Bug#1070891: apt-show-versions: Permission denied on a bad pathname
Am 14.05.24 um 10:39 schrieb Vincent Lefevre: This could explain the error. I'm wondering why apt plays with the permissions. This is confusing. Or should there be a locking mechanism? This reminds me about the long due rewrite to use the apt-API to access these files and not read them directly. OpenPGP_signature.asc Description: OpenPGP digital signature
Bug#1070891: apt-show-versions: Permission denied on a bad pathname
Hi Vincent, Am 13.05.24 um 19:59 schrieb Vincent Lefevre: On 2024-05-13 17:12:57 +0200, Christoph Martin wrote: Please try to access the file e.g. 'less /var/lib/apt/lists//debug.mirrors.debian.org_debian-debug_dists_stable-debug_InRelease' No problems. You could try to prepend strace to your cron call like: strace -o /tmp/asv.$$ -e trace=file apt-show-versions -u and look for the failed syscall. Did you look for selinux or apparmor messages in syslog? Christoph OpenPGP_signature.asc Description: OpenPGP digital signature
Bug#1070891: apt-show-versions: Permission denied on a bad pathname
Hi Vincent, Am 13.05.24 um 15:34 schrieb Vincent Lefevre: I don't know why could cause the error, but the pathname with "//" is incorrect. // in the path should not be a problem. zsh completion cannot handle it, so I was wondering. Please try to access the file e.g. 'less /var/lib/apt/lists//debug.mirrors.debian.org_debian-debug_dists_stable-debug_InRelease' Can you do a 'ls -l /var/lib/apt/lists/' to see the permissions? lrwxrwxrwx 1 root root 25 2024-05-11 22:36:06 _var_local_apt_._Packages -> /var/local/apt/./Packages drwxr-xr-x 2 _apt root 4096 2023-10-07 13:42:54 auxfiles -rw-r--r-- 1 root root52957 2024-05-11 16:15:34 debug.mirrors.debian.org_debian-debug_dists_proposed-updates-debug_InRelease -rw-r--r-- 1 root root 308541 2024-05-08 22:34:42 debug.mirrors.debian.org_debian-debug_dists_proposed-updates-debug_main_binary-amd64_Packages -rw-r--r-- 1 root root49779 2024-02-10 12:17:11 debug.mirrors.debian.org_debian-debug_dists_stable-debug_InRelease -rw-r--r-- 1 root root 14314273 2024-02-10 10:44:17 debug.mirrors.debian.org_debian-debug_dists_stable-debug_main_binary-amd64_Packages What is _var_local_apt_._Packages? Can you access this files content? Apart from that, I can't spot a problem. Christoph OpenPGP_signature.asc Description: OpenPGP digital signature
Bug#1070891: apt-show-versions: Permission denied on a bad pathname
Hi Vincent, Am 11.05.24 um 11:53 schrieb Vincent Lefevre: Package: apt-show-versions Version: 0.22.15 Severity: normal When running "apt-show-versions -u" in a cron script, I got Failed to open file /var/lib/apt/lists//debug.mirrors.debian.org_debian-debug_dists_stable-debug_InRelease for reading: Permission denied I don't know why could cause the error, but the pathname with "//" is incorrect. // in the path should not be a problem. Can you do a 'ls -l /var/lib/apt/lists/' to see the permissions? Which user does the cronjob run with? Christoph OpenPGP_signature.asc Description: OpenPGP digital signature
Bug#1069692: nfs-ganesha: FTBFS on arm{el,hf}: /usr/include/features-time64.h:26:5: error: #error "_TIME_BITS=64 is allowed only with _FILE_OFFSET_BITS=64"
Hi Sebastian, this is interesting. If you take a look into the commandline you see -D_FILE_OFFSET_BITS=64 -D_TIME_BITS=64 there is -D_FILE_OFFSET_BITS=64 even twice. .. But the GPFS code has: /* _FILE_OFFSET_BITS macro causes F_GETLK/SETLK/SETLKW to be defined to * F_GETLK64/SETLK64/SETLKW64. Currently GPFS kernel module doesn't work * with these 64 bit macro values through ganesha interface. Undefine it * here to use plain F_GETLK/SETLK/SETLKW values. */ #undef _FILE_OFFSET_BITS I'll exclude the GPFS module for armel and armhf. Regards Christoph OpenPGP_signature.asc Description: OpenPGP digital signature
Bug#1068569: RM: nfs-ganesha-ceph [armel armhf i386] -- NBS; ceph dropped 32 bit support
Hi Adam, Am 08.04.24 um 19:15 schrieb Adam D. Barratt: On Mon, 2024-04-08 at 11:42 +0200, Christoph Martin wrote: Hi Sebastian, the packages are already removed from testing and unstable. Where do you see a problem? I'm not Sebastian, but the archive disagrees with you about the packages having been removed from unstable. adsb@coccia:~$ dak ls -s unstable -a armel,armhf,i386 nfs-ganesha-ceph nfs-ganesha-rados-grace nfs-ganesha-rgw nfs-ganesha-ceph| 4.3-5 | unstable | armel, armhf, i386 nfs-ganesha-rados-grace | 4.3-5 | unstable | armel, armhf, i386 nfs-ganesha-rgw | 4.3-5 | unstable | armel, armhf, i386 Thanks for your reply. I only took a look at the current version in unstable and testing. And this is 4.3-8 with binaries for amd64 arm64 mips64el ppc64el riscv64 s390x. So the issue is, that the leftover binaries from version 4.3-5 are still in the archive. Regards Christoph OpenPGP_signature.asc Description: OpenPGP digital signature
Bug#1068569: RM: nfs-ganesha-ceph [armel armhf i386] -- NBS; ceph dropped 32 bit support
Hi Sebastian, the packages are already removed from testing and unstable. Where do you see a problem? Regards Christoph Am 07.04.24 um 13:21 schrieb Sebastian Ramacher: Package: ftp.debian.org Severity: normal X-Debbugs-Cc: nfs-gane...@packages.debian.org, sramac...@debian.org User: ftp.debian@packages.debian.org Usertags: remove Control: affects -1 + src:nfs-ganesha Control: block 1065470 by -1 Control: clone -1 -2 Control: clone -1 -3 Control: retitle -2 RM: nfs-ganesha-grace [armel armhf i386] -- NBS; ceph dropped 32 bit support Control: retitle -3 RM: nfs-ganesha-rgw [armel armhf i386] -- NBS; ceph dropped 32 bit support nfs-ganesha (4.3-6) unstable; urgency=medium . * only configure with ceph for some 64bit archs So please remove the old nfs-ganesha-ceoph, nfs-ganesha-rados-grace, and nfs-genesha-rgw binaries from armel, armhf and i386. OpenPGP_signature.asc Description: OpenPGP digital signature
Bug#1000061: cfengine3: depends on obsolete pcre3 library
version 3.24.0 is not released yet but expected for mid 2024. Am 18.12.23 um 15:14 schrieb Bastian Germann: On Fri, 18 Aug 2023 12:01:17 +0200 Bastian Germann wrote: cfengine3 is a key package and requires pcre, so this has to be fixed. Upstream claims that this is fixed with 3.24.0. OpenPGP_signature.asc Description: OpenPGP digital signature
Bug#1062445: yq: Replace with alternative yq app
Hi Martin Am 01.02.24 um 16:03 schrieb Martin Bruset Solberg: Package: yq Version: 3.1.0-3 Severity: wishlist Dear Maintainer, Will you consider replacing the current yq app with this one instead? https://github.com/mikefarah/yq why do you want to have this different yq version? I took a look into it before packaging yq and decided to not use it since it has a lot of go dependencies which are not yet in Debian. Christoph OpenPGP_signature.asc Description: OpenPGP digital signature
Bug#1014862: vdr-plugin-markad: FTBFS: Cannot find (any matches for) "command/markad"
notfound 1014862 3.4.5-1 thanks In the current build this bug does not exist. OpenPGP_signature.asc Description: OpenPGP digital signature
Bug#1053195: Please remove librados-dev build-depends on all 32 bits arch
Hi Thomas, I would limit the dependencies to the following architectures: [amd64 arm64 ia64 mips64el ppc64 ppc64el riscv64 s390x sparc64], Is this the correct list? And what about the dependency on librgw-dev? Regards Christoph Am 29.09.23 um 09:17 schrieb Thomas Goirand: Source: nfs-ganesha Version: 4.3-2 Severity: important Hi, I'd like to remove 32 bits support from Ceph, because upstream makes some 64 bits assumptions a bit everywhere, because it's not tested in upstream CI, and because it is increasingly difficult to build Ceph on a smaller addressing footprint (we used to have many tricks to reduce the build footprint that isn't sustainable in the long run). So please remove librados-dev in build-depends of your package for all 32 bits arch, and remove Ceph support in all 32 bits binaries. I'll upload Ceph with Build-Depends: architecture-is-64-bit as soon as this is done for the affected packages:
Bug#994722: apt-show-versions: Syntax error on or around line 378.
Hi Richard, thanks for finding that issue and providing a fix. Am 08.08.23 um 20:34 schrieb Richard Lewis: I believe the following patch fixes this bug, and the main issue in 883766 (but not the bit about the version number) Regards Christoph OpenPGP_signature Description: OpenPGP digital signature
Bug#858337: apt-show-versions: wrong output when version of an installed package is missing from the Packages files
Thanks for the patch. I'll have a try. Am 11.07.23 um 12:15 schrieb Vincent Lefevre: I note that there is a version comparison in sub parse_file: if (!defined $packages->{$package->{$PACKAGE}} or !defined $packages->{$package->{$PACKAGE}}{$package->{$ARCH}}{$VERS} or $vs->compare($packages->{$package->{$PACKAGE}}{$package->{$ARCH}}{$VERS}, $package->{$VERS}) < 0) { $package->{$RELEASE} = $release; $packages->{$package->{$PACKAGE}}{$package->{$ARCH}} = $package; } So, if I understand correctly, if a Packages file contains several versions of a package, the most recent one will be chosen. But such a comparison is absent when these versions are in different Packages files. I've attached a patch to add this comparison. Now, if I do OpenPGP_signature Description: OpenPGP digital signature
Bug#858337: apt-show-versions: wrong output when version of an installed package is missing from the Packages files
Hi Vincent, Am 11.07.23 um 00:46 schrieb Vincent Lefevre: cventin:~> apt-show-versions -a libreoffice-common libreoffice-common:all 4:7.5.4-4 install ok installed libreoffice-common:all 4:7.4.5-3 stable ftp.debian.org No stable-updates version libreoffice-common:all 4:7.4.5-3 testing ftp.debian.org libreoffice-common:all 4:7.4.5-3 unstable ftp.debian.org libreoffice-common:all 4:7.5.5~rc1-2 experimental ftp.debian.org libreoffice-common:all/experimental *manually* upgradeable from 4:7.5.4-4 to 4:7.5.5~rc1-2 But this looks correct. The latest version in stable, testing or unstable is 7.4.5-3. Your installed version is 7.5.4-4 which is newer than the latest version in unstabled. Therefore, asv says that you could upgrade to the experimental version. It says *manually* because your normal distribution is not experimental. cventin:~> apt-show-versions -a libreoffice libreoffice:amd64 4:7.5.4-4 install ok installed libreoffice:amd64 4:7.4.5-3 stable ftp.debian.org No stable-updates version libreoffice:amd64 4:7.4.5-3 testing ftp.debian.org libreoffice:amd64 4:7.5.4-4 unstable ftp.debian.org libreoffice:amd64 4:7.5.5~rc1-2 experimental ftp.debian.org libreoffice:amd64/unstable 4:7.5.4-4 uptodate libreoffice:i386 4:7.4.5-3 stable ftp.debian.org No stable-updates version libreoffice:i386 4:7.4.5-3 testing ftp.debian.org libreoffice:i386 4:7.4.5-3 unstable ftp.debian.org libreoffice:i386 4:7.5.5~rc1-2 experimental ftp.debian.org libreoffice:i386 not installed So the problem look like, libreoffice-common:all 4:7.5.4-4 hat been in unstable and you installed this version, and then it was removed again. Christoph OpenPGP_signature Description: OpenPGP digital signature
Bug#858337: apt-show-versions: wrong output when version of an installed package is missing from the Packages files
Control: tags -1 + moreinfo Hi Vincent, Am 05.07.23 um 12:13 schrieb Vincent Lefevre: Control: retitle -1 apt-show-versions gives unreliable information Control: severity -1 grave I still can not reproduce your problem. Please try to find out, which value is missing in a Packages file, which triggers this error, so that I can reproduce the problem. Regards Christoph OpenPGP_signature Description: OpenPGP digital signature
Bug#1036122: cinnamon: first click on URL in a program opens a new tab in (default browser) firefox, but does not switch to virtual desktop with browser. Second click does.
