Bug#1009999: pulseaudio: log flooded with "ICE I/O error handler called"

[Tino Mettler]

Package: pulseaudio
Version: 15.0+dfsg1-4
Severity: important

Dear Maintainer,

pulseaudio sometimes start to flood the log with these messages:

pulseaudio[110205]: ICE I/O error handler called

Currtently, there are millions of it in my systemd journal since yesterday 
afternoon:

$ journalctl --user -b |grep 'ICE I/O error handler called'|wc -l
2539092

According to the source code, this seems to be caused by the x11-xsmp module. 
My Gnome
session uses Wayland.

-- Package-specific info:
File '/etc/default/pulseaudio' does not exist


-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.17.2 (SMP w/12 CPU threads; PREEMPT)
Kernel taint flags: TAINT_UNSIGNED_MODULE
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages pulseaudio depends on:
ii  adduser 3.121
ii  init-system-helpers 1.62
ii  libasound2  1.2.6.1-2+b1
ii  libasound2-plugins  1:1.2.6-dmo1
hi  libc6   2.33-7
ii  libcap2 1:2.44-1
ii  libdbus-1-3 1.14.0-1
ii  libfftw3-single33.3.8-2
ii  libgcc-s1   12-20220319-1
ii  libglib2.0-02.72.1-1
ii  libgstreamer-plugins-base1.0-0  1.20.1-dmo1
ii  libgstreamer1.0-0   1.20.1-1
ii  libice6 2:1.0.10-1
ii  libltdl72.4.7-3
ii  liborc-0.4-01:0.4.32-2
ii  libpulse0   15.0+dfsg1-4
ii  libsm6  2:1.2.3-1
ii  libsndfile1 1.0.31-2
ii  libsoxr00.1.3-4
ii  libspeexdsp11.2.0-1
ii  libstdc++6  12-20220319-1
ii  libsystemd0 250.4-1
ii  libtdb1 1.4.6-2+b1
ii  libudev1250.4-1
ii  libwebrtc-audio-processing1 0.3-1+b1
ii  libx11-62:1.7.5-1
ii  libx11-xcb1 2:1.7.5-1
ii  libxcb1 1.14-3
ii  libxtst62:1.2.3-1
ii  lsb-base11.1.0
ii  pulseaudio-utils15.0+dfsg1-4

Versions of packages pulseaudio recommends:
pn  dbus-user-session
ii  libpam-systemd [logind]  250.4-1
pn  rtkit

Versions of packages pulseaudio suggests:
ii  paprefs  1.1-2
ii  pavucontrol  5.0-2
pn  pavumeter
ii  udev 250.4-1

-- Configuration Files:
/etc/pulse/default.pa changed:
.fail
load-module module-device-restore
load-module module-stream-restore
load-module module-card-restore
load-module module-augment-properties
load-module module-switch-on-port-available
.ifexists module-udev-detect.so
load-module module-udev-detect
.else
load-module module-detect
.endif
.ifexists module-jackdbus-detect.so
.nofail
load-module module-jackdbus-detect channels=2
.fail
.endif
.ifexists module-bluetooth-policy.so
load-module module-bluetooth-policy
.endif
.ifexists module-bluetooth-discover.so
load-module module-bluetooth-discover
.endif
.ifexists module-esound-protocol-unix.so
load-module module-esound-protocol-unix
.endif
load-module module-native-protocol-unix
load-module module-zeroconf-publish
.ifexists module-gsettings.so
.nofail
load-module module-gsettings
.fail
.endif
load-module module-default-device-restore
load-module module-always-sink
load-module module-intended-roles
load-module module-suspend-on-idle
.ifexists module-console-kit.so
load-module module-console-kit
.endif
.ifexists module-systemd-login.so
load-module module-systemd-login
.endif
load-module module-position-event-sounds
load-module module-role-cork
load-module module-filter-heuristics
load-module module-filter-apply
.nofail
.include /etc/pulse/default.pa.d
load-module module-zeroconf-discover


-- debconf-show failed
# This file is part of PulseAudio.
#
# PulseAudio is free software; you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# PulseAudio is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with PulseAudio; if not, see .

## Configuration file for PulseAudio clients. See pulse-client.conf(5) for
## more information. Default values are commented out.  Use either ; or # for
## commenting.

; default-sink =
; default-source =
; 

Bug#1009998: gvfs-backends: Unable to access smb://host/sharing on any file manager after upgrade

[mount -t cifs unable to mount shared folders on windows server active director]

Package: gvfs-backends
Version: 1.50.0-1
Severity: grave
Tags: a11y
Justification: renders package unusable
X-Debbugs-Cc: draco...@gmail.com

Dear Maintainer,

When try access smb://host/sharing on all file systens managers the system 
report fails when mount Windows sharing. Invalid argument. 
This sharing is accessible via smbclient //host/sharing.
This problem started after upgrading the package.

-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.16.0-6-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_FIRMWARE_WORKAROUND, 
TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), 
LANGUAGE=pt_BR:pt:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gvfs-backends depends on:
ii  dconf-gsettings-backend [gsettings-backend]  0.40.0-3
ii  gvfs 1.50.0-1
ii  gvfs-common  1.50.0-1
ii  gvfs-daemons 1.50.0-1
ii  gvfs-libs1.50.0-1
ii  libarchive13 3.6.0-1
ii  libavahi-client3 0.8-5
ii  libavahi-common3 0.8-5
ii  libavahi-glib1   0.8-5
ii  libc62.33-7
ii  libcdio-cdda210.2+2.0.0-1+b2
ii  libcdio-paranoia210.2+2.0.0-1+b2
ii  libcdio192.1.0-3
ii  libgcrypt20  1.10.1-2
ii  libgdata22   0.18.1-2
ii  libglib2.0-0 2.72.1-1
ii  libgoa-1.0-0b3.44.0-1
ii  libgphoto2-6 2.5.27-1
ii  libgphoto2-port122.5.27-1
ii  libgudev-1.0-0   237-2
ii  libimobiledevice61.3.0-6+b1
ii  libmtp9  1.1.19-1
ii  libnfs13 4.0.0-1
ii  libplist32.2.0-6+b1
ii  libpolkit-gobject-1-00.105-33
ii  libsmbclient 2:4.16.0+dfsg-6
ii  libsoup-3.0-03.0.6-1
ii  libusb-1.0-0 2:1.0.26-1
ii  libxml2  2.9.13+dfsg-1
ii  psmisc   23.4-2

Versions of packages gvfs-backends recommends:
ii  gnome-keyring  40.0-3

Versions of packages gvfs-backends suggests:
ii  bluez-obexd   5.64-1
ii  samba-common  2:4.16.0+dfsg-6

-- no debconf information

Bug#1008573: gpg-agent -managed SSH keys stored in Yubikeys cannot be used with OpenSSH 8.9

[NIIBE Yutaka]

On Mon, 11 Apr 2022 11:00:55 -0700 Vagrant Cascadian  wrote:
> Same problem with Gnuk, presumably multiple or all smartcards are
> affected?

I found an issue of scdaemon.  At upstream development, it is tracked by:

https://dev.gnupg.org/T5935

When the data is not so large (smaller than the buffer size of token),
it works using Gnuk, with the patch of scdaemon.
-- 

Bug#1009977: gdm3: Fails to start since 2022/04/19 on Debian/testing

[Adrian Immanuel Kiess]

Dear Jeremy,

here the requested output:

For gdm, it reports this:

avril 22 05:04:26 g6.lan.dac org.freedesktop.secrets[12950]:
GNOME_KEYRING_CONTROL=/var/lib/gdm3/.cache/keyring-DNYYK1 avril 22
05:04:40 g6.lan.dac gdm-launch-environment][12595]:
pam_unix(gdm-launch-environment:session): session closed for user
Debian-gdm avril 22 05:04:40 g6.lan.dac systemd[1]:
var-lib-gdm3-.cache-gvfs.mount: Deactivated successfully. avril 22
05:04:40 g6.lan.dac gdm-launch-environment][12595]: GLib-GObject:
g_object_unref: assertion 'G_IS_OBJECT (object)' failed avril 22
05:04:40 g6.lan.dac systemd[1]: var-lib-gdm3-.cache-doc.mount:
Deactivated successfully. avril 22 05:04:40 g6.lan.dac gdm3[12058]:
Gdm: Child process -12600 was already dead. avril 22 05:04:40
g6.lan.dac systemd[1]: gdm.service: Deactivated successfully.

where it says:

Gdm: Child process -12600 was already dead. avril 22 05:04:40

And for gnome-shell, I found this output:

avril 22 05:04:14 g6.lan.dac gnome-shell[12614]: Error looking up
permission: GDBus.Error:org.freedesktop.portal.Error.NotFound: No entry
for geolocation avril 22 05:04:15 g6.lan.dac gnome-shell[12614]: Failed
to lock front buffer on /dev/dri/card0: drmModeAddFB2WithModifiers
failed: Invalid argument avril 22 05:04:15 g6.lan.dac
gnome-shell[12614]: JS ERROR: Exception in callback for signal:
login-format-changed: Error: Wrong type number; string expected avril
22 05:04:15 g6.lan.dac gnome-shell[12614]: Failed to lock front buffer
on /dev/dri/card0: drmModeAddFB2WithModifiers failed: Invalid argument
avril 22 05:04:15 g6.lan.dac gnome-shell[12614]: ATK Bridge is disabled
but a11y has already been enabled. avril 22 05:04:15 g6.lan.dac
gnome-shell[12614]: Failed to lock front buffer on /dev/dri/card0:
drmModeAddFB2WithModifiers failed: Invalid argument avril 22 05:04:15
g6.lan.dac gnome-shell[12614]: Failed to lock front buffer
on /dev/dri/card0: drmModeAddFB2WithModifiers failed: Invalid argument
avril 22 05:04:15 g6.lan.dac gnome-shell[12614]: Failed to lock front
buffer on /dev/dri/card0: drmModeAddFB2WithModifiers failed: Invalid
argument avril 22 05:04:15 g6.lan.dac gnome-shell[12614]: Failed to
lock front buffer on /dev/dri/card0: drmModeAddFB2WithModifiers failed:
Invalid argument avril 22 05:04:15 g6.lan.dac gnome-shell[12614]:
Failed to lock front buffer on /dev/dri/card0:
drmModeAddFB2WithModifiers failed: Invalid argument avril 22 05:04:15
g6.lan.dac gnome-shell[12614]: Failed to lock front buffer
on /dev/dri/card0: drmModeAddFB2WithModifiers failed: Invalid argument
avril 22 05:04:15 g6.lan.dac gnome-shell[12614]: Failed to lock front
buffer on /dev/dri/card0: drmModeAddFB2WithModifiers failed: Invalid
argument avril 22 05:04:15 g6.lan.dac gnome-shell[12614]: Failed to
lock front buffer on /dev/dri/card0: drmModeAddFB2WithModifiers failed:
Invalid argument avril 22 05:04:15 g6.lan.dac gnome-shell[12614]:
Failed to lock front buffer on /dev/dri/card0:
drmModeAddFB2WithModifiers failed: Invalid argument avril 22 05:04:15
g6.lan.dac gnome-shell[12614]: Registering session with GDM avril 22
05:04:15 g6.lan.dac gnome-shell[12614]: Failed to lock front buffer
on /dev/dri/card0: drmModeAddFB2WithModifiers failed: Invalid argument
avril 22 05:04:15 g6.lan.dac gnome-shell[12614]: Failed to lock front
buffer on /dev/dri/card0: drmModeAddFB2WithModifiers failed: Invalid
argument avril 22 05:04:15 g6.lan.dac gnome-shell[12614]: Failed to
lock front buffer on /dev/dri/card0: drmModeAddFB2WithModifiers failed:
Invalid argument avril 22 05:04:15 g6.lan.dac gnome-shell[12614]:
Failed to lock front buffer on /dev/dri/card0:
drmModeAddFB2WithModifiers failed: Invalid argument avril 22 05:04:15
g6.lan.dac gnome-shell[12614]: Failed to lock front buffer
on /dev/dri/card0: drmModeAddFB2WithModifiers failed: Invalid argument
avril 22 05:04:15 g6.lan.dac gnome-shell[12614]: Failed to lock front
buffer on /dev/dri/card0: drmModeAddFB2WithModifiers failed: Invalid
argument avril 22 05:04:15 g6.lan.dac gnome-shell[12614]: Failed to
lock front buffer on /dev/dri/card0: drmModeAddFB2WithModifiers failed:
Invalid argument avril 22 05:04:15 g6.lan.dac gnome-shell[12614]:
Failed to lock front buffer on /dev/dri/card0:
drmModeAddFB2WithModifiers failed: Invalid argument avril 22 05:04:15
g6.lan.dac gnome-shell[12614]: Failed to lock front buffer
on /dev/dri/card0: drmModeAddFB2WithModifiers failed: Invalid argument
avril 22 05:04:15 g6.lan.dac gnome-shell[12614]: Failed to lock front
buffer on /dev/dri/card0: drmModeAddFB2WithModifiers failed: Invalid
argument avril 22 05:04:15 g6.lan.dac gnome-shell[12614]: Failed to
lock front buffer on /dev/dri/card0: drmModeAddFB2WithModifiers failed:
Invalid argument avril 22 05:04:15 g6.lan.dac gnome-shell[12614]:
Failed to lock front buffer on /dev/dri/card0:
drmModeAddFB2WithModifiers failed: Invalid argument avril 22 05:04:15
g6.lan.dac gnome-shell[12614]: Failed to lock front buffer
on /dev/dri/card0: drmModeAddFB2WithModifiers failed: Invalid argument
avril 

Bug#1009997: dh_haskell_description: full stop characters are doubled in LongDescription

[Scott Talbert]

Package: haskell-devscripts
Version: 0.16.11
Severity: normal

Dear Maintainer,

dh_haskell_description seems to be doubling the full stop characters (.) 
in X-Description when they end up in LongDescription.  For example:

X-Description: Line 1, Paragraph 1
 Line 2, Paragraph 1
 .
 Line 1, Paragraph 2

ends up in LongDescription as:
 Line 2, Paragraph 1
 ..
 Line 1, Paragraph 2

and this results in these lintian errors:
E: libghc-exceptions-dev: description-contains-invalid-control-statement line 5
E: libghc-exceptions-dev: description-contains-invalid-control-statement line 9
E: libghc-exceptions-doc: description-contains-invalid-control-statement line 5
E: libghc-exceptions-doc: description-contains-invalid-control-statement line 9
E: libghc-exceptions-prof: description-contains-invalid-control-statement line 5
E: libghc-exceptions-prof: description-contains-invalid-control-statement line 9

See haskell-exceptions package for an example.

Thanks,
Scott

Bug#1009891: hexchat locks up hard when connecting to bip server

[Steven Rostedt]

On Wed, 20 Apr 2022 09:43:56 -0400
Steven Rostedt  wrote:

> I just tested on my laptop which also has hexchat 2.16 (same version), and
> it connects to my server's bip proxy just fine.

I figured out the problem. It appears that my upgrade messed something up
with pulseaudio, and caused anything to make a sound to not work. I believe
what happened was when I connected to my bip server, it "replayed" all my
messages which triggers beeps and alerts from hexchat. As my sound
application (pulseaudio?) was messed up, it just hung at playing the sounds.

Note, in trying to fix the sound issues, I uninstalled ekiga (which is no
longer supplied by debian), removing sound files that I had hexchat using.
After doing that, hexchat no longer locked up, but just gave me a ton of
error messages saying that it could not find the sound files.

It appears that xchat did not get stuck with the sounds (must be doing
a better job at checking error codes or something), that it did not lock up
due to it when connecting to my bip server.

Feel free to close this bug, but you may want to look at the error handling
of playing sounds.

-- Steve

Bug#1009996: IBus broken on GNOME on x11

[Gunnar Hjalmarsson]

Package: im-config
Version: 0.50-2

Hi!

The IBus configuration has been messed up somehow, and inputting using 
IBus does no longer (Debian testing) work out of the box on GNOME on 
Xorg. There is a problem also on Ubuntu 22.04 on Xorg, but there the 
issue is limited to the candidate window being shown at the bottom of 
the application window instead of close to the cursor.


Related Ubuntu bug: https://launchpad.net/bugs/1969637

There have been changes to gnome-settings-daemon in GNOME 42 which most 
likely are related. The gtk-im-module dconf key is no longer assigned 
the value "ibus" dynamically as was the case previously, but it's unset 
even if IBus IMs are included in the list of input sources.


You can set gtk-im-module manually:

gsettings set org.gnome.desktop.interface gtk-im-module ibus

and IBus starts working. Another way to make it work is to set the 
environment variable GTK_IM_MODULE to "ibus".


Please see the Ubuntu bug for further info.

Ideally we should of course try to spot the root cause of this issue and 
fix it properly, and one purpose of submitting this bug is to seek help 
in that respect.


But on the Ubuntu side this is really urgent. Ubuntu 22.04 LTS was 
released yesterday, and there we should make a stable release update 
ASAP with some kind of fix/workaround.


I submitted this im-config merge request:

https://salsa.debian.org/input-method-team/im-config/-/merge_requests/15

It works around the issue. Maybe we should use that on both Debian and 
Ubuntu for now. In any case, unless some more proper solution comes up 
very soon, I'm inclined to use it for a stable release update on Ubuntu.


--
Looking forward to your input!

Gunnar

Bug#1007901: L2TP-VPN doesn't work with network-manager version 1.36.2-1 (works with 1.34.0-1))

[Douglas Kosovic]

Hi Marcel ,


Actually you might be having an issue with your existing VPN network connection 
still having ipv4.ignore-auto-routes enabled, see:
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/946#note_1350911

 
my previous suggestion of switching from strongswan to libreswan, may or may 
not help. I wasn't able to see the strongswan issues with network-manager >= 
1.36 on Debian I saw with Arch Linux, but doesn't mean others wouldn't.



Cheers,
Doug

Bug#1009995: x11-xkb-utils: xkbcomp gives a warning for keysym XF86EmojiPicker from symbols/inet

[Vincent Lefevre]

Package: x11-xkb-utils
Version: 7.7+6
Severity: normal

Consider

zira:~> cat .xkb/keymap/test
xkb_keymap {
xkb_keycodes  { include "evdev+aliases(qwerty)" };
xkb_types { include "complete"  };
xkb_compat{ include "complete"  };
xkb_symbols   { include "pc+gb+inet(evdev)" };
xkb_geometry  { include "pc(pc105)" };
};

(the "+inet(evdev)" is important).

I get the following warning:

zira:~> xkbcomp -w 0 -I$HOME/.xkb -R$HOME/.xkb keymap/test xkb.dump
Warning:  Could not resolve keysym XF86EmojiPicker

The issue probably comes from

zira:~> grep -r XF86EmojiPicker /usr/share/X11/xkb
/usr/share/X11/xkb/symbols/inet:   key{   [ XF86EmojiPicker   
 ]  }; // KEY_EMOJI_PICKER

This file is provided by xkb-data (current version 2.35.1-1).
So there's something wrong between x11-xkb-utils and xkb-data
(similar to bug 953032 / 994036).

Note: about the fact that I get this warning with "-w 0" is
the following bug, which I've just reported:
  https://gitlab.freedesktop.org/xorg/app/xkbcomp/-/issues/20
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009994

Once this bug is fixed, this could be tested without the "-w 0".

-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'stable-updates'), (500, 
'stable-security'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.17.0-1-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=POSIX, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages x11-xkb-utils depends on:
ii  libc62.33-7
ii  libx11-6 2:1.7.5-1
ii  libxaw7  2:1.0.14-1
ii  libxkbfile1  1:1.1.0-1
ii  libxrandr2   2:1.5.2-1
ii  libxt6   1:1.2.1-1

x11-xkb-utils recommends no packages.

x11-xkb-utils suggests no packages.

-- no debconf information

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Bug#1009994: xkbcomp: warnings with "-w 0" due to missing warningLevel test for some WARN() occurrences

[Vincent Lefevre]

Package: x11-xkb-utils
Version: 7.7+6
Severity: normal
Tags: upstream
Forwarded: https://gitlab.freedesktop.org/xorg/app/xkbcomp/-/issues/20

The the xkbcomp(1) man page says:

  -w lvl  Controls the reporting of warnings during compilation.  A
  warning level of 0 disables all warnings; a warning level
  of 10 enables them all.

