Bug#990632: unblock: fdroidserver/2.0.3-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package fdroidserver [ Reason ] fdroidserver has successful autopkgtests but fails on ppc64el due to zipalign not being available on that platform (Not a regression). I believe that is #980087. For the patch itself, it fixes two warnings in the linting part of fdroidserver. ruamel deprecated one function and a restriction for the Version field in the F-Droid metadata was lifted. Note that I opted for a new upstream version cause adding those two change would have resulted in basically the same patch plus/minus the version noise. Hope that is fine. [ Impact ] bullseye users would would get a lot of false warnings when linting a metadata file. [ Tests ] I tested the new version manually. Also upstream is using it in production. [ Risks ] The code change for the Version field is only changing a regex so it seems trivial to me. For ruamel the deprecated function was replaced by it's content. [ Checklist ] [X] all changes are documented in the d/changelog (through upstream changelog) [X] I reviewed all changes and I approve them [X] attach debdiff against the package in testing unblock fdroidserver/2.0.3-1 diff --git a/CHANGELOG.md b/CHANGELOG.md index 99a5f430..945e237c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,21 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) -## [2.0.1] - 2020-03-09 +## [2.0.3] - 2021-07-01 + +### Fixed + +* Support AutoUpdateMode: Version without pattern + [931](https://gitlab.com/fdroid/fdroidserver/-/merge_requests/931) + +## [2.0.2] - 2021-06-01 + +### Fixed + +* fix "ruamel round_trip_dump will be removed" + [932](https://gitlab.com/fdroid/fdroidserver/-/merge_requests/932) + +## [2.0.1] - 2021-03-09 ### Fixed @@ -18,7 +32,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) * checkupdates: set User-Agent to make gitlab.com happy * Run push_binary_transparency only once -## [2.0] - 2020-01-31 +## [2.0] - 2021-01-31 For a more complete overview, see the [2.0 milestone](https://gitlab.com/fdroid/fdroidserver/-/milestones/10) diff --git a/PKG-INFO b/PKG-INFO index 1c5616cd..3188aba8 100644 --- a/PKG-INFO +++ b/PKG-INFO @@ -1,6 +1,6 @@ Metadata-Version: 2.1 Name: fdroidserver -Version: 2.0.1 +Version: 2.0.3 Summary: F-Droid Server Tools Home-page: https://f-droid.org Author: The F-Droid Project diff --git a/debian/changelog b/debian/changelog index 59e519f1..d45c4c20 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +fdroidserver (2.0.3-1) unstable; urgency=medium + + * Team upload. + * New upstream version 2.0.3 + + -- Jochen Sprickerhof Thu, 01 Jul 2021 14:48:57 +0200 + fdroidserver (2.0.1-1) unstable; urgency=medium * New upstream version 2.0.1 diff --git a/fdroidserver.egg-info/PKG-INFO b/fdroidserver.egg-info/PKG-INFO index 1c5616cd..3188aba8 100644 --- a/fdroidserver.egg-info/PKG-INFO +++ b/fdroidserver.egg-info/PKG-INFO @@ -1,6 +1,6 @@ Metadata-Version: 2.1 Name: fdroidserver -Version: 2.0.1 +Version: 2.0.3 Summary: F-Droid Server Tools Home-page: https://f-droid.org Author: The F-Droid Project diff --git a/fdroidserver/checkupdates.py b/fdroidserver/checkupdates.py index f5d0d450..b9e723df 100644 --- a/fdroidserver/checkupdates.py +++ b/fdroidserver/checkupdates.py @@ -492,7 +492,7 @@ def checkupdates_app(app): logging.warning("Can't auto-update app with no CurrentVersionCode: " + app.id) elif mode in ('None', 'Static'): pass -elif mode.startswith('Version '): +elif mode.startswith('Version'): pattern = mode[8:] suffix = '' if pattern.startswith('+'): diff --git a/fdroidserver/metadata.py b/fdroidserver/metadata.py index 6c3c4815..8b27c991 100644 --- a/fdroidserver/metadata.py +++ b/fdroidserver/metadata.py @@ -448,7 +448,7 @@ valuetypes = { ["AntiFeatures"]), FieldValidator("Auto Update Mode", - r"^(Version .+|None)$", + r"^(Version.*|None)$", ["AutoUpdateMode"]), FieldValidator("Update Check Mode", @@ -964,7 +964,9 @@ def write_yaml(mf, app): return builds yaml_app = _app_to_yaml(app) -ruamel.yaml.round_trip_dump(yaml_app, mf, indent=4, block_seq_indent=2) +yaml = ruamel.yaml.YAML() +yaml.indent(mapping=4, sequence=4, offset=2) +yaml.dump(yaml_app, stream=mf) build_line_sep = re.compile(r'(?
Bug#990631: thunderbird: Preferences tab is completely blank after the upgrade to 90b2
Package: thunderbird Version: 1:90.0~b2-1 Severity: important X-Debbugs-Cc: pitsior...@gmail.com Dear Maintainer, I upgraded to 90b2 (from 78.11) a few minutes ago, because I really wanted to see if tb has adopted that proton redesign ff 89 introduced. It hasn't (yet). And I noticed that every single submenu under edit > preferences is now blank (attached image). And the same thing happens with a fresh profile. Launching it from the terminal shows these errors, althought I think they are irrelevant $ thunderbird [GFX1-]: glxtest: eglBindAPI returned an error [GFX1-]: glxtest: libEGL missing eglGetDisplayDriverName -- System Information: Debian Release: 11.0 APT prefers testing APT policy: (990, 'testing'), (500, 'testing-security'), (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-6-amd64 (SMP w/2 CPU threads) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages thunderbird depends on: ii debianutils 4.11.2 ii fontconfig 2.13.1-4.2 ii libatk1.0-0 2.36.0-2 ii libbotan-2-172.17.3+dfsg-2 ii libbz2-1.0 1.0.8-4 ii libc62.31-12 ii libcairo-gobject21.16.0-5 ii libcairo21.16.0-5 ii libdbus-1-3 1.12.20-2 ii libdbus-glib-1-2 0.110-6 ii libevent-2.1-7 2.1.12-stable-1 ii libffi7 3.3-6 ii libfontconfig1 2.13.1-4.2 ii libfreetype6 2.10.4+dfsg-1 ii libgcc-s110.2.1-6 ii libgdk-pixbuf-2.0-0 2.42.2+dfsg-1 ii libglib2.0-0 2.66.8-1 ii libgtk-3-0 3.24.24-4 ii libicu67 67.1-6 ii libjson-c5 0.15-2 ii libnspr4 2:4.29-1 ii libnss3 2:3.67-1 ii libpango-1.0-0 1.46.2-3 ii libstdc++6 10.2.1-6 ii libvpx6 1.10.0+really1.8.1-dmo1 ii libx11-6 2:1.7.1-1 ii libx11-xcb1 2:1.7.1-1 ii libxcb-shm0 1.14-3 ii libxcb1 1.14-3 ii libxext6 2:1.3.3-1.1 ii libxrender1 1:0.9.10-1 ii psmisc 23.4-2 ii x11-utils7.7+5 ii zlib1g 1:1.2.11.dfsg-2 Versions of packages thunderbird recommends: pn myspell-en-us | hunspell-dictionary | myspell-dictionary Versions of packages thunderbird suggests: pn apparmor pn fonts-lyx ii libgssapi-krb5-2 1.18.3-5 ii libgtk2.0-0 2.24.33-2
Bug#990630: unblock: fuse3/3.10.3-2
On Sat, Jul 3, 2021 at 7:21 AM László Böszörményi wrote: > [ Checklist ] > [x] all changes are documented in the d/changelog > [x] I reviewed all changes and I approve them > [x] attach debdiff against the package in testing Then I really attach the debdiff. Regards, Laszlo/GCS diff -Nru fuse3-3.10.3/debian/changelog fuse3-3.10.3/debian/changelog --- fuse3-3.10.3/debian/changelog 2021-04-21 14:34:39.0 +0200 +++ fuse3-3.10.3/debian/changelog 2021-06-20 15:45:33.0 +0200 @@ -1,3 +1,9 @@ +fuse3 (3.10.3-2) unstable; urgency=medium + + * Do not try to alter cuse device permissions (closes: #947229, #989977). + + -- Laszlo Boszormenyi (GCS) Sun, 20 Jun 2021 15:45:33 +0200 + fuse3 (3.10.3-1) unstable; urgency=medium * New upstream release: diff -Nru fuse3-3.10.3/debian/fuse3.postinst fuse3-3.10.3/debian/fuse3.postinst --- fuse3-3.10.3/debian/fuse3.postinst 2021-01-29 16:59:06.0 +0100 +++ fuse3-3.10.3/debian/fuse3.postinst 2021-06-20 15:45:33.0 +0200 @@ -14,10 +14,6 @@ case "${1}" in configure) - if [ -c /dev/cuse ] && ! chrooted - then - chmod 0600 /dev/cuse > /dev/null 2>&1 - fi if ! dpkg-statoverride --list /bin/fusermount3 > /dev/null 2>&1 then chmod 4755 /bin/fusermount3
Bug#990630: unblock: fuse3/3.10.3-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi RMs, I would like to update the fuse3 package for Bullseye. [ Reason ] The fuse3 package has an old postinst snippet to alter cuse device permissions. That's double wrong, doesn't work with RO /dev and can fail in chroot environments. [ Impact ] Failed package install [1] in some cases. [ Tests ] Tested chroot installation and now it works. [ Risks ] None. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] Builds an udeb and needs a d-i hint as well. unblock fuse3/3.10.3-2 Thanks, Laszlo/GCS [1] https://bugs.debian.org/989977
Bug#990629: unblock: icu/67.1-7
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi RMs, I would like to update the ICU (International Components for Unicode) package to fix CVE-2021-30535 [1] for Bullseye. [ Reason ] Fix a security issue which makes it possible for a remote attacker to potentially exploit heap corruption in applications using the ICU library. [ Impact ] Application crash due to double free. [ Tests ] Upstream tests. [ Risks ] None. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] None. unblock icu/67.1-7 Thanks, Laszlo/GCS [1] https://github.com/unicode-org/icu/pull/1698 diff -Nru icu-67.1/debian/changelog icu-67.1/debian/changelog --- icu-67.1/debian/changelog 2021-01-13 06:45:13.0 +0100 +++ icu-67.1/debian/changelog 2021-06-30 18:07:32.0 +0200 @@ -1,3 +1,10 @@ +icu (67.1-7) unstable; urgency=high + + * Backport upstream security fix for CVE-2021-30535: crash caused by locale +assign/move operators. + + -- Laszlo Boszormenyi (GCS) Wed, 30 Jun 2021 18:07:32 +0200 + icu (67.1-6) unstable; urgency=medium * Add pkg-config build dependency to build-test of autopkg tests. diff -Nru icu-67.1/debian/patches/locid_operators.patch icu-67.1/debian/patches/locid_operators.patch --- icu-67.1/debian/patches/locid_operators.patch 1970-01-01 01:00:00.0 +0100 +++ icu-67.1/debian/patches/locid_operators.patch 2021-04-21 15:42:38.0 +0200 @@ -0,0 +1,41 @@ +diff --git a/patches/locid_operators.patch b/patches/locid_operators.patch +new file mode 100644 +index 000..7428558 +--- /dev/null b/patches/locid_operators.patch +@@ -0,0 +1,35 @@ ++diff --git a/source/common/locid.cpp b/source/common/locid.cpp ++index 0d506293..4743db53 100644 ++--- a/source/common/locid.cpp + b/source/common/locid.cpp ++@@ -469,14 +469,18 @@ Locale& Locale::operator=(Locale&& other) U_NOEXCEPT { ++ if ((baseName != fullName) && (baseName != fullNameBuffer)) uprv_free(baseName); ++ if (fullName != fullNameBuffer) uprv_free(fullName); ++ ++-if (other.fullName == other.fullNameBuffer) { +++if (other.fullName == other.fullNameBuffer || other.baseName == other.fullNameBuffer) { ++ uprv_strcpy(fullNameBuffer, other.fullNameBuffer); +++} +++if (other.fullName == other.fullNameBuffer) { ++ fullName = fullNameBuffer; ++ } else { ++ fullName = other.fullName; ++ } ++ ++-if (other.baseName == other.fullName) { +++if (other.baseName == other.fullNameBuffer) { +++baseName = fullNameBuffer; +++} else if (other.baseName == other.fullName) { ++ baseName = fullName; ++ } else { ++ baseName = other.baseName; ++@@ -2696,6 +2700,9 @@ Locale::setKeywordValue(const char* keywordName, const char* keywordValue, UErro ++ if (fullName != fullNameBuffer) { ++ // if full Name is already on the heap, need to free it. ++ uprv_free(fullName); +++if (baseName == fullName) { +++baseName = newFullName; // baseName should not point to freed memory. +++} ++ } ++ fullName = newFullName; ++ status = U_ZERO_ERROR; diff -Nru icu-67.1/debian/patches/series icu-67.1/debian/patches/series --- icu-67.1/debian/patches/series 2020-08-18 17:39:36.0 +0200 +++ icu-67.1/debian/patches/series 2021-06-30 18:07:32.0 +0200 @@ -5,3 +5,4 @@ layout-test-fix.patch #flaky-tests.patch ICU-13786_Fix_addLikelySubtags_minimizeSubtags.patch +locid_operators.patch
Bug#990628: please package 2021.03.1
Package: hackrf Version: 2018.01.1-2 Severity: important Hello. As you may know, the HackRF requires matching libraries/tools and firmware to function correctly. I have flagged this as important due to this. Firmware 2021.03.1 has been out for several months, and I have upgraded my hardware for use on other systems. When I went to run it in a debian container, I discovered that even sid still is only has the previous firmware release (2018.01.1) packaged. Is there any chance we can get this bumped? Note that a new userspace tool exists, "hackrf_clock." The other change would have been a removed firmware build output, but it looks like we don't build/package the firmware itself anyway.
Bug#990106:
I've been using the AVR-X1000 for a few days now and the problem is no more. I also realized the AVR-X500 has another issue: the volume of the surround (rear) and subwoofer channels is way too low. With the new amplifier all channels have proper volume, without individual tuning. Sorry for the wrong bug report, free free to close it. Hopefully it will be useful for someone encountering a similar issue in the future.
