Bug#953487: fixed in runescape 0.7-1
Hi Ivo, > This new version doesn't fix the autobuilding issue: > > https://buildd.debian.org/status/package.php?p=runescape I don't understand how the package still has the autobuilding problem. I did several construction tests via pbuilder and sbuild and there were no problems, as shown in the attached file. :/ > Looking at the package, I also discovered some other issues, which I will file > as separate bugs. Ok, if you can help me with the solution of these problems that you encountered, I would be very grateful. And I will fix it as soon as possible. Thanks! -- ⢀⣴⠾⠻⢶⣦⠀ Carlos Donizete Froes [a.k.a coringao] ⣾⠁⢠⠒⠀⣿⡁ Debian Wiki: https://wiki.debian.org/coringao ⢿⡄⠘⠷⠚⠋⠀ GPG: 4096R/B638B780 ⠈⠳⣄⠀⠀⠀ 2157 630B D441 A775 BEFF D35F FA63 ADA6 B638 B780 sbuild (Debian sbuild) 0.79.0 (05 February 2020) on debian +==+ | runescape 0.7-1 (amd64) Fri, 10 Apr 2020 04:55:06 + | +==+ Package: runescape Version: 0.7-1 Source Version: 0.7-1 Distribution: unstable Machine Architecture: amd64 Host Architecture: amd64 Build Architecture: amd64 Build Type: binary I: NOTICE: Log filtering will replace 'var/run/schroot/mount/unstable-amd64-sbuild-fc24b32c-2ef2-471e-b205-948f47eacc05' with '<>' I: NOTICE: Log filtering will replace 'build/runescape-sc2aq8/resolver-HIG1xG' with '<>' +--+ | Update chroot| +--+ Hit:1 https://deb.debian.org/debian unstable InRelease Reading package lists... W: Download is performed unsandboxed as root as file '/var/lib/apt/lists/partial/deb.debian.org_debian_dists_unstable_InRelease' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied) Reading package lists... Building dependency tree... Reading state information... Calculating upgrade... 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. +--+ | Fetch source files | +--+ Local sources - /home/coringao/sandbox/runescape.pkg/runescape_0.7-1.dsc exists in /home/coringao/sandbox/runescape.pkg; copying to chroot I: NOTICE: Log filtering will replace 'build/runescape-sc2aq8/runescape-0.7' with '<>' I: NOTICE: Log filtering will replace 'build/runescape-sc2aq8' with '<>' +--+ | Install package build dependencies | +--+ Setup apt archive - Merged Build-Depends: debhelper-compat (= 12), default-jdk-headless | default-jdk, build-essential, fakeroot Filtered Build-Depends: debhelper-compat (= 12), default-jdk-headless, build-essential, fakeroot dpkg-deb: building package 'sbuild-build-depends-main-dummy' in '/<>/apt_archive/sbuild-build-depends-main-dummy.deb'. Ign:1 copy:/<>/apt_archive ./ InRelease Get:2 copy:/<>/apt_archive ./ Release [957 B] Ign:3 copy:/<>/apt_archive ./ Release.gpg Get:4 copy:/<>/apt_archive ./ Sources [388 B] Get:5 copy:/<>/apt_archive ./ Packages [466 B] Fetched 1811 B in 0s (69.8 kB/s) Reading package lists... W: Download is performed unsandboxed as root as file '/var/lib/apt/lists/partial/_build_runescape-sc2aq8_resolver-HIG1xG_apt%5farchive_._InRelease' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied) Reading package lists... Install main build dependencies (apt-based resolver) Installing build dependencies Reading package lists... Building dependency tree... Reading state information... The following additional packages will be installed: autoconf automake autopoint autotools-dev bsdmainutils ca-certificates-java debhelper default-jdk-headless default-jre-headless dh-autoreconf dh-strip-nondeterminism dwz file fontconfig-config fonts-dejavu-core gettext gettext-base groff-base intltool-debian java-common libarchive-zip-perl libasound2 libasound2-data libavahi-client3 libavahi-common-data libavahi-common3 libbsd0 libcroco3 libcups2 libdbus-1-3 libdebhelper-perl libelf1 libexpat1 libfile-stripnondeterminism-perl libfontconfig1 libfreetype6 libglib2.0-0 libgssapi-krb5-2 libicu63 libjpeg62-turbo libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblcms2-2 libmagic-mgc libmagic1 libnspr4 libnss3 libpcsclite1 libpipeline1 libpng16-16 libsigsegv2 libsqlite3-0 libsub-override-perl libtool libuchardet0 libx11-6 libx11-data libxau6 libxcb1 libxdmcp6
Bug#956339: unattended-upgrades: regression: packages with conffile prompts are no longer skipped, leading to upgrade failures
Package: unattended-upgrades Version: 2.1 Severity: serious Today I noticed that packages with conffile prompts are no longer skipped, which can lead to upgrade failures because dpkg stdin is not connected to any terminal. I think this is a regression since the work to enable pinning to work with unattended-upgrades. Package installation log: Log started: 2020-04-10 13:09:11 apt-listchanges: Reading changelogs... apt-listchanges: Mailing root: apt-listchanges: changelogs for chianamo apt-listchanges: Reading changelogs... Preparing to unpack .../sgml-base_1.30_all.deb ... Unpacking sgml-base (1.30) over (1.29.1) ... Setting up popularity-contest (1.70) ... Configuration file '/etc/cron.daily/popularity-contest' ==> Modified (by you or by a script) since installation. ==> Package distributor has shipped an updated version. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : start a shell to examine the situation The default action is to keep your current version. *** popularity-contest (Y/I/N/O/D/Z) [default=N] ? dpkg: error processing package popularity-contest (--configure): end of file on stdin at conffile prompt Errors were encountered while processing: popularity-contest -- System Information: Debian Release: bullseye/sid APT prefers testing-debug APT policy: (900, 'testing-debug'), (900, 'testing'), (800, 'unstable-debug'), (800, 'unstable'), (790, 'buildd-unstable'), (700, 'experimental-debug'), (700, 'experimental'), (690, 'buildd-experimental') Architecture: amd64 (x86_64) Kernel: Linux 5.4.0-4-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_FIRMWARE_WORKAROUND, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8), LANGUAGE=en_AU:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages unattended-upgrades depends on: ii debconf [debconf-2.0] 1.5.73 ii lsb-base 11.1.0 ii lsb-release11.1.0 ii python33.8.2-2 ii python3-apt1.9.10 ii python3-dbus 1.2.16-1 ii python3-distro-info0.23 ii ucf3.0038+nmu1 ii xz-utils 5.2.4-1+b1 Versions of packages unattended-upgrades recommends: ii anacron 2.3-29 ii cron [cron-daemon] 3.0pl1-136 ii systemd-sysv244.3-1 Versions of packages unattended-upgrades suggests: ii bsd-mailx 8.1.2-0.20180807cvs-1+b1 ii exim4-daemon-light [mail-transport-agent] 4.93-13 ii needrestart3.5-1 ii powermgmt-base 1.36 ii python3-gi 3.36.0-1 -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Processed: Re: Bug#956324: python-biopython: FTBFS on mipsel
Processing control commands: > forwarded -1 Peter Cock Bug #956324 [src:python-biopython] python-biopython: FTBFS on mipsel Set Bug forwarded-to-address to 'Peter Cock '. -- 956324: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956324 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#956324: python-biopython: FTBFS on mipsel
Control: forwarded -1 Peter Cock Hi Peter, the log that is linked to below says in the end: == ERROR: test_input_filename_with_space (test_ClustalOmega_tool.ClustalOmegaTestNormalConditions) Test an input filename containing a space. -- Traceback (most recent call last): File "/<>/.pybuild/cpython3_3.8/build/Tests/test_ClustalOmega_tool.py", line 175, in test_input_filename_with_space self.standard_test_procedure(cline) File "/<>/.pybuild/cpython3_3.8/build/Tests/test_ClustalOmega_tool.py", line 63, in standard_test_procedure output, error = cline() File "/<>/.pybuild/cpython3_3.8/build/Bio/Application/__init__.py", line 530, in __call__ raise ApplicationError(return_code, str(self), Bio.Application.ApplicationError: Non-zero return code 138 from 'clustalo -i "Clustalw/temp horses.fasta" -o temp_test.aln --outfmt clustal --force', message 'Bus error' == ERROR: test_large_fasta_file (test_ClustalOmega_tool.ClustalOmegaTestNormalConditions) Test a large fasta input file. -- Traceback (most recent call last): File "/<>/.pybuild/cpython3_3.8/build/Tests/test_ClustalOmega_tool.py", line 210, in test_large_fasta_file self.standard_test_procedure(cline) File "/<>/.pybuild/cpython3_3.8/build/Tests/test_ClustalOmega_tool.py", line 63, in standard_test_procedure output, error = cline() File "/<>/.pybuild/cpython3_3.8/build/Bio/Application/__init__.py", line 530, in __call__ raise ApplicationError(return_code, str(self), Bio.Application.ApplicationError: Non-zero return code 138 from 'clustalo -i temp_cw_prot.fasta -o temp_cw_prot.aln --outfmt clustal --force', message 'Bus error' == ERROR: test_newtree_files (test_ClustalOmega_tool.ClustalOmegaTestNormalConditions) Test requesting a guide tree. -- Traceback (most recent call last): File "/<>/.pybuild/cpython3_3.8/build/Tests/test_ClustalOmega_tool.py", line 224, in test_newtree_files self.standard_test_procedure(cline) File "/<>/.pybuild/cpython3_3.8/build/Tests/test_ClustalOmega_tool.py", line 63, in standard_test_procedure output, error = cline() File "/<>/.pybuild/cpython3_3.8/build/Bio/Application/__init__.py", line 530, in __call__ raise ApplicationError(return_code, str(self), Bio.Application.ApplicationError: Non-zero return code 138 from 'clustalo -i Fasta/f002 --guidetree-out temp_test.dnd -o temp_test.aln --outfmt clustal --force', message 'Bus error' -- I'm not sure whether you have any clue about this since it looks rather like a clustalo issue - but I guess you could be interested. Please let us know what you think about this. Kind regards Andreas. On Thu, Apr 09, 2020 at 10:38:04PM +0200, Sebastian Ramacher wrote: > Source: python-biopython > Version: 1.76+dfsg-1 > Severity: serious > Tags: ftbfs sid bullseye > Justification: fails to build from source (but built successfully in the past) > > python-biopython failed to build on mipsel: > https://buildd.debian.org/status/fetch.php?pkg=python-biopython=mipsel=1.76%2Bdfsg-1%2Bb1=1586419338=0 > > Cheers > -- > Sebastian Ramacher > ___ > Debian-med-packaging mailing list > debian-med-packag...@alioth-lists.debian.net > https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-med-packaging -- http://fam-tille.de
Bug#956335: depends on python-pil which is being removed in bullseye (testing)
Package: fretsonfire-game Version: 1.3.110.dfsg2-5 Severity: serious Tags: bullseye Control: block 955776 with -1 Control: clone -1 -2 -3 Control: reassign -2 bkchem 0.13.0-6 Control: reassign -3 impressive 0.12.0-2 Dear maintainers, These packages are currently in bullseye (testing) repository and are blocking src:pillow 7.0.0-4 from migrating there. They depend on obsolete python-pil. https://release.debian.org/britney/update_output.txt """ trying: pillow skipped: pillow (263, 12, 259) got: 27+0: a-6:a-0:a-0:a-0:i-20:m-0:m-0:p-0:s-1 * amd64: bkchem, fretsonfire, fretsonfire-game, impressive, impressive-display """ Regards, Juhani
Processed: depends on python-pil which is being removed in bullseye (testing)
Processing control commands: > block 955776 with -1 Bug #955776 [src:pillow] src:pillow: fails to migrate to testing for too long 955776 was not blocked by any bugs. 955776 was not blocking any bugs. Added blocking bug(s) of 955776: 956335 > clone -1 -2 -3 Bug #956335 [fretsonfire-game] depends on python-pil which is being removed in bullseye (testing) Bug 956335 cloned as bugs 956336-956337 955776 was blocked by: 956335 955776 was not blocking any bugs. Added blocking bug(s) of 955776: 956336 955776 was blocked by: 956335 956336 955776 was not blocking any bugs. Added blocking bug(s) of 955776: 956337 > reassign -2 bkchem 0.13.0-6 Bug #956336 [fretsonfire-game] depends on python-pil which is being removed in bullseye (testing) Bug reassigned from package 'fretsonfire-game' to 'bkchem'. No longer marked as found in versions fretsonfire/1.3.110.dfsg2-5. Ignoring request to alter fixed versions of bug #956336 to the same values previously set Bug #956336 [bkchem] depends on python-pil which is being removed in bullseye (testing) Marked as found in versions bkchem/0.13.0-6. > reassign -3 impressive 0.12.0-2 Bug #956337 [fretsonfire-game] depends on python-pil which is being removed in bullseye (testing) Bug reassigned from package 'fretsonfire-game' to 'impressive'. No longer marked as found in versions fretsonfire/1.3.110.dfsg2-5. Ignoring request to alter fixed versions of bug #956337 to the same values previously set Bug #956337 [impressive] depends on python-pil which is being removed in bullseye (testing) Marked as found in versions impressive/0.12.0-2. -- 955776: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955776 956335: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956335 956336: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956336 956337: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956337 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#955686: cinnamon-control-center: FTBFS: configure: error: Package requirements (gtk+-3.0 >= 3.4.1
reassign 955686 libwacom-dev retitle 955686 missing dep from wacom-dev to gudev found 955686 1.3-1 fixed 955686 1.3-2 close 955686 1.3-2 thanks > > Package 'gudev-1.0', required by 'libwacom', not found Indeed, but this is a bug in libwacom-dev which does not depend on the necessary gudev packages. But they are necessary. The cinnamon code only checks via pkg-config for wacom, and for nothing else. This has been fixed in wacom already (albeit with a different explanation), thus reassigning, tagging and closing this bug. Norbert -- PREINING Norbert https://www.preining.info Accelia Inc. + IFMGA ProGuide + TU Wien + JAIST + TeX Live + Debian Dev GPG: 0x860CDC13 fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13
Processed: Re: Bug#955686: cinnamon-control-center: FTBFS: configure: error: Package requirements (gtk+-3.0 >= 3.4.1
Processing commands for cont...@bugs.debian.org: > reassign 955686 libwacom-dev Bug #955686 [src:cinnamon-control-center] cinnamon-control-center: FTBFS: configure: error: Package requirements (gtk+-3.0 >= 3.4.1 Bug reassigned from package 'src:cinnamon-control-center' to 'libwacom-dev'. No longer marked as found in versions cinnamon-control-center/4.4.0-2. Ignoring request to alter fixed versions of bug #955686 to the same values previously set > retitle 955686 missing dep from wacom-dev to gudev Bug #955686 [libwacom-dev] cinnamon-control-center: FTBFS: configure: error: Package requirements (gtk+-3.0 >= 3.4.1 Changed Bug title to 'missing dep from wacom-dev to gudev' from 'cinnamon-control-center: FTBFS: configure: error: Package requirements (gtk+-3.0 >= 3.4.1'. > found 955686 1.3-1 Bug #955686 [libwacom-dev] missing dep from wacom-dev to gudev Marked as found in versions libwacom/1.3-1. > fixed 955686 1.3-2 Bug #955686 [libwacom-dev] missing dep from wacom-dev to gudev Marked as fixed in versions libwacom/1.3-2. > close 955686 1.3-2 Bug #955686 [libwacom-dev] missing dep from wacom-dev to gudev Ignoring request to alter fixed versions of bug #955686 to the same values previously set Bug #955686 [libwacom-dev] missing dep from wacom-dev to gudev Marked Bug as done > thanks Stopping processing here. Please contact me if you need assistance. -- 955686: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955686 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: py2removal blocks updates - 2020-04-10 03:35:54.372953+00:00
Processing commands for cont...@bugs.debian.org: > # This is an automated script, part of the effort for the removal of Python 2 > from bullseye > # * https://wiki.debian.org/Python/2Removal > # * http://sandrotosi.me/debian/py2removal/index.html > # pycairo > block 937397 by 938595 Bug #937397 [src:pycairo] pycairo: Python2 removal in sid/bullseye 937397 was blocked by: 937544 939103 937339 936212 936107 938581 937452 939114 938593 937448 936228 937404 937447 937405 936531 938583 936611 943104 93 937397 was blocking: 937558 937695 938528 Added blocking bug(s) of 937397: 938595 > # six > block 938492 by 938595 Bug #938492 [src:six] six: Python2 removal in sid/bullseye 938492 was blocked by: 938412 938223 937788 943045 936768 938289 938015 943012 936926 937939 936790 937554 937585 938275 938244 938848 936806 936914 937504 938408 937184 947302 937605 938428 943014 937618 936312 937300 937157 936870 937083 936660 937687 938549 938816 938226 936560 937587 936418 936667 938661 936958 937895 937456 938663 936167 943221 937740 938232 937318 936450 935450 937116 937421 936815 937568 937499 938676 938195 937602 938807 937458 937244 936956 938293 938756 937836 943168 938229 937714 937781 936749 936388 938111 938155 937883 937562 943121 937559 937558 938718 938236 937250 936957 943162 936730 936296 938222 938845 936498 938547 937617 938181 943175 938810 936235 938716 936624 937487 936325 938528 937660 937497 938463 936304 937326 937845 937937 938358 938011 938748 937929 938763 938814 936120 937140 937724 937993 937914 937263 938004 937718 937236 937875 937844 937672 937246 937691 938487 937834 936995 938216 937681 937614 937926 936709 938425 938840 938407 936789 937835 945687 937276 936430 938492 was blocking: 937558 937695 938054 938168 Added blocking bug(s) of 938492: 938595 > # pygobject > block 937448 by 938595 Bug #937448 [src:pygobject] pygobject: Python2 removal in sid/bullseye 937448 was blocked by: 936166 942904 943129 938160 936173 939114 938837 945681 943093 943294 943103 936225 937956 936995 945863 938464 936624 937405 937454 937703 943110 935358 943146 936601 945683 937688 943252 937419 943270 936833 93 936813 936221 936981 938614 943108 943300 943245 938591 938582 942941 938583 883161 936841 937114 936265 938593 936539 937181 943178 939102 938327 938884 936619 938361 938623 936398 936718 943076 943291 938780 937388 936717 938293 942966 939112 938084 938665 939106 936721 942988 936748 943123 942916 926244 938637 938329 937099 938803 936371 938604 936758 937803 937115 943104 942956 938586 938590 943186 938885 943117 938596 936214 937457 945674 939115 945717 938584 937339 943131 938789 936531 936789 937628 938799 938511 945718 936266 939109 936632 942919 936900 943151 939104 936670 937447 937422 943023 943230 943216 937448 was blocking: 936371 937397 937439 937447 937558 937579 937695 938168 942941 943104 Added blocking bug(s) of 937448: 938595 > # python-decorator > block 937694 by 938595 Bug #937694 [src:python-decorator] python-decorator: Python2 removal in sid/bullseye 937694 was blocked by: 938289 937497 937414 938047 938716 938157 938582 937044 947298 937944 936743 937694 was blocking: 937695 938168 Added blocking bug(s) of 937694: 938595 > # python-defaults > block 937695 by 937394 938595 956333 956334 937327 Bug #937695 [src:python-defaults] python-defaults: Python2 removal in sid/bullseye 937695 was blocked by: 937679 937073 937749 938174 936425 943231 937912 936480 937232 938291 936610 937638 936796 937427 937406 943275 937615 938546 938848 937420 938661 936103 937485 926244 936172 936982 936941 937874 938313 936895 937410 937680 935657 937625 953219 936249 945639 938750 942999 937687 945678 942958 938757 945748 937296 936522 937417 938713 936685 943229 938734 937453 938350 937890 937541 938283 938357 936332 937897 934870 938863 937148 936627 937666 936606 938473 936645 937229 938830 938402 937794 936775 942926 937581 938708 938243 938837 936852 937377 943148 936319 936981 938006 936942 938027 937770 937640 937809 936869 938854 936289 937647 938308 938236 936128 936731 938020 936521 93 936729 936511 938010 936118 938505 936539 936294 942944 936993 937389 937275 938268 938586 936578 937137 93 936876 943163 937445 938560 936329 937001 938053 936447 939102 943232 937911 938698 936440 937231 938567 937939 937593 937320 937554 938509 936535 936937 938160 936496 938423 936217 947297 937385 936844 936725 937971 943204 938094 936787 942976 937449 943034 937238 936366 938167 938691 937193 937720 938655 937785 936111 943057 936325 936816 943050 936954 937727 936571 946849 938261 938070 936779 937717 936800 937860 937225 943240 936649 936988 938457 937867 936528 943247 945742 937287 938450 936738 937696 945672 938301 937710 936865 937317 936285 942969 943141 943182 937181 938683 936227 937266 936206 936338 938701 937588 945635 936245 942995 937023 938124 935208 938408 936304 937364 936899 937494 943142 937141 936858 937182 938049 938643
Processed: py2removal bugs severity updates - 2020-04-10 03:35:54.420809+00:00
Processing commands for cont...@bugs.debian.org: > # This is an automated script, part of the effort for the removal of Python 2 > from bullseye > # * https://wiki.debian.org/Python/2Removal > # * http://sandrotosi.me/debian/py2removal/index.html > # See https://lists.debian.org/debian-devel-announce/2019/11/msg0.html > # and https://lists.debian.org/debian-python/2019/12/msg00076.html > # and https://lists.debian.org/debian-python/2020/03/msg00087.html > # mail threads for more details on this severity update > # python-sugar3 is a module and has 0 external rdeps or not in testing > severity 938595 serious Bug #938595 [src:sugar-toolkit-gtk3] sugar-toolkit-gtk3: Python2 removal in sid/bullseye Severity set to 'serious' from 'normal' > End of message, stopping processing here. Please contact me if you need assistance. -- 938595: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=938595 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#954577: marked as done (golang-github-xenolf-lego: FTBFS: dh_auto_test: error: cd _build && go test -vet=off -v -p 4 github.com/go-acme/lego/acme [...] returned exit code 1)
Your message dated Fri, 10 Apr 2020 03:33:37 +
with message-id
and subject line Bug#954577: fixed in golang-github-xenolf-lego 3.2.0-2
has caused the Debian Bug report #954577,
regarding golang-github-xenolf-lego: FTBFS: dh_auto_test: error: cd _build &&
go test -vet=off -v -p 4 github.com/go-acme/lego/acme [...] returned exit code 1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
954577: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954577
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: golang-github-xenolf-lego
Version: 3.2.0-1
Severity: serious
Justification: FTBFS on amd64
Tags: bullseye sid ftbfs
Usertags: ftbfs-20200321 ftbfs-bullseye
Hi,
During a rebuild of all packages in sid, your package failed to build
on amd64.
