Bug#709508: gdb: FTBFS on hurd-i386
Source: gdb Version: 7.6-2 Severity: important Tags: patch, upastream Usertags: hurd User: debian-h...@lists.debian.org Hello, gdb does not build from source any longer since gdb-multiarch packages was enabled in 7.4.1-1. The build problems is due to a PATH_MAX issue in gdb/nto-tdep.c:nto_init_solib_absolute_prefix(). The attached patch, solve_PATH_MAX_issue.patch, solves this build problem. This patch has also been submitted upstream, see http://sourceware.org/ml/gdb-patches/2013-05/msg00878.html Thanks! --- a/gdb/nto-tdep.c 2013-05-23 14:28:24.0 + +++ b/gdb/nto-tdep.c 2013-05-23 15:01:24.0 + @@ -147,9 +147,11 @@ nto_find_and_open_solib (char *solib, un void nto_init_solib_absolute_prefix (void) { - char buf[PATH_MAX * 2], arch_path[PATH_MAX]; + char *buf, *arch_path; char *nto_root, *endian; const char *arch; + int arch_len, len; +#define FMT set solib-absolute-prefix %s nto_root = nto_target (); if (strcmp (gdbarch_bfd_arch_info (target_gdbarch ())-arch_name, i386) == 0) @@ -172,9 +174,13 @@ nto_init_solib_absolute_prefix (void) == BFD_ENDIAN_BIG ? be : le; } - xsnprintf (arch_path, sizeof (arch_path), %s/%s%s, nto_root, arch, endian); + arch_len = strlen (nto_root) + 1 + strlen (arch) + strlen (endian) + 1; + arch_path = alloca (arch_len); + xsnprintf (arch_path, arch_len, %s/%s%s, nto_root, arch, endian); - xsnprintf (buf, sizeof (buf), set solib-absolute-prefix %s, arch_path); + len = strlen (FMT) - 2 + strlen (arch_path) + 1; + buf = alloca (len); + xsnprintf (buf, len, FMT, arch_path); execute_command (buf, 0); }
Bug#679640: [Enigmail] Fwd: Re: Can somone confirm or deny if PGP/Mime messages verify in Debian Wheezy/IceDove?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Daniel Kahn Gillmor wrote: Control: tags 679640 + help I just wanted to forward a discussion between Patrick and myself around the failure of enigmail 1.4.1 and icedove 10 in verifying PGP/MIME clearsigned messages that are embedded within another (non-signed) MIME part. the prognosis doesn't look good at getting this resolved, unfortunately. attached is part of the exchange between patrick and myself, and an attempted patch to enigmail which did not solve the problem. I'm a bit stuck about how to resolve this issue for debian users, unfortunately. --dkg The message just sent to enigmail-us...@enigmail.net didn't verify on my SeaMonkey/Enigmail Wheezy install. I see a mail with three attachments, one of which is signature.asc - -- Andy Ruddock - andy.rudd...@rainydayz.org (OpenPGP Key ID 0xB0324245) -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJRnkpAAAoJECqtbbewMkJF/woP/Asu3zpoeH5PdZ5Ku3FUEX1B dheM+kG1Ttbid6G2kd23MeZVPDEHBgKskH7ttR+T/VcC3QDxIUWT3JYLARG4H/hg ZiPi4h812LBNiCEF5u3zUMDg+tYa0w9i+XpHYMLkW5RNhlC1Igg2qcarHw07lvXI 6iM1rUery1MBP/nw1yTSYn9LPZrS7Sum3VlJaPiwq5NpzRDiYMG2kLPpeGjndBZG 3/xQNfyoUkhxyoWvWfYCNIqYifnc1NrvN+Re8ZnDxcKemVd/9P5ffa+w8Or8TPel FcePVu4JboZivSp76fAZ/Bhx0Fkj/NgdheL2umt4asQrZt8f51P1eLtnhSmNIcOa GOZCIWGbQMCNm1+vDoBRnn05ZUEShiVZzNspbR197A5tKYVtPyDWo8HPtfMdiNLG C3AP7VSZpHv/58FwoF0Qo366ZTD1Xn/O8us2t6IU1nQiCeGFQhNRL4mYqfxK6/WQ b+hnuCzi8GvlSiqv2ugJ4Teu0zRG/JxeEIWXUqoNWCrzcaIO/Y+F4DY8R+5ON7a0 oncPDv9778TUYj/PkXAvjGfk3SipyMn78WJUdxYCnavf6COwP8G/dgyWAYEJrF+9 symHJ6/pYfsn+St5b5c22lHmrteP3+gsSFf7nJA1bsMo6y6VdvdQ7QAB6wmOlqo0 ryMHI1xAGqwmOocMjWab =uhR7 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709509: netcat-traditional: crash on invalid input
Package: netcat-traditional Version: 1.10-40 Severity: normal Dear Maintainer, *** Please consider answering these questions, where appropriate *** nc.traditional localhost 10 Crashes with following output: *** buffer overflow detected ***: nc.traditional terminated === Backtrace: = /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7fda4e2a7d67] /lib/x86_64-linux-gnu/libc.so.6(+0xfbd20)[0x7fda4e2a6d20] /lib/x86_64-linux-gnu/libc.so.6(+0xfb1a9)[0x7fda4e2a61a9] /lib/x86_64-linux-gnu/libc.so.6(_IO_default_xsputn+0x89)[0x7fda4e2232a9] /lib/x86_64-linux-gnu/libc.so.6(_IO_vfprintf+0xf74)[0x7fda4e1f2a04] /lib/x86_64-linux-gnu/libc.so.6(__vsprintf_chk+0x97)[0x7fda4e2a6247] /lib/x86_64-linux-gnu/libc.so.6(__sprintf_chk+0x7d)[0x7fda4e2a618d] nc.traditional[0x402b40] nc.traditional[0x401e72] /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5)[0x7fda4e1cca55] nc.traditional[0x40234d] === Memory map: 0040-00406000 r-xp 08:11 691 /bin/nc.traditional 00605000-00606000 r--p 5000 08:11 691 /bin/nc.traditional 00606000-00607000 rw-p 6000 08:11 691 /bin/nc.traditional 01204000-01225000 rw-p 00:00 0 [heap] 7fda4df95000-7fda4dfaa000 r-xp 08:11 33456 /lib/x86_64-linux-gnu/libgcc_s.so.1 7fda4dfaa000-7fda4e1aa000 ---p 00015000 08:11 33456 /lib/x86_64-linux-gnu/libgcc_s.so.1 7fda4e1aa000-7fda4e1ab000 rw-p 00015000 08:11 33456 /lib/x86_64-linux-gnu/libgcc_s.so.1 7fda4e1ab000-7fda4e34f000 r-xp 08:11 40010 /lib/x86_64-linux-gnu/libc-2.17.so 7fda4e34f000-7fda4e54e000 ---p 001a4000 08:11 40010 /lib/x86_64-linux-gnu/libc-2.17.so 7fda4e54e000-7fda4e552000 r--p 001a3000 08:11 40010 /lib/x86_64-linux-gnu/libc-2.17.so 7fda4e552000-7fda4e554000 rw-p 001a7000 08:11 40010 /lib/x86_64-linux-gnu/libc-2.17.so 7fda4e554000-7fda4e558000 rw-p 00:00 0 7fda4e558000-7fda4e579000 r-xp 08:11 40007 /lib/x86_64-linux-gnu/ld-2.17.so 7fda4e6e5000-7fda4e71a000 r--s 08:15 16904 /var/cache/nscd/services 7fda4e71a000-7fda4e74f000 r--s 08:15 14542 /var/cache/nscd/hosts 7fda4e74f000-7fda4e752000 rw-p 00:00 0 7fda4e776000-7fda4e779000 rw-p 00:00 0 7fda4e779000-7fda4e77a000 r--p 00021000 08:11 40007 /lib/x86_64-linux-gnu/ld-2.17.so 7fda4e77a000-7fda4e77b000 rw-p 00022000 08:11 40007 /lib/x86_64-linux-gnu/ld-2.17.so 7fda4e77b000-7fda4e77c000 rw-p 00:00 0 7fff39497000-7fff394b8000 rw-p 00:00 0 [stack] 7fff395ef000-7fff395f r-xp 00:00 0 [vdso] ff60-ff601000 r-xp 00:00 0 [vsyscall] Aborted -- System Information: Debian Release: 7.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.6-trunk-amd64 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Versions of packages netcat-traditional depends on: ii libc6 2.17-3 netcat-traditional recommends no packages. netcat-traditional suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709050: [pkg-GD-devel] Bug#709050: mscgen: fails to build with current libgd2
Hi, were you able to discover something? I don't see anything in gd, but I did study it very hard. Ondrej On Mon, May 20, 2013 at 4:08 PM, Niels Thykier ni...@thykier.net wrote: Control: tags -1 confirmed help On 2013-05-20 15:06, Colin Watson wrote: Package: mscgen Version: 0.20-2 Severity: serious User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu saucy mscgen fails to build in unstable as follows: make check-TESTS make[3]: Entering directory `/«PKGBUILDDIR»/build/test' testinput0.msc Error: gdoTextHeight: Could not read font (GDFONTPATH=) FAIL: renderercheck.sh 1 of 1 test failed Please report to michael.mcternan.2...@cs.bris.ac.uk make[3]: *** [check-TESTS] Error 1 If it helps, you can see a corresponding Ubuntu build log here: https://launchpadlibrarian.net/140264375/buildlog_ubuntu-saucy-i386.mscgen_0.20-2build2_FAILEDTOBUILD.txt.gz I don't quite know what's happening here, as running the tests by hand seems to succeed. Thanks, I can confirm the failure in a sid chroot, but the failure is non-deterministic. I have seen 2 successful builds out of 5 or so. Furthermore the test that fails is also non-deterministic. Your log has testinput0.msc, but I saw 17, 5 and one starting with 2 (forgot the exact number for that one). The frequency of the failures appears to be fairly random at first glance (for testinput0.msc). I have observed 0 to 496 successful runs between each failure. The average number of successes between failures appears to be around 36 runs (based on 90 observations). So anyone wanting to replicate this may want to setup a: while mscgen -Tpng in-file ; do : ; done Dear pkg-gd developers, do you have any hints as to why gdImageStringFT would be non-deterministic[1]? As far as I can tell, it receives the following arguments: NULL, rect (int array[8], init'ed to 8 zeroes), pen (0 or 0xff - failures tend to be 0), helvetica, 11.0, 0, 0, 0, gHELLOWt The pen value is (AFAICT) always a value returned by gdImageColorAllocate. mscgen will always allocate ADRAW_COL_BLACK and ADRAW_COL_WHITE (in that order) prior to loading any other colors[2]. ~Niels [1] Call context: http://anonscm.debian.org/gitweb/?p=collab-maint/mscgen.git;a=blob;f=src/gd_out.c;h=64d82b27817dccae83c24ce6a450306be11fcfe4;hb=2ca7e6af2dad9f34d6d1466174b13e646d8ab630#l225 [2] src/adraw.h:ADRAW_COL_WHITE = 0x00ff, src/adraw.h:ADRAW_COL_BLACK = 0x, These are passed like: gdImageColorAllocate(context-img, (col 0xff) 16, (col 0x00ff00) 8, (col 0xff) 0); (see the getColorRef function in same file linked to in [1]) ___ pkg-GD-devel mailing list pkg-gd-de...@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-gd-devel -- Ondřej Surý ond...@sury.org
Bug#709267: File Corruption Problems
2013/5/23 Bob Proulx b...@proulx.com: Ola Lundqvist wrote: ... My guess is that you have some kind of bit errors on your disk. ... I'll close this bug report and I think you should check your disk using the badblocks command. :-) You might also consider running 'debsums' which will verify package files against the MD5 checksum lists included in the package. A useful file integrity checking tool. Given that neither badblocks nor smartctl reported aboutn any HD failure, I'll try this approach. Thanks! Regards, Angel -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709301: [Pkg-openssl-devel] Bug#709292: closed by Kurt Roeckx k...@roeckx.be (Re: Bug#709292: curl: Connection to https server produces SSL error.)
Hi, I get this: $ wget https://sede.dgt.gob.es/sede/faces/paginas/testra/testraIframe.xhtml?pagina=consulta.html --2013-05-23 19:02:18-- https://sede.dgt.gob.es/sede/faces/paginas/testra/testraIframe.xhtml?pagina=consulta.html Resolving sede.dgt.gob.es (sede.dgt.gob.es)... 213.4.59.219 Connecting to sede.dgt.gob.es (sede.dgt.gob.es)|213.4.59.219|:443... connected. [1157675.268577] wget[14792]: segfault at 1013c4ad4 ip 7f0ece581fee sp 7fff855b2670 error 4 in libgnutls.so.26.22.4[7f0ece564000+b9000] Segmentation fault That clearly looks like a real bug somewhere, and still open against libgnutls26. Kurt On Thu, May 23, 2013 at 08:25:10AM +0100, Caronte Estigia wrote: Good Morning Kurt, just one question. I think Alessandro reasigned the bug to both libssl and libgnutls. Am I correct? Question is because specifying the protocol solves the problem with libssl, not with libgnutls. When I test wget with --secure-protocol it works fine when compiled with libssl but it keeps failing with libgnutls. Could you please confirm the fact that the case is still open in libgnutls or should I file a new bug? Best regards. Francisco. De: Debian Bug Tracking System ow...@bugs.debian.org Para: rodrifra sable_la...@yahoo.es Enviado: Miércoles 22 de Mayo de 2013 18:21 Asunto: Bug#709292 closed by Kurt Roeckx k...@roeckx.be (Re: Bug#709292: curl: Connection to https server produces SSL error.) This is an automatic notification regarding your Bug report which was filed against the libssl1.0.0 package: #709292: libssl1.0.0: decryption failed or bad record mac during handshake It has been closed by Kurt Roeckx k...@roeckx.be. Their explanation is attached below along with your original report. If this explanation is unsatisfactory and you have not received a better one in a separate message then please contact Kurt Roeckx k...@roeckx.be by replying to this email. -- 709292: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709292 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems On Wed, May 22, 2013 at 02:32:29PM +0200, Alessandro Ghedini wrote: reassign 709292 libssl1.0.0 retitle 709292 libssl1.0.0: decryption failed or bad record mac during handshake clone 709292 -1 reassign -1 libgnutls26 retitle -1 libgnutls26: segfaults during handshake severity -1 important affects -1 wget kthxbye On Wed, May 22, 2013 at 01:37:35PM +0200, rodrifra wrote: Package: curl Version: 7.26.0-1+wheezy2 Severity: normal Dear Maintainer, Executing the following: curl -o pruebacurl.html https://sede.dgt.gob.es/sede/faces/paginas/testra/testraIframe.xhtml?pagina=consulta.html Produced the next error: error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac Forcing SSLv3 solves the problem: curl -3 -o pruebacurl.html https://sede.dgt.gob.es/sede/faces/paginas/testra/testraIframe.xhtml?pagina=consulta.html If there's any bug, it's probably in the server's SSL implementation, since it can't do a proper TLS handshake, in any case it's not curl's fault. I'm reassigning this to openssl (which is what curl uses) to make sure there's nothing wrong with it. Yes, this is the server's problems, nothing you can do about it other than downgrading to a lower TLS version. TLS 1.0 should work in most cases. About 1% of the servers are known to have this problem. The problem is that we announce that we support TLS 1.2 to the server, and the server should reply that it only supports 1.0, but just closes the connection or does something else weird. This is why you also see this with gnutls. There is nothing we can do in openssl or gnutls about this. What could be done is that something like curl or wget tries to connect again with a lower TLS version. But if you automate this, you also need to think about version downgrade attacks. Since we can't actually fix anything, and curl and wget have options to use a lower protocol version, I'm just going to close this bug. KurtPackage: curl Version: 7.26.0-1+wheezy2 Severity: normal Dear Maintainer, Executing the following: curl -o pruebacurl.html https://sede.dgt.gob.es/sede/faces/paginas/testra/testraIframe.xhtml?pagina=consulta.html Produced the next error: error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac Forcing SSLv3 solves the problem: curl -3 -o pruebacurl.html https://sede.dgt.gob.es/sede/faces/paginas/testra/testraIframe.xhtml?pagina=consulta.html wget has same problem in latest stable version, but oldstable works fine. -- System Information: Debian Release: 7.0 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/1 CPU core) Locale:
Bug#709447: nettoe: Pending package of nettoe-1.4.2.
