Bug#855589: mandos: Seems not to be honoring zeroconf option at mandos.conf

[Pablo Abelenda]

On 02/22/2017 10:42 PM, Teddy Hogeborn wrote:
> Pablo Abelenda  writes:
> 
>> Package: mandos
>> Version: 1.6.9
>> Severity: normal
>> Tags: patch
>>
>> Dear Maintainer,
>>
>> 
>> I've also looked to the sid package as well, and seems to be having
>> the same issue.
>>
>> Many thanks in advance for taking care of this.
> 
> Many thanks for the bug report and fix!  It seems the "restore" options
> was also affected by the same bug.  I have committed a fix to trunk; I
> will make a full release with this after I have made some tests.
> 
> /Teddy Hogeborn
> 

Many thanks for the quick fix and the awesome work on Mandos.

Cheers!

-- 
Pablo Abelenda



signature.asc
Description: OpenPGP digital signature

Bug#856243: packagekit should be recommended

[Andreas Maus]

Good morning everyone.

To join a domain the packagekit package is required too:

! PackageKit not available: The name org.freedesktop.PackageKit was not 
provided by any .service files

Because other operations are working, it may be
wise to add packagekit to the "Recommends" section of the realmd
package.

So long,

Andreas Maus.

-- 
"Things that try to look like things often do
 look more like things than things. Well-known fact."
Granny Weatherwax - "Wyrd sisters"


signature.asc
Description: PGP signature

Bug#856224: gcc-6: Please enable PIE on ppc64

[Mathieu Malaterre]

On Sun, Feb 26, 2017 at 7:33 PM, John Paul Adrian Glaubitz
 wrote:
[...]
> Since PIE is already enabled for ppc64el, I think we should also enable
> it for ppc64 to mitigate this problem.
[...]

Would it be possible to also activate PIE on powerpc ? The test suite
is also failing for the exact same symptoms:

https://buildd.debian.org/status/fetch.php?pkg=cmake&arch=powerpc&ver=3.7.2-1&stamp=1484605274&raw=0

Bug#856187: (no subject)

[Fabrice Dagorn]

Dear Maintainer,

here is a patch for your 2.8-2 package fixing this bug.
Sorry for #856198, I thought it would help.

Regards,
 Fabrice Dagorn

Index: entropybroker-2.8/handle_client.cpp
===
--- entropybroker-2.8.orig/handle_client.cpp
+++ entropybroker-2.8/handle_client.cpp
@@ -698,23 +698,35 @@ void main_loop(std::vector *
 			// this way we go through each fd in the process_pipe_from_client_thread part
 			// so that we detect closed fds
 			int set = 0;
+			int failed = 0;
 			for(unsigned int i=0; i at(loop) -> to_main[0] && fds.at(i).revents & POLLIN) {
-	set = 1;
-	break;
+if(fds.at(i).fd == clients -> at(loop) -> to_main[0])
+{
+	if(fds.at(i).revents & POLLIN)
+	{
+		set = 1;
+		break;
+	}
+	if(fds.at(i).revents & (POLLERR|POLLHUP|POLLNVAL))
+	{
+		failed = 1;
+		break;
+	}
 };
 			};
 			if(rc > 0 && set == 1 ) {
 
 if (process_pipe_from_client_thread(clients -> at(loop), &msgs_clients, &msgs_servers) == -1)
-{
-	dolog(LOG_INFO, "main|connection with %s/%s lost", clients -> at(loop) -> host.c_str(), clients -> at(loop) -> type.c_str());
+	failed = 1;
+			}
+			if(rc > 0 && failed == 1 ) {
 
-	user_map -> inc_misc_errors(clients -> at(loop) -> username);
-	gs -> inc_misc_errors();
+dolog(LOG_INFO, "main|connection with %s/%s lost", clients -> at(loop) -> host.c_str(), clients -> at(loop) -> type.c_str());
 
-	delete_ids.push_back(&clients -> at(loop) -> th);
-}
+user_map -> inc_misc_errors(clients -> at(loop) -> username);
+gs -> inc_misc_errors();
+
+delete_ids.push_back(&clients -> at(loop) -> th);
 			}
 		}

Bug#856245: [INTL:es] Spanish translation of the debconf template openvas-scanner

[Gianfranco Costamagna]

Hi SZ,


>Thanks for your contribution. However, the content of es.po seems like the 
>same with Bug#855612. The only different is that the new file add ^M carriage 
>return in >each end of line.


there is a little difference at the end of the file, this is why I committed it
-"y /etc/redis/redis.conf se actualizará."
+"y se actualizará el archivo /etc/redis/redis.conf."

(I think #856245 is just a mistake, probably he wasn't sure that adding a new 
revision on the old bug
was enough to get it committed)


G.

Bug#852623: sitesummary-client fails to submit data

[Petter Reinholdtsen]

[Holger Levsen
> I've decided to just go the simple route as shown above. The fix will
> hit us in jessie with the next apache2 security update, so??? meh.

The apache update hit a few hours ago, and block all jessie clients from
reporting to their sitesummary collector running Jessie.

This is quite bad, as it break updates to the Nagios configuration for those
of us using the configuration generated by Sitesummary.

Anyone planning a backport to Jessie?

-- 
Happy hacking
Petter Reinholdtsen

Bug#856180: Reproduced in testing

[Carsten Schoenert]

Hello J.P.,

On Sun, Feb 26, 2017 at 07:02:09PM -0800, J.P. Larocque wrote:
> I read that I shouldn't be reporting bugs in packages from backports
> (sorry about that), so I installed a fresh copy of Stretch, installed
> kicad in that VM, and reproduced the issue in the above version of the
> package.

can you please check if there is a upstream bug report about this issue?
If so, can you point to the report or if not, can you create a new
upstream report?

https://bugs.launchpad.net/kicad

We can't fix this issue on our own so we need to forward this issue
clearly.

Regards
Carsten

Bug#830601: Interested to assist in packaging matrix-synapse

[Sunil Mohan Adapa]

On Tuesday 21 February 2017 08:54 PM, Andrew Shadura wrote:
[...]
> Thanks for your offer. I have pulled your changes and incorporated most
> of them into my packaging repo, which will be soon available at the
> following URL:
> 
> https://anonscm.debian.org/cgit/collab-maint/matrix-synapse.git/
> 
> I have also uploaded matrix-synapse to NEW, I hope it gets approved soon.

Thank you for the fantastic work on matrix-synapse and quick merge and
upload.

I see that the package was in the NEW queue for some time and is no
longer there.  Having waited for the package to appear in
tracker.debian.org or packages.debian.org, I am wondering if it was
rejected for some reason and we have some more work on our hands.

-- 
Sunil

Bug#856186: iotop does not show writes

[Paul Wise]

On Sun, 2017-02-26 at 11:18 +0100, Frank Breitling wrote:

> I didn't mean that it does not show any write access.
> But some gets lost.
> I see this problem in a long term monitoring with low disk activity.

Do you have any examples of situations where you see this issue?
Please list the exact commands you have used to reproduce this.

It is likely that the issue you are seeing is one of two things:

 * The Linux kernel not returning the information you want it to.
 * The processes that are doing writes disappearing before the timer.

> The interactive mode is not useful for this, since its entries disappear.

Please try it anyway.

BTW:

iotop and iostat are quite different programs that are not comparable.

I think something like fatrace might be better for your needs,
but it is hard to tell what your are actually looking for here.

-- 
bye,
pabs

https://wiki.debian.org/PaulWise


signature.asc
Description: This is a digitally signed message part

Bug#856245: [INTL:es] Spanish translation of the debconf template openvas-scanner

[林上智]

Hi Jathan,

Thanks for your contribution. However, the content of es.po seems like the
same with Bug#855612. The only different is that the new file add ^M
carriage return in each end of line.

Do you have any concern on it?

--

SZ Lin (林上智) , *http://people.debian.org/~szlin
*

Debian Developer, debian.org.tw Admin

178F 8338 B314 01E3 04FC 44BA A959 B38A 9561 F3F9


2017-02-27 0:37 GMT+08:00 jathan :

> Package: openvas-scanner
> Severity: wishlist
>
>
> Hi,
>
> please find attached the Spanish debconf translation of openvas-scanner.
>
> Regards,
> Jathan
>
> --
> Por favor evita enviarme adjuntos en formato de word o powerpoint, si
> quieres saber porque lee esto:
> http://www.gnu.org/philosophy/no-word-attachments.es.html
> ¡Cámbiate a GNU/Linux! http://getgnulinux.org/es
>
>
>
>
>

Bug#856262: unblock: forensics-extra/1.7

[Joao Eriberto Mota Filho]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package forensics-extra.

Some considerations:

  * This is a meta-package and it was unavailable to i386 arch because depends
of pyrit. See here[1]. Consequently, wifite was affected too. The solution
to make forensics-extra installable over i386 was move pyrit and wifite
from Depends field to Recommends.

[1] https://lists.debian.org/debian-mentors/2017/02/msg00180.html

  * The package was already uploaded to Sid and it builds correctly as all
(architecture independent).

  * There is a debdiff attached.

  * The debian/changelog says:

forensics-extra (1.7) unstable; urgency=medium

  * debian/control: moved wifite, affected by pyrit (see previous 
changelog),
to Recommends field in forensics-extra package.

 -- Joao Eriberto Mota Filho   Mon, 27 Feb 2017 
01:21:19 -0300

forensics-extra (1.6) unstable; urgency=medium

  * debian/control: moved pyrit to Recommends field, in forensics-extra
package, because it is not building over i386 arch. See:
https://lists.debian.org/debian-mentors/2017/02/msg00180.html

 -- Joao Eriberto Mota Filho   Sat, 25 Feb 2017 
14:05:30 -0300


Thanks in advance.

Regards,

Eriberto
diff -Nru forensics-extra-1.5/debian/changelog 
forensics-extra-1.7/debian/changelog
--- forensics-extra-1.5/debian/changelog2017-01-24 16:50:24.0 
-0200
+++ forensics-extra-1.7/debian/changelog2017-02-27 01:21:19.0 
-0300
@@ -1,3 +1,18 @@
+forensics-extra (1.7) unstable; urgency=medium
+
+  * debian/control: moved wifite, affected by pyrit (see previous changelog),
+to Recommends field in forensics-extra package.
+
+ -- Joao Eriberto Mota Filho   Mon, 27 Feb 2017 01:21:19 
-0300
+
+forensics-extra (1.6) unstable; urgency=medium
+
+  * debian/control: moved pyrit to Recommends field, in forensics-extra
+package, because it is not building over i386 arch. See:
+https://lists.debian.org/debian-mentors/2017/02/msg00180.html
+
+ -- Joao Eriberto Mota Filho   Sat, 25 Feb 2017 14:05:30 
-0300
+
 forensics-extra (1.5) unstable; urgency=medium
 
   * Updated the copyright years.
diff -Nru forensics-extra-1.5/debian/control forensics-extra-1.7/debian/control
--- forensics-extra-1.5/debian/control  2017-01-24 16:50:24.0 -0200
+++ forensics-extra-1.7/debian/control  2017-02-27 01:21:19.0 -0300
@@ -11,6 +11,7 @@
 
 Package: forensics-extra
 Architecture: all
+Recommends: pyrit, wifite
 Depends: aircrack-ng,
  bfbtester,
  binutils,
@@ -76,7 +77,6 @@
  pev,
  polenum,
  poppler-utils,
- pyrit,
  rarcrack,
  samdump2,
  sipcrack,
@@ -121,7 +121,6 @@
  wgaelic,
  wgerman-medical,
  whois,
- wifite,
  wirish,
  witalian,
  wmanx,

Bug#855789: aliasing bug while setting array sizes

[Conrad Sand]

Hello,

I'm the upstream author of Armadillo.

In Armadillo 7.600.2, there are bugs in the conv() and conv2()
functions. The conv() and conv2() functions are used for signal and
image processing (convolutions). The bugs are exposed when the output of
the conv() or conv2() functions is set to be the same variable as one of
the input arguments (ie. the output variable is aliasing one of the
input variable). For example, the following will trigger the bugs:
  y = conv(y,x)
  y = conv2(y,x);

These are in effect data corruption bugs.

The patch (as listed by Kumar Appaiah in bug 855...@bugs.debian.org)
fixes the aliasing bugs by moving the initialisation of the output array
to be done after pre-processing of the input arrays.

The patch is a pure bug fix, and there is no new functionality
introduced.

With regards,
Conrad


On 21 February 2017 at 05:15, Ivo De Decker wrote:
> Control: tags -1 moreinfo
>
> Hi,
>
> On Mon, Feb 20, 2017 at 08:57:32PM +0530, Kumar Appaiah wrote:
>> Please unblock package armadillo. Upstream has sent the following
>> patch as a bug fix. I have CCed upstream (Conrad) here for any
>> questions that may arise.
>>
>> Please let me know if there is any further clarification or action
>> required from my side.
>
> There is no reference to any bug which describes the issue that is fixed.
> Could you add that (and remove the moreinfo tag from this bug when you do so)?
>
> Cheers,
>
> Ivo
>

Bug#856261: Please upload latest release

[Louis-Philippe Véronneau]

Package: brewtarget

Hi!

This package has not seen any update for a while now and since the
latest upload, 2 releases have been made (2.2 and 2.3).

Could you please either upload the latest one (2.3) or mark this package
as orphaned?

Thanks,

-- 
pollo



signature.asc
Description: OpenPGP digital signature

Bug#827203: Found problem with schematic

[J.P. Larocque]

Hi P.W.,

I happened to find your bug report.  Because it was a little bit
alarming, I wanted to see if I could reproduce it.  I could reproduce
what you saw (the merged nets), but I found that the cause was a wire
which was graphically hidden by the edge of the hierarchical sheet.

There is a wire segment on the root sheet (bug_hlabels.sch) directly
between the hierarchical sheet pins cd1 (6.150, 2.300) and cd2 (6.150,
2.450).  If you move the sheet out of the way, you can see the wire.

I've attached screenshots to help illustrate.

I guess this might leave something to be desired in the UI, but it was
possible to track down the cause by moving things and deleting them.

Hope this helps,

-- 
J.P. Larocque 

Bug#856260: needrestart: always says newer kfreebsd kernel available

[Michael Gilbert]

package: needrestart
severity: minor
version: 2.11-2

Needrestart's apt hook on kfreebsd always says that a newer kernel is
available even though the kfreebsd kernel package has not changed.

Best wishes,
Mike

Bug#856259: wpasupplicant: missing dependency on ifupdown

[Michael Gilbert]

package: wpasupplicant
severity: serious
justification: policy 3.5
version: 2.5-2+v2.4-3, 2:2.4-1

wpasupplicant relies on ifupdown, but there is no relationship to it
declared in the packaging.

For example, without ifupdown installed running these commands:

# ifconfig wlan0 create wlandev iwn0
# wpa_supplicant -i wlan0 -c wpa.conf

causes the wpa_supplicant process to hang using 100% CPU.

Once ifupdown is installed, the exact same set of commands and same
conf file, wpasupplicant correctly connects to my access point.

Best wishes,
Mike

Bug#856211: anna: please implement SHA256 verification of .udeb files

[Cyril Brulebois]

Steven Chamberlain  (2017-02-26):
> To date, anna still only implements MD5 verification of .udeb files,
> despite its formal deprecation as a digital signature algorithm by
> RFC6151 (2011) and recommendations of academic literature years prior.
> 
> The files are typically downloaded via insecure HTTP transport, so the
> checksum verification is critical for the security of the installed
> system.  stretch is expected to be a supported release until 2022.  So
> I'm tentatively filing this bug as RC-severity.
> 
> Further context and an overview of related bugs will be published at:
> https://wiki.debian.org/InstallerDebacle

AFAICT net-retriever does the fetching and checking work?


KiBi.


signature.asc
Description: Digital signature

Bug#856180: Reproduced in testing

[J.P. Larocque]

Control: found -1 kicad/4.0.5+dfsg1-4

I read that I shouldn't be reporting bugs in packages from backports
(sorry about that), so I installed a fresh copy of Stretch, installed
kicad in that VM, and reproduced the issue in the above version of the
package.

-- 
J.P. Larocque 

Bug#856248: trydiffoscope: traceback with "500 Server Error"

[Chris Lamb]

Vagrant Cascadian wrote:

> Presumably this is an issue server-side, or an API incompatibility

An ussue server-side; am on it. Not entirely sure what's going on
atm…

> I haven't been able to use trydiffoscope for some weeks now

Oh no, you should have filed this earlier!


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#856258: eog renders #3F51B5 as #5F1CB5

[Julian Andres Klode]

Package: eog
Version: 3.20.5-1
Severity: normal

Not sure what's going on, Chrome, Firefox, GIMP, Netsurf, ImageMagick,
and Nautilus' file preview show the correct color, but with eog the
action bar in the attached png becomes purple-ish instead of blue-ish.

Same when converting to a different format, even when converted to
a bmp. Seems like eog does not like this color :(

-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (900, 'unstable'), (500, 'unstable-debug'), (500, 
'buildd-unstable'), (500, 'testing'), (100, 'experimental'), (1, 
'experimental-debug')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages eog depends on:
ii  dconf-gsettings-backend [gsettings-backend]  0.26.0-2+b1
ii  gir1.2-gtk-3.0   3.22.8-1
ii  gir1.2-peas-1.0  1.20.0-1+b1
ii  gsettings-desktop-schemas3.22.0-1
ii  libatk1.0-0  2.22.0-1
ii  libc62.24-9
ii  libcairo21.14.8-1
ii  libexempi3   2.4.2-1
ii  libexif120.6.21-2
ii  libgdk-pixbuf2.0-0   2.36.5-2
ii  libgirepository-1.0-11.50.0-1+b1
ii  libglib2.0-0 2.50.3-1
ii  libgnome-desktop-3-123.22.2-1
ii  libgtk-3-0   3.22.8-1
ii  libjpeg62-turbo  1:1.5.1-2
ii  liblcms2-2   2.8-4
ii  libpeas-1.0-01.20.0-1+b1
ii  librsvg2-2   2.40.16-1+b1
ii  libx11-6 2:1.6.4-3
ii  shared-mime-info 1.8-1
ii  zlib1g   1:1.2.8.dfsg-5

Versions of packages eog recommends:
ii  librsvg2-common  2.40.16-1+b1
pn  yelp 

Versions of packages eog suggests:
pn  eog-plugins  

-- no debconf information

-- 
Debian Developer - deb.li/jak | jak-linux.org - free software dev
  |  Ubuntu Core Developer |
When replying, only quote what is necessary, and write each reply
directly below the part(s) it pertains to ('inline').  Thank you.

