date:20230921

Hi Bastian,

I'm playing with the idea of a S3-backed snapshot.d.o implementation
(see #1020217).

Could we use the Debian AWS account to host that service? It would
require one fairly powerful VM, and a large S3 bucket (approximately
150-200 TB).

Best,

Lucas

Bug#1052444: RFA: w-scan-cpp -- DVB channel scanner (successor of w_scan)

2023-09-21 Thread Fab Stz

Package: wnpp
Severity: normal
X-Debbugs-Cc: w-scan-...@packages.debian.org
Control: affects -1 + src:w-scan-cpp

I request an adopter for the w-scan-cpp package (and it's dependency
src:librepfunc see RFA #1052443 )

My device (USB TV/DVB Dongle - RTL_SDR based) which I used with w-scan-cpp 
broke (I don't plan to buy a new one), so I don't have use of w_scan_cpp and 
can't test the package anymore. I can still update it, but can't guarantee 
that the produced binary actually works.

The package description is:
 This is w_scan_cpp - a dtv channel scanner based on VDR (www.tvdr.de)
 and its Plugins.
 .
 w_scan_cpp supports
 .
DVB-T(2), DVB-C, DVB-S(2), ATSC(VSB && QAM)
SAT>IP
SCR ("Unicable") EN-50494 & EN-50607 (aka. "JESS")
DiSEqC switches
DiSEqC rotors (Standard & USALS)
various output formats
VDR channels.conf
VLC channels.xspf
dtv scan tables for dvbv5-scan
channels.dat for the SAT>IP "DVB Viewer Lite for Windows"
(..)
 .
 Some features are more recent than those of w_scan, other outdated features
 were not ported.

Bug#1036737: libsoapysdr0.8: please add Breaks: libsoapysdr0.7 for smoother upgrades from bullseye

2023-09-21 Thread Andreas Beckmann


On 08/09/2023 17.18, Andreas Bombe wrote:

The SoapySDR library and module packages are designed to be
co-installable across SONAME versions and if something prevents that it
is an issue that needs fixing. Could you tell me what the specific
issue was that prevented co-installation?


There is no file conflict or similar issue between the libsoapysdr0.x 
packages, theoretically they would be co-installable.
The problem is in the dependency trees of the 0.7 (bullseye) and 0.8 
(bookworm) packages, there is at least one package in conflict, so the 
dependency trees are not co-installable.
Since this is sometimes hard for apt to figure out properly (and choose 
the "correct" solution: remove the complete old package tree that is in 
conflict (but currently installed)), we have to hint apt with some 
additional Breaks ...


Andreas

Bug#1052443: RFA: librepfunc -- set of C++ classes and utilities for building multimedia tools (dev files)

2023-09-21 Thread Fab Stz

Package: wnpp
Severity: normal
X-Debbugs-Cc: librepf...@packages.debian.org
Control: affects -1 + src:librepfunc

I request an adopter for the librepfunc package (and it's dependent
src:w-scan-cpp)

My device (USB TV/DVB Dongle - RTL_SDR based) which I used with w-scan-cpp 
broke, so I don't have use of w_scan_cpp and can't test the package anymore. I 
can still update it, but can't guarantee that the produced binary actually
works.

The package description is:
 This is a collection of utilities and functions used for example in w-scan-
cpp
 .
 This package contains the files required to build other packages.

Bug#1052413: pyequihash: should maintainer/uploader be turned?

Source: pyequihash
Version: 0.2-2
Followup-For: Bug #1052413
X-Debbugs-Cc: benatt...@gezapig.nl

Dear Maintainer,

sorry for this mistake. This bug can be closed. (don't know how I could do that
with nnn-d...@bugs.debian.org or nnn-close) (I'm using reportbug)


-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-12-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#1052410: psycopg3: should maintainer/uploader be turned?

Source: psycopg3
Version: 3.1.7-4
Followup-For: Bug #1052410
X-Debbugs-Cc: benatt...@gezapig.nl

Dear Maintainer,

sorry for this mistake. This bug can be closed. (don't know how I could do that
with nnn-d...@bugs.debian.org or nnn-close) (I'm using reportbug)


-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-12-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#1052442: python3-airspeed: correction to the short description

Package: python3-airspeed
Severity: minor
X-Debbugs-Cc: benatt...@gezapig.nl

Dear Maintainer,

On the short description.

Please,
Do not include the package name.
Do not include "a".

Please change:
Python Airspeed - a Python template engine
To:
Python template engine

Reference
Debian policy
3.4.1 The single line synopsis
developers reference
6.2.2 The package synopsis, or short description




-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-12-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages python3-airspeed depends on:
ii  python3 3.11.2-1+b1
pn  python3-cachetools  
ii  python3-six 1.16.0-4

python3-airspeed recommends no packages.

python3-airspeed suggests no packages.

Bug#1029681: nvidia-legacy-340xx-driver: Qt5 apps fail to launch with a segfault

2023-09-21 Thread Andreas Beckmann


On 21/09/2023 11.38, jim_p wrote:

First and foremost, sorry for not replying earlier and for not testing the glx
symlink as proposed. The storms, the floods and the power outages that happened
here the first days of September caused enough damage to my hardware that
forced me to make more changes in those 2 weeks than in my entire time with
nvidia, which is more than 10 years.
Long story short, my 9500 died completely and I had to replace it with an ati
6450 that a friend gave me.


Sorry to hear that.


p.s. I thought it would be patched alongside 390 and 470 which were patched for
6.5 a month ago.


I had a patch ready since then, but since 6.5 was only in experimental I 
wanted to wait for feedback on the Qt GLX test before I implement that 
GLX hack properly. Uploaded now without any GLX changes ;-)


So I'll wait for someone still actively using such an old card with Qt 
apps to do these (and maybe some further) tests.



