Bug#688251: #688251: Built-Using description too aggressive

Hello, On Mon, Dec 25 2017, Russ Allbery wrote: > Seconded the above change and with or without the wording change > discussed in the other part of this thread. Thank you for your review. Here is the current diff awaiting a final second: diff --git a/policy/ch-relationships.rst

Bug#885342: RM: zoo -- RoQA; dead upstream, orphaned, open security issues

Package: ftp.debian.org Severity: normal Hi, please remove zoo. It's orphaned without a new maintainer for three years now, dead upstream (last release from 1993) and has open security issues (#774453, #774032). There's a couple of Suggests: against the package, I'll file bugs to drop them once

Bug#885219: /lib64 provision added in 9.1.1 prohibits multilib libc

Hello, On Mon, Dec 25 2017, Russ Allbery wrote: > commit e0759206c2960f3fd6427583f10c4f87b39b152e (HEAD -> > bug885219-rra) Author: Russ Allbery Date: Mon Dec 25 > 18:06:25 2017 > > Allow libc to install files in /lib64 > > diff --git a/policy/ch-opersys.rst

Bug#885341: texlive-latex-extra: wordcount.tex is distributed without its script compagnion

Package: texlive-latex-extra Version: 2016.20170123-5 Severity: normal Dear Maintainer, it appears that CTAN package wordcount is only distributed partially: the tex file is distributed, but not the script. hth, Jerome -- Package-specific info: IMPORTANT INFORMATION: We will

Bug#885340: CVE-2017-17504

Package: imagemagick Severity: important Tags: security https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17504: https://github.com/ImageMagick/ImageMagick/issues/872 ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/ce3a586a43a7d13442587eb7f28d129557b6a135 ImageMagick-7:

Bug#844377: (no subject)

I wonder if we can achieve the same by using apt pinning (man apt_preferences), for e.g. writing a file to /etc/apt/preferences.d/. -- regards Thomas

Bug#885339: CVE-2017-17499

Package: imagemagick Version: 8:6.9.7.4+dfsg-16 Severity: important Tags: security https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17499: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3=33078=5fbb164c3830293138917f9b14264ed1 ImageMagick-7:

Bug#885338: CVE-2017-12165

Source: undertow Severity: important Tags: security The only source here is a report in Red Hat Bugzilla, so might be worth contacting upstream for additional information: https://bugzilla.redhat.com/show_bug.cgi?id=1490301 Cheers, Moritz

Bug#885328: Hugin crashes

On 2017-12-26 Robert Stephan wrote: > Package: hugin > Version: 2017.0.0+dfsg-1 > Priority: optional > Section: graphics > When trying to change in Menu Interface to Advanced or Expert Hugin crashes > and report : > /usr/include/wx-3.0/wx/object.h(160):

Bug#682347: mark 'editor' virtual package name as obsolete

Re: Russ Allbery 2017-12-26 <87wp1as3na@hope.eyrie.org> > 1. Status quo: there is an undocumented editor virtual package, Policy >says that nothing has to provide or depend on it, and some random >collection of editors provide it. I think this is a bad place to be, >so I would

Bug#885337: ITP: libdoxygen-filter-perl -- A Perl code pre-filter for Doxygen

Package: wnpp Severity: wishlist Owner: Francesco P. Lovergine * Package name: libdoxygen-filter-perl Version : 1.7.2 Upstream Author : Bret Jordan <> * URL : https://github.com/jordan2175/doxygen-filter-perl * License : Apache 2.0

Bug#884769: RFS: freetype/2.8.1-0.2 [NMU]

Package: sponsorship-requests Severity: normal Dear mentors, I am once again looking for a sponsor for an NMU of the package "freetype". This version addresses concerns raised by Adam Borowski and Gianfranco Costamagna, and removes the arch-dependent libdir output instead of freetype-config

