Bug#992021: doc8: new upstream release (0.9.0) and homepage

2021-08-08 Thread Paul Wise 
Package: python3-doc8
Version: 0.8.0-4
Severity: wishlist

The current Homepage redirects to a different page:

  https://git.openstack.org/cgit/openstack/doc8
   -> https://opendev.org/openstack/doc8/
   -> https://opendev.org/x/doc8

The final page in this chain of redirects has a plain text redirect:

   This project is no longer maintained in OpenStack.
   
   Please visit PyCQA to raise issues or make contributions:
   
   https://github.com/PyCQA/doc8

The new repository location lists a new release:

   0.9.0 Latest
   Jul 19, 2021

-- 
bye,
pabs

https://wiki.debian.org/PaulWise


signature.asc
Description: This is a digitally signed message part

Bug#992020: ITP: scap-workbench -- Scanning and tailoring tool for SCAP content

2021-08-08 Thread Hideki Yamane 
Package: wnpp
Severity: wishlist
Owner: Hideki Yamane 
X-Debbugs-Cc: debian-de...@lists.debian.org, he...@nerv.fi, k...@debian.org

* Package name: scap-workbench
  Version : 1.2.1
  Upstream Author : Red Hat
* URL : https://www.open-scap.org/tools/scap-workbench/
* License : GPL-3+
  Programming Lang: C++
  Description : Scanning and tailoring tool for SCAP content

 SCAP is a line of standards managed by NIST with the goal of
 providing a standard language for the expression of Computer Network
 Defense related information.
 .
 The main goal of this application is to lower the initial barrier of using
 SCAP. Therefore, the scope of very narrow - scap-workbench only scans a
 single machine and only with XCCDF/SDS (no direct OVAL evaluation).
 The assumption is that this is enough for users who want to scan a few
 machines and users with huge amount of machines to scan will just use
 scap-workbench to test or hand-tune their content before deploying it with
 more advanced (and harder to use) tools like spacewalk.
 .
 Feature highlights:
  * XCCDF 1.1 and 1.2 support
  * Source Data Stream 1.2 support
  * XCCDF 1.2 Tailoring file support
  * Evaluation of local machine
  * Evaluation of remote machine (using ssh)
  * Limited tailoring support - selection and unselection
  * Saving results as XCCDF 1.1 or 1.2 (depending on input) or ARF 1.1


 Note: this package was removed once from archive sicne it depended on
   deprecated Qt4, see 
https://tracker.debian.org/news/1106349/removed-115-1-from-unstable/
   But new upstream version is successfully migrated to Qt5, so push
   it again.

Bug#111013: Cannot reproduce

2021-08-08 Thread Brian Thompson 
I am unable to reproduce the fix that was mentioned in this bug.  I
tried with less and running `export LESS="-r $LESS" and
`export LESS="-R $LESS"`.

Marking as unreproducible for now.
-- 
Best regards,

Brian T


signature.asc
Description: PGP signature

Bug#990763:

2021-08-08 Thread Daniel Black 
Hi,

MDEV-25394 is dissimilar. It is in InnoDB while this appears to be in
the optimizer code.

A new 10.3.31 is coming soon
https://salsa.debian.org/mariadb-team/mariadb-10.3/-/pipelines/273217

The optimizer related fixes in the two version since 10.3.29 are:
https://jira.mariadb.org/issues/?jql=fixVersion%20%20in%20(10.3.30%2C%2010.3.31)%20and%20component%20%3D%20Optimizer

Looking at these bugs I can't see anything that looks particularly equivalent.

So in summary, we do need more information to resolve this. Ideally
this should be a new MDEV project bug on https://jira.mariadb.org/.

The information that would be most useful is:
* the query that caused this. This should of been in the log
* `SHOW CREATE TABLE {tablename}` for the table is the query.
* EXPLAIN EXTENDED {query}; SHOW WARNINGS

The stack trace shows this is occurring as a prepared statement. If
you are willing to risk the availability of the server running this as
a non-prepared statement straight from the mariadb command line that
would be useful as a test point.

If the core file is still available/reproducible the following
additional resolution of the stack traces that will aid MariaDB staff.

 cat >>/etc/apt/sources.list.d/debug.list <<'EOT'
deb http://deb.debian.org/debian-debug buster-debug main contrib non-free
EOT

 apt-get install -y gdb mariadb-server-core-10.3-dbg

gdb /usr/sbin/mysqld core

thread apply all bt full

The dbg symbols and gdb resolution can be on a different server or
even in a container that can access the core.

If this contains confidential information like tablenames (its
unlikely to contain table contents) of your client you can use
https://mariadb.com/kb/en/meta/mariadb-ftp-server/ to make this only
available to MariaDB people for the purpose of debugging this issue.

Bug#992019: RFP: libretro-flycast -- libretro wrapper for Flycast

2021-08-08 Thread mooff 
Package: wnpp
Severity: wishlist
X-Debbugs-Cc: pkg-games-de...@lists.alioth.debian.org, sergio_...@yahoo.com.br, 
mooff@awful.cooking

* Package name: libretro-flycast
  Version : 1.0.0
  Upstream Author : twinaphex 
* URL : https://github.com/libretro/flycast
* License : GPL
  Programming Lang: C++, C
  Description : libretro wrapper for Flycast

Flycast is a multi-platform Sega Dreamcast, Naomi and Atomiswave
emulator derived from reicast.

I love that so many systems are an 'apt install' away on Debian,
would love to see Dreamcast support available too.

(Thanks pabs / emorrp1 for the push to RFP)

Thanks Debian Games maintainers.

Bug#76500: Tagging as wontfix

2021-08-08 Thread Brian Thompson 
There's two separate wishlist items in this bug, split them up into two
separate bugs if you still want this (or anyone for that matter) so that
each one is easier to track.  I'm keeping this bug open for the original
request.

I'm going to tag this as wontfix for now.
-- 
Best regards,

Brian T


signature.asc
Description: PGP signature

Bug#434986: Tagging wontfix

2021-08-08 Thread Brian Thompson 
Since this OP has found another apt cron package to serve his needs,
I've tagged this bug as wontfix.
-- 
Best regards,

Brian T


signature.asc
Description: PGP signature

Bug#992018: RFS: streamlink/2.3.0-1~exp1 -- CLI for extracting video streams from various websites to a video player

2021-08-08 Thread Alexis Murzeau 
Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "streamlink" for a new
upstream version 2.3.0.

 * Package name: streamlink
   Version : 2.3.0-1~exp1
   Upstream Author : Streamlink Team
 * URL : https://streamlink.github.io/
 * License : BSD-2-clause, Apache-2.0, MIT/Expat, SIL-OFL-1.1
   Section : python

It builds those binary packages:

  python3-streamlink - Python module for extracting video streams from
various websites
  python3-streamlink-doc - CLI for extracting video streams from various
websites (documentation)
  streamlink - CLI for extracting video streams from various websites to
a video player

To access further information about this package, please visit the
following URL:
  https://mentors.debian.net/package/streamlink


Alternatively, one can download the package with dget using this command:

  dget -x 
https://mentors.debian.net/debian/pool/main/s/streamlink/streamlink_2.3.0-1~exp1.dsc

Changes since the last upload to experimental:
streamlink (2.3.0-1~exp1) experimental; urgency=medium

  * New upstream version 2.3.0
  * Update patches
  * d/control: rearrange dependencies and remove python3-mock
  * d/rules: fix dh_python3 mapping of python3-requests dependency

 -- Alexis Murzeau   Mon, 09 Aug 2021 00:52:33 +0200


Regards,
-- 
Alexis Murzeau
PGP: B7E6 0EBB 9293 7B06 BDBC  2787 E7BD 1904 F480 937F













signature.asc
Description: OpenPGP digital signature

Bug#992012: dovecot bind error

2021-08-08 Thread John 
Package: dovecot-core
Version: 1:2.3.4.1-5+deb10u6
Debian 10.10

Dovecot fails to start if cloud packages are removed. The service has 
"After=local-fs.target network-online.target". Probably the 
network-online.target is gone, the service started too early, before ip 
addresses are assigned.

Errors:
dovecot[320]: Error: bind(n.n.n.n, 993) failed: Cannot assign requested address
dovecot[320]: Error: service(imap-login): listen(n.n.n.n, 993) failed: Cannot 
assign requested address
dovecot[320]: Error: bind(n:n:n:n:n:n:n:n, 993) failed: Cannot assign requested 
address
dovecot[320]: Error: service(imap-login): listen(n:n:n:n:n:n:n:n, 993) failed: 
Cannot assign requested address
dovecot[320]: Fatal: Failed to start listeners

dovecot.service is defined here:
/etc/systemd/system/multi-user.target.wants/dovecot.service
Below [unit]:
After=local-fs.target network-online.target

This can be fixed by using:
After=local-fs.target network.target

Or by appending " network.target":
After=local-fs.target network-online.target network.target

This may work with or without cloud (not tested with cloud). It fixes the 
problem when cloud functions have been removed.

Activate change:
systemctl daemon-reload

Bug#992017: Correct found versions

2021-08-08 Thread David W. Kennedy 

Control: notfound -1 0.0.23.1-2
Control: found -1 0.0.23.1-5+b1
Control: found -1 0.0.24b-1

Thanks
--
Dave Kennedy

Bug#992017: New upstream release of 0ad - version 0.0.25

2021-08-08 Thread David W. Kennedy 

Package: 0ad
Version: 0.0.23.1-2
Severity: wishlist

Dear Maintainer,

Version 0.0.25 of 0ad was just released.

New Features in version 0.0.25

* Pathfinding and netcode improvements – improved pathfinding,
  performance and reduced game lag
* Order restructuring – players can now push orders to the
  front of their production queues
* Improved unit AI
* New biomes incorporating 2K textures and normal/specular maps
* Initial implementation of single player campaigns
* GUI improvements
* Extended graphics options
* Improved mod support and game filtering in the multiplayer lobby
* Ongoing civilization balancing
* Various other game stability bug fixes and speedups

Source is available at
https://play0ad.com/download/source/

Build instructions are available at
https://trac.wildfiregames.com/wiki/BuildInstructions

Thanks.
--
Dave Kennedy

Bug#992016: RFP: press-sphinx-theme -- a modern responsive theme for python's Sphinx documentation generator

2021-08-08 Thread Matteo F. Vescovi 
Package: wnpp
Severity: wishlist

* Package name: press-sphinx-theme
  Version : 0.8.0
  Upstream Author : Eduardo Naufel Schettino
* URL : https://github.com/schettino72/sphinx_press_theme
* License : MIT
  Programming Lang: Vue mainly
  Description : a modern responsive theme for python's Sphinx documentation 
generator

This theme is based on VuePress. It uses Vue.js & Stylus managed by
vite.

While packaging latest OpenColorIO release (v2.0.1) I clashed on the
mandatory requirement for Sphinx Press Theme to complete the build.

Even if I need it for OCIO, I'm lacking time/knowledge to maintain it in
Debian so I'm looking for a packager/maintainer for this theme.

Thanks in advance.


-- 
Matteo F. Vescovi


signature.asc
Description: PGP signature

Bug#992015: nomacs: in thumbnail preview, nomacs doesn't notice all file removals

2021-08-08 Thread Vincent Lefevre 
Package: nomacs
Version: 3.12.0+dfsg-3
Severity: normal

In the Thumbnail Preview (Shift+T in Panels), when an image file is
removed, Nomacs normally notices this and removes the corresponding
thumbnail. But when multiple files are removed at once (e.g. from a
shell by using the wildcard *), Nomacs removes some of them, but not
all of them. If I double-click on such a thumbnail that hasn't been
removed, then Nomacs can't display it (obviously) and displays the
first image (among all shown thumbnails) instead; then Shift-T puts
the slider at the top (corresponding to the first image) instead of
the last position.