Package: cinnamon Version: 5.6.8-1 Severity: normal X-Debbugs-Cc: mar...@uni-mainz.de After upgrading from bullseye to bookworm a few days ago which included an upgrade of cinnamon there is a problem with the redirect to the browser (like firefox) while clicking a URL in a program (like thunderbird). The click will make firefox open a new tab but not switch to the virtual desktop. Clicking a second time on the link switches to the browser virtual desktop and opens a second tab with the link. This behavior is reproducable with three desktops I updated. If you need more information let me know. Yours Christoph -- System Information: Debian Release: 12.0 APT prefers testing-security APT policy: (600, 'testing-security'), (600, 'testing'), (90, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.1.0-9-amd64 (SMP w/2 CPU threads; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages cinnamon depends on: ii cinnamon-common 5.6.8-1 ii cinnamon-control-center 5.6.1-1 ii cinnamon-desktop-data5.6.1-1 ii cinnamon-screensaver 5.6.3-1 ii cinnamon-session 5.6.0-1 ii cinnamon-settings-daemon 5.6.2-1 ii cjs 5.6.0-1 ii cups-pk-helper 0.2.6-1+b1 ii dbus 1.14.6-1 ii dconf-gsettings-backend [gsettings-backend] 0.40.0-4 ii gir1.2-accountsservice-1.0 22.08.8-6 ii gir1.2-caribou-1.0 0.4.21-8 ii gir1.2-cmenu-3.0 5.6.0-1 ii gir1.2-cvc-1.0 5.6.1-1 ii gir1.2-ecal-2.0 3.46.4-2 ii gir1.2-edataserver-1.2 3.46.4-2 ii gir1.2-gdkpixbuf-2.0 2.42.10+dfsg-1+b1 ii gir1.2-gkbd-3.0 3.28.1-1 ii gir1.2-glib-2.0 1.74.0-3 ii gir1.2-gnomedesktop-3.0 43.2-2 ii gir1.2-goa-1.0 3.46.0-1 ii gir1.2-gsound-1.01.0.3-2 ii gir1.2-gtk-3.0 3.24.37-2 ii gir1.2-ical-3.0 3.0.16-1+b1 ii gir1.2-keybinder-3.0 0.3.2-1.1 ii gir1.2-nemo-3.0 5.6.4-1 ii gir1.2-nm-1.01.42.4-1 ii gir1.2-nma-1.0 1.10.6-1 ii gir1.2-notify-0.70.8.1-1 ii gir1.2-pango-1.0 1.50.12+ds-1 ii gir1.2-polkit-1.0122-3 ii gir1.2-soup-2.4 2.74.3-1 ii gir1.2-timezonemap-1.0 0.4.6-3 ii gir1.2-upowerglib-1.00.99.20-2 ii gir1.2-xapp-1.0 2.4.2-3 ii gkbd-capplet 3.28.1-1 ii gnome-backgrounds43.1-1 ii gnome-themes-extra 3.28-2 ii gsettings-desktop-schemas43.0-1 ii iso-flags-png-320x2401.0.2-2 ii libatk-bridge2.0-0 2.46.0-5 ii libatk1.0-0 2.46.0-5 ii libc62.36-9 ii libcairo21.16.0-7 ii libcinnamon-desktop4 5.6.1-1 ii libcinnamon-menu-3-0 5.6.0-1 ii libcjs0 5.6.0-1 ii libgdk-pixbuf-2.0-0 2.42.10+dfsg-1+b1 ii libgirepository-1.0-11.74.0-3 ii libgles2 1.6.0-1 ii libglib2.0-0 2.74.6-2 ii libglib2.0-bin 2.74.6-2 ii libgstreamer1.0-01.22.0-2 ii libgtk-3-0 3.24.37-2 ii libmuffin0 5.6.4-1 ii libpango-1.0-0 1.50.12+ds-1 ii libpangocairo-1.0-0 1.50.12+ds-1 ii libx11-6 2:1.8.4-2 ii libxapp1 2.4.2-3 ii libxfixes3 1:6.0.0-2 ii libxml2 2.9.14+dfsg-1.2 ii mesa-utils 8.5.0-1 ii muffin 5.6.4-1 ii nemo 5.6.4-1 ii network-manager-gnome1.30.0-2 ii pkexec 122-3 ii policykit-1-gnome
Bug#1036121: cinnamon: bell character does not produce a sound after cinnamon upgrade to bookworm
Package: cinnamon Version: 5.6.8-1 Severity: normal X-Debbugs-Cc: mar...@uni-mainz.de After the upgrade of desktops from bullseye to bookworm with cinnamon as desktop environment the bell character in a shell does not produce a sound. Type in a bash in xterm or gnome-terminal : echo -e '\a' With environments older that bookworm this would sound a beep or bell via the pcspkr kernel module. With the new cinnamon there is only silence. The pcspkr module is loaded but no bell sounds. Regards Christoph -- System Information: Debian Release: 12.0 APT prefers testing-security APT policy: (600, 'testing-security'), (600, 'testing'), (90, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.1.0-9-amd64 (SMP w/2 CPU threads; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages cinnamon depends on: ii cinnamon-common 5.6.8-1 ii cinnamon-control-center 5.6.1-1 ii cinnamon-desktop-data5.6.1-1 ii cinnamon-screensaver 5.6.3-1 ii cinnamon-session 5.6.0-1 ii cinnamon-settings-daemon 5.6.2-1 ii cjs 5.6.0-1 ii cups-pk-helper 0.2.6-1+b1 ii dbus 1.14.6-1 ii dconf-gsettings-backend [gsettings-backend] 0.40.0-4 ii gir1.2-accountsservice-1.0 22.08.8-6 ii gir1.2-caribou-1.0 0.4.21-8 ii gir1.2-cmenu-3.0 5.6.0-1 ii gir1.2-cvc-1.0 5.6.1-1 ii gir1.2-ecal-2.0 3.46.4-2 ii gir1.2-edataserver-1.2 3.46.4-2 ii gir1.2-gdkpixbuf-2.0 2.42.10+dfsg-1+b1 ii gir1.2-gkbd-3.0 3.28.1-1 ii gir1.2-glib-2.0 1.74.0-3 ii gir1.2-gnomedesktop-3.0 43.2-2 ii gir1.2-goa-1.0 3.46.0-1 ii gir1.2-gsound-1.01.0.3-2 ii gir1.2-gtk-3.0 3.24.37-2 ii gir1.2-ical-3.0 3.0.16-1+b1 ii gir1.2-keybinder-3.0 0.3.2-1.1 ii gir1.2-nemo-3.0 5.6.4-1 ii gir1.2-nm-1.01.42.4-1 ii gir1.2-nma-1.0 1.10.6-1 ii gir1.2-notify-0.70.8.1-1 ii gir1.2-pango-1.0 1.50.12+ds-1 ii gir1.2-polkit-1.0122-3 ii gir1.2-soup-2.4 2.74.3-1 ii gir1.2-timezonemap-1.0 0.4.6-3 ii gir1.2-upowerglib-1.00.99.20-2 ii gir1.2-xapp-1.0 2.4.2-3 ii gkbd-capplet 3.28.1-1 ii gnome-backgrounds43.1-1 ii gnome-themes-extra 3.28-2 ii gsettings-desktop-schemas43.0-1 ii iso-flags-png-320x2401.0.2-2 ii libatk-bridge2.0-0 2.46.0-5 ii libatk1.0-0 2.46.0-5 ii libc62.36-9 ii libcairo21.16.0-7 ii libcinnamon-desktop4 5.6.1-1 ii libcinnamon-menu-3-0 5.6.0-1 ii libcjs0 5.6.0-1 ii libgdk-pixbuf-2.0-0 2.42.10+dfsg-1+b1 ii libgirepository-1.0-11.74.0-3 ii libgles2 1.6.0-1 ii libglib2.0-0 2.74.6-2 ii libglib2.0-bin 2.74.6-2 ii libgstreamer1.0-01.22.0-2 ii libgtk-3-0 3.24.37-2 ii libmuffin0 5.6.4-1 ii libpango-1.0-0 1.50.12+ds-1 ii libpangocairo-1.0-0 1.50.12+ds-1 ii libx11-6 2:1.8.4-2 ii libxapp1 2.4.2-3 ii libxfixes3 1:6.0.0-2 ii libxml2 2.9.14+dfsg-1.2 ii mesa-utils 8.5.0-1 ii muffin 5.6.4-1 ii nemo 5.6.4-1 ii network-manager-gnome1.30.0-2 ii pkexec 122-3 ii policykit-1-gnome0.105-8 ii psmisc 23.6-1 ii python3
Bug#1035376: unblock: nfs-ganesha/4.3-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: mar...@uni-mainz.de Please unblock package nfs-ganesha 4.3-2 contains a fix for a RC bug which prevents smooth upgrade of nfs-ganesha-ceph :#1034925. [ Reason ] Fixes RC bug #1034925. [ Impact ] includes breaks: and replaces: to make upgrade succeed. [ Tests ] Installation was successful [ Risks ] I don't see any risks. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock nfs-ganesha/4.3-2 [The following lists of changes regard files as different if they have different names, permissions or owners.] Files in second .changes but not in first - -rw-r--r-- root/root /usr/lib/debug/.build-id/47/075fa73da0e4bfba1008cb4a432c16795d1646.debug Files in first .changes but not in second - -rw-r--r-- root/root /usr/lib/debug/.build-id/c0/969f5415c2e585fa41915d3e0f593b0bd1677d.debug Control files of package nfs-ganesha: lines which differ (wdiff format) --- Version: [-4.3-1-] {+4.3-2+} Control files of package nfs-ganesha-ceph: lines which differ (wdiff format) {+Breaks: nfs-ganesha (<< 4.0-1)+} Depends: libacl1 (>= 2.2.23), libc6 (>= 2.34), libcephfs2 (>= 16.2.6+ds), librados2 (>= [-16.2.10+ds),-] {+16.2.11+ds),+} liburcu8 (>= 0.13.0), nfs-ganesha (= [-4.3-1)-] {+4.3-2)+} {+Replaces: nfs-ganesha (<< 4.0-1)+} Version: [-4.3-1-] {+4.3-2+} Control files of package nfs-ganesha-ceph-dbgsym: lines which differ (wdiff format) --- Build-Ids: {+47075fa73da0e4bfba1008cb4a432c16795d1646+} 9e0845a088c12df1b6e7bc74c10af58102f949ac [-c0969f5415c2e585fa41915d3e0f593b0bd1677d-] ceae296fe799f3feca7b7afd36e68cd64484192b Depends: nfs-ganesha-ceph (= [-4.3-1)-] {+4.3-2)+} Version: [-4.3-1-] {+4.3-2+} Control files of package nfs-ganesha-dbgsym: lines which differ (wdiff format) -- Depends: nfs-ganesha (= [-4.3-1)-] {+4.3-2)+} Version: [-4.3-1-] {+4.3-2+} Control files of package nfs-ganesha-doc: lines which differ (wdiff format) --- Version: [-4.3-1-] {+4.3-2+} Control files of package nfs-ganesha-gluster: lines which differ (wdiff format) --- Depends: libacl1 (>= 2.2.23), libc6 (>= 2.34), libgfapi0 (>= 10.3), liburcu8 (>= 0.13.0), nfs-ganesha (= [-4.3-1),-] {+4.3-2),+} libglusterfs0 (>= 6.0) Version: [-4.3-1-] {+4.3-2+} Control files of package nfs-ganesha-gluster-dbgsym: lines which differ (wdiff format) -- Depends: nfs-ganesha-gluster (= [-4.3-1)-] {+4.3-2)+} Version: [-4.3-1-] {+4.3-2+} Control files of package nfs-ganesha-gpfs: lines which differ (wdiff format) Depends: libc6 (>= 2.34), libdbus-1-3 (>= 1.9.14), liburcu8 (>= 0.13.0), nfs-ganesha (= [-4.3-1)-] {+4.3-2)+} Version: [-4.3-1-] {+4.3-2+} Control files of package nfs-ganesha-gpfs-dbgsym: lines which differ (wdiff format) --- Depends: nfs-ganesha-gpfs (= [-4.3-1)-] {+4.3-2)+} Version: [-4.3-1-] {+4.3-2+} Control files of package nfs-ganesha-mem: lines which differ (wdiff format) --- Depends: libc6 (>= 2.34), nfs-ganesha (= [-4.3-1)-] {+4.3-2)+} Version: [-4.3-1-] {+4.3-2+} Control files of package nfs-ganesha-mem-dbgsym: lines which differ (wdiff format) -- Depends: nfs-ganesha-mem (= [-4.3-1)-] {+4.3-2)+} Version: [-4.3-1-] {+4.3-2+} Control files of package nfs-ganesha-mount-9p: lines which differ (wdiff format) Depends: nfs-ganesha (>= [-4.3-1)-] {+4.3-2)+} Version: [-4.3-1-] {+4.3-2+} Control files of package nfs-ganesha-nullfs: lines which differ (wdiff format) -- Depends: libc6 (>= 2.4), nfs-ganesha (= [-4.3-1)-] {+4.3-2)+} Version: [-4.3-1-] {+4.3-2+} Control files of package nfs-ganesha-nullfs-dbgsym: lines which differ (wdiff format) - Depends: nfs-ganesha-nullfs (= [-4.3-1)-] {+4.3-2)+} Version: [-4.3-1-] {+4.3-2+} Control files of package
Bug#1034297: unblock: cfengine3/3.21.0-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: mar...@uni-mainz.de, schla...@uni-mainz.de Please unblock package cfengine3 3.21.0-2 includes a fix for the installation path of the systemd unit files. It closes the RC bug #1034218. [ Reason ] Fixes RC bug #1034218. [ Impact ] The unit file beeing in the wrong path might result in not activated units. [ Risks ] I don't see any risks. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock cfengine3/3.21.0-2 [The following lists of changes regard files as different if they have different names, permissions or owners.] Files in second .deb but not in first - -rw-r--r-- root/root /lib/systemd/system/cf-apache.service -rw-r--r-- root/root /lib/systemd/system/cf-execd.service -rw-r--r-- root/root /lib/systemd/system/cf-hub.service -rw-r--r-- root/root /lib/systemd/system/cf-monitord.service -rw-r--r-- root/root /lib/systemd/system/cf-postgres.service -rw-r--r-- root/root /lib/systemd/system/cf-reactor.service -rw-r--r-- root/root /lib/systemd/system/cf-runalerts.service -rw-r--r-- root/root /lib/systemd/system/cf-serverd.service -rw-r--r-- root/root /lib/systemd/system/cfengine3.service -rwxr-xr-x root/root DEBIAN/prerm Files in first .deb but not in second - -rw-r--r-- root/root /usr/lib/systemd/system/cf-apache.service -rw-r--r-- root/root /usr/lib/systemd/system/cf-execd.service -rw-r--r-- root/root /usr/lib/systemd/system/cf-hub.service -rw-r--r-- root/root /usr/lib/systemd/system/cf-monitord.service -rw-r--r-- root/root /usr/lib/systemd/system/cf-postgres.service -rw-r--r-- root/root /usr/lib/systemd/system/cf-reactor.service -rw-r--r-- root/root /usr/lib/systemd/system/cf-runalerts.service -rw-r--r-- root/root /usr/lib/systemd/system/cf-serverd.service -rw-r--r-- root/root /usr/lib/systemd/system/cfengine3.service Control files: lines which differ (wdiff format) Depends: lsb-base (>= 3.0-6), e2fsprogs, libacl1 (>= 2.2.23), libc6 (>= 2.34), liblmdb0 (>= 0.9.11), libpam0g (>= 0.99.7.1), libpcre3, libpromises3 (= [-3.21.0-1),-] {+3.21.0-2),+} libssl3 (>= 3.0.0), libvirt0 (>= 0.5.0), libxml2 (>= 2.7.4), libyaml-0-2 Installed-Size: [-2133-] {+2142+} Version: [-3.21.0-1-] {+3.21.0-2+}