package nettoe version 1.3.2-1 tags pending thanks An updated package of nettoe-1.4.2 is pending. The nettoe-1.4.* series just needed some seasoning! Best regards, Mats Erik Andersson, DM -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709488: xscreensaver: allow restarting xscreensaver while locked
Use kill. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#690531: Fwd: [fedora-astronomy] IRAF RPM spec files
Iraf is not forgooten :-) I just want to remind myself that there is an attempt to package iraf for Fedora Linux. They are able to compile the whole package now, so it makes sense to adopt their patches. This is from the Fedora-Astronomy mailing list http://lists.fedoraproject.org/pipermail/astronomy/ Entries covering IRAF start in March 2013. Most current files yet are from http://lists.fedoraproject.org/pipermail/astronomy/2013-May/000268.html: Name: iraf.spec Type: application/octet-stream Size: 3974 bytes URL: http://lists.fedoraproject.org/pipermail/astronomy/attachments/20130507/a4102518/attachment-0002.obj Name: iraf-build.patch Type: application/octet-stream Size: 97874 bytes URL: http://lists.fedoraproject.org/pipermail/astronomy/attachments/20130507/a4102518/attachment-0003.obj Best regards Ole Original-Nachricht Betreff: [fedora-astronomy] IRAF RPM spec files Datum: Sat, 23 Mar 2013 18:15:13 +0800 Von: joequant at gmail.com (Joseph Wang) Here is the latest set up patches. The main difference is that I found and fixed some fortran declarations and one very subtle but nasty segfault in fncache.c. I also changed the compile so that it uses the system expat and readline. The individual checkins are available at https://github.com/joequant/iraf The build file is just a git diff between master and linux-build. Let me know if they help the compile There is one extra patch that isn't used by the spec file which you can play with. I'm in the process of trying to get everything to work with gfortran, but am running into a lot of subtle memory issues. There is IRAF code that creates a subsystem for allocating memory and there are a lot of pointer conversion issues. On my machine I got a working RPM - NOAO/IRAF PC-IRAF Revision 2.16 EXPORT Thu May 24 15:41:17 MST 2012 This is the EXPORT version of IRAF V2.16 supporting PC systems. Welcome to IRAF. To list the available commands, type ? or ??. To get detailed information about a command, type `help command'. To run a command or load a package, type its name. Type `bye' to exit a package, or `logout' to get out of the CL.Type `news' to find out what is new in the version of the system you are using. Visit http://iraf.net if you have questions or to report problems. The following commands or packages are currently defined: Initializing SAMP No Hub Available dataio. images. lists. obsolete. proto. system. vo. dbms. language. noao. plot. softools. utilities. vocl
Bug#709510: nfs-common : error at upgrade breaks upgrade procedure
Package: nfs-common Version: 1:1.2.8-2 Severity: normal Upgrade give me following error : Errors were encountered while processing: nfs-common E: Sub-process /usr/bin/dpkg returned an error code (1) A package failed to install. Trying to recover: Setting up nfs-common (1:1.2.8-2) ... insserv: Service rpcbind has to be enabled to start service nfs-common insserv: exiting now! update-rc.d: error: insserv rejected the script header dpkg: error processing nfs-common (--configure): subprocess installed post-installation script returned error exit status 1 Errors were encountered while processing: nfs-common My setting was perfectly functional before upgrade to 1.2.8 rpcbind is not started neither is nfs. upgrade of a not started service should not break upgrade -- Package-specific info: -- rpcinfo -- -- System Information: Debian Release: jessie/sid APT prefers testing-proposed-updates APT policy: (900, 'testing-proposed-updates'), (900, 'testing'), (800, 'stable'), (500, 'proposed-updates'), (400, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages nfs-common depends on: ii adduser 3.113+nmu3 ii initscripts 2.88dsf-41 ii libc6 2.17-3 ii libcap2 1:2.22-1.2 ii libcomerr2 1.42.5-1.1 ii libdevmapper1.02.1 2:1.02.74-7 ii libevent-2.0-5 2.0.19-stable-3 ii libgssapi-krb5-21.10.1+dfsg-5 ii libk5crypto31.10.1+dfsg-5 ii libkeyutils11.5.5-7 ii libkrb5-3 1.10.1+dfsg-5 ii libmount1 2.20.1-5.4 ii libnfsidmap20.25-4 ii libtirpc1 0.2.2-5 ii libwrap07.6.q-24 ii lsb-base4.1+Debian9 ii rpcbind 0.2.0-8 ii ucf 3.0025+nmu3 Versions of packages nfs-common recommends: ii python 2.7.3-5 Versions of packages nfs-common suggests: pn open-iscsi none pn watchdognone -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#622119: [debian-mysql] Bug#622119: Bug#622119: mysql-server: logrotatescript fails, nothing to do
On Thu, 23 May 2013 15:22:03 +0200 Bjoern Boschman bjo...@boschman.de wrote: I really do not know. I'm used to always be root because I am developer of Puppy-es OS. Alli always root. -- BSS Servicio :. $telnet bayresmail.com.ar 2323 MamaLibre Reader :. http://mamalibre.com.ar/reader/ Buscador del Sur :. http://buscar.mamalibre.com.ar/ Voip Mumble :. http://mumble.com.ar Web Hosting :. http://mamalibre.com.ar Red Social :. http://legadolibre.com.ar Jabber/XMPP :. http://mamalibre.com.ar/xmpp/ MamaLibre, Casa en Lincoln, Ituzaingo 1085 CP6070, Buenos Aires, Argentina pgpRdCxQyuvJz.pgp Description: PGP signature
Bug#679640: [Enigmail] Fwd: Re: Can somone confirm or deny if PGP/Mime messages verify in Debian Wheezy/IceDove?
On 05/23/2013 12:56 PM, Andy Ruddock wrote: The message just sent to enigmail-us...@enigmail.net didn't verify on my SeaMonkey/Enigmail Wheezy install. I see a mail with three attachments, one of which is signature.asc yes, exactly. this is http://bugs.debian.org/679640 , which i am not sure how to fix. And it sounds like Patrick, while having gamely attempted one fix (very much appreciated!), does not want to spend more time trying to resolve it for the versions in debian wheezy. As a workaround, you can try verifying the message by copying it to your local folders and viewing it from there. i don't have enough insight as to how TB 10 changed its IMAP presentation layer to make it incompatible with the version of enigmail targetted at TB 10 know how to resolve the issue myself, so i'd appreciate any help from folks who might understand the situation better than i would. That said, the only affected message verifications are non-signed messages with a PGP/MIME-signed internal part, like so: A└┬╴multipart/mixed B ├┬╴multipart/signed C │├─╴text/plain D │└─╴application/pgp-signature attachment [signature.asc] E └─╴text/plain inline and only when these messages are viewed over IMAP -- NNTP and local folders do not appear to be affected. You'll find these messages in the wild; they are produced by mailman when it forwards on a signed message and appends a message footer. Arguably, verifying these nested signatures is itself a security liability that can lead to spoofed message verification UI (see the thread enigmail verification problem with signed message/rfc822 subparts on the enigmail list [0]), and thunderbird itself natively ignores similarly-structured embedded S/MIME message signatures. For clarity: consider what happens when (using the above message A as an example) message part C is short, and message part E is quite long. Can the user distinguish which material was actually signed by the issuer of the signature in D without viewing the message source? So in some sense, the version in wheezy is safer because in some circumstances it will refuse to show a message signature verification from a spoofed message that has a signed embedded part, while more recent versions will show the positive message verification UI. This is a pretty weak argument, though, since that verification UI will show anyway on the same message seen via Local Folders. Anyway, i'm afraid the problem currently remains unresolved (in either direction). Regards, --dkg [0] http://thread.gmane.org/gmane.comp.mozilla.enigmail.general/17707/focus=17839 signature.asc Description: OpenPGP digital signature
Bug#698648: zconf.h not cross-compiler safe
* Mark Brown broo...@debian.org [130522 20:01]: On Wed, May 22, 2013 at 07:40:55PM +0200, Bernhard R. Link wrote: If the issue is only that the file is broken when zlib is compiled with a cross compiler, wouldn't make more sense to simply fail the build if a cross-compiler is used, instead of introducing the hack of moving the file to an architecture specific directory? (Assuming there are no other bugs in that file making it architecture specific). You haven't provided any context here so it's difficult to tell what you're talking about... I tried opening a web browser and looking at the bug log but it's pretty hard to associate your comments with the report, this is nothing to do with building the package since Debian package builds are always native. The original bug reports says | Because the test is built with the cross-compiler when cross-compiling | it will (in general) not be able to run so if this package is | cross-built then that line is not replaced. If it is built natively | then it is replaced. i.e cross and natively built packages have | different zconf.h files This is a problem when bootstrapping a new | architecture when low-level libraries like this must be cross-built | until the arch is self-hosting. So the only verified case of zconf.h depending on a Debian system on the build (which would make it not safe for /usr/include in the current state but needing /usr/include/`dpkg-architecture -qDEB_BUILD_MULTIARCH`/) is about cross-compile architectures. As you say, Debian packages are usually always build natively, so if it only fails with cross-compiling, it might not be worth the hassle to move it into a subdirectory of /usr/include (which causes other problems, including but not limited to #707537). Bernhard R. Link -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#405713: spamassassin: Still occurs
On Thu, May 23, 2013 at 01:45:42AM +0930, Peter Gossner wrote: This issue has effected - at least 5 machines I have worked with. (and many virtuals) - has remained across versions. - blocks upgrades and even initial _install on stable releases_. - blocks sa-update (and others) Can I ask why you are enabling 'options inet6' in resolv.conf? The resolv.conf(5) documenation indicates that Some programs behave strangely when this option is turned on. I wonder what your use case for it is? While solution(s) seem simple (nameserver s/::1/127.0.0.1/ and remove the options inet6 line from /etc/resolv.conf) Its tricky getting to that solution on fresh installs. (without foreknowledge) 'options inet6' is not enabled on fresh installs. Just verified that. FWIW very similar IPv6 issues occur with cpan builds. Some weird perl dependency thing I expect. The existance of AAA::Mail::SpamAssassin is of note. So the real issue remain upstream. Note that 'options inet6' is not required or IPv6 transport or DNS resolution to work, generally. Do we need to run sa-update at install time ? You never *need* to run sa-update. The spamassassin packages include a collection of rules provided by upstream at the time that the package was most recently updated. However, it is highly recommended that you use sa-update in order to keep up with changing spam tactics. The recommended way to do this is by setting CRON=1 in /etc/default/spamassassin. noah signature.asc Description: Digital signature
Bug#709441: needs many jquery plagins packaged
./assets/stylesheets/plugins/jquery.fancybox-1.3.1.css ./assets/stylesheets/plugins/jquery-ui-1.8.4.custom.css ./assets/javascripts/plugins/jquery.url.js ./assets/javascripts/plugins/jquery.dataTables.min.js ./assets/javascripts/plugins/jquery.timeago.js ./assets/javascripts/plugins/jquery.fancybox-1.3.1.pack.js any help welcome -- പ്രവീണ് അരിമ്പ്രത്തൊടിയില് You have to keep reminding your government that you don't get your rights from them; you give them permission to rule, only so long as they follow the rules: laws and constitution. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709511: pu: package wdm/1.28-13+wheezy1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: pu Hi, release team, RC bug report http://bugs.debian.org/707231 was recently received against orphaned wdm pakage. Problem is that non-linux architectures do not have pam_selinux module and it was tagged as required in the pam configuration, so this could prevent the user to login on !linux architectures. I did a QA upload with a fixed package and, since original submitter suggested to put this change also into wheezy, want to ask release team about possible s-p-u upload. Do you consider this change suitable for stable-proposed-updates? Attached is debdiff with proposed changes. Thanks in advance, Regards, -- Agustin diff -Nru wdm-1.28/debian/changelog wdm-1.28/debian/changelog --- wdm-1.28/debian/changelog 2012-06-15 11:45:28.0 +0200 +++ wdm-1.28/debian/changelog 2013-05-23 19:15:20.0 +0200 @@ -1,3 +1,13 @@ +wdm (1.28-13+wheezy1) stable; urgency=low + + * QA upload. + * wdm.pam: Ignore pam_selinux.so failures when the module does not +exist (e.g. on architectures without SE Linux support like +non-linux) instead of requiring it. Thanks Laurent Bigonville for +bug report and proposed change (Closes: #707231). + + -- Agustin Martin Domingo agmar...@debian.org Thu, 23 May 2013 19:15:19 +0200 + wdm (1.28-13) unstable; urgency=low * QA upload. diff -Nru wdm-1.28/debian/wdm.pam wdm-1.28/debian/wdm.pam --- wdm-1.28/debian/wdm.pam 2012-06-15 11:46:02.0 +0200 +++ wdm-1.28/debian/wdm.pam 2013-05-23 19:08:17.0 +0200 @@ -2,6 +2,7 @@ # - authrequiredpam_nologin.so authrequiredpam_env.so envfile=/etc/default/locale + @include common-auth # - @include common-account @@ -9,11 +10,16 @@ # SELinux needs to be the first session rule. This ensures that any # lingering context has been cleared. Without out this it is possible # that a module could execute code in the wrong domain. -session requiredpam_selinux.so close -session requiredpam_limits.so -session requiredpam_loginuid.so +# pam_selinux is unavailable for !linux, use [...] instead of required. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +session requiredpam_limits.so +session requiredpam_loginuid.so + @include common-session + # SELinux needs to intervene at login time to ensure that the process # starts in the proper default security context. Only sessions which are # intended to run in the user's context should be run after this. -session requiredpam_selinux.so open +# pam_selinux is unavailable for !linux, use [...] instead of required. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open signature.asc Description: Digital signature
Bug#709512: libjson0: error while loading shared libraries: libjson.so.0
Package: libjson0 Version: 0.11-1 Severity: normal After update libjson0 from 0.10-1.2 to 0.11-1 some programs terminating with error: error while loading shared libraries: libjson.so.0: cannot open shared object file: No such file or directory some info about libjson: # locate libjson.so.0 /usr/lib/i386-linux-gnu/libjson.so.0 /usr/lib/x86_64-linux-gnu/libjson.so.0 # ls -la /usr/lib/x86_64-linux-gnu/libjson.so.0 lrwxrwxrwx 1 root root 36 май 17 00:09 /usr/lib/x86_64-linux- gnu/libjson.so.0 - /lib/x86_64-linux-gnu/libjson-c.so.2 # ls -la /lib/x86_64-linux-gnu/libjson-c.so.2 lrwxrwxrwx 1 root root 18 май 17 00:09 /lib/x86_64-linux-gnu/libjson-c.so.2 - libjson-c.so.2.0.1 # ls -la /usr/lib/i386-linux-gnu/libjson.so.0 lrwxrwxrwx 1 root root 34 май 18 15:17 /usr/lib/i386-linux-gnu/libjson.so.0 - /lib/i386-linux-gnu/libjson-c.so.2 # ls -la /lib/i386-linux-gnu/libjson-c.so.2 lrwxrwxrwx 1 root root 18 май 18 15:17 /lib/i386-linux-gnu/libjson-c.so.2 - libjson-c.so.2.0.1 # locate libjson-c.so.2.0.1 /lib/i386-linux-gnu/libjson-c.so.2.0.1 /lib/x86_64-linux-gnu/libjson-c.so.2.0.1 -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (990, 'unstable'), (500, 'testing-proposed-updates'), (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'oldstable-updates'), (500, 'oldstable-proposed-updates'), (500, 'testing'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.9-2.slh.1-aptosid-amd64 (SMP w/4 CPU cores; PREEMPT) Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709492: Numdiff doc is non free