Bug#877163: RM: elyxer -- ROM; no upstream activity, giving up LyX and ecosystem maintenance

tags 877163 - moreinfo thanks On Sat, Nov 18, 2017 at 07:27:54PM -0500, Scott Kitterman wrote: > Checking reverse dependencies... > # Broken Build-Depends: > ngspice/non-free: elyxer > > That'll have to be dealt with first. Took some time, but now it's finally done for i386 and amd64 with the

Bug#870618: Revised NMU debdiff for freetype-2.8.1-0.2

Hi Steve, I've revised my NMU in response to feedback from Adam Borowski and Gianfranco Costamagna. This version far less invasive. Hugh freetype2.debdiff Description: freetype2.debdiff

Bug#885223: cups-filters: conffiles not removed

Control: tags -1 +pending Le mardi, 26 décembre 2017, 09.54:49 h CET Paul Wise a écrit : > The recent upgrade did not deal with obsolete conffiles properly. > Please use the dpkg-maintscript-helper support provided by > dh_installdeb to remove these obsolete conffiles on upgrade. Oh, good catch,

Bug#885157: thunderbird: Upgrading from 1:52.5.0-1 to 1:52.5.2-1 enforces the AppArmor profile

Hi, On Tue, Dec 26, 2017 at 12:23:28PM +0100, Carsten Schoenert wrote: > Hello Guido and intrigeri, > > On Mon, Dec 25, 2017 at 11:34:08AM +0100, Guido Günther wrote: > > > Since we want to establish a lower bound for fixed versions (those that > > ship the symlink) it's probably better written

Bug#872039: why the severity?

> Reason for Severity=serious: This leaves /var (or other > filesystems) in an unclean state, so could possibly lead to > data loss! Please tell me why this would be serious: any filesystem from this millenium can handle unclean shutdown fine -- especially if there's a sync before

Bug#885157: thunderbird: Upgrading from 1:52.5.0-1 to 1:52.5.2-1 enforces the AppArmor profile

Hello Guido and intrigeri, On Mon, Dec 25, 2017 at 11:34:08AM +0100, Guido Günther wrote: > Since we want to establish a lower bound for fixed versions (those that > ship the symlink) it's probably better written as: > > > if test -n "$2" && dpkg --compare-versions "$2" gt

Bug#884874: phonon-backend-vlc: Application using phonon are crashing with vlc 3.0.0~rc2

In data martedì 26 dicembre 2017 13:00:02 CET, Vincas Dargis ha scritto: > VLC 3.0.0 entered Testing, and Dragon and Amarok started to crash. > > Could it have been possible to kinda stop VLC upload because some > depended packages breaks? That would be nice in this case. The fixed phonon-vlc

Bug#885183: stretch-pu: package ntopng/2.4+dfsg1-3+deb9u1

On Mon, Dec 25, 2017 at 09:26:58PM +0100, Ludovico Cavedon wrote: > - #866721 and #866719, which are securirity-related issues. Do you want > me to reach out to the security team about these first? Those are marked no-dsa for quite a while, so not needed. Cheers, Moritz

Bug#882699: ngspice: Remove build dependency on elyxer to allow for the elyxer removal from Debian

On Tue, Dec 26, 2017 at 09:01:47AM +0100, Gudjon I. Gudjonsson wrote: > Hi Sven > > > bi-directional sat link.) Though I'm not 100% sure if the {xhtml,png} > > stuff is POSIX sh compatible. > You are right, it fails when sbuilding. > > The package is finally uploaded without any elyxer

Bug#773613:

tags 773613 + patch thanks

Bug#885297: gpsd-clients: Depends on unmaintained pygtk

Hi Jeremy, while I understand your reason, the way you are handling this is rather rude. If you want to remove a package, the nice way is to file "important" bugs early and rise the severity at some point, some months later. Or are you planning to fix the apps from the gpsd-clients package very

Bug#884403: Patch for nettle-3.4

The below seems to be the minimal patch to enable compilation with nettle-3.4 (and breaking support for earlier nettle versions in the process). Something more elaborate based on NETTLE_VERSION_MAJOR, NETTLE_VERSION_MINOR is possible, but I'm not sure it's needed. Regards, /Niels diff --git

Bug#884874: phonon-backend-vlc: Application using phonon are crashing with vlc 3.0.0~rc2

VLC 3.0.0 entered Testing, and Dragon and Amarok started to crash. Could it have been possible to kinda stop VLC upload because some depended packages breaks? That would be nice in this case.

