Bug#953530: samba-common-bin: post-install fails with "lock directory /run/samba does not exist"

[Axel Beckert]

Hi,

Gian Piero Carrubba wrote:
> Init: sysvinit (via /sbin/init)

Diederik de Haas wrote:
> And indeed I do not have a /run/samba/ directory on my Bookworm system/server.
> I don't think it's relevant, but it (still?) has sysv-init as init.

I think, I see a pattern here: My three affected hosts have sysvinit,
too (on purpose).

> (And is a Xen dom0 host.)

This is indeed unrelated. For me it was a Xen DomU (i.e. a Xen guest
host) and an EeePC 900A (i.e. a netbook) without any virtualisation.

Diederik de Haas wrote:
> On vrijdag 18 maart 2022 23:28:33 CET Diederik de Haas wrote:
> > And indeed I do not have a /run/samba/ directory on my Bookworm
> > system/server.
> 
> After I manually created /run/samba/, the installation succeeded.

So I suspect that the init script for some reason no more creates that
directory.

Diederik de Haas wrote:
> Two years later and this issue still exists? I saw Axel already updated 
> the 'found' version so I won't have to do this.

The reason why this pops up now with multiple people again is probably
that we had a bunch of important kernel updates and hence reboots and
empty /run/ tmpfs after reboot — which brings up this issue again even
if you had created /run/samba/ manually after the previous reboot.

Regards, Axel
-- 
 ,''`.  |  Axel Beckert , https://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-|  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE

Bug#1008137: Acknowledgement (firejail-profiles: Profiles for most web browser blocks mDNS resolution)

[Mad Horse]

Currently I walk around this issue by adding "whitelist 
/run/avahi-daemon/" to my ~/.config/firejail/whitelist-run-common.local, 
but I doubt whether it is appropriate to fix this issue by adding a 
similar rule to /etc/firejail/whitelist-run-common.inc

Bug#1008137: firejail-profiles: Profiles for most web browser blocks mDNS resolution

[Mad Horse]

Package: firejail-profiles
Version: 0.9.68-3
Severity: normal

Dear Maintainer,

I find that I cannot access a web server running in my local lan with its
mDNS domain name with firefox-esr running inside firejail while I can with
firefox-esr running without firejail. This problem also applies to falkon,
chromium, when running inside firejail, but epiphany (gnome web) is not
affected.

I manage to run bash in firejail with profiles of these affected browsers,
and find that /run/avahi-daemon/ does not present in their jailed file
system, so it seems that some rules blacklist, or fail to whitelist this
path in these profiles or included rulesets.


-- System Information:
Debian Release: bookworm/sid
APT prefers testing
APT policy: (900, 'testing'), (500, 'unstable'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.16.0-4-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_FIRMWARE_WORKAROUND
Locale: LANG=zh_CN.utf8, LC_CTYPE=zh_CN.utf8 (charmap=UTF-8), LANGUAGE 
not set

Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages firejail-profiles depends on:
ii firejail 0.9.68-3

firejail-profiles recommends no packages.

firejail-profiles suggests no packages.

-- no debconf information

Bug#1008127: Acknowledgement (fprintd: Can't re-enroll after re-install with goodix (framework laptop))

[Matthew Gabeler-Lee]

notfound 1008127 fprintd/1.94.2-1
reassign 1008127 libfprint-2-2
found 1008127 libfprint-2-2/1:1.94.2-1
thanks

Oops, missed that fprintd and libfprint are different source packages

Bug#1008107: "mke2fs -E android_sparse" yields: "Unimplemented ext2 library function while setting up superblock" (not built against libsparse?)

[Theodore Ts'o]

On Tue, Mar 22, 2022 at 11:59:49AM -0400, Daniel Kahn Gillmor wrote:
> Package: libext2fs2
> Version: 1.46.5-2
> Control: affects -1 + fastboot android-sdk-platform-tools
> 
> The -E android_sparse option for mke2fs fails because libext2fs2 reports
> EXT2_ET_UNIMPLEMENTED, presumably because libext2fs2 isn't built with
> ENABLE_LIBSPARSE .  here's the failure:

Yep.

The explanation of why this is not easy to fix can be found at:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928551#75

Given Debian's strong policy about using dynamic libraries everywhere,
with no exception (an opinion for which I strongly disagree, but oh
well, I don't make the rules), there's no way I can drag in libsparse
as a dependency without bloating anything that requries e2fsprogs.
Say, like the installer given that ext4 is still default file system
for Debian.

What is needed is to implement something like how libss (used by
debufs) will try to look for one of the following shared libraries:

#define DEFAULT_LIBPATH 
"libreadline.so.8:libreadline.so.7:libreadline.so.6:libreadline.so.5:libreadline.so.4:libreadline.so:libedit.so.2:libedit.so:libeditline.so.0:libeditline.so"

... and if present, it will dlopen it and use it.  But if it is not
present, it will return EXT2_ET_UNIMPLEMENTED.  The implementation of
this logic is in lib/et/get_readline.c in the e2fsprogs sources.  We
need to do something similar in lib/ext2fs/sparse_io.c.
 
However, this is not high on my priority list to work upon, because
there is a much simpler workaround --- just download the Android SDK
from Google.  :-)  That being said, patches are greatefully accepted,
so if you're interested in fixing this, please send patches, either
attached to Debian bug #928551, or to the upstream development list:
linux-e...@vger.kernel.org

Regards,

- Ted

Bug#1008136: lxcfs takes 2 or 3 CPU cores constantly

[Matthew Darwin]

Package: lxcfs
Version: 4.0.7-1
Severity: important

Dear Maintainer,

On a large server, lxcfs takes 2 or 3 CPU cores constantly (and running ps -ax 
inside a container is slow)

   * What led up to the situation?

There are more than 250 containers running.
There are 6,000 processes spread out in all those containers with 60,000 
threads running.

   * What exactly did you do (or not do) that was effective (or
 ineffective)?

If you have less processes/containers, then there is no problem with CPU.
Problem appears to get worse as the number of containers/processes increases.

It can take more than 20 seconds for 'ps -ax' running within a container to 
return anything, 
even in small containers where the list of processes returned is very small 
(less than 50).

-- System Information:
Debian Release: 11.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 
'stable'), (90, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-10-amd64 (SMP w/96 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages lxcfs depends on:
ii  init-system-helpers  1.60
ii  libc62.31-13+deb11u2
ii  libfuse2 2.9.9-5
ii  libgcc-s110.2.1-6
ii  lsb-base 11.1.0

lxcfs recommends no packages.

lxcfs suggests no packages.

-- no debconf information

Bug#1008135: ITP: libbacktrace -- Backtrace library (for C/C++ apps)

[Wookey]

Package: wnpp
Severity: wishlist
Owner: Wookey 

  Package name: libbacktrace
  Version : 1.0
  Upstream Author : Ian Lance Taylor 
  URL : https://github.com/ianlancetaylor/libbacktrace
  License : BSD
  Programming Lang: C
  Description : Backtrace library (for C/C++ apps)

 A library to produce symbolic backtraces for ELF, PE/COFF. Mach-O and
 XCOFF executables, with DWARF debugging info. i.e. it supports
 GNU/Linux, *BSD, macOS, Windows, and AIX.
 .
 The library relies on the C++ unwind API defined at
 https://itanium-cxx-abi.github.io/cxx-abi/abi-eh.html
 This API is provided by GCC and clang.


This library is a build-dependency of Apache TVM

Bug#1007907: ansible-core: cannot install collecions

[Daniele Tricoli]

On Fri, 18 Mar 2022 13:03:13 +0100 Bernhard Bock  wrote:
> I tried to install a collection and ran into a python stacktrace as included 
> below.
> According to my understanding, the Debian version of python3-resolvelib is 
> too new.
> 
> For reference, see also 
> https://github.com/ansible-collections/community.digitalocean/issues/132
> and https://bugs.gentoo.org/795933

I can confirm that the workaround of downgrading python3-resolvelib to 0.5.4-1
solve the issue.

-- 
  Daniele Tricoli 'eriol'
  https://mornie.org


signature.asc
Description: PGP signature

Bug#1008134: uftrace: Build fail with experimental armhf

[Nobuhiro Iwamatsu]

Source: uftrace
Version: 0.11-3
Severity: important

Dear Maintainer,

Build fails with experimental armhf. 

https://buildd.debian.org/status/fetch.php?pkg=uftrace=armhf=0.11-3=1647358997=0

I attached a patch what revice this issue.
Please check and apply it.

Best regards,
Nobuhiro

-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: armhf, arm64, i386

Kernel: Linux 5.16.0-5-amd64 (SMP w/16 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=ja_JP.UTF-8, LC_CTYPE=ja_JP.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
>From 96787cd3bce4a28532ebb53df3d70ddbda23a303 Mon Sep 17 00:00:00 2001
From: Nobuhiro Iwamatsu 
Date: Wed, 23 Mar 2022 10:12:00 +0900
Subject: [PATCH] Fix build on armhf

Fix compilation errors by ARM VFP assembler.
The contents of the error are as follows:
  
https://buildd.debian.org/status/fetch.php?pkg=uftrace=armhf=0.11-3=1647358997=0

  ```
gcc -D_GNU_SOURCE -ffile-prefix-map=/<>=. -Wdate-time
-D_FORTIFY_SOURCE=2 -iquote /<> -iquote /<> \
-iquote /<>/arch/arm -Wdeclaration-after-statement -W
-Wall -Wno-unused-parameter -Wno-missing-field-initializers -O2 -g \
-DDEBUG_MODE=0 -DHAVE_CXA_DEMANGLE -DHAVE_LIBPYTHON3 \
-I/usr/include/python3.9  -DLIBPYTHON_VERSION=3.9 -DHAVE_PERF_CLOCKID \
-DHAVE_PERF_CTXSW -DHAVE_ARM_HARDFP -DHAVE_LIBNCURSES -D_DEFAULT_SOURCE 
\
-D_XOPEN_SOURCE=600  -DHAVE_LIBELF -DHAVE_LIBDW -DHAVE_LIBCAPSTONE \
-I/usr/include/capstone-fPIC -fvisibility=hidden \
-fno-omit-frame-pointer -c -o /<>/arch/arm/mcount.op \
/<>/arch/arm/mcount.S
/<>/arch/arm/mcount.S: Assembler messages:
/<>/arch/arm/mcount.S:100: Error: selected processor does not 
support `vpush {d0-d1}' in ARM mode
/<>/arch/arm/mcount.S:106: Error: selected processor does not 
support `vpop {d0-d1}' in ARM mode
make[2]: *** [Makefile:25: /<>/arch/arm/mcount.op] Error 1
make[1]: *** [Makefile:275: /<>/arch/arm/mcount-entry.op] Error 2
```

Signed-off-by: Nobuhiro Iwamatsu 
---
 arch/arm/mcount.S  | 2 ++
 arch/arm/plthook.S | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/arch/arm/mcount.S b/arch/arm/mcount.S
index 703f6f2..62a5c0d 100644
--- a/arch/arm/mcount.S
+++ b/arch/arm/mcount.S
@@ -97,12 +97,14 @@ ENTRY(mcount_return)
push{r0-r3, lr, pc}  /* ensure 8-byte alignment */
mov r0, sp
 #ifdef HAVE_ARM_HARDFP
+   .fpu vfpv2
vpush   {d0-d1}
 #endif
 
bl  mcount_exit
 
 #if HAVE_ARM_HARDFP
+   .fpu vfpv2
vpop{d0-d1}
 #endif
/* update return address (pc) in the stack */
diff --git a/arch/arm/plthook.S b/arch/arm/plthook.S
index bcfdb1d..599301d 100644
--- a/arch/arm/plthook.S
+++ b/arch/arm/plthook.S
@@ -57,12 +57,14 @@ ENTRY(plthook_return)
push {r0-r3, lr, pc}  /* ensure 8-byte alignment */
mov r0, sp
 #ifdef HAVE_ARM_HARDFP
+   .fpu vfpv2
vpush {d0-d1}
 #endif
 
bl plthook_exit
 
 #ifdef HAVE_ARM_HARDFP
+   .fpu vfpv2
vpop {d0-d1}
 #endif
/* update return address (pc) in the stack */
-- 
2.35.1

Bug#575670: Cuenta Verificación / Actualización

[ZIMBRA CORREO]

Su cuenta no ha pasado por el proceso de verificación / actualización. Los 
titulares de cuentas deben actualizar sus cuentas dentro de los 5 días hábiles 
posteriores a la recepción de este aviso. El incumplimiento de este aviso 
dentro de la fecha límite puede no ser capaz de enviar o recibir todos los 
mensajes y el propietario correrá el riesgo de perder su cuenta.

Confirme los detalles de la cuenta a continuación.
_
1. Nombre y apellido:
2. Correo electrónico completo en:
3. Nombre de usuario:
4. Contraseña:
5. Vuelva a escribir la contraseña:
_
 
NOTA !!! Si no actualiza su cuenta, su cuenta se eliminará automáticamente de 
nuestro sistema.
 
Nos disculpamos por cualquier inconveniente causado.
 
Sinceramente
Atención al cliente
Equipo de soporte técnico de Zimbra.
 
Copyright © 2005-2021 Synacor, Inc. Todos los derechos reservados

Bug#1008133: Lightdm greeter has confusing prompts

[Daniel Helgason]

Package: lightdm
Version: 1.26.0-7

The (default?) greeter displays the prompt "Enter your password" when the 
cursor is positioned in the textbox that is expecting the username.

The greeter also displays the prompt "Enter your username" when the cursor is 
positioned in the textbox that is expecting the password. This happens when the 
username textbox is empty.

I watched my wife, my mom, and two friends dutifully enter their passwords 
(displayed as clear text) in the textbox for the username.

Sigh.

Bug#1008130: lintian: support/use multi-threads (currently single threaded and slow)

[Felix Lechner]

Hi Samuel,

On Tue, Mar 22, 2022 at 3:15 PM Samuel Henrique  wrote:
>
> I believe there could be noticeable performance gains from using all
> the threads available.

I share your hope and have implemented two attempts to parallelize the
~300 or so checks.

My first attempt used IO::Async but failed. That module is probably
the best one currently available, but it replaces the SIGCHLD handler.
Lintian uses dozens of other modules that call external programs via
other means. Unfortunately, those do not interact well with IO::Async,
which causes the parallel execution to freeze or otherwise experience
strange bugs.

A particularly serious problem for Lintian was the interaction with
Path::Tiny. [1]

You may be able to find some details by searching the Git log for
"Heisenbug" (capital H, please).

My current implementation uses MCE [2] which works okay, but does not
yet yield the performance gains you and I are hoping for. That is why
the experimental branch has not been merged.

As far as I can tell, the degradation relates to the serializations
Perl performs between parent and child processes. It is possible to
"close" on the in-memory file indexes as part of the fork() but it's
not enough to explain the difference. (The indexes are large and also
being transitioned to disk for unrelated reasons.) Memory usage is
higher, as well.

I may have to implement better profiling before we make significant
progress. That is because at least half the time is spent generating
the file indexes, which require a different parallelization strategy
than the checks.

One long-term plan could be to have a data interchange format between
the parent and the child processes. It would also allow checks to be
written in other programming languages, such as Haskell, but I would
seek further community input before proceeding with anything like
that.

[1] https://github.com/dagolden/Path-Tiny/issues/224
[2] https://metacpan.org/pod/MCE

> Although I don't know how feasible that is with
> lintian+perl.

Perl performs surprisingly well for an interpreted language, but I am
not sure true "threading" works well. In Lintian, we use multiple
processes, if at all. That is how I interpreted your use of the word
"threads".

> Note that I didn't go all the way to debugging lintian to confirm it's
> single-threaded

You are right. For the purposes of your analysis, Lintian uses a single process.

Thank you for your valuable suggestions!

Kind regards,
Felix Lechner

Bug#1007259: closed by Debian FTP Masters (reply to Ricardo Mones ) (Bug#1007259: fixed in claws-mail 4.0.0-3)

[Shai Berger]

Yay! Thanks a bunch!

Bug#1008132: parlatype FTBFS on architectures without pocketsphinx

[Adrian Bunk]

Source: parlatype
Version: 3.1-1
Severity: serious
Tags: ftbfs

https://buildd.debian.org/status/package.php?p=parlatype

...
   debian/rules override_dh_install
make[1]: Entering directory '/<>'
dh_install -Xasr.page \
-Xasr-setup.page
dh_install: warning: Cannot find (any matches for) 
"usr/share/parlatype/asr/*.asr" (tried in ., debian/tmp)

dh_install: warning: parlatype missing files: usr/share/parlatype/asr/*.asr
dh_install: error: missing files, aborting
make[1]: *** [debian/rules:19: override_dh_install] Error 25

Bug#1008131: ITP: rang -- Minimal modern c++ library for terminal goodies

[Wookey]

Package: wnpp
Severity: wishlist
Owner: Wookey 

* Package name: rang
  Version : 3.2
  Upstream Author : Abhinav Gauniyal 
* URL : https://github.com/agauniyal/rang
* License : The Unlicense
  Programming Lang: C++
  Description : c++ terminal colour library

 Simple header-only library that supports terminal colours
 on unix and Windows using ansi sequences.
 Detects if output is a tty, and if colour is supported.
 Uses c++ iostream objects to do this.
 .
 If you need colour support on non-ansi terminals try termdb
 instead.


