Bug#990632: unblock: fdroidserver/2.0.3-1

[Jochen Sprickerhof]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package fdroidserver

[ Reason ]
fdroidserver has successful autopkgtests but fails on ppc64el due to
zipalign not being available on that platform (Not a regression). I
believe that is #980087.

For the patch itself, it fixes two warnings in the linting part of
fdroidserver. ruamel deprecated one function and a restriction for the
Version field in the F-Droid metadata was lifted.

Note that I opted for a new upstream version cause adding those two
change would have resulted in basically the same patch plus/minus the
version noise. Hope that is fine.

[ Impact ]
bullseye users would would get a lot of false warnings when linting a
metadata file.

[ Tests ]
I tested the new version manually. Also upstream is using it in
production.

[ Risks ]
The code change for the Version field is only changing a regex so it
seems trivial to me. For ruamel the deprecated function was replaced by
it's content.

[ Checklist ]
  [X] all changes are documented in the d/changelog (through upstream
  changelog)
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in testing

unblock fdroidserver/2.0.3-1
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 99a5f430..945e237c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,7 +4,21 @@ All notable changes to this project will be documented in this 
file.
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 
-## [2.0.1] - 2020-03-09
+## [2.0.3] - 2021-07-01
+
+### Fixed
+
+* Support AutoUpdateMode: Version without pattern
+  [931](https://gitlab.com/fdroid/fdroidserver/-/merge_requests/931)
+
+## [2.0.2] - 2021-06-01
+
+### Fixed
+
+* fix "ruamel round_trip_dump will be removed"
+  [932](https://gitlab.com/fdroid/fdroidserver/-/merge_requests/932)
+
+## [2.0.1] - 2021-03-09
 
 ### Fixed
 
@@ -18,7 +32,7 @@ The format is based on [Keep a 
Changelog](https://keepachangelog.com/en/1.0.0/)
 * checkupdates: set User-Agent to make gitlab.com happy
 * Run push_binary_transparency only once
 
-## [2.0] - 2020-01-31
+## [2.0] - 2021-01-31
 
 For a more complete overview, see the [2.0
 milestone](https://gitlab.com/fdroid/fdroidserver/-/milestones/10)
diff --git a/PKG-INFO b/PKG-INFO
index 1c5616cd..3188aba8 100644
--- a/PKG-INFO
+++ b/PKG-INFO
@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: fdroidserver
-Version: 2.0.1
+Version: 2.0.3
 Summary: F-Droid Server Tools
 Home-page: https://f-droid.org
 Author: The F-Droid Project
diff --git a/debian/changelog b/debian/changelog
index 59e519f1..d45c4c20 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+fdroidserver (2.0.3-1) unstable; urgency=medium
+
+  * Team upload.
+  * New upstream version 2.0.3
+
+ -- Jochen Sprickerhof   Thu, 01 Jul 2021 14:48:57 +0200
+
 fdroidserver (2.0.1-1) unstable; urgency=medium
 
   * New upstream version 2.0.1
diff --git a/fdroidserver.egg-info/PKG-INFO b/fdroidserver.egg-info/PKG-INFO
index 1c5616cd..3188aba8 100644
--- a/fdroidserver.egg-info/PKG-INFO
+++ b/fdroidserver.egg-info/PKG-INFO
@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: fdroidserver
-Version: 2.0.1
+Version: 2.0.3
 Summary: F-Droid Server Tools
 Home-page: https://f-droid.org
 Author: The F-Droid Project
diff --git a/fdroidserver/checkupdates.py b/fdroidserver/checkupdates.py
index f5d0d450..b9e723df 100644
--- a/fdroidserver/checkupdates.py
+++ b/fdroidserver/checkupdates.py
@@ -492,7 +492,7 @@ def checkupdates_app(app):
 logging.warning("Can't auto-update app with no CurrentVersionCode: 
" + app.id)
 elif mode in ('None', 'Static'):
 pass
-elif mode.startswith('Version '):
+elif mode.startswith('Version'):
 pattern = mode[8:]
 suffix = ''
 if pattern.startswith('+'):
diff --git a/fdroidserver/metadata.py b/fdroidserver/metadata.py
index 6c3c4815..8b27c991 100644
--- a/fdroidserver/metadata.py
+++ b/fdroidserver/metadata.py
@@ -448,7 +448,7 @@ valuetypes = {
["AntiFeatures"]),
 
 FieldValidator("Auto Update Mode",
-   r"^(Version .+|None)$",
+   r"^(Version.*|None)$",
["AutoUpdateMode"]),
 
 FieldValidator("Update Check Mode",
@@ -964,7 +964,9 @@ def write_yaml(mf, app):
 return builds
 
 yaml_app = _app_to_yaml(app)
-ruamel.yaml.round_trip_dump(yaml_app, mf, indent=4, block_seq_indent=2)
+yaml = ruamel.yaml.YAML()
+yaml.indent(mapping=4, sequence=4, offset=2)
+yaml.dump(yaml_app, stream=mf)
 
 
 build_line_sep = re.compile(r'(?

Bug#990631: thunderbird: Preferences tab is completely blank after the upgrade to 90b2

[jim_p]

Package: thunderbird
Version: 1:90.0~b2-1
Severity: important
X-Debbugs-Cc: pitsior...@gmail.com

Dear Maintainer,

I upgraded to 90b2 (from 78.11) a few minutes ago, because I really wanted to
see if tb has adopted that proton redesign ff 89 introduced. It hasn't (yet).
And I noticed that every single submenu under edit > preferences is now blank
(attached image). And the same thing happens with a fresh profile.
Launching it from the terminal shows these errors, althought I think they are
irrelevant

$ thunderbird
[GFX1-]: glxtest: eglBindAPI returned an error
[GFX1-]: glxtest: libEGL missing eglGetDisplayDriverName


-- System Information:
Debian Release: 11.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'testing-security'), (500, 'unstable'),
(1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-6-amd64 (SMP w/2 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE,
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not
set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages thunderbird depends on:
ii  debianutils  4.11.2
ii  fontconfig   2.13.1-4.2
ii  libatk1.0-0  2.36.0-2
ii  libbotan-2-172.17.3+dfsg-2
ii  libbz2-1.0   1.0.8-4
ii  libc62.31-12
ii  libcairo-gobject21.16.0-5
ii  libcairo21.16.0-5
ii  libdbus-1-3  1.12.20-2
ii  libdbus-glib-1-2 0.110-6
ii  libevent-2.1-7   2.1.12-stable-1
ii  libffi7  3.3-6
ii  libfontconfig1   2.13.1-4.2
ii  libfreetype6 2.10.4+dfsg-1
ii  libgcc-s110.2.1-6
ii  libgdk-pixbuf-2.0-0  2.42.2+dfsg-1
ii  libglib2.0-0 2.66.8-1
ii  libgtk-3-0   3.24.24-4
ii  libicu67 67.1-6
ii  libjson-c5   0.15-2
ii  libnspr4 2:4.29-1
ii  libnss3  2:3.67-1
ii  libpango-1.0-0   1.46.2-3
ii  libstdc++6   10.2.1-6
ii  libvpx6  1.10.0+really1.8.1-dmo1
ii  libx11-6 2:1.7.1-1
ii  libx11-xcb1  2:1.7.1-1
ii  libxcb-shm0  1.14-3
ii  libxcb1  1.14-3
ii  libxext6 2:1.3.3-1.1
ii  libxrender1  1:0.9.10-1
ii  psmisc   23.4-2
ii  x11-utils7.7+5
ii  zlib1g   1:1.2.11.dfsg-2

Versions of packages thunderbird recommends:
pn  myspell-en-us | hunspell-dictionary | myspell-dictionary  

Versions of packages thunderbird suggests:
pn  apparmor  
pn  fonts-lyx 
ii  libgssapi-krb5-2  1.18.3-5
ii  libgtk2.0-0   2.24.33-2

Bug#990630: unblock: fuse3/3.10.3-2

[GCS]

On Sat, Jul 3, 2021 at 7:21 AM László Böszörményi  wrote:
> [ Checklist ]
>   [x] all changes are documented in the d/changelog
>   [x] I reviewed all changes and I approve them
>   [x] attach debdiff against the package in testing
 Then I really attach the debdiff.

Regards,
Laszlo/GCS
diff -Nru fuse3-3.10.3/debian/changelog fuse3-3.10.3/debian/changelog
--- fuse3-3.10.3/debian/changelog	2021-04-21 14:34:39.0 +0200
+++ fuse3-3.10.3/debian/changelog	2021-06-20 15:45:33.0 +0200
@@ -1,3 +1,9 @@
+fuse3 (3.10.3-2) unstable; urgency=medium
+
+  * Do not try to alter cuse device permissions (closes: #947229, #989977).
+
+ -- Laszlo Boszormenyi (GCS)   Sun, 20 Jun 2021 15:45:33 +0200
+
 fuse3 (3.10.3-1) unstable; urgency=medium
 
   * New upstream release:
diff -Nru fuse3-3.10.3/debian/fuse3.postinst fuse3-3.10.3/debian/fuse3.postinst
--- fuse3-3.10.3/debian/fuse3.postinst	2021-01-29 16:59:06.0 +0100
+++ fuse3-3.10.3/debian/fuse3.postinst	2021-06-20 15:45:33.0 +0200
@@ -14,10 +14,6 @@
 
 case "${1}" in
 	configure)
-		if [ -c /dev/cuse ] && ! chrooted
-		then
-			chmod 0600 /dev/cuse > /dev/null 2>&1
-		fi
 		if ! dpkg-statoverride --list /bin/fusermount3 > /dev/null 2>&1
 		then
 			chmod 4755 /bin/fusermount3

Bug#990630: unblock: fuse3/3.10.3-2

[GCS]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hi RMs,

I would like to update the fuse3 package for Bullseye.

[ Reason ]
The fuse3 package has an old postinst snippet to alter cuse device
permissions. That's double wrong, doesn't work with RO /dev and can
fail in chroot environments.

[ Impact ]
Failed package install [1] in some cases.

[ Tests ]
Tested chroot installation and now it works.

[ Risks ]
None.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]
Builds an udeb and needs a d-i hint as well.

unblock fuse3/3.10.3-2

Thanks,
Laszlo/GCS
[1] https://bugs.debian.org/989977

Bug#990629: unblock: icu/67.1-7

[GCS]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hi RMs,

I would like to update the ICU (International Components for Unicode)
package to fix CVE-2021-30535 [1] for Bullseye.

[ Reason ]
Fix a security issue which makes it possible for a remote attacker to
potentially exploit heap corruption in applications using the ICU
library.

[ Impact ]
Application crash due to double free.

[ Tests ]
Upstream tests.

[ Risks ]
None.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]
None.

unblock icu/67.1-7

Thanks,
Laszlo/GCS
[1] https://github.com/unicode-org/icu/pull/1698
diff -Nru icu-67.1/debian/changelog icu-67.1/debian/changelog
--- icu-67.1/debian/changelog	2021-01-13 06:45:13.0 +0100
+++ icu-67.1/debian/changelog	2021-06-30 18:07:32.0 +0200
@@ -1,3 +1,10 @@
+icu (67.1-7) unstable; urgency=high
+
+  * Backport upstream security fix for CVE-2021-30535: crash caused by locale
+assign/move operators.
+
+ -- Laszlo Boszormenyi (GCS)   Wed, 30 Jun 2021 18:07:32 +0200
+
 icu (67.1-6) unstable; urgency=medium
 
   * Add pkg-config build dependency to build-test of autopkg tests.
diff -Nru icu-67.1/debian/patches/locid_operators.patch icu-67.1/debian/patches/locid_operators.patch
--- icu-67.1/debian/patches/locid_operators.patch	1970-01-01 01:00:00.0 +0100
+++ icu-67.1/debian/patches/locid_operators.patch	2021-04-21 15:42:38.0 +0200
@@ -0,0 +1,41 @@
+diff --git a/patches/locid_operators.patch b/patches/locid_operators.patch
+new file mode 100644
+index 000..7428558
+--- /dev/null
 b/patches/locid_operators.patch
+@@ -0,0 +1,35 @@
++diff --git a/source/common/locid.cpp b/source/common/locid.cpp
++index 0d506293..4743db53 100644
++--- a/source/common/locid.cpp
+ b/source/common/locid.cpp
++@@ -469,14 +469,18 @@ Locale& Locale::operator=(Locale&& other) U_NOEXCEPT {
++ if ((baseName != fullName) && (baseName != fullNameBuffer)) uprv_free(baseName);
++ if (fullName != fullNameBuffer) uprv_free(fullName);
++ 
++-if (other.fullName == other.fullNameBuffer) {
+++if (other.fullName == other.fullNameBuffer || other.baseName == other.fullNameBuffer) {
++ uprv_strcpy(fullNameBuffer, other.fullNameBuffer);
+++}
+++if (other.fullName == other.fullNameBuffer) {
++ fullName = fullNameBuffer;
++ } else {
++ fullName = other.fullName;
++ }
++ 
++-if (other.baseName == other.fullName) {
+++if (other.baseName == other.fullNameBuffer) {
+++baseName = fullNameBuffer;
+++} else if (other.baseName == other.fullName) {
++ baseName = fullName;
++ } else {
++ baseName = other.baseName;
++@@ -2696,6 +2700,9 @@ Locale::setKeywordValue(const char* keywordName, const char* keywordValue, UErro
++ if (fullName != fullNameBuffer) {
++ // if full Name is already on the heap, need to free it.
++ uprv_free(fullName);
+++if (baseName == fullName) {
+++baseName = newFullName; // baseName should not point to freed memory.
+++}
++ }
++ fullName = newFullName;
++ status = U_ZERO_ERROR;
diff -Nru icu-67.1/debian/patches/series icu-67.1/debian/patches/series
--- icu-67.1/debian/patches/series	2020-08-18 17:39:36.0 +0200
+++ icu-67.1/debian/patches/series	2021-06-30 18:07:32.0 +0200
@@ -5,3 +5,4 @@
 layout-test-fix.patch
 #flaky-tests.patch
 ICU-13786_Fix_addLikelySubtags_minimizeSubtags.patch
+locid_operators.patch

Bug#990628: please package 2021.03.1

[draeath]

Package: hackrf
Version: 2018.01.1-2
Severity: important

Hello. As you may know, the HackRF requires matching libraries/tools and
firmware to function correctly. I have flagged this as important due to
this.

Firmware 2021.03.1 has been out for several months, and I have upgraded my
hardware for use on other systems. When I went to run it in a debian
container, I discovered that even sid still is only has the previous
firmware release (2018.01.1) packaged. Is there any chance we can get this
bumped? Note that a new userspace tool exists, "hackrf_clock." The other
change would have been a removed firmware build output, but it looks like
we don't build/package the firmware itself anyway.

Bug#990106:

[Davide Beatrici]

I've been using the AVR-X1000 for a few days now and the problem is no more.

I also realized the AVR-X500 has another issue: the volume of the surround 
(rear) and subwoofer channels is way too low.
With the new amplifier all channels have proper volume, without individual 
tuning.

Sorry for the wrong bug report, free free to close it.
Hopefully it will be useful for someone encountering a similar issue in the 
future.

