Bug#924623: golang: Both golang and dep are very out of date

Package: golang Version: 2:1.11~1 Severity: important Golang and dep are both very out of date. This causes quite a bit of problems with dep in particular. If you share repos between debian and non-debian systems (e.g. macos), the Gopkg.lock file format switches back and forth between trailing

Bug#922938: RFS: python-css-parser/1.0.4-1~bpo9+1

On Thu, Mar 14, 2019 at 10:14:26PM -0400, Chris Lamb wrote: > Hi Nicholas, > > > Done. Updated backport available here: > > Thanks: > > $ dput python-css-parser_1.0.4-1\~bpo9+1_amd64.changes > Uploading python-css-parser using scp to ssh-upload (host: > ssh.upload.debian.org;

Bug#924606: skimage: autopkgtest needs update for new version of python-scipy: ValueError: No warning raised matching: matrix subclass

Source: skimage Followup-For: Bug #924606 The skimage tests are doing something passing strange, if they're giving an error when a Warning is no longer emitted. Anyway, thanks for uploading the patch that sorts it out, Ole. Drew

Bug#924614: CVE-2018-20536 CVE-2018-20537 CVE-2018-20539

With libLAS being deprecated and in maintenance mode upstream, it will take some time to get fixes from upstream unless someone contributes them. Once the fixes are available they'll be added to the Debian package. During the bullseye development cycle liblas is likely to be removed from Debian,

Bug#924398: corekeeper can be confused with whitespace in executable names

On Wed, 13 Mar 2019 16:41:02 +0100 Jakub Wilk wrote: > We could append or prepend a character to %d to make sure the argument > won't disappear after %-expansion, for example: I decided to just check if the arguments are integers, attached the patch. -- bye, pabs

Bug#924622: Can the disabling of AppArmor upon removal of its userland tools be made simpler and more complete?

Package: apparmor Severity: wishlist Removal of AppArmor from the userland leaves a moreso unexpected kernel side completely enabled and functioning. So, upon AppArmor's package removal is it possible to either: (1) Automate some of the following from

Bug#914515: dpkg: please provide an interface to bootstrap dpkg from zero

Hi! On Sat, 2018-11-24 at 10:24:09 +0100, Johannes 'josch' Schauer wrote: > Package: dpkg > Version: 1.19.2 > Severity: wishlist > lintian recently tagged mmdebstrap with uses-dpkg-database-directly > because mmdebstrap contains the string "/var/lib/dpkg" in several > places. Instead of

Bug#924401: base-files fails postinst when base-passwd is unpacked

Hi! On Fri, 2019-03-15 at 00:37:33 +0100, Santiago Vila wrote: > Maybe, but this is neither a new miscellaneous file nor a new > bootstrapping action. This is yet another bootstrapping tool > forgetting the lessons learned from the other bootstrapping tools. My impression though is that the

Bug#924116: lintian: false positive of package-uses-dh-runit-...

Dmitry Bogatov wrote: > > Can you be more specific? That would appear to catch runit itself, at > > the very least. How about if a package ships a file matching the > > following scheme? > > > >/etc/sv/foo/run > > Well, package can ship /etc/sv/foo/run without dh_runit. Of course, but those

Bug#883746: chromium: secretly stores referer and url for downloaded files

I've been asked where wget stores the URL. Same place as Chromium, in the extended attributes. Here is my blog entry recounting my small investigation: https://green-possum-today.blogspot.com/2018/09/chromechromium-is-storing-url-and.html

Bug#924621: openssl 1.1.1b-1 make fetchmail unusable

Package: openssl Version: 1.1.1b-1 Severity: important Dear Maintainer, I updated openssl 1.1.1a-1 to 1.1.1b-1 then fetchmail failed to get new email. So I downgraded openssl to 1.1.1a-1 then fetchmail worked fine again. I believe there is a bug in openssl 1.1.1b-1 . I heard that new Debian will

Bug#924611: vtk7: please add support for riscv64

On Fri, Mar 15, 2019 at 5:39 AM Aurelien Jarno wrote: > The attached patch is a backport from the upstream changes. It would be > nice if you can include it in the next upload. > ++#elif defined(__riscv) || defined(__riscv__) > ++# define KWIML_ABI_ENDIAN_ID KWIML_ABI_ENDIAN_ID_LITTLE Hmm,

Bug#922938: RFS: python-css-parser/1.0.4-1~bpo9+1

Hi Nicholas, > Done. Updated backport available here: Thanks: $ dput python-css-parser_1.0.4-1\~bpo9+1_amd64.changes Uploading python-css-parser using scp to ssh-upload (host: ssh.upload.debian.org; directory: /srv/upload.debian.org/UploadQueue/) running allowed-distribution:

Bug#432088: pbuilder: please use APTCACHE on --create

Hi, As Mattia pointed out, https://salsa.debian.org/pbuilder-team/pbuilder/merge_requests/6 is the patch for it. Please review, test and merge it :) -- Hideki Yamane

Bug#924452: lam4-dev: mpi alternative incompatible with current openmpi, mpich

Followup-For: Bug #924452 Control: tag -1 patch Hi, attached is my attempt to modernize the alternatives (and clean up some more bits). I've quickly tested upgrading in a chroot and it didn't explode immediately. Andreas diff -Nru lam-7.1.4/debian/changelog lam-7.1.4/debian/changelog ---

Bug#924397: corekeeper: insecure use of world-writable /var/crash

On Thu, 2019-03-14 at 12:12 +0100, Jakub Wilk wrote: > As a data point, apport creates /var/crash as world-writable in postinst: Does apport use a core dump handler? If so it shouldn't need a world writable directory since the core dump handler runs as root. corekeeper and apport conflict so

Bug#924620: misbehaving guest can corrupt firmware image

Package: qemu-efi-aarch64 Version: 0~20181115.85588389-2 Severity: important Buggy EFI apps[1] can corrupt the firmware flash volume by dereferencing NULL pointers because we map the NOR flash at 0x0. Upstream has merged patches to make these inadvertent accesses fault instead. [1] For examples,

Bug#924619: shim-signed,shim-helpers-amd64-signed: both ship /usr/lib/shim/fbx64.efi.signed

Package: shim-signed,shim-helpers-amd64-signed Severity: serious User: debian...@lists.debian.org Usertags: piuparts Control: found -1 1.28+nmu3+0.9+1474479173.6c180c6-1 Control: found -1 1+15+1533136590.3beb971+5 Hi, during a test with piuparts I noticed your package failed to install because

Bug#924552: jquery-caret.js: Please provide node-jquery.caret and install package.json

Control: retitle -1 jquery-caret.js: Please provide node-jquery.caret and install package.json On 14-Mar-2019, Pirate Praveen wrote: > I'd be happy to help implement this if you like. Sure, I'd love for you to fork the repository https://salsa.debian.org/debian/pkg-jquery-caret.js> and propose

Bug#924618: RFS: golang-github-kevinburke-ssh-config/0.5-1

Dear Go team, I am looking for a sponsor for the package "golang-github-kevinburke-ssh-config". This package is a prerequisite for upcoming package "lazygit" (#908894). I pushed to our team's Salsa: https://salsa.debian.org/go-team/packages/golang-github-kevinburke-ssh-config Could you

Bug#912549: icedtea-web FTBFS with OpenJDK 11

On 14.03.19 23:03, Emmanuel Bourg wrote: > > > On 13/03/2019 17:47, Matthias Klose wrote: > >> please look at the new upstream 1.7.2 and 1.8 releases. > > I got a quick look at these new versions released this week, IcedTea Web > 1.7.2 is rather close to the version in unstable since October

Bug#684134: Prezado usuário do Zimbra, Atualização do tamanho da caixa de correio.

Prezado usuário do Zimbra, Sua Caixa de Correio excedeu seu limite de armazenamento.Clique AQUI PARA DESBLOQUEAR, Preencha e clique em ENVIAR para mais espaço ou você não poderá enviar e-mails. De: Equipe de helpdesk Copyright © 2019 Inc

Bug#924401: base-files fails postinst when base-passwd is unpacked

On Thu, Mar 14, 2019 at 10:37:46AM +, Simon McVittie wrote: > On Thu, 14 Mar 2019 at 10:21:30 +0100, Santiago Vila wrote: > > The reason I'm often asked to add hacks to base-files.postinst is only > > that base-files is usually configured in the second place > > I think it's also fair to say

Bug#924618: ITP: golang-github-kevinburke-ssh-config -- Go parser for ssh_config files

Package: wnpp Severity: wishlist Owner: Dawid Dziurla * Package name: golang-github-kevinburke-ssh-config Version : 0.5-1 Upstream Author : Kevin Burke * URL : https://github.com/kevinburke/ssh_config * License : Expat Programming Lang: Go Description

Bug#923891: Workaround Instructions

As a temporary and messy workaround, you can download the upstream 4.0.1-1 release from http://www.redmine.org/releases/redmine-4.0.1.tar.gz. Then replace the contents of the following two directories with those from the tarball. /usr/share/redmine/app /usr/share/redmine/public I am all in

Bug#924617: update to new upstream (0.74)

Source: poppler Severity: normal I'm using calibre and I get a lot of problems when converting pdf files, or files that use pdf as intermediate format. the problem is fixed in this commit: commit 903983bbd921a5139e3cd6de227b571870c764d8 Author: Greg Knight Date: Sun Nov 25 15:47:18 2018

Bug#917228: autofs: Orphaning package?