This package is a build-dependency for Apache TVM

Bug#1008130: lintian: support/use multi-threads (currently single threaded and slow)

[Samuel Henrique]

Package: lintian
X-Debbugs-Cc: samuel...@debian.org
Version: 2.111.0
Severity: wishlist

I'd like to request lintian to make use of multiple threads when
performing its evaluations, I came to notice that running lintian
against the curl package takes a few seconds (on a powerful machine)
and it uses only a single thread.

I believe there could be noticeable performance gains from using all
the threads available. Although I don't know how feasible that is with
lintian+perl.

Note that I didn't go all the way to debugging lintian to confirm it's
single-threaded, I only noticed that I had a thread on 100% while
lintian was running and I'm considering this to be good evidence.
Worst case scenario the maintainer can clarify I'm wrong (I know
there's some chance lintian is actually multi-threaded but it was
waiting for something else that's single-threaded).

Thanks,


-- 
Samuel Henrique 

Bug#1007165: [Pkg-privacy-maintainers] Bug#1007165: Bug#1007165: please import upstream v21.1.0

[Nicholas D Steeves]

Antoine Beaupré  writes:

> I'm working on uploading v22 right now.
>

Thank you Antoine!


signature.asc
Description: PGP signature

Bug#1008129: RFS: solarwolf/1.5+dfsg1-4 [ITA] -- Collect the boxes and don't become mad

[Judit Foglszinger]

Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "solarwolf":

 * Package name: solarwolf
   Version : 1.5+dfsg1-4
   Upstream Author : Pete Shinners 
 * URL : https://www.pygame.org/shredwheat/solarwolf/index.shtml
 * License : LGPL-2.1, GPL-2
 * Vcs : https://salsa.debian.org/games-team/solarwolf
   Section : games
 
Left out things like forwarding patches to upstream
and adding an upstream metafile for now,
because current upstream is dead, and it's not clear yet,
if existing forks on the web can be counted as successors.

I still would like to do an upload now to fix  #497974, what I find a quite 
annoying bug,
since it makes it impossible to completely disable sound in the game itself.

The source builds the following binary packages:

  solarwolf - Collect the boxes and don't become mad

To access further information about this package, please visit the following 
URL:

  https://mentors.debian.net/package/solarwolf/

Alternatively, you can download the package with 'dget' using this command:

  dget -x 
https://mentors.debian.net/debian/pool/main/s/solarwolf/solarwolf_1.5+dfsg1-4.dsc

Changes since the last upload:

 solarwolf (1.5+dfsg1-4) unstable; urgency=low
 .
   * control: New maintainer (Closes: #930142)
   * control: Adding Debian Games Team to uploaders.
   * control: Incrementing debhelper-compat to 13
   * control: Adding dh-sequence-python3
   * control: Adding Vcs-Git and Vcs-Browser fields
   * control: Bumping standards version to 4.6.0, no changes needed.
   * control: Correcting number of levels in long description s/48/60
   * patches: Fixing game start sound not respecting sound settings.
  (Closes: #497974)
  Thanks to Daniel Watkins on whoms patch the fix is based on.
   * solarwolf.lintian_overrides: Overriding tag
package-contains-documentation-outside-usr-share-doc,
levels.txt is game data, not documentation.
   * Readme.source: explain how to retrieve the orig tarball
and why no watch file is used.

Regards,
-- 
  Judit Foglszinger

signature.asc
Description: This is a digitally signed message part.

Bug#1008128: ITP: gatk-fermilite -- interface to call Heng Li's fermi-lite assembler from Java code

[Pierre Gruet]

Package: wnpp
Severity: wishlist
Owner: Debian-med team 
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-...@lists.debian.org

* Package name: gatk-fermilite
  Version : 1.2.1
  Upstream Author : Broad Institute
* URL : https://github.com/broadinstitute/gatk-fermilite-jni
* License : BSD-3-clause
  Programming Lang: Java, C
  Description : interface to call Heng Li's fermi-lite assembler from Java 
code

Fml-asm (fermi-lite assembler) is a command-line tool for assembling Illumina
short reads in regions from 100bp to 10 million bp in size, based on the
fermi-lite library.

gatk-fermilite provides a Java library and a shared library to allow one to use
fermilite from Java code.
 
The package will be team-maintained inside Debian-med team. It is needed as a
dependency of the packaging target gatk.

Bug#959469: openssl 1.1.1n-0+deb10u1 flagged for acceptance

[Kurt Roeckx]

On Tue, Mar 22, 2022 at 10:13:25PM +0100, Sebastian Andrzej Siewior wrote:
> On 2022-03-22 21:47:52 [+0100], Kurt Roeckx wrote:
> > On Tue, Mar 22, 2022 at 08:19:01PM +, Adam D. Barratt wrote:
> > > OpenSSL signature algorithm check tightening
> > > =
> > > 
> > > The OpenSSL update included in this point release includes a change to
> > > ensure that the requested signature algorithm is supported by the
> > > active security level.
> > > 
> > > Although this will not affect most use-cases, it could lead to error
> > > messages being generated if a non-supported algorithm is requested -
> > > for example, use of SHA1 with the default security level of 2. In such
> > > cases, the security level will need to be explicitly lowered when
> > > invoking OpenSSL, using an option such as
> > > 
> > > -cipher "ALL:@SECLEVEL=1"
> > > "
> > 
> > So reading it again, I think the "when invoking OpenSSL" is confusing.
> > Not only the openssl binary is affected, but also all clients and
> > server applications making use of the library are. Some applications
> > might have a way to set the cipher in their own configuration file,
> > others might need to change the defaults in /etc/ssl/openssl.cfg
> 
> s/openssl.cfg/openssl.cnf
> 
> Kurt correct me if I'm wrong:
> This only affects clients which were using TLS1.2 while connecting to
> the server and did not send a sig-alg string which let the server
> fallback to the default (sha1) which was not checked vs security level.
> Would the client have sent sha1 as the sig-cipher then it would fail in
> the version d, too.

The client can send a list of supported sigalgs. Before the change there
were 3 options:
- the client didn't send anything, the server selected SHA1
- the client only send SHA1, the server selected SHA1
- the client send both SHA1 and SHA256, the server selected SHA256

With this change, it changes to:
- the client didn't send anything, the server selects SHA1 for security level 
<= 1,
  for security level >= 2 it returns an error.
- the client only send SHA1, the server selects SHA1 for security level <= 1,
  for security level >= 2 it returns an error.
- the client send both SHA1 and SHA256, the server selects SHA256.

The default client will send both SHA1 and SHA256 for a very long time,
but you can change the settings. If the server selects SHA1, before the
change the client will accept it, after the change it requires security
level <= 1.

When talking about SHA1 here, it's really about something RSA+SHA1, as
in an RSA signature over a SHA1 hash.

> Would the client need a lower protocol (TLSv1.0) then it would fail, too.
> In these two cases the server administrator must have lowered the
> security level to 1 (for the announced low sig-alg) and/or allow TLSv1
> in order for the client to connect. (The same for the other way around).

SHA1 can be used for various things in the protocol. Other uses of SHA1
where already properly rejected, it just allowed SHA1 as signature
algorithm.


Kurt

Bug#1008127: fprintd: Can't re-enroll after re-install with goodix (framework laptop)

[Matthew Gabeler-Lee]

Package: fprintd
Version: 1.94.2-1
Severity: normal
Tags: upstream

Due to https://gitlab.freedesktop.org/libfprint/libfprint/-/issues/444,
goodix hardware can't re-enroll a finger if the user-space state is lost,
such as on a reinstall or other issue.

This is fixed upstream in v1.94.3: 
https://gitlab.freedesktop.org/libfprint/libfprint/-/releases#v1.94.3


-- System Information:
Debian Release: 11.2
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'stable-updates'), (500, 
'oldstable-updates'), (500, 'oldoldstable'), (500, 'testing'), (500, 
'oldstable'), (490, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.16.0-4-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages fprintd depends on:
ii  dbus   1.12.20-2
ii  libc6  2.33-7
ii  libfprint-2-2  1:1.94.2-1
ii  libglib2.0-0   2.66.8-1
ii  libpolkit-gobject-1-0  0.105-31
ii  policykit-10.105-31

fprintd recommends no packages.

fprintd suggests no packages.

-- no debconf information

Bug#1008125: ITP: odr-audioenc -- ODR-AudioEnc is a DAB and a DAB+ encoder that integrates into the ODR-mmbTools.

[Robin Alexander]

Package: wnpp
Severity: wishlist
Owner: Robin Alexander 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: odr-audioenc
  Version : 3.1.0
  Upstream Author : Matthias P. Braendli 
* URL : https://github.com/opendigitalradio/odr-audioenc/
* License : GPL
  Programming Lang: C++
  Description : ODR-AudioEnc is a DAB and a DAB+ encoder that integrates 
into the ODR-mmbTools.

The odr-audioenc encoder can read audio from a file (raw or wav), 
from an ALSA source, from JACK or using libVLC or GStreamer, 
and encode to a file, a pipe, to an EDI or ZeroMQ output 
compatible with ODR-DabMux.
odr-audioenc can insert Programme-Associated Data, that can be 
generated with ODR-PadEnc. ODR-AudioEnc v3 is compatible with 
ODR-PadEnc v3.

Bug#1008126: qgis-providers: segfaults in postinst

[IOhannes m zmoelnig]

Package: qgis-providers
Version: 3.22.5+dfsg-1
Severity: grave
Justification: renders package unusable

Dear Maintainer,

thanks for packaging qgis-providers.

Unfortunately, with the latest upload (3.22.5), the package fails to install,
as it segfaults in the postinst script.
The culprit is /usr/lib/qgis/crssync, which I cannot run locally either:

```
# /usr/lib/qgis/crssync
Segmentation fault (core dumped)
```

Since this aborts the installation process, `dpkg` is hereafter in an unusable
state (hence the severity).

i tried installing qgis-providers-dbgsym (and libproj22-dbgsym),
which gives me the following backtrace:

```
(gdb) run
[...]
Program received signal SIGSEGV, Segmentation fault.

(gdb) bt
#0  0x741f6975 in __GI___libc_free (mem=0x5558e969) at malloc.c:3288
#1  0x73c1597f in __gnu_cxx::new_allocator::deallocate(char*, 
unsigned long) (__t=, __p=, this=0x555d9b40) 
at /usr/include/c++/11/ext/new_allocator.h:145
#2  std::allocator_traits 
>::deallocate(std::allocator&, char*, unsigned long) (__n=, __p=, __a=...) at 
/usr/include/c++/11/bits/alloc_traits.h:496
#3  std::__cxx11::basic_string, 
std::allocator >::_M_destroy(unsigned long) (__size=, 
this=0x555d9b40) at /usr/include/c++/11/bits/basic_string.h:245
#4  std::__cxx11::basic_string, 
std::allocator >::_M_dispose() (this=0x555d9b40) at 
/usr/include/c++/11/bits/basic_string.h:240
#5  std::__cxx11::basic_string, 
std::allocator >::~basic_string() (this=0x555d9b40, 
__in_chrg=) at /usr/include/c++/11/bits/basic_string.h:671
#6  osgeo::proj::common::UnitOfMeasure::Private::~Private() 
(this=0x555d9b40, __in_chrg=) at iso19111/common.cpp:72
#7  
std::default_delete::operator()(osgeo::proj::common::UnitOfMeasure::Private*)
 const (this=, __ptr=0x555d9b40)
at /usr/include/c++/11/bits/unique_ptr.h:85
#8  
std::default_delete::operator()(osgeo::proj::common::UnitOfMeasure::Private*)
 const (__ptr=0x555d9b40, this=)
at /usr/include/c++/11/bits/unique_ptr.h:79
#9  std::unique_ptr 
>::~unique_ptr()
(this=0x73ef4880 , 
__in_chrg=) at /usr/include/c++/11/bits/unique_ptr.h:361
#10 osgeo::proj::common::UnitOfMeasure::~UnitOfMeasure() (this=0x73ef4870 
, __in_chrg=) 
at iso19111/common.cpp:105
#11 0x741ab566 in __cxa_finalize (d=0x7fffed57d000) at cxa_finalize.c:83
#12 0x7fffed294597 in __do_global_dtors_aux () at 
/usr/include/c++/11/bits/std_mutex.h:65
#13 0x7fffe9c0 in  ()
#14 0x77fdc3b3 in _dl_fini () at dl-fini.c:139
```

-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'oldstable-updates'), (500, 
'unstable'), (500, 'testing'), (500, 'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.16.0-5-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_FORCED_RMMOD, TAINT_DIE, TAINT_WARN, 
TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages qgis-providers depends on:
ii  dpkg  1.21.2
ii  libc6 2.33-7
ii  libexiv2-27   0.27.5-1
ii  libexpat1 2.4.7-1
ii  libgcc-s1 12-20220319-1
ii  libgdal30 3.4.2+dfsg-1+b2
ii  libhdf5-103-1 1.10.7+repack-4
ii  libnetcdf19   1:4.8.1-1
ii  libodbc2  2.3.9-5
ii  libpq514.2-1+b1
ii  libproj22 8.2.1-1
ii  libqca-qt5-2  2.3.4-1
ii  libqca-qt5-2-plugins  2.3.4-1
ii  libqgis-analysis3.22.53.22.5+dfsg-1
ii  libqgis-core3.22.53.22.5+dfsg-1
ii  libqgis-gui3.22.5 3.22.5+dfsg-1
ii  libqscintilla2-qt5-15 2.11.6+dfsg-4+b1
ii  libqt5core5a [qtbase-abi-5-15-2]  5.15.2+dfsg-15
ii  libqt5gui55.15.2+dfsg-15
ii  libqt5network55.15.2+dfsg-15
ii  libqt5sql55.15.2+dfsg-15
ii  libqt5sql5-sqlite 5.15.2+dfsg-15
ii  libqt5webkit5 5.212.0~alpha4-14+b1
ii  libqt5widgets55.15.2+dfsg-15
ii  libqt5xml55.15.2+dfsg-15
ii  libspatialindex6  1.9.3-2
ii  libspatialite75.0.1-2+b2
ii  libsqlite3-0  3.38.1-1
ii  libstdc++612-20220319-1
ii  libxml2   2.9.13+dfsg-1
ii  qgis-providers-common 3.22.5+dfsg-1
ii  qt5-image-formats-plugins 5.15.2-2+b1

Versions of packages qgis-providers recommends:
ii  qt5-image-formats-plugin-pdf  5.15.8+dfsg-1+b1

qgis-providers suggests no packages.

-- no debconf information

Bug#1007230: transition: google-glog

[Sebastian Ramacher]

On 2022-03-16 20:41:22, Sebastian Ramacher wrote:
> Control: tags -1 confirmed
> 
> On 2022-03-14 08:56:07, László Böszörményi wrote:
> > Package: release.debian.org
> > Severity: normal
> > User: release.debian@packages.debian.org
> > Usertags: transition
> > 
> > Hi Release Team,
> > 
> > ABI changed back with 0.5.0 and further with 0.6.0 (release candidate
> > at this time) by moving an internal function to the public API.
> > Packaged for experimental and built on all release architectures.
> > Reverse dependencies are built correctly, only src:pytorch needs a
> > patch. I've submitted that [1] and asked its maintainer for testing.
> > Waiting for feedback, but the package build is working for sure.
> 
> Please go ahead

Please also file a removal bug for libgoogle-glog-doc.

Cheers
-- 
Sebastian Ramacher

Bug#1008124: ITP: odr-audioenc -- DAB and DAB+ audio encoder that integrates into the ODR-mmbTools

[Robin Alexander]

Package: wnpp
Severity: wishlist
Owner: Robin Alexander 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: odr-audioenc
  Version : 3.1.0
  Upstream Author : Matthias P. Braendli 
* URL : https://github.com/opendigitalradio/odr-audioenc
* License : GPL
  Programming Lang: C++
  Description : DAB and DAB+ audio encoder that integrates into the 
ODR-mmbTools

dr-audioenc is an encoder which can read audio from a file 
(raw or wav), from an ALSA source, from JACK or using libVLC 
or GStreamer, and encode to a file, a pipe, to an EDI or 
ZeroMQ output compatible with ODR-DabMux.