-- System Information:
Debian Release: 11.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'testing-security'), (500, 
'stable-updates'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-8-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=POSIX, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages nomacs depends on:
ii  libc6  2.31-13
ii  libexiv2-270.27.3-3
ii  libgcc-s1  10.2.1-6
ii  libopencv-core4.5  4.5.1+dfsg-5
ii  libopencv-imgproc4.5   4.5.1+dfsg-5
ii  libqt5concurrent5  5.15.2+dfsg-9
ii  libqt5core5a   5.15.2+dfsg-9
ii  libqt5gui5 5.15.2+dfsg-9
ii  libqt5network5 5.15.2+dfsg-9
ii  libqt5printsupport55.15.2+dfsg-9
ii  libqt5svg5 5.15.2-3
ii  libqt5widgets5 5.15.2+dfsg-9
ii  libquazip5-1   0.9.1-1
ii  libraw20   0.20.2-1
ii  libstdc++6 10.2.1-6
ii  libtiff5   4.2.0-1
ii  qt5-image-formats-plugins  5.15.2-2

Versions of packages nomacs recommends:
ii  nomacs-l10n  3.12.0+dfsg-3

nomacs suggests no packages.

-- no debconf information

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Bug#992014: dh-golang: package with extensive file list breaks dh-golang

2021-08-08 Thread Peymaneh Nejad 
Package: dh-golang
Version: 1.51
Severity: important

Hi,

Seems a package with a very extensive module list can break
dh-golang.

this happens when building a new version of
golang-google-cloud[1]:
```
Can't exec "/bin/sh": Argument list too long at /usr/bin/dh_golang line 42.
dh_golang: error: go list -f '{{ range .Deps }}{{.}}
{{ end }}' failed to execute: Argument list too long
make: *** [debian/rules:15: binary] Error 25
dpkg-buildpackage: error: debian/rules binary subprocess returned exit status 2
```

here[2] is an excerpt of the buildlog (whole file is 24000 lines) where the
error occurs. let me know if you need the whole log.

kind regards
Peymaneh

[1] 
https://salsa.debian.org/go-team/packages/golang-google-cloud/-/tree/debian/experimental/
[2] 
https://bin.disroot.org/?53bd23514d7517dc#7U2bbQF3ZtprwtQ6wKNVAbNMmDrL5fYZKbxHPrJNtxTh

Bug#992013: ITP: pystring -- collection of C++ functions for Python's string class methods

2021-08-08 Thread Matteo F. Vescovi 
Package: wnpp
Severity: wishlist
Owner: "Matteo F. Vescovi" 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: pystring
  Version : 1.1.3
  Upstream Author : Sony Imageworks Inc
* URL : https://github.com/imageworks/pystring
* License : BSD-3
  Programming Lang: C++
  Description : collection of C++ functions for Python's string class 
methods

Pystring is a collection of C++ functions which match the interface
and behavior of Python's string class methods using std::string.
Implemented in C++, it does not require or make use of a Python
interpreter. It provides convenience and familiarity for common
string operations not included in the standard C++ library.
It's also useful in environments where both C++ and Python are used.

Overlapping functionality (such as index and slice/substr) of
std::string is included to match Python interfaces.

Pystring is a mandatory dependency for OpenColorIO 2.0 packaging.

I intend to maintain it under the Debian Phototools Team umbrella.


-- 
Matteo F. Vescovi


signature.asc
Description: PGP signature

Bug#992008: ruby-google-protobuf: Missing lib/google/protobuf directory and fails require

2021-08-08 Thread Pirate Praveen 




On Mon, Aug 9, 2021 at 12:12 am, Pirate Praveen 
 wrote:

[copying debian-ruby list]

On Sun, 08 Aug 2021 22:08:39 +0530 Akshay S Dinesh 
 wrote:

> Package: ruby-google-protobuf
> Version: 3.17.3-1
> Severity: grave
> Justification: renders package unusable
>
> Dear Maintainer,
>
> I was trying to install gitlab to reproduce #966653
>
> Installed ruby-google-protobuf from experimental
>
> The pg_query library was erroring at startup,
> with failure to require 'google/protobuf'
>
> I tried to isolate it to debian by `gem install google-protobuf`
>
> It worked correctly with that.
>
> On comparing stable version
> 
http://ftp.debian.org/debian/pool/main/p/protobuf/ruby-google-protobuf_3.12.4-1_amd64.deb

> with the experimental version
> 
http://ftp.debian.org/debian/pool/main/p/protobuf/ruby-google-protobuf_3.17.3-1_amd64.deb

>
> I could see that the latter lacks the 
/2.7.0/gems/lib/google/protobuf directory altogether

>
> The upstream gem at 
https://rubygems.org/downloads/google-protobuf-3.17.3.gem includes

> this lib directory with lots of ruby files
>
> I'm suspecting that this folder is critical to the functioning of 
this package

>

I think this is a problem with gem2deb not including the pure ruby 
files along with the extention. I think we have seen such issues 
before, but don't remember how we fixed it.


Another possibility is that the rules is calling ruby build only in 
override_dh_auto_build-arch.


Adding,
ruby/lib/google usr/lib/ruby/vendor_ruby
to debian/ruby-google-protobuf.install makes require 'google/protobuf' 
to pass. This can be used as a workaround until we figure out why 
gem2deb is not installing these files even though gemspec includes them 
in files.

Bug#947083: Buster backport of bird2

2021-08-08 Thread Kevin Otte 
According to https://tracker.debian.org/pkg/bird2 , this backport was
created in May 2021.

This bug can therefore be closed.

Bug#985187: ffmpeg: reproducible builds: Embeds build path in binaries generated with cl2c

2021-08-08 Thread Sebastian Ramacher 
Control: tags -1 upstream

Hi Vagrant

On 2021-03-13 20:05:47 -0800, Vagrant Cascadian wrote:
> Source: ffmpeg
> Severity: normal
> Tags: patch
> User: reproducible-bui...@lists.alioth.debian.org
> Usertags: buildpath
> X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org
> 
> The build path is embedded in various files generated with tools/cl2c:
> 
>   
> https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/diffoscope-results/ffmpeg.html
> 
>   avgblur.o (shipped in libavfilter.a)
> 
>   #line·1·"/build/1st/ffmpeg-4.3.2/libavfilter/opencl/avgblur.cl"
>   vs.
>   #line·1·"/build/2/ffmpeg-4.3.2/2nd/libavfilter/opencl/avgblur.cl"
> 
> 
> The attached patch fixes this by patching tools/cl2c to use a basename
> in the generated file rather than the full path.
> 
> 
> It builds fine with this patch applied, but someone more familiar with
> ffmpeg should ensure ffmpeg still functions correctly with the patch
> applied.

As this patch touches upstream's build system, please submit it
upstream:

https://ffmpeg.org/developer.html#Contributing

Thanks

Cheers

> 
> 
> Thanks for maintaining ffmpeg!
> 
> live well,
>   vagrant

> From ec49e459797d6e112358566ae083c3bfae801023 Mon Sep 17 00:00:00 2001
> From: Vagrant Cascadian 
> Date: Sat, 13 Mar 2021 03:52:51 +
> Subject: [PATCH] tools/cl2c: Strip full path from input file in embedded
>  output.
> MIME-Version: 1.0
> Content-Type: text/plain; charset=UTF-8
> Content-Transfer-Encoding: 8bit
> 
> Without this patch, the full build path gets embedded into various
> binaries shipped in the package, for example, libavfilter.a contains
> a references to:
> 
>   #line·1·"/build/1st/ffmpeg-4.3.2/libavfilter/opencl/avgblur.cl"
> 
> https://tests.reproducible-builds.org/debian/issues/unstable/captures_build_path_issue.html
> ---
>  tools/cl2c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/tools/cl2c b/tools/cl2c
> index e3f92bab..48444e61 100755
> --- a/tools/cl2c
> +++ b/tools/cl2c
> @@ -23,11 +23,13 @@ input="$1"
>  output="$2"
>  
>  name=$(basename "$input" | sed 's/.cl$//')
> +# Avoid embedded the build path, using only the basename of the input file.
> +base_input=$(basename "$input")
>  
>  cat >$output <  // Generated from $input
>  const char *ff_opencl_source_$name =
> -"#line 1 \"$input\"\n"
> +"#line 1 \"$base_input\"\n"
>  EOF
>  
>  # Convert \ to \\ and " to \", then add " to the start and end of the line.
> -- 
> 2.20.1
> 




-- 
Sebastian Ramacher


signature.asc
Description: PGP signature

Bug#992006: ITP: elixir-nimble-parsec -- simple and fast library for text-based parser combinators

2021-08-08 Thread James Valleroy 
Package: wnpp
Severity: wishlist
Owner: James Valleroy 
X-Debbugs-Cc: debian-de...@lists.debian.org, jvalle...@mailbox.org

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

* Package name: elixir-nimble-parsec
  Version : 1.1.0
  Upstream Author : José Valim 
* URL : https://github.com/dashbitco/nimble_parsec
* License : Apache-2.0
  Programming Lang: Elixir
  Description : simple and fast library for text-based parser combinators

Simple and fast Elixir library for text-based parser combinators.

Combinators are built during runtime and compiled into multiple
clauses with binary matching. This provides benefits of performance,
composability by not relying on macros, no runtime dependency on
NimbleParsec, and no "use" footprints on your modules.

The goal of this library is to focus on a set of primitives for
writing efficient parser combinators. The composition aspect means
you should be able to use those primitives to implement higher level
combinators.

Note this library does not handle low-level binary parsing. In such
cases, Elixir's bitstring syntax is recommended.

This is a dependency of pleroma (RFP #895050). I propose to maintain
it under Erlang team (until there is an Elixir team).