Relevant part (hopefully):
> make[1]: Entering directory '/<>'
> dh_auto_configure
> set -e -x ;\
> cd _build/src/github.com/go-acme/lego && \
> for P in acmedns alidns auroradns azure bindman cloudflare designate
> dnsimple dnspod exoscale fastdns iij linode linodev4 liquidweb namedotcom
> namesilo ns1 oraclecloud sakuracloud transip vegadns ; do \
> perl -ni -E "print unless m{\b$P\b}"
> providers/dns/dns_providers.go ;\
> rm -rf providers/dns/$P ;\
> done
> + cd _build/src/github.com/go-acme/lego
> + perl -ni -E print unless m{\bacmedns\b} providers/dns/dns_providers.go
> + rm -rf providers/dns/acmedns
> + perl -ni -E print unless m{\balidns\b} providers/dns/dns_providers.go
> + rm -rf providers/dns/alidns
> + perl -ni -E print unless m{\bauroradns\b} providers/dns/dns_providers.go
> + rm -rf providers/dns/auroradns
> + perl -ni -E print unless m{\bazure\b} providers/dns/dns_providers.go
> + rm -rf providers/dns/azure
> + perl -ni -E print unless m{\bbindman\b} providers/dns/dns_providers.go
> + rm -rf providers/dns/bindman
> + perl -ni -E print unless m{\bcloudflare\b} providers/dns/dns_providers.go
> + rm -rf providers/dns/cloudflare
> + perl -ni -E print unless m{\bdesignate\b} providers/dns/dns_providers.go
> + rm -rf providers/dns/designate
> + perl -ni -E print unless m{\bdnsimple\b} providers/dns/dns_providers.go
> + rm -rf providers/dns/dnsimple
> + perl -ni -E print unless m{\bdnspod\b} providers/dns/dns_providers.go
> + rm -rf providers/dns/dnspod
> + perl -ni -E print unless m{\bexoscale\b} providers/dns/dns_providers.go
> + rm -rf providers/dns/exoscale
> + perl -ni -E print unless m{\bfastdns\b} providers/dns/dns_providers.go
> + rm -rf providers/dns/fastdns
> + perl -ni -E print unless m{\biij\b} providers/dns/dns_providers.go
> + rm -rf providers/dns/iij
> + perl -ni -E print unless m{\blinode\b} providers/dns/dns_providers.go
> + rm -rf providers/dns/linode
> + perl -ni -E print unless m{\blinodev4\b} providers/dns/dns_providers.go
> + rm -rf providers/dns/linodev4
> + perl -ni -E print unless m{\bliquidweb\b} providers/dns/dns_providers.go
> + rm -rf providers/dns/liquidweb
> + perl -ni -E print unless m{\bnamedotcom\b} providers/dns/dns_providers.go
> + rm -rf providers/dns/namedotcom
> + perl -ni -E print unless m{\bnamesilo\b} providers/dns/dns_providers.go
> + rm -rf providers/dns/namesilo
> + perl -ni -E print unless m{\bns1\b} providers/dns/dns_providers.go
> + rm -rf providers/dns/ns1
> + perl -ni -E print unless m{\boraclecloud\b} providers/dns/dns_providers.go
> + rm -rf providers/dns/oraclecloud
> + perl -ni -E print unless m{\bsakuracloud\b} providers/dns/dns_providers.go
> + rm -rf providers/dns/sakuracloud
> + perl -ni -E print unless m{\btransip\b} providers/dns/dns_providers.go
> + rm -rf providers/dns/transip
> + perl -ni -E print unless m{\bvegadns\b} providers/dns/dns_providers.go
> + rm -rf providers/dns/vegadns
> make[1]: Leaving directory '/<>'
>dh_auto_build -O--buildsystem=golang -O--builddirectory=_build
> cd _build && go generate -v github.com/go-acme/lego/acme
> github.com/go-acme/lego/acme/api
> github.com/go-acme/lego/acme/api/internal/nonces
> github.com/go-acme/lego/acme/api/internal/secure
> github.com/go-acme/lego/acme/api/internal/sender
> github.com/go-acme/lego/certcrypto github.com/go-acme/lego/certificate
> github.com/go-acme/lego/challenge github.com/go-acme/lego/challenge/dns01
> github.com/go-acme/lego/challenge/http01
> github.com/go-acme/lego/challenge/resolver
> github.com/go-acme/lego/challenge/tlsalpn01 github.com/go-acme/lego/cmd
> github.com/go-acme/lego/cmd/lego github.com/go-acme/lego/internal
> github.com/go-acme/lego/lego github.com/go-acme/lego/log
> github.com/go-acme/lego/platform/config/env
>
Bug#954577: marked as pending in golang-github-xenolf-lego
Control: tag -1 pending Hello, Bug #954577 in golang-github-xenolf-lego reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/go-team/packages/golang-github-xenolf-lego/-/commit/b6a05d1ad09cfb4d4f6501cd58a12412b769dc5a Disabled some unreliable tests (Closes: #954577). (this message was generated automatically) -- Greetings https://bugs.debian.org/954577
Processed: Bug#954577 marked as pending in golang-github-xenolf-lego
Processing control commands: > tag -1 pending Bug #954577 [src:golang-github-xenolf-lego] golang-github-xenolf-lego: FTBFS: dh_auto_test: error: cd _build && go test -vet=off -v -p 4 github.com/go-acme/lego/acme [...] returned exit code 1 Added tag(s) pending. -- 954577: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954577 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#938305: pyxdg: Python2 removal in sid/bullseye - reopen 938305
Control: reopen -1 This bug was closed, but the package has still some dependencies towards Python2 packages, in details: (source:pyxdg)Testsuite-Triggers->python-nose Re-opening, so that they can be taken care of.
Bug#956332: marked as done (python-pip: Binary package python-pip (for Python 2) is no longer being built from the python-pip source package.)
Your message dated Fri, 10 Apr 2020 02:40:07 + with message-id <49fde7e7-cbc0-4a71-a358-5dc47c2f6...@kitterman.com> and subject line Python2 Removal Is Intentional has caused the Debian Bug report #956332, regarding python-pip: Binary package python-pip (for Python 2) is no longer being built from the python-pip source package. to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 956332: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956332 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: python-pip Version: 20.0.2-4 Severity: critical Tags: a11y Justification: breaks unrelated software Dear Maintainer, During a recent apt upgrade, there was conflict reported for binary pacakge python-pip. It's dependancy "python-pip-whl = 18.1-5" was no longer being met. Apparently python-pip-whl had been upgraded to 20.0.2-4, but python-pip was left behind at version 18.1-5. Looking futher into this, is seems like both these packages were builing built from the source package python-pip, but the latest binary version of python-pip was not longer being built from the latest python-pip source package. I understand that python2 is planned for removal, however as long as we have the python 2 interpter available, I think we need to keep the python-pip package available as well. Otherwise, if it is auto-removed by apt because of the broken dependency of python-pip-whl, then all non-debian package and hand installed pip packages become broken. -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 5.4.0-4-amd64 (SMP w/16 CPU cores) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled --- End Message --- --- Begin Message --- This is not a bug. Python2 is no longer supported upstream and we are in the process of removing it. Scott K--- End Message ---
Processed: pyxdg: Python2 removal in sid/bullseye - reopen 938305
Processing control commands:
> reopen -1
Bug #938305 {Done: Andrew Starr-Bochicchio } [src:pyxdg]
pyxdg: Python2 removal in sid/bullseye
'reopen' may be inappropriate when a bug has been closed with a version;
all fixed versions will be cleared, and you may need to re-add them.
Bug reopened
No longer marked as fixed in versions pyxdg/0.26-2.
--
938305: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=938305
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Processed: capstone: Python2 removal in sid/bullseye - reopen 936273
Processing control commands:
> reopen -1
Bug #936273 {Done: Sandro Tosi } [src:capstone] capstone:
Python2 removal in sid/bullseye
'reopen' may be inappropriate when a bug has been closed with a version;
all fixed versions will be cleared, and you may need to re-add them.
Bug reopened
No longer marked as fixed in versions capstone/4.0.1+really+3.0.5-1.1.
--
936273: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=936273
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Processed: python-pylibacl: Python2 removal in sid/bullseye - reopen 938073
Processing control commands:
> reopen -1
Bug #938073 {Done: Sandro Tosi } [src:python-pylibacl]
python-pylibacl: Python2 removal in sid/bullseye
'reopen' may be inappropriate when a bug has been closed with a version;
all fixed versions will be cleared, and you may need to re-add them.
Bug reopened
No longer marked as fixed in versions python-pylibacl/0.5.4-2.
--
938073: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=938073
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Bug#936273: capstone: Python2 removal in sid/bullseye - reopen 936273
Control: reopen -1 This bug was closed, but the package has still some dependencies towards Python2 packages, in details: (source:capstone)Build-Depends->cython Re-opening, so that they can be taken care of.
Bug#938073: python-pylibacl: Python2 removal in sid/bullseye - reopen 938073
Control: reopen -1 This bug was closed, but the package has still some dependencies towards Python2 packages, in details: (source:python-pylibacl)Build-Depends->python-setuptools Re-opening, so that they can be taken care of.
Processed: py2removal bugs severity updates - 2020-04-10 02:36:00.600062+00:00
Processing commands for cont...@bugs.debian.org: > # This is an automated script, part of the effort for the removal of Python 2 > from bullseye > # * https://wiki.debian.org/Python/2Removal > # * http://sandrotosi.me/debian/py2removal/index.html > # See https://lists.debian.org/debian-devel-announce/2019/11/msg0.html > # and https://lists.debian.org/debian-python/2019/12/msg00076.html > # and https://lists.debian.org/debian-python/2020/03/msg00087.html > # mail threads for more details on this severity update > # regina-normal is an application, has low popcon (239 <= 1000), and has 0 > external rdeps or not in testing > severity 938346 serious Bug #938346 [src:regina-normal] regina-normal: Python2 removal in sid/bullseye Severity set to 'serious' from 'normal' > # mirage is an application, has low popcon (984 <= 1000), and has 0 external > rdeps or not in testing > severity 937052 serious Bug #937052 [src:mirage] mirage: Python2 removal in sid/bullseye Severity set to 'serious' from 'normal' > End of message, stopping processing here. Please contact me if you need assistance. -- 937052: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=937052 938346: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=938346 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#954540: marked as done (golang-github-azure-go-autorest: FTBFS: dh_auto_test: error: cd obj-x86_64-linux-gnu && go test -vet=off -v -p 4 [...] returned exit code 1)
Your message dated Fri, 10 Apr 2020 02:34:18 + with message-id and subject line Bug#954540: fixed in golang-github-azure-go-autorest 10.15.5-2 has caused the Debian Bug report #954540, regarding golang-github-azure-go-autorest: FTBFS: dh_auto_test: error: cd obj-x86_64-linux-gnu && go test -vet=off -v -p 4 [...] returned exit code 1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 954540: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954540 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: golang-github-azure-go-autorest Version: 10.15.5-1 Severity: serious Justification: FTBFS on amd64 Tags: bullseye sid ftbfs Usertags: ftbfs-20200321 ftbfs-bullseye Hi, During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part (hopefully): > debian/rules build > dh build --buildsystem=golang --with=golang >dh_update_autotools_config -O--buildsystem=golang >dh_autoreconf -O--buildsystem=golang >dh_auto_configure -O--buildsystem=golang >dh_auto_build -O--buildsystem=golang > cd obj-x86_64-linux-gnu && go install -trimpath -v -p 4 > github.com/Azure/go-autorest/autorest > github.com/Azure/go-autorest/autorest/adal > github.com/Azure/go-autorest/autorest/adal/cmd > github.com/Azure/go-autorest/autorest/azure > github.com/Azure/go-autorest/autorest/azure/auth > github.com/Azure/go-autorest/autorest/azure/cli > github.com/Azure/go-autorest/autorest/azure/example > github.com/Azure/go-autorest/autorest/date > github.com/Azure/go-autorest/autorest/mocks > github.com/Azure/go-autorest/autorest/to > github.com/Azure/go-autorest/autorest/utils > github.com/Azure/go-autorest/autorest/validation > github.com/Azure/go-autorest/logger github.com/Azure/go-autorest/version > runtime/internal/sys > internal/race > runtime/internal/atomic > internal/cpu > sync/atomic > runtime/internal/math > unicode > unicode/utf8 > encoding > math/bits > internal/bytealg > internal/testlog > math > unicode/utf16 > crypto/internal/subtle > crypto/subtle > vendor/golang.org/x/crypto/cryptobyte/asn1 > internal/nettrace > container/list > runtime/cgo > runtime > vendor/golang.org/x/crypto/internal/subtle > github.com/Azure/go-autorest/autorest/to > internal/reflectlite > sync > internal/singleflight > math/rand > errors > sort > internal/oserror > io > strconv > syscall > vendor/golang.org/x/net/dns/dnsmessage > bytes > reflect > strings > bufio > hash > crypto/internal/randutil > time > internal/syscall/unix > crypto > regexp/syntax > crypto/hmac > hash/crc32 > crypto/rc4 > vendor/golang.org/x/crypto/hkdf > vendor/golang.org/x/text/transform > path > regexp > context > internal/poll > encoding/binary > internal/fmtsort > github.com/dimchansky/utfbom > os > encoding/base64 > crypto/cipher > crypto/sha1 > crypto/sha512 > crypto/aes > fmt > crypto/des > crypto/ed25519/internal/edwards25519 > crypto/md5 > crypto/sha256 > encoding/pem > path/filepath > net > io/ioutil > vendor/golang.org/x/crypto/chacha20 > encoding/json > encoding/xml > math/big > encoding/hex > net/url > github.com/Azure/go-autorest/autorest/date > github.com/Azure/go-autorest/version > compress/flate > vendor/golang.org/x/crypto/poly1305 > crypto/rand > crypto/dsa > crypto/elliptic > encoding/asn1 > crypto/rsa > crypto/ed25519 > compress/gzip > vendor/golang.org/x/sys/cpu > crypto/ecdsa > crypto/x509/pkix > vendor/golang.org/x/crypto/cryptobyte > vendor/golang.org/x/crypto/chacha20poly1305 > vendor/golang.org/x/crypto/curve25519 > log > vendor/golang.org/x/text/unicode/norm > vendor/golang.org/x/net/http2/hpack > vendor/golang.org/x/text/unicode/bidi > mime > vendor/golang.org/x/text/secure/bidirule > mime/quotedprintable > net/http/internal > flag > golang.org/x/crypto/pkcs12/internal/rc2 > vendor/golang.org/x/net/idna > os/user > os/exec > crypto/x509 > net/textproto > vendor/golang.org/x/net/http/httpproxy > vendor/golang.org/x/net/http/httpguts > mime/multipart > github.com/mitchellh/go-homedir > github.com/Azure/go-autorest/autorest/validation > github.com/dgrijalva/jwt-go > crypto/tls > golang.org/x/crypto/pkcs12 > net/http/httptrace > net/http > github.com/Azure/go-autorest/logger > net/http/cookiejar > github.com/Azure/go-autorest/autorest/mocks > github.com/Azure/go-autorest/autorest/adal > github.com/Azure/go-autorest/autorest/adal/cmd > github.com/Azure/go-autorest/autorest/azure/cli > github.com/Azure/go-autorest/autorest > github.com/Azure/go-autorest/autorest/azure > github.com/Azure/go-autorest/autorest/azure/auth > github.com/Azure/go-autorest/autorest/utils >
Processed: Bug#954540 marked as pending in golang-github-azure-go-autorest
Processing control commands: > tag -1 pending Bug #954540 [src:golang-github-azure-go-autorest] golang-github-azure-go-autorest: FTBFS: dh_auto_test: error: cd obj-x86_64-linux-gnu && go test -vet=off -v -p 4 [...] returned exit code 1 Added tag(s) pending. -- 954540: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954540 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#954540: marked as pending in golang-github-azure-go-autorest
Control: tag -1 pending Hello, Bug #954540 in golang-github-azure-go-autorest reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/go-team/packages/golang-github-azure-go-autorest/-/commit/bca29821a0c128254944e803c11626020269d8ef Disabled few failing tests (Closes: #954540). (this message was generated automatically) -- Greetings https://bugs.debian.org/954540
Bug#954696: marked as done (golang-github-hashicorp-go-plugin: FTBFS: src/github.com/hashicorp/go-plugin/internal/plugin/grpc_broker.pb.go:107:7: undefined: grpc.ClientConnInterface)
Your message dated Fri, 10 Apr 2020 01:33:47 + with message-id and subject line Bug#954696: fixed in golang-github-hashicorp-go-plugin 1.0.1-2 has caused the Debian Bug report #954696, regarding golang-github-hashicorp-go-plugin: FTBFS: src/github.com/hashicorp/go-plugin/internal/plugin/grpc_broker.pb.go:107:7: undefined: grpc.ClientConnInterface to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 954696: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954696 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: golang-github-hashicorp-go-plugin Version: 1.0.1-1 Severity: serious Justification: FTBFS on amd64 Tags: bullseye sid ftbfs Usertags: ftbfs-20200322 ftbfs-bullseye Hi, During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part (hopefully): > debian/rules build > dh build --buildsystem=golang --with=golang >dh_update_autotools_config -O--buildsystem=golang >dh_autoreconf -O--buildsystem=golang >dh_auto_configure -O--buildsystem=golang >dh_auto_build -O--buildsystem=golang > cd obj-x86_64-linux-gnu && go generate -v > github.com/hashicorp/go-plugin github.com/hashicorp/go-plugin/internal/plugin > github.com/hashicorp/go-plugin/test/grpc > src/github.com/hashicorp/go-plugin/client.go > src/github.com/hashicorp/go-plugin/client_posix_test.go > src/github.com/hashicorp/go-plugin/client_test.go > src/github.com/hashicorp/go-plugin/discover.go > src/github.com/hashicorp/go-plugin/error.go > src/github.com/hashicorp/go-plugin/error_test.go > src/github.com/hashicorp/go-plugin/grpc_broker.go > src/github.com/hashicorp/go-plugin/grpc_client.go > src/github.com/hashicorp/go-plugin/grpc_client_test.go > src/github.com/hashicorp/go-plugin/grpc_controller.go > src/github.com/hashicorp/go-plugin/grpc_server.go > src/github.com/hashicorp/go-plugin/log_entry.go > src/github.com/hashicorp/go-plugin/mtls.go > src/github.com/hashicorp/go-plugin/mux_broker.go > src/github.com/hashicorp/go-plugin/plugin.go > src/github.com/hashicorp/go-plugin/plugin_test.go > src/github.com/hashicorp/go-plugin/process.go > src/github.com/hashicorp/go-plugin/process_posix.go > src/github.com/hashicorp/go-plugin/protocol.go > src/github.com/hashicorp/go-plugin/rpc_client.go > src/github.com/hashicorp/go-plugin/rpc_client_test.go > src/github.com/hashicorp/go-plugin/rpc_server.go > src/github.com/hashicorp/go-plugin/server.go > src/github.com/hashicorp/go-plugin/server_mux.go > src/github.com/hashicorp/go-plugin/server_test.go > src/github.com/hashicorp/go-plugin/stream.go > src/github.com/hashicorp/go-plugin/testing.go > src/github.com/hashicorp/go-plugin/internal/plugin/gen.go > src/github.com/hashicorp/go-plugin/internal/plugin/grpc_broker.pb.go > src/github.com/hashicorp/go-plugin/internal/plugin/grpc_controller.pb.go > src/github.com/hashicorp/go-plugin/test/grpc/gen.go > src/github.com/hashicorp/go-plugin/test/grpc/test.pb.go > cd obj-x86_64-linux-gnu && go install -trimpath -v -p 4 > github.com/hashicorp/go-plugin github.com/hashicorp/go-plugin/internal/plugin > github.com/hashicorp/go-plugin/test/grpc > internal/race > runtime/internal/sys > internal/cpu > runtime/internal/atomic > sync/atomic > runtime/internal/math > unicode > unicode/utf8 > internal/bytealg > math/bits > crypto/internal/subtle > math > crypto/subtle > internal/testlog > runtime > unicode/utf16 > container/list > vendor/golang.org/x/crypto/cryptobyte/asn1 > internal/nettrace > vendor/golang.org/x/crypto/internal/subtle > runtime/cgo > encoding > internal/reflectlite > sync > internal/singleflight > google.golang.org/grpc/internal/grpcsync > math/rand > errors > sort > io > internal/oserror > strconv > vendor/golang.org/x/net/dns/dnsmessage > syscall > bytes > hash > bufio > crypto > reflect > strings > crypto/internal/randutil > crypto/hmac > time > internal/syscall/unix > crypto/rc4 > vendor/golang.org/x/crypto/hkdf > regexp/syntax > hash/crc32 > html > vendor/golang.org/x/text/transform > context > internal/poll > path > regexp > text/tabwriter > os > google.golang.org/grpc/internal/grpcrand > google.golang.org/grpc/encoding > encoding/binary > internal/fmtsort > google.golang.org/grpc/internal/backoff > golang.org/x/text/transform > google.golang.org/grpc/keepalive > fmt > crypto/cipher > crypto/sha512 > crypto/ed25519/internal/edwards25519 > crypto/des > crypto/aes > crypto/md5 > math/big > crypto/sha1 > crypto/sha256 > encoding/hex > encoding/base64 > path/filepath > encoding/pem > net > io/ioutil > net/url > vendor/golang.org/x/crypto/chacha20 >
Bug#956332: python-pip: Binary package python-pip (for Python 2) is no longer being built from the python-pip source package.
