Bug#926412: unblock: gnutls28/3.6.7-2

[Andreas Metzler]

On 2019-04-04 Andreas Metzler  wrote:
[...]
> This is a upstream bugfix release featuring two security fixes

> + Fixes a memory corruption (double free) vulnerability in the
>   certificate verification API.
>   https://gitlab.com/gnutls/gnutls/issues/694 CVE-2019-3829
>   GNUTLS-SA-2019-03-27
> + Fixes an invalid pointer access via malformed TLS1.3 async messages;
>   https://gitlab.com/gnutls/gnutls/issues/704 CVE-2019-3836
>   GNUTLS-SA-2019-03-27
[...]

Ping?

Bug#866823: Reproduce "samba: does not follow symbolic links"

[Chris Nospam]

Dear Mathieu,
 
sorry for the late reply.
 
> Are you able to reproduce this bug on latest buster (2:4.9.4+dfsg-2 or -3)?
 
Yes, I still can reproduce it on latest buster with samba 2:4.9.5+dfsg-4 .

> If yes, can you provide your smb.conf?
 
However, now the bug seems to only show up if I set path=/ (and then of course 
first navigate to the tmp directroy in windows explorer) instead of path=/tmp 
in the [share] section of the smb.conf provided in my initial post. Again 
setting wide links = Yes and allow insecure wide links = Yes functionally 
helps, although this should not be necessary as even /tmp is an ordinary 
subdirectory of / and no different/mounted file system. (To get 100% sure of 
the latter I also created another top level directory /mytopdir next to /tmp 
with the same results.)
 
Thank you for your interest and help,
 
Chris

Bug#927189: unblock: docker.io/18.09.1+dfsg1-5+b10

[Paul Gevers]

Hi,

On 18-05-2019 07:30, Paul Gevers wrote:
>> It seems that I should instead upload to *testing-proposed-update**s*,
>> am I correct?
> 
> As docker.io embeds golang-golang-x-sys (am I correct on that), yes.

O, and you want to target *buster* instead of *testing-proposed-update*.

Paul



signature.asc
Description: OpenPGP digital signature

Bug#927189: unblock: docker.io/18.09.1+dfsg1-5+b10

[Paul Gevers]

Control: tags -1 moreinfo

Hi Arnaud,

On Tue, 14 May 2019 10:19:06 +0700 Arnaud Rebillout
 wrote:
> I just had a quick look, so it turns out that:
> 
> - testing has "golang-golang-x-sys (= 0.0~git20181228.9a3f9b0-1)"
> - unstable has "golang-golang-x-sys (=0.0~git20190412.9773273-1)"
> 
> As long as I upload a source package to unstable, it will be built
> against golang-golang-x-sys from unstable, hence it will be unsuitable
> for testing.
> 
> It seems that I should instead upload to *testing-proposed-update**s*,
> am I correct?

As docker.io embeds golang-golang-x-sys (am I correct on that), yes.

> Please notice that the version of docker.io in unstable right now
> (18.09.1+dfsg1-7) has two bug fixes compared to testing:
> 
> - *#925224*, which was initially the reason to open this unblock bug
> - *#921600*, which is a bug fix I just uploaded, and I believe should
> also be part of buster
> 
> If you agree with this additional bug fix, then what version should I
> use for the package:
> 
> - testing-proposed-updates: *18.09.1+dfsg1-7+deb10u1* seems suitable
> - unstable: should I bump the version as well, so that it's above
> 18.09.1+dfsg1-7+deb10u1? Something like 18.09.1+dfsg1-7+deb11u1 (+deb11
> feels strange honestly).
> 
> Sorry to bother you with these, I'm very new and learning all these
> procedures.

A better version would be 18.09.1+dfsg1-7~deb10u1 (your want the same
version in tpu as in unstable, except with a *smaller* version), then
you don't need any changes to unstable and the sorting is still correct.

Paul



signature.asc
Description: OpenPGP digital signature

Bug#924548: bug 924548: gnome-core: does not actually install a desktop environment on s390x

[Paul Gevers]

Hi Simon,

On 16-05-2019 22:35, Simon McVittie wrote:
>> mozjs60 has been fixed (and uploaded by you to unstable), if I am
>> correct to actually enable this bug to be fixed.
> 
> Unfortunately not. mozjs60 was believed to have been fixed (jcristau
> NMU'd it to experimental, and I re-uploaded to unstable), but gnome-shell
> still FTBFS on s390x because all of its unit tests segfault. This reduces
> my already low level of confidence that gnome-shell can be usable on s390x.

Ack.

> Sorry, I have had limited time for Debian recently due to IRL commitments,
> and couldn't justify spending any more of that time on debugging s390x
> issues.

No need to apologize, I trust you that you already spend too much time
on this issue.

> As it stands at the moment, GNOME Shell failing its tests and suffering
> FTBFS on s390x is not RC; and I would prefer not to take action to ignore
> the test failures and let it build anyway, because if we did that and it
> was later discovered not to *work* on s390x (which I suspect is the case),
> my understanding is that it would be considered a grave bug.
> 
> I would feel a lot more confident about (a) mozjs working, and (b)
> this series of bugs not being entirely a waste of time and motivation,
> if someone with an interest in s390x had been involved somewhere along
> the way.

Here is my proposal. Let's tag this bug as buster-ignore and add a
section to the s390x version of the release notes that you can't install
the GNOME desktop on it, referencing this bug report. If anything
changes during the bullseye release cycle, such as follow-ups to this
report or other requests to fix the issue, we'll re-evaluate this then.

Paul



signature.asc
Description: OpenPGP digital signature

Bug#929147: ITP: ruby-gravtastic -- The super fantastic way of getting Gravatars

[Manas Kashyap]

Package: wnpp
Severity: wishlist
Owner: Manas Kashyap 
X-Debbugs-CC: debian-de...@lists.debian.org, debian-r...@lists.debian.org

* Package name: ruby-gravtastic
  Version : 3.2.6
 Upstream Author : Chris Lloyd
* URL : https://github.com/chrislloyd/gravtastic
* License : MIT
  Programming Lang: Ruby
  Description : The super fantastic way of getting Gravatars
  .
In less than a minute you can add Gravatars to your Ruby project. It works
in Rails, Merb & Sinatra.

Bug#929146: Acknowledgement (ITP: golang-github-anacrolix-missinggo -- supplements Go's stdlib)

[Drew Parsons]

dh-make-golang estimate github.com/anacrolix/dms was misleading. It 
presented missinggo as a leaf dependency.


In fact,

$ dh-make-golang estimate github.com/anacrolix/missinggo
2019/05/18 12:27:16 Bringing github.com/anacrolix/missinggo to Debian 
requires packaging the following Go packages:

github.com/anacrolix/missinggo
  github.com/huandu/xstrings
  github.com/bradfitz/iter
  github.com/glycerine/goconvey
github.com/ryszard/goskiplist
  github.com/anacrolix/envpprof
  github.com/anacrolix/tagflag

Bug#928372: ITP: golang-github-anacrolix-dms-dev -- a UPnP DLNA Digital Media Server that includes basic video transcoding

[Drew Parsons]

On 2019-05-12 13:23, Drew Parsons wrote:


dh-make-golang is a useful tool.



No, turns out dh-make-golang estimate github.com/anacrolix/dms was 
misleading. It presented missinggo as a leaf dependency.


In fact,

$ dh-make-golang estimate github.com/anacrolix/missinggo
2019/05/18 12:27:16 Bringing github.com/anacrolix/missinggo to Debian 
requires packaging the following Go packages:

github.com/anacrolix/missinggo
  github.com/huandu/xstrings
  github.com/bradfitz/iter
  github.com/glycerine/goconvey
github.com/ryszard/goskiplist
  github.com/anacrolix/envpprof
  github.com/anacrolix/tagflag

Bug#929146: ITP: golang-github-anacrolix-missinggo -- supplements Go's stdlib

[Drew Parsons]

Package: wnpp
Severity: wishlist
Owner: Drew Parsons 

* Package name: golang-github-anacrolix-missinggo
  Version : 2.1.0
  Upstream Author : Matt Joiner
* URL : https://github.com/anacrolix/missinggo
* License : MIT
  Programming Lang: Go
  Description : supplements Go's stdlib

Stuff that supplements Go's stdlib, or isn't significant enough to be
in its own repo.

Required dependency for golang-github-anacrolix-dms-dev (ITP#928372).

To be maintained under the Debian Go Team.

Bug#927126: aqemu: after updating can't open VMs

[Abhijith PA]

Dear Alexis.

On 18/05/19 3:18 am, Alexis Murzeau wrote:
> Le 14/05/2019 à 05:28, Abhijith PA a écrit :
>>
>>
>> On 29/04/19 1:22 am, Alexis Murzeau wrote:
>>> The vlan argument issue has a upstream issues open [0].
>>>
>>> [0] :
>>>  - https://github.com/tobimensch/aqemu/issues/58
>>>  - https://github.com/tobimensch/aqemu/issues/57
>>
>> The error log in issue 57 is same as what I get.
>>
>>>  - https://github.com/tobimensch/aqemu/pull/61
>>
>> Yes, please
>> https://github.com/tobimensch/aqemu/pull/61/commits/9ff55188fb8479e573d6ed6f5669147af48316a9
>> try to backport this patch. I can help you in testing.
>>
>>
>> --abhijith
>>
> 
> I've put a test package that include the more complete commit:
> https://github.com/pcwizzy37/aqemu/commit/37d5447126343cc7a70b95c6e73d670be444a05d
> 
> The package is available in this repository:
> https://github.com/amurzeau/apt-repository/
> 
> Instructions to install the repository are in the README.md file.
> 

I tried your build and its working for me, thanks. I think you should
upload to archive. We still have time, isn't ?


--abhijith

Bug#929145: ITP: golang-github-mattn-go-pointer --

[Drew Parsons]

Package: wnpp
Severity: wishlist
Owner: Drew Parsons 

* Package name: golang-github-mattn-go-pointer
  Version : 0.0~git20180825.49522c3-1
  Upstream Author : Yasuhiro Matsumoto (a.k.a mattn) 
* URL : https://github.com/mattn/go-pointer
* License : Mit
  Programming Lang: Go
  Description : Utility for cgo

 go-pointer is a utility for cgo.

golang-github-mattn-go-pointer is a required dependency for
golang-github-anacrolix-dms-dev, ITP#928372.

Packaged under the Debian Go Team.

Bug#929144: ITP: golang-github-mattn-go-pointer --

[Drew Parsons]

Package: wnpp
Severity: wishlist
Owner: Drew Parsons 

* Package name: golang-github-mattn-go-pointer
  Version : 0.0~git20180825.49522c3-1
  Upstream Author : Yasuhiro Matsumoto (a.k.a mattn) 
* URL : https://github.com/mattn/go-pointer
* License : Mit
  Programming Lang: Go
  Description : Utility for cgo

 go-pointer is a utility for cgo.

golang-github-mattn-go-pointer is a required dependency for
golang-github-anacrolix-dms-dev, ITP#928372.

Packaged under the Debian Go Team.

Bug#880121: popularity-contest: popcon-upload should be made to POST over https

[Paul Wise]

On Fri, 2019-05-17 at 17:33 +0900, Marc Dequènes wrote:

> This rational does not stand anymore as now this URL replies with:
> < HTTP/1.1 302 Found
> < Location: https://popcon.debian.org/cgi-bin/popcon.cgi
> 
> I don't know for how long this has been the case but as nobody seemed to 
> have noticed I guess switching to HTTPS would be fine.

The popcon client does not get this redirect:

$ GET -dS http://popcon.debian.org/cgi-bin/popcon.cgi
GET http://popcon.debian.org/cgi-bin/popcon.cgi
302 Found
GET https://popcon.debian.org/cgi-bin/popcon.cgi
200 OK

$ GET -H 'User-Agent: popcon-upload' -dS 
http://popcon.debian.org/cgi-bin/popcon.cgi
GET http://popcon.debian.org/cgi-bin/popcon.cgi
200 OK

pabs@pinel:~$ grep -C1 popcon-upload 
/etc/apache2/sites-available/popcon.debian.org
RewriteEngine on
RewriteCond "%{HTTP_USER_AGENT}" !popcon-upload
RewriteRule ^(.*) https://popcon.debian.org$1 [R,L]

-- 
bye,
pabs

https://wiki.debian.org/PaulWise



signature.asc
Description: This is a digitally signed message part

Bug#929133: Fw: Bug#929133: base-passwd: The 'libvirt' group from virt-manager is not listed in users-and-groups

[Karl O. Pinc]

Forwarding your message to the virt-manager maintainers then.
They can decide.

Begin forwarded message:

Date: Fri, 17 May 2019 22:01:58 +0100
From: Colin Watson 
To: "Karl O. Pinc" , 929...@bugs.debian.org
Cc: libv...@packages.debian.org
Subject: Re: Bug#929133: base-passwd: The 'libvirt' group from
virt-manager is not listed in users-and-groups


On Fri, May 17, 2019 at 02:14:27PM -0500, Karl O. Pinc wrote:
> I notice that (on stretch) the 'libvirt' group, used by the
> virt-manager package is not listed in
> /usr/share/doc/base-passwd/users-and-groups*
> 
> I am unclear whether it should be listed, but it seems worth
> an email.  

Thanks for your report.  It isn't really feasible for that document to
be comprehensive, but if the libvirt maintainer or somebody who knows it
reasonably well wanted to contribute a description then I'd happily take
it.

Bug#929143: doxygen: SHOW_NAMESPACES = NO breaks latex PDF

[Dan Merillat]

Package: doxygen
Version: 1.8.15-1~exp1
Severity: normal
Tags: upstream patch

Dear Maintainer,

>From their tracker at https://github.com/doxygen/doxygen/issues/6727

"When switching off SHOW_NAMESPACES, I can no longer build a PDF from the latex 
output. It fails with

! LaTeX Error: File `namespaces.tex' not found.

Here's a testcase: TestCase6726.zip

Build the testcase
Run make.bat from the Doc\latex subdirectory

expected: should run fine and produce refman.pdf
actual: Error about missing namespaces.tex file"

The patch for the issue applies cleanly to the current debian source and
fixes the problem, reproduced below:

>From a0be73d6eb529295cbc8fdfe0a0bbf38ebf5a0c2 Mon Sep 17 00:00:00 2001
From: albert-github 
Date: Sat, 5 Jan 2019 14:44:28 +0100
Subject: [PATCH] issue #6727 SHOW_NAMESPACES = NO breaks latex PDF

Only write the namespace index file reference (i.e. namespaces.tex , 
namespaces.rtf) to the overall file (i.e. refman.tex. refman.rtf) in case 
SHOW_NAMESPACES is set and there are namespaces.
---
 src/index.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/index.cpp b/src/index.cpp
index 7bb957475..5d16e4ea7 100644
--- a/src/index.cpp
+++ b/src/index.cpp
@@ -4670,7 +4670,7 @@ static void writeIndex(OutputList )
   ol.parseText(/*projPrefix+*/ theTranslator->trModuleIndex());
   ol.endIndexSection(isModuleIndex);
 }
-if (documentedNamespaces>0)
+if (Config_getBool(SHOW_NAMESPACES) && (documentedNamespaces>0))
 {
   ol.startIndexSection(isNamespaceIndex);
   
ol.parseText(/*projPrefix+*/(fortranOpt?theTranslator->trModulesIndex():theTranslator->trNamespaceIndex()));


Would it make sense to carry this in the debian patches until the next
upstream release?

-- System Information:
Debian Release: 10.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, armhf

Kernel: Linux 4.20.6-dan (SMP w/8 CPU cores; PREEMPT)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages doxygen depends on:
ii  libc62.28-10
ii  libclang1-7  1:7.0.1-8
ii  libgcc1  1:8.3.0-7
ii  libllvm7 1:7.0.1-8
ii  libstdc++6   8.3.0-7
ii  libtinfo66.1+20181013-2
ii  libxapian30  1.4.11-1
ii  zlib1g   1:1.2.11.dfsg-1

doxygen recommends no packages.

Versions of packages doxygen suggests:
pn  doxygen-doc
pn  doxygen-gui
ii  doxygen-latex  1.8.13-10
ii  graphviz   2.40.1-6

-- no debconf information

Bug#929142: unblock: testssl.sh/2.9.5-7+dfsg1-2

[Joao Eriberto Mota Filho]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package testssl.sh.

The uploaded revision will fix the RC bug #928728, adding some install
dependencies.

I attached a debdiff.

Thanks a lot in advance.

Regards,

Eriberto

unblock testssl.sh/2.9.5-7+dfsg1-2
diff -Nru testssl.sh-2.9.5-7+dfsg1/debian/changelog 
testssl.sh-2.9.5-7+dfsg1/debian/changelog
--- testssl.sh-2.9.5-7+dfsg1/debian/changelog   2019-01-27 19:25:45.0 
-0200
+++ testssl.sh-2.9.5-7+dfsg1/debian/changelog   2019-05-17 20:38:36.0 
-0300
@@ -1,3 +1,11 @@
+testssl.sh (2.9.5-7+dfsg1-2) unstable; urgency=medium
+
+  * Team upload.
+  * debian/control: added dnsutils | ldnsutils, bsdmainutils
+and procps as dependencies. (Closes: #928728)
+
+ -- Joao Eriberto Mota Filho   Fri, 17 May 2019 20:38:36 
-0300
+
 testssl.sh (2.9.5-7+dfsg1-1) unstable; urgency=medium
 
   * Team upload
diff -Nru testssl.sh-2.9.5-7+dfsg1/debian/control 
testssl.sh-2.9.5-7+dfsg1/debian/control
--- testssl.sh-2.9.5-7+dfsg1/debian/control 2019-01-27 19:25:21.0 
-0200
+++ testssl.sh-2.9.5-7+dfsg1/debian/control 2019-05-17 20:38:36.0 
-0300
@@ -14,7 +14,10 @@
 Multi-Arch: foreign
 Depends: ${misc:Depends},
  ${shlibs:Depends},
- openssl (>= 1)
+ bsdmainutils,
+ dnsutils | ldnsutils,
+ openssl (>= 1),
+ procps
 Description: Command line tool to check TLS/SSL ciphers, protocols and 
cryptographic flaws
  testssl.sh is a free command line tool which checks a server's service
  on any port for the support of TLS/SSL ciphers, protocols as well as

Bug#929141: git-buildpackage: set default compression xz, instead of bzip2

[Hideki Yamane]

Package: git-buildpackage
Version: 0.9.14
Severity: wishlist
Tags: patch

Dear Maintainer,

 It's better to use xz as default compression for orig.tarball,
 instead of bzip2 in gbp.conf, IMO. Patch attached.
>From f7f4545c30111a77a959b86c57bcda7e07dcdc19 Mon Sep 17 00:00:00 2001
From: Hideki Yamane 
Date: Sat, 18 May 2019 09:20:54 +0900
Subject: [PATCH] gbp.conf: set default compresson to xz, instead of bzip2

---
 gbp.conf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gbp.conf b/gbp.conf
index d104a50..877db84 100644
--- a/gbp.conf
+++ b/gbp.conf
@@ -39,8 +39,8 @@
 #tarball-dir = ../tarballs/
 #ignore-new = True
 #export = HEAD
-# compress with bzip2
-#compression = bzip2
+# compress with xz
+#compression = xz
 # use best compression
 #compression-level = best
 # Don't send notifications, alternatives: on/true, off/false or auto
-- 
2.20.1

Bug#928728: testssl.sh: missing dependencies

[Eriberto]

Em sex, 17 de mai de 2019 às 20:43, Eriberto Mota
 escreveu:
>
> So, package needs bsdmailutils and procps.
>

s/bsdmailutils/bsdmainutils/

Bug#928728: testssl.sh: missing dependencies

[Eriberto Mota]

Hi Lee,

Thanks for your report. I can confirm it:

Fatal error: Neither "dig", "host", "drill" or "nslookup" is present

So, package needs dnsutils | ldnsutils (dnsutils also provide host).

