Bug#926302: unblock: ciftilib/1.5.3-2

[Andreas Tille]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package ciftilib


diff -Nru ciftilib-1.5.3/debian/changelog ciftilib-1.5.3/debian/changelog
--- ciftilib-1.5.3/debian/changelog 2019-01-30 10:15:35.0 +0100
+++ ciftilib-1.5.3/debian/changelog 2019-04-02 21:49:25.0 +0200
@@ -1,3 +1,11 @@
+ciftilib (1.5.3-2) unstable; urgency=medium
+
+  * gbp.conf: drop pq settings
+  * Cherry-pick upstream fix for FTBFS on big endian.
+Thanks to Adrian Bunk for reporting (Closes: #921555)
+
+ -- Ghislain Antony Vaillant   Tue, 02 Apr 2019 21:49:25 
+0200
+
 ciftilib (1.5.3-1) unstable; urgency=medium
 
   * Team upload.
diff -Nru ciftilib-1.5.3/debian/gbp.conf ciftilib-1.5.3/debian/gbp.conf
--- ciftilib-1.5.3/debian/gbp.conf  2019-01-30 10:15:35.0 +0100
+++ ciftilib-1.5.3/debian/gbp.conf  2019-04-02 21:49:25.0 +0200
@@ -4,6 +4,3 @@
 upstream-tag = upstream/%(version)s
 debian-tag = debian/%(version)s
 pristine-tar = True
-
-[pq]
-patch-numbers = False
diff -Nru 
ciftilib-1.5.3/debian/patches/0001-force-endian-of-datatype-example-to-make-tests-pass-.patch
 
ciftilib-1.5.3/debian/patches/0001-force-endian-of-datatype-example-to-make-tests-pass-.patch
--- 
ciftilib-1.5.3/debian/patches/0001-force-endian-of-datatype-example-to-make-tests-pass-.patch
   1970-01-01 01:00:00.0 +0100
+++ 
ciftilib-1.5.3/debian/patches/0001-force-endian-of-datatype-example-to-make-tests-pass-.patch
   2019-04-02 21:49:25.0 +0200
@@ -0,0 +1,30 @@
+From: Tim Coalson 
+Date: Mon, 1 Apr 2019 16:56:12 -0500
+Subject: force endian of datatype example to make tests pass on bigendian
+ systems
+
+---
+ example/datatype.cxx | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/example/datatype.cxx b/example/datatype.cxx
+index a293856..1da380b 100644
+--- a/example/datatype.cxx
 b/example/datatype.cxx
+@@ -19,14 +19,14 @@ int main(int argc, char** argv)
+ if (argc < 3)
+ {
+ cout << "usage: " << argv[0] << "  " << 
endl;
+-cout << "  rewrite the input cifti file to the output filename, using 
uint8 and data scaling." << endl;
++cout << "  rewrite the input cifti file to the output filename, using 
uint8 and data scaling, little-endian." << endl;
+ return 1;
+ }
+ try
+ {
+ CiftiFile inputFile(argv[1]);//on-disk reading by default
+ inputFile.setWritingDataTypeAndScaling(NIFTI_TYPE_UINT8, -1.0, 
6.0);//tells it to use this datatype to best represent this specified range of 
values [-1.0, 6.0] whenever this instance is written
+-inputFile.writeFile(argv[2]);//if this is the same filename as the 
input, CiftiFile actually detects this and reads the input into memory first
++inputFile.writeFile(argv[2], CiftiVersion(), CiftiFile::LITTLE);//if 
this is the same filename as the input, CiftiFile actually detects this and 
reads the input into memory first
+ //otherwise, it will read and write one row at a time, using very 
little memory
+ //inputFile.setWritingDataTypeNoScaling(NIFTI_TYPE_FLOAT32);//this is 
how you would revert back to writing as float32 without rescaling
+ } catch (CiftiException& e) {
diff -Nru ciftilib-1.5.3/debian/patches/series 
ciftilib-1.5.3/debian/patches/series
--- ciftilib-1.5.3/debian/patches/series1970-01-01 01:00:00.0 
+0100
+++ ciftilib-1.5.3/debian/patches/series2019-04-02 21:49:25.0 
+0200
@@ -0,0 +1 @@
+0001-force-endian-of-datatype-example-to-make-tests-pass-.patch


unblock ciftilib/1.5.3-2

-- System Information:
Debian Release: 9.8
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-6-amd64 (SMP w/1 CPU core)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#925972: src:groonga: Non-working maintainer address

[Kentaro Hayashi]

> A message that you sent could not be delivered to one or more of its
> recipients. This is a permanent error. The following address(es) failed:
> 
>   packa...@groonga.org
> host aspmx.l.google.com [2a00:1450:400c:c0c::1a]
> SMTP error from remote mail server after RCPT TO::
> 550-5.1.1 The email account that you tried to reach does not exist. 
> Please try
> 550-5.1.1 double-checking the recipient's email address for typos or
> 550-5.1.1 unnecessary spaces. Learn more at
> 550 5.1.1  https://support.google.com/mail/?p=NoSuchUser 
> p16si1506256wre.147 - gsmtp

This is caused by recent mail service migration for groonga.org.
The issue has fixed now.

Bug#926299: unblock: busybox/1:1.30.1-4

[Cyril Brulebois]

Hi Niels,

Niels Thykier  (2019-04-03):
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> (X-CC'ed kibi + debian-boot).
> 
> Hi kibi/d-i,
> 
> The recent upload of busybox fixes the bug #925979 in busybox-udeb.
> 
> Should we (RT) unblock it now or do you prefer waiting (as I
> understand it there is d-i release coming up).
> 
> unblock busybox/1:1.30.1-4

If you see a package that gets uploaded with a patch of mine for a bug
report I opened, mentioning I'd like to see it fixed before the next d-i
release, you can assume it's on my radar already and it doesn't need to
go through an individual unblock request.

See also:
  https://lists.debian.org/debian-release/2019/04/msg00014.html


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#926009: openjdk-11 breaks libreoffice autopkgtests

[Rene Engelhard]

reassign 926009 src:libreoffice,src:openjdk-11
retitle 926009 openjdk-11 breaks libreoffice autopkgtests
thanks

Hi,

On Tue, Apr 02, 2019 at 11:44:27PM +0200, Rene Engelhard wrote:
> Indeed, after adding "Debian" as a copy of "Oracle Corporation" javaldx
> works again.

I retract that, no idea what I did when testing this, maybe I just tried
in the wrong console window (given the time and tiredness not
unlikely..) ...

Regards,
 
Rene

Bug#926301: coda: please make the build reproducible

[Chris Lamb]

Source: coda
Version: 2.20-3
Severity: wishlist
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: buildpath
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org

Hi,

Whilst working on the Reproducible Builds effort [0], we noticed
that coda could not be built reproducibly.

This is because it ships an example Makefile that contains the full build path, 
ironically due 
to embedding the -f{file,debug}-prefix-map reproducibility-related
compiler flags.

Patch attached.

 [0] https://reproducible-builds.org/


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-
--- a/debian/rules  2019-04-03 07:14:51.315666561 +0200
--- b/debian/rules  2019-04-03 07:26:31.272963611 +0200
@@ -41,6 +41,11 @@
dh_auto_install
find debian -name '*.la' -delete
 
+override_dh_installexamples:
+   sed -i -e 's@ [^ ]*-f\(file\|debug\)-prefix-map=[^ ]*@@g' \
+   $(DESTDIR)/usr/share/coda/fortran/Makefile
+   dh_installexamples
+
 override_dh_auto_clean:
rm -f config.log
rm -f $(patsubst %, debian/%, ${AUTOGENERATED})

Bug#926298: adms: please make the build reproducible

[Chris Lamb]

forwarded 926298 https://github.com/Qucs/ADMS/pull/84
thanks

I've forwarded this upstream here:

  https://github.com/Qucs/ADMS/pull/84


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#926300: qpid-proton: please make the documentation build reproducibly

[Chris Lamb]

Source: qpid-proton
Version: 0.22.0-3
Severity: wishlist
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: randomness
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org

Hi,

Whilst working on the Reproducible Builds effort [0], we noticed
that qpid-proton's documentation could not be built reproducibly.

This is because the PYCTX object is, essentially, a memory address
which naturally varies between builds.

Patch attached that hides this member from the generated Sphinx
documentation. Do note that there is likely another, cleaner,
way of fixing this and — alas — src:qpid-proton as a whole remains
unreproducible.

 [0] https://reproducible-builds.org/


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-
--- a/debian/patches/reproducible-build.patch   1970-01-01 01:00:00.0 
+0100
--- b/debian/patches/reproducible-build.patch   2019-04-03 07:12:24.411967146 
+0200
@@ -0,0 +1,48 @@
+Description: Make the build reproducible
+Author: Chris Lamb 
+Last-Update: 2019-04-03
+
+--- qpid-proton-0.22.0.orig/proton-c/bindings/python/proton/reactor.py
 qpid-proton-0.22.0/proton-c/bindings/python/proton/reactor.py
+@@ -29,7 +29,7 @@ from proton import unicode2utf8, utf82un
+ 
+ import traceback
+ from proton import WrappedHandler, _chandler, secs2millis, millis2secs, 
timeout2millis, millis2timeout, Selectable
+-from .wrapper import Wrapper, PYCTX
++from .wrapper import Wrapper, _PYCTX
+ from cproton import *
+ from . import _compat
+ 
+@@ -77,7 +77,7 @@ class Reactor(Wrapper):
+ return None
+ else:
+ record = pn_reactor_attachments(impl)
+-attrs = pn_void2py(pn_record_get(record, PYCTX))
++attrs = pn_void2py(pn_record_get(record, _PYCTX))
+ if attrs and 'subclass' in attrs:
+ return attrs['subclass'](impl=impl)
+ else:
+--- qpid-proton-0.22.0.orig/proton-c/bindings/python/proton/wrapper.py
 qpid-proton-0.22.0/proton-c/bindings/python/proton/wrapper.py
+@@ -52,11 +52,11 @@ class Wrapper(object):
+ 
+ if get_context:
+ record = get_context(impl)
+-attrs = pn_void2py(pn_record_get(record, PYCTX))
++attrs = pn_void2py(pn_record_get(record, _PYCTX))
+ if attrs is None:
+ attrs = {}
+-pn_record_def(record, PYCTX, PN_PYREF)
+-pn_record_set(record, PYCTX, pn_py2void(attrs))
++pn_record_def(record, _PYCTX, PN_PYREF)
++pn_record_set(record, _PYCTX, pn_py2void(attrs))
+ init = True
+ else:
+ attrs = EMPTY_ATTRS
+@@ -108,5 +108,5 @@ class Wrapper(object):
+id(self), 
addressof(self._impl))
+ 
+ 
+-PYCTX = int(pn_py2void(Wrapper))
++_PYCTX = int(pn_py2void(Wrapper))
+ addressof = int
--- a/debian/patches/series 2019-04-03 06:51:43.062179829 +0200
--- b/debian/patches/series 2019-04-03 07:12:23.231968052 +0200
@@ -1,2 +1,3 @@
 no-format.patch
 fix-conversion_error-gcc-warning.patch
+reproducible-build.patch

Bug#926299: unblock: busybox/1:1.30.1-4

[Niels Thykier]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

(X-CC'ed kibi + debian-boot).

Hi kibi/d-i,

The recent upload of busybox fixes the bug #925979 in busybox-udeb.

Should we (RT) unblock it now or do you prefer waiting (as I
understand it there is d-i release coming up).

unblock busybox/1:1.30.1-4

Thanks,
~Niels

Bug#926298: adms: please make the build reproducible

[Chris Lamb]

Source: adms
Version: 2.3.6-2
Severity: wishlist
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: randomness
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org

Hi,

Whilst working on the Reproducible Builds effort [0], we noticed
that adms could not be built reproducibly.

This is because it generated ordered C code from a grammar definition
and this process was non-deterministic in nature.

Patch attached.

 [0] https://reproducible-builds.org/


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-
--- a/debian/patches/0002-Reproducible-build.patch  1970-01-01 
01:00:00.0 +0100
--- b/debian/patches/0002-Reproducible-build.patch  2019-04-03 
07:01:18.755077435 +0200
@@ -0,0 +1,26 @@
+Description: Make the build reproducible
+Author: Chris Lamb 
+Last-Update: 2019-04-03
+
+--- adms-2.3.6.orig/admsXml/mkgrammar.pl
 adms-2.3.6/admsXml/mkgrammar.pl
+@@ -71,7 +71,7 @@ while(<>)
+ die "bisonrule should terminate with ';' - see $_" if(not m/^\s+;$/);
+   }
+ }
+-map {print OFH "\%token <_lexval> $_\n";} keys %Token;
++map {print OFH "\%token <_lexval> $_\n";} sort keys %Token;
+ print OFH "\n";
+ map {print OFH "\%type <_yaccval> $_->{name}\n";} @allbisonrule;
+ print OFH "\n";
+--- adms-2.3.6.orig/admsXml/mkelements.pl
 adms-2.3.6/admsXml/mkelements.pl
+@@ -1884,7 +1884,7 @@ foreach(@$EA)
+   }
+   push @Location03,"  ENDIFIDENT\n";
+ }
+-foreach(keys(%A))
++foreach(sort keys(%A))
+ {
+   my($aname,$ee)=($_,$A{$_});
+   push @Location03,"  IFIDENT($aname)\n";
--- a/debian/patches/series 2019-04-03 06:52:15.005893725 +0200
--- b/debian/patches/series 2019-04-03 06:56:40.400431631 +0200
@@ -1 +1,2 @@
 0001-Spelling-errors.patch
+0002-Reproducible-build.patch

Bug#926231: [debian-mysql] Bug#926231: mariadb-server-10.3: dpkg configure error - upgrade from mysql

[Otto Kekäläinen]

What does the MariaDB error log say when the ALTER TABLE in the postinst
run?


ti 2. huhtikuuta 2019 klo 17.30 Graham Cobb 
kirjoitti:

> Package: mariadb-server-10.3
> Version: 1:10.3.13-2
> Followup-For: Bug #926231
>
> The bug still exists in 1:10.3.13-2
>
>
> -- System Information:
> Debian Release: buster/sid
>   APT prefers testing
>   APT policy: (900, 'testing')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
>
> Kernel: Linux 4.19.0-2-amd64 (SMP w/8 CPU cores)
> Locale: LANG=en_IE.utf8, LC_CTYPE=en_IE.utf8 (charmap=UTF-8) (ignored:
> LC_ALL set to en_IE.utf8), LANGUAGE=en_GB (charmap=UTF-8) (ignored: LC_ALL
> set to en_IE.utf8)
> Shell: /bin/sh linked to /bin/bash
> Init: systemd (via /run/systemd/system)
> LSM: AppArmor: enabled
>
> Versions of packages mariadb-server-10.3 depends on:
> ii  adduser   3.118
> ii  debconf [debconf-2.0] 1.5.71
> ii  galera-3  25.3.25-1
> ii  gawk  1:4.2.1+dfsg-1
> ii  iproute2  4.20.0-2
> ii  libc6 2.28-8
> ii  libdbi-perl   1.642-1+b1
> ii  libgnutls30   3.6.6-2
> ii  libpam0g  1.3.1-5
> ii  libstdc++68.3.0-4
> ii  lsb-base  10.2019031300
> ii  lsof  4.91+dfsg-1
> ii  mariadb-client-10.3   1:10.3.13-2
> ii  mariadb-common1:10.3.13-2
> ii  mariadb-server-core-10.3  1:10.3.13-2
> ii  passwd1:4.5-1.1
> ii  perl  5.28.1-5
> ii  psmisc23.2-1
> ii  rsync 3.1.3-6
> ii  socat 1.7.3.2-2
> ii  zlib1g1:1.2.11.dfsg-1
>
> Versions of packages mariadb-server-10.3 recommends:
> ii  libhtml-template-perl  2.97-1
>
> Versions of packages mariadb-server-10.3 suggests:
> ii  bsd-mailx [mailx]  8.1.2-0.20180807cvs-1
> ii  mailutils [mailx]  1:3.5-3
> ii  mailx  1:20081101-2
> pn  mariadb-test   
> ii  netcat-openbsd 1.195-2
> ii  tinyca 0.7.5-6
>
> -- debconf information:
>   mariadb-server-10.3/nis_warning:
>   mariadb-server-10.3/old_data_directory_saved:
>   mariadb-server-10.3/postrm_remove_databases: false
>
> ___
> pkg-mysql-maint mailing list
> pkg-mysql-ma...@alioth-lists.debian.net
> https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-mysql-maint

Bug#924965: libssh2: diff for NMU version 1.8.0-2.1

[Salvatore Bonaccorso]

Hi Mikhail,

On Tue, Apr 02, 2019 at 11:47:25PM +0300, Mikhail Gusarov wrote:
> Dear Salvatore,
> 
> On 2 Apr 2019, at 23:01, Salvatore Bonaccorso wrote:
> 
> > I've prepared an NMU for libssh2 (versioned as 1.8.0-2.1) and
> > uploaded it to DELAYED/5. Please feel free to tell me if I
> > should delay it longer.
> 
> I'm awfully busy at the moment outside of Debain, no need to delay
> it further.

Ack, thanks. I just have rescheduled it then.

Regards,
Salvatore

Bug#926297: duplicity: azure dependency broken?

[Dean Hamstead]

Package: duplicity
Version: 0.7.18.2-1
Severity: normal

Dear Maintainer,

I installed python-azure which brings python-azure-storge with it.

This doesnt seem sufficient though, running this sample command fails as
follows

$ duplicity full /source/dir azure://containername
BackendException: Azure backend requires Microsoft Azure Storage SDK for Python 
(https://pypi.python.org/pypi/azure-storage/).

Similarly, if i do a 'pip install azure' i get the same error.

FYI

$ dpkg -l | grep azure
ii  python-azure2.0.0~rc6+dfsg-2  
all  Microsoft Azure SDK for Python 2.x
ii  python-azure-storage0.33.0-1  
all  Microsoft Azure Storage Library for Python 2.x
ii  python-msrestazure  0.4.7-1   
all  Runtime library for AutoRest generated Python 2.x clients




-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (99, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-1-cloud-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages duplicity depends on:
ii  gnupg 2.2.12-1
ii  libc6 2.28-2
ii  librsync1 0.9.7-10+b1
ii  python2.7.15-3
ii  python-fasteners  0.12.0-3
ii  python-lockfile   1:0.12.2-2

Versions of packages duplicity recommends:
ii  python-oauthlib  2.1.0-1
ii  python-paramiko  2.4.2-0.1
ii  python-pexpect   4.6.0-1
ii  python-urllib3   1.24.1-1
ii  rsync3.1.3-1

Versions of packages duplicity suggests:
pn  lftp
pn  ncftp   
pn  python-boto 
pn  python-cloudfiles   
pn  python-gdata
pn  python-pip  
pn  python-swiftclient  
pn  tahoe-lafs  

-- no debconf information


Psst! It's possible that this email contains information that is on the super 
secret side of confidential. So if you received it accidentally, let the sender 
know straight away and delete it (and the email you sent them). Also, we should 
let you know that any emails that come and go through Winc™ might be 
scanned, stored or read by Winc™ at its discretion. If you've got a 
question, please give us a buzz on +61 2 9335 0555 (Australia) or +64 9 271 
7600 (NZ). Oh, and Winc™ does its best to avoid errors on emails it 
sends, but we can't promise that it will be error free. So, please don't hold 
it against us.

Bug#926296: RFP: pulseeffects -- DSP effects for Pulseaudio applications

[Nicholas D Steeves]

Package: wnpp
Severity: wishlist
Owner: Nicholas D Steeves 

Package name: pulseeffects
Version : 4.5.8
Upstream Author : Vladimir Sadovnikov 
* Primary copyright holder
  Wellington Wallace 
* Upstream contact
URL : https://github.com/wwmm/pulseeffects
License : GPL-3
Programming Lang: C++
Description : DSP effects for Pulseaudio applications

This package provides DSP effects for Pulseaudio applications.
.
Output Plugins:
  Limiter, Auto Gain, Expander, Compressor, Multiband Compressor,
  Equalizer, Bass, Enhancer, Exciter, Crystalizer, Reverberation,
  Crossfeed (for a more natural sounding headphone experience), Filter
  (Lowpass, Highpass, Bandpass and Bandreject modes), Stereo Tools,
  Loudness Maximizer, Pitch, Gate, Multiband Gate, Deesser, Convolver.
.
Input Plugins:
  Gate, Multiband Gate, WebRTC, Limiter, Compressor, Multiband
  Compressor, Equalizer, Reverberation, Pitch, Filter (Lowpass,
  Highpass, Bandpass and Bandreject modes), Deesser.

--

I'm primarily interested in the crossfeed and equaliser plugins, and
additionally I believe that this package would make a really nice
addition to the future buster-backports suite.  'wish I had discovered
it earlier so that it could have been included in buster...

Mikhail, I noticed you maintain a Debian packaging directory in the
upstream repo.  Are you involved in Debian, and if so then is there
any reason why PulseEffects hasn't been uploaded to the official
archives?  Are you interested in comaintaining the package within
Debian?

I've filed this as an RFP because I don't anticipate having time to
work on it for the next few weeks.  Keeping this package working with
all of its dependencies looks like it could be a lot of work, so it
would be best to comaintain it.  Failing that it seems like this
package should be maintained on either the PulseAudio maintenance
team, or the Debian Multimedia team.

