd55ced0f56baff5c4892a4826aa0f7


Thanks.
Florent.


-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: arm64 (aarch64)

Kernel: Linux 5.15.49-linuxkit-pr (SMP w/5 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_RANDSTRUCT
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: unable to detect

Versions of packages crmsh depends on:
ii  gawk 1:5.2.1-2
ii  iputils-ping 3:20221126-1
ii  pacemaker-cli-utils  2.1.5-1+deb12u1
ii  python3  3.11.2-1+b1
ii  python3-dateutil 2.8.2-2
ii  python3-lxml 4.9.2-1+b1
ii  python3-parallax 1.0.6-4
ii  python3-yaml 6.0-3+b2

Versions of packages crmsh recommends:
ii  pacemaker  2.1.5-1+deb12u1

Versions of packages crmsh suggests:
pn  bash-completion
pn  csync2 
pn  dmidecode  
pn  ocfs2-tools
pn  openssh-server 
pn  parted 
pn  sbd
pn  ufw
ii  util-linux 2.38.1-5+b1
pn  vim-addon-manager  

-- no debconf information

Bug#1042447: Fwd: [Bug 2028819] [NEW] File-Roller should depend on 7zip package instead of p7zip-full since version 43

[Mantas Kriaučiūnas Baltix]

Package: file-roller

File-Roller switched from p7zip to official 7zip utility since version
43.alpha , see

https://gitlab.gnome.org/GNOME/file-roller/-/commit/b798bbd96d3777c20026f1dc2d3e15ecb5bc853d
and
https://gitlab.gnome.org/GNOME/file-roller/-/commit/a4359d11e05023605c4270c67ad703bc8a71f8fd

but File-Roller Debian package version 43-1 still depends on abandoned by
upstream p7zip-full, while it should depend on 7zip package instead of
p7zip-full
or maybe better to have "Depends: 7zip | p7zip-full" ?

There are lots of bugs in p7zip, for example some large zip files cannot be
extract on 16.02 but can on 9.20, see
https://sourceforge.net/p/p7zip/discussion/383044/ and
http://bugs.debian.org/src:p7zip also
https://bugs.launchpad.net/ubuntu/+source/p7zip

It seems Debian developers planing to replace p7zip-full with official
7zip package, see https://bugs.debian.org/991428

Also there is a related note in NEWS file:
 - Distros will want to adjust the `data/packages.match` file.

Some archive managers in Ubuntu/Debian already depends on official 7zip
package instead of p7zip, see arqiver for example.

-- 
Naudokite laisvą Linux operacinę sistemą savo kompiuteryje -
http://baltix.eu
Mantas Kriaučiūnas
Prekyba kompiuterine ir buitine technika, IT paslaugos:
http://tinklas.eu/prekyba
Use Baltix GNU/Linux OS ! http://launchpad.net/baltix

Bug#1042446: libacsccid1: undefined symbol: log_xxd in libacsccid.so

[Lars Mucha]

Package: libacsccid1
Version: 1.1.9-1
Severity: important

Using a smartcard to sign jar files ends up with this error. The smartcrad 
reader ist the ACR39U (072f:b100).


# keytool -v  -list -keystore NONE -storetype PKCS11 -providerclass 
sun.security.pkcs11.SunPKCS11 -providerArg provider.cfg
Keytool-Fehler: java.security.ProviderException: Initialization failed
java.security.ProviderException: Initialization failed
at 
jdk.crypto.cryptoki/sun.security.pkcs11.SunPKCS11.(SunPKCS11.java:398)
at 
jdk.crypto.cryptoki/sun.security.pkcs11.SunPKCS11$1.run(SunPKCS11.java:118)
at 
jdk.crypto.cryptoki/sun.security.pkcs11.SunPKCS11$1.run(SunPKCS11.java:115)
at 
java.base/java.security.AccessController.doPrivileged(AccessController.java:569)
at 
jdk.crypto.cryptoki/sun.security.pkcs11.SunPKCS11.configure(SunPKCS11.java:115)
at 
java.base/sun.security.tools.KeyStoreUtil.loadProviderByName(KeyStoreUtil.java:283)
at 
java.base/sun.security.tools.KeyStoreUtil.loadProviderByClass(KeyStoreUtil.java:316)
at java.base/sun.security.tools.keytool.Main.doCommands(Main.java:840)
at java.base/sun.security.tools.keytool.Main.run(Main.java:423)
at java.base/sun.security.tools.keytool.Main.main(Main.java:416)
Caused by: java.io.IOException: 
/usr/lib/pcsc/drivers/ifd-acsccid.bundle/Contents/Linux/libacsccid.so: 
undefined symbol: 
log_xxd/usr/lib/pcsc/drivers/ifd-acsccid.bundle/Contents/Linux/libacsccid.so
at 
jdk.crypto.cryptoki/sun.security.pkcs11.wrapper.PKCS11.connect(Native Method)
at 
jdk.crypto.cryptoki/sun.security.pkcs11.wrapper.PKCS11.(PKCS11.java:149)
at 
jdk.crypto.cryptoki/sun.security.pkcs11.wrapper.PKCS11.getInstance(PKCS11.java:162)
at 
jdk.crypto.cryptoki/sun.security.pkcs11.SunPKCS11.(SunPKCS11.java:335)
... 9 more



