Bug#684691: pulseaudio creates .config/pulse in a root directory

> If you want your comments on a bug to be sent to the maintainer and > recorded in the bug's web-visible record, please send your message to the > bug address (in this case 684691@) and not just the special control@ > address. In particular, when reopening a bug please send the justification >

Bug#863267: [Python-modules-team] Bug#863267: Miscalculates MigrationHistory dependencies between multiple django apps - regression from 1.8

On Wednesday 31 May 2017 03:00 AM, Brian May wrote: > Raphael Hertzog writes: > >> Is that actually true? linaro_django_xmlrpc seems to be listed in >> INSTALLED_APPS, no? >> >> Do you have any idea why it would give this error? > > I note that linaro_django_xmlrpc is

Bug#862806: marked as done (/bin/su: Regression from CVE-2017-2616 fix: killing su does not kill subprocess)

Your message dated Wed, 31 May 2017 01:02:13 + with message-id and subject line Bug#862806: fixed in shadow 1:4.2-3+deb8u4 has caused the Debian Bug report #862806, regarding /bin/su: Regression from CVE-2017-2616 fix: killing su does not kill subprocess

Bug#863212: marked as done (puppet: CVE-2017-2295: unsafe YAML deserialization)

Your message dated Wed, 31 May 2017 01:02:10 + with message-id and subject line Bug#863212: fixed in puppet 3.7.2-4+deb8u1 has caused the Debian Bug report #863212, regarding puppet: CVE-2017-2295: unsafe YAML deserialization to be marked as done. This

Bug#860567: marked as done (fop: CVE-2017-5661: information disclosure vulnerability)

Your message dated Wed, 31 May 2017 01:02:08 + with message-id and subject line Bug#860567: fixed in fop 1:1.1.dfsg2-1+deb8u1 has caused the Debian Bug report #860567, regarding fop: CVE-2017-5661: information disclosure vulnerability to be marked as done.

Bug#684691: pulseaudio creates .config/pulse in a root directory

On Thu, 04 May 2017 at 22:16:32 +0200, Daniel Reichelt wrote: > unarchive 779556 > reopen 779556 > found 779556 1.0.28-1 Hi, If you want your comments on a bug to be sent to the maintainer and recorded in the bug's web-visible record, please send your message to the bug address (in this case

Bug#846548: marked as pending

* Julien Cristau (jcris...@debian.org) wrote: [snip] > > OK, I like this plan. We should get the naming right going forward > > though for the libengine-pkcs11-openssl1.1 package. Is that how other > > packages are handling naming when they depend on a particular version > > of openssl? > > > I'm

Bug#859418: [Pkg-dns-devel] Bug#859418: non-functional after installation (service fails to start)

On 05/30/2017 09:39 AM, Ondřej Surý wrote: > Hi Julien, > > do you perhaps have a full apt log? I am interested in > opendnssec-common package installation log. Hello Ondrej, Is this what you're looking for ? Regards, Julien Log started: 2017-05-29 16:17:07 (Reading database ... 57736 files

Bug#846219: Why wasn't the same change made to fusionforge-plugin-extsubproj?

While they are still broken, shouldn't the same changes be made to $subject binary package: diff -Nru fusionforge-6.0.4+20160504/debian/control fusionforge-6.0.4+20160504/debian/control --- fusionforge-6.0.4+20160504/debian/control 2017-01-01 07:59:40.0 -0800 +++

Processed: fixed 863705 in xapian-core/1.4.1-1

Processing commands for cont...@bugs.debian.org: > # only affects version in backports > fixed 863705 xapian-core/1.4.1-1 Bug #863705 [libxapian30] aptitude: symbol lookup error: aptitude: undefined symbol: Marked as fixed in versions xapian-core/1.4.1-1. > thanks Stopping processing here.

Bug#863705: [Aptitude-devel] Bug#863705: aptitude: symbol lookup error: aptitude: undefined symbol:

So if I understand the issue correctly, it's that libxapian30 in unstable is built with the new C++ ABI while libxapian30 in backports was built with the old C++ ABI, so really should have been libxapian30v4 or something (not sure if there's a reverse convention to the v5 suffix)? Sorry for not

Bug#863671: (no subject)

Hi Matt, hi all, does somebody have a test case for the vulnerability? After trying fruitlessly to adapt the code from version 2.2 to our 1.7, I managed to bring the old code change to our even older version. But I have no idea, whether it is any good, other that it compiles. But without test

Bug#863731: fixed in sudo 1.8.20p1-1

On Tue, May 30, 2017 at 09:18:39PM +, Bdale Garbee wrote: > Source: sudo > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > Format: 1.8 > Date: Tue, 30 May 2017 14:41:58 -0600 > Source: sudo > Binary: sudo sudo-ldap > Architecture: source amd64 > Version: 1.8.20p1-1 > Distribution:

Bug#863267: [Python-modules-team] Bug#863267: Miscalculates MigrationHistory dependencies between multiple django apps - regression from 1.8

Raphael Hertzog writes: > Is that actually true? linaro_django_xmlrpc seems to be listed in > INSTALLED_APPS, no? > > Do you have any idea why it would give this error? I note that linaro_django_xmlrpc is towards the end of INSTALLED_APPS. Maybe it did not get loaded? Maybe

Bug#863731: marked as done (sudo: CVE-2017-1000367: Potential overwrite of arbitrary files)

Your message dated Tue, 30 May 2017 21:18:39 + with message-id and subject line Bug#863731: fixed in sudo 1.8.20p1-1 has caused the Debian Bug report #863731, regarding sudo: CVE-2017-1000367: Potential overwrite of arbitrary files to be marked as done.

Processed: Re: Bug#863705: aptitude: symbol lookup error: aptitude: undefined symbol:

Processing control commands: > clone -1 -2 Bug #863705 [libxapian30] aptitude: symbol lookup error: aptitude: undefined symbol: Bug 863705 cloned as bug 863745 > reassign -2 libstdc++6 6.3.0-18 Bug #863745 [libxapian30] aptitude: symbol lookup error: aptitude: undefined symbol: Bug reassigned

Bug#863705: aptitude: symbol lookup error: aptitude: undefined symbol:

Control: clone -1 -2 Control: reassign -2 libstdc++6 6.3.0-18 Control: retitle -2 libstdc++6: Add versioned Breaks against libxapian30/1.4.1-1~bpo8+1 Control: severity -2 serious Hi, Sven Joachim wrote: > >> > aptitude: symbol lookup error: aptitude: undefined symbol: > >>

Bug#863705: aptitude: symbol lookup error: aptitude: undefined symbol:

On 2017-05-30 22:51 +0200, Axel Beckert wrote: > Sven Joachim wrote: >> Control: reassign -1 libxapian30 1.4.1-1~bpo8+1 > > I wouldn't be so quick with reassigning. > >> > aptitude: symbol lookup error: aptitude: undefined symbol: >>

Bug#863720: aiccu: SixXS will shutdown on 2017-06-06

Control: severity -1 important Control: tag -1 confirmed Hi Ansgar, Ansgar Burchardt wrote: > Severity: serious I disagree with severity. > SixXS will shutdown on 2017-06-06[1]. Yes, well-known and already discussed (on IRC IIRC) by us package maintainers. > Unless there are other tunnel

Processed: Re: Bug#863720: aiccu: SixXS will shutdown on 2017-06-06

Processing control commands: > severity -1 important Bug #863720 [src:aiccu] aiccu: SixXS will shutdown on 2017-06-06 Severity set to 'important' from 'serious' > tag -1 confirmed Bug #863720 [src:aiccu] aiccu: SixXS will shutdown on 2017-06-06 Added tag(s) confirmed. -- 863720:

Bug#863686: marked as done (freemat: fails to start with llvm error)

Your message dated Tue, 30 May 2017 21:03:43 + with message-id and subject line Bug#863686: fixed in freemat 4.2+dfsg1-4 has caused the Debian Bug report #863686, regarding freemat: fails to start with llvm error to be marked as done. This means that you

Bug#863705: [Aptitude-devel] Bug#863705: aptitude: symbol lookup error: aptitude: undefined symbol:

Hi Sven, Sven Joachim wrote: > Control: reassign -1 libxapian30 1.4.1-1~bpo8+1 I wouldn't be so quick with reassigning. > > aptitude: symbol lookup error: aptitude: undefined symbol: > > _ZNK6Xapian8Database14postlist_beginERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE > > This

Bug#863742: libllvm-5.0-ocaml-dev and libllvm-4.0-ocaml-dev: error when trying to install together

Package: libllvm-4.0-ocaml-dev,libllvm-5.0-ocaml-dev Version: libllvm-4.0-ocaml-dev/1:4.0.1~+rc1-1 Version: libllvm-5.0-ocaml-dev/1:5.0~svn301421-1 Severity: serious User: trei...@debian.org Usertags: edos-file-overwrite Date: 2017-05-30 Architecture: amd64 Distribution: sid Hi, automatic

Bug#863739: python-clang-5.0 and python-clang-4.0: error when trying to install together

Package: python-clang-4.0,python-clang-5.0 Version: python-clang-4.0/1:4.0.1~+rc1-1 Version: python-clang-5.0/1:5.0~svn301421-1 Severity: serious User: trei...@debian.org Usertags: edos-file-overwrite Date: 2017-05-30 Architecture: amd64 Distribution: sid Hi, automatic installation tests of