Bug#990627: python3-torchaudio: torchaudio import aborts

[John O'Hagan]

Package: python3-torchaudio
Version: 0.7.2-1
Severity: grave
Justification: renders package unusable
X-Debbugs-Cc: johnmoha...@gmail.com

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

The line "import torchaudio" at the python interactive shell or in a python
script or imported file results in the progra aborting with the following
output:

--

terminate called after throwing an instance of 'c10::Error'
  what():  Type c10::intrusive_ptr,
c10::detail::intrusive_target_default_null_type > >
could not be converted to any of the known types.
Exception raised from call at ../aten/src/ATen/core/jit_type.h:1698 (most
recent call first):
frame #0: c10::Error::Error(c10::SourceLocation,
std::__cxx11::basic_string, std::allocator
>) + 0x5c (0x7fb37a0b925c in /usr/lib/x86_64-linux-gnu/libc10.so.1.7)
frame #1:  + 0x11d0ac2 (0x7fb376ddfac2 in
/usr/lib/x86_64-linux-gnu/libtorch_cpu.so.1.7)
frame #2:  + 0xe7d991 (0x7fb376a8c991 in
/usr/lib/x86_64-linux-gnu/libtorch_cpu.so.1.7)
frame #3:
c10::detail::infer_schema::make_function_schema(std::__cxx11::basic_string, std::allocator >&&,
std::__cxx11::basic_string, std::allocator
>&&, c10::ArrayRef,
c10::ArrayRef) + 0x6a (0x7fb376a8d70a
in /usr/lib/x86_64-linux-gnu/libtorch_cpu.so.1.7)
frame #4:  + 0x120457f (0x7fb376e1357f in
/usr/lib/x86_64-linux-gnu/libtorch_cpu.so.1.7)
frame #5:  + 0x11fe28f (0x7fb376e0d28f in
/usr/lib/x86_64-linux-gnu/libtorch_cpu.so.1.7)
frame #6:  + 0x11fe404 (0x7fb376e0d404 in
/usr/lib/x86_64-linux-gnu/libtorch_cpu.so.1.7)
frame #7:  + 0xdb5480 (0x7fb3769c4480 in
/usr/lib/x86_64-linux-gnu/libtorch_cpu.so.1.7)
frame #8:  + 0xcdd79c (0x7fb3768ec79c in
/usr/lib/x86_64-linux-gnu/libtorch_cpu.so.1.7)
frame #9:  + 0xffe2 (0x7fb3d5ec1fe2 in /lib64/ld-
linux-x86-64.so.2)
frame #10:  + 0x100e9 (0x7fb3d5ec20e9 in /lib64/ld-
linux-x86-64.so.2)
frame #11: _dl_catch_exception + 0xdd (0x7fb3d5c302bd in /lib/x86_64-linux-
gnu/libc.so.6)
frame #12:  + 0x14058 (0x7fb3d5ec6058 in /lib64/ld-
linux-x86-64.so.2)
frame #13: _dl_catch_exception + 0x80 (0x7fb3d5c30260 in /lib/x86_64-linux-
gnu/libc.so.6)
frame #14:  + 0x138fa (0x7fb3d5ec58fa in /lib64/ld-
linux-x86-64.so.2)
frame #15:  + 0x1258 (0x7fb3d5e55258 in /lib/x86_64-linux-
gnu/libdl.so.2)
frame #16: _dl_catch_exception + 0x80 (0x7fb3d5c30260 in /lib/x86_64-linux-
gnu/libc.so.6)
frame #17: _dl_catch_error + 0x2f (0x7fb3d5c3031f in /lib/x86_64-linux-
gnu/libc.so.6)
frame #18:  + 0x1a65 (0x7fb3d5e55a65 in /lib/x86_64-linux-
gnu/libdl.so.2)
frame #19: dlopen + 0x44 (0x7fb3d5e552e4 in /lib/x86_64-linux-gnu/libdl.so.2)
frame #20:  + 0x14e8d (0x7fb3d5e9ce8d in
/usr/lib/python3.9/lib-dynload/_ctypes.cpython-39-x86_64-linux-gnu.so)
frame #21: /usr/bin/python3() [0x53f38a]
frame #22: _PyObject_MakeTpCall + 0x39b (0x51d89b in /usr/bin/python3)
frame #23: _PyEval_EvalFrameDefault + 0x5654 (0x5170e4 in /usr/bin/python3)
frame #24: /usr/bin/python3() [0x510fe7]
frame #25: _PyFunction_Vectorcall + 0x361 (0x528d21 in /usr/bin/python3)
frame #26: /usr/bin/python3() [0x537b80]
frame #27: _PyObject_MakeTpCall + 0x1f5 (0x51d6f5 in /usr/bin/python3)
frame #28: _PyEval_EvalFrameDefault + 0x5b2a (0x5175ba in /usr/bin/python3)
frame #29: _PyFunction_Vectorcall + 0x1a3 (0x528b63 in /usr/bin/python3)
frame #30: /usr/bin/python3() [0x53bcfb]
frame #31: _PyEval_EvalFrameDefault + 0x53e6 (0x516e76 in /usr/bin/python3)
frame #32: _PyFunction_Vectorcall + 0x1a3 (0x528b63 in /usr/bin/python3)
frame #33: /usr/bin/python3() [0x53bcfb]
frame #34: _PyEval_EvalFrameDefault + 0x53e6 (0x516e76 in /usr/bin/python3)
frame #35: _PyFunction_Vectorcall + 0x1a3 (0x528b63 in /usr/bin/python3)
frame #36: _PyEval_EvalFrameDefault + 0x525 (0x511fb5 in /usr/bin/python3)
frame #37: _PyFunction_Vectorcall + 0x1a3 (0x528b63 in /usr/bin/python3)
frame #38: _PyEval_EvalFrameDefault + 0x525 (0x511fb5 in /usr/bin/python3)
frame #39: /usr/bin/python3() [0x5106ed]
frame #40: _PyEval_EvalCodeWithName + 0x47 (0x510497 in /usr/bin/python3)
frame #41: PyEval_EvalCode + 0x23 (0x5f5be3 in /usr/bin/python3)
frame #42: /usr/bin/python3() [0x5fa670]
frame #43: /usr/bin/python3() [0x5298c4]
frame #44: _PyEval_EvalFrameDefault + 0x610b (0x517b9b in /usr/bin/python3)
frame #45: /usr/bin/python3() [0x5106ed]
frame #46: _PyFunction_Vectorcall + 0x361 (0x528d21 in /usr/bin/python3)
frame #47: _PyEval_EvalFrameDefault + 0x53e6 (0x516e76 in /usr/bin/python3)
frame #48: _PyFunction_Vectorcall + 0x1a3 (0x528b63 in /usr/bin/python3)
frame #49: _PyEval_EvalFrameDefault + 0x702 (0x512192 in /usr/bin/python3)
frame #50: _PyFunction_Vectorcall + 0x1a3 (0x528b63 in /usr/bin/python3)
frame #51: _PyEval_EvalFrameDefault + 0x525 (0x511fb5 in /usr/bin/python3)
frame #52: _PyFunction_Vectorcall + 0x1a3 (0x528b63 in /usr/bin/python3)
frame #53: _PyEval_EvalFrameDefault + 0x525 (0x511fb5 in /usr/bin/python3)
frame #54: _PyFunction_Vectorcall + 0x1a3 (0x528b63 in /usr/bin/python3)
frame #55: /usr/bin/python3() [0x52842e]
frame #56: _PyObject_Ca

Bug#867548: New HDMI audio video IOMMU issues in Bullseye upgrade on Haswell are old

[Bryan Cebuliak]

If  igfx_off is  default, how / why is  it  on?
from
https://www.kernel.org/doc/html/latest/admin-guide/kernel-parameters.html
"...

intel_iommu=[DMAR] Intel IOMMU driver (DMAR) option
on
Enable intel iommu driver.
off
Disable intel iommu driver.
igfx_off [Default Off]
By default, gfx is mapped as normal device. If a gfx
device has a dedicated DMAR unit, the DMAR unit is
bypassed by not enabling DMAR with this option. In
this case, gfx device will use physical address for
DMA.
...


On Sat, 3 Jul 2021 at 01:25, Bryan Cebuliak 
wrote:

> more  possibly relevant IOMMU video audio  and  passthrough issue links:
> Easy ACS kernel patch guide for Ubuntu 20.04
> https://www.youtube.com/watch?v=JBEzshbGPhQ
>
>
> https://forum.level1techs.com/t/intel-graphics-hdmi-audio-fails-after-enabling-intel-iommu-on/168827
>
> kvm-gpu-passthrough-on-debian-buster.md
> https://gist.github.com/davesilva/445276f9157e7cb3a4f6ed2fe852b340
>
>

Bug#989010: linux-image-5.10.0-7-amd64: No display (post, grub, boot messages and desktop) after the upgrade to 5.10.38

[Steve McIntyre]

I came to this bug report when searching for other things; I've read
through the history here and I feel compelled to comment.

Jim: given your appalling lack of respect you've shown for Debian
developers here, it's hardly surprising that nobody seems to want to
engage with you. Your tone and wording in several of your messages
here are utterly unacceptable. You've used abusive language about
people who are volunteers working to improve Debian in their own
time. I would strongly suggest that you revisit what you've written
and consider apologising.

-- 
Steve McIntyre  93...@debian.org
Debian Community Team   commun...@debian.org

Bug#867548: New HDMI audio video IOMMU issues in Bullseye upgrade on Haswell are old

[Bryan Cebuliak]

more  possibly relevant IOMMU video audio  and  passthrough issue links:
Easy ACS kernel patch guide for Ubuntu 20.04
https://www.youtube.com/watch?v=JBEzshbGPhQ

https://forum.level1techs.com/t/intel-graphics-hdmi-audio-fails-after-enabling-intel-iommu-on/168827

kvm-gpu-passthrough-on-debian-buster.md
https://gist.github.com/davesilva/445276f9157e7cb3a4f6ed2fe852b340

Bug#867548: New HDMI audio video IMMOU issues in Bullseye upgrade on Haswell are old

[Bryan Cebuliak]

also see:
https://listman.redhat.com/archives/vfio-users/2016-October/msg00072.html

Bug#990302: ITP: bulk-extractor -- A stream-based forensics tool for triage and cross-evidence analysis, which scans the media and extracts recognizable content

[Samuel Henrique]

Hello Jan,

This would be a great package to have it on Debian,

I usually do a quick review to see if I spot any noticeable issues
before I do a deep dive on it (which I would to during this weekend),
and I notice an issue on d/rules, there are some commands doing:
"test -d foo || git clone bar"

This is an issue because it goes against our policy of not using
network during the build process[0], you can read a recent discussion
about it on LWN as well[1]:
"For packages in the main archive, no required targets may attempt
network access, except, via the loopback interface, to services on the
build host that have been started by the build."

In order to fix this issue you have two options:
1) Package those projects separately and add them to B-D.
2) Repack the upstream tarball and vendor/bundle them in.

You would usually prefer option 1 when the libraries could be reused
by other packages and option 2 when they are likely to only be used by
your package (usually means the same upstream).
But sometimes, even if the library could be used by another package in
the future (but it's not currently), you can go with option 1 if it
makes more sense. Beware that there is not a clear consensus on this
matter so some arguing might be needed (even though we have examples
of packages vendoring libraries which are already available in a
standalone manner on main).

Looking at the three libraries we are talking about:
simsong/be13_api
simsong/dfxml (watchout cause it looks like this one has just been
moved to a different repo)
nbeebe/sceadan

It looks like it's totally fine to vendor be13_api and dfxml, it seems
like sceadan is generic enough to be used by other projects but I
didn't do a proper check.
I suggest you consider the options here and let us know what you think
it's best.

Oh, and since you are in contact with upstream, this sort of issue is
sometimes solved by upstream providing a release tarball that includes
the submodules. The issue is that as far as I know Github does not
provide this feature, so they have to use a script to generate the
tarball and attach it to the release.
This makes the tarball easier to be worked on/packaged by other
distros as well[2], but it's also easy for us to workaround so this is
a tradeoff between bothering upstream vs repacking on our side.
Considering upstream is focused on a rewrite of bulk_extractor, it
might be a good idea to repack it ourselves, I just wanted to let you
know so you're aware of the ideal fix for this if it happens again in
the future.

Thanks for your work!

[0] 
https://www.debian.org/doc/debian-policy/ch-source.html#main-building-script-debian-rules
[1] https://lwn.net/Articles/700465/
[2] And I guess it's also easier for users who wants to build it
themselves, as plain git clone will not checkout the submodules.



--
Samuel Henrique 

Bug#990431: gitolite3: put logs in /var/log/gitolite3 and add logrotation

[Christoph Anton Mitterer]

On Tue, 2021-06-29 at 11:12 -0300, David Bremner wrote:
> https://gitolite.com/gitolite/dev-notes.html#appendix-3-sending-log-lines-to-syslog

Yeah, that's clear,... but then it does go to syslog... plus the
default out-of-the-box installation would still put non-rotated files
into a path that is not really typical for logs :-)


> I guess one could in principle ship different defaults in
> /etc/gitolite3/gitolite.rc, but that is a minor maintainence burden
> merging from upstream.

Wouldn't it be as simple as:
- ship /var/log/gitolite3 with appropriate permissions/owners as part
  of the package
- overwrite /var/lib/gitolite3/.gitolite/logs to be a symlink to the
  former
- add a logrotation snippet as conffile to /etc/logrotate.d/gitolite3

That way you wouldn't need to fiddle around with the sources and all
would still be like upstream... just that it goes of to another
location.
And all users of the gitolite would benefit from it.


I guess the only thing to consider is, that any log-files that already
exist in the (then) old location on upgrade would need to be moved to
/var/log/gitolite3.


> Hmm. I think that would depend too much on a particular local logging
> configuration. It doesn't make sense to me for gitolite to depend on
> e.g. rsyslog.

Why that? logrotate is the standard logrotation tool used in Debian by
many services.
And it should be pretty independent of rsyslog, it just takes rotates
the logfiles in whichever path given.

And if someone configures his gitolite to use syslog instead of files
in, the logrotate snippet would simply do nothing (once all existing
files have been rotated away).
Same if someone configures it to use systemd journald.

Right now at least, we have the situation that nothing seems to rotate
these files and they could in principle fill up the filesystem
eventually.


Cheers,
Chris

Bug#990625: piper: Svg images of mouse models are not packaged.

[Sebastián Lacuesta]

Package: piper
Version: 0.5.1-1
Severity: normal
X-Debbugs-Cc: sebastianlacue...@gmail.com

Dear Maintainer,

Answers of questions in bug report template:

   * What led up to the situation?: Mouse images do not show
   * What exactly did you do (or not do) that was effective (or
 ineffective)?: Check for package contents.
   * What was the outcome of this action?: Mouse svg files are not packaged.
   * What outcome did you expect instead?: I expect that piper show the image
of the mouse.

*** End of the template - remove these template lines ***


-- System Information:
Debian Release: 11.0
  APT prefers testing
  APT policy: (700, 'testing'), (699, 'unstable'), (698, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-8-amd64 (SMP w/16 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=es_UY.UTF-8, LC_CTYPE=es_UY.UTF-8 (charmap=UTF-8),
LANGUAGE=es_UY:es
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages piper depends on:
ii  gettext   0.21-4
ii  gir1.2-rsvg-2.0   2.50.7+dfsg-1
ii  python3   3.9.2-3
ii  python3-evdev 1.4.0+dfsg-1+b1
ii  python3-gi3.38.0-2
ii  python3-gi-cairo  3.38.0-2
ii  python3-lxml  4.6.3-1
ii  ratbagd   0.16-1~exp1

piper recommends no packages.

piper suggests no packages.

Bug#990626: update-binfmts: warning: current package is openjdk-11, but binary format already installed by openjdk-8

[Christoph Anton Mitterer]

Source: openjdk-11
Version: 11.0.12+4-1
Severity: normal


Hey.

When installing the package (openjdk-11-jre-headless) one gets:
update-binfmts: warning: current package is openjdk-11, but binary format 
already installed by openjdk-8

and apparently the format is still "registered" for openjdk-8:
# update-binfmts --display
jar (enabled):
 package = openjdk-8
type = magic
  offset = 0
   magic = PK\x03\x04
mask = 
 interpreter = /usr/bin/jexec
detector = 
...


I do not quite understand how this could have happened, cause
openjdk-8 has been purged and it seems its prerm actually
removes the entry... and binfmt-support was installed all the
time.


I think to remember that I've seen the same things long ago, but
back then I think the handling on removal was simply missing.


AFAIU, the above will never be resolved unless by manual intervention.
Not sure what the package should do about it, perhaps
it would be generally better to move this to some openjdk-common
package or so?


Cheers,
Chris.

Bug#930759: mokutil(1) refers to non-existent "--enroll-validation"

[Adam Williamson]

On Fri, 2021-07-02 at 21:02 +0200, Julian Andres Klode wrote:
> On Thu, Apr 08, 2021 at 02:20:36PM -0700, Adam Williamson wrote:
> > Well, upstream has fixed s/enroll/enable/ . But it has not added any
> > useful explanation of what this does, nor why it prompts for a password
> 
> It enables validation in shim, as the manual page says - it's the
> opposite of disable-validation.
> 
> > and what that password does.
> 
> It's hardly mokutil's job to explain mokmanager's inner workings,
> but as I'm surely aware you know, any action needs to be confirmed
> at boot by a password - or specific characters thereof (sigh).

I didn't actually know that, no. I was completely confused until
someone explained this to me on IRC.
> 
> It's a very specific tool to control MokManager that's not really
> suitable for end users, but for distro developers building integration
> so I think both things are kind of non-issues.

However, it is actually necessary for end users in at least one
specific case: developer edition Dell laptops (which are quite popular
among Linux users). These ship with Secure Boot enabled at the firmware
level, but disabled at the MOK level. Running this command is exactly
what you have to do to actually enable Secure Boot properly on those
laptops.

See
https://bodhi.fedoraproject.org/updates/FEDORA-2021-cab258a413#comment-1978725
for me being completely confused about that command.
-- 
Adam Williamson
Fedora QA
IRC: adamw | Twitter: adamw_ha
https://www.happyassassin.net

Bug#990624: sensors-detect: write to /etc/modules-load.d/ instead of /etc/modules

[Christoph Anton Mitterer]

Package: lm-sensors
Version: 1:3.6.0-7
Severity: wishlist


Hi.

Would it be possible to have sensors-detect wirte its configuration to some file
in /etc/modules-load.d/ instead of /etc/modules?

That would allow for easier cleanup... and perhaps sensors-detect could
simply always overwrite that file (or maybe only if it finds some special
auto-created by sensors-dected header within it) and thereby get rid of any
no longer current modules.


Cheers,
Chris.

Bug#990377: vim-ledger: please migrate to dh-vim-addon

[Louis-Philippe Véronneau]

tags 990377 patch
thanks

Dear maintainer,

Here's a patch to fix this bug. Hopefully it shouldn't be hard to apply :)

Cheers, and thanks for maintaining this package.