/usr/bin/testssl: line 8865: hexdump: command not found
/usr/bin/testssl: line 1236: ps: command not found

So, package needs bsdmailutils and procps.

I will fix it.

Regards,

Eriberto

Bug#929140: wpasupplicant: ifupdown functions.sh injecting incorrect private key2 password parameter

[Patrick Tseng]

Package: wpasupplicant
Version: 2:2.4-1+deb9u3
Severity: normal
Tags: patch

Dear Maintainer,

functions.sh appears to be passing an incorrectly named variable for
private key 2's password.

functions.sh uses `private_key_passwd2` when the parameter is named
`private_key2_passwd`:

> set_network 0 private_key_passwd2 "mypassword"
FAIL
> set_network 0 private_key2_passwd "mypassword"
OK
>


Bug appears to be present in version up to experimental. This patch
fixes the issue for 2:2.4-1+deb9u3:

--- /etc/wpa_supplicant/functions.sh2018-08-09 07:23:49.0 +
+++ /tmp/functions.sh   2019-05-17 22:26:28.581382870 +
@@ -741,8 +741,8 @@
wpa_cli_do "$IF_WPA_PRIVATE_KEY2" ascii \
set_network private_key2 wpa-private-key2
 
-   wpa_cli_do "$IF_WPA_PRIVATE_KEY_PASSWD2" ascii \
-   set_network private_key_passwd2 wpa-private-key-passwd2
+   wpa_cli_do "$IF_WPA_PRIVATE_KEY2_PASSWD" ascii \
+   set_network private_key2_passwd wpa-private-key2-passwd

wpa_cli_do "$IF_WPA_DH_FILE2" ascii \
set_network dh_file2 wpa-dh-file2

`/usr/share/doc/wpasupplicant/examples/wpa_supplicant.conf.gz` also has
examples:

# ca_path2: Directory path for CA certificate files (PEM)
# client_cert2: File path to client certificate file
# private_key2: File path to client private key file
# private_key2_passwd: Password for private key file
# dh_file2: File path to DH/DSA parameters file (in PEM format)

-- System Information:
Debian Release: 9.9
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-debug'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-0.bpo.2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages wpasupplicant depends on:
ii  adduser   3.115
ii  libc6 2.24-11+deb9u4
ii  libdbus-1-3   1.10.26-0+deb9u1
ii  libnl-3-200   3.2.27-2
ii  libnl-genl-3-200  3.2.27-2
ii  libpcsclite1  1.8.20-1
ii  libreadline7  7.0-3
ii  libssl1.0.2   1.0.2r-1~deb9u1
ii  lsb-base  9.20161125

wpasupplicant recommends no packages.

Versions of packages wpasupplicant suggests:
pn  libengine-pkcs11-openssl  
pn  wpagui

-- no debconf information

Bug#929029: unblock: apt-cacher-ng/3.2.1-1

[Eduard Bloch]

Control: retitle -1 [pre-approval] unblock: apt-cacher-ng/3.2.1-1

Hallo,
* Niels Thykier [Wed, May 15 2019, 07:53:00PM]:
> Control: tags -1 moreinfo

Sure, see attachments. As explained before, just a one-liner which uses
existing functionality (same content as before, now from a real package
build and git compare between tag/branch). If the meaning of the change
is not understandable, please check the effect of forgiveDlErrors member
in
https://salsa.debian.org/blade/apt-cacher-ng/blob/upstream/sid/source/cacheman.cc
and maybe related uses in
https://salsa.debian.org/blade/apt-cacher-ng/blob/upstream/sid/source/expiration.cc
 .

BTW, maybe I was not precise enough before: this is a request for
pre-approval, the package is not uploaded yet.

Best Regards,
Eduard.
File lists identical (after any substitutions)

Control files: lines which differ (wdiff format)

Depends: libbz2-1.0, libc6 (>= [-2.22),-] {+2.28),+} libgcc1 (>= 1:3.3.1), 
liblzma5 (>= 5.1.1alpha+20120614), libssl1.1 (>= 1.1.0), libstdc++6 (>= 5.2), 
libsystemd0 (>= 210), libwrap0 (>= 7.6-4~), zlib1g (>= 1:1.2.0), debconf (>= 
0.5) | debconf-2.0, adduser, lsb-base (>= 3.0-6)
Installed-Size: [-1421-] {+1425+}
Version: [-3.2-1-] {+3.2-2+}
diff --git a/debian/changelog b/debian/changelog
index f33e8f1..b2d9d94 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,14 @@
+apt-cacher-ng (3.2-2) unstable; urgency=medium
+
+  *  For incorrect assumption of some existing SHA256SUMS files in Debian
+ repositories which makes the expiration task fail without a proper way
+ for the end user to recover from it. Now ignore a download error in this
+ case (similar handling as for other guesses), assuming that permanent
+ 404ing for other reasons than removal of remote content can be considered
+ unlikely (closes: #928957)
+
+ -- Eduard Bloch   Fri, 17 May 2019 22:59:21 +0200
+
 apt-cacher-ng (3.2-1) unstable; urgency=low

   * New upstream version
diff --git a/source/expiration.cc b/source/expiration.cc
index 2125521..625a7be 100644
--- a/source/expiration.cc
+++ b/source/expiration.cc
@@ -806,6 +806,13 @@ bool expiration::ProcessRegular(const string & sPathAbs, const struct stat 
 			flags.eIdxType = EIDX_SHA256DILIST;
 			flags.vfile_ondisk = true;
 			flags.uptodate = false;
+
+			// the original source context will probably provide a viable source for
+			// this URL - it might go 404 if the whole folder is missing but then the
+			// referenced content would also be outdated/gone and not worth keeping
+			// in the cache anyway
+
+			flags.forgiveDlErrors = true;
 		}
 		// and last but not least - care only about the modern version of that index
 		m_metaFilesRel.erase(idir + "MD5SUMS");

Bug#927126: aqemu: after updating can't open VMs

[Alexis Murzeau]

Le 14/05/2019 à 05:28, Abhijith PA a écrit :
> 
> 
> On 29/04/19 1:22 am, Alexis Murzeau wrote:
>> The vlan argument issue has a upstream issues open [0].
>>
>> [0] :
>>  - https://github.com/tobimensch/aqemu/issues/58
>>  - https://github.com/tobimensch/aqemu/issues/57
> 
> The error log in issue 57 is same as what I get.
> 
>>  - https://github.com/tobimensch/aqemu/pull/61
> 
> Yes, please
> https://github.com/tobimensch/aqemu/pull/61/commits/9ff55188fb8479e573d6ed6f5669147af48316a9
> try to backport this patch. I can help you in testing.
> 
> 
> --abhijith
> 

I've put a test package that include the more complete commit:
https://github.com/pcwizzy37/aqemu/commit/37d5447126343cc7a70b95c6e73d670be444a05d

The package is available in this repository:
https://github.com/amurzeau/apt-repository/

Instructions to install the repository are in the README.md file.

-- 
Alexis Murzeau
PGP: B7E6 0EBB 9293 7B06 BDBC  2787 E7BD 1904 F480 937F



signature.asc
Description: OpenPGP digital signature

Bug#929139: fusionforge-plugin-mediawiki: uninstallable cruft package

[Andreas Beckmann]

Package: fusionforge-plugin-mediawiki
Version: 5.3.2+20141104-3+deb8u1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Control: close -1

This is a leftover package in jessie-security that is no longer built by
the newer version in jessie.

Andreas

Bug#929138: llvm-3.7-examples: uninstallable on most architectures

[Andreas Beckmann]

Package: llvm-3.7-examples
Version: 1:3.7.1-5
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Control: clone -1 1:3.7.1-5+rm

Hi,

during a test with piuparts I noticed your package is not
installable in stretch.
It would have been better to remove the arch:all packages, too, at the
time the binary packages were restricted to arm*.


Cheers,

Andreas

Bug#929137: pspresent FTCBFS: does not pass cross tools to make

[Helmut Grohne]

Source: pspresent
Version: 1.3-4
Tags: patch
User: helm...@debian.org
Usertags: rebootstrap

pspresent fails to cross build from source, because it does not pass
cross tools to make. The easiest way of fixing that - using
dh_auto_build - makes pspresent cross buildable. Please consider
applying the attached patch.

Helmut
diff -u pspresent-1.3/debian/changelog pspresent-1.3/debian/changelog
--- pspresent-1.3/debian/changelog
+++ pspresent-1.3/debian/changelog
@@ -1,3 +1,10 @@
+pspresent (1.3-4.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix FTCBFS: Let dh_auto_build pass cross tools to make. (Closes: #-1)
+
+ -- Helmut Grohne   Fri, 17 May 2019 21:49:17 +0200
+
 pspresent (1.3-4) unstable; urgency=low
 
   * Bug fix: "obsolete build-dep on x-dev", thanks to
diff -u pspresent-1.3/debian/rules pspresent-1.3/debian/rules
--- pspresent-1.3/debian/rules
+++ pspresent-1.3/debian/rules
@@ -26,7 +26,7 @@
 
 build-stamp: configure-stamp
dh_testdir
-   $(MAKE)
+   dh_auto_build
touch build-stamp
 
 clean:

Bug#929133: base-passwd: The 'libvirt' group from virt-manager is not listed in users-and-groups

[Colin Watson]

On Fri, May 17, 2019 at 02:14:27PM -0500, Karl O. Pinc wrote:
> I notice that (on stretch) the 'libvirt' group, used by the
> virt-manager package is not listed in
> /usr/share/doc/base-passwd/users-and-groups*
> 
> I am unclear whether it should be listed, but it seems worth
> an email.

Thanks for your report.  It isn't really feasible for that document to
be comprehensive, but if the libvirt maintainer or somebody who knows it
reasonably well wanted to contribute a description then I'd happily take
it.

-- 
Colin Watson   [cjwat...@debian.org]

Bug#871223: [871223] neverball: Strange squares instead of stars in the goals point

[Qwerty Chouskie]

Turns out the Debian package isn't packaging all the assets: 
https://github.com/Neverball/neverball/issues/170#issuecomment-493550779

Can someone look into why these PNGs aren't getting into the package?

-QwertyChouskie

On 4/5/19 8:22 AM, Markus Koschany wrote:
> On Wed, 20 Mar 2019 17:50:39 + Qwerty Chouskie
>  wrote:
>> After much research at
>> https://github.com/Neverball/neverball/issues/170, it seems this issue
>> only affects the Debian package for some reason, likely a weird compiler
>> bug or such.  Anyways, the solution seems to be a rebuild of the
>> package.  No changes are needed, just re-compiling seems to fix the
>> issue.  If a maintainer can do this, the bug can be closed.
> Just for the record: A rebuild doesn't change anything. I don't believe
> that is a compiler bug. More likely it is related to libgl1-mesa-glx
> [libgl1].
>
>
>

Bug#929136: hoteldruid: CVE-2019-8937

[Salvatore Bonaccorso]

Source: hoteldruid
Version: 2.3.2-1
Severity: grave
Tags: security upstream

Hi,

The following vulnerability was published for hoteldruid.

CVE-2019-8937[0]:
| HotelDruid 2.3.0 has XSS affecting the nsextt, cambia1, mese_fine,
| origine, and anno parameters in creaprezzi.php, tabella3.php,
| personalizza.php, and visualizza_tabelle.php.

Unless mistaken, then those are not yet fixed in the 2.3.2 upstream
which fixed CVE-2019-9084, CVE-2019-9085, CVE-2019-9086 and
CVE-2019-9087?

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2019-8937
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8937
[1] https://www.exploit-db.com/exploits/46429/

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#927808: gmsh: FTBFS in buster (/usr/include/occt/Standard_Version.hxx cannot be read)

[Rebecca N. Palmer]

I think this should be a t-p-u upload not a +really, but I'd wait for 
release team to decide (see #929108).


https://www.debian.org/doc/manuals/developers-reference/ch05.en.html#t-p-u

Bug#888743: pidofproc returns PIDs in foreign chroots and containers

[Thorsten Glaser]

Hi *,

I’ve got an initscript in which I cannot use pidofproc for various
reasons so I use start-stop-daemon (in the dpkg package) for this.

Does this also affect that? I do not use lxc, container stuff, etc.
so I’ve got neither any idea about them nor any way to test this.

(If so I will make a clone of the bug and assign that to dpkg.)

Thanks,
//mirabilos
-- 
 den AGP stecker anfeilen, damit er in den slot aufm 440BX board passt…
oder netzteile, an die man auch den monitor angeschlossen hat und die dann für
ein elektrisch aufgeladenes gehäuse gesorgt haben […] für lacher gut auf jeder
LAN party │  damals, als der pizzateig noch auf dem monior "gegangen" ist

Bug#928977: e2fsprogs: e2scrub_all cron job complains about lack of lvm2

[Thorsten Glaser]

Package: e2fsprogs
Version: 1.45.1-1
Followup-For: Bug #928977

The patch from Message #26 looks good, and I would welcome it.
(The idea, to exit silently if only the prerequisite is missing,
and only if called as cronjob or newspeak equivalent, is good.)

-- System Information:
Debian Release: 10.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 4.19.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C (charmap=UTF-8)
Shell: /bin/sh linked to /bin/lksh
Init: sysvinit (via /sbin/init)

Versions of packages e2fsprogs depends on:
ii  libblkid12.33.1-0.1
ii  libc62.28-10
ii  libcom-err2  1.45.1-1
ii  libext2fs2   1.45.1-1
ii  libss2   1.45.1-1
ii  libuuid1 2.33.1-0.1

Versions of packages e2fsprogs recommends:
pn  e2fsprogs-l10n  

Versions of packages e2fsprogs suggests:
pn  e2fsck-static  
pn  fuse2fs
pn  gpart  
ii  parted 3.2-25

-- no debconf information

Bug#928935: Invoke-run: add a way to not stop sysv scripts

[Lorenz]

Hi,

> True. Here are patches. What do you think?

I haven't had time to test but the patch looks good to me, just an
observation:
to my experience

/etc/init.d/${service} status

is not always reliable in term of both results and exit codes, we will have
the
chance to fix a certain number of sysv init scripts because of this

thanks



Il giorno gio 16 mag 2019 alle ore 10:54 Dmitry Bogatov 
ha scritto:

>
> control: tags -1 +pending +patch
>
> [2019-05-13 14:35] Lorenzo Puliti 
> > Hi,
> >
> > In order to avoid conflicts, recent version of invoke-run interpreter
> stops the sysv
> > init scripts before starting the run service.
> > Please note that this logic, when applied to daemons like dbus, slim,
> sddm, lightdm
> > (and possibly others) will break the graphic session, so there is need
> for a way
> > to prevent the sysv script being replaced by the run script while the
> graphic session
> > is active.
> > This also will need support in dh-runit.
>
> True. Here are patches. What do you think?
>
> From 66e9071165250793d8900f17cd5b35ca7b45526b Mon Sep 17 00:00:00 2001
> From: Dmitry Bogatov 
> Date: Tue, 14 May 2019 10:45:06 +
> Subject: [PATCH] invoke-run: add option to not stop sysv scripts
>
> Closes: #928935
> ---
>  debian/contrib/lib/invoke-run | 10 ++
>  1 file changed, 10 insertions(+)
>
> diff --git a/debian/contrib/lib/invoke-run b/debian/contrib/lib/invoke-run
> index a424b73..9fa5c59 100755
> --- a/debian/contrib/lib/invoke-run
> +++ b/debian/contrib/lib/invoke-run
> @@ -40,7 +40,17 @@ if [ -r "/etc/default/${service}" ] ; then
>  fi
>
>  readonly initscript="/etc/init.d/${service}"
> +readonly noreplace="/var/lib/runit/noreplace/${service}"
> +
>  if [ -x "${initscript}" ] ; then
> +   # Stopping some services (e.g display manager) is disruptive
> +   # and must be done only manually by user.
> +   if [ -f "${noreplace}" ] ; then
> +   if "${initscript}" status >/dev/null 2>&1 ; then
> +   sv down "${service}"
> +   exit 0
> +   fi
> +   fi
> "${initscript}" stop
>  fi
>
> And here is patch for dh_runit. It may be more convenient to see it at
> salsa.debian.org/runit-team/dh-runit.
>
> From cb411affcbc2eb183ee5f35e50c3863c0b94f98a Mon Sep 17 00:00:00 2001
> From: Dmitry Bogatov 
> Date: Tue, 14 May 2019 15:41:52 +
> Subject: [PATCH] Add option to mark service as non-restartable
>
> ---
>  dh_runit   | 18 ++
>  t/924903.t |  5 -
>  t/928935.t | 10 ++
>  3 files changed, 32 insertions(+), 1 deletion(-)
>  create mode 100644 t/928935.t
>
> diff --git a/dh_runit b/dh_runit
> index 5ed55b5..4c9820e 100755
> --- a/dh_runit
> +++ b/dh_runit
> @@ -5,6 +5,7 @@ use v5.10.1;
>  use strict;
>  use Debian::Debhelper::Dh_Lib;
>  use File::Find;
> +use File::Path qw(make_path);
>  use File::stat;
>  use feature 'signatures';
>  no warnings 'experimental';
> @@ -17,6 +18,7 @@ sub parse_options($opts) {
>  when (/^name=(.*)$/)   { $conf->{name} = $1; };
>  when (/^since=(.*)$/)  { $conf->{since} = $1; };
>  when (/^logscript$/)   { $conf->{logscript} = 1};
> +when (/^noreplace$/)   { $conf->{noreplace} = 1};
>  when (/^defaults$/){ "do nothing"; };
>  default{ error("unknown option `$opt'"); }
>  }
> @@ -59,6 +61,13 @@ PKG: foreach my $pkg (@{$dh{DOPACKAGES}}) {
>  my $conf = parse_options($opts);
>  my $name = $conf->{name} || basename($path);
>
> +if ($conf->{noreplace}) {
> +make_path("${tmp}/var/lib/runit/noreplace/");
> +open(my $fh, ">", "${tmp}/var/lib/runit/noreplace/${name}")
> +|| die $!;
> +close($fh);
> +}
> +
>  if ( -f $path) {
>  install_dir("$sv_dir/$name");
>  install_prog($path, "$sv_dir/$name/run");
> @@ -182,6 +191,15 @@ version of package. See #923233.
>  If this option is not specified, it means that runscript was provided
>  all history of package.
>
> +=item I
> +
> +Mark service as non-restartible. Interpreter B, provided by
> +I package does not stop sysvinit-managed instance of service to
> +replace it with runit-managed instance when service is marked as
> +non-restartible.
> +
> +Display managers (xdm, kdm, ...) are examples of non-restartible services.
> +
>  =item I
>
>  If you don't need other options, specify this one.
> diff --git a/t/924903.t b/t/924903.t
> index 710ea39..b969314 100644
> --- a/t/924903.t
> +++ b/t/924903.t
> @@ -1,7 +1,7 @@
>  #!/usr/bin/perl
>  use strict;
>  use warnings;
> -use Test::More tests => 3;
> +use Test::More tests => 4;
>  use File::stat;
>  use T;
>
> @@ -11,3 +11,6 @@ ok(-d $path, 'supervise directory correctly created');
>  my $info = stat($path);
>  my $mode = sprintf("%o", $info->mode & 0777);
>  is($mode, '700', 'supervise directory have conservative permissions');
> +
> +my $noreplace = 

Bug#927353: Michael, could you please ask ftpmaster

[Paul Gevers]

Hi Andreas,

On Thu, 16 May 2019 09:04:48 +0200 Andreas Tille  wrote:
> Hi Michael,
> 
> I remember you was once successful to ask ftpmaster to remove all i386
> packages depending from htslib.  Could you try to send this mail again
> to finally get rid of this noise these bugs are causing?