Please take care to CC this bug for any replies.

Regards,
Nicholas


signature.asc
Description: PGP signature

Bug#926295: RFS: minder/1.1.3-1 [ITP]

[Yangfl]

Package: sponsorship-requests
Severity: wishlist

Dear mentors,

I am looking for a sponsor for my package "minder"

* Package name: minder
  Version : 1.1.3-1
  Upstream Author : Trevor Williams 
* URL : https://github.com/phase1geo/Minder
* License : GPL v3
  Section : x11

It builds those binary packages:

  minder - Mind-mapping application

To access further information about this package, please visit the
following URL:

https://mentors.debian.net/package/minder


Alternatively, one can download the package with dget using this command:

  dget -x 
https://mentors.debian.net/debian/pool/main/m/minder/minder_1.1.3-1.dsc

More information about minder can be obtained from https://www.example.com.

Changes since the last upload:

[your most recent changelog entry]


Regards,
 Yangfl

Bug#912749: speech-dispatcher: Found 0.9.0-5

[Boyd Stephen Smith Jr.]

Package: speech-dispatcher
Version: 0.9.0-5
Followup-For: Bug #912749

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Dear Maintainer,

Mar 31 22:57:19 monster systemd-tmpfiles[14121]: 
[/usr/lib/tmpfiles.d/speech-dispatcher.conf:1] Line references path below 
legacy directory /var/run/, updating /var/run/speech-dispatcher → 
/run/speech-dispatcher; please update the tmpfiles.d/ drop-in file accordingly.
Mar 31 22:57:19 monster systemd-tmpfiles[14121]: 
[/usr/lib/tmpfiles.d/speech-dispatcher.conf:2] Line references path below 
legacy directory /var/run/, updating /var/run/speech-dispatcher/.cache → 
/run/speech-dispatcher/.cache; please update the tmpfiles.d/ drop-in file 
accordingly.
Mar 31 22:57:19 monster systemd-tmpfiles[14121]: 
[/usr/lib/tmpfiles.d/speech-dispatcher.conf:3] Line references path below 
legacy directory /var/run/, updating 
/var/run/speech-dispatcher/.speech-dispatcher → 
/run/speech-dispatcher/.speech-dispatcher; please update the tmpfiles.d/ 
drop-in file accordingly.
Mar 31 22:57:19 monster systemd-tmpfiles[14121]: 
[/usr/lib/tmpfiles.d/speech-dispatcher.conf:4] Line references path below 
legacy directory /var/run/, updating 
/var/run/speech-dispatcher/.cache/speech-dispatcher → 
/run/speech-dispatcher/.cache/speech-dispatcher; please update the tmpfiles.d/ 
drop-in file accordingly.
Mar 31 22:57:19 monster systemd-tmpfiles[14121]: 
[/usr/lib/tmpfiles.d/speech-dispatcher.conf:5] Line references path below 
legacy directory /var/run/, updating /var/run/speech-dispatcher/log → 
/run/speech-dispatcher/log; please update the tmpfiles.d/ drop-in file 
accordingly.

- -- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (900, 'testing'), (500, 'unstable'), (300, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-2-amd64 (SMP w/16 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE=en_US 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages speech-dispatcher depends on:
ii  adduser  3.118
ii  init-system-helpers  1.56+nmu1
ii  libc62.28-8
ii  libdotconf0  1.3-0.3
ii  libglib2.0-0 2.58.3-1
ii  libltdl7 2.4.6-9
ii  libsndfile1  1.0.28-6
ii  libspeechd2  0.9.0-5
ii  lsb-base 10.2019031300
ii  speech-dispatcher-audio-plugins  0.9.0-5

Versions of packages speech-dispatcher recommends:
ii  pulseaudio   12.2-4
ii  sound-icons  0.1-6
ii  speech-dispatcher-espeak-ng  0.9.0-5

Versions of packages speech-dispatcher suggests:
pn  espeak  
pn  libttspico-utils
pn  mbrola  
pn  speech-dispatcher-cicero
pn  speech-dispatcher-doc-cs
pn  speech-dispatcher-espeak
pn  speech-dispatcher-festival  
pn  speech-dispatcher-flite 

- -- no debconf information

-BEGIN PGP SIGNATURE-

iHQEARECADQWIQTFhn3a8g2plxzZYyjnmmovsbVAWQUCXKQZ4hYcYnNzQGlndWFu
YXN1aWNpZGUubmV0AAoJEOeaai+xtUBZ2esAnjl9OfSo0qo5g49aWpDDKzoF09Fl
AJ9F/EDcvRhTA42hV86+4whlLa9JUA==
=DmQJ
-END PGP SIGNATURE-

Bug#926293: e2fsprogs: Add method to initialize mount count

[Elliott Mitchell]

Package: e2fsprogs
Version: 1.43.4-2

Could `mke2fs` and `tune2fs` get some method to initialize the maximum
mount count to a non-zero value?

Having to search for random values to initialize the maximum mount count
is a bit annoying.  Perhaps a -O init_max_mount_count setting?

I understand the author's misgivings about all the complaints from people
annoyed by precautionary checks.  Yet some of us are fine with occasional
checks.  Meanwhile the time-based checks were just awful.


-- 
(\___(\___(\__  --=> 8-) EHM <=--  __/)___/)___/)
 \BS (| ehem+sig...@m5p.com  PGP 87145445 |)   /
  \_CS\   |  _  -O #include  O-   _  |   /  _/
8A19\___\_|_/58D2 7E3D DDF4 7BA6 <-PGP-> 41D1 B375 37D0 8714\_|_/___/5445

Bug#926294: apcupsd: Systemd service PIDFile references legacy path

[Boyd Stephen Smith Jr.]

Package: apcupsd
Version: 3.14.14-2
Severity: minor

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Dear Maintainer,

Apr  1 00:47:15 monster systemd[1]: /lib/systemd/system/apcupsd.service:10: 
PIDFile= references path below legacy directory /var/run/, updating 
/var/run/apcupsd.pid → /run/apcupsd.pid; please update the unit file 
accordingly.
Apr  2 06:22:22 monster systemd[1]: /lib/systemd/system/apcupsd.service:10: 
PIDFile= references path below legacy directory /var/run/, updating 
/var/run/apcupsd.pid → /run/apcupsd.pid; please update the unit file 
accordingly.

- -- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (900, 'testing'), (500, 'unstable'), (300, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-2-amd64 (SMP w/16 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE=en_US 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages apcupsd depends on:
ii  libc6 2.28-8
ii  libgcc1   1:8.3.0-4
ii  libusb-0.1-4  2:0.1.12-32
ii  libwrap0  7.6.q-28
ii  lsb-base  10.2019031300

Versions of packages apcupsd recommends:
ii  apcupsd-doc3.14.14-2
ii  bsd-mailx [mailx]  8.1.2-0.20180807cvs-1
ii  mailutils [mailx]  1:3.5-3

Versions of packages apcupsd suggests:
pn  apcupsd-cgi  
ii  udev 241-1

- -- Configuration Files:
/etc/apcupsd/apcupsd.conf changed:
UPSCABLE usb
UPSTYPE usb
DEVICE
LOCKFILE /var/lock
SCRIPTDIR /etc/apcupsd
PWRFAILDIR /etc/apcupsd
NOLOGINDIR /etc
ONBATTERYDELAY 6
BATTERYLEVEL 5
MINUTES 3
TIMEOUT 0
ANNOY 300
ANNOYDELAY 60
NOLOGON disable
KILLDELAY 0
NETSERVER on
NISIP 127.0.0.1
NISPORT 3551
EVENTSFILE /var/log/apcupsd.events
EVENTSFILEMAX 10
UPSCLASS standalone
UPSMODE disable
STATTIME 0
STATFILE /var/log/apcupsd.status
LOGSTATS off
DATATIME 0


- -- no debconf information

-BEGIN PGP SIGNATURE-

iHQEARECADQWIQTFhn3a8g2plxzZYyjnmmovsbVAWQUCXKQeCRYcYnNzQGlndWFu
YXN1aWNpZGUubmV0AAoJEOeaai+xtUBZSIwAn2A1hD2xVpEmI8LTu89oVMPKj999
AJ9PvUlcPYMIZw8/4riRzUN29fgT0g==
=6Eqe
-END PGP SIGNATURE-

Bug#926292: manpages-dev: memfd_create needs sys/mman.h, not sys/memfd.h

[Marc Lehmann]

Package: manpages-dev
Version: 4.16-1
Severity: minor

Dear Maintainer,

the manpage for memfd_create documents:

   #include 

but as far as I can tell, this heade rnever existed and trhere are not
plans to bring it into existance.

Instead, the header to use is:

   #include 

And it requires _GNU_SOURCE or equivalent.

-- System Information:
Debian Release: 9.8
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'unstable-debug'), (500, 'testing-debug'), 
(500, 'stable-updates'), (500, 'stable-debug'), (500, 'unstable'), (500, 
'testing'), (1, 'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, x32

Kernel: Linux 4.19.27-041927-generic (SMP w/8 CPU cores)
Locale: LANG=POSIX, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=POSIX 
(charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages manpages-dev depends on:
ii  manpages  4.16-1

manpages-dev recommends no packages.

Versions of packages manpages-dev suggests:
ii  konqueror [man-browser]  4:16.08.3-1
ii  man-db [man-browser] 2.7.6.1-2

-- no debconf information

Bug#925982: pretty useless without local_scan

[Adam Borowski]

Control: severity -1 important

(Justification: exim is nearly completely useless for receiving mails for
an Internet domain -- there's ~100 spams per day per address.)

I've wasted time concurrently coming up with Andreas' findings -- and
indeed, rebuilding with HAVE_LOCAL_SCAN=yes makes spam filtering work again.


Meow!
-- 
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Did ya know that typing "test -j8" instead of "ctest -j8"
⢿⡄⠘⠷⠚⠋⠀ will make your testsuite pass much faster, and fix bugs?
⠈⠳⣄

Bug#926149: AMD: Add nomodeset kernel parameter to avoid black screen

[積丹尼 Dan Jacobson]

So the question becomes why does that installer ISO know how to properly deal
with the

BH> 00:01.0 VGA compatible controller [0300]: Advanced Micro Devices, Inc. 
[AMD/ATI] Carrizo [1002:9874] (rev e6)
BH> Subsystem: ASUSTeK Computer Inc. Device [1043:8719]

giving nice splash screens, a snappy graphical install interface, crisp
non-graphical rescue shells etc. ... but then the system that it
installs oddly cannot deal with that hardware anymore? (Black screen.)

Note the whole experiment was done offline as to reduce outside
interference in isolating the problem.

Bug#926207: iotop: unable to run on kernels with retpoline (spectre)

[Paul Wise]

Control: severity -1 normal
Control: retitle -1 iotop: crashes with versions of Linux that insert spaces 
into /proc/*/status

On Tue, 2019-04-02 at 11:46 -0600, Neil Tallim wrote:

> I am running a mostly vanilla upstream kernel (for a class of
> special-purpose devices that have some unusual quirks) that does
> include blank lines.

Any chance you could upgrade to either the Debian kernel or one based
on the Debian kernel or on 4.19 mainline and see if any of them fix it?

Also, I suggest you try to get those quirks fixed in Linux mainline,
so that you don't have to keep building Linux yourself :)

> (4.4 rather than 4.19 and not running Debian patches, where it looks
> like an Ubuntu patch was adopted to remove the newline)

Do you have any details about which patch this is?

Also, it would be great if you could try to get the patch into the
Linux kernel's mainline stable releases.

-- 
bye,
pabs

https://wiki.debian.org/PaulWise



signature.asc
Description: This is a digitally signed message part

Bug#925913: uhubctl: autopkgtest always fails

[gustavo panizzo]

Hello Graham

On Mon, Apr 01, 2019 at 01:11:23PM +0200, Graham Inggs wrote:

Hi Gustavo

On 2019/04/01 13:04, gustavo panizzo wrote:

I would like to defer this fix until buster is released. Would that be a
problem for ubuntu?


Ubuntu 19.04 will be released on 2019-04-18, which will presumably be 
before Buster.  So yes, this is a problem for getting the latest 
uhubctl into Ubuntu.



If yes, how could I proceed without asking the release team to unblock
an upload?


You could upload to Experimental, and I can sync to Ubuntu from there. 
Alternatively, if you provide a patch, I'd be happy to upload that to 
Ubuntu directly.




I've just uploaded 2.0.0-4 to experimental


Regards
Graham


--
IRC: gfa
GPG: 0X44BB1BA79F6C6333

Bug#926291: puppetdb 6 not compatible with puppet-master 5

[Cwsights]

Package: puppetdb
Version: 6.2.0-3
Severity: normal

Hi,
  Debian (Buster) packages puppetdb 6 and puppet-master(-passenger) 5.  
Unfortunately
puppetdb 6 requires puppet-master to be 6.0.0 or later[1].  This makes it 
impossible
to use the puppet-master in buster with the puppetdb in buster.

[1] https://puppet.com/docs/puppetdb/6.2/index.html#puppet-600

Thanks!
Chad.

Kernel: Linux 4.19.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages puppetdb depends on:
ii  adduser3.118
pn  dbconfig-pgsql | dbconfig-no-thanks
ii  debconf [debconf-2.0]  1.5.71
pn  default-jre-headless   
pn  libasm-java
pn  libat-at-clojure   
pn  libbidi-clojure
pn  libcheshire-clojure
pn  libclj-digest-clojure  
pn  libclj-http-clojure
pn  libclj-stacktrace-clojure  
pn  libclj-time-clojure
pn  libclojure-java
pn  libcommons-compress-java   
pn  libcommons-lang3-java  
pn  libcommons-logging-java
pn  libcompojure-clojure   
pn  libcore-async-clojure  
pn  libcore-match-clojure  
pn  libcore-memoize-clojure
pn  libdata-priority-map-clojure   
pn  libdujour-version-check-clojure
pn  libfast-zip-visit-clojure  
pn  libgeronimo-j2ee-management-1.1-spec-java  
pn  libgeronimo-jms-1.1-spec-java  
pn  libhikaricp-java   
pn  libhoneysql-clojure
pn  libinstaparse-clojure  
pn  libjava-jdbc-clojure   
pn  libjava-jmx-clojure
pn  libkitchensink-clojure 
pn  libmath-combinatorics-clojure  
pn  libmath-numeric-tower-clojure  
pn  libmetrics-clojure 
pn  libpantomime-clojure   
pn  libpostgresql-jdbc-java
pn  libprismatic-schema-clojure
pn  libpuppetlabs-http-client-clojure  
pn  libpuppetlabs-i18n-clojure 
pn  libraynes-fs-clojure   
pn  libring-core-clojure   
pn  librobert-hooke-clojure
pn  libslf4j-java  
pn  libslingshot-clojure   
pn  libspecter-clojure 
pn  libstockpile-clojure   
pn  libtools-logging-clojure   
pn  libtools-macro-clojure 
pn  libtools-namespace-clojure 
pn  libtrapperkeeper-clojure   
pn  libtrapperkeeper-metrics-clojure   
pn  libtrapperkeeper-status-clojure
pn  libtrapperkeeper-webserver-jetty9-clojure  
pn  libversioneer-clojure  
ii  lsb-base   10.2019031300
ii  ucf3.0038+nmu1

puppetdb recommends no packages.

Versions of packages puppetdb suggests:
ii  postgresql  11+200
pn  postgresql-contrib  

Bug#926290: mlocate: Is confused about DB permissions

[Elliott Mitchell]

Package: mlocate
Version: 0.26-2

The authors of mlocate need to figure out what their security model is
since the documentation and behavior seem to be confused about what the
actual model is.

Of crucial note, is the "mlocate" group supposed to be the controlling
factor for access to these DB files?  After some experimentation I found
`mlocate` will NOT provide results from a database file other than
/var/lib/mlocate/mlocate.db which is only readable by the "mlocate"
group.

This seems to contradict mlocate's `updatedb` program which WILL NOT
create a database file owned by a group other than "mlocate" without a
special option (-l no).  If the group is supposed to be the controlling
factor, then `mlocate` should provide results from extra database files
readable by group "mlocate".

True, examining DB files specified by --database or $LOCATE_PATH which
are readable by "mlocate", but not the user is hazardous.  Yet if the
group is properly controlled the hazard is small.


-- 
(\___(\___(\__  --=> 8-) EHM <=--  __/)___/)___/)
 \BS (| ehem+sig...@m5p.com  PGP 87145445 |)   /
  \_CS\   |  _  -O #include  O-   _  |   /  _/
8A19\___\_|_/58D2 7E3D DDF4 7BA6 <-PGP-> 41D1 B375 37D0 8714\_|_/___/5445

Bug#926289: python-azure-storage: New upstream version

[Dean Hamstead]

Package: python-azure-storage
Version: 20181109+git-1
Severity: wishlist

Dear Maintainer,

Upstream continues to move ever onward, as per 
https://github.com/Azure/azure-storage-python/releases

This is implacting me as 'duplicity' package seems to need a newer
version of python-azure-storage to function

Thanks



-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (99, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-1-cloud-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages python-azure-storage depends on:
ii  python 2.7.15-3
ii  python-azure   20181112+git-2
ii  python-concurrent.futures  3.2.0-2
ii  python-cryptography2.6.1-3
ii  python-dateutil2.7.3-3
ii  python-requests2.21.0-1

python-azure-storage recommends no packages.

python-azure-storage suggests no packages.

-- no debconf information


Psst! It's possible that this email contains information that is on the super 
secret side of confidential. So if you received it accidentally, let the sender 
know straight away and delete it (and the email you sent them). Also, we should 
let you know that any emails that come and go through Winc™ might be 
scanned, stored or read by Winc™ at its discretion. If you've got a 
question, please give us a buzz on +61 2 9335 0555 (Australia) or +64 9 271 
7600 (NZ). Oh, and Winc™ does its best to avoid errors on emails it 
sends, but we can't promise that it will be error free. So, please don't hold 
it against us.

Bug#917423: systemd-sysv: centrally document which "legacy" packages/replaced are replaced by systemd

[Christoph Anton Mitterer]

On Wed, 2019-04-03 at 00:15 +0200, Michael Biebl wrote:
> Feel free to submit additions/corrections/updates to the release-
> notes,
> if you think those changes are not satisfactory.

I think it's good start... one perhaps missing thing:

I vaguely recall to have read somewhere, that some of the *acpi*
packages was also considered to be obsoleted/replaced by systemd.
Was it acpid? But I might be wrong.

Also it could be worth checking whether any other "base" packages have
do things which are now done by systemd.
Perhaps things like setting up the keymap or power management tools
(laptop-mode-tools)?


I'm by far no systemd expert, so I cannot really tell whether any of
these are "replaced" by systemd, except from the acpid thingy which I
think to remember.


Thanks,
Chris.

Bug#926032: [chromium] Buggy / Solarized videos

[Michael Gilbert]

control: forcemerge -1 926151
control: severity -1 minor

On Tue, Apr 2, 2019 at 5:21 AM wrote:
> However it is a short term solution. Why would we have to disable a feature 
> like hardware acceleration and revert to a sluggish (and cpu hungry) software 
> rendering in order to (barely) make things work like they did before in 
> previous releases ?

The vaapi patch is work in progress.  It could be unapplied, but then
hardware acceleration would be completely unavailable, which is
equivalent to the workaround but of course takes away from those that
have hardware that works.

Best wishes,
Mike

Bug#926285: ncurses mvaddnwstr is implicit

[Thomas Dickey]

On Wed, Apr 03, 2019 at 12:43:30AM +0300, Emil Fihlman wrote:
> Package: libncursesw5-dev
> Packages: libncursesw?5.*
> Version: 6.0+20161126-1+deb9u2 (for libncursesw5-dev)
> 
> warning: implicit declaration of function ‘mvaddnwstr’
> [-Wimplicit-function-declaration] when compiling with -lncursesw.
> However, the resulting binary _does_ work so the linker does find the
> correct function.
> 
> I suggest the development package be corrected.

man ncurses

You must also define _XOPEN_SOURCE_EXTENDED when compiling for the
wide-character  library to use the extended (wide-character) func‐
tions.  The curses.h file which is installed for the  wide-charac‐
ter library is designed to be compatible with the normal library's
header.  Only the size of the WINDOW structure differs,  and  very
few  applications  require more than a pointer to WINDOWs.  If the
headers  are  installed  allowing  overwrite,  the  wide-character
library's  headers should be installed last, to allow applications
to be built using either library from the same set of headers.

man mvaddnwstr

   int mvaddnwstr(int y, int x, const wchar_t *wstr, int n);
^^^ (wide-character)

-- 
Thomas E. Dickey 
https://invisible-island.net
ftp://ftp.invisible-island.net


signature.asc
Description: Digital signature

Bug#916641: jaxb: leaves alternatives after purge: /usr/bin/{schemagen,xjc}

[Andreas Beckmann]

Control: tag -1 pending

On 2019-03-15 12:41, Andreas Beckmann wrote:
> attached is the trivial patch to fix the removal of the alternatives
> upon package removal.

I've now uploaded this as a NMU to DELAYED/5.