Bug#990627: python3-torchaudio: torchaudio import aborts
Package: python3-torchaudio Version: 0.7.2-1 Severity: grave Justification: renders package unusable X-Debbugs-Cc: johnmoha...@gmail.com Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** The line "import torchaudio" at the python interactive shell or in a python script or imported file results in the progra aborting with the following output: -- terminate called after throwing an instance of 'c10::Error' what(): Type c10::intrusive_ptr, c10::detail::intrusive_target_default_null_type > > could not be converted to any of the known types. Exception raised from call at ../aten/src/ATen/core/jit_type.h:1698 (most recent call first): frame #0: c10::Error::Error(c10::SourceLocation, std::__cxx11::basic_string, std::allocator >) + 0x5c (0x7fb37a0b925c in /usr/lib/x86_64-linux-gnu/libc10.so.1.7) frame #1: + 0x11d0ac2 (0x7fb376ddfac2 in /usr/lib/x86_64-linux-gnu/libtorch_cpu.so.1.7) frame #2: + 0xe7d991 (0x7fb376a8c991 in /usr/lib/x86_64-linux-gnu/libtorch_cpu.so.1.7) frame #3: c10::detail::infer_schema::make_function_schema(std::__cxx11::basic_string, std::allocator >&&, std::__cxx11::basic_string, std::allocator >&&, c10::ArrayRef, c10::ArrayRef) + 0x6a (0x7fb376a8d70a in /usr/lib/x86_64-linux-gnu/libtorch_cpu.so.1.7) frame #4: + 0x120457f (0x7fb376e1357f in /usr/lib/x86_64-linux-gnu/libtorch_cpu.so.1.7) frame #5: + 0x11fe28f (0x7fb376e0d28f in /usr/lib/x86_64-linux-gnu/libtorch_cpu.so.1.7) frame #6: + 0x11fe404 (0x7fb376e0d404 in /usr/lib/x86_64-linux-gnu/libtorch_cpu.so.1.7) frame #7: + 0xdb5480 (0x7fb3769c4480 in /usr/lib/x86_64-linux-gnu/libtorch_cpu.so.1.7) frame #8: + 0xcdd79c (0x7fb3768ec79c in /usr/lib/x86_64-linux-gnu/libtorch_cpu.so.1.7) frame #9: + 0xffe2 (0x7fb3d5ec1fe2 in /lib64/ld- linux-x86-64.so.2) frame #10: + 0x100e9 (0x7fb3d5ec20e9 in /lib64/ld- linux-x86-64.so.2) frame #11: _dl_catch_exception + 0xdd (0x7fb3d5c302bd in /lib/x86_64-linux- gnu/libc.so.6) frame #12: + 0x14058 (0x7fb3d5ec6058 in /lib64/ld- linux-x86-64.so.2) frame #13: _dl_catch_exception + 0x80 (0x7fb3d5c30260 in /lib/x86_64-linux- gnu/libc.so.6) frame #14: + 0x138fa (0x7fb3d5ec58fa in /lib64/ld- linux-x86-64.so.2) frame #15: + 0x1258 (0x7fb3d5e55258 in /lib/x86_64-linux- gnu/libdl.so.2) frame #16: _dl_catch_exception + 0x80 (0x7fb3d5c30260 in /lib/x86_64-linux- gnu/libc.so.6) frame #17: _dl_catch_error + 0x2f (0x7fb3d5c3031f in /lib/x86_64-linux- gnu/libc.so.6) frame #18: + 0x1a65 (0x7fb3d5e55a65 in /lib/x86_64-linux- gnu/libdl.so.2) frame #19: dlopen + 0x44 (0x7fb3d5e552e4 in /lib/x86_64-linux-gnu/libdl.so.2) frame #20: + 0x14e8d (0x7fb3d5e9ce8d in /usr/lib/python3.9/lib-dynload/_ctypes.cpython-39-x86_64-linux-gnu.so) frame #21: /usr/bin/python3() [0x53f38a] frame #22: _PyObject_MakeTpCall + 0x39b (0x51d89b in /usr/bin/python3) frame #23: _PyEval_EvalFrameDefault + 0x5654 (0x5170e4 in /usr/bin/python3) frame #24: /usr/bin/python3() [0x510fe7] frame #25: _PyFunction_Vectorcall + 0x361 (0x528d21 in /usr/bin/python3) frame #26: /usr/bin/python3() [0x537b80] frame #27: _PyObject_MakeTpCall + 0x1f5 (0x51d6f5 in /usr/bin/python3) frame #28: _PyEval_EvalFrameDefault + 0x5b2a (0x5175ba in /usr/bin/python3) frame #29: _PyFunction_Vectorcall + 0x1a3 (0x528b63 in /usr/bin/python3) frame #30: /usr/bin/python3() [0x53bcfb] frame #31: _PyEval_EvalFrameDefault + 0x53e6 (0x516e76 in /usr/bin/python3) frame #32: _PyFunction_Vectorcall + 0x1a3 (0x528b63 in /usr/bin/python3) frame #33: /usr/bin/python3() [0x53bcfb] frame #34: _PyEval_EvalFrameDefault + 0x53e6 (0x516e76 in /usr/bin/python3) frame #35: _PyFunction_Vectorcall + 0x1a3 (0x528b63 in /usr/bin/python3) frame #36: _PyEval_EvalFrameDefault + 0x525 (0x511fb5 in /usr/bin/python3) frame #37: _PyFunction_Vectorcall + 0x1a3 (0x528b63 in /usr/bin/python3) frame #38: _PyEval_EvalFrameDefault + 0x525 (0x511fb5 in /usr/bin/python3) frame #39: /usr/bin/python3() [0x5106ed] frame #40: _PyEval_EvalCodeWithName + 0x47 (0x510497 in /usr/bin/python3) frame #41: PyEval_EvalCode + 0x23 (0x5f5be3 in /usr/bin/python3) frame #42: /usr/bin/python3() [0x5fa670] frame #43: /usr/bin/python3() [0x5298c4] frame #44: _PyEval_EvalFrameDefault + 0x610b (0x517b9b in /usr/bin/python3) frame #45: /usr/bin/python3() [0x5106ed] frame #46: _PyFunction_Vectorcall + 0x361 (0x528d21 in /usr/bin/python3) frame #47: _PyEval_EvalFrameDefault + 0x53e6 (0x516e76 in /usr/bin/python3) frame #48: _PyFunction_Vectorcall + 0x1a3 (0x528b63 in /usr/bin/python3) frame #49: _PyEval_EvalFrameDefault + 0x702 (0x512192 in /usr/bin/python3) frame #50: _PyFunction_Vectorcall + 0x1a3 (0x528b63 in /usr/bin/python3) frame #51: _PyEval_EvalFrameDefault + 0x525 (0x511fb5 in /usr/bin/python3) frame #52: _PyFunction_Vectorcall + 0x1a3 (0x528b63 in /usr/bin/python3) frame #53: _PyEval_EvalFrameDefault + 0x525 (0x511fb5 in /usr/bin/python3) frame #54: _PyFunction_Vectorcall + 0x1a3 (0x528b63 in /usr/bin/python3) frame #55: /usr/bin/python3() [0x52842e] frame #56: _PyObject_Ca
Bug#867548: New HDMI audio video IOMMU issues in Bullseye upgrade on Haswell are old
If igfx_off is default, how / why is it on? from https://www.kernel.org/doc/html/latest/admin-guide/kernel-parameters.html "... intel_iommu=[DMAR] Intel IOMMU driver (DMAR) option on Enable intel iommu driver. off Disable intel iommu driver. igfx_off [Default Off] By default, gfx is mapped as normal device. If a gfx device has a dedicated DMAR unit, the DMAR unit is bypassed by not enabling DMAR with this option. In this case, gfx device will use physical address for DMA. ... On Sat, 3 Jul 2021 at 01:25, Bryan Cebuliak wrote: > more possibly relevant IOMMU video audio and passthrough issue links: > Easy ACS kernel patch guide for Ubuntu 20.04 > https://www.youtube.com/watch?v=JBEzshbGPhQ > > > https://forum.level1techs.com/t/intel-graphics-hdmi-audio-fails-after-enabling-intel-iommu-on/168827 > > kvm-gpu-passthrough-on-debian-buster.md > https://gist.github.com/davesilva/445276f9157e7cb3a4f6ed2fe852b340 > >
Bug#989010: linux-image-5.10.0-7-amd64: No display (post, grub, boot messages and desktop) after the upgrade to 5.10.38
I came to this bug report when searching for other things; I've read through the history here and I feel compelled to comment. Jim: given your appalling lack of respect you've shown for Debian developers here, it's hardly surprising that nobody seems to want to engage with you. Your tone and wording in several of your messages here are utterly unacceptable. You've used abusive language about people who are volunteers working to improve Debian in their own time. I would strongly suggest that you revisit what you've written and consider apologising. -- Steve McIntyre 93...@debian.org Debian Community Team commun...@debian.org
Bug#867548: New HDMI audio video IOMMU issues in Bullseye upgrade on Haswell are old
more possibly relevant IOMMU video audio and passthrough issue links: Easy ACS kernel patch guide for Ubuntu 20.04 https://www.youtube.com/watch?v=JBEzshbGPhQ https://forum.level1techs.com/t/intel-graphics-hdmi-audio-fails-after-enabling-intel-iommu-on/168827 kvm-gpu-passthrough-on-debian-buster.md https://gist.github.com/davesilva/445276f9157e7cb3a4f6ed2fe852b340
Bug#867548: New HDMI audio video IMMOU issues in Bullseye upgrade on Haswell are old
also see: https://listman.redhat.com/archives/vfio-users/2016-October/msg00072.html
Bug#990302: ITP: bulk-extractor -- A stream-based forensics tool for triage and cross-evidence analysis, which scans the media and extracts recognizable content
Hello Jan, This would be a great package to have it on Debian, I usually do a quick review to see if I spot any noticeable issues before I do a deep dive on it (which I would to during this weekend), and I notice an issue on d/rules, there are some commands doing: "test -d foo || git clone bar" This is an issue because it goes against our policy of not using network during the build process[0], you can read a recent discussion about it on LWN as well[1]: "For packages in the main archive, no required targets may attempt network access, except, via the loopback interface, to services on the build host that have been started by the build." In order to fix this issue you have two options: 1) Package those projects separately and add them to B-D. 2) Repack the upstream tarball and vendor/bundle them in. You would usually prefer option 1 when the libraries could be reused by other packages and option 2 when they are likely to only be used by your package (usually means the same upstream). But sometimes, even if the library could be used by another package in the future (but it's not currently), you can go with option 1 if it makes more sense. Beware that there is not a clear consensus on this matter so some arguing might be needed (even though we have examples of packages vendoring libraries which are already available in a standalone manner on main). Looking at the three libraries we are talking about: simsong/be13_api simsong/dfxml (watchout cause it looks like this one has just been moved to a different repo) nbeebe/sceadan It looks like it's totally fine to vendor be13_api and dfxml, it seems like sceadan is generic enough to be used by other projects but I didn't do a proper check. I suggest you consider the options here and let us know what you think it's best. Oh, and since you are in contact with upstream, this sort of issue is sometimes solved by upstream providing a release tarball that includes the submodules. The issue is that as far as I know Github does not provide this feature, so they have to use a script to generate the tarball and attach it to the release. This makes the tarball easier to be worked on/packaged by other distros as well[2], but it's also easy for us to workaround so this is a tradeoff between bothering upstream vs repacking on our side. Considering upstream is focused on a rewrite of bulk_extractor, it might be a good idea to repack it ourselves, I just wanted to let you know so you're aware of the ideal fix for this if it happens again in the future. Thanks for your work! [0] https://www.debian.org/doc/debian-policy/ch-source.html#main-building-script-debian-rules [1] https://lwn.net/Articles/700465/ [2] And I guess it's also easier for users who wants to build it themselves, as plain git clone will not checkout the submodules. -- Samuel Henrique
Bug#990431: gitolite3: put logs in /var/log/gitolite3 and add logrotation
On Tue, 2021-06-29 at 11:12 -0300, David Bremner wrote: > https://gitolite.com/gitolite/dev-notes.html#appendix-3-sending-log-lines-to-syslog Yeah, that's clear,... but then it does go to syslog... plus the default out-of-the-box installation would still put non-rotated files into a path that is not really typical for logs :-) > I guess one could in principle ship different defaults in > /etc/gitolite3/gitolite.rc, but that is a minor maintainence burden > merging from upstream. Wouldn't it be as simple as: - ship /var/log/gitolite3 with appropriate permissions/owners as part of the package - overwrite /var/lib/gitolite3/.gitolite/logs to be a symlink to the former - add a logrotation snippet as conffile to /etc/logrotate.d/gitolite3 That way you wouldn't need to fiddle around with the sources and all would still be like upstream... just that it goes of to another location. And all users of the gitolite would benefit from it. I guess the only thing to consider is, that any log-files that already exist in the (then) old location on upgrade would need to be moved to /var/log/gitolite3. > Hmm. I think that would depend too much on a particular local logging > configuration. It doesn't make sense to me for gitolite to depend on > e.g. rsyslog. Why that? logrotate is the standard logrotation tool used in Debian by many services. And it should be pretty independent of rsyslog, it just takes rotates the logfiles in whichever path given. And if someone configures his gitolite to use syslog instead of files in, the logrotate snippet would simply do nothing (once all existing files have been rotated away). Same if someone configures it to use systemd journald. Right now at least, we have the situation that nothing seems to rotate these files and they could in principle fill up the filesystem eventually. Cheers, Chris
Bug#990625: piper: Svg images of mouse models are not packaged.
Package: piper Version: 0.5.1-1 Severity: normal X-Debbugs-Cc: sebastianlacue...@gmail.com Dear Maintainer, Answers of questions in bug report template: * What led up to the situation?: Mouse images do not show * What exactly did you do (or not do) that was effective (or ineffective)?: Check for package contents. * What was the outcome of this action?: Mouse svg files are not packaged. * What outcome did you expect instead?: I expect that piper show the image of the mouse. *** End of the template - remove these template lines *** -- System Information: Debian Release: 11.0 APT prefers testing APT policy: (700, 'testing'), (699, 'unstable'), (698, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-8-amd64 (SMP w/16 CPU threads) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE Locale: LANG=es_UY.UTF-8, LC_CTYPE=es_UY.UTF-8 (charmap=UTF-8), LANGUAGE=es_UY:es Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages piper depends on: ii gettext 0.21-4 ii gir1.2-rsvg-2.0 2.50.7+dfsg-1 ii python3 3.9.2-3 ii python3-evdev 1.4.0+dfsg-1+b1 ii python3-gi3.38.0-2 ii python3-gi-cairo 3.38.0-2 ii python3-lxml 4.6.3-1 ii ratbagd 0.16-1~exp1 piper recommends no packages. piper suggests no packages.
Bug#990626: update-binfmts: warning: current package is openjdk-11, but binary format already installed by openjdk-8
Source: openjdk-11 Version: 11.0.12+4-1 Severity: normal Hey. When installing the package (openjdk-11-jre-headless) one gets: update-binfmts: warning: current package is openjdk-11, but binary format already installed by openjdk-8 and apparently the format is still "registered" for openjdk-8: # update-binfmts --display jar (enabled): package = openjdk-8 type = magic offset = 0 magic = PK\x03\x04 mask = interpreter = /usr/bin/jexec detector = ... I do not quite understand how this could have happened, cause openjdk-8 has been purged and it seems its prerm actually removes the entry... and binfmt-support was installed all the time. I think to remember that I've seen the same things long ago, but back then I think the handling on removal was simply missing. AFAIU, the above will never be resolved unless by manual intervention. Not sure what the package should do about it, perhaps it would be generally better to move this to some openjdk-common package or so? Cheers, Chris.
Bug#930759: mokutil(1) refers to non-existent "--enroll-validation"
On Fri, 2021-07-02 at 21:02 +0200, Julian Andres Klode wrote: > On Thu, Apr 08, 2021 at 02:20:36PM -0700, Adam Williamson wrote: > > Well, upstream has fixed s/enroll/enable/ . But it has not added any > > useful explanation of what this does, nor why it prompts for a password > > It enables validation in shim, as the manual page says - it's the > opposite of disable-validation. > > > and what that password does. > > It's hardly mokutil's job to explain mokmanager's inner workings, > but as I'm surely aware you know, any action needs to be confirmed > at boot by a password - or specific characters thereof (sigh). I didn't actually know that, no. I was completely confused until someone explained this to me on IRC. > > It's a very specific tool to control MokManager that's not really > suitable for end users, but for distro developers building integration > so I think both things are kind of non-issues. However, it is actually necessary for end users in at least one specific case: developer edition Dell laptops (which are quite popular among Linux users). These ship with Secure Boot enabled at the firmware level, but disabled at the MOK level. Running this command is exactly what you have to do to actually enable Secure Boot properly on those laptops. See https://bodhi.fedoraproject.org/updates/FEDORA-2021-cab258a413#comment-1978725 for me being completely confused about that command. -- Adam Williamson Fedora QA IRC: adamw | Twitter: adamw_ha https://www.happyassassin.net
Bug#990624: sensors-detect: write to /etc/modules-load.d/ instead of /etc/modules
Package: lm-sensors Version: 1:3.6.0-7 Severity: wishlist Hi. Would it be possible to have sensors-detect wirte its configuration to some file in /etc/modules-load.d/ instead of /etc/modules? That would allow for easier cleanup... and perhaps sensors-detect could simply always overwrite that file (or maybe only if it finds some special auto-created by sensors-dected header within it) and thereby get rid of any no longer current modules. Cheers, Chris.