Source: python-pip Version: 20.0.2-4 Severity: critical Tags: a11y Justification: breaks unrelated software Dear Maintainer, During a recent apt upgrade, there was conflict reported for binary pacakge python-pip. It's dependancy "python-pip-whl = 18.1-5" was no longer being met. Apparently python-pip-whl had been upgraded to 20.0.2-4, but python-pip was left behind at version 18.1-5. Looking futher into this, is seems like both these packages were builing built from the source package python-pip, but the latest binary version of python-pip was not longer being built from the latest python-pip source package. I understand that python2 is planned for removal, however as long as we have the python 2 interpter available, I think we need to keep the python-pip package available as well. Otherwise, if it is auto-removed by apt because of the broken dependency of python-pip-whl, then all non-debian package and hand installed pip packages become broken. -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 5.4.0-4-amd64 (SMP w/16 CPU cores) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Processed: Bug#954696 marked as pending in golang-github-hashicorp-go-plugin
Processing control commands: > tag -1 pending Bug #954696 [src:golang-github-hashicorp-go-plugin] golang-github-hashicorp-go-plugin: FTBFS: src/github.com/hashicorp/go-plugin/internal/plugin/grpc_broker.pb.go:107:7: undefined: grpc.ClientConnInterface Added tag(s) pending. -- 954696: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954696 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#954696: marked as pending in golang-github-hashicorp-go-plugin
Control: tag -1 pending Hello, Bug #954696 in golang-github-hashicorp-go-plugin reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/go-team/packages/golang-github-hashicorp-go-plugin/-/commit/1929778569ade37ed518532179617637d85004a1 Disabled "test/grpc" tests (Closes: #954696). (this message was generated automatically) -- Greetings https://bugs.debian.org/954696
Bug#938484: marked as done (simplejson: Python2 removal in sid/bullseye)
Your message dated Fri, 10 Apr 2020 00:20:40 + with message-id and subject line Bug#938484: fixed in simplejson 3.17.0-1 has caused the Debian Bug report #938484, regarding simplejson: Python2 removal in sid/bullseye to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 938484: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=938484 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:simplejson Version: 3.16.0-2 Severity: normal Tags: sid bullseye User: debian-pyt...@lists.debian.org Usertags: py2removal Python2 becomes end-of-live upstream, and Debian aims to remove Python2 from the distribution, as discussed in https://lists.debian.org/debian-python/2019/07/msg00080.html Your package either build-depends, depends on Python2, or uses Python2 in the autopkg tests. Please stop using Python2, and fix this issue by one of the following actions. - Convert your Package to Python3. This is the preferred option. In case you are providing a Python module foo, please consider dropping the python-foo package, and only build a python3-foo package. Please don't drop Python2 modules, which still have reverse dependencies, just document them. This is the preferred option. - If the package is dead upstream, cannot be converted or maintained in Debian, it should be removed from the distribution. If the package still has reverse dependencies, raise the severity to "serious" and document the reverse dependencies with the BTS affects command. If the package has no reverse dependencies, confirm that the package can be removed, reassign this issue to ftp.debian.org, make sure that the bug priority is set to normal and retitle the issue to "RM: PKG -- removal triggered by the Python2 removal". - If the package has still many users (popcon >= 300), or is needed to build another package which cannot be removed, document that by adding the "py2keep" user tag (not replacing the py2remove tag), using the debian-pyt...@lists.debian.org user. Also any dependencies on an unversioned python package (python, python-dev) must not be used, same with the python shebang. These have to be replaced by python2/python2.7 dependencies and shebang. This is the least preferred option. If the conversion or removal needs action on another package first, please document the blocking by using the BTS affects command, like affects + src:simplejson If there is no py2removal bug for that reverse-dependency, please file a bug on this package (similar to this bug report). If there are questions, please refer to the wiki page for the removal: https://wiki.debian.org/Python/2Removal, or ask for help on IRC #debian-python, or the debian-pyt...@lists.debian.org mailing list. --- End Message --- --- Begin Message --- Source: simplejson Source-Version: 3.17.0-1 Done: Sandro Tosi We believe that the bug you reported is fixed in the latest version of simplejson, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 938...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sandro Tosi (supplier of updated simplejson package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 09 Apr 2020 20:08:02 -0400 Source: simplejson Architecture: source Version: 3.17.0-1 Distribution: unstable Urgency: medium Maintainer: Debian Python Modules Team Changed-By: Sandro Tosi Closes: 938484 Changes: simplejson (3.17.0-1) unstable; urgency=medium . [ Ondřej Nový ] * Bump Standards-Version to 4.4.1. . [ Debian Janitor ] * Bump debhelper from old 9 to 12. * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository, Repository-Browse. . [ Thomas Goirand ] * Team upload. * New upstream release. * Ran wrap-and-sort -bastk. * Removed Python 2 support (Closes: #938484). * Add myself as uploader. . [ Sandro Tosi ] * Complete drop of python2 support; Closes: #938484 * Fix doc installation Checksums-Sha1: fa5047ebc87f5326f548d8914b83a8cc23b1a325 2319 simplejson_3.17.0-1.dsc d04766cc5e0259477eeb391adc8ddf39ca2c4ff9 83119 simplejson_3.17.0.orig.tar.gz
Processed: Bug#938484 marked as pending in simplejson
Processing control commands: > tag -1 pending Bug #938484 [src:simplejson] simplejson: Python2 removal in sid/bullseye Ignoring request to alter tags of bug #938484 to the same tags previously set -- 938484: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=938484 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#938484: marked as pending in simplejson
Control: tag -1 pending Hello, Bug #938484 in simplejson reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/python-team/modules/simplejson/-/commit/c3125af0759a0e0e46d02e4909205ab7d6b6b48d Complete drop of python2 support; Closes: #938484 (this message was generated automatically) -- Greetings https://bugs.debian.org/938484
Bug#890075: marked as done (ruby-http ftbfs (test failures with 2.5))
Your message dated Thu, 09 Apr 2020 21:49:44 + with message-id and subject line Bug#890075: fixed in ruby-http 4.4.1-1 has caused the Debian Bug report #890075, regarding ruby-http ftbfs (test failures with 2.5) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 890075: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890075 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:ruby-http Version: 2.2.2-1 Severity: serious ruby-http ftbfs for 2.5, but not for 2.3 in unstable: Failures: 1) HTTP.via anonymous proxy ssl responds with the endpoint's body Failure/Error: @socket.connect OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3/TLS write finished: sslv3 alert unsupported certificate # ./lib/http/timeout/null.rb:26:in `connect' # ./lib/http/timeout/null.rb:26:in `connect_ssl' # ./lib/http/timeout/null.rb:35:in `start_tls' # ./lib/http/connection.rb:158:in `start_tls' # ./lib/http/connection.rb:44:in `initialize' # ./lib/http/client.rb:60:in `new' # ./lib/http/client.rb:60:in `perform' # ./lib/http/client.rb:41:in `request' # ./lib/http/chainable.rb:19:in `get' # ./spec/lib/http_spec.rb:115:in `block (5 levels) in ' # /usr/lib/ruby/vendor_ruby/rspec/core/example.rb:254:in `instance_exec' # /usr/lib/ruby/vendor_ruby/rspec/core/example.rb:254:in `block in run' # /usr/lib/ruby/vendor_ruby/rspec/core/example.rb:500:in `block in with_around_and_singleton_context_hooks' # /usr/lib/ruby/vendor_ruby/rspec/core/example.rb:457:in `block in with_around_example_hooks' # /usr/lib/ruby/vendor_ruby/rspec/core/hooks.rb:466:in `block in run' # /usr/lib/ruby/vendor_ruby/rspec/core/hooks.rb:604:in `run_around_example_hooks_for' # /usr/lib/ruby/vendor_ruby/rspec/core/hooks.rb:466:in `run' # /usr/lib/ruby/vendor_ruby/rspec/core/example.rb:457:in `with_around_example_hooks' # /usr/lib/ruby/vendor_ruby/rspec/core/example.rb:500:in `with_around_and_singleton_context_hooks' # /usr/lib/ruby/vendor_ruby/rspec/core/example.rb:251:in `run' # /usr/lib/ruby/vendor_ruby/rspec/core/example_group.rb:628:in `block in run_examples' # /usr/lib/ruby/vendor_ruby/rspec/core/example_group.rb:624:in `map' # /usr/lib/ruby/vendor_ruby/rspec/core/example_group.rb:624:in `run_examples' # /usr/lib/ruby/vendor_ruby/rspec/core/example_group.rb:590:in `run' # /usr/lib/ruby/vendor_ruby/rspec/core/example_group.rb:591:in `block in run' # /usr/lib/ruby/vendor_ruby/rspec/core/example_group.rb:591:in `map' # /usr/lib/ruby/vendor_ruby/rspec/core/example_group.rb:591:in `run' # /usr/lib/ruby/vendor_ruby/rspec/core/example_group.rb:591:in `block in run' # /usr/lib/ruby/vendor_ruby/rspec/core/example_group.rb:591:in `map' # /usr/lib/ruby/vendor_ruby/rspec/core/example_group.rb:591:in `run' # /usr/lib/ruby/vendor_ruby/rspec/core/example_group.rb:591:in `block in run' # /usr/lib/ruby/vendor_ruby/rspec/core/example_group.rb:591:in `map' # /usr/lib/ruby/vendor_ruby/rspec/core/example_group.rb:591:in `run' # /usr/lib/ruby/vendor_ruby/rspec/core/runner.rb:118:in `block (3 levels) in run_specs' # /usr/lib/ruby/vendor_ruby/rspec/core/runner.rb:118:in `map' # /usr/lib/ruby/vendor_ruby/rspec/core/runner.rb:118:in `block (2 levels) in run_specs' # /usr/lib/ruby/vendor_ruby/rspec/core/configuration.rb:1926:in `with_suite_hooks' # /usr/lib/ruby/vendor_ruby/rspec/core/runner.rb:113:in `block in run_specs' # /usr/lib/ruby/vendor_ruby/rspec/core/reporter.rb:79:in `report' # /usr/lib/ruby/vendor_ruby/rspec/core/runner.rb:112:in `run_specs' # /usr/lib/ruby/vendor_ruby/rspec/core/runner.rb:87:in `run' # /usr/lib/ruby/vendor_ruby/rspec/core/runner.rb:71:in `run' # /usr/lib/ruby/vendor_ruby/rspec/core/runner.rb:45:in `invoke' # /usr/bin/rspec:4:in `' 2) HTTP.via anonymous proxy ssl ignores credentials Failure/Error: @socket.connect OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3/TLS write finished: sslv3 alert unsupported certificate # ./lib/http/timeout/null.rb:26:in `connect' # ./lib/http/timeout/null.rb:26:in `connect_ssl' # ./lib/http/timeout/null.rb:35:in `start_tls' # ./lib/http/connection.rb:158:in `start_tls' # ./lib/http/connection.rb:44:in `initialize' # ./lib/http/client.rb:60:in `new' # ./lib/http/client.rb:60:in `perform' # ./lib/http/client.rb:41:in `request' # ./lib/http/chainable.rb:19:in `get'
Bug#956094: marked as done (earlyoom FTBFS on 32bit)
Your message dated Thu, 09 Apr 2020 21:03:56 + with message-id and subject line Bug#956094: fixed in earlyoom 1.5-2 has caused the Debian Bug report #956094, regarding earlyoom FTBFS on 32bit to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 956094: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956094 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: earlyoom Version: 1.5-1 Severity: serious Tags: ftbfs fixed-upstream patch Forwarded: https://github.com/rfjakob/earlyoom/pull/180 Control: block 952210 by -1 https://buildd.debian.org/status/package.php?p=earlyoom ... debian/rules override_dh_auto_test make[1]: Entering directory '/<>' HOME=$PWD go test -v # _/<> [_/<>.test] ./testsuite_cli_test.go:71:48: constant 2147483648 overflows int ./testsuite_cli_test.go:72:50: constant 4294967296 overflows int FAIL_/<> [build failed] make[1]: *** [debian/rules:26: override_dh_auto_test] Error 2 --- End Message --- --- Begin Message --- Source: earlyoom Source-Version: 1.5-2 Done: Yangfl We believe that the bug you reported is fixed in the latest version of earlyoom, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 956...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Yangfl (supplier of updated earlyoom package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 08 Apr 2020 12:33:10 +0800 Source: earlyoom Architecture: source Version: 1.5-2 Distribution: unstable Urgency: medium Maintainer: Yangfl Changed-By: Yangfl Closes: 956094 Changes: earlyoom (1.5-2) unstable; urgency=medium . * Fix FTBFS on 32-bit architectures (Closes: #956094) Checksums-Sha1: 0245aca3e6c9e4c14b7cea3f0ef047658641707e 1943 earlyoom_1.5-2.dsc ac6fc128b028cef1d47c658de6ae2daf0fe912fd 4960 earlyoom_1.5-2.debian.tar.xz c4f5b578f71c8f97d0501661d8d7149c358376c7 5915 earlyoom_1.5-2_amd64.buildinfo Checksums-Sha256: 1565d1d31372514f1225cb7cea976adc2ac11e8557988f708b02f6ce95037ade 1943 earlyoom_1.5-2.dsc 40f12d2f092c7be75501f9434c5c66f21f62c9a0427b208db79738a4ebf0b4ab 4960 earlyoom_1.5-2.debian.tar.xz d2470f378e51766033647eba30accac357f9ddec3e9129d767080b22a2008c0f 5915 earlyoom_1.5-2_amd64.buildinfo Files: 7d98c6b9f37044d6224c441c968c1735 1943 admin optional earlyoom_1.5-2.dsc 10a2a0f61e9465f709f4eb12bb6c314c 4960 admin optional earlyoom_1.5-2.debian.tar.xz cd44acb71016373e5aa5a8fc32d8dd06 5915 admin optional earlyoom_1.5-2_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEfncpR22H1vEdkazLwpPntGGCWs4FAl6Phl0ACgkQwpPntGGC Ws47zBAAlK9UOVsMPBWeXTKaMT2+pUltL4UGB7/m61n0YlOJOIGFmXvQ8KbEx5X5 iB6k9neP7v8Y+CogKd+PxF8SumStcv/X2PwX8IrZT+G/VHTEFIuhFIm8R56ZYA36 E47Ut+VLcXklsoUGQfTCMsOHapFPkZgHG2rLDhNSC+ZHAmVKCmWAdJoBR0CAmcO2 cUHwkNcRSFLUgXyMfKymGI0WdOm/dueWwuwr0yXIIDQapyURLLMbPKAZm61TuQGx urRCY7OlckEiWV13SJMNAquHZHRWoxoz3egHtf7wyXK6Bccadhpq/oWoDWhnmrFz i1cCuib110IHMfjUXwEBtJZ8r2jN1Lr7DlPaLuj2daW/hrZcUXpogvxoPC0GZlhh DS67YbP4LBPS62MTD0IFn8QDRbe7LQSYdg0DE4VfeaGSTEwyBj+ttl2YwGA85VRy LuFbJiVGEWkRRLWCqKdMwMtmyGvPXrgfKoia+k8ifOHeT4dQs4DJMA7R4or0D4n4 0cUURKAUm/tSO4YPU3qEjj3cvBcAhN7N5D1/EU9FHpd71CRlHK3xZM1YLM2GIC+w nW4YZo8ZWjTwmWk/vtvXD8TAVfN+h/QkwFykL6dQPCyuEcF/PJ223vSGqm0pedrh B8s7HvnVcv/RFtPF9dtGXvbmue7S3N4NifYFX2W4B+q1/95CzhI= =Jl+l -END PGP SIGNATURE End Message ---
Bug#951926: marked as done (mwic: FTBFS: dh_auto_test: error: make -j4 test returned exit code 2)
Your message dated Thu, 09 Apr 2020 20:37:36 + with message-id and subject line Bug#951926: fixed in mwic 0.7.8-1 has caused the Debian Bug report #951926, regarding mwic: FTBFS: dh_auto_test: error: make -j4 test returned exit code 2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 951926: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951926 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: mwic Version: 0.7.7-1 Severity: serious Justification: FTBFS on amd64 Tags: buster sid Usertags: ftbfs-20200222 ftbfs-buster Hi, During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part (hopefully): > make[1]: Entering directory '/<>' > python3 tests/run-tests --verbose > tests/alice.exp ... ok > tests/multiword-a-e.exp ... ok > tests/multiword-a-h.exp ... ok > tests/multiword-a-o.exp ... ok > tests/multiword-a-u.exp ... ok > tests/multiword-a-x.exp ... ok > tests/multiword-a.k.a.exp ... ok > tests/multiword-allow-to.exp ... ok > tests/multiword-allow...@en-gb.exp ... FAIL > tests/multiword-also-also.exp ... ok > tests/multiword-amount-of-times.exp ... ok > tests/multiword-an-other.exp ... ok > tests/multiword-an-u.exp ... ok > tests/multiword-awhile.exp ... ok > tests/multiword-be-be.exp ... ok > tests/multiword-be-consisted-of.exp ... ok > tests/multiword-be-disable.exp ... ok > tests/multiword-be-enable.exp ... ok > tests/multiword-be-ran.exp ... ok > tests/multiword-be-suppose.exp ... ok > tests/multiword-blu-ray.exp ... ok > tests/multiword-can-not.exp ... ok > tests/multiword-comprised-of.exp ... ok > tests/multiword-dont-user.exp ... ok > tests/multiword-e.g.exp ... ok > tests/multiword-e.t.c.exp ... ok > tests/multiword-each-others.exp ... ok > tests/multiword-easy-of.exp ... ok > tests/multiword-else-then.exp ... ok > tests/multiword-even-tough.exp ... ok > tests/multiword-fist-time.exp ... ok > tests/multiword-gpl.exp ... ok > tests/multiword-...@en-gb.exp ... FAIL > tests/multiword-is-t.exp ... ok > tests/multiword-iso.exp ... ok > tests/multiword-it-us.exp ... ok > tests/multiword-its-not.exp ... ok > tests/multiword-its-own.exp ... ok > tests/multiword-its.exp ... ok > tests/multiword-know-as.exp ... ok > tests/multiword-let-s.exp ... ok > tests/multiword-lots-of.exp ... ok > tests/multiword-none-existent.exp ... ok > tests/multiword-none-the-less.exp ... ok > tests/multiword-nt-not.exp ... ok > tests/multiword-oh-well.exp ... ok > tests/multiword-per-say.exp ... ok > tests/multiword-rational-for.exp ... ok > tests/multiword-should-of.exp ... ok > tests/multiword-since-than.exp ... ok > tests/multiword-sneak-peak.exp ... ok > tests/multiword-some-times.exp ... ok > tests/multiword-t-he.exp ... ok > tests/multiword-the-the.exp ... ok > tests/multiword-to-extend.exp ... ok > tests/multiword-worst-than.exp ... ok > tests/no-d...@und.exp ... ok > tests.test_camel_case.test_tokenizer ... ok > tests.test_colors.test_control_characters ... ok > tests.test_colors.test_escape_safe ... ok > tests.test_extdict.test_lintian ... ok > tests.test_extdict.test_lintian_case ... ok > tests.test_extdict.test_codespell ... ok > tests.test_extdict.test_kde ... ok > tests.test_extdict.test_plain ... ok > tests.test_trim.test_ltrim ... ok > tests.test_trim.test_rtrim ... ok > tests.test_version.test_changelog ... ok > tests.test_version.test_manpage ... ok > > == > FAIL: tests/multiword-allow...@en-gb.exp > -- > Traceback (most recent call last): > File "/<>/tests/../tests/test_blackbox.py", line 120, in _test > _test_text(self.path) > File "/<>/tests/../tests/test_blackbox.py", line 84, in > _test_text > assert_multi_line_equal(expected, text) > AssertionError: "allo[43 chars]thorise to:\n| I authorise to go.\n > ^^^[569 chars]\n\n" != "allo[43 chars]thorize to:\n| I authorize to go.\n >^^^[569 chars]\n\n" > allow to: > | I allow to go. > > > - authorise to: > ?^ > + authorize to: > ?^ > - | I authorise to go. > ?^ > + | I authorize to go. > ?^ > > > permit to: > | I permit to go. > ^ > > allowing to: > | I'm allowing to go. > ^^^ > > - authorising to: > ?^ > + authorizing to: > ?^ > - | I'm authorising to go. > ? ^ > + | I'm authorizing to go. > ? ^ > ^^ > > allows to: > | It allows to go. >
Bug#946288: marked as done (Tests are failing)
Your message dated Thu, 09 Apr 2020 20:37:36 + with message-id and subject line Bug#951926: fixed in mwic 0.7.8-1 has caused the Debian Bug report #951926, regarding Tests are failing to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 951926: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951926 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: mwic Version: 0.7.7-1 The autopkgtest are currently failing https://ci.debian.net/packages/m/mwic/unstable/amd64/ --- End Message --- --- Begin Message --- Source: mwic Source-Version: 0.7.8-1 Done: Georg Faerber We believe that the bug you reported is fixed in the latest version of mwic, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 951...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Georg Faerber (supplier of updated mwic package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 09 Apr 2020 19:57:20 + Source: mwic Architecture: source Version: 0.7.8-1 Distribution: unstable Urgency: medium Maintainer: Debian Python Modules Team Changed-By: Georg Faerber Closes: 946288 951142 951926 Changes: mwic (0.7.8-1) unstable; urgency=medium . [ Georg Faerber ] * New upstream version 0.7.8. (Closes: #951142) * d/control: - Use my debian.org mail address. * d/u/signing-key.asc: - Use minimal key export, remove useless signatures to make lintian happy. . [ Christian Göttsche ] * d/control: - Bump Standards-Version to 4.5.0, no changes required. - Move to debhelper compat level 12. - Add dependency on hunspell-en-gb to fix current FTBFS situation. (Closes: #946288, #951926) * d/rules: - Fail on not-installed files. * d/salsa-ci.yml: - Add standard salsa-ci configuration. Checksums-Sha1: fd32635d2af1d9af16075fe147a9eed20492c0fe 1717 mwic_0.7.8-1.dsc 35b35a507de8722c516a6693109396e221832e26 36210 mwic_0.7.8.orig.tar.gz 4386d8a3bffbffd4b6fa4bbdec2ecda7bab3da0b 833 mwic_0.7.8.orig.tar.gz.asc 47dca5a3f0626bb320f307bdf0bfadae952b466c 5284 mwic_0.7.8-1.debian.tar.xz 74108491209d587151f45ede61723e8cf3e78a2b 5827 mwic_0.7.8-1_amd64.buildinfo Checksums-Sha256: 39345acb8122cd9fc585ef1cabb6719c9607f438a9f32e4cbe2b41ec64c7d943 1717 mwic_0.7.8-1.dsc 1d8cb1c1e15c1d775de69fab585e1470a95ea572dd521fd98543949d7efcd05a 36210 mwic_0.7.8.orig.tar.gz 12da34cdaa6b92893733019098f30760bbabbbcdcedec18a21e4e055b12c54a9 833 mwic_0.7.8.orig.tar.gz.asc 0c3bdd3a28d1ab217ed2dfc2e662f3cc797f965ea017b2586054895a57a48efe 5284 mwic_0.7.8-1.debian.tar.xz 228c2d60cc14072f80ed3a56f7a0ec17132367970e028cb0e0f61f735d5fbd42 5827 mwic_0.7.8-1_amd64.buildinfo Files: 6c42618dc13e6bb31d0f58dc70ae4ec5 1717 devel optional mwic_0.7.8-1.dsc 572da36719d71e359868e02aab18779e 36210 devel optional mwic_0.7.8.orig.tar.gz a5d0d8493e9ffad0a06256da212702ab 833 devel optional mwic_0.7.8.orig.tar.gz.asc 36c9852c40e990e1fe568e391304f412 5284 devel optional mwic_0.7.8-1.debian.tar.xz 27d40f42c5bc596b11eff381dc628b21 5827 devel optional mwic_0.7.8-1_amd64.buildinfo -BEGIN PGP SIGNATURE- iHUEARYIAB0WIQTEfr/MTlfp/DLKNABGG+5dJAqekQUCXo+AJgAKCRBGG+5dJAqe kVaEAQCVHc7JpwnOgpheEtl7gHUIQtNZYj47x9YYe3WOe4TzzwEAxPpLssVUmMqS tGYTbPZqLToyjK10YePCY7VO/IaFwAI= =vH2P -END PGP SIGNATURE End Message ---
Bug#951926: marked as done (mwic: FTBFS: dh_auto_test: error: make -j4 test returned exit code 2)
Your message dated Thu, 09 Apr 2020 20:37:36 + with message-id and subject line Bug#946288: fixed in mwic 0.7.8-1 has caused the Debian Bug report #946288, regarding mwic: FTBFS: dh_auto_test: error: make -j4 test returned exit code 2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 946288: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946288 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: mwic Version: 0.7.7-1 Severity: serious Justification: FTBFS on amd64 Tags: buster sid Usertags: ftbfs-20200222 ftbfs-buster Hi, During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part (hopefully): > make[1]: Entering directory '/<>' > python3 tests/run-tests --verbose > tests/alice.exp ... ok > tests/multiword-a-e.exp ... ok > tests/multiword-a-h.exp ... ok > tests/multiword-a-o.exp ... ok > tests/multiword-a-u.exp ... ok > tests/multiword-a-x.exp ... ok > tests/multiword-a.k.a.exp ... ok > tests/multiword-allow-to.exp ... ok > tests/multiword-allow...@en-gb.exp ... FAIL > tests/multiword-also-also.exp ... ok > tests/multiword-amount-of-times.exp ... ok > tests/multiword-an-other.exp ... ok > tests/multiword-an-u.exp ... ok > tests/multiword-awhile.exp ... ok > tests/multiword-be-be.exp ... ok > tests/multiword-be-consisted-of.exp ... ok > tests/multiword-be-disable.exp ... ok > tests/multiword-be-enable.exp ... ok > tests/multiword-be-ran.exp ... ok > tests/multiword-be-suppose.exp ... ok > tests/multiword-blu-ray.exp ... ok > tests/multiword-can-not.exp ... ok > tests/multiword-comprised-of.exp ... ok > tests/multiword-dont-user.exp ... ok > tests/multiword-e.g.exp ... ok > tests/multiword-e.t.c.exp ... ok > tests/multiword-each-others.exp ... ok > tests/multiword-easy-of.exp ... ok > tests/multiword-else-then.exp ... ok > tests/multiword-even-tough.exp ... ok > tests/multiword-fist-time.exp ... ok > tests/multiword-gpl.exp ... ok > tests/multiword-...@en-gb.exp ... FAIL > tests/multiword-is-t.exp ... ok > tests/multiword-iso.exp ... ok > tests/multiword-it-us.exp ... ok > tests/multiword-its-not.exp ... ok > tests/multiword-its-own.exp ... ok > tests/multiword-its.exp ... ok > tests/multiword-know-as.exp ... ok > tests/multiword-let-s.exp ... ok > tests/multiword-lots-of.exp ... ok > tests/multiword-none-existent.exp ... ok > tests/multiword-none-the-less.exp ... ok > tests/multiword-nt-not.exp ... ok > tests/multiword-oh-well.exp ... ok > tests/multiword-per-say.exp ... ok > tests/multiword-rational-for.exp ... ok > tests/multiword-should-of.exp ... ok > tests/multiword-since-than.exp ... ok > tests/multiword-sneak-peak.exp ... ok > tests/multiword-some-times.exp ... ok > tests/multiword-t-he.exp ... ok > tests/multiword-the-the.exp ... ok > tests/multiword-to-extend.exp ... ok > tests/multiword-worst-than.exp ... ok > tests/no-d...@und.exp ... ok > tests.test_camel_case.test_tokenizer ... ok > tests.test_colors.test_control_characters ... ok > tests.test_colors.test_escape_safe ... ok > tests.test_extdict.test_lintian ... ok > tests.test_extdict.test_lintian_case ... ok > tests.test_extdict.test_codespell ... ok > tests.test_extdict.test_kde ... ok > tests.test_extdict.test_plain ... ok > tests.test_trim.test_ltrim ... ok > tests.test_trim.test_rtrim ... ok > tests.test_version.test_changelog ... ok > tests.test_version.test_manpage ... ok > > == > FAIL: tests/multiword-allow...@en-gb.exp > -- > Traceback (most recent call last): > File "/<>/tests/../tests/test_blackbox.py", line 120, in _test > _test_text(self.path) > File "/<>/tests/../tests/test_blackbox.py", line 84, in > _test_text > assert_multi_line_equal(expected, text) > AssertionError: "allo[43 chars]thorise to:\n| I authorise to go.\n > ^^^[569 chars]\n\n" != "allo[43 chars]thorize to:\n| I authorize to go.\n >^^^[569 chars]\n\n" > allow to: > | I allow to go. > > > - authorise to: > ?^ > + authorize to: > ?^ > - | I authorise to go. > ?^ > + | I authorize to go. > ?^ > > > permit to: > | I permit to go. > ^ > > allowing to: > | I'm allowing to go. > ^^^ > > - authorising to: > ?^ > + authorizing to: > ?^ > - | I'm authorising to go. > ? ^ > + | I'm authorizing to go. > ? ^ > ^^ > > allows to: > | It allows to go. >