Bug#856257: tunnelx: please make the build reproducible

[Dhole]

Source: tunnelx
Version: 20160713-3
Severity: wishlist
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: randomness
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org

Hi,

While working on the "reproducible builds" effort [1], we have noticed that
tunnelx could not be built reproducibly.

During the build, two files called 'listdir.txt' containing the list of files in
a directory are created.  These files are created with:
`ls $x | LC_ALL=C sort > $x/listdir.txt`
I believe there is a data race between the creation of the listdir.txt file and
the listing of the directory $x$ by 'ls', causing the listdir.txt entry to
appear sometimes in the file and sometimes not.

The attached patch fixes this by using a temporary hidden '.listdir.txt' file
that is then renamed to 'listdirtxt'. Once applied, tunnelx can be built
reproducibly in our current experimental framework.

 [1]: https://wiki.debian.org/ReproducibleBuilds

Regards,
-- 
Dhole
diff -Nru tunnelx-20160713/debian/changelog tunnelx-20160713/debian/changelog
--- tunnelx-20160713/debian/changelog   2016-11-13 16:28:13.0 +0100
+++ tunnelx-20160713/debian/changelog   2017-02-06 12:07:09.0 +0100
@@ -1,3 +1,11 @@
+tunnelx (20160713-3.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix datarace in the generation of listdir.txt files, making the package
+build reproducible.
+
+ -- Eduard Sanou   Mon, 06 Feb 2017 12:07:09 +0100
+
 tunnelx (20160713-3) unstable; urgency=medium
 
   * Make rebuild reproducible (Closes: #843698)
diff -Nru tunnelx-20160713/debian/rules tunnelx-20160713/debian/rules
--- tunnelx-20160713/debian/rules   2016-11-13 16:25:41.0 +0100
+++ tunnelx-20160713/debian/rules   2017-02-06 12:07:09.0 +0100
@@ -25,6 +25,7 @@
dh_install
set -e; for x in symbols tutorials; do \
rm -f $$x/listdir.txt; \
-   ls $$x | LC_ALL=C sort > $$x/listdir.txt; \
+   ls $$x | LC_ALL=C sort > $$x/.listdir.txt; \
+   mv $$x/.listdir.txt $$x/listdir.txt; \
done
jar uMf debian/tunnelx/usr/share/tunnelx/tunnelx.jar symbols/* 
tutorials/*


signature.asc
Description: PGP signature

Bug#856256: ITP: afaq-dl -- Download/update the sources of anarchism book

[ju xor]

Package: wnpp
Severity: wishlist
Owner: ju xor 

* Package name: afaq-dl
  Version : 1.0.0
  Upstream Author : Name 
* URL : https://0xacab.org/ju/afaq-dl
* License : GPL
  Programming Lang: Python
  Description : Download/update the sources of anarchism book

Download/update the online book An Anarchist FAQ (AFAQ),
convert the HTML to Markdown and push the changes to the afaq repository.

Bug#856151: RFS: gexiv2/0.10.4-2

[Jason Crain]

Control: tags -1 - moreinfo

On Sun, Feb 26, 2017 at 05:12:44PM -0700, Sean Whitton wrote:
> I built the package and then ran Lintian.  It produces an error
> 
> E: libgexiv2-2:
> symbols-file-contains-current-version-with-debian-revision on symbol 
> _ZN5Exiv28XmpdatumaSIlEERS0_RKT_@Base and 1 others

I noticed that those types of errors showed up in a couple of the buildd
logs after the last upload.  It's because this is a C++ library that
exports a C interface.  Most of the C++ symbols are marked as optional
in the symbols file, but it's hard to catch all of them because they
vary between architectures.  My long term plan is to copy something I've
seen in libpoppler-glib and use a regex to mark all C++ symbols as
optional, but I didn't think in a freeze was a good time to do that.

Bug#856151: RFS: gexiv2/0.10.4-2

[Sean Whitton]

control: tag -1 +moreinfo

Dear Jason,

Thank you for fixing the changelog.

I built the package and then ran Lintian.  It produces an error

E: libgexiv2-2:
symbols-file-contains-current-version-with-debian-revision on symbol 
_ZN5Exiv28XmpdatumaSIlEERS0_RKT_@Base and 1 others

-- 
Sean Whitton


signature.asc
Description: PGP signature

Bug#856255: chromium: Enable "Hardware-accelerated video decode" flag

[Esokrates]

Package: chromium
Version: 56.0.2924.76-3
Severity: wishlist

Dear Maintainer,

Chromium is really inefficient at playing back videos due to hardware
accelerated decoding being forbidden on linux thus yielding high cpu usage, you 
can read about the upstream
bug here: https://bugs.chromium.org/p/chromium/issues/detail?id=463440

To summarize: Chromium devs do not want to give users the choice of
being able to control to use hardware acceleration or not.

I ask you to considering the following patch:
https://raw.githubusercontent.com/saiarcot895/chromium-ubuntu-build/master/debian/patches/enable_vaapi_on_linux.diff
and if you have concerns you could additionally set a default flag 
#disable-accelerated-video-decode in order to comply with upstream behaviour 
but leaving users the choice to use hardware accelerated decoding.

Would be nice to get feedback on this issue.

Bug#855930: Bug#853119: Request to take a look at #855930

[Norbert Preining]

> > So lulaatex seems to really use the HOME directory.

PS @Tomasz, that was my question concerning /var writable!
I used a cowbuilder where the building user is root, thus the
font database is built in /var/lib/texmf (TEXMFSYSVAR), while
when run as other user it is ~/.texlive2016/... (TEXMFVAR)

You can do
export TEXMFVAR=/path/to/some/writable/dir
before running the make process to get something similar working.

Best

Norbert

--
PREINING Norbert   http://www.preining.info
Accelia Inc. +JAIST +TeX Live +Debian Developer
GPG: 0x860CDC13   fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13

Bug#855930: Bug#853119: Request to take a look at #855930

[Norbert Preining]

> > So lulaatex seems to really use the HOME directory.

Yes, of course, because it has to update the font database.

Complain to the author of the whole setup about extra
font database in lua format (Hans Hagen of ConTeXt) for
that requirement, but that is the way it is.

Lualatex maintains a database of all the otf/ttf fonts
decomposed into lua code.

Ah and yes, that has been the case already since ages.

Best

Norbert

--
PREINING Norbert   http://www.preining.info
Accelia Inc. +JAIST +TeX Live +Debian Developer
GPG: 0x860CDC13   fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13

Bug#856253: game-data-packager: xcom-ufo.yaml swapped (_orig) names under size_and_md5 section.

[René den Ouden]

Package: game-data-packager
Version: 45
Severity: normal

Dear Maintainer,

Trying out this package on the datafiles needed for openxcom i noticed some 
files were not updated by
the universal-patch. Even though those files are specified in the yaml file.

Upon investigation it turned out those non-updated files were incorrectly 
defined in the md5 section.
E.g. the patched files had "_orig" while the originals did not. Strangely 
enough this is only true for 
a subset of files. Some were corectly defined.

On this machine i've updated said file to produce a correct deb. If desired I 
can provide this file 
(patch or pull request is also possible but it'd require some help since i'm 
unfamiliar with the 
debian way of providing patches).

Regards,

René

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
   * What was the outcome of this action?
   * What outcome did you expect instead?

*** End of the template - remove these template lines ***


-- System Information:
Debian Release: stretch/sid
  APT prefers yakkety-updates
  APT policy: (500, 'yakkety-updates'), (500, 'yakkety-security'), (500, 
'yakkety'), (100, 'yakkety-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.8.0-39-generic (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages game-data-packager depends on:
ii  fakeroot1.21-1ubuntu2
ii  python3 3.5.1-4
ii  python3-debian  0.1.29
ii  python3-yaml3.11-3build1
pn  python3:any 

game-data-packager recommends no packages.

Versions of packages game-data-packager suggests:
pn  arj
ii  binutils   2.27-8ubuntu2
pn  cabextract 
pn  cdparanoia 
pn  dynamite   
ii  gcc4:6.1.1-1ubuntu2
ii  gdebi  0.9.5.7ubuntu1
ii  gir1.2-gdkpixbuf-2.0   2.34.0-1ubuntu2
ii  gir1.2-gtk-3.0 3.20.9-1ubuntu2
ii  gir1.2-pango-1.0   1.40.1-1ubuntu1
pn  innoextract
pn  lgc-pg 
pn  lgogdownloader 
pn  lhasa | jlha-utils | lzh-archiver  
ii  make   4.1-9
pn  p7zip-full 
ii  python3-gi 3.22.0-1
ii  steam  1:1.0.0.52-5ubuntu1
pn  steamcmd   
pn  unace-nonfree  
pn  unar   
pn  unrar  
pn  unshield   
ii  unzip  6.0-20ubuntu1
ii  vorbis-tools   1.4.0-10
pn  xdelta 

-- no debconf information

Bug#855143: unblock: wpa/2.5-2+v2.4-4stretch1

[Cyril Brulebois]

Jonathan Wiltshire  (2017-02-26):
> Needs approval from d-i RM. Debdiff:
> 
> > diff -Nru wpa-2.5-2+v2.4/debian/changelog wpa-2.4/debian/changelog
> > --- wpa-2.5-2+v2.4/debian/changelog 2016-09-14 11:11:05.0 +0200
> > +++ wpa-2.4/debian/changelog2017-02-20 11:55:12.0 +0100
> > @@ -1,3 +1,21 @@
> > +wpa (2:2.4-1) unstable; urgency=medium
> > +
> > +  [ Vincent Danjean ]
> > +  * Build with libssl1.0-dev (Closes: #828601).
> > +  * Add an upstream patch to fix hostapd in SMPS mode (Closes: #854719).
> > +
> > +  [ Andrew Shadura ]
> > +  * Don't install debian/system-sleep/wpasupplicant (originally introduced
> > +to fix LP: #1422143), it doesn't improve the state of the things,
> > +introduces regressions in some cases, and at all isn't supposed to
> > +work with how wpa-supplicant is started these days (Closes: #835648).
> > +  * Bump the epoch to 2:, so that we can set the upstream version to
> > +what we really mean. It also has to be higher than 2.6 in unstable
> > +and 1:2.6 (what hostapd binary package in unstable has).
> > +  * Drop the binary package epoch override.
> > +
> > + -- Andrew Shadura   Mon, 20 Feb 2017 11:55:11 +0100
> > +
> >  wpa (2.5-2+v2.4-3) unstable; urgency=medium
> >  
> >[ Helmut Grohne ]
[…]

No objections, thanks.


KiBi.


signature.asc
Description: Digital signature

Bug#855656: [debian-mysql] Bug#855656: release-notes: update on mysql/mariadb for stretch

[Robie Basak]

On Sun, Feb 26, 2017 at 05:58:08PM +0100, Baptiste Jammet wrote:
> I add an  for the note about binary data file formats not
> backwards compatible, and choose to add default-mysql-* next to
> virtual-mysql-*.

On Mon, Feb 27, 2017 at 10:17:18AM +1100, Vincent McIntyre wrote:
> Good idea. I added a 'for example' to the sentence about installing
> default-mysql-server. Otherwise this seems ready to me.

These look good to me. Thank you for sorting this out for us.

Robie


signature.asc
Description: PGP signature

Bug#855930: Bug#853119: Request to take a look at #855930

[Tomasz Buchert]

On 26/02/17 23:49, Vincent Danjean wrote:
> [...]
>
> And, for more info:
> $ mkdir p
> $ HOME=p lualatex lualatex-example.tex
> This is LuaTeX, Version 0.95.0 (TeX Live 2016/Debian)
> [...]
> luaotfload | db : Font names database not found, generating new one.
> luaotfload | db : This can take several minutes; please be patient.(compiling 
> luc: /var/li
> b/texmf/luatex-cache/generic/fonts/otl/lmroman10-regular.luc)(compiling luc: 
> p/
> .texlive2016/texmf-var/luatex-cache/generic/fonts/otl/lmroman10-regular.luc)(sa
> ve: 
> p/.texlive2016/texmf-var/luatex-cache/generic/fonts/otl/lmroman10-regular.l
> ua)(save: 
> p/.texlive2016/texmf-var/luatex-cache/generic/fonts/otl/lmroman10-reg
> ular.luc)))
> [...]
> $ find p
> p
> p/.texlive2016
> p/.texlive2016/texmf-var
> p/.texlive2016/texmf-var/luatex-cache
> p/.texlive2016/texmf-var/luatex-cache/generic
> p/.texlive2016/texmf-var/luatex-cache/generic/names
> p/.texlive2016/texmf-var/luatex-cache/generic/names/luaotfload-lookup-cache.luc
> p/.texlive2016/texmf-var/luatex-cache/generic/names/luaotfload-names.lua.gz
> p/.texlive2016/texmf-var/luatex-cache/generic/names/luaotfload-names.luc
> p/.texlive2016/texmf-var/luatex-cache/generic/names/luaotfload-lookup-cache.lua
> p/.texlive2016/texmf-var/luatex-cache/generic/fonts
> p/.texlive2016/texmf-var/luatex-cache/generic/fonts/otl
> p/.texlive2016/texmf-var/luatex-cache/generic/fonts/otl/lmroman10-regular.luc
> p/.texlive2016/texmf-var/luatex-cache/generic/fonts/otl/lmroman10-regular.lua
> $
>
> So lulaatex seems to really use the HOME directory.
>
>   Regards,
> Vincent
>

Wow, a really nice find!

Tomasz


signature.asc
Description: PGP signature

Bug#855656: release-notes: update on mysql/mariadb for stretch

[Vincent McIntyre]

On Sun, Feb 26, 2017 at 05:58:08PM +0100, Baptiste Jammet wrote:
> 
> I add an  for the note about binary data file formats
> not backwards compatible, and choose to add default-mysql-* next
> to virtual-mysql-*.
> Updated patch attached, for clarity.

Good idea. I added a 'for example' to the sentence about installing
default-mysql-server. Otherwise this seems ready to me.


Index: en/whats-new.dbk
===
--- en/whats-new.dbk(r??vision 11372)
+++ en/whats-new.dbk(copie de travail)
@@ -302,17 +302,15 @@
 3.16 series
 4.8 series
   
-
   
MySQLMySQL
5.5
-   5.6
+   removed
   
   
NginxNginx
@@ -431,6 +429,46 @@
   
 
 
+
+
+  MariaDB replaces MySQL
+  
+MariaDB is now the default MySQL variant in Debian, at version 10.1.
+The &Releasename; release introduces a new mechanism for switching the
+default variant, using metapackages created from the
+mysql-defaults source package.
+For example, installing the metapackage
+default-mysql-server
+will install
+mariadb-server-10.1.
+Users who had
+mysql-server-5.5 or
+mysql-server-5.6 will have it
+removed and replaced by the MariaDB equivalent.
+Similarly, installing
+default-mysql-client
+will install
+mariadb-client-10.1.
+
+
+Note that the database binary data file formats are not backwards
+compatible, so once you have upgraded to MariaDB 10.1 you will
+not be able to switch back to any previous version of MariaDB or
+MySQL unless you have a proper database dump. Therefore, before
+upgrading, please make backups of all important databases with
+an appropriate tool such as mysqldump.
+
+
+The virtual-mysql-* and
+default-mysql-* packages
+will continue to exist. MySQL continues to be maintained in Debian,
+in the unstable release.
+See the https://wiki.debian.org/Teams/MySQL";>Debian MySQL Team
+wiki page for current information about the mysql-related
+software available in Debian.
+  
+
+
 
   
   A new archive for debug symbols




-- 

Bug#856210: libdebian-installer: please parse SHA256 field and add it to di_* structs

[Steven Chamberlain]

Hi,

Bastian Blank wrote:
> This change breaks the existing ABI and therefor needs an ABI bump, but
> it is missing from the patch.

I agree, that should be done.  Thanks.

Regards,
-- 
Steven Chamberlain
ste...@pyro.eu.org


signature.asc
Description: Digital signature

Bug#856148: unblock: ntfs-3g/1:2016.2.22AR.1+dfsg.1-0.1

[Cyril Brulebois]

Ivo De Decker  (2017-02-26):
> Control: tags -1 confirmed moreinfo d-i
> 
> Hi,
> 
> On Sun, Feb 26, 2017 at 03:05:58PM +0100, László Böszörményi (GCS) wrote:
> > > But - there would be no point uploading something to DELAYED if the
> > > release time would not approve an unblock.  I think that is why this was
> > > filed - intended as a request for comments about a speculative upload to
> > > DELAYED/10.  You could follow-up with your own debdiff if you plan to
> > > make your own upload for this?
> >  Sure, attached and package can be downloaded[2].
> 
> It was uploaded and unblocked, but it needs a d-i ack (debdiff below).

No objections, thanks.


KiBi.


signature.asc
Description: Digital signature

Bug#856252: Path to exim4 binary in /etc/netdata/python.d/exim.conf wrong

[Sven Hartge]

Package: netdata
Version: 1.5.0+dfsg-1
Severity: normal
Tags: patch

Hi!

The default path for the exim4 binary in /etc/netdata/python.d/exim.conf
is wrong for Debian. While this is of course configurable by the user,
having to do so in the first place defeates the runs-out-of-the-box
approach netdata has.

Please see attached patch addressing the problem.

Grüße,
Sven.

-- System Information:
Debian Release: 9.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 
'unstable'), (500, 'testing'), (200, 'experimental'), (1, 'experimental-debug')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 4.8.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages netdata depends on:
ii  adduser  3.115
ii  init-system-helpers  1.47
ii  libc62.24-9
ii  libcap2-bin  1:2.25-1
ii  libuuid1 2.29.1-1
ii  lsb-base 9.20161125
ii  netdata-data 1.5.0+dfsg-2
ii  python   2.7.13-2
ii  python-yaml  3.12-1
ii  zlib1g   1:1.2.8.dfsg-5

Versions of packages netdata recommends:
pn  nodejs  

netdata suggests no packages.

