Bug#869959: python3-defaults: Make source package bootstrappable
Source: python3-defaults Version: 3.5.3-3 Severity: wishlist Currently, python3-defaults has a self build dependency on python3-minimal, as well as build dependencies on lsb-release and python3-docutils that indirectly bring in python3-defaults packages. It would be nice if this source package provided a way to bootstrap itself. I wonder if it would be possible to Build-Depend directly on python3.5 which seems to be installable without python3-defaults being bootstrapped. As for lsb-release, I use a minimal script with hard-coded output for "lsb-release -cs" and "lsb-release -is" as a replacement. And for python3-docutils, it should hopefully be possible to drop the generated documentation in the stage1 build. -- Daniel Schepler
Bug#869855: Debian Stretch and nfs-kernel-server nfsv2
Hello! Awesome, thanks! Works like a charm! >From my point of view “bug” can be closed. Am 27.07.2017 11:44 nachm. schrieb "Marc-Henri Pamiseux": > Hello, > > It is not a bug, It is a feature :) > > Simple to resolv. Edit /etc/default/nfs-kernel-server file and change > RPCNFSDCOUNT variable like this : > > RPCNFSDCOUNT="8 --nfs-version 2" > > Save the file and restart nfs-kernel-server service. > Check the value of cat /proc/fs/nfsd/versions. > > Regards, > -- > Marc-Henri Pamiseux - SARL Libricks - www.libricks.fr > 6 rue Léonard de Vinci - CS 20119, 53001 LAVAL Cedex > Tel. : 02.30.96.15.24 / Mobile : 06.26.71.30.97 >
Bug#762559: Pending fixes for bugs in the weirdx package
tag 762559 + pending thanks Some bugs in the weirdx package are closed in revision a3269cb9329231047b081d891f0f769e81e803b2 in branch 'master' by tony mancill The full diff can be seen at https://anonscm.debian.org/cgit/pkg-java/weirdx.git/commit/?id=a3269cb Commit message: Update Uploaders (Closes: #762559)
Bug#869516: reproducible build for libcdio
On Thu, Jul 27, 2017 at 6:53 PM, Rocky Bernsteinwrote: > Hi - > > I just became aware of https://bugs.debian.org/ > cgi-bin/bugreport.cgi?att=1;bug=869516;filename=libcdio.diff.txt;msg=5 > > If you create patch against the current libcdio sources > https://savannah.gnu.org/git/?group=libcdio I will add that to the > source. > Or you can use https://savannah.gnu.org/patch/?func=additem=libcdio > > Note that patches would go in the current source 0.94 not 0.83 on debian > which is way out of date. > > Regards, >Rocky >
Bug#867990: python-pika FTBFS: rm: cannot remove version_history.txt: No such file or directory
Package: src:python-pika Followup-For: Bug #867990 The file now appears to be called version_history.rst.txt This is presumably a change of behaviour between Sphinx 1.4.9 and 1.5.6? Christopher
Bug#869958: RM: winrm -- RoM; NBS; discontinued upstream
Package: ftp.debian.org Severity: normal As of 0.0~git20170601.0.1ca0ba6-1, this package is no longer built: * binary tool is no longer provided. Regards, Shengjing Zhu signature.asc Description: PGP signature
Bug#869957: python3.5: Make source package bootstrappable
Source: python3.5 Version: 3.5.4~rc1-1 Severity: wishlist Currently, python3.5 has several build dependencies which lead to cycles: the direct build dependency on python3, of course; the build dependency on lsb-release; and blt-dev, tk-dev, xvfb, xauth which introduce cycles because libxcb requires Python to build. Then there's libbluetooth-dev -> glib2.0 -> python. In my experience, the tk-dev, blt-dev, libbluetooth-dev could probably be dropped in a stage1 build, and I'm guessing xvfb and xauth could be made dependent on . I usually get around the lsb-release build-depends when bootstrapping by just creating a small shell script with hard-coded responses to "lsb_release -is" and "lsb_release -cs". I suppose that could be put in a package named something like lsb-release-stub which could be an alternative build-depend to lsb-release. Which leaves the build dependencies on python3. My guess is that that's there because there's some patch which touches a source file, which then needs Python to generate output files from that. If that's the case, I wonder if it would be possible to have the build process first build a bootstrap version, then apply the patch and rebuild (with the appropriate unpatching and resetting timestamps on clean). Not very elegant, I know, but I can't really think of anything better. And it does seem to work OK - in my manual bootstrapping, I first unpack the orig.tar.xz, build that and install in the pbuilder login chroot, and then unpack the full source package to build it - and I haven't run into problems with the results from that process. Anyway, I just wanted to start by sharing my thoughts on how it might be possible to make this bootstrappable, and wondered if you had anything to add. -- Daniel Schepler
Bug#869884: chemical-mime-data: Local copy of intltool-* fails with perl 5.26
Control: tag -1 + patch On Thu, 27 Jul 2017 14:37:40 +0300, Adrian Bunk wrote: > Making check in po > make[2]: Entering directory '/build/1st/chemical-mime-data-0.1.94/po' > INTLTOOL_EXTRACT=../intltool-extract srcdir=. ../intltool-update > --gettext-package chemical-mime-data --pot > Unescaped left brace in regex is illegal here in regex; marked by <-- HERE in > m/^(.*)\${ <-- HERE ?([A-Z_]+)}?(.*)$/ at ../intltool-update line 875. > Makefile:95: recipe for target 'chemical-mime-data.pot' failed > make[2]: *** [chemical-mime-data.pot] Error 2 Here's a debdiff with a new patch which fixes the embedded intltool-update. Cheers, gregor -- .''`. https://info.comodo.priv.at/ - Debian Developer https://www.debian.org : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D 85FA BB3A 6801 8649 AA06 `. `' Member of VIBE!AT & SPI, fellow of the Free Software Foundation Europe `- signature.asc Description: Digital Signature
Bug#817978: Upstream XFCE bug 11527
On Mon, 2 May 2016 12:40:35 +0200 Dave Barkerwrote: > Control: forwarded -1 https://bugzilla.xfce.org/show_bug.cgi?id=11527 > -- > This appears to be the upstream bug, the symptoms and version numbers match. > (I can also reproduce this for version xfce-panel 4.12.0-4.) > > I have reported this upstream (because I didn't read https://www.debian.org/Bugs/Reporting first - and it IS and upstream bug, sorry). FWIW, this patch fixes it: diff -Naur xfce4-panel-4.12.1.orig/plugins/clock/clock.c xfce4-panel-4.12.1/plugins/clock/clock.c --- xfce4-panel-4.12.1.orig/plugins/clock/clock.c 2016-08-12 07:54:27.0 +1000 +++ xfce4-panel-4.12.1/plugins/clock/clock.c2017-07-28 11:45:01.388259000 +1000 @@ -730,13 +730,13 @@ if (format != NULL) { - gtk_entry_set_text (entry, format); gtk_widget_hide (GTK_WIDGET (entry)); - g_free (format); } else { + gtk_entry_set_text (entry, format); gtk_widget_show (GTK_WIDGET (entry)); + g_free (format); } } }
Bug#869856: [Pkg-openssl-devel] Bug#869856: openssl: FTBFS: Testsuite failures
On Thu, Jul 27, 2017 at 9:05 AM, Kurt Roeckxwrote: > Does the attached patch fix it? It appears so. (Though I did have to apply it by hand as there was no "clientsession" line for patch to sync to in hunk #2.) -- Daniel Schepler
Bug#842961: thunderbird: backtrace attached
Package: thunderbird Version: 1:45.8.0-3 Followup-For: Bug #842961 Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** I have been experiencing frequent crashes with thunderbird, and before that icedove. I've followed the debug instructions here: https://wiki.debian.org/Icedove#Debugging crashes happen at random times, but do seem to have some correlation to when I click on a new email or hit the compose button, or do some action in thunderbird. threaded backtrace attached. -- System Information: Debian Release: 9.0 APT prefers stable-debug APT policy: (500, 'stable-debug'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-3-amd64 (SMP w/16 CPU cores) Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8), LANGUAGE=en_AU:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages thunderbird depends on: ii debianutils 4.8.1.1 ii fontconfig2.11.0-6.7+b1 ii libasound21.1.3-5 ii libatk1.0-0 2.22.0-1 ii libc6 2.24-11+deb9u1 ii libcairo2 1.14.8-1 ii libdbus-1-3 1.10.18-1 ii libdbus-glib-1-2 0.108-2 ii libevent-2.0-52.0.21-stable-3 ii libffi6 3.2.1-6 ii libfontconfig12.11.0-6.7+b1 ii libfreetype6 2.6.3-3.2 ii libgcc1 1:6.3.0-18 ii libgdk-pixbuf2.0-02.36.5-2 ii libglib2.0-0 2.50.3-2 ii libgtk2.0-0 2.24.31-2 ii libhunspell-1.4-0 1.4.1-2+b2 ii libicu57 57.1-6 ii libnspr4 2:4.12-6 ii libnss3 2:3.26.2-1.1 ii libpango-1.0-01.40.5-1 ii libpangocairo-1.0-0 1.40.5-1 ii libpangoft2-1.0-0 1.40.5-1 ii libpixman-1-0 0.34.0-1 ii libsqlite3-0 3.16.2-5 ii libstartup-notification0 0.12-4+b2 ii libstdc++66.3.0-18 ii libvpx4 1.6.1-3 ii libx11-6 2:1.6.4-3 ii libxcomposite11:0.4.4-2 ii libxdamage1 1:1.1.4-2+b3 ii libxext6 2:1.3.3-1+b2 ii libxfixes31:5.0.3-1 ii libxrender1 1:0.9.10-1 ii libxt61:1.1.5-1 ii psmisc22.21-2.1+b2 ii x11-utils 7.7+3+b1 ii zlib1g1:1.2.8.dfsg-5 Versions of packages thunderbird recommends: ii hunspell-en-us [hunspell-dictionary] 20070829-7 ii lightning 1:45.8.0-3 Versions of packages thunderbird suggests: pn apparmor pn fonts-lyx ii libgssapi-krb5-2 1.15-1 -- no debconf information thunderbird-gdb-45.8.0-3_2017-07-26_16:46:44.trunc.log.gz Description: application/gzip
Bug#869956: transition: libevent 2.1.8-stable-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition Block: -1 by 869900 869902 869951 Dear Release Team, I would like to upload libevent 2.1.8-stable to unstable. Test rebuild in Debian revealed 3 reverse build dependencies which FTBFS and I filed bugs against them linking to the build logs [1]. Test rebuild in Ubuntu showed similar results with a few unrelated build failures [2] Thanks, Balint [1] https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=libevent-20170726=rbalint%40ubuntu.com;dist=unstable [2] https://launchpad.net/~rbalint/+archive/ubuntu/libevent-2.1/+packages -- Balint Reczey Debian & Ubuntu Developer
Bug#869955: warning with perl 5.24
Control: tags -1 + upstream fixed-upstream newcomer On Fri, Jul 28, 2017 at 01:40:24AM +0200, Ivan Sergio Borgonovo wrote: > After upgrading perl to 5.26.0-4 I get: > > Unescaped left brace in regex is deprecated here (and will be fatal in Perl > 5.30), passed through in regex; marked by <-- HERE in m/^(.{ <-- HERE > ,200}).*$/ at /usr/share/perl5/Mail/SpamAssassin/PerMsgStatus.pm line 923. > Learned tokens from 1 message(s) (1494 message(s) examined) Thanks for the report. This has been fixed in upstream svn with the following commit: https://svn.apache.org/viewvc/spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm?r1=1708863=1791010_format=h I'll either backport the fix or (preferably) package a forthcoming upstream release... noah
Bug#869955: warning with perl 5.24
Package: spamassassin Version: 3.4.1-7 After upgrading perl to 5.26.0-4 I get: Unescaped left brace in regex is deprecated here (and will be fatal in Perl 5.30), passed through in regex; marked by <-- HERE in m/^(.{ <-- HERE ,200}).*$/ at /usr/share/perl5/Mail/SpamAssassin/PerMsgStatus.pm line 923. Learned tokens from 1 message(s) (1494 message(s) examined) Just a warning, spamassassin seems to work. There is no newer upstream. thanks -- Ivan Sergio Borgonovo http://www.webthatworks.it http://www.borgonovo.net
Bug#869954: ifupdown: FTBFS on hurd-i386 and kfreebsd-any
Source: ifupdown Version: 0.8.23 Severity: important Tags: patch User: debian-h...@lists.debian.org Usertags: hurd, kfreebsd Hi, ifupdown FTBFS due to a trivial omission to install on both Hurd and kFreeBSD in files archhurd.c and archkfreebsd.c, respectively. Additionally the function expand_matches() needs some fixes to cope with Hurd naming network interfaces e.g. /dev/eth0 instead of eth0. I think we should continue the effort to remove global variables further, and provide test cases for the new functionality. Next would be a test for the rename option as well as ifquery. I'm pretty sure ifquery can be supported for Hurd too. For kFreeBSD I'm more unsure, I just checked that the build was OK with the proposed patch. Thanks :) Index: ifupdown-0.8.23/main.c === --- ifupdown-0.8.23.orig/main.c +++ ifupdown-0.8.23/main.c @@ -650,22 +650,24 @@ static struct ifaddrs *ifap = NULL; static void expand_matches(int *argc, char ***argv) { char **exp_iface = NULL; int n_exp_ifaces = 0; + char *buf = NULL; for (int i = 0; i < *argc; i++) { // Interface names not containing a slash are taken over literally. - if (!strchr((*argv)[i], '/')) { + buf = strdupa((*argv)[i]); + sanitize_file_name(buf); + if (!strchr(buf, '/')) { append_to_list_nodup(_iface, _exp_ifaces, (*argv)[i]); continue; } // Format is [variable]/pattern[/options] - char *buf = strdupa((*argv)[i]); char *variable = NULL; char *pattern = NULL; char *options = NULL; int match_n = 0; - char *slash = strchr(buf, '/'); + char *slash = strchrnul(buf, '/'); if (slash != buf) variable = buf; *slash++ = 0; Index: ifupdown-0.8.23/archkfreebsd.c === --- ifupdown-0.8.23.orig/archkfreebsd.c +++ ifupdown-0.8.23/archkfreebsd.c @@ -1,3 +1,4 @@ +#include #include "archcommon.h" bool variable_match(const char *iface, const char *variable, const char *pattern) { Index: ifupdown-0.8.23/archhurd.c === --- ifupdown-0.8.23.orig/archhurd.c +++ ifupdown-0.8.23/archhurd.c @@ -1,3 +1,4 @@ +#include #include "archcommon.h" bool variable_match(const char *iface, const char *variable, const char *pattern) {
Bug#838372: stterm: New upstream version
Dear Jari, I did some work on packaging st-0.7, it's here: https://anonscm.debian.org/cgit/users/paride-guest/stterm.git Beware! I did change the way 'st' is renamed to 'stterm': in what I've done it's just the binary that gets renamed do 'stterm', the rest is kept as 'st'. The manpage and package description warn about this, as before. I think this is the right thing to do, as this software *is* called 'st', then we want to avoid the two letter binary and we rename it, but that's it. (To be honest I would have left the original name, in my "packaging philosophy" I really try to avoid patching.) There are other things I have in mind, but first I'd like some feedback on what I've done so far. If uploaded as-is, this package should allow you to close all the pending bugs for stterm. Cheers, Paride
Bug#869609: [pkg-gnupg-maint] Bug#869609: libgpg-error is unecessarily hard to bootstrap for new architectures/ABIs
Hi all-- over on https://bugs.debian.org/869609, Wookey and Steven Capper kicked off this discussion about making libgpg-error less painful to bootstrap for a new architecture (Steven's contribution is included below). I note that there is additional discussion about cross-compilation of things *based* on gpg-error over at https://bugs.debian.org/643341 -- i think that's a different issue, though it seems related: we haven't made ease of cross-compilation or bootstrapping a specific goal of the library, afaict. On Mon 2017-07-24 22:07:49 +0100, Steven Capper wrote: > So going through this my understanding is that for Linux this library > creates weak references to the pthread_mutex_ functions as well as > simulates the size of the pthread_mutex_t type. IIUC this obviates the > need to cross-compile against pthreads. When one loads the library, > the weak references will be overridden by the C library and, providing > the data type is the same as simulated, should operate as one is using > pthreads. > > If the simulated data type does not match the system implementation, I > am not sure what behaviour will manifest. > > I don't understand why one cannot cross-compile a library that makes > use of pthreads directly though? Was this weak function/type > simulation workaround needed for a bug in the past that has since been > fixed? > > Have we missed something obvious? I don't know the history of this part of libgpg-error, though i know that cross-platform portability (as well as support on historic architectures) has generally been a goal of the GnuPG project. It might be an irony of this focus that it's actually *harder* to do more common modern cross-compilation/bootstrapping as a result. But maybe Werner or some other GnuPG upstream folks with more knowledge can weigh in on the backstory here? fwiw, i generally agree that it'd be great to be able to make gpg-error more closely conform to modern cross-compilation and bootstrapping processes, since it tends to be in the core of a tight group of dependencies on many systems. Regards, --dkg signature.asc Description: PGP signature
Bug#869952: db5.3: Update bootstrapping code to build profile
Source: db5.3 Version: 5.3.28-13 Severity: wishlist It would be great if the next upload could update the DEB_STAGE=stage1 support to support it as a build profile, i.e. support DEB_BUILD_PROFILES=stage1 and update the Build-Depends to something like: Build-Depends: debhelper (>= 10), autotools-dev, dh-autoreconf, tcl-dev , procps [!hurd-i386] , javahelper [!m68k] , default-jdk [!m68k] And also update the package stanzas for libdb5.3-java, libdb5.3-java-dev, libdb5.3-java-jni, libdb5.3-tcl in debian/control to include "Build-Profiles: ". I should be able to write a patch for this if you want. -- Daniel Schepler
Bug#869953: budgie-core: Adapt to gnome-settings-daemon 3.24
Package: budgie-core Version: 10.2.9-3 Severity: important User: pkg-gnome-maintain...@lists.alioth.debian.org Usertags: gsd324 Tags: buster budgie-core includes a gnome-session file to allow users to easily log in to Budgie. gnome-settings-daemon 3.24 has split itself into separate binaries and the gnome-session file will no longer work. The new version of gnome-settings-daemon is available for testing in Debian experimental. We intend to upload gnome-settings-daemon 3.24 to Debian unstable about 10 days from now on Sunday, August 6. I suggest uploading the fix to the DELAYED queue for that date so that this transition will be easy and smooth. I also suggest adding an explicit dependency on gnome-settings-daemon 3.24 so that budgie-desktop won't migrate to testing before gnome-settings-daemon 3.24 does. On behalf of the Debian GNOME team, Jeremy Bicha
Bug#614632: Disk partitions not created along cylinder boundaries
Quoting Andreas Henriksson: Thanks for your bug report (and sorry for the very late followup). On Tue, Feb 22, 2011 at 07:51:28PM +0100, Jaap Winius wrote: Package: netinstall Version: Debian GNU/Linux 6.0.0 "Squeeze" - Official i386 NETINST Binary-1, 20110205-14:34 A late response indeed: that was almost six and a half years ago! I think I was using netinstall to install Debian squeeze, and then noticed afterwards that the partitions that had been created did not start on cylinder boundaries like I expected. Or, at least on sector 2048. So, I figured netinstall was not operating fdisk properly. I think. It was, after all, a long time ago. :-) Just close report. Cheers, Jaap
Bug#865855: [PKG-Openstack-devel] Bug#865855: Any news on python3 support for tablib?