-BEGIN PGP SIGNATURE-

iQJKBAEBCgA0FiEEfWrbdQ+RCFWJSEvmd8DHXntlCAgFAmEP9SUWHGp2YWxsZXJv
eUBtYWlsYm94Lm9yZwAKCRB3wMdee2UICCRkD/9njsnxvEa49YXsEvQzLnZxy97o
/qVvvgMKAOHniul7KDaNxs3Ytxva/y8tgfRbMR+izcWO1rAxuNHTprxtDzrI7p4V
cKtOdSHdDlgcficq03hm168rZMhkF27Kd9T5Yw/rDCuHF56s2Q6fllxHU8xZiGj3
oq5oaA2Dp/RutEsDu3LPlrurtrIiI+eq2O2Zm3Vha8oiOVRF6FSuM3XEguyNKyJS
+FYaal+DPn45FkNhC0luqgEnLGqVU0SiJoOQxnQelQG54YNIHBECM8s6HjG+qGdB
kkKOuZtuBk+/QvqRazLD7F6/Tqj7blw1PDgtpdqCV/t9hr08jX9t4DBl/81ykJCW
95wm4fwik8iqoNSHWQ3bCj9Nhd40SDQwVfGZEytHDmjxKWttwPBmT+JTdA0OOeez
VcT0Nh7U1g3UsejaTK84XODKkPMZ7QXUs1CE4SdYjb7AyNFj7uuXQ1WMrLRuzGEN
jm32gW4BsixhEdUZPfwJ1FNyM1I34osWnFahBxFeWYpq8OA3Jrux9uqIs+2Fdmbj
sgIOvVr9GgZIrSf64mxqvGYdmW+99i0bQ5utQZue7hJvIop4kwEZFO17NsoQMsYv
wjl3JVozjGNCQ5jnChuzm8tOIiNdor/wXu+rZzeyapqrAxBTeheCf0bdX9Y/ojrS
Xu/W9T1kp27zjZfUNQ==
=RsUF
-END PGP SIGNATURE-

Bug#992008: ruby-google-protobuf: Missing lib/google/protobuf directory and fails require

2021-08-08 Thread Pirate Praveen 

[copying debian-ruby list]

On Sun, 08 Aug 2021 22:08:39 +0530 Akshay S Dinesh 
 wrote:

> Package: ruby-google-protobuf
> Version: 3.17.3-1
> Severity: grave
> Justification: renders package unusable
>
> Dear Maintainer,
>
> I was trying to install gitlab to reproduce #966653
>
> Installed ruby-google-protobuf from experimental
>
> The pg_query library was erroring at startup,
> with failure to require 'google/protobuf'
>
> I tried to isolate it to debian by `gem install google-protobuf`
>
> It worked correctly with that.
>
> On comparing stable version
> 
http://ftp.debian.org/debian/pool/main/p/protobuf/ruby-google-protobuf_3.12.4-1_amd64.deb

> with the experimental version
> 
http://ftp.debian.org/debian/pool/main/p/protobuf/ruby-google-protobuf_3.17.3-1_amd64.deb

>
> I could see that the latter lacks the 
/2.7.0/gems/lib/google/protobuf directory altogether

>
> The upstream gem at 
https://rubygems.org/downloads/google-protobuf-3.17.3.gem includes

> this lib directory with lots of ruby files
>
> I'm suspecting that this folder is critical to the functioning of 
this package

>

I think this is a problem with gem2deb not including the pure ruby 
files along with the extention. I think we have seen such issues 
before, but don't remember how we fixed it.


Another possibility is that the rules is calling ruby build only in 
override_dh_auto_build-arch.

Bug#962439: sctk: diff for NMU version 2.4.10-20151007-1312Z+dfsg2-3.1

2021-08-08 Thread Giulio Paci 
Dear Adrian,
   thank you for taking care of this issue.

Several months ago I filed a RFS bug #981030 taking care of this and other
issues. Unfortunately the RFS is still open. If I update the package in
order to include this NMU changes, will you consider sponsoring the package?

Best regards,
Giulio

Il mar 3 ago 2021, 08:51 Adrian Bunk  ha scritto:

> Dear maintainer,
>
> I've prepared an NMU for sctk (versioned as
> 2.4.10-20151007-1312Z+dfsg2-3.1).
> The diff is attached to this message.
>
> cu
> Adrian
>

Bug#992011: libsixel-dev: libsixel-config is in libsixel-bin, should be in libsixel-dev

2021-08-08 Thread Nicolas George 
Package: libsixel-dev
Version: 1.8.6-2
Severity: normal

Dear Maintainer,

The program libsixel-config is meant to provide to build environment the
options necessary to compile and link a program using libsixel. As such,
it should be in the libsixel-dev package instead of the libsixel-bin
package as now.

It would match the various *-config programs: libcurl4-openssl-dev,
libgcrypt20-dev, libpng-dev, libpcre3-dev, etc.

Regards,

-- 
  Nicolas George


-- System Information:
Debian Release: 11.0
  APT prefers testing-security
  APT policy: (500, 'testing-security'), (500, 'stable-updates'), (500, 
'testing'), (500, 'stable'), (50, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-8-amd64 (SMP w/4 CPU threads)
Kernel taint flags: TAINT_FIRMWARE_WORKAROUND
Locale: LANG=C, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libsixel-dev depends on:
ii  libsixel1  1.8.6-2

libsixel-dev recommends no packages.

libsixel-dev suggests no packages.

-- no debconf information


signature.asc
Description: PGP signature

Bug#992010: pipewire: Cracking when playing sounds for Workrave

2021-08-08 Thread Alex Dănilă 
Package: pipewire
Version: 0.3.32-1
Severity: normal

Dear Maintainer,

Since installing Pipewire there are some extra noises when Workrave is playing 
sounds. These are sort of a sort „popping” or „crackling” noises that can be 
heard right before or 
after playing the Workrave jingles. Happened with both the Pipewire package in 
testing and in experimental.

I'm not sure if this is a bug in package Pipewire, in Workrave or maybe in some 
other package. I'm also not sure what other details to include, please advise.

Attached partial outputs of journalctl --user -b | grep -i workrave and 
journalctl --user -b | grep -i pipewire.


-- System Information:
Debian Release: 11.0
  APT prefers testing
  APT policy: (900, 'testing'), (500, 'unstable-debug'), (500, 
'testing-debug'), (500, 'stable'), (500, 'oldstable'), (300, 'unstable'), (100, 
'experimental'), (1, 'experimental-debug')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-8-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=ro_RO.UTF-8, LC_CTYPE=ro_RO.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:fr:ro
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages pipewire depends on:
ii  init-system-helpers  1.60
ii  libpipewire-0.3-modules  0.3.32-1
ii  pipewire-bin 0.3.32-1

pipewire recommends no packages.

pipewire suggests no packages.

-- no debconf information

Bug#992009: golang-google-api-dev: Outdated package

2021-08-08 Thread Peymaneh Nejad 
Package: golang-google-api-dev
Version: 0.28.0-2
Severity: normal

Hi,

I am working on a package that needs 0.83.0 of golang-google-cloud-dev, which in
turn requires minimum 0.47.0 of this package.

I would prepare an updated version of this package for team upload to
experimental. Please let me know if there is issues with this procedure

kind regards
Peymaneh

[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990946

Bug#986104: Reopening bug (fixed in experimental)

2021-08-08 Thread Rafael Laboissière 

Control: reopen -1
Control: tag -1 + fixed-in-experimental
Control: found -1 0.9.8+ds-3

I am hereby reopening this bug report and tagging it accordingly. The 
fixed version was uploaded to experimental and the version currently in 
sid is still impacted by the bug.


Rafael Laboissière

Bug#992008: ruby-google-protobuf: Missing lib/google/protobuf directory and fails require

2021-08-08 Thread Akshay S Dinesh 
Package: ruby-google-protobuf
Version: 3.17.3-1
Severity: grave
Justification: renders package unusable

Dear Maintainer,

I was trying to install gitlab to reproduce #966653

Installed ruby-google-protobuf from experimental

The pg_query library was erroring at startup,
with failure to require 'google/protobuf'

I tried to isolate it to debian by `gem install google-protobuf`

It worked correctly with that.

On comparing stable version
http://ftp.debian.org/debian/pool/main/p/protobuf/ruby-google-protobuf_3.12.4-1_amd64.deb
with the experimental version 
http://ftp.debian.org/debian/pool/main/p/protobuf/ruby-google-protobuf_3.17.3-1_amd64.deb

I could see that the latter lacks the /2.7.0/gems/lib/google/protobuf 
directory altogether

The upstream gem at https://rubygems.org/downloads/google-protobuf-3.17.3.gem 
includes 
this lib directory with lots of ruby files

I'm suspecting that this folder is critical to the functioning of this package


-- System Information:
Debian Release: 11.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-8-amd64 (SMP w/1 CPU thread)
Locale: LANG=en_IN, LC_CTYPE=en_IN (charmap=UTF-8), LANGUAGE=en_IN:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages ruby-google-protobuf depends on:
ii  libc6   2.31-13
ii  libruby2.7  2.7.4-1
ii  ruby1:2.7+2

ruby-google-protobuf recommends no packages.

ruby-google-protobuf suggests no packages.

-- no debconf information

Bug#992007: ITP: q2-longitudinal -- QIIME2 plugin for longitudinal studies and paired comparisons

2021-08-08 Thread Steffen Moeller 
Package: wnpp
Severity: wishlist

Subject: ITP: q2-longitudinal -- QIIME2 plugin for longitudinal studies and 
paired comparisons
Package: wnpp
Owner: Steffen Moeller 
Severity: wishlist

* Package name: q2-longitudinal
  Version : 2020.11.1
  Upstream Author : QIIME 2 development team
* URL : https://qiime2.org/
* License : BSD-3-clause
  Programming Lang: Python
  Description : QIIME2 plugin for longitudinal studies and paired 
comparisons
 QIIME 2 is a powerful, extensible, and decentralized microbiome analysis
 package with a focus on data and analysis transparency. QIIME 2 enables
 researchers to start an analysis with raw DNA sequence data and finish with
 publication-quality figures and statistical results.
 Key features:
  * Integrated and automatic tracking of data provenance
  * Semantic type system
  * Plugin system for extending microbiome analysis functionality
  * Support for multiple types of user interfaces (e.g. API, command line,
 graphical)
 .
 QIIME 2 is a complete redesign and rewrite of the QIIME 1 microbiome analysis
 pipeline. QIIME 2 will address many of the limitations of QIIME 1, while
 retaining the features that makes QIIME 1 a powerful and widely-used analysis
 pipeline.
 .
 QIIME 2 currently supports an initial end-to-end microbiome analysis pipeline.
 New functionality will regularly become available through QIIME 2 plugins. You
 can view a list of plugins that are currently available on the QIIME 2 plugin
 availability page. The future plugins page lists plugins that are being
 developed.

Remark: This package is maintained by Debian Med Packaging Team at
   https://salsa.debian.org/med-team/q2-longitudinal

Bug#951374: RFP: gh -- the GitHub CLI

2021-08-08 Thread Brian Thompson 
> I personally find that "gh" is quite short name for a package that
> will go into a general purpose software catalog like Debian repository. Would
> you mind choosing something like "github-cli" as source and binary
> package name and mentioning the sortcut "gh" in a package description?
> So anyone could find the program by means of `apt-cache search`.
> Acronyms gh and gn (which stands for Google's Generate Ninja) are
> visually similar, and I'm afraid they are easily confused.
>
> What do you make of this proposal?

I like that proposal and think it makes a lot of sense. `gh` does seem
too short, and while easy to identify for current gh users, maybe it
will be more difficult to find in apt for new users. Also, as you
mentioned, a namespace clash in the future seems like an uncommon
occurence.
-- 
Best regards,

Brian T


signature.asc
Description: PGP signature

Bug#991921: linux: Please enable CPUFREQ options for RPi 0/0w/1

2021-08-08 Thread Diederik de Haas 
On donderdag 5 augustus 2021 19:26:09 CEST Diederik de Haas wrote:
> I 'heard' that the schedutil governor is good for big.little CPUs, but

On my amd64 machine (with Ryzen 1800X CPU) 'schedutil' is enabled and set as 
default, so the above statement is a bit too simplistic.

> the RPi 0/0w/1 is only (very) little ;-) so I chose 'ondemand' as
> default governor. Feel free to change that.

What is relevant in this context is that CONFIG_CPU_FREQ_GOV_SCHEDUTIL depends 
on CONFIG_SMP, which is not set on config-5.10.0-8-rpi and it's probably not a 
good idea to change that as the RPi 0, 0w and 1 are all single core.
So 'ondemand' seems to be the proper choice, just for different reasons.

signature.asc
Description: This is a digitally signed message part.

Bug#991984: More information

2021-08-08 Thread Bastien Roucariès 
Hi,

I believe we must follow POSIX way here [1].