Andreas

Bug#1052210: lxappearance: segfault after upgrade to lxappearance 0.6.3-3

2023-09-21 Thread jim_p

Package: lxappearance
Version: 0.6.3-4
Followup-For: Bug #1052210
X-Debbugs-Cc: pitsior...@outlook.com

Same thing here, the -4 update did not fix the app for me as well. I do not
have gdb installed and I have no idea how to debug something, thus no gdb
output from me.

dmesg output
[  284.595381] lxappearance[3593]: segfault at bd95f804 ip
7f6ed36fbfa4 sp 7ffe885b2dc8 error 5 in
libcairo.so.2.11708.0[7f6ed3697000+e3000] likely on CPU 1 (core 1, socket 0)
[  284.595408] Code: e9 11 29 fb ff 90 31 c0 c3 0f 1f 44 00 00 89 f0 c3 0f 1f
44 00 00 f3 0f 1e fa 8b 47 10 c3 0f 1f 84 00 00 00 00 00 f3 0f 1e fa <8b> 47 14
c3 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 8b 47 1c c3 0f 1f

Then I noticed something in rujasu's output above: the obconf.so lib. So, I
removed lxappearance-obconf and, poof, lxappearance launced like it used to!
Maybe it is time to file a bug report for that package and leave this one
closed.



-- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.4.0-4-amd64 (SMP w/2 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages lxappearance depends on:
ii  libc62.37-10
ii  libdbus-1-3  1.14.10-1
ii  libgdk-pixbuf-2.0-0  2.42.10+dfsg-1+b1
ii  libglib2.0-0 2.78.0-1
ii  libgtk-3-0   3.24.38-5
ii  libx11-6 2:1.8.6-1

Versions of packages lxappearance recommends:
pn  lxde-settings-daemon  

lxappearance suggests no packages.

-- no debconf information

Bug#1052441: zsh: FTBFS with glibc 2.38 on i386 due to missing fmod in libm.a

2023-09-21 Thread Steve Langasek

Package: zsh
Version: 5.9-5
Severity: wishlist
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu mantic ubuntu-patch

Dear maintainers,

In Ubuntu, zsh was failing to build from source on i386 because Ubuntu has
glibc 2.38, and libm.a on i386 is failing to provide the fmod symbol,
causing an inability to link zsh-static.

This is ultimately a bug in glibc, filed in Ubuntu at
.  However,
since i386 is a partial arch in Ubuntu and we don't actually need zsh-static
for anything (but "unfortunately" do need zsh/i386 as a build-dependency of
vlc), rather than spending time getting zsh-static to build again on i386,
and then possibly having to do so again later because i386 and math is a
fragile combination, I found it preferable to just disable the build of
zsh-static on Ubuntu i386.

I've uploaded the attached patch to Ubuntu.  It has been constructed in such
a way that it can be included in Debian without adversely affecting any
Debian builds, and would allow us to keep the zsh package in Ubuntu in sync
with that in Debian.

Please consider applying this patch.  If you don't want to carry this added
complexity in debian/rules that only benefits a downstream distribution,
however, please feel free to close the bug report.

Thanks,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru zsh-5.9/debian/rules zsh-5.9/debian/rules
--- zsh-5.9/debian/rules2023-07-04 18:24:39.0 -0700
+++ zsh-5.9/debian/rules2023-09-21 21:49:44.0 -0700
@@ -48,6 +48,10 @@
 CONFIGFLAGS += --enable-zsh-hash-debug
 endif
 
+ifeq ($(DEB_HOST_ARCH):$(VENDOR),i386:ubuntu)
+   PKGS=-Nzsh-static
+endif
+
 # We first need to check if the package is installed, otherwise the
 # resulting syntax might be invalid. Needed for packages which are
 # also provided by other packages like libncurses-dev and
@@ -55,13 +59,16 @@
 BUILT_USING=$(shell for pkg in libcap-dev libncurses-dev libpcre2-dev 
libc-dev-bin; do dpkg-query -f '$${status}' -W $$pkg 2>&1 | grep -Fq installed 
&& dpkg-query -f '$${source:Package} (= $${source:Version}), ' -W $$pkg; done)
 
 %:
-   dh $@
+   dh $@ $(PKGS)
 
 override_dh_auto_build-arch: build-dynamic build-static
 build-dynamic:
dh_auto_build -B obj
 build-static:
+ifneq (,$(filter zsh-static, $(shell dh_listpackages)))
dh_auto_build -B obj-static
+endif
+   :
 
 override_dh_auto_build-indep:
dh_auto_build -B obj -- pdf
@@ -71,7 +78,9 @@
if dpkg-architecture -qDEB_BUILD_ARCH_OS | grep -qv hurd; then \
HOME="$(CURDIR)/obj/testhome" ZTST_verbose=1 dh_auto_test -B 
obj; \
fi
+ifneq (,$(filter zsh-static, $(shell dh_listpackages)))
HOME="$(CURDIR)/obj-static/testhome" ZTST_verbose=1 dh_auto_test -B 
obj-static || true
+endif
 
 override_dh_auto_test-indep:
 