On 07/24/2017 12:59 PM, Neil Williams wrote: > This is the remaining bug which is putting one of my packages at risk > of removal from buster. > > Would an NMU be acceptable? Hi Niel, Not only you should NMU the package, but you should as well take it over. It is indeed not used by OpenStack anymore, and therefore, the team has no interest in it anymore. Ondrej, can you confirm this fact? Cheers, Thomas Goirand (zigo)
Bug#869950: gnome-session-flashback: Adapt to gnome-settings-daemon 3.24
Package: gnome-session-flashback Version: 3.22.0-3 Severity: important User: pkg-gnome-maintain...@lists.alioth.debian.org Usertags: gsd324 Tags: buster Tags: unstable gnome-session-flashback includes gnome-session files to allow users to easily log in to GNOME Flashback. gnome-settings-daemon 3.24 has split itself into separate binaries and the gnome-session files will no longer work. The new version of gnome-settings-daemon is available for testing in Debian experimental. I believe you can fix this by uploading the gnome-flashback 3.24 package from experimental to unstable. We intend to upload gnome-settings-daemon 3.24 to Debian unstable about 10 days from now on Sunday, August 6. I suggest uploading the fix to the DELAYED queue for that date so that this transition will be easy and smooth. On behalf of the Debian GNOME team, Jeremy Bicha
Bug#869951: webdis: FTBFS with libevent 2.1.x
Source: webdis Version: 0.1.2+dfsg-2 Severity: important User: rbal...@ubuntu.com Usertags: libevent-20170726 Dear Maintainer, During test rebuilds for the upcoming libevent transition [1] your package found to be failing to build [2] with libevent-dev 2.1.8-stable-2 from experimental: ... Ran 22 tests in 0.015s OK python tests/limits.py .. -- Ran 2 tests in 64.121s OK ./tests/pubsub -p 48262 1 % 2 % E: Build killed with signal TERM after 150 minutes of inactivity Build finished at 2017-06-29T10:01:37Z ... Cheers, Balint [1] https://release.debian.org/transitions/html/auto-libevent.html [2] https://people.debian.org/~rbalint/build-logs/libevent-20170726/webdis_0.1.2+dfsg-2 -- Balint Reczey Debian & Ubuntu Developer
Bug#864428: RFS: bitfield/1.0.0-2 [ITP #864358]
On 07/25/2017 04:05 PM, Roland Fehrenbacher wrote: > Hi Vitalie, > > I pick up the sponsoring process. > > V> Thank you very much for your help and comments. > >> libbitfield$SOVERSION (shared library) >> libbitfield-dev (development files) > > V> Done. Package name changed from 'bitfield' to 'libbitfield' and > SOVERSION is set > V> to 1, so we get: > V> libbitfield1 > V> libbitfield-dev > > This looks good now. > >> If you don't have soversioning in place, then it probably means that your >> software is still too volatile for you to think about a stable ABI / > API. If >> that's the case, then it is not a good candidate for packaging in Debian > just yet. > > V> Done. SO-versioning (and versioning policy in general) has been set. ABI > /API > V> has been stabilized. Version (1.0.0) has been released. > > That's also OK now. > > Some further problems with the packaging: > > - The link /usr/lib/x86_64-linux-gnu/libbitfield.so should go to > the libbitfield-dev package. > - A shared library should have a debian/.symbols file > (see man dpkg-gensymbols). > - The standards version should be updated to 4.0.0 > - The files README.{Debian,source} do not provide any real info. They should > be dropped until they contain something useful. > - Please also remove the unrelated comments at the end of debian/rules > and the comments after the DH_VERBOSE line at the beginning. > - The files debian/*.dirs are unnecessary . Please remove. > > Please fix your package and ping me when done, so I can recheck. > > Cheers, > > Roland Some other comments. * The debian/changelog should: - Contain only the first line. - Have 1.0.0-1 (and not -3) as Debian release, as no previous version were uploaded to Debian. * Is there a reason why you're using debhelper 9 and not 10? * I would recommend the use of "wrap-and-sort -t -a" (from devscripts) to make debian/control cleaner. * Your long description is a bit too short. When searching on a search engine, I can see there's lots of this type of library. Your long description doesn't tell where your library differentiate. Also, your long description for the -dev package is only 2 lines long, which even triggers a lintian warning that you should have seen. I would recommend copying the long desc of libbitfield1 on top of the 2 lines of libbitfield-dev as well. * There's some lintian errors about spelling in man pages. Please fix them. * Have you considered using DEB_BUILD_MAINT_OPTIONS=hardening=+all in your debian/rules ? That's usually a good idea, and lintian also complains about this. * The .symbols file contains the debian revision. Typically, this shouldn't be in, as the symbols are exported from the upstream version, and wont change on debian revisions. One last thing: what is your intention about packaging this library? Are you going to upload a program that will actually use that lib? What is the point in having it in Debian, and how will it be useful for our users? I hope this helps. Cheers, Thomas Goirand (zigo)
Bug#851731: mount: USB mounts with another name, cant see new USBs content!
Control: tags -1 = moreinfo Hello Eamonn Collins, Thanks for your bug report. On Wed, Jan 18, 2017 at 11:14:21AM +0800, Eamonn Collins wrote: > Package: mount > Version: 2.25.2-6 > Severity: normal > Tags: lfs > > Dear Maintainer, > > *** Reporter, please consider answering these questions, where appropriate *** > >* What led up to the situation? > > I used the cp commmand to create a debian testing installation usb. I then > unmounted and removed the usb, and entered another usb which has some backup > files on it. > >* What exactly did you do (or not do) that was effective (or ineffective)? > > I imagine a reset will fix. > >* What was the outcome of this action? > > The new USB mounted with the previous USBs name 'Debian testing amd64' and > displays the content of it instead of the content of the new USB. (???) When > trying to umount it says 'permission needed to unmount /dev/loop0 mounted by > another user > >* What outcome did you expect instead? > > The usb to be mounted under its actual name and to display its actual content. > > Sorry my input can't be better, i am noob still. > > *** End of the template - remove these template lines *** I imagine this isn't really a problem with the mount command but rather a problem with how Linux (the kernel) handles mounted filesystems which abruptly dissapears. (I assume you yanked the usb stick out without properly unmounting it first, right?!) Linux has gradually become better at handling similar situations over the years and I imagine if you upgrade to Debian 9 ("stretch") which has a newer kernel you might see an improved situation compared to what you experienced before. Either way I don't really see any issue with the mount command itself, so I'm marking this bug as 'moreinfo'. Unless there's any relevant followup information I'll likely close this bug report. Regards, Andreas Henriksson
Bug#614632: Disk partitions not created along cylinder boundaries
Control: tags -1 + moreinfo Hello Jaap Winius, Thanks for your bug report (and sorry for the very late followup). On Tue, Feb 22, 2011 at 07:51:28PM +0100, Jaap Winius wrote: > Package: netinstall > Version: Debian GNU/Linux 6.0.0 "Squeeze" - Official i386 NETINST Binary-1, > 20110205-14:34 > > When a disk is partitioned, the partitions are later found to not end/start > on cylinder boundaries. For example: > > ~# fdisk -l /dev/sda > > Disk /dev/sda: 1000.2 GB, 1000204886016 bytes > 255 heads, 63 sectors/track, 121601 cylinders > Units = cylinders of 16065 * 512 = 8225280 bytes > Sector size (logical/physical): 512 bytes / 512 bytes > I/O size (minimum/optimal): 512 bytes / 512 bytes > Disk identifier: 0x0007d8f1 > >Device Boot Start End Blocks Id System > /dev/sda1 1 973 7811072 82 Linux swap / Solaris > Partition 1 does not end on cylinder boundary. > /dev/sda2 * 973 121602 968949760 fd Linux raid autodetect > ~# [...] In other words fdisk is reporting about a potential compatibility problem. I don't see why you think this warning is false. Of course CHS adressing is deprecated and full compatibility with it might now be very important in this day and age, but still if fdisk detects an issue why not report it? If you think CHS-related compatibility issue reporting should only happen in some kind of pedantic mode, then please feel free to discuss such a change on the upstream mailing list. Please note that debian-installer does not normally use fdisk to create partitions, so it's definitely possible that the other tools has issues which fdisk detects. (If I'm not mistaken parted is normally the tool used by debian-installer.) I'm marking this this bug as 'moreinfo' as I'm not really sure what's supposed to happen to consider resolved. I also don't really see any issue here to begin with, so unless someone fills me in I'll likely end up closing this bug report. Regards, Andreas Henriksson
Bug#869949: jessie-pu: package ipsec-tools/1:0.8.2+20140711-2+deb8u1
Package: release.debian.org Severity: normal Tags: jessie User: release.debian@packages.debian.org Usertags: pu I'd like to update ipsec-tools in the next oldstable point release to address a security vulnerability in which a remote unauthenticated attacker could cause racoon to exhause CPU resources resulting in a denial-of-service. Because the issue has been known for some time, the security team does not feel that this warrants a DSA. Instead it should be updated via (old)stable-updates. See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867986 for details. Note also that I already uploaded a package targeting stable-updates without prior approval. Apologies for getting the process wrong in that case. debdiff is attached. The diffstat is: changelog|6 ++ patches/CVE-2016-10396.patch | 201 patches/series |1 3 files changed, 208 insertions(+) Thanks noah diff -Nru ipsec-tools-0.8.2+20140711/debian/changelog ipsec-tools-0.8.2+20140711/debian/changelog --- ipsec-tools-0.8.2+20140711/debian/changelog 2015-05-22 01:03:06.0 -0700 +++ ipsec-tools-0.8.2+20140711/debian/changelog 2017-07-27 14:37:54.0 -0700 @@ -1,3 +1,9 @@ +ipsec-tools (1:0.8.2+20140711-2+deb8u2) oldstable; urgency=medium + + * Import NetBSD's patch to address CVE-2016-10396 (Closes: #867986) + + -- Noah MeyerhansThu, 27 Jul 2017 14:37:54 -0700 + ipsec-tools (1:0.8.2+20140711-2+deb8u1) jessie-security; urgency=high * Non-maintainer upload by the Security Team. diff -Nru ipsec-tools-0.8.2+20140711/debian/patches/CVE-2016-10396.patch ipsec-tools-0.8.2+20140711/debian/patches/CVE-2016-10396.patch --- ipsec-tools-0.8.2+20140711/debian/patches/CVE-2016-10396.patch 1969-12-31 16:00:00.0 -0800 +++ ipsec-tools-0.8.2+20140711/debian/patches/CVE-2016-10396.patch 2017-07-27 14:37:54.0 -0700 @@ -0,0 +1,201 @@ +Description: Fix remotely exploitable DoS. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10396 +Source: vendor; https://gnats.netbsd.org/cgi-bin/query-pr-single.pl?number=51682 +Bug-debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867986 + +Index: pkg-ipsec-tools/src/racoon/isakmp_frag.c +=== +--- pkg-ipsec-tools.orig/src/racoon/isakmp_frag.c pkg-ipsec-tools/src/racoon/isakmp_frag.c +@@ -1,4 +1,4 @@ +-/*$NetBSD: isakmp_frag.c,v 1.5 2009/04/22 11:24:20 tteras Exp $ */ ++/*$NetBSD: isakmp_frag.c,v 1.5.36.1 2017/04/21 16:50:42 bouyer Exp $ */ + + /* Id: isakmp_frag.c,v 1.4 2004/11/13 17:31:36 manubsd Exp */ + +@@ -173,6 +173,43 @@ vendorid_frag_cap(gen) + return ntohl(hp[MD5_DIGEST_LENGTH / sizeof(*hp)]); + } + ++static int ++isakmp_frag_insert(struct ph1handle *iph1, struct isakmp_frag_item *item) ++{ ++ struct isakmp_frag_item *pitem = NULL; ++ struct isakmp_frag_item *citem = iph1->frag_chain; ++ ++ /* no frag yet, just insert at beginning of list */ ++ if (iph1->frag_chain == NULL) { ++ iph1->frag_chain = item; ++ return 0; ++ } ++ ++ do { ++ /* duplicate fragment number, abort (CVE-2016-10396) */ ++ if (citem->frag_num == item->frag_num) ++ return -1; ++ ++ /* need to insert before current item */ ++ if (citem->frag_num > item->frag_num) { ++ if (pitem != NULL) ++ pitem->frag_next = item; ++ else ++ /* insert at the beginning of the list */ ++ iph1->frag_chain = item; ++ item->frag_next = citem; ++ return 0; ++ } ++ ++ pitem = citem; ++ citem = citem->frag_next; ++ } while (citem != NULL); ++ ++ /* we reached the end of the list, insert */ ++ pitem->frag_next = item; ++ return 0; ++} ++ + int + isakmp_frag_extract(iph1, msg) + struct ph1handle *iph1; +@@ -224,39 +261,43 @@ isakmp_frag_extract(iph1, msg) + item->frag_next = NULL; + item->frag_packet = buf; + +- /* Look for the last frag while inserting the new item in the chain */ +- if (item->frag_last) +- last_frag = item->frag_num; ++ /* Check for the last frag before inserting the new item in the chain */ ++ if (item->frag_last) { ++ /* if we have the last fragment, indices must match */ ++ if (iph1->frag_last_index != 0 && ++ item->frag_last != iph1->frag_last_index) { ++ plog(LLV_ERROR, LOCATION, NULL, ++ "Repeated last fragment index mismatch\n"); ++ racoon_free(item); ++ vfree(buf); ++ return -1; ++
Bug#869948: gnome-shell-extensions: Adapt to gnome-settings-daemon 3.24
Package: gnome-shell-extensions Version: 3.22.2-1 Severity: important User: pkg-gnome-maintain...@lists.alioth.debian.org Usertags: gsd324 Tag: +buster +sid gnome-shell-extensions includes a gnome-session file to allow users to log in to "GNOME Classic". gnome-settings-daemon 3.24 has split itself into separate binaries and the gnome-session file will no longer work. I'll cherry-pick the fix for this to our svn repository. (We can't upload gnome-shell 3.24 since it requires mozjs38 which is not in Debian.) We intend to upload gnome-settings-daemon 3.24 to Debian unstable about 10 days from now on Sunday, August 6. I suggest uploading the fix to the DELAYED queue for that date so that this transition will be easy and smooth. On behalf of the Debian GNOME team, Jeremy Bicha
Bug#869947: gnome-shell: Adapt to gnome-settings-daemon 3.24
Package: gnome-shell Version: 3.22.3-4 Severity: important User: pkg-gnome-maintain...@lists.alioth.debian.org Usertags: gsd324 Tags: +buster Tags: +sid gnome-shell includes a gnome-session file to allow users to log in using gdm3 or an equivalent. gnome-settings-daemon 3.24 has split itself into separate binaries and the gnome-session file will no longer work. I'll cherry-pick the fix for this to our svn repository. (We can't upload gnome-shell 3.24 since it requires mozjs38 which is not in Debian.) We intend to upload gnome-settings-daemon 3.24 to Debian unstable about 10 days from now on Sunday, August 6. I suggest uploading the fix to the DELAYED queue for that date so that this transition will be easy and smooth. On behalf of the Debian GNOME team, Jeremy Bicha
Bug#869855: Debian Stretch and nfs-kernel-server nfsv2
Hello, It is not a bug, It is a feature :) Simple to resolv. Edit /etc/default/nfs-kernel-server file and change RPCNFSDCOUNT variable like this : RPCNFSDCOUNT="8 --nfs-version 2" Save the file and restart nfs-kernel-server service. Check the value of cat /proc/fs/nfsd/versions. Regards, -- Marc-Henri Pamiseux - SARL Libricks - www.libricks.fr 6 rue Léonard de Vinci - CS 20119, 53001 LAVAL Cedex Tel. : 02.30.96.15.24 / Mobile : 06.26.71.30.97
Bug#869944: RM: doxia-maven-plugin -- ROM; Not used, discontinued
Package: ftp.debian.org Severity: normal Hi, Please remove the doxia-maven-plugin package. This Maven plugin is never used in Debian and upstream stopped updating it 6 years ago. Thank you, Emmanuel Bourg
Bug#869945: all kvm guests crash during startup