Andreas

Bug#926286: Debdiff

[Scott Talbert]

 diff -Nru wxpython4.0-4.0.4+dfsg/debian/changelog 
wxpython4.0-4.0.4+dfsg/debian/changelog
--- wxpython4.0-4.0.4+dfsg/debian/changelog 2019-01-25 18:19:15.0 
-0500
+++ wxpython4.0-4.0.4+dfsg/debian/changelog 2019-04-01 22:41:28.0 
-0400
@@ -1,3 +1,9 @@
+wxpython4.0 (4.0.4+dfsg-2) unstable; urgency=medium
+
+  * d/patches: Fix FTBFS with SIP 4.19.14 (Closes: #924856)
+
+ -- Scott Talbert   Mon, 01 Apr 2019 22:41:28 -0400
+
 wxpython4.0 (4.0.4+dfsg-1) unstable; urgency=medium
 
   * Update d/copyright and d/watch to use uscan repack mechanism vs. repack.sh
diff -Nru wxpython4.0-4.0.4+dfsg/debian/patches/fix-build-sip-4.19.14-1.patch 
wxpython4.0-4.0.4+dfsg/debian/patches/fix-build-sip-4.19.14-1.patch
--- wxpython4.0-4.0.4+dfsg/debian/patches/fix-build-sip-4.19.14-1.patch 
1969-12-31 19:00:00.0 -0500
+++ wxpython4.0-4.0.4+dfsg/debian/patches/fix-build-sip-4.19.14-1.patch 
2019-03-23 12:14:47.0 -0400
@@ -0,0 +1,132 @@
+From 3636ba3e606e3080942427beb68528f11cfb408e Mon Sep 17 00:00:00 2001
+From: Scott Talbert 
+Date: Fri, 22 Mar 2019 23:17:31 -0400
+Subject: [PATCH 1/2] Fix building with SIP 4.19.14
+
+This commit fixes building Phoenix with SIP 4.19.14.  One of the main changes
+in this release was to add SIP_OVERRIDE, which adds the C++ override keyword
+to method declarations that are intended to override the C++ class that SIP
+is wrapping.  Unfortunately, this exposed a few bugs which caused compile
+errors.  Most of the fixes are to the interface headers.  The two trickier
+fixes were to wxFileConfig and wxRendererNative.
+
+For wxFileConfig, the Save method's second parameter, 'conv', had been ignored.
+This caused the override check to fail.  This was resolved by ignoring the
+auto-generated Save() and adding a manually generated one without the second
+parameter.
+
+For wxRendererNative, the DrawTitleBarBitmap method is actually pure virtual
+in the subclass, so the fix was to ignore it there.  In the subclass
+wxDelegateRendererNative, it is concrete, but only on certain platforms.  This
+was fixed in a similar way by adding a manually generated method that will
+do the right thing on the platforms that support it.
+
+There is one other fix required for SIP 4.19.14: SIP has now added its own
+wrapper for size_t, so it required removing the one in wacky_ints.  This change
+was omitted for now because it should probably wait until Phoenix officially
+moves to 4.19.14.
+---
+ etg/config.py   | 10 +-
+ etg/printfw.py  |  1 -
+ etg/renderer.py | 18 +++---
+ etg/statbox.py  |  2 +-
+ ext/wxWidgets   |  2 +-
+ 5 files changed, 22 insertions(+), 11 deletions(-)
+
+diff --git a/etg/config.py b/etg/config.py
+index 8675e751..299f63b2 100644
+--- a/etg/config.py
 b/etg/config.py
+@@ -179,7 +179,7 @@ def run():
+ c.find('wxFileConfig').findOverload('wxInputStream').find('conv').ignore()
+ ctor = 
c.find('wxFileConfig').findOverload('wxString').find('conv').ignore()
+ #ctor.items.remove(ctor.find('conv'))
+-ctor = c.find('Save').find('conv').ignore()
++c.find('Save').ignore()
+ c.find('GetGlobalFile').ignore()
+ c.find('GetLocalFile').ignore()
+ 
+@@ -188,6 +188,14 @@ def run():
+ c.find('GetFirstEntry').ignore()
+ c.find('GetNextEntry').ignore()
+ 
++c.addCppMethod('bool', 'Save', '(wxOutputStream& os)', 
doc=c.find('Save').briefDoc, body="""\
++#if wxUSE_STREAMS
++return self->Save(*os);
++#else
++wxPyRaiseNotImplemented();
++#endif
++""")
++
+ 
+ 
+ #-
+diff --git a/etg/printfw.py b/etg/printfw.py
+index 0d0500ff..90f5f75a 100644
+--- a/etg/printfw.py
 b/etg/printfw.py
+@@ -61,7 +61,6 @@ def run():
+ c.find('CreateCanvas').isVirtual = True
+ c.find('CreateControlBar').isVirtual = True
+ c.find('Initialize').isVirtual = True
+-c.find('InitializeWithModality').isVirtual = True
+ 
+ 
+ 
+diff --git a/etg/renderer.py b/etg/renderer.py
+index 2319b62d..eea14676 100644
+--- a/etg/renderer.py
 b/etg/renderer.py
+@@ -43,25 +43,29 @@ def run():
+ c.find('GetGeneric').mustHaveApp()
+ c.find('GetDefault').mustHaveApp()
+ c.find('Set').mustHaveApp()
++c.find('DrawTitleBarBitmap').ignore()
++draw_tb_bmp_doc = c.find('DrawTitleBarBitmap').briefDoc
++
++
++c = module.find('wxDelegateRendererNative')
++c.mustHaveApp()
++c.addPrivateCopyCtor()
+ 
+ 
+ #virtual void DrawTitleBarBitmap(wxWindow *win,
+ #wxDC& dc,
+ #const wxRect& rect,
+ #wxTitleBarButton button,
+-#int flags = 0) = 0;
+-c.find('DrawTitleBarBitmap').setCppCode("""\
++#int flags = 0);
++c.addCppMethod('void', 'DrawTitleBarBitmap', '(wxWindow* win, wxDC& dc, 
const wxRect& rect, wxTitleBarButton 

Bug#926149: AMD: Add nomodeset kernel parameter to avoid black screen

[Ben Hutchings]

Control: tag -1 - moreinfo

On Tue, 2019-04-02 at 22:41 +0800, 積丹尼 Dan Jacobson wrote:
> BH> Please send the output of "lspci -vnn" for the system that shows this
> BH> problem.
> 
> Would lspci -knn be good enough for now?:
> https://bugs.debian.org/cgi-bin/bugreport.cgi?att=0;bug=925556;filename=logs.gz;msg=50

I wish you would just provide the information inline, but anyway that
does answer the question:

00:01.0 VGA compatible controller [0300]: Advanced Micro Devices, Inc. 
[AMD/ATI] Carrizo [1002:9874] (rev e6)
Subsystem: ASUSTeK Computer Inc. Device [1043:8719]

Ben.

-- 
Ben Hutchings
Klipstein's 4th Law of Prototyping and Production:
   A fail-safe circuit will destroy others.




signature.asc
Description: This is a digitally signed message part

Bug#926288: unblock: open-infrastructure-compute-tools/20190301-lts1-2

[Andreas Beckmann]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package open-infrastructure-compute-tools

Properly cleanup all alternatives after package removal.

unblock open-infrastructure-compute-tools/20190301-lts1-2

Andreas
diff -Nru open-infrastructure-compute-tools-20190301-lts1/debian/changelog 
open-infrastructure-compute-tools-20190301-lts1/debian/changelog
--- open-infrastructure-compute-tools-20190301-lts1/debian/changelog
2019-03-02 11:51:51.0 +0100
+++ open-infrastructure-compute-tools-20190301-lts1/debian/changelog
2019-03-19 21:24:38.0 +0100
@@ -1,3 +1,12 @@
+open-infrastructure-compute-tools (20190301-lts1-2) unstable; urgency=medium
+
+  * Uploading to sid.
+  * Adding removal of previously forgotten mmdebstrap alternative to not
+leave cruft behind after package removal, thanks to Andreas Beckmann
+ (Closes: #924092).
+
+ -- Daniel Baumann   Tue, 19 Mar 2019 
21:24:38 +0100
+
 open-infrastructure-compute-tools (20190301-lts1-1) unstable; urgency=medium
 
   * Uploading to sid.
diff -Nru 
open-infrastructure-compute-tools-20190301-lts1/debian/open-infrastructure-container-tools.prerm
 
open-infrastructure-compute-tools-20190301-lts1/debian/open-infrastructure-container-tools.prerm
--- 
open-infrastructure-compute-tools-20190301-lts1/debian/open-infrastructure-container-tools.prerm
2019-03-02 11:51:43.0 +0100
+++ 
open-infrastructure-compute-tools-20190301-lts1/debian/open-infrastructure-container-tools.prerm
2019-03-19 21:24:31.0 +0100
@@ -4,6 +4,7 @@
 
 case "${1}" in
remove|upgrade|deconfigure)
+   update-alternatives --quiet --remove container_script 
/usr/share/open-infrastructure/container/scripts/mmdebstrap
update-alternatives --quiet --remove container_script 
/usr/share/open-infrastructure/container/scripts/debootstrap
update-alternatives --quiet --remove container_script 
/usr/share/open-infrastructure/container/scripts/progress-linux
update-alternatives --quiet --remove container_script 
/usr/share/open-infrastructure/container/scripts/debian

Bug#924800: [PATCH] resolve race in test cleanup by making second attempt more forceful

[Sean Whitton]

Hello,

On Mon 01 Apr 2019 at 03:24PM -07, Sean Whitton wrote:

>> It seems to me that removePathForcibly would probably at best ignore
>> the error in removal and so leave a .t directory hanging around at the
>> end?
>
> I just tested this -- `dgit build && ls .t` -- and it does not leave it
> hanging around.

... that test, however, was not on a machine that was showing the race.
Please excuse me.

-- 
Sean Whitton


signature.asc
Description: PGP signature

Bug#926286: unblock: wxpython4.0/4.0.4+dfsg-2

[Scott Talbert]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package wxpython4.0

This fixes a wxpython4.0 FTBFS bug (#924856) with SIP 4.19.14 which was 
uploaded in late February.

unblock wxpython4.0/4.0.4+dfsg-2

-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-4-amd64 (SMP w/2 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#890265: systemd: journalctl compiled without pattern matching support

[Michael Biebl]

On Mon, 19 Feb 2018 11:25:56 +0100 Michael Biebl  wrote:
> Am 12.02.2018 um 18:02 schrieb Calum Mackay:
> > Package: systemd
> > Version: 237-2
> > Severity: normal
> > 
> > Dear Maintainer,
> > 
> > The -g/--grep option was recently added to the man page, but:
> > 
> > $ journalctl --grep=blah
> > Compiled without pattern matching support
> > 
> > this could be a man page bug, of course, although it's a useful feature.
> 
> As the message says, systemd has been compiled without pattern matching
> support. This is deliberate, as this would required linking against
> pcre2, which would basically make this library mandatory on every
> system. That's why I hesitated to enable that feature.

I'm fine with turning this feature on in buster+1.

-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#910964: libprotobuf17 might need Breaks: libprotobuf10

[Andreas Beckmann]

On Sun, 31 Mar 2019 16:51:51 +0200 Giovanni Mascellani 
wrote:
> Hi,
> 
> On Sat, 27 Oct 2018 17:30:32 +0300 Adrian Bunk  wrote:
> > Properly handling this in package like libarcus3 becomes difficult once 
> > you consider that such packages might be backported to stretch-backports
> > and would use libprotobuf10 there.
> > 
> > We might even end up with upgrade failures if a user could end up with
> > a nonworking combination of packages installed during an upgrade, and
> > a maintainer script calls such a nonworking program.
> 
> This is a sensible concern, but I share László's view here: the two
> versions of protobuf are not in conflict and can happily coexist on the
> same system, so there is no reason to declare a Break. What must be
> ensured is that no package depends on both at the same time: wouldn't it
> be better that this last package declared Conflicts and possibly
> Build-Conflicts towards the version of protobuf that is not meant to be
> used?

What's the point in having a cruft package (libprotobuf10) installable
in buster, if it has been shown that this allows partial upgrades (yes,
partial upgrades *are* supported) that reproducibly cause failures?
The cruft package itself does not cause harm. It's the combination with
other packages that's problematic. There is an easy solution to prevent
all these (see Subject), without imposing any limitation on buster.

While it is possible to add the Breaks to libarcus3 instead, is this
sufficient to prevent *all* failure cases? Which package will be the
next to be touched to prevent mixture errors?

There is no point in touching Build-Depends, as we can't build against
this cruft in sid.

Andreas

Bug#925576: unblock: python-trustme/0.4.0-2

[Robie Basak]

Hi Paul,

On Sun, Mar 31, 2019 at 10:40:38AM +0200, Paul Gevers wrote:
> The fix doesn't prevent the package from FTBFS. Please check
> https://buildd.debian.org/status/fetch.php?pkg=python-trustme&arch=all&ver=0.4.0-2&stamp=1553646768&raw=0

Thanks. I only spotted that after you approved the unblock request. It
did build in sbuild for me locally (after fixing the Build-Depends as
changed in -2), so it must be some difference wrt. the buildds. I will
investigate.


signature.asc
Description: PGP signature

Bug#926009: openjdk-11 breaks libreoffice autopkgtests

[Rene Engelhard]

retitle 926009 new "Debian" as java.vendor breaks libreoffice
reassign 926009 src:openjdk-11
thanks

Hi,

> > so maybe some backports for libreoffice are needed? is that fixed in 6.2.x?
> 
> I don't even know yet what needs to be changed... That said, I actually
> first noticed this the day before Paul filed the bug - with 6.3.0 alpha
> git snapshot. So any LO is affected.

Got it.

> > pointy comments won't help, because you will see these changes at
> > least in the first buster security update

Even

openjdk-11 (11.0.3+4-2) unstable; urgency=medium

  [ Matthias Klose ]
  * Configure with vendor flags.
[...]

?

That one is the problem.

Let's compare:

buster has:

$ java -XshowSettings:properties -version 2>&1 | grep vendor
java.specification.vendor = Oracle Corporation
java.vendor = Oracle Corporation
java.vendor.url = http://java.oracle.com/
java.vendor.url.bug = http://bugreport.java.com/bugreport/
java.vm.specification.vendor = Oracle Corporation
java.vm.vendor = Oracle Corporation

sid has:

$ java -XshowSettings:properties -version 2>&1 | grep vendor
java.specification.vendor = Oracle Corporation
java.vendor = Debian
java.vendor.url = https://tracker.debian.org/openjdk-11
java.vendor.url.bug = https://bugs.debian.org/openjdk-11
java.vm.specification.vendor = Oracle Corporation
java.vm.vendor = Debian

Indeed, jvmfwk has a known list of JDKs, and "Debian" (or whatever else
distro) does not appear in it:
https://cgit.freedesktop.org/libreoffice/core/tree/jvmfwk/distributions/OpenOfficeorg/javavendors_linux.xml?h=libreoffice-6-1-5
and it looks in java.vendor:

jvmfwk/plugins/sunmajor/pluginlib/vendorbase.cxx://get java.vendor,
java.version, java.home,
jvmfwk/plugins/sunmajor/pluginlib/vendorbase.cxx:if(! bVendor &&
prop.first == "java.vendor")

Indeed, after adding "Debian" as a copy of "Oracle Corporation" javaldx
works again.

We as distros can patch it for LibreOffice, but this change breaks LibreOffice 
out there unless
patched, and I doubt they will (or will be happy) to add extra stanzas for 
"Debian", "Ubuntu" or
whatever else.

I really believe this should be reverted.

Regards,

Rene

Bug#926285: ncurses mvaddnwstr is implicit

[Emil Fihlman]

Package: libncursesw5-dev
Packages: libncursesw?5.*
Version: 6.0+20161126-1+deb9u2 (for libncursesw5-dev)

warning: implicit declaration of function ‘mvaddnwstr’
[-Wimplicit-function-declaration] when compiling with -lncursesw.
However, the resulting binary _does_ work so the linker does find the
correct function.

I suggest the development package be corrected.

I am using Linux 4.9.0-8-amd64 #1 SMP Debian 4.9.130-2 (2018-10-27)
x86_64 GNU/Linux and Debian GLIBC 2.24-11+deb9u3

Emil

Bug#876905: qtwebkit should not be release with buster

[Moritz Muehlenhoff]

On Tue, Apr 02, 2019 at 06:28:39PM -0300, Lisandro Damián Nicanor Pérez Meyer 
wrote:
> El martes, 2 de abril de 2019 17:48:26 -03 Moritz Mühlenhoff escribió:
> [snip] 
> > > Truth is we can't even agree inside the team. Some of us think we should
> > > just remove it alongside whatever hasn't been ported, some think we should
> > > not.
> > > 
> > > Now in my *very personal* opinion: even if it's not supported by the
> > > security team I think it should keep the RC status if released with
> > > buster.
> > > It's a pile of security bugs in one single package.
> > 
> > qtwebkit hasn't been security-supported in any Debian release it was ever
> > present in. Does it really make sense to remove it now so close to the
> > buster release (with all kinds of unpreditable fallout on kde4libs).
> >
> > Wouldn't it be better to wait after the buster release and then agressively
> > bump all the remaining QT4/KDE4 to RC-severity the day after the buster
> > release so that automated testing removals can do their magic (and filin
> > g RM bugs a few months later).
> 
> That's exactly what I wrote above, but keeping the RC bug.

Sure, if the release team agrees with that approach, the canonical way to do
that would be to tag the bug as "buster-ignore".

Cheers,
Moritz

Bug#876905: qtwebkit should not be release with buster

[Lisandro Damián Nicanor Pérez Meyer]

El martes, 2 de abril de 2019 17:48:26 -03 Moritz Mühlenhoff escribió:
[snip] 
> > Truth is we can't even agree inside the team. Some of us think we should
> > just remove it alongside whatever hasn't been ported, some think we should
> > not.
> > 
> > Now in my *very personal* opinion: even if it's not supported by the
> > security team I think it should keep the RC status if released with
> > buster.
> > It's a pile of security bugs in one single package.
> 
> qtwebkit hasn't been security-supported in any Debian release it was ever
> present in. Does it really make sense to remove it now so close to the
> buster release (with all kinds of unpreditable fallout on kde4libs).
>
> Wouldn't it be better to wait after the buster release and then agressively
> bump all the remaining QT4/KDE4 to RC-severity the day after the buster
> release so that automated testing removals can do their magic (and filin
> g RM bugs a few months later).

That's exactly what I wrote above, but keeping the RC bug. Even if it's not 
supported we should warn our users of the big security pile of bugs it is.

-- 
Cuando tenga duda, utilice la solución mas simple.
  Principio de William Occam, también llamado
  "la navaja de Occam"

Lisandro Damián Nicanor Pérez Meyer
http://perezmeyer.com.ar/
http://perezmeyer.blogspot.com/


signature.asc
Description: This is a digitally signed message part.

Bug#926283: unblock: thunderbird/1:60.6.1-1

[Carsten Schoenert]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package thunderbird

The package Thunderbird got the usual update to a new ESR version with
an update to 60.6.1.
This update fixes some known CVEs.