The issue is tracked in
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928333

Paul



signature.asc
Description: OpenPGP digital signature

Bug#929135: ITP: ruby-safely-block -- Rescue and report exceptions in non-critical code

[Samyak Jain]

Package: wnpp
Severity: wishlist
Owner: Samyak Jain 

* Package name: ruby-safely-block
  Version : 0.2.1
  Upstream Author : Andrew Kane 
* URL : https://github.com/ankane/safely
* License : Expat
  Programming Lang: Ruby
  Description : Rescue and report exceptions in non-critical code

 Exceptions are rescued and automatically reported to your favorite reporting
 service. In development and test environments, exceptions are raised so you
 can fix them.
 The Safely Pattern is a simple one. It allows you to tag non-critical code by
 wrapping it in a function. It’s built on top of exception handling. Gem is
 created for efficient exceptional handling.


It is a dependency for loomio and hence needs to be packaged.

Thanks,
Samyak Jain

Bug#929134: rspamd: New upstream version available 1.9.3

[Tobias Frost]

Package: rspamd 
Severity: wishlist

Please consider packaging the new upstream version.
Thanks

-- System Information:
Debian Release: 10.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-4-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages rspamd depends on:
ii  adduser  3.118
ii  ca-certificates  20190110
ii  libc62.28-10
ii  libevent-2.1-6   2.1.8-stable-4
ii  libglib2.0-0 2.58.3-1
ii  libicu63 63.1-6
pn  libjemalloc2 
pn  libjs-bootstrap  
pn  libjs-d3 
ii  libjs-jquery 3.3.1~dfsg-3
pn  libjs-requirejs  
pn  libluajit-5.1-2  
ii  libmagic11:5.35-4
ii  libpcre2-8-0 10.32-5
ii  libsqlite3-0 3.27.2-2
ii  libssl1.11.1.1b-2
ii  libunwind8   1.2.1-9
ii  lsb-base 10.2019051400
ii  zlib1g   1:1.2.11.dfsg-1

rspamd recommends no packages.

rspamd suggests no packages.

Bug#929133: base-passwd: The 'libvirt' group from virt-manager is not listed in users-and-groups

[Karl O. Pinc]

Package: base-passwd
Version: 3.5.43
Severity: wishlist

Hello,

I notice that (on stretch) the 'libvirt' group, used by the
virt-manager package is not listed in
/usr/share/doc/base-passwd/users-and-groups*

I am unclear whether it should be listed, but it seems worth
an email.

Regards,
Karl

-- System Information:
Debian Release: 9.9
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-9-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages base-passwd depends on:
ii  libc6  2.24-11+deb9u4
ii  libdebconfclient0  0.227

Versions of packages base-passwd recommends:
ii  debconf [debconf-2.0]  1.5.61

base-passwd suggests no packages.

-- debconf information excluded

Bug#928429: dpkg: trigger cycle postgresql-common -> sgml-base while upgrading from stretch to buster

[Andreas Beckmann]

On 2019-05-14 02:35, Guillem Jover wrote:
> Thanks for the detailed log! Ok, I think I've got a patch now, and it
> still passes the functional test suite. Would it be possible and easy
> to test that with the failing piuparts runs? Otherwise I'll try to

Sure.

> setup some chroot somewhere to do that.
> 
> I'm attaching the patch. Otherwise already built (and signed) binary
> packages can be temporarily found at:
> 
>   

It would have been even easier if you had added a Packages file to the
directory :-) (then I could have used it directly as an argument to the
--testdebs-repo option)

I've ran two piuparts tests upgrading from stretch to sid:
* with your new packages: success
* with what's in sid: failure

So your patch seems to fix this issue.


Andreas

Bug#929132: unblock (pre-approval): dbus/1.12.14-1

[Niels Thykier]

Control: tags -1 moreinfo confirmed

Simon McVittie:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> I would like to follow the dbus upstream 1.12.x stable branch in buster,
> like I did for 1.8.x in jessie and 1.10.x in stretch. I am an upstream
> maintainer and prepared all recent upstream releases.
> 
> If the timing of this release is not suitable to make it into
> buster r0, it might be a good idea to backport the changes related to
> _dbus_rlimit_raise_fd_limit() (Debian bug #928877) as a patch, so that
> *those* can go into r0. As a result I haven't uploaded to unstable yet,
> to keep it possible to upload a backport via unstable if you'd prefer.
> 
> Annotated diffstat for the attached diff, filtered with "filterdiff -p1
> --exclude=Makefile.in --exclude=aclocal.m4 --exclude=build-aux/ltmain.sh
> --exclude=configure --exclude='*/Makefile.in'
> --exclude=aminclude_static.am --exclude=m4/libtool.m4":
> 
> [...]
> 
> Release preparation.
> 
> Thoughts?
> 
> Thanks,
> smcv
> 

Hi Simon,

I am ok with these changes on the premise that you are ready to promptly
rollback to the bare minimum changes in case of regressions (regardless
of whether we see them before or after the migration).

If you agree with this, please go ahead with the upload and remove the
moreinfo tag once it is ready to be unblocked.

Thanks,
~Niels

Bug#871223: Bug #871223

[Cameron Hall]

The Debian neverball-common package is missing
/usr/share/games/neverball/geom/goal/goal.png
(star image) along with the other .png files and material files in the geom
directory. Make sure these files are present in the package.

/usr/share/games/neverball/geom/back/back.sol
/usr/share/games/neverball/geom/beam/beam
/usr/share/games/neverball/geom/beam/beam.png
/usr/share/games/neverball/geom/beam/beam.sol
/usr/share/games/neverball/geom/flag/flag.sol
/usr/share/games/neverball/geom/flag/red
/usr/share/games/neverball/geom/flag/red.png
/usr/share/games/neverball/geom/flag/white
/usr/share/games/neverball/geom/flag/white.png
/usr/share/games/neverball/geom/goal/goal
/usr/share/games/neverball/geom/goal/goal.png
/usr/share/games/neverball/geom/goal/goal.sol
/usr/share/games/neverball/geom/jump/jump
/usr/share/games/neverball/geom/jump/jump.png
/usr/share/games/neverball/geom/jump/jump.sol
/usr/share/games/neverball/geom/mark/mark.sol
/usr/share/games/neverball/geom/vect/vect
/usr/share/games/neverball/geom/vect/vect.png
/usr/share/games/neverball/geom/vect/vect.sol

Bug#928969: stterm: incorrect rendering of cyrillic letters with Terminus

[Paride Legovini]

Dmitry Bogatov wrote on 16/05/2019:
> 
> [2019-05-15 12:02] Paride Legovini 
>> Dmitry Bogatov wrote on 14/05/2019:
>>> cyrillic letters in stterm with Terminus font are rendered as more wide
>>> and overlapping than latin letters. On both "xterm" and under tty
>>> cyrillic letters are rendered properly.
>>>
>>> This issue is only with Terminus font: no other monospace font I checked
>>> have such problems.
>>>
>>> Please, try to reproduce it yourself. You will need:
>>>
>>>  * xfonts-terminus
>>>  * stterm
>>>  * cyrillic text "Привет"
>>>
>>> Start stterm:
>>>
>>> $ stterm -f Terminus
>>>
>>> and view cyrillic text in that terminal. If you want, I can make
>>> screenshots.
>>
>> Thanks for your report Dmitry. It seems that I can't reproduce the issue
>> on my system (an up-to-date Debian unstable), see the attached
>> screenshot.
> 
> On your screen shot everything is fine.
> 
>> I'm using:
>>
>> stterm 0.8.2-1
>> xfonts-terminus 4.40-2
> 
> So do I. Strange. Please, try comparing it with rendering in different
> terminal emulators. Here are two screenshots, one with 'stterm' (bad.png)
> and another with 'terminology' (good.png) and another one with 'sakura'
> (good-2.png).

I tried with xterm and sakura, the Cyrillic string renders exactly as in
stterm, with the correct character width and spacing.

> Not sure, that it is relevant, but in xterm(1) I found following:
> 
>   The reason for this resource is to help with certain
>   quasi-automatically generated fonts (such as the ISO-10646-1 encoding
>   of Terminus) which have incorrect font-metrics.>
> Maybe there are known issues with terminus font, and other terminal
> emulators provide special care for it?

Could be, I don't know. The font's homepage [0] says that:

  Version 4.47 contains 1326 characters, covers about 120 language
  sets and supports ISO8859-1/2/5/7/9/13/15/16 [...]

and ISO5589-5 is Latin/Cyrillic, so I don't think there are
auto-generated fonts. It also says that Terminus is a "fixed width
bitmap font". On my system I have disabled the bitmap fonts: I have this
symbolic link in place:

/etc/fonts/conf.d/70-no-bitmaps.conf ->
/usr/share/fontconfig/conf.avail/70-no-bitmaps.conf

so maybe even if I explicitly ask for Terminus the terminals lie to me,
and another fallback font is actually used. Did you disable the bitmap
fonts?

Another question. You said xterm renders Terminus well. From how it
looks, can you tell if it is actually Terminus or another font?

Paride

[0] http://terminus-font.sourceforge.net/

Bug#929096: unattended-upgrades: defaults change to upgrade stable suite

[Sean Whitton]

Hello,

On Fri 17 May 2019 at 10:27AM +02, Bálint Réczey wrote:

> It is documented in NEWS.Debian in the entry for 0.99 already and I
> agree that it would be nice to include it in the release notes as
> well.

Sorry, don't know how I missed this.  Thanks for the reply!

-- 
Sean Whitton


signature.asc
Description: PGP signature

Bug#928604: quick update

[Eric Desrochers]

Please let's put this ITP on hold for now.
Robie Basak kindly offered to review it once I'll be ready to resume the
review for this ITP.

The reasons behind this is because there is a few upstream bugs I would
like to be addressed/merged before we continue with review for soscleaner
to land in debian.

Regards,
Eric

Bug#924640: tt-rss: initscript tt-rss action "stop" failed

[Trek]

Control: tag -1 patch

this (untested) patch should fix the issue

ciao!
diff -urN a/debian/tt-rss.init b/debian/tt-rss.init
--- a/debian/tt-rss.init	2019-05-17 17:47:08.174896466 +0200
+++ b/debian/tt-rss.init	2019-05-17 17:52:21.938887893 +0200
@@ -79,7 +79,7 @@
 	#   1 if daemon was already stopped
 	#   2 if daemon could not be stopped
 	#   other if a failure occurred
-	start-stop-daemon --stop --quiet --retry=TERM/1/KILL/5 --pidfile $PIDFILE
+	start-stop-daemon --stop --quiet --retry=TERM/1/KILL/5 --pidfile $PIDFILE --exec $DAEMON --user www-data
 	RETVAL="$?"
 	[ "$RETVAL" = 2 ] && return 2
 	# Wait for children to finish too if this is a daemon that forks
@@ -88,7 +88,7 @@
 	# that waits for the process to drop all resources that could be
 	# needed by services started subsequently.  A last resort is to
 	# sleep for some time.
-	start-stop-daemon --stop --quiet --oknodo --retry=0/1/KILL/5 --exec $DAEMON
+	start-stop-daemon --stop --quiet --oknodo --retry=0/1/KILL/5 --exec $DAEMON --user www-data
 	[ "$?" = 2 ] && return 2
 	# Many daemons don't delete their pidfiles when they exit.
 	rm -f $PIDFILE

Bug#929132: unblock (pre-approval): dbus/1.12.14-1

[Simon McVittie]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

I would like to follow the dbus upstream 1.12.x stable branch in buster,
like I did for 1.8.x in jessie and 1.10.x in stretch. I am an upstream
maintainer and prepared all recent upstream releases.

If the timing of this release is not suitable to make it into
buster r0, it might be a good idea to backport the changes related to
_dbus_rlimit_raise_fd_limit() (Debian bug #928877) as a patch, so that
*those* can go into r0. As a result I haven't uploaded to unstable yet,
to keep it possible to upload a backport via unstable if you'd prefer.

Annotated diffstat for the attached diff, filtered with "filterdiff -p1
--exclude=Makefile.in --exclude=aclocal.m4 --exclude=build-aux/ltmain.sh
--exclude=configure --exclude='*/Makefile.in'
--exclude=aminclude_static.am --exclude=m4/libtool.m4":

 bus/bus.c  |8 -
 dbus/dbus-sysdeps-util-unix.c  |   64 +---
 dbus/dbus-sysdeps-util-win.c   |3 
 dbus/dbus-sysdeps.h|3 

Fix #928877, which gives system services the wrong RLIMIT_NOFILE under
recent systemd versions (while logging a warning). See NEWS or #928877
for more details.

 cmake/DBus1Config.pkgconfig.in |   27 +++

Avoid overwriting pkg-config-related global variables when a CMake project
depends on libdbus.

 Makefile.am|2 
 bus/Makefile.am|6 
 dbus/Makefile.am   |2 
 m4/ax_ac_append_to_file.m4 |   32 
 m4/ax_ac_print_to_file.m4  |   32 
 m4/ax_add_am_macro_static.m4   |   28 +++
 m4/ax_am_macros_static.m4  |   38 +
 m4/ax_code_coverage.m4 |  272 +
 m4/ax_file_escapes.m4  |   30 
 test/Makefile.am   |9 -

Adapt to an API change in newer-than-buster autoconf-archive versions.
This is not directly helpful for buster, but we needed it upstream so that
users of more recently-updated autoconf-archive can still build dbus.
Unfortunately there does not seem to be anything we could do that would
be compatible with both older and newer versions, so I've had to bundle
the newer version. The built binaries shouldn't be affected.

 bus/desktop-file.c |   10 -
 dbus/dbus-sysdeps-unix.c   |8 +
 tools/dbus-send.c  |   11 -

Silence compiler warnings that apparently cause FTBFS on some systems
with newer-than-buster toolchains. The change in bus/desktop-file.c
could in principle reject some malformed .service files that would
previously have been wrongly accepted (although I suspect none exist).

 configure.ac   |6 

Avoid FTBFS with some newer-than-buster autoconf-archive versions that
break assumptions we previously made about their use of AX_-prefixed
strings. Again, this is not directly helpful for buster, but we needed it
upstream so that users of more recently-updated autoconf-archive can
still build dbus.

 test/Makefile.am   |9 -

Work around a build failure on MSYS2. The built binaries are unaffected.

 debian/rules   |1 
 debian/tests/gnome-desktop-testing |1 

Disable tests for code paths that are only reached when malloc() returns
NULL, which in practice doesn't happen on Linux anyway. This significantly
speeds up the build, mitigating slowdown from increased test coverage in
recent releases.

 debian/tests/control   |8 -
 debian/tests/system-bus|   54 +++

Add smoke-tests to make sure that both code paths for system bus
activation still work, backported from experimental on the basis that
more coverage is better.

 NEWS   |   42 +
 configure.ac   |6 
 debian/changelog   |   11 +

Release preparation.

Thoughts?

Thanks,
smcv
 Makefile.am|2 
 NEWS   |   42 +
 bus/Makefile.am|6 
 bus/bus.c  |8 -
 bus/desktop-file.c |   10 -
 cmake/DBus1Config.pkgconfig.in |   27 +++
 configure.ac   |6 
 dbus/Makefile.am   |2 
 dbus/dbus-sysdeps-unix.c   |8 +
 dbus/dbus-sysdeps-util-unix.c  |   64 +---
 dbus/dbus-sysdeps-util-win.c   |3 
 dbus/dbus-sysdeps.h|3 
 debian/changelog   |   11 +
 debian/rules   |1 
 debian/tests/control   |8 -
 debian/tests/gnome-desktop-testing |1 
 debian/tests/system-bus|   54 +++
 m4/ax_ac_append_to_file.m4 |   32 
 m4/ax_ac_print_to_file.m4  |   32 
 m4/ax_add_am_macro_static.m4   |   28 +++
 m4/ax_am_macros_static.m4  |   38 +
 m4/ax_code_coverage.m4 |  272 

Bug#929131: gnunet: GNUnet 0.11.4 has been released, the Debian package is outdated. Please package 0.11.4.

[Christian Grothoff]

Source: gnunet
Severity: wishlist

Dear Maintainer,

Just new release, please update to get bugfixes & feature enhancements.

Thanks!

Christian


-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (650, 'testing'), (600, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-4-amd64 (SMP w/32 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#927808: gmsh: FTBFS in buster (/usr/include/occt/Standard_Version.hxx cannot be read)

[Kurt Kremitzki]

Hello Ansgar,

On 5/17/19 4:14 AM, Ansgar wrote:
> On Sun, 2019-05-05 at 18:08 +0100, Rebecca N. Palmer wrote:
>> The fix was probably removing the line
>> -DOCC_INC:STRING="/usr/include/occt" \
>> from debian/rules (commit 3556b0a, but please don't include the 
>> reformatting), but I have not tested this.
> 
> I tried and with this line removed gmsh builds again.  I'll ask the
> release team about t-p-u or reverting in unstable.
> 
> Thanks for looking into the problem.
> 
> Ansgar
> 

Sorry for not addressing this sooner such that you needed to spend time
looking at it.  I was going to go ahead and do a +really upload with
this fix either today or this weekend, so it shouldn't be necessary for
you to spend any more time on it, unless you'd advise a different course
of action. (This is my first Debian release, BTW.)

Bug#928040: lprng: fails to install

[Trek]

Control: tag -1 patch

this patch should fix the issue

ciao!
diff -urN a/debian/lprng.init.in b/debian/lprng.init.in
--- a/debian/lprng.init.in	2012-06-11 09:47:19.0 +0200
+++ b/debian/lprng.init.in	2019-05-17 16:54:10.750983282 +0200
@@ -106,7 +106,8 @@
 	;;
   stop)
 	[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" lpd
-	if start-stop-daemon --stop --oknodo --quiet --pidfile "${PIDFILE}" ; then
+	if start-stop-daemon --stop --oknodo --quiet --pidfile "${PIDFILE}" \
+		--exec $DAEMON --user daemon ; then
 		cleanup
 		[ "$VERBOSE" != no ] && log_end_msg 0
 	else
@@ -129,7 +130,8 @@
   	;;
   restart|force-reload)
 	[ "$VERBOSE" != no ] && log_daemon_msg "Restarting $DESC" lpd
-	start-stop-daemon --stop --quiet --pidfile "${PIDFILE}" 
+	start-stop-daemon --stop --quiet --pidfile "${PIDFILE}" \
+	--exec $DAEMON --user daemon
 	sleep 1
 	initialise
 	start-stop-daemon --start --quiet --pidfile "${PIDFILE}" \

Bug#929129: Xen Hypervisor security update for Intel MDS - XSA 297

[Wiebe Cazemier]

Package: xen-hypervisor-4.8-amd64
Version: 4.8.5+shim4.10.2+xsa282-1+deb9u11

All Xen Hypervisor packages also need patches against the Intel MDS bug,
same as https://www.debian.org/security/2019/dsa-.

http://xenbits.xen.org/xsa/advisory-297.html

Bug#794466: Virtualbox backport for Stretch?