Bug#946288: marked as done (Tests are failing)
Your message dated Thu, 09 Apr 2020 20:37:36 + with message-id and subject line Bug#946288: fixed in mwic 0.7.8-1 has caused the Debian Bug report #946288, regarding Tests are failing to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 946288: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946288 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: mwic Version: 0.7.7-1 The autopkgtest are currently failing https://ci.debian.net/packages/m/mwic/unstable/amd64/ --- End Message --- --- Begin Message --- Source: mwic Source-Version: 0.7.8-1 Done: Georg Faerber We believe that the bug you reported is fixed in the latest version of mwic, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 946...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Georg Faerber (supplier of updated mwic package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 09 Apr 2020 19:57:20 + Source: mwic Architecture: source Version: 0.7.8-1 Distribution: unstable Urgency: medium Maintainer: Debian Python Modules Team Changed-By: Georg Faerber Closes: 946288 951142 951926 Changes: mwic (0.7.8-1) unstable; urgency=medium . [ Georg Faerber ] * New upstream version 0.7.8. (Closes: #951142) * d/control: - Use my debian.org mail address. * d/u/signing-key.asc: - Use minimal key export, remove useless signatures to make lintian happy. . [ Christian Göttsche ] * d/control: - Bump Standards-Version to 4.5.0, no changes required. - Move to debhelper compat level 12. - Add dependency on hunspell-en-gb to fix current FTBFS situation. (Closes: #946288, #951926) * d/rules: - Fail on not-installed files. * d/salsa-ci.yml: - Add standard salsa-ci configuration. Checksums-Sha1: fd32635d2af1d9af16075fe147a9eed20492c0fe 1717 mwic_0.7.8-1.dsc 35b35a507de8722c516a6693109396e221832e26 36210 mwic_0.7.8.orig.tar.gz 4386d8a3bffbffd4b6fa4bbdec2ecda7bab3da0b 833 mwic_0.7.8.orig.tar.gz.asc 47dca5a3f0626bb320f307bdf0bfadae952b466c 5284 mwic_0.7.8-1.debian.tar.xz 74108491209d587151f45ede61723e8cf3e78a2b 5827 mwic_0.7.8-1_amd64.buildinfo Checksums-Sha256: 39345acb8122cd9fc585ef1cabb6719c9607f438a9f32e4cbe2b41ec64c7d943 1717 mwic_0.7.8-1.dsc 1d8cb1c1e15c1d775de69fab585e1470a95ea572dd521fd98543949d7efcd05a 36210 mwic_0.7.8.orig.tar.gz 12da34cdaa6b92893733019098f30760bbabbbcdcedec18a21e4e055b12c54a9 833 mwic_0.7.8.orig.tar.gz.asc 0c3bdd3a28d1ab217ed2dfc2e662f3cc797f965ea017b2586054895a57a48efe 5284 mwic_0.7.8-1.debian.tar.xz 228c2d60cc14072f80ed3a56f7a0ec17132367970e028cb0e0f61f735d5fbd42 5827 mwic_0.7.8-1_amd64.buildinfo Files: 6c42618dc13e6bb31d0f58dc70ae4ec5 1717 devel optional mwic_0.7.8-1.dsc 572da36719d71e359868e02aab18779e 36210 devel optional mwic_0.7.8.orig.tar.gz a5d0d8493e9ffad0a06256da212702ab 833 devel optional mwic_0.7.8.orig.tar.gz.asc 36c9852c40e990e1fe568e391304f412 5284 devel optional mwic_0.7.8-1.debian.tar.xz 27d40f42c5bc596b11eff381dc628b21 5827 devel optional mwic_0.7.8-1_amd64.buildinfo -BEGIN PGP SIGNATURE- iHUEARYIAB0WIQTEfr/MTlfp/DLKNABGG+5dJAqekQUCXo+AJgAKCRBGG+5dJAqe kVaEAQCVHc7JpwnOgpheEtl7gHUIQtNZYj47x9YYe3WOe4TzzwEAxPpLssVUmMqS tGYTbPZqLToyjK10YePCY7VO/IaFwAI= =vH2P -END PGP SIGNATURE End Message ---
Bug#956324: python-biopython: FTBFS on mipsel
Source: python-biopython Version: 1.76+dfsg-1 Severity: serious Tags: ftbfs sid bullseye Justification: fails to build from source (but built successfully in the past) python-biopython failed to build on mipsel: https://buildd.debian.org/status/fetch.php?pkg=python-biopython=mipsel=1.76%2Bdfsg-1%2Bb1=1586419338=0 Cheers -- Sebastian Ramacher signature.asc Description: PGP signature
Bug#956323: sunpy: FTBFS on armel
Source: sunpy Version: 1.1.1-2 Severity: serious Tags: ftbfs sid bullseye sunpy failed to build on armel: https://buildd.debian.org/status/fetch.php?pkg=sunpy=armel=1.1.1-2=1582144052=0 Cheers -- Sebastian Ramacher signature.asc Description: PGP signature
Bug#955456: marked as done (FTBFS: test file tmp_test_filters.h5 does not exist)
Your message dated Thu, 09 Apr 2020 19:48:39 + with message-id and subject line Bug#955456: fixed in bitshuffle 0.3.5-3.1 has caused the Debian Bug report #955456, regarding FTBFS: test file tmp_test_filters.h5 does not exist to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 955456: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955456 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: bitshuffle Version: 0.3.5-3 Severity: serious Justification: FTBFS Control: block 954654 by -1 bitshuffle fails to build against hdf5: 1.10.6+repack-1, because tmp_test_filters.h5 does not exist OSError: Unable to open file (unable to open file: name = 'tmp_test_filters.h5', errno = 2, error message = 'No such file or directory', flags = 0, o_flags = 0) The test filename 'tmp_test_filters.h5' is hardcoded in l.26 of bitshuffle/tests/test_h5filter.py -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.4.0-4-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE=en_AU:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages bitshuffle depends on: ii cython30.29.14-0.1+b1 ii libc6 2.30-4 ii libgomp1 10-20200324-1 ii libhdf5-openmpi-1031.10.4+repack-11 ii python33.8.2-2 iu python3-h5py 2.10.0-5 ii python3-numpy 1:1.17.4-5 ii python3-pkg-resources 44.0.0-1 bitshuffle recommends no packages. bitshuffle suggests no packages. --- End Message --- --- Begin Message --- Source: bitshuffle Source-Version: 0.3.5-3.1 Done: Gilles Filippini We believe that the bug you reported is fixed in the latest version of bitshuffle, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 955...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Gilles Filippini (supplier of updated bitshuffle package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 07 Apr 2020 20:50:47 +0200 Source: bitshuffle Architecture: source Version: 0.3.5-3.1 Distribution: unstable Urgency: medium Maintainer: Thorsten Alteholz Changed-By: Gilles Filippini Closes: 955456 Changes: bitshuffle (0.3.5-3.1) unstable; urgency=medium . * Non-maintainer upload. . [ Drew Parsons , Gilles Filippini ] * Closes: #955456 - fix-deprecated.patch: fix test_h5filter.py and test_h5plugin.py to open files with flag 'w' when required - Build-Depends: python3-h5py-mpi to force using the mpi flavour of h5py - override_dh_auto_test: - Run the tests via mpirun so that h5py knows it has to invoke its mpi implementation - Launch the tests for each python version separately to permit MPI initialization at each run Checksums-Sha1: be101b9e2c8534e95cbf955488a78e107fac5b66 1694 bitshuffle_0.3.5-3.1.dsc e32cf57f6e90bd3c1bee16348a1b49a6473699da 5680 bitshuffle_0.3.5-3.1.debian.tar.xz 0527a1870c7fc84bf8a83691578bf066508ffcab 10002 bitshuffle_0.3.5-3.1_amd64.buildinfo Checksums-Sha256: 1a94f30a86672c879e696f5ed2ee6ea405ef0deefdeb29db052795039637312b 1694 bitshuffle_0.3.5-3.1.dsc 36083dc90a47c71e0db387f2b29d8d1ca48619b0a2cb58c5553d04fad7650f67 5680 bitshuffle_0.3.5-3.1.debian.tar.xz 5dbad3c2e3b9015c56123e3328aa841501f76556356bcb4747238f946ec95411 10002 bitshuffle_0.3.5-3.1_amd64.buildinfo Files: 83b6fd76266abee2c33994670e449ad6 1694 devel optional bitshuffle_0.3.5-3.1.dsc c0d892862a803b684920169f03b177d1 5680 devel optional bitshuffle_0.3.5-3.1.debian.tar.xz fcf65339d4e40a996aa6f57dbd8a1e11 10002 devel optional bitshuffle_0.3.5-3.1_amd64.buildinfo -BEGIN PGP SIGNATURE- iQFEBAEBCgAuFiEEoJObzArDE05WtIyR7+hsbH/+z4MFAl6M0NkQHHBpbmlAZGVi aWFuLm9yZwAKCRDv6Gxsf/7Pg2LTB/93zasW/u91a550GOBSMLEup0Eq0oWNg0M3
Bug#956276: runescape: downloads unverified binary and runs it
On Thu, 9 Apr 2020 20:06:33 +0200, Markus Koschany wrote: > So when the quint essential message is, it is a matter of opinion and a > special form of verification is not mandated by Policy, then why don't > you work closer with the member of this team and help him to implement > the standard envisioned by you? That would be productive and helpful for > a change. For obvious reasons I don’t think there’s any point in continuing this discussion. Stephen pgpF2eM7dDBqu.pgp Description: OpenPGP digital signature
Bug#936857: libfreenect: diff for version 1:0.5.3-2
Thanks for the alert, FWIW, done now: (git)lena:~exppsy/libfreenect[debian]git $> gbp push salsa gbp:info: Pushing debian/1%0.5.3-1 to salsa gbp:info: Pushing upstream/0.5.3 to salsa gbp:info: Pushing refs/heads/debian to salsa:refs/heads/debian gbp:info: Pushing refs/heads/dfsg to salsa:refs/heads/dfsg On Thu, 09 Apr 2020, Sandro Tosi wrote: > FTR, i sent my changes this way instead on git because HEAD doesnt > contain the 1:0.5.3-1 upload > -- Yaroslav O. Halchenko Center for Open Neuroscience http://centerforopenneuroscience.org Dartmouth College, 419 Moore Hall, Hinman Box 6207, Hanover, NH 03755 Phone: +1 (603) 646-9834 Fax: +1 (603) 646-1419 WWW: http://www.linkedin.com/in/yarik signature.asc Description: PGP signature
Bug#956136: Some investigations about bug (956136) nanopolish: FTBFS (undefined references)
Hi all, I could find the cause. It is the `-flto` in the compile and link flags of the libminimap2-dev package. LTO is introduced recently in the following commit on the [1]: 53883a7ff8c066c14c0ea4e42299ae9958feda6a Removing `-flto` from CFLAGS and LDFLAGS, then building libminimap2-dev with pdebuild (sid), then building the nanopolish with pbuilder (sid), will succeed. I attached the patch which resolves the problem. It should be applied against [1]. The conclusion: The `-flto` behaves differently from the past maybe with the recent changes in the build tool-chain (maybe in GCC) and causes the problem. [1]:https://salsa.debian.org/med-team/minimap2.git Bests, Hamid Nassiby From 5aa0491a6159895cdb0925617858cbca68c9e834 Mon Sep 17 00:00:00 2001 From: Hamid Nassiby Date: Thu, 9 Apr 2020 23:01:48 +0430 Subject: [PATCH] Remove -flto flag --- debian/patches/addLTO.patch | 30 -- debian/patches/series | 1 - 2 files changed, 31 deletions(-) delete mode 100644 debian/patches/addLTO.patch diff --git a/debian/patches/addLTO.patch b/debian/patches/addLTO.patch deleted file mode 100644 index 8dc0215..000 --- a/debian/patches/addLTO.patch +++ /dev/null @@ -1,30 +0,0 @@ -Author: Steffen Moeller -Last-Update: 2020-03-14 23:04:54 +0100 -Description: Add -flto flag - -Index: minimap2/Makefile -=== minimap2.orig/Makefile -+++ minimap2/Makefile -@@ -1,10 +1,11 @@ --CFLAGS+= -g -Wall -O2 -Wc++-compat #-Wextra -+CFLAGS+= -g -Wall -O2 -Wc++-compat -flto #-Wextra - CPPFLAGS+= -DHAVE_KALLOC - INCLUDES= - OBJS= kthread.o kalloc.o misc.o bseq.o sketch.o sdust.o options.o index.o chain.o align.o hit.o map.o format.o pe.o esterr.o splitidx.o ksw2_ll_sse.o - PROG= minimap2 - PROG_EXTRA= sdust minimap2-lite - LIBS= -lm -lz -lpthread -+LDFLAGS+= -flto - - OBJS+=ksw2_extz2_sse.o ksw2_extd2_sse.o ksw2_exts2_sse.o - -@@ -29,7 +30,7 @@ all:$(PROG) - extra:all $(PROG_EXTRA) - - minimap2:main.o libminimap2.a -- $(CC) $(CFLAGS) main.o -o $@ -L. -lminimap2 $(LIBS) $(LDFLAGS) -+ $(CC) main.o -o $@ -L. -lminimap2 $(LIBS) $(LDFLAGS) - - minimap2-lite:example.o libminimap2.a - $(CC) $(CFLAGS) $< -o $@ -L. -lminimap2 $(LIBS) $(LDFLAGS) diff --git a/debian/patches/series b/debian/patches/series index 57c6966..65c2533 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,5 +1,4 @@ hardening.patch do_not_use_natbib.bst.patch simde -addLTO.patch ar.patch -- 2.25.0
Bug#954039: marked as done (prayer: FTBFS against glibc 2.30)
Your message dated Thu, 09 Apr 2020 18:34:29 + with message-id and subject line Bug#954039: fixed in prayer 1.3.5-dfsg1-6.1 has caused the Debian Bug report #954039, regarding prayer: FTBFS against glibc 2.30 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 954039: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954039 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: prayer Version: 1.3.5-dfsg1-6 Severity: serious Tags: patch ftbfs Justification: fails to build from source (but built successfully in the past) User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu focal ubuntu-patch Hi, prayer currently FTBFS against glibc 2.30 in unstable. This is due to stropts.h being removed. In Ubuntu, the attached patch was applied to achieve the following: * d/p/glibc-2.30.patch: Fix FTBFS against glibc 2.30 by checking for existence of stropts.h. Thanks for considering the patch. Logan -- System Information: Debian Release: bullseye/sid APT prefers focal APT policy: (500, 'focal') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.4.0-14-generic (SMP w/8 CPU cores) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled diff -Nru prayer-1.3.5-dfsg1/debian/patches/glibc-2.30.patch prayer-1.3.5-dfsg1/debian/patches/glibc-2.30.patch --- prayer-1.3.5-dfsg1/debian/patches/glibc-2.30.patch 1969-12-31 19:00:00.0 -0500 +++ prayer-1.3.5-dfsg1/debian/patches/glibc-2.30.patch 2020-03-15 21:04:19.0 -0400 @@ -0,0 +1,13 @@ +--- a/lib/os_linux.h b/lib/os_linux.h +@@ -9,7 +9,10 @@ + #include + #include + #include ++ ++#ifdef HAVE_STROPTS_H + #include ++#endif + + #include + diff -Nru prayer-1.3.5-dfsg1/debian/patches/series prayer-1.3.5-dfsg1/debian/patches/series --- prayer-1.3.5-dfsg1/debian/patches/series2018-12-16 16:27:47.0 -0500 +++ prayer-1.3.5-dfsg1/debian/patches/series2020-03-15 21:02:32.0 -0400 @@ -10,3 +10,4 @@ openssl1.1.patch no-referrer.patch glibc-2.28.patch +glibc-2.30.patch --- End Message --- --- Begin Message --- Source: prayer Source-Version: 1.3.5-dfsg1-6.1 Done: Sudip Mukherjee We believe that the bug you reported is fixed in the latest version of prayer, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 954...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sudip Mukherjee (supplier of updated prayer package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 09 Apr 2020 17:50:55 +0100 Source: prayer Architecture: source Version: 1.3.5-dfsg1-6.1 Distribution: unstable Urgency: medium Maintainer: Magnus Holmgren Changed-By: Sudip Mukherjee Closes: 954039 Changes: prayer (1.3.5-dfsg1-6.1) unstable; urgency=medium . * Non-maintainer upload. * Fix FTBFS. (Closes: #954039) - Thanks to Logan Rosen. Checksums-Sha1: 36db1f19008cbfaf5f7fbc8969e85a5e98daeb4b 2163 prayer_1.3.5-dfsg1-6.1.dsc 1b6f565dc491bb1990aa1ecac6c7473700bf4126 26984 prayer_1.3.5-dfsg1-6.1.debian.tar.xz b047ada5a2d54a0a2ecc9350d152aceb1737e33e 6367 prayer_1.3.5-dfsg1-6.1_source.buildinfo Checksums-Sha256: 23cc5dbd6b9e35db7a9ace948c9d39314a4b9574e615eb71a82816e791d34fc0 2163 prayer_1.3.5-dfsg1-6.1.dsc 4ff906608b83116bbfee6dd50f1b560652cceea06b88c468c74459aae3bfe974 26984 prayer_1.3.5-dfsg1-6.1.debian.tar.xz e861fd19abee8ba5e20e1955a5a45f5c02d21fb2a67b8cb2d7e5900806ff0156 6367 prayer_1.3.5-dfsg1-6.1_source.buildinfo Files: 1ed197cbba324c0c84a3945427f8b265 2163 mail optional prayer_1.3.5-dfsg1-6.1.dsc 722fb4894c924ef335b254b76beaced3 26984 mail optional prayer_1.3.5-dfsg1-6.1.debian.tar.xz 8c86e7a287d73ac2612d76e58583fa40 6367 mail optional prayer_1.3.5-dfsg1-6.1_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEkjZVexcMh/iCHArDweDZLphvfH4FAl6PZbQACgkQweDZLphv fH7e/xAAqKfCZeOooIWC/+DTWyZbYSbWSAS8NCtWVpkzLaKWR2qczrlisCdY/Q+8
Processed: closing 945595
Processing commands for cont...@bugs.debian.org: > close 945595 19.10.2~ds0-1 Bug #945595 [smplayer] New mpv in sid breaks smplayer Marked as fixed in versions smplayer/19.10.2~ds0-1. Bug #945595 [smplayer] New mpv in sid breaks smplayer Marked Bug as done > thanks Stopping processing here. Please contact me if you need assistance. -- 945595: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945595 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#956276: runescape: downloads unverified binary and runs it
Am 09.04.20 um 15:18 schrieb Stephen Kitt: > Le 09/04/2020 14:47, Markus Koschany a écrit : >> Am 09.04.20 um 13:58 schrieb Stephen Kitt: >>> Le 09/04/2020 13:44, Markus Koschany a écrit : Am 09.04.20 um 13:24 schrieb Stephen Kitt: > On Thu, 9 Apr 2020 12:37:03 +0200, Markus Koschany > wrote: >> Am 09.04.20 um 11:36 schrieb Ivo De Decker: > [...] >>> Installing a Debian package doesn’t involve downloading a tarball from >>> github.com or anywhere else. A packager downloads the tarball, vets it >>> in some way or other (hopefully), and then uploads it to Debian >>> infrastructure, where it is used to build the binary packages which >>> users eventually download. After the initial upload, the contents don’t >>> change, unless a new version is uploaded. >> >> In general we offer users the opportunity to rebuild a package from >> scratch. That sometimes includes precise instructions in README.source >> and a get-orig-source target in debian/rules but we often just assume >> that running uscan will download the same original tarball that is >> shipped in Debian's archive. In many cases this assumption is not true >> and users will get a different tarball. Nowhere do we enforce that the >> data is identical. > > We’re not talking about rebuilding the package (at least, I wasn’t). > > When a user installs a package in Debian, there’s a reasonable > expectation that the user will get when the maintainer intended. Even if > they choose to rebuild the package, the typical "apt source" invocation > will retrieve the source last used to build the Debian package, *not* > the upstream source. I was using the rebuilding the package from scatch example because your requirement that upstream files must be verified against a signature or hash is simply not true here. That we verify Debian packages in main and contrib with apt-secure is a given and is also true for runescape. However packages in main do not require software outside of the archive to function. They are self-contained. Thus your comparison between the runescape script in non-free and any package in main is flawed. > Incidentally, there is one place where we do enforce that the orig > tarball doesn’t change: when uploading to the archive... So there is > that expectation somewhere. All the effort that went into pristine-tar > also suggests that at least some people care about it in other > circumstances too. We do the same for runescape... > >>> Put another way, when you install a Debian package, you get the exact >>> same contents as any other user installing the same version of the >>> package, and thus a certain amount of collective trust can be built. >>> This isn’t necessarily the case with the runescape package. >> >> Right, because the runescape package does neither qualify for main nor >> contrib hence why it was put in non-free and for its purpose the level >> of trust is sufficient. > > The fact that a package is in non-free isn’t a blank cheque for it to do > anything it wants; Policy 2.2.3 still requires packages in non-free to > “meet all policy requirements presented in this manual that it is > possible for them to meet”. I disagree with the level of trust involved > but that’s a matter of opinion. > Now to answer your initial question, as far as I can tell there is no > Policy requirement that packages which download third-party files verify > the contents. Correct. So the severity of this bug report should not have been release critical. >>> Oh I know, we can’t do anything about trusting the publisher. The main >>> issue is that if for whatever reason a compromised JAR is put in place >>> on the upstream site, the runescape package will download it and run it >>> without any warning. Even the TLS protection doesn’t do much since the >>> download script doesn’t check the upstream certificate (so the site >>> could be hijacked and it would still work). >> >> As Simon has already pointed out, the binary hash/signature will >> probably change due to updates or other minor changes. That makes >> runescape prone to other RC bugs and any implementation to validate the >> launcher should take that into consideration. > > Not necessarily: note that I said “without any warning”. The package > could check the downloaded JAR against a signature, and if there’s a > mismatch, warn the user before running it. That wouldn’t make the > package prone to RC bugs. Sure, you can put as many warnings in runescape as you wish but it is still in non-free which is by definition _not part_ of Debian. This alone is a stark warning for any Debian user and again the script is in no way different than opening the website in your browser and downloading the file manually. Do we require hashsums in Debian's Firefox browser whenever someone downloads a file from the internet? > >>> Consider it this way: the packager will presumably check the package >>> before upload, and we can consider the JAR at that point to be >>> trustworthy (for some
Processed: Merge duplicates
Processing commands for cont...@bugs.debian.org:
> reassign 954556 src:openssl
Bug #954556 [src:breezy] breezy: FTBFS: ssl.SSLError: [SSL: KRB5_S_TKT_NYV]
unexpected eof while reading (_ssl.c:2607)
Bug reassigned from package 'src:breezy' to 'src:openssl'.
No longer marked as found in versions breezy/3.0.2-5.
Ignoring request to alter fixed versions of bug #954556 to the same values
previously set
> forcemerge 955442 954556
Bug #955442 {Done: Sebastian Andrzej Siewior }
[src:openssl] openssl breaks libio-socket-ssl-perl autopkgtest: 20 times "not
ok"
Bug #954625 {Done: Sebastian Andrzej Siewior }
[src:openssl] pytest-httpbin: FTBFS: dh_auto_test: error: pybuild --test
--test-pytest -i python{version} -p "3.7 3.8" returned exit code 13
Bug #954556 [src:openssl] breezy: FTBFS: ssl.SSLError: [SSL: KRB5_S_TKT_NYV]
unexpected eof while reading (_ssl.c:2607)
Marked Bug as done
Added indication that 954556 affects
src:pytest-httpbin,src:libio-socket-ssl-perl
Marked as fixed in versions openssl/1.1.1f-1.
Marked as found in versions openssl/1.1.1e-1.
Bug #954625 {Done: Sebastian Andrzej Siewior }
[src:openssl] pytest-httpbin: FTBFS: dh_auto_test: error: pybuild --test
--test-pytest -i python{version} -p "3.7 3.8" returned exit code 13
Removed indication that 954625 affects src:pytest-httpbin and
src:libio-socket-ssl-perl
Added indication that 954625 affects
src:pytest-httpbin,src:libio-socket-ssl-perl
Removed indication that 955442 affects src:pytest-httpbin and
src:libio-socket-ssl-perl
Added indication that 955442 affects
src:pytest-httpbin,src:libio-socket-ssl-perl
Added tag(s) experimental.
Added tag(s) experimental.