May be a note saying that:
sensible-editor may be used in recovering situation. Therefore it could be 
used in case where environment is unset (env -i) or where some filesystems are 
not fully initialised. In this case it should behave like vi under a POSIX 
system. Particularly TERM and HOME may be empty or unset. If sensible-editor 
could not be run in this borderline case it should fail return error 126 in 
order to fallback to safe default (vi)
[1] https://pubs.opengroup.org/onlinepubs/9699919799/utilities/ex.html

signature.asc
Description: This is a digitally signed message part.

Bug#991982: nano does not work with TERM unset

2021-08-08 Thread Bastien Roucariès 
Le dimanche 8 août 2021, 10:04:30 UTC Benno Schulenberg a écrit :
> > $env -i nano
> > command fail because TERM is unset
> 
> I can work around an unset TERM.  But what if TERM=="" or TERM=="nonsense"?
> Checking whether TERM is a valid terminal name goes too far, in my opinion.
> 
> Also, is the 'vt100' terminal description guaranteed to exist?  I ask,
> because 'dumb' and 'vt52' are not good enough for nano (ncurses) to work
> properly, and 'ansi' leaves the cursor invisible on a VTE-based terminal.

I do not know but I think the only sensible way to behave is like vi under 
POSIX (https://pubs.opengroup.org/onlinepubs/9699919799/utilities/ex.html):
TERM
Determine the name of the terminal type. If this variable is unset or 
null, an unspecified default terminal type shall be used.

The other way are broken.


> 
> Benno



signature.asc
Description: This is a digitally signed message part.

Bug#992005: ITP: q2-composition -- QIIME2 plugin for Compositional statistics

2021-08-08 Thread Steffen Moeller 
Package: wnpp
Severity: wishlist

Subject: ITP: q2-composition -- QIIME2 plugin for Compositional statistics
Package: wnpp
Owner: Steffen Moeller 
Severity: wishlist

* Package name: q2-composition
  Version : 2020.11.1
  Upstream Author : QIIME 2 development team
* URL : https://qiime2.org/
* License : BSD-3-clause
  Programming Lang: Python
  Description : QIIME2 plugin for Compositional statistics
 QIIME 2 is a powerful, extensible, and decentralized microbiome analysis
 package with a focus on data and analysis transparency. QIIME 2 enables
 researchers to start an analysis with raw DNA sequence data and finish with
 publication-quality figures and statistical results.
 Key features:
  * Integrated and automatic tracking of data provenance
  * Semantic type system
  * Plugin system for extending microbiome analysis functionality
  * Support for multiple types of user interfaces (e.g. API, command line,
 graphical)
 .
 QIIME 2 is a complete redesign and rewrite of the QIIME 1 microbiome analysis
 pipeline. QIIME 2 will address many of the limitations of QIIME 1, while
 retaining the features that makes QIIME 1 a powerful and widely-used analysis
 pipeline.
 .
 QIIME 2 currently supports an initial end-to-end microbiome analysis pipeline.
 New functionality will regularly become available through QIIME 2 plugins. You
 can view a list of plugins that are currently available on the QIIME 2 plugin
 availability page. The future plugins page lists plugins that are being
 developed.

Remark: This package is maintained by Debian Med Packaging Team at
   https://salsa.debian.org/med-team/q2-composition

Bug#982598: incomplete logs for autopkg tests

2021-08-08 Thread Antonio Terceiro 
On Fri, Feb 12, 2021 at 09:34:43PM +, Holger Levsen wrote:
> On Fri, Feb 12, 2021 at 08:35:11PM +0100, Paul Gevers wrote:
> > Unfortunately, we're hitting infrastructure issues if we don't cap the
> > logs [1]. However, I think we should save the last part (and not the
> > first part) if we have to cap, because normally the failure happens in
> > the end.
> 
> I'd keep a bit from the beginning and a bigger bit from the end. Often the
> beginning is useful too.

Yeah

https://salsa.debian.org/ci-team/debci/-/merge_requests/194

Thanks


signature.asc
Description: PGP signature

Bug#992004: linux-image-5.10.0-8-amd64: UCSI race condition resulting in wrong port state for USB power delivery

2021-08-08 Thread Ian Turner 
Package: src:linux
Version: 5.10.46-3
Severity: normal
Tags: patch upstream
X-Debbugs-Cc: vec...@vectro.org

Dear Maintainer,

Sometimes when the power supply is disconnected, 
/sys/class/power_supply/ADP0/online says "1" even when the cable is 
disconnected.

This issue is fixed upstream in 5.11. See 
https://lore.kernel.org/lkml/20201106104725.gc2785...@kroah.com/ for 
more details.

Regards,

Ian Turner

-- Package-specific info:
** Version:
Linux version 5.10.0-8-amd64 (debian-ker...@lists.debian.org) (gcc-10 (Debian 
10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2) #1 SMP 
Debian 5.10.46-3 (2021-07-28)

** Command line:
BOOT_IMAGE=/vmlinuz-5.10.0-8-amd64 root=/dev/mapper/internal-root ro quiet

** Not tainted

** Kernel log:
Unable to read kernel log; any relevant messages should be attached

** Model information
sys_vendor: LENOVO
product_name: 81YK
product_version: IDEAPAD 5-15IIL05
chassis_vendor: LENOVO
chassis_version: IDEAPAD 5-15IIL05
bios_vendor: LENOVO
bios_version: DPCN52WW
board_vendor: LENOVO
board_name: INVALID
board_version: SDK0K17763 WIN

** Loaded modules:
btrfs
blake2b_generic
xor
raid6_pq
ufs
qnx4
hfsplus
hfs
cdrom
minix
msdos
jfs
xfs
libcrc32c
cpuid
ipheth
apple_mfi_fastcharge
ctr
ccm
rfcomm
cmac
algif_hash
algif_skcipher
af_alg
bnep
btusb
btrtl
btbcm
btintel
bluetooth
jitterentropy_rng
drbg
uvcvideo
videobuf2_vmalloc
videobuf2_memops
videobuf2_v4l2
videobuf2_common
videodev
ansi_cprng
ecdh_generic
mc
ecc
snd_soc_skl_hda_dsp
snd_soc_hdac_hdmi
snd_soc_dmic
mei_hdcp
snd_hda_codec_hdmi
nls_ascii
snd_hda_codec_realtek
nls_cp437
intel_rapl_msr
vfat
fat
snd_hda_codec_generic
snd_sof_pci
snd_sof_intel_byt
snd_sof_intel_ipc
snd_sof_intel_hda_common
snd_sof_xtensa_dsp
snd_sof
snd_sof_intel_hda
snd_soc_hdac_hda
snd_hda_ext_core
snd_soc_acpi_intel_match
snd_soc_acpi
ledtrig_audio
snd_hda_intel
snd_intel_dspcfg
soundwire_intel
soundwire_generic_allocation
snd_soc_core
x86_pkg_temp_thermal
intel_powerclamp
iwlmvm
coretemp
rapl
snd_compress
intel_cstate
soundwire_cadence
intel_uncore
mac80211
serio_raw
pcspkr
efi_pstore
snd_hda_codec
intel_wmi_thunderbolt
wmi_bmof
joydev
snd_hda_core
snd_hwdep
soundwire_bus
snd_pcm
libarc4
iTCO_wdt
intel_pmc_bxt
snd_timer
iTCO_vendor_support
watchdog
snd
iwlwifi
squashfs
soundcore
mei_me
mei
cfg80211
hid_multitouch
processor_thermal_device
ucsi_acpi
intel_rapl_common
typec_ucsi
intel_soc_dts_iosf
typec
tpm_crb
ideapad_laptop
sparse_keymap
rfkill
evdev
int3403_thermal
int340x_thermal_zone
tpm_tis
tpm_tis_core
tpm
intel_pmc_core
int3400_thermal
rng_core
acpi_thermal_rel
ac
acpi_pad
acpi_tad
loop
parport_pc
ppdev
lp
parport
fuse
configfs
efivarfs
ip_tables
x_tables
autofs4
ext4
crc16
mbcache
jbd2
crc32c_generic
dm_crypt
dm_mod
hid_generic
i915
crc32_pclmul
crc32c_intel
ghash_clmulni_intel
ahci
libahci
i2c_algo_bit
drm_kms_helper
xhci_pci
nvme
aesni_intel
libata
xhci_hcd
cec
drm
libaes
crypto_simd
cryptd
nvme_core
glue_helper
scsi_mod
usbcore
t10_pi
crc_t10dif
crct10dif_generic
i2c_i801
i2c_hid
intel_lpss_pci
crct10dif_pclmul
i2c_smbus
hid
crct10dif_common
intel_lpss
idma64
usb_common
wmi
button
battery
video

** PCI devices:
00:00.0 Host bridge [0600]: Intel Corporation Ice Lake-LP Processor Host 
Bridge/DRAM Registers [8086:8a12] (rev 03)
Subsystem: Lenovo Device [17aa:3804]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: icl_uncore

00:02.0 VGA compatible controller [0300]: Intel Corporation Iris Plus Graphics 
G1 (Ice Lake) [8086:8a56] (rev 07) (prog-if 00 [VGA controller])
Subsystem: Lenovo Iris Plus Graphics G1 (Ice Lake) [17aa:3fd9]
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: i915
Kernel modules: i915

00:04.0 Signal processing controller [1180]: Intel Corporation Device 
[8086:8a03] (rev 03)
Subsystem: Lenovo Device [17aa:3808]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: proc_thermal
Kernel modules: processor_thermal_device

00:0d.0 USB controller [0c03]: Intel Corporation Ice Lake Thunderbolt 3 USB 
Controller [8086:8a13] (rev 03) (prog-if 30 [XHCI])
Subsystem: Lenovo Ice Lake Thunderbolt 3 USB Controller [17aa:3801]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort- 
SERR- 
Kernel driver in use: xhci_hcd
Kernel modules: xhci_pci

00:14.0 USB controller [0c03]: Intel Corporation Ice Lake-LP USB 3.1 xHCI Host 
Controller [8086:34ed] (r

Bug#988630: onedrive: Please update to the latest version

2021-08-08 Thread Angelos 
Package: onedrive
Followup-For: Bug #988630
X-Debbugs-Cc: ponokefa...@hotmail.com

Dear maintainers ,

Current version of onedrive (2.4.10-1) has many bugs and it is pretty much
unusable. Please update to the latest version (2.4.13).

Additionally , even its dev can't and won't support this version as it is
mention here -> https://github.com/abraunegg/onedrive/issues/1462.

Thank you for your time.


-- System Information:
Debian Release: 11.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-8-amd64 (SMP w/4 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages onedrive depends on:
ii  init-system-helpers  1.60
ii  libc62.31-13
ii  libgcc-s110.2.1-6
ii  libglib2.0-0 2.66.8-1
ii  libnotify4   0.7.9-3
ii  libphobos2-ldc-shared94  1:1.24.0-2
ii  libsqlite3-0 3.34.1-3

onedrive recommends no packages.

Bug#992000: modsecurity-crs: Needs update to 3.3.2 for CVE-2021-35368

2021-08-08 Thread Frederik Himpe 
Package: modsecurity-crs
Version: 3.3.0-1
Severity: normal

Dear Maintainer,

The version of modsecurity-crs contains a vulnerability and needs to be
updated to 3.3.2 to get the security fix:

https://coreruleset.org/20210630/cve-2021-35368-crs-request-body-bypass/

-- System Information:
Debian Release: 11.0
  APT prefers testing
  APT policy: (800, 'testing'), (750, 'proposed-updates'), (700, 'stable'), 
(600, 'oldstable'), (200, 'unstable'), (160, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-7-amd64 (SMP w/1 CPU thread)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

modsecurity-crs depends on no packages.