Bug#990377: vim-ledger: please migrate to dh-vim-addon
tags 990377 patch thanks Dear maintainer, Here's a patch to fix this bug. Hopefully it shouldn't be hard to apply :) Cheers, and thanks for maintaining this package. -- ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ Louis-Philippe Véronneau ⢿⡄⠘⠷⠚⠋ po...@debian.org / veronneau.org ⠈⠳⣄ From 387e26b9ee76eb1e3c6166a36f9b5064d6204f27 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Louis-Philippe=20V=C3=A9ronneau?= Date: Fri, 2 Jul 2021 16:51:43 -0400 Subject: [PATCH] Migrate to dh-vim-addon. (Closes: #990377) --- debian/control | 6 ++ debian/install | 3 +-- debian/neovim-addon| 1 + debian/rules | 2 +- debian/tests/control | 1 - debian/tests/vam | 7 --- debian/vim-addon | 1 + debian/vim-ledger.yaml | 10 -- 8 files changed, 6 insertions(+), 25 deletions(-) create mode 12 debian/neovim-addon delete mode 100644 debian/tests/control delete mode 100755 debian/tests/vam create mode 100644 debian/vim-addon delete mode 100644 debian/vim-ledger.yaml diff --git a/debian/control b/debian/control index bc9ada2..9a16d97 100644 --- a/debian/control +++ b/debian/control @@ -2,7 +2,7 @@ Source: vim-ledger Section: editors Priority: optional Maintainer: Edward Betts -Build-Depends: debhelper, debhelper-compat (= 12) +Build-Depends: debhelper, debhelper-compat (= 12), dh-vim-addon Rules-Requires-Root: no Standards-Version: 4.5.0 Homepage: https://github.com/ledger/vim-ledger @@ -11,7 +11,7 @@ Vcs-Git: https://salsa.debian.org/edward/vim-ledger.git Package: vim-ledger Architecture: all -Depends: vim, vim-addon-manager, ${misc:Depends} +Depends: ${vim-addon:Depends}, ${misc:Depends} Suggests: ledger | hledger Description: Vim plugin for Ledger Ledger is a powerful and flexible double-entry accounting system run @@ -20,5 +20,3 @@ Description: Vim plugin for Ledger . This plugin provides Vim syntax highlighting and folding for Ledger files. - . - `vim-addons install ledger` will create all needed symlinks in ~/.vim/ diff --git a/debian/install b/debian/install index 158802e..3afeb77 100644 --- a/debian/install +++ b/debian/install @@ -1,2 +1 @@ -autoload/ compiler/ doc/ ftdetect/ ftplugin/ indent/ syntax/ usr/share/vim/addons -debian/vim-ledger.yaml usr/share/vim/registry +autoload/ compiler/ doc/ ftdetect/ ftplugin/ indent/ syntax/ usr/share/vim-ledger diff --git a/debian/neovim-addon b/debian/neovim-addon new file mode 12 index 000..8d48464 --- /dev/null +++ b/debian/neovim-addon @@ -0,0 +1 @@ +vim-addon \ No newline at end of file diff --git a/debian/rules b/debian/rules index 2d33f6a..5facb03 100755 --- a/debian/rules +++ b/debian/rules @@ -1,4 +1,4 @@ #!/usr/bin/make -f %: - dh $@ + dh $@ --with vim_addon diff --git a/debian/tests/control b/debian/tests/control deleted file mode 100644 index ab41faa..000 --- a/debian/tests/control +++ /dev/null @@ -1 +0,0 @@ -Tests: vam diff --git a/debian/tests/vam b/debian/tests/vam deleted file mode 100755 index 2a891c5..000 --- a/debian/tests/vam +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -# try using vim-addon-manager to installing and removing ledger -tmpdir=`mktemp -d` -vam --target-dir $tmpdir install ledger -vam --target-dir $tmpdir remove ledger -rmdir $tmpdir diff --git a/debian/vim-addon b/debian/vim-addon new file mode 100644 index 000..28716f8 --- /dev/null +++ b/debian/vim-addon @@ -0,0 +1 @@ +usr/share/vim-ledger ledger diff --git a/debian/vim-ledger.yaml b/debian/vim-ledger.yaml deleted file mode 100644 index 1c93fb8..000 --- a/debian/vim-ledger.yaml +++ /dev/null @@ -1,10 +0,0 @@ -addon: ledger -description: "ledger filetype for Vim" -files: - - autoload/ledger.vim - - compiler/ledger.vim - - doc/ledger.txt - - ftplugin/ledger.vim - - ftdetect/ledger.vim - - syntax/ledger.vim - - indent/ledger.vim -- 2.32.0 OpenPGP_signature Description: OpenPGP digital signature
Bug#990623: Cmake in Bullseye can't find Postgresql that ships with Bullseye
Package: cmake Version: 3.18.4-2| | |Cmake in bullseye can't find |the postgresql-13 version which ships in bullseye. This is because |lines 89/90 of /usr/share/cmake-3.18/Modules/FindPostgreSQL.cmake has this:| |set(PostgreSQL_KNOWN_VERSIONS ${PostgreSQL_ADDITIONAL_VERSIONS} "12" "11" "10" "9.6" "9.5" "9.4" "9.3" "9.2" "9.1" "9.0" "8.4" "8.3" "8.2" "8.1" "8.0") | |changing it to| |set(PostgreSQL_KNOWN_VERSIONS ${PostgreSQL_ADDITIONAL_VERSIONS} "13" "12" "11" "10" "9.6" "9.5" "9.4" "9.3" "9.2" "9.1" "9.0" "8.4" "8.3" "8.2" "8.1" "8.0") | |is sufficient to correct the problem.|
Bug#990622: bitlbee-plugin-facebook: The plugin does not start
Package: bitlbee-plugin-facebook Version: 1.2.1-1 Severity: important Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? * What exactly did you do (or not do) that was effective (or ineffective)? >From a set bitlbee properly, run: account facebook on * What was the outcome of this action? After connecting, I get: ERROR_QUEUE_OVERFLOW * What outcome did you expect instead? Should display the buddies list *** End of the template - remove these template lines *** Regards -- System Information: Debian Release: 11.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'buildd-experimental'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-8-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages bitlbee-plugin-facebook depends on: ii bitlbee-libpurple 3.6-1.2 ii libc6 2.31-12 ii libglib2.0-02.66.8-1 ii libjson-glib-1.0-0 1.6.2-1 bitlbee-plugin-facebook recommends no packages. bitlbee-plugin-facebook suggests no packages. -- no debconf information
Bug#990621: unblock: python-duckpy/3.1.0-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: nil...@debian.org, debian-med-packag...@lists.alioth.debian.org Please unblock package python-duckpy [ Reason ] python-duckpy is an unusable package w/o having a Depends on python3-h2 More details with salsa CI links in the corresponding RC bug: #990620 which the latest upload closes [ Impact ] The package will be unusable for bullseye users w/o explicitly installing python3-h2 on their own [ Tests ] Non-superficial autopkgtests have been added in the upload, which helped to uncover the bug in the first place. Both superficial and non-superficial autopkgtests are green now. I also did a bit of manual testing -- looks good! [ Risks ] This is a leaf package, no risks [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock python-duckpy/3.1.0-2 -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 5.7.0-2-amd64 (SMP w/8 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled diff -Nru python-duckpy-3.1.0/debian/changelog python-duckpy-3.1.0/debian/changelog --- python-duckpy-3.1.0/debian/changelog2020-09-29 16:16:00.0 +0530 +++ python-duckpy-3.1.0/debian/changelog2021-07-03 01:37:34.0 +0530 @@ -1,3 +1,12 @@ +python-duckpy (3.1.0-2) unstable; urgency=medium + + * Team Upload. + * Add autopkgtests + * d/examples: Add d/tests/test_duckpy_basic.py as example + * d/control: Add Depends on python3-h2 (Closes: #990620) + + -- Nilesh Patra Sat, 03 Jul 2021 01:37:34 +0530 + python-duckpy (3.1.0-1) unstable; urgency=medium * Team upload. diff -Nru python-duckpy-3.1.0/debian/control python-duckpy-3.1.0/debian/control --- python-duckpy-3.1.0/debian/control 2020-09-29 16:16:00.0 +0530 +++ python-duckpy-3.1.0/debian/control 2021-07-03 00:55:00.0 +0530 @@ -24,7 +24,8 @@ Section: python Depends: ${misc:Depends}, ${python3:Depends}, - python3-bs4 + python3-bs4, + python3-h2 Recommends: ${python3:Recommends} Suggests: ${python3:Suggests} Description: simple Python library for searching on DuckDuckGo diff -Nru python-duckpy-3.1.0/debian/examples python-duckpy-3.1.0/debian/examples --- python-duckpy-3.1.0/debian/examples 1970-01-01 05:30:00.0 +0530 +++ python-duckpy-3.1.0/debian/examples 2021-07-03 00:55:00.0 +0530 @@ -0,0 +1 @@ +debian/tests/test_duckpy_basic.py diff -Nru python-duckpy-3.1.0/debian/tests/control python-duckpy-3.1.0/debian/tests/control --- python-duckpy-3.1.0/debian/tests/control1970-01-01 05:30:00.0 +0530 +++ python-duckpy-3.1.0/debian/tests/control2021-07-03 00:54:17.0 +0530 @@ -0,0 +1,3 @@ +Tests: run-unit-test +Depends: @, python3-pytest +Restrictions: allow-stderr, needs-internet diff -Nru python-duckpy-3.1.0/debian/tests/run-unit-test python-duckpy-3.1.0/debian/tests/run-unit-test --- python-duckpy-3.1.0/debian/tests/run-unit-test 1970-01-01 05:30:00.0 +0530 +++ python-duckpy-3.1.0/debian/tests/run-unit-test 2021-07-03 00:55:00.0 +0530 @@ -0,0 +1,21 @@ +#!/bin/bash +set -e + +pkg='duckpy' +CUR_DIR=`pwd` + +if [ "$AUTOPKGTEST_TMP" = "" ] ; then + AUTOPKGTEST_TMP=`mktemp -d /tmp/${pkg}-test.XX` + trap "rm -rf $AUTOPKGTEST_TMP" 0 INT QUIT ABRT PIPE TERM +fi + +cp /usr/share/doc/python3-${pkg}/examples/test_duckpy_basic.py "$AUTOPKGTEST_TMP" + +cd $AUTOPKGTEST_TMP + +for py in $(py3versions -s 2> /dev/null) +do +echo "Testing with $py in $(pwd):" +$py -m pytest -v +done +echo "PASS" diff -Nru python-duckpy-3.1.0/debian/tests/test_duckpy_basic.py python-duckpy-3.1.0/debian/tests/test_duckpy_basic.py --- python-duckpy-3.1.0/debian/tests/test_duckpy_basic.py 1970-01-01 05:30:00.0 +0530 +++ python-duckpy-3.1.0/debian/tests/test_duckpy_basic.py 2021-07-03 00:54:17.0 +0530 @@ -0,0 +1,34 @@ +import asyncio +from duckpy import AsyncClient +from duckpy import Client + +def test_functional(): + client = Client() + results = client.search("Python Wikipedia") + # Assert first result title is not empty + assert results[0]['title'] != "" + + # Assert first result URL is not empty + assert results[0]['url'] != "" + + # Prints first result description + assert results[0]['description'] != "" + + +async def get_asyncio_results(): +client = AsyncClient() +results = await client.search("Debian") + +# Assert first result title is not empty +assert results[0]['title'] != "" + +# Assert first result URL is not empty +assert
Bug#887555: new upstream (20171222)
Hi Eike, On Fri, Jul 02, 2021 at 09:45:03PM +0200, Eike Fokken wrote: > > apparently there is a newer version of parallel, but only in the experimental > distribution. Yes, we are under Freeze Policy. Once Bullseye is released I'll upload the recent version of parallel to unstable soon. Kind regards Andreas. -- http://fam-tille.de
Bug#990620: python-duckpy: python-ducky -- Mising Depends on python3-h2 -- renders package unusable
Source: python-duckpy Version: 3.1.0-1 Severity: serious X-Debbugs-Cc: nil...@debian.org Dear Maintainer, python-duckpy has a missing dependency on python3-h2 which is uncovered by a non-superficial autopkgtest committed to salsa[1] As can be seen in the corresponding pipeline, it fails with dependency error[2] "Using http2=True, but the 'h2' package is not installed" [1]: https://salsa.debian.org/med-team/python-duckpy/-/commit/687a66a3be451d5f3458caa956927af7bd9880c5 [2]: https://salsa.debian.org/med-team/python-duckpy/-/jobs/1736252 Nilesh -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 5.7.0-2-amd64 (SMP w/8 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Bug#869799: poyl...@gmail.com
Jytvi?ijy@648/8-68(%
Bug#887555: new upstream (20171222)
Package: parallel Version: 20161222-1.1 Followup-For: Bug #887555 X-Debbugs-Cc: e.fokken+report...@posteo.de Dear Maintainer, apparently there is a newer version of parallel, but only in the experimental distribution. It seems to me that is may not be warranted (anymore?). >From its own documentation I have the feeling (on which you shouldn't depend, but I guess you are more knowledgable here), that parallel is not dangerous for the system, which I think is a reason to include packages only in experimental. If my assessment is correct, please migrate a newer version to unstable. Best Eike -- System Information: Debian Release: 11.0 APT prefers testing-security APT policy: (500, 'testing-security'), (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-7-amd64 (SMP w/4 CPU threads) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages parallel depends on: ii perl 5.32.1-4 ii procps 2:3.3.17-5 ii sysstat 12.5.2-2 parallel recommends no packages. parallel suggests no packages.
