Bug#991613: DHCPv6 problem in our image: needs "-D LL" when spawning dhclient

[Thomas Goirand]

Hi Noah,

Thanks for your answer.

On 7/30/21 1:54 AM, Noah Meyerhans wrote:
> Control: severity -1 important
> 
> Please see https://www.debian.org/Bugs/Developer#severities
> 
> On Wed, Jul 28, 2021 at 05:22:43PM +0200, Thomas Goirand wrote:
>> After spawning a VM, it takes a long time to get networking (output from
>> the console):
>>
>> cloud-init[281]: Cloud-init v. 20.2 running 'init-local' at Wed, 28 Jul 2021 
>> 07:49:23 +. Up 2.98 seconds.
>> Started [0;1;39mInitial cloud-init job (pre-networking).
>> Reached target [0;1;39mNetwork (Pre).
>> Starting [0;1;39mRaise network interfaces...
>> A start job is running for Raise network interfaces (6s / 5min 1s)
>> A start job is running for Raise network interfaces (7s / 5min 1s)
>> A start job is running for Raise network interfaces (7s / 5min 1s)
>> [...]
>> A start job is running for Raise ne���ork interfaces (5min 1s / 5min 
>> 1s)
>> Failed to start Raise network interfaces.
>>
>> A systemctl status networking.service shows:
>>
>>Loaded: loaded (/lib/systemd/system/networking.service; enabled; vendor 
>> preset: enabled)
>>Active: failed (Result: timeout) since Wed 2021-07-28 07:54:23 UTC; 52min 
>> ago
>>
>> This is specific to the Debian image. We've compared with Ubuntu 21.04.
> 
> It seems specific to the OpenStack image.  Which OpenStack images are
> you testing?  The FAI-generated images or the others?

The FAI one. I am hoping to get the others stopped for Bullseye.

> 
>> Ubuntu:
>> - Initial boot:
>> 2021-07-28T11:58:50.836457+00:00 pub1-network-3 dnsmasq-dhcp[3765807]: 
>> DHCPSOLICIT(tap67fa8c3f-8d) 00:02:00:00:ab:11:11:16:f0:97:0e:c5:c9:b6
>> 2021-07-28T11:58:50.836724+00:00 pub1-network-3 dnsmasq-dhcp[3765807]: 
>> DHCPREPLY(tap67fa8c3f-8d) ::3ba 
>> 00:02:00:00:ab:11:11:16:f0:97:0e:c5:c9:b6 host---3ba
>>
>> - Server side:
>> /var/lib/neutron/dhcp/dcf25c41-9057-4bc2-8475-a2e3c5d8c662/host:fa:16:3e:63:54:8c,tag:dhcpv6,host---3ba.dc3-a.pub1.infomaniak.cloud.,[::3ba]
>> /var/lib/neutron/dhcp/dcf25c41-9057-4bc2-8475-a2e3c5d8c662/leases:1627559930 
>> 3042863103 ::3ba /host---3ba 
>> 00:02:00:00:ab:11:11:16:f0:97:0e:c5:c9:b6
>>
>> Then we do "openstack server rebuild" and get the same result.
> 
> What exactly are the semantics of "openstack server rebuild"?  Is the
> rebuilt host expected to be identical to the original?

It's the same as if you where doing "openstack server delete", then
"openstack server create", except that if you do a rebuild, the VM will
keep some of the attributes that were in the original VM: it will boot
on the same compute, will keep the same Neutron port (with same MAC),
and same IP address. With "openstack server rebuild" you can also pass a
"--image " parameter if you wish to change image.

> 
>> Debian:
>> - Intial boot:
>> 2021-07-28T11:59:15.838131+00:00 pub1-network-3 dnsmasq-dhcp[3765807]: 
>> DHCPSOLICIT(tap67fa8c3f-8d) 00:01:00:01:28:94:03:11:fa:16:3e:f1:a9:da
>> 2021-07-28T11:59:15.838369+00:00 pub1-network-3 dnsmasq-dhcp[3765807]: 
>> DHCPADVERTISE(tap67fa8c3f-8d) ::143 
>> 00:01:00:01:28:94:03:11:fa:16:3e:f1:a9:da host---143
>> 2021-07-28T11:59:16.795826+00:00 pub1-network-3 dnsmasq-dhcp[3765807]: 
>> DHCPREQUEST(tap67fa8c3f-8d) 00:01:00:01:28:94:03:11:fa:16:3e:f1:a9:da
>> 2021-07-28T11:59:16.796177+00:00 pub1-network-3 dnsmasq-dhcp[3765807]: 
>> DHCPREPLY(tap67fa8c3f-8d) ::143 
>> 00:01:00:01:28:94:03:11:fa:16:3e:f1:a9:da host---143
> 
> These logs are coming from dnsmasq, not dhclient, which isn't installed
> on the FAI-generated images, so I guess you're talking about the images
> generated from openstack-debian-images?  Do our FAI generated images
> exhibit similar symptoms in the same environment?

dnsmasq is the thing that acts as dhcp server in OpenStack, so I'm not
sure where this came from (I barely copied a redmine ticket from a
colleague, as I didn't do the investigation myself).

>> So here, we probably need to get ifupdown to use the -D LL option
>> explicitely, but I'm not sure how to do this... Does ifupdown even has
>> an option for forcing that? It doesn't seem to be the case. :/
>>
>> Any help or comment would be welcome.
> 
> A host (VM or physical) would only normally generate a DUID once, on
> initial launch.

Yes, that's correct. But when you do an "openstack server rebuild", the
VM get to do the initial launch twice...

> It shouldn't really matter which mechanism it uses to
> choose one except for the purposes of disambiguation in the event of
> interface reuse across installations.

That's exactly what's going on.

> I think we need more details on exactly what software is involved and
> exactly what issue is wrong.
The problem is IMO non-predictable/reproducible DUID which confuses
dnsmasq, probably. If there's a solution on the dnsmasq, on the
OpenStack deployment level, that'd be fine to me as well: we would just
need to document this.

Cheers,

Thomas Goirand (zigo)

Bug#989296: [RFR] libgdcm-dev/3.0.8-2 (to close #989296)

[Andreas Tille]

Hi Étienne,

thanks a lot for your work on this.  I'm explicitly putting current an
past Uploaders in the row.  It would be great if you could review the
changes to make sure we will not loose a lot of dependencies.

Kind regards

 Andreas.

On Thu, Jul 29, 2021 at 11:55:35PM +0200, Étienne Mollier wrote:
> Hello,
> 
> I pushed a couple of changes to gdcm [1], in order to address
> the important bug #989296, which ended up bumped to serious.
> I'm not 100% confident I grasped the problem at play, but with
> the window for bringing changes now closing, I'm afraid I can't
> afford spending too much more time on verifications.  I intend
> to file a (pre?) approval request to the Release Team and
> upload, maybe tomorrow or Saturday.
> 
> [1]: https://salsa.debian.org/med-team/gdcm/
> 
> I am not a cmake expert, and am not sure how to reproduce
> #989296, so I would appreciate if someone could have a seconde
> look, just to make sure that what I wrapped up was sound.
> 
> FYI, I already ran a bunch of build and autopkgtest with the
> numerous reverse build dependencies of libgdcm-dev in Testing,
> and I have not witnessed any regression.  So, I'm tempted to
> think I am on the right track.
> 
> Have a nice day,  :)
> -- 
> Étienne Mollier 
> Fingerprint:  8f91 b227 c7d6 f2b1 948c  8236 793c f67e 8f0d 11da
> Sent from /dev/pts/2, please excuse my verbosity.



-- 
http://fam-tille.de

Bug#991677: ITP: starjava-ecsv -- Parser for the metadata and data of an ECSV file

[Ole Streicher]

Package: wnpp
Owner: Ole Streicher 
Severity: wishlist
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-as...@lists.debian.org, 
debian-j...@lists.debian.org


 * Package name: starjava-ecsv
   Version : 1.0+
   Upstream Author : Mark Taylor
 * URL : https://github.com/Starlink/starjava/tree/master/ecsv
 * License : LGPL-3+
   Programming Lang: Java
   Description : Parser for the metadata and data of an ECSV file

The Enhanced Character Separated Values format was developed within
the Astropy project and is described at APE6. It is composed of a
YAML header followed by a CSV-like body, and is intended to be a
human-readable and maybe even human-writable format with rich
metadata. Most of the useful per-column and per-table metadata is
preserved when de/serializing to this format. The version supported
by this reader is currently ECSV 1.0.

The package will be maintained by the Debian Astro team. It is part of
the effort to package the Virtual Observatory Java tools from Starlink.

A git repository will be created at

https://salsa.debian.org/debian-astro-team/starjava-array

Best regards

Ole

Bug#991678: new upstream versions

[Harald Dunkel]

Package: lxc
Version: 1:4.0.6-2
Severity: wishlist

Upstream provides a new version 4.0.10 and 4.0.9LTS, see

https://discuss.linuxcontainers.org/t/lxc-4-0-10-has-been-released/11618

https://discuss.linuxcontainers.org/t/lxc-4-0-9-lts-has-been-released/10999

No build problems for 4.0.10 on Bullseye, AFAICT. 
patches/0006-lxc.pc.in-removes-\
DLOG_LIBS-which-is-not-expanded-up.patch has to be adjusted, see attachment.


Thank you very much in advance

Harri
From: =?utf-8?q?Pierre-Elliott_B=C3=A9cue?= 
Date: Mon, 5 Aug 2019 11:56:56 +0200
Subject: lxc.pc.in: removes @DLOG_LIBS@ which is not expanded upon build

---
 lxc.pc.in | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lxc.pc.in b/lxc.pc.in
index a60c701..295ad66 100644
--- a/lxc.pc.in
+++ b/lxc.pc.in
@@ -9,5 +9,5 @@ Description: linux container tools
 Version: @PACKAGE_VERSION@
 URL: http://linuxcontainers.org
 Libs: -L${libdir} -llxc -lutil -lpthread -ldl
-Libs.private: @CAP_LIBS@ @SECCOMP_LIBS@ @OPENSSL_LIBS@ @SELINUX_LIBS@ @PAM_LIBS@ @DLOG_LIBS@
+Libs.private: @CAP_LIBS@ @SECCOMP_LIBS@ @OPENSSL_LIBS@ @SELINUX_LIBS@ @PAM_LIBS@
 Cflags: -I${includedir}

Bug#991679: ITP: python-text-unidecode -- most basic Python port of the Text::Unidecode Perl library

[Carsten Schoenert]

Package: wnpp
Severity: wishlist
Owner: Carsten Schoenert 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: python-text-unidecode
  Version : 1.3
  Upstream Author : Mikhail Korobov 
* URL : https://github.com/kmike/text-unidecode/
* License : Artistic, GPL
  Programming Lang: Python
  Description : most basic Python port of the Text::Unidecode Perl library

 This library is an alternative of other Python ports of Text::Unidecode
 (unidecode and isounidecode).
 unidecode (in Debian available as python3-unidecode) is licensed under GPL;
 isounidecode uses too much memory, and it also didn’t support Python 3 when
 text-unidecode was created.

This package is an indirect dependency for the next major version of
NetBox (will be version 3) which I consider to package.

The package will get maintained within the Debian Python Team.

Bug#991613: DHCPv6 problem in our image: needs "-D LL" when spawning dhclient

[Bastian Blank]

Hi

On Wed, Jul 28, 2021 at 05:22:43PM +0200, Thomas Goirand wrote:
> - Initial boot:
> 2021-07-28T12:26:38.804683+00:00 pub1-network-3 dnsmasq-dhcp[3765807]: 
> DHCPSOLICIT(tap67fa8c3f-8d) 00:01:00:01:28:94:09:7b:fa:16:3e:f1:a9:da
> 2021-07-28T12:26:38.805023+00:00 pub1-network-3 dnsmasq-dhcp[3765807]: 
> DHCPADVERTISE(tap67fa8c3f-8d) 00:01:00:01:28:94:09:7b:fa:16:3e:f1:a9:da no 
> addresses available
> 
> - Server side:
> /var/lib/neutron/dhcp/dcf25c41-9057-4bc2-8475-a2e3c5d8c662/host:fa:16:3e:f1:a9:da,tag:dhcpv6,host---143.dc3-a.pub1.infomaniak.cloud.,[::143]
> /var/lib/neutron/dhcp/dcf25c41-9057-4bc2-8475-a2e3c5d8c662/leases:1627481056 
> 1056025050 2001:1600:10:100::143 host---143 
> 00:01:00:01:28:94:03:11:fa:16:3e:f1:a9:da

So dnsmasq is wrongly configured to take the DUID into account, even if
it does not matter for the address selection, because the address is
fixed?

> We see here that DHCPv6 fails because the DUID sent by the distro isn't the
> same as the initial build of the VM:

Well, the pending change in network machinery will scramble the DUID
anyway.  So you can't rely on it.

Bastian

-- 
Extreme feminine beauty is always disturbing.
-- Spock, "The Cloud Minders", stardate 5818.4

Bug#991680: ITP: golang-github-mailgun-multibuf -- Bytes buffer that implements seeking and partially persisting to disk

[Alois Micard]

Package: wnpp
Severity: wishlist
Owner: Aloïs Micard 

* Package name: golang-github-mailgun-multibuf
  Version : 0.0~git20150714.565402c-1
  Upstream Author : Mailgun Team
* URL : https://github.com/mailgun/multibuf
* License : Apache-2.0
  Programming Lang: Go
  Description : Bytes buffer that implements seeking and partially 
persisting to disk

 Multibuf Bytes buffer that implements seeking and partially persisting
 to disk.
 .
 Please read http://godoc.org/github.com/mailgun/multibuf

This is a dependencies of golang-github-vulcand-oxy.
Cheers,

Bug#991681: unblock: telegram-desktop/2.8.10+ds-1 (pre-approval)

[Nicholas Guriev]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: 991...@bugs.debian.org

Dear release team,

This request is for discuss the present situation with the telegram-desktop
package. On July 16, under CVE-2021-36769 were disclosed some weakness of the
MtProto implementation in Telegram Desktop before 2.8.8. So the version
currently in testing, 2.6.1, has the security issue.

I examined commits from an upstream Git repository which potentially may fix
the issue, and I found they do not apply cleanly on top of 2.6.1 version. Even
if they have applied, or if I have solved merge conflicts with them, I could
not guarantee the efficiency in light of the issue.

So I see two possible options here:

1. Update the package to the latest upstream release. That is what this request
is about. The release brings a lot of new code and many new features which we
will not be able to test carefully on tight deadlines before bullseye. We will
need to update satellite packages also, libtgowt with fresh upstream commit and
libtgvoip with no-source-change rebuild. Approximate size of debdiffes is about
20MB. You can currently view the difference in Git on salsa.d.o.

https://salsa.debian.org/debian/telegram-desktop/-/merge_requests/37
https://salsa.debian.org/debian/libtgowt/-/merge_requests/6

This type of issue is that it is better to have the fix now than not to fix at
all. If you permit the update, I will proceed and properly supplement this bug
report with complete diffes. But on the other hand...

2. We can do nothing at the moment. And fix the issue later for bookworm. And
then backport the update to bullseye and buster. Telegram team assured me the
issue is not too risky in practice and it has only theoretical interest.


[ Reason ]
Fix security issue in implementation of underlying Telegram protocol, MtProto.
CVE-2021-36769.

[ Tests ]
Not fully, only manual smoke-test has been done. The app still starts.

[ Risks ]
Complex code in leaf and related packages. The libtgowt and the libtgvoip
packages carry static libraries. Their update does not affect anything
immediately. We also need to rebuild the telegram-desktop package.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [ ] I reviewed all changes and I approve them
  [ ] attach debdiff against the package in testing


unblock telegram-desktop/2.8.10+ds-1
unblock libtgowt/0~git20210627.91d836d+dfsg-1
unblock libtgvoip/2.4.4+git20210101.13a5fcb+ds-3



signature.asc
Description: This is a digitally signed message part

Bug#991682: ITP: golang-github-segmentio-fasthash -- Go package porting the standard hashing algorithms to a more efficient implementation.

[Alois Micard]

Package: wnpp
Severity: wishlist
Owner: Aloïs Micard 

* Package name: golang-github-segmentio-fasthash
  Version : 1.0.3-1
  Upstream Author : Segment
* URL : https://github.com/segmentio/fasthash
* License : Expat
  Programming Lang: Go
  Description : Go package porting the standard hashing algorithms to a 
more efficient implementation.

This is a dependencies of golang-github-vulcand-oxy.
Cheers,

Bug#991613: DHCPv6 problem in our image: needs "-D LL" when spawning dhclient

[Thomas Goirand]

On 7/30/21 1:54 AM, Noah Meyerhans wrote:
> Control: severity -1 important
> 
> Please see https://www.debian.org/Bugs/Developer#severities

In the case where someone is using IPv6 only, and does a rebuild,
there's no connectivity at all. IMO, that's a serious case... Anyway,
let's not discuss the severity: let's try to fix it.

Cheers,

Thomas Goirand (zigo)

Bug#991627: installation-guide: expand firmware-related documentation

[Philip Hands]

Holger Wansing  writes:

...
> I would add an additional "automatically" to make more clear, that adding
> the sources.list.d file is done without user intervention:

I'd suggest saying "for you" rather than "automatically", as well as
perhaps another couple of changes to make it completely clear that one
does need to do something to make it happen:

"As of
&debian-gnu; 11.0, running the
   ^^^
isenkram-autoinstall-firmware command will do that for you by
 ^^^  ^^^
creating a dedicated file
(/etc/apt/sources.list.d/isenkram-autoinstall-firmware.list),
pointing at a generic mirror."


Cheers, Phil.
-- 
|)|  Philip Hands  [+44 (0)20 8530 9560]  HANDS.COM Ltd.
|-|  http://www.hands.com/http://ftp.uk.debian.org/
|(|  Hugo-Klemm-Strasse 34,   21075 Hamburg,GERMANY

Bug#991684: RFP: python-sphinx-panels -- A sphinx extension for creating document components optimised for HTML+CSS

[Drew Parsons]

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: debian-pyt...@lists.debian.org
Control: affects -1 src:scipy

* Package name: python-sphinx-panels
  Version : 0.6.0 
  Upstream Author : Chris Sewell 
* URL : https://github.com/executablebooks/sphinx-panels
* License : MIT
  Programming Lang: Python
  Description : A sphinx extension for creating document components 
optimised for HTML+CSS

A sphinx extension for creating document components optimised for
HTML+CSS.
- The panels directive creates panels of content in a grid layout,
utilising both the Bootstrap 4 grid system, and cards layout.
- The link-button directive creates a click-able button, linking to
a URL or reference, and can also be used to make an entire panel
click-able.
- The dropdown directive creates toggle-able content.
- The tabbed directive creates tabbed content.
- opticon and fa (fontawesome) roles allow for inline icons to be
added.

Used by latest scipy documentation.

Best maintained by the Python Team alongside other sphinx components.

Bug#991685: please add rtl_bt/rtl8761b_fw.bin and friends

[David Schmitt]

Package: firmware-realtek
Version: 20210315-3

To support the RTL8761B bluetooth chips from realtek, please add the
files as described in
https://www.raspberrypi.org/forums/viewtopic.php?t=294634 .

I can confirm that it enables the device for me.

Thanks in advance,

David

$ sha256sum /lib/firmware/rtl_bt/rtl8761b_*
~david/Downloads/20201202_mpow_BH456A_driver+for+Linux.7z
6ddeb15f23588053e00cb08d25588bd7cf98d60fa93d9478efcef4ae8064a7ac
/lib/firmware/rtl_bt/rtl8761b_config.bin
0dbb791141172660fb355db75d8015610efc725e620a2424264184159103c6aa
/lib/firmware/rtl_bt/rtl8761b_fw.bin
25de05daaecbc698504e3b87f14cf24dd6cec97551ce3f2b720f5e559919d98b
/home/david/Downloads/20201202_mpow_BH456A_driver+for+Linux.7z

Bug#991686: gnuplot: invalid utf8 input via terminal

[Łukasz Stelmach]

Package: gnuplot
Version: 5.2.6+dfsg1-1+deb10u1
Severity: normal

Dear Maintainer,

1. Start gnuplot under xterm.
2. Type or paste the command:

   print "zażółć gęślą jaźń"

3. Gnuplot improperly displays the command typed as:

   print "zażóÅÄ gÄÅlÄ jaźÅ"

   The string printed by the command is also invalid.