But it is possible to get some warnings even with "-w 0", such as

Warning:  Could not resolve keysym XF86EmojiPicker

The xkbcomp code shows that some WARN() occurrences are not
preceded by a warningLevel test.

For instance, in xkbcomp/symbols.c, the following one is OK:

if ((!ExprResolveString(value, , NULL, NULL))
&& (warningLevel > 0))
{
WARN("The type field of a key symbol map must be a string\n");
ACTION("Ignoring illegal type definition\n");
}

but the "Could not resolve keysym..." warning isn't:

for (i = 0; i < nSyms; i++) {
if (!LookupKeysym(value->value.list.syms[i], >syms[ndx][i])) {
WARN("Could not resolve keysym %s\n", value->value.list.syms[i]);
key->syms[ndx][i] = NoSymbol;
}
}

-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'stable-updates'), (500, 
'stable-security'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.17.0-1-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=POSIX, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages x11-xkb-utils depends on:
ii  libc62.33-7
ii  libx11-6 2:1.7.5-1
ii  libxaw7  2:1.0.14-1
ii  libxkbfile1  1:1.1.0-1
ii  libxrandr2   2:1.5.2-1
ii  libxt6   1:1.2.1-1

x11-xkb-utils recommends no packages.

x11-xkb-utils suggests no packages.

-- no debconf information

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Bug#896907: openjdk-8-jre-headless: Headless JRE package should not configure assistive technologies

[Thorsten Glaser]

close 896907
thanks

Hi,

closing as the requested moreinfo was not provided in the last ~year
and we’re moving toward 17 as supported JDK/JRE.

bye,
//mirabilos
-- 
Gestern Nacht ist mein IRC-Netzwerk explodiert. Ich hatte nicht damit
gerechnet, darum bin ich blutverschmiert… wer konnte ahnen, daß SIE so
reagier’n… gestern Nacht ist mein IRC-Netzwerk explodiert~~~
(as of 2021-06-15 The MirOS Project temporarily reconvenes on OFTC)

Bug#1009992: ghostscript: new PDF interpreter may yield an incorrect ToUnicode CMap with the presence of U+2308 LEFT CEILING in input

[Vincent Lefevre]

Package: ghostscript
Version: 9.56.1~dfsg-1
Severity: normal
Tags: upstream
Forwarded: https://bugs.ghostscript.com/show_bug.cgi?id=705246

When an input PDF file has a character like U+2308 LEFT CEILING and
has a ToUnicode CMap, the new PDF interpreter may yield an incorrect
ToUnicode CMap in the generated PDF. The issue seems to be limited
to characters like math symbols (in the same font as the problematic
character?), though; letters, including accented ones, do not seem
to be affected.

Here's a shell script used for some testing:


#!/bin/sh

set -e

out()
{
  echo -n "$i$j ($1):"
  printf " %s" $(pdftotext chartest9$i$j$2.pdf - | tr -d '\f')
  echo
}

for i in a b
do
  for j in 0 1
  do
cat <<'EOF' | sed "s/:$i/lceil/" | \
  sed "s/:a//" | \
  sed "s/J/$j/" > chartest9.tex
\documentclass{article}
\usepackage[T1]{fontenc}
\usepackage{lmodern}
\pdfgentounicode=J
\begin{document}
\thispagestyle{empty}
$\in:a$
\end{document}
EOF

pdflatex chartest9.tex > /dev/null
mv chartest9.pdf chartest9$i$j.pdf
out "pdfTeX" ""

ps2pdf14 chartest9$i$j.pdf chartest9$i$j-new.pdf
out "gs new" "-new"

ps2pdf14 -dNEWPDF=false chartest9$i$j.pdf chartest9$i$j-old.pdf
out "gs old" "-old"
  done
done


See the upstream bug for the obtained PDF files.

4 kinds of PDF inputs are tested (a0, a1, b0, b1), where
  * a: the content corresponds to "∈⌈" (ELEMENT OF + LEFT CEILING)
  * b: the content corresponds to "∈" (ELEMENT OF)
  * 0: \pdfgentounicode=0 (pdfTeX does not generate a ToUnicode CMap)
  * 1: \pdfgentounicode=1 (pdfTeX generates a ToUnicode CMap)

I've compared (see above script for details):
  * pdfTeX: PDF file generated by pdfTeX from TeX Live 2022
  * gs new: PDF file obtained with the new PDF interpreter (default)
  * gs old: PDF file obtained with the old PDF interpreter (dNEWPDF=false)

I've done the tests with the ghostscript 9.56.1~dfsg-1 Debian package.

If LEFT CEILING is not present, Ghostscript does not generate
a ToUnicode CMap in all of these cases, which is fine. But if
this character is present:

1. With the old PDF interpreter, Ghostscript generates a correct
ToUnicode CMap.

2. With the new PDF interpreter and no input ToUnicode CMap,
Ghostscript does not generate a ToUnicode CMap (the only practical
issue is that one cannot get unual characters like LEFT CEILING, but
this is not worse than what TeX Live 2022 can yield in any case).

3. With the new PDF interpreter and an input ToUnicode CMap like
the one from TeX Live 2022, Ghostscript generates an incorrect
ToUnicode CMap, which prevents one from getting usual math
characters such as ELEMENT OF.

The results, where I've added ToUnicode CMap information (which I have
obtained with "qpdf --stream-data=uncompress" on these PDF files):

a0 (pdfTeX): ∈d (no CMap)
a0 (gs new): ∈d (no CMap)
a0 (gs old): ∈⌈ (CMap old)
a1 (pdfTeX): ∈d (CMap 1)
a1 (gs new):(CMap 1-new)
a1 (gs old): ∈⌈ (CMap old)
b0 (pdfTeX): ∈  (no CMap)
b0 (gs new): ∈  (no CMap)
b0 (gs old): ∈  (no CMap)
b1 (pdfTeX): ∈  (CMap 1)
b1 (gs new): ∈  (no CMap)
b1 (gs old): ∈  (no CMap)

with the following ToUnicode CMaps:

CMap old:

begincmap
/CMapType 2 def
/CMapName/R11 def
1 begincodespacerange
<00>
endcodespacerange
2 beginbfrange
<32><32><2208>
<64><64><2308>
endbfrange
endcmap


CMap 1:

begincmap
/CIDSystemInfo
<< /Registry (TeX)
/Ordering (lmsy10-lm-mathsy)
/Supplement 0
>> def
/CMapName /TeX-lmsy10-lm-mathsy-0 def
/CMapType 2 def
1 begincodespacerange
<00> 
endcodespacerange
0 beginbfrange
endbfrange
0 beginbfchar
endbfchar
endcmap


CMap 1-new:

begincmap
/CMapType 2 def
/CMapName/R11 def
1 begincodespacerange
<00>
endcodespacerange
2 beginbfrange
<32><32><00>
<64><64><00>
endbfrange
endcmap


-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'stable-updates'), (500, 
'stable-security'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.17.0-1-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=POSIX, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages ghostscript depends on:
ii  libc6   2.33-7
ii  libgs9  9.56.1~dfsg-1

ghostscript recommends no packages.

Versions of packages ghostscript suggests:
ii  ghostscript-x  9.56.1~dfsg-1

-- no debconf information

-- 
Vincent Lefèvre  - Web: 

Bug#1005500: NMU upload pending

[Jonas Smedegaard]

Quoting Timo Röhling (2022-04-22 00:02:37)
> I took the liberty to massage the PR to apply cleanly to version 2.4.8 
> and uploaded the fix.

Great! Thanks a lot!

 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

signature.asc
Description: signature

Bug#965756: oneliner-el: diff for NMU version 0.3.6-9.2

[Guilherme de Paula Xavier Segundo]

Control: tags 965756 + patch
Control: tags 965756 + pending

Dear maintainer,

I've prepared an NMU for oneliner-el (versioned as 0.3.6-9.2) and
uploaded it to DELAYED/5. Please feel free to tell me if I
should delay it longer.

Regards.

diff -u oneliner-el-0.3.6/debian/changelog oneliner-el-0.3.6/debian/changelog
--- oneliner-el-0.3.6/debian/changelog
+++ oneliner-el-0.3.6/debian/changelog
@@ -1,3 +1,16 @@
+oneliner-el (0.3.6-9.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Using new DH level format. Consequently:
+- debian/compat: removed.
+- debian/control: changed from 'debhelper' to 'debhelper-compat' in
+  Build-Depends field and bumped level to 13.
+- debian/rules: using 'dh_prep' instead of 'dh_clean -k' because the
+  '-k' option is not supported since compat 12.
+- Closes: #965756
+
+ -- Guilherme de Paula Xavier Segundo   Thu, 21 Apr 2022 11:01:29 -0300
+
 oneliner-el (0.3.6-9.1) unstable; urgency=medium
 
   * Non-maintainer upload.
reverted:
--- oneliner-el-0.3.6/debian/compat
+++ oneliner-el-0.3.6.orig/debian/compat
@@ -1 +0,0 @@
-5
diff -u oneliner-el-0.3.6/debian/control oneliner-el-0.3.6/debian/control
--- oneliner-el-0.3.6/debian/control
+++ oneliner-el-0.3.6/debian/control
@@ -1,6 +1,6 @@
 Source: oneliner-el
 Section: editors
-Build-Depends: debhelper (>= 5.0.0)
+Build-Depends: debhelper-compat (= 13)
 Priority: optional
 Maintainer: OHURA Makoto 
 Build-Depends-Indep: docbook-to-man, emacs, texinfo, po-debconf
diff -u oneliner-el-0.3.6/debian/rules oneliner-el-0.3.6/debian/rules
--- oneliner-el-0.3.6/debian/rules
+++ oneliner-el-0.3.6/debian/rules
@@ -68,7 +68,7 @@
 install: build
 	dh_testdir
 	dh_testroot
-	dh_clean -k 
+	dh_prep
 	dh_installdirs
 
 	# Add here commands to install the package into debian/oneliner-el.

Bug#965742: nagios-plugins-rabbitmq: diff for NMU version 1:1.2.0-2.4

[Guilherme de Paula Xavier Segundo]

Control: tags 965742 + patch
Control: tags 965742 + pending

Dear maintainer,

I've prepared an NMU for nagios-plugins-rabbitmq (versioned as 1:1.2.0-2.4) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.

Regards.

diff -u nagios-plugins-rabbitmq-1.2.0/debian/changelog nagios-plugins-rabbitmq-1.2.0/debian/changelog
--- nagios-plugins-rabbitmq-1.2.0/debian/changelog
+++ nagios-plugins-rabbitmq-1.2.0/debian/changelog
@@ -1,3 +1,14 @@
+nagios-plugins-rabbitmq (1:1.2.0-2.4) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Using new DH level format. Consequently:
+  - debian/compat: removed.
+  - debian/control: changed from 'debhelper' to 'debhelper-compat' in
+Build-Depends field and bumped level to 13.
+  - Closes: #965742
+
+ -- Guilherme de Paula Xavier Segundo   Thu, 21 Apr 2022 10:46:52 -0300
+
 nagios-plugins-rabbitmq (1:1.2.0-2.3) unstable; urgency=medium
 
   * Non maintainer upload by the Reproducible Builds team.
reverted:
--- nagios-plugins-rabbitmq-1.2.0/debian/compat
+++ nagios-plugins-rabbitmq-1.2.0.orig/debian/compat
@@ -1 +0,0 @@
-5
diff -u nagios-plugins-rabbitmq-1.2.0/debian/control nagios-plugins-rabbitmq-1.2.0/debian/control
--- nagios-plugins-rabbitmq-1.2.0/debian/control
+++ nagios-plugins-rabbitmq-1.2.0/debian/control
@@ -3,7 +3,7 @@
 Priority: optional
 Maintainer: Cyril Bouthors 
 Uploaders: Cyril Bouthors , Cyril Bouthors 
-Build-Depends: debhelper (>= 5), rsync, libmodule-build-perl
+Build-Depends: debhelper-compat (= 13), rsync, libmodule-build-perl
 Standards-Version: 3.9.5
 
 Package: nagios-plugins-rabbitmq

Bug#965738: mylvmbackup: diff for NMU version 0.15-1.2

[Guilherme de Paula Xavier Segundo]

Control: tags 965738 + patch
Control: tags 965738 + pending

Dear maintainer,

I've prepared an NMU for mylvmbackup (versioned as 0.15-1.2) and
uploaded it to DELAYED/5. Please feel free to tell me if I
should delay it longer.

Regards.
diff -Nru mylvmbackup-0.15/debian/changelog mylvmbackup-0.15/debian/changelog
--- mylvmbackup-0.15/debian/changelog	2017-01-13 17:34:08.0 -0200
+++ mylvmbackup-0.15/debian/changelog	2022-04-21 10:42:15.0 -0300
@@ -1,3 +1,14 @@
+mylvmbackup (0.15-1.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Using new DH level format. Consequently:
+- debian/compat: removed.
+- debian/control: changed from 'debhelper' to 'debhelper-compat' in
+  Build-Depends field and bumped level to 13.
+- Closes: #965738
+
+ -- Guilherme de Paula Xavier Segundo   Thu, 21 Apr 2022 10:42:15 -0300
+
 mylvmbackup (0.15-1.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru mylvmbackup-0.15/debian/compat mylvmbackup-0.15/debian/compat
--- mylvmbackup-0.15/debian/compat	2014-05-22 14:26:26.0 -0300
+++ mylvmbackup-0.15/debian/compat	1969-12-31 21:00:00.0 -0300
@@ -1 +0,0 @@
-5
diff -Nru mylvmbackup-0.15/debian/control mylvmbackup-0.15/debian/control
--- mylvmbackup-0.15/debian/control	2017-01-13 17:34:08.0 -0200
+++ mylvmbackup-0.15/debian/control	2022-04-21 10:42:15.0 -0300
@@ -3,7 +3,7 @@
 Priority: extra
 Maintainer: Debian MySQL Maintainers 
 Uploaders: Norbert Tretkowski 
-Build-Depends: debhelper (>= 7.0.50), asciidoc (>= 8.2.0), xsltproc, docbook-xsl
+Build-Depends: debhelper-compat (= 13), asciidoc (>= 8.2.0), xsltproc, docbook-xsl
 Standards-Version: 3.9.4
 Homepage: http://lenzg.net/mylvmbackup/
 Vcs-Browser: http://svn.debian.org/wsvn/pkg-mysql/mylvmbackup/

Bug#965733: mrb: diff for NMU version 0.3+nmu2

[Guilherme de Paula Xavier Segundo]

Control: tags 965733 + patch
Control: tags 965733 + pending

Dear maintainer,

I've prepared an NMU for mrb (versioned as 0.3+nmu2) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.

Regards.
diff -Nru mrb-0.3+nmu1/debian/changelog mrb-0.3+nmu2/debian/changelog
--- mrb-0.3+nmu1/debian/changelog	2021-01-08 09:47:17.0 -0300
+++ mrb-0.3+nmu2/debian/changelog	2022-04-21 10:33:07.0 -0300
@@ -1,3 +1,14 @@
+mrb (0.3+nmu2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Using new DH level format. Consequently:
+  - debian/compat: removed.
+  - debian/control: changed from 'debhelper' to 'debhelper-compat' in
+Build-Depends field and bumped level to 13.
+  - Closes: #965733
+
+ -- Guilherme de Paula Xavier Segundo   Thu, 21 Apr 2022 10:33:07 -0300
+
 mrb (0.3+nmu1) unstable; urgency=medium
 
   * Non maintainer upload by the Reproducible Builds team.
diff -Nru mrb-0.3+nmu1/debian/compat mrb-0.3+nmu2/debian/compat
--- mrb-0.3+nmu1/debian/compat	2016-08-15 07:56:16.0 -0300
+++ mrb-0.3+nmu2/debian/compat	1969-12-31 21:00:00.0 -0300
@@ -1 +0,0 @@
-5
diff -Nru mrb-0.3+nmu1/debian/control mrb-0.3+nmu2/debian/control
--- mrb-0.3+nmu1/debian/control	2016-08-15 07:56:16.0 -0300
+++ mrb-0.3+nmu2/debian/control	2022-04-21 10:33:07.0 -0300
@@ -2,7 +2,7 @@
 Section: admin
 Priority: optional
 Maintainer: Ron Lee 
-Build-Depends: debhelper (>= 5), perl
+Build-Depends: debhelper-compat (= 13), perl
 Standards-Version: 3.9.8.0
 
 Package: mrb

Bug#1005500: NMU upload pending

[Timo Röhling]

Hi,

I took the liberty to massage the PR to apply cleanly to version
2.4.8 and uploaded the fix.


Cheers
Timo

--
⢀⣴⠾⠻⢶⣦⠀   ╭╮
⣾⠁⢠⠒⠀⣿⡁   │ Timo Röhling   │
⢿⡄⠘⠷⠚⠋⠀   │ 9B03 EBB9 8300 DF97 C2B1  23BF CC8C 6BDD 1403 F4CA │
⠈⠳⣄   ╰╯
diff -Nru doctest-2.4.8~ds/debian/changelog doctest-2.4.8~ds/debian/changelog
--- doctest-2.4.8~ds/debian/changelog	2022-01-14 22:32:17.0 +0100
+++ doctest-2.4.8~ds/debian/changelog	2022-04-21 23:47:01.0 +0200
@@ -1,3 +1,10 @@
+doctest (2.4.8~ds-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix build failure with move-only types (Closes: #1005500)
+
+ -- Timo Röhling   Thu, 21 Apr 2022 23:47:01 +0200
+
 doctest (2.4.8~ds-1) unstable; urgency=medium
 
