Bug#1040682: FTBFS in colord with meson 1.2.0 rc2

2023-07-08 Thread Eli Schwartz 
Source: colord
Version: 1.4.6-2.2
Severity: serious
Tags: ftbfs

colord successfully passes dh_auto_configure, but fails to build
immediately after:

```
dh override_dh_auto_configure-arch
make[1]: Leaving directory '/<>'
   debian/rules override_dh_auto_configure-indep
make[1]: Entering directory '/<>'
meson configure  -Dsession_example=false -Ddaemon_user=colord
-Dvapi=true -Ddocs=false -Dinstalled_tests=true -Dargyllcms_sensor=true
 -Dsane=true -Dprint_profiles=true

ERROR: No valid build directory found, cannot modify options.
make[1]: *** [debian/rules:38: override_dh_auto_configure-indep] Error 1
```

The cause of this is that setup options are passed to meson's "print the
values of all options" subcommand.

Previous versions of meson would print the following warning:

The source directory instead of the build directory was specified.
Only the default values for the project are printed, and all command
line parameters are ignored.


The release candidate makes this an error instead. If you want to print
the values of available options, simply avoid passing arguments; this
works both in a source directory and a build directory.

-- 
Eli Schwartz

Bug#1040681: devscripts: transition-check disagrees with tracker.d.o

2023-07-08 Thread Ross Vandegrift 
Package: devscripts
Version: 2.23.4
Severity: normal
X-Debbugs-Cc: rvandegr...@debian.org

Hello,

I just happened to notice that https://tracker.debian.org/pkg/efl lists a
transition that src:efl is involved in, but transition-check doesn't notice:

$ transition-check
transition-check: No packages examined are currently blocked

Ross


-- Package-specific info:

--- /etc/devscripts.conf ---
Empty.

--- ~/.devscripts ---
DEBSIGN_KEYID="B008 D750 B6B7 8361 ED53  56F0 DAB3 8932 9A4C FA16"

-- System Information:
Debian Release: 12.0
  APT prefers stable-security
  APT policy: (500, 'stable-security'), (500, 'stable'), (40, 'unstable'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.4.0-rc3 (SMP w/16 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages devscripts depends on:
ii  dpkg-dev  1.21.22
ii  fakeroot  1.31-1.2
ii  file  1:5.44-3
ii  gnupg 2.2.40-1.1
ii  gpgv  2.2.40-1.1
ii  libc6 2.36-9
ii  libfile-dirlist-perl  0.05-3
ii  libfile-homedir-perl  1.006-2
ii  libfile-touch-perl0.12-2
ii  libfile-which-perl1.27-2
ii  libipc-run-perl   20220807.0-1
ii  libmoo-perl   2.005005-1
ii  libwww-perl   6.68-1
ii  patchutils0.4.2-1
ii  perl  5.36.0-7
ii  python3   3.11.2-1+b1
ii  sensible-utils0.0.17+nmu1
ii  wdiff 1.2.2-5

Versions of packages devscripts recommends:
ii  apt 2.6.1
ii  curl7.88.1-10
ii  dctrl-tools 2.24-3+b1
ii  debian-keyring  2022.12.24
ii  dput1.1.3
ii  equivs  2.3.1
ii  libdistro-info-perl 1.5
ii  libdpkg-perl1.21.22
ii  libencode-locale-perl   1.05-3
ii  libgit-wrapper-perl 0.048-2
ii  libgitlab-api-v4-perl   0.26-3
ii  liblist-compare-perl0.55-2
ii  liblwp-protocol-https-perl  6.10-1
ii  libsoap-lite-perl   1.27-3
ii  libstring-shellquote-perl   1.04-3
ii  libtry-tiny-perl0.31-2
ii  liburi-perl 5.17-1
ii  licensecheck3.3.5-1
ii  lintian 2.116.3
ii  man-db  2.11.2-2
ii  patch   2.7.6-7
ii  pristine-tar1.50
ii  python3-apt 2.6.0
ii  python3-debian  0.1.49
ii  python3-magic   2:0.4.26-3
ii  python3-requests2.28.1+dfsg-1
ii  python3-unidiff 0.7.3-1
ii  python3-xdg 0.28-2
ii  strace  6.1-0.1
ii  unzip   6.0-28
ii  wget1.21.3-1+b2
ii  xz-utils5.4.1-0.2

Versions of packages devscripts suggests:
ii  adequate  0.15.7
pn  at
ii  autopkgtest   5.28
pn  bls-standalone
ii  build-essential   12.9
pn  check-all-the-things  
pn  cvs-buildpackage  
ii  debhelper 13.11.4
pn  diffoscope
pn  disorderfs
pn  dose-extra
pn  duck  
ii  elpa-devscripts   40.5
pn  faketime  
ii  gnuplot   5.4.4+dfsg1-2
ii  gnuplot-qt [gnuplot]  5.4.4+dfsg1-2+b2
pn  how-can-i-help
ii  libauthen-sasl-perl   2.1600-3
pn  libdbd-pg-perl
ii  libfile-desktopentry-perl 0.22-3
pn  libterm-size-perl 
ii  libtimedate-perl  2.3300-2
ii  libyaml-syck-perl 1.34-2+b1
ii  mailutils [mailx] 1:3.15-4
ii  mmdebstrap1.3.5-7
pn  mozilla-devscripts
pn  mutt  
ii  openssh-client [ssh-client]   1:9.2p1-2
ii  piuparts  1.1.7
ii  postgresql-client-15 [postgresql-client]  15.3-0+deb12u1
pn  pristine-lfs  
ii  quilt 0.67+really0.66-1
pn  ratt  
pn  reprotest 
pn  svn-buildpackage  
pn  w3m   

-- no debconf information

Bug#1040680: bookworm-pu: package node-openpgp-seek-bzip/1.0.5-2+deb12u1

2023-07-08 Thread Yadd 
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: node-openpgp-seek-b...@packages.debian.org
Control: affects -1 + src:node-openpgp-seek-bzip

[ Reason ]
src:node-openpgp-seek-bzip provides:
 * a Node.js module (node-openpgp-seek-bzip)
 * command-line scripts (seek-bzip)

This second package is unusable due to missing files and broken links.

[ Impact ]
/usr/bin/seek-bunzip and /usr/bin/seek-table are unusable

[ Tests ]
No changes

[ Risks ]
No risk, this just fix install

[ Checklist ]
  [X] *all* changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in (old)stable
  [X] the issue is verified as fixed in unstable

[ Changes ]
Install missing /usr/share/nodejs/seek-bzip/bin files and fix links in
/usr/bin

Regards,
Yadd
diff --git a/debian/changelog b/debian/changelog
index daa35de..20dc0b2 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+node-openpgp-seek-bzip (1.0.5-2+deb12u1) bookworm; urgency=medium
+
+  * Team upload
+  * Fix seek-bzip install (Closes: #1040584)
+
+ -- Yadd   Sun, 09 Jul 2023 09:29:47 +0400
+
 node-openpgp-seek-bzip (1.0.5-2) unstable; urgency=medium
 
   * Team upload
diff --git a/debian/nodejs/links b/debian/nodejs/links
index 0ff514c..6c89a6e 100644
--- a/debian/nodejs/links
+++ b/debian/nodejs/links
@@ -1,2 +1,2 @@
-@openpgp/seek-bzip/bin/seek-bunzip /usr/bin/seek-bunzip
-@openpgp/seek-bzip/bin/seek-bzip-table /usr/bin/seek-table
+seek-bzip/bin/seek-bunzip /usr/bin/seek-bunzip
+seek-bzip/bin/seek-bzip-table /usr/bin/seek-table
diff --git a/debian/seek-bzip.install b/debian/seek-bzip.install
index e772481..8bbbe8d 100644
--- a/debian/seek-bzip.install
+++ b/debian/seek-bzip.install
@@ -1 +1,2 @@
 usr/bin
+usr/share/nodejs/seek-bzip/bin

Bug#1040679: bullseye-pu: package node-dottie/2.0.2-4+deb11u1

2023-07-08 Thread Yadd 
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: node-dot...@packages.debian.org
Control: affects -1 + src:node-dottie

[ Reason ]
node-dottie is vulnerable to prototype pollution (#1040592,
CVE-2023-26132)

[ Impact ]
Medium security issue

[ Tests ]
Test updated passed

[ Risks ]
Low risk, patch is trivial

[ Checklist ]
  [X] *all* changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in (old)stable
  [X] the issue is verified as fixed in unstable

[ Changes ]
Don't allow __proto__ modifications.
Patch includes also debian/tests/pkg-js/enable_proto file to allow
__proto__ calls during autopkgtest (forbidden by default) because patch
includes a prototype-pollution test

Cheers,
Yadd
diff --git a/debian/changelog b/debian/changelog
index 9edf53f..5c9d435 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+node-dottie (2.0.2-4+deb11u1) bullseye; urgency=medium
+
+  * Team upload
+  * Fix prototype pollution (Closes: #1040592, CVE-2023-26132)
+
+ -- Yadd   Sun, 09 Jul 2023 08:46:31 +0400
+
 node-dottie (2.0.2-4) unstable; urgency=medium
 
   * Team upload
diff --git a/debian/patches/CVE-2023-26132.patch 
b/debian/patches/CVE-2023-26132.patch
new file mode 100644
index 000..5186407
--- /dev/null
+++ b/debian/patches/CVE-2023-26132.patch
@@ -0,0 +1,76 @@
+Description: rudimentary __proto__ guarding
+Author: Mick Hansen 
+Origin: upstream, https://github.com/mickhansen/dottie.js/commit/7d3aee1c
+Bug: https://security.snyk.io/vuln/SNYK-JS-DOTTIE-3332763
+Bug-Debian: https://bugs.debian.org/1040592
+Forwarded: not-needed
+Applied-Upstream: 2.0.6, commit:7d3aee1c
+Reviewed-By: Yadd 
+Last-Update: 2023-07-09
+
+--- a/README.md
 b/README.md
+@@ -42,6 +42,8 @@
+ });
+ ```
+ 
++If you accept arbitrary/user-defined paths to `set` you should call 
`Object.preventExtensions(values)` first to guard against potential pollution.
++
+ ### Transform object
+ Transform object from keys with dottie notation to nested objects
+ 
+--- a/dottie.js
 b/dottie.js
+@@ -72,6 +72,7 @@
+   // Set nested value
+   Dottie.set = function(object, path, value, options) {
+ var pieces = Array.isArray(path) ? path : path.split('.'), current = 
object, piece, length = pieces.length;
++if (pieces[0] === '__proto__') return;
+ 
+ if (typeof current !== 'object') {
+ throw new Error('Parent is not an object.');
+@@ -137,6 +138,9 @@
+ 
+   if (key.indexOf(options.delimiter) !== -1) {
+ pieces = key.split(options.delimiter);
++
++if (pieces[0] === '__proto__') break;
++
+ piecesLength = pieces.length;
+ current = transformed;
+ 
+--- a/test/set.test.js
 b/test/set.test.js
+@@ -45,4 +45,12 @@
+ });
+ expect(data.foo.bar.baz).to.equal('someValue');
+   });
++
++  it('should not attempt to set __proto__', function () {
++var data = {};
++
++dottie.set(data, '__proto__.pollution', 'polluted');
++
++expect(data.__proto__.pollution).to.be.undefined;
++  });
+ });
+\ No newline at end of file
+--- a/test/transform.test.js
 b/test/transform.test.js
+@@ -145,4 +145,16 @@
+ expect(transformed.user.location.city).to.equal('Zanzibar City');
+ expect(transformed.project.title).to.equal('dottie');
+   });
++
++  it("should guard against prototype pollution", function () {
++var values = {
++  'user.name': 'John Doe',
++  '__proto__.pollution': 'pollution'
++};
++
++var transformed = dottie.transform(values);
++expect(transformed.user).not.to.equal(undefined);
++expect(transformed.user.name).to.equal('John Doe');
++expect(transformed.__proto__.pollution).to.be.undefined;
++  });
+ });
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 000..e86da5e
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+CVE-2023-26132.patch
diff --git a/debian/tests/pkg-js/enable_proto b/debian/tests/pkg-js/enable_proto
new file mode 100644
index 000..e69de29

Bug#1040678: bookworm-pu: package node-dottie/2.0.2-4+deb12u1

2023-07-08 Thread Yadd 
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: node-dot...@packages.debian.org
Control: affects -1 + src:node-dottie

[ Reason ]
node-dottie is vulnerable to prototype pollution (#1040592,
CVE-2023-26132)

[ Impact ]
Medium security issue

[ Tests ]
Test updated passed

[ Risks ]
Low risk, patch is trivial

[ Checklist ]
  [X] *all* changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in (old)stable
  [X] the issue is verified as fixed in unstable

[ Changes ]
Don't allow __proto__ modifications.
Patch includes also debian/tests/pkg-js/enable_proto file to allow
__proto__ calls during autopkgtest (forbidden by default) because patch
includes a prototype-pollution test

Cheers,
Yadd
diff --git a/debian/changelog b/debian/changelog
index 9edf53f..a6edff9 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+node-dottie (2.0.2-4+deb12u1) bookworm; urgency=medium
+
+  * Team upload
+  * Fix prototype pollution (Closes: #1040592, CVE-2023-26132)
+
+ -- Yadd   Sun, 09 Jul 2023 08:43:00 +0400
+
 node-dottie (2.0.2-4) unstable; urgency=medium
 
   * Team upload
diff --git a/debian/patches/CVE-2023-26132.patch 
b/debian/patches/CVE-2023-26132.patch
new file mode 100644
index 000..5186407
--- /dev/null
+++ b/debian/patches/CVE-2023-26132.patch
@@ -0,0 +1,76 @@
+Description: rudimentary __proto__ guarding
+Author: Mick Hansen 
+Origin: upstream, https://github.com/mickhansen/dottie.js/commit/7d3aee1c
+Bug: https://security.snyk.io/vuln/SNYK-JS-DOTTIE-3332763
+Bug-Debian: https://bugs.debian.org/1040592
+Forwarded: not-needed
+Applied-Upstream: 2.0.6, commit:7d3aee1c
+Reviewed-By: Yadd 
+Last-Update: 2023-07-09
+
+--- a/README.md
 b/README.md
+@@ -42,6 +42,8 @@
+ });
+ ```
+ 
++If you accept arbitrary/user-defined paths to `set` you should call 
`Object.preventExtensions(values)` first to guard against potential pollution.
++
+ ### Transform object
+ Transform object from keys with dottie notation to nested objects
+ 
+--- a/dottie.js
 b/dottie.js
+@@ -72,6 +72,7 @@
+   // Set nested value
+   Dottie.set = function(object, path, value, options) {
+ var pieces = Array.isArray(path) ? path : path.split('.'), current = 
object, piece, length = pieces.length;
++if (pieces[0] === '__proto__') return;
+ 
+ if (typeof current !== 'object') {
+ throw new Error('Parent is not an object.');
+@@ -137,6 +138,9 @@
+ 
+   if (key.indexOf(options.delimiter) !== -1) {
+ pieces = key.split(options.delimiter);
++
++if (pieces[0] === '__proto__') break;
++
+ piecesLength = pieces.length;
+ current = transformed;
+ 
+--- a/test/set.test.js
 b/test/set.test.js
+@@ -45,4 +45,12 @@
+ });
+ expect(data.foo.bar.baz).to.equal('someValue');
+   });
++
++  it('should not attempt to set __proto__', function () {
++var data = {};
++
++dottie.set(data, '__proto__.pollution', 'polluted');
++
++expect(data.__proto__.pollution).to.be.undefined;
++  });
+ });
+\ No newline at end of file
+--- a/test/transform.test.js
 b/test/transform.test.js
+@@ -145,4 +145,16 @@
+ expect(transformed.user.location.city).to.equal('Zanzibar City');
+ expect(transformed.project.title).to.equal('dottie');
+   });
++
++  it("should guard against prototype pollution", function () {
++var values = {
++  'user.name': 'John Doe',
++  '__proto__.pollution': 'pollution'
++};
++
++var transformed = dottie.transform(values);
++expect(transformed.user).not.to.equal(undefined);
++expect(transformed.user.name).to.equal('John Doe');
++expect(transformed.__proto__.pollution).to.be.undefined;
++  });
+ });
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 000..e86da5e
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+CVE-2023-26132.patch
diff --git a/debian/tests/pkg-js/enable_proto b/debian/tests/pkg-js/enable_proto
new file mode 100644
index 000..e69de29

Bug#1040677: bullseye-pu: package node-tough-cookie/4.0.0-2+deb11u1

2023-07-08 Thread Yadd 
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: node-tough-coo...@packages.debian.org
Control: affects -1 + src:node-tough-cookie

[ Reason ]
node-tough-cookie is vulnerable to prototype pollution

[ Impact ]
Littel security issue

[ Tests ]
Test updated, passed

[ Risks ]
No risk, patch is trivial and tested

[ Checklist ]
  [X] *all* changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in (old)stable
  [X] the issue is verified as fixed in unstable

[ Changes ]
Create new object instead of using default {}

Cheers,
Yadd
diff --git a/debian/changelog b/debian/changelog
index 3652359..84339cf 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+node-tough-cookie (4.0.0-2+deb11u1) bullseye; urgency=medium
+
+  * Team upload
+  * Fix prototype pollution (Closes: CVE-2023-26136)
+
+ -- Yadd   Sun, 09 Jul 2023 08:32:32 +0400
+
 node-tough-cookie (4.0.0-2) unstable; urgency=medium
 
   * Team upload
diff --git a/debian/patches/CVE-2023-26136.patch 
b/debian/patches/CVE-2023-26136.patch
new file mode 100644
index 000..05e6372
--- /dev/null
+++ b/debian/patches/CVE-2023-26136.patch
@@ -0,0 +1,71 @@
+Description: Fix prototype pollution
+ CVE-2023-26136
+Author: Yadd 
+Forwarded: not-needed
+Last-Update: 2023-07-07
+
+--- a/lib/memstore.js
 b/lib/memstore.js
+@@ -39,7 +39,7 @@
+   constructor() {
+ super();
+ this.synchronous = true;
+-this.idx = {};
++this.idx = Object.create(null);
+ if (util.inspect.custom) {
+   this[util.inspect.custom] = this.inspect;
+ }
+@@ -109,10 +109,10 @@
+ 
+   putCookie(cookie, cb) {
+ if (!this.idx[cookie.domain]) {
+-  this.idx[cookie.domain] = {};
++  this.idx[cookie.domain] = Object.create(null);
+ }
+ if (!this.idx[cookie.domain][cookie.path]) {
+-  this.idx[cookie.domain][cookie.path] = {};
++  this.idx[cookie.domain][cookie.path] = Object.create(null);
+ }
+ this.idx[cookie.domain][cookie.path][cookie.key] = cookie;
+ cb(null);
+@@ -144,7 +144,7 @@
+ return cb(null);
+   }
+   removeAllCookies(cb) {
+-this.idx = {};
++this.idx = Object.create(null);
+ return cb(null);
+   }
+   getAllCookies(cb) {
+--- a/test/cookie_jar_test.js
 b/test/cookie_jar_test.js
+@@ -669,4 +669,29 @@
+   }
+ }
+   })
++  .addBatch({
++"Issue #282 - Prototype pollution": {
++  "when setting a cookie with the domain __proto__": {
++topic: function() {
++  const jar = new tough.CookieJar(undefined, {
++rejectPublicSuffixes: false
++  });
++  // try to pollute the prototype
++  jar.setCookieSync(
++"Slonser=polluted; Domain=__proto__; Path=/notauth",
++"https://__proto__/admin;
++  );
++  jar.setCookieSync(
++"Auth=Lol; Domain=google.com; Path=/notauth",
++"https://google.com/;
++  );
++  this.callback();
++},
++"results in a cookie that is not affected by the attempted prototype 
pollution": function() {
++  const pollutedObject = {};
++  assert(pollutedObject["/notauth"] === undefined);
++}
++  }
++}
++  })
+   .export(module);
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 000..67af372
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+CVE-2023-26136.patch

Bug#1040676: elpa-debian-el: Documentation fixes.

2023-07-08 Thread manphiz 

Package: elpa-debian-el
Version: 37.10
Severity: normal
X-Debbugs-Cc: none, Manphiz 

Dear Maintainers,

I have a merge request on salsa[1] for documentation fixes for the
package elpa-debian-el.  The first commit has typo fixes only, the
second one has some proposed wording fixes.  Please review.  Thanks!

