Bug#1071235: transition: qt6-base 6.6.2
Hej, Am Donnerstag, 6. Juni 2024, 09:49:59 CEST schrieb Emilio Pozuelo Monfort: [...] > Sounds like we're in good shape. You can go ahead. All Qt packages have been uploaded, so you can start with the binNUMs soon. -- Med vänliga hälsningar Patrick Franz
Bug#1071235: transition: qt6-base 6.6.2
Hej, Am Donnerstag, 6. Juni 2024, 09:49:59 CEST schrieb Emilio Pozuelo Monfort: [...] > Sounds like we're in good shape. You can go ahead. All Qt packages have been uploaded, so you can start with the binNUMs soon. -- Med vänliga hälsningar Patrick Franz
Bug#1071235: transition: qt6-base 6.6.2
Hej, Am Freitag, 31. Mai 2024, 09:41:11 CEST schrieb Emilio Pozuelo Monfort: > On 16/05/2024 23:34, Patrick Franz wrote: > > Package: release.debian.org > > Severity: normal > > X-Debbugs-Cc: delta...@debian.org > > User: release.debian@packages.debian.org > > Usertags: transition > > > > Hi Release Team, > > > > we would like to request a transition for Qt 6 from 6.4.2 to 6.6.2. > > > > To prepare for this transition, we tried to build as many reverse > > dependencies as possible. We encountered some FTBFS, but those > > failures have either been fixed since or patches are available to > > make the packages build with Qt 6.6. > > How many failures are we talking about? Can you make those bugs block > this one? Since this transition needs to go into testing in lockstep, > we can't start the transition until this is in a good shape. There are 5 failures left in Debian to take care of from what I know: * qtcreator: We split a package into 2 and qtcreator needs to build- depend on both. This cannot be fixed until Qt 6.6 is in unstable. Since the package is maintained in our team, I can fix it myself. * qcoro: Build results in symbol errors and can only be fixed once it is built against 6.6. The package is maintained in our team, so we'll take care of that. * pyotherside: FTBFS against Qt >= 6.5, but a patch is available. I filed a bug against the package and set it as blocking this transition. * dolphin-emu: FTBFS indepedently of the Qt version, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064753. The package has already been removed from testing, so that should not be a problem. * gpsbabel: We encountered test failures when we did the test build. It is likely that this was due to build environment as I could not find any problems at all for this package when building against Qt 6.6. I should mention that Ubuntu has successfully transitioned to Qt 6.6 recently. > > As part of this transition, we also reverted the name changes from > > the time_t transition for all libraries in qt6-base except the core > > library which will keep the t64-suffix (libqt6core6t64). > > We think this is ok since every Qt library depends on libqt6core6t64 > > and hence depending on libqt6core6t64 signals t64-compatibility. > Sounds fair to me. > > > The Ben file for the transition is attached. > > Added to the tracker, should appear shortly in [1]. Thank you. -- Med vänliga hälsningar Patrick Franz
Bug#1071235: transition: qt6-base 6.6.2
Hej, Am Freitag, 31. Mai 2024, 09:41:11 CEST schrieb Emilio Pozuelo Monfort: > On 16/05/2024 23:34, Patrick Franz wrote: > > Package: release.debian.org > > Severity: normal > > X-Debbugs-Cc: delta...@debian.org > > User: release.debian@packages.debian.org > > Usertags: transition > > > > Hi Release Team, > > > > we would like to request a transition for Qt 6 from 6.4.2 to 6.6.2. > > > > To prepare for this transition, we tried to build as many reverse > > dependencies as possible. We encountered some FTBFS, but those > > failures have either been fixed since or patches are available to > > make the packages build with Qt 6.6. > > How many failures are we talking about? Can you make those bugs block > this one? Since this transition needs to go into testing in lockstep, > we can't start the transition until this is in a good shape. There are 5 failures left in Debian to take care of from what I know: * qtcreator: We split a package into 2 and qtcreator needs to build- depend on both. This cannot be fixed until Qt 6.6 is in unstable. Since the package is maintained in our team, I can fix it myself. * qcoro: Build results in symbol errors and can only be fixed once it is built against 6.6. The package is maintained in our team, so we'll take care of that. * pyotherside: FTBFS against Qt >= 6.5, but a patch is available. I filed a bug against the package and set it as blocking this transition. * dolphin-emu: FTBFS indepedently of the Qt version, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064753. The package has already been removed from testing, so that should not be a problem. * gpsbabel: We encountered test failures when we did the test build. It is likely that this was due to build environment as I could not find any problems at all for this package when building against Qt 6.6. I should mention that Ubuntu has successfully transitioned to Qt 6.6 recently. > > As part of this transition, we also reverted the name changes from > > the time_t transition for all libraries in qt6-base except the core > > library which will keep the t64-suffix (libqt6core6t64). > > We think this is ok since every Qt library depends on libqt6core6t64 > > and hence depending on libqt6core6t64 signals t64-compatibility. > Sounds fair to me. > > > The Ben file for the transition is attached. > > Added to the tracker, should appear shortly in [1]. Thank you. -- Med vänliga hälsningar Patrick Franz
Bug#1072320: FTBFS against QT 6.6
Package: pyotherside Version: 1.6.0-4 Severity: important Tags: ftbfs patch X-Debbugs-Cc: delta...@debian.org Dear Maintainer, we will soon transition Qt in unstable from 6.4 to 6.6. pyotherside 1.6.0 fails to build against Qt >= 6.5. To mitigate this, there are 2 possible solutions: * Backport https://github.com/thp/pyotherside/commit/45044252aaf73262cd46443acd049e7afcdf072b to 1.6.0 * Update to 1.6.1 which includes the patch Thank you for your work. -- Mvh, Patrick Franz
Bug#1071235: transition: qt6-base 6.6.2
Package: release.debian.org Severity: normal X-Debbugs-Cc: delta...@debian.org User: release.debian@packages.debian.org Usertags: transition Hi Release Team, we would like to request a transition for Qt 6 from 6.4.2 to 6.6.2. To prepare for this transition, we tried to build as many reverse dependencies as possible. We encountered some FTBFS, but those failures have either been fixed since or patches are available to make the packages build with Qt 6.6. As part of this transition, we also reverted the name changes from the time_t transition for all libraries in qt6-base except the core library which will keep the t64-suffix (libqt6core6t64). We think this is ok since every Qt library depends on libqt6core6t64 and hence depending on libqt6core6t64 signals t64-compatibility. The Ben file for the transition is attached. Thank you. -- Patrick Franz title = "Qt 6.6.2"; is_affected = .depends ~ /\b(libqt6concurrent6|libqt6dbus6|libqt6gui6|libqt6network6|libqt6opengl6|libqt6openglwidgets6|libqt6printsupport6|libqt6sql6|libqt6test6|libqt6widgets6|libqt6xml6|libqt6concurrent6t64|libqt6dbus6t64|libqt6gui6t64|libqt6network6t64|libqt6opengl6t64|libqt6openglwidgets6t64|libqt6printsupport6t64|libqt6sql6t64|libqt6test6t64|libqt6widgets6t64|libqt6xml6t64|qt6-.*-abi \(= 6\.4\.2\)|qt6-.*-private-abi \(= 6\.6\.2\))\b/; is_good = .depends ~ /\b(libqt6concurrent6|libqt6dbus6|libqt6gui6|libqt6network6|libqt6opengl6|libqt6openglwidgets6|libqt6printsupport6|libqt6sql6|libqt6test6|libqt6widgets6|libqt6xml6|qt6-.*-private-abi \(= 6\.6\.2\))\b/; is_bad = .depends ~ /\b(libqt6concurrent6t64|libqt6dbus6t64|libqt6gui6t64|libqt6network6t64|libqt6opengl6t64|libqt6openglwidgets6t64|libqt6printsupport6t64|libqt6sql6t64|libqt6test6t64|libqt6widgets6t64|libqt6xml6t64|qt6-.*-abi \(= 6\.4\.2\))\b/;
Bug#1071235: transition: qt6-base 6.6.2
Package: release.debian.org Severity: normal X-Debbugs-Cc: delta...@debian.org User: release.debian@packages.debian.org Usertags: transition Hi Release Team, we would like to request a transition for Qt 6 from 6.4.2 to 6.6.2. To prepare for this transition, we tried to build as many reverse dependencies as possible. We encountered some FTBFS, but those failures have either been fixed since or patches are available to make the packages build with Qt 6.6. As part of this transition, we also reverted the name changes from the time_t transition for all libraries in qt6-base except the core library which will keep the t64-suffix (libqt6core6t64). We think this is ok since every Qt library depends on libqt6core6t64 and hence depending on libqt6core6t64 signals t64-compatibility. The Ben file for the transition is attached. Thank you. -- Patrick Franz title = "Qt 6.6.2"; is_affected = .depends ~ /\b(libqt6concurrent6|libqt6dbus6|libqt6gui6|libqt6network6|libqt6opengl6|libqt6openglwidgets6|libqt6printsupport6|libqt6sql6|libqt6test6|libqt6widgets6|libqt6xml6|libqt6concurrent6t64|libqt6dbus6t64|libqt6gui6t64|libqt6network6t64|libqt6opengl6t64|libqt6openglwidgets6t64|libqt6printsupport6t64|libqt6sql6t64|libqt6test6t64|libqt6widgets6t64|libqt6xml6t64|qt6-.*-abi \(= 6\.4\.2\)|qt6-.*-private-abi \(= 6\.6\.2\))\b/; is_good = .depends ~ /\b(libqt6concurrent6|libqt6dbus6|libqt6gui6|libqt6network6|libqt6opengl6|libqt6openglwidgets6|libqt6printsupport6|libqt6sql6|libqt6test6|libqt6widgets6|libqt6xml6|qt6-.*-private-abi \(= 6\.6\.2\))\b/; is_bad = .depends ~ /\b(libqt6concurrent6t64|libqt6dbus6t64|libqt6gui6t64|libqt6network6t64|libqt6opengl6t64|libqt6openglwidgets6t64|libqt6printsupport6t64|libqt6sql6t64|libqt6test6t64|libqt6widgets6t64|libqt6xml6t64|qt6-.*-abi \(= 6\.4\.2\))\b/;
Bug#998197: kdeconnectd: should not listen on all interfaces by default
Control: severity -1 important Hi Witold, On Tue, 07 May 2024 02:36:46 + Witold Baryluk wrote: [...] > Elevating severity, because it looks like I didn't even installed this > package (I did inspect all apt-get install invokations since system > creation), and it kdeconnect could only be installed due to some > suggests / recommends, not due to any dependency or direct request. How the package was installed on your system, I don't know, but as you suspect it was likely a recommendation of another package. Regarding the issue at hand: I can see why you consider this a problem. But unfortunately, there is no way of changing that behaviour, I suspect the behaviour might be intentional. People have requested this feature upstream (https:// bugs.kde.org/show_bug.cgi?id=432378) and even asked for ways to disable kdeconnectd (https://bugs.kde.org/show_bug.cgi?id=417615). The latter bug report could give you ideas how to achieve that. If this issue poses a serious problem for you, you can remove kdeconnect from your system. That might also give you a hint why it was installed in the first place. Upstream KDE actually recommends installing kdeconnect as part of the Plasma installation. Whether that recommendation fits the Debian's recommendation, is yet to be determined and we might have to see over the recommendation. However, I do disagree about the severity of this. I don't think that this issue warrants the removal of kdeconnect from Debian and hence, I'm lowering it to important. -- Med vänliga hälsningar Patrick Franz
Bug#998197: kdeconnectd: should not listen on all interfaces by default
Control: severity -1 important Hi Witold, On Tue, 07 May 2024 02:36:46 + Witold Baryluk wrote: [...] > Elevating severity, because it looks like I didn't even installed this > package (I did inspect all apt-get install invokations since system > creation), and it kdeconnect could only be installed due to some > suggests / recommends, not due to any dependency or direct request. How the package was installed on your system, I don't know, but as you suspect it was likely a recommendation of another package. Regarding the issue at hand: I can see why you consider this a problem. But unfortunately, there is no way of changing that behaviour, I suspect the behaviour might be intentional. People have requested this feature upstream (https:// bugs.kde.org/show_bug.cgi?id=432378) and even asked for ways to disable kdeconnectd (https://bugs.kde.org/show_bug.cgi?id=417615). The latter bug report could give you ideas how to achieve that. If this issue poses a serious problem for you, you can remove kdeconnect from your system. That might also give you a hint why it was installed in the first place. Upstream KDE actually recommends installing kdeconnect as part of the Plasma installation. Whether that recommendation fits the Debian's recommendation, is yet to be determined and we might have to see over the recommendation. However, I do disagree about the severity of this. I don't think that this issue warrants the removal of kdeconnect from Debian and hence, I'm lowering it to important. -- Med vänliga hälsningar Patrick Franz