Bug#990570: unblock: slurm-wlm/20.11.7-1
Control: tags -1 moreinfo Hi, On Fri, 2 Jul 2021 01:12:41 +0200 Gennaro Oliva wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > > Please unblock package slurm-wlm 510 files changed, 6706 insertions(+), 5099 deletions(-) Your diff was so large, it didn't even reach the list. > [ Reason ] > > 20.11.6 and 20.11.7 were bugfix and stability releases with no feature > changes. > Please allow this into bullseye. Can you please provide a filter diff that's reviewable to confirm this statement? > [ Impact ] > Fixes CVE-2021-31215 > > [ Tests ] > I have successfully run the same set of standard test I use for each > release. > > [ Risks ] > The software is very stable and one packages (mpich) is built against > its lib. > > [ Checklist ] > [X] all changes are documented in the d/changelog and in NEWS file > [X] I reviewed all changes and I approve them All 6000 lines? > [X] attach debdiff against the package in testing and the relevant > part of the NEWS file > > unblock slurm-wlm/20.11.7-1 Paul OpenPGP_signature Description: OpenPGP digital signature
Bug#990457: [Pkg-nagios-devel] Bug#990457: monitoring-plugins-contrib: Too many things in the same package leads to recommends being ignored most of the time
Hello, On 2021-06-29 16 h 08, Jan Wagner wrote: Hi Gabriel, Am 29.06.21 um 19:34 schrieb Gabriel Filion: I would like to suggest breaking up this package into smaller binary packages that are focused on one application/service per package. This way one could install only the checks that are required with their individual requirements. as you may have read the documentation and used our suggested way to solve your problem by not installing the recommands automatically, our plan worked out. Anyway ... if you would like to do the work to draft such a package split, you can send MRs via https://salsa.debian.org/nagios-team/pkg-nagios-plugins-contrib/, which would be very welcomed. With kind regards, Jan. I unfortunately will be unavailable for the next month. also I'm still very much a beginner with debian packaging, so I'm not certain that I'll know exactly all of the details that need to be handled. So I'm afraid that I unfortunately won't be able to push this forward for some time :\
Bug#990619: unblock: qtbase-opensource-src/5.15.2+dfsg-9
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package qtbase-opensource-src 5.15.2+dfsg-9. [ Reason ] Unfortunately the patch I added in 5.15.2+dfsg-6 introduced some regressions. The original purpose of that patch was to fix the bug described here: - https://bugs.launchpad.net/bugs/1857824 - https://bugs.kde.org/show_bug.cgi?id=417761 However that patch also contained an unrelated change. Quoting the commit message: > This change also optimizes QMimeBinaryProvider::addFileNameMatches > to have the same logic as xdgmime for glob matching: > literals > extensions > other globs > As soon as one category matches, we can stop there. > This makes no difference in the overall results, in practice. It turns out this optimization causes various problems, which can be seen in the following bug reports: - https://bugs.debian.org/989255 (problems with qbittorrent-nox) - https://bugs.debian.org/989744 (problems with dolphin and all/all MIME type) - https://bugs.debian.org/990129 (problems with Qt WebEngine) [ Impact ] According to the bugs, the previous patch causes issues in different applications. All issues are in some way related to determining MIME types. [ Tests ] I have prepared a locally built .deb where the part of the patch causing problems was removed: - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989744#37 In all three bugs, I got feedback that the issue is fixed with that: - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989255#36 - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989744#42 - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990129#27 [ Risks ] The risks are all related to MIME types handling. But at least it should be no worse than before -6 upload. I hope these two parts of the patch were really independent. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] The 5.15.2+dfsg-8 upload contained another fix that was contributed to us via a merge request. Apparently that fix also causes a regression, so I decided to remove it in -9. unblock qtbase-opensource-src/5.15.2+dfsg-9 Of course there is no urgency, this package can wait its N-day quarantine in unstable. -- Dmitry Shachnev diff -Nru qtbase-opensource-src-5.15.2+dfsg/debian/changelog qtbase-opensource-src-5.15.2+dfsg/debian/changelog --- qtbase-opensource-src-5.15.2+dfsg/debian/changelog 2021-06-03 15:55:29.0 +0300 +++ qtbase-opensource-src-5.15.2+dfsg/debian/changelog 2021-07-02 18:58:04.0 +0300 @@ -1,3 +1,23 @@ +qtbase-opensource-src (5.15.2+dfsg-9) unstable; urgency=medium + + * Revert adding fix-misplacement-of-placeholder-text-in-QLineEdit.diff. +Unfortunately it causes a regression (see QTBUG-94824). + + -- Dmitry Shachnev Fri, 02 Jul 2021 18:58:04 +0300 + +qtbase-opensource-src (5.15.2+dfsg-8) unstable; urgency=medium + + [ Lu Yaning ] + * Backport upstream patch to fix misplacement of placeholder text in +QLineEdit with RTL content. + + [ Dmitry Shachnev ] + * Remove the qmimeprovider.cpp part of mime_globs.diff. It is unrelated +to the original purpose of that patch, and causes various problems +(closes: #989255, #989744, #990129). + + -- Dmitry Shachnev Mon, 28 Jun 2021 20:38:59 +0300 + qtbase-opensource-src (5.15.2+dfsg-7) unstable; urgency=medium [ Lu Yaning ] diff -Nru qtbase-opensource-src-5.15.2+dfsg/debian/patches/mime_globs.diff qtbase-opensource-src-5.15.2+dfsg/debian/patches/mime_globs.diff --- qtbase-opensource-src-5.15.2+dfsg/debian/patches/mime_globs.diff 2021-06-03 15:37:49.0 +0300 +++ qtbase-opensource-src-5.15.2+dfsg/debian/patches/mime_globs.diff 2021-07-02 18:58:04.0 +0300 @@ -2,14 +2,8 @@ When multiple globs match, and the result from magic sniffing is unrelated to any of those globs, globs have priority and one of them should be picked up. - . - This change also optimizes QMimeBinaryProvider::addFileNameMatches - to have the same logic as xdgmime for glob matching: - literals > extensions > other globs - As soon as one category matches, we can stop there. - This makes no difference in the overall results, in practice. Origin: upstream, https://code.qt.io/cgit/qt/qtbase.git/commit/?id=0cbbba2aa5b47224 -Last-Update: 2021-05-18 +Last-Update: 2021-06-12 --- a/src/corelib/mimetypes/qmimedatabase.cpp +++ b/src/corelib/mimetypes/qmimedatabase.cpp @@ -55,31 +49,3 @@ m_knownSuffixLength = knownSuffixLength; } } a/src/corelib/mimetypes/qmimeprovider.cpp -+++ b/src/corelib/mimetypes/qmimeprovider.cpp -@@ -244,15 +244,18 @@ void QMimeBinaryProvider::addFileNameMat - const QString lowerFileName = fileName.toLower(); - // Check literals (e.g. "Makefile") - matchGlobList(result, m_cacheFile, m_cacheFile->getUint32(PosLiteralListOffset), fileName); --// Check complex globs (e.g. "cal
Bug#990618: gnome-maps: fail to start (JS ERROR: TypeError: source is undefined)
Package: gnome-maps Version: 3.38.2-1 Severity: normal X-Debbugs-Cc: davide.pr...@gmail.com Hi, $ gnome-maps (org.gnome.Maps:21155): Gjs-CRITICAL **: 21:02:00.672: JS ERROR: TypeError: source is undefined _createTileSource@resource:///org/gnome/Maps/js/mapSource.js:91:9 _createCachedSource@resource:///org/gnome/Maps/js/mapSource.js:106:39 createAerialSource@resource:///org/gnome/Maps/js/mapSource.js:138:12 setMapType@resource:///org/gnome/Maps/js/mapView.js:409:54 _init@resource:///org/gnome/Maps/js/mapView.js:155:14 _init@resource:///org/gnome/Maps/js/mainWindow.js:99:25 _createWindow@resource:///org/gnome/Maps/js/application.js:281:28 vfunc_activate@resource:///org/gnome/Maps/js/application.js:300:14 vfunc_command_line@resource:///org/gnome/Maps/js/application.js:374:18 main@resource:///org/gnome/Maps/js/main.js:57:24 run@resource:///org/gnome/gjs/modules/script/package.js:222:19 start@resource:///org/gnome/gjs/modules/script/package.js:206:8 @/usr/bin/gnome-maps:2:17 $ tail -f dbus-daemon[521]: [system] Activating via systemd: service name='org.freedesktop.GeoClue2' unit='geoclue.service' requested by ':1.259' (uid=1000 pid=21155 comm="/usr/bin/gjs /usr/bin/gnome-maps ") systemd[1]: Starting Location Lookup Service... dbus-daemon[521]: [system] Successfully activated service 'org.freedesktop.GeoClue2' systemd[1]: Started Location Lookup Service. gnome-shell[1799]: GDBus.Error:org.freedesktop.DBus.Error.AccessDenied: gnome-shell not allowed to act as agent gnome-shell[1799]: libinput error: event0 - Logitech USB Optical Mouse: client bug: event processing lagging behind by 14ms, your system is too slow geoclue[21174]: soup_message_set_request: assertion 'SOUP_IS_MESSAGE (msg)' failed kernel: geoclue[21174]: segfault at 8 ip 564e99fd7f17 sp 741b5fb0 error 4 in geoclue[564e99fbb000+27000] kernel: Code: e8 de 3c fe ff e9 21 ff ff ff 66 0f 1f 84 00 00 00 00 00 48 8b 04 24 48 8d 15 8a da 00 00 be 10 00 00 00 48 8d 3d a5 a1 00 00 <48> 8b 48 08 31 c0 e8 ae 3c fe ff 48 8b 3c 24 e8 a5 38 fe ff e9 e8 systemd[1]: geoclue.service: Main process exited, code=killed, status=11/SEGV systemd[1]: geoclue.service: Failed with result 'signal'. dbus-daemon[521]: [system] Activating via systemd: service name='org.freedesktop.GeoClue2' unit='geoclue.service' requested by ':1.259' (uid=1000 pid=21155 comm="/usr/bin/gjs /usr/bin/gnome-maps ") systemd[1]: Starting Location Lookup Service... dbus-daemon[521]: [system] Successfully activated service 'org.freedesktop.GeoClue2' systemd[1]: Started Location Lookup Service. gnome-shell[1799]: GDBus.Error:org.freedesktop.DBus.Error.AccessDenied: gnome-shell not allowed to act as agent geoclue[21189]: Service not used for 60 seconds. Shutting down.. systemd[1]: geoclue.service: Succeeded. I have also installed the gnome-maps experimental version, but that don't solve. I have found this: https://forums.linuxmint.com/viewtopic.php?t=350276 but it seem to point to a but of a lower gnome-maps version Ciao Davide -- System Information: Debian Release: 11.0 APT prefers testing APT policy: (990, 'testing'), (500, 'testing-security'), (500, 'testing-debug'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.10.40-dp-20210604 (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_UNSIGNED_MODULE Locale: LANG=it_IT.utf8, LC_CTYPE=it_IT.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages gnome-maps depends on: ii dconf-gsettings-backend [gsettings-backend] 0.38.0-2 ii geoclue-2.0 2.5.7-3 ii gir1.2-champlain-0.120.12.20-1 ii gir1.2-clutter-1.0 1.26.4+dfsg-2 ii gir1.2-cogl-1.0 1.22.8-2 ii gir1.2-gdkpixbuf-2.0 2.42.2+dfsg-1 ii gir1.2-geoclue-2.0 2.5.7-3 ii gir1.2-geocodeglib-1.0 3.26.2-2 ii gir1.2-gfbgraph-0.2 0.2.4-1 ii gir1.2-glib-2.0 1.66.1-1+b1 ii gir1.2-goa-1.0 3.38.0-3 ii gir1.2-gtk-3.0 3.24.24-4 ii gir1.2-gtkchamplain-0.12 0.12.20-1 ii gir1.2-gtkclutter-1.01.8.4-4 ii gir1.2-gweather-3.0 3.36.1-3 ii gir1.2-rest-0.7 0.8.1-1.1 ii gir1.2-secret-1 0.20.4-2 ii gir1.2-soup-2.4 2.72.0-2 ii gir1.2-webkit2-4.0 2.32.1-2 ii gjs 1.66.2-1 ii libc62.31-12 ii libchamplain-0.12-0 0.12.20-1 ii libfolks25 0.14.0-1+b1 ii libgee-0.8-2 0.20.4-1 ii libgeocode-glib0
Bug#981928: (no subject)
Ubuntu builds are now hitting this same issue. The corresponding bug on launchpad: https://bugs.launchpad.net/debian/+source/gauche-gtk/+bug/1934534
Bug#930759: mokutil(1) refers to non-existent "--enroll-validation"
On Thu, Apr 08, 2021 at 02:20:36PM -0700, Adam Williamson wrote: > Well, upstream has fixed s/enroll/enable/ . But it has not added any > useful explanation of what this does, nor why it prompts for a password It enables validation in shim, as the manual page says - it's the opposite of disable-validation. > and what that password does. It's hardly mokutil's job to explain mokmanager's inner workings, but as I'm surely aware you know, any action needs to be confirmed at boot by a password - or specific characters thereof (sigh). It's a very specific tool to control MokManager that's not really suitable for end users, but for distro developers building integration so I think both things are kind of non-issues. -- debian developer - deb.li/jak | jak-linux.org - free software dev ubuntu core developer i speak de, en
Bug#990537: llvm-11: Patch
Package: llvm-11 Version: 1:11.0.1-2 Followup-For: Bug #990537 X-Debbugs-Cc: krzpyrk...@gmail.com Dear Maintainer, I'm attaching the patch. It adds: - libxml2-dev to Build-Depends of the source - libxml2-dev to Depends of llvm-11-dev - libxml2 to Depends of llvm-11 --- control 2020-12-16 08:29:13.0 + +++ /tmp/control2021-07-02 15:56:49.313105111 + @@ -9,6 +9,7 @@ lsb-release, patchutils, diffstat, xz-utils, python3-dev, libedit-dev, libncurses5-dev, swig, python3-six, python3-sphinx (>= 1.3.6), binutils-dev, +libxml2-dev, libjsoncpp-dev, pkg-config, lcov, procps, help2man, zlib1g-dev, g++-multilib [amd64 i386 kfreebsd-amd64 mips mips64 mips64el mipsel powerpc ppc64 s390 s390x sparc sparc64 x32], @@ -284,7 +285,7 @@ Package: llvm-11 Architecture: any Suggests: llvm-11-doc -Depends: llvm-11-runtime (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends} +Depends: llvm-11-runtime (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends}, libxml2 Recommends: llvm-11-dev Description: Modular compiler and toolchain technologies LLVM is a collection of libraries and tools that make it easy to build @@ -333,7 +334,8 @@ Architecture: any Depends: ${shlibs:Depends}, libffi-dev, ${misc:Depends}, llvm-11 (= ${binary:Version}), libllvm11 (= ${binary:Version}), libtinfo-dev, - llvm-11-tools (= ${binary:Version}), libclang-cpp11 (= ${binary:Version}), libz3-dev + llvm-11-tools (= ${binary:Version}), libclang-cpp11 (= ${binary:Version}), libz3-dev, + libxml2-dev Description: Modular compiler and toolchain technologies, libraries and headers LLVM is a collection of libraries and tools that make it easy to build compilers, optimizers, just-in-time code generators, and many other
Bug#984901: RFS: open-ath9k-htc-firmware/1.4.0-106-gc583009+dfsg1-2 -- firmware for AR7010 and AR9271 USB wireless adapters
On Tue, 2021-06-01 at 07:07 +0200, Tobias Frost wrote: > The Files-Excluded section is used by tools like uscan to strip files from the > orig.tar. The formatted text just says that the field can extend over > multiple > lines, it does not mean its free text without meaning. > TL;DR: I'm pretty sure you want the Comment: here. A quick test with > uscan --verbose --force-download will convince you too. Okay, I've restored the Comment: field with the rationale for repacking. > You cannot assume that those files are not copyrightable, at minimum > that would be a question for debian-legal. Generally, copyrightabilty > is a very low barrier. Looking at NOTICE.TXT it is definitly > copyrightable and has even a copyright statement, for example. > Looking at README, it is also definitly beyond that barrier. > > *Usually* (I didnt check this particular case) such companion files > in the repo are under the same license that the other files, > thereofore usually the debian/* stanca is fine. > > Strictly, if there is no copyright information, it defaults to "all > rights reserved", which means "not even distributeable." > So if in doubt, you need to ask upstream to clarify. > > I guess it would be just easier to reinstanciate the * section, as > ftp masters have at least one time looked at it already and found it > ok. I've reinstated the wildcard section so that the Qualcomm Atheros copyright applies to the README, NOTICES.TXT, and .gitignore. > > > - W: open-ath9k-htc-firmware source: inconsistent-appstream- > > > metadata-license > > >debian/firmware-ath9k-htc.metainfo.xml (mit != expat) > > In my opinion this is a bug that could be fixed in Lintian. If you're > > not aware, the Expat license is a specific version of what's commonly > > known as the MIT license. The SPDX identifier (and hence the identifier > > used in the AppStream file) is MIT, although the Debian machine- > > readable copyright specification requests that one refer to the Expat > > license when that license is applicable. > > > > Basically, the copyright file referring to the Expat license is > > consistent with the AppStream metadata proclaiming that it is subject > > to the MIT license. > > OK, in this case an override and a comment towards the override would > be helpful. Bonus points for filing a bug against lintian. I've decided that a Lintian override is most appropriate, since this particular case (MIT != Expat) applies to only a couple other packages and it's important for package maintainers to validate that their variant of the MIT license is in fact the Expat license. > > > Some patch have fuzz... maybe refresh? > > If you're referring to > > Hunk #1 succeeded at 43 (offset -1 lines). > > Hunk #2 succeeded at 55 (offset -1 lines). > > Hunk #3 succeeded at 99 (offset -1 lines). > > Hunk #4 succeeded at 113 (offset -1 lines). > > Hunk #5 succeeded at 151 (offset -1 lines). > > then I believe this is normal, although refreshing the patches upstream > > shouldn't hurt. > Certainly it does not hurt to refresh. Unfortunately upstream has been unresponsive and not been accepting of my patch to use GCC 11 and newer Binutils which, however, I will refresh in my merge request. In the longer-term, we'll probably be better off using Clang instead of GCC when LLVM gets Xtensa support: https://reviews.llvm.org/D64830 As soon as those patches are accepted, I plan to experiment with getting it working and spearhead the effort upstream. This would also be of benefit to the OpenBSD Project which also uses this firmware. Xtensa is a CPU architecture that is custom-fabricated for various products, hence why we have to bootstrap our cross toolchain from scratch when building this firmware. This requires patches to the GCC sources so it knows exactly what chip we're targeting. With Clang, no source-level changes will be required. signature.asc Description: This is a digitally signed message part
Bug#989045: gnome-control-center: Region+Language panel segfault after trying to add new input source
Hallo, Any developments on this? Crash still happening. Be well, —WBTD. On Tue, 25 May 2021 17:02:23 +0100 "Prof. Will Tuladhar-Douglas" wrote: > Dear Simon, > > Thank you for the email and the useful instructions. > > To be clear, I did the following: > > % export DEBUGINFOD_URLS="https://debuginfod.debian.net"; > > % gdb -batch -n -ex 'set pagination off' -ex run -ex bt -ex 'bt full' > -ex 'thread apply all bt full' --args gnome-control-center > output.txt > > This produced copious output, which I have attached here as a file. > > gdb did also complain modestly to stderr as follows > > 31 ../sysdeps/x86_64/multiarch/strcmp-sse2-unaligned.S: Inappropriate > ioctl for device. > > > If it's relevant: hardware is a Mac PowerBook Pro 2013 with an external > Apple Thunderbolt display and a Matias external keyboard. > > Do please let me know if I can help pursue this further. > > Be well, > > —WBTD. > > On 24/05/2021 21:37, Simon McVittie wrote: > > On Mon, 24 May 2021 at 16:46:54 +0100, Will Tuladhar-Douglas wrote: > >> Whenever gnome control panel is open to the Language and Region screen, > >> if one selects the "+" icon to add a new input source, there's a > >> segfault. > > This isn't crashing for me, but I might be able to get > > somewhere with it if you can provide a backtrace from the crash? > > https://wiki.debian.org/HowToGetABacktrace might be useful information. > > > > Thanks, > > smcv
Bug#990511: unblock: kodi/2:19.1+dfsg2-2
Hi Sebastian, One more (technical) thing to mention: the best way to centralize ToLower and ToUpper (omitting collations for now, for that there is a libicu PR for v20 targeting Android) is to declare an overloaded 'StringUtils::ToLower(char c, bool useCLocale)' function and make all Kodi use it. However, there are two instances of StringUtils.h and the second one is part of Kodi API SDK. Fixing Kodi API SDK will be immediately rejected by upstream for v19 because it triggers an API bump and rebuild of all addons (including minimum 12 addons of 49 in Debian during the full freeze!). Since the workaround does not break movie search / collation / addons, let's follow the upstream path and have it merged. For v20 development cycle, we can either refactor lower/upper/collation things or use libicu to perform similar comparisons. If you have a better approach to solve this issue, please let me know on https://github.com/xbmc/xbmc/issue/19883 Cheers! -- Vasyl Gello == Certified SolidWorks Expert Mob.:+380 (98) 465 66 77 E-Mail: vasek.ge...@gmail.com Skype: vasek.gello == 호랑이는 죽어서 가죽을 남기고 사람은 죽어서 이름을 남긴다
Bug#990325: evolution: Duplicate to #986218
Package: evolution Version: 3.38.3-1 Followup-For: Bug #990325 Dear Maintainer, Bug #990325 seems to be a duplicate to #986218. Best regards Jan -- System Information: Debian Release: 11.0 APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-7-amd64 (SMP w/6 CPU threads) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages evolution depends on: ii dbus 1.12.20-2 ii evolution-common 3.38.3-1 ii evolution-data-server 3.38.3-1 ii libc6 2.31-12 ii libcamel-1.2-623.38.3-1 ii libclutter-gtk-1.0-0 1.8.4-4 ii libecal-2.0-1 3.38.3-1 ii libedataserver-1.2-25 3.38.3-1 ii libevolution 3.38.3-1 ii libglib2.0-0 2.66.8-1 ii libgtk-3-0 3.24.24-4 ii libical3 3.0.9-2 ii libnotify4 0.7.9-3 ii libsoup2.4-1 2.72.0-2 ii libwebkit2gtk-4.0-37 2.32.1-2 ii libxml22.9.10+dfsg-6.7 ii psmisc 23.4-2 Versions of packages evolution recommends: ii evolution-plugin-bogofilter 3.38.3-1 ii evolution-plugin-pstimport 3.38.3-1 ii evolution-plugins3.38.3-1 ii yelp 3.38.3-1 Versions of packages evolution suggests: pn evolution-ews pn evolution-plugins-experimental ii gnupg 2.2.27-2 ii network-manager 1.30.0-2 -- debconf information excluded
Bug#990617: login-duo: default configuration file in manpage incorrect
Package: login-duo Version: 1.11.3-1 Severity: minor Dear Maintainer, The login_duo man page states that its default configuration file is /etc/duo/login_duo.conf. However, it appears to by default look in /etc/security/login_duo.conf. This is confusing to a new user who installs the configuration file in /etc/duo/login_duo.conf. When login_duo can't find its configuration file, it "fails open", allowing users to proceed with their login action without checking the second factor, so it is important that the configuration file be installed correctly. Here is an example terminal session demonstrating the problem: $ login_duo -f jackhill Missing host, ikey, or skey in /etc/security/login_duo.conf $ logout $ login_duo -f jackhill -c /etc/duo/login_duo.conf Duo two-factor login for jackhill Enter a passcode or select one of the following options: 1. Phone call to XXX-XXX-2576 2. SMS passcodes to XXX-XXX-2576 (next code starts with: 2) Passcode or option (1-2): 1 Calling your phone... Dialing XXX-XXX-2576... Answered. Press any key on your phone to log in. Success. Logging you in... $ -- System Information: Debian Release: 11.0 APT prefers testing-security APT policy: (500, 'testing-security'), (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-7-amd64 (SMP w/1 CPU thread) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages login-duo depends on: ii libc6 2.31-12 ii libduo3 1.11.3-1 ii openssh-server 1:8.4p1-5 login-duo recommends no packages. login-duo suggests no packages. -- no debconf information
Bug#930759: mokutil(1) refers to non-existent "--enroll-validation"
Well, upstream has fixed s/enroll/enable/ . But it has not added any useful explanation of what this does, nor why it prompts for a password and what that password does. -- Adam Williamson Fedora QA IRC: adamw | Twitter: adamw_ha https://www.happyassassin.net
Bug#990326: thunderbird: No images shown in thundebird
Hello Carsten, with the update it is fine now. Thank you for maintaining. Best regards Guido Am 29.06.21 um 22:00 schrieb Carsten Schoenert: Hello Guido, Am Fri, Jun 25, 2021 at 08:15:37PM +0200 schrieb Guido Krause: Dear Maintainer, Thunderbird does not show images embedded in e-mail if allowed. Either nothing is shown or a "broken image" icon what about this issue with version 1:78.11.0-2 ? Regards Carsten
Bug#990326: thunderbird: No images shown in thundebird
On Tue, 29 Jun 2021 22:00:28 +0200 Carsten Schoenert wrote: > Hello Guido, > > Am Fri, Jun 25, 2021 at 08:15:37PM +0200 schrieb Guido Krause: > > Dear Maintainer, > > > > Thunderbird does not show images embedded in e-mail if allowed. Either > > nothing is shown or a "broken image" icon > > what about this issue with version 1:78.11.0-2 ? > > Regards > Carsten > > I'm not the original reporter, but I had the same problem reported above, and updating to version 1:78.11.0-2 resolved it.