Versions of packages modsecurity-crs recommends:
ii  libapache2-mod-security2  2.9.3-3

Versions of packages modsecurity-crs suggests:
pn  geoip-database-contrib  
pn  lua 
pn  python  
ii  ruby1:2.7+2

-- Configuration Files:
/etc/modsecurity/crs/crs-setup.conf changed [not included]

-- no debconf information

-- debsums errors found:
debsums: changed file 
/usr/share/modsecurity-crs/rules/REQUEST-903.9002-WORDPRESS-EXCLUSION-RULES.conf
 (from modsecurity-crs package)

Bug#988477: [Pkg-xen-devel] Bug#988477: Acknowledgement (xen-hypervisor-4.14-amd64: xen dmesg shows (XEN) AMD-Vi: IO_PAGE_FAULT on sata pci device)

2021-08-08 Thread Imre Szőllősi 

  
  
Hi,



2021. 08. 05. 22:46 keltezéssel, Hans
  van Kranenburg írta:


  severity 988477 normal
tags 988477 + moreinfo + upstream - bullseye-ignore
thanks

Hi!

On 6/13/21 3:58 PM, Imre Szőllősi wrote:

  
i tested on 4th hw

4. asus m4n78 pro, phenom ii x4 905e, md raid1, 2x samsung 1TB 860evo, 
lvm: problem does not appear

as i see, not all mb/chipset/sata pcie device affected

  
  
Thanks for your report, and for trying out different combinations of
hardware.

While doing a short internet search about the problems you're seeing
while using AMD ryzen, sata, nvme and iommu, I suspect this problem does
not have a lot to do with Xen specifically, but more with the hardware
and its firmware.

This also means that it's not a Debian packaging problem, and it cannot
be fixed by me (or the Debian Xen team). If you want to research this
problem more, I can maybe be of some help by providing suggestions.
Still, you will have to do all of the actual work, since I do not have
your hardware here.



okay
let's do it 



  

The first thing I would suggest is to try reproduce the problem when
booting with just Linux without Xen, and then trying the dbench test.



so, i don't write some scenarios, when the problem does not
  appear, here are them:

- without xen. no xen dmesg either, but simple dmesg do not show
  anything, dbench runs fine, the
filesystem will not be read-only state.

 
- debian 10. this probably means something changed in xen or
  kernel or both between buster and bullseye, which causes.

- using another pcie sata controller. the another pcie device has
  only 1 function, while the onboard device has 3 functions:

01:00.0 USB controller: Advanced Micro Devices, Inc. [AMD] Device
  43ee
  01:00.1 SATA controller: Advanced Micro Devices, Inc. [AMD] Device
  43eb
  01:00.2 PCI bridge: Advanced Micro Devices, Inc. [AMD] Device 43e9
  




  

If you don't actually need to directly pass-through hardware to a Xen
guest, you can also try disabling iommu,



when i disable iommu in bios, the xen dmesg messages changes to
  these:

  
  (XEN) CPU4: No irq handler for vector 7c (IRQ -2147483648, LAPIC)
  (XEN) CPU10: No irq handler for vector ee (IRQ -2147483648, LAPIC)
  (XEN) CPU4: No irq handler for vector bd (IRQ -2147483648, LAPIC)
  (XEN) CPU9: No irq handler for vector 2c (IRQ -2147483648, LAPIC)
  (XEN) CPU4: No irq handler for vector cc (IRQ -90, LAPIC)
  (XEN) IRQ89 a=0010[0010,] v=ec[] t=PCI-MSI s=0010
  (XEN) CPU0: No irq handler for vector af (IRQ -2147483648, LAPIC)
  (XEN) CPU2: No irq handler for vector 62 (IRQ -90, LAPIC)
  (XEN) IRQ89 a=0001[0001,] v=72[] t=PCI-MSI s=0030
  (XEN) CPU4: No irq handler for vector b2 (IRQ -2147483648, LAPIC)
  (XEN) CPU0: No irq handler for vector 84 (IRQ -2147483648, LAPIC)
  (XEN) CPU4: No irq handler for vector 4e (IRQ -2147483648, LAPIC)
  (XEN) CPU8: No irq handler for vector de (IRQ -2147483648, LAPIC)
  (XEN) CPU4: No irq handler for vector 68 (IRQ -2147483648, LAPIC)
  (XEN) CPU8: No irq handler for vector b6 (IRQ -90, LAPIC)
  (XEN) IRQ89 a=0040[0040,] v=c6[] t=PCI-MSI s=0030
  (XEN) CPU10: No irq handler for vector 72 (IRQ -2147483648, LAPIC)
  (XEN) CPU2: No irq handler for vector ec (IRQ -69, LAPIC)
  (XEN) IRQ68 a=0004[0004,0400] v=3d[ec] t=PCI-MSI s=0010
  (XEN) CPU10: No irq handler for vector e5 (IRQ -90, LAPIC)
  (XEN) IRQ89 a=0100[0100,] v=ed[] t=PCI-MSI s=0030
  (XEN) CPU10: No irq handler for vector d1 (IRQ -2147483648, LAPIC)
  (XEN) CPU10: No irq handler for vector 5a (IRQ -2147483648, LAPIC)
  (XEN) CPU0: No irq handler for vector 7b (IRQ -69, LAPIC)
  (XEN) IRQ68 a=0001[0001,0400] v=a3[7b] t=PCI-MSI s=0010
  (XEN) CPU8: No irq handler for vector bb (IRQ -2147483648, LAPIC)
  (XEN) CPU8: No irq handler for vector 6c (IRQ -90, LAPIC)
  (XEN) IRQ89 a=0040[0040,] v=74[] t=PCI-MSI s=0030
  (XEN) CPU4: No irq handler for vector 86 (IRQ -2147483648, LAPIC)
  (XEN) CPU8: No irq handler for vector 29 (IRQ -70, LAPIC)
  (XEN) IRQ69 a=0040[0040,0001] v=31[a8] t=PCI-MSI/-X s=0030
  (XEN) CPU8: No irq handler for vector 8b (IRQ -2147483648, LAPIC)
  (XEN) CPU4: No irq handler for vector 2c (IRQ -69, LAPIC)
  (XEN) IRQ68 a=0010[0010,0400] v=44[2c] t=PCI-MSI s=0010
  (XEN) CPU2: No irq handler for vector ef (IRQ -2147483648, LAPIC)
  (XEN) CPU0: No irq handler for vector c8 (IRQ -90, LAPIC)
  (XEN) IRQ89 a=0001[0001,] v=e8[] t=PCI-MSI s=0010
  (XEN) CPU2: No irq handler for vector 41 (IRQ -2147483648, LAPIC)
  (XEN) CPU8: No irq handler f

Bug#992002: [PATCH][Debian#992002] tbl: allow two-character fonts and format fonts in -Thtml

2021-08-08 Thread наб 
Hi!

tbl's -Thtml ignores font requests; additionally, the tbl f-request
parser only allows single-character fonts. Cf. the Debian bug
(http://bugs.debian.org/992002) for additional context.

Please consider the following patch.
наб

---
With this patch, the following document:
-- >8 --
.Dd
.Dt V 1
.Os
.
\fBtext\fItext\f(BItext\f(CRtext\f(CBtext\f(CItext\fR
.Pp
.TS
lfB lfI lfBI lb li lbi lfCR lfCB lfCI .
texttexttexttexttexttexttexttexttext
.TE
-- >8 --

Renders to a teletype with the expected fonts:
  b, ul, bul;  b, ul, bul;  normal, b, ul

-Thtml -Ofragment yields, as expected:
-- >8 --

  
V(1)
General Commands Manual
V(1)
  

texttexttexttexttexttext


  
text
text
text
text
text
text
text
text
text
  



  
August 8, 2021
Debian
  

-- >8 --

--- mdocml-1.14.5.orig/tbl.7
+++ mdocml-1.14.5/tbl.7
@@ -178,10 +178,11 @@ of any other column also having the
 .Cm e
 modifier.
 .It Cm f
-The next character selects the font to use for this cell.
+The next two characters select the font to use for this cell.
+One-character font names must be followed by a blank or period.
 See the
 .Xr roff 7
-manual for supported one-character font names.
+manual for supported font names.
 .It Cm i
 Use an italic font for the contents of this cell.
 .It Cm m
--- mdocml-1.14.5.orig/tbl.h
+++ mdocml-1.14.5/tbl.h
@@ -59,12 +59,13 @@ struct  tbl_cell {
int   flags;
 #defineTBL_CELL_BOLD(1 << 0)   /* b, B, fB */
 #defineTBL_CELL_ITALIC  (1 << 1)   /* i, I, fI */
-#defineTBL_CELL_TALIGN  (1 << 2)   /* t, T */
-#defineTBL_CELL_UP  (1 << 3)   /* u, U */
-#defineTBL_CELL_BALIGN  (1 << 4)   /* d, D */
-#defineTBL_CELL_WIGN(1 << 5)   /* z, Z */
-#defineTBL_CELL_EQUAL   (1 << 6)   /* e, E */
-#defineTBL_CELL_WMAX(1 << 7)   /* x, X */
+#defineTBL_CELL_FONTCW  (1 << 2)   /* fC[RBI] */
+#defineTBL_CELL_TALIGN  (1 << 3)   /* t, T */
+#defineTBL_CELL_UP  (1 << 4)   /* u, U */
+#defineTBL_CELL_BALIGN  (1 << 5)   /* d, D */
+#defineTBL_CELL_WIGN(1 << 6)   /* z, Z */
+#defineTBL_CELL_EQUAL   (1 << 7)   /* e, E */
+#defineTBL_CELL_WMAX(1 << 8)   /* x, X */
enum tbl_celltpos;
 };
 
--- mdocml-1.14.5.orig/tbl_html.c
+++ mdocml-1.14.5/tbl_html.c
@@ -25,6 +25,7 @@
 #include 
 
 #include "mandoc.h"
+#include "mandoc_aux.h"
 #include "tbl.h"
 #include "out.h"
 #include "html.h"
@@ -218,6 +219,7 @@ print_tbl(struct html *h, const struct t
else
valign = NULL;
 
+   int flags = cp->flags;
for (i = dp->hspans; i > 0; i--)
cp = cp->next;
switch (cp->vert) {
@@ -239,8 +241,36 @@ print_tbl(struct html *h, const struct t
"vertical-align", valign,
"text-align", halign,
"border-right-style", rborder);
-   if (dp->string != NULL)
-   print_text(h, dp->string);
+   if (dp->string != NULL) {
+   const char *font = NULL;
+   switch (flags & (TBL_CELL_BOLD | TBL_CELL_ITALIC | 
TBL_CELL_FONTCW)) {
+   case TBL_CELL_BOLD:
+   font = "\\fB";
+   break;
+   case TBL_CELL_ITALIC:
+   font = "\\fI";
+   break;
+   case TBL_CELL_BOLD | TBL_CELL_ITALIC:
+   font = "\\f(BI";
+   break;
+   case TBL_CELL_FONTCW:
+   font = "\\f(CR";
+   break;
+   case TBL_CELL_FONTCW | TBL_CELL_BOLD:
+   font = "\\f(CB";
+   break;
+   case TBL_CELL_FONTCW | TBL_CELL_ITALIC:
+   font = "\\f(CI";
+   break;
+   }
+   if (font) {
+   char *str;
+   mandoc_asprintf(&str, "%s%s\\fP", font, 
dp->string);
+   print_text(h, str);
+   free(str);
+   } else
+   print_text(h, dp->string);
+   }
}
 
print_tagq(h, tt);
--- mdocml-1.14.5.orig/tbl_layout.c
+++ mdocml-1.14.5/tbl_layout.c
@@ -170,9 +170,7 @@ mod:
if (p[*pos] == '(')
goto mod;
 
-   /* Support only one-character font-names for now. */
-
-   if (p[*pos] == '\0' || (p[*pos + 1] != ' ' &&

Bug#992003: package singular 4.2.0p3 in experimental?