Bug#998197: kdeconnectd: should not listen on all interfaces by default
Control: severity -1 important Hi Witold, On Tue, 07 May 2024 02:36:46 + Witold Baryluk wrote: [...] > Elevating severity, because it looks like I didn't even installed this > package (I did inspect all apt-get install invokations since system > creation), and it kdeconnect could only be installed due to some > suggests / recommends, not due to any dependency or direct request. How the package was installed on your system, I don't know, but as you suspect it was likely a recommendation of another package. Regarding the issue at hand: I can see why you consider this a problem. But unfortunately, there is no way of changing that behaviour, I suspect the behaviour might be intentional. People have requested this feature upstream (https:// bugs.kde.org/show_bug.cgi?id=432378) and even asked for ways to disable kdeconnectd (https://bugs.kde.org/show_bug.cgi?id=417615). The latter bug report could give you ideas how to achieve that. If this issue poses a serious problem for you, you can remove kdeconnect from your system. That might also give you a hint why it was installed in the first place. Upstream KDE actually recommends installing kdeconnect as part of the Plasma installation. Whether that recommendation fits the Debian's recommendation, is yet to be determined and we might have to see over the recommendation. However, I do disagree about the severity of this. I don't think that this issue warrants the removal of kdeconnect from Debian and hence, I'm lowering it to important. -- Med vänliga hälsningar Patrick Franz
Bug#1070254: ktp-text-ui FTBFS: undefined reference to `snappy::RawCompress(char const*, unsigned long, char*, unsigned long*)'
Hej, Am Donnerstag, 2. Mai 2024, 15:24:07 CEST schrieb Helmut Grohne: > Source: ktp-text-ui > Version: 22.12.3-1 > Severity: serious > Tags: ftbfs > Justification: fails to build from source (but built successfully in > the past) > > ktp-text-ui fails to build from source in unstable on amd64. The [...] > | /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.15.10 /usr/bin/ld: > | /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5.15.15: undefined > | reference to `snappy::RawCompress(char const*, unsigned long, > | char*, unsigned long*)' collect2: error: ld returned 1 exit status That looks like it's https://bugs.debian.org/cgi-bin/bugreport.cgi? bug=1070254 for which a fix has been uploaded. I guess trying to rebuild it tomorrow will fix this build error. -- Med vänliga hälsningar Patrick Franz
Bug#1070254: ktp-text-ui FTBFS: undefined reference to `snappy::RawCompress(char const*, unsigned long, char*, unsigned long*)'
Hej, Am Donnerstag, 2. Mai 2024, 15:24:07 CEST schrieb Helmut Grohne: > Source: ktp-text-ui > Version: 22.12.3-1 > Severity: serious > Tags: ftbfs > Justification: fails to build from source (but built successfully in > the past) > > ktp-text-ui fails to build from source in unstable on amd64. The [...] > | /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.15.10 /usr/bin/ld: > | /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5.15.15: undefined > | reference to `snappy::RawCompress(char const*, unsigned long, > | char*, unsigned long*)' collect2: error: ld returned 1 exit status That looks like it's https://bugs.debian.org/cgi-bin/bugreport.cgi? bug=1070254 for which a fix has been uploaded. I guess trying to rebuild it tomorrow will fix this build error. -- Med vänliga hälsningar Patrick Franz
Bug#1070254: ktp-text-ui FTBFS: undefined reference to `snappy::RawCompress(char const*, unsigned long, char*, unsigned long*)'
Hej, Am Donnerstag, 2. Mai 2024, 15:24:07 CEST schrieb Helmut Grohne: > Source: ktp-text-ui > Version: 22.12.3-1 > Severity: serious > Tags: ftbfs > Justification: fails to build from source (but built successfully in > the past) > > ktp-text-ui fails to build from source in unstable on amd64. The [...] > | /usr/lib/x86_64-linux-gnu/libQt5Core.so.5.15.10 /usr/bin/ld: > | /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5.15.15: undefined > | reference to `snappy::RawCompress(char const*, unsigned long, > | char*, unsigned long*)' collect2: error: ld returned 1 exit status That looks like it's https://bugs.debian.org/cgi-bin/bugreport.cgi? bug=1070254 for which a fix has been uploaded. I guess trying to rebuild it tomorrow will fix this build error. -- Med vänliga hälsningar Patrick Franz
Bug#1070084: libkpimgapi-data: KAddressBook, and possibly related programs, fail to integrate with Google
Hi Daniel, this is a known problem as Google deprecated the Contacts API and replaced it with the People API. The KDE PIM in unstable, testing and stable is too old to support the People API which was added for 23.04. The only option to fix this is to update the entire KDE PIM stack (roughly 50 packages) to 23.04 or later. However, this is sadly not possible right now. I cannot give you a timeline when this is going to happen. -- Med vänliga hälsningar Patrick Franz
Bug#1070084: libkpimgapi-data: KAddressBook, and possibly related programs, fail to integrate with Google
Hi Daniel, this is a known problem as Google deprecated the Contacts API and replaced it with the People API. The KDE PIM in unstable, testing and stable is too old to support the People API which was added for 23.04. The only option to fix this is to update the entire KDE PIM stack (roughly 50 packages) to 23.04 or later. However, this is sadly not possible right now. I cannot give you a timeline when this is going to happen. -- Med vänliga hälsningar Patrick Franz
Bug#1069831: kaddressbook: KAddressBook is not in the application launcher.
Hej Olaf, Am Donnerstag, 25. April 2024, 14:56:01 CEST schrieb olaf: > Package: kaddressbook > Version: 4:22.12.3-1+b1 > Severity: normal > > Dear Maintainer, > > the term used in the KDE Help Center (KDE-Hilfezentrum) is > "KAddressBook" ("Das Handbuch zu KAddressBook"). > > There is no "KAddressBook" in the "KDE application launcher" > ("Anwendungsstarter", my translation, what this launcher is called in > the original is unknown to me). > > However, there is an "Addressbuch" which becomes "KAddressBook" after > startup. > > Maybe it has something to do with the infantilization of program > names, as GNOME has done, maybe it is a translation error into German? I think this is one of those "It's not a bug, it's a feature." When you type a term into the search field in your application launcher, I think it only searches the fields for your system language, highly likely by design. I KAddressbook's example, the German translation lists "Addresbuch" and therefore the app will show up in your launcher. However, it will not show up when you type "kaddressbook" as this term is not listed under German. If you switched your system language to English, it would list the app when you search for "kaddressbook", but not when you search for "Adressbuch". And this is intentional as you wouldn't want tons of results just because your search term matches something in French or Swaheli, now would you ? I'm inclined to close this bug as I don't think that this is a bug... -- Med vänliga hälsningar Patrick Franz
Bug#1069831: kaddressbook: KAddressBook is not in the application launcher.
Hej Olaf, Am Donnerstag, 25. April 2024, 14:56:01 CEST schrieb olaf: > Package: kaddressbook > Version: 4:22.12.3-1+b1 > Severity: normal > > Dear Maintainer, > > the term used in the KDE Help Center (KDE-Hilfezentrum) is > "KAddressBook" ("Das Handbuch zu KAddressBook"). > > There is no "KAddressBook" in the "KDE application launcher" > ("Anwendungsstarter", my translation, what this launcher is called in > the original is unknown to me). > > However, there is an "Addressbuch" which becomes "KAddressBook" after > startup. > > Maybe it has something to do with the infantilization of program > names, as GNOME has done, maybe it is a translation error into German? I think this is one of those "It's not a bug, it's a feature." When you type a term into the search field in your application launcher, I think it only searches the fields for your system language, highly likely by design. I KAddressbook's example, the German translation lists "Addresbuch" and therefore the app will show up in your launcher. However, it will not show up when you type "kaddressbook" as this term is not listed under German. If you switched your system language to English, it would list the app when you search for "kaddressbook", but not when you search for "Adressbuch". And this is intentional as you wouldn't want tons of results just because your search term matches something in French or Swaheli, now would you ? I'm inclined to close this bug as I don't think that this is a bug... -- Med vänliga hälsningar Patrick Franz
Bug#1069836: bullseye-pu: package libkf5ksieve/20.08.3-1+deb11u1
Package: release.debian.org Severity: normal Tags: bullseye X-Debbugs-Cc: delta...@debian.org User: release.debian@packages.debian.org Usertags: pu This is the same request as for bookworm (#1069690). Relevant bug report is #1069163. [ Reason ] There is a bug in libkf5sieve where the password instead of the username is sent when using managesieve and could therefore be logged on a server as the login will fail. [ Impact ] Potentially sensitive passwords are logged on a server. [ Tests ] Affected user has successfully tested the patched version. [ Risks ] The patch is trivial (1 line is changed) and it's quite obvious that it was a bug in the first place. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable [ Changes ] 1-line patch to fix the bug. diffstat for libkf5ksieve-20.08.3 libkf5ksieve-20.08.3 changelog |8 patches/password_leak.patch | 30 ++ patches/series |1 + 3 files changed, 39 insertions(+) diff -Nru libkf5ksieve-20.08.3/debian/changelog libkf5ksieve-20.08.3/debian/changelog --- libkf5ksieve-20.08.3/debian/changelog 2020-12-16 01:50:06.0 +0100 +++ libkf5ksieve-20.08.3/debian/changelog 2024-04-25 12:37:50.0 +0200 @@ -1,3 +1,11 @@ +libkf5ksieve (4:20.08.3-1+deb11u1) bullseye; urgency=medium + + * Team upload. + * Add patch to prevent leaking passwords into server-side logs +(Closes: #1069163). + + -- Patrick Franz Thu, 25 Apr 2024 12:37:50 +0200 + libkf5ksieve (4:20.08.3-1) unstable; urgency=medium [ Sandro Knauß ] diff -Nru libkf5ksieve-20.08.3/debian/patches/password_leak.patch libkf5ksieve-20.08.3/debian/patches/password_leak.patch --- libkf5ksieve-20.08.3/debian/patches/password_leak.patch 1970-01-01 01:00:00.0 +0100 +++ libkf5ksieve-20.08.3/debian/patches/password_leak.patch 2024-04-25 12:36:16.0 +0200 @@ -0,0 +1,30 @@ +From 6b460ba93ac4ac503ba039d0b788ac7595120db1 Mon Sep 17 00:00:00 2001 +From: Laurent Montel +Date: Wed, 8 Mar 2023 06:51:22 +0100 +Subject: [PATCH] Fix 467034: libksieve/src/kmanagesieve/session.cpp assigns + password to username & gets logged( + +Bug investigate by "bib" thanks +BUG: 467034 +BUG: 437858 +FIXED-IN: 5.23.0 +--- + src/kmanagesieve/session.cpp | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/kmanagesieve/session.cpp b/src/kmanagesieve/session.cpp +index 26fd7b59..0e40d721 100644 +--- a/src/kmanagesieve/session.cpp b/src/kmanagesieve/session.cpp +@@ -273,7 +273,7 @@ KManageSieve::AuthDetails Session::requestAuthDetails(const QUrl ) + AuthDetails ad; + ad.valid = false; + if (dlg->exec()) { +-ad.username = dlg->password(); ++ad.username = dlg->username(); + ad.password = dlg->password(); + ad.valid = true; + } +-- +GitLab + diff -Nru libkf5ksieve-20.08.3/debian/patches/series libkf5ksieve-20.08.3/debian/patches/series --- libkf5ksieve-20.08.3/debian/patches/series 1970-01-01 01:00:00.0 +0100 +++ libkf5ksieve-20.08.3/debian/patches/series 2024-04-25 12:36:09.0 +0200 @@ -0,0 +1 @@ +password_leak.patch