Merged 954556 954625 955442
> affects 955442 src:breezy
Bug #955442 {Done: Sebastian Andrzej Siewior }
[src:openssl] openssl breaks libio-socket-ssl-perl autopkgtest: 20 times "not
ok"
Bug #954556 {Done: Sebastian Andrzej Siewior }
[src:openssl] breezy: FTBFS: ssl.SSLError: [SSL: KRB5_S_TKT_NYV] unexpected eof
while reading (_ssl.c:2607)
Bug #954625 {Done: Sebastian Andrzej Siewior }
[src:openssl] pytest-httpbin: FTBFS: dh_auto_test: error: pybuild --test
--test-pytest -i python{version} -p "3.7 3.8" returned exit code 13
Added indication that 955442 affects src:breezy
Added indication that 954556 affects src:breezy
Added indication that 954625 affects src:breezy
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
954556: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954556
954625: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954625
955442: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955442
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Bug#955607: marked as done (xrdesktop: FTBFS against gulkan 0.14)
Your message dated Thu, 09 Apr 2020 18:02:51 + with message-id and subject line Bug#955607: fixed in xrdesktop 0.14.0-1 has caused the Debian Bug report #955607, regarding xrdesktop: FTBFS against gulkan 0.14 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 955607: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955607 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: xrdesktop Version: 0.13.2-1 Severity: serious Tags: ftbfs sid bullseye Justification: fails to build from source The gulkan transition started, but xrdesktop fails to build against the new gulkan version: | Run-time dependency gxr-0.13 found: NO | | ../meson.build:54:0: ERROR: Could not generate cargs for gxr-0.13: | Package gulkan-0.13 was not found in the pkg-config search path. | Perhaps you should add the directory containing `gulkan-0.13.pc' | to the PKG_CONFIG_PATH environment variable | Package 'gulkan-0.13', required by 'gxr-0.13', not found Cheers -- Sebastian Ramacher signature.asc Description: PGP signature --- End Message --- --- Begin Message --- Source: xrdesktop Source-Version: 0.14.0-1 Done: =?utf-8?b?QW5kcmV3IExlZSAo5p2O5YGl56eLKQ==?= We believe that the bug you reported is fixed in the latest version of xrdesktop, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 955...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andrew Lee (李健秋) (supplier of updated xrdesktop package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 07 Apr 2020 11:19:06 +0800 Source: xrdesktop Binary: libxrdesktop-0.14-0 libxrdesktop-0.14-0-dbgsym libxrdesktop-dev Architecture: source amd64 Version: 0.14.0-1 Distribution: unstable Urgency: medium Maintainer: Andrew Lee (李健秋) Changed-By: Andrew Lee (李健秋) Description: libxrdesktop-0.14-0 - XR desktop interaction library libxrdesktop-dev - XR desktop interaction library -- development files Closes: 955607 Changes: xrdesktop (0.14.0-1) unstable; urgency=medium . * New upstream release. * Build-deps on gxr version 0.14.0. (Closes: #955607) * Build-deps on python3-dev and python-gi-dev. * Rename package name to match the sonames. * Move the package from contrib to main as it's build-deps gxr doesn't depends on non-free anymore. Checksums-Sha1: fde72251ff32cd75a713976a7a6c02c457ad4ae8 2093 xrdesktop_0.14.0-1.dsc d094d67616ec715049c53b0f348bc484e610ed87 736126 xrdesktop_0.14.0.orig.tar.bz2 99c4632267d4bab97715daaee04d102fe7bf5578 7876 xrdesktop_0.14.0-1.debian.tar.xz f1d5ac148472c87934e77e454ea0c0dd097d4dd0 311940 libxrdesktop-0.14-0-dbgsym_0.14.0-1_amd64.deb a2b17628f0831d2e81652185d4844be99ebb9b74 75992 libxrdesktop-0.14-0_0.14.0-1_amd64.deb 357201b092529b19e6d35600405d174e88a50159 20592 libxrdesktop-dev_0.14.0-1_amd64.deb 4eec657547a55ebf2cfa396ba9a8f3d6dea19c9a 15688 xrdesktop_0.14.0-1_amd64.buildinfo Checksums-Sha256: 696dd6627316a23a3ecbac5680f599c228920d3b059e7410d26f0e9e92bb2dfb 2093 xrdesktop_0.14.0-1.dsc 67fc22be15ff431e2046abcb103ae7e39888e1ec2e0796a5c7e51da46d29608b 736126 xrdesktop_0.14.0.orig.tar.bz2 357b85fd2d4814dfcde50867dab012df6f3abf1d3a0481b3b3711bf9499f792f 7876 xrdesktop_0.14.0-1.debian.tar.xz 05d97951bae7a35c3516274d5c387fd297db0f5794944904bb0486a214e6d761 311940 libxrdesktop-0.14-0-dbgsym_0.14.0-1_amd64.deb 610eeef35d3c71127200505f7bf2767974c50c9c182d393f2fa7d2b897e773c8 75992 libxrdesktop-0.14-0_0.14.0-1_amd64.deb 48e30a83d4b7a38d60d9de00edd47a27accd188078e8286c751cf7049c622762 20592 libxrdesktop-dev_0.14.0-1_amd64.deb f503736f0087d898c613b2f5bd16e7053034ec36056abf699a0a288ccea29eef 15688 xrdesktop_0.14.0-1_amd64.buildinfo Files: a2ff897758f1b4c20c4254a7b01c4133 2093 libs optional xrdesktop_0.14.0-1.dsc d9c1b87ff73354299f4eecd707722e96 736126 libs optional xrdesktop_0.14.0.orig.tar.bz2 915e8d3b23971c552b93d1efe537e64e 7876 libs optional xrdesktop_0.14.0-1.debian.tar.xz 40c60263b1c1bff1aefd382716e5452d 311940 debug optional libxrdesktop-0.14-0-dbgsym_0.14.0-1_amd64.deb d326b819bd7c7ebe2ff9c9f69302e012 75992 libs optional libxrdesktop-0.14-0_0.14.0-1_amd64.deb e36e26d2c2d03f2454fbfe9acf42871c 20592
Bug#954039: prayer: diff for NMU version 1.3.5-dfsg1-6.1
Control: tags 954039 + pending Dear maintainer, I've prepared an NMU for prayer (versioned as 1.3.5-dfsg1-6.1) and uploaded it to mentors for sponsoring. Please feel free to tell me if I should remove it. -- Regards Sudip diff -Nru prayer-1.3.5-dfsg1/debian/changelog prayer-1.3.5-dfsg1/debian/changelog --- prayer-1.3.5-dfsg1/debian/changelog 2018-12-16 21:27:47.0 + +++ prayer-1.3.5-dfsg1/debian/changelog 2020-04-09 17:50:55.0 +0100 @@ -1,3 +1,11 @@ +prayer (1.3.5-dfsg1-6.1) unstable; urgency=medium + + * Non-maintainer upload. + * Fix FTBFS. (Closes: #954039) +- Thanks to Logan Rosen. + + -- Sudip Mukherjee Thu, 09 Apr 2020 17:50:55 +0100 + prayer (1.3.5-dfsg1-6) unstable; urgency=medium * Merge changes from Ubuntu (Closes: #913848). diff -Nru prayer-1.3.5-dfsg1/debian/patches/glibc-2.30.patch prayer-1.3.5-dfsg1/debian/patches/glibc-2.30.patch --- prayer-1.3.5-dfsg1/debian/patches/glibc-2.30.patch 1970-01-01 01:00:00.0 +0100 +++ prayer-1.3.5-dfsg1/debian/patches/glibc-2.30.patch 2020-04-09 17:44:41.0 +0100 @@ -0,0 +1,20 @@ +Description: Fix FTBFS + glibc removed obsolete, never-implemented XSI STREAMS declarations via: + https://sourceware.org/git/?p=glibc.git;a=commit;h=a0a0dc83173ce11ff45105fd32e5d14356cdfb9c + And so stropts.h file is not available anymore. + +--- + +--- prayer-1.3.5-dfsg1.orig/lib/os_linux.h prayer-1.3.5-dfsg1/lib/os_linux.h +@@ -9,7 +9,10 @@ + #include + #include + #include ++ ++#ifdef HAVE_STROPTS_H + #include ++#endif + + #include + diff -Nru prayer-1.3.5-dfsg1/debian/patches/series prayer-1.3.5-dfsg1/debian/patches/series --- prayer-1.3.5-dfsg1/debian/patches/series2018-12-16 21:27:47.0 + +++ prayer-1.3.5-dfsg1/debian/patches/series2020-04-09 17:42:45.0 +0100 @@ -10,3 +10,4 @@ openssl1.1.patch no-referrer.patch glibc-2.28.patch +glibc-2.30.patch
Processed: prayer: diff for NMU version 1.3.5-dfsg1-6.1
Processing control commands: > tags 954039 + pending Bug #954039 [src:prayer] prayer: FTBFS against glibc 2.30 Added tag(s) pending. -- 954039: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954039 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#936273: marked as done (capstone: Python2 removal in sid/bullseye)
Your message dated Thu, 09 Apr 2020 17:18:32 + with message-id and subject line Bug#936273: fixed in capstone 4.0.1+really+3.0.5-1.1 has caused the Debian Bug report #936273, regarding capstone: Python2 removal in sid/bullseye to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 936273: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=936273 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:capstone Version: 4.0.1+really+3.0.5-1 Severity: normal Tags: sid bullseye User: debian-pyt...@lists.debian.org Usertags: py2removal Python2 becomes end-of-live upstream, and Debian aims to remove Python2 from the distribution, as discussed in https://lists.debian.org/debian-python/2019/07/msg00080.html Your package either build-depends, depends on Python2, or uses Python2 in the autopkg tests. Please stop using Python2, and fix this issue by one of the following actions. - Convert your Package to Python3. This is the preferred option. In case you are providing a Python module foo, please consider dropping the python-foo package, and only build a python3-foo package. Please don't drop Python2 modules, which still have reverse dependencies, just document them. This is the preferred option. - If the package is dead upstream, cannot be converted or maintained in Debian, it should be removed from the distribution. If the package still has reverse dependencies, raise the severity to "serious" and document the reverse dependencies with the BTS affects command. If the package has no reverse dependencies, confirm that the package can be removed, reassign this issue to ftp.debian.org, make sure that the bug priority is set to normal and retitle the issue to "RM: PKG -- removal triggered by the Python2 removal". - If the package has still many users (popcon >= 300), or is needed to build another package which cannot be removed, document that by adding the "py2keep" user tag (not replacing the py2remove tag), using the debian-pyt...@lists.debian.org user. Also any dependencies on an unversioned python package (python, python-dev) must not be used, same with the python shebang. These have to be replaced by python2/python2.7 dependencies and shebang. This is the least preferred option. If the conversion or removal needs action on another package first, please document the blocking by using the BTS affects command, like affects + src:capstone If there is no py2removal bug for that reverse-dependency, please file a bug on this package (similar to this bug report). If there are questions, please refer to the wiki page for the removal: https://wiki.debian.org/Python/2Removal, or ask for help on IRC #debian-python, or the debian-pyt...@lists.debian.org mailing list. --- End Message --- --- Begin Message --- Source: capstone Source-Version: 4.0.1+really+3.0.5-1.1 Done: Sandro Tosi We believe that the bug you reported is fixed in the latest version of capstone, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 936...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sandro Tosi (supplier of updated capstone package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 09 Apr 2020 12:51:10 -0400 Source: capstone Architecture: source Version: 4.0.1+really+3.0.5-1.1 Distribution: unstable Urgency: medium Maintainer: Debian Security Tools Changed-By: Sandro Tosi Closes: 936273 Changes: capstone (4.0.1+really+3.0.5-1.1) unstable; urgency=medium . * Non-maintainer upload. * Drop python2 support; Closes: #936273 Checksums-Sha1: feac6b01636a2bb74ea8dd8efe13d659ce99fdaa 2283 capstone_4.0.1+really+3.0.5-1.1.dsc a7d13248db20bc6322e68cc295f848f5ba52d1e6 6840 capstone_4.0.1+really+3.0.5-1.1.debian.tar.xz ffabf84aab5add956bd28fa35beba8d3e92131ad 9725 capstone_4.0.1+really+3.0.5-1.1_amd64.buildinfo Checksums-Sha256: 32113311c94fa97c122a96cf845c5499396e68458579e43de01c08e25da0aeac 2283 capstone_4.0.1+really+3.0.5-1.1.dsc e605d187cf4a78ebe259ca9fe6cec0e0c81ea588a094f85929073cb3672deaa3 6840 capstone_4.0.1+really+3.0.5-1.1.debian.tar.xz
Processed: [bts-link] source package src:social-auth-app-django
Processing commands for cont...@bugs.debian.org:
> #
> # bts-link upstream status pull for source package src:social-auth-app-django
> # see http://lists.debian.org/debian-devel-announce/2006/05/msg1.html
> # https://bts-link-team.pages.debian.net/bts-link/
> #
> user debian-bts-l...@lists.debian.org
Setting user to debian-bts-l...@lists.debian.org (was
debian-bts-l...@lists.debian.org).
> # remote status report for #951969 (http://bugs.debian.org/951969)
> # Bug title: social-auth-app-django: FTBFS: dh_auto_test: error: pybuild
> --test -i python{version} -p "3.8 3.7" --system=custom
> "--test-args={interpreter} ./manage.py test" returned exit code 13
> # * https://github.com/python-social-auth/social-app-django/issues/196
> # * remote status changed: (?) -> closed
> # * closed upstream
> tags 951969 + fixed-upstream
Bug #951969 [src:social-auth-app-django] social-auth-app-django: FTBFS:
dh_auto_test: error: pybuild --test -i python{version} -p "3.8 3.7"
--system=custom "--test-args={interpreter} ./manage.py test" returned exit code
13
Added tag(s) fixed-upstream.
> usertags 951969 + status-closed
There were no usertags set.
Usertags are now: status-closed.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
951969: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951969
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Bug#936273: capstone: diff for NMU version 4.0.1+really+3.0.5-1.1
Control: tags 936273 + patch
Dear maintainer,
I've prepared an NMU for capstone (versioned as 4.0.1+really+3.0.5-1.1). The
diff
is attached to this message.
The git repo doesnt contain the latest release, 4.0.1+really+3.0.5-1
also in a recent update, gbp.conf requires pristine-tar, but no pristine-tar
branch is pushed to salsa.d.o
Regards.
diff -Nru capstone-4.0.1+really+3.0.5/debian/changelog capstone-4.0.1+really+3.0.5/debian/changelog
--- capstone-4.0.1+really+3.0.5/debian/changelog 2019-02-26 16:35:27.0 -0500
+++ capstone-4.0.1+really+3.0.5/debian/changelog 2020-04-09 12:51:10.0 -0400
@@ -1,3 +1,10 @@
+capstone (4.0.1+really+3.0.5-1.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Drop python2 support; Closes: #936273
+
+ -- Sandro Tosi Thu, 09 Apr 2020 12:51:10 -0400
+
capstone (4.0.1+really+3.0.5-1) unstable; urgency=medium
* Team upload
diff -Nru capstone-4.0.1+really+3.0.5/debian/control capstone-4.0.1+really+3.0.5/debian/control
--- capstone-4.0.1+really+3.0.5/debian/control 2019-02-26 16:35:27.0 -0500
+++ capstone-4.0.1+really+3.0.5/debian/control 2020-04-09 12:50:54.0 -0400
@@ -4,8 +4,8 @@
Uploaders: Pranith Kumar
Build-Depends: debhelper (>= 12~),
dh-python,
- python-all-dev, python3-all-dev,
- python-setuptools, python3-setuptools,
+ python3-all-dev,
+ python3-setuptools,
cython (>= 0.19), cython3,
Standards-Version: 4.3.0
Section: devel
@@ -61,17 +61,6 @@
This package contains cstool, a command-line tool to disassemble
hexadecimal strings.
-Package: python-capstone
-Section: python
-Architecture: any
-Depends: ${shlibs:Depends}, ${misc:Depends}, ${python:Depends}, libcapstone3
-XB-Python-Version: ${python:Versions}
-Description: lightweight multi-architecture disassembly framework - Python bindings
- Capstone is a lightweight multi-platform, multi-architecture disassembly
- framework.
- .
- These are the Python 2 bindings.
-
Package: python3-capstone
Section: python
Architecture: any
diff -Nru capstone-4.0.1+really+3.0.5/debian/python-capstone.install capstone-4.0.1+really+3.0.5/debian/python-capstone.install
--- capstone-4.0.1+really+3.0.5/debian/python-capstone.install 2019-02-26 16:34:50.0 -0500
+++ capstone-4.0.1+really+3.0.5/debian/python-capstone.install 1969-12-31 19:00:00.0 -0500
@@ -1 +0,0 @@
-usr/lib/python2.7
diff -Nru capstone-4.0.1+really+3.0.5/debian/rules capstone-4.0.1+really+3.0.5/debian/rules
--- capstone-4.0.1+really+3.0.5/debian/rules 2019-02-26 16:35:27.0 -0500
+++ capstone-4.0.1+really+3.0.5/debian/rules 2020-04-09 12:51:02.0 -0400
@@ -4,7 +4,7 @@
include /usr/share/dpkg/architecture.mk
%:
- dh $@ --with python2,python3
+ dh $@ --with python3
override_dh_auto_clean \
override_dh_auto_configure \
Processed: Merge duplicates
Processing commands for cont...@bugs.debian.org: > reassign 952623 libncbi-vdb2 Bug #952623 [src:sra-sdk] sra-sdk: FTBFS: ld: /usr/lib/x86_64-linux-gnu/libncbi-vdb.so: undefined reference to `vdb_mbedtls_entropy_init' Bug reassigned from package 'src:sra-sdk' to 'libncbi-vdb2'. No longer marked as found in versions sra-sdk/2.9.3+dfsg-1. Ignoring request to alter fixed versions of bug #952623 to the same values previously set > forcemerge 952627 952623 Bug #952627 [libncbi-vdb2] libncbi-vdb2 uses undefined symbols Bug #953897 [libncbi-vdb2] libncbi-vdb2 uses undefined symbols Bug #952623 [libncbi-vdb2] sra-sdk: FTBFS: ld: /usr/lib/x86_64-linux-gnu/libncbi-vdb.so: undefined reference to `vdb_mbedtls_entropy_init' Added indication that 952623 affects src:skesa Marked as found in versions ncbi-vdb/2.10.3+dfsg-1. Bug #953897 [libncbi-vdb2] libncbi-vdb2 uses undefined symbols Merged 952623 952627 953897 > affects 952627 src:sra-sdk Bug #952627 [libncbi-vdb2] libncbi-vdb2 uses undefined symbols Bug #952623 [libncbi-vdb2] sra-sdk: FTBFS: ld: /usr/lib/x86_64-linux-gnu/libncbi-vdb.so: undefined reference to `vdb_mbedtls_entropy_init' Bug #953897 [libncbi-vdb2] libncbi-vdb2 uses undefined symbols Added indication that 952627 affects src:sra-sdk Added indication that 952623 affects src:sra-sdk Added indication that 953897 affects src:sra-sdk > thanks Stopping processing here. Please contact me if you need assistance. -- 952623: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952623 952627: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952627 953897: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953897 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: capstone: diff for NMU version 4.0.1+really+3.0.5-1.1
Processing control commands: > tags 936273 + patch Bug #936273 [src:capstone] capstone: Python2 removal in sid/bullseye Added tag(s) patch. -- 936273: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=936273 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#956276: runescape: downloads unverified binary and runs it
Le 09/04/2020 14:47, Markus Koschany a écrit : Am 09.04.20 um 13:58 schrieb Stephen Kitt: Le 09/04/2020 13:44, Markus Koschany a écrit : Am 09.04.20 um 13:24 schrieb Stephen Kitt: On Thu, 9 Apr 2020 12:37:03 +0200, Markus Koschany wrote: Am 09.04.20 um 11:36 schrieb Ivo De Decker: [...] Installing a Debian package doesn’t involve downloading a tarball from github.com or anywhere else. A packager downloads the tarball, vets it in some way or other (hopefully), and then uploads it to Debian infrastructure, where it is used to build the binary packages which users eventually download. After the initial upload, the contents don’t change, unless a new version is uploaded. In general we offer users the opportunity to rebuild a package from scratch. That sometimes includes precise instructions in README.source and a get-orig-source target in debian/rules but we often just assume that running uscan will download the same original tarball that is shipped in Debian's archive. In many cases this assumption is not true and users will get a different tarball. Nowhere do we enforce that the data is identical. We’re not talking about rebuilding the package (at least, I wasn’t). When a user installs a package in Debian, there’s a reasonable expectation that the user will get when the maintainer intended. Even if they choose to rebuild the package, the typical "apt source" invocation will retrieve the source last used to build the Debian package, *not* the upstream source. Incidentally, there is one place where we do enforce that the orig tarball doesn’t change: when uploading to the archive... So there is that expectation somewhere. All the effort that went into pristine-tar also suggests that at least some people care about it in other circumstances too. Put another way, when you install a Debian package, you get the exact same contents as any other user installing the same version of the package, and thus a certain amount of collective trust can be built. This isn’t necessarily the case with the runescape package. Right, because the runescape package does neither qualify for main nor contrib hence why it was put in non-free and for its purpose the level of trust is sufficient. The fact that a package is in non-free isn’t a blank cheque for it to do anything it wants; Policy 2.2.3 still requires packages in non-free to “meet all policy requirements presented in this manual that it is possible for them to meet”. I disagree with the level of trust involved but that’s a matter of opinion. Now to answer your initial question, as far as I can tell there is no Policy requirement that packages which download third-party files verify the contents. Oh I know, we can’t do anything about trusting the publisher. The main issue is that if for whatever reason a compromised JAR is put in place on the upstream site, the runescape package will download it and run it without any warning. Even the TLS protection doesn’t do much since the download script doesn’t check the upstream certificate (so the site could be hijacked and it would still work). As Simon has already pointed out, the binary hash/signature will probably change due to updates or other minor changes. That makes runescape prone to other RC bugs and any implementation to validate the launcher should take that into consideration. Not necessarily: note that I said “without any warning”. The package could check the downloaded JAR against a signature, and if there’s a mismatch, warn the user before running it. That wouldn’t make the package prone to RC bugs. Consider it this way: the packager will presumably check the package before upload, and we can consider the JAR at that point to be trustworthy (for some value of trustworthy). But there is absolutely no guarantee that the JAR which users will receive bears any resemblance to the JAR checked by the packager. If someone wants to implement some form of verification, hash or something else, please do. I still don't see why this issue is a Policy violation and why everyone seems to require the same standards as in main or contrib when the package is in non-free and does not have to comply with each and every part of the DFSG. In my opinion the package is very simple and sufficient for its purpose. A warning message may help here too. Construing a Policy violation seems wrong to me. I agree that as things currently stand, this is a matter of opinion. I do however tend to think that we can hold the distribution to a higher standard than that strictly mandated by Policy, in particular because most of Policy is written within a certain framework (packages which are fully contained within the archive) and ignores issues such as this one. And of course no one is asking *you* to do anything ;-). Regards, Stephen
Bug#948283: marked as done (tinyproxy: If no PidFile is configured logrotate will change the owner of the root directory)
Your message dated Thu, 09 Apr 2020 16:47:17 + with message-id and subject line Bug#948283: fixed in tinyproxy 1.10.0-2+deb10u1 has caused the Debian Bug report #948283, regarding tinyproxy: If no PidFile is configured logrotate will change the owner of the root directory to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 948283: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948283 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: tinyproxy Version: 1.10.0-2 Severity: critical Justification: breaks unrelated software Dear Maintainer, * What led up to the situation? I configured tinyproxy without a PidFile. * What exactly did you do (or not do) that was effective (or ineffective)? I removed the PidFile configuration option from tinyproxy.conf * What was the outcome of this action? The next run of logrotate changed the owner and group of my root directory (`/`) to tinyproxy:tinyproxy. * What outcome did you expect instead? I expected that not to happen. Example demonstrating the issue in a fresh VM: root@debian-2gb-fsn1-1:~# stat / File: / Size: 4096Blocks: 8 IO Block: 4096 directory Device: 801h/2049d Inode: 2 Links: 18 Access: (0755/drwxr-xr-x) Uid: (0/root) Gid: (0/root) Access: 2019-12-08 05:11:02.514309382 +0100 Modify: 2020-01-06 01:51:41.52400 +0100 Change: 2020-01-06 01:51:41.52400 +0100 Birth: - root@debian-2gb-fsn1-1:~# apt-get install - tinyproxy Selecting previously unselected package tinyproxy-bin. (Reading database ... 35006 files and directories currently installed.) Preparing to unpack .../tinyproxy-bin_1.10.0-2_amd64.deb ... Unpacking tinyproxy-bin (1.10.0-2) ... Selecting previously unselected package tinyproxy. Preparing to unpack .../tinyproxy_1.10.0-2_all.deb ... Unpacking tinyproxy (1.10.0-2) ... Setting up tinyproxy-bin (1.10.0-2) ... Setting up tinyproxy (1.10.0-2) ... Created symlink /etc/systemd/system/multi-user.target.wants/tinyproxy.service → /lib/systemd/system/tinyproxy.service. Processing triggers for man-db (2.8.5-2) ... Processing triggers for systemd (241-7~deb10u2) ... root@debian-2gb-fsn1-1:~# grep PidFile /etc/tinyproxy/tinyproxy.conf # PidFile: Write the PID of the main tinyproxy thread to this file so it PidFile "/run/tinyproxy/tinyproxy.pid" root@debian-2gb-fsn1-1:~# sed -i '/PidFile/d' /etc/tinyproxy/tinyproxy.conf root@debian-2gb-fsn1-1:~# grep PidFile /etc/tinyproxy/tinyproxy.conf root@debian-2gb-fsn1-1:~# systemctl start logrotate root@debian-2gb-fsn1-1:~# sed -i 's/2020/2019/g' /var/lib/logrotate/status root@debian-2gb-fsn1-1:~# systemctl start logrotate root@debian-2gb-fsn1-1:~# stat / File: / Size: 4096Blocks: 8 IO Block: 4096 directory Device: 801h/2049d Inode: 2 Links: 18 Access: (0755/drwxr-xr-x) Uid: ( 106/tinyproxy) Gid: ( 112/tinyproxy) Access: 2019-12-08 05:11:02.514309382 +0100 Modify: 2020-01-06 01:51:41.52400 +0100 Change: 2020-01-06 01:53:05.254019354 +0100 Birth: - Note that tinyproxy does not start up with this configuration, because systemd expects the PidFile to appear. For the machine where I noticed this issue I also adjusted the systemd unit to be of `Type=simple`. While this configuration might not be common and not encountered by the average user it introduced a possible security hole in my system and even if this might not be fully exploitable by the `tinyproxy` user it breaks systemd-tmpfiles: Jan 06 01:57:53 debian-2gb-fsn1-1 systemd-tmpfiles[282]: Detected unsafe path transition / → /var during canonicalization of /var. Thus I feel the severity of `critical` is justified for this bug report. Best regards Tim Düsterhus -- System Information: Debian Release: 10.2 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-6-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages tinyproxy depends on: ii adduser3.118 ii logrotate 3.14.0-4 ii lsb-base 10.2019051400 ii tinyproxy-bin 1.10.0-2 tinyproxy recommends no packages. tinyproxy suggests no packages. -- Configuration Files: /etc/tinyproxy/tinyproxy.conf changed: User tinyproxy Group tinyproxy Port Timeout 600 DefaultErrorFile
Bug#948283: marked as done (tinyproxy: If no PidFile is configured logrotate will change the owner of the root directory)
Your message dated Thu, 09 Apr 2020 16:47:36 + with message-id and subject line Bug#948283: fixed in tinyproxy 1.8.4-3~deb9u2 has caused the Debian Bug report #948283, regarding tinyproxy: If no PidFile is configured logrotate will change the owner of the root directory to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 948283: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948283 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: tinyproxy Version: 1.10.0-2 Severity: critical Justification: breaks unrelated software Dear Maintainer, * What led up to the situation? I configured tinyproxy without a PidFile. * What exactly did you do (or not do) that was effective (or ineffective)? I removed the PidFile configuration option from tinyproxy.conf * What was the outcome of this action? The next run of logrotate changed the owner and group of my root directory (`/`) to tinyproxy:tinyproxy. * What outcome did you expect instead? I expected that not to happen. Example demonstrating the issue in a fresh VM: root@debian-2gb-fsn1-1:~# stat / File: / Size: 4096Blocks: 8 IO Block: 4096 directory Device: 801h/2049d Inode: 2 Links: 18 Access: (0755/drwxr-xr-x) Uid: (0/root) Gid: (0/root) Access: 2019-12-08 05:11:02.514309382 +0100 Modify: 2020-01-06 01:51:41.52400 +0100 Change: 2020-01-06 01:51:41.52400 +0100 Birth: - root@debian-2gb-fsn1-1:~# apt-get install - tinyproxy Selecting previously unselected package tinyproxy-bin. (Reading database ... 35006 files and directories currently installed.) Preparing to unpack .../tinyproxy-bin_1.10.0-2_amd64.deb ... Unpacking tinyproxy-bin (1.10.0-2) ... Selecting previously unselected package tinyproxy. Preparing to unpack .../tinyproxy_1.10.0-2_all.deb ... Unpacking tinyproxy (1.10.0-2) ... Setting up tinyproxy-bin (1.10.0-2) ... Setting up tinyproxy (1.10.0-2) ... Created symlink /etc/systemd/system/multi-user.target.wants/tinyproxy.service → /lib/systemd/system/tinyproxy.service. Processing triggers for man-db (2.8.5-2) ... Processing triggers for systemd (241-7~deb10u2) ... root@debian-2gb-fsn1-1:~# grep PidFile /etc/tinyproxy/tinyproxy.conf # PidFile: Write the PID of the main tinyproxy thread to this file so it PidFile "/run/tinyproxy/tinyproxy.pid" root@debian-2gb-fsn1-1:~# sed -i '/PidFile/d' /etc/tinyproxy/tinyproxy.conf root@debian-2gb-fsn1-1:~# grep PidFile /etc/tinyproxy/tinyproxy.conf root@debian-2gb-fsn1-1:~# systemctl start logrotate root@debian-2gb-fsn1-1:~# sed -i 's/2020/2019/g' /var/lib/logrotate/status root@debian-2gb-fsn1-1:~# systemctl start logrotate root@debian-2gb-fsn1-1:~# stat / File: / Size: 4096Blocks: 8 IO Block: 4096 directory Device: 801h/2049d Inode: 2 Links: 18 Access: (0755/drwxr-xr-x) Uid: ( 106/tinyproxy) Gid: ( 112/tinyproxy) Access: 2019-12-08 05:11:02.514309382 +0100 Modify: 2020-01-06 01:51:41.52400 +0100 Change: 2020-01-06 01:53:05.254019354 +0100 Birth: - Note that tinyproxy does not start up with this configuration, because systemd expects the PidFile to appear. For the machine where I noticed this issue I also adjusted the systemd unit to be of `Type=simple`. While this configuration might not be common and not encountered by the average user it introduced a possible security hole in my system and even if this might not be fully exploitable by the `tinyproxy` user it breaks systemd-tmpfiles: Jan 06 01:57:53 debian-2gb-fsn1-1 systemd-tmpfiles[282]: Detected unsafe path transition / → /var during canonicalization of /var. Thus I feel the severity of `critical` is justified for this bug report. Best regards Tim Düsterhus -- System Information: Debian Release: 10.2 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-6-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages tinyproxy depends on: ii adduser3.118 ii logrotate 3.14.0-4 ii lsb-base 10.2019051400 ii tinyproxy-bin 1.10.0-2 tinyproxy recommends no packages. tinyproxy suggests no packages. -- Configuration Files: /etc/tinyproxy/tinyproxy.conf changed: User tinyproxy Group tinyproxy Port Timeout 600 DefaultErrorFile
Bug#936273: marked as pending in capstone
Control: tag -1 pending Hello, Bug #936273 in capstone reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/pkg-security-team/capstone/-/commit/e93438456e4a12b5ed6cf52a10eb267869e743e6 Drop python2 support; Closes: #936273 (this message was generated automatically) -- Greetings https://bugs.debian.org/936273
Processed: Bug#936273 marked as pending in capstone
Processing control commands: > tag -1 pending Bug #936273 [src:capstone] capstone: Python2 removal in sid/bullseye Added tag(s) pending. -- 936273: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=936273 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#956287: marked as done (Problems identified in debian/copyright)
Your message dated Thu, 09 Apr 2020 15:40:54 +
with message-id
and subject line Bug#956287: fixed in llvm-toolchain-10 1:10.0.0-3
has caused the Debian Bug report #956287,
regarding Problems identified in debian/copyright
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
956287: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956287
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: llvm-toolchain-snapshot
Version: 11~++20200307074845+ec1d1f6ae70-1~exp1
Severity: serious
I noticed that this package appears to have some issues with debian/copyright.