2021-08-08 Thread Tobias Hansen 
Source: singular
Version: 1:4.1.2-p1+ds-2
Severity: wishlist

Hi Jerome,

I started packaging sagemath 9.4 and they are using singular 4.2.0p3 at the 
moment. It seems tricky to get it to work with anything else than this version. 
It would be great if we had it in experimental.

Best wishes,
Tobias

Bug#992002: mandoc: -Thtml: tbl font requests ignored

2021-08-08 Thread Michael Stapelberg 
Can you send your patches to upstream directly please?
See https://mandoc.bsd.lv/contact.html

It’s awkward for Debian maintainers to sit in the middle.
Thanks!

On Sun, 8 Aug 2021 at 14:51, наб  wrote:

> Control: retitle -1 mandoc: -Thtml: tbl font requests ignored
> Control: tags -1 + patch
>
> Easy enough, oddly. Patch attached, applies cleanly on top of 1.22.4-6.
> Please consider it.
>
> Given the following document:
> -- >8 --
> .Dd
> .Dt V 1
> .Os
> .
> \fBtext\fItext\f(BItext\f(CRtext\f(CBtext\f(CItext\fR
> .Pp
> .TS
> lfB lfI lfBI lb li lbi lfCR lfCB lfCI .
> texttexttexttexttexttexttexttexttext
> .TE
> -- >8 --
>
> When rendering to a teletype, the fonts are
>   b, ul, bul;  b, ul, bul;  normal, b, ul
> this is as expected!
>
> -Thtml -Ofragment yields
> -- >8 --
> 
>   
> V(1)
> General Commands Manual
> V(1)
>   
> 
> texttexttext class="Li">texttexttext
> 
> 
>   
> text
> text
> text
> text
> text
> text
> text
> text
> text
>   
> 
> 
> 
>   
> August 8, 2021
> Debian
>   
> 
> -- >8 --
>
> This is, also, as expected, if suboptimal because of the general
> HTML \fC[BI] handling.
>
> Best,
> наб
> --- mdocml-1.14.5.orig/tbl.7
> +++ mdocml-1.14.5/tbl.7
> @@ -178,10 +178,11 @@ of any other column also having the
>  .Cm e
>  modifier.
>  .It Cm f
> -The next character selects the font to use for this cell.
> +The next two characters select the font to use for this cell.
> +One-character font names must be followed by a blank or period.
>  See the
>  .Xr roff 7
> -manual for supported one-character font names.
> +manual for supported font names.
>  .It Cm i
>  Use an italic font for the contents of this cell.
>  .It Cm m
> --- mdocml-1.14.5.orig/tbl.h
> +++ mdocml-1.14.5/tbl.h
> @@ -59,12 +59,13 @@ struct  tbl_cell {
> int   flags;
>  #defineTBL_CELL_BOLD(1 << 0)   /* b, B, fB */
>  #defineTBL_CELL_ITALIC  (1 << 1)   /* i, I, fI */
> -#defineTBL_CELL_TALIGN  (1 << 2)   /* t, T */
> -#defineTBL_CELL_UP  (1 << 3)   /* u, U */
> -#defineTBL_CELL_BALIGN  (1 << 4)   /* d, D */
> -#defineTBL_CELL_WIGN(1 << 5)   /* z, Z */
> -#defineTBL_CELL_EQUAL   (1 << 6)   /* e, E */
> -#defineTBL_CELL_WMAX(1 << 7)   /* x, X */
> +#defineTBL_CELL_FONTCW  (1 << 2)   /* fC[RBI] */
> +#defineTBL_CELL_TALIGN  (1 << 3)   /* t, T */
> +#defineTBL_CELL_UP  (1 << 4)   /* u, U */
> +#defineTBL_CELL_BALIGN  (1 << 5)   /* d, D */
> +#defineTBL_CELL_WIGN(1 << 6)   /* z, Z */
> +#defineTBL_CELL_EQUAL   (1 << 7)   /* e, E */
> +#defineTBL_CELL_WMAX(1 << 8)   /* x, X */
> enum tbl_celltpos;
>  };
>
> --- mdocml-1.14.5.orig/tbl_html.c
> +++ mdocml-1.14.5/tbl_html.c
> @@ -25,6 +25,7 @@
>  #include 
>
>  #include "mandoc.h"
> +#include "mandoc_aux.h"
>  #include "tbl.h"
>  #include "out.h"
>  #include "html.h"
> @@ -218,6 +219,7 @@ print_tbl(struct html *h, const struct t
> else
> valign = NULL;
>
> +   int flags = cp->flags;
> for (i = dp->hspans; i > 0; i--)
> cp = cp->next;
> switch (cp->vert) {
> @@ -239,8 +241,36 @@ print_tbl(struct html *h, const struct t
> "vertical-align", valign,
> "text-align", halign,
> "border-right-style", rborder);
> -   if (dp->string != NULL)
> -   print_text(h, dp->string);
> +   if (dp->string != NULL) {
> +   const char *font = NULL;
> +   switch (flags & (TBL_CELL_BOLD | TBL_CELL_ITALIC |
> TBL_CELL_FONTCW)) {
> +   case TBL_CELL_BOLD:
> +   font = "\\fB";
> +   break;
> +   case TBL_CELL_ITALIC:
> +   font = "\\fI";
> +   break;
> +   case TBL_CELL_BOLD | TBL_CELL_ITALIC:
> +   font = "\\f(BI";
> +   break;
> +   case TBL_CELL_FONTCW:
> +   font = "\\f(CR";
> +   break;
> +   case TBL_CELL_FONTCW | TBL_CELL_BOLD:
> +   font = "\\f(CB";
> +   break;
> +   case TBL_CELL_FONTCW | TBL_CELL_ITALIC:
> +   font = "\\f(CI";
> +   break;
> +   }
> +   if (font) {
> +   char *str;
> +   mandoc_asprintf(&str,

Bug#992002: mandoc: -Thtml: tbl font requests ignored

2021-08-08 Thread наб 
Control: retitle -1 mandoc: -Thtml: tbl font requests ignored
Control: tags -1 + patch

Easy enough, oddly. Patch attached, applies cleanly on top of 1.22.4-6.
Please consider it.

Given the following document:
-- >8 --
.Dd
.Dt V 1
.Os
.
\fBtext\fItext\f(BItext\f(CRtext\f(CBtext\f(CItext\fR
.Pp
.TS
lfB lfI lfBI lb li lbi lfCR lfCB lfCI .
texttexttexttexttexttexttexttexttext
.TE
-- >8 --

When rendering to a teletype, the fonts are
  b, ul, bul;  b, ul, bul;  normal, b, ul
this is as expected!

-Thtml -Ofragment yields
-- >8 --

  
V(1)
General Commands Manual
V(1)
  

texttexttexttexttexttext


  
text
text
text
text
text
text
text
text
text
  



  
August 8, 2021
Debian
  

-- >8 --

This is, also, as expected, if suboptimal because of the general
HTML \fC[BI] handling.

Best,
наб
--- mdocml-1.14.5.orig/tbl.7
+++ mdocml-1.14.5/tbl.7
@@ -178,10 +178,11 @@ of any other column also having the
 .Cm e
 modifier.
 .It Cm f
-The next character selects the font to use for this cell.
+The next two characters select the font to use for this cell.
+One-character font names must be followed by a blank or period.
 See the
 .Xr roff 7
-manual for supported one-character font names.
+manual for supported font names.
 .It Cm i
 Use an italic font for the contents of this cell.
 .It Cm m
--- mdocml-1.14.5.orig/tbl.h
+++ mdocml-1.14.5/tbl.h
@@ -59,12 +59,13 @@ struct  tbl_cell {
int   flags;
 #defineTBL_CELL_BOLD(1 << 0)   /* b, B, fB */
 #defineTBL_CELL_ITALIC  (1 << 1)   /* i, I, fI */
-#defineTBL_CELL_TALIGN  (1 << 2)   /* t, T */
-#defineTBL_CELL_UP  (1 << 3)   /* u, U */
-#defineTBL_CELL_BALIGN  (1 << 4)   /* d, D */
-#defineTBL_CELL_WIGN(1 << 5)   /* z, Z */
-#defineTBL_CELL_EQUAL   (1 << 6)   /* e, E */
-#defineTBL_CELL_WMAX(1 << 7)   /* x, X */
+#defineTBL_CELL_FONTCW  (1 << 2)   /* fC[RBI] */
+#defineTBL_CELL_TALIGN  (1 << 3)   /* t, T */
+#defineTBL_CELL_UP  (1 << 4)   /* u, U */
+#defineTBL_CELL_BALIGN  (1 << 5)   /* d, D */
+#defineTBL_CELL_WIGN(1 << 6)   /* z, Z */
+#defineTBL_CELL_EQUAL   (1 << 7)   /* e, E */
+#defineTBL_CELL_WMAX(1 << 8)   /* x, X */
enum tbl_celltpos;
 };
 
--- mdocml-1.14.5.orig/tbl_html.c
+++ mdocml-1.14.5/tbl_html.c
@@ -25,6 +25,7 @@
 #include 
 
 #include "mandoc.h"
+#include "mandoc_aux.h"
 #include "tbl.h"
 #include "out.h"
 #include "html.h"
@@ -218,6 +219,7 @@ print_tbl(struct html *h, const struct t
else
valign = NULL;
 
+   int flags = cp->flags;
for (i = dp->hspans; i > 0; i--)
cp = cp->next;
switch (cp->vert) {
@@ -239,8 +241,36 @@ print_tbl(struct html *h, const struct t
"vertical-align", valign,
"text-align", halign,
"border-right-style", rborder);
-   if (dp->string != NULL)
-   print_text(h, dp->string);
+   if (dp->string != NULL) {
+   const char *font = NULL;
+   switch (flags & (TBL_CELL_BOLD | TBL_CELL_ITALIC | 
TBL_CELL_FONTCW)) {
+   case TBL_CELL_BOLD:
+   font = "\\fB";
+   break;
+   case TBL_CELL_ITALIC:
+   font = "\\fI";
+   break;
+   case TBL_CELL_BOLD | TBL_CELL_ITALIC:
+   font = "\\f(BI";
+   break;
+   case TBL_CELL_FONTCW:
+   font = "\\f(CR";
+   break;
+   case TBL_CELL_FONTCW | TBL_CELL_BOLD:
+   font = "\\f(CB";
+   break;
+   case TBL_CELL_FONTCW | TBL_CELL_ITALIC:
+   font = "\\f(CI";
+   break;
+   }
+   if (font) {
+   char *str;
+   mandoc_asprintf(&str, "%s%s\\fP", font, 
dp->string);
+   print_text(h, str);
+   free(str);
+   } else
+   print_text(h, dp->string);
+   }
}
 
print_tagq(h, tt);
--- mdocml-1.14.5.orig/tbl_layout.c
+++ mdocml-1.14.5/tbl_layout.c
@@ -170,9 +170,7 @@ mod:
if (p[*pos] == '(')
goto mod;
 
-   /* Support only one-character font-names for now. */
-
-   if (p[*pos

Bug#991971: [pkg-lynx-maint] Bug#991971: Bug#991971: [CVE-2021-38165] lynx: bug in SSL certificate validation -> leaks password in clear text via SNI (under some circumstances)

2021-08-08 Thread Axel Beckert 
Hi Salvatore,

Salvatore Bonaccorso wrote:
> > > bullseye-security is operational, so we can do both at the same time
> > > so that bullseye will be fixed from day one.
> > 
> > That'd be great, thanks!
> > 
> > Feel free to base the security upload upon 2.9.0dev.6-3 which I
> > uploaded just recently. From my point of view nothing except the first
> > and last line of the debian/changelog entry needs to be changed for
> > bullseye-security.
> 
> Do I understand correctly you currently have not capactity to prepare
> that upload?