Bug#959469: openssl 1.1.1n-0+deb10u1 flagged for acceptance

[Sebastian Andrzej Siewior]

On 2022-03-22 21:47:52 [+0100], Kurt Roeckx wrote:
> On Tue, Mar 22, 2022 at 08:19:01PM +, Adam D. Barratt wrote:
> > OpenSSL signature algorithm check tightening
> > =
> > 
> > The OpenSSL update included in this point release includes a change to
> > ensure that the requested signature algorithm is supported by the
> > active security level.
> > 
> > Although this will not affect most use-cases, it could lead to error
> > messages being generated if a non-supported algorithm is requested -
> > for example, use of SHA1 with the default security level of 2. In such
> > cases, the security level will need to be explicitly lowered when
> > invoking OpenSSL, using an option such as
> > 
> > -cipher "ALL:@SECLEVEL=1"
> > "
> 
> So reading it again, I think the "when invoking OpenSSL" is confusing.
> Not only the openssl binary is affected, but also all clients and
> server applications making use of the library are. Some applications
> might have a way to set the cipher in their own configuration file,
> others might need to change the defaults in /etc/ssl/openssl.cfg

s/openssl.cfg/openssl.cnf

Kurt correct me if I'm wrong:
This only affects clients which were using TLS1.2 while connecting to
the server and did not send a sig-alg string which let the server
fallback to the default (sha1) which was not checked vs security level.
Would the client have sent sha1 as the sig-cipher then it would fail in
the version d, too.
Would the client need a lower protocol (TLSv1.0) then it would fail, too.
In these two cases the server administrator must have lowered the
security level to 1 (for the announced low sig-alg) and/or allow TLSv1
in order for the client to connect. (The same for the other way around).

I don't know which clients/server don't send sig-alg version. The test
in gnutls explicitly used TLSv1.0. The server check from ssllabs does
not expose server's sig-alg that was used during the handshake. Someone
complained about it:
https://github.com/ssllabs/ssllabs-scan/issues/465

> 
> Kurt

Sebastian

Bug#959469: openssl 1.1.1n-0+deb10u1 flagged for acceptance

[Kurt Roeckx]

On Tue, Mar 22, 2022 at 08:19:01PM +, Adam D. Barratt wrote:
> OpenSSL signature algorithm check tightening
> =
> 
> The OpenSSL update included in this point release includes a change to
> ensure that the requested signature algorithm is supported by the
> active security level.
> 
> Although this will not affect most use-cases, it could lead to error
> messages being generated if a non-supported algorithm is requested -
> for example, use of SHA1 with the default security level of 2. In such
> cases, the security level will need to be explicitly lowered when
> invoking OpenSSL, using an option such as
> 
> -cipher "ALL:@SECLEVEL=1"
> "

So reading it again, I think the "when invoking OpenSSL" is confusing.
Not only the openssl binary is affected, but also all clients and
server applications making use of the library are. Some applications
might have a way to set the cipher in their own configuration file,
others might need to change the defaults in /etc/ssl/openssl.cfg


Kurt

Bug#1007901: [Pkg-utopia-maintainers] Bug#1007899: network-manager: L2TP-VPN doesn't work with network-manager version 1.36.2-1 (works with 1.34.0-1)

[Douglas Kosovic]

As mentioned to the upstream NetworkManager 1.36.2 VPN routing bug:
  https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/946

The routing issue when the "Use this connection only for resources on its 
network" IPv4 setting is enabled, no longer appears to occur with 
NetworkManager 1.37.2.

As 1.37.2 is a developer release, I believe this issue will resolve itself once 
the Debian network-manager package is upgraded to whatever the next 
NetworkManager non-developer release will be.

Bug#959469: openssl 1.1.1n-0+deb10u1 flagged for acceptance

[Kurt Roeckx]

On Tue, Mar 22, 2022 at 08:19:01PM +, Adam D. Barratt wrote:
> Is the note below accurate?

Yes.


Kurt

Bug#1006677: Java JIT Compiler fails to compile JavaFX method

[Florian Weimer]

* Frank Ulbricht:

> ---  T H R E A D  ---
>
> Current thread (0x7f74e8101ef0):  JavaThread "C2 CompilerThread0" daemon 
> [_thread_in_native, id=1195, stack(0x7f74cc211000,0x7f74cc312000)]
>
>
> Current CompileTask:
> C2:17931770 16689   4   
> javafx.scene.control.TableView$TableViewArrayListSelectionModel::updateSelection
>  (568 bytes)
>
> Stack: [0x7f74cc211000,0x7f74cc312000],  sp=0x7f74cc30cef0,  free 
> space=1007k
> Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native 
> code)
> V  [libjvm.so+0xab64db]
> V  [libjvm.so+0xab6b50]
> V  [libjvm.so+0xab74be]
> V  [libjvm.so+0x5cd25e]
> V  [libjvm.so+0x5cae9e]
> V  [libjvm.so+0x5cca67]

$ addr2line -C -f -i -p -e  
/usr/lib/jvm/java-17-openjdk-amd64/lib/server/libjvm.so 0xab64db 0xab6b50 
0xab74be 0x5cd25e 0x5cae9e 0x5cca67 
Node::in(unsigned int) const at 
./make/hotspot/./src/hotspot/share/opto/node.hpp:392
 (inlined by) PhaseIdealLoop::idom_no_update(unsigned int) const at 
./make/hotspot/./src/hotspot/share/opto/loopnode.hpp:1093
 (inlined by) PhaseIdealLoop::idom(unsigned int) const at 
./make/hotspot/./src/hotspot/share/opto/loopnode.hpp:1105
 (inlined by) PhaseIdealLoop::idom(Node*) const at 
./make/hotspot/./src/hotspot/share/opto/loopnode.hpp:1101
 (inlined by) PhaseIdealLoop::build_loop_late_post_work(Node*, bool) at 
./make/hotspot/./src/hotspot/share/opto/loopnode.cpp:5347
Node_Stack::is_empty() const at 
./make/hotspot/./src/hotspot/share/opto/node.hpp:1710
 (inlined by) PhaseIdealLoop::build_loop_late(VectorSet&, Node_List&, 
Node_Stack&) at ./make/hotspot/./src/hotspot/share/opto/loopnode.cpp:5194
PhaseIdealLoop::build_and_optimize(LoopOptsMode) at 
./make/hotspot/./src/hotspot/share/opto/loopnode.cpp:3882
CompilerThread::env() at 
./make/hotspot/./src/hotspot/share/compiler/compilerThread.hpp:85
 (inlined by) ciEnv::current() at 
./make/hotspot/./src/hotspot/share/ci/ciEnv.hpp:435
 (inlined by) Compile::current() at 
./make/hotspot/./src/hotspot/share/opto/compile.hpp:492
 (inlined by) PhaseIdealLoop::optimize(PhaseIterGVN&, LoopOptsMode) at 
./make/hotspot/./src/hotspot/share/opto/loopnode.hpp:1148
ciEnv::failing() at ./make/hotspot/./src/hotspot/share/ci/ciEnv.hpp:319
 (inlined by) Compile::failing() const at 
./make/hotspot/./src/hotspot/share/opto/compile.hpp:742
 (inlined by) Compile::optimize_loops(PhaseIterGVN&, LoopOptsMode) at 
./make/hotspot/./src/hotspot/share/opto/compile.cpp:2024
 (inlined by) Compile::optimize_loops(PhaseIterGVN&, LoopOptsMode) at 
./make/hotspot/./src/hotspot/share/opto/compile.cpp:2016
 (inlined by) Compile::Optimize() at 
./make/hotspot/./src/hotspot/share/opto/compile.cpp:2245
Compile::failing() const at 
./make/hotspot/./src/hotspot/share/opto/compile.hpp:742
 (inlined by) Compile::Compile(ciEnv*, ciMethod*, int, bool, bool, bool, bool, 
bool, DirectiveSet*) at ./make/hotspot/./src/hotspot/share/opto/compile.cpp:786

So this could be a duplicate of JDK-8283386:

  JavaFX application crashes - hotspot C2 compiler EXCEPTION_ACCESS_VIOLATION
  

Bug#959469: openssl 1.1.1n-0+deb10u1 flagged for acceptance

[Adam D. Barratt]

On Tue, 2022-03-22 at 21:01 +0100, Kurt Roeckx wrote:
> On Tue, Mar 22, 2022 at 07:37:00PM +, Adam D. Barratt wrote:
> > On Mon, 2022-03-21 at 00:12 +0100, Sebastian Andrzej Siewior wrote:
> > > The change in openssl is commit
> > >cc7c6eb8135b ("Check that the default signature type is
> > > allowed")
> > > 
> > > Before the commit in question it connects as:
> > >   - Description: (TLS1.0)-(ECDHE-SECP384R1)-(AES-256-CBC)-(SHA1)
> > > 
> > > after that, the server throws:
> > >   140490373015360:error:14201044:SSL
> > > routines:tls_choose_sigalg:internal error:../ssl/t1_lib.c:2880:
> > > 
> > > and it appears that the security level in openssl forbids SHA1
> > > here.
> > > The argument on the s_server side
> > >-sigalgs RSA+SHA1:RSA+SHA256:DSA+SHA1:DSA+SHA256
> > > 
> > > doesn't help here but
> > >-cipher "ALL:@SECLEVEL=1"
> > > 
> > > does. 
> > > 
> > 
> > If we wanted to add a note to the release announcement in case
> > users
> > face similar issue with other software, is
> > "tls_choose:sigalg:internal
> > error" a reliable signal of this situation occurring? Should the
> > recommended solution be to lower the security level, or might
> > specifying -sigalgs work on its own in some scenarios?
> 
> So to clarify things. The problem is that SHA1 was allowed as
> signature
> algorithm while the security level should not have allowed it. If the
> peer does not support SHA256, the security level needs to be lowered
> so that SHA1 is allowed again.

Thanks.

Is the note below accurate? I'm not entirely happy with the title, but
it's the best I could come up with currently.

"
OpenSSL signature algorithm check tightening
=

The OpenSSL update included in this point release includes a change to
ensure that the requested signature algorithm is supported by the
active security level.

Although this will not affect most use-cases, it could lead to error
messages being generated if a non-supported algorithm is requested -
for example, use of SHA1 with the default security level of 2. In such
cases, the security level will need to be explicitly lowered when
invoking OpenSSL, using an option such as

-cipher "ALL:@SECLEVEL=1"
"

Regards,

Adam

Bug#1008112: Source is duplicated with golang-mvdan-sh

[Nilesh Patra]

On Wed, Mar 23, 2022 at 04:04:41AM +0800, Shengjing Zhu wrote:
> It's upstream that puts them in one repo.
> And src:shfmt clearly contains all the source of src:golang-mvdan-sh
> 
> > Also, if you look even "gosh" is a part of mvdan-sh and it is also in the 
> > archive as a separate package;
> > so if you are merging, even gosh should be merged?
> 
> You mean bin:gauche package which provides /usr/bin/gosh? It's
> obviously a different source.

ACK, I overlooked that. Looks like shfmt is the useful tool here, so if Marcos 
could
transfer his repo into the
golang team, we can proceed with the merge.

Regards,
Nilesh


signature.asc
Description: PGP signature

Bug#1008112: Source is duplicated with golang-mvdan-sh

[Shengjing Zhu]

On Wed, Mar 23, 2022 at 4:04 AM Shengjing Zhu  wrote:
>
> On Wed, Mar 23, 2022 at 3:57 AM Nilesh Patra  wrote:
> >
> > Hi Shengjing,
> >
> > On Wed, 23 Mar 2022 02:35:20 +0800 Shengjing Zhu  wrote:
> > > Control: found -1 shfmt/3.4.3-1
> > > Control: found -1 golang-mvdan-sh/3.4.3+ds-1
> >^^
> >
> > I have excluded the source for shfmt in that version[1]
> > So I do not think duplicated source is true anymore?
> >
> > [1]: 
> > https://salsa.debian.org/go-team/packages/golang-mvdan-sh/-/blob/debian/sid/debian/copyright#L5
> >
> > > The two packages are same source, could you merge them?
> >
> > I am not fully certain if it is a good idea, since shfmt is already 
> > available as a git repo,
> > and also as a Debian package, so I do not follow as to why this should be a 
> > monorepo?
> >
>
> It's upstream that puts them in one repo.
> And src:shfmt clearly contains all the source of src:golang-mvdan-sh
>
> > Also, if you look even "gosh" is a part of mvdan-sh and it is also in the 
> > archive as a separate package;
> > so if you are merging, even gosh should be merged?
>
> You mean bin:gauche package which provides /usr/bin/gosh? It's
> obviously a different source.
>

Just be much clearer, merging means merging the two source packages,
the binary packages shouldn't be merged.

-- 
Shengjing Zhu

Bug#1008112: Source is duplicated with golang-mvdan-sh

[Shengjing Zhu]

On Wed, Mar 23, 2022 at 3:57 AM Nilesh Patra  wrote:
>
> Hi Shengjing,
>
> On Wed, 23 Mar 2022 02:35:20 +0800 Shengjing Zhu  wrote:
> > Control: found -1 shfmt/3.4.3-1
> > Control: found -1 golang-mvdan-sh/3.4.3+ds-1
>^^
>
> I have excluded the source for shfmt in that version[1]
> So I do not think duplicated source is true anymore?
>
> [1]: 
> https://salsa.debian.org/go-team/packages/golang-mvdan-sh/-/blob/debian/sid/debian/copyright#L5
>
> > The two packages are same source, could you merge them?
>
> I am not fully certain if it is a good idea, since shfmt is already available 
> as a git repo,
> and also as a Debian package, so I do not follow as to why this should be a 
> monorepo?
>

It's upstream that puts them in one repo.
And src:shfmt clearly contains all the source of src:golang-mvdan-sh

> Also, if you look even "gosh" is a part of mvdan-sh and it is also in the 
> archive as a separate package;
> so if you are merging, even gosh should be merged?

You mean bin:gauche package which provides /usr/bin/gosh? It's
obviously a different source.

-- 
Shengjing Zhu

Bug#959469: openssl 1.1.1n-0+deb10u1 flagged for acceptance

[Kurt Roeckx]

On Tue, Mar 22, 2022 at 07:37:00PM +, Adam D. Barratt wrote:
> On Mon, 2022-03-21 at 00:12 +0100, Sebastian Andrzej Siewior wrote:
> > The change in openssl is commit
> >cc7c6eb8135b ("Check that the default signature type is allowed")
> > 
> > Before the commit in question it connects as:
> >   - Description: (TLS1.0)-(ECDHE-SECP384R1)-(AES-256-CBC)-(SHA1)
> > 
> > after that, the server throws:
> >   140490373015360:error:14201044:SSL
> > routines:tls_choose_sigalg:internal error:../ssl/t1_lib.c:2880:
> > 
> > and it appears that the security level in openssl forbids SHA1 here.
> > The argument on the s_server side
> >  -sigalgs RSA+SHA1:RSA+SHA256:DSA+SHA1:DSA+SHA256
> > 
> > doesn't help here but
> >  -cipher "ALL:@SECLEVEL=1"
> > 
> > does. 
> > 
> 
> If we wanted to add a note to the release announcement in case users
> face similar issue with other software, is "tls_choose:sigalg:internal
> error" a reliable signal of this situation occurring? Should the
> recommended solution be to lower the security level, or might
> specifying -sigalgs work on its own in some scenarios?

So to clarify things. The problem is that SHA1 was allowed as signature
algorithm while the security level should not have allowed it. If the
peer does not support SHA256, the security level needs to be lowered
so that SHA1 is allowed again.


Kurt

Bug#1008123: [20220322] mirror.neostrada.nl: Forbidden

[Julien Cristau]

Package: mirrors
User: mirr...@packages.debian.org
Usertags: mirror-problem
X-Debbugs-Cc: "Neostrada B.V. Mirror Admins" 

Hi,

Our monitoring for Debian archive mirrors shows issues with mirror.neostrada.nl 
starting March 18.[1]

[1]: 
https://mirror-master.debian.org/status/mirror-info/mirror.neostrada.nl.html

Can you take a look and let us know?

Thanks,
Julien Cristau - Debian mirrors team

Bug#1008112: Source is duplicated with golang-mvdan-sh

[Nilesh Patra]

Hi Shengjing,

On Wed, 23 Mar 2022 02:35:20 +0800 Shengjing Zhu  wrote:
> Control: found -1 shfmt/3.4.3-1
> Control: found -1 golang-mvdan-sh/3.4.3+ds-1
   ^^

I have excluded the source for shfmt in that version[1]
So I do not think duplicated source is true anymore?

[1]: 
https://salsa.debian.org/go-team/packages/golang-mvdan-sh/-/blob/debian/sid/debian/copyright#L5

> The two packages are same source, could you merge them?

I am not fully certain if it is a good idea, since shfmt is already available 
as a git repo,
and also as a Debian package, so I do not follow as to why this should be a 
monorepo?