[Thorsten Glaser]

On Fri, 17 May 2019, Harald Dunkel wrote:

> AFAIU #794466 seems to be a political issue. Debian wants to provide

Nah, it’s an Oracle issue. They did the same with MySQL IIRC, which
has nowadays been replaced by MariaDB as this is untenable with the
reliability promises Debian gives.

> and Oracle wants to support just the most recent versions, introducing

That is worded in a way to make the sentence wrong. What they do is
not publish security details, so others cannot even support older
versions *themselves*, which is proactively harmful. AIUI you get a
new release and either take it or not, with no separation of patches.

But this is all irrelevant for backports (setting Reply-To appro‐
priately) as n-backports ship whatever is in (n+1) or, if n+1 is
not yet released, testing, and n-backports-sloppy ship whatever
is in (n+1)-backports, so if anything is “not suitable for a stable
release” it is automatically not suitable for backports, either.

There has been discussion of a “not-backports” thing that could be
the scope for this (codenamed “volatile” although that codename was
not well received), but that is also being discussed elsewhere.

bye,
//mirabilos
-- 
tarent solutions GmbH
Rochusstraße 2-4, D-53123 Bonn • http://www.tarent.de/
Tel: +49 228 54881-393 • Fax: +49 228 54881-235
HRB 5168 (AG Bonn) • USt-ID (VAT): DE122264941
Geschäftsführer: Dr. Stefan Barth, Kai Ebenrett, Boris Esser, Alexander Steeg

**

Mit der tarent Academy bieten wir auch Trainings und Schulungen in den
Bereichen Softwareentwicklung, Agiles Arbeiten und Zukunftstechnologien an.

Besuchen Sie uns auf www.tarent.de/academy. Wir freuen uns auf Ihren Kontakt.

**

Bug#929128: fonts-noto-cjk: not recognized by lualatex until mktexlsr

[Ryutaroh Matsumoto]

Package: fonts-noto-cjk
Version: 1:20181130+repack1-1~exp1
Severity: normal

Dear Maintainer,

Font Noto CJK can be used by lualatex (in texlive-latex-base).
But lualatex does not recognize the Noto fonts until one executes
mktexlsr.

I suggest to execute mktexlsr in the installation of fonts-noto-cjk
if mktexlsr is installed.

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=ja_JP.UTF-8, LC_CTYPE=ja_JP.UTF-8 (charmap=UTF-8), 
LANGUAGE=ja_JP.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

fonts-noto-cjk depends on no packages.

fonts-noto-cjk recommends no packages.

Versions of packages fonts-noto-cjk suggests:
ii  fonts-noto-cjk-extra  1:20181130+repack1-1~exp1

-- no debconf information

Bug#929127: geeqie: build with ffmpegthumbnailer

[Matt Zagrabelny]

Package: geeqie
Version: 1:1.4+git20190121-2
Severity: normal

Thank you for maintaining geeqie. It is very appreciated!

geeqie has the capability to play video files. It also has the capability to
thumbnail video files for preview displaying.

Would you consider adding ffmpegthumbnailer to the build dependencies for
geeqie, please?

Also, perhaps adding ffmpegthumbnailer to the Recommends for the binary
package would be good, too.

Thank you for consideration and supporting free software.

Cordially,

-m



-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (500, 
'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-3-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_WARN, TAINT_FIRMWARE_WORKAROUND
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages geeqie depends on:
ii  geeqie-common1:1.4+git20190121-2
ii  libatk1.0-0  2.30.0-2
ii  libc62.28-8
ii  libcairo21.16.0-4
ii  libexiv2-14  0.25-4
ii  libfontconfig1   2.13.1-2
ii  libfreetype6 2.9.1-3
ii  libgcc1  1:8.3.0-6
ii  libgdk-pixbuf2.0-0   2.38.1+dfsg-1
ii  libglib2.0-0 2.58.3-1
ii  libgtk2.0-0  2.24.32-3
ii  libjpeg62-turbo  1:1.5.2-2+b1
ii  liblcms2-2   2.9-3
ii  liblirc-client0  0.10.1-5.2
ii  liblua5.1-0  5.1.5-8.1+b2
ii  libpango-1.0-0   1.42.4-6
ii  libpangocairo-1.0-0  1.42.4-6
ii  libpangoft2-1.0-01.42.4-6
ii  libstdc++6   8.3.0-6
ii  libtiff5 4.0.10-4
ii  sensible-utils   0.0.12

Versions of packages geeqie recommends:
ii  cups-bsd [lpr]   2.2.10-5
ii  exiftran 2.10-3
ii  exiv20.25-4
ii  imagemagick  8:6.9.10.23+dfsg-2
ii  imagemagick-6.q16 [imagemagick]  8:6.9.10.23+dfsg-2
ii  librsvg2-common  2.44.10-1
ii  ufraw-batch  0.22-4
ii  zenity   3.30.0-2

Versions of packages geeqie suggests:
pn  geeqie-dbg   
ii  gimp 2.10.8-2
ii  libjpeg-turbo-progs [libjpeg-progs]  1:1.5.2-2+b1
pn  ufraw
pn  xpaint   

-- no debconf information

Bug#929125: [Request received]

[Network Operations]

##- Please type your reply above this line -##

Your request (143) has been received and is being reviewed by our support staff.

To add additional comments, reply to this email.


This email is a service from TeraSwitch.









[M7V6OV-ZKD4]

Bug#929126: libical3: New version 3.0.5 available

[Corentin Noël]

Package: libical3
Version: 3.0.1-5
Severity: wishlist

Dear Maintainer,

A new version 3.0.5 is available and is ready to be packaged.

Thank you!

Bug#929125: mirror submission for mirror.pit.teraswitch.com

[TeraSwitch Inc.]

Package: mirrors
Severity: wishlist
User: mirr...@packages.debian.org
Usertags: mirror-submission

Submission-Type: new
Site: mirror.pit.teraswitch.com
Type: leaf
Archive-architecture: ALL amd64 arm64 armel armhf hurd-i386 i386 kfreebsd-amd64 
kfreebsd-i386 mips mips64el mipsel powerpc ppc64el s390x
Archive-http: /debian/
Archive-rsync: debian/
Maintainer: TeraSwitch Inc. 
Country: US United States
Location: Pittsburgh, Pennsylvania
Sponsor: TeraSwitch Inc. https://teraswitch.com




Trace Url: http://mirror.pit.teraswitch.com/debian/project/trace/
Trace Url: 
http://mirror.pit.teraswitch.com/debian/project/trace/ftp-master.debian.org
Trace Url: 
http://mirror.pit.teraswitch.com/debian/project/trace/mirror.pit.teraswitch.com

Bug#925585: Acknowledgement (calendarserver: __init__() takes exactly 4 arguments - related to Bug 923230 - recordWithUID instead of recordWithShortName)

[Dominik]

Dear Rahul,

thank you for the updated version of python-twext. We have not observed 
this error since installing the updated version. So we consider this as 
fixed.


Kind regards

Dominik

Bug#929124: exceptions.AttributeError: 'Server' object has no attribute 'protocol'

[Dominik]

Package: calendarserver
Version: 9.2+dfsg-1
Severity: normal

Dear Maintainer,

we observer multiple errors in the calendarserver with the following stack 
trace. On the client side, we do not observe any unusual behavior.

2019-05-16T11:28:58+0200 [caldav-1]  [txweb2.server#critical] Exception 
rendering request: 
2019-05-16T11:29:33+0200 [caldav-1] Traceback (most recent call last):
2019-05-16T11:29:33+0200 [caldav-1]   File 
"/usr/lib/python2.7/dist-packages/twisted/internet/defer.py", line 654, in 
_runCallbacks
2019-05-16T11:29:33+0200 [caldav-1] current.result = 
callback(current.result, *args, **kw)
2019-05-16T11:29:33+0200 [caldav-1]   File 
"/usr/lib/python2.7/dist-packages/txweb2/server.py", line 704, in 
_cbFinishRender
2019-05-16T11:29:33+0200 [caldav-1] d.callback(response)
2019-05-16T11:29:33+0200 [caldav-1]   File 
"/usr/lib/python2.7/dist-packages/twisted/internet/defer.py", line 460, in 
callback
2019-05-16T11:29:33+0200 [caldav-1] self._startRunCallbacks(result)
2019-05-16T11:29:33+0200 [caldav-1]   File 
"/usr/lib/python2.7/dist-packages/twisted/internet/defer.py", line 568, in 
_startRunCallbacks
2019-05-16T11:29:33+0200 [caldav-1] self._runCallbacks()
2019-05-16T11:29:33+0200 [caldav-1] ---  ---
2019-05-16T11:29:33+0200 [caldav-1]   File 
"/usr/lib/python2.7/dist-packages/twisted/internet/defer.py", line 654, in 
_runCallbacks
2019-05-16T11:29:33+0200 [caldav-1] current.result = 
callback(current.result, *args, **kw)
2019-05-16T11:29:33+0200 [caldav-1]   File 
"/usr/lib/python2.7/dist-packages/txweb2/http.py", line 510, in writeResponse
2019-05-16T11:29:33+0200 [caldav-1] d = 
stream.StreamProducer(response.stream).beginProducing(self.chanRequest)
2019-05-16T11:29:33+0200 [caldav-1]   File 
"/usr/lib/python2.7/dist-packages/txweb2/stream.py", line 776, in beginProducing
2019-05-16T11:29:33+0200 [caldav-1] 
self.consumer.registerProducer(self, True)
2019-05-16T11:29:33+0200 [caldav-1]   File 
"/usr/lib/python2.7/dist-packages/txweb2/channel/http.py", line 693, in 
registerProducer
2019-05-16T11:29:33+0200 [caldav-1] 
self.transport.registerProducer(producer, streaming)
2019-05-16T11:29:33+0200 [caldav-1]   File 
"/usr/lib/python2.7/dist-packages/twisted/internet/_newtls.py", line 231, in 
registerProducer
2019-05-16T11:29:33+0200 [caldav-1] 
self.protocol.registerProducer(producer, streaming)
2019-05-16T11:29:33+0200 [caldav-1] exceptions.AttributeError: 'Server' 
object has no attribute 'protocol'
2019-05-16T11:29:33+0200 [caldav-1] 
2019-05-16T11:29:35+0200 [caldav-1]  [txweb2.server#critical] Exception 
rendering error page
2019-05-16T11:29:35+0200 [caldav-1] Traceback (most recent call last):
2019-05-16T11:29:35+0200 [caldav-1]   File 
"/usr/lib/python2.7/dist-packages/twisted/internet/defer.py", line 654, in 
_runCallbacks
2019-05-16T11:29:35+0200 [caldav-1] current.result = 
callback(current.result, *args, **kw)
2019-05-16T11:29:35+0200 [caldav-1]   File 
"/usr/lib/python2.7/dist-packages/txweb2/server.py", line 704, in 
_cbFinishRender
2019-05-16T11:29:35+0200 [caldav-1] d.callback(response)
2019-05-16T11:29:35+0200 [caldav-1]   File 
"/usr/lib/python2.7/dist-packages/twisted/internet/defer.py", line 460, in 
callback
2019-05-16T11:29:35+0200 [caldav-1] self._startRunCallbacks(result)
2019-05-16T11:29:35+0200 [caldav-1]   File 
"/usr/lib/python2.7/dist-packages/twisted/internet/defer.py", line 568, in 
_startRunCallbacks
2019-05-16T11:29:35+0200 [caldav-1] self._runCallbacks()
2019-05-16T11:29:35+0200 [caldav-1] ---  ---
2019-05-16T11:29:35+0200 [caldav-1]   File 
"/usr/lib/python2.7/dist-packages/twisted/internet/defer.py", line 654, in 
_runCallbacks
2019-05-16T11:29:35+0200 [caldav-1] current.result = 
callback(current.result, *args, **kw)
2019-05-16T11:29:35+0200 [caldav-1]   File 
"/usr/lib/python2.7/dist-packages/txweb2/http.py", line 510, in writeResponse
2019-05-16T11:29:35+0200 [caldav-1] d = 
stream.StreamProducer(response.stream).beginProducing(self.chanRequest)
2019-05-16T11:29:35+0200 [caldav-1]   File 
"/usr/lib/python2.7/dist-packages/txweb2/stream.py", line 776, in beginProducing
2019-05-16T11:29:35+0200 [caldav-1] 
self.consumer.registerProducer(self, True)
2019-05-16T11:29:35+0200 [caldav-1]   File 
"/usr/lib/python2.7/dist-packages/txweb2/channel/http.py", line 686, in 
registerProducer
2019-05-16T11:29:35+0200 [caldav-1] raise ValueError, "registering 
producer %s before previous one (%s) was unregistered" % (producer, 
self.producer)
2019-05-16T11:29:35+0200 [caldav-1] exceptions.ValueError: registering 
producer  before 
previous one () was 
unregistered
2019-05-16T11:29:35+0200 [caldav-1] 
2019-05-16T11:29:35+0200 [caldav-1] 
2019-05-16T11:29:35+0200 [caldav-1]  [txweb2.server#critical] Original exception

Bug#929096: unattended-upgrades: defaults change to upgrade stable suite

[Justin B Rye]

Bálint Réczey wrote:
>> The version of unattended-upgrades in stretch defaulted to not upgrading
>> the stable suite.  It would install only security updates.
>>
>> The version of unattended-upgrades in buster upgrades both the stable
>> suite and security upgrades.  I.e. it will pull in point releases too.
>>[...]
> 
> It is documented in NEWS.Debian in the entry for 0.99 already and I
> agree that it would be nice to include it in the release notes as
> well.

The text there is

# Unattended-upgrades in previous versions defaulted to install
# security updates only on Debian by using the label=Debian-Security
# origin pattern. Now it is changed to allow updates with label=Debian,
# which allows applying stable updates in stable releases and following
# all package updates in testing and unstable.
#
# In stable releases this unlocks installation of security updates
# depending on package versions present only in stable updates.
#
# Note that testing and unstable can often contain packages for which
# installation or upgrade performed by unattended-upgrades fails and
# requires the administrator to fix the system later.
#
# If you would like to prevent unattended-upgrades from performing
# updates please run "sudo dpkg-reconfigure unattended-upgrades".

Here's a suggested short version for the release-notes, which leaves
out technical details and assumes the reader is running stable:

  

Unattended-upgrades for stable point releases

  Previous versions of unattended-upgrades defaulted to installing
  only upgrades that came from the security suite. In buster it now also
  automates upgrading to the latest stable point release. For details, see
  the package's NEWS.Debian file.

  

The attached patch puts this text in whats-new.dbk just after the
section "apt-sandboxing".

Meanwhile. wouldn't it also make sense to update the package description?

# This package can download and install security upgrades automatically
# and unattended, taking care to only install packages from the
# configured APT source, and checking for dpkg prompts about
# configuration file changes.
# .
# This script is the backend for the APT::Periodic::Unattended-Upgrade
# option.

That sentence is already a bit complicated, so I would suggest
breaking it up, maybe like this:

  This package provides a script which can perform automatic unattended 
downloads
  and installations of packages from the security suite. By default it will also
  handle point releases on stable and rolling upgrades on testing/unstable. It
  takes care to only install packages from the configured APT source, and checks
  for dpkg prompts about configuration file changes.
  .
  It is used as the backend for the APT::Periodic::Unattended-Upgrade option.

-- 
JBR with qualifications in linguistics, experience as a Debian
sysadmin, and probably no clue about this particular package
diff --git a/en/whats-new.dbk b/en/whats-new.dbk
index be7517fa..7b9e77cb 100644
--- a/en/whats-new.dbk
+++ b/en/whats-new.dbk
@@ -439,6 +439,18 @@ Among many others, this release also includes the following software updates:
   
 
 
+
+  
+  Unattended-upgrades for stable point releases
+  
+Previous versions of unattended-upgrades defaulted to installing
+only upgrades that came from the security suite. In buster it now also
+automates upgrading to the latest stable point release. For
+details, see the package's NEWS.Debian file.
+  
+
+
 
   
   Substantially improved man pages for German speaking users

Bug#928938: cronic: Add option to report on return status only

[Chuck Houpt]

Thanks for the clarification Dave. I definitely appreciate the problem of tools 
overusing stderr -- I've run into it, and much of my Cronic support email is 
about the problem.

However, I don't thinking adding a global stderr suppression option is a good 
idea. Here's my reasons:

Principle - Suppressing error output will miss important diagnostic messages. 
Not all stderr output is accompanied by an error-code. In particular, warnings 
are stderr output that don't prevent a tool from succeeding. Typical examples 
of warnings are deprecation warnings from interpreters/compilers, or security 
config warnings. Cronic should always assumes that any tool or script may 
succeed, but output warnings at any time.

Social - I fear a global suppression option would quickly become the 
"recommended" usage for Cronic, which would defeat much of its utility. At the 
first sign of trouble, users will search around and find the global suppression 
option, rather then address the specific tool's problem.

Practical - The extraneous stderr output can be suppressed locally in cron 
scripts by redirect the tool's stderr to stdout, or elsewhere. For example:

gitlab-ctl ... 2>&1

Or the one-liner version with eval:

cronic eval 'gitlab-ctl ... 2>&1'

Of course, it is important to realize that one is kludging or bodging the 
problem here, and true warnings or errors may be missed. The only real solution 
is to fix the tool. At least by using the ugly "2>&1", the misbehaving tool is 
clearly marked.

Cheers - Chuck

Bug#929123: ITP: ruby-user-agent-parser -- Simple and comprehensive Ruby gem for parsing user agent strings

[Samyak Jain]

Package: wnpp
Severity: wishlist
Owner: Samyak Jain 

* Package name: ruby-user-agent-parser
  Version : 2.5.1
  Upstream Author : Tim Lucas 
* URL : https://github.com/ua-parser/uap-ruby
* License : Expat
  Programming Lang: Ruby
  Description : Simple and comprehensive Ruby gem for parsing user
agent strings

 This Ruby gem is simple and comprehensive for parsing user agent strings with
 the help of BrowserScope's UA database.
 The ua-parser database is included via git sub-module. To update the database
 the sub-module needs to be updated and the gem is re-released, the gem includes
 a user_agent_parser bin command which will read from standard input, and parse
 each line and prints the results.


It is a dependency for loomio and hence needs to be packaged.