The changes to the packaging can be seen within the following diff output:

diff -puNr thunderbird-60.5.1/debian/changelog 
thunderbird-60.6.1/debian/changelog
--- thunderbird-60.5.1/debian/changelog 2019-02-14 20:01:03.0 +0100
+++ thunderbird-60.6.1/debian/changelog 2019-03-27 18:22:51.0 +0100
@@ -1,3 +1,32 @@
+thunderbird (1:60.6.1-1) unstable; urgency=medium
+
+  [ intrigeri ]
+  * [2013645] d/rules: drop useless usage of dpkg-parsechangelog
+
+  [ Carsten Schoenert ]
+  * [daf1252] New upstream version 60.6.1
+Fixed CVE issues in upstream version 60.6.0 (MFSA 2019-11)
+CVE-2019-9790: Use-after-free when removing in-use DOM elements
+CVE-2019-9791: Type inference is incorrect for constructors entered 
+   through on-stack replacement with IonMonkey
+CVE-2019-9792: IonMonkey leaks JS_OPTIMIZED_OUT magic value to script
+CVE-2019-9793: Improper bounds checks when Spectre mitigations are disabled
+CVE-2019-9794: Command line arguments not discarded during execution
+CVE-2019-9795: Type-confusion in IonMonkey JIT compiler
+CVE-2019-9796: Use-after-free with SMIL animation controller
+CVE-2018-18506: Proxy Auto-Configuration file can define localhost access
+to be proxied
+CVE-2019-9788: Memory safety bugs fixed in Firefox 66, Firefox ESR 60.6,
+   and Thunderbird 60.6
+Fixed CVE issues in upstream version 60.6.1 (MFSA 2019-12)
+CVE-2019-9810: IonMonkey MArraySlice has incorrect alias information
+CVE-2019-9813: Ionmonkey type confusion with __proto__ mutations
+  * [f88a505] rebuild patch queue from patch-queue branch
+added patch:
+fixes/Bug-1526744-find-dupes.py-Calculate-md5-by-chunk.patch
+
+ -- Carsten Schoenert   Wed, 27 Mar 2019 18:22:51 
+0100
+
 thunderbird (1:60.5.1-1) unstable; urgency=medium
 
   [ Alexander Nitsch ]
diff -puNr 
thunderbird-60.5.1/debian/patches/debian-hacks/stop-configure-if-with-system-bz2-was-passed-but-no-.patch
 
thunderbird-60.6.1/debian/patches/debian-hacks/stop-configure-if-with-system-bz2-was-passed-but-no-.patch
--- 
thunderbird-60.5.1/debian/patches/debian-hacks/stop-configure-if-with-system-bz2-was-passed-but-no-.patch
   2019-02-14 19:46:50.0 +0100
+++ 
thunderbird-60.6.1/debian/patches/debian-hacks/stop-configure-if-with-system-bz2-was-passed-but-no-.patch
   2019-03-26 21:53:39.0 +0100
@@ -8,10 +8,10 @@ Subject: stop configure if '--with-syste
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/old-configure.in b/old-configure.in
-index f78c54d..506c08e 100644
+index 8ac71d1..5769ef6 100644
 --- a/old-configure.in
 +++ b/old-configure.in
-@@ -1825,7 +1825,7 @@ if test -z "$BZ2_DIR" -o "$BZ2_DIR" = no; then
+@@ -1826,7 +1826,7 @@ if test -z "$BZ2_DIR" -o "$BZ2_DIR" = no; then
  MOZ_SYSTEM_BZ2=
  else
  AC_CHECK_LIB(bz2, BZ2_bzread, [MOZ_SYSTEM_BZ2=1 MOZ_BZ2_LIBS="-lbz2"],
diff -puNr 
thunderbird-60.5.1/debian/patches/fixes/Bug-1526744-find-dupes.py-Calculate-md5-by-chunk.patch
 
thunderbird-60.6.1/debian/patches/fixes/Bug-1526744-find-dupes.py-Calculate-md5-by-chunk.patch
--- 
thunderbird-60.5.1/debian/patches/fixes/Bug-1526744-find-dupes.py-Calculate-md5-by-chunk.patch
  1970-01-01 01:00:00.0 +0100
+++ 
thunderbird-60.6.1/debian/patches/fixes/Bug-1526744-find-dupes.py-Calculate-md5-by-chunk.patch
  2019-03-26 21:53:39.0 +0100
@@ -0,0 +1,49 @@
+From: Rob Lemley 
+Date: Thu, 21 Feb 2019 15:14:17 -0500
+Subject: Bug 1526744 - find-dupes.py: Calculate md5 by chunk.
+
+Read the file in chunks and use md5.update() rather than reading the entire
+file into RAM and calculating the hash all at once. This prevents out of memory
+errors on build systems with low RAM.
+---
+ toolkit/mozapps/installer/find-dupes.py | 18 ++
+ 1 file changed, 14 insertions(+), 4 deletions(-)
+
+diff --git a/toolkit/mozapps/installer/find-dupes.py 
b/toolkit/mozapps/installer/find-dupes.py
+index 3935b79..0ff7efc 100644
+--- a/toolkit/mozapps/installer/find-dupes.py
 b/toolkit/mozapps/installer/find-dupes.py
+@@ -39,19 +39,29 @@ def is_l10n_file(path):
+ def normalize_path(p):
+ return normalize_osx_path(p)
+ 
++def md5hash_size(fp, chunk_size=1024*10):
++md5 = hashlib.md5()
++size = 0
++while True:
++data = fp.read(chunk_size)
++if not data:
++break
++md5.update(data)
++size += len(data)
++
++return md5.digest(), size
+ 
+ def find_dupes(source, allowed_dupes, bail=True):
+ allowed_dupes = set(allowed_dupes)
+ md5s = OrderedDict()
+ for p, f in UnpackFinder(source):
+-content = f.open().read()
+-m = hashlib.md5(content).digest()
++  

Bug#923715: [Ceph-maintainers] Bug#923715: This doesn't make the package unusable

[Alfredo Deza]

On Tue, Apr 2, 2019 at 4:48 PM Thomas Goirand  wrote:
>
> Hi,
>
> Using ceph-volume is absolutely *NOT* mandatory, this is only a way to
> setup your ceph cluster, but that's really not the only one.
>
> I've been using ceph-osd without it, and the ceph-osd@.service is really
> enough, provided that you know how to set it up properly.
>
> Therefore, this bug is *NOT* of severity grave, because the definition is:
>
> "makes the package in question unusable by most or all users,
> or causes data loss, or introduces a security hole allowing
> access to the accounts of users who use the package."
>
> There's no security hole or data loss, it is just maybe a little harder
> to use ceph-osd.

I would argue that an unusable ceph-volume would make Ceph unusable
for most users.

Running ceph-osd@.service is not enough, since one of the
responsibilities of ceph-volume is to ensure that
everything is in place for the OSD to start when the system boots,
with all the complexity that may involve: encrypted,
bluestore or filestore, block/block.db/block.wal, journals, etc...

You may be able to run an OSD manually, but that doesn't mean it is
the way we would recommend for a stable system.

>
> It would still be desirable to get this fixed ASAP though, and probably
> deserving a fix before Buster is out.
>
> Cheers,
>
> Thomas Goirand (zigo)
> ___
> Ceph-maintainers mailing list
> ceph-maintain...@lists.ceph.com
> http://lists.ceph.com/listinfo.cgi/ceph-maintainers-ceph.com

Bug#926284: RFP: node-evacuated-tweetnacl-js -- node-evacuated-tweetnacl-js

[Jeff Cliff]

Package: wnpp
Severity: wishlist

* Package name: node-evacuated-tweetnacl-js
  Version : 1.0.0
  Upstream Author : TweetNaCl-js contributors
* URL : 
https://salsa.debian.org/themusicgod1-guest/evacuated-tweetnacl-js
* License : Public Domain/UnLicense
  Programming Lang: javascript
  Description : node-evacuated-tweetnacl-js

(This is a fork of tweetnacl-js, with a different upstream than NSA/Microsoft 
Github)

The primary goal of this project is to produce a translation of TweetNaCl to 
JavaScript which is as close as possible 
to the original C implementation, plus a thin layer of idiomatic high-level API 
on top of it.

It is a prerequisite of electron ( #842420 ).

Bug#923484: sbuild: Fix Build-Space tag to report used Disc Space

[Aurelien Jarno]

On 2019-04-02 00:01, Aurelien Jarno wrote:
> Hi,
> 
> On 2019-02-28 21:14, Helge Deller wrote:
> > Package: sbuild
> > Version: 0.78.1-1
> > Severity: normal
> > Tags: patch
> > 
> > sbuild fails to report used "Disc space" when building debian packages.
> > This can be seen for various architecturs which are already using this
> > sbuild version for their buildds. Here are examples for m68, ppc64 and
> > hppa:
> > https://buildd.debian.org/status/logs.php?pkg=globus-net-manager&arch=m68k
> > https://buildd.debian.org/status/logs.php?pkg=globus-net-manager&arch=ppc64
> > 
> > For hppa arch I've applied the patch below, and with that change sbuild
> > will now report the size in the "Build-Space:" tag of the build log:
> > https://buildd.debian.org/status/logs.php?pkg=globus-net-manager&arch=hppa
> 
> DSA just started to upgrade build daemons to buster for test purpose.
> They are affected by the same issue. For example:
> https://buildd.debian.org/status/fetch.php?pkg=pacemaker&arch=i386&ver=2.0.1-2&stamp=1554121370&raw=0
> 
> > Can you apply the patch below (or a correct variant of it) to the next
> > sbuild uploads?
> > I'm happy to test any other patch as well.
> > 
> > Thanks,
> > Helge
> > 
> > 
> > diff -up /usr/share/perl5/Sbuild/Build.pm.org 
> > /usr/share/perl5/Sbuild/Build.pm
> > --- /usr/share/perl5/Sbuild/Build.pm.org2019-02-28 21:00:01.033696326 
> > +0100
> > +++ /usr/share/perl5/Sbuild/Build.pm2019-02-28 21:01:11.885230625 
> > +0100
> > @@ -2783,7 +2783,7 @@ sub check_space {
> >  # the required space.
> >  unless( defined $dscdir && -d $dscdir)
> >  {
> > -   return -1;
> > +   # DO NOT: return -1;
> >  }
>   
> There are actually 2 issues with the current code:
> - $dscdir is a relative path to the build directory, so $pkgbuilddir
>   should be used instead to not depend on the current directory.
> - The test should be done inside of the chroot.
> 
> Therefore the following patch fixes the issue for me:
> 
> --- a/lib/Sbuild/Build.pm
> +++ b/lib/Sbuild/Build.pm
> @@ -2781,7 +2781,7 @@ sub check_space {
>  
>  # if the source package was not yet unpacked, we will not attempt to 
> compute
>  # the required space.
> -unless( defined $dscdir && -d $dscdir)
> +unless( defined $dscdir && $self->test_directory($pkgbuilddir) )
>  {
>   return -1;
>  }

And this patch is actually wrong, I failed to copy and paste the line
correctly between my test buildd and my git repository. Here is the
correct patch:

diff --git a/lib/Sbuild/Build.pm b/lib/Sbuild/Build.pm
index f5660148..0500dea6 100644
--- a/lib/Sbuild/Build.pm
+++ b/lib/Sbuild/Build.pm
@@ -2781,7 +2781,7 @@ sub check_space {
 
 # if the source package was not yet unpacked, we will not attempt to 
compute
 # the required space.
-unless( defined $dscdir && -d $dscdir)
+unless( defined $dscdir && 
$self->get('Session')->test_directory($pkgbuilddir))
 {
return -1;
 }

-- 
Aurelien Jarno  GPG: 4096R/1DDD8C9B
aurel...@aurel32.net http://www.aurel32.net


signature.asc
Description: PGP signature

Bug#926282: apt-cacher-ng: add optional dependency for ssl ca certificates

[corubba]

Package: apt-cacher-ng
Version: 2-2
Severity: normal

Dear Maintainer,

I would like to kindly request the addition of the ca-certificates
package [0] as a suggested dependency for apt-cacher-ng, maybe even as a
recommended dependency. The certificates are required for apt-cacher-ng
to access upstream repositories via https, for example in ForceManaged
mode. The absence of these certificates results in client-side errors
like the one below.

root@foo:/# apt update
Ign:1 http://apt-cacher/repo stable InRelease
Err:2 http://apt-cacher/repo stable Release
  500  SSL error: certificate verify failed

After installing the ca-certificates packages, clients are instantly
able to access the repository without a restart of the apt-cacher-ng
process.

I am quite aware of the fact that the use of https as a apt transport is
not encouraged as the package signatures already provide ample security.
Unfortunately thou, I found some 3rd party repositories only to be
accessible via https.

[0] https://packages.debian.org/stretch/ca-certificates


-- System Information:
Debian Release: 9.8
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-0.bpo.2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8),
LANGUAGE=en_GB:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages apt-cacher-ng depends on:
ii  adduser3.115
ii  debconf [debconf-2.0]  1.5.61
ii  dpkg   1.18.25
ii  init-system-helpers1.48
ii  libbz2-1.0 1.0.6-8.1
ii  libc6  2.24-11+deb9u4
ii  libgcc11:6.3.0-18+deb9u1
ii  liblzma5   5.2.2-1.2+b1
ii  libssl1.1  1.1.0j-1~deb9u1
ii  libstdc++6 6.3.0-18+deb9u1
ii  libsystemd0232-25+deb9u9
ii  libwrap0   7.6.q-26
ii  lsb-base   9.20161125
ii  zlib1g 1:1.2.8.dfsg-5

apt-cacher-ng recommends no packages.

Versions of packages apt-cacher-ng suggests:
pn  avahi-daemon  
pn  doc-base  
ii  libfuse2  2.9.7-1+deb9u2

Bug#925473: tomcat9: sysvinit script missing (Policy §9.11¶2 “must”)

[Thorsten Glaser]

Hi Emmanuel,

>What is the issue with the dependency on systemd?

Most people using Debian without systemd have APT pinning or other
measures in place that prevent the systemd package, which ships the
systemd-sysusers binary (and service?), from being installed, in
order to not sneakily being converted to systemd (it did happen).
I only know of the elogind case (which most likely will only be
available in bullseye) as one where non-systemd init but systemd
binaries will be used.

What is the issue with using adduser, which is the standard Debian
tool doing the same job, instead? After all, depending on systemd
just to create a system user and group is very heavy-weight.

>> diff --git a/debian/tomcat9.postinst b/debian/tomcat9.postinst
>> index 55fb55c2..8edcfc5c 100644
>> --- a/debian/tomcat9.postinst
>> +++ b/debian/tomcat9.postinst
>> @@ -5,6 +5,7 @@
>>
>>  set -e
>>
>> +# Note these are no longer configurable (as of commit 
>> 243d00dc688ea47f4c7cde570ccaaa70efe269bf)
>>  TOMCAT_USER="tomcat"
>>  TOMCAT_GROUP="tomcat"
>
>The comment doesn't add much value. The non configurable user/group is
>already documented in the changelog.

OK, removed.

>If systemd-sysusers can't be used directly I prefer an inline code to an
>external file.

OK, reverted.

(I kept the check whether the user exists as first check, though;
there’s no need to try to create it over and over on every upgrade
on systemd systems either, and since its presence is needed for the
non-systemd case, it can be made use of in the systemd case, too.)


Did you have a chance to test this on a buster/systemd Debian?
I don’t currently have such a machine existing in a meaningful
way. (Granted, I could probably cobble together some test VM,
but I’m sure you have something at hand.)

I tried one with sysvinit, but it turns out that the software
does not yet work under Tomcat 9, so I had to revert the VM to
Tomcat 8; it did start and write logs with sensible ownership
and permission, though.

Thanks,
//mirabilos
--  
When he found out that the m68k port was in a pretty bad shape, he did
not, like many before him, shrug and move on; instead, he took it upon
himself to start compiling things, just so he could compile his shell.
How's that for dedication. -- Wouter, about my Debian/m68k revival

Bug#925321: RM: openjdk-8/8u171-b11-2

[Rene Engelhard]

clone 925321 -1
reassign -1 src:libreoffice
severity -1 important
retitle -1 obsolete openjdk-8 dependency
block 925321 by -1
thanks

Hi,

On Tue, Apr 02, 2019 at 09:08:19PM +0200, Paul Gevers wrote:
> Just for info, from IRC #debian-release today:
> 
> [21:03:39] <_rene_> elbrus: I think you are right (ENOSPC on my rpi
> handling the mail, need to fix it later), looks like remains of hackery
> working around Java broken with stack clash fix on i386
> 
> [21:04:48] <_rene_>   ifeq "$(DEB_HOST_ARCH)" "i386"
> [21:04:48] <_rene_> JAVA_RUNTIME_DEPENDS := openjdk-8-jre (>=
> 8u151-b12-2~) | openjdk-9-jre (>= 9.0.1+11-1~)
> [21:04:51] <_rene_>   else
> [21:04:51] <_rene_> [...]

Jup, will remove.

Regards,

Rene

Bug#876905: qtwebkit should not be release with buster

[Moritz Mühlenhoff]

On Fri, Mar 22, 2019 at 05:45:56PM -0300, Lisandro Damián Nicanor Pérez Meyer 
wrote:
> El jue., 21 mar. 2019 09:33, Thierry fa...@linux.ibm.com <
> thie...@linux.ibm.com> escribió:
> 
> > On Tue, 26 Sep 2017 22:15:12 +0300 Adrian Bunk  wrote:
> > > Source: qtwebkit
> > > Version: 2.3.4.dfsg-9.1
> > > Severity: serious
> > > Tags: buster sid
> > >
> > > qtwebkit should not be release with buster
> > > (RC bugs are already open against all r-deps).
> > >
> > >
> >
> > As version 2.3.4.dfsg-10 is part of buster what do we do with that bug ?
> 
> 
> Truth is we can't even agree inside the team. Some of us think we should
> just remove it alongside whatever hasn't been ported, some think we should
> not.
> 
> Now in my *very personal* opinion: even if it's not supported by the
> security team I think it should keep the RC status if released with buster.
> It's a pile of security bugs in one single package.

qtwebkit hasn't been security-supported in any Debian release it was ever
present in. Does it really make sense to remove it now so close to the
buster release (with all kinds of unpreditable fallout on kde4libs).

Wouldn't it be better to wait after the buster release and then agressively
bump all the remaining QT4/KDE4 to RC-severity the day after the buster
release so that automated testing removals can do their magic (and filin
g RM bugs a few months later).

Cheers,
Moritz

Bug#923715: This doesn't make the package unusable

[Thomas Goirand]

Hi,

Using ceph-volume is absolutely *NOT* mandatory, this is only a way to
setup your ceph cluster, but that's really not the only one.

I've been using ceph-osd without it, and the ceph-osd@.service is really
enough, provided that you know how to set it up properly.

Therefore, this bug is *NOT* of severity grave, because the definition is:

"makes the package in question unusable by most or all users,
or causes data loss, or introduces a security hole allowing
access to the accounts of users who use the package."

There's no security hole or data loss, it is just maybe a little harder
to use ceph-osd.

It would still be desirable to get this fixed ASAP though, and probably
deserving a fix before Buster is out.

Cheers,

Thomas Goirand (zigo)

Bug#924965: libssh2: diff for NMU version 1.8.0-2.1

[Mikhail Gusarov]

Dear Salvatore,

On 2 Apr 2019, at 23:01, Salvatore Bonaccorso wrote:

> I've prepared an NMU for libssh2 (versioned as 1.8.0-2.1) and
> uploaded it to DELAYED/5. Please feel free to tell me if I
> should delay it longer.

I'm awfully busy at the moment outside of Debain, no need to delay it further.

Best,
Mikhail.

Bug#925509: netbeans: Netbeans not usable with java in Buster

[Markus Koschany]

Hello Jaroslav,

On Mon, 01 Apr 2019 09:03:31 +0200 Jaroslav Tulach
 wrote:
[...]
> Hello Markus,
> it would be better to have a whole NetBeans log file instead of just the 
> stack 
> trace. Then we could see classpath, list of enabled modules and may be deduce 
> more.
> 
> Best regards.
> -jt

I think it's easy to reproduce. Just try to create a new Java project
with the Debian package. I believe this could be related to the removal
of langtools-9.zip in Debian. This is yet another file which is
downloaded at build-time. As far as I understand it, it is required to
build certain classes of Netbeans with the older OpenJDK 9 API. If I
include this file and remove the Debian specific langtools-9.patch I get
more compile errors later on. The build log is attached. It looks like
an error in src:libnb-platform18-java too. Netbeans depends on the
platform packages built by this source package.

Regards,

Markus


libnb-platform18-java_10.0+ds-1_amd64.build.gz
Description: application/gzip


signature.asc
Description: OpenPGP digital signature

Bug#925473: tomcat9: sysvinit script missing (Policy §9.11¶2 “must”)

[Emmanuel Bourg]

Hi Thorsten,

Le 02/04/2019 à 16:54, Thorsten Glaser a écrit :

> due to your objection against perceived complexity, I changed the way
> I’ve implemented this. Doing this at all is required because the hard
> “Depends: systemd” will not work on many non-systemd systems

What is the issue with the dependency on systemd? I was under the
impression systemd-sysusers could be used even on systems using sysvinit
as the init system. I understand it won't work on Debian derivatives
that vowed to burn any systemd related code, but that's not the matter here.


> diff --git a/debian/tomcat9.postinst b/debian/tomcat9.postinst
> index 55fb55c2..8edcfc5c 100644
> --- a/debian/tomcat9.postinst
> +++ b/debian/tomcat9.postinst
> @@ -5,6 +5,7 @@
>  
>  set -e
>  
> +# Note these are no longer configurable (as of commit 
> 243d00dc688ea47f4c7cde570ccaaa70efe269bf)
>  TOMCAT_USER="tomcat"
>  TOMCAT_GROUP="tomcat"

The comment doesn't add much value. The non configurable user/group is
already documented in the changelog.

>  
> @@ -12,8 +13,8 @@ CONFFILES="tomcat-users.xml web.xml server.xml 
> logging.properties context.xml ca
>  
>  case "$1" in
>  configure)
> - # Create the tomcat user as defined in /usr/lib/sysusers.d/tomcat9.conf
> - systemd-sysusers
> + # Create the tomcat user
> + /usr/libexec/tomcat9/create-sysuser.sh

If systemd-sysusers can't be used directly I prefer an inline code to an
external file.

Emmanuel Bourg

Bug#926043: CVE-2019-0816

[Moritz Mühlenhoff]

severity 926043 important
thanks

On Tue, Apr 02, 2019 at 01:56:35PM +0200, Thomas Goirand wrote:
> On 4/2/19 12:46 PM, Moritz Muehlenhoff wrote:
> > On Tue, Apr 02, 2019 at 12:33:10PM +0200, Thomas Goirand wrote:
> >> On 4/1/19 11:44 PM, Moritz Mühlenhoff wrote:
> >>> Instead of arguing over bug severities, can't we rather fix the bug?
> >>
> >> Sure.
> >>
> >>> Ubuntu fixed this already and their versions seems fairly close.
> >>
> >> That's the thing. I went into the launchpad bug report, and it's full of
> >> small, incremental commits, from which it is very hard to figure out
> >> which one is really fixing the issue. Also, the Ubuntu package is just
> >> getting a snapshot from upstream, it's not integrating any patch. If
> >> someone can point at the correct patch, I'll do the update work.
> > 
> > Actually, given Bastian's reply, we can just close the bug, or am I missing
> > something?
> > 
> > Cheers,
> > Moritz
> 
> Well, not 100%. "we" don't support cloud-init provisioning yet. Though
> someone running Debian, building their own image, cloud be affected by
> the bug. Which is why I'd suggest downgrading the bug to important, as
> it would only affect, only potentially, a very small subset of users.

