Bug#885329: libsikulixapi-java: not binNMU safe

[Emilio Pozuelo Monfort]

Package: libsikulixapi-java
Version: 1.1.1-7
Severity: serious

Hi,

This dependency is not binNMU safe:

Package: libsikulixapi-java
Depends: libsikulixapi-jni (>= 1.1.1-7), libsikulixapi-jni (<< 1.1.1-7+)

but due to a binNMU we have:

libsikulixapi-jni | 1.1.1-7   | testing| amd64, arm64, armel, armhf, 
i386, mips, mips64el, mipsel, ppc64el, s390x
libsikulixapi-jni | 1.1.1-7+b1| unstable   | amd64, arm64, armel, armhf, 
i386, mips, mips64el, mipsel, powerpc, ppc64el, s390x

Cheers,
Emilio

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (800, 'unstable'), (700, 'experimental'), (650, 'testing'), (500, 
'unstable-debug'), (500, 'testing-debug')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, armhf

Kernel: Linux 4.14.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8), 
LANGUAGE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libsikulixapi-java depends on:
ii  default-jre [java6-runtime]2:1.8-59
pn  jython 
pn  libcommons-cli-java
pn  libcommons-exec-java   
pn  libcommons-net-java
pn  libjxgrabkey-java  
pn  libopencv3.2-java  
pn  libsikulixapi-jni  
ii  lsb-release9.20170808
ii  openjdk-8-jre [java6-runtime]  8u151-b12-1
ii  psmisc 23.1-1
ii  python 2.7.14-4
pn  tesseract-ocr-eng  
pn  wmctrl 
pn  xdotool

libsikulixapi-java recommends no packages.

Versions of packages libsikulixapi-java suggests:
pn  libsikulixapi-doc  

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Bug#874276: ca-certificates-java: fails to install on armhf: Error: missing `server' JVM at `/usr/lib/jvm/java-8-openjdk-armhf/jre/lib/arm/server/libjvm.so'

[Emilio Pozuelo Monfort]

Package: ca-certificates-java
Version: 20170531+nmu1
Severity: grave

Hi,

Your package fails to install on armhf:

Setting up ca-certificates-java (20170531+nmu1) ...
Error: missing `server' JVM at 
`/usr/lib/jvm/java-8-openjdk-armhf/jre/lib/arm/server/libjvm.so'.
Please install or use the JRE or JDK that contains these missing components.
dpkg: error processing package ca-certificates-java (--configure):
 subprocess installed post-installation script returned error exit status 4

This may be related to one of the arm related changes in openjdk-8 8u144-b01-1.

For logs see e.g.

https://buildd.debian.org/status/logs.php?pkg=pdf2htmlex=0.14.6%2Bds-3%2Bb1=armhf
https://buildd.debian.org/status/logs.php?pkg=gdal=2.2.1%2Bdfsg-2%2Bb2=armhf

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (800, 'unstable'), (700, 'experimental'), (650, 'testing'), (500, 
'unstable-debug'), (500, 'testing-debug')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, armhf

Kernel: Linux 4.12.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8), LANGUAGE=en_GB:en 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages ca-certificates-java depends on:
ii  ca-certificates  20170717
ii  default-jre-headless [java7-runtime-headless]2:1.8-59
ii  libnss3  2:3.32-2
ii  openjdk-8-jre-headless [java7-runtime-headless]  8u144-b01-1

ca-certificates-java recommends no packages.

ca-certificates-java suggests no packages.

-- Configuration Files:
/etc/default/cacerts [Errno 13] Permission denied: '/etc/default/cacerts'

-- no debconf information

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Re: Wheezy update of batik?

[Emilio Pozuelo Monfort]

On 23/04/17 21:50, Ola Lundqvist wrote:
> Dear maintainer(s),
> 
> The Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of batik:
> https://security-tracker.debian.org/tracker/CVE-2017-5662

FWIW I investigated this a bit and there doesn't seem to be any details other
than what is in the advisory: i.e. I couldn't find the commit that fixes this
(looking at the svn repository) or an upstream bug report. I found a
security-related one, reported by Lars Krapf (as mentioned in the oss-security
mail) but that seemed different than CVE-2017-5662 and much older (see [1]).

Also our 1.8 and the upstream 1.9 tarballs have different layouts so it's hard
to compare them.

Cheers,
Emilio

[1] https://issues.apache.org/jira/browse/BATIK-1139

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Bug#753786: jftp: depends on openjdk-6 which won't be in jessie

[Emilio Pozuelo Monfort]

Package: jftp
Version: 1.52+dfsg-2
Severity: serious
Control: block 708350 by -1

Your package depends on openjdk-6, which isn't going to be a part of
Jessie, see #708350. You should switch to openjdk-7.

Emilio

__
This is the maintainer address of Debian's Java team
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Bug#751563: tuxguitar: depends on xulrunner which is no more

[Emilio Pozuelo Monfort]

Source: tuxguitar
Version: 1.2-19
Severity: serious

Your package depends on:
xulrunner-29 | xulrunner-24.0 | xulrunner-17.0 | xulrunner-10.0 | 
xulrunner-1.9.1

But iceweasel no longer provides a xulrunner binary. Note that the iceweasel 
binary
itself ships libxul.so now, so perhaps adding iceweasel (= 30) as an 
alternative
might be enough, if that's what tuxguitar needs.

Regards,
Emilio

__
This is the maintainer address of Debian's Java team
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. 
Please use
debian-j...@lists.debian.org for discussions and questions.