Package: qemu-system-x86 Version: 1:2.8+dfsg-6+deb9u1 When I try to start any kvm guest via virsh start , the guest crashes during startup. See log extract below. Downgrading to qemu-system-x86=1:2.8+dfsg-6 solves the problem. Extract from /var/log/libvirt/qemu/guest.log : LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin QEMU_AUDIO_DRV=spice /usr/bin/qemu-system-x86_64 -name guest=a,debug-threads=on -S -object secret,id=masterKey0,for mat=raw,file=/var/lib/libvirt/qemu/domain-2-a/master-key.aes -machine pc-i440fx-2.8,accel=kvm,u sb=off,vmport=off,dump-guest-core=off -cpu IvyBridge,+ds,+acpi,+ss,+ht,+tm,+pbe,+dtes64,+monito r,+ds_cpl,+vmx,+est,+tm2,+xtpr,+pdcm,+pcid,+osxsave,+arat,+xsaveopt -bios /usr/share/OVMF/OVMF_ CODE.fd -m 1024 -realtime mlock=off -smp 1,sockets=1,cores=1,threads=1 -uuid 2a8f74bb-7cbd-48e5 -933d-e739ea08bb7a -no-user-config -nodefaults -chardev socket,id=charmonitor,path=/var/lib/lib virt/qemu/domain-2-a/monitor.sock,server,nowait -mon chardev=charmonitor,id=monitor,mode=contro l -rtc base=utc,driftfix=slew -global kvm-pit.lost_tick_policy=delay -no-hpet -no-shutdown -glo bal PIIX4_PM.disable_s3=0 -global PIIX4_PM.disable_s4=0 -boot strict=on -device nec-usb-xhci,id =usb,bus=pci.0,addr=0x6 -device virtio-scsi-pci,id=scsi0,bus=pci.0,addr=0x5 -device virtio-seri al-pci,id=virtio-serial0,bus=pci.0,addr=0x7 -drive file=/var/lib/libvirt/images/a.img,format=qc ow2,if=none,id=drive-scsi0-0-0-0,discard=unmap -device scsi-hd,bus=scsi0.0,channel=0,scsi-id=0, lun=0,drive=drive-scsi0-0-0-0,id=scsi0-0-0-0,bootindex=1 -drive if=none,id=drive-ide0-0-0,reado nly=on -device ide-cd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 -netdev tap,fd=28,id=ho stnet0,vhost=on,vhostfd=30 -device virtio-net-pci,netdev=hostnet0,id=net0,mac=52:54:00:a6:99:0f ,bus=pci.0,addr=0x3 -chardev pty,id=charserial0 -device isa-serial,chardev=charserial0,id=seria l0 -chardev socket,id=charchannel0,path=/var/lib/libvirt/qemu/channel/target/domain-2-a/org.qem u.guest_agent.0,server,nowait -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchan nel0,id=channel0,name=org.qemu.guest_agent.0 -chardev spicevmc,id=charchannel1,name=vdagent -de vice virtserialport,bus=virtio-serial0.0,nr=2,chardev=charchannel1,id=channel1,name=com.redhat. spice.0 -device usb-tablet,id=input0,bus=usb.0,port=1 -spice port=0,disable-ticketing,image-com pression=off,seamless-migration=on -device qxl-vga,id=video0,ram_size=67108864,vram_size=671088 64,vram64_size_mb=0,vgamem_mb=16,max_outputs=1,bus=pci.0,addr=0x2 -device intel-hda,id=sound0,b us=pci.0,addr=0x4 -device hda-duplex,id=sound0-codec0,bus=sound0.0,cad=0 -chardev spicevmc,id=c harredir0,name=usbredir -device usb-redir,chardev=charredir0,id=redir0,bus=usb.0,port=2 -charde v spicevmc,id=charredir1,name=usbredir -device usb-redir,chardev=charredir1,id=redir1,bus=usb.0 ,port=3 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x8 -object rng-random,id=objrng0 ,filename=/dev/urandom -device virtio-rng-pci,rng=objrng0,id=rng0,bus=pci.0,addr=0x9 -msg times tamp=on Domain id=2 is tainted: custom-argv char device redirected to /dev/pts/3 (label charserial0) warning: host doesn't support requested feature: CPUID.01H:EDX.ds [bit 21] warning: host doesn't support requested feature: CPUID.01H:EDX.acpi [bit 22] warning: host doesn't support requested feature: CPUID.01H:EDX.ht [bit 28] warning: host doesn't support requested feature: CPUID.01H:EDX.tm [bit 29] warning: host doesn't support requested feature: CPUID.01H:EDX.pbe [bit 31] warning: host doesn't support requested feature: CPUID.01H:ECX.dtes64 [bit 2] warning: host doesn't support requested feature: CPUID.01H:ECX.monitor [bit 3] warning: host doesn't support requested feature: CPUID.01H:ECX.ds-cpl [bit 4] warning: host doesn't support requested feature: CPUID.01H:ECX.vmx [bit 5] warning: host doesn't support requested feature: CPUID.01H:ECX.est [bit 7] warning: host doesn't support requested feature: CPUID.01H:ECX.tm2 [bit 8] warning: host doesn't support requested feature: CPUID.01H:ECX.xtpr [bit 14] warning: host doesn't support requested feature: CPUID.01H:ECX.pdcm [bit 15] warning: host doesn't support requested feature: CPUID.01H:ECX.osxsave [bit 27] qemu-system-x86_64: /build/qemu-0Yb2kr/qemu-2.8+dfsg/hw/usb/hcd-xhci.c:2169: xhci_kick_epctx: A ssertion `!epctx->kick_active' failed. 2017-07-27 21:10:56.112+: shutting down, reason=crashed
Bug#869946: installation-reports: When the computer shuts down abruptly in Stratch 9.0.1 with any kind of cryptography, the computer won't boot again.
Package: installation-reports Severity: important After a fresh install of Debian Stretch 9.0.1 with any kind of cryptography applied to the hard drive, if the computer suddenly shuts down, then it will not boot up again, a lot of errors will appear when booting up and it will be impossible to access the system again. Logging in the terminal is impossible as well. This happens to every machine I tried installing Stretch with cryptography. -- System Information: Debian Release: 9.0.1 Architecture: amd64 (x86_64)
Bug#869943: gdm3: Adapt to gnome-settings-daemon 3.24
Package: gdm3 Version: 3.22.3-4 Severity: important User: pkg-gnome-maintain...@lists.alioth.debian.org Usertags: gsd324 gdm3 includes a gnome-session file to display the login screen. gnome-settings-daemon 3.24 has split itself into separate binaries and the gnome-session file will no longer work. gdm3 3.24.2-2 in experimental has already fixed this issue so we should just upload it to unstable. We intend to upload gnome-settings-daemon 3.24 to Debian unstable about 10 days from now on Sunday, August 6. I suggest uploading the fix to the DELAYED queue for that date so that this transition will be easy and smooth. On behalf of the Debian GNOME team, Jeremy Bicha
Bug#869922: [Pkg-utopia-maintainers] Bug#869922: (no subject)
Am 27.07.2017 um 23:15 schrieb Martin Dosch: > Dear Michael, > > I'm not the same Martin who opened the bugreport. :) > > Ok, after removing my user from the group sudo (and deleting this group > at all) also pkexec works like intended. > Ok, thanks for the confirmation that what I said was not wrong. Fwiw, you don't need to delete the sudo group (and I would advise against doing so). Simply remove the users from this group for those you don't want to have admin privileges. -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? signature.asc Description: OpenPGP digital signature
Bug#869942: gnome-initial-setup: Adapt to gnome-settings-daemon 3.24
Package: gnome-initial-setup Version: 3.22.1-1 Severity: important User: pkg-gnome-maintain...@lists.alioth.debian.org Usertags: gsd324 Tags: buster unstable gnome-settings-daemon includes a gnome-session file for its new user mode. gnome-settings-daemon 3.24 has split itself into separate binaries and the gnome-session file will no longer work. I have packaged gnome-initial-setup in the team svn repository which includes the fix for this issue. We intend to upload gnome-settings-daemon 3.24 to Debian unstable about 10 days from now on Sunday, August 6. I suggest uploading the fix to the DELAYED queue for that date so that this transition will be easy and smooth. On behalf of the Debian GNOME team, Jeremy Bicha
Bug#869941: libselinux: Update bootstrapping code to build profile
Source: libselinux Version: 2.6-3 Severity: wishlist It would be great if the next upload of libselinux could convert the DEB_STAGE=stage1 code to support a bootstrapping build profile, i.e. supporting DEB_BUILD_PROFILES=stage1 and updating Build-Depends to something like: Build-Depends: debhelper (>= 9), dh-python , file, gem2deb (>= 0.5.0~) , libsepol1-dev (>= 2.6), libpcre3-dev, pkg-config, python-all-dev (>= 2.6.6-3~) , python3-all-dev , swig And also mark the affected packages in debian/control with Build-Profiles: This would make it easier to automate the bootstrapping of this package. I should be able to write a patch for you if you want. -- Daniel Schepler
Bug#869922: [Pkg-utopia-maintainers] Bug#869922: (no subject)
Dear Michael, I'm not the same Martin who opened the bugreport. :) Ok, after removing my user from the group sudo (and deleting this group at all) also pkexec works like intended. But I'm still puzzled that you call a group sudo that is not needed for using sudo but makes a different program pkexec provide root access for a user totally ignoring /etc/sudoers. Best regards, Martin
Bug#580047: mount: man fstab(5): tab is also escaped in the second field (fs_file)
Control: forwarded -1 http://marc.info/?l=util-linux-ng=150118925800943=2 I've sent a trivial patch upstream (see above url for an archived copy of the mail). (Maybe the octal field of the ascii man page should be mentioned as a general reference, instead of space and tab specifically) Regards, Andreas Henriksson
Bug#869922: [Pkg-utopia-maintainers] Bug#869922: (no subject)
Am 27.07.2017 um 22:46 schrieb Martin Dosch: Are you the same Martin who filed the bug report? I'm confused because of the different email addresses > Dear all, > > >> Members of this group may run any command as any user when using sudo or >> pkexec (from the policykit-1 package, independently of whether the sudo >> package is installed). > > > I think you are wrong. This is what happens on my buster: I don't think I'm wrong. If you want to prove me wrong you'll have to provide more details, like your exact sudo config, your polkit config and getent groups martin. -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? signature.asc Description: OpenPGP digital signature
Bug#869940: linux-image-4.9.0-3-686-pae: setserial traces while booting
Package: src:linux Version: 4.9.30-2+deb9u2 Severity: normal Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? Upgrade from Debian 8 * What exactly did you do (or not do) that was effective (or ineffective)? Just booting * What was the outcome of this action? Warning and trace dump at [37.291314] * What outcome did you expect instead? no warning *** End of the template - remove these template lines *** -- Package-specific info: ** Version: Linux version 4.9.0-3-686-pae (debian-ker...@lists.debian.org) (gcc version 6.3.0 20170516 (Debian 6.3.0-18) ) #1 SMP Debian 4.9.30-2+deb9u2 (2017-06-26) ** Command line: BOOT_IMAGE=/boot/vmlinuz-4.9.0-3-686-pae root=UUID=9d371679-7737-4ae4-b995-4092fb32b2a8 ro initrd=/install/initrd.gz ** Tainted: W (512) * Taint on warning. ** Kernel log: [ 20.967661] excluding 0xd020-0xd020 [ 20.970324] yenta_cardbus :01:0a.0: pcmcia: parent PCI bridge window: [mem 0x8000-0x87ff pref] [ 20.973688] pcmcia_socket pcmcia_socket0: cs: memory probe 0x8000-0x87ff: [ 20.976583] excluding 0x8000-0x87ff [ 20.982052] yenta_cardbus :01:0a.1: CardBus bridge found [10cf:10e6] [ 21.007658] intel_rng: FWH not detected [ 21.079631] sd 0:0:0:0: Attached scsi generic sg0 type 0 [ 21.120621] yenta_cardbus :01:0a.1: ISA IRQ mask 0x0438, PCI irq 11 [ 21.123397] yenta_cardbus :01:0a.1: Socket status: 3006 [ 21.126235] pci_bus :01: Raising subordinate bus# of parent bus (#01) from #03 to #06 [ 21.130340] yenta_cardbus :01:0a.1: pcmcia: parent PCI bridge window: [io 0x3000-0x3fff] [ 21.133601] pcmcia_socket pcmcia_socket1: cs: IO port probe 0x3000-0x3fff: [ 21.137977] excluding 0x3000-0x30ff 0x3400-0x34ff 0x3800-0x38ff 0x3c00-0x3cff [ 21.145265] yenta_cardbus :01:0a.1: pcmcia: parent PCI bridge window: [mem 0xd020-0xd02f] [ 21.148708] pcmcia_socket pcmcia_socket1: cs: memory probe 0xd020-0xd02f: [ 21.151792] excluding 0xd020-0xd020 [ 21.154848] yenta_cardbus :01:0a.1: pcmcia: parent PCI bridge window: [mem 0x8000-0x87ff pref] [ 21.176934] pcmcia_socket pcmcia_socket1: cs: memory probe 0x8000-0x87ff: [ 21.179986] excluding 0x8000-0x87ff [ 21.487953] lib80211: common routines for IEEE802.11 drivers [ 21.501609] lib80211_crypt: registered algorithm 'NULL' [ 21.596938] libipw: 802.11 data/management/control stack, git-1.1.13 [ 21.596940] libipw: Copyright (C) 2004-2005 Intel Corporation[ 21.887494] ipw2100: Intel(R) PRO/Wireless 2100 Network Driver, git-1.2.2 [ 21.892434] ipw2100: Copyright(c) 2003-2006 Intel Corporation [ 21.900417] ipw2100: Detected Intel PRO/Wireless 2100 Network Connection [ 22.018484] ipw2100 :01:0d.0: firmware: direct-loading firmware ipw2100-1.3.fw [ 22.060217] input: PC Speaker as /devices/platform/pcspkr/input/input15 [ 22.716074] snd_intel8x0 :00:1f.5: intel8x0_measure_ac97_clock: measured 59113 usecs (2847 samples) [ 22.723780] snd_intel8x0 :00:1f.5: clocking to 48000 [ 23.264074] floppy0: no floppy controllers found [ 24.959253] iTCO_vendor_support: vendor-support=0 [ 25.175849] Adding 1026044k swap on /dev/sda5. Priority:-1 extents:1 across:1026044k FS [ 25.488438] iTCO_wdt: Intel TCO WatchDog Timer Driver v1.11 [ 25.495794] iTCO_wdt: Found a ICH4-M TCO device (Version=1, TCOBASE=0xfc60) [ 25.504244] iTCO_wdt: initialized. heartbeat=30 sec (nowayout=0) [ 25.866165] Bluetooth: Core ver 2.22 [ 25.869724] NET: Registered protocol family 31 [ 25.872750] Bluetooth: HCI device and connection manager initialized [ 25.877055] Bluetooth: HCI socket layer initialized [ 25.879686] Bluetooth: L2CAP socket layer initialized [ 25.882523] Bluetooth: SCO socket layer initialized [ 26.413314] usbcore: registered new interface driver btusb [ 30.262325] 8139too :01:0c.0 eth0: link down [ 30.267991] IPv6: ADDRCONF(NETDEV_UP): eth0: link is not ready [ 37.291314] [ cut here ] [ 37.292024] WARNING: CPU: 0 PID: 2998 at /build/linux-yRLO9M/linux-4.9.30/lib/list_debug.c:36 __list_add+0xfc/0x120 [ 37.292024] list_add double add: new=da92889c, prev=da92889c, next=da92889c. [ 37.292024] Modules linked in: btusb btrtl btbcm btintel bluetooth iTCO_wdt iTCO_vendor_support pcspkr joydev serio_raw ipw2100 snd_intel8x0 snd_intel8x0m libipw snd_ac97_codec ac97_bus lib80211 pcmcia cfg80211 snd_pcm snd_timer snd rfkill soundcore lpc_ich mfd_core sg rng_core yenta_socket pcmcia_rsrc pcmcia_core apanel shpchp smsc_ircc2 input_polldev irda crc_ccitt battery fujitsu_laptop ac evdev acpi_cpufreq binfmt_misc parport_pc ppdev lp parport sunrpc ip_tables x_tables autofs4 ext4 crc16 jbd2 crc32c_generic fscrypto ecb xts lrw gf128mul ablk_helper cryptd aes_i586 mbcache sd_mod
Bug#869938: afterstep: Adapt to gnome-settings-daemon 3.24
From dce6f333cd9b15b1c842326bbe1ce2f4ecda6ad3 Mon Sep 17 00:00:00 2001 From: Jeremy BichaDate: Thu, 27 Jul 2017 16:56:47 -0400 Subject: [PATCH] Add 54-Adapt-to-gsd-324.patch Update the gnome-session file for gnome-settings-daemon 3.24 Closes: #869938 --- debian/changelog | 9 + debian/patches/54-Adapt-to-gsd-324.patch | 14 ++ debian/patches/series| 1 + 3 files changed, 24 insertions(+) create mode 100644 debian/patches/54-Adapt-to-gsd-324.patch diff --git a/debian/changelog b/debian/changelog index 0227abe..1dd8546 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +afterstep (2.2.12-10.1) unstable; urgency=medium + + * Non-maintainer upload. + * Add 54-Adapt-to-gsd-324.patch: +- Update the gnome-session file for gnome-settings-daemon 3.24 + (Closes: #869938) + + -- Jeremy Bicha Thu, 27 Jul 2017 16:41:16 -0400 + afterstep (2.2.12-10) unstable; urgency=medium * Enable the `pie' hardening option (closes: #865594). diff --git a/debian/patches/54-Adapt-to-gsd-324.patch b/debian/patches/54-Adapt-to-gsd-324.patch new file mode 100644 index 000..a1fc4eb --- /dev/null +++ b/debian/patches/54-Adapt-to-gsd-324.patch @@ -0,0 +1,14 @@ +--- + AfterStep.session |2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/AfterStep.session b/AfterStep.session +@@ -1,6 +1,6 @@ + [GNOME Session] + Name=AfterStep +-RequiredComponents=gnome-settings-daemon; ++RequiredComponents=org.gnome.SettingsDaemon.A11yKeyboard;org.gnome.SettingsDaemon.A11ySettings;org.gnome.SettingsDaemon.Clipboard;org.gnome.SettingsDaemon.Color;org.gnome.SettingsDaemon.Datetime;org.gnome.SettingsDaemon.Housekeeping;org.gnome.SettingsDaemon.Keyboard;org.gnome.SettingsDaemon.MediaKeys;org.gnome.SettingsDaemon.Mouse;org.gnome.SettingsDaemon.Power;org.gnome.SettingsDaemon.PrintNotifications;org.gnome.SettingsDaemon.Rfkill;org.gnome.SettingsDaemon.ScreensaverProxy;org.gnome.SettingsDaemon.Sharing;org.gnome.SettingsDaemon.Smartcard;org.gnome.SettingsDaemon.Sound;org.gnome.SettingsDaemon.Wacom;org.gnome.SettingsDaemon.XSettings; + RequiredProviders=windowmanager; + DefaultProvider-windowmanager=AfterStep + #Please change to your preference. Supported names are: diff --git a/debian/patches/series b/debian/patches/series index 7512d83..4ceaad8 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -28,3 +28,4 @@ Fixed-bug-starting-modules-on-multi-display-setup-ad.patch 51-Warning.patch 52-Remove-iceweasel.patch 53-Spelling-typos.patch +54-Adapt-to-gsd-324.patch -- 2.11.0
Bug#869939: [Hyper-V] Feature request: pick up PTP Hyper-V timesync source from upstream 4.12
Package: linux-image Version: 3.16.43-2+deb8u2 Severity: important Tags: patch,fixed-upstream This should backport fairly easily to stretch, but it applicable to jessie as well. The goal is to reduce the spammy nature of timesync log messages and make this as manageable as NTP, especially as many users want NTP and host timesync to coexist in virtualized environments. Upstream commit: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/drivers/hv?h=v4.12.3=3716a49a81ba19dda7202633a68b28564ba95eb5 hv_utils: implement Hyper-V PTP source With TimeSync version 4 protocol support we started updating system time continuously through the whole lifetime of Hyper-V guests. Every 5 seconds there is a time sample from the host which triggers do_settimeofday[64](). While the time from the host is very accurate such adjustments may cause issues: - Time is jumping forward and backward, some applications may misbehave. - In case an NTP server runs in parallel and uses something else for time sync (network, PTP,...) system time will never converge. - Systemd starts annoying you by printing "Time has been changed" every 5 seconds to the system log. Instead of doing in-kernel time adjustments offload the work to an NTP client by exposing TimeSync messages as a PTP device. Users may now decide what they want to use as a source. I tested the solution with chrony, the config was: refclock PHC /dev/ptp0 poll 3 dpoll -2 offset 0 The result I'm seeing is accurate enough, the time delta between the guest and the host is almost always within [-10us, +10us], the in-kernel solution was giving us comparable results. I also tried implementing PPS device instead of PTP by using not currently used Hyper-V synthetic timers (we use only one of four for clockevent) but with PPS source only chrony wasn't able to give me the required accuracy, the delta often more that 100us.