Thanks,
Samyak Jain

Bug#929001: unblock: pacemaker/2.0.1-4

[Niels Thykier]

Ferenc Wágner:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please unblock package pacemaker
> 
> Dear Release Team,
> 
> Three security issues were discovered in Pacemaker, all of which were
> fixed by the GitHub pull request #1749.  The main point of this update
> is fixing these security bug #927714 by including the relevant changes
> of the pull request as quilt patches.
> 
> An additional change is bumping the debhelper compat level from 11 to
> 12 to avoid the effect of #887904, that is, the daemon-not-running on
> reinstall.  Selectively bumping the level for dh_installinit and
> dh_installsystemd didn't seem to gain anything in this case, because I
> had to disable dh_dwz anyway and the remaining changes don't affect this
> package.
> 
> The last user-visible fixup is shipping the /var/log/pacemaker (and
> /var/log/pacemaker/bundles) directories, to enable detailed logging in
> the default configuration (instead of provoking error messages).
> 
> The test change is just a shorter wait for cluster startup.  It isn't
> performance related, a wait is part of the startup sequence, we just
> have to wait a little longer than that.
> 
> Finally, I dropped a quilt patch (against the build system) which lost
> its relevance when the build system was fixed upstream several releases
> ago.
> 
> [...]
> 


Unblocked, thanks.
~Niels

Bug#929122: coinor-ipopt: use parallel version of MUMPS (though only with one process)

[Ansgar Burchardt]

Package: src:coinor-ipopt
Version: 3.11.9-2.1
Severity: normal

I had some problems with IPopt using the sequential version of MUMPS
recently: as MUMPS provides dummy `MPI_*` functions, my program ended
up using some of them or MUMPS used some of the real MPI functions.
As mentioned in IPopt's README this doesn't work well:

+---
| Note: MUMPS uses interally a fake implementation of MPI. If you are
| using Ipopt within an MPIprogram together with MUMPS, the code will not
| run.  You will have to modify the MUMPS sources so that the MPI symbols
| inside the MUMPS code are renamed.
+---[ 
https://projects.coin-or.org/Ipopt/browser/stable/3.12/Ipopt/doc/documentation.pdf?format=raw
 ]

I guess I was a bit lucky that is didn't happen before.

The attached patch builds IPopt against the MPI-parallel version of
MUMPS, but uses only one process (MPI_COMM_SELF).  That has worked
better for me without needing invasive changes to the MUMPS source
code.

Ansgar
diff -Nru coinor-ipopt-3.11.9/debian/control coinor-ipopt-3.11.9/debian/control
--- coinor-ipopt-3.11.9/debian/control  2015-08-30 14:44:13.0 +0200
+++ coinor-ipopt-3.11.9/debian/control  2019-03-15 14:01:05.0 +0100
@@ -3,8 +3,9 @@
 Priority: extra
 Maintainer: Greg Horn 
 Build-Depends: debhelper (>= 5), autotools-dev, gfortran, libblas-dev,
- libmumps-seq-dev (>= 4.9.2.dfsg-4),
- liblapack-dev, doxygen-latex, ghostscript, chrpath, cdbs
+ libmumps-dev (>= 4.9.2.dfsg-4),
+ liblapack-dev, doxygen-latex, ghostscript, chrpath, cdbs,
+ mpi-default-dev, mpi-default-bin
 Build-Conflicts: pkg-config
 Standards-Version: 3.9.5
 Homepage: https://projects.coin-or.org/Ipopt
@@ -34,7 +35,7 @@
 Package: coinor-libipopt-dev
 Section: libdevel
 Architecture: any
-Depends: coinor-libipopt1v5 (= ${binary:Version}), libmumps-seq-dev, 
${shlibs:Depends}, ${misc:Depends}
+Depends: coinor-libipopt1v5 (= ${binary:Version}), libmumps-dev, 
${shlibs:Depends}, ${misc:Depends}
 Description: Interior-Point Optimizer - header files
  Ipopt is an open-source solver for large-scale nonlinear continuous
  optimization. It can be used from modeling environments, such as AMPL,
diff -Nru coinor-ipopt-3.11.9/debian/patches/parallel-mumps.patch 
coinor-ipopt-3.11.9/debian/patches/parallel-mumps.patch
--- coinor-ipopt-3.11.9/debian/patches/parallel-mumps.patch 1970-01-01 
01:00:00.0 +0100
+++ coinor-ipopt-3.11.9/debian/patches/parallel-mumps.patch 2019-03-15 
14:01:05.0 +0100
@@ -0,0 +1,40 @@
+--- 
coinor-ipopt-3.11.9.orig/Ipopt/src/Algorithm/LinearSolvers/IpMumpsSolverInterface.cpp
 
coinor-ipopt-3.11.9/Ipopt/src/Algorithm/LinearSolvers/IpMumpsSolverInterface.cpp
+@@ -12,7 +12,7 @@
+ 
+ // The following line is a fix for otherwise twice-defined global variable
+ // (This would have to be taken out for a parallel MUMPS version!)
+-#define MPI_COMM_WORLD IPOPT_MPI_COMM_WORLD
++//#define MPI_COMM_WORLD IPOPT_MPI_COMM_WORLD
+ // The first header to include is the one for MPI.  
+ #include "mpi.h"
+ 
+@@ -46,8 +46,6 @@ namespace Ipopt
+   static const Index dbg_verbosity = 0;
+ #endif
+ 
+-#define USE_COMM_WORLD -987654
+-
+   int MumpsSolverInterface::instancecount_mpi = 0;
+ 
+   MumpsSolverInterface::MumpsSolverInterface()
+@@ -71,8 +69,9 @@ namespace Ipopt
+ else if( instancecount_mpi > 0 )
+++instancecount_mpi;
+ #endif
++MPI_Comm comm = MPI_COMM_SELF;
+ int myid;
+-MPI_Comm_rank(MPI_COMM_WORLD, );
++MPI_Comm_rank(comm, );
+ #endif
+ mumps_->n = 0;
+ mumps_->nz = 0;
+@@ -82,7 +81,7 @@ namespace Ipopt
+ mumps_->job = -1;//initialize mumps
+ mumps_->par = 1;//working host for sequential version
+ mumps_->sym = 2;//general symetric matrix
+-mumps_->comm_fortran = USE_COMM_WORLD;
++mumps_->comm_fortran = MPI_Comm_c2f(comm);
+ dmumps_c(mumps_);
+ mumps_->icntl[1] = 0;
+ mumps_->icntl[2] = 0;//QUIETLY!
diff -Nru coinor-ipopt-3.11.9/debian/patches/series 
coinor-ipopt-3.11.9/debian/patches/series
--- coinor-ipopt-3.11.9/debian/patches/series   2014-10-01 14:42:17.0 
+0200
+++ coinor-ipopt-3.11.9/debian/patches/series   2019-03-15 14:01:05.0 
+0100
@@ -2,3 +2,4 @@
 add_missing_cstddef.patch
 doxygen.patch
 
+parallel-mumps.patch
diff -Nru coinor-ipopt-3.11.9/debian/rules coinor-ipopt-3.11.9/debian/rules
--- coinor-ipopt-3.11.9/debian/rules2015-08-30 14:47:04.0 +0200
+++ coinor-ipopt-3.11.9/debian/rules2019-03-15 14:01:05.0 +0100
@@ -3,11 +3,15 @@
 include /usr/share/cdbs/1/rules/debhelper.mk
 include /usr/share/cdbs/1/class/autotools.mk
 
-CPPFLAGS += -I/usr/include/mumps_seq -DHAVE_CSTDDEF
-LDFLAGS += -llapack -lblas -ldmumps_seq -ldl
+export OMPI_MCA_plm_rsh_agent=/bin/false
+export OMPI_MCA_rmaps_base_oversubscribe=1
+
+CPPFLAGS += -DHAVE_CSTDDEF
+LDFLAGS += -llapack -lblas -ldmumps -ldl
 DEB_CONFIGURE_EXTRA_FLAGS += --enable-static \
 
--with-mumps-incdir=/usr/include \
-

Bug#929121: ssl-cert: Please produce separate key/pem files for the 'non-snakeoil' case

[Stephan Suerken]

Package: ssl-cert
Version: 1.0.39
Severity: normal

Dear Maintainer,

using the script to create a custom self-signed cert, for example like so

# make-ssl-cert /usr/share/ssl-cert/ssleay.cnf cert.pem

produces only one file, cert.pem, containing both the public and the
private key (script uses same file arg for --out and --keyout).

This is, at least, not useful out-of-the box. I would expect the
script to produce private and public key in separate files (like for
the snakeoil case).

The attached patch is a suggestion, assuming the script argument as
stem and creating separate .pem/.key files (ideally however, both
filenames can be given as argument).

Hth!

S
-- System Information:
Debian Release: 10.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-0.bpo.4-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages ssl-cert depends on:
ii  adduser3.118
ii  debconf [debconf-2.0]  1.5.72
ii  openssl1.1.1b-2

ssl-cert recommends no packages.

Versions of packages ssl-cert suggests:
pn  openssl-blacklist  

-- debconf information excluded
commit edb701ff5440a09dc90f07038965f3c154fd8358
Author: Stephan Sürken 
Date:   Fri May 17 14:02:03 2019 +0200

make-ssl-cert[.8]: Make script work for the non-snakeoil case.

diff --git a/make-ssl-cert b/make-ssl-cert
index 152e9f9..45bcac7 100755
--- a/make-ssl-cert
+++ b/make-ssl-cert
@@ -104,16 +104,17 @@ umask 077
 
 if [ "$1" != "generate-default-snakeoil" ]; then
 if ! openssl req -config $TMPFILE -new -x509 -days 3650 -nodes -sha256 \
-   -out $output -keyout $output > $TMPOUT 2>&1
+   -out ${output}.pem -keyout ${output}.key > $TMPOUT 2>&1
 then
echo Could not create certificate. Openssl output was: >&2
cat $TMPOUT >&2
exit 1
 fi
-chmod 600 $output
+chmod 600 $output.key
+chmod 644 $output.pem
 # hash symlink
-cd $(dirname $output)
-ln -sf $(basename $output) $(openssl x509 -hash -noout -in $(basename 
$output))
+cd $(dirname $output.pem)
+ln -sf $(basename $output.pem) $(openssl x509 -hash -noout -in $(basename 
$output.pem))
 else
 if ! openssl req -config $TMPFILE -new -x509 -days 3650 -nodes -sha256 \
-out /etc/ssl/certs/ssl-cert-snakeoil.pem \
diff --git a/make-ssl-cert.8 b/make-ssl-cert.8
index 7916b25..a384a7e 100644
--- a/make-ssl-cert.8
+++ b/make-ssl-cert.8
@@ -3,7 +3,7 @@
 make-ssl-cert - Debconf wrapper for openssl
 .SH SYNOPSIS
 .B make-ssl-cert
-\fItemplate\fR \fIoutput-certificate\fR [\fB\-\-force\-overwrite\fR]
+\fItemplate\fR \fIoutput-certificate-base\fR [\fB\-\-force\-overwrite\fR]
 .br
 .B make-ssl-cert generate-default-snakeoil
 [\fB\-\-force\-overwrite\fR]
@@ -11,9 +11,9 @@ make-ssl-cert - Debconf wrapper for openssl
 .SH "DESCRIPTION"
 make-ssl-cert is a simple debconf to openssl wrapper to create self-signed
 certificates.
-It requires a source template (Ex: /usr/share/ssl-cert/ssleay.cnf)
-and it will place the new generated certificate in the specified
-output file.
+It requires a source template (Ex: /usr/share/ssl-cert/ssleay.cnf) and
+it will place the new generated certificate in resp. file appendixed .pem
+(public cert) and .key (private key) from the given base name.
 .br
 Invoked with "generate-default-snakeoil", it will generate
 /etc/ssl/certs/ssl-cert-snakeoil.pem and 
/etc/ssl/private/ssl-cert-snakeoil.key.

Bug#929120: unblock: python-amqp/2.4.0-2

[Thomas Goirand]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Dear release team,
Please unblock package python-amqp,

Indeed, my last upload contains the backport of a very important
upstream patch. Without it, OpenStack user may experience:

MessagingTimeout: Timed out waiting for a reply to message ID 
ae039d1695984addbfaaef032ce4fda3

if using RabbitMQ over TLS. I've experienced this myself, this
isn't fun at all.

The patch is rather minimalistic (ie: just 2 lines of code, if
you don't include the fix of the test suite).

Debdiff attached,
Cheers,

Thomas Goirand (zigo)

unblock python-amqp/2.4.0-2
diff -Nru python-amqp-2.4.0/debian/changelog python-amqp-2.4.0/debian/changelog
--- python-amqp-2.4.0/debian/changelog  2019-01-22 15:29:00.0 +0100
+++ python-amqp-2.4.0/debian/changelog  2019-05-17 14:26:02.0 +0200
@@ -1,3 +1,11 @@
+python-amqp (2.4.0-2) unstable; urgency=medium
+
+  * Add Always_treat_SSLError_timeouts_as_socket_timeouts.patch, which fixes
+MessagingTimeout: Timed out waiting for a reply to message ID  in
+OpenStack (and other users).
+
+ -- Thomas Goirand   Fri, 17 May 2019 14:26:02 +0200
+
 python-amqp (2.4.0-1) unstable; urgency=medium
 
   [ Ondřej Nový ]
diff -Nru 
python-amqp-2.4.0/debian/patches/Always_treat_SSLError_timeouts_as_socket_timeouts.patch
 
python-amqp-2.4.0/debian/patches/Always_treat_SSLError_timeouts_as_socket_timeouts.patch
--- 
python-amqp-2.4.0/debian/patches/Always_treat_SSLError_timeouts_as_socket_timeouts.patch
1970-01-01 01:00:00.0 +0100
+++ 
python-amqp-2.4.0/debian/patches/Always_treat_SSLError_timeouts_as_socket_timeouts.patch
2019-05-17 14:26:02.0 +0200
@@ -0,0 +1,63 @@
+Description: Always treat SSLError timeouts as socket timeouts (#247)
+ Without specifically handling this case, the socket.timeout()
+ was not raised sometimes causing the connection to lock up.
+ .
+ In the case we hit the errno was None, so the previous if
+ condition did not apply.
+Author: Dirk Mueller 
+Date: Thu, 31 Jan 2019 15:07:26 +0100
+Co-Authored-By: aojeagarcia 
+Origin: upstream, 
https://github.com/celery/py-amqp/commit/bf122a05a21a8cc5bca314b0979f32c8026fc66e.patch
+Last-Update: 2019-05-17
+
+Index: python-amqp/amqp/transport.py
+===
+--- python-amqp.orig/amqp/transport.py
 python-amqp/amqp/transport.py
+@@ -374,6 +374,10 @@ class SSLTransport(_AbstractTransport):
+ try:
+ s = recv(n - len(rbuf))  # see note above
+ except socket.error as exc:
++# ssl.sock.read may cause a SSLerror without errno
++# http://bugs.python.org/issue10272
++if isinstance(exc, SSLError) and 'timed out' in str(exc):
++raise socket.timeout()
+ # ssl.sock.read may cause ENOENT if the
+ # operation couldn't be performed (Issue celery#1414).
+ if exc.errno in _errnos:
+Index: python-amqp/t/unit/test_transport.py
+===
+--- python-amqp.orig/t/unit/test_transport.py
 python-amqp/t/unit/test_transport.py
+@@ -4,7 +4,7 @@ import errno
+ import socket
+ 
+ import pytest
+-from case import ANY, Mock, call, patch
++from case import ANY, Mock, MagicMock, call, patch
+ 
+ from amqp import transport
+ from amqp.exceptions import UnexpectedFrame
+@@ -600,6 +600,22 @@ class test_SSLTransport:
+match=r'.*Server unexpectedly closed 
connection.*'):
+ self.t._read(64)
+ 
++def test_read_timeout(self):
++self.t.sock = Mock(name='SSLSocket')
++self.t._quick_recv = Mock(name='recv', return_value='4')
++self.t._quick_recv.side_effect = socket.timeout()
++self.t._read_buffer = MagicMock(return_value='AA')
++with pytest.raises(socket.timeout):
++self.t._read(64)
++
++def test_read_SSLError(self):
++self.t.sock = Mock(name='SSLSocket')
++self.t._quick_recv = Mock(name='recv', return_value='4')
++self.t._quick_recv.side_effect = transport.SSLError('timed out')
++self.t._read_buffer = MagicMock(return_value='AA')
++with pytest.raises(socket.timeout):
++self.t._read(64)
++
+ 
+ class test_TCPTransport:
+ 
diff -Nru python-amqp-2.4.0/debian/patches/series 
python-amqp-2.4.0/debian/patches/series
--- python-amqp-2.4.0/debian/patches/series 2019-01-22 15:29:00.0 
+0100
+++ python-amqp-2.4.0/debian/patches/series 2019-05-17 14:26:02.0 
+0200
@@ -1,3 +1,4 @@
 0001-Remove-PayPal-image-URLs.patch
 0002-Disable-intersphinx-mapping-for-now.patch
 0010-remove-broken-test.patch
+Always_treat_SSLError_timeouts_as_socket_timeouts.patch

Bug#929119: unblock: python-oslo.messaging/8.1.3-1

[Thomas Goirand]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Dear release team, please unblock package python-oslo.messaging

I've packaged the last upstream point release (ie: bugfix for what
is already in Buster). The only really impacting commit is:

d75eba02 Retry to declare a queue after internal error

which can bee seen separately here:
https://opendev.org/openstack/oslo.messaging/commit/d75eba02c74d309cd769a8257d2d20f735c60ad1

The other commits in this point release are:
7c00cc2c OpenDev Migration Patch
70c56a47 Replace openstack.org git:// URLs with https://
82f9d306 Mark telemetry tests nv and remove from gate
693cd964 Add release note for amqp library TLS/SSL error

none of which are code change, so they are safe to include
(and I prefer to include them because it's easier to manage
for me).

Note that the previous behavior of not retrying to re-declare
a queue in the RabbitMQ message bus is very much impacting, and
I had to suffer it's impact myself. The result is that the admin
has to restart the full of the rabbitmq cluster, which isn't fun
at all when you have lots of compute nodes in the cluster. So,
very much, I'd like this to reach Buster, and so would any OpenStack
on Debian user.