Bug#1069836: bullseye-pu: package libkf5ksieve/20.08.3-1+deb11u1
Package: release.debian.org Severity: normal Tags: bullseye X-Debbugs-Cc: delta...@debian.org User: release.debian@packages.debian.org Usertags: pu This is the same request as for bookworm (#1069690). Relevant bug report is #1069163. [ Reason ] There is a bug in libkf5sieve where the password instead of the username is sent when using managesieve and could therefore be logged on a server as the login will fail. [ Impact ] Potentially sensitive passwords are logged on a server. [ Tests ] Affected user has successfully tested the patched version. [ Risks ] The patch is trivial (1 line is changed) and it's quite obvious that it was a bug in the first place. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable [ Changes ] 1-line patch to fix the bug. diffstat for libkf5ksieve-20.08.3 libkf5ksieve-20.08.3 changelog |8 patches/password_leak.patch | 30 ++ patches/series |1 + 3 files changed, 39 insertions(+) diff -Nru libkf5ksieve-20.08.3/debian/changelog libkf5ksieve-20.08.3/debian/changelog --- libkf5ksieve-20.08.3/debian/changelog 2020-12-16 01:50:06.0 +0100 +++ libkf5ksieve-20.08.3/debian/changelog 2024-04-25 12:37:50.0 +0200 @@ -1,3 +1,11 @@ +libkf5ksieve (4:20.08.3-1+deb11u1) bullseye; urgency=medium + + * Team upload. + * Add patch to prevent leaking passwords into server-side logs +(Closes: #1069163). + + -- Patrick Franz Thu, 25 Apr 2024 12:37:50 +0200 + libkf5ksieve (4:20.08.3-1) unstable; urgency=medium [ Sandro Knauß ] diff -Nru libkf5ksieve-20.08.3/debian/patches/password_leak.patch libkf5ksieve-20.08.3/debian/patches/password_leak.patch --- libkf5ksieve-20.08.3/debian/patches/password_leak.patch 1970-01-01 01:00:00.0 +0100 +++ libkf5ksieve-20.08.3/debian/patches/password_leak.patch 2024-04-25 12:36:16.0 +0200 @@ -0,0 +1,30 @@ +From 6b460ba93ac4ac503ba039d0b788ac7595120db1 Mon Sep 17 00:00:00 2001 +From: Laurent Montel +Date: Wed, 8 Mar 2023 06:51:22 +0100 +Subject: [PATCH] Fix 467034: libksieve/src/kmanagesieve/session.cpp assigns + password to username & gets logged( + +Bug investigate by "bib" thanks +BUG: 467034 +BUG: 437858 +FIXED-IN: 5.23.0 +--- + src/kmanagesieve/session.cpp | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/kmanagesieve/session.cpp b/src/kmanagesieve/session.cpp +index 26fd7b59..0e40d721 100644 +--- a/src/kmanagesieve/session.cpp b/src/kmanagesieve/session.cpp +@@ -273,7 +273,7 @@ KManageSieve::AuthDetails Session::requestAuthDetails(const QUrl ) + AuthDetails ad; + ad.valid = false; + if (dlg->exec()) { +-ad.username = dlg->password(); ++ad.username = dlg->username(); + ad.password = dlg->password(); + ad.valid = true; + } +-- +GitLab + diff -Nru libkf5ksieve-20.08.3/debian/patches/series libkf5ksieve-20.08.3/debian/patches/series --- libkf5ksieve-20.08.3/debian/patches/series 1970-01-01 01:00:00.0 +0100 +++ libkf5ksieve-20.08.3/debian/patches/series 2024-04-25 12:36:09.0 +0200 @@ -0,0 +1 @@ +password_leak.patch
Bug#1062965: Re: Bug#1069810: qt6-tools:6.4.2: Please add support for loongarch64
Hej, Am Donnerstag, 25. April 2024, 13:49:46 CEST schrieb 王怀卿: [...] > Would you > please provide an approximate timeline for the release of the 6.6.2 > version of qt6-tools by the Debian community? I'm sorry, but I cannot. I doubt anyone can. The time_t transition is quite complex and the first packages have started to migrate to testing, but It's unknown when all relevant packages for Qt 6 can migrate. What you can do is check when qt6-base migrates. That might give you an idea how long it's going to take until 6.6.2 is available. -- Med vänliga hälsningar Patrick Franz
Bug#1069690: bookworm-pu: package libkf5ksieve/4:22.12.3-1+deb12u1
Hi, forgot to mention: The relevant bug report for libkf5ksieve is https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069163 -- Med vänliga hälsningar Patrick Franz
Bug#1069690: bookworm-pu: package libkf5ksieve/4:22.12.3-1+deb12u1
Hi, forgot to mention: The relevant bug report for libkf5ksieve is https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069163 -- Med vänliga hälsningar Patrick Franz
Bug#1062965: Re: Bug#1069810: qt6-tools:6.4.2: Please add support for loongarch64
Hej, Am Donnerstag, 25. April 2024, 13:49:46 CEST schrieb 王怀卿: [...] > Would you > please provide an approximate timeline for the release of the 6.6.2 > version of qt6-tools by the Debian community? I'm sorry, but I cannot. I doubt anyone can. The time_t transition is quite complex and the first packages have started to migrate to testing, but It's unknown when all relevant packages for Qt 6 can migrate. What you can do is check when qt6-base migrates. That might give you an idea how long it's going to take until 6.6.2 is available. -- Med vänliga hälsningar Patrick Franz
Bug#1069810: qt6-tools:6.4.2: Please add support for loongarch64
Hej, I will likely not add this patch for 6.4.2 as my plan regarding Qt 6 is the following: During the time_t transition, I only want to change or fix what is absolutely necessary for the transition to succeed. Adding support for loong64 is not among that. Once the transition is completed for Qt 6, I want to push Qt 6.6.2 to unstable which builds successfully on loong64. Thanks for your understanding. -- Med vänliga hälsningar Patrick Franz
Re: Bug#1069810: qt6-tools:6.4.2: Please add support for loongarch64
Hej, I will likely not add this patch for 6.4.2 as my plan regarding Qt 6 is the following: During the time_t transition, I only want to change or fix what is absolutely necessary for the transition to succeed. Adding support for loong64 is not among that. Once the transition is completed for Qt 6, I want to push Qt 6.6.2 to unstable which builds successfully on loong64. Thanks for your understanding. -- Med vänliga hälsningar Patrick Franz
Bug#1069690: bookworm-pu: package libkf5ksieve/4:22.12.3-1+deb12u1
Package: release.debian.org Severity: normal Tags: bookworm X-Debbugs-Cc: delta...@debian.org User: release.debian@packages.debian.org Usertags: pu [ Reason ] There is a bug in libkf5sieve where the password instead of the username is sent when using managesieve and could therefore be logged on a server as the login will fail. [ Impact ] Potentially sensitive passwords are logged on a server. [ Tests ] Affected user has successfully tested the patched version. [ Risks ] The patch is trivial (1 line is changed) and it's quite obvious that it was a bug in the first place. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable [ Changes ] 1-line patch to fix the bug. diffstat for libkf5ksieve-22.12.3 libkf5ksieve-22.12.3 changelog |8 patches/password_leak.patch | 30 ++ patches/series |1 + 3 files changed, 39 insertions(+) diff -Nru libkf5ksieve-22.12.3/debian/changelog libkf5ksieve-22.12.3/debian/changelog --- libkf5ksieve-22.12.3/debian/changelog 2023-03-01 21:32:56.0 +0100 +++ libkf5ksieve-22.12.3/debian/changelog 2024-04-22 17:43:15.0 +0200 @@ -1,3 +1,11 @@ +libkf5ksieve (4:22.12.3-1+deb12u1) bookworm; urgency=medium + + [ Patrick Franz ] + * Add patch to prevent leaking passwords into server-side logs +(Closes: #1069163). + + -- Patrick Franz Mon, 22 Apr 2024 17:43:15 +0200 + libkf5ksieve (4:22.12.3-1) unstable; urgency=medium [ Patrick Franz ] diff -Nru libkf5ksieve-22.12.3/debian/patches/password_leak.patch libkf5ksieve-22.12.3/debian/patches/password_leak.patch --- libkf5ksieve-22.12.3/debian/patches/password_leak.patch 1970-01-01 01:00:00.0 +0100 +++ libkf5ksieve-22.12.3/debian/patches/password_leak.patch 2024-04-19 13:08:00.0 +0200 @@ -0,0 +1,30 @@ +From 6b460ba93ac4ac503ba039d0b788ac7595120db1 Mon Sep 17 00:00:00 2001 +From: Laurent Montel +Date: Wed, 8 Mar 2023 06:51:22 +0100 +Subject: [PATCH] Fix 467034: libksieve/src/kmanagesieve/session.cpp assigns + password to username & gets logged( + +Bug investigate by "bib" thanks +BUG: 467034 +BUG: 437858 +FIXED-IN: 5.23.0 +--- + src/kmanagesieve/session.cpp | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/kmanagesieve/session.cpp b/src/kmanagesieve/session.cpp +index 26fd7b59..0e40d721 100644 +--- a/src/kmanagesieve/session.cpp b/src/kmanagesieve/session.cpp +@@ -273,7 +273,7 @@ KManageSieve::AuthDetails Session::requestAuthDetails(const QUrl ) + AuthDetails ad; + ad.valid = false; + if (dlg->exec()) { +-ad.username = dlg->password(); ++ad.username = dlg->username(); + ad.password = dlg->password(); + ad.valid = true; + } +-- +GitLab + diff -Nru libkf5ksieve-22.12.3/debian/patches/series libkf5ksieve-22.12.3/debian/patches/series --- libkf5ksieve-22.12.3/debian/patches/series 1970-01-01 01:00:00.0 +0100 +++ libkf5ksieve-22.12.3/debian/patches/series 2024-04-19 13:08:20.0 +0200 @@ -0,0 +1 @@ +password_leak.patch
Bug#1069690: bookworm-pu: package libkf5ksieve/4:22.12.3-1+deb12u1
Package: release.debian.org Severity: normal Tags: bookworm X-Debbugs-Cc: delta...@debian.org User: release.debian@packages.debian.org Usertags: pu [ Reason ] There is a bug in libkf5sieve where the password instead of the username is sent when using managesieve and could therefore be logged on a server as the login will fail. [ Impact ] Potentially sensitive passwords are logged on a server. [ Tests ] Affected user has successfully tested the patched version. [ Risks ] The patch is trivial (1 line is changed) and it's quite obvious that it was a bug in the first place. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable [ Changes ] 1-line patch to fix the bug. diffstat for libkf5ksieve-22.12.3 libkf5ksieve-22.12.3 changelog |8 patches/password_leak.patch | 30 ++ patches/series |1 + 3 files changed, 39 insertions(+) diff -Nru libkf5ksieve-22.12.3/debian/changelog libkf5ksieve-22.12.3/debian/changelog --- libkf5ksieve-22.12.3/debian/changelog 2023-03-01 21:32:56.0 +0100 +++ libkf5ksieve-22.12.3/debian/changelog 2024-04-22 17:43:15.0 +0200 @@ -1,3 +1,11 @@ +libkf5ksieve (4:22.12.3-1+deb12u1) bookworm; urgency=medium + + [ Patrick Franz ] + * Add patch to prevent leaking passwords into server-side logs +(Closes: #1069163). + + -- Patrick Franz Mon, 22 Apr 2024 17:43:15 +0200 + libkf5ksieve (4:22.12.3-1) unstable; urgency=medium [ Patrick Franz ] diff -Nru libkf5ksieve-22.12.3/debian/patches/password_leak.patch libkf5ksieve-22.12.3/debian/patches/password_leak.patch --- libkf5ksieve-22.12.3/debian/patches/password_leak.patch 1970-01-01 01:00:00.0 +0100 +++ libkf5ksieve-22.12.3/debian/patches/password_leak.patch 2024-04-19 13:08:00.0 +0200 @@ -0,0 +1,30 @@ +From 6b460ba93ac4ac503ba039d0b788ac7595120db1 Mon Sep 17 00:00:00 2001 +From: Laurent Montel +Date: Wed, 8 Mar 2023 06:51:22 +0100 +Subject: [PATCH] Fix 467034: libksieve/src/kmanagesieve/session.cpp assigns + password to username & gets logged( + +Bug investigate by "bib" thanks +BUG: 467034 +BUG: 437858 +FIXED-IN: 5.23.0 +--- + src/kmanagesieve/session.cpp | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/kmanagesieve/session.cpp b/src/kmanagesieve/session.cpp +index 26fd7b59..0e40d721 100644 +--- a/src/kmanagesieve/session.cpp b/src/kmanagesieve/session.cpp +@@ -273,7 +273,7 @@ KManageSieve::AuthDetails Session::requestAuthDetails(const QUrl ) + AuthDetails ad; + ad.valid = false; + if (dlg->exec()) { +-ad.username = dlg->password(); ++ad.username = dlg->username(); + ad.password = dlg->password(); + ad.valid = true; + } +-- +GitLab + diff -Nru libkf5ksieve-22.12.3/debian/patches/series libkf5ksieve-22.12.3/debian/patches/series --- libkf5ksieve-22.12.3/debian/patches/series 1970-01-01 01:00:00.0 +0100 +++ libkf5ksieve-22.12.3/debian/patches/series 2024-04-19 13:08:20.0 +0200 @@ -0,0 +1 @@ +password_leak.patch
Bug#1068521: ITP: kf6-kstatusnotifieritem -- Implementation of Status Notifier Items
Package: wnpp Severity: wishlist Owner: Patrick Franz X-Debbugs-Cc: debian-de...@lists.debian.org, delta...@debian.org,debian-qt-...@lists.debian.org * Package name: kf6-kstatusnotifieritem Version : 6.0.0 Upstream Contact: KDE * URL : https://invent.kde.org/frameworks/kstatusnotifieritem * License : LGPL, CC0 Programming Lang: C++ Description : Implementation of Status Notifier Items KStatusNotifierItem provides an implementation of Status Notifier Items. Package will be maintained within the Debian Qt/KDE team.