-- Configuration Files:
/etc/netdata/health.d/disks.conf changed [not included]
/etc/netdata/health_alarm_notify.conf changed [not included]
/etc/netdata/netdata.conf changed [not included]
/etc/netdata/python.d/apache.conf changed [not included]
/etc/netdata/python.d/exim.conf changed [not included]

-- debconf-show failed
>From 7c519219f3b036a8e52b0ed43c1da12fabe7b384 Mon Sep 17 00:00:00 2001
From: Sven Hartge 
Date: Sun, 26 Feb 2017 23:57:41 +0100
Subject: [PATCH] Debianize path to exim4 binary

Signed-off-by: Sven Hartge 
---
 conf.d/python.d/exim.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/conf.d/python.d/exim.conf b/conf.d/python.d/exim.conf
index 07d72c5..dd2663d 100644
--- a/conf.d/python.d/exim.conf
+++ b/conf.d/python.d/exim.conf
@@ -83,4 +83,4 @@ update_every: 10
 # AUTO-DETECTION JOBS
 
 local:
-  command: 'exim -bpc'
+  command: '/usr/sbin/exim4 -bpc'
-- 
2.11.0

Bug#856251: quiterss: Quiterss immediately segfaults in kwin_wayland

[Shawn Sörbom]

Package: quiterss
Version: 0.18.4+dfsg-2
Severity: important

Dear Maintainer,

starting Quiterss in a kwin_wayland session immediately produces a segfault. 
This does not occur under Xorg. I have not run it inside a debugger yet. I hope 
to do this soon.
Thanks,
Shawn

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages quiterss depends on:
ii  libc6 2.24-9
ii  libgcc1   1:6.3.0-6
ii  libgl1-mesa-glx [libgl1]  13.0.4-1
ii  libqt5core5a  5.7.1+dfsg-3+b1
ii  libqt5gui55.7.1+dfsg-3+b1
ii  libqt5multimedia5 5.7.1~20161021-2
ii  libqt5network55.7.1+dfsg-3+b1
ii  libqt5printsupport5   5.7.1+dfsg-3+b1
ii  libqt5sql55.7.1+dfsg-3+b1
ii  libqt5sql5-sqlite 5.7.1+dfsg-3+b1
ii  libqt5webkit5 5.7.1+dfsg-1
ii  libqt5widgets55.7.1+dfsg-3+b1
ii  libqt5xml55.7.1+dfsg-3+b1
ii  libsqlite3-0  3.16.2-2
ii  libstdc++66.3.0-6

quiterss recommends no packages.

quiterss suggests no packages.

-- no debconf information

Bug#851060: libnids 1.23-2.1 NMU

[Marcos Fouces]

El 26/02/17 a las 18:05, James Cowgill escribió:


Well now that I've collected all the fixes together and tested it, I'm
going to do the NMU anyway :)


Good to read that! Now i will try to contact Vassillis. if he is MIA, 
then i incorporate libnids to pkg-security team.


Cheers,

Marcos




Control: tags -1 patch pending

Hi,

On 25/02/17 18:00, James Cowgill wrote:

On 23/02/17 22:44, Marcos Fouces wrote:

I am agree with you, when i fix these bugs i will create a separate git
branch, cherry-pick only freeze-allowed changes and try to get a package
ready for stretch.

Ok. Since I can now get dsniff working, I will happily NMU this unless
you want to do it.

Well now that I've collected all the fixes together and tested it, I'm
going to do the NMU anyway :)

Uploaded NMU attached.

Thanks,
James

Bug#855930: Bug#853119: Request to take a look at #855930

[Vincent Danjean]

Le 26/02/2017 à 23:37, Vincent Danjean a écrit :
> I eventually succeeded in reproducing the bug: lualatex needs a
> writable HOME directory. On my plain (sid) system:
> $ cat lualatex-example.tex
> \documentclass{article}
> \usepackage{luacode}
> \begin{document}
> A random number:
> \begin{luacode}
> tex.print(math.random())
> \end{luacode}
> \end{document}
> $ lualatex lualatex-example.tex
> This is LuaTeX, Version 0.95.0 (TeX Live 2016/Debian)
> [...]
> Transcript written on lualatex-example.log.
> $ HOME=/non-existatn lualatex lualatex-example.tex
> This is LuaTeX, Version 0.95.0 (TeX Live 2016/Debian)
>  restricted system commands enabled.
> (./lualatex-example.tex
> LaTeX2e <2017/01/01> patch level 1
> 
> quiting: fix your writable cache path

And, for more info:
$ mkdir p
$ HOME=p lualatex lualatex-example.tex
This is LuaTeX, Version 0.95.0 (TeX Live 2016/Debian)
[...]
luaotfload | db : Font names database not found, generating new one.
luaotfload | db : This can take several minutes; please be patient.(compiling 
luc: /var/li
b/texmf/luatex-cache/generic/fonts/otl/lmroman10-regular.luc)(compiling luc: p/
.texlive2016/texmf-var/luatex-cache/generic/fonts/otl/lmroman10-regular.luc)(sa
ve: p/.texlive2016/texmf-var/luatex-cache/generic/fonts/otl/lmroman10-regular.l
ua)(save: p/.texlive2016/texmf-var/luatex-cache/generic/fonts/otl/lmroman10-reg
ular.luc)))
[...]
$ find p
p
p/.texlive2016
p/.texlive2016/texmf-var
p/.texlive2016/texmf-var/luatex-cache
p/.texlive2016/texmf-var/luatex-cache/generic
p/.texlive2016/texmf-var/luatex-cache/generic/names
p/.texlive2016/texmf-var/luatex-cache/generic/names/luaotfload-lookup-cache.luc
p/.texlive2016/texmf-var/luatex-cache/generic/names/luaotfload-names.lua.gz
p/.texlive2016/texmf-var/luatex-cache/generic/names/luaotfload-names.luc
p/.texlive2016/texmf-var/luatex-cache/generic/names/luaotfload-lookup-cache.lua
p/.texlive2016/texmf-var/luatex-cache/generic/fonts
p/.texlive2016/texmf-var/luatex-cache/generic/fonts/otl
p/.texlive2016/texmf-var/luatex-cache/generic/fonts/otl/lmroman10-regular.luc
p/.texlive2016/texmf-var/luatex-cache/generic/fonts/otl/lmroman10-regular.lua
$

So lulaatex seems to really use the HOME directory.

  Regards,
Vincent

-- 
Vincent Danjean   GPG key ID 0xD17897FA vdanj...@debian.org
GPG key fingerprint: 621E 3509 654D D77C 43F5  CA4A F6AE F2AF D178 97FA
Unofficial pkgs: http://moais.imag.fr/membres/vincent.danjean/deb.html
APT repo:  deb http://people.debian.org/~vdanjean/debian unstable main

Bug#856212: cdebootstrap: please implement SHA256 verification of .deb files

[Steven Chamberlain]

Hi,

Bastian Blank wrote:
> I was not able to provide a real fix as I'm rather time constrained.

Don't worry, I'm prepared to write patches.  But I wonder:

  * is it okay to drop MD5 support, when implementing SHA256?
  * must we fix this before the stretch release?  or otherwise, would it
be possible to make such a big change in a stable point release?

> However please provide this information, as I only found something with
> about 2^120 for preimage attacks on MD5, which is still not fesable in
> real live.

Last time I brought up the topic, that argument was given.

But maybe it's the wrong approach to ask "are we *sure* MD5 is broken
and we must replace it?".  We need to make a prediction that lasts the
supported lifetime of stretch (until 2022?);  and some adversaries do
not reveal their capabilities.

It's actually kind of bizarre that we've published SHA256 sums in the
archive since 2007 and *still* don't use them here.  I think there is a
greater risk that we forget, or be too lazy, than we do this 'too soon'.

Regards,
-- 
Steven Chamberlain
ste...@pyro.eu.org


signature.asc
Description: Digital signature

Bug#855930: Bug#853119: Request to take a look at #855930

[Vincent Danjean]

Le 26/02/2017 à 22:37, Lucas Nussbaum a écrit :
> On 26/02/17 at 21:41 +0100, Vincent Danjean wrote:
>> Can you elaborate? I cannot reproduce this failure. It works
>> in my sbuild environment.
> 
> if you have a successful build with sbuild, please provide the build
> log: it's usually useful to just diff the build logs to compare list of
> packages.

Looking at the machine, it seems it was not a sbuild, but a build
in my new testing chroot (created with debootstrap, buildd variant).
  So, I just digged more into it as my sbuild invocation fails indeed.

The installed packages are the same (but sbuild-build-depends-core-dummy
and sbuild-build-depends-latex-make-dummy of course).

I eventually succeeded in reproducing the bug: lualatex needs a
writable HOME directory. On my plain (sid) system:
$ cat lualatex-example.tex
\documentclass{article}
\usepackage{luacode}
\begin{document}
A random number:
\begin{luacode}
tex.print(math.random())
\end{luacode}
\end{document}
$ lualatex lualatex-example.tex
This is LuaTeX, Version 0.95.0 (TeX Live 2016/Debian)
[...]
Transcript written on lualatex-example.log.
$ HOME=/non-existatn lualatex lualatex-example.tex
This is LuaTeX, Version 0.95.0 (TeX Live 2016/Debian)
 restricted system commands enabled.
(./lualatex-example.tex
LaTeX2e <2017/01/01> patch level 1

quiting: fix your writable cache path


  So Norbert, should I reassign this bug to texlive-luatex (it seems
a regression), so should I provide an (temporary empty) writable HOME
directory during the lualatex invocation?

  Regards,
Vincent

-- 
Vincent Danjean   GPG key ID 0xD17897FA vdanj...@debian.org
GPG key fingerprint: 621E 3509 654D D77C 43F5  CA4A F6AE F2AF D178 97FA
Unofficial pkgs: http://moais.imag.fr/membres/vincent.danjean/deb.html
APT repo:  deb http://people.debian.org/~vdanjean/debian unstable main

Bug#856046: [Pkg-zsh-devel] Bug#856046: Bug#856046: Bug#856046: zsh: fix two segfaults in zsh/parameter module appends

[Daniel Shahaf]

Daniel Shahaf wrote on Sat, Feb 25, 2017 at 08:09:50 +:
> I've just pushed upstream the fix for this (attached to the OP) in
> revision 6c476c2222006dcacc767b2c2846ede881e8 towards 5.3.2/5.4.

So that ($options) has been reverted, and the original ($functions) is
about to be rewritten upstream too.

At this point I don't feel the fix is stable enough to be backported.
Let's close this bug then?  Can always revisist this once upstream
stabilizes.

Cheers,

Daniel

Bug#856250: libdbd-mysql-perl: Regression for zerofill columns

[Pali Rohár]

Package: libdbd-mysql-perl
Version: 4.041-1

DBD::mysql in version 4.040 introduced regression for zerofill columns 
and since that version values are returned as without zerofill 
attribute.

According to bug report on cpan zerofill attribute worked for 10 years 
without problem: https://rt.cpan.org/Public/Bug/Display.html?id=118977

Patch which fixes zerofill attribute will be part of DBD::mysql 4.042 
release and is there: https://github.com/perl5-dbi/DBD-mysql/pull/75

It contains also automated test for verification that zerofill is 
working correctly.

-- 
Pali Rohár
pali.ro...@gmail.com


signature.asc
Description: This is a digitally signed message part.

Bug#856248: trydiffoscope: traceback with "500 Server Error"

[Vagrant Cascadian]

Package: trydiffoscope
Version: 64
Severity: important

I haven't been able to use trydiffoscope for some weeks now, getting
tracebacks like the following:

  $ date > a
  $ # wait a bit...
  $ date > b
  $ trydiffoscope a b
  Traceback (most recent call last):
File "/usr/bin/trydiffoscope", line 142, in 
  sys.exit(TryDiffoscope(args).main())
File "/usr/bin/trydiffoscope", line 45, in main
  response.raise_for_status()
File "/usr/lib/python3/dist-packages/requests/models.py", line 893, in 
raise_for_status
  raise HTTPError(http_error_msg, response=self)
  requests.exceptions.HTTPError: 500 Server Error: Internal Server Error for 
url: https://try.diffoscope.org/api/v3/comparison/xhdzpgzfphhf


Presumably this is an issue server-side, or an API incompatibility, or... ?


live well,
  vagrant


-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing'), (120, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: armhf

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages trydiffoscope depends on:
ii  python3-requests  2.12.4-1
pn  python3:any   

trydiffoscope recommends no packages.

trydiffoscope suggests no packages.

-- no debconf information


signature.asc
Description: PGP signature

Bug#856214: deboostrapping wheezy fails (on Qubes jessie+stretch VMs)

[Colin Watson]

On Sun, Feb 26, 2017 at 07:17:50PM +, Holger Levsen wrote:
> user@stretch:~$ sudo strace debootstrap wheezy  ./wheezy 
> http://deb.debian.org/debian/

Afraid this isn't much use; it only tells us about system calls made by
the top-level debootstrap process itself.  You'll need the -f option to
strace, although it'll produce rather a lot of output; if you can
contrive to attach strace to debootstrap sometime shortly before it
spawns dpkg then that would be best.

-- 
Colin Watson   [cjwat...@debian.org]

Bug#856247: dict-gcide: Missing definition present upstream: "appeal"

[The Wanderer]

Package: dict-gcide
Version: 0.48.3
Severity: normal

Dear Maintainer,

When I run the following command, I get (in part) the following output:

$ dict -d gcide repeal
[...]
>From The Collaborative International Dictionary of English v.0.48 [gcide]:

  Repeal \Re*peal"\ (r?-p?l"), v. t. [imp. & p. p. {Repealed}
 (-p?ld"); p. pr. & vb. n. {Repealing}.] [OF. repeler to call
 back, F. rappeler; pref. re- re- + OF. apeler, F. appeler, to
 call, L. appellare. See {Appeal}, and. cf. {Repel}.]
[...]

This points to a definition of "appeal", marked as being available for
lookup. However, when I attempt to look up "appeal", I get no results:

$ dict -d gcide appeal
No definitions found for "appeal"

Similarly, manually grepping through /usr/share/dictd/gcide.* does not
locate any definitions for "Appeal".

Reinstalling the package (via 'apt-get install --reinstall dict-gcide')
did not affect this behavior.

By contrast, looking up 'appeal' in either the www.dict.org Web-based
query interface for gcide or the gcide.gnu.org Web-based query interface
finds three separate definition sections:
http://www.dict.org/bin/Dict?Form=Dict2&Database=gcide&Query=Appeal
http://gcide.gnu.org.ua/?q=appeal&define=Define&strategy=.

I would expect that looking up "appeal" using the dict command-line
interface would provide the same results as doing so via the various
online interfaces.


-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-1-amd64 (SMP w/12 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages dict-gcide depends on:
ii  dictd [dict-server]  1.12.1+dfsg-4

dict-gcide recommends no packages.

Versions of packages dict-gcide suggests:
ii  dict-wn  1:3.0-33

-- no debconf information

Bug#591009: 421 Service not available, remote server has closed connection

[Hilmar Preuße]

On 30.07.2010 23:53, Martin Sebald wrote:

Hi Martin,

https://bugs.debian.org/591009

> I'm using ProFTPd with MySQL, no other modules.
> 
> When trying to transfer a file with 1.3.3a-1 the client gets disconnected
> after sending the file (sent file seems to be ok). With cmdline client the
> connection just breaks, other clients (like Total Commander and FileZilla)
> reconnect, so users might not be aware of that. FileZilla sometimes (just
> sometimes) asks to overwrite the last file because it noticed some error
> and wanted to try again - but just sometimes.
> 
> Downgrade to 1.3.2e-4 solved the problem, everything works fine again.
> 
> As 1.3.3a-1 is already in testing I thought this bug should be brought to
> your attention.
> 
Are you still able to reproduce the problem? Does
http://bugs.proftpd.org/show_bug.cgi?id=3496 describes your problem?

Hilmar
-- 
http://www.hilmar-preusse.de.vu/   #206401 http://counter.li.org

Bug#856212: cdebootstrap: please implement SHA256 verification of .deb files

[Bastian Blank]

On Sun, Feb 26, 2017 at 04:32:43PM +, Steven Chamberlain wrote:
> To date, cdebootstrap still only implements MD5 verification of .deb
> files, despite its formal deprecation as a digital signature algorithm
> by RFC6151 (2011) and recommendations of academic literature years
> prior.

I was not able to provide a real fix as I'm rather time constrained.
However please provide this information, as I only found something with
about 2^120 for preimage attacks on MD5, which is still not fesable in
real live.

Bastian

-- 
Klingon phaser attack from front!
100% Damage to life support

Bug#855946: no sound on upgrade

[Elías Alejandro]

On Fri, Feb 24, 2017 at 11:16 AM, Toni Mueller  wrote:
>
> Hi Elias,
>
> On Fri, Feb 24, 2017 at 10:48:42AM -0300, Elías Alejandro wrote:
>> What was your previous radiotray version?
>
> it looks like something else caused the problem, because it only
> appeared a few days ago, while the latest radiotray release was last
> year (I should have checked earlier). However, just removing the
> radiotray config file and having it generate a new one fixed it. I can't
> tell which would be the relevant package in that case. :(

I'm not sure but If you can provide me your previous config file it can be great
otherwise we can wait if any other can report the same issue.

>
> Please reassign as you see fit.

We are waiting for more info otherwise we can close it.


Best regards.
Elías Alejandro

Bug#856198: RFS: entropybroker/2.9-0.1 [RC] [NMU]

[Thorsten Alteholz]

On Sun, 26 Feb 2017, Gianfranco Costamagna wrote:

I am looking for a sponsor for my package "entropybroker"


This is rather strange.


BTW since Thorsten is the maintainer, and he is active, an NMU for a bug opened 
some
hours ago would be *totally* unappropriate.


Indeed, it is also the wrong solution.


Thorsten, of course the package is up to you, and the review is just in case you say 
"go
ahead and sponsor it" :)


On the contrary I say: Thanks for the work, but no thanks.

  Thorsten

Bug#637076: AllowOverwrite On doesn't work with UserOwner and GroupOwner directives

[Hilmar Preuße]

On 08.08.2011 12:51, Андрей Василишин wrote:

Hi,

https://bugs.debian.org/637076

> Directive "AllowOverwrite On"  doesn't work in such config:
> 
> # cat /etc/proftpd/proftpd.conf
> Include /etc/proftpd/modules.conf
> 
Are you still able to reproduce the problem? Could you share some logs,
which are eventually useful?

Hilmar
-- 
http://www.hilmar-preusse.de.vu/   #206401 http://counter.li.org

Bug#702201: anyone?

[bbrendon]

Any news on this? Yay/Nay? I'll vote yay.