[1] https://salsa.debian.org/emacsen-team/debian-el/-/merge_requests/10


-- System Information:
Debian Release: 12.0
  APT prefers stable-security
  APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-10-amd64 (SMP w/16 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE 
not set

Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages elpa-debian-el depends on:
ii  bzip2   1.0.8-5+b1
ii  dh-elpa-helper  2.0.16
ii  dpkg1.21.22
ii  emacsen-common  3.0.5
ii  reportbug   12.0.0
ii  xz-utils5.4.1-0.2

Versions of packages elpa-debian-el recommends:
ii  emacs  1:28.2+1-15
ii  emacs-gtk [emacs]  1:28.2+1-15
ii  wget   1.21.3-1+b2

elpa-debian-el suggests no packages.

-- no debconf information


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1040675: ca-certificates-java: incorrect "Breaks:" versions about ubuntu

2023-07-08 Thread Vincent Lefevre 
Package: ca-certificates-java
Severity: serious

ca-certificates-java 20230707 has

Breaks: openjdk-11-jre-headless (<< 11.0.19+7~1~), openjdk-17-jre-headless (<< 
17.0.8~6-3~), openjdk-18-jre-headless (<< 18.0.2+9-2ubuntu1~), 
openjdk-19-jre-headless (<< 19.0.2+7-0ubuntu4~), openjdk-20-jre-headless (<< 
20.0.1+9~1~), openjdk-21-jre-headless (<< 21~9ea-1~), openjdk-8-jre-headless 
(<< 8u382~b04-2~)

with versions concerning ubuntu. This is Debian here! This prevents
its installation in Debian when openjdk-18-jre-headless from unstable
is installed.

-- System Information:
Debian Release: trixie/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'stable-security'), (500, 
'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
merged-usr: no
Architecture: amd64 (x86_64)

Kernel: Linux 6.3.0-1-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=POSIX, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Bug#1040674: config.txt during kernel upgrade spends time in non-bootable state

2023-07-08 Thread Joey Hess 
Package: raspi-firmware
Version: 1.20220830+ds-1
Severity: normal

While upgrading the kernel, my raspberry pi reset and failed to
come back up to a usable state. Serial console showed the last thing
output was the kernel saying it was running init. Investigation of the
SD card found this in config.txt (abbreviated to relevant lines):

kernel=vmlinuz-6.3.0-1-armmp.dpkg-new
initramfs initrd.img-6.1.0-9-armmp

Note the kernel and initrd version mismatch.
(The .dpkg-new being used in there also seems a bit problimatic..)

I had to edit it back to using vmlinuz-6.1.0-9-armmp to fix the problem.

It seems to me that since rpis are known to be rather picky about
power[1], it's especially important to make such a critical thing as a
kernel upgrade not fail if the power goes out.

-- 
see shy jo

[1] Though I suspect mine is just a bad board, since it regularly resets
when under load and was being powered by USB from my laptop, which
should be a good solid power supply.


signature.asc
Description: PGP signature

Bug#1039724: gpgme: building underbookworm fails with no matches in python3-gpg.install

2023-07-08 Thread Ted 
Thank you for pointing this out. I have removed python3-setuptools and
successfully built gpgme1.0.
For fun I will see if I can figure out how to add this to Conflicts.

On Wed, Jul 5, 2023 at 12:30 PM Andreas Metzler  wrote:

> On 2023-07-04 Ted  wrote:
> > The only software which has ever run here is from a bookworm or vscodim
> > repo so i will just wait for bookworm to stabilize and hope i can abandon
> > the workarounds in the future.
>
> Hello,
>
> You were right all the time. python3-setuptools is the culprit,
> installing it breaks the build.
>
> cu Andreas
> --
> `What a good friend you are to him, Dr. Maturin. His other friends are
> so grateful to you.'
> `I sew his ears on from time to time, sure'
>


-- 

-Theodoric

Bug#1019236: Why does mere inclusion of pstricks change A4 to letter?

2023-07-08 Thread Peter Mueller 
The next might sound as if it were a silly excuse, but the Web interface of my 
e-mail server has an issue right now (a few minutes before, everything worked 
just fine); I can only write an “answer to all” (but not construct any e-mails 
to new folks).  This may or may not repair itself later; I don't know.  Thus, 
could I kindly ask you to please send this to pstri...@tug.org (just a copy and 
paste; if you wish to, Cc also Herbert Voss and Rolf Niepraschk; their e-mails 
are in pst-node.sty): “ Dear PSTricks maintainers, Might we kindly draw your 
attention to http://bugs.debian.org/1019236 ? My stock TeX Live version 
2022.20230122-3 with texlive-pstricks 2022.20230122-4 is set up to produce A4 
output by default. Reproduce: 1) Create mwe.tex containing 
\documentclass{article} \pagestyle{empty} \usepackage{pst-node}% letter with 
this, A4 without this. pstricks or pst-all would do as well. Checked with 
pst-node.sty version 2012/09/18 v1.01. \begin{document} test \end{document} 2) 
Run latex mwe dvipdf -dALLOWPSTRANSPARENCY mwe.dvi pdfinfo mwe.pdf 3) Observe 
that the resulting PDF has letter format. If we don't use pst-node, pstricks, 
or pst-all, we get A4 as usual. Simply using a drawing package and not 
specifying anything about the paper (such as the class options a4paper or 
letterpaper) should not incur a deviation from the system-default paper format. 
Gratefully! ”
06.07.2023, 20:46, Preuße, Hilmar < mailto:hill...@web.de hill...@web.de >
On 06.07.2023 12:24, Peter Mueller wrote: Hi, > Don't know about unstable (I 
cannot risk an upgrade now), but as for > the texlive-pstricks 2022.20230122-4 
containing pst-node.sty > 2012/09/18 v1.01, the bug still exists. > Do you have 
the time to discuss this with the upstream author. I don't have. Sorry! Hilmar 
-- sigfault

Bug#1018206: Info received (Bug#1018206: luatex loses or changes text when discretionaries with priorities are used)

2023-07-08 Thread Peter Mueller 
@Hilmar: A typo. I meant: The message sequence [2] in the NTG mailing list is 
correct. I cannot judge about the code [1]. If my memory serves me right, the 
actual change might have happened a few revisions later.  Still, no guarantee. 
So if you can't find the right revision, it's probably safer not to do anything 
despite severe effects.
@Hans: Any idea about which revision or revisions fix 
http://bugs.debian.org/1018206 ?
Peter

Bug#1018206: luatex loses or changes text when discretionaries with priorities are used

2023-07-08 Thread Peter Mueller 
I'd appreciate this. The message [1] in the NTG mailing list is correct. I 
cannot judge about [2].
Gratefully, Peter
06.07.2023, 20:44, Preuße, Hilmar < mailto:hill...@web.de hill...@web.de >
I guess this is [1] according to [2]. I'll try to do something, but it won't be 
for 12.1, which will be released soon. H. [1] 
https://github.com/TeX-Live/luatex/commit/77e10504fec9a0d131af670eadcfe9a0db4e3bf0#diff-06ca41d7c22a6c478aa499841874506676b8f9183cd37c3b928c386d87ffcb4c
 
https://github.com/TeX-Live/luatex/commit/77e10504fec9a0d131af670eadcfe9a0db4e3bf0#diff-06ca41d7c22a6c478aa499841874506676b8f9183cd37c3b928c386d87ffcb4c
 [2] 
https://mailman.ntg.nl/archives/list/dev-lua...@ntg.nl/thread/XVFUXHHDWNVYMVMYYICWMP4CJTQGFLH4
 
https://mailman.ntg.nl/archives/list/dev-lua...@ntg.nl/thread/XVFUXHHDWNVYMVMYYICWMP4CJTQGFLH4
 /

Bug#1040673: needrestart: Fix typo in VM check

2023-07-08 Thread David Weinehall 
Package: needrestart
Version: 3.6-5
Severity: minor
Tags: patch upstream
X-Debbugs-Cc: t...@debian.org

needrestart has a typo in the output when checking if VMs need to be restarted:

VM guests are running outdated hypervisor (qemu) binaries on this host:
 'Unkown VM'


-- Package-specific info:
needrestart output:
Your outdated processes:
at-spi-bus-laun[1393], at-spi2-registr[1740], bash[80130, 2934, 71378, 8949, 
14404, 2949, 51322], crc[55599], dbus-daemon[1290, 1400], dconf-service[1723], 
evolution-addre[1704], evolution-alarm[1805], evolution-calen[1673], 
evolution-sourc[1631], firefox[29692], gcr-ssh-agent[1366], 
gdm-wayland-ses[1309], gjs[1863, 1738], gnome-keyring-d[1292], 
gnome-session-b[1317, 1376], gnome-session-c[1367], gnome-shell[1392], 
gnome-shell-cal[1625], gnome-terminal-[2908], goa-daemon[1661], 
goa-identity-se[1680], gsd-a11y-settin[1762], gsd-color[1766], 
gsd-datetime[1767], gsd-disk-utilit[1780], gsd-housekeepin[1769], 
gsd-keyboard[1771], gsd-media-keys[1772], gsd-power[1774], 
gsd-print-notif[1776], gsd-printer[2088], gsd-rfkill[1779], 
gsd-screensaver[1782], gsd-sharing[1786], gsd-smartcard[1787], gsd-sound[1789], 
gsd-usb-protect[1791], gsd-wacom[1796], gsd-xsettings[3563], gst123[95011], 
gvfs-afc-volume[1700], gvfsd[1306], gvfsd-dnssd[58433], gvfsd-fuse[1316], 
gvfsd-metadata[2277], gvfsd-network[58416], gvfsd-trash[58397], 
gvfs-goa-volume[1668], gvfs-gphoto2-vo[1692], gvfs-mtp-volume[1688], 
gvfs-udisks2-vo[1656], ibus-daemon[1765], ibus-dconf[1884], 
ibus-engine-sim[2146], ibus-extension-[1887], ibus-portal[1893], 
ibus-x11[3601], Isolated Web Co[51054, 31595, 30207, 37875, 30146, 38437, 
38525, 37636, 60208, 36247, 64504, 50887], MainThread[51245, 31801], 
pipewire[1283, 1284], pipewire-pulse[1288], playdir[95010], Privileged 
Cont[29865], python3[1790], RDD Process[30387], sh[1761], Socket 
Process[29820], solaar[1809], systemd[1231], tracker-miner-f[2191], Utility 
Process[30389], WebExtensions[29847], wireplumber[1287], xdg-desktop-por[3684, 
3696, 3670], xdg-document-po[3674], xdg-permission-[1594], Xwayland[3505]



-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.3.0-2-amd64 (SMP w/20 CPU threads; PREEMPT)
Kernel taint flags: TAINT_USER, TAINT_WARN
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages needrestart depends on:
ii  dpkg   1.21.22
ii  gettext-base   0.21-12
ii  libintl-perl   1.33-1
ii  libmodule-find-perl0.16-2
ii  libmodule-scandeps-perl1.31-2
ii  libproc-processtable-perl  0.636-1
ii  libsort-naturally-perl 1.03-4
ii  libterm-readkey-perl   2.38-2+b1
ii  perl   5.36.0-7
ii  xz-utils   5.4.1-0.2

Versions of packages needrestart recommends:
ii  libpam-systemd  253.5-1
ii  systemd 253.5-1

Versions of packages needrestart suggests:
ii  iucode-tool  2.3.1-3
pn  needrestart-session | libnotify-bin  

-- no debconf information

Bug#1040519: bookworm-pu: package samba/2:4.17.9+dfsg-0+deb12u1

2023-07-08 Thread Adrian Bunk 
On Sun, Jul 09, 2023 at 01:13:55AM +0300, Michael Tokarev wrote:
>...
> I'll see what can be done tomorrow. Apparently it might be better to revert
> this keyring change for bookworm and fix it for good in trixie first.
>...

And BTW, manually linking with libatomic is the correct fix here for 
your package.

"fix it for good" would be to fix gcc, but such a fix would not be 
backported to bookworm.

> Thank you!
> 
> /mjt

cu
Adrian

Bug#885414: base-files: lack of quoting in shell variable expansions in /etc/profile

2023-07-08 Thread so54p1+4s6g31jabjix4 
Package: base-files
Version: 12.4
Followup-For: Bug #885414

Dear Maintainer,

is there any progress on this issue? It causes issues when files with
spaces are placed in /etc/profile.d/

Bug#1040672: zstd.1: malformed man page

2023-07-08 Thread Bjarni Ingi Gislason 
Package: zstd
Version: 1.5.5+dfsg2-1
Severity: normal
Tags: patch

Dear Maintainer,

  this man page was transformed from another source file with a
program, whose name is _NOT_ mentioned in a comment.

  A table is never used in the Synopsis section

  Following are some errors.

-.-.

Output from "mandoc -T lint zstd.1":

mandoc: zstd.1:5:2: ERROR: tbl without any data cells
mandoc: zstd.1:7:12: ERROR: invalid character in tbl layout: [
mandoc: zstd.1:7:13: ERROR: invalid character in tbl layout: \
mandoc: zstd.1:7:15: WARNING: unknown font, skipping request: TS fIOPTIONS\fR] 
[\-  \fIINPUT\-FILE\fR] [\-o \fIOUTPUT\-FILE\fR]
mandoc: zstd.1:7:1: ERROR: invalid character in tbl layout: \
mandoc: zstd.1:7:20: ERROR: invalid character in tbl layout: O
mandoc: zstd.1:7:23: ERROR: invalid character in tbl layout: \
mandoc: zstd.1:7:25: WARNING: unknown font, skipping request: TS fR] [\-
\fIINPUT\-FILE\fR] [\-o \fIOUTPUT\-FILE\fR]
mandoc: zstd.1:7:28: ERROR: invalid character in tbl layout: [
mandoc: zstd.1:7:29: ERROR: invalid character in tbl layout: \
mandoc: zstd.1:7:2: ERROR: invalid character in tbl layout: f
mandoc: zstd.1:7:32: ERROR: invalid character in tbl layout: \
mandoc: zstd.1:7:34: WARNING: unknown font, skipping request: TS 
fIINPUT\-FILE\fR] [\-o \fIOUTPUT\-FILE\fR]
mandoc: zstd.1:7:3: ERROR: invalid character in tbl layout: B
mandoc: zstd.1:7:40: ERROR: invalid character in tbl layout: \
mandoc: zstd.1:7:43: WARNING: unknown font, skipping request: TS FILE\fR] [\-o 
\fIOUTPUT\-FILE\fR]
mandoc: zstd.1:7:46: ERROR: invalid character in tbl layout: \
mandoc: zstd.1:7:48: WARNING: unknown font, skipping request: TS fR] [\-o 
\fIOUTPUT\-FILE\fR]
mandoc: zstd.1:7:4: ERROR: invalid character in tbl layout: z
mandoc: zstd.1:7:51: ERROR: invalid character in tbl layout: [
mandoc: zstd.1:7:52: ERROR: invalid character in tbl layout: \
mandoc: zstd.1:7:54: ERROR: invalid character in tbl layout: o
mandoc: zstd.1:7:56: ERROR: invalid character in tbl layout: \
mandoc: zstd.1:7:58: WARNING: unknown font, skipping request: TS 
fIOUTPUT\-FILE\fR]
mandoc: zstd.1:7:5: WARNING: tbl line starts with span
mandoc: zstd.1:7:65: ERROR: invalid character in tbl layout: \
mandoc: zstd.1:7:68: WARNING: unknown font, skipping request: TS FILE\fR]
mandoc: zstd.1:7:71: ERROR: invalid character in tbl layout: \
mandoc: zstd.1:7:73: WARNING: unknown font, skipping request: TS fR]
mandoc: zstd.1:7:8: ERROR: invalid character in tbl layout: \
mandoc: zstd.1:8:2: WARNING: skipping paragraph macro: sp after SH
mandoc: zstd.1:20:119: STYLE: input text line longer than 80 bytes: Source 
files are pre...
mandoc: zstd.1:22:139: STYLE: input text line longer than 80 bytes: When 
compressing a s...
mandoc: zstd.1:33:143: STYLE: input text line longer than 80 bytes: Unless 
\fB\-\-stdout...
mandoc: zstd.1:35:104: STYLE: input text line longer than 80 bytes: When 
compressing, th...
mandoc: zstd.1:37:105: STYLE: input text line longer than 80 bytes: When 
decompressing, ...
mandoc: zstd.1:40:149: STYLE: input text line longer than 80 bytes: It is 
possible to co...
mandoc: zstd.1:43:181: STYLE: input text line longer than 80 bytes: In most 
places where...
mandoc: zstd.1:46:113: STYLE: input text line longer than 80 bytes: Multiply 
the integer...
mandoc: zstd.1:49:117: STYLE: input text line longer than 80 bytes: Multiply 
the integer...
mandoc: zstd.1:54:208: STYLE: input text line longer than 80 bytes: Compress\. 
This is t...
mandoc: zstd.1:60:214: STYLE: input text line longer than 80 bytes: Test the 
integrity o...
mandoc: zstd.1:63:115: STYLE: input text line longer than 80 bytes: Benchmark 
file(s) us...
mandoc: zstd.1:66:194: STYLE: input text line longer than 80 bytes: Use 
\fIFILES\fR as a...
mandoc: zstd.1:69:204: STYLE: input text line longer than 80 bytes: Display 
information ...
mandoc: zstd.1:82:82: STYLE: input text line longer than 80 bytes: Note 1: this 
mode is...
mandoc: zstd.1:84:173: STYLE: input text line longer than 80 bytes: Note 2: 
this mode is...
mandoc: zstd.1:94:147: STYLE: input text line longer than 80 bytes: Note: If 
\fBwindowLo...
mandoc: zstd.1:102:201: STYLE: input text line longer than 80 bytes: Note: 
\fB\-\-long\fR...
mandoc: zstd.1:104:140: STYLE: input text line longer than 80 bytes: Note: for 
all levels...
mandoc: zstd.1:106:210: STYLE: input text line longer than 80 bytes: Note: for 
level 19, ...
mandoc: zstd.1:118:173: STYLE: input text line longer than 80 bytes: This is 
also used du...
mandoc: zstd.1:120:203: STYLE: input text line longer than 80 bytes: 
Additionally, this c...
mandoc: zstd.1:148:341: STYLE: input text line longer than 80 bytes: If input 
directory c...
mandoc: zstd.1:167:124: STYLE: input text line longer than 80 bytes: When 
invoked via a \...
mandoc: zstd.1:170:125: STYLE: input text line longer than 80 bytes: do not 
store the ori...
mandoc: zstd.1:175:296: STYLE: input text line longer than 80 bytes: Employing 
environmen...
mandoc: zstd.1:181:151:

Bug#1040519: bookworm-pu: package samba/2:4.17.9+dfsg-0+deb12u1

2023-07-08 Thread Adrian Bunk 
On Sun, Jul 09, 2023 at 01:13:55AM +0300, Michael Tokarev wrote:
> 09.07.2023 01:01, Adrian Bunk wrote:
> > This does apparently need the -latomic workaround from 2:4.18.3+dfsg-3:
> > https://buildd.debian.org/status/package.php?p=samba=bookworm
> 
> Sigh!
> This is the kerberos in-kernel tickets.. :(
> 
> I haven't realized until now that atomic8 thing come into the game after
> I enabled the in-kernel kerberos tickets.  I was sure it was due to some
> toolchain changes.

FTR, the underlying toolchain bug is not new:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81358

> Now I know why we weren't able to reproduce this issue
> with upstream, - because it happens in the code which is enabled by this
> change.
>...

The error message is a bit cryptic, but it basically says in which lines 
in krcache.c the 64bit loads/stores are for which the CPU has no 
instructions and needs libatomic.

Not linking with libatomic automatically for C11 atomics is the gcc bug.

> Thank you!
> 
> /mjt

cu
Adrian

Bug#1040671: RFP: bottles -- Bottles gaming environment comes preconfigured to play a large number of windows games in linux

2023-07-08 Thread shirish शिरीष 
Package: wnpp
Severity: wishlist

* Package name: bottles
  Version : 51.6
  Upstream Contact: s...@mirko.pm
* URL : https://github.com/bottlesdevs
* License : (GPL, LGPL, BSD, MIT/X, etc.)
  Programming Lang: (C, C++, C#, Perl, Python, etc.)
  Description : Bottles gaming environment comes preconfigured to
play a large number of windows games in linux

Bottles introduces a new way to handle Windows prefixes using
environments, a combination of ready-to-use settings, libraries and
dependencies.