Control: close -1 Hi, On Mon, 24 Dec 2018 14:22:52 +0100 =?utf-8?Q?Manu_Al=C3=A9n?= wrote: > Source: autofs > Hi, > > I have worked with autofs and although I’m going to take care of some packages more, I think that I could have a bit time to support it. > > Please do not hesitate to give

Bug#912947: autofs: new upstream version (5.1.5) available

Control: close -1 Control: fixed -1 5.1.5-1 Hi Salvatore, On Mon, 05 Nov 2018 09:25:22 +0100 Salvatore Bonaccorso wrote: > Source: autofs > Severity: wishlist > > Hi > > There was a new autofs version released (5.1.5) upstream, could it be > packaged for Debian? > > Regards, > Salvatore > >

Bug#908779: bro: CVE-2018-17019: Fix IRC names command parsing

On Tue, Jan 29, 2019 at 02:19:20AM +0100, Hilko Bengen wrote: > * Moritz Mühlenhoff: > > >> CVE-2018-17019[0]: > >> | In Bro through 2.5.5, there is a DoS in IRC protocol names command > >> | parsing in analyzer/protocol/irc/IRC.cc. > > > > ping, can we get this one (and CVE-2018-16807) uploaded

Bug#924616: CVE-2018-15587

Source: evolution Severity: grave Tags: security https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15587: https://bugzilla.gnome.org/show_bug.cgi?id=796424 https://gitlab.gnome.org/GNOME/evolution/commit/9c55a311325f5905d8b8403b96607e46cf343f21

Bug#915801: cairo: CVE-2018-19876

On Thu, Dec 06, 2018 at 09:59:39PM +0100, Salvatore Bonaccorso wrote: > Source: cairo > Version: 1.16.0-1 > Severity: important > Tags: security upstream > Forwarded: https://gitlab.freedesktop.org/cairo/cairo/merge_requests/5 > > Hi, > > The following vulnerability was published for cairo. > >

Bug#924502: systemd: system.conf is ignore multiplicative suffixes K, M, G, T, P, E.

Control: tags -1 + moreinfo Am 13.03.19 um 18:14 schrieb Igor Ohrimenko: > Package: systemd > Version: 232-25+deb9u9 > Severity: important > > Dear Maintainer, I read man system.conf and found multiplicative suffixes. I > tried to use it, like 1G, but DefaultLimit does not change. I have to use

Bug#924615: CVE-2018-12178 CVE-2018-12180 CVE-2018-12181

Source: edk2 Severity: grave Tags: security Please see https://security-tracker.debian.org/tracker/CVE-2018-12178 https://security-tracker.debian.org/tracker/CVE-2018-12180 https://security-tracker.debian.org/tracker/CVE-2018-12181 Cheers, Moritz

Bug#328303: iconv breaks on piped input, because it tries to read whole input into a buffer / iconv: Feature request: add stream capabilities

Subject: /usr/bin/iconv: Feature request: add stream capabilities Package: libc-bin Version: 2.28-2 Severity: normal File: /usr/bin/iconv hi, i also planned to add this as a feature request, please add some parameter to the iconv command, like with script -f or grep --line-buffered, to stream

Bug#807666: reopen 807666, it should be fixed properly

unarchive 807666 reopen 807666 notfixed 807666 mpich/3.2-1~exp1 found 807666 3.3-2 forwarded 807666 https://lists.mpich.org/pipermail/discuss/2019-March/011160.html kthxbye Hi, This bug wasn't closed properly. While a rebuild of the package with the new upload fixed the problem temporarily,

Bug#912549: icedtea-web FTBFS with OpenJDK 11

On 13/03/2019 17:47, Matthias Klose wrote: > please look at the new upstream 1.7.2 and 1.8 releases. I got a quick look at these new versions released this week, IcedTea Web 1.7.2 is rather close to the version in unstable since October and has a few extra Java 9+ fixes, it's probably worth

Bug#924541: Can't complete journalctl > file

Am 14.03.19 um 09:13 schrieb 積丹尼 Dan Jacobson: > Package: systemd > Version: 241-1 > Severity: minor > File: /usr/share/bash-completion/completions/journalctl > > It's not happy about me wanting to do > # journalctl > file Please file this issuee directly upstream at

Bug#920899: /usr/lib/pypy/ns/ vs. /usr/share/pypy/ns/

> > It's using /usr/lib/pypy/ns/ the same way as we do in Python 2. > > It's in /usr/lib/ not /usr/share/ > > I couldn't reasonably make pypy use /usr/ as it's prefix, without it > finding cPython libraries. So the whole of pypy is in /usr/lib/pypy/. pypy can be in /usr/lib/ and ns files in

