Bug#1004534: Please promote version 1.38.0-1 to unstable
Source: golang-google-grpc Version: 1.27.1-1 Severity: wishlist Please upload 1.38.0-1 to unstable so that it can be used for packages there. It's a requirement to upload dnscrypt-proxy 2.1.1 for example. -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 5.9.0-1-amd64 (SMP w/2 CPU threads) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Bug#991052: golang-google-grpc-dev: Outdated package
Any chance at an unstable upload soon? -- Eric Dorland 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93
Bug#993949: dnscrypt-proxy fails to use address from DoH servers on start-up, resorts to system resolver
Control: forwarded -1 https://github.com/DNSCrypt/dnscrypt-proxy/issues/1861 Thanks for the report. I've marked it forwarded upstream, and the fix appears to be in https://github.com/DNSCrypt/dnscrypt-proxy/commit/0f00cd27f92cee434336c6d6cde9df26286d8dbe. Do you think this is serious enough to warrant cherrypicking into the package or should we just wait for the next upstream release? * Danny van Heumen (da...@dannyvanheumen.nl) wrote: > Package: dnscrypt-proxy > Version: 2.0.45+ds1-1+b5 > Severity: normal > X-Debbugs-Cc: da...@dannyvanheumen.nl > > Dear Maintainer, > > A bug was recently found where DNS stamp information is used > incorrectly to fill the resolver cache on initialization. > > In short, DNS stamps of the various DNSCrypt/DoH/etc. resolvers include > hostname and port information for finding the server. Additionally, it > (optionally) includes an IPv4/IPv6 address to find the server without > nameserver resolution for bootstrapping/initialization purposes, in such > cases where it is unreliable or unavailable. > > dnscrypt-proxy intends to use this address in all cases - caching the > address with unlimited lifetime, but accidentally stored it with incorrect > key "hostname with optional port number". Subsequently loading from a key > "hostname" will fail to load the address from the cache. > > Consequently, in all cases of DoH servers that include a port number, > the bootstrapping address could not be loaded and dnscrypt-proxy needs to > rely on the system resolver to look up the address anyways. > > The details can be found in > https://github.com/DNSCrypt/dnscrypt-proxy/issues/1861 > and a side-effect was under discussion at > https://github.com/DNSCrypt/dnscrypt-proxy/discussions/1828 > > It is beneficial to use the DNS stamp information both for speed and > reliability of resolution. > > Kind regards, > Danny > > > PS: I am not familiar with bug reporting or bug handling in Debian. Please > let me know if I should do things differently. I may be able to help if > you want to cherry-pick the bugfix from upstream. (Although I am not > affiliated with the project in any way.) > > > -- System Information: > Debian Release: 11.0 > APT prefers stable-security > APT policy: (500, 'stable-security'), (500, 'stable') > Architecture: amd64 (x86_64) > > Kernel: Linux 5.10.0-8-amd64 (SMP w/4 CPU threads) > Kernel taint flags: TAINT_USER > Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), > LANGUAGE=en_US:en > Shell: /bin/sh linked to /usr/bin/dash > Init: systemd (via /run/systemd/system) > LSM: AppArmor: enabled > > Versions of packages dnscrypt-proxy depends on: > ii adduser 3.118 > ii libc6 2.31-13 > ii lsb-base 11.1.0 > > dnscrypt-proxy recommends no packages. > > Versions of packages dnscrypt-proxy suggests: > pn resolvconf > > -- Configuration Files: > /etc/dnscrypt-proxy/dnscrypt-proxy.toml changed [not included] > > -- no debconf information -- Eric Dorland 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#992749: ITP: golang-github-powerman-deepequal -- Go package with improved reflect.DeepEqual
Package: wnpp Severity: wishlist Owner: Eric Dorland * Package name: golang-github-powerman-deepequal Version : 0.1.0-1 Upstream Author : Alex Efros * URL : https://github.com/powerman/deepequal * License : MIT Programming Lang: Go Description : Go package with improved reflect.DeepEqual Go package with improved reflect.DeepEqual Go Reference (https://pkg.go.dev/github.com/powerman/deepequal) CI/CD (https://github.com/powerman/deepequal/actions?query=workflow%3ACI%2FCD) Coverage Status (https://coveralls.io/github/powerman/deepequal?branch=master) Go Report Card (https://goreportcard.com/report/github.com/powerman/deepequal) Release (https://github.com/powerman/deepequal/releases/latest) . Most of the code is copied from Go reflect package with slight modifications. . Differences from reflect.DeepEqual: • If compared value implements .Equal(valueOfSameType) bool method then it will be called instead of comparing values as is.• If called Equal method will panics then whole DeepEqual will panics too. This means you can use this DeepEqual method to correctly compare types like time.Time or decimal.Decimal, without taking in account unimportant differences (like time zone or exponent). Needed for golang-github-powerman-check
Bug#989322: Patch
FYI https://salsa.debian.org/debian/borgmatic/-/merge_requests/3 -- Eric Dorland 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93
Bug#989322: Please include systemd service and timer
Package: borgmatic Version: 1.5.12-2 Severity: wishlist Generally users of borgmatic want a low configuration overhead for their backups. It would be great if the sample systemd service and timers were included by default so less configuration was needed up front. -- System Information: Debian Release: 11.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 5.9.0-1-amd64 (SMP w/2 CPU threads) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages borgmatic depends on: ii borgbackup 1.1.16-1 ii python33.9.2-3 ii python3-colorama 0.4.4-1 ii python3-pkg-resources 52.0.0-3 ii python3-pykwalify 1.8.0-1 ii python3-requests 2.25.1+dfsg-2 ii python3-ruamel.yaml0.16.12-2 borgmatic recommends no packages. borgmatic suggests no packages. -- no debconf information
Bug#979726: [pkg-opensc-maint] Bug#979726: opensc-pkcs11 0.21.0 breaks my vpn setup. Downgrading to 0.20.0 fixes the problem.
forwarded -1 https://github.com/OpenSC/OpenSC/issues/2199 thanks * Eric Valette (eric.vale...@free.fr) wrote: > Package: opensc-pkcs11 > Version: 0.21.0-1 > Severity: normal > Tags: upstream > > My entreprose vpn setup use a PKI token that when 0.21.0-1 is mo more usable. > I looked at the pcks11 options used to start openvpn in the systemd service > file > > If I use opensc 0.21.0, the PKI led blinks and is accessed but no pkcs11-id > are displayed : > > openvpn --pkcs11-providers p11-kit-proxy.so --show-pkcs11-ids > > The following objects are available for use. > Each object shown below may be used as parameter to > --pkcs11-id option please remember to use single quote mark. > > Downgrading to opensc 0.20.0 I get (stuff removed for confidentiality reasons) > > openvpn --pkcs11-providers p11-kit-proxy.so --show-pkcs11-ids > > The following objects are available for use. > Each object shown below may be used as parameter to > --pkcs11-id option please remember to use single quote mark. > > Certificate > DN: xxx > Serial: xxx > Serialized id: xxx > > Certificate > DN: xxx > Serial: xxx > Serialized id: xxx > > Certificate > DN: xxx > Serial: xxx > Serialized id: xxx > > Certificate > DN: xxx > Serial: xxx > Serialized id: xxx > > p11-kit list-modules > p11-kit-trust: p11-kit-trust.so > library-description: PKCS#11 Kit Trust Module > library-manufacturer: PKCS#11 Kit > library-version: 0.23 > token: System Trust > manufacturer: PKCS#11 Kit > model: p11-kit-trust > serial-number: 1 > hardware-version: 0.23 > flags: > write-protected > token-initialized > opensc-pkcs11: opensc-pkcs11.so > library-description: OpenSC smartcard framework > library-manufacturer: OpenSC Project > library-version: 0.21 > orange-dongle-aladdin: /usr/lib/libeToken.so > library-description: SafeNet eToken PKCS#11 > library-manufacturer: SafeNet, Inc. > library-version: 10.7 > > With the 0.20.0 modules > > pkcs11-tool --module p11-kit-proxy.so -O > Using slot 1 with a present token (0x12) > > With 0.21.0 modules > > pkcs11-tool --module p11-kit-proxy.so -O > error: PKCS11 function C_GetSlotInfo failed: rv = CKR_FUNCTION_NOT_SUPPORTED > (0x54) > > Abortin > > Many colleage have been hit by the bug. I opened it upstream at > https://github.com/OpenSC/OpenSC/issues/2199 > > > -- System Information: > Debian Release: bullseye/sid > APT prefers unstable > APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') > Architecture: amd64 (x86_64) > > Kernel: Linux 5.10.6 (SMP w/8 CPU threads; PREEMPT) > Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE > Locale: LANG=fr_FR.UTF8, LC_CTYPE=fr_FR.UTF8 (charmap=UTF-8), LANGUAGE not set > Shell: /bin/sh linked to /usr/bin/bash > Init: systemd (via /run/systemd/system) > > Versions of packages opensc-pkcs11 depends on: > ii libc6 2.31-9 > ii libglib2.0-0 2.67.1-1 > ii libssl1.1 1.1.1i-1 > ii zlib1g1:1.2.11.dfsg-2 > > opensc-pkcs11 recommends no packages. > > opensc-pkcs11 suggests no packages. > > -- no debconf information > > ___ > pkg-opensc-maint mailing list > pkg-opensc-ma...@alioth-lists.debian.net > https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-opensc-maint -- Eric Dorland 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93
Bug#979535: Please package latest upstream release
Source: golang-github-miekg-dns Severity: wishlist There have been several new upstream releases and the newest dnscrypt-proxy package requires a newer version. -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 5.9.0-1-amd64 (SMP w/2 CPU threads) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Bug#969298: Kerberos authentication broken
* Ilias Tsitsimpis (ilias...@debian.org) wrote: > Hi Eric, > > On Sun, Aug 30, 2020 at 06:32PM, Eric Dorland wrote: > > Kerberos authentication appears to be broken. > > [...] > > Versions of packages offlineimap depends on: > > ii python-imaplib2 2.57-5.1 > > ii python-six 1.15.0-1 > > ii python2 2.7.18-2 > > > > Versions of packages offlineimap recommends: > > ii python-socks 1.6.8+dfsg-1.1 > > > > Versions of packages offlineimap suggests: > > pn python-gssapi > > OfflineIMAP requires `python-gssapi` for Kerberos authentication, which > is missing from your system. Could you please install `python-gssapi` > and retry? Ahh, it looks like python-gssapi has been removed from unstable :( -- Eric Dorland 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93
Bug#965995: dnscrypt-proxy: Purging fails: rm: cannot remove '/etc/dnscrypt-proxy/dnscrypt-proxy.conf.dpkg-bak': Is a directory
* Axel Beckert (a...@debian.org) wrote: > Package: dnscrypt-proxy > Version: 2.0.44+ds1-2 > Severity: serious > X-Debbugs-Cc: Axel Beckert > > Purging dnscrypt-proxy fails for me as follows (and IIRC I never changed > anything from the default config, but the package might have a bit on > history on that machine): > > # dpkg --purge dnscrypt-proxy > (Reading database ... 1190427 files and directories currently installed.) > Purging configuration files for dnscrypt-proxy (2.0.44+ds1-2) ... > rm: cannot remove '/etc/dnscrypt-proxy/dnscrypt-proxy.conf.dpkg-bak': Is a > directory > dpkg: error processing package dnscrypt-proxy (--purge): > installed dnscrypt-proxy package post-removal script subprocess returned > error exit status 1 > Errors were encountered while processing: > dnscrypt-proxy > > Might be just a missing "-r" to "rm" in the postrm script or so. So this appears to be a bug related to a mess in the past where there was a /etc/dnscrypt-proxy/dnscrypt-proxy.conf directory created at some point. I'm using dpkg-maintscript-helper but it appears to failing on this edge case. -- Eric Dorland 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#969298: Kerberos authentication broken
Package: offlineimap Version: 7.3.3+dfsg1-1 Severity: important Kerberos authentication appears to be broken. I believe this happened after my latest apt full-upgrade, though I think the only relevant package that changed was python-imaplib2. Debugging flag isn't giving me a lot to go on: $ offlineimap -d ALL WARNING:root:Using old interface name, consider using one of quiet, ttyui, machineui, syslog, basic, blinkenlights OfflineIMAP 7.3.3 Licensed under the GNU GPL v2 or any later version (with an OpenSSL exception) INFO:OfflineImap:OfflineIMAP 7.3.3 Licensed under the GNU GPL v2 or any later version (with an OpenSSL exception) imaplib2 v2.57 (system), Python v2.7.18, OpenSSL 1.1.1g 21 Apr 2020 INFO:OfflineImap:imaplib2 v2.57 (system), Python v2.7.18, OpenSSL 1.1.1g 21 Apr 2020 Now debugging for imap: IMAP protocol debugging DEBUG:OfflineImap:Now debugging for imap: IMAP protocol debugging Now debugging for maildir: Maildir repository debugging DEBUG:OfflineImap:Now debugging for maildir: Maildir repository debugging Now debugging for thread: Threading debugging DEBUG:OfflineImap:Now debugging for thread: Threading debugging Now debugging for : Other offlineimap related sync messages DEBUG:OfflineImap:Now debugging for : Other offlineimap related sync messages Account sync kuroneko: [thread]: Register new thread 'Account sync kuroneko' (account 'kuroneko') DEBUG:OfflineImap:[thread]: Register new thread 'Account sync kuroneko' (account 'kuroneko') [imap]: Using authentication mechanisms ['GSSAPI', 'XOAUTH2', 'CRAM-MD5', 'PLAIN', 'LOGIN'] DEBUG:OfflineImap:[imap]: Using authentication mechanisms ['GSSAPI', 'XOAUTH2', 'CRAM-MD5', 'PLAIN', 'LOGIN'] [maildir]: MaildirRepository initialized, sep is '.' DEBUG:OfflineImap:[maildir]: MaildirRepository initialized, sep is '.' *** Processing account kuroneko INFO:OfflineImap:*** Processing account kuroneko Establishing connection to forge.kuroneko.ca:993 (forge) INFO:OfflineImap:Establishing connection to forge.kuroneko.ca:993 (forge) [imap]: forge: level 'tls_compat', version 'None' DEBUG:OfflineImap:[imap]: forge: level 'tls_compat', version 'None' [imap]: Attempting GSSAPI authentication DEBUG:OfflineImap:[imap]: Attempting GSSAPI authentication [imap]: Attempting PLAIN authentication DEBUG:OfflineImap:[imap]: Attempting PLAIN authentication Enter password for user 'eric': Let me know if I can do something else to get info. -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-5-amd64 (SMP w/2 CPU threads) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages offlineimap depends on: ii python-imaplib2 2.57-5.1 ii python-six 1.15.0-1 ii python2 2.7.18-2 Versions of packages offlineimap recommends: ii python-socks 1.6.8+dfsg-1.1 Versions of packages offlineimap suggests: pn python-gssapi -- no debconf information
Bug#964280: DDPO: lintian links no longer work
Package: qa.debian.org Severity: normal For example, the link for the package "dnscrypt-proxy" is https://lintian.debian.org/reports/maintainer/eric%40debian.org.html#dnscrypt-proxy, which returns a 404. It looks like there are now links for source packages like https://lintian.debian.org/sources/dnscrypt-proxy.html that should be easy to use instead. -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-5-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Bug#963180: automake-1.16 could NOT build with DEB_BUILD_PROFILE=stage1
Is this a bug in debhelper? If you're asking for nodoc build, why would dh_installinfo want to install anything? * Đoàn Trần Công Danh (sgn.d...@gmail.com) wrote: > Package: automake > Version: 1.16.1-4 > > Step to procedure: > > $ export DEB_BUILD_PROFILE=stage1 > $ # Below is none-complete, filled all no-profiles from > $ # https://wiki.debian.org/BuildProfileSpec > $ export DEB_BUILD_PROFILES=stage1,nodoc,nocheck,nobiarch > $ dpkg-buildpackage > > dh_installinfo complains that doc/automake-1.16.info not found. > > I need this patch: > 8< > --- debian/rules.orig 2020-06-20 13:47:36.551860112 +0700 > +++ debian/rules 2020-06-20 13:48:07.398980348 +0700 > @@ -30,6 +30,7 @@ > override_dh_auto_build: > ifeq ($(DEB_BUILD_PROFILE),stage1) > touch doc/automake.info > + cp doc/automake.info doc/automake-$(version).info > endif > dh_auto_build > > >8-- > -- Eric Dorland 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#948234: ITP: golang-github-hectane-go-acl -- Go library for manipulating ACLs on Windows
Package: wnpp Severity: wishlist Owner: Eric Dorland * Package name: golang-github-hectane-go-acl Version : 0.0~git20190604.da78bae-1 Upstream Author : Hectane * URL : https://github.com/hectane/go-acl * License : MIT Programming Lang: Go Description : Go library for manipulating ACLs on Windows Manipulating ACLs (Access Control Lists) on Windows is difficult. go-acl wraps the Windows API functions that control access to objects, simplifying the process.
