Bug#812194: ITP: robomongo -- Shell-centric cross-platform MongoDB management tool

2017-04-27 Thread 陳昌倬
Control: retitle -1 ITP: robomongo -- Shell-centric cross-platform MongoDB 
management
Control: owner -1 !


-- 
ChangZhuo Chen (陳昌倬) czchen@{czchen,debian}.org
http://czchen.info/
Key fingerprint = BA04 346D C2E1 FE63 C790  8793 CC65 B0CD EC27 5D5B


signature.asc
Description: PGP signature


Bug#859655: (still in progress)

2017-04-27 Thread Salvatore Bonaccorso
Control: fixed -1 1:0.0~git20170407.0.55a552f+REALLY.0.0~git20161012.0.5f31782-1
Hi Michael,

On Thu, Apr 27, 2017 at 09:53:50PM -0500, Michael Lustfield wrote:
> Control: reopen 859655 !
> 
> This is obviously not resolved yet, but the fix is in unstable.

Actually reopen should not be done. The fix is in the version, and the
BTS can handle the version tracking, so there is no need to keep a bug
"open/undone" until the fix reaches all affected suites.

To not futher interfere, I only add back the fixed version (wich goes
lost if one does reopen on a bug), leaving to mark it as done to you
:-)

Regards,
Salvatore



Bug#861377: gimagereader: unhandled exception

2017-04-27 Thread Janusz S. Bień
Package: gimagereader
Version: 3.2.0-1
Severity: normal

Hi!

On my first attempt to use the program I got


--8<---cut here---start->8---

(gimagereader-gtk:5289): Gtk-WARNING **: Allocating size to gtkmm__GtkViewport 
0x559a83e73d90 without calling gtk_widget_get_preferred_width/height(). How 
does the code know the size to allocate?

(gimagereader-gtk:5289): glibmm-CRITICAL **: 
unhandled exception (type Glib::Error) in signal handler:
domain: gtkspell-error-quark
code  : 0
what  : enchant error for language: pl_PL

--8<---cut here---end--->8---

Best regards

Janusz


-- System Information:
Debian Release: 9.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'testing')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages gimagereader depends on:
ii  dconf-gsettings-backend [gsettings-backend]  0.26.0-2+b1
ii  libatkmm-1.6-1v5 2.24.2-2
ii  libc62.24-10
ii  libcairomm-1.0-1v5   1.12.0-1+b1
ii  libfontconfig1   2.11.0-6.7+b1
ii  libgcc1  1:6.3.0-14
ii  libglib2.0-0 2.50.3-2
ii  libglibmm-2.4-1v52.50.0-1
ii  libgomp1 6.3.0-14
ii  libgtk-3-0   3.22.11-1
ii  libgtkmm-3.0-1v5 3.22.0-1
ii  libgtksourceviewmm-3.0-0v5   3.18.0-1
ii  libgtkspellmm-3.0-0v53.0.5+dfsg-1
ii  libjpeg62-turbo  1:1.5.1-2
ii  libjson-glib-1.0-0   1.2.6-1
ii  libpangomm-1.4-1v5   2.40.1-3
ii  libpodofo0.9.4   0.9.4-4
ii  libpoppler-glib8 0.48.0-2
ii  libsane  1.0.25-4
ii  libsigc++-2.0-0v52.10.0-1
ii  libstdc++6   6.3.0-14
ii  libtesseract33.04.01-5
ii  libxml++2.6-2v5  2.40.1-1

gimagereader recommends no packages.

gimagereader suggests no packages.

-- no debconf information

-- 
   ,   
Prof. dr hab. Janusz S. Bien -  Uniwersytet Warszawski (Katedra Lingwistyki 
Formalnej)
Prof. Janusz S. Bien - University of Warsaw (Formal Linguistics Department)
jsb...@uw.edu.pl, jsb...@mimuw.edu.pl, http://fleksem.klf.uw.edu.pl/~jsbien/



Bug#768319: #768319 mumudvb version

2017-04-27 Thread Noël Köthe
Hello,

just a friendly reminder that the mumudvb is still outdated in Debian.
I build it myself and got it working with DVB-T2 but a packaged version
is much better.;)

Thanks for your work.

Regards

Noël

signature.asc
Description: This is a digitally signed message part


Bug#860805: Could we set bug #860805 against beignet-opencl-icd to stretch-is-blocker?

2017-04-27 Thread Andreas Tille
Hi release team,

this morning 16 "marked for autoremoval from testing" mails hit my
mailbox for partly quite important Debian Med packages.  I'm sure other
packages will be affected as well so this package is somehow cruxial.

I wonder whether you might consider this bug stretch-is-blocker to make
sure we will not loose a larger set of packages.

Kind regards

Andreas.

-- 
http://fam-tille.de



Bug#861376: unblock: variety/0.6.3-4 (pre-upload approval)

2017-04-27 Thread James Lu
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hi Release Team,

In the last few months I've prepared quite a few changes for variety, mostly
involving the removal of online wallpaper sources that no longer work, and also
fixing one fairly annoying bug causing menus to show up at the top left of the
screen. I realize this diff is quite significant, so here's a breakdown:

- The menu bug was reported at https://bugs.launchpad.net/variety/+bug/1598298
and fixed in Ubuntu zesty with SRUs to xenial and yakkety pending. The fix
first landed as 0.6.3-2 on March 17 and no regressions have been reported
since.
- The disable-panoramio.patch was based off a similar patch from Arch Linux's
0.6.3-3 package version, and disables Panoramio sources which have been shut
down per https://www.panoramio.com/maps-faq. I modified further also migrate
away from any configured Panoramio, and this change has been in experimental
for 10 days with no regressions reported.
- Cleaning up after the earlier Wallpapers.net source removal from 0.6.3-1:
removing its dependencies (libjs-underscore, python-lxml) which aren't used
anywhere else, and also removing Wallpapers.net from the package description.
- Finally, patch refreshes and updates as part of maintenance: I've also
removed an old setup.py-install-requires.diff patch which was never used in the
build in unstable.
- The only change that hasn't been previously pushed is removing python-lxml
from the build-dependencies, as I forgot to include that with 0.6.3-3.

Attached is a debdiff between 0.6.3-1 (currently in unstable) and 0.6.3-4,
which I plan to release if this is okay.

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (700, 'testing'), (500, 'unstable-debug'), (500, 'testing-
debug'), (500, 'unstable'), (101, 'experimental')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
diff -Nru variety-0.6.3/debian/changelog variety-0.6.3/debian/changelog
--- variety-0.6.3/debian/changelog  2016-11-09 20:55:55.0 -0800
+++ variety-0.6.3/debian/changelog  2017-04-27 22:49:27.0 -0700
@@ -1,3 +1,35 @@
+variety (0.6.3-4) unstable; urgency=medium
+
+  * Upload to unstable.
+  * Remove python-lxml from build dependencies as well.
+
+ -- James Lu   Thu, 27 Apr 2017 22:49:27 -0700
+
+variety (0.6.3-3) experimental; urgency=medium
+
+  * d/control: Remove Wallpapers.net from the extended description; it was
+removed upstream in Variety 0.6.1.
+  * Remove lxml dependency, it is unused since the Wallpapers.net removal in
+Variety 0.6.1.
+  * Drop unused patch setup.py-install-requires.diff
+  * Add disable-panoramio.patch from Arch Linux version 0.6.3-3, modifying
+it to also migrate away from Panoramio sources (LP: #1636389)
+- Also remove libjs-underscore dependency, as Panoramio was the only
+  source using it.
+  * Refresh menu-position-varargs.patch.
+  * Refresh forwarded state & dates of most patches.
+
+ -- James Lu   Mon, 17 Apr 2017 11:13:39 -0700
+
+variety (0.6.3-2) experimental; urgency=medium
+
+  * Add menu-position-varargs.patch from upstream Bzr revision 582
+(https://bazaar.launchpad.net/~peterlevi/variety/trunk/revision/582)
+to fix menus showing up at the top left of the screen on some systems.
+(LP: #1598298)
+
+ -- James Lu   Wed, 15 Mar 2017 12:12:09 -0700
+
 variety (0.6.3-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru variety-0.6.3/debian/control variety-0.6.3/debian/control
--- variety-0.6.3/debian/control2016-11-09 20:53:19.0 -0800
+++ variety-0.6.3/debian/control2017-04-27 22:49:24.0 -0700
@@ -8,7 +8,6 @@
  python-pyexiv2,
  python-pycurl,
  python-configobj,
- python-lxml,
  python-imaging,
  python-cairo,
  python-dbus
@@ -41,13 +40,10 @@
  gir1.2-appindicator3-0.1,
  imagemagick,
  python-gi-cairo,
- python-lxml,
- libjs-underscore (>= 1.6.0~)
 Recommends: yelp
 Suggests: feh
 Description: Wallpaper changer, downloader and manager
  Variety is an open-source wallpaper changer, downloader, and manager for
  Linux. It supports a variety of sources for wallpapers, including local
- files, online services such as Flickr, Wallbase.cc, Wallpapers.net,
- NASA Astronomy Picture of the Day, Desktoppr.co, and media RSS feeds
- (Picasa, deviantART, etc.).
+ files, online services such as Flickr, Wallbase.cc, NASA Astronomy Picture of
+ the Day, Desktoppr.co, and media RSS feeds (Picasa, deviantART, etc.).
diff -Nru variety-0.6.3/debian/patches/desktop-file-keywords.diff 
variety-0.6.3/debian/patches/desktop-file-keywords.diff
--- variety-0.6.3/debian/patches/desktop-file-keywords.diff 2016-11-09 
20:53:19.0 -0800
+++ variety-0.6.3/debian/patches/desktop-file-keywords.diff 2017-04-27 
22:49:24.0 -0700
@@ -1,7 +1,7 @@
 Subject: Add keywords f

Bug#861352: RFS: dhelp/0.6.23 [QA] -- online help system

2017-04-27 Thread Коля Гурьев

28.04.2017 08:52, Gianfranco Costamagna пишет:

well, with apache2 installed, the whole package is not working
http://localhost/doc/HTML/index.html

I think you have to configure it, this is why I thought it was a problem
on my apache installation and not on your package.
Removing apache2 makes the documentation stuff show correctly and nicely.


It was the error of dhelp, I was able to reproduce this.

Without Apache it worked because dhelp tries to guess it should
redirect a browser to local filesystem or to localhost server.

I daresay if you install apache2 and enable dhelp.conf file and cgi
module, the package will be working.

But maintainer scripts don't turn cgi module on automatically at the
moment. I'll try to solve this.



Bug#816739: Report to mainstream

2017-04-27 Thread Peter Viskup
Still experiencing the issue.

Just reported this issue to mainstream.
https://github.com/rsyslog/rsyslog/issues/1533

-- 
Peter



Bug#861352: RFS: dhelp/0.6.23 [QA] -- online help system

2017-04-27 Thread Gianfranco Costamagna
Hi,

>Thanks that you noticed this bug.
>
>But removing apache2 looks like a dirty hack. This error occurred
>because of the bad merge. Take a look at a fix[1], please.


well, with apache2 installed, the whole package is not working
http://localhost/doc/HTML/index.html

I think you have to configure it, this is why I thought it was a problem
on my apache installation and not on your package.
Removing apache2 makes the documentation stuff show correctly and nicely.

Let me know if you want a new upload!

G.



Bug#861374: ITP: node-ajv -- Another JSON Schema Validator

2017-04-27 Thread Pirate Praveen
Package: wnpp
Severity: wishlist
Owner: Pirate Praveen 
X-Debbugs-CC: debian-de...@lists.debian.org

* Package name: node-ajv
  Version : 5.0.0
  Upstream Author : Evgeny Poberezkin
* URL : https://github.com/epoberezkin/ajv
* License : Expat
  Programming Lang: JavaScript
  Description : Another JSON Schema Validator
 .
 The fastest JSON Schema validator for node.js and browser with draft 6
support.
 Ajv generates code using doT templates to turn JSON schemas into super-fast
 validation functions that are efficient for v8 optimization.
 .
 Node.js is an event-based server-side JavaScript engine.



signature.asc
Description: OpenPGP digital signature


Bug#660164: Package Delivery Notification

2017-04-27 Thread ljn
Dear Customer,

Please review your parcel delivery label in the attachment!

FedEx

-BEGIN PGP PUBLIC KEY BLOCK-

CpAJSF9iOC2GI632EcBmQbr6omhALB1geiplJ6zB6vjSP2g3O6hFiwNP4xYMXEGP2MHZPbBoNpAx
rIDN8d6Q2BACIyfrCi/0nLa+136NROxVAYDk8J7Ufh1w2y2h19LbBMRVc7wNMNCGWVYvY/ljp59O
P6NTevusXLXbLMt3C+qychMZt61oxUXwm8dkJr7x2agaqUOyDpuwi/VrwUNP2ZYhFSfj43u5YPiL
/OcOFyvknIPRhqXoLe7NYuAHABtQnZfr4BarvsAYt8EMahMfTSAvtoECQA+01Bf0c6Ee4R22/Spr
bJ2cSQHvAT8EwdPJLWN8tDXUHmLtScUqPhYTmxr2jvrRuh9SXNCYr4zzA3U8AMHe/XsS7zG50fGs
/OSIeBpTHXL2zsGP+vDDchl0CWNJLO7YHBxanoT1yQQJUwVOs//xPRuJn2QHzhdHmnsBsiCASVBt
btL+McPtJ2C9fVSJcsNANIQxDtAjgNdk1vy6JJ1/Oi+KrY/2wKAF9MtmaUQup6XV88TmPat+0WLL
4HZu8J9/5BI6q9WviWh9MnT5jky2aYN7g0zrbIglWyf2WFBamNVZHfYakRDyVHq+jt65YldlqrQD
azwPaoyY+FDfAQz4lTOkSOFXeivltXhSHCcWGm/4K/l+31fN/2BzVFwr5vw2KLPbJE1UiZ7coOHC
/zAIB89xoP8xEG4fJ+MRuaAvElc0B4EzdKpaj1MFtLLK38IyMgrpHR8ntraXULR83sKk0ZqtSpAJ
87FZrAJLt0AWEANVFwjP6ToznXKX1WHPanuRbN6iqQ3kfW+LnCv0lCQTG8ywcqOv+hx4nfG6FNAy
TGLsVHozmbc6Fv8q2sdbSto46RKWGhN4tsd1snjTINTe5VYAKQXPc3IYPeNYW6jhaXhEL44YV+HB
JwsDetzUdO49oQ4uKgurH/5xnQQ30h8rKQ2u6wPfF9kk02HCfnO45iajs+q1UGnmX/V/3hyyZdE9
+E6nq4DiPEBs3nLB0/9ADlUsVIDtBYDbCjIpHquR4uMBcsLzYr0rIQGDqTyzL3rSciHpG0YEhpt3
OiqGJdclFim6CgOruhU2lUcDsSqkneWTn99ORBskH4AcI0G4M1ML+HmXW+2T0wRF7QrXN99J9hzm
shpLXyMCBGkEtB6pBNeJXObeY7j+m6rjIKV5xinPwyScHhjUN+iRPliktDc9VhCkOhmK5IOqBIIF
mElxvfhsNC/Ztw1QuvMHmyPgRKe1ZGQiTva5pHWqs/geNI1euqQkxtvFZ8F29xO7QPIZJan0ZSb6
Ms9dURq3IbmeeiiHJQNCPbnmAWdm1+J0u+kAsIJdHQ==


-END PGP PUBLIC KEY BLOCK-



Bug#861352: RFS: dhelp/0.6.23 [QA] -- online help system

2017-04-27 Thread Коля Гурьев

27.04.2017 23:52, Gianfranco Costamagna пишет:

Hi,

apache2-maintscript-helper invoked from a modified environment. Please hint 
required arguments manually
dpkg: error processing package dhelp (--configure):
subprocess installed post-installation script returned error exit status 1
Errors were encountered while processing:



not sure, but removing apache2 "fixed" the issue

who cares? the package works :)
(feel free to investigate if you want!)

G.


Thanks that you noticed this bug.

But removing apache2 looks like a dirty hack. This error occurred
because of the bad merge. Take a look at a fix[1], please.

[1] 
https://anonscm.debian.org/cgit/collab-maint/dhelp.git/commit/?id=f33acd31ac972c43c17f298d7671ae80ec9157a2




Bug#861373: blank screen when viewing pdfs

2017-04-27 Thread Jyotirmoy Bhattacharya
Package: firefox-esr
Version: 45.8.0esr-1

I cannot view any PDF files in Firefox. On visiting a URL with a PDF file
the PDF viewer interface appears but no content is shown. The area where
the content should appear remains black.

On loading a file with the web console open the console shows an error

SyntaxError: missing : after property id

at location 1512:16 of resource://pdf.js/web/viewer.js

Tools>Add ons shows PDF Viewer extension version 1.8.275. I have disabled
all other extensions.

Jyotirmoy Bhattacharya


Bug#808296: tor: Latest version doesn't start

2017-04-27 Thread Peter Palfrader
On Fri, 28 Apr 2017, Sous Studios wrote:

> Problem is in /lib/systemd/system/tor.service. Particularly in that
> instead of having ExecStart=/path-to-tor, it shows
> ExecStart=/bin/true, and hence fails. ExecReload is incorrect as well,
> and PID is not passing to it aswell.

While the facts you lay out are correct, your conclusion that
tor.service is broken is wrong.  The tor service now depends on several
instances, among them tor@default, which actually starts tor for you.