@@ -79,16 +88,24 @@
chmod 755 configure
mkdir -p obj/testhome obj-static/testhome
dh_auto_configure -B obj -- $(CONFIGFLAGS)
+ifneq (,$(filter zsh-static, $(shell dh_listpackages)))
dh_auto_configure -B obj-static -- $(CONFIGFLAGS) $(STATICFLAGS)
+endif
 
sed -e 's/#define VENDOR "pc"/#define VENDOR "$(VENDOR)"/' \
-   -i obj/config.h obj-static/config.h
+   -i obj/config.h
+ifneq (,$(filter zsh-static, $(shell dh_listpackages)))
+   sed -e 's/#define VENDOR "pc"/#define VENDOR "$(VENDOR)"/' \
+   -i obj-static/config.h
sed -e 's/files.mdd link=no/files.mdd link=static/;s/stat.mdd 
link=no/stat.mdd link=static/' \
-i obj-static/config.modules
+endif
 
 override_dh_auto_clean:
dh_auto_clean -B obj
+ifneq (,$(filter zsh-static, $(shell dh_listpackages)))
dh_auto_clean -B obj-static
+endif
 
 override_dh_installdocs-indep:
dh_installdocs -pzsh-doc --link-doc=zsh-common 
--doc-main-package=zsh-common
@@ -148,12 +165,16 @@
-dRecommends debian/zsh/usr/lib/*/zsh/*/zsh/*.so
 
 execute_after_dh_installdocs-arch:
+ifneq (,$(filter zsh-static, $(shell dh_listpackages)))
awk 'BEGIN { print "The following modules are statically-compiled into 
the static zsh binary:\n"; } /link=static/ { printf "%s (%s %s)\n", 
substr($$1,6), $$4, $$5; }' obj-static/config.modules 
>debian/zsh-static/usr/share/doc/zsh-static/README.Debian
+endif
 
 execute_after_dh_install-arch:
+ifneq (,$(filter zsh-static, $(shell dh_listpackages)))
mv debian/zsh-static/bin/zsh  debian/zsh-static/bin/zsh-static
mv debian/zsh-static/bin/zsh5 debian/zsh-static/bin/zsh5-static
sed -e 's:#!/bin/zsh:#!/bin/zsh-static:' -i 
debian/zsh-static/bin/zsh5-static
+endif
 
find debian/zsh-dev/usr/include/zsh -name '*.h'

Bug#1038974: grub2: Update Linux erases Windows entry in boot list

2023-09-21 Thread Chris Carr

On Thu, 21 Sept 2023, 14:28 Julian Andres Klode, 
wrote:

> Control: retitle -1 grub doesn't run os-prober by default anymore, so no
> more other OS detected
> Control: tag -1 wontfix
>
> On Fri, Jun 23, 2023 at 04:31:55PM -0400, bud wrote:
> > Package: grub2
> > Severity: important
> > File: grub2
> > X-Debbugs-Cc: budheal...@gmail.com
> >
> > Dear Maintainer,
> >
> >* What led up to the situation?
> > I installed the 2023-04-24 weekly build, downloaded the 2023-06-05 build
> and used that as the jigdo base to download bookworm 12.0.0
> > Then I added the 21 DVD images and synaptic suggested adding the online
> main repository. After apt-get update --allow-insecure-repositories, I
> rebooted.
> >* What exactly did you do (or not do) that was effective (or
> >  ineffective)?
> > The computer booted into bookworm. However, the existing option to boot
> Windows is no longer available. Looking in the Advanced options finds the
> prior Linux entry.
> >
> > Compare Bugs #1033985, #1008294 and #250626
> >
> >* What was the outcome of this action?
> > Without a Windows option, there is a suggestion in bug #1033985 that
> os-prober will help set me reset the grub list. Otherwise, the Windows DVD
> will contrarily erase grub. I only added a Linux partition to this laptop
> to investigate a HDMI bug, as this one has HDMI, VGA and DisplayPort
> connectors.
> >* What outcome did you expect instead?
> > Just because the Linux kernel has been updated, any existing entries
> should not be erased - except for the one being replaced.
> >
> > An update should not erase the settings the user or administrator has
> added to customize the system. This looks like a bug.
>
> The followup comment from Chris Carr made me understand that this seems
> to be about the os-prober entries. For security reasons, os-prober is
> no longer run when writing a new grub.cfg.
>
> You can either re-enable it and get exposed to any bug in grub
> filesystem implementations which will then run as root to mount
> any disk attached to the system, or add a /etc/grub.d file that
> echos additional fixed boot entries for your other OS.
>


But this still leaves the user significantly worse off than before the
update. A very small proportion of users will be knowledgeable enough to
write their own /etc/grub.d file without instructions (I'm not) or
confident enough to re-enable OS-prober after the update tells them it's an
attack vector (I am).

It feels like the correct behaviour is to look at the existing entries at
the start of the update and write a grub.d file on the user's behalf. There
aren't going to be many users who want to lose access to an OS on updating
grub.

CC

>

Bug#1052210: lxappearance: still segfaults with same backtrace after upgrade to lxappearance 0.6.3-4

2023-09-21 Thread rujasu

Hello, I can't speak for the original bug reporter here, but I have 
updated to lxappearance 0.6.3-4 and am still seeing a segmentation 
fault, with the same backtrace we were seeing before:


0x76cfbfa4 in cairo_surface_get_content () from 
/lib/x86_64-linux-gnu/libcairo.so.2

(gdb) bt
#0  0x76cfbfa4 in cairo_surface_get_content () at 
/lib/x86_64-linux-gnu/libcairo.so.2
#1  0x77eefe3f in gdk_pixbuf_get_from_surface () at 
/lib/x86_64-linux-gnu/libgdk-3.so.0
#2  0x740f406c in preview_theme () at 
/usr/lib/x86_64-linux-gnu/lxappearance/plugins/obconf.so
#3  0x740f48e6 in preview_update_all () at 
/usr/lib/x86_64-linux-gnu/lxappearance/plugins/obconf.so
#4  0x740f501d in theme_load_all () at 
/usr/lib/x86_64-linux-gnu/lxappearance/plugins/obconf.so
#5  0x740f2792 in plugin_load () at 
/usr/lib/x86_64-linux-gnu/lxappearance/plugins/obconf.so

#6  0xdd6f in plugins_init ()
#7  0x9f43 in main ()

Bug#1052428: node-minimatch: please update to 9.x

2023-09-21 Thread Yadd


On 9/22/23 00:10, Jérémy Lal wrote:

Package: node-minimatch
Version: 5.1.1+~5.1.2-1
Severity: normal

Hi,

nodejs 18.18.0 depends on node-minimatch 9.0.3.

It'd be nice if someone could update that module.