Bug#859778: [supp...@mentors.debian.net: xtrs uploaded to mentors.debian.net]
Hello Branden, On Thu, Jun 15, 2017 at 04:35:23PM +0100, Sean Whitton wrote: > Please accept my apologies for letting this RFS sit for so long. Thank > you for all your work. Looking forward to uploading it soon. > > Here's a full review of dc84e1861798b3aba0969e2fe81a2431f2ee17de: Any progress on this? -- Sean Whitton signature.asc Description: PGP signature
Bug#869938: afterstep: Adapt to gnome-settings-daemon 3.24
Package: afterstep Version: 2.2.12-10 Severity: important User: pkg-gnome-maintain...@lists.alioth.debian.org Usertags: gsd324 afterstep includes a GNOME Flashback session file for easy log in to a GNOME Flashback session using afterstep. gnome-settings-daemon 3.24 has split itself into separate binaries and the gnome-session file will no longer work. In my next email, I am attaching a patch to adapt to the new version. We intend to upload gnome-settings-daemon 3.24 to Debian unstable about 10 days from now on Sunday, August 6. I suggest uploading the fix to the DELAYED queue for that date so that this transition will be easy and smooth. On behalf of the Debian GNOME team, Jeremy Bicha
Bug#869922: (no subject)
Dear all, > Members of this group may run any command as any user when using sudo or > pkexec (from the policykit-1 package, independently of whether the sudo > package is installed). I think you are wrong. This is what happens on my buster: martin@schlepptop ~ sudo whoami [sudo] password for martin: Sorry, user martin is not allowed to execute '/usr/bin/whoami' as root on schlepptop. ✘ martin@schlepptop ~ pkexec whoami root martin@schlepptop ~ Because I use my user for my personal stuff and root for administration. I installed sudo and configured it properly in /etc/sudoers because I wanted to allow only a single command with root privileges for my user which worked well with sudo. Just today I realized that there is a command pkexec which bypasses my /etc/sudoers which I consider a security breach. Best regards, Martin
Bug#869936: reportbug: ImportError: No module named 'requests.packages.urllib3'
Package: reportbug Version: 7.1.7 Severity: normal Dear Maintainer, On a different system, reportbug fails as follows: dave@mx3210:~$ reportbug Traceback (most recent call last): File "/usr/bin/reportbug", line 43, in from reportbug import utils File "/usr/lib/python3/dist-packages/reportbug/utils.py", line 43, in from .urlutils import open_url File "/usr/lib/python3/dist-packages/reportbug/urlutils.py", line 34, in import requests File "/usr/lib/python3/dist-packages/requests/__init__.py", line 60, in from .packages.urllib3.exceptions import DependencyWarning ImportError: No module named 'requests.packages.urllib3' Have tried reinstalling reportbug, python3-urllib3 and python3-requests but that didn't reolve the issue. For some reason, the urllib3 module isn't found. Regards, Dave Anglin -- Package-specific info: ** Environment settings: INTERFACE="text" ** /home/dave/.reportbugrc: reportbug_version "5.0" mode standard ui text realname "John David Anglin" email "dave.ang...@bell.net" -- System Information: Debian Release: buster/sid APT prefers unreleased APT policy: (500, 'unreleased'), (500, 'buildd-unstable'), (500, 'unstable') Architecture: hppa (parisc64) Kernel: Linux 4.11.0-2-parisc64-smp (SMP w/1 CPU core) Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), LANGUAGE=en_CA:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages reportbug depends on: ii apt1.5~beta1 ii python33.5.3-3 ii python3-reportbug 7.1.7 reportbug recommends no packages. Versions of packages reportbug suggests: pn claws-mail pn debconf-utils pn debsums pn dlocate pn emacs24-bin-common | emacs25-bin-common ii file 1:5.30-1 ii gir1.2-gtk-3.0 3.22.17-1 pn gir1.2-vte-2.91 ii gnupg2.1.18-8 ii postfix [mail-transport-agent] 3.2.2-1 ii python3-gi 3.22.0-2+b1 pn python3-gi-cairo pn python3-gtkspellcheck pn python3-urwid ii xdg-utils1.1.1-1 Versions of packages python3-reportbug depends on: ii apt1.5~beta1 ii file 1:5.30-1 ii python33.5.3-3 ii python3-debian 0.1.30 ii python3-debianbts 2.6.1 ii python3-requests 2.12.4-1 python3-reportbug suggests no packages. -- no debconf information
Bug#869935: flightgear: FTBFS due to unit tests
Source: flightgear Version: 1:2017.2.1+dfsg-1 Severity: serious Tags: confirmed pending https://buildd.debian.org/status/package.php?p=flightgear=sid The following tests FAILED: 1 - test_navs (Failed) 2 - test_flightplan (Failed) 4 - autosaveMigration (Failed) Looks like this is caused by running the tests in parallel. I'm working on a fix. Kind Regards Markus Wanner signature.asc Description: OpenPGP digital signature
Bug#869934: cockpit: Incomplete debian/copyright?
Source: cockpit Version: 147-1 Severity: serious Justication: Policy 12.5 Hi, I just ACCEPTed cockpit from NEW but noticed it was missing attribution in debian/copyright for at least Nokia in mock-io-stream.c. (This is not exhaustive so please check over the entire package carefully and address these on your next upload.) I see there is some script to generate debian/copyright; perhaps it needs to be re-run, I'm not sure.. :) Regards, -- ,''`. : :' : Chris Lamb, Debian Project Leader `. `'` la...@debian.org / chris-lamb.co.uk `-
Bug#869774: thunderbird 52 needs enigmail 1.9.8 or later [was: Re: Bug#869774: Corrections - propably wrong cause]
On Thu 2017-07-27 21:41:18 +0200, Salvatore Bonaccorso wrote: > On Thu, Jul 27, 2017 at 03:00:28PM -0400, Daniel Kahn Gillmor wrote: >> On Thu 2017-07-27 16:21:21 +0200, Moritz Muehlenhoff wrote: >> > We can provide a fixed 1.9.8.1-1 via jessie-security/stretch-security, >> >> I've uploaded 1.9.8.1-1~deb8u1 for jessie-security and 1.9.8.1-1~deb9u1 >> for stretch-security, thanks! They're also available on the "jessie" >> and "stretch" branches at >> >>https://anonscm.debian.org/git/pkg-mozext/enigmail.git > > Assuming Moritz's reply was an explicit ack to upload, I think the > upload went to the wrong host ;-) It is now on ftp-master as dang, i thought that dupload would notice that the changelog suite is *-security and pick the right host for it. > enigmail | 2:1.9.8.1-1~deb9u1 | stable-new | source > > I do not see the jessie one yet there, This is apparently because source-only uploads aren't supported on jessie (no arch=all autobuilder). I've re-generated the upload and sent it to ftp.security.upload.debian.org instead. > but > > Jul 27 14:24:48 processing /enigmail_1.9.8.1-1~deb8u1_amd64.changes > Jul 27 14:24:48 enigmail_1.9.8.1-1~deb8u1_amd64.changes processed > successfully (uploader pkg-mozext-maintain...@lists.alioth.debian.org) > [...] > Jul 27 18:46:16 processing /enigmail_1.9.8.1-1~deb9u1_amd64.changes > Jul 27 18:46:16 enigmail_1.9.8.1-1~deb9u1_amd64.changes processed > successfully (uploader pkg-mozext-maintain...@lists.alioth.debian.org) > > OTOH I do not see any trace of it on security-master. and, i've gone ahead and re-uploaded the stretch version to ftp.security.upload.debian.org as well. hopefully i've got them all in the right place this time... --dkg
Bug#869922: [Pkg-utopia-maintainers] Bug#869922: policykit-1: members of group sudo become root with pkexec while ignoring /etc/sudoers
On Thu, 27 Jul 2017 at 18:00:27 +0200, Michael Biebl wrote: > Granting root-like access via group sudo is intended and not a security > hole and the policykit policy is in line with the sudo policy here. This is also as documented in base-passwd, which is the central authority on what the predefined groups in Debian mean: sudo Members of this group may run any command as any user when using sudo or pkexec (from the policykit-1 package, independently of whether the sudo package is installed). —/usr/share/doc/base-passwd/users-and-groups.txt.gz If you don't want a user to be root-equivalent, don't add them to the sudo group. Users who are meant to be able to run certain specific commands (but not others) via sudo should not be in that group; membership of that group is not required to use sudo. S
Bug#869774: thunderbird 52 needs enigmail 1.9.8 or later [was: Re: Bug#869774: Corrections - propably wrong cause]
Hi Daniel On Thu, Jul 27, 2017 at 03:00:28PM -0400, Daniel Kahn Gillmor wrote: > On Thu 2017-07-27 16:21:21 +0200, Moritz Muehlenhoff wrote: > > We can provide a fixed 1.9.8.1-1 via jessie-security/stretch-security, > > I've uploaded 1.9.8.1-1~deb8u1 for jessie-security and 1.9.8.1-1~deb9u1 > for stretch-security, thanks! They're also available on the "jessie" > and "stretch" branches at > >https://anonscm.debian.org/git/pkg-mozext/enigmail.git Assuming Moritz's reply was an explicit ack to upload, I think the upload went to the wrong host ;-) It is now on ftp-master as enigmail | 2:1.9.8.1-1~deb9u1 | stable-new | source I do not see the jessie one yet there, but Jul 27 14:24:48 processing /enigmail_1.9.8.1-1~deb8u1_amd64.changes Jul 27 14:24:48 enigmail_1.9.8.1-1~deb8u1_amd64.changes processed successfully (uploader pkg-mozext-maintain...@lists.alioth.debian.org) [...] Jul 27 18:46:16 processing /enigmail_1.9.8.1-1~deb9u1_amd64.changes Jul 27 18:46:16 enigmail_1.9.8.1-1~deb9u1_amd64.changes processed successfully (uploader pkg-mozext-maintain...@lists.alioth.debian.org) OTOH I do not see any trace of it on security-master. Hope this helps, Regards, Salvatore
Bug#869932: QNAP TS-41x models - fix typo
Control: tags -1 + pending Holger Wansingwrote: > Control: reassign -1 installation-guide > > > Miguel Figueiredo wrote: > > Package: debian-installer > > Version: n/a > > Tags: patch > > Severity: minor > > > > Index: manual/en/install-methods/download/arm.xml > > === > > --- manual/en/install-methods/download/arm.xml (revision 70809) > > +++ manual/en/install-methods/download/arm.xml (working copy) > > @@ -32,7 +32,7 @@ > > The installation files for the QNAP Turbo Station consist of a kernel and > > ramdisk as well as a script to write these images to flash. You can > > obtain > > the installation files for QNAP TS-11x/TS-12x, HS-210, TS-21x/TS-22x and > > -TS-41x/TS-41x models from . > > +TS-41x/TS-42x models from . > > > > > > > > This is in the installation-guide, reassining. ... and fixed in svn. Thanks Marking as pending. -- Created with Sylpheed 3.5.0 under D E B I A N L I N U X 8 . 0 " J E S S I E " . Registered Linux User #311290 - https://linuxcounter.net/
Bug#869932: QNAP TS-41x models - fix typo
Control: reassign -1 installation-guide Miguel Figueiredowrote: > Package: debian-installer > Version: n/a > Tags: patch > Severity: minor > > Index: manual/en/install-methods/download/arm.xml > === > --- manual/en/install-methods/download/arm.xml(revision 70809) > +++ manual/en/install-methods/download/arm.xml(working copy) > @@ -32,7 +32,7 @@ > The installation files for the QNAP Turbo Station consist of a kernel and > ramdisk as well as a script to write these images to flash. You can > obtain > the installation files for QNAP TS-11x/TS-12x, HS-210, TS-21x/TS-22x and > -TS-41x/TS-41x models from . > +TS-41x/TS-42x models from . > > > This is in the installation-guide, reassining. -- Created with Sylpheed 3.5.0 under D E B I A N L I N U X 8 . 0 " J E S S I E " . Registered Linux User #311290 - https://linuxcounter.net/
Bug#868875: cloud-init growpart fails to grow root volumes larger than 256GiB
control: reassign -1 cloud-utils Hi Steffen, I was able to reproduce the bug and the logs follows as attachments. This report being reassigned because it is not a bug on "cloud-init" itself, but on "cloud-utils", as "growpart" is part of the later. I think this may be related to the the "util-linux" version on Jessie, as the problem is not present on Stretch (and the cloud-utils versions on Jessie-Backports, used in the AMI, and Stretch are the same). Anyway, I'm not sure and couldn't find the root cause yet, but this is a known problem for at least a few months[1][2]. Any help in this regard is appreciated. Regards, Tiago. [1]: https://stackoverflow.com/q/39920638 [2]: https://github.com/andsens/bootstrap-vz/issues/359 -- Tiago "Myhro" Ilieve Blog: https://blog.myhro.info/ GitHub: https://github.com/myhro LinkedIn: https://de.linkedin.com/in/myhro Berlin, Deutschland growpart-cli.log Description: Binary data growpart-cloud-init.log Description: Binary data
Bug#869729: apache2: 'service apache2 restart' sometimes stops without restarting