Bug#863545: CVE-2016-8728

Hi On Wed, May 31, 2017 at 12:52:42AM +0800, Kan-Ru Chen wrote: > Package: src:mupdf > Followup-For: Bug #863545 > > I believe CVE-2016-8728 does not affect all versions of mupdf in > Debian as the vulnerable code was introduced in version 1.10 Looks right, since there is no forceapha, and thus

Processed: your mail

Processing commands for cont...@bugs.debian.org: > severity 863686 grave Bug #863686 [freemat] freemat: fails to start with llvm error Severity set to 'grave' from 'serious' > thanks Stopping processing here. Please contact me if you need assistance. -- 863686:

Bug#863686: freemat: fails to start with llvm error

Hi Stuart, thank you for this bugreport and catching this serious problem! It is really necessary to add some simple tests into this package to catch such kind of failures. I should really orphan it, as I do not use it at all now... Anton

Bug#861536: runit-init: Cannot reboot or shutdown after installing (or removing) the package.

On Sun 2017-05-28 15:14:24 -0400, Daniel Kahn Gillmor wrote: > On Sun 2017-05-28 19:54:33 +0200, Ivo De Decker wrote: >> If this bug can be fixed by removing runit-init, the removal of the other >> packages isn't necessary, but please note that this would need to happen very >> soon. > > fwiw, i'm

Bug#863545: CVE-2016-8728

Package: src:mupdf Followup-For: Bug #863545 I believe CVE-2016-8728 does not affect all versions of mupdf in Debian as the vulnerable code was introduced in version 1.10 Kanru -- System Information: Debian Release: 9.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64

Processed: found 863673 in 2.2.5+dfsg-0.1

Processing commands for cont...@bugs.debian.org: > found 863673 2.2.5+dfsg-0.1 Bug #863673 {Done: Michael Stapelberg } [freeradius] CVE-2017-9148: FreeRADIUS TLS resumption authentication bypass Marked as found in versions freeradius/2.2.5+dfsg-0.1. > thanks Stopping

Bug#863267: [Python-modules-team] Bug#863267: Miscalculates MigrationHistory dependencies between multiple django apps - regression from 1.8

On Tuesday 30 May 2017 08:39 PM, Raphael Hertzog wrote: > On Tue, 30 May 2017, Senthil Kumaran S wrote: >> I tested the new version ie., test2 and got a traceback as shown here - >> File "/usr/lib/python2.7/dist-packages/django/db/migrations/state.py", >> line 249, in __init__ >> raise

Processed: found 863673 in 2.1.12+dfsg-1

Processing commands for cont...@bugs.debian.org: > found 863673 2.1.12+dfsg-1 Bug #863673 {Done: Michael Stapelberg } [freeradius] CVE-2017-9148: FreeRADIUS TLS resumption authentication bypass Marked as found in versions freeradius/2.1.12+dfsg-1. > thanks Stopping

Bug#861536: marked as done (runit-init: Cannot reboot or shutdown after installing (or removing) the package.)

Your message dated Tue, 30 May 2017 16:03:54 + with message-id and subject line Bug#861536: fixed in runit 2.1.2-9.1 has caused the Debian Bug report #861536, regarding runit-init: Cannot reboot or shutdown after installing (or removing) the package. to

Bug#863673: marked as done (CVE-2017-9148: FreeRADIUS TLS resumption authentication bypass)

Your message dated Tue, 30 May 2017 16:03:47 + with message-id and subject line Bug#863673: fixed in freeradius 3.0.12+dfsg-5 has caused the Debian Bug report #863673, regarding CVE-2017-9148: FreeRADIUS TLS resumption authentication bypass to be marked as

Bug#863673: [Pkg-freeradius-maintainers] Bug#863673: CVE-2017-9148: FreeRADIUS TLS resumption authentication bypass

Upstream confirmed that my patch fixes the issue, so I uploaded it to unstable. See also https://anonscm.debian.org/cgit/pkg-freeradius/freeradius.git/commit/?id=8d681449aa95ee4388b5e3c266bdb070a264f563 security-team, can you take care of applying the patch to stable and oldstable please? Thank

Processed: fixed 863731 in 1.8.10p3-1+deb8u4

Processing commands for cont...@bugs.debian.org: > fixed 863731 1.8.10p3-1+deb8u4 Bug #863731 [src:sudo] sudo: CVE-2017-1000367: Potential overwrite of arbitrary files The source 'sudo' and version '1.8.10p3-1+deb8u4' do not appear to match any binary packages Marked as fixed in versions