   [ upstream ]
diff -Nru doctest-2.4.8~ds/debian/patches/0001_Backport_PR_634.patch doctest-2.4.8~ds/debian/patches/0001_Backport_PR_634.patch
--- doctest-2.4.8~ds/debian/patches/0001_Backport_PR_634.patch	1970-01-01 01:00:00.0 +0100
+++ doctest-2.4.8~ds/debian/patches/0001_Backport_PR_634.patch	2022-04-21 23:45:26.0 +0200
@@ -0,0 +1,224 @@
+From: Stefan <29021710+saalv...@users.noreply.github.com>
+Date: Thu, 21 Apr 2022 23:41:36 +0200
+Subject: Fix move-only types failing to decompose correctly
+
+This is a backport of commit ce13bc44b99c87e918b98bdadb17008d2dd54d55
+
+Forwarded: https://github.com/doctest/doctest/pull/634
+---
+ doctest/doctest.h  | 12 +--
+ doctest/parts/doctest_fwd.h|  6 +++---
+ examples/all_features/CMakeLists.txt   |  1 +
+ examples/all_features/decomposition.cpp| 25 ++
+ .../all_features/test_output/decomposition.cpp.txt | 13 +++
+ .../test_output/decomposition.cpp_junit.txt| 14 
+ .../test_output/decomposition.cpp_xml.txt  | 20 +
+ examples/all_features/test_output/filter_2.txt |  2 +-
+ examples/all_features/test_output/filter_2_xml.txt |  3 ++-
+ 9 files changed, 85 insertions(+), 11 deletions(-)
+ create mode 100644 examples/all_features/decomposition.cpp
+ create mode 100644 examples/all_features/test_output/decomposition.cpp.txt
+ create mode 100644 examples/all_features/test_output/decomposition.cpp_junit.txt
+ create mode 100644 examples/all_features/test_output/decomposition.cpp_xml.txt
+
+diff --git a/doctest/doctest.h b/doctest/doctest.h
+index d25f526..31096ff 100644
+--- a/doctest/doctest.h
 b/doctest/doctest.h
+@@ -390,9 +390,9 @@ namespace doctest { namespace detail {
+ static DOCTEST_CONSTEXPR int consume(const int*, int) { return 0; }
+ }}
+ 
+-#define DOCTEST_GLOBAL_NO_WARNINGS(var, ...)   \
+-DOCTEST_CLANG_SUPPRESS_WARNING_WITH_PUSH("-Wglobal-constructors")  \
+-static const int var = doctest::detail::consume(, __VA_ARGS__);\
++#define DOCTEST_GLOBAL_NO_WARNINGS(var, ...) \
++DOCTEST_CLANG_SUPPRESS_WARNING_WITH_PUSH("-Wglobal-constructors")\
++static const int var = doctest::detail::consume(, __VA_ARGS__); /* NOLINT(cert-err58-cpp) */ \
+ DOCTEST_CLANG_SUPPRESS_WARNING_POP
+ 
+ #ifndef DOCTEST_BREAK_INTO_DEBUGGER
+@@ -1320,7 +1320,7 @@ DOCTEST_CLANG_SUPPRESS_WARNING_WITH_PUSH("-Wunused-comparison")
+ assertType::Enum m_at;
+ 
+ explicit Expression_lhs(L&& in, assertType::Enum at)
+-: lhs(doctest::detail::forward(in))
++: lhs(static_cast(in))
+ , m_at(at) {}
+ 
+ DOCTEST_NOINLINE operator Result() {
+@@ -1394,8 +1394,8 @@ DOCTEST_CLANG_SUPPRESS_WARNING_POP
+ // https://github.com/catchorg/Catch2/issues/870
+ // https://github.com/catchorg/Catch2/issues/565
+ template 
+-Expression_lhs operator<<(const L &) {
+-return Expression_lhs(doctest::detail::forward(operand), m_at);
++Expression_lhs operator<<(L&& operand) {
++return Expression_lhs(static_cast(operand), m_at);
+ }
+ 
+ template ::value,void >::type* = nullptr>
+diff --git a/doctest/parts/doctest_fwd.h b/doctest/parts/doctest_fwd.h
+index b0d786f..ff9fed0 100644
+--- a/doctest/parts/doctest_fwd.h
 b/doctest/parts/doctest_fwd.h
+@@ -1317,7 +1317,7 @@ DOCTEST_CLANG_SUPPRESS_WARNING_WITH_PUSH("-Wunused-comparison")
+ assertType::Enum m_at;
+ 
+ explicit Expression_lhs(L&& in, assertType::Enum at)
+-: lhs(doctest::detail::forward(in))
++: lhs(static_cast(in))
+ , m_at(at) {}
+ 
+ DOCTEST_NOINLINE operator Result() {
+@@ -1391,8 +1391,8 @@ DOCTEST_CLANG_SUPPRESS_WARNING_POP
+ // https://github.com/catchorg/Catch2/issues/870
+

Bug#1002053: lintian: false positive inconsistent-appstream-metadata-license (gpl-2.0+ != gpl-2+)

[Nicholas D Steeves]

Hi Chris,

"Chris Lamb"  writes:

> Hi Nicholas,
>
>> Gentle ping :-)
>
> Thanks for the gentle/direct ping. Unfortunately, however, I am no
> longer a Lintian developer, so I won't be able to address this bug for
> you. Hope you can get it fixed, though. :)
>

Thanks for the quick reply, and great to hear from you btw--it's been
ages.  Yes, I hope lintian receives fixes soon too, but of course the
longstanding RC one[s] take[s] priority.  'hope you're finding
inspiration in whatever you're working on now!

Take care,
Nicholas


signature.asc
Description: PGP signature

Bug#1009883: dh_haskell_install_ghc_registration: does not support directories

[Scott Talbert]

On Thu, 21 Apr 2022, Felix Lechner wrote:


As for this bug, I was aware that I broke the directory feature but,
like you, was also not sure right away about how to handle it
properly. The directory feature for package registrations is described
in the documentation. [1]

Kind regards
Felix Lechner

[1] 
https://downloads.haskell.org/cabal/Cabal-3.0.0.0/doc/users-guide/installing-packages.html#cmdoption-setup-register-gen-pkg-config


Actually, as best as I can tell, the old code only supported files as 
well, so I don't think this was a regression.  It looks as though the 
correct approach might be to just install each file that's in the 
directory.  If you don't have time to look into it, I might take a stab at 
it.


Thanks,
Scott

Bug#965460: cli-common: diff for NMU version 0.10+nmu1

[Guilherme de Paula Xavier Segundo]

Control: tags 965460 + patch
Control: tags 965460 + pending

Dear maintainer,

I've prepared an NMU for cli-common (versioned as 0.10+nmu1) and
uploaded it to DELAYED/5. Please feel free to tell me if I
should delay it longer.

Regards.
diff -Nru cli-common-0.10/debian/changelog cli-common-0.10+nmu1/debian/changelog
--- cli-common-0.10/debian/changelog	2019-03-11 12:26:56.0 -0300
+++ cli-common-0.10+nmu1/debian/changelog	2022-04-21 09:30:10.0 -0300
@@ -1,3 +1,14 @@
+cli-common (0.10+nmu1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Using new DH level format. Consequently:
+  - debian/compat: removed.
+  - debian/control: changed from 'debhelper' to 'debhelper-compat' in
+Build-Depends field and bumped level to 13.
+  - Closes: #965460
+
+ -- Guilherme de Paula Xavier Segundo   Thu, 21 Apr 2022 09:30:10 -0300
+
 cli-common (0.10) unstable; urgency=medium
 
   * The Cambridge BSP ‘Let’s RM the world’ release.
diff -Nru cli-common-0.10/debian/compat cli-common-0.10+nmu1/debian/compat
--- cli-common-0.10/debian/compat	2019-03-11 12:26:56.0 -0300
+++ cli-common-0.10+nmu1/debian/compat	1969-12-31 21:00:00.0 -0300
@@ -1 +0,0 @@
-5
\ Nenhum caractere de nova linha no final do arquivo
diff -Nru cli-common-0.10/debian/control cli-common-0.10+nmu1/debian/control
--- cli-common-0.10/debian/control	2019-03-11 12:26:56.0 -0300
+++ cli-common-0.10+nmu1/debian/control	2022-04-21 09:30:10.0 -0300
@@ -3,7 +3,7 @@
 Priority: optional
 Maintainer: Debian Mono Group 
 Uploaders: Mirco Bauer 
-Build-Depends: debhelper (>= 5)
+Build-Depends: debhelper-compat (= 13)
 Build-Depends-Indep: debiandoc-sgml,
  texlive-base-bin,
  texlive-base,

Bug#1008653: backintime-qt broken in sid after python upgrade

[Agustin Martin]

El jue, 21 abr 2022 a las 23:47, Agustin Martin
() escribió:
> If a new upstream version contains many changes that maintainer wants
> to inspect closely, it is trivial to just include upstream fix for
> this issue. I am attaching a patch (with unclosed changelog formatted
> for NMU, modify as appropriate) that should deal with this problem,
> just adapting upstream commit to Debian patch system.

Really attaching patch, sorry for the noise.

--
Agustin
diff --git a/debian/changelog b/debian/changelog
index faed735..0e926fc 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+backintime (1.2.1-3.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * 01_tools.py_fix-1008653.patch: Get upstream changes to fix "tests no
+longer work with Python 3.10" (Closes: #1008653).
+
+ --
+
 backintime (1.2.1-3) unstable; urgency=medium
 
   * Cherry-pick patch for #946349 from upstream Git repository
diff --git a/debian/patches/01_tools.py_fix-1008653.patch b/debian/patches/01_tools.py_fix-1008653.patch
new file mode 100644
index 000..0ffcbe2
--- /dev/null
+++ b/debian/patches/01_tools.py_fix-1008653.patch
@@ -0,0 +1,28 @@
+From e1ae23ddc0b4229053e3e9c6c61adcb7f3d8e9b3 Mon Sep 17 00:00:00 2001
+From: Germar Reitze 
+Date: Mon, 5 Jul 2021 19:11:58 +0200
+Subject: [PATCH] Tests no longer work with Python 3.10 (fixes: #1175)
+
+--- a/common/tools.py
 b/common/tools.py
+@@ -25,7 +25,10 @@
+ import errno
+ import gzip
+ import tempfile
+-import collections
++try:
++from collections.abc import MutableSet
++except ImportError:
++from collections import MutableSet
+ import hashlib
+ import ipaddress
+ import atexit
+@@ -1802,7 +1805,7 @@ def reset(self, path):
+ self.history = [path,]
+ self.index = 0
+ 
+-class OrderedSet(collections.MutableSet):
++class OrderedSet(MutableSet):
+ """
+ OrderedSet from Python recipe
+ http://code.activestate.com/recipes/576694/
diff --git a/debian/patches/series b/debian/patches/series
index 78aacb2..c486f48 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
 00-fix-946349.patch
+01_tools.py_fix-1008653.patch

Bug#1008653: backintime-qt broken in sid after python upgrade

[Agustin Martin]

Control: tags -1 + patch fixed-upstream

On Wed, Apr 20, 2022 at 09:45:26AM +0200, Leonardo Canducci wrote:
> Package: backintime-qt
> Followup-For: Bug #1008653
>
> I've installed backintime-qt from github (it's pretty straightforward,
> just donwload the source and build two deb files with the provided
> makedeb.sh) and it works fine.
>
> Please update this package. I'm by no means a developer but it seems
> like a trivial fix.

Hi,

If a new upstream version contains many changes that maintainer wants
to inspect closely, it is trivial to just include upstream fix for
this issue. I am attaching a patch (with unclosed changelog formatted
for NMU, modify as appropriate) that should deal with this problem,
just adapting upstream commit to Debian patch system.

Regards,

-- 
Agustin

Bug#1009991: freerdp2-wayland: wlfreerdp does not capture keystrokes before the remote computer

[Wm M Fender-Westwind]

Package: freerdp2-wayland
Version: 2.6.1+dfsg1-3
Severity: important

Dear Maintainer,

(I created this report in reportbug and copied it to this email.)

I am using wayland with sway as my desktop.

Both xfreerdp and wlfreerdp will get me to the host system and I can do my
work, but xfreerdp will capture keystrokes so that I can use a keystroke to
get to another desktop, for example. wlfreerdp with the same switches does
not capture the keystrokes and they go straight to the remote windows
system. (I use the windows key as the meta key for sway and it works fine
with xfreerdp.)

In order for me to use wlfreerdp, I need to be able to switch screens
frequently, therefore I need the program to capture keystrokes in the same
manner as xfreerdp.

I am including the command line I use. When using wlfreerdp, I can set the
dimensions with /size so that I can navigate with the mouse to a free area
of my desktop but that is not a good solution.

wlfreerdp /f /u:XX /p:XX /v:XX /g:X /gt:http /gu:
/gp:XX  /printer:home /log-level:warn -wallpaper +auto-reconnect


-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.17.0-1-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE,
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE
not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages freerdp2-wayland depends on:
ii  libc6 2.33-7
ii  libfreerdp-client2-2  2.6.1+dfsg1-3
ii  libfreerdp2-2 2.6.1+dfsg1-3
ii  libuwac0-02.6.1+dfsg1-3
ii  libwinpr2-2   2.6.1+dfsg1-3

freerdp2-wayland recommends no packages.

freerdp2-wayland suggests no packages.

-- no debconf information

Bug#1009883: dh_haskell_install_ghc_registration: does not support directories

[Felix Lechner]

Hi Scott,

> It's not quite clear to me how a directory is supposed to be handled

First off, thank you for your bug reports. I recently rewrote the
Haskell tooling to allow the use of Debhelper's dh sequencer with all
features. Unfortunately, I recently started using another OS and may
not be able to iron out all the kinks in the new code.

As for this bug, I was aware that I broke the directory feature but,
like you, was also not sure right away about how to handle it
properly. The directory feature for package registrations is described
in the documentation. [1]

Kind regards
Felix Lechner

[1] 
https://downloads.haskell.org/cabal/Cabal-3.0.0.0/doc/users-guide/installing-packages.html#cmdoption-setup-register-gen-pkg-config

Bug#931776: Debian 11 + snapd 2.49-1 - still Installed snaps do not appear in desktop launcher

[Filip Trzeciak]

Dear Maintainer

Debian 11 with snapd 2.49-1 still struggles with the same problem.

Quick check in terminal shows XDG_DATA_DIRS variable lacking
/var/lib/snapd/desktop
However, after the "exec bash --login" variable looks good.
After switching from default lightdm to gdm3 all just works.

Best regards

technical details, comparing "set" before and after "exec bash --login"

filip@filip:~$ diff -u bez z
--- bez 2022-04-21 23:11:44.699961183 +0200
+++ z 2022-04-21 23:11:50.747977323 +0200
@@ -1,5 +1,5 @@
 BASH=/usr/bin/bash
-BASHOPTS=checkwinsize:cmdhist:complete_fullquote:expand_aliases:extquote:force_fignore:globasciiranges:histappend:hostcomplete:interactive_comments:progcomp:promptvars:sourcepath
+BASHOPTS=checkwinsize:cmdhist:complete_fullquote:expand_aliases:extquote:force_fignore:globasciiranges:histappend:hostcomplete:interactive_comments:login_shell:progcomp:promptvars:sourcepath
 BASH_ALIASES=()
 BASH_ARGC=([0]="0")
 BASH_ARGV=()
@@ -40,9 +40,10 @@
 OPTERR=1
 OPTIND=1
 OSTYPE=linux-gnu
-PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games:/snap/bin
 PIPESTATUS=([0]="0")
 PPID=49715
+PROMPT_COMMAND=__vte_prompt_command
 PS1='\[\e]0;\u@\h:
\w\a\]${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$
'
 PS2='> '
 PS4='+ '
@@ -61,10 +62,10 @@
 UID=1000
 USER=filip
 VTE_VERSION=6203
-WINDOWID=6291462
+WINDOWID=6292272
 XAUTHORITY=/home/filip/.Xauthority
 XDG_CURRENT_DESKTOP=MATE
-XDG_DATA_DIRS=/usr/share/mate:/usr/local/share/:/usr/share/
+XDG_DATA_DIRS=/usr/share/mate:/usr/local/share/:/usr/share/:/var/lib/snapd/desktop
 XDG_GREETER_DATA_DIR=/var/lib/lightdm/data/filip
 XDG_RUNTIME_DIR=/run/user/1000
 XDG_SEAT=seat0
@@ -77,3 +78,17 @@
 XDG_VTNR=7
 XMODIFIERS=@im=ibus
 _=set
+snap_bin_path=/snap/bin
+snap_xdg_path=/var/lib/snapd/desktop
+__vte_osc7 ()
+{
+printf "\033]7;file://%s%s\033\\" "${HOSTNAME}"
"$(/usr/libexec/vte-urlencode-cwd)"
+}
+__vte_prompt_command ()
+{
+local pwd='~';
+[ "$PWD" != "$HOME" ] && pwd=${PWD/#$HOME\//\~\/};
+pwd="${pwd//[[:cntrl:]]}";
+printf "\033]0;%s@%s:%s\033\\" "${USER}" "${HOSTNAME%%.*}" "${pwd}";
+__vte_osc7
+}

Bug#1004912: Acknowledgement (rarcrack dead upstream?)

[Bastian Germann]

On Thu, 3 Feb 2022 15:40:45 +0100 Mathieu Malaterre  wrote:

Should we switch to:

https://github.com/jaredsburrows/rarcrack

?


I second that. But you should think of a NMU or ITS to change the upstream.
The package maintainer is apparently inactive for years.

Bug#1009990: gnome-settings-daemon: night light stopped working

[Jérémy Lal]

Package: gnome-settings-daemon
Version: 42.1-3
Severity: normal

Hi,

night light mode stopped working (automatic and manual modes),
since a recent mutter/shell update.

Nothing odd in the user logs.


-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (101, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 5.17.0-1-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gnome-settings-daemon depends on:
ii  gnome-settings-daemon-common  42.1-3
ii  gsettings-desktop-schemas 42.0-1
ii  libasound21.2.6.1-2+b1
ii  libc6 2.33-7
ii  libcairo2 1.16.0-5
ii  libcanberra-gtk3-00.30-10
ii  libcanberra0  0.30-10
ii  libcolord21.4.6-1
ii  libcups2  2.4.1op1-2
ii  libfontconfig12.13.1-4.4
ii  libgcr-base-3-1   3.40.0-4
ii  libgdk-pixbuf-2.0-0   2.42.8+dfsg-1
ii  libgeoclue-2-02.6.0-1
ii  libgeocode-glib0  3.26.2-2
ii  libglib2.0-0  2.72.1-1
ii  libgnome-desktop-3-19 42.0-2
ii  libgtk-3-03.24.33-1
ii  libgudev-1.0-0237-2
ii  libgweather-4-0   4.0.0-2
ii  liblcms2-22.12~rc1-2
ii  libmm-glib0   1.18.6-2
ii  libnm01.36.4-2
ii  libnotify40.7.9-3
ii  libnspr4  2:4.33-1
ii  libnss3   2:3.77-1
ii  libpam-systemd [logind]   250.4-1
ii  libpango-1.0-01.50.6+ds-2
ii  libpangocairo-1.0-0   1.50.6+ds-2
ii  libpolkit-gobject-1-0 0.105-33
ii  libpulse-mainloop-glib0   15.0+dfsg1-4
ii  libpulse0 15.0+dfsg1-4
ii  libupower-glib3   0.99.17-1
ii  libwacom9 2.2.0-1
ii  libwayland-client01.20.0-1
ii  libx11-6  2:1.7.5-1
ii  libxext6  2:1.3.4-1
ii  libxfixes31:6.0.0-1
ii  libxi62:1.8-1

Versions of packages gnome-settings-daemon recommends:
ii  iio-sensor-proxy   3.0-2
ii  pulseaudio 15.0+dfsg1-4
ii  x11-xserver-utils  7.7+9

Versions of packages gnome-settings-daemon suggests:
pn  usbguard  

-- no debconf information

Bug#1009658: RFS: ncdu/1.16-0.1 [NMU] -- ncurses disk usage viewer

[Santiago Ruano Rincón]

El 21/04/22 a las 21:37, Andrey Rahmatullin escribió:
> On Thu, Apr 21, 2022 at 02:49:42PM +0200, Santiago Ruano Rincón wrote:
> > >  ncdu (1.16-0.1) unstable; urgency=medium
> > 
> > Is it really urgency=medium? low wouldn't fit?
> medium is the default urgency since Nov 2013.

It is the default, indeed. But that doesn't mean you cannot change it.

Never mind, forget that comment.


signature.asc
Description: PGP signature

Bug#1003653: Revision of removal of rename.ul from package util-linux

[Christoph Berg]

> ===Begin Resolution A
> The Technical Committee overrides the util-linux maintainer, and requires
> that util-linux's rename should be shipped as /usr/bin/rename.ul in a binary
> package built from src:util-linux. The package containing rename.ul must not
> conflict with the rename package nor divert /usr/bin/rename.
> ===End Resolution A
> 
> ===Begin Resolution B
> The Technical Committee overrides the util-linux maintainer, and requires
> that util-linux's rename should be shipped in a binary package built from
> src:util-linux. If this package Conflicts with the rename package, then it
> must not contain any other binaries.
> ===End Resolution B
> 
> ===Begin Resolution N
> None of the above
> ===End Resolution N

I vote A > B > N.

Christoph


signature.asc
Description: PGP signature

Bug#1009989: Can't convert from HTML

[積丹尼 Dan Jacobson]

Package: gnumeric
Version: 1.12.51-1
File: /usr/bin/ssconvert

$ ssconvert --list-importers 2>&1 |grep -i htm
Gnumeric_html:html   | HTML (*.html, *.htm)
$ txt2html /etc/motd > g.html
$ ssconvert g.html /tmp/m.pdf
Loading file:///tmp/g.html failed

Bug#1009988: O: postgresql-semver -- Semantic version number type for PostgreSQL

[Felix Lechner]

Package: wnpp
Severity: normal

Hi,

This Postgres data type was used for the most recent Lintian website.

Kind regards,
Felix Lechner

Bug#1009917: (no subject)

[ZenWalker]

Thanks for your quick answer.

> Mobian appears to be a Debian derivative, containing modifications
> relative to Debian.

I reported the bug using 'reportbug', you can see the related packages,
seems there is no mobian specific packages.