Debdiff attached. Cheers,

Thomas Goirand (zigo)

unblock python-oslo.messaging/8.1.3-1
diff -Nru python-oslo.messaging-8.1.2/debian/changelog 
python-oslo.messaging-8.1.3/debian/changelog
--- python-oslo.messaging-8.1.2/debian/changelog2019-01-16 
23:01:57.0 +0100
+++ python-oslo.messaging-8.1.3/debian/changelog2019-05-17 
14:33:29.0 +0200
@@ -1,3 +1,11 @@
+python-oslo.messaging (8.1.3-1) unstable; urgency=medium
+
+  * New upstream point release, which includes this fix:
+- Retry to declare a queue after internal error.
+everything else in this upstream release is cosmetic Git management.
+
+ -- Thomas Goirand   Fri, 17 May 2019 14:33:29 +0200
+
 python-oslo.messaging (8.1.2-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru python-oslo.messaging-8.1.2/.gitreview 
python-oslo.messaging-8.1.3/.gitreview
--- python-oslo.messaging-8.1.2/.gitreview  2018-08-22 21:53:09.0 
+0200
+++ python-oslo.messaging-8.1.3/.gitreview  2019-04-23 09:50:41.0 
+0200
@@ -1,5 +1,5 @@
 [gerrit]
-host=review.openstack.org
+host=review.opendev.org
 port=29418
 project=openstack/oslo.messaging.git
 defaultbranch=stable/rocky
diff -Nru python-oslo.messaging-8.1.2/oslo_messaging/_drivers/impl_rabbit.py 
python-oslo.messaging-8.1.3/oslo_messaging/_drivers/impl_rabbit.py
--- python-oslo.messaging-8.1.2/oslo_messaging/_drivers/impl_rabbit.py  
2018-08-22 21:53:09.0 +0200
+++ python-oslo.messaging-8.1.3/oslo_messaging/_drivers/impl_rabbit.py  
2019-04-23 09:50:41.0 +0200
@@ -270,7 +270,6 @@
 self.nowait = nowait
 self.queue_arguments = _get_queue_arguments(rabbit_ha_queues,
 rabbit_queue_ttl)
-
 self.queue = None
 self._declared_on = None
 self.exchange = kombu.entity.Exchange(
@@ -305,6 +304,28 @@
 self.queue.declare()
 else:
 raise
+except kombu.exceptions.ConnectionError as exc:
+# NOTE(gsantomaggio): This exception happens when the
+# connection is established,but it fails to create the queue.
+# Add some delay to avoid too many requests to the server.
+# See: https://bugs.launchpad.net/oslo.messaging/+bug/1822778
+# for details.
+if exc.code == 541:
+interval = 2
+info = {'sleep_time': interval,
+'queue': self.queue_name,
+'err_str': exc
+}
+LOG.error(_LE('Internal amqp error (541) '
+  'during queue declare,'
+  'retrying in %(sleep_time)s seconds. '
+  'Queue: [%(queue)s], '
+  'error message: [%(err_str)s]'), info)
+time.sleep(interval)
+self.queue.declare()
+else:
+raise
+
 self._declared_on = conn.channel
 
 def consume(self, conn, tag):
diff -Nru 
python-oslo.messaging-8.1.2/playbooks/oslo.messaging-src-grenade-dsvm/run.yaml 
python-oslo.messaging-8.1.3/playbooks/oslo.messaging-src-grenade-dsvm/run.yaml
--- 
python-oslo.messaging-8.1.2/playbooks/oslo.messaging-src-grenade-dsvm/run.yaml  
2018-08-22 21:53:09.0 +0200
+++ 
python-oslo.messaging-8.1.3/playbooks/oslo.messaging-src-grenade-dsvm/run.yaml  
2019-04-23 09:50:41.0 +0200
@@ -13,12 +13,12 @@
   set -x
   cat > clonemap.yaml << EOF
   clonemap:
-- name: openstack-infra/devstack-gate
+- name: openstack/devstack-gate
   dest: devstack-gate
   

Bug#929118: ITP: r-cran-webgestaltr -- multiple flavours of gene set enrichment analyses

[Steffen Moeller]

Package: wnpp
Severity: wishlist
Owner: Steffen Moeller 

* Package name: r-cran-webgestaltr
* URL : https://cran.r-project.org/package=WebGestaltR
* License : GPL
  Programming Lang: R
  Description : multiple flavours of gene set enrichment analyses

To be team-maintained on https://salsa.debian.org/r-pkg-team/r-cran-webgestaltr

Bug#929100: decompressing archive member: lzma error: compressed data is corrupt

[積丹尼 Dan Jacobson]

Get: 1 http://opensource.nchc.org.tw/debian experimental/main amd64 cpp-8 amd64 
8.3.0-13 [8,909 kB]
Get: 2 http://opensource.nchc.org.tw/debian experimental/main amd64 gcc-8-base 
amd64 8.3.0-13 [191 kB]
Get: 3 http://opensource.nchc.org.tw/debian experimental/main amd64 rclone 
amd64 1.47.0+ex1-5 [6,431 kB]
Fetched 15.5 MB in 1min 13s (211 kB/s)
E: Invalid archive member header 9Ls...
E: Prior errors apply to /var/cache/apt/archives/gcc-9-base_9.1.0-2_amd64.deb
E: Prior errors apply to /var/cache/apt/archives/libgcc1_1%3a9.1.0-2_amd64.deb
E: Prior errors apply to /var/cache/apt/archives/libstdc++6_9.1.0-2_amd64.deb
E: Prior errors apply to /var/cache/apt/archives/dbus-x11_1.13.10-1_amd64.deb

Bug#929100: decompressing archive member: lzma error: compressed data is corrupt

[積丹尼 Dan Jacobson]

Preparing to unpack .../gcc-9-base_9.1.0-2_amd64.deb ...
Unpacking libobjc4:amd64 (9-20190428-1) over (8.3.0-7) ...
dpkg-deb (subprocess): decompressing archive member: lzma error: compressed 
data is corrupt
dpkg-deb: error:  subprocess returned error exit status 2
dpkg: error processing archive 
/var/cache/apt/archives/gcc-9-base_9.1.0-2_amd64.deb (--unpack):
 cannot copy extracted data for './usr/lib/x86_64-linux-gnu/libobjc.so.4.0.0' 
to '/usr/lib/x86_64-linux-gnu/libobjc.so.4.0.0.dpkg-new': unexpected end of 
file or stream
Errors were encountered while processing:
 /var/cache/apt/archives/gcc-9-base_9.1.0-2_amd64.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)

Bug#929100: decompressing archive member: lzma error: compressed data is corrupt

[積丹尼 Dan Jacobson]

I can't make sense of the error messages either.

Bug#929117: ITP: r-cran-ggrepel -- auto-position non-overlapping text labels in plots

[Steffen Moeller]

Package: wnpp
Severity: wishlist
Owner: Steffen Moeller 

* Package name: r-cran-ggrepel
* URL : https://github.com/deeptools/pyBigWig
* License : GPL
  Programming Lang: R
  Description : auto-position non-overlapping text labels in plots

To be team-maintained on https://salsa.debian.org/r-pkg-team/r-cran-ggrepel

Bug#929116: systemd: CVE-2018-20839

[Salvatore Bonaccorso]

Source: systemd
Version: 241-3
Severity: important
Tags: security upstream
Forwarded: https://github.com/systemd/systemd/pull/12378

Hi,

The following vulnerability was published for systemd.

CVE-2018-20839[0]:
| systemd 242 changes the VT1 mode upon a logout, which allows attackers
| to read cleartext passwords in certain circumstances, such as watching
| a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because
| the KDGKBMODE (aka current keyboard mode) check is mishandled.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2018-20839
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20839
[1] https://github.com/systemd/systemd/pull/12378
[2] 
https://github.com/systemd/systemd/commit/9725f1a10f80f5e0ae7d9b60547458622aeb322f
[3] https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1803993

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#929100: decompressing archive member: lzma error: compressed data is corrupt

[Matthias Klose]

Control: severity -1 minor

sorry, I can't take bug reports with such exaggerations as serious.  Even more
if your issue looks like a local problem.

On 17.05.19 08:26, 積丹尼 Dan Jacobson wrote:
> Package: gcc-9-base
> Version: 9.1.0-2
> Severity: critical
> 
> E: Invalid archive member header...
> E: Prior errors apply to /var/cache/apt/archives/gcc-9-base_9.1.0-2_amd64.deb
> E: Prior errors apply to /var/cache/apt/archives/cpp-9_9.1.0-2_amd64.deb
> E: Prior errors apply to 
> /var/cache/apt/archives/cpp_4%3a9-20181127-1_amd64.deb
> debconf: apt-extracttemplates failed: No such file or directory
> (Reading database ... 150269 files and directories currently installed.)
> Preparing to unpack .../gcc-9-base_9.1.0-2_amd64.deb ...
> Unpacking libobjc4:amd64 (9-20190428-1) over (8.3.0-7) ...
> dpkg-deb (subprocess): decompressing archive member: lzma error: compressed 
> data is corrupt
> dpkg-deb: error:  subprocess returned error exit status 2
> dpkg: error processing archive 
> /var/cache/apt/archives/gcc-9-base_9.1.0-2_amd64.deb (--unpack):
>  cannot copy extracted data for './usr/lib/x86_64-linux-gnu/libobjc.so.4.0.0' 
> to '/usr/lib/x86_64-linux-gnu/libobjc.so.4.0.0.dpkg-new': unexpected end of 
> file or stream
> Selecting previously unselected package cpp-9.
> Preparing to unpack .../cpp-9_9.1.0-2_amd64.deb ...
> Unpacking cpp-9 (9.1.0-2) ...
> Preparing to unpack .../cpp_4%3a9-20181127-1_amd64.deb ...
> Unpacking cpp (4:9-20181127-1) over (4:8.3.0-1) ...
> Errors were encountered while processing:
>  /var/cache/apt/archives/gcc-9-base_9.1.0-2_amd64.deb
> E: Sub-process /usr/bin/dpkg returned an error code (1)
> dpkg: dependency problems prevent configuration of cpp-9:
>  cpp-9 depends on gcc-9-base (= 9.1.0-2); however:
>   Package gcc-9-base is not installed.
> 

Bug#929115: http://dl.google.com/ NO_PUBKEY 6494C6D6997C215E

[newsgrep .]

Package: chromium
Version: 73.0.3683.75-1
Severity: normal
Tags: patch

I can't update chromeium any more.
When i do a sudo aptitude update.
I get the error that the key of:

http://dl.google.com/linux/chrome/deb/dists/stable/Release.gpg
could not be verified.
NO_PUBKEY 6494C6D6997C215E

So I cant update to a new version.
Version 73.0.3683.75-1 is installed.



-- System Information:
Debian Release: buster/sid
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-4-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages chromium depends on:
ii  chromium-common  73.0.3683.75-1
ii  libasound2   1.1.8-1
ii  libatk-bridge2.0-0   2.30.0-5
ii  libatk1.0-0  2.30.0-2
ii  libatomic1   8.3.0-6
ii  libatspi2.0-02.30.0-7
ii  libavcodec58 7:4.1.1-1
ii  libavformat587:4.1.1-1
ii  libavutil56  7:4.1.1-1
ii  libc62.28-10
ii  libcairo-gobject21.16.0-4
ii  libcairo21.16.0-4
ii  libcups2 2.2.10-6
ii  libdbus-1-3  1.12.12-1
ii  libdrm2  2.4.97-1
ii  libevent-2.1-6   2.1.8-stable-4
ii  libexpat12.2.6-1
ii  libflac8 1.3.2-3
ii  libfontconfig1   2.13.1-2
ii  libfreetype6 2.9.1-3
ii  libgcc1  1:8.3.0-6
ii  libgdk-pixbuf2.0-0   2.38.1+dfsg-1
ii  libglib2.0-0 2.58.3-1
ii  libgtk-3-0   3.24.5-1
ii  libharfbuzz0b2.3.1-1
ii  libicu63 63.1-6
ii  libjpeg62-turbo  1:1.5.2-2+b1
ii  libjsoncpp1  1.7.4-3
ii  liblcms2-2   2.9-3
ii  libminizip1  1.1-8+b1
ii  libnspr4 2:4.20-1
ii  libnss3  2:3.42.1-1
ii  libopenjp2-7 2.3.0-2
ii  libopus0 1.3-1
ii  libpango-1.0-0   1.42.4-6
ii  libpangocairo-1.0-0  1.42.4-6
ii  libpci3  1:3.5.2-1
ii  libpng16-16  1.6.36-5
ii  libpulse012.2-4
ii  libre2-5 20190101+dfsg-2
ii  libsnappy1v5 1.1.7-1
ii  libstdc++6   8.3.0-6
ii  libva2   2.4.0-1
ii  libvpx5  1.7.0-3
ii  libwebp6 0.6.1-2
ii  libwebpdemux20.6.1-2
ii  libwebpmux3  0.6.1-2
ii  libx11-6 2:1.6.7-1
ii  libx11-xcb1  2:1.6.7-1
ii  libxcb1  1.13.1-2
ii  libxcomposite1   1:0.4.4-2
ii  libxcursor1  1:1.1.15-2
ii  libxdamage1  1:1.1.4-3+b3
ii  libxext6 2:1.3.3-1+b2
ii  libxfixes3   1:5.0.3-1
ii  libxi6   2:1.7.9-1
ii  libxml2  2.9.4+dfsg1-7+b3
ii  libxrandr2   2:1.5.1-1
ii  libxrender1  1:0.9.10-1
ii  libxslt1.1   1.1.32-2
ii  libxss1  1:1.2.3-1
ii  libxtst6 2:1.2.3-1
ii  zlib1g   1:1.2.11.dfsg-1

Versions of packages chromium recommends:
ii  chromium-sandbox  73.0.3683.75-1

Versions of packages chromium suggests:
ii  chromium-driver  73.0.3683.75-1
pn  chromium-l10n
pn  chromium-shell   

Versions of packages chromium-common depends on:
ii  x11-utils  7.7+4
ii  xdg-utils  1.1.3-1

Versions of packages chromium-common recommends:
ii  chromium-sandbox 73.0.3683.75-1
ii  dunst [notification-daemon]  1.3.2-1
ii  fonts-liberation 1:1.07.4-9
ii  libgl1-mesa-dri  18.3.4-2
ii  libu2f-udev  1.1.9-1
ii  notification-daemon  3.20.0-4
ii  upower   0.99.10-1

Versions of packages chromium-driver depends on:
ii  libatomic1   8.3.0-6
ii  libc62.28-10
ii  libdbus-1-3  1.12.12-1
ii  libdrm2  2.4.97-1
ii  libevent-2.1-6   2.1.8-stable-4
ii  libexpat12.2.6-1
ii  libfontconfig1   2.13.1-2
ii  libfreetype6 2.9.1-3
ii  libgcc1  1:8.3.0-6
ii  libglib2.0-0 2.58.3-1
ii  libharfbuzz0b2.3.1-1
ii  libicu63 63.1-6
ii  libjpeg62-turbo  1:1.5.2-2+b1
ii  libminizip1  1.1-8+b1
ii  libnspr4 2:4.20-1
ii  libnss3  2:3.42.1-1
ii  libpng16-16  1.6.36-5
ii  libre2-5 20190101+dfsg-2
ii  libstdc++6   8.3.0-6
ii  libwebp6 0.6.1-2
ii  libwebpdemux20.6.1-2
ii  libwebpmux3  0.6.1-2
ii  libx11-6 2:1.6.7-1
ii  libx11-xcb1  2:1.6.7-1
ii  libxcb1  1.13.1-2
ii  libxcomposite1   1:0.4.4-2
ii  libxcursor1  1:1.1.15-2
ii  libxdamage1  1:1.1.4-3+b3
ii  libxext6 2:1.3.3-1+b2
ii  libxfixes3   1:5.0.3-1
ii  libxi6   2:1.7.9-1
ii  libxrandr2   2:1.5.1-1
ii  libxrender1  1:0.9.10-1
ii  libxss1  1:1.2.3-1
ii  libxtst6 2:1.2.3-1
ii  zlib1g   1:1.2.11.dfsg-1

Versions of packages chromium-sandbox depends on:
ii  libatomic1  8.3.0-6
ii  libc6   2.28-10
ii  libgcc1 

Bug#929112: [Pkg-rust-maintainers] Bug#929112: libstd-rust-1.32: Packaging a more recent rust version

[Sylvestre Ledru]

We are waiting for 1.33 in NEW to be accepted

Thanks

S


Le 17/05/2019 à 13:37, Antoine Amarilli a écrit :

Package: libstd-rust-1.32
Version: 1.32.0+dfsg1-3
Severity: wishlist

Dear Maintainer,

Version 1.34.2 of Rust is now available from upstream
, would it be possible to package it?

Thanks!

-- System Information:
Debian Release: buster/sid
   APT prefers testing
   APT policy: (650, 'testing'), (600, 'unstable'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-2-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE=en_US:en 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libstd-rust-1.32 depends on:
ii  libc62.28-10
ii  libgcc1  1:8.3.0-6

libstd-rust-1.32 recommends no packages.

libstd-rust-1.32 suggests no packages.

-- debconf-show failed

___
Pkg-rust-maintainers mailing list
pkg-rust-maintain...@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-rust-maintainers

Bug#929114: gimp crashed while editing

[newsgrep .]

Package: gimp
Version: 2.10.8-2
Severity: normal
Tags: patch

```
GNU Image Manipulation Program version 2.10.8
git-describe: GIMP_2_10_6-294-ga967e8d2c2
C compiler:
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/8/lto-wrapper
OFFLOAD_TARGET_NAMES=nvptx-none
OFFLOAD_TARGET_DEFAULT=1
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Debian
8.2.0-13' --with-bugurl=file:///usr/share/doc/gcc-8/README.Bugs --enable-
languages=c,ada,c++,go,brig,d,fortran,objc,obj-c++ --prefix=/usr --with-gcc-
major-version-only --program-suffix=-8 --program-prefix=x86_64-linux-gnu-
--enable-shared --enable-linker-build-id --libexecdir=/usr/lib --without-
included-gettext --enable-threads=posix --libdir=/usr/lib --enable-nls
--enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes
--with-default-libstdcxx-abi=new --enable-gnu-unique-object --disable-vtable-
verify --enable-libmpx --enable-plugin --enable-default-pie --with-system-zlib
--with-target-system-zlib --enable-objc-gc=auto --enable-multiarch --disable-
werror --with-arch-32=i686 --with-abi=m64 --with-multilib-list=m32,m64,mx32
--enable-multilib --with-tune=generic --enable-offload-targets=nvptx-none
--without-cuda-driver --enable-checking=release --build=x86_64-linux-gnu
--host=x86_64-linux-gnu --target=x86_64-linux-gnu
Thread model: posix
gcc version 8.2.0 (Debian 8.2.0-13)

using GEGL version 0.4.12 (compiled against version 0.4.12)
using GLib version 2.58.3 (compiled against version 2.58.1)
using GdkPixbuf version 2.38.1 (compiled against version 2.38.0)
using GTK+ version 2.24.32 (compiled against version 2.24.32)
using Pango version 1.42.3 (compiled against version 1.42.3)
using Fontconfig version 2.13.1 (compiled against version 2.13.1)
using Cairo version 1.16.0 (compiled against version 1.16.0)