Bug#1068521: ITP: kf6-kstatusnotifieritem -- Implementation of Status Notifier Items
Package: wnpp Severity: wishlist Owner: Patrick Franz X-Debbugs-Cc: debian-de...@lists.debian.org, delta...@debian.org,debian-qt-kde@lists.debian.org * Package name: kf6-kstatusnotifieritem Version : 6.0.0 Upstream Contact: KDE * URL : https://invent.kde.org/frameworks/kstatusnotifieritem * License : LGPL, CC0 Programming Lang: C++ Description : Implementation of Status Notifier Items KStatusNotifierItem provides an implementation of Status Notifier Items. Package will be maintained within the Debian Qt/KDE team.
Bug#1068521: ITP: kf6-kstatusnotifieritem -- Implementation of Status Notifier Items
Package: wnpp Severity: wishlist Owner: Patrick Franz X-Debbugs-Cc: debian-devel@lists.debian.org, delta...@debian.org,debian-qt-...@lists.debian.org * Package name: kf6-kstatusnotifieritem Version : 6.0.0 Upstream Contact: KDE * URL : https://invent.kde.org/frameworks/kstatusnotifieritem * License : LGPL, CC0 Programming Lang: C++ Description : Implementation of Status Notifier Items KStatusNotifierItem provides an implementation of Status Notifier Items. Package will be maintained within the Debian Qt/KDE team.
Bug#1068521: ITP: kf6-kstatusnotifieritem -- Implementation of Status Notifier Items
Package: wnpp Severity: wishlist Owner: Patrick Franz X-Debbugs-Cc: debian-de...@lists.debian.org, delta...@debian.org,debian-qt-...@lists.debian.org * Package name: kf6-kstatusnotifieritem Version : 6.0.0 Upstream Contact: KDE * URL : https://invent.kde.org/frameworks/kstatusnotifieritem * License : LGPL, CC0 Programming Lang: C++ Description : Implementation of Status Notifier Items KStatusNotifierItem provides an implementation of Status Notifier Items. Package will be maintained within the Debian Qt/KDE team.
Bug#1068520: ITP: kf6-kcolorscheme -- Classes to read and interact with KColorScheme
Package: wnpp Severity: wishlist Owner: Patrick Franz X-Debbugs-Cc: debian-de...@lists.debian.org, delta...@debian.org,debian-qt-...@lists.debian.org * Package name: kf6-kcolorscheme Version : 6.0.0 Upstream Contact: KDE * URL : https://invent.kde.org/frameworks/kcolorscheme * License : LGPL, BSD, CC0 Programming Lang: C++ Description : Classes to read and interact with KColorScheme KColorScheme provides classes to read and interact with KColorScheme. Package will be maintained within the Debian Qt/KDE team.
Bug#1068520: ITP: kf6-kcolorscheme -- Classes to read and interact with KColorScheme
Package: wnpp Severity: wishlist Owner: Patrick Franz X-Debbugs-Cc: debian-devel@lists.debian.org, delta...@debian.org,debian-qt-...@lists.debian.org * Package name: kf6-kcolorscheme Version : 6.0.0 Upstream Contact: KDE * URL : https://invent.kde.org/frameworks/kcolorscheme * License : LGPL, BSD, CC0 Programming Lang: C++ Description : Classes to read and interact with KColorScheme KColorScheme provides classes to read and interact with KColorScheme. Package will be maintained within the Debian Qt/KDE team.
Bug#1068520: ITP: kf6-kcolorscheme -- Classes to read and interact with KColorScheme
Package: wnpp Severity: wishlist Owner: Patrick Franz X-Debbugs-Cc: debian-de...@lists.debian.org, delta...@debian.org,debian-qt-kde@lists.debian.org * Package name: kf6-kcolorscheme Version : 6.0.0 Upstream Contact: KDE * URL : https://invent.kde.org/frameworks/kcolorscheme * License : LGPL, BSD, CC0 Programming Lang: C++ Description : Classes to read and interact with KColorScheme KColorScheme provides classes to read and interact with KColorScheme. Package will be maintained within the Debian Qt/KDE team.
Bug#1068520: ITP: kf6-kcolorscheme -- Classes to read and interact with KColorScheme
Package: wnpp Severity: wishlist Owner: Patrick Franz X-Debbugs-Cc: debian-de...@lists.debian.org, delta...@debian.org,debian-qt-...@lists.debian.org * Package name: kf6-kcolorscheme Version : 6.0.0 Upstream Contact: KDE * URL : https://invent.kde.org/frameworks/kcolorscheme * License : LGPL, BSD, CC0 Programming Lang: C++ Description : Classes to read and interact with KColorScheme KColorScheme provides classes to read and interact with KColorScheme. Package will be maintained within the Debian Qt/KDE team.
Bug#1068519: ITP: kf6-ktexttemplate -- Library to allow application developers to separate the structure of documents from the data they contain
Package: wnpp Severity: wishlist Owner: Patrick Franz X-Debbugs-Cc: debian-de...@lists.debian.org, delta...@debian.org, debian-qt-...@lists.debian.org * Package name: kf6-ktexttemplate Version : 6.0.0 Upstream Contact: KDE * URL : https://invent.kde.org/frameworks/ktexttemplate * License : LGPL Programming Lang: C++ Description : Library to allow application developers to separate the structure of documents from the data they contain KTextTemplate is a library to allow application developers to separate the structure of documents from the data they contain. The goal of KTextTemplate is to make it easier for application developers to separate the structure of documents from the data they contain, opening the door for theming and advanced generation of other text such as code. Package will be maintained within the Debian Qt/KDE team.
Bug#1068519: ITP: kf6-ktexttemplate -- Library to allow application developers to separate the structure of documents from the data they contain
Package: wnpp Severity: wishlist Owner: Patrick Franz X-Debbugs-Cc: debian-devel@lists.debian.org, delta...@debian.org, debian-qt-...@lists.debian.org * Package name: kf6-ktexttemplate Version : 6.0.0 Upstream Contact: KDE * URL : https://invent.kde.org/frameworks/ktexttemplate * License : LGPL Programming Lang: C++ Description : Library to allow application developers to separate the structure of documents from the data they contain KTextTemplate is a library to allow application developers to separate the structure of documents from the data they contain. The goal of KTextTemplate is to make it easier for application developers to separate the structure of documents from the data they contain, opening the door for theming and advanced generation of other text such as code. Package will be maintained within the Debian Qt/KDE team.
Bug#1068519: ITP: kf6-ktexttemplate -- Library to allow application developers to separate the structure of documents from the data they contain
Package: wnpp Severity: wishlist Owner: Patrick Franz X-Debbugs-Cc: debian-de...@lists.debian.org, delta...@debian.org, debian-qt-kde@lists.debian.org * Package name: kf6-ktexttemplate Version : 6.0.0 Upstream Contact: KDE * URL : https://invent.kde.org/frameworks/ktexttemplate * License : LGPL Programming Lang: C++ Description : Library to allow application developers to separate the structure of documents from the data they contain KTextTemplate is a library to allow application developers to separate the structure of documents from the data they contain. The goal of KTextTemplate is to make it easier for application developers to separate the structure of documents from the data they contain, opening the door for theming and advanced generation of other text such as code. Package will be maintained within the Debian Qt/KDE team.
Bug#1068519: ITP: kf6-ktexttemplate -- Library to allow application developers to separate the structure of documents from the data they contain
Package: wnpp Severity: wishlist Owner: Patrick Franz X-Debbugs-Cc: debian-de...@lists.debian.org, delta...@debian.org, debian-qt-...@lists.debian.org * Package name: kf6-ktexttemplate Version : 6.0.0 Upstream Contact: KDE * URL : https://invent.kde.org/frameworks/ktexttemplate * License : LGPL Programming Lang: C++ Description : Library to allow application developers to separate the structure of documents from the data they contain KTextTemplate is a library to allow application developers to separate the structure of documents from the data they contain. The goal of KTextTemplate is to make it easier for application developers to separate the structure of documents from the data they contain, opening the door for theming and advanced generation of other text such as code. Package will be maintained within the Debian Qt/KDE team.
Bug#1068518: ITP: kf6-ksvg -- Library for rendering SVG-based themes with stylesheet re-coloring and on-disk caching
Package: wnpp Severity: wishlist Owner: Patrick Franz X-Debbugs-Cc: debian-de...@lists.debian.org, delta...@debian.org,debian-qt-...@lists.debian.org * Package name: kf6-ksvg Version : 6.0.0 Upstream Contact: KDE * URL : https://invent.kde.org/frameworks/ksvg * License : GPL, LGPL, BSD, MIT, CC0 Programming Lang: C++ Description : Library for rendering SVG-based themes with stylesheet re-coloring and on-disk caching KSvg provides both C++ classes and QtQuick components to render svgs based on image packs. Compared to plain QSvg, it caches the rendered images on disk with KImageCache, and can re-color properly crafted svg shapes that include internal stylesheets. Package will be maintained within the Debian Qt/KDE team.
Bug#1068518: ITP: kf6-ksvg -- Library for rendering SVG-based themes with stylesheet re-coloring and on-disk caching
Package: wnpp Severity: wishlist Owner: Patrick Franz X-Debbugs-Cc: debian-de...@lists.debian.org, delta...@debian.org,debian-qt-kde@lists.debian.org * Package name: kf6-ksvg Version : 6.0.0 Upstream Contact: KDE * URL : https://invent.kde.org/frameworks/ksvg * License : GPL, LGPL, BSD, MIT, CC0 Programming Lang: C++ Description : Library for rendering SVG-based themes with stylesheet re-coloring and on-disk caching KSvg provides both C++ classes and QtQuick components to render svgs based on image packs. Compared to plain QSvg, it caches the rendered images on disk with KImageCache, and can re-color properly crafted svg shapes that include internal stylesheets. Package will be maintained within the Debian Qt/KDE team.