OK, I see! Downgrading makes total sense, then. Doing that now.
 
> I still believe we should try to get this fixed in time for Buster, and
> backport it to Stretch.

Ack.

Cheers,
Moritz

Bug#926279: mininet: switch from cgroup-bin to cgroup-tools

[Andreas Beckmann]

Package: mininet
Version: 2.2.2-4
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package is no longer
installable in sid.

The transitional package cgroup-bin (which is superseded by
cgroup-tools at least since jessie) is no longer built in sid.
Please switch the dependency to cgroup-tools.


Cheers,

Andreas

Bug#926280: Don't bundle rubygems

[Moritz Muehlenhoff]

Package: jruby
Severity: important

(This bug isn't really actionable yet, as it depends on #926278 getting fixed
in src:ruby2.5)

Please don't use the bundled rubygems any longer, but instead a copy shared
with the C-based Ruby interpreter.

Given that most of the security issues in the C-based interpreter don't
affect Jruby (apart from the rubygems) this will considerably reduce the
overhead for keeping jruby updated in stable/oldstable.

I spoke to upstream (CCed) earlier and they confirmed that jruby bundles
the rubygems unmodified, so that should not cause any run time issues.

Cheers,
Moritz

Bug#926278: Please build a separate binary package to ship rubygems

[Moritz Muehlenhoff]

Package: libruby2.5
Version: 2.5.5-1
Severity: wishlist

rubygems are currently a part of libruby2.5. Can you please split them into a
separate binary package like ruby2.5-rubygems (which libruby2.5 would still
depennd upon)?

With jruby we have a second Ruby implementation in the archive (which embeds
rubygems unmodified) and currently whenever there's a ruby security release
which needs fixes to rubygems we also need to update jruby (while the Jruby
interpreter usually isn't affected by many of the security bugs in the
C-based ruby implementation).

(For bullseye, too intrusive for buster)

Cheers,
Moritz

Bug#926277: RM: science-social -- RoQA; NBS; cruft

[Andreas Beckmann]

Package: ftp.debian.org
Severity: normal

This is no longer built by debian-science (1.9):

science-social | 1.8   | unstable   | all


Andreas

Bug#926276: Should guacamole-client be removed?

[Moritz Muehlenhoff]

Source: guacamole-client
Severity: serious

Should guacamole-client be removed?

guacamole-client hasn't been updated since 2016, is removed from testing
since 1.5 years and has four RC bugs at this point

Cheers,
Moritz

Bug#926218: range-v3: FTBFS with gcc 8.3

[Коля Гурьев]

Control: forwarded -1 https://github.com/ericniebler/range-v3/issues/856

Hi!

Thank you for the report! Which hardware architecture do you use to
build the package?

There is something similar in upstream bug tracker.

Bug#926275: Depends on tomcat8

[Moritz Muehlenhoff]

Package: guacamole
Severity: serious

guacamole depends on tomcat8, which is to be removed (#925454).

Cheers,
Moritz

Bug#926274: nmu: znc-backlog_0.20180824-1

[Andreas Beckmann]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu

nmu znc-backlog_0.20180824-1 . ANY . unstable . -m "Rebuild against znc 
1.7.2-2."

znc-backlog has an extremely tight dependency on znc.


Andreas

Bug#924965: libssh2: diff for NMU version 1.8.0-2.1

[Salvatore Bonaccorso]

Control: tags 924965 + pending


Dear maintainer,

I've prepared an NMU for libssh2 (versioned as 1.8.0-2.1) and
uploaded it to DELAYED/5. Please feel free to tell me if I
should delay it longer.

Regards,
Salvatore
diff -Nru libssh2-1.8.0/debian/changelog libssh2-1.8.0/debian/changelog
--- libssh2-1.8.0/debian/changelog	2018-06-23 21:45:38.0 +0200
+++ libssh2-1.8.0/debian/changelog	2019-03-31 16:06:20.0 +0200
@@ -1,3 +1,29 @@
+libssh2 (1.8.0-2.1) unstable; urgency=high
+
+  * Non-maintainer upload.
+  * Possible integer overflow in transport read allows out-of-bounds write
+(CVE-2019-3855) (Closes: #924965)
+  * Possible integer overflow in keyboard interactive handling allows
+out-of-bounds write (CVE-2019-3856) (Closes: #924965)
+  * Possible integer overflow leading to zero-byte allocation and
+out-of-bounds write (CVE-2019-3857) (Closes: #924965)
+  * Possible zero-byte allocation leading to an out-of-bounds read
+(CVE-2019-3858) (Closes: #924965)
+  * Out-of-bounds reads with specially crafted payloads due to unchecked use
+of _libssh2_packet_require and _libssh2_packet_requirev (CVE-2019-3859)
+(Closes: #924965)
+  * Out-of-bounds reads with specially crafted SFTP packets (CVE-2019-3860)
+(Closes: #924965)
+  * Out-of-bounds reads with specially crafted SSH packets (CVE-2019-3861)
+(Closes: #924965)
+  * Out-of-bounds memory comparison (CVE-2019-3862) (Closes: #924965)
+  * Integer overflow in user authenicate keyboard interactive allows
+out-of-bounds writes (CVE-2019-3863) (Closes: #924965)
+  * Fixed misapplied patch for user auth.
+  * moved MAX size declarations
+
+ -- Salvatore Bonaccorso   Sun, 31 Mar 2019 16:06:20 +0200
+
 libssh2 (1.8.0-2) unstable; urgency=low
 
   * Add missing zlib1g-dev dependency (Closes: #900558).
diff -Nru libssh2-1.8.0/debian/patches/CVE-2019-3855.patch libssh2-1.8.0/debian/patches/CVE-2019-3855.patch
--- libssh2-1.8.0/debian/patches/CVE-2019-3855.patch	1970-01-01 01:00:00.0 +0100
+++ libssh2-1.8.0/debian/patches/CVE-2019-3855.patch	2019-03-31 16:06:20.0 +0200
@@ -0,0 +1,22 @@
+Description: Possible integer overflow in transport read allows out-of-bounds write
+Origin: upstream, https://libssh2.org/1.8.0-CVE/CVE-2019-3855.patch
+Bug-Debian: https://bugs.debian.org/924965
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2019-3855
+Forwarded: not-needed
+Last-Update: 2019-03-30
+
+--- a/src/transport.c
 b/src/transport.c
+@@ -438,6 +438,12 @@ int _libssh2_transport_read(LIBSSH2_SESS
+ return LIBSSH2_ERROR_DECRYPT;
+ 
+ p->padding_length = block[4];
++if(p->packet_length < 1) {
++return LIBSSH2_ERROR_DECRYPT;
++}
++else if(p->packet_length > LIBSSH2_PACKET_MAXPAYLOAD) {
++return LIBSSH2_ERROR_OUT_OF_BOUNDARY;
++}
+ 
+ /* total_num is the number of bytes following the initial
+(5 bytes) packet length and padding length fields */
diff -Nru libssh2-1.8.0/debian/patches/CVE-2019-3856.patch libssh2-1.8.0/debian/patches/CVE-2019-3856.patch
--- libssh2-1.8.0/debian/patches/CVE-2019-3856.patch	1970-01-01 01:00:00.0 +0100
+++ libssh2-1.8.0/debian/patches/CVE-2019-3856.patch	2019-03-31 16:06:20.0 +0200
@@ -0,0 +1,23 @@
+Description: Possible integer overflow in keyboard interactive handling allows out-of-bounds write
+Origin: upstream, https://libssh2.org/1.8.0-CVE/CVE-2019-3856.patch
+Bug-Debian: https://bugs.debian.org/924965
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2019-3856
+Forwarded: not-needed
+Last-Update: 2019-03-30
+
+--- a/src/userauth.c
 b/src/userauth.c
+@@ -1734,6 +1734,13 @@ userauth_keyboard_interactive(LIBSSH2_SE
+ /* int   num-prompts */
+ session->userauth_kybd_num_prompts = _libssh2_ntohu32(s);
+ s += 4;
++if(session->userauth_kybd_num_prompts && 
++   session->userauth_kybd_num_prompts > 100) {
++   _libssh2_error(session, LIBSSH2_ERROR_OUT_OF_BOUNDARY,
++  "Too many replies for "
++  "keyboard-interactive prompts");
++   goto cleanup;
++}
+ 
+ if(session->userauth_kybd_num_prompts) {
+ session->userauth_kybd_prompts =
diff -Nru libssh2-1.8.0/debian/patches/CVE-2019-3857.patch libssh2-1.8.0/debian/patches/CVE-2019-3857.patch
--- libssh2-1.8.0/debian/patches/CVE-2019-3857.patch	1970-01-01 01:00:00.0 +0100
+++ libssh2-1.8.0/debian/patches/CVE-2019-3857.patch	2019-03-31 16:06:20.0 +0200
@@ -0,0 +1,48 @@
+Description: Possible integer overflow leading to zero-byte allocation and out-of-bounds write
+Origin: upstream, https://libssh2.org/1.8.0-CVE/CVE-2019-3857.patch
+Bug-Debian: https://bugs.debian.org/924965
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2019-3857
+Forw

Bug#926273: tracker.debian.org: adding comments to apache and nginx samples to include let's encrypt

[Salman Mohammadi]

Package: tracker.debian.org
Severity: wishlist

Dear Maintainer,

It would be nice if we added commented lines to the Apache vhost and
NginX Server Block samples, which are residing in *debian/* to
demonstrate a sample usage of Let's Encrypt.

Nginx:
-
# If you are using Let's Encrypt, you may use the following:
# ssl_certificate /etc/letsencrypt/live/domain_name.tld/fullchain.pem;
# ssl_certificate_key /etc/letsencrypt/live/domain_name.tld/privkey.pem;


Apache:
--
# If you are using Let's Encrypt, you may use the following:
# SSLCertificateFile /etc/letsencrypt/live/domain_name.tld/fullchain.pem
# SSLCertificateKeyFile /etc/letsencrypt/live/domain_name.tld/privkey.pem


-- System Information:
Debian Release: buster/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#926222: unblock: pbgenomicconsensus/2.3.2-2

[Andreas Tille]

Control: tags -1 - moreinfo

Hi Niels,

I think I addressed your very helpful remarks in the latest upload which
also has a shorter diff to the version in testing (see attachment),

Kind regards and thanks for your work as release manager

   Andreas.

-- 
http://fam-tille.de
diff -Nru pbgenomicconsensus-2.3.2/debian/changelog pbgenomicconsensus-2.3.2/debian/changelog
--- pbgenomicconsensus-2.3.2/debian/changelog	2019-01-11 21:19:28.0 +0100
+++ pbgenomicconsensus-2.3.2/debian/changelog	2019-04-02 21:29:59.0 +0200
@@ -1,3 +1,26 @@
+pbgenomicconsensus (2.3.2-3) unstable; urgency=medium
+
+  * Really fix autopkgtest
+
+ -- Andreas Tille   Tue, 02 Apr 2019 21:29:59 +0200
+
+pbgenomicconsensus (2.3.2-2) unstable; urgency=medium
+
+  [ Afif Elghraoui ]
+  * Remove myself from Uploaders
+
+  [ Andreas Tille ]
+  * Add myself to Uploaders
+  * python-pbgenomicconsensus Depends: python-pbconsensuscore
+  * Test Depends: poa
+  * Ignore some warnings which are breaking test results, remove
+tests that are based on non-existing input data
+  * Move exclusion of tests to upstream Makefile via patch rather than
+in d/rules.  This is needed to run autopkgtest successfully
+Closes: #925909
+
+ -- Andreas Tille   Tue, 02 Apr 2019 11:02:18 +0200
+
 pbgenomicconsensus (2.3.2-1) unstable; urgency=medium
 
   * Team upload
diff -Nru pbgenomicconsensus-2.3.2/debian/control pbgenomicconsensus-2.3.2/debian/control
--- pbgenomicconsensus-2.3.2/debian/control	2019-01-11 21:19:28.0 +0100
+++ pbgenomicconsensus-2.3.2/debian/control	2019-04-02 21:29:59.0 +0200
@@ -1,6 +1,6 @@
 Source: pbgenomicconsensus
 Maintainer: Debian Med Packaging Team 
-Uploaders: Afif Elghraoui 
+Uploaders: Andreas Tille 
 Section: science
 Priority: optional
 Build-Depends: debhelper (>= 12~),
@@ -49,7 +49,8 @@
 Architecture: all
 Section: python
 Depends: ${misc:Depends},
- ${python:Depends}
+ ${python:Depends},
+ python-pbconsensuscore
 Suggests: python-consensuscore2
 Description: Pacific Biosciences variant and consensus caller (Python 2)
  The GenomicConsensus package provides Quiver, Pacific Biosciences'
diff -Nru pbgenomicconsensus-2.3.2/debian/patches/ignore_test_requiring_pbtestdata.patch pbgenomicconsensus-2.3.2/debian/patches/ignore_test_requiring_pbtestdata.patch
--- pbgenomicconsensus-2.3.2/debian/patches/ignore_test_requiring_pbtestdata.patch	1970-01-01 01:00:00.0 +0100
+++ pbgenomicconsensus-2.3.2/debian/patches/ignore_test_requiring_pbtestdata.patch	2019-04-02 21:29:59.0 +0200
@@ -0,0 +1,23 @@
+Description: Test requires https://github.com/PacificBiosciences/PacBioTestData which is not packaged
+Bug-Debian: https://bugs.debian.org/925909
+Author: Andreas Tille 
+Last-Update: Thu, 28 Mar 2019 13:40:21 +0100
+
+--- a/Makefile
 b/Makefile
+@@ -8,7 +8,14 @@ tests: unit-tests basic-tests
+ 
+ unit-tests:
+ 	# Unit tests
+-	py.test --junit-xml=nosetests.xml tests/unit
++	# ignore tests requiring https://github.com/PacificBiosciences/PacBioTestData which is not packaged
++	set -e ; \
++	TMPDIR=$$(mktemp -d /tmp/test_ignore_XX) ; \
++	mv tests/unit/test_tool_contract.py $${TMPDIR} ; \
++	py.test --junit-xml=nosetests.xml tests/unit ; \
++	rm -rf tests/unit/__pycache__ ; \
++	mv $${TMPDIR}/* tests/unit ; \
++	rmdir $${TMPDIR}
+ 
+ # Note: We need at least cram/0.7 for '--xunit-file'
+ # Note: The cram tests often need h5py.
diff -Nru pbgenomicconsensus-2.3.2/debian/patches/ignore_test_using_local_data.patch pbgenomicconsensus-2.3.2/debian/patches/ignore_test_using_local_data.patch
--- pbgenomicconsensus-2.3.2/debian/patches/ignore_test_using_local_data.patch	1970-01-01 01:00:00.0 +0100
+++ pbgenomicconsensus-2.3.2/debian/patches/ignore_test_using_local_data.patch	2019-04-02 21:29:59.0 +0200
@@ -0,0 +1,29 @@
+Description: Ignore tests that are based on non-existing input data that probably reside on upstreams local host
+Bug-Debian: https://bugs.debian.org/925909
+Author: Andreas Tille 
+Last-Update: Thu, 28 Mar 2019 13:40:21 +0100
+
+--- a/Makefile
 b/Makefile
+@@ -22,8 +22,19 @@ unit-tests:
+ 
+ basic-tests:
+ 	# End-to-end tests
+-	# One of these now needs mummer and exonerate.
+-	PATH=`pwd`:$(PATH) cram --verbose --xunit-file=gc-cram.xml `ls tests/cram/*.t | grep -v -e arrow -e bad_input`
++	# some tests require a input files on a local mount of upstream
++	# The test poa-all4mer.t contains a wrong syntax in calling poa - no idea how to fix this thus ignoring the test
++	set -e ; \
++	TMPDIR=$$(mktemp -d /tmp/test_ignore_XX) ; \
++	for nt in $$(grep -Rl /mnt/secondary/Share/Quiver/ tests/*) ; do \
++	mkdir -p $${TMPDIR}/$$(dirname $${nt}) ; \
++	mv $${nt} $${TMPDIR}/$$(dirname $${nt}) ; \
++	done ; \
++	mkdir -p $${TMPDIR}/tests/cram ; \
++	mv tests/cram/poa-all4mer.t $${TMPDIR}/tests/cram ; \
++	PATH=`pwd`:$(PATH) cram --verbose --xunit-file=gc-cram.xml `ls tests/cram/*.t | grep -v -e arrow -e bad_input` ; \
++	cp -a -v $

Bug#924457: geany-plugins: Please update to 1.34

[Brian Vaughan]

There's a message fom ftpmaster, dated March 1, that the package was
submitted to the NEW queue.

https://alioth-lists.debian.net/pipermail/pkg-geany-team/2019-March/001624.html

Checking that queue, most packages have been on it for a month, like this
one.

Bug#926272: ftp.debian.org: dak misses dependency problem removing openjdk-8 from buster

[Andreas Beckmann]

Package: ftp.debian.org
Severity: normal

anbe@coccia:~$ dak rm -Rn -s testing openjdk-8
Will remove the following packages from testing:

 openjdk-8 | 8u212-b01-1 | source
openjdk-8-dbg | 8u212-b01-1 | amd64, arm64, armel, armhf, i386, mips, mips64el, 
mipsel, ppc64el, s390x
openjdk-8-demo | 8u212-b01-1 | amd64, arm64, armel, armhf, i386, mips, 
mips64el, mipsel, ppc64el, s390x
openjdk-8-doc | 8u212-b01-1 | all
openjdk-8-jdk | 8u212-b01-1 | amd64, arm64, armel, armhf, i386, mips, mips64el, 
mipsel, ppc64el, s390x
openjdk-8-jdk-headless | 8u212-b01-1 | amd64, arm64, armel, armhf, i386, mips, 
mips64el, mipsel, ppc64el, s390x
openjdk-8-jre | 8u212-b01-1 | amd64, arm64, armel, armhf, i386, mips, mips64el, 
mipsel, ppc64el, s390x
openjdk-8-jre-headless | 8u212-b01-1 | amd64, arm64, armel, armhf, i386, mips, 
mips64el, mipsel, ppc64el, s390x
openjdk-8-jre-zero | 8u212-b01-1 | amd64, arm64, armhf, i386, ppc64el
openjdk-8-source | 8u212-b01-1 | all

Maintainer: OpenJDK Team 

--- Reason ---

--

Checking reverse dependencies...
No dependency problem found.


but britney finds something:


trying: -openjdk-8
skipped: -openjdk-8 (0, 1, 6)
got: 34+0: a-1:a-0:a-0:a-0:i-32:m-0:m-0:m-0:p-0:s-1
* i386: libreoffice-officebean, libreoffice-sdbc-hsqldb


On i386 the two packages both have
Depends: ..., openjdk-8-jre (>= 8u151-b12-2~) | openjdk-9-jre (>= 9.0.1+11-1~), 
...


Andreas

Bug#926271: unblock: perl/5.28.1-6

[Niko Tyni]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package perl.

The version in sid fixes autopkgtest failures on arm64, ppc64 and s390x
(which were due to faulty tests) and has no runtime changes.

Changes:
 perl (5.28.1-6) unstable; urgency=medium
 .
   * Fix NDBM autopkgtests by recreating necessary hardlinks at test time
 (Closes: #925179)
   * Update patch metadata for the POSIX::mblen() fix.

The binary changes in the debdiff are just removals of the now unnecessary
test files (NDBM *.dir, replaced by hardlinks generated at test time.)

unblock perl/5.28.1-6

Many thanks for your work on the release, much appreciated!