-- 
  ⢀⣴⠾⠻⢶⣦⠀
  ⣾⠁⢠⠒⠀⣿⡁  Louis-Philippe Véronneau
  ⢿⡄⠘⠷⠚⠋   po...@debian.org / veronneau.org
  ⠈⠳⣄
From 387e26b9ee76eb1e3c6166a36f9b5064d6204f27 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Louis-Philippe=20V=C3=A9ronneau?= 
Date: Fri, 2 Jul 2021 16:51:43 -0400
Subject: [PATCH] Migrate to dh-vim-addon. (Closes: #990377)

---
 debian/control |  6 ++
 debian/install |  3 +--
 debian/neovim-addon|  1 +
 debian/rules   |  2 +-
 debian/tests/control   |  1 -
 debian/tests/vam   |  7 ---
 debian/vim-addon   |  1 +
 debian/vim-ledger.yaml | 10 --
 8 files changed, 6 insertions(+), 25 deletions(-)
 create mode 12 debian/neovim-addon
 delete mode 100644 debian/tests/control
 delete mode 100755 debian/tests/vam
 create mode 100644 debian/vim-addon
 delete mode 100644 debian/vim-ledger.yaml

diff --git a/debian/control b/debian/control
index bc9ada2..9a16d97 100644
--- a/debian/control
+++ b/debian/control
@@ -2,7 +2,7 @@ Source: vim-ledger
 Section: editors
 Priority: optional
 Maintainer: Edward Betts 
-Build-Depends: debhelper, debhelper-compat (= 12)
+Build-Depends: debhelper, debhelper-compat (= 12), dh-vim-addon
 Rules-Requires-Root: no
 Standards-Version: 4.5.0
 Homepage: https://github.com/ledger/vim-ledger
@@ -11,7 +11,7 @@ Vcs-Git: https://salsa.debian.org/edward/vim-ledger.git
 
 Package: vim-ledger
 Architecture: all
-Depends: vim, vim-addon-manager, ${misc:Depends}
+Depends: ${vim-addon:Depends}, ${misc:Depends}
 Suggests: ledger | hledger
 Description: Vim plugin for Ledger
  Ledger is a powerful and flexible double-entry accounting system run
@@ -20,5 +20,3 @@ Description: Vim plugin for Ledger
  .
  This plugin provides Vim syntax highlighting and folding for Ledger
  files.
- .
- `vim-addons install ledger` will create all needed symlinks in ~/.vim/
diff --git a/debian/install b/debian/install
index 158802e..3afeb77 100644
--- a/debian/install
+++ b/debian/install
@@ -1,2 +1 @@
-autoload/ compiler/ doc/ ftdetect/ ftplugin/ indent/ syntax/ usr/share/vim/addons
-debian/vim-ledger.yaml usr/share/vim/registry
+autoload/ compiler/ doc/ ftdetect/ ftplugin/ indent/ syntax/ usr/share/vim-ledger
diff --git a/debian/neovim-addon b/debian/neovim-addon
new file mode 12
index 000..8d48464
--- /dev/null
+++ b/debian/neovim-addon
@@ -0,0 +1 @@
+vim-addon
\ No newline at end of file
diff --git a/debian/rules b/debian/rules
index 2d33f6a..5facb03 100755
--- a/debian/rules
+++ b/debian/rules
@@ -1,4 +1,4 @@
 #!/usr/bin/make -f
 
 %:
-	dh $@
+	dh $@ --with vim_addon
diff --git a/debian/tests/control b/debian/tests/control
deleted file mode 100644
index ab41faa..000
--- a/debian/tests/control
+++ /dev/null
@@ -1 +0,0 @@
-Tests: vam
diff --git a/debian/tests/vam b/debian/tests/vam
deleted file mode 100755
index 2a891c5..000
--- a/debian/tests/vam
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-# try using vim-addon-manager to installing and removing ledger
-tmpdir=`mktemp -d`
-vam --target-dir $tmpdir install ledger
-vam --target-dir $tmpdir remove ledger
-rmdir $tmpdir
diff --git a/debian/vim-addon b/debian/vim-addon
new file mode 100644
index 000..28716f8
--- /dev/null
+++ b/debian/vim-addon
@@ -0,0 +1 @@
+usr/share/vim-ledger ledger
diff --git a/debian/vim-ledger.yaml b/debian/vim-ledger.yaml
deleted file mode 100644
index 1c93fb8..000
--- a/debian/vim-ledger.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-addon: ledger
-description: "ledger filetype for Vim"
-files:
-  - autoload/ledger.vim
-  - compiler/ledger.vim
-  - doc/ledger.txt
-  - ftplugin/ledger.vim
-  - ftdetect/ledger.vim
-  - syntax/ledger.vim
-  - indent/ledger.vim
-- 
2.32.0



OpenPGP_signature
Description: OpenPGP digital signature

Bug#990623: Cmake in Bullseye can't find Postgresql that ships with Bullseye

[Timothy E. Harris]

Package: cmake
Version: 3.18.4-2|
|

|Cmake in bullseye can't find |the postgresql-13 version which ships in 
bullseye.
This is because |lines 89/90 of 
/usr/share/cmake-3.18/Modules/FindPostgreSQL.cmake has this:|


|set(PostgreSQL_KNOWN_VERSIONS ${PostgreSQL_ADDITIONAL_VERSIONS}
        "12" "11" "10" "9.6" "9.5" "9.4" "9.3" "9.2" "9.1" "9.0" "8.4" 
"8.3" "8.2" "8.1" "8.0")

|

|changing it to|

|set(PostgreSQL_KNOWN_VERSIONS ${PostgreSQL_ADDITIONAL_VERSIONS}
        "13" "12" "11" "10" "9.6" "9.5" "9.4" "9.3" "9.2" "9.1" "9.0" 
"8.4" "8.3" "8.2" "8.1" "8.0")

|

|is sufficient to correct the problem.|

Bug#990622: bitlbee-plugin-facebook: The plugin does not start

[Jean-Philippe MENGUAL]

Package: bitlbee-plugin-facebook
Version: 1.2.1-1
Severity: important

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
   * What exactly did you do (or not do) that was effective (or
 ineffective)?

>From a set bitlbee properly, run:
account facebook on

   * What was the outcome of this action?

After connecting, I get: ERROR_QUEUE_OVERFLOW

   * What outcome did you expect instead?

Should display the buddies list

*** End of the template - remove these template lines ***

Regards


-- System Information:
Debian Release: 11.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'buildd-experimental'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-8-amd64 (SMP w/4 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages bitlbee-plugin-facebook depends on:
ii  bitlbee-libpurple   3.6-1.2
ii  libc6   2.31-12
ii  libglib2.0-02.66.8-1
ii  libjson-glib-1.0-0  1.6.2-1

bitlbee-plugin-facebook recommends no packages.

bitlbee-plugin-facebook suggests no packages.

-- no debconf information

Bug#990621: unblock: python-duckpy/3.1.0-2

[Nilesh Patra]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: nil...@debian.org, debian-med-packag...@lists.alioth.debian.org

Please unblock package python-duckpy

[ Reason ]
python-duckpy is an unusable package w/o having a Depends on python3-h2
More details with salsa CI links in the corresponding RC bug: #990620 which the 
latest upload closes

[ Impact ]
The package will be unusable for bullseye users w/o explicitly
installing python3-h2 on their own

[ Tests ]
Non-superficial autopkgtests have been added in the upload, which helped
to uncover the bug in the first place. Both superficial and
non-superficial autopkgtests are green now.
I also did a bit of manual testing -- looks good!

[ Risks ]
This is a leaf package, no risks

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

unblock python-duckpy/3.1.0-2

-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 5.7.0-2-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru python-duckpy-3.1.0/debian/changelog 
python-duckpy-3.1.0/debian/changelog
--- python-duckpy-3.1.0/debian/changelog2020-09-29 16:16:00.0 
+0530
+++ python-duckpy-3.1.0/debian/changelog2021-07-03 01:37:34.0 
+0530
@@ -1,3 +1,12 @@
+python-duckpy (3.1.0-2) unstable; urgency=medium
+
+  * Team Upload.
+  * Add autopkgtests
+  * d/examples: Add d/tests/test_duckpy_basic.py as example
+  * d/control: Add Depends on python3-h2 (Closes: #990620)
+
+ -- Nilesh Patra   Sat, 03 Jul 2021 01:37:34 +0530
+
 python-duckpy (3.1.0-1) unstable; urgency=medium
 
   * Team upload.
diff -Nru python-duckpy-3.1.0/debian/control python-duckpy-3.1.0/debian/control
--- python-duckpy-3.1.0/debian/control  2020-09-29 16:16:00.0 +0530
+++ python-duckpy-3.1.0/debian/control  2021-07-03 00:55:00.0 +0530
@@ -24,7 +24,8 @@
 Section: python
 Depends: ${misc:Depends},
  ${python3:Depends},
- python3-bs4
+ python3-bs4,
+ python3-h2
 Recommends: ${python3:Recommends}
 Suggests: ${python3:Suggests}
 Description: simple Python library for searching on DuckDuckGo
diff -Nru python-duckpy-3.1.0/debian/examples 
python-duckpy-3.1.0/debian/examples
--- python-duckpy-3.1.0/debian/examples 1970-01-01 05:30:00.0 +0530
+++ python-duckpy-3.1.0/debian/examples 2021-07-03 00:55:00.0 +0530
@@ -0,0 +1 @@
+debian/tests/test_duckpy_basic.py
diff -Nru python-duckpy-3.1.0/debian/tests/control 
python-duckpy-3.1.0/debian/tests/control
--- python-duckpy-3.1.0/debian/tests/control1970-01-01 05:30:00.0 
+0530
+++ python-duckpy-3.1.0/debian/tests/control2021-07-03 00:54:17.0 
+0530
@@ -0,0 +1,3 @@
+Tests: run-unit-test
+Depends: @, python3-pytest
+Restrictions: allow-stderr, needs-internet
diff -Nru python-duckpy-3.1.0/debian/tests/run-unit-test 
python-duckpy-3.1.0/debian/tests/run-unit-test
--- python-duckpy-3.1.0/debian/tests/run-unit-test  1970-01-01 
05:30:00.0 +0530
+++ python-duckpy-3.1.0/debian/tests/run-unit-test  2021-07-03 
00:55:00.0 +0530
@@ -0,0 +1,21 @@
+#!/bin/bash
+set -e
+
+pkg='duckpy'
+CUR_DIR=`pwd`
+
+if [ "$AUTOPKGTEST_TMP" = "" ] ; then
+  AUTOPKGTEST_TMP=`mktemp -d /tmp/${pkg}-test.XX`
+  trap "rm -rf $AUTOPKGTEST_TMP" 0 INT QUIT ABRT PIPE TERM
+fi
+
+cp /usr/share/doc/python3-${pkg}/examples/test_duckpy_basic.py 
"$AUTOPKGTEST_TMP"
+
+cd $AUTOPKGTEST_TMP
+
+for py in $(py3versions -s 2> /dev/null)
+do
+echo "Testing with $py in $(pwd):"
+$py -m pytest -v
+done
+echo "PASS"
diff -Nru python-duckpy-3.1.0/debian/tests/test_duckpy_basic.py 
python-duckpy-3.1.0/debian/tests/test_duckpy_basic.py
--- python-duckpy-3.1.0/debian/tests/test_duckpy_basic.py   1970-01-01 
05:30:00.0 +0530
+++ python-duckpy-3.1.0/debian/tests/test_duckpy_basic.py   2021-07-03 
00:54:17.0 +0530
@@ -0,0 +1,34 @@
+import asyncio
+from duckpy import AsyncClient
+from duckpy import Client
+
+def test_functional():
+ client = Client()
+ results = client.search("Python Wikipedia")
+ # Assert first result title is not empty
+ assert results[0]['title'] != ""
+
+ # Assert first result URL is not empty
+ assert results[0]['url'] != ""
+
+ # Prints first result description
+ assert results[0]['description'] != ""
+
+
+async def get_asyncio_results():
+client = AsyncClient()
+results = await client.search("Debian")
+
+# Assert first result title is not empty
+assert results[0]['title'] != ""
+
+# Assert first result URL is not empty
+assert

Bug#887555: new upstream (20171222)

[Andreas Tille]

Hi Eike,

On Fri, Jul 02, 2021 at 09:45:03PM +0200, Eike Fokken wrote:
> 
> apparently there is a newer version of parallel, but only in the experimental
> distribution.

Yes, we are under Freeze Policy.  Once Bullseye is released I'll upload the
recent version of parallel to unstable soon.

Kind regards

  Andreas. 

-- 
http://fam-tille.de

Bug#990620: python-duckpy: python-ducky -- Mising Depends on python3-h2 -- renders package unusable

[Nilesh Patra]

Source: python-duckpy
Version: 3.1.0-1
Severity: serious
X-Debbugs-Cc: nil...@debian.org

Dear Maintainer,

python-duckpy has a missing dependency on python3-h2 which is uncovered
by a non-superficial autopkgtest committed to salsa[1]

As can be seen in the corresponding pipeline, it fails with dependency
error[2] "Using http2=True, but the 'h2' package is not installed"

[1]: 
https://salsa.debian.org/med-team/python-duckpy/-/commit/687a66a3be451d5f3458caa956927af7bd9880c5
[2]: https://salsa.debian.org/med-team/python-duckpy/-/jobs/1736252

Nilesh

-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 5.7.0-2-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#869799: poyl...@gmail.com

[naw shan]

Jytvi?ijy@648/8-68(%

Bug#887555: new upstream (20171222)

[Eike Fokken]

Package: parallel
Version: 20161222-1.1
Followup-For: Bug #887555
X-Debbugs-Cc: e.fokken+report...@posteo.de

Dear Maintainer,

apparently there is a newer version of parallel, but only in the experimental
distribution.
It seems to me that is may not be warranted (anymore?).
>From its own documentation I have the feeling (on which you shouldn't depend,
but I guess you are more knowledgable here),
that parallel is not dangerous for the system, which I think is a reason to
include packages only in experimental.
If my assessment is correct, please migrate a newer version to unstable.

Best

Eike


-- System Information:
Debian Release: 11.0
  APT prefers testing-security
  APT policy: (500, 'testing-security'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-7-amd64 (SMP w/4 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages parallel depends on:
ii  perl 5.32.1-4
ii  procps   2:3.3.17-5
ii  sysstat  12.5.2-2

parallel recommends no packages.

parallel suggests no packages.

Bug#990570: unblock: slurm-wlm/20.11.7-1

[Paul Gevers]

Control: tags -1 moreinfo

Hi,

On Fri, 2 Jul 2021 01:12:41 +0200 Gennaro Oliva 
wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please unblock package slurm-wlm

 510 files changed, 6706 insertions(+), 5099 deletions(-)

Your diff was so large, it didn't even reach the list.

> [ Reason ]
> 
> 20.11.6 and 20.11.7 were bugfix and stability releases with no feature 
> changes.
> Please allow this into bullseye.

Can you please provide a filter diff that's reviewable to confirm this
statement?

> [ Impact ]
> Fixes CVE-2021-31215
> 
> [ Tests ]
> I have successfully run the same set of standard test I use for each
> release.
> 
> [ Risks ]
> The software is very stable and one packages (mpich) is built against
> its lib.
> 
> [ Checklist ]
>   [X] all changes are documented in the d/changelog and in NEWS file
>   [X] I reviewed all changes and I approve them

All 6000 lines?

>   [X] attach debdiff against the package in testing and the relevant
>   part of the NEWS file
> 
> unblock slurm-wlm/20.11.7-1

Paul



OpenPGP_signature
Description: OpenPGP digital signature

Bug#990457: [Pkg-nagios-devel] Bug#990457: monitoring-plugins-contrib: Too many things in the same package leads to recommends being ignored most of the time

[Gabriel Filion]

Hello,

On 2021-06-29 16 h 08, Jan Wagner wrote:

Hi Gabriel,

Am 29.06.21 um 19:34 schrieb Gabriel Filion:
I would like to suggest breaking up this package into smaller binary 
packages
that are focused on one application/service per package. This way one 
could
install only the checks that are required with their individual 
requirements.


as you may have read the documentation and used our suggested way to 
solve your problem by not installing the recommands automatically, our 
plan worked out.
Anyway ... if you would like to do the work to draft such a package 
split, you can send MRs via 
https://salsa.debian.org/nagios-team/pkg-nagios-plugins-contrib/, which 
would be very welcomed.


With kind regards, Jan.


I unfortunately will be unavailable for the next month.

also I'm still very much a beginner with debian packaging, so I'm not 
certain that I'll know exactly all of the details that need to be handled.


So I'm afraid that I unfortunately won't be able to push this forward 
for some time :\

Bug#990619: unblock: qtbase-opensource-src/5.15.2+dfsg-9

[Dmitry Shachnev]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package qtbase-opensource-src 5.15.2+dfsg-9.

[ Reason ]
Unfortunately the patch I added in 5.15.2+dfsg-6 introduced some regressions.

The original purpose of that patch was to fix the bug described here:
- https://bugs.launchpad.net/bugs/1857824
- https://bugs.kde.org/show_bug.cgi?id=417761

However that patch also contained an unrelated change. Quoting the commit
message:

> This change also optimizes QMimeBinaryProvider::addFileNameMatches
> to have the same logic as xdgmime for glob matching:
> literals > extensions > other globs
> As soon as one category matches, we can stop there.
> This makes no difference in the overall results, in practice.

It turns out this optimization causes various problems, which can be seen in
the following bug reports:
- https://bugs.debian.org/989255 (problems with qbittorrent-nox)
- https://bugs.debian.org/989744 (problems with dolphin and all/all MIME type)
- https://bugs.debian.org/990129 (problems with Qt WebEngine)

[ Impact ]
According to the bugs, the previous patch causes issues in different
applications. All issues are in some way related to determining MIME types.