Bug#1026992: Preparing fix for CVE-2022-4728, CVE-2022-4729 & CVE-2022-4730
Hi all, I am preparing a fix for this bug based on the upstream pull request https://github.com/graphite-project/graphite-web/pull/2785 which is also in oldstable security with version 1.1.4-3+deb10u2. Regards Christoph OpenPGP_signature Description: OpenPGP digital signature
Bug#908117: RFP: yq -- yq is a lightweight and portable command-line YAML processor The aim of the project is to be the jq or sed of yaml files.
yq is in NEW: https://ftp-master.debian.org/new/yq_3.1.0-1.html Am 18.01.23 um 19:17 schrieb Christoph Martin: I've build an initial package and will upload it soon for review. OpenPGP_signature Description: OpenPGP digital signature
Bug#908117: RFP: yq -- yq is a lightweight and portable command-line YAML processor The aim of the project is to be the jq or sed of yaml files.
I've build an initial package and will upload it soon for review. Am 17.01.23 um 18:02 schrieb Christoph Martin: I have created a repository on salsa: https://salsa.debian.org/python-team/packages/yq OpenPGP_signature Description: OpenPGP digital signature
Bug#908117: RFP: yq -- yq is a lightweight and portable command-line YAML processor The aim of the project is to be the jq or sed of yaml files.
I have created a repository on salsa: https://salsa.debian.org/python-team/packages/yq I am not shure, what is the best way to create a python package. Is there a template for python packages? Am 16.01.23 um 12:14 schrieb Christoph Martin: I had a try with the Go variant, because this is used in a project, that we use. But a lot of Go dependencies are missing in Debian. So, I also vote for the python variant. Who is interested in packaging it? OpenPGP_signature Description: OpenPGP digital signature
Bug#908117: RFP: yq -- yq is a lightweight and portable command-line YAML processor The aim of the project is to be the jq or sed of yaml files.
Am 15.01.23 um 21:22 schrieb Antoine Beaupré: 2. Giving up the Go variant in favour of fq, ship only "python" I had a try with the Go variant, because this is used in a project, that we use. But a lot of Go dependencies are missing in Debian. So, I also vote for the python variant. Who is interested in packaging it? OpenPGP_signature Description: OpenPGP digital signature
Bug#1027572: nfs-ganesha: FTBFS: dh_install: error: missing files, aborting
Hi Lucas, is it possible that this is a transistion issue? The logs talk about python3.10 and sid has python3.11. Christoph Am 01.01.23 um 15:35 schrieb Lucas Nussbaum: . warnings.warn( TEST FAILED: /<>/debian/tmp/usr/local/lib/python3.10/dist-packages/ does NOT support .pth files bad install directory or PYTHONPATH OpenPGP_signature Description: OpenPGP digital signature
Bug#1026026: /usr/sbin/needrestart: typo prevents vm detection and leads to error in microcode check
Package: needrestart Version: 3.6-2 Severity: normal File: /usr/sbin/needrestart Dear Maintainer, on a vm needrestart warns about failed microcode upgrades because of a typo in line 54 of needrestart. /usr/bin/systemds-detect-virt should be /usr/bin/systemd-detect-virt Regards Christoph -- Package-specific info: needrestart output: Running kernel seems to be up-to-date. Failed to check for processor microcode upgrades. No services need to be restarted. No containers need to be restarted. No user sessions are running outdated binaries. No VM guests are running outdated hypervisor (qemu) binaries on this host. -- System Information: Debian Release: bookworm/sid APT prefers testing APT policy: (700, 'testing'), (50, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 6.0.0-5-amd64 (SMP w/2 CPU threads; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages needrestart depends on: ii binutils 2.39.50.20221208-5 ii dpkg 1.21.12 ii gettext-base 0.21-10 ii libintl-perl 1.26-4 ii libmodule-find-perl0.16-2 ii libmodule-scandeps-perl1.31-2 ii libproc-processtable-perl 0.634-1+b2 ii libsort-naturally-perl 1.03-4 ii libterm-readkey-perl 2.38-2+b1 ii perl 5.36.0-4 ii xz-utils 5.2.9-0.0 Versions of packages needrestart recommends: ii libpam-systemd 252.2-2 ii systemd 252.2-2 Versions of packages needrestart suggests: pn iucode-tool pn needrestart-session | libnotify-bin -- no debconf information OpenPGP_signature Description: OpenPGP digital signature
Bug#1000596: php-db Update
reopen -1 thanks The new version seams to not fix the test on all architectures. Christoph Am 30.11.22 um 17:09 schrieb Christoph Martin: I have uploaded a fixed package as NMU to to the deferred queue. Am 17.11.22 um 14:13 schrieb Christoph Martin: I just tried to build php-db with the new upstream version 1.11.0 and it builds without a problem. Do you plan to upload the updated package any time soon? If you need help, please let me know. OpenPGP_signature Description: OpenPGP digital signature
Bug#1000596: php-db Update
I have uploaded a fixed package as NMU to to the deferred queue. Am 17.11.22 um 14:13 schrieb Christoph Martin: I just tried to build php-db with the new upstream version 1.11.0 and it builds without a problem. Do you plan to upload the updated package any time soon? If you need help, please let me know. Christoph OpenPGP_signature Description: OpenPGP digital signature
Bug#1000653: Fix php-mail build
Hi I have uploaded a fixed package as NMU to the deferred queue. Am 17.11.22 um 13:55 schrieb Christoph Martin: do you plan to release a new version with the proposed fix anytime soon? I build it locally with the fix and it builds fine. I could upload the package if this is ok for you. Christoph OpenPGP_signature Description: OpenPGP digital signature
Bug#1000596: php-db Update
Hi, I just tried to build php-db with the new upstream version 1.11.0 and it builds without a problem. Do you plan to upload the updated package any time soon? If you need help, please let me know. Christoph OpenPGP_signature Description: OpenPGP digital signature
Bug#1000653: Fix php-mail build
Hi, do you plan to release a new version with the proposed fix anytime soon? I build it locally with the fix and it builds fine. I could upload the package if this is ok for you. Christoph OpenPGP_signature Description: OpenPGP digital signature
Bug#1022124: libdbd-oracle-perl Upload
Hi Alex, when do you plan to upload the fixed version? If you need any help, please let us know. Regards Christoph OpenPGP_signature Description: OpenPGP digital signature
Bug#976308: ITA: cfengine3 -- tool for configuring and maintaining network machines
Am 14.09.22 um 17:53 schrieb Bastian Germann: I would like to help here at least to get the package up to speed. I started with some bug triaging. Antonio, would you please add me (salsa user bage) as owner of the group? Or add me and make Christoph an owner. When that is done I will hand in some changes. I just uploaded another version with some mainly cosmetic bug fixes. My plan was to next package 3.15.6 which is the latest version in the 3.15 LTS line. This update should work without many changes. Next step would than be upgrade to 3.18 LTS. Some of the bugs might have been fixed by upstream in one of the recent versions. A good step would be to use the systemd units instead of the selfmade init.d script (#950432) and use the FHS options instead of patching the paths (#873699) Christoph OpenPGP_signature Description: OpenPGP digital signature
Bug#976308: ITA: cfengine3 -- tool for configuring and maintaining network machines
Am 13.09.22 um 16:53 schrieb Bastian Germann: Christoph Martin is a member of https://salsa.debian.org/cfengine-team. Christoph, you would be the best candidate to take control over this package. Would you like to take on this responsibility and can you shine some light on why this is in a Gitlab team but not team-maintained? I joined the team some years ago to help fix some bugs. But I don't want to do it alone. So help preferably as patches or pull requests are welcome. Christoph OpenPGP_signature Description: OpenPGP digital signature
Bug#949086: Bug#945623: cfengine3: diff for NMU version 3.15.2-3.2
Hi all, I'll have a look at it. First I will include the changes from NMU -3.1 into the salsa repository. Christoph Am 09.09.22 um 09:33 schrieb Hugh McMaster: Control: tags 945623 + patch Control: tags 949086 + patch Control: tags 998014 + patch Dear maintainer, I've prepared an NMU for cfengine3 (versioned as 3.15.2-3.2). The diff is attached to this message. I require a sponsor to have it uploaded and intend to seek sponsorship without delay due to the RC bug #992662. Please let me know if you plan to take care of the upload yourself. OpenPGP_signature Description: OpenPGP digital signature
Bug#1008973: linux-image-amd64: Very slow wireless with MEDIATEK 7961
I have the same Problem with an P14s and Mediathek 7921e. There is even about 30% package loss. Christoph Am 05.04.22 um 14:39 schrieb Xavier Chantry: With kernel 5.16 the wireless is so slow that it's unusable, each internet query takes several seconds. A simple ping to google.com varies from 100ms to 3000ms. With kernel 5.17 it's slighly better but the ping still goes up to 600ms. OpenPGP_signature Description: OpenPGP digital signature
Bug#1002772: nfs-ganesha: FTBFS: internal.h:50:2: error: #error rados/rgw_file.h version unsupported (require >= 1.1.1)
On 28.12.21 21:05, Lucas Nussbaum wrote: /<>/src/FSAL/FSAL_RGW/internal.h:50:2: error: #error rados/rgw_file.h version unsupported (require >= 1.1.1) 50 | #error rados/rgw_file.h version unsupported (require >= 1.1.1) | ^ Thanks for the report. The problem is fixed in upstream version 3.5 and 4.0 I'll release a new version soon. OpenPGP_signature Description: OpenPGP digital signature
Bug#617856: New version of apt-show-versions fixes 617856