Choose between Gaming and Software environment based on the type of
software you want to start.

More advanced users can choose the Custom environment to configure the
bottle on their own.

-- 
  Regards,
  Shirish Agarwal  शिरीष अग्रवाल
  My quotes in this email licensed under CC 3.0
https://creativecommons.org/licenses/by-nc/3.0/
https://flossexperiences.wordpress.com

E493 D466 6D67 59F5 1FD0 930F 870E 9A5B 5869 609C

Bug#1040519: bookworm-pu: package samba/2:4.17.9+dfsg-0+deb12u1

2023-07-08 Thread Michael Tokarev 

09.07.2023 01:01, Adrian Bunk wrote:

This does apparently need the -latomic workaround from 2:4.18.3+dfsg-3:
https://buildd.debian.org/status/package.php?p=samba=bookworm


Sigh!
This is the kerberos in-kernel tickets.. :(

I haven't realized until now that atomic8 thing come into the game after
I enabled the in-kernel kerberos tickets.  I was sure it was due to some
toolchain changes.  Now I know why we weren't able to reproduce this issue
with upstream, - because it happens in the code which is enabled by this
change.

I'll see what can be done tomorrow. Apparently it might be better to revert
this keyring change for bookworm and fix it for good in trixie first.
Either way, it's for tomorrow.  The very good thing is that now I know the
context which I thought is entirely different.

Thank you!

/mjt

Bug#998627: linux: please enable the new NTFS3 driver in 5.15

2023-07-08 Thread so54p1+4s6g31jabjix4 
Package: linux
Followup-For: Bug #998627

Dear Maintainer,

Please consider enabling the NTFS3 driver for debian-testing, so that it
receives more test coverage before debian 13 (trixie) is released as
stable. Thank you.

-- System Information:
Debian Release: 12.0
  APT prefers stable-security
  APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-9-amd64 (SMP w/1 CPU thread; PREEMPT)
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#1040519: bookworm-pu: package samba/2:4.17.9+dfsg-0+deb12u1

2023-07-08 Thread Adrian Bunk 
This does apparently need the -latomic workaround from 2:4.18.3+dfsg-3:
https://buildd.debian.org/status/package.php?p=samba=bookworm

cu
Adrian

Bug#1040049: gnome-terminal: assert hit on mouseover, all open terminal windows are lost

2023-07-08 Thread Egmont Koblinger 
Hi,

FYI: upstream issue https://gitlab.gnome.org/GNOME/vte/-/issues/2577 is
related, but did not fix this very problem.

The current problem is tracked upstream at
https://gitlab.gnome.org/GNOME/vte/-/issues/2636.

e.

Bug#1040670: xxd.1: some remarks and editorial fixes for the manual

2023-07-08 Thread Bjarni Ingi Gislason 
Package: xxd
Version: 2:9.0.1672-1
Severity: minor
Tags: patch

Dear Maintainer,

here are some notes and editorial fixes for the man page.
The patch is in the attachment.

-.-.

The difference between the formatted outputs can be seen with:

  nroff -man  > 
  nroff -man  > 
  diff -u  

and for groff, using

"groff -man -Z" instead of "nroff -man"

-.-.

Output from "mandoc -T lint xxd.1":

mandoc: xxd.1:57:2: WARNING: skipping paragraph macro: PP empty
mandoc: xxd.1:161:2: WARNING: skipping paragraph macro: PP after SH
mandoc: xxd.1:177:141: STYLE: input text line longer than 80 bytes: hexdump 
with xxd \-r...
mandoc: xxd.1:211:97: STYLE: input text line longer than 80 bytes: The author 
prefers t...
mandoc: xxd.1:213:2: WARNING: skipping paragraph macro: PP after SH
mandoc: xxd.1:214:2: WARNING: skipping paragraph macro: br after PP
mandoc: xxd.1:220:2: WARNING: skipping paragraph macro: br after PP
mandoc: xxd.1:226:2: WARNING: skipping paragraph macro: br after PP
mandoc: xxd.1:242:2: WARNING: skipping paragraph macro: br before sp
mandoc: xxd.1:244:2: WARNING: skipping paragraph macro: br after sp
mandoc: xxd.1:251:52: STYLE: whitespace at end of input line
mandoc: xxd.1:259:53: STYLE: whitespace at end of input line
mandoc: xxd.1:263:53: STYLE: whitespace at end of input line
mandoc: xxd.1:265:52: STYLE: whitespace at end of input line
mandoc: xxd.1:269:2: WARNING: skipping paragraph macro: br after PP
mandoc: xxd.1:276:2: WARNING: skipping paragraph macro: br after PP
mandoc: xxd.1:284:2: WARNING: skipping paragraph macro: br before sp
mandoc: xxd.1:286:2: WARNING: skipping paragraph macro: br after sp
mandoc: xxd.1:295:2: WARNING: skipping paragraph macro: br after PP
mandoc: xxd.1:301:2: WARNING: skipping paragraph macro: br after PP
mandoc: xxd.1:343:2: WARNING: skipping paragraph macro: PP empty
mandoc: xxd.1:368:2: WARNING: skipping paragraph macro: br at the end of SH
mandoc: xxd.1:372:2: WARNING: skipping paragraph macro: br at the end of SH
mandoc: xxd.1:376:2: WARNING: skipping paragraph macro: br after SH
mandoc: xxd.1:393:2: WARNING: skipping paragraph macro: PP empty

-.-.

Add a (no-break, "\ " or "\~") space between a number and a unit,
as these are not one entity.'


202:the 1k where dd left off.

-.-.

Mark a full stop (.) and the exclamation mark (!) with "\&",
if it does not mean an end of a sentence.
This is a preventive action,
the paragraph could be reshaped, e.g., after changes.

When typing, one does not always notice when the line wraps after the
period.
There are too many examples of input lines in manual pages,
that end with an abbreviation point.

This marking is robust, and independent of the position on the line.

It corresponds to "\ " in TeX, and to "@:" in Texinfo.


148:bytes abs. (or rel.) infile offset.

-.-.

Use the correct macro for the font change of a single argument or
split the argument into two.

83:.IR \-e

-.-.

Use "\e" to print the escape character instead of "\\" (which gets
interpreted in copy mode).

257:030: 220a 2e5c 2220 3231 7374 204d  "..\\" 21st M
259:03c: 6179 2031 3939 360a 2e5c 2220  ay 1996..\\" 
263:054: 686f 723a 0a2e 5c22 2020 2020  hor:..\\"

-.-.

Wrong distance between sentences.

  Separate the sentences and subordinate clauses; each begins on a new
line.  See man-pages(7) ("Conventions for source file layout") and
"info groff" ("Input Conventions").

  The best procedure is to always start a new sentence on a new line,
at least, if you are typing on a computer.

Remember coding: Only one command ("sentence") on each (logical) line.

E-mail: Easier to quote exactly the relevant lines.

Generally: Easier to edit the sentence.

Patches: Less unaffected text.

  The amount of space between sentences in the output can then be
controlled with the ".ss" request.

N.B

  The number of lines affected is too large to be in the patch.

65:hexadecimal dump. Each line is preceded by a line number in hexadecimal and
66:followed by an ascii (or ebcdic) representation. The command line switches
72:octets per line. Default 16 (\-i: 12, \-ps: 30, \-b: 6). Max 256.
73:No maxmimum for \-ps. With \-ps, 0 results in one long line of output.
80:This does not change the hexadecimal representation. The option is
108:Output in C include file style. A complete static array definition is 
written
117:Override the variable name output when \-i is used. The array is named
126:Output in postscript continuous hexdump style. Also known as plain hexdump
132:it. Use the combination
135:particular column layout. Additional Whitespace and line-breaks are allowed
148:bytes abs. (or rel.) infile offset.
156:Use upper case hex letters. Default is lower case.
165:hexdump line may be out of order, lines may be missing, or overlapping. In
166:these cases xxd will lseek(2) to the next position. If the output file is 
not
170:never generates parse errors. Garbage is silently skipped.
175:data (see option \-c). This also means, that changes to the printable

Bug#1040297: gnome-shell: fails to start on login: failed to allocate 51540049304 bytes

2023-07-08 Thread Simon McVittie 
Control: reassign -1 libc6 2.37-3
Control: fixed -1 2.37-5
Control: tags -1 - moreinfo

On Sat, 08 Jul 2023 at 16:08:14 +0200, Bastian Venthur wrote:
> I've just updated all packages from unstable, including glibc and the
> problem is solved.

Let's assume this was the glibc bug with corrupted locale archives unless
someone finds evidence to the contrary, then. I'll close the bug after the
reassign command is processed.

smcv

Bug#1040669: `sudo apt update && sudo apt upgrade` on amd64 calls z50-raspi-firmware for kernel upgrade

2023-07-08 Thread McKauley Kitterman 
Package: apt & linux-image-amd64 (w/associated 6.1.)
Version: 12

I was attempting to update and upgrade after a fresh install and noticed
that the kernel update called raspi-firmware updates on the amd64 arch.

Please refer to:
https://chat.openai.com/share/26a56028-ebb7-43db-867c-5b8fdacb8166
for more information. This also helped me to resolve this issue.

Thank you for your continued great work!

-Mick K

Bug#1040668: bullseye-pu: package tang/8-3+deb11u1

2023-07-08 Thread Christoph Biedl 
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: t...@packages.debian.org
Control: affects -1 + src:tang

This is the bullseye version of #1040646

[ Reason ]
Fix https://security-tracker.debian.org/tracker/CVE-2023-1672 for
Debian 11 ("bullseye"), tagged "no-dsa (minor)" by the security team.

The problem of creating key material without restrictive file
permissions probably existed upstream since always. Up to and including
Debian 10 ("buster") however, this situation was caught by enforcing
restrictive permissions on the key directory.

With Debian 11 ("bullseye") a change in the creation of that directory
caused it to be created with a too permissive mode.

[ Impact ]
Without the change being accepted, the directory that holds the private
key would stay world-readable. Also this would continue to put users at
risk who configured a different key directory but did not enforce
restrictive access permissions.

[ Tests ]
No automated tests I'm aware of. Of course I did a manual test, and the
outcome matched the expectations.

[ Risks ]
The changes are small and rather straight-forward. I'd be surprised if
they introduce problems.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in oldstable
  [x] the issue is verified as fixed in unstable (14.1)

[ Changes ]
* Assert restrictive permissions of the key directory in Debian's
  postinst.
  For regular users and new instaaltions.
* Upstream's change to create the key file with restrictive
  permissions.
  Mostly for users who configure a different key directory.
* Recommend a key rotation in setups where this seems wise, add
  some details in NEWS.Debian.
* Make the key rotation program executable as it should always
  have been.

Regards,

Christoph

diff -Nru tang-8/debian/changelog tang-8/debian/changelog
--- tang-8/debian/changelog 2021-12-16 20:47:10.0 +0100
+++ tang-8/debian/changelog 2023-07-08 12:41:29.0 +0200
@@ -1,3 +1,14 @@
+tang (8-3+deb11u2) bullseye; urgency=high
+
+  * Fix CVE-2023-1672:
+- Cherry-pick "Fix race condition when creating/rotating keys"
+- Assert restrictive permissions on tang's key directory
+In existing multi-user bullseye installations, rotating the keys
+is suggested.
+  * Make the tangd-rotate-keys program executable
+
+ -- Christoph Biedl   Sat, 08 Jul 2023 
12:41:29 +0200
+
 tang (8-3+deb11u1) bullseye-security; urgency=high
 
   * Fix data leak [CVE-2021-4076]
diff -Nru 
tang-8/debian/patches/bullseye/1686750800.v13-3-g8dbbed1.fix-race-condition-when-creating-rotating-keys-123.patch
 
tang-8/debian/patches/bullseye/1686750800.v13-3-g8dbbed1.fix-race-condition-when-creating-rotating-keys-123.patch
--- 
tang-8/debian/patches/bullseye/1686750800.v13-3-g8dbbed1.fix-race-condition-when-creating-rotating-keys-123.patch
   1970-01-01 01:00:00.0 +0100
+++ 
tang-8/debian/patches/bullseye/1686750800.v13-3-g8dbbed1.fix-race-condition-when-creating-rotating-keys-123.patch
   2023-07-08 12:41:29.0 +0200
@@ -0,0 +1,73 @@
+Subject: Fix race condition when creating/rotating keys (#123)
+Origin: v13-3-g8dbbed1 
+Upstream-Author: Sergio Correia 
+Date: Wed Jun 14 10:53:20 2023 -0300
+
+When we create/rotate keys using either the tangd-keygen and
+tangd-rotate-keys helpers, there is a small window between the
+keys being created and then the proper ownership permissions being
+set. This also happens when there are no keys and tang creates a
+pair of keys itself.
+
+In certain situations, such as the keys directory having wide open
+permissions, a user with local access could exploit this race
+condition and read the keys before they are set to more restrictive
+permissions.
+
+To prevent this issue, we now set the default umask to 0337 before
+creating the files, so that they are already created with restrictive
+permissions; afterwards, we set the proper ownership as usual.
+
+Issue reported by Brian McDermott of CENSUS labs.
+
+Fixes CVE-2023-1672
+
+
+Reviewed-by: Sergio Arroutbi 
+Signed-off-by: Sergio Correia 
+
+--- a/src/keys.c
 b/src/keys.c
+@@ -17,6 +17,7 @@
+  * along with this program.  If not, see .
+  */
+ 
++#include 
+ #include 
+ #include 
+ #include 
+@@ -304,6 +305,9 @@
+ const char** hashes = supported_hashes();
+ const char* alg[] = {"ES512", "ECMR", NULL};
+ char path[PATH_MAX];
++
++/* Set default umask for file creation. */
++umask(0337);
+ for (int i = 0; alg[i] != NULL; i++) {
+ json_auto_t* jwk = jwk_generate(alg[i]);
+ if (!jwk) {
+--- a/src/tangd-keygen
 b/src/tangd-keygen
+@@ -27,6 +27,9 @@
+ 
+ [ $# -eq 3 ] && sig=$2 && exc=$3
+ 
++# Set default umask for file creation.

Bug#1040001: To strict version restrictions injected by dh-r (Was: Bug#1040001: Seeking advise how to proceed with the transition / move R stack to testing)

2023-07-08 Thread Gordon Ball 

Hi Andreas

On 06/07/2023 22:09, Andreas Tille wrote:

It comes from this line:
https://salsa.debian.org/r-pkg-team/dh-r/-/blob/master/dh/R.pm#L272

More precisely the “r-base-core (>= $rbase_version)” part, which
imposes an unnecessarily tight restriction on the r-base-core version.

Got it, thanks for the explanation.  This restriction existed since the
early stage of dh-r development

https://salsa.debian.org/r-pkg-team/dh-r/-/commit/22fd80b9#L174

by Gordon Ball (in CC but not really active in R pkg team any more) at
2016-09-04 12:28:57 +0200 .  I'm guessing this restriction was obtained
from the cdbs helper that existed before the dh support was created by
Gordon and he simply took over what existed there.  The according line
in the initial commit of dh-r is


I'm pretty sure I cargo-culted it from the previous CDBS helper when 
writing dh-r. I assumed it was meant to allow for non-backwards 
compatible bytecode, but I'm not sure I investigated the exact semantics 
it was meant to be enforcing. I concur that it sounds like the 
`$rapiversion` dependency is probably sufficient.


(Yes, I'm afraid I don't really have an ongoing interest in R - I used 
it a lot in academia, but it hasn't really featured in professional life 
since then).


Gordon

Bug#1040440: groff: new upstream version 1.23.0 available

2023-07-08 Thread Colin Watson 
Thanks for this; I'll get working on integrating it.

On Wed, Jul 05, 2023 at 05:30:53PM -0500, G. Branden Robinson wrote:
> o The an (man) and doc (mdoc) macro packages no longer remap the -, ',
>   and ` input characters to Basic Latin code points on UTF-8 devices,
>   but treat them as groff normally does (and AT troff before it did)
>   for typesetting devices, where they become the hyphen, apostrophe or
>   right single quotation mark, and left single quotation mark,
>   respectively.  This change is expected to expose glyph usage errors in
>   man pages.  See the "PROBLEMS" file for a recipe that will conceal
>   these errors.  A better long-term approach is for man pages to adopt
>   correct input practices; the man pages groff_man_style(7),
>   groff_char(7), and man-pages(7) (subsection "Generating optimal
>   glyphs"; from the Linux man-pages project) contain such instructions.
>   Doing so also improves man page typography when formatting for PDF.
> 
>   If you maintain a generator of man(7) or mdoc(7) documents (such as a
>   tool that converts other formats to them), and need assistance, please
>   contact the gr...@gnu.org mailing list and describe your situation.

Do you have any opinions on what I should do with this, in
debian/mandoc.local?  In the past, this has been one of those lose-lose
situations where I agree with the typographical concerns but have ended
up yielding to the weight of practical considerations in the
distribution.

  .  \" Debian: Strictly, "-" is a hyphen while "\-" is a minus sign, and the
  .  \" former may not always be rendered in the form expected for things like
  .  \" command-line options.  Uncomment this if you want to make sure that
  .  \" manual pages you're writing are clear of this problem.
  .  \" if '\*[.T]'utf8' \
  .  \"   char - \[hy]
  .
  .  \" Debian: "\-" is more commonly used for option dashes than for minus
  .  \" signs in manual pages, so map it to plain "-" for HTML/XHTML output
  .  \" rather than letting it be rendered as "".
  .  ie '\*[.T]'html' \
  .char \- \N'45'
  .  el \{\
  .if '\*[.T]'xhtml' \
  .  char \- \N'45'
  .  \}

(It has of course been a while.  Maybe we should try again at Debian's
scale.)

> o The "utf8" output device now maps the input characters '^' (caret,
>   circumflex accent, or "hat") and '~' (tilde) to U+02C6 (modifier
>   letter circumflex accent) and U+02DC (small tilde), respectively, for
>   consistency with groff's other output devices.  This change is
>   expected to expose glyph usage errors in man pages.  See the
>   "PROBLEMS" file for a recipe that will conceal these errors.  A better
>   long-term approach is for man pages to adopt correct input practices;
>   the man pages groff_man_style(7), groff_char(7), and man-pages(7)
>   (subsection "Generating optimal glyphs"; from the Linux man-pages
>   project) contain such instructions.  Doing so also improves man page
>   typography when formatting for PDF.

I'm surprised by the tilde change, and I suspect many other people will
be too.  You're quite right that it was already that way for PDF, but I
expect there'll be a lot of references to configuration files in
people's home directories that will be tripped up by this.  Perhaps we
should conceal these new errors in Debian for now?

> o The "sgr" device control command, which dynamically configured support
>   for ISO 6429/ECMA-48 SGR escape sequences (and restored traditional
>   overstriking behavior if disabled), has been removed.  It took effect
>   only at page boundaries.  grotty's "-c" command-line option and the
>   GROFF_NO_SGR environment variable remain supported.

As you're aware:

  .  \" Debian: Disable the use of SGR (ANSI colour) escape sequences by
  .  \" grotty.
  .  if '\V[GROFF_SGR]'' \
  .output x X tty: sgr 0

I added this with the note "because most pagers either fail to cope with
it or need special options to do so".  However, that was in 2002 ... so
I think it's about time to retire this Debian-specific customization.

(I expect some greybeard complaints along the lines of
https://bugs.debian.org/312935, but at least the environment variable
exists.)

> o The semantics of the environment variable SOURCE_DATE_EPOCH to groff,
>   support for which was added in 1.22.4, were not established at that
>   time with respect to time zone selection, prompting divergent
>   interpretations; Debian and distributions derived from it have for
>   several years patched groff to implicitly use UTC as the time zone
>   when interpreting the current time (or SOURCE_DATE_EPOCH) as a local
>   time.  While a convenient and defensible choice for reproducible build
>   efforts, it runs against the grain of user expectations.  Systems
>   programmers like time zone-invariant, monotonically increasing clocks;
>   the broader user base usually prefers a clock that follows an
>   applicable civil calendar.  groff programs now reckon
>   SOURCE_DATE_EPOCH with respect to the local time

Bug#1040666: gccmakedep.1: some remarks and editorial fixes to the manual

2023-07-08 Thread Bjarni Ingi Gislason 
Package: xutils-dev
Version: 1:7.7+6
Severity: minor
Tags: patch

Dear Maintainer,

here are some notes and a patch in the attachment.