Bug#924602: systemd - regression: syslog msg from units not routed according to StandardOutput=

Control: tags -1 + moreinfo Am 14.03.19 um 21:59 schrieb Bastian Blank: > Package: systemd > Version: 241-1 > Severity: normal > > syslog messages from units are not longer routed according to > the StandardOutput setting, but I don't see a new setting to change it. StandardOutput= is only

Bug#855811: release.debian.org: release.d.o WWW should explicitly recommend against uploading to sid during the freeze

Hello, On Thu 14 Mar 2019 at 07:48PM +01, Paul Gevers wrote: > I the attached patch what you are looking for? Yes, thank you, although I would wordsmith it as follows (take it or leave it as you like): ... it is recommended that, during the freeze, you do not upload to unstable any

Bug#924614: CVE-2018-20536 CVE-2018-20537 CVE-2018-20539

Source: liblas Severity: important Tags: security https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20539 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20537 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20536 Cheers, Moritz

Bug#924613: CVE-2009-5155

Source: gnulib Severity: grave Tags: security Please see https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5155 Patch: http://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=5513b40999149090987a0341c018d05d3eea1272 Cheers, Moritz

Bug#924602: Acknowledgement (systemd - regression: syslog msg from units not routed according to StandardOutput=)

complete journal entries of a different try: __CURSOR=s=8545edb250274321b56a06f3763e1935;i=2cb;b=72db9eebfc5d4d599d064d1dec0942a2;m=84edb947;t=58414a225dfde;x=358be __REALTIME_TIMESTAMP=1552599038156766 __MONOTONIC_TIMESTAMP=2230171975 _BOOT_ID=72db9eebfc5d4d599d064d1dec0942a2 PRIORITY=6

Bug#924612: CVE-2019-9169

Source: glibc Severity: important Tags: security Please see https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140 https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142 https://sourceware.org/bugzilla/show_bug.cgi?id=24114

Bug#924611: vtk7: please add support for riscv64

Package: src:vtk7 Version: 7.1.1+dfsg1-12 Severity: normal Tags: upstream patch User: debian-ri...@lists.debian.org Usertags: riscv64 Hi, vtk7 currently fails to build on the riscv64 architecture as it can be seen on the following build log excerpt: | In file included from

Bug#507706: Missing sources for d-i components/kernel of etch-n-half images

reopen 507706 thanks doesn't matter if debian supports etch or not; the images with missing sources are still distributed from cdimage.debian.org: http://cdimage.debian.org/cdimage/archive/4.0_r4/i386/iso-cd/debian-40r4etchnhalf-i386-netinst.iso Regards, Daniel

Bug#924042: tomb: Multiple package relations for optionally used tools are missing (steghide, dcfldd, gettext-base, qrencode, unoconv, lsof, swish-e)

Control: severity -1 important On Fri, 08 Mar 2019, Axel Beckert wrote: > tomb's exhume subcommand calls steghide: > > ~ → tomb exhume /tmp/example.jpg > tomb [E] Steghide not installed: cannot exhume keys from images. The failure mode is rather clean, I don't think the missing

Bug#924609: libsdl1.2: Multiple security issues

Source: libsdl1.2 Severity: grave Tags: security Hi, a number of security issues were found in SDL, please see the following links for references. https://security-tracker.debian.org/tracker/CVE-2019-7638 https://security-tracker.debian.org/tracker/CVE-2019-7637

Bug#924610: libsdl2: Multiple security issues

Source: libsdl2 Severity: grave Tags: security Hi, a number of security issues were found in SDL, please see the following links for references. https://security-tracker.debian.org/tracker/CVE-2019-7638 https://security-tracker.debian.org/tracker/CVE-2019-7637

Bug#497471: sarge images have syslinux binaries without source

reopen 497471 thanks it doesn't matter if debian supports sarge or not; the images with missing sources are still distributed from cdimage.debian.org: http://cdimage.debian.org/cdimage/archive/3.1_r0/i386/iso-cd/debian-31r0-i386-netinst.iso Regards, Daniel

Bug#924608: oggvideotools FTBFS in buster. Can't find file for test.