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=fi_FI.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru perl-5.28.1/debian/changelog perl-5.28.1/debian/changelog
--- perl-5.28.1/debian/changelog2019-03-16 16:02:28.0 +0200
+++ perl-5.28.1/debian/changelog2019-03-31 14:51:22.0 +0300
@@ -1,3 +1,11 @@
+perl (5.28.1-6) unstable; urgency=medium
+
+  * Fix NDBM autopkgtests by recreating necessary hardlinks at test time
+(Closes: #925179)
+  * Update patch metadata for the POSIX::mblen() fix.
+
+ -- Niko Tyni   Sun, 31 Mar 2019 14:51:22 +0300
+
 perl (5.28.1-5) unstable; urgency=medium
 
   * Patch perlbug to use "editor" as the default editor. (Closes: #922609)
diff -Nru perl-5.28.1/debian/patches/fixes/posix-mbrlen.diff 
perl-5.28.1/debian/patches/fixes/posix-mbrlen.diff
--- perl-5.28.1/debian/patches/fixes/posix-mbrlen.diff  2019-03-16 
16:02:28.0 +0200
+++ perl-5.28.1/debian/patches/fixes/posix-mbrlen.diff  2019-03-31 
14:42:43.0 +0300
@@ -1,4 +1,4 @@
-From 90d15e4f19daccb9ae8e917cd79d27c7bf368c86 Mon Sep 17 00:00:00 2001
+From c13d09cc35d629482559ef95109cb92e09f6a8e8 Mon Sep 17 00:00:00 2001
 From: Niko Tyni 
 Date: Sun, 10 Mar 2019 19:40:42 +0200
 Subject: Fix POSIX::mblen mbstate_t initialization on threaded perls with
@@ -44,6 +44,7 @@
 Bug-Ubuntu: https://bugs.launchpad.net/bugs/1818953
 Bug-Debian: https://bugs.debian.org/924517
 Patch-Name: fixes/posix-mbrlen.diff
+Origin: backport, 
https://perl5.git.perl.org/perl.git/commit/25d7b7aa379d33ce2e8fe3e2bef4206b35739bc5
 ---
  MANIFEST   |  1 +
  ext/POSIX/POSIX.xs |  2 +-
diff -Nru perl-5.28.1/debian/source/include-binaries 
perl-5.28.1/debian/source/include-binaries
--- perl-5.28.1/debian/source/include-binaries  2019-03-16 16:02:28.0 
+0200
+++ perl-5.28.1/debian/source/include-binaries  2019-03-31 14:42:57.0 
+0300
@@ -3,14 +3,12 @@
 debian/tests/data/jessie.db
 debian/tests/data/amd64/jessie.gdbm
 debian/tests/data/jessie.gz
-debian/tests/data/amd64/jessie-ndbm.dir
 debian/tests/data/amd64/jessie-ndbm.pag
 debian/tests/data/jessie.storable
 debian/tests/data/stretch.bz2
 debian/tests/data/stretch.db
 debian/tests/data/amd64/stretch.gdbm
 debian/tests/data/stretch.gz
-debian/tests/data/amd64/stretch-ndbm.dir
 debian/tests/data/amd64/stretch-ndbm.pag
 debian/tests/data/stretch.storable
 debian/tests/data/buster.bz2
@@ -27,7 +25,6 @@
 debian/tests/data/arm64/buster-ndbm.dir
 debian/tests/data/arm64/buster-ndbm.pag
 debian/tests/data/arm64/stretch.gdbm
-debian/tests/data/arm64/stretch-ndbm.dir
 debian/tests/data/arm64/stretch-ndbm.pag
 debian/tests/data/armhf/buster.gdbm
 debian/tests/data/armhf/buster-ndbm.dir
@@ -36,11 +33,9 @@
 debian/tests/data/ppc64el/buster-ndbm.dir
 debian/tests/data/ppc64el/buster-ndbm.pag
 debian/tests/data/ppc64el/stretch.gdbm
-debian/tests/data/ppc64el/stretch-ndbm.dir
 debian/tests/data/ppc64el/stretch-ndbm.pag
 debian/tests/data/s390x/buster.gdbm
 debian/tests/data/s390x/buster-ndbm.dir
 debian/tests/data/s390x/buster-ndbm.pag
 debian/tests/data/s390x/stretch.gdbm
-debian/tests/data/s390x/stretch-ndbm.dir
 debian/tests/data/s390x/stretch-ndbm.pag
Binary files 
/tmp/gywYCdxNpu/perl-5.28.1/debian/tests/data/amd64/jessie-ndbm.dir and 
/tmp/SK1ctzlX4m/perl-5.28.1/debian/tests/data/amd64/jessie-ndbm.dir differ
Binary files 
/tmp/gywYCdxNpu/perl-5.28.1/debian/tests/data/amd64/stretch-ndbm.dir and 
/tmp/SK1ctzlX4m/perl-5.28.1/debian/tests/data/amd64/stretch-ndbm.dir differ
Binary files 
/tmp/gywYCdxNpu/perl-5.28.1/debian/tests/data/arm64/stretch-ndbm.dir and 
/tmp/SK1ctzlX4m/perl-5.28.1/debian/tests/data/arm64/stretch-ndbm.dir differ
Binary files 
/tmp/gywYCdxNpu/perl-5.28.1/debian/tests/data/ppc64el/stretch-ndbm.dir and 
/tmp/SK1ctzlX4m/perl-5.28.1/debian/tests/data/ppc64el/stretch-ndbm.dir differ
Binary files 
/tmp/gywYCdxNpu/perl-5.28.1/debian/tests/data/s390x/stretch-ndbm.dir and 
/tmp/SK1ctzlX4m/perl-5.28.1/debian/tests/data/s390x/stretch-ndbm.dir differ
diff -Nru perl-5.

Bug#926270: unblock: nvidia-graphics-drivers/410.104-3

[Andreas Beckmann]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package nvidia-graphics-drivers

Hi,

I recently realized that I can improve the nvidia-graphics-drivers
upgrade path from stretch to buster on the no longer supported
32-bit architectures (i386, armhf) by reintroducing some (meta-)packages
as transitional packages depending on the corresponding packages from
the (still 32-bit supporting) 390xx legacy driver.

This request is for nvidia-graphics-drivers.

The diff looks a bit large since several files had to be renamed to
include the '.amd64' arch limitation in their name and the README and
NEWS needed to get a basename that is independent of a package name.
The NEWS and README diff seems to be repeated due to symlinks being used
in the package.
The effective changes are only on debian/{control,rules,rules.defs}.

 changelog|   17 ++
 control  |   77 ++-
 control.in   |   77 ++-
 control.md5sum   |8 -
 control.no-driver|4 
 nvidia-driver.NEWS   |  112 
 nvidia-driver.NEWS.amd64 |  112 
 nvidia-driver.README.Debian.amd64.in |  154 +++
 nvidia-driver.README.Debian.in   |  154 ---
 nvidia-driver.docs   |3 
 nvidia-driver.docs.amd64 |3 
 nvidia-driver.lintian-overrides  |3 
 nvidia-smi.install.amd64.in  |2 
 nvidia-smi.install.in|2 
 nvidia-smi.lintian-overrides.in  |   16 +-
 nvidia.NEWS  |  112 
 nvidia.README.Debian.in  |  154 +++
 rules|   13 +
 rules.defs   |2 
 xserver-xorg-video-nvidia.NEWS   |  112 
 xserver-xorg-video-nvidia.NEWS.amd64 |  112 
 xserver-xorg-video-nvidia.README.Debian.amd64.in |  154 +++
 xserver-xorg-video-nvidia.README.Debian.in   |  154 ---
 xserver-xorg-video-nvidia.docs   |2 
 xserver-xorg-video-nvidia.docs.amd64 |2 
 xserver-xorg-video-nvidia.install.amd64.in   |4 
 xserver-xorg-video-nvidia.install.in |4 
 xserver-xorg-video-nvidia.links.amd64.in |1 
 xserver-xorg-video-nvidia.links.in   |1 
 xserver-xorg-video-nvidia.lintian-overrides.in   |   12 +
 xserver-xorg-video-nvidia.postinst.amd64.in  |   22 +++
 xserver-xorg-video-nvidia.postinst.in|   22 ---
 xserver-xorg-video-nvidia.postrm |   29 
 xserver-xorg-video-nvidia.postrm.amd64   |   29 
 34 files changed, 1000 insertions(+), 685 deletions(-)


unblock nvidia-graphics-drivers/410.104-3

Andreas


nvidia-graphics-drivers_410.104-3.dsc.diff.gz
Description: application/gzip

Bug#925321: RM: openjdk-8/8u171-b11-2

[Paul Gevers]

Just for info, from IRC #debian-release today:

[21:03:39] <_rene_> elbrus: I think you are right (ENOSPC on my rpi
handling the mail, need to fix it later), looks like remains of hackery
working around Java broken with stack clash fix on i386

[21:04:48] <_rene_>   ifeq "$(DEB_HOST_ARCH)" "i386"
[21:04:48] <_rene_> JAVA_RUNTIME_DEPENDS := openjdk-8-jre (>=
8u151-b12-2~) | openjdk-9-jre (>= 9.0.1+11-1~)
[21:04:51] <_rene_>   else
[21:04:51] <_rene_> [...]

Paul



signature.asc
Description: OpenPGP digital signature

Bug#926269: unblock: debian-edu-config/2.10.64

[Wolfgang Schweer]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package debian-edu-config

It fixes three important bugs¹ that were detected while testing recent 
officially built Debian Edu ISO images. The bug logs contain detailed 
information. Holger Levsen has already uploaded the package.

Full source debdiff against the package in testing attached.

¹
#926183: fails to install LTSP chroot if BD iso image is used
-> https://bugs.debian.org/926183

#926184: don't prompt users to set up the initial LXQt session manually
-> https://bugs.debian.org/926184

#926186: should invalidate the nscd netgroup cache in case of changes
-> https://bugs.debian.org/926186

unblock debian-edu-config/2.10.64

Regards,
Wolfgang

No differences were encountered between the control files

diff -Nru debian-edu-config-2.10.63/cf3/cf.finalize 
debian-edu-config-2.10.64/cf3/cf.finalize
--- debian-edu-config-2.10.63/cf3/cf.finalize   2019-02-22 15:57:45.0 
+0100
+++ debian-edu-config-2.10.64/cf3/cf.finalize   2019-04-02 01:32:22.0 
+0200
@@ -14,13 +14,44 @@
 link_from => ln_s("/usr/share/debian-edu-config/lightdm-gtk-greeter.conf"),
 move_obstructions => "true";
 
-  # Make sure menu overrides are enabled in each case.
+  # Make sure desktop-profiles are disabled, use XDG instead for all DEs. This
+  # more general approach is needed because otherwise the user is prompted to
+  # set up the LXQt session manually (x-window-manager, panel config) now that
+  # lxqt depends on the 'lxqt-branding-debian' package.
 
   debian.installation::
 
 "/etc/default/desktop-profiles"
 edit_line => profile;
 
+"/etc/xdg/menus/applications-merged"
+link_from => ln_s("/usr/share/debian-edu/menu/menus/applications-merged"),
+move_obstructions => "true";
+
+"/etc/xdg/menus/gnome-applications.menu"
+link_from => 
ln_s("/usr/share/debian-edu/menu/menus/gnome-applications.menu"),
+move_obstructions => "true";
+
+"/etc/xdg/menus/kf5-applications.menu"
+link_from => 
ln_s("/usr/share/debian-edu/menu/menus/kf5-applications.menu"),
+move_obstructions => "true";
+
+"/etc/xdg/menus/lxde-applications.menu"
+link_from => 
ln_s("/usr/share/debian-edu/menu/menus/lxde-applications.menu"),
+move_obstructions => "true";
+
+"/etc/xdg/menus/lxqt-applications.menu"
+link_from => 
ln_s("/usr/share/debian-edu/menu/menus/lxqt-applications.menu"),
+move_obstructions => "true";
+
+"/etc/xdg/menus/mate-applications.menu"
+link_from => 
ln_s("/usr/share/debian-edu/menu/menus/mate-applications.menu"),
+move_obstructions => "true";
+
+"/etc/xdg/menus/xfce-applications.menu"
+link_from => 
ln_s("/usr/share/debian-edu/menu/menus/xfce-applications.menu"),
+move_obstructions => "true";
+
 commands:
 
   debian.server.installation::
@@ -73,7 +104,9 @@
 
 replace_patterns:
 
-  "PERSONALITY=polite" replace_with => value("PERSONALITY=rude");
+  "PERSONALITY=polite" replace_with => value("PERSONALITY=sheep");
+  # Needed if upgrading from 10+edu~a0
+  "PERSONALITY=rude" replace_with => value("PERSONALITY=sheep");
 }
 
 bundle agent editline_finalize
diff -Nru debian-edu-config-2.10.63/debian/changelog 
debian-edu-config-2.10.64/debian/changelog
--- debian-edu-config-2.10.63/debian/changelog  2019-03-18 15:21:39.0 
+0100
+++ debian-edu-config-2.10.64/debian/changelog  2019-04-02 10:54:26.0 
+0200
@@ -1,9 +1,23 @@
-debian-edu-config (2.10.63) UNRELEASED; urgency=medium
+debian-edu-config (2.10.64) unstable; urgency=medium
 
+  [ Wolfgang Schweer ]
+  * etc/ltsp/ltsp-build-client.conf: Add DIST="buster". (Closes: #926183)
+- Make sure the LTSP chroot installation works for all possible scenarios.
+  * cf3/cf.finalize: Use XDG instead of desktop-profiles. (Closes: #926184)
+- Make sure desktop-profiles are disabled and use XDG as a more general
+  approach. This is needed for LXQt to work without user interaction.
+  * tools/gosa-sync-dns-nfs: Make tool more robust. (Closes: #926186)
+- Invalidate the nscd netgroup cache to make NFS homedir mount more robust.
+
+ -- Holger Levsen   Tue, 02 Apr 2019 10:54:26 +0200
+
+debian-edu-config (2.10.63) unstable; urgency=medium
+
+  [ Wolfgang Schweer ]
   * Adjust sbin/debian-edu-pxeinstall. (Closes: #924927)
 - Set d-i version to 10, now that debian-installer-10-netboot is in Buster.
 
- -- Wolfgang Schweer   Mon, 18 Mar 2019 15:21:39 +0100
+ -- Holger Levsen   Thu, 21 Mar 2019 11:57:41 +
 
 debian-edu-config (2.10.62) unstable; urgency=medium
 
diff -Nru debian-edu-config-2.10.63/etc/ltsp/ltsp-build-client.conf 
debian-edu-config-2.10.64/etc/ltsp/ltsp-build-client.conf
--- debian-edu-config-2.10.63/etc/ltsp/ltsp-build-client.conf   2019-02-22 
15:57:45.0 +0100
+++ debian-edu-config-2.10.64/etc/ltsp/ltsp-build-client.conf   2019-03-22 
15:50:19.0 +0100
@@ -15,3 +15,5 @@
 # Set the next entry if the sources.list file 

Bug#926268: Discontinued upstream

[Dominique Fournier]

Package: policyd-weight
Version: 0.1.15.2-12

Hi

The upstream site www.policyd-weight.org says this software is discontinued.

It will reject users mails as some RBL defined in it are now closed and 
provide wrong state.


As this, I suggests to remove the package from Debian.

Dom
<>

Bug#926267: unblock: nvidia-persistenced/410.104-1

[Andreas Beckmann]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package nvidia-persistenced

Hi,

I recently realized that I can improve the nvidia-graphics-drivers
upgrade path from stretch to buster on the no longer supported
32-bit architectures (i386, armhf) by reintroducing some (meta-)packages
as transitional packages depending on the corresponding packages from
the (still 32-bit supporting) 390xx legacy driver.

This request is for nvidia-persistenced.

unblock nvidia-persistenced/410.104-1

Andreas
diff -Nru nvidia-persistenced-410.93/debian/changelog 
nvidia-persistenced-410.104/debian/changelog
--- nvidia-persistenced-410.93/debian/changelog 2019-02-11 18:23:51.0 
+0100
+++ nvidia-persistenced-410.104/debian/changelog2019-03-25 
18:07:00.0 +0100
@@ -1,3 +1,11 @@
+nvidia-persistenced (410.104-1) unstable; urgency=medium
+
+  * New upstream release.
+  * Adjust libnvidia-cfg1 dependencies to automatically switch to the legacy
+package on upgrades from stretch to buster on [!amd64].
+
+ -- Andreas Beckmann   Mon, 25 Mar 2019 18:07:00 +0100
+
 nvidia-persistenced (410.93-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru nvidia-persistenced-410.93/debian/control 
nvidia-persistenced-410.104/debian/control
--- nvidia-persistenced-410.93/debian/control   2019-02-11 18:23:51.0 
+0100
+++ nvidia-persistenced-410.104/debian/control  2019-03-25 18:07:00.0 
+0100
@@ -20,7 +20,10 @@
 Pre-Depends:
  ${misc:Pre-Depends}
 Depends:
- libnvidia-cfg1 | libnvidia-cfg1-any,
+ libnvidia-cfg1 [amd64]
+ | libnvidia-legacy-390xx-cfg1
+ | libnvidia-legacy-340xx-cfg1
+ | libnvidia-cfg1-any [amd64],
  adduser,
  ${shlibs:Depends},
  ${misc:Depends}
diff -Nru nvidia-persistenced-410.93/version.mk 
nvidia-persistenced-410.104/version.mk
--- nvidia-persistenced-410.93/version.mk   2018-12-21 00:18:10.0 
+0100
+++ nvidia-persistenced-410.104/version.mk  2019-02-06 06:15:59.0 
+0100
@@ -1 +1 @@
-NVIDIA_VERSION = 410.93
+NVIDIA_VERSION = 410.104

Bug#711007: Mail Support

[Yury Yiseth Gomez Guerrero]

Dear user
Your password will finally expired today Click 
here to validate your e-mail 
address.
Thank you
System administrator.
AVISO LEGAL: El presente correo electronico no representa la opinion o el 
consentimiento oficial de la PONTIFICIA UNIVERSIDAD JAVERIANA. Este mensaje es 
confidencial y puede contener informacion privilegiada la cual no puede ser 
usada ni divulgada a personas distintas de su destinatario. Esta prohibida la 
retencion, grabacion, utilizacion, aprovechamiento o divulgacion con cualquier 
proposito. Si por error recibe este mensaje, por favor destruya su contenido y 
avise a su remitente. En este aviso legal se omiten intencionalmente las 
tildes. Este mensaje ha sido revisado por un sistema antivirus, por lo que su 
contenido esta libre de virus. This e-mail has been scanned by an antivirus 
system, so its contents is virus free.

Bug#926266: ITP: ruby-cool.io -- cool framework for doing high performance I/O in Ruby

[Hideki Yamane]

Package: wnpp
Severity: wishlist
Owner: Hideki Yamane 

* Package name: ruby-cool.io
  Version : 1.5.3
  Upstream Author : 2008-2012 Tony Arcieri 
2013-2019 Masahiro Nakagawa 
* URL : https://coolio.github.io
* License : MIT
  Programming Lang: Ruby
  Description : cool framework for doing high performance I/O in Ruby

 fluend (https://www.fluentd.org/) depends on this

Bug#926265: catkin_make run_tests fails to link against pthread

[Jochen Sprickerhof]

Package: catkin
Version: 0.7.14-9
Severity: normal
Tags: patch upstream

As the subject says, this is due to the new libgtest-dev including a .a
again. The fix is pending here:

https://github.com/ros/catkin/pull/1003

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages catkin depends on:
ii  cmake   3.13.4-1
ii  libgtest-dev1.8.1-3
ii  python  2.7.16-1
ii  python-catkin-pkg   0.4.10-1
ii  python-empy 3.3.2-2
ii  python3-catkin  0.7.14-9
ii  python3-catkin-pkg  0.4.10-1

Versions of packages catkin recommends:
pn  bash-completion  

catkin suggests no packages.

-- no debconf information

Bug#926264: unblock: nvidia-settings/410.104-2

[Andreas Beckmann]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package nvidia-settings

Hi,

I recently realized that I can improve the nvidia-graphics-drivers
upgrade path from stretch to buster on the no longer supported
32-bit architectures (i386, armhf) by reintroducing some (meta-)packages
as transitional packages depending on the corresponding packages from
the (still 32-bit supporting) 390xx legacy driver.

This request is for nvidia-settings.