```
> fatal error: Gleitkomma-Ausnahme ## flowting point exception

Stack trace:
```

# Stack traces obtained from PID 3464 - Thread 3464 #

[New LWP 3482]
[New LWP 3483]
[New LWP 3485]
[New LWP 3486]
[New LWP 3487]
[New LWP 3488]
[New LWP 4101]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
__libc_read (nbytes=256, buf=0x7ffe67e0a850, fd=14) at
../sysdeps/unix/sysv/linux/read.c:26
  Id   Target Id  Frame
* 1Thread 0x7f81021b1e00 (LWP 3464) "gimp"__libc_read (nbytes=256,
buf=0x7ffe67e0a850, fd=14) at ../sysdeps/unix/sysv/linux/read.c:26
  2Thread 0x7f81008c6700 (LWP 3482) "gmain"   0x7f8104038819 in
__GI___poll (fds=0x56302d20c2b0, nfds=2, timeout=-1) at
../sysdeps/unix/sysv/linux/poll.c:29
  3Thread 0x7f80ffd28700 (LWP 3483) "gdbus"   0x7f8104038819 in
__GI___poll (fds=0x56302d2250f0, nfds=2, timeout=-1) at
../sysdeps/unix/sysv/linux/poll.c:29
  4Thread 0x7f80ebfff700 (LWP 3485) "async"   syscall () at
../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
  5Thread 0x7f80eb7fe700 (LWP 3486) "worker"  syscall () at
../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
  6Thread 0x7f80eaffd700 (LWP 3487) "worker"  syscall () at
../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
  7Thread 0x7f80ea7fc700 (LWP 3488) "worker"  syscall () at
../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
  8Thread 0x7f80e887b700 (LWP 4101) "swap writer" syscall () at
../sysdeps/unix/sysv/linux/x86_64/syscall.S:38

Thread 8 (Thread 0x7f80e887b700 (LWP 4101)):
#0  0x7f810403df59 in syscall () at
../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
#1  0x7f810434df9f in g_cond_wait () at /usr/lib/x86_64-linux-
gnu/libglib-2.0.so.0
#2  0x7f81049e70cd in  () at /usr/lib/x86_64-linux-gnu/libgegl-0.4.so.0
#3  0x7f810432c425 in  () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#4  0x7f8104114fa3 in start_thread (arg=) at
pthread_create.c:486
ret = 
pd = 
now = 
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140191633749760,
-1532379384212747273, 140730641187102, 140730641187103, 140191633749760,
94764963875600, 1565621128051690487, 1565543149731580919}, mask_was_saved =
0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0,
canceltype = 0}}}
not_first_call = 
#5  0x7f81040434cf in clone () at
../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 7 (Thread 0x7f80ea7fc700 (LWP 3488)):
#0  0x7f810403df59 in syscall () at
../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
#1  0x7f810434df9f in g_cond_wait () at /usr/lib/x86_64-linux-
gnu/libglib-2.0.so.0
#2  0x56302b01c423 in  ()
#3  0x7f810432c425 in  () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#4  0x7f8104114fa3 in start_thread (arg=) at
pthread_create.c:486
ret = 
pd = 
now = 
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140191666784000,
-1532379384212747273, 140730641198798, 140730641198799, 140191666784000,

Bug#929113: gimp crashed while editing

[newsgrep .]

Package: gimp
Version: 2.10.8-2
Severity: normal

```
GNU Image Manipulation Program version 2.10.8
git-describe: GIMP_2_10_6-294-ga967e8d2c2
C compiler:
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/8/lto-wrapper
OFFLOAD_TARGET_NAMES=nvptx-none
OFFLOAD_TARGET_DEFAULT=1
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Debian
8.2.0-13' --with-bugurl=file:///usr/share/doc/gcc-8/README.Bugs --enable-
languages=c,ada,c++,go,brig,d,fortran,objc,obj-c++ --prefix=/usr --with-gcc-
major-version-only --program-suffix=-8 --program-prefix=x86_64-linux-gnu-
--enable-shared --enable-linker-build-id --libexecdir=/usr/lib --without-
included-gettext --enable-threads=posix --libdir=/usr/lib --enable-nls
--enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes
--with-default-libstdcxx-abi=new --enable-gnu-unique-object --disable-vtable-
verify --enable-libmpx --enable-plugin --enable-default-pie --with-system-zlib
--with-target-system-zlib --enable-objc-gc=auto --enable-multiarch --disable-
werror --with-arch-32=i686 --with-abi=m64 --with-multilib-list=m32,m64,mx32
--enable-multilib --with-tune=generic --enable-offload-targets=nvptx-none
--without-cuda-driver --enable-checking=release --build=x86_64-linux-gnu
--host=x86_64-linux-gnu --target=x86_64-linux-gnu
Thread model: posix
gcc version 8.2.0 (Debian 8.2.0-13)

using GEGL version 0.4.12 (compiled against version 0.4.12)
using GLib version 2.58.3 (compiled against version 2.58.1)
using GdkPixbuf version 2.38.1 (compiled against version 2.38.0)
using GTK+ version 2.24.32 (compiled against version 2.24.32)
using Pango version 1.42.3 (compiled against version 1.42.3)
using Fontconfig version 2.13.1 (compiled against version 2.13.1)
using Cairo version 1.16.0 (compiled against version 1.16.0)

```
> fatal error: Gleitkomma-Ausnahme

Stack trace:
```

# Stack traces obtained from PID 3464 - Thread 3464 #

[New LWP 3482]
[New LWP 3483]
[New LWP 3485]
[New LWP 3486]
[New LWP 3487]
[New LWP 3488]
[New LWP 4101]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
__libc_read (nbytes=256, buf=0x7ffe67e0a850, fd=14) at
../sysdeps/unix/sysv/linux/read.c:26
  Id   Target Id  Frame
* 1Thread 0x7f81021b1e00 (LWP 3464) "gimp"__libc_read (nbytes=256,
buf=0x7ffe67e0a850, fd=14) at ../sysdeps/unix/sysv/linux/read.c:26
  2Thread 0x7f81008c6700 (LWP 3482) "gmain"   0x7f8104038819 in
__GI___poll (fds=0x56302d20c2b0, nfds=2, timeout=-1) at
../sysdeps/unix/sysv/linux/poll.c:29
  3Thread 0x7f80ffd28700 (LWP 3483) "gdbus"   0x7f8104038819 in
__GI___poll (fds=0x56302d2250f0, nfds=2, timeout=-1) at
../sysdeps/unix/sysv/linux/poll.c:29
  4Thread 0x7f80ebfff700 (LWP 3485) "async"   syscall () at
../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
  5Thread 0x7f80eb7fe700 (LWP 3486) "worker"  syscall () at
../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
  6Thread 0x7f80eaffd700 (LWP 3487) "worker"  syscall () at
../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
  7Thread 0x7f80ea7fc700 (LWP 3488) "worker"  syscall () at
../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
  8Thread 0x7f80e887b700 (LWP 4101) "swap writer" syscall () at
../sysdeps/unix/sysv/linux/x86_64/syscall.S:38

Thread 8 (Thread 0x7f80e887b700 (LWP 4101)):
#0  0x7f810403df59 in syscall () at
../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
#1  0x7f810434df9f in g_cond_wait () at /usr/lib/x86_64-linux-
gnu/libglib-2.0.so.0
#2  0x7f81049e70cd in  () at /usr/lib/x86_64-linux-gnu/libgegl-0.4.so.0
#3  0x7f810432c425 in  () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#4  0x7f8104114fa3 in start_thread (arg=) at
pthread_create.c:486
ret = 
pd = 
now = 
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140191633749760,
-1532379384212747273, 140730641187102, 140730641187103, 140191633749760,
94764963875600, 1565621128051690487, 1565543149731580919}, mask_was_saved =
0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0,
canceltype = 0}}}
not_first_call = 
#5  0x7f81040434cf in clone () at
../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 7 (Thread 0x7f80ea7fc700 (LWP 3488)):
#0  0x7f810403df59 in syscall () at
../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
#1  0x7f810434df9f in g_cond_wait () at /usr/lib/x86_64-linux-
gnu/libglib-2.0.so.0
#2  0x56302b01c423 in  ()
#3  0x7f810432c425 in  () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#4  0x7f8104114fa3 in start_thread (arg=) at
pthread_create.c:486
ret = 
pd = 
now = 
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140191666784000,
-1532379384212747273, 140730641198798, 140730641198799, 140191666784000,
94764883786800, 1565618722333133815, 

Bug#929010: [Pkg-utopia-maintainers] Bug#929010: Bug#929010: avahi-daemon: /etc/network/if-post-down.d/avahi-daemon is slow on eth0

[Vincent Lefevre]

On 2019-05-16 18:36:09 +0200, Michael Biebl wrote:
> Am 16.05.19 um 18:17 schrieb Vincent Lefevre:
> > On 2019-05-16 17:52:03 +0200, Michael Biebl wrote:
> >> I would suggest the following: If there is a local nameserver but no
> >> network connectivity, query the local nameserver only.
> > 
> > OK, I can do that. Indeed, the default behavior of "host" is to try
> > every server in /etc/resolv.conf until it succeeds. I suppose that
> > the solution would be to use this option:
> > 
> >   -s
> >   Do not send the query to the next nameserver if any server responds
> >   with a SERVFAIL response, which is the reverse of normal stub
> >   resolver behavior.
> 
> If the remote server would be ordered first in resolv.conf, I assume
> this would still block? I assume you are making the assumption here that
> the local server will always be listed first? Is that a safe assumption?

I'm not sure why anyone would not put the local nameserver first.
Anyway, an alternative solution is to provide the server to the
host command. Thus dns_reachable() would start with

dns_reachable() {
  # If there are no nameserver entries in resolv.conf there is no dns reachable
  grep -q "^[[:space:]]*nameserver" /etc/resolv.conf || return 1

  LOCALNS=$(sed -n 
's/^[[:space:]]*nameserver[[:space:]]\+\(127\..*\|::1\)[[:space:]]*$/\1/p' 
/etc/resolv.conf | head -n 1)

  # If there is no local nameserver and no we have no global ip addresses
  # then we can't reach any nameservers
  if [ -z "$LOCALNS" ]; then

Note: the first line currently is

  $(grep -q nameserver /etc/resolv.conf) || return 1;

First, $(...) is not necessary. And this command does not check
whether "nameserver" is in a comment (which can occur in practice).
I've fixed it above.

But... I think that the assumption that "there is no dns reachable" is
wrong. The resolv.conf(5) man page says: "If no nameserver entries are
present, the default is to use the name server on the local machine."
Thus I would assume that there *is* a reachable dns in this case.

The resolv.conf(5) man page also says: "If this file does not exist,
only the name server on the local machine will be queried".

In short, shouldn't this line be the following?

  grep -q "^[[:space:]]*nameserver" /etc/resolv.conf 2> /dev/null || return 0

With the above changes, the OUT line would change from

  OUT=`LC_ALL=C host -t soa local. 2>&1`

to

  OUT=`LC_ALL=C host -t soa local. $LOCALNS 2>&1`

But this has the effect to output some more lines about the server
if $LOCALNS is set. Thus

if echo "$OUT" | egrep -vq 'has no|not found'; then
  return 0
fi

should also change to

echo "$OUT" | egrep -q 'has no|not found' || return 0

> > I have another question: in
> > 
> >   if ! $(egrep -q "nameserver 127.0.0.1|::1" /etc/resolv.conf); then 
> > 
> > why testing 127.0.0.1 only, and not all local nameservers?
> > For instance, 127.0.1.1 is used by NetworkManager:
> > 
> > https://askubuntu.com/questions/627899/nameserver-127-0-1-1-in-resolv-conf-wont-go-away
> > 
> > Also, the regexp should be something like "^ *nameserver +(127.0.0.1|::1)"
> > or "^ *nameserver +(127\.|::1)", i.e.
> >   * one should make sure that it is a nameserver line (in particular,
> > not a comment);
> >   * several space characters should match;
> >   * one should make sure that ::1 is preceded by "nameserver"
> > (the parentheses are missing).
> 
> Good question. I don't know why the script only checks for 127.0.0.1 and
> not 127.0.1.1
> 
> Sjoerd, looking through the history of the package, it seems you are
> most likely to be able to answer that.

Above I've used "127\..*" in the regexp.

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Bug#929112: libstd-rust-1.32: Packaging a more recent rust version

[Antoine Amarilli]

Package: libstd-rust-1.32
Version: 1.32.0+dfsg1-3
Severity: wishlist

Dear Maintainer,

Version 1.34.2 of Rust is now available from upstream
, would it be possible to package it?

Thanks!

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (650, 'testing'), (600, 'unstable'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-2-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE=en_US:en 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libstd-rust-1.32 depends on:
ii  libc62.28-10
ii  libgcc1  1:8.3.0-6

libstd-rust-1.32 recommends no packages.

libstd-rust-1.32 suggests no packages.

-- debconf-show failed

Bug#929111: ms2uvfits missing in casacore-tools

[Gijs Molenaar]

Package: casacore
Version: 3.0.0

The ms2uvfits program of casascore is actually quite useful, but for some
reason, the Debian package includes a patch to not install it since it is
mistakenly assumed it is an example binary:

https://salsa.debian.org/debian-astro-team/casacore/blob/master/debian/patches/0001-Do-not-install-test-and-demonstration-executables.patch

Probably best to modify this patch to just let ms2uvfits be installed.

This issue has been reported first here:

https://github.com/kernsuite/packaging/issues/199

greetings,

 - gijs

Bug#929110: unblock: spectre-meltdown-checker/0.41-1

[Sylvestre Ledru]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package spectre-meltdown-checker

This is a leaf package and version 0.41 is checking for the new 
security issues: Fallout, RIDL and ZombieLoad
If any issue, it should not regress anything but this package.

I am not attaching the debdiff because it isn't relevant.
(it is a new upstream version)

unblock spectre-meltdown-checker/0.41-1

Thanks
Sylvestre


-- System Information:
Debian Release: 10.0
  APT prefers unstable
  APT policy: (600, 'unstable'), (500, 'buildd-unstable'), (500, 'stable'), 
(300, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-4-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_WARN
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), 
LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#928029: planner: segfaulted; now segfaults on every start-up

[Jonathan Dowland]

On Fri, May 17, 2019 at 11:33:41AM +0100, Jonathan Dowland wrote:

Some additional context:  was running in a GNOME/Wayland
session. I'm going to try GNOME/Xorg now.


Actually i mave have already been in GNOME/Xorg rather than Wayland,
unfortunately I cannot be sure now. The following happened on my next attempt
to use planner, definitely in an Xorg session this time. I did not set the
--g-* argument. SEGV happened when editing a text field "Name" in the "edit 
task"
dialog.

(gdb) run
Starting program: /usr/bin/planner 
[Thread debugging using libthread_db enabled]

Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Gtk-Message: 11:34:31.593: Failed to load module "canberra-gtk-module"
[New Thread 0x72281700 (LWP 29894)]
[New Thread 0x71a80700 (LWP 29895)]
[New Thread 0x7120c700 (LWP 29898)]

Thread 1 "planner" received signal SIGSEGV, Segmentation fault.
g_type_check_instance_is_fundamentally_a (type_instance=type_instance@entry=0x7fffe8094080, 
   fundamental_type=fundamental_type@entry=0x50 [GObject]) at ../../../gobject/gtype.c:4026

4026../../../gobject/gtype.c: No such file or directory.
(gdb) bt
#0  0x7745c51f in g_type_check_instance_is_fundamentally_a
   (type_instance=type_instance@entry=0x7fffe8094080, 
fundamental_type=fundamental_type@entry=0x50 [GObject])
   at ../../../gobject/gtype.c:4026
#1  0x7743ca1e in g_object_ref (_object=0x7fffe8094080) at 
../../../gobject/gobject.c:3212
#2  0x774429b5 in g_weak_ref_get (weak_ref=) at 
../../../gobject/gobject.c:4387
#3  0x775a71d2 in g_settings_backend_invoke_closure 
(user_data=0x7fffe80a9800)
   at ../../../gio/gsettingsbackend.c:263
#4  0x77355dd8 in g_main_dispatch (context=0x55642c00) at 
../../../glib/gmain.c:3182
#5  0x77355dd8 in g_main_context_dispatch 
(context=context@entry=0x55642c00) at ../../../glib/gmain.c:3847
#6  0x773561c8 in g_main_context_iterate
   (context=0x55642c00, block=block@entry=1, dispatch=dispatch@entry=1, 
self=)
   at ../../../glib/gmain.c:3920
#7  0x773564c2 in g_main_loop_run (loop=0x55a898d0) at 
../../../glib/gmain.c:4116
#8  0x779ef8e7 in gtk_main () at 
/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0
#9  0x55570bae in main ()

Bug#928029: planner: segfaulted; now segfaults on every start-up

[Jonathan Dowland]

On Sat, Apr 27, 2019 at 09:07:03AM +0300, Yavor Doganov wrote:

Control: tags -1 + unreproducible moreinfo

Jonathan Dowland wrote:

Package: planner
Version: 0.14.6-7
Severity: important

planner segfaulted me shortly after starting it for the first time
(upon inserting a new task); now, it segfaults upon each attempt to
start it.


Thanks for the report; unfortunately I cannot reproduce it.  And
that's an abort, not segfault.  Could you please run the planner
executable in gdb with --g-fatal-warnings?


Sorry for mixing the two up. Here's a trace with --g-fatal-warnings.
ON this occasion the crash happened when I attempted to resize the
window.  Some additional context:  was running in a GNOME/Wayland
session. I'm going to try GNOME/Xorg now.

Trace:

(gdb) set args --g-fatal-warnings
(gdb) run
Starting program: /usr/bin/planner --g-fatal-warnings
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Gtk-Message: 11:16:05.042: Failed to load module "canberra-gtk-module"
[New Thread 0x72281700 (LWP 24278)]
[New Thread 0x71a80700 (LWP 24279)]
[New Thread 0x7120c700 (LWP 24280)]
[New Thread 0x7fffe3a76700 (LWP 24284)]
[New Thread 0x7fffe3275700 (LWP 24285)]
[New Thread 0x7fffe250c700 (LWP 24286)]
[New Thread 0x7fffe1d0b700 (LWP 24287)]
[Thread 0x7fffe250c700 (LWP 24286) exited]
[Thread 0x7fffe3275700 (LWP 24285) exited]
[Thread 0x7fffe1d0b700 (LWP 24287) exited]
[New Thread 0x7fffe1d0b700 (LWP 24288)]
[New Thread 0x7fffe250c700 (LWP 24289)]
[Thread 0x7fffe1d0b700 (LWP 24288) exited]
[Thread 0x7fffe250c700 (LWP 24289) exited]
[Thread 0x7fffe3a76700 (LWP 24284) exited]

(planner:24274): GLib-GObject-CRITICAL **: 11:30:58.399: g_object_ref: 
assertion 'G_IS_OBJECT (object)' failed

Thread 4 "dconf worker" received signal SIGTRAP, Trace/breakpoint trap.
[Switching to Thread 0x7120c700 (LWP 24280)]
0x7735bca5 in _g_log_abort (breakpoint=1) at 
../../../glib/gmessages.c:554
554 ../../../glib/gmessages.c: No such file or directory.
(gdb) bt
#0  0x7735bca5 in _g_log_abort (breakpoint=1) at 
../../../glib/gmessages.c:554
#1  0x7735cfad in g_logv
   (log_domain=0x77464078 "GLib-GObject", log_level=G_LOG_LEVEL_CRITICAL, 
format=, args=args@entry=0x7120b840) at ../../../glib/gmessages.c:1371
#2  0x7735d17f in g_log
   (log_domain=log_domain@entry=0x77464078 "GLib-GObject", 
log_level=log_level@entry=G_LOG_LEVEL_CRITICAL, format=format@entry=0x773ab6bc "%s: 
assertion '%s' failed") at ../../../glib/gmessages.c:1413
#3  0x7735d9a9 in g_return_if_fail_warning
   (log_domain=log_domain@entry=0x77464078 "GLib-GObject", 
pretty_function=pretty_function@entry=0x774675f8 <__FUNCTION__.14906> "g_object_ref", 
expression=expression@entry=0x774663bf "G_IS_OBJECT (object)")
   at ../../../glib/gmessages.c:2762
#4  0x7743ca3c in g_object_ref (_object=0x55d00f00) at 
../../../gobject/gobject.c:3212
#5  0x774429b5 in g_weak_ref_get (weak_ref=) at 
../../../gobject/gobject.c:4387
#6  0x775a71d2 in g_settings_backend_invoke_closure 
(user_data=0x55c9f740)
   at ../../../gio/gsettingsbackend.c:263
#7  0x775a7370 in g_settings_backend_dispatch_signal
   (backend=0x556a9610 [DConfSettingsBackend], function_offset=8, name=0x55c20f10 
"/org/gnome/planner/views/task-view/assigned-to/", origin_tag=0x0, names=0x0) 
at ../../../gio/gsettingsbackend.c:334
#8  0x7275df09 in dconf_engine_watch_established
   (reply=, error=, handle=0x55abea40, 
engine=0x556f3950)
   at ../engine/dconf-engine.c:963
#9  0x7275df09 in dconf_engine_watch_established
   (engine=0x556f3950, handle=0x55abea40, reply=, 
error=)
   at ../engine/dconf-engine.c:938
#10 0x72760bec in dconf_gdbus_method_call_done
   (source=, result=, 
user_data=user_data@entry=0x55abea40)
   at ../gdbus/dconf-gdbus-thread.c:254
#11 0x7756a719 in g_task_return_now (task=0x7fffe80651e0 [GTask]) at 
../../../gio/gtask.c:1148
#12 0x7756b196 in g_task_return (task=0x7fffe80651e0 [GTask], 
type=)
   at ../../../gio/gtask.c:1206
#13 0x775c0b1a in g_dbus_connection_call_done
--Type  for more, q to quit, c to continue without paging--
   (source=, result=0x7fffe804b840, 
user_data=user_data@entry=0x7fffe80651e0)
   at ../../../gio/gdbusconnection.c:5715
#14 0x7756a719 in g_task_return_now (task=0x7fffe804b840 [GTask]) at 
../../../gio/gtask.c:1148
#15 0x7756a759 in complete_in_idle_cb (task=0x7fffe804b840) at 
../../../gio/gtask.c:1162
#16 0x77355dd8 in g_main_dispatch (context=0x55717a00) at 
../../../glib/gmain.c:3182
#17 0x77355dd8 in g_main_context_dispatch 
(context=context@entry=0x55717a00) at ../../../glib/gmain.c:3847
#18 0x773561c8 in g_main_context_iterate
   (context=context@entry=0x55717a00, block=block@entry=1, 
dispatch=dispatch@entry=1, self=)
   at 

Bug#898960: Fixed in Pango 1.43.0

[gisl]

Please update to 1.43.0, since the bug is fixed there.

https://gitlab.gnome.org/GNOME/pango/commit/
26f1135f374f3ad5eb963dcdf016542fbbda361b

Thanks!