-.-.

The difference between the formatted outputs can be seen with:

  nroff -man  > 
  nroff -man  > 
  diff -u  

and for groff, using

"groff -man -Z" instead of "nroff -man"

-.-.

Remove space characters at the end of lines.

Use "git apply ... --whitespace=fix" to fix extra space issues, or use
global configuration "core.whitespace".

119:The version of the 
121:included in this X.Org Foundation release was originally 

-.-.

Use the correct macro for the font change of a single argument or
split the argument into two.

11:.BI \-a

-.-.

Change a HYPHEN-MINUS (code 0x55, 2D) to a minus (\-), if in front of a
name for an option.

3:gccmakedep \- create dependencies in makefiles using 'gcc -M'
22:program calls 'gcc -M' to output

-.-.

Protect a period (.) or a apostrophe (') with '\&' from becoming a
control character, if it could end up at the start of a line (by
splitting the line into more lines).

22:program calls 'gcc -M' to output
53:will be used in a makefile target so that typing 'make depend' will bring

-.-.

Output from "test-nroff -man -b -ww -z -rCHECKSTYLE=3":


[ "test-groff" is a developmental version of "groff" ]

Input file is ./gccmakedep.1

Output from "test-groff -b -mandoc -dAD=l -rF0 -rHY=0 -t -w w -z 
-rSTYLECHECK=3":
an.tmac::11: style: .BI expects at least 2 arguments, got 1
troff: backtrace: file '':119
troff::119: warning: trailing space in the line
troff: backtrace: file '':121
troff::121: warning: trailing space in the line

-- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 6.3.7-1 (SMP w/2 CPU threads; PREEMPT)
Locale: LANG=is_IS.iso88591, LC_CTYPE=is_IS.iso88591 (charmap=ISO-8859-1), 
LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages xutils-dev depends on:
ii  cpp4:12.3.0-1
ii  libc6  2.37-3

xutils-dev recommends no packages.

xutils-dev suggests no packages.

-- no debconf information
--- gccmakedep.12023-07-08 20:16:22.0 +
+++ gccmakedep.1.new2023-07-08 20:27:28.0 +
@@ -1,6 +1,6 @@
 .TH gccmakedep 1 "gccmakedep 1.0.3" "X Version 11"
 .SH NAME
-gccmakedep \- create dependencies in makefiles using 'gcc -M'
+gccmakedep \- create dependencies in makefiles using \&'gcc \-M'
 .SH SYNOPSIS
 .B gccmakedep
 [
@@ -8,7 +8,7 @@ gccmakedep \- create dependencies in mak
 ] [
 .BI \-f makefile
 ] [
-.BI \-a
+.B \-a
 ] [
 \-\^\-
 .I options
@@ -19,7 +19,7 @@ gccmakedep \- create dependencies in mak
 .SH DESCRIPTION
 The
 .B gccmakedep
-program calls 'gcc -M' to output
+program calls \&'gcc \-M' to output
 .I makefile
 rules describing the dependencies of each
 .IR sourcefile ,
@@ -50,7 +50,7 @@ and place the output after that.
 .SH EXAMPLE
 Normally,
 .B gccmakedep
-will be used in a makefile target so that typing 'make depend' will bring
+will be used in a makefile target so that typing \&'make depend' will bring
 the dependencies up to date for the makefile.
 For example,
 .nf
@@ -116,9 +116,9 @@ normally.
 .BR make (1),
 .BR makedepend (1).
 .SH AUTHOR
-The version of the 
+The version of the
 .B gccmakedep
-included in this X.Org Foundation release was originally 
+included in this X.Org Foundation release was originally
 written by the XFree86 Project based on code supplied by Hongjiu Lu.
 .PP
 Colin Watson wrote this manual page, originally for the Debian Project,

Bug#1040477: [Pkg-rust-maintainers] Bug#1040477: Bug#1040477: librust-syn-1-dev fails to coinstall

2023-07-08 Thread Fabian Grünbichler 
On Thu, Jul 06, 2023 at 04:39:08PM +0100, Peter Green wrote:
> > I'd be very interested in knowing what this self-conflict is supposed to
> > achieve.
> 
> It is common upstream for there to be multiple semver-incompatible versions
> of each rust crate in use at a given time. Incompatibilities can range from
> minor corner cases that are easily patched away to complete redesigns
> 
> We try to only package one version of each crate at a time, but sometimes
> that isn't practical. When it becomes impractical we crate semver-suffix
> packages. The convention in the rust team is that the un-suffixed packages
> are used for the latest version and suffixed versions are used for any
> older versions.
> 
> When packaged crates are installed on a Debian system. They are installed
> in a path that depends on the upstream version of a crate.
> 
> This creates a problem though, if the same version is packaged as both
> a non-suffixed and suffixed version. Something that happens fairly
> frequently when a new version is introduced e.g.
> 
> Before:
> 
> librust-foo-dev version 1.23-1
> 
> After:
> 
> librust-foo-1-dev version 1.23-2
> librust-foo-dev version 2.34-1
> 
> This doesn't always happen, indeed it didn't happen in the case of syn,
> because a new upstream release of syn 1.x at the same time at the same
> time the semver suffix was introduced. However debcargo works on one
> crate at a time. so it doesn't know if this has happened or not.
> 
> When this happens, it leads to a file conflict. In an attempt to fix
> this breaks+replaces were added. Unfortunately these proved to be
> insufficient because while breaks against virtual packages work,
> replaces apparently don't. We are in the process of considering
> several options to fix this, but overall switching to conflicts+replaces
> seems the least likely to be problematic.
> 
> Do you encounter the same problem if you replace the breaks with
> conflicts? if so we would need to do something about it. I think
> the easiest would probablly be to put a version constraint on the
> conflicts/replaces. It would mean we would have to take care that
> semver-suffixed packages had a higher Debian revision than their
> un-suffixed counterparts, but I think that is managable.

and, with a bit of unexpected delay (sorry), the result of a discussion
Helmut and me had in parallel on IRC:

the issue with Conflicts arises in combination with M-A:same, since dpkg
and apt don't agree on which one of those two "angles" has higher
priority. to sort that out would require a release cycle or two.

it seems like this leaves the other alternative from #1034939 [0,
CC-ed], namely, switching the breaks and replaces to point at the real
package (version guarded), so that upgrading from "old" non suffixed
package (for which a newer version should exist by definition if a
suffixed package of the same version exists) while installing the
suffixed package of the same "old" version at the same time works. the
main downside (and reason why we preferred the Conflicts-based variant)
is that this means that two suffixed packages with different versions
are no longer co-installable (since the one with the higher version
would break the older one). thankfully, such issues should seldomly
matter in practice. or we could investigate just switching the replaces,
and keeping the breaks as is.

0: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034939

Bug#907495: please ship the x11idle binary

2023-07-08 Thread Nicholas D Steeves 
Max Nikulin  writes:

> Next Org mode release will discover xprintidle out of the box:
>
> https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=1810c625d

That's great news :)

Bug#907495: please ship the x11idle binary

2023-07-08 Thread Nicholas D Steeves 
Michal Politowski  writes:

> Dnia Sat,  3 Jun 2023 23:06:00 -0400, Nicholas D Steeves napisał(a):
>> 
>> Pending upload to experimental:
>> 
>> https://salsa.debian.org/emacsen-team/org-mode/-/commit/67d33aa4f2a26b8449f0f2ecb4404cdb2ad969a1
>
> Nice. The relevant commit is actually
> https://salsa.debian.org/emacsen-team/org-mode/-/commit/f484de742a55280a2e92e17f93fd21057e6b0705

Thank you for pointing this out, yes, that's what I meant!  Primary X11
clipboard behaviour seems to have recently changed under KDE Plasma, and
I haven't figured out how to make it behave in classic mode...or else
it's no longer reliable.  Either way, it makes me grumpy that highlight
-> middle click to paste doesn't work 100% reliably the way it always
has.

Regards,
Nicholas

Bug#1040001: Role of tibble? (Was: Bug#1040001: Seeking advise how to proceed with the transition / move R stack to testing)

2023-07-08 Thread Paul Gevers 

Hi,

On 06-07-2023 21:18, Andreas Tille wrote:

Am Thu, Jul 06, 2023 at 08:28:45PM +0200 schrieb Paul Gevers:

On 06-07-2023 19:08, Paul Gevers wrote:
I'm seeing in several tests where things seem to work when r-cran-tibble



from unstable is involved and fail if the version from unstable is used;

  

Are you sure there is no typo in your sentence?  At least I fail to
understand.  I assume the latter "unstable" should be "testing", right?


Indeed, I think the pattern is that if we test in testing, with r-cran 
from unstable and r-cran-tibble from testing it fails, but with r-cran 
from unstable and r-cran-tibble from unstable, it works.


I'm working my through the list and the ppc64el ci workers have a bit 
of backlog; we're getting somewhere, but I'm think I'm still also seeing 
different failure modes than the graphics engine, tibble and dplyr.


Paul


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1040623: bookworm-pu: package bup/0.33.2-1+deb12u1

2023-07-08 Thread Robert Edmonds 
Adam D. Barratt wrote:
> On Sat, 2023-07-08 at 02:24 -0400, Robert Edmonds wrote:
> > I'd like to update the version of bup in bookworm from 0.33-2 to
> > 0.33.2-1+deb12u1, which incorporates two upstream bugfix releases for
> > a bug deemed important enough by upstream to issue point releases.
> > 
> 
> The version number for p-u needs to be lower than unstable. This looks
> like a backport of 0.33.2-1 from unstable, so the convention would be
> 0.33.2-1~deb12u1.
> 
> Feel free to re-upload with the corrected version number; there's no
> need to wait for the original upload to be rejected.

Uploaded with the corrected version number. Interdebdiff from the
rejected version below.

Thanks!

diff -u bup-0.33.2/debian/changelog bup-0.33.2/debian/changelog
--- bup-0.33.2/debian/changelog 2023-07-08 01:17:38.0 -0400
+++ bup-0.33.2/debian/changelog 2023-07-08 16:11:59.0 -0400
@@ -1,9 +1,9 @@
-bup (0.33.2-1+deb12u1) bookworm; urgency=medium
+bup (0.33.2-1~deb12u1) bookworm; urgency=medium
 
   * Upstream version 0.33.2, with a fix for a problem that can cause POSIX.1e
 ACLs to be restored incorrectly.
 
- -- Robert Edmonds   Sat, 08 Jul 2023 01:17:38 -0400
+ -- Robert Edmonds   Sat, 08 Jul 2023 16:11:59 -0400
 
 bup (0.33.2-1) unstable; urgency=medium
 
diff -u bup-0.33.2/debian/patches/debian-changes 
bup-0.33.2/debian/patches/debian-changes
--- bup-0.33.2/debian/patches/debian-changes2023-07-08 01:17:38.0 
-0400
+++ bup-0.33.2/debian/patches/debian-changes2023-07-08 16:11:59.0 
-0400
@@ -30,4 +30,4 @@
 -date='2023-07-01 15:08:43 -0500'
-+commit='61307904e4133b55acf7c2794da47fafecedf5af'
-+date='2023-07-08 01:27:47 -0400'
++commit='db4734ba24249fee8060a186e03e6173ce2e5d55'
++date='2023-07-08 16:12:37 -0400'
  modified=False

-- 
Robert Edmonds
edmo...@debian.org

Bug#1039991: libxml2: diff for NMU version 2.9.14+dfsg-1.3

2023-07-08 Thread Salvatore Bonaccorso 
Control: tags 1039991 + patch
Control: tags 1039991 + pending


Dear maintainer,

I've prepared an NMU for libxml2 (versioned as 2.9.14+dfsg-1.3) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.

Note, I'm aware DELAYED/2 might here be unappropriate, bug given the
last uploads were NMus I hope you are fine with it; main goal is that
I can use the same basis for a bookworm-pu update which needs to be
done before the upcoming weekend.

Let me know if you allow me to reschedule it to upload earlier.

Regards,
Salvatore
diff -Nru libxml2-2.9.14+dfsg/debian/changelog libxml2-2.9.14+dfsg/debian/changelog
--- libxml2-2.9.14+dfsg/debian/changelog	2023-04-15 16:25:06.0 +0200
+++ libxml2-2.9.14+dfsg/debian/changelog	2023-07-08 21:18:29.0 +0200
@@ -1,3 +1,11 @@
+libxml2 (2.9.14+dfsg-1.3) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Reset nsNr in xmlCtxtReset (CVE-2022-2309) (Closes: #1039991)
+  * Also reset nsNr in htmlCtxtReset (CVE-2022-2309) (Closes: #1039991)
+
+ -- Salvatore Bonaccorso   Sat, 08 Jul 2023 21:18:29 +0200
+
 libxml2 (2.9.14+dfsg-1.2) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru libxml2-2.9.14+dfsg/debian/patches/Also-reset-nsNr-in-htmlCtxtReset.patch libxml2-2.9.14+dfsg/debian/patches/Also-reset-nsNr-in-htmlCtxtReset.patch
--- libxml2-2.9.14+dfsg/debian/patches/Also-reset-nsNr-in-htmlCtxtReset.patch	1970-01-01 01:00:00.0 +0100
+++ libxml2-2.9.14+dfsg/debian/patches/Also-reset-nsNr-in-htmlCtxtReset.patch	2023-07-08 21:18:29.0 +0200
@@ -0,0 +1,27 @@
+From: Nick Wellnhofer 
+Date: Thu, 28 Jul 2022 21:35:17 +0200
+Subject: Also reset nsNr in htmlCtxtReset
+origin: https://gitlab.gnome.org/GNOME/libxml2/-/commit/a82ea25fc83f563c574ddb863d6c17d9c5abdbd2
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2022-2309
+Bug-Debian: https://bugs.debian.org/1039991
+
+---
+ HTMLparser.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/HTMLparser.c b/HTMLparser.c
+index 9079fa8aa52d..1520663ba2af 100644
+--- a/HTMLparser.c
 b/HTMLparser.c
+@@ -6743,6 +6743,8 @@ htmlCtxtReset(htmlParserCtxtPtr ctxt)
+ ctxt->nameNr = 0;
+ ctxt->name = NULL;
+ 
++ctxt->nsNr = 0;
++
+ DICT_FREE(ctxt->version);
+ ctxt->version = NULL;
+ DICT_FREE(ctxt->encoding);
+-- 
+2.40.1
+
diff -Nru libxml2-2.9.14+dfsg/debian/patches/Reset-nsNr-in-xmlCtxtReset.patch libxml2-2.9.14+dfsg/debian/patches/Reset-nsNr-in-xmlCtxtReset.patch
--- libxml2-2.9.14+dfsg/debian/patches/Reset-nsNr-in-xmlCtxtReset.patch	1970-01-01 01:00:00.0 +0100
+++ libxml2-2.9.14+dfsg/debian/patches/Reset-nsNr-in-xmlCtxtReset.patch	2023-07-08 21:18:29.0 +0200
@@ -0,0 +1,27 @@
+From: Nick Wellnhofer 
+Date: Mon, 18 Jul 2022 20:59:45 +0200
+Subject: Reset nsNr in xmlCtxtReset
+origin: https://gitlab.gnome.org/GNOME/libxml2/-/commit/5930fe01963136ab92125feec0c6204d9c9225dc
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2022-2309
+Bug-Debian: https://bugs.debian.org/1039991
+
+---
+ parser.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/parser.c b/parser.c
+index d278638dd6d4..e660b0a7d499 100644
+--- a/parser.c
 b/parser.c
+@@ -14820,6 +14820,8 @@ xmlCtxtReset(xmlParserCtxtPtr ctxt)
+ ctxt->nameNr = 0;
+ ctxt->name = NULL;
+ 
++ctxt->nsNr = 0;
++
+ DICT_FREE(ctxt->version);
+ ctxt->version = NULL;
+ DICT_FREE(ctxt->encoding);
+-- 
+2.40.1
+
diff -Nru libxml2-2.9.14+dfsg/debian/patches/series libxml2-2.9.14+dfsg/debian/patches/series
--- libxml2-2.9.14+dfsg/debian/patches/series	2023-04-15 16:25:06.0 +0200
+++ libxml2-2.9.14+dfsg/debian/patches/series	2023-07-08 21:18:29.0 +0200
@@ -6,3 +6,5 @@
 schemas-Fix-null-pointer-deref-in-xmlSchemaCheckCOSS.patch
 CVE-2023-28484-Fix-null-deref-in-xmlSchemaFixupCompl.patch
 CVE-2023-29469-Hashing-of-empty-dict-strings-isn-t-d.patch
+Reset-nsNr-in-xmlCtxtReset.patch
+Also-reset-nsNr-in-htmlCtxtReset.patch

Bug#1037251: new version

2023-07-08 Thread Bill Blough 
Hi,

Version 1.17.0 is now available in unstable and testing.  Can you
confirm whether or not this issue still happens with the new version?

Regards,
Bill


--

Bug#1040665: nmu: dovecot-antispam_2.0+20171229-1+b11

2023-07-08 Thread Noah Meyerhans 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
X-Debbugs-Cc: dovecot-antis...@packages.debian.org
Control: affects -1 + src:dovecot-antispam

nmu dovecot-antispam_2.0+20171229-1+b11 . ANY . unstable . -m "Rebuild for 
dovecot 1:2.3.20+dfsg1-1 ABI"

dovecot-antispam needs to be rebuilt against the dovecot 1.3.20 internal ABI in
order to allow the transition to testing.

Bug#1040664: ITP: warp -- securely send files between machines

2023-07-08 Thread Matthias Geiger 
Package: wnpp
Severity: wishlist
Owner: Matthias Geiger 
X-Debbugs-Cc: debian-de...@lists.debian.org, jbi...@debian.org, 
matthias.geiger1...@tutanota.de, Debian GNOME Maintainers 


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

* Package name: warp
  Version : 0.5.4
  Upstream Contact: Fina Wilke 
* URL : https://gitlab.gnome.org/World/warp
* License : GPL-3+
  Programming Lang: Rust
  Description : securely send files between machines

Warp a GUI cient for magic-wormhole. It allows to securely send files 
between machines. It's fully compatible with the CLI client and supports 
android 
apps on top.
As of today it's still missing a few dependencies; I will continue to work on 
those. 
warp will be maintained within the Debian GNOME team.

regards,

werdahias

-BEGIN PGP SIGNATURE-

iQJUBAEBCgA+FiEEwuGmy/3s5RGopBdtGL0QaztsVHUFAmSptTcgHG1hdHRoaWFz
LmdlaWdlcjEwMjRAdHV0YW5vdGEuZGUACgkQGL0QaztsVHU1uA//We94Oqxmib0W
eo4Jo7aSMPnhcZdhBd3t4rKbK1VTAaUM59fTD3qqwAnSLuUfHWOjGsT+ZkjDI8Tl
3xCOGf5L84jeyHNsif1E88V8yhsu+UVjqtjtYWZsiz58TqLV7TZNwn3HHcqU/vG0
B/nB+3uHviHtF97Ijnm1a51DANRIbF6pHnXAhueDSvMnjLXpYS6NFLcFe6LsocSu
CqjUFqZlk8dRvoNxV+1wOaWmobMPLqAo4F2DWmx68pwlyoAn/MkcRQ+1V7vMX/RV
Bi4MI5dKdNEFszHPoC0Nx/Wuf9RCFI9eJvggEfRXs7C/bqrAB5EBRLx0JiXwgJi+
cEJPbnFrXX9j6obqrCKr7DrIRe2Fa8JptGvTTs8mgimFMzqxAbuHFPfQR5Xu4pIT
H7JTbtDGpTbfG1q4cXaEWozTD+Gkg1l/S0g7dCz1ITDvv4UYLFMKCvR8Bt08UX9R
GbTS0jCDp968tFHjzUVX3vxK1JHtUGcxfgshMbOkji2MQbgxN+rK9//W44DeyRFc
/v2sqbhdLB0PcBysXfI42mjsZZzm4NZx4zJ0PXl/sbYh7Zau93H/t7UyoW5lIyzO
kBqavh+8mCxTv3EPP1p38COOo8XObv/c8qp9hP93mwZurFPR1kBp32PnlzIuxWiC
mWB3leIhH3P+BMit2x+NCAI3RUWw1mw=
=BCZX
-END PGP SIGNATURE-

Bug#1009964: php-fpm.service should be hardened

2023-07-08 Thread Jérôme Charaoui 
On Mon, 3 Jul 2023 10:17:06 -0400 =?UTF-8?B?SsOpcsO0bWUgQ2hhcmFvdWk=?= 
 wrote:

Hello,

I'm using this patch on two different servers, and have not encountered 
any issues.