4. Gnuplot should display edited command and print the string as
   presented in point 2.

Possible fix:

Don't use BSD readline library which doesn't support UTF-8 as explained
in the help message of gnuplot's configure script:

  --with-readline=bsd  use the NetBSD editline library (NB: does not handle 
UTF-8!)

-- System Information:
Debian Release: 10.10
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-17-amd64 (SMP w/4 CPU cores)
Locale: LANG=pl_PL.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8), 
LANGUAGE=pl_PL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages gnuplot depends on:
ii  gnuplot-qt [gnuplot-x11]  5.2.6+dfsg1-1+deb10u1

gnuplot recommends no packages.

Versions of packages gnuplot suggests:
ii  gnuplot-doc  5.2.6+dfsg1-1+deb10u1

-- no debconf information

-- 
Miłego dnia,
Łukasz Stelmach

Bug#991685: please add rtl_bt/rtl8761b_fw.bin and friends

[David Schmitt]

Reading through the docs a bit, I realize that this request should go
to the linux-firmware.git repo instead.

Bug#991685: please add rtl_bt/rtl8761b_fw.bin and friends

[David Schmitt]

Apologies for the multiple messages. I coulda had that all in one:

Here's the commit adding the files to upstream:
https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/rtl_bt?id=7118987b2f7aff733573121607bc9640a4880296

On Fri, 30 Jul 2021 at 10:47, David Schmitt  wrote:
>
> Reading through the docs a bit, I realize that this request should go
> to the linux-firmware.git repo instead.

Bug#991687: Update xfce4-sensors-plugin to v1.4.1

[Peter Weilbacher]

Package: xfce4-sensors-plugin
Version: 1.3.0-3

According to 
https://gitlab.xfce.org/panel-plugins/xfce4-sensors-plugin/-/blob/master/NEWS 
new versions (v1.4 and now v1.4.1) of the sensors plugin have been 
released upstream. These are supposed to fix many longstanding bugs, 
including some reported against the Debian version (e.g. #851407, 
#989933, and possibly #871717).


(Don't know why but https://tracker.debian.org/pkg/xfce4-sensors-plugin 
lists v1.3.95 to be the new upstream. This is outdated already.)

Bug#989296: [RFR] libgdcm-dev/3.0.8-2 (to close #989296)

[Mathieu Malaterre]

Hi all,

I've reviewed commit 92bee7344b774b45b66185ed17b040f12fe31c43. I've
not verified it fixes the OP symptoms, but this is the right fix IMHO.

I've also reviewed cddfeab955f486fba72745b66130480dfec1a2b6 and this
is not the right fix, sorry. See #711214 for more context.

2cts

On Fri, Jul 30, 2021 at 9:17 AM Andreas Tille  wrote:
>
> Hi Étienne,
>
> thanks a lot for your work on this.  I'm explicitly putting current an
> past Uploaders in the row.  It would be great if you could review the
> changes to make sure we will not loose a lot of dependencies.
>
> Kind regards
>
>  Andreas.
>
> On Thu, Jul 29, 2021 at 11:55:35PM +0200, Étienne Mollier wrote:
> > Hello,
> >
> > I pushed a couple of changes to gdcm [1], in order to address
> > the important bug #989296, which ended up bumped to serious.
> > I'm not 100% confident I grasped the problem at play, but with
> > the window for bringing changes now closing, I'm afraid I can't
> > afford spending too much more time on verifications.  I intend
> > to file a (pre?) approval request to the Release Team and
> > upload, maybe tomorrow or Saturday.
> >
> > [1]: https://salsa.debian.org/med-team/gdcm/
> >
> > I am not a cmake expert, and am not sure how to reproduce
> > #989296, so I would appreciate if someone could have a seconde
> > look, just to make sure that what I wrapped up was sound.
> >
> > FYI, I already ran a bunch of build and autopkgtest with the
> > numerous reverse build dependencies of libgdcm-dev in Testing,
> > and I have not witnessed any regression.  So, I'm tempted to
> > think I am on the right track.
> >
> > Have a nice day,  :)
> > --
> > Étienne Mollier 
> > Fingerprint:  8f91 b227 c7d6 f2b1 948c  8236 793c f67e 8f0d 11da
> > Sent from /dev/pts/2, please excuse my verbosity.
>
>
>
> --
> http://fam-tille.de



-- 
Mathieu

Bug#991688: mention improved/added man page translations

[Helge Kreutzmann]

Package: release-notes
Severity: normal
Tags: patch

The man pages for nonenglish speaking users have been substantially
improved and extended. Please add a text along the following lines:

The documentation (man pages) for several projects like systemd, util
linux, Openssh and mutt and several languages (new or extendd), e.g. 
french, spanish, makedonain have been substantially extended and/or 
added. Please install manpages-nn (where nn is your language code) to 
benefit from the improvements. During the lifetime of bullseye backports
of further improvements / translations will be provided within the 
backports archive, possibly also new languages.

-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#920946: evilwm: Zombie process

[Ciaran Anscomb]

I think this was technically a problem with the documentation.

If you don't start evilwm in a subshell, execing your magic process makes that
evilwm's parent instead of the shell it replaced.  xclock probably doesn't
handle the SIGCHLDs when evilwm is killed (e.g. to restart).

Fixed in the documentation for evilwm-1.3.1.

..ciaran

Bug#966138: Package: connman sysvint script disables DNS lookups when resolvconf package installed

[n Xecure]

As the reply above, the solution is to convert the string into a variable
call, so that the change to /etc/default/connman can be properly processed.

Please, someone with powers, add the fix to
debian/patches/01-init-script-lsb-headers.patch
.
I would also like to request to anyone with powers to package thee fix when
you have time after the bullseye release if not sooner.

These would be the changes to said file, in case the petition is not
understood:
https://gitlab.com/nXecure/connman/-/commit/d5d43713977a5317c84b620251f3cdf2848598f2#8ec1dbece58825f4fe44c11e357d1993f9e23d81

Thanks for your time.

Bug#990861: prboom-plus: No secret found sound in Freedoom

[Fabian Greffrath]

control: tags -1 unreproducible

Hi Andrew,

Am Freitag, dem 09.07.2021 um 17:24 +0200 schrieb Andrew via Pkg-games-
devel:
> Secret found! sound only works for non-free Doom data, not Freedoom.

sorry, but I cannot reproduce this.

If prboom-plus cannot find the sfx_secret sound lump - which it won't,
because we don't ship it anymore in prboom-plus.wad - it falls back to
using the sfx_itmbk sound. This sound lump is always present in the
IWAD since Doom 1.2 and also in Freedoom.

https://github.com/coelckers/prboom-plus/blob/f5ba5a39ad596af681ed3102fed5f28cc685089c/prboom2/src/p_spec.c#L2377

In Freedoom, however, this sfx may be a bit muted and sound unfamiliar,
so is it possible you merely overheard it?

https://github.com/freedoom/freedoom/blob/master/sounds/dsitmbk.wav

Cheers,

 - Fabian



signature.asc
Description: This is a digitally signed message part

Bug#991088: librda: diff for NMU version 0.0.5-1.1

[Sebastian Ramacher]

On 2021-07-30 10:26:31, Mike Gabriel wrote:
> Hi Sebastien,
> 
> On  Mo 26 Jul 2021 22:56:52 CEST, Sebastian Ramacher wrote:
> 
> > Control: tags 991088 + patch
> > Control: tags 991088 + pending
> > 
> > Dear maintainer,
> > 
> > I've prepared an NMU for librda (versioned as 0.0.5-1.1) and
> > uploaded it to DELAYED/2. Please feel free to tell me if I
> > should delay it longer.
> > 
> > Cheers
> > --
> > Sebastian Ramacher
> 
> thanks for handling the NMU during my vacation. I have now updated the
> package's Git repo and incorporated your NMU into Git log and tags.
> 
> I assume you have already unblocked your own upload?

It's not yet unblocked, but I will request an unblock from one of the
other release team members.

Cheers

> 
> Thanks!
> Mike
> -- 
> 
> DAS-NETZWERKTEAM
> c\o Technik- und ?kologiezentrum Eckernf?rde
> Mike Gabriel, Marienthaler Str. 17, 24340 Eckernf?rde
> mobile: +49 (1520) 1976 148
> landline: +49 (4351) 850 8940
> 
> GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
> mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de
> 



-- 
Sebastian Ramacher

Bug#991692: ITP: python-promise -- Implementation of Promises in Python

[Carsten Schoenert]

Package: wnpp
Severity: wishlist
Owner: Carsten Schoenert 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: python-promise
  Version : 2.3.0
  Upstream Author : Syrus Akbary 
* URL : https://github.com/syrusakbary/promise
* License : MIT
  Programming Lang: Python
  Description : Implementation of Promises in Python

 It is a super set of Promises/A+ designed to have readable, performant code
 and to provide just the extensions that are absolutely necessary for using
 promises in Python.
 Its fully compatible with the Promises/A+ spec.

This package is an indirect dependency for the next major version of
NetBox (will be version 3) which I consider to package.

The package will get maintained within the Debian Python Team.

Bug#991688: mention improved/added man page translations

[Joost van Baal-Ilić]

Hi,

Helge: thanks!

On Fri, Jul 30, 2021 at 12:17:15PM +0200, Helge Kreutzmann wrote:
> Package: release-notes
> Severity: normal
> Tags: patch
> 
> The man pages for nonenglish speaking users have been substantially
> improved and extended. Please add a text along the following lines:
> 
> The documentation (man pages) for several projects like systemd, util
> linux, Openssh and mutt and several languages (new or extendd), e.g. 
> french, spanish, makedonain have been substantially extended and/or 
> added. Please install manpages-nn (where nn is your language code) to 
> benefit from the improvements. During the lifetime of bullseye backports
> of further improvements / translations will be provided within the 
> backports archive, possibly also new languages.

I'd propose:

The manual pages for several packages like systemd, util-linux, openssh and
mutt in several languages like French, Spanish and Macedonian have been
substantially improved. Please install manpages-nn (where nn is your preferred
natural language code) to enjoy this.

HTH, Bye,

Joost

Bug#991627: installation-guide: expand firmware-related documentation

[Cyril Brulebois]

Holger Wansing  (2021-07-30):
> Don't know, if I am better in this respect, but here we go :-)

Thanks. :)

> Regarding the mentioning of "black screen":
> I seem to remember that there were also reports, that people had a garbled
> display instead of a black screen, so we should way something like
> 
> "In some cases, a successful installation can still end up in a black
> screen or garbled display when rebooting into the installed system. If that 
> happens, some
> workarounds can be tried to log in anyway"

You're absolutely right, I was so meaning to reproduce the black screen
thing that I completely forgot about that other possibility! Adjusted
both 2.2 and 6.4 to mention this other failure mode.

> -
> 
> "Once logged in into the installed system, it is possible to automate
> the detection of missing firmware, and to perform the require steps to
> enable them following this procedure:"
> 
> require -> required

Embarrassing typo, thanks for catching it.

> -
> 
> "
>   Pass the nomodeset option on the kernel
>   command line. This might help boot in a fallback
>   graphics mode."
> 
> boot in > booting into (?)

Oh, I think I meant “failsafe” here rather than “fallback”. Now I'm not
sure which version I prefer… I'll keep the wording you reviewed; but I'm
happy if others want to switch later on.


A few searches around the web seems to show that “into” is more popular
than “in” in this context, so I'll take that suggestion.

As for boot→booting, I'm seeing this:

help [sb] do [sth],
help [sb] to do [sth]

so I think I'll keep “help boot into” in the end (but happy to hear
about native speakers, not sure it's worth looping d-l-e@ in for this).


I've also taken your other suggestion/other mail into account.


New branch → pu/firmware-v2; probably best reviewed with something like
this:

git fetch
git diff --word-diff origin/pu/firmware-v1..origin/pu/firmware-v2


I think I'll wait a little (a few hours) in case someone else wants to
chime in, but I'll probably upload this shortly (this European evening).
I'm assuming the l10n robot will update the po files once I've pushed
this to master?

Thanks!


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#991697: ITP: golang-github-mailgun-ttlmap -- In memory dictionary with TTLs

[Alois Micard]

Package: wnpp
Severity: wishlist
Owner: Aloïs Micard 

* Package name: golang-github-mailgun-ttlmap
  Version : 0.0~git20170619.c1c17f7-1
  Upstream Author : Mailgun Team
* URL : https://github.com/mailgun/ttlmap
* License : Apache-2.0
  Programming Lang: Go
  Description : In memory dictionary with TTLs

This is a dependency of golang-github-vulcand-oxy.
Cheers,

Bug#991699: ITP: golang-github-mailgun-minheap -- Slightly more user-friendly heap on top of containers/heap

[Alois Micard]

Package: wnpp
Severity: wishlist
Owner: Aloïs Micard 

* Package name: golang-github-mailgun-minheap
  Version : 0.0~git20170619.3dbe6c6-1
  Upstream Author : Mailgun Team
* URL : https://github.com/mailgun/minheap
* License : Apache-2.0
  Programming Lang: Go
  Description : Slightly more user-friendly heap on top of containers/heap

This is a dependency of golang-github-mailgun-ttlmap.
Cheers,

Bug#991627: installation-guide: expand firmware-related documentation

[Holger Wansing]

Hi,

Cyril Brulebois  wrote (Fri, 30 Jul 2021 03:44:44 +0200):
> pu/firmware-v1 exists now.
> 
> > I'm not very used to best practices when it comes to end-user doc in
> > general and to the installation-guide package in general, so I'd be
> > happy for other to build on those suggested changes, and amend/reword
> > as required!
> 
> That's still true!

Don't know, if I am better in this respect, but here we go :-)
(also, not a native english speaker here)


Regarding the mentioning of "black screen":
I seem to remember that there were also reports, that people had a garbled
display instead of a black screen, so we should way something like

"In some cases, a successful installation can still end up in a black
screen or garbled display when rebooting into the installed system. If that 
happens, some
workarounds can be tried to log in anyway"

-

"Once logged in into the installed system, it is possible to automate
the detection of missing firmware, and to perform the require steps to
enable them following this procedure:"

require -> required

-

"
  Pass the nomodeset option on the kernel
  command line. This might help boot in a fallback
  graphics mode."

boot in > booting into (?)



Holger


-- 
Holger Wansing 
PGP-Fingerprint: 496A C6E8 1442 4B34 8508  3529 59F1 87CA 156E B076

Bug#991691: Possible CVE-2014-5461 in grub2

[Colin Watson]

Control: tag -1 upstream

On Fri, Jul 30, 2021 at 02:35:58PM +0400, Movses Tovmasyan wrote:
> grub2 uses the obsolete version of minilua
> (single-file port of Lua) which has CVE-2014-5461
> Patch attached below.

The upstream repository for this is
https://git.savannah.gnu.org/cgit/grub-extras.git, and this doesn't seem
to be fixed there.  Could you please send a patch to grub-de...@gnu.org
for review (as a proper textual git patch, not a screenshot of a patch)?
We can then cherry-pick it from there.

I've merged the various bugs that you filed against different versions
and binary packages of the Debian grub2 source package.  We only need
one bug report for this.

Thanks,

-- 
Colin Watson (he/him)  [cjwat...@debian.org]

Bug#991688: mention improved/added man page translations

[Justin B Rye]

Helge Kreutzmann wrote:
> The man pages for nonenglish speaking users have been substantially
> improved and extended. Please add a text along the following lines:
> 

Presumably as a subheading under 2.2 "What's new in the
distribution?", though I think those items might work better if we
moved "2.2.8. Kernel support for exFAT" and any further additions such
as this one to be above "2.2.7. News from Debian Med Blend", which
almost deserves a separate section 2.3 of its own.

> The documentation (man pages) for several projects like systemd, util
> linux, Openssh and mutt and several languages (new or extendd), e.g.
> french, spanish, makedonain have been substantially extended and/or 
> added.

The man pages... for these projects... and languages... have been
extended?   Now you've got me imagining man pages for languages.

  The documentation in man page format for several projects such as
  systemd, util-linux, OpenSSH, and Mutt has received added or
  extended translations for a number of languages, including French,
  Spanish, and Macedonian.

> Please install manpages-nn (where nn is your language code) to 
> benefit from the improvements. During the lifetime of bullseye backports
> of further improvements / translations will be provided within the 
> backports archive, possibly also new languages.

I don't think we can use -nn as a meaningless metasyntactic variable,
(it's the code for Nynorsk), but -xx is free.  I'm going to lazily
assume that we can't use  markup on
something that isn't really a packagename.

   To benefit from these improvements please
  install manpages-xx (where xx is your language code). During the
  lifetime of bullseye, further added or improved translations will be
  provided via the backports archive, possibly along with new languages.

Oh, hang on, here comes another version...

Joost van Baal-Ilić wrote 
< The manual pages for several packages like systemd, util-linux, openssh and
< mutt in several languages like French, Spanish and Macedonian have been
< substantially improved. Please install manpages-nn (where nn is your
< preferred natural language code) to enjoy this.

Reapplying some of those suggested changes:

  The manual pages for several projects such as systemd, util-linux,
  OpenSSH, and Mutt in a number of languages, including French, Spanish,
  and Macedonian, have been substantially improved. To benefit from
  this, please install manpages-xx (where xx is the code for your
  preferred natural language).

(I'm avoiding calling openssh a package.)

This version's short enough that we might consider including it in the
introductory section for 2.2 "What's new in the distribution?"...
-- 
JBR with qualifications in linguistics, experience as a Debian
sysadmin, and probably no clue about this particular package

Bug#991627: installation-guide: expand firmware-related documentation

[Holger Wansing]

Hi,

Holger Wansing  wrote (Fri, 30 Jul 2021 09:11:13 +0200):
> > > I'm not very used to best practices when it comes to end-user doc in
> > > general and to the installation-guide package in general, so I'd be
> > > happy for other to build on those suggested changes, and amend/reword
> > > as required!
> > 
> > That's still true!
> 
> Don't know, if I am better in this respect, but here we go :-)

I forgot this one:


"Installing firmware packages is very likely to require enabling the
non-free section of the package archive. As of
&debian-gnu; 11.0, the
isenkram-autoinstall-firmware command does that by
creating a dedicated file
(/etc/apt/sources.list.d/isenkram-autoinstall-firmware.list),
pointing at a generic mirror."


I would add an additional "automatically" to make more clear, that adding
the sources.list.d file is done without user intervention:

"As of
&debian-gnu; 11.0, the
isenkram-autoinstall-firmware command does that 
automatically by
   ^
creating a dedicated file
(/etc/apt/sources.list.d/isenkram-autoinstall-firmware.list),
pointing at a generic mirror."


-

And regarding your comment 
>  - Documenting what isenkram-autoinstall-firmware does means we should
>check what happens for each major release, to keep up with the
>current implementation. Doing that once every two years doesn't seem
>unreasonable though.

Maybe we can add a 'what-to-check-before-next-stable-release' file for the
installation-guide somewhere, to make sure this does not get forgotten ...

I think there is such doc somewhere for other artefacts of releasing d-i?



Holger



-- 
Holger Wansing 
PGP-Fingerprint: 496A C6E8 1442 4B34 8508  3529 59F1 87CA 156E B076

Bug#991700: node-websocket-driver: lots of failures when running upstream tests

[Jérémy Lal]

Package: node-websocket-driver
Version: 0.3.5-1.1
Severity: serious
Justification: Policy 2.2.1

This package does have a test suite, however its test runner
is not available in debian (jstest).

However, i installed jstest manually, patched it to avoid trivial
errors in jstest itself, and was able to run the test suite.