Bug#885336: RFS: kildclient/3.2.0-1 [Updated version, fixes non-DSA CVE]

Package: sponsorship-requests Severity: normal Dear mentors, I am looking for a sponsor for my package "kildclient". This version fixes a minimal impact CVE bug (that was considered as not needing a DSA by the security team) * Package name: kildclient Version : 3.2.0-1

Bug#884740: RFS: pokemmo/1.4.2-1 [ITP] -- Multiplayer online game based on the Pokemon universe

Control: retitle -1 pokemmo/1.4.3-1 [ITP] -- Multiplayer online game based on the Pokemon universe Control: tags -1 wontfix Control: block 884576 by -1 Hallo Carlos, Here's a review: - I'm confused about the claimed license:

Bug#884984: Debian Jessie installer hangs at boot

Hello again, Here is the dmidecode, attached. Best regards, -- Alexandre ANRIOT # dmidecode 3.0 Getting SMBIOS data from sysfs. SMBIOS 2.8 present. 81 structures occupying 3577 bytes. Table at 0x7AF09000. Handle 0xDA00, DMI type 218, 11 bytes OEM-specific Type Header and Data:

Bug#812439: lintian: False positive for dbg-package-missing-depends

tags 812429 + moreinfo thanks > I get the warning "W: bitz-server source: dbg-package-missing-depends > libicap0-dbg" on an this package: Do you still consider this to be a problem now that we have automatic debug packages in general (ignoring the specific case of bitz-server)? Regards, --

Bug#637473: lintian: false positive on embedded-php-library for streams.php

tags 637473 + pending thanks Fixed in Git: https://anonscm.debian.org/git/lintian/lintian.git/commit/?id=3c5ee5b2b146c6ff39deac5129e032eed15c0534 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#885335: abiword is missing required dependency

Package: abiword Version: 3.0.2-2+deb9u1 Severity: important Dear Maintainer, if I install abiword, it does not work: apt install abiword abiword ... does not run. Complains about missing libraries (swrast_dri.so) To fix this, I installed manually: apt install libgl1-mesa-dri The package

Bug#885334: libvirt-daemon: Cannot start iSCSI storage pool : "iscsiadm failed new mode for target"

Package: libvirt-daemon Version: 3.10.0-1 Severity: normal Dear Maintainer, I always had problems with iSCSI storage and virt-manager / libvirt. I have storage pool, which are not auto-started, because I dont't use them everytime. There is : - an iSCSI storage pool - a LVM storage pool, based

Bug#885333: stretch-pu: package loook/0.8.4-1

Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Hello, I want to upload a fix for bug #884582. The search breaks, if there is a password protected file in the directory. I did a new upstream version in sid, which only contains

Bug#885327: lintian: Please warn about packages that ship (non-reproducible) .doctree files

tags 885327 + pending thanks Fixed in Git: https://anonscm.debian.org/git/lintian/lintian.git/commit/?id=b9b7f4d95fb3ecf21e2ed175dcfd7eff3980a06b Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-

Bug#885332: RM: kdepim-runtime [armel hurd-i386 kfreebsd-amd64 kfreebsd-i386 mips mips64el powerpc ppc64el s390x] -- ROM; requires QtWebEngine

Package: ftp.debian.org Severity: normal Hi, the new version of src:kdepim-runtime requires QtWebEngine, which so far is ported to a limited number of architectures. Hence, please remove the binaries of kdepim-runtime on the other architectures. Thanks, -- Pino