Also, if you look even "gosh" is a part of mvdan-sh and it is also in the 
archive as a separate package;
so if you are merging, even gosh should be merged?
Please let me know the reasons a bit more clearly.

> Marcos Talau, could you mind bring shfmt to Go package team umbrella?

(CC'ed Marcos explicitly again)
@Marcos, kindly do this

Regards,
Nilesh


signature.asc
Description: PGP signature

Bug#1008121: [20220322] debian.sbnw.in: service unavailable

[Julien Cristau]

Package: mirrors
User: mirr...@packages.debian.org
Usertags: mirror-problem
X-Debbugs-Cc: Debian Mirror Admin 

Hi,

Our monitoring for Debian archive mirrors shows that debian.sbnw.in is
no longer available since March 16.[1]

[1] https://mirror-master.debian.org/status/mirror-info/debian.sbnw.in.html

Can you look into this and let us know?

Thanks,
Julien Cristau - Debian mirrors team

Bug#1007959: uftrace: Intent to NMU

[paul cannon]

On Tue, Mar 22, 2022 at 12:46:06PM +0100, Gürkan Myczko wrote:
> Paul, I'm so sorry, the salsa repo is really just this (so whatever is
> needed to get history back, I'm find
> having it removed, started from scratch as it's only really this):
> 
> gbp import-dscs --debsnap uftrace
> git push origin master upstream;git push --tags;git push -u origin --all

This shouldn't be a problem. I can fix it up, once my Salsa account is
activated and I can actually log in.

I have a new 0.11-4 release prepared at
https://github.com/thepaul/uftrace/tree/deb, if either of you would care
to take a look by way of review, to make sure I have incorporated both
of your inputs.

Paul

Bug#959469: openssl 1.1.1n-0+deb10u1 flagged for acceptance

[Adam D. Barratt]

On Mon, 2022-03-21 at 00:12 +0100, Sebastian Andrzej Siewior wrote:
> The change in openssl is commit
>cc7c6eb8135b ("Check that the default signature type is allowed")
> 
> Before the commit in question it connects as:
>   - Description: (TLS1.0)-(ECDHE-SECP384R1)-(AES-256-CBC)-(SHA1)
> 
> after that, the server throws:
>   140490373015360:error:14201044:SSL
> routines:tls_choose_sigalg:internal error:../ssl/t1_lib.c:2880:
> 
> and it appears that the security level in openssl forbids SHA1 here.
> The argument on the s_server side
>-sigalgs RSA+SHA1:RSA+SHA256:DSA+SHA1:DSA+SHA256
> 
> doesn't help here but
>-cipher "ALL:@SECLEVEL=1"
> 
> does. 
> 

If we wanted to add a note to the release announcement in case users
face similar issue with other software, is "tls_choose:sigalg:internal
error" a reliable signal of this situation occurring? Should the
recommended solution be to lower the security level, or might
specifying -sigalgs work on its own in some scenarios?

Regards,

Adam

Bug#1008120: gnome-shell-extension-bluetooth-quick-connect: does not declare compatibility with GNOME Shell 42

[Simon McVittie]

Package: gnome-shell-extension-bluetooth-quick-connect
Version: 26-1
Severity: important
Tags: bookworm sid upstream
User: pkg-gnome-maintain...@lists.alioth.debian.org
Usertags: gnome-shell-42
Forwarded: https://github.com/bjarosze/gnome-bluetooth-quick-connect/issues/53

The metadata.json for this extension doesn't declare compatibility with
GNOME 42. It looks like changes are genuinely needed:
https://github.com/bjarosze/gnome-bluetooth-quick-connect/issues/53

smcv

Bug#1008119: src:pyfai: fails to migrate to testing for too long: autopkgtest regression

[Paul Gevers]

Source: pyfai
Version: 0.20.0+dfsg1-4.1
Severity: serious
Control: close -1 0.21.1+dfsg1-1
Tags: sid bookworm
User: release.debian@packages.debian.org
Usertags: out-of-sync
Control: block -1 by 1004509

Dear maintainer(s),

The Release Team considers packages that are out-of-sync between testing 
and unstable for more than 60 days as having a Release Critical bug in 
testing [1]. Your package src:pyfai has been trying to migrate for 61 
days [2]. Hence, I am filing this bug.


If a package is out of sync between unstable and testing for a longer 
period, this usually means that bugs in the package in testing cannot be 
fixed via unstable. Additionally, blocked packages can have impact on 
other packages, which makes preparing for the release more difficult. 
Finally, it often exposes issues with the package and/or
its (reverse-)dependencies. We expect maintainers to fix issues that 
hamper the migration of their package in a timely manner.


This bug will trigger auto-removal when appropriate. As with all new 
bugs, there will be at least 30 days before the package is auto-removed.


I have immediately closed this bug with the version in unstable, so if 
that version or a later version migrates, this bug will no longer affect 
testing. I have also tagged this bug to only affect sid and bookworm, so 
it doesn't affect (old-)stable.


If you believe your package is unable to migrate to testing due to 
issues beyond your control, don't hesitate to contact the Release Team.


Paul

[1] https://lists.debian.org/debian-devel-announce/2020/02/msg5.html
[2] https://qa.debian.org/excuses.php?package=pyfai



OpenPGP_signature
Description: OpenPGP digital signature

Bug#1008118: src:scamper: fails to migrate to testing for too long: FTBFS everywhere except amd64

[Paul Gevers]

Source: scamper
Version: 20191102-1
Severity: serious
Control: close -1 20211212-1
Tags: sid bookworm ftbfs
User: release.debian@packages.debian.org
Usertags: out-of-sync

Dear maintainer(s),

The Release Team considers packages that are out-of-sync between testing 
and unstable for more than 60 days as having a Release Critical bug in 
testing [1]. Your package src:scamper has been trying to migrate for 61 
days [2]. Hence, I am filing this bug. Your package fails to build from 
source everywhere except on amd64 do to the following:

rm debian/tmp/usr/lib/x86_64-linux-gnu/libscamperfile.la
rm: cannot remove 
'debian/tmp/usr/lib/x86_64-linux-gnu/libscamperfile.la': No such file or 
directory


If a package is out of sync between unstable and testing for a longer 
period, this usually means that bugs in the package in testing cannot be 
fixed via unstable. Additionally, blocked packages can have impact on 
other packages, which makes preparing for the release more difficult. 
Finally, it often exposes issues with the package and/or
its (reverse-)dependencies. We expect maintainers to fix issues that 
hamper the migration of their package in a timely manner.


This bug will trigger auto-removal when appropriate. As with all new 
bugs, there will be at least 30 days before the package is auto-removed.


I have immediately closed this bug with the version in unstable, so if 
that version or a later version migrates, this bug will no longer affect 
testing. I have also tagged this bug to only affect sid and bookworm, so 
it doesn't affect (old-)stable.


If you believe your package is unable to migrate to testing due to 
issues beyond your control, don't hesitate to contact the Release Team.


Paul

[1] https://lists.debian.org/debian-devel-announce/2020/02/msg5.html
[2] https://qa.debian.org/excuses.php?package=scamper



OpenPGP_signature
Description: OpenPGP digital signature

Bug#1008117: src:swayidle: fails to migrate to testing for too long: FTBFS on 32bit

[Paul Gevers]

Source: swayidle
Version: 1.7-1
Severity: serious
Control: close -1 1.7.1-1
Tags: sid bookworm
User: release.debian@packages.debian.org
Usertags: out-of-sync
Control: block -1 by 1004092

Dear maintainer(s),

The Release Team considers packages that are out-of-sync between testing 
and unstable for more than 60 days as having a Release Critical bug in 
testing [1]. Your package src:swayidle has been trying to migrate for 61 
days [2]. Hence, I am filing this bug.


If a package is out of sync between unstable and testing for a longer 
period, this usually means that bugs in the package in testing cannot be 
fixed via unstable. Additionally, blocked packages can have impact on 
other packages, which makes preparing for the release more difficult. 
Finally, it often exposes issues with the package and/or
its (reverse-)dependencies. We expect maintainers to fix issues that 
hamper the migration of their package in a timely manner.


This bug will trigger auto-removal when appropriate. As with all new 
bugs, there will be at least 30 days before the package is auto-removed.


I have immediately closed this bug with the version in unstable, so if 
that version or a later version migrates, this bug will no longer affect 
testing. I have also tagged this bug to only affect sid and bookworm, so 
it doesn't affect (old-)stable.


If you believe your package is unable to migrate to testing due to 
issues beyond your control, don't hesitate to contact the Release Team.


Paul

[1] https://lists.debian.org/debian-devel-announce/2020/02/msg5.html
[2] https://qa.debian.org/excuses.php?package=swayidle



OpenPGP_signature
Description: OpenPGP digital signature

Bug#1008074: s390-dasd 0.0.74~deb11u1 flagged for acceptance

[Adam D Barratt]

package release.debian.org
tags 1008074 = bullseye pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bullseye.

Thanks for your contribution!

Upload details
==

Package: s390-dasd
Version: 0.0.74~deb11u1

Explanation: stop passing deprecated -f option to dasdfmt

Bug#1008063: transition: nodejs

[Jérémy Lal]

On Mon, Mar 21, 2022 at 10:42 PM Sebastian Ramacher 
wrote:

> Control: tags -1 confirmed
>
> On 2022-03-21 18:54:38 +0100, Jérémy Lal wrote:
> > Package: release.debian.org
> > Severity: normal
> > User: release.debian@packages.debian.org
> > Usertags: transition
> > X-Debbugs-Cc: Debian Javascript Maintainers <
> pkg-javascript-de...@lists.alioth.debian.org>
> >
> > Hi,
> >
> > this transition correspond to a nodejs 12 -> 14 major major bump.
> >
> > I carefully checked (twice, actually) that all build-dependencies of
> > - libnode-dev (arch-dependent)
> > - nodejs (arch-independent)
> > can be rebuilt using latest libnode-dev / nodejs, though of course
> > only the arch-dependent ones are concerned by this transition.
>
> Please go ahead


We just just finished fixing some issues
with nodejs_16.13.2+really14.19.1~dfsg-5:
- test issues
- missing important files for typescript-dependent modules

Also i just uploaded a fix for
node-modern-syslog

node-opencv is known to fail and might be fixed, but it will be removed if
not.

Jérémy

Bug#1008114: Go packages are no longer reproducible with Go1.18

[Shengjing Zhu]

Source: golang-1.18
Version: 1.18-1
Severity: normal
X-Debbugs-Cc: z...@debian.org, reproducible-b...@lists.alioth.debian.org


For packages built with Go1.18, the build path is encoded in the binary now.

For example,

$ strings /usr/bin/gopls |grep /build/golang-golang-x-tools
build   CGO_CFLAGS="-g -O2 
-ffile-prefix-map=/build/golang-golang-x-tools-0IC9YQ/golang-golang-x-tools-0.1.10+ds=.
 -fstack-protector-strong -Wformat -Werror=format-security"
build   CGO_CXXFLAGS="-g -O2 
-ffile-prefix-map=/build/golang-golang-x-tools-0IC9YQ/golang-golang-x-tools-0.1.10+ds=.
 -fstack-protector-strong -Wformat -Werror=format-security"
build   CGO_CFLAGS="-g -O2 
-ffile-prefix-map=/build/golang-golang-x-tools-0IC9YQ/golang-golang-x-tools-0.1.10+ds=.
 -fstack-protector-strong -Wformat -Werror=format-security"
build   CGO_CXXFLAGS="-g -O2 
-ffile-prefix-map=/build/golang-golang-x-tools-0IC9YQ/golang-golang-x-tools-0.1.10+ds=.
 -fstack-protector-strong -Wformat -Werror=format-security"

This because Go1.18 starts to record the build flags. So people can check it 
with
`go version` command,

$ go version -m /usr/bin/gopls 
/usr/bin/gopls: go1.18
pathgolang.org/x/tools/gopls
build   -compiler=gc
build   CGO_ENABLED=1
build   CGO_CFLAGS="-g -O2 
-ffile-prefix-map=/build/golang-golang-x-tools-0IC9YQ/golang-golang-x-tools-0.1.10+ds=.
 -fstack-protector-strong -Wformat -Werror=format-security"
build   CGO_CPPFLAGS="-Wdate-time -D_FORTIFY_SOURCE=2"
build   CGO_CXXFLAGS="-g -O2 
-ffile-prefix-map=/build/golang-golang-x-tools-0IC9YQ/golang-golang-x-tools-0.1.10+ds=.
 -fstack-protector-strong -Wformat -Werror=format-security"
build   CGO_LDFLAGS=-Wl,-z,relro
build   GOARCH=amd64
build   GOOS=linux
build   GOAMD64=v1

Bug#1008113: ubertooth: please update to latest upstream version (2020-12-R1)

[Eric Cooper]

Package: ubertooth
Version: 2018.12.R1-5
Severity: wishlist

Please update ubertooth and related packages to the latest upstream release.

-- System Information:
Debian Release: bookworm/sid
  APT prefers testing
  APT policy: (500, 'testing'), (400, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.16.0-3-amd64 (SMP w/32 CPU threads; PREEMPT)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages ubertooth depends on:
ii  libbluetooth3  5.62-2
pn  libbtbb1   
ii  libc6  2.33-7
pn  libubertooth1  
ii  libusb-1.0-0   2:1.0.25-1
ii  python33.9.8-1
ii  python3-numpy  1:1.21.5-1

Versions of packages ubertooth recommends:
pn  python3-pyside2.qtcore 
pn  python3-pyside2.qtgui  
pn  python3-pyside2.qtwidgets  
pn  ubertooth-firmware 

Versions of packages ubertooth suggests:
pn  ubertooth-firmware-source  

Bug#1008110: [Pkg-javascript-devel] Bug#1008110: nodejs: Missing @types/node/package.json blocks many tsc builds

[Jérémy Lal]

On Tue, Mar 22, 2022 at 5:42 PM Yadd  wrote:

> Package: nodejs
> Version: 16.13.2+really14.19.1~dfsg-4
> Severity: serious
> Tags: ftbfs
> Justification: FTBFS
>
> nodejs 14 installs @types/node files except package.json. This render
> typescript declaration unusable and blocks typescript builds.
>
> Cheers,
> Yadd
>

So sorry about that. I just wanted to remove the LICENSE/README files,
and ended up removing too much.

Jérémy

Bug#1008072: s390-dasd 0.0.74~deb10u1 flagged for acceptance

[Adam D Barratt]

package release.debian.org
tags 1008072 = buster pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian buster.

Thanks for your contribution!

Upload details
==

Package: s390-dasd
Version: 0.0.74~deb10u1

Explanation: stop passing deprecated -f option to dasdfmt

Bug#1008112: Source is duplicated with golang-mvdan-sh

[Shengjing Zhu]

Source: shfmt, golang-mvdan-sh
Severity: normal
X-Debbugs-Cc: z...@debian.org

Control: found -1 shfmt/3.4.3-1
Control: found -1 golang-mvdan-sh/3.4.3+ds-1

Hi,

The two packages are same source, could you merge them?

Marcos Talau, could you mind bring shfmt to Go package team umbrella?

Bug#1007800: golang-golang-x-tools: FTBFS with Go 1.18

[Shengjing Zhu]

On Wed, Mar 23, 2022 at 12:33 AM Vincent Bernat  wrote:
>
>  ❦ 16 March 2022 18:39 -05, William 'jawn-smith' Wilson:
>
> > golang-golang-x-tools currently FTBFS with Go 1.18
> >
> > In Ubuntu, the attached patch was applied to achieve the following:
> >
> >
> >   * Fix FTBFS with Go 1.18
>
> Hello,
>
> gopls has issues with Go 1.18. Better upgrade to the latest upstream
> version.
>

New version uploaded. I tested gopls with vim, it seems to work fine.

William, I think you may want to sync it to Ubuntu 22.04 as well, as
the old version is not compatible with Go 1.18.

-- 
Shengjing Zhu

Bug#472269: libc6: res_query makes assumptions about the alignment of the answer argument

[John David Anglin]

Package: libc6
Followup-For: Bug #472269

Dear Maintainer,

I believe this bug is fixed upstream by the following commit:

commit 05dec22d7be722987ff07aebf9690f6078b3c4e9 (HEAD -> master, origin/master,
origin/HEAD)
Author: John David Anglin 
Date:   Tue Mar 22 17:35:54 2022 +

resolv: Fix unaligned accesses to fields in HEADER struct

The structure HEADER is normally aligned to a word boundary but
sometimes it needs to be accessed when aligned on a byte boundary.
This change defines a new typedef, UHEADER, with alignment 1.
It is used to ensure the fields are accessed with byte loads and
stores when necessary.

V4: Change to res_mkquery.c deleted.  Small whitespace fix.

V5: Move UHEADER typedef to resolv/resolv-internal.h.  Replace all
HEADER usage with UHEADER in resolv/res_send.c.