Package: oggvideotools Version: 0.9.1-4.1 Severity: serious Tags: patch oggvideotools FTBFS in buster. I first noticed this in raspbian, but it's also visible on the reproducible builds tests. http://buildd.raspbian.org/status/fetch.php?pkg=oggvideotools=armhf=0.9.1-4.1=1552572977

Bug#924607: RM: libnvidia-cfg1 nvidia-cuda-mps nvidia-detect nvidia-driver nvidia-driver-bin nvidia-kernel-dkms nvidia-kernel-source nvidia-kernel-support nvidia-smi xserver-xorg-video-nvidia [i386 ar

Package: ftp.debian.org Severity: normal Let's clean up some cruft, armhf and i386 are only supported by the 390xx legacy driver. Andreas

Bug#924450: [pkg-apparmor] Bug#924450: Bug#924450: Bug#924450: apparmor: Write Buster release notes snippet about AppArmor

Hello, Am Donnerstag, 14. März 2019, 16:11:46 CET schrieb Jonas Meurer: > Done in > https://salsa.debian.org/ddp-team/release-notes/merge_requests/8 Thanks! > So this bugreport can be closed now, right? Yes :-) - but I'll let intrigeri or you do the "paperwork" ;-) Regards, Christian Boltz

Bug#756954: subscription by uploaders

Hello Afif, sorry for the delay. On Sun, 03 Feb 2019, Afif Elghraoui wrote: > The way I was hoping this could work is that Uploaders are automatically > subscribed. I don't know of any reason why an Uploader should not be > following their packages. I think it would also motivate people who >

Bug#924589: Decrease severity

Control: severity -1 important Package seems usable with its 2 reverse dependencies: node-superagent which is a dependency of node-multiparty. Only node-multiparty package provides real test. I tested both build and autopkgtest with the 2 versions of node-formidable (old and upgraded) with

Bug#924605: Depend on icedtea-netx instead of icedtea-netx-common.

Package: src:sweethome3d-textures-editor Version: 1.6-1 Severity: serious Tags: sid buster patch Depend on icedtea-netx instead of icedtea-netx-common (nbs). Patch at http://launchpadlibrarian.net/415168607/sweethome3d-textures-editor_1.6-1_1.6-1ubuntu1.diff.gz

Bug#924606: skimage: autopkgtest needs update for new version of python-scipy: ValueError: No warning raised matching: matrix subclass

Source: skimage Version: 0.14.2-1 Severity: important User: debian...@lists.debian.org Usertags: needs-update Control: affects -1 src:python-scipy [X-Debbugs-CC: debian...@lists.debian.org, python-sc...@packages.debian.org, debian-rele...@lists.debian.org] Dear maintainers, With a recent upload

Bug#924603: unblock: python-tesserocr/2.4.0-4

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Please unblock package python-tesserocr It fixes a FTBFS error triggered by a runtime assertion that checks for LC_ALL to be set to "C"

Bug#924604: Depend on icedtea-netx instead of icedtea-netx-common

Package: src:sweethome3d-furniture-editor Version: 1.24-1 Severity: serious Tags: sid buster patch Depend on icedtea-netx instead of icedtea-netx-common (nbs). Patch at http://launchpadlibrarian.net/415168474/sweethome3d-furniture-editor_1.24-1_1.24-1ubuntu1.diff.gz

Bug#924601: unblock: remmina/1.3.3+dfsg-2

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package remmina Version 1.3.3+dfsg-2 (now in unstable/sid) aims to fix a particular issue introduced in former 1.3.3+dfsg-1 revision about SSH plugin failing to work

Bug#924602: systemd - regression: syslog msg from units not routed according to StandardOutput=

Package: systemd Version: 241-1 Severity: normal syslog messages from units are not longer routed according to the StandardOutput setting, but I don't see a new setting to change it. My test case is: /etc/systemd/service/test.service: | [Service] | ExecStart=/usr/local/bin/service-test |

Bug#924600: unblock: google-compute-image-packages/20190124-3

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package google-compute-image-packages Sorry for requesting unblock for this package again but a bug was reported [1] with severity grave against the version 20190124-2

Bug#924599: qtbase-opensource-src: Several copyright issues

Source: qtbase-opensource-src Version: 5.11.3+dfsg-5 Severity: serious While working on copyright update for Qt 5.12, I noticed the following copyright issues that are applicable to Qt 5.11 too. 1) src/3rdparty/gradle/gradle/wrapper/gradle-wrapper.jar — built file without source code; 2)

Bug#924546: wordpress: Comments may create a XSS

Control: retitle -1 wordpress: CVE-2019-9787: Comments may create a XSS On Thu, Mar 14, 2019 at 09:20:05PM +1100, Craig Small wrote: > Source: wordpress > Version: 5.0.3+dfsg1-1 > Severity: important > Tags: security > > This release also includes a pair of security fixes that handle how >

Bug#924598: checkstyle: CVE-2019-9658: loads external DTDs by default

Source: checkstyle Version: 8.15-1 Severity: important Tags: security upstream Hi, The following vulnerability was published for checkstyle. CVE-2019-9658[0]: | Checkstyle before 8.18 loads external DTDs by default. If you fix the vulnerability please also make sure to include the CVE (Common

Bug#924597: unblock: mailman-suite/0+20180916-7

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hello, Please unblock package mailman-suite 0+20180916-7 This update fixes two bugs, one of them being RC. Up to now, the mailman3-web binary package tried to configure the mailman3

Bug#924596: network-manager-openvpn: GUI cannot import openvpn from config-file

Package: network-manager-openvpn Version: 1.2.8-2 Severity: normal Dear Maintainer, I use NM with the kde applet. I tried to import an openvpn config file from the gui, but the connection does not work. the config file seems to be valid: - I can run it directly from the command line -> vpn

Bug#924595: backup2l: Sometimes fails to detect running instance.