My version was just accepted. Am 26.10.21 um 03:51 schrieb Paul Wise: > On Mon, 2021-10-25 at 13:00 +0200, Christoph Martin wrote: > >> I will try to upload a new release. I could not do so in the last >> weeks, because my signature-key had expired and the new one did not yet >> make it into the keyring. > > You could upload to mentors.debian.net and file an RFS request: > > https://mentors.debian.net/sponsors/rfs-howto/ > OpenPGP_signature Description: OpenPGP digital signature
Bug#617856: New version of apt-show-versions fixes 617856
Hi Paul, I will try to upload a new release. I could not do so in the last weeks, because my signature-key had expired and the new one did not yet make it into the keyring. Greeting Christoph Am 20.10.21 um 07:09 schrieb Paul Wise: > On Fri, 8 Oct 2021 11:31:39 +0200 Christoph Martin wrote: > >> tags 617856 + pending >> thanks >> >> Upload of new version is pending. > > Could you upload the package? > OpenPGP_signature Description: OpenPGP digital signature
Bug#868949: libapache2-mod-auth-openidc: It happens for 2.4.9-1
tags 868949 +moreinfo tags 868949 +unreproducible thanks Dear Sorin, I can't reproduce this problem. It works without a problem on several machines. Please try to get a trace. Try also to execute ldd on every module and the apache binary to see if there some of the binaries link to different library versions. Christoph Am 11.08.21 um 12:29 schrieb Sorin Manolache: > Package: libapache2-mod-auth-openidc > Version: 2.4.9-1 > Followup-For: Bug #868949 > X-Debbugs-Cc: sor...@gmail.com > > Dear Maintainer, > > The bug reported in 2017 for 2.1.6 happens again for 2.4.9-1. > > systemctl start apache2 > systemctl reload apache2 => child segfaults > > I don't even make any request to the server. I just start the server then > reload it. > OpenPGP_signature Description: OpenPGP digital signature
Bug#991811: unblock: libapache2-mod-auth-openidc/2.4.9-1
Hi Salvatore, dear Release Team, Am 23.08.21 um 14:46 schrieb Salvatore Bonaccorso: > Hi Christoph, > > On Mon, Aug 23, 2021 at 01:17:18PM +0200, Christoph Martin wrote: >> Hi Salvatore, >> >> Am 19.08.21 um 21:32 schrieb Salvatore Bonaccorso: >>> Hi Christoph, >>> >>> On Tue, Aug 10, 2021 at 01:42:32PM +0200, Christoph Martin wrote: >>>> Dear Security Team, >>>> >>>> the fixed version is now in bullseye. Thanks for that. >>>> >>>> What is the plan for buster and stretch? Do you prepare fixes? >>> >>> thanks for following up on that. For buster, can you fix those issues, >>> and ideally as well CVE-2019-14857 (#942165) and CVE-2019-20479 via an >>> upcoming buster point release? >> >> Ok. I prepare that update. That would be a version 2.4.9-1~deb11u1 ? > > Depends (but then ~deb10u1). You are right. My fault. > Why i say depends: buster has currently > 2.3.10.2-1, and I'm not sure if we can be confident to bump the > version from 2.3.10.2 upstream to 2.4.9? This has to be acked by the > release team if suitable. > > If SRM agree on importing the 2.4.9 version: if it is merely a rebuild > of the bullseye package back for buster, then 2.4.9-1~deb10u1 would be > good, if it's an import of new upstream on top of the current > packaging instead I would choose 2.4.9-0+deb10u1. It would be a rebuild of the bullseye package for buster. As I commented in the fix for bullseye in Bug 991811: > The fix to CVE-2021-32791 looks quite big, so that I think it is not > safe to backport it to 2.4.4.1 like the others could be. So a backport seams not to be a good solution. I tested the bullseye package on buster and even that works without a problem in buster. > But the most important question here is if SRM agree on bumping the > version to 2.4.9. > > If feasible to cherry-pick the needed patches then this would be > 2.3.10.2-1+deb10u1. > @Release Team: What do you recommend? Christoph OpenPGP_signature Description: OpenPGP digital signature
Bug#991811: unblock: libapache2-mod-auth-openidc/2.4.9-1
Hi Salvatore, Am 19.08.21 um 21:32 schrieb Salvatore Bonaccorso: > Hi Christoph, > > On Tue, Aug 10, 2021 at 01:42:32PM +0200, Christoph Martin wrote: >> Dear Security Team, >> >> the fixed version is now in bullseye. Thanks for that. >> >> What is the plan for buster and stretch? Do you prepare fixes? > > thanks for following up on that. For buster, can you fix those issues, > and ideally as well CVE-2019-14857 (#942165) and CVE-2019-20479 via an > upcoming buster point release? Ok. I prepare that update. That would be a version 2.4.9-1~deb11u1 ? Christoph OpenPGP_signature Description: OpenPGP digital signature
Bug#991811: unblock: libapache2-mod-auth-openidc/2.4.9-1
Dear Security Team, the fixed version is now in bullseye. Thanks for that. What is the plan for buster and stretch? Do you prepare fixes? Greetings Christoph Am 06.08.21 um 11:46 schrieb Christoph Martin: > Hi Paul, > hi Salvatore, > > Am 06.08.21 um 09:32 schrieb Salvatore Bonaccorso: >>> >>> It's *very* late in the freeze so I need an answer *real soon*. You >>> didn't tell us how you tested the package, how upstream tested the >>> changes and how you *judge* the changes between bullseye and sid. I >>> can't estimate the risk by myself. >> >> From security team perspective, we could tend to confirm to be good >> option to actually go to 2.4.9 based version, if Christoph can confirm >> the above questions on testing. Was it tested in production >> environment as well? >> > > I have tested it in a production environment. > The package installs correctly on a bullseye system. > Upgrade of the package also works. > Login via our idp ist working as expected. > All expected env variables in phpinfo have the expected values. > > Regards > > Christoph > OpenPGP_signature Description: OpenPGP digital signature
Bug#991811: unblock: libapache2-mod-auth-openidc/2.4.9-1
Hi Paul, hi Salvatore, Am 06.08.21 um 09:32 schrieb Salvatore Bonaccorso: >> >> It's *very* late in the freeze so I need an answer *real soon*. You >> didn't tell us how you tested the package, how upstream tested the >> changes and how you *judge* the changes between bullseye and sid. I >> can't estimate the risk by myself. > > From security team perspective, we could tend to confirm to be good > option to actually go to 2.4.9 based version, if Christoph can confirm > the above questions on testing. Was it tested in production > environment as well? > I have tested it in a production environment. The package installs correctly on a bullseye system. Upgrade of the package also works. Login via our idp ist working as expected. All expected env variables in phpinfo have the expected values. Regards Christoph OpenPGP_signature Description: OpenPGP digital signature
Bug#991811: unblock: libapache2-mod-auth-openidc/2.4.9-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package libapache2-mod-auth-openidc currently the version 2.4.4.1-2 of libapache2-mod-auth-openidc is in testing/bullseye . Some days ago four CVE security bugs were published which are fixed in version 2.4.9 . The fix to CVE-2021-32791 looks quite big, so that I think it is not safe to backport it to 2.4.4.1 like the others could be. I uploaded the latest upstream (2.4.9) rather than try to backport the fixes to 2.4.4. unblock libapache2-mod-auth-openidc/2.4.9-1 -- System Information: Debian Release: 10.10 APT prefers stable-updates APT policy: (600, 'stable-updates'), (600, 'stable'), (500, 'oldstable'), (90, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.19.0-17-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Bug#926253: postfixadmin: /usr/share/postfixadmin/lib/../templates_c does not exist on new installation
Thanks for the report. If you can provide a patch I can try to include it in a bugfix release. Christoph Am 02.04.19 um 19:26 schrieb Michael Krieger: > Package: postfixadmin > Version: 3.2.1-2 > Severity: important > > On a new installation of postfixadmin in Buster, > /usr/share/postfixadmin/lib/../templates_c > (the compiled template folder) is not created. As such, the following error > appears and > nothing works: > AH01071: Got error 'PHP message: ERROR: directory > /usr/share/postfixadmin/lib/../templates_c > doesn't exist or isn't writeable for the webserver' > > > A simple: > mkdir -p /usr/share/postfixadmin/lib/../templates_c > chown www-data /usr/share/postfixadmin/lib/../templates_c -R > chmod 700 /usr/share/postfixadmin/lib/../templates_c > results in postfixadmin working correctly by creating the folder and > appropriately sets > permissions for the folder for use by web servers. >
Bug#795991: /boot/vmlinuz-3.16.0-0.bpo.4-amd64: duplicate request cache is too small for NFS 4.1 servers
Hi Salvatore Am 01.05.21 um 07:55 schrieb Salvatore Bonaccorso: > > Ack thans for confirming. So either someone tries to bring that issue > again to upstream or alternatively we could then close this bug > marking (and possibly marking it wontfix). > I'm fine with closing and marking wontfix because upstream does so also. Christoph OpenPGP_signature Description: OpenPGP digital signature
Bug#796882: hyperv-daemons: include debian specific versions of hv_get* scripts
I don't see the reported error messages in Stretch and Buster. I think the issue is resolve. Am 30.04.21 um 14:36 schrieb Salvatore Bonaccorso: > > This should have been resolved in 4.5.1-1, when we got own init and > systemd service units, is this correct? > OpenPGP_signature Description: OpenPGP digital signature
Bug#795991: /boot/vmlinuz-3.16.0-0.bpo.4-amd64: duplicate request cache is too small for NFS 4.1 servers
Sorry, please ignore this message. Wrong Bug report. Am 03.05.21 um 11:25 schrieb Christoph Martin: > Hi Salvator, > >> >> is this problem still relevant? >> > > I don't see the reported error messages in Stretch and Buster. > I think the issue is resolve. > > Christoph > OpenPGP_signature Description: OpenPGP digital signature
Bug#795991: /boot/vmlinuz-3.16.0-0.bpo.4-amd64: duplicate request cache is too small for NFS 4.1 servers
Hi Salvator, > > is this problem still relevant? > I don't see the reported error messages in Stretch and Buster. I think the issue is resolve. Christoph OpenPGP_signature Description: OpenPGP digital signature
Bug#795991: /boot/vmlinuz-3.16.0-0.bpo.4-amd64: duplicate request cache is too small for NFS 4.1 servers
Am 30.04.21 um 14:32 schrieb Salvatore Bonaccorso: > > is this problem still relevant? > I think so. My upstream request was never really considered. You still have the problem that a kernel-nfs server with only few memory runs out of sessions with a lot of clients. > Side note that we would anyway not apply a patch which would not have > been accepted upstream, likely unless there are very valid reasons. > Yes I also think so. We changed to nfs-ganesha as a user level NFS server, which does not have this restriction. Christoph
Bug#981940: sks: Fatal database error: Bdb.DBError("BDB0620 DB_DBT_READONLY should not be set on data DBT.")