Hi there, it turned out the GFDL is incompatible with debian policies, see here: http://www.debian.org/vote/2006/vote_001 Would it be possible to switch the numdiff docs to a different license such as the GNU General Public License ? Or at least to not include the optional invariant sections clause ? Otherwise we may be forced to remove those parts from the debian package ... TIA Paolo On 23/05/2013 17:54, Bastien ROUCARIÈS wrote: Package: src:numdiff Severity: serious user: debian...@lists.debian.org usertags: gfdl-invariant severity: serious At least : docs/numdiff.html docs/numdiff.info docs/numdiff.txi docs/numdiff.txt are under the gfdl with invariant section and thus non free. Please repackage, or ask upstream to relicence -- == Paolo Greppi +39 320 8960642 paolo.gre...@libpf.com http://www.libpf.com == -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709513: pear-aws-channel: substvar in Homepage
Source: pear-aws-channel Version: 0~20130409-1 Severity: minor debian/control contains this: Homepage: http://${phppear:channel-name}/ But when you build source package, this substitution variable is expanded to empty string. As a consequence, the Homepage field is the .dsc is bogus: $ grep ^Homepage pear-aws-channel_0~20130409-1.dsc Homepage: http:/// -- Jakub Wilk -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709382: mksh: broken Built-Using handling
Thorsten Glaser t...@mirbsd.de writes: Russ Allbery dixit: If not, I'm confused. I don't see any reason why dietlibc's license would change something about libgcc's license. dietlibc is GPL, so a derivate is also GPL. The mksh-static and lksh binaries, when linked against dietlibc, consist of dietlibc, libgcc and mksh derived source code, but the final binary is the work whose exact sources must be available. If this license analysis is correct, then we have to do this for every binary on the system that's covered by the GPL v2, since I believe some stub code from libgcc is *always* included statically in every binary, even if the binary is built dynamically. (Or at least there's a good chance that this will happen.) I've never heard the FSF, who are responsible for all the licenses in question, interpret the licenses this way. So I'm quite dubious that this analysis is correct. -- Russ Allbery (r...@debian.org) http://www.eyrie.org/~eagle/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709514: ITP: php5-stomp -- stomp module for PHP 5
Package: wnpp Severity: wishlist Owner: Jonas Genannt jonas.gena...@capi2name.de -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 * Package name: php5-stomp Version : 1.0.5 Upstream Author : Pierrick Charron pierr...@php.net * URL : http://pecl.php.net/package/stomp * License : PHP License 3.01 Programming Lang: C Description : stomp module for PHP 5 This extension allows php applications to communicate with any Stomp compliant Message Brokers through easy object oriented and procedural interfaces. The package will be maintained wihtin the pkg-php group. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJRnlmBAAoJEPBM7/YBbP/QuWYP/3SYbCnGgJzhSyMMliMUzdaY BYW9hGXm1krlGVelModqfthvRyCfnyrJSgwcySCWxKzi3Jmd9DpaeK6ptu8Llw8n 6Dzr45Nzuada+2sOx/5aH8MRsvrBVAj1VXPORaB1n9V5nxbw/xAwXU0G0A5Ddleo VxJHRsa/THyZMvgdc1BiU6uPtGQNFiXf0A0YpL6iqABk0MJhv4sQkf4Da1z/3kAr FZdt+tQwxEBqqviZ361NmMXrJ29TAPlOVeOppdfbXfh6xyEbKDMAHzBYwPzDU3nw c93cpiStm5HT08UmQ9XYSS19mZO95DAwL/hrWNuyKzevKjTmoIvXYC9V1VspdTGX bSnFrgLAVWFTkugNybEboaeCNX/7e0gApU30gI5XT6TqSFOb+gyCJaZePxLFWqQD wo4aZca9LKIWBZtzG3VYsrVphI/U+p0b7GAvcSyN+nbRyvuYbkZH02vsnsjvr74d b4Nyvj15K9XZhvDU8vw9I+J7ZcQgO+Xfkvmb0QeahJMZ/Fx2YARXBKlBGSLB8AWA d6ipD8txxIib88boCPOikY0iw56kfioBo9INjFValG8kOaQg9Bl3pZSpBQ87px8u 56qmJZVUhcd16y3NvAIjKblrnHujrwDJ1fT8OSHvI1voAGGhiCnlOA2DBO59pinJ c4SdvVO8/10lrnZb5f67 =Hhsi -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709515: libjson0: error while loading shared libraries: libjson.so.0
Package: libjson0 Version: 0.11-1 Severity: normal After update libjson0 from 0.10-1.2 to 0.11-1 some programs terminating with error: error while loading shared libraries: libjson.so.0: cannot open shared object file: No such file or directory some info about libjson: # locate libjson.so.0 /usr/lib/i386-linux-gnu/libjson.so.0 /usr/lib/x86_64-linux-gnu/libjson.so.0 # ls -la /usr/lib/x86_64-linux-gnu/libjson.so.0 lrwxrwxrwx 1 root root 36 май 17 00:09 /usr/lib/x86_64-linux- gnu/libjson.so.0 - /lib/x86_64-linux-gnu/libjson-c.so.2 # ls -la /lib/x86_64-linux-gnu/libjson-c.so.2 lrwxrwxrwx 1 root root 18 май 17 00:09 /lib/x86_64-linux-gnu/libjson-c.so.2 - libjson-c.so.2.0.1 # ls -la /usr/lib/i386-linux-gnu/libjson.so.0 lrwxrwxrwx 1 root root 34 май 18 15:17 /usr/lib/i386-linux-gnu/libjson.so.0 - /lib/i386-linux-gnu/libjson-c.so.2 # ls -la /lib/i386-linux-gnu/libjson-c.so.2 lrwxrwxrwx 1 root root 18 май 18 15:17 /lib/i386-linux-gnu/libjson-c.so.2 - libjson-c.so.2.0.1 # locate libjson-c.so.2.0.1 /lib/i386-linux-gnu/libjson-c.so.2.0.1 /lib/x86_64-linux-gnu/libjson-c.so.2.0.1 -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (990, 'unstable'), (500, 'testing-proposed-updates'), (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'oldstable-updates'), (500, 'oldstable-proposed-updates'), (500, 'testing'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.9-2.slh.1-aptosid-amd64 (SMP w/4 CPU cores; PREEMPT) Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709382: mksh: broken Built-Using handling
Russ Allbery dixit: If this license analysis is correct, then we have to do this for every binary on the system that's covered by the GPL v2, since I believe some Hmm. stub code from libgcc is *always* included statically in every binary, even if the binary is built dynamically. (Or at least there's a good The csu are included, and TTBOMK some of it comes from GCC and some from the libc in question, so, probably yes. Ouch. I've never heard the FSF, who are responsible for all the licenses in question, interpret the licenses this way. So I'm quite dubious that this analysis is correct. I’m not dubious it’s correct, but it’s likely nobody would care… but I’d rather not be the one making this decision. Whom to involve, d-legal? bye, //mirabilos -- I believe no one can invent an algorithm. One just happens to hit upon it when God enlightens him. Or only God invents algorithms, we merely copy them. If you don't believe in God, just consider God as Nature if you won't deny existence. -- Coywolf Qi Hunt -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709516: hivex: Python 3 support not fully implemented in hivex
Package: hivex Version: 1.3.7-3 Severity: normal Tags: patch It appears that you intend (from what's in debian/rules and control) to support python3, but with the current packaging no python3 bindings are provided. The attached patch provides a python3-hivex package that has support for the default python3 (currently 3.2). Ideally it would support all python3 versions, but I couldn't quite figure out why that wasn't happening. In any case, the attached would be a good step forward. diff -Nru hivex-1.3.7/debian/changelog hivex-1.3.7/debian/changelog --- hivex-1.3.7/debian/changelog 2013-05-23 10:08:18.0 -0400 +++ hivex-1.3.7/debian/changelog 2013-05-23 13:29:59.0 -0400 @@ -1,3 +1,12 @@ +hivex (1.3.7-4) UNRELEASED; urgency=low + + * Finish support for python3 bindings +- Add python3-hivex binary +- Add debian/python3-hivex.install +- Adjust debian/python-hivex.install to not include python3 files + + -- Scott Kitterman sc...@kitterman.com Thu, 23 May 2013 13:28:38 -0400 + hivex (1.3.7-3) unstable; urgency=low * Added patch to fix FTBFS due to usage of obsolete rake/rdoctask, diff -Nru hivex-1.3.7/debian/control hivex-1.3.7/debian/control --- hivex-1.3.7/debian/control 2013-05-23 07:45:32.0 -0400 +++ hivex-1.3.7/debian/control 2013-05-23 13:14:34.0 -0400 @@ -108,6 +108,15 @@ Python bindings for libhivex, a library for reading and writing Windows Registry hive binary files. +Package: python3-hivex +Architecture: any +Section: python +Depends: ${python3:Depends}, ${shlibs:Depends}, ${misc:Depends} +Description: Python 3 bindings for hivex + Python 3 bindings for libhivex, a library for reading and writing + Windows Registry hive binary files. + + Package: ruby-hivex Architecture: any Section: ruby diff -Nru hivex-1.3.7/debian/python3-hivex.install hivex-1.3.7/debian/python3-hivex.install --- hivex-1.3.7/debian/python3-hivex.install 1969-12-31 19:00:00.0 -0500 +++ hivex-1.3.7/debian/python3-hivex.install 2013-05-23 13:28:20.0 -0400 @@ -0,0 +1 @@ +/usr/lib/python3*/dist-packages diff -Nru hivex-1.3.7/debian/python-hivex.install hivex-1.3.7/debian/python-hivex.install --- hivex-1.3.7/debian/python-hivex.install 2013-05-23 07:45:32.0 -0400 +++ hivex-1.3.7/debian/python-hivex.install 2013-05-23 13:27:58.0 -0400 @@ -1 +1 @@ -/usr/lib/python*/dist-packages +/usr/lib/python2*/dist-packages
Bug#709517: RM: vcsh -- remove vcsh 1.2-3~bpo60+2 from squeeze-backports
Package: ftp.debian.org User: ftp.debian@packages.debian.org Usertag: rm X-Debbugs-Cc: brem...@debian.org Please remove vcsh 1.2-3~bpo60+2 from squeeze-backports. My sponsor, CC'ed, uploaded to squeeze-backports instead of squeeze-backports-sloppy by mistake. Once this is done, we will re-upload a version that will allow clean upgrades from squeeze-backports to wheezy. Thank you for your help and sorry for the extra effort, Richard -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#699208: [Pkg-mpd-maintainers] Bug#699208: some more
reassign 699208 dpkg 1.16.10 retitle 699208 start-stop-daemon on kFreeBSD fails to stop mpd on upgrade thanks On Wed, May 22, 2013 at 01:47:43AM +0200, Guillem Jover wrote: On Tue, 2013-05-21 at 23:28:10 +0200, Christoph Egger wrote: Wild guess: start-stop-daemon on bsd acting weird iff the actual binary on /usr/bin/mpd (--exec) is not the same (inode-wise) as the running one. Yeah the problem here is on s-s-d. hence reassigning from mpd to dpkg Florian -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709518: rblcheck do not work with an .rblcheckrc anymore
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Package: udns-utils Version: 0.2-2 Severity: important I used rblcheck often and liked the tool. But since the new upstream version, the tool do not work anymore. Well, it does, if I use rblcheck - -c -s ... 1.2.3.4, but it do not work with the lists in .rblcheckrc anymore. This makes the package in fact more or less unusable. Now I will downgrade to version 0.0.9-3, that was working perfect. - -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (800, 'unstable'), (600, 'oldstable'), (110, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.7.5 (SMP w/8 CPU cores; PREEMPT) Locale: LANG=de_DE, LC_CTYPE=de_DE (charmap=ISO-8859-1) (ignored: LC_ALL set to de_DE) Shell: /bin/sh linked to /bin/dash Versions of packages udns-utils depends on: ii libc6 2.17-3 ii libudns0 0.2-2 udns-utils recommends no packages. udns-utils suggests no packages. - -- no debconf information - -- Klaus Ethgen http://www.ethgen.ch/ pub 4096R/4E20AF1C 2011-05-16 Klaus Ethgen kl...@ethgen.de Fingerprint: 85D4 CA42 952C 949B 1753 62B3 79D0 B06F 4E20 AF1C -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQGcBAEBCgAGBQJRnl+9AAoJEKZ8CrGAGfasrjsL/0NdbiFWKtTQu1/wdifKjpH0 f2D8SW3H9PiFqROpFwBvKGfD3mpx60Sx6ll+jnNP8saSqG0RnMgLeOodzau+jKco 0wY9dc5tjEM/7vGXhPIijyJ7SS7ozm+kNYNmlPaCmul7NdGFBS8WB3uUArt2LkbB FgfVXgMoTmi8jJp8Lp/0825Qdm0MZe2EylJBF12u8phtlUQzBaPlaC8y43uKw+WJ 2zuwDNEVKeLTfrhs/h/X6XY7WU4Ga9RjMEpEmnLArCt/hrMmH6JxRBwuD+ThRhpj TiMG5KFIdz+a0mTzBTqfNhFOy7MwtanTCyIv8BABHCOwKsL/uY/LgY236jl2lR/g MGmMazOKvpGIUUukdy01mQw8uMIgkgrsJGbnlFaK5Jt3jWhu9rttT3gaEf6YAu7N rXH/D83h7FeNwpcqHhYBcKC9x5aczJNW8j2z/diceYJj+EGEHhfEV9nd1Ont4kzC VK6QHgR+Z1M5SQIp2GSFcDhadOUX8WLpWgY5m+I4yg== =EXRg -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#643948: nslcd: daemon hang during machine boot process
Today, for the first time I ran into this problem on my own system. From the logs: May 23 19:26:06 sorbet nslcd[2916]: accepting connections May 23 19:26:06 sorbet nslcd[2916]: Libgcrypt notice: state transition Power-On = Fatal-Error May 23 19:26:06 sorbet nslcd[2916]: Libgcrypt error: fatal error in file visibility.c, line 1283, function gcry_create_nonce: called in non-operational state May 23 19:26:06 sorbet nslcd[2916]: Libgcrypt terminated the application This is before handling any connections which would involve crypto. The only thing that is done after logging the accepting connections message is start some threads and install signal handlers and change the signal mask. The threads at this point probably did a few calls to malloc() and one call to select(). The code can be found here (line 807 logs the first message): http://arthurdejong.org/viewvc/nss-pam-ldapd/nss-pam-ldapd-0.8/nslcd/nslcd.c?revision=1950 Before the first log line the following calls are done which could be relevant (in this order): ldap_set_option(NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, 0) umask(022) daemon(0, 0) pthread_sigmask() initgroups() setgid() setuid() Is there something that nslcd should be doing differently? On Tue, 2011-10-04 at 15:11 +0200, Werner Koch wrote: On Sun, 2 Oct 2011 17:24, adej...@debian.org said: Btw, it seems to be pretty bad for a library to abort the whole application when it's state is inconsistent. This is a FIPS requirement. You are running your system in FIPS mode - see the manual. How can I put my system in sane mode ;) (which manual)? Thanks, -- -- arthur - adej...@debian.org - http://people.debian.org/~adejong -- signature.asc Description: This is a digitally signed message part
Bug#709516: hivex: Python 3 support not fully implemented in hivex
* Scott Kitterman: It appears that you intend (from what's in debian/rules and control) to support python3, but with the current packaging no python3 bindings are provided. Actually, the python-hivex package provides them: /usr/lib/python3/dist-packages /usr/lib/python3/dist-packages/hivex.py /usr/lib/python3/dist-packages/libhivexmod.so $ python3.3 Python 3.3.2 (default, May 18 2013, 17:07:09) [GCC 4.7.3] on linux Type help, copyright, credits or license for more information. import hivex hivex module 'hivex' from '/usr/lib/python3/dist-packages/hivex.py' Ignoring for a moment the issue that this module does not work with python 3.2, is there a problem with providing Python 2.x bindings and Python 3.x bindings in the same package? Cheers, -Hilko -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#696987: ITP: lasem -- MathML and SVG rendering library
noowner 696987 retitle 696987 RFS: lasem -- MathML and SVG rendering library thanks It's with a heavy heart that I retitle this bug. Cheers, Paul signature.asc Description: Digital signature
Bug#709519: README.Debian wrongly advise ${phppear:channel-name} substitution
Package: pkg-php-tools Version: 1.3 Severity: normal Hi, /usr/share/doc/pkg-php-tools/README.Debian advise to use Homepage: http://${phppear:channel-name}/ in the Source part of debian/control, but as pointed in #709513, that doesn’t work as expected when you build the source package. BTW, I wonder if some of the data are picked by pkg-php-tools at build time from the network, and if such an approach is actually policy compliant. Regards David -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable'), (500, 'oldstable'), (100, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.8-1-amd64 (SMP w/1 CPU core) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages pkg-php-tools depends on: ii debhelper 9.20130518 ii php-pear 5.4.15-1 ii php5-cli 5.4.15-1 pkg-php-tools recommends no packages. Versions of packages pkg-php-tools suggests: ii dh-make 0.62 -- no debconf information signature.asc Description: Digital signature
Bug#709511: pu: package wdm/1.28-13+wheezy1
Control: tags -1 + confirmed squeeze On Thu, 2013-05-23 at 19:51 +0200, Agustin Martin wrote: RC bug report http://bugs.debian.org/707231 was recently received against orphaned wdm pakage. Problem is that non-linux architectures do not have pam_selinux module and it was tagged as required in the pam configuration, so this could prevent the user to login on !linux architectures. Please go ahead, but using 1.28-13+deb7u1 as the version number. Regards, Adam -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709382: mksh: broken Built-Using handling