I attach the results: 10 failures, which gives a software that is
probably not suitable for release.

Jérémy


-- System Information:
Debian Release: 11.0
  APT prefers testing-security
  APT policy: (500, 'testing-security'), (500, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-8-amd64 (SMP w/4 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages node-websocket-driver depends on:
ii  nodejs  12.21.0~dfsg-5

node-websocket-driver recommends no packages.

node-websocket-driver suggests no packages.


test.log
Description: Binary data

Bug#991701: unblock: python-a38/0.1.3-2

[Elena ``of Valhalla'']

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package python-a38

[ Reason ]
The attached debdiff provides a fix for bug
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991648 , a test suite
failure caused by an expired certificate that causes an FTBFS.

Upstream fixed this by updating the certificate used by the tests, but
as in this context a certificate with no expiration wouldn't work they
also added code to let the tests be skipped when even that certificate
expires.

Since backporting that patch resulted in an unwieldy debdiff, I opted to
just skip the affected tests in the resulting package.

Both upstream and me are sure that this is purely a broken test issue,
and not a hint of a problem in the code.

[ Tests ]
[ Risks ]
The change only affects the unit tests of the package, and won't change
the behaviour of the library.

The only risk I can see is that this would make the automated tests less
effective at detecting potential future breakage, but I'd expect that to
happen in testing rather than stable, and I intend to upload a version
that re-enables the tests (by using the upstream fix) as soon as
development for bookworm starts.

[ Checklist ]
  [✓] all changes are documented in the d/changelog
  [✓] I reviewed all changes and I approve them
  [✓] attach debdiff against the package in testing

[ Other info ]
thanks in advance

unblock python-a38/0.1.3-2
diff -Nru python-a38-0.1.3/debian/changelog python-a38-0.1.3/debian/changelog
--- python-a38-0.1.3/debian/changelog   2020-12-18 11:44:31.0 +0100
+++ python-a38-0.1.3/debian/changelog   2021-07-30 12:01:58.0 +0200
@@ -1,3 +1,9 @@
+python-a38 (0.1.3-2) unstable; urgency=medium
+
+  * Skip tests that fail because of an expired certificate. (Closes: #991648)
+
+ -- Elena Grandi   Fri, 30 Jul 2021 12:01:58 +0200
+
 python-a38 (0.1.3-1) unstable; urgency=medium
 
   [ Ondřej Nový ]
diff -Nru 
python-a38-0.1.3/debian/patches/0001-Skip-tests-that-fail-because-of-an-expired-certifica.patch
 
python-a38-0.1.3/debian/patches/0001-Skip-tests-that-fail-because-of-an-expired-certifica.patch
--- 
python-a38-0.1.3/debian/patches/0001-Skip-tests-that-fail-because-of-an-expired-certifica.patch
 1970-01-01 01:00:00.0 +0100
+++ 
python-a38-0.1.3/debian/patches/0001-Skip-tests-that-fail-because-of-an-expired-certifica.patch
 2021-07-30 12:01:58.0 +0200
@@ -0,0 +1,30 @@
+From: Elena Grandi 
+Date: Fri, 30 Jul 2021 12:00:27 +0200
+Forwarded: not-needed
+Subject: Skip tests that fail because of an expired certificate.
+
+---
+ tests/test_p7m.py | 6 --
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/tests/test_p7m.py b/tests/test_p7m.py
+index e955bd4..fe982e7 100644
+--- a/tests/test_p7m.py
 b/tests/test_p7m.py
+@@ -1,4 +1,4 @@
+-from unittest import TestCase
++from unittest import TestCase, skip
+ import tempfile
+ from contextlib import contextmanager
+ import os
+@@ -39,7 +39,9 @@ WGPH+t5X7ZMMERXn8Z/2LTYWuj9w1+WeieY=
+ 
+ CA_CERT_HASH = "af603d58.0"
+ 
+-
++# The following tests are failing because of an expired certificate, and
++# a certificate with no expiration wouldn't work in this context.
++@skip("certificate expired")
+ class TestAnagrafica(TestCase):
+ @contextmanager
+ def capath(self):
diff -Nru python-a38-0.1.3/debian/patches/series 
python-a38-0.1.3/debian/patches/series
--- python-a38-0.1.3/debian/patches/series  1970-01-01 01:00:00.0 
+0100
+++ python-a38-0.1.3/debian/patches/series  2021-07-30 12:01:58.0 
+0200
@@ -0,0 +1 @@
+0001-Skip-tests-that-fail-because-of-an-expired-certifica.patch

Bug#991451: redis breaks python-fakeredis autopkgtest: AssertionError

[Jochen Sprickerhof]

Control: reassign -1 python-fakeredis
Control: affects -1 redis
Control: forwarded -1 https://github.com/jamesls/fakeredis/pull/303

I've proposed a fix upstream and will upload to Debian later today.

Cheers Jochen


signature.asc
Description: PGP signature

Bug#991688: mention improved/added man page translations

[Helge Kreutzmann]

Hello Joost,
On Fri, Jul 30, 2021 at 12:46:17PM +0200, Joost van Baal-Ilić wrote:
> Helge: thanks!
> 
> On Fri, Jul 30, 2021 at 12:17:15PM +0200, Helge Kreutzmann wrote:
> > Package: release-notes
> > Severity: normal
> > Tags: patch
> > 
> > The man pages for nonenglish speaking users have been substantially
> > improved and extended. Please add a text along the following lines:
> > 
> > The documentation (man pages) for several projects like systemd, util
> > linux, Openssh and mutt and several languages (new or extendd), e.g. 
> > french, spanish, makedonain have been substantially extended and/or 
> > added. Please install manpages-nn (where nn is your language code) to 
> > benefit from the improvements. During the lifetime of bullseye backports
> > of further improvements / translations will be provided within the 
> > backports archive, possibly also new languages.
> 
> I'd propose:
> 
> The manual pages for several packages like systemd, util-linux, openssh and
> mutt in several languages like French, Spanish and Macedonian have been
> substantially improved. Please install manpages-nn (where nn is your preferred
> natural language code) to enjoy this.

I'm fine with the update, thanks for reviewieng and proposing the
improvement.

Greetings

   Helge

-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#991702: kate: Regression in Ruby indentation in Bullseye

[jaroslav]

Package: kate
Version: 4:20.12.2-1
Severity: normal
X-Debbugs-Cc: jaros...@thinline.cz

Dear Maintainer,

after upgrading from Buster to Bullseye, Kate text editor's behaviour
regarding Ruby indentation changed with significant regression

The bug can be reproduced like this (correct behaviour first):

- open new document, switch its indentation to Ruby
- type

if v =~ /re/i

- cursor correctly indents one tab to the right. All subsequent lines 
are
indented as well until you type "end", which is immediatelly and 
automatically

de-indented:

if v =~ /re/i
statement
end

- same example but with the regexp being case-sensitive, ie. no "i" at 
the end


if v =~ /re/

- cursor indents two tabs to the right, my guess would be the indenter 
doesn't
consider that regexp to be complete (expecting at least one more 
letter).

Next line is de-indented to a single tab indentation, which is correct,
but indentation in most of the code after such block does not work 
correctly.

Final code looks like this:

if v =~ /re/
statement
statement
end

The following is more elaborate example of indentation errors caused by 
this
regression. All indentation shown is done by the editor, nothing is 
adjusted

manually:

statement =~ /re/

begin
if v =~ /re/
statement
statement
end
rescue
statement
end


The following is the correct behaviour observed when the regexp
is case-insensitive (again, no manual indentation adjustment):

statement =~ /re/i

begin
if v =~ /re/i
statement
statement
end
rescue
statement
end

I tried to find out the code responsible for this. Kate version in 
Buster had

a package kate-data containing indentation scripts, notably

/usr/share/kde4/apps/katepart/script/indentation/ruby.js

But I am unsure if that was actually in use. Trying to put that file
(and its dependencies found by looking at require statements in the 
script)

into ~/.local/share/katepart5/script/indentation as documented in

https://docs.kde.org/stable5/en/kate/katepart/dev-scripting.html

broke Ruby indentation altogether (no automated indentation was taking 
place)


I haven't been able to figure out where the indentation-related code
is stored now, so I wasn't able to try to fix this myself.

Any help or advice would be appreciated
Thanks


-- System Information:
Debian Release: 11.0
  APT prefers testing-security
  APT policy: (500, 'testing-security'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-7-amd64 (SMP w/8 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE 
not set

Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages kate depends on:
ii  kate5-data   4:20.12.2-1
ii  kio  5.78.0-5
ii  ktexteditor-katepart 5.78.0-3
ii  libc62.31-13
ii  libkf5bookmarks5 5.78.0-2
ii  libkf5completion55.78.0-3
ii  libkf5configcore55.78.0-4
ii  libkf5configgui5 5.78.0-4
ii  libkf5configwidgets5 5.78.0-2
ii  libkf5coreaddons55.78.0-4
ii  libkf5crash5 5.78.0-3
ii  libkf5dbusaddons55.78.0-2
ii  libkf5guiaddons5 5.78.0-3
ii  libkf5i18n5  5.78.0-2
ii  libkf5iconthemes55.78.0-2
ii  libkf5jobwidgets55.78.0-2
ii  libkf5kiocore5   5.78.0-5
ii  libkf5kiofilewidgets55.78.0-5
ii  libkf5kiogui55.78.0-5
ii  libkf5kiowidgets55.78.0-5
ii  libkf5newstuff5  5.78.0-4
ii  libkf5parts5 5.78.0-3
ii  libkf5plasma55.78.0-3
ii  libkf5service-bin5.78.0-2
ii  libkf5service5   5.78.0-2
ii  libkf5syntaxhighlighting55.78.0-2
ii  libkf5texteditor55.78.0-3
ii  libkf5textwidgets5   5.78.0-2
ii  libkf5threadweaver5  5.78.0-2
ii  libkf5wallet-bin 5.78.0-2
ii  libkf5wallet55.78.0-2
ii  libkf5widgetsaddons5 5.78.0-2
ii  libkf5windowsystem5  5.78.0-2
ii  libkf5xmlgui55.78.0-2
ii  libkuserfeedbackcore11.0.0-3
ii  libkuserfeedbackwidgets1 1.0.0-3
ii  libqt5core5a 5.15.2+dfsg-9
ii  libqt5dbus5  5.15.2+dfsg-9
ii  libqt5gui5   5.15.2+dfsg-9
ii  libqt5sql5   5.15.2+dfsg-9
ii  libqt5widgets5   5.15

Bug#991688: mention improved/added man page translations

[Helge Kreutzmann]

Hello Justin,
On Fri, Jul 30, 2021 at 12:27:25PM +0100, Justin B Rye wrote:
> Helge Kreutzmann wrote:
> > The man pages for nonenglish speaking users have been substantially
> > improved and extended. Please add a text along the following lines:
> > 
> 
> Presumably as a subheading under 2.2 "What's new in the
> distribution?", though I think those items might work better if we
> moved "2.2.8. Kernel support for exFAT" and any further additions such
> as this one to be above "2.2.7. News from Debian Med Blend", which
> almost deserves a separate section 2.3 of its own.
> 
> > The documentation (man pages) for several projects like systemd, util
> > linux, Openssh and mutt and several languages (new or extendd), e.g.
> > french, spanish, makedonain have been substantially extended and/or 
> > added.
> 
> The man pages... for these projects... and languages... have been
> extended?   Now you've got me imagining man pages for languages.

Yes, this is not perfectly worded, thanks for spotting and improving.

>   The documentation in man page format for several projects such as
>   systemd, util-linux, OpenSSH, and Mutt has received added or
>   extended translations for a number of languages, including French,
>   Spanish, and Macedonian.
> 
> > Please install manpages-nn (where nn is your language code) to 
> > benefit from the improvements. During the lifetime of bullseye backports
> > of further improvements / translations will be provided within the 
> > backports archive, possibly also new languages.
> 
> I don't think we can use -nn as a meaningless metasyntactic variable,
> (it's the code for Nynorsk), but -xx is free.  I'm going to lazily
> assume that we can't use  markup on
> something that isn't really a packagename.

I thought "xx" had some uninteded side meaning, that's why I chose
"nn", which does not work correctly either. If this is no problem,
please do use "xx"

>To benefit from these improvements please
>   install manpages-xx (where xx is your language code). During the
>   lifetime of bullseye, further added or improved translations will be
>   provided via the backports archive, possibly along with new languages.
> 
> Oh, hang on, here comes another version...
> 
> Joost van Baal-Ilić wrote 
> < The manual pages for several packages like systemd, util-linux, openssh and
> < mutt in several languages like French, Spanish and Macedonian have been
> < substantially improved. Please install manpages-nn (where nn is your
> < preferred natural language code) to enjoy this.
> 
> Reapplying some of those suggested changes:
> 
>   The manual pages for several projects such as systemd, util-linux,
>   OpenSSH, and Mutt in a number of languages, including French, Spanish,
>   and Macedonian, have been substantially improved. To benefit from
>   this, please install manpages-xx (where xx is the code for your
>   preferred natural language).
> 
> (I'm avoiding calling openssh a package.)
> 
> This version's short enough that we might consider including it in the
> introductory section for 2.2 "What's new in the distribution?"...

I'm fine with the update, even though it misses the fact that I did
(for buster) and will be (for bullseye) provide updates as translators
translate more pages and paragraphs.

Greetings

   Helge

-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#991703: unblock: openjdk-11/11.0.12+7-2

[Matthias Klose]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-CC: secur...@debian.org

Please unblock openjdk-11, the next openjdk-11 security release. That could be
done as a security update as well, the unblock would just avoid that extra work.

The only packaging change is to mark the early-access version in the Debian
package versions, which is a no-op for the final release build.

The debdiff is a bit large, I put it at
https://people.debian.org/~doko/tmp/openjdk.debdiff.xz

openjdk-11 (11.0.12+7-2) unstable; urgency=high

  * OpenJDK 11.0.12+7 build (release).
  * Security fixes:
- JDK-8256157: Improve bytecode assembly.
- JDK-8256491: Better HTTP transport.
- JDK-8258432, CVE-2021-2341: Improve file transfers.
- JDK-8260453: Improve Font Bounding.
- JDK-8260960: Signs of jarsigner signing.
- JDK-8260967, CVE-2021-2369: Better jar file validation.
- JDK-8262380: Enhance XML processing passes.
- JDK-8262403: Enhanced data transfer.
- JDK-8262410: Enhanced rules for zones.
- JDK-8262477: Enhance String Conclusions.
- JDK-8262967: Improve Zip file support.
- JDK-8264066, CVE-2021-2388: Enhance compiler validation.
- JDK-8264079: Improve abstractions.
- JDK-8264460: Improve NTLM support.
  * Encode the early-access status into the package version. LP: #1934895.

 -- Matthias Klose   Wed, 21 Jul 2021 09:03:54 +0200

openjdk-11 (11.0.12+6-1) unstable; urgency=medium

  * OpenJDK 11.0.12+6 build (early access).

 -- Matthias Klose   Wed, 07 Jul 2021 12:00:44 +0200

openjdk-11 (11.0.12+4-1) unstable; urgency=medium

  * OpenJDK 11.0.12+4 build (early access).
  * Don't apply the m68k-support patch, needs an update.

 -- Matthias Klose   Thu, 27 May 2021 11:37:31 +0200

Bug#991704: lazarus-ide-qt5-2.0: lazarus-qt5 does not depend on lcl-qt5

[Hannah Rittich]

Package: lazarus-ide-qt5-2.0
Version: 2.0.10+dfsg-4+b2
Severity: normal
X-Debbugs-Cc: v...@rittich.net

On a fresh install of Bullseye, installing lazarus-ide-qt5 does not
install lcl-qt5. Starting Lazarus und trying to execute a new GUI
project fails with a linker error ("cannot find -lQt5Pas"). Installing
the package lcl-qt5 allows for a proper compilation. For a better
usability, the Qt version of Lazarus should depend on lcl-qt5.

-- System Information:
Debian Release: 11.0
  APT prefers testing-security
  APT policy: (500, 'testing-security'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-8-amd64 (SMP w/1 CPU thread)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages lazarus-ide-qt5-2.0 depends on:
ii  lazarus-ide-2.0  2.0.10+dfsg-4+b2
ii  libc62.31-13
ii  libqt5pas1   2.6+2.0.8+dfsg-2
ii  libx11-6 2:1.7.1-1

Versions of packages lazarus-ide-qt5-2.0 recommends:
ii  gdb  10.1-1.7
ii  lcl-2.0  2.0.10+dfsg-4+b2

Versions of packages lazarus-ide-qt5-2.0 suggests:
ii  fp-utils-3.2.0 [fp-utils]  3.2.0+dfsg-12

-- no debconf information

Bug#991703: unblock: openjdk-11/11.0.12+7-2

[Moritz Mühlenhoff]

Am Fri, Jul 30, 2021 at 02:41:35PM +0200 schrieb Matthias Klose:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> X-Debbugs-CC: secur...@debian.org
> 
> Please unblock openjdk-11, the next openjdk-11 security release.

And for context: openjdk-11 also follows the upstream releases within
buster-security already, so moving this to testing will also fix the
current situation where stable has a higher version than testing.

Cheers,
 Moritz

Bug#679650: I got it too

[Pierre Couderc]

And spend too much time on it.

It is only that there is a limit of size on the file  I wanted to send 
(or on the server...?).


A small message to say at least that there is a problem would be better 
that the full silence...


Or better, that there is a problem on THIS  file...

Bug#991705: exiv2: CVE-2021-31291

[Salvatore Bonaccorso]

Source: exiv2
Version: 0.27.3-3
Severity: important
Tags: security upstream
Forwarded: https://github.com/Exiv2/exiv2/issues/1529
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for exiv2.

CVE-2021-31291[0]:
| A heap-based buffer overflow vulnerability in jp2image.cpp of Exiv2
| 0.27.3 allows attackers to cause a denial of service (DOS) via crafted
| metadata.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-31291
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31291
[1] https://github.com/Exiv2/exiv2/issues/1529

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#991706: exiv2: CVE-2021-31292

[Salvatore Bonaccorso]

Source: exiv2
Version: 0.27.3-3
Severity: important
Tags: security upstream
Forwarded: https://github.com/Exiv2/exiv2/issues/1530
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for exiv2.

CVE-2021-31292[0]:
| An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows
| attackers to trigger a heap-based buffer overflow and cause a denial
| of service (DOS) via crafted metadata.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-31292
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31292
[1] https://github.com/Exiv2/exiv2/issues/1530

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#991707: unblock: nodejs/12.22.4~dfsg-1

[Jérémy Lal]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: secur...@debian.org

Please unblock package nodejs

[ Reason ]
Debian security team plans to upload nodejs security updates "as-is",
at least while upstream still maintain nodejs 12.x. This is what was
done in Buster.

Latest security update is 12.22.4 (severity high).
I did not try to get nodejs > 12.21.0 into bullseye up until now
because upstream changes were essentially not concerning the debian package.

However the 12.22.4 release has many v8 fixes, and a security fix (high).


[ Impact ]
If not in Bullseye, it will require users to download nodejs a second time
just after installation, through security updates.
So it will postpone any issue post-release.


[ Tests ]
Usual thorough upstream test suite + all dependents packages tests.

[ Risks ]
Low, but when considering the regressions i saw false positives:
- node-chokidar seems to have a flaky test
- node-esquery, node-caniuse-api, node-browserslist suites fail on their own,
  for an unrelated problem
- node-websocket-driver was already broken, probably for a long time.
  I opened #991700 and will ask its removal from testing.