Bug#1068518: ITP: kf6-ksvg -- Library for rendering SVG-based themes with stylesheet re-coloring and on-disk caching
Package: wnpp Severity: wishlist Owner: Patrick Franz X-Debbugs-Cc: debian-devel@lists.debian.org, delta...@debian.org,debian-qt-...@lists.debian.org * Package name: kf6-ksvg Version : 6.0.0 Upstream Contact: KDE * URL : https://invent.kde.org/frameworks/ksvg * License : GPL, LGPL, BSD, MIT, CC0 Programming Lang: C++ Description : Library for rendering SVG-based themes with stylesheet re-coloring and on-disk caching KSvg provides both C++ classes and QtQuick components to render svgs based on image packs. Compared to plain QSvg, it caches the rendered images on disk with KImageCache, and can re-color properly crafted svg shapes that include internal stylesheets. Package will be maintained within the Debian Qt/KDE team.
Bug#1068518: ITP: kf6-ksvg -- Library for rendering SVG-based themes with stylesheet re-coloring and on-disk caching
Package: wnpp Severity: wishlist Owner: Patrick Franz X-Debbugs-Cc: debian-de...@lists.debian.org, delta...@debian.org,debian-qt-...@lists.debian.org * Package name: kf6-ksvg Version : 6.0.0 Upstream Contact: KDE * URL : https://invent.kde.org/frameworks/ksvg * License : GPL, LGPL, BSD, MIT, CC0 Programming Lang: C++ Description : Library for rendering SVG-based themes with stylesheet re-coloring and on-disk caching KSvg provides both C++ classes and QtQuick components to render svgs based on image packs. Compared to plain QSvg, it caches the rendered images on disk with KImageCache, and can re-color properly crafted svg shapes that include internal stylesheets. Package will be maintained within the Debian Qt/KDE team.
Bug#1067657: marked as pending in frameworkintegration
Control: tag -1 pending Hello, Bug #1067657 in frameworkintegration reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/qt-kde-team/kde/frameworkintegration/-/commit/04bff0539332af222a4b818c9caf0eab9f5f35c6 Depend on libqt5widgets5t64 instead of libqt5widgets5 (Closes: #1067657). (this message was generated automatically) -- Greetings https://bugs.debian.org/1067657
Bug#1000115: marked as pending in kjs
Control: tag -1 pending Hello, Bug #1000115 in kjs reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/qt-kde-team/kde/kjs/-/commit/8feb0197184521eb7c6952af95d7abe5812f22e8 Port to PCRE2, thx to Yavor Doganov (Closes: #1000112, #1000115). (this message was generated automatically) -- Greetings https://bugs.debian.org/1000115
Bug#1000112: marked as pending in kjs
Control: tag -1 pending Hello, Bug #1000112 in kjs reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/qt-kde-team/kde/kjs/-/commit/8feb0197184521eb7c6952af95d7abe5812f22e8 Port to PCRE2, thx to Yavor Doganov (Closes: #1000112, #1000115). (this message was generated automatically) -- Greetings https://bugs.debian.org/1000112
Bug#1060035: prison-kf5: update debian/libkf5prison5.symbols for loong64
Hi Zhang, On Fri, 05 Jan 2024 03:23:21 + Zhang Na wrote: > Source: prison-kf5 > Version: 5.107.0-2 > Severity: normal > X-Debbugs-Cc: zhan...@loongson.cn > > Dear Maintainer, > > Please update debian/libkf5prison5.symbols for loong64, thanks! I don't quite understand that patch. prison-kf5 builds fine on loong64, there are no symbol errors and hence there is nothing to fix. -- Med vänliga hälsningar Patrick Franz
Bug#1060035: prison-kf5: update debian/libkf5prison5.symbols for loong64
Hi Zhang, On Fri, 05 Jan 2024 03:23:21 + Zhang Na wrote: > Source: prison-kf5 > Version: 5.107.0-2 > Severity: normal > X-Debbugs-Cc: zhan...@loongson.cn > > Dear Maintainer, > > Please update debian/libkf5prison5.symbols for loong64, thanks! I don't quite understand that patch. prison-kf5 builds fine on loong64, there are no symbol errors and hence there is nothing to fix. -- Med vänliga hälsningar Patrick Franz
Re: It's impossible to install KDE in unstable
Hej Valerio, Am Samstag, 2. März 2024, 11:14:33 CET schrieb Valerio Passini: > Hello, > > I'm having a lot of troubles to install KDE in unstable, apt tells > there are held packages but I've checked and there are not. [...] > Is it a known problem? Yes, this is due to the ongoing 64-bit time_t transition. Unstable is a bit broken while thousands of packages are rebuilt. Everything will hopefully sort itself out soon. As a general advice: Be very careful with updates right now if you're running Unstable while this transition is going on. -- Med vänliga hälsningar Patrick Franz
Bug#1063368: kate: Shift-key not working
Hej, Am Mittwoch, 7. Februar 2024, 03:18:49 CET schrieb Dominik Huber: [...] > I've tried everything I know in trying to narrow the problem down, so > if you have any suggestions/questions I'd be happy to try/answer > them. 1.) Does the problem also occur with a new user on your native system ? 2.) You said that the problem also occurs with other applications. That points to that it's not a Kate problem but rather that the problem lies deeper in your system. What went wrong during your upgrade, one can only guess. Maybe, you can widen your search and see if others have the same problem. Don't limit yourself to Kate or Debian in that case. That's all I can recommend. -- Med vänliga hälsningar Patrick Franz
Bug#1063368: kate: Shift-key not working
Hej, Am Mittwoch, 7. Februar 2024, 03:18:49 CET schrieb Dominik Huber: [...] > I've tried everything I know in trying to narrow the problem down, so > if you have any suggestions/questions I'd be happy to try/answer > them. 1.) Does the problem also occur with a new user on your native system ? 2.) You said that the problem also occurs with other applications. That points to that it's not a Kate problem but rather that the problem lies deeper in your system. What went wrong during your upgrade, one can only guess. Maybe, you can widen your search and see if others have the same problem. Don't limit yourself to Kate or Debian in that case. That's all I can recommend. -- Med vänliga hälsningar Patrick Franz
Bug#1063368: kate: Shift-key not working
Hej, Am Dienstag, 6. Februar 2024, 22:10:47 CET schrieb Dominik: > Package: kate > Version: 4:22.12.3-1 > Severity: important > > Dear Maintainer, > > The shift key has no effect when writing (e.g. Shift+a results in 'a' > instead of 'A'). > > Some general observations about the probelm itself: > - Caps lock works. > - Shift hotkeys work (e.g. Shift+Left in order to mark the character > left of the cursor). - Alt Gr has the same problem (I changed my > keybooard layout to german and Alt Gr+q prints 'q' instead of '@'). - > Some other applications have the same issue (e.g. kwrite, vlc, > texstudio, wireshark). I think all my Qt-applications do, but Qt > might also be unrelated. Other applications such as xfce4-terminal or > firefox work flawlessly. > > With "distrobox" I created a container for debian stable (like mine) > and debian testing, and the problem occurs only in the "stable" > conteiner. Therefore, I don't think it's some configuration error of > mine. Also, this suggests that the bug has been fixed in more recent > package versions. However, those are not available yet for stable via > apt upgrade. > > stable: > image: quay.io/toolbx-images/archlinux-toolbox:latest > Qt-Version (kate): 5.15.8 > kate-Version: 22.12.3 > > testing: > image: docker.io/library/debian:testing > Qt-Version (kate): 5.15.10 > kate-Version: 23.08.1 I'm slightly confused about which system you are actually running and how you do that (natively or in a container). Because your "Debian stable" seems to be some Arch container. Also, I cannot reproduce the issue on Debian Stable and I don't remember this ever being an issue. -- Med vänliga hälsningar Patrick Franz
Bug#1063368: kate: Shift-key not working
Hej, Am Dienstag, 6. Februar 2024, 22:10:47 CET schrieb Dominik: > Package: kate > Version: 4:22.12.3-1 > Severity: important > > Dear Maintainer, > > The shift key has no effect when writing (e.g. Shift+a results in 'a' > instead of 'A'). > > Some general observations about the probelm itself: > - Caps lock works. > - Shift hotkeys work (e.g. Shift+Left in order to mark the character > left of the cursor). - Alt Gr has the same problem (I changed my > keybooard layout to german and Alt Gr+q prints 'q' instead of '@'). - > Some other applications have the same issue (e.g. kwrite, vlc, > texstudio, wireshark). I think all my Qt-applications do, but Qt > might also be unrelated. Other applications such as xfce4-terminal or > firefox work flawlessly. > > With "distrobox" I created a container for debian stable (like mine) > and debian testing, and the problem occurs only in the "stable" > conteiner. Therefore, I don't think it's some configuration error of > mine. Also, this suggests that the bug has been fixed in more recent > package versions. However, those are not available yet for stable via > apt upgrade. > > stable: > image: quay.io/toolbx-images/archlinux-toolbox:latest > Qt-Version (kate): 5.15.8 > kate-Version: 22.12.3 > > testing: > image: docker.io/library/debian:testing > Qt-Version (kate): 5.15.10 > kate-Version: 23.08.1 I'm slightly confused about which system you are actually running and how you do that (natively or in a container). Because your "Debian stable" seems to be some Arch container. Also, I cannot reproduce the issue on Debian Stable and I don't remember this ever being an issue. -- Med vänliga hälsningar Patrick Franz
Bug#1061205: Please upgrade to llvm-toolchain-17
Hi, I have a patch that makes qt6-tools build with llvm-toolchain-17. However, qt6-tools in affected by the ongoing 64bit time_t transition and I don't want to interfere with that. I can upload the patch once qt6-tools has been uploaded to unstable for the transition. -- Med vänliga hälsningar Patrick Franz
Bug#1061205: Please upgrade to llvm-toolchain-17
Hi, I have a patch that makes qt6-tools build with llvm-toolchain-17. However, qt6-tools in affected by the ongoing 64bit time_t transition and I don't want to interfere with that. I can upload the patch once qt6-tools has been uploaded to unstable for the transition. -- Med vänliga hälsningar Patrick Franz
Bug#1061205: Please upgrade to llvm-toolchain-17
Hi, I have a patch that makes qt6-tools build with llvm-toolchain-17. However, qt6-tools in affected by the ongoing 64bit time_t transition and I don't want to interfere with that. I can upload the patch once qt6-tools has been uploaded to unstable for the transition. -- Med vänliga hälsningar Patrick Franz
Re: Timeline for KF6?