The mobian packages are here:
https://packages.mobian-project.org

There is a gtk3 mobian package, no related to this bug. The gtk4
packages are taken from debian.

> Is this bug reproducible on a Debian system?

Not here, I can't reproduce it on debian testing in PC.

> The patch appears to be reverting a change that was made to fix a
> different bug, so I'm not comfortable with reverting it without a better
> idea of what is going on and what (if anything) the revert is likely
> to break.

yes, I understand you, I opened the debian bug because I see no advance
in the upstream, and it is a critical bug.

Best regards,
Pablo.

Bug#1009299: linux-image-5.16.0-6-amd64: 5.16 breaks buttons below touchpad on Dell Precision 7550

[Marc Glisse]

Hello,

I installed

linux-image-5.17.0-1-amd64:amd64/unstable 5.17.3-1 uptodate

(and corresponding headers, etc)

and right click works again, the issue is fixed, thank you!

--
Marc Glisse

Bug#1009418: autokey: diff for NMU version 0.95.10-2.1

[Tobias Frost]

Control: tags 1009418 + patch
Control: tags 1009418 + pending


Dear maintainer,

I've prepared an NMU for autokey (versioned as 0.95.10-2.1) and
uploaded it to DELAYED/5. Please feel free to tell me if I
should delay it longer.

Regards.

diff -Nru autokey-0.95.10/debian/changelog autokey-0.95.10/debian/changelog
--- autokey-0.95.10/debian/changelog	2021-01-04 12:49:17.0 +0100
+++ autokey-0.95.10/debian/changelog	2022-04-21 20:38:41.0 +0200
@@ -1,3 +1,11 @@
+autokey (0.95.10-2.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix FTBFS by relaxing hard-coded python path in d/not-installed
+(Closes: #1009418).
+
+ -- Tobias Frost   Thu, 21 Apr 2022 20:38:41 +0200
+
 autokey (0.95.10-2) unstable; urgency=medium
 
   [ Ondřej Nový ]
diff -Nru autokey-0.95.10/debian/not-installed autokey-0.95.10/debian/not-installed
--- autokey-0.95.10/debian/not-installed	2021-01-04 12:48:25.0 +0100
+++ autokey-0.95.10/debian/not-installed	2022-04-19 07:18:09.0 +0200
@@ -1,2 +1,2 @@
-usr/lib/python3.9/dist-packages/autokey/__pycache__/
-usr/lib/python3.9/dist-packages/autokey/iomediator/__pycache__/
+usr/lib/python*/dist-packages/autokey/__pycache__/
+usr/lib/python*/dist-packages/autokey/iomediator/__pycache__/

Bug#1002053: lintian: false positive inconsistent-appstream-metadata-license (gpl-2.0+ != gpl-2+)

[Chris Lamb]

Hi Nicholas,

> Gentle ping :-)

Thanks for the gentle/direct ping. Unfortunately, however, I am no
longer a Lintian developer, so I won't be able to address this bug for
you. Hope you can get it fixed, though. :)


Best wishes,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org  chris-lamb.co.uk
   `-

Bug#1009987: bluez: Bluetooth service does not start

[Benjamin Mesing]

Package: bluez
Version: 5.64-1
Severity: grave
Justification: renders package unusable

Hi,
I installed testing non-free and immediately upgraded to unstable on a lenovo 
thinkbook in the last two day. After that bluetooth was not working.
Note, that I did not test bluetooth while still being on testing.
After many attempts to get latest firmware I eventually figured out the root 
cause: the bluetooth.service was not starting due 
to a missing /var/lib/bluetooth directory.

Output for service status:

× bluetooth.service - Bluetooth service
 Loaded: loaded (/lib/systemd/system/bluetooth.service; enabled; vendor 
preset: enabled)
 Active: failed (Result: exit-code) since Thu 2022-04-21 19:56:46 CEST; 
12min ago
   Docs: man:bluetoothd(8)
Process: 2411 ExecStart=/usr/libexec/bluetooth/bluetoothd (code=exited, 
status=226/NAMESPACE)
   Main PID: 2411 (code=exited, status=226/NAMESPACE)
CPU: 4ms

Apr 21 19:56:46 lenovo-ben systemd[1]: Starting Bluetooth service...
Apr 21 19:56:46 lenovo-ben systemd[2411]: bluetooth.service: Failed to set up 
mount namespacing: /run/systemd/unit-root/var/lib/bluetooth: No such file or 
directory
Apr 21 19:56:46 lenovo-ben systemd[2411]: bluetooth.service: Failed at step 
NAMESPACE spawning /usr/libexec/bluetooth/bluetoothd: No such file or directory
Apr 21 19:56:46 lenovo-ben systemd[1]: bluetooth.service: Main process exited, 
code=exited, status=226/NAMESPACE
Apr 21 19:56:46 lenovo-ben systemd[1]: bluetooth.service: Failed with result 
'exit-code'.


Calling 
  install  -m 700 -d /var/lib/bluetooth
and restarting bluetooth service eventually fixed the issue.

It cost me a couple of hours to find the solution, for a less tech-savy user 
bluetooth will be not usable. Therefore I set severity to grave.

Regards
Ben


-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.17.0-1-amd64 (SMP w/16 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages bluez depends on:
ii  dbus [default-dbus-system-bus]  1.14.0-1
ii  init-system-helpers 1.62
ii  kmod29-1
ii  libasound2  1.2.6.1-2+b1
ii  libc6   2.33-7
ii  libdbus-1-3 1.14.0-1
ii  libdw1  0.186-1
ii  libglib2.0-02.72.1-1
ii  libreadline88.1.2-1.2
ii  libudev1250.4-1
ii  lsb-base11.1.0
ii  udev250.4-1

bluez recommends no packages.

Versions of packages bluez suggests:
pn  pulseaudio-module-bluetooth  

-- no debconf information

Bug#1009986: ITP: hatch-vcs -- Hatch plugin for versioning from VCS

[Stefano Rivera]

Package: wnpp
Severity: wishlist
Owner: Stefano Rivera 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: hatch-vcs
  Version : 0.2.0
  Upstream Author : Ofek Lev 
* URL : https://pypi.org/project/hatch-vcs/
* License : Expat
  Programming Lang: Python
  Description : Hatch plugin for versioning from VCS

This provides a plugin for Hatch that uses your preferred version control
system (like Git) to determine project versions.

It may be required to build a Python module from source.

It's the hatch-equivalent of setuptools-scm (which it uses).
I'll package it under the Debian Python Team.

Bug#1009917: gtk4 applications randomly crash on Mobian Pinephone

[Simon McVittie]

Control: retitle -1 gtk4 applications randomly crash on Mobian Pinephone
Control: tags -1 = upstream moreinfo

On Wed, 20 Apr 2022 at 18:03:34 +0200, ZenWalker wrote:
> Unable to run these applications 10 times without crash with mobian pinephone:
> 
> megapixels, gnome-calculator, and gnome-clocks and probably more gtk4 apps

Mobian appears to be a Debian derivative, containing modifications
relative to Debian. Is this bug reproducible on a Debian system?

> The issue in gtk repo:
> https://gitlab.gnome.org/GNOME/gtk/-/issues/4763
> 
> This patch fixes the bug:
> https://gitlab.gnome.org/GNOME/gtk/-/merge_requests/4570.patch

The patch appears to be reverting a change that was made to fix a
different bug, so I'm not comfortable with reverting it without a better
idea of what is going on and what (if anything) the revert is likely
to break.

I see you're already in contact with upstream. Please work with them
to provide the information they need about what is happening on your
Pinephone, which appears to be an embedded device, and therefore seems
likely to have a graphics stack that does not match what is typically
used on Debian and GNOME systems.

smcv

Bug#1009985: RFP: memray -- memory profiler for Python

[Yaroslav Halchenko]

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: debian-pyt...@lists.debian.org

* Package name: memray
  Version : 1.0.3
  Upstream Author : Bloomberg LP
* URL : https://github.com/bloomberg/memray
* License : Apache 2.0
  Programming Lang: Python
  Description : memory profiler for Python

Memray is a memory profiler for Python. It can track memory allocations in
Python code, in native extension modules, and in the Python interpreter
itself. It can generate several different types of reports to help you analyze
the captured memory usage data. While commonly used as a CLI tool, it can also
be used as a library to perform more fine-grained profiling tasks.

It was open-sourced only recently, LICENSE with Apache 2.0 was added only 12
days ago.

Bug#1009984: transition: qt6-base

[Patrick Franz]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
X-Debbugs-Cc: delta...@debian.org

Dear Release Team,

Qt 6.2.4 is packaged in experimental and needs a transition
as we have an ABI change for the private headers as usual.

As Qt 6 is still quite new in Debian, only 2 non-Qt packages
are affected by this:

* fcitx-qt5
* fcitx5-qt

I successfully built both against Qt 6.2.4 and thus they should
only need a NMU.


Ben file:

title = "Qt 6.2.4";
is_affected = .depends ~ /qt6-base-abi \(= 6\.2\.2\)/ | .depends ~ 
/qt6-base-abi \(= 6\.2\.4\)/;
is_good = .depends ~ /qt6-base-abi \(= 6\.2\.4\)/;
is_bad = .depends ~ /qt6-base-abi \(= 6\.2\.2\)/;


--
Med vänliga hälsningar

Patrick Franz

Bug#1009983: O: mdadm -- Tool to administer Linux MD arrays (software RAID)

[Felix Lechner]

Package: wnpp
Severity: normal

Hi,

This is an exciting opportunity to assume maintenance of an important
package. It is now available for your adoption!

Kind regards,
Felix Lechner

Bug#1004258: modem-manager-gui: segfaults on launch

[Mykola Nikishov]

"Matteo F. Vescovi"  writes:

> Package: modem-manager-gui
> Version: 0.0.20-2+b1
> Severity: important
>
> Dear Maintainer,
>
> since a few days m-m-g doesn't start anymore and when launched on a
> terminal it segfaults with the following output:

[...]

Downgrading libnm0 (and network-manager) to version from stable fixes
the same issue for me.

-- 
Mykola

Libre/Free Java Software Developer
https://manandbytes.gitlab.io/

Bug#742356: xkbprint(1): Some (typographical) corrections to the manual

[Alan Coopersmith]

Fixed upstream in xkbprint 1.0.5 by
https://gitlab.freedesktop.org/xorg/app/xkbprint/-/commit/b968db6ca6fdb6ebb2384eaffaabe406c5cf783f

--
-Alan Coopersmith- alan.coopersm...@oracle.com
 Oracle Solaris Engineering - https://blogs.oracle.com/solaris

Bug#1009963: deb-systemd-helper: Misleading error message in "sub enable" if systemctl fails

[Michael Biebl]

Am 21.04.22 um 18:37 schrieb Ansgar:

Hi,

On Thu, 2022-04-21 at 18:13 +0200, Michael Biebl wrote:


So /usr/bin/systemctl is provided by the "systemctl" package?
Can you post the output of apt-cache policy systemctl


I think the bug reporter suggest to replace the

   system(...) == 0 or error("systemctl preset failed on $scriptname: $!");

with a more correct (and verbose)

   system(...);
   if ($? == -1) {
 error("systemctl preset failed on $scriptname: $!");
   }
   elsif ($? & 127) {
 error("systemctl preset died with signal " . ($? & 127));
   }
   else {
 error("systemctl preset failed with return status " . ($? >> 8));
   }

as `perldoc -f system` suggest. (Untested, so might contain typos and
the like.)

Currently it always give "$!" as the reason, even when not correct.
This would also be incorrect if the real systemctl is used if the
command fails because of syntax errors or so.


Thanks for the additional information, Ansgar.

I guess we have two issues then:
- systemctl (from docker-systemctl-replacement) most likely not being 
compatible with the real systemctl

- handling of the return code from system()

We do have quite a few calls to system() in our perl code.


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1000013: nginx: depends on obsolete pcre3 library

[Bastian Germann]

Control: tags -1 upstream

On Thu, 18 Nov 2021 11:49:05 + Matthew Vernon  wrote:> Your package still depends on the old, 
obsolete PCRE3[0] libraries

(i.e. libpcre3-dev). This has been end of life for a while now, and
upstream do not intend to fix any further bugs in it. Accordingly, I
would like to remove the pcre3 libraries from Debian, preferably in
time for the release of Bookworm.


This is resolved upstream with http://hg.nginx.org/nginx/rev/0b5f12d5c531, 
which is released with 1.21.5.

Bug#1009982: O: pius -- Tools to help before and after key-signing parties

[Felix Lechner]

Package: wnpp
Severity: normal

Hi,

This package is low maintenance and now available for your adoption!

Kind regards,
Felix Lechner

Bug#1009981: rsync: please make the build reproducible

[Chris Lamb]

Source: rsync
Version: 3.2.4-1
Severity: wishlist
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: timestamps
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org

Hi,

Whilst working on the Reproducible Builds effort [0] we noticed that
rsync could not be built reproducibly.

This was because the manpage generation used the current date for the
manual page header.

A patch is attached that will use SOURCE_DATE_EPOCH if available.

 [0] https://reproducible-builds.org/


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-
--- a/debian/patches/reproducible_manpages.patch1969-12-31 
16:00:00.0 -0800
--- b/debian/patches/reproducible_manpages.patch2022-04-21 
09:29:18.220183086 -0700
@@ -0,0 +1,15 @@
+Description: Make the build reproducible
+Author: Chris Lamb 
+Last-Update: 2022-04-21
+
+--- rsync-3.2.4.orig/md-convert
 rsync-3.2.4/md-convert
+@@ -241,7 +241,7 @@ def find_man_substitutions():
+ if var == 'srcdir':
+ break
+ 
+-env_subs['date'] = time.strftime('%d %b %Y', time.localtime(mtime))
++env_subs['date'] = time.strftime('%d %b %Y', 
time.gmtime(int(os.environ.get('SOURCE_DATE_EPOCH', time.time()
+ 
+ 
+ def html_via_commonmark(txt):
--- a/debian/patches/series 2022-04-21 09:16:56.694213519 -0700
--- b/debian/patches/series 2022-04-21 09:29:17.192187237 -0700
@@ -2,3 +2,4 @@
 skip_devices_test.patch
 perl_shebang.patch
 fix_rrsync_man_generation.patch
+reproducible_manpages.patch

Bug#1009976: RFS: nginx/1.20.2-1 [Team] -- small, powerful, scalable web/proxy server

[Bastian Germann]

On Thu, 21 Apr 2022 11:43:34 -0400 Thomas Ward  wrote:

I am looking for a sponsor for my package "nginx":

* Package name : nginx
Version : 1.20.2-1
Upstream Author : Igor Sysoev
* URL : https://nginx.org
* License : BSD-4-clause, Expat, BSD-2-clause, BSD-3-clause
* Vcs : https://salsa.debian.org/nginx-team/nginx
Section : httpd


You should also mark CVE-2021-3618 as resolved with the changelog.

When you are not on the uploaders list anymore, you should send the RFS
to the team address instead (or their preferred channel for RFSs).

I am also sending this to the bug where you asked for the new version.
I hope one of the team's DDs will sponsor it in a reasonable timeframe.

Bug#1009977: gdm3: Fails to start since 2022/04/19 on Debian/testing

[Jeremy Bicha]

On Thu, Apr 21, 2022 at 11:51 AM Adrian Immanuel Kiess
 wrote:
> GDM3 fails to load, after bringing up the system.

Please switch to a virtual terminal (like Ctrl+Alt+F3) and look for
interesting messages in
journalctl -b

Probably especially messages from gnome-shell or gdm

Thank you,
Jeremy Bicha

Bug#1009963: deb-systemd-helper: Misleading error message in "sub enable" if systemctl fails

[Ansgar]

Hi,

On Thu, 2022-04-21 at 18:13 +0200, Michael Biebl wrote:
> 
> So /usr/bin/systemctl is provided by the "systemctl" package?
> Can you post the output of apt-cache policy systemctl

I think the bug reporter suggest to replace the

  system(...) == 0 or error("systemctl preset failed on $scriptname: $!");

with a more correct (and verbose)

  system(...);
  if ($? == -1) {
error("systemctl preset failed on $scriptname: $!");
  }
  elsif ($? & 127) {
error("systemctl preset died with signal " . ($? & 127));
  }
  else {
error("systemctl preset failed with return status " . ($? >> 8));
  }

as `perldoc -f system` suggest. (Untested, so might contain typos and
the like.)

Currently it always give "$!" as the reason, even when not correct.
This would also be incorrect if the real systemctl is used if the
command fails because of syntax errors or so.

Ansgar

Bug#1009658: RFS: ncdu/1.16-0.1 [NMU] -- ncurses disk usage viewer

[Andrey Rahmatullin]

On Thu, Apr 21, 2022 at 02:49:42PM +0200, Santiago Ruano Rincón wrote:
> >  ncdu (1.16-0.1) unstable; urgency=medium
> 
> Is it really urgency=medium? low wouldn't fit?
medium is the default urgency since Nov 2013.



-- 
WBR, wRAR


signature.asc
Description: PGP signature

Bug#1009980: O: wxedid -- Graphical editor for monitor resolution and timing data (EDID)

[Felix Lechner]

Package: wnpp
Severity: normal

Hi,

This package is low maintenance and now available for your adoption!

You can use this software when repairing your monitor's EDID. [1]

Kind regards,
Felix Lechner

[1] https://wiki.debian.org/RepairEDID

Bug#1009978: O: gammastep -- Adjust display hue to outside lighting conditions

[Felix Lechner]

Package: wnpp
Severity: normal

Hi,

This package is low maintenance and now available for your adoption!

Kind regards,
Felix Lechner

Bug#1009963: deb-systemd-helper: Misleading error message in "sub enable" if systemctl fails

[Michael Biebl]

Am 21.04.22 um 12:33 schrieb Sascha Herrmann:

Package: init-system-helpers
Version: 1.60
Severity: normal
X-Debbugs-Cc: sh-b...@ps.nvbi.de

Dear Maintainer,

the code line 'or error("systemctl preset failed on $scriptname: $!");' prints
some misleading information, if the systemctl command fails and returns an
return value != 0. When using the systemctl package (systemctl-replacement),
some packages fail to setup their service files, systemctl returns the error
code 1 which results in a message like

"/usr/bin/deb-systemd-helper: error: systemctl preset failed on 
keyboard-setup.service: No such file or directory"



So /usr/bin/systemctl is provided by the "systemctl" package?
Can you post the output of
apt-cache policy systemctl

Please uninstall the systemctl package and test if the failure is gone.

Regards,
Michael



OpenPGP_signature
Description: OpenPGP digital signature

Bug#1009979: spamassassin: sa-learn mbox parsing is broken

[Noah Meyerhans]

Package: spamassassin
Version: 4.0.0~0.0svn1899920-1
Severity: important
Tags: upstream experimental
Forwarded: https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7977

When passing an mbox file to sa-learn, expected training does not occur:

noahm@74805e6e29ad:/tmp$ sa-learn --spam --mbox < spam-2022-04-20_1040 
Learned tokens from 0 message(s) (0 message(s) examined)
noahm@74805e6e29ad:/tmp$ echo $?
1

The previous version in experimental did not have this problem. 

noahm@c30d8e8ec714:/src/spamassassin$ sa-learn -D --spam --mbox < 
spam-2022-04-20_1040 2> debug-revert.log
Learned tokens from 2 message(s) (2 message(s) examined)
noahm@c30d8e8ec714:/src/spamassassin$ echo $?
0

Bug#1009838: macaulay2: wrong dependency on base-files from linktree

[Torrance, Douglas]

On Mon, 18 Apr 2022 13:45:28 -0700 Steve Langasek 
 wrote:

The macaulay2-common package has a versioned dependency on base-files that
is generated by dh_linktree.  This is because
debian/macaulay2-common.linktrees generates links to
usr/share/common-licenses/ that are then resolved to a dependency.