Hi Kim Minh, thanks for your report. The solution from ygrek is what I have in debian/patches/bdb-dbt-readonly.patch . And this is only partially helping, as you can see on your server. I have the same problem and the workaround for now is to detect if the process goes into 100% CPU and restart it. But I will have a try with your solution. Regards Christoph Am 05.02.21 um 10:36 schrieb Kim Minh Kaplan: > Package: sks > Version: 1.1.6+git20200620.9e9d504-1+b1 > Severity: important > Tags: upstream > X-Debbugs-Cc: kaplan+debian@kim-minh.com > > Dear Maintainer, > > The sks 1.1.6+git20200620.9e9d504-1 currently packaged in testing has > important defect that prevents it from synchronizing properly with other > servers. Here is an log: > > Feb 04 18:29:32 ns383488 sks[19622]: 2021-02-04 18:29:32 Disabling gossip > Feb 04 18:29:37 ns383488 sks[19622]: 2021-02-04 18:29:37 Requesting 20 > missing keys from , starting with > 00FA33B4F729DFD5C8E7402D0C93CCC8 > Feb 04 18:29:37 ns383488 sks[19622]: 2021-02-04 18:29:37 20 keys received > [...] > Feb 04 18:29:37 ns383488 sks[19621]: 2021-02-04 18:29:37 Fatal database > error: Bdb.DBError("BDB0620 DB_DBT_READONLY should not be set on data DBT.") > Feb 04 18:29:37 ns383488 sks[19621]: 2021-02-04 18:29:37 Key addition failed: > Stdlib.Sys.Break > [...] > Feb 04 18:29:38 ns383488 sks[19621]: 2021-02-04 18:29:38 Fatal database > error: Bdb.DBError("BDB0110 Log sequence error: page LSN 42312 2571343; > previous LSN 42312 1593741") > Feb 04 18:29:38 ns383488 sks[19621]: 2021-02-04 18:29:38 Key addition failed: > Stdlib.Sys.Break > Feb 04 18:29:38 ns383488 sks[19622]: 2021-02-04 18:29:38 Requesting 20 > missing keys from , starting with > 1E8607A792DA0C5653E34619386F25CF > Feb 04 18:29:38 ns383488 sks[19622]: 2021-02-04 18:29:38 20 keys received > Feb 04 18:32:38 ns383488 sks[19622]: 2021-02-04 18:32:38 get_missing_keys > terminated by timeout > > At this point the sks server is deadlocked and can only be terminated. > > The issue (https://github.com/SKS-Keyserver/sks-keyserver/issues/82) is > fixed in upstream. >
Bug#961152: apt-show-versions: diff for NMU version 0.22.11+nmu1
Thanks for you work. I have just release 0.23 which includes your patch. Am 08.11.20 um 18:26 schrieb Dominic Hargreaves: > Control: tags 961152 + patch > Control: tags 961152 + pending > > Dear maintainer, > > I've prepared an NMU for apt-show-versions (versioned as 0.22.11+nmu1) and > uploaded it to DELAYED/5. Please feel free to tell me if I > should delay it longer. > > Regards. >
Bug#950535: [pkg-netfilter-team] Bug#950535: iptables-restore segfaults on nat table
Hi Alberto, hi Jamie, Am 17.02.20 um 18:06 schrieb Alberto Molina Coballes: > > These rules were not generated by ufw. The current released version of > ufw does not do any management of the nat table. Furthermore, > iptables-restore rules in /etc/ufw/*rules do not contain any '-F's. > I made these rules myself and had to add the -F's because ufw does not flush the nat table on reload and I would otherwise end up with duplicate nat rules. > The man page does *not* document use of -F in these files and instead > has examples like: > > *nat > :POSTROUTING ACCEPT [0:0] > -A POSTROUTING -s 10.0.0.0/8 -o eth0 -j MASQUERADE > COMMIT > > So I suspect what happened is the reporter used this mechanism to > customize the firewall and accidentally added the second, errant -F. > [/quote] > After some test, it seems that the problem is related to the flush of > the rules after adding some of them (do you really want to do that?), > because the next ruleset works well: > The second -F is for the POSTROUTING rules. The difference is here: *nat -F PREROUTING -A PREROUTING -i eth0 -p tcp --dport 22 -j REDIRECT --to-ports 1194 -F POSTROUTING -A POSTROUTING -o eth0 -p tcp --sport 222 -j SNAT --to-source 10.10.10.10 COMMIT results in a crash. *nat -F PREROUTING -F POSTROUTING -A PREROUTING -i eth0 -p tcp --dport 22 -j REDIRECT --to-ports 1194 -A POSTROUTING -o eth0 -p tcp --sport 222 -j SNAT --to-source 10.10.10.10 COMMIT does not crash. > Because the default iptables-restore behaviour is to flush (delete) > all previous contents of the respective tables. If I remove the -F's, every 'ufw reload' will add another set of the POSTROUTING and PREROUTING rules. > > I think you can workaround the bug rewriting your rules with special > care in the inclusion of '-F' rules. The workaround is to have both -F rules at the beginning. But I can't omit them. Christoph signature.asc Description: OpenPGP digital signature
Bug#950535: [pkg-netfilter-team] Bug#950535: iptables-restore segfaults on nat table
Hil Alberto, Am 13.02.20 um 10:11 schrieb Alberto Molina Coballes: > > Is this ruleset a real one obtained from ufw? I ask because the next one > doesn't result in segfault: > > *nat > -F PREROUTING > -F POSTROUTING > -A PREROUTING -i eth0 -p tcp --dport 22 -j REDIRECT --to-ports 1194 > COMMIT > > I don't understand the rule "-F PREROUTING" after a "-A ..." one. It > seems that the segfault happens in this specific case (it's a bug of > course, but not a bug with grave severity). Actually I stripped it down to these lines, because this is the minimum set of rules which makes it crash. In my UFW before.rules files I have several PREROUTING and POSTROUTING rules with a -F before the -A rules block in the nat table. Christoph signature.asc Description: OpenPGP digital signature
Bug#950535: [pkg-netfilter-team] Bug#950535: iptables-restore segfaults on nat table
Hi Alberto, Am 13.02.20 um 10:11 schrieb Alberto Molina Coballes: > I don't understand the rule "-F PREROUTING" after a "-A ..." one. It > seems that the segfault happens in this specific case (it's a bug of > course, but not a bug with grave severity). I choose the grave severity because the bug makes a reload of ufw fail and then the firewall is off ! Christoph signature.asc Description: OpenPGP digital signature
Bug#950535: iptables-restore segfaults on nat table
Package: iptables Version: 1.8.2-4 Severity: grave Dear Maintainer, after updateing from stretch to buster ufw failed to work. we have nat-table entries for PREROUTING and POSTROUTING . iptables-restore segfaults on these rules. The following rules lead to the error: *nat -F PREROUTING -A PREROUTING -i eth0 -p tcp --dport 22 -j REDIRECT --to-ports 1194 -F PREROUTING -F POSTROUTING COMMIT The version from backports: 1.8.3-2~bpo10+1 does not have this problem. Please bring this fix to the stable release. The ufw firewall ist disabled after this error. So I consider this a security problem Christoph -- System Information: Debian Release: 10.2 APT prefers stable-updates APT policy: (700, 'stable-updates'), (700, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.19.0-6-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:\ en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages iptables depends on: ii libc62.28-10 ii libip4tc01.8.2-4 ii libip6tc01.8.2-4 ii libiptc0 1.8.2-4 ii libmnl0 1.0.4-2 ii libnetfilter-conntrack3 1.0.7-1 ii libnfnetlink01.0.1-3+b1 ii libnftnl11 1.1.2-2 ii libxtables12 1.8.2-4 Versions of packages iptables recommends: ii nftables 0.9.0-2 Versions of packages iptables suggests: ii kmod 26-1 signature.asc Description: OpenPGP digital signature
Bug#875207: [tipp10] Future Qt4 removal from Buster
Hi Reiner, Am 21.09.19 um 00:45 schrieb Reiner Herrmann: > I attached a patch that builds tipp10 with Qt5. > I tested building with pbuilder and did a few tests of the program, > and it looks to me like everything is working. This is great news. > As porting the download modules would have been a bit more effort, > as QHttp is no longer available in Qt5 (replaced by QNetworkAccessManager), > I had a look what they are actually used for. > It turned out that two of them were currently not used at all > (updatedialog, downloaddialog), as their actions have not been > associated with any menu. And the third one (checkversion, which checks on a > remote server if the version is up-to-date) has no real use in a Debian > package and there seems to be no upstream development anyway. It's also > not nice to let it "phone home" regularly. > So I decided to drop them, which simplified the porting effort. > I hope you are fine with this change. Thanks for the patch. I'll give it a try. Regards Christoph signature.asc Description: OpenPGP digital signature
Bug#875207: [tipp10] Future Qt4 removal from Buster
Hi Moritz, Am 22.08.19 um 21:47 schrieb Moritz Mühlenhoff: > tipp10 seems to be dead upstream (not surprising given that it seems to be > based on an old diploma thesis) > > Are you planning to port it to Qt5 yourself? Otherwise we should remove it > from the archive. I'd like to try to port it to qt5. I also try to get some help from more experienced qt5 developpers or maintainers. If it is to much work or to difficult we have to drop the package. Christoph signature.asc Description: OpenPGP digital signature
Bug#931469: apt-show-versions: oldconfig: /etc/bash_completion.d/apt-show-versions
> During the upgrade from Stretch to Buster, dpkg reported the following > oldconfig: > > /etc/bash_completion.d/apt-show-versions > > This should have been removed by maintainer script helpers. > /etc/bash_completion.d/apt-show-versions is still a recent and valid configuration file. I wonder why dpkg should report it as oldconfig. signature.asc Description: OpenPGP digital signature
Bug#928660: hyperv-daemons matching linux-image-4.9-amd64 in jessie-security are missing
Hi Ben, Am 08.05.19 um 18:27 schrieb Ben Hutchings: > > This is intentional. There can only be one version of hyperv-daemons > in each suite, and for jessie that will be based on 3.16. > You are right. I should have thought of that. Christoph signature.asc Description: OpenPGP digital signature
Bug#928660: hyperv-daemons matching linux-image-4.9-amd64 in jessie-security are missing
Package: hyperv-daemons Version: 4.9.168-1 jessie-security has linux-image-4.9-amd64 but is missing the corresponding hyperv-daemons. Please always include them with the kernel-uploades for jessie-security. Christoph signature.asc Description: OpenPGP digital signature
Bug#914335: apt-show-versions thinks gets tripped up by some package versions e.g. docker-ce
Control: close -1 Thanks for the notice. Closing the bug report. Am 07.03.19 um 14:30 schrieb Willem Basson- Hetzner (Pty) Ltd: > Thank you Christoph, the problem does seem to be resolved. > signature.asc Description: OpenPGP digital signature
Bug#923009: seafile: CVE-2013-7469
Hi Salvatore, Am 06.03.19 um 23:15 schrieb Salvatore Bonaccorso: > Hi Christoph, > > On Tue, Mar 05, 2019 at 12:12:31PM +0100, Christoph Martin wrote: > > Yes I think we can agree on that! > So, I'd like to lower the severity to important, > Quick note on the buster-ignore tag addition, keep in mind that this > is technically only to be used/added by release managers themself, but > maintainers can obviously suggest that to the release managers, cf. > https://www.debian.org/Bugs/Developer#tags Sorry for that. Is it ok to leave the tag or is a severity change to important better? The autoremove flag is still active. Christoph signature.asc Description: OpenPGP digital signature
Bug#923009: seafile: CVE-2013-7469