Bug#948233: ITP: golang-github-powerman-check -- Helpers to complement Go testing package
Package: wnpp Severity: wishlist Owner: Eric Dorland * Package name: golang-github-powerman-check Version : 1.2.1-1 Upstream Author : Alex Efros * URL : https://github.com/powerman/check * License : MIT Programming Lang: Go Description : Helpers to complement Go testing package Write Go tests with ease and fun! This package is like testify/assert on steroids. . Features: * Compelling output from failed tests. * Statistics with amount of passed/failed checks. * Colored output in terminal. * 100% compatible with testing package - check package just provide convenient wrappers for *testing.T methods and doesn't introduce new concepts like BDD, custom test suite or unusual execution flow. * Very easy to add your own check functions. * Concise, handy and consistent API, without dot-import!
Bug#933312: ITP: golang-github-cloudflare-circl -- Cloudflare Interoperable Reusable Cryptographic Library
Package: wnpp Severity: wishlist Owner: Eric Dorland * Package name: golang-github-cloudflare-circl Version : 1.0.0 Upstream Author : Cloudflare * URL : https://github.com/cloudflare/circl * License : BSD Programming Lang: Go Description : Cloudflare Interoperable Reusable Cryptographic Library CIRCL is a collection of cryptographic primitives written in Go. The goal of this library is to be used as a tool for experimental deployment of cryptographic algorithms targeting Post-Quantum (PQ) and Elliptic Curve Cryptography (ECC).
Bug#922650: [pkg-opensc-maint] Bug#922650: opensc-pkcs11: fails to work with dual CAC PIV cards
Hi, I'm a bit reluctant to take sure a significant patch set that hasn't been in a release. Can you elaborate on the consequences of not taking it? * A. Maitland Bottoms (bott...@debian.org) wrote: > Package: opensc-pkcs11 > Version: 0.19.0-1 > Severity: important > Tags: patch > > Dear Maintainer, > > Recent PIV enabled CAC cards are not handled by the opensc 0.19.0 > release. Yet all current CAC cards are scheduled to enable PIV > authentication by March 31, 2019. > > For users of these cards, this bug is of grave severity. > > This problem has been solved recently upstream > https://github.com/OpenSC/OpenSC > although the fixes have not yet been included in an upstream release. > > I have cherry-picked from upstream commits a small set that provides > working card support. It works for me using > pkcs11-tool --module /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so -l -t > ssh-keygen -D /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so > ssh -I /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so > and Firefox browser smart card token support. > > Attached is a debdiff of my test package. > > I think Buster will be much better if we can release it with support > for this use case. > > Thanks, > -Maitland > > enc: opensc-pkcs11-Dual-CAC-PIV-and-PIVK-support.debdiff > ___ > pkg-opensc-maint mailing list > pkg-opensc-ma...@alioth-lists.debian.net > https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-opensc-maint -- Eric Dorland 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93
Bug#913674: release.debian.org: Regression: Recent upgrade of opensc breaks Yubikey NEO support
Sorry for the delay, I'm happy to prepare a p-u upload this weekend. -- Eric Dorland 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93
Bug#909444: Minor security issues, CVE-2018-{16391-16393,16418-16427}
Package: opensc Version: 0.16.0-3 Severity: important Tags: security https://security-tracker.debian.org/tracker/source-package/opensc has the complete list. -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.5.0-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages opensc depends on: ii libc6 2.27-5 ii libglib2.0-0 2.56.1-2 ii libreadline7 7.0-5 ii libssl1.1 1.1.1~~pre9-1 ii opensc-pkcs11 0.18.0-3 ii zlib1g 1:1.2.11.dfsg-1 Versions of packages opensc recommends: ii pcscd 1.8.23-3 opensc suggests no packages. -- no debconf information
Bug#900172: GSSAPI/Kerberos authentication broken in latest version (7.2.0+dfsg1-1)
Package: offlineimap Version: 7.2.0+dfsg1-1 Severity: important Let me know if I can provide more information. $ offlineimap -d imap WARNING:root:Using old interface name, consider using one of quiet, ttyui, machi neui, syslog, basic, blinkenlights OfflineIMAP 7.2.0 Licensed under the GNU GPL v2 or any later version (with an OpenSSL exception) INFO:OfflineImap:OfflineIMAP 7.2.0 Licensed under the GNU GPL v2 or any later version (with an OpenSSL exception) imaplib2 v2.57 (system), Python v2.7.15, OpenSSL 1.1.0h 27 Mar 2018 INFO:OfflineImap:imaplib2 v2.57 (system), Python v2.7.15, OpenSSL 1.1.0h 27 Mar 2018 Debug mode: Forcing to singlethreaded. INFO:OfflineImap:Debug mode: Forcing to singlethreaded. Now debugging for imap: IMAP protocol debugging DEBUG:OfflineImap:Now debugging for imap: IMAP protocol debugging Now debugging for : Other offlineimap related sync messages DEBUG:OfflineImap:Now debugging for : Other offlineimap related sync messages Account sync kuroneko: [imap]: Using authentication mechanisms ['GSSAPI', 'XOAUTH2', 'CRAM-MD5', 'PLAI N', 'LOGIN'] DEBUG:OfflineImap:[imap]: Using authentication mechanisms ['GSSAPI', 'XOAUTH2', 'CRAM-MD5', 'PLAIN', 'LOGIN'] *** Processing account kuroneko INFO:OfflineImap:*** Processing account kuroneko Establishing connection to forge.kuroneko.ca:993 (forge) INFO:OfflineImap:Establishing connection to forge.kuroneko.ca:993 (forge) [imap]: forge: level 'tls_compat', version 'None' DEBUG:OfflineImap:[imap]: forge: level 'tls_compat', version 'None' [imap]: Attempting GSSAPI authentication DEBUG:OfflineImap:[imap]: Attempting GSSAPI authentication GSSAPI authentication failed: [UNAVAILABLE] Internal error occurred. Refer to s erver log for more information. WARNING:OfflineImap:GSSAPI authentication failed: [UNAVAILABLE] Internal error o ccurred. Refer to server log for more information. [imap]: Attempting PLAIN authentication DEBUG:OfflineImap:[imap]: Attempting PLAIN authentication forge.kuroneko.ca reader: [imap]: 58:41.61 forge.kuroneko.ca reader last 20 log messages: DEBUG:OfflineImap:[imap]: 58:41.61 forge.kuroneko.ca reader last 20 log messag es: Account sync kuroneko: PLAIN authentication failed: command: AUTHENTICATE => socket error: - Too many read 0 WARNING:OfflineImap:PLAIN authentication failed: command: AUTHENTICATE => socket error: - Too many read 0 [imap]: Attempting LOGIN authentication DEBUG:OfflineImap:[imap]: Attempting LOGIN authentication [imap]: Attempting IMAP LOGIN authentication DEBUG:OfflineImap:[imap]: Attempting IMAP LOGIN authentication -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.5.0-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages offlineimap depends on: ii python 2.7.15~rc1-1 ii python-imaplib2 2.57-1 ii python-six 1.11.0-2 Versions of packages offlineimap recommends: ii python-socks 1.6.5-1 Versions of packages offlineimap suggests: ii python-gssapi 1.4.1-1 -- no debconf information
Bug#899161: ITP: golang-github-kardianos-service -- Run go programs as a service on major platforms.
Package: wnpp Severity: wishlist Owner: Eric Dorland <e...@debian.org> * Package name: golang-github-kardianos-service Version : 0.0~git20180320.615a14e-1 Upstream Author : Daniel Theophanes * URL : https://github.com/kardianos/service * License : zlib Programming Lang: Go Description : Run go programs as a service on major platforms. service will install / un-install, start / stop, and run a program as a service (daemon). Currently supports Windows XP+, Linux/(systemd | Upstart | SysV), and OSX/Launchd. . Windows controls services by setting up callbacks that is non-trivial. This is very different then other systems. This package provides the same API despite the substantial differences. It also can be used to detect how a program is called, from an interactive terminal or from a service manager.
Bug#898529: ITP: golang-github-jedisct1-go-dnsstamps -- DNS Stamps library for Go
Package: wnpp Severity: wishlist Owner: Eric Dorland <e...@debian.org> * Package name: golang-github-jedisct1-go-dnsstamps Version : 0.0~git20180418.1e49992-1 Upstream Author : Frank Denis * URL : https://github.com/jedisct1/go-dnsstamps * License : MIT Programming Lang: Go Description : DNS Stamps library for Go DNS Stamps library for Go
Bug#895753: ITP: golang-github-k-sone-critbitgo -- crit-bit for golang and its applications (sorted map, IP routing table)
Package: wnpp Severity: wishlist Owner: Eric Dorland <e...@debian.org> * Package name: golang-github-k-sone-critbitgo Version : 1.1.0+git20170112.327359a-1 Upstream Author : Keita Sone * URL : https://github.com/k-sone/critbitgo * License : MIT Programming Lang: Go Description : crit-bit trees for golang Crit-bit trees (http://cr.yp.to/critbit.html) in golang and its applications. . This implementation extended to handle the key that contains a null character from C implementation (https://github.com/agl/critbit).
Bug#894591: ITP: golang-github-jedisct1-go-minisign -- Minisign library for Golang
Package: wnpp Severity: wishlist Owner: Eric Dorland <e...@debian.org> * Package name: golang-github-jedisct1-go-minisign Version : 0.0~git20180113.f404c07-1 Upstream Author : Frank Denis * URL : https://github.com/jedisct1/go-minisign * License : MIT Programming Lang: Go Description : Minisign library for Golang A Golang library to verify Minisign (https://jedisct1.github.io/minisign/) signatures.
Bug#894590: ITP: golang-github-jedisct1-go-clocksmith -- A sleep-aware-sleep() function
Package: wnpp Severity: wishlist Owner: Eric Dorland <e...@debian.org> * Package name: golang-github-jedisct1-go-clocksmith Version : 0.0~git20180307.c35da9b-1 Upstream Author : Frank Denis * URL : https://github.com/jedisct1/go-clocksmith * License : MIT Programming Lang: Go Description : sleep-aware-sleep() function for Go A sleep-aware sleep() function, that doesn't pause (for too long) if the system goes to hibernation.
Bug#894585: ITP: golang-github-jedisct1-dlog -- A super simple logger for Go. Supports stderr, logfiles, syslog and windows event log.
Package: wnpp Severity: wishlist Owner: Eric Dorland <e...@debian.org> * Package name: golang-github-jedisct1-dlog Version : 0.3+git20180206.52c32ac-1 Upstream Author : Frank Denis * URL : https://github.com/jedisct1/dlog * License : BSD-2-clause Programming Lang: Go Description : A super simple logger for Go Go's standard logger is fairly limited. As result, kazilion alternatives loggers have been written. . All of these are wonderful. They can make your logs look colorful and pretty, buffer things in complicated ways, format data for ElasticSearch, and more. . Cool, but all I wanted is something super dumb, that just exposes log.Info(), log.Error() and a couple other standard levels. . I don't need a super flexible kitchen sink. Just something super basic and trivial to use. I just want it to handle different log levels, and be able to write simple logs to stderr, to a local file, to syslog and to the Windows event log. . So, here's one more logging library for Go. The dumbest of them all. Enjoy.
Bug#894057: ITP: golang-github-jedisct1-xsecretbox -- Go implementation of crypto_secretbox_xchacha20poly1305
Package: wnpp Severity: wishlist Owner: Eric Dorland <e...@debian.org> * Package name: golang-github-jedisct1-xsecretbox Version : 0.0~git20180214.88b1956-1 Upstream Author : Frank Denis * URL : https://github.com/jedisct1/xsecretbox * License : MIT Programming Lang: Go Description : Go implementation of crypto_secretbox_xchacha20poly1305 xsecretbox is a Go implementation of crypto_secretbox_xchacha20poly1305.
Bug#893437: ITP: golang-github-vividcortex-godaemon -- Daemonize Go applications deviously.
Package: wnpp Severity: wishlist Owner: Eric Dorland <e...@debian.org> * Package name: golang-github-vividcortex-godaemon Version : 0.0~git20150910.3d9f6e0-1 Upstream Author : VividCortex * URL : https://github.com/VividCortex/godaemon * License : MIT Programming Lang: Go Description : Daemonize Go applications deviously Daemonize Go applications with exec() instead of fork(). . You can't daemonize the usual way in Go. Daemonizing is a Unix concept that requires some specific things (http://goo.gl/vTUsVy) you can't do easily in Go. But you can still accomplish the same goals if you don't mind that your program will start copies of itself several times, as opposed to using fork() the way many programmers are accustomed to doing.
Bug#893428: ITP: golang-github-facebookgo-pidfile -- Package pidfile manages pid files.
Package: wnpp Severity: wishlist Owner: Eric Dorland <e...@debian.org> * Package name: golang-github-facebookgo-pidfile Version : 0.0~git20150612.f242e29-1 Upstream Author : Facebook Go * URL : https://github.com/facebookgo/pidfile * License : MIT Programming Lang: Go Description : Go library for managing pid files Package pidfile manages pid files.
Bug#893329: ITP: golang-github-facebookgo-atomicfile -- Package atomicfile provides an atomically written/replaced file.
Package: wnpp Severity: wishlist Owner: Eric Dorland <e...@debian.org> * Package name: golang-github-facebookgo-atomicfile Version : 0.0~git20151019.2de1f20-1 Upstream Author : Facebook Go * URL : https://github.com/facebookgo/atomicfile * License : BSD Programming Lang: Go Description : Provides an atomically written/replaced file. Package atomicfile provides the ability to write a file with an eventual rename on Close (using os.Rename). This allows for a file to always be in a consistent state and never represent an in-progress write. NOTE: `os.Rename` may not be atomic on your operating system.
Bug#892705: ITP: golang-github-aead-chacha20 -- ChaCha20 and XChaCha20 stream ciphers
Package: wnpp Severity: wishlist Owner: Eric Dorland <e...@debian.org> * Package name: golang-github-aead-chacha20 Version : 0.0~git20180214.c8d2937-1 Upstream Author : Andreas Auernhammer * URL : https://github.com/aead/chacha20 * License : MIT Programming Lang: Go Description : ChaCha20 and XChaCha20 stream ciphers go library The ChaCha20 stream cipher ChaCha is a stream cipher family created by Daniel J. Bernstein. The most common ChaCha cipher is ChaCha20 (20 rounds). ChaCha20 is standardized in RFC 7539 (https://tools.ietf.org/html/rfc7539). . This package provides implementations of three ChaCha versions: - ChaCha20 with a 64 bit nonce (can en/decrypt up to 2^64 * 64 bytes for one key-nonce combination) - ChaCha20 with a 96 bit nonce (can en/decrypt up to 2^32 * 64 bytes ~ 256 GB for one key-nonce combination) - XChaCha20 with a 192 bit nonce (can en/decrypt up to 2^64 * 64 bytes for one key-nonce combination)
Bug#892704: ITP: golang-github-aead-poly1305 -- The poly1305 message authentication code
Package: wnpp Severity: wishlist Owner: Eric Dorland <e...@debian.org> * Package name: golang-github-aead-poly1305 Version : 0.0~git20170715.6cf43fd-1 Upstream Author : Andreas Auernhammer * URL : https://github.com/aead/poly1305 * License : MIT Programming Lang: Go Description : The poly1305 message authentication code Poly1305 is a fast, one-time authentication function created by Daniel J. Bernstein. It is infeasible for an attacker to generate an authenticator for a message without the key. However, a key must only be used for a single message. Authenticating two different messages with the same key allows an attacker to forge authenticators for other messages with the same key.