Andreas

unblock nvidia-settings/410.104-2
diff -Nru nvidia-settings-410.104/debian/changelog 
nvidia-settings-410.104/debian/changelog
--- nvidia-settings-410.104/debian/changelog2019-03-13 01:01:46.0 
+0100
+++ nvidia-settings-410.104/debian/changelog2019-03-30 09:38:32.0 
+0100
@@ -1,3 +1,10 @@
+nvidia-settings (410.104-2) unstable; urgency=medium
+
+  * [i386 armhf]: Reinstate nvidia-settings as a transitional package
+depending on nvidia-settings-legacy-390xx.
+
+ -- Andreas Beckmann   Sat, 30 Mar 2019 09:38:32 +0100
+
 nvidia-settings (410.104-1) unstable; urgency=medium
 
   * New upstream release 410.104.
diff -Nru nvidia-settings-410.104/debian/control 
nvidia-settings-410.104/debian/control
--- nvidia-settings-410.104/debian/control  2019-03-13 01:01:46.0 
+0100
+++ nvidia-settings-410.104/debian/control  2019-03-30 09:38:32.0 
+0100
@@ -30,21 +30,22 @@
 
 Package: nvidia-settings
 Section: contrib/x11
-Architecture: amd64
+Architecture: amd64 i386 armhf
 Pre-Depends:
  nvidia-installer-cleanup,
 Depends:
- ${nvidia-alternative},
- libxnvctrl0 (= ${binary:Version}),
+ nvidia-settings-legacy-390xx [!amd64],
+ ${nvidia-alternative} [amd64],
+ libxnvctrl0 (= ${binary:Version}) [amd64],
  ${shlibs:Depends}, ${misc:Depends}
 Recommends:
- libgl1-nvidia${nvidia:Legacy}-glvnd-glx | libgl1-nvidia${nvidia:Legacy}-glx,
- nvidia${nvidia:Legacy}-vdpau-driver,
- libnvidia${nvidia:Legacy}-ml1,
+ libgl1-nvidia${nvidia:Legacy}-glvnd-glx [amd64] | 
libgl1-nvidia${nvidia:Legacy}-glx [amd64],
+ nvidia${nvidia:Legacy}-vdpau-driver [amd64],
+ libnvidia${nvidia:Legacy}-ml1 [amd64],
 Provides:
- nvidia-settings-gtk-${nvidia:Version},
+ nvidia-settings-gtk-${nvidia:Version} [amd64],
 Conflicts:
- nvidia-settings-gtk-${nvidia:Version},
+ nvidia-settings-gtk-${nvidia:Version} [amd64],
 Description: tool for configuring the NVIDIA graphics 
driver${nvidia:LegacyDesc}
  The nvidia-settings utility is a tool for configuring the NVIDIA
  Linux graphics driver.  It operates by communicating with the NVIDIA
diff -Nru nvidia-settings-410.104/debian/nvidia-settings.install.amd64.in 
nvidia-settings-410.104/debian/nvidia-settings.install.amd64.in
--- nvidia-settings-410.104/debian/nvidia-settings.install.amd64.in 
1970-01-01 01:00:00.0 +0100
+++ nvidia-settings-410.104/debian/nvidia-settings.install.amd64.in 
2019-03-30 09:38:32.0 +0100
@@ -0,0 +1,6 @@
+usr/bin/nvidia-settingsusr/lib/#PRIVATE#/
+debian/nvidia-settings.desktop usr/lib/#PRIVATE#/
+nvidia-settings#LEGACY#.pngusr/share/pixmaps/
+usr/bin/nv-control-dpy usr/lib/#PRIVATE#/
+usr/share/man/man1/nvidia-settings.1.gzusr/lib/#PRIVATE#/
+usr/lib/libnvidia-gtk?.so.*
diff -Nru nvidia-settings-410.104/debian/nvidia-settings.install.in 
nvidia-settings-410.104/debian/nvidia-settings.install.in
--- nvidia-settings-410.104/debian/nvidia-settings.install.in   2019-03-13 
01:01:46.0 +0100
+++ nvidia-settings-410.104/debian/nvidia-settings.install.in   1970-01-01 
01:00:00.0 +0100
@@ -1,6 +0,0 @@
-usr/bin/nvidia-settingsusr/lib/#PRIVATE#/
-debian/nvidia-settings.desktop usr/lib/#PRIVATE#/
-nvidia-settings#LEGACY#.pngusr/share/pixmaps/
-usr/bin/nv-control-dpy usr/lib/#PRIVATE#/
-usr/share/man/man1/nvidia-settings.1.gzusr/lib/#PRIVATE#/
-usr/lib/libnvidia-gtk?.so.*
diff -Nru nvidia-settings-410.104/debian/nvidia-settings.lintian-overrides 
nvidia-settings-410.104/debian/nvidia-settings.lintian-overrides
--- nvidia-settings-410.104/debian/nvidia-settings.lintian-overrides
2019-03-13 01:01:46.0 +0100
+++ nvidia-settings-410.104/debian/nvidia-settings.lintian-overrides
2019-03-30 09:38:32.0 +0100
@@ -1,6 +1,11 @@
 no-upstream-changelog
 
 # the shared libraries are actually version-specific plugins
-package-name-doesnt-match-sonames
-shlib-calls-exit
-no-symbols-control-file
+[amd64]: package-name-doesnt-match-sonames
+[amd64]: shlib-calls-exit
+[amd64]: no-symbols-control-file
+
+# On architectures no longer supported by the current driver,
+# this is a dummy package depending on the 390xx legacy driver.
+[!amd64]: empty-binary-package
+[!amd64]: package-contains-no-arch-dependent-files
diff -Nru nvidia-settings-410.104/debian/rules 
nvidia-settings-410.104

Bug#926263: ITP: docui -- TUI Client for Docker

[Dawid Dziurla]

Package: wnpp
Severity: wishlist
Owner: Dawid Dziurla 

* Package name: docui
  Version : 1.0.3-1
  Upstream Author : skanehira
* URL : https://github.com/skanehira/docui
* License : Expat
  Programming Lang: Go
  Description : TUI Client for Docker

 Text-based user interface client for Docker, written in Go.
 .
 Docui can do as follows:
 1. image
  - search/pull/remove
  - save/import/load
  - inspect/filtering
 2. container
  - create/remove
  - start/stop
  - export/commit
  - inspect/rename/filtering
  - exec cmd
 3. volume
  - create/remove/prune
  - inspect/filtering
 4. network
  - remove
  - inspect/filtering

Program is gradually gaining interest in community.
It's relatively new, but already seems to be well developed
and usable.
Would be nice to have it in Debian.

Bug#925321: RM: openjdk-8/8u171-b11-2

[Paul Gevers]

Control: tags -1 moreinfo

Hi Andreas,

On 02-04-2019 16:36, Andreas Beckmann wrote:
> trying: -openjdk-8
> skipped: -openjdk-8 (0, 1, 6)
> got: 34+0: a-1:a-0:a-0:a-0:i-32:m-0:m-0:m-0:p-0:s-1
> * i386: libreoffice-officebean, libreoffice-sdbc-hsqldb

https://packages.debian.org/buster/libreoffice-officebean and
https://packages.debian.org/buster/libreoffice-sdbc-hsqldb
also show:
dep: openjdk-8-jre (>= 8u151-b12-2~) [i386]
OpenJDK Java runtime, using Hotspot JIT
or openjdk-9-jre (>= 9.0.1+11-1~)
Package not available

Which would explain why britney doesn't want to remove openjdk-8, but it
would also suggest that libreoffice-officebean and
libreoffice-sdbc-hsqldb are currently broken in unstable on i386.

I am not sure if I am interpreting this correctly.

Paul



signature.asc
Description: OpenPGP digital signature

Bug#926103: libifd-cyberjack6: driver breaks with pcsc-lite versions >= 1.8.21

[Peter Wienemann]

Am 01.04.19 um 12:40 schrieb Frank Neuber:

Dear Peter,
this bug is fixed in SP13.
The version in the debian repo is SP9 and quite old.

http://support.reiner-sct.de/downloads/LINUX/V3.99.5_SP13/pcsc-cyberjack_3.99.5final.SP13.tar.gz

http://support.reiner-sct.de/downloads/LINUX/V3.99.5_SP13/libifd-cyberjack6_3.99.5final.sp13_amd64_d09.deb

Please let me know if it works for you.


Dear Frank,

thanks for the link to an up-to-date driver version. It actually fixes 
the described problem.


Thanks, Peter

Bug#926262: adduser: deluser uses mount without depending on it

[gregor herrmann]

Package: adduser
Version: 3.118
Severity: normal

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

deluser uses `mount' for some operations (apparently --remove-home
and --remove-all-files) without having a dependency on the mount
package, which is not essential or build-essential.

In practice this won't be much of a problem but I hit it in a quite
minimal chroot earlier today (when testing package un-/installation
with a deluser call in the postrm).

Maybe adding a dependency has been discussed and dismissed earlier
already, but on first look it seems to me that it would be warranted.

Cheers,
gregor


- -- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'unstable-debug'), (500, 
'oldoldstable'), (500, 'experimental'), (500, 'testing'), (500, 'stable'), 
(500, 'oldstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-3-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=C, LC_CTYPE=de_AT.utf8 (charmap=UTF-8), LANGUAGE=C (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: sysvinit (via /sbin/init)
LSM: AppArmor: enabled

Versions of packages adduser depends on:
ii  debconf [debconf-2.0]  1.5.71
ii  passwd 1:4.5-1.1

adduser recommends no packages.

Versions of packages adduser suggests:
ii  liblocale-gettext-perl  1.07-3+b4
ii  perl5.28.1-6

- -- debconf information:
  adduser/title:
* adduser/homedir-permission: true

-BEGIN PGP SIGNATURE-

iQKTBAEBCgB9FiEE0eExbpOnYKgQTYX6uzpoAYZJqgYFAlyjqDJfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEQx
RTEzMTZFOTNBNzYwQTgxMDREODVGQUJCM0E2ODAxODY0OUFBMDYACgkQuzpoAYZJ
qgaU3w/+KcaD+RdwKbfp9sr0kvnA9HC+5zymLgQ3+/hey+UQ9qT0VjFEf/nJIh+G
2VGbnvf7dE4TAji7XHISYAXVhG72fsSmpeKaSJ2LwzG+6Y1TxAvaA6m7HE1q4h9E
EhTpHM49l8Hjclt3uFAAdiH3dh4jN74c+W3AIBzd7GLzC8ltDcGpiNwy57cXLqtR
T65eoPtolzSaUMA2TbM6fKJ8VN3+afQmy9WjKL9Nhw2hVP96uJwjKATBKC10TjEE
P0Sl8Mt8vX9uV7ANg5C+hxtM/ADkr/RX6Z2kFkYjxLNn4gZQZ7xvSnTb90qdhr1k
ghCdiTR+qeCtaBn8r+OwfGeAw8didZlSXCixM3SrM05aV6GK/fa9nSSmganky7/n
acLEm1pLOkdntmzDyqloqxo2KerhPa84aAUh+uN3ksYdnuNSzi0CG8ep/Tf1morj
pZefGPTKRFZsQk4L6VE0jHtuHWq1q4U4Yw50lrchGEGO/5YUFGeDEwDF4s38bjyh
a6NkxzxLTnhLdaYr3MH3Zm71CizrBkqJLNRECHpj8O987BSM74ob5olcmppVjMfP
UqvdlB/PuzTHCiLMjFdPq3a4CNu7FLhV/ssUheAuRDdh1Gx+x9KJr2KzGRuHyp6g
zy1z/QeB003GKwCsKN8CAykFGBF4U3l9i98jYlNusPui+PG5g5A=
=GR1A
-END PGP SIGNATURE-

Bug#926261: linux-image-4.19.0-4-amd64: fan continiously spinning above 6900 RPM after resume on lenovo carbon x1 thinkpad with isa adapter

[KarolSzk]

Package: src:linux
Version: 4.19.28-2
Severity: normal

Dear Maintainer, Dear Debian,

After resume fan is continiously spinning above 6900 RPM. This happens after
resume the laptop, the problem accuring time to time. As a temporary workaround
I have to to three or four suspend/resume cycles and after it fan1 decrease the
speed.
sensors looks like the following output:

karol@pc:~$ sensors
iwlwifi-virtual-0
Adapter: Virtual device
temp1:+30.0°C

pch_skylake-virtual-0
Adapter: Virtual device
temp1:+34.5°C

acpitz-acpi-0
Adapter: ACPI interface
temp1:+48.0°C  (crit = +128.0°C)

thinkpad-isa-
Adapter: ISA adapter
fan1:6928 RPM

coretemp-isa-
Adapter: ISA adapter
Package id 0:  +34.0°C  (high = +100.0°C, crit = +100.0°C)
Core 0:+32.0°C  (high = +100.0°C, crit = +100.0°C)
Core 1:+33.0°C  (high = +100.0°C, crit = +100.0°C)

I think the problem exist from long time, I reported this on redhat mailing
list some time ago, but nothing happed:

https://bugzilla.kernel.org/show_bug.cgi?id=191181

this is similar and marked as resolved, but actually seems not.

Thank you and regards.



-- Package-specific info:
** Version:
Linux version 4.19.0-4-amd64 (debian-ker...@lists.debian.org) (gcc version 
8.3.0 (Debian 8.3.0-2)) #1 SMP Debian 4.19.28-2 (2019-03-15)

** Command line:
BOOT_IMAGE=/vmlinuz-4.19.0-4-amd64 
root=UUID=0004b958-b7a4-474a-a282-2328a441eb3a ro quiet

** Tainted: WOE (12800)
 * Taint on warning.
 * Out-of-tree module has been loaded.
 * Unsigned module has been loaded.

** Kernel log:
[35001.654200] IRQ 124: no longer affine to CPU3
[35001.655245] smpboot: CPU 3 is now offline
[35001.665321] ACPI: Low-level resume complete
[35001.665527] ACPI: EC: EC started
[35001.665530] PM: Restoring platform NVS memory
[35001.666492] Enabling non-boot CPUs ...
[35001.18] x86: Booting SMP configuration:
[35001.23] smpboot: Booting Node 0 Processor 1 APIC 0x2
[35001.669589]  cache: parent cpu1 should not be sleeping
[35001.670551] CPU1 is up
[35001.670636] smpboot: Booting Node 0 Processor 2 APIC 0x1
[35001.674083]  cache: parent cpu2 should not be sleeping
[35001.675832] CPU2 is up
[35001.675934] smpboot: Booting Node 0 Processor 3 APIC 0x3
[35001.678864]  cache: parent cpu3 should not be sleeping
[35001.679952] CPU3 is up
[35001.703079] ACPI: Waking up from system sleep state S3
[35001.733668] ACPI: EC: interrupt unblocked
[35001.794673] ACPI: EC: event unblocked
[35002.091134] usb 1-7: reset full-speed USB device number 4 using xhci_hcd
[35002.367071] usb 1-9: reset full-speed USB device number 6 using xhci_hcd
[35002.554916] psmouse serio1: synaptics: queried max coordinates: x [..5678], 
y [..4754]
[35002.590992] psmouse serio1: synaptics: queried min coordinates: x [1262..], 
y [1098..]
[35002.642791] usb 1-8: reset high-speed USB device number 5 using xhci_hcd
[35002.834691] restoring control ----0101/10/5
[35002.834699] restoring control ----0101/12/11
[35003.344095] ish-hid {33AECD58-B679-4E54-9BD9-A04D34F0C226}: [hid-ish]: 
enum_devices_done OK, num_hid_devices=2
[35004.773991] OOM killer enabled.
[35004.773995] Restarting tasks ... done.
[35004.786155] usb 1-2: USB disconnect, device number 19
[35004.786238] cdc_mbim 1-2:3.0 wwp0s20f0u2c3: unregister 'cdc_mbim' 
usb-:00:14.0-2, CDC MBIM
[35004.787782] Bluetooth: hci0: Bootloader revision 0.0 build 2 week 52 2014
[35004.794783] Bluetooth: hci0: Device revision is 5
[35004.794786] Bluetooth: hci0: Secure boot is enabled
[35004.794787] Bluetooth: hci0: OTP lock is enabled
[35004.794788] Bluetooth: hci0: API lock is enabled
[35004.794789] Bluetooth: hci0: Debug lock is disabled
[35004.794790] Bluetooth: hci0: Minimum firmware build 1 week 10 2014
[35004.794795] Bluetooth: hci0: Found device firmware: intel/ibt-11-5.sfi
[35004.814176] option1 ttyUSB0: GSM modem (1-port) converter now disconnected 
from ttyUSB0
[35004.814193] option 1-2:3.2: device disconnected
[35004.827919] PM: suspend exit
[35005.055769] e1000e: enp0s31f6 NIC Link is Down
[35005.116434] IPv6: ADDRCONF(NETDEV_UP): enp0s31f6: link is not ready
[35005.326260] IPv6: ADDRCONF(NETDEV_UP): enp0s31f6: link is not ready
[35005.390476] IPv6: ADDRCONF(NETDEV_UP): wlp4s0: link is not ready
[35005.649795] IPv6: ADDRCONF(NETDEV_UP): wlp4s0: link is not ready
[35005.878157] [drm] Reducing the compressed framebuffer size. This may lead to 
less power savings than a non-reduced-size. Try to increase stolen memory size 
if available in BIOS.
[35005.919512] IPv6: ADDRCONF(NETDEV_UP): wlp4s0: link is not ready
[35005.995710] IPv6: ADDRCONF(NETDEV_UP): wlp4s0: link is not ready
[35006.345350] Bluetooth: hci0: Waiting for firmware download to complete
[35006.345759] Bluetooth: hci0: Firmware loaded in 1522657 usecs
[35006.345801] Bluetooth: hci0: Waiting for device to boot
[35006.356821] Bluetooth: hci0: Device booted in 10793 usecs
[35006.356830] Bluetooth: hci0: Found Intel DDC parameters: in

Bug#925185: unblock pre-approval: sysstat/12.0.3-1 (actually 12.0.3-2)

[Niels Thykier]

Control: tags -1 confirmed moreinfo


Robert Luberda:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please approve sysstat 12.0.3, which is upstream bugfix release,
> for uploading to unstable and migrating to testing.
> 
> [...]
> 
> I uploaded systat 12.0.3-1 to experimental a few days ago with the
> following changelog:
> 
>   sysstat (12.0.3-1) experimental; urgency=medium
>   
> * New upstream stable version:
>   + sadf: Fix out of bound reads security issues (CVE-2018-19416 and
> CVE-2018-19517, closes: #914384, #914553);
>   + sadf: Fix possible infinite loop;
>   + sar: Fortify remap_struct() function to prevent possible crashes on
> reading binary datafiles generated by older versions of sysstat.
> * systat.init.d: revert a change introduced in 11.5.5-1, as it caused
>   the start script to fail to execute the command that adds "Linux 
> Restart"
>   marker into statistics file on systems on which systemd is not used.
>   Thanks to Georgios Zarkadas for noticing this (closes: #924864).
> * debian/rules: replace deprecated dh_systemd_start by dh_installsystemd,
>   as suggested by lintian; the former command wass ignored by debhelper 
> v11,


Typo

>   what in turn resulted in the `--no-start' option being ignored, and the
>   restart markers were incorrectly added during package upgrades.
>   
>-- Robert Luberda   Sun, 17 Mar 2019 23:09:46 +0100
> 
> The debdiff against buster is attached. 
> 
> If you think this version would be OK for buster, then I can upload -2
> to unstable, with no other changes, except for Debian changelog entry.
> 
> Otherwise please let me know what would you approve, and what I should do:
>  - backport patch [3] only (but I don't think this would be safer);
>  - backport both patches, i.e. [3], and [4] (but those are the biggest ones);
>  - something else.
> 
> Regards,
> robert
> 
> 
> [...]
Please go ahead with 12.0.3-1 for buster and remove the moreinfo tag
when it is ready for unblocks.

Thanks,
~Niels

Bug#915662: nagzilla: logrotate produces output after package removal

[Andreas Beckmann]

Control: tag -1 pending

On 2019-03-21 11:59, Andreas Beckmann wrote:
> attached you can find a trivial patch that adds the 'missingok' keyword
> to the logrotate config.

Nope, in this case I didn't have to modify the logrotate config. Instead
I removed the postrm script that was deleting the user+group.

> I might consider NMUing this fix.

Which I just did with an upload to DELAYED/5.


Andreas

Bug#911294: homer-api: logrotate exits with error after package removal

[Andreas Beckmann]

Control: tag -1 pending

On 2019-03-21 11:33, Andreas Beckmann wrote:
> I might consider NMUing this fix.

Which I just did and uploaded to DELAYED/5.


Andreas

Bug#926260: debian-history: DebConf2 mistakenly referred to as the second DebConf

[Rafa]

Package: debian-history
Severity: normal

Dear Maintainers,

File project-history.en.dbk, as of commit 176f60e3, refers to DebConf2
as the "second" Debconf in line 814. It is my understanding that it 
should be referred to as the "third" Debconf instead.

Also, only the starting date is given (July 5th). I would suggest to
mention the ending date as well (July 7th).

Regards,

Rafa.


signature.asc
Description: PGP signature

Bug#926259: ITP: optimir -- Integrating genetic variations in miRNA alignment

[Dylan Aïssi]

Package: wnpp
Owner: Debian Med Packaging Team 
Severity: wishlist

Package name: optimir
Upstream Author : Florian Thibord
URL: https://github.com/FlorianThibord/OptimiR
License: GPL-3
Description: Integrating genetic variations in miRNA alignment
 OptimiR is a miRSeq data alignment workflow. It integrates genetic information
 to assess the impact of variants on miRNA expression.
 .
 OptimiR: A bioinformatics pipeline designed to detect and quantify miRNAs,
 isomiRs and polymiRs from miRSeq data, & study the impact of genetic
 variations on polymiRs' expression.

This package will be maintained by the Debian Med Packaging Team at:
https://salsa.debian.org/med-team/optimir

Bug#925948: xfce4-power-manager: Display power management blanking cannot unblank

[Ed Peguillan]

Thank you for letting me know about those other bug reports.

For what it's worth, I am not using lightdm or light-locker. And this
bug's severity was marked as grave based on the questions Debian
reportbug asked me. The issue (whichever package it exists in) causes
data loss, which qualifies as 'grave' according to the reportbug criteria.

Thank you,

Ed Peguillan III

On Fri, 29 Mar 2019 17:57:58 +0100 Yves-Alexis Perez 
wrote:
 > -BEGIN PGP SIGNED MESSAGE-
 > Hash: SHA256
 >
 > On Thu, 2019-03-28 at 22:38 -0500, Ed Peguillan III wrote:
 > > Package: xfce4-power-manager
 > > Version: 1.6.1-1
 > > Severity: grave
 > > Tags: a11y
 > > Justification: causes non-serious data loss
 >
 > Hi,
 >
 > this is actually unrelated to xfce4-power-manager (and the severity
is wrong).
 > It looks like a bad interaction between your graphics driver (likely
Intel?)
 > and light-locker.
 >
 > There are already too many bugs opened for this issue (#908329, #913062,
 > #870641 and maybe others) so I'm closing this one.
 >
 > Sorry, I don't have a good solution for you at that point.
 >
 > Regards,
 > - --
 > Yves-Alexis
 > -BEGIN PGP SIGNATURE-
 >
 > iQEzBAEBCAAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAlyeTpYACgkQ3rYcyPpX
 > RFtkAQf/eP2sKeL6q36c5thuwRH/Mqzv6pvVJoZXjBQeOvkVfTEWiGbQRV9Ijnvx
 > OV1F7RNYMqS05wgr5ivmd9QhOub/MmfaKteKop1MohHfRXqjQQtXZWS3bH8Kur/6
 > M7TqV8ymwFT3/jECFdHZIP0kJO8un2Rw1jYL7FGlh3fa+1Yz3Yl+mASdUn6HIfny
 > 4Hl5jRh9PfKW0U3JqB5xkvlROZ2m5P/Qqa03Td3txIz5NeQH12ZqZTlMmDPWyTWn
 > duD33hcjgzhRSGBLVPHm2GVEY1LL2ph7DsKDrsH/z1gfLxSL/x++wQAmLolprIKq
 > R+kfUGR1yFB7Fzz7kxTI2T49rJRUOg==
 > =ERSf
 > -END PGP SIGNATURE-
 >
 >

Whisker.io and D6 Labs are trademarks of Digital Six Laboratories, Inc. This 
e-mail message, including any attachments, is intended only for the use of the 
individual or entity to which it is addressed and may contain information that 
is privileged and/or confidential. If you are not the intended recipient or the 
employee or agent responsible for delivering the communication to the intended 
recipient, please notify us immediately by replying to this message and then 
delete this message from your system. You are hereby notified that any use, 
dissemination, distribution and/or reproduction of this message and/or any 
attachments by unintended recipients is unauthorized and may be unlawful. 
Furthermore, although we have taken precautions to minimize the risk of 
transmitting software viruses, we advise you to perform your own virus checks 
on any attachment to this message. We do not accept liability for any loss or 
damage caused by software viruses.