Also an undocumented internal api has been deprecated, and old modules trying
accessing it will now print a warning (process.binding('http_parser')).
Only node-websocket-driver is actually using it...
A code search shows node-http-signature, node-fastcgi are using it in their
test suites, but it doesn't pose any problem.
https://codesearch.debian.net/search?q=process%5C.binding%5C%28%5B%27%22%5Dhttp_parser%5B%27%22%5D%5C%29&literal=0

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]
debdiff is without deps/cares (not used), deps/openssl (not used), test/*, 
benchmark/*, tools/msvs/*.
Still waiting for armhf test results when writing this request.

unblock nodejs/12.22.4~dfsg-1
diff -Nru --exclude '*.md' --exclude '*.html' --exclude '*.json' --exclude 
'*.ts' nodejs-12.21.0~dfsg/common.gypi nodejs-12.22.4~dfsg/common.gypi
--- nodejs-12.21.0~dfsg/common.gypi 2021-02-23 03:58:04.0 +0100
+++ nodejs-12.22.4~dfsg/common.gypi 2021-07-29 12:35:21.0 +0200
@@ -34,7 +34,7 @@
 
 # Reset this number to 0 on major V8 upgrades.
 # Increment by one for each non-official patch applied to deps/v8.
-'v8_embedder_string': '-node.45',
+'v8_embedder_string': '-node.56',
 
 # V8 defaults for Node.js #
 
diff -Nru --exclude '*.md' --exclude '*.html' --exclude '*.json' --exclude 
'*.ts' nodejs-12.21.0~dfsg/debian/changelog nodejs-12.22.4~dfsg/debian/changelog
--- nodejs-12.21.0~dfsg/debian/changelog2021-07-03 20:50:29.0 
+0200
+++ nodejs-12.22.4~dfsg/debian/changelog2021-07-30 01:02:46.0 
+0200
@@ -1,3 +1,12 @@
+nodejs (12.22.4~dfsg-1) unstable; urgency=medium
+
+  * New upstream version 12.22.4~dfsg
+Fixed vulnerabilities:
++ CVE-2021-22930: Use after free on close http2
+  on stream canceling (High)
+
+ -- Jérémy Lal   Fri, 30 Jul 2021 01:02:46 +0200
+
 nodejs (12.21.0~dfsg-5) unstable; urgency=medium
 
   * Patch uvwasi.gyp to honour --shared-libuv. Closes: #990569.
diff -Nru --exclude '*.md' --exclude '*.html' --exclude '*.json' --exclude 
'*.ts' nodejs-12.21.0~dfsg/deps/cjs-module-lexer/lexer.js 
nodejs-12.22.4~dfsg/deps/cjs-module-lexer/lexer.js
--- nodejs-12.21.0~dfsg/deps/cjs-module-lexer/lexer.js  2021-02-23 
03:58:04.0 +0100
+++ nodejs-12.22.4~dfsg/deps/cjs-module-lexer/lexer.js  2021-07-29 
12:35:21.0 +0200
@@ -37,8 +37,6 @@
 const ExportAssign = 1;
 const ExportStar = 2;
 
-const strictReserved = new Set(['implements', 'interface', 'let', 'package', 
'private', 'protected', 'public', 'static', 'yield', 'enum']);
-
 function parseCJS (source, name = '@') {
   resetState();
   try {
@@ -49,14 +47,39 @@
 e.loc = pos;
 throw e;
   }
-  const result = { exports: [..._exports].filter(expt => 
!unsafeGetters.has(expt)), reexports: [...reexports] };
+  const result = { exports: [..._exports].filter(expt => expt !== undefined && 
!unsafeGetters.has(expt)), reexports: [...reexports].filter(reexpt => reexpt 
!== undefined) };
   resetState();
   return result;
 }
 
-function addExport (name) {
-  if (!strictReserved.has(name))
-_exports.add(name);
+function decode (str) {
+  if (str[0] === '"' || str[0] === '\'') {
+try {
+  const decoded = (0, eval)(str);
+  // Filter to exclude non-matching UTF-16 surrogate strings
+  for (let i = 0; i < decoded.length; i++) {
+const surrogatePrefix = decoded.charCodeAt(i) & 0xFC00;
+if (surrogatePrefix < 0xD800) {
+  // Not a surrogate
+  continue;
+}
+else if (surrogatePrefix === 0xD800) {
+  // Validate surrogate pair
+  if ((decoded.charCodeAt(++i) & 0xFC00) 

Bug#991688: mention improved/added man page translations

[Joost van Baal-Ilić]

Hi again Helge,

On Fri, Jul 30, 2021 at 02:39:02PM +0200, Helge Kreutzmann wrote:
> On Fri, Jul 30, 2021 at 12:27:25PM +0100, Justin B Rye wrote:
> > Helge Kreutzmann wrote:

> > 
> > > Please install manpages-nn (where nn is your language code) to 
> > > benefit from the improvements. During the lifetime of bullseye backports
> > > of further improvements / translations will be provided within the 
> > > backports archive, possibly also new languages.

> > Reapplying some of those suggested changes:
> > 
> >   The manual pages for several projects such as systemd, util-linux,
> >   OpenSSH, and Mutt in a number of languages, including French, Spanish,
> >   and Macedonian, have been substantially improved. To benefit from
> >   this, please install manpages-xx (where xx is the code for your
> >   preferred natural language).
> > 
> > (I'm avoiding calling openssh a package.)
> > 
> > This version's short enough that we might consider including it in the
> > introductory section for 2.2 "What's new in the distribution?"...
> 
> I'm fine with the update, even though it misses the fact that I did
> (for buster) and will be (for bullseye) provide updates as translators
> translate more pages and paragraphs.

You mean via backports?  Yes, I suggested dropping that: I'm not quite sure we
should suggest that in the release notes since it's not strictly part of the
release.  Or maybe something could get added somewhere else?

Bye,

Joost

Bug#991703: unblock: openjdk-11/11.0.12+7-2

[Paul Gevers]

Hi Emmanuel,

On 30-07-2021 14:41, Matthias Klose wrote:
> Please unblock openjdk-11, the next openjdk-11 security release. That could be
> done as a security update as well, the unblock would just avoid that extra 
> work.
> 
> The only packaging change is to mark the early-access version in the Debian
> package versions, which is a no-op for the final release build.

Matthias is asking for an unblock of openjdk-11, but it breaks
openjdk-11-jre-dcevm. Are you in the position to fix this soon?

As I understand it, this version is a release version. I would have
expected from you that you're on top of this and that you would have
uploaded openjdk-11-jre-dcevm already. Otherwise I'm not sure if it
makes sense to ship openjdk-11-jre-dcevm in a stable release anyways,
because it will constantly be broken by newer versions of openjdk-11. Or
am I misunderstanding the situation?

Paul



OpenPGP_signature
Description: OpenPGP digital signature

Bug#991683: libasound2-plugins: version 1.2.2-dmo2 >> no sound

[alain-michel]

Package: libasound2-plugins
Version: 1.2.2-dmo2
Severity: grave
Tags: newcomer
Justification: renders package unusable
X-Debbugs-Cc: alain-michel.porta...@laposte.net

Dear Maintainer,

the sound had been missing for a few days. After a little research another
person had solved the pb by downgrading libasound2-plugins to version 1.2.2-2
instead of 1.2.2-dmo2.

I did the same and found the sound.



-- System Information:
Debian Release: 11.0
  APT prefers testing-security
  APT policy: (500, 'testing-security'), (500, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-8-amd64 (SMP w/4 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not
set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libasound2-plugins depends on:
ii  libasound21.2.4-1.1
ii  libavcodec58  10:4.4-dmo4
ii  libavresample410:4.4-dmo4
ii  libavutil56   10:4.4-dmo4
ii  libc6 2.31-13
ii  libjack-jackd2-0 [libjack-0.125]  1.9.17~dfsg-1
ii  libpulse0 14.2-2
ii  libsamplerate00.2.1+ds0-1

libasound2-plugins recommends no packages.

libasound2-plugins suggests no packages.

Bug#991708: RM: node-websocket-driver/0.3.5-1.1 -- RC-buggy, ROM

[Jérémy Lal]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: rm
X-Debbugs-Cc: 991...@bugs.debian.org

This package is too buggy. See #991700 for details.

Reverse deps and build-deps: node-faye-websocket

Reverse deps and build-deps of node-faye-websocket: none

Do i need to RM node-faye-websocket too ?

Jérémy

Bug#991683: [Pkg-alsa-devel] Bug#991683: libasound2-plugins: version 1.2.2-dmo2 >> no sound

[Elimar Riesebieter]

Hi Alain Michel

* alain-michel  [2021-07-30 11:32 +0200]:

> Package: libasound2-plugins
> Version: 1.2.2-dmo2

This package isn't maintained by the official Debian maintainers.
Bugs popped up from deb-multimedia.org have to be filed to the
dmo.changes mailing list [0].

[0] https://deb-multimedia.org/faq#q5

Bug closed hereby.

Elimar
-- 
  Experience is something you don't get until
  just after you need it!

Bug#982459: mdadm --examine in chroot without /proc,/dev,/sys mounted corrupts host's filesystem

[Felix Lechner]

Hi,

On Tue, Jul 13, 2021 at 12:42 AM Judit Foglszinger  wrote:
>
> tried again but still fail to reproduce

Thanks for trying to reproduce this bug! I am not sure it makes any
difference either way, but I recently uploaded upstream's new release
candidate 4.2~rc1 to experimental:

https://packages.debian.org/source/experimental/mdadm

Kind regards
Felix Lechner

Bug#887828: needrestart: Possible false positive on postifx and wazuh-agent running in LXC container

[Matthias Förste]

Hi,

On Sat, 10 Feb 2018 15:56:14 +0100 Thomas Liske  wrote:
> 
> 
> Hi,
> 
> 
> Chris  writes:
> > Yes, it seems most processes of postfix are chrooted by default in
> > Debian Stretch (plain install of Postfix via apt-get install postfix):
> 
> I did install a vanilla Debian Stretch VM, setup an LXC container inside
> (using Stretch again) and installed postfix inside the
> container. Running needrestart inside of the container does *not*
> detect any false positives on postfix. So it seems that your setup has
> something special...
> 
> On which linux distri and kernel are you running your LXC container?
> From the kernel string it seems to be proxmox, isn't it?
> 
> I assume  there is something special in /proc/$PID/maps or the
> /proc/$PID/map_files/$MADDR links are missing which are used by
> needrestart. As fallback needrestart looks for /proc/$PID/root/$FILENAME
> which fails for chrooted processes.
> 
> 

It appears i have some similar issue inside a systemd-nspawn container
running buster on a host running buster as well. No proxmox/lxc
involved.

# strace -e lstat,stat -s1024 stat 
/proc/6314/map_files/556995da1000-556995dc5000
lstat("/proc/6314/map_files/556995da1000-556995dc5000", 
{st_mode=S_IFLNK|0400, st_size=64, ...}) = 0
  File: /proc/6314/map_files/556995da1000-556995dc5000 -> 
/usr/lib/dovecot/imap
  Size: 64  Blocks: 0  IO Block: 1024   symbolic link
Device: 32h/50d Inode: 3693525 Links: 1
Access: (0400/lr)  Uid: (0/root)   Gid: (0/root)
Access: 2021-07-30 08:25:26.120210107 +0200
Modify: 2021-07-30 08:24:50.492904140 +0200
Change: 2021-07-30 08:24:50.492904140 +0200
 Birth: -
+++ exited with 0 +++

but:

# strace -e stat -s1024 needrestart -v 2>&1|grep -F 
556995da1000-556995dc5000
stat("/proc/6314/map_files/556995da1000-556995dc5000", 0x563265c23478) = -1 
EPERM (Operation not permitted)

So the stat executable is using lstat on the symlink. The naive quick
fix attempt

# diff -u {/usr/sbin,.}/needrestart
--- /usr/sbin/needrestart   2019-05-24 11:56:40.0 +0200
+++ ./needrestart   2021-07-30 10:26:18.302473557 +0200
@@ -507,7 +507,7 @@
$maddr =~ s/^0+([^-])/$1/;
$maddr =~ s/-0+(.)/-$1/;
my @paths = ("/proc/$pid/map_files/$maddr", 
"/proc/$pid/root/$path");
-   my ($testp) = grep { -e $_; } @paths;
+   my ($testp) = grep { warn $_; -e $_ || -l $_; } 
@paths;
unless($testp) {
unless($path =~ m@^(/var)?/tmp/@ ||
   $path =~ m@^(/var)?/run/@ ||

didn't work because the elements of @testp are stated again at line
524 (and failing there). I'd like to see this fixed one way or another
but don't have time to deal with it right now. What do you think?

> Regards,
> Thomas
> 
> 
> 
> Needrestart looks for any executable mapped files
> 
> > /usr/share/postfix/master.cf.dist used/installed by
> > /var/lib/dpkg/info/postfix/postfix.postinst is e.g. chrooting the
> > mentioned process:
> >
> > pickupunix  n   -   y   60  1   pickup
> >
> >> Could you please post:
> >> stat /usr/lib/postfix/sbin/pickup
> >
> > Sure:
> >
> >   File: /usr/lib/postfix/sbin/pickup
> >   Size: 14408   Blocks: 32 IO Block: 4096   regular file
> > Device: 715h/1813d  Inode: 142070  Links: 1
> > Access: (0755/-rwxr-xr-x)  Uid: (0/root)   Gid: (0/root)
> > Access: 2018-02-08 01:06:13.281395346 +
> > Modify: 2017-09-27 04:56:28.0 +
> > Change: 2018-01-26 14:10:42.474783916 +
> >  Birth: -
> >
> >> stat /proc/25460/root/usr/lib/postfix/sbin/pickup
> >
> > the PIDs have changed here and are now:
> >
> > [main] #4262 uses non-existing /usr/lib/postfix/sbin/pickup
> > [main] #4262 is a child of #478
> >
> > stat: cannot stat '/proc/4262/root/usr/lib/postfix/sbin/pickup': No such
> > file or directory

-- 
  Matthias Förste

  gnupg encrypted messages are welcome - key ID: 0F51DA21
  gnupg fingerprint: 590C 5DF1 C3B8 D072 555B  54F5 9363 2C80 0F51 DA21

  internet & unix support
  Heiko Schlittermann
  Tannenstraße 2 - 01099 Dresden
  Web: http://www.schlittermann.de/
  Tel.: +49 351 8029981
  Fax:  +49 351 8029983


signature.asc
Description: PGP signature

Bug#991709: unblock: python-defaults/2.7.18-3

[Piotr Ożarowski]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package python-defaults
(just uploaded, so needs few more days but hopefully it will make it
into Bullseye)

[ Reason ]
pyclean and pycomile scripts (and debpython module stripped down to
code needed by mentioned scripts) were accidentally removed in 2.7.18-1
from python2-minimal package. There's a fallback code in maintainer
scripts (in python-foo packages) so nobody noticed for almost a year but
fortunately Jakub Wilk pinged us about the problem.

[ Impact ]
We're almost done with removing Python 2.X stack, but these scripts are
still used and cover few more cases than the fallback code. At least
pyclean will be used a lot while removing old packages.


unblock python-defaults/2.7.18-3


diff -Nru python-defaults-2.7.18/debian/changelog 
python-defaults-2.7.18/debian/changelog
--- python-defaults-2.7.18/debian/changelog 2020-08-04 10:22:34.0 
+0200
+++ python-defaults-2.7.18/debian/changelog 2021-07-28 13:17:06.0 
+0200
@@ -1,3 +1,9 @@
+python-defaults (2.7.18-3) unstable; urgency=medium
+
+  * Install pycompile and pyclean accidentally removed in -1
+
+ -- Piotr Ożarowski   Wed, 28 Jul 2021 13:17:06 +0200
+
 python-defaults (2.7.18-2) unstable; urgency=medium
 
   * Don't ship a duplicate README.Debian in python2-doc. Closes: #966823.
diff -Nru python-defaults-2.7.18/debian/rules 
python-defaults-2.7.18/debian/rules
--- python-defaults-2.7.18/debian/rules 2020-08-04 10:20:50.0 +0200
+++ python-defaults-2.7.18/debian/rules 2021-07-28 13:16:09.0 +0200
@@ -112,6 +112,7 @@
dh_testroot
 #  dh_installdirs -ppython usr/share/doc/python
dh_install
+   DESTDIR=debian/python2-minimal PREFIX=/usr make install-runtime
 
touch stamp-install
 


signature.asc
Description: PGP signature

Bug#991683: libasound2-plugins: version 1.2.2-dmo2 >> no sound

[Christian Marillat]

On 30 juil. 2021 11:32, alain-michel  wrote:

> Package: libasound2-plugins
> Version: 1.2.2-dmo2
> Severity: grave
> Tags: newcomer
> Justification: renders package unusable
> X-Debbugs-Cc: alain-michel.porta...@laposte.net
>
> Dear Maintainer,
>
> the sound had been missing for a few days. After a little research another
> person had solved the pb by downgrading libasound2-plugins to version 1.2.2-2
> instead of 1.2.2-dmo2.

This bug has been fixed in 1.2.2-dmo4

Christian

Bug#991668: A learn-emacs-in-moments doc

[Karl O. Pinc]

Hi,

As long a your messing about with the documentation
attached is a 1 page (or 2 if you want to keep reading)
doc on getting started with emacs.  If you feel it would
be helpful to include (somewhere), please do.

I'll license it in the public domain, or gplv3, or whatever
you think might get it into the most visible place/package.

I'd be happy to redo in RST (or docbook v5) to support
multiple formats.

Feedback on content is also welcome.

Regards,

Karl 
Free Software:  "You don't pay back, you pay forward."
 -- Robert A. Heinlein


emacs_explained
Description: Binary data

Bug#991088: librda: diff for NMU version 0.0.5-1.1

[Mike Gabriel]

Hi Sebastien,

On  Mo 26 Jul 2021 22:56:52 CEST, Sebastian Ramacher wrote:


Control: tags 991088 + patch
Control: tags 991088 + pending

Dear maintainer,

I've prepared an NMU for librda (versioned as 0.0.5-1.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.

Cheers
--
Sebastian Ramacher


thanks for handling the NMU during my vacation. I have now updated the  
package's Git repo and incorporated your NMU into Git log and tags.


I assume you have already unblocked your own upload?

Thanks!
Mike
--

DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de



pgp0SxyygFwtO.pgp
Description: Digitale PGP-Signatur

Bug#991710: asterisk: CVE-2021-32558

[Salvatore Bonaccorso]

Source: asterisk
Version: 1:16.16.1~dfsg-1
Severity: important
Tags: security upstream
Forwarded: https://issues.asterisk.org/jira/browse/ASTERISK-29392
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for asterisk.

CVE-2021-32558[0]:
| An issue was discovered in Sangoma Asterisk 13.x before 13.38.3, 16.x
| before 16.19.1, 17.x before 17.9.4, and 18.x before 18.5.1, and
| Certified Asterisk before 16.8-cert10. If the IAX2 channel driver
| receives a packet that contains an unsupported media format, a crash
| can occur.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-32558
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32558
[1] https://issues.asterisk.org/jira/browse/ASTERISK-29392
[2] https://downloads.asterisk.org/pub/security/AST-2021-008.html

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#991711: sendmail-bin: sendmail service causes a long boot time

[Bohdan Horbeshko]

Package: sendmail-bin
Version: 8.15.2-22
Severity: normal

Dear Maintainer,

it delays the system load, or just waits for something, for circa 2 minutes.