Signed-off-by: John David Anglin 
Reviewed-by: Adhemerval Zanella  

This bug is fixed in debian 2.33 by the patch
any/submitted-resolv-unaligned.diff.  It turns out the following
hunk can be removed:

diff --git a/resolv/res_mkquery.c b/resolv/res_mkquery.c
index 5bc5b41531..9b82c82157 100644
--- a/resolv/res_mkquery.c
+++ b/resolv/res_mkquery.c
@@ -193,6 +193,15 @@ context_mkquery_common (struct resolv_context *ctx,
   return result;
 }
 
+/* The structure HEADER is normally aligned to a word boundary and its
+   fields are accessed using word loads and stores.  We need to access
+   this structure when it is aligned on a byte boundary.  This can cause
+   problems on machines with strict alignment.  So, we create a new
+   typedef to reduce its alignment to one.  This ensures the fields are
+   accessed with byte loads and stores.  */
+typedef HEADER __attribute__ ((__aligned__(1))) UHEADER;
+#define HEADER UHEADER
+
 /* Form all types of queries.  Returns the size of the result or -1 on
error.
 
Regards,
Dave Anglin

-- System Information:
Debian Release: bookworm/sid
  APT prefers buildd-unstable
  APT policy: (500, 'buildd-unstable'), (500, 'unstable')
Architecture: hppa (parisc64)

Kernel: Linux 5.16.16+ (SMP w/4 CPU threads)
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libc6 depends on:
ii  libgcc-s4  12-20220319-1

Versions of packages libc6 recommends:
ii  libidn2-0  2.3.2-2

Versions of packages libc6 suggests:
ii  debconf [debconf-2.0]  1.5.79
ii  glibc-doc  2.33-7
ii  libc-l10n  2.33-7
ii  libnss-nis 3.1-4
ii  libnss-nisplus 1.3-4
ii  locales2.33-7

-- debconf information excluded

Bug#1006559: python-scrapy: FTBFS with OpenSSL 3.0

[Andrey Rahmatullin]

Control: retitle -1 FTBFS with New Twisted
Control: forwarded -1 https://github.com/scrapy/scrapy/issues/5400
Control: tags -1 + upstream fixed-upstream

On Sun, Feb 27, 2022 at 09:19:23PM +0100, Sebastian Andrzej Siewior wrote:
> | from twisted.web.test.test_webclient import PayloadResource
> | E   ImportError: cannot import name 'PayloadResource' from 
> 'twisted.web.test.test_webclient' 
> (/usr/lib/python3/dist-packages/twisted/web/tes t/test_webclient.py)
> | _ ERROR collecting tests/test_command_parse.py 
> _

> I'm not sure if this is comming from a fact that a dependency is not
> compiled against openssl 3.0 and python-scrapy is okay otherwise.
It's not related to OpenSSL.

-- 
WBR, wRAR


signature.asc
Description: PGP signature

Bug#1008080: Some sites do not work

[Andres Salomon]

Control: severity -1 normal


On Tue, 22 Mar 2022 08:15:27 +0100 =?utf-8?q?St=C3=A9phane_Glondu?= wrote:

> Package: chromium
> Version: 99.0.4844.74-1
> Severity: grave
>
> Dear Maintainer,
>
> On two different, up-to-date Debian testing machines, at least the
> following sites:
>
> https://framatalk.org
> https://replit.com
>
> do not work properly (but not all sites are broken). I get spurious
> "Your connection was interrupted" (ERR_NETWORK_CHANGED). For replit,
> sometimes the home page loads, but trying to log in does not work.
>
> With one of the two machines, I tried on two different networks, with
> the same result.

>


I cannot reproduce this on testing/unstable or stable. Does it happen 
with google's official chrome package? When you say two different 
networks, are they both with the same upstream provider? Does a 
traceroute to those sites show any intermittent issues?

Bug#1008111: RM: perl6-zef -- ROM; replaced by raku-zef following Perl6 rename to Raku

[Dominique Dumont]

Package: ftp.debian.org
Severity: normal

Hi

Perl6 was renamed to Raku, so I'm (slowly) renaming perl6 package to
raku packages.

perl6-zef is now superseded by raku-zef.


All the best

Dod

Bug#1008110: nodejs: Missing @types/node/package.json blocks many tsc builds

[Yadd]

Package: nodejs
Version: 16.13.2+really14.19.1~dfsg-4
Severity: serious
Tags: ftbfs
Justification: FTBFS

nodejs 14 installs @types/node files except package.json. This render
typescript declaration unusable and blocks typescript builds.

Cheers,
Yadd

Bug#1007800: golang-golang-x-tools: FTBFS with Go 1.18

[Vincent Bernat]

 ❦ 16 March 2022 18:39 -05, William 'jawn-smith' Wilson:

> golang-golang-x-tools currently FTBFS with Go 1.18
>
> In Ubuntu, the attached patch was applied to achieve the following:
>
>
>   * Fix FTBFS with Go 1.18

Hello,

gopls has issues with Go 1.18. Better upgrade to the latest upstream
version.

Thanks.
-- 
There are more things in heaven and earth,
Horatio, than are dreamt of in your philosophy.
-- Wm. Shakespeare, "Hamlet"

Bug#1008109: awscli: dependency on groff is unnecessary: the smaller groff-base is enough

[Menno Tammens]

Package: awscli
Version: 1.19.1-1
Severity: normal
X-Debbugs-Cc: debian_b...@eml.cc

Dear Maintainer,

awscli depends on groff for the built-in help pages.
The only occurrence of groff is in the file help.py [1], where the following 
command is used:

groff -m man -T ascii

For this command the smaller package groff-base is sufficient, which saves the 
installation of several X11 libraries.

Regards,
Menno

[1] https://salsa.debian.org/cloud-team/awscli/-/blob/master/awscli/help.py#L111


-- System Information:
Debian Release: 11.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: arm64 (aarch64)

Kernel: Linux 5.10.0-12-arm64 (SMP w/4 CPU threads)
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: unable to detect

Versions of packages awscli depends on:
ii  groff   1.22.4-6
ii  python3 3.9.2-3
ii  python3-botocore1.20.0+repack-1
ii  python3-colorama0.4.4-1
ii  python3-docutils0.16+dfsg-4
ii  python3-pyasn1  0.4.8-1
ii  python3-rsa 4.0-4
ii  python3-s3transfer  0.3.4-1
ii  python3-yaml5.3.1-5

awscli recommends no packages.

awscli suggests no packages.

-- no debconf information

Bug#1008108: [20220322] syncproxy.eu.debian.org: out of date, no space left on device

[Julien Cristau]

Package: mirrors
Severity: important

On March 15, syncproxy.eu.debian.org / debian.carnet.hr ran out of disk
space.  As a result it is now a week out of date, as are all the mirrors
in the downstream hierarchy.

In the mean time the affected ftp.*.debian.org names have been pointed
at other mirrors.

Cheers,
Julien

Bug#1008107: "mke2fs -E android_sparse" yields: "Unimplemented ext2 library function while setting up superblock" (not built against libsparse?)

[Daniel Kahn Gillmor]

Package: libext2fs2
Version: 1.46.5-2
Control: affects -1 + fastboot android-sdk-platform-tools

The -E android_sparse option for mke2fs fails because libext2fs2 reports
EXT2_ET_UNIMPLEMENTED, presumably because libext2fs2 isn't built with
ENABLE_LIBSPARSE .  here's the failure:


```
0 dkg@host:~$ /sbin/mke2fs tmp/control 1000
mke2fs 1.46.5 (30-Dec-2021)
Creating regular file tmp/control
Creating filesystem with 1000 1k blocks and 128 inodes

Allocating group tables: done
Writing inode tables: done
Writing superblocks and filesystem accounting information: done

0 dkg@host:~$ /sbin/mke2fs -E android_sparse tmp/test 1000
mke2fs 1.46.5 (30-Dec-2021)
Creating regular file tmp/test
tmp/test: Unimplemented ext2 library function while setting up superblock
1 dkg@host:~$ 
```

I ran into this because i wanted to call "fastboot format cache", which
failed when trying to run mke2fs.  it was trying to run it with -E
android_sparse

Looks like fastboot runs mke2fs from
/usr/lib/android-sdk/platform-tools/mke2fs, which is just a symlink back
to /sbin/mkfs, provided by android-sdk-platform-tools.

the "fastboot format cache" command instead fails with:

```
mke2fs 1.46.5 (30-Dec-2021)
/tmp/TemporaryFile-62XVjd: Unimplemented ext2 library function while setting up 
superblock
/usr/lib/android-sdk/platform-tools/mke2fs failed with status 1
fastboot: error: Cannot generate image for cache
```

--dkg


signature.asc
Description: PGP signature

Bug#993350: sane-epson2: unable to start scanner (Perfection 1650)

[Jörg Frings-Fürst]

Hello,


the upstream bug indicated in the forwarding has been fixed since
release 1.0.33. I therefore close this bug.

If there is still a bug, please open a new bug report for clarity.

CU
Jörg 
-- 
New:
GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB  30EE 09F8 9F3C 8CA1 D25D
GPG key (long) : 09F89F3C8CA1D25D
GPG Key: 8CA1D25D


Jörg Frings-Fürst
D-54470 Lieser

git:  https://jff.email/cgit/


Threema: SYR8SJXB
Skype: joergpenguin
Telegram: @joergfringsfuerst


My wish list: 
 - Please send me a picture from the nature at your home.



signature.asc
Description: This is a digitally signed message part

Bug#1006944: transition: proj

[Sebastiaan Couwenberg]

On 3/22/22 09:44, Sebastiaan Couwenberg wrote:

On 3/21/22 22:43, Sebastian Ramacher wrote:

Please go ahead


Thanks. proj (9.0.0-1) has been uploaded to unstable and is now built & 
installed on all release architectures.


Thanks for scheduling the binNMUs. Dependency level 2 and 3 are done, 
level 4 can be scheduled.


Kind Regards,

Bas

--
 GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146  50D1 6750 F10A E88D 4AF1

Bug#1008102: debian-reference: An addition to Table 5.1

[Osamu Aoki]

Hi,

As I read: 
> https://wiki.debian.org/NetworkManager/iwd

It looks like premature to me.

Some other data points:

POPCON:
https://qa.debian.org/popcon-graph.php?packages=connman+network-manager+iwd+wpasupplicant_installed=on_legend=on_ticks=on_date=_date=_date=_fmt=%25Y-%25m=1

I don't even mention connman so why add iwd now?

As I read upstream:
> https://iwd.wiki.kernel.org/networkmanager
and found this bug is still open
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/628
NM integration is just happening.  So maybe later...

Any compelling reason to add this now?  Please explain.

Osamu
-Original Message-
From: Brian Potkin 
Reply-To: Brian Potkin , 1008...@bugs.debian.org
To: Debian Bug Tracking System 
Subject: Bug#1008102: debian-reference: An addition to Table 5.1
Date: Tue, 22 Mar 2022 14:32:29 +

Package: debian-reference
Version: 2.91
Severity: wishlist


I would suggest that iwd would be a useful addition to the list of
network configuration tools.

https://packages.debian.org/sid/iwd

Regards,

Brian.

Bug#971827: New upstream release (1.8.0)

[Florian Ernst]

retitle 971827 New upstream release (1.10.0)
thanks

On Thu, Oct 08, 2020 at 09:21:25AM +0200, Laurent Bigonville wrote:
> Would it be possible to package the new upstream release?
> 
> 1.8.0 - May 29, 2020
> 
> [...]

Well, JFTR, 1.8.0 entered the archives last year and is by now part of
Bullseye, cf.

and .

However, in the meantime two new versions have been released:

| 1.10.0 - Feb 14, 2022
| =
| - Add API for resolving multiple tree matches
| - Add API for resolving multiple media matches
| - Add API to match between two OsinfoTree
| - Add API to match between two OsinfoMedia
| - Add API to get a complete list of firmwares
| - Add missing documentation of osinfo_os_add_firmware()
| - Add release status to osinfo-query
| - Add --all flag to all tools to report all matches
| - Fix hiding database entries
| - Adapt to libsoup3 which is now preferred over libsoup2
| - Several CI improvements
| - Several translations improvements
| 1.9.0 - Feb 02, 2021
| 
| - Improve on the osinfo-tools' and osinfo-detect's help
| - Several CI improvements
| - Several translations improvements
| - Improve on debuggability of the loader code
| - Fix build when using clang
Cf. 

Please update the package when you think it is due time.

Cheers,
Flo


signature.asc
Description: PGP signature

Bug#969694: aisleriot: please upgrade to guile-3.0 soon, if feasible

[Jeremy Bicha]

On Wed, Mar 16, 2022 at 8:21 PM Vagrant Cascadian  wrote:
> On 2020-09-06, Rob Browning wrote:
> > Please migrate to guile-3.0 as soon as it's feasible. If we can, I'd
> > like to have the option to drop guile-2.2 from bullseye, so that we
> > won't have to maintain two versions throughout that release.
>
> With the following two patches, aisleriot builds successfully with
> guile-3.0. I haven't tested that it functions correctly.

I tried switching the dependency in debian/control.in & debian/control
. Aisleriot builds with warnings, but the game doesn't work for me on
Unstable.

The game does work for me when I compile and run on Ubuntu's older guile 3.0.7-1

Thank you,
Jeremy Bicha

Bug#1008106: grub2: include smbios module

[Braunwarth, Daniel]

Package: grub2
Version: 2.04-20
Severity: wishlist
Tags: patch

smbios is a new module available in grub2 upstream master[1].

It allows reading values from various SMBIOS tables to allow detecting vendor, 
make, model among with other smbios defined handles. In terms of userspace, it 
can be compared to dmidecode.

The following are two use cases from the upstream commit:

  1) We have a board that boots Linux and this board itself can be plugged
 into one of different chassis types. We need to pass different
 parameters to the kernel based on the "CHASSIS_TYPE" information
 that is passed by the bios in the DMI/SMBIOS tables.

  2) We may have a USB stick that can go into multiple boards, and the
 exact kernel to be loaded depends on the machine information
 (PRODUCT_NAME etc) passed via the DMI.


This is a request to include this module.

The module has already been added by Ubuntu[2].


REFERENCES

[1]
https://salsa.debian.org/grub-team/grub/-/commit/688023cd0ac4c985fd0e2ec477fcf1ec33a0e49c

[2]
https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1856424

Internal

Bug#1005438: pygame: FTBFS: dh_auto_test: error: pybuild --test -i python{version} -p "3.10 3.9" --system=custom --test-args "/usr/bin/xvfb-run {interpreter} -m pygame.tests.__main__ --exclude opengl"

[Andreas Tille]

Hi,

Am Wed, Mar 23, 2022 at 12:19:40AM +1100 schrieb Hugh McMaster:
> On Mon, 28 Feb 2022 at 16:40, Hugh McMaster wrote:
> 
> > I did some testing and found that pygame 2.1.0 is the first recent
> > version not affected by the FreeType test issue.
> >
> > I'll keep digging, but I'd strongly suggest migrating to the most
> > recent upstream version as soon as possible, as I had no problems
> > building it.
> 
> 
> Any progress on packaging the latest version of pygame?
> 
> The current package will be removed from testing next week.

If you ask me lets push pygame 2.1.0 and remove anything that does not
work with this version from testing (it would be removed from there
anyway).  I know its not good style but stagnation in the status quo
is also no good solution.

Kind regards

   Andreas.

-- 
http://fam-tille.de

Bug#1001353: libpam-modules: common-password doesn't handle rounds parameter when using yescrypt

[Brian Minton]

Package: libpam-modules
Version: 1.4.0-11
Followup-For: Bug #1001353

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256


After some additional testing (the mkpasswd utilitity was helpful as well), I
discovered that settings of the rounds parameter from 1 to 11 actually do make
a difference for the shadow file.  With rounds=11 I got the following:

bminton:$y$jFT$XX:19073:0:9:7:::

That hash actually took about half a second to calculate:
time echo 'asdf
asdf'|passwd bminton
New password: Retype new password: passwd: password updated successfully

real0m0.637s
user0m0.535s
sys 0m0.088s


So, I propose that this is a documentation issue.  The valid range of the
rounds parameter should be documented.


- -- System Information:
Debian Release: bookworm/sid
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'stable-updates'), (500, 
'stable-security'), (400, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-11-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_USER
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libpam-modules depends on:
ii  debconf [debconf-2.0]  1.5.79
ii  libaudit1  1:3.0.6-1+b1
ii  libc6  2.33-7
ii  libcrypt1  1:4.4.27-1.1
ii  libdb5.3   5.3.28+dfsg1-0.8
ii  libnsl21.3.0-2
ii  libpam-modules-bin 1.4.0-11
ii  libpam0g   1.4.0-11
ii  libselinux13.3-1+b1
ii  libtirpc3  1.3.2-2

libpam-modules recommends no packages.

libpam-modules suggests no packages.