Regards,
Jérémy


Hi,

I'm going to push version 9.0.3 to experimental (breaking changes)

Cheers,
Yadd

Bug#1052440: Request: enable widevine on all architectures if found (patch included)

2023-09-21 Thread theofficialgman

Package: chromium
Version: 117.0.5938.62-1

This is a request to include the patch that Ubuntu added to bionic/snap
back in March of this year. It is a simple patch to the
third_party/widevine/cdm/widevine.gni to no longer hardcode x64 as a
requirement for checking for widevine. This allows the user to supply a
widevine binary on any architecture if they have one. Right now it will not
load one even if the user supplies one on non-x64 architectures.

see:
https://bugs.launchpad.net/ubuntu/bionic/+source/chromium-browser/+bug/2008433
patch:
https://git.launchpad.net/~chromium-team/chromium-browser/+git/snap-from-source/plain/build/chromium-patches/widevine-enable-version-string.patch?h=dev

I would appreciate it if this be backported/included in stable/oldstable as
well.

Thanks,
theofficialgman

Bug#1052436: RM: fcitx-autoeng-ng -- ROM; Dead Upstream; Unused; Low Popcon

Control: close -1

Hi,

On Thu, 21 Sep 2023 21:20:57 -0400 Boyuan Yang  wrote:
> Package: ftp.debian.org
> Control: affects -1 + src:fcitx-autoeng-ng
> X-Debbugs-Cc: fcitx-autoeng...@packages.debian.org
> User: ftp.debian@packages.debian.org
> Usertags: remove
> X-Debbugs-Cc: by...@debian.org z...@debian.org a...@debian.org
> Severity: normal
> 
> 
> Dear Debian FTP Masters,
> 
> After consulting the original packager, we found out that
> https://tracker.debian.org/pkg/fcitx-autoeng-ng has a dead
> upstream and is now completely useless on its intended use
> (as a support library for the proprietary input method Sogou Pinyin).
> As a result, I request this package to be removed from Debian Sid.

With further information from related persons, it looks like this
package may still be useful under certain circumstances although
the future of the software is unclear. Closing the removal request
for now and sorry for the noise.

Regards,
Boyuan Yang


signature.asc
Description: This is a digitally signed message part

Bug#1052435: RM: fcitx-fullwidthchar-enhance -- ROM; Dead Upstream; Unused; Low Popcon

Control: close -1

Hi,

On Thu, 21 Sep 2023 21:20:54 -0400 Boyuan Yang  wrote:
> Package: ftp.debian.org
> Control: affects -1 + src:fullwidthchar-enhance
> X-Debbugs-Cc: fullwidthchar-enha...@packages.debian.org
> User: ftp.debian@packages.debian.org
> Usertags: remove
> X-Debbugs-Cc: by...@debian.org z...@debian.org a...@debian.org
> Severity: normal
> 
> 
> Dear Debian FTP Masters,
> 
> After consulting the original packager, we found out that
> https://tracker.debian.org/pkg/fcitx-fullwidthchar-enhance has a dead
> upstream and is now completely useless on its intended use
> (as a support library for the proprietary input method Sogou Pinyin).
> As a result, I request this package to be removed from Debian Sid.
> 
> Thanks,
> Boyuan Yang

With further information from related persons, it looks like this
package may still be useful under certain circumstances although
the future of the software is unclear. Closing the removal request
for now and sorry for the noise.

Regards,
Boyuan Yang


signature.asc
Description: This is a digitally signed message part

Bug#1052439: ITP: riscemu -- RISC-V emulator in python

2023-09-21 Thread Bo YU

Package: wnpp
Severity: wishlist
Owner: Bo YU 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: riscemu
  Version : 2.1.1
  Upstream Contact: Anton Lydike 
* URL : https://github.com/AntonLydike/riscemu
* License : MIT
  Programming Lang: Python
  Description : RISC-V emulator in python

Implementing a basic RISC-V emulator, aimed at being easily extendable. Check 
out the docs at readthedocs or riscemu.datenvorr.at.

This emulator contains:

* RISC-V Assembly parser
* RISC-V Assembly loader
* Emulation for most parts of the basic RISC-V instruction set and the 
M and A extensions
* Naive memory emulator
* Basic implementation of some syscalls
* A debugging environment

This package will get maintained within the Debian Python Team.

-- 
Regards,
--
  Bo YU



signature.asc
Description: PGP signature

Bug#1052438: RFS: libkysdk-base/2.2.0.1-1 -- common files for kylin sdk base library

2023-09-21 Thread 席博文

Package: sponsorship-requests Severity: normal Dear mentors, I am looking for a 
sponsor for my package "libkysdk-base":  * Package name : libkysdk-base
Version  : 2.2.0.1-1Upstream contact : Zhikai Chen 
https://gitee.com/openkylin/libkysdk-base  * License  : LGPL-3+  * Vcs  
: https://gitee.com/openkylin/libkysdk-baseSection  : 
libs The source builds the following binary packages:   libkysdk-base2 - Kylin 
SDK basic library   libkysdk-base-dev - development files for libkysdk-base   
libkysdk-base-common - common files for kylin sdk base library To access 
further information about this package, please visit the following URL:   
https://mentors.debian.net/package/libkysdk-base/ Alternatively, you can 
download the package with 'dget' using this command:   dget -x 
https://mentors.debian.net/debian/pool/main/libk/libkysdk-base/libkysdk-base_2.2.0.1-1.dsc
 Changes since the last upload:  libkysdk-base (2.2.0.1-1) unstable; 
urgency=medium  .* Update libs soname version.* Fix compile error on 
armhf and ppc64el.* d/control:  - Add libkysdk-base-common.  - Add 
Multi-Arch. Regards, --xibowen

Bug#1036256: golang-github-pin-tftp: FTBFS in testing

2023-09-21 Thread Arnaud Rebillout

On Mon, 18 Sep 2023 09:23:19 -0300 Thiago Andrade  
wrote:

> I'm waiting for this upgrade. After I'll try to upgrade gobuster to
> 3.6.0 version.