Bug#878122: [pkg-opensc-maint] Bug#878122: opensc: please enable npa-tool
Control: block -1 by 891386 It looks like this requires OpenPACE to be packaged first. * Andrew Shadura (andre...@debian.org) wrote: > Package: opensc > Version: 0.17.0-1 > Severity: wishlist > > Dear Maintainer, > > Please enable npa-tool recently added to OpenSC: > > https://github.com/OpenSC/OpenSC/pull/831/commits/089c472d8f87145ee0e2f66df087615fc4af1e3d#diff-67e997bcfdac55191033d57a16d1408aR869 > > Thanks! > -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#888637: gozer: Update URL
Do you have a new URL to suggest? * Ricardo Fabian Peliquero (zh...@lasampa.com.ar) wrote: > Package: gozer > Version: 0.7.nofont.1-6+b1 > Severity: minor > > Dear Maintainer, > > Please consider updating URL in package information. > Current URL (http://linuxbrit.co.uk/gozer/) is not reachable. > > Thank you! > > Ricardo > > -- System Information: > Debian Release: buster/sid > APT prefers unstable > APT policy: (500, 'unstable'), (1, 'experimental') > Architecture: amd64 (x86_64) > > Kernel: Linux 4.15.0-rc8-amd64 (SMP w/2 CPU cores) > Locale: LANG=es_AR.UTF-8, LC_CTYPE=es_AR.UTF-8 (charmap=UTF-8), > LANGUAGE=es_AR.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: sysvinit (via /sbin/init) > > Versions of packages gozer depends on: > ii giblib11.2.4-11 > ii libc6 2.26-6 > ii libimlib2 1.4.10-1 > > gozer recommends no packages. > > gozer suggests no packages. > > -- no debconf information -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#891386: RFP: openpace -- OpenPACE implements Extended Access Control (EAC) version 2
Package: wnpp Severity: wishlist * Package name: openpace Version : 1.0.2 Upstream Author : Frank Morgner* URL : https://frankmorgner.github.io/openpace/ * License : GPL3 Programming Lang: C Description : OpenPACE implements Extended Access Control (EAC) version 2 OpenPACE implements Extended Access Control (EAC) version 2 as specified in BSI TR-03110. OpenPACE comprises support for the following protocols: * Password Authenticated Connection Establishment (PACE) Establish a secure channel with a strong key between two parties that only share a weak secret. * Terminal Authentication (TA) Verify/prove the terminal's certificate (or rather certificate chain) and secret key. * Chip Authentication (CA) Establish a secure channel based on the chip's static key pair proving its authenticy. Furthermore, OpenPACE also supports Card Verifiable Certificates (CV Certificates) as well as easy to use wrappers for using the established secure channels.
Bug#884320: [pkg-opensc-maint] Bug#884320: upgrade error libp11-2 -> libp11-3
Control: tags -1 unreproducible I'm confused how this could be possible since on my machine I see: $ sudo dpkg -L libp11-3 /. /usr /usr/lib /usr/lib/x86_64-linux-gnu /usr/lib/x86_64-linux-gnu/libp11.so.3.3.7 /usr/share /usr/share/doc /usr/share/doc/libp11-3 /usr/share/doc/libp11-3/changelog.Debian.gz /usr/share/doc/libp11-3/copyright /usr/lib/x86_64-linux-gnu/libp11.so.3 $ apt show libp11-3 Package: libp11-3 Version: 0.4.7-2 Priority: optional Section: libs Source: libp11 Maintainer: Debian OpenSC Maintainers <pkg-opensc-ma...@lists.alioth.debian.org> Installed-Size: 79.9 kB Depends: libc6 (>= 2.14), libssl1.1 (>= 1.1.0) Homepage: https://github.com/OpenSC/libp11 Download-Size: 24.0 kB APT-Manual-Installed: no APT-Sources: http://ftp.us.debian.org/debian unstable/main amd64 Packages Description: pkcs#11 convenience library Libp11 is a library to simplify using smart cards via PKCS#11 modules. It was spun of the OpenSC project but can be used with any pkcs#11 module. * Matthias Klose (d...@debian.org) wrote: > Package: libp11-3 > Version: 0.4.7-2 > Severity: serious > Tags: sid buster > > missing breaks/replaces > > Unpacking libp11-3:amd64 (0.4.7-2) ... > dpkg: error processing archive > /tmp/apt-dpkg-install-ZbKGej/78-libp11-3_0.4.7-2_amd64.deb (--unpack): > trying to overwrite '/usr/lib/x86_64-linux-gnu/libp11.so.2.4.7', which is > also > in package libp11-2:amd64 0.4.7-1 > Preparing to unpack .../79-libp11-dev_0.4.7-2_amd64.deb ... > > ___ > pkg-opensc-maint mailing list > pkg-opensc-ma...@lists.alioth.debian.org > https://lists.alioth.debian.org/mailman/listinfo/pkg-opensc-maint -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#760021: lintian: check for not wrap-and-sort formatted files
* Mattia Rizzolo (mat...@debian.org) wrote: > On Tue, Sep 05, 2017 at 09:04:45AM +0100, Chris Lamb wrote: > > Mattia convinced me, alas. Yes, not even at the "P:" level. Perhaps I'm > > stuck on thinking about the implementation... > > Lintian recently already "regressed" in its "policy" of not being too > nagging. Already there are tags that I've been ignoring because too > annoying and way too often too hard or impossible to accomplish > (upstream gpg sig and autopkgtest come to my mind). I do not want to > have lintian go back to its situation of "way too noise, let's ignore > it" that it was several years ago. I think that's a fair sentiment but we shouldn't necessarily lump together nagging warnings that are difficult or impossible to fix with ones like this one that are trivial to fix (aka run wrap-and-sort). > > Here's another possibility however: Lintian warns about things — at > > a pedantic level — that wrap-and-sort would correct? For example, > > trailing whitespace, etc. > > I'd love it, but I believe people would just be annoyed by it. > Have you seen uploads like this: https://tracker.debian.org/news/865454 >* Replace FIXME markers with TODO markers. Silly lintian ... > > I do not want to see more of them, please let's try to stay real, even > if I personally would like to see more cleaness around. > -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#760021: lintian: check for not wrap-and-sort formatted files
* Mattia Rizzolo (mat...@debian.org) wrote: > On Thu, Aug 31, 2017 at 10:06:52AM +0100, Chris Lamb wrote: > > > lintian: check for not wrap-and-sort formatted files > > > > Good idea. > > I don't think it is. > wrap-and-sort (or the equivalent from cme) is not widely enough adopted > as of yet. I personally try to have all my sponsee use it, and I > sometimes force a wrap-and-sort into NMUs, but it's still too rare. > > Also, wouldn't you need to pick only one of the -t, -s, -a combinations? > I see people disliking -t (trailing commas) also because it's not in > policy, and arguments for and agaist -s and -a; see the wrap-and-sort > manual if you don't understand what I'm talking about. > And that's without considering cme's configuration. You wouldn't necessarily have to proscribe one single wrap-and-sort variant, you could check a number of variations and see if any of them fit the current set of files. But yes, if policy could be more prescriptive about what the formatting should look like that would be cool. > > Alas, I fear that this would either require calling out to > > wrap-and-sort (!) and diffing the result, or essentially reimplementing > > it within Lintian itself? > > You could use libconfig-model-dpkg-perl, most probably. Therefore > elevating cme's implementation. > > Summing up: I don't think it's a practise ready to be nudged by lintian > yet. Not even at the pedantic level? -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#865188: patch
Control: tags -1 patch -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 diff -ruN madplay-0.15.2b.old/debian/control madplay-0.15.2b/debian/control --- madplay-0.15.2b.old/debian/control 2017-08-12 15:55:52.329875682 -0400 +++ madplay-0.15.2b/debian/control 2017-08-12 15:56:23.293484589 -0400 @@ -1,7 +1,7 @@ Source: madplay Priority: optional Section: sound -Build-Depends: cdbs, debhelper (>= 4.1.0), gettext, zlib1g-dev, libesd0-dev, libmad0-dev (>= 0.15.0), libid3tag0-dev (>= 0.15.0), autotools-dev, libtool, autoconf, automake1.11, libasound2-dev +Build-Depends: cdbs, debhelper (>= 4.1.0), gettext, zlib1g-dev, libesd0-dev, libmad0-dev (>= 0.15.0), libid3tag0-dev (>= 0.15.0), autotools-dev, libtool, autoconf, automake, libasound2-dev Maintainer: Mad Maintainers <pkg-mad-maintain...@lists.alioth.debian.org> Uploaders: Sam Clegg <s...@debian.org>, Kurt Roeckx <k...@roeckx.be>, Clément Stenac <zorg...@debian.org> Standards-Version: 3.6.1 diff -ruN madplay-0.15.2b.old/debian/rules madplay-0.15.2b/debian/rules --- madplay-0.15.2b.old/debian/rules 2017-08-12 15:55:52.333875632 -0400 +++ madplay-0.15.2b/debian/rules 2017-08-12 15:56:46.129196251 -0400 @@ -4,9 +4,9 @@ #export DH_VERBOSE=1 DEB_AUTO_UPDATE_LIBTOOL:=pre -DEB_AUTO_UPDATE_ACLOCAL:=1.11 -DEB_AUTO_UPDATE_AUTOHEADER:=1.11 -DEB_AUTO_UPDATE_AUTOMAKE:=1.11 +DEB_AUTO_UPDATE_ACLOCAL:=1.15 +DEB_AUTO_UPDATE_AUTOHEADER:=1.15 +DEB_AUTO_UPDATE_AUTOMAKE:=1.15 DEB_AUTO_UPDATE_AUTOCONF:=yes DEB_AUTOMAKE_ARGS:=--foreign --add-missing signature.asc Description: PGP signature
Bug#865186: patch
Control: tags -1 patch -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 From 63f625565ccd7342387de3a90d8f4049ada6e81f Mon Sep 17 00:00:00 2001 From: Eric Dorland <e...@debian.org> Date: Sat, 12 Aug 2017 15:50:07 -0400 Subject: [PATCH] Move to modern automake --- debian/control | 2 +- debian/rules | 8 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/debian/control b/debian/control index 2f7f406..0cb6a03 100644 --- a/debian/control +++ b/debian/control @@ -10,7 +10,7 @@ Build-Depends: autotools-dev, devscripts, cdbs (>= 0.4.106~), libtool, - automake1.11, + automake, autoconf, debhelper, dh-buildinfo, diff --git a/debian/rules b/debian/rules index 71b08ba..570548e 100755 --- a/debian/rules +++ b/debian/rules @@ -19,10 +19,10 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. DEB_AUTO_UPDATE_LIBTOOL = pre -DEB_AUTO_UPDATE_ACLOCAL = 1.11 -DEB_AUTO_UPDATE_AUTOCONF = 2.68 -DEB_AUTO_UPDATE_AUTOHEADER = 2.68 -DEB_AUTO_UPDATE_AUTOMAKE = 1.11 +DEB_AUTO_UPDATE_ACLOCAL = 1.15 +DEB_AUTO_UPDATE_AUTOCONF = 2.69 +DEB_AUTO_UPDATE_AUTOHEADER = 2.69 +DEB_AUTO_UPDATE_AUTOMAKE = 1.15 include /usr/share/cdbs/1/rules/upstream-tarball.mk include /usr/share//cdbs/1/rules/utils.mk include /usr/share/cdbs/1/class/autotools.mk -- 2.13.3 signature.asc Description: PGP signature
Bug#865185: patch
Control: tags -1 patch -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 diff -ruN libnfsidmap-0.25.old/debian/control libnfsidmap-0.25/debian/control --- libnfsidmap-0.25.old/debian/control 2017-08-12 15:37:47.471679352 -0400 +++ libnfsidmap-0.25/debian/control 2017-08-12 15:38:13.135350328 -0400 @@ -2,7 +2,7 @@ Priority: optional Section: libs Maintainer: Anibal Monsalve Salazar <ani...@debian.org> -Build-Depends: dpkg-dev (>= 1.16.1~), debhelper (>= 9), libldap2-dev, autotools-dev, automake1.11, autoconf (>= 2.68), libtool +Build-Depends: dpkg-dev (>= 1.16.1~), debhelper (>= 9), libldap2-dev, autotools-dev, automake, autoconf (>= 2.69), libtool Standards-Version: 3.9.4 Homepage: http://www.citi.umich.edu/projects/nfsv4/linux/ signature.asc Description: PGP signature
Bug#865181: patch
Control: tags -1 patch -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 diff -ruN libg15render-1.3.0~svn316.old/debian/control libg15render-1.3.0~svn316/debian/control --- libg15render-1.3.0~svn316.old/debian/control 2017-08-10 18:42:04.955046872 -0400 +++ libg15render-1.3.0~svn316/debian/control 2017-08-10 18:42:41.718609099 -0400 @@ -2,7 +2,7 @@ Section: libs Priority: optional Maintainer: Giacomo Catenazzi <c...@debian.org> -Build-Depends: cdbs, debhelper (>= 5), autotools-dev, libtool, automake1.11, +Build-Depends: cdbs, debhelper (>= 5), autotools-dev, libtool, automake, libg15-dev, libusb-dev, libfreetype6-dev Standards-Version: 3.8.2 Homepage: http://www.g15tools.com signature.asc Description: PGP signature
Bug#865171: patch
Control: tags -1 patch -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 From 8ee9c372efd69fe7ed499ff839a41f0c764f40c8 Mon Sep 17 00:00:00 2001 From: Eric Dorland <e...@debian.org> Date: Thu, 10 Aug 2017 16:18:25 -0400 Subject: [PATCH] Move to modern automake --- debian/control | 2 +- debian/rules | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/debian/control b/debian/control index 390f631..11548fc 100644 --- a/debian/control +++ b/debian/control @@ -7,7 +7,7 @@ Build-Depends: cdbs, autotools-dev, devscripts, libtool, - automake1.11, + automake, autoconf, debhelper, dh-buildinfo, diff --git a/debian/rules b/debian/rules index e34fbe4..e4ae5c7 100755 --- a/debian/rules +++ b/debian/rules @@ -17,9 +17,9 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. DEB_AUTO_UPDATE_LIBTOOL = pre -DEB_AUTO_UPDATE_AUTOCONF = 2.64 -DEB_AUTO_UPDATE_ACLOCAL = 1.11 -DEB_AUTO_UPDATE_AUTOMAKE = 1.11 +DEB_AUTO_UPDATE_AUTOCONF = 2.69 +DEB_AUTO_UPDATE_ACLOCAL = 1.15 +DEB_AUTO_UPDATE_AUTOMAKE = 1.15 include /usr/share/cdbs/1/rules/upstream-tarball.mk include /usr/share/cdbs/1/rules/utils.mk include /usr/share/cdbs/1/class/autotools.mk -- 2.13.3 signature.asc Description: PGP signature
Bug#865168: patch
Control: tags -1 patch -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 From fbe8584b7090e88ac9b7f639411e99d373d29413 Mon Sep 17 00:00:00 2001 From: Eric Dorland <e...@debian.org> Date: Thu, 10 Aug 2017 15:51:36 -0400 Subject: [PATCH] Move to modern automake --- debian/control | 2 +- debian/rules | 8 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/debian/control b/debian/control index 1d82d5a..45d2c4e 100644 --- a/debian/control +++ b/debian/control @@ -9,7 +9,7 @@ Uploaders: Adrian Knoth <a...@drcomp.erfurt.thur.de>, Reinhard Tartler <siret...@tauware.de> Build-Depends: cdbs (>= 0.4.93~), libtool, - automake1.11, + automake, autoconf, debhelper, bash-completion, diff --git a/debian/rules b/debian/rules index 3482e13..42a4799 100755 --- a/debian/rules +++ b/debian/rules @@ -10,10 +10,10 @@ # DEB_AUTO_UPDATE_LIBTOOL = pre -DEB_AUTO_UPDATE_AUTOCONF = 2.65 -DEB_AUTO_UPDATE_AUTOHEADER = 2.65 -DEB_AUTO_UPDATE_ACLOCAL = 1.11 -DEB_AUTO_UPDATE_AUTOMAKE = 1.11 +DEB_AUTO_UPDATE_AUTOCONF = 2.69 +DEB_AUTO_UPDATE_AUTOHEADER = 2.69 +DEB_AUTO_UPDATE_ACLOCAL = 1.15 +DEB_AUTO_UPDATE_AUTOMAKE = 1.15 ifneq (,$(filter stage1,$(DEB_BUILD_PROFILES))) export DH_OPTIONS = -Njackd1-firewire -- 2.13.3 signature.asc Description: PGP signature
Bug#865167: patch
Control: tags -1 patch -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93
Bug#865167: patch
Control: tags -1 patch -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 From ff99c9f4a6cabebb01ab8c95d9d815e0da5da622 Mon Sep 17 00:00:00 2001 From: Eric Dorland <e...@debian.org> Date: Thu, 10 Aug 2017 15:33:00 -0400 Subject: [PATCH] Switch to modern automake --- debian/control | 2 +- debian/rules | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/debian/control b/debian/control index 3ed22bb..d053675 100644 --- a/debian/control +++ b/debian/control @@ -6,7 +6,7 @@ Uploaders: Jonas Smedegaard <d...@jones.dk>, Build-Depends: cdbs, autotools-dev, libtool, - automake1.11, + automake, autoconf, debhelper (>= 9~), dh-buildinfo, diff --git a/debian/rules b/debian/rules index d1b6890..22969eb 100755 --- a/debian/rules +++ b/debian/rules @@ -18,9 +18,9 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. DEB_AUTO_UPDATE_LIBTOOL = pre -DEB_AUTO_UPDATE_AUTOCONF = 2.68 -DEB_AUTO_UPDATE_ACLOCAL = 1.11 -DEB_AUTO_UPDATE_AUTOMAKE = 1.11 +DEB_AUTO_UPDATE_AUTOCONF = 2.69 +DEB_AUTO_UPDATE_ACLOCAL = 1.15 +DEB_AUTO_UPDATE_AUTOMAKE = 1.15 DEB_AUTOMAKE_ARGS = --add-missing include /usr/share/cdbs/1/class/autotools.mk include /usr/share/cdbs/1/rules/debhelper.mk -- 2.13.3 signature.asc Description: PGP signature