Bug#856201: irssi: slow startup

[Alberto Garcia]

On Sun, Feb 26, 2017 at 09:01:12PM +0100, Ailin Nemui wrote:

> Hi, if you are serious about finding this problem it would be
> best if you could git bisect the code to pin point the changeset
> responsible

Actually I just took a quick look and it seems that there's
no changeset that is responsible for this. It's this first
g_main_iteration(TRUE) call in irssi.c that blocks the UI:

while (!quitting) {
term_refresh_freeze();
g_main_iteration(TRUE);
term_refresh_thaw();

if (reload_config) {
/* SIGHUP received, do /RELOAD */
reload_config = FALSE;
signal_emit("command reload", 1, "");
}

dirty_check();
}

So it may be a change in glib, but I don't know if it's right that
irssi calls g_main_iteration() here with may_block = TRUE.

Berto

Bug#855930: Bug#853119: Request to take a look at #855930

[Lucas Nussbaum]

On 26/02/17 at 21:41 +0100, Vincent Danjean wrote:
>   Lucas: can you tell us how more on how the build environment
> is generated ?

Hi,

I used sbuild-createchroot, then manually cleaned it with debfoster. But
there should be nothing special about it, except the removal of lsb-base
and tzdata which are no longer essential packages.

> > However, if you build w sbuild, this seems to fail.
> 
> Can you elaborate? I cannot reproduce this failure. It works
> in my sbuild environment.

if you have a successful build with sbuild, please provide the build
log: it's usually useful to just diff the build logs to compare list of
packages.

Lucas

Bug#856148: unblock: ntfs-3g/1:2016.2.22AR.1+dfsg.1-0.1

[Ivo De Decker]

Control: tags -1 confirmed moreinfo d-i

Hi,

On Sun, Feb 26, 2017 at 03:05:58PM +0100, László Böszörményi (GCS) wrote:
> > But - there would be no point uploading something to DELAYED if the
> > release time would not approve an unblock.  I think that is why this was
> > filed - intended as a request for comments about a speculative upload to
> > DELAYED/10.  You could follow-up with your own debdiff if you plan to
> > make your own upload for this?
>  Sure, attached and package can be downloaded[2].

It was uploaded and unblocked, but it needs a d-i ack (debdiff below).

Cheers,

Ivo


> diff -Nru ntfs-3g-2016.2.22AR.1/debian/README.source 
> ntfs-3g-2016.2.22AR.1+dfsg/debian/README.source
> --- ntfs-3g-2016.2.22AR.1/debian/README.source1970-01-01 
> 00:00:00.0 +
> +++ ntfs-3g-2016.2.22AR.1+dfsg/debian/README.source   2017-02-26 
> 12:34:31.0 +
> @@ -0,0 +1,2 @@
> +The source is repacked to use a DFSG free ntfsprogs/boot.c file from
> +upstream 2016.2.22AR.2 version.
> diff -Nru ntfs-3g-2016.2.22AR.1/debian/changelog 
> ntfs-3g-2016.2.22AR.1+dfsg/debian/changelog
> --- ntfs-3g-2016.2.22AR.1/debian/changelog2017-02-01 06:23:28.0 
> +
> +++ ntfs-3g-2016.2.22AR.1+dfsg/debian/changelog   2017-02-26 
> 12:34:31.0 +
> @@ -1,3 +1,9 @@
> +ntfs-3g (1:2016.2.22AR.1+dfsg-1) unstable; urgency=medium
> +
> +  * Repack source to have a DFSG free NTFS boot sector (closes: #808463).
> +
> + -- Laszlo Boszormenyi (GCS)   Sun, 26 Feb 2017 12:34:31 
> +
> +
>  ntfs-3g (1:2016.2.22AR.1-4) unstable; urgency=high
>  
>* Fix CVE-2017-0358: modprobe influence vulnerability via environment
> diff -Nru ntfs-3g-2016.2.22AR.1/debian/copyright 
> ntfs-3g-2016.2.22AR.1+dfsg/debian/copyright
> --- ntfs-3g-2016.2.22AR.1/debian/copyright2016-04-02 16:18:49.0 
> +
> +++ ntfs-3g-2016.2.22AR.1+dfsg/debian/copyright   2017-02-26 
> 12:34:31.0 +
> @@ -11,6 +11,28 @@
>  Copyright: 2000-2013 ntfs-3g Development Team
>  License: LGPL-2+
>  
> +Files: ntfsprogs/boot.c
> +Copyright: Copyright (C) 1991 Linus Torvalds ,
> + Copyright (C) 1992-1993 Remy Card ,
> + Copyright (C) 1993-1994 David Hudson ,
> + Copyright (C) 1998 H. Peter Anvin ,
> + Copyright (C) 1998-2005 Roman Hodek 
> ,
> + Copyright (C) 2008-2014 Daniel Baumann ,
> + Copyright (C) 2015 Andreas Bombe 
> +License: GPL-3
> + This package is free software; you can redistribute it and/or modify
> + it under the terms of the GNU General Public License as published by
> + the Free Software Foundation; either version 3 of the License, or
> + (at your option) any later version.
> + .
> + This package is distributed in the hope that it will be useful,
> + but WITHOUT ANY WARRANTY; without even the implied warranty of
> + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
> + GNU General Public License for more details.
> + .
> + On Debian systems, the complete text of the GNU General
> + Public License can be found in `/usr/share/common-licenses/GPL-3'.
> +
>  Files: debian/*
>  Copyright: 2014- Laszlo Boszormenyi (GCS) ,
>   2011-2014 Daniel Baumann ,
> diff -Nru ntfs-3g-2016.2.22AR.1/ntfsprogs/boot.c 
> ntfs-3g-2016.2.22AR.1+dfsg/ntfsprogs/boot.c
> --- ntfs-3g-2016.2.22AR.1/ntfsprogs/boot.c2016-02-22 07:34:33.0 
> +
> +++ ntfs-3g-2016.2.22AR.1+dfsg/ntfsprogs/boot.c   2017-02-26 
> 12:05:36.0 +
> @@ -1,268 +1,103 @@
> -#include "boot.h"
> +/*
> + *   NTFS bootsector, adapted from the vfat one.
> + */
>  
> -/**
> - * boot_array - the first 4136 bytes of $Boot
> +/* mkfs.fat.c - utility to create FAT/MS-DOS filesystems
> + * Copyright (C) 1991 Linus Torvalds 
> + * Copyright (C) 1992-1993 Remy Card 
> + * Copyright (C) 1993-1994 David Hudson 
> + * Copyright (C) 1998 H. Peter Anvin 
> + * Copyright (C) 1998-2005 Roman Hodek 
> 
> + * Copyright (C) 2008-2014 Daniel Baumann 
> + * Copyright (C) 2015 Andreas Bombe 
>   *
> - * The first 4136 bytes of $Boot. The rest is just zero. Total 8192 bytes.
> + * This program is free software: you can redistribute it and/or modify
> + * it under the terms of the GNU General Public License as published by
> + * the Free Software Foundation, either version 3 of the License, or
> + * (at your option) any later version.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> + * GNU General Public License for more details.
> + * You should have received a copy of the GNU General Public License
> + * along with this program. If not, see .
> + * The complete text of the GNU General Public License
> + * can be found in /usr/share/common-licenses/GPL-3 file.
>   */
> -const unsigned char boot_array[4136] = {
> -235,  82, 144,  78,  84,  70,  83,  32,  32,  32,  32,   0,   0,   0,   0,   
> 0,
> -  0,   0,   0,   0,   0,   0,  

Bug#856064: libdbd-mysql-perl: reads of floats currupted as 0

[Ivo De Decker]

Hi,

On Sun, Feb 26, 2017 at 09:49:44PM +0100, gregor herrmann wrote:
> > So from my point of view, as it is two days until the 1st of March right
> > now (at least in my timezone) we need to get a fixed version of
> > libdbd-mysql-perl in unstable by tomorrow at the latest. Is this going
> > to be possible?
> 
> Sure, I just uploaded 4.041-2 to unstable.

Unblocked libdbd-mysql-perl.

> Thanks for handling all this stuff!

Cheers,

Ivo

Bug#856245: [INTL:es] Spanish translation of the debconf template openvas-scanner

[jathan]

Package: openvas-scanner
Severity: wishlist


Hi,

please find attached the Spanish debconf translation of openvas-scanner.

Regards,
Jathan

-- 
Por favor evita enviarme adjuntos en formato de word o powerpoint, si
quieres saber porque lee esto:
http://www.gnu.org/philosophy/no-word-attachments.es.html
¡Cámbiate a GNU/Linux! http://getgnulinux.org/es

# openvas-scanner debconf translations
# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
# This file is distributed under the same license as the openvas-scanner package.
# FIRST AUTHOR , YEAR.
# Changes:
# - Initial translation
# Jonathan Bustillos , 2017.
#
# Traductores, si no conocen el formato PO, merece la pena leer la
# documentación de gettext, especialmente las secciones dedicadas a este
# formato, por ejemplo ejecutando:
# info -n '(gettext)PO Files'
# info -n '(gettext)Header Entry'
#
# Equipo de traducción al español, por favor lean antes de traducir
# los siguientes documentos:
#
# - El proyecto de traducción de Debian al español
# http://www.debian.org/intl/spanish/
# especialmente las notas y normas de traducción en
# http://www.debian.org/intl/spanish/notas
#
# - La guía de traducción de po's de debconf:
# /usr/share/doc/po-debconf/README-trans
# o http://www.debian.org/intl/l10n/po-debconf/README-trans
msgid ""
msgstr ""
"Project-Id-Version: openvas-scanner\n"
"Report-Msgid-Bugs-To: openvas-scan...@packages.debian.org\n"
"POT-Creation-Date: 2016-09-14 17:49+0800\n"
"PO-Revision-Date: 2017-02-23 18:30-0600\n"
"Last-Translator: Jonathan Bustillos \n"
"Language-Team: Debian Spanish \n"
"Language: es\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
"X-Generator: Gtranslator 2.91.6\n"

#. Type: boolean
#. Description
#: ../templates:1001
msgid "Do you want to enable redis unix socket on /var/run/redis/redis.sock?"
msgstr "¿Desea habilitar redis unix socket en /var/run/redis/redis.sock?"

#. Type: boolean
#. Description
#: ../templates:1001
msgid ""
"Openvas scanner require redis database to store data. It will connect to the "
"database with a unix socket at /var/run/redis/redis.sock and /etc/redis/"
"redis.conf will be updated."
msgstr ""
"El escáner Openvas requiere una base de datos redis para almacenar datos. Se "
"conectará a la base de datos con un socket unix en /var/run/redis/redis.sock "
"y se actualizará el archivo /etc/redis/redis.conf."


signature.asc
Description: OpenPGP digital signature

Bug#856244: [INTL:es] Spanish translation of the debconf template nginx

[jathan]

Package: nginx
Severity: wishlist


Hi,

please find attached the Spanish debconf translation of nginx.

Regards,
Jathan

-- 
Por favor evita enviarme adjuntos en formato de word o powerpoint, si
quieres saber porque lee esto:
http://www.gnu.org/philosophy/no-word-attachments.es.html
¡Cámbiate a GNU/Linux! http://getgnulinux.org/es

# Nginx debconf translations
# Copyright (C) 2016 Christos Trochalakis
# This file is distributed under the same license as the nginx package.
# Christos Trochalakis , 2016.
# Changes:
# - Initial translation
# Jonathan Bustillos , 2017.
#
# Traductores, si no conocen el formato PO, merece la pena leer la
# documentación de gettext, especialmente las secciones dedicadas a este
# formato, por ejemplo ejecutando:
# info -n '(gettext)PO Files'
# info -n '(gettext)Header Entry'
#
# Equipo de traducción al español, por favor lean antes de traducir
# los siguientes documentos:
#
# - El proyecto de traducción de Debian al español
# http://www.debian.org/intl/spanish/
# especialmente las notas y normas de traducción en
# http://www.debian.org/intl/spanish/notas
#
# - La guía de traducción de po's de debconf:
# /usr/share/doc/po-debconf/README-trans
# o http://www.debian.org/intl/l10n/po-debconf/README-trans
msgid ""
msgstr ""
"Project-Id-Version: nginx\n"
"Report-Msgid-Bugs-To: ng...@packages.debian.org\n"
"POT-Creation-Date: 2016-10-04 20:03+0300\n"
"PO-Revision-Date: 2017-02-23 18:21-0600\n"
"Last-Translator: Jonathan Bustillos \n"
"Language-Team: Debian Spanish \n"
"Language: es\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
"X-Generator: Gtranslator 2.91.6\n"

#. Type: note
#. Description
#: ../nginx-common.templates:1001
msgid "Possible insecure nginx log files"
msgstr "Archivos de registro de nginx posiblemente inseguros"

#. Type: note
#. Description
#: ../nginx-common.templates:1001
msgid ""
"The following log files under /var/log/nginx directory are symlinks owned by "
"www-data:"
msgstr ""
"Los siguientes archivos de registro en el directorio /var/log/nginx son "
"enlaces simbólicos propiedad de www-data:"

#. Type: note
#. Description
#: ../nginx-common.templates:1001
msgid "${logfiles}"
msgstr "${logfiles}"

#. Type: note
#. Description
#: ../nginx-common.templates:1001
msgid ""
"Since nginx 1.4.4-4 /var/log/nginx was owned by www-data. As a result www-"
"data could symlink log files to sensitive locations, which in turn could "
"lead to privilege escalation attacks. Although /var/log/nginx permissions "
"are now fixed it is possible that such insecure links already exist. So, "
"please make sure to check the above locations."
msgstr ""
"Desde nginx 1.4.4-4 /var/log/nginx era propiedad de www-data. Como "
"resultado, www-data podría enlazar archivos de registro a ubicaciones "
"sensibles, lo que a su vez podría dar lugar a ataques de escalamiento de "
"privilegios. Aunque los permisos de /var/log/nginx están ahora arreglados, "
"es posible que dichos enlaces inseguros todavía existan. Por lo tanto, "
"asegúrese de comprobar las ubicaciones mencionadas anteriormente."


signature.asc
Description: OpenPGP digital signature

Bug#855966: qemu: Please use full version number (2.8.0 instead of 2.8)

[Michael Tokarev]

24.02.2017 00:16, Jeremy Bicha wrote:
> Source: qemu
> Version: 1:2.8+dfsg-2
> Severity: low
> 
> Could you please use the full version number 2.8.0 instead of 2.8?

What's wrong with using just 2-component version number?
We do apply the stable patchsets, and we do apply the selected
stable patches. So the result is really not any 2.8.y patcheset,
but something more than that.

On the other hand, using full 3-components version number requires
re-upload of the upstream source, and makes packaging to be more
work than it is now.

So what do we gain and what for?

If it is only the watch file, that's so much minor non-issue,
there's just no point in spending time with that.

Thanks,

/mjt

Bug#856198: RFS: entropybroker/2.9-0.1 [RC] [NMU]

[Gianfranco Costamagna]

control: owner -1 !
control: tags -1 moreinfo

>I am looking for a sponsor for my package "entropybroker"



I can sponsor it if you get

1) an unblock bug approved
or
2) a targeted fixes for the RC bug.

I admit, the new release is mostly a "fix manpage, merge debian patches, fix rc 
bug, release"

but I would like to hear Release Team before giving a sign/upload

thanks for the patch and the nice work,


BTW since Thorsten is the maintainer, and he is active, an NMU for a bug opened 
some
hours ago would be *totally* unappropriate.
I'm owning the bug and tagging it moreinfo to avoid people accidentally 
sponsoring it :)

Thorsten, of course the package is up to you, and the review is just in case 
you say "go
ahead and sponsor it" :)
(my bad, I reviewed the package before looking at the RC bug and Maintainer 
field, and
it was too late to delete the email :p)


Gianfranco

Bug#856210: libdebian-installer: please parse SHA256 field and add it to di_* structs

[Bastian Blank]

Hi Steven

On Sun, Feb 26, 2017 at 06:30:31PM +, Steven Chamberlain wrote:
> I've attached only the most minimal patch to allow reverse-depends do
> implement SHA256.  They must adapt to the new names of struct members
> *and* remember that the hash length is now different.  (The hash data is
> stored in variable-length fields but the length is not recorded in the
> structs, and the has is denoted by a magic number not an enum;  that
> could be made better, but requiring a much larger diff).

This change breaks the existing ABI and therefor needs an ABI bump, but
it is missing from the patch.

Regards,
Bastian

-- 
It is necessary to have purpose.
-- Alice #1, "I, Mudd", stardate 4513.3

Bug#856243: realmd: Missing dependency for realmd: policykit-1

[Andreas Maus]

Package: realmd
Version: 0.16.3-1
Severity: important

Hi everyone.

Currently the policykit-1 package is not listed
as dependency. Unfortunately this makes realmd unusable
because actions like join, discovery, ... fail with:

"realm: Not authorized to perform this action"

According to the journalctl output name "org.freedesktop.PolicyKit1" is
not provided:

Feb 26 21:39:32 mqtt dbus[372]: [system] Activating via systemd: 
servicename='org.freedesktop.realmd' unit='realmd.service'
Feb 26 21:39:32 mqtt realmd[860]: Loaded settings from: 
/usr/lib/realmd/realmd-defaults.conf /usr/lib/realmd/realmd-distro.conf
Feb 26 21:39:32 mqtt realmd[860]: holding daemon: startup
Feb 26 21:39:32 mqtt realmd[860]: starting service
Feb 26 21:39:32 mqtt realmd[860]: connected to bus
Feb 26 21:39:32 mqtt realmd[860]: released daemon: startup
Feb 26 21:39:32 mqtt dbus[372]: [system] Successfully activated service 
'org.freedesktop.realmd'
Feb 26 21:39:32 mqtt realmd[860]: claimed name on bus: org.freedesktop.realmd
Feb 26 21:39:32 mqtt realmd[860]: client using service: :1.3
Feb 26 21:39:32 mqtt realmd[860]: holding daemon: :1.3
Feb 26 21:39:32 mqtt realmd[860]: Using 'r37.857' operation for method 
'Discover' invocation on 'org.freedesktop.realmd.Provider' interface
Feb 26 21:39:32 mqtt realmd[860]: Registered cancellable for operation 'r37.857'
Feb 26 21:39:32 mqtt realmd[860]: couldn't check polkit authorization: 
GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name 
org.freedesktop.PolicyKit1 was not provided by any .service files
Feb 26 21:39:32 mqtt realmd[860]: couldn't check polkit authorization: 
GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name 
org.freedesktop.PolicyKit1 was not provided by any .service files
Feb 26 21:39:32 mqtt realmd[860]: rejecting access to method 'Discover' on 
interface 'org.freedesktop.realmd.Provider' at /org/freedesktop/realmd
Feb 26 21:39:32 mqtt realmd[860]: client gone away: :1.3
Feb 26 21:39:32 mqtt realmd[860]: released daemon: :1.3

This name is registered by the file 
/usr/share/dbus-1/system-services/org.freedesktop.PolicyKit1.service, which
is part of the policykit-1 package.