Thanks for your suggestions. I still don't see any clues about what's going on. It seems that it fails if I leave the server running for a while and then try to restart it, but it works if I've just restarted it recently. Here's the output of journalctl: $ sudo journalctl -u apache2.service | tail Jul 25 17:54:42 physionet1.ecg.mit.edu systemd[1]: Stopping LSB: Apache2 web server... Jul 25 17:54:43 physionet1.ecg.mit.edu apache2[26339]: Stopping web server: apache2. Jul 25 17:54:43 physionet1.ecg.mit.edu systemd[1]: Starting LSB: Apache2 web server... Jul 25 17:54:44 physionet1.ecg.mit.edu apache2[26363]: Starting web server: apache2. Jul 25 17:54:44 physionet1.ecg.mit.edu systemd[1]: Started LSB: Apache2 web server. Jul 26 00:02:02 physionet1.ecg.mit.edu apache2[803]: Stopping web server: apache2. Jul 27 14:30:48 physionet1.ecg.mit.edu systemd[1]: Starting LSB: Apache2 web server... Jul 27 14:30:48 physionet1.ecg.mit.edu apache2[11430]: Starting web server: apache2. Jul 27 14:30:51 physionet1.ecg.mit.edu apache2[11439]: Stopping web server: apache2. Jul 27 14:30:51 physionet1.ecg.mit.edu systemd[1]: Started LSB: Apache2 web server. $ sudo service apache2 status ● apache2.service - LSB: Apache2 web server Loaded: loaded (/etc/init.d/apache2) Drop-In: /lib/systemd/system/apache2.service.d └─forking.conf Active: inactive (dead) since Thu 2017-07-27 14:30:51 EDT; 3min 22s ago Process: 11439 ExecStop=/etc/init.d/apache2 stop (code=exited, status=0/SUCCESS) Process: 11430 ExecStart=/etc/init.d/apache2 start (code=exited, status=0/SUCCESS) Jul 27 14:30:48 physionet1.ecg.mit.edu apache2[11430]: Starting web server: apache2. Jul 27 14:30:51 physionet1.ecg.mit.edu apache2[11439]: Stopping web server: apache2. Jul 27 14:30:51 physionet1.ecg.mit.edu systemd[1]: Started LSB: Apache2 web server. The same messages also appear in /var/log/daemon.log and /var/log/syslog; there's nothing more after 'Started LSB: Apache2 web server'. apache error log shows a message at shutdown, but nothing for starting up: $ sudo tail /var/log/apache2/error.log $ sudo tail /var/log/apache2/error.log.1 [Thu Jul 27 00:13:06.420511 2017] [mpm_event:error] [pid 20472:tid 140057478371200] AH00485: scoreboard is full, not at MaxRequestWorkers [Thu Jul 27 00:13:07.421537 2017] [mpm_event:error] [pid 20472:tid 140057478371200] AH00485: scoreboard is full, not at MaxRequestWorkers [Thu Jul 27 00:13:08.422584 2017] [mpm_event:error] [pid 20472:tid 140057478371200] AH00485: scoreboard is full, not at MaxRequestWorkers [Thu Jul 27 00:13:09.423615 2017] [mpm_event:error] [pid 20472:tid 140057478371200] AH00485: scoreboard is full, not at MaxRequestWorkers [Thu Jul 27 00:13:10.424641 2017] [mpm_event:error] [pid 20472:tid 140057478371200] AH00485: scoreboard is full, not at MaxRequestWorkers [Thu Jul 27 00:13:11.425616 2017] [mpm_event:error] [pid 20472:tid 140057478371200] AH00485: scoreboard is full, not at MaxRequestWorkers [Thu Jul 27 00:13:12.426582 2017] [mpm_event:error] [pid 20472:tid 140057478371200] AH00485: scoreboard is full, not at MaxRequestWorkers [Thu Jul 27 00:13:13.427615 2017] [mpm_event:error] [pid 20472:tid 140057478371200] AH00485: scoreboard is full, not at MaxRequestWorkers [Thu Jul 27 00:13:14.428661 2017] [mpm_event:error] [pid 20472:tid 140057478371200] AH00485: scoreboard is full, not at MaxRequestWorkers [Thu Jul 27 14:30:50.574596 2017] [mpm_event:notice] [pid 20472:tid 140057478371200] AH00491: caught SIGTERM, shutting down Here is the 'term.log' from upgrading deb8u9 -> deb8u10, nothing looks unusual: Log started: 2017-07-19 15:18:07 (Reading database ... ^M(Reading database ... 5%^M(Reading database ... 10%^M(Reading database ... 15%^M(Reading database ... 20%^M(Re ading database ... 25%^M(Reading database ... 30%^M(Reading database ... 35%^M(Reading database ... 40%^M(Reading database ... 45%^M(R eading database ... 50%^M(Reading database ... 55%^M(Reading database ... 60%^M(Reading database ... 65%^M(Reading database ... 70%^M( Reading database ... 75%^M(Reading database ... 80%^M(Reading database ... 85%^M(Reading database ... 90%^M(Reading database ... 95%^M (Reading database ... 100%^M(Reading database ... 97551 files and directories currently installed.) Preparing to unpack .../apache2-mpm-event_2.4.10-10+deb8u10_amd64.deb ... Unpacking apache2-mpm-event (2.4.10-10+deb8u10) over (2.4.10-10+deb8u9) ... Preparing to unpack .../apache2.2-bin_2.4.10-10+deb8u10_amd64.deb ... Unpacking apache2.2-bin (2.4.10-10+deb8u10) over (2.4.10-10+deb8u9) ... Preparing to unpack .../apache2_2.4.10-10+deb8u10_amd64.deb ... Unpacking apache2 (2.4.10-10+deb8u10) over (2.4.10-10+deb8u9) ... Preparing to unpack .../apache2-bin_2.4.10-10+deb8u10_amd64.deb ... Unpacking apache2-bin (2.4.10-10+deb8u10) over (2.4.10-10+deb8u9) ... Preparing to unpack .../apache2-utils_2.4.10-10+deb8u10_amd64.deb ... Unpacking apache2-utils (2.4.10-10+deb8u10) over (2.4.10-10+deb8u9) ... Preparing to unpack
Bug#869774: thunderbird 52 needs enigmail 1.9.8 or later [was: Re: Bug#869774: Corrections - propably wrong cause]
On Thu 2017-07-27 16:21:21 +0200, Moritz Muehlenhoff wrote: > We can provide a fixed 1.9.8.1-1 via jessie-security/stretch-security, I've uploaded 1.9.8.1-1~deb8u1 for jessie-security and 1.9.8.1-1~deb9u1 for stretch-security, thanks! They're also available on the "jessie" and "stretch" branches at https://anonscm.debian.org/git/pkg-mozext/enigmail.git > but the current approach of providing Firefox/Thunderbird extensions in a > stable release is madness and really needs to stop for buster. Neither > the Firefox, Thunderbird maintainers or the security team can look after > all these extensions. I'm less concerned with "all these extensions" than i am with enigmail, which i think is an important one, until we manage to get it embedded in thunderbird directly :/ I understand that the release team has a larger scope, but dropping enigmail from debian stable would be a pretty bad outcome. >> I think this could have been avoided if the newer version of thunderbird >> had been marked as "Breaks: enigmail < 1.9.8" or something similar, >> though it's not clear how the t-bird maintainers are supposed to know >> that sort of information about every possible extension. Perhaps >> enigmail needs to be special cased since it seems to have more of a >> history of this kind of problem? > > Every maintainer of a Firefox/Thunderbird extension needs to test older > releases against the latest ESR once that reaches unstable. There's > an overlap of several months during which we provide the old ESR in > stable while the new ESR is available, this could've all been caught > before release time. i'm not sure which release time you're talking about. Thunderbird 52 has not been part of any release, afaict. i think it was pulled into jessie and stretch by way of security updates. We have known that thunderbird 52 is incompatible with prior versions of enigmail from earlier this year (~2 months ago, see the upstream bug report). We just failed to coordinate it properly for the security update of thunderbird in debian stable and oldstable. Sorry about that! At any rate, i think it's working now (modulo a follow up on Paul van der Vlis's experience of sending out cleartext mail as a separate issue, which i'm unable to reproduce). Please follow up if the updated packages haven't resolved your issues, Shevek. --dkg signature.asc Description: PGP signature
Bug#869774: thunderbird 52 needs enigmail 1.9.8 or later
On Thu 2017-07-27 17:23:25 +0200, Paul van der Vlis wrote: > On Thu, 27 Jul 2017 09:59:46 -0400 Daniel Kahn Gillmor >wrote: > >> I can confirm that enigmail 2:1.9.8.1-1 (from debian testing) installs >> successfully on jessie and that it appears to fix the underlying >> problem. > > My experience is different: it installs without a problem, it gives > warnings while decrypting. And it looks-like it encrypts, but it sent > plain text. yikes. this is a particularly scary failure mode, and i think it is distinct from the report here, which includes messages simply failing to send (esp. those with attachments) and some buttons or UI elements being unresponsive. Could you open this as a separate issue in the debian BTS? can you help me to reproduce the behavior you're describing? I haven't see that yet. > When I install it from Mozilla, it has the same problem on my machine, I > am now back to Thunderbird 45 as a work-arround, what works fine. glad there's a workaround, but it doesn't sound like something particularly sustainable long term. if you can help me replicate the "looks-encrypted-but-sends-in-the-clear" failure mode? --dkg
Bug#869933: hoel: wrong Homepage URL
Source: hoel Severity: minor Dear Maintainer, the Homepage field in debian/control refers to https://github.com/babelouest/yder, but it should probably refer to https://github.com/babelouest/hoel. Cheers, - Roland -- System Information: Debian Release: buster/sid APT prefers testing-debug APT policy: (500, 'testing-debug'), (500, 'testing'), (170, 'unstable'), (1, 'unstable-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.11.0-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Bug#850024: gnome-terminal moves, while it's being resized
Not sure if this is related, but while a gnome terminal window is being resized, messages about "Allocating size to GtkScrollbar 0x555efdf44410 without calling gtk_widget_get_preferred_width/height(). How does the code know the size to allocate?" keep appearing in /var/log/messages.
Bug#867183: Test: misc: mcookie ...mcookie: cannot open /etc/services: No such file or directory
Hello Laurent Bigonville, Thanks for your bug report. On Tue, Jul 04, 2017 at 05:13:18PM +0200, Laurent Bigonville wrote: > retitle 867183 Missing build-dependencies for the tests > thanks > > On Tue, 04 Jul 2017 16:52:19 +0200 Laurent Bigonville> wrote: [...] > > Adding netbase package to the build-dependencies remove this and the > > test then displays OK > > Apparently the tests also complains that socat, bc and kill are not in the > PATH, maybe they should be added as well to the build-dep? I'll add netbase, socat and bc as build-dependencies (except when under the stage1 or nocheck build profiles). The kill message is likely because we do not build the kill utility from src:util-linux (we use src:procps version in Debian). I'm thus not adding procps as a build-dependency. (Also procps is already transitively pulled in via build-dependencies anyway.) Please tell me if you think I've misinterpretted something here Regards, Andreas Henriksson
Bug#869931: Retrying Login to lxde fails
Package: lxde_9_all Version: no versioning I don't know what part of lxde (or other program) is causing this problem. lxde_commom is v. .99.2-3. When I make a mistake loging into lxde, it asks me to try again but will not log me in. David Lawyer
Bug#868267: fai-client: fetch-basefile breaks for hostnames with hyphens
thanks for following up on this! i think the stripping of the file extension (line 47 in the old code) needs to be added back in, otherwise the defined classes would have to match the basefile+extension: https://github.com/faiproject/fai/pull/61 i also noticed that one problem with this approach is that it does limit the basefiles to short hostnames. but that's not new and seems like an edge case. On Thu, 2017-07-27 at 11:45 +0200, Thomas Lange wrote: > I have patched fetch-basefile so this should now work as > expected. Instead of an eval and indirect shell variables, I just use > an array and loop over this. No performce penalty unless you have > some > thousands of classes defined for a client and a million of base files > ;-) > > Here are the diffs: > https://github.com/faiproject/fai/commit/eedc1c27229aa77f81f8d718214a > 5b4f4dc2c908 > https://github.com/faiproject/fai/commit/bc88a9e5d2ca21d7c19cb7b39c9e > a64cf905c2fc > > So, I think currently there's no need to substitute hyphen and dot > with underscore for the FAI class names and we can leave this > unchanged. But I will improve the documentation about class names. -- andrew bezellainternet archive
Bug#869932: QNAP TS-41x models - fix typo
Package: debian-installer Version: n/a Tags: patch Severity: minor Index: manual/en/install-methods/download/arm.xml === --- manual/en/install-methods/download/arm.xml (revision 70809) +++ manual/en/install-methods/download/arm.xml (working copy) @@ -32,7 +32,7 @@ The installation files for the QNAP Turbo Station consist of a kernel and ramdisk as well as a script to write these images to flash. You can obtain the installation files for QNAP TS-11x/TS-12x, HS-210, TS-21x/TS-22x and -TS-41x/TS-41x models from . +TS-41x/TS-42x models from .