Control: tags -1 buster-ignore Am 22.02.19 um 23:46 schrieb Salvatore Bonaccorso: > Source: seafile > Version: 6.2.11-1 > Severity: grave > Tags: security upstream > Forwarded: https://github.com/haiwen/seafile/issues/350 > > Hi, > > The following vulnerability was published for seafile. > > CVE-2013-7469[0]: > | Seafile through 6.2.11 always uses the same Initialization Vector (IV) > | with Cipher Block Chaining (CBC) Mode to encrypt private data, making > | it easier to conduct chosen-plaintext attacks or dictionary attacks. > > If you fix the vulnerability please also make sure to include the > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > For further information see: > > [0] https://security-tracker.debian.org/tracker/CVE-2013-7469 > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7469 > [1] https://github.com/haiwen/seafile/issues/350 This bug report is pretty late in the release cycle. Also the CVE is unspecific about the impact of the problem. As far as I see the problem is only with libraries where the user enabled encryption for. Since the transport of the files is secured via a normal webserver with TLS etc. you encrypted library can only be tried to access locally on the client or the server. The cryptographic weekness should at least be documented with the hint to additionaly use an gpg or zip encrypted file in the library if the files data is really sensible. So, I don't consider this bug as a release critical bug for buster. It can not be fixed the short time which is left for the release. Christoph -- ==== Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de signature.asc Description: OpenPGP digital signature
Bug#776246: Processed: severity of 776246 is grave
What can we do to not loose these packages (burp in my case)? librsync 2.0.2-1~exp1 was uploaded to experimental three days ago. Am 18.02.19 um 18:34 schrieb Valentin Vidic: > Hi, > > Not sure why grave so late in the release process that we lose > some packages (csync2 in my case)? grave after the release would > give us more time to move to librsync2. > signature.asc Description: OpenPGP digital signature
Bug#914335: apt-show-versions thinks gets tripped up by some package versions e.g. docker-ce
Hi Willem, Am 22.11.18 um 09:54 schrieb Willem Basson: : > > apt-show-versions docker-ce -a > docker-ce:amd64 5:18.09.0~3-0~debian-stretch install ok installed > docker-ce:amd64 18.06.1~ce~3-0~debian stretch download.docker.com > No stable version > No stable-updates version > docker-ce:amd64 5:18.09.0~3-0~debian-stretch newer than version in archive > can you still reproduce this problem? I can't : # apt-show-versions docker-ce -a docker-ce:amd64 5:18.09.2~3-0~debian-stretch install ok installed docker-ce:amd64 5:18.09.2~3-0~debian-stretch stretch download.docker.com No stable version No stable-updates version docker-ce:amd64/stretch 5:18.09.2~3-0~debian-stretch uptodate Christoph signature.asc Description: OpenPGP digital signature
Bug#685439: Can you please not use an uninitialized value
Hi Dan, Am 14.02.19 um 17:28 schrieb 積丹尼 Dan Jacobson: > # apt-show-versions -r -p "^linux-(doc|image)-[0-9]+\." > Use of uninitialized value in hash element at /usr/bin/apt-show-versions line > 578, line 26850. > linux-doc-4.19:all/unstable 4.19.20-1 uptodate > linux-image-4.19.0-2-686-pae:i386 4.19.16-1 installed: No available version > in archive > linux-image-4.19.0-3-686-pae:i386/unstable 4.19.20-1 uptodate > > This is line 578: > > $packages->{$package->{$PACKAGE}}{$package->{$ARCH}} = $package; > > Can you please not use an uninitialized value. > > Please? > > Just initialize everything to "" first or something. > > Yes after a few more runs it goes away. > It seams like you have a corrupt /var/lib/dpkg/status file. The above error can only happen, if you have a section in this file with either no Package: or no Status: line. Christoph -- Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de signature.asc Description: OpenPGP digital signature
Bug#685439: I pinpointed the source: One certain status entry
Is this a leftover from a very old installation? modutils were removed in 2007. Am 15.02.19 um 01:59 schrieb jida...@jidanni.org: > I found the trigger! This always triggers it! > > cat > /tmp/status < Package: modutils > Status: unknown ok not-installed > Priority: extra > Section: admin > Origin: debian > Bugs: debbugs://bugs.debian.org/ > > EOF > apt-show-versions --status-file=/tmp/status -p zzz > -- ======== Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de signature.asc Description: OpenPGP digital signature
Bug#919281: freerdp2-x11: fails for smartcard login with SCARD_E_INSUFFICIENT_BUFFER
Hi Bernhard, Am 14.01.19 um 18:00 schrieb Bernhard Miklautz: > On Mon, Jan 14, 2019 at 04:46:56PM +0100, Christoph Martin wrote: >> Am 14.01.19 um 15:51 schrieb Bernhard Miklautz: >> Gemalto USB Shell Token V2 (C5B57B07) 01 00 >> >> Possibly identified card (using /usr/share/pcsc/smartcard_list.txt): >> 3B F8 18 00 FF 81 31 FE 45 4A 43 4F 50 76 32 34 31 43 >> The log is attached. > thank you very much! > > The log shows the same problems as reported upstream. > Interestingly, but possible not relates because you don’t use it, the > upstream issues are all related to Yubikeys. Just to make sure, is there > any difference if the Yubikey isn't connected? I use my yubikey only for GPG and SSH. The Gemalto key is for Windows Logins. The other members of my group only use the Gemalto key. And they have the same issue. I just tried to only have the Gemalto key plugged, but the problem is the same. Christoph -- ==== Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de signature.asc Description: OpenPGP digital signature
Bug#919281: freerdp2-x11: fails for smartcard login with SCARD_E_INSUFFICIENT_BUFFER
Package: freerdp2-x11 Version: 2.0.0~git20181120.1.e21b72c95+dfsg1-1~bpo9+1 Severity: normal in contrast to freerdp-x11 1.1.0~git20140921.1.440916e+dfsg1-13+deb9u2 freerdp2-x11 fails while trying a smartcard-logon to our several windows servers. The error messages is: [14:11:49:046] [14684:14732] [WARN][com.freerdp.channels.smartcard.client] - IRP failure: SCardStatusW (0x000900CC), status: SCARD_E_INSUFFICIENT_BUFFER (0x8018) It might be depending on the size of the certificate we have on our smartcards. Until about spring last year we could use remmina from stretch-backports, but then it suddenly stopped to work and we could not find a reason. The we switched to freerdp 1 which still works without problems. so freerdp2 is not working as a dropin replacement now. -- System Information: Debian Release: 9.6 APT prefers stable-updates APT policy: (700, 'stable-updates'), (700, 'stable'), (50, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-8-amd64 (SMP w/8 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages freerdp2-x11 depends on: ii libc6 2.24-11+deb9u3 ii libfreerdp-client2-2 2.0.0~git20181120.1.e21b72c95+dfsg1-1~bpo9+1 ii libfreerdp2-2 2.0.0~git20181120.1.e21b72c95+dfsg1-1~bpo9+1 ii libwinpr2-2 2.0.0~git20181120.1.e21b72c95+dfsg1-1~bpo9+1 ii libx11-6 2:1.6.4-3+deb9u1 ii libxcursor1 1:1.1.14-1+deb9u2 ii libxext6 2:1.3.3-1+b2 ii libxfixes31:5.0.3-1 ii libxi62:1.7.9-1 ii libxinerama1 2:1.1.3-1+b3 ii libxrandr22:1.5.1-1 ii libxrender1 1:0.9.10-1 ii libxv12:1.0.11-1 freerdp2-x11 recommends no packages. freerdp2-x11 suggests no packages. -- no debconf information < -- ==== Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de signature.asc Description: OpenPGP digital signature
Bug#918883: debian-installer: does not build custom installer images if debian-security-support is installed
Package: debian-installer Version: 20170615+deb9u5 Severity: normal Tags: d-i Using the howto in https://wiki.debian.org/DebianInstaller/Build to build an installer image with a custom kernel fails if debian-security-support is installed on the build system: Unpacking acpi-modules-4.18.0-0.bpo.3-amd64-di (4.18.20-2~bpo9+1) ... dpkg-query: error: failed to open package info file './tmp/netboot/tree/var/lib/dpkg/status' for reading: No such file or directory dpkg: error: error executing hook 'if [ -x /usr/share/debian-security-support/check-support-status.hook ] ; then /usr/share/debian-security-support/check-support-status.hook ; fi', exit code 512 make[2]: *** [stamps/tree-unpack-netboot-stamp] Error 2 removing the package debian-security-support makes it work. -- System Information: Debian Release: 9.6 APT prefers stable-updates APT policy: (700, 'stable-updates'), (700, 'stable'), (50, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-8-amd64 (SMP w/8 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) signature.asc Description: OpenPGP digital signature
Bug#913556: apt-show-versions: Max. recursion depth with nested structures exceeded
Hi Markus, please try for me to change the value in line 271 from 65536 to a higher value which is high enough for your sources.list . What do you have in sources.list ? Christoph Am 12.11.18 um 11:05 schrieb Markus Frosch: > Package: apt-show-versions > Version: 0.22.9 > Severity: grave > Justification: renders package unusable > > Hello Maintainer, > this might be connected to #913477, but I'm not sure. > > Since upgrading to current testing today the package broke during > configure. > > Might be related to the latest perl transition. > > $ apt install -f > > Reading package lists... Done > Building dependency tree > Reading state information... Done > The following packages were automatically installed and are no longer > required: > libperl5.26 myspell-de-de perl-modules-5.26 > Use 'sudo apt autoremove' to remove them. > 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. > 1 not fully installed or removed. > After this operation, 0 B of additional disk space will be used. > Setting up apt-show-versions (0.22.9) ... > ** initializing cache. This may take a while ** > Max. recursion depth with nested structures exceeded at > /usr/lib/x86_64-linux-gnu/perl/5.28/Storable.pm line 278, at > /usr/bin/apt-show-versions line 273. > dpkg: error processing package apt-show-versions (--configure): > installed apt-show-versions package post-installation script subprocess > returned error exit status 25 > Errors were encountered while processing: > apt-show-versions > > -- System Information: > Debian Release: buster/sid > APT prefers testing-debug > APT policy: (500, 'testing-debug'), (500, 'testing') > Architecture: amd64 (x86_64) > Foreign Architectures: i386 > > Kernel: Linux 4.18.0-2-amd64 (SMP w/4 CPU cores) > Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), > LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > LSM: AppArmor: enabled > > Versions of packages apt-show-versions depends on: > ii apt 1.7.0 > ii libapt-pkg-perl 0.1.34+b1 > ii perl [libstorable-perl] 5.28.0-3 > > apt-show-versions recommends no packages. > > apt-show-versions suggests no packages. > > -- no debconf information > -- Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de signature.asc Description: OpenPGP digital signature
Bug#912695: apt-show-versions: breaks "apt-get update" and uninstallable after Perl 5.28 upgrade
Hi Niko, Version 0.22.9 introduced a setting of recursion_limit_hast to 65536, but I still get reports of user, who need a higher value. If this needs a longer standing solution, I could introduce a config file for this setting. The default values for Storage.pm are different on all platforms and apparently depends on the build environment: > /tmp/usr/lib/aarch64-linux-gnu/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 7236 > /tmp/usr/lib/arm-linux-gnueabi/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 13458 > /tmp/usr/lib/arm-linux-gnueabihf/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 12991 > /tmp/usr/lib/i386-gnu/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 10466 > /tmp/usr/lib/i386-kfreebsd-gnu/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 10464 > /tmp/usr/lib/i386-linux-gnu/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 10462 > /tmp/usr/lib/mips-linux-gnu/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 8756 > /tmp/usr/lib/mips64el-linux-gnuabi64/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 6718 > /tmp/usr/lib/mipsel-linux-gnu/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 8750 > /tmp/usr/lib/powerpc64le-linux-gnu/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 5061 > /tmp/usr/lib/s390x-linux-gnu/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 4039 > /tmp/usr/lib/x86_64-kfreebsd-gnu/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 8557 > /tmp/usr/lib/x86_64-linux-gnu/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 8552 So this might also be an issue with reproducible builds. Christoph Am 04.11.18 um 20:43 schrieb Niko Tyni: > On Sun, Nov 04, 2018 at 06:09:36PM +0100, Salvatore Bonaccorso wrote: > >> This is likely due to the perl upstream change around/with >> https://perl5.git.perl.org/perl.git/commitdiff/c0e3b4b51cabf15ed8fc5f564dfeea31c25f5239 >> . >> >> It can be workarounded by either setting higher limits for >> recursion_limit/recursion_limit_hash or disable it with -1 >> >> $Storable::recursion_limit=-1; >> $Storable::recursion_limit_hash=-1; >> >> but I'm not sure this will be the right solution. > > Thanks. I've filed #912900 about this on the Perl side. Christoph: > please use these workarounds at least for now. Apologies for the trouble. > > Also, please let us know at p...@packages.debian.org when a workaround > is in Debian. We can then add dependency metadata on the perl side to > make sure apt-show-versions gets always upgraded before perl. > > Longer term, I'm not sure Storable is the best tool for this (a cache > of apt list contents.) AFAICS you're reading the whole data structure > in memory even when you need just one entry? You might want to look at > the various Cache / CHI modules, or even just plain GDBM_File. > -- Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de signature.asc Description: OpenPGP digital signature