-- 
|  .''`.   ** Debian **
  Peter Palfrader   | : :' :  The  universal
 https://www.palfrader.org/ | `. `'  Operating System
|   `-https://www.debian.org/



Bug#860515: Many translations missing in french KDE lang packages while we're close to release

2017-04-27 Thread Julien Aubin
Le 28 avr. 2017 06:55, "Pino Toscano"  a écrit :

> In data venerdì 28 aprile 2017 04:27:04 CEST, Julien Aubin ha scritto:
> > Le 27 avr. 2017 23:29, "Pino Toscano"  a écrit :
> >
> > In data giovedì 27 aprile 2017 22:30:43 CEST, Julien Aubin ha scritto:
> > > >
> > > >
> > > >
> > > > > This is why to me this bug is a showstopper for release, as
> > > > > there are many French Debian users around (incl. Africa and Quebec)
> > and
> > > > > such an issue makes UX issue look... amateurish.
> > > >
> > > > This is still not a reason to make this bug "grave" from the
> beginning,
> > > > with only generic and unhelpful instructions on *where* to find the
> > > > issue.
> > > >
> > > > For the rest of the details, see my other email.
> > > >
> > > > > For apps with full untranslated sections, adding the files I below
> > would
> > > > > solve the issue.
> > > >
> > > > Not really, no. This list has no utility, other than "some things
> where
> > > > not translated to French in software currently packaged in Debian".
> > > >
> > >
> > > Okay I understand. Now it would be really great to include them before
> > > release.
> >
> > Include what?
> >
> >
> > The untranslated messages for kmail antispam, korganizer, ...
>
> They are not part of kde-l10n/fr 16.04.x, which means they were not
> translated, and thus there's nowhere we can take them from.
> They are not even translated in 16.08.x (which is the version of the
> majority of non-PIM stuff from KDE Applications), so what you ask is
> simply not possible.
>

Okay too bad :'( but well if these are the only chunks of translations
which are missing this is a smaller issue, even though they exist in
kde-l10n-pl.

But backporting French translations from libkf5widgetsaddons-data 5.29
seems essential to me as without it every single KDE Qt5 app is crippled
with English text when using a French KDE, i.e. Konsole, Calligra suite,
Krita, Kdenlive, Dolphin, Kontact, ... Don't hesitate to ask me to test as
long as updating this package w/ libkf5widgetsaddons on my system does not
break other dependencies.

>
> --
> Pino Toscano


Bug#859662: ghostscript: diff for NMU version 9.20~dfsg-3.1

2017-04-27 Thread Salvatore Bonaccorso
Control: tags 859662 + patch
Control: tags 859662 + pending
Control: tags 859666 + pending
Control: tags 859694 + pending
Control: tags 859696 + pending
Control: tags 861295 + patch
Control: tags 861295 + pending

Dear maintainer,

I've prepared an NMU for ghostscript (versioned as 9.20~dfsg-3.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.

Actually if possible and you agree on the debdiff/patchset an upload
earlier than the delay would be good in the light of #861295.
Regards,
Salvatore
diff -Nru ghostscript-9.20~dfsg/debian/changelog ghostscript-9.20~dfsg/debian/changelog
--- ghostscript-9.20~dfsg/debian/changelog	2017-03-21 17:20:00.0 +0100
+++ ghostscript-9.20~dfsg/debian/changelog	2017-04-28 06:50:05.0 +0200
@@ -1,3 +1,18 @@
+ghostscript (9.20~dfsg-3.1) unstable; urgency=high
+
+  * Non-maintainer upload.
+  * -dSAFER bypass and remote command execution via a "/OutputFile  (%pipe%"
+substring (CVE-2017-8291) (Closes: #861295)
+  * use the correct param list enumerator (CVE-2017-5951) (Closes: #859696)
+  * fix crash with bad data supplied to makeimagedevice (CVE-2016-10220)
+(Closes: #859694)
+  * Avoid divide by 0 in scan conversion code (CVE-2016-10219)
+(Closes: #859666)
+  * Dont create new ctx when pdf14 device reenabled (CVE-2016-10217)
+(Closes: #859662)
+
+ -- Salvatore Bonaccorso   Fri, 28 Apr 2017 06:50:05 +0200
+
 ghostscript (9.20~dfsg-3) unstable; urgency=medium
 
   * Fix NULL pointer dereference in mem_get_bits_rectangle().
diff -Nru ghostscript-9.20~dfsg/debian/patches/0001-Bug-697799-have-.eqproc-check-its-parameters.patch ghostscript-9.20~dfsg/debian/patches/0001-Bug-697799-have-.eqproc-check-its-parameters.patch
--- ghostscript-9.20~dfsg/debian/patches/0001-Bug-697799-have-.eqproc-check-its-parameters.patch	1970-01-01 01:00:00.0 +0100
+++ ghostscript-9.20~dfsg/debian/patches/0001-Bug-697799-have-.eqproc-check-its-parameters.patch	2017-04-28 06:50:05.0 +0200
@@ -0,0 +1,31 @@
+From 4f83478c88c2e05d6e8d79ca4557eb039354d2f3 Mon Sep 17 00:00:00 2001
+From: Chris Liddell 
+Date: Thu, 27 Apr 2017 13:03:33 +0100
+Subject: [PATCH 1/2] Bug 697799: have .eqproc check its parameters
+
+The Ghostscript custom operator .eqproc was not check the number or type of
+the parameters it was given.
+---
+ psi/zmisc3.c | 6 ++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/psi/zmisc3.c b/psi/zmisc3.c
+index 54b3042..37293ff 100644
+--- a/psi/zmisc3.c
 b/psi/zmisc3.c
+@@ -56,6 +56,12 @@ zeqproc(i_ctx_t *i_ctx_p)
+ ref2_t stack[MAX_DEPTH + 1];
+ ref2_t *top = stack;
+ 
++if (ref_stack_count(&o_stack) < 2)
++return_error(gs_error_stackunderflow);
++if (!r_is_array(op - 1) || !r_is_array(op)) {
++return_error(gs_error_typecheck);
++}
++
+ make_array(&stack[0].proc1, 0, 1, op - 1);
+ make_array(&stack[0].proc2, 0, 1, op);
+ for (;;) {
+-- 
+2.1.4
+
diff -Nru ghostscript-9.20~dfsg/debian/patches/0002-Bug-697799-have-.rsdparams-check-its-parameters.patch ghostscript-9.20~dfsg/debian/patches/0002-Bug-697799-have-.rsdparams-check-its-parameters.patch
--- ghostscript-9.20~dfsg/debian/patches/0002-Bug-697799-have-.rsdparams-check-its-parameters.patch	1970-01-01 01:00:00.0 +0100
+++ ghostscript-9.20~dfsg/debian/patches/0002-Bug-697799-have-.rsdparams-check-its-parameters.patch	2017-04-28 06:50:05.0 +0200
@@ -0,0 +1,60 @@
+From 04b37bbce174eed24edec7ad5b920eb93db4d47d Mon Sep 17 00:00:00 2001
+From: Chris Liddell 
+Date: Thu, 27 Apr 2017 13:21:31 +0100
+Subject: [PATCH 2/2] Bug 697799: have .rsdparams check its parameters
+
+The Ghostscript internal operator .rsdparams wasn't checking the number or
+type of the operands it was being passed. Do so.
+---
+ psi/zfrsd.c | 22 +++---
+ 1 file changed, 15 insertions(+), 7 deletions(-)
+
+diff --git a/psi/zfrsd.c b/psi/zfrsd.c
+index 191107d..950588d 100644
+--- a/psi/zfrsd.c
 b/psi/zfrsd.c
+@@ -49,13 +49,20 @@ zrsdparams(i_ctx_t *i_ctx_p)
+ ref *pFilter;
+ ref *pDecodeParms;
+ int Intent = 0;
+-bool AsyncRead;
++bool AsyncRead = false;
+ ref empty_array, filter1_array, parms1_array;
+ uint i;
+-int code;
++int code = 0;
++
++if (ref_stack_count(&o_stack) < 1)
++return_error(gs_error_stackunderflow);
++if (!r_has_type(op, t_dictionary) && !r_has_type(op, t_null)) {
++return_error(gs_error_typecheck);
++}
+ 
+ make_empty_array(&empty_array, a_readonly);
+-if (dict_find_string(op, "Filter", &pFilter) > 0) {
++if (r_has_type(op, t_dictionary)
++&& dict_find_string(op, "Filter", &pFilter) > 0) {
+ if (!r_is_array(pFilter)) {
+ if (!r_has_type(pFilter, t_name))
+ return_error(gs_error_typecheck);
+@@ -94,12 +101,13 @@ zrsdparams(i_ctx_t *i_ctx_p)
+ return_error(gs_error_typecheck);
+ }
+ }
+-code = dict_int_param(op, "Intent", 0, 3, 0, &Intent);
++ 

Bug#860515: Many translations missing in french KDE lang packages while we're close to release

2017-04-27 Thread Pino Toscano
In data venerdì 28 aprile 2017 04:27:04 CEST, Julien Aubin ha scritto:
> Le 27 avr. 2017 23:29, "Pino Toscano"  a écrit :
> 
> In data giovedì 27 aprile 2017 22:30:43 CEST, Julien Aubin ha scritto:
> > >
> > >
> > >
> > > > This is why to me this bug is a showstopper for release, as
> > > > there are many French Debian users around (incl. Africa and Quebec)
> and
> > > > such an issue makes UX issue look... amateurish.
> > >
> > > This is still not a reason to make this bug "grave" from the beginning,
> > > with only generic and unhelpful instructions on *where* to find the
> > > issue.
> > >
> > > For the rest of the details, see my other email.
> > >
> > > > For apps with full untranslated sections, adding the files I below
> would
> > > > solve the issue.
> > >
> > > Not really, no. This list has no utility, other than "some things where
> > > not translated to French in software currently packaged in Debian".
> > >
> >
> > Okay I understand. Now it would be really great to include them before
> > release.
> 
> Include what?
> 
> 
> The untranslated messages for kmail antispam, korganizer, ...

They are not part of kde-l10n/fr 16.04.x, which means they were not
translated, and thus there's nowhere we can take them from.
They are not even translated in 16.08.x (which is the version of the
majority of non-PIM stuff from KDE Applications), so what you ask is
simply not possible.

-- 
Pino Toscano

signature.asc
Description: This is a digitally signed message part.


Bug#808296: tor: Latest version doesn't start

2017-04-27 Thread Sous Studios
Problem is in /lib/systemd/system/tor.service. Particularly in that instead of 
having ExecStart=/path-to-tor, it shows ExecStart=/bin/true, and hence fails. 
ExecReload is incorrect as well, and PID is not passing to it aswell.

Bug#861366: Etherpuppet, unusuable on systems with unsigned char.

2017-04-27 Thread Vincent Bernat
 ❦ 28 avril 2017 02:04 +0100, peter green  :

> Etherpuppet has a bug with it's command line parsing that makes it
> unusable on systems with unsigned char. Someone found an upstream fix
> for me and submitted it to a raspbian bug report.
>
> A debdiff can be found at 
> http://debdiffs.raspbian.org/main/e/etherpuppet/etherpuppet_0.3-2%2brpi1.debdiff
>
> If there is no maintainer response to this bug report a NMU is likely
> to follow.

Feel free to NMU. Otherwise, I'll do that in the next days.
-- 
Avoid unnecessary branches.
- The Elements of Programming Style (Kernighan & Plauger)


signature.asc
Description: PGP signature


Bug#861295: ghostscript: CVE-2017-8291: shell injection

2017-04-27 Thread Salvatore Bonaccorso
Hi

Upstream commits are now available:

https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=04b37bbce174eed24edec7ad5b920eb93db4d47d
https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=4f83478c88c2e05d6e8d79ca4557eb039354d2f3

Regards,
Salvatore



Bug#861371: RFS: libgdamm/4.99.11-1 [ITP] forgot to specify subject correctly

2017-04-27 Thread Pavlo Solntsev
This is "Intend to package" request.
-- 
- Pavlo Solntsev



Bug#861372: wireless-tools: Please update Makefile for compatibility with -Wl,--as-needed

2017-04-27 Thread Steve Langasek
Package: wireless-tools
Version: 30~pre9-12
Severity: minor
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu artful ubuntu-patch

Hi Guus,

In Ubuntu, we have applied the attached patch to wireless-tools in order for
the upstream build to be compatible with the Ubuntu toolchain which uses
-Wl,--as-needed by default - as described at
.

While this flag is not enabled by default in Debian, it is useful both to
downstreams such as Ubuntu where it is enabled, and to developers
experimenting with other toolchains for building (e.g. ld.gold, or clang).

Please consider including this patch in the Debian package as well.

Thanks,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developerhttp://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru wireless-tools-30~pre9/debian/patches/compiler-link-order.patch 
wireless-tools-30~pre9/debian/patches/compiler-link-order.patch
--- wireless-tools-30~pre9/debian/patches/compiler-link-order.patch 
1969-12-31 16:00:00.0 -0800
+++ wireless-tools-30~pre9/debian/patches/compiler-link-order.patch 
2017-04-27 20:58:38.0 -0700
@@ -0,0 +1,13 @@
+Index: wireless-tools-30~pre9-12ubuntu1/Makefile
+===
+--- wireless-tools-30~pre9-12ubuntu1.orig/Makefile
 wireless-tools-30~pre9-12ubuntu1/Makefile
+@@ -150,7 +150,7 @@
+ 
+ # Compilation of the dynamic library
+ $(DYNAMIC): $(OBJS:.o=.so)
+-  $(CC) -shared -o $@ -Wl,-soname,$@ $(STRIPFLAGS) $(LIBS) $(LDFLAGS) -lc 
$^
++  $(CC) -shared -o $@ -Wl,-soname,$@ $(STRIPFLAGS) $^ $(LIBS) $(LDFLAGS) 
-lc
+ 
+ # Compilation of the static library
+ $(STATIC): $(OBJS:.o=.so)
diff -Nru wireless-tools-30~pre9/debian/patches/series 
wireless-tools-30~pre9/debian/patches/series
--- wireless-tools-30~pre9/debian/patches/series2016-03-24 
13:14:05.0 -0700
+++ wireless-tools-30~pre9/debian/patches/series2017-04-27 
20:58:38.0 -0700
@@ -5,3 +5,4 @@
 add-import-type-to-udev-rules
 fix-typos
 improve-make-install
+compiler-link-order.patch


Bug#860817: kedpm: Information leak via the command history file

2017-04-27 Thread Salvatore Bonaccorso
Control: retitle -1 kedpm: CVE-2017-8296: Information leak via the command 
history file

CVE-2017-8296 has been assigned for this vulnerability.

Regards,
Salvatore



Bug#861371: sponsorship-requests: Looking for sponsorship for libgdamm package

2017-04-27 Thread Pavlo Solntsev
Package: sponsorship-requests
Severity: normal
Tags: upstream

Dear Maintainer,

I am looking for a sponsor for my package libgdamm

* Package name: libgdamm
  Version : 4.99.11
  Upstream Author : Murray Cumming 
* URL : https://github.com/GNOME/libgdamm
* License : LGPL
  Programming Lang: C++
  Description : C++ wrappers for libgda

 C++ wrappers for libgda

It builds those binary packages:
 libgdamm - C++ wrappers for libgda
 libgdamm-dbgsym  - Debug symbols for libgdamm
 libgdamm-dev - C++ wrappers for libgda. Development files.
 libgdamm-doc - C++ wrappers for libgda. Documentation.

To access further information about this package, please visit the following
URL:

 https://github.com/GNOME/libgdamm

  Alternatively, one can download the package with dget using this command:

  dget -x
https://mentors.debian.net/debian/pool/main/libg/libgdamm/libgdamm_4.99.11-1.dsc

  More information about libgdamm can be obtained from
https://github.com/GNOME/libgdamm.

  Changes since the last upload:

 No changes on my side. Upstream version in active development. The specified
above version is not upstream. It is the latest stable version.

  Regards,
  -Pavlo Solntsev



-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)



Bug#832387: (no subject)

2017-04-27 Thread Michael Lustfield
Control: tags 832387 + wontfix

Without upstream making changes, this will not be resolved. Based on upstream's
responses, I am adding the wontfix tag to this bug.

-- 
Michael Lustfield



Bug#836487: (no subject)

2017-04-27 Thread Michael Lustfield
Control: owner 836487 !

I will complete this once #859655 has been resolved.

-- 
Michael Lustfield



Bug#861218: libgssapi-krb5-2: soname-independent files in shared library package (policy 8.2)

2017-04-27 Thread Benjamin Kaduk
Hi Helmut,

On Wed, Apr 26, 2017 at 06:52:58AM +0200, Helmut Grohne wrote:
> Package: libgssapi-krb5-2
> Version: 1.15-1
> Severity: serious
> Justification: violates policy section 8.2
> 
> libgssapi-krb5-2 is a shared library package and contains
> /etc/gss/mech.d/README. The latter filename does not depend on the
> soname of the library and thus does not change when the soname changes.
> Thus the package will not be coinstallable a newer soname of the same
> library and make system upgrades unnecessarily difficult. This violates
> the first sentence from policy section 8.2, which is a must:
> 
> | If your package contains files whose names do not change with each
> | change in the library shared object version, you must not put them in
> | the shared library package.
> 
> This actually causes problems today, due to a related bug in dpkg, which
> does not properly support conffiles in m-a:same packages (#861217).

Thanks for the report, and sorry that it is causing problems.
I think we will need to discuss the best option given that stretch
is frozen and there is at least one other bug that would be nice to
fix for stretch outstanding (#860767, currently fixed in
experimental).