Binary data exists with no indication that it can be rebuilt from source:
- lldb/unittests/ObjectFile/ELF/Inputs/early-section-headers.so
- lldb/unittests/Target/Inputs/TestModule.so
- soo many *.so files
- also many *.exe files
- Note: Test data is *not* excluded from DFSG.
These have a copyright/license that is not represented in d/copyright:
- lib/External/{many}
- llvm/utils/unittest/googletest/*
- llvm/utils/unittest/googlemock/*
- llvm/test/YAMLParser/*
- clang/lib/Headers/cuda_wrappers/*
- llvm/include/llvm/Support/MD5.h
+ Note: pseudonyms don't need to be represented; "2001 Alexander Peslyak
"
- clang/lib/Headers/:
+ avx512vlvp2intersectintrin.h
+ avx512vp2intersectintrin.h
- Note: This is not an exhaustive list.
libcxx/* indicates the wrong license *and* omits a copyright holder. (just
delete that paragraph) The same applies to polly/tools/GPURuntime/; it is
correctly represented when the paragraph is deleted).
clang/lib/Headers/* is represented as using Expat; this is not correct.
Multiple copyright blocks are mentioned for source that does not exist:
- lib/Support/reg*
- lldb/test/unittest2/*
- polly/lib/JSON/*
- test/YAMLParser/*
- utils/unittest/googletest/*
Note: If `polly/lib/JSON/` existed, "fixme" would have been unacceptable. It
should have copied LICENSE.txt.
Although not critical, the machine-readable copyright spec expects license
texts to either be with that paragraph or as an entirely unique paragraph. In
this case, it applies to BSD-3-Clause, expat, and u-of-i-bsd-like. Please see
missing-license-paragraph-in-dep5-copyright for additional information.
Also, it is not required to use four separate paragraphs;
"compiler-rt/lib/BlocksRuntime/*" is sufficient.
It is also possible to combine files:
Files:
compiler-rt/lib/BlocksRuntime/*
lldb/tools/debugserver/source/MacOSX/stack_logging.h
Copyright: 1999-2007 Apple Inc.
License: Apple
If you need further clarification, please don't hesitate to ask.
--- End Message ---
--- Begin Message ---
Source: llvm-toolchain-10
Source-Version: 1:10.0.0-3
Done: Sylvestre Ledru
We believe that the bug you reported is fixed in the latest version of
llvm-toolchain-10, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 956...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sylvestre Ledru (supplier of updated llvm-toolchain-10
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Thu, 02 Apr 2020 21:48:13 +0200
Source: llvm-toolchain-10
Architecture: source
Version: 1:10.0.0-3
Distribution: unstable
Urgency: medium
Maintainer: LLVM Packaging Team
Changed-By: Sylvestre Ledru
Closes: 956287
Changes:
llvm-toolchain-10 (1:10.0.0-3) unstable; urgency=medium
.
* ppc64el/autopkgtest: Just like with arm64, ignore two tests
* Update the copyright file with recent changes (Closes: #956287)
Thanks to Michael Lustfield for the detective work
.
[ Jessica Clarke ]
* Cherry-pick upstream patch D74453 to fix atomic compare-and-swap on
riscv64.
.
[ William Grant ]
* debian/patches/riscv64-multilib-empty.patch: Adjust riscv64 GCC detector
to also check for existence of crtbegin.o in the default multilib dir,
like most other ports. Fixes FTBFS on riscv64, since on Ubuntu
/usr/lib/gcc/riscv64-linux-gnu/10 exists but is empty (gcc-10-base is
installed, but libgcc-10-dev is not).
Checksums-Sha1:
d8d1134328086cb75a3b231a3bc96105fdb1 5960 llvm-toolchain-10_10.0.0-3.dsc
b4b42357b624f20425c6c48c7af3bbe4f2dc5d74 138332
Bug#936857: libfreenect: diff for version 1:0.5.3-2
FTR, i sent my changes this way instead on git because HEAD doesnt contain the 1:0.5.3-1 upload On Thu, Apr 9, 2020 at 11:13 AM Yaroslav Halchenko wrote: > > > On Thu, 09 Apr 2020, Sandro Tosi wrote: > > > Control: tags 936857 + patch > > > > Dear maintainer, > > > I've prepared an upload for libfreenect (versioned as 1:0.5.3-2). The diff > > is attached to this message. > > Thank you Sandro! > > -- > Yaroslav O. Halchenko > Center for Open Neuroscience http://centerforopenneuroscience.org > Dartmouth College, 419 Moore Hall, Hinman Box 6207, Hanover, NH 03755 > Phone: +1 (603) 646-9834 Fax: +1 (603) 646-1419 > WWW: http://www.linkedin.com/in/yarik -- Sandro "morph" Tosi My website: http://sandrotosi.me/ Me at Debian: http://wiki.debian.org/SandroTosi Twitter: https://twitter.com/sandrotosi
Bug#936857: libfreenect: diff for version 1:0.5.3-2
On Thu, 09 Apr 2020, Sandro Tosi wrote: > Control: tags 936857 + patch > Dear maintainer, > I've prepared an upload for libfreenect (versioned as 1:0.5.3-2). The diff > is attached to this message. Thank you Sandro! -- Yaroslav O. Halchenko Center for Open Neuroscience http://centerforopenneuroscience.org Dartmouth College, 419 Moore Hall, Hinman Box 6207, Hanover, NH 03755 Phone: +1 (603) 646-9834 Fax: +1 (603) 646-1419 WWW: http://www.linkedin.com/in/yarik
Bug#956152: rabbitmq-server: fails to install reliably on arm64
On 4/9/20 9:48 AM, Paul Gevers wrote:
> Hi Thomas,
>
> On 08-04-2020 18:04, Thomas Goirand wrote:
>> How may I test installing rabbitmq-server on ARM64 ? I don't have such a
>> hardware...
>
> Can't you try on a porterbox?
>
> Paul
>
Hi Paul,
It took me a long time to do it, but thanks to the help of Steve
McIntyre, I could try installing RabbitMQ on an arm64 machine. A big
thanks to him! (cc him so he sees the thanks)
And it did work perfectly:
# ps axuf | grep erl
root 30007 0.0 0.0 5888 696 ttyAMA0 S+ 15:50 0:00 \_
grep erl
rabbitmq 29591 47.7 3.3 1687452 68372 ? Sl 15:49 0:11 \_
/usr/lib/erlang/erts-10.7/bin/beam.smp -W w -A 64 -MBas ageffcbf -MHas
ageffcbf -MBlmbcs 512 -MHlmbcs 512 -MMmcs 30 -P 1048576 -t 500 -stbt
db -zdbbl 128000 -K true -- -root /usr/lib/erlang -progname erl -- -home
/var/lib/rabbitmq -- -pa
/usr/lib/rabbitmq/lib/rabbitmq_server-3.7.18/ebin -noshell -noinput -s
rabbit boot -sname rabbit@debian -boot start_sasl -kernel
inet_default_connect_options [{nodelay,true}] -sasl errlog_type error
-sasl sasl_error_logger false -rabbit lager_log_root "/var/log/rabbitmq"
-rabbit lager_default_file "/var/log/rabbitmq/rab...@debian.log" -rabbit
lager_upgrade_file "/var/log/rabbitmq/rabbit@debian_upgrade.log" -rabbit
feature_flags_file
"/var/lib/rabbitmq/mnesia/rabbit@debian-feature_flags" -rabbit
enabled_plugins_file "/etc/rabbitmq/enabled_plugins" -rabbit plugins_dir
"/usr/lib/rabbitmq/plugins:/usr/lib/rabbitmq/lib/rabbitmq_server-3.7.18/plugins"
-rabbit plugins_expand_dir
"/var/lib/rabbitmq/mnesia/rabbit@debian-plugins-expand" -os_mon
start_cpu_sup false -os_mon start_disksup false -os_mon start_memsup
false -mnesia dir "/var/lib/rabbitmq/mnesia/rabbit@debian" -kernel
inet_dist_listen_min 25672 -kernel inet_dist_listen_max 25672 --
rabbitmq 29826 0.1 0.0 1912 424 ?Ss 15:49 0:00 \_
erl_child_setup 65536
It's hard to see (huge command line), but that's the output when
rabbitmq is started, believe me.
I tried stop / start the rabbitmq-server.service a few times, and it did
work for me, no problem (even though it was a bit slow on the arm64 VM I
was using, which is kind of expected with rabbitmq-server).
I'm therefore downgrading this bug to severity: important, until further
investigation can be done on your side. Indeed, this looks like specific
to your environment here.
Cheers,
Thomas Goirand (zigo)
Processed: RabbitMQ can actually start on arm64
Processing commands for cont...@bugs.debian.org: > severity 956152 important Bug #956152 [rabbitmq-server] rabbitmq-server: fails to install reliably on arm64 Severity set to 'important' from 'serious' > End of message, stopping processing here. Please contact me if you need assistance. -- 956152: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956152 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#956301: facter: patches to unblock the ruby transition
The 2 patches attached are based on 3.11.0-4. The first is wishlist, but
makes it easier for people who do Ruby to contribute patches, and the
second is really necessary to unblock the ruby transition to 2.7.
From 2a8e4c97457cea256120c1a59f1db79a37d4200f Mon Sep 17 00:00:00 2001
From: Antonio Terceiro
Date: Thu, 9 Apr 2020 11:13:29 -0300
Subject: [PATCH 1/2] Add patch to not fail build when bundler is installed
Closes: #956300
---
.../0007-Don-t-run-rspec-via-bundler.patch| 26 +++
debian/patches/series | 1 +
2 files changed, 27 insertions(+)
create mode 100644 debian/patches/0007-Don-t-run-rspec-via-bundler.patch
diff --git a/debian/patches/0007-Don-t-run-rspec-via-bundler.patch b/debian/patches/0007-Don-t-run-rspec-via-bundler.patch
new file mode 100644
index ..31dc149b
--- /dev/null
+++ b/debian/patches/0007-Don-t-run-rspec-via-bundler.patch
@@ -0,0 +1,26 @@
+From: Antonio Terceiro
+Date: Thu, 9 Apr 2020 11:10:03 -0300
+Subject: Don't run rspec via bundler
+
+Closes: #956300
+---
+ CMakeLists.txt | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index ab7eb2e..4ca0392 100644
+--- a/CMakeLists.txt
b/CMakeLists.txt
+@@ -160,9 +160,9 @@ add_subdirectory(locales)
+ # Add test executables for unit testing
+ add_test(NAME "libfacter\\ tests" COMMAND libfacter_test)
+ if (RUBY_FOUND)
+-find_program(BUNDLER_PATH NAMES bundle.bat bundle)
+-if (BUNDLER_PATH)
+-add_test(NAME "libfacter\\ specs" COMMAND ${BUNDLER_PATH} exec rspec WORKING_DIRECTORY "${PROJECT_SOURCE_DIR}/lib")
++find_program(RSPEC_PATH NAMES rspec)
++if (RSPEC_PATH)
++add_test(NAME "libfacter\\ specs" COMMAND rspec WORKING_DIRECTORY "${PROJECT_SOURCE_DIR}/lib")
+ endif()
+ endif()
+ # Debian: disable the smoke tests, as the build environment lacks necessary
diff --git a/debian/patches/series b/debian/patches/series
index 8bae5647..9f3fef85 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -4,3 +4,4 @@
0004-rapidjson-1.1-compat.patch
0005-fix-custom-facts-overriding-core.patch
0006-FACT-1916-fix-route-parsing-on-Linux.patch
+0007-Don-t-run-rspec-via-bundler.patch
--
2.26.0
From f69a814783851391f2a27e317119d70554b5f419 Mon Sep 17 00:00:00 2001
From: Antonio Terceiro
Date: Thu, 9 Apr 2020 11:14:27 -0300
Subject: [PATCH 2/2] Add a dependency on the minimal Ruby version needed
Closes: #956301
---
debian/control | 2 +-
debian/gen-ruby-dependency | 9 +
debian/rules | 4
3 files changed, 14 insertions(+), 1 deletion(-)
create mode 100755 debian/gen-ruby-dependency
diff --git a/debian/control b/debian/control
index bb5757bd..9b6cdc87 100644
--- a/debian/control
+++ b/debian/control
@@ -36,7 +36,7 @@ Homepage: https://github.com/puppetlabs/facter
Package: facter
Architecture: any
-Depends: libfacter3.11.0 (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends}
+Depends: libfacter3.11.0 (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends}, ${ruby-interpreter:Depends}
Description: collect and display facts about the system
Facter is Puppet’s cross-platform system profiling library. It discovers and
reports per-node facts, which are collected by the Puppet agent and are made
diff --git a/debian/gen-ruby-dependency b/debian/gen-ruby-dependency
new file mode 100755
index ..bcfd2a84
--- /dev/null
+++ b/debian/gen-ruby-dependency
@@ -0,0 +1,9 @@
+#!/usr/bin/ruby
+
+require 'ruby_debian_dev'
+
+dependency = RubyDebianDev::RUBY_INTERPRETERS.map do |interp, data|
+ lib = data[:shared_library]
+ RubyDebianDev.min_ruby_dependency_for(lib)
+end.join(', ')
+puts "ruby-interpreter:Depends=#{dependency}"
diff --git a/debian/rules b/debian/rules
index 5de884da..fda516b0 100755
--- a/debian/rules
+++ b/debian/rules
@@ -19,3 +19,7 @@ override_dh_link:
/usr/lib/$(DEB_HOST_MULTIARCH)/libfacter.so.$(DEB_VERSION_UPSTREAM) \
"$${target}/libfacter.so"; \
done
+
+override_dh_gencontrol:
+ ./debian/gen-ruby-dependency >> debian/facter.substvars
+ dh_gencontrol
--
2.26.0
signature.asc
Description: PGP signature
Bug#955318: marked as done (simhash: autopkgtest failure: ./test.sh: ./simhash: not found)
Your message dated Thu, 09 Apr 2020 14:37:35 + with message-id and subject line Bug#955318: fixed in simhash 0.0.20161225-2 has caused the Debian Bug report #955318, regarding simhash: autopkgtest failure: ./test.sh: ./simhash: not found to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 955318: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955318 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: simhash Version: 0.0.20161225-1 X-Debbugs-CC: debian...@lists.debian.org Severity: serious User: debian...@lists.debian.org Usertags: regression Dear maintainer(s), Your package has an autopkgtest, great. However, it fails. I copied some of the output at the bottom of this report. More information about this bug and the reason for filing it can be found on https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation Paul https://ci.debian.net/data/autopkgtest/testing/amd64/s/simhash/4737514/log.gz autopkgtest [13:47:48]: test test: [--- /tmp/autopkgtest-lxc.bo4q921j/downtmp/build.C5t/src/debian/tests/test: 12: ./test.sh: ./simhash: not found autopkgtest [13:47:49]: test test: ---] signature.asc Description: OpenPGP digital signature --- End Message --- --- Begin Message --- Source: simhash Source-Version: 0.0.20161225-2 Done: laokz We believe that the bug you reported is fixed in the latest version of simhash, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 955...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. laokz (supplier of updated simhash package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 8 Apr 2020 11:57:00 +0800 Source: simhash Architecture: source Version: 0.0.20161225-2 Distribution: unstable Urgency: medium Maintainer: laokz Changed-By: laokz Closes: 955318 Changes: simhash (0.0.20161225-2) unstable; urgency=medium . * Fix autopkgtest issue. Closes: #955318 omit prefix binary path in test.sh, update uscan watch. * Check and update to Debian Policy 4.5.0. Checksums-Sha1: 4ea94c4939229c2cc36734765d12db1e1af8c4a8 1873 simhash_0.0.20161225-2.dsc 174566917e64bdc4982079e09fef18fb125a8ae0 3560 simhash_0.0.20161225-2.debian.tar.xz 92a4e8fb8dd55350c37cac358304b6aec1bfb6e7 5788 simhash_0.0.20161225-2_source.buildinfo Checksums-Sha256: 12beb11f3eee14356941e1a060ac0fb7b7408466a55b62a12992f89bf25ddf52 1873 simhash_0.0.20161225-2.dsc b2a84c3dffa13027ae6107dba34cad67fc8b4f966784c3693651057534b51f6d 3560 simhash_0.0.20161225-2.debian.tar.xz 4604791ada371e9f3057681e125beefbe44ee79ed282cb064d50b632e6ed3a7a 5788 simhash_0.0.20161225-2_source.buildinfo Files: d0297fcba0832a7e93e424dada47c82e 1873 utils optional simhash_0.0.20161225-2.dsc f3259e594903bca525b85373d7290208 3560 utils optional simhash_0.0.20161225-2.debian.tar.xz b41a3827b371f79c8cc34a86d6b9ccda 5788 utils optional simhash_0.0.20161225-2_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEkjZVexcMh/iCHArDweDZLphvfH4FAl6PJkgACgkQweDZLphv fH5wkw//QWkXb/M9RdbfIo35yYwmLNNhBOutQ1dx4bREQUSBxo3BpSYZYjS0Rb44 3kRlj1oq69RFRSsEgpZCbB+z0vlg65piNGcQWXPc1o+NegmpmCdXaz2zmMBcnew9 omI7liSCVxbGJD2tdkVIFc94KmlLyyBrIDba/p7j2Z+0C35kVEuLvJWOu/8rC9b6 5QHYAC2yErtoNOAZa3K8wla+9WDAxvsQ3QqOJuhpNGzG1FFaZ+l5aP/qMsfYE3qJ QlLWrWexgaINbtYlTnOO/k6gOZeAaFTLWL+cFTsLhqzrOzhJ1MqfJPZ1LeLoGbWr PVii31e0ir9HU+rrIwjtanzf2bBAPN4lxqv34r3q9627jQTTJxNwa/ZIWlIQ+aiy ZAF2zDSFQphn30kR+are3M2WVrs+Rv4AOK+oKOD+0YsAiROsZPvLGLZyi14Spd+E jF1wsXUGJIvMNhUiIvLXUavq+ujAo0soPcQsaDLre+KkHBbRMiRauJeoUyDrryRV iAv7RyZAhpZvxG59js4gKT5qBxFMkZsXxhhzF3bc0Izn3TzWPPtSLkcseiWOVOko T+h5Bof9/9cbpjhVnUafOFySQ3P1cJqrZYMFMr0X/RCBV465RrjneercVL4GHFSw AZ6FSOABbSEM31Yf2jFhqjDuhm4mmjaWOb5dPiSzPkfTW7BaOsI= =txUW -END PGP SIGNATURE End Message ---
Bug#955250: marked as done (ocaml-fdkaac: FTBFS against fdk-aac 2.0.1)
Your message dated Thu, 09 Apr 2020 14:36:41 +
with message-id
and subject line Bug#955250: fixed in ocaml-fdkaac 0.3.2-1
has caused the Debian Bug report #955250,
regarding ocaml-fdkaac: FTBFS against fdk-aac 2.0.1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
955250: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955250
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: ocaml-fdkaac
Version: 0.3.1-3
Severity: serious
Tags: ftbfs sid bullseye
Justification: fails to build from source
ocaml-fdkaac fails to build against the new fdk-aac version available in
unstable:
| checking whether pkg-config knows about fdk-aac... configure: error: requires
version <= 0.1.6, found 2.0.1
| [snip]
| configure: exit 1
| dh_auto_configure: error: ./configure --build=x86_64-linux-gnu --prefix=/usr
--includedir=\${prefix}/include --mandir=\${prefix}/share/man
--infodir=\${prefix}/share/info --sysconfdir=/etc --localstatedir=/var
--disable-silent-rules --libdir=\${prefix}/lib/x86_64-linux-gnu
--libexecdir=\${prefix}/lib/x86_64-linux-gnu --runstatedir=/run
--disable-maintainer-mode --disable-dependency-tracking returned exit code 1
| make: *** [debian/rules:8: build] Error 25
Cheers
--
Sebastian Ramacher
signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: ocaml-fdkaac
Source-Version: 0.3.2-1
Done: Kyle Robbertze
We believe that the bug you reported is fixed in the latest version of
ocaml-fdkaac, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 955...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Kyle Robbertze (supplier of updated ocaml-fdkaac
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Thu, 09 Apr 2020 16:09:25 +0200
Source: ocaml-fdkaac
Binary: libfdkaac-ocaml libfdkaac-ocaml-dbgsym libfdkaac-ocaml-dev
libfdkaac-ocaml-dynlink libfdkaac-ocaml-dynlink-dbgsym
Architecture: source amd64
Version: 0.3.2-1
Distribution: unstable
Urgency: medium
Maintainer: Debian OCaml Maintainers
Changed-By: Kyle Robbertze
Description:
libfdkaac-ocaml - OCaml interface to the fdkaac library -- runtime files
libfdkaac-ocaml-dev - OCaml interface to the fdkaac library -- development
files
libfdkaac-ocaml-dynlink - OCaml interface to the fdkaac library -- dynamically
load
Closes: 955250
Changes:
ocaml-fdkaac (0.3.2-1) unstable; urgency=medium
.