Bug#990616: O: perl-tk -- Perl module providing the Tk graphics library
Package: wnpp The current maintainer of perl-tk, Colin Tuckley , has retired. Therefore, I orphan this package now. Maintaining a package requires time and skills. Please only adopt this package if you will have enough time and attention to work on it. If you want to be the new maintainer, please see https://www.debian.org/devel/wnpp/#howto-o for detailed instructions how to adopt a package properly. Some information about this package: Package: perl-tk Binary: perl-tk Version: 1:804.035-0.1 Maintainer: Colin Tuckley Uploaders: Michael C. Schultheiss Build-Depends: debhelper (>> 9), perl (>> 5.8.1), libx11-dev, libxft-dev, libxt-dev, x11proto-core-dev, libpng-dev, libjpeg-dev, libfreetype6-dev, libxrender-dev, dpkg-dev (>= 1.16.1~) Architecture: any Standards-Version: 3.9.8 Format: 3.0 (quilt) Files: 85d23642c5a5a2c704c3f07913663c4b 1933 perl-tk_804.035-0.1.dsc 839c70fe35acf4ba92206e719cc5f0a6 7024487 perl-tk_804.035.orig.tar.gz bdb5c4b8362f7c73b18ef46fe13bff52 14504 perl-tk_804.035-0.1.debian.tar.xz Checksums-Sha256: f581e23104e8331e42117571f7c5d092ca38d426a117d685d73100d3ab898224 1933 perl-tk_804.035-0.1.dsc 4d2b80291ba6de34d8ec886a085a6dbd2b790b926035a087e99025614c5ffdd4 7024487 perl-tk_804.035.orig.tar.gz 012417ca5a4e6314bba21343d5b929c07a0142e57c4ddbaa895e249c6000 14504 perl-tk_804.035-0.1.debian.tar.xz Homepage: http://search.cpan.org/dist/Tk/ Package-List: perl-tk deb perl optional arch=any Directory: pool/main/p/perl-tk Priority: source Section: perl Package: perl-tk Source: perl-tk (1:804.035-0.1) Version: 1:804.035-0.1+b1 Installed-Size: 7327 Maintainer: Colin Tuckley Architecture: amd64 Replaces: libtk-png-perl Provides: libtk-perl, libtk-png-perl Depends: libc6 (>= 2.29), libfontconfig1 (>= 2.12.6), libjpeg62-turbo (>= 1.3.1), libpng16-16 (>= 1.6.2-1), libx11-6, libxft2 (>> 2.1.1), perl (>= 5.32.0-4), perlapi-5.32.0 Conflicts: libtk-png-perl Description: Perl module providing the Tk graphics library Description-md5: 4b85d3a774205640dd14fdee9cb4f6e9 Homepage: http://search.cpan.org/dist/Tk/ Tag: devel::interpreter, devel::lang:perl, devel::library, implemented-in::perl, interface::graphical, interface::x11, role::app-data, role::program, role::shared-lib, uitoolkit::tk, x11::application Section: perl Priority: optional Filename: pool/main/p/perl-tk/perl-tk_804.035-0.1+b1_amd64.deb Size: 2015840 MD5sum: 8740373831c33c0d35eeec912b07cd87 SHA256: e99288b6d076ca1bdac0f057b7de38d885595190b44cd531ad2217a751e7ebd9 -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990615: O: otp -- Generator for One Time Pads or Passwords
Package: wnpp The current maintainer of otp, Colin Tuckley , has retired. Therefore, I orphan this package now. Maintaining a package requires time and skills. Please only adopt this package if you will have enough time and attention to work on it. If you want to be the new maintainer, please see https://www.debian.org/devel/wnpp/#howto-o for detailed instructions how to adopt a package properly. Some information about this package: Package: otp Binary: otp Version: 1:1.2.2-1 Maintainer: Colin Tuckley Build-Depends: debhelper (>= 9), dpkg-dev (>= 1.16.1~) Architecture: any Standards-Version: 3.9.5 Format: 3.0 (quilt) Files: 5c6de1eb7c12fa5ba18e559a544e0db5 1682 otp_1.2.2-1.dsc 498c244e19cab39b6707f7eef6267352 43649 otp_1.2.2.orig.tar.gz a75ce94fb836da1b74f676deabf18117 3044 otp_1.2.2-1.debian.tar.xz Checksums-Sha256: ee07d635e3c1aadebfa92b9d3d1058c2109d1e83eee9f1f36312188e5705e862 1682 otp_1.2.2-1.dsc 6369468070937c495829ebb2798ac66ebca1d04515171fcb47b17a82e950c452 43649 otp_1.2.2.orig.tar.gz 2df06c5213cd35526f89ff25378d058f4bcf21b134c60c89f9e5f0a7590a8eb8 3044 otp_1.2.2-1.debian.tar.xz Homepage: http://www.fourmilab.ch/onetime/otpgen.html Package-List: otp deb misc optional arch=any Directory: pool/main/o/otp Priority: source Section: misc Package: otp Source: otp (1:1.2.2-1) Version: 1:1.2.2-1+b1 Installed-Size: 38 Maintainer: Colin Tuckley Architecture: amd64 Depends: libc6 (>= 2.4) Description: Generator for One Time Pads or Passwords Description-md5: 98841fa857f52c2ad64211d92f12e915 Homepage: http://www.fourmilab.ch/onetime/otpgen.html Tag: interface::commandline, role::program, scope::utility, security::cryptography Section: misc Priority: optional Filename: pool/main/o/otp/otp_1.2.2-1+b1_amd64.deb Size: 14892 MD5sum: f7d5633becfc16a89a90f8c0ca3fc112 SHA256: 78bf19491b90280e21baa0980710ec7b91d18891926ddea21262fa1af8fffe18 -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990614: O: tart -- versatile and feature-rich email signature generator
Package: wnpp The current maintainer of tart, Colin Tuckley , has retired. Therefore, I orphan this package now. Maintaining a package requires time and skills. Please only adopt this package if you will have enough time and attention to work on it. If you want to be the new maintainer, please see https://www.debian.org/devel/wnpp/#howto-o for detailed instructions how to adopt a package properly. Some information about this package: Package: tart Binary: tart Version: 3.10-1 Maintainer: Colin Tuckley Build-Depends: debhelper (>= 5.0.0), autotools-dev, dpkg-dev (>= 1.16.1~) Architecture: any Standards-Version: 3.9.5 Format: 3.0 (quilt) Files: 6f6d797433be1555c854b04801118691 1699 tart_3.10-1.dsc 471a0a53825a28619b4667b755425f23 128837 tart_3.10.orig.tar.gz fddb2cecfdf925bab19be2ed2916b7c2 2972 tart_3.10-1.debian.tar.xz Checksums-Sha256: 172c8dd9c891b161f68e1f0cedaec00c343873d72f2f3f34ce69e9f474668565 1699 tart_3.10-1.dsc b4e4617088fa71998db5ccdfd060142b9c74bf779f8164367e073714035c2bcb 128837 tart_3.10.orig.tar.gz 49fb1e744596c75b11f599239121332b26ac673bb190ae25e39f606fdbaeee3d 2972 tart_3.10-1.debian.tar.xz Homepage: http://sourceforge.net/projects/linuxtart/ Package-List: tart deb mail optional arch=any Directory: pool/main/t/tart Priority: source Section: mail Package: tart Source: tart (3.10-1) Version: 3.10-1+b1 Installed-Size: 156 Maintainer: Colin Tuckley Architecture: amd64 Depends: libc6 (>= 2.14) Description: versatile and feature-rich email signature generator Description-md5: 45aa42dd3f5968a94485d14c99ef0d99 Homepage: http://sourceforge.net/projects/linuxtart/ Tag: implemented-in::c, role::program, works-with::mail Section: mail Priority: optional Filename: pool/main/t/tart/tart_3.10-1+b1_amd64.deb Size: 63192 MD5sum: 5e35b3db1ecc4edfc5f247f0789626c2 SHA256: 33d5d6a68068cc429c740ffe4ffa82253212abfc2e6ff090b7b7a4fda9fac51f -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990613: O: ltris -- very polished Tetris clone with CPU opponents
Package: wnpp The current maintainer of ltris, Colin Tuckley , has retired. Therefore, I orphan this package now. Maintaining a package requires time and skills. Please only adopt this package if you will have enough time and attention to work on it. If you want to be the new maintainer, please see https://www.debian.org/devel/wnpp/#howto-o for detailed instructions how to adopt a package properly. Some information about this package: Package: ltris Binary: ltris Version: 1.0.19-3 Maintainer: Colin Tuckley Build-Depends: debhelper (>> 9), libsdl1.2-dev, libsdl-mixer1.2-dev, autotools-dev Architecture: any Standards-Version: 3.9.6 Format: 3.0 (quilt) Files: 5d375a699d02ab6bda0140c586d3b8b0 1743 ltris_1.0.19-3.dsc 63486b90e59699823f7093bc9ab87725 883543 ltris_1.0.19.orig.tar.gz aa9ea9cac333010e61d33a39abdbdcb2 8480 ltris_1.0.19-3.debian.tar.xz Checksums-Sha256: 723d9d1ad46b758ceba698cb70e11667c7559a41921f1235c117f11b9fdd0248 1743 ltris_1.0.19-3.dsc 8f6a9e7719d22004aee153db29ffd9ca41c7a6cd87fc791591994eecc2e625a1 883543 ltris_1.0.19.orig.tar.gz be5d42db6a36a0e3d1fa42320c99f5829d2492dc752dda3aaced7ba51fd63fd4 8480 ltris_1.0.19-3.debian.tar.xz Homepage: http://lgames.sourceforge.net/index.php?project=LTris Package-List: ltris deb games optional arch=any Directory: pool/main/l/ltris Priority: source Section: games Package: ltris Source: ltris (1.0.19-3) Version: 1.0.19-3+b1 Installed-Size: 1107 Maintainer: Colin Tuckley Architecture: amd64 Depends: libc6 (>= 2.14), libsdl-mixer1.2, libsdl1.2debian (>= 1.2.11) Description: very polished Tetris clone with CPU opponents Description-md5: ba5974efd7c79972f5f5422957b41085 Homepage: http://lgames.sourceforge.net/index.php?project=LTris Tag: game::tetris, interface::graphical, interface::x11, role::program, uitoolkit::sdl, use::gameplaying, x11::application Section: games Priority: optional Filename: pool/main/l/ltris/ltris_1.0.19-3+b1_amd64.deb Size: 447692 MD5sum: 054b1eaf9cc82ae1b9d3183d4911c93c SHA256: 1b5d1b4e371ab23c3d30133a91f47821a63985bacb55fc5ec012a74b9db19251 -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990612: O: ploticus -- script driven business graphics package
Package: wnpp The current maintainer of ploticus, Colin Tuckley , has retired. Therefore, I orphan this package now. Maintaining a package requires time and skills. Please only adopt this package if you will have enough time and attention to work on it. If you want to be the new maintainer, please see https://www.debian.org/devel/wnpp/#howto-o for detailed instructions how to adopt a package properly. Some information about this package: Package: ploticus Binary: ploticus, libploticus0, libploticus0-dev Version: 2.42-4.2 Maintainer: Colin Tuckley Build-Depends: debhelper (>= 9), zlib1g-dev, libgd-dev, libjpeg-dev, libfreetype6-dev, libx11-dev, x11proto-core-dev, libpng-dev, dpkg-dev (>= 1.16.1~) Architecture: any Standards-Version: 4.0.0 Format: 3.0 (quilt) Files: f63751bf889672caeb314d18bfec0b9f 1949 ploticus_2.42-4.2.dsc 02fe439080786fd23772ab1e27b2 554515 ploticus_2.42.orig.tar.gz 97d28dda1e5192ebfb880332a1d60d30 18700 ploticus_2.42-4.2.debian.tar.xz Checksums-Sha256: 29783ed44eb2dff0eca46cd7e246ae6e3255bdc5b4aeed7fa69283f79069f9ef 1949 ploticus_2.42-4.2.dsc 62ca31c596bbf0795dfc1d17350d6b83cfe7e742029e020429d35d5503584177 554515 ploticus_2.42.orig.tar.gz 5ae008530b498d694cd5a732bd3bad8aa5e14af8557666472f0806906c865eda 18700 ploticus_2.42-4.2.debian.tar.xz Homepage: http://ploticus.sourceforge.net Package-List: libploticus0 deb libs optional arch=any libploticus0-dev deb libdevel optional arch=any ploticus deb misc optional arch=any Directory: pool/main/p/ploticus Priority: source Section: misc -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990611: O: cd-circleprint -- prints round cd-labels
Package: wnpp The current maintainer of cd-circleprint, Colin Tuckley , has retired. Therefore, I orphan this package now. Maintaining a package requires time and skills. Please only adopt this package if you will have enough time and attention to work on it. If you want to be the new maintainer, please see https://www.debian.org/devel/wnpp/#howto-o for detailed instructions how to adopt a package properly. Some information about this package: Package: cd-circleprint Binary: cd-circleprint Version: 0.7.0-5.1 Maintainer: Colin Tuckley Build-Depends: debhelper (>= 9) Architecture: all Standards-Version: 4.0.0 Format: 1.0 Files: b7b6b44cb6c3053fdef80107d3531cc4 1753 cd-circleprint_0.7.0-5.1.dsc 9e33fb7cd029bd7e4c37ed28c0cdbf7b 75790 cd-circleprint_0.7.0.orig.tar.gz 2790644f81e81e647154dbb96bf2d9d6 4822 cd-circleprint_0.7.0-5.1.diff.gz Checksums-Sha256: a50acc612440755736c1110a62cc2ff770c7a89f575b4e768e3af6bf18928187 1753 cd-circleprint_0.7.0-5.1.dsc bbf45752135e123e2d34ee831687353cab1543a2c7a2d4ef1b357a168419b908 75790 cd-circleprint_0.7.0.orig.tar.gz a890b0ffc3c492e0550689a28b010f121105a8754abe7cb5ed0de6b315165016 4822 cd-circleprint_0.7.0-5.1.diff.gz Homepage: http://sourceforge.net/projects/cd-circle-print/ Package-List: cd-circleprint deb text optional arch=all Directory: pool/main/c/cd-circleprint Priority: source Section: text Package: cd-circleprint Version: 0.7.0-5.1 Installed-Size: 174 Maintainer: Colin Tuckley Architecture: all Depends: perl, perl-tk Suggests: imagemagick, gv Description: prints round cd-labels Description-md5: 51a4ae39167501ed72dce961877ad4cd Homepage: http://sourceforge.net/projects/cd-circle-print/ Tag: hardware::storage, hardware::storage:cd, role::program, use::printing Section: text Priority: optional Filename: pool/main/c/cd-circleprint/cd-circleprint_0.7.0-5.1_all.deb Size: 79516 MD5sum: c93952e28929462e862c3e0a08512397 SHA256: 7bb53359aa84a78c2bafa08777680f180d79e3e198066c2ed764c0853723aeb8 -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990610: O: brandy -- BBC BASIC V interpreter
Package: wnpp The current maintainer of brandy, Colin Tuckley , has retired. Therefore, I orphan this package now. Maintaining a package requires time and skills. Please only adopt this package if you will have enough time and attention to work on it. If you want to be the new maintainer, please see https://www.debian.org/devel/wnpp/#howto-o for detailed instructions how to adopt a package properly. Some information about this package: Package: brandy Binary: brandy Version: 1.20.1-1 Maintainer: Colin Tuckley Build-Depends: debhelper (>= 5), libsdl1.2-dev, dpkg-dev (>= 1.16.1~) Architecture: any Standards-Version: 3.9.5 Format: 3.0 (quilt) Files: ca881bacdd1b562ac9fbad1e5153ebc3 1731 brandy_1.20.1-1.dsc 661a5cb90a79416efc0e584c835e6310 422579 brandy_1.20.1.orig.tar.gz 6c75278a8978f98dcbecc93c88688aab 5276 brandy_1.20.1-1.debian.tar.xz Checksums-Sha256: ca6f8d6e4a1aa31f3966bce9f973d36cf9bf0f0b89c4057688ade387d53a7a88 1731 brandy_1.20.1-1.dsc 1639aa60b6e7c4b6aa829155c81d35043ae875971984ef63320cf336e1787be3 422579 brandy_1.20.1.orig.tar.gz db3323e24213174270387cbae75b1d6850b6dc5fdab8600871f972de9c24de76 5276 brandy_1.20.1-1.debian.tar.xz Homepage: http://sourceforge.net/projects/brandy Package-List: brandy deb interpreters optional arch=any Directory: pool/main/b/brandy Priority: source Section: interpreters Package: brandy Source: brandy (1.20.1-1) Version: 1.20.1-1+b1 Installed-Size: 488 Maintainer: Colin Tuckley Architecture: amd64 Depends: libc6 (>= 2.14), libsdl1.2debian (>= 1.2.11) Description: BBC BASIC V interpreter Description-md5: 87052efb62063bde1423433f8602c5be Homepage: http://sourceforge.net/projects/brandy Tag: devel::interpreter, interface::graphical, interface::x11, role::program, uitoolkit::sdl, x11::application Section: interpreters Priority: optional Filename: pool/main/b/brandy/brandy_1.20.1-1+b1_amd64.deb Size: 244298 MD5sum: 08e0bdd0138df962de578a5818cb3b27 SHA256: 0a6025dc6a284a1488e34e75e17227b3cc7268f95ee7703ee246ca4f7158b6d7 -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990609: Updating the aprx Uploaders list
Source: aprx Version: 2.9.0+dfsg-4 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Colin Tuckley has retired, so can't work on the aprx package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from the Uploaders list of the package so we can close that part of the file. (If the person is listed as Maintainer, what we are asking is to please step in as a new maintainer.) Thanks. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990608: Updating the ax25-tools Uploaders list