Hello Thiago,

the new package was uploaded and is now in unstable.

However, after manually triggering the autopkgtests two times, I noticed 
that a test failed (2 times, on a different architecture each time, cf 
ppc64el and riscv64 logs at [1]). So it still looks like a test is 
flaky, or maybe there's a bug in the code. I pinged upstream to see if 
they can help [2].

Cheers,

Arnaud

--

[1] https://ci.debian.net/packages/g/golang-github-pin-tftp/

[2] https://github.com/pin/tftp/issues/87

Bug#1052436: RM: fcitx-autoeng-ng -- ROM; Dead Upstream; Unused; Low Popcon

Package: ftp.debian.org
Control: affects -1 + src:fcitx-autoeng-ng
X-Debbugs-Cc: fcitx-autoeng...@packages.debian.org
User: ftp.debian@packages.debian.org
Usertags: remove
X-Debbugs-Cc: by...@debian.org z...@debian.org a...@debian.org
Severity: normal


Dear Debian FTP Masters,

After consulting the original packager, we found out that
https://tracker.debian.org/pkg/fcitx-autoeng-ng has a dead
upstream and is now completely useless on its intended use
(as a support library for the proprietary input method Sogou Pinyin).
As a result, I request this package to be removed from Debian Sid.

Thanks,
Boyuan Yang


signature.asc
Description: This is a digitally signed message part

Bug#1052435: RM: fcitx-fullwidthchar-enhance -- ROM; Dead Upstream; Unused; Low Popcon

Package: ftp.debian.org
Control: affects -1 + src:fullwidthchar-enhance
X-Debbugs-Cc: fullwidthchar-enha...@packages.debian.org
User: ftp.debian@packages.debian.org
Usertags: remove
X-Debbugs-Cc: by...@debian.org z...@debian.org a...@debian.org
Severity: normal


Dear Debian FTP Masters,

After consulting the original packager, we found out that
https://tracker.debian.org/pkg/fcitx-fullwidthchar-enhance has a dead
upstream and is now completely useless on its intended use
(as a support library for the proprietary input method Sogou Pinyin).
As a result, I request this package to be removed from Debian Sid.

Thanks,
Boyuan Yang


signature.asc
Description: This is a digitally signed message part

Bug#1052172: gnome-terminal: crash during scroll-up

2023-09-21 Thread Patrice Duroux

Ok, I think some updates have been applied in between.
Now is attached the output file of:
#coredumpctl debug --debugger-arguments="-batch -ex 'bt full'" > output

that corresponds to a new crash with:
#apt --installed list | grep 'libvte'
libvte-2.91-0-dbgsym/now 0.74.0-1+fix amd64 [installé, pouvant être
mis à jour vers : 0.74.0-2]libvte-2.91-0/now 0.74.0-1+fix amd64
[installé, pouvant être mis à jour vers : 0.74.0-2]
libvte-2.91-common-dbgsym/now 0.74.0-1+fix amd64 [installé, pouvant
être mis à jour vers : 0.74.0-2]
libvte-2.91-common/now 0.74.0-1+fix amd64 [installé, pouvant être mis
à jour vers : 0.74.0-2]
libvte-2.91-gtk4-0-dbgsym/now 0.74.0-1+fix amd64 [installé, pouvant
être mis à jour vers : 0.74.0-2]
libvte-2.91-gtk4-0/now 0.74.0-1+fix amd64 [installé, pouvant être mis
à jour vers : 0.74.0-2]
libvterm0/unstable,now 0.1.4-1 amd64  [installé, automatique]


Le jeu. 21 sept. 2023 à 23:24, Samuel Thibault  a écrit :
>
> Patrice Duroux, le jeu. 21 sept. 2023 19:14:25 +0200, a ecrit:
> > Sorry sure !
> > Here it is:
>
> Mmm, the line numbers do not match. Could you check
>
> dpkg -l libvte\*
>
> ?


output
Description: Binary data

Bug#1052172: gnome-terminal: crash during scroll-up

Patrice Duroux, le ven. 22 sept. 2023 00:51:19 +0200, a ecrit:
> Ok, I think some updates have been applied in between.
> Now is attached the output file of:
> #coredumpctl debug --debugger-arguments="-batch -ex 'bt full'" > output

Ok, it's all good now... Except that all the useful information was
optimized away by the compiler :) I have rebuilt the package with no
optimization, could you retry?

(also, how do you reproduce it? I'm using mate-terminal all day long,
and not seeing any crash, so I'm probably not using software that
reproduce the issue)

Samuel

Bug#1052198: libvte-2.91-0: swallowed characters on libreadline editing

Christoph Anton Mitterer, le jeu. 21 sept. 2023 22:56:31 +0200, a ecrit:
> It's a bit weird, I can *no* longer reproduce it.

I can't either, be it with or without my patches.

Samuel

Bug#1051236: proftpd-core: SSH key exchanges fail unexpectedly with "unable to write X bytes of raw data"

2023-09-21 Thread Preuße


On 04.09.2023 22:10, Jeremy Lecour wrote:

Hi,


After upgrading to Debian 12, my SFTP client stopped working with
errors when connecting.

I've opened a GitHub issue and the problem has been solved.
https://github.com/proftpd/proftpd/issues/1694

It will even be backported to the 1.3.8 branch, so I hope that it
might be available in an upcoming update in Debian 12.

I'll try to push more fixes into deb12u2 and eventually release it to 
the next point release. Unfortunately I'm quite busy working on other 
issues, my developer box was down etc. I'll try to look into it.