Bug#929109: nut-server: fails to start at boot, with snmp-driver, dns resolver dependency seems missing in nut-driver.service

[h3ndr1k]

Package: nut-server
Version: 2.7.4-5
Severity: normal

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
   * What was the outcome of this action?
   * What outcome did you expect instead?

nut-driver.service fails to start at boot, because no resolver is
available.
Restarting nut-driver works and establishes a connection.

There is no local resolver. dig shows that its contacting the dns server
on our network. We are using resolveconf.

nut-driver probably only misses a dependency for a resolver, but I have
no idea how to do that.

journalctl -u nut-driver.service:
May 17 11:20:01 prox1 systemd[1]: Starting Network UPS Tools - power
device driver controller...
May 17 11:20:28 prox1 upsdrvctl[2389]: [ups] nut_snmp_init: snmp_open:
Unknown host (redacted.usv.stunet.tu-freiberg.de) (Resource temporarily
unavailable)
May 17 11:20:28 prox1 upsdrvctl[2389]: Unable to establish communication
May 17 11:20:28 prox1 upsdrvctl[2389]: Network UPS Tools - Generic SNMP
UPS driver 0.97 (2.7.4)
May 17 11:20:28 prox1 upsdrvctl[2389]: Driver failed to start (exit
status=1)
May 17 11:20:28 prox1 upsdrvctl[2389]: Network UPS Tools - UPS driver
controller 2.7.4
May 17 11:20:28 prox1 systemd[1]: nut-driver.service: Control process
exited, code=exited status=1
May 17 11:20:28 prox1 systemd[1]: Failed to start Network UPS Tools -
power device driver controller.
May 17 11:20:28 prox1 systemd[1]: nut-driver.service: Unit entered
failed state.
May 17 11:20:28 prox1 systemd[1]: nut-driver.service: Failed with result
'exit-code'.

*** End of the template - remove these template lines ***


-- System Information:
Debian Release: 9.9
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.15.18-14-pve (SMP w/32 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages nut-server depends on:
ii  adduser  3.115
ii  init-system-helpers  1.48
ii  libc62.24-11+deb9u4
ii  libnspr4 2:4.12-6
ii  libnss3  2:3.26.2-1.1+deb9u1
ii  libupsclient42.7.4-5
ii  libusb-0.1-4 2:0.1.12-30
ii  libwrap0 7.6.q-26
ii  lsb-base 9.20161125
ii  nut-client   2.7.4-5
ii  udev 232-25+deb9u11

nut-server recommends no packages.

Versions of packages nut-server suggests:
pn  nut-cgi   
pn  nut-ipmi  
ii  nut-snmp  2.7.4-5
pn  nut-xml   

-- Configuration Files:
/etc/nut/ups.conf changed:
[ups]
driver = snmp-ups
port = redacted.usv.stunet.tu-freiberg.de
community = redacted

/etc/nut/upsd.users changed:
[upsmon]
password = redacted
upsmon slave


-- no debconf information

Bug#927063: closed by saul...@legtux.org (libreoffice-writer: Writer aborts with 'unexpected error' when opening one particular docx file)

[Rene Engelhard]

Hi,

I am sorry for Stephanes premature bug closings.

On Mon, May 13, 2019 at 05:08:32PM +0200, Oliver Sander wrote:
> > This kind of bug is not specific to Debian. I recommend you register on the 
> > bugtracker of LO and follow it.
> 
> This is indeed what I did before filing the Debian report.  In particular,
> my Debian report says:
> 
> > I filed an upstream bug: 
> > https://bugs.documentfoundation.org/show_bug.cgi?id=124607
> > but upstream cannot reproduce it.  So could this be a packaging bug...

and I am not convinced it is. We don't patch that place, and if a build
with sane build options (or a different compiler, ..) exhibits this bug
it is STILL a upstream bug. That upstreams ia fast at blaming thers is
now, but..

(We also split the package differently, but I don't believe this can be
the case here.)

That upstreams test on obsolete distros with old libraries is also not
very helpful.

> And later in that bugreport I note that I get the bug with the Debian package 
> of LO
> but not with the same LO version downloaded directly from the Document 
> Foundation site.
> 
> So I am not convinced yet that this is not a Debian issue.

See above, I am not conviced it's a Debian issue and not a upstream
issue.

Regards,

Rene

Bug#927808: gmsh: FTBFS in buster (/usr/include/occt/Standard_Version.hxx cannot be read)

[Ansgar]

On Sun, 2019-05-05 at 18:08 +0100, Rebecca N. Palmer wrote:
> The fix was probably removing the line
> -DOCC_INC:STRING="/usr/include/occt" \
> from debian/rules (commit 3556b0a, but please don't include the 
> reformatting), but I have not tested this.

I tried and with this line removed gmsh builds again.  I'll ask the
release team about t-p-u or reverting in unstable.

Thanks for looking into the problem.

Ansgar

Bug#929108: unblock / tpu approval: gmsh/4.1.3+ds1-2

[Ansgar Burchardt]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

gmsh has an old path to OpenCASCADE include files (#927808); this is
easy to fix (see attached diff).

Rebuilding the package also changes a dependency on amd64 (libgmsh4.1
depends on `libhdf5-openmpi-103 (>= 1.8.13)` instead of `libhdf5-103`
after the rebuild); however this matches the dependency on i386.

However gmsh was updated to a new upstream release in unstable on
2019-03-02 with a small fix on 2019-03-04; this missed the freeze date
slightly.

Do you prefer an upload via t-p-u or should I prepare a gmsh
4.1.5+really4.1.3+ds1-1 upload for unstable?

Ansgar
diff -Nru gmsh-4.1.3+ds1/debian/changelog gmsh-4.1.3+ds1/debian/changelog
--- gmsh-4.1.3+ds1/debian/changelog 2019-01-27 12:22:01.0 +0100
+++ gmsh-4.1.3+ds1/debian/changelog 2019-05-17 10:41:56.0 +0200
@@ -1,3 +1,10 @@
+gmsh (4.1.3+ds1-2) buster; urgency=medium
+
+  * Team upload.
+  * debian/rules: Do not pass `-DOCC_INC=...` to cmake (Closes: #927808)
+
+ -- Ansgar Burchardt   Fri, 17 May 2019 10:41:56 +0200
+
 gmsh (4.1.3+ds1-1) unstable; urgency=medium
 
   * [dbbbe82] New upstream version 4.1.3+ds1
diff -Nru gmsh-4.1.3+ds1/debian/rules gmsh-4.1.3+ds1/debian/rules
--- gmsh-4.1.3+ds1/debian/rules 2019-01-27 12:22:01.0 +0100
+++ gmsh-4.1.3+ds1/debian/rules 2019-05-17 10:39:57.0 +0200
@@ -32,7 +32,6 @@
 -DENABLE_ONELAB:BOOL=ON \
 -DCMAKE_SKIP_RPATH:BOOL=ON \
 -DCMAKE_INCLUDE_PATH:STRING="/usr/include/mpi" \
--DOCC_INC:STRING="/usr/include/occt" \
 -DOCC_LIB:STRING="/usr/lib/${DEB_HOST_MULTIARCH}"  
│
 
 

Bug#928741: Acknowledgement ([pre-a] unblock: julia/1.0.4+dfsg-1)

[Mo Zhou]

I've just uploaded 1.0.4+dfsg-1 to unstable.
The debdiff is the same to the changes proposed previously.

Plus, julia-doc (arch=all) needs a maintainer-upload rebuild
against new unicode-data since binNMU doesn't deal with
arch=all packages. And this is the maintainer upload.

julia-lts.diff.zst
Description: Binary data

Bug#926915: RFS: fossology/3.5.0-1 [ITP] -- OSS license compliance tool

[Mishra, Gaurav]

Hello Paul,

> -Original Message-
> From: Paul Wise  
> Sent: 17 May 2019 08:30
> To: Mishra, Gaurav (IOT DS AA DTS CNP CT) ; 
> 926...@bugs.debian.org
> Cc: Adam Borowski 
> Subject: Re: Bug#926915: RFS: fossology/3.5.0-1 [ITP] -- OSS license 
> compliance tool
>
> On Thu, Apr 25, 2019 at 5:18 PM Gaurav Mishra wrote:
>
> > I have updated the dependencies and made them specific to Debian Stretch.
>
> New and reintroduced packages enter Debian through unstable, so your initial 
> package should be built and tested on unstable. Once it reaches testing after 
> the buster freeze and release is done, then it can be added to the buster and 
> stretch backports.
>
> https://backports.debian.org/Contribute/

Sorry, I missed the point. I have updated the control file to match the package 
versions for Debian unstable and regenerated the source package (tested on 
debian:unstable docker image as I cannot find any CD to create a VM).

The same has been pushed to https://mentors.debian.net/package/fossology

> PS: in case you haven't read it yet, the extra procedures for reintroducing 
> packages are here:
>
> https://www.debian.org/doc/manuals/developers-reference/ch05.html#reintroducing-pkgs

As far as I know, I have followed all the steps mentioned in the guides. If I 
missed anything, please correct me.

> --
> bye,
> pabs
>
> https://wiki.debian.org/PaulWise

With best regards,
Gaurav Mishra

Bug#929107: Newly filed bugs don't show up on the packages' index page

[積丹尼 Dan Jacobson]

Package: bugs.debian.org


Freshly filed
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929106 doesn't show up on
https://bugs.debian.org/cgi-bin/pkgreport.cgi?package=chromium despite
the latter saying
"Debian bug tracking system administrator . Last 
modified: Fri May 17 08:40:33 2019; Machine Name: buxtehude"
at the bottom (with NO TIMEZOME, but still moments ago.)

Maybe it will show up soon, but this is still a bug!

Bug#880121: popularity-contest: popcon-upload should be made to POST over https

[duck]

Quack,

This rational does not stand anymore as now this URL replies with:
< HTTP/1.1 302 Found
< Location: https://popcon.debian.org/cgi-bin/popcon.cgi

I don't know for how long this has been the case but as nobody seemed to 
have noticed I guess switching to HTTPS would be fine.


\_o<

--
Marc Dequènes

Bug#929096: unattended-upgrades: defaults change to upgrade stable suite

[Bálint Réczey]

Control: notfound -1 unattended-upgrades/1.11

Hi Sean,

Sean Whitton  ezt írta (időpont: 2019. máj.
17., P, 2:06):
>
> Package: unattended-upgrades, release-notes
> Version: 1.11
>
> Hello,
>
> The version of unattended-upgrades in stretch defaulted to not upgrading
> the stable suite.  It would install only security updates.
>
> The version of unattended-upgrades in buster upgrades both the stable
> suite and security upgrades.  I.e. it will pull in point releases too.
>
> There are probably good reasons for this defaults change, but I think it
> needs to be documented, either in NEWS.Debian for unattended-upgrades,
> and/or (since the package is very widely installed) in the buster
> release notes.

It is documented in NEWS.Debian in the entry for 0.99 already and I
agree that it would be nice to include it in the release notes as
well.

Cheers,
Balint

Bug#929106: ERROR: printer_manager_dialog_linux.cc(82)] Failed to open printer manager dialog

[積丹尼 Dan Jacobson]

Package: chromium
Version: 74.0.3729.108-1

https://bugs.chromium.org/p/chromium/issues/detail?id=962983#c2
ERROR:printer_manager_dialog_linux.cc(82)] Failed to open printer manager dialog
Seen only on Debian, not upstream.

Bug#929105: java-common: update-java-alternatives should not propagate return code of update-alternatives

[Christopher Huhn]

Package: java-common
Version: 0.71
Severity: normal

update-java-alternatives --set ... propagates the exit code of its last call to 
update-alternatives as its own exit code.

In my test case that is:
> root# update-alternatives --quiet --set serialver 
> /usr/lib/jvm/java-11-openjdk-amd64/bin/serialver; echo $?
> update-alternatives: error: no alternatives for serialver
> 2

AFAICT this is normal behaviour for update-java-alternatives and therefore it 
should exit with 0.

Suggested fix: add a colon at the end of do_set.

Kind regards

Christopher


-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.16.0-2-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=C.UTF-8 (charmap=locale: Cannot set 
LC_MESSAGES to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
UTF-8), LANGUAGE=en_US.UTF-8 (charmap=locale: Cannot set LC_MESSAGES to default 
locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

java-common depends on no packages.

java-common recommends no packages.

Versions of packages java-common suggests:
ii  default-jre  2:1.11-71

Bug#928809: lintian: suggest adding gitlab-ci file

[Chris Lamb]

tags 928809 + moreinfo
thanks

Mattia Rizzolo wrote:

> it wouldn't even make sense since they lack a testsuite

Wwat would you say this only triggered if the package had a testsuite
or autopkgtests?

> I don't think test-building the whole package every commit is useful

Can you elaborate why? I find this a somewhat curious statement
in 2019.

(This kind of conversation always makes me wonder if we need another
level of "extra pendatic" that people need to opt into... *g*)


Best wishes,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org  chris-lamb.co.uk
   `-

Bug#929104: Allow hold and forbid-version on NON-INSTALLED packages too

[積丹尼 Dan Jacobson]

Package: aptitude
Version: 0.8.11-7
Severity: wishlist

If a package is installed, one can forbid-version, and / or hold it.

But if a package is not installed yet, one cannot!

One cannot say "I want to hold package X's status as 'purge'" to prevent
future accidental installation.

"Version ABC of package XYZ will wreck my system, and even though it is
XYZ is not installed now, full-upgrade proposes to install it. I'm scared."

"No I don't want to research what is trying to pull it in. I just want
to *blacklist it now*!"

"And maybe multiple things are trying to pull it in. I don't want to
have to chase them all down."

One could say, "Just use apt-mark."

But as we see in #929103 that is not a permanent solution.

If you think about it, there is no reason forbid-version shouldn't be
allowed to work on packages that aren't installed yet.

Same with hold.

Sure you might say it is wasteful to keep forbid-version records for
packages that are not installed.

Well at least those packages are still in the Packages lists.

Bug#927726: wlroots: Please upload new upstream version

[Guido Günther]

Hi,
On Thu, May 16, 2019 at 01:54:50PM -, iskre...@mail.bg wrote:
> 
> 
> 
> Hello again, 
> Please point me to te documentation on how a package goes 
> from: "Debian NEW and BYHAND Packages" (
> https://ftp-master.debian.org/new.html ) 
> to: the experimental repository. (
> https://packages.debian.org/experimental/ )
> What is blocking it ? 
> What is the meaning of the "black" vs "red" font color ?

See "accpepting and rejecting new packages" here:
https://wiki.debian.org/Teams/FTPMaster
 -- Guido

Bug#927726: wlroots: Please upload new upstream version

[Guido Günther]

Version: wlroots/0.6.0-1

Hi,
On Mon, Apr 22, 2019 at 01:28:49AM +, Linda Lapinlampi wrote:
> Source: wlroots
> Severity: wishlist
> 
> Dear Maintainer,
> 
> 0.4 and 0.5.0 have been have been packaged a month ago at VCS (salsa),
> but never uploaded to Debian's distribution. Could you upload wlroots
> 0.5.0 to experimental distribution, please?

0.6.0 got accepted by the ftp-masters.
 -- Guido

Bug#928965: unblock: lsb/10.2019051400

[Didier 'OdyX' Raboud]

Control: tags -1 -moreinfo

Le mardi, 14 mai 2019, 19.42:42 h CEST Jonathan Wiltshire a écrit :
> Please go ahead and remove the moreinfo tag from this bug when it is ready
> to be unblocked.

Uploaded, built, piuparts ran; removing the moreinfo tag.

(Autopackage tests in progress for _many_ packages).

Cheers, and thanks for your consideration,

OdyX

Bug#929103: apt-marks cleared despite all n's and q's

[積丹尼 Dan Jacobson]

Package: aptitude
Version: 0.8.11-7

Here we see the user answers only "n"s and "q"s,
but still the apt-mark is cleared!

# apt-mark hold gcc-9-base
gcc-9-base set on hold.
# aptitude full-upgrade
...
The following actions will resolve these dependencies:
 Install the following packages:
1) gcc-9-base [9.1.0-2 (experimental)]
...
Accept this solution? [Y/n/q/?] n
...
Accept this solution? [Y/n/q/?] n
...
Accept this solution? [Y/n/q/?] q
# apt-mark showhold
#

Bug#929102: "show" command doesn't reveal apt-mark effects

[積丹尼 Dan Jacobson]

Package: aptitude
Version: 0.8.11-7

Even though using apt-mark affects aptitude's decision making, but there
is no way to detect it via the "show" command.

# aptitude show gcc-9-base|sum
11672 1
# apt-mark hold gcc-9-base
gcc-9-base set on hold.
# aptitude show gcc-9-base|sum
11672 1
# aptitude - show gcc-9-base|sum
11672 1