Package: backup2l Version: 1.6-3 Severity: normal Tags: upstream patch Dear Maintainer, backup2l can sometimes fail to detect a running instance, such that two instances are running at the same time. This occurs when backup2l is run manually, and then disowned such that backup2l no longer

Bug#924401: base-files fails postinst when base-passwd is unpacked

On Thu, Mar 14, 2019 at 07:50:27AM +0100, Johannes Schauer wrote: > > I would certainly consider a lot cleaner to add a new field to base-files in > > the form "Bootstrap-Depends: base-passwd" than converting all chowns in > > postinst to use integer numbers. > > I agree that we should not expect

Bug#922306: linux: btrfs corruption (compressed data + hole data)

Hi Christoph, On Thu, Mar 14, 2019 at 08:06:52PM +0100, Christoph Anton Mitterer wrote: > Hey Ben, Salvatore. > > Thanks for cherry-picking the bug for unstable. > > AFAIU stretch and jessie[-backports] should be affected as well. > Shouldn't it go there, too? Yes it needs to be adressed there

Bug#922306: linux: btrfs corruption (compressed data + hole data)

Hey Ben, Salvatore. Thanks for cherry-picking the bug for unstable. AFAIU stretch and jessie[-backports] should be affected as well. Shouldn't it go there, too? At least at the upstream mailing list it was said[0] the the bug was introduced around October 2008, which should be roughly kernel

Bug#924581: lintian: license-problem-gfdl-invariants false positive in src:linux's fdl-appendix.rst

Hi Ben, > I don't think it is practicable for lintian to recognise arbitrary > markup within the sentence As it happens, Lintian already strips LaTeX markup before doing this check (or at least something is ringing a bell in my memory right now...) so doing it for .rst too is probably both easy

Bug#924594: Build-depend on icedtea-netx instead of icedtea-netx-common

Package: src;sweethome3d Version: 6.1.2+dfsg-1 Severity: serious Tags: sid buster Build-depend on icedtea-netx instead of icedtea-netx-common (nbs). Patch at http://launchpadlibrarian.net/415155485/sweethome3d_6.1.2+dfsg-1_6.1.2+dfsg-1ubuntu1.diff.gz

Bug#924593: Build-depend on icedtea-netx instead of icedtea-netx-common

Package: src:geogebra Version: 4.0.34.0+dfsg1-6 Severity: serious Tags: sid buster Build-depend on icedtea-netx instead of icedtea-netx-common (nbs). Patch at http://launchpadlibrarian.net/415155213/geogebra_4.0.34.0+dfsg1-6_4.0.34.0+dfsg1-6ubuntu1.diff.gz However, the build fails then with:

Bug#855811: release.debian.org: release.d.o WWW should explicitly recommend against uploading to sid during the freeze

Hi Sean, On 08-03-2019 02:12, Sean Whitton wrote: > No, I don't think so. You have to think moderately hard to infer, "oh, > stop uploading to sid" from that text. I would suggest appending > "I.e. only upload to sid changes for which you plan to request an unblock." I the attached patch what

Bug#922049: libpam-poldi: ed25519 support patch

Dear Maintainer, I've wrote and tested the attached patches. They seem seem to resolve this issue. They also add infrastructure to make it easier to add support for different signing algorithms. diff --git a/src/util/simplelog.c b/src/util/simplelog.c index 07191d9..5bed40d 100644 ---

Bug#912549: icedtea-web FTBFS with OpenJDK 11

On Wed, Mar 13, 2019 at 10:25:06PM +0100, Emmanuel Bourg wrote: > On 13/03/2019 21:30, Markus Koschany wrote: > > >> please look at the new upstream 1.7.2 and 1.8 releases. May be that's sensible for Buster+1 > > In https://bugs.debian.org/855686 Emmanuel wrote that icedtea-web will > > be

Bug#924560: cryptsetup luksOpen requires 1GB of RAM in the default configuration

Hi Milan, On Thu, 14 Mar 2019 at 19:22:42 +0100, Milan Broz wrote: >>> I think diverging from upstream (and other distros) with respect to >>> default algorithms requires careful consideration. And in that case, >>> compared to PBKDF2 Argon2 has interesting properties (such as resistance >>> to