Hilmar
--
sigfault



OpenPGP_signature
Description: OpenPGP digital signature

Bug#1052298: metafun.mp refers to inexistent metafun.mpii

2023-09-21 Thread Preuße


On 20.09.2023 05:30, Stéphane Glondu wrote:

Hi Stéphane,


While investigating why mlpost now FTBFS (#1052232), I realized that
file /usr/share/texmf/metapost/context/base/mpiv/metafun.mpiv refers
to a "metafun.mpii" which doesn't exist.



I did a "grep -r metafun.mpii 
/home/hille/devel/TeXLive/github/context/texmf-dist" and the only 
relevant occurence of metafun.mpii is in


/home/hille/devel/TeXLive/github/context/texmf-dist/metapost/context/base/common/metafun.mp

, which reads:


if known metafunversion : endinput ; fi ;

if known mplib :
input metafun.mpiv
else :
input metafun.mpii
fi ;


I do not know anything about metafun, but my impression is that you need 
to load a lib to combine metafun and mkiv. Please try to figure that 
yourself, I can't help here and I don't think we look at a general bug here.


Hilmar
--
sigfault



OpenPGP_signature
Description: OpenPGP digital signature

Bug#1041242: libheif1: 1.16.2-1+b1 breaks displaying any pictures

2023-09-21 Thread Christoph Anton Mitterer

Hey.

Any chance to cherry pick the fixing commit from upstream and upload a
new version with that to unstable?

Thanks,
Chris.

Bug#1051679: gdm3: No accessibility on login screen

2023-09-21 Thread Jeremy Lincicome


Package: gdm3
Followup-For: Bug #1051679

Dear Maintainer,

This bug is fixed in Version: 45.0.1-1

Accessibility works as expected.

-- System Information:
Debian Release: trixie/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.5.0-1-amd64 (SMP w/2 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE 
not set

Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gdm3 depends on:
ii accountsservice 23.13.9-4
ii adduser 3.137
ii dbus [default-dbus-system-bus] 1.14.10-1
ii dbus-bin 1.14.10-1
ii dbus-daemon 1.14.10-1
ii dconf-cli 0.40.0-4
ii dconf-gsettings-backend 0.40.0-4
ii debconf [debconf-2.0] 1.5.82
ii gir1.2-gdm-1.0 45.0.1-1
ii gnome-session [x-session-manager] 45.0-1
ii gnome-session-bin 45.0-1
ii gnome-session-common 45.0-1
ii gnome-settings-daemon 45.0-1
ii gnome-shell 44.5-1
ii gnome-terminal [x-terminal-emulator] 3.50.0-1
ii gsettings-desktop-schemas 45.0-1
ii libaccountsservice0 23.13.9-4
ii libaudit1 1:3.1.1-1
ii libc6 2.37-10
ii libcanberra-gtk3-0 0.30-10
ii libcanberra0 0.30-10
ii libgdk-pixbuf-2.0-0 2.42.10+dfsg-1+b1
ii libgdm1 45.0.1-1
ii libglib2.0-0 2.78.0-2
ii libglib2.0-bin 2.78.0-2
ii libgtk-3-0 3.24.38-5
ii libgudev-1.0-0 238-2
ii libkeyutils1 1.6.3-2
ii libpam-modules 1.5.2-7
ii libpam-runtime 1.5.2-7
ii libpam-systemd [logind] 254.4-1
ii libpam0g 1.5.2-7
ii librsvg2-common 2.54.7+dfsg-2
ii libselinux1 3.5-1
ii libsystemd0 254.4-1
ii libx11-6 2:1.8.6-1
ii libxau6 1:1.0.9-1
ii libxcb1 1.15-1
ii libxdmcp6 1:1.1.2-3
ii mlterm [x-terminal-emulator] 3.9.3-1
ii mutter [x-window-manager] 44.5-1
ii polkitd 123-1
ii procps 2:4.0.3-1
ii systemd-sysv 254.4-1
ii ucf 3.0043+nmu1
ii x11-common 1:7.7+23
ii x11-xserver-utils 7.7+9+b1
ii xiterm+thai [x-terminal-emulator] 1.10-2+b2
ii xterm [x-terminal-emulator] 384-1

Versions of packages gdm3 recommends:
ii at-spi2-core 2.50.0-1
ii desktop-base 12.0.6+nmu1
ii gnome-session [x-session-manager] 45.0-1
ii x11-xkb-utils 7.7+7
ii xserver-xephyr 2:21.1.8-1
ii xserver-xorg 1:7.7+23
ii zenity 3.44.2-1

Versions of packages gdm3 suggests:
pn libpam-fprintd 
ii libpam-gnome-keyring 42.1-1+b2
pn libpam-pkcs11 
pn libpam-sss 
ii orca 45.0-1

-- debconf information:
gdm3/daemon_name: /usr/sbin/gdm3
* shared/default-x-display-manager: gdm3

Bug#1050590: marked as done (liferea: Having plugin Webkit Setting enabled crashes on startup "libsoup2 and libsoup3 in the same process")

2023-09-21 Thread Martin Bergström


Sorry, trying 1.15.3-1 the bug persists.

Reading the upstream bug report I expected the application to crash if I 
activated the plugin, so that's fine.


However I also expected to be able to launch the application again with 
the plugin automatically disabled on startup. This is not the case, the 
application still crashes just as before.


/Martin

P.S. Sorry to anyone receiving these emails at martin-at-bredband.net, 
my ~/.reportbugrc was misconfigured when I filed the report.