Bug#912695: Bug#912970: fixed in apt-show-versions 0.22.9
Hi, Am 07.11.18 um 00:30 schrieb Uoti Urpala: > On Tue, 06 Nov 2018 11:34:18 +0000 Christoph Martin > wrote: >>* set a higher limit for the hash stacksize in perl Storable (closes: >> #912695, #912709, #912970, #898090) > > Upgrade and reinstall still fail. Please do some tests for me with the new apt-show-versions. I set a higher limit in line 271. The default value on amd64 is 8552. I set it to 65536. But the actual needed limit for your installation might be even higher. Do you have more than the usual list of sources in /etc/apt ? Christoph -- ======== Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de signature.asc Description: OpenPGP digital signature
Bug#912695: apt-show-versions: breaks "apt-get update" and uninstallable after Perl 5.28 upgrade
Am 04.11.18 um 20:43 schrieb Niko Tyni: > On Sun, Nov 04, 2018 at 06:09:36PM +0100, Salvatore Bonaccorso wrote: > >> This is likely due to the perl upstream change around/with >> https://perl5.git.perl.org/perl.git/commitdiff/c0e3b4b51cabf15ed8fc5f564dfeea31c25f5239 >> . >> >> It can be workarounded by either setting higher limits for >> recursion_limit/recursion_limit_hash or disable it with -1 >> >> $Storable::recursion_limit=-1; >> $Storable::recursion_limit_hash=-1; >> >> but I'm not sure this will be the right solution. > > Thanks. I've filed #912900 about this on the Perl side. Christoph: > please use these workarounds at least for now. Apologies for the trouble. > > Also, please let us know at p...@packages.debian.org when a workaround > is in Debian. We can then add dependency metadata on the perl side to > make sure apt-show-versions gets always upgraded before perl. I had a look into the Storable/Limit.pm files in the different Debian architectures: > /tmp/usr/lib/aarch64-linux-gnu/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 7236 > /tmp/usr/lib/arm-linux-gnueabi/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 13458 > /tmp/usr/lib/arm-linux-gnueabihf/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 12991 > /tmp/usr/lib/i386-gnu/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 10466 > /tmp/usr/lib/i386-kfreebsd-gnu/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 10464 > /tmp/usr/lib/i386-linux-gnu/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 10462 > /tmp/usr/lib/mips-linux-gnu/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 8756 > /tmp/usr/lib/mips64el-linux-gnuabi64/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 6718 > /tmp/usr/lib/mipsel-linux-gnu/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 8750 > /tmp/usr/lib/powerpc64le-linux-gnu/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 5061 > /tmp/usr/lib/s390x-linux-gnu/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 4039 > /tmp/usr/lib/x86_64-kfreebsd-gnu/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 8557 > /tmp/usr/lib/x86_64-linux-gnu/perl/5.28.0/Storable/Limit.pm:$Storable::recursion_limit_hash > = 8552 The limits were calculated on build time. So they are different on each architecture. I don't think this is the correct approach. For apt-show-version I experimented with different values of and succeded with the following: $Storable::recursion_limit_hash = 65536; > Longer term, I'm not sure Storable is the best tool for this (a cache > of apt list contents.) AFAICS you're reading the whole data structure > in memory even when you need just one entry? You might want to look at > the various Cache / CHI modules, or even just plain GDBM_File. apt-show-versions needs more optimizations and enhancements. Patches are welcome. Christoph -- Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de signature.asc Description: OpenPGP digital signature
Bug#783781: apt-show-versions: shows "foo:all not installed" for packages that transitioned from arch any to arch all
Hi Paul, Am 25.10.18 um 16:35 schrieb Paul Wise: > On Thu, 2018-10-25 at 14:45 +0200, Christoph Martin wrote: > >> It is on salsa for about half a year now. > > Ah, I was mislead by the Homepage pointing to Alioth. I should change that. >> Do you have a documentation how to include these snapshots into the >> git history? > Thanks for your howto. I just pushed the rebuild git history. I even could include the missing versions in between backup to version 0.01 . Regards Christoph -- ==== Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de <> signature.asc Description: OpenPGP digital signature
Bug#783781: apt-show-versions: shows "foo:all not installed" for packages that transitioned from arch any to arch all
Hi Paul, Am 25.10.18 um 02:48 schrieb Paul Wise: > > snapshot goes back to 0.03 and the code is slightly different there but > there is also a not installed statement. > > https://snapshot.debian.org/package/apt-show-versions/ > > BTW Christoph, when this package moves to salsa it would be nice to > import those versions so people could use grafts to view the history. > It is on salsa for about half a year now. Do you have a documentation how to include these snapshots into the git history? Christoph -- ======== Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de <> signature.asc Description: OpenPGP digital signature
Bug#910668: O: mason -- Interactively creates a Linux packet filtering firewall
Package: wnpp Severity: normal I intend to orphan the mason package. The package description is: Mason creates a firewall that exactly matches the types of TCP/IP traffic flowing in, out and through a Linux computer. It can be used to create a full firewall or add rules to an existing firewall. -- Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de <> signature.asc Description: OpenPGP digital signature
Bug#691970: mason: diff for NMU version 1.0.0-12.4
Hi Mattia, thanks for your work. But would rather not like to act as maintainer for this package. Since there is no upstream development for years no and it is missing ipv6 support, I think it is no more an interesting package. So we should either orphan the package or even request to remove it from the archive. Greetings Christoph Am 24.09.18 um 11:41 schrieb Mattia Rizzolo: > Control: tags 691970 + pending > Control: tags 693058 + pending > Control: tags 898145 + patch > Control: tags 898145 + pending > > Dear maintainer, > > I've prepared an NMU for mason (versioned as 1.0.0-12.4) and > uploaded it to DELAYED/15. Please feel free to tell me if I > should delay it longer. > > Regards. > > -- ======== Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de <> signature.asc Description: OpenPGP digital signature
Bug#908317: postfixadmin: 'public' directory missing
Hi Jakob, thanks for the bug report and sorry for the problem. I upladed the wrong files. I am just preparing a new version. Christoph Am 08.09.2018 um 13:07 schrieb Jakob Butler: > Package: postfixadmin > Version: 3.2-1 > Severity: grave > Justification: renders package unusable > > Hello, > > The new 3.2 release of postfixadmin has rearranged the files considerably, and > most files relevant for the web interface are now in the 'public' directory. > This directory, however, seems to be missing in the Debian package... > -- ==== Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de <> signature.asc Description: OpenPGP digital signature
Bug#860064: #860064 dnsmasq will not start after dns-root-data upgrade
tags 860064 -stretch thanks Am 19.07.2018 um 19:34 schrieb Adam D. Barratt: >> >> Please explain how the file was changed in stretch on that date. >> Specifically, which version of dns-root-data was updated, from which >> version. >> >> Sorry to keep going on about this, but there wasn't a dns-root-data >> update in the stretch point release that occurred on June 24th, so >> I'm very confused as to what effect you're apparently seeing. > > To correct myself, there wasn't even a stretch point release on that > date, just a jessie one. The remainder of my request still stands - > please provide exact details of the upgrade demonstrating the breakage > in stretch, including binary package names and before and after > versions. Sorry, I have to apologize. I manage several hundred Debian machines. Most of them are already stretch. I was shure that one of the two machines which I checked is stretch, but it is still jessie. I found out when I tried to gather the data, which you regested: >From jessie dpkg.log: 2018-06-24 06:49:52 upgrade dns-root-data:all 2017072601~deb8u1 2017072601~deb8u2 So. Sorry again. The bug is really only in jessie and it came with the update of dns-root-data for jessie on 2018-06-24. So hopefully the Debian-LTS team can do something about the problem in Jessie. Regards Christoph
Bug#860064: #860064 dnsmasq will not start after dns-root-data upgrade
tags 860064 +stretch tags 860064 +jessie thanks Am 01.07.2018 um 15:38 schrieb Adam D. Barratt: > On Sun, 2018-07-01 at 11:38 +, Martin, Christoph wrote: >> dns-root-data had an update a week before. the file with the dns root >> keys was updated. at least the format has changed. > > To re-iterate, no such change has happened recently in stretch. > > I understand that the update in jessie may have introduced such a > change, but at this stage there's unfortunately nothing that either the > security or release teams can do about that, as jessie is EOL and has > moved to the LTS team. The file /usr/share/dns/root.ds was changed in both jessie and stretch with the update at june 24th: # ls -l /tmp/usr/share/dns/root.ds /usr/share/dns/root.ds -rw-r--r-- 1 root root 83 Aug 24 2017 /tmp/usr/share/dns/root.ds -rw-r--r-- 1 root root 180 Dec 8 2017 /usr/share/dns/root.ds # diff -u /tmp/usr/share/dns/root.ds /usr/share/dns/root.ds --- /tmp/usr/share/dns/root.ds 2017-08-24 11:37:46.0 +0200 +++ /usr/share/dns/root.ds 2017-12-08 07:31:40.0 +0100 @@ -1 +1,2 @@ -. IN DS 19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5 +. 172800 IN DS 19036 8 2 49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde32f24e8fb5 +. 172800 IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d So both jessie and stretch are affected und should get an update of /etc/init.d/dnsmasq . The following patch fixes it: # diff -u /etc/init.d/dnsmasq~ /etc/init.d/dnsmasq --- /etc/init.d/dnsmasq~2015-05-05 11:17:08.0 +0200 +++ /etc/init.d/dnsmasq 2018-06-25 10:04:05.138221809 +0200 @@ -111,7 +111,8 @@ ROOT_DS="/usr/share/dns/root.ds" if [ -f $ROOT_DS ]; then - DNSMASQ_OPTS="$DNSMASQ_OPTS `sed -e s/". IN DS "/--trust-anchor=.,/ -e s/" "/,/g $ROOT_DS | tr '\n' ' '`" +# DNSMASQ_OPTS="$DNSMASQ_OPTS `sed -e s/". IN DS "/--trust-anchor=.,/ -e s/" "/,/g $ROOT_DS | tr '\n' ' '`" + DNSMASQ_OPTS="$DNSMASQ_OPTS `sed -e s/".*\sIN\sDS\s"/--trust-anchor=.,/ -e s/" "/,/g $ROOT_DS | tr '\n' ' '`" fi start() -- Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de <> signature.asc Description: OpenPGP digital signature
Bug#898090: Is there any progress on this bug at all -- getting critical!