Bug#709366: autofs: automount doesn't work with numerical IPv6 address

Control: tags -1 moreinfo Hi Philippe, On Wed, 22 May 2013 21:22:06 +0200 Philippe Latu wrote: > Package: autofs > Version: 5.0.7-3 > Severity: wishlist > > Dear Maintainer, > *** Please consider answering these questions, where appropriate *** > > * What led up to the situation? > While

Bug#924560: cryptsetup luksOpen requires 1GB of RAM in the default configuration

Control: tag -1 + wontfix Control: tag -1 - moreinfo Control: severity -1 normal On Thu, 14 Mar 2019 at 17:31:05 +, Dimitri John Ledkov wrote: > On Thu, 14 Mar 2019 at 16:55, Guilhem Moulin wrote: >> AFAICT it does. What I guess doesn't is if the machine's resources are >> significantly

Bug#924592: ITP: hcxdumptool -- Small tool to capture packets from wlan devices

Package: wnpp Severity: wishlist Owner: "Paulo Roberto Alves de Oliveira (aka kretcheu)" * Package name: hcxdumptool Version : 5.1.4 Upstream Author : ZeroBeat * URL : https://github.com/ZerBea/hcxdumptool * License : MIT Programming Lang: C Description

Bug#924560: [pkg-cryptsetup-devel] Bug#924560: cryptsetup luksOpen requires 1GB of RAM in the default configuration

>> I think diverging from upstream (and other distros) with respect to >> default algorithms requires careful consideration. And in that case, >> compared to PBKDF2 Argon2 has interesting properties (such as resistance >> to GPU cracking) which would be a shame not to benefit from out of the >>

Bug#708256: Does this autofs bug also happen with a i386 kernel

Control: tags -1 wontfix Control: close -1 Hi, On Mon, 19 Aug 2013 10:16:54 -0400 "John E. Davis" wrote: > On Mon, 19 Aug 2013 10:55:38 +0200, Reinhard Tartler said: > >from your logs, I notice that you are running an i386 userland with > >amd64 kernel. Can you confirm the segfaults also

Bug#910367: autofs: No way to mount smb share with a dollar sign at the end

Hi, On Fri, 05 Oct 2018 14:18:08 +0200 Vincent Danjean wrote: > Package: autofs > Version: 5.1.2-1 > Severity: important > > Hi, > > Since stretch update, there is no way to automount a smb share with a '$' at > the end of its name anymore. But these names are automaticcaly generated by >

Bug#924591: fastboot format:ext4 misses /usr/lib/android-sdk/platform-tools/mke2fs

Package: fastboot Version: 1:8.1.0+r23-4 Severity: serious Hello, after dist-upgrade to Buster, 'fastboot format:ext4' is broken. It tries to execute '/usr/lib/android-sdk/platform-tools/mke2fs' which doesn't exist and is not available in the Debian archive: $ fastboot format:ext4:0xcd3771e00

Bug#861992: autofs: Fail while installing (arm64)

Control: tags -1 moreinfo Hi, On Sun, 07 May 2017 10:22:06 +0500 Anton Karmanov wrote: > Package: autofs > Version: 5.0.8-2+deb8u1 > Severity: important > > Dear Maintainer, > I'am trying to get autofs package whith apt on an arm64 machine. > During installation I get the messages: > >

Bug#924590: freeipa-client: /usr/local/share/ca-certificates/ipa-ca.crt contains multiple certificates and extra non-certificate data

Package: freeipa-client Version: 4.7.2-2 Severity: wishlist My FreeIPA's CA certificate is signed by an external root CA certificate. Consequenty, ipa-client-install puts both the external root CA certificate and the intermediate CA certificate into /usr/local/share/ca-certificates/ipa-ca.crt.

Bug#740647: lwipv6: use dh-autoreconf instead of autotools-dev to fix FTBFS on ppc64el

With Version 1.5a-4, build is now successful on buster - Does that mean that bug can be closed ? Thanks On Mon, 03 Mar 2014 14:38:46 -0500 Logan Rosen wrote: > Package: lwipv6 > Version: 1.5a-2 > Severity: normal > Tags: patch > User: ubuntu-de...@lists.ubuntu.com > Usertags: origin-ubuntu

Bug#897897: Kernel security fix (for CVE-2018-1108) -> AutoFS won't start

Control: close -1 Hi Cedric, On Sun, 13 May 2018 10:07:58 +0200 =?UTF-8?Q?C=c3=a9dric_Dufour_-_Idiap_Research_Institute?= wrote: > It seems this problem is adressed more globally as per bug #897599: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=897599 > > Which led to fix for