Yes, but I also wasn't aware that I could do that upload.

> If so I can happily chime in, but if you as maintainr
> will that will be perfectly preferable.

I'm bit short of time for the rest of the day, so it'd be nice if
someone else could do that upload.

> If so: I suggest: just do a ~deb11u1 on top of the current unstable
> upload, with changelog entry "Rebuild for bullseye-security", then
> pass -v2.9.0dev.6-2 to dpkg-genchanges invocation, to include all
> changelog entries from 2.9.0dev.6-3 up to 2.9.0dev.6-3~deb11u1 in to
> changes file. Make sure to build with -sa, as lynx/2.9.0dev.6 is new
> for dak on security-master.

Interesting. I'd have done a 2.9.0dev.6-2+deb11u1 by reusing the
2.9.0dev.6-3 upload and just modifying the changelog entry. I thought
that would be cleaner. But I'm fine with both variants.

> > I can also look into how well the patch applies to buster's version of
> > Lynx, but it might take until Monday.
> 
> Thank you!

Do they need to go into the same DSA?

Regards, Axel
-- 
 ,''`.  |  Axel Beckert , https://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-|  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE


signature.asc
Description: PGP signature

Bug#991971: [pkg-lynx-maint] Bug#991971: [CVE-2021-38165] lynx: bug in SSL certificate validation -> leaks password in clear text via SNI (under some circumstances)

2021-08-08 Thread Salvatore Bonaccorso 
Axel,

On Sun, Aug 08, 2021 at 12:14:16PM +0200, Axel Beckert wrote:
> Hi Moritz,
> 
> Moritz Mühlenhoff wrote:
> > > Security Team: Do you think the fix for CVE-2021-38165 should get a
> > > DSA? Or do you think it's not important enough and we should target a
> > > minor stable update for it?
> > 
> > This breaks a pretty fundamental security assumption for a browser,
> 
> Ack.
> 
> > so we should fix it via -security, even though lynx is a fringe
> > browser.
> 
> Good. Anything which gets the fix into bullseye (and preferably also
> buster) rather sooner than later is fine for me.
> 
> > bullseye-security is operational, so we can do both at the same time
> > so that bullseye will be fixed from day one.
> 
> That'd be great, thanks!
> 
> Feel free to base the security upload upon 2.9.0dev.6-3 which I
> uploaded just recently. From my point of view nothing except the first
> and last line of the debian/changelog entry needs to be changed for
> bullseye-security.

Do I understand correctly you currently have not capactity to prepare
that upload? If so I can happily chime in, but if you as maintainr
will that will be perfectly preferable. If so: I suggest: just do a
~deb11u1 on top of the current unstable upload, with changelog entry
"Rebuild for bullseye-security", then pass -v2.9.0dev.6-2 to
dpkg-genchanges invocation, to include all changelog entries from
2.9.0dev.6-3 up to 2.9.0dev.6-3~deb11u1 in to changes file. Make sure
to build with -sa, as lynx/2.9.0dev.6 is new for dak on
security-master.

> 
> I can also look into how well the patch applies to buster's version of
> Lynx, but it might take until Monday.

Thank you!

Salvatore

Bug#991982: nano does not work with TERM unset

2021-08-08 Thread Benno Schulenberg 

> $env -i nano
> command fail because TERM is unset

I can work around an unset TERM.  But what if TERM=="" or TERM=="nonsense"?
Checking whether TERM is a valid terminal name goes too far, in my opinion.

Also, is the 'vt100' terminal description guaranteed to exist?  I ask,
because 'dumb' and 'vt52' are not good enough for nano (ncurses) to work
properly, and 'ansi' leaves the cursor invisible on a VTE-based terminal.

Benno



OpenPGP_signature
Description: OpenPGP digital signature

Bug#991971: [pkg-lynx-maint] Bug#991971: [CVE-2021-38165] lynx: bug in SSL certificate validation -> leaks password in clear text via SNI (under some circumstances)

2021-08-08 Thread Axel Beckert 
Hi Moritz,

Moritz Mühlenhoff wrote:
> > Security Team: Do you think the fix for CVE-2021-38165 should get a
> > DSA? Or do you think it's not important enough and we should target a
> > minor stable update for it?
> 
> This breaks a pretty fundamental security assumption for a browser,

Ack.

> so we should fix it via -security, even though lynx is a fringe
> browser.

Good. Anything which gets the fix into bullseye (and preferably also
buster) rather sooner than later is fine for me.

> bullseye-security is operational, so we can do both at the same time
> so that bullseye will be fixed from day one.

That'd be great, thanks!

Feel free to base the security upload upon 2.9.0dev.6-3 which I
uploaded just recently. From my point of view nothing except the first
and last line of the debian/changelog entry needs to be changed for
bullseye-security.

I can also look into how well the patch applies to buster's version of
Lynx, but it might take until Monday.

Regards, Axel
-- 
 ,''`.  |  Axel Beckert , https://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-|  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE


signature.asc
Description: PGP signature

Bug#991913: miredo: package disappear from buster repository

2021-08-08 Thread Stéphane Glondu 
Le 05/08/2021 à 11:07, R4SAS a écrit :
> Tags: a11y

Why this tag?

> Package miredo is not available in buster distribution via apt. But
> package exist in repository.

miredo is not part of buster because it was not in testing at the time
of its release, because of a RC bug (#924311). See:
https://tracker.debian.org/pkg/miredo

> Looks like packages list in official repository is malformed.

No. There is one package list per suite.


Cheers,

-- 
Stéphane

Bug#992001: zfs-dkms: ZFS_META_GITREV is "unknown"

2021-08-08 Thread Rich Ercolani 
Package: zfs-dkms
Version: 2.0.3-8~bpo10+1
Severity: minor

Dear Maintainer,

I was curious what versions of ZFS I had imported a given pool with, so I asked 
zpool history -i, and to my surprise, its log entries had "software version 
unknown".

Specifically (note that I believe the entries with "5000/5" were the 0.7.X 
behavior, as the commit to change it to report this only landed in 0.8.0):
[...]
2019-10-05.17:12:02 [txg:7593983] open pool version 5000; software version 
5000/5; uts steamer 4.19.0-6-amd64 #1 SMP Debian 4.19.67-2+deb10u1 (2019-09-20) 
x86_64 [on steamer]
2019-10-05.17:12:03 [txg:7593985] import pool version 5000; software version 
5000/5; uts steamer 4.19.0-6-amd64 #1 SMP Debian 4.19.67-2+deb10u1 (2019-09-20) 
x86_64 [on steamer]
2019-10-05.17:32:29 [txg:7593993] open pool version 5000; software version 
unknown; uts steamer 4.19.0-6-amd64 #1 SMP Debian 4.19.67-2+deb10u1 
(2019-09-20) x86_64 [on steamer]
2019-10-05.17:32:30 [txg:7593995] import pool version 5000; software version 
unknown; uts steamer 4.19.0-6-amd64 #1 SMP Debian 4.19.67-2+deb10u1 
(2019-09-20) x86_64 [on steamer]
2020-01-18.19:19:01 [txg:9253815] open pool version 5000; software version 
unknown; uts steamer 4.19.0-6-amd64 #1 SMP Debian 4.19.67-2+deb10u2 
(2019-11-11) x86_64 [on steamer]
2020-01-18.19:19:01 [txg:9253817] import pool version 5000; software version 
unknown; uts steamer 4.19.0-6-amd64 #1 SMP Debian 4.19.67-2+deb10u2 
(2019-11-11) x86_64 [on steamer]
2020-02-18.21:05:14 [txg:9613049] open pool version 5000; software version 
unknown; uts steamer 4.19.0-8-amd64 #1 SMP Debian 4.19.98-1 (2020-01-26) x86_64 
[on steamer]
[...]
2021-07-12.17:28:29 [txg:16603822] import pool version 5000; software version 
unknown; uts steamer 4.19.0-17-amd64 #1 SMP Debian 4.19.194-2 (2021-06-21) 
x86_64 [on steamer]
2021-08-01.00:19:47 [txg:16905495] open pool version 5000; software version 
unknown; uts steamer 4.19.0-17-amd64 #1 SMP Debian 4.19.194-3 (2021-07-18) 
x86_64 [on steamer]
2021-08-01.00:19:47 [txg:16905497] import pool version 5000; software version 
unknown; uts steamer 4.19.0-17-amd64 #1 SMP Debian 4.19.194-3 (2021-07-18) 
x86_64 [on steamer]

I swapped over from backports-provided 0.8.X to 2.0.X approximately May 15th, 
with no change in that output.

(I also just filed a bug upstream about some releases having incorrect values 
in include/zfs_gitrev.h - including 2.0.3. Oops.)

A value that conveys the package version (or, at least, the upstream version, 
if that's not feasible) would be useful for answering things like "did this 
pool ever see X buggy version?" after the fact, perhaps after historical 
syslogs are no longer available to infer from module load.

- Rich

-- System Information:
Debian Release: 10.10
  APT prefers stable-updates
  APT policy: (1000, 'stable-updates'), (1000, 'stable'), (900, 
'testing-debug'), (900, 'testing'), (800, 'unstable-debug'), (800, 'unstable'), 
(500, 'stable-debug'), (500, 'proposed-updates-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-17-amd64 (SMP w/16 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages zfs-dkms depends on:
ii  debconf [debconf-2.0]  1.5.71
ii  dkms   2.6.1-4
ii  file   1:5.35-4+deb10u2
ii  libc6-dev [libc-dev]   2.28-10
ii  libpython3-stdlib  3.7.3-1
ii  lsb-release10.2019051400
ii  perl   5.28.1-6+deb10u1
ii  python3-distutils  3.7.3-1

Versions of packages zfs-dkms recommends:
ii  linux-libc-dev  5.10.24-1~bpo10+1
ii  zfs-zed 2.0.3-8~bpo10+1
ii  zfsutils-linux  2.0.3-8~bpo10+1

Versions of packages zfs-dkms suggests:
ii  debhelper  12.1.1

-- debconf information excluded

Bug#991971: [pkg-lynx-maint] Bug#991971: [CVE-2021-38165] lynx: bug in SSL certificate validation -> leaks password in clear text via SNI (under some circumstances)

2021-08-08 Thread Moritz Mühlenhoff 
Am Sun, Aug 08, 2021 at 01:54:56AM +0200 schrieb Axel Beckert:
> Hi Andreas,
> 
> Andreas Metzler wrote:
> > > > tags 991971 fixed-upstream
> > > Bug #991971 [lynx] lynx: SSL certificate validation fails with URLs 
> > > containing user name or user name and password, i.e. 
> > > https://user:password@host/ and https://user@host/; leaks password in 
> > > clear text via SNI
> > > Added tag(s) fixed-upstream.
> > 
> > Hello,
> > 
> > I have just uploaded .9 to experimental.
> 
> Thanks a lot! Went to bed in the morning last night, so I was really
> happy to see at least Experimental already being fixed when I woke up
> again.
> 
> > The deadline for bulleye unblock requests has passed, so we will
> > need to fix this by security/point release.
> 
> Hrm, right, thanks for the reminder.
> 
> I nevertheless will update Unstable with a fix. It might be helpful
> for the Security Team (Cc'ed) or us to prepare a stable-update for
> Bullseye.
> 
> Security Team: Do you think the fix for CVE-2021-38165 should get a
> DSA? Or do you think it's not important enough and we should target a
> minor stable update for it?