- You do not have to depend on base-files, this package is essential.
- The only time you need to depend on an essential package is if you have a
  versioned dependency.  However, in this case the versioned dependency is
  itself wrong; dh_linktree is generating a >= versioned dependency against
  the version of base-files that is currently installed at build time, but
  that version is arbitrary and is not an indication of the minimum version
  required (GPL-2 and GPL-3 are not new).
- You should not in general need to make symlinks to the license files.  All
  packages have their license information available in the standard location
  of /usr/share/doc/$package/copyright, as this package does.

We noticed this in Ubuntu because an upload of base-files triggered a run of
macaulay2's autopkgtests, which take a long time to run and are irrelevant
to a base-files update.

Please drop these links, and with them the gratuitous versioned dependency.


Thanks for the report!

I'd added the symlinks because the Macaulay2 documentation includes these
license files, and this seemed like a slightly easier solution to shipping
redundant copies of the GPL than patching the documentation itself.  I didn't
think about the repercussions of using dh_linktrees to do this!

I'll upload a new version soon with a fix.

Doug



signature.asc
Description: PGP signature

Bug#1009685: Resolved due to migration of Python3.10 (was: opm-grid: autopkgtest regression: No rule to make target '/usr/lib/x86_64-linux-gnu/libpython3.10.so')

[Markus Blatt]

Dear Paul,

thanks for noticing. You are right the migration was not possible due to
the Python transition.

The problem was a chicken and egg one. And the update of the package was
done to make the python migration possible (by removing remnants of the
old python version from all opm packages). In retrospect that might not
have been the best idea?

Seems like this has actually worked as after the python transition finished
all the autopkgtests are green on [1]. Or am I missing something?

But maybe the correct fix would be to have a versioned dependency on the python
lib for all binary packages that have references to it in the CMake
configuration files? That would then be for all libopm-*-dev packages which
ship these. At least this might prevent problems in future transitions.

On a side note: We seem to have similar (or more serious) problems with
opm-material, see [2].
There I do not understand why opm-models (which requires opm-material) can
actually block the migration. But that might my limited knowledge. Would be
cool if someone would enlighten me in this regard.

Cheers,

Markus


[1] https://qa.debian.org/excuses.php?package=opm-grid
[2] https://qa.debian.org/excuses.php?package=opm-material


signature.asc
Description: PGP signature

Bug#1009977: gdm3: Fails to start since 2022/04/19 on Debian/testing

[Adrian Immanuel Kiess]

Package: gdm3
Version: 42.0-1
Severity: normal

Dear Maintainer,

   * What led up to the situation?
 Upgrading my Debian/testing installation on 2022/04/19
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
 # apt -u dist-upgrade
   * What was the outcome of this action?
 GDM3 fails to start after system loaded
   * What outcome did you expect instead?
 GDM3 loading fine and present login screen

since 2022/04/19, after a regular system update on my Debian/testing
installation,
GDM3 fails to load, after bringing up the system.

A curser on the upper left, top part of the screen is blinking and nothing is
happening afterwards. My GDM3 configuration is the same as before.

I have to manually login as root (CTRL+ALT+F[x]) and issue # service gdm3 stop.

Running then startx as normal user works still fine.

Maybe Wayland is broken, due to GDM3 can't load.

Thank you very much for your kind attention.

Sincerely,

Adrian Kieß



-- System Information:
Debian Release: bookworm/sid
  APT prefers testing
  APT policy: (990, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.16.0-6-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to fr_FR.UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gdm3 depends on:
ii  9wm [x-window-manager]   1.4.1-1
ii  accountsservice  22.07.5-1
ii  adduser  3.121
ii  aewm [x-window-manager]  1.3.12-7
ii  aewm++ [x-window-manager]1.1.2-5.2
ii  afterstep [x-window-manager] 2.2.12-15
ii  amiwm [x-window-manager] 0.21pl2-2
ii  blackbox [x-window-manager]  0.70.1-38
ii  ctwm [x-window-manager]  4.0.3-1
ii  dbus [default-dbus-system-bus]   1.14.0-1
ii  dbus-bin 1.14.0-1
ii  dbus-daemon  1.14.0-1
ii  dconf-cli0.40.0-3
ii  dconf-gsettings-backend  0.40.0-3
ii  debconf [debconf-2.0]1.5.79
ii  deepin-terminal [x-terminal-emulator]5.2.11-1
ii  dwm [x-window-manager]   6.3-0.1
ii  enlightenment [x-window-manager] 0.25.3-1
ii  fluxbox [x-window-manager]   1.3.5-2.1
ii  fvwm [x-window-manager]  1:2.6.8-1+b2
ii  fvwm-crystal [x-window-manager]  3.4.1+dfsg-3
ii  gir1.2-gdm-1.0   42.0-1
ii  gnome-session [x-session-manager]42.0-1
ii  gnome-session-bin42.0-1
ii  gnome-session-common 42.0-1
ii  gnome-session-flashback [x-session-manager]  3.44.0-1
ii  gnome-settings-daemon42.1-3
ii  gnome-shell  42.0-3
ii  gnome-terminal [x-terminal-emulator] 3.44.0-1
ii  gsettings-desktop-schemas42.0-1
ii  jwm [x-window-manager]   2.4.1-1
ii  kwin-x11 [x-window-manager]  4:5.24.4-1
ii  libaccountsservice0  22.07.5-1
ii  libaudit11:3.0.7-1+b1
ii  libc62.33-7
ii  libcanberra-gtk3-0   0.30-10
ii  libcanberra0 0.30-10
ii  libgdk-pixbuf-2.0-0  2.42.8+dfsg-1
ii  libgdm1  42.0-1
ii  libglib2.0-0 2.72.1-1
ii  libglib2.0-bin   2.72.1-1
ii  libgtk-3-0   3.24.33-1
ii  libgudev-1.0-0   237-2
ii  libkeyutils1 1.6.1-3
ii  libpam-modules   1.4.0-11
ii  libpam-runtime   1.4.0-11
ii  libpam-systemd [logind]  250.4-1
ii  libpam0g 1.4.0-11
ii  librsvg2-common  2.52.5+dfsg-3+b1
ii  libselinux1  3.3-1+b2
ii  libsystemd0  250.4-1
ii  libx11-6 2:1.7.5-1
ii  libxau6  1:1.0.9-1
ii  libxcb1  1.14-3
ii  libxdmcp61:1.1.2-3
ii  lsb-base 11.1.0
ii  lxsession [x-session-manager]0.5.5-2+b1
ii  marco [x-window-manager] 1.26.0-2
ii  mate-session-manager [x-session-manager] 1.26.0-1
ii  mate-terminal [x-terminal-emulator]  1.26.0-1
ii  metacity [x-window-manager]  

Bug#900928: RFP: fractal -- Matrix group messaging app

[Jonas Smedegaard]

5.0.0~~git20220412-0.0 draft 4 needs embedding 234 crates (108 missing, 
87 outdated, 14 ahead, 1 broken, 16 unreleased); runs but has issues 
with glib schema file and libsecret

Thanks especially to Peter Michael Green in the Rust team fixing a slew 
of fatal bugs in dependencies, the amount of embedded crates are now 
reduced to 234.

My plan is still to mainly wait for upstream to stabilize their 
codebase, and to wait for Rust team to update/upgrade more crate 
packages.

You can help by testing this draft package (either build it yourself or 
tell if you want me to provide you a binary package) and provide 
feedback on how well it works in your desktop environment.

You can also help by joining the Rust team in Debian and help unbreak 
and upgrade packaged crates, and add more: 
https://salsa.debian.org/matrix-team/fractal/-/blob/debian/latest/debian/TODO


 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

signature.asc
Description: signature

Bug#1008708: Bug is fixed in 2.14, current is 2.15

[Heinz Repp]

Unfortunately PysolFC is severely outdated in Debian. PysolFC not 
running with Python 3.10 has been fixed in 2.14, the current version is 
2.15. The Debian package hasn't seen updates since two years ago, and 
now it's broken. Please update to 2.15 a.s.a.p.!

Bug#1009976: RFS: nginx/1.20.2-1 [Team] -- small, powerful, scalable web/proxy server

[Thomas Ward]

Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "nginx":

* Package name : nginx
Version : 1.20.2-1
Upstream Author : Igor Sysoev
* URL : https://nginx.org
* License : BSD-4-clause, Expat, BSD-2-clause, BSD-3-clause
* Vcs : https://salsa.debian.org/nginx-team/nginx
Section : httpd

The source builds the following binary packages:

nginx - small, powerful, scalable web/proxy server
nginx-doc - small, powerful, scalable web/proxy server - documentation
nginx-common - small, powerful, scalable web/proxy server - common files
nginx-core - nginx web/proxy server (standard version)
nginx-full - nginx web/proxy server (standard version with 3rd parties)
nginx-light - nginx web/proxy server (basic version)
nginx-extras - nginx web/proxy server (extended version)
libnginx-mod-http-geoip - GeoIP HTTP module for Nginx
libnginx-mod-http-geoip2 - GeoIP2 HTTP module for Nginx
libnginx-mod-http-image-filter - HTTP image filter module for Nginx
libnginx-mod-http-xslt-filter - XSLT Transformation module for Nginx
libnginx-mod-mail - Mail module for Nginx
libnginx-mod-stream - Stream module for Nginx
libnginx-mod-stream-geoip - GeoIP Stream module for Nginx
libnginx-mod-stream-geoip2 - GeoIP2 Stream module for Nginx
libnginx-mod-http-perl - Perl module for Nginx
libnginx-mod-http-auth-pam - PAM authentication module for Nginx
libnginx-mod-http-lua - Lua module for Nginx
libnginx-mod-http-ndk - Nginx Development Kit module
libnginx-mod-nchan - Fast, flexible pub/sub server for Nginx
libnginx-mod-http-echo - Bring echo and more shell style goodies to Nginx
libnginx-mod-http-upstream-fair - Nginx Upstream Fair Proxy Load Balancer
libnginx-mod-http-headers-more-filter - Set and clear input and output 
headers for Nginx

libnginx-mod-http-cache-purge - Purge content from Nginx caches
libnginx-mod-http-fancyindex - Fancy indexes module for the Nginx
libnginx-mod-http-uploadprogress - Upload progress system for Nginx
libnginx-mod-http-subs-filter - Substitution filter module for Nginx
libnginx-mod-http-dav-ext - WebDAV missing commands support for Nginx
libnginx-mod-rtmp - RTMP support for Nginx

To access further information about this package, please visit the 
following URL:


https://mentors.debian.net/package/nginx/

Alternatively, you can download the package with 'dget' using this command:

dget -x 
https://mentors.debian.net/debian/pool/main/n/nginx/nginx_1.20.2-1.dsc


Changes since the last upload:

nginx (1.20.2-1) unstable; urgency=medium
.
* This is an NGINX Maintainer Team upload.
* Update to latest upstream Stable version (1.20.2) (Closes: #1008855)
* d/patches/Resolver-fixed-off-by-one-write-in-ngx_resolver
_copy.patch: Drop CVE-2021-23017 patch, as this is fixed in 1.20.1
and we are now using 1.20.2 which already contains the patch.
* Refreshed d/patches/0002-Make-sure-signature-stays-the-same-
in-all-nginx-buil.patch (fuzz thanks to 1.20.2)
* d/conf/mime.types: Update mime.types to more match upstream mime.types
and include upstream changes with mime.types from 1.21.x via nginx.org
mercurial repository versions.
* d/control: Remove self from Uploaders per other Debian devs, who want
that commit to be done by someone on the current uploaders/maintainers
group instead.

Regards,


Thomas

Bug#1009975: O: libgsm -- Shared libraries for GSM speech compressor

[Felix Lechner]

Package: wnpp
Severity: normal

Hi,

This package is low maintenance and now available for your adoption!

Kind regards,
Felix Lechner

Bug#1009974: remmina: Screen resolution is fixed at some 640x480 and will not be changed

[Leos Pohl]

Package: remmina
Version: 1.4.11+dfsg-3
Severity: important

Dear Maintainer,

Any RDP connection initiated from remmina is initiated with 640x480 or
similar low resolution and there is no way to change it. This makes the
package unusable.
   
   * What led up to the situation?
   - connect to any rdp session.
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
 - nothing helps since there is no settings and so any connection
   suffers from this poor resolution. Scaling is not a solution if
   you scale 640x480 to 1920x1080 it is just crap.
   * What was the outcome of this action?
 - unusable package.
   * What outcome did you expect instead?
 - I expect modifiable resolution (not scaling from poor resolution
   upwards)


-- System Information:
Debian Release: 11.3
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-13-amd64 (SMP w/4 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages remmina depends on:
ii  dbus-user-session [default-dbus-session-bus]  1.12.20-2
ii  dbus-x11 [dbus-session-bus]   1.12.20-2
ii  libavahi-client3  0.8-5
ii  libavahi-common3  0.8-5
ii  libavahi-ui-gtk3-00.8-5
ii  libayatana-appindicator3-10.5.5-2
ii  libc6 2.31-13+deb11u3
ii  libcairo2 1.16.0-5
ii  libgcrypt20   1.8.7-6
ii  libglib2.0-0  2.66.8-1
ii  libgtk-3-03.24.24-4+deb11u2
ii  libjson-glib-1.0-01.6.2-1
ii  libpango-1.0-01.46.2-3
ii  libsodium23   1.0.18-1
ii  libsoup2.4-1  2.72.0-2
ii  libssh-4  0.9.5-1+deb11u1
ii  libssl1.1 1.1.1n-0+deb11u1
ii  libvte-2.91-0 0.62.3-1
ii  remmina-common1.4.11+dfsg-3

Versions of packages remmina recommends:
ii  remmina-plugin-rdp 1.4.11+dfsg-3
ii  remmina-plugin-secret  1.4.11+dfsg-3
ii  remmina-plugin-vnc 1.4.11+dfsg-3

Versions of packages remmina suggests:
pn  remmina-plugin-exec 
pn  remmina-plugin-kwallet  
pn  remmina-plugin-nx   
pn  remmina-plugin-spice
pn  remmina-plugin-www  
pn  remmina-plugin-xdmcp

-- no debconf information

Bug#1005396: openjdk-18-jre-headless

[Bastian Germann]

Control: retitle -1 Compatibility issue with openjdk-18
Control: reassign -1 hibiscus

On Sat, 12 Feb 2022 20:49:08 +0100 (CET) Margot Berg  wrote:

Package:  openjdk-18-jre-headless
Version:   18~32ea-1

System:Debian Sid
Kernel:5.15.23
Desktop:  Xfce 4.16

Error message is:
java. lang. UnsupportedOperationException: The Security Manager is deprecated 
and will be removed in a future release

Dear Maintainer,
since the last update of openjdk-18-jre (and openjdk-18-jre-headless) the 
banking program hibiscus 2.10.4, based on jamaica 2.10,
the mentioned error message appears and the program does not start.


Why do you think this is a JRE problem? Obviously, Hibiscus uses a deprecated 
component.
If Hibiscus does not claim Java 18 compatibility, this is not even a bug.
Reassigning to hibiscus.

Bug#1009904: msktutil: invalid argument unwrapping for

[tony mancill]

Hello Max,

Thank you for the bug report.

On Wed, Apr 20, 2022 at 11:30:32AM +, Max Faxälv wrote:
> Package: msktutil
> Version: 1.1
> 
> There is a bug in the crontab execution of msktutil. These scripts are not 
> present in main GitHub repository, so reporting to Debian issue tracker 
> instead.
> 
> /etc/cron.daily/msktutil:
> Error: Unknown parameter (--computer-name mymachine1234 -b 'OU=XX - 
> Office,OU=Workstation Linux,OU=XXX,DC=XXX,DC=XXX,DC=XXX')
> For help, try running msktutil --help
> run-parts: /etc/cron.daily/msktutil exited with return code 1
> 
> The "AUTOUPDATE_OPTIONS" argument seem to fail if you have **more** than 
> **one** option.
> 
> This can be solved by changing:
> 
> > exec /usr/sbin/msktutil --auto-update $AUTOUPDATE_OPTIONS
> 
> to
> 
> > eval "/usr/sbin/msktutil --auto-update $AUTOUPDATE_OPTIONS"
> 
> inside the `/etc/crontab.daily/msktutil` file.
> 
> This bug has been verified to be present on both msktuil 1.0 and 1.1, on both 
> Ubuntu 18.04 and 20.04.

I don't have a suitable test environment for msktutil and would like to
be sure to address your problem with the next upload.  Would you be able
to test quoting $AUTOUPDATE_OPTIONS like so:

  exec /usr/sbin/msktutil --auto-update "$AUTOUPDATE_OPTIONS"

This should avoid the splitting that causing problems for msktutil, and
avoids changing the exec to an eval, which leaves the invoking shell
around for a bit longer.  (Which is admittedly a minor nit, but the eval
doesn't appear to be needed.)

Thank you,
tony

Bug#1009973: nsxiv: cannot load animated webp

[Edgar Yllescas]

Package: nsxiv
Version: 29-2
Severity: normal
Tags: patch


First of all thanks for packaging nsxiv for debian.

as the subject indicates, nsxiv fails to even load animated webp images this is
intended as v29 depends on imlib2 1.7.5 for animated webp support, this reverts
the webp function to the older version that works with 1.7.1, in the future the
plan for nsxiv is to depend on 1.8.0 to handle multi frame images, altho the
change was intended for v30 it is currenlty on hold as it causes performance
regressions.

i tested and the patch works as expected.

>From 407052d02f01ac2a345edc651dc5a791e81eb5fc Mon Sep 17 00:00:00 2001
From: eylles 
Date: Thu, 21 Apr 2022 03:12:24 -0600
Subject: [PATCH] Restore old webp loading

Use webp loading function for imlib2 1.7.1 (and possibly 1.6.9)
This reverts upstream commits:
61da0a8ca9f2a39042f7ef9af63a2dd48057c927
b0b16f1d0ffa550a8358206de844c9cf13f94ada
22ca3b567dd08c0086399221cb1413fa4eb74e2e
3b6db44267438fb0f9d67b3783d3bc6713c3c07f
eccd7de532b09fb738638095675eefc7be96ecc3


---
 README.md |   1 -
 image.c   | 162 +++---
 2 files changed, 104 insertions(+), 59 deletions(-)

diff --git a/README.md b/README.md
index c5028ac..b939366 100644
--- a/README.md
+++ b/README.md
@@ -76,7 +76,6 @@ The following dependencies are optional.
   * libexif : Used for auto-orientation and exif thumbnails.
 Disable via `HAVE_LIBEXIF=0`
   * libwebp : Used for animated webp playback.
-(NOTE: animated webp also requires Imlib2 v1.7.5 or above)
 Disabled via `HAVE_LIBWEBP=0`.