Hej, Am Donnerstag, 1. Februar 2024, 17:48:47 CET schrieb Nilesh Patra: > Hi, > > I wanted to update angelfish which now needs qt6 and KDE Framework 6. > As per my searching, it seems kf6 is not yet present in the Debian > archive - not even in experimental. It hasn't even been released yet... > Any timeline for this yet - or any info as to when this is planned to > be uploaded? We don't have a timeline. It's ready when it's ready. -- Med vänliga hälsningar Patrick Franz
Bug#1061205: Please upgrade to llvm-toolchain-17
Hej Sylvestre, Am Samstag, 20. Januar 2024, 21:57:14 CET schrieb Sylvestre Ledru: > Source: qt6-tools > Severity: important > > Dear Maintainer, > > As part of the effort to limit the number of llvm packages in the > archive, it would be great if you could upgrade to -17. > > This package depends on 15. Unfortunately, qt6-tools 6.4.2 in unstable does not build with llvm-toolchain-17, only with -15. I don't know how much work it would be to create patches to make this work. However, qt6-tools 6.6.1 (which is currently in experimental) builds fine with llvm-toolchain-17. We do not have an ETA for the transition yet, but I hope it's not in the too-distant-future. -- Med vänliga hälsningar Patrick Franz
Bug#1061205: Please upgrade to llvm-toolchain-17
Hej Sylvestre, Am Samstag, 20. Januar 2024, 21:57:14 CET schrieb Sylvestre Ledru: > Source: qt6-tools > Severity: important > > Dear Maintainer, > > As part of the effort to limit the number of llvm packages in the > archive, it would be great if you could upgrade to -17. > > This package depends on 15. Unfortunately, qt6-tools 6.4.2 in unstable does not build with llvm-toolchain-17, only with -15. I don't know how much work it would be to create patches to make this work. However, qt6-tools 6.6.1 (which is currently in experimental) builds fine with llvm-toolchain-17. We do not have an ETA for the transition yet, but I hope it's not in the too-distant-future. -- Med vänliga hälsningar Patrick Franz
Bug#1060228: qt6-multimedia: Cmake config for MultimediaQuickPrivate is not packaged
Hej Robert, Am Sonntag, 7. Januar 2024, 22:40:33 CET schrieb Robert Griebl: > Source: qt6-multimedia > Version: 6.4.2-11 > Severity: normal > X-Debbugs-Cc: rob...@griebl.org > > Hi, > > The Debian Qt6 MM packages are not shipping with a cmake config for > the private module "MultimediaQuickPrivate". > > While you normally do not have to deal with this private module, you > definitely DO need it when using qmltc to compile QML code using > QtMultiMedia QML types, as qmltc generates code that includes private > headers from there: > > Failed to find required Qt component "MultimediaQuickPrivate". > [cmake] > [cmake] Expected Config file at > [cmake] > "/usr/lib/x86_64-linux-gnu/cmake/Qt6MultimediaQuickPrivate/Qt6Multime > diaQuickPrivateConfig.cmake" [cmake] does NOT exist > [cmake] The exclusion of the file and the private headers is indeed intentional and not an oversight. We normally try to avoid packaging the private headers unless we absolutely have to. Granted, that makes qmltc a little less useful in this case, but at the moment the argument is not strong enough for me to package the private headers as they add significant maintaining work. -- Med vänliga hälsningar Patrick Franz
Bug#1060228: qt6-multimedia: Cmake config for MultimediaQuickPrivate is not packaged
Hej Robert, Am Sonntag, 7. Januar 2024, 22:40:33 CET schrieb Robert Griebl: > Source: qt6-multimedia > Version: 6.4.2-11 > Severity: normal > X-Debbugs-Cc: rob...@griebl.org > > Hi, > > The Debian Qt6 MM packages are not shipping with a cmake config for > the private module "MultimediaQuickPrivate". > > While you normally do not have to deal with this private module, you > definitely DO need it when using qmltc to compile QML code using > QtMultiMedia QML types, as qmltc generates code that includes private > headers from there: > > Failed to find required Qt component "MultimediaQuickPrivate". > [cmake] > [cmake] Expected Config file at > [cmake] > "/usr/lib/x86_64-linux-gnu/cmake/Qt6MultimediaQuickPrivate/Qt6Multime > diaQuickPrivateConfig.cmake" [cmake] does NOT exist > [cmake] The exclusion of the file and the private headers is indeed intentional and not an oversight. We normally try to avoid packaging the private headers unless we absolutely have to. Granted, that makes qmltc a little less useful in this case, but at the moment the argument is not strong enough for me to package the private headers as they add significant maintaining work. -- Med vänliga hälsningar Patrick Franz
Bug#1057299: designer-qt6: is libqquickwidget.so part of the interface or an implementation detail?
Hej, Am Montag, 4. Dezember 2023, 13:24:24 CET schrieb Lisandro Damián Nicanor Pérez Meyer: [...] > I think there is a huge chance that this will be fixed with 6.6, where > we passed some extra variables to let Qt stuff build without > requiring QML stuff. Might need an extra upload of phonon > afterwards... I think this is independent of what we did in regards to the plugins for Qt 6.6 as it now concerns more than just QML plugins. I also think Helmut is correct in that we likely should split the package in 2: One for the designer (that can be M-A: foreign) and one for the plugins with M-A: same. -- Med vänliga hälsningar Patrick Franz
Bug#1057299: designer-qt6: is libqquickwidget.so part of the interface or an implementation detail?
Hej, Am Montag, 4. Dezember 2023, 13:24:24 CET schrieb Lisandro Damián Nicanor Pérez Meyer: [...] > I think there is a huge chance that this will be fixed with 6.6, where > we passed some extra variables to let Qt stuff build without > requiring QML stuff. Might need an extra upload of phonon > afterwards... I think this is independent of what we did in regards to the plugins for Qt 6.6 as it now concerns more than just QML plugins. I also think Helmut is correct in that we likely should split the package in 2: One for the designer (that can be M-A: foreign) and one for the plugins with M-A: same. -- Med vänliga hälsningar Patrick Franz
Bug#1059231: ITP: qt6-location -- Qt6 Location
Package: wnpp Severity: wishlist Owner: Patrick Franz X-Debbugs-Cc: debian-de...@lists.debian.org, delta...@debian.org,debian-qt-...@lists.debian.org * Package name: qt6-location Version : 6.6.1 Upstream Contact: The Qt Company Ltd. * URL : https://www.qt.io/developers/ * License : GPL, LGPL, FDL Programming Lang: C++ Description : Qt6 Location Qt is a cross-platform C++ application framework. Qt's primary feature is its rich set of widgets that provide standard GUI functionality. The Qt Location module helps you create mapping solutions using data available from popular location service providers, such as Open Street Map.
Bug#1059231: ITP: qt6-location -- Qt6 Location
Package: wnpp Severity: wishlist Owner: Patrick Franz X-Debbugs-Cc: debian-devel@lists.debian.org, delta...@debian.org,debian-qt-...@lists.debian.org * Package name: qt6-location Version : 6.6.1 Upstream Contact: The Qt Company Ltd. * URL : https://www.qt.io/developers/ * License : GPL, LGPL, FDL Programming Lang: C++ Description : Qt6 Location Qt is a cross-platform C++ application framework. Qt's primary feature is its rich set of widgets that provide standard GUI functionality. The Qt Location module helps you create mapping solutions using data available from popular location service providers, such as Open Street Map.
Bug#1059231: ITP: qt6-location -- Qt6 Location
Package: wnpp Severity: wishlist Owner: Patrick Franz X-Debbugs-Cc: debian-de...@lists.debian.org, delta...@debian.org,debian-qt-kde@lists.debian.org * Package name: qt6-location Version : 6.6.1 Upstream Contact: The Qt Company Ltd. * URL : https://www.qt.io/developers/ * License : GPL, LGPL, FDL Programming Lang: C++ Description : Qt6 Location Qt is a cross-platform C++ application framework. Qt's primary feature is its rich set of widgets that provide standard GUI functionality. The Qt Location module helps you create mapping solutions using data available from popular location service providers, such as Open Street Map.
Bug#1059231: ITP: qt6-location -- Qt6 Location
Package: wnpp Severity: wishlist Owner: Patrick Franz X-Debbugs-Cc: debian-de...@lists.debian.org, delta...@debian.org,debian-qt-...@lists.debian.org * Package name: qt6-location Version : 6.6.1 Upstream Contact: The Qt Company Ltd. * URL : https://www.qt.io/developers/ * License : GPL, LGPL, FDL Programming Lang: C++ Description : Qt6 Location Qt is a cross-platform C++ application framework. Qt's primary feature is its rich set of widgets that provide standard GUI functionality. The Qt Location module helps you create mapping solutions using data available from popular location service providers, such as Open Street Map.
Re: Bug#1057755: Qt WebEngine Security Support In Stable
Hej, Am Sonntag, 17. Dezember 2023, 00:33:58 CET schrieb Soren Stoutner: [...] > > No matter what angelfish does, qtwebview-opensource-src will in any > > case also need a rebuild. > > Qt WebView is deprecated upstream. It was based on the same Apple > WebKit source that WebViewGTK uses. It was replaced quite a while > ago by Qt WebEngine, which is based on Google’s Chromium. There is > no Qt 6 version of Qt WebView, so it will go entirely away at that > point. There is one: https://tracker.debian.org/pkg/qt6-webview Are you perhaps confusing Qt WebView with Qt WebKit ? > But this brings up an interesting question. Why are the Qt source > packages building private-dev binary packages? There was probably > some historical reason for doing so, but handling security support in > stable would be a lot easier if we stopped shipping private headers > that other packages can build- depends on. Perhaps Dmitry or Patrick > could provide some background. Usually, we try to avoid packaging the private headers. But for some packages, we just need to. And that's because other packages depend on them incl. other Qt submodules. We don't have a rule set in stone, but we usually package private headers when either another Qt submodule needs them (e.g. qtwebview needs the private headers of qtwebengine, hence we package them) or when important KDE components need them (e.g. qtwayland). -- Med vänliga hälsningar Patrick Franz
Bug#1057755: Qt WebEngine Security Support In Stable
Hej, Am Sonntag, 17. Dezember 2023, 00:33:58 CET schrieb Soren Stoutner: [...] > > No matter what angelfish does, qtwebview-opensource-src will in any > > case also need a rebuild. > > Qt WebView is deprecated upstream. It was based on the same Apple > WebKit source that WebViewGTK uses. It was replaced quite a while > ago by Qt WebEngine, which is based on Google’s Chromium. There is > no Qt 6 version of Qt WebView, so it will go entirely away at that > point. There is one: https://tracker.debian.org/pkg/qt6-webview Are you perhaps confusing Qt WebView with Qt WebKit ? > But this brings up an interesting question. Why are the Qt source > packages building private-dev binary packages? There was probably > some historical reason for doing so, but handling security support in > stable would be a lot easier if we stopped shipping private headers > that other packages can build- depends on. Perhaps Dmitry or Patrick > could provide some background. Usually, we try to avoid packaging the private headers. But for some packages, we just need to. And that's because other packages depend on them incl. other Qt submodules. We don't have a rule set in stone, but we usually package private headers when either another Qt submodule needs them (e.g. qtwebview needs the private headers of qtwebengine, hence we package them) or when important KDE components need them (e.g. qtwayland). -- Med vänliga hälsningar Patrick Franz
Re: Bug#1057755: Qt WebEngine Security Support In Stable
Hej, Am Sonntag, 17. Dezember 2023, 00:33:58 CET schrieb Soren Stoutner: [...] > > No matter what angelfish does, qtwebview-opensource-src will in any > > case also need a rebuild. > > Qt WebView is deprecated upstream. It was based on the same Apple > WebKit source that WebViewGTK uses. It was replaced quite a while > ago by Qt WebEngine, which is based on Google’s Chromium. There is > no Qt 6 version of Qt WebView, so it will go entirely away at that > point. There is one: https://tracker.debian.org/pkg/qt6-webview Are you perhaps confusing Qt WebView with Qt WebKit ? > But this brings up an interesting question. Why are the Qt source > packages building private-dev binary packages? There was probably > some historical reason for doing so, but handling security support in > stable would be a lot easier if we stopped shipping private headers > that other packages can build- depends on. Perhaps Dmitry or Patrick > could provide some background. Usually, we try to avoid packaging the private headers. But for some packages, we just need to. And that's because other packages depend on them incl. other Qt submodules. We don't have a rule set in stone, but we usually package private headers when either another Qt submodule needs them (e.g. qtwebview needs the private headers of qtwebengine, hence we package them) or when important KDE components need them (e.g. qtwayland). -- Med vänliga hälsningar Patrick Franz
Bug#1057755: Qt WebEngine Security Support In Stable