Bug#865160: patch
Control: tags -1 patch -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 diff -ruN g15mpd-1.2svn.0.svn319.old/debian/control g15mpd-1.2svn.0.svn319/debian/control --- g15mpd-1.2svn.0.svn319.old/debian/control 2017-08-10 12:32:48.766681704 -0400 +++ g15mpd-1.2svn.0.svn319/debian/control 2017-08-10 12:35:10.293095617 -0400 @@ -3,7 +3,7 @@ Priority: optional Maintainer: Giacomo Catenazzi <c...@debian.org> Build-Depends: cdbs, debhelper (>= 5), autotools-dev, - automake1.11, libtool, libusb-dev, libfreetype6-dev, + automake, libtool, libusb-dev, libfreetype6-dev, libg15-dev, libg15daemon-client-dev, libg15render-dev, libmpd-dev Standards-Version: 3.8.1 signature.asc Description: PGP signature
Bug#865159: patch
Control: tags -1 patch -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 diff -ruN freefem3d-1.0pre10.old/debian/control freefem3d-1.0pre10/debian/control --- freefem3d-1.0pre10.old/debian/control 2017-08-10 12:20:09.567154622 -0400 +++ freefem3d-1.0pre10/debian/control 2017-08-10 12:21:21.946349601 -0400 @@ -6,7 +6,7 @@ Vcs-Svn: svn://svn.debian.org/svn/debian-science/packages/freefem3d/trunk/ Vcs-Browser: http://svn.debian.org/viewsvn/debian-science/packages/freefem3d/trunk/ Build-Depends: cdbs (>= 0.4.23-1.1), autotools-dev, debhelper (>= 10), - automake1.11, libtool (>= 1.5), doc-base, bison, texlive, texlive-latex-extra, + automake, libtool (>= 1.5), doc-base, bison, texlive, texlive-latex-extra, dh-autoreconf Package: freefem3d diff -ruN freefem3d-1.0pre10.old/debian/rules freefem3d-1.0pre10/debian/rules --- freefem3d-1.0pre10.old/debian/rules 2017-08-10 12:20:09.567154622 -0400 +++ freefem3d-1.0pre10/debian/rules 2017-08-10 12:21:35.542198316 -0400 @@ -14,9 +14,9 @@ DEB_AC_AUX_DIR = $(DEB_SRCDIR)/m4 DEB_CONFIGURE_EXTRA_FLAGS := --enable-optimize --disable-gui -DEB_AUTO_UPDATE_ACLOCAL = 1.11 +DEB_AUTO_UPDATE_ACLOCAL = 1.15 DEB_AUTO_UPDATE_LIBTOOL = pre -c -f -DEB_AUTO_UPDATE_AUTOMAKE = 1.11 -a -c +DEB_AUTO_UPDATE_AUTOMAKE = 1.15 -a -c DEB_AUTO_UPDATE_AUTOCONF = yes DEB_AUTO_UPDATE_AUTOHEADER = yes signature.asc Description: PGP signature
Bug#865157: patch
Control: tags -1 patch -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 From 4e6c2871454d88ec14f78ca5c3e0b0f49e331e53 Mon Sep 17 00:00:00 2001 From: Eric Dorland <e...@debian.org> Date: Thu, 10 Aug 2017 12:06:23 -0400 Subject: [PATCH] Switch to modern automake --- debian/control | 5 +++-- debian/patches/865157-automake | 13 + debian/patches/series | 1 + debian/rules | 2 +- 4 files changed, 18 insertions(+), 3 deletions(-) create mode 100644 debian/patches/865157-automake diff --git a/debian/control b/debian/control index d2e9a4b..14a0332 100644 --- a/debian/control +++ b/debian/control @@ -7,8 +7,9 @@ Build-Depends: debhelper (>= 8.9.4), libpaper-dev, autotools-dev, autoconf, - automake1.11, - autopoint + automake, + autopoint, + texinfo Build-Conflicts: autoconf2.13, automake1.4 Standards-Version: 3.9.2 Vcs-Git: git://git.debian.org/git/collab-maint/enscript.git diff --git a/debian/patches/865157-automake b/debian/patches/865157-automake new file mode 100644 index 000..3d906b0 --- /dev/null +++ b/debian/patches/865157-automake @@ -0,0 +1,13 @@ +Index: enscript/configure.ac +=== +--- enscript.orig/configure.ac 2017-08-10 12:01:11.267738765 -0400 enscript/configure.ac 2017-08-10 12:01:25.319584336 -0400 +@@ -11,7 +11,7 @@ + AC_PROG_CC + + AC_USE_SYSTEM_EXTENSIONS +-AM_C_PROTOTYPES ++AC_C_PROTOTYPES + + AC_C_CONST + AC_FUNC_ALLOCA diff --git a/debian/patches/series b/debian/patches/series index 3ed6fc4..3471e84 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -8,3 +8,4 @@ 344750-no-gecos 147116-ruby-hilight 457244-octave-highlighting +865157-automake diff --git a/debian/rules b/debian/rules index a6fa59f..719e58e 100755 --- a/debian/rules +++ b/debian/rules @@ -10,7 +10,7 @@ override_dh_auto_clean: find -name Makefile.in -exec rm {} \; override_dh_auto_configure: - AUTOMAKE=automake-1.11 ACLOCAL=aclocal-1.11 autoreconf -fis + AUTOMAKE=automake-1.15 ACLOCAL=aclocal-1.15 autoreconf -fis dh_auto_configure override_dh_auto_install: -- 2.13.3 signature.asc Description: PGP signature
Bug#865158: patch
Control: tags -1 patch -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 diff -ruN fam-2.7.0.old/debian/control fam-2.7.0/debian/control --- fam-2.7.0.old/debian/control 2017-08-10 12:13:37.447504805 -0400 +++ fam-2.7.0/debian/control 2017-08-10 12:14:20.543027649 -0400 @@ -2,7 +2,7 @@ Section: admin Priority: optional Maintainer: Chuan-kai Lin <ck...@debian.org> -Build-Depends: debhelper (>= 9), cdbs (>= 0.4.0.1), libtool (>= 1.5-2), automake1.11, autoconf +Build-Depends: debhelper (>= 9), cdbs (>= 0.4.0.1), libtool (>= 1.5-2), automake, autoconf Standards-Version: 3.9.8 Homepage: http://oss.sgi.com/projects/fam/ diff -ruN fam-2.7.0.old/debian/rules fam-2.7.0/debian/rules --- fam-2.7.0.old/debian/rules 2017-08-10 12:13:37.447504805 -0400 +++ fam-2.7.0/debian/rules 2017-08-10 12:14:05.319196236 -0400 @@ -11,9 +11,9 @@ DEB_AUTOMAKE_ARGS := --add-missing DEB_AUTO_UPDATE_LIBTOOL := pre -DEB_AUTO_UPDATE_ACLOCAL := 1.11 -DEB_AUTO_UPDATE_AUTOMAKE := 1.11 -DEB_AUTO_UPDATE_AUTOCONF := 2.50 +DEB_AUTO_UPDATE_ACLOCAL := 1.15 +DEB_AUTO_UPDATE_AUTOMAKE := 1.15 +DEB_AUTO_UPDATE_AUTOCONF := 2.69 DEB_UPDATE_RCD_PARAMS := "defaults 21" DEB_CONFIGURE_EXTRA_FLAGS += --libdir=/usr/lib/$(DEB_HOST_MULTIARCH) signature.asc Description: PGP signature
Bug#865155: patch
Control: tags -1 patch -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 From 6df25f2f3d9102bb7819d5f36bd824ed12a450ee Mon Sep 17 00:00:00 2001 From: Eric Dorland <e...@debian.org> Date: Thu, 10 Aug 2017 11:31:45 -0400 Subject: [PATCH] Switch to automake, not automake1.11 --- debian/control | 2 +- debian/rules | 7 --- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/debian/control b/debian/control index 828e6b2..8c9d611 100644 --- a/debian/control +++ b/debian/control @@ -3,7 +3,7 @@ Section: utils Priority: optional Maintainer: Jonas Smedegaard <d...@jones.dk> Build-Depends: cdbs, - automake1.11, + automake, autoconf, debhelper, dh-buildinfo diff --git a/debian/rules b/debian/rules index ee1bc62..463f885 100755 --- a/debian/rules +++ b/debian/rules @@ -18,9 +18,10 @@ # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA # 02111-1307 USA. -DEB_AUTO_UPDATE_AUTOCONF = 2.68 -DEB_AUTO_UPDATE_ACLOCAL = 1.11 -DEB_AUTO_UPDATE_AUTOMAKE = 1.11 +DEB_AUTO_UPDATE_AUTOCONF = 2.69 +DEB_AUTO_UPDATE_ACLOCAL = 1.15 +DEB_AUTO_UPDATE_AUTOMAKE = 1.15 +DEB_AUTOMAKE_ARGS = --add-missing --copy -include /usr/share/cdbs/1/rules/upstream-tarball.mk include /usr/share/cdbs/1/rules/utils.mk include /usr/share/cdbs/1/class/autotools.mk -- 2.13.3 signature.asc Description: PGP signature
Bug#865154: patch
Control: tags -1 patch -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 diff -ruN cloog-ppl-0.16.1.old/debian/control cloog-ppl-0.16.1/debian/control --- cloog-ppl-0.16.1.old/debian/control 2017-08-10 11:21:14.124652961 -0400 +++ cloog-ppl-0.16.1/debian/control 2017-08-10 11:21:54.608139562 -0400 @@ -4,7 +4,7 @@ Uploaders: Matthias Klose <d...@debian.org>, Michael Tautschnig <m...@debian.org> Build-Depends: debhelper (>= 9), autotools-dev, - automake1.11, + automake, libppl-dev (>= 1:1.2), libgmp-dev, texinfo signature.asc Description: PGP signature
Bug#865151: patch
Control: tags -1 patch -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 diff -ruN aweather-0.8.1.old/debian/control aweather-0.8.1/debian/control --- aweather-0.8.1.old/debian/control 2017-08-08 17:17:06.713891445 -0400 +++ aweather-0.8.1/debian/control 2017-08-08 17:25:38.980394503 -0400 @@ -2,10 +2,10 @@ Priority: extra Maintainer: Debian Science Maintainers <debian-science-maintain...@lists.alioth.debian.org> Uploaders: Andy Spencer <andy753...@gmail.com> -Build-Depends: debhelper (>= 9), automake1.11, libbz2-dev, libcairo2-dev, - libglib2.0-dev (>= 2.14), libgrits-dev (>= 0.8), libgtk2.0-dev (>= 2.16), - librsl-dev (>= 1.41), libsoup2.4-dev (>= 2.26), mesa-common-dev, - libglu1-mesa-dev, libgps-dev (>= 3.0) +Build-Depends: debhelper (>= 9), dh-autoreconf, automake, libbz2-dev, + libcairo2-dev, libglib2.0-dev (>= 2.14), libgrits-dev (>= 0.8), + libgtk2.0-dev (>= 2.16), librsl-dev (>= 1.41), libsoup2.4-dev (>= 2.26), + mesa-common-dev, libglu1-mesa-dev, libgps-dev (>= 3.0) Standards-Version: 3.9.4 Section: science Homepage: http://pileus.org/aweather diff -ruN aweather-0.8.1.old/debian/patches/series aweather-0.8.1/debian/patches/series --- aweather-0.8.1.old/debian/patches/series 2017-08-08 17:17:06.713891445 -0400 +++ aweather-0.8.1/debian/patches/series 2017-08-08 17:35:09.758259149 -0400 @@ -1 +1,2 @@ plugins-c99.patch +subdir-objects.patch diff -ruN aweather-0.8.1.old/debian/patches/subdir-objects.patch aweather-0.8.1/debian/patches/subdir-objects.patch --- aweather-0.8.1.old/debian/patches/subdir-objects.patch 1969-12-31 19:00:00.0 -0500 +++ aweather-0.8.1/debian/patches/subdir-objects.patch 2017-08-08 17:34:47.622498324 -0400 @@ -0,0 +1,10 @@ +--- aweather-0.8.1.old/configure.ac 2017-08-08 17:17:06.705891532 -0400 aweather-0.8.1/configure.ac 2017-08-08 17:31:44.548472713 -0400 +@@ -1,6 +1,6 @@ + # Init and options + AC_INIT([aweather], [0.8.1], [andy753...@gmail.com]) +-AM_INIT_AUTOMAKE([-Wall -Werror -Wno-portability foreign]) ++AM_INIT_AUTOMAKE([-Wall -Werror -Wno-portability foreign subdir-objects]) + AC_CONFIG_HEADERS([config.h]) + AC_CONFIG_MACRO_DIR([m4]) + #AM_SILENT_RULES([yes]) diff -ruN aweather-0.8.1.old/debian/rules aweather-0.8.1/debian/rules --- aweather-0.8.1.old/debian/rules 2017-08-08 17:17:06.713891445 -0400 +++ aweather-0.8.1/debian/rules 2017-08-08 17:26:24.907903377 -0400 @@ -1,6 +1,6 @@ #!/usr/bin/make -f %: - dh $@ + dh $@ --with autoreconf override_dh_auto_configure: dh_auto_configure -- --enable-gps signature.asc Description: PGP signature
Bug#865150: patch
Control: tags -1 patch -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 diff -ruN avr-libc-2.0.0+Atmel3.6.0.old/debian/control avr-libc-2.0.0+Atmel3.6.0/debian/control --- avr-libc-2.0.0+Atmel3.6.0.old/debian/control 2017-08-08 17:02:17.431487155 -0400 +++ avr-libc-2.0.0+Atmel3.6.0/debian/control 2017-08-08 17:02:42.159199609 -0400 @@ -3,7 +3,7 @@ Priority: extra Maintainer: Hakan Ardo <ha...@debian.org> Standards-Version: 3.9.5 -Build-Depends: gcc-avr (>=5.4.0+Atmel3.6.0-1), binutils-avr (>=2.26.20160125+Atmel3.6.0-1), debhelper (>=5), doxygen-latex (>=1.8.7), doxygen (>=1.8.7), transfig, ghostscript, netpbm, x11-common, autotools-dev, autoconf, automake1.11, unzip +Build-Depends: gcc-avr (>=5.4.0+Atmel3.6.0-1), binutils-avr (>=2.26.20160125+Atmel3.6.0-1), debhelper (>=5), doxygen-latex (>=1.8.7), doxygen (>=1.8.7), transfig, ghostscript, netpbm, x11-common, autotools-dev, autoconf, automake, unzip Package: avr-libc Architecture: all signature.asc Description: PGP signature
Bug#865148: [PATCH] Use automake instead of automake1.11
Control: tags -1 patch --- debian/control | 2 +- debian/rules | 8 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/debian/control b/debian/control index 7c2c36d..690cbea 100644 --- a/debian/control +++ b/debian/control @@ -3,7 +3,7 @@ Section: libs Priority: optional Maintainer: Debian Science MaintainersUploaders: Teemu Ikonen -Build-Depends: cdbs (>= 0.4.52), autoconf (>= 2.61), automake1.11, +Build-Depends: cdbs (>= 0.4.52), autoconf (>= 2.69), automake, libtool, debhelper (>= 7), autoconf-archive Standards-Version: 3.9.5 Homepage: http://www.cs.umd.edu/~mount/ANN/ diff --git a/debian/rules b/debian/rules index f82dc6b..460cb5e 100755 --- a/debian/rules +++ b/debian/rules @@ -5,10 +5,10 @@ include /usr/share/cdbs/1/rules/debhelper.mk include /usr/share/cdbs/1/class/autotools.mk -DEB_AUTO_UPDATE_AUTOHEADER = 2.61 -DEB_AUTO_UPDATE_AUTOCONF = 2.61 -DEB_AUTO_UPDATE_ACLOCAL = 1.11 -DEB_AUTO_UPDATE_AUTOMAKE = 1.11 +DEB_AUTO_UPDATE_AUTOHEADER = 2.69 +DEB_AUTO_UPDATE_AUTOCONF = 2.69 +DEB_AUTO_UPDATE_ACLOCAL = 1.15 +DEB_AUTO_UPDATE_AUTOMAKE = 1.15 DEB_AUTOMAKE_ARGS = --foreign --add-missing DEB_AUTO_UPDATE_LIBTOOL = pre -- 2.13.3
Bug#865143: patch
Control: tags -1 patch -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 diff -ruN liece-2.0+0.20030527cvs.old/debian/control liece-2.0+0.20030527cvs/debian/control --- liece-2.0+0.20030527cvs.old/debian/control 2017-08-08 12:29:56.552025270 -0400 +++ liece-2.0+0.20030527cvs/debian/control 2017-08-08 12:30:27.135685426 -0400 @@ -4,7 +4,7 @@ Maintainer: OHASHI Akira <b...@debian.org> Build-Depends: cdbs, debhelper, - dh-buildinfo, emacs | emacsen, autoconf, automake1.11 | automaken, gettext, libtool + dh-buildinfo, emacs | emacsen, autoconf, automake, gettext, libtool Standards-Version: 3.7.2 Package: liece signature.asc Description: PGP signature
Bug#865142: patch
Control: tags -1 patch Attached is patch to fix this issue. -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 --- diagnostics-0.3.3.old/debian/control 2017-08-08 12:20:03.046697876 -0400 +++ diagnostics-0.3.3/debian/control 2017-08-08 12:21:10.057907988 -0400 @@ -1,7 +1,7 @@ Source: diagnostics Priority: extra Maintainer: Michael Tautschnig <m...@debian.org> -Build-Depends: dpkg-dev (>= 1.16.0~), debhelper (>= 9), automake1.11 | automake (>= 1:1.9), pkg-config, libtool, libltdl-dev (>= 2.4.2-1~), libace-dev (>= 5.7.7-3) [!hurd-i386], dh-autoreconf +Build-Depends: dpkg-dev (>= 1.16.0~), debhelper (>= 9), automake (>= 1:1.9), pkg-config, libtool, libltdl-dev (>= 2.4.2-1~), libace-dev (>= 5.7.7-3) [!hurd-i386], dh-autoreconf Standards-Version: 3.9.8 Section: libs Homepage: http://forsyte.at/software/diagnostics signature.asc Description: PGP signature
Bug#865139: possible patch
Control: tags -1 patch Attached is a possible fix for this issue, that I can't test due to #853369. -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 Index: debian/control === --- debian/control (revision 27279) +++ debian/control (working copy) @@ -4,7 +4,7 @@ Maintainer: Vincent Cheng <vch...@debian.org> Build-Depends: autoconf (>= 2.59), - automake1.11 | automake (>= 1:1.11), + automake (>= 1:1.11), debhelper (>= 9), dh-autoreconf, doxygen, signature.asc Description: PGP signature
Bug#865138: Possible patch
Control: tags patch Attached is possible patch that I can't test due to #853353 -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 Index: debian/control === --- debian/control (revision 27279) +++ debian/control (working copy) @@ -4,7 +4,6 @@ Maintainer: Vincent Cheng <vch...@debian.org> Build-Depends: audacious-dev, - automake1.11 | automake (>= 1:1.11), cmake (>= 2.6), debhelper (>= 9), docbook-xml, signature.asc Description: PGP signature