Adding policykit-1 to the list of required packages will fix
this issue and ensure a working realmd package.

So long,

Andreas.

-- System Information:
Debian Release: 9.0
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-1-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages realmd depends on:
ii  libc6  2.24-9
ii  libcomerr2 1.43.4-2
ii  libglib2.0-0   2.50.2-2
ii  libk5crypto3   1.15-1
ii  libkrb5-3  1.15-1
ii  libldap-2.4-2  2.4.44+dfsg-3
ii  libpolkit-gobject-1-0  0.105-17
ii  libsystemd0232-18

realmd recommends no packages.

realmd suggests no packages.

-- no debconf information

-- 
"Things that try to look like things often do
 look more like things than things. Well-known fact."
Granny Weatherwax - "Wyrd sisters"


signature.asc
Description: PGP signature

Bug#856242: unblock: ant/1.9.9-1

[Emmanuel Bourg]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hi,

We've uploaded Ant 1.9.8 in January and we quickly had to fix a regression
breaking several packages (#850553). The modification was reported and
applied upstream. A new 1.9.9 release was rolled shortly after, consisting
in only this fix and another modification for Solaris.

I'd like to request the permission to upload ant/1.9.9-1 to unstable and have
it unblocked for a transition to stretch. This new release is basically
identical to the patched version we already have in stretch. It would be good
for clarity since end users may not be aware that the regression was fixed
in our version of Ant 1.9.8.

Thank you,

Emmanuel Bourg


unblock ant/1.9.9-1
diff -Nru ant-1.9.8/build.xml ant-1.9.9/build.xml
--- ant-1.9.8/build.xml 2016-12-25 18:45:03.0 +0100
+++ ant-1.9.9/build.xml 2017-02-02 18:55:08.0 +0100
@@ -34,10 +34,10 @@
   
   
   
-  
+  
   
-  
-  
+  
+  
   
 
   
diff -Nru ant-1.9.8/debian/changelog ant-1.9.9/debian/changelog
--- ant-1.9.8/debian/changelog  2017-01-19 10:41:24.0 +0100
+++ ant-1.9.9/debian/changelog  2017-02-26 21:19:40.0 +0100
@@ -1,3 +1,11 @@
+ant (1.9.9-1) unstable; urgency=medium
+
+  * Team upload.
+  * New upstream release
+- Removed 0012-BZ-60582.patch (fixed upstream)
+
+ -- Emmanuel Bourg   Sun, 26 Feb 2017 21:19:40 +0100
+
 ant (1.9.8-3) unstable; urgency=medium
 
   * Removed the newly introduced final modifier on Path.systemClasspath
diff -Nru ant-1.9.8/debian/patches/0012-BZ-60582.patch 
ant-1.9.9/debian/patches/0012-BZ-60582.patch
--- ant-1.9.8/debian/patches/0012-BZ-60582.patch2017-01-19 
10:15:51.0 +0100
+++ ant-1.9.9/debian/patches/0012-BZ-60582.patch1970-01-01 
01:00:00.0 +0100
@@ -1,17 +0,0 @@
-Description: Remove the final modifier on Path.systemClasspath
-Origin: backport, https://github.com/apache/ant/commit/984a03d
-Bug: https://bz.apache.org/bugzilla/show_bug.cgi?id=60582
-Bug-Debian: https://bugs.debian.org/850553
 a/src/main/org/apache/tools/ant/types/Path.java
-+++ b/src/main/org/apache/tools/ant/types/Path.java
-@@ -66,8 +66,9 @@
- public class Path extends DataType implements Cloneable, ResourceCollection {
- // CheckStyle:VisibilityModifier OFF - bc
- 
-+// non-final as some IDE integrations (at least Eclipse) want to override 
it
- /** The system classpath as a Path object */
--public static final Path systemClasspath =
-+public static Path systemClasspath = //NOSONAR
- new Path(null, System.getProperty("java.class.path"));
- 
- 
diff -Nru ant-1.9.8/debian/patches/series ant-1.9.9/debian/patches/series
--- ant-1.9.8/debian/patches/series 2017-01-19 10:13:03.0 +0100
+++ ant-1.9.9/debian/patches/series 2017-02-26 18:51:18.0 +0100
@@ -1,4 +1,3 @@
 0009-reproducible-timestamp-task.patch
 0010-reproducible-javadoc-task.patch
 0011-reproducible-propertyfile-task.patch
-0012-BZ-60582.patch
diff -Nru ant-1.9.8/manual/cover.html ant-1.9.9/manual/cover.html
--- ant-1.9.8/manual/cover.html 2016-12-25 18:45:03.0 +0100
+++ ant-1.9.9/manual/cover.html 2017-02-02 18:55:08.0 +0100
@@ -19,14 +19,14 @@
 
 
 
-Apache Ant 1.9.8 User Manual
+Apache Ant 1.9.9 User Manual
 
 
 
  
   
-  Apache Ant™ 1.9.8 Manual
-  This is the manual for version 1.9.8 of
+  Apache Ant™ 1.9.9 Manual
+  This is the manual for version 1.9.9 of
   http://ant.apache.org/index.html";>Apache Ant. 
 If your version 
 of Ant (as verified with ant -version) is older or newer than 
this 
diff -Nru ant-1.9.8/manual/credits.html ant-1.9.9/manual/credits.html
--- ant-1.9.8/manual/credits.html   2016-12-25 18:45:03.0 +0100
+++ ant-1.9.9/manual/credits.html   2017-02-02 18:55:08.0 +0100
@@ -62,7 +62,7 @@
 
 
 
-Version: 1.9.8
+Version: 1.9.9
 
 
 
diff -Nru ant-1.9.8/manual/projecthelper.html 
ant-1.9.9/manual/projecthelper.html
--- ant-1.9.8/manual/projecthelper.html 2016-12-25 18:45:03.0 +0100
+++ ant-1.9.9/manual/projecthelper.html 2017-02-02 18:55:08.0 +0100
@@ -70,13 +70,13 @@
 service declarations in the META-INF: it searches in the classpath for 
a
 file META-INF/services/org.apache.tools.ant.ProjectHelper.
 This file will just contain the fully qualified name of the
-implementation of ProjectHelper to instanciate;
+implementation of ProjectHelper to instantiate;
 it will also search with the system class loader for
 ProjectHelper service declarations in the META-INF;
 last but not least it will add its default ProjectHelper
 that can parse classical build.xml files.
 
-In case of an error while trying to instanciate a ProjectHelper, 
Ant
+In case of an error while trying to instantiate a ProjectHelper, 
Ant
 will log an error but won't stop.  If you want further debugging
 info about the ProjectHelper internal 'repository', use the 
system
 

Bug#855910: network-manager: Network Manager doesn't set default gw over DHCP

[Michal Kašpar]

Hi.
Indeed, returning to 1.6.0 fixed the problem for me. I investigated the
 upstream bug and it seems there is a workaround. The request gets
masked only if /etc/dhcp/dhclient.conf contains any request directive.
The default debian one does, but after commenting it out, the
NetworkManager works fine. It's not an option if there is some valid
reason to have request directive in the configuration file, but for
simple setups this might be the solution.
I've commented the upstream a bit so maybe it will be fixed there.

-- 
Michal Kašpar

Bug#807427: sane-utils: Can not provide access to hplip scanner over network

[Brian Potkin]

forwarded 807427 https://bugs.launchpad.net/hplip/+bug/1435022
thanks


On Sat 25 Feb 2017 at 19:46:03 +0300, Vladimir K wrote:

> > Vladimir, please would you post the 'scanimage -L' output from the
> > server.
> 
> It shows among others: 
> 
> device `hpaio:/net/HP_LaserJet_M1536dnf_MFP?hostname=printerhostname' is 
> a Hewlett-Packard HP_LaserJet_M1536dnf_MFP all-in-one

A slight misunderstanding here. I was after the 'scanimage -L' output
whn run *on* the server. It doesn't amtter now because I have what I
want.

Is "hostname=printerhostname" what is in the output?
 
> I'm using locally patched version of the packages, so network scanners
> configured with hplip do show up in the output on the clients.

You might want to contribute to the upstream bug report.

Regards,

-- 
Brian.

Bug#856064: libdbd-mysql-perl: reads of floats currupted as 0

[gregor herrmann]

On Mon, 27 Feb 2017 07:37:53 +1100, Brian May wrote:

> Brian May  writes:
> > amavisd-new has already been removed from testing. I think the chances
> > of getting it back in are remote - however I have asked the release team
> > - see #856067.
> 
> The release gods^h^h^h^h^h team has spoken. They say they will accept
> amavisd-new back in the archive:
> 
> "Not in a point release, but I'll cut you a deal: if the underlying bug in
> libdbd-mysql-perl is fixed (but *without* the additional fixes Pali
> mentions), and an unblock bug opened before 1st March, I'll unblock
> amavisd-new and amavisd-milter for stretch."
> 
> "(no precedents, subject to future developments, blah, blah, etc, etc)."

Cool.
 
> So from my point of view, as it is two days until the 1st of March right
> now (at least in my timezone) we need to get a fixed version of
> libdbd-mysql-perl in unstable by tomorrow at the latest. Is this going
> to be possible?

Sure, I just uploaded 4.041-2 to unstable.

Thanks for handling all this stuff!


Cheers,
gregor

-- 
 .''`.  https://info.comodo.priv.at/ - Debian Developer https://www.debian.org
 : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D  85FA BB3A 6801 8649 AA06
 `. `'  Member of VIBE!AT & SPI, fellow of the Free Software Foundation Europe
   `-   NP: Donovan: Living for the lovelight


signature.asc
Description: Digital Signature

Bug#855930: Bug#853119: Request to take a look at #855930

[Vincent Danjean]

Le 26/02/2017 à 15:29, Tomasz Buchert a écrit :
> On 26/02/17 10:25, Norbert Preining wrote:
>> On Sun, 26 Feb 2017, Norbert Preining wrote:
>>> I will try to run it in a clean cowbuilder with only the build-deps
>>> installed and see what might be the reason.
> 
> Thanks for looking into it.
> Let's also move the discussion to #855930 :).

  I forgot to add this info to this bug report:
I installed a testing schroot to try to rebuild it with testing
dependencies with sbuild. And it works...
  I've no idea of the root cause of this. I checked in the
provided log that Lucas uses recent (testing) tex packages.

  Lucas: can you tell us how more on how the build environment
is generated ?

  In any case, I will probably downgrade the severity if
nobody is able to reproduce the problem. If needed, I can ask
the release team to accept a package with this test disabled
(lualatex support is a nice feature but if it does not work
in all environment, it does not warrant a package removal)

>> Just done this, too, worked without a hinch:
>> 'lualatex' '--interaction' 'errorstopmode' '--jobname' 'lualatex-example' 
>> '\RequirePackage[extension=.pdf]{texdepends}\input{lualatex-example.tex}'
>> [...]
> 
> However, if you build w sbuild, this seems to fail.

Can you elaborate? I cannot reproduce this failure. It works
in my sbuild environment.

> Can it be some
> failure in how tex packages are installed? Sbuild may create a very
> minimal environment that exposes this problem.
> 
>> One idea: is /var writable???
> 
> I'm afraid I don't understand this. Can you elaborate?
> 
>> Norbert
> 
> Thanks,
> Tomasz

  Regards,
Vincent

-- 
Vincent Danjean   GPG key ID 0xD17897FA vdanj...@debian.org
GPG key fingerprint: 621E 3509 654D D77C 43F5  CA4A F6AE F2AF D178 97FA
Unofficial pkgs: http://moais.imag.fr/membres/vincent.danjean/deb.html
APT repo:  deb http://people.debian.org/~vdanjean/debian unstable main

Bug#856210: libdebian-installer: please parse SHA256 field and add it to di_* structs

[Steven Chamberlain]

With that patch, reverse-deps anna and cdebootstrap shall FTBFS with:

| gcc -Wdate-time -D_FORTIFY_SOURCE=2 -D_GNU_SOURCE -g -O2 
-fdebug-prefix-map=/home/steven/git/anna=. 
-specs=/usr/share/dpkg/pie-compile.specs -fstack-protector-strong -Wformat 
-Werror=format-security -Wall -W -ggdb -Wdate-time -D_FORTIFY_SOURCE=2 
-D_GNU_SOURCE  -c -o anna.o anna.c
| anna.c: In function ‘install_modules’:
| anna.c:321:25: error: ‘di_package {aka struct di_package}’ has no member 
named ‘md5sum’
|  if (! md5sum(package->md5sum, dest_file)) {
|  ^~

| gcc -DHAVE_CONFIG_H -I. -I../../src -I..  -I../../include -Wdate-time 
-D_FORTIFY_SOURCE=2  -g -O2 
-fdebug-prefix-map=/home/steven/git/cdebootstrap-0.7.6=. 
-specs=/usr/share/dpkg/pie-compile.specs -fstack-protector-strong -Wformat 
-Werror=format-security -std=gnu99 -c -o gpg.o ../../src/gpg.c
| ../../src/check.c: In function ‘check_deb’:
| ../../src/check.c:61:40: error: ‘di_package {aka struct di_package}’ has no 
member named ‘md5sum’
|return check_sum (target, "md5sum", p->md5sum, message);
| ^~
| ../../src/check.c: In function ‘check_packages’:
| ../../src/check.c:75:35: error: ‘di_release {aka struct di_release}’ has no 
member named ‘md5sum’
|item = di_hash_table_lookup (rel->md5sum, &key);
|^~

so it should be quite clear that they must implement a new hashing
algorithm;  and this makes absolutely sure they are not still using MD5
unintentionally (which was the case in #856215).

If my libdebian-installer patch is okay, I will submit the patches for
anna and cdebootstrap (bugs are already filed against them).  Hopefully
no other reverse-dependencies would be affected (because they do not use
the md5sums field, and the struct size is not changing);  though if they
do use, I'd prefer they FTBFS so that we find out.

Regards,
-- 
Steven Chamberlain
ste...@pyro.eu.org


signature.asc
Description: Digital signature

Bug#841526: pristine-tar: please use natural ordering when listing

[Mattia Rizzolo]

On Sun, Feb 26, 2017 at 08:33:33PM +0100, Tomasz Buchert wrote:
> After having some reservations about this, I decided to introduce it
> in the next release of pristine-tar (to be released after the release
> of stretch). However, this is "unofficial" in a sense that, yes, it's
> going to sort using "sort -Vr", but you should not rely on this in
> scripts, for example. Hope this works for you. :)

Yeah, it works just great for me indeed!  Thank you!

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#856064: libdbd-mysql-perl: reads of floats currupted as 0

[Brian May]

Brian May  writes:

> amavisd-new has already been removed from testing. I think the chances
> of getting it back in are remote - however I have asked the release team
> - see #856067.

The release gods^h^h^h^h^h team has spoken. They say they will accept
amavisd-new back in the archive:

"Not in a point release, but I'll cut you a deal: if the underlying bug in
libdbd-mysql-perl is fixed (but *without* the additional fixes Pali
mentions), and an unblock bug opened before 1st March, I'll unblock
amavisd-new and amavisd-milter for stretch."

"(no precedents, subject to future developments, blah, blah, etc, etc)."

So from my point of view, as it is two days until the 1st of March right
now (at least in my timezone) we need to get a fixed version of
libdbd-mysql-perl in unstable by tomorrow at the latest. Is this going
to be possible?

Thanks.
-- 
Brian May 

Bug#856236: unblock: bacula/7.4.4+dfsg-6 (pre-approval)

[Ivo De Decker]

Control: tags -1 confirmed moreinfo

Hi,

On Sun, Feb 26, 2017 at 08:30:48PM +0100, Carsten Leonhardt wrote:
> Please unblock package bacula
> 
> This fixes a bug that makes it impossible to successfully pass the
> initial hardware test when using bacula with a tape drive. Not being
> able to pass the test will leave users with the feeling their backups
> won't be ok.
> 
> A source debdiff is attached.
> 
> unblock bacula/7.4.4+dfsg-6

Please go ahead with the upload and remove the moreinfo tag from this bug once
the package is in unstable and built on all architectures.

Cheers,

Ivo

Bug#855608: unblock: diffoscope/78 (preapproval)

[Mattia Rizzolo]

On Sun, Feb 26, 2017 at 03:57:00PM +, Niels Thykier wrote:
> Please go ahead.