Hej Soren, Am Mittwoch, 13. Dezember 2023, 22:19:04 CET schrieb Soren Stoutner: [...] > Qt has LTS releases about every 18 months and supports them for 36 > months (three years). This means there are always two active LTS > releases. Unless there is an unusually long freeze, stable should > end up with a release that has somewhere between 1and 2 years of > support. It might not be perfect, but it is a lot better than what > we currently have. Don't forget that the open-source Qt LTS releases are delayed by a year. > The transition to KDE 6 is a bit of a unique situation. I would > imagine that it would need to mature a bit before most people want to > be using it (thinking of the old KDE 4 transition, or even the one to > KDE 5). By the time KDE 6 is ready to propagate to stable, I would > imagine that there will be a version that is based on an LTS release > of Qt. The release schedule for Plasma 6 is not set in stone yet, but the earliest they can base it on a Qt LTS would be in about a year. Let's see how that lines up with trixie. > Looking at KDE’s release information, I see that KDE has an LTS > release about 1-2 years. I am assuming these KDE LTS releases are > compatible with Qt LTS releases, although if anyone has any > information to the contrary please share. > > https://community.kde.org/Schedules/Plasma_5[1] > > https://endoflife.date/kde-plasma[2] > > How feasible would it be to make sure that stable always ships with > paired LTS releases of KDE and Qt? KDE doesn't have LTS releases, only Plasma has. If Plasma 6 continues the path of Plasma 5, they'll have LTS releases every 2 years, namely early in even years so that it fits with the Ubuntu LTS release among other things. And that is quite a bad fit for Debian. [Plasma 5.27 in bookworm is an outlier. It was made LTS because it is the last Plasma 5 release.] KDE used to support Plasma LTS releases for about 18-20 months. That meant that by the time of a Debian release, the LTS release is almost out of support. And yes, support for an LTS version stops several months before the next LTS version is released. > As you point out above, those > release windows might not line up exactly with Debian’s release > window, but it seems like it would be an improvement on the current > situation. Beyond security support issues, there would probably be a > lot of stability benefits (like KMail not breaking as often). There is no LTS version of Kmail. Neither the Frameworks nor KDE Gear have LTS versions. By the time of a Debian release, both are already out of support. > If you don’t think it is feasible to ship LTS versions of KDE and Qt > in stable, how do you propose handling proper security support for > KDE and Qt? I can only do with what I have. If you want better support, you need more resources. -- Med vänliga hälsningar Patrick Franz
Bug#1057755: Qt WebEngine Security Support In Stable
Hej Soren, Am Mittwoch, 13. Dezember 2023, 22:19:04 CET schrieb Soren Stoutner: [...] > Qt has LTS releases about every 18 months and supports them for 36 > months (three years). This means there are always two active LTS > releases. Unless there is an unusually long freeze, stable should > end up with a release that has somewhere between 1and 2 years of > support. It might not be perfect, but it is a lot better than what > we currently have. Don't forget that the open-source Qt LTS releases are delayed by a year. > The transition to KDE 6 is a bit of a unique situation. I would > imagine that it would need to mature a bit before most people want to > be using it (thinking of the old KDE 4 transition, or even the one to > KDE 5). By the time KDE 6 is ready to propagate to stable, I would > imagine that there will be a version that is based on an LTS release > of Qt. The release schedule for Plasma 6 is not set in stone yet, but the earliest they can base it on a Qt LTS would be in about a year. Let's see how that lines up with trixie. > Looking at KDE’s release information, I see that KDE has an LTS > release about 1-2 years. I am assuming these KDE LTS releases are > compatible with Qt LTS releases, although if anyone has any > information to the contrary please share. > > https://community.kde.org/Schedules/Plasma_5[1] > > https://endoflife.date/kde-plasma[2] > > How feasible would it be to make sure that stable always ships with > paired LTS releases of KDE and Qt? KDE doesn't have LTS releases, only Plasma has. If Plasma 6 continues the path of Plasma 5, they'll have LTS releases every 2 years, namely early in even years so that it fits with the Ubuntu LTS release among other things. And that is quite a bad fit for Debian. [Plasma 5.27 in bookworm is an outlier. It was made LTS because it is the last Plasma 5 release.] KDE used to support Plasma LTS releases for about 18-20 months. That meant that by the time of a Debian release, the LTS release is almost out of support. And yes, support for an LTS version stops several months before the next LTS version is released. > As you point out above, those > release windows might not line up exactly with Debian’s release > window, but it seems like it would be an improvement on the current > situation. Beyond security support issues, there would probably be a > lot of stability benefits (like KMail not breaking as often). There is no LTS version of Kmail. Neither the Frameworks nor KDE Gear have LTS versions. By the time of a Debian release, both are already out of support. > If you don’t think it is feasible to ship LTS versions of KDE and Qt > in stable, how do you propose handling proper security support for > KDE and Qt? I can only do with what I have. If you want better support, you need more resources. -- Med vänliga hälsningar Patrick Franz
Bug#1057755: Qt WebEngine Security Support In Stable
Hej, Am Freitag, 8. Dezember 2023, 02:49:56 CET schrieb Soren Stoutner: [...] > For the Qt and KDE maintainers, how feasible would it be > to always make sure an LTS release of Qt is what is shipped in stable > releases? Probably not very feasible. One issue is that Debian & Qt have different release schedules. Debian releases happen roughly every 2 years whereas Qt LTS releases happen every 18 months (if they keep the schedule). That means that it aligns well for some releases (like trixie), but badly for other releases. In the worst case, Qt could be close to 2 years old when Debian is released if we stick to LTS releases. Another complication is that the KDE regularly requires quite recent versions of its dependencies. The KDE 6 megarelease in February requires Qt 6.6 and has done so since the first alpha release. In other words, a 6-months old LTS Qt was already too old. If we have to stick to old KDE versions, the entire KDE stack might be out of support before Debian even gets to its first freeze. -- Med vänliga hälsningar Patrick Franz
Bug#1057755: Qt WebEngine Security Support In Stable
Hej, Am Freitag, 8. Dezember 2023, 02:49:56 CET schrieb Soren Stoutner: [...] > For the Qt and KDE maintainers, how feasible would it be > to always make sure an LTS release of Qt is what is shipped in stable > releases? Probably not very feasible. One issue is that Debian & Qt have different release schedules. Debian releases happen roughly every 2 years whereas Qt LTS releases happen every 18 months (if they keep the schedule). That means that it aligns well for some releases (like trixie), but badly for other releases. In the worst case, Qt could be close to 2 years old when Debian is released if we stick to LTS releases. Another complication is that the KDE regularly requires quite recent versions of its dependencies. The KDE 6 megarelease in February requires Qt 6.6 and has done so since the first alpha release. In other words, a 6-months old LTS Qt was already too old. If we have to stick to old KDE versions, the entire KDE stack might be out of support before Debian even gets to its first freeze. -- Med vänliga hälsningar Patrick Franz
Bug#1057359: qmake: use qmake6 when QT_SELECT=qt6
Hej, Am Montag, 11. Dezember 2023, 16:30:14 CET schrieb Helmut Grohne: [...] > Can I also get some ack from Qt maintainers such that we can move > forward in consensus? +1 And thanks for all the work you put in. -- Med vänliga hälsningar Patrick Franz
Re: Bug#1057050: qt6-multimedia: Please build with EIGEN_DONT_VECTORIZE on powerpc to fix FTBFS
Hej, Am Donnerstag, 7. Dezember 2023, 08:09:50 CET schrieb Christian Marillat: > On 02 déc. 2023 10:10, John Paul Adrian Glaubitz wrote: > > Hi! > > > > On Sat, 2023-12-02 at 00:46 +0100, Patrick Franz wrote: > >> We're in the middle of packaging Qt 6.6 and I had not planned to do > >> any more 6.4.2 updates unless absolutely necessary. > >> > >> Do you know whether this patch will also work on Qt 6.6.1 ? > > > > Yes, absolutely. And since it only adds some powerpc-specific lines > > to debian/rules, there is nothing really that would need to be > > rebased when updating to a newer Qt version. > > > > It's always safe to apply this patch. > > It is possible to see this bug fixed ? I'll include the fix in 6.6.1 which is being worked on. -- Med vänliga hälsningar Patrick Franz
Bug#1057050: qt6-multimedia: Please build with EIGEN_DONT_VECTORIZE on powerpc to fix FTBFS
Hej, Am Donnerstag, 7. Dezember 2023, 08:09:50 CET schrieb Christian Marillat: > On 02 déc. 2023 10:10, John Paul Adrian Glaubitz wrote: > > Hi! > > > > On Sat, 2023-12-02 at 00:46 +0100, Patrick Franz wrote: > >> We're in the middle of packaging Qt 6.6 and I had not planned to do > >> any more 6.4.2 updates unless absolutely necessary. > >> > >> Do you know whether this patch will also work on Qt 6.6.1 ? > > > > Yes, absolutely. And since it only adds some powerpc-specific lines > > to debian/rules, there is nothing really that would need to be > > rebased when updating to a newer Qt version. > > > > It's always safe to apply this patch. > > It is possible to see this bug fixed ? I'll include the fix in 6.6.1 which is being worked on. -- Med vänliga hälsningar Patrick Franz
Bug#1057050: qt6-multimedia: Please build with EIGEN_DONT_VECTORIZE on powerpc to fix FTBFS
Hej, Am Donnerstag, 7. Dezember 2023, 08:09:50 CET schrieb Christian Marillat: > On 02 déc. 2023 10:10, John Paul Adrian Glaubitz wrote: > > Hi! > > > > On Sat, 2023-12-02 at 00:46 +0100, Patrick Franz wrote: > >> We're in the middle of packaging Qt 6.6 and I had not planned to do > >> any more 6.4.2 updates unless absolutely necessary. > >> > >> Do you know whether this patch will also work on Qt 6.6.1 ? > > > > Yes, absolutely. And since it only adds some powerpc-specific lines > > to debian/rules, there is nothing really that would need to be > > rebased when updating to a newer Qt version. > > > > It's always safe to apply this patch. > > It is possible to see this bug fixed ? I'll include the fix in 6.6.1 which is being worked on. -- Med vänliga hälsningar Patrick Franz
Bug#1057050: qt6-multimedia: Please build with EIGEN_DONT_VECTORIZE on powerpc to fix FTBFS
Hej, Am Dienstag, 28. November 2023, 20:22:36 CET schrieb John Paul Adrian Glaubitz: [...] > With the above change, cmake defines the preprocessor macro > EIGEN_DONT_VECTORIZE and the build succeeds on powerpc. > > Could you apply this change for the next upload in order to fix the > build on powerpc? We're in the middle of packaging Qt 6.6 and I had not planned to do any more 6.4.2 updates unless absolutely necessary. Do you know whether this patch will also work on Qt 6.6.1 ? -- Med vänliga hälsningar Patrick Franz
Bug#1057050: qt6-multimedia: Please build with EIGEN_DONT_VECTORIZE on powerpc to fix FTBFS
Hej, Am Dienstag, 28. November 2023, 20:22:36 CET schrieb John Paul Adrian Glaubitz: [...] > With the above change, cmake defines the preprocessor macro > EIGEN_DONT_VECTORIZE and the build succeeds on powerpc. > > Could you apply this change for the next upload in order to fix the > build on powerpc? We're in the middle of packaging Qt 6.6 and I had not planned to do any more 6.4.2 updates unless absolutely necessary. Do you know whether this patch will also work on Qt 6.6.1 ? -- Med vänliga hälsningar Patrick Franz
Bug#1057015: ITP: qt6-grpc -- Qt 6 Protobuf & gRPC support
Package: wnpp Severity: wishlist Owner: Patrick Franz X-Debbugs-Cc: debian-de...@lists.debian.org, delta...@debian.org,debian-qt-...@lists.debian.org * Package name: qt6-grpc Version : 6.6.0 Upstream Contact: The Qt Company Ltd. * URL : https://www.qt.io/developers/ * License : GPL, LGPL, BSD Description : Qt 6 Protobuf & gRPC support Qt is a cross-platform C++ application framework. Qt's primary feature is its rich set of widgets that provide standard GUI functionality. This module contains support for protobuf and gRPC.
Bug#1057015: ITP: qt6-grpc -- Qt 6 Protobuf & gRPC support
Package: wnpp Severity: wishlist Owner: Patrick Franz X-Debbugs-Cc: debian-devel@lists.debian.org, delta...@debian.org,debian-qt-...@lists.debian.org * Package name: qt6-grpc Version : 6.6.0 Upstream Contact: The Qt Company Ltd. * URL : https://www.qt.io/developers/ * License : GPL, LGPL, BSD Description : Qt 6 Protobuf & gRPC support Qt is a cross-platform C++ application framework. Qt's primary feature is its rich set of widgets that provide standard GUI functionality. This module contains support for protobuf and gRPC.
Bug#1057015: ITP: qt6-grpc -- Qt 6 Protobuf & gRPC support
Package: wnpp Severity: wishlist Owner: Patrick Franz X-Debbugs-Cc: debian-de...@lists.debian.org, delta...@debian.org,debian-qt-kde@lists.debian.org * Package name: qt6-grpc Version : 6.6.0 Upstream Contact: The Qt Company Ltd. * URL : https://www.qt.io/developers/ * License : GPL, LGPL, BSD Description : Qt 6 Protobuf & gRPC support Qt is a cross-platform C++ application framework. Qt's primary feature is its rich set of widgets that provide standard GUI functionality. This module contains support for protobuf and gRPC.