[ Tests ]
I have prepared a locally built .deb where the part of the patch causing
problems was removed:
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989744#37

In all three bugs, I got feedback that the issue is fixed with that:
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989255#36
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989744#42
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990129#27

[ Risks ]
The risks are all related to MIME types handling. But at least it should be
no worse than before -6 upload. I hope these two parts of the patch were
really independent.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]
The 5.15.2+dfsg-8 upload contained another fix that was contributed to us via
a merge request. Apparently that fix also causes a regression, so I decided to
remove it in -9.

unblock qtbase-opensource-src/5.15.2+dfsg-9

Of course there is no urgency, this package can wait its N-day quarantine
in unstable.

--
Dmitry Shachnev
diff -Nru qtbase-opensource-src-5.15.2+dfsg/debian/changelog qtbase-opensource-src-5.15.2+dfsg/debian/changelog
--- qtbase-opensource-src-5.15.2+dfsg/debian/changelog	2021-06-03 15:55:29.0 +0300
+++ qtbase-opensource-src-5.15.2+dfsg/debian/changelog	2021-07-02 18:58:04.0 +0300
@@ -1,3 +1,23 @@
+qtbase-opensource-src (5.15.2+dfsg-9) unstable; urgency=medium
+
+  * Revert adding fix-misplacement-of-placeholder-text-in-QLineEdit.diff.
+Unfortunately it causes a regression (see QTBUG-94824).
+
+ -- Dmitry Shachnev   Fri, 02 Jul 2021 18:58:04 +0300
+
+qtbase-opensource-src (5.15.2+dfsg-8) unstable; urgency=medium
+
+  [ Lu Yaning ]
+  * Backport upstream patch to fix misplacement of placeholder text in
+QLineEdit with RTL content.
+
+  [ Dmitry Shachnev ]
+  * Remove the qmimeprovider.cpp part of mime_globs.diff. It is unrelated
+to the original purpose of that patch, and causes various problems
+(closes: #989255, #989744, #990129).
+
+ -- Dmitry Shachnev   Mon, 28 Jun 2021 20:38:59 +0300
+
 qtbase-opensource-src (5.15.2+dfsg-7) unstable; urgency=medium
 
   [ Lu Yaning ]
diff -Nru qtbase-opensource-src-5.15.2+dfsg/debian/patches/mime_globs.diff qtbase-opensource-src-5.15.2+dfsg/debian/patches/mime_globs.diff
--- qtbase-opensource-src-5.15.2+dfsg/debian/patches/mime_globs.diff	2021-06-03 15:37:49.0 +0300
+++ qtbase-opensource-src-5.15.2+dfsg/debian/patches/mime_globs.diff	2021-07-02 18:58:04.0 +0300
@@ -2,14 +2,8 @@
  When multiple globs match, and the result from magic sniffing is
  unrelated to any of those globs, globs have priority and one of them
  should be picked up.
- .
- This change also optimizes QMimeBinaryProvider::addFileNameMatches
- to have the same logic as xdgmime for glob matching:
- literals > extensions > other globs
- As soon as one category matches, we can stop there.
- This makes no difference in the overall results, in practice.
 Origin: upstream, https://code.qt.io/cgit/qt/qtbase.git/commit/?id=0cbbba2aa5b47224
-Last-Update: 2021-05-18
+Last-Update: 2021-06-12
 
 --- a/src/corelib/mimetypes/qmimedatabase.cpp
 +++ b/src/corelib/mimetypes/qmimedatabase.cpp
@@ -55,31 +49,3 @@
  m_knownSuffixLength = knownSuffixLength;
  }
  }
 a/src/corelib/mimetypes/qmimeprovider.cpp
-+++ b/src/corelib/mimetypes/qmimeprovider.cpp
-@@ -244,15 +244,18 @@ void QMimeBinaryProvider::addFileNameMat
- const QString lowerFileName = fileName.toLower();
- // Check literals (e.g. "Makefile")
- matchGlobList(result, m_cacheFile, m_cacheFile->getUint32(PosLiteralListOffset), fileName);
--// Check complex globs (e.g. "cal

Bug#990618: gnome-maps: fail to start (JS ERROR: TypeError: source is undefined)

[Davide Prina]

Package: gnome-maps
Version: 3.38.2-1
Severity: normal
X-Debbugs-Cc: davide.pr...@gmail.com

Hi,

$ gnome-maps

(org.gnome.Maps:21155): Gjs-CRITICAL **: 21:02:00.672: JS ERROR: TypeError: 
source is undefined
_createTileSource@resource:///org/gnome/Maps/js/mapSource.js:91:9
_createCachedSource@resource:///org/gnome/Maps/js/mapSource.js:106:39
createAerialSource@resource:///org/gnome/Maps/js/mapSource.js:138:12
setMapType@resource:///org/gnome/Maps/js/mapView.js:409:54
_init@resource:///org/gnome/Maps/js/mapView.js:155:14
_init@resource:///org/gnome/Maps/js/mainWindow.js:99:25
_createWindow@resource:///org/gnome/Maps/js/application.js:281:28
vfunc_activate@resource:///org/gnome/Maps/js/application.js:300:14
vfunc_command_line@resource:///org/gnome/Maps/js/application.js:374:18
main@resource:///org/gnome/Maps/js/main.js:57:24
run@resource:///org/gnome/gjs/modules/script/package.js:222:19
start@resource:///org/gnome/gjs/modules/script/package.js:206:8
@/usr/bin/gnome-maps:2:17


$ tail -f
dbus-daemon[521]: [system] Activating via systemd: service 
name='org.freedesktop.GeoClue2' unit='geoclue.service' requested by ':1.259' 
(uid=1000 pid=21155 comm="/usr/bin/gjs /usr/bin/gnome-maps ")
systemd[1]: Starting Location Lookup Service...
dbus-daemon[521]: [system] Successfully activated service 
'org.freedesktop.GeoClue2'
systemd[1]: Started Location Lookup Service.
gnome-shell[1799]: GDBus.Error:org.freedesktop.DBus.Error.AccessDenied: 
gnome-shell not allowed to act as agent
gnome-shell[1799]: libinput error: event0  - Logitech USB Optical Mouse: client 
bug: event processing lagging behind by 14ms, your system is too slow
geoclue[21174]: soup_message_set_request: assertion 'SOUP_IS_MESSAGE (msg)' 
failed
kernel: geoclue[21174]: segfault at 8 ip 564e99fd7f17 sp 741b5fb0 
error 4 in geoclue[564e99fbb000+27000]
kernel: Code: e8 de 3c fe ff e9 21 ff ff ff 66 0f 1f 84 00 00 00 00 00 48 8b 04 
24 48 8d 15 8a da 00 00 be 10 00 00 00 48 8d 3d a5 a1 00 00 <48> 8b 48 08 31 c0 
e8 ae 3c fe ff 48 8b 3c 24 e8 a5 38 fe ff e9 e8
systemd[1]: geoclue.service: Main process exited, code=killed, status=11/SEGV
systemd[1]: geoclue.service: Failed with result 'signal'.
dbus-daemon[521]: [system] Activating via systemd: service 
name='org.freedesktop.GeoClue2' unit='geoclue.service' requested by ':1.259' 
(uid=1000 pid=21155 comm="/usr/bin/gjs /usr/bin/gnome-maps ")
systemd[1]: Starting Location Lookup Service...
dbus-daemon[521]: [system] Successfully activated service 
'org.freedesktop.GeoClue2'
systemd[1]: Started Location Lookup Service.
gnome-shell[1799]: GDBus.Error:org.freedesktop.DBus.Error.AccessDenied: 
gnome-shell not allowed to act as agent
geoclue[21189]: Service not used for 60 seconds. Shutting down..
systemd[1]: geoclue.service: Succeeded.

I have also installed the gnome-maps experimental version, but that
don't solve.

I have found this:
https://forums.linuxmint.com/viewtopic.php?t=350276

but it seem to point to a but of a lower gnome-maps version

Ciao
Davide


-- System Information:
Debian Release: 11.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'testing-security'), (500, 
'testing-debug'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.40-dp-20210604 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_UNSIGNED_MODULE
Locale: LANG=it_IT.utf8, LC_CTYPE=it_IT.utf8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gnome-maps depends on:
ii  dconf-gsettings-backend [gsettings-backend]  0.38.0-2
ii  geoclue-2.0  2.5.7-3
ii  gir1.2-champlain-0.120.12.20-1
ii  gir1.2-clutter-1.0   1.26.4+dfsg-2
ii  gir1.2-cogl-1.0  1.22.8-2
ii  gir1.2-gdkpixbuf-2.0 2.42.2+dfsg-1
ii  gir1.2-geoclue-2.0   2.5.7-3
ii  gir1.2-geocodeglib-1.0   3.26.2-2
ii  gir1.2-gfbgraph-0.2  0.2.4-1
ii  gir1.2-glib-2.0  1.66.1-1+b1
ii  gir1.2-goa-1.0   3.38.0-3
ii  gir1.2-gtk-3.0   3.24.24-4
ii  gir1.2-gtkchamplain-0.12 0.12.20-1
ii  gir1.2-gtkclutter-1.01.8.4-4
ii  gir1.2-gweather-3.0  3.36.1-3
ii  gir1.2-rest-0.7  0.8.1-1.1
ii  gir1.2-secret-1  0.20.4-2
ii  gir1.2-soup-2.4  2.72.0-2
ii  gir1.2-webkit2-4.0   2.32.1-2
ii  gjs  1.66.2-1
ii  libc62.31-12
ii  libchamplain-0.12-0  0.12.20-1
ii  libfolks25   0.14.0-1+b1
ii  libgee-0.8-2 0.20.4-1
ii  libgeocode-glib0   

Bug#981928: (no subject)

[Heather Ellsworth]

Ubuntu builds are now hitting this same issue.
The corresponding bug on launchpad:

https://bugs.launchpad.net/debian/+source/gauche-gtk/+bug/1934534

Bug#930759: mokutil(1) refers to non-existent "--enroll-validation"

[Julian Andres Klode]

On Thu, Apr 08, 2021 at 02:20:36PM -0700, Adam Williamson wrote:
> Well, upstream has fixed s/enroll/enable/ . But it has not added any
> useful explanation of what this does, nor why it prompts for a password

It enables validation in shim, as the manual page says - it's the
opposite of disable-validation.

> and what that password does.

It's hardly mokutil's job to explain mokmanager's inner workings,
but as I'm surely aware you know, any action needs to be confirmed
at boot by a password - or specific characters thereof (sigh).

It's a very specific tool to control MokManager that's not really
suitable for end users, but for distro developers building integration
so I think both things are kind of non-issues.

-- 
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer  i speak de, en

Bug#990537: llvm-11: Patch

[Krzysztof Aleksander Pyrkosz]

Package: llvm-11
Version: 1:11.0.1-2
Followup-For: Bug #990537
X-Debbugs-Cc: krzpyrk...@gmail.com

Dear Maintainer,

I'm attaching the patch. It adds:
- libxml2-dev to Build-Depends of the source
- libxml2-dev to Depends of llvm-11-dev
- libxml2 to Depends of llvm-11
--- control 2020-12-16 08:29:13.0 +
+++ /tmp/control2021-07-02 15:56:49.313105111 +
@@ -9,6 +9,7 @@
 lsb-release, patchutils, diffstat, xz-utils, python3-dev,
 libedit-dev, libncurses5-dev, swig, python3-six, python3-sphinx (>= 1.3.6),
 binutils-dev,
+libxml2-dev,
 libjsoncpp-dev, pkg-config,
 lcov, procps, help2man, zlib1g-dev,
 g++-multilib [amd64 i386 kfreebsd-amd64 mips mips64 mips64el mipsel 
powerpc ppc64 s390 s390x sparc sparc64 x32],
@@ -284,7 +285,7 @@
 Package: llvm-11
 Architecture: any
 Suggests: llvm-11-doc
-Depends: llvm-11-runtime (= ${binary:Version}), ${shlibs:Depends}, 
${misc:Depends}
+Depends: llvm-11-runtime (= ${binary:Version}), ${shlibs:Depends}, 
${misc:Depends}, libxml2
 Recommends: llvm-11-dev
 Description: Modular compiler and toolchain technologies
  LLVM is a collection of libraries and tools that make it easy to build
@@ -333,7 +334,8 @@
 Architecture: any
 Depends: ${shlibs:Depends}, libffi-dev, ${misc:Depends},
  llvm-11 (= ${binary:Version}), libllvm11 (= ${binary:Version}), libtinfo-dev,
- llvm-11-tools (= ${binary:Version}), libclang-cpp11 (= ${binary:Version}), 
libz3-dev
+ llvm-11-tools (= ${binary:Version}), libclang-cpp11 (= ${binary:Version}), 
libz3-dev,
+ libxml2-dev
 Description: Modular compiler and toolchain technologies, libraries and headers
  LLVM is a collection of libraries and tools that make it easy to build
  compilers, optimizers, just-in-time code generators, and many other

Bug#984901: RFS: open-ath9k-htc-firmware/1.4.0-106-gc583009+dfsg1-2 -- firmware for AR7010 and AR9271 USB wireless adapters

[John Scott]

On Tue, 2021-06-01 at 07:07 +0200, Tobias Frost wrote:
> The Files-Excluded section is used by tools like uscan to strip files from the
> orig.tar.  The formatted text just says that the field can extend over 
> multiple
> lines, it does not mean its free text without meaning.
> TL;DR: I'm pretty sure you want the Comment: here. A quick test with
> uscan --verbose --force-download will convince you too.
Okay, I've restored the Comment: field with the rationale for
repacking.

> You cannot assume that those files are not copyrightable, at minimum
> that would be a question for debian-legal. Generally, copyrightabilty
> is a very low barrier. Looking at NOTICE.TXT it is definitly
> copyrightable and has even a copyright statement, for example.
> Looking at README, it is also definitly beyond that barrier.
> 
> *Usually* (I didnt check this particular case) such companion files
> in the repo are under the same license that the other files,
> thereofore usually the debian/* stanca is fine.
> 
> Strictly, if there is no copyright information, it defaults to "all
> rights reserved", which means "not even distributeable."
> So if in doubt, you need to ask upstream to clarify.
> 
> I guess it would be just easier to reinstanciate the * section, as
> ftp masters have at least one time looked at it already and found it
> ok.
I've reinstated the wildcard section so that the Qualcomm Atheros
copyright applies to the README, NOTICES.TXT, and .gitignore.

> > >  - W: open-ath9k-htc-firmware source: inconsistent-appstream-
> > > metadata-license  
> > >debian/firmware-ath9k-htc.metainfo.xml (mit != expat)
> > In my opinion this is a bug that could be fixed in Lintian. If you're
> > not aware, the Expat license is a specific version of what's commonly
> > known as the MIT license. The SPDX identifier (and hence the identifier
> > used in the AppStream file) is MIT, although the Debian machine-
> > readable copyright specification requests that one refer to the Expat
> > license when that license is applicable.
> > 
> > Basically, the copyright file referring to the Expat license is
> > consistent with the AppStream metadata proclaiming that it is subject
> > to the MIT license.
> 
> OK, in this case an override and a comment towards the override would
> be helpful. Bonus points for filing a bug against lintian.
I've decided that a Lintian override is most appropriate, since this
particular case (MIT != Expat) applies to only a couple other packages
and it's important for package maintainers to validate that their
variant of the MIT license is in fact the Expat license.

> > > Some patch have fuzz... maybe refresh?
> > If you're referring to
> > Hunk #1 succeeded at 43 (offset -1 lines).
> > Hunk #2 succeeded at 55 (offset -1 lines).
> > Hunk #3 succeeded at 99 (offset -1 lines).
> > Hunk #4 succeeded at 113 (offset -1 lines).
> > Hunk #5 succeeded at 151 (offset -1 lines).
> > then I believe this is normal, although refreshing the patches upstream
> > shouldn't hurt.
> Certainly it does not hurt to refresh.
Unfortunately upstream has been unresponsive and not been accepting of
my patch to use GCC 11 and newer Binutils which, however, I will
refresh in my merge request. In the longer-term, we'll probably be
better off using Clang instead of GCC when LLVM gets Xtensa support:
https://reviews.llvm.org/D64830

As soon as those patches are accepted, I plan to experiment with
getting it working and spearhead the effort upstream. This would also
be of benefit to the OpenBSD Project which also uses this firmware.

Xtensa is a CPU architecture that is custom-fabricated for various
products, hence why we have to bootstrap our cross toolchain from
scratch when building this firmware. This requires patches to the GCC
sources so it knows exactly what chip we're targeting. With Clang, no
source-level changes will be required.



signature.asc
Description: This is a digitally signed message part

Bug#989045: gnome-control-center: Region+Language panel segfault after trying to add new input source

[Prof. Will Tuladhar-Douglas]

Hallo,

Any developments on this? Crash still happening.

Be well,

—WBTD.