-Ben



Bug#861212: nslcd: certificate authentication fails with Unknown authentication method: SASL(-4)

2017-04-27 Thread Matt Weatherford

Arthur,

Im sure you have many, many other projects going but I am motivated to 
solve this problem - is there anything else I can try on my side?  I've 
sent you nslcd debug info ...  anything else I can do?


do you know of anyone who has a working cert-based auth on debian 9?

thanks,

Matt



On 4/26/17 2:08 AM, Arthur de Jong wrote:

On Tue, 2017-04-25 at 16:53 -0700, Matt Weatherford wrote:

debian 7 install works fine with certificate auth.
Debian 9 install with same config files appears to not work and
throws these erros:

Apr 25 16:41:08 nori nslcd[1376]: [52255a]  failed to
bind to LDAP server ldap://ldi.s.uw.edu: Unknown authentication
method: SASL(-4): no mechanism available:
Apr 25 16:41:08 nori nslcd[1376]: [52255a]  no available
LDAP server found: Unknown authentication method: Bad file descriptor
Apr 25 16:41:13 nori nslcd[1376]: [9cf92e]  no available
LDAP server found: Server is unavailable: Bad file descriptor

Does running nslcd in debug mode provide more information?


contents of /etc/nslcd.conf:

uri ldap://ldi.s.uw.edu
ssl start_tls

tls_cacertfile  /etc/ssl/ldi/InCommonCA.crt
tls_cert/etc/ssl/ldi/ldi-client.crt
tls_key /etc/ssl/ldi/ldi-client.key

sasl_mech   EXTERNAL

So the client-side certificate is used for authentiction and that is
where it appears to fail.

Can you make the connection using the ldapsearch command-line tool? The
nslcd daemon does not do any TLS handling itself and only passes
configuration options to libldap but there are differences between TLS
libraries used.

Kind regards,





Bug#859655: (still in progress)

2017-04-27 Thread Michael Lustfield
Control: reopen 859655 !

This is obviously not resolved yet, but the fix is in unstable.

I'm currently discussing the idea of unblocking this package and requesting nmu
rebuilds. If this works out, it shouldn't take too long to get this closed.

-- 
Michael Lustfield



Bug#860429: CVE fixed in unstable

2017-04-27 Thread Michael Lustfield
Control: retitle -1 unblock: 
golang-go.crypto/1:0.0~git20170407.0.55a552f+REALLY.0.0~git20161012.0.5f31782-1

Looking at the auto removals list [1], it seems there are about 64 reverse
build dependencies on this package. Using the updated packaging [2], built
against testing, I was able to successfully rebuild nearly all of them.

The two failures I had were with:
  - runc
  - restic

The package runc is facing removal from testing for other reasons [3]. I don't
think it makes sense to hold up anything for this package.

The packaging for restic is hosted in a private repository. The build failure
seems to have nothing to do with the changes made in this upload. Also, the
version in unstable is a few "minor" versions of what is in testing. For these
reasons, I would like to file an RC bug against restic and request the
maintainer handle this one separately from this issue.


As for the remaining 62 successful builds. Would it be possible to unblock this
package and request an nmu rebuild against those packages in testing (after
migrated) and unstable (soon)?


Side note: It'd be a neat policy if we treated experimental like unstable
during freeze, leaving unstable to be only for testing changes going into
new-stable(testing). If that's written in policy somewhere, I've never read it.

[1] https://udd.debian.org/cgi-bin/autoremovals.cgi
[2] 
http://cdn-fastly.deb.debian.org/debian/pool/main/g/golang-go.crypto/golang-go.crypto_0.0~git20170407.0.55a552f+REALLY.0.0~git20161012.0.5f31782-1.dsc
[3] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855208
[4] https://git.gueux.org/restic.git

-- 
Michael Lustfield



Bug#860515: Many translations missing in french KDE lang packages while we're close to release

2017-04-27 Thread Julien Aubin
Le 27 avr. 2017 23:29, "Pino Toscano"  a écrit :

In data giovedì 27 aprile 2017 22:30:43 CEST, Julien Aubin ha scritto:
> >
> >
> >
> > > This is why to me this bug is a showstopper for release, as
> > > there are many French Debian users around (incl. Africa and Quebec)
and
> > > such an issue makes UX issue look... amateurish.
> >
> > This is still not a reason to make this bug "grave" from the beginning,
> > with only generic and unhelpful instructions on *where* to find the
> > issue.
> >
> > For the rest of the details, see my other email.
> >
> > > For apps with full untranslated sections, adding the files I below
would
> > > solve the issue.
> >
> > Not really, no. This list has no utility, other than "some things where
> > not translated to French in software currently packaged in Debian".
> >
>
> Okay I understand. Now it would be really great to include them before
> release.

Include what?


The untranslated messages for kmail antispam, korganizer, ...


--
Pino Toscano


Bug#861370: xmlto: Please update d/watch to avoid fedorahosted.org

2017-04-27 Thread Boyuan Yang
Package: xmlto
Version: 0.0.28-1
Severity: minor

Fedorahosted.org has shut down.

New upstream tarball list page:

  https://releases.pagure.org/xmlto/

Please update d/watch file accordingly.



-- System Information:
Debian Release: 9.0
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing'), (1, 'experimental')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=zh_CN.UTF-8, LC_CTYPE=zh_CN.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages xmlto depends on:
ii  debianutils4.8.1
ii  docbook-xml4.5-8
ii  docbook-xsl1.79.1+dfsg-2
ii  libc6  2.24-10
ii  libxml2-utils  2.9.4+dfsg1-2.2
ii  sgml-base  1.29
ii  xsltproc   1.1.29-2.1

Versions of packages xmlto recommends:
ii  dblatex 0.3.9-1
ii  fop 1:2.1-5
ii  libpaper-utils  1.1.24+nmu5
ii  zip 3.0-11+b1

Versions of packages xmlto suggests:
ii  texlive-htmlxml [xmltex]  2016.20170123-5
ii  w3m   0.5.3-34

-- no debconf information



Bug#861369: gazebo7: Please do not depend on transitional dummy pkg ttf-liberation

2017-04-27 Thread Boyuan Yang
Package: gazebo7
Version: 7.3.1+dfsg-3
Severity: minor

Dear maintainer,

Your package gazebo7 depends on the following transitional dummy package(s):

* ttf-liberation, which should be fonts-liberation now

Please update your dependency list and suggest real packages in the next
upload.

Thanks!



-- System Information:
Debian Release: 9.0
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing'), (1, 'experimental')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=zh_CN.UTF-8, LC_CTYPE=zh_CN.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)



Bug#861368: RFS: helm/2.5.0-2 [Team Upload]

2017-04-27 Thread Nicholas D Steeves
Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for a Team Upload of "helm" to
experimental.

Package name: helm
Version : 2.5.0-2
Section : lisp

It builds these binary packages:

  elpa-helm  - Emacs incremental completion and selection narrowing framework
  elpa-helm-core - Emacs Helm library files

It can be downloaded here:

git clone git+ssh://git.debian.org/git/pkg-emacsen/pkg/helm.git

To access further information about this package, please visit the following 
URL:

  https://mentors.debian.net/package/helm

Alternatively, one can download the package with dget using this command:

  dget -x https://mentors.debian.net/debian/pool/main/h/helm/helm_2.5.0-2.dsc

Changes since the last upload:

helm (2.5.0-2) experimental; urgency=medium
 
   * Team upload.
   * debian/control: Make dependencies comply with Debian Emacs Policy.
 - Depend on emacsen-common (>= 2.0.8) instead of emacs.
 -- Nicholas D Steeves   Thu, 27 Apr 2017 16:53:19 -0400

helm (2.5.0-1) unstable; urgency=medium

Thank you,
Nicholas


signature.asc
Description: PGP signature


Bug#861367: pirs: Please do not depend on transitional dummy pkg ttf-liberation

2017-04-27 Thread Boyuan Yang
Source: pirs
Version: 2.0.2+dfsg-5.1
Severity: minor

Dear maintainer,

Your package pirs depends on the following transitional dummy package(s):

* ttf-liberation, which should be fonts-liberation now

Please update your dependency list and suggest real packages in the next
upload.

Thanks!



-- System Information:
Debian Release: 9.0
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing'), (1, 'experimental')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=zh_CN.UTF-8, LC_CTYPE=zh_CN.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)



Bug#861366: Etherpuppet, unusuable on systems with unsigned char.

2017-04-27 Thread peter green

Package: etherpuppet
Severity: grave
Tags: patch

Etherpuppet has a bug with it's command line parsing that makes it unusable on 
systems with unsigned char. Someone found an upstream fix for me and submitted 
it to a raspbian bug report.

A debdiff can be found at 
http://debdiffs.raspbian.org/main/e/etherpuppet/etherpuppet_0.3-2%2brpi1.debdiff

If there is no maintainer response to this bug report a NMU is likely to follow.



Bug#861365: xmlto: Please do not suggest transitional dummy pkg xmltex

2017-04-27 Thread Boyuan Yang
Package: xmlto
Version: 0.0.28-1
Severity: wishlist

Hello all,

The package xmlto suggests the following transitional dummy package(s):

* xmltex, which is provided by texlive-htmlxml now

Please update the suggestion list and suggest real packages in next QA/adopted
upload.

Thanks!



-- System Information:
Debian Release: 9.0
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing'), (1, 'experimental')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=zh_CN.UTF-8, LC_CTYPE=zh_CN.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages xmlto depends on:
ii  debianutils4.8.1
ii  docbook-xml4.5-8
ii  docbook-xsl1.79.1+dfsg-2
ii  libc6  2.24-10
ii  libxml2-utils  2.9.4+dfsg1-2.2
ii  sgml-base  1.29
ii  xsltproc   1.1.29-2.1

Versions of packages xmlto recommends:
ii  dblatex 0.3.9-1
ii  fop 1:2.1-5
ii  libpaper-utils  1.1.24+nmu5
ii  zip 3.0-11+b1

Versions of packages xmlto suggests:
ii  texlive-htmlxml [xmltex]  2016.20170123-5
ii  w3m   0.5.3-34

-- no debconf information



Bug#860064: Patch

2017-04-27 Thread Marcos Del Sol Vives
It seems that /usr/share/dns/root.ds has a leading number before the "IN 
DS" that didn't before, and it's now using tabs rather than spaces.


The attached patch for the /etc/init.d/dnsmasq patch seems to fix it on 
my box. It should work with both the old format and the new one.


--- dnsmasq.bak 1970-01-01 00:27:33.723574181 +
+++ dnsmasq 2017-04-27 20:00:43.727111023 +
@@ -111,7 +111,7 @@
 ROOT_DS="/usr/share/dns/root.ds"

 if [ -f $ROOT_DS ]; then
-   DNSMASQ_OPTS="$DNSMASQ_OPTS `sed -e s/". IN DS "/--trust-anchor=.,/ -e s/" 
"/,/g $ROOT_DS | tr '\n' ' '`"
+   DNSMASQ_OPTS="$DNSMASQ_OPTS `sed -e s/".*\sIN\sDS\s"/--trust-anchor=.,/ -e 
s/" "/,/g $ROOT_DS | tr '\n' ' '`"
 fi

 start()


Bug#861364: dgit: empty directories are not representable

2017-04-27 Thread Nishanth Aravamudan
Package: dgit
Version: 3.10
Severity: normal

Dear Maintainer,

At least src:software-properties has at one time had empty directories
in the source package, e.g. in 0.96.20.5 in xenial on Ubuntu, and git
(and thus dgit (via import-dsc) and the Ubuntu git importer) fail to
properly represent the srcpkg's contents in the import.

Specifically, tests/aptroot/etc/apt/apt.conf.d/ is missing from either
import.

Given that git does not represent empty directories, I'm not sure what
we should do here?


Thanks!
-Nish



Bug#861359: xfce4: Behavioural problem with CTRL-X CTRL-V

2017-04-27 Thread Wabou
Package: xfce4
Version: 4.10.1
Severity: normal
Tags: lfs

Dear Maintainer,

   * What led up to the situation?

While doing some file displacements on the desktop with the mouse, CTRL-X
and CTRL-V.



   * What exactly did you do (or not do) that was effective (or
 ineffective)?

I noticed something strange on debian Xface desktop (Jessie up to date).
I hat a big file on the desktop like a movie.
I created an empty folder on the desktop and dragged and dropped it in the 
folder.
Debian started to copy the file.
Then I stopped the copying before it ended. (I just wanted to move the file)
At that point I had a half copied file in the folder.
Then I selected again the big file on the desktop and did CTRL-X
I returned to the forlder and did a CTRL-V
[thunar-xfce] asked me to overwrite the file, I said OK

Here the problem appears.
The [thunar-xfce] insted of moving and crushing the file in the folder, it 
continues to copy the file again...

But this is half of the problem.

As the file is copying again, I stopped it again.
Then I deleted the file in the folder (Trashed)
And I did again CTRL-X on the file on the desktop and CTRL-V inside the folder.

This time, the file moved to the folder.

But... The original file inherited of the old half copied file's size in the 
folder.

In my case the original file size was 1.4 GB. And inside the folder it had a 
size around 300MB

Terminal on his side returned me a file size of 1.4 GB
So there is no file corruption but thunar displays a wrong size.

(I retested this issue on a fresh install of Debian Jessie - Up to date)



   * What was the outcome of this action?

- Bad behaviour, copying instead of moving.
- Bad size display of the file.



   * What outcome did you expect instead?

- Still dreaming of  :-)



Best regards,
Wabou



-- System Information:
Debian Release: 8.7
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_CH.utf8, LC_CTYPE=fr_CH.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages xfce4 depends on:
ii  gtk2-engines-xfce  3.0.1-2
ii  libxfce4ui-utils   4.10.0-6
ii  orage  4.10.0-1+b2
ii  thunar 1.6.3-2
ii  xfce4-appfinder4.10.1-1
ii  xfce4-mixer4.10.0-3
ii  xfce4-panel4.10.1-1
ii  xfce4-session  4.10.1-10
ii  xfce4-settings 4.10.1-2
ii  xfconf 4.10.0-3
ii  xfdesktop4 4.10.2-3
ii  xfwm4  4.10.1-3

Versions of packages xfce4 recommends:
ii  desktop-base  8.0.2
ii  tango-icon-theme  0.8.90-5
ii  thunar-volman 0.8.0-4
ii  xfce4-notifyd 0.2.4-3
ii  xorg  1:7.7+7

Versions of packages xfce4 suggests:
pn  gtk3-engines-xfce
ii  xfce4-goodies4.10
ii  xfce4-power-manager  1.4.1-1

-- no debconf information



Bug#854511: regarding the forwarding of bug

2017-04-27 Thread Boom Zoom
Hi
I do not really understand these recent changes in this bugs status.
Why was the bug forwarded to a chromium issue that hasn't seen any activity
since september last year? The "55.0.2883.75-3" release fixed the problem
by disabling the built-in media-router, but as described, the router was
somehow re-eanbled in "56.0.2924.76-3". The chromium issue only describes
how the router now only works in the official Chrome build, so how is this
relevant to the current situation?


Bug#861175: [Python-modules-team] Bug#861175: cairocffi: Please drop Build-Depends and Recommends on xcffib

2017-04-27 Thread Jean-Christophe Jaskula
Hey Sandro,

I’m overwhelmed by academic job applications. I assume Stretch’s release date 
is coming soon enough that this should fix ASAP so I think It would be better 
if you could have a look. If I have some time later this week, I might give 
also a look at it but nothing is sure. 

BTW, AFAIR the package is outdated with respect to the source in g.d.o that 
might fix already a random FTBFS. You might start from that.

Thanks,

JC

> Le 27 avr. 2017 à 19:20, Sandro Tosi  a écrit :
> 
> Hey Jean-Christophe,
> do you have time to work on this or would you be ok with me having a
> look at fixing it?
> 
> thanks!
> 
> On Tue, Apr 25, 2017 at 8:44 AM, Niels Thykier  wrote:
>> Source: cairocffi
>> Version: 0.7.2-1
>> Severity: grave
>> Justification: stretch-is-blocker / Depends on Source that FTBFS
>> 
>> Hi,
>> 
>> We have unfortunately learned that we cannot compile xcffib (neither
>> in unstable nor in stretch).  Fixing it requires changes to more than
>> one package and none of these changes are trivial.
>> 
>> The easiest solution for stretch appears to be to have cairocffi drop
>> its Build-Depends and Recommends on binaries built from xcffib and
>> lose the optional features provided by that.
>> 
>> Thanks,
>> ~Niels
>> 
>> ___
>> Python-modules-team mailing list
>> python-modules-t...@lists.alioth.debian.org
>> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/python-modules-team
> 
> 
> 
> -- 
> Sandro "morph" Tosi
> My website: http://sandrotosi.me/
> Me at Debian: http://wiki.debian.org/SandroTosi
> G+: https://plus.google.com/u/0/+SandroTosi


--
Jean-Christophe Jaskula



Bug#861363: poppler-data: Identity-UTF16-H is missing from package

2017-04-27 Thread Mike Palmer
Package: poppler-data
Version: 0.4.7-1
Severity: normal

Dear Maintainer,

It appears that Identity-UTF16-H is missing from the CMaps in the Debian and
Ubuntu poppler-data packages.

https://packages.debian.org/sid/all/poppler-data/filelist

Redhat had the same problem with after a poppler-data cleanup.
https://bugzilla.redhat.com/show_bug.cgi?id=842351#c16


-- System Information:
Debian Release: 8.7
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages poppler-data depends on:
ii  dpkg  1.17.27

poppler-data recommends no packages.

Versions of packages poppler-data suggests:
pn  fonts-arphic-ukai 
pn  fonts-arphic-uming
pn  fonts-japanese-gothic | fonts-ipafont-gothic  
pn  fonts-japanese-mincho | fonts-ipafont-mincho  
pn  fonts-nanum   
ii  ghostscript   9.06~dfsg-2+deb8u4
pn  poppler-utils 

-- no debconf information



Bug#861333: r-base: R packages uploaded to Debian before 14 April 2017 that use .C or .Fortran fail to find objects

2017-04-27 Thread Dirk Eddelbuettel

On 28 April 2017 at 00:31, Johannes Ranke wrote:
| > | Packages compiled locally can simply be rebuilt using
| > | 
| > |   update.packages(lib.loc="/usr/local/lib/R/site-library",
| > |   checkBuilt=TRUE)
| > | 
| > | However the packages provided by Debian packages are installed in a
| > | directory only writable by privileged users.
| > 
| > That's irrelevant. You also need to be "privileged" to install a .deb
| > package.
| 
| Not quite irrelevant, as it was recommended on r-help to Göran, who first 
| reported this for Debian, to just use
| 
| update.packages(checkBuilt=TRUE)
| 
| which tries to reinstall also the packages in /usr/lib/R/site-library, which 
| should be left to the Debian package management.