Bug#1057015: ITP: qt6-grpc -- Qt 6 Protobuf & gRPC support
Package: wnpp Severity: wishlist Owner: Patrick Franz X-Debbugs-Cc: debian-de...@lists.debian.org, delta...@debian.org,debian-qt-...@lists.debian.org * Package name: qt6-grpc Version : 6.6.0 Upstream Contact: The Qt Company Ltd. * URL : https://www.qt.io/developers/ * License : GPL, LGPL, BSD Description : Qt 6 Protobuf & gRPC support Qt is a cross-platform C++ application framework. Qt's primary feature is its rich set of widgets that provide standard GUI functionality. This module contains support for protobuf and gRPC.
Re: Any possibility the "Restore/Add Double Click Speed setting" bug can be backported to bookworm?
Hej, Am Mittwoch, 8. November 2023, 14:49:18 CET schrieb local10: > Hi, > > Is there any possibility the "Restore/Add Double Click Speed setting" > bug ( https://bugs.kde.org/show_bug.cgi?id=413502 ) can be backported > to bookworm? Thanks Likely not I'm afraid. First, this is not really a bug, but more of a feature. And I'd like to avoid having to backport all sorts of feature requests from future Plasma-releases. Second, it hasn't been backported to the 5.27 branch as the plasma- desktop code has been rewritten and simply applying the patch doesn't work. Unless the patch ends up in 5.27, the odds of this ending up in bookworm are close to 0. -- Med vänliga hälsningar Patrick Franz
Bug#1055295: RM: libqt6opengl6-dev -- ROM; Package is not built anymore
Package: ftp.debian.org Severity: normal User: ftp.debian@packages.debian.org Usertags: remove X-Debbugs-Cc: qt6-b...@packages.debian.org, delta...@debian.org Control: affects -1 + src:qt6-base Hi, could you please remove the binary package "libqt6opengl6-dev" from unstable ? It is also available in bullseye-backports and bookworm, but still needed in those 2 suites. The reason is that qt6-base from 6.4.2+dfsg-12 on does not build libqt6opengl6-dev anymore as the functionality has been moved into qt6-base-dev. Thank you. Regards, Patrick Franz
Bug#1055295: RM: libqt6opengl6-dev -- ROM; Package is not built anymore
Package: ftp.debian.org Severity: normal User: ftp.debian@packages.debian.org Usertags: remove X-Debbugs-Cc: qt6-b...@packages.debian.org, delta...@debian.org Control: affects -1 + src:qt6-base Hi, could you please remove the binary package "libqt6opengl6-dev" from unstable ? It is also available in bullseye-backports and bookworm, but still needed in those 2 suites. The reason is that qt6-base from 6.4.2+dfsg-12 on does not build libqt6opengl6-dev anymore as the functionality has been moved into qt6-base-dev. Thank you. Regards, Patrick Franz
Bug#1006292: bullseye-pu: package plasma-discover/5.20.5-3
Hi Adam, On Sat, 14 Oct 2023 19:46:36 +0100 "Adam D. Barratt" wrote: [...] > Thanks; please go ahead. It's uploaded. -- Med vänliga hälsningar Patrick Franz
Bug#1006292: bullseye-pu: package plasma-discover/5.20.5-3
Hi Adam, On Sat, 14 Oct 2023 19:46:36 +0100 "Adam D. Barratt" wrote: [...] > Thanks; please go ahead. It's uploaded. -- Med vänliga hälsningar Patrick Franz
Re: Qt6 Location for Debian 12
Hej, Am Donnerstag, 12. Oktober 2023, 01:17:44 CEST schrieb Petric Frank: [...] > I got a hint on a git project where Qt6Location was compiled for older > Qt Versions (< 6.5): > https://github.com/ntadej/qtlocation > > Maybe the 6.4.2 release of it could be a candidate for being > repackaged as *.deb ? We cannot add packages to Debian 12 anymore. I'd also like to stick to the official Qt releases and avoid 3rd-party releases. -- Med vänliga hälsningar Patrick Franz
Bug#1053609: 1053...@bugs.debian.org
Hi Leandro, On Thu, 12 Oct 2023 01:52:12 -0300 Leandro Cunha wrote: > Hi, > > This issue will be fixed in stable, so is this the reason that > justifies you opening this bug? Yes, opening this bug will help fixing this in stable. -- Med vänliga hälsningar Patrick Franz
Bug#1053609: 1053...@bugs.debian.org
Hi Leandro, On Thu, 12 Oct 2023 01:52:12 -0300 Leandro Cunha wrote: > Hi, > > This issue will be fixed in stable, so is this the reason that > justifies you opening this bug? Yes, opening this bug will help fixing this in stable. -- Med vänliga hälsningar Patrick Franz
Re: Qt6 Location for Debian 12
Hej, Am Mittwoch, 11. Oktober 2023, 16:52:24 CEST schrieb Petric Frank: > Hello, > > is there a *.deb for Qt6 Location (-dev) module ? > > I have seen there is one for Qt6 Positioning in the stable repository > but i miss the above one. > > Or do i have to compile the Qt6 system myself ? There is no Location module for Qt 6.4. It never existed. However, it got reintroduced as a tech preview for 6.5. -- Med vänliga hälsningar Patrick Franz
Bug#1053408: qt6-webengine: FTBFS with re2 >= 20230601 (which requires abseil)
Hi Stefano, On Tue, 3 Oct 2023 17:07:52 +0200 Stefano Rivera wrote: > Source: qt6-webengine > Version: 6.4.2-final+dfsg-11 > Severity: normal > Tags: upstream > Affects: src:re2 > > The next RE2 transition is waiting for qt6-webengine to support > libre2-11 (re2 >= 20230601), available in experimental. > > Upstream, RE2 added a dependency on Abseil, changing its API a little. > > Chromium has supported this since around 116. (Debian's chromium > currently builds with the bundled re2). The relevant commits are by > https://chromium-review.googlesource.com/q/owner:jun...@chromium.org > and reference bug 1447090 qt6-webengine based on chromium 116 or later will not hit unstable before June 2024 or so and I feel like trying to patch the bundled version of chromium will be going down the rabbit hole. However, I can switch to the bundled version of re2 until qt6-webengine is based on a chromium version that supports the newer re2. -- Med vänliga hälsningar Patrick Franz
Bug#1053408: qt6-webengine: FTBFS with re2 >= 20230601 (which requires abseil)
Hi Stefano, On Tue, 3 Oct 2023 17:07:52 +0200 Stefano Rivera wrote: > Source: qt6-webengine > Version: 6.4.2-final+dfsg-11 > Severity: normal > Tags: upstream > Affects: src:re2 > > The next RE2 transition is waiting for qt6-webengine to support > libre2-11 (re2 >= 20230601), available in experimental. > > Upstream, RE2 added a dependency on Abseil, changing its API a little. > > Chromium has supported this since around 116. (Debian's chromium > currently builds with the bundled re2). The relevant commits are by > https://chromium-review.googlesource.com/q/owner:jun...@chromium.org > and reference bug 1447090 qt6-webengine based on chromium 116 or later will not hit unstable before June 2024 or so and I feel like trying to patch the bundled version of chromium will be going down the rabbit hole. However, I can switch to the bundled version of re2 until qt6-webengine is based on a chromium version that supports the newer re2. -- Med vänliga hälsningar Patrick Franz
Bug#1053609: plasma-desktop: plasmashell can crash when dropping a folder with many files on the desktop
Package: plasma-desktop Version: 4:5.27.8-1 Severity: important Forwarded: https://bugs.kde.org/show_bug.cgi?id=471903 X-Debbugs-Cc: delta...@debian.org,antde...@gmail.com Dear Maintainer, plasmashell can crash when you drop a folder containing many files onto the desktop. Bug is tracked upstream at https://bugs.kde.org/show_bug.cgi?id=471903
Bug#1053609: plasma-desktop: plasmashell can crash when dropping a folder with many files on the desktop
Package: plasma-desktop Version: 4:5.27.8-1 Severity: important Forwarded: https://bugs.kde.org/show_bug.cgi?id=471903 X-Debbugs-Cc: delta...@debian.org,antde...@gmail.com Dear Maintainer, plasmashell can crash when you drop a folder containing many files onto the desktop. Bug is tracked upstream at https://bugs.kde.org/show_bug.cgi?id=471903
Bug#1006292: bullseye-pu: package plasma-discover/5.20.5-3
Hej, Am Mittwoch, 4. Oktober 2023, 15:02:11 CEST schrieb Adam D. Barratt: [...] > Thanks, but it's too late to get the updated package accepted for the > 11.8 point release now in any case. > > The question that remains from Jonathan's mail is - is it OK to > include the plasma-desktop and knewstuff updates without > plasma-discover, or should those be held back until plasma-discover > is ready, and all three released at the same time? I don't know to be honest. I guess the safe way is to release all three together. -- Med vänliga hälsningar Patrick Franz
Bug#1006292: bullseye-pu: package plasma-discover/5.20.5-3
Hej, Am Mittwoch, 4. Oktober 2023, 15:02:11 CEST schrieb Adam D. Barratt: [...] > Thanks, but it's too late to get the updated package accepted for the > 11.8 point release now in any case. > > The question that remains from Jonathan's mail is - is it OK to > include the plasma-desktop and knewstuff updates without > plasma-discover, or should those be held back until plasma-discover > is ready, and all three released at the same time? I don't know to be honest. I guess the safe way is to release all three together. -- Med vänliga hälsningar Patrick Franz
Bug#1006292: bullseye-pu: package plasma-discover/5.20.5-3
Hej, Am Montag, 2. Oktober 2023, 19:04:00 CEST schrieb Jonathan Wiltshire: [...] > Ping on this? It's urgent given the point release is planned for the > coming weekend, and we're currently unsure if the related fix is safe > to release without this one. If there's no answer we'll have to play > safe and hold plasma-desktop back until the next cycle as well. I've fixed it and it builds now. I'm attaching a debdiff to the version that was supposed to be uploaded. -- Med vänliga hälsningar Patrick Franzdiffstat for plasma-discover-5.20.5 plasma-discover-5.20.5 changelog |8 plasma-discover-common.install |1 - plasma-discover.install|1 - 3 files changed, 8 insertions(+), 2 deletions(-) diff -Nru plasma-discover-5.20.5/debian/changelog plasma-discover-5.20.5/debian/changelog --- plasma-discover-5.20.5/debian/changelog 2022-02-22 22:20:28.0 +0100 +++ plasma-discover-5.20.5/debian/changelog 2023-10-03 19:11:07.0 +0200 @@ -1,3 +1,11 @@ +plasma-discover (5.20.5-3+deb11u2) bullseye; urgency=medium + + [ Patrick Franz ] + * Team upload. + * Update list of installed files. + + -- Patrick Franz Tue, 03 Oct 2023 19:11:07 +0200 + plasma-discover (5.20.5-3+deb11u1) bullseye; urgency=medium * Team upload. diff -Nru plasma-discover-5.20.5/debian/plasma-discover-common.install plasma-discover-5.20.5/debian/plasma-discover-common.install --- plasma-discover-5.20.5/debian/plasma-discover-common.install 2022-02-22 22:20:28.0 +0100 +++ plasma-discover-5.20.5/debian/plasma-discover-common.install 2023-10-03 19:09:08.0 +0200 @@ -1,6 +1,5 @@ usr/share/discover/ usr/share/icons/hicolor/*/apps/plasmadiscover.* -usr/share/knsrcfiles/ usr/share/kxmlgui5/plasmadiscover/ usr/share/libdiscover/categories/packagekit-backend-categories.xml usr/share/locale/ diff -Nru plasma-discover-5.20.5/debian/plasma-discover.install plasma-discover-5.20.5/debian/plasma-discover.install --- plasma-discover-5.20.5/debian/plasma-discover.install 2022-02-22 22:20:28.0 +0100 +++ plasma-discover-5.20.5/debian/plasma-discover.install 2023-10-03 19:07:36.0 +0200 @@ -5,7 +5,6 @@ usr/lib/*/libexec/kf5/discover/runservice usr/lib/*/plasma-discover/ usr/lib/*/qt5/plugins/discover-notifier/DiscoverPackageKitNotifier.so -usr/lib/*/qt5/plugins/discover/kns-backend.so usr/lib/*/qt5/plugins/discover/packagekit-backend.so usr/share/applications/org.kde.discover.apt.urlhandler.desktop usr/share/applications/org.kde.discover.desktop