On Tue, 25 May 2021 17:02:23 +0100 "Prof. Will Tuladhar-Douglas"
 wrote:

> Dear Simon,
>
> Thank you for the email and the useful instructions.
>
> To be clear, I did the following:
>
> % export DEBUGINFOD_URLS="https://debuginfod.debian.net";
>
> % gdb -batch -n -ex 'set pagination off' -ex run -ex bt -ex 'bt full'
> -ex 'thread apply all bt full' --args gnome-control-center > output.txt
>
> This produced copious output, which I have attached here as a file.
>
> gdb did also complain modestly to stderr as follows
>
> 31    ../sysdeps/x86_64/multiarch/strcmp-sse2-unaligned.S: Inappropriate
> ioctl for device.
>
>
> If it's relevant: hardware is a Mac PowerBook Pro 2013 with an external
> Apple Thunderbolt display and a Matias external keyboard.
>
> Do please let me know if I can help pursue this further.
>
> Be well,
>
> —WBTD.
>
> On 24/05/2021 21:37, Simon McVittie wrote:
> > On Mon, 24 May 2021 at 16:46:54 +0100, Will Tuladhar-Douglas wrote:
> >> Whenever gnome control panel is open to the Language and Region screen,
> >> if one selects the "+" icon to add a new input source, there's a
> >> segfault.
> > This isn't crashing for me, but I might be able to get
> > somewhere with it if you can provide a backtrace from the crash?
> > https://wiki.debian.org/HowToGetABacktrace might be useful information.
> >
> > Thanks,
> > smcv

Bug#990511: unblock: kodi/2:19.1+dfsg2-2

[Vasyl Gello]

Hi Sebastian,

One more (technical) thing to mention: the best way to centralize ToLower and 
ToUpper (omitting collations for now, for that there is a libicu PR for v20 
targeting Android) is to declare an overloaded 'StringUtils::ToLower(char c, 
bool useCLocale)' function and make all Kodi use it. However, there are two 
instances of StringUtils.h and the second one is part of Kodi API SDK. Fixing 
Kodi API SDK will be immediately rejected by upstream for v19 because it 
triggers an API bump and rebuild of all addons (including minimum 12 addons of 
49 in Debian during the full freeze!).

Since the workaround does not break movie search / collation / addons, let's 
follow the upstream path and have it merged. For v20 development cycle, we can 
either refactor lower/upper/collation things or use libicu to perform similar 
comparisons.

If you have a better approach to solve this issue, please let me know on 
https://github.com/xbmc/xbmc/issue/19883

Cheers!
-- 
Vasyl Gello
==
Certified SolidWorks Expert

Mob.:+380 (98) 465 66 77

E-Mail: vasek.ge...@gmail.com

Skype: vasek.gello
==
호랑이는 죽어서 가죽을 남기고 사람은 죽어서 이름을 남긴다

Bug#990325: evolution: Duplicate to #986218

[Jan Heitkötter]

Package: evolution
Version: 3.38.3-1
Followup-For: Bug #990325

Dear Maintainer,

Bug #990325 seems to be a duplicate to #986218.

Best regards

Jan


-- System Information:
Debian Release: 11.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-7-amd64 (SMP w/6 CPU threads)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages evolution depends on:
ii  dbus   1.12.20-2
ii  evolution-common   3.38.3-1
ii  evolution-data-server  3.38.3-1
ii  libc6  2.31-12
ii  libcamel-1.2-623.38.3-1
ii  libclutter-gtk-1.0-0   1.8.4-4
ii  libecal-2.0-1  3.38.3-1
ii  libedataserver-1.2-25  3.38.3-1
ii  libevolution   3.38.3-1
ii  libglib2.0-0   2.66.8-1
ii  libgtk-3-0 3.24.24-4
ii  libical3   3.0.9-2
ii  libnotify4 0.7.9-3
ii  libsoup2.4-1   2.72.0-2
ii  libwebkit2gtk-4.0-37   2.32.1-2
ii  libxml22.9.10+dfsg-6.7
ii  psmisc 23.4-2

Versions of packages evolution recommends:
ii  evolution-plugin-bogofilter  3.38.3-1
ii  evolution-plugin-pstimport   3.38.3-1
ii  evolution-plugins3.38.3-1
ii  yelp 3.38.3-1

Versions of packages evolution suggests:
pn  evolution-ews   
pn  evolution-plugins-experimental  
ii  gnupg   2.2.27-2
ii  network-manager 1.30.0-2

-- debconf information excluded

Bug#990617: login-duo: default configuration file in manpage incorrect

[Jack Hill]

Package: login-duo
Version: 1.11.3-1
Severity: minor

Dear Maintainer,

The login_duo man page states that its default configuration file is
/etc/duo/login_duo.conf. However, it appears to by default look in
/etc/security/login_duo.conf. This is confusing to a new user who
installs the configuration file in /etc/duo/login_duo.conf. When
login_duo can't find its configuration file, it "fails open", allowing
users to proceed with their login action without checking the second
factor, so it is important that the configuration file be installed
correctly.

Here is an example terminal session demonstrating the problem:

$ login_duo -f jackhill
Missing host, ikey, or skey in /etc/security/login_duo.conf
$
logout
$ login_duo -f jackhill -c /etc/duo/login_duo.conf
Duo two-factor login for jackhill

Enter a passcode or select one of the following options:

 1. Phone call to XXX-XXX-2576
 2. SMS passcodes to XXX-XXX-2576 (next code starts with: 2)

Passcode or option (1-2): 1

Calling your phone...
Dialing XXX-XXX-2576...
Answered. Press any key on your phone to log in.
Success. Logging you in...
$

-- System Information:
Debian Release: 11.0
  APT prefers testing-security
  APT policy: (500, 'testing-security'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-7-amd64 (SMP w/1 CPU thread)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages login-duo depends on:
ii  libc6   2.31-12
ii  libduo3 1.11.3-1
ii  openssh-server  1:8.4p1-5

login-duo recommends no packages.

login-duo suggests no packages.

-- no debconf information

Bug#930759: mokutil(1) refers to non-existent "--enroll-validation"

[Adam Williamson]

Well, upstream has fixed s/enroll/enable/ . But it has not added any
useful explanation of what this does, nor why it prompts for a password
and what that password does.
-- 
Adam Williamson
Fedora QA
IRC: adamw | Twitter: adamw_ha
https://www.happyassassin.net

Bug#990326: thunderbird: No images shown in thundebird

[Guido Krause]

Hello Carsten,

with the update it is fine now.

Thank you for maintaining.

Best regards

Guido


Am 29.06.21 um 22:00 schrieb Carsten Schoenert:

Hello Guido,

Am Fri, Jun 25, 2021 at 08:15:37PM +0200 schrieb Guido Krause:

Dear Maintainer,

Thunderbird does not show images embedded in e-mail if allowed. Either
nothing is shown or a "broken image" icon

what about this issue with version 1:78.11.0-2 ?

Regards
Carsten

Bug#990326: thunderbird: No images shown in thundebird

[Ryan Armstrong]

On Tue, 29 Jun 2021 22:00:28 +0200 Carsten Schoenert 
 wrote:


> Hello Guido,
>
> Am Fri, Jun 25, 2021 at 08:15:37PM +0200 schrieb Guido Krause:
> > Dear Maintainer,
> >
> > Thunderbird does not show images embedded in e-mail if allowed. Either
> > nothing is shown or a "broken image" icon
>
> what about this issue with version 1:78.11.0-2 ?
>
> Regards
> Carsten
>
>

I'm not the original reporter, but I had the same problem reported 
above, and updating to version 1:78.11.0-2 resolved it.

Bug#990616: O: perl-tk -- Perl module providing the Tk graphics library

[Mattia Rizzolo]

Package: wnpp

The current maintainer of perl-tk, Colin Tuckley ,
has retired.  Therefore, I orphan this package now.

Maintaining a package requires time and skills. Please only adopt this
package if you will have enough time and attention to work on it.

If you want to be the new maintainer, please see
https://www.debian.org/devel/wnpp/#howto-o for detailed
instructions how to adopt a package properly.

Some information about this package:

Package: perl-tk
Binary: perl-tk
Version: 1:804.035-0.1
Maintainer: Colin Tuckley 
Uploaders: Michael C. Schultheiss 
Build-Depends: debhelper (>> 9), perl (>> 5.8.1), libx11-dev, libxft-dev, 
libxt-dev, x11proto-core-dev, libpng-dev, libjpeg-dev, libfreetype6-dev, 
libxrender-dev, dpkg-dev (>= 1.16.1~)
Architecture: any
Standards-Version: 3.9.8
Format: 3.0 (quilt)
Files:
 85d23642c5a5a2c704c3f07913663c4b 1933 perl-tk_804.035-0.1.dsc
 839c70fe35acf4ba92206e719cc5f0a6 7024487 perl-tk_804.035.orig.tar.gz
 bdb5c4b8362f7c73b18ef46fe13bff52 14504 perl-tk_804.035-0.1.debian.tar.xz
Checksums-Sha256:
 f581e23104e8331e42117571f7c5d092ca38d426a117d685d73100d3ab898224 1933 
perl-tk_804.035-0.1.dsc
 4d2b80291ba6de34d8ec886a085a6dbd2b790b926035a087e99025614c5ffdd4 7024487 
perl-tk_804.035.orig.tar.gz
 012417ca5a4e6314bba21343d5b929c07a0142e57c4ddbaa895e249c6000 14504 
perl-tk_804.035-0.1.debian.tar.xz
Homepage: http://search.cpan.org/dist/Tk/
Package-List: 
 perl-tk deb perl optional arch=any
Directory: pool/main/p/perl-tk
Priority: source
Section: perl

Package: perl-tk
Source: perl-tk (1:804.035-0.1)
Version: 1:804.035-0.1+b1
Installed-Size: 7327
Maintainer: Colin Tuckley 
Architecture: amd64
Replaces: libtk-png-perl
Provides: libtk-perl, libtk-png-perl
Depends: libc6 (>= 2.29), libfontconfig1 (>= 2.12.6), libjpeg62-turbo (>= 
1.3.1), libpng16-16 (>= 1.6.2-1), libx11-6, libxft2 (>> 2.1.1), perl (>= 
5.32.0-4), perlapi-5.32.0
Conflicts: libtk-png-perl
Description: Perl module providing the Tk graphics library
Description-md5: 4b85d3a774205640dd14fdee9cb4f6e9
Homepage: http://search.cpan.org/dist/Tk/
Tag: devel::interpreter, devel::lang:perl, devel::library,
 implemented-in::perl, interface::graphical, interface::x11,
 role::app-data, role::program, role::shared-lib, uitoolkit::tk,
 x11::application
Section: perl
Priority: optional
Filename: pool/main/p/perl-tk/perl-tk_804.035-0.1+b1_amd64.deb
Size: 2015840
MD5sum: 8740373831c33c0d35eeec912b07cd87
SHA256: e99288b6d076ca1bdac0f057b7de38d885595190b44cd531ad2217a751e7ebd9


-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990615: O: otp -- Generator for One Time Pads or Passwords

[Mattia Rizzolo]

Package: wnpp

The current maintainer of otp, Colin Tuckley ,
has retired.  Therefore, I orphan this package now.

Maintaining a package requires time and skills. Please only adopt this
package if you will have enough time and attention to work on it.

If you want to be the new maintainer, please see
https://www.debian.org/devel/wnpp/#howto-o for detailed
instructions how to adopt a package properly.

Some information about this package:

Package: otp
Binary: otp
Version: 1:1.2.2-1
Maintainer: Colin Tuckley 
Build-Depends: debhelper (>= 9), dpkg-dev (>= 1.16.1~)
Architecture: any
Standards-Version: 3.9.5
Format: 3.0 (quilt)
Files:
 5c6de1eb7c12fa5ba18e559a544e0db5 1682 otp_1.2.2-1.dsc
 498c244e19cab39b6707f7eef6267352 43649 otp_1.2.2.orig.tar.gz
 a75ce94fb836da1b74f676deabf18117 3044 otp_1.2.2-1.debian.tar.xz
Checksums-Sha256:
 ee07d635e3c1aadebfa92b9d3d1058c2109d1e83eee9f1f36312188e5705e862 1682 
otp_1.2.2-1.dsc
 6369468070937c495829ebb2798ac66ebca1d04515171fcb47b17a82e950c452 43649 
otp_1.2.2.orig.tar.gz
 2df06c5213cd35526f89ff25378d058f4bcf21b134c60c89f9e5f0a7590a8eb8 3044 
otp_1.2.2-1.debian.tar.xz
Homepage: http://www.fourmilab.ch/onetime/otpgen.html
Package-List: 
 otp deb misc optional arch=any
Directory: pool/main/o/otp
Priority: source
Section: misc

Package: otp
Source: otp (1:1.2.2-1)
Version: 1:1.2.2-1+b1
Installed-Size: 38
Maintainer: Colin Tuckley 
Architecture: amd64
Depends: libc6 (>= 2.4)
Description: Generator for One Time Pads or Passwords
Description-md5: 98841fa857f52c2ad64211d92f12e915
Homepage: http://www.fourmilab.ch/onetime/otpgen.html
Tag: interface::commandline, role::program, scope::utility,
 security::cryptography
Section: misc
Priority: optional
Filename: pool/main/o/otp/otp_1.2.2-1+b1_amd64.deb
Size: 14892
MD5sum: f7d5633becfc16a89a90f8c0ca3fc112
SHA256: 78bf19491b90280e21baa0980710ec7b91d18891926ddea21262fa1af8fffe18


-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990614: O: tart -- versatile and feature-rich email signature generator

[Mattia Rizzolo]

Package: wnpp

The current maintainer of tart, Colin Tuckley ,
has retired.  Therefore, I orphan this package now.

Maintaining a package requires time and skills. Please only adopt this
package if you will have enough time and attention to work on it.

If you want to be the new maintainer, please see
https://www.debian.org/devel/wnpp/#howto-o for detailed
instructions how to adopt a package properly.

Some information about this package:

Package: tart
Binary: tart
Version: 3.10-1
Maintainer: Colin Tuckley 
Build-Depends: debhelper (>= 5.0.0), autotools-dev, dpkg-dev (>= 1.16.1~)
Architecture: any
Standards-Version: 3.9.5
Format: 3.0 (quilt)
Files:
 6f6d797433be1555c854b04801118691 1699 tart_3.10-1.dsc
 471a0a53825a28619b4667b755425f23 128837 tart_3.10.orig.tar.gz
 fddb2cecfdf925bab19be2ed2916b7c2 2972 tart_3.10-1.debian.tar.xz
Checksums-Sha256:
 172c8dd9c891b161f68e1f0cedaec00c343873d72f2f3f34ce69e9f474668565 1699 
tart_3.10-1.dsc
 b4e4617088fa71998db5ccdfd060142b9c74bf779f8164367e073714035c2bcb 128837 
tart_3.10.orig.tar.gz
 49fb1e744596c75b11f599239121332b26ac673bb190ae25e39f606fdbaeee3d 2972 
tart_3.10-1.debian.tar.xz
Homepage: http://sourceforge.net/projects/linuxtart/
Package-List: 
 tart deb mail optional arch=any
Directory: pool/main/t/tart
Priority: source
Section: mail

Package: tart
Source: tart (3.10-1)
Version: 3.10-1+b1
Installed-Size: 156
Maintainer: Colin Tuckley 
Architecture: amd64
Depends: libc6 (>= 2.14)
Description: versatile and feature-rich email signature generator
Description-md5: 45aa42dd3f5968a94485d14c99ef0d99
Homepage: http://sourceforge.net/projects/linuxtart/
Tag: implemented-in::c, role::program, works-with::mail
Section: mail
Priority: optional
Filename: pool/main/t/tart/tart_3.10-1+b1_amd64.deb
Size: 63192
MD5sum: 5e35b3db1ecc4edfc5f247f0789626c2
SHA256: 33d5d6a68068cc429c740ffe4ffa82253212abfc2e6ff090b7b7a4fda9fac51f


-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990613: O: ltris -- very polished Tetris clone with CPU opponents

[Mattia Rizzolo]

Package: wnpp

The current maintainer of ltris, Colin Tuckley ,
has retired.  Therefore, I orphan this package now.

Maintaining a package requires time and skills. Please only adopt this
package if you will have enough time and attention to work on it.

If you want to be the new maintainer, please see
https://www.debian.org/devel/wnpp/#howto-o for detailed
instructions how to adopt a package properly.

Some information about this package:

Package: ltris
Binary: ltris
Version: 1.0.19-3
Maintainer: Colin Tuckley 
Build-Depends: debhelper (>> 9), libsdl1.2-dev, libsdl-mixer1.2-dev, 
autotools-dev
Architecture: any
Standards-Version: 3.9.6
Format: 3.0 (quilt)
Files:
 5d375a699d02ab6bda0140c586d3b8b0 1743 ltris_1.0.19-3.dsc
 63486b90e59699823f7093bc9ab87725 883543 ltris_1.0.19.orig.tar.gz
 aa9ea9cac333010e61d33a39abdbdcb2 8480 ltris_1.0.19-3.debian.tar.xz
Checksums-Sha256:
 723d9d1ad46b758ceba698cb70e11667c7559a41921f1235c117f11b9fdd0248 1743 
ltris_1.0.19-3.dsc
 8f6a9e7719d22004aee153db29ffd9ca41c7a6cd87fc791591994eecc2e625a1 883543 
ltris_1.0.19.orig.tar.gz
 be5d42db6a36a0e3d1fa42320c99f5829d2492dc752dda3aaced7ba51fd63fd4 8480 
ltris_1.0.19-3.debian.tar.xz
Homepage: http://lgames.sourceforge.net/index.php?project=LTris
Package-List: 
 ltris deb games optional arch=any
Directory: pool/main/l/ltris
Priority: source
Section: games

Package: ltris
Source: ltris (1.0.19-3)
Version: 1.0.19-3+b1
Installed-Size: 1107
Maintainer: Colin Tuckley 
Architecture: amd64
Depends: libc6 (>= 2.14), libsdl-mixer1.2, libsdl1.2debian (>= 1.2.11)
Description: very polished Tetris clone with CPU opponents
Description-md5: ba5974efd7c79972f5f5422957b41085
Homepage: http://lgames.sourceforge.net/index.php?project=LTris
Tag: game::tetris, interface::graphical, interface::x11, role::program,
 uitoolkit::sdl, use::gameplaying, x11::application
Section: games
Priority: optional
Filename: pool/main/l/ltris/ltris_1.0.19-3+b1_amd64.deb
Size: 447692
MD5sum: 054b1eaf9cc82ae1b9d3183d4911c93c
SHA256: 1b5d1b4e371ab23c3d30133a91f47821a63985bacb55fc5ec012a74b9db19251


-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990612: O: ploticus -- script driven business graphics package

[Mattia Rizzolo]

Package: wnpp

The current maintainer of ploticus, Colin Tuckley ,
has retired.  Therefore, I orphan this package now.