Thank you, uploaded.  The final debdiff:

% debdiff -p diffoscope_77.dsc diffoscope_78.dsc
diffstat for diffoscope-77 diffoscope-78

 debian/changelog|   18 ++
 diffoscope/__init__.py  |2 -
 diffoscope/comparators/directory.py |   44 
 diffoscope/comparators/elf.py   |2 -
 diffoscope/comparators/json.py  |2 -
 tests/comparators/test_binary.py|6 
 tests/comparators/test_device.py|6 ++--
 tests/comparators/test_rpm.py   |4 +--
 tests/comparators/utils/data.py |   12 +
 9 files changed, 64 insertions(+), 32 deletions(-)

diff -Nru diffoscope-77/debian/changelog diffoscope-78/debian/changelog
--- diffoscope-77/debian/changelog  2017-02-13 16:25:02.0 +0100
+++ diffoscope-78/debian/changelog  2017-02-26 17:26:48.0 +0100
@@ -1,3 +1,21 @@
+diffoscope (78) unstable; urgency=medium 
+
+  [ Brett Smith ]
+  * comparators.json:
++ Catch bad JSON errors on Python pre-3.5.  Closes: #855233
+
+  [ Chris Lamb ]
+  * tests:
++ Move normalize_zeros to more generic `utils.data` module.
++ Fix tests that call xxd fail on jessie due to output change.
+  Closes: #855239
+
+  [ Ed Maste ]
+  * comparators.directory:
++ Assume BSD-style stat(1) on FreeBSD.  Closes: #855169
+
+ -- Mattia Rizzolo   Sun, 26 Feb 2017 17:26:48 +0100
+
 diffoscope (77) unstable; urgency=medium
 
   [ Chris Lamb ]
diff -Nru diffoscope-77/diffoscope/comparators/directory.py 
diffoscope-78/diffoscope/comparators/directory.py
--- diffoscope-77/diffoscope/comparators/directory.py   2017-02-13 
13:24:56.0 +0100
+++ diffoscope-78/diffoscope/comparators/directory.py   2017-02-26 
17:23:10.0 +0100
@@ -45,25 +45,31 @@
 return all_files
 
 
-class Stat(Command):
-@tool_required('stat')
-def cmdline(self):
-return ['stat', self.path]
-
-FILE_RE = re.compile(r'^\s*File:.*$')
-DEVICE_RE = re.compile(r'Device: [0-9a-f]+h/[0-9]+d\s+')
-INODE_RE = re.compile(r'Inode: [0-9]+\s+')
-ACCESS_TIME_RE = re.compile(r'^Access: [0-9]{4}-[0-9]{2}-[0-9]{2}.*$')
-CHANGE_TIME_RE = re.compile(r'^Change: [0-9]{4}-[0-9]{2}-[0-9]{2}.*$')
-
-def filter(self, line):
-line = line.decode('utf-8')
-line = Stat.FILE_RE.sub('', line)
-line = Stat.DEVICE_RE.sub('', line)
-line = Stat.INODE_RE.sub('', line)
-line = Stat.ACCESS_TIME_RE.sub('', line)
-line = Stat.CHANGE_TIME_RE.sub('', line)
-return line.encode('utf-8')
+if os.uname()[0] == 'FreeBSD':
+class Stat(Command):
+@tool_required('stat')
+def cmdline(self):
+return ['stat', '-t', '%Y-%m-%d %H:%M:%S', '-f', '%Sp %l %Su %Sg 
%z %Sm %k %b %#Xf', self.path]
+else:
+class Stat(Command):
+@tool_required('stat')
+def cmdline(self):
+return ['stat', self.path]
+
+FILE_RE = re.compile(r'^\s*File:.*$')
+DEVICE_RE = re.compile(r'Device: [0-9a-f]+h/[0-9]+d\s+')
+INODE_RE = re.compile(r'Inode: [0-9]+\s+')
+ACCESS_TIME_RE = re.compile(r'^Access: [0-9]{4}-[0-9]{2}-[0-9]{2}.*$')
+CHANGE_TIME_RE = re.compile(r'^Change: [0-9]{4}-[0-9]{2}-[0-9]{2}.*$')
+
+def filter(self, line):
+line = line.decode('utf-8')
+line = Stat.FILE_RE.sub('', line)
+line = Stat.DEVICE_RE.sub('', line)
+line = Stat.INODE_RE.sub('', line)
+line = Stat.ACCESS_TIME_RE.sub('', line)
+line = Stat.CHANGE_TIME_RE.sub('', line)
+return line.encode('utf-8')
 
 
 @tool_required('lsattr')
diff -Nru diffoscope-77/diffoscope/comparators/elf.py 
diffoscope-78/diffoscope/comparators/elf.py
--- diffoscope-77/diffoscope/comparators/elf.py 2017-02-10 23:54:34.0 
+0100
+++ diffoscope-78/diffoscope/comparators/elf.py 2017-02-26 17:23:38.0 
+0100
@@ -398,7 +398,7 @@
 output = output[2:]
 output = output[5:]
 
-# Entires of readelf --section-headers have the following columns:
+# Entries of readelf --section-headers have the following columns:
 # [Nr]  Name  Type  Address  Off  Size  ES  Flg  Lk  Inf  Al
 self._sections = collections.OrderedDict()
 for line in output:
diff -Nru diffoscope-77/diffoscope/comparators/json.py 
diffoscope-78/diffoscope/comparators/json.py
--- diffoscope-77/diffoscope/comparators/json.py2017-01-14 
11:59:14.0 +0100
+++ diffoscope-78/diffoscope/comparators/json.py2017-02-26 
17:23:38.0 +0100
@@ -37,7 +37,7 @@
 with open(file.path) as f:
 try:
 file.parsed = json.load(f, 
object_pairs_hook=collections.OrderedDict)
-except json.JSONDecodeError:
+except ValueError:
 return False
 
 return True
di

Bug#856240: jessie-pu: package elog/2.9.2+2014.05.11git44800a7-2+deb8u1

[Roger Kalt]

Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu

Update closes bug https://bugs.debian.org/851909 which allows no login except
admin user.

-- System Information:
Debian Release: 8.7
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
diff -Nru elog-2.9.2+2014.05.11git44800a7/debian/changelog elog-2.9.2+2014.05.11git44800a7/debian/changelog
--- elog-2.9.2+2014.05.11git44800a7/debian/changelog	2016-09-17 23:32:15.0 +0200
+++ elog-2.9.2+2014.05.11git44800a7/debian/changelog	2017-02-12 20:20:33.0 +0100
@@ -1,3 +1,10 @@
+elog (2.9.2+2014.05.11git44800a7-2+deb8u2) jessie; urgency=medium
+
+  * update patch 0005_elogd_CVE-2016-6342_fix to grant access
+to logbooks also as normal login user (Closes: #851909)
+
+ -- Roger Kalt   Thu, 19 Jan 2017 22:45:52 +0100
+
 elog (2.9.2+2014.05.11git44800a7-2+deb8u1) jessie; urgency=medium
 
   * Added patch 0005_elogd_CVE-2016-6342_fix to fix posting entry as
diff -Nru elog-2.9.2+2014.05.11git44800a7/debian/patches/0005_elogd_CVE-2016-6342_fix elog-2.9.2+2014.05.11git44800a7/debian/patches/0005_elogd_CVE-2016-6342_fix
--- elog-2.9.2+2014.05.11git44800a7/debian/patches/0005_elogd_CVE-2016-6342_fix	2016-09-03 22:12:44.0 +0200
+++ elog-2.9.2+2014.05.11git44800a7/debian/patches/0005_elogd_CVE-2016-6342_fix	2017-02-02 21:28:38.0 +0100
@@ -42,7 +42,7 @@
  
 if (lbs->top_group[0] && (!top_group || strieq(top_group, "global"))) {
 -  if (is_admin_user("global", getparam("unm"))) {
-+  if (is_admin_user(lbs, getparam("unm"))) {
++  if (is_admin_user(NULL, getparam("unm"))) {
   if (lbs->top_group[0]) {
  
  sprintf(str, "global %s", lbs->top_group);
@@ -51,7 +51,7 @@
  
 if (is_group("global") && !strieq(top_group, "global")) {
 -  if (is_admin_user("global", getparam("unm"))) {
-+  if (is_admin_user(lbs, getparam("unm"))) {
++  if (is_admin_user(NULL, getparam("unm"))) {
   rsprintf("\n", loc("Delete this logbook"));
   rsprintf("\n", loc("Rename this logbook"));
   rsprintf("\n", loc("Create new logbook"));
@@ -139,7 +139,7 @@
  strcat(menu_str, "GetPwdFile, ");
  
 -if (is_admin_user("global", getparam("unm"))) {
-+if (is_admin_user(lbs, getparam("unm"))) {
++if (is_admin_user(NULL, getparam("unm"))) {
  
 if (lbs->top_group[0]) {
sprintf(str, "Change [global %s]", lbs->top_group);
@@ -175,7 +175,7 @@
   strcat(menu_str, "GetPwdFile, ");
  
 - if (is_admin_user("global", getparam("unm"))) {
-+ if (is_admin_user(lbs, getparam("unm"))) {
++ if (is_admin_user(NULL, getparam("unm"))) {
  
  if (lbs->top_group[0]) {
 sprintf(str, "Change [global %s]", lbs->top_group);
@@ -276,17 +276,7 @@
 
 getcfg(lbs->name, "Password file", str, sizeof(str));
  
-@@ -25438,16 +25455,27 @@
-   if (i == n)
-  return FALSE;
-}
-+
-+   /* make sure user is logged in */
-+   if (!logged_in(lbs))
-+  return FALSE;
-+
-return TRUE;
- }
+@@ -25443,11 +25460,17 @@
  
  /*--*/
  
@@ -305,18 +295,18 @@
  
 /* Removed user[0] for cloning, have to check implications, same below.
if (getcfg(logbook, "Admin user", str, sizeof(str)) && user[0]) { */
-@@ -25464,6 +25492,10 @@
+@@ -25464,6 +25487,10 @@
if (i == n)
   return FALSE;
 }
 +   /* make sure user is logged in */
-+   if (!logged_in(lbs))
++   if (lbs && !logged_in(lbs))
 +  return FALSE;
 +   
 return TRUE;
  }
  
-@@ -25487,6 +25519,7 @@
+@@ -25487,6 +25514,7 @@
if (i == n)
   return FALSE;
 }
@@ -324,6 +314,15 @@
 return TRUE;
  }
  
+@@ -25988,7 +26016,7 @@
+if (getcfg("global", "mirror server", str, sizeof(str))) {
+ 
+   /* only admin user sees synchronization link */
+-  if (is_admin_user("global", getparam("unm"))) {
++  if (is_admin_user(NULL, getparam("unm"))) {
+  rsprintf("\n");
+  rsprintf("\n");
+  rsprintf("%s\n", loc("Synchronize all logbooks"));
 --- a/src/elogd.h
 +++ b/src/elogd.h
 @@ -292,7 +292,7 @@

Bug#856142: ghostscript: CVE-2017-6196

[Salvatore Bonaccorso]

Control: tags -1 + patch

Attached proposed debdiff (not yet uploaded, neither to a delayed
queue).

Regards,
Salvatore
diff -Nru ghostscript-9.20~dfsg/debian/changelog 
ghostscript-9.20~dfsg/debian/changelog
--- ghostscript-9.20~dfsg/debian/changelog  2017-01-25 05:26:10.0 
+0100
+++ ghostscript-9.20~dfsg/debian/changelog  2017-02-26 21:03:15.0 
+0100
@@ -1,3 +1,11 @@
+ghostscript (9.20~dfsg-2.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Resolve image enumerator ownership on error (CVE-2017-6196)
+(Closes: #856142)
+
+ -- Salvatore Bonaccorso   Sun, 26 Feb 2017 21:03:15 +0100
+
 ghostscript (9.20~dfsg-2) unstable; urgency=medium
 
   * Add patch cherry-picked upstream to always print full PWG Raster
diff -Nru 
ghostscript-9.20~dfsg/debian/patches/1002-Resolve-image-enumerator-ownership-on-error.patch
 
ghostscript-9.20~dfsg/debian/patches/1002-Resolve-image-enumerator-ownership-on-error.patch
--- 
ghostscript-9.20~dfsg/debian/patches/1002-Resolve-image-enumerator-ownership-on-error.patch
 1970-01-01 01:00:00.0 +0100
+++ 
ghostscript-9.20~dfsg/debian/patches/1002-Resolve-image-enumerator-ownership-on-error.patch
 2017-02-26 21:03:15.0 +0100
@@ -0,0 +1,63 @@
+From ecceafe3abba2714ef9b432035fe0739d9b1a283 Mon Sep 17 00:00:00 2001
+From: Ken Sharp 
+Date: Mon, 20 Feb 2017 09:45:18 +
+Subject: [PATCH] Resolve image enumerator ownership on error
+
+Bug #697596 "Use-After-Free in i_free_object()"
+
+There is confusion over ownership of 'penum' between gx_begin_image1(),
+gx_begin_image4() and gx_image_enum_begin() which is called from these
+two functions (and only from these two functions).
+
+The enumerator is allocated in gx_begin_image?() and freed there if
+gx_image_enum_begin() returns an error. However, gx_image_enum_begin()
+also frees the enumerator on an error; except that it doesn't always do
+so. Its a large function and there are at least 9 ways to exit it, only
+4 of which free the enumerator.
+
+This commit removes the 'free' instances from gx_image_enum_begin()
+leaving the cleanup as the responsibility of the calling code, which
+performed the allocation.
+---
+ base/gxipixel.c | 4 
+ 1 file changed, 4 deletions(-)
+
+diff --git a/base/gxipixel.c b/base/gxipixel.c
+index c41d3b885..4eb654844 100644
+--- a/base/gxipixel.c
 b/base/gxipixel.c
+@@ -290,7 +290,6 @@ gx_image_enum_begin(gx_device * dev, const gs_gstate * pgs,
+ penum->Height = height;
+ 
+ if ((code = gx_image_compute_mat(pgs, pmat, &(pim->ImageMatrix), &mat)) < 
0) {
+-gs_free_object(mem, penum, "gx_default_begin_image");
+ return code;
+ }
+ /* Grid fit: A common construction in postscript/PDF files is for images
+@@ -587,7 +586,6 @@ gx_image_enum_begin(gx_device * dev, const gs_gstate * pgs,
+ }
+ if (masked) {   /* This is imagemask. */
+ if (bps != 1 || pcs != NULL || penum->alpha || decode[0] == 
decode[1]) {
+-gs_free_object(mem, penum, "gx_default_begin_image");
+ return_error(gs_error_rangecheck);
+ }
+ /* Initialize color entries 0 and 255. */
+@@ -607,7 +605,6 @@ gx_image_enum_begin(gx_device * dev, const gs_gstate * pgs,
+ 
+ spp = cs_num_components(pcs);
+ if (spp < 0) {  /* Pattern not allowed */
+-gs_free_object(mem, penum, "gx_default_begin_image");
+ return_error(gs_error_rangecheck);
+ }
+ if (penum->alpha)
+@@ -715,7 +712,6 @@ gx_image_enum_begin(gx_device * dev, const gs_gstate * pgs,
+ bsize = ((bps > 8 ? width * 2 : width) + 15) * spp;
+ buffer = gs_alloc_bytes(mem, bsize, "image buffer");
+ if (buffer == 0) {
+-gs_free_object(mem, penum, "gx_default_begin_image");
+ return_error(gs_error_VMerror);
+ }
+ penum->bps = bps;
+-- 
+2.11.0
+
diff -Nru ghostscript-9.20~dfsg/debian/patches/series 
ghostscript-9.20~dfsg/debian/patches/series
--- ghostscript-9.20~dfsg/debian/patches/series 2017-01-25 05:04:25.0 
+0100
+++ ghostscript-9.20~dfsg/debian/patches/series 2017-02-26 21:03:15.0 
+0100
@@ -7,6 +7,7 @@
 020161008~f5c7555.patch
 020161026~0726780.patch
 1001_fix_openjp2_dynamic_linking.patch
+1002-Resolve-image-enumerator-ownership-on-error.patch
 2001_docdir_fix_for_debian.patch
 2002_gs_man_fix_debian.patch
 2003_support_multiarch.patch

Bug#850692: pyrit: failed with 'BitEnumField' object has no attribute 'names'

[Christian Kastner]

Hi all,

first of all, apologies for the late reply. I moved in February, and I'm
still in the process of settling in. I have still to unpack my
development machine...

On 2017-02-14 09:39, Raphael Hertzog wrote:
> On Mon, 09 Jan 2017, Sophie Brun wrote:
>> AttributeError: 'BitEnumField' object has no attribute 'names'
> [...]
>> Consider joining the pkg-security team, we could co-maintain pyrit there:
>> https://wiki.debian.org/Teams/pkg-security

I would very much be interested in moving this to pkg-security. Even
further -- if anyone is interested in taking over as primary maintainer,
I'd be happy to step down, as I am no longer an active user of pyrit.
Otherwise, I'll continue maintaining it.

> you haven't replied to this bug in more than a month. Someone upgraded it
> to RC severity because the package FTBFS actually.
> 
> So we should handle it promptly now. In the pkg-security team, we're
> willing to help you on this package... please reply and let us know how to
> proceed.

Please go ahead and upload anything you want/need. I don't think I will
be able to implement any changes myself prior to 2017-03-04.

If anyone could cake a look at #855166 (a new FTBFS), that would be
great. Otherwise I'll do that on the upcoming weekend.

> If I don't hear back from you, I'll assume that it's ok to move the
> package to pkg-security.

Full ACK on moving to pkg-security.

Regards,
Chrsitian



signature.asc
Description: OpenPGP digital signature

Bug#856004: khtml: please build-depen on libssl1.0-dev for Stretch

[Sebastian Andrzej Siewior]

On 2017-02-26 20:31:23 [+0100], Pino Toscano wrote:
> In data domenica 26 febbraio 2017 20:15:25 CET, John Paul Adrian Glaubitz ha 
> scritto:
> > On 02/26/2017 07:48 PM, Sebastian Andrzej Siewior wrote:
> > > I don't insist on anything. I noticed that this package does not depend on
> > > libssl after building and that is why I took a look.
> 
> That is because it dlopen's libssl at runtime.
> 
> > Interesting. So, I guess the best option would actually to drop the B-D on
> > libssl-dev completely. I have checked it myself and indeed libkf5khtml5 does
> > not depend on libssl at all. Plus, the package also builds fine with the
> > build dependency on libssl-dev completely removed.
> 
> That is because it is an optional dependency.
> 
> > Lisandro, maybe just dropping the build dependency on libssl-dev would be
> > the best option if it's actually not used at all?
> 
> NACK.

Yes, correct. There are a few symbols that export key creation and signing (or
something like that) so if you build this package without ssl then those
symbols are missing which would require a transition :)

Again. If someone who knows that package can say that it works with fine 1.1
and the missing symbols don't matter and it won't clash with 1.0 in any way
then feel free to close this. We are in freeze after all.

Sebastian

Bug#856036: screen sharing is not working and vino is segfaulting when started manually

[Andreas Henriksson]

Hello Pirate Praveen,

On Fri, Feb 24, 2017 at 07:31:24PM +0530, Pirate Praveen wrote:
> package: vino
> version: 3.22.0-1
> severity: grave
> justification: makes the package unuseable
> 
> I'm not able to share desktop using vino (5900 socket is not open) and
> when I manually start vino-server I get segmentation fault
[...]

My guess is that you're trying to run vino under a GNOME *Wayland* session,
right?

As designed vino is tied to the X server. It's not targeted for porting
to Wayland. AIUI capturing the entire screen is simply not allowed
for security reasons under wayland. Remoting functionality needs to be
implemented at a different level in the stack on Wayland (and vino
is not part of the solution at all).

Regards,
Andreas Henriksson

Bug#856239: certbot: build-dep on dh-systemd is obsolete

[Daniel Kahn Gillmor]

Package: certbot
Version: 0.10.2-1
Severity: normal

certbot has a Build-Depends: on dh-systemd.

But the functionality of dh-system is provided by modern dh itself,
and dh-systemd is a dummy transitional package.

Please drop the unnecessary build-depends from certbot :)

Thanks for maintaining Let's Encrypt stuff in debian!

   --dkg

-- System Information:
Debian Release: 9.0
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing'), (200, 
'unstable-debug'), (200, 'unstable'), (1, 'experimental-debug'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages certbot depends on:
ii  init-system-helpers  1.47
ii  python-certbot   0.10.2-1
pn  python:any   

certbot recommends no packages.