Bug#846548: marked as pending
* Julien Cristau (jcris...@debian.org) wrote: > It's now through NEW. The next step would be an upload to sid, with > urgency=high, and an unblock request to the release.debian.org > pseudopackage. Thanks and done as you have seen. I'm guessing it's not worth it, but should we promote libp11 0.4.4-1 as well for version parity? > On 06/06/2017 02:26 AM, Eric Dorland wrote: > > OK, apologies for the delay (and I know we're getting down to the > > wire). I just uploaded libp11-openssl1.1 to experimental and of course > > it's in NEW. If this looks ok let me know what the next steps are if > > we want to try to get it into stretch. > > > > * Julien Cristau (jcris...@debian.org) wrote: > >> On 05/30/2017 07:16 AM, Eric Dorland wrote: > >>> * Julien Cristau (jcris...@debian.org) wrote: > >>>> On 05/29/2017 03:15 AM, Eric Dorland wrote: > >>>>> * Julien Cristau (jcris...@debian.org) wrote: > >>>>>> On Mon, May 22, 2017 at 03:42:57 +, Eric Dorland wrote: > >>>>>> > >>>>>>> tag 846548 pending > >>>>>>> thanks > >>>>>>> > >>>>>>> Hello, > >>>>>>> > >>>>>>> Bug #846548 reported by you has been fixed in the Git repository. You > >>>>>>> can > >>>>>>> see the changelog below, and you can check the diff of the fix at: > >>>>>>> > >>>>>>> > >>>>>>> https://anonscm.debian.org/cgit/pkg-opensc/libp11.git/commit/?id=e8d6da0 > >>>>>>> > >>>>>> So, erm. This seems like it would break using libengine-pkcs11-openssl > >>>>>> in an application using libssl1.0.2. As a SONAME bump it also seems > >>>>>> rather inappropriate during the freeze. > >>>>> > >>>>> That's a good point. I was trying to provide an alternative to the > >>>>> broken NMU that was going to be uploaded, but yes this will break > >>>>> applications built against libssl1.0.2. It does fix using this with > >>>>> the openssl tool however. > >>>>> > >>>> Right. > >>>> > >>>>>> I'm very interested in having this fixed in stretch so I can get the > >>>>>> secure-boot stuff working on ftp-master, but this doesn't look like the > >>>>>> way to go. Not to mention that you'd have to justify the bump from > >>>>>> 0.4.3 to 0.4.4. > >>>>>> > >>>>>> Can you explain your plans here? > >>>>> > >>>>> As you suggested in your followup, the way forward would appear to be > >>>>> to upload a new libp11 source package that builds against > >>>>> libssl1.0.2. I can also backport all of the changes to 0.4.3 and > >>>>> upload to testing-proposed-updates. Does that sound reasonable? > >>>>> > >>>> Having read through the 0.4.4 changes I think I'd be ok with getting > >>>> that in if you're confident. I guess the other question is should > >>>> libp11-dev come from the openssl1.1-using package or the > >>>> openssl1.0.2-using one. At this late stage I guess it's safer to stay > >>>> with 1.0.2, and have the libp11-openssl1.1 package (or however it's > >>>> called) only provide a libengine-pkcs11-openssl1.1 binary? > >>> > >>> OK, I like this plan. We should get the naming right going forward > >>> though for the libengine-pkcs11-openssl1.1 package. Is that how other > >>> packages are handling naming when they depend on a particular version > >>> of openssl? > >>> > >> I'm not sure, to be honest. I don't know if there are any other similar > >> cases right now. This package name wouldn't survive stretch in any > >> case, I guess? > >> > >>> I should be able to get fixed uploads to unstable in a couple of days. > >>> > >> Nice. Thanks. > >> > >> Cheers, > >> Julien > > > -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93
Bug#864383: unblock: libp11-openssl1.1/0.4.4-4
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package libp11-openssl1.1 This is a new package which is adds only pkcs11 engine support for openssl 1.1. Without this the change it can't be used with openssl 1.1 only with openssl 1.0.2 and since the openssl command is coming from 1.1 without this it would be a functionality regression in stretch. Full context in #846548. No debdiff since this is a new package. unblock libp11-openssl1.1/0.4.4-4 -- System Information: Debian Release: 9.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.5.0-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Bug#846548: marked as pending
OK, apologies for the delay (and I know we're getting down to the wire). I just uploaded libp11-openssl1.1 to experimental and of course it's in NEW. If this looks ok let me know what the next steps are if we want to try to get it into stretch. * Julien Cristau (jcris...@debian.org) wrote: > On 05/30/2017 07:16 AM, Eric Dorland wrote: > > * Julien Cristau (jcris...@debian.org) wrote: > >> On 05/29/2017 03:15 AM, Eric Dorland wrote: > >>> * Julien Cristau (jcris...@debian.org) wrote: > >>>> On Mon, May 22, 2017 at 03:42:57 +, Eric Dorland wrote: > >>>> > >>>>> tag 846548 pending > >>>>> thanks > >>>>> > >>>>> Hello, > >>>>> > >>>>> Bug #846548 reported by you has been fixed in the Git repository. You > >>>>> can > >>>>> see the changelog below, and you can check the diff of the fix at: > >>>>> > >>>>> > >>>>> https://anonscm.debian.org/cgit/pkg-opensc/libp11.git/commit/?id=e8d6da0 > >>>>> > >>>> So, erm. This seems like it would break using libengine-pkcs11-openssl > >>>> in an application using libssl1.0.2. As a SONAME bump it also seems > >>>> rather inappropriate during the freeze. > >>> > >>> That's a good point. I was trying to provide an alternative to the > >>> broken NMU that was going to be uploaded, but yes this will break > >>> applications built against libssl1.0.2. It does fix using this with > >>> the openssl tool however. > >>> > >> Right. > >> > >>>> I'm very interested in having this fixed in stretch so I can get the > >>>> secure-boot stuff working on ftp-master, but this doesn't look like the > >>>> way to go. Not to mention that you'd have to justify the bump from > >>>> 0.4.3 to 0.4.4. > >>>> > >>>> Can you explain your plans here? > >>> > >>> As you suggested in your followup, the way forward would appear to be > >>> to upload a new libp11 source package that builds against > >>> libssl1.0.2. I can also backport all of the changes to 0.4.3 and > >>> upload to testing-proposed-updates. Does that sound reasonable? > >>> > >> Having read through the 0.4.4 changes I think I'd be ok with getting > >> that in if you're confident. I guess the other question is should > >> libp11-dev come from the openssl1.1-using package or the > >> openssl1.0.2-using one. At this late stage I guess it's safer to stay > >> with 1.0.2, and have the libp11-openssl1.1 package (or however it's > >> called) only provide a libengine-pkcs11-openssl1.1 binary? > > > > OK, I like this plan. We should get the naming right going forward > > though for the libengine-pkcs11-openssl1.1 package. Is that how other > > packages are handling naming when they depend on a particular version > > of openssl? > > > I'm not sure, to be honest. I don't know if there are any other similar > cases right now. This package name wouldn't survive stretch in any > case, I guess? > > > I should be able to get fixed uploads to unstable in a couple of days. > > > Nice. Thanks. > > Cheers, > Julien -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#846548: marked as pending
* Julien Cristau (jcris...@debian.org) wrote: [snip] > > OK, I like this plan. We should get the naming right going forward > > though for the libengine-pkcs11-openssl1.1 package. Is that how other > > packages are handling naming when they depend on a particular version > > of openssl? > > > I'm not sure, to be honest. I don't know if there are any other similar > cases right now. This package name wouldn't survive stretch in any > case, I guess? Well when openssl 1.2 comes out we might have this same problem again right? > > I should be able to get fixed uploads to unstable in a couple of days. > > > Nice. Thanks. -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#846548: marked as pending
* Julien Cristau (jcris...@debian.org) wrote: > On 05/29/2017 03:15 AM, Eric Dorland wrote: > > * Julien Cristau (jcris...@debian.org) wrote: > >> On Mon, May 22, 2017 at 03:42:57 +, Eric Dorland wrote: > >> > >>> tag 846548 pending > >>> thanks > >>> > >>> Hello, > >>> > >>> Bug #846548 reported by you has been fixed in the Git repository. You can > >>> see the changelog below, and you can check the diff of the fix at: > >>> > >>> > >>> https://anonscm.debian.org/cgit/pkg-opensc/libp11.git/commit/?id=e8d6da0 > >>> > >> So, erm. This seems like it would break using libengine-pkcs11-openssl > >> in an application using libssl1.0.2. As a SONAME bump it also seems > >> rather inappropriate during the freeze. > > > > That's a good point. I was trying to provide an alternative to the > > broken NMU that was going to be uploaded, but yes this will break > > applications built against libssl1.0.2. It does fix using this with > > the openssl tool however. > > > Right. > > >> I'm very interested in having this fixed in stretch so I can get the > >> secure-boot stuff working on ftp-master, but this doesn't look like the > >> way to go. Not to mention that you'd have to justify the bump from > >> 0.4.3 to 0.4.4. > >> > >> Can you explain your plans here? > > > > As you suggested in your followup, the way forward would appear to be > > to upload a new libp11 source package that builds against > > libssl1.0.2. I can also backport all of the changes to 0.4.3 and > > upload to testing-proposed-updates. Does that sound reasonable? > > > Having read through the 0.4.4 changes I think I'd be ok with getting > that in if you're confident. I guess the other question is should > libp11-dev come from the openssl1.1-using package or the > openssl1.0.2-using one. At this late stage I guess it's safer to stay > with 1.0.2, and have the libp11-openssl1.1 package (or however it's > called) only provide a libengine-pkcs11-openssl1.1 binary? OK, I like this plan. We should get the naming right going forward though for the libengine-pkcs11-openssl1.1 package. Is that how other packages are handling naming when they depend on a particular version of openssl? I should be able to get fixed uploads to unstable in a couple of days. -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#846548: marked as pending
* Julien Cristau (jcris...@debian.org) wrote: > On Mon, May 22, 2017 at 03:42:57 +0000, Eric Dorland wrote: > > > tag 846548 pending > > thanks > > > > Hello, > > > > Bug #846548 reported by you has been fixed in the Git repository. You can > > see the changelog below, and you can check the diff of the fix at: > > > > https://anonscm.debian.org/cgit/pkg-opensc/libp11.git/commit/?id=e8d6da0 > > > So, erm. This seems like it would break using libengine-pkcs11-openssl > in an application using libssl1.0.2. As a SONAME bump it also seems > rather inappropriate during the freeze. That's a good point. I was trying to provide an alternative to the broken NMU that was going to be uploaded, but yes this will break applications built against libssl1.0.2. It does fix using this with the openssl tool however. > I'm very interested in having this fixed in stretch so I can get the > secure-boot stuff working on ftp-master, but this doesn't look like the > way to go. Not to mention that you'd have to justify the bump from > 0.4.3 to 0.4.4. > > Can you explain your plans here? As you suggested in your followup, the way forward would appear to be to upload a new libp11 source package that builds against libssl1.0.2. I can also backport all of the changes to 0.4.3 and upload to testing-proposed-updates. Does that sound reasonable? -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93
Bug#846548: [pkg-opensc-maint] Bug#846548: patch for #846548
Sorry for not getting back to this sooner. I've canceled this upload since it has the side-effect of breaking libp11 (ie it bumps it's soname). I think the way forward would be to make that bump and rebuild the only dependency (pam-p11) against it, but I'm not 100% sure pam-p11 compiles with openssl 1.1. I guess this plan will require release manager approval since it's rather a lot of changes. * Luke Faraone (l...@faraone.cc) wrote: > On Thu, 11 May 2017 20:33:41 -0700 Luke W Faraone <lfara...@debian.org> wrote: > > On Thu, 11 May 2017 19:45:51 -0700 Luke W Faraone <lfara...@debian.org> > > wrote: > > > Attached is a patch to fix the path to the engine directory, and moves > > > this library back to libssl-dev. (it isn't clear to me from changelog or > > > git log why the move to 1.1 was originally reverted) > > > > And of course, that patch was bogus. Attached is a orrected patch. I > > intend to upload this to DELAYED/5 once I have a chance to test on real > > hardware. > > Tested (attached) and uploaded accordingly. > > -- Luke > $ openssl req -engine pkcs11 -keyform engine -new -key > "pkcs11:model=PKCS%2315%20emulated;manufacturer=piv_II;serial=[…];token=PIV_II%20%28PIV%20Card%20Holder%20pin%29;id=%01;object=PIV%20AUTH%20key;type=private" > -out req.pem -text -x509 -subj '/CN=Luke Faraone' > engine "pkcs11" set. > No private keys found. > PKCS#11 token PIN: > cobalt:/tmp/tmp.1Pc1kTLqDp$ cat req.pem > Certificate: > Data: > Version: 3 (0x2) > Serial Number: > a7:78:4e:07:98:95:7d:95 > Signature Algorithm: sha256WithRSAEncryption > Issuer: CN = Luke Faraone > Validity > Not Before: May 13 20:07:39 2017 GMT > Not After : Jun 12 20:07:39 2017 GMT > Subject: CN = Luke Faraone > Subject Public Key Info: > Public Key Algorithm: rsaEncryption > […] > -BEGIN CERTIFICATE- > […] > -END CERTIFICATE- > > _______ > pkg-opensc-maint mailing list > pkg-opensc-ma...@lists.alioth.debian.org > https://lists.alioth.debian.org/mailman/listinfo/pkg-opensc-maint -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93
Bug#852039: [pkg-opensc-maint] Bug#852039: pam-p11: diff for NMU version 0.1.5-6.1