-- System Information:
Debian Release: 12.1
  APT prefers stable-security
  APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-10-amd64 (SMP w/2 CPU threads; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libacsccid1 depends on:
ii  libc6 2.36-9+deb12u1
ii  libusb-1.0-0  2:1.0.26-1

libacsccid1 recommends no packages.

libacsccid1 suggests no packages.

-- no debconf information

Bug#1042157: [3dprinter-general] Bug#1042157: uranium: FTBFS: dh_install: error: missing files, aborting

[Christoph Berg]

Re: Timo Röhling
> https://lists.debian.org/debian-devel/2023/07/msg00307.html

Thanks for the explanation, I'm preparing an upload.

Cheers,
Christoph

Bug#1042437: partman-auto-lvm: using binary units for size of volume group does not work correctly

[Pascal Hambourg]

Hello Holger,

On 28/07/2023 at 10:48, Holger Wansing wrote:


With a bookworm 12.0 netinst image:
when choosing guided partitioning -> set up LVM, it is now allowed to use
binary units for volume group size (MiB, GiB, ...), but the size is wrongly
calculated.
For example, if I choose a volume group of 12 GiB, I get one with 11,9 GB, but
it should be roughly 12,9 GB.


1) How do you choose the VG size ? AFAICS, the only possible choice is 
to restrict the VG use to a given size or percentage.


2) How do you see the VG size ?

I tested guided LVM with all in one partition and restrict the VG used 
size to 12 GiB and I get a root LV of 11.9 GB and a swap LV of 1 GB, so 
a total use of 12.9 GB as expected. vgs shows 12 GiB used.

Bug#1041242: This also breaks imagemagick (imagemagick) and vipsthumbnail (libvips-tools)

[Michael Moore]

I think this is also affecting imagemagick and vipsthumbnail. I do have all
the libheif-plugin-* packages installed. I'm running testing and have
libheif 1.16.2-2 installed.


$ convert -debug IMG_3192.HEIC test.jpg
convert-im6.q16: unrecognized event type `IMG_3192.HEIC' @
error/convert.c/ConvertImageCommand/1193.


$ vipsthumbnail --size=256x256 ./IMG_3192.HEIC

(vipsthumbnail:396906): VIPS-WARNING **: 11:43:28.704: error in tile 0 x 0

(vipsthumbnail:396906): VIPS-WARNING **: 11:43:28.704: error in tile 0 x 0

(vipsthumbnail:396906): VIPS-WARNING **: 11:43:28.704: error in tile 0 x 10

(vipsthumbnail:396906): VIPS-WARNING **: 11:43:28.705: error in tile 0 x 20

(vipsthumbnail:396906): VIPS-WARNING **: 11:43:28.705: error in tile 0 x 0
vipsthumbnail: unable to thumbnail ./IMG_3192.HEIC
./IMG_3192.HEIC: bad seek to 1446629
heif: Unsupported feature: Unsupported codec (4.3000)

Bug#1042374: linux-image-6.1.0-0.deb11.9-amd64: After the removal of a module package, the system reboots infinitively

[rpnpif]

After two days of fine work, this bug is coming back.

The system restarts endless. Choose the maintenance mode, fix it, but 
the USB mouse does not work. A last restart on normal mode then all 
works fine.


Nothing but a permanent crash of the firewire module is logged.

So it is a randomly bug.

--
Rpnpif

Bug#1041685: foot-terminfo: Please let ncurses-term take over the foot terminfo entries

[Diederik de Haas]

On Sat, 22 Jul 2023 08:36:26 +0200 Sven Joachim  wrote:
> Package: foot-terminfo
> 
> Two years ago the foot and foot-direct terminfo entries were added to
> ncurses upstream, and I would like to include them in the ncurses-term
> package, replacing the ones shipped currently in the foot-terminfo
> package.