I'm running with chroot'ed pools, and relatively complex/common 
applications like Drupal, Wordpress and Nextcloud.


So it seems I wasn't doing my tests correctly and the patch does indeed 
need adjustment to work with chroot'ed pools:


Add the CAP_SYS_CHROOT capability and "chroot" to the system call filter.

-- Jérôme

Bug#1038856: libx11-xcb1: The package update modified some settings in gnome control center

2023-07-08 Thread Salvatore Bonaccorso 
Control: tags -1 + moreinfo

On Wed, Jun 21, 2023 at 08:18:59PM -0400, zezamoral wrote:
> Package: libx11-xcb1
> Version: 2:1.8.4-2+deb12u1
> Severity: normal
> X-Debbugs-Cc: sazamor...@gmail.com, t...@security.debian.org
> 
> Dear Maintainer,
> 
>* What led up to the situation?
> security update
>* What exactly did you do (or not do) that was effective (or
>  ineffective)?
> today apt update or upgrade the system for: libx11-xcb1/data/dev and
> 6:amd64
>* What was the outcome of this action?
> two settings ( muted mic and the screen color profile ) in gnome
> control center were resets due this update.
>* What outcome did you expect instead?
> not to touch user custom settings on gnome desktop

This doesn't really make sense as per no intaction of src:libx11 with
gnome-settings.

Regards,
Salvatore

Bug#1040663: linux: Please build linux-libc-dev package for loong64

2023-07-08 Thread John Paul Adrian Glaubitz 
Source: linux
Version: 6.3.11-1
Severity: normal
User: debian-m...@lists.debian.org
Usertags: loong64
X-Debbugs-Cc: debian-m...@lists.debian.org

Hello!

Please enable building the linux-libc-dev package for the new Debian 
architecture loong64.

The corresponding kernel architecture is called "loongarch".

Thanks,
Adrian

--
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer
`. `'   Physicist
  `-GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913

Bug#1040646: tang 11-2+deb12u1 flagged for acceptance

2023-07-08 Thread Adam D Barratt 
package release.debian.org
tags 1040646 = bookworm pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bookworm.

Thanks for your contribution!

Upload details
==

Package: tang
Version: 11-2+deb12u1

Explanation: fix race condition when creating/rotating keys [CVE-2023-1672]

Bug#1040519: samba 4.17.9+dfsg-0+deb12u1 flagged for acceptance

2023-07-08 Thread Adam D Barratt 
package release.debian.org
tags 1040519 = bookworm pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bookworm.

Thanks for your contribution!

Upload details
==

Package: samba
Version: 4.17.9+dfsg-0+deb12u1

Explanation: new upstream stable release; ensure manpages are generated during 
build; enable ability to store kerberos tickets in kernel keyring

Bug#1040139: exim4 4.96-15+deb12u1 flagged for acceptance

2023-07-08 Thread Adam D Barratt 
package release.debian.org
tags 1040139 = bookworm pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bookworm.

Thanks for your contribution!

Upload details
==

Package: exim4
Version: 4.96-15+deb12u1

Explanation: fix argument parsing for ${run } expansion; fix ${srs_encode ..} 
returning incorrect result every 1024 days

Bug#1039607: libjansi-java: causes maven to always output escape character

2023-07-08 Thread tony mancill 
On Tue, Jun 27, 2023 at 07:49:19PM +0100, Luís Picciochi Oliveira wrote:

>   mvn --batch-mode --quiet | less
> 
> 
> * With libjansi-java 2.4.0-2, escape characters are seen in the output, like
> so:
> 
> ESC[0m[INFO] Scanning for projects...

Hi Luís,

Thank you for the bug report.  I don't know the full story of why the
change in behavior between 2.4.0-1 and 2.4.0-2, but I 
agree that escape sequences shouldn't be sent when maven is running
in batch mode and that we should address the question of colorized
output referenced in that commit [1] another way.

Emmanuel, do you recall what prompted the change?  I didn't see a bug,
but can propose adding a new switch to generate colorized output even
when a TTY isn't detected.  That will maintain the expected behavior
with --batch-mode, and we can adjust our build tooling to pass the new
switch if we really think we need it.

Thank you,
tony

[1] 
https://salsa.debian.org/java-team/jansi/-/commit/7f186cd4fc22308d7769db8eeeca26b560b81b1a


signature.asc
Description: PGP signature

Bug#1040662: RFP: rust-smol-str -- small-string optimized string type with O(1) clone

2023-07-08 Thread Philippe Cerfon 
Package: wnpp
X-Debbugs-Cc: pkg-rust-maintain...@alioth-lists.debian.net
Severity: wishlist

* Package name: rust-smol-str
  Version : 0.2.0
  Upstream Contact: Aleksey Kladov 
* URL : https://github.com/rust-analyzer/smol_str
* License : APACHE, MIT
  Programming Lang: Rust
  Description : small-string optimized string type with O(1) clone

Bug#1040661: RFP: rust-palette -- Convert and manage colors with a focus on correctness, flexibility and ease of use.

2023-07-08 Thread Philippe Cerfon 
Package: wnpp
X-Debbugs-Cc: pkg-rust-maintain...@alioth-lists.debian.net
Severity: wishlist

* Package name: rust-palette
  Version : 0.7.2
  Upstream Contact: https://crates.io/users/Ogeon
* URL : https://github.com/Ogeon/palette
* License : APACHE, MIT
  Programming Lang: Rust
  Description : Convert and manage colors with a focus on
correctness, flexibility and ease of use.


A color management and conversion library that focuses on
maintaining correctness, flexibility and ease of use. It makes
use of the type system to prevent mistakes, support a wide
range of color spaces (including user defined variants) and offer
different ways of integrating with other libraries.

Bug#1040660: libmoosex-app-perl: FTBFS with Perl 5.38: given is deprecated

2023-07-08 Thread Niko Tyni 
Source: libmoosex-app-perl
Version: 1.42-2
Severity: important
Tags: ftbfs trixie sid
Forwarded: https://github.com/maros/MooseX-App/issues/69
User: debian-p...@lists.debian.org
Usertags: perl-5.38-transition

This package fails to build with Perl 5.38 (currently in experimental).

   #   Failed test 'no warnings'
   #   at /usr/share/perl/5.38/Test/Builder.pm line 193.
   # There were 24 warning(s)
   # Previous test 0 ''
   # given is deprecated at /<>/blib/lib/MooseX/App/Utils.pm 
line 237.
   #  at /<>/blib/lib/MooseX/App/Utils.pm line 237.
   #require MooseX/App/Utils.pm called at 
/<>/blib/lib/MooseX/App/Exporter.pm line 11
   #MooseX::App::Exporter::BEGIN() called at 
/<>/blib/lib/MooseX/App/Exporter.pm line 11
   #eval {...} called at /<>/blib/lib/MooseX/App/Exporter.pm 
line 11
   #require MooseX/App/Exporter.pm called at 
/<>/blib/lib/MooseX/App.pm line 14
   #MooseX::App::BEGIN() called at /<>/blib/lib/MooseX/App.pm 
line 14
   #eval {...} called at /<>/blib/lib/MooseX/App.pm line 14
   #require MooseX/App.pm called at t/testlib/Test01.pm line 4
   #Test01::BEGIN() called at t/testlib/Test01.pm line 4
   #eval {...} called at t/testlib/Test01.pm line 4
   #require Test01.pm called at t/01_basic.t line 11
   #main::BEGIN() called at t/01_basic.t line 11
   #eval {...} called at t/01_basic.t line 11
 
[...]

   Files=17, Tests=164, 13 wallclock secs ( 0.09 usr  0.03 sys + 12.29 cusr  
1.13 csys = 13.54 CPU)
   Result: FAIL
   Failed 16/17 test programs. 16/164 subtests failed.
   make[1]: *** [Makefile:968: test_dynamic] Error 1

Full build log at

  
http://perl.debian.net/rebuild-logs/perl-5.38-throwaway/libmoosex-app-perl_1.42-2/libmoosex-app-perl_1.42-2_amd64-2023-07-06T13:49:12Z.build

-- 
Niko Tyni   nt...@debian.org

Bug#1040659: libtest-strict-perl: FTBFS with Perl 5.38: test failures

2023-07-08 Thread Niko Tyni 
Source: libtest-strict-perl
Version: 0.52-2
Severity: important
Tags: ftbfs trixie sid
Forwarded: https://github.com/manwar/Test-Strict/issues/32
User: debian-p...@lists.debian.org
Usertags: perl-5.38-transition

This package fails to build with Perl 5.38 (currently in experimental).

   #   Failed test 'Syntax check /tmp/RsMORA8Sdy/G9eCGgt__c.pl'
   #   at /<>/blib/lib/Test/Strict.pm line 435.
   # 
   # This is perl 5, version 38, subversion 0 (v5.38.0) built for 
x86_64-linux-gnu-thread-multi
   # (with 45 registered patches, see perl -V for more detail)
   # 
   # Copyright 1987-2023, Larry Wall
   # 
   # Perl may be copied only under the terms of either the Artistic License or 
the
   # GNU General Public License, which may be found in the Perl 5 source kit.
   # 
   # Complete documentation for Perl, including FAQ lists, should be found on
   # this system using "man perl" or "perldoc perl".  If you have access to the
   # Internet, point your browser at https://www.perl.org/, the Perl Home Page.
   # 
   # Looks like you failed 1 test of 59.
   
[...]
   
   Test Summary Report
   ---
   t/01all.t(Wstat: 256 (exited 1) Tests: 59 Failed: 1)
 Failed test:  48
 Non-zero exit status: 1
   t/04cover.t  (Wstat: 256 (exited 1) Tests: 14 Failed: 1)
 Failed test:  8
 Non-zero exit status: 1
   Files=11, Tests=93,  8 wallclock secs ( 0.04 usr  0.02 sys +  7.41 cusr  
1.08 csys =  8.55 CPU)
   Result: FAIL

The upstream ticket suggests a fix of separating runs with the -v and
-c switches.

-- 
Niko Tyni   nt...@debian.org

Bug#1040658: libsendmail-milter-perl: FTBFS with Perl 5.38: stack smashing detected

2023-07-08 Thread Niko Tyni 
Source: libsendmail-milter-perl
Version: 0.18-9
Severity: important
Tags: ftbfs trixie sid
User: debian-p...@lists.debian.org
Usertags: perl-5.38-transition

This package fails to build with Perl 5.38 (currently in experimental).

   PERL_DL_NONLAZY=1 "/usr/bin/perl" "-Iblib/lib" "-Iblib/arch" test.pl
   ---> Starting callback from interpreter: [0x7fb7b8000b90].
   ---> Finished callback from interpreter: [0x7fb7b8000b90].
   ---> Starting callback from interpreter: [0x7fb7b8000b90].
   ---> Finished callback from interpreter: [0x7fb7b8000b90].
   ---> Starting callback from interpreter: [0x7fb7b8000b90].
   ---> Finished callback from interpreter: [0x7fb7b8000b90].
   ---> Starting callback from interpreter: [0x7fb7b8000b90].
   ---> Finished callback from interpreter: [0x7fb7b8000b90].
   ---> Starting callback from interpreter: [0x7fb7ac000b90].
   ---> Finished callback from interpreter: [0x7fb7ac000b90].
   ---> Starting callback from interpreter: [0x7fb7b8000b90].
   ---> Finished callback from interpreter: [0x7fb7b8000b90].
   ---> Starting callback from interpreter: [0x7fb7b8000b90].
   ---> Finished callback from interpreter: [0x7fb7b8000b90].
   ---> Starting callback from interpreter: [0x7fb7bb90].
   ---> Finished callback from interpreter: [0x7fb7bb90].
   ---> Starting callback from interpreter: [0x7fb7bb90].
   ---> Finished callback from interpreter: [0x7fb7bb90].
   ---> Starting callback from interpreter: [0x7fb7a8000b90].
   ---> Finished callback from interpreter: [0x7fb7a8000b90].
   ---> Starting callback from interpreter: [0x7fb7a8000b90].
   ---> Finished callback from interpreter: [0x7fb7a8000b90].
   *** stack smashing detected ***: terminated
   Aborted
   make[1]: *** [Makefile:1015: test_dynamic] Error 134
   make[1]: Leaving directory '/<>'
   dh_auto_test: error: make -j4 test TEST_VERBOSE=1 returned exit code 2
   make: *** [debian/rules:6: binary-arch] Error 25
 
While this might be the same issue as #807392 it seems deterministic
enough that I haven't got it to succeed even once with Perl 5.38.
Also, these build warnings:

   /usr/lib/x86_64-linux-gnu/perl/5.38/CORE/sv.h:1972:37: note: in expansion of 
macro ‘SvPV_flags’
1972 | #define SvPV(sv, len)   SvPV_flags(sv, len, SV_GMAGIC)
 | ^~
   Milter.xs:445:17: note: in expansion of macro ‘SvPV’
 445 | bodyp = SvPV(body_data, len);
 | ^~~~
   In file included from /usr/lib/x86_64-linux-gnu/perl/5.38/CORE/perl.h:7812:
   /usr/lib/x86_64-linux-gnu/perl/5.38/CORE/sv_inline.h:908:33: note: expected 
‘STRLEN * const’ {aka ‘long unsigned int * const’} but argument is of type ‘int 
*’
 908 |  STRLEN * const lp,
 |  ~~~^~
 
hint to a similar problem as 
https://rt.cpan.org/Public/Bug/Display.html?id=143880
and https://github.com/Perl/perl5/issues/19983 . Quoting Karl Williamson in the
latter:

  SvPV (and similar) are documented that 'len' is to be STRLEN. This
  module declares it to be int. That was harmless before the blamed commit,
  but with it, it results in undefined behavior.

-- 
Niko Tyni   nt...@debian.org

Bug#1040657: liblocale-hebrew-perl: FTBFS with Perl 5.38: stack smashing detected

2023-07-08 Thread Niko Tyni 
Source: liblocale-hebrew-perl
Version: 1.05-2
Severity: important
Tags: ftbfs trixie sid
Forwarded: https://rt.cpan.org/Public/Bug/Display.html?id=143880
User: debian-p...@lists.debian.org
Usertags: perl-5.38-transition

This package fails to build with Perl 5.38 (currently in experimental).

  PERL_DL_NONLAZY=1 "/usr/bin/perl" "-MExtUtils::Command::MM" "-MTest::Harness" 
"-e" "undef *Test::Harness::Switches; test_harness(1, 'inc', 'blib/lib', 
'blib/arch')" t/*.t
  t/0-signature.t .. skipped: Set the environment variable TEST_SIGNATURE to 
enable this test.
  *** stack smashing detected ***: terminated
  t/1-basic.t .. 
  1..3
  # Running under perl version 5.038000 for linux
  # Current time local: Wed Jun 28 20:44:46 2023
  # Current time GMT:   Wed Jun 28 20:44:46 2023
  # Using Test.pm version 1.31
  ok 1
  ok 2
  Failed 1/3 subtests 
  *** stack smashing detected ***: terminated
  t/2-utf8.t ... 
  1..1
  # Running under perl version 5.038000 for linux
  # Current time local: Wed Jun 28 20:44:46 2023
  # Current time GMT:   Wed Jun 28 20:44:46 2023
  # Using Test.pm version 1.31
  Failed 1/1 subtests 
  
  Test Summary Report
  ---
  t/1-basic.t(Wstat: 6 (Signal: ABRT) Tests: 2 Failed: 0)
Non-zero wait status: 6
Parse errors: Bad plan.  You planned 3 tests but ran 2.
  t/2-utf8.t (Wstat: 6 (Signal: ABRT) Tests: 0 Failed: 0)
Non-zero wait status: 6
Parse errors: Bad plan.  You planned 1 tests but ran 0.
  Files=3, Tests=2,  0 wallclock secs ( 0.02 usr  0.00 sys +  0.07 cusr  0.01 
csys =  0.10 CPU)
  Result: FAIL
 
Full build log at

  
http://perl.debian.net/rebuild-logs/perl-5.38/liblocale-hebrew-perl_1.05-2/liblocale-hebrew-perl_1.05-2+b2_amd64-2023-06-28T20:44:35Z.build

-- 
Niko Tyni   nt...@debian.org

Bug#1037188: bullseye-pu: package git/2.30.2-1+deb11u3

2023-07-08 Thread Adam D. Barratt 
On Wed, 2023-06-07 at 13:22 +0200, Andreas Beckmann wrote:
> git-el in bullseye is uninstallable in any sensible combination with
> emacs/xemacs (it only installs fine in a minimal chroot w/o
> --install-recommends).
> The package was dropped from sid shortly after the bullseye release,
> let's to the same in bullseye.
> 
[...]
> [ Changes ]
> remove all packaging bits for git-el, add Breaks to ensure cleanup if
> the package is still (partially) installed
> 

It looks like not all of the postinst was removed - was that
intentional? It's presumably harmless, but now leads to a lintian
warning, which is why I noticed. :-)

+W: maintainer-script-lacks-debhelper-token debian/git-el.postinst

--- git-2.30.2/debian/git-el.postinst   2021-03-10 02:40:56.0 +0100
+++ git-2.30.2/debian/git-el.postinst   2023-06-07 11:51:35.0 +0200
@@ -1,10 +1,3 @@
-#!/bin/sh
-set -e
-
-#DEBHELPER#
-
-test "$1" = configure || exit 0
-/usr/lib/emacsen-common/emacs-package-install git
 
 # Clean up after 1:1.7.4.1-1 through 1:1.7.4.1-3.
 ! test -L /usr/share/git-core/emacs/emacs ||


Regards,

Adam

Bug#1040656: elinks: [PATCH] meson.build: fix double elinks dir in configuration path

2023-07-08 Thread Marcel Partap 
Package: elinks
Version: 0.16.1.1-4
Severity: normal
Tags: patch
X-Debbugs-Cc: mpar...@gmx.net

(Couldn't send this via git send-email to gitlab because salsa says no...)

>From f99fc469f7f7230ab817de2f5587dca9b11b18ed Mon Sep 17 00:00:00 2001
From: Marcel Partap 
Date: Sat, 8 Jul 2023 18:21:32 +0200
Subject: [PATCH] meson.build: fix double elinks dir in configuration path

Should fix existing configuration not being applied because of
openat(AT_FDCWD, "/etc/elinks/elinks/elinks.conf", O_RDONLY|O_NOCTTY)
= -1 ENOENT (No such file or directory)
---
 meson.build | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git meson.build meson.build
index 97a6144e..64ec8ca3 100644
--- meson.build
+++ meson.build
@@ -875,7 +875,7 @@ endif

 conf_data.set('ICONV_CONST', true)

-sysconfdir = get_option('prefix') / get_option('sysconfdir')/'elinks'
+sysconfdir = get_option('prefix') / get_option('sysconfdir')
 conf_data.set('CONFDIR', sysconfdir)
 conf_data.set('sysconfdir', sysconfdir)
 conf_data.set('SOMETHING', '@SOMETHING@')
--
2.40.1


-- System Information:
Debian Release: 12.0
  APT prefers unstable
  APT policy: (510, 'unstable'), (509, 'experimental'), (500, 
'oldstable-updates'), (500, 'oldstable-security'), (500, 'testing'), (500, 
'stable'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.3.0-2-amd64 (SMP w/12 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_WARN, 
TAINT_FIRMWARE_WORKAROUND, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages elinks depends on:
ii  elinks-data   0.16.1.1-4
ii  libbrotli11.0.9-2+b6
ii  libbz2-1.01.0.8-5+b1
ii  libc6 2.36-5
ii  libev41:4.33-1
ii  libexpat1 2.4.9-1
ii  libfsplib00.14-5
ii  libgcrypt20   1.10.1-2
ii  libgnutls30   3.7.8-5
ii  libgpm2   1.20.7-10
ii  libgssapi-krb5-2  1.19.2-2+b1
ii  libidn12  1.38-4
ii  liblua5.3-0   5.3.6-1
ii  liblzma5  5.4.1-0.1
ii  libperl5.36   5.36.0-7
ii  libtinfo6 6.4-2
ii  libtre5   0.8.0-6+b1
ii  zlib1g1:1.2.11.dfsg-4.1

elinks recommends no packages.