We can split hairs as to whether it is irrelevant, plain wrong or uninformed.

It ignores that users should never write where packages write!  So on a
Debian or Ubuntu system you should NEVER EVER run

   update.packages(checkBuilt=TRUE)

because it would mess up your package install and local install.

What you could do, and which is currently running on my at-work workstation is

   update.packages(lib.loc="/usr/local/lib/R/site-library", ask=FALSE, 
checkBuilt=TRUE)

which updates you local packages.

Dirk

-- 
http://dirk.eddelbuettel.com | @eddelbuettel | e...@debian.org



Bug#856571: chromium: Conflicts with Avahi over port 5353

2017-04-27 Thread Sam Morris
On Wed, Apr 26, 2017 at 11:38:30PM -0400, Michael Gilbert wrote:
> I am not able to reproduce this with the current version.  Do you have
> any extensions installed?

I think this is . I
haven't actually noticed it causing any problems other than the message
logged by avahi, but I don't make extensive use of mDNS.

Truth be told, I don't see how both avahi and chromium are able to open
UDP sockets with the same address...

-- 
Sam Morris 
PGP: rsa4096/CAAA AA1A CA69 A83A 892B  1855 D20B 4202 5CDA 27B9



Bug#861362: src:jsusfx: unnecessary versioned b-d on php7.0-cli?

2017-04-27 Thread Nishanth Aravamudan
Source: jsusfx
Severity: minor

Dear Maintainer,

While not critical, the line in d/control

php7.0-cli [amd64] | php-cli [amd64],

seems unnecessary? That is, can't it just be php-cli?

Thanks,
Nish

-- 
Nishanth Aravamudan
Ubuntu Server
Canonical Ltd



Bug#861361: ruby-riddle: update build-depend to unversioned php-cli

2017-04-27 Thread Nishanth Aravamudan
Package: ruby-riddle
Version: 1.5.12-4
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu artful ubuntu-patch

Dear Maintainer,

Ubuntu 17.10 (and eventually Debian) are switching the default PHP to
7.1. To that end, it is better to depend on the php-cli metapackage,
unless explicit version-specific dependencies exist (for the CLI this
seems unlikely).

In Ubuntu, the attached patch was applied to achieve the following:


  * d/control: change b-d from php7.0 to php-cli, as there is no
specific need for PHP7.0.


Thanks for considering the patch.

*** /tmp/tmpOL60I7/ruby-riddle_1.5.12-4ubuntu1.debdiff
diff -Nru ruby-riddle-1.5.12/debian/control ruby-riddle-1.5.12/debian/control
--- ruby-riddle-1.5.12/debian/control   2017-01-04 00:34:26.0 -0800
+++ ruby-riddle-1.5.12/debian/control   2017-04-27 16:29:30.0 -0700
@@ -6,7 +6,7 @@
 Build-Depends: debhelper (>= 10~),
default-mysql-server | virtual-mysql-server,
gem2deb,
-   php7.0-cli,
+   php-cli,
procps,
rake,
ruby-mysql2,


-- System Information:
Debian Release: stretch/sid
  APT prefers zesty-updates
  APT policy: (500, 'zesty-updates'), (500, 'zesty-security'), (500, 'zesty')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.10.0-20-generic (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-- 
Nishanth Aravamudan
Ubuntu Server
Canonical Ltd



Bug#861360: tsmarty2c: update dependency to php-cli

2017-04-27 Thread Nishanth Aravamudan
Package: smarty-gettext
Version: 1.5.0-2
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu artful ubuntu-patch

Dear Maintainer,

As Ubuntu is transitioning to PHP7.1 in 17.10, we have applied the
following patch. I believe Debian will want to do something similar so
as to always depend on the current php-cli binary package, rather than a
specific PHP7.x version.

In Ubuntu, the attached patch was applied to achieve the following:


  * debian/control:
+ Update dependency to be php-cli, as it does not depend on PHP7.0
  functionality.


Thanks for considering the patch.

*** /tmp/tmpCKu12w/smarty-gettext_1.5.0-2ubuntu1.debdiff
diff -Nru smarty-gettext-1.5.0/debian/control 
smarty-gettext-1.5.0/debian/control
--- smarty-gettext-1.5.0/debian/control 2016-12-06 07:44:48.0 -0800
+++ smarty-gettext-1.5.0/debian/control 2017-04-27 16:22:56.0 -0700
@@ -28,7 +28,7 @@
 Package: tsmarty2c
 Architecture: all
 Depends: ${misc:Depends},
- php7.0-cli,
+ php-cli,
 Breaks: smarty-gettext (<< 1.5.0-1~),
 Replaces: smarty-gettext (<< 1.5.0-1~),
 Description: Smarty Gettext's translation string ripper


-- System Information:
Debian Release: stretch/sid
  APT prefers zesty-updates
  APT policy: (500, 'zesty-updates'), (500, 'zesty-security'), (500, 'zesty')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.10.0-20-generic (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-- 
Nishanth Aravamudan
Ubuntu Server
Canonical Ltd



Bug#861175: [Python-modules-team] Bug#861175: cairocffi: Please drop Build-Depends and Recommends on xcffib

2017-04-27 Thread Sandro Tosi
Hey Jean-Christophe,
do you have time to work on this or would you be ok with me having a
look at fixing it?

thanks!

On Tue, Apr 25, 2017 at 8:44 AM, Niels Thykier  wrote:
> Source: cairocffi
> Version: 0.7.2-1
> Severity: grave
> Justification: stretch-is-blocker / Depends on Source that FTBFS
>
> Hi,
>
> We have unfortunately learned that we cannot compile xcffib (neither
> in unstable nor in stretch).  Fixing it requires changes to more than
> one package and none of these changes are trivial.
>
> The easiest solution for stretch appears to be to have cairocffi drop
> its Build-Depends and Recommends on binaries built from xcffib and
> lose the optional features provided by that.
>
> Thanks,
> ~Niels
>
> ___
> Python-modules-team mailing list
> python-modules-t...@lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/python-modules-team



-- 
Sandro "morph" Tosi
My website: http://sandrotosi.me/
Me at Debian: http://wiki.debian.org/SandroTosi
G+: https://plus.google.com/u/0/+SandroTosi



Bug#861125: ITP: elpa-writegood-mode -- Minor mode for Emacs to improve English writing

2017-04-27 Thread Sean Whitton
On Thu, Apr 27, 2017 at 05:23:45PM -0400, Nicholas D Steeves wrote:
> Thank you for mentoring me to err on the side of caution :-) As a
> rule, for Debian, is it most correct that the embedded version in the
> headers be patched to reflect x.y.z tag, even if upstream only updates
> the header version for x.y?  Also, to make this stranger yet, the
> MELPA uses date-based snapshot versioning. eg: 20160802.1405
> 
> https://melpa.org/#/writegood-mode

It shouldn't be patched to add a minor version.  This is because other
ELPA package authors won't include this in their versioned
dependencies.

> I fixed this as a team upload, and pushed the changes.
> The package is also available here:
> 
> https://mentors.debian.net/package/helm
> dget -x https://mentors.debian.net/debian/pool/main/h/helm/helm_2.5.0-2.dsc
> 
> I only tested that it built and installed without error because I'm
> not familiar with helm.

Thanks for the fix -- though this would need to go to experimental due
to the freeze.

-- 
Sean Whitton


signature.asc
Description: PGP signature


Bug#852040: jessie-pu: package ca-certificates/20141019+deb8u3

2017-04-27 Thread Andreas Beckmann
Control: tag -1 - moreinfo

On 2017-01-23 20:57, Michael Shuler wrote:
> Thanks for the follow up. I'll get this fixed and resubmit a new debdiff
> for stable update.

Attached is the combined debdiff of the commits backported by Michael
and me. I verified in piuparts that "running update-certificates without
hooks initially" now actually works as intended.


Andreas


ca-certificates_20141019+deb8u3.dsc.diff
Description: application/pgp-keys


Bug#861300: cdrom-detect: Please merge changes from Ubuntu

2017-04-27 Thread Cyril Brulebois
Balint Reczey  (2017-04-27):
> Package: cdrom-detect
> Version: 1.67
> Severity: wishlist
> Tags: d-i patch
> 
> Dear Maintainers,
> 
> Please merge changes from the delta carried by Ubuntu:

While I'm fine with the idea of merging things from Ubuntu, putting a
huge code dump in a single bug report is probably not the best way to
go…


KiBi.


signature.asc
Description: Digital signature


Bug#861237: main-menu: Please show "Ubuntu installer ..." on ubuntu

2017-04-27 Thread Cyril Brulebois
Control: reassign -1 main-menu 1.51

Balint Reczey  (2017-04-26):
> Package: debian-installer
> Severity: wishlist
> Version: 1.51

Fixing package.

> Please show "Ubuntu installer ..." or the localized string when
> building the package for Ubuntu.
> Please find the attached patches solving this.

Thanks for forwarding this. Probably not going to consider this during a
late stage of the freeze though.

> Maybe Debian could provide the localized strings. In that case please
> update the patch, too, to still apply

I'm not sure it's OK to put extra work on Debian translators for Ubuntu
specific strings. Keeping the Ubuntu specific patch around in master is
probably OK though.


KiBi.


signature.asc
Description: Digital signature


Bug#861333: r-base: R packages uploaded to Debian before 14 April 2017 that use .C or .Fortran fail to find objects

2017-04-27 Thread Johannes Ranke
> | Packages compiled locally can simply be rebuilt using
> | 
> |   update.packages(lib.loc="/usr/local/lib/R/site-library",
> |   checkBuilt=TRUE)
> | 
> | However the packages provided by Debian packages are installed in a
> | directory only writable by privileged users.
> 
> That's irrelevant. You also need to be "privileged" to install a .deb
> package.

Not quite irrelevant, as it was recommended on r-help to Göran, who first 
reported this for Debian, to just use

   update.packages(checkBuilt=TRUE)

which tries to reinstall also the packages in /usr/lib/R/site-library, which 
should be left to the Debian package management.



Bug#860082: xfce4-equake-plugin: Display quake history

2017-04-27 Thread Jeroen van Aart

Hello Stephan,

On 04/24/2017 03:35 AM, Stephan Seitz wrote:

On Fr, Apr 21, 2017 at 01:07:12 -0700, Jeroen van Aart wrote:

I believe the feature you requested already is present, more or less.
If you right click on the plugin you will find menu options to display
earthquakes of the last hour, day and week.


Yes, more less than more, I’m afraid. This will open a new window and,
as far as I can see, the content will not automatically refresh.


If you mean a (configurable) history in the panel itself. I believe


Yes, that’s what I mean.


that may fall out of the scope of a simple panel plugin. It would make
the plugin more complex than necessary or desired.


I’m not sure why you think this feature would be out of the scope of a
panel plugin.
There are other panel plugins like the weather plugin that are more
complicated (at least I think so).


I see what you mean, the weather plugin has an animated feature which 
shows various lines of weather related info successively which animate 
in and out of view. That may have some merit and could be a nice 
improvement. This request would be more appropriate for a feature 
request upstream (which is me as well).


There are a couple of other feature requests for a new release and I 
will add this one as well. If and when it gets incorporated it will not 
be part of the upcoming debian stable release since it is currently frozen.


Thank you,
Jeroen



Bug#860276: jessie-pu: package glibc/2.19-18+deb8u8

2017-04-27 Thread Aurelien Jarno
On 2017-04-27 22:58, Aurelien Jarno wrote:
> On 2017-04-23 21:18, Adam D. Barratt wrote:
> > On Thu, 2017-04-13 at 23:19 +0200, Aurelien Jarno wrote:
> > > I would like to upload a new glibc package for the next jessie release.
> > > Here is the changelog with some additional comment:
> > > 
> > >   * Update from upstream stable branch:
> > > - Fix PowerPC sqrt inaccuracy.  Closes: #855606.
> > > 
> > > This fixes a regression introduced in glibc 2.19-18+deb8u7, which
> > > slightly lower the precision of the sqrt function on PowerPC. This
> > > notably causes failures in the postgresql testsuite. This code is
> > > already present in stretch/sid.
> > > 
> > >   * patches/any/cvs-resolv-internal-qtype.diff: patch from upstream to 
> > > fix a
> > > NULL pointer dereference in libresolv when receiving a T_UNSPEC 
> > > internal
> > > QTYPE (CVE-2015-5180).  Closes: #796106.
> > > 
> > > This is a long standing security issue that has been fixed recently.
> > > It basically change the value of a constant so that it can't only be
> > > generated internally. The patch is already present in stretch/sid.
> > 
> > While I doubt that either of the above should have any noticeable effect
> > on the installer, I'd appreciate a d-i ack in any case; CCing.
> 
> As said on IRC, I have been pointed that the second patch actually
> breaks the breaks libnss/libnss-dns ABI. This means that the resolver
> might not work correctly if all the binaries using libnss are restarted.
> The same way there might be an issue on the d-i side if the libc in d-i
> and libnss-dns-udeb are out of sync.
> 
> Therefore I'll do a new upload without the patch fixing CVE-2015-5180,
> leaving only the PowerPC fix. That should be either today or tomorrow.
> 
> Sorry about this complication.

I have just uploaded glibc_2.19-18+deb8u9.

Regards,
Aurelien

-- 
Aurelien Jarno  GPG: 4096R/1DDD8C9B
aurel...@aurel32.net http://www.aurel32.net


signature.asc
Description: PGP signature


Bug#861358: bind9: geoip_acl patch "temporarily" droped a year ago. is there a chance to bring it back?

2017-04-27 Thread Rushan
Package: bind9
Version: 1:9.10.3.dfsg.P4-12.2
Severity: normal
Tags: upstream

Dear Maintainer,

According to changelog[1] geoip_acl patch was temporarily dropped while the 
evaluation of 
the upstream geoip changes is in place. The note was left around a year ago 
(Feb 2016).

It looks like the patch still is not available in testing. During
upgrade of test system bind9 stopped working as in my configuration
geoip patch plays an important role.

This is what I get as status message:

Apr 26 20:25:19 debian named[25023]: loading configuration from 
'/etc/bind/named.conf'
Apr 26 20:25:19 debian named[25023]: /etc/bind/named.conf:12: undefined ACL 
'country_CA'

   
Apr 26 20:25:19 debian named[25023]: /etc/bind/named.conf:17: undefined ACL 
'country_MY'

   
Apr 26 20:25:19 debian named[25023]: loading configuration: failure 

   
Apr 26 20:25:19 debian named[25023]: exiting (due to fatal error)

Where problematic part of named conf looks this way:
view "americas" {
match-clients { country_CA; country_US; country_AG; country_AI;
<.. some more countries ..>
country_MQ; country_SR; country_UY; country_AN; };
include "/etc/bind/named.default.zone.conf";
include "/etc/bind/named.america.zone.conf";
};

After downgrading bind to stable version 1:9.9.5.dfsg-9+deb8u10
everything works like a charm (with no changes in configuration).

Is there any plans to include geoip patch back to the package?

[1]: 
http://metadata.ftp-master.debian.org/changelogs/main/b/bind9/bind9_9.10.3.dfsg.P4-12.2_changelog


--
Kind regards,
Rushan.

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable')
Architecture: amd64
 (x86_64)

Kernel: Linux 4.9.7-x86_64-linode80 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages bind9 depends on:
ii  adduser3.115
ii  bind9utils 1:9.10.3.dfsg.P4-12.2
ii  debconf [debconf-2.0]  1.5.60
ii  init-system-helpers1.47
pn  libbind9-90
ii  libc6  2.24-10
ii  libcap21:2.25-1
ii  libcomerr2 1.43.4-2
pn  libdns100  
ii  libgssapi-krb5-2   1.15-1
pn  libisc95   
pn  libisccc90 
pn  libisccfg90
ii  libk5crypto3   1.15-1
ii  libkrb5-3  1.15-1
pn  liblwres90 
ii  libssl1.0.01.0.1t-1+deb8u5
ii  libxml22.9.4+dfsg1-2.2
ii  lsb-base   9.20161125
ii  net-tools  1.60+git20161116.90da8a0-1
ii  netbase5.4

bind9 recommends no packages.

Versions of packages bind9 suggests:
pn  bind9-doc   
ii  dnsutils1:9.10.3.dfsg.P4-12.2
pn  resolvconf  
pn  ufw 

-- Configuration Files:
/etc/bind/named.conf changed [not included]

-- debconf information excluded



Bug#861134: slim: Reloads automatically and queries login-prompt after running window manager for some (a short) time

2017-04-27 Thread Samuel Hym
>   Could this be linked with the session I launch?

On second thoughts, this does not make much sense, since slim and X
got killed even without logging in. Unless it is due to a missing
dependency in a minimalist setting.

Best regards,
Samuel



Bug#861357: apt: Mirror load spikes in 6..7am time span

2017-04-27 Thread Julian Andres Klode
Package: apt
Version: 1.4.1
Severity: important

In 1.4.1 we reduced the time where the daily apt script
runs to 6..7am in order to prevent unattended-upgrades
from running during the day.

This has the side effect of causing a lot of load on
mirrors at the same time if the script is enabled. We
are currently in the process of splitting the timer
into two, so we can distribute the update load over
the day, and keep the upgrades in the morning.