Maintaining a package requires time and skills. Please only adopt this
package if you will have enough time and attention to work on it.

If you want to be the new maintainer, please see
https://www.debian.org/devel/wnpp/#howto-o for detailed
instructions how to adopt a package properly.

Some information about this package:

Package: ploticus
Binary: ploticus, libploticus0, libploticus0-dev
Version: 2.42-4.2
Maintainer: Colin Tuckley 
Build-Depends: debhelper (>= 9), zlib1g-dev, libgd-dev, libjpeg-dev, 
libfreetype6-dev, libx11-dev, x11proto-core-dev, libpng-dev, dpkg-dev (>= 
1.16.1~)
Architecture: any
Standards-Version: 4.0.0
Format: 3.0 (quilt)
Files:
 f63751bf889672caeb314d18bfec0b9f 1949 ploticus_2.42-4.2.dsc
 02fe439080786fd23772ab1e27b2 554515 ploticus_2.42.orig.tar.gz
 97d28dda1e5192ebfb880332a1d60d30 18700 ploticus_2.42-4.2.debian.tar.xz
Checksums-Sha256:
 29783ed44eb2dff0eca46cd7e246ae6e3255bdc5b4aeed7fa69283f79069f9ef 1949 
ploticus_2.42-4.2.dsc
 62ca31c596bbf0795dfc1d17350d6b83cfe7e742029e020429d35d5503584177 554515 
ploticus_2.42.orig.tar.gz
 5ae008530b498d694cd5a732bd3bad8aa5e14af8557666472f0806906c865eda 18700 
ploticus_2.42-4.2.debian.tar.xz
Homepage: http://ploticus.sourceforge.net
Package-List: 
 libploticus0 deb libs optional arch=any
 libploticus0-dev deb libdevel optional arch=any
 ploticus deb misc optional arch=any
Directory: pool/main/p/ploticus
Priority: source
Section: misc


-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990611: O: cd-circleprint -- prints round cd-labels

[Mattia Rizzolo]

Package: wnpp

The current maintainer of cd-circleprint, Colin Tuckley ,
has retired.  Therefore, I orphan this package now.

Maintaining a package requires time and skills. Please only adopt this
package if you will have enough time and attention to work on it.

If you want to be the new maintainer, please see
https://www.debian.org/devel/wnpp/#howto-o for detailed
instructions how to adopt a package properly.

Some information about this package:

Package: cd-circleprint
Binary: cd-circleprint
Version: 0.7.0-5.1
Maintainer: Colin Tuckley 
Build-Depends: debhelper (>= 9)
Architecture: all
Standards-Version: 4.0.0
Format: 1.0
Files:
 b7b6b44cb6c3053fdef80107d3531cc4 1753 cd-circleprint_0.7.0-5.1.dsc
 9e33fb7cd029bd7e4c37ed28c0cdbf7b 75790 cd-circleprint_0.7.0.orig.tar.gz
 2790644f81e81e647154dbb96bf2d9d6 4822 cd-circleprint_0.7.0-5.1.diff.gz
Checksums-Sha256:
 a50acc612440755736c1110a62cc2ff770c7a89f575b4e768e3af6bf18928187 1753 
cd-circleprint_0.7.0-5.1.dsc
 bbf45752135e123e2d34ee831687353cab1543a2c7a2d4ef1b357a168419b908 75790 
cd-circleprint_0.7.0.orig.tar.gz
 a890b0ffc3c492e0550689a28b010f121105a8754abe7cb5ed0de6b315165016 4822 
cd-circleprint_0.7.0-5.1.diff.gz
Homepage: http://sourceforge.net/projects/cd-circle-print/
Package-List: 
 cd-circleprint deb text optional arch=all
Directory: pool/main/c/cd-circleprint
Priority: source
Section: text

Package: cd-circleprint
Version: 0.7.0-5.1
Installed-Size: 174
Maintainer: Colin Tuckley 
Architecture: all
Depends: perl, perl-tk
Suggests: imagemagick, gv
Description: prints round cd-labels
Description-md5: 51a4ae39167501ed72dce961877ad4cd
Homepage: http://sourceforge.net/projects/cd-circle-print/
Tag: hardware::storage, hardware::storage:cd, role::program, use::printing
Section: text
Priority: optional
Filename: pool/main/c/cd-circleprint/cd-circleprint_0.7.0-5.1_all.deb
Size: 79516
MD5sum: c93952e28929462e862c3e0a08512397
SHA256: 7bb53359aa84a78c2bafa08777680f180d79e3e198066c2ed764c0853723aeb8


-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990610: O: brandy -- BBC BASIC V interpreter

[Mattia Rizzolo]

Package: wnpp

The current maintainer of brandy, Colin Tuckley ,
has retired.  Therefore, I orphan this package now.

Maintaining a package requires time and skills. Please only adopt this
package if you will have enough time and attention to work on it.

If you want to be the new maintainer, please see
https://www.debian.org/devel/wnpp/#howto-o for detailed
instructions how to adopt a package properly.

Some information about this package:

Package: brandy
Binary: brandy
Version: 1.20.1-1
Maintainer: Colin Tuckley 
Build-Depends: debhelper (>= 5), libsdl1.2-dev, dpkg-dev (>= 1.16.1~)
Architecture: any
Standards-Version: 3.9.5
Format: 3.0 (quilt)
Files:
 ca881bacdd1b562ac9fbad1e5153ebc3 1731 brandy_1.20.1-1.dsc
 661a5cb90a79416efc0e584c835e6310 422579 brandy_1.20.1.orig.tar.gz
 6c75278a8978f98dcbecc93c88688aab 5276 brandy_1.20.1-1.debian.tar.xz
Checksums-Sha256:
 ca6f8d6e4a1aa31f3966bce9f973d36cf9bf0f0b89c4057688ade387d53a7a88 1731 
brandy_1.20.1-1.dsc
 1639aa60b6e7c4b6aa829155c81d35043ae875971984ef63320cf336e1787be3 422579 
brandy_1.20.1.orig.tar.gz
 db3323e24213174270387cbae75b1d6850b6dc5fdab8600871f972de9c24de76 5276 
brandy_1.20.1-1.debian.tar.xz
Homepage: http://sourceforge.net/projects/brandy
Package-List: 
 brandy deb interpreters optional arch=any
Directory: pool/main/b/brandy
Priority: source
Section: interpreters

Package: brandy
Source: brandy (1.20.1-1)
Version: 1.20.1-1+b1
Installed-Size: 488
Maintainer: Colin Tuckley 
Architecture: amd64
Depends: libc6 (>= 2.14), libsdl1.2debian (>= 1.2.11)
Description: BBC BASIC V interpreter
Description-md5: 87052efb62063bde1423433f8602c5be
Homepage: http://sourceforge.net/projects/brandy
Tag: devel::interpreter, interface::graphical, interface::x11, role::program,
 uitoolkit::sdl, x11::application
Section: interpreters
Priority: optional
Filename: pool/main/b/brandy/brandy_1.20.1-1+b1_amd64.deb
Size: 244298
MD5sum: 08e0bdd0138df962de578a5818cb3b27
SHA256: 0a6025dc6a284a1488e34e75e17227b3cc7268f95ee7703ee246ca4f7158b6d7


-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990609: Updating the aprx Uploaders list

[Mattia Rizzolo]

Source: aprx
Version: 2.9.0+dfsg-4
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Colin Tuckley  has retired, so can't work on
the aprx package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990608: Updating the ax25-tools Uploaders list

[Mattia Rizzolo]

Source: ax25-tools
Version: 0.0.10-rc5+git20190411+3595f87-5
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Colin Tuckley  has retired, so can't work on
the ax25-tools package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990607: Updating the baycomepp Uploaders list

[Mattia Rizzolo]

Source: baycomepp
Version: 0.10-15
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Colin Tuckley  has retired, so can't work on
the baycomepp package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990606: Updating the ax25-apps Uploaders list

[Mattia Rizzolo]

Source: ax25-apps
Version: 0.0.8-rc5+git20190411+0ff1383-4
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Colin Tuckley  has retired, so can't work on
the ax25-apps package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990605: Updating the baycomusb Uploaders list

[Mattia Rizzolo]

Source: baycomusb
Version: 0.10-14
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Colin Tuckley  has retired, so can't work on
the baycomusb package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990604: Updating the ax25mail-utils Uploaders list

[Mattia Rizzolo]

Source: ax25mail-utils
Version: 0.14-1
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Colin Tuckley  has retired, so can't work on
the ax25mail-utils package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990603: Updating the cqrlog Uploaders list

[Mattia Rizzolo]

Source: cqrlog
Version: 2.5.1-2
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Colin Tuckley  has retired, so can't work on
the cqrlog package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990602: Updating the cwdaemon Uploaders list

[Mattia Rizzolo]

Source: cwdaemon
Version: 0.10.2-2
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Colin Tuckley  has retired, so can't work on
the cwdaemon package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990601: Updating the fbb Uploaders list

[Mattia Rizzolo]

Source: fbb
Version: 7.010-1
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Colin Tuckley  has retired, so can't work on
the fbb package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990600: Updating the gpredict Uploaders list

[Mattia Rizzolo]

Source: gpredict
Version: 2.3-72-gc596101-3
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Colin Tuckley  has retired, so can't work on
the gpredict package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990599: Updating the icom Uploaders list

[Mattia Rizzolo]

Source: icom
Version: 20120228-3
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Colin Tuckley  has retired, so can't work on
the icom package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990598: Updating the qrq Uploaders list

[Mattia Rizzolo]

Source: qrq
Version: 0.3.3-3
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Colin Tuckley  has retired, so can't work on
the qrq package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990597: Updating the lbreakout2 Uploaders list

[Mattia Rizzolo]

Source: lbreakout2
Version: 2.6.5-2
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Colin Tuckley  has retired, so can't work on
the lbreakout2 package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990594: Updating the linpac Uploaders list

[Mattia Rizzolo]

Source: linpac
Version: 0.28-1
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Colin Tuckley  has retired, so can't work on
the linpac package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990596: Updating the libax25 Uploaders list

[Mattia Rizzolo]

Source: libax25
Version: 0.0.12-rc5+git20190411+b17ff36-3
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Colin Tuckley  has retired, so can't work on
the libax25 package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990595: Updating the tk2 Uploaders list

[Mattia Rizzolo]

Source: tk2
Version: 1.1-10.1
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Colin Tuckley  has retired, so can't work on
the tk2 package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990593: Updating the trustedqsl Uploaders list

[Mattia Rizzolo]

Source: trustedqsl
Version: 2.5.7-2
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Colin Tuckley  has retired, so can't work on
the trustedqsl package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990591: Updating the twpsk Uploaders list

[Mattia Rizzolo]

Source: twpsk
Version: 4.3-1
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Colin Tuckley  has retired, so can't work on
the twpsk package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990592: Updating the qsstv Uploaders list

[Mattia Rizzolo]

Source: qsstv
Version: 9.4.4-3 9.5.3-1
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Colin Tuckley  has retired, so can't work on
the qsstv package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990590: Updating the twclock Uploaders list

[Mattia Rizzolo]

Source: twclock
Version: 3.5-1
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Colin Tuckley  has retired, so can't work on
the twclock package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990589: Updating the unixcw Uploaders list

[Mattia Rizzolo]

Source: unixcw
Version: 3.5.1-4 3.6.0-1
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Colin Tuckley  has retired, so can't work on
the unixcw package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990588: Updating the xdx Uploaders list

[Mattia Rizzolo]

Source: xdx
Version: 2.5.0-3
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Colin Tuckley  has retired, so can't work on
the xdx package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990586: Updating the z8530-utils2 Uploaders list

[Mattia Rizzolo]

Source: z8530-utils2
Version: 3.0-1-10
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Colin Tuckley  has retired, so can't work on
the z8530-utils2 package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#990587: Updating the xnec2c Uploaders list

[Mattia Rizzolo]

Source: xnec2c
Version: 1:4.1.1-2
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Colin Tuckley  has retired, so can't work on
the xnec2c package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#989799: psmisc: Undeclared file conflict with manpages-de

[Helge Kreutzmann]

Hello Hideki,
On Fri, Jul 02, 2021 at 10:29:53AM +0900, Hideki Yamane wrote:
> On Thu, 1 Jul 2021 21:07:03 +0200
> Helge Kreutzmann  wrote:
> > It now has. So this bug is closed, if users upgrade to the latestes
> > backport version.
> 
>  Hmm, however, this bug is not closed automatically. Weird.
>  
> https://tracker.debian.org/news/1243791/accepted-manpages-l10n-4100-1bpo101-source-into-buster-backports-backports-policy-buster-backports/

This is normal, somehow Closes in backported packages don't work. I
asked this earlier and was told otherwiese, but it still applies.

>  We can close it via mail, but should investigate its reason, IMO.

I already did that, however, I can do it again, if necessary.

Greetings

Helge

-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#990585: frr: "set src" in zebra.conf not working after update libyang1

[elfleg0las]

Package: frr
Version: 7.5.1-1

In zebra.conf i set src address for outgoing connections:

route-map ospf-in permit 20
  set src 10.1.1.221

(this is address on dummy interface with /32 mask)

It work correct before little update (probably libyang1) i get error in
zebra.log:

2021/07/02 16:36:53 ZEBRA: [EC 100663299] buffer_flush_available: write
error on fd 2: Bad file descriptor
2021/07/02 16:36:53 ZEBRA: [EC 100663304] ERROR: Command returned Warning
Config Failed on config line 26:   set src 10.1.1.221
2021/07/02 16:36:53 ZEBRA: [EC 100663299] buffer_flush_available: write
error on fd 2: Bad file descriptor

Update, which broke frr (/var/log/apt/history.log):

# cat /var/log/apt/history.log

Start-Date: 2021-07-02  16:01:18
Requested-By: leg0las (1000)
Install: e2fsprogs-l10n:amd64 (1.46.2-2)
Upgrade: libyang1:amd64 (1.0.184-2, 1.0.225-1.1), libext2fs2:amd64
(1.46.2-1, 1.46.2-2), libcom-err2:amd64 (1.46.2-1, 1.46.2-2),
guile-2.2-libs:amd64 (2.2.7+1-5.4, 2.2.7+1-6), logsave:amd64 (1.46.2-1,
1.46.2-2), libss2:amd64 (1.46
.2-1, 1.46.2-2), e2fsprogs:amd64 (1.46.2-1, 1.46.2-2)
End-Date: 2021-07-02  16:01:50

As I understand the problem in "libyang1:amd64 (1.0.184-2, 1.0.225-1.1)", I
tested it on 2 hosts (not updated and updated versions libyang1) and the
old version worked correctly. After updating and rebooting I get this error
(alike as on second host)

Bug#990584: ftp.debian.org: consider tightening the Valid-Until times

[Christoph Anton Mitterer]

Package: ftp.debian.org
Severity: normal


Hey there.

Would you possibly consider to tighten the Valid-Until times on the
various repositories?


E.g. stable and testing security seems to have 1 week right now.

This seems pretty long,... a whole week in which an attacker might
do a blocking attack and prevent people from noticing that they're
not seeing any updates?


Current stable (buster) doesn't seem to have a Valid-Until at all.
Not sure if this is planned for bullseye as well.
The impact is perhaps not that big, since the security upgrades
go anyway to bullseye-security.
But still perhaps better to have a validity than not?


I would have blindly guessed that using shorter Valid-Until times
isn't that expensive, cause it's probably just the dates that
need to be refresehed and the signature on the Release file?



What about a validity time of e.g. one day,... at least for repos like
unstable, *-security, *-updates? Maybe also testing?

And maybe a 1-2 weeks or so for any repo where security is anyway handled
in another (stable)?


Thanks for your consideration,
Chris.

Bug#990583: lrzip: CVE-2021-27347

[Moritz Mühlenhoff]

Source: lrzip
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security

Hi,

The following vulnerability was published for lrzip.

CVE-2021-27347[0]:
| Use after free in lzma_decompress_buf function in stream.c in Irzip
| 0.631 allows attackers to cause Denial of Service (DoS) via a crafted
| compressed file.

It's unclear which commit fixed, this should be checked with upstream:  
https://github.com/ckolivas/lrzip/issues/165


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-27347
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27347

Please adjust the affected versions in the BTS as needed.

Bug#990582: fastapi: CVE-2021-32677

[Moritz Mühlenhoff]

Source: fastapi
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security

Hi,

The following vulnerability was published for fastapi.