Bug#924589: node-formidable: Unusable with Node.js >= 7

Package: node-formidable Version: 1.0.13-1 Severity: grave Tags: upstream Justification: renders package unusable node-formidable is unusable with Node.js >=7: Error [ERR_NO_LONGER_SUPPORTED]: Buffer.write(string, encoding, offset[, length]) is no longer supported at Buffer.write

Bug#924588: ITP: Standford Javascript Crypto Library - sjcl

Package: wnpp Severity: wishlist Owner: Joseph Nuthalapati * Package name: node-sjcl Version : 1.0.8 Upstream Authors : Emily Stark, Mike Hamburg and Dan Boneh * URL : https://github.com/bitwiseshiftleft/sjcl * License : BSD-2-Clause OR GPL-2.0-only

Bug#832628: autofs: Autofs does not unmount mounted filesystems after HUP

Control: fixed -1 5.1.0-1 Control: tags -1 jessie HI, On Wed, 27 Jul 2016 16:05:17 -0400 Colten Levi wrote: > Package: autofs > Version: 5.0.8-2+deb8u1 > Severity: important > Tags: patch > > * What exactly did you do (or not do) that was effective (or > ineffective)? > I was able to patch

Bug#924587: please add nfs-idmapd.service to nfs-client.target

Package: nfs-common Severity: important Version: 1:1.3.4-2.4 X-Debbugs-Cc: debian-...@lists.debian.org User: debian-...@lists.debian.org Usertags: debian-edu Dear maintainers, we are trying to fix a race condition between autofs(-ldap), the NFSv4 client service stack and the

Bug#924581: lintian: license-problem-gfdl-invariants false positive in src:linux's fdl-appendix.rst

On Thu, 2019-03-14 at 11:49 -0400, Chris Lamb wrote: > Package: lintian > Version: 2.9.1~bpo9+1 > Severity: normal > X-Debbugs-CC: ans...@debian.org, b...@decadent.org.uk, > ftpmas...@ftp-master.debian.org> > > Ansgar wrote: > > > Ben Hutchings writes: > > > On Wed, 2019-03-13 at 12:07 +,

Bug#842199: autofs should pull in network-online.target and nfs-client.target and related issues

Hi Daniel, I am currently adopting the orphaned autofs package. The issue you reported here as something that we have been observing in Debian Edu deployments for years. Thanks for proposing a fix. On Wed, 26 Oct 2016 13:28:01 -0700 Daniel Lakeland wrote: > > Package: autofs > Version:

Bug#924560: [pkg-cryptsetup-devel] Bug#924560: cryptsetup luksOpen requires 1GB of RAM in the default configuration

On Thu, 14 Mar 2019 at 16:55, Guilhem Moulin wrote: > > > For example many IoT and Pi devices have 1GB of ram in total, and thus > > would OOM kill when trying to luksOpen. > > Is that something you experienced? I just deployed a fresh a Debian sid > VM with 2vCPUs, 1GiB RAM a default encryption

Bug#924586: uwsgi: drop unecessary libqdbm-dev build-depends

Package: uwsgi Version: 2.0.18-1 Severity: low Dear Maintainer, uwsgi got a libqdbm-dev build dependency on 1.9.11-1: uwsgi (1.9.11-1) unstable; urgency=low (...) * New binary package uwsgi-plugin-php. (Closes: #699174) - New Build-Depends libphp5-embed, php5-dev, libonig-dev, libdb-dev,

Bug#924560: [pkg-cryptsetup-devel] Bug#924560: cryptsetup luksOpen requires 1GB of RAM in the default configuration

Control: tag -1 moreinfo Hi Dimitri, On Thu, 14 Mar 2019 at 12:36:13 +, Dimitri John Ledkov wrote: > Currently the new cryptsetup defaults to LUKS2 format with the > following parameters: > > Default PBKDF for LUKS2: argon2i > Iteration time: 2000, Memory required: 1048576kB, Parallel

Bug#916797: linux-image-4.19.0-1-amd64-unsigned: 4.19 + amdgpu + 144 hz = screen corruption / flickering

I'm going to close the bug. It only affects kernel 4.19. The newer Kernels like 4.20 or 5.0 are not affected and it seems that the fix won't be backported to 4.19.

Bug#924580: upgrade from old version w/o ssl_dh in conf file breaks ssl

Control: tags -1 + confirmed Hi Joey, Thanks for the report! On 11:45 Thu 14 Mar , Joey Hess wrote: > My dovecot installation dates from 2014 (2.2.13) and on upgrade to > this > version, it started failing on ssl connections: > > Mar 13 19:01:40 kite dovecot[9278]: imap-login: Error:

  1   2   3   >