For more details, see
 https://bugs.launchpad.net/bugs/1686470
 https://lists.freedesktop.org/archives/systemd-devel/2017-April/038772.html

-- 
Debian Developer - deb.li/jak | jak-linux.org - free software dev
  |  Ubuntu Core Developer |
When replying, only quote what is necessary, and write each reply
directly below the part(s) it pertains to ('inline').  Thank you.



Bug#801564: squid: prompting due to modified conffiles which were not modified by the user: /etc/squid/squid.conf

2017-04-27 Thread Andreas Beckmann
Followup-For: Bug #801564
Control: found -1 3.5.23-2
Control: tag -1 + patch

Hi,

the way the fix was implemented has a small issue: it retains even an
unmodified configuration file from squid 2.7. This is no problem now,
but it will make the error show up again the next time the shipped
squid.conf changes (perhaps in buster). For now just debsums reports
that the configuration files are modified.

I'm attaching a patch that I tested in my piuparts instance and it
successfully solved the issue on upgrade paths starting from both
wheezy and lenny.
In the postinst compare the md5sum of squid.conf.pre3.5_upgrade to the
known shipped squid from squeeze/wheezy (first sum) and lenny (second
sum) and delete it if matched.
The else branch should be indented for better readability, I skipped
that in order to show that no changes are needed there.

Maybe this check should be performed in the preinst instead, and have
dpkg ask about the modified configuration file if there is a 2.7 config
with user modifications, but doing this and the neccessary rollback code
is much more complicated and error prone, and harder to test.


Andreas
diff -Nru squid3-3.5.23/debian/squid.postinst squid3-3.5.23/debian/squid.postinst
--- squid3-3.5.23/debian/squid.postinst	2017-04-08 02:03:35.0 +0200
+++ squid3-3.5.23/debian/squid.postinst	2017-04-27 22:25:42.0 +0200
@@ -60,7 +60,13 @@
 		# Use '< 2.8' version to catch backports and security versions >2.7.
 		#
 		if dpkg --compare-versions "$2" lt '2.8' && test -f /etc/squid/squid.conf.pre3.5_upgrade; then
-
+			md5pre35=$(md5sum /etc/squid/squid.conf.pre3.5_upgrade | awk '{ print $1 }')
+			if [ "$md5pre35" = "6d674d5f9842b50a2c691a135007c804" ] || \
+[ "$md5pre35" = "5d85f7dce9a84082e23a656b3cb0c984" ]; then
+# The old configuration file was unchanged from the version shipped
+# with squid 2.7, keep the new one in place and delete the old one.
+rm -f /etc/squid/squid.conf.pre3.5_upgrade
+			else
 			#
 			# Our special 2.x protection left squid.conf absent,
 			# so the new package installing put its own there.
@@ -72,6 +78,7 @@
 			# Restore the old user file as main squid.conf
 			#
 			mv /etc/squid/squid.conf.pre3.5_upgrade /etc/squid/squid.conf
+			fi
 		fi
 		#
 		# Chown the directories.


Bug#861356: gnome-session: inability to shutdown computer via GUI button

2017-04-27 Thread Nikita Glukhov
Package: gnome-session
Version: 3.22.3-1
Severity: important

Bug in details:
When I try to shutdown my PC following trivial way (by clicking on
power symbol in the top panel), black screen appears with flashing console-like
cursor and nothing happens after (LEDs glow, fans work and so on) that.

There is what I found in /var/log/messages (copy-paste of the last minute of
active state before I performed a hard power-off):

Apr 27 04:24:52 Meerthu gnome-session[5974]: gnome-session-binary[5974]: GLib-
GObject-CRITICAL: g_object_unref: assertion 'G_IS_OBJECT (object)' failed
Apr 27 04:24:52 Meerthu gnome-session[5974]: gnome-session-binary[5974]: GLib-
GObject-CRITICAL: g_object_unref: assertion 'G_IS_OBJECT (object)' failed
Apr 27 04:24:52 Meerthu gnome-session[5974]: gnome-session-binary[5974]: GLib-
GObject-CRITICAL: g_object_unref: assertion 'G_IS_OBJECT (object)' failed
Apr 27 04:24:52 Meerthu gnome-session[5974]: gnome-session-binary[5974]: GLib-
GObject-CRITICAL: g_object_unref: assertion 'G_IS_OBJECT (object)' failed
Apr 27 04:24:52 Meerthu gnome-session[5974]: gnome-session-binary[5974]: GLib-
GObject-CRITICAL: g_object_unref: assertion 'G_IS_OBJECT (object)' failed
Apr 27 04:24:56 Meerthu gnome-session-binary[5974]: Entering running state
Apr 27 04:24:56 Meerthu gnome-shell[6048]: JS LOG: Ignored exception from dbus
method: Gio.IOErrorEnum:
GDBus.Error:org.gtk.GDBus.UnmappedGError.Quark._g_2dio_2derror_2dquark.Code19:
Действие было отменено
Apr 27 04:25:09 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (**) Option "fd"
"37"
Apr 27 04:25:09 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (**) Option "fd"
"40"
Apr 27 04:25:09 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (**) Option "fd"
"41"
Apr 27 04:25:09 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (**) Option "fd"
"42"
Apr 27 04:25:09 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (**) Option "fd"
"43"
Apr 27 04:25:09 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (**) Option "fd"
"44"
Apr 27 04:25:09 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (**) Option "fd"
"45"
Apr 27 04:25:09 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (**) Option "fd"
"46"
Apr 27 04:25:09 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (**) Option "fd"
"43"
Apr 27 04:25:09 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (**) Option "fd"
"46"
Apr 27 04:25:09 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (II) systemd-logind:
got pause for 13:67
Apr 27 04:25:09 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (II) systemd-logind:
got pause for 13:65
Apr 27 04:25:09 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (II) systemd-logind:
got pause for 13:66
Apr 27 04:25:09 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (II) systemd-logind:
got pause for 13:69
Apr 27 04:25:09 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (II) systemd-logind:
got pause for 226:1
Apr 27 04:25:09 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (II) systemd-logind:
got pause for 13:70
Apr 27 04:25:09 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (II) systemd-logind:
got pause for 13:64
Apr 27 04:25:09 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (II) systemd-logind:
got pause for 13:72
Apr 27 04:25:09 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (II) systemd-logind:
got pause for 13:68
Apr 27 04:25:09 Meerthu kernel: [27564.400221] snd_hda_codec_hdmi hdaudioC2D0:
HDMI: invalid ELD data byte 0
Apr 27 04:25:12 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (II) systemd-logind:
got resume for 13:67
Apr 27 04:25:12 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (II) systemd-logind:
got resume for 13:65
Apr 27 04:25:12 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (II) systemd-logind:
got resume for 13:66
Apr 27 04:25:12 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (II) systemd-logind:
got resume for 13:69
Apr 27 04:25:12 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (II) systemd-logind:
got resume for 226:1
Apr 27 04:25:12 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (--) NVIDIA(GPU-0):
CRT-0: disconnected
Apr 27 04:25:12 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (--) NVIDIA(GPU-0):
CRT-0: 400.0 MHz maximum pixel clock
Apr 27 04:25:12 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (--) NVIDIA(GPU-0):
Apr 27 04:25:12 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (--) NVIDIA(GPU-0):
DFP-0: disconnected
Apr 27 04:25:12 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (--) NVIDIA(GPU-0):
DFP-0: Internal TMDS
Apr 27 04:25:12 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (--) NVIDIA(GPU-0):
DFP-0: 330.0 MHz maximum pixel clock
Apr 27 04:25:12 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (--) NVIDIA(GPU-0):
Apr 27 04:25:12 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (--) NVIDIA(GPU-0):
DFP-1: disconnected
Apr 27 04:25:12 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (--) NVIDIA(GPU-0):
DFP-1: Internal TMDS
Apr 27 04:25:12 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (--) NVIDIA(GPU-0):
DFP-1: 165.0 MHz maximum pixel clock
Apr 27 04:25:12 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (--) NVIDIA(GPU-0):
Apr 27 04:25:12 Meerthu /usr/lib/gdm3/gdm-x-session[5965]: (--) NVIDIA(GPU-0):
DFP-2: disconnected
Apr 27 04:25:

Bug#860515: Many translations missing in french KDE lang packages while we're close to release

2017-04-27 Thread Pino Toscano
In data giovedì 27 aprile 2017 22:30:43 CEST, Julien Aubin ha scritto:
> >
> >
> >
> > > This is why to me this bug is a showstopper for release, as
> > > there are many French Debian users around (incl. Africa and Quebec) and
> > > such an issue makes UX issue look... amateurish.
> >
> > This is still not a reason to make this bug "grave" from the beginning,
> > with only generic and unhelpful instructions on *where* to find the
> > issue.
> >
> > For the rest of the details, see my other email.
> >
> > > For apps with full untranslated sections, adding the files I below would
> > > solve the issue.
> >
> > Not really, no. This list has no utility, other than "some things where
> > not translated to French in software currently packaged in Debian".
> >
> 
> Okay I understand. Now it would be really great to include them before
> release.

Include what?

-- 
Pino Toscano

signature.asc
Description: This is a digitally signed message part.


Bug#861125: ITP: elpa-writegood-mode -- Minor mode for Emacs to improve English writing

2017-04-27 Thread Nicholas D Steeves
Hi Sean,

On Thu, Apr 27, 2017 at 01:36:10PM -0700, Sean Whitton wrote:
> Hello Nicholas,
> 
> On Wed, Apr 26, 2017 at 09:22:23PM -0400, Nicholas Steeves wrote:
> > The questions we need help with are at 2. and especially 4.
> 
> Okay -- I'll answer those.
> 
> > >  2. that version patch - really necessary? if upstream screwed up their
> > > versioning, it's kind of their problem no? since it's just a
> > > cosmetic change, I would avoid it, personnally.
> > 
> > Is it just a cosmetic change?
> 
> Nicholas is right.  It's not just a cosmetic change.  It's important
> that ELPA package versions match Debian package versions.

Thank you for mentoring me to err on the side of caution :-) As a
rule, for Debian, is it most correct that the embedded version in the
headers be patched to reflect x.y.z tag, even if upstream only updates
the header version for x.y?  Also, to make this stranger yet, the
MELPA uses date-based snapshot versioning. eg: 20160802.1405

https://melpa.org/#/writegood-mode

> In addition to enabling users to mix package.el packages and Debian
> elpa-* packages, it ensures that Emacs has the right information to tell
> whether versioned ELPA dependencies are satisfied.  Otherwise it can
> refuse to load packages/try to download new versions from MELPA.
> 
> > >  4. picking a random elpa package (elpa-helm), i notice it depends on
> > > "emacs" while yours depend on "emacs-common" - why? and why the
> > > versioned dependencies?
> > >
> > > 
> > > https://anonscm.debian.org/git/pkg-emacsen/pkg/helm.git/tree/debian/control
> > 
> > My best guess is it's the difference between a package converted to
> > elpa vs a package created with dh-make-elpa, and I Sean has reasons
> > for generating versioned dependencies by default.  This is actually
> > one of the reasons I was paranoid about 2. ;-)
> 
> That's a bug in elpa-helm.  It should be emacsen-common.  See the Debian
> Emacs policy.

I fixed this as a team upload, and pushed the changes.
The package is also available here:

https://mentors.debian.net/package/helm
dget -x https://mentors.debian.net/debian/pool/main/h/helm/helm_2.5.0-2.dsc

I only tested that it built and installed without error because I'm
not familiar with helm.

Cheers,
Nicholas


signature.asc
Description: Digital signature


Bug#861134: slim: Reloads automatically and queries login-prompt after running window manager for some (a short) time

2017-04-27 Thread Samuel Hym
Hi Mateusz,

>   I need more informations about this bug, I can't confirm that on my
>   configuration.
>   
>   Have you something specific on start splash or plymouth?

No, I don’t use plymouth.

I ran into this bug very reliably.
Could this be linked with the session I launch?
I have a .Xsession script, not launching any big desktop environment,
ending up calling the xmonad window manager.

Best regards,
Samuel



Bug#861199: ceilometer-api systemd service fails to start

2017-04-27 Thread Valentin Vidic
On Thu, Apr 27, 2017 at 10:45:09PM +0200, Thomas Goirand wrote:
> Probably. Though that's not helpful for me, the maintainer. *I* need to
> reproduce the issue. Otherwise, you need to send a patch.

The patch was attached in the initial report.  Can you send what this
command produces on your side?

# ceilometer-api --config-file=/etc/ceilometer/ceilometer.conf 
--log-file=/var/log/ceilometer/ceilometer-api.log
usage: ceilometer-api [-h] [--port PORT] -- [passed options]
ceilometer-api: error: unrecognized arguments: 
--config-file=/etc/ceilometer/ceilometer.conf 
--log-file=/var/log/ceilometer/ceilometer-api.log

This is with ceilometer-api 1:7.0.1-4 on unstable now.

-- 
Valentin



Bug#861280: ***SPAM*** Re: Bug#861280: jessie-pu: package caja/1.8.2-3+deb8u2

2017-04-27 Thread Pablo Barciela

Hmmm, having tagged the bugs below as pending in a commit with the
message "upload to jessie-pu" before even filing the p-u bug seems
rather premature.


Sorry, I am newbie, I will be careful next time


1) Fix: open new window with tree view in side panel (Closes: #851523).

In the side pane, with tree view, right click in a item, click in "open 
in new window".

-without the patch, it shows in the same window
-with the patch, as expected, it open new window

2) Don't crash on toggling "Show hidden and backup files" (Closes: 
#797723).


easy to reproduce with gdb
edit -> preferences -> show hidden and backup files
caja crashes randomly activating/deactivating the checkbox


3) Allow the user to drag'n'drop files into the bookmark section. 
(Closes: #786395).


We can dran'n'drop files to everywhere in the side pane except 
bookmarks, this is the fix to work too with bookmarks


4) Filename font color now gets picked up from theme correctly for all 
themes. (Closes: #770760).



The above bug is filed as minor severity. In fact, the highest severity
of any of them is currently "normal". Is that correct?


yes, it was reported as severity minor, but the font color black in dark 
themes is erroneous, and the patch fixes it.




Bug#860276: jessie-pu: package glibc/2.19-18+deb8u8

2017-04-27 Thread Aurelien Jarno
On 2017-04-23 21:18, Adam D. Barratt wrote:
> On Thu, 2017-04-13 at 23:19 +0200, Aurelien Jarno wrote:
> > I would like to upload a new glibc package for the next jessie release.
> > Here is the changelog with some additional comment:
> > 
> >   * Update from upstream stable branch:
> > - Fix PowerPC sqrt inaccuracy.  Closes: #855606.
> > 
> > This fixes a regression introduced in glibc 2.19-18+deb8u7, which
> > slightly lower the precision of the sqrt function on PowerPC. This
> > notably causes failures in the postgresql testsuite. This code is
> > already present in stretch/sid.
> > 
> >   * patches/any/cvs-resolv-internal-qtype.diff: patch from upstream to fix a
> > NULL pointer dereference in libresolv when receiving a T_UNSPEC internal
> > QTYPE (CVE-2015-5180).  Closes: #796106.
> > 
> > This is a long standing security issue that has been fixed recently.
> > It basically change the value of a constant so that it can't only be
> > generated internally. The patch is already present in stretch/sid.
> 
> While I doubt that either of the above should have any noticeable effect
> on the installer, I'd appreciate a d-i ack in any case; CCing.

As said on IRC, I have been pointed that the second patch actually
breaks the breaks libnss/libnss-dns ABI. This means that the resolver
might not work correctly if all the binaries using libnss are restarted.
The same way there might be an issue on the d-i side if the libc in d-i
and libnss-dns-udeb are out of sync.

Therefore I'll do a new upload without the patch fixing CVE-2015-5180,
leaving only the PowerPC fix. That should be either today or tomorrow.

Sorry about this complication.

Regards,
Aurelien

-- 
Aurelien Jarno  GPG: 4096R/1DDD8C9B
aurel...@aurel32.net http://www.aurel32.net


signature.asc
Description: PGP signature


Bug#860515: Many translations missing in french KDE lang packages while we're close to release

2017-04-27 Thread Julien Aubin
>
>
>
> > This is why to me this bug is a showstopper for release, as
> > there are many French Debian users around (incl. Africa and Quebec) and
> > such an issue makes UX issue look... amateurish.
>
> This is still not a reason to make this bug "grave" from the beginning,
> with only generic and unhelpful instructions on *where* to find the
> issue.
>
> For the rest of the details, see my other email.
>
> > For apps with full untranslated sections, adding the files I below would
> > solve the issue.
>
> Not really, no. This list has no utility, other than "some things where
> not translated to French in software currently packaged in Debian".
>

Okay I understand. Now it would be really great to include them before
release.

>
> --
> Pino Toscano


debian-bugs-dist@lists.debian.org

2017-04-27 Thread Guus Sliepen
Package: dash
Version: 0.5.8-2.4
Severity: normal

When trying to redirect output to a filedescriptor contained in an
environment variable, but if that variable is empty, dash crashes with a
segmentation fault. To reproduce, run the following:

echo test >&$EMPTY_VARIABLE

-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (1001, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/12 CPU cores)
Locale: LANG=nl_NL.utf8, LC_CTYPE=nl_NL.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages dash depends on:
ii  debianutils  4.8.1.1
ii  dpkg 1.18.23
ii  libc62.24-10

dash recommends no packages.

dash suggests no packages.