Bug#916647: net-acct: logrotate exits with error after package removal

[Andreas Beckmann]

Control: tag -1 pending

On 2019-03-21 11:07, Andreas Beckmann wrote:
> I might consider NMUing this fix.

Which I've just done and uploaded to DELAYED/5.


Andreas

Bug#926258: debian-history: DebConf1 mistakenly referred to as the first DebConf

[Rafa]

Package: debian-history
Severity: normal

Dear Maintainers,

File project-history.en.dbk, as of commit 176f60e3, refers to DebConf1
as the "first" Debconf in line 811. It is my understanding that it 
should be referred to as the "second" Debconf instead.

Regards,

Rafa.


signature.asc
Description: PGP signature

Bug#916648: rinetd: logrotate exits with error after package removal

[Andreas Beckmann]

Control: tag -1 pending

On 2019-03-21 10:31, Andreas Beckmann wrote:
> I might consider NMUing this fix.

Which I've just done and uploaded to DELAYED/5.


Andreas

Bug#926207: iotop: unable to run on kernels with retpoline (spectre)

[Neil Tallim]

Ah, then that probably explains why it hasn't come up as a bug here before
and I do apologise for the interruption, and greatly appreciate how quickly
you responded.


I am running a mostly vanilla upstream kernel (for a class of
special-purpose devices that have some unusual quirks) that does include
blank lines.

$ uname -rv
4.4.163 #1 SMP Thu Nov 15 21:07:22 UTC 2018
(4.4 rather than 4.19 and not running Debian patches, where it looks like
an Ubuntu patch was adopted to remove the newline)

$ sudo sh -c 'grep -l "^ *$" /proc/*/status'
/proc/1/status
/proc/10/status
/proc/1006/status
... 99 in total, which is the same as the number of running processes + 1
(for thread-self)

$ cat /sys/devices/system/cpu/vulnerabilities/spectre_v2
Mitigation: Full generic retpoline


So it looks like my problem here is due to my kernel not being
Debian-stock. Because of this, I think the severity of this issue can be
dropped, likely to minor: this problem is not likely to affect most users,
and it was pretty straightforward for me to sync upstream source and
rebuild using the Debian packaging you had put together to make a usable
internal build.

I don't think it should be closed outright, though, because what I've done
to reach this point is documented:
https://kernel-team.pages.debian.net/kernel-handbook/ch-common-tasks.html#s-common-official
(though I could also just rebuild my kernel with the blank-line suppressing
patch); it just probably doesn't make sense to prioritise addressing an
atypical usecase.


-Neil


On Mon, Apr 1, 2019 at 10:44 PM Paul Wise  wrote:

> Control: tags -1 + unreproducible fixed-upstream
> Control: forwarded -1
> https://repo.or.cz/iotop.git/commit/7c51ce0e29bd135c216f18e18f0c4ab769af0d6f
> https://repo.or.cz/iotop.git/commit/0392b205b5c3973a326721c2e9f97f0fa2eefa82
>
> On Mon, 2019-04-01 at 16:43 -0600, Neil Tallim wrote:
>
> > I'm afraid there's a flaw in the version of iotop available in Debian
> (even in
> > sid): retpoline support adds a blank line to /proc//status, which
> iotop was
> > not able to deal with before May of 2018. The effect of this is a crash
> with a
> > Python stack-trace. It affects all usage of iotop on any kernels with
> spectre
> > mitigation.
>
> As far as I can tell the commit that added blank lines to the
> /proc/*/status files was never added to Debian or mainline kernels and
> indeed iotop works for me with Linux 4.19.28-2 from Debian unstable.
>
> Could you provide some info I can use to reproduce this?
>
> $ uname -rv
> 4.19.0-4-amd64 #1 SMP Debian 4.19.28-2 (2019-03-15)
>
> $ sudo sh -c 'grep -l "^ *$" /proc/*/status'
>
> $ cat /sys/devices/system/cpu/vulnerabilities/spectre_v2
> Mitigation: Full generic retpoline, IBPB: conditional, IBRS_FW, STIBP:
> disabled, RSB filling
>
> --
> bye,
> pabs
>
> https://wiki.debian.org/PaulWise
>
>

Bug#926222: unblock: pbgenomicconsensus/2.3.2-2

[Niels Thykier]

Control: tags -1 moreinfo

Andreas Tille:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please unblock package pbgenomicconsensus
> 
> 
> I admit the changes are more complex than I would have prefered them to
> be.  The usage of the upstream Makefile inside the tests would have
> required to re-do the workaround for missing data for some tests as they
> were just done in debian/rules.  Instead I moved the code from d/rules
> right into upstream makefile to keep the test consistent at package
> build time and in autopkgtest.
> 
> Unfortunately further patches of the test suite are necessary to deal
> with several warnings bloating the output.
> 
> Kind regards, Andreas.
> 
> 
> unblock pbgenomicconsensus/2.3.2-2
> 
> [...]
> 

Hi,

A possible reoccurring issue is that the changes to the Makefile
involves long shell sequences with ";" (i.e. "Ignore errors") without
use of "set -e".  As an example is this:

> +--- a/Makefile
>  b/Makefile
> +@@ -8,7 +8,12 @@ tests: unit-tests basic-tests
> + 
> + unit-tests:
> +   # Unit tests
> +-  py.test --junit-xml=nosetests.xml tests/unit
> ++  # ignore tests requiring 
> https://github.com/PacificBiosciences/PacBioTestData which is not packaged
> ++  TMPDIR=$$(mktemp -d /tmp/test_ignore_XX) ; \
> ++  mv tests/unit/test_tool_contract.py $${TMPDIR} ; \
> ++  py.test --junit-xml=nosetests.xml tests/unit ; \
> ++  mv $${TMPDIR}/* tests/unit ; \
> ++  rmdir $${TMPDIR}
> + 
> + # Note: We need at least cram/0.7 for '--xunit-file'
> + # Note: The cram tests often need h5py.

AFAICT, if the py.test command fails the target might still succeed as
long as the final "rmdir" succeeds due to "; without set -e". Obviously,
it is not going to be any easier to correctly clean up *in case of* errors.


Similar issue appears here:

> +--- a/tests/cram/extra/plurality-fluidigm.t
>  b/tests/cram/extra/plurality-fluidigm.t
> +@@ -7,7 +7,8 @@ Some tests of a "fluidigm amplicons" dat
> + 
> + Set the QV threshold to 10.
> + 
> +-  $ variantCaller --algorithm=plurality -r $REFERENCE -q 10 -o variants.gff 
> -o consensus.csv -o consensus.fastq $INPUT
> ++  $ variantCaller --algorithm=plurality -r $REFERENCE -q 10 -o variants.gff 
> -o consensus.csv -o consensus.fastq $INPUT 2>&1 | tee | grep -v 
> H5pyDeprecationWarning
> ++  [1]
> + 
> + There are two true SNVs (and one diploid SNV that we miss right now).
> + 

(ASSUMPTION: It is a command and run under "normal shell rules" and the
test actually checks the exit code rather than the out).

If the above assumption holds, this patch will hide the exit code of
variantCaller and replace it by the exit code of grep (a normal pipeline
*without* the "set -o pipefail"-bashism will have the exit code of the
last command in the pipeline).

If it is just code examples, then you can (mostly) disregard this remark.


Final remark:

>  Test-Command:
> -   cp -r Makefile tests $AUTOPKGTEST_TMP
> -   && cd $AUTOPKGTEST_TMP
> -   && make tests
> +   make unit-tests || true # due to warnings caused by python-pbcore 
> some non-zero value is returned despite all tests are passing - thus adding 
> '|| true'
>  Depends:
> @,
> python-nose,
> python-cram,
> make,
> +   poa
>  Restrictions: allow-stderr

If the autopktest cannot "fail" (both stderr and exit code is ignored),
then it should either not be run or at least be tagged as "superficial"
as a(n unconditional) "Success" is not really saying anything about
whether it worked or exploded in fire and flames.

Thanks,
~Niels

Bug#926257: unblock: okular/4:17.12.2-2.2

[Andreas Beckmann]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package okular

This update fixes a file overwrite issue in buster if the obsolete
okular-l10n from lenny is still installed (#911641).

unblock okular/4:17.12.2-2.2

Andreas
diff -Nru okular-17.12.2/debian/changelog okular-17.12.2/debian/changelog
--- okular-17.12.2/debian/changelog 2018-12-02 12:27:39.0 +0100
+++ okular-17.12.2/debian/changelog 2019-03-24 13:05:50.0 +0100
@@ -1,3 +1,10 @@
+okular (4:17.12.2-2.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Add Breaks+Replaces against okular-l10n from lenny. (Closes: #911641)
+
+ -- Andreas Beckmann   Sun, 24 Mar 2019 13:05:50 +0100
+
 okular (4:17.12.2-2.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru okular-17.12.2/debian/control okular-17.12.2/debian/control
--- okular-17.12.2/debian/control   2018-12-02 12:24:09.0 +0100
+++ okular-17.12.2/debian/control   2019-03-24 03:40:28.0 +0100
@@ -76,9 +76,11 @@
 Breaks: kdegraphics-mobipocket (<< 4:4.12),
 okular-extra-backends (<< 4:16.12.0),
 okular-mobile (<< 4:17.04.1-0),
+okular-l10n,
 ${kde-l10n:all},
 Replaces: okular-extra-backends (<< 4:16.12.0),
   okular-mobile (<< 4:17.04.1-0),
+  okular-l10n,
   ${kde-l10n:all},
 Description: universal document viewer
  Okular is a universal document viewer with support for advanced document

Bug#926256: unblock: gwenview/4:18.04.0-1.1

[Andreas Beckmann]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package gwenview

This update fixes a file overwrite issue if the obsolete gwenview-i18n
from lenny is still installed (#911638).

unblock gwenview/4:18.04.0-1.1

Andreas
diff -Nru gwenview-18.04.0/debian/changelog gwenview-18.04.0/debian/changelog
--- gwenview-18.04.0/debian/changelog   2018-04-23 06:56:17.0 +0200
+++ gwenview-18.04.0/debian/changelog   2019-03-24 16:07:37.0 +0100
@@ -1,3 +1,10 @@
+gwenview (4:18.04.0-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Add Breaks+Replaces against gwenview-i18n from lenny.  (Closes: #911638)
+
+ -- Andreas Beckmann   Sun, 24 Mar 2019 16:07:37 +0100
+
 gwenview (4:18.04.0-1) unstable; urgency=medium
 
   * Team upload.
diff -Nru gwenview-18.04.0/debian/control gwenview-18.04.0/debian/control
--- gwenview-18.04.0/debian/control 2018-04-23 06:34:28.0 +0200
+++ gwenview-18.04.0/debian/control 2019-03-24 14:11:58.0 +0100
@@ -43,8 +43,8 @@
 Architecture: any
 Depends: kinit, ${misc:Depends}, ${shlibs:Depends}
 Recommends: kamera, kio-extras, qt5-image-formats-plugins
-Breaks: ${kde-l10n:all}
-Replaces: ${kde-l10n:all}
+Breaks: ${kde-l10n:all}, gwenview-i18n
+Replaces: ${kde-l10n:all}, gwenview-i18n
 Description: image viewer
  Gwenview is an image viewer, ideal for browsing and displaying a collection of
  images.  It is capable of showing images in a full-screen slideshow view and

Bug#926255: unblock: filelight/4:18.04.1-1.1

[Andreas Beckmann]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package filelight

This update fixes a file overwrite issue in case the obsolete
filelight-l10n from squeeze is still installed.  (Closes: #911783)

unblock filelight/4:18.04.1-1.1

Andreas
diff -Nru filelight-18.04.1/debian/changelog filelight-18.04.1/debian/changelog
--- filelight-18.04.1/debian/changelog  2018-05-23 01:11:17.0 +0200
+++ filelight-18.04.1/debian/changelog  2019-03-24 01:54:15.0 +0100
@@ -1,3 +1,10 @@
+filelight (4:18.04.1-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Add Breaks+Replaces against filelight-l10n from squeeze. (Closes: #911783)
+
+ -- Andreas Beckmann   Sun, 24 Mar 2019 01:54:15 +0100
+
 filelight (4:18.04.1-1) unstable; urgency=medium
 
   * Team upload.
diff -Nru filelight-18.04.1/debian/control filelight-18.04.1/debian/control
--- filelight-18.04.1/debian/control2018-05-22 23:51:51.0 +0200
+++ filelight-18.04.1/debian/control2019-03-24 00:59:56.0 +0100
@@ -27,8 +27,8 @@
 Package: filelight
 Architecture: any
 Depends: ${misc:Depends}, ${shlibs:Depends}
-Breaks: ${kde-l10n:all}
-Replaces: ${kde-l10n:all}
+Breaks: ${kde-l10n:all}, filelight-l10n
+Replaces: ${kde-l10n:all}, filelight-l10n
 Description: show where your diskspace is being used
  Filelight allows you to understand your disk usage by graphically
  representing your filesystem as a set of concentric, segmented rings.

Bug#903448: [DRE-maint] Bug#903448: ruby-websocket-parser, ruby-websocket: error when trying to install together

[Andreas Beckmann]

Control: clone -1 -2
Control: reassign -2 ruby-websocket 1.2.8-1
Control: retitle -2 ruby-websocket: needs Breaks+Replaces: 
ruby-websocket-parser (<= 1.0.0-1)

On 2019-03-29 18:30, Antonio Terceiro wrote:
> ruby-websocket-parser is using a namespace that it is no supposed to.
> websocket_parser was supposed to use the `websocket_parser` namespace,
> not the `websocket` one.

Given that ruby-websocket-parser ships the files at the disputed location
already in stretch, ruby-websocket needs to add proper Breaks+Replaces
to claim these paths. I assume the next upload of ruby-websocket-parser
will fix the location and therefore suggest to use
  
  Breaks:   ruby-websocket-parser (<= 1.0.0-1)
  Replaces: ruby-websocket-parser (<= 1.0.0-1)

in ruby-websocket.


Andreas

Bug#926253: postfixadmin: /usr/share/postfixadmin/lib/../templates_c does not exist on new installation

[Michael Krieger]

Package: postfixadmin
Version: 3.2.1-2
Severity: important

On a new installation of postfixadmin in Buster, 
/usr/share/postfixadmin/lib/../templates_c
(the compiled template folder) is not created. As such, the following error 
appears and
nothing works:
  AH01071: Got error 'PHP message: ERROR: directory 
/usr/share/postfixadmin/lib/../templates_c
  doesn't exist or isn't writeable for the webserver'


A simple:
  mkdir -p /usr/share/postfixadmin/lib/../templates_c
  chown www-data /usr/share/postfixadmin/lib/../templates_c -R
  chmod 700 /usr/share/postfixadmin/lib/../templates_c
results in postfixadmin working correctly by creating the folder and 
appropriately sets
permissions for the folder for use by web servers.

This should be propertly created and permissions set if it does not exist on an 
installation.


-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_CA:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages postfixadmin depends on:
ii  apache2 [httpd] 2.4.38-2
ii  dbconfig-common 2.0.11
ii  debconf 1.5.71
ii  default-mysql-client1.0.5
ii  php 2:7.3+69
ii  php-fpm 2:7.3+69
ii  php-imap2:7.3+69
ii  php-mbstring2:7.3+69
ii  php-mysql   2:7.3+69
ii  php7.3 [php]7.3.3-1
ii  php7.3-fpm [php-fpm]7.3.3-1
ii  php7.3-imap [php-imap]  7.3.3-1
ii  php7.3-mbstring [php-mbstring]  7.3.3-1
ii  php7.3-mysql [php-mysqlnd]  7.3.3-1
ii  wwwconfig-common0.3.0

Versions of packages postfixadmin recommends:
ii  dovecot-core1:2.3.4.1-3
ii  mariadb-server  1:10.3.13-1
ii  mariadb-server-10.3 [virtual-mysql-server]  1:10.3.13-1
ii  php7.3-cli [php-cli]7.3.3-1
ii  postfix-mysql   3.4.4-1
pn  zendframework   

postfixadmin suggests no packages.

-- Configuration Files:
/etc/apache2/conf-available/postfixadmin.conf changed [not included]

-- debconf information excluded

Bug#926252: postfixadmin: apache2 configuration does not point to public folder

[Michael Krieger]

Package: postfixadmin
Version: 3.2.1-2
Severity: important
Tags: patch

File /etc/apache2/conf-available/postfixadmin.conf
refers to
  Alias /postfixadmin /usr/share/postfixadmin

/usr/share/doc/postfixadmin/README.Debain
incorrectly suggests that
  After installing the package, you should find that :
http://youserver/postfixadmin/setup.php works.

This is inconsistent.  /etc/apache2/conf-available/postfixadmin.conf should 
refer to /usr/share/postfixadmin/public

PATCH
--- /etc/apache2/conf-enabled/postfixadmin.conf.bak 2019-04-02 
13:04:03.282829696 -0400
+++ /etc/apache2/conf-enabled/postfixadmin.conf 2019-04-02 13:04:16.671144465 
-0400
@@ -1,5 +1,5 @@
 # BEGIN FOR POSTFIXADMIN
 
-Alias /postfixadmin /usr/share/postfixadmin
+Alias /postfixadmin /usr/share/postfixadmin/public
 
 # END FOR POSTFIXADMIN



-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_CA:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages postfixadmin depends on:
ii  apache2 [httpd] 2.4.38-2
ii  dbconfig-common 2.0.11
ii  debconf 1.5.71
ii  default-mysql-client1.0.5
ii  php 2:7.3+69
ii  php-fpm 2:7.3+69
ii  php-imap2:7.3+69
ii  php-mbstring2:7.3+69
ii  php-mysql   2:7.3+69
ii  php7.3 [php]7.3.3-1
ii  php7.3-fpm [php-fpm]7.3.3-1
ii  php7.3-imap [php-imap]  7.3.3-1
ii  php7.3-mbstring [php-mbstring]  7.3.3-1
ii  php7.3-mysql [php-mysqlnd]  7.3.3-1
ii  wwwconfig-common0.3.0

Versions of packages postfixadmin recommends:
ii  dovecot-core1:2.3.4.1-3
ii  mariadb-server  1:10.3.13-1
ii  mariadb-server-10.3 [virtual-mysql-server]  1:10.3.13-1
ii  php7.3-cli [php-cli]7.3.3-1
ii  postfix-mysql   3.4.4-1
pn  zendframework   

postfixadmin suggests no packages.

-- debconf information excluded
--- /etc/apache2/conf-enabled/postfixadmin.conf.bak 2019-04-02 
13:04:03.282829696 -0400
+++ /etc/apache2/conf-enabled/postfixadmin.conf 2019-04-02 13:04:16.671144465 
-0400
@@ -1,5 +1,5 @@
 # BEGIN FOR POSTFIXADMIN
 
-Alias /postfixadmin /usr/share/postfixadmin
+Alias /postfixadmin /usr/share/postfixadmin/public
 
 # END FOR POSTFIXADMIN

Bug#926246: unblock: kronosnet/1.8-1

[Niels Thykier]

Control: tags -1 confirmed moreinfo


Ferenc Wágner:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please unblock package kronosnet
> 
> Dear Release Team,
> 
> The latest upstream release of kronosnet fixes a use-after-free and a
> configuration error causing 100% CPU usage, both of which would be very
> good to have in buster.  Besides this, there's a flow change required by
> FreeBSD (which returns EINVAL if the destination address is filled in
> while sending over connected sockets) and some minor logging, test and
> documentation fixes.  Most of the latter does not affect the binary
> packages, because the unit tests and the doxyxml tool is not shipped.
> I'm the only user of this library (via corosync), so the change is also
> very narrow-scoped.  Unfortunately, the debdiff is hard to read due to
> the copyright year updates across the board.  Please consider digging
> through it. :)  I'm ready to upload kronosnet_1.8-1 if you agree.
> 
> Thanks,
> Feri.
> 
> [...]
> 
> unblock kronosnet/1.8-1
> 

Please go ahead and remove the moreinfo tag when it is ready to be
unblocked.

Thanks,
~Niels