Here's the journalctl log:

июл 30 15:53:05 localhost systemd[1]: Starting LSB: powerful, efficient, and 
scalable Mail Transport Agent...
июл 30 15:53:49 localhost su[3645]: (to smmsp) root on none
июл 30 15:53:52 localhost su[3645]: pam_unix(su:session): session opened for 
user smmsp(uid=139) by (uid=0)
июл 30 15:54:53 localhost.localdomain sm-mta[4080]: error: 
safesasl(/usr/lib/x86_64-linux-gnu/sasl2/Sendmail.conf) failed: Group writable 
directory
июл 30 15:54:54 localhost.localdomain sm-mta[4080]: error: 
safesasl(/usr/lib/sasl2/Sendmail.conf) failed: Group writable directory
июл 30 15:54:54 localhost.localdomain sm-mta[4080]: error: 
safesasl(/usr/lib/x86_64-linux-gnu/sasl2/libanonymous.so) failed: Group 
writable directory
июл 30 15:54:54 localhost.localdomain sm-mta[4080]: error: 
safesasl(/usr/lib/x86_64-linux-gnu/sasl2/libsasldb.so) failed: Group writable 
directory
июл 30 15:54:54 localhost.localdomain sm-mta[4080]: error: 
safesasl(/usr/lib/x86_64-linux-gnu/sasl2/libdigestmd5.so) failed: Group 
writable directory
июл 30 15:54:54 localhost.localdomain sm-mta[4080]: error: 
safesasl(/usr/lib/x86_64-linux-gnu/sasl2/libcrammd5.so) failed: Group writable 
directory
июл 30 15:54:54 localhost.localdomain sm-mta[4080]: error: 
safesasl(/usr/lib/x86_64-linux-gnu/sasl2/libntlm.so) failed: Group writable 
directory
июл 30 15:54:54 localhost.localdomain sm-mta[4080]: error: 
safesasl(/usr/lib/x86_64-linux-gnu/sasl2/liblogin.so) failed: Group writable 
directory
июл 30 15:54:54 localhost.localdomain sm-mta[4080]: error: 
safesasl(/usr/lib/x86_64-linux-gnu/sasl2/libplain.so) failed: Group writable 
directory
июл 30 15:54:54 localhost.localdomain sm-mta[4087]: starting daemon (8.15.2): 
SMTP+queueing@00:10:00
июл 30 15:55:08 localhost.localdomain sendmail[3467]: Starting Mail Transport 
Agent (MTA): sendmail.
июл 30 15:55:08 localhost.localdomain systemd[1]: Started LSB: powerful, 
efficient, and scalable Mail Transport Agent.

Before, it also had such lines after a minute of delay:

июл 30 15:34:57 localhost.localdomain sm-mta[3564]: 
gethostbyaddr(192.168.43.237) failed: 1
июл 30 15:34:57 localhost.localdomain sm-mta[3564]: gethostbyaddr(10.0.3.1) 
failed: 1

so I thought it's a culprit and added those IPs to /etc/hosts, but it didn't 
help: the lines are gone, but the service start time is still too long.

Do I need sendmail at all, if I don't run a mail server on my system, and the 
only mail there is that coming from the package manager? Should I maybe just 
delete it, or replace with something lighter?


-- Package-specific info:
Output of /usr/share/bug/sendmail-bin/script:

ls -alR /etc/mail:
/etc/mail:
total 364
drwxr-sr-x   7 smmta smmsp  4096 May 16 21:30 .
drwxr-xr-x 293 root  root  20480 Jul 30 17:29 ..
-rwxr-xr--   1 root  smmsp 10035 May 16 21:30 Makefile
-rw---   1 root  root   4261 May 16 21:30 access
-rw-r-   1 smmta smmsp 12288 May 16 21:30 access.db
-rw-r--r--   1 root  root281 Jul 26  2015 address.resolve
lrwxrwxrwx   1 root  smmsp10 Aug  7  2015 aliases -> ../aliases
-rw-r-   1 smmta smmsp 12288 May 16 21:30 aliases.db
-rw-r--r--   1 root  root   3242 May 16 21:30 databases
-rw-r--r--   1 root  root   5659 Jul 26  2015 helpfile
-rw-r--r--   1 root  smmsp20 Aug  7  2015 local-host-names
drwxr-sr-x   2 smmta smmsp  4096 Aug  7  2015 m4
drwxr-xr-x   2 root  root   4096 May 16 21:09 peers
drwxr-xr-x   2 root  smmsp  4096 Jul 26  2015 sasl
-rw-r--r--   1 root  smmsp 65138 May 16 21:30 sendmail.cf
-rw-r--r--   1 root  root  65140 May 16 21:29 sendmail.cf.old
-rw-r--r--   1 root  root  12235 May 16 21:30 sendmail.conf
-rw-r--r--   1 root  smmsp  4212 May 16 21:30 sendmail.mc
-rw-r--r--   1 root  root148 Jan 14  2018 service.switch
-rw-r--r--   1 root  root179 Jan 14  2018 service.switch-nodns
drwxr-sr-x   2 smmta smmsp  4096 Jun 17  2020 smrsh
-rw-r--r--   1 root  smmsp 44524 May 16 21:30 submit.cf
-rw-r--r--   1 root  root  44526 May 16 21:29 submit.cf.old
-rw-r--r--   1 root  smmsp  2374 May 16 21:30 submit.mc
drwxr-xr-x   2 smmta smmsp  4096 Aug  7  2015 tls
-rw-r--r--   1 root  smmsp 0 Aug  7  2015 trusted-users

/etc/mail/m4:
total 8
drwxr-sr-x 2 smmta smmsp 4096 Aug  7  2015 .
drwxr-sr-x 7 smmta smmsp 4096 May 16 21:30 ..
-rw-r- 1 root  smmsp0 Aug  7  2015 dialup.m4
-rw-r- 1 root  smmsp0 Aug  7  2015 provider.m4

/etc/mail/peers:
total 12
drwxr-xr-x 2 root  root  4096 May 16 21:09 .
drwxr-sr-x 7 smmta smmsp 4096 May 16 21:30 ..
-rw-r--r-- 1 root  root   328 Jul 26  2015 provider

/etc/mail/sasl:
total 8
drwxr-xr-x 2 root  smmsp 4096 Jul 26  2015 .
drwxr-sr-x 7 smmta smmsp 4096 May 16 21:30 ..

/etc/mail/smrsh:
total 8
drwxr-sr-x 2 smmta smmsp 4096 Jun 17  2020 .
drwxr-sr-x 7 smmta smmsp 4096 May 16 21:30 ..
lrwxrwxrwx 1 root  smmsp   32 Jun 17  2020 mail.local -> 
/usr/libexec/sendma

Bug#991712: Intel wifi card "Killer Wi-Fi 6 AX1650 (2x2)" in new Dell XPS 15 doesn't work on bullseye's instaleld kernel

[Julien Wajsberg]

Package: linux-image-5.10.0-8-amd64
Version: 5.10.46-2
Severity: important

Hi,

I just successfully installed the latest version of Debian testing bullseye
on a brand new Dell XPS 15, but I got some issues with the integrated WiFi
card. Of course I installed the non-free firmware.

The Linux image package is linux-image-5.10.0-8-amd64, version 5.10.46-2.

Here is the log (grepped for iwlwifi):

[   14.352938] iwlwifi :00:14.3: enabling device ( -> 0002)
[   14.358907] iwlwifi: No config found for PCI dev 43f0/1651,
rev=0x354, rfid=0x10a100
[   14.368948] iwlwifi: probe of :00:14.3 failed with error -22


Then I tried to install the latest kernel version (5.13.6), I built it and
installed, and now the WiFi card works just fine ! Here is the log of the
working kernel:

[   67.899239] iwlwifi :00:14.3: enabling device ( -> 0002)
[   67.901544] iwlwifi :00:14.3: Direct firmware load for
iwlwifi-QuZ-a0-hr-b0-63.ucode failed with error -2
[   67.903867] iwlwifi :00:14.3: api flags index 2 larger than
supported by driver
[   67.904108] iwlwifi :00:14.3: TLV_FW_FSEQ_VERSION: FSEQ Version:
89.3.35.37
[   67.904350] iwlwifi :00:14.3: loaded firmware version 62.49eeb572.0
QuZ-a0-hr-b0-62.ucode op_mode iwlmvm
[   67.916597] iwlwifi :00:14.3: Detected Intel(R) Wi-Fi 6 AX203,
REV=0x354
[   68.104800] iwlwifi :00:14.3: base HW address: 4c:79:6e:d9:d7:c1
[   68.649015] iwlwifi :00:14.3 wlp0s20f3: renamed from wlan0

According to Dell, it's supposed to be "Killer Wi-Fi 6 AX1650 (2x2)" but it
looks like the linux kernel doesn't agree.

While looking at this problem, I found some strange issues.

It looks like that that the lines for this device were in the kernel but
were removed in [1]. I believe that v5.10 includes this change. Could a
simple fix be as simple as adding these lines back? I'l not understanding
this change properly.

[1]
https://lore.kernel.org/r/iwlwifi.20200424194456.ec0e04102d2c.Ia36f2c7bbf06cb6436424d40d6adb2376f2962ee@changeid

It would be great that the next Debian supports this new Dell machine
better!
Please ask any more information if needed.

Thanks!

-- 
Julien

Bug#991627: installation-guide: expand firmware-related documentation

[Holger Wansing]

Hi,

Cyril Brulebois  wrote (Fri, 30 Jul 2021 13:07:41 +0200):
> I think I'll wait a little (a few hours) in case someone else wants to
> chime in, but I'll probably upload this shortly (this European evening).
> I'm assuming the l10n robot will update the po files once I've pushed
> this to master?

Correct.


Holger


-- 
Holger Wansing 
PGP-Fingerprint: 496A C6E8 1442 4B34 8508  3529 59F1 87CA 156E B076

Bug#991713: ITP: twitter-bootstrap-icons -- SVG icon library for Bootstrap HTML Framework

[Daniel Baumann]

Package: wnpp

  * Package name : twitter-bootstrap-icons
  * License : MIT
  * Homepage : https://github.com/twbs/icons/

(the following is copied from the website, not the actual package
description to be used)

Free, high quality, open source icon library with over 1,300 icons.
Include them anyway you like—SVGs, SVG sprite, or web fonts. Use them
with or without Bootstrap in any project.

Regards,
Daniel

Bug#991714: linux-image-5.10.0-8-arm64: RPi 4 (8 GB) - CPU stuck in highest speed

[Jan Huijsmans]

Package: src:linux
Version: 5.10.46-3
Severity: critical
Justification: breaks the whole system

Dear Maintainer,

Looking into the instability of my RPi 4 (8GB) showed the CPU constantly
in the highest clock setting with a load of 0 and 99.5%+ idle state.

The instability was 1st discovered after updates in januari, but unable
to get researched until now. (so no clue which kernel version triggered
it, I expect a 5.x kernel, as on 4.9 it was stable)

I tried setting the default govenour (performance, tad optimistic for an arm)
to ondemand, powersave and schedutil and install cpufreqd, but cpufreqd
reports no cpufreq support.

The CPU reports to be full-time in the highest speed. Only way to limit
the highest speed is to set arm_freq in /boot/firmware/config.txt to a
lower max cpu freq. (testing with 1000 now)

Running fulltime at 1500 MHz causes the device to crash several times a
day. (housing is very hot)

I expected the CPU to run in the lowest speed most of the time, as it's
almost fulltime idle. Somehow the kernel doesn't use the governor setting.

The issue is not seen on my RPi3 systems (same kernel, same config, gouvenour
defaults to schedutil there), so I'd guess it's either an RPi4 or specifically
a specific RPi 4 8 GB issue.


-- Package-specific info:
** Version:
Linux version 5.10.0-8-arm64 (debian-ker...@lists.debian.org) (gcc-10 (Debian 
10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2) #1 SMP 
Debian 5.10.46-3 (2021-07-28)

** Command line:
video=HDMI-A-1:1280x1024M@60 dma.dmachans=0x37f5 bcm2709.boardrev=0xd03114 
bcm2709.serial=0x5e78c29f bcm2709.uart_clock=4800 bcm2709.disk_led_gpio=42 
bcm2709.disk_led_active_low=0 smsc95xx.macaddr=DC:A6:32:B8:7F:26 
vc_mem.mem_base=0x3ec0 vc_mem.mem_size=0x4000  console=tty0 
console=ttyS1,115200 root=/dev/sda1 rw fsck.repair=yes net.ifnames=0  rootwait

** Tainted: C (1024)
 * staging driver was loaded

** Kernel log:
[   22.247985] mc: Linux media interface: v0.10
[   22.260008] bcm2835_audio bcm2835_audio: card created with 8 channels
[   22.313119] videodev: Linux video capture interface: v2.00
[   22.328566] brcmfmac: brcmf_fw_alloc_request: using brcm/brcmfmac43455-sdio 
for chip BCM4345/6
[   22.330090] usbcore: registered new interface driver brcmfmac
[   22.357834] debugfs: Directory 'fef00700.hdmi' with parent 'vc4-hdmi-0' 
already present!
[   22.359215] brcmfmac mmc0:0001:1: firmware: direct-loading firmware 
brcm/brcmfmac43455-sdio.bin
[   22.362740] cryptd: max_cpu_qlen set to 1000
[   22.364355] brcmfmac mmc0:0001:1: firmware: direct-loading firmware 
brcm/brcmfmac43455-sdio.raspberrypi,4-model-b.txt
[   22.368338] vc4-drm gpu: bound fef00700.hdmi (ops vc4_hdmi_ops [vc4])
[   22.368822] debugfs: Directory 'fef05700.hdmi' with parent 'vc4-hdmi-1' 
already present!
[   22.373047] vc4-drm gpu: bound fef05700.hdmi (ops vc4_hdmi_ops [vc4])
[   22.373234] vc4-drm gpu: bound fe40.hvs (ops vc4_hvs_ops [vc4])
[   22.373552] vc4-drm gpu: bound fe004000.txp (ops vc4_txp_ops [vc4])
[   22.373680] vc4-drm gpu: bound fe206000.pixelvalve (ops vc4_crtc_ops [vc4])
[   22.373784] vc4-drm gpu: bound fe207000.pixelvalve (ops vc4_crtc_ops [vc4])
[   22.373889] vc4-drm gpu: bound fe20a000.pixelvalve (ops vc4_crtc_ops [vc4])
[   22.373962] vc4-drm gpu: bound fe216000.pixelvalve (ops vc4_crtc_ops [vc4])
[   22.374258] checking generic (3e6c7000 50) vs hw (0 )
[   22.374264] fb0: switching to vc4drmfb from simple
[   22.375966] Console: switching to colour dummy device 80x25
[   22.380163] bcm2835_mmal_vchiq: module is from the staging directory, the 
quality is unknown, you have been warned.
[   22.405236] bcm2835_v4l2: module is from the staging directory, the quality 
is unknown, you have been warned.
[   22.411921] [drm] Initialized vc4 0.0.0 20140616 for gpu on minor 0
[   22.498091] Adding 8388948k swap on /dev/sda2.  Priority:-2 extents:1 
across:8388948k FS
[   22.498288] Console: switching to colour frame buffer device 160x64
[   22.530659] vc4-drm gpu: [drm] fb0: vc4drmfb frame buffer device
[   22.533470] brcmfmac: brcmf_fw_alloc_request: using brcm/brcmfmac43455-sdio 
for chip BCM4345/6
[   22.534245] brcmfmac mmc0:0001:1: firmware: direct-loading firmware 
brcm/brcmfmac43455-sdio.clm_blob
[   22.539177] brcmfmac: brcmf_c_preinit_dcmds: Firmware: BCM4345/6 wl0: Sep 18 
2020 02:27:58 version 7.45.221 (3a6d3a0 CY) FWID 01-bbd9282b
[   22.756347] Bluetooth: Core ver 2.22
[   22.756479] NET: Registered protocol family 31
[   22.756484] Bluetooth: HCI device and connection manager initialized
[   22.756799] Bluetooth: HCI socket layer initialized
[   22.756811] Bluetooth: L2CAP socket layer initialized
[   22.756839] Bluetooth: SCO socket layer initialized
[   22.796142] Bluetooth: HCI UART driver ver 2.3
[   22.796159] Bluetooth: HCI UART protocol H4 registered
[   22.796255] Bluetooth: HCI UART protocol LL registered
[   22.796259] Bluetooth: HCI UART protocol ATH3K registered
[   22.796309] Bluetoot

Bug#991273: acng: for testing dist fails to download by-hash translations

[Václav Ovsík]

Hello,

On Mon, Jul 26, 2021 at 02:49:22PM +0200, Eduard Bloch wrote:
> Hallo,
> * Václav Ovsík [Mon, Jul 19 2021, 03:05:39PM]:
> > Package: apt-cacher-ng
> > Version: 3.3.1-2~bpo10+1
> > Severity: normal
> 
> That's an ancient version in backports. Sorry for not having updated
> this for a long time.

I am very sorry, but the problem is not in acng :-(.
Please, excuse me.
I have done upgrade of the host debian.i.cz with acng to Bullseye with
Apt-Cacher-NG/3.6.4, but the problem remains.
I have done some further investigations and the problem is in the Checkpoint
firewall of our organization :-/.


> …
> >  zito@ser1:~/admin$ curl --head 
> > http://debian.i.cz:/debian/dists/bullseye/non-free/i18n/by-hash/SHA256/1719a3a7f5c969d9780aec600763314a8b55aaaed3016a76fa9a7a020c1e584c
> >  HTTP/1.1 200 OK
> >  Content-Length: 50436
> >  Last-Modified: Tue, 15 Jun 2021 01:57:32 GMT
> 
> This looks very wrong and indicates a file truncation in the cache. I
> suggest to go to the admin webpage and run a cleanup operation
> (Expiration task, with "check sizes and checksums" and "consider
> incomplete files as damaged" checkboxes checked).

No truncated, but exchanged with other file (and yes, maybe truncated)!
The problem is with HTTP pipelining.

 bobekpc:~# file 
/var/lib/apt/lists/partial/ftp.debian.cz_debian_dists_sid_main_i18n_Translation-en.bz2.FAILED
 
/var/lib/apt/lists/partial/ftp.debian.cz_debian_dists_sid_main_i18n_Translation-en.bz2.FAILED:
 gzip compressed data, max compression, from Unix, original size modulo 2^32 
4212331769
 bobekpc:~# zcat 
/var/lib/apt/lists/partial/ftp.debian.cz_debian_dists_sid_main_i18n_Translation-en.bz2.FAILED|head
 bin/afioutils/afio
 bin/bashshells/bash
 bin/bash-static shells/bash-static
 bin/brltty  admin/brltty
 bin/bsd-csh shells/csh
 bin/btrfs   admin/btrfs-progs
 bin/btrfs-convert   admin/btrfs-progs
 bin/btrfs-find-root admin/btrfs-progs
 bin/btrfs-image admin/btrfs-progs
 bin/btrfs-map-logical   admin/btrfs-progs

This is Contents file, not Translations… (gzip/bzip2…)

Workarounds:
* move to https transport (Checkpoint FW can't inspect it)
* apt -o Acquire::http::Pipeline-Depth=0  update


I hope this report can help someone else with Checkpoint FW in his Internet
connection path with HTTP inspection turned on…

Excuse me, sorry for the effort you had with this report :-(
Regards
-- 
Zito

Bug#988096: sorry this is not a bug

[Wolfgang Heilemann]

Dear maintainer,

I just realised, that this is not a bug. If you take a look at the
screenshot in my original post, you'll see that renaming did not change
the timestamps. So luckybackup kept the "newer" files as I choose in my
config.

So I'm sorry. This is not a bug. I have to reconsider my backup strategy :)

Best regards
Wolfgang

Bug#991715: screen: zombie child

[Vincent Lefevre]

Package: screen
Version: 4.6.2-3+deb10u1
Severity: normal

I had a screen window with a shell (zsh) and quit the shell. The
window was closed as expected, but after 20 minutes, there is still
a zombie child:

joooj:~> ps -wwfp 21983,22111
UIDPID  PPID  C STIME TTY  TIME CMD
vinc17   21983 1  0 18:16 ?00:00:00 SCREEN -c 
/srv/d_joooj/home/vinc17/.screenrc-mutt -T screen-256color-bce-s -dRR mutt -t 
mutt /srv/d_joooj/home/vinc17/bin/smutt --
vinc17   22111 21983  0 18:16 ?00:00:00 [zsh] 

-- System Information:
Debian Release: 10.10
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-debug'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-17-amd64 (SMP w/1 CPU core)
Locale: LANG=POSIX, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=POSIX 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages screen depends on:
ii  libc6 2.28-10
ii  libpam0g  1.3.1-5
ii  libtinfo6 6.1+20181013-2+deb10u2
ii  libutempter0  1.1.6-3

screen recommends no packages.