Hi Sam, Thanks for the patch. I'll prepare an upload for it tomorrow if you want to hold off for a bit. * hartm...@debian.org (hartm...@debian.org) wrote: > Control: tags 852039 + pending > > > Dear maintainer, > > I've prepared an NMU for pam-p11 (versioned as 0.1.5-6.1) and > uploaded it to DELAYED/2day. I realize this is a small delay, but I want the > changes to make it in before the freeze. Please feel free to tell me if I > should delay it longer. > > Regards. > diff -Nru pam-p11-0.1.5/debian/changelog pam-p11-0.1.5/debian/changelog > --- pam-p11-0.1.5/debian/changelog2016-12-10 20:32:54.0 -0500 > +++ pam-p11-0.1.5/debian/changelog2017-01-23 15:13:19.0 -0500 > @@ -1,3 +1,10 @@ > +pam-p11 (0.1.5-6.1) unstable; urgency=medium > + > + * Non-maintainer upload. > + * Fix segfault after token login, Closes: #852039 > + > + -- Sam Hartman <hartm...@debian.org> Mon, 23 Jan 2017 15:13:19 -0500 > + > pam-p11 (0.1.5-6) unstable; urgency=medium > >* debian/control: Explicit build-deps on libssl1.0-dev. > diff -Nru pam-p11-0.1.5/debian/patches/reread_certs_on_token_login > pam-p11-0.1.5/debian/patches/reread_certs_on_token_login > --- pam-p11-0.1.5/debian/patches/reread_certs_on_token_login 1969-12-31 > 19:00:00.0 -0500 > +++ pam-p11-0.1.5/debian/patches/reread_certs_on_token_login 2017-01-20 > 17:23:43.0 -0500 > @@ -0,0 +1,40 @@ > +Index: pam-p11/src/pam_p11.c > +=== > +--- pam-p11.orig/src/pam_p11.c > pam-p11/src/pam_p11.c > +@@ -56,6 +56,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h > + const char *user; > + char *password; > + char password_prompt[64]; > ++int loggedin = 0; > + > + struct pam_conv *conv; > + struct pam_message msg; > +@@ -119,7 +120,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h > + } > + > + /* get all certs */ > +-rv = PKCS11_enumerate_certs(slot->token, , ); > ++ cert_scan: rv = PKCS11_enumerate_certs(slot->token, , ); > + if (rv) { > + pam_syslog(pamh, LOG_ERR, "PKCS11_enumerate_certs failed"); > + rv = PAM_AUTHINFO_UNAVAIL; > +@@ -156,7 +157,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h > + goto out; > + } > + > +-if (!slot->token->loginRequired) > ++if (!slot->token->loginRequired ||loggedin) > + goto loggedin; > + > + /* get password */ > +@@ -209,6 +210,9 @@ PAM_EXTERN int pam_sm_authenticate(pam_h > + goto out; > + } > + > ++loggedin = 1; > ++goto cert_scan; > ++ > + loggedin: > + /* get random bytes */ > + fd = open(RANDOM_SOURCE, O_RDONLY); > diff -Nru pam-p11-0.1.5/debian/patches/series > pam-p11-0.1.5/debian/patches/series > --- pam-p11-0.1.5/debian/patches/series 2016-12-10 20:32:54.0 > -0500 > +++ pam-p11-0.1.5/debian/patches/series 2017-01-20 17:22:14.0 > -0500 > @@ -1 +1,2 @@ > 0001-Use-INSTALL-instead-of-libLTLIBRARIES_INSTALL.patch > +reread_certs_on_token_login > > ___ > pkg-opensc-maint mailing list > pkg-opensc-ma...@lists.alioth.debian.org > https://lists.alioth.debian.org/mailman/listinfo/pkg-opensc-maint -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#851639: ITP: alacritty -- A cross-platform, GPU-accelerated terminal emulator
Package: wnpp Severity: wishlist Owner: Eric Dorland <e...@debian.org> * Package name: alacritty Upstream Author : Joe Wilm <j...@jwilm.com> * URL : https://github.com/jwilm/alacritty * License : Apache 2.0 Programming Lang: Rust Description : A cross-platform, GPU-accelerated terminal emulator Alacritty is the fastest terminal emulator in existence. Using the GPU for rendering enables optimizations that simply aren't possible in other emulators.
Bug#830863: [pkg-opensc-maint] Bug#830863: opensc-pkcs11: Unable to sign
Sorry I don't have your particular hardware to test with, but this sounds similar to https://github.com/OpenSC/OpenSC/issues/942. Do you think it could be the same issue? * Stanimir Stoyanov (stani...@datacentrix.org) wrote: > Package: opensc-pkcs11 > Version: 0.16.0-1 > Severity: important > > Dear Maintainer, > > It is about omnikey reader with CardOS smart card. > > The output of OPENSC_DEBUG=2 pkcs11-tool --module /usr/lib/x86_64-linux-gnu > /onepin-opensc-pkcs11.so -t -l: > > Please enter User PIN: > 0x7feae107d700 14:18:05.293 [onepin-opensc-pkcs11] sec.c:206:sc_pin_cmd: > returning with: 0 (Success) > C_SeedRandom() and C_GenerateRandom(): > seeding (C_SeedRandom) not supported > seems to be OK > Digests: > all 4 digest functions seem to work > MD5: OK > SHA-1: OK > RIPEMD160: OK > Signatures (currently only RSA signatures) > testing key 0 (StampIT) > 0x7feae107d700 14:18:10.557 [onepin-opensc-pkcs11] card- > cardos.c:475:cardos_select_file: called > 0x7feae107d700 14:18:10.582 [onepin-opensc-pkcs11] > sec.c:72:sc_set_security_env: returning with: 0 (Success) > 0x7feae107d700 14:18:10.621 [onepin-opensc-pkcs11] sec.c:44:sc_decipher: > returning with: -1200 (Card command failed) > 0x7feae107d700 14:18:10.630 [onepin-opensc-pkcs11] card- > cardos.c:475:cardos_select_file: called > 0x7feae107d700 14:18:10.723 [onepin-opensc-pkcs11] > ctx.c:842:sc_release_context: called > error: PKCS11 function C_SignFinal failed: rv = CKR_GENERAL_ERROR (0x5) > > Aborting. > > > > -- System Information: > Debian Release: stretch/sid > APT prefers testing > APT policy: (500, 'testing') > Architecture: amd64 (x86_64) > Foreign Architectures: i386 > > Kernel: Linux 4.6.0-1-amd64 (SMP w/2 CPU cores) > Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > > Versions of packages opensc-pkcs11 depends on: > ii libc62.22-13 > ii libssl1.0.2 1.0.2h-1 > ii zlib1g 1:1.2.8.dfsg-2+b1 > > opensc-pkcs11 recommends no packages. > > opensc-pkcs11 suggests no packages. > > -- no debconf information > > _______ > pkg-opensc-maint mailing list > pkg-opensc-ma...@lists.alioth.debian.org > https://lists.alioth.debian.org/mailman/listinfo/pkg-opensc-maint -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#830862: [pkg-opensc-maint] Bug#830862: opensc-pkcs11: trying to overwrite '/usr/lib/x86_64-linux-gnu/pkcs11', which is also in package gnome-keyring 3.20.0-1
Control: tags -1 unreproducible Hi Stanimir, I'm unable to reproduce this problem on my systems. Are you still seeing this? * Stanimir Stoyanov (stani...@datacentrix.org) wrote: > Package: opensc-pkcs11 > Version: 0.16.0-1 > Severity: important > > Dear Maintainer, > > After last upgrade I'm unable to sign documents using my digital signature. > The > error I'm getting is: > > Preparing to unpack .../opensc-pkcs11_0.16.0-1_amd64.deb ... > Unpacking opensc-pkcs11:amd64 (0.16.0-1) ... > dpkg: error processing archive /var/cache/apt/archives/opensc- > pkcs11_0.16.0-1_amd64.deb (--unpack): > trying to overwrite '/usr/lib/x86_64-linux-gnu/pkcs11', which is also in > package gnome-keyring 3.20.0-1 > Selecting previously unselected package opensc. > Preparing to unpack .../opensc_0.16.0-1_amd64.deb ... > Unpacking opensc (0.16.0-1) ... > Processing triggers for libc-bin (2.22-13) ... > Processing triggers for man-db (2.7.5-1) ... > Errors were encountered while processing: > /var/cache/apt/archives/opensc-pkcs11_0.16.0-1_amd64.deb > E: Sub-process /usr/bin/dpkg returned an error code (1) -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#849631: dnscrypt-proxy 1.8.1-4 fails to start
Control: tags + moreinfo unreproducible I'm not seeing this on my system. If you upgrade what does your dnscrypt-proxy.socket, dnscrypt-proxy.service and /etc/dnscrypt-proxy/dnscrypt-proxy.conf files look like? * Perl (zer0.div...@yahoo.fr) wrote: > Package: dnscrypt-proxy > Version: 1.7.0+dfsg-1 > Severity: serious > Tags: upstream > Justification: serious > > Dear Maintainer, > >* What led up to the situation? >After upgrade dnscrypt-proxy, it wan't start anymore. >* What exactly did you do (or not do) that was effective (or > ineffective)? > Working as before. >* What was the outcome of this action? >dnscrypt-proxy.service and dnscrypt-proxy.socket stop working. >I get these output in journalctl: >Dec 28 22:13:03 debian systemd[1]: dnscrypt-proxy.service: Service >hold-off time over, scheduling restart. >Dec 28 22:13:03 debian systemd[1]: dnscrypt-proxy.service: Start >request repeated too quickly. >Dec 28 22:13:03 debian systemd[1]: dnscrypt-proxy.socket: Unit >entered failed state. >Dec 28 22:13:03 debian systemd[1]: dnscrypt-proxy.service: Unit >entered failed state. >Dec 28 22:13:03 debian systemd[1]: dnscrypt-proxy.service: Failed >with result 'start-limit-hit'. > >And if I feed dnscrypt-proxy command with the configuration file, I >get in terminal: >Dec 28 22:13:01 debian dnscrypt-proxy[1694]: Wed Dec 28 22:13:01 2016 >[INFO] + DNS Security Extensions are supported >Dec 28 22:13:01 debian dnscrypt-proxy[1694]: Wed Dec 28 22:13:01 2016 >[INFO] + Provider supposedly doesn't keep logs >Dec 28 22:13:01 debian systemd[1]: dnscrypt-proxy.service: Service >hold-off time over, scheduling restart. > >* What outcome did you expect instead? >Running dnscrypt-proxy.service and dnscrypt-proxy.socket. > > *** End of the template - remove these template lines *** > > > -- System Information: > Debian Release: stretch/sid > APT prefers unstable > APT policy: (990, 'unstable'), (150, 'testing'), (100, 'stable'), (5, > 'experimental') > Architecture: amd64 (x86_64) > > Kernel: Linux 4.8.0-1-amd64 (SMP w/4 CPU cores) > Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > > Versions of packages dnscrypt-proxy depends on: > ii adduser 3.115 > ii init-system-helpers 1.46 > ii libc62.24-8 > ii libltdl7 2.4.6-2 > ii libsodium18 1.0.11-1 > ii libsystemd0 232-8 > > dnscrypt-proxy recommends no packages. > > Versions of packages dnscrypt-proxy suggests: > ii resolvconf 1.79 > > -- Configuration Files: > /etc/default/dnscrypt-proxy changed: > DNSCRYPT_PROXY_LOCAL_ADDRESS=127.0.2.1:53 > DNSCRYPT_PROXY_RESOLVER_NAME=dnscrypt.org-fr > DNSCRYPT_PROXY_OPTIONS="" > > /etc/dnscrypt-proxy/dnscrypt-proxy.conf changed: > ResolverName=dnscrypt.org-fr That equals sign looks problematic. > ResolversList /usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv > Daemonize yes > PidFile /var/run/dnscrypt-proxy.pid > User _dnscrypt-proxy > LocalAddress 127.0.2.1:53 > EphemeralKeys yes > MaxActiveRequests 250 > LogFile /var/log/dnscrypt-proxy.log > LogLevel 7 > BlockIPv6 yes > > > -- no debconf information -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#837959: New version available - 1.7.0
It's already packaged and waiting in NEW. * Michael-John Turner (m...@mjturner.net) wrote: > Package: dnscrypt-proxy > Version 1.6.1-1 > Severity: wishlist > > Hi, > > A new upstream version of dnscrypt-proxy is available - 1.7.0. It would be > great if the Debian package could be updated to this version. > > Source available from https://download.dnscrypt.org/dnscrypt-proxy/ > > Cheers, MJ -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93
Bug#781648: dnscrypt-proxy: Default configuration doesn't work with Unbound DNS cache
The latest package that's waiting in NEW will have a different default resolver and should work fine with DNSSEC. * har...@a-little-linux-box.at (har...@a-little-linux-box.at) wrote: > Dear Eric Dorland, > > according to the dnscrypt-resolvers.csv file these resolvers don't > support DNSSec, so I guess this bug should be kept open - IMHO it would > make more sense to tell users how to disable DNSSec :-/. > > Kind regards > Harald Jenny -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93
Bug#781648: dnscrypt-proxy: Default configuration doesn't work with Unbound DNS cache
Control: tags -1 fixed-upstream So this should be fixable in the next release when the anycast addresses are added for http://dnsrec.meo.ws/. * Ivan Vilata i Balaguer (i...@selidor.net) wrote: > Package: dnscrypt-proxy > Version: 1.4.3-2 > Severity: normal > > Hi! The README of ``dnscrypt-proxy`` recommends using Unbound as a DNS > caching resolver in combination with it. However, Unbound enables DNSSEC and > the default configuration of ``dnscrypt-proxy`` sets > ``DNSCRYPT_PROXY_RESOLVER_NAME=opendns`` in its default file. The problem is > that OpenDNS servers disable DNSSEC, which results in Unbound rejecting the > responses coming from the proxy and name resolution failing, as explained > here: https://forums.opendns.com/comments.php?DiscussionID=15361#Item_9 > > I suggest to change the default to a different one (e.g. the ``dnscrypt.eu-*`` > servers seem to work), or to add a short comment in the default file warning > about OpenDNS servers and DNSSEC. > > Thanks! > > -- System Information: > Debian Release: 8.0 > APT prefers unstable > APT policy: (500, 'unstable') > Architecture: amd64 (x86_64) > > Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) > Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: sysvinit (via /sbin/init) > > Versions of packages dnscrypt-proxy depends on: > ii adduser 3.113+nmu3 > ii init-system-helpers 1.22 > ii libc62.19-17 > ii libsodium13 1.0.1-1 > ii libsystemd0 215-12 > > dnscrypt-proxy recommends no packages. > > Versions of packages dnscrypt-proxy suggests: > ii resolvconf 1.76.1 > > -- Configuration Files: > /etc/default/dnscrypt-proxy changed [not included] > > -- no debconf information -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#823030: [pkg-opensc-maint] Bug#823030: Status
* José Luis González (jlgon...@ya.com) wrote: > On Sat, 30 Jul 2016 01:53:17 -0400 > Eric Dorland <e...@debian.org> wrote: > > > Control: tags -1 moreinfo > > > > What software is breaking exactly? You should not need libopensc2, it > > was always an internal library. > > It's an external package, from Spain's ID card electronic signing > system. As far as I remember it depended on those packages. > > I managed to install the external packages with packages from stable. Is it actually linking against libopensc2? -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#823030: [pkg-opensc-maint] Bug#823030: Status
Control: tags -1 moreinfo What software is breaking exactly? You should not need libopensc2, it was always an internal library. * José Luis González (jlgon...@ya.com) wrote: > Hi, > > any news or feedback on this issue? > > Regards, > José > > ___ > pkg-opensc-maint mailing list > pkg-opensc-ma...@lists.alioth.debian.org > https://lists.alioth.debian.org/mailman/listinfo/pkg-opensc-maint -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#820444: [pkg-opensc-maint] Bug#820444: opensc-pkcs11: Segfault with cardos smartcard
Thanks for the report. I'll try to do an upload with the patch this weekend. * Laurent Bigonville (bi...@debian.org) wrote: > tag 820444 + fixed-upstream > forwarded 820444 https://github.com/OpenSC/OpenSC/issues/547 > thanks > > Hi, > > This is actually already fixed upstream, would be nice if the patch was > cherry-picked. Not sure when the next release will happen. > > Cheers, > > Laurent Bigonville > > ___ > pkg-opensc-maint mailing list > pkg-opensc-ma...@lists.alioth.debian.org > https://lists.alioth.debian.org/mailman/listinfo/pkg-opensc-maint -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#819902: RM: automake-1.14 -- RoQA; superseded by automake-1.15
* Mattia Rizzolo (mat...@debian.org) wrote: > Package: ftp.debian.org > X-Debbugs-CC: automake-1...@packages.debian.org > > As per subject, please remove this. > > Even if I wonder why we need to have different source packages for 1.14 > and 1.15, whilst the both build only one binary "automake"... It's unclear to me why it wasn't removed automatically when it no longer had any binary packages in the archive. Is that a bug? -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#815004: [pkg-opensc-maint] Bug#815004: libengine-pkcs11-openssl: Engine is installed at wrong location (sparc64 as well)