 Please make sure to install the corresponding development packages in case that
diff --git a/image.c b/image.c
index 1c57d27..ade5d1b 100644
--- a/image.c
+++ b/image.c
@@ -135,23 +135,6 @@ void exif_auto_orientate(const fileinfo_t *file)
 }
 #endif

-#if HAVE_LIBGIF || HAVE_LIBWEBP
-static void img_multiframe_context_set(img_t *img)
-{
-   if (img->multi.cnt > 1) {
-   imlib_context_set_image(img->im);
-   imlib_free_image();
-   img->im = img->multi.frames[0].im;
-   } else if (img->multi.cnt == 1) {
-   imlib_context_set_image(img->multi.frames[0].im);
-   imlib_free_image();
-   img->multi.cnt = 0;
-   }
-
-   imlib_context_set_image(img->im);
-}
-#endif
-
 #if HAVE_LIBGIF
 static bool img_load_gif(img_t *img, const fileinfo_t *file)
 {
@@ -315,7 +298,17 @@ static bool img_load_gif(img_t *img, const fileinfo_t 
*file)
if (err && (file->flags & FF_WARN))
error(0, 0, "%s: Corrupted gif file", file->name);

-   img_multiframe_context_set(img);
+   if (img->multi.cnt > 1) {
+   imlib_context_set_image(img->im);
+   imlib_free_image();
+   img->im = img->multi.frames[0].im;
+   } else if (img->multi.cnt == 1) {
+   imlib_context_set_image(img->multi.frames[0].im);
+   imlib_free_image();
+   img->multi.cnt = 0;
+   }
+
+   imlib_context_set_image(img->im);

return !err;
 }
@@ -323,35 +316,60 @@ static bool img_load_gif(img_t *img, const fileinfo_t 
*file)


 #if HAVE_LIBWEBP
-static bool img_load_webp(img_t *img, const fileinfo_t *file)
+static bool is_webp(const char *path)
+{
+   /* The size (in bytes) of the largest amount of data required to verify 
a WebP image. */
+   enum { max = 30 };
+   const unsigned char fmt[max];
+   bool ret = false;
+   FILE *f;
+
+   if ((f = fopen(path, "rb")) != NULL) {
+   if (fread((unsigned char *) fmt, 1, max, f) == max)
+   ret = WebPGetInfo(fmt, max, NULL, NULL);
+   fclose(f);
+   }
+   return ret;
+}
+
+/* fframe   img
+ * NULL NULL  = do nothing
+ * xNULL  = load the first frame as an Imlib_Image
+ * NULL x = load all frames into img->multi.
+ */
+static bool img_load_webp(const fileinfo_t *file, Imlib_Image *fframe, img_t 
*img)
 {
FILE *webp_file;
WebPData data;
+
Imlib_Image im = NULL;
struct WebPAnimDecoderOptions opts;
WebPAnimDecoder *dec = NULL;
struct WebPAnimInfo info;
-   unsigned char *buf = NULL, *bytes = NULL;
+   unsigned char *buf = NULL;
int ts;
const WebPDemuxer *demux;
WebPIterator iter;
unsigned long flags;
unsigned int delay;
bool err = false;
+   data.bytes = NULL;

-   if ((webp_file = fopen(file->path, "rb")) == NULL) {
-   error(0, errno, "%s: Error opening webp image", file->name);
-   return false;
+   if ((err = fframe == NULL && img == NULL))
+   goto fail;
+
+   if ((err = (webp_file = fopen(file->path, "rb")) == NULL)) {
+   error(0, 0, "%s: Error opening webp image", file->name);
+   goto fail;
}
fseek(webp_file, 0L, SEEK_END);
data.size = ftell(webp_file);

Bug#1009972: libvirt: TPM emulation requires swtpm, swtpm_setup and swtpm_ioctl executables

[Laurent Bigonville]

Source: libvirt
Version: 8.2.0-1
Severity: normal

Hello,

TPM emulation requires the swtpm, swtpm_setup and swtpm_ioctl
executables (that are shipped in swtpm and swtpm-tools packages)

But libvirt is not depending on them. A (soft?) dependency should
probably be added

Kind regards,
Laurent Bigonville


-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.17.0-1-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=fr_BE.UTF-8, LC_CTYPE=fr_BE.UTF-8 (charmap=UTF-8), 
LANGUAGE=fr_BE:fr
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: SELinux: enabled - Mode: Permissive - Policy name: refpolicy

Bug#1009971: Our current validation script does not work with html5 files

[Laura Arjona Reina]

Package: www.debian.org
User: www.debian@packages.debian.org
Usertag: scripts
Severity: important

Hi all
I'm starting to work in the bug #980921 (Pages in HTML5) and, as it is mentioned
there, we need to adapt our "validate" script so it correctly processes the
pages declared as HTML5 (currently, only the homepage in the different 
languages).

The current status is following:

Related scripts:

https://salsa.debian.org/webmaster-team/cron/-/blob/master/lessoften executed
once a day, calling (via run-parts) the following script:
https://salsa.debian.org/webmaster-team/cron/-/blob/master/scripts/999Xvalidate
which gets the list of languages and folders to process and then calls:

https://salsa.debian.org/webmaster-team/cron/-/blob/master/scripts/validate

Which is the actual script doing the HTML validation, using the onsgmls command 
(part of opensp package). 

This command validates a SGML file based on a DTD. The issue (as far as I know) 
is that there is no "official" SGML DTD template to use when parsing HTML5 
files.

I have tried adapting the "validate" script to be able to recognize the DOCTYPE 
header used for html5 files, and then tried to pass a DTD (I tried downloading 
the ones here http://sgmljs.net/docs/w3c-html5-dtd.html and here 
http://sgmljs.net/docs/w3c-html52-dtd.html and also here 
https://jkorpela.fi/html5-dtd.html ) but couldn't make it work, and also was 
not convinced it is the better approach.

I've tried to look at what w3c validator uses and they use Nu.checker:

https://validator.w3.org/nu/about.html
https://github.com/validator/validator/releases/latest

But I'm not sure if this is packaged in Debian in any of its flavours.

I have searched https://packages.debian.org/search?keywords=html5 but none of 
the results looks like a commandline tool that we could call instead of onsgmls

So I don't know what to do at this point.

In my local machine, I have downloaded the vnu.jar file from the latest Nu 
checker release " and tried to validate files and it works. But I don't know if 
asking DSA to install openjdk in www-master and include a copy of vnu.jar in 
our cron scripts is good and/or elegant.

Opinions, advice and patches are very welcome.

Meanwhile, I guess we can modify 99Xvalidate to add file exclusions, and 
exclude, for now, /index.*.html and later the few other files we have with 
html5 tags for now. I don't know how to exclude the index.*.html files on top 
folder only and not in subfolders but I guess playing with find -wholename and 
prune will do the treak (if you know, please go ahead).

Kind regards,
-- 
Laura Arjona
https://wiki.debian.org/LauraArjona

Bug#1008849: shiboken2 - shiboken_helpers.cmake breaks with every Python transition

[Yuri D'Elia]

On Thu, Apr 21 2022, Nicholas D Steeves wrote:
> Unfortunately I'm out of time for the near future, but if you'd like I
> can upload an untested 5.15.3 package to experimental for you to test.

I can definitely help testing this.

> To be honest, I won't have time to make the cmake fix for what isn't
> even one of my packages.  Sorry.

Maybe this is something that upstream would be willing to investigate?

(yeah, I know that all the rage now is to have pyenvs within dockers so
you have 20 copies of everything .. so I'm not holding my breath ;))

Bug#1009970: RFP: memray -- Python memory profiler

[Antoine Beaupre]

Package: wnpp
Severity: wishlist

* Package name: memray
  Version : 1.0.3
  Upstream Author : https://github.com/pablogsal and bloomberg
* URL : https://bloomberg.github.io/memray/
* License : Apache 2
  Programming Lang: Python
  Description : Python memory profiler

Memray is a memory profiler for Python. It can track memory
allocations in Python code, in native extension modules, and in the
Python interpreter itself. It can generate several different types of
reports to help you analyze the captured memory usage data. While
commonly used as a CLI tool, it can also be used as a library to
perform more fine-grained profiling tasks.

Notable features:

 * Traces every function call so it can accurately represent the call
   stack, unlike sampling profilers.

 * Also handles native calls in C/C++ libraries so the entire call
   stack is present in the results.

 * Blazing fast! Profiling causes minimal slowdown in the
   application. Tracking native code is somewhat slower, but this can
   be enabled or disabled on demand.

 * It can generate various reports about the collected memory usage
   data, like flame graphs.

 * Works with Python threads.

 * Works with native-threads (e.g. C++ threads in C extensions).

Memray can help with the following problems:

 * Analyze allocations in applications to help discover the cause of
   high memory usage.

 * Find memory leaks.

 * Find hotspots in code which cause a lot of allocations.



There are already other Python profilers in Debian, but this one is
pretty extensive and surprisingly powerful. Flamegraphs, live
debugging, including of native code, doesn't have an equivalent in
Debian right now, as far as I can tell.

Requires libunwind according to the README, which shouldn't be a
problem for us. It does seem to also have JS dependencies which could
be more of a problem, but it's very minimal compared to JS-only
projects.

This should probably be maintained by the Python packaging team, but I
don't have the cycles to spearhead that effort myself.

Bug#1009859: sbuild does not download http(s) .dsc files if libwww-perl is not installed

[Carles Pina i Estany]

Hi,

On Apr/19/2022, Johannes Schauer Marin Rodrigues wrote:
> Hi,
> 
> Quoting Carles Pina i Estany (2022-04-19 13:39:23)

[...]

> I've now added a warning if libwww-perl is missing:
> 
> https://salsa.debian.org/debian/sbuild/-/commit/c510b2f54e0a743d7ba06a630e65d20d8f95118c

I just want to say thank you!

For what is worth there is another place in the same file
(https://salsa.debian.org/debian/sbuild/-/blob/main/lib/Sbuild/Utility.pm#L199)
with the same LWP::UserAgent check. I haven't checked if "download"
function is ever called without a previous call to "check_url" or under
which circumstances.

But for my previous flow what's committed is helpful, thanks again!

-- 
Carles Pina i Estany
https://carles.pina.cat

Bug#1008849: shiboken2 - shiboken_helpers.cmake breaks with every Python transition

[Nicholas D Steeves]

Control: retitle -1 shiboken2 - shiboken_helpers.cmake breaks with every Python 
transition

Disclaimer: I didn't check to see if upstream 5.15.3 fixed this issue.

Yuri D'Elia  writes:

> On Wed, Apr 13 2022, Nicholas D Steeves wrote:
>> I understand, and agree that the issue is real, and that a rebuild is
>> required.  A binNMU is the most expedient solution ;-)  Please read
>> "What are binNMUs?" at the link provided above...
>
> Yes, but I wouldn't call this "expedient", since ...
>

Expedient means fast.  [1. Optionally check what happens locally]
2. Schedule a binNMU.

Unfortunately it won't work in this case.  The pyside2 build currently
in unstable correctly iterated over supported Python versions, and both
libshiboken2-py3-5.15 and libshiboken2-dev contain both Python 3.9 and
3.10 variants...but that's not good enough, because
shiboken_helpers.cmake doesn't appear to support multiple Python
versions, and isn't choosing the right (ie: Debian's python3-default)
version.

Yuri, I see what you mean now, it seems the fastest way to resolve this
would be to statically declare a dependency on python3.10-dev everywhere
in the package, but by doing this the Debian pyside2 package would lose
early detection of FTBFS and failing unit tests with future Python
versions, which means upstream might not receive early enough
notification, which means pyside2 would risk being cut from the next
Debian release if a Python transition happens right before the freeze.
The backported py3.10 support patches already in the pyside2 package are
evidence that the existing approach has value.

[snip]

> Answering this for an hypothetical 3.11 transition, the answer would
> similarly be "likely doesn't matter - it's worth attempting a build and
> hope for the best, because the current version is broken".

And with the above context, your pragmatic point makes sense in a
"perfect is the enemy of the good" sense :-)

Unfortunately your proposed resolution won't solve what now appears to
be the root of the problem: shiboken_helpers.cmake doesn't appear to
support multiple installed Python versions, and will necessarily break
with every Python transition.  It seems to me that that cmake file
should be generated during pyside2's build to enable runtime detection
of the support for all Python versions that were compiled into the
pyside2 libraries.  Alternatively, as a less desirable option, that
cmake file could be modified in override_dh_auto_install (or somewhere
more appropriate) to exclusively support the current python3-default
version.  In both cases, I'm assuming that the compiled py39 and py310
libs are functional.

>> As a general principle, I worry that this would either reduce
>> functionality and/or debugging, or introduce regression potential, so
>> this is not a change I'm willing to make as a team member and not
>> as one of the primary maintainers/uploaders of pyside2.
>
> I understand this. And the documentation around this define is lacking
> as well. Looking at the sources, it does seem to reduce the number of
> exported methods, so it is fair to say we might have users that expect
> the full API to be available and would break if used...

Thank you for your help investigating this option!

Unfortunately I'm out of time for the near future, but if you'd like I
can upload an untested 5.15.3 package to experimental for you to test.
To be honest, I won't have time to make the cmake fix for what isn't
even one of my packages.  Sorry.

Sincerely,
Nicholas


signature.asc
Description: PGP signature

Bug#1009969: openvswitch: FTBFS on riscv64

[vimer]

Source: openvswitch
Version: 2.15.0
Severity: normal

openvswitch FTBFS on riscv64:

| #define HAVE_STRUCT_TCF_T_FIRSTUSE 1
| #define HAVE_TCA_VLAN_PUSH_VLAN_PRIORITY 1
| #define HAVE_TCA_MPLS_TTL 1
| #define HAVE_TCA_TUNNEL_KEY_ENC_TTL 1
| #define HAVE_TCA_PEDIT_KEY_EX_HDR_TYPE_UDP 1
| #define HAVE_TCA_SKBEDIT_FLAGS 1
| #define HAVE_SCTP_CONNTRACK_HEARTBEATS 1
| #define HAVE_VIRTIO_TYPES 1
| #define HAVE_PRAGMA_MESSAGE 1
|
| configure: exit 0

make[1]: *** [debian/rules:170: override_dh_auto_test] Error 1
make[1]: Leaving directory '/<>'
make: *** [debian/rules:9: build-arch] Error 2


The ull build log is available from:

https://buildd.debian.org/status/fetch.php?pkg=openvswitch=riscv64=2.15.0%2Bds1-10=1650281874=0

Bug#1009968: cannot import name 'Mapping' from 'collections' with Python 3.10 -- new upstream version needed

[Eric Marsden]

Package: python3-frozen-flask
Version: 0.11-3.1
Severity: critical

Using this library in Python 3.10 generates an ImportError.

% python3
Python 3.10.4 (main, Apr  2 2022, 09:04:19) [GCC 11.2.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from flask_frozen import Freezer
Traceback (most recent call last):
  File "", line 1, in 
  File "/usr/lib/python3/dist-packages/flask_frozen/__init__.py", line 
29, in 

    from collections import Mapping
ImportError: cannot import name 'Mapping' from 'collections' 
(/usr/lib/python3.10/collections/__init__.py)



Upstream has a version 0.15 available.

Bug#1009658: RFS: ncdu/1.16-0.1 [NMU] -- ncurses disk usage viewer

[Santiago Ruano Rincón]

Hi Christian,

Thanks for preparing this package.

El 13/04/22 a las 20:37, Christian Göttsche escribió:
> Package: sponsorship-requests
> Severity: normal
> X-Debbugs-CC: jac...@debian.org
> 
> Dear mentors,
> 
> I am looking for a sponsor for my package "ncdu":
> 
>  * Package name: ncdu
>Version : 1.16-0.1
>Upstream Author : Yoran Heling 
>  * URL : https://dev.yorhel.nl/ncdu/
>  * License : MIT
>  * Vcs : none
>Section : admin
> 
> The source builds the following binary packages:
> 
>   ncdu - ncurses disk usage viewer
> 
> To access further information about this package, please visit the
> following URL:
> 
>   https://mentors.debian.net/package/ncdu/
> 
> Alternatively, you can download the package with 'dget' using this command:
> 
>   dget -x https://mentors.debian.net/debian/pool/main/n/ncdu/ncdu_1.16-0.1.dsc
> 
> Changes since the last upload:
> 
>  ncdu (1.16-0.1) unstable; urgency=medium

Is it really urgency=medium? low wouldn't fit?

>  .
>* Non-maintainer upload.
>* New upstream version 1.16 (Closes: #996240)
>* d/control:
>  - update build dependencies
>  - bump to debhelper compat 13
>  - bump to std-ver 4.6.0 (no further changes)
>  - set Rules-Requires-Root no
>  - use https homepage address
>* d/patches: cherry-pick upstream commits
>  - Add dark-bg color scheme + enable colors by default if !NO_COLOR
>(Closes: #894380)
...

Eugene tagged #894380 as wontfix:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894380#10
Why do you have another opinion? Is there anything different on
upstream's side that has changed since Eugene's comment?


Have you had any feedback/input from Eugene?

Cheers,

 -- Santiago


signature.asc
Description: PGP signature

Bug#1009967: lintian: improbable-bug-number-in-closes produces incorrect results

[Martin-Éric Racine]

Package: lintian
Version: 2.114.163
Severity: normal

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

The Lintian on mentors.debian.net incorrectly reports:

W: improbable-bug-number-in-closes 1008784

The relevant changelog entry:

Replaces part of the cron job that we used to provide (Closes: #1008784).

That bug report very much exists.

Martin-Éric

- -- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (900, 'unstable')
Architecture: i386 (x86_64)

Kernel: Linux 5.10.0-13-amd64 (SMP w/8 CPU threads)
Locale: LANG=fi_FI.UTF-8, LC_CTYPE=fi_FI.UTF-8 (charmap=UTF-8), LANGUAGE=fi:en
Shell: /bin/sh linked to /bin/dash
Init: unable to detect

Versions of packages lintian depends on:
ii  binutils2.38-3
ii  bzip2   1.0.8-5
ii  diffstat1.64-1
ii  dpkg1.21.7
ii  dpkg-dev1.21.7
ii  file1:5.41-3
ii  gettext 0.21-6
ii  gpg 2.2.27-3+b1
ii  intltool-debian 0.35.0+20060710.5
ii  libapt-pkg-perl 0.1.40+b1
ii  libarchive-zip-perl 1.68-1
ii  libcapture-tiny-perl0.48-1
ii  libclass-xsaccessor-perl1.19-3+b8
ii  libclone-perl   0.45-1+b2
ii  libconfig-tiny-perl 2.28-1
ii  libconst-fast-perl  0.014-1.1
ii  libcpanel-json-xs-perl  4.27-1+b1
ii  libdata-dpath-perl  0.58-1
ii  libdata-validate-domain-perl0.10-1.1
ii  libdata-validate-uri-perl   0.07-2
ii  libdevel-size-perl  0.83-1+b3
pn  libdigest-sha-perl  
ii  libdpkg-perl1.21.7
ii  libemail-address-xs-perl1.04-1+b4
ii  libfile-basedir-perl0.09-1
ii  libfile-find-rule-perl  0.34-1
ii  libfont-ttf-perl1.06-1.1
ii  libhtml-html5-entities-perl 0.004-1.1
ii  libio-interactive-perl  1.023-1
ii  libio-prompt-tiny-perl  0.003-1
ii  libipc-run3-perl0.048-2
ii  libjson-maybexs-perl1.004003-1
ii  liblist-compare-perl0.55-1
ii  liblist-someutils-perl  0.58-1
ii  liblist-utilsby-perl0.11-1
ii  libmoo-perl 2.005004-3
ii  libmoox-aliases-perl0.001006-2
ii  libnamespace-clean-perl 0.27-1
ii  libpath-tiny-perl   0.122-1
ii  libperlio-gzip-perl 0.19-1+b8
ii  libperlio-utf8-strict-perl  0.009-1+b1
ii  libproc-processtable-perl   0.634-1+b1
ii  libsereal-decoder-perl  4.023+ds-1
ii  libsereal-encoder-perl  4.023+ds-1
ii  libsort-versions-perl   1.62-1
ii  libsyntax-keyword-try-perl  0.27-1
ii  libterm-readkey-perl2.38-1+b3
ii  libtext-glob-perl   0.11-2
ii  libtext-levenshteinxs-perl  0.03-4+b9
ii  libtext-markdown-discount-perl  0.13-1+b1
ii  libtext-xslate-perl 3.5.9-1+b1
ii  libtime-duration-perl   1.21-1
ii  libtime-moment-perl 0.44-1+b4
ii  libtimedate-perl2.3300-2
ii  libunicode-utf8-perl0.62-1+b3
ii  liburi-perl 5.10-1
ii  libxml-libxml-perl  2.0207+dfsg+really+2.0134-1
ii  libyaml-libyaml-perl0.83+ds-1+b1
ii  lzip1.23-3
ii  lzop1.04-2
ii  man-db  2.10.2-1
ii  patchutils  0.4.2-1
ii  perl [libencode-perl]   5.34.0-4
ii  t1utils 1.41-4
ii  unzip   6.0-26
ii  xz-utils5.2.5-2.1

lintian recommends no packages.