Bug#863731: sudo: CVE-2017-1000367: Potential overwrite of arbitrary files

Source: sudo Version: 1.8.10p3-1 Severity: grave Tags: security upstream patch fixed-upstream Justification: user security hole Hi, the following vulnerability was published for sudo. CVE-2017-1000367[0]: Potential overwrite of arbitrary files If you fix the vulnerability please also make sure

Bug#863267: [Python-modules-team] Bug#863267: Miscalculates MigrationHistory dependencies between multiple django apps - regression from 1.8

Hi, On Tue, 30 May 2017, Senthil Kumaran S wrote: > I tested the new version ie., test2 and got a traceback as shown here - > File "/usr/lib/python2.7/dist-packages/django/db/migrations/state.py", > line 249, in __init__ > raise ValueError("\n".join(error.msg for error in errors)) >

Processed: found 854884 in 4:4.14.3-3

Processing commands for cont...@bugs.debian.org: > found 854884 4:4.14.3-3 Bug #854884 [baloo4] baloo: is this obsoleted by src:baloo-kf5? Marked as found in versions baloo/4:4.14.3-3. > thanks Stopping processing here. Please contact me if you need assistance. -- 854884:

Bug#863701: sympa: insists that cookie has changed when it hasn't

On 05/30/2017 03:38 PM, Dominik George wrote: > Hi, > >> In this case the head command might not be in the path Sympa is seeing. >> Could you please test if >> `/usr/bin/head ...` works for you? > > Yes, it does. > > -nik > OK, thanks a lot. I'll adjust the default settings for the

Bug#863701: sympa: insists that cookie has changed when it hasn't

Hi, > In this case the head command might not be in the path Sympa is seeing. Could > you please test if > `/usr/bin/head ...` works for you? Yes, it does. -nik -- Dominik George (1. Vorstandsvorsitzender, pädagogischer Leiter) Teckids e.V. - Erkunden, Entdecken, Erfinden.

Bug#863686: freemat: fails to start with llvm error

On 30/05/2017 06:45, Stuart Prescott wrote: Starting a fresh installation of freemat fails: $ freemat : CommandLine Error: Option 'x86-machine-combiner' registered more than once! LLVM ERROR: inconsistency in registered CommandLine options I see the same here. A no-change rebuild with

Bug#863722: kdenlive-data: missing Breaks+Replaces against kde-l10n-*

Package: kdenlive-data Version: 17.04.1-1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package fails to upgrade from 'sid' to 'experimental'. It installed fine in 'sid', then the upgrade to 'experimental' fails because it

Bug#863267: [Python-modules-team] Bug#863267: Miscalculates MigrationHistory dependencies between multiple django apps - regression from 1.8

On Tuesday 30 May 2017 06:09 PM, Senthil Kumaran S wrote: > I tested the new version ie., test2 and got a traceback as shown here - > http://paste.debian.net/952939/ When combined with the attached patch for lava-server the migration works fine as seen here - http://paste.debian.net/952953/

Bug#863721: python-ncclient-doc: fails to upgrade from 'testing' - trying to overwrite /usr/share/doc/python-ncclient/html/_sources/api.txt

Package: python-ncclient-doc Version: 0.5.3-2 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package fails to upgrade from 'testing'. It installed fine in 'testing', then the upgrade to 'sid' fails because it tries to

Bug#863267: [Python-modules-team] Bug#863267: Miscalculates MigrationHistory dependencies between multiple django apps - regression from 1.8

On Tuesday 30 May 2017 05:15 PM, Raphael Hertzog wrote: > Thanks, can you try again with another test version ? > $ dget > https://people.debian.org/~hertzog/packages/python-django_1.10.7-2~test2_amd64.changes > (test2 now, no longer test1) I tested the new version ie., test2 and got a

Bug#846548: marked as pending

On 05/30/2017 07:16 AM, Eric Dorland wrote: > * Julien Cristau (jcris...@debian.org) wrote: >> On 05/29/2017 03:15 AM, Eric Dorland wrote: >>> * Julien Cristau (jcris...@debian.org) wrote: On Mon, May 22, 2017 at 03:42:57 +, Eric Dorland wrote: > tag 846548 pending > thanks

Bug#863720: aiccu: SixXS will shutdown on 2017-06-06

Agreed. It may be in our future to opensource the server implementation but at that point we can stand up a repo for ourselves. Would you be open to resubmitting in such a scenario? Pim On May 30, 2017 14:09, "Ansgar Burchardt" wrote: > Source: aiccu > Version: 20070115-17 >

Bug#863720: aiccu: SixXS will shutdown on 2017-06-06

Source: aiccu Version: 20070115-17 Severity: serious SixXS will shutdown on 2017-06-06[1]. Unless there are other tunnel providers used with aiccu, it seems useless to include in stretch. >From a quick glance at [2], SixXS is the only provider using AYIYA and TIC which is what I believe aiccu