Source: ax25-tools Version: 0.0.10-rc5+git20190411+3595f87-5 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Colin Tuckley has retired, so can't work on the ax25-tools package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from the Uploaders list of the package so we can close that part of the file. (If the person is listed as Maintainer, what we are asking is to please step in as a new maintainer.) Thanks. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990607: Updating the baycomepp Uploaders list
Source: baycomepp Version: 0.10-15 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Colin Tuckley has retired, so can't work on the baycomepp package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from the Uploaders list of the package so we can close that part of the file. (If the person is listed as Maintainer, what we are asking is to please step in as a new maintainer.) Thanks. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990606: Updating the ax25-apps Uploaders list
Source: ax25-apps Version: 0.0.8-rc5+git20190411+0ff1383-4 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Colin Tuckley has retired, so can't work on the ax25-apps package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from the Uploaders list of the package so we can close that part of the file. (If the person is listed as Maintainer, what we are asking is to please step in as a new maintainer.) Thanks. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990605: Updating the baycomusb Uploaders list
Source: baycomusb Version: 0.10-14 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Colin Tuckley has retired, so can't work on the baycomusb package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from the Uploaders list of the package so we can close that part of the file. (If the person is listed as Maintainer, what we are asking is to please step in as a new maintainer.) Thanks. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990604: Updating the ax25mail-utils Uploaders list
Source: ax25mail-utils Version: 0.14-1 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Colin Tuckley has retired, so can't work on the ax25mail-utils package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from the Uploaders list of the package so we can close that part of the file. (If the person is listed as Maintainer, what we are asking is to please step in as a new maintainer.) Thanks. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990603: Updating the cqrlog Uploaders list
Source: cqrlog Version: 2.5.1-2 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Colin Tuckley has retired, so can't work on the cqrlog package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from the Uploaders list of the package so we can close that part of the file. (If the person is listed as Maintainer, what we are asking is to please step in as a new maintainer.) Thanks. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990602: Updating the cwdaemon Uploaders list
Source: cwdaemon Version: 0.10.2-2 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Colin Tuckley has retired, so can't work on the cwdaemon package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from the Uploaders list of the package so we can close that part of the file. (If the person is listed as Maintainer, what we are asking is to please step in as a new maintainer.) Thanks. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990601: Updating the fbb Uploaders list
Source: fbb Version: 7.010-1 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Colin Tuckley has retired, so can't work on the fbb package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from the Uploaders list of the package so we can close that part of the file. (If the person is listed as Maintainer, what we are asking is to please step in as a new maintainer.) Thanks. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990600: Updating the gpredict Uploaders list
Source: gpredict Version: 2.3-72-gc596101-3 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Colin Tuckley has retired, so can't work on the gpredict package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from the Uploaders list of the package so we can close that part of the file. (If the person is listed as Maintainer, what we are asking is to please step in as a new maintainer.) Thanks. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990599: Updating the icom Uploaders list
Source: icom Version: 20120228-3 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Colin Tuckley has retired, so can't work on the icom package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from the Uploaders list of the package so we can close that part of the file. (If the person is listed as Maintainer, what we are asking is to please step in as a new maintainer.) Thanks. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990598: Updating the qrq Uploaders list
Source: qrq Version: 0.3.3-3 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Colin Tuckley has retired, so can't work on the qrq package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from the Uploaders list of the package so we can close that part of the file. (If the person is listed as Maintainer, what we are asking is to please step in as a new maintainer.) Thanks. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990597: Updating the lbreakout2 Uploaders list
Source: lbreakout2 Version: 2.6.5-2 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Colin Tuckley has retired, so can't work on the lbreakout2 package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from the Uploaders list of the package so we can close that part of the file. (If the person is listed as Maintainer, what we are asking is to please step in as a new maintainer.) Thanks. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990594: Updating the linpac Uploaders list
Source: linpac Version: 0.28-1 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Colin Tuckley has retired, so can't work on the linpac package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from the Uploaders list of the package so we can close that part of the file. (If the person is listed as Maintainer, what we are asking is to please step in as a new maintainer.) Thanks. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990596: Updating the libax25 Uploaders list
Source: libax25 Version: 0.0.12-rc5+git20190411+b17ff36-3 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Colin Tuckley has retired, so can't work on the libax25 package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from the Uploaders list of the package so we can close that part of the file. (If the person is listed as Maintainer, what we are asking is to please step in as a new maintainer.) Thanks. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990595: Updating the tk2 Uploaders list
Source: tk2 Version: 1.1-10.1 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Colin Tuckley has retired, so can't work on the tk2 package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from the Uploaders list of the package so we can close that part of the file. (If the person is listed as Maintainer, what we are asking is to please step in as a new maintainer.) Thanks. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990593: Updating the trustedqsl Uploaders list
Source: trustedqsl Version: 2.5.7-2 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Colin Tuckley has retired, so can't work on the trustedqsl package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from the Uploaders list of the package so we can close that part of the file. (If the person is listed as Maintainer, what we are asking is to please step in as a new maintainer.) Thanks. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990591: Updating the twpsk Uploaders list
Source: twpsk Version: 4.3-1 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Colin Tuckley has retired, so can't work on the twpsk package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from the Uploaders list of the package so we can close that part of the file. (If the person is listed as Maintainer, what we are asking is to please step in as a new maintainer.) Thanks. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990592: Updating the qsstv Uploaders list
Source: qsstv Version: 9.4.4-3 9.5.3-1 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Colin Tuckley has retired, so can't work on the qsstv package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from the Uploaders list of the package so we can close that part of the file. (If the person is listed as Maintainer, what we are asking is to please step in as a new maintainer.) Thanks. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990590: Updating the twclock Uploaders list
Source: twclock Version: 3.5-1 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Colin Tuckley has retired, so can't work on the twclock package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from the Uploaders list of the package so we can close that part of the file. (If the person is listed as Maintainer, what we are asking is to please step in as a new maintainer.) Thanks. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990589: Updating the unixcw Uploaders list
Source: unixcw Version: 3.5.1-4 3.6.0-1 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Colin Tuckley has retired, so can't work on the unixcw package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from the Uploaders list of the package so we can close that part of the file. (If the person is listed as Maintainer, what we are asking is to please step in as a new maintainer.) Thanks. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990588: Updating the xdx Uploaders list
Source: xdx Version: 2.5.0-3 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Colin Tuckley has retired, so can't work on the xdx package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from the Uploaders list of the package so we can close that part of the file. (If the person is listed as Maintainer, what we are asking is to please step in as a new maintainer.) Thanks. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990586: Updating the z8530-utils2 Uploaders list
Source: z8530-utils2 Version: 3.0-1-10 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Colin Tuckley has retired, so can't work on the z8530-utils2 package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from the Uploaders list of the package so we can close that part of the file. (If the person is listed as Maintainer, what we are asking is to please step in as a new maintainer.) Thanks. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#990587: Updating the xnec2c Uploaders list
Source: xnec2c Version: 1:4.1.1-2 Severity: minor User: m...@qa.debian.org Usertags: mia-teammaint Colin Tuckley has retired, so can't work on the xnec2c package anymore (at least with this address). We are tracking their status in the MIA team and would like to ask you to remove them from the Uploaders list of the package so we can close that part of the file. (If the person is listed as Maintainer, what we are asking is to please step in as a new maintainer.) Thanks. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Bug#989799: psmisc: Undeclared file conflict with manpages-de
Hello Hideki, On Fri, Jul 02, 2021 at 10:29:53AM +0900, Hideki Yamane wrote: > On Thu, 1 Jul 2021 21:07:03 +0200 > Helge Kreutzmann wrote: > > It now has. So this bug is closed, if users upgrade to the latestes > > backport version. > > Hmm, however, this bug is not closed automatically. Weird. > > https://tracker.debian.org/news/1243791/accepted-manpages-l10n-4100-1bpo101-source-into-buster-backports-backports-policy-buster-backports/ This is normal, somehow Closes in backported packages don't work. I asked this earlier and was told otherwiese, but it still applies. > We can close it via mail, but should investigate its reason, IMO. I already did that, however, I can do it again, if necessary. Greetings Helge -- Dr. Helge Kreutzmann deb...@helgefjell.de Dipl.-Phys. http://www.helgefjell.de/debian.php 64bit GNU powered gpg signed mail preferred Help keep free software "libre": http://www.ffii.de/ signature.asc Description: PGP signature
Bug#990585: frr: "set src" in zebra.conf not working after update libyang1
Package: frr Version: 7.5.1-1 In zebra.conf i set src address for outgoing connections: route-map ospf-in permit 20 set src 10.1.1.221 (this is address on dummy interface with /32 mask) It work correct before little update (probably libyang1) i get error in zebra.log: 2021/07/02 16:36:53 ZEBRA: [EC 100663299] buffer_flush_available: write error on fd 2: Bad file descriptor 2021/07/02 16:36:53 ZEBRA: [EC 100663304] ERROR: Command returned Warning Config Failed on config line 26: set src 10.1.1.221 2021/07/02 16:36:53 ZEBRA: [EC 100663299] buffer_flush_available: write error on fd 2: Bad file descriptor Update, which broke frr (/var/log/apt/history.log): # cat /var/log/apt/history.log Start-Date: 2021-07-02 16:01:18 Requested-By: leg0las (1000) Install: e2fsprogs-l10n:amd64 (1.46.2-2) Upgrade: libyang1:amd64 (1.0.184-2, 1.0.225-1.1), libext2fs2:amd64 (1.46.2-1, 1.46.2-2), libcom-err2:amd64 (1.46.2-1, 1.46.2-2), guile-2.2-libs:amd64 (2.2.7+1-5.4, 2.2.7+1-6), logsave:amd64 (1.46.2-1, 1.46.2-2), libss2:amd64 (1.46 .2-1, 1.46.2-2), e2fsprogs:amd64 (1.46.2-1, 1.46.2-2) End-Date: 2021-07-02 16:01:50 As I understand the problem in "libyang1:amd64 (1.0.184-2, 1.0.225-1.1)", I tested it on 2 hosts (not updated and updated versions libyang1) and the old version worked correctly. After updating and rebooting I get this error (alike as on second host)
Bug#990584: ftp.debian.org: consider tightening the Valid-Until times
Package: ftp.debian.org Severity: normal Hey there. Would you possibly consider to tighten the Valid-Until times on the various repositories? E.g. stable and testing security seems to have 1 week right now. This seems pretty long,... a whole week in which an attacker might do a blocking attack and prevent people from noticing that they're not seeing any updates? Current stable (buster) doesn't seem to have a Valid-Until at all. Not sure if this is planned for bullseye as well. The impact is perhaps not that big, since the security upgrades go anyway to bullseye-security. But still perhaps better to have a validity than not? I would have blindly guessed that using shorter Valid-Until times isn't that expensive, cause it's probably just the dates that need to be refresehed and the signature on the Release file? What about a validity time of e.g. one day,... at least for repos like unstable, *-security, *-updates? Maybe also testing? And maybe a 1-2 weeks or so for any repo where security is anyway handled in another (stable)? Thanks for your consideration, Chris.