Versions of packages lintian suggests:
pn  binutils-multiarch 
pn  libtext-template-perl  

- -- no debconf information

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEyJACx3qL7GpObXOQrh+Cd8S017YFAmJhUEUACgkQrh+Cd8S0
17YPgRAAtXhgzpP9rFERKN3RT5aZierIyfSAEg5g/JzaQUDHFoazQLwtTpbzRa2t
+dyCvGAgvvvA6VcKBKtWKRSGt7t+X9OjYeA4eRq/9XpGQAlkstg3d5HxewRaXgfK
GKAreGgu4hvhzkP7etgrSs9+9ykeH1BoAKTYaFylZ3GbyPFHrn1aYm/035XOBgIl
NLOkDR/CvSoIHUmC+u+FB2etrUntbfnD7QVPcpSuMq4rDemztUEV16XFP2koHI9a
Xx/n3mAcVVuAV4SkIY8NUi9Bj+Txthkdpvz0aktTGwNCroX8m9fJEV7tjOvH6pBO
bR36qylMnUL1Ov2CqQiMJdJGV8sVuTFt/+IZlE/ok0pc60uTXM+BUW4/L2AaB7L2
tKSdSGp3R32P0h5XPQMJrG9YYzmyLkOVWU25jTaVE8NExXBjYHjbj1yL5nfsC04l
chqAWj5XWgsHrSLUOEPVhjjFnN4jEDvlyItJxIyLRYcdz18RnBFfV390Jgtu9mrT
pj+ZQiituGkSSqH6x/Sy/y8QUXhu3Npc92CCH/uvW00ri38BxqjZkxAEDJWXbWwx
wYXexNts292NAFELluBKvu4t5argyMT1f73bnuIeNKWT4b7VQAnnKevZIVUmZu/0
KMk2ttWRItaIR2iB5DQ+BWfeeWR8otBixo+zu/zRhb+EZ5FrNN0=
=7yCz
-END PGP SIGNATURE-

Bug#1003817: lintian: fpos for update-debian-copyright

[Martin-Éric Racine]

Package: lintian
Version: 2.114.0
Followup-For: Bug #1003817

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

That one bites me too. 

#
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Upstream-Contact: Martin-Éric Racine 

Files: *
Copyright: © 2004-2022 Martin-Éric Racine 
   © 2004,2012 Christoph Schindler 
   © 2003-2004 Martin Zdrahal 
License: GPL-2+

Files: debian/source_upgrade-system.py
Copyright: © 2011 Brian Murray 
License: GPL-2+

License: GPL-2+
 On Debian systems, the complete text of the GNU General Public License
 can be found in .
#

It apprently catches the file-specific second block and assumes that the 
copyright of the whole package is outdated. The current copyright is correct in 
the first block.

Martin-Éric

- -- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (900, 'unstable')
Architecture: i386 (x86_64)

Kernel: Linux 5.10.0-13-amd64 (SMP w/8 CPU threads)
Locale: LANG=fi_FI.UTF-8, LC_CTYPE=fi_FI.UTF-8 (charmap=UTF-8), LANGUAGE=fi:en
Shell: /bin/sh linked to /bin/dash
Init: unable to detect

Versions of packages lintian depends on:
ii  binutils2.38-3
ii  bzip2   1.0.8-5
ii  diffstat1.64-1
ii  dpkg1.21.7
ii  dpkg-dev1.21.7
ii  file1:5.41-3
ii  gettext 0.21-6
ii  gpg 2.2.27-3+b1
ii  intltool-debian 0.35.0+20060710.5
ii  libapt-pkg-perl 0.1.40+b1
ii  libarchive-zip-perl 1.68-1
ii  libcapture-tiny-perl0.48-1
ii  libclass-xsaccessor-perl1.19-3+b8
ii  libclone-perl   0.45-1+b2
ii  libconfig-tiny-perl 2.28-1
ii  libconst-fast-perl  0.014-1.1
ii  libcpanel-json-xs-perl  4.27-1+b1
ii  libdata-dpath-perl  0.58-1
ii  libdata-validate-domain-perl0.10-1.1
ii  libdata-validate-uri-perl   0.07-2
ii  libdevel-size-perl  0.83-1+b3
pn  libdigest-sha-perl  
ii  libdpkg-perl1.21.7
ii  libemail-address-xs-perl1.04-1+b4
ii  libfile-basedir-perl0.09-1
ii  libfile-find-rule-perl  0.34-1
ii  libfont-ttf-perl1.06-1.1
ii  libhtml-html5-entities-perl 0.004-1.1
ii  libio-interactive-perl  1.023-1
ii  libio-prompt-tiny-perl  0.003-1
ii  libipc-run3-perl0.048-2
ii  libjson-maybexs-perl1.004003-1
ii  liblist-compare-perl0.55-1
ii  liblist-someutils-perl  0.58-1
ii  liblist-utilsby-perl0.11-1
ii  libmoo-perl 2.005004-3
ii  libmoox-aliases-perl0.001006-2
ii  libnamespace-clean-perl 0.27-1
ii  libpath-tiny-perl   0.122-1
ii  libperlio-gzip-perl 0.19-1+b8
ii  libperlio-utf8-strict-perl  0.009-1+b1
ii  libproc-processtable-perl   0.634-1+b1
ii  libsereal-decoder-perl  4.023+ds-1
ii  libsereal-encoder-perl  4.023+ds-1
ii  libsort-versions-perl   1.62-1
ii  libsyntax-keyword-try-perl  0.27-1
ii  libterm-readkey-perl2.38-1+b3
ii  libtext-glob-perl   0.11-2
ii  libtext-levenshteinxs-perl  0.03-4+b9
ii  libtext-markdown-discount-perl  0.13-1+b1
ii  libtext-xslate-perl 3.5.9-1+b1
ii  libtime-duration-perl   1.21-1
ii  libtime-moment-perl 0.44-1+b4
ii  libtimedate-perl2.3300-2
ii  libunicode-utf8-perl0.62-1+b3
ii  liburi-perl 5.10-1
ii  libxml-libxml-perl  2.0207+dfsg+really+2.0134-1
ii  libyaml-libyaml-perl0.83+ds-1+b1
ii  lzip1.23-3
ii  lzop1.04-2
ii  man-db  2.10.2-1
ii  patchutils  0.4.2-1
ii  perl [libencode-perl]   5.34.0-4
ii  t1utils 1.41-4
ii  unzip   6.0-26
ii  xz-utils5.2.5-2.1

lintian recommends no packages.

Versions of packages lintian suggests:
pn  binutils-multiarch 
pn  libtext-template-perl  

- -- no debconf information

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEyJACx3qL7GpObXOQrh+Cd8S017YFAmJhTgsACgkQrh+Cd8S0
17btZQ/+OpZr7lvAFzS5GE70uBBQIVMBG7TWV8WKXTiglBG/5h1gALrIRYVuhK9g
uyGtFlRnMOY4YUTriQ/a1bX4CtaeeCd/dEBnkBDiJgc9TvIWOvvrbt/KortG3OhC
nIRFYjiGz5+fx+7OxDzdBckZwHOFmf+3A4rf2ZxEshwrCgWH6z7n2TFNOPVy2DIP
vgGR34qtMXh4qic26J+iPov4733gUP7qobTH8mHMgFfr1ViJ08tQYl8aqHgYXUdS
A0AQLFXMmEa6iiUKYHiH86ZA4LDB+RnqT0U9W2sGraXp49OiwtTfb4f+0+9k4A+b
grj44Dt8qg8SboOMgLxp5PXwS10AbbfCGCsLp54H3qz0hmc7m6Ef9GLIm6Dnuh1s
wpRZSSP5ZwtW66yynoZ/eBp/o/CiTkPiBgTI0Z+LY1wozoqIk7lE6GWACidt0nCw
D+gn2u2Fx7vKEyH8IXgHV6cgPtvypPrL8saU1/1iXcsnt9PYgRO2U6MEYED74zfQ
OyQZYZWYAohfaOq49ImydOOvB2VRnJOO9j3EiBTiQeoUtzvkIfwsdLzrv4hRVA9F

Bug#1009966: libpam-tacplus: CVE-2016-20014

[Salvatore Bonaccorso]

Source: libpam-tacplus
Version: 1.3.8-2.1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 
Control: found -1 1.3.8-2+deb10u1
Control: found -1 1.3.8-2

Hi,

The following vulnerability was published for libpam-tacplus.

CVE-2016-20014[0]:
| In pam_tacplus.c in pam_tacplus before 1.4.1, pam_sm_acct_mgmt does
| not zero out the arep data structure.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2016-20014
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-20014
[1] 
https://github.com/kravietz/pam_tacplus/commit/e4c00eba70a0f72c4de77b5f072c69708ec2beab

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#1009965: linux-image-5.17.0-1-amd64

[Holger Schröder]

Package: linux-image-5.17.0-1-amd64
Severity: normal

Dear Maintainer,

With kernel linux-image-5.17.0-1-amd64 my DVB-C card does not work anymore,
with 5.16 everything is fine.
But I have no idea why

Multimedia video controller: Conexant Systems, Inc. CX23885 PCI Video and Audio
Decoder (rev 04)


Thanks


-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (100, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.16.0-6-amd64 (SMP w/16 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages linux-image-5.17.0-1-amd64 depends on:
ii  initramfs-tools [linux-initramfs-tool]  0.141
ii  kmod29-1
ii  linux-base  4.8

Versions of packages linux-image-5.17.0-1-amd64 recommends:
pn  apparmor 
ii  firmware-linux-free  20200122-1

Versions of packages linux-image-5.17.0-1-amd64 suggests:
pn  debian-kernel-handbook  
ii  grub-efi-amd64  2.06-2
pn  linux-doc-5.17  

Bug#1009954: gitlab: Cannot install experimental or unstable version due to ruby-omniauth dependency

[Éric Valette]

 On 4/21/22 13:49, Pirate Praveen wrote: 

 

>  
>  
> 2022, ഏപ്രിൽ 21 12:50:58 PM IST, Eric Valette ൽ എഴുതി 
>  
>  
>  
>> 
>>Package: gitlab 
>>   
>> Version: 14.8.5+ds1-3 
>>   
>> Severity: important 
>>   
>>  
>>   
>> Dear Maintainer, 
>>   
>>  
>>   
>> So there is no way to install using experimental as the version of 
>> ruby-omniauth is no more 
>>   
>> even in unstable. 
>>   
>>  
>>  
> Such breakages are expected in unstable during transitions. You might want to 
> use snapshot.debian.org to install older version of ruby-omniauth or install 
> it from rubygems.org 
>  
>  
> 
 

The breakage is there for more than 8 months. I tried to install regularly. 

 

 

> 
>   Installing gitlab from fasttrack.debian.net is recommended to avoid 
> such breakages. 
>  
>  
> 
 

I does not work either if you bstarted from a testing ISO. 

 

> 
>   See wiki.debian.org/gitlab 
>  
>  
> 
 

Been ther done that. No way to make it work. FIX your package dependency. Its 
broken for as long as 1.9.1-1 has been in unstable meaning April 2020 see 
https://tracker.debian.org/pkg/ruby-omniauth 

 

Could you please follow the rules and publish in experimental things that works 
with a debian unstable system. 

 

NB: and of course gitlab from unstable is not working. 

 

 

 

 

> 
>   apt-get -f install 
>  
>  
>  
>> 
>>Reading package lists... Done 
>>   
>> Building dependency tree... Done 
>>   
>> Reading state information... Done 
>>   
>> The following packages were automatically installed and are no longer 
>> required: 
>>   
>>   libmbedcrypto3 libmbedtls12 libmbedx509-0 linux-image-5.16.0-6-amd64 
>> node-array-union node-array-uniq ruby-scientist 
>>   
>>   ruby-securecompare ruby-sshkey 
>>   
>> Use 'apt autoremove' to remove them. 
>>   
>> 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 
>>   
>> 1 not fully installed or removed. 
>>   
>> After this operation, 0 B of additional disk space will be used. 
>>   
>> Setting up gitlab (14.8.5+ds1-3) ... 
>>   
>> Successfully installed graphiql-rails-1.8.0 
>>   
>> Parsing documentation for graphiql-rails-1.8.0 
>>   
>> Done installing documentation for graphiql-rails after 0 seconds 
>>   
>> 1 gem installed 
>>   
>> fatal: not a git repository (or any of the parent directories): .git 
>>   
>> fatal: not a git repository (or any of the parent directories): .git 
>>   
>> Could not find gem 'omniauth (~> 1.8)' in cached gems or installed locally. 
>>   
>>  
>>   
>> The source contains the following gems matching 'omniauth': 
>>   
>>   * omniauth-2.0.4 
>>   
>> dpkg: error processing package gitlab (--configure): 
>>   
>> installed gitlab package post-installation script subprocess returned error 
>> exit status 1 
>>   
>> Errors were encountered while processing: 
>>   
>> gitlab 
>>   
>> E: Sub-process /usr/bin/dpkg returned an error code (1) 
>>   
>>  
>>   
>> apt-cache policy ruby-omniauth 
>>   
>> ruby-omniauth: 
>>   
>>   Installed: 2.0.4-1~exp1 
>>   
>>   Candidate: 2.0.4-1~exp1 
>>   
>>   Version table: 
>>   
>> *** 2.0.4-1~exp1 100 
>>   
>>   1 http://ftp.de.debian.org/debian experimental/main amd64 Packages 
>>   
>>     100 /var/lib/dpkg/status 
>>   
>>  1.9.1-1 500 
>>   
>>     500 http://ftp.de.debian.org/debian unstable/main amd64 Packages 
>>   
>>  1.8.1-1 500 
>>   
>>     500 http://ftp.de.debian.org/debian buster/main amd64 Packages 
>>   
>>  
>>   
>>  
>>   
>> So there is no way to install using experimental. 
>>   
>>  
>>   
>> -- System Information: 
>>   
>> Debian Release: bookworm/sid 
>>   
>>   APT prefers oldstable-updates 
>>   
>>   APT policy: (500, 'oldstable-updates'), (500, 'unstable'), (500, 
>> 'oldstable'), (100, 'bullseye-fasttrack'), (100, 
>> 'bullseye-backports-staging'), (1, 'experimental') 
>>   
>> Architecture: amd64 (x86_64) 
>>   
>>  
>>   
>> Kernel: Linux 5.17.0-trunk-amd64 (SMP w/32 CPU threads; PREEMPT) 
>>   
>> Kernel taint flags: TAINT_FIRMWARE_WORKAROUND 
>>   
>> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: 
>> LC_ALL set to en_US.UTF8), LANGUAGE=en_US:en 
>>   
>> Shell: /bin/sh linked to /usr/bin/dash 
>>   
>> Init: systemd (via /run/systemd/system) 
>>   
>> LSM: AppArmor: enabled 
>>   
>>  
>>   
>> Versions of packages gitlab depends on: 
>>   
>> ii  asciidoctor 2.0.16-2 
>>   
>> ii  bc  1.07.1-3+b1 
>>   
>> ii  bundler 2.3.5-2 
>>   
>> ii  bzip2  

Bug#1009420: irssi is marked for autoremoval from testing

[Rhonda D'Vine]

tags 1009420 + patch
thanks

Hi,

 given the potential autoremoval of irssi we looked into this, irssi
upstream suggested the attached patch which I can confirm to fix the
build.

 Cheers,
Rhonda
-- 
Fühlst du dich mutlos, fass endlich Mut, los  |
Fühlst du dich hilflos, geh raus und hilf, los| Wir sind Helden
Fühlst du dich machtlos, geh raus und mach, los   | 23.55: Alles auf Anfang
Fühlst du dich haltlos, such Halt und lass los|
--- a/tests/regression/client/client.c
+++ b/tests/regression/client/client.c
@@ -29,6 +29,7 @@
 #include 
 #include 
 #include 
+#include 
 
 #include 
 #include 

Bug#1009963: deb-systemd-helper: Misleading error message in "sub enable" if systemctl fails

[Sascha Herrmann]

Package: init-system-helpers
Version: 1.60
Severity: normal
X-Debbugs-Cc: sh-b...@ps.nvbi.de

Dear Maintainer,

the code line 'or error("systemctl preset failed on $scriptname: $!");' prints
some misleading information, if the systemctl command fails and returns an
return value != 0. When using the systemctl package (systemctl-replacement),
some packages fail to setup their service files, systemctl returns the error
code 1 which results in a message like

"/usr/bin/deb-systemd-helper: error: systemctl preset failed on 
keyboard-setup.service: No such file or directory"

The "No such file or directory" is produced by the $! part of the error string,
but $! isn't actually set by the system() call. The wrong (and random) error
messages gives wrong hints, when searching for the root cause of the problem
triggering the failure to install the service file. $! should only be used if
the system() call returned -1.

Thanks,
Sascha


-- System Information:
Debian Release: 11.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-9-amd64 (SMP w/1 CPU thread)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages init-system-helpers depends on:
ii  perl-base  5.32.1-4+deb11u2

init-system-helpers recommends no packages.

init-system-helpers suggests no packages.

Versions of packages init-system-helpers is related to:
pn  insserv  

-- no debconf information

Bug#1008465: #1008465 (python-fabio FTBFS): works for me

[Roland Mas]

Hi,

I was trying to reproduce bug  #1008465 to see if I could fix it, but an 
up-to-date pbuilder and an up-to-date git clone build fine. Maybe 
something changed in the dependencies?


I suggest closing this bug, because python-fabio is marked for 
autoremoval from testing and several packages will be removed as a 
consequence.


Roland.

Bug#1008965: lazygal: Crashes with illegal chars in IPTC keywords

[Alexandre Rossi]

Hi,

> > > UnicodeDecodeError: 'utf-8' codec can't decode byte 0xf6 in position 2: 
> > > invalid
> > > start byte
> > [...]
> > >   File "/usr/lib/python3/dist-packages/lazygal/metadata.py", line 406, in
> > > get_keywords
> > > values = self._metadata.get_tag_multiple(key)
> > > SystemError:  returned a result with an error set
>
> I do not have the same error.
> I have "double free or corruption (out)".
>
> $ exiv2 -g Iptc.Application2.Keywords lazygaltest/sample-bad-iptc-keywords.jpg
> Iptc.Application2.Keywords   String  5  Anton
> Iptc.Application2.Keywords   String  5  Bjrn
> So this is not a bug in exiv2 which correctly ignores the bad char.
>
> The raw tag reads b'Anton\x1c\x1c\x1c\x1cBj\xf6rn'. It is encoded in 
> 'latin-1'.
>
> >>> b'\xf6'.decode('latin-1')
> 'ö'
> >>> 'ö'.encode('utf-8')
> b'\xc3\xb6'
>
> lazygal assumes utf-8 everywhere. I'll see what I can do to ignore this.

This is related to https://gitlab.gnome.org/GNOME/pygobject/-/issues/327 .
I may be wrong by I do not see any obvious way to fix this in lazygal.

Alex

Bug#1009962: src:python-pytest-asyncio: fails to migrate to testing for too long: causes autopkgtest regression

[Paul Gevers]

Source: python-pytest-asyncio
Version: 0.16.0-1
Severity: serious
Control: close -1 0.18.2-1
Tags: sid bookworm
User: release.debian@packages.debian.org
Usertags: out-of-sync
Control: block -1 by 1006736

Dear maintainer(s),

The Release Team considers packages that are out-of-sync between testing 
and unstable for more than 60 days as having a Release Critical bug in 
testing [1]. Your package src:python-pytest-asyncio has been trying to 
migrate for 61 days [2]. Hence, I am filing this bug. The cause of the 
migration failure has been reported in bug #1006736.


If a package is out of sync between unstable and testing for a longer 
period, this usually means that bugs in the package in testing cannot be 
fixed via unstable. Additionally, blocked packages can have impact on 
other packages, which makes preparing for the release more difficult. 
Finally, it often exposes issues with the package and/or
its (reverse-)dependencies. We expect maintainers to fix issues that 
hamper the migration of their package in a timely manner.


This bug will trigger auto-removal when appropriate. As with all new 
bugs, there will be at least 30 days before the package is auto-removed.


I have immediately closed this bug with the version in unstable, so if 
that version or a later version migrates, this bug will no longer affect 
testing. I have also tagged this bug to only affect sid and bookworm, so 
it doesn't affect (old-)stable.


If you believe your package is unable to migrate to testing due to 
issues beyond your control, don't hesitate to contact the Release Team.