Versions of packages screen suggests:
pn  byobu | screenie | iselect  
pn  ncurses-term

-- no debconf information

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Bug#960645: Fixed upstream?

[Ari Pollak]

In Firefox 88.0.1-1, this seems to work great under GNOME Shell and
https://meet.jit.si for both single windows and full screen.

Bug#991688: mention improved/added man page translations

[Helge Kreutzmann]

Hello Joost,
On Fri, Jul 30, 2021 at 03:29:25PM +0200, Joost van Baal-Ilić wrote:
> On Fri, Jul 30, 2021 at 02:39:02PM +0200, Helge Kreutzmann wrote:
> > On Fri, Jul 30, 2021 at 12:27:25PM +0100, Justin B Rye wrote:
> > > Helge Kreutzmann wrote:
> 
> > > 
> > > > Please install manpages-nn (where nn is your language code) to 
> > > > benefit from the improvements. During the lifetime of bullseye backports
> > > > of further improvements / translations will be provided within the 
> > > > backports archive, possibly also new languages.
> 
> > > Reapplying some of those suggested changes:
> > > 
> > >   The manual pages for several projects such as systemd, util-linux,
> > >   OpenSSH, and Mutt in a number of languages, including French, Spanish,
> > >   and Macedonian, have been substantially improved. To benefit from
> > >   this, please install manpages-xx (where xx is the code for your
> > >   preferred natural language).
> > > 
> > > (I'm avoiding calling openssh a package.)
> > > 
> > > This version's short enough that we might consider including it in the
> > > introductory section for 2.2 "What's new in the distribution?"...
> > 
> > I'm fine with the update, even though it misses the fact that I did
> > (for buster) and will be (for bullseye) provide updates as translators
> > translate more pages and paragraphs.
> 
> You mean via backports?  Yes, I suggested dropping that: I'm not quite sure we
> should suggest that in the release notes since it's not strictly part of the
> release.  Or maybe something could get added somewhere else?

If this is the rule now, fine. In Buster similar text was present
(back then only for German, now we support many more languages) and
there the mentioning of backports was possible. And I remember a
famouse German computer magazin was explictily picking this up.

(See section 2.2.5 of the Buster release notes).

Greetings

   Helge

-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature

Bug#991703: unblock: openjdk-11/11.0.12+7-2

[Emmanuel Bourg]

Hi Paul,

Le 2021-07-30 15:29, Paul Gevers a écrit :


Matthias is asking for an unblock of openjdk-11, but it breaks
openjdk-11-jre-dcevm. Are you in the position to fix this soon?


I'll give it a look. I was considering a stable update after the release
but if it's still time to update it before the release I'll do it.



As I understand it, this version is a release version. I would have
expected from you that you're on top of this and that you would have
uploaded openjdk-11-jre-dcevm already. Otherwise I'm not sure if it
makes sense to ship openjdk-11-jre-dcevm in a stable release anyways,
because it will constantly be broken by newer versions of openjdk-11. 
Or

am I misunderstanding the situation?


DCEVM is a development tools, it's not the end of the world if it lags
a bit behind OpenJDK. Fortunately it's not always broken by OpenJDK 
updates.


Emmanuel Bourg

Bug#991716: unblock: neomutt/20201127+dfsg.1-1.2

[Moritz Muehlenhoff]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package neomutt. It fixes a security issue,
which was already fixed in buster. Debdiff below.

unblock neomutt/20201127+dfsg.1-1.2

Cheers,
Moritz

diff -Nru neomutt-20201127+dfsg.1/debian/changelog 
neomutt-20201127+dfsg.1/debian/changelog
--- neomutt-20201127+dfsg.1/debian/changelog2021-03-16 20:37:31.0 
+0100
+++ neomutt-20201127+dfsg.1/debian/changelog2021-07-29 23:13:20.0 
+0200
@@ -1,3 +1,10 @@
+neomutt (20201127+dfsg.1-1.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix CVE-2021-32055 (Closes: #988107)
+
+ -- Moritz Muehlenhoff   Thu, 29 Jul 2021 23:13:20 +0200
+
 neomutt (20201127+dfsg.1-1.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru neomutt-20201127+dfsg.1/debian/patches/series 
neomutt-20201127+dfsg.1/debian/patches/series
--- neomutt-20201127+dfsg.1/debian/patches/series   2021-03-16 
20:37:31.0 +0100
+++ neomutt-20201127+dfsg.1/debian/patches/series   2021-07-29 
23:13:12.0 +0200
@@ -4,3 +4,4 @@
 misc/smime.rc.patch
 upstream/981306-mime-forwarding.patch
 upstream/redraw-on-sigwinch.patch
+upstream/CVE-2021-32055.patch
diff -Nru neomutt-20201127+dfsg.1/debian/patches/upstream/CVE-2021-32055.patch 
neomutt-20201127+dfsg.1/debian/patches/upstream/CVE-2021-32055.patch
--- neomutt-20201127+dfsg.1/debian/patches/upstream/CVE-2021-32055.patch
1970-01-01 01:00:00.0 +0100
+++ neomutt-20201127+dfsg.1/debian/patches/upstream/CVE-2021-32055.patch
2021-07-29 23:12:31.0 +0200
@@ -0,0 +1,34 @@
+From fa1db5785e5cfd9d3cd27b7571b9fe268d2ec2dc Mon Sep 17 00:00:00 2001
+From: Kevin McCarthy 
+Date: Mon, 3 May 2021 13:11:30 -0700
+Subject: [PATCH] Fix seqset iterator when it ends in a comma
+
+If the seqset ended with a comma, the substr_end marker would be just
+before the trailing nul.  In the next call, the loop to skip the
+marker would iterate right past the end of string too.
+
+The fix is simple: place the substr_end marker and skip past it
+immediately.
+---
+ imap/util.c | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/imap/util.c b/imap/util.c
+index 52aff7da0a..27fb862954 100644
+--- a/imap/util.c
 b/imap/util.c
+@@ -1119,13 +1119,11 @@ int mutt_seqset_iterator_next(struct SeqsetIterator 
*iter, unsigned int *next)
+ if (iter->substr_cur == iter->eostr)
+   return 1;
+ 
+-while (!*(iter->substr_cur))
+-  iter->substr_cur++;
+ iter->substr_end = strchr(iter->substr_cur, ',');
+ if (!iter->substr_end)
+   iter->substr_end = iter->eostr;
+ else
+-  *(iter->substr_end) = '\0';
++  *(iter->substr_end++) = '\0';
+ 
+ char *range_sep = strchr(iter->substr_cur, ':');
+ if (range_sep)

Bug#991717: ITP: mssql-jdbc -- Microsoft JDBC Driver for SQL Server

[Joseph Nahmias]

Package: wnpp
Severity: wishlist
Owner: Joseph Nahmias 

* Package name: mssql-jdbc
  Version : 9.2.1
  Upstream Author : Microsoft SQL Server Team
* URL : https://github.com/Microsoft/mssql-jdbc
* License : MIT
  Programming Lang: Java
  Description : Microsoft JDBC Driver for SQL Server

The Microsoft JDBC Driver for SQL Server is a Type 4 JDBC driver for Java
that provides database connectivity with SQL Server through the standard
JDBC application program interfaces (APIs).

This is an optional dependency for DBeaver which I plan to package under
the auspices of the Debian Java team.

Bug#991718: u-boot-sifive: only 8GB RAM visible on Sifive Unmatched

[Adam Borowski]

Package: u-boot-sifive
Version: 2021.07+dfsg-1
Severity: normal
X-Debbugs-Cc: kilob...@angband.pl

Hi!
The Unmatched has 16GB memory -- which works fine with the vendor u-boot
it shipped with.  Alas, with Debian u-boot from experimental, only 8GB is
visible (at 0x8000-0x00027fff).

Confirmed by tianon on IRC.


Meow!
-- System Information:
Debian Release: 11.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: riscv64

Kernel: Linux 5.14.0-rc3-00014-g7d549995d4e0 (SMP w/4 CPU threads)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

-- no debconf information

Bug#991719: consul: CVE-2021-32574

[Salvatore Bonaccorso]

Source: consul
Version: 1.8.7+dfsg1-2
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for consul.

CVE-2021-32574[0]:
| HashiCorp Consul and Consul Enterprise 1.3.0 through 1.10.0 Envoy
| proxy TLS configuration does not validate destination service identity
| in the encoded subject alternative name. Fixed in 1.8.14, 1.9.8, and
| 1.10.1.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-32574
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32574
[1] https://github.com/hashicorp/consul/pull/10619
[2] 
https://discuss.hashicorp.com/t/hcsec-2021-17-consul-s-envoy-tls-configuration-did-not-validate-destination-service-subject-alternative-names/26856

Regards,
Salvatore

Bug#984873: Bug#991714: linux-image-5.10.0-8-arm64: RPi 4 (8 GB) - CPU stuck in highest speed

[Diederik de Haas]

On vrijdag 30 juli 2021 17:22:06 CEST Jan Huijsmans wrote:
> ** Command line:
> ... root=/dev/sda1

I'm assuming you're the same person as in #984873, but iirc my mail to you wrt 
that bug report bounced and hasn't received an answer.
Given that you're now booting from USB (again), it may be useful to (also) 
respond to that bug.

signature.asc
Description: This is a digitally signed message part.

Bug#991720: psmisc: When I run killall -9 name-process , the contain "-" can not find the process and do not kill it

[Mauricio Tagliaferro]

Package: psmisc
Version: 22.21-2.1+b2
Severity: important



-- System Information:
Debian Release: 9.12
  APT prefers oldstable
  APT policy: (500, 'oldstable')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 4.9.0-12-amd64 (SMP w/4 CPU cores)
Locale: LANG=es_ES, LC_CTYPE=es_ES (charmap=ISO-8859-1), LANGUAGE=es_AR:es 
(charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages psmisc depends on:
ii  libc62.24-11+deb9u4
ii  libselinux1  2.6-3+b3
ii  libtinfo56.0+20161126-1+deb9u2

psmisc recommends no packages.

psmisc suggests no packages.

-- no debconf information

Bug#991721: release-notes: mention known RC bugs in bullseye

[Paul Gevers]

Package: release-notes
Severity: normal
Tags: patch

I want to collect RC bugs worth mentioning in the release
notes. Here's a proposal for the text and table. Obviously I'll be
filing the table soon and automated.

Paul
>From 801cc2747e4ffbf67125f4985a3249ec586cc487 Mon Sep 17 00:00:00 2001
From: Paul Gevers 
Date: Fri, 30 Jul 2021 21:50:32 +0200
Subject: [PATCH] issues.dbk: known RC bugs

---
 en/issues.dbk | 36 
 1 file changed, 36 insertions(+)

diff --git a/en/issues.dbk b/en/issues.dbk
index ec8b75e8..0ea1b121 100644
--- a/en/issues.dbk
+++ b/en/issues.dbk
@@ -862,4 +862,40 @@ Pin-Priority: 900
   
 
   
+  
+Known severe bugs
+
+  Although Debian releases when it's ready, that unfortunately
+  doesn't mean there are no known bugs. As part of the release
+  process all the bugs of severity serious or higher are actively
+  tracked by the Release Team, so an overview of those
+  bugs that were tagged to be ignored in the last part of
+  releasing &releasename; can be found in the Debian Bug Tracking System. The
+  following bugs were affecting &releasename; at the time of the
+  release and worth mentioning in this document:
+
+
+  
+   
+   
+   
+   
+ 
+   Bug number
+   Package (source or binary)
+   Description
+ 
+   
+   
+ 
+   982794
+   firefox-esr
+   firefox-esr/armhf: fails on non-NEON systems
+ 
+   
+  
+
+  
 
-- 
2.30.2

Bug#991715: screen: zombie child

[Vincent Lefevre]

It seems more or less reproducbile:

21983  SCREEN -c d_joooj/home/vinc17/.screenrc-mutt -T screen-256color-bce-s -dR
├─> 21984  mutt
├─> 24256  [zsh] 
├─> 24364  [zsh] 
├─> 24517  [zsh] 
├─> 24625  [zsh] 
├─> 24733  [zsh] 
├─> 24904  [zsh] 
├─> 25012  [zsh] 
├─> 25501  [zsh] 
├─> 25630  [zsh] 
└─> 25838  [zsh] 

But it may happen that zombies disappear.

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Bug#991688: mention improved/added man page translations

[Paul Gevers]

Hi,

On 30-07-2021 18:43, Helge Kreutzmann wrote:
> If this is the rule now, fine.

It is not. We have multiple items mentioning backports.

Paul



OpenPGP_signature
Description: OpenPGP digital signature

Bug#991652: gemma: FTBFS: dh_auto_test: error: make -j1 check returned exit code 2

[Andreas Tille]

Dear Pjotr,

thanks a lot for your input.  I've applied your changes but there is one
remaining failure.  I've attached the build log.  Did I possibly made some
mistake when merging your patch?

Kind regards

   Andreas.

On Fri, Jul 30, 2021 at 12:29:57PM +0200, Pjotr Prins wrote:
> Dear Andreas,
> 
> I have merged the reproducible patch from the Debian source tree and
> changed/disabled some other tests (attached).  The problem is that
> different AMD64 CPUs together with OpenBlas simply give different
> results (mostly SIMD differences). 
> 
> I tested the current tests on both Intel and AMD that I have and these
> tests pass right now.
> 
> If one is left that still fails, simply disable it. 
> 
> I'll revamp the GEMMA testing soon. I have to.
> 
> Attached
> 
> Pj.
> 

> From f90317c64e80c94ba0b5f644d3dc4f502677f8e8 Mon Sep 17 00:00:00 2001
> From: Pjotr Prins 
> Date: Fri, 30 Jul 2021 05:01:55 -0500
> Subject: [PATCH] Merging the test changes from the Debian tree and changing
>  some other tests to enhance reproducibility.
> 
> ---
>  Makefile   |  4 ++--
>  test/dev_test_suite.sh | 10 +-
>  test/test_suite.sh | 20 ++--
>  3 files changed, 17 insertions(+), 17 deletions(-)
> 
> diff --git a/Makefile b/Makefile
> index 0cf3097..499b325 100644
> --- a/Makefile
> +++ b/Makefile
> @@ -201,8 +201,8 @@ ifdef WITH_LAPACK
>endif
>  endif
>  
> -HDR  = $(wildcard src/*.h) ./src/version.h
> -SOURCES  = $(wildcard src/*.cpp)
> +HDR  = $(sort $(wildcard src/*.h)) ./src/version.h
> +SOURCES  = $(sort $(wildcard src/*.cpp))
>  
>  # all
>  OBJS = $(SOURCES:.cpp=.o)
> diff --git a/test/dev_test_suite.sh b/test/dev_test_suite.sh
> index 676e0b3..c596679 100755
> --- a/test/dev_test_suite.sh
> +++ b/test/dev_test_suite.sh
> @@ -79,7 +79,7 @@ testBXDLMMLikelihoodRatio() {
>  
>  outfn=output/$outn.assoc.txt
>  assertEquals "73180" `wc -w < $outfn`
> -assertEquals "3088458213" `perl -nle 'foreach $x (split(/\s+/,$_)) { 
> $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.0f",$sum }' 
> $outfn`
> +#assertEquals "3088458213" `perl -nle 'foreach $x (split(/\s+/,$_)) { 
> $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.0f",$sum }' 
> $outfn`
>  }
>  
>  testBXDLMM9LikelihoodRatio() {
> @@ -96,7 +96,7 @@ testBXDLMM9LikelihoodRatio() {
>  
>  outfn=output/$outn.assoc.txt
>  assertEquals "80498" `wc -w < $outfn`
> -assertEquals "3088496565" `perl -nle 'foreach $x (split(/\s+/,$_)) { 
> $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.0f",$sum }' 
> $outfn`
> +#assertEquals "3088496565" `perl -nle 'foreach $x (split(/\s+/,$_)) { 
> $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.0f",$sum }' 
> $outfn`
>  }
>  
>  testCenteredRelatednessMatrixissue188() {
> @@ -113,7 +113,7 @@ testLMMissue188() {
>  $gemma $gemmaopts -b data/issue188/2000 -lmm 2 -k output/$outn.cXX.txt 
> -maf 0.01 -o $outn -n 1
>  assertEquals 0 $?
>  outfn=output/$outn.assoc.txt
> -assertEquals "338154001.76" `perl -nle 'foreach $x (split(/\s+/,$_)) { 
> $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' 
> $outfn`
> +#assertEquals "338154001.76" `perl -nle 'foreach $x (split(/\s+/,$_)) { 
> $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' 
> $outfn`
>  }
>  
>  testCenteredRelatednessMatrixKLOCO1() {
> @@ -147,7 +147,7 @@ testUnivariateLinearMixedModelLOCO1() {
>  assertEquals 0 $?
>  outfn=output/$outn.assoc.txt
>  assertEquals "68" `wc -l < $outfn`
> -assertEquals "15465346.22" `perl -nle 'foreach $x (split(/\s+/,$_)) { 
> $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' 
> $outfn`
> +#assertEquals "15465346.22" `perl -nle 'foreach $x (split(/\s+/,$_)) { 
> $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' 
> $outfn`
>  }
>  
>  testPlinkCenteredRelatednessMatrixKLOCO1() {
> @@ -188,7 +188,7 @@ testPlinkUnivariateLinearMixedModelLOCO1() {
>  assertEquals 0 $?
>  outfn=output/$outn.assoc.txt
>  assertEquals "68" `wc -l < $outfn`
> -assertEquals "15465346.22" `perl -nle 'foreach $x (split(/\s+/,$_)) { 
> $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' 
> $outfn`
> +#assertEquals "15465346.22" `perl -nle 'foreach $x (split(/\s+/,$_)) { 
> $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' 
> $outfn`
>  }
>  
>  
> diff --git a/test/test_suite.sh b/test/test_suite.sh
> index cc244c0..892faa4 100755
> --- a/test/test_suite.sh
> +++ b/test/test_suite.sh
> @@ -27,7 +27,7 @@ testBslmm2() {
> -gk 1 -o $outn
>  assertEquals 0 $?
>  outfn=output/$outn.cXX.txt
> -assertEquals "579.50" `perl -nle 'foreach $x (split(/\s+/,$_)) { $sum += 
> sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' $outfn`
> +assertEquals "580" `perl -nle 'foreach $x (split(/\s+/,$_)) { $sum += 
> sprintf("%.2f",(subst

Bug#988963: release-notes: document libgc1c2 situation

[Paul Gevers]

Package: libgc1c2
Followup-For: Bug #988963
X-Debbugs-Cc: debian-...@lists.debian.org
Control: reassing -1 release-notes

Hi,

Please find attached my proposal how to document the issue with
libgc1c2 upgrades.