Bug#857884: marked as done (python-jsonpointer: this is a duplicate of python-json-pointer)

Your message dated Tue, 30 May 2017 11:53:00 + with message-id and subject line Bug#863691: Removed package(s) from unstable has caused the Debian Bug report #857884, regarding python-jsonpointer: this is a duplicate of python-json-pointer to be marked as

Bug#863267: [Python-modules-team] Bug#863267: Miscalculates MigrationHistory dependencies between multiple django apps - regression from 1.8

On Tue, 30 May 2017, Senthil Kumaran S wrote: > I tested the patch with lava-server, which ended up with a traceback as > seen here - http://paste.debian.net/952276/ Thanks, can you try again with another test version ? $ dget

Bug#863717: libgrpc++1: incorrect SONAME link: /usr/lib/libgrpc++_error_details.so.3

Package: libgrpc++1 Version: 1.3.2-0.1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package causes unowned library symlinks after installation. >From the attached log (scroll to the bottom...): UNOWNED SYMLINK

Bug#863705: aptitude: symbol lookup error: aptitude: undefined symbol:

Il giorno mar, 30/05/2017 alle 11.15 +0200, Sven Joachim ha scritto: [...] > This happens because libxapian30 from jessie-backports is not compatible > with libstdc++6 from unstable (and should not have been uploaded to > jessie-backports in the first place, or under a different package name). >

Bug#863699: marked as done (boinc-client-fglrx: should be removed, fglrx is dead)

Your message dated Tue, 30 May 2017 09:48:33 + with message-id and subject line Bug#863699: fixed in boinc 7.6.33+dfsg-12 has caused the Debian Bug report #863699, regarding boinc-client-fglrx: should be removed, fglrx is dead to be marked as done. This

Processed: Re: Bug#863699: boinc-client-fglrx: should be removed, fglrx is dead

Processing control commands: > tags -1 pending Bug #863699 [boinc-client-fglrx] boinc-client-fglrx: should be removed, fglrx is dead Added tag(s) pending. -- 863699: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863699 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems

Bug#863699: boinc-client-fglrx: should be removed, fglrx is dead

control: tags -1 pending >I think the boinc-client-fglrx binary package should be dropped. fglrx thanks! uploaded G.

Processed: fixed 860072 in 1.10.16-1, fixed 863481 in 1.6.0-1~exp1

Processing commands for cont...@bugs.debian.org: > fixed 860072 1.10.16-1 Bug #860072 [src:botan1.10] botan1.10: CVE-2017-2801: Incorrect comparison in X.509 DN strings Marked as fixed in versions botan1.10/1.10.16-1. > fixed 863481 1.6.0-1~exp1 Bug #863481 {Done: Ross Gammon

Processed: found 863515 in 375.20-1

Processing commands for cont...@bugs.debian.org: > found 863515 375.20-1 Bug #863515 {Done: Luca Boccassi } [src:nvidia-graphics-drivers] CVE-2017-0350 CVE-2017-0351 CVE-2017-0352 Marked as found in versions nvidia-graphics-drivers/375.20-1. > thanks Stopping processing

Processed: Re: Bug#863705: aptitude: symbol lookup error: aptitude: undefined symbol:

Processing control commands: > reassign -1 libxapian30 1.4.1-1~bpo8+1 Bug #863705 [aptitude] aptitude: symbol lookup error: aptitude: undefined symbol: Bug reassigned from package 'aptitude' to 'libxapian30'. No longer marked as found in versions aptitude/0.8.7-1. Ignoring request to alter fixed

Bug#863705: aptitude: symbol lookup error: aptitude: undefined symbol:

Control: reassign -1 libxapian30 1.4.1-1~bpo8+1 On 2017-05-30 10:22 +0200, Leandro Noferini wrote: > Package: aptitude > Version: 0.8.7-1 > Severity: grave > Justification: renders package unusable > > Buongiorno, > > I upgraded aptitude some minutes from stable to testing (for the new version

Bug#863669: marked as done (seqan-apps: broken symlink on i386: /usr/bin/splazers -> ../lib/seqan/bin/splazers)

Your message dated Tue, 30 May 2017 09:19:10 + with message-id and subject line Bug#863669: fixed in seqan2 2.3.1+dfsg-3.1 has caused the Debian Bug report #863669, regarding seqan-apps: broken symlink on i386: /usr/bin/splazers ->

Bug#863644: cqrlog: misses runtime libmysqlclient.so.* library, breaking db usage

Hello Colin! >I have a package for 2.0.5 that works in current testing, but it was too >late to get it uploaded because of the freeze and the changes are too >invasive for an exception. >I will upload it after the release. However I think there are still a >couple of minor bugs when it is used