uot;, O_RDONLY|O_CLOEXEC) = 3 > open("/lib64/libkeyutils.so.1", O_RDONLY|O_CLOEXEC) = 3 > open("/lib64/libresolv.so.2", O_RDONLY|O_CLOEXEC) = 3 > open("/lib64/libpthread.so.0", O_RDONLY|O_CLOEXEC) = 3 > open("/lib64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = 3 > open("/lib64/libpcre.so.1", O_RDONLY|O_CLOEXEC) = 3 > statfs("/sys/fs/selinux", {f_type="SELINUX_MAGIC", f_bsize=4096, > f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={0, > 0}, f_namelen=255, f_frsize=4096, f_flags=4128}) = 0 > statfs("/sys/fs/selinux", {f_type="SELINUX_MAGIC", f_bsize=4096, > f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={0, > 0}, f_namelen=255, f_frsize=4096, f_flags=4128}) = 0 > access("/etc/selinux/config", F_OK) = 0 > access("/etc/system-fips", F_OK)= -1 ENOENT (No such file or > directory) > open("/etc/pki/tls/openssl.cnf", O_RDONLY) = 3 > open("/proc/meminfo", O_RDONLY|O_CLOEXEC) = 3 > open("/usr/lib64/openssl/engines/libpkcs11.so", O_RDONLY|O_CLOEXEC) = 3 > open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 > open("/lib64/libp11.so.2", O_RDONLY|O_CLOEXEC) = 3 > (pkcs11) pkcs11 engine > open("/usr/lib64/p11-kit-proxy.so", O_RDONLY|O_CLOEXEC) = 3 > open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 > open("/lib64/libffi.so.6", O_RDONLY|O_CLOEXEC) = 3 > open("/etc/pkcs11/pkcs11.conf", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No > such file or directory) > open("/home/mator/.config/pkcs11/pkcs11.conf", O_RDONLY|O_CLOEXEC) = > -1 ENOENT (No such file or directory) > stat("/home/mator/.config/pkcs11/modules", 0x7ffc8a781f40) = -1 ENOENT > (No such file or directory) > stat("/etc/pkcs11/modules", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 > open("/etc/pkcs11/modules", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = 3 > stat("/etc/pkcs11/modules/..", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 > stat("/etc/pkcs11/modules/.", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 > stat("/usr/share/p11-kit/modules", {st_mode=S_IFDIR|0755, > st_size=4096, ...}) = 0 > open("/usr/share/p11-kit/modules", > O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = 3 > stat("/usr/share/p11-kit/modules/..", {st_mode=S_IFDIR|0755, > st_size=4096, ...}) = 0 > stat("/usr/share/p11-kit/modules/p11-kit-trust.module", > {st_mode=S_IFREG|0644, st_size=693, ...}) = 0 > open("/usr/share/p11-kit/modules/p11-kit-trust.module", O_RDONLY|O_CLOEXEC) = > 4 > stat("/usr/share/p11-kit/modules/.", {st_mode=S_IFDIR|0755, > st_size=4096, ...}) = 0 > open("/usr/lib64/pkcs11/p11-kit-trust.so", O_RDONLY|O_CLOEXEC) = 3 > open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 > open("/lib64/libtasn1.so.6", O_RDONLY|O_CLOEXEC) = 3 > open("/lib64/libfreebl3.so", O_RDONLY|O_CLOEXEC) = 3 > statfs("/selinux", 0x7ffc8a782050) = -1 ENOENT (No such file or > directory) > open("/proc/mounts", O_RDONLY) = 3 > open("/tmp/fficgaRwB", O_RDWR|O_CREAT|O_EXCL, 0600) = 3 > unlink("/tmp/fficgaRwB")= 0 > [ available ] > +++ exited with 0 +++ > [mator@node01 ~]$ > > ___ > pkg-opensc-maint mailing list > pkg-opensc-ma...@lists.alioth.debian.org > https://lists.alioth.debian.org/mailman/listinfo/pkg-opensc-maint -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#814750: ITP: mtx-app -- command line utility for maXTouch devices
Package: wnpp Severity: wishlist Owner: Eric Dorland <e...@debian.org> * Package name: mtx-app Version : 1.26 Upstream Author : Atmel Corporation * URL : https://github.com/atmel-maxtouch * License : BSD 2-clause Programming Lang: C Description : command line utility for maXTouch devices mxt-app is a utility for managing Atmel maXTouch touch controllers and other devices that support Atmel Object Based Protocol. Needed for touchpad and touchscreen on the Chromebook Pixel 2015.
Bug#812528: Redundant argument in sprintf for postfix script
* Willi Mann (wi...@debian.org) wrote: > Hi Eric, > > Am 2016-01-24 um 18:54 schrieb Eric Dorland: > > Package: logwatch > > Version: 7.4.1+svn20151218rev302-1 > > Severity: minor > > > > I'm getting the following warning when the postfix script runs: > > could you verify whether attached version of the postfix script fixes > this issue? (unpack and Copy it to > /usr/share/logwatch/scripts/services/postfix) Yup, looks good. -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#812528: Redundant argument in sprintf for postfix script
Package: logwatch Version: 7.4.1+svn20151218rev302-1 Severity: minor I'm getting the following warning when the postfix script runs: - Postfix Begin Redundant argument in sprintf at /usr/share/logwatch/scripts/services/postfix l ine 1382, <> line 16. Redundant argument in sprintf at /usr/share/logwatch/scripts/services/postfix l ine 1382, <> line 16. Redundant argument in sprintf at /usr/share/logwatch/scripts/services/postfix l ine 1382, <> line 16. Redundant argument in sprintf at /usr/share/logwatch/scripts/services/postfix l ine 1382, <> line 16. -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.0.0-2-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages logwatch depends on: ii perl5.22.1-4 ii postfix [mail-transport-agent] 2.11.3-1+b1 Versions of packages logwatch recommends: ii libdate-manip-perl 6.52-1 ii libsys-cpu-perl 0.61-1+b2 ii libsys-meminfo-perl 0.98-1+b1 Versions of packages logwatch suggests: pn fortune-mod -- no debconf information
Bug#734442: patch
* Patrick Matthäi (pmatth...@debian.org) wrote: > > > Am 01.01.2016 um 04:09 schrieb Eric Dorland: > >>To repeat myself: If you guys (packagers) all agree on how this file > >>should look like, I'm fine with it too. > >> > >>If you want to maintain a separate unit file for Debian which is > >>different from other distros, I'm not in a position to stop you from > >>doing this. > >I don't have strong feelings about this, and I'm not the > >maintainer. I would just like this to work out of the box on Debian :) > >Patrick what do you think? > > For the Debian packaging itself it looks good for me (except of the username > e.g.). > Maybe we should use something like "znc-system" or "znc-daemon", since most > znc users just have called their znc user "znc" and "_znc" is invalid. _znc is a perfectly valid username, it's just discouraged because some libraries make bad assumptions about what characters are valid in a username. This shouldn't be a problem for znc. Take a look at your system, you probably already have an _apt system user already. The other semi-standard is for the username to have a Debian- prefix, but IMHO this is ugly beyond all reason, and certainly isn't very portable. I'm not sure we can find a perfectly portable answer to what the username should be, and perhaps a configure switch is the least terrible solution. > I would be happy to have got a solution with upstream and other > distributions, so that there are no bigger differences (or bugs) between > different distributions and upstream. OK, I'll working on some upstream patches so that we can use the upstream service file. -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#809756: Unescaped left brace in regex is deprecated
Package: logwatch Version: 7.4.1+svn20150731rev294-1 Severity: normal I'm seeing "Unescaped left brace in regex is deprecated, passed through in regex" in my logwatch reports, presumably due to the recent perl upgrade. Below are all the sections I'm seeing this in: - Amavisd-new Begin Unescaped left brace in regex is deprecated, passed through in regex; marked by <-- HERE in m/^(CLEAN|SPAM(?:MY)?|INFECTED \(.*?\)|BANNED \(.*?\)|BAD-HEADER(?:-\d)?|UNCHECKED|MTA-BLOCKED|OVERSIZED|OTHER|TEMPFAIL)(?: { <-- HERE [^}]+})?, ([^[]+ )?(?:([^<]+) )?[<(](.*?)[>)] -> ([(<].*?[)>]), (?:.*Hits: ([-+.\d]+))(?:.* size: (\d+))?(?:.* autolearn=(\w+))?/ at /usr/share/logwatch/scripts/services/amavis line 2286. -- Amavisd-new End - - Postfix Begin Unescaped left brace in regex is deprecated, passed through in regex; marked by <-- HERE in m/^Config: { <-- HERE / at /usr/share/logwatch/scripts/services/postfix line 1850. Redundant argument in sprintf at /usr/share/logwatch/scripts/services/postfix l ine 1382, <> line 10. Redundant argument in sprintf at /usr/share/logwatch/scripts/services/postfix l ine 1382, <> line 10. 8.862K Bytes accepted 9,075 8.862K Bytes delivered 9,075 == 2 Accepted 100.00% -- 2 Total 100.00% == 2 Removed from queue 2 Delivered -- Postfix End - - Connections (secure-log) Begin Unescaped left brace in regex is deprecated, passed through in regex; marked by <-- HERE in m/krb5kdc\[[0-9]*\]: (AS_REQ|TGS_REQ) \([0-9]+ etypes { <-- HERE [ 0-9]+}\) ([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+): (ISSUE|UNKNOWN_SERVER): authtime [0-9]+, (?:etypes {rep=[0-9]+ tkt=[0-9]+ ses=[0-9]+},)? ([^ ]+) for ([^ ,]+)(?:, )?(.*)$/ at /usr/share/logwatch/scripts/services/secure line 510. Unescaped left brace in regex is deprecated, passed through in regex; marked by <-- HERE in m/krb5kdc\[[0-9]*\]: (AS_REQ|TGS_REQ) \([0-9]+ etypes {[ 0-9]+}\) ([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+): (ISSUE|UNKNOWN_SERVER): authtime [0-9]+, (?:etypes { <-- HERE rep=[0-9]+ tkt=[0-9]+ ses=[0-9]+},)? ([^ ]+) for ([^ ,]+)(?:, )?(.*)$/ at /usr/share/logwatch/scripts/services/secure line 510. Unescaped left brace in regex is deprecated, passed through in regex; marked by <-- HERE in m/krb5kdc\[[0-9]*\]: (AS_REQ|TGS_REQ) \([0-9]+ etypes { <-- HERE [ 0-9]+}\) ([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+): (NEEDED_PREAUTH|PREAUTH_FAILED|CLIENT_NOT_FOUND): ([^ ]+) for ([^ ,]+)(?:, )?(.*)$/ at /usr/share/logwatch/scripts/services/secure line 519. -- Connections (secure-log) End - -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.0.0-2-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages logwatch depends on: ii perl5.22.1-3 ii postfix [mail-transport-agent] 2.11.3-1+b1 Versions of packages logwatch recommends: ii libdate-manip-perl 6.52-1 ii libsys-cpu-perl 0.61-1+b2 ii libsys-meminfo-perl 0.98-1+b1 Versions of packages logwatch suggests: pn fortune-mod -- no debconf information
Bug#734442: patch
* Alexey Sokolov (ale...@asokolov.org) wrote: > No, the reason I reverted it is > https://github.com/znc/znc/issues/1165#issuecomment-156880251 (point 2.) I don't really understand this argument. Using datadir (or pkgdatadir) allows the builder to set it to whatever value they wish at build time, how is that not generic? I think hiding the system configuration inside of a .znc directory is surprising and IMHO we should avoid it. You could provide a different automake variable to configure this and default it ~/.znc. Alternatively, you could add a --system flag (or something) to change the defaults if you really want these paths built into the binary. > To repeat myself: If you guys (packagers) all agree on how this file > should look like, I'm fine with it too. > > If you want to maintain a separate unit file for Debian which is > different from other distros, I'm not in a position to stop you from > doing this. I don't have strong feelings about this, and I'm not the maintainer. I would just like this to work out of the box on Debian :) Patrick what do you think? > I'm happy to accept changes upstream, if that makes packagers' life > easier. Cool. Outside of packaging, there are probably some hardening options that would be useful to add. Have you considered adding socket activation support, sd_notify and syslogging support to make this work a little better with systemd? I'd be happy to contribute some patches. > You can join that discussion if you disagree with @seblu and @Philantrop > > As for _znc username, perhaps that could be either a Debian-specific > one-line patch, or e.g. a env variable used by ./configure... Either of those are fine with me, but the more the service file is configurable this way the less it makes sense to me to try to keep an authoritative service file. We also don't need to use _znc, but znc instead. But znc being so short it does seem like it could conflict with an existing user on the system. > 29.12.2015 22:30, Eric Dorland пишет: > > * Alexey Sokolov (ale...@asokolov.org) wrote: > >> Hi Eric, Does the service file need to be different from the > >> included one? > >> (https://github.com/znc/znc/blob/master/znc.service.in) > > > > Currently it does, because the patch as is creates a _znc user > > rather than znc to avoid namespace collision. It also uses the > > --datadir flag to avoid the .znc directory. It also uses > > ConditionFileNotEmpty to prevent startup if it's not configured. We > > don't have to do these things but they all seem useful to me. > > There's really room to go further with various systemd protection > > settings, but I didn't want to overcomplicate the diff. > > > >> Also please check the recent discussion about it at > >> https://github.com/znc/znc/issues/1165 > > > > Thanks for pointing this out. There's a lot of issues to intermixed > > in this bug report. It looks like the reason they reverted the > > --datadir change was because it broke existing users, which is fair > > but we don't have that problem in Debian. I think having a unified > > unit file would be good but I don't think that should tie hands > > against good improvements. > > > -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#734442: patch
* Alexey Sokolov (ale...@asokolov.org) wrote: > Hi Eric, > Does the service file need to be different from the included one? > (https://github.com/znc/znc/blob/master/znc.service.in) Currently it does, because the patch as is creates a _znc user rather than znc to avoid namespace collision. It also uses the --datadir flag to avoid the .znc directory. It also uses ConditionFileNotEmpty to prevent startup if it's not configured. We don't have to do these things but they all seem useful to me. There's really room to go further with various systemd protection settings, but I didn't want to overcomplicate the diff. > Also please check the recent discussion about it at > https://github.com/znc/znc/issues/1165 Thanks for pointing this out. There's a lot of issues to intermixed in this bug report. It looks like the reason they reverted the --datadir change was because it broke existing users, which is fair but we don't have that problem in Debian. I think having a unified unit file would be good but I don't think that should tie hands against good improvements. -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#734442: patch