-- debconf information:
* dash/sh: true



Bug#861355: unblock: golang-google-cloud/0.5.0-2

2017-04-27 Thread Dr. Tobias Quathamer

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package golang-google-cloud

The package FTBFS on 32 bit architectures (#860699), detected by Lucas
Nussbaum. I've just uploaded a fixed version.

unblock golang-google-cloud/0.5.0-2

Regards,
Tobias
diff -Nru golang-google-cloud-0.5.0/debian/changelog golang-google-cloud-0.5.0/debian/changelog
--- golang-google-cloud-0.5.0/debian/changelog	2016-12-16 19:32:29.0 +0100
+++ golang-google-cloud-0.5.0/debian/changelog	2017-04-27 22:30:57.0 +0200
@@ -1,3 +1,10 @@
+golang-google-cloud (0.5.0-2) unstable; urgency=medium
+
+  * Team upload.
+  * Fix FTBFS on 32 bit. (Closes: #860699)
+
+ -- Dr. Tobias Quathamer   Thu, 27 Apr 2017 22:30:57 +0200
+
 golang-google-cloud (0.5.0-1) unstable; urgency=medium
 
   * Start following upstream history (branch upstream-ng), using the new
diff -Nru golang-google-cloud-0.5.0/debian/patches/0004-Fix_FTBFS_on_32_bit.patch golang-google-cloud-0.5.0/debian/patches/0004-Fix_FTBFS_on_32_bit.patch
--- golang-google-cloud-0.5.0/debian/patches/0004-Fix_FTBFS_on_32_bit.patch	1970-01-01 01:00:00.0 +0100
+++ golang-google-cloud-0.5.0/debian/patches/0004-Fix_FTBFS_on_32_bit.patch	2017-04-27 22:27:12.0 +0200
@@ -0,0 +1,11 @@
+--- a/pubsub/endtoend_test.go
 b/pubsub/endtoend_test.go
+@@ -66,7 +66,7 @@
+ 		// Simulate time taken to process m, while continuing to process more messages.
+ 		go func() {
+ 			// Some messages will need to have their ack deadline extended due to this delay.
+-			delay := rand.Intn(int(ackDeadline * 3))
++			delay := rand.Int63n(int64(ackDeadline * 3))
+ 			time.After(time.Duration(delay))
+ 			m.Done(true)
+ 		}()
diff -Nru golang-google-cloud-0.5.0/debian/patches/series golang-google-cloud-0.5.0/debian/patches/series
--- golang-google-cloud-0.5.0/debian/patches/series	2016-12-16 19:32:29.0 +0100
+++ golang-google-cloud-0.5.0/debian/patches/series	2017-04-27 22:27:57.0 +0200
@@ -1,3 +1,4 @@
 0001-Bug#840311-fix-test-timeouts.patch
 0002-Failing_test.patch
 0003-Network_accessing_tests.patch
+0004-Fix_FTBFS_on_32_bit.patch


signature.asc
Description: OpenPGP digital signature


Bug#861352: RFS: dhelp/0.6.23 [QA] -- online help system

2017-04-27 Thread Gianfranco Costamagna
Hello,

>I found an unfortunate mistake in my previous patch for dhelp[1]. It 


happily sponsored after changing VCS-GIt field (removing cgit)

VCS-Git: https://anonscm.debian.org/git/collab-maint/dhelp.git


this is the correct version.

thanks for fixing it! (I sync'd it in Ubuntu and probably discovered that bug)

Unfortunately seems that (probably some fault on my side), this version is 
buggy on configure
or postinst

apache2-maintscript-helper invoked from a modified environment. Please hint 
required arguments manually
dpkg: error processing package dhelp (--configure):
subprocess installed post-installation script returned error exit status 1
Errors were encountered while processing:
dhelp
E: Sub-process /usr/bin/dpkg returned an error code (1)
locutus@Unimatrix04-Xenial:/tmp/dhelp-0.6.23 $ sudo apt-get -f  install
Reading package lists... Done
Building dependency tree 
Reading state information... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
1 not fully installed or removed.
After this operation, 0 B of additional disk space will be used.
Setting up dhelp (0.6.23) ...
Building HTML tree... done.
apache2-maintscript-helper invoked from a modified environment. Please hint 
required arguments manually
dpkg: error processing package dhelp (--configure):
subprocess installed post-installation script returned error exit status 1
Errors were encountered while processing:
dhelp


G.



Bug#861199: ceilometer-api systemd service fails to start

2017-04-27 Thread Thomas Goirand
On 04/26/2017 06:33 PM, Valentin Vidic wrote:
> On Wed, Apr 26, 2017 at 05:32:22PM +0200, Thomas Goirand wrote:
>> I just tried, and there's no problem for me. It just works as one would
>> expect. I wonder why you have this issue. Could you investigate?
> 
> The service seems to be running for a few seconds after install but
> than fails:
> 
> # systemctl status ceilometer-api.service
> ● ceilometer-api.service - OpenStack Ceilometer API
>Loaded: loaded (/lib/systemd/system/ceilometer-api.service; enabled; 
> vendor preset: enabled)
>Active: failed (Result: exit-code) since Wed 2017-04-26 18:29:45 CEST; 39s 
> ago
>   Process: 9509 ExecStart=/etc/init.d/ceilometer-api systemd-start 
> (code=exited, status=2)
>   Process: 9506 ExecStartPre=/bin/chown ceilometer:adm /var/log/ceilometer 
> (code=exited, status=0/SUCCESS)
>   Process: 9503 ExecStartPre=/bin/chown ceilometer:ceilometer 
> /var/lock/ceilometer /var/lib/ceilometer (code=exited, 
>   Process: 9501 ExecStartPre=/bin/mkdir -p /var/lock/ceilometer 
> /var/log/ceilometer /var/lib/ceilometer (code=exited,
>  Main PID: 9509 (code=exited, status=2)
>   CPU: 962ms
> 
> If I try running the failed command manually:
> 
> # /etc/init.d/ceilometer-api systemd-start
> usage: ceilometer-api [-h] [--port PORT] -- [passed options]
> ceilometer-api: error: unrecognized arguments: 
> --config-file=/etc/ceilometer/ceilometer.conf 
> --log-file=/var/log/ceilometer/ceilometer-api.log
> # echo $?
> 2
> 
> So this is totally reproducible on my side :)

Probably. Though that's not helpful for me, the maintainer. *I* need to
reproduce the issue. Otherwise, you need to send a patch.

Cheers,

Thomas Goirand (zigo)



Bug#860699: Pending fixes for bugs in the golang-google-cloud package

2017-04-27 Thread pkg-go-maintainers
tag 860699 + pending
thanks

Some bugs in the golang-google-cloud package are closed in revision
a3da766231743b9df31f7648dc098bd9d4cec6c5 in branch 'master' by Dr.
Tobias Quathamer

The full diff can be seen at
https://anonscm.debian.org/cgit/pkg-go/packages/golang-google-cloud.git/commit/?id=a3da766

Commit message:

Fix FTBFS on 32 bit.

Closes: #860699



Bug#861125: ITP: elpa-writegood-mode -- Minor mode for Emacs to improve English writing

2017-04-27 Thread Sean Whitton
Hello Nicholas,

On Wed, Apr 26, 2017 at 09:22:23PM -0400, Nicholas Steeves wrote:
> The questions we need help with are at 2. and especially 4.

Okay -- I'll answer those.

> >  2. that version patch - really necessary? if upstream screwed up their
> > versioning, it's kind of their problem no? since it's just a
> > cosmetic change, I would avoid it, personnally.
> 
> Is it just a cosmetic change?

Nicholas is right.  It's not just a cosmetic change.  It's important
that ELPA package versions match Debian package versions.

In addition to enabling users to mix package.el packages and Debian
elpa-* packages, it ensures that Emacs has the right information to tell
whether versioned ELPA dependencies are satisfied.  Otherwise it can
refuse to load packages/try to download new versions from MELPA.

> >  4. picking a random elpa package (elpa-helm), i notice it depends on
> > "emacs" while yours depend on "emacs-common" - why? and why the
> > versioned dependencies?
> >
> > 
> > https://anonscm.debian.org/git/pkg-emacsen/pkg/helm.git/tree/debian/control
> 
> My best guess is it's the difference between a package converted to
> elpa vs a package created with dh-make-elpa, and I Sean has reasons
> for generating versioned dependencies by default.  This is actually
> one of the reasons I was paranoid about 2. ;-)

That's a bug in elpa-helm.  It should be emacsen-common.  See the Debian
Emacs policy.

-- 
Sean Whitton


signature.asc
Description: PGP signature


Bug#861353: unblock: libhdf4/4.2.12-3

2017-04-27 Thread Bas Couwenberg
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package libhdf4

It fixes the upgrade issue reported in #861303.

unblock libhdf4/4.2.12-3

Kind Regards,

Bas
diff -Nru libhdf4-4.2.12/debian/changelog libhdf4-4.2.12/debian/changelog
--- libhdf4-4.2.12/debian/changelog 2017-04-03 14:28:06.0 +0200
+++ libhdf4-4.2.12/debian/changelog 2017-04-27 12:42:18.0 +0200
@@ -1,3 +1,12 @@
+libhdf4 (4.2.12-3) unstable; urgency=medium
+
+  * Team upload.
+  * Fix symlink to directory conversion that happened in squeeze.
+(closes: #861303)
+  * Update spelling-errors.patch to fix 'conversion' typo.
+
+ -- Bas Couwenberg   Thu, 27 Apr 2017 12:42:18 +0200
+
 libhdf4 (4.2.12-2) unstable; urgency=medium
 
   * Team upload.
diff -Nru libhdf4-4.2.12/debian/control libhdf4-4.2.12/debian/control
--- libhdf4-4.2.12/debian/control   2016-07-01 18:49:14.0 +0200
+++ libhdf4-4.2.12/debian/control   2017-04-27 11:53:33.0 +0200
@@ -148,6 +148,7 @@
 Architecture: any
 Depends: ${shlibs:Depends},
  ${misc:Depends}
+Pre-Depends: ${misc:Pre-Depends}
 Description: Hierarchical Data Format library -- runtime package
  HDF is a multi-object file format for storing and transferring
  graphical and numerical data mainly used in scientific computing. HDF
diff -Nru libhdf4-4.2.12/debian/control.in libhdf4-4.2.12/debian/control.in
--- libhdf4-4.2.12/debian/control.in2016-07-01 18:27:07.0 +0200
+++ libhdf4-4.2.12/debian/control.in2017-04-27 11:53:23.0 +0200
@@ -148,6 +148,7 @@
 Architecture: any
 Depends: ${shlibs:Depends},
  ${misc:Depends}
+Pre-Depends: ${misc:Pre-Depends}
 Description: Hierarchical Data Format library -- runtime package
  HDF is a multi-object file format for storing and transferring
  graphical and numerical data mainly used in scientific computing. HDF
diff -Nru libhdf4-4.2.12/debian/hdf4-tools.maintscript 
libhdf4-4.2.12/debian/hdf4-tools.maintscript
--- libhdf4-4.2.12/debian/hdf4-tools.maintscript1970-01-01 
01:00:00.0 +0100
+++ libhdf4-4.2.12/debian/hdf4-tools.maintscript2017-04-27 
11:52:31.0 +0200
@@ -0,0 +1 @@
+symlink_to_dir /usr/share/doc/hdf4-tools libhdf4g 4.2.12-3~
diff -Nru libhdf4-4.2.12/debian/patches/spelling-errors.patch 
libhdf4-4.2.12/debian/patches/spelling-errors.patch
--- libhdf4-4.2.12/debian/patches/spelling-errors.patch 2016-06-30 
21:00:12.0 +0200
+++ libhdf4-4.2.12/debian/patches/spelling-errors.patch 2017-04-27 
12:41:32.0 +0200
@@ -8,6 +8,7 @@
  inadvertantly -> inadvertently
  syncronize-> synchronize
  existant  -> existent
+ converion -> conversion
 Author: Bas Couwenberg 
 
 --- a/hdf/util/gif2hdf.c
@@ -478,3 +479,14 @@
  num_errs++;
}
  
+--- a/hdf/util/hdf8to24.c
 b/hdf/util/hdf8to24.c
+@@ -266,7 +266,7 @@ main(int argc, char *argv[])
+ }   /* end if */
+   } /* end if */
+ else
+-printf("No palette associated with image, using default grey scale 
converion\n");
++printf("No palette associated with image, using default grey scale 
conversion\n");
+ 
+ if (DFR8getimage(argv[file], img_buf, xdim, ydim, (ispal ? pal_buf : 
NULL)) == FAIL)
+   {


Bug#860515: Many translations missing in french KDE lang packages while we're close to release

2017-04-27 Thread Julien Aubin
2017-04-27 22:15 GMT+02:00 Pino Toscano :

> In data giovedì 27 aprile 2017 21:37:24 CEST, Julien Aubin ha scritto:
> > For the apps, basically you can pick any KDE Qt5 app except :
> > - Plasma configuration elements
>
> Which are? As I said, please be *specific*: provide step-to-step
> instructions of what should be tried to reproduce the issue. Generic
> statements or locations do not help.
>

Right click on K menu, then settings, check that translations are correct.
Now in Konsole, click "configuration", then "configurer les raccourcis
clavier", then check that translations are incorrect.
In system settings, open any of the settings (for example display but it
applies anywhere) and check that translations are incorrect in the bottom
pane with OK/Apply/...
In Dolphin open the settings window, the same, "OK/Apply/Cancel" buttons
are incorrectly translated.
In Kmail, the same.

>
> > - Kopete
> > - Okular
>
> They are not Qt5 applications.
>
> > Affected apps notably include :
> > - System settings
> > - Dolphin
> > - Kontact
> > - KDE Games
> > ... actually 80% of all the apps have their "OK/Apply/Cancel" buttons
> > untranslated in French + configure keyboard shortcuts window
> untranslated.
>
> These strings are all fuzzy (so unused) in the translations of the
> kwidgetsaddons framework (src:kwidgetsaddons, see the binary
> libkf5widgetsaddons-data proving them). It looks like the French
> translations in that framework were greatly improved in version 5.29
> (Debian currently has 5.28), and that strings were not changed between
> these two versions, so cherry-picking kwidgetsaddons/fr/5.29 could be
> an option.
>

I also think so. I can test if if you provide me the packages (hoping it
does not break my whole system).

Many thanks

>
> --
> Pino Toscano


Bug#860515: Many translations missing in french KDE lang packages while we're close to release

2017-04-27 Thread Pino Toscano
In data giovedì 27 aprile 2017 22:10:57 CEST, Julien Aubin ha scritto:
> > Please be specific, without expressions like "many missing transitions",
> > "most of the windows", and similar.  Which windows of which applications
> > have untranslated buttons?
> 
> Actually not all KDE games are affected either. For example KSudoku is not,
> while Granatier is for example.

ksudoku is a kdelibs4/qt4 application, while granatier is a kf5/qt5
application:

$ ldd /usr/games/ksudoku | grep QtCore
libQtCore.so.4 => /usr/lib/x86_64-linux-gnu/libQtCore.so.4 
(0x7f86ee76b000)
$ ldd /usr/games/granatier | grep Qt5Core
libQt5Core.so.5 => /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 
(0x7f3200172000)

The rest of the examples follow the same pattern.

> This is why to me this bug is a showstopper for release, as
> there are many French Debian users around (incl. Africa and Quebec) and
> such an issue makes UX issue look... amateurish.

This is still not a reason to make this bug "grave" from the beginning,
with only generic and unhelpful instructions on *where* to find the
issue.

For the rest of the details, see my other email.

> For apps with full untranslated sections, adding the files I below would
> solve the issue.

Not really, no. This list has no utility, other than "some things where
not translated to French in software currently packaged in Debian".

-- 
Pino Toscano

signature.asc
Description: This is a digitally signed message part.


Bug#861352: RFS: dhelp/0.6.23 [QA] -- online help system

2017-04-27 Thread Коля Гурьев

Package: sponsorship-requests

Dear mentors,

I found an unfortunate mistake in my previous patch for dhelp[1]. It 
broke search. So I prepared changes to fix it. I also resolve these 
lintian warnings:


  W: dhelp source: package-uses-deprecated-debhelper-compat-version 5
  W: dhelp source: ancient-standards-version 3.9.3 (current is 3.9.8)
  W: dhelp: spelling-error-in-readme-debian the the (duplicate word) the

There is only one lintian warning left:

  W: dhelp: apache2-reverse-dependency-uses-obsolete-directory 
etc/apache2/conf.d/dhelp.conf


It seems the package provides configuration file for Apache 2.4.


So I am looking for a sponsor for the package "dhelp"

 * Package name: dhelp
   Version : 0.6.23
 * License : GPL v2+
   Section : doc

It builds those binary packages:

dhelp - online help system

To access further information about this package, please visit the 
following URL:


  https://mentors.debian.net/package/dhelp


Alternatively, one can download the package with dget using this command:

dget -x 
https://mentors.debian.net/debian/pool/main/d/dhelp/dhelp_0.6.23.dsc


Besides, I discovered a git repository for the package and pushed there. 
The archive which was uploaded to mentors, correspond to a commit with 
hash 588535b.



https://anonscm.debian.org/cgit/collab-maint/dhelp.git/commit/?id=588535b3aee782df8ca56bd7cab10fa963baac50

Changes since the last upload:

  * QA upload.

  [ Nicholas Guriev ]
  * Complete the migration process from Berkeley DB to GNU dbm.
- Fix crash on searching.
  * Bump debhelper version.
  * Update standards version.
- Deleted a deprecated d/menu file.
- Wrote a new dhelp.desktop file.
- Added link to a git repository.
  * Now www-browser dependency is suggested, but not recommended, to
avoid autoinstallation redundant programs on servers.
  * Add mandatory dependency on libcgi-pm-perl package (closes: #824219)
  * Basque, Indonesian, Japanese, Swedish translations (found in VCS).

  [ Georgios M. Zarkadas ]
  * Fix unowned files after purge (closes: #679691).