Bug#1052434: qttools-opensource-src: FTBFS on hppa - No rule to make target 'assistant.qch'

2023-09-21 Thread John David Anglin

Source: qttools-opensource-src
Severity: normal
Tags: ftbfs

Dear Maintainer,

Build fails here:

g++ -c -g -O2 -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 
-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 
-DTESTBINDIR=\"/<>/bin\" -g -O2 
-ffile-prefix-map=/<>=. -Wformat -Werror=format-security 
-Wdate-time -D_FORTIFY_SOURCE=2 -std=c++1z -fno-exceptions -Wall -Wextra -Wvla 
-Wdate-time -Wshift-overflow=2 -Wduplicated-cond -Wno-stringop-overflow 
-Wno-format-overflow -D_REENTRANT -fPIC -DQT_NO_LINKED_LIST 
-DQT_NO_JAVA_STYLE_ITERATORS -DQT_NO_LINKED_LIST -DBROWSER_QTEXTBROWSER 
-DQT_NO_NARROWING_CONVERSIONS_IN_CONNECT -DQT_NO_EXCEPTIONS 
-D_LARGEFILE64_SOURCE -D_LARGEFILE_SOURCE -DQT_NO_DEBUG -DQT_HELP_LIB 
-DQT_PRINTSUPPORT_LIB -DQT_WIDGETS_LIB -DQT_GUI_LIB -DQT_NETWORK_LIB 
-DQT_SQL_LIB -DQT_CORE_LIB -I. -I../../shared/fontpanel -I../../../include 
-I../../../include/QtHelp -I/usr/include/hppa-linux-gnu/qt5 
-I/usr/include/hppa-linux-gnu/qt5/QtPrintSupport 
-I/usr/include/hppa-linux-gnu/qt5/QtWidgets 
-I/usr/include/hppa-linux-gnu/qt5/QtGui 
-I/usr/include/hppa-linux-gnu/qt5/QtNetwork 
-I/usr/include/hppa-linux-gnu/qt5/QtSql 
-I/usr/include/hppa-linux-gnu/qt5/QtCore -I.moc -I.uic 
-I/usr/lib/hppa-linux-gnu/qt5/mkspecs/linux-g++ -o .obj/stdinlistener.o 
stdinlistener.cpp
make[4]: *** No rule to make target 'assistant.qch', needed by 
'.rcc/qrc_assistant.cpp'.  Stop.
make[4]: *** Waiting for unfinished jobs
g++ -c -include .pch/Qt5Designer -g -O2 -Wformat -Werror=format-security 
-Wdate-time -D_FORTIFY_SOURCE=2 -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 
-DTESTBINDIR=\"/<>/bin\" -g -O2 
-ffile-prefix-map=/<>=. -Wformat -Werror=format-security 
-Wdate-time -D_FORTIFY_SOURCE=2 -std=c++1z -fvisibility=hidden 
-fvisibility-inlines-hidden -fno-exceptions -Wall -Wextra -Wvla -Wdate-time 
-Wshift-overflow=2 -Wduplicated-cond -Wno-stringop-overflow 
-Wno-format-overflow -D_REENTRANT -fPIC -DQT_NO_LINKED_LIST 
-DQT_NO_JAVA_STYLE_ITERATORS -DQT_NO_LINKED_LIST -DQDESIGNER_SDK_LIBRARY 
-DQDESIGNER_EXTENSION_LIBRARY -DQDESIGNER_UILIB_LIBRARY 
-DQDESIGNER_SHARED_LIBRARY -DQT_DESIGNER -DQT_USE_QSTRINGBUILDER 
-DQT_NO_NARROWING_CONVERSIONS_IN_CONNECT -DQT_BUILD_DESIGNER_LIB 
-DQT_BUILDING_QT -DQT_NO_CAST_TO_ASCII -DQT_ASCII_CAST_WARNINGS -DQT_MOC_COMPAT 
-DQT_DEPRECATED_WARNINGS -DQT_DISABLE_DEPRECATED_BEFORE=0x05 
-DQT_DEPRECATED_WARNINGS_SINCE=0x06 -DQT_NO_EXCEPTIONS 
-D_LARGEFILE64_SOURCE -D_LARGEFILE_SOURCE -DQT_NO_DEBUG -DQT_UIPLUGIN_LIB 
-DQT_WIDGETS_LIB -DQT_GUI_LIB -DQT_XML_LIB -DQT_CORE_LIB -DQT_UIPLUGIN_LIB 
-DQT_WIDGETS_LIB -DQT_GUI_LIB -DQT_CORE_LIB -I. -Iextension -Isdk -Ishared 
-I../../../shared/qtpropertybrowser -I../../../shared/deviceskin 
-I../../../shared/findwidget -I../../../shared/qtgradienteditor -Iuilib 
-I../../../../include -I../../../../include/QtDesigner 
-I../../../../include/QtDesigner/5.15.10 
-I../../../../include/QtDesigner/5.15.10/QtDesigner 
-I../../../../include/QtUiPlugin 
-I/usr/include/hppa-linux-gnu/qt5/QtWidgets/5.15.10 
-I/usr/include/hppa-linux-gnu/qt5/QtWidgets/5.15.10/QtWidgets 
-I/usr/include/hppa-linux-gnu/qt5/QtGui/5.15.10 
-I/usr/include/hppa-linux-gnu/qt5/QtGui/5.15.10/QtGui 
-I/usr/include/hppa-linux-gnu/qt5/QtCore/5.15.10 
-I/usr/include/hppa-linux-gnu/qt5/QtCore/5.15.10/QtCore 
-I/usr/include/hppa-linux-gnu/qt5 -I/usr/include/hppa-linux-gnu/qt5/QtWidgets 
-I/usr/include/hppa-linux-gnu/qt5/QtGui -I/usr/include/hppa-linux-gnu/qt5/QtXml 
-I/usr/include/hppa-linux-gnu/qt5/QtCore -I.moc -I.uic 
-I/usr/lib/hppa-linux-gnu/qt5/mkspecs/linux-g++ -o .obj/moc_codedialog_p.o 
.moc/moc_codedialog_p.cpp
g++ -c -include .pch/Qt5Designer -g -O2 -Wformat -Werror=format-security 
-Wdate-time -D_FORTIFY_SOURCE=2 -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 
-DTESTBINDIR=\"/<>/bin\" -g -O2 
-ffile-prefix-map=/<>=. -Wformat -Werror=format-security 
-Wdate-time -D_FORTIFY_SOURCE=2 -std=c++1z -fvisibility=hidden 
-fvisibility-inlines-hidden -fno-exceptions -Wall -Wextra -Wvla -Wdate-time 
-Wshift-overflow=2 -Wduplicated-cond -Wno-stringop-overflow 
-Wno-format-overflow -D_REENTRANT -fPIC -DQT_NO_LINKED_LIST 
-DQT_NO_JAVA_STYLE_ITERATORS -DQT_NO_LINKED_LIST -DQDESIGNER_SDK_LIBRARY 
-DQDESIGNER_EXTENSION_LIBRARY -DQDESIGNER_UILIB_LIBRARY 
-DQDESIGNER_SHARED_LIBRARY -DQT_DESIGNER -DQT_USE_QSTRINGBUILDER 
-DQT_NO_NARROWING_CONVERSIONS_IN_CONNECT -DQT_BUILD_DESIGNER_LIB 
-DQT_BUILDING_QT -DQT_NO_CAST_TO_ASCII -DQT_ASCII_CAST_WARNINGS -DQT_MOC_COMPAT 
-DQT_DEPRECATED_WARNINGS -DQT_DISABLE_DEPRECATED_BEFORE=0x05 
-DQT_DEPRECATED_WARNINGS_SINCE=0x06 -DQT_NO_EXCEPTIONS 
-D_LARGEFILE64_SOURCE -D_LARGEFILE_SOURCE -DQT_NO_DEBUG -DQT_UIPLUGIN_LIB 
-DQT_WIDGETS_LIB -DQT_GUI_LIB -DQT_XML_LIB -DQT_CORE_LIB -DQT_UIPLUGIN_LIB 
-DQT_WIDGETS_LIB -DQT_GUI_LIB -DQT_CORE_LIB -I. -Iextension -Isdk -Ishared 
-I../../../shared/qtpropertybrowser -I../../../shared/deviceskin 
-I../../../shared/findwidget -I../../../shared/qtgradienteditor -Iuilib 
-I../../../../include -I../../../../inc