tl;dr: last paragraph. Dixi quod… Russ Allbery dixit: If this license analysis is correct, then we have to do this for every binary on the system that's covered by the GPL v2, since I believe some […] The csu are included, and TTBOMK some of it comes from GCC and some from the libc in question, so, probably yes. Ah. Got it. GPLv2 §3 says: | control compilation and installation of the executable. However, as a | special exception, the source code distributed need not include | anything that is normally distributed (in either source or binary | form) with the major components (compiler, kernel, and so on) of the | operating system on which the executable runs, unless that component | itself accompanies the executable. This clause is generally interpreted like this: If you link against something normally on the system (kernel, libc, compiler), but don’t put that (as upstream distributing precompiled binaries) into the same distribution as you program linked against it, it need not be GPL. But this interpretation is generally restricted to dynamically linked binaries… So that’s relatively vague. I have no idea whether it may help in general or in the specific case. I’d suggest to ask the FSF (as licence author), Felix von Leitner (as dietlibc author – note I have not analysed eglibc and klibc on whether they also force the mksh-static binary to be GPL), and maybe d-legal whether the distribution of a binary statically linked against dietlibc (GPL), the toolchain (kernel headers and GCC startup files, normally with an exception clause) and the binary’s regular source code (GPL compatible) causes the other parts to become subject to GPLv2 §3 as “complete source code”. Might also be worthwhile to look at Cygwin, whose licence statement interprets (current wording; it seems to change over time, and they switched to GPLv3 in the meantime, but the idea has been there for longer): | The Cygwin™ API library found in the winsup subdirectory of the | source code is also covered by the GNU GPL (with exceptions; see | below). By default, all executables link against this library (and in | the process include GPL'd Cygwin™ glue code). This means that unless | you modify the tools so that compiled executables do not make use of | the Cygwin™ library, your compiled programs will also have to be free | software distributed under the GPL with source code available to all. They basically say: by linking against the import library (eglibc has a rough equivalent in libc_nonshared.a) you always include parts of the library, so it’s GPL. (They have a special exception for open source software, but make actual money from selling commercial licences for people to link their applications against the Cygwin libc.) Now dietlibc contains no such exception, *and* it’s linked statically here, which makes this relatively hard to excuse. (Again, klibc and eglibc would need looking at; currently, I’m treating them the same, except only klibc pulls in linux-libc-dev AFAICT, so the others do not cause it to be added to Built-Using.) As for dynamically (against eglibc and possibly klibc; dietlibc does not currently support it) linked binaries… as far as I can tell, it is like this: The binary itself may be GPL, but for it, the exception causes “anything that is normally distributed” to not be subject to it, so it doesn’t matter. (Binaries linked against GPL libraries will be the same; the GPL library causes the main program, but not the system components, to be GPL – if you follow the FSF interpretation, which Debian does, and not the Python/Usenet one.) The system component itself will have an exception clause, so it doesn’t cause this either. I just looked at klibc: for shared binaries, only interp.o from usr/klibc/interp.S is added, which is so trivial it’s not even copyrightable. (klibc’s “dynamic” link mechanism is……… “different” and tricky. It’s not ELF shared objects.) For eglibc, the situation is well understood AFAIK, and it contains exception clauses for things like crt1.o IIRC. So, current Policy wording may indeed be correct in that it requires the B-U for static executables (even the startup objects part), but not for dynamically linked ones, since those libcs in Debian that do support that either do not infer the GPL on the executable or have exception clauses for that case, and since neither the executable nor any other (non-system, but Debian even considers OpenSSL non- system much to my chagrin, so basically all) libraries it links against cause the GPL to be applied to the system library part. bye, //mirabilos -- I believe no one can invent an algorithm. One just happens to hit upon it when God enlightens him. Or only God invents algorithms, we merely copy them. If you don't believe in God, just consider God as Nature if you won't deny existence. -- Coywolf Qi Hunt -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact
Bug#709520: Package z88dk has non-free files
Package: z88dk Version: 1.8.ds1 While reviewing the z88dk package I noticed these various files indicate a non-commercial restriction. I believe this is in violation of section 1 of the Debian Free Software Guidelines (DFSG) which indicate that the license of a Debian component may not restrict any party from selling or giving away the software. libsrc/oz/ozinterrupt/ozcustomisr.asm test/machine/Z80/CodesCB.h test/machine/Z80/CodesED.h test/machine/Z80/Codes.h test/machine/Z80/CodesXCB.h test/machine/Z80/CodesXX.h test/machine/Z80/ConDebug.c test/machine/Z80/Debug.c test/machine/Z80/Tables.h test/machine/Z80/Z80.c test/machine/Z80/Z80.h
Bug#709521: xrdp: Should register active sessions in utmp (and wtmp)
Package: xrdp Version: 0.5.0-2 Severity: important User: debian-...@lists.debian.org Usertags: debian-edu I discovered this while testing xrdp with Debian Edu Wheezy. I would log in using rdesktop, use the desktop for a while, and suddenly the rdesktop window would just disappear. The cause was the killer package, killing all non-niced processes of users that no longer was logged in. And the reason why it mistook my session as a no longer active login was that xrdp fail to register the session in /var/log/utmp. Thus 'who' did not show that I was logged in, KDE would not get a notification from shutdown and killer would kill all the users processes every hour. I assume it also will cause other problems. :) Normally the display manager (kdm,gdm, etc) will register the session with utmp and wtmp when the user log in, and remove/update it when the user log out. But xrdp fail to do so. Please change xrdp to register all active sessions in utmp and wtmp. This is the console output from pstree and who, showing that there is an active session, that do not show up in who when I run who from a root shell logged in via ssh: root@localhost:~# pstree init─┬─NetworkManager───{NetworkManager} ├─acpid ├─automount───2*[{automount}] ├─avahi-daemon───avahi-daemon ├─bluetoothd ├─console-kit-dae───64*[{console-kit-dae}] ├─cron ├─cupsd ├─2*[dbus-daemon] ├─dbus-launch ├─dconf-service───2*[{dconf-service}] ├─exim4 ├─gconfd-2 ├─6*[getty] ├─gnome-keyring-d───7*[{gnome-keyring-d}] ├─goa-daemon───{goa-daemon} ├─gsd-printer───{gsd-printer} ├─gvfs-afc-volume───{gvfs-afc-volume} ├─gvfs-gdu-volume ├─gvfs-gphoto2-vo ├─gvfsd ├─inetd ├─kdm─┬─Xorg │ └─kdm───kdm_greet───{kdm_greet} ├─minissdpd ├─mission-control───2*[{mission-control}] ├─modem-manager ├─munin-node ├─ntpd───ntpd ├─packagekitd───2*[{packagekitd}] ├─polkitd───{polkitd} ├─pulseaudio───{pulseaudio} ├─rpc.gssd ├─rpc.idmapd ├─rpc.statd ├─rpcbind ├─rsyslogd───3*[{rsyslogd}] ├─rtkit-daemon───2*[{rtkit-daemon}] ├─rwhod───rwhod ├─sshd───sshd───bash───pstree ├─sssd─┬─sssd_be │ ├─sssd_nss │ └─sssd_pam ├─udevd───2*[udevd] ├─udisks-daemon─┬─udisks-daemon │ └─{udisks-daemon} ├─upowerd───2*[{upowerd}] ├─xrdp───{xrdp} └─xrdp-sesman───xrdp-sessvc─┬─Xvnc ├─ck-launch-sessi─┬─ssh-agent │ └─x-session-manag─┬─evolution+ │ ├─gdu-notif+ │ ├─gnome-fal+ │ ├─gnome-pan+ │ ├─gnome-scr+ │ ├─gnome-set+ │ ├─gnome-sou+ │ ├─krb5-auth+ │ ├─metacity─+++ │ ├─nm-applet+++ │ ├─notificat+ │ ├─parcellit+ │ ├─polkit-gn+ │ ├─tracker-m+ │ ├─tracker-s+ │ └─3*[{x-ses+ └─xrdp-chansrv───{xrdp-chansrv} root@localhost:~# who root pts/02013-05-23 14:05 (cm-84.215.38.245.getinternet.no) root@localhost:~# -- System Information: Debian Release: 7.0 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 3.2.0-4-686-pae (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages xrdp depends on: ii adduser 3.113+nmu3 ii libc62.13-38 ii libpam0g 1.1.3-7.1 ii libssl1.0.0 1.0.1e-2 ii libx11-6 2:1.5.0-1 ii libxfixes3 1:5.0-4 Versions of packages xrdp recommends: ii vnc4server [vnc-server] 4.1.1+X4.3.0-37.1 xrdp suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#643948: nslcd: daemon hang during machine boot process
On Thu, 2013-05-23 at 20:34 +0200, Arthur de Jong wrote: Today, for the first time I ran into this problem on my own system. Forgot to mention, this is with the following versions: ii libc6 2.17-3 ii libgcrypt111.5.0-5 ii libgnutls262.12.23-4 ii libgssapi-krb5-2 1.10.1+dfsg-5 ii libldap-2.4-2 2.4.31-1+nmu2 ii libsasl2-2 2.1.25.dfsg1-6 ii multiarch-support 2.17-3 -- -- arthur - adej...@debian.org - http://people.debian.org/~adejong -- signature.asc Description: This is a digitally signed message part
Bug#648378: notification-daemon: Update to my comments
Package: notification-daemon Followup-For: Bug #648378 Dear Maintainer, Update: removing notification-daemon and instead installing the xfce4-notifyd daemon instead has fixed this for me. I wonder if the problem may in fact be due to the interaction between notification-daemon and the XFCE notification area, rather than a bug in notification-daemon? -- System Information: Debian Release: 7.0 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709516: hivex: Python 3 support not fully implemented in hivex
On Thursday, May 23, 2013 08:34:13 PM Hilko Bengen wrote: * Scott Kitterman: It appears that you intend (from what's in debian/rules and control) to support python3, but with the current packaging no python3 bindings are provided. Actually, the python-hivex package provides them: /usr/lib/python3/dist-packages /usr/lib/python3/dist-packages/hivex.py /usr/lib/python3/dist-packages/libhivexmod.so I did miss that, but Python only maintains ABI per python version, so you need a separate .so for python3.2 and 3.3 to support both. So something is wrong in that that one .so can't support both 3.2 and 3.3. You'll see that with my patch, dh_python3 does act on the .so and generate correct dependencies. It's now: usr/lib/python3/dist-packages/libhivexmod.cpython-32mu.so In python3 there is version specific ABI tagging in the .so name so that .so files for multiple versions can be installed in the same directory. This is described in http://www.python.org/dev/peps/pep-3149/ . I have seen cases before where, when the upstream build system did not support pep-3149, the .so would be built for both python3 versions with the unadorned name (libhivexmod.so) and installed into the same directory so the second one built overwrote the first. It make take some work in the hivex build system to correctly build for both versions (and Im not sure now if you have the version built for 3.2 or 3.3 in the current package. $ python3.3 Python 3.3.2 (default, May 18 2013, 17:07:09) [GCC 4.7.3] on linux Type help, copyright, credits or license for more information. import hivex hivex module 'hivex' from '/usr/lib/python3/dist-packages/hivex.py' Ignoring for a moment the issue that this module does not work with python 3.2, is there a problem with providing Python 2.x bindings and Python 3.x bindings in the same package? Yes. If you look at the python policy, we want to have the python and python3 runtimes be separate. This has a number of advantages for the python echo system in Debian, but the one that's the most directly relevant to hivex is proper package dependencies. Currently the python-hivex dependencies are: Depends: python (= 2.7), python ( 2.8), libc6 (= 2.1.3), libhivex0 So there's no dependency no a python3 interpreter, so just based on dependencies, the python3 portion is not usable (and given that generally in Debian python3 modules are in separate binary packages it would be quite surprising from a user perpective to fine it there. Split into it's own binary, python3-hivex, the depends would be (if we figure out the .so overwriting problem): Depends: python3 (= 3.2.3-3~), python3 ( 3.4), libc6 (= 2.1.3), libhivex0 With this approach, anyone wanting python3 bindings can install them along with the required dependencies. As an added bonus, these generated dependencies are how we track what packages need rebuilding for a python version transition: http://release.debian.org/transitions/html/python3.3.html The fact that hivex showed up as unknown there is what got me looking at the package in the first place. Scott K signature.asc Description: This is a digitally signed message part.
Bug#709352: FTBFS on all non-x86 architectures
Control: reassign -1 src:fcitx-sunpinyin Control: tags -1 + upstream On Thu, May 23, 2013 at 01:27:11AM +0800, Aron Xu wrote: fcitx-sunpinyin currently FTBFS on all non-x86 architectures according to buildd.debian.org[1]. I.e. on architectures with gcc 4.6. /build/buildd-fcitx-sunpinyin_0.4.0-1-mipsel-YXJvUo/fcitx-sunpinyin-0.4.0/src/eim.cpp:52:9: error: expected primary-expression before '.' token /build/buildd-fcitx-sunpinyin_0.4.0-1-mipsel-YXJvUo/fcitx-sunpinyin-0.4.0/src/eim.cpp:53:9: error: expected primary-expression before '.' token The code: FCITX_DEFINE_PLUGIN(fcitx_sunpinyin, ime, FcitxIMClass) = { .Create = FcitxSunpinyinCreate, .Destroy = FcitxSunpinyinDestroy }; It's valid C99 but invalid C++, it's rejected by gcc 4.6 while gcc 4.7 with -pedantic emits warning: ISO C++ does not allow C99 designated initializers. -- WBR, wRAR signature.asc Description: Digital signature
Bug#709228: radium-compressor: FTBFS: error: expected primary-expression before '.' token
On Wed, May 22, 2013 at 08:56:42PM +0600, Andrey Rahmatullin wrote: It is correct C99, but not C++98 (and probably not even C++11), but g++ 4.7 compiles it fine (unlike 4.6). I couldn't find out why. Note that with -pedantic it emits warning: ISO C++ does not allow C99 designated initializers. -- WBR, wRAR signature.asc Description: Digital signature
Bug#708802: pion-net: FTBFS: PionScheduler.cpp:105:40: error: expected unqualified-id before numeric constant
On Sat, May 18, 2013 at 07:39:48PM +0200, David Suárez wrote: PionScheduler.cpp:105:40: error: expected unqualified-id before numeric constant The code: boost::xtime_get(wakeup_time, boost::TIME_UTC); According to https://bugzilla.redhat.com/show_bug.cgi?id=825039 it's a problem in boost which is fixed in boost 1.50 by renaming the enum to boost::TIME_UTC_. -- WBR, wRAR signature.asc Description: Digital signature
Bug#709304: viewmol: broken menu entry in Gnome (directory $HOME not found)
I tested the viewmol menu entry in KDE, and here it worked. So it is Gnome not understanding Path=$HOME. No idea if it is according to the specification or not. Perhaps the problem is with Gnome and not viewmol? -- Happy hacking Petter Reinholdtsen -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#707102: mirror submission for debian.telsatbb.vu
Hi, On Fri, May 24, 2013 at 01:27:54AM +1100, Steve (Telsat Broadband) wrote: Thanks very much for the listing; however when I checked the mirrors page (http://www.debian.org/mirror/list); it's missing the 'Country Name' above our listing. Vanatu was not recognized as a country by some scripts. Webteam fixed that some hours ago, it should appear on next website build 18:20 KGB-2 taffit webwml english/template/debian/countries.wml * Add Vanuatu (VU): mirror is not yet totally isoquery-friendly -- Simon Paillard -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709522: xfce4: Upgrading from 4.8.3 did not upgrade xfce4-session