CVE-2021-32677[0]:
| FastAPI is a web framework for building APIs with Python 3.6+ based on
| standard Python type hints. FastAPI versions lower than 0.65.2 that
| used cookies for authentication in path operations that received JSON
| payloads sent by browsers were vulnerable to a Cross-Site Request
| Forgery (CSRF) attack. In versions lower than 0.65.2, FastAPI would
| try to read the request payload as JSON even if the content-type
| header sent was not set to application/json or a compatible JSON media
| type (e.g. application/geo+json). A request with a content type of
| text/plain containing JSON data would be accepted and the JSON data
| would be extracted. Requests with content type text/plain are exempt
| from CORS preflights, for being considered Simple requests. The
| browser will execute them right away including cookies, and the text
| content could be a JSON string that would be parsed and accepted by
| the FastAPI application. This is fixed in FastAPI 0.65.2. The request
| data is now parsed as JSON only if the content-type header is
| application/json or another JSON compatible media type like
| application/geo+json. It's best to upgrade to the latest FastAPI, but
| if updating is not possible then a middleware or a dependency that
| checks the content-type header and aborts the request if it is not
| application/json or another JSON compatible content type can act as a
| mitigating workaround.

Advisory:
https://github.com/tiangolo/fastapi/security/advisories/GHSA-8h2j-cgx8-6xv7

Patch:
https://github.com/tiangolo/fastapi/commit/fa7e3c996edf2d5482fff8f9d890ac2390dede4d
 (0.65.2)

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-32677
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32677

Please adjust the affected versions in the BTS as needed.

Bug#990581: nomad: CVE-2021-32575

[Moritz Mühlenhoff]

Source: nomad
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security

Hi,

The following vulnerability was published for nomad.

CVE-2021-32575[0]:
| HashiCorp Nomad and Nomad Enterprise up to version 1.0.4 bridge
| networking mode allows ARP spoofing from other bridged tasks on the
| same node. Fixed in 0.12.12, 1.0.5, and 1.1.0 RC1.

https://discuss.hashicorp.com/t/hcsec-2021-14-nomad-bridge-networking-mode-allows-arp-spoofing-from-other-bridged-tasks-on-same-node/24296

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-32575
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32575

Please adjust the affected versions in the BTS as needed.

Bug#801951: debian/copyright should mention BSD3 license, not PSF

[Bastian Germann]

Control: severity -1 serious
Control: retitle -1 d/copyright must contain BSD3 and Apache 2, not PSF

On Fri, 16 Oct 2015 10:48:28 +0200 Stefano Zacchiroli  wrote:

Package: python3-dateutil
Version: 2.2-2
Severity: important

debian/copyright currently refers to (various incarnations of...) the PSF
license, whereas python-dateutil has been relicense under BSD3 a while ago.
See http://sources.debian.net/src/python-dateutil/latest/LICENSE/ for
reference. debian/copyright should be updated (and can be widely simplified /
shortened) to refer to BSD3.

Thanks a lot for maintaining python-dateutil in Debian, it's much appreciated!

Cheers.


Current versions (in buster and upcoming bullseye) are dual-licensed under BSD3 and Apache 2. I am 
raising the severity because this is a long-standing policy violation.

Bug#990580: apache2: [regression] daily cron mails from logrotate: Reloading Apache httpd web server: apache2.

[Thorsten Glaser]

Package: apache2
Version: 2.4.48-3
Severity: important
X-Debbugs-Cc: t...@mirbsd.de, debian-rele...@lists.debian.org

Having just upgraded machines from 2.4.46-4 to 2.4.48-3
I now get daily¹ cron mails:

| From: Anacron 
| Message-ID: <20210702075325.946f340...@ci-busyapps.lan.tarent.de>
| To: r...@ci-busyapps.lan.tarent.de
| Date: Fri,  2 Jul 2021 07:53:25 + (UTC)
| Subject: Anacron job 'cron.daily' on ci-busyapps.lan.tarent.de
| 
| /etc/cron.daily/logrotate:
| Reloading Apache httpd web server: apache2.

This is a regression that’s going to severely annoy admins and
ought to be fixed, including for bullseye.

① I know they are daily because I have been getting them on another
  system for some time already but didn’t know if it was that system
  or something in the package; as multiple other systems are now
  affected identically, I know it’s a bug in the package.

-- Package-specific info:

-- System Information:
Debian Release: 11.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-8-amd64 (SMP w/1 CPU thread)
Locale: LANG=C, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/lksh
Init: sysvinit (via /sbin/init)

Versions of packages apache2 depends on:
ii  apache2-bin  2.4.48-3
ii  apache2-data 2.4.48-3
ii  apache2-utils2.4.48-3
ii  dpkg 1.20.9
ii  init-system-helpers  1.60
ii  lsb-base 11.1.0
ii  mime-support 3.66
ii  perl 5.32.1-4
ii  procps   2:3.3.17-5

Versions of packages apache2 recommends:
ii  ssl-cert  1.1.0+nmu1

Versions of packages apache2 suggests:
pn  apache2-doc  
pn  apache2-suexec-pristine | apache2-suexec-custom  
ii  lynx [www-browser]   2.9.0dev.6-2

Versions of packages apache2-bin depends on:
ii  libapr11.7.0-6
ii  libaprutil11.6.1-5
ii  libaprutil1-dbd-pgsql  1.6.1-5
ii  libaprutil1-ldap   1.6.1-5
ii  libbrotli1 1.0.9-2+b2
ii  libc6  2.31-12
ii  libcrypt1  1:4.4.18-4
ii  libcurl4   7.74.0-1.3
ii  libjansson42.13.1-1.1
ii  libldap-2.4-2  2.4.57+dfsg-3
ii  liblua5.3-05.3.3-1.1+b1
ii  libnghttp2-14  1.43.0-1
ii  libpcre3   2:8.39-13
ii  libssl1.1  1.1.1k-1
ii  libxml22.9.10+dfsg-6.7
ii  perl   5.32.1-4
ii  zlib1g 1:1.2.11.dfsg-2

Versions of packages apache2-bin suggests:
pn  apache2-doc  
pn  apache2-suexec-pristine | apache2-suexec-custom  
ii  lynx [www-browser]   2.9.0dev.6-2

Versions of packages apache2 is related to:
ii  apache2  2.4.48-3
ii  apache2-bin  2.4.48-3

-- Configuration Files:
/etc/apache2/mods-available/ssl.conf changed [not included]
/etc/apache2/sites-available/000-default.conf changed [not included]
/etc/apache2/sites-available/default-ssl.conf changed [not included]

-- no debconf information

Bug#990579: composer: Security update broke git clone with cacheOptions

[Harald Laabs]

Package: composer
Version: 1.2.2-1+deb9u1
Severity: important

0005-Merge-pull-request-from-GHSA-h5h8-pc6h-jvvx.patch includes:
-$command = 'git clone --no-checkout %s %s '.$cacheOptions.'&& cd 
'.$flag.'%2$s && git remote add composer %1$s && git fetch composer';
+$command = 'git clone --no-checkout -- %s %s '.$cacheOptions.'&& cd 
'.$flag.'%2$s && git remote add composer -- %1$s && git fetch composer';

git clone expects options before URL and PATH. It will still work if
the '--' is not put before URL and PATH. The cacheOptions need to be
moved to the left (before --), otherwise this cannot work anymore in
case of $cacheOptions != ''.

Best regards,
Harald

Bug#990578: jetty9: CVE-2021-34428

[Salvatore Bonaccorso]

Source: jetty9
Version: 9.4.39-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/eclipse/jetty.project/issues/6277
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for jetty9.

CVE-2021-34428[0]:
| For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2,
| if an exception is thrown from the SessionListener#sessionDestroyed()
| method, then the session ID is not invalidated in the session ID
| manager. On deployments with clustered sessions and multiple contexts
| this can result in a session not being invalidated. This can result in
| an application used on a shared computer being left logged in.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-34428
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34428
[1] https://github.com/eclipse/jetty.project/issues/6277
[2] 
https://github.com/eclipse/jetty.project/security/advisories/GHSA-m6cp-vxjx-65j6

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#990576: mpmath: CVE-2021-29063

[Salvatore Bonaccorso]

Source: mpmath
Version: 1.2.1-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/fredrik-johansson/mpmath/issues/548
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for mpmath.

CVE-2021-29063[0]:
| A Regular Expression Denial of Service (ReDOS) vulnerability was
| discovered in Mpmath v1.0.0 when the mpmathify function is called.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-29063
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29063
[1] https://github.com/fredrik-johansson/mpmath/issues/548

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#990577: ruby-bindata: CVE-2021-32823

[Salvatore Bonaccorso]

Source: ruby-bindata
Version: 2.4.8-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for ruby-bindata.

CVE-2021-32823[0]:
| In the bindata RubyGem before version 2.4.10 there is a potential
| denial-of-service vulnerability. In affected versions it is very slow
| for certain classes in BinData to be created. For example
| BinData::Bit10, BinData::Bit11, BinData::Bit12,
| BinData::Bit. In combination with
| .constantize there is a potential for a CPU-based
| DoS. In version 2.4.10 bindata improved the creation time of Bits and
| Integers.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-32823
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32823
[1] 
https://github.com/dmendel/bindata/commit/d99f050b88337559be2cb35906c1f8da49531323
[2] 
https://github.com/dmendel/bindata/blob/v2.4.10/ChangeLog.rdoc#version-2410-2021-05-18-

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#990575: php8.0: CVE-2021-21704 CVE-2021-21705

[Salvatore Bonaccorso]

Source: php8.0
Version: 8.0.7-1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerabilities were published for php8.0, they are
fixed in 8.0.8 upstream.

CVE-2021-21704[0]:
| PHP: firebird issues

CVE-2021-21705[1]:
| PHP: SSRF bypass in FILTER_VALIDATE_URL

If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-21704
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21704
[1] https://security-tracker.debian.org/tracker/CVE-2021-21705
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21705

Regards,
Salvatore

Bug#990489: python3-expeyes: why is there a Conflicts: modemmanager ?

[Georges Khaznadar]

Dear Ajith,

I uploaded a fixed package to Debian, just before Jithin proposed an
even better fix (more general for various hardware related to Phoenix
project).

We must let some time to developers of the release.debian.org to manage
the current "unblock request".

If they agree with the unblock request, expeyes will be part of the
next Debian/stable distribution. I shall try to upload Jithin's better
fix later: maybe some member of release.debian.org will be able to take
it in consideration, as a second (and lighter) change to this package.

Best regards,   Georges.

Ajith Kumar a écrit :
> Dear Georges,
> I think a message may be displayed during the installation of eyes17
> instructing to remove the modem manager in case of any trouble
> communicating with eyes17. It is left to the user instead of a forced
> removal. It is important to have it in the Distro. The users in Kerala is a
> closed community and we can instruct them. Jithin may consider it.


signature.asc
Description: PGP signature

Bug#990574: popularity-contest: leftovers after purge

[Christoph Anton Mitterer]

Package: popularity-contest
Version: 1.71
Severity: normal


Hi.

Seems popcon creates /var/lib/popularity-contest/ but doesn't
clean up the empty dir after purge.

Cheers,
Chris.

Bug#990573: libpmem1: insufficient flushing on ARMv8.2+

[Adam Borowski]

Package: libpmem1
Version: 1.10-1
Severity: grave
Justification: causes data loss

[a fix is coming, filing this bug so the Release Team knows why]

Hi!
Support for arm64 in PMDK is deeply experimental.  As far as I know, it has
never been tested on real hardware nor had been reviewed by someone with
adequate knowledge about ARM.  Yet, enabling arm64 in our packages has been
requested multiple times, and bullseye / buster-backports do include arm64
builds.  This was done with porting in mind, yet it looks like pmem-capable
ARM hardware is coming soon, and will be used in production not long after.

This makes inadequate support for new ARM chips unfortunate to say the least.

In ARMv8.0 and ARMv8.1, the only flushes available were CVAI (to make icache
= dcache, irrelevant for pmem), and CVAC ("flush to coherency").  The latter
was the deepest flush available, and implementors simply had no other option
than to have this instruction request the memory controller to send its data
to actual memory chips.

This changed in ARMv8.2, where a new instruction CVAP ("flush to
persistency") has been added, and CVAC was defined to require coherency only
between "agents" (such as CPU cores, GPU, etc) but not memory.

Yet PMDK knew only about CVAC -- despite asking around, no one of us could
get hold of an ARMv8.2 machine to implement detection/etc.  Such support is
obviously not a priority for Intel nor IBM.

Only recently, I managed to get access to such a box, and implemented
flushes via CVAP.  Without them, an unexpected power loss may result in
recent writes being lost.  This is even worse than with disks -- a typical
filesystem will flush every 5 seconds or so, while there's no time-based
mechanism to flush CPU caches.  If a machine finished its task and became
quiescent, it's possible the kernel and daemons won't actively touch more
than 16-64MB of L3 cache for hours or days.

The new flushes have been merged upstream in 1.11, I'm about to cherry-pick
to 1.10 for Bullseye.


Meow!
-- System Information:
Debian Release: 11.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), 
(500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.13.0-00032-g2fc675a48a0e (SMP w/64 CPU threads)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages libpmem1 depends on:
ii  libc6   2.31-12
ii  libdaxctl1  71.1-1
ii  libndctl6   71.1-1

libpmem1 recommends no packages.

libpmem1 suggests no packages.

-- no debconf information

Bug#990423: stretch kernel 4.9.0-16-amd64 crashes randomly

[Vladimir Chernyshov]

Apologies, the correct PCI ID of my wireless NIC is "Intel Corporation 
Wireless 7260 (rev bb)".

Bug#990423: stretch kernel 4.9.0-16-amd64 crashes randomly

[Vladimir Chernyshov]

I have the same AMD E-450 CPU and the same problem after installing 
4.9.0-16-amd64. The problem in my case seems to be caused by the "Intel 
Corporation Wireless 7260 (rev 73)" driver or firmware, as there are no 
crashes if the wlan interface is not enabled. I had to downgrade to 
4.9.0-15-amd64 in order to make my laptop usable again with wireless 
connection.

Bug#990572: ITP: golang-mozilla-pkcs7 -- Go library for parsing and creating signed and enveloped messages

[Peymaneh Nejad]

Package: wnpp
Severity: wishlist
Owner: Peymaneh Nejad 

* Package name: golang-mozilla-pkcs7-dev
  Version : 0.0~git20200128.432b235-1
  Upstream Author : Mozilla Services
* URL : https://go.mozilla.org/pkcs7
* License : Expat
  Programming Lang: Go
  Description : Go library for parsing and creating signed and enveloped 
messages
 This package implements a subset of PKCS#7/Cryptographic Message Syntax
 (rfc2315, rfc5652) in Golang. It is a fork of github.com/fullsailor/pkcs7

This package is a dependency of github.com/smallstep/cli (#989857)

Bug#990571: unblock: tinyproxy/1.10.0-5

[Mike Gabriel]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package tinyproxy

[ Reason ]

Two flaws have been discovered recently by other Debian users:

+  [ Unit 193 ]
+  * d/p/0001_fix-segfault-with-socks4.patch:
++ Grab an upstream patch to fix a segfault when using socks4 with
+  tor. (Closes: #990434).

-> This issue has been during the past week by Unit 193 and tinyproxy
upstream. This allows using tinyproxy as http-proxy on top of a local tor
SOCKS4 proxy.

+  [ Mike Gabriel ]
+  * debian/tinyproxy.service:
++ Use KillMode=process (instead of the default 'control-group'). The main
+  tinyproxy process will stop all its workers if a SIGTERM signal is
+  received. This avoids SIGTERM racing situation where the tinyproxy main
+  process and systemd are trying to kill tinyproxy's workers 
simultaneously.
+  (Closes: #968322).

Situations have been observed where tinyproxy exits with exitcode 2 on
systemd's normal SIGTERM signal being sent on service stop.

Using KillMode=process which only terminates the main tinyproxy process
(instead of attempting to kill all children, as well) resolves this
problem.

[ Impact ]
Tinyproxy would not be usable on top of a local tor SOCKS4 proxy.

[ Tests ]
Manual tests.