Paul
>From ace0b20825c99c394844233b73c5601cb09d2bb1 Mon Sep 17 00:00:00 2001
From: Paul Gevers 
Date: Fri, 30 Jul 2021 22:17:56 +0200
Subject: [PATCH] issues.dbk: libgc1c2 can be hold back

---
 en/issues.dbk | 12 
 1 file changed, 12 insertions(+)

diff --git a/en/issues.dbk b/en/issues.dbk
index ec8b75e8..ad632266 100644
--- a/en/issues.dbk
+++ b/en/issues.dbk
@@ -451,6 +451,18 @@ data = 
${lookup{$local_part}lsearch{/some/path/$domain_data/aliases}}
 
   
 
+  
+Upgrades involving libgc1c2 need two runs
+
+  Packages that depend on libgc1c2 in buster may be held back
+  during the first full upgrade run to bullseye. Doing a second
+  upgrade normally solves the issue. The background of the issue
+  can be found in bug
+  #988963.
+
+  
+
   
   Things to do post upgrade before rebooting
   
-- 
2.30.2

Bug#991588: systemd: Buster to Bullseye: boot stalls at network loading on normal boot

[Adrian Bunk]

On Wed, Jul 28, 2021 at 10:17:56PM +0200, Michael Biebl wrote:
> On Wed, 28 Jul 2021 18:09:58 +0200 Dennis Filder  wrote:
> > X-Debbugs-CC: Martin-Éric Racine 
> > 
> > A couple of observations:
> > 
> > * You have tpm2-abrmd installed, and its systemd unit is the only one
> >   defining a Requires=systemd-udev-settle.service.  2.1.0-1 under
> >   Buster didn't do that yet, so this could be the breaking change.  As
> >   its manpage states systemd-udev-settle.service as a unit is
> >   conceptually problematic because udev events are never really
> >   settled; the unit is also deprecated, so tpm2-abrmd should correct
> >   its systemd/udev definitions.
> 
> Just a general remark that using Requires/After=systemd-udev-settle.service
> is a really bad idea.
> 
> Whenever possible, you should avoid using it.
> 
> Quoting from the systemd-udev-settle.service man page
> 
> "Using this service is not recommended. There can be no guarantee that
> hardware is fully discovered at any specific time, because the kernel does
> hardware detection asynchronously, and certain buses and devices take a very
> long time to become ready, and also additional hardware may be plugged in at
> any time. Instead, services should subscribe to udev events and react to any
> new hardware as it is discovered. Services that, based on configuration,
> expect certain devices to appear, may warn or report failure after a
> timeout. This timeout should be tailored to the hardware type. Waiting for
> systemd-udev-settle.service usually slows boot significantly, because it
> means waiting for all unrelated events too."

Here is what upstream did for this issue:
https://github.com/tpm2-software/tpm2-abrmd/pull/755

cu
Adrian

Bug#984873: Bug#991714: linux-image-5.10.0-8-arm64: RPi 4 (8 GB) - CPU stuck in highest speed

[Diederik de Haas]

On vrijdag 30 juli 2021 21:28:54 CEST Diederik de Haas wrote:
> On vrijdag 30 juli 2021 17:22:06 CEST Jan Huijsmans wrote:
> I'm assuming you're the same person as in #984873, but iirc my mail to you
> wrt that bug report bounced and hasn't received an answer.

And that mail bounced as well.
So, I'm giving you a week to respond and if that doesn't happen, both bugs 
will closed.
If you're using random email addresses and not interested in a dialog, why 
should we care?


signature.asc
Description: This is a digitally signed message part.

Bug#991722: claws-mail: CVE-2021-37746

[Salvatore Bonaccorso]

Source: claws-mail
Version: 3.17.8-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 
Control: clone -1 -2
Control: reassign -2 sylpheed 3.7.0-8
Control: retitle -2 sylpheed: CVE-2021-37746
Control: found -1 3.17.3-2
Control: found -2 3.7.0-4

Hi,

The following vulnerability was published for claws-mail (and
sylpheed).

CVE-2021-37746[0]:
| textview_uri_security_check in textview.c in Claws Mail before 3.18.0,
| and Sylpheed through 3.7.0, does not have sufficient link checks
| before accepting a click.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-37746
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37746
[1] 
https://git.claws-mail.org/?p=claws.git;a=commit;h=ac286a71ed78429e16c612161251b9ea90ccd431

Regards,
Salvatore

Bug#991588: systemd: Buster to Bullseye: boot stalls at network loading on normal boot

[Michael Biebl]

Am 30.07.21 um 22:26 schrieb Adrian Bunk:

On Wed, Jul 28, 2021 at 10:17:56PM +0200, Michael Biebl wrote:



Just a general remark that using Requires/After=systemd-udev-settle.service
is a really bad idea.

Whenever possible, you should avoid using it.

Quoting from the systemd-udev-settle.service man page

"Using this service is not recommended. There can be no guarantee that
hardware is fully discovered at any specific time, because the kernel does
hardware detection asynchronously, and certain buses and devices take a very
long time to become ready, and also additional hardware may be plugged in at
any time. Instead, services should subscribe to udev events and react to any
new hardware as it is discovered. Services that, based on configuration,
expect certain devices to appear, may warn or report failure after a
timeout. This timeout should be tailored to the hardware type. Waiting for
systemd-udev-settle.service usually slows boot significantly, because it
means waiting for all unrelated events too."


Here is what upstream did for this issue:
https://github.com/tpm2-software/tpm2-abrmd/pull/755


Thanks for the reference.
This is indeed much better.

Another alternative would have been to start the service via SYSTEMD_WANTS
https://www.freedesktop.org/software/systemd/man/systemd.device.html#SYSTEMD_WANTS=





OpenPGP_signature
Description: OpenPGP digital signature

Bug#991451: redis breaks python-fakeredis autopkgtest: AssertionError

[Paul Gevers]

Hi Jochen,

On 30-07-2021 14:12, Jochen Sprickerhof wrote:
> Control: reassign -1 python-fakeredis
> Control: affects -1 redis
> Control: forwarded -1 https://github.com/jamesls/fakeredis/pull/303
> 
> I've proposed a fix upstream and will upload to Debian later today.

Thanks, but the autopkgtest in testing. I *guess* the behavior of
python-fakeredis now *needs* the new redis, however, that tight
versioned relation is missing. Ideally that should be added, but if you
confirm, I can live without it (or you add it, I'll not look again
before tomorrow evening (UTC+2).

Paul





OpenPGP_signature
Description: OpenPGP digital signature

Bug#861640: f2fs-tools: buffer overflow detected: fsck.f2fs terminated

[Diederik de Haas]

On Mon, 01 Mar 2021 14:08:41 +0100 Diederik de Haas  
wrote:
> The mentioned patch was first included in Debian's 1.10.0-1; f2fs-tools is at 
> version 1.14.0-2 in testing/unstable, while Stable has version 1.11.0-1.1.
> 
> Can you confirm this issue is resolved?

I saw the above reply was only sent to the bug, but not explicitly to the 
submitter, hence this message so you're aware.

signature.asc
Description: This is a digitally signed message part.

Bug#991640: Original upstream bug report

[Amr Ibrahim]

I found the original upstream bug report:

https://bugs.openjdk.java.net/browse/JDK-8248126

Bug#803744: Still not fixed in Raspbian GNU/Linux 9 (stretch)

[Diederik de Haas]

On Sat, 21 Jul 2018 16:24:29 -0400 "Theodore Y. Ts'o"  wrote:
> On Fri, Jul 20, 2018 at 09:35:53PM +0200, Alexander Dahl wrote:
> > I can confirm that behaviour for Raspbian GNU/Linux 9 (stretch), quote
> > from syslog:
> > 
> > Jul 20 17:17:04 darcy systemd-fsck[96]: fsck.f2fs: invalid option -- 'y'
> >
> > If you have any hints on how to solve that, I would happily test it.
> 
> f2fs-tools in Debian Stretch is version 1.07 (released July 2016).
> 
> This was fixed in f2fs-tools version 1.10, which is in Debian Testing
> and Debian Unstable.  f2fs-tools version 1.10 is also available in
> Debian Backports, if you want to use it with Debian Stretch.

Could you (both) confirm that this issue is resolved?

In case you're using raspbian.org Stretch, which doesn't have backports and 
you're using a RPi 2/3/4, but not 0(w) or 1, you can just DL the armhf package 
from Debian (itself) and install that.
With the 0(w) and 1 you can install the package from armel.

signature.asc
Description: This is a digitally signed message part.

Bug#991724: unblock: python-fakeredis/1.4.5-4

[Jochen Sprickerhof]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package python-fakeredis

[ Reason ]
The last upstream release of Redis (with security updates) changed the
semantics of the SINTER[STORE] commands. This broke the autopkgtests of
python-fakeredis which compared the results against the real Redis.

[ Impact ]
Currently the security update of Redis is blocked from migrating to
testing and would need help..

[ Tests ]
fakeredis has a big test suite and I did some manual tests as well.

[ Risks ]
The change is a behaviour change but Redis upstream considers it more
correct:
https://github.com/redis/redis/issues/9273
Given that fakeredis tries to mimic the Redis behaviour and the change
is pretty minimal, I think the risk is rather small.
I've tested the only reverse build dependency in the archive (cachy) to
build fine with the new fakeredis version.
Also fakeredis upstream acknowledged the patch:
https://github.com/jamesls/fakeredis/pull/303

[ Checklist ]
  [X] all changes are documented in the d/changelog and in the patch
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in testing

unblock python-fakeredis/1.4.5-4
diff --git a/debian/changelog b/debian/changelog
index 820c656..0aad551 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,17 @@
+python-fakeredis (1.4.5-4) unstable; urgency=medium
+
+  * Team upload.
+  * Bump tests dependency for new Redis behaviour
+
+ -- Jochen Sprickerhof   Fri, 30 Jul 2021 22:40:47 +0200
+
+python-fakeredis (1.4.5-3) unstable; urgency=medium
+
+  * Team upload.
+  * Add patch for new Redis 6.0.15 SINTER behaviour (Closes: #991451)
+
+ -- Jochen Sprickerhof   Fri, 30 Jul 2021 14:32:28 +0200
+
 python-fakeredis (1.4.5-2) unstable; urgency=medium
 
   * Lift pytest version cap.
diff --git a/debian/patches/0002-SINTER-STORE-requires-keys-to-be-sets.patch 
b/debian/patches/0002-SINTER-STORE-requires-keys-to-be-sets.patch
new file mode 100644
index 000..0e3fccb
--- /dev/null
+++ b/debian/patches/0002-SINTER-STORE-requires-keys-to-be-sets.patch
@@ -0,0 +1,56 @@
+From: Jochen Sprickerhof 
+Date: Fri, 30 Jul 2021 13:50:25 +0200
+Subject: SINTER[STORE] requires keys to be sets
+
+Starting with Redis 6.0.15 this behaviour changed.
+The definition of SINTER[STORE] states:
+
+"Keys that do not exist are considered to be empty sets."
+
+At the same time SINTER only accepts set:
+
+"intersection of all the given sets"
+
+Both quotes from: https://redis.io/commands/sinter.
+
+The behaviour of Redis 6.0.14 was that it ignored the type of later keys
+if it found an empty set and returned that. Radis 6.0.15 changed this
+behaviour to return a WRONGTYPE if it finds a non set key in the
+arguments.
+
+Example to reproduce:
+
+127.0.0.1:6379> FLUSHALL
+OK
+127.0.0.1:6379> SINTER a b
+(empty array)
+127.0.0.1:6379> SET b something
+OK
+127.0.0.1:6379> SINTER a b
+(error) WRONGTYPE Operation against a key holding the wrong kind of value
+
+Cf. https://github.com/redis/redis/issues/9273.
+---
+ fakeredis/_server.py | 6 ++
+ 1 file changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/fakeredis/_server.py b/fakeredis/_server.py
+index f408ab7..a4f8599 100644
+--- a/fakeredis/_server.py
 b/fakeredis/_server.py
+@@ -1866,13 +1866,11 @@ class FakeSocket:
+ def sdiffstore(self, dst, *keys):
+ return self._setop(lambda a, b: a - b, False, dst, *keys)
+ 
+-# The following keys can't be marked as sets because of the
+-# stop_if_empty early-out.
+-@command((Key(set),), (Key(),))
++@command((Key(set),), (Key(set),))
+ def sinter(self, *keys):
+ return self._setop(lambda a, b: a & b, True, None, *keys)
+ 
+-@command((Key(), Key(set)), (Key(),))
++@command((Key(), Key(set)), (Key(set),))
+ def sinterstore(self, dst, *keys):
+ return self._setop(lambda a, b: a & b, True, dst, *keys)
+ 
diff --git a/debian/patches/series b/debian/patches/series
index d448f15..87b0361 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
 skip-flaky-test.patch
+0002-SINTER-STORE-requires-keys-to-be-sets.patch
diff --git a/debian/tests/control b/debian/tests/control
index 91f1d97..9e7c574 100644
--- a/debian/tests/control
+++ b/debian/tests/control
@@ -12,6 +12,6 @@ Depends:
  python3-setuptools,
  python3-six,
  python3-sortedcontainers,
- redis-server,
+ redis-server (>= 5:6.0.15),
 Restrictions: allow-stderr, isolation-container
 Test-Command: set -e; for py in $(py3versions -i); do echo "[*] testing on 
$py:"; $py -Wd -m pytest -v -x --ignore=test/test_aioredis.py 2>&1; done

Bug#991725: libncarg-dev: missing pkg-config requirements 'hdf' and 'hdf-eos'

[Eliad Bagherzadegan]

Package: libncarg-dev
Version: 6.5.0-2
Severity: important

Dear Maintainer,


"pkg-config --libs ncarg" fails, since it requires 'hdf' and 'hdf-eos' [1].
'libhdf4-alt-dev' does not provide a pkg-config file and the pkg-config
file for 'libhdfeos-dev' is 'hdf-eos4' (not 'hdf-eos').



[1] Contents of 'ncarg.pc':

prefix=/usr
exec_prefix=${prefix}
libdir=/usr/lib/x86_64-linux-gnu
includedir=${prefix}/include/ncl

Name: NCAR Graphics
Description: Linking for NCAR Graphics
Version: 6.4.0
Requires: hdf hdf5 hdf-eos hdf-eos5 netcdf x11 xext cairo
Libs: -L${libdir}/ncarg -L${libdir}
Libs.private: -lhe5_hdfeos -lhdf_hl -lhdf5 -lsz -lgctp -ljpeg -lz -lpthread




-- System Information:
Debian Release: 10.10
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-17-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE,
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libncarg-dev depends on:
ii  ksh  93u+20120801-3.4+deb10u1
ii  libncarg06.5.0-2
ii  libudunits2-dev  2.2.26-5
ii  libxgks-dev  2.6.1+dfsg.2-5+b1
ii  mksh 57-1
ii  ncl-ncarg6.5.0-2
ii  zsh  5.7.1-1

libncarg-dev recommends no packages.

libncarg-dev suggests no packages.

Bug#989296: [RFR] libgdcm-dev/3.0.8-2 (to close #989296)

[Étienne Mollier]

Hi Mathieu,

Mathieu Malaterre, on 2021-07-30:
> Hi all,
> 
> I've reviewed commit 92bee7344b774b45b66185ed17b040f12fe31c43. I've
> not verified it fixes the OP symptoms, but this is the right fix IMHO.
> 
> I've also reviewed cddfeab955f486fba72745b66130480dfec1a2b6 and this
> is not the right fix, sorry. See #711214 for more context.

No worries, Thank you for your review!  :)

So, if I understood correctly #711214 and #989296, then it seems
to me that, once vtkgdcmsharpglue and vtkgdcmPython are detected
properly, the remaining messages will be warnings only.  They
won't impede the build; that is, until the shared objects are
effectively needed, in which case one should install the
components independently.  So the fix to d/rules is sufficient,
no need to touch d/control to address that bug, I guess.

Have a nice day,  :)
-- 
Étienne Mollier 
Fingerprint:  8f91 b227 c7d6 f2b1 948c  8236 793c f67e 8f0d 11da
Sent from /dev/pts/7, please excuse my verbosity.


signature.asc
Description: PGP signature

Bug#605789: kopete-jabber: a message could be lost if account disconnected

[Paul Wise]

On Mon, 26 Jul 2021 13:32:22 +0800 Paul Wise wrote:

> Please retry this issue with the latest kopete versions in Debian
> buster and Debian experimental and report the results here.

The submitters address bounces, so someone else will need to do this.

-- 
bye,
pabs

https://wiki.debian.org/PaulWise


signature.asc
Description: This is a digitally signed message part

Bug#991726: gimp: Crash when ctrl+z after create a layer mask

[shy]

Package: gimp
Version: 2.10.8-2
Severity: normal

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
   * What was the outcome of this action?
   * What outcome did you expect instead?

*** End of the template - remove these template lines ***


-- System Information:
Debian Release: 10.7
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.4.109-26094-g381754fbb430 (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages gimp depends on:
ii  gimp-data2.10.8-2
ii  libaa1   1.4p5-46
ii  libbabl-0.1-00.1.62-1
ii  libbz2-1.0   1.0.6-9.2~deb10u1
ii  libc62.28-10
ii  libcairo21.16.0-4
ii  libfontconfig1   2.13.1-2
ii  libfreetype6 2.9.1-3+deb10u2
ii  libgcc1  1:8.3.0-6
ii  libgdk-pixbuf2.0-0   2.38.1+dfsg-1
ii  libgegl-0.4-00.4.12-2
ii  libgexiv2-2  0.10.9-1
ii  libgimp2.0   2.10.8-2
ii  libglib2.0-0 2.58.3-2+deb10u2
ii  libgs9   9.27~dfsg-2+deb10u4
ii  libgtk2.0-0  2.24.32-3
ii  libgudev-1.0-0   232-2
ii  libharfbuzz0b2.3.1-1
ii  libheif1 1.3.2-2~deb10u1
ii  libilmbase23 2.2.1-2
ii  libjpeg62-turbo  1:1.5.2-2+deb10u1
ii  liblcms2-2   2.9-3
ii  liblzma5 5.2.4-1
ii  libmng1  1.0.10+dfsg-3.1+b5
ii  libmypaint-1.3-0 1.3.0-2.1
ii  libopenexr23 2.2.1-4.1+deb10u1
ii  libopenjp2-7 2.3.0-2+deb10u2
ii  libpango-1.0-0   1.42.4-8~deb10u1
ii  libpangocairo-1.0-0  1.42.4-8~deb10u1
ii  libpangoft2-1.0-01.42.4-8~deb10u1
ii  libpng16-16  1.6.36-6
ii  libpoppler-glib8 0.71.0-5
ii  librsvg2-2   2.44.10-2.1
ii  libstdc++6   8.3.0-6
ii  libtiff5 4.1.0+git191117-2~deb10u1
ii  libwebp6 0.6.1-2+deb10u1
ii  libwebpdemux20.6.1-2+deb10u1
ii  libwebpmux3  0.6.1-2+deb10u1
ii  libwmf0.2-7  0.2.8.4-14
ii  libx11-6 2:1.6.7-1+deb10u2
ii  libxcursor1  1:1.1.15-2
ii  libxext6 2:1.3.3-1+b2
ii  libxfixes3   1:5.0.3-1
ii  libxmu6  2:1.1.2-2+b3
ii  libxpm4  1:3.5.12-1
ii  xdg-utils1.1.3-1+deb10u1
ii  zlib1g   1:1.2.11.dfsg-1

Versions of packages gimp recommends:
ii  ghostscript  9.27~dfsg-2+deb10u4

Versions of packages gimp suggests:
pn  gimp-data-extras  
pn  gimp-help-en | gimp-help  
pn  gimp-python   
pn  gvfs-backends 
ii  libasound21.1.8-1

-- no debconf information

Bug#892058: Re: Bug#892058: debian-keyring: please automatically send reminder

[Sherry Williams]

Date: Thu, 22 Oct 2020 07:47:42 -0700 >From: Felix Lechner >-
>Body: This is a multi-part MIME message sent by reportbug. > > >--

Bug#991718: u-boot-sifive: only 8GB RAM visible on Sifive Unmatched

[Vagrant Cascadian]

On 2021-07-30, Adam Borowski wrote:
> The Unmatched has 16GB memory -- which works fine with the vendor u-boot
> it shipped with.  Alas, with Debian u-boot from experimental, only 8GB is
> visible (at 0x8000-0x00027fff).
>
> Confirmed by tianon on IRC.