Sorry if this is a dumb question, but will it (automatically) still get the 
latest foot terminfo 'data'?

https://codeberg.org/dnkl/foot/commits/branch/master/foot.info indicates there 
were changes to that file (even) a month ago and foot is at version 1.15.1

https://invisible-island.net/ncurses/terminfo.ti.html#toc-_Foot OTOH mentions 
Version 1.8.2
I couldn't find an official git repo, but on https://github.com/mirror/ncurses/
I only found 2 commits wrt foot and the latest was from 2021-11-14.

So that gives me* the impression that we'd get outdated terminfo for foot with 
the take over? I hope I'm wrong, but figured I'd ask.

Cheers,
  Diederik

*) not hindered by any relevant knowledge

signature.asc
Description: This is a digitally signed message part.

Bug#1042404: redis-server postinst script gets stuck when disk is low

[Chris Lamb]

Hi Shai,

> redis-server, not so. The script gets stuck, not erroring out and
> not finishing. Even after it is killed and room becomes available,
> it's still a hard fight to get it to complete; sometimes an
> uninstall+install is enough, today, not even that seems to work.

Hm. Do you know what part of the postinst script is sticking? You may
be able to find out by looking at your process table eg. via top or
htop.

(My initial guess is that redis process itself gets wedged when it has
no diskspace, and then—even after freeing some space—the postinst is
waiting for it to restart?)


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org  chris-lamb.co.uk
   `-

Bug#684128: src:debian-installer: allow use of binary units in disk partitioner

[Justin B Rye]

Holger Wansing wrote:
> Thorsten Glaser :
>> Could this information (valid unit sufficēs) be added to the dialogue
>> where the size is entered? Screen space should suffice.
[...]
> CC'ing debian-l10n-english for template review (three identical additions
> in two packages).
[...]
>   Hint: "max" can be used as a shortcut to specify the maximum size, or
>   enter a percentage (e.g. "20%") to use that percentage of the maximum size.
> + You can specify partition sizes in decimal units (like MB or GB) as well as
> + in binary units (like GiB or TiB).

Looks good to me.  Mind you, this makes the passive voice in the first
line a bit more of a stylistic and syntactic mismatch, so I might
suggest changing it to

Hint: you can use "max" as a shortcut to specify the maximum size, or

throughout...
-- 
JBR with qualifications in linguistics, experience as a Debian
sysadmin, and probably no clue about this particular package

Bug#1042445: gnome-shell: Allow inhibiting shortcuts setting not remembered

[Simon John]

Package: gnome-shell
Version: 43.6-1
Severity: normal

After having switched from xorg to wayland, I now get a popup every time 
I run virt-viewer, "The application virt-viewer wants to inhibit 
shortcuts. You can restore shortcuts by pressing Super+Escape."


If I select Allow or Deny is irrelevant, neither option is remembered.

This seems to be a well-known bug according to google, there's a fix in 
Gnome 42 here:


https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/5937

It even looks like it was previously fixed in gnome-shell 3.31.92-1 
according to the changelog, so I assume the patch has been missed from 
43 in Sid?


https://metadata.ftp-master.debian.org/changelogs//main/g/gnome-shell/gnome-shell_43.6-1_changelog

virt-viewer is 11.0-2 if that's relevant.

Regards.

--
Simon John

Bug#1038422: ntpsec: ntpd segmentation fault in libcrypto.so[7f6d3ecc5000+278000]

[forest . owlet]

Hi Richard,

I'm sorry for my tardy response.  I just returned from holiday.

On 2023-07-23 05:11, Richard Laager wrote:
> Some questions from upstream, with my commentary added...
> 
>> How busy is this sustem? Is it just a simple client or also a server? If 
>> server, how busy?
This is a server and participates in the NTP Pool project, so the NTPsec
process is fairly busy.  From the logs the server is handling about 1.5
to 1.7 million NTP requests per hour.

>> 
>> From the stack trace, the server side is trying to decode a NTS cookie. Is 
>> this box setup as a NTS server? That needs a certificate and key so it takes 
>> more than just upgrading from bullseye to bookworm.
> 
> It's not, right? We previously established that this is using the stock 
> ntp.conf?
> 
No, it is not configured as an NTS server.