[ Risks ]
If something has been missed, tinyproxy might fail for people and a regression 
fix would be needed.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]
None.

unblock tinyproxy/1.10.0-5
diff -Nru tinyproxy-1.10.0/debian/changelog tinyproxy-1.10.0/debian/changelog
--- tinyproxy-1.10.0/debian/changelog   2020-01-21 11:14:47.0 +0100
+++ tinyproxy-1.10.0/debian/changelog   2021-07-02 12:25:46.0 +0200
@@ -1,3 +1,20 @@
+tinyproxy (1.10.0-5) unstable; urgency=medium
+
+  [ Unit 193 ]
+  * d/p/0001_fix-segfault-with-socks4.patch:
++ Grab an upstream patch to fix a segfault when using socks4 with
+  tor. (Closes: #990434).
+
+  [ Mike Gabriel ]
+  * debian/tinyproxy.service:
++ Use KillMode=process (instead of the default 'control-group'). The main
+  tinyproxy process will stop all its workers if a SIGTERM signal is
+  received. This avoids SIGTERM racing situation where the tinyproxy main
+  process and systemd are trying to kill tinyproxy's workers 
simultaneously.
+  (Closes: #968322).
+
+ -- Mike Gabriel   Fri, 02 Jul 2021 12:25:46 +0200
+
 tinyproxy (1.10.0-4) unstable; urgency=medium
 
   * debian/tinyproxy.init:
diff -Nru tinyproxy-1.10.0/debian/patches/0001_fix-segfault-with-socks4.patch 
tinyproxy-1.10.0/debian/patches/0001_fix-segfault-with-socks4.patch
--- tinyproxy-1.10.0/debian/patches/0001_fix-segfault-with-socks4.patch 
1970-01-01 01:00:00.0 +0100
+++ tinyproxy-1.10.0/debian/patches/0001_fix-segfault-with-socks4.patch 
2021-07-02 12:22:48.0 +0200
@@ -0,0 +1,51 @@
+From 7ea9f80d3f31c85a4729854b47977e282632e6ed Mon Sep 17 00:00:00 2001
+From: rofl0r 
+Date: Fri, 25 Jun 2021 02:43:00 +0100
+Subject: [PATCH] fix segfault in socks4 upstream with unresolvable hostname
+
+using a socks4 tor upstream with an .onion url resulted in
+gethostbyname() returning NULL and a subsequent segfault.
+not only did the code not check the return value of gethostbyname(),
+that resolver API itself isn't threadsafe.
+
+as pure SOCKS4 supports only IPv4 addresses, and the main SOCKS4
+user to this date is tor, we just use SOCKS4a unconditionally and
+pass the hostname to the proxy without trying to do any local name
+resolving.
+
+i suspect in 2021 almost all SOCKS4 proxy servers in existence use
+SOCKS4a extension, but should i be wrong on this, i prefer issue
+reports to show up and implement plain SOCKS4 fallback only when
+i see it is actually used in practice.
+---
+ src/reqs.c |   12 +++-
+ 1 file changed, 7 insertions(+), 5 deletions(-)
+
+--- a/src/reqs.c   2021-06-25 01:00:13.026080096 -0400
 b/src/reqs.c   2021-06-25 01:00:13.026080096 -0400
+@@ -1287,7 +1287,6 @@
+   unsigned short port;
+   size_t ulen, passlen;
+ 
+-  struct hostent *host;
+   struct upstream *cur_upstream = connptr->upstream_proxy;
+ 
+   ulen = cur_upstream->ua.user ? strlen(cur_upstream->ua.user) : 0;
+@@ -1304,10 +1303,13 @@
+   buff[1] = 1; /* connect command */
+   port = htons(request->port);
+   memcpy(&buff[2], &port, 2); /* dest port */
+-  host = gethostbyname(request->host);
+-  memcpy(&buff[4], host->h_addr_list[0], 4); /* dest ip */
+-  buff[8] = 0; /* user */
+-  if (9 != safe_write(connptr->server_fd, buff, 9))
++  memcpy(&buff[4], "\0\0\0\1" /* socks4a fake ip */
++   "\0" /* user */, 5);
++  len = strlen(request->host);
++  if(len>255)
++   

Bug#927076: xournalpp packaging in Debian

[Barak A. Pearlmutter]

The reason I'm tracking is because I actually use the generated packages.
But I'm totally unfamiliar with the salsa continuous integration
stuff. Wouldn't mind learning though.

Happy to change workflow, maybe do development on a different branch?

Or, could make snapshot upstream releases 1.0.20+git.DATE.N.ID, or
1.1.0~git.DATE.N.ID, which are based on particular upstream commit IDs
and pushed into pristine-tar.

Bug#990489: python3-expeyes: why is there a Conflicts: modemmanager ?

[Ajith Kumar]

Dear Georges,
I think a message may be displayed during the installation of eyes17
instructing to remove the modem manager in case of any trouble
communicating with eyes17. It is left to the user instead of a forced
removal. It is important to have it in the Distro. The users in Kerala is a
closed community and we can instruct them. Jithin may consider it.

Regards.

On Wed, Jun 30, 2021 at 9:36 PM Georges Khaznadar 
wrote:

> Dear Andreas,
>
> I added in Cc: the authors of Expeyes hardware and software.
>
> Hello Jithin, Ajith! the context about the bug report with serious
> severity is below.
>
> 
>
> I ignored that a statement like "Conflicts: modemmanager" would create
> problems with buster->bullseye upgrades. Currently, binary packages
> conflicting with modemmanager are: eyes17, python3-expeyes,
> firm-phoenix-ware. The first one, eyes17, will be the most used.
>
> This statement was added because boxes of the Expeyes family do not
> communicate correctly by their serial link when modemmanager is
> installed. I did not investigate further, to know the precise reason of
> the incompatibility.
>
> I got e-mails of some users of previous versions of expeyes packages,
> who could not activate their boxes, and my reply was to uninstall
> modemmanager or upgrade to the new version of eyes17 package.
>
> The number of Expeyes users is currently growing in Kerala (a southern
> state of India), and they rely on *eyes17* package, some with a Debian
> machine, most with an Ubuntu machine. This community is growing since
> Eyes17 box has become an officially encouraged scientific device, to be
> distributed to all high schools in the state, together with training.
>
> I cannot withdraw the confict statement without damaging this user
> community in the future.
>
> Hence the next question:
> 
>
> How would it be possible to keep expeyes packages in the soon-to-come
> Debian/Stable distribution?
>
> The package modemmanager is recommended by widely used packages, like
> network-manager, while eyes17 is recommended by no package.
>
> I do not know how many users do really need modemmanager, or use modems.
>
> However I know better the profile of users who use eyes17: they are
> students and teachers, wo interact inside a high school. Then, the link
> with Internet is generally provided by some router or some wireless box,
> and no modem is used.
>
> @Jitin, @Ajith:
> can you give please an estimate of the user community for eyes17 now,
> and in a near future?
>
> Best regards,   Georges.
>
> Andreas Beckmann a écrit :
> > Package: python3-expeyes
> > Version: 4.8.7+repack-4
> > Severity: serious
> > User: debian...@lists.debian.org
> > Usertags: piuparts
> > Control: affects -1 + eyes17
> >
> > Hi Georges,
> >
> > while investigating incomplete buster->bullseye upgrades, I came across
> > the Conflicts: modemmanager in python3-expeyes. Why was that added?
> > It is not mentioned in the changelog and the git commit introducing it
> > doesn't explain it either.
> > Should this have been a versioned Breaks instead?
> >
> > The modemmanager package still exists in bullseye, so what should be the
> > desired buster->bullseye upgrade outcome for buster systems with both
> > modemmanager and python3-expeyes installed (that happens e.g. when
> > installing eyes17/buster with --install-recommends)?
> >
> >
> > Andreas
>
> --
> Georges KHAZNADAR et Jocelyne FOURNIER
> 22 rue des mouettes, 59240 Dunkerque France.
> Téléphone +33 (0)3 28 29 17 70
>
>

-- 
Dr. Ajith Kumar B.P.
https://scischool.in/

Ph: +91 9643258320 , 9868150852

Bug#927076: xournalpp packaging in Debian

[Martin Quinson]

Thanks, it helps the salsa pipeline. But it fails right after, because the git 
content is too different from the tarball of 1.0.20...

I guess there is no easy way to make this pipeline work before the release of 
1.1.0. I tend to think that our issues come from the remote tracking of 
upstream's git in the debian one. In the other packages I'm involved in, we 
only use `gbp import-orig` to get new upstream content, while keeping the 
pristine-tar branch in sync. I understand that the situation is very specific 
for xournalpp, as you wanted to get ready for the upcoming release, but maybe 
in the future it'd be easier to stick to the classical git-buildpackage 
workflow? That being said, if you have another workflow that work (on salsa 
also), I'd be glad to learn new tricks ;)

I'm not very well connected to the xournal world. Do you have any hint of when 
the next release will occur?

Thx, Mt

Bug#990511: unblock: kodi/2:19.1+dfsg2-2

[Vasyl Gello]

>C++ has an overloaded version of tolower that takes a locale:
>https://en.cppreference.com/w/cpp/locale/tolower

Good find, thanks! Still, what do you think about this concern:

> but to separate "culture-dependent" and "ordinal" comparisons, one needs to 
> overhaul half of Kodi.
> And this would make the fix unfit for 19.x branch as the regressions would be 
> just as severe as they could be with CDateTime PR.

I dont think spending several weeks to isolate all places that need C-locale 
comparison from those implementing language-specific processing (amd testing 
all possible regressions!) is worth for 19.x.
-- 
Vasyl Gello
==
Certified SolidWorks Expert

Mob.:+380 (98) 465 66 77

E-Mail: vasek.ge...@gmail.com

Skype: vasek.gello
==
호랑이는 죽어서 가죽을 남기고 사람은 죽어서 이름을 남긴다

Bug#990511: unblock: kodi/2:19.1+dfsg2-2

[Sebastian Ramacher]

On 2021-07-02 08:48:10 +, Vasyl Gello wrote:
> Also I don't see std::tolower_l as part of C++ standard. Looks like tolower_l 
> is POSIX standard and Kodi uses std:: stuff there :(

C++ has an overloaded version of tolower that takes a locale:
https://en.cppreference.com/w/cpp/locale/tolower

Cheers

> -- 
> Vasyl Gello
> ==
> Certified SolidWorks Expert
> 
> Mob.:+380 (98) 465 66 77
> 
> E-Mail: vasek.ge...@gmail.com
> 
> Skype: vasek.gello
> ==
> 호랑이는 죽어서 가죽을 남기고 사람은 죽어서 이름을 남긴다

-- 
Sebastian Ramacher


signature.asc
Description: PGP signature

Bug#990569: libnode72: Missing dependency on libuv

[Jérémy Lal]

Package: libnode72
Version: 12.21.0~dfsg-4
Severity: serious
Justification: Policy 3.5

Hi,

i just realized libnode72 doesn't depend on libuv,
even being built with --shared-libuv.

Something is broken, will investigate quickly.

Jérémy



-- System Information:
Debian Release: 11.0
  APT prefers testing-security
  APT policy: (500, 'testing-security'), (500, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-8-amd64 (SMP w/4 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libnode72 depends on:
ii  libbrotli1 1.0.9-2+b2
ii  libc-ares2 1.17.1-1
ii  libc6  2.31-12
ii  libgcc-s1  10.2.1-6
ii  libicu67   67.1-7
ii  libnghttp2-14  1.43.0-1
ii  libssl1.1  1.1.1k-1
ii  libstdc++6 10.2.1-6
ii  zlib1g 1:1.2.11.dfsg-2

libnode72 recommends no packages.

libnode72 suggests no packages.

-- no debconf information

Bug#989266: Version has known security issues, and soon to be unmaintained by upstream

[Jérémy Lal]

Package: nodejs
Followup-For: Bug #989266

Hi,

> This version has security issues, which have been fixed with 12.21.1 -
> see 
> https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V12.md#12.22.1

well actually 12.21.1 security issues don't apply to nodejs 12.21.0~dfsg-4.
This fact has been checked by the security team and by nodejs maintainer.

> Also, the upstream maintenance support for Version 12 will end in
> April 2022, meaning,  the Debian Security Team and/or maintainer will
> have the sole responsibility to keep this package secure from then on,
> with no support from upstream, if it will be delivered like this with
> bullseye.

True. However, it is simply not possible to move to node 14 without
updating all of the modules currently in debian, potentially breaking
applications using them, etc. This has to be an orchestrated work,
involving many debian maintainers - most of them on their free time.
Nodejs 14 will be for bullseyes+1, and it's at least one year too late
to change that.

On the other hand, many nodejs critical security issues come from
the libraries it depends on - which are covered by the security team.
Typically the 12.21.1 version is only fixing openssl/npm issues,
which means the fixes are made in the corresponding debian packages.

Also LTS maintenance sometimes continue on further than initially
advertised - and even if not, several outsiders are maintaining
security backports to recently dead nodejs branches - debian is not alone
on that side of the time.

Jérémy

Bug#990558: unblock: etbemon/1.3.5-6

[Russell Coker]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package etbemon

(Please provide enough (but not too much) information to help
the release team to judge the request efficiently. E.g. by
filling in the sections below.)

[ Reason ]
Improvements to imapnew.monitor, added hp-temp.monitor for HP server
temperature monitoring, and added support for MegaRAID and NVMe to
smartctl.monitor

[ Impact ]
Less functionality for users with MegaRAID (Dell servers among others) and
people using HP servers.

[ Risks ]
No risks regarding hp-temp.monitor as people can use linux-temp.monitor if
hp-temp.monitor doesn't work for them.

smartctl.monitor has been tested and found to work OK on the SATA scenarios
that the previous version supported.

imapnew.monitor has been extensively tested, and also has better quality code.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

unblock etbemon/1.3.5-6


diff -u etbemon-1.3.5/debian/changelog etbemon-1.3.5/debian/changelog
--- etbemon-1.3.5/debian/changelog
+++ etbemon-1.3.5/debian/changelog
@@ -1,3 +1,13 @@
+etbemon (1.3.5-6) unstable; urgency=medium
+
+  * Better fix for headers in imapnew.monitor that doesn't need
+libhash-case-perl.
+  * Added hp-temp.monitor to use /sbin/hplog to monitor HP server temperature
+  * Added -M option to smartctl.monitor for MegaRAID AKA PERC support and
+added support for NVMe devices
+
+ -- Russell Coker   Mon, 07 Jun 2021 16:34:01 +1000
+
 etbemon (1.3.5-5) unstable; urgency=medium
 
   * Make the deleted-mapped check avoid perl privsep processes, don't want
reverted:
--- etbemon-1.3.5/debian/control
+++ etbemon-1.3.5.orig/debian/control
@@ -13,7 +13,7 @@
 Package: mon
 Architecture: any
 Depends: mon-client (>= 1.2.0), libtime-period-perl, adduser, 
${shlibs:Depends}, ${misc:Depends}
+Recommends: fping, libauthen-pam-perl, libfilesys-df-perl, libnet-perl, 
libnet-dns-perl, libnet-ldap-perl, libnet-telnet-perl, libsnmp-perl, 
libstatistics-descriptive-perl, libtime-parsedate-perl, libcrypt-ssleay-perl, 
libmail-imapclient-perl, libtimedate-perl, swaks, libcgi-pm-perl, bc, 
libproc-processtable-perl, libsys-filesystem-perl
-Recommends: fping, libauthen-pam-perl, libfilesys-df-perl, libnet-perl, 
libnet-dns-perl, libnet-ldap-perl, libnet-telnet-perl, libsnmp-perl, 
libstatistics-descriptive-perl, libtime-parsedate-perl, libcrypt-ssleay-perl, 
libmail-imapclient-perl, libtimedate-perl, swaks, libcgi-pm-perl, bc, 
libproc-processtable-perl, libsys-filesystem-perl, libhash-case-perl
 Suggests: mon-contrib
 Conflicts: mon-contrib (<= 1.0+dfsg-3+nmu1)
 Description: monitor hosts/services/whatever and alert about problems
diff -u etbemon-1.3.5/mon-local.d/smartctl.monitor 
etbemon-1.3.5/mon-local.d/smartctl.monitor
--- etbemon-1.3.5/mon-local.d/smartctl.monitor
+++ etbemon-1.3.5/mon-local.d/smartctl.monitor
@@ -5,38 +5,67 @@
 # copyright 2020 Russell Coker, Licensed under GPLv3 or higher.
 #
 # Monitor script to run smartctl and parse output.  By default checks
-# /dev/sd[a-z] and /dev/sd[a-z][a-z] but you can give a list of devices on the
-# command line
+# /dev/sd[a-z] /dev/sd[a-z][a-z] /dev/nvme[0-9] /dev/nvme[0-9][0-9] but
+# you can give a list of devices on the command line
 #
-# -f to treat marginal as failed
+# -f to treat all marginal conditions as failed
 # -m ATTRIBUTE_NAME to treat attribute as marginal
+#
+# -M for MegaRAID support, takes parameters of a device node on the MegaRAID
+# and a list of disk IDs separated by commas, eg "-M /dev/sda,0,1,7" for
+# disks 0, 1, and 7 on the MegaRAID controller that runs /dev/sda.
 
 my $summary;
 my $margsummary;
 my $detail;
 my $margdetail;
+my $megadev;
+my @ids;
 
 our $opt_f;
 our $opt_m;
-getopts("fm:") or die;
+our $opt_M;
+getopts("fm:M:") or die;
 
-if(-1 == $#ARGV)
+if($opt_M)
+{
+  @ids = split(/,/, $opt_M);
+  $megadev = $ids[0];
+  shift @ids;
+}
+else
 {
-  @ARGV = glob( "/dev/sd[a-z] /dev/sd[a-z][a-z]" );
   if(-1 == $#ARGV)
   {
-print "No devices found\n";
-exit(1);
+@ids = glob( "/dev/sd[a-z] /dev/sd[a-z][a-z] /dev/nvme[0-9] 
/dev/nvme[0-9][0-9]" );
+if(-1 == $#ids)
+{
+  print "No devices found\n";
+  exit(1);
+}
+  }
+  else
+  {
+@ids = @ARGV;
   }
 }
 
-foreach my $dev (@ARGV)
+foreach my $dev (@ids)
 {
-  open(SMART, "/usr/lib/mon/bin/smartctl.helper $dev|") or die "Can't run 
smartctl.helper";
+  my $cmd;
+  if($opt_M)
+  {
+$cmd = "/usr/lib/mon/bin/smartctl.helper M$megadev,$dev"
+  }
+  else
+  {
+$cmd = "/usr/lib/mon/bin/smartctl.helper $dev";
+  }
+  open(SMART, "$cmd|") or die "Can't run smartctl.helper";
   my $header = 0;
   while()
   {
-if($_ =~ /^=== START OF READ/)
+if($_ =~ /^=== START OF .*SMART DATA SECTION/)
 {
   $header = 1;
   last;
@@ -44,7 +73,7 @@
   }
   if(not $header)
   {
-die "Error runn