Bug#990583: lrzip: CVE-2021-27347
Source: lrzip X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerability was published for lrzip. CVE-2021-27347[0]: | Use after free in lzma_decompress_buf function in stream.c in Irzip | 0.631 allows attackers to cause Denial of Service (DoS) via a crafted | compressed file. It's unclear which commit fixed, this should be checked with upstream: https://github.com/ckolivas/lrzip/issues/165 If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-27347 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27347 Please adjust the affected versions in the BTS as needed.
Bug#990582: fastapi: CVE-2021-32677
Source: fastapi X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerability was published for fastapi. CVE-2021-32677[0]: | FastAPI is a web framework for building APIs with Python 3.6+ based on | standard Python type hints. FastAPI versions lower than 0.65.2 that | used cookies for authentication in path operations that received JSON | payloads sent by browsers were vulnerable to a Cross-Site Request | Forgery (CSRF) attack. In versions lower than 0.65.2, FastAPI would | try to read the request payload as JSON even if the content-type | header sent was not set to application/json or a compatible JSON media | type (e.g. application/geo+json). A request with a content type of | text/plain containing JSON data would be accepted and the JSON data | would be extracted. Requests with content type text/plain are exempt | from CORS preflights, for being considered Simple requests. The | browser will execute them right away including cookies, and the text | content could be a JSON string that would be parsed and accepted by | the FastAPI application. This is fixed in FastAPI 0.65.2. The request | data is now parsed as JSON only if the content-type header is | application/json or another JSON compatible media type like | application/geo+json. It's best to upgrade to the latest FastAPI, but | if updating is not possible then a middleware or a dependency that | checks the content-type header and aborts the request if it is not | application/json or another JSON compatible content type can act as a | mitigating workaround. Advisory: https://github.com/tiangolo/fastapi/security/advisories/GHSA-8h2j-cgx8-6xv7 Patch: https://github.com/tiangolo/fastapi/commit/fa7e3c996edf2d5482fff8f9d890ac2390dede4d (0.65.2) If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-32677 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32677 Please adjust the affected versions in the BTS as needed.
Bug#990581: nomad: CVE-2021-32575
Source: nomad X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerability was published for nomad. CVE-2021-32575[0]: | HashiCorp Nomad and Nomad Enterprise up to version 1.0.4 bridge | networking mode allows ARP spoofing from other bridged tasks on the | same node. Fixed in 0.12.12, 1.0.5, and 1.1.0 RC1. https://discuss.hashicorp.com/t/hcsec-2021-14-nomad-bridge-networking-mode-allows-arp-spoofing-from-other-bridged-tasks-on-same-node/24296 If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-32575 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32575 Please adjust the affected versions in the BTS as needed.
Bug#801951: debian/copyright should mention BSD3 license, not PSF
Control: severity -1 serious Control: retitle -1 d/copyright must contain BSD3 and Apache 2, not PSF On Fri, 16 Oct 2015 10:48:28 +0200 Stefano Zacchiroli wrote: Package: python3-dateutil Version: 2.2-2 Severity: important debian/copyright currently refers to (various incarnations of...) the PSF license, whereas python-dateutil has been relicense under BSD3 a while ago. See http://sources.debian.net/src/python-dateutil/latest/LICENSE/ for reference. debian/copyright should be updated (and can be widely simplified / shortened) to refer to BSD3. Thanks a lot for maintaining python-dateutil in Debian, it's much appreciated! Cheers. Current versions (in buster and upcoming bullseye) are dual-licensed under BSD3 and Apache 2. I am raising the severity because this is a long-standing policy violation.
Bug#990580: apache2: [regression] daily cron mails from logrotate: Reloading Apache httpd web server: apache2.
Package: apache2 Version: 2.4.48-3 Severity: important X-Debbugs-Cc: t...@mirbsd.de, debian-rele...@lists.debian.org Having just upgraded machines from 2.4.46-4 to 2.4.48-3 I now get daily¹ cron mails: | From: Anacron | Message-ID: <20210702075325.946f340...@ci-busyapps.lan.tarent.de> | To: r...@ci-busyapps.lan.tarent.de | Date: Fri, 2 Jul 2021 07:53:25 + (UTC) | Subject: Anacron job 'cron.daily' on ci-busyapps.lan.tarent.de | | /etc/cron.daily/logrotate: | Reloading Apache httpd web server: apache2. This is a regression that’s going to severely annoy admins and ought to be fixed, including for bullseye. ① I know they are daily because I have been getting them on another system for some time already but didn’t know if it was that system or something in the package; as multiple other systems are now affected identically, I know it’s a bug in the package. -- Package-specific info: -- System Information: Debian Release: 11.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-8-amd64 (SMP w/1 CPU thread) Locale: LANG=C, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/lksh Init: sysvinit (via /sbin/init) Versions of packages apache2 depends on: ii apache2-bin 2.4.48-3 ii apache2-data 2.4.48-3 ii apache2-utils2.4.48-3 ii dpkg 1.20.9 ii init-system-helpers 1.60 ii lsb-base 11.1.0 ii mime-support 3.66 ii perl 5.32.1-4 ii procps 2:3.3.17-5 Versions of packages apache2 recommends: ii ssl-cert 1.1.0+nmu1 Versions of packages apache2 suggests: pn apache2-doc pn apache2-suexec-pristine | apache2-suexec-custom ii lynx [www-browser] 2.9.0dev.6-2 Versions of packages apache2-bin depends on: ii libapr11.7.0-6 ii libaprutil11.6.1-5 ii libaprutil1-dbd-pgsql 1.6.1-5 ii libaprutil1-ldap 1.6.1-5 ii libbrotli1 1.0.9-2+b2 ii libc6 2.31-12 ii libcrypt1 1:4.4.18-4 ii libcurl4 7.74.0-1.3 ii libjansson42.13.1-1.1 ii libldap-2.4-2 2.4.57+dfsg-3 ii liblua5.3-05.3.3-1.1+b1 ii libnghttp2-14 1.43.0-1 ii libpcre3 2:8.39-13 ii libssl1.1 1.1.1k-1 ii libxml22.9.10+dfsg-6.7 ii perl 5.32.1-4 ii zlib1g 1:1.2.11.dfsg-2 Versions of packages apache2-bin suggests: pn apache2-doc pn apache2-suexec-pristine | apache2-suexec-custom ii lynx [www-browser] 2.9.0dev.6-2 Versions of packages apache2 is related to: ii apache2 2.4.48-3 ii apache2-bin 2.4.48-3 -- Configuration Files: /etc/apache2/mods-available/ssl.conf changed [not included] /etc/apache2/sites-available/000-default.conf changed [not included] /etc/apache2/sites-available/default-ssl.conf changed [not included] -- no debconf information
Bug#990579: composer: Security update broke git clone with cacheOptions
Package: composer Version: 1.2.2-1+deb9u1 Severity: important 0005-Merge-pull-request-from-GHSA-h5h8-pc6h-jvvx.patch includes: -$command = 'git clone --no-checkout %s %s '.$cacheOptions.'&& cd '.$flag.'%2$s && git remote add composer %1$s && git fetch composer'; +$command = 'git clone --no-checkout -- %s %s '.$cacheOptions.'&& cd '.$flag.'%2$s && git remote add composer -- %1$s && git fetch composer'; git clone expects options before URL and PATH. It will still work if the '--' is not put before URL and PATH. The cacheOptions need to be moved to the left (before --), otherwise this cannot work anymore in case of $cacheOptions != ''. Best regards, Harald
Bug#990578: jetty9: CVE-2021-34428
Source: jetty9 Version: 9.4.39-1 Severity: important Tags: security upstream Forwarded: https://github.com/eclipse/jetty.project/issues/6277 X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for jetty9. CVE-2021-34428[0]: | For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, | if an exception is thrown from the SessionListener#sessionDestroyed() | method, then the session ID is not invalidated in the session ID | manager. On deployments with clustered sessions and multiple contexts | this can result in a session not being invalidated. This can result in | an application used on a shared computer being left logged in. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-34428 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34428 [1] https://github.com/eclipse/jetty.project/issues/6277 [2] https://github.com/eclipse/jetty.project/security/advisories/GHSA-m6cp-vxjx-65j6 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
Bug#990576: mpmath: CVE-2021-29063
Source: mpmath Version: 1.2.1-1 Severity: important Tags: security upstream Forwarded: https://github.com/fredrik-johansson/mpmath/issues/548 X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for mpmath. CVE-2021-29063[0]: | A Regular Expression Denial of Service (ReDOS) vulnerability was | discovered in Mpmath v1.0.0 when the mpmathify function is called. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-29063 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29063 [1] https://github.com/fredrik-johansson/mpmath/issues/548 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
Bug#990577: ruby-bindata: CVE-2021-32823
Source: ruby-bindata Version: 2.4.8-1 Severity: important Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for ruby-bindata. CVE-2021-32823[0]: | In the bindata RubyGem before version 2.4.10 there is a potential | denial-of-service vulnerability. In affected versions it is very slow | for certain classes in BinData to be created. For example | BinData::Bit10, BinData::Bit11, BinData::Bit12, | BinData::Bit. In combination with | .constantize there is a potential for a CPU-based | DoS. In version 2.4.10 bindata improved the creation time of Bits and | Integers. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-32823 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32823 [1] https://github.com/dmendel/bindata/commit/d99f050b88337559be2cb35906c1f8da49531323 [2] https://github.com/dmendel/bindata/blob/v2.4.10/ChangeLog.rdoc#version-2410-2021-05-18- Please adjust the affected versions in the BTS as needed. Regards, Salvatore
Bug#990575: php8.0: CVE-2021-21704 CVE-2021-21705
Source: php8.0 Version: 8.0.7-1 Severity: grave Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerabilities were published for php8.0, they are fixed in 8.0.8 upstream. CVE-2021-21704[0]: | PHP: firebird issues CVE-2021-21705[1]: | PHP: SSRF bypass in FILTER_VALIDATE_URL If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-21704 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21704 [1] https://security-tracker.debian.org/tracker/CVE-2021-21705 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21705 Regards, Salvatore
Bug#990489: python3-expeyes: why is there a Conflicts: modemmanager ?
Dear Ajith, I uploaded a fixed package to Debian, just before Jithin proposed an even better fix (more general for various hardware related to Phoenix project). We must let some time to developers of the release.debian.org to manage the current "unblock request". If they agree with the unblock request, expeyes will be part of the next Debian/stable distribution. I shall try to upload Jithin's better fix later: maybe some member of release.debian.org will be able to take it in consideration, as a second (and lighter) change to this package. Best regards, Georges. Ajith Kumar a écrit : > Dear Georges, > I think a message may be displayed during the installation of eyes17 > instructing to remove the modem manager in case of any trouble > communicating with eyes17. It is left to the user instead of a forced > removal. It is important to have it in the Distro. The users in Kerala is a > closed community and we can instruct them. Jithin may consider it. signature.asc Description: PGP signature
Bug#990574: popularity-contest: leftovers after purge
Package: popularity-contest Version: 1.71 Severity: normal Hi. Seems popcon creates /var/lib/popularity-contest/ but doesn't clean up the empty dir after purge. Cheers, Chris.
Bug#990573: libpmem1: insufficient flushing on ARMv8.2+
Package: libpmem1 Version: 1.10-1 Severity: grave Justification: causes data loss [a fix is coming, filing this bug so the Release Team knows why] Hi! Support for arm64 in PMDK is deeply experimental. As far as I know, it has never been tested on real hardware nor had been reviewed by someone with adequate knowledge about ARM. Yet, enabling arm64 in our packages has been requested multiple times, and bullseye / buster-backports do include arm64 builds. This was done with porting in mind, yet it looks like pmem-capable ARM hardware is coming soon, and will be used in production not long after. This makes inadequate support for new ARM chips unfortunate to say the least. In ARMv8.0 and ARMv8.1, the only flushes available were CVAI (to make icache = dcache, irrelevant for pmem), and CVAC ("flush to coherency"). The latter was the deepest flush available, and implementors simply had no other option than to have this instruction request the memory controller to send its data to actual memory chips. This changed in ARMv8.2, where a new instruction CVAP ("flush to persistency") has been added, and CVAC was defined to require coherency only between "agents" (such as CPU cores, GPU, etc) but not memory. Yet PMDK knew only about CVAC -- despite asking around, no one of us could get hold of an ARMv8.2 machine to implement detection/etc. Such support is obviously not a priority for Intel nor IBM. Only recently, I managed to get access to such a box, and implemented flushes via CVAP. Without them, an unexpected power loss may result in recent writes being lost. This is even worse than with disks -- a typical filesystem will flush every 5 seconds or so, while there's no time-based mechanism to flush CPU caches. If a machine finished its task and became quiescent, it's possible the kernel and daemons won't actively touch more than 16-64MB of L3 cache for hours or days. The new flushes have been merged upstream in 1.11, I'm about to cherry-pick to 1.10 for Bullseye. Meow! -- System Information: Debian Release: 11.0 APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.13.0-00032-g2fc675a48a0e (SMP w/64 CPU threads) Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages libpmem1 depends on: ii libc6 2.31-12 ii libdaxctl1 71.1-1 ii libndctl6 71.1-1 libpmem1 recommends no packages. libpmem1 suggests no packages. -- no debconf information
Bug#990423: stretch kernel 4.9.0-16-amd64 crashes randomly
Apologies, the correct PCI ID of my wireless NIC is "Intel Corporation Wireless 7260 (rev bb)".
Bug#990423: stretch kernel 4.9.0-16-amd64 crashes randomly
I have the same AMD E-450 CPU and the same problem after installing 4.9.0-16-amd64. The problem in my case seems to be caused by the "Intel Corporation Wireless 7260 (rev 73)" driver or firmware, as there are no crashes if the wlan interface is not enabled. I had to downgrade to 4.9.0-15-amd64 in order to make my laptop usable again with wireless connection.