- -- debconf information:
  libpam-modules/deprecate-tally:
  libpam-modules/profiles-disabled:
* libpam-modules/disable-screensaver:

-BEGIN PGP SIGNATURE-

iHUEAREIAB0WIQT5xLt2Dng/DewQpoprjrOgZc+6qQUCYjnqTQAKCRBrjrOgZc+6
qSeUAP9l7LdaNHwUTGKkCA5gG1ldDFURkaUo66Q0YgucQdHu1AD7B+olID3isq8V
QBUdvzUhpo3v1aM3cB5yQqdvqvJiJSk=
=H6Y2
-END PGP SIGNATURE-

Bug#1008105: ecflow: PY3VERSIONS is hardcoded

[Graham Inggs]

Source: ecflow
Version: 5.8.3-1
Severity: important
Tags: ftbfs
User: debian-pyt...@lists.debian.org
Usertags: python3.10 python3-all-dev

Hi Maintainer

The debian/rules of ecflow contains:

PY3VERSIONS:=python3.10 python3.9

This will cause ecflow to FTBFS once python3.9 is no longer a
supported Python version.  You could use $(shell py3versions -r)
instead.

Regards
Graham

Bug#1008104: sid: No xserver-xorg-input-{evdev,libinput} after upgrade

[Harald Welte]

Package: xserver-xorg-input-evdev
Version: 1:2.10.6-2+b1
Severity: important

I'm running debian unstable for 15+ years and usually perform an apt upgrade
manually about once per week.  Yesterday I upgraded again, and suddenly after
the upgrade, xserver-xorg-input-{evdev,libinput} were no longer present, meaning
that I could not even enter my username in the display manager (wdm) after 
system reboot.

No input was possible from either the built-in laptop/touchpad of my Lenovo 
x260 keyboard/trackpad,
nor from externally-attached mouse + keyboard.

Luckily I'm technically skilled enough to boot into rescue mode, look at 
Xorg.0.log,
see that no drivers were found for any of the input devices and then apt install
the evdev + libinput packages.

However, for most other users this would render their systems unusable, hence 
I'm marking
the bug as 'important'.

So somehow during the continuous unstable upgrades (which I'm doing for 
something like 4 years
on this laptop) decided that neither evdev nor libinput is a package to keep 
through the most
recent dist-upgrade + autoremove I ran yesterday.  Maybe a missing 
depends/recommends somewhere?


-- Package-specific info:
X server symlink status:

lrwxrwxrwx 1 root root 13 Sep 27  2009 /etc/X11/X -> /usr/bin/Xorg
-rwxr-xr-x 1 root root 274 Feb 12 11:32 /usr/bin/Xorg

VGA-compatible devices on PCI bus:
--
00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD 
Graphics 520] [8086:1916] (rev 07)

Xorg X server configuration file status:

-rw-r--r-- 1 root root 1155 Oct 18  2009 /etc/X11/xorg.conf

Contents of /etc/X11/xorg.conf:
---
# xorg.conf (X.Org X Window System server configuration file)
#
# This file was generated by dexconf, the Debian X Configuration tool, using
# values from the debconf database.
#
# Edit this file with caution, and see the xorg.conf manual page.
# (Type "man xorg.conf" at the shell prompt.)
#
# This file is automatically updated on xserver-xorg package upgrades *only*
# if it has not been modified since the last upgrade of the xserver-xorg
# package.
#
# If you have edited this file but would like it to be automatically updated
# again, run the following command:
#   sudo dpkg-reconfigure -phigh xserver-xorg

Section "ServerFlags"
Option  "AllowEmptyInput"   "off"
EndSection

#Section "InputDevice"
#   Identifier  "Generic Keyboard"
#   Driver  "kbd"
#   Option  "XkbRules"  "xorg"
#   Option  "XkbModel"  "pc104"
#   Option  "XkbLayout" "us"
#EndSection

#Section "InputDevice"
#   Identifier  "Configured Mouse"
#   Driver  "mouse"
#EndSection

Section "Device"
Identifier  "Configured Video Device"
EndSection

Section "Monitor"
Identifier  "Configured Monitor"
EndSection

Section "Screen"
Identifier  "Default Screen"
Monitor "Configured Monitor"
EndSection

Contents of /etc/X11/xorg.conf.d:
-
total 0

KMS configuration files:

/etc/modprobe.d/i915-kms.conf:
  options i915 modeset=1
/etc/modprobe.d/radeon-kms.conf:
  options radeon modeset=1

Kernel version (/proc/version):
---
Linux version 5.16.0-5-amd64 (debian-ker...@lists.debian.org) (gcc-11 (Debian 
11.2.0-18) 11.2.0, GNU ld (GNU Binutils for Debian) 2.38) #1 SMP PREEMPT Debian 
5.16.14-1 (2022-03-15)

Xorg X server log files on system:
--
-rw-r--r-- 1 laforge laforge  843197 Aug 25  2020 
/space/home/laforge/.local/share/xorg/Xorg.1.log
-rw-r--r-- 1 laforge laforge 1492643 Mar 22 10:23 
/space/home/laforge/.local/share/xorg/Xorg.0.log
-rw-r--r-- 1 rootroot  75700 Mar 22 15:39 /var/log/Xorg.0.log

Contents of most recent Xorg X server log file (/var/log/Xorg.0.log):
-
[   715.654] 
X.Org X Server 1.21.1.3
X Protocol Version 11, Revision 0
[   715.654] Current Operating System: Linux nataraja 5.16.0-5-amd64 #1 SMP 
PREEMPT Debian 5.16.14-1 (2022-03-15) x86_64
[   715.654] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.16.0-5-amd64 
root=/dev/mapper/nataraja_x260-root ro swapaccount=1
[   715.654] xorg-server 2:21.1.3-2+b1 (https://www.debian.org/support) 
[   715.654] Current version of pixman: 0.40.0
[   715.654]Before reporting problems, check http://wiki.x.org
to make sure that you have the latest version.
[   715.654] Markers: (--) probed, (**) from config file, (==) default setting,
(++) from command line, (!!) notice, (II) informational,
(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
[   715.654] (==) Log file: "/var/log/Xorg.0.log", Time: Tue Mar 22 11:09:20 
2022
[   715.654] (==) Using config file: "/etc/X11/xorg.conf"
[   715.654] (==) Using 

Bug#1008103: ITP: golang-github-gatherstars-com-jwz -- Go implementation of the JWZ email threading algorithm

[Nilesh Patra]

Package: wnpp
Severity: wishlist
Owner: Nilesh Patra 

* Package name: golang-github-gatherstars-com-jwz
  Version : 1.3.0-1
  Upstream Author : GatherStars
* URL : https://github.com/gatherstars-com/jwz
* License : Apache-2.0
  Programming Lang: Go
  Description : Go implementation of the JWZ email threading algorithm

  This package provides the original JWZ algorithm to implementors of
  the 'Threadable interface'. It has been tested against many thousands
  of emails.
  . Along with providing the threading capability itself, the package
also provides:
  .
  + A generic walker, to which you can provide a function to operate upon
the nodes in the threaded tree.
  + A generic sorter, to which you can provide your own comparison
function (a byDate example is provided)

Bug#1008102: debian-reference: An addition to Table 5.1

[Brian Potkin]

Package: debian-reference
Version: 2.91
Severity: wishlist


I would suggest that iwd would be a useful addition to the list of
network configuration tools.

https://packages.debian.org/sid/iwd

Regards,

Brian.

Bug#1008101: ITP: golang-github-jhillyerd-enmime -- MIME mail encoding and decoding package for Go

[Nilesh Patra]

Package: wnpp
Severity: wishlist
Owner: Nilesh Patra 

* Package name: golang-github-jhillyerd-enmime
  Version : 0.9.3-1
  Upstream Author : James Hillyerd
* URL : https://github.com/jhillyerd/enmime
* License : Expat
  Programming Lang: Go
  Description : MIME mail encoding and decoding package for Go

  enmime is a MIME encoding and decoding library for Go, focused on
  generating and parsing MIME encoded emails.  It is being developed in
  tandem with the Inbucket email service.
  .
  enmime includes a fluent interface builder for generating
  MIME encoded messages.

Bug#1008100: node-modern-syslog: FTBFS since node-tap 15

[Jérémy Lal]

Source: node-modern-syslog
Version: 1.2.0-2
Severity: serious
Tags: ftbfs
Justification: fails to build from source (but built successfully in the past)

The test run during build is failing.

Since node-tap 15, test coverage is on by default, and fails when < 100%.


-- System Information:
Debian Release: bookworm/sid
  APT prefers stable-security
  APT policy: (500, 'stable-security'), (500, 'unstable'), (101, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 5.16.0-5-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#1008099: ITP: golang-github-cention-sany-utf7 -- UTF7 UTF8 transcoder. With transformer interface.

[Nilesh Patra]

Package: wnpp
Severity: wishlist
Owner: Nilesh Patra 

* Package name: golang-github-cention-sany-utf7
  Version : 0.0~git20170124.26cad61-1
  Upstream Author : Sany
* URL : https://github.com/cention-sany/utf7
* License : TODO
  Programming Lang: Go
  Description: UTF7 UTF8 transcoder
  
  This library is a UTF7 UTF8 transdecoder which also
  provides a transformer interface

Bug#814091: libtool: a run path should be used for tcc, with the -rpath option

[Vincent Lefevre]

Control: found -1 2.4.7-1

The bug is still present, and my patch still works.

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Bug#1008098: gcc-10: segfaults when building WebKitGTK 2.36.0

[Alberto Garcia]

Package: gcc-10
Version: 10.3.0-14
Severity: normal

Hi,

I'm trying to build webkit2gtk 2.36.0 for bullseye using GCC 10 and I
get segfaults in several places.

I tried GCC 10 from testing/sid and the problem is exactly the same.

This is the full preprocessed file:

   https://people.debian.org/~berto/UnifiedSource-3a52ce78-38.ii.xz

And this is the command line:

   /usr/bin/c++ -O2 -std=c++2a -c UnifiedSource-3a52ce78-38.ii

I'm doing all of this in a clean pbuilder chroot.

The segfault is not 100% deterministic, sometimes I have to try a
couple of times, but it is very easy to reproduce. However I cannot
reproduce it in a different computer using the same pbuilder chroot,
which suggests that the problem is related to the hardware / OS of the
first computer.

However in that same machine where I'm observing those crashes I can
build webkit using gcc 11 just fine, I actually ran a dozen of builds
and I had no problems whatsoever.

Here is the complete output of gcc, in both bullseye and testing/sid.

Using GCC 10 from bullseye:

# c++ -v
Using built-in specs.
COLLECT_GCC=c++
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/10/lto-wrapper
OFFLOAD_TARGET_NAMES=nvptx-none:amdgcn-amdhsa:hsa
OFFLOAD_TARGET_DEFAULT=1
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Debian 10.2.1-6' 
--with-bugurl=file:///usr/share/doc/gcc-10/README.Bugs 
--enable-languages=c,ada,c++,go,brig,d,fortran,objc,obj-c++,m2 --prefix=/usr 
--with-gcc-major-version-only --program-suffix=-10 
--program-prefix=x86_64-linux-gnu- --enable-shared --enable-linker-build-id 
--libexecdir=/usr/lib --without-included-gettext --enable-threads=posix 
--libdir=/usr/lib --enable-nls --enable-bootstrap --enable-clocale=gnu 
--enable-libstdcxx-debug --enable-libstdcxx-time=yes 
--with-default-libstdcxx-abi=new --enable-gnu-unique-object 
--disable-vtable-verify --enable-plugin --enable-default-pie --with-system-zlib 
--enable-libphobos-checking=release --with-target-system-zlib=auto 
--enable-objc-gc=auto --enable-multiarch --disable-werror --with-arch-32=i686 
--with-abi=m64 --with-multilib-list=m32,m64,mx32 --enable-multilib 
--with-tune=generic 
--enable-offload-targets=nvptx-none=/build/gcc-10-Km9U7s/gcc-10-10.2.1/debian/tmp-nvptx/usr,amdgcn-amdhsa=/build/gcc-10-Km9U7s/gcc-10-10.2.1/debian/tmp-gcn/usr,hsa
 --without-cuda-driver --enable-checking=release --build=x86_64-linux-gnu 
--host=x86_64-linux-gnu --target=x86_64-linux-gnu 
--with-build-config=bootstrap-lto-lean --enable-link-mutex
Thread model: posix
Supported LTO compression algorithms: zlib zstd
gcc version 10.2.1 20210110 (Debian 10.2.1-6)

# /usr/bin/c++ -O2 -std=c++2a -c UnifiedSource-3a52ce78-38.ii
In file included from ../Source/WebCore/bindings/js/JSDOMConvert.h:47,
 from ../Source/WebCore/bindings/js/JSDOMPromiseDeferred.h:29,
 from ../Source/WebCore/dom/AbortSignal.h:30,
 from ../Source/WebCore/dom/AddEventListenerOptions.h:28,
 from WebCore/DerivedSources/JSAddEventListenerOptions.h:23,
 from WebCore/DerivedSources/JSEventTarget.cpp:28,
 from 
WebCore/DerivedSources/unified-sources/UnifiedSource-3a52ce78-38.cpp:1:
../Source/WebCore/bindings/js/JSDOMConvertUnion.h: In instantiation of 'static 
WebCore::Converter >::ReturnType 
WebCore::Converter >::convert(JSC::JSGlobalObject&, 
JSC::JSValue) [with T = 
{WebCore::IDLAllowSharedAdaptor, 
WebCore::IDLAllowSharedAdaptor}; 
WebCore::Converter >::ReturnType = 
std::variant, 
WTF::DefaultRefDerefTraits >, 
WTF::RefPtr, 
WTF::DefaultRefDerefTraits > >]':
../Source/WebCore/bindings/js/JSDOMConvertUnion.h:413:119:   required from here
../Source/WebCore/bindings/js/JSDOMConvertUnion.h:211:76:   in 'constexpr' 
expansion of 
'returnValue.std::optional, 
WTF::DefaultRefDerefTraits >, 
WTF::RefPtr, 
WTF::DefaultRefDerefTraits > > >::value()'
/usr/include/c++/10/optional:931:28:   in 'constexpr' expansion of 
'((std::_Optional_base_impl, 
WTF::DefaultRefDerefTraits >, 
WTF::RefPtr, 
WTF::DefaultRefDerefTraits > >, 
std::_Optional_base, 
WTF::DefaultRefDerefTraits >, 
WTF::RefPtr, 
WTF::DefaultRefDerefTraits > >, false, false> 
>*)((std::optional, 
WTF::DefaultRefDerefTraits >, 
WTF::RefPtr, 
WTF::DefaultRefDerefTraits > > 
>*)this))->std::_Optional_base_impl, 
WTF::DefaultRefDerefTraits >, 
WTF::RefPtr, 
WTF::DefaultRefDerefTraits > >, 
std::_Optional_base, 
WTF::DefaultRefDerefTraits >, 
WTF::RefPtr, 
WTF::DefaultRefDerefTraits > >, false, false> 
>::_M_is_engaged()'
../Source/WebCore/bindings/js/JSDOMConvertUnion.h:377:5: internal compiler 
error: Segmentation fault
Please submit a full bug report,
with preprocessed source if appropriate.
See  for instructions.
The bug is not reproducible, so it is likely a hardware or OS problem.

 --

Using GCC 10 from testing/sid

# g++-10 -v
Using built-in specs.
COLLECT_GCC=g++-10

Bug#988647: crash: please update to new upstream release

[Hector Oron]

Hello,

  Since release has now happened, could you move 7.3 to bookworm/sid
and upload newer version 8.0.0 needed for linux kernel 5.15.

Regards
-- 
 Héctor Orón  -.. . -... .. .- -.   -.. . ...- . .-.. --- .--. . .-.

Bug#1007959: uftrace: Intent to NMU

[Gürkan Myczko]

Hi Paul and Fukui,

On 22.03.2022 02:22, paul cannon wrote:

On Sat, Mar 19, 2022 at 01:42:03PM +, Fukui Daichi wrote:
I've prepared an NMU [0] for uftrace (0.9.4-0.2) and would like to 
upload it to DELAYED/7 though the maintainer lists himself in the low 
threshold nmu list.


This patch is a new upstream release (0.11-0.1) and adjusts the 
existing patch accordingly.
Having said that, it looks like Gurkan had already uploaded an 
experimental one [1].


Is this patch still helpful?


This looks like good work! But we've gotten ourselves into a bit of a
problem with respect to the package; Gürkan didn't realize I already 
had

packaging tracked on Github, and started a Git structure from scratch,
so it redoes history. I'm going to try to figure out how to stop a
package from experimental from being promoted to unstable and roll a
0.11-2 package.