Versions of packages elinks suggests:
pn  elinks-doc  

-- no debconf information

Bug#1040609: traceroute.db.1: some remarks and editorial fixes for the manual

2023-07-08 Thread Bjarni Ingi Gislason 
On Sat, Jul 08, 2023 at 11:38:23AM +0200, László Böszörményi (GCS) wrote:
> Hi Bjarni,
> 
> On Fri, Jul 7, 2023 at 11:03???PM Bjarni Ingi Gislason  
> wrote:
> > Package: traceroute
> > Version: 1:2.1.2-1
> > Severity: minor
> > Tags: patch
> [...]
> > here are some notes and fixes for the man page.
>  Thanks for all your work. Can you please:
> 1) Send your patch to traceroute upstream[1]?
> 2) Alternatively send me the patch as an attachment (do not paste it
> inline the email) and I will send your fixes upstream.

  The patch is in the attachment.
--- traceroute.db.1	2023-07-07 19:57:03.0 +
+++ traceroute.db.1.new	2023-07-07 20:18:28.0 +
@@ -10,19 +10,19 @@ traceroute \- print the route packets tr
 .BR traceroute " [" \-46dFITUnreAV "] [" "\-f first_ttl" "] [" "\-g gate,..." ]
 .br
 .ti +8
-.BR "" [ "-i device" "] [" "-m max_ttl" "] [" "-p port" "] [" "-s src_addr" ]
+.BR "" [ "\-i device" "] [" "\-m max_ttl" "] [" "\-p port" "] [" "\-s src_addr" ]
 .br
 .ti +8
-.BR "" [ "-q nqueries" "] [" "-N squeries" "] [" "-t tos" ]
+.BR "" [ "\-q nqueries" "] [" "\-N squeries" "] [" "\-t tos" ]
 .br
 .ti +8
-.BR "" [ "-l flow_label" "] [" "-w waittimes" "] [" "-z sendwait" "] [" "-UL" "] [" "-D" ]
+.BR "" [ "\-l flow_label" "] [" "\-w waittimes" "] [" "\-z sendwait" "] [" "\-UL" "] [" "\-D" ]
 .br
 .ti +8
-.BR "" [ "-P proto" "] [" "--sport=port" "] [" "-M method" "] [" "-O mod_options" ]
+.BR "" [ "\-P proto" "] [" "\-\-sport=port" "] [" "\-M method" "] [" "\-O mod_options" ]
 .br
 .ti +8
-.BR "" [ "--mtu" "] [" "--back" ]
+.BR "" [ "\-\-mtu" "] [" "\-\-back" ]
 .br
 .ti +8
 .BR host " [" "packet_len" "]"
@@ -53,8 +53,8 @@ is equivalent to
 .I traceroute
 .B \-T
 .P
-.I lft
-, the Layer Four Traceroute, performs a TCP traceroute, like
+.IR lft ,
+the Layer Four Traceroute, performs a TCP traceroute, like
 .I traceroute
 .B \-T
 , but attempts to provide compatibility with the original
@@ -62,7 +62,7 @@ such implementation, also called "lft".
 .PP
 The only required parameter is the name or IP address of the
 destination
-.BR host \ .
+.BR host .
 The optional
 .B packet_len\fR`gth
 is the total size of the probing packet (default 60 bytes
@@ -74,8 +74,9 @@ internet host by launching probe
 packets with a small ttl (time to live) then listening for an
 ICMP "time exceeded" reply from a gateway.  We start our probes
 with a ttl of one and increase by one until we get an ICMP "port
-unreachable" (or TCP reset), which means we got to the "host", or hit a max (which
-defaults to 30 hops). Three probes (by default) are sent at each ttl setting
+unreachable" (or TCP reset), which means we got to the "host",
+or hit a max (which defaults to 30 hops).
+Three probes (by default) are sent at each ttl setting
 and a line is printed showing the ttl, address of the gateway and
 round trip time of each probe. The address can be followed by additional
 information when requested. If the probe answers come from
@@ -139,37 +140,34 @@ Use ICMP ECHO for probes
 .B \-T, \-\-tcp
 Use TCP SYN for probes
 .TP
-.B \-d, --debug
+.B \-d, \-\-debug
 Enable socket level debugging (when the Linux kernel supports it)
 .TP
-.B \-F, --dont-fragment
-Do not fragment probe packets. (For IPv4 it also sets DF bit, which tells
+.B \-F, \-\-dont-fragment
+Do not fragment probe packets.
+(For IPv4 it also sets DF bit, which tells
 intermediate routers not to fragment remotely as well).
-.br
 
-.br
 Varying the size of the probing packet by the
 .B packet_len
 command line parameter, you can manually obtain information
 about the MTU of individual network hops. The
-.B \--mtu
+.B \-\-mtu
 option (see below) tries to do this automatically.
-.br
 
-.br
 Note, that non-fragmented features (like
 .B \-F
 or
-.B \--mtu\fR)
+.B \-\-mtu\fR)
 work properly since the Linux kernel 2.6.22 only.
 Before that version, IPv6 was always fragmented, IPv4 could use
 the once the discovered final mtu only (from the route cache), which can be
 less than the actual mtu of a device.
 .TP
-.BI \-f " first_ttl" ", --first=" first_ttl
+.BI \-f " first_ttl" ", \-\-first=" first_ttl
 Specifies with what TTL to start. Defaults to 1.
 .TP
-.BI \-g " gateway" ", --gateway=" gateway
+.BI \-g " gateway" ", \-\-gateway=" gateway
 Tells traceroute to add an IP source routing option to the outgoing
 packet that tells the network to route the packet through the
 specified
@@ -184,18 +182,18 @@ is allowed, where
 is a route header type (default is type 2). Note the type 0 route header
 is now deprecated (rfc5095).
 .TP
-.BI \-i " interface" ", --interface=" interface
+.BI \-i " interface" ", \-\-interface=" interface
 Specifies the interface through which
 .I traceroute
 should send packets. By default, the interface is selected
 according to the routing table.
 .TP
-.BI \-m " max_ttl" ", --max-hops=" max_ttl
+.BI \-m " max_ttl" ", \-\-max-hops=" max_ttl
 Specifies the maximum number of hops (max time-to-live value)
 .I traceroute
 will probe. The default is 30.

Bug#1040655: liblmdb-file-perl: FTBFS with Perl 5.38: undefined reference to `Perl_do_vecget'

2023-07-08 Thread Niko Tyni 
Source: liblmdb-file-perl
Version: 0.12-4
Severity: important
Tags: ftbfs trixie sid upstream
Forwarded: https://rt.cpan.org/Public/Bug/Display.html?id=148421
User: debian-p...@lists.debian.org
Usertags: perl-5.38-transition

This package fails to build with Perl 5.38 (currently in experimental).

  x86_64-linux-gnu-gcc -g -O2 -ffile-prefix-map=/<>=. 
-fstack-protector-strong -Wformat -Werror=format-security -Wl,-z,relro  -shared 
-L/usr/local/lib -fstack-protector-strong  LMDB.o  -o 
blib/arch/auto/LMDB_File/LMDB_File.so  \
 -llmdb   \

  /usr/bin/ld: LMDB.o: in function `XS_LMDB__Txn__dbi_open':
  ././LMDB.xs:835: undefined reference to `Perl_do_vecget'
  /usr/bin/ld: LMDB.o: in function `XS_LMDB_File__put':
  ././LMDB.c:2577: undefined reference to `Perl_do_vecget'
  /usr/bin/ld: LMDB.o: in function `XS_LMDB__Cursor__del':
  ././LMDB.c:2191: undefined reference to `Perl_do_vecget'
  /usr/bin/ld: LMDB.o: in function `XS_LMDB_File__get':
  ././LMDB.c:2517: undefined reference to `Perl_do_vecget'
  /usr/bin/ld: LMDB.o: in function `XS_LMDB_File__cmp':
  ././LMDB.c:2731: undefined reference to `Perl_do_vecget'
  /usr/bin/ld: LMDB.o:././LMDB.c:2785: more undefined references to 
`Perl_do_vecget' follow
  /usr/bin/ld: blib/arch/auto/LMDB_File/LMDB_File.so: hidden symbol 
`Perl_do_vecget' isn't defined
  /usr/bin/ld: final link failed: bad value
  collect2: error: ld returned 1 exit status
  make[1]: *** [Makefile:488: blib/arch/auto/LMDB_File/LMDB_File.so] Error 1
  make[1]: Leaving directory '/<>'
  dh_auto_build: error: make -j4 returned exit code 2
  make: *** [debian/rules:4: binary-arch] Error 25

Full build log at

  
http://perl.debian.net/rebuild-logs/perl-5.38/liblmdb-file-perl_0.12-4/liblmdb-file-perl_0.12-4+b3_amd64-2023-06-28T20:44:13Z.build

-- 
Niko Tyni   nt...@debian.org

Bug#1040654: [vmdb2] option --exclude from debootstrap

2023-07-08 Thread Jean-Marc LACROIX 

Package: vmdb2
Version: 0.27+really.0.26-1
Severity: wishlist

Dear developer,

I have a dream(!)

When i use debootstrap, i always use --include AND --exclude options so 
that Debian make the right choice of package installed into rootfs.


Could you please implement in vmdb2 option --exclude from debootstrap ?

Thanks in advance
Cordialement
--
  -- Jean-Marc LACROIX  (06 82 29 98 66) --
-- mailto : jeanmarc.lacr...@free.fr   --

Bug#1040496: qt6-virtualkeyboard FTBFS with parallel=1: qmlcachegen segfaults

2023-07-08 Thread Lisandro Damian Nicanor Perez Meyer 
On sábado, 8 de julio de 2023 12:27:34 -03 Lisandro Damián Nicanor Pérez Meyer 
wrote:
> Hi,
> 
> On Thu, 6 Jul 2023 at 14:30, Helmut Grohne  wrote:
> > Source: qt6-virtualkeyboard
> > Version: 6.4.2+dfsg-2
> > Severity: serious
> > Tags: ftbfs
> > 
> > qt6-virtualkeyboard fails to build from source in unstable when passing
> 
> > DEB_BUILD_OPTIONS=parallel=1. A build ends as follows:
> Interestingly enough I could only reproduce the issue by using sbuild.
> If I hand compile it using dpkg-buildpackage directly on a clean
> machine things just work.

More info: I did a build of qt6-virtualkeyboard on 6.5.1 with parallel=1 with 
no issues... but at the same time not the fully proper environment, because it 
was an sbuild build using Ubuntu focal and some special Qt build I have at 
hand. But maybe the answer is there.

signature.asc
Description: This is a digitally signed message part.

Bug#1040650: console-setup: transition from /etc/default/keyboard to /etc/vconsole.conf

2023-07-08 Thread Andrew M.A. Cater 
On Sat, Jul 08, 2023 at 03:05:20PM +, snv5gh+elqseqrl4eotk@cs.email wrote:
> Package: console-setup
> Version: 1.221
> Severity: normal
> 
> Dear Maintainer,
> 
> Similarly to #1038798 please transition away from the debianism 
> /etc/default/keyboard to /etc/vconsole.conf which is used by many other 
> systems, and is systemd default. Thank you.
>

Both are present. Both contain similar information but one is tied to XKB.
It's quite possible that one will disappear as Wayland comes in for 
everything?

Bug#1040653: gnome-keyring: Depends upon pinentry-gtk instead of pinentry

2023-07-08 Thread Lisandro Damián Nicanor Pérez Meyer 
Package: gnome-keyring
Version: 42.1-1+b2
Severity: normal
X-Debbugs-Cc: lisan...@debian.org

Hi! gnome-keyring depends upon pinentry-gtk instead of just pinentry.
This forces the installation of the gtk versions on systems that might
as well use the curses or Qt versions of pinentry.

If you want you could use pinentry as a dependency and pinentry-gtk as a
recommendation, thus installaing the GTK version by default on systems
that do not have any other pinentry package installed, but still
allowing the user to choose which pinentry version to install.

Thanks, Lisandro.


-- System Information:
Debian Release: trixie/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: arm64

Kernel: Linux 6.1.0-9-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=es_AR.UTF-8, LC_CTYPE=es_AR.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gnome-keyring depends on:
ii  dbus-user-session [default-dbus-session-bus]  1.14.8-1
ii  dconf-gsettings-backend [gsettings-backend]   0.40.0-4
ii  gcr   3.41.1-3
ii  init-system-helpers   1.65.2
ii  libc6 2.36-9
ii  libgck-1-03.41.1-3
ii  libgcr-base-3-1   3.41.1-3
ii  libgcrypt20   1.10.2-2
ii  libglib2.0-0  2.74.6-2
ii  libsystemd0   252.11-1
ii  p11-kit   0.24.1-2
ii  pinentry-gnome3   1.2.1-1

Versions of packages gnome-keyring recommends:
ii  gnome-keyring-pkcs11  42.1-1+b2
ii  libpam-gnome-keyring  42.1-1+b2

gnome-keyring suggests no packages.

-- no debconf information

Bug#1040652: librust-system-deps-dev: Depends: librust-cfg-expr-0.10+default-dev that is no longer provided by librust-cfg-expr-dev

2023-07-08 Thread Adrian Bunk 
Package: librust-system-deps-dev
Version: 6.0.2-2
Severity: serious
Tags: trixie sid

The following packages have unmet dependencies:
 librust-system-deps-dev : Depends: librust-cfg-expr-0.10+default-dev

Bug#1040496: qt6-virtualkeyboard FTBFS with parallel=1: qmlcachegen segfaults

2023-07-08 Thread Lisandro Damián Nicanor Pérez Meyer 
Hi,


On Thu, 6 Jul 2023 at 14:30, Helmut Grohne  wrote:
>
> Source: qt6-virtualkeyboard
> Version: 6.4.2+dfsg-2
> Severity: serious
> Tags: ftbfs
>
> qt6-virtualkeyboard fails to build from source in unstable when passing
> DEB_BUILD_OPTIONS=parallel=1. A build ends as follows:

Interestingly enough I could only reproduce the issue by using sbuild.
If I hand compile it using dpkg-buildpackage directly on a clean
machine things just work.

-- 
Lisandro Damián Nicanor Pérez Meyer
https://perezmeyer.com.ar/

Bug#1040638: Bothersome message every day from cron

2023-07-08 Thread Klaus Ethgen 
Hi,

Am Sa den  8. Jul 2023 um 14:18 schrieb Daniel Baumann:
> On 7/8/23 11:20, Klaus Ethgen wrote:
> > Version: 4.2+20230508-5devuan1
> > 
> > Since some days I get the following message every day [...]
> > This come from cron and the command `mdadm --monitor --scan --oneshot`.
> 
> the cron jobs have been removed in favour of systemd timers in Debian.

Well, first, I don't have systemd and will never ever have!

But it doesn't matter if Debian removed that cron job. It is mdadm
itself that prints the error:
   ~> mdadm --monitor --scan --oneshot
   mdadm: DeviceDisappeared event detected on md device /dev/md/md3
   mdadm: DeviceDisappeared event detected on md device /dev/md/md2
   mdadm: DeviceDisappeared event detected on md device /dev/md/md1
   mdadm: DeviceDisappeared event detected on md device /dev/md/md0
   mdadm: NewArray event detected on md device /dev/md0
   mdadm: NewArray event detected on md device /dev/md3
   mdadm: NewArray event detected on md device /dev/md2
   mdadm: RebuildStarted event detected on md device /dev/md2
   mdadm: NewArray event detected on md device /dev/md1

So mdadm is broken in some sort.

Regards
   Klaus
-- 
Klaus Ethgen   http://www.ethgen.ch/
pub  4096R/4E20AF1C 2011-05-16Klaus Ethgen 
Fingerprint: 85D4 CA42 952C 949B 1753  62B3 79D0 B06F 4E20 AF1C


signature.asc
Description: PGP signature

Bug#1040650: console-setup: transition from /etc/default/keyboard to /etc/vconsole.conf

2023-07-08 Thread snv5gh+elqseqrl4eotk 
Package: console-setup
Version: 1.221
Severity: normal

Dear Maintainer,

Similarly to #1038798 please transition away from the debianism 
/etc/default/keyboard to /etc/vconsole.conf which is used by many other 
systems, and is systemd default. Thank you.

Bug#1040649: dnscrypt-proxy: Backport dnscrypt-proxy to bookworm

2023-07-08 Thread snv5gh+elqseqrl4eotk 
Package: dnscrypt-proxy
Severity: normal

Dear Maintainer,

Unfortunately, dnscrypt-proxy did not make it into bookworm. Can you please 
create a bookworm-backports version of dnscrypt-proxy? Thanks.

Bug#1040648: nmu: dovecot-fts-xapian_1.5.5-1+b2

2023-07-08 Thread Noah Meyerhans 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
X-Debbugs-Cc: dovecot-fts-xap...@packages.debian.org
Control: affects -1 + src:dovecot-fts-xapian

nmu dovecot-fts-xapian_1.5.5-1+b2 . ANY . unstable . -m "Rebuild for dovecot 
1:2.3.20+dfsg1-1 ABI"

dovecot-fts-xapian needs to be rebuilt against the dovecot 1.3.20 internal ABI
in order to allow the transition to testing.

Bug#1040622: systemd-sysv: reboot doesn't honor the grub-reboot settings; reboot -f does

2023-07-08 Thread Luca Boccassi 
Control: tags -1 moreinfo

On Sat, 08 Jul 2023 00:16:28 -0400 "Theodore Y. Ts'o" 
wrote:
> Package: systemd-sysv
> Version: 252.6-1
> Severity: normal
> 
> Dear Maintainer,
> 
>    * What led up to the situation?
> 
> I was updating the gce-xfstests[1] test appliance to Debian Bookworm
from
> Debian Bullseye.
> 
> [1] https://thunk.org/gce-xfstests
> 
>    * What exactly did you do (or not do) that was effective (or
>  ineffective)?
> 
> Unfortunately kexec has not been reliable ever since sometime after
the
> 5.4 kernel, at least on Google Compute Engine VM's.  (About 30-40% of
> the time, the VM hangs after the kexec; about 10% of the time, the
> machine is up, but it is very slow and limping, and /proc/interrupts
> shows that some interrupt channel is going wild.  This is no doubt
the
> kernel bug interacting with some virtual hardware in the GCE VM, but
> I've never been able to debug it.)
> 
> Because of issues with kexec, the primary way that I reboot into the
> kernel that I want to test is to install the kernel as a dpkg
package,
> and then examine /boot/grub/grub.cfg to find out where it was
inserted
> into the grub's menu listing, and then run a command like "grub-
reboot
> 1>4", where the number is found by examing the grub.cfg file.  An
> example of this works can be found here[2].
> 
> [2]
https://github.com/tytso/xfstests-bld/blob/9bae3253d57456987d995cf85379e9165e054381/test-appliance/files/usr/local/lib/gce-load-kernel#L169
> 
> This works *just* *fine* when using Debian Bullseye (which is using
> systemd 247.3-7+deb11u2).
> 
>    * What was the outcome of this action?
> 
> Unfortunately, this no longer works in Debian Bookworm (with systemd
> 252.6-1).  In Debian Bookworm, the grub-reboot(8) setting is ignored
> after triggering a reboot via /sbin/reboot.
> 
> Connecting to the serial console, it appears that "reboot" is going
> through some code path that does NOT involve triggering a BIOS
message
> and going through grub, where (assuming the GRUB_TIMEOUT is set to
some
> non-zero value like 15) the grub menu would be displayed, and after
15
> seconds, it would boot the kernel specified by grub-reboot, and then
> clear the next_entry entry in /boot/grub/grubenv.
> 
> Instead, systemd appears to boot the default kernel, ignoring
> /boot/grub/grubenv, so I don't enter the kernel which I had just
> installed, and had selected via the grub-reboot(8) command.  Looking
at
> /boot/grub/grubenv, it still has the "next_entry=1>4" set by
> grub-reboot(8), so it appears that /boot/grub/grubenv is being
> completely ignored by reboot.

Check whether you have kexec-tools installed. It has some crufty old
and broken sysv-init script that it enables by default and messes with
the reboot and silently makes it a kexec. I had the same issue and
disabling and masking kexec.service (which is autogenerated from the
crusty init script) fixed the problem for me.

Nothing to do with systemd, which cannot 'bypass grub', once the system
is rebooted, it's rebooted, control is given back to the kernel to do
what it's configured to do.