Bug#867362: isc-dchp-server: not starting after upgrade to stretch: more info
Hello all, I just had the same problem of DHCPD not starting after the stretch upgrade from jessie. Unfortunately the logs that the user gets shown by the upgrade process have an uncplete long line, otherwise the root cause would be obvious. When looking at /var/log/daemon.log here’s the error: Jul 27 20:18:21 hedwig isc-dhcp-server[17921]: Starting ISC DHCPv4 server: dhcpddhcpd service already running (pid file /var/run/dhcpd.pid currenty exists) ... failed! Hence, it seems the upgrade process leaves a dangling PID file around. Removing that PID file manually solved the problem for me. Thanks and cheers Mich - Michel Lanners | " Read Philosophy. Study Art. 23, Rue Paul Henkes|Ask Questions. Make Mistakes. L-1710 Luxembourg | email m...@lannersnet.lu | http://www.lannersnet.lu | Learn Always. "
Bug#866306: haveged fails to start with linux 4.12 on an Odroid-C2
Control: forwarded 866306 g...@issiweb.com Hello, forwarding an issue from the Debian bug tracking system regarding haveged on a particular arm board (odroid-c2) that fails on linux 4.12, but works on linux 4.11... haven't yet tested with linux 4.13-rc*. The full bug history is at: https://bugs.debian.org/866306 If you have any further suggestions to debug the issue, it would be greatly appreciated! live well, vagrant On 2017-06-28, Vagrant Cascadian wrote: > Package: haveged > Version: 1.9.1-5 ... > I've been trying to set up an Odroid-C2 for the Debian reproducible > builds test infrastructure, but haveged fails to start on this > particular machine with linux kernel 4.12. I've tried running the same > 4.12 kernels on other boards (pine64+) and haveged works fine. > > With linux 4.11 haveged works fine on this board as well. Unfortunately, > the eMMC used for rootfs and other filesystems isn't recognized by linux > 4.11... > > When I try with an armhf userspace and linux 4.12, haveged actually > segfaults. > > Are there any particular kernel options required for haveged to work > correctly? Any other ideas for troubleshooting? > > I can work around the issue using rngd to get randomness, as it has a > hardware random number generator, but I'm wondering if this is a bug > specific to haveged, or if this indicates of other problems that would > impact other software... > > > With arm64 userspace it just fails: > > $ sudo strace -o haveged.strace.log haveged --Foreground --verbose=-1 --file > data > haveged: Address 0=0xb42b1fdc > haveged: Address 1=0xb42b1a54 > haveged: Loop 1: offset=70644, delta=1416 > haveged: Address 2=0xb42b12d0 > haveged: Loop 2: offset=68720, delta=1924 > haveged: Address 3=0xb42b0b4c > haveged: Loop 3: offset=66796, delta=1924 > haveged: Address 4=0xb42b03c8 > haveged: Loop 4: offset=64872, delta=1924 > haveged: Address 5=0xb42afc44 > haveged: Loop 5: offset=62948, delta=1924 > haveged: Address 6=0xb42af4c0 > haveged: Loop 6: offset=61024, delta=1924 > haveged: Address 7=0xb42aed3c > haveged: Loop 7: offset=59100, delta=1924 > haveged: Address 8=0xb42ae5b8 > haveged: Loop 8: offset=57176, delta=1924 > haveged: Address 9=0xb42ade34 > haveged: Loop 9: offset=55252, delta=1924 > haveged: Address 10=0xb42ad6b0 > haveged: Loop 10: offset=53328, delta=1924 > haveged: Address 11=0xb42acf2c > haveged: Loop 11: offset=51404, delta=1924 > haveged: Address 12=0xb42ac7a8 > haveged: Loop 12: offset=49480, delta=1924 > haveged: Address 13=0xb42ac024 > haveged: Loop 13: offset=47556, delta=1924 > haveged: Address 14=0xb42ab8a0 > haveged: Loop 14: offset=45632, delta=1924 > haveged: Address 15=0xb42ab11c > haveged: Loop 15: offset=43708, delta=1924 > haveged: Address 16=0xb42aa998 > haveged: Loop 16: offset=41784, delta=1924 > haveged: Address 17=0xb42aa214 > haveged: Loop 17: offset=39860, delta=1924 > haveged: Address 18=0xb42a9a90 > haveged: Loop 18: offset=37936, delta=1924 > haveged: Address 19=0xb42a930c > haveged: Loop 19: offset=36012, delta=1924 > haveged: Address 20=0xb42a8b88 > haveged: Loop 20: offset=34088, delta=1924 > haveged: Address 21=0xb42a8404 > haveged: Loop 21: offset=32164, delta=1924 > haveged: Address 22=0xb42a7c80 > haveged: Loop 22: offset=30240, delta=1924 > haveged: Address 23=0xb42a74fc > haveged: Loop 23: offset=28316, delta=1924 > haveged: Address 24=0xb42a6d78 > haveged: Loop 24: offset=26392, delta=1924 > haveged: Address 25=0xb42a65f4 > haveged: Loop 25: offset=24468, delta=1924 > haveged: Address 26=0xb42a5e70 > haveged: Loop 26: offset=22544, delta=1924 > haveged: Address 27=0xb42a56ec > haveged: Loop 27: offset=20620, delta=1924 > haveged: Address 28=0xb42a4f68 > haveged: Loop 28: offset=18696, delta=1924 > haveged: Address 29=0xb42a4918 > haveged: Loop 29: offset=17080, delta=1616 > haveged: Address 30=0xb42a42c8 > haveged: Loop 30: offset=15464, delta=1616 > haveged: Address 31=0xb42a3c78 > haveged: Loop 31: offset=13848, delta=1616 > haveged: Address 32=0xb42a3608 > haveged: Loop 32: offset=12200, delta=1648 > haveged: Address 33=0xb42a2fb8 > haveged: Loop 33: offset=10584, delta=1616 > haveged: Address 34=0xb42a2968 > haveged: Loop 34: offset=8968, delta=1616 > haveged: Address 35=0xb42a2318 > haveged: Loop 35: offset=7352, delta=1616 > haveged: Address 36=0xb42a1cc8 > haveged: Loop 36: offset=5736, delta=1616 > haveged: Address 37=0xb42a1678 > haveged: Loop 37: offset=4120, delta=1616 > haveged: Address 38=0xb42a111c > haveged: Loop 38: offset=2748, delta=1372 > haveged: Address 39=0xb42a0bc0 > haveged: Loop 39: offset=1376, delta=1372 > haveged: Address 40=0xb42a0660 > haveged: Loop 40: offset=0, delta=1376 > haveged starting up > haveged: Couldn't initialize HAVEGE rng 5 > > Which produces haveged.strace.log: > > execve("/usr/sbin/haveged", ["haveged", "--Foreground",
Bug#869859: Please set Acquire::Retries default to >0
On Thu, Jul 27, 2017 at 09:15:56AM +0200, Michael Stapelberg wrote: > Source: apt > Severity: wishlist > > Occasionally, networks (such as the internet) are unreliable. I have observed > many transient network failures, be it between my machines and the Debian > mirror > network, or be it in the CDNs behind deb.debian.org. This causes pain in > many different scenarios; I’d like to provide just two recent examples: > > • Scheduled software updates (think a cron job at night time) are delayed > unnecessarily because the update fails due to a transient network hickup > which > isn’t retried. > > • Continuous integration builds on platforms such as travis-ci.org fail due to > transient network hickups, confusing users and making them click the retry > button for the entire build, wasting time and resources. > > AFAICT, apt currently never retries HTTP requests by default: > > % grep -r Acquire::Retries apt-1.5\~beta1 > apt-1.5~beta1/apt-pkg/acquire-item.h:* Set from Acquire::Retries. > apt-1.5~beta1/apt-pkg/acquire-item.h:* Acquire::Retries. > apt-1.5~beta1/apt-pkg/acquire-item.cc: Retries = > _config->FindI("Acquire::Retries",0); > apt-1.5~beta1/apt-pkg/acquire-item.cc: Retries = > _config->FindI("Acquire::Retries",0); > > We should increase the default value of 0 to, say, 3. I'm happy to do this, if (1) you can verify that it actually works for some time, both with very fast and very slow networks (2) write a test case to show that it works Until we have test cases for it, it's definitely not going to be the default. -- Debian Developer - deb.li/jak | jak-linux.org - free software dev | Ubuntu Core Developer | When replying, only quote what is necessary, and write each reply directly below the part(s) it pertains to ('inline'). Thank you.
Bug#867986: CVE-2016-10396
On Thu, Jul 27, 2017 at 10:35:36AM -0700, Noah Meyerhans wrote: > On Mon, Jul 10, 2017 at 11:18:35PM +0200, Moritz Muehlenhoff wrote: > > > > Please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10396 > > Hi Moritz. I assume your intent was not to issue a DSA for this since > it's been a known issue for nearly a year. Under that assumption I've > gone ahead with a package update targeting the next stable release > update and am planning on updating oldstable as well. Apologies if I was > incorrect in my assumption. Ack, that makes perfect sense. Cheers, Moritz
Bug#869919: [DRE-maint] Bug#869919: remove ruby-berkshelf-api-client?
On 7/27/17, Pirate Praveenwrote: > Upstream readme has this "This gem has been fully deprecated, and its > API has been moved inside the berkshelf gem itself." > > I bumped into this package when trying to update ruby-faraday as its > gemspec declares a tight dependency on faraday ~> 0.9.1 > > Can we remove this package from debian? Yes we can but a bit later when I prepare an updated berkshelf, I'm working on its dependencies now.
Bug#869201: RFS: etcd/3.1.8+dfsg-2+nmu1 [NMU]
Control: tags -1 + moreinfo On Wed, Jul 26, 2017 at 07:42:02PM +0530, Harish Sriram wrote: > Here is the link to the uploaded package. > > https://mentors.debian.net/debian/pool/main/e/etcd/etcd_3.1.8+dfsg-2 > +nmu1.dsc No, the correct suffix for non-native package NMUs is .1, not +nmu1. Please use dch --nmu and read https://www.debian.org/doc/manuals/developers-reference/ch05.en.html#nmu Besides, there are three RC bugs in the package while this NMU solves only one. And you've even posted a patch to other one. While are you not including it here? -- WBR, wRAR signature.asc Description: PGP signature
Bug#869692: RFS: cyclograph/1.9.0-1
On Tue, Jul 25, 2017 at 07:41:12PM +0200, Federico Brega wrote: > cyclograph (1.9.0-1) UNRELEASED; urgency=medium > > [ Federico Brega ] You don't need to add your name in brackets if there are no other names. > * Debhelper compat version updated to 9 The current recommended level is 10. And there are other changes (about python for example) that are not listed in the changelog. -- WBR, wRAR signature.asc Description: PGP signature
Bug#868747: rpc.statd not running after upgrade
I can confirm we observed the same behaviour on a NFS client AND a NFS server. This makes NFS not working properly after an upgrade. Regarding the server, I'm not sure this shouldn't be working as its, as WantedBy=nfs-server.service is present in rpc-statd.service file. As for the client, the service is disabled and WantedBy nothing. Cheers -- PEB
Bug#867986: CVE-2016-10396
On Mon, Jul 10, 2017 at 11:18:35PM +0200, Moritz Muehlenhoff wrote: > > Please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10396 Hi Moritz. I assume your intent was not to issue a DSA for this since it's been a known issue for nearly a year. Under that assumption I've gone ahead with a package update targeting the next stable release update and am planning on updating oldstable as well. Apologies if I was incorrect in my assumption. noah signature.asc Description: PGP signature
Bug#869929: partitionmanager depends and build-depends on cruft packages.
Package: partitionmanager Severity: serious Tags: buster sid Version: 3.0.1-1 Partitionmanager depends and build-depends on libkpmcore4 and libkpmcore4-dev respectively. These packages are no longer built by the kpmcore source package (they appear to have been replaced by libkpmcore5 and libkpmcore-dev).
Bug#864537: Fwd: External usb wifi adapter not connected RT2870/RT3070 RT2770
Hi, I'm having the exact same problem. I tried taking firmware-ralink versions from wheezy and jessie, only to get the same results. I can list WiFi networks but I cannot connect to them. Looking at the output of dmesg, it says that it could not connect for 'reason 3', IIRC. I reinstalled Debian 9 from scratch. My previous install was a Jessie and it worked fine. -- TenTwentyFour S.à r.l. W: www.tentwentyfour.lu T: +352 20 211 1024 F: +352 20 211 1023 3 avenue du Blues 4362 Esch-sur-AlzetteH Hi signature.asc Description: OpenPGP digital signature
Bug#869926: RFS: oprofile/1.2.0-1 [ITP]
Why is this not using dh(1)? It's also hardcoding /usr/lib and not the multiarch path in d/rules. Why is changelog-move-to-git-log.patch needed? There are a lot of strange and ancient things kept from the previous Debian package, yet d/changelog doesn't have the old entries. OTOH d/copyright doesn't list even the current maintainer or the current year. -- WBR, wRAR signature.asc Description: PGP signature
Bug#869928: [Pkg-utopia-maintainers] Bug#869928: network-manager-pptp-gnome: Can't fill password
Am 27.07.2017 um 19:10 schrieb ImmortalDragon: > Package: network-manager-pptp-gnome > Version: 1.2.4-2 > Severity: important > > Dear Maintainer, > > I use mate > > I can't fill password in sittings. The field is not clickable. But show > password checkbox is. > I can fill password after start connecting, but now checkbox to store > password. I don't understand what you are trying to say, sorry. Can you try to explain your problem in more details please. signature.asc Description: OpenPGP digital signature
Bug#869928: network-manager-pptp-gnome: Can't fill password
Package: network-manager-pptp-gnome Version: 1.2.4-2 Severity: important Dear Maintainer, I use mate I can't fill password in sittings. The field is not clickable. But show password checkbox is. I can fill password after start connecting, but now checkbox to store password. -- System Information: Debian Release: 9.1 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8), LANGUAGE=ru_RU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages network-manager-pptp-gnome depends on: ii libatk1.0-0 2.22.0-1 ii libc6 2.24-11+deb9u1 ii libcairo-gobject2 1.14.8-1 ii libcairo2 1.14.8-1 ii libdbus-1-3 1.10.18-1 ii libdbus-glib-1-2 0.108-2 ii libgdk-pixbuf2.0-02.36.5-2 ii libglib2.0-0 2.50.3-2 ii libgtk-3-03.22.11-1 ii libnm-glib-vpn1 1.6.2-3 ii libnm-glib4 1.6.2-3 ii libnm-gtk01.4.4-1 ii libnm-util2 1.6.2-3 ii libnm01.6.2-3 ii libnma0 1.4.4-1 ii libpango-1.0-01.40.5-1 ii libpangocairo-1.0-0 1.40.5-1 ii libsecret-1-0 0.18.5-3.1 ii network-manager-pptp 1.2.4-2 network-manager-pptp-gnome recommends no packages. network-manager-pptp-gnome suggests no packages. -- no debconf information
Bug#856122: update: calf plug-ins do work, calf-ladspa conflict
Hello. I can confirm this calf GUI crash with the latest Debian buster/testing packages (ardour 5.10.0~dfsg-1 and latest calf-plugins and calf-ladspa). The same symptoms appeared as mentioned previously where the calf plugin can be added to my Ardour session (ie. Calf Equalizer 30 Band (LV2)) but the moment I attempt to configure the plugin the GUI does not appear and Ardour crashes. The resolution was to purge calf-ladspa as Dennis did and now it works fine. Thanks Dennis! Derrick On Thu, 25 May 2017 03:30:39 +0200 Dennis van Dokwrote: > I've run some tests and debugging sessions; I noticed a few problematic > behaviours with the Calf plugins but they seem have a common origin. > > I had both calf-plugins *and* calf-ladspa on my system, both containing > calf.so with a subtly different implementation. The latter packages > comes from lmms. > > I removed calf-ladspa and now it seems to be ok. > > I have not tried the Debian stretch package of ardour5 yet, I'm still > running my newer 5.9.0 build. > >
Bug#824532: udev: Include udev rules for more U2F devices
Hi Nicolas, Am 03.07.2017 um 18:56 schrieb Michael Biebl: > Given Nicolas' concerns, I've applied his patch from > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=824532#118 > > This will go into unstable first as a preparation for a stable upload > for 9.1. This change went into 9.1. Going forward, I'd like to drop the udev rules from the udev package in one of the next uploads as I mentioned earlier. Incidentally, this was discussed upstream now: https://github.com/systemd/systemd/pull/6469 There is an interesting alternative to shipping a udev rules database, which is bound to be lagging behind. https://github.com/amluto/u2f-hidraw-policy/ Apparently Fedora has chosen this approach. Nicolas, would you be interested in packaging this udev helper? Regards, Michael signature.asc Description: OpenPGP digital signature
Bug#869927: libjpeg-turbo: CVE-2017-9614: invalid memory access in the fill_input_buffer function
Source: libjpeg-turbo Version: 1:1.3.1-12 Severity: important Tags: upstream security Hi, the following vulnerability was published for libjpeg-turbo. CVE-2017-9614[0]: | The fill_input_buffer function in jdatasrc.c in libjpeg-turbo 1.5.1 | allows remote attackers to cause a denial of service (invalid memory | access and application crash) or possibly have unspecified other impact | via a crafted jpg file. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-9614 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9614 [1] http://seclists.org/fulldisclosure/2017/Jul/66 Please adjust the affected versions in the BTS as needed. Could you please as well check this if it's preported upstream? Regards, Salvatore
Bug#869926: RFS: oprofile/1.2.0-1 [ITP]
Package: sponsorship-requests Severity: wishlist Dear mentors, I am looking for a sponsor for my package "oprofile" Package name: oprofile Version : 1.2.0-1 URL : http://oprofile.sourceforge.net/ License : GPL2 Section : devel It builds those binary packages: libjvmti-oprofile0 - system-wide profiler for Linux systems (Java runtime library) libopagent1 - system-wide profiler for Linux systems (opagent runtime library) oprofile - system-wide profiler for Linux systems To access further information about this package, please visit the following URL: https://mentors.debian.net/package/oprofile Alternatively, one can download the package with dget using this command: dget -x https://mentors.debian.net/debian/pool/main/o/oprofile/oprofile_1.2.0-1.dsc Regards, Roberto Oliveira
Bug#869924: irqbalance: would it be reasonable to make irqbalance Multi-Arch:foreign ?