Package: xfce4 Version: 4.10.1 Severity: normal Dear Maintainer, I made a dist-upgrade having xfce 4.8.3 (from graphical environment, though), and xfce4-session did not get upgraded to 4.10.1. Something happened. In this situation, the Exit button was not working. This was the message in the window: method logout with signature bb on interface org.xfce.session.manager doesn't exist I guess that some internals have changed. I could solve the case by doing a: apt-get install --reinstall xfce4-session Perhaps if I had upgraded in a text-only environment it would have run smoothly, but being in X and xfce is very usual when upgrading xfce ;) -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.8-2-amd64 (SMP w/2 CPU cores) Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages xfce4 depends on: ii gtk2-engines-xfce 3.0.1-2 pn orage none ii thunar 1.6.3-1 ii xfce4-appfinder4.8.0-3 ii xfce4-mixer4.10.0-2 ii xfce4-panel4.10.1-1 ii xfce4-session 4.10.1-1 ii xfce4-settings 4.10.1-1 pn xfce4-utilsnone ii xfconf 4.10.0-2 ii xfdesktop4 4.10.2-2 ii xfwm4 4.10.1-1 Versions of packages xfce4 recommends: ii desktop-base 7.0.3 ii tango-icon-theme 0.8.90-5 ii thunar-volman 0.8.0-2 ii xfce4-notifyd 0.2.2-2 ii xorg 1:7.7+3 Versions of packages xfce4 suggests: pn xfce4-goodies none ii xfprint4 4.6.1-3
Bug#707364: erlang-cherly: FTBFS: stdio2.h:140:1: error: expected identifier or '(' before '{' token
Control: tags -1 + upstream On Thu, May 09, 2013 at 09:47:12AM +0200, Lucas Nussbaum wrote: In file included from /usr/include/stdio.h:937:0, from c_src/lru.c:5: /usr/include/x86_64-linux-gnu/bits/stdio2.h:140:1: error: expected identifier or '(' before '{' token The code in stdio2.h: __fortify_function int dprintf (int __fd, const char *__restrict __fmt, ...) { The code in c_src/lru.c: #include common.h #include stdio.h And the code in c_src/common.h: #ifdef DEBUG #define dprintf(format, args...) printf (format , ## args) #else #define dprintf(format, args...) #endif So it's a name clash between dprintf macro from c_src/common.h and dprintf(3) function from glibc/POSIX (they also do totally different things). -- WBR, wRAR signature.asc Description: Digital signature
Bug#709407: psi: Psi constantly aborting
Hi Martín! I suspect this is an incompatibility between psi (or some lib psi uses) and glibc 2.17, as that's the only library version which is different in testing. Versions of packages psi depends on: ii libc62.17-3 [...] Unfortunately, I don't have a system with that library version at hand. I hope I'll find the time to install a test system using that version. Meanwhile, it would be interesting if others see the same behaviour. So, dear readers of this ticket: If you are using psi on testing, feel free to post your experiences. Regards, Jan -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709523: sqlitebrowser: multiple problems with Find facility: only finds one data item, with wrong number, can't handle UTF-8
Package: sqlitebrowser Version: 2.0.0~beta1+ds.1-3 Severity: normal When using the Find facility in sqlitebrowser (under the Browse Data tab, the little magnifying glass next to the name of the table), it cheerfully finds the data, but the Record number it gives is unfailingly the final record number in the dataset, not the number of the located data item. Next, it only returns one data item found, even if there are multiple such within the database. Finally, if the data searched for contains Greek UTF-8 characters, it does not find the data (it does succeed in a search for é, so it is not simply ASCII versus non-ASCII). Julian -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (990, 'testing'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_GB.UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages sqlitebrowser depends on: ii libc6 2.17-3 ii libgcc11:4.8.0-7 ii libqt4-qt3support 4:4.8.2+dfsg-11 ii libqtcore4 4:4.8.2+dfsg-11 ii libqtgui4 4:4.8.2+dfsg-11 ii libsqlite3-0 3.7.16.2-1 ii libstdc++6 4.8.0-7 sqlitebrowser recommends no packages. sqlitebrowser suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709524: python-repoze.what: Import of sqlalchemy adapter
Package: python-repoze.what Version: 1.0.9-2 Severity: important Dear Maintainer, in /usr/share/pyshared/repoze/what/plugins/sql/adapters.py the import of SQLAlchemyError fail because the right pacqage path change from sqlalchemy.exceptions to sqlalchemy.exc here is the diff that correct 63c63 from sqlalchemy.exc import SQLAlchemyError --- from sqlalchemy.exceptions import SQLAlchemyError -- System Information: Debian Release: 7.0 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/8 CPU cores) Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages python-repoze.what depends on: ii python 2.7.3-4 ii python-paste 1.7.5.1-4.1 ii python-repoze.who 1.0.18-2 ii python-repoze.who-plugins 20090913-1 ii python-support 1.0.15 ii python-zope.interface 3.6.1-3 Versions of packages python-repoze.what recommends: ii python-pkg-resources 0.6.24-1 Versions of packages python-repoze.what suggests: ii libjs-jquery 1.7.2+dfsg-1 -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709525: nfs-common: After upgrade to 1.2.8-2, rpc.gssd segfaults on startup
Package: nfs-common Version: 1:1.2.8-2 Severity: important Dear Maintainer, After upgrading to 1.2.8-2 as part of normal Jessie upkeep, rpc.gssd started segfaulting immediately on startup, and I'm not really able to wrap my head around just why. The crash happens in libgssglue, in __gss_get_mechanism_cred, called by gss_init_sec_context, at g_init_sec_context.c:153 (still in libgssglue). It is rather clear that the crash happens because the copy of mglueP.h that is shipped with the source of libgssglue does not match that which is shipped with libkrb5. In the latter, the struct `gss_union_cred_t' has gained a new field called `loopback', and lost its `auxinfo' field, and when inspecting the gss_union_cred_t that has been passed to __gss_get_mechanism_cred, it clearly matched the definition from libkrb5. However, the fault does not seem to be lying with libgssglue, since the segafult only happens when nfs-common is upgraded, and downgrading nfs-common back to 1.2.6-3 makes it start working again. A simple guess from my side is that nfs-common has (erroneously?) been compiled against libkrb5 in some place where it should be compiled against libgssglue, perhaps? The structure and dependencies between the various packages involved is, however, far from obvious to me. (At the face of it, it seems like a hack, to begin with, that libgssglue has a local copy of a private header file from MIT Kerberos.) Whatever the problem is, it makes rpc.gssd, and therefore Kerberized NFS mounts, entirely unusable. Fix pl0x. :) -- Package-specific info: -- rpcinfo -- program vers proto port service 104 tcp111 portmapper 103 tcp111 portmapper 102 tcp111 portmapper 104 udp111 portmapper 103 udp111 portmapper 102 udp111 portmapper 1000211 udp 33453 nlockmgr 1000213 udp 33453 nlockmgr 1000214 udp 33453 nlockmgr 1000211 tcp 54248 nlockmgr 1000213 tcp 54248 nlockmgr 1000214 tcp 54248 nlockmgr 172 udp708 ypbind 171 udp708 ypbind 172 tcp709 ypbind 171 tcp709 ypbind 1000241 udp 38590 status 1000241 tcp 43595 status -- /etc/default/nfs-common -- NEED_STATD= STATDOPTS= NEED_IDMAPD=yes NEED_GSSD=yes -- /etc/idmapd.conf -- [General] Verbosity = 0 Pipefs-Directory = /var/lib/nfs/rpc_pipefs Domain = dolda2000.com [Mapping] Nobody-User = nobody Nobody-Group = nogroup -- /etc/fstab -- home.nfs:/home /home nfs4sec=krb5i 0 0 home.nfs:/usr/site /usr/site nfs hard,intr,tcp 0 0 home.nfs:/video /home/pub/video nfs4sec=krb5i 0 0 -- /proc/mounts -- home.nfs:/home /home nfs4 rw,relatime,vers=4,rsize=131072,wsize=131072,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=krb5i,clientaddr=192.168.1.181,minorversion=0,local_lock=none,addr=192.168.1.1 0 0 home.nfs:/usr/site /usr/site nfs rw,relatime,vers=3,rsize=131072,wsize=131072,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=192.168.1.1,mountvers=3,mountport=50152,mountproto=tcp,local_lock=none,addr=192.168.1.1 0 0 home.nfs:/video /home/pub/video nfs4 rw,relatime,vers=4,rsize=131072,wsize=131072,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=krb5i,clientaddr=192.168.1.181,minorversion=0,local_lock=none,addr=192.168.1.1 0 0 rpc_pipefs /var/lib/nfs/rpc_pipefs rpc_pipefs rw,relatime 0 0 -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (500, 'testing'), (99, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages nfs-common depends on: ii adduser 3.113+nmu3 ii initscripts 2.88dsf-41 ii libc6 2.17-3 ii libcap2 1:2.22-1.2 ii libcomerr2 1.42.5-1.1 ii libdevmapper1.02.1 2:1.02.74-7 ii libevent-2.0-5 2.0.19-stable-3 ii libgssglue1 0.4-2 ii libk5crypto31.10.1+dfsg-5 ii libkeyutils11.5.5-7 ii libkrb5-3 1.10.1+dfsg-5 ii libmount1 2.20.1-5.4 ii libnfsidmap20.25-4 ii libtirpc1 0.2.2-5 ii libwrap07.6.q-24 ii lsb-base4.1+Debian9 ii rpcbind 0.2.0-8 ii ucf 3.0025+nmu3 Versions of packages nfs-common recommends: ii python 2.7.3-5 Versions of packages nfs-common suggests: pn open-iscsi none pn watchdognone -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#708264: mpn/ia64/divrem_2.asm do not restore f17 register
On Thu, May 23, 2013 at 11:36:58AM +0200, Torbjorn Granlund wrote: Thanks for the report! Incidentally, Marco spotted this report someplace, and I committed a fix yesterday. I gather the bug is still present to 5.1.2, so could you advise a fix ? PARI/GP does not pass its test-suite on ia64 when using gmp 5.1.1. Cheers, -- Bill. ballo...@debian.org Imagine a large red swirl here. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709423: [Pkg-xfce-devel] Bug#709423: orage: depends on xfce4-panel 4.9 (not available in sid)
On jeu., 2013-05-23 at 10:27 +0200, Alberto Maurizi wrote: recently xfce4 compenents have been upgraded in sid while the present version of orage is said to depend on an older version of xfce4-panel. This makes orage not installable in sid. Thank you for maintaining a debian package. In case you didn't notice, we're actually in the middle of a transition, so filing a bug just delay it. We do know that some packages are not installable. If you're not comfortable with that, don't use unstable. Regards, -- Yves-Alexis signature.asc Description: This is a digitally signed message part
Bug#707793:
Hi David, Am 23.05.2013 18:10, schrieb David Roble: Thanks for the fix Micha. Since this bug affects wheezy, will the fixed package be hitting the 'stable' repo? I already proposed the release managers an update of smcroute in 'stable', so I expect it to be available as part of the next point release. Regards, Micha -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#708264: mpn/ia64/divrem_2.asm do not restore f17 register
On Thu, 23 May 2013, Bill Allombert wrote: On Thu, May 23, 2013 at 11:36:58AM +0200, Torbjorn Granlund wrote: Thanks for the report! Incidentally, Marco spotted this report someplace, and I committed a fix yesterday. I gather the bug is still present to 5.1.2, so could you advise a fix ? http://gmplib.org:8000/gmp-5.1/rev/394bdf8fdaee -- Marc Glisse -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709521: xrdp: Should register active sessions in utmp (and wtmp)
I tested a bit further, and this problem do not happen when using KDE, while it does happen with Gnome. I installed both KDE and Gnome, and tested by running 'update-alternatives --config x-session-manager' to switch the default desktop and logging in again via rdesktop. -- Happy hacking Petter Reinholdtsen -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709522: [Pkg-xfce-devel] Bug#709522: xfce4: Upgrading from 4.8.3 did not upgrade xfce4-session
On jeu., 2013-05-23 at 21:39 +0200, Josep Lladonosa wrote: Package: xfce4 Version: 4.10.1 Severity: normal Dear Maintainer, I made a dist-upgrade having xfce 4.8.3 (from graphical environment, though), and xfce4-session did not get upgraded to 4.10.1. Something happened. Thanks, what are we supposed to do with that? Perhaps if I had upgraded in a text-only environment it would have run smoothly, but being in X and xfce is very usual when upgrading xfce ;) And it's usually a bad idea too. We don't recommend it in the various releases notes. Regards, -- Yves-Alexis signature.asc Description: This is a digitally signed message part
Bug#708928: regression from 3.20-4: cannot connect to some gateways
Hello, Trečiadienis 22 Gegužė 2013 21:43:28 David Woodhouse rašė: On Tue, 2013-05-21 at 08:55 +0300, Modestas Vainius wrote: Yeah, for example, openconnect still complains with error messages after XML POST even in non-verbose mode. Thanks. Please could you test the second patch I just committed to git, on its own (i.e. without the previous patch, which I also committed). I'd like to check that the notice the connection broke, and make a new one code is working. http://git.infradead.org/users/dwmw2/openconnect.git/commitdiff/fe85faaeecdd 3da Sure. It seems to work. # openconnect -v https://gwaddress.example.com/ POST https://gwaddress.example.com/ Attempting to connect to server xx.xx.xx.xx:443 SSL negotiation with gwaddress.example.com Connected to HTTPS on gwaddress.example.com Failed to read from SSL socket: A TLS packet with unexpected length was received. Error fetching HTTPS response GET https://gwaddress.example.com/ Failed to write to SSL socket: The specified session has been invalidated for some reason. SSL negotiation with gwaddress.example.com Connected to HTTPS on gwaddress.example.com Got HTTP response: HTTP/1.1 303 See Other Content-Type: text/html Content-Length: 0 Location: https://gwaddress.example.com:443/webvpn.html Set-Cookie: webvpncontext=00@webvpn; path=/ Connection: Keep-Alive HTTP body length: (0) GET https://gwaddress.example.com/webvpn.html Got HTTP response: HTTP/1.1 200 OK Cache-Control: max-age=0 Content-Type: text/html Set-Cookie: webvpn=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/ Set-Cookie: webvpncontext=00@webvpn; path=/ X-Transcend-Version: 1 Content-Length: 473 Connection: close HTTP body length: (473) Please enter your username and password. USERNAME: signature.asc Description: This is a digitally signed message part.
Bug#709301: gnutls26_2.12.23-5_amd64.changes ACCEPTED into unstable
On 05/23/2013 02:19 PM, Debian FTP Masters wrote: gnutls26 (2.12.23-5) unstable; urgency=high . * [21_sanitycheck.diff] Fix out of bounds data access. Closes: #709301 Thanks for doing this, Andreas! are there plans to fix wheezy as well? --dkg signature.asc Description: OpenPGP digital signature
Bug#709526: gnome-settings-daemon: An example for input-devices hotplug-command
Package: gnome-settings-daemon Version: 3.4.2+git20121218.7c1322-3 Severity: wishlist Dear Maintainer, Could you please consider to add input-device-example.sh in /usr/share/doc/gnome-settings-daemon ? (see https://git.gnome.org/browse/gnome-settings-daemon/tree/plugins/common /input-device-example.sh) Regards Christophe -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (500, 'testing'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages gnome-settings-daemon depends on: ii dconf-gsettings-backend [gsettings-backend] 0.12.1-3 ii dpkg 1.16.10 ii gsettings-desktop-schemas3.4.2-3 ii libatk1.0-0 2.4.0-2 ii libc62.17-3 ii libcairo-gobject21.12.2-3 ii libcairo21.12.2-3 ii libcanberra-gtk3-0 0.28-6 ii libcanberra0 0.28-6 ii libcolord1 0.1.21-4 ii libcomerr2 1.42.5-1.1 ii libcups2 1.5.3-5 ii libdbus-glib-1-2 0.100.2-1 ii libfontconfig1 2.9.0-7.1 ii libgcrypt11 1.5.0-5 ii libgdk-pixbuf2.0-0 2.26.1-1 ii libglib2.0-0 2.33.12+really2.32.4-5 ii libgnome-desktop-3-2 3.4.2-1 ii libgnomekbd7 3.4.0.2-1 ii libgnutls26 2.12.20-6 ii libgssapi-krb5-2 1.10.1+dfsg-5 ii libgtk-3-0 3.4.2-6 ii libgudev-1.0-0 175-7.2 ii libk5crypto3 1.10.1+dfsg-5 ii libkrb5-31.10.1+dfsg-5 ii liblcms2-2 2.2+git20110628-2.2 ii libnotify4 0.7.5-2 ii libnspr4 2:4.9.6-1 ii libnspr4-0d 2:4.9.6-1 ii libnss3 2:3.14.3-1 ii libnss3-1d 2:3.14.3-1 ii libpackagekit-glib2-14 0.7.6-3 ii libpango1.0-01.30.0-1 ii libpolkit-gobject-1-00.105-3 ii libpulse-mainloop-glib0 2.0-6.1 ii libpulse02.0-6.1 ii libsqlite3-0 3.7.16.2-1 ii libupower-glib1 0.9.17-1 ii libwacom20.6-1 ii libx11-6 2:1.5.0-1 ii libxfixes3 1:5.0-4 ii libxi6 2:1.6.1-1 ii libxklavier165.2.1-1 ii libxtst6 2:1.2.1-1 ii nautilus-data3.4.2-1+build1 ii zlib1g 1:1.2.8.dfsg-1 Versions of packages gnome-settings-daemon recommends: ii pulseaudio 2.0-6.1 Versions of packages gnome-settings-daemon suggests: ii fluxbox [x-window-manager] 1.3.2-4 ii fvwm [x-window-manager] 1:2.6.5.ds-2 ii gnome-screensaver3.4.1-1 ii metacity [x-window-manager] 1:2.34.3-4 ii miwm [x-window-manager] 1.1-3 ii mutter [x-window-manager]3.4.1-5 ii twm [x-window-manager] 1:1.0.6-1 ii x11-xserver-utils7.7~3 -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709527: lush 2.0 has been out for a couple of years now!