Bug#863644: cqrlog: misses runtime libmysqlclient.so.* library, breaking db usage

On 30/05/17 09:27, Gianfranco Costamagna wrote: > unfortunately the same testing as yesterday gave me a really different > output, the table > after deleting the .config/cqrlog directory aren't created anymore, the > package breaks with a sql > exception, so I'm leaving the package and this bug

Bug#863669: seqan-apps: broken symlink on i386: /usr/bin/splazers -> ../lib/seqan/bin/splazers

Andreas Tille wrote: > > Is that permission to bump it from DELAYED/5 to DELAYED/0? > > Yes. There is no point in letting a simple to fix bug open longer than > needed. […] > Thanks a lot (I possibly need to re-read dcut manual ...) Well, FYI... $ dcut reschedule

Bug#863669: seqan-apps: broken symlink on i386: /usr/bin/splazers -> ../lib/seqan/bin/splazers

On Tue, May 30, 2017 at 09:32:23AM +0100, Chris Lamb wrote: > > Is that permission to bump it from DELAYED/5 to DELAYED/0? Yes. There is no point in letting a simple to fix bug open longer than needed. > It's quite trivial with dcut; let me know. :) :-) Thanks a lot (I possibly need to

Bug#863701: sympa: insists that cookie has changed when it hasn't

On 05/30/2017 10:35 AM, Dominik George wrote: > Hi, > >> The configuration file is at /etc/sympa/sympa/sympa.conf for the Debian >> package, >> so this hasn't changed? > > Confirmed. > >> >> What are the permissions of the cookie file? > > 640 owned by sympa:sympa > > I have placed debugging

Bug#861515: node-grunt-contrib-copy FTBFS on armhf i386

Hi all, re. https://bugs.debian.org/861515, since we haven't got any reply from upstream for almost a month (https://github.com/gruntjs/grunt-contrib-copy/issues/291), I have updated node-grunt-contrib-copy to simply skip the failing test:

Bug#863701: sympa: insists that cookie has changed when it hasn't

On 05/30/2017 09:37 AM, Dominik George wrote: > Package: sympa > Version: 6.2.16~dfsg-3 > Severity: grave > Justification: renders package unusable > > SYMPA suddenly refuses to start with: > > May 30 09:35:20 terra sympa_msg.pl[22389]: DIED: sympa.conf/cookie parameter > has changed. You may

Bug#863707: simple-tpm-pk11: FTBFS: ./m4/test-driver: line 107: 4695 Aborted (core dumped)

Source: simple-tpm-pk11 Version: 0.06-1 Severity: serious Justification: fails to build from source User: reproducible-bui...@lists.alioth.debian.org Usertags: ftbfs X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org Dear Maintainer, simple-tpm-pk11 fails to build from source in

Bug#863705: aptitude: symbol lookup error: aptitude: undefined symbol:

Package: aptitude Version: 0.8.7-1 Severity: grave Justification: renders package unusable Buongiorno, I upgraded aptitude some minutes from stable to testing (for the new version that will arrive soon) but it gives me this error: root@nasone:~# aptitude aptitude: symbol lookup error:

Bug#863701: sympa: insists that cookie has changed when it hasn't

Hi, >The configuration file is at /etc/sympa/sympa/sympa.conf for the Debian >package, >so this hasn't changed? Confirmed. > >What are the permissions of the cookie file? 640 owned by sympa:sympa I have placed debugging prints into Conf.pm and found that $current is empty right at the

Bug#863669: seqan-apps: broken symlink on i386: /usr/bin/splazers -> ../lib/seqan/bin/splazers

Hi Andreas, > thanks a lot - feel free to skip DELAYED for Debian Med packages in > future. Is that permission to bump it from DELAYED/5 to DELAYED/0? It's quite trivial with dcut; let me know. :) Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org /

Bug#863669: seqan-apps: broken symlink on i386: /usr/bin/splazers -> ../lib/seqan/bin/splazers

Hi Chris, thanks a lot - feel free to skip DELAYED for Debian Med packages in future. I've commited your changes to Git (BTW, any DD has commit permissions so you could do so yourself in case you might have used gbp). Kind regards Andreas. On Tue, May 30, 2017 at 09:09:36AM +0100,

Bug#863644: cqrlog: misses runtime libmysqlclient.so.* library, breaking db usage

control: tags 848430 -patch -pending control: tags 863644 -patch -pending Hello Petr and Maintainers, unfortunately the same testing as yesterday gave me a really different output, the table after deleting the .config/cqrlog directory aren't created anymore, the package breaks with a sql