Bug#885331: pidgin-sipe: postinst script seems to be locale-sensitive

PS: #631081 has a word about this, which makes sense: > - we obviously don't want to drop LANG and LC_* because we want the user > to use his native language parameters So here's my proposed patch: #!/bin/sh set -e -if dpkg-divert --list | grep -q "/usr/bin/pidgin.orig by pidgin-sipe" +if

Bug#885175: [kmail] Message Content Window Blacked Out

In data lunedì 25 dicembre 2017 19:53:04 CET, David Baron ha scritto: > Package: kmail > Version: 4:17.08.3-1 > Severity: important > > --- Please enter the report below this line. --- > Message content window (displayed below list) is blacked out. Seems not to > display at all along side. Do

Bug#885331: pidgin-sipe: postinst script seems to be locale-sensitive

Package: pidgin-sipe Version: 1.23.0-2 Severity: normal Hi, The postinst script didn't do what it was supposed to do, and "dpkg-reconfigure pidgin-sipe" or "aptitude reinstall pidgin-sipe" didn't helped either. #if dpkg-divert --list | grep -q "/usr/bin/pidgin.orig by pidgin-sipe" I guess this

Bug#883624: transition: libkf5kipi + marble 17.08

In data sabato 9 dicembre 2017 23:48:10 CET, Pino Toscano ha scritto: > In data venerdì 8 dicembre 2017 19:53:03 CET, Emilio Pozuelo Monfort ha > scritto: > > On 05/12/17 22:03, Pino Toscano wrote: > > > Package: release.debian.org > > > Severity: normal > > > User:

Bug#798356: libnftables included in nftables

The libnftables library will be included in the upstream nftables source tarball.

Bug#883622: transition: analitza 17.08

In data martedì 12 dicembre 2017 11:07:54 CET, Emilio Pozuelo Monfort ha scritto: > On 09/12/17 23:46, Pino Toscano wrote: > > In data venerdì 8 dicembre 2017 19:52:13 CET, Emilio Pozuelo Monfort ha > > scritto: > >> On 05/12/17 21:57, Pino Toscano wrote: > >>> Package: release.debian.org > >>>

Bug#885330: reportbug: Reportbug gui not started

Package: reportbug Version: 7.1.7 Severity: normal Dear Maintainer, I tried to start reportbugi from ui (xfce) but unfortunatelly it doesn't start as expected -- Package-specific info: ** Environment settings: INTERFACE="text" ** /home/kdiam/.reportbugrc: reportbug_version "7.1.7" mode novice

Bug#885329: libsikulixapi-java: not binNMU safe

Package: libsikulixapi-java Version: 1.1.1-7 Severity: serious Hi, This dependency is not binNMU safe: Package: libsikulixapi-java Depends: libsikulixapi-jni (>= 1.1.1-7), libsikulixapi-jni (<< 1.1.1-7+) but due to a binNMU we have: libsikulixapi-jni | 1.1.1-7 | testing| amd64,

Bug#885327: lintian: Please warn about packages that ship (non-reproducible) .doctree files

Package: lintian Version: 2.5.65 Severity: wishlist X-Debbugs-CC: reproducible-bui...@lists.alioth.debian.org Hi, Please warn about packages that ship Python .doctree files. They are not needed to display the documentation and contain the absolute build path, thus affecting reproducibility.