Package: znc Version: 1.6.2-2+b1 Followup-For: Bug #734442 Here is a patch that tries to add this functionality. It adds a package, znc-daemon that creates a system user and runs znc under systemd. Let me know if you don't like this approach and how I should approach this. -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.0.0-2-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages znc depends on: ii libc62.21-6 ii libgcc1 1:5.3.1-4 ii libicu55 55.1-6 ii libsasl2-2 2.1.26.dfsg1-14+b1 ii libssl1.0.2 1.0.2e-1 ii libstdc++6 5.3.1-4 ii zlib1g 1:1.2.8.dfsg-2+b1 Versions of packages znc recommends: ii znc-perl1.6.2-2+b1 ii znc-python 1.6.2-2+b1 ii znc-tcl 1.6.2-2+b1 znc suggests no packages. -- no debconf information diff -ruN znc-1.6.2.old/debian/control znc-1.6.2/debian/control --- znc-1.6.2.old/debian/control 2015-12-28 16:31:23.228373031 -0500 +++ znc-1.6.2/debian/control 2015-12-29 03:25:02.657680988 -0500 @@ -2,6 +2,7 @@ Section: net Priority: optional Build-Depends: debhelper (>= 9), + dh-systemd, libssl-dev, libperl-dev, libicu-dev, @@ -143,3 +144,21 @@ interface with many plugins supporting other features. . This package contains the znc Tcl extension. + +Package: znc-daemon +Architecture: all +Depends: znc (= ${binary:Version}) +Description: advanced modular IRC bouncer, system daemon + znc is an IRC proxy. It runs as a daemon and connects to IRC server, + then allows you to connect from a workstation and work as the user that + is logged in to the IRC server. After you disconnect, it maintains the + connection to the server. It acts like any normal IRC server, so you can + use any IRC client to connect to it. + . + Some of its features include support for multiple users, multiple clients, + and multiple IRC servers; playback buffers to catch up with what happened + while you were detached, SSL encryption, DCC proxying, and a plugin + interface with many plugins supporting other features. + . + This package contains the files necessary to run znc as a system daemon. + diff -ruN znc-1.6.2.old/debian/rules znc-1.6.2/debian/rules --- znc-1.6.2.old/debian/rules 2015-12-28 16:31:23.228373031 -0500 +++ znc-1.6.2/debian/rules 2015-12-29 03:08:06.163862824 -0500 @@ -21,7 +21,7 @@ --enable-python %: - dh $@ --with python3 + dh $@ --with python3,systemd override_dh_auto_configure: dh_auto_configure -- $(DEB_CONFIGURE_EXTRA_FLAGS) @@ -56,3 +56,9 @@ override_dh_strip: dh_strip --dbg-package=znc-dbg + +override_dh_systemd_enable: + dh_systemd_enable --name=znc + +override_dh_systemd_start: + dh_systemd_start --restart-after-upgrade diff -ruN znc-1.6.2.old/debian/znc-daemon.README.Debian znc-1.6.2/debian/znc-daemon.README.Debian --- znc-1.6.2.old/debian/znc-daemon.README.Debian 1969-12-31 19:00:00.0 -0500 +++ znc-1.6.2/debian/znc-daemon.README.Debian 2015-12-29 03:21:50.511604864 -0500 @@ -0,0 +1,4 @@ +Before the system wide znc will run it needs to be configured. To create an +initial configuration run: + +sudo -u _znc /usr/bin/znc --datadir=/var/lib/znc --makeconf diff -ruN znc-1.6.2.old/debian/znc-daemon.postinst znc-1.6.2/debian/znc-daemon.postinst --- znc-1.6.2.old/debian/znc-daemon.postinst 1969-12-31 19:00:00.0 -0500 +++ znc-1.6.2/debian/znc-daemon.postinst 2015-12-28 17:16:48.901019316 -0500 @@ -0,0 +1,24 @@ +#!/bin/sh + +set -e + +case "$1" in +configure) +if ! getent passwd _znc >/dev/null; then +adduser --quiet --system --force-badname \ +--home /var/lib/znc _znc +fi +;; + +abort-upgrade|abort-remove|abort-deconfigure) +;; + +*) +echo "postinst called with unknown argument \`$1'" >&2 +exit 1 +;; +esac + +#DEBHELPER# + +exit 0 diff -ruN znc-1.6.2.old/debian/znc-daemon.znc.service znc-1.6.2/debian/znc-daemon.znc.service --- znc-1.6.2.old/debian/znc-daemon.znc.service 1969-12-31 19:00:00.0 -0500 +++ znc-1.6.2/debian/znc-daemon.znc.service 2015-12-29 02:55:04.223796902 -0500 @@ -0,0 +1,11 @@ +[Unit] +Description=ZNC, an advanced IRC bouncer +After=network.target +ConditionFileNotEmpty=/var/lib/znc/configs/znc.conf + +[Service] +ExecStart=/usr/bin/znc --datadir=/var/lib/znc -f +User=_znc + +[Install] +WantedBy=multi-user.target
Bug#809018: [Letsencrypt-devel] Bug#809018: please backport letsencrypt to jessie-backports
* Axel Beckert (a...@debian.org) wrote: > Hi, > > Eric Dorland wrote: > > Package: letsencrypt > > Severity: wishlist > > > > This may already be in the works but I couldn't find any info to > > that effect. This would be a useful package to backport to stable. > > It's definitely planned. Even before it was in NEW, the plan was > already to get letsencrypt into stable-backports. Excellent. I expected as much but wanted to be sure. > That plan may have been only mentioned on IRC (at least that's where I > know it from), but there were IIRC at least two bug reports related to > backporting itself. Sorry if this was a duplicate or expressed better somewhere else, I didn't see any related reports. > There's even the idea (brought up by myself) to make backports to > (wheezy|oldstable)-backports-sloppy, but that's much more work than > for Jessie and I failed on it so far. > > A promising alternative for Wheezy boxes may be > https://github.com/lukas2511/letsencrypt.sh -- which implements the > client in pure bash (not pure bourne shell as it seems). It's under > MIT license, but not (yet) packaged. Haven't tried it yet, though. -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#809018: please backport letsencrypt to jessie-backports
Package: letsencrypt Severity: wishlist This may already be in the works but I couldn't find any info to that effect. This would be a useful package to backport to stable. -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.0.0-2-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Bug#744380: dh_auto_test: set VERBOSE when running Automake tests
* Niels Thykier (ni...@thykier.net) wrote: > Control: reassign -1 debhelper,automake > > On Sun, 13 Apr 2014 15:15:30 +0100 Simon McVittie <s...@debian.org> wrote: > > Package: debhelper > > Version: 9.20140228 > > Severity: wishlist > > > > Recent versions of Automake have a new "test driver" that records test > > output in log files rather than printing it to stdout/stderr. It is > > not typically possible to retrieve these log files from the buildds. > > > > If the environment variable VERBOSE is set to a non-empty value when > > running such tests, this output is suppressed for successful or > > skipped tests, but is sent to stdout for failed tests. This seems > > like "the best of both worlds" for maintainer and buildd use: the > > information is logged in exactly those cases where it is needed. > > > > Please consider running Automake tests with VERBOSE=1. > > > > Regards, > > S > > > > [...] > > Hi, > > On #debian-devel, it was proposed to have automake change the default to > be more verbose on test failures. Eric, what do you think of that idea? :) Sounds like a reasonable idea to me, I don't perceive any problems with it. -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#802118: [pkg-opensc-maint] Bug#802118: libengine-pkcs11-openssl: Functions to set static global data may cause memory leak.
* persmule (persm...@gmail.com) wrote: > Package: libengine-pkcs11-openssl > Version: 0.1.8-5 > Severity: grave > Tags: security > Justification: user security hole > > Dear Maintainer, > > Functions in src/engine_pkcs11.c to set static global data (set_module, > set_pin, get_pin and set_init_args) do not free memories pointed by the > corresponding pointers before assigning them to newly allocated > memories, which > may cause memory leaks if they are called more than once. > > The bugs related to set_module, set_pin and get_pin are fixed on > upstream, but > the one of set_init_args is not. Agreed that these are valid memory leaks but what's the security implication? This doesn't seem obviously exploitable. -- Eric Dorland <e...@kuroneko.ca> 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: PGP signature
Bug#796863: libassa3.5-5v5 and libassa-3.5-5v5: error when trying to install together
* Riley Baird (bm-2cvqnduybau5do2dfjtrn7zbaj246s4...@bitmessage.ch) wrote: This is listed in the FTP master's cruft report, so if I'm correct, it shouldn't be necessary to request a removal from unstable. Yeah and you have the right conflicts/replaces. I'm surprised it's complaining about this. -- Eric Dorland e...@kuroneko.ca 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: Digital signature
Bug#796007: Add redshift permission to geoclue
Package: geoclue-2.0 Version: 2.1.10-2 Severity: wishlist Tags: patch Attached patch enables redshift to use geoclue out of the box. This makes using redshift more seemless by not requiring any manual configuration to work and also it allows redshift to run with its default configuration (it usually fails on my system with a permission denied error without this change). -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.14-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages geoclue-2.0 depends on: ii adduser 3.113+nmu3 ii libc6 2.19-19 ii libglib2.0-02.44.1-1.1 ii libjson-glib-1.0-0 1.0.4-1 ii libmm-glib0 1.4.10-1 ii libsoup2.4-12.50.0-2 Versions of packages geoclue-2.0 recommends: ii modemmanager 1.4.10-1 ii wpasupplicant 2.3-2 geoclue-2.0 suggests no packages. -- no debconf information From 54c5a2b3d30a264cf4d103f998cbecbae851081f Mon Sep 17 00:00:00 2001 From: Eric Dorland e...@debian.org Date: Tue, 18 Aug 2015 08:46:14 -0400 Subject: [PATCH] Add redshift permission Allow redshift to read location from geoclue by default. Mark as a system component so that the location icon isn't always showing and it is ambient service like automatic timezone detection. --- data/geoclue.conf.in | 5 + 1 file changed, 5 insertions(+) diff --git a/data/geoclue.conf.in b/data/geoclue.conf.in index e4d9e70..6c893af 100644 --- a/data/geoclue.conf.in +++ b/data/geoclue.conf.in @@ -75,3 +75,8 @@ users= allowed=true system=false users= + +[redshift] +allowed=true +system=true +users= -- 2.5.0
Bug#788807: [gnome-shell-extension-redshift] Uninstallable with Gnome 3.16
.git4648ad79/src/schemas/org.gnome.shell.extensions.redshift.gschema.xml 2015-06-15 01:21:03.0 +0530 @@ -4,7 +4,7 @@ key name=active type=b defaulttrue/default summaryActivate redshift mode./summary - descriptionWether redshift mode should currently be active./description + descriptionWhether redshift mode should currently be active./description /key key name=location-provider type=s -- Eric Dorland e...@kuroneko.ca 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: Digital signature
Bug#753163: [pkg-gnupg-maint] gnupg 2.0.27 in debian unstable, with some fixes that we might want to consider for jessie
* Daniel Kahn Gillmor (d...@fifthhorseman.net) wrote: hey debian gnupg folks-- I've uploaded gnupg2 2.0.27-2 to unstable. This brings unstable closer to upstream (most of debian/patches is removed), and includes some debian-specific attempts to address some problems that might be relevant for a wider userbase. The most important changes included in 2.0.27-2 that i'd like people to look at are: https://anonscm.debian.org/cgit/pkg-gnupg/gnupg2.git/commit/?id=154d606ed022cee8ef1b86183f6a444d198a8a39 This proposes a workaround for GNOME keyring hijacking gpg-agent, including shipping /usr/bin/gnome-keyring-unhijack-gpg-agent as an interim measure, and suggesting its use if a hijack is detected. (#760102 and #753163) https://anonscm.debian.org/cgit/pkg-gnupg/gnupg2.git/commit/?id=be070c6017fede8dbd3549c0071e3f0ac44bebcd This imports NIIBE's upstream fix to not choke on repeated copies of unknown key material (#787045) If folks can take a look at these changes and let me know what you think about them, that would be great. In particular, i want to consider the two changes above for a stable point release, so if you see any concerns about either of them, please say something. Both seem reasonable for inclusion, particularly the second one. Should we have a NEWS.Debian entry to explain the issues with gnome-keyring and the existence of this script as well? -- Eric Dorland e...@kuroneko.ca 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: Digital signature
Bug#785064: automake: please update to automake 1.15
* Norbert Preining (prein...@logic.at) wrote: Package: automake Version: 1:1.14.1-4 Severity: wishlist Dear auto* maintainers, some of my packages nowadays require automake 1.15, could this please be included in Debian. It's uploaded and just awaiting NEW processing: https://ftp-master.debian.org/new/automake-1.15_1%3A1.15-1.html. -- Eric Dorland e...@kuroneko.ca 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: Digital signature
Bug#781648: dnscrypt-proxy: Default configuration doesn't work with Unbound DNS cache
* Ivan Vilata i Balaguer (i...@selidor.net) wrote: Package: dnscrypt-proxy Version: 1.4.3-2 Severity: normal Hi! The README of ``dnscrypt-proxy`` recommends using Unbound as a DNS caching resolver in combination with it. However, Unbound enables DNSSEC and the default configuration of ``dnscrypt-proxy`` sets ``DNSCRYPT_PROXY_RESOLVER_NAME=opendns`` in its default file. The problem is that OpenDNS servers disable DNSSEC, which results in Unbound rejecting the responses coming from the proxy and name resolution failing, as explained here: https://forums.opendns.com/comments.php?DiscussionID=15361#Item_9 I suggest to change the default to a different one (e.g. the ``dnscrypt.eu-*`` servers seem to work), or to add a short comment in the default file warning about OpenDNS servers and DNSSEC. Thanks! Yikes. I wasn't aware that OpenDNS did that. That does make them a rather poor default. The reason I chose it was that it has servers all over the place (https://www.opendns.com/data-center-locations/) and uses anycast, so it should be fast no matter where you are located. The dnscrypt.eu-* servers are going to be a poor choice for folks outside of Europe. It's unfortunate but there may be no sane default. It may be necessary to do some debconf work here to present some options. This will require some thought. -- Eric Dorland e...@kuroneko.ca 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: Digital signature
Bug#782164: ITP: dnscrypt-wrapper -- A server-side dnscrypt proxy
Package: wnpp Severity: wishlist Owner: Eric Dorland e...@debian.org * Package name: dnscrypt-wrapper Version : 0.1.15 Upstream Author : Yecheng Fu cofyc.jack...@gmail.com * URL : https://github.com/Cofyc/dnscrypt-wrapper * License : GPL v2 Programming Lang: C Description : A server-side dnscrypt proxy A dnscrypt wrapper (server-side dnscrypt proxy), which helps to add dnscrypt support to any name resolver. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781890: RFP: dnscrypt-proxy -- Encrypts DNS traffic between the user and a DNS-Server.
This has already been uploaded to unstable a few weeks ago. -- Eric Dorland e...@kuroneko.ca 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: Digital signature
Bug#781631: [Pkg-gnupg-maint] Bug#781631: gnupg2: provide packaging with debug symbols for gnupg2
* Daniel Kahn Gillmor (d...@fifthhorseman.net) wrote: On Tue 2015-03-31 18:55:26 -0400, Eric Dorland wrote: * Daniel Kahn Gillmor (d...@fifthhorseman.net) wrote: Package: gnupg2 Version: 2.1.2-2 Severity: wishlist It would be useful to be able to ship debug symbols for GnuPG2. Agreed, but has policy on this changed? I thought binary packages weren't supposed to ship -dbg packages? hm, i don't think i realized that restriction. where is the policy for this? a quick check on a local machine turns up at least wireshark-dbg and network-manager-dbg that ship -dbg packages for binaries. I was just going based on memory and it's not spelled out in policy, just the developers reference: https://www.debian.org/doc/manuals/developers-reference/best-pkging-practices.html#bpp-dbg It recommends not building a -dbg package for programs in general but for core infrastructure can be good candidates for debug packages. GPG seems infrastructury enough to me :) -- Eric Dorland e...@kuroneko.ca 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93 signature.asc Description: Digital signature