>> What are the chances that a valid NTP request with NTS arrived at this 
>> system? ntpq -c ntsinfo will show counters.
>
I'd say the chances are fairly high that an invalid NTP request with NTS
has arrived.  But the counters are all zero.
cyclone@karita:~$ ntpq -c ntsinfo
NTS client sends:   0
NTS client recvs good:  0
NTS client recvs w error:   0
NTS server recvs good:  0
NTS server recvs w error:   0
NTS server sends:   0
NTS make cookies:   0
NTS decode cookies: 0
NTS decode cookies old: 0
NTS decode cookies old2:0
NTS decode cookies older:   0
NTS decode cookies too old: 0
NTS decode cookies error:   0
NTS KE client probes good:  0
NTS KE client probes bad:   0
NTS KE serves good: 0
NTS KE serves bad:  0
cyclone@karita:~$
 
> It would be good if you could check this. But if an NTS request is crashing 
> ntpd, you might never see non-zero counters.
> 
>> The log file from starting up might be helpful.

Here's the syslog entries from the most recent restart.  I took the
liberty of scrubbing the high portions of the IP addresses.

2023-07-28T06:58:39.890236+00:00 karita ntpd[30320]: INIT: ntpd
ntpsec-1.2.2: Starting
2023-07-28T06:58:39.891073+00:00 karita ntpd[30320]: INIT: Command line:
/usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u
ntpsec:ntpsec
2023-07-28T06:58:39.891132+00:00 karita ntp-systemd-wrapper[30320]:
2023-07-28T06:58:39 ntpd[30320]: INIT: ntpd ntpsec-1.2.2: Starting
2023-07-28T06:58:39.892382+00:00 karita ntp-systemd-wrapper[30320]:
2023-07-28T06:58:39 ntpd[30320]: INIT: Command line: /usr/sbin/ntpd -p
/run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
2023-07-28T06:58:39.892502+00:00 karita systemd[1]: Started
ntpsec.service - Network Time Service.
2023-07-28T06:58:39.894804+00:00 karita ntpd[30322]: INIT: precision =
0.060 usec (-24)
2023-07-28T06:58:39.895396+00:00 karita ntpd[30322]: INIT: successfully
locked into RAM
2023-07-28T06:58:39.899405+00:00 karita ntpd[30322]: CONFIG: readconfig:
parsing file: /etc/ntpsec/ntp.conf
2023-07-28T06:58:39.899544+00:00 karita ntpd[30322]: CONFIG: restrict
nopeer ignored
2023-07-28T06:58:39.900054+00:00 karita ntpd[30322]: CLOCK: leapsecond
file ('/usr/share/zoneinfo/leap-seconds.list'): good hash signature
2023-07-28T06:58:39.900121+00:00 karita ntpd[30322]: CLOCK: leapsecond
file ('/usr/share/zoneinfo/leap-seconds.list'): loaded,
expire=2023-12-28T00:00Z last=2017-01-01T00:00Z ofs=37
2023-07-28T06:58:39.900198+00:00 karita ntpd[30322]: INIT: Using
SO_TIMESTAMPNS(ns)
2023-07-28T06:58:39.900262+00:00 karita ntpd[30322]: IO: Listen and drop
on 0 v6wildcard [::]:123
2023-07-28T06:58:39.900367+00:00 karita ntpd[30322]: IO: Listen and drop
on 1 v4wildcard 0.0.0.0:123
2023-07-28T06:58:39.900518+00:00 karita ntpd[30322]: IO: Listen normally
on 2 lo 127.0.0.1:123
2023-07-28T06:58:39.900589+00:00 karita ntpd[30322]: IO: Listen normally
on 3 eth0 xxx.yyy.zzz.201:123
2023-07-28T06:58:39.900662+00:00 karita ntpd[30322]: IO: Listen normally
on 4 lo [::1]:123
2023-07-28T06:58:39.900913+00:00 karita ntpd[30322]: IO: Listen normally
on 5 eth0 [::::5ce7]:123
2023-07-28T06:58:39.901000+00:00 karita ntpd[30322]: IO: Listen normally
on 6 eth0 [fe80:::::dfe%2]:123
2023-07-28T06:58:39.901065+00:00 karita ntpd[30322]: IO: Listening on
routing socket on fd #23 for interface updates
2023-07-28T06:58:39.912520+00:00 karita ntpd[30322]: INIT: MRU 10922
entries, 13 hash bits, 65536 bytes
2023-07-28T06:58:39.912607+00:00 karita ntpd[30322]: INIT: Built with
OpenSSL 3.0.7 1 Nov 2022, 3070
2023-07-28T06:58:39.912652+00:00 karita ntpd[30322]: INIT: Running with
OpenSSL 3.0.9 30 May 2023, 3090
2023-07-28T06:58:39.912976+00:00 karita ntpd[30322]: NTSc: Using system
default root certificates.
2023-07-28T06:58:42.938515+00:00 karita ntpd[30322]: DNS: dns_probe:
0.debian.pool.ntp.org, cast_flags:8, flags:101
2023-07-28T06:58:42.957881+00:00 karita