Processed: cqrlog: misses runtime libmysqlclient.so.* library, breaking db usage

Processing control commands: > tags 848430 -patch -pending Bug #848430 [cqrlog] cqrlog: Should Depends/Recommends the metapackage default-mysql-* Removed tag(s) patch. Bug #848430 [cqrlog] cqrlog: Should Depends/Recommends the metapackage default-mysql-* Removed tag(s) pending. > tags 863644

Bug#863669: seqan-apps: broken symlink on i386: /usr/bin/splazers -> ../lib/seqan/bin/splazers

tags 863669 + pending patch thanks I've uploaded seqan2 2.3.1+dfsg-3.1 to DELAYED/5: seqan2 (2.3.1+dfsg-3.1) unstable; urgency=medium * Non-maintainer upload. * Fix broken /usr/bin/splazers symlink on 32-bit architectures. (Closes: #863669) The full debdiff is attached.

Processed: Re: seqan-apps: broken symlink on i386: /usr/bin/splazers -> ../lib/seqan/bin/splazers

Processing commands for cont...@bugs.debian.org: > tags 863669 + pending patch Bug #863669 [seqan-apps] seqan-apps: broken symlink on i386: /usr/bin/splazers -> ../lib/seqan/bin/splazers Added tag(s) patch and pending. > thanks Stopping processing here. Please contact me if you need assistance.

Bug#859418: [Pkg-dns-devel] Bug#859418: non-functional after installation (service fails to start)

Hi Julien, do you perhaps have a full apt log? I am interested in opendnssec-common package installation log. Cheers, -- Ondřej Surý Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server Knot Resolver (https://www.knot-resolver.cz/) – secure, privacy-aware, fast

Bug#863701: sympa: insists that cookie has changed when it hasn't

Package: sympa Version: 6.2.16~dfsg-3 Severity: grave Justification: renders package unusable SYMPA suddenly refuses to start with: May 30 09:35:20 terra sympa_msg.pl[22389]: DIED: sympa.conf/cookie parameter has changed. You may have severe inconsitencies into password storage. Restore

Bug#863652: system-config-lvm: crash on stretch, python gtk bug?

severity 863652 normal thanks Am 29.05.2017 um 21:25 schrieb gregory bahde: > Package: system-config-lvm > Version: 1.1.18-3 > Severity: critical > Justification: causes serious data loss > > Dear Maintainer, > > *** Reporter, please consider answering these questions, where appropriate *** >

Processed: Re: Bug#863652: system-config-lvm: crash on stretch, python gtk bug?

Processing commands for cont...@bugs.debian.org: > severity 863652 normal Bug #863652 [system-config-lvm] system-config-lvm: crash on stretch, python gtk bug? Severity set to 'normal' from 'critical' > thanks Stopping processing here. Please contact me if you need assistance. -- 863652:

Bug#801564: squid: prompting due to modified conffiles which were not modified by the user: /etc/squid/squid.conf

Control: tag -1 pending Hi, I see the fix is applied in git. Please get it uploaded ASAP s.t. it is included the stretch release (planned to happen June 18). Recovering from "wrong" conffile migrations will be much harder if they already happened. Please upload even if you cannot fix the other

Processed: Re: squid: prompting due to modified conffiles which were not modified by the user: /etc/squid/squid.conf

Processing control commands: > tag -1 pending Bug #801564 [squid] squid: prompting due to modified conffiles which were not modified by the user: /etc/squid/squid.conf Added tag(s) pending. -- 801564: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=801564 Debian Bug Tracking System Contact

Bug#863445: bug 863445 is forwarded to https://dev.gajim.org/gajim/gajim/issues/8378, closing 863445

forwarded 863445 https://dev.gajim.org/gajim/gajim/issues/8378 close 863445 0.16.6-1.1 thanks

Processed: bug 863445 is forwarded to https://dev.gajim.org/gajim/gajim/issues/8378, closing 863445

Processing commands for cont...@bugs.debian.org: > forwarded 863445 https://dev.gajim.org/gajim/gajim/issues/8378 Bug #863445 [gajim] gajim: CVE-2016-10376: possible to remote extract plain-text from encrypted sessions Bug #863698 [gajim] CVE-2016-10376 Set Bug forwarded-to-address to

Bug#863699: boinc-client-fglrx: should be removed, fglrx is dead

Package: boinc-client-fglrx Version: 7.6.33+dfsg-11 Severity: serious Hi, I think the boinc-client-fglrx binary package should be dropped. fglrx is dead upstream (the old versions lack support for curent kernels and Xorg). The driver is not in Debian/non-free any more (so it won't be in stretch)

Bug#861678: libi8x FTBFS on 32bit: FAIL: valid/test-corpus

Binary files 'test_deref/0015-0001' and 'test_deref/0011-0001' from test folder 0.0.4 cause a problem. Solution could be to threat these tests as the same tests from the 0.0.3 test folder: https://gitlab.com/gbenson/libi8x/blob/master/tests/valid/test-corpus.c#L64-79 With these changes, package