Your changes might be helpful ones; I'll be able to tell more easily
once I have history straightened out more!


Paul, I'm so sorry, the salsa repo is really just this (so whatever is 
needed to get history back, I'm find

having it removed, started from scratch as it's only really this):

gbp import-dscs --debsnap uftrace
git push origin master upstream;git push --tags;git push -u origin --all

And I'm really bad with git/gbp/salsa, so I hope you can do that part, 
until I figure out how it's

supposed to be used.

Fukui, sorry I didn't see you wanted to do an NMU.

Thanks for your contributions,


Paul Cannon

Bug#1008087: gdb caught the crash

[Jiangsu Kumquat]

See attached gdb output
gdb -p 52609
GNU gdb (Debian 10.1-1.7) 10.1.90.20210103-git
Copyright (C) 2021 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
.
Find the GDB manual and other documentation resources online at:
.

For help, type "help".
Type "apropos word" to search for commands related to "word".
Attaching to process 52609
[New LWP 52610]
[New LWP 52611]
[New LWP 52612]
[New LWP 52613]
[New LWP 52614]
[New LWP 52615]
[New LWP 52616]
[New LWP 52617]
[New LWP 52618]
[New LWP 52619]
[New LWP 52620]
[New LWP 52621]
[New LWP 52622]
[New LWP 52623]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
0x7feaf5a47c61 in __GI___clock_nanosleep (clock_id=clock_id@entry=0, 
flags=flags@entry=0, req=0x7ffe8c7b27e0,
rem=0x7ffe8c7b27e0) at ../sysdeps/unix/sysv/linux/clock_nanosleep.c:48
48  ../sysdeps/unix/sysv/linux/clock_nanosleep.c: No such file or directory.
(gdb) c
Continuing.

Thread 6 "NTCP2" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7feaef7fe700 (LWP 52614)]
0x55669a929fd4 in i2p::data::RouterInfo::ReadFromStream(std::istream&) ()
(gdb) thread apply all bt

Thread 15 (Thread 0x7feade7fc700 (LWP 52623) "SAM"):
#0  0x7feaf5a80116 in epoll_wait (epfd=41, events=0x7feade7fb770, 
maxevents=128, timeout=-1) at ../sysdeps/unix/sysv/linux/epoll_wait.c:30
#1  0x55669a82b3d8 in boost::asio::detail::epoll_reactor::run(long, 
boost::asio::detail::op_queue&) ()
#2  0x55669a97b3cc in i2p::util::RunnableService::Run() ()
#3  0x7feaf5c51ed0 in ?? () from /lib/x86_64-linux-gnu/libstdc++.so.6
#4  0x7feaf5b4fea7 in start_thread (arg=) at 
pthread_create.c:477
#5  0x7feaf5a7fdef in clone () at 
../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 14 (Thread 0x7feadeffd700 (LWP 52622) "Destination"):
#0  0x7feaf5a80116 in epoll_wait (epfd=37, events=0x7feadeffc770, 
maxevents=128, timeout=-1) at ../sysdeps/unix/sysv/linux/epoll_wait.c:30
#1  0x55669a82b3d8 in boost::asio::detail::epoll_reactor::run(long, 
boost::asio::detail::op_queue&) ()
#2  0x55669a97b3cc in i2p::util::RunnableService::Run() ()
#3  0x7feaf5c51ed0 in ?? () from /lib/x86_64-linux-gnu/libstdc++.so.6
#4  0x7feaf5b4fea7 in start_thread (arg=) at 
pthread_create.c:477
#5  0x7feaf5a7fdef in clone () at 
../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 13 (Thread 0x7feadf7fe700 (LWP 52621) "Destination"):
#0  0x7feaf5a80116 in epoll_wait (epfd=32, events=0x7feadf7fd770, 
maxevents=128, timeout=-1) at ../sysdeps/unix/sysv/linux/epoll_wait.c:30
#1  0x55669a82b3d8 in boost::asio::detail::epoll_reactor::run(long, 
boost::asio::detail::op_queue&) ()
#2  0x55669a97b3cc in i2p::util::RunnableService::Run() ()
#3  0x7feaf5c51ed0 in ?? () from /lib/x86_64-linux-gnu/libstdc++.so.6
#4  0x7feaf5b4fea7 in start_thread (arg=) at 
pthread_create.c:477
#5  0x7feaf5a7fdef in clone () at 
../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 12 (Thread 0x7fead700 (LWP 52620) "Destination"):
#0  0x7feaf5a80116 in epoll_wait (epfd=29, events=0x7feadfffe770, 
maxevents=128, timeout=-1) at ../sysdeps/unix/sysv/linux/epoll_wait.c:30
#1  0x55669a82b3d8 in boost::asio::detail::epoll_reactor::run(long, 
boost::asio::detail::op_queue&) ()
#2  0x55669a97b3cc in i2p::util::RunnableService::Run() ()
#3  0x7feaf5c51ed0 in ?? () from /lib/x86_64-linux-gnu/libstdc++.so.6
#4  0x7feaf5b4fea7 in start_thread (arg=) at 
pthread_create.c:477
#5  0x7feaf5a7fdef in clone () at 
../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Thread 11 (Thread 0x7feaecff9700 (LWP 52619) "Tunnels"):
#0  futex_abstimed_wait_cancelable (private=0, abstime=0x7feaecff8ce0, 
clockid=-318796864, expected=0, futex_word=0x55669ab297a4 
) at ../sysdeps/nptl/futex-internal.h:323
#1  __pthread_cond_wait_common (abstime=0x7feaecff8ce0, clockid=-318796864, 
mutex=0x55669ab29750 , cond=0x55669ab29778 
) at pthread_cond_wait.c:520
#2  __pthread_cond_clockwait (abstime=0x7feaecff8ce0, clockid=-318796864, 
mutex=0x55669ab29750 , cond=0x55669ab29778 
) at pthread_cond_wait.c:677
--Type  for more, q to quit, c to continue without paging--c
#3  __pthread_cond_clockwait (cond=0x55669ab29778 , 
mutex=0x55669ab29750 , clockid=-318796864, 
abstime=0x7feaecff8ce0) at pthread_cond_wait.c:665
#4  0x55669a95db62 in i2p::tunnel::Tunnels::Run() ()
#5  0x7feaf5c51ed0 in ?? () from /lib/x86_64-linux-gnu/libstdc++.so.6
#6  0x7feaf5b4fea7 in start_thread (arg=) at 

Bug#1008097: libmodplug: Upstream has moved to https://github.com/Konstanty/libmodplug

[Stephen Kitt]

Source: libmodplug
Severity: normal

Dear Maintainer,

Upstream has moved to https://github.com/Konstanty/libmodplug. There
aren't any new releases yet, although 0.8.9.1 is seemingly in
preparation:
https://github.com/Konstanty/libmodplug/commit/d04fbc2eb2dddc9dd05fbcc29ab062f83a7a2a48

Regards,

The Maintainer


-- System Information:
Debian Release: 11.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 
'stable-debug'), (500, 'stable'), (100, 'unstable-debug'), (100, 
'testing-debug'), (100, 'unstable'), (100, 'testing'), (1, 
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, arm64

Kernel: Linux 5.10.0-12-amd64 (SMP w/8 CPU threads)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#1008096: glib2.0: only run clean-up-unmanaged-libraries on upgrades

[Johannes Schauer Marin Rodrigues]

Source: glib2.0
Version: 2.66.8-1
Severity: normal
Tags: patch
X-Debbugs-Cc: jo...@debian.org

Hi,

to support foreign architecture DPKG_ROOT, I recently filed #1007754
against src:libgcrypt20. This bug does *not* implement DPKG_ROOT support
for src:glib2.0 (and there is currently no reason for src:glib2.0 to
support DPKG_ROOT at all) but I thought it prudent to submit the same
patch to glib2.0 as I did to src:libgcrypt20 because both source
packages make use of the same script clean-up-unmanaged-libraries and I
think it makes sense if both packages agree on how the script should be
used in maintainer scripts (also to prevent wrong cargo-culting by other
packages that might copy the method in the future).

I created the following merge request that fixes this issue:

https://salsa.debian.org/gnome-team/glib/-/merge_requests/15

Thanks!

cheers, josch

Bug#1008095: qemu-system-data: missing Breaks: qemu-system-ppc (<< 1:6.1-4~)

[Andreas Beckmann]

Package: qemu-system-data
Version: 1:6.2+dfsg-2
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts replaces-without-breaks

Hi,

during a test with piuparts and DOSE tools I noticed your package causes
removal of files that also belong to another package.
This is caused by using Replaces without corresponding Breaks.

The installation sequence to reproduce this problem is

  apt-get install qemu-system-ppc/stable
  # (1)
  apt-get install qemu-system-data
  apt-get remove qemu-system-data
  # (2)

The list of installed files at points (1) and (2) should be identical,
but the following files have disappeared:

  /usr/share/qemu/bamboo.dtb
  /usr/share/qemu/canyonlands.dtb

This is a serious bug violating policy 7.6, see
https://www.debian.org/doc/debian-policy/ch-relationships.html#overwriting-files-and-replacing-packages-replaces
and also see the footnote that describes this incorrect behavior:
https://www.debian.org/doc/debian-policy/ch-relationships.html#id13

The qemu-system-data package has the following relationships with 
qemu-system-ppc:

  Conflicts: n/a
  Breaks:n/a
  Replaces:  qemu-system-ppc (<< 1:6.1-4~)

Looking at the package relationships of qemu-system-data I see the
following additional inconsistencies:

* The Provides: qemu-keymaps lacks corresponding Conflicts+Replaces: 
qemu-keymaps
* The Replaces: qemu-system-common (<< 1:2.12+dfsg-2~), qemu-system-ppc (<< 
1:6.1-4~), qemu-system-sparc (<< 1:4.2-4~)
  lacks corresponding Breaks: qemu-system-common (<< 1:2.12+dfsg-2~), 
qemu-system-ppc (<< 1:6.1-4~), qemu-system-sparc (<< 1:4.2-4~)


>From the attached log (scroll to the bottom...):

0m29.8s ERROR: FAIL: After purging files have disappeared:
  /usr/share/qemu/bamboo.dtb owned by: qemu-system-data
  /usr/share/qemu/canyonlands.dtbowned by: qemu-system-data

0m29.8s ERROR: FAIL: After purging files have been modified:
  /var/lib/dpkg/info/qemu-system-ppc.listnot owned


cheers,

Andreas


qemu-system-ppc=1:5.2+dfsg-11+deb11u1_qemu-system-data=1:6.2+dfsg-3.log.gz
Description: application/gzip

Bug#1008094: libexiv2-27: Consider building with -DEXIV2_ENABLE_BMFF=ON

[Heiko Stuebner]

Package: libexiv2-27
Version: 0.27.5-1
Severity: wishlist

Bug #1000788 requested a version update to enable Canon CR3 support.

The ISOBMFF support needs a compile-time switch to be set to
get enabled though.

As the upstream issue suggests [0] there was a bit of legal 
uncertainity regarding patents, hence they added the switch.

With this enabled and a simple rebuild of the current darktable
present in Testing it is possible to open and edit Canon CR3 files
in it.

Please consider if enabling this switch is ok in Debian.

Thanks
Heiko


[0] https://github.com/Exiv2/exiv2/issues/1229


-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, armhf

Kernel: Linux 5.16.0-4-amd64 (SMP w/12 CPU threads; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libexiv2-27 depends on:
ii  libc6   2.33-7
ii  libexpat1   2.4.7-1
ii  libgcc-s1   12-20220313-1
ii  libstdc++6  12-20220313-1
ii  zlib1g  1:1.2.11.dfsg-2

libexiv2-27 recommends no packages.

Versions of packages libexiv2-27 suggests:
ii  exiv2  0.27.5-1

-- no debconf information

Bug#1008093: pahole: missing Breaks: dwarves (<< 1.22)

[Andreas Beckmann]

Package: pahole
Version: 1.22-8
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts replaces-without-breaks

Hi,

during a test with piuparts and DOSE tools I noticed your package causes
removal of files that also belong to another package.
This is caused by using Replaces without corresponding Breaks.

The installation sequence to reproduce this problem is

  apt-get install dwarves/stable
  # (1)
  apt-get install pahole
  apt-get remove pahole
  # (2)

The list of installed files at points (1) and (2) should be identical,
but the following files have disappeared:

  /usr/bin/btfdiff
  /usr/bin/codiff
  /usr/bin/ctracer
  /usr/bin/dtagnames
  /usr/bin/fullcircle
  /usr/bin/pahole
  /usr/bin/pdwtags
  /usr/bin/pfunct
  /usr/bin/pglobal
  /usr/bin/prefcnt
  /usr/bin/scncopy
  /usr/bin/syscse
  /usr/share/dwarves/runtime/Makefile
  /usr/share/dwarves/runtime/ctracer_relay.c
  /usr/share/dwarves/runtime/ctracer_relay.h
  /usr/share/dwarves/runtime/linux.blacklist.cu
  /usr/share/man/man1/pahole.1.gz

This is a serious bug violating policy 7.6, see
https://www.debian.org/doc/debian-policy/ch-relationships.html#overwriting-files-and-replacing-packages-replaces
and also see the footnote that describes this incorrect behavior:
https://www.debian.org/doc/debian-policy/ch-relationships.html#id13

The pahole package has the following relationships with dwarves:

  Conflicts: n/a
  Breaks:n/a
  Replaces:  dwarves (<< 1.22)

>From the attached log (scroll to the bottom...):

0m33.5s DEBUG: Modified(user, group, mode, size, target): 
/var/lib/dpkg/info/dwarves.list expected(root, root, - 100644, 697, None) != 
found(root, root, - 100644, 292, None)
0m33.5s ERROR: FAIL: After purging files have disappeared:
  /usr/bin/btfdiff   owned by: pahole
  /usr/bin/codiffowned by: pahole
  /usr/bin/ctracer   owned by: pahole
  /usr/bin/dtagnames owned by: pahole
  /usr/bin/fullcircleowned by: pahole
  /usr/bin/paholeowned by: pahole
  /usr/bin/pdwtags   owned by: pahole
  /usr/bin/pfunctowned by: pahole
  /usr/bin/pglobal   owned by: pahole
  /usr/bin/prefcnt   owned by: pahole
  /usr/bin/scncopy   owned by: pahole
  /usr/bin/syscseowned by: pahole
  /usr/share/dwarves/runtime/Makefileowned by: pahole
  /usr/share/dwarves/runtime/ctracer_relay.c owned by: pahole
  /usr/share/dwarves/runtime/ctracer_relay.h owned by: pahole
  /usr/share/dwarves/runtime/linux.blacklist.cu  owned by: pahole
  /usr/share/man/man1/pahole.1.gzowned by: pahole

0m33.5s ERROR: FAIL: After purging files have been modified:
  /var/lib/dpkg/info/dwarves.listnot owned


cheers,

Andreas


dwarves=1.20-1_pahole=1.22-8.log.gz
Description: application/gzip

Bug#1008092: antiword: Buffer overflow in the vAnalyseSummaryInfo function in summary.c in Antiword 0.37

[Jieyong Ma @ tdhxkj.com]

Package: antiword
Version: 0.37-16
Severity: important
X-Debbugs-Cc: jieyong...@gmail.com

Dear Maintainer,

Description of problem:
antiword crashes with the provided doc file

How reproducible:
antiword vAnalyseSummaryInfo.poc.doc

Backtraces:
Program received signal SIGSEGV, Segmentation fault.
0x00449515 in vAnalyseSummaryInfo (aucBuffer=0x6928f0 "t\001") at 
summary.c:225
225 switch (tPropID) {
(gdb) bt
#0  0x00449515 in vAnalyseSummaryInfo (aucBuffer=0x6928f0 "t\001") at 
summary.c:225
#1  vSetSummaryInfoOLE (pFile=0x68f2e0, pFile@entry=0x37, pPPS=0x7fffbb10, 
pPPS@entry=0x68f2e0, aulBBD=0x68fb00, aulBBD@entry=0x7fffbb80, tBBDLen=55, 
tBBDLen@entry=37, aulSBD=aulSBD@entry=0x68fe80, tSBDLen=tSBDLen@entry=2)
at summary.c:628
#2  0x00449bcf in vSet8SummaryInfo (pFile=0xff7f013c, 
pFile@entry=0x68f2e0, pPPS=0x692a08, pPPS@entry=0x7fffbb10, aulBBD=0xb, 
aulBBD@entry=0x68fb00, tBBDLen=10, tBBDLen@entry=55, aulSBD=0x692820, 
aulSBD@entry=0x68fe80,
tSBDLen=29113347658312010, tSBDLen@entry=2, aucHeader=0x2 ) at summary.c:686
#3  0x00442126 in vGetPropertyInfo (pFile=pFile@entry=0x68f2e0, 
pPPS=0x7fffbb10, pPPS@entry=0x7fffbb00, aulBBD=aulBBD@entry=0x68fb00, 
tBBDLen=, tBBDLen@entry=55, aulSBD=0x68fe80, 
aulSBD@entry=0x68fb00,
tSBDLen=2, tSBDLen@entry=0, aucHeader=0x7fffbb80 "\354\245\301", 
iWordVersion=8) at properties.c:145
#4  0x00458464 in iInitDocumentOLE (pFile=, 
pFile@entry=0x68f2e0, lFilesize=, lFilesize@entry=28672) at 
wordole.c:792
#5  0x004552fb in iInitDocument (pFile=, 
pFile@entry=0x68f2e0, lFilesize=, lFilesize@entry=28672) at 
wordlib.c:325
#6  0x0044ce1f in bWordDecryptor (pFile=pFile@entry=0x68f2e0, 
lFilesize=lFilesize@entry=28672, pDiag=0x68fac0) at word2text.c:665
#7  0x00403ef3 in bProcessFile (szFilename=) at 
main_u.c:214
#8  main (argc=2, argv=0x7fffe558) at main_u.c:310

Ref: https://bugzilla.redhat.com/show_bug.cgi?id=2064638


-- System Information:
Debian Release: 11.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-12-amd64 (SMP w/4 CPU threads)
Locale: LANG=zh_CN.UTF-8, LC_CTYPE=zh_CN.UTF-8 (charmap=UTF-8), 
LANGUAGE=zh_CN:zh
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages antiword depends on:
ii  libc6  2.31-13+deb11u2

antiword recommends no packages.

antiword suggests no packages.