Odd, mine displays 16GB in u-boot, and ~15GB once linux is booted using
2021.07+dfsg-1.


live well,
  vagrant


signature.asc
Description: PGP signature

Bug#991726: the mask bug

[fantasma shy]

```
GNU Image Manipulation Program version 2.10.8
git-describe: GIMP_2_10_6-294-ga967e8d2c2
C compiler:
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/8/lto-wrapper
OFFLOAD_TARGET_NAMES=nvptx-none
OFFLOAD_TARGET_DEFAULT=1
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Debian 8.2.0-13'
--with-bugurl=file:///usr/share/doc/gcc-8/README.Bugs
--enable-languages=c,ada,c++,go,brig,d,fortran,objc,obj-c++ --prefix=/usr
--with-gcc-major-version-only --program-suffix=-8
--program-prefix=x86_64-linux-gnu- --enable-shared --enable-linker-build-id
--libexecdir=/usr/lib --without-included-gettext --enable-threads=posix
--libdir=/usr/lib --enable-nls --enable-clocale=gnu
--enable-libstdcxx-debug --enable-libstdcxx-time=yes
--with-default-libstdcxx-abi=new --enable-gnu-unique-object
--disable-vtable-verify --enable-libmpx --enable-plugin
--enable-default-pie --with-system-zlib --with-target-system-zlib
--enable-objc-gc=auto --enable-multiarch --disable-werror
--with-arch-32=i686 --with-abi=m64 --with-multilib-list=m32,m64,mx32
--enable-multilib --with-tune=generic --enable-offload-targets=nvptx-none
--without-cuda-driver --enable-checking=release --build=x86_64-linux-gnu
--host=x86_64-linux-gnu --target=x86_64-linux-gnu
Thread model: posix
gcc version 8.2.0 (Debian 8.2.0-13)

using GEGL version 0.4.12 (compiled against version 0.4.12)
using GLib version 2.58.3 (compiled against version 2.58.1)
using GdkPixbuf version 2.38.1 (compiled against version 2.38.0)
using GTK+ version 2.24.32 (compiled against version 2.24.32)
using Pango version 1.42.3 (compiled against version 1.42.3)
using Fontconfig version 2.13.1 (compiled against version 2.13.1)
using Cairo version 1.16.0 (compiled against version 1.16.0)

```
> fatal error: Abortado

Stack trace:
```
/usr/lib/libgimpbase-2.0.so.0(gimp_stack_trace_print+0x397)[0x7ceff22b8e27]
gimp-2.10(+0xd14a0)[0x5cbbe91f14a0]
gimp-2.10(+0xd18d8)[0x5cbbe91f18d8]
gimp-2.10(+0xd2037)[0x5cbbe91f2037]
/lib/x86_64-linux-gnu/libpthread.so.0(+0x12730)[0x7ceff15c0730]
/lib/x86_64-linux-gnu/libc.so.6(gsignal+0x10b)[0x7ceff14227bb]
/lib/x86_64-linux-gnu/libc.so.6(abort+0x121)[0x7ceff140d535]
/lib/x86_64-linux-gnu/libc.so.6(+0x2240f)[0x7ceff140d40f]
/lib/x86_64-linux-gnu/libc.so.6(+0x30102)[0x7ceff141b102]
/usr/lib/x86_64-linux-gnu/libX11.so.6(+0x4370b)[0x7ceff12e770b]
/usr/lib/x86_64-linux-gnu/libX11.so.6(+0x437b0)[0x7ceff12e77b0]
/usr/lib/x86_64-linux-gnu/libX11.so.6(_XEventsQueued+0x5d)[0x7ceff12e7aad]
/usr/lib/x86_64-linux-gnu/libX11.so.6(XPending+0x57)[0x7ceff12d9747]
/usr/lib/x86_64-linux-gnu/libgdk-x11-2.0.so.0(+0x588d5)[0x7ceff23798d5]
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0(g_main_context_check+0x1d1)[0x7ceff17a4b11]
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0(+0x4e0e0)[0x7ceff17a50e0]
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0(g_main_loop_run+0xb2)[0x7ceff17a54c2]
gimp-2.10(app_run+0x357)[0x5cbbe91f0cb7]
gimp-2.10(main+0x395)[0x5cbbe91f05b5]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xeb)[0x7ceff140f09b]
gimp-2.10(_start+0x2a)[0x5cbbe91f073a]

```

Bug#991727: cryptsetup: insserv: FATAL: service cryptdisks-early has to be enabled to use service cryptdisks

[Thorsten Glaser]

Package: cryptsetup
Version: 2:2.3.5-1
Severity: normal
X-Debbugs-Cc: t...@mirbsd.de

I was just installing cryptsetup and cryptsetup-bin to move to
encrypted swap and got this:

Preconfiguring packages ...
Selecting previously unselected package libcryptsetup12:amd64.
(Reading database ... 437931 files and directories currently installed.)
Preparing to unpack .../libcryptsetup12_2%3a2.3.5-1_amd64.deb ...
Unpacking libcryptsetup12:amd64 (2:2.3.5-1) ...
Selecting previously unselected package cryptsetup-bin.
Preparing to unpack .../cryptsetup-bin_2%3a2.3.5-1_amd64.deb ...
Unpacking cryptsetup-bin (2:2.3.5-1) ...
Selecting previously unselected package cryptsetup.
Preparing to unpack .../cryptsetup_2%3a2.3.5-1_amd64.deb ...
Unpacking cryptsetup (2:2.3.5-1) ...
Setting up libcryptsetup12:amd64 (2:2.3.5-1) ...
Setting up cryptsetup-bin (2:2.3.5-1) ...
Setting up cryptsetup (2:2.3.5-1) ...
insserv: FATAL: service cryptdisks-early has to be enabled to use service 
cryptdisks
Processing triggers for man-db (2.9.4-2) ...
Processing triggers for libc-bin (2.31-13) ...
[master 46cca18] committing changes in /etc made by "apt-get install cryptsetup 
cryptsetup-bin"


I’m guessing this isn’t fatal for me because I only use it for swap at
the moment but maybe failure to install the service may trouble others?


-- Package-specific info:

-- System Information:
Debian Release: 11.0
  APT prefers testing-security
  APT policy: (500, 'testing-security'), (500, 'stable-updates'), (500, 
'oldoldstable'), (500, 'testing'), (500, 'stable'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-6-amd64 (SMP w/4 CPU threads)
Kernel taint flags: TAINT_FIRMWARE_WORKAROUND
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/lksh
Init: sysvinit (via /sbin/init)

Versions of packages cryptsetup depends on:
ii  cryptsetup-bin 2:2.3.5-1
ii  debconf [debconf-2.0]  1.5.77
ii  dmsetup2:1.02.175-2.1
ii  libc6  2.31-13

Versions of packages cryptsetup recommends:
pn  cryptsetup-initramfs  
pn  cryptsetup-run

Versions of packages cryptsetup suggests:
ii  dosfstools  4.2-1
pn  keyutils
ii  liblocale-gettext-perl  1.07-4+b1

-- debconf information:
  cryptsetup/prerm_active_mappings: true

Bug#991652: gemma: FTBFS: dh_auto_test: error: make -j1 check returned exit code 2

[Andreas Tille]

On Fri, Jul 30, 2021 at 10:42:49PM +0200, Pjotr Prins wrote:
> ASSERT:expected:<2247> but was:<2246>

Builds on my machine now, waiting for Salsa CI before uploading.

Thanks a lot for your quick support

   Andreas.
 
> is a round off :/. Can you comment out that line? I can resend the
> patch tomorrow otherwise.
> 
> Pj.
> 
> On Fri, Jul 30, 2021 at 10:08:45PM +0200, Andreas Tille wrote:
> > Dear Pjotr,
> > 
> > thanks a lot for your input.  I've applied your changes but there is one
> > remaining failure.  I've attached the build log.  Did I possibly made some
> > mistake when merging your patch?
> > 
> > Kind regards
> > 
> >Andreas.
> > 
> > On Fri, Jul 30, 2021 at 12:29:57PM +0200, Pjotr Prins wrote:
> > > Dear Andreas,
> > > 
> > > I have merged the reproducible patch from the Debian source tree and
> > > changed/disabled some other tests (attached).  The problem is that
> > > different AMD64 CPUs together with OpenBlas simply give different
> > > results (mostly SIMD differences). 
> > > 
> > > I tested the current tests on both Intel and AMD that I have and these
> > > tests pass right now.
> > > 
> > > If one is left that still fails, simply disable it. 
> > > 
> > > I'll revamp the GEMMA testing soon. I have to.
> > > 
> > > Attached
> > > 
> > > Pj.
> > > 
> > 
> > > From f90317c64e80c94ba0b5f644d3dc4f502677f8e8 Mon Sep 17 00:00:00 2001
> > > From: Pjotr Prins 
> > > Date: Fri, 30 Jul 2021 05:01:55 -0500
> > > Subject: [PATCH] Merging the test changes from the Debian tree and 
> > > changing
> > >  some other tests to enhance reproducibility.
> > > 
> > > ---
> > >  Makefile   |  4 ++--
> > >  test/dev_test_suite.sh | 10 +-
> > >  test/test_suite.sh | 20 ++--
> > >  3 files changed, 17 insertions(+), 17 deletions(-)
> > > 
> > > diff --git a/Makefile b/Makefile
> > > index 0cf3097..499b325 100644
> > > --- a/Makefile
> > > +++ b/Makefile
> > > @@ -201,8 +201,8 @@ ifdef WITH_LAPACK
> > >endif
> > >  endif
> > >  
> > > -HDR  = $(wildcard src/*.h) ./src/version.h
> > > -SOURCES  = $(wildcard src/*.cpp)
> > > +HDR  = $(sort $(wildcard src/*.h)) ./src/version.h
> > > +SOURCES  = $(sort $(wildcard src/*.cpp))
> > >  
> > >  # all
> > >  OBJS = $(SOURCES:.cpp=.o)
> > > diff --git a/test/dev_test_suite.sh b/test/dev_test_suite.sh
> > > index 676e0b3..c596679 100755
> > > --- a/test/dev_test_suite.sh
> > > +++ b/test/dev_test_suite.sh
> > > @@ -79,7 +79,7 @@ testBXDLMMLikelihoodRatio() {
> > >  
> > >  outfn=output/$outn.assoc.txt
> > >  assertEquals "73180" `wc -w < $outfn`
> > > -assertEquals "3088458213" `perl -nle 'foreach $x (split(/\s+/,$_)) { 
> > > $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.0f",$sum }' 
> > > $outfn`
> > > +#assertEquals "3088458213" `perl -nle 'foreach $x (split(/\s+/,$_)) 
> > > { $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.0f",$sum }' 
> > > $outfn`
> > >  }
> > >  
> > >  testBXDLMM9LikelihoodRatio() {
> > > @@ -96,7 +96,7 @@ testBXDLMM9LikelihoodRatio() {
> > >  
> > >  outfn=output/$outn.assoc.txt
> > >  assertEquals "80498" `wc -w < $outfn`
> > > -assertEquals "3088496565" `perl -nle 'foreach $x (split(/\s+/,$_)) { 
> > > $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.0f",$sum }' 
> > > $outfn`
> > > +#assertEquals "3088496565" `perl -nle 'foreach $x (split(/\s+/,$_)) 
> > > { $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.0f",$sum }' 
> > > $outfn`
> > >  }
> > >  
> > >  testCenteredRelatednessMatrixissue188() {
> > > @@ -113,7 +113,7 @@ testLMMissue188() {
> > >  $gemma $gemmaopts -b data/issue188/2000 -lmm 2 -k 
> > > output/$outn.cXX.txt -maf 0.01 -o $outn -n 1
> > >  assertEquals 0 $?
> > >  outfn=output/$outn.assoc.txt
> > > -assertEquals "338154001.76" `perl -nle 'foreach $x (split(/\s+/,$_)) 
> > > { $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' 
> > > $outfn`
> > > +#assertEquals "338154001.76" `perl -nle 'foreach $x 
> > > (split(/\s+/,$_)) { $sum += sprintf("%.2f",(substr($x,,0,6))) } END { 
> > > printf "%.2f",$sum }' $outfn`
> > >  }
> > >  
> > >  testCenteredRelatednessMatrixKLOCO1() {
> > > @@ -147,7 +147,7 @@ testUnivariateLinearMixedModelLOCO1() {
> > >  assertEquals 0 $?
> > >  outfn=output/$outn.assoc.txt
> > >  assertEquals "68" `wc -l < $outfn`
> > > -assertEquals "15465346.22" `perl -nle 'foreach $x (split(/\s+/,$_)) 
> > > { $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' 
> > > $outfn`
> > > +#assertEquals "15465346.22" `perl -nle 'foreach $x (split(/\s+/,$_)) 
> > > { $sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' 
> > > $outfn`
> > >  }
> > >  
> > >  testPlinkCenteredRelatednessMatrixKLOCO1() {
> > > @@ -188,7 +188,7 @@ testPlinkUnivariateLinearMixedModelLOCO1() {
> > >  assertEquals 0 $?
> > >  outfn=output/$outn.assoc.txt
> > >  assertEquals "68" `

Bug#991700: [Pkg-javascript-devel] Bug#991700: node-websocket-driver: lots of failures when running upstream tests

[Yadd]

Control: tags -1 + upstream
Control: severity -1 important

Le 30/07/2021 à 13:38, Jérémy Lal a écrit :
> Package: node-websocket-driver
> Version: 0.3.5-1.1
> Severity: serious
> Justification: Policy 2.2.1
> 
> This package does have a test suite, however its test runner
> is not available in debian (jstest).
> 
> However, i installed jstest manually, patched it to avoid trivial
> errors in jstest itself, and was able to run the test suite.
> 
> I attach the results: 10 failures, which gives a software that is
> probably not suitable for release.
> 
> Jérémy

Hi,

running a `npm i && npm test` shows that 16/151 tests are broken. Only
an update could fix this (works fine with 0.7.4).

Cheers,
Yadd

Bug#991728: unblock: gemma/0.98.4+dfsg-4

[Andreas Tille]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: 991...@bugs.debian.org

Please unblock package gemma

[ Reason ]
To fix RC bug #991652 some tests that were causes by rounding errors
had to be disabled.  The patch to do so was provided by upstream so
we are sure that we are not blindly excluding valid tests.

[ Impact ]
Package would not build from source.

[ Tests ]
Build time tests and autopkgtests are working (now).

[ Risks ]
Gemma is a leaf package so the risk to affect other packages is
low.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing


unblock gemma/0.98.4+dfsg-4
diff -Nru gemma-0.98.4+dfsg/debian/changelog gemma-0.98.4+dfsg/debian/changelog
--- gemma-0.98.4+dfsg/debian/changelog  2021-04-07 16:28:38.0 +0200
+++ gemma-0.98.4+dfsg/debian/changelog  2021-07-30 21:53:57.0 +0200
@@ -1,3 +1,14 @@
+gemma (0.98.4+dfsg-4) unstable; urgency=medium
+
+  * Team upload.
+  * Apply patch from upstream who explained:
+changed/disabled some other tests (attached).  The problem is that
+different AMD64 CPUs together with OpenBlas simply give different
+results (mostly SIMD differences).
+Closes: #991652
+
+ -- Andreas Tille   Fri, 30 Jul 2021 21:53:57 +0200
+
 gemma (0.98.4+dfsg-3) unstable; urgency=medium
 
   * Team upload.
diff -Nru 
gemma-0.98.4+dfsg/debian/patches/exclude_assertions_failing_under_some_circumstances.patch
 
gemma-0.98.4+dfsg/debian/patches/exclude_assertions_failing_under_some_circumstances.patch
--- 
gemma-0.98.4+dfsg/debian/patches/exclude_assertions_failing_under_some_circumstances.patch
  2021-04-07 16:28:38.0 +0200
+++ 
gemma-0.98.4+dfsg/debian/patches/exclude_assertions_failing_under_some_circumstances.patch
  2021-07-30 21:53:57.0 +0200
@@ -51,3 +51,88 @@
  }
  
  
+--- a/test/test_suite.sh
 b/test/test_suite.sh
+@@ -27,7 +27,7 @@ testBslmm2() {
+-gk 1 -o $outn
+ assertEquals 0 $?
+ outfn=output/$outn.cXX.txt
+-assertEquals "579.50" `perl -nle 'foreach $x (split(/\s+/,$_)) { $sum += 
sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' $outfn`
++assertEquals "580" `perl -nle 'foreach $x (split(/\s+/,$_)) { $sum += 
sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.0f",$sum }' $outfn`
+ }
+ 
+ testBslmm3() {
+@@ -76,7 +76,7 @@ testBslmm5() {
+-o $outn -seed 100
+ assertEquals 0 $?
+ outfn=output/$outn.prdt.txt
+-assertEquals "571.08" `perl -nle 'foreach $x (split(/\s+/,$_)) { $sum += 
sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' $outfn`
++# assertEquals "571.08" `perl -nle 'foreach $x (split(/\s+/,$_)) { $sum 
+= sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' $outfn`
+ }
+ 
+ testCenteredRelatednessMatrixKFullLOCO1() {
+@@ -88,7 +88,7 @@ testCenteredRelatednessMatrixKFullLOCO1(
+ assertEquals 0 $?
+ outfn=output/$outn.cXX.txt
+ assertEquals "1940" `wc -l < $outfn`
+-assertEquals "2246.49" `perl -nle 'foreach $x (split(/\s+/,$_)) { $sum += 
sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' $outfn`
++# assertEquals "2247" `perl -nle 'foreach $x (split(/\s+/,$_)) { $sum += 
sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.0f",$sum }' $outfn`
+ }
+ 
+ testUnivariateLinearMixedModelFullLOCO1() {
+@@ -106,7 +106,7 @@ testUnivariateLinearMixedModelFullLOCO1(
+ assertEquals 0 $?
+ outfn=output/$outn.assoc.txt
+ assertEquals "951" `wc -l < $outfn`
+-assertEquals "267507852.03" `perl -nle 'foreach $x (split(/\s+/,$_)) { 
$sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' $outfn`
++# assertEquals "267507852.03" `perl -nle 'foreach $x (split(/\s+/,$_)) { 
$sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' $outfn`
+ }
+ 
+ testCenteredRelatednessMatrixK() {
+@@ -118,7 +118,7 @@ testCenteredRelatednessMatrixK() {
+ assertEquals "1940" `wc -l < $outfn`
+ assertEquals "3763600" `wc -w < $outfn`
+ assertEquals "0.335" `head -c 5 $outfn`
+-assertEquals "1119.60" `perl -nle 'foreach $x (split(/\s+/,$_)) { $sum += 
sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' $outfn`
++assertEquals "1120" `perl -nle 'foreach $x (split(/\s+/,$_)) { $sum += 
sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.0f",$sum }' $outfn`
+ }
+ 
+ testUnivariateLinearMixedModel() {
+@@ -134,7 +134,7 @@ testUnivariateLinearMixedModel() {
+ assertEquals 0 $?
+ outfn=output/mouse_hs1940_CD8_lmm.assoc.txt
+ assertEquals "129228" `wc -w < $outfn`
+-assertEquals "4038540440.81" `perl -nle 'foreach $x (split(/\s+/,$_)) { 
$sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$sum }' $outfn`
++# assertEquals "4038540440.81" `perl -nle 'foreach $x (split(/\s+/,$_)) { 
$sum += sprintf("%.2f",(substr($x,,0,6))) } END { printf "%.2f",$su

Bug#991688: mention improved/added man page translations

[Joost van Baal-Ilić]

Hi,

On Fri, Jul 30, 2021 at 09:59:00PM +0200, Paul Gevers wrote:
> On 30-07-2021 18:43, Helge Kreutzmann wrote:
> > If this is the rule now, fine.
> 
> It is not. We have multiple items mentioning backports.

Indeed, I was mistaken, excuse me.

So, Helge suggested:

 During the lifetime of bullseye backports of further improvements /
 translations will be provided within the backports archive, possibly also new
 languages.

I suggest:

 During the lifetime of the bullseye release, backports of further translation
 improvements will be provided via the backports archive.

Justin: is that proper English?

If so, the complete text to include in the introductory section for 2.2 "What's
new in the distribution?"...  would be (Justin B Rye, Helge Kreutzmann, Joost
van Baal-Ilić):

 The manual pages for several projects such as systemd, util-linux,
 OpenSSH, and Mutt in a number of languages, including French, Spanish,
 and Macedonian, have been substantially improved. To benefit from
 this, please install manpages-xx (where xx is the code for your
 preferred natural language).

 During the lifetime of the bullseye release, backports of further
 translation improvements will be provided via the backports archive.

.

Bye,

Joost