Package: irqbalance Version: 1.1.0-2.3 Severity: wishlist Hi! Quite a few architectures tend to pull kernels from another arch, typically to have a 64-bit kernel on 32-bit userspace. This is currently the case for i386 (it used to ship amd64 kernels but it now requires multiarch to do so), x32, mipsel, sometimes armhf, AFAIK planned for powerpc. And usually, the kernel will be the only such foreign package. This leads to a minor problem with irqbalance: [~]# apt upgrade Reading package lists... Done Building dependency tree Reading state information... Done Calculating upgrade... Done The following packages have been kept back: linux-image-amd64:amd64 0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded. [~]# apt install irqbalance:amd64 Reading package lists... Done Building dependency tree Reading state information... Done The following additional packages will be installed: gcc-7-base:amd64 libblkid1:amd64 libc6:amd64 libcap-ng0:amd64 libffi6:amd64 libgcc1:amd64 libgcrypt20:amd64 libglib2.0-0:amd64 libgpg-error0:amd64 liblz4-1:amd64 liblzma5:amd64 libmount1:amd64 libnuma1:amd64 libpcre3:amd64 libselinux1:amd64 libsystemd0:amd64 libuuid1:amd64 zlib1g:amd64 Suggested packages: glibc-doc:amd64 locales:amd64 rng-tools:amd64 The following packages will be REMOVED: irqbalance The following NEW packages will be installed: gcc-7-base:amd64 irqbalance:amd64 libblkid1:amd64 libc6:amd64 libcap-ng0:amd64 libffi6:amd64 libgcc1:amd64 libgcrypt20:amd64 libglib2.0-0:amd64 libgpg-error0:amd64 liblz4-1:amd64 liblzma5:amd64 libmount1:amd64 libnuma1:amd64 libpcre3:amd64 libselinux1:amd64 libsystemd0:amd64 libuuid1:amd64 zlib1g:amd64 0 upgraded, 19 newly installed, 1 to remove and 1 not upgraded. Need to get 7892 kB of archives. After this operation, 21.6 MB of additional disk space will be used. Ie, there's complexity and bad default behaviour that could be avoided if irqbalance was M-A:foreign. On the other hand, I don't know if there'd be downsides for doing so -- that's why I formed this as a question. Meow! -- System Information: Debian Release: buster/sid APT prefers unreleased APT policy: (500, 'unreleased'), (500, 'unstable') Architecture: x32 (x86_64) Foreign Architectures: amd64 Kernel: Linux 4.11.0-1-amd64 (SMP w/6 CPU cores) Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages irqbalance depends on: ii debconf 1.5.63 ii init-system-helpers 1.49 ii libc62.24-12 ii libcap-ng0 0.7.7-3+b1 ii libglib2.0-0 2.52.3-1 ii libnuma1 2.0.11-2.1 ii libsystemd0 234-2 ii lsb-base 9.20161125 irqbalance recommends no packages. irqbalance suggests no packages. -- debconf information: irqbalance/oneshot: false irqbalance/enable: true
Bug#869925: ITP: node-buffers -- Buffer collections as contiguous partially mutable Buffer
Package: wnpp Severity: wishlist Owner: Ying-Chun Liu (PaulLiu)* Package name: node-buffers Version : 0.1.1 Upstream Author : James Halliday (http://substack.net) * URL : https://github.com/substack/node-buffers * License : MIT Programming Lang: JavaScript Description : Buffer collections as contiguous partially mutable Buffer The buffers module allows you to treat a collection of Buffers as a single contiguous partially mutable Buffer. . Where possible, operations execute without creating a new Buffer and copying everything over. . buffers is a cleaner more Buffery rehash of bufferlist. . This package contains the buffers module for Node.js . Node.js is an event-based server-side JavaScript engine. This is actually a re-open of bug #779524 because the original packager gives up. I'll continue his work. The old version is at http://anonscm.debian.org/cgit/pkg-javascript/node-buffers.git -- PaulLiu (劉穎駿) E-mail: Ying-Chun Liu (PaulLiu) signature.asc Description: OpenPGP digital signature
Bug#869923: [buildd-tools-devel] Bug#869923: sbuild --extra-package causes fatal "permission denied" error during "apt-get update"
Control: tag -1 + moreinfo Hi, Quoting Tianon Gravi (2017-07-27 18:22:55) > While attempting to use sbuild to test the reverse-dependencies of a > package before uploading a new upstream revision, I ran into the > following error using "--extra-package": > > | $ sbuild --arch-all --dist=unstable --nolog golang-gopkg-pg.v5_5.3.3-2 > --extra-package=golang-github-jinzhu-inflection-dev_0.0~git20170102.0.1c35d90-1_all.deb I cannot reproduce your finding. If I run the above, then the package builds fine. As proof, I have the build log attached. I'm running sbuild 0.73.0-4. Maybe there is something in your ~/.sbuildrc that influences this? sbuild (Debian sbuild) 0.73.0 (23 Dec 2016) on hoothoot +==+ | golang-gopkg-pg.v5 5.3.3-2 (amd64) Thu, 27 Jul 2017 16:47:27 + | +==+ Package: golang-gopkg-pg.v5 Version: 5.3.3-2 Source Version: 5.3.3-2 Distribution: unstable Machine Architecture: amd64 Host Architecture: amd64 Build Architecture: amd64 Build Type: binary I: NOTICE: Log filtering will replace 'var/run/schroot/mount/unstable-amd64-sbuild-1e79fb8f-9df5-454b-bbb7-fec61aaa0425' with '<>' dpkg-scanpackages: warning: Packages in archive but missing from override file: dpkg-scanpackages: warning: golang-github-jinzhu-inflection-dev dpkg-scanpackages: info: Wrote 1 entries to output Packages file. +--+ | Update chroot| +--+ Get:1 file:/build/golang-gopkg-pg.v5-t9yBJH/resolver-YFJTvM/apt_archive ./ InRelease Ign:1 file:/build/golang-gopkg-pg.v5-t9yBJH/resolver-YFJTvM/apt_archive ./ InRelease Get:2 file:/build/golang-gopkg-pg.v5-t9yBJH/resolver-YFJTvM/apt_archive ./ Release [948 B] Get:2 file:/build/golang-gopkg-pg.v5-t9yBJH/resolver-YFJTvM/apt_archive ./ Release [948 B] Get:3 file:/build/golang-gopkg-pg.v5-t9yBJH/resolver-YFJTvM/apt_archive ./ Release.gpg Ign:3 file:/build/golang-gopkg-pg.v5-t9yBJH/resolver-YFJTvM/apt_archive ./ Release.gpg Get:4 file:/build/golang-gopkg-pg.v5-t9yBJH/resolver-YFJTvM/apt_archive ./ Packages [493 B] Ign:4 file:/build/golang-gopkg-pg.v5-t9yBJH/resolver-YFJTvM/apt_archive ./ Packages Get:4 file:/build/golang-gopkg-pg.v5-t9yBJH/resolver-YFJTvM/apt_archive ./ Packages [777 B] Hit:5 http://127.0.0.1:3142/httpredir.debian.org/debian unstable InRelease Reading package lists... Reading package lists... Building dependency tree... Reading state information... Calculating upgrade... 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. +--+ | Fetch source files | +--+ Check APT - Checking available source versions... Download source files with APT -- Reading package lists... NOTICE: 'golang-gopkg-pg.v5' packaging is maintained in the 'Git' version control system at: https://anonscm.debian.org/git/pkg-go/packages/golang-gopkg-pg.v5.git Please use: git clone https://anonscm.debian.org/git/pkg-go/packages/golang-gopkg-pg.v5.git to retrieve the latest (possibly unreleased) updates to the package. Need to get 81.7 kB of source archives. Get:1 http://127.0.0.1:3142/httpredir.debian.org/debian unstable/main golang-gopkg-pg.v5 5.3.3-2 (dsc) [1850 B] Get:2 http://127.0.0.1:3142/httpredir.debian.org/debian unstable/main golang-gopkg-pg.v5 5.3.3-2 (tar) [77.4 kB] Get:3 http://127.0.0.1:3142/httpredir.debian.org/debian unstable/main golang-gopkg-pg.v5 5.3.3-2 (diff) [2472 B] Fetched 81.7 kB in 0s (5248 kB/s) Download complete and in download only mode I: NOTICE: Log filtering will replace 'build/golang-gopkg-pg.v5-t9yBJH/golang-gopkg-pg.v5-5.3.3' with '<>' I: NOTICE: Log filtering will replace 'build/golang-gopkg-pg.v5-t9yBJH' with '<>' +--+ | Install build-essential | +--+ Setup apt archive - Merged Build-Depends: build-essential, fakeroot Filtered Build-Depends: build-essential, fakeroot dpkg-deb: building package 'sbuild-build-depends-core-dummy' in '/<>/resolver-OcKwQO/apt_archive/sbuild-build-depends-core-dummy.deb'. dpkg-scanpackages: warning: Packages in archive but missing from override file: dpkg-scanpackages: warning: sbuild-build-depends-core-dummy dpkg-scanpackages: info: Wrote 1 entries to output Packages file. Ign:1 copy:/<>/resolver-OcKwQO/apt_archive ./ InRelease Get:2 copy:/<>/resolver-OcKwQO/apt_archive ./
Bug#868831: apport: CVE-2017-10708
Control: tag -1 +pending Thank you for the bug report. I just prepared an upload and it should clear the ftp archives soon. On Wed, 2017-07-19 at 06:26 +0200, Salvatore Bonaccorso wrote: > Source: apport > Version: 2.16.2-1 > Severity: grave > Tags: security upstream > Justification: user security hole > Forwarded: https://launchpad.net/bugs/1700573 > > Hi, > > the following vulnerability was published for apport. > > CVE-2017-10708[0]: > > An issue was discovered in Apport through 2.20.x. In > > apport/report.py, > > Apport sets the ExecutablePath field and it then uses the path to > > run > > package specific hooks without protecting against path traversal. > > This > > allows remote attackers to execute arbitrary code via a crafted > > .crash > > file. > > If you fix the vulnerability please also make sure to include the > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > For further information see: > > [0] https://security-tracker.debian.org/tracker/CVE-2017-10708 > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10708 > > Please adjust the affected versions in the BTS as needed. > > Regards, > Salvatore -- Ritesh Raj Sarraf | http://people.debian.org/~rrs Debian - The Universal Operating System signature.asc Description: This is a digitally signed message part
Bug#864428: RFS: bitfield/1.0.0-3 [ITP #864358]
On 07/25/2017 11:05 PM, Roland Fehrenbacher wrote: Hi Roland, Thank you very much for your reply. > Some further problems with the packaging: > > - The link /usr/lib/x86_64-linux-gnu/libbitfield.so should go to the > libbitfield-dev package. > - A shared library should have a debian/.symbols file > (see man dpkg-gensymbols). > - The standards version should be updated to 4.0.0 > - The files README.{Debian,source} do not provide any real info. They should > be dropped until they contain something useful. > - Please also remove the unrelated comments at the end of debian/rules and > the comments after the DH_VERBOSE line at the beginning. > - The files debian/*.dirs are unnecessary . Please remove. > > Please fix your package and ping me when done, so I can recheck. Fixed. Please, recheck. dget -x https://mentors.debian.net/debian/pool/main/b/bitfield/bitfield_1.0.0-3.dsc Best regards, Vitalie Ciubotaru
Bug#869923: sbuild --extra-package causes fatal "permission denied" error during "apt-get update"
Package: sbuild Version: 0.73.0-4 Severity: normal While attempting to use sbuild to test the reverse-dependencies of a package before uploading a new upstream revision, I ran into the following error using "--extra-package": | $ sbuild --arch-all --dist=unstable --nolog golang-gopkg-pg.v5_5.3.3-2 --extra-package=golang-github-jinzhu-inflection-dev_0.0~git20170102.0.1c35d90-1_all.deb | | ... | | +--+ | | Update chroot | | +--+ | | Get:1 file:/build/golang-gopkg-pg.v5-8YE5po/resolver-71vQn3/apt_archive ./ InRelease | Ign:1 file:/build/golang-gopkg-pg.v5-8YE5po/resolver-71vQn3/apt_archive ./ InRelease | Get:2 file:/build/golang-gopkg-pg.v5-8YE5po/resolver-71vQn3/apt_archive ./ Release [948 B] | Get:2 file:/build/golang-gopkg-pg.v5-8YE5po/resolver-71vQn3/apt_archive ./ Release [948 B] | Get:4 file:/build/golang-gopkg-pg.v5-8YE5po/resolver-71vQn3/apt_archive ./ Release.gpg | Ign:4 file:/build/golang-gopkg-pg.v5-8YE5po/resolver-71vQn3/apt_archive ./ Release.gpg | Get:5 file:/build/golang-gopkg-pg.v5-8YE5po/resolver-71vQn3/apt_archive ./ Packages [493 B] | Get:3 http://cdn-fastly.deb.debian.org/debian unstable InRelease [229 kB] | Ign:5 file:/build/golang-gopkg-pg.v5-8YE5po/resolver-71vQn3/apt_archive ./ Packages | Get:5 file:/build/golang-gopkg-pg.v5-8YE5po/resolver-71vQn3/apt_archive ./ Packages [777 B] | Err:5 file:/build/golang-gopkg-pg.v5-8YE5po/resolver-71vQn3/apt_archive ./ Packages | Could not open file /var/lib/apt/lists/partial/_build_golang-gopkg-pg.v5-8YE5po_resolver-71vQn3_apt%5farchive_._Packages - open (13: Permission denied) | Get:6 http://cdn-fastly.deb.debian.org/debian unstable/main Sources [9913 kB] | Get:7 http://cdn-fastly.deb.debian.org/debian unstable/main amd64 Packages [10.2 MB] | Fetched 20.3 MB in 1s (11.2 MB/s) | Reading package lists... | E: Failed to fetch store:/var/lib/apt/lists/partial/_build_golang-gopkg-pg.v5-8YE5po_resolver-71vQn3_apt%5farchive_._Packages Could not open file /var/lib/apt/lists/partial/_build_golang-gopkg-pg.v5-8YE5po_resolver-71vQn3_apt%5farchive_._Packages - open (13: Permission denied) | E: Some index files failed to download. They have been ignored, or old ones used instead. | E: apt-get update failed The ".deb" file I'm attempting to include was created by a previous sbuild run (without "--extra-package"). Things I've tried (with no success): - reordering flags so "--extra-package" is before the package name to build - "sbuild" from unstable (currently using "stretch") - "--dist=stretch" - doing "sbuild-update -udcar unstable" first - using "dget" to download the DSC of the target package directly before building - creating a fresh new schroot Eventually I just had someone else run the command for me to verify that there's no breakage, but that is less than ideal. :) If I remove the "--extra-package" flag, everything builds successfully (but without my updated package, which is what I'm really testing, so not horribly useful). Also, thanks for your work maintaining "sbuild" -- I really enjoy it! :) ♥, - Tianon 4096R / B42F 6819 007F 00F8 8E36 4FD4 036A 9C25 BF35 7DD4 -- System Information: Debian Release: 9.1 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-3-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages sbuild depends on: ii adduser 3.115 ii libsbuild-perl 0.73.0-4 ii perl5.24.1-3+deb9u1 Versions of packages sbuild recommends: ii autopkgtest 4.4 ii debootstrap 1.0.89 ii schroot 1.6.10-3+b1 Versions of packages sbuild suggests: pn deborphan ii kmod 23-2 ii wget 1.18-5 -- no debconf information
Bug#862133: src:gnuradio: FTBFS with cppunit 1.14 (no C++11 support, required by cppunit)
Package: gnuradio Version: 3.7.10.1-2 Followup-For: Bug #862133 User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu artful ubuntu-patch Hi Maitland, While gnuradio currently configures itself to build under -std=c++98, it appears that with the exception of one module, the code is compatible with c++11 (builds and passes its build-time test suite). Attached is a patch which switches the build to C++11 (with one module excepted) and lets gnuradio build against current cppunit. I know it's not a particularly pretty use of CMake (I'm not adept at CMake), but this should unblock the cppunit transition. I've uploaded gnuradio with this change to Ubuntu; please consider applying the same, or something like it, in Debian. Or if you know of a reason that this is a bad idea, let me know! Thanks, -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developerhttp://www.debian.org/ slanga...@ubuntu.com vor...@debian.org diff -Nru gnuradio-3.7.10.1/debian/patches/series gnuradio-3.7.10.1/debian/patches/series --- gnuradio-3.7.10.1/debian/patches/series 2016-10-09 19:15:44.0 -0700 +++ gnuradio-3.7.10.1/debian/patches/series 2017-07-26 23:12:51.0 -0700 @@ -37,3 +37,4 @@ provide-example-grfreedv.grc-flowgraph Convert-tabs-to-spaces Get-the-FreeDV-demodulator-working +use-cxx11 diff -Nru gnuradio-3.7.10.1/debian/patches/use-cxx11 gnuradio-3.7.10.1/debian/patches/use-cxx11 --- gnuradio-3.7.10.1/debian/patches/use-cxx11 1969-12-31 16:00:00.0 -0800 +++ gnuradio-3.7.10.1/debian/patches/use-cxx11 2017-07-26 23:14:12.0 -0700 @@ -0,0 +1,37 @@ +Description: use c++11 standard instead of c++98 + cppunit now requires c++11, so use this for building. +Author: Steve Langasek+Bug-Debian: https://bugs.debian.org/862133 + +Index: gnuradio-3.7.10.1/CMakeLists.txt +=== +--- gnuradio-3.7.10.1.orig/CMakeLists.txt gnuradio-3.7.10.1/CMakeLists.txt +@@ -66,11 +66,11 @@ + # set(CMAKE_CXX_STANDARD 98) + + IF(CMAKE_CXX_COMPILER_ID STREQUAL "GNU") +-SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++98") ++SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++11") + ELSEIF(CMAKE_CXX_COMPILER_ID STREQUAL "Clang") +-SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++98") ++SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++11") + ELSEIF(CMAKE_CXX_COMPILER_ID STREQUAL "MSVC") +-SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++98") ++SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++11") + ELSE() + message(warning "C++ standard could not be set because compiler is not GNU, Clang or MSVC.") + ENDIF() +Index: gnuradio-3.7.10.1/gr-fec/CMakeLists.txt +=== +--- gnuradio-3.7.10.1.orig/gr-fec/CMakeLists.txt gnuradio-3.7.10.1/gr-fec/CMakeLists.txt +@@ -46,6 +46,8 @@ + + SET(GR_PKG_FEC_EXAMPLES_DIR ${GR_PKG_DATA_DIR}/examples/fec) + ++add_compile_options(-std=c++98) ++ + + # Begin conditional configuration +
Bug#869921: apt: Pinning the local version of a package no longer works
On Thu, Jul 27, 2017 at 11:44:31AM -0400, Frédéric Brière wrote: > Package: apt > Version: 1.1 > Severity: normal > > Pinning the local version of a package, as documented in > apt_preferences(5), seems to have been broken between jessie and > stretch: > > Contents of /etc/apt/preferences: > > Package: hello > Pin: origin "" > Pin-Priority: 999 What do you mean with local version? Your examples are installed versions, which are pinned with release a=now, compare the output of apt-cache policy. > > Output of "apt-cache policy hello" on jessie: > > hello: > Installed: 2.8-1 > Candidate: 2.8-1 > Package pin: (not found) > Version table: > 2.9-2+deb8u1 999 > 500 http://httpredir.debian.org/debian/ jessie/main amd64 Packages > *** 2.8-1 999 > 100 /var/lib/dpkg/status No, it explicitly says it does not find the package pin, so that's not working there either. There seems to be a bug somewhere that causes it to pick 2.8-1 then, and that's fixed in stretch. > > Output of "apt-cache policy hello" on stretch: > > hello: > Installed: 2.8-1 > Candidate: 2.10-1+b1 > Version table: > 2.10-1+b1 500 > 500 http://httpredir.debian.org/debian stretch/main amd64 Packages > *** 2.8-1 100 > 100 /var/lib/dpkg/status Yay, everything working. So I guess the question is more if /var/lib/dpkg/status should match origin "" or not. > > > The behavior of "apt-get upgrade" confirms this: the package is pinned > to the local version on jessie, but is upgraded on stretch (and sid). > > After bisecting a bit with snapshots, this was apparently introduced > between 1.0.10.2 and 1.1. Well, that's expected, and not really helpful, there are about 2 year of changes between them. -- Debian Developer - deb.li/jak | jak-linux.org - free software dev | Ubuntu Core Developer | When replying, only quote what is necessary, and write each reply directly below the part(s) it pertains to ('inline'). Thank you.