-- 
Kind regards,
Luca Boccassi


signature.asc
Description: This is a digitally signed message part

Bug#1025847: dnscrypt-proxy: Please update to upstream version 2.1.2

2023-07-08 Thread snv5gh+elqseqrl4eotk 
Package: dnscrypt-proxy
Followup-For: Bug #1025847

Dear Maintainer,

dnscrypt-proxy version 2.1.4 was released in february and hasn't caused any 
breakage since. Please update the version in debian to 2.1.4. Thank you.

Bug#559618: boswars: Toggling Fullscreen with the space key in Video Options makes it change back immedi

2023-07-08 Thread Alexandre Detiste 
control: tag -1 +fixed-upstream

This has been fixed upstream:

https://codeberg.org/boswars/boswars/commit/0ef4a1afe890d6c0cddc7393a0e29ecea274c054

Bug#1038798: locales: transition from /etc/default/locale to /etc/locale.conf

2023-07-08 Thread snv5gh+elqseqrl4eotk 
Package: locales
Version: 2.36-9
Followup-For: Bug #1038798

Dear Maintainer,

transition from /etc/default/locale to /etc/locale.conf is a good idea.

My debian systems have the /etc/default/locale -> /etc/locale.conf symlink 
already added manually for compatibility reasons. Will the proposed change 
break anything on upgrade from bookworm to trixie if the symlink already exists?

Bug#1040647: ITP: ruby-neighbor -- Nearest neighbor search for Rails and Postgres

2023-07-08 Thread Vivek K J 
Package: wnpp
Severity: wishlist
Owner: Vivek K J 
X-Debbugs-Cc: debian-de...@lists.debian.org, vive...@disroot.org

* Package name: ruby-neighbor
  Version : 0.2.3
  Upstream Contact: Andrew Kane 
* URL : https://github.com/ankane/neighbor
* License : Expat
  Programming Lang: Ruby
  Description : Nearest neighbor search for Rails and Postgres

Ruby package used for finding nearest neighbor search for Rails and Postgres.
This package will be maintained by Ruby Packaging team.

Bug#1040645: ITP: ruby-circuitbox -- Robust circuit breaker that manages failing external services

2023-07-08 Thread Vivek K J 
Package: wnpp
Severity: wishlist
Owner: Vivek K J 
X-Debbugs-Cc: debian-de...@lists.debian.org, vive...@disroot.org

* Package name: ruby-circuitbox
  Version : 2.0.0
  Upstream Contact: Fahim Ferdous 
* URL : https://github.com/yammer/circuitbox
* License : Apache-2.0
  Programming Lang: Ruby
  Description : Robust circuit breaker that manages failing external 
services

It protects your application from failures of its service dependencies. 
It wraps calls to external services and monitors for failures in one minute
intervals. Using a circuit's defaults once more than 5 requests have been 
made with a 50% failure rate, Circuitbox stops sending requests to that
failing service for 90 seconds. This helps your application gracefully degrade.

This package will be maintained by Ruby Packaging team.

Bug#1040297: gnome: Gnome fails to start on login and falls back to GDM3

2023-07-08 Thread Bastian Venthur 
I've just updated all packages from unstable, including glibc and the 
problem is solved. So, it might have been the one you've described. 
Thanks for your help and your work!



Cheers,

Bastian

Am 08.07.23 um 11:32 schrieb Simon McVittie:

On Thu, 06 Jul 2023 at 09:50:57 +0100, Simon McVittie wrote:

On Wed, 05 Jul 2023 at 22:44:40 +0200, Bastian Venthur wrote:

 #5  0x7f134cbe97ce g_utf8_collate_key (libglib-2.0.so.0
+ 0x8a7ce)
 #6  0x7f134ccee180 e_source_set_display_name
(libedataserver-1.2.so.27 + 0x57180)


Well, this is messed up - something is setting the display name of an
ESource (a calendar or address book or something similar) to a value that
is, apparently, so long that allocating memory for its collation key (a
version that has been modified to sort in the correct locale-sensitive
order) will fail.


I wonder whether this is the same root cause as #1040452: glibc (>= 2.37-2)
sometimes generating corrupted locale archives? That might explain why
g_utf8_collate_key() would get nonsense results.

Please try with glibc (>= 2.37-5) which fixes that bug, and maybe this
one too.

 smcv



--
Dr. Bastian Venthur https://venthur.de
Debian Developer venthur at debian org

Bug#1040646: bookworm-pu: package tang/11-2

2023-07-08 Thread Christoph Biedl 
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: t...@packages.debian.org
Control: affects -1 + src:tang

[ Reason ]
Fix https://security-tracker.debian.org/tracker/CVE-2023-1672 for
Debian 12 ("bookworm"), tagged "no-dsa (minor)" by the security team.

The problem of creating key material without restrictive file
permissions probably existed upstream since always. Up to and including
Debian 10 ("buster") however, this situation was caught by enforcing
restrictive permissions on the key directory.

With Debian 11 ("bullseye") a change in the creation of that directory
caused it to be created with a too permissive mode. That will be
addressed in a separature upload that requires more testing.

For Debian 12 ("bookworm"), this request here, stricter permissions were
already implemented and they are enforced during upgrade, however with a
small window during installation of the package.

[ Impact ]
The small time window as mentioned above will stay. Also this would
continue to put users at risk who configured a different key directory
but did not enforce restrictive access permissions.

[ Tests ]
None that I'm aware of.

[ Risks ]
The changes are small and rather straight-forward. I'd be surprised if
they introduce problems.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in stable
  [x] the issue is verified as fixed in unstable (14.1)

[ Changes ]
* Assert restrictive permissions of the key directory in Debian's
  postinst.
  For regular users and new instaaltions.
* Upstream's change to create the key file with restrictive
  permissions.
  Mostly for users who configure a different key directory.

Regards,

Christoph

diff -Nru tang-11/debian/changelog tang-11/debian/changelog
--- tang-11/debian/changelog2022-10-15 15:00:56.0 +0200
+++ tang-11/debian/changelog2023-07-08 12:49:07.0 +0200
@@ -1,3 +1,11 @@
+tang (11-2+deb12u1) bookworm; urgency=medium
+
+  * Fix CVE-2023-1672. Closes: #1038119
+- Cherry-pick "Fix race condition when creating/rotating keys"
+- Assert restrictive permissions on tang's key directory
+
+ -- Christoph Biedl   Sat, 08 Jul 2023 
12:49:07 +0200
+
 tang (11-2) unstable; urgency=medium
 
   * Tighten access permissions of the key directory
diff -Nru 
tang-11/debian/patches/bookworm/1686750800.v13-3-g8dbbed1.fix-race-condition-when-creating-rotating-keys-123.patch
 
tang-11/debian/patches/bookworm/1686750800.v13-3-g8dbbed1.fix-race-condition-when-creating-rotating-keys-123.patch
--- 
tang-11/debian/patches/bookworm/1686750800.v13-3-g8dbbed1.fix-race-condition-when-creating-rotating-keys-123.patch
  1970-01-01 01:00:00.0 +0100
+++ 
tang-11/debian/patches/bookworm/1686750800.v13-3-g8dbbed1.fix-race-condition-when-creating-rotating-keys-123.patch
  2023-07-08 12:49:07.0 +0200
@@ -0,0 +1,66 @@
+Subject: Fix race condition when creating/rotating keys (#123)
+Origin: v13-3-g8dbbed1 
+Upstream-Author: Sergio Correia 
+Date: Wed Jun 14 10:53:20 2023 -0300
+
+When we create/rotate keys using either the tangd-keygen and
+tangd-rotate-keys helpers, there is a small window between the
+keys being created and then the proper ownership permissions being
+set. This also happens when there are no keys and tang creates a
+pair of keys itself.
+
+In certain situations, such as the keys directory having wide open
+permissions, a user with local access could exploit this race
+condition and read the keys before they are set to more restrictive
+permissions.
+
+To prevent this issue, we now set the default umask to 0337 before
+creating the files, so that they are already created with restrictive
+permissions; afterwards, we set the proper ownership as usual.
+
+Issue reported by Brian McDermott of CENSUS labs.
+
+Fixes CVE-2023-1672
+
+
+Reviewed-by: Sergio Arroutbi 
+Signed-off-by: Sergio Correia 
+
+--- a/src/keys.c
 b/src/keys.c
+@@ -307,6 +307,9 @@
+ {
+ const char* alg[] = {"ES512", "ECMR", NULL};
+ char path[PATH_MAX];
++
++/* Set default umask for file creation. */
++umask(0337);
+ for (int i = 0; alg[i] != NULL; i++) {
+ json_auto_t* jwk = jwk_generate(alg[i]);
+ if (!jwk) {
+--- a/src/tangd-keygen.in
 b/src/tangd-keygen.in
+@@ -38,6 +38,10 @@
+ [ $# -eq 3 ] && sig=$2 && exc=$3
+ 
+ THP_DEFAULT_HASH=S256 # SHA-256.
++
++# Set default umask for file creation.
++umask 0337
++
+ jwe=$(jose jwk gen -i '{"alg":"ES512"}')
+ [ -z "$sig" ] && sig=$(echo "$jwe" | jose jwk thp -i- -a 
"${THP_DEFAULT_HASH}")
+ echo "$jwe" > "$1/$sig.jwk"
+--- a/src/tangd-rotate-keys.in
 b/src/tangd-rotate-keys.in
+@@ -79,6 +79,10 @@
+ 
+ # Create a new set of keys.
+ DEFAULT_THP_HASH="S256"
++
++# Set

Bug#919275: kbd: unicode_start and unicode_stop are in different directories

2023-07-08 Thread snv5gh+elqseqrl4eotk 
Package: kbd
Version: 2.5.1-1+b1
Followup-For: Bug #919275

Dear Maintainer,

although the kbd package still unpacks unicode_start to /bin/unicode_start and 
unicode_stop to /usr/bin/unicode_stop it is now irrelevant on debian 12 
(bookworm) due to usrmerged filesystem layout where /bin and /usr/bin are the 
same location.

Bug#1039737: reportbug: lxc-copy --ephemeral always fails

2023-07-08 Thread Jérôme Charaoui 

Hello,

I also have this problem: after upgrading to bookworm, "lxc-copy 
--ephemeral" doesn't work anymore.


# lxc-copy -n autopkgtest-sid -e -l TRACE
Created autopkgtest-sid_4aGd6F as clone of autopkgtest-sid
lxc-copy: autopkgtest-sid: ../src/lxc/lxccontainer.c: 
wait_on_daemonized_start: 878 Received container state "ABORTING" 
instead of "RUNNING"
lxc-copy: autopkgtest-sid: ../src/lxc/af_unix.c: 
lxc_abstract_unix_recv_fds_iov: 218 Connection reset by peer - Failed to 
receive response
lxc-copy: autopkgtest-sid: ../src/lxc/commands.c: lxc_cmd_rsp_recv_fds: 
128 Failed to receive file descriptors for command "get_state"



Thanks.

-- Jérôme

Bug#1040426: FreeCAD Path: Generate dangeruos first G-code move while G49 is active

2023-07-08 Thread Petter Reinholdtsen 


The change was just accepted upstream.
-- 
Happy hacking
Petter Reinholdtsen

Bug#1040252: [3dprinter-general] Bug#1040252: cura-engine FTBFS on some 32bit architectures

2023-07-08 Thread Gregor Riepl 

Hi myon,

I've tested the patch both on amd64 and i686 (in a chroot) and pushed it 
to Salsa.


Could you upload cura-engine 5.0.0-4 when you have time?
Thank you very much!

Regards,
Gregor

Bug#1040623: bookworm-pu: package bup/0.33.2-1+deb12u1

2023-07-08 Thread Adam D. Barratt 
Hi,

On Sat, 2023-07-08 at 02:24 -0400, Robert Edmonds wrote:
> I'd like to update the version of bup in bookworm from 0.33-2 to
> 0.33.2-1+deb12u1, which incorporates two upstream bugfix releases for
> a bug deemed important enough by upstream to issue point releases.
> 

The version number for p-u needs to be lower than unstable. This looks
like a backport of 0.33.2-1 from unstable, so the convention would be
0.33.2-1~deb12u1.

Feel free to re-upload with the corrected version number; there's no
need to wait for the original upload to be rejected.

Regards,

Adam

Bug#955733: cloud-init does not set locale specified in user data

2023-07-08 Thread Nick Holloway 
On Wed, Jun 28, 2023 at 08:51:46PM -0700, Noah Meyerhans wrote:
> I think that each of the components is working correct if viewed in
> isolation, but the end result is not what you expect.  If we document
> that you must first populate /etc/locale.gen with the desired list of
> available locales, that may be sufficient.  For example, the following
> sets the desired locale:
> 
> admin@ip-10-0-3-7:~$ sudo cat /var/lib/cloud/instance/user-data.txt
> #cloud-config
> write_files:
> - path: /etc/locale.gen
>   content: ZW5fR0IuVVRGLTggVVRGLTgK
>   encoding: base64
> locale: en_GB.UTF-8
> admin@ip-10-0-3-7:~$ echo "ZW5fR0IuVVRGLTggVVRGLTgK" | openssl base64 -d
> en_GB.UTF-8 UTF-8

This feels like a workaround for the failure of cloud-init setting the locale
on a Debian install.

The locale configuration in cloud-init is expecting locale-gen to configure the
generated locales with the specified locale.


https://git.launchpad.net/ubuntu/+source/cloud-init/tree/cloudinit/distros/debian.py#n401

Debian just ignores the locale passed as a parameter.

> Do Ubuntu systems list all known locales in /etc/locale.gen?  That would
> make the locale module work without additional configuration, but seems
> unnecessarily expensive.

Ubuntu does not list all locales in /etc/locale.gen, but their version of
locale-gen will update /etc/locale.gen to add/uncomment the specified locale
before generating locales.


https://git.launchpad.net/ubuntu/+source/glibc/tree/debian/local/usr_sbin/locale-gen?h=ubuntu/jammy#n115

It seems cloud-init has expectation on what locale-gen will do (i.e. _update_
and generate), and that is not the case.

I don't know if cloud-init should take on the responsibility for updating
/etc/locale.gen, or if locale-gen should update /etc/locale.gen if passed a
parameter.

Bug#1040643: wmaker crashes on trying to set Attributes on steam-window

2023-07-08 Thread Peter Keel 


Package: wmaker
Version: 0.95.9-3+b2
Severity: normal

Hi

When trying to set "Attributes" from the menu on a steam-window, wmaker
crashes.

| /usr/libexec/WindowMaker/wmaker(MonitorLoop(monitor.c:133)): warning: 
| Window Maker exited due to a crash (signal 11) and will be restarted.

In order to set attributes, you either need to have IgnoreGtkHints = YES;
set or open the menu with ctrl-esc while a steam (Valve) window has
focus.

I tried to debug it, but it either blocks my gdb or doesn't return
anything useful:

$ gdb /usr/libexec/WindowMaker/wmaker

[...]

Reading symbols from /usr/libexec/WindowMaker/wmaker...
Reading symbols from 
/usr/lib/debug/.build-id/30/d1882708ca14128e56d12939b2c66edff5cbfb.debug...
(gdb) set  follow-fork-mode child 
(gdb) run 
Starting program: /usr/libexec/WindowMaker/wmaker 
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[Attaching after Thread 0x7640e940 (LWP 570717) fork to child process 
570718]
[New inferior 2 (process 570718)]
[Detaching after fork from parent process 570717]
[Inferior 1 (process 570717) detached]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
process 570718 is executing new program: /usr/libexec/WindowMaker/wmaker
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x734356c0 (LWP 570720)]
[Thread 0x734356c0 (LWP 570720) exited]
[Attaching after Thread 0x7640e940 (LWP 570718) fork to child process 
570721]
[New inferior 3 (process 570721)]
[Detaching after fork from parent process 570718]
[Inferior 2 (process 570718) 
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x734356c0 (LWP 567265)]
[Thread 0x734356c0 (LWP 567265) exited]
[Attaching after Thread 0x7640e940 (LWP 567264) fork to child process 
567266]
[New inferior 3 (process 567266)]
[Detaching after fork from parent process 567264]
[Inferior 2 (process 567264) detached]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
process 567266 is executing new program: /usr/bin/dash
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[Attaching after Thread 0x77da6740 (LWP 567266) fork to child process 
567278]
[New inferior 4 (process 567278)]
[Detaching after fork from parent process 567266]
[Inferior 3 (process 567266) detached]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
process 567278 is executing new program: /usr/bin/wmsetbg
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[Inferior 4 (process 567278) exited normally]
(gdb) /usr/libexec/WindowMaker/wmaker(MonitorLoop(monitor.c:133)): warning: 
Window Maker exited due to a crash (signal 11) and will be restarted.

quit
(gdb) bt

No stack.


With "follow-fork-mode parent", it blocks gdb.


-- System Information:
Debian Release: trixie/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.3.12 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages wmaker depends on:
ii  libc6   2.37-5
ii  libexif12   0.6.24-1+b1
ii  libfontconfig1  2.14.1-4
ii  libwings3   0.95.9-3+b2
ii  libwraster6 0.95.9-3+b2
ii  libwutil5   0.95.9-3+b2
ii  libx11-62:1.8.6-1
ii  libxext62:1.3.4-1+b1
ii  libxinerama12:1.1.4-3
ii  libxpm4 1:3.5.12-1.1
ii  wmaker-common   0.95.9-3

wmaker recommends no packages.

Versions of packages wmaker suggests:
ii  cool-retro-term [x-terminal-emulator]  1.2.0+ds2-1+b1
ii  desktop-base   12.0.6
ii  kitty [x-terminal-emulator]0.26.5-5
ii  konsole [x-terminal-emulator]  4:22.12.3-1
ii  rxvt-unicode [x-terminal-emulator] 9.30-2+b4
ii  terminator [x-terminal-emulator]   2.1.3-1
ii  wmaker-data0.9~4-2
ii  wmaker-utils   0.95.9-3+b2
ii  x11-apps   7.7+9
ii  xterm [x-terminal-emulator]383-1

-- no debconf information

Bug#1040252: cura-engine FTBFS on some 32bit architectures

2023-07-08 Thread Gregor Riepl 

This is actually a bug in the test and not CuraEngine.

In tests/InfillTest.cpp:104, they format a size_t as %lld instead of 
%zu. %llu works as well, but it's not 100% correct with a 32-bit size_t.


Current upstream HEAD still has the bug, so I'm going to report it there 
as well: 
https://github.com/Ultimaker/CuraEngine/blob/main/tests/InfillTest.cpp#L103


Patch:

diff --git a/tests/InfillTest.cpp b/tests/InfillTest.cpp
index 23b083f5..6f39b708 100644
--- a/tests/InfillTest.cpp
+++ b/tests/InfillTest.cpp
@@ -100,7 +100,7 @@ namespace cura
 result_lines(result_lines),
 result_polygons(result_polygons)
 {
-name = 
makeName("InfillTestParameters_P%d_Z%d_C%d_L%lld__%lld", 
(int)params.pattern, (int)params.zig_zagify, 
(int)params.connect_polygons, params.line_distance, test_polygon_id);
+name = 
makeName("InfillTestParameters_P%d_Z%d_C%d_L%lld__%zu", 
(int)params.pattern, (int)params.zig_zagify, 
(int)params.connect_polygons, params.line_distance, test_polygon_id);

 }

 friend std::ostream& operator<<(std::ostream& os, const 
InfillTestParameters& params)

Bug#1040642: upower/experimental must build depend on libgudev-1.0-dev (>= 238)

2023-07-08 Thread Adrian Bunk 
Source: upower
Version: 1.90.2-1
Severity: serious
Tags: ftbfs

https://buildd.debian.org/status/logs.php?pkg=upower=1.90.2-1

...
Dependency gudev-1.0 found: NO found 237 but need: '>= 238'
Dependency lookup for gudev-1.0 with method 'pkgconfig' failed: Invalid 
version, need 'gudev-1.0' ['>= 238'] found '237'.
CMake binary for 1 is not cached
CMake binary missing from cross or native file, or env var undefined.
Trying a default CMake fallback at cmake
Did not find CMake 'cmake'
Found CMake: NO
Dependency lookup for gudev-1.0 with method 'cmake' failed: CMake binary for 
machine 1 not found. Giving up.
Run-time dependency gudev-1.0 found: NO 

../meson.build:72:14: ERROR: Dependency lookup for gudev-1.0 with method 
'pkgconfig' failed: Invalid version, need 'gudev-1.0' ['>= 238'] found '237'.
dh_auto_configure: error: cd obj-x86_64-linux-gnu && LC_ALL=C.UTF-8 meson setup 
.. --wrap-mode=nodownload --buildtype=plain --prefix=/usr --sysconfdir=/etc 
--localstatedir=/var --libdir=lib/x86_64-linux-gnu -Dman=true -Dgtk-doc=true 
-Dintrospection=enabled -Dsystemdsystemunitdir=/lib/systemd/system returned 
exit code 1
make[1]: *** [debian/rules:9: override_dh_auto_configure] Error 25

Bug#1034565: ftbfs tests fail on ppc64el and mips64el

2023-07-08 Thread Pirate Praveen 
On Tue, 18 Apr 2023 17:08:34 +0530 Pirate Praveen  
wrote:

> Failures:
>
>1) Prometheus::Client::Helper::MmapedFile file does not exist 
creates

> a file with minimum initial size
>   Failure/Error: expect(File.size(subject.filepath)).to
> eq(subject.send(:initial_mmap_file_size))
>
> expected: 4096
>  got: 16384
>
> (compared using ==)
>   # ./spec/prometheus/client/helpers/mmaped_file_spec.rb:30:in
> `block (3 levels) in '

Fixed upstream in 0.20 and 0.23 is being uploaded to experimental. We 
can close this once we confirm the failures are fixed.