This breaks a pretty fundamental security assumption for a browser, so
we should fix it via -security, even though lynx is a fringe browser.

bullseye-security is operational, so we can do both at the same time
so that bullseye will be fixed from day one.

Cheers,
Moritz

Bug#991999: ejabberd: Enable Elixir support

2021-08-08 Thread pitchum 
Package: ejabberd
Version: 21.01-2
Severity: wishlist

Dear Maintainer,

are there any plans to enable Elixir support?

I think Elixir support would make ejabberd more hackable.
Writing custom modules is probably too hard for people (like me)
unfamiliar with Erlang. Elixir language seems easier to learn.

I already managed to build a Debian package ejabberd-21.07 with Elixir
support from salsa. (thank you for your great packaging job!)
But my package is not ready for production. There is still a lot of
work to do and my skills in Debian packaging and erlang/elixir/mix
toolchain are too limited to work on this alone.

If you consider implementing this feature, I'd be happy to help.

-- 
pitchum

Bug#991998: gparted segfaults if scrolling quickly the device dropdown list

2021-08-08 Thread waxhead 
Package: gparted
Version: 1.2.0-1
Severity: important
X-Debbugs-Cc: waxh...@dirtcellar.net

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
I have 7 devices (drives) that I can select. I realized that when I scroll with 
the mousewheel quickly gparted segfaults.

   * What exactly did you do (or not do) that was effective (or
 ineffective)?
Scolling the mousewheel more slowly is effetive. Suspect a race condition.

   * What was the outcome of this action?
gparted works when scrolling the mouswheel slowly.

   * What outcome did you expect instead?
I expect the scroll speed to not cause a segfault.

*** End of the template - remove these template lines ***


-- System Information:
Debian Release: 11.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-8-amd64 (SMP w/2 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gparted depends on:
ii  gparted-common1.2.0-1
ii  libatkmm-1.6-1v5  2.28.0-3
ii  libc6 2.31-13
ii  libcairomm-1.0-1v51.12.2-4
ii  libgcc-s1 10.2.1-6
ii  libglib2.0-0  2.66.8-1
ii  libglibmm-2.4-1v5 2.64.2-2
ii  libgtk-3-03.24.24-4
ii  libgtkmm-3.0-1v5  3.24.2-2
ii  libpangomm-1.4-1v52.42.1-1
ii  libparted-fs-resize0  3.4-1
ii  libparted23.4-1
ii  libsigc++-2.0-0v5 2.10.4-2
ii  libstdc++610.2.1-6
ii  libuuid1  2.36.1-8
ii  policykit-1   0.105-31

gparted recommends no packages.

Versions of packages gparted suggests:
pn  dmraid 
ii  dmsetup2:1.02.175-2.1
ii  dosfstools 4.2-1
ii  e2fsprogs  1.46.2-2
pn  gpart  
pn  jfsutils   
pn  kpartx 
pn  mtools 
ii  ntfs-3g1:2017.3.23AR.3-4
pn  reiser4progs   
pn  reiserfsprogs  
pn  udftools   
ii  xfsprogs   5.10.0-4
ii  yelp   3.38.3-1

-- no debconf information

Bug#991997: new upstream (0.31)

2021-08-08 Thread Daniel Baumann 
Package: nwipe

Hi Martijn,

thank you so much for nwipe.

Given the isaac issue, it would be nice if you could upload nwipe 0.31
anytime soon to Debian (experimental) and consider a bugfix for bullseye.

Regards,
Daniel

Bug#991996: linux-image-5.10.0-8-amd64: Removing kerneol module hid_alps causes kernel panic on reboot

2021-08-08 Thread Marcel Lautenbach 
Package: src:linux
Version: 5.10.46-4
Severity: normal


After my Laptop went to sleep, I often happens (but not always), that after
waking the system my touchpad no longer works. I then use 'sudo modprobe -r
12c_hid; sleep 1; modprobe i2c_hid' to relload the hid kernel modules. That
works fine, until I reboot my system. I then either hangs or I get a kernel
panic. I could track this down by removing every module that depends on 'hid',
bit by bit. Currently, I have the follwoing HID modules loaded:

i2c_hid,usbhid,hid_alps,hid_generic,hid_logitech_hidpp

When I blacklist hid_alps, reboot the system and then try the commands above, I
can reboot my system without any problem. But as soon as I add hid_alps again,
I run into the problems mentioned above. Unfortunately, without hid_alps, my
touchpad doesn ot work at all.


-- Package-specific info:
** Version:
Linux version 5.10.0-8-amd64 (debian-ker...@lists.debian.org) (gcc-10 (Debian 
10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2) #1 SMP 
Debian 5.10.46-4 (2021-08-03)

** Command line:
BOOT_IMAGE=/vmlinuz-5.10.0-8-amd64 root=/dev/mapper/pid01-root ro 
cryptdevice=UUID=6587968f-60f1-44f2-ab73-b9208a50ce23:eS2nj5wAx6_240720 
noplymouth usbcore.autosuspend=-1 resume=/dev/mapper/pid01-swap_1 
default_hugepagesz=1G fsck.mode=force

** Tainted: OE (12288)
 * externally-built ("out-of-tree") module was loaded
 * unsigned module was loaded

** Kernel log:
[   37.614088] Bluetooth: BNEP socket layer initialized
[   37.622358] NET: Registered protocol family 38
[   37.740388] bridge: filtering via arp/ip/ip6tables is no longer available by 
default. Update your scripts to load br_netfilter if you need this.
[   38.899214] NFSD: Using UMH upcall client tracking operations.
[   38.899218] NFSD: starting 90-second grace period (net f0a8)
[   39.097954] vboxdrv: loading out-of-tree module taints kernel.
[   39.098296] vboxdrv: module verification failed: signature and/or required 
key missing - tainting kernel
[   39.135588] vboxdrv: Found 4 processor cores
[   39.165587] vboxdrv: TSC mode is Invariant, tentative frequency 2903983592 Hz
[   39.165589] vboxdrv: Successfully loaded version 6.1.26_Debian r145957 
(interface 0x0030)
[   39.227363] VBoxNetFlt: Successfully started.
[   39.281563] VBoxNetAdp: Successfully started.
[   39.465032] Bridge firewalling registered
[   39.664561] Initializing XFRM netlink socket
[   41.125465] Bluetooth: RFCOMM TTY layer initialized
[   41.125472] Bluetooth: RFCOMM socket layer initialized
[   41.125477] Bluetooth: RFCOMM ver 1.11
[   41.395950] L1TF CPU bug present and SMT on, data leak possible. See 
CVE-2018-3646 and 
https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for 
details.
[   41.409370] kauditd_printk_skb: 53 callbacks suppressed
[   41.409371] audit: type=1400 audit(1628408823.511:65): apparmor="DENIED" 
operation="capable" profile="libvirtd" pid=1639 comm="daemon-init" 
capability=17  capname="sys_rawio"
[   41.977984] check[3248]: segfault at 2652330 ip 0045db20 sp 
7fffd603db78 error 4 in qemu-s390x-static[401000+2b]
[   41.977992] Code: 00 e9 e4 5c 19 00 0f 1f 40 00 64 83 2c 25 70 ff ff ff 01 
74 05 c3 0f 1f 40 00 48 8d 3d a9 99 77 00 e9 34 6a 19 00 0f 1f 40 00 <64> 8b 04 
25 70 ff ff ff 85 c0 0f 9f c0 c3 66 90 48 83 ec 08 64 8b
[   44.367425] rfkill: input handler disabled
[   45.058592] wlan0: authenticate with c8:0e:14:40:75:7c
[   45.071087] wlan0: send auth to c8:0e:14:40:75:7c (try 1/3)
[   45.077618] wlan0: authenticated
[   45.081174] wlan0: associate with c8:0e:14:40:75:7c (try 1/3)
[   45.084685] wlan0: RX AssocResp from c8:0e:14:40:75:7c (capab=0x1511 
status=0 aid=7)
[   45.086807] wlan0: associated
[   45.164860] wlan0: Limiting TX power to 27 (30 - 3) dBm as advertised by 
c8:0e:14:40:75:7c
[   45.168186] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   45.370547] [UFW BLOCK] IN=wlan0 OUT= MAC= SRC=192.168.178.75 
DST=224.0.0.252 LEN=57 TOS=0x00 PREC=0x00 TTL=255 ID=20129 PROTO=UDP SPT=5355 
DPT=5355 LEN=37 
[   45.625275] [UFW BLOCK] IN=wlan0 OUT= MAC= SRC=192.168.178.75 
DST=224.0.0.252 LEN=57 TOS=0x00 PREC=0x00 TTL=255 ID=20148 PROTO=UDP SPT=5355 
DPT=5355 LEN=37 
[   45.870410] [UFW BLOCK] IN=wlan0 OUT= MAC= SRC=192.168.178.75 
DST=224.0.0.252 LEN=57 TOS=0x00 PREC=0x00 TTL=255 ID=20201 PROTO=UDP SPT=5355 
DPT=5355 LEN=37 
[   46.247450] [UFW BLOCK] IN=wlan0 OUT= 
MAC=01:00:5e:00:00:fc:c8:0e:14:40:75:79:08:00 SRC=192.168.178.1 DST=224.0.0.252 
LEN=57 TOS=0x00 PREC=0x00 TTL=1 ID=52298 PROTO=UDP SPT=5355 DPT=5355 LEN=37 
[   46.534367] [UFW BLOCK] IN=wlan0 OUT= MAC= 
SRC=fe80::::6558:e7b5:3d24:9877 
DST=ff02::::::0001:0003 LEN=77 TC=0 HOPLIMIT=255 
FLOWLBL=981611 PROTO=UDP SPT=5355 DPT=5355 LEN=37 
[   46.870472] [UFW BLOCK] IN=wlan0 OUT= MAC= 
SRC=fe80::::6558:e7b5:3d24:9877 
DST=ff02::::::0001:0003 LEN=77 TC=0 HOPLIMIT=255 
FLOWLBL=981611 PROTO=UDP SPT=5355 DPT=53

Bug#991995: ITP: golang-github-gobuffalo-flect -- An inflection engine for golang

2021-08-08 Thread Anthony Fok 
Package: wnpp
Severity: wishlist
Owner: Anthony Fok 

* Package name: golang-github-gobuffalo-flect
  Version : 0.2.3-1
  Upstream Author : Mark Bates et al., Buffalo - The Go Web Eco-System
* URL : https://github.com/gobuffalo/flect
* License : Expat
  Programming Lang: Go
  Description : An inflection engine for golang

 Flect is a new inflection engine to replace github.com/markbates/inflect,
 designed to be more modular, more readable, and easier to fix issues on
 than the original.
 .
 The github.com/gobuffalo/flect package contains "basic" inflection tools,
 like pluralization, singularization, etc.

Reason for packaging: Needed by hugo (>= 0.81.0)