* Update watch file
* New upstream version 0.3.2 (Closes: #955250)
* Bump Standards-Version (no change)
Checksums-Sha1:
6de4da4ecce24b9f6a5b56a3c2d3d1055bb71f17 2319 ocaml-fdkaac_0.3.2-1.dsc
bd56a4651842dc4461e12bf202108205d83dcb75 15369 ocaml-fdkaac_0.3.2.orig.tar.gz
45cc13cc492fc2b16e76be86f93b7cb58ebb9e85 2856
ocaml-fdkaac_0.3.2-1.debian.tar.xz
f83eff9316cf14f78eddfacd354fcffe7b6a14b6 9604
libfdkaac-ocaml-dbgsym_0.3.2-1_amd64.deb
8a386000739acff7c6def66a65a4edaccb26 19036
libfdkaac-ocaml-dev_0.3.2-1_amd64.deb
e2945157e2086e6db75ff3aa193ad18d24e0eb49 11564
libfdkaac-ocaml-dynlink-dbgsym_0.3.2-1_amd64.deb
6f451f08a8f2f5b2fbc2e3b39cfedbf6f17c6a50 25088
libfdkaac-ocaml-dynlink_0.3.2-1_amd64.deb
3cc8d6c7f4f1c6eb5694e2971bfa06fbebdcffba 6360 libfdkaac-ocaml_0.3.2-1_amd64.deb
2a99fd35c39b07361e49814a75f5c37c2921e49c 7307
ocaml-fdkaac_0.3.2-1_amd64.buildinfo
Checksums-Sha256:
4b4845e3bc120be953bca681d8bef317dcc1d69c555a9700442c71d805ecbf4b 2319
ocaml-fdkaac_0.3.2-1.dsc
0de28749e1435839ead013c385c6b963b88b57770e362e067139c2fd67a52e5f 15369
ocaml-fdkaac_0.3.2.orig.tar.gz
3a2d440be8517d0a81df835f7cc3a2274a9b75aac2db32f11c22925997bdbcfc 2856
ocaml-fdkaac_0.3.2-1.debian.tar.xz
266c6407f31907144bb3c6b346ced31eace7e32d6e3b69a74c2ef1729d981cbf 9604
libfdkaac-ocaml-dbgsym_0.3.2-1_amd64.deb
c39f9fb1b1c067bc62f276b81f9e409ad92018e0adc228bc9c13cf88d78b530e 19036
libfdkaac-ocaml-dev_0.3.2-1_amd64.deb
0261347be024264e40310d8bb442957f67335e845c200c17ec5c77dd6585b7e6 11564
libfdkaac-ocaml-dynlink-dbgsym_0.3.2-1_amd64.deb
7cf0ce24602bfe223d07f41e78412146b2fc533c0e868a9535bb8562bfb009f4 25088
libfdkaac-ocaml-dynlink_0.3.2-1_amd64.deb
Bug#945961: xz-utils: FTBFS: cannot stat 'debian/tmp/usr/lib/x86_64-linux-gnu/liblzma.so.*'
On 2020-04-09 14:32:07 [+0100], Dimitri John Ledkov wrote: > Here is the debdiff that makes everything work for me. > > It smells like a subtle breakage in detecting/parsing makefile > targets, or like make regression. > > It is still odd, i.e. there is build target, then binary target, which > then via dependencies calls binary-arch & binary-all. So not sure if > the results are correct or not. I suggested already something in [0]. Back then we were hoping for some feedback from the debhelper team. Now I was just asking if Jonathan is handling this and/or if we could also bump to current upstream version while at it. [0] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945961#10 Sebastian
Bug#938154: marked as done (python-sabyenc: Python2 removal in sid/bullseye)
Your message dated Thu, 09 Apr 2020 14:37:18 + with message-id and subject line Bug#938154: fixed in python-sabyenc 4.0.1-3 has caused the Debian Bug report #938154, regarding python-sabyenc: Python2 removal in sid/bullseye to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 938154: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=938154 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:python-sabyenc Version: 3.3.5-1 Severity: normal Tags: sid bullseye User: debian-pyt...@lists.debian.org Usertags: py2removal Python2 becomes end-of-live upstream, and Debian aims to remove Python2 from the distribution, as discussed in https://lists.debian.org/debian-python/2019/07/msg00080.html Your package either build-depends, depends on Python2, or uses Python2 in the autopkg tests. Please stop using Python2, and fix this issue by one of the following actions. - Convert your Package to Python3. This is the preferred option. In case you are providing a Python module foo, please consider dropping the python-foo package, and only build a python3-foo package. Please don't drop Python2 modules, which still have reverse dependencies, just document them. This is the preferred option. - If the package is dead upstream, cannot be converted or maintained in Debian, it should be removed from the distribution. If the package still has reverse dependencies, raise the severity to "serious" and document the reverse dependencies with the BTS affects command. If the package has no reverse dependencies, confirm that the package can be removed, reassign this issue to ftp.debian.org, make sure that the bug priority is set to normal and retitle the issue to "RM: PKG -- removal triggered by the Python2 removal". - If the package has still many users (popcon >= 300), or is needed to build another package which cannot be removed, document that by adding the "py2keep" user tag (not replacing the py2remove tag), using the debian-pyt...@lists.debian.org user. Also any dependencies on an unversioned python package (python, python-dev) must not be used, same with the python shebang. These have to be replaced by python2/python2.7 dependencies and shebang. This is the least preferred option. If the conversion or removal needs action on another package first, please document the blocking by using the BTS affects command, like affects + src:python-sabyenc If there is no py2removal bug for that reverse-dependency, please file a bug on this package (similar to this bug report). If there are questions, please refer to the wiki page for the removal: https://wiki.debian.org/Python/2Removal, or ask for help on IRC #debian-python, or the debian-pyt...@lists.debian.org mailing list. --- End Message --- --- Begin Message --- Source: python-sabyenc Source-Version: 4.0.1-3 Done: Sandro Tosi We believe that the bug you reported is fixed in the latest version of python-sabyenc, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 938...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sandro Tosi (supplier of updated python-sabyenc package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 09 Apr 2020 10:11:35 -0400 Source: python-sabyenc Architecture: source Version: 4.0.1-3 Distribution: unstable Urgency: medium Maintainer: JCF Ploemen (jcfp) Changed-By: Sandro Tosi Closes: 938154 Changes: python-sabyenc (4.0.1-3) unstable; urgency=medium . * Upload to unstable; Closes: #938154 Checksums-Sha1: ba3579adccb5c0f4b71b454f30ec44a893eec4a6 2198 python-sabyenc_4.0.1-3.dsc 420299fce782444b9c45bb6adac0596f1092f202 3520 python-sabyenc_4.0.1-3.debian.tar.xz 76d79a6c110279267fe236deb4ef8200f52c8fef 7263 python-sabyenc_4.0.1-3_source.buildinfo Checksums-Sha256: 5e4fb8d0c10170b0b29c5cbd2aa43337b484ac6a54c57f3b8e7ccffc39c25bb3 2198 python-sabyenc_4.0.1-3.dsc 4b22ad2713583f57222061fa5f523b6e5306fc13cade18d3fdf4afd771c35964 3520 python-sabyenc_4.0.1-3.debian.tar.xz 0a96abc8f15ad833f93ccf9807a1ef1dac3df448497b663cc66933b413adb34e 7263 python-sabyenc_4.0.1-3_source.buildinfo Files:
Bug#955582: closing 955582
close 955582 thanks no, actually this bug here is solved. the current problem is a separate one, I will open a new bug report about it.
Bug#956301: facter: missing dependency on ruby
Source: facter Version: 3.11.0-4 Severity: serious Justification: will break on every ruby interpreter transition facter does not have any dependency on ruby, so it can't specify which ruby it works with. In this case, in testing `ruby` is ruby 2.5, but the facter package from ustable only provides the library for ruby 2.7. So when trying to migrate ruby-defaults to testing removing ruby2.5 and making ruby2.7 the default, the autopkgtest of facter fail because it tries to run `ruby` (2.5) but the package built on unstable does not provide the library for ruby2.5 anymore. The failures look like this: autopkgtest [02:13:05]: test ruby: [--- /usr/lib/ruby/2.5.0/rubygems/core_ext/kernel_require.rb:59:in `require': libfacter was not found. Please make sure it was installed to the expected location. (LoadError) cannot load such file -- libfacter.so from /usr/lib/ruby/2.5.0/rubygems/core_ext/kernel_require.rb:59:in `require' from /usr/lib/ruby/vendor_ruby/facter.rb:30:in `' from /usr/lib/ruby/vendor_ruby/facter.rb:1:in `' from /usr/lib/ruby/2.5.0/rubygems/core_ext/kernel_require.rb:59:in `require' from /usr/lib/ruby/2.5.0/rubygems/core_ext/kernel_require.rb:59:in `require' from /tmp/autopkgtest-lxc.9xj2vp51/downtmp/build.d5Z/src/debian/tests/ruby:3:in `' autopkgtest [02:13:05]: test ruby: ---] autopkgtest [02:13:05]: test ruby: - - - - - - - - - - results - - - - - - - - - - ruby FAIL non-zero exit status 1 autopkgtest [02:13:43]: test puppet: [--- libfacter was not found. Please make sure it was installed to the expected location. cannot load such file -- libfacter.so autopkgtest [02:13:44]: test puppet: ---] autopkgtest [02:13:44]: test puppet: - - - - - - - - - - results - - - - - - - - - - puppet FAIL non-zero exit status 1 signature.asc Description: PGP signature
Processed: closing 955582
Processing commands for cont...@bugs.debian.org: > close 955582 Bug #955582 [src:facter] facter: autopkgtest needs update for new version of ruby-defaults: deprecation *warning* on stderr Marked Bug as done > thanks Stopping processing here. Please contact me if you need assistance. -- 955582: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955582 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: reopening 955582
Processing commands for cont...@bugs.debian.org:
> reopen 955582
Bug #955582 {Done: Utkarsh Gupta } [src:facter] facter:
autopkgtest needs update for new version of ruby-defaults: deprecation
*warning* on stderr
'reopen' may be inappropriate when a bug has been closed with a version;
all fixed versions will be cleared, and you may need to re-add them.
Bug reopened
No longer marked as fixed in versions facter/3.11.0-4.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
955582: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955582
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Bug#955976: marked as done (dbusada: FTBFS on unstable: /usr/bin/ld: cannot open output file obj/tests/rebounder: No such file or directory)
Your message dated Thu, 9 Apr 2020 15:58:01 +0200 with message-id <20200409135801.GC23305@nicolasthinkpad> and subject line close 955976 has caused the Debian Bug report #955976, regarding dbusada: FTBFS on unstable: /usr/bin/ld: cannot open output file obj/tests/rebounder: No such file or directory to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 955976: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955976 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: dbusada Version: 0.5.0-3 Severity: serious Tags: ftbfs bullseye sid Justification: fails to build from source dbusada currently fails to build on unstable. The full build log is attached, and hopefully the relevant part is the following: make[1]: Entering directory '/<>' /usr/bin/make tests GNAT_BUILDER_FLAGS='-j2 -R -v -eS' ADAFLAGS=' -g -O2 -fdebug-prefix-map=/<>=. -fstack-protector-strong ' LDFLAGS='-Wl,-z,relro -Wl,-z,now -Wl,--no-undefined -Wl,--no-copy-dt-needed-entries -Wl,--no-allow-shlib-undefined' VERSION='0.5.0' make[2]: Entering directory '/<>' gprbuild -p -j2 -R -v -eS "-XADAFLAGS=-g -O2 -fdebug-prefix-map=/<>=. -fstack-protector-strong " "-XLDFLAGS=-Wl,-z,relro -Wl,-z,now -Wl,--no-undefined -Wl,--no-copy-dt-needed-entries -Wl,--no-allow-shlib-undefined" "-XVERSION=0.5.0" -Pd_bus_ada_tests -XLIBRARY_KIND=static gcc tests/c/dbus-rebound.c `pkg-config --cflags --libs dbus-glib-1` -o obj/tests/rebounder /usr/bin/ld: cannot open output file obj/tests/rebounder: No such file or directory collect2: error: ld returned 1 exit status make[2]: *** [Makefile:73: obj/tests/rebounder] Error 1 -- System Information: Debian Release: bullseye/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'unstable'), (500, 'testing'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 5.4.0-4-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_CRAP Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), LANGUAGE=pt_BR:pt:en (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled dbusada-ftbfs.log.gz Description: application/gzip signature.asc Description: PGP signature --- End Message --- --- Begin Message --- A typo in the changelog entry for 0.5.0-4 has prevented the automatic normal closure.--- End Message ---
Processed: reassign python-related bugs to the separate package
Processing commands for cont...@bugs.debian.org: > reassign 936869 libgnatcoll-python Bug #936869 [src:libgnatcoll-bindings] libgnatcoll-bindings: Python2 removal in sid/bullseye Bug reassigned from package 'src:libgnatcoll-bindings' to 'libgnatcoll-python'. Warning: Unknown package 'libgnatcoll-python' Warning: Unknown package 'libgnatcoll-python' No longer marked as found in versions libgnatcoll-bindings/18-2.1. Warning: Unknown package 'libgnatcoll-python' Warning: Unknown package 'libgnatcoll-python' Ignoring request to alter fixed versions of bug #936869 to the same values previously set Warning: Unknown package 'libgnatcoll-python' > reassign 760004 libgnatcoll-python Bug #760004 [libgnatcoll-bindings] please build using python3, supported by libgnatcoll Bug reassigned from package 'libgnatcoll-bindings' to 'libgnatcoll-python'. Warning: Unknown package 'libgnatcoll-python' Warning: Unknown package 'libgnatcoll-python' No longer marked as found in versions 18-1. Warning: Unknown package 'libgnatcoll-python' Warning: Unknown package 'libgnatcoll-python' Ignoring request to alter fixed versions of bug #760004 to the same values previously set Warning: Unknown package 'libgnatcoll-python' > End of message, stopping processing here. Please contact me if you need assistance. -- 760004: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=760004 936869: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=936869 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#956276: runescape: downloads unverified binary and runs it
Le 09/04/2020 15:18, Stephen Kitt a écrit : [...] When a user installs a package in Debian, there’s a reasonable expectation that the user will get when the maintainer intended. Even Sorry, *what* the maintainer intended. [...]
Bug#945961: xz-utils: FTBFS: cannot stat 'debian/tmp/usr/lib/x86_64-linux-gnu/liblzma.so.*'
On Sat, 4 Apr 2020 22:07:52 +0200 Sebastian Andrzej Siewior wrote: > On 2019-12-03 20:18:20 [-0800], Jonathan Nieder wrote: > > Hi, > Hi, > > > Let's track down the cause first, before pursuing workarounds. > > Nothing happened here so far and I almost forgot about it. xz 5.2.5 has > been released in the meantime. Do you want me to help you out in anyway? > I could add the fix I suggested and prepare the new release. > Here is the debdiff that makes everything work for me. It smells like a subtle breakage in detecting/parsing makefile targets, or like make regression. It is still odd, i.e. there is build target, then binary target, which then via dependencies calls binary-arch & binary-all. So not sure if the results are correct or not. diff -Nru xz-utils-5.2.4/debian/changelog xz-utils-5.2.4/debian/changelog --- xz-utils-5.2.4/debian/changelog 2019-01-28 01:09:34.0 + +++ xz-utils-5.2.4/debian/changelog 2020-04-09 14:13:56.0 +0100 @@ -1,3 +1,10 @@ +xz-utils (5.2.4-1.1) unreleased; urgency=medium + + * Non-maintainer upload. + * Fix FTBFS due to odd targets in debian/rules. Closes: #945961 + + -- Dimitri John Ledkov Thu, 09 Apr 2020 14:13:56 +0100 + xz-utils (5.2.4-1) unstable; urgency=low * New upstream release. Closes: #851615. diff -Nru xz-utils-5.2.4/debian/rules xz-utils-5.2.4/debian/rules --- xz-utils-5.2.4/debian/rules 2019-01-28 01:07:43.0 + +++ xz-utils-5.2.4/debian/rules 2020-04-09 14:11:01.0 +0100 @@ -1,10 +1,10 @@ #!/usr/bin/make -f -build clean install binary-arch binary-indep binary: +%: +dh $@ --parallel $(opt_no_act) # Runs tests, too, if and only if nocheck is unset (see below). -build-arch:: build-plain build-static build-small +build-arch: build-plain build-static build-small build-indep: debian/normal-build/Makefile cd debian/normal-build && doxygen Doxyfile @@ -133,9 +133,9 @@ endif ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS))) -build-arch:: debian/test-plain-stamp -build-arch:: debian/test-static-stamp -build-arch:: debian/test-xzdec-stamp +build-arch: debian/test-plain-stamp +build-arch: debian/test-static-stamp +build-arch: debian/test-xzdec-stamp endif # Build a tarball with the latest upstream version.
Bug#956276: runescape: downloads unverified binary and runs it
Am 09.04.20 um 13:58 schrieb Stephen Kitt: > Le 09/04/2020 13:44, Markus Koschany a écrit : >> Am 09.04.20 um 13:24 schrieb Stephen Kitt: >>> On Thu, 9 Apr 2020 12:37:03 +0200, Markus Koschany >>> wrote: Am 09.04.20 um 11:36 schrieb Ivo De Decker: > It seems runescape downloads a binary and runs it, without > verifying its > integrity. At least the download happens using https, but no other > verification is done. Could you quote the relevant part of Debian Policy, that requires verification (and what kind of verification) of downloaded files. Is downloading of verified orig tarballs now a requirement or is it still just sufficient to download the tarball and verify its integrity by hand? >>> >>> This is a bit different: runescape downloads a binary the first time >>> it’s >>> run by any given user, so each user can potentially get a different >>> binary. >>> Checking orig tarballs (whether using a signing key or manually) >>> produces a >>> result which remains the same for all users... >> >> How is this any different? It is possible that tarballs from github.com >> differ each time a user is downloading them, but we don't require >> verification. Where is this documented in Debian Policy as a "must" >> requirement? > > Installing a Debian package doesn’t involve downloading a tarball from > github.com or anywhere else. A packager downloads the tarball, vets it > in some way or other (hopefully), and then uploads it to Debian > infrastructure, where it is used to build the binary packages which > users eventually download. After the initial upload, the contents don’t > change, unless a new version is uploaded. In general we offer users the opportunity to rebuild a package from scratch. That sometimes includes precise instructions in README.source and a get-orig-source target in debian/rules but we often just assume that running uscan will download the same original tarball that is shipped in Debian's archive. In many cases this assumption is not true and users will get a different tarball. Nowhere do we enforce that the data is identical. > Put another way, when you install a Debian package, you get the exact > same contents as any other user installing the same version of the > package, and thus a certain amount of collective trust can be built. > This isn’t necessarily the case with the runescape package. Right, because the runescape package does neither qualify for main nor contrib hence why it was put in non-free and for its purpose the level of trust is sufficient. >> Note that we are talking about a non-free game here. The user has to >> trust the publisher and there is nothing Debian can do about it. We only >> provide a simple helper script to download the binary, which is done >> about a secure transport channel. This is just a little more convenient >> than to download it directly with your favorite web browser. > > Oh I know, we can’t do anything about trusting the publisher. The main > issue is that if for whatever reason a compromised JAR is put in place > on the upstream site, the runescape package will download it and run it > without any warning. Even the TLS protection doesn’t do much since the > download script doesn’t check the upstream certificate (so the site > could be hijacked and it would still work). As Simon has already pointed out, the binary hash/signature will probably change due to updates or other minor changes. That makes runescape prone to other RC bugs and any implementation to validate the launcher should take that into consideration. > Consider it this way: the packager will presumably check the package > before upload, and we can consider the JAR at that point to be > trustworthy (for some value of trustworthy). But there is absolutely no > guarantee that the JAR which users will receive bears any resemblance to > the JAR checked by the packager. If someone wants to implement some form of verification, hash or something else, please do. I still don't see why this issue is a Policy violation and why everyone seems to require the same standards as in main or contrib when the package is in non-free and does not have to comply with each and every part of the DFSG. In my opinion the package is very simple and sufficient for its purpose. A warning message may help here too. Construing a Policy violation seems wrong to me. signature.asc Description: OpenPGP digital signature
Bug#956287: Problems identified in debian/copyright
Hello,
Bravo for the detective work.
I fixed the issues in llvm-toolchain-10.
https://salsa.debian.org/pkg-llvm-team/llvm-toolchain/-/commits/10
will merge that in snapshot
Le 09/04/2020 à 13:17, Michael Lustfield a écrit :
Package: llvm-toolchain-snapshot
Version: 11~++20200307074845+ec1d1f6ae70-1~exp1
Severity: serious
I noticed that this package appears to have some issues with debian/copyright.
thanks
Binary data exists with no indication that it can be rebuilt from source:
- lldb/unittests/ObjectFile/ELF/Inputs/early-section-headers.so
- lldb/unittests/Target/Inputs/TestModule.so
- soo many *.so files
- also many *.exe files
- Note: Test data is *not* excluded from DFSG.
It is a compiler. It is normal to have such files...
If they don't have sources, I don't think it is a big deal...
I can remove them but it will just degrade the quality of what we are shipping.
These have a copyright/license that is not represented in d/copyright:
- lib/External/{many}
there isn't any lib/ directory?
- llvm/utils/unittest/googletest/*
Represented here:
https://sources.debian.org/src/llvm-toolchain-10/1:10.0.0-2/debian/copyright/#L119-L121
(the path moved)
- llvm/utils/unittest/googlemock/*
done
- llvm/test/YAMLParser/*
same as google test
https://sources.debian.org/src/llvm-toolchain-10/1:10.0.0-2/debian/copyright/#L97-L99
- clang/lib/Headers/cuda_wrappers/*
done
- llvm/include/llvm/Support/MD5.h
+ Note: pseudonyms don't need to be represented; "2001 Alexander Peslyak
"
fixed
- clang/lib/Headers/:
+ avx512vlvp2intersectintrin.h
+ avx512vp2intersectintrin.h
done
- Note: This is not an exhaustive list.
libcxx/* indicates the wrong license *and* omits a copyright holder. (just
delete that paragraph)
Removed, thanks
> The same applies to polly/tools/GPURuntime/; it is
correctly represented when the paragraph is deleted).
ditto
clang/lib/Headers/* is represented as using Expat; this is not correct.
fixed
Multiple copyright blocks are mentioned for source that does not exist:
- lib/Support/reg*
updated
(a lot of paths moved with the upstream svn => git migration)
- lldb/test/unittest2/*
updated
- polly/lib/JSON/*
removed
- test/YAMLParser/*
updated
- utils/unittest/googletest/*
updated
Note: If `polly/lib/JSON/` existed, "fixme" would have been unacceptable. It
should have copied LICENSE.txt.
good it is removed :)
Although not critical, the machine-readable copyright spec expects license
texts to either be with that paragraph or as an entirely unique paragraph. In
this case, it applies to BSD-3-Clause, expat, and u-of-i-bsd-like. Please see
missing-license-paragraph-in-dep5-copyright for additional information.
Also, it is not required to use four separate paragraphs;
"compiler-rt/lib/BlocksRuntime/*" is sufficient.
It is also possible to combine files:
Files:
compiler-rt/lib/BlocksRuntime/*
lldb/tools/debugserver/source/MacOSX/stack_logging.h
Copyright: 1999-2007 Apple Inc.
License: Apple
thanks!
Processed: Merge duplicates
Processing commands for cont...@bugs.debian.org:
> reassign 954625 src:openssl
Bug #954625 [src:pytest-httpbin] pytest-httpbin: FTBFS: dh_auto_test: error:
pybuild --test --test-pytest -i python{version} -p "3.7 3.8" returned exit code
13
Bug reassigned from package 'src:pytest-httpbin' to 'src:openssl'.
No longer marked as found in versions pytest-httpbin/1.0.0-2.