Versions of packages certbot suggests:
pn  python-certbot-apache  
pn  python-certbot-doc 

-- no debconf information

Bug#845710: removed Vcs fields

[Tim Kuijsten]

On Fri, Feb 17, 2017 at 11:36:57PM +0900, Roger Shimizu wrote:
> On Thu, Feb 9, 2017 at 10:59 PM, Tim Kuijsten  wrote:
> > The Vcs-* links are removed since the debian directory is not included in 
> > the official repo.
> 
> I guess you misunderstand Sean's words.
> 
> There're two types of Vcs:
>  - upstream Vcs, which should not contain debian/ folder. (but if it
> contains debian/, it should still have way to work out)
>  - debian packaing Vcs, which Sean requested you to make
> 
> BTW. Vcs-* in d/control file is the 2nd type listed above.
> So please create one with your packaging files, and add the Vcs info
> back to d/control.

For the sake of simplicity I have added the debian directory to my main 
repository. Hope this is good enough.

-Tim

> Thanks!
> 
> Cheers,
> -- 
> Roger Shimizu, GMT +9 Tokyo
> PGP/GPG: 4096R/6C6ACD6417B3ACB1

Bug#854740: slixmpp: diff for NMU version 1.2.2-1.1

[Markus Koschany]

Control: tags 854740 + patch
Control: tags 854740 + pending

Dear maintainer,

I've prepared an NMU for slixmpp (versioned as 1.2.2-1.1) and
uploaded it to unstable. Please find attached the debdiff.

Regards,

Markus
diff -Nru slixmpp-1.2.2/debian/changelog slixmpp-1.2.2/debian/changelog
--- slixmpp-1.2.2/debian/changelog	2016-11-29 17:19:17.0 +0100
+++ slixmpp-1.2.2/debian/changelog	2017-02-26 20:31:13.0 +0100
@@ -1,3 +1,14 @@
+slixmpp (1.2.2-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix CVE-2017-5591:
+An incorrect implementation of XEP-0280: Message Carbons in slixmpp allows
+a remote attacker to impersonate any user, including contacts, in the
+vulnerable application's display. This allows for various kinds of social
+engineering attacks. (Closes: #854740)
+
+ -- Markus Koschany   Sun, 26 Feb 2017 20:31:13 +0100
+
 slixmpp (1.2.2-1) unstable; urgency=medium
 
   * New upstream version:
diff -Nru slixmpp-1.2.2/debian/patches/CVE-2017-5591.patch slixmpp-1.2.2/debian/patches/CVE-2017-5591.patch
--- slixmpp-1.2.2/debian/patches/CVE-2017-5591.patch	1970-01-01 01:00:00.0 +0100
+++ slixmpp-1.2.2/debian/patches/CVE-2017-5591.patch	2017-02-26 20:31:13.0 +0100
@@ -0,0 +1,34 @@
+From: Markus Koschany 
+Date: Sun, 26 Feb 2017 20:28:43 +0100
+Subject: CVE-2017-5591
+
+An incorrect implementation of XEP-0280: Message Carbons in slixmpp allows a
+remote attacker to impersonate any user, including contacts, in the vulnerable
+application's display. This allows for various kinds of social engineering
+attacks.
+
+Bug-Debian: https://bugs.debian.org/854740
+Origin: https://github.com/poezio/slixmpp/commit/22664ee7b86c8e010f312b66d12590fb471
+---
+ slixmpp/plugins/xep_0280/carbons.py | 6 --
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/slixmpp/plugins/xep_0280/carbons.py b/slixmpp/plugins/xep_0280/carbons.py
+index 261238b..aa71f7f 100644
+--- a/slixmpp/plugins/xep_0280/carbons.py
 b/slixmpp/plugins/xep_0280/carbons.py
+@@ -61,10 +61,12 @@ class XEP_0280(BasePlugin):
+ self.xmpp.plugin['xep_0030'].add_feature('urn:xmpp:carbons:2')
+ 
+ def _handle_carbon_received(self, msg):
+-self.xmpp.event('carbon_received', msg)
++if msg['from'].bare == self.xmpp.boundjid.bare:
++self.xmpp.event('carbon_received', msg)
+ 
+ def _handle_carbon_sent(self, msg):
+-self.xmpp.event('carbon_sent', msg)
++if msg['from'].bare == self.xmpp.boundjid.bare:
++self.xmpp.event('carbon_sent', msg)
+ 
+ def enable(self, ifrom=None, timeout=None, callback=None,
+timeout_callback=None):
diff -Nru slixmpp-1.2.2/debian/patches/series slixmpp-1.2.2/debian/patches/series
--- slixmpp-1.2.2/debian/patches/series	2016-11-29 17:01:50.0 +0100
+++ slixmpp-1.2.2/debian/patches/series	2017-02-26 20:31:13.0 +0100
@@ -1 +1,2 @@
 disable-incorrect-tests.patch
+CVE-2017-5591.patch

Bug#856201: irssi: slow startup

[Ailin Nemui]

Hi, if you are serious about finding this problem it would be best if you could 
git bisect the code to pin point the changeset responsible 

On Sun, 26 Feb 2017 15:24:39 +0200 Alberto Garcia  wrote:
> Package: irssi
> Version: 1.0.1-1
> Severity: normal
> 
> Hello,
> 
> this is not a big problem so feel free to close it or reduce its
> severity, but I'm reporting it anyway because it looks like a bug
> rather than a side effect of the growing complexity of the program.
> 
> Since I upgraded to Irssi 1.0.0 I noticed that it takes a couple of
> seconds to start (that is, the time before the UI is ready and you can
> start to type things).
> 
> This is not a big thing and is only mildly annoying, but it caught my
> attention because the Irssi startup time had always been instantaneous
> before that, and now it's slower than Emacs or the Epiphany web
> browser in my computer.
> 
> I tried with an empty .irssi directory and without the irssi-scripts
> package in case it makes a difference, but it makes none.
> 
> Berto
> 
> -- System Information:
> Debian Release: 9.0
>   APT prefers unstable
>   APT policy: (500, 'unstable'), (500, 'testing')
> Architecture: amd64 (x86_64)
> 
> Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
> Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
> 
> Versions of packages irssi depends on:
> ii  libc6   2.24-9
> ii  libglib2.0-02.50.2-2
> ii  libperl5.24 5.24.1-1
> ii  libssl1.1   1.1.0e-1
> ii  libtinfo5   6.0+20161126-1
> ii  perl5.24.1-1
> ii  perl-base [perlapi-5.24.1]  5.24.1-1
> 
> irssi recommends no packages.
> 
> Versions of packages irssi suggests:
> ii  irssi-scripts  20160301
> 
> -- no debconf information
> 
> 

-- 
Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet.

Bug#856238: residualvm: unused B-D on libfaad-dev

[Sebastian Ramacher]

Source: residualvm
Version: 0.2.1+dfsg-3
Severity: normal

residualvm has an unused build dependency on libfaad-dev. In case libfaad-dev is
no longer needed, please remove it from Build-Depends.

Cheers
-- 
Sebastian Ramacher


signature.asc
Description: PGP signature

Bug#856232: routino-www: Data files in /var/lib/routino/data not created

[Sebastiaan Couwenberg]

Control: severity -1 important
Control: tags -1 moreinfo

Hi Morten,

On 02/26/2017 08:19 PM, Morten Bo Johansen wrote:
> Having installed and reinstalled both of the packages routino
> and routino-www, I notice that the data files
> 
>   nodes.mem, relations.mem, segments.mem and ways.mem
> 
> that, according to the README.Debian file in the routino
> package, are supposed to have been created by the program
> "planetsplitter", have actually not been created.

You need to run planetsplitter to create these files, have you done that?

The planetsplitter --dir option specifies the location where to store
the generated data files.

> I am not sure if that is the reason that the entire map area in
> the routino-www program is empty?

Probably.

Kind Regards,

Bas

-- 
 GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146  50D1 6750 F10A E88D 4AF1

Bug#856206: fix it package name

[Kerim Ölçer]

gimarereader->gimagereader

Bug#856004: khtml: please build-depen on libssl1.0-dev for Stretch

[Scott Kitterman]

On February 26, 2017 2:15:25 PM EST, John Paul Adrian Glaubitz 
 wrote:
>On 02/26/2017 07:48 PM, Sebastian Andrzej Siewior wrote:
>> I don't insist on anything. I noticed that this package does not
>depend on
>> libssl after building and that is why I took a look.
>
>Interesting. So, I guess the best option would actually to drop the B-D
>on
>libssl-dev completely. I have checked it myself and indeed libkf5khtml5
>does
>not depend on libssl at all. Plus, the package also builds fine with
>the
>build dependency on libssl-dev completely removed.
>
>Lisandro, maybe just dropping the build dependency on libssl-dev would
>be
>the best option if it's actually not used at all?

We shouldn't be changing the way a package builds during freeze.  It was last 
built with openssl 1.0, so that's what we should have for now.

Scott K

Bug#841526: pristine-tar: please use natural ordering when listing

[Tomasz Buchert]

On 23/10/16 19:24, Mattia Rizzolo wrote:
> On Sun, Oct 23, 2016 at 09:09:53PM +0200, Tomasz Buchert wrote:
> > What about piping "pristine-tar list" to "sort -V"?
>
> Sure, that works, but IMHO this should be done by pristine-tar itself.
> Actually I've never been so bothered to pipe it through `sort -V`, and I
> filed this bug just to ease a itch, but I do think it would be an
> improvement :)
>

After having some reservations about this, I decided to introduce it
in the next release of pristine-tar (to be released after the release
of stretch). However, this is "unofficial" in a sense that, yes, it's
going to sort using "sort -Vr", but you should not rely on this in
scripts, for example. Hope this works for you. :)

Tomasz


signature.asc
Description: PGP signature

Bug#856237: galera-3: FTBFS on hppa - tests fail

[John David Anglin]

Package: galera-3
Version: 25.3.19-2
Severity: normal

Dear Maintainer,

The build appear to fail due to the following error but there may be
more issues:

Running suite(s): GCS component message
100%: Checks: 1, Failures: 0, Errors: 0
Running suite(s): GCS send monitor
80%: Checks: 5, Failures: 1, Errors: 0
gcs/src/unit_tests/gcs_sm_test.cpp:283:F:gcs_sm:gcs_sm_test_pause:0: Failure 
'tmp <= paused_ns' occurred
Running suite(s): GCS state message
100%: Checks: 4, Failures: 0, Errors: 0
Running suite(s): GCS FIFO functions
100%: Checks: 1, Failures: 0, Errors: 0
Running suite(s): GCS core protocol
100%: Checks: 1, Failures: 0, Errors: 0
Running suite(s): GCS defragmenter
100%: Checks: 1, Failures: 0, Errors: 0
Running suite(s): GCS node context
100%: Checks: 1, Failures: 0, Errors: 0
Running suite(s): GCS membership changes
100%: Checks: 1, Failures: 0, Errors: 0
Running suite(s): GCS group context
100%: Checks: 1, Failures: 0, Errors: 0
Running suite(s): GCS backend interface
100%: Checks: 1, Failures: 0, Errors: 0
Running suite(s): GCS core context
100%: Checks: 2, Failures: 0, Errors: 0
Running suite(s): GCS state transfer FC
100%: Checks: 3, Failures: 0, Errors: 0
Total test failed: 1
scons: *** [gcs/src/unit_tests/gcs_tests.passed] Error 1
scons: building terminated because of errors.

Full build log is here:
https://buildd.debian.org/status/fetch.php?pkg=galera-3&arch=hppa&ver=25.3.19-2&stamp=1488102450&raw=0

Regards,
Dave Anglin


-- System Information:
Debian Release: 9.0
  APT prefers buildd-unstable
  APT policy: (500, 'buildd-unstable'), (500, 'unstable')
Architecture: hppa (parisc64)

Kernel: Linux 4.10.0 (SMP w/4 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=UTF-8) (ignored: LC_ALL set to en_US.utf8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Bug#855433: devscripts: wrap-and-sort: Add missing build dependency fields

[James McCoy]

On Sun, Feb 26, 2017 at 08:07:30PM +0100, Dominique Dumont wrote:
> On Saturday, 18 February 2017 01:56:37 CET Guillem Jover wrote:
> > +"Build-Depends-Arch",
> 
> I'm confused...
> 
> Debian policy [1] mentions "There is no Build-Depends-Arch; this role is 
> essentially met with Build-Depends. ".

Well, policy lags reality since it's documentation of what is
established.  Build-Depends-Arch has been implemented in dpkg since
1.16.4 (uploaded in June 2012).

See #823910 for the policy changes.

Cheers,
-- 
James
GPG Key: 4096R/91BF BF4D 6956 BD5D F7B7  2D23 DFE6 91AE 331B A3DB

Bug#856236: unblock: bacula/7.4.4+dfsg-6 (pre-approval)

[Carsten Leonhardt]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package bacula

This fixes a bug that makes it impossible to successfully pass the
initial hardware test when using bacula with a tape drive. Not being
able to pass the test will leave users with the feeling their backups
won't be ok.

A source debdiff is attached.

unblock bacula/7.4.4+dfsg-6

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

diff -Nru bacula-7.4.4+dfsg/debian/changelog bacula-7.4.4+dfsg/debian/changelog
--- bacula-7.4.4+dfsg/debian/changelog  2017-01-19 11:14:44.0 +0100
+++ bacula-7.4.4+dfsg/debian/changelog  2017-02-26 13:39:25.0 +0100
@@ -1,3 +1,10 @@
+bacula (7.4.4+dfsg-6) unstable; urgency=medium
+
+  [Sven Hartge]
+  * Backport fix for btape fill test from 7.4.5 (Closes: #855645)
+
+ -- Carsten Leonhardt   Sun, 26 Feb 2017 13:39:25 +0100
+
 bacula (7.4.4+dfsg-5) unstable; urgency=medium
 
   * Fix FTBS for build-indep
diff -Nru bacula-7.4.4+dfsg/debian/patches/fix-btape-fill.patch 
bacula-7.4.4+dfsg/debian/patches/fix-btape-fill.patch
--- bacula-7.4.4+dfsg/debian/patches/fix-btape-fill.patch   1970-01-01 
01:00:00.0 +0100
+++ bacula-7.4.4+dfsg/debian/patches/fix-btape-fill.patch   2017-02-26 
13:39:25.0 +0100
@@ -0,0 +1,33 @@
+Origin: 
http://www.bacula.org/git/cgit.cgi/bacula/commit/?id=991d8a595657086eca1d2cd1f69246c68ef15511
+Date: Sat, 28 Jan 2017 14:08:05 +0100
+Description: Remove debug code that breaks btape fill
+Bug-Debian: 855645
+
+---
+ src/stored/block_util.c | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/src/stored/block_util.c b/src/stored/block_util.c
+index 3d67de9..657e9b1 100644
+--- a/src/stored/block_util.c
 b/src/stored/block_util.c
+@@ -1,7 +1,7 @@
+ /*
+Bacula(R) - The Network Backup Solution
+ 
+-   Copyright (C) 2000-2016 Kern Sibbald
++   Copyright (C) 2000-2017 Kern Sibbald
+ 
+The original author of Bacula is Kern Sibbald, with contributions
+from many others, a complete list can be found in the file AUTHORS.
+@@ -205,8 +205,6 @@ void empty_block(DEV_BLOCK *block)
+Dmsg3(200, "empty len=%d block=%p set binbuf=%d\n",
+  block->buf_len, block, block->binbuf);
+block->bufp = block->buf + block->binbuf;
+-   block->buf[0] = 0;/* clear for debugging */
+-   block->bufp[0] = 0;   /* clear for debugging */
+block->read_len = 0;
+block->write_failed = false;
+block->block_read = false;
+-- 
+cgit v0.11.2
diff -Nru bacula-7.4.4+dfsg/debian/patches/series 
bacula-7.4.4+dfsg/debian/patches/series
--- bacula-7.4.4+dfsg/debian/patches/series 2017-01-17 17:56:01.0 
+0100
+++ bacula-7.4.4+dfsg/debian/patches/series 2017-02-26 13:32:21.0 
+0100
@@ -8,3 +8,4 @@
 fix-scriptdir-examples-devices.patch
 enable-hardening-for-bat.patch
 non-forking-systemd-units.patch
+fix-btape-fill.patch

Bug#856004: khtml: please build-depen on libssl1.0-dev for Stretch

[Pino Toscano]

In data domenica 26 febbraio 2017 20:15:25 CET, John Paul Adrian Glaubitz ha 
scritto:
> On 02/26/2017 07:48 PM, Sebastian Andrzej Siewior wrote:
> > I don't insist on anything. I noticed that this package does not depend on
> > libssl after building and that is why I took a look.

That is because it dlopen's libssl at runtime.

> Interesting. So, I guess the best option would actually to drop the B-D on
> libssl-dev completely. I have checked it myself and indeed libkf5khtml5 does
> not depend on libssl at all. Plus, the package also builds fine with the
> build dependency on libssl-dev completely removed.

That is because it is an optional dependency.

> Lisandro, maybe just dropping the build dependency on libssl-dev would be
> the best option if it's actually not used at all?

NACK.

-- 
Pino Toscano

signature.asc
Description: This is a digitally signed message part.

Bug#856235: mlt: unused B-D on libquicktime-dev

[Sebastian Ramacher]

Source: mlt
Version: 6.4.1-3
Severity: normal

mlt currently has a build dependency on libquicktime-dev, but none of the
binaries depends on libquicktime*. If the build dependency is no longer needed,
please remove it.

Cheers
-- 
Sebastian Ramacher


signature.asc
Description: PGP signature

Bug#856234: haskell-cryptol FTBFS on !x86: #error unknown max width for gmp on this architecture

[Adrian Bunk]

Source: haskell-cryptol
Version: 2.4.0-2
Severity: important

https://buildd.debian.org/status/package.php?p=haskell-cryptol&suite=sid

...
src/Cryptol/Eval/Arch.hs:25:2: error:
 error: #error unknown max width for gmp on this architecture
 #error unknown max width for gmp on this architecture
  ^
`gcc' failed in phase `C pre-processor'. (Exit code: 1)
/usr/share/cdbs/1/class/hlibrary.mk:147: recipe for target 'build-ghc-stamp' 
failed
make: *** [build-ghc-stamp] Error 1

Bug#856221: unblock: debian-edu/1.920

[Holger Levsen]

control: tags -1 - d-i
thanks

Hi Ivo,

On Sun, Feb 26, 2017 at 07:44:34PM +0100, Ivo De Decker wrote:
> Control: tags -1 confirmed d-i
> 
> On Sun, Feb 26, 2017 at 07:14:28PM +0100, Holger Levsen wrote:
> > Please unblock package debian-edu, it fixes an important bug, #854519:
> 
> Unblocked. This also need a d-i ack for the unblock-udeb.

nope, this is about src:debian-edu which has no udebs.