Regards,
  Nicholas Guriev



Bug#861134: slim: Reloads automatically and queries login-prompt after running window manager for some (a short) time

2017-04-27 Thread Mateusz Łukasik
On Tue, 25 Apr 2017 00:10:43 +0200 Gordon Shumway  
wrote:

> Package: slim
> Version: 1.3.6-5
> Severity: important
>
> Dear Maintainer,
>
> * Slim has been set up as the default display manager
> * After running the Window Manager (XFCE in my case) and working with
> it causes a sudden reload of Slim and (re-)querying the login prompt
> * So there is a login-prompt query over and over again
>
> -- System Information:
> Debian Release: 9.0
> APT prefers buildd-unstable
> APT policy: (500, 'buildd-unstable'), (500, 'unstable'), (1, 
'experimental')

> Architecture: i386
> (i686)
>
> Kernel: Linux 4.9.0-2-686-pae (SMP w/2 CPU cores)
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
>
> Versions of packages slim depends on:
> ii dbus 1.10.18-1
> ii debconf [debconf-2.0] 1.5.60
> ii libc6 2.24-10
> ii libfontconfig1 2.11.0-6.7+b1
> ii libfreetype6 2.6.3-3.1
> ii libgcc1 1:7-20161115-1
> ii libjpeg62-turbo 1:1.5.1-2
> ii libpam0g 1.1.8-3.5
> ii libpng16-16 1.6.28-1
> ii libstdc++6 7-20161115-1
> ii libx11-6 2:1.6.4-3
> ii libxext6 2:1.3.3-1+b2
> ii libxft2 2.3.2-1+b2
> ii libxmu6 2:1.1.2-2
> ii libxrandr2 2:1.5.1-1
> ii libxrender1 1:0.9.10-1
> ii lsb-base 9.20161125
> ii zlib1g 1:1.2.8.dfsg-5
>
> Versions of packages slim recommends:
> ii xterm 327-2
>
> Versions of packages slim suggests:
> pn scrot 
> ii xauth 1:1.0.9-1+b2
>
> -- debconf information excluded
>
>

Hi all,

I need more informations about this bug, I can't confirm that on my 
configuration.


Have you something specific on start splash or plymouth?

I will try to reproduce this bug for fix.

--
 .''`.  Mateusz Łukasik
: :' :  http://mati75.eu
`. `'   Debian Member - mat...@linuxmint.pl
  `-GPG: D93B 0C12 C8D0 4D7A AFBC  FA27 CCD9 1D61 11A0 6851



Bug#860515: Many translations missing in french KDE lang packages while we're close to release

2017-04-27 Thread Pino Toscano
In data giovedì 27 aprile 2017 21:37:24 CEST, Julien Aubin ha scritto:
> For the apps, basically you can pick any KDE Qt5 app except :
> - Plasma configuration elements

Which are? As I said, please be *specific*: provide step-to-step
instructions of what should be tried to reproduce the issue. Generic
statements or locations do not help.

> - Kopete
> - Okular

They are not Qt5 applications.

> Affected apps notably include :
> - System settings
> - Dolphin
> - Kontact
> - KDE Games
> ... actually 80% of all the apps have their "OK/Apply/Cancel" buttons
> untranslated in French + configure keyboard shortcuts window untranslated.

These strings are all fuzzy (so unused) in the translations of the
kwidgetsaddons framework (src:kwidgetsaddons, see the binary
libkf5widgetsaddons-data proving them). It looks like the French
translations in that framework were greatly improved in version 5.29
(Debian currently has 5.28), and that strings were not changed between
these two versions, so cherry-picking kwidgetsaddons/fr/5.29 could be
an option.

-- 
Pino Toscano

signature.asc
Description: This is a digitally signed message part.


Bug#860265: (pre-approval) unblock: apt-cacher-ng/2-2

2017-04-27 Thread Niels Thykier
Control: tags -1 confirmed moreinfo

Eduard Bloch:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please approve the upload of new version of apt-cacher-ng. See #860243
> for details. Here is a minimum viable patch included below.
> 
> [...]
> 
> unblock apt-cacher-ng/2-2
> 
> [...]
> 

Ack, please go ahead and remove the moreinfo tag once the upload has
been done.

Thanks,
~Niels



Bug#860515: Many translations missing in french KDE lang packages while we're close to release

2017-04-27 Thread Julien Aubin
2017-04-27 21:37 GMT+02:00 Julien Aubin :

> For the apps, basically you can pick any KDE Qt5 app except :
> - Plasma configuration elements
> - Kopete
> - Okular
>
> Affected apps notably include :
> - System settings
> - Dolphin
> - Kontact
> - KDE Games
> ... actually 80% of all the apps have their "OK/Apply/Cancel" buttons
> untranslated in French + configure keyboard shortcuts window untranslated.
>

> Please be specific, without expressions like "many missing transitions",
> "most of the windows", and similar.  Which windows of which applications
> have untranslated buttons?

Actually not all KDE games are affected either. For example KSudoku is not,
while Granatier is for example. However a proportion of  80% of 16.04
software suite affected apps seems to be a fair one. In order to reproduce
issue :

- DO : Install kde-full
- DO : Install kde-l10n-fr and use French as the language for a new profile
- DO : Install kde-l10n-pl and use Polish as the language for a new profile
- DO : on both sides launch apps listed above, like Dolphin, Kontact,
Konsole, System settings, ...
- EXPECT : on both sides OK/Cancel/Apply/Default/Help buttons should be
translated in the bottom buttons of windows, and the configure shortcuts
window should be translated, incl. bottom buttons
- ACTUAL : it is not the case w/ French in most of the cases (while it is
the case in Polish - example of cases which do not work in French :
Konsole, example of case which works : KSudoku)

Listing all the windows would be too long as having English bottom buttons
in French turns out to be the common case, and correctly translated buttons
the exception, which explains why I say "many" and cannot list all the
affected apps. This is why to me this bug is a showstopper for release, as
there are many French Debian users around (incl. Africa and Quebec) and
such an issue makes UX issue look... amateurish.

For apps with full untranslated sections, adding the files I below would
solve the issue. Affected files :
baloomonitorplugin.mo
bluedevil.mo
customtoolsplugin.mo
elfutils.mo
gnupg2.mo
gom.mo
json_kdeedu_artikulate.mo
json_kdeedu_cantor.mo
json_kdenetwork_krfb.mo
json_kdenetwork_ktp-common-internals.mo
json_pim_kdepim-addons.mo
kaddressbook_plugins.mo
kate-replicode-plugin.mo
kdeconnect-cli.mo
kdeconnect-core.mo
kdeconnect-fileitemaction.mo
kdeconnect-kcm.mo
kdeconnect-kded.mo
kdeconnect-kio.mo
kdeconnect-plugins.mo
kexixbasedriver.mo
kmail_plugins.mo
kscreenlocker_greet.mo
kscreenlocker.mo
ksshaskpass.mo
kterustcompletion.mo
libkirigamiplugin_qt.qm
liboxygenstyleconfig.mo
libpurpose_quick.mo
libpurpose_widgets.mo
messageviewerheaderplugins.mo
messageviewerplugins.mo
oxygen_style_config.mo
oxygen_style_demo.mo
phodav-2.0.mo
plasma_applet_org.kde.kdeconnect.mo
plasma_applet_org.kde.plasma.bluetooth.mo
plasma_applet_org.kde.plasma.mediaframe.mo
plasma_applet_org.kde.plasma.minimizeall.mo
purpose_imgur.mo
purpose_ktp-sendfile.mo
purpose_pastebin.mo
purpose_saveas.mo
purpose_youtube.mo
screenlocker_kcm.mo
tabswitcherplugin.mo
texinfo_document.mo
texinfo.mo
user_manager.mo

But these files do not affect the OK/Apply/Cancel buttons

Rgds

>
> 2017-04-27 21:29 GMT+02:00 Pino Toscano :
>
>> Hi,
>>
>> please do not top-post, which is a poor practice brought by gmail.
>>
>> In data giovedì 27 aprile 2017 21:15:29 CEST, Julien Aubin ha scritto:
>> > > Yup, I do have. But the missing files might be enough to explain the
>> many
>> > > missing translations appearing in the UI.
>>
>> Not really, no. Most of them are translations for PIM stuff
>> (kaddressbook & kmail), and a couple of minor kate plugins.
>>
>> > Note that in some apps and in Plasma configuration windows
>> OK/Apply/Cancel
>> > buttons are correctly translated for example. I suspect that one of
>> these
>> > files causes most of the windows to have untranslated buttons,
>>
>>
>>
>> > and the
>> > missing files for kaddressbook and kmail explain why for example the
>> > antivirus/antispam wizard is not translated in Kmail.
>>
>> That's correct, the antispam & antivirus wizards are translated in
>> kmail_plugins.mo.
>>
>> --
>> Pino Toscano
>
>
>


Bug#861351: qemu: CVE-2017-8112: scsi: vmw_pvscsi: infinite loop in pvscsi_log2

2017-04-27 Thread Salvatore Bonaccorso
Source: qemu
Version: 1:2.8+dfsg-4
Severity: normal
Tags: upstream security

Hi,

the following vulnerability was published for qemu.

CVE-2017-8112[0]:
vmw_pvscsi: infinite loop in pvscsi_log2

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-8112
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8112
[1] https://bugzilla.novell.com/show_bug.cgi?id=1036211
[2] https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg04578.html
[3] https://bugzilla.redhat.com/show_bug.cgi?id=1445621

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore



Bug#861350: epiphany-browser: Spaces incorrectly replaced to "0"s inside URLs for saved web applications

2017-04-27 Thread Svjatoslav Agejenko
Package: epiphany-browser
Version: 3.22.6-1
Severity: important
Tags: upstream

Dear Maintainer,


I have custom HTML page on my computer that I want to access as a Web
Application
via Epiphany browser.

It is located in:

file:///home/me/configuration/browser start page/index.html

When I open the page by entering this URL, it renders fine.
When I use "Save As Web Application" option in the menu
and open newly created shortcut, it tries to open incorrect URL:

file:///home/n0/data/projects/projects/configuration/browser0start0page/index.html


I guess it has something to do with URL being converted internally to
file:///home/n0/data/projects/projects/configuration/browser%20start%20page/index.html





-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages epiphany-browser depends on:
ii  dbus-user-session [default-dbus-session-bus]  1.10.18-1
ii  dbus-x11 [dbus-session-bus]   1.10.18-1
ii  epiphany-browser-data 3.22.6-1
ii  gsettings-desktop-schemas 3.22.0-1
ii  iso-codes 3.74-1
ii  libavahi-client3  0.6.32-2
ii  libavahi-common3  0.6.32-2
ii  libavahi-gobject0 0.6.32-2
ii  libc6 2.24-10
ii  libcairo2 1.14.8-1
ii  libgcr-base-3-1   3.20.0-5
ii  libgcr-ui-3-1 3.20.0-5
ii  libgdk-pixbuf2.0-02.36.5-2
ii  libglib2.0-0  2.50.3-2
ii  libgnome-desktop-3-12 3.22.2-1
ii  libgtk-3-03.22.11-1
ii  libjavascriptcoregtk-4.0-18   2.14.6-1
ii  libnotify40.7.7-2
ii  libpango-1.0-01.40.4-1
ii  libpangocairo-1.0-0   1.40.4-1
ii  libsecret-1-0 0.18.5-3.1
ii  libsoup2.4-1  2.56.0-2
ii  libsqlite3-0  3.16.2-3
ii  libwebkit2gtk-4.0-37  2.14.6-1
ii  libx11-6  2:1.6.4-3
ii  libxml2   2.9.4+dfsg1-2.2
ii  libxslt1.11.1.29-2.1

Versions of packages epiphany-browser recommends:
ii  browser-plugin-evince  3.22.1-3
ii  ca-certificates20161130
ii  evince 3.22.1-3
ii  yelp   3.22.0-1

epiphany-browser suggests no packages.

-- no debconf information



Bug#860718: jessie-pu: package openmpi/1.6.5-9.1+deb8u1

2017-04-27 Thread Adam D. Barratt
Control: tags -1 + confirmed

On Wed, 2017-04-19 at 12:32 +0200, Andreas Beckmann wrote:
> I'd like to update openmpi in jessie to fix some problems during
> upgrades to stretch. libopenmpi1.6 has an unversioned
>   Conflicts: libopenmpi2
> which is the package name in stretch (but was also used temporarily for
> three uploads of 1.5.4, therefore the conflict). Making this versioned
> for (<< 1.6) should preserve the original intention while avoiding
> confusion in jessie's apt (which is running the dist-upgrade to
> stretch), where libopenmpi2 is not considered as a valid installation
> condidate for stretch. See #859986 for more details.
> It's difficult to test that this actually improves the upgrade path
> behavior before the package hits s-p-u. Will recheck once this has
> happened.
> 
> Another fix that is included is fixing some soname links in
> libopenmpi1.6 to the versions actually shipped ...

Please go ahead.

Regards,

Adam



Bug#861348: qemu: CVE-2017-8086: 9pfs: host memory leakage via v9pfs_list_xattr

2017-04-27 Thread Salvatore Bonaccorso
On Thu, Apr 27, 2017 at 09:40:12PM +0200, Salvatore Bonaccorso wrote:
> Please adjust the affected versions in the BTS as needed, at point of
> writing this bugreport only unstable source has been checked.

Please double-check the following. The issue might only have been
introduced due to applying d10142c11bdcecebe97fd834a834167053b7a05c a
commit to help/partially fix CVE-2016-9602.

So extra care needs to be done if CVE-2016-9602 is fixed as well for
jessie, then we might open CVE-2017-8086.

Regards,
Salvatore



Bug#861129: jessie-pu: package gnome-media/3.4.0-2+deb8u1

2017-04-27 Thread Adam D. Barratt
Control: tags -1 + confirmed

On Mon, 2017-04-24 at 22:28 +0200, Andreas Beckmann wrote:
> I'd like to update gnome-media in jessie to add Breaks to match the
> Replaces. I found an upgrade path in piuparts where a mutilated
> gnome-media-common package (originating from squeeze) is kept installed.
> gnome-media does no longer exist in stretch, so fixing it in jessie is
> the only possibility.
> I verified in piuparts that the upgrade to the updated packages fixes
> the problem.

I'm not always convinced if no actual users appear to be affected, but
please go ahead.

Regards,

Adam



Bug#861200: jessie-pu: package activemq/5.6.0+dfsg1-4+deb8u2

2017-04-27 Thread Adam D. Barratt
Control: tags -1 + confirmed

On Tue, 2017-04-25 at 21:27 +0200, Markus Koschany wrote:
> I would like to fix CVE-2015-7599 for Jessie. The security team marked
> this issue as no-dsa. Please find attached the debdiff.

It appears that you mean CVE-2015-7559.

With that fixed throughout, please go ahead.

Regards,

Adam



Bug#861294: jessie-pu: package spip/3.0.17-2+deb8u3

2017-04-27 Thread Adam D. Barratt
Control: tags -1 + confirmed

On Wed, 2017-04-26 at 19:00 -1000, David Prévot wrote:
> I’ve been asked by the security team to fix the (pile of) security
> issues currently affecting the spip package in Jessie. Please find
> attached the full debdiff, here is the proposed changelog:
> 
> spip (3.0.17-2+deb8u3) jessie; urgency=medium
> 
>   * Document CVE in previous changelog entry
>   * Update security screen to 1.3.0

Please go ahead.

Regards,

Adam



Bug#861349: RM: crash-whitepaper -- RoM: Obsolete

2017-04-27 Thread Troy Heber
Package: ftp.debian.org
Severity: normal

The crash-whitepaper is quite old and should be removed from the
archive.

Troy


signature.asc
Description: PGP signature


Bug#860515: Many translations missing in french KDE lang packages while we're close to release

2017-04-27 Thread Julien Aubin
2017-04-27 21:29 GMT+02:00 Pino Toscano :

> Hi,
>
> please do not top-post, which is a poor practice brought by gmail.
>

Sorry for my two previous emails, did not see this (and yup it is a poor
Gmail practice)

>
> In data giovedì 27 aprile 2017 21:15:29 CEST, Julien Aubin ha scritto:
> > > Yup, I do have. But the missing files might be enough to explain the
> many
> > > missing translations appearing in the UI.
>
> Not really, no. Most of them are translations for PIM stuff
> (kaddressbook & kmail), and a couple of minor kate plugins.
>
> > Note that in some apps and in Plasma configuration windows
> OK/Apply/Cancel
> > buttons are correctly translated for example. I suspect that one of these
> > files causes most of the windows to have untranslated buttons,
>
> Please be specific, without expressions like "many missing transitions",
> "most of the windows", and similar.  Which windows of which applications
> have untranslated buttons?
>
> > and the
> > missing files for kaddressbook and kmail explain why for example the
> > antivirus/antispam wizard is not translated in Kmail.
>
> That's correct, the antispam & antivirus wizards are translated in
> kmail_plugins.mo.
>
> --
> Pino Toscano


Bug#861348: qemu: CVE-2017-8086: 9pfs: host memory leakage via v9pfs_list_xattr

2017-04-27 Thread Salvatore Bonaccorso
Source: qemu
Version: 1:2.8+dfsg-4
Severity: normal
Tags: security patch upstream

Hi,

the following vulnerability was published for qemu.

CVE-2017-8086[0]:
9pfs: host memory leakage via v9pfs_list_xattr

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-8086
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8086
[1] 
http://git.qemu.org/?p=qemu.git;a=commit;h=4ffcdef4277a91af15a3c09f7d16af072c29f3f2
 (v2.9.0-rc4)
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1444781

Please adjust the affected versions in the BTS as needed, at point of
writing this bugreport only unstable source has been checked.

Regards,
Salvatore



Bug#861347: udfclient: Buffer overflow in own strlcpy implementation

2017-04-27 Thread Pali Rohár
Package: udfclient
Version: 0.8.7-1

UDFClient has its own implementation of strlcpy function as standard 
glibc in libc.so does not provide one. But this implementation in 
UDFClient prior to version 0.8.8 has buffer overflow defect and writes 
more characters as buffer size.