Bug#868977: Confirm that I'm able to verify the problem
Hi Yaroslav, On Thu, Jul 27, 2017 at 10:21:35AM -0400, Yaroslav Halchenko wrote: > > would need to dig in, may be later, meanwhile pushed my slight tune ups, feel > welcome to fix up. You do know where to get the .orig.tar.gz ;) Sure I know and I used it for building. What about simplifying things for your team mates and follow policy which does not require them downloading the source manually? :-P As I said, I would have added pristine-tar if this would not have messed up the repository for reasons I do not understand. It would be really cool if you would consider this for next version. Kind regards Andreas. -- http://fam-tille.de
Bug#869856: [Pkg-openssl-devel] Bug#869856: openssl: FTBFS: Testsuite failures
On Thu, Jul 27, 2017 at 08:14:45AM -0700, Daniel Schepler wrote: > On Thu, Jul 27, 2017 at 12:02 AM, Kurt Roeckxwrote: > > Is that reproducible? > > Yes, it's definitely reproducible on my machine. Does the attached patch fix it? Kurt >From b72668a0d3586ee2560f0536c43e18991a4cfc6f Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Fri, 26 May 2017 13:06:08 +0100 Subject: [PATCH] Fix a Proxy race condition Issue #3562 describes a problem where a race condition can occur in the Proxy such that a test "ok" line can appear in the middle of other text causing the test harness to miss it. The issue is that we do not wait for the client process to finish after the test is complete, so that process may continue to write data to stdout/stderr at the same time that the test harness does. This commit fixes TLSProxy so that we always wait for the client process to finish before continuing. Fixes #3562 Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/3567) --- util/TLSProxy/Proxy.pm | 15 +++ 1 file changed, 15 insertions(+) diff --git a/util/TLSProxy/Proxy.pm b/util/TLSProxy/Proxy.pm index a826cb5257..5c363e76ed 100644 --- a/util/TLSProxy/Proxy.pm +++ b/util/TLSProxy/Proxy.pm @@ -49,6 +49,7 @@ sub new clientflags => "", serverconnects => 1, serverpid => 0, +clientpid => 0, reneg => 0, sessionfile => undef, @@ -113,6 +114,7 @@ sub clearClient $self->{message_list} = []; $self->{clientflags} = ""; $self->{sessionfile} = undef; +$self->{clientpid} = 0; $is_tls13 = 0; $ciphersuite = undef; @@ -240,6 +242,7 @@ sub clientstart } exec($execcmd); } +$self->clientpid($pid); } # Wait for incoming connection from client @@ -338,6 +341,10 @@ sub clientstart waitpid( $self->serverpid, 0); die "exit code $? from server process\n" if $? != 0; } +die "clientpid is zero\n" if $self->clientpid == 0; +print "Waiting for client process to close: ".$self->clientpid."\n"; +waitpid($self->clientpid, 0); + return 1; } @@ -531,6 +538,14 @@ sub serverpid } return $self->{serverpid}; } +sub clientpid +{ +my $self = shift; +if (@_) { +$self->{clientpid} = shift; +} +return $self->{clientpid}; +} sub fill_known_data { -- 2.13.2
Bug#869908: relax faraday_middleware as well
Both from same upstream. signature.asc Description: OpenPGP digital signature
Bug#868977: Confirm that I'm able to verify the problem
Hi Yaroslav, On Thu, Jul 27, 2017 at 09:44:10AM -0400, Yaroslav Halchenko wrote: > Is there any demand/requirement for debhelper 10 for this package? > Could we settle on 9 (to ease backportability to old jessie and alike)? Just to answer this question: 1. There is no demand - I just choose the latest compat level. 2. debhelper 10 is backported to Jessie Feel free to override my decision. Kind regards Andreas. -- http://fam-tille.de
Bug#869922: [Pkg-utopia-maintainers] Bug#869922: policykit-1: members of group sudo become root with pkexec while ignoring /etc/sudoers
Control: severity -1 normal Control: close -1 Am 27.07.2017 um 17:53 schrieb mviereck: > Package: policykit-1 > Version: 0.105-18 > Severity: grave > Tags: security > Justification: user security hole > > Dear Maintainer, > > If an unprivileged user is member of group sudo, he can achieve unrestricted > root privileges with pkexec > and his user password (instead of root password). This happens regardless if > or if not package sudo is installed, > and regardless of existing or non-existing entries in /etc/sudoers. > > Command sudo and group sudo were designed to allow single privileged commands > for unprivileged users. This is not correct. The default sudo config ships %sudo ALL=(ALL:ALL) ALL I.e., a user in group sudo can run every command with root privileges. > Instead, pkexec allows full root access for members of group sudo. > > I expect: > - pkexec does not regard group sudo. (clean way, unlinking polkit from sudo) > or > - pkexec regards entries in /etc/sudoers. (dirty way, pkexec should not be > mixed with sudo) > > (Not regarding group sudo would also avoid prompting non-sudo-group users for > passwords of sudo-group users) Granting root-like access via group sudo is intended and not a security hole and the policykit policy is in line with the sudo policy here. Regards, Michael signature.asc Description: OpenPGP digital signature
Bug#869922: policykit-1: members of group sudo become root with pkexec while ignoring /etc/sudoers
Package: policykit-1 Version: 0.105-18 Severity: grave Tags: security Justification: user security hole Dear Maintainer, If an unprivileged user is member of group sudo, he can achieve unrestricted root privileges with pkexec and his user password (instead of root password). This happens regardless if or if not package sudo is installed, and regardless of existing or non-existing entries in /etc/sudoers. Command sudo and group sudo were designed to allow single privileged commands for unprivileged users. Instead, pkexec allows full root access for members of group sudo. I expect: - pkexec does not regard group sudo. (clean way, unlinking polkit from sudo) or - pkexec regards entries in /etc/sudoers. (dirty way, pkexec should not be mixed with sudo) (Not regarding group sudo would also avoid prompting non-sudo-group users for passwords of sudo-group users) Thanks! Martin -- System Information: Debian Release: 9.1 APT prefers stable APT policy: (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8), LANGUAGE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages policykit-1 depends on: ii dbus 1.10.18-1 ii libc6 2.24-11+deb9u1 ii libglib2.0-0 2.50.3-2 ii libpam-systemd 232-25+deb9u1 ii libpam0g 1.1.8-3.6 ii libpolkit-agent-1-00.105-18 ii libpolkit-backend-1-0 0.105-18 ii libpolkit-gobject-1-0 0.105-18 policykit-1 recommends no packages. policykit-1 suggests no packages. -- debconf-show failed
Bug#869920: stretch-pu: package whois/5.2.17+deb9u1
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu ICANN mandated a whois output change that broke the .com, .net, .jobs, .bz, .cc and .tv gTLDs, so we need a stable update. At the same time I would also like to fix support for 6to4 IP addresses, which I forgot to upload in time for the release. The other changes are just database updates. diff -Nru whois-5.2.15/debian/changelog whois-5.2.17+deb9u1/debian/changelog --- whois-5.2.15/debian/changelog 2017-02-27 00:37:41.0 +0100 +++ whois-5.2.17+deb9u1/debian/changelog2017-07-27 17:45:04.0 +0200 @@ -1,3 +1,32 @@ +whois (5.2.17+deb9u1) unstable; urgency=high + + * Rebuilt for stretch. + + -- Marco d'ItriThu, 27 Jul 2017 17:45:04 +0200 + +whois (5.2.17) unstable; urgency=high + + * Fixed whois referrals for .com, .net, .jobs, .bz, .cc and .tv, broken +by an ICANN-mandated output change: +https://www.icann.org/resources/pages/rdds-labeling-policy-2017-02-01-en + * Added the .xn--2scrj9c (ಭಾರತ, India), .xn--3hcrj9c (ଭାରତ, India), +.xn--45br5cyl (ভাৰত, India), .xn--h2breg3eve (भारतम्, India), +.xn--h2brj9c8c (भारोत, India), .xn--mgbbh1a (ﺏﺍﺮﺗ, India), +.xn--mgbgu82a (ڀﺍﺮﺗ, India) and .xn--rvc1e0am3e (ഭാരതം, India) +TLD servers. + * Updated the list of new gTLDs. + * whois.1: fixed a typo. (Closes: #866742) + + -- Marco d'Itri Thu, 27 Jul 2017 17:08:47 +0200 + +whois (5.2.16) unstable; urgency=medium + + * Fixed parsing of 6to4 addresses broken in 5.2.15. + * Updated the .do TLD server. + * Updated the list of new gTLDs. + + -- Marco d'Itri Mon, 13 Mar 2017 01:40:38 +0100 + whois (5.2.15) unstable; urgency=medium * Updated the .gf and .mq TLD servers. diff -Nru whois-5.2.15/new_gtlds_list whois-5.2.17+deb9u1/new_gtlds_list --- whois-5.2.15/new_gtlds_list 2017-02-27 00:37:41.0 +0100 +++ whois-5.2.17+deb9u1/new_gtlds_list 2017-07-27 17:44:55.0 +0200 @@ -60,6 +60,7 @@ app apple aquarelle +arab aramco archi army @@ -333,6 +334,7 @@ esq estate esurance +etisalat eurovision eus events @@ -446,6 +448,7 @@ gratis green gripe +grocery group guardian gucci @@ -487,6 +490,7 @@ hosting hot hoteles +hotels hotmail house how @@ -635,6 +639,7 @@ man management mango +map market marketing markets @@ -655,6 +660,7 @@ men menu meo +merckmsd metlife miami microsoft @@ -768,6 +774,7 @@ pet pfizer pharmacy +phd philips phone photo @@ -855,6 +862,7 @@ rogers room rsvp +rugby ruhr run rwe @@ -890,6 +898,7 @@ scjohnson scor scot +search seat secure security @@ -1169,6 +1178,7 @@ xn--kput3i xn--mgba3a3ejt xn--mgba7c0bbn0a +xn--mgbaakc7dvf xn--mgbab2bd xn--mgbb9fbpob xn--mgbca7dzdo @@ -1178,6 +1188,7 @@ xn--mxtq1m xn--ngbc5azd xn--ngbe9e0a +xn--ngbrx xn--nqv7f xn--nqv7fs00ema xn--nyqy26a diff -Nru whois-5.2.15/tld_serv_list whois-5.2.17+deb9u1/tld_serv_list --- whois-5.2.15/tld_serv_list 2017-02-27 00:37:41.0 +0100 +++ whois-5.2.17+deb9u1/tld_serv_list 2017-07-27 17:44:55.0 +0200 @@ -127,7 +127,7 @@ .djWEB http://www.nic.dj/whois.php .dkwhois.dk-hostmaster.dk .dmwhois.nic.dm -.doWEB http://www.nic.do/whois-h.php3 +.dowhois.nic.do .dzwhois.nic.dz .ecwhois.nic.ec .eewhois.tld.ee @@ -183,7 +183,7 @@ .joWEB http://www.dns.jo/Whois.aspx .jpwhois.jprs.jp .kewhois.kenic.or.ke -.kgwhois.domain.kg +.kgwhois.kg .khNONE# http://www.trc.gov.kh/index.php/en/newsCategory/view?id=42_id=68 .kiwhois.nic.ki .kmNONE# www.domaine.km @@ -349,7 +349,10 @@ # AW means that I had to guess the whois server name, but I was not able # to find any registered subdomains to verify it. +.xn--2scrj9c whois.inregistry.net# India .xn--3e0b707e whois.kr# Korea, Republic of +.xn--3hcrj9c whois.inregistry.net# India +.xn--45br5cyl whois.inregistry.net# India .xn--45brj9c whois.inregistry.net# India, Bengali AW .xn--54b7fta0ccNONE# Bangladesh .xn--80ao21a whois.nic.kz# Kazakhstan @@ -364,6 +367,8 @@ .xn--fpcrj9c3d whois.inregistry.net# India, Telugu AW .xn--fzc2c9e2c whois.nic.lk# Sri Lanka, Sinhala .xn--gecrj9c whois.inregistry.net# India, Gujarati AW +.xn--h2breg3evewhois.inregistry.net# India +.xn--h2brj9c8c whois.inregistry.net# India .xn--h2brj9c whois.inregistry.net# India, Hindi AW .xn--j1amh whois.dotukr.com# Ukraine .xn--j6w193g whois.hkirc.hk # Hong Kong @@ -371,24 +376,27 @@ .xn--kpry57d whois.twnic.net.tw # Taiwan, Traditional Chinese .xn--l1acc NONE# Mongolia .xn--lgbbat1ad8j whois.nic.dz
Bug#869921: apt: Pinning the local version of a package no longer works
Package: apt Version: 1.1 Severity: normal Pinning the local version of a package, as documented in apt_preferences(5), seems to have been broken between jessie and stretch: Contents of /etc/apt/preferences: Package: hello Pin: origin "" Pin-Priority: 999 Output of "apt-cache policy hello" on jessie: hello: Installed: 2.8-1 Candidate: 2.8-1 Package pin: (not found) Version table: 2.9-2+deb8u1 999 500 http://httpredir.debian.org/debian/ jessie/main amd64 Packages *** 2.8-1 999 100 /var/lib/dpkg/status Output of "apt-cache policy hello" on stretch: hello: Installed: 2.8-1 Candidate: 2.10-1+b1 Version table: 2.10-1+b1 500 500 http://httpredir.debian.org/debian stretch/main amd64 Packages *** 2.8-1 100 100 /var/lib/dpkg/status The behavior of "apt-get upgrade" confirms this: the package is pinned to the local version on jessie, but is upgraded on stretch (and sid). After bisecting a bit with snapshots, this was apparently introduced between 1.0.10.2 and 1.1. -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-3-amd64 (SMP w/3 CPU cores) Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), LANGUAGE=en_CA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init)
Bug#869919: remove ruby-berkshelf-api-client?
package: ruby-berkshelf-api-client version: 2.0.2-1 severity: serious Upstream readme has this "This gem has been fully deprecated, and its API has been moved inside the berkshelf gem itself." I bumped into this package when trying to update ruby-faraday as its gemspec declares a tight dependency on faraday ~> 0.9.1 Can we remove this package from debian? signature.asc Description: OpenPGP digital signature
Bug#325231: getty.8.gz: say where errors go
Control: tags -1 + moreinfo Hello Dan Jacobson, Sorry for the >decade late response. Slowly trying to work my way through open util-linux bug reports when I find the time. On Sat, Aug 27, 2005 at 04:46:45AM +0800, Dan Jacobson wrote: > Package: util-linux > Version: 2.12p-5 > Severity: minor > File: /usr/share/man/man8/getty.8.gz > > > In DIAGNOSTICS and FILES, perhaps mention that in fact errors seem to > go to /var/log/auth.log these days. (Even 'not a tty' ones.) > Else one can hardly find them.A The current manpage already documents that (depending on build-time configuration) the syslog(3) facility is used. What happens after this is completely up to the syslog daemon you have installed and how you have configured it! I don't think it's util-linux place to document all different syslog daemons shipped in debian and their configurations. You'll have to look at the documentation of the specific syslog daemon you're using for this information. > > In ARGUMENTS >port A path name relative to the /dev directory. > Mention what to do in the rare case we want to refer to things outside > the /dev directory. > Climb out with ../? The manpage already says "A path name relative to the /dev directory." This means ../foo would be a valid way to access /foo, as ../foo is the way to give the /foo path relative to /dev. If there was any sandboxing or other restrictions on the relative paths I would expect that to be documented (and if not then I expect no restrictions on relative paths). > use stdin "- < /where/ever"? That's a shell redirect. A pathname is not a shell command. If you execute 'getty - < /where/ever' in a shell it will work, but getty itself will only see the '-' argument and the shell will take care of sending in the /where/ever data over stdin. It thus depends on how you execute it. If you execute it from a shell, then you can ofcourse use shell functions. A notable counter-example is executing something from a systemd unit, which means it's executed directly and not via a shell and will thus fail if you try to use shell features (unless you explicitly launch a shell via "/bin/sh -c 'getty - < /where/ever'". > Also say if full path "/dev/ttyS0" is OK. It already says that the path has to be relative to /dev, which thus gives the answer no. I don't see anything that needs fixing in util-linux in this bug report. I'm thus considering (tagging it wontfix and) closing it. I hope the above information provided above has been atleast a bit informative. What do you think? Regards, Andreas Henriksson