Package: lush Version: 1.2.1-9+cvs20110227+nmu1build2 Severity: wishlist Lush 2.0 has been out for a couple of years; the stable 2.0.1 release is itself over two years old. It would be nice to see it packaged! -- System Information: Debian Release: wheezy/sid APT prefers raring-updates APT policy: (500, 'raring-updates'), (500, 'raring-security'), (500, 'raring') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.8.0-19-generic (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages lush depends on: ii libc6 2.17-0ubuntu5 ii libfontconfig1 2.10.2-0ubuntu2 ii libreadline66.2-9ubuntu1 ii libx11-62:1.5.0-1ubuntu1 ii libxft2 2.3.1-1 ii lush-library1.2.1-9+cvs20110227+nmu1build2 ii zlib1g 1:1.2.7.dfsg-13ubuntu2 Versions of packages lush recommends: ii freeglut3-dev 2.6.0-4ubuntu1 ii indent 2.2.11-3 ii libgsl0-dev 1.15+dfsg.2-2 ii liblapack-dev 3.4.2-1~exp3 ii libsdl-image1.2-dev 1.2.12-3~exp1ubuntu2 ii libsdl1.2-dev [libsdl-dev] 1.2.15-5ubuntu1 ii libxft-dev 2.3.1-1 ii libxt-dev 1:1.1.3-1 Versions of packages lush suggests: pn gfortran none ii libasound2-dev1.0.25-4ubuntu3.1 pn libaudiofile-dev none pn libcv-dev none ii libgl1-mesa-dev 9.1.1-0ubuntu3 -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709492: R: Re: Bug#709492: Numdiff doc is non free
Hi all, It is not a problem for me to remove the optional invariant sections clause. Next month I am going to release a new version of Numdiff with this change. Would it help if I switched from GFDL 1.2 to GFDL 1.3 or later? Kind regards, Ivano Primi Messaggio originale Da: paolo.gre...@libpf.com Data: 23/05/2013 19.48 A: Bastien ROUCARIÈSbastien.roucar...@u-cergy.fr, 709492@bugs.debian. org, ivpr...@libero.itivpr...@libero.it Ogg: Re: Bug#709492: Numdiff doc is non free Hi there, it turned out the GFDL is incompatible with debian policies, see here: http://www.debian.org/vote/2006/vote_001 Would it be possible to switch the numdiff docs to a different license such as the GNU General Public License ? Or at least to not include the optional invariant sections clause ? Otherwise we may be forced to remove those parts from the debian package ... TIA Paolo On 23/05/2013 17:54, Bastien ROUCARIÈS wrote: Package: src:numdiff Severity: serious user: debian...@lists.debian.org usertags: gfdl-invariant severity: serious At least : docs/numdiff.html docs/numdiff.info docs/numdiff.txi docs/numdiff.txt are under the gfdl with invariant section and thus non free. Please repackage, or ask upstream to relicence -- == Paolo Greppi +39 320 8960642 paolo.gre...@libpf.com http://www.libpf.com == -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709382: mksh: broken Built-Using handling
Thorsten Glaser t...@mirbsd.de writes: Ah. Got it. GPLv2 §3 says: | control compilation and installation of the executable. However, as a | special exception, the source code distributed need not include | anything that is normally distributed (in either source or binary | form) with the major components (compiler, kernel, and so on) of the | operating system on which the executable runs, unless that component | itself accompanies the executable. This clause is generally interpreted like this: If you link against something normally on the system (kernel, libc, compiler), but don’t put that (as upstream distributing precompiled binaries) into the same distribution as you program linked against it, it need not be GPL. Debian can't use this exception anyway because of the last clause. Since we *are* a distribution, all the components are considered to accompany the executable. I’d suggest to ask the FSF (as licence author), Felix von Leitner (as dietlibc author – note I have not analysed eglibc and klibc on whether they also force the mksh-static binary to be GPL), and maybe d-legal whether the distribution of a binary statically linked against dietlibc (GPL), the toolchain (kernel headers and GCC startup files, normally with an exception clause) and the binary’s regular source code (GPL compatible) causes the other parts to become subject to GPLv2 §3 as “complete source code”. debian-legal isn't really the correct venue. It's just a discussion list of people who want to talk about legal issues. It has no formal role in license review in the project and frequently arrives at conclusions that the project then doesn't follow. I hadn't thought about it from the angle of the GPL license on the source code to the executable. I knew the exception for the libgcc license let you basically do whatever you want as long as you built with GCC and thought that would be sufficient, and didn't think about the implications of the license on the binary requiring that the libgcc source be available. We probably need to have a broader discussion about this, but I think I'm going to start with leader and see if Lucas has an opinion about where to start with making decisions here. One option available to leader is to ask for an opinion from external legal counsel. -- Russ Allbery (r...@debian.org) http://www.eyrie.org/~eagle/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709528: Clamav found issue in package pymilter_0.9.5.orig.tar.gz
Package: pymilter Version: 0.9.5 I have been testing on my home server and have made a personal Debian package mirror and ran a ClamAV scan; it found multiple issues in the files under my mirror directory. One of them being the following... ClamAV version: ClamAV 0.97.8/17264/Thu May 23 09:12:25 2013 Clamscan output: ftp.us.debian.org/debian/pool/main/p/pymilter/pymilter_0.9.5.orig.tar.gz: Exploit.IFrame.Gen FOUND
Bug#709529: rdesktop: Fail to handle window resize event correctly (missing ui_reset_clip() call)
Package: rdesktop Version: 1.7.0-1 Severity: important Tags: patch User: debian-...@lists.debian.org Usertags: debian-edu This is a patch created by my college Dag-Erling Smørgrav to fix a bug in rdesktop. When the screen size changes, rdesktop resizes its window (unless running in full-screen mode) but does not reset the clipping rectangle, causing the portion of the screen outside the old boundaries to remain blank. The attached patch solve the problem. -- Happy hacking Petter Reinholdtsen --- rdesktop-1.7.0.orig/xwin.c 2011-04-18 13:21:57.0 +0200 +++ rdesktop-1.7.0/xwin.c 2012-10-08 07:20:22.924324493 +0200 @@ -2149,6 +2149,8 @@ XFreePixmap(g_display, g_backstore); g_backstore = bs; } + + ui_reset_clip(); } void
Bug#709382: Built-Using, libgcc, and libc_nonshared
Hi Lucas, In a discussion of mksh-static (see http://bugs.debian.org/709382), the question of GPL compliance for the source code of the components of libgcc and libc that are incorporated into binaries came up. mksh-static of course links statically and therefore pulls in substantial portions of library source, but there are parts of libgcc and possibly libc that are always incorporated into binaries, even ones that are dynamically linked. I had previously assumed that this did not impose any restrictions on source code availability for the libgcc and libc source because they both have run-time exceptions that basically allow one to incorporate that code into binaries under any other license without following the terms of the GPL or LGPL. However, Thorsten has raised the interesting point that the license of the source code for the binary may be GPL with no exceptions, and therefore under the GPL the resulting compiled executable is covered by the GPL and we have to provide its complete source code. That would seem to include the source for the incorporated static libgcc and libc components, since Debian cannot make use of the operating system component exception in the GPL. Obviously, I don't think anyone does this, and we've never done it historically. But no one does this isn't the most compelling argument when it comes to license compliance. If we do need to preserve source for the libcc and libc components incorporated into binary builds, that's going to mean Built-Using for nearly the whole archive, and a lot of complexity on the DAK side. That's obviously not very desirable. We would rather decide that we don't need to do this. But I don't know what procedure we should follow, as a project, to decide that. Also, if we're going to decide that we're not going to track source code for that sort of inclusion, we need to know what the boundaries of that exception or decision are, and whether it would also apply to fully statically-linked binaries, etc. We should document that policy in Debian Policy so that people know when to use Built-Using and when not to. Do you have an opinion on how we should make these decisions as a project? Is this a place where possibly we should seek the opinion of legal counsel? -- Russ Allbery (r...@debian.org) http://www.eyrie.org/~eagle/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709530: qalculate-gtk: Please enable disabled hardening flags
Package: qalculate-gtk Version: 0.9.7-4 Severity: normal Tags: patch Hello, You've disabled most of the hardening in debian/patches, please re-enable it. The attached patch fixes the build with -Werror=format-security (if possible it should be sent to upstream), therefore the following hardening setting should work fine: export DEB_BUILD_MAINT_OPTIONS = hardening=+all Regards Simon -- + privacy is necessary + using gnupg http://gnupg.org + public key id: 0x92FEFDB7E44C32F9 Description: Fix compiling with -Werror=format-security. Prevents format string attacks. Author: Simon Ruderich si...@ruderich.org Last-Update: 2013-05-23 --- qalculate-gtk-0.9.7.orig/src/callbacks.cc +++ qalculate-gtk-0.9.7/src/callbacks.cc @@ -388,12 +388,12 @@ void wrap_expression_selection() { } void show_message(const gchar *text, GtkWidget *win) { - GtkWidget *edialog = gtk_message_dialog_new(GTK_WINDOW(win), GTK_DIALOG_DESTROY_WITH_PARENT, GTK_MESSAGE_ERROR, GTK_BUTTONS_CLOSE, text); + GtkWidget *edialog = gtk_message_dialog_new(GTK_WINDOW(win), GTK_DIALOG_DESTROY_WITH_PARENT, GTK_MESSAGE_ERROR, GTK_BUTTONS_CLOSE, %s, text); gtk_dialog_run(GTK_DIALOG(edialog)); gtk_widget_destroy(edialog); } bool ask_question(const gchar *text, GtkWidget *win) { - GtkWidget *edialog = gtk_message_dialog_new(GTK_WINDOW(win), GTK_DIALOG_DESTROY_WITH_PARENT, GTK_MESSAGE_ERROR, GTK_BUTTONS_YES_NO, text); + GtkWidget *edialog = gtk_message_dialog_new(GTK_WINDOW(win), GTK_DIALOG_DESTROY_WITH_PARENT, GTK_MESSAGE_ERROR, GTK_BUTTONS_YES_NO, %s, text); int question_answer = gtk_dialog_run(GTK_DIALOG(edialog)); gtk_widget_destroy(edialog); return question_answer == GTK_RESPONSE_YES; @@ -654,7 +654,7 @@ void display_errors(GtkTextIter *iter = GTK_DIALOG_DESTROY_WITH_PARENT, GTK_MESSAGE_INFO, GTK_BUTTONS_CLOSE, - CALCULATOR-message()-message().c_str()); + %s, CALCULATOR-message()-message().c_str()); gtk_dialog_run(GTK_DIALOG(edialog)); gtk_widget_destroy(edialog); } @@ -667,14 +667,14 @@ void display_errors(GtkTextIter *iter = GTK_DIALOG_DESTROY_WITH_PARENT, GTK_MESSAGE_ERROR, GTK_BUTTONS_CLOSE, - str.c_str()); + %s, str.c_str()); } else { edialog = gtk_message_dialog_new( GTK_WINDOW(win), GTK_DIALOG_DESTROY_WITH_PARENT, GTK_MESSAGE_WARNING, GTK_BUTTONS_CLOSE, - str.c_str()); + %s, str.c_str()); } gtk_dialog_run(GTK_DIALOG(edialog)); signature.asc Description: Digital signature
Bug#709531: Nexuiz: New homepage
Package: nexuiz Version: 2.5.2+dp-2 Severity: minor Hello, Nexuiz Classic moved to another web presence. The package description still mentions the old address. Old: http://www.nexuiz.com/classic.php New: http://www.alientrap.org/games/nexuiz Regards, Markus signature.asc Description: OpenPGP digital signature
Bug#709382: mksh: broken Built-Using handling
Russ Allbery dixit: debian-legal isn't really the correct venue. It's just a discussion list Ah, okay. going to start with leader and see if Lucas has an opinion about where to start with making decisions here. One option available to leader is to ask for an opinion from external legal counsel. That sounds like a good idea. (Were legal reasons the driving force behind adding Built-Using in the first place?) bye, //mirabilos -- Sometimes they [people] care too much: pretty printers [and syntax highligh- ting, d.A.] mechanically produce pretty output that accentuates irrelevant detail in the program, which is as sensible as putting all the prepositions in English text in bold font. -- Rob Pike in Notes on Programming in C -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#708331: icedove 17.0.5-1 to FTBFS on mipsel, armel, sparc, ia64 due to segfault when zipping
On Thu 2013-05-23 11:27:20 -0400, Daniel Kahn Gillmor wrote: i will repeat the above test once that rebuild terminates (either with success or failure) and report back. it looks like i'm running into the same problem, even with --disable-jemalloc: (sid_ia64-dchroot)dkg@merulo:~/src/icedove/icedove-17.0.5$ $(pwd)/mozilla/dist/bin/run-mozilla.sh $(pwd)/mozilla/dist/bin/xpcshell -h Segmentation fault (sid_ia64-dchroot)dkg@merulo:~/src/icedove/icedove-17.0.5$ $(pwd)/mozilla/dist/bin/run-mozilla.sh -g $(pwd)/mozilla/dist/bin/xpcshell MOZILLA_FIVE_HOME=/home/dkg/src/icedove/icedove-17.0.5/mozilla/dist/bin LD_LIBRARY_PATH=/home/dkg/src/icedove/icedove-17.0.5/mozilla/dist/bin:/home/dkg/src/icedove/icedove-17.0.5/mozilla/dist/bin/plugins:/home/dkg/src/icedove/icedove-17.0.5/mozilla/dist/bin DYLD_LIBRARY_PATH=/home/dkg/src/icedove/icedove-17.0.5/mozilla/dist/bin:/home/dkg/src/icedove/icedove-17.0.5/mozilla/dist/bin LIBRARY_PATH= SHLIB_PATH=/home/dkg/src/icedove/icedove-17.0.5/mozilla/dist/bin:/home/dkg/src/icedove/icedove-17.0.5/mozilla/dist/bin LIBPATH=/home/dkg/src/icedove/icedove-17.0.5/mozilla/dist/bin:/home/dkg/src/icedove/icedove-17.0.5/mozilla/dist/bin ADDON_PATH= MOZ_PROGRAM=/home/dkg/src/icedove/icedove-17.0.5/mozilla/dist/bin/xpcshell MOZ_TOOLKIT= moz_debug=1 moz_debugger= moz_debugger_args= /usr/bin/gdb --args /home/dkg/src/icedove/icedove-17.0.5/mozilla/dist/bin/xpcshell GNU gdb (GDB) 7.4.1-debian Copyright (C) 2012 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type show copying and show warranty for details. This GDB was configured as ia64-linux-gnu. For bug reporting instructions, please see: http://www.gnu.org/software/gdb/bugs/... Reading symbols from /home/dkg/src/icedove/icedove-17.0.5/mozilla/dist/bin/xpcshell...done. (gdb) run -h Starting program: /home/dkg/src/icedove/icedove-17.0.5/mozilla/dist/bin/xpcshell -h [Thread debugging using libthread_db enabled] Using host libthread_db library /lib/ia64-linux-gnu/libthread_db.so.1. [New Thread 0x29deef20 (LWP 16074)] [New Thread 0x2a5eef20 (LWP 16075)] [New Thread 0x2af4ef20 (LWP 16076)] [New Thread 0x2b7a6f20 (LWP 16077)] Program received signal SIGSEGV, Segmentation fault. 0x262bb340 in js::gc::InitMemorySubsystem () at /home/dkg/src/icedove/icedove-17.0.5/mozilla/js/src/gc/Memory.cpp:306 306 MOZ_CRASH(); (gdb) bt #0 0x262bb340 in js::gc::InitMemorySubsystem () at /home/dkg/src/icedove/icedove-17.0.5/mozilla/js/src/gc/Memory.cpp:306 #1 0x25ea13d0 in JS_Init (maxbytes=33554432) at /home/dkg/src/icedove/icedove-17.0.5/mozilla/js/src/jsapi.cpp:1057 #2 0x22e4f8f0 in XPCJSRuntime::XPCJSRuntime (this=0x602e8750, aXPConnect=0x602e8670) at /home/dkg/src/icedove/icedove-17.0.5/mozilla/js/xpconnect/src/XPCJSRuntime.cpp:2159 #3 0x22e52d00 in XPCJSRuntime::newXPCJSRuntime (aXPConnect=0x602e8670) at /home/dkg/src/icedove/icedove-17.0.5/mozilla/js/xpconnect/src/XPCJSRuntime.cpp:2240 #4 0x22df2980 in nsXPConnect::nsXPConnect (this=0x602e8670) at /home/dkg/src/icedove/icedove-17.0.5/mozilla/js/xpconnect/src/nsXPConnect.cpp:84 #5 0x22df2b60 in nsXPConnect::GetXPConnect () at /home/dkg/src/icedove/icedove-17.0.5/mozilla/js/xpconnect/src/nsXPConnect.cpp:144 #6 0x21bcafa0 in nsContentUtils::Init () at /home/dkg/src/icedove/icedove-17.0.5/mozilla/content/base/src/nsContentUtils.cpp:344 #7 0x2159cd50 in nsLayoutStatics::Initialize () at /home/dkg/src/icedove/icedove-17.0.5/mozilla/layout/build/nsLayoutStatics.cpp:144 #8 0x215998f0 in Initialize () at /home/dkg/src/icedove/icedove-17.0.5/mozilla/layout/build/nsLayoutModule.cpp:354 #9 0x245476d0 in nsComponentManagerImpl::KnownModule::Load (this=0x600747e0) at /home/dkg/src/icedove/icedove-17.0.5/mozilla/xpcom/components/nsComponentManager.cpp:699 #10 0x24548380 in nsFactoryEntry::GetFactory (this=0x60074850) at /home/dkg/src/icedove/icedove-17.0.5/mozilla/xpcom/components/nsComponentManager.cpp:1701 #11 0x24548670 in CreateInstanceByContractID (aResult=0x6f8dafe0, aIID=..., aDelegate=0x0, aContractID=0x4002feb0 @mozilla.org/js/xpc/RuntimeService;1, this=0x60038370) at /home/dkg/src/icedove/icedove-17.0.5/mozilla/xpcom/components/nsComponentManager.cpp:1027 #12 nsComponentManagerImpl::CreateInstanceByContractID (this=optimized out, aContractID=0x4002feb0 @mozilla.org/js/xpc/RuntimeService;1, aDelegate=optimized out, aIID=..., aResult=0x6f8dafe0) at /home/dkg/src/icedove/icedove-17.0.5/mozilla/xpcom/components/nsComponentManager.cpp:980 #13 0x2454f650 in GetServiceByContractID
Bug#709382: mksh: broken Built-Using handling
Thorsten Glaser t...@mirbsd.de writes: (Were legal reasons the driving force behind adding Built-Using in the first place?) Yes, although not this particular issue. There are a set of packages that we build that use other packages as source during the build process. The most common are cross-compilation tool chains, but there are also some externally-maintained GCC frontends that incorporate GCC code at build time, etc. We needed a way to represent that the specific version of, say, GCC incorporated into that build was part of the source and therefore had to be retained in the archive until the binaries built from that source were replaced. At the time, though, the assumption was that Built-Using would be a fairly rare thing that would only be used for those few score packages that were Build-Depending on *-source packages. -- Russ Allbery (r...@debian.org) http://www.eyrie.org/~eagle/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709532: html2text: Switch to 3.0 (quilt) source format
Source: html2text Version: 1.3.2a-15 Severity: wishlist Tags: patch Here's a patch which drops the quilt Build-Depends, and instead uses the 3.0 (quilt) source format to let dpkg-source take care of applying the patches. (It also includes a fix to make debian/rules obey DEB_BUILD_OPTIONS=nocheck.) Why I'd like to see this: the context is my pbuildd project, where the aim is to bootstrap the Debian archive from source packages and a minimal starting chroot created by debootstrap, with a minimum of downloading truly self-build-depending packages like gnat. Since html2text is a dependency of debhelper, that means I need to be able to bootstrap html2text very early in the process, where bootstrapping quilt isn't quite as easy. -- Daniel Schepler html2text.diff Description: Binary data
Bug#709382: Built-Using, libgcc, and libc_nonshared
Russ Allbery wrote: mksh-static of course links statically and therefore pulls in substantial portions of library source, but there are parts of libgcc and possibly libc that are always incorporated into binaries, even ones that are dynamically linked. Are those parts that are incorporated when dynamically linking substantial enough to be relevant for copyright law? If so, the gcc runtime license is problematic, since it would render all GPLv2-only programs nondistributable by Debian dstributors because the clause unless that component itself accompanies the executable would take effect. So I think we would need to get clarification from the gcc runtime authors in that case. Thanks, Jonathan -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709382: Built-Using, libgcc, and libc_nonshared
Jonathan Nieder jrnie...@gmail.com writes: Russ Allbery wrote: mksh-static of course links statically and therefore pulls in substantial portions of library source, but there are parts of libgcc and possibly libc that are always incorporated into binaries, even ones that are dynamically linked. Are those parts that are incorporated when dynamically linking substantial enough to be relevant for copyright law? That's an interesting question. I don't know. (Furthermore, I don't know if they're guaranteed to not become so later even if they aren't now.) If so, the gcc runtime license is problematic, since it would render all GPLv2-only programs nondistributable by Debian dstributors because the clause unless that component itself accompanies the executable would take effect. Oh, I think this is the point that Jakub was making, but I didn't think it all the way through. The problem is that, while the runtime exception allows the resulting executable binary to be distributed under the terms of the GPLv2, the GPLv2 itself requires that all of the *source* for the binary be distributed under the GPLv2. And the libgcc *source* is only available under the GPLv3, and the runtime exception doesn't allow one to distribute the *source* under different terms, only the resulting binary. Bleh. Clearly no one else in the world is worrying about this; there's lots of GPLv2-only software out there and all the distributions are happily distributing binaries built with current GCC without worrying about this. I'm not sure to what extent we can use that as an excuse, though. -- Russ Allbery (r...@debian.org) http://www.eyrie.org/~eagle/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709533: libchart-perl: generate ugly popcon graph again
Package: libchart-perl Version: 2.4.5-1 Severity: normal Hello Debian Perl Group, popcon.debian.org has been updated to wheezy and now the chart are ugly: there are useless dots below the lines and I did not manage to get rid of them. I join a test case. You can compare the result with squeeze and sid there: http://people.debian.org/~ballombe/popcongraph/ Cheers, -- Bill. ballo...@debian.org Imagine a large red swirl here. #! /usr/bin/perl -w use Chart::LinesPoints; @data=([2000..2020], [(18) x 21]); $obj=Chart::LinesPoints-new (600,400); $obj-set ('title' = squeeze); $obj-set ('brush_size' = 3); $obj-set ('pt_size' = 3); $obj-set ('x_ticks' = 'vertical'); $obj-png (foo.png,\@data);
Bug#706361: gti review
Hello Felix, Thank you for your corrections. We're almost there, but I hope that few more pedantic issues could be fixed... :) I take it it is not customary to provide overrides for pedantic warnings? You can do it and on some occasions I overridden some pedantic warnings to acknowledge that I've had a look at it and no further action is necessary. I found overrides useful with maintaining many packages where I tend to forget whenever I already dealt with the warning in particular package. But it is important to recognise unnecessary overrides such as those that tell you about problems that can be addressed by you or by upstream developer(s). It is not good to silence such warnings so the best would be to keep them as reminders however unimportant they may appear. No upstream changelog can remind you to include changelog if/when upstream decide to add it or it may be a reminder to suggest upstream to ship it. Also you may choose to generate changelog if you produce orig.tar from repository checkout. Perhaps there is no reason to silence this particular warning if upstream changelog is not shipped... License name MIT is incorrect even though upstream may refer to this license as such. MIT is considered ambiguous by the Free Software Foundation. Yes, I saw that, which is why I included the full license text. I assumed that would disambiguate it. Does the ambiguous designation mean that the name MIT should simply not be used? I have changed it to MIT Old Style. I think you can use MIT to refer to new MIT license text but perhaps it would be better to call it Expat as advised in copyright-format-specification-1.0: There are many versions of the MIT license. Please use Expat instead, when it matches. Please do not use spaces in short license name -- see examples in copyright-format-1.0 specification which clearly state that License names are case-insensitive, and may not contain spaces. Remember I suggested to use MIT-old-style not MIT Old Style? ;) Specifically I think it is a good practice to maintain Forwarded and Last-Update headers. All patches now have these. Thanks. As for usage of Forwarded field it is unusual to leave it empty. When your patch have only debian customisation and not useful for upstream just use Forwarded: not-needed and you can skip long explanation (in description) why and how this patch is not useful for forwarding. Again, thank you for your review. I appreciate all the information you've shared, and I think the package is much improved after these changes. Thank you, it's been a pleasure to help. :) I checked updated version and to my taste the car is still moving too fast. Of course this is not a problem, just feedback. All the best, Dmitry Smirnov GPG key : 4096R/53968D1B --- I hate all sports as rabidly as a person who likes sports hates common sense. -- H. L. Mencken -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709534: amd geode hardware netinst failure
Package: installation-reports Boot method: How did you boot the installer? = network via USB Image version: Full URL to image you downloaded is best http://cdimage.debian.org/cdimage/daily-builds/daily/arch-latest/i386/iso-cd/debian-testing-i386-netinst.iso Date: 5-23-2012 3pm Machine: DT Research WebDT366 AMD Geode SOC Processor: Geode LX800 Memory: 512MB RAM Partitions: one root partition on a 4gb ide dom Output of lspci -knn (or lspci -nn): Base System Installation Checklist: installer would not install base system Initial boot: [x ] Detect network card:[x ] Configure network: [x ] Detect CD: [ ] no cd drive Load installer modules: [x ] Detect hard drives: [x ] Partition hard drives: [x ] Install base system:[o ] Clock/timezone setup: [x ] User/password setup:[x ] Install tasks: [o ] Install boot loader:[o ] Overall install:[o ] Comments/Problems: Looking at tty4 I see that the key pulled did not match signature. Errors are every ten lines or so indicating libgcc1 was not found and it was needed to check the public key. debbootstrap failed on generic description and the rest should be pretty easy as we cant pass go until the public key resolved. Also see mentions that apt-setup-udeb failed. When downloading installer components I elected every single one. Not sure if that is bad practice or not. Description of the install, in prose, and any thoughts, comments and ideas you had during the initial install. If libgcc1 and apt-setup-udeb were accessible during the installer routines I feel that this may have gone smoother.