Paul

[1] https://lists.debian.org/debian-devel-announce/2020/02/msg5.html
[2] https://qa.debian.org/excuses.php?package=python-pytest-asyncio



OpenPGP_signature
Description: OpenPGP digital signature

Bug#1005500: Bug #1005500: doctest breaks argh build: doctest.h:1398:92: error: use of deleted function

[Drew Parsons]

Control: affects 1005500 src:fenics-basix src:fenics-dolfinx


Fixed upstream with https://github.com/doctest/doctest/pull/634

Bug#1009961: src:ngs-sdk: fails to migrate to testing for too long: autopkgtest issue

[Paul Gevers]

Source: ngs-sdk
Version: 2.11.2-2
Severity: serious
Control: close -1 2.11.2-3
Tags: sid bookworm
User: release.debian@packages.debian.org
Usertags: out-of-sync
Control: block -1 by 1006732

Dear maintainer(s),

The Release Team considers packages that are out-of-sync between testing 
and unstable for more than 60 days as having a Release Critical bug in 
testing [1]. Your package src:ngs-sdk has been trying to migrate for 61 
days [2]. Hence, I am filing this bug. I already filed bug #1006732 
about the blocking issue.


If a package is out of sync between unstable and testing for a longer 
period, this usually means that bugs in the package in testing cannot be 
fixed via unstable. Additionally, blocked packages can have impact on 
other packages, which makes preparing for the release more difficult. 
Finally, it often exposes issues with the package and/or
its (reverse-)dependencies. We expect maintainers to fix issues that 
hamper the migration of their package in a timely manner.


This bug will trigger auto-removal when appropriate. As with all new 
bugs, there will be at least 30 days before the package is auto-removed.


I have immediately closed this bug with the version in unstable, so if 
that version or a later version migrates, this bug will no longer affect 
testing. I have also tagged this bug to only affect sid and bookworm, so 
it doesn't affect (old-)stable.


If you believe your package is unable to migrate to testing due to 
issues beyond your control, don't hesitate to contact the Release Team.


Paul

[1] https://lists.debian.org/debian-devel-announce/2020/02/msg5.html
[2] https://qa.debian.org/excuses.php?package=ngs-sdk



OpenPGP_signature
Description: OpenPGP digital signature

Bug#1009960: composer: CVE-2022-24828 - arbitrary command execution via VcsDriver getFileContent

[Neil Williams]

Source: composer
Version: 2.2.9-1
Severity: important
Tags: security
X-Debbugs-Cc: codeh...@debian.org, Debian Security Team 


Hi,

The following vulnerability was published for composer.

CVE-2022-24828[0]:
| Composer is a dependency manager for the PHP programming language.
| Integrators using Composer code to call `VcsDriver::getFileContent`
| can have a code injection vulnerability if the user can control the
| `$file` or `$identifier` argument. This leads to a vulnerability on
| packagist.org for example where the composer.json's `readme` field can
| be used as a vector for injecting parameters into hg/Mercurial via the
| `$file` argument, or git via the `$identifier` argument if you allow
| arbitrary data there (Packagist does not, but maybe other integrators
| do). Composer itself should not be affected by the vulnerability as it
| does not call `getFileContent` with arbitrary data into
| `$file`/`$identifier`. To the best of our knowledge this was not
| abused, and the vulnerability has been patched on packagist.org and
| Private Packagist within a day of the vulnerability report.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2022-24828
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24828

Please adjust the affected versions in the BTS as needed.



-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.16.0-6-amd64 (SMP w/16 CPU threads; PREEMPT)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#1009959: epiphany-browser: CVE-2022-29536

[Salvatore Bonaccorso]

Source: epiphany-browser
Version: 42.1-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 
Control: found -1 3.38.2-1
Control: found -1 3.32.1.2-3

Hi,

The following vulnerability was published for epiphany-browser.

CVE-2022-29536[0]:
| In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document
| can trigger a client buffer overflow (in ephy_string_shorten in the UI
| process) via a long page title. The issue occurs because the number of
| bytes for a UTF-8 ellipsis character is not properly considered.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2022-29536
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29536
[1] https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1106

Regards,
Salvatore

Bug#1009958: ruby3.0: CVE-2022-28738

[Salvatore Bonaccorso]

Source: ruby3.0
Version: 3.0.3-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for ruby3.0.

CVE-2022-28738[0]:
| Double free in Regexp compilation

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2022-28738
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28738
[1] 
https://www.ruby-lang.org/en/news/2022/04/12/double-free-in-regexp-compilation-cve-2022-28738/

Regards,
Salvatore

Bug#1009956: ruby3.0: CVE-2022-28739

[Salvatore Bonaccorso]

Source: ruby3.0
Version: 3.0.3-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 
Control: clone -1 -2
Control: reassign -2 src:ruby2.7 2.7.5-1
Control: retitle -2 ruby2.7: CVE-2022-28739

Hi,

The following vulnerability was published for ruby3.0 (and older)

CVE-2022-28739[0]:
| Buffer overrun in String-to-Float conversion

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2022-28739
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28739
[1] 
https://www.ruby-lang.org/en/news/2022/04/12/buffer-overrun-in-string-to-float-cve-2022-28739/

Regards,
Salvatore

Bug#1009253: www.debian.org: remove debian-www list from the footer; direct people to the contact page instead

[Justin B Rye]

Paul Wise wrote:
> Hi debian-l10n-english folks,
> 
> I'm looking for advice on how to reword the footer on the Debian
> website. I want to drop debian-www from the contact information in the
> website footer, directing people to the contact page on the website
> instead, which should empower them to find a better contact for their
> enquiry rather than defaulting to the debian-www mailing list.
> 
> Everything I have come up with seems a bit awkward or repetitive to me,
> so I am hoping someone on this list can come up with something better.
> 
> The proposal is in #1009253 and quoted below.
> 
[...]
>> I suggest we replace this text:
>> 
>>    To report a problem with the web site, please e-mail our publicly
>>    archived mailing list debian-...@lists.debian.org in English.
>>    For other contact information, see the Debian contact page.
>> 
>> With text similar to this:
>> 
>>    Getting in contact with Debian is documented on our contact page.

I think my top solution is:

      For information about how to get in touch, see our [contact page].

I spent a while trying to find ways of keeping a theme of "to report
problems, or..." (flagging up the "appropriate channels" part), but
really the simpler it is the better it meshes with the emphasis on
Debian as a friendly community.  You might even want:

      See our [contact page] to get in touch.

-- 
JBR with qualifications in linguistics, experience as a Debian
sysadmin, and probably no clue about this particular package

Bug#1009907: Smbclient error: "Failed to mount Window share: invalid argument"

[Salis, Antonello (NFOD)]

thank you!

smbclient seems to be working fine, but not when called from Nautilus (I 
am right?)

I'll check the solution you proposed.


On 4/20/22 19:02, Michael Tokarev wrote:
> 20.04.2022 19:44, Michael Tokarev wrote:
> ..
>> An interesting find.  I quickly browsed there, but don't immediately 
>> see a
>> solution in there. I'll take a closer look.
>
> This appears to be the fix: 
> https://gitlab.gnome.org/GNOME/gvfs/-/merge_requests/138
> (which is in gnome-vfs).
>
> But does smbclient work for you?
>
> Thanks,
>
> /mjt

Bug#1009955: python3-cssutils: Please package latest version 2.4.0

[Martin]

Source: cssutils
Version: 1.0.2-3
Severity: wishlist

Looks like cssutils moved to a new maintainer and new home:
https://github.com/jaraco/cssutils
Multiple versions have been released since.

Bug#996965: Request for maintainer access to salsa group

[Andreas Tille]

Am Thu, Apr 21, 2022 at 12:32:29AM +0530 schrieb Nilesh Patra:
> If you want to check ftp master's views, please uploade sooner (than later)

Its ready except for bs5.  I'm tempted to remove this functionality (at the
beginning of next week if nobody beats me).

Kind regards

Andreas.

-- 
http://fam-tille.de

Bug#1009865: transition: octave

[Sébastien Villemot]

Le mercredi 20 avril 2022 à 12:06 +0200, Sebastian Ramacher a écrit :
> On 2022-04-19 15:57:14 +0200, Sébastien Villemot wrote:
> > Package: release.debian.org
> > Severity: normal
> > User: release.debian@packages.debian.org
> > Usertags: transition
> > X-Debbugs-Cc: debian-oct...@lists.debian.org
> > 
> > Please schedule a transition for octave. The new major upstream release
> > (7.1.0), currently in experimental, changes the ABI. 
> 
> Please go ahead

Thanks. The new version of octave was uploaded to unstable and built on
all release architectures.

-- 
⢀⣴⠾⠻⢶⣦⠀  Sébastien Villemot
⣾⠁⢠⠒⠀⣿⡁  Debian Developer
⢿⡄⠘⠷⠚⠋⠀  https://sebastien.villemot.name
⠈⠳⣄  https://www.debian.org




signature.asc
Description: This is a digitally signed message part

Bug#1009900: fis-gtm: Multiple CVEs in fis-gtm

[Andreas Tille]

Hi Amul,

in addition to Neil's answer I have the following remarks:

Am Wed, Apr 20, 2022 at 07:55:02PM + schrieb Shah, Amul:
> Hi Andreas,
> In FIS's opinion, the CVE references are not actionable. One must have host 
> access and the ability to modify application source files. Those users are 
> typically database/systems administrators or a MUMPS application developer. 
> We expect that only privileged users have direct access to the host with the 
> application gating access to external users. By itself, GT.M does not confer 
> any extra privileges.
> 
> How long we have to address these CVEs? If immediate, I can back-patch the 
> specific fixes that address the CVEs. I say back patch because V6.3-014 was 
> the last V6 version with a V6 block format database.

I think if this will be the latest V6 version that should be released to
the users than it makes sense to backport the fixes.

> The current V7 GT.M versions do not have an upgrade path to the V7 block 
> format. We do not want to release a GT.M version to debmed without such an 
> upgrade feature. If there is time, then we are working a V7 version with the 
> V6 to V7 block upgrade capability and would like to release that.

I noticed that there is V7 and I think we should work on this until
end of summer.  It has to pass new queue and migrate to testing until
end of the year if it should be part of the next stable release.

Kind regards

   Andreas.

-- 
http://fam-tille.de

Bug#1009954: gitlab: Cannot install experimental or unstable version due to ruby-omniauth dependency

[Eric Valette]

Package: gitlab
Version: 14.8.5+ds1-3
Severity: important

Dear Maintainer,

So there is no way to install using experimental as the version of 
ruby-omniauth is no more
even in unstable.

apt-get -f install
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following packages were automatically installed and are no longer required:
  libmbedcrypto3 libmbedtls12 libmbedx509-0 linux-image-5.16.0-6-amd64 
node-array-union node-array-uniq ruby-scientist
  ruby-securecompare ruby-sshkey
Use 'apt autoremove' to remove them.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
1 not fully installed or removed.
After this operation, 0 B of additional disk space will be used.
Setting up gitlab (14.8.5+ds1-3) ...
Successfully installed graphiql-rails-1.8.0
Parsing documentation for graphiql-rails-1.8.0
Done installing documentation for graphiql-rails after 0 seconds
1 gem installed
fatal: not a git repository (or any of the parent directories): .git
fatal: not a git repository (or any of the parent directories): .git
Could not find gem 'omniauth (~> 1.8)' in cached gems or installed locally.

The source contains the following gems matching 'omniauth':
  * omniauth-2.0.4
dpkg: error processing package gitlab (--configure):
 installed gitlab package post-installation script subprocess returned error 
exit status 1
Errors were encountered while processing:
 gitlab
E: Sub-process /usr/bin/dpkg returned an error code (1)

apt-cache policy ruby-omniauth
ruby-omniauth:
  Installed: 2.0.4-1~exp1
  Candidate: 2.0.4-1~exp1
  Version table:
 *** 2.0.4-1~exp1 100
  1 http://ftp.de.debian.org/debian experimental/main amd64 Packages
100 /var/lib/dpkg/status
 1.9.1-1 500
500 http://ftp.de.debian.org/debian unstable/main amd64 Packages
 1.8.1-1 500
500 http://ftp.de.debian.org/debian buster/main amd64 Packages


So there is no way to install using experimental.

-- System Information:
Debian Release: bookworm/sid
  APT prefers oldstable-updates
  APT policy: (500, 'oldstable-updates'), (500, 'unstable'), (500, 
'oldstable'), (100, 'bullseye-fasttrack'), (100, 'bullseye-backports-staging'), 
(1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.17.0-trunk-amd64 (SMP w/32 CPU threads; PREEMPT)
Kernel taint flags: TAINT_FIRMWARE_WORKAROUND
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_US.UTF8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gitlab depends on:
ii  asciidoctor 2.0.16-2
ii  bc  1.07.1-3+b1
ii  bundler 2.3.5-2
ii  bzip2   1.0.8-5
ii  dbconfig-pgsql  2.0.21
ii  debconf [debconf-2.0]   1.5.79
ii  exim4-daemon-light [mail-transport-age  4.95-5
ii  fonts-font-awesome [node-font-awesome]  5.0.10+really4.7.0~dfsg-4.1
ii  gitlab-common   14.8.5+dfsg-1
ii  gitlab-workhorse14.8.5+ds1-3
ii  katex [node-katex]  0.13.11+~cs6.0.0-3
ii  libjs-bootstrap4 [node-bootstrap]   4.6.1+dfsg1-1
ii  libjs-codemirror [node-codemirror]  5.65.0+~cs5.83.9-1
ii  libjs-pdf [node-pdfjs-dist] 2.6.347+dfsg-3
ii  libjs-popper.js [node-popper.js]1.16.1+ds-5
ii  libruby2.7 [ruby-webrick]   2.7.5-1
ii  libruby3.0 [ruby-rexml] 3.0.3-1
ii  lsb-base11.1.0
ii  nginx   1.18.0-9
ii  nginx-core [nginx]  1.18.0-9
ii  node-autosize   4.0.4~dfsg1+~4.0.0-1
ii  node-axios  0.26.1+dfsg-1
ii  node-babel-loader   8.2.4-1
ii  node-babel-plugin-lodash3.3.4+~cs2.0.1-5
ii  node-babel7 7.17.9+~cs214.260.191-1
ii  node-brace-expansion2.0.1-1
ii  node-cache-loader   4.1.0+~cs2.0.0-2
ii  node-clipboard  2.0.8+ds+~cs9.6.11-1
ii  node-compression-webpack-plugin 6.1.1-1
ii  node-copy-webpack-plugin5.1.2+~cs9.0.2-4
ii  node-core-js3.8.2-3
ii  node-cron-validator 1.3.1-2
ii  node-css-loader 5.2.7+~cs14.0.9-1
ii  node-d3 5.16.0-5
ii  node-d3-scale   2.2.2-4
ii  node-d3-selection   1.4.0-7
ii  node-dateformat 3.0.0-2
ii  node-exports-loader 1.1.1-3
ii  node-file-loader6.2.0-3
ii  node-fuzzaldrin-plus0.6.0+dfsg+~0.6.2-1
ii  node-glob   7.2.1+~cs7.6.15-2
ii  node-imports-loader 0.8.0-5
ii  

Bug#1009900: fis-gtm: Multiple CVEs in fis-gtm

[Neil Williams]

On Wed, 20 Apr 2022 19:55:02 +
"Shah, Amul"  wrote:

> Hi Andreas,
> In FIS's opinion, the CVE references are not actionable.

(The usual term would be "exploitable".) I understand that, the CVEs
arose from fuzz testing, so represent weaknesses, not active attacks.

> One must
> have host access and the ability to modify application source files.
> Those users are typically database/systems administrators or a MUMPS
> application developer. We expect that only privileged users have
> direct access to the host with the application gating access to
> external users. By itself, GT.M does not confer any extra privileges.
> 
> How long we have to address these CVEs? 

I did not set an RC severity, I chose 'important' on the basis of the
description in the upstream issue. There is no specific time limit for
these CVEs - the vulnerabilities are already public, not embargoed
until a set date. The highest severities are reserved for remotely
exploitable CVEs.

For unstable, the best fix would seem to be a new upstream release.
There are multiple CVEs, some CVEs reference multiple commits.

> If immediate, I can
> back-patch the specific fixes that address the CVEs. I say back patch
> because V6.3-014 was the last V6 version with a V6 block format
> database. The current V7 GT.M versions do not have an upgrade path to
> the V7 block format. We do not want to release a GT.M version to
> debmed without such an upgrade feature. If there is time, then we are
> working a V7 version with the V6 to V7 block upgrade capability and
> would like to release that.

Seems sensible.


> 
> Thanks,
> Amul
> 
> -Original Message-
> From: Andreas Tille 
> Sent: Wednesday, April 20, 2022 3:00 PM
> To: Neil Williams ; 1009...@bugs.debian.org;
> Shah, Amul  Subject: Re: Bug#1009900:
> fis-gtm: Multiple CVEs in fis-gtm
> 
> Hi Amul,
> 
> I guess a new upstream version will fix this.  Are you able to prepare
> the latest version?
> 
> Kind regards
> 
>Andreas.
> 
> Am Wed, Apr 20, 2022 at 11:13:31AM +0100 schrieb Neil Williams:
> > Source: fis-gtm
> > Version: 6.3-014-3
> > Severity: important
> > Tags: security
> > X-Debbugs-Cc: codeh...@debian.org, Debian Security Team
> > 
> >
> > Hi,
> >
> > The following vulnerabilities were published for fis-gtm.
> >
> > CVE-2021-44492[0]:
> > | An issue was discovered in YottaDB through r1.32 and V7.0-000 and
> > FIS | GT.M through V7.0-000. Using crafted input, attackers can
> > cause a type | to be incorrectly initialized in the function f_incr
> > in | sr_port/f_incr.c and cause a crash due to a NULL pointer
> > dereference.
> >
> >
> > CVE-2021-44493[1]:
> > | An issue was discovered in YottaDB through r1.32 and V7.0-000 and
> > FIS | GT.M through V7.0-000. Using crafted input, an attacker can
> > cause a | call to $Extract to force an signed integer holding the
> > size of a | buffer to take on a large negative number, which is
> > then used as the | length of a memcpy call that occurs on the
> > stack, causing a buffer | overflow.
> >
> >
> > CVE-2021-44494[2]:
> > | An issue was discovered in YottaDB through r1.32 and V7.0-000 and
> > FIS | GT.M through V7.0-000. Using crafted input, an attacker can
> > cause | calls to ZRead to crash due to a NULL pointer dereference.
> >
> >
> > CVE-2021-44495[3]:
> > | An issue was discovered in YottaDB through r1.32 and V7.0-000 and
> > FIS | GT.M through V7.0-000. Using crafted input, an attacker can
> > cause a | NULL pointer dereference after calls to ZPrint.
> >
> >
> > CVE-2021-44496[4]:
> > | An issue was discovered in FIS GT.M through V7.0-000 (related to
> > the | YottaDB code base). Using crafted input, an attacker can
> > control the | size variable and buffer that is passed to a call to
> > memcpy. An | attacker can use this to overwrite key data structures
> > and gain | control of the flow of execution.
> >
> >
> > CVE-2021-44497[5]:
> > | An issue was discovered in FIS GT.M through V7.0-000 (related to
> > the | YottaDB code base). Using crafted input, can cause the bounds
> > of a for | loop to be miscalculated, which leads to a use after
> > free condition a | pointer is pushed into previously free memory by
> > the loop.
> >
> >
> > CVE-2021-44498[6]:
> > | An issue was discovered in FIS GT.M through V7.0-000 (related to
> > the | YottaDB code base). Using crafted input, attackers can cause
> > a type to | be incorrectly initialized in the function f_incr in
> > sr_port/f_incr.c | and cause a crash due to a NULL pointer
> > dereference.
> >
> >
> > CVE-2021-44499[7]:
> > | An issue was discovered in FIS GT.M through V7.0-000 (related to
> > the | YottaDB code base). Using crafted input, an attacker can
> > cause a call | to $Extract to force an signed integer holding the
> > size of a buffer to | take on a large negative number, which is
> > then used as the length of a | memcpy call that occurs on the
> > stack, causing a buffer overflow.
> >
> >
> > CVE-2021-44500[8]:
> > | An issue was discovered in FIS GT.M