Bug#884984: Debian Jessie installer hangs at boot

Hello, For the record, I get a similar behaviour with a USB key (using "debian-8.10.0-amd64-netinst.iso"). I get a black screen after Grub, with no information nor message displayed. Best regards, -- Alexandre ANRIOT

Bug#885326: flask-peewee: please make the build reproducible

Chris Lamb wrote: > flask-peewee: please make the build reproducible Updated patch attached that calls dh_auto_clean in the overridden target (!). Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- --- a/debian/rules

Bug#859297: nodejs: Please migrate to openssl1.1 in buster

2017-10-12 23:44 GMT+02:00 Sebastian Andrzej Siewior < sebast...@breakpoint.cc>: > Hi, > > this is a remainder about the openssl transition [0]. We really want to > remove libssl1.0-dev from unstable for Buster. I will raise the severity > of this bug to serious in a month. Please react before

Bug#885326: flask-peewee: please make the build reproducible

Source: flask-peewee Version: 0.6.7-1 Severity: wishlist Tags: patch User: reproducible-bui...@lists.alioth.debian.org Usertags: buildpath X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org Hi, Whilst working on the Reproducible Builds effort [0], we noticed that flask-peewee could not be

Bug#885172: transition: libsodium

Control: tags -1 confirmed On 25/12/17 18:11, László Böszörményi (GCS) wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: transition > > Hi RMs, > > libsodium had to change the soname with 1.0.15 due to an API break by > the

Bug#863741: simple-scan: Gets confused when reordering pages while scanning

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 tags 863741 + moreinfo severity 863741 normal thanks Hello Martin, thank you for spending your time helping to make Debian better with this bug report. Please can you test the release 3.26.2-1 if the error is still present. Many thanks CU

Bug#881569: [Fwd: gdb: FTBFS on hurd-i386]

Hello Svante, On Sat, Dec 23, 2017 at 7:41 PM, Svante Signell wrote: > Hello, > > These patches was submitted to Debian November 13 2017. Nothing has > happened so far, so maybe upstream would be interested to consider the > patches for next release. I would like to

Bug#839880: proftpd-basic: proftpd server instance crashed with signal 11

Hi, Have made changes in /etc/security/limits.d/core_dump.conf then set path to save code dumps into /tmp vniiem@sim-ng-data /tmp % /sbin/sysctl -a -r kernel.core kernel.core_pattern = /tmp/core.%e.%p.%t kernel.core_pipe_limit = 0 kernel.core_uses_pid = 0 Then relogin and reinstall proftpd,

Bug#885324: libfreetype6-dev: freetype-config is missing all calls to pkg-config

Package: libfreetype6-dev Version: 2.8.1-0.1 Severity: important Dear Maintainer, freetype-config does not contain any calls to pkg-config, despite it supporting that logic (see the 'if' block). Looking in the source, autoconf substitues %PKG_CONFIG% at compile-time, but freetype-config only

Bug#826428: ITA: gcompris-qt -- Educational games for small children - Qt rewrite

On Mon, Dec 25, 2017 at 08:23:55PM -0600, Simon Quigley wrote: > Tonight or tomorrow I'll get this ready for a review (I don't have > upload access to Debian so I'll need someone to review/sponsor). Great! Just let me know when it’s ready, I’ll be happy to sponsor you. -- ⢀⣴⠾⠻⢶⣦⠀ Sébastien

Bug#885323: ITP: node-decode-uri-component -- better decodeURIComponent

Package: wnpp Severity: wishlist Owner: Pirate Praveen X-Debbugs-CC: debian-de...@lists.debian.org * Package name: node-decode-uri-component Version : 0.2.0 Upstream Author : Sam Verschueren (github.com/SamVerschueren) * URL

Bug#885322: RFS: ngspice/27-1

Package: sponsorship-requests Severity: normal [important for RC bugs, wishlist for new packages] Dear mentors, I am looking for a sponsor for my package "ngspice" * Package name: ngspice Version : 27-1 Upstream Author : [fill in name and email of upstream] * URL

Bug#882699: ngspice: Remove build dependency on elyxer to allow for the elyxer removal from Debian

Hi Sven > bi-directional sat link.) Though I'm not 100% sure if the {xhtml,png} > stuff is POSIX sh compatible. You are right, it fails when sbuilding. The package is finally uploaded without any elyxer dependency. Thanks a lot for your help. Regards Gudjon

<    1   2   3