Bug#990572: ITP: golang-mozilla-pkcs7 -- Go library for parsing and creating signed and enveloped messages
Package: wnpp Severity: wishlist Owner: Peymaneh Nejad * Package name: golang-mozilla-pkcs7-dev Version : 0.0~git20200128.432b235-1 Upstream Author : Mozilla Services * URL : https://go.mozilla.org/pkcs7 * License : Expat Programming Lang: Go Description : Go library for parsing and creating signed and enveloped messages This package implements a subset of PKCS#7/Cryptographic Message Syntax (rfc2315, rfc5652) in Golang. It is a fork of github.com/fullsailor/pkcs7 This package is a dependency of github.com/smallstep/cli (#989857)
Bug#990571: unblock: tinyproxy/1.10.0-5
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package tinyproxy [ Reason ] Two flaws have been discovered recently by other Debian users: + [ Unit 193 ] + * d/p/0001_fix-segfault-with-socks4.patch: ++ Grab an upstream patch to fix a segfault when using socks4 with + tor. (Closes: #990434). -> This issue has been during the past week by Unit 193 and tinyproxy upstream. This allows using tinyproxy as http-proxy on top of a local tor SOCKS4 proxy. + [ Mike Gabriel ] + * debian/tinyproxy.service: ++ Use KillMode=process (instead of the default 'control-group'). The main + tinyproxy process will stop all its workers if a SIGTERM signal is + received. This avoids SIGTERM racing situation where the tinyproxy main + process and systemd are trying to kill tinyproxy's workers simultaneously. + (Closes: #968322). Situations have been observed where tinyproxy exits with exitcode 2 on systemd's normal SIGTERM signal being sent on service stop. Using KillMode=process which only terminates the main tinyproxy process (instead of attempting to kill all children, as well) resolves this problem. [ Impact ] Tinyproxy would not be usable on top of a local tor SOCKS4 proxy. [ Tests ] Manual tests. [ Risks ] If something has been missed, tinyproxy might fail for people and a regression fix would be needed. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] None. unblock tinyproxy/1.10.0-5 diff -Nru tinyproxy-1.10.0/debian/changelog tinyproxy-1.10.0/debian/changelog --- tinyproxy-1.10.0/debian/changelog 2020-01-21 11:14:47.0 +0100 +++ tinyproxy-1.10.0/debian/changelog 2021-07-02 12:25:46.0 +0200 @@ -1,3 +1,20 @@ +tinyproxy (1.10.0-5) unstable; urgency=medium + + [ Unit 193 ] + * d/p/0001_fix-segfault-with-socks4.patch: ++ Grab an upstream patch to fix a segfault when using socks4 with + tor. (Closes: #990434). + + [ Mike Gabriel ] + * debian/tinyproxy.service: ++ Use KillMode=process (instead of the default 'control-group'). The main + tinyproxy process will stop all its workers if a SIGTERM signal is + received. This avoids SIGTERM racing situation where the tinyproxy main + process and systemd are trying to kill tinyproxy's workers simultaneously. + (Closes: #968322). + + -- Mike Gabriel Fri, 02 Jul 2021 12:25:46 +0200 + tinyproxy (1.10.0-4) unstable; urgency=medium * debian/tinyproxy.init: diff -Nru tinyproxy-1.10.0/debian/patches/0001_fix-segfault-with-socks4.patch tinyproxy-1.10.0/debian/patches/0001_fix-segfault-with-socks4.patch --- tinyproxy-1.10.0/debian/patches/0001_fix-segfault-with-socks4.patch 1970-01-01 01:00:00.0 +0100 +++ tinyproxy-1.10.0/debian/patches/0001_fix-segfault-with-socks4.patch 2021-07-02 12:22:48.0 +0200 @@ -0,0 +1,51 @@ +From 7ea9f80d3f31c85a4729854b47977e282632e6ed Mon Sep 17 00:00:00 2001 +From: rofl0r +Date: Fri, 25 Jun 2021 02:43:00 +0100 +Subject: [PATCH] fix segfault in socks4 upstream with unresolvable hostname + +using a socks4 tor upstream with an .onion url resulted in +gethostbyname() returning NULL and a subsequent segfault. +not only did the code not check the return value of gethostbyname(), +that resolver API itself isn't threadsafe. + +as pure SOCKS4 supports only IPv4 addresses, and the main SOCKS4 +user to this date is tor, we just use SOCKS4a unconditionally and +pass the hostname to the proxy without trying to do any local name +resolving. + +i suspect in 2021 almost all SOCKS4 proxy servers in existence use +SOCKS4a extension, but should i be wrong on this, i prefer issue +reports to show up and implement plain SOCKS4 fallback only when +i see it is actually used in practice. +--- + src/reqs.c | 12 +++- + 1 file changed, 7 insertions(+), 5 deletions(-) + +--- a/src/reqs.c 2021-06-25 01:00:13.026080096 -0400 b/src/reqs.c 2021-06-25 01:00:13.026080096 -0400 +@@ -1287,7 +1287,6 @@ + unsigned short port; + size_t ulen, passlen; + +- struct hostent *host; + struct upstream *cur_upstream = connptr->upstream_proxy; + + ulen = cur_upstream->ua.user ? strlen(cur_upstream->ua.user) : 0; +@@ -1304,10 +1303,13 @@ + buff[1] = 1; /* connect command */ + port = htons(request->port); + memcpy(&buff[2], &port, 2); /* dest port */ +- host = gethostbyname(request->host); +- memcpy(&buff[4], host->h_addr_list[0], 4); /* dest ip */ +- buff[8] = 0; /* user */ +- if (9 != safe_write(connptr->server_fd, buff, 9)) ++ memcpy(&buff[4], "\0\0\0\1" /* socks4a fake ip */ ++ "\0" /* user */, 5); ++ len = strlen(request->host); ++ if(len>255) ++
Bug#927076: xournalpp packaging in Debian
The reason I'm tracking is because I actually use the generated packages. But I'm totally unfamiliar with the salsa continuous integration stuff. Wouldn't mind learning though. Happy to change workflow, maybe do development on a different branch? Or, could make snapshot upstream releases 1.0.20+git.DATE.N.ID, or 1.1.0~git.DATE.N.ID, which are based on particular upstream commit IDs and pushed into pristine-tar.
Bug#990489: python3-expeyes: why is there a Conflicts: modemmanager ?
Dear Georges, I think a message may be displayed during the installation of eyes17 instructing to remove the modem manager in case of any trouble communicating with eyes17. It is left to the user instead of a forced removal. It is important to have it in the Distro. The users in Kerala is a closed community and we can instruct them. Jithin may consider it. Regards. On Wed, Jun 30, 2021 at 9:36 PM Georges Khaznadar wrote: > Dear Andreas, > > I added in Cc: the authors of Expeyes hardware and software. > > Hello Jithin, Ajith! the context about the bug report with serious > severity is below. > > > > I ignored that a statement like "Conflicts: modemmanager" would create > problems with buster->bullseye upgrades. Currently, binary packages > conflicting with modemmanager are: eyes17, python3-expeyes, > firm-phoenix-ware. The first one, eyes17, will be the most used. > > This statement was added because boxes of the Expeyes family do not > communicate correctly by their serial link when modemmanager is > installed. I did not investigate further, to know the precise reason of > the incompatibility. > > I got e-mails of some users of previous versions of expeyes packages, > who could not activate their boxes, and my reply was to uninstall > modemmanager or upgrade to the new version of eyes17 package. > > The number of Expeyes users is currently growing in Kerala (a southern > state of India), and they rely on *eyes17* package, some with a Debian > machine, most with an Ubuntu machine. This community is growing since > Eyes17 box has become an officially encouraged scientific device, to be > distributed to all high schools in the state, together with training. > > I cannot withdraw the confict statement without damaging this user > community in the future. > > Hence the next question: > > > How would it be possible to keep expeyes packages in the soon-to-come > Debian/Stable distribution? > > The package modemmanager is recommended by widely used packages, like > network-manager, while eyes17 is recommended by no package. > > I do not know how many users do really need modemmanager, or use modems. > > However I know better the profile of users who use eyes17: they are > students and teachers, wo interact inside a high school. Then, the link > with Internet is generally provided by some router or some wireless box, > and no modem is used. > > @Jitin, @Ajith: > can you give please an estimate of the user community for eyes17 now, > and in a near future? > > Best regards, Georges. > > Andreas Beckmann a écrit : > > Package: python3-expeyes > > Version: 4.8.7+repack-4 > > Severity: serious > > User: debian...@lists.debian.org > > Usertags: piuparts > > Control: affects -1 + eyes17 > > > > Hi Georges, > > > > while investigating incomplete buster->bullseye upgrades, I came across > > the Conflicts: modemmanager in python3-expeyes. Why was that added? > > It is not mentioned in the changelog and the git commit introducing it > > doesn't explain it either. > > Should this have been a versioned Breaks instead? > > > > The modemmanager package still exists in bullseye, so what should be the > > desired buster->bullseye upgrade outcome for buster systems with both > > modemmanager and python3-expeyes installed (that happens e.g. when > > installing eyes17/buster with --install-recommends)? > > > > > > Andreas > > -- > Georges KHAZNADAR et Jocelyne FOURNIER > 22 rue des mouettes, 59240 Dunkerque France. > Téléphone +33 (0)3 28 29 17 70 > > -- Dr. Ajith Kumar B.P. https://scischool.in/ Ph: +91 9643258320 , 9868150852
Bug#927076: xournalpp packaging in Debian
Thanks, it helps the salsa pipeline. But it fails right after, because the git content is too different from the tarball of 1.0.20... I guess there is no easy way to make this pipeline work before the release of 1.1.0. I tend to think that our issues come from the remote tracking of upstream's git in the debian one. In the other packages I'm involved in, we only use `gbp import-orig` to get new upstream content, while keeping the pristine-tar branch in sync. I understand that the situation is very specific for xournalpp, as you wanted to get ready for the upcoming release, but maybe in the future it'd be easier to stick to the classical git-buildpackage workflow? That being said, if you have another workflow that work (on salsa also), I'd be glad to learn new tricks ;) I'm not very well connected to the xournal world. Do you have any hint of when the next release will occur? Thx, Mt
Bug#990511: unblock: kodi/2:19.1+dfsg2-2
>C++ has an overloaded version of tolower that takes a locale: >https://en.cppreference.com/w/cpp/locale/tolower Good find, thanks! Still, what do you think about this concern: > but to separate "culture-dependent" and "ordinal" comparisons, one needs to > overhaul half of Kodi. > And this would make the fix unfit for 19.x branch as the regressions would be > just as severe as they could be with CDateTime PR. I dont think spending several weeks to isolate all places that need C-locale comparison from those implementing language-specific processing (amd testing all possible regressions!) is worth for 19.x. -- Vasyl Gello == Certified SolidWorks Expert Mob.:+380 (98) 465 66 77 E-Mail: vasek.ge...@gmail.com Skype: vasek.gello == 호랑이는 죽어서 가죽을 남기고 사람은 죽어서 이름을 남긴다
Bug#990511: unblock: kodi/2:19.1+dfsg2-2
On 2021-07-02 08:48:10 +, Vasyl Gello wrote: > Also I don't see std::tolower_l as part of C++ standard. Looks like tolower_l > is POSIX standard and Kodi uses std:: stuff there :( C++ has an overloaded version of tolower that takes a locale: https://en.cppreference.com/w/cpp/locale/tolower Cheers > -- > Vasyl Gello > == > Certified SolidWorks Expert > > Mob.:+380 (98) 465 66 77 > > E-Mail: vasek.ge...@gmail.com > > Skype: vasek.gello > == > 호랑이는 죽어서 가죽을 남기고 사람은 죽어서 이름을 남긴다 -- Sebastian Ramacher signature.asc Description: PGP signature
Bug#990569: libnode72: Missing dependency on libuv
Package: libnode72 Version: 12.21.0~dfsg-4 Severity: serious Justification: Policy 3.5 Hi, i just realized libnode72 doesn't depend on libuv, even being built with --shared-libuv. Something is broken, will investigate quickly. Jérémy -- System Information: Debian Release: 11.0 APT prefers testing-security APT policy: (500, 'testing-security'), (500, 'unstable'), (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-8-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages libnode72 depends on: ii libbrotli1 1.0.9-2+b2 ii libc-ares2 1.17.1-1 ii libc6 2.31-12 ii libgcc-s1 10.2.1-6 ii libicu67 67.1-7 ii libnghttp2-14 1.43.0-1 ii libssl1.1 1.1.1k-1 ii libstdc++6 10.2.1-6 ii zlib1g 1:1.2.11.dfsg-2 libnode72 recommends no packages. libnode72 suggests no packages. -- no debconf information
Bug#989266: Version has known security issues, and soon to be unmaintained by upstream
Package: nodejs Followup-For: Bug #989266 Hi, > This version has security issues, which have been fixed with 12.21.1 - > see > https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V12.md#12.22.1 well actually 12.21.1 security issues don't apply to nodejs 12.21.0~dfsg-4. This fact has been checked by the security team and by nodejs maintainer. > Also, the upstream maintenance support for Version 12 will end in > April 2022, meaning, the Debian Security Team and/or maintainer will > have the sole responsibility to keep this package secure from then on, > with no support from upstream, if it will be delivered like this with > bullseye. True. However, it is simply not possible to move to node 14 without updating all of the modules currently in debian, potentially breaking applications using them, etc. This has to be an orchestrated work, involving many debian maintainers - most of them on their free time. Nodejs 14 will be for bullseyes+1, and it's at least one year too late to change that. On the other hand, many nodejs critical security issues come from the libraries it depends on - which are covered by the security team. Typically the 12.21.1 version is only fixing openssl/npm issues, which means the fixes are made in the corresponding debian packages. Also LTS maintenance sometimes continue on further than initially advertised - and even if not, several outsiders are maintaining security backports to recently dead nodejs branches - debian is not alone on that side of the time. Jérémy
Bug#990558: unblock: etbemon/1.3.5-6
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package etbemon (Please provide enough (but not too much) information to help the release team to judge the request efficiently. E.g. by filling in the sections below.) [ Reason ] Improvements to imapnew.monitor, added hp-temp.monitor for HP server temperature monitoring, and added support for MegaRAID and NVMe to smartctl.monitor [ Impact ] Less functionality for users with MegaRAID (Dell servers among others) and people using HP servers. [ Risks ] No risks regarding hp-temp.monitor as people can use linux-temp.monitor if hp-temp.monitor doesn't work for them. smartctl.monitor has been tested and found to work OK on the SATA scenarios that the previous version supported. imapnew.monitor has been extensively tested, and also has better quality code. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock etbemon/1.3.5-6 diff -u etbemon-1.3.5/debian/changelog etbemon-1.3.5/debian/changelog --- etbemon-1.3.5/debian/changelog +++ etbemon-1.3.5/debian/changelog @@ -1,3 +1,13 @@ +etbemon (1.3.5-6) unstable; urgency=medium + + * Better fix for headers in imapnew.monitor that doesn't need +libhash-case-perl. + * Added hp-temp.monitor to use /sbin/hplog to monitor HP server temperature + * Added -M option to smartctl.monitor for MegaRAID AKA PERC support and +added support for NVMe devices + + -- Russell Coker Mon, 07 Jun 2021 16:34:01 +1000 + etbemon (1.3.5-5) unstable; urgency=medium * Make the deleted-mapped check avoid perl privsep processes, don't want reverted: --- etbemon-1.3.5/debian/control +++ etbemon-1.3.5.orig/debian/control @@ -13,7 +13,7 @@ Package: mon Architecture: any Depends: mon-client (>= 1.2.0), libtime-period-perl, adduser, ${shlibs:Depends}, ${misc:Depends} +Recommends: fping, libauthen-pam-perl, libfilesys-df-perl, libnet-perl, libnet-dns-perl, libnet-ldap-perl, libnet-telnet-perl, libsnmp-perl, libstatistics-descriptive-perl, libtime-parsedate-perl, libcrypt-ssleay-perl, libmail-imapclient-perl, libtimedate-perl, swaks, libcgi-pm-perl, bc, libproc-processtable-perl, libsys-filesystem-perl -Recommends: fping, libauthen-pam-perl, libfilesys-df-perl, libnet-perl, libnet-dns-perl, libnet-ldap-perl, libnet-telnet-perl, libsnmp-perl, libstatistics-descriptive-perl, libtime-parsedate-perl, libcrypt-ssleay-perl, libmail-imapclient-perl, libtimedate-perl, swaks, libcgi-pm-perl, bc, libproc-processtable-perl, libsys-filesystem-perl, libhash-case-perl Suggests: mon-contrib Conflicts: mon-contrib (<= 1.0+dfsg-3+nmu1) Description: monitor hosts/services/whatever and alert about problems diff -u etbemon-1.3.5/mon-local.d/smartctl.monitor etbemon-1.3.5/mon-local.d/smartctl.monitor --- etbemon-1.3.5/mon-local.d/smartctl.monitor +++ etbemon-1.3.5/mon-local.d/smartctl.monitor @@ -5,38 +5,67 @@ # copyright 2020 Russell Coker, Licensed under GPLv3 or higher. # # Monitor script to run smartctl and parse output. By default checks -# /dev/sd[a-z] and /dev/sd[a-z][a-z] but you can give a list of devices on the -# command line +# /dev/sd[a-z] /dev/sd[a-z][a-z] /dev/nvme[0-9] /dev/nvme[0-9][0-9] but +# you can give a list of devices on the command line # -# -f to treat marginal as failed +# -f to treat all marginal conditions as failed # -m ATTRIBUTE_NAME to treat attribute as marginal +# +# -M for MegaRAID support, takes parameters of a device node on the MegaRAID +# and a list of disk IDs separated by commas, eg "-M /dev/sda,0,1,7" for +# disks 0, 1, and 7 on the MegaRAID controller that runs /dev/sda. my $summary; my $margsummary; my $detail; my $margdetail; +my $megadev; +my @ids; our $opt_f; our $opt_m; -getopts("fm:") or die; +our $opt_M; +getopts("fm:M:") or die; -if(-1 == $#ARGV) +if($opt_M) +{ + @ids = split(/,/, $opt_M); + $megadev = $ids[0]; + shift @ids; +} +else { - @ARGV = glob( "/dev/sd[a-z] /dev/sd[a-z][a-z]" ); if(-1 == $#ARGV) { -print "No devices found\n"; -exit(1); +@ids = glob( "/dev/sd[a-z] /dev/sd[a-z][a-z] /dev/nvme[0-9] /dev/nvme[0-9][0-9]" ); +if(-1 == $#ids) +{ + print "No devices found\n"; + exit(1); +} + } + else + { +@ids = @ARGV; } } -foreach my $dev (@ARGV) +foreach my $dev (@ids) { - open(SMART, "/usr/lib/mon/bin/smartctl.helper $dev|") or die "Can't run smartctl.helper"; + my $cmd; + if($opt_M) + { +$cmd = "/usr/lib/mon/bin/smartctl.helper M$megadev,$dev" + } + else + { +$cmd = "/usr/lib/mon/bin/smartctl.helper $dev"; + } + open(SMART, "$cmd|") or die "Can't run smartctl.helper"; my $header = 0; while() { -if($_ =~ /^=== START OF READ/) +if($_ =~ /^=== START OF .*SMART DATA SECTION/) { $header = 1; last; @@ -44,7 +73,7 @@ } if(not $header) { -die "Error runn