Mitre assigned CVE-2017-8305 for this issue.

-- 
Pali Rohár
pali.ro...@gmail.com


signature.asc
Description: This is a digitally signed message part.


Bug#860515: Many translations missing in french KDE lang packages while we're close to release

2017-04-27 Thread Julien Aubin
For the apps, basically you can pick any KDE Qt5 app except :
- Plasma configuration elements
- Kopete
- Okular

Affected apps notably include :
- System settings
- Dolphin
- Kontact
- KDE Games
... actually 80% of all the apps have their "OK/Apply/Cancel" buttons
untranslated in French + configure keyboard shortcuts window untranslated.

2017-04-27 21:29 GMT+02:00 Pino Toscano :

> Hi,
>
> please do not top-post, which is a poor practice brought by gmail.
>
> In data giovedì 27 aprile 2017 21:15:29 CEST, Julien Aubin ha scritto:
> > > Yup, I do have. But the missing files might be enough to explain the
> many
> > > missing translations appearing in the UI.
>
> Not really, no. Most of them are translations for PIM stuff
> (kaddressbook & kmail), and a couple of minor kate plugins.
>
> > Note that in some apps and in Plasma configuration windows
> OK/Apply/Cancel
> > buttons are correctly translated for example. I suspect that one of these
> > files causes most of the windows to have untranslated buttons,
>
> Please be specific, without expressions like "many missing transitions",
> "most of the windows", and similar.  Which windows of which applications
> have untranslated buttons?
>
> > and the
> > missing files for kaddressbook and kmail explain why for example the
> > antivirus/antispam wizard is not translated in Kmail.
>
> That's correct, the antispam & antivirus wizards are translated in
> kmail_plugins.mo.
>
> --
> Pino Toscano


Bug#860254:

2017-04-27 Thread Kurt Roeckx
On Thu, Apr 27, 2017 at 09:25:33PM +0200, Sebastian Andrzej Siewior wrote:
> On 2017-04-27 18:18:50 [+0200], Kurt Roeckx wrote:
> > 
> > Yes, so perl-base should be find for c_rehash and CA.pl, but tsget
> > requires libwww-curl-perl and we already don't depend on it.
> 
> So what is that you are saying? We keep perl as is and add
> libwww-curl-perl (and if so is it RC and so testing metrial)?
> Or do we move tsget somehwere under docs/examples as .gz or split it
> into its package like openssl-perl or so? I can't find if it is used
> somewhere / by something. It is in a non-standard location (not under a
> bin directory).

I'm not suggesting to add libwww-curl-perl.

I'm not sure why we have things in /usr/lib/ssl/misc/, which
doesn't sound like a useful place to put things.

Note that there are actually manpages for them, so maybe we should
move them to /usr/bin/?

We should probaby get rid of the whole /usr/lib/ssl/

But I think we shouldn't change anything for stretch, except maybe
changing from perl to perl-base.


Kurt



Bug#860515: Many translations missing in french KDE lang packages while we're close to release

2017-04-27 Thread Pino Toscano
Hi,

please do not top-post, which is a poor practice brought by gmail.

In data giovedì 27 aprile 2017 21:15:29 CEST, Julien Aubin ha scritto:
> > Yup, I do have. But the missing files might be enough to explain the many
> > missing translations appearing in the UI.

Not really, no. Most of them are translations for PIM stuff
(kaddressbook & kmail), and a couple of minor kate plugins.

> Note that in some apps and in Plasma configuration windows OK/Apply/Cancel
> buttons are correctly translated for example. I suspect that one of these
> files causes most of the windows to have untranslated buttons,

Please be specific, without expressions like "many missing transitions",
"most of the windows", and similar.  Which windows of which applications
have untranslated buttons?

> and the
> missing files for kaddressbook and kmail explain why for example the
> antivirus/antispam wizard is not translated in Kmail.

That's correct, the antispam & antivirus wizards are translated in
kmail_plugins.mo.

-- 
Pino Toscano

signature.asc
Description: This is a digitally signed message part.


Bug#860515: Many translations missing in french KDE lang packages while we're close to release

2017-04-27 Thread Julien Aubin
After comparing further I found out the following files are actually
missing in the French flavour :
baloomonitorplugin.mo
bluedevil.mo
customtoolsplugin.mo
elfutils.mo
gnupg2.mo
gom.mo
json_kdeedu_artikulate.mo
json_kdeedu_cantor.mo
json_kdenetwork_krfb.mo
json_kdenetwork_ktp-common-internals.mo
json_pim_kdepim-addons.mo
kaddressbook_plugins.mo
kate-replicode-plugin.mo
kdeconnect-cli.mo
kdeconnect-core.mo
kdeconnect-fileitemaction.mo
kdeconnect-kcm.mo
kdeconnect-kded.mo
kdeconnect-kio.mo
kdeconnect-plugins.mo
kexixbasedriver.mo
kmail_plugins.mo
kscreenlocker_greet.mo
kscreenlocker.mo
ksshaskpass.mo
kterustcompletion.mo
libkirigamiplugin_qt.qm
liboxygenstyleconfig.mo
libpurpose_quick.mo
libpurpose_widgets.mo
messageviewerheaderplugins.mo
messageviewerplugins.mo
oxygen_style_config.mo
oxygen_style_demo.mo
phodav-2.0.mo
plasma_applet_org.kde.kdeconnect.mo
plasma_applet_org.kde.plasma.bluetooth.mo
plasma_applet_org.kde.plasma.mediaframe.mo
plasma_applet_org.kde.plasma.minimizeall.mo
purpose_imgur.mo
purpose_ktp-sendfile.mo
purpose_pastebin.mo
purpose_saveas.mo
purpose_youtube.mo
screenlocker_kcm.mo
tabswitcherplugin.mo
texinfo_document.mo
texinfo.mo
user_manager.mo


2017-04-27 21:08 GMT+02:00 Pino Toscano :

> In data giovedì 27 aprile 2017 20:35:04 CEST, Julien Aubin ha scritto:
> > NB : to be more precise in kde-l10n-fr many files are missing under
> > /usr/share/locale/LC_MESSAGES/fr compared to the Polish flavour of the
> > package.
>
> Many? Not really:
>
> $ apt-get download kde-l10n-fr
> $ apt-get download kde-l10n-pl
> $ dpkg -x kde-l10n-fr_4%3a16.04.3-1_all.deb fr
> $ dpkg -x kde-l10n-pl_4%3a16.04.3-1_all.deb pl
> $ rm {fr,pl}/usr/share/locale/*/LC_MESSAGES/json_*.mo
> (removing json_*.mo files, since they are not used at runtime, but only
> in the sources to fill translations in json files, statically)
>
> $ diff -u \
>   <(cd fr/usr/share/locale/fr/LC_MESSAGES && ls *.mo | sort) \
>   <(cd pl/usr/share/locale/pl/LC_MESSAGES && ls *.mo | sort)
> --- /dev/fd/63  2017-04-27 21:06:20.283683338 +0200
> +++ /dev/fd/62  2017-04-27 21:06:20.283683338 +0200
> @@ -67,6 +67,7 @@
>  contactprintthemeeditor.mo
>  contactthemeeditor.mo
>  cryptopageplugin.mo
> +customtoolsplugin.mo
>  cvsservice.mo
>  dirfilterplugin.mo
>  display.mo
> @@ -95,6 +96,7 @@
>  kactivitymanagerd_fileitem_linking_plugin.mo
>  kactivitymanagerd.mo
>  kaddressbook.mo
> +kaddressbook_plugins.mo
>  kajongg.mo
>  kalarm.mo
>  kalgebra.mo
> @@ -113,6 +115,7 @@
>  kate.mo
>  kateopenheader.mo
>  kateproject.mo
> +kate-replicode-plugin.mo
>  katesearch.mo
>  katesnippetsplugin.mo
>  katesql.mo
> @@ -262,6 +265,7 @@
>  kmag.mo
>  kmahjongg.mo
>  kmail.mo
> +kmail_plugins.mo
>  kmines.mo
>  kmix.mo
>  kmousetool.mo
> @@ -319,6 +323,7 @@
>  ksystemlog.mo
>  ksystraycmd.mo
>  kteatime.mo
> +kterustcompletion.mo
>  ktimer.mo
>  ktnef.mo
>  ktouch.mo
> @@ -412,6 +417,8 @@
>  marble.mo
>  mboximporter.mo
>  messageviewer_application_mstnef_plugin.mo
> +messageviewerheaderplugins.mo
> +messageviewerplugins.mo
>  messageviewer_text_calendar_plugin.mo
>  messageviewer_text_vcard_plugin.mo
>  mf_konqplugin.mo
> @@ -556,6 +563,7 @@
>  strigila_diff.mo
>  svgpart.mo
>  sweeper.mo
> +tabswitcherplugin.mo
>  timezones4.mo
>  uachangerplugin.mo
>  umbrello.mo
>
> So kde-l10n-fr contains almost all the files that kde-l10n-pl provides.
>
> Also, your note about translations from kcmkeys.mo makes no sense,
> as that file is only used for that specific module in system settings.
>
> Furthermore, do you have qttranslations5-l10n installed, in addition
> to kde-l10n-fr?
>
> --
> Pino Toscano


Bug#860515: Many translations missing in french KDE lang packages while we're close to release

2017-04-27 Thread Pino Toscano
In data giovedì 27 aprile 2017 20:35:04 CEST, Julien Aubin ha scritto:
> NB : to be more precise in kde-l10n-fr many files are missing under
> /usr/share/locale/LC_MESSAGES/fr compared to the Polish flavour of the
> package.

Many? Not really:

$ apt-get download kde-l10n-fr
$ apt-get download kde-l10n-pl
$ dpkg -x kde-l10n-fr_4%3a16.04.3-1_all.deb fr
$ dpkg -x kde-l10n-pl_4%3a16.04.3-1_all.deb pl
$ rm {fr,pl}/usr/share/locale/*/LC_MESSAGES/json_*.mo
(removing json_*.mo files, since they are not used at runtime, but only
in the sources to fill translations in json files, statically)

$ diff -u \
  <(cd fr/usr/share/locale/fr/LC_MESSAGES && ls *.mo | sort) \
  <(cd pl/usr/share/locale/pl/LC_MESSAGES && ls *.mo | sort)
--- /dev/fd/63  2017-04-27 21:06:20.283683338 +0200
+++ /dev/fd/62  2017-04-27 21:06:20.283683338 +0200
@@ -67,6 +67,7 @@
 contactprintthemeeditor.mo
 contactthemeeditor.mo
 cryptopageplugin.mo
+customtoolsplugin.mo
 cvsservice.mo
 dirfilterplugin.mo
 display.mo
@@ -95,6 +96,7 @@
 kactivitymanagerd_fileitem_linking_plugin.mo
 kactivitymanagerd.mo
 kaddressbook.mo
+kaddressbook_plugins.mo
 kajongg.mo
 kalarm.mo
 kalgebra.mo
@@ -113,6 +115,7 @@
 kate.mo
 kateopenheader.mo
 kateproject.mo
+kate-replicode-plugin.mo
 katesearch.mo
 katesnippetsplugin.mo
 katesql.mo
@@ -262,6 +265,7 @@
 kmag.mo
 kmahjongg.mo
 kmail.mo
+kmail_plugins.mo
 kmines.mo
 kmix.mo
 kmousetool.mo
@@ -319,6 +323,7 @@
 ksystemlog.mo
 ksystraycmd.mo
 kteatime.mo
+kterustcompletion.mo
 ktimer.mo
 ktnef.mo
 ktouch.mo
@@ -412,6 +417,8 @@
 marble.mo
 mboximporter.mo
 messageviewer_application_mstnef_plugin.mo
+messageviewerheaderplugins.mo
+messageviewerplugins.mo
 messageviewer_text_calendar_plugin.mo
 messageviewer_text_vcard_plugin.mo
 mf_konqplugin.mo
@@ -556,6 +563,7 @@
 strigila_diff.mo
 svgpart.mo
 sweeper.mo
+tabswitcherplugin.mo
 timezones4.mo
 uachangerplugin.mo
 umbrello.mo

So kde-l10n-fr contains almost all the files that kde-l10n-pl provides.

Also, your note about translations from kcmkeys.mo makes no sense,
as that file is only used for that specific module in system settings.

Furthermore, do you have qttranslations5-l10n installed, in addition
to kde-l10n-fr?

-- 
Pino Toscano

signature.asc
Description: This is a digitally signed message part.


Bug#860254:

2017-04-27 Thread Sebastian Andrzej Siewior
On 2017-04-27 18:18:50 [+0200], Kurt Roeckx wrote:
> 
> Yes, so perl-base should be find for c_rehash and CA.pl, but tsget
> requires libwww-curl-perl and we already don't depend on it.

So what is that you are saying? We keep perl as is and add
libwww-curl-perl (and if so is it RC and so testing metrial)?
Or do we move tsget somehwere under docs/examples as .gz or split it
into its package like openssl-perl or so? I can't find if it is used
somewhere / by something. It is in a non-standard location (not under a
bin directory).

> 
> Kurt

Sebastian



Bug#861220: freetype: diff for NMU version 2.6.3-3.2

2017-04-27 Thread Salvatore Bonaccorso
Control: tags 861220 + pending
Control: tags 861308 + pending

Dear maintainer,

I've prepared an NMU for freetype (versioned as 2.6.3-3.2) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.

Regards,
Salvatore
diff -u freetype-2.6.3/debian/changelog freetype-2.6.3/debian/changelog
--- freetype-2.6.3/debian/changelog
+++ freetype-2.6.3/debian/changelog
@@ -1,3 +1,12 @@
+freetype (2.6.3-3.2) unstable; urgency=high
+
+  * Non-maintainer upload.
+  * Better protect `flex' handling (CVE-2017-8105) (Closes: #861220)
+  * t1_builder_close_contour: Add safety guard (CVE-2017-8287)
+(Closes: #861308)
+
+ -- Salvatore Bonaccorso   Thu, 27 Apr 2017 20:57:40 +0200
+
 freetype (2.6.3-3.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -u freetype-2.6.3/debian/patches-freetype/series freetype-2.6.3/debian/patches-freetype/series
--- freetype-2.6.3/debian/patches-freetype/series
+++ freetype-2.6.3/debian/patches-freetype/series
@@ -6,0 +7,2 @@
+CVE-2017-8105-psaux-Better-protect-flex-handling.patch
+CVE-2017-8287-src-psaux-psobjs.c-t1_builder_close_contour-Add-safe.patch
only in patch2:
unchanged:
--- freetype-2.6.3.orig/debian/patches-freetype/CVE-2017-8105-psaux-Better-protect-flex-handling.patch
+++ freetype-2.6.3/debian/patches-freetype/CVE-2017-8105-psaux-Better-protect-flex-handling.patch
@@ -0,0 +1,43 @@
+From f958c48ee431bef8d4d466b40c9cb2d4dbcb7791 Mon Sep 17 00:00:00 2001
+From: Werner Lemberg 
+Date: Fri, 24 Mar 2017 09:15:10 +0100
+Subject: [PATCH] [psaux] Better protect `flex' handling.
+
+Reported as
+
+  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935
+
+* src/psaux/t1decode.c (t1_decoder_parse_charstrings)
+: Since there is not a single flex operator but a
+series of subroutine calls, malformed fonts can call arbitrary other
+operators after the start of a flex, possibly adding points.  For
+this reason we have to check the available number of points before
+inserting a point.
+---
+diff --git a/src/psaux/t1decode.c b/src/psaux/t1decode.c
+index af7b465..7dd4513 100644
+--- a/src/psaux/t1decode.c
 b/src/psaux/t1decode.c
+@@ -780,10 +780,19 @@
+ /* point without adding any point to the outline*/
+ idx = decoder->num_flex_vectors++;
+ if ( idx > 0 && idx < 7 )
++{
++  /* in malformed fonts it is possible to have other */
++  /* opcodes in the middle of a flex (which don't*/
++  /* increase `num_flex_vectors'); we thus have to   */
++  /* check whether we can add a point*/
++  if ( FT_SET_ERROR( t1_builder_check_points( builder, 1 ) ) )
++goto Syntax_Error;
++
+   t1_builder_add_point( builder,
+ x,
+ y,
+ (FT_Byte)( idx == 3 || idx == 6 ) );
++}
+   }
+   break;
+ 
+-- 
+2.1.4
+
only in patch2:
unchanged:
--- freetype-2.6.3.orig/debian/patches-freetype/CVE-2017-8287-src-psaux-psobjs.c-t1_builder_close_contour-Add-safe.patch
+++ freetype-2.6.3/debian/patches-freetype/CVE-2017-8287-src-psaux-psobjs.c-t1_builder_close_contour-Add-safe.patch
@@ -0,0 +1,32 @@
+From 3774fc08b502c3e685afca098b6e8a195aded6a0 Mon Sep 17 00:00:00 2001
+From: Werner Lemberg 
+Date: Sun, 26 Mar 2017 08:32:09 +0200
+Subject: [PATCH] * src/psaux/psobjs.c (t1_builder_close_contour): Add safety
+ guard.
+
+Reported as
+
+  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941
+---
+diff --git a/src/psaux/psobjs.c b/src/psaux/psobjs.c
+index d18e821..0baf836 100644
+--- a/src/psaux/psobjs.c
 b/src/psaux/psobjs.c
+@@ -1718,6 +1718,14 @@
+ first = outline->n_contours <= 1
+ ? 0 : outline->contours[outline->n_contours - 2] + 1;
+ 
++/* in malformed fonts it can happen that a contour was started */
++/* but no points were added*/
++if ( outline->n_contours && first == outline->n_points )
++{
++  outline->n_contours--;
++  return;
++}
++
+ /* We must not include the last point in the path if it */
+ /* is located on the first point.   */
+ if ( outline->n_points > 1 )
+-- 
+2.1.4
+


  1   2   3   >