Bug#1039916: ruby-derailed-benchmarks: autopkgtest needs update for new version of ruby-memory-profiler: Could not find 'memory_profiler' (~> 0)

2023-07-08 Thread Pirate Praveen 
On Thu, 29 Jun 2023 16:03:13 +0200 Paul Gevers  
wrote:


> 
┌──┐

>   19s │ Checking Rubygems dependency resolution on ruby3.1
>  │
>   19s
> 
└──┘

>   19s  19s GEM_PATH= ruby3.1 -e gem\ \"derailed_benchmarks\"
>   19s /usr/lib/ruby/vendor_ruby/rubygems/specification.rb:1413:in
> `rescue in block in activate_dependencies': Could not find
> 'memory_profiler' (~> 0) among 102 total gem(s) 
(Gem::MissingSpecError)

>   19s Checked in

This is fixed upstream but the new upstream version adds a new 
dependency dead_end gem. Also gitlab has moved this dependency from 
production to test group in Gemfile, so we can remove this once the 
dependency is dropped from gitlab.

Bug#1033705: golang-gitaly-proto: autopkgtest regression: test dependency ruby-gitaly-proto doesn't exist

2023-07-08 Thread Pirate Praveen 
On Thu, 30 Mar 2023 19:19:44 +0200 Paul Gevers  
wrote:

> autopkgtest [15:18:15]: test command1: preparing testbed
> Reading package lists...
> Building dependency tree...
> Reading state information...
> Correcting dependencies...Starting pkgProblemResolver with broken 
count: 1

> Starting 2 pkgProblemResolver with broken count: 1
> Investigating (0) autopkgtest-satdep:amd64 < 0 @iU K Nb Ib >
> Broken autopkgtest-satdep:amd64 Depends on ruby-gitaly-proto:amd64 <
> none @un H >
>Removing autopkgtest-satdep:amd64 because I can't find
> ruby-gitaly-proto:amd64

ruby-gitaly-proto used to be provided by ruby-gitaly binary package 
built from this source package. But ruby-gitaly binary package is now 
built from gitaly source package which does not provide 
ruby-gitaly-proto.


This was originally packaged as a dependency of gitlab-shell, which no 
longer need golang-gitaly-proto-dev build dependency.


So we can remove this package. I will file an rm request once the build 
dependency is removed from gitlab-shell in unstable.

Bug#1040526: Acknowledgement (grub-pc: update-grub; 40_custom - visible feedback)

2023-07-08 Thread mh 
Am Fri, 07 Jul 2023 10:06:04 +
schrieb "Debian Bug Tracking System" :
...

I need to correct a wrong path:

wrong:

visible as on screen output (like all other kernels found by other
scripts under /etc/40_custom)


right:
***
visible as on screen output (like all other kernels found by other
scripts under /etc/grub.d/)
***

Michael

Bug#1040641: lintiant-brush: crash in debian-watch-file-old-format

2023-07-08 Thread Jelmer Vernooij 
Package: lintian-brush
thanks

On Sat, Jul 08, 2023 at 01:52:52AM +0200, Alexandre Detiste wrote:
> tchet@antec:~/git/boswars$ cat debian/watch
> version=3
> 
> https://www.boswars.org/download.shtml
> dist/releases/boswars-([0-9.]*)-src\.tar\.gz
> 
> 
> 
>  lintian-brush --list-fixers | while read f; do echo $f; lintian-brush $f ; 
> done
> 
> 
> debian-watch-contains-dh_make-template
> No changes made.
> debian-watch-file-is-missing
> No changes made.
> debian-watch-file-old-format
> Traceback (most recent call last):
>   File "/usr/bin/lintian-brush", line 8, in 
> sys.exit(main())
>  ^^
>   File "/usr/lib/python3/dist-packages/lintian_brush/__main__.py",
> line 357, in main
> overall_result = run_lintian_fixers(
>  ^^^
>   File "/usr/lib/python3/dist-packages/lintian_brush/__init__.py",
> line 740, in run_lintian_fixers
> result, summary = run_lintian_fixer(
>   ^^
>   File "/usr/lib/python3/dist-packages/lintian_brush/__init__.py",
> line 462, in run_lintian_fixer
> result = fixer.run(
>  ^^
> TypeError: FormattingUnpreservable.__init__() missing 3 required
> positional arguments: 'path', 'original_contents', and
> 'rewritten_contents'

Bug#1039915: ruby-benchmark-memory: autopkgtest needs update for new version of ruby-memory-profiler: Could not find 'memory_profiler' (~> 0.9)

2023-07-08 Thread Pirate Praveen 

Control: fixed -1 0.2.0-1

On Thu, 29 Jun 2023 16:01:57 +0200 Paul Gevers  
wrote:

> Currently this regression is blocking the migration of
> ruby-memory-profiler to testing [1]. Of course, ruby-memory-profiler
> shouldn't just break your autopkgtest (or even worse, your package), 
but
> it seems to me that the change in ruby-memory-profiler was intended 
and

> your package needs to update to the new situation.

ruby-benchmark-memory 0.2.0-1 was ready in experimental, but missed a 
reupload to unstable. I'm reuploading it to unstable now.

Bug#980733: ukui-panel: Please switch Build-Depends to libsensors-dev (from libsensors4-dev)

2023-07-08 Thread Aurelien Jarno 
control: severity -1 important

Hi,

On 2021-01-21 08:09, Aurelien Jarno wrote:
> Package: ukui-panel
> Version: 3.0.3-1
> Severity: wishlist
> User: aure...@debian.org
> Usertags: libsensors-dev-transition
> 
> 
> Dear maintainer,
> 
> ukui-panel build-depends on libsensors4-dev, the development package
> from lm-sensors. For historical reasons the development package is
> versioned. Following the transition of the library to libsensors5, it
> made sense to rename the development package to libsensors-dev.
> 
> In that regard a libsensors4-dev is now a transitional package depending
> on libsensors-dev. Your package therefore still builds fine. I plan to
> remove this transitional package a bit after the bullseye release, so
> there is no urgency (yet) to do the change, especially with the freeze
> coming. I however prefer to warn a bit in advance. The change should
> just be a matter of running:
> 
>   sed -i -e 's/libsensors4-dev/libsensors-dev/g' debian/control

Any news about that? Now that bookworm has been released, I plan to drop
the transitional package in a few weeks. That will cause ukui-panel to
FTBFS and make this bug serious. In the meantime I am bumping the
severity to important.

Regards
Aurelien

-- 
Aurelien Jarno  GPG: 4096R/1DDD8C9B
aurel...@aurel32.net http://aurel32.net

Bug#1035587: linux: broken AHCI controller on MIPS Loongson 3 (regression from 5.10.162-1)

2023-07-08 Thread Aurelien Jarno 
Hi,

On 2023-06-24 11:46, Aurelien Jarno wrote:
> Hi,
> 
> On 2023-06-19 09:37, Huacai Chen wrote:
> > On Sun, Jun 18, 2023 at 5:24 PM Aurelien Jarno  wrote:
> > >
> > > Hi,
> > >
> > > On 2023-05-07 19:22, Jiaxun Yang wrote:
> > > >
> > > >
> > > > > 2023年5月6日 01:58,YunQiang Su  写道:
> > > > >
> > > > > Aurelien Jarno  于2023年5月6日周六 04:30写道:
> > > > >>
> > > > >> Source: linux
> > > > >> Version: 5.10.178-3
> > > > >> Severity: important
> > > > >> X-Debbugs-Cc: d...@debian.org, debian-m...@lists.debian.org, 
> > > > >> s...@debian.org
> > > > >>
> > > > >> Following the point release, the buildd mipsel-osuosl-03.d.o does not
> > > > >> boot anymore, with errors in the AHCI controller:
> > > > >>
> > > > >> [   35.912147] ata4.00: exception Emask 0x0 SAct 0x2000 SErr 0x0 
> > > > >> action 0x6 frozen
> > > > >> [   35.919769] ata4.00: failed command: WRITE FPDMA QUEUED
> > > > >> [   35.924968] ata4.00: cmd 61/20:e8:00:f0:e1/00:00:00:00:00/40 tag 
> > > > >> 29 ncq dma 16384 out
> > > > >> [   35.924968]  res 40/00:00:00:00:00/00:00:00:00:00/00 
> > > > >> Emask 0x4 (timeout)
> > > > >> [   35.940097] ata4.00: status: { DRDY }
> > > > >> [   35.943743] ata4: hard resetting link
> > > > >>
> > > > >> While that initially looks like a hardware issue, it appears that
> > > > >> reverting the kernel to 5.10.162-1 (from 5.10.178-3) fixes the issue.
> > > > >> Strangely mipsel.osuosl-05.d.o, which seems to be similar hardware 
> > > > >> (CPU,
> > > > >> motherboard and SATA drive), does not exhibit the same issue.
> > > > >>
> > > > >
> > > > > Maybe the different firmwares are used for them...
> > > > > CCed Huacai and Jiaxun.
> > > >
> > > > I’m unable to reproduce on my side. Perhaps different hardware.
> > > > Is it possible to bisect Kernel on that machine to see of reverting 
> > > > that two commits do help?
> > >
> > > I have bisected the issue and I confirm the intuition from Cyril. The
> > > first bad commit is 654ae539254d10042869fdc77ad04c09e7eff1fd. Reverting
> > > both commits (they are linked) indeed fixes the issue.
> > Seems a firmware bug, latest firmware should configure a suitable MRRS.
> 
> Ok, thanks for the feedback. Given it's not a kernel bug, I am closing
> it.
> 
> That said, can someone please send us the procedure to upgrade the
> firmware on this machine, so that we can continue using it as a buildd?

Any news about that? We need to be able to run the latest stable kernel
on the build daemon.

Thanks,
Aurelien

-- 
Aurelien Jarno  GPG: 4096R/1DDD8C9B
aurel...@aurel32.net http://aurel32.net

Bug#1037190: closed by Debian FTP Masters (reply to Martin-Éric Racine ) (Bug#1037190: fixed in dhcpcd 10.0.1-1)

2023-07-08 Thread Martin-Éric Racine 
On Sat, Jul 8, 2023 at 12:42 PM Andreas Beckmann  wrote:
> Thanks for fixng it in sid. Please backport the epoch related changes to
> src:dhcpcd5 and get this fix into bookworm-pu over the next week s.t. it
> can be included in the first point release.

Welcome.

I'm still missing the dhcpcd.preinst patch you submitted. I was
waiting for 10.0.1-1, which was already sitting in NEW, to get
accepted into the archive to merge it. I can do this now.

For bookworm-pu, I welcome feedback on any other cherry-pick since
9.4.1-22 that would be worth including. I'll also need a sponsor to
ensure timely upload for Bookworm's point release.

Martin-Éric

Bug#1039941: debhelper: intermittent dh_missing error

2023-07-08 Thread Niels Thykier 

Control: tags -1 wontfix
Control: retitle -1 debhelper: Parallel d/rules not fully supported

Sven Joachim:

[...]

I think I am beginning to understand where the race condition is.  In
full builds of ncurses it is possible for 'make' to process the
install-arch and binary-indep targets in parallel, which can cause new
files to appear in debian/tmp after "dh_missing -i" has processed the
debian/.debhelper/generated/*/installed-by-* files, but before it
actually reads the contents of debian/tmp.  Those files will then be
falsely reported as not installed.

Probably such a situation is relatively unusual, and I guess dh_missing
has not been designed to handle it.  Will see how best to work around it
in ncurses.

Sven



Hi Sven

Thanks for the report and diagnosing the problem.

Indeed, debhelper was not never built for arbitrary parallelization of 
dh commands or interactions between the commands.  The `dh_missing` tool 
is a lot more susceptible to the problem as it tries to do a "global 
view" analysis



A proper fix in your case is to split the binary-X targets, inject a 
synchronization barrier and run dh_missing on the other side of it. I 
have no clue how to do that reliably in Make while keeping the target 
dependencies correct.



Unfortunately, there is not much I can do to fix this in debhelper as 
debhelper is 80% married to d/rules being a Makefile with arbitrary code 
execution injected "anywhere" and then 20% of features that need this 
not to be the case.

  Indeed, it is a bug/misfeature, but I do not see a way to solve it.

Best regards,
Niels

Bug#1040609: traceroute.db.1: some remarks and editorial fixes for the manual

2023-07-08 Thread GCS 
Hi Bjarni,

On Fri, Jul 7, 2023 at 11:03 PM Bjarni Ingi Gislason  wrote:
> Package: traceroute
> Version: 1:2.1.2-1
> Severity: minor
> Tags: patch
[...]
> here are some notes and fixes for the man page.
 Thanks for all your work. Can you please:
1) Send your patch to traceroute upstream[1]?
2) Alternatively send me the patch as an attachment (do not paste it
inline the email) and I will send your fixes upstream.

Thanks,
Laszlo/GCS
[1] https://sourceforge.net/p/traceroute/patches/

Bug#1037190: closed by Debian FTP Masters (reply to Martin-Éric Racine ) (Bug#1037190: fixed in dhcpcd 10.0.1-1)

2023-07-08 Thread Andreas Beckmann 
Thanks for fixng it in sid. Please backport the epoch related changes to 
src:dhcpcd5 and get this fix into bookworm-pu over the next week s.t. it 
can be included in the first point release.


Thanks.

Andreas

Bug#1037192: sd: version is lower than in squeeze

2023-07-08 Thread Blair Noctis 
On 2023-07-08 17:31, Andreas Beckmann wrote:
> On Thu, 6 Jul 2023 01:58:50 +0800 Blair Noctis  wrote:
>> On Wed, 07 Jun 2023 14:12:08 +0200 Andreas Beckmann  wrote:
>> > Package: sd
>> > Version: 0.7.6-1
> 
>> > squeeze had a sd binary package built from (unrelated) src:sd at
>> > version 0.74-1 while bookworm has one built from src:rust-sd at
>> > version 0.7.6-1 which is lower, violating the archive property of
>> > monotonically increasing version numbers.
> 
>> TIL about that. Do you think I can use epoch here? Or should I change its 
>> name?
> 
> IMO that is one of the correct uses for an epoch, similar to git which also
> reused an old package name (probably predating the git version control).
> 
> Note that the upload needs to be done as 1:0.7.6-2, i.e. with increment of the
> Debian revision to avoid clashes in the .deb file name (in some cases the 
> epoch
> is not part of the file name for historic reasons).

Thanks, I'll go for that.

> 
>> (Sorry about the late reply, the email didn't reach me.)
> 
> And if you don't Cc the submitter, I don't see your reply ;-)

Ha, I'm sending To both the submitter and bug@bugs.d.o so it will _definitely_
be seen ;)

-- 
Sdrager,
Blair Noctis

Bug#1040640: toot: crash with stack dump when posting a JPEG

2023-07-08 Thread debbug . toot 
Package: toot
Version: 0.27.0-1
Severity: important
Tags: upstream
X-Debbugs-Cc: debbug.t...@sideload.33mail.com

I tried to post a JPG image and it crashed with a stack dump:

===8<--
$ torsocks toot post -u b...@example.com -m ./some_pic.jpg -e emacs
Uploading media: ./some_pic.jpg
Traceback (most recent call last):
  File "/usr/bin/toot", line 11, in 
load_entry_point('toot==0.27.0', 'console_scripts', 'toot')()
  File "/usr/lib/python3/dist-packages/toot/console.py", line 550, in main
run_command(app, user, command_name, args)
  File "/usr/lib/python3/dist-packages/toot/console.py", line 532, in 
run_command
return fn(app, user, parsed_args)
  File "/usr/lib/python3/dist-packages/toot/commands.py", line 104, in post
args.text = "\n".join(m['text_url'] for m in media)
TypeError: sequence item 0: expected str instance, NoneType found
===8<--

Notice that it was over a Tor circuit though I don’t suppose that’s
likely a factor.

===8<--
$ identify ./some_pic.jpg 
./some_pic.jpg JPEG 1024x763 1024x763+0+0 8-bit sRGB 26324B 0.000u 0:00.000
===8<--


-- System Information:
Debian Release: 11.5
  APT prefers stable-updates
  APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 
'testing'), (990, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-19-amd64 (SMP w/2 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages toot depends on:
ii  python3   3.9.2-3
ii  python3-bs4   4.9.3-1
ii  python3-requests  2.25.1+dfsg-2
ii  python3-urwid 2.1.2-1
ii  python3-wcwidth   0.1.9+dfsg1-2

toot recommends no packages.

toot suggests no packages.

-- no debconf information

Bug#1040297: gnome: Gnome fails to start on login and falls back to GDM3

2023-07-08 Thread Simon McVittie 
On Thu, 06 Jul 2023 at 09:50:57 +0100, Simon McVittie wrote:
> On Wed, 05 Jul 2023 at 22:44:40 +0200, Bastian Venthur wrote:
> > #5  0x7f134cbe97ce g_utf8_collate_key (libglib-2.0.so.0
> > + 0x8a7ce)
> > #6  0x7f134ccee180 e_source_set_display_name
> > (libedataserver-1.2.so.27 + 0x57180)
> 
> Well, this is messed up - something is setting the display name of an
> ESource (a calendar or address book or something similar) to a value that
> is, apparently, so long that allocating memory for its collation key (a
> version that has been modified to sort in the correct locale-sensitive
> order) will fail.

I wonder whether this is the same root cause as #1040452: glibc (>= 2.37-2)
sometimes generating corrupted locale archives? That might explain why
g_utf8_collate_key() would get nonsense results.

Please try with glibc (>= 2.37-5) which fixes that bug, and maybe this
one too.

smcv

Bug#1037192: sd: version is lower than in squeeze

2023-07-08 Thread Andreas Beckmann 

On Thu, 6 Jul 2023 01:58:50 +0800 Blair Noctis  wrote:

On Wed, 07 Jun 2023 14:12:08 +0200 Andreas Beckmann  wrote:
> Package: sd
> Version: 0.7.6-1



> squeeze had a sd binary package built from (unrelated) src:sd at
> version 0.74-1 while bookworm has one built from src:rust-sd at
> version 0.7.6-1 which is lower, violating the archive property of
> monotonically increasing version numbers.



TIL about that. Do you think I can use epoch here? Or should I change its name?


IMO that is one of the correct uses for an epoch, similar to git which 
also reused an old package name (probably predating the git version 
control).


Note that the upload needs to be done as 1:0.7.6-2, i.e. with increment 
of the Debian revision to avoid clashes in the .deb file name (in some 
cases the epoch is not part of the file name for historic reasons).



(Sorry about the late reply, the email didn't reach me.)


And if you don't Cc the submitter, I don't see your reply ;-)

Please try to get this fixed over the next week including a rebuild for 
bookworm s.t. it can be included in the first point release.



Andreas

Bug#1040639: transition: rocksdb

2023-07-08 Thread GCS 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Control: affects -1 + src:rocksdb
Control: forwarded -1
https://release.debian.org/transitions/html/auto-rocksdb.html

Hi RMs,

Small transition for RocksDB as only two reverse dependencies are in
the archives: balboa and sortmerna.
Both build fine with the rocksdb 8.3.2-1 version already in
experimental. The only thing you might wait for is that it's not yet
started to build on mips64el. I don't expect any failure as it was
built fine on other release architectures.

Regards,
Laszlo/GCS

  1   2   >