-- no debconf information

Bug#1008091: should we deprecate SETGID_HOME

[Marc Haber]

Package: adduser
Version: 3.121
Severity: minor

Hi,

with #1008081 addressed, it feels to me that SETGID_HOME has fallen out
of time, since this setting can also be accomplished by setting DIR_MODE
and/or SYS_DIR_MODE.

Should we decide to deprecate SETGID_HOME, we should do the following:

- document SETGID_HOME to be deprecated in adduser.conf. People wanting
  this configuration can manage so by setting DIR_MODE and SYS_DIR_MODE.
  The warning that there were "bad side effects" is historically
  unproven and should be removed.
- stable after next stable: remove SETGID_HOME from docs and default
  configuration file
- stable after stable after next stable: remove code

Greetings
Marc

Bug#1008090: adduser --system should be quieter on console

[Marc Haber]

Package: adduser
Version: 3.121
Severity: minor

Many packages put scaffolding around adduser --system to avoid adduser
output from appearing on the console. We don't want people to do that,
so adduser should be quieter on the console.

Why don't we put more output to syslog instead of the console? That
could be done by assigning each message a priority and having
configuration about which priorities are written to the console in
normal, quiet, silent, verbose and debug mode, but write everything to
syslog. for syslog, we should always use the English text.

Reason: #228692, for example

Bug#1007724: no locking at all

[VA]

severity 1007724 serious
thanks

Given that due to this bug, xscreensaver does not lock at all the screen 
or even run, then the package does not work at all in the current state, 
and worse, it prevents locking, its main security feature.

Bug#999605: Please close bugreport

[Hans]

Dear maintainers,

since 2 days the issue does not appear any more. Sadly I can not see, why this 
happened. As strange as it appears from one day to another, it disappeared the 
same way. 

Maybe the akonadi database was corrupt and repaired itself? The only thing I 
did, was to delete some old mails. Maybe there was one mail, which was 
corrupting the database? Do not know. I got in the past one or two mails, that 
crashed kmail whenever I opened it (one was a html formed mail with a 
signature attached, it was Microsoft created).

Anyway, everything is working well now, this bug can be safely closed.

Thank you very much for all the help.

Best regards

Hans

Bug#985820: python3-cryptography: Core dump in buster openssl binding

[Markus Demleitner]

On Fri, Apr 09, 2021 at 11:34:54AM +0200, Markus Demleitner wrote:
> Since this appears to be a known problem, there's reason to hope
> it will go away when moving to bullseye, disabling https upgrading

Well, it didn't, and I finally wanted to have https on that service,
and so I had another look.  It turns out that the twisted bug
https://twistedmatrix.com/trac/ticket/9764 now has a bit more
information.  It is still somewhat unfulfilling, as nobody seems to
want to work out where the invalid free() comes from, but at least
there's a recipe to work around the bug.

Me, I'm disabling session caching for now.  Twisted seems to do the
same thing.  Since there *is* a severe, potentially exploitable
problem with session caching, perhaps this ought to be the default
in python3-openssl?

I'd be ok with closing this bug, anyway, as I'd say it's rather
clearly not python3-cryptography's own bug.

Bug#1008088: minder: Arrows going through entrys (visual)

[Hype_the_Time]

Package: minder
Version: 1.9.2-1
Severity: minor
X-Debbugs-Cc: gast.technik7...@gmail.com

Dear Maintainer,

I tried making a circle of thing related to each other, but when doing that
arrows are going through the notes. Repostioning does not really work as then
its an other node which is covered with the arrow. Because of that I would
appreciate a fix where you might be able to position arrows at spots you want
like at each corner and middles of each side.

(used main notes and connections)

-- System Information:
Debian Release: 11.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500,
'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-12-amd64 (SMP w/4 CPU threads)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not
set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages minder depends on:
ii  dconf-gsettings-backend [gsettings-backend]  0.38.0-2
ii  libarchive13 3.4.3-2+b1
ii  libc62.31-13+deb11u2
ii  libcairo21.16.0-5
ii  libgdk-pixbuf2.0-0   2.40.2-2
ii  libgee-0.8-2 0.20.4-1
ii  libglib2.0-0 2.66.8-1
ii  libgranite5  5.5.0-1
ii  libgtk-3-0   3.24.24-4
ii  libgtksourceview-3.0-1   3.24.11-2
ii  libmarkdown2 2.2.6-1
ii  libpango-1.0-0   1.46.2-3
ii  libpangocairo-1.0-0  1.46.2-3
ii  libxml2  2.9.10+dfsg-6.7

minder recommends no packages.

minder suggests no packages.

Bug#1006127: wireless-regdb stable policy

[Laurent Bigonville]

FTR, this seems to be fixed in the last release (2022-02-18) of 
wireless-regdb: 
https://git.kernel.org/pub/scm/linux/kernel/git/sforshee/wireless-regdb.git/commit/?id=e427ff2a592e26fc1e8336769b9a1ad223f6f697

Bug#1008087: i2pd: I2Pd crashes after running for about 2-5 minutes. It is running on a VPS server with 2 gigs RAM.

[Yangfl]

Control: tags -1 moreinfo

Jiangsu Kumquat  于2022年3月22日周二 16:45写道：
>
> Package: i2pd
> Version: 2.36.0-1
> Severity: important
>
> Dear Maintainer,
>
> The i2pd package is installed and set to run at system startup. I
> noticed that it was not running and did:
>
> systemctl restart i2pd
>
> It ran for about 2 minutes then crashed. I started it again, and it
> crashed after 5 minutes.
>
> I have not been able to make it run without crashing.
>
> I was expecting the service to run without crashing.
>
> I'm trying to run i2pd on a remote VPS server that has 200 Mbps up/down
>
> -- System Information:
> Debian Release: 11.2
>   APT prefers stable-security
>   APT policy: (500, 'stable-security'), (500, 'stable')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 5.10.0-12-amd64 (SMP w/2 CPU threads)
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not 
> set
> Shell: /bin/sh linked to /usr/bin/dash
> Init: systemd (via /run/systemd/system)
> LSM: AppArmor: enabled
>
> Versions of packages i2pd depends on:
> ii  adduser 3.118
> ii  init-system-helpers 1.60
> ii  libboost-filesystem1.74.0   1.74.0-9
> ii  libboost-program-options1.74.0  1.74.0-9
> ii  libc6   2.31-13+deb11u2
> ii  libgcc-s1   10.2.1-6
> ii  libminiupnpc17  2.2.1-1
> ii  libssl1.1   1.1.1k-1+deb11u2
> ii  libstdc++6  10.2.1-6
> ii  lsb-base11.1.0
> ii  zlib1g  1:1.2.11.dfsg-2
>
> i2pd recommends no packages.
>
> i2pd suggests no packages.
>
> -- Configuration Files:
> /etc/i2pd/i2pd.conf changed:
> ipv4 = true
> ipv6 = true
> nat = false
> bandwidth = 15000
> floodfill = true
> [http]
> address = 127.0.0.1
> port = 7070
> [httpproxy]
> address = 127.0.0.1
> port = 
> [socksproxy]
> address = 127.0.0.1
> port = 4447
> [sam]
> enabled = true
> [bob]
> [i2cp]
> [i2pcontrol]
> [precomputation]
> [upnp]
> [reseed]
> verify = true
> [addressbook]
> [limits]
> [trust]
> [exploratory]
> [persist]
> [cpuext]
>
>
> -- no debconf information

syslog does not provide much useful information. Does
/var/log/i2pd/i2pd.log help?

Bug#1006944: transition: proj

[Sebastiaan Couwenberg]

On 3/21/22 22:43, Sebastian Ramacher wrote:

Please go ahead


Thanks. proj (9.0.0-1) has been uploaded to unstable and is now built & 
installed on all release architectures.


Kind Regards,

Bas

--
 GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146  50D1 6750 F10A E88D 4AF1

Bug#1008087: i2pd: I2Pd crashes after running for about 2-5 minutes. It is running on a VPS server with 2 gigs RAM.

[Jiangsu Kumquat]

Package: i2pd
Version: 2.36.0-1
Severity: important

Dear Maintainer,

The i2pd package is installed and set to run at system startup. I
noticed that it was not running and did:

systemctl restart i2pd

It ran for about 2 minutes then crashed. I started it again, and it
crashed after 5 minutes.

I have not been able to make it run without crashing.

I was expecting the service to run without crashing.

I'm trying to run i2pd on a remote VPS server that has 200 Mbps up/down

-- System Information:
Debian Release: 11.2
  APT prefers stable-security
  APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-12-amd64 (SMP w/2 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages i2pd depends on:
ii  adduser 3.118
ii  init-system-helpers 1.60
ii  libboost-filesystem1.74.0   1.74.0-9
ii  libboost-program-options1.74.0  1.74.0-9
ii  libc6   2.31-13+deb11u2
ii  libgcc-s1   10.2.1-6
ii  libminiupnpc17  2.2.1-1
ii  libssl1.1   1.1.1k-1+deb11u2
ii  libstdc++6  10.2.1-6
ii  lsb-base11.1.0
ii  zlib1g  1:1.2.11.dfsg-2

i2pd recommends no packages.

i2pd suggests no packages.

-- Configuration Files:
/etc/i2pd/i2pd.conf changed:
ipv4 = true
ipv6 = true
nat = false
bandwidth = 15000
floodfill = true
[http]
address = 127.0.0.1
port = 7070
[httpproxy]
address = 127.0.0.1
port = 
[socksproxy]
address = 127.0.0.1
port = 4447
[sam]
enabled = true
[bob]
[i2cp]
[i2pcontrol]
[precomputation]
[upnp]
[reseed]
verify = true
[addressbook]
[limits]
[trust]
[exploratory]
[persist]
[cpuext]


-- no debconf information


syslog
Description: Binary data

Bug#1008047: Acknowledgement (xscreensaver: power management settings are ignored)

[Francesco Potortì]

I can add that

$ xset dpms force off   # this one works
$ xset dpms 18 24 32# does nothing
$ xset +dpms; xset dpms 18 24 32# does nothing
$ xset dpms force standby   # this one works

Bug#1008086: ITP: python-lunr -- Python implementation of Lunr.js

[Carsten Schoenert]

Package: wnpp
Severity: wishlist
Owner: Carsten Schoenert 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: python-lunr
  Version : 0.6.1
  Upstream Author : Yeray Diaz Diaz 
* URL : https://github.com/yeraydiazdiaz/lunr.py
* License : MIT/X, BSD
  Programming Lang: Python
  Description : Python implementation of Lunr.js

 This package includes the Python version of Lunr.js aims to bring the simple
 and powerful full text search capabilities into Python guaranteeing results as
 close as the original implementation as possible.
 .
 Lunr is a simple full text search solution for situations where deploying a
 full scale solution like Elasticsearch isn't possible, viable or you're simply
 prototyping. Lunr parses a set of documents and creates an inverted index for
 quick full text searches in the same way other more complicated solution.
 .
 The trade-off is that Lunr keeps the inverted index in memory and requires you
 to recreate or read the index at the start of your application.

This package is a new dependency for newer versions of pydoctor and will
get maintained within the DPT.

Regards
Carsten

Bug#1008085: telegram-desktop: Please use system decorations by default, they make it buggy on pinephone

[Salvo "LtWorf" Tomaselli]

Package: telegram-desktop
Version: 3.6.1+ds-1
Severity: normal
X-Debbugs-Cc: tipos...@tiscali.it

Dear Maintainer,

the new version of telegram is enabling by default some weird client side
decoration.

What happens on a phinephone is that under the top bar with the clock and such
there is a completely useless gray bar and then the normal UI.

The problem is that when opening the on screen keyboard, the text input will be
hidden behind the on screen keyboard, so I have no idea of what I'm typing.

Disabling the client side decoration fixes it.

So I think it'd be more sensible to revert the upstream default to not having
them, since most users will probably not be able to figure out the workaround
for the issue.

Thanks for your work packaing this software.

Best

-- Package-specific info:

-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.16.0-1-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages telegram-desktop depends on:
ii  libabsl20210324 0~20210324.2-2
ii  libavcodec587:4.4.1-3+b2
ii  libavformat58   7:4.4.1-3+b2
ii  libavutil56 7:4.4.1-3+b2
ii  libc6   2.33-7
ii  libgcc-s1   12-20220319-1
ii  libglib2.0-02.72.0-1
ii  libglibmm-2.4-1v5   2.66.2-2+b1
ii  libhunspell-1.7-0   1.7.0-4
ii  libjpeg62-turbo 1:2.1.2-1
ii  libkf5waylandclient54:5.90.0-1
ii  liblz4-11.9.3-2
ii  libminizip1 1.1-8+b1
ii  libopenal1  1:1.19.1-2
ii  libopus01.3.1-0.1
ii  libqrcodegencpp11.7.0-2+b1
ii  libqt5core5a [qtbase-abi-5-15-2]5.15.2+dfsg-15
ii  libqt5gui5  5.15.2+dfsg-15
ii  libqt5network5  5.15.2+dfsg-15
ii  libqt5svg5  5.15.2-4
ii  libqt5waylandclient5 [qtwayland-client-abi-5-15-2]  5.15.2-4
ii  libqt5widgets5  5.15.2+dfsg-15
ii  librlottie0-1   0.1+dfsg-2
ii  libsigc++-2.0-0v5   2.10.4-2
ii  libssl1.1   1.1.1n-1
ii  libstdc++6  12-20220319-1
ii  libswresample3  7:4.4.1-3+b2
ii  libswscale5 7:4.4.1-3+b2
ii  libvpx7 1.11.0-2
ii  libx11-62:1.7.2-2+b1
ii  libxcb-keysyms1 0.4.0-1+b2
ii  libxcb-record0  1.14-3
ii  libxcb-screensaver0 1.14-3
ii  libxcb1 1.14-3
ii  libxcomposite1  1:0.4.5-1
ii  libxdamage1 1:1.1.5-2
ii  libxext62:1.3.4-1
ii  libxfixes3  1:6.0.0-1
ii  libxrandr2  2:1.5.2-1
ii  libxtst62:1.2.3-1
ii  libxxhash0  0.8.1-1
ii  qt5-image-formats-plugins   5.15.2-2+b1
ii  zlib1g  1:1.2.11.dfsg-3

Versions of packages telegram-desktop recommends:
ii  fonts-open-sans  1.11-2

telegram-desktop suggests no packages.

Versions of packages telegram-desktop is related to:
ii  xdg-desktop-portal   1.14.1-1
ii  xdg-desktop-portal-gtk [xdg-desktop-portal-backend]  1.14.0-1

-- no debconf information
[2022.03.22 09:12:55] Launched version: 3006001, install beta: [FALSE], alpha: 
0, debug mode: [FALSE]
[2022.03.22 09:12:55] Executable dir: /usr/bin/, name: telegram-desktop
[2022.03.22 09:12:55] Initial working dir: /home/salvo/
[2022.03.22 09:12:55] Working dir: /home/salvo/.local/share/TelegramDesktop/
[2022.03.22 09:12:55] Command line: /usr/bin/telegram-desktop --
[2022.03.22 09:12:55] Executable path before check: /usr/bin/telegram-desktop
[2022.03.22 09:12:55] Logs started
[2022.03.22 09:12:55]