Ignoring request to alter fixed versions of bug #954625 to the same values
previously set
> forcemerge 955442 954625
Bug #955442 {Done: Sebastian Andrzej Siewior }
[src:openssl] openssl breaks libio-socket-ssl-perl autopkgtest: 20 times "not
ok"
Bug #954625 [src:openssl] pytest-httpbin: FTBFS: dh_auto_test: error: pybuild
--test --test-pytest -i python{version} -p "3.7 3.8" returned exit code 13
Marked Bug as done
Added indication that 954625 affects src:libio-socket-ssl-perl
Marked as fixed in versions openssl/1.1.1f-1.
Marked as found in versions openssl/1.1.1e-1.
Bug #955442 {Done: Sebastian Andrzej Siewior }
[src:openssl] openssl breaks libio-socket-ssl-perl autopkgtest: 20 times "not
ok"
Added tag(s) ftbfs.
Merged 954625 955442
> affects 955442 src:pytest-httpbin
Bug #955442 {Done: Sebastian Andrzej Siewior }
[src:openssl] openssl breaks libio-socket-ssl-perl autopkgtest: 20 times "not
ok"
Bug #954625 {Done: Sebastian Andrzej Siewior }
[src:openssl] pytest-httpbin: FTBFS: dh_auto_test: error: pybuild --test
--test-pytest -i python{version} -p "3.7 3.8" returned exit code 13
Added indication that 955442 affects src:pytest-httpbin
Added indication that 954625 affects src:pytest-httpbin
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
954625: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954625
955442: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955442
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Bug#956276: runescape: downloads unverified binary and runs it
Le 09/04/2020 13:44, Markus Koschany a écrit : Am 09.04.20 um 13:24 schrieb Stephen Kitt: On Thu, 9 Apr 2020 12:37:03 +0200, Markus Koschany wrote: Am 09.04.20 um 11:36 schrieb Ivo De Decker: It seems runescape downloads a binary and runs it, without verifying its integrity. At least the download happens using https, but no other verification is done. Could you quote the relevant part of Debian Policy, that requires verification (and what kind of verification) of downloaded files. Is downloading of verified orig tarballs now a requirement or is it still just sufficient to download the tarball and verify its integrity by hand? This is a bit different: runescape downloads a binary the first time it’s run by any given user, so each user can potentially get a different binary. Checking orig tarballs (whether using a signing key or manually) produces a result which remains the same for all users... How is this any different? It is possible that tarballs from github.com differ each time a user is downloading them, but we don't require verification. Where is this documented in Debian Policy as a "must" requirement? Installing a Debian package doesn’t involve downloading a tarball from github.com or anywhere else. A packager downloads the tarball, vets it in some way or other (hopefully), and then uploads it to Debian infrastructure, where it is used to build the binary packages which users eventually download. After the initial upload, the contents don’t change, unless a new version is uploaded. Put another way, when you install a Debian package, you get the exact same contents as any other user installing the same version of the package, and thus a certain amount of collective trust can be built. This isn’t necessarily the case with the runescape package. Note that we are talking about a non-free game here. The user has to trust the publisher and there is nothing Debian can do about it. We only provide a simple helper script to download the binary, which is done about a secure transport channel. This is just a little more convenient than to download it directly with your favorite web browser. Oh I know, we can’t do anything about trusting the publisher. The main issue is that if for whatever reason a compromised JAR is put in place on the upstream site, the runescape package will download it and run it without any warning. Even the TLS protection doesn’t do much since the download script doesn’t check the upstream certificate (so the site could be hijacked and it would still work). Consider it this way: the packager will presumably check the package before upload, and we can consider the JAR at that point to be trustworthy (for some value of trustworthy). But there is absolutely no guarantee that the JAR which users will receive bears any resemblance to the JAR checked by the packager. Regards, Stephen
Bug#956273: marked as done (mikutter: uninstallable in sid)
Your message dated Thu, 09 Apr 2020 12:03:55 + with message-id and subject line Bug#956273: fixed in mikutter 4.0.4+dfsg1-1 has caused the Debian Bug report #956273, regarding mikutter: uninstallable in sid to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 956273: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956273 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: mikutter Version: 3.9.8+dfsg-1 Severity: serious Hello, looks like your package depends on an old ruby-delayer version mikutter : Depends: ruby-delayer (< 1.1) but 1.1.2-1 is to be installed Depends: ruby-delayer-deferred (< 2.2) but 2.2.0-1 is to be installed this makes your package uninstallable in sid, preventing ruby-delayer and ruby-delayer-deferred from testing migration. Can you please fix? Gianfranco --- End Message --- --- Begin Message --- Source: mikutter Source-Version: 4.0.4+dfsg1-1 Done: Youhei SASAKI We believe that the bug you reported is fixed in the latest version of mikutter, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 956...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Youhei SASAKI (supplier of updated mikutter package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 09 Apr 2020 20:43:01 +0900 Source: mikutter Architecture: source Version: 4.0.4+dfsg1-1 Distribution: unstable Urgency: medium Maintainer: Debian Ruby Extras Maintainers Changed-By: Youhei SASAKI Closes: 956273 Changes: mikutter (4.0.4+dfsg1-1) unstable; urgency=medium . * New upstream version 4.0.4+dfsg1 * Bump Depends versions (Closes: #956273) * Drop obsolete patch * Add patch:Import Git HEAD:origin/develop-2020-03-18 Checksums-Sha1: 8ff17d38e9fc3dffd331747fde7af3e79e0d1363 2053 mikutter_4.0.4+dfsg1-1.dsc c15ad2a3366c462232d09d093c6306092dbc3d87 1523548 mikutter_4.0.4+dfsg1.orig.tar.xz ed6c6746ca71bedb4b5ed2c47d12c4912f0e731e 168788 mikutter_4.0.4+dfsg1-1.debian.tar.xz f4ddbf65b941aa79a84cd74b445b4aedc097206e 5556 mikutter_4.0.4+dfsg1-1_amd64.buildinfo Checksums-Sha256: 26d6055e1e099523480410c33cf4728a0ba5ca3ff2ef046374fe44579768cb6b 2053 mikutter_4.0.4+dfsg1-1.dsc 15993d881d84c81d2cc274bc7421f4291de076a5ab412273094ee49c84565228 1523548 mikutter_4.0.4+dfsg1.orig.tar.xz 90a0579bb298cf741d41f60b6a3782ff15cb52f9c2538a22294de2c974764b36 168788 mikutter_4.0.4+dfsg1-1.debian.tar.xz faaa5ba86cf876bdc3bf7523d537f11e9f5ce98161023d3faa720d36a880a3bb 5556 mikutter_4.0.4+dfsg1-1_amd64.buildinfo Files: d9b9b6de5a6543ada86a5a0a8f945cf3 2053 net optional mikutter_4.0.4+dfsg1-1.dsc f08dd5151d20ffc88b24ffd503f45560 1523548 net optional mikutter_4.0.4+dfsg1.orig.tar.xz 97f25657dad5e1383e245047c976bcfa 168788 net optional mikutter_4.0.4+dfsg1-1.debian.tar.xz 0213d0a1fae87e19662709357cc6dee0 5556 net optional mikutter_4.0.4+dfsg1-1_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEZqTqcE/iQFWNasLmk5TzVIkdfgcFAl6PCvcACgkQk5TzVIkd fgfWIQ/+MaiBY/P+XxromGVuxkIm7gpM6k2AE3ZVtaCGXbMpEMXSizcdRBsMdYOw Pt7ySCBQdv1MLRz7HdBaPIILytQ1sWMPrwPVj76VSkw5G+YL55z9jfRrQG0UQ3JE ZcszH5YzcdCXOM/KsVDQ23zZuo1Pdgh2pXIYpxpv2S3Acwx1mRv2xmpBQ7uan418 brFVqCqoVHReC4LOvZ1llveHKb3E8FLNvTJ0p/4CSOy7v7l57iOhC38BwevkMUnW xHu/yidN4OCJsrPzvZFbk5gkXJRQRKEpjuTp1LEYpEvCNQsczLSOrJiSU/PZcjhU Rq+T6gnq2V/Mt7VYWXla0jLwgSfUHnQyyQi8qWRW22rg3wq5ZEsdbwZrD8ebdpCJ GeFL4BcOG/Ms8zbNTP5WAvqf9nCPU+nMvCbZRfcSifDPyu+EHtolKMRfglwoGG5X c1zQK4tMMItdh3gLwHRD9vojRdEITuXfHg6U9cfydjEcxBa4+vKBgVpsuxBrWSY0 8532BEhf/RQHqF5/KBlDKESvGaQVCWpq+60t/LzYT3VouLRd1eArMEj8ywNVgRAY icgtJtqqLOzDOmPTDecjPb9/IU1uTvsyN8ze4221dNK61/fslGFn5QrsqpUcTbpV +EuVrVQIBCCNgGVjHhmQf9/BVzP84io1wqucI3YWXun1XnIiUyU= =PsH0 -END PGP SIGNATURE End Message ---
Bug#956295: dh-python: autopkgtest needs update for new version of python3-defaults: missing interpreter: /usr/bin/python3.7
Source: dh-python
Version: 4.20200315
Severity: serious
Tags: sid bullseye
User: debian...@lists.debian.org
Usertags: needs-update
Control: affects -1 src:python3-defaults
[X-Debbugs-CC: debian...@lists.debian.org,
python3-defau...@packages.debian.org]
Dear maintainer(s),
With a recent upload of python3-defaults the autopkgtest of dh-python
fails in testing when that autopkgtest is run with the binary packages
of python3-defaults from unstable. It passes when run with only packages
from testing. In tabular form:
passfail
python3-defaults from testing3.8.2-3
dh-python from testing4.20200315
all others from testingfrom testing
I copied some of the output at the bottom of this report.
Currently this regression is blocking the migration of python3-defaults
to testing [1]. Of course, python3-defaults shouldn't just break your
autopkgtest (or even worse, your package), but it seems to me that the
change in python3-defaults was intended and your package needs to update
to the new situation.
If this is a real problem in your package (and not only in your
autopkgtest), the right binary package(s) from python3-defaults should
really add a versioned Breaks on the unfixed version of (one of your)
package(s). Note: the Breaks is nice even if the issue is only in the
autopkgtest as it helps the migration software to figure out the right
versions to combine in the tests.
More information about this bug and the reason for filing it can be found on
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation
Paul
[1] https://qa.debian.org/excuses.php?package=python3-defaults
https://ci.debian.net/data/autopkgtest/testing/amd64/d/dh-python/4887820/log.gz
==
FAIL: Doctest: dhpython.interpreter.Interpreter.symlinked_include_dir
--
Traceback (most recent call last):
File "/usr/lib/python3.8/doctest.py", line 2197, in runTest
raise self.failureException(self.format_failure(new.getvalue()))
AssertionError: Failed doctest test for
dhpython.interpreter.Interpreter.symlinked_include_dir
File "/usr/share/dh-python/dhpython/interpreter.py", line unknown line
number, in symlinked_include_dir
--
File "/usr/share/dh-python/dhpython/interpreter.py", line ?, in
dhpython.interpreter.Interpreter.symlinked_include_dir
Failed example:
Interpreter('python3.7').symlinked_include_dir
Expected:
'/usr/include/python3.7'
Got:
'/usr/include/python'
>> begin captured logging <<
dhpython: DEBUG: cannot get include path
Traceback (most recent call last):
File "/usr/share/dh-python/dhpython/interpreter.py", line 424, in
symlinked_include_dir
result = self._get_config()[2]
File "/usr/share/dh-python/dhpython/interpreter.py", line 545, in
_get_config
conf_vars = self._execute(cmd, version).split('__SEP__')
File "/usr/share/dh-python/dhpython/interpreter.py", line 562, in _execute
raise Exception("cannot execute command due to missing "
Exception: cannot execute command due to missing interpreter:
/usr/bin/python3.7
- >> end captured logging << -
--
Ran 26 tests in 0.088s
FAILED (failures=1)
autopkgtest [05:13:23]: test nosetests: ---]
signature.asc
Description: OpenPGP digital signature
Processed: dh-python: autopkgtest needs update for new version of python3-defaults: missing interpreter: /usr/bin/python3.7
Processing control commands: > affects -1 src:python3-defaults Bug #956295 [src:dh-python] dh-python: autopkgtest needs update for new version of python3-defaults: missing interpreter: /usr/bin/python3.7 Added indication that 956295 affects src:python3-defaults -- 956295: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956295 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Bug 956268
Processing commands for cont...@bugs.debian.org: > severity 956268 normal Bug #956268 [ublock-origin] Problems identified in debian/copyright Severity set to 'normal' from 'serious' > thanks Stopping processing here. Please contact me if you need assistance. -- 956268: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956268 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#956273: marked as pending in mikutter
Control: tag -1 pending Hello, Bug #956273 in mikutter reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/ruby-team/mikutter/-/commit/73874691f184142ac1c65831e7bb9e9814bb239c Bump Depends versions (Closes: #956273) Signed-off-by: Youhei SASAKI (this message was generated automatically) -- Greetings https://bugs.debian.org/956273
Processed: Bug#956273 marked as pending in mikutter
Processing control commands: > tag -1 pending Bug #956273 [src:mikutter] mikutter: uninstallable in sid Added tag(s) pending. -- 956273: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956273 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: your mail
Processing commands for cont...@bugs.debian.org: > severity 956268 serious Bug #956268 [ublock-origin] Problems identified in debian/copyright Severity set to 'serious' from 'normal' > End of message, stopping processing here. Please contact me if you need assistance. -- 956268: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956268 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#956276: runescape: downloads unverified binary and runs it
Am 09.04.20 um 13:24 schrieb Stephen Kitt: > On Thu, 9 Apr 2020 12:37:03 +0200, Markus Koschany wrote: >> Am 09.04.20 um 11:36 schrieb Ivo De Decker: >>> It seems runescape downloads a binary and runs it, without verifying its >>> integrity. At least the download happens using https, but no other >>> verification is done. >> >> Could you quote the relevant part of Debian Policy, that requires >> verification (and what kind of verification) of downloaded files. Is >> downloading of verified orig tarballs now a requirement or is it still >> just sufficient to download the tarball and verify its integrity by hand? > > This is a bit different: runescape downloads a binary the first time it’s > run by any given user, so each user can potentially get a different binary. > Checking orig tarballs (whether using a signing key or manually) produces a > result which remains the same for all users... How is this any different? It is possible that tarballs from github.com differ each time a user is downloading them, but we don't require verification. Where is this documented in Debian Policy as a "must" requirement? Note that we are talking about a non-free game here. The user has to trust the publisher and there is nothing Debian can do about it. We only provide a simple helper script to download the binary, which is done about a secure transport channel. This is just a little more convenient than to download it directly with your favorite web browser. signature.asc Description: OpenPGP digital signature
Bug#956260: Bug#956260: bkchem: should this package be removed?
Am Donnerstag, den 09.04.2020, 08:48 +0200 schrieb Tone Kokalj: > On 2020-04-09 06:14, Sandro Tosi wrote: [..] > > i think this pacakge should be removed from debian: > > > > > > * python2-only > > * dead upstream (last release in 2010) > > * relatively low pop-con > > * keeps in the archive at least 1 package that could be removed if we > > remove > > bkchem > > > > if I dont receive within week a good reason to keep this pacakge in the > > archive, > > i'll file for its removal. > > To my opinion, bkchem is the best simple program for drawing chemical > skeletal formulae. > As a chemist I use it all the time. It would really be a pity if it > disappears from Debian. It seems there was some attempt to port it: https://python-forum.io/Thread-Error-during-2to3-conversion I can run this tool locally (2to3 package). It seems it throws some errors on some files and I'm currently checking if these errors can be fixed by using iconv. However the changes are huge! So if someone else with Python knowledge wants to port it, pleaes feel free to do so. I checked the other distros. But none has any python3 patch. Regards, Daniel signature.asc Description: This is a digitally signed message part
Bug#956284: marked as done (Problems identified in debian/copyright)
Your message dated Thu, 9 Apr 2020 06:33:41 -0500 with message-id <20200409063341.4074dcf5@tea> and subject line has caused the Debian Bug report #956284, regarding Problems identified in debian/copyright to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 956284: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956284 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: polybar Version: 3.4.2-1 Severity: serious I noticed that this package appears to have a minor issue debian/copyright. lib/i3ipcpp/3rd/auss/* is missing a reference for Unlicense. FWIW- Most jurisdictions have very strict copyright laws and do not permit authors to relinquish material as "public domain," hence the Unlicense license. This /is/ a license and must be correctly represented in d/copyright. If you need further clarification, please don't hesitate to ask. --- End Message --- --- Begin Message --- X-CrossAssassin-Score: 15995--- End Message ---
Bug#956276: runescape: downloads unverified binary and runs it
On Thu, 09 Apr 2020 at 12:37:03 +0200, Markus Koschany wrote:
> Am 09.04.20 um 11:36 schrieb Ivo De Decker:
> > It seems runescape downloads a binary and runs it, without verifying its
> > integrity. At least the download happens using https, but no other
> > verification is done.
>
> Could you quote the relevant part of Debian Policy, that requires
> verification (and what kind of verification) of downloaded files. Is
> downloading of verified orig tarballs now a requirement or is it still
> just sufficient to download the tarball and verify its integrity by hand?
This isn't about an .orig tarball. The runescape package does not actually
contain the non-free Runescape game; it's a downloader/launcher, which
downloads https://oldschool.runescape.com/downloads/jagexappletviewer.jar
and runs it using a Java interpreter. See:
https://sources.debian.org/src/runescape/0.6-2/src/runescape.sh/
(runescape-launcher would have been a more appropriate name for the
package, but it's a bit late for that now.)
I would personally say this would be a lot more appropriate
to install via something like Flatpak or Snap that has OS-level
sandboxing. https://flathub.org/apps/details/com.jagex.RuneScape and
https://snapcraft.io/runescape are both available. The Snap is more
feature-complete than this package, by fetching both the latest client
("Runescape 3") and the older Java client ("oldschool Runescape") on
first run, whereas this package only includes the older Java client. The
Flatpak seems to be just Runescape 3, if I'm understanding its packaging
files correctly; it fetches a known-good version out-of-band during
installation, as Flatpak "extra data" that is checked against a known hash.
If we assume that a .deb for "oldschool Runescape" in the Debian
contrib/non-free archive areas is desirable, then it's difficult to see
how else this particular package could work, assuming the downloadable
file is non-distributable. The URL to the downloadable file isn't
versioned, so presumably it will change during the lifetime of a
Debian stable release, which would invalidate any stored hashes in the
Debian package. This also makes it unsuitable to be handled as Flatpak
"extra-data" or packaged by game-data-packager.
smcv
Bug#956276: runescape: downloads unverified binary and runs it
On Thu, 9 Apr 2020 12:37:03 +0200, Markus Koschany wrote: > Am 09.04.20 um 11:36 schrieb Ivo De Decker: > > It seems runescape downloads a binary and runs it, without verifying its > > integrity. At least the download happens using https, but no other > > verification is done. > > Could you quote the relevant part of Debian Policy, that requires > verification (and what kind of verification) of downloaded files. Is > downloading of verified orig tarballs now a requirement or is it still > just sufficient to download the tarball and verify its integrity by hand? This is a bit different: runescape downloads a binary the first time it’s run by any given user, so each user can potentially get a different binary. Checking orig tarballs (whether using a signing key or manually) produces a result which remains the same for all users... Regards, Stephen pgp5TtfEIzrTV.pgp Description: OpenPGP digital signature
Bug#956289: Problems identified in debian/copyright
Package: mpich Version: 3.4~a2-3 Severity: serious I noticed that this package appears to have some issues with debian/copyright. A copyright is missing for: - src/hwloc/* - src/izem/* - src/mpi/romio - probably more... (I did not look at every subdirectory.) There is also a copyright paragraph for contrib/knem/, which is unused. There are also some Lintian warnings which would be beneficial to look at. If you need further clarification, please don't hesitate to ask.
Bug#956288: Problems identified in debian/copyright
Package: dracut Version: 050+31-1 Severity: serious I noticed that this package appears to have some issues with debian/copyright. The first copyright paragraph is missing 'Files: *'. There is a duplicate 'debian/*' paragraph (merge the copyright holders). An alternate copyright is mentioned in modules.d/90lvm/*.rules. (note: RH employee) Although it's nice you noticed the extra Redhat copyright mentioned in install/dracut-install.c, it's worth noting that this name shows up on many others. This project appears to have been driven primarily by Harald, but sponsored (on the clock) by Redhat. Per US law (where RH is based), Red Hat, Inc. holds the legal copyright to most of the source presented here. The extra names wouldn't hold up in court. Please consider the following proposal. Files: * Copyright: 2008-2012, Red Hat, Inc. 2012, Harald Hoyer 2008, Jeremy Katz License: GPL-2+ Files: debian/* Copyright: 2009, Philippe Seewer 2011-2020 Thomas Lange License: GPL-2+ Files: install/hashmap.* install/log.* install/macro.h install/util.* Copyright: 2010 Lennart Poettering License: LGPL-2.1+ License: GPL-2+ [...] If you need further clarification, please don't hesitate to ask.
Bug#956287: Problems identified in debian/copyright
Package: llvm-toolchain-snapshot
Version: 11~++20200307074845+ec1d1f6ae70-1~exp1
Severity: serious
I noticed that this package appears to have some issues with debian/copyright.
Binary data exists with no indication that it can be rebuilt from source:
- lldb/unittests/ObjectFile/ELF/Inputs/early-section-headers.so
- lldb/unittests/Target/Inputs/TestModule.so
- soo many *.so files
- also many *.exe files
- Note: Test data is *not* excluded from DFSG.
These have a copyright/license that is not represented in d/copyright:
- lib/External/{many}
- llvm/utils/unittest/googletest/*
- llvm/utils/unittest/googlemock/*
- llvm/test/YAMLParser/*
- clang/lib/Headers/cuda_wrappers/*
- llvm/include/llvm/Support/MD5.h
+ Note: pseudonyms don't need to be represented; "2001 Alexander Peslyak
"
- clang/lib/Headers/:
+ avx512vlvp2intersectintrin.h
+ avx512vp2intersectintrin.h
- Note: This is not an exhaustive list.
libcxx/* indicates the wrong license *and* omits a copyright holder. (just
delete that paragraph) The same applies to polly/tools/GPURuntime/; it is
correctly represented when the paragraph is deleted).
clang/lib/Headers/* is represented as using Expat; this is not correct.
Multiple copyright blocks are mentioned for source that does not exist:
- lib/Support/reg*
- lldb/test/unittest2/*
- polly/lib/JSON/*
- test/YAMLParser/*
- utils/unittest/googletest/*
Note: If `polly/lib/JSON/` existed, "fixme" would have been unacceptable. It
should have copied LICENSE.txt.
Although not critical, the machine-readable copyright spec expects license
texts to either be with that paragraph or as an entirely unique paragraph. In
this case, it applies to BSD-3-Clause, expat, and u-of-i-bsd-like. Please see
missing-license-paragraph-in-dep5-copyright for additional information.
Also, it is not required to use four separate paragraphs;
"compiler-rt/lib/BlocksRuntime/*" is sufficient.
It is also possible to combine files:
Files:
compiler-rt/lib/BlocksRuntime/*
lldb/tools/debugserver/source/MacOSX/stack_logging.h
Copyright: 1999-2007 Apple Inc.
License: Apple
If you need further clarification, please don't hesitate to ask.
Bug#956285: Problems identified in debian/copyright
Package: libtorrent-rasterbar Version: 1.2.5-1 Severity: serious I noticed that this package appears to have some issues with debian/copyright. Missing from d/copyright: - cmake/Modules/ucm_flags.cmake - build-aux/ - ed25519/ - include/libtorrent/aux_/cppint_import_export.hpp - include/libtorrent/aux_/ffs.hpp - include/libtorrent/aux_/ - include/libtorrent/extensions/ut_pex.hpp - include/ - src/ src/ConvertUTF.cpp does not meet DFSG and cannot be part of the uploaded package Note: The usage of "* *.cpp *.hpp docs/*.rst docs/*.html" seems cumbersome. A single "Files: *" could appear at the top indicating the top-level license/copyright. Subsequent paragraphs are for files that do not match the first. If you need further clarification, please don't hesitate to ask.
Bug#956286: Problems identified in debian/copyright
Package: folks Version: 0.13.2-2~exp1 Severity: serious I noticed that this package appears to have some issues with debian/copyright. Missing copyright holders: - Philip Withnall - Intel Corporation - Canonical Ltd. - Renato Araujo Oliveira Filho - Red Hat, Inc. - Will Thompson - Zeeshan Ali (Khattak) - There may be more. If you need further clarification, please don't hesitate to ask.
Bug#956284: Problems identified in debian/copyright
Package: polybar Version: 3.4.2-1 Severity: serious I noticed that this package appears to have a minor issue debian/copyright. lib/i3ipcpp/3rd/auss/* is missing a reference for Unlicense. FWIW- Most jurisdictions have very strict copyright laws and do not permit authors to relinquish material as "public domain," hence the Unlicense license. This /is/ a license and must be correctly represented in d/copyright. If you need further clarification, please don't hesitate to ask.