Hi Jeff, hi Shawn, The original bug report was malformed and only later assigned to the correct package. On 12.06.2018 jeffwinkf...@gmail.com wrote: > i get the same exact error when trying to install apt-show-versions > (.22.7) > > running: kali 2018.2; mate; no extra ppas; nvidia-legacy-340; i5; > 16gram > Am 19.07.2018 um 13:35 schrieb Shawn Anderson: > I am not able to install any security updates at all on multiple systems > due to this bug – is there ANY progress or workaround? The bug report states in the error message: > Max. recursion depth with nested structures exceeded at > /usr/local/lib/x86_64-linux-gnu/perl/5.24.1/Storable.pm line 278, at > /usr/bin/apt-show-versions line 274. Do you also have a locale version of Storabe.pm in addition to the following? libperl5.24:amd64: /usr/lib/x86_64-linux-gnu/perl/5.24.1/Storable.pm Please remove the version from /usr/local/lib and retry. Regards Christoph -- ==== Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de <> signature.asc Description: OpenPGP digital signature
Bug#898090: apt-show-versions
found 898090 0.22.7 thanks Hi Hugh, your bug report never reached me, because it was malformed: Package: apt-show-sversions Version: apt-show-versions I only learned about the bug because of two followups. I see in your report: > Max. recursion depth with nested structures exceeded at > /usr/local/lib/x86_64-linux-gnu/perl/5.24.1/Storable.pm line 278, at > /usr/bin/apt-show-versions line 274. Why do you have a local version of Storable.pm? libperl5.24 brings its own version in /usr/lib/x86_64-linux-gnu/perl/5.24.1/Storable.pm Please remove the local version and retry apt-show-versions -i as root. Regards Christoph -- Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de <> signature.asc Description: OpenPGP digital signature
Bug#860064: This problem starts to get serios
Are your servers Jessie or Stretch ? Am 10. Juli 2018 15:42:00 MESZ schrieb Anton Avramov : >My servers stops working all around the country because of this >problem, >since they autoupdate themselves > >Can the LTS team fix this? > >-- >Антон Аврамов /Anton Avramov/ > >Луканет ООД /Lukanet Ltd/ > >София, България /Sofia, Bulgaria/ >ул. Никола Габровски 108 /108 Nikola Gabrovski str./ >tel. +359 2 4918040 >website: http://lukanet.com > >-- >To unsubscribe, send mail to 860064-unsubscr...@bugs.debian.org.
Bug#860064: #860064 dnsmasq will not start after dns-root-data upgrade
severity 860064 critical tags 860064 +jessie thanks yesterday jessie and stretch upgraded the dns-root-data package, which includes the new root DNSSEC keys with a time to live value added. Because auf this update and the bug in dnsmasq, every dnsmasq installation on jessie and stretch which has dns-root-data installed will fail to work. The patch in the bug report is easy and works. We need an urgent update for jessie and stretch. Regards Christoph signature.asc Description: OpenPGP digital signature
Bug#898165: linux-image-3.16.0-6-amd64: can't mount NFS shares via nfs referrals
Am 11.05.2018 um 14:21 schrieb Moritz Schlarb: > we tried to get some insight into the issue by wiresharking while trying > to mount. > > Although the client first receives NFS4ERR_MOVED and then re-queries for > FS_Locations and receives a correct response for the referred > fs_location, it just does not continue to mount that given fs_location > then like it used to. Furthermore we see no package going out to the referred NFS server. Christoph -- ==== Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de <> signature.asc Description: OpenPGP digital signature
Bug#897683: RFA: postfixadmin -- Virtual mail hosting interface for Postfix
Package: wnpp Severity: normal I request an adopter for the postfixadmin package. I did the last uploads to make shure that it stays in Debian, but I can't test the package thoroughly. I don't have enough knowledge of postfix. The original maintainer Normal stated that he also has no time to work on it. I'll try to do the current new upstream version, but would prefer to see someone more experienced working on postfixadmin. The package description is: Postfixadmin is a web interface to manage virtual users and domains for a Postfix mail transport agent. It supports Virtual mailboxes, aliases, forwarders and vacation. . Postfixadmin allows administrators to delegate account handling to domain administrators and allows users to login and change their own settings (e.g. forwarders, vacation, passwords etc). . It provides easy integration into dovecot, courier or cyrus. . Postfixadmin is written in PHP. Christoph -- Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de <> signature.asc Description: OpenPGP digital signature
Bug#891224: Bug 891224
Hi Jörg, Am 01.05.2018 um 21:13 schrieb Jörg Delker: > I'm suffering the same problem. > In my case I can confirm that mod_php (libapache2-mod-php7.0) is in use > and is linked against openssl 1.1: > in our experience it depends on the order of module loads. If libapache2-mod-php7.0 is the last module loaded which is linked against libssl, it is not a problem. If there is another module, which needs libssl 1.0 after mod_php , the problem surfaces. Please try to find out the order, in which your modules are loaded and check which one is linked agains which version of openssl. Christoph -- ==== Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de <> signature.asc Description: OpenPGP digital signature
Bug#897427: linux-image-3.16.0-6-amd64 breaks KVM guests in libvirt
severity 897427 important thanks same problem here. Host can only start one VM. Second VM does not start with: **error: Cannot get interface MAC on 'vnet%d': No such device* If you shut down the firts VM, you can start another one. Christoph -- Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de <> signature.asc Description: OpenPGP digital signature
Bug#897214: Fixed in 6.1.7-1
seafile-6.1.7-1 is still stuck in NEW queue. Am 30.04.2018 um 10:24 schrieb Moritz Schlarb: > Control: fixed -1 seafile-cli/6.1.7-1 > Control: tags -1 + fixed pending > > This will be resolved as soon as src:seafile/6.1.7-1 finally migrates... > -- ==== Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de <> signature.asc Description: OpenPGP digital signature
Bug#893039: libccnet0: contains a python module
I uploaded Version 6.1.7-1 yesterday. It is currently in the NEW queue. Christoph Am 17.04.2018 um 12:04 schrieb Moritz Schlarb: > Hi Helmut, > > I addressed this issue in 6.1.5-2, but since this leads to a new binary > upload, I can't upload it myself since I'm just a DM. > My mentor/sponsor Christoph is currently out of the office, so he can't > do it either. > So I've uploaded it to https://mentors.debian.net/package/ccnet - maybe > you are willing to perform the upload for me (If that went through, I'm > gonna upload the new upstream version myself). > > Best regards, > Moritz > -- ======== Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de <> signature.asc Description: OpenPGP digital signature
Bug#894108: postfixadmin: broken installation, causes removal of mariadb-server
severity 894108 normal tags 894108 +jessie tags 894108 +wontfix thanks Hi Valerio, Am 26.03.2018 um 16:13 schrieb Valerio Bozzolan: > Package: postfixadmin > Version: 2.3.7-1 > Severity: critical > File: postfixadmin > Justification: breaks unrelated software > > Today I installed postfixadmin in Debian GNU/Linux jessie and, as a result, > the installation automatically replaced my existing mariadb-server > installation with mysql 5.5, morover ending with a subprocess error and > causing a dependency trap. > > Is it known that this package can't co-exist with MariaDB? I am not the maintainer of this package, so I don't know what the decisions at that time were. But most packages in jessie then depended on mysql-client. And since mariadb-client did not provide mysql-client as it is in stretch, the dependencies would result in the installation of mysql-client which conflicts with mariadb-client etc. .. So, sorry this is not a bug in postfixadmin. And since jessie is oldstable there is no way to upload a new package just to change anything in the dependencies. > (Is it normal that apt-get does not show any [Y/n/..] prompt in applying this > breaking solution?) > > Thanks. > > apt-get install postfixadmin > .. > Remv mariadb-server [10.0.32-0+deb8u1] > Remv mariadb-server-10.0 [10.0.32-0+deb8u1] > Remv mariadb-server-core-10.0 [10.0.32-0+deb8u1] > Remv mariadb-client-10.0 [10.0.32-0+deb8u1] [wordpress:amd64 ] > Remv mariadb-client-core-10.0 [10.0.32-0+deb8u1] [wordpress:amd64 ] > Inst mysql-client-5.5 (5.5.59-0+deb8u1 Debian-Security:8/oldstable [amd64]) > .. If you apt ist configured normaly, it should have asked you about the removes. It is not removing packages if you do not explicitly say yes (or have in you config the equivalent). Christoph -- ==== Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de <> signature.asc Description: OpenPGP digital signature
Bug#891224: Just enabling the module makes apache children segfault
Hi Enrico, we know of a bunch of installations where libapache2-mod-auth-openidc is working without a problem in jessie and stretch. So it must be something special with your setup. From your ldd analysis it does not show a problem with libssl versions. But do you have both libssl-1.1 and libssl-1.0 installed? If yes, which packages depend on them? Can you provide a stack-trace? Christoph -- Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de <> signature.asc Description: OpenPGP digital signature
Bug#891224: Just enabling the module makes apache children segfault
Hi Enrico, Am 23.02.2018 um 15:25 schrieb Enrico Zini: > Package: libapache2-mod-auth-openidc > Version: 2.1.6-1 > Severity: serious > > Hello, > > this has just been witnessed on diabelli.debian.org: > > apt install libapache2-mod-auth-openidc > a2enmod auth_openidc > systemctl restart apache2 > > at this point, just visiting sso.debian.org causes an internal server > error, with segfaults in the error log: > > [Fri Feb 23 14:22:56.038768 2018] [core:notice] [pid 19113:tid > 140156425577664] AH00052: child pid 19116 exit signal Segmentation fault (11) > Do you happen to have mod_php enabled? We have seen problems together with mod_php which is falsely linked with openssl 1.1 while apache itself and all other modules are linked with openssl 1.0 which was the policy for stretch release. Then it depends on the load order of the modules if apache crashes or not. Can you verify this? Christoph -- ======== Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de <> signature.asc Description: OpenPGP digital signature
Bug#887696: likwid FTBFS with glibc 2.26
Hi Juhani, Am 29.01.2018 um 16:02 schrieb Juhani Numminen: > > The directory ext/hwloc seems to be an embedded code copy of src:hwloc that > is not listed by security-tracker-team.[1] > > The failing file seems to be for hwloc private use only. Is it possible to > use the package libhwloc-dev instead of the embedded copy? > > [1] https://wiki.debian.org/EmbeddedCodeCopies > > https://salsa.debian.org/security-tracker-team/security-tracker/blob/master/data/embedded-code-copies > I've talked with upstream about this issue and they are working on build with hwloc from the distribution. Christoph -- ==== Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de <> signature.asc Description: OpenPGP digital signature
Bug#887696: likwid FTBFS with glibc 2.26
Hi Adrian, Am 29.01.2018 um 10:55 schrieb Adrian Bunk: > On Mon, Jan 29, 2018 at 10:50:20AM +0100, Christoph Martin wrote: >> So, it should never be tried to be included. Could you please try to >> find out why this is different in your setup? >> >> I can't reproduce this. > > Please send me the log of your successful build in an up-to-date unstable. > Sorry. You are right. I just found out that I already had a newer version which fixes this issue. I'll upload the fix soon. Christoph -- ======== Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber/XMPP: mar...@jabber.uni-mainz.de <> signature.asc Description: OpenPGP digital signature
Bug#887696: likwid FTBFS with glibc 2.26
Hi Adrian, Am 23.01.2018 um 16:01 schrieb Adrian Bunk: > On Tue, Jan 23, 2018 at 11:13:38AM +0100, Christoph Martin wrote: >> Hi Adrian, >> >> I just tried to rebuild likwid and it succeded. xlocale.h is only >> include if HAVE_XLOCALE_H is set which is not. > > ext/hwloc/include/private/autogen/config.h doesn't seem to be > regenerated during the build. > Yes. I know. config.h has: /* Define to 1 if you have the header file. */ //#define HAVE_XLOCALE_H 1 private.h has: #ifdef HAVE_XLOCALE_H #include "xlocale.h" #endif So, it should never be tried to be included. Could you please try to find out why this is different in your setup? I can't reproduce this. Christoph -- ==== Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber: mar...@jabber.uni-mainz.de (Siehe http://www.zdv.uni-mainz.de/4010.php) <> signature.asc Description: OpenPGP digital signature
Bug#887696: likwid FTBFS with glibc 2.26
Hi Adrian, I just tried to rebuild likwid and it succeded. xlocale.h is only include if HAVE_XLOCALE_H is set which is not. Please retry. Christoph Am 19.01.2018 um 06:24 schrieb Adrian Bunk: > Source: likwid > Version: 4.2.1+dfsg1-1 > Severity: serious > > https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/likwid.html > > ... > In file included from ./hwloc/bind.c:11:0: > ./include/private/private.h:249:10: fatal error: xlocale.h: No such file or > directory > #include "xlocale.h" > ^~~ > compilation terminated. > Makefile:52: recipe for target 'GCC/bind.o' failed > make[3]: *** [GCC/bind.o] Error 1 > -- ======== Christoph Martin, Leiter Unix-Systeme Zentrum für Datenverarbeitung, Uni-Mainz, Germany Anselm Franz von Bentzel-Weg 12, 55128 Mainz Telefon: +49(6131)3926337 Instant-Messaging: Jabber: mar...@jabber.uni-mainz.de (Siehe http://www.zdv.uni-mainz.de/4010.php) <> signature.asc Description: OpenPGP digital signature