Bug#709382: Built-Using, libgcc, and libc_nonshared
On Thu, May 23, 2013 at 01:34:08PM -0700, Russ Allbery wrote: In a discussion of mksh-static (see http://bugs.debian.org/709382), the question of GPL compliance for the source code of the components of libgcc and libc that are incorporated into binaries came up. mksh-static of course links statically and therefore pulls in substantial portions of library source, but there are parts of libgcc and possibly libc that are always incorporated into binaries, even ones that are dynamically linked. I had previously assumed that this did not impose any restrictions on source code availability for the libgcc and libc source because they both have run-time exceptions that basically allow one to incorporate that code into binaries under any other license without following the terms of the GPL or LGPL. However, Thorsten has raised the interesting point that the license of the source code for the binary may be GPL with no exceptions, and therefore under the GPL the resulting compiled executable is covered by the GPL and we have to provide its complete source code. That would seem to include the source for the incorporated static libgcc and libc components, since Debian cannot make use of the operating system component exception in the GPL. FWIW, my understanding is that this is one of the issues that GPLv3 attempted to bugfix with its clarification of the System Libraries exception. So to the extent that this is an issue, I believe it only applies to works that are GPLv2 only. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developerhttp://www.debian.org/ slanga...@ubuntu.com vor...@debian.org signature.asc Description: Digital signature
Bug#709382: mksh: broken Built-Using handling
Russ Allbery dixit: At the time, though, the assumption was that Built-Using would be a fairly rare thing that would only be used for those few score packages that were Build-Depending on *-source packages. And statically linked executables, since that made it into the Policy wording; or possibly, dynamically linked ones that incorporate static libraries from other packages… or Haskell… I think there may be a can of worms or two. I’ve read about the toolchain/-source issues, indeed, but I’m wondering a bit whether a hypothetical statically linked executable from only BSD-licenced sources would need Built-Using (as per current Policy: yes, even though the licences don’t mandate “complete” source availability like the GPL does). Anyway, this probably won’t help us, so I won’t go on with that direction of thought any more. Thanks, //mirabilos -- 08:05⎜XTaran:#grml mika: Does grml have an tool to read Apple ⎜System Log (asl) files? :) 08:08⎜ft:#grml yeah. /bin/rm. ;) 08:09⎜mrud:#grml hexdump -C 08:31⎜XTaran:#grml ft, mrud: *g* -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709382: Built-Using, libgcc, and libc_nonshared
Russ Allbery dixit: If we do need to preserve source for the libcc and libc components incorporated into binary builds, that's going to mean Built-Using for nearly the whole archive, and a lot of complexity on the DAK side. That's obviously not very desirable. We would rather decide that we don't need I’ve tried to draw up an argumentation why this is probably only necessary if the package contains statically linked files, see the discussion in the mentioned bugreport, but IANAL, just have some history in dealing with (mostly OSS) licencing as a hacker, BSD project lead and employee, so TINLA. Interestingly enough, even then, differences from the libcs used can ensue; for dietlibc (GPLv2) it’s pretty clear, but statically linking against klibc *may* and dynamically linking against it *will not* invoke the GPL on the result. (The “may” is because most parts of klibc aren’t GPL, and a quick git grep shows that the C library itself is probably free of GPL code, but I did no throughout analysis except for dietlibc and – for mksh – linking with which libc involves files from which packages.) Also, if we're going to decide that we're not going to track source code for that sort of inclusion, we need to know what the boundaries of that exception or decision are That’s probably the difficult point and why escalating this looked like the best option at that moment. Sorry for raising not just one but two legal issues in one day (but the Creative Commons thing is handled on the upstream side right now, I just asked them to keep us in the loop). bye, //mirabilos -- I believe no one can invent an algorithm. One just happens to hit upon it when God enlightens him. Or only God invents algorithms, we merely copy them. If you don't believe in God, just consider God as Nature if you won't deny existence. -- Coywolf Qi Hunt -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709535: python-keystoneclient: CVE-2013-2013: OpenStack keystone password disclosure on command line
Package: python-keystoneclient Version: 2012.1-3 Severity: important Tags: security patch upstream Hi, the following vulnerability was published for python-keystoneclient. CVE-2013-2013[0]: OpenStack keystone password disclosure on command line Upstream patch is at [1] and introduces the ability for user password to be updated via a command prompt. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities Exposures) id in your changelog entry. For further information see: [0] http://security-tracker.debian.org/tracker/CVE-2013-2013 [1] https://review.openstack.org/#/c/28702/ Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709536: RM: xfce4-utils -- ROM; obsolete
Package: ftp.debian.org Severity: normal Owner: pkg-xfce-de...@lists.alioth.debian.org Hi, again as part of the Xfce 4.10 transition, xfce4-utils package has been obsoleted. No package in unstable should depend on it anymore, and it can be safely removed. Thanks in advance, -- Yves-Alexis -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709415: lintian: false positive for hardening-no-fortify-functions
On 2013-05-23 10:09, Russ Allbery wrote: Niels Thykier ni...@thykier.net writes: To be honest, I have been considering if we should reduce and disable this tag like we did with the stack-protector tag. In terms of accuracy, blhc beats hardening-check/lintian by miles. Even if people/upstreams tend to mistake C{,XX}FLAGS vs. CPPFLAGS, I suspect we would be better off by disabling this tag (e.g. less frustation from our users). The tag would still be available via the debian/extra-hardening profile, so people can opt-in. I'm at least seeing a lot of false positives for a tag that's marked possible. We could drop it to wild-guess, which IIRC would make it info-level instead of a warning, which feels about right for the level of false positive vs. false negative tradeoff we have at the moment. Granted, I have demoted the certainty accordingly. (Thanks for the note about --verbose!) You are welcome. :) It happens to be the way we implement the fp-fn trade-offs. It would be neat to include the list of unprotected functions as additional data for the tag. In the tag description or the tag extra? For the former, the problem might be that the list is (or could be) architecture dependent. For the latter, it would need some changes to hardening-info{,-helper} + c/binaries. But also some consideration to handle 5+ unprotected functions. Example even the following is getting rather lengthy ... hardening-no-fortity-functions path/to/file func1, func2, func3, ... ~Niels -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709537: golang: go fix seems to support only changes since Go 1.0
Package: golang Version: 2:1.1-1 Severity: wishlist While trying to get a ~2yr old Go project to build, I noticed that go fix didn't want to rewrite anything though it was clear that the project hat been written for the pre-1.0 standard library. It would be nice if the rules that were part of the golang-1.0 fix tool could be included in the current fix tool. Cheers, -Hilko -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.8-1-amd64 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages golang depends on: ii golang-doc 2:1.1-1 ii golang-go 2:1.1-1 ii golang-src 2:1.1-1 golang recommends no packages. golang suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709538: RM: xfmpc -- ROM; unmaintained
Package: ftp.debian.org Severity: normal Owner: pkg-xfce-de...@lists.alioth.debian.org Hi, xfmpc was once a small media player for Xfce desktop environment. There was no update since ages and it seems nobody is really interested in it. With the transition to Xfce 4.10, we think it'd be best to let it go so we can focus on more important things. Thanks in advance. Regards, -- Yves-Alexis -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#708838: developers.php: Hide or sort differently co-maintained packages
Hi, Am Donnerstag, den 23.05.2013, 22:06 +0800 schrieb Paul Wise: On Mon, May 20, 2013 at 5:31 PM, Joachim Breitner wrote: ok, I’ll work on it as soon as the other patches have been reviewed and merged (to avoid having to re-do the separate table work afterwards). Patches reviewed, merged and deployed. thanks! Let me know if my code causes any trouble. Greetings, Joachim -- Joachim nomeata Breitner Debian Developer nome...@debian.org | ICQ# 74513189 | GPG-Keyid: 4743206C JID: nome...@joachim-breitner.de | http://people.debian.org/~nomeata signature.asc Description: This is a digitally signed message part
Bug#707102: mirror submission for debian.telsatbb.vu
Hi Simon, :) Yeah, we are pretty small down here... Thanks for the update and thanks very much for your assistance in getting the mirror running. Cheers. Steve. Steve Noorderbroek C.T.O. Telsat Broadband Limited http://www.telsatbb.vu -Original Message- From: Simon Paillard [mailto:spaill...@debian.org] Sent: Friday, 24 May 2013 6:38 AM To: Steve (Telsat Broadband); 707...@bugs.debian.org Cc: 'Steve Noorderbroek' Subject: Re: Bug#707102: mirror submission for debian.telsatbb.vu Hi, On Fri, May 24, 2013 at 01:27:54AM +1100, Steve (Telsat Broadband) wrote: Thanks very much for the listing; however when I checked the mirrors page (http://www.debian.org/mirror/list); it's missing the 'Country Name' above our listing. Vanatu was not recognized as a country by some scripts. Webteam fixed that some hours ago, it should appear on next website build 18:20 KGB-2 taffit webwml english/template/debian/countries.wml * Add Vanuatu (VU): mirror is not yet totally isoquery-friendly -- Simon Paillard -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709382: Built-Using, libgcc, and libc_nonshared
Steve Langasek vor...@debian.org writes: FWIW, my understanding is that this is one of the issues that GPLv3 attempted to bugfix with its clarification of the System Libraries exception. So to the extent that this is an issue, I believe it only applies to works that are GPLv2 only. Indeed, anything in libgcc and libc that would be linked statically seems to me to obviously satisfy the definition of a Standard Interface: A Standard Interface means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language. which means that libgcc is a System Library, and therefore is not part of the Corresponding Source. -- Russ Allbery (r...@debian.org) http://www.eyrie.org/~eagle/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709415: lintian: false positive for hardening-no-fortify-functions
Niels Thykier ni...@thykier.net writes: In the tag description or the tag extra? For the former, the problem might be that the list is (or could be) architecture dependent. For the latter, it would need some changes to hardening-info{,-helper} + c/binaries. But also some consideration to handle 5+ unprotected functions. Example even the following is getting rather lengthy ... hardening-no-fortity-functions path/to/file func1, func2, func3, ... I was thinking the tag extra, just to list the unprotected functions, but it was more a matter of curiosity than anything I think is horribly important. -- Russ Allbery (r...@debian.org) http://www.eyrie.org/~eagle/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709382: Built-Using, libgcc, and libc_nonshared
Russ Allbery dixit: of the GPLv2, the GPLv2 itself requires that all of the *source* for the binary be distributed under the GPLv2. And the libgcc *source* is only available under the GPLv3, and the runtime exception doesn't allow one to distribute the *source* under different terms, only the resulting binary. Ouch! Clearly no one else in the world is worrying about this; there's lots of GPLv2-only software out there and all the distributions are happily The same thing happens with software labelled as “Public Domain”. There are several cases (the authors aggressively sell licences for those who don’t trust their say-so it’s PD (sqlite) and which are to be avoided at any cost; these where the authors say it’s PD (and subsequently don’t care nor sue) but it isn’t (e.g. if you’re in a country where you can’t dedicate something into PD by yourself, or if some conditions are met, even for USA), or legitimate PD in *one* country (often stuff done by government)), but there is no such thing as global PD as it’s by its definition absence of copyright protection, and the Berne Convention only harmonises copyright protection, so something PD in one country is proprietary in all others in virtually all cases… but this issue only has popped up on the OSI mailing list, and so far, almost nobody cares (I try to get “fallback” clauses from authors myself, succeeded for some, failed for most). I'm not sure to what extent we can use that as an excuse, though. I guess until you come in front of a court. But there’s the other thing: if a distro/OS promises to use only code with (known) good licences, so that their users can rely on it, like http://www.openbsd.org/goals.html (second list item), one probably does not _want_ to have “grey zone” in their distri‐ bution, so it may be good to be proactive. There’s something else about Built-Using: Are those source packages (that would not otherwise be kept in the archive) released along with “stable”, despite having no binary packages? If not… well, since snapshot.d.o is an official service now, I’d say, point there for the “legal” side, and only require Built-Using to be used for the cases where it’s desireable to have this information present more explicitly, that is, the original toolchain and embedding stuff, possibly static linking and Haskell. Pragmatic but probably doable, and since quite some time, sbuild records (in the build log) the versions of the toolchain packages installed already anyway, so we just need to put build logs into the snapshots archive as well; I believe they’re deleted when an architecture moves off the main archive (to d-ports, or because it’s no longer even in oldstable) normally. bye, //mirabilos -- Using Lynx is like wearing a really good pair of shades: cuts out the glare and harmful UV (ultra-vanity), and you feel so-o-o COOL. -- Henry Nelson, March 1999 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709382: Built-Using, libgcc, and libc_nonshared
On Thu, 23 May 2013, Steve Langasek wrote: FWIW, my understanding is that this is one of the issues that GPLv3 attempted to bugfix with its clarification of the System Libraries exception. So to the extent that this is an issue, I believe it only applies to works that are GPLv2 only. Right. This is one of the many reasons why GPLv2-only works are problematic when they link with works under non-GPLv2 compliant licenses without appropriate licensing exceptions. -- Don Armstrong http://www.donarmstrong.com NASCAR is a Yankee conspiracy to keep you all placated so the South won't rise again. -- http://www.questionablecontent.net/view.php?comic=327 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709382: Built-Using, libgcc, and libc_nonshared