I considered asking unblocking src:debian-edu-install (which has udebs) but
for now decided against, as there's only one translation update in it, so I
pondered it's better to wait with this, maybe there will be more translations
coming in future…


-- 
cheers,
Holger


signature.asc
Description: Digital signature

Bug#856233: edtsurf FTBFS on architectures where char is unsigned

[Adrian Bunk]

Source: edtsurf
Version: 0.2009-3
Severity: serious
Tags: stretch sid

From an armhf build:

...
make[1]: Entering directory '/home/debian/edtsurf-0.2009'
g++ -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2 
-fdebug-prefix-map=/home/debian/edtsurf-0.2009=. -fstack-protector-strong 
-Wformat -Werror=format-security -c ParsePDB.cpp -o ParsePDB.o
In file included from ParsePDB.cpp:12:0:
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
 1,1,1, 1,1,-1, 1,-1,1, -1,1,1, 1,-1,-1, -1,-1,1, -1,1,-1, -1,-1,-1};
   ^
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
CommonPara.h:49:67: error: narrowing conversion of ‘-1’ from ‘int’ to ‘char’ 
inside { } [-Wnarrowing]
ParsePDB.cpp: In member function ‘bool ParsePDB::loadpdb(char*)’:
ParsePDB.cpp:1462:28: warning: ignoring return value of ‘char* fgets(char*, 
int, FILE*)’, declared with attribute warn_unused_result [-Wunused-result]
   fgets(oneline,255,filein);
^
Makefile:7: recipe for target 'ParsePDB.o' failed
make[1]: *** [ParsePDB.o] Error 1
make[1]: Leaving directory '/home/debian/edtsurf-0.2009'
dh_auto_build: make -j1 returned exit code 2
debian/rules:8: recipe for target 'build' failed
make: *** [build] Error 2
dpkg-buildpackage: error: debian/rules build gave error exit status 2

Bug#856232: routino-www: Data files in /var/lib/routino/data not created

[Morten Bo Johansen]

Package: routino-www
Version: 3.1.1-4
Severity: grave
Justification: renders package unusable

Dear Maintainer,

Having installed and reinstalled both of the packages routino
and routino-www, I notice that the data files

  nodes.mem, relations.mem, segments.mem and ways.mem

that, according to the README.Debian file in the routino
package, are supposed to have been created by the program
"planetsplitter", have actually not been created.

I am not sure if that is the reason that the entire map area in
the routino-www program is empty?

Thanks,
Morten

-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=da_DK.utf-8, LC_CTYPE=da_DK.utf-8 (charmap=UTF-8) (ignored: LC_ALL 
set to da_DK.utf-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages routino-www depends on:
ii  apache2 [httpd]2.4.25-3
ii  javascript-common  11
ii  libjs-leaflet  0.7.7+20160312-1
pn  perl:any   
ii  routino3.1.1-4

routino-www recommends no packages.

routino-www suggests no packages.

-- no debconf information

Bug#856231: qpxtool FTBFS on architectures where char is unsigned

[Adrian Bunk]

Source: qpxtool
Version: 0.7.2-4
Severity: serious
Tags: stretch sid

From an armhf build:

...
g++ -g -O2 -fdebug-prefix-map=/home/debian/qpxtool-0.7.2=. 
-fstack-protector-strong -Wformat -Werror=format-security -Wall -O2 -fPIC 
-DOFFT_64BIT -DHAVE_FOPEN64 -DHAVE_FSEEKO -DUSE_LIBPNG   -I. -I./include 
-I../include -Wdate-time -D_FORTIFY_SOURCE=2  -c -o qpx_mmc.o qpx_mmc.cpp
qpx_mmc.cpp:1807:2: warning: #warning DVD+RW total sectors reading [-Wcpp]
 #warning DVD+RW total sectors reading
  ^~~
In file included from ./include/qpx_mmc.h:24:0,
 from qpx_mmc.cpp:22:
./include/qpx_mmc_defs.h:609:1: error: narrowing conversion of ‘-1’ from ‘int’ 
to ‘char’ inside { } [-Wnarrowing]
 };
 ^
./include/qpx_mmc_defs.h:609:1: error: narrowing conversion of ‘-1’ from ‘int’ 
to ‘char’ inside { } [-Wnarrowing]
qpx_mmc.cpp: In function ‘int set_cd_speed(drive_info*)’:
qpx_mmc.cpp:2694:3: warning: this ‘if’ clause does not guard... 
[-Wmisleading-indentation]
   if (!drive->silent) sperror ("SET_CD_SPEED",drive->err); return (drive->err);
   ^~
qpx_mmc.cpp:2694:60: note: ...this statement, but the latter is misleadingly 
indented as if it is guarded by the ‘if’
   if (!drive->silent) sperror ("SET_CD_SPEED",drive->err); return (drive->err);
^~
qpx_mmc.cpp: In function ‘int plextor_px755_get_auth_code(drive_info*, unsigned 
char*)’:
qpx_mmc.cpp:3122:3: warning: this ‘for’ clause does not guard... 
[-Wmisleading-indentation]
   for (int i=0; i<16; i++) printf("0x%02X ",dev->rd_buf[i]&0xFF); printf("\n");
   ^~~
qpx_mmc.cpp:3122:67: note: ...this statement, but the latter is misleadingly 
indented as if it is guarded by the ‘for’
   for (int i=0; i<16; i++) printf("0x%02X ",dev->rd_buf[i]&0xFF); printf("\n");
   ^~
: recipe for target 'qpx_mmc.o' failed
make[3]: *** [qpx_mmc.o] Error 1

Bug#856004: khtml: please build-depen on libssl1.0-dev for Stretch

[John Paul Adrian Glaubitz]

On 02/26/2017 07:48 PM, Sebastian Andrzej Siewior wrote:
> I don't insist on anything. I noticed that this package does not depend on
> libssl after building and that is why I took a look.

Interesting. So, I guess the best option would actually to drop the B-D on
libssl-dev completely. I have checked it myself and indeed libkf5khtml5 does
not depend on libssl at all. Plus, the package also builds fine with the
build dependency on libssl-dev completely removed.

Lisandro, maybe just dropping the build dependency on libssl-dev would be
the best option if it's actually not used at all?

Adrian

-- 
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer - glaub...@debian.org
`. `'   Freie Universitaet Berlin - glaub...@physik.fu-berlin.de
  `-GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913

Bug#851196: Fixed in delayed NMU

[Hilko Bengen]

control: tag -1 pending
control: user debian-rele...@lists.debian.org
control: usertag -1 bsp-2017-02-de-Berlin
control: usertag 856226 bsp-2017-02-de-Berlin

I have (hopefully) fixed these bugs by uploading a new upstream snapshot
to DELAYED/15, see #856226.

Cheers,
-Hilko

Bug#856223: unblock: profanity/0.4.7-1.1

[Tomasz Buchert]

Control: tag -1 -moreinfo

On 26/02/17 18:51, Jonathan Wiltshire wrote:
> Control: tag -1 confirmed moreinfo
>
> [...]
>
> You should close the bug in your changelog, and you do not mention the
> metadata changes in patch fix_spelling_error. With those corrections,
> please go ahead and remove the moreinfo tag from this bug.
>
> Thanks,

Done. I attach a new debdiff as well.

Tomasz
diff -Nru profanity-0.4.7/debian/changelog profanity-0.4.7/debian/changelog
--- profanity-0.4.7/debian/changelog	2015-09-26 16:47:33.0 +0200
+++ profanity-0.4.7/debian/changelog	2017-02-25 18:29:37.0 +0100
@@ -1,3 +1,11 @@
+profanity (0.4.7-1.1) testing-proposed-updates; urgency=medium
+
+  * Non-maintainer upload
+  * Fix CVE-2017-5592 (Closes: #854735)
+  * Update debian/patches with gbp import/export (side effect of the above fix)
+
+ -- Tomasz Buchert   Sat, 25 Feb 2017 18:29:37 +0100
+
 profanity (0.4.7-1) unstable; urgency=medium
 
   * Imported Upstream version 0.4.7
@@ -43,4 +51,3 @@
   * Initial release (Closes: #745872)
 
  -- Dariusz Dwornikowski   Wed, 27 Aug 2014 12:34:59 +0200
-
diff -Nru profanity-0.4.7/debian/patches/0002-Import-the-patch-fixing-CVE-2017-5592.patch profanity-0.4.7/debian/patches/0002-Import-the-patch-fixing-CVE-2017-5592.patch
--- profanity-0.4.7/debian/patches/0002-Import-the-patch-fixing-CVE-2017-5592.patch	1970-01-01 01:00:00.0 +0100
+++ profanity-0.4.7/debian/patches/0002-Import-the-patch-fixing-CVE-2017-5592.patch	2017-02-25 18:29:37.0 +0100
@@ -0,0 +1,41 @@
+From: Tomasz Buchert 
+Date: Sat, 25 Feb 2017 17:01:33 +0100
+Subject: Import the patch fixing CVE-2017-5592.
+
+The patch was provided by the upstream author.
+---
+ src/xmpp/message.c   | 7 +++
+ tests/functionaltests/test_carbons.c | 2 +-
+ 2 files changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/src/xmpp/message.c b/src/xmpp/message.c
+index 5581521..f6bb864 100644
+--- a/src/xmpp/message.c
 b/src/xmpp/message.c
+@@ -687,6 +687,13 @@ _handle_carbons(xmpp_stanza_t * const stanza)
+ return FALSE;
+ }
+ 
++Jid *my_jid = jid_create(jabber_get_fulljid());
++const char *const stanza_from = xmpp_stanza_get_attribute(stanza, STANZA_ATTR_FROM);
++if (g_strcmp0(my_jid->barejid, stanza_from) != 0) {
++log_warning("Invalid carbon received, from: %s", stanza_from);
++return TRUE;
++}
++
+ char *name = xmpp_stanza_get_name(carbons);
+ if ((g_strcmp0(name, "received") == 0) || (g_strcmp0(name, "sent")) == 0) {
+ xmpp_stanza_t *forwarded = xmpp_stanza_get_child_by_ns(carbons, STANZA_NS_FORWARD);
+diff --git a/tests/functionaltests/test_carbons.c b/tests/functionaltests/test_carbons.c
+index 96639d6..3bbe65d 100644
+--- a/tests/functionaltests/test_carbons.c
 b/tests/functionaltests/test_carbons.c
+@@ -70,7 +70,7 @@ receive_carbon(void **state)
+ prof_output_exact("unencrypted");
+ 
+ stbbr_send(
+-""
++""
+ ""
+ ""
+ ""
diff -Nru profanity-0.4.7/debian/patches/fix_spelling_error profanity-0.4.7/debian/patches/fix_spelling_error
--- profanity-0.4.7/debian/patches/fix_spelling_error	2015-09-26 16:47:33.0 +0200
+++ profanity-0.4.7/debian/patches/fix_spelling_error	2017-02-25 18:29:37.0 +0100
@@ -1,10 +1,16 @@
-Author: Dariusz Dwornikowski  
-Subject: Fix spelling errors
-Last-Update: 2015-09-25
-Forwarded: not-needed
+From: Dariusz Dwornikowski 
+Date: Sat, 25 Feb 2017 17:03:17 +0100
+Subject: Fix spelling errors.
+
+---
+ src/xmpp/iq.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/xmpp/iq.c b/src/xmpp/iq.c
+index 496e9ca..6466eb5 100644
 --- a/src/xmpp/iq.c
 +++ b/src/xmpp/iq.c
-@@ -861,13 +861,13 @@
+@@ -861,13 +861,13 @@ _version_result_handler(xmpp_conn_t * const conn, xmpp_stanza_t * const stanza,
  
  xmpp_stanza_t *query = xmpp_stanza_get_child_by_name(stanza, STANZA_NAME_QUERY);
  if (query == NULL) {
diff -Nru profanity-0.4.7/debian/patches/series profanity-0.4.7/debian/patches/series
--- profanity-0.4.7/debian/patches/series	2015-09-26 16:47:33.0 +0200
+++ profanity-0.4.7/debian/patches/series	2017-02-25 18:29:37.0 +0100
@@ -1 +1,2 @@
 fix_spelling_error
+0002-Import-the-patch-fixing-CVE-2017-5592.patch


signature.asc
Description: PGP signature

Bug#856214: deboostrapping wheezy fails (on Qubes jessie+stretch VMs)

[Holger Levsen]

Hi,

ok, done so now:

user@stretch:~$ sudo strace debootstrap wheezy  ./wheezy 
http://deb.debian.org/debian/
[...]
I: Extracting tzdata...
I: Extracting libustr-1.0-1...
I: Extracting bsdutils...
I: Extracting libblkid1...
I: Extracting libmount1...
I: Extracting libuuid1...
I: Extracting mount...
I: Extracting util-linux...
I: Extracting liblzma5...
I: Extracting xz-utils...
I: Extracting zlib1g...
[{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0, NULL) = 24049
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=24049, si_uid=0, 
si_status=0, si_utime=0, si_stime=6} ---
rt_sigreturn({mask=[]}) = 24049
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, 
child_tidptr=0x7f04779c19d0) = 24544
wait4(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0, NULL) = 24544
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=24544, si_uid=0, 
si_status=0, si_utime=0, si_stime=0} ---
rt_sigreturn({mask=[]}) = 24544
open("/home/user/wheezy/var/lib/dpkg/status", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 
3
fcntl(1, F_DUPFD, 10)   = 11
close(1)= 0
fcntl(11, F_SETFD, FD_CLOEXEC)  = 0
dup2(3, 1)  = 1
close(3)= 0
dup2(11, 1) = 1
close(11)   = 0
open("/home/user/wheezy/var/lib/dpkg/available", O_WRONLY|O_CREAT|O_TRUNC, 
0666) = 3
fcntl(1, F_DUPFD, 10)   = 11
close(1)= 0
fcntl(11, F_SETFD, FD_CLOEXEC)  = 0
dup2(3, 1)  = 1
close(3)= 0
dup2(11, 1) = 1
close(11)   = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, 
child_tidptr=0x7f04779c19d0) = 24545
wait4(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0, NULL) = 24545
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=24545, si_uid=0, 
si_status=0, si_utime=0, si_stime=0} ---
rt_sigreturn({mask=[]}) = 24545
stat("/home/user/wheezy//etc/resolv.conf", 0x7fff0ebdb730) = -1 ENOENT (No such 
file or directory)
lstat("/etc/resolv.conf", {st_mode=S_IFREG|0644, st_size=46, ...}) = 0
stat("/etc/resolv.conf", {st_mode=S_IFREG|0644, st_size=46, ...}) = 0
stat("/usr/local/sbin/cp", 0x7fff0ebdb910) = -1 ENOENT (No such file or 
directory)
stat("/usr/local/bin/cp", 0x7fff0ebdb910) = -1 ENOENT (No such file or 
directory)
stat("/usr/sbin/cp", 0x7fff0ebdb910)= -1 ENOENT (No such file or directory)
stat("/usr/bin/cp", 0x7fff0ebdb910) = -1 ENOENT (No such file or directory)
stat("/sbin/cp", 0x7fff0ebdb910)= -1 ENOENT (No such file or directory)
stat("/bin/cp", {st_mode=S_IFREG|0755, st_size=130504, ...}) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, 
child_tidptr=0x7f04779c19d0) = 24546
wait4(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0, NULL) = 24546
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=24546, si_uid=0, 
si_status=0, si_utime=0, si_stime=0} ---
rt_sigreturn({mask=[]}) = 24546
stat("/home/user/wheezy//etc/hostname", 0x7fff0ebdb750) = -1 ENOENT (No such 
file or directory)
lstat("/etc/hostname", 0x7fff0ebdb7d0)  = -1 ENOENT (No such file or directory)
stat("/etc/hostname", 0x7fff0ebdb7d0)   = -1 ENOENT (No such file or directory)
stat("/home/user/wheezy/etc/apt/sources.list", 0x7fff0ebdb970) = -1 ENOENT (No 
such file or directory)
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, 
child_tidptr=0x7f04779c19d0) = 24547
wait4(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0, NULL) = 24547
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=24547, si_uid=0, 
si_status=0, si_utime=0, si_stime=0} ---
rt_sigreturn({mask=[]}) = 24547
open("/home/user/wheezy/etc/apt/sources.list", O_WRONLY|O_CREAT|O_TRUNC, 0666) 
= 3
fcntl(1, F_DUPFD, 10)   = 11
close(1)= 0
fcntl(11, F_SETFD, FD_CLOEXEC)  = 0
dup2(3, 1)  = 1
close(3)= 0
pipe([3, 5])= 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, 
child_tidptr=0x7f04779c19d0) = 24548
close(5)= 0
read(3, "var/lib/apt/lists/", 128)  = 18
read(3, "debootstrap.invalid_dists_wheezy"..., 128) = 60
read(3, "", 128)= 0
close(3)= 0
wait4(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0, NULL) = 24548
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=24548, si_uid=0, 
si_status=0, si_utime=0, si_stime=0} ---
rt_sigreturn({mask=[]}) = 24548
stat("/home/user/wheezy/var/lib/apt/lists/debootstrap.invalid_dists_wheezy_main_binary-amd64_Packages",
 {st_mode=S_IFREG|0644, st_size=28480385, ...}) = 0
write(1, "deb http://

Bug#856230: ITP: python-django-progressbarupload -- Progress bar for Django (Python 2)

[Willi Mann]

Package: wnpp
Severity: wishlist
Owner: Willi Mann 

* Package name: python-django-progressbarupload
  Version : 0.1.7
  Upstream Author : Samuel Goldszmidt
* URL : https://github.com/ouhouhsami/django-progressbarupload
* License : BSD
  Programming Lang: Python
  Description : Progress bar for Django

 This package provides a progress bar for file upload forms in Django, a web
 development framework written Python. The progress bar is implemented on the
 server side via a special view that provides the progress information and
 JavaScript on the client side to poll this view in short intervals. If
 JavaScript is disabled, uploads still work, but there is no progress bar.

As far as I can tell, there is no Django extension so far in Debian that
supports upload progress reporting. I'm using this package already for a
student work submission system.