Bug#863698: CVE-2016-10376

On Tue, May 30, 2017 at 08:49:18AM +0200, Guido Günther wrote: > Package: gajim > X-Debbugs-CC: t...@security.debian.org > secure-testing-t...@lists.alioth.debian.org > Severity: grave > Tags: security > Version: 0.16-1 > > Hi, > > the following vulnerability was published for gajim. > >

Processed: forcibly merging 863698 863445

Processing commands for cont...@bugs.debian.org: > forcemerge 863698 863445 Bug #863698 [gajim] CVE-2016-10376 Bug #863445 {Done: deba...@debian.org (W. Martin Borgert)} [gajim] gajim: CVE-2016-10376: possible to remote extract plain-text from encrypted sessions Unset Bug forwarded-to-address

Processed: notfound 863698 in gaim/0.16.6-1.1

Processing commands for cont...@bugs.debian.org: > notfound 863698 gaim/0.16.6-1.1 Bug #863698 [gajim] CVE-2016-10376 The source gaim and version 0.16.6-1.1 do not appear to match any binary packages Ignoring request to alter found versions of bug #863698 to the same values previously set >

Processed: notfound 863698 in gajim/0.16.6-1.1

Processing commands for cont...@bugs.debian.org: > notfound 863698 gajim/0.16.6-1.1 Bug #863698 [gajim] CVE-2016-10376 Ignoring request to alter found versions of bug #863698 to the same values previously set > thanks Stopping processing here. Please contact me if you need assistance. --

Bug#863698: CVE-2016-10376

Package: gajim X-Debbugs-CC: t...@security.debian.org secure-testing-t...@lists.alioth.debian.org Severity: grave Tags: security Version: 0.16-1 Hi, the following vulnerability was published for gajim. CVE-2016-10376[0]: | Gajim through 0.16.7 unconditionally implements the "XEP-0146: Remote |

Bug#857884: python-jsonpointer: this is a duplicate of python-json-pointer

Package: src:python-jsonpointer Followup-For: Bug #857884 Thanks, I have filed a RM bug against ftp.debian.org [0]. Christopher Hoskin [0] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863691

Bug#863267: [Python-modules-team] Bug#863267: Miscalculates MigrationHistory dependencies between multiple django apps - regression from 1.8

On Monday 29 May 2017 08:54 PM, Raphael Hertzog wrote: > On Mon, 29 May 2017, Raphael Hertzog wrote: >> Updated patches attached, I missed to update some tests to account >> for the move of the detect_soft_applied() method. > > Third set of patches, this time the package builds fine at least. >

Bug#863673: [Pkg-freeradius-maintainers] Bug#863673: CVE-2017-9148: FreeRADIUS TLS resumption authentication bypass

control: owner -1 ! I prepared a patch for this issue and emailed the FreeRADIUS security team asking for review. I’ll upload the patch once they confirm its effectiveness. On Mon, May 29, 2017 at 11:16 PM, Guido Günther wrote: > Package: freeradius > Version: 3.0.12+dfsg-4 >

Processed: Re: [Pkg-freeradius-maintainers] Bug#863673: CVE-2017-9148: FreeRADIUS TLS resumption authentication bypass

Processing control commands: > owner -1 ! Bug #863673 [freeradius] CVE-2017-9148: FreeRADIUS TLS resumption authentication bypass Owner recorded as Michael Stapelberg . -- 863673: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863673 Debian Bug Tracking System Contact

Processed: Re: Bug#862530: aoetools: provide a systemd service to allow proper shutdown of AoE mounts

Processing commands for cont...@bugs.debian.org: > severity 862530 important Bug #862530 [aoetools] aoetools: provide a systemd service to allow proper shutdown of AoE mounts Severity set to 'important' from 'grave' > thanks Stopping processing here. Please contact me if you need assistance. --

Bug#862530: aoetools: provide a systemd service to allow proper shutdown of AoE mounts

severity 862530 important thanks Christoph Biedl wrote... > (At least) AoE devices are handled properly if mounted with the _netdev > mount option. This applies to swap-over-AoE, too. Also, mounting these > through /etc/fstab works in jessie only if _netdev is provided as a > mount option as

Bug#863267: [Python-modules-team] Bug#863267: Miscalculates MigrationHistory dependencies between multiple django apps - regression from 1.8

On Monday 29 May 2017 08:54 PM, Raphael Hertzog wrote: > On Mon, 29 May 2017, Raphael Hertzog wrote: >> Updated patches attached, I missed to update some tests to account >> for the move of the detect_soft_applied() method. > > Third set of patches, this time the package builds fine at least. >