Thorsten Glaser t...@mirbsd.de writes: There’s something else about Built-Using: Are those source packages (that would not otherwise be kept in the archive) released along with “stable”, despite having no binary packages? Yes, I believe that's how the implementation works. If not… well, since snapshot.d.o is an official service now, I’d say, point there for the “legal” side, and only require Built-Using to be used for the cases where it’s desireable to have this information present more explicitly, that is, the original toolchain and embedding stuff, possibly static linking and Haskell. Pragmatic but probably doable, and since quite some time, sbuild records (in the build log) the versions of the toolchain packages installed already anyway, so we just need to put build logs into the snapshots archive as well; I believe they’re deleted when an architecture moves off the main archive (to d-ports, or because it’s no longer even in oldstable) normally. Hm, that's an interesting point, indeed. -- Russ Allbery (r...@debian.org) http://www.eyrie.org/~eagle/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#305736: [xml/sgml-pkgs] sgml-data: non-standard XML ISO entity file names
Am Dienstag, den 21.05.2013, 00:10 +0900 schrieb Osamu Aoki: Hi, Since my debiandoc-sgml depends on this package and this has been orphaned, I decided to take over and updated package in modern style. As for this bug, http://bugs.debian.org/305736 in message #20: Michael Smith sm...@xml-doc.org writes: I guess it doesn't hurt, as long as the filenames of the *.ent files are consistent between the dbcentx.mod file and the filenames in /usr/share/xml/entities/xml-iso-entities-8879.1986/ [...] So I think maybe sgml-data needs to be updated so that /usr/share/xml/entities/xml-iso-entities-8879.1986/ includes the filenames like isoamsa.ent. They can just be made symlinks to, e.g., ISOamsa.ent. I agree. I'll redirect this bug to sgml-data. I wonder why I was using the upper cased versions in the first place. As I see the content of the catalog/catalog.xml file in xml side, !-- derived from V0.3, see http://www.oasis-open.org/committees/docbook/xmlcharent/ Note: file names changed to comply with LSB SGML/XML Recommendations, R006 So this seems to have some reason and the above link is dead link. Can anyone elucidate me. There are only 2 bugs on this package and both seems to be the same issue. The files are officially named this way: http://www.w3.org/2003/entities/iso8879/ Please note, that sgml-data needs an update of several files and of some catalogs. The Public identifiers have changed too. Attached is a local diff against what I've already committed to the debian-xml-sgml subversion tree: svn+ssh://svn.debian.org/svn/debian-xml-sgml/packages/sgml-data I hope, you'll find it useful. It also contains an update to the debian/copyright file. HTH and regards, Daniel Index: branches/experimental/debian/copyright === --- branches/experimental/debian/copyright (Revision 2170) +++ branches/experimental/debian/copyright (Arbeitskopie) @@ -1,7 +1,105 @@ This package was originally Debianized by Susan G. Kleinmann s...@kleinmann.com on Thu, 13 Feb 1997. Maintenance is now handled -by Adam Di Carlo a...@debian.org. +by Adam Di Carlo a...@debian.org and the Debian XML/SGML Group +debian-xml-sgml-p...@lists.alioth.debian.org. +== + +Files: sgml/declaration/big5sgml*.decl, sgml/dtd/rdf.dtd +Files: xml/declaration/big5xml.decl +Upstream-Maintainer: Rick Jelliffe ri...@gate.sinica.edu.tw +Upstream-Source: http://xml.ascc.net/xml/resource/ +Copyright: Copyright 1999 Academia Sinica Computing Centre +License: MPL | GPL + +Files: sgml/entities/Hewlett-Packard +Upstream-Name: Hewlett-Packard DTDs and entities +Upstream-Maintainer: Hewlett-Packard Company +Upstream-Source: none +Copyright: Copyright 1987-1994 Hewlett-Packard Company +License: other + Permission to use, copy, and distribute this Document Type + Definition (DTD) entity set is hereby granted, provided that the above + copyright notice appear in all copies and that both that copyright + notice and this permission notice appear in supporting hardcopy and + online documentation. All other rights reserved. + . + The name of Hewlett-Packard Company or the Hewlett-Packard logo may + not be used in advertising or publicity pertaining to distribution + of this DTD without specific, written prior permission. + Hewlett-Packard Company makes no representations about the + suitability of this DTD for any purpose. It is provided as is + without express or implied warranty. + . + Hewlett-Packard disclaims all warranties with regard to this DTD, + including all implied warranties of merchantability and fitness, in + no event shall Hewlett-Packard Company be liable for any special, + indirect or consequential damages or any damages whatsoever + resulting from loss of use, data or profits, whether in an action + of contract, negligence or other tortious action, arising out of or + in connection with the use or performance of this DTD. + +Files: sgml/entities/sgml-iso-entities-8879.1986/ISO* +Upstream-Name: 8879:1965 entity sets +Upstream-Source: ftp://ftp.ifi.uio.no/pub/SGML/ENTITIES/ +Copyright: Copyright 1986 International Organization for Standardization +License: other + Permission to copy in any form is granted for use with + conforming SGML systems and applications as defined in + ISO 8879, provided this notice is included in all copies. + +Files: sgml/entities/sgml-iso-entities-9573-13.1991/ISO* +Upstream-Name: ISO 9573-13:1991 entity sets +Upstream-Maintainer: Anders Berglund +Upstream-Source: http://xml.coverpages.org/ptext13.zip +Copyright: Copyright 1991 International Organization for Standardization +License: other + Permission to copy in any form is granted for use with + conforming SGML systems and applications as defined in + ISO 8879, provided this notice is included in all copies. + +Files:
Bug#709539: ITP: deltarpm -- Tools to create and apply deltarpms
Package: wnpp Severity: wishlist Owner: Mike Miller mtmil...@ieee.org * Package name: deltarpm Version : 3.5 Upstream Author : Michael Schroeder m...@suse.de * URL : http://gitorious.org/deltarpm/deltarpm * License : BSD Programming Lang: C, Python Description : Tools to create and apply deltarpms A deltarpm contains the differences between an old and a new version of an RPM. This makes it possible to recreate the new RPM from the deltarpm and the old RPM. . On Debian and derived systems these tools may be useful for creating and maintaining repositories of RPM packages. This package is a dependency of the latest version of createrepo (#673958) and will be a dependency of the next version of yum. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#556173: libc-bin: introduces custom manual pages / manpages package
Hi, On Sat, Nov 14, 2009 at 12:34:55AM +0100, Petr Baudis wrote: Package: libc-bin Version: 2.10.1-5 Severity: wishlist The Debian glibc package introduces a number of custom manual pages which are not in any kind of upstream and thus cannot be shared with the rest of Linux community, which is quite unfortunate, since it reduces usability of other Linux distributions but also reduces quality of the documentation since less people see it and work on it. While upstream glibc does not maintain any manual pages, the linux-man-pages projects collects all kind of Linux-related manual pages, including glibc-specific manual pages not only on the API, but also on tools (like ldd). It would be great if the Debian-specific manual pages could be submitted there for review and inclusion. For some manual pages that _are_ upstream, e.g. ldd.1, the upstream version is more up-to-date than the version currently included; this should also demonstrate the value of taking these manpages from upstream. :) On this subject, manpages-linux provides some manpages which are installed by manpages packages today: libc-bin: ldd.1|ldconfig.8|ld.so.8|gai.conf.5 You can find libc-bin and manpages copy of these manpages at: http://people.debian.org/~spaillard/libc-or-manpages/ Except ldconfig.8 which are better in libc-bin IMO, all other could be installed by manpages. Some per-page bugs were reported earlier: #564874 ld.so.8 an old request arrived too late for Wheezy, and ld.so by manpages-linux provides way more details. #665303 getent.1 has been fixed some month ago If you agree with this, the next manpages{,dev} upload will replace libc-bin with appropriate version, then you can drop them. -- Simon Paillard -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709365: lintian: check for standard license short names
On Thu, 23 May 2013 17:03:49 +0200, Jakub Wilk wrote: What Lintian could do is to parse the full license text, see if it matches any standard license, and if it does then emit the tag. But that's far from trivial to implement. Ack. Maybe libdebian-copyright-perl (and/or libsoftware-license-perl) and/or libconfig-model-dpkg-perl could help here? Cheers, gregor -- .''`. Homepage: http://info.comodo.priv.at/ - OpenPGP key 0xBB3A68018649AA06 : :' : Debian GNU/Linux user, admin, and developer - http://www.debian.org/ `. `' Member of VIBE!AT SPI, fellow of the Free Software Foundation Europe `- NP: The Sandpebbles: Zombie Jamboree signature.asc Description: Digital signature
Bug#709382: Built-Using, libgcc, and libc_nonshared
Russ Allbery dixit: Thorsten Glaser t...@mirbsd.de writes: If not… well, since snapshot.d.o is an official service now, I’d say, […] Hm, that's an interesting point, indeed. Are those source packages (that would not otherwise be kept in the archive) released along with “stable”, despite having no binary packages? Yes, I believe that's how the implementation works. In that case, require B-U only for those where we want or need to have them in the release. (And schedule binNMUs on “unproblematic” packages shortly before the release, to keep even that number down. Of course, this *may* introduce new bugs, but in that case the package was (hiddenly) RC-buggy in the first place. And we’d probably want the binNMU to happen in testing/frozen not in unstable, at that point… well, jessie’s a long way, so some part of this may, as crazy as it sounds, even look acceptable. Or not. Just random ideas.) bye, //mirabilos -- Yay for having to rewrite other people's Bash scripts because bash suddenly stopped supporting the bash extensions they make use of -- Tonnerre Lombard in #nosec -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709540: subunit: Depends on python{3} -dev packages despite arch all content
Package: subunit Version: 0.0.10-2 Severity: normal Tags: patch All of the python or python3 code appears to be pure python. There's no need to depend on the -dev packages or use python{3}-Provides. Patch attached. diff -Nru subunit-0.0.10/debian/changelog subunit-0.0.10/debian/changelog --- subunit-0.0.10/debian/changelog 2013-05-11 03:57:56.0 -0400 +++ subunit-0.0.10/debian/changelog 2013-05-23 17:25:39.0 -0400 @@ -1,3 +1,12 @@ +subunit (0.0.10-3) UNRELEASED; urgency=low + + * Switch python{3}-all-dev build-depends to python{3}-all becuase there +is no architecture specific python{3} content in the package + * Drop unneeded python{3}:Provides - not generally useful and specifically +not appropriate for arch all packages + + -- Scott Kitterman sc...@kitterman.com Thu, 23 May 2013 17:23:20 -0400 + subunit (0.0.10-2) unstable; urgency=low * Uploading to unstable. diff -Nru subunit-0.0.10/debian/control subunit-0.0.10/debian/control --- subunit-0.0.10/debian/control 2012-11-05 16:23:05.0 -0500 +++ subunit-0.0.10/debian/control 2013-05-23 17:23:16.0 -0400 @@ -5,8 +5,8 @@ Uploaders: Robert Collins robe...@robertcollins.net Build-Depends: debhelper (= 9), python-dev (= 2.6.6-3), -python-all-dev (= 2.6.6-3), -python3-all-dev, +python-all (= 2.6.6-3), +python3-all, autoconf (= 2.59), automake, libtool, @@ -51,7 +51,6 @@ Package: python-subunit Architecture: all -Provides: ${python:Provides} Depends: ${python:Depends}, ${misc:Depends}, python-testtools (= 0.9.4) Section: python @@ -64,7 +63,6 @@ Package: python3-subunit Architecture: all -Provides: ${python3:Provides} Depends: ${python3:Depends}, ${misc:Depends}, python3-testtools (= 0.9.4) Section: python
Bug#709541: popt: quilt Build-Depends is unnecessary
Source: popt Version: 1.16-7 Severity: wishlist As the subject says: since popt switched to 3.0 (quilt), there's no need for a Build-Depends on quilt anymore. (The context I found this in: my pbuildd project aims to bootstrap the Debian archive from source packages and a minimal starting chroot. popt comes into the chain early due to: debhelper Depends on man-db man-db Build-Depends on pkg-config pkg-config Build-Depends on libpopt-dev At this early stage, quilt is harder to bootstrap; so popt's extraneous Build-Depends on quilt makes things harder than they need to be.) -- Daniel Schepler
Bug#709542: ftp.debian.org: RM: zsh-beta -- RoM; obsoleted by zsh
Package: ftp.debian.org Severity: normal Dear FTP-Masters, please remove the zsh-beta source package from Sid. (AFAIK it should be removed from Testing automatically afterwards, too.) The zsh source package in Sid and Testing now builds transitional packages from zsh-beta and zsh-beta-doc towards the zsh and zsh-doc binary packages. The transition from zsh-beta to zsh was discussed on pkg-zsh-devel mailing list back in September 2012, but was considered too late for Wheezy: http://lists.alioth.debian.org/pipermail/pkg-zsh-devel/2012-September/thread.html While the Debian Zsh Maintainers team took over the zsh source package from Clint about two years ago, the zsh-beta source package stayed with Clint. Hence it's only half way an RoM. But see http://lists.alioth.debian.org/pipermail/pkg-zsh-devel/2012-September/000520.html for Clint's comment on the zsh-beta transition and removal plans. Regards, Axel -- ,''`. | Axel Beckert a...@debian.org, http://people.debian.org/~abe/ : :' : | Debian Developer, ftp.ch.debian.org Admin `. `' | 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE `-| 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709542: ftp.debian.org: RM: zsh-beta -- RoM; obsoleted by zsh
On Fri, 2013-05-24 at 00:04 +0200, Axel Beckert wrote: please remove the zsh-beta source package from Sid. (AFAIK it should be removed from Testing automatically afterwards, too.) In general, yes. However, britney's one step ahead of you and already dropped it yesterday morning. :-) Regards, Adam -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#709543: Wired network interface is configured as unmanaged by NM in wheezy xfce-live
Package: network-manager Version: 0.9.4.0-10 Severity: serious Hi. This is my first bug report, so i'm sorry if it's not up to standards. I recently helped a friend to install wheezy from the xfce live-cd, and after installation the wired network-card used during installation was unmanaged by network-manager. I searched through old bugs and found the problem was up before, seemed to be fixed for squeeze, and somehow managed to get to wheezy and fixed again? (#699213) Either way, i'm not sure if it only affect wired or also wireless since I don't have the opportunity to try it with wireless now. I changed the network-manager config like so... /etc/NetworkManager/NetworkManager.conf [ifupdown] managed=true Now it works fine, but it should have worked by default. My friend almost switched to another distro because of the issue ;-) Thanks for a great system, cheers! -- System Information: Debian Release: 7.0 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages network-manager depends on: ii adduser3.113+nmu3 ii dbus 1.6.8-1 ii dpkg 1.16.10 ii isc-dhcp-client4.2.2.dfsg.1-5+deb70u3 ii libc6 2.13-38 ii libdbus-1-31.6.8-1 ii libdbus-glib-1-2 0.100.2-1 ii libgcrypt111.5.0-5 ii libglib2.0-0 2.33.12+really2.32.4-5 ii libgnutls262.12.20-6 ii libgudev-1.0-0 175-7.2 ii libnl-3-2003.2.7-4 ii libnl-genl-3-200 3.2.7-4 ii libnl-route-3-200 3.2.7-4 ii libnm-glib40.9.4.0-10 ii libnm-util20.9.4.0-10 ii libpolkit-gobject-1-0 0.105-3 ii libuuid1 2.20.1-5.3 ii lsb-base 4.1+Debian8 ii udev 175-7.2 ii wpasupplicant 1.0-3+b1 Versions of packages network-manager recommends: ii crda 1.1.2-1 ii dnsmasq-base 2.62-3+deb7u1 ii iptables 1.4.14-3.1 ii modemmanager 0.5.2.0-2 ii policykit-1 0.105-3 ii ppp 2.4.5-5.1+b1 Versions of packages network-manager suggests: ii avahi-autoipd 0.6.31-2 -- Configuration Files: /etc/NetworkManager/NetworkManager.conf changed: [main] plugins=ifupdown,keyfile [ifupdown] managed=true /etc/polkit-1/localauthority/10-vendor.d/org.freedesktop.NetworkManager. pkla [Errno 13] Permission denied: u'/etc/polkit-1/localauthority/10-vendor.d/org.freedesktop.NetworkManage r.pkla' -- no debconf information Ppfont face=Arial, Helvetica, sans-serif size=2 style=font-size:13.5px___BRAnnons: a href=http://blimedlem.spray.se/;Skaffa Spray Mail du också - Gratis, enkelt och säkert!/a/font