Bug#1052198: libvte-2.91-0: swallowed characters on libreadline editing

2023-09-21 Thread Egmont Koblinger

Hi,

> It's a bit weird, I can *no* longer reproduce it.

VTE's emulation behavior didn't change recently. Bash/Readline could
have changed, I don't know (might be interesting to check their Ubuntu
packages' changelogs). Or you're executing somewhat different steps.

If the printed prompt is exactly the same (including all the bells and
whistles that it prints, like the username, hostname, working
directory, previous command's exit value, background job stuff), and
the terminal width is exactly the same (is it?), and you're pressing
the same keys to invoke the same previous commands or editing the
current command in the exact same way, then you should see the exact
same behavior. Any difference in any of these could make the bug
appear or vanish.

Also make sure that the previous command's output ended with a
newline, that is, the prompt begins in the first column. Otherwise
it's common to see misbehavior while editing.

> @Samuel, could you please also try whether you can still reproduce it?
> If not, I'd say we might close the issue.

By now we are sure that we're talking about two separate issues. The
line editing misbehavior is surely independent from Samuel's patch.
You casually mentioned that you saw a crash, that one is probably
caused by that patch, but there's no stack trace here, and we already
have two other bugreports that focus on that crash and contain way
more information.

> That's interesting... why do you think so? The command substitution
> should also be bash, and I'd have thus expected \[ and \] inside it
> have therefore the same representation as outside and should thus be
> identical?

Vague memories from things I saw multiple times, maybe in bash's doc,
maybe on forums, I can't recall. I might be wrong. Actually, I might
mistake it with the prompt string you pass to readline if you're
programming against that library. In that case your prompt looks good
to me. Sorry, it's too late here and I'm too tired to look it up or
investigate right now.


cheers,
e.

Bug#1052172: gnome-terminal: crash during scroll-up

Patrice Duroux, le jeu. 21 sept. 2023 19:14:25 +0200, a ecrit:
> Sorry sure !
> Here it is:

Mmm, the line numbers do not match. Could you check

dpkg -l libvte\*

?

Bug#1052433: bookworm-pu: package pam/1.5.2-6+deb12u1

2023-09-21 Thread Sam Hartman

Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: p...@packages.debian.org, Guido Berhoerster 

Control: affects -1 + src:pam


[ Reason ]

Before the bookworm freeze, I introduced a --disable option to pam-auth-update 
so you could programatically disable a pam profile.  (You can also muck around 
in debconf and then call pam-auth-update --package, at least under some 
circumstances, but this is a better interface.)
Unfortunately, I had a bug,  and the next time pam-auth-update is run, the 
profile will be enabled again.

The fix is trivial and is covered by a updated autopkgtest.
Debian-edu says they would like this change in bookworm so they can
disable ldap auth in favor of Kerberos.  I think this is low risk.

I have also included translation updates.


[ Impact ]

Debian-edu will have to work around this somehow.  The new --disable option 
won't work in many situations.

[ Tests ]

Autopkgtests have been updated to confirm the fix; I confirmed the old code 
fails and the new code passes.
I've also tested manually.



[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

[ Changes ]
git diff debian/1.2.5-6..HEAD

diff --git a/debian/changelog b/debian/changelog
index 83794f03..22c1699d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+pam (1.5.2-6+deb12u1) bookworm; urgency=medium
+
+  * Fix pam-auth-update --disable logic error, Closes: #1039873
+  * Set myself as maintainer; thanks Steve for past and future work.
+  * Updated Turkish Debconf translations, Thanks Atila KOÇ, Closes: #1029002
+
+ -- Sam Hartman   Thu, 21 Sep 2023 14:55:12 -0600
+
 pam (1.5.2-6) unstable; urgency=medium
 
   * Update debian/copyright, Thanks Bastian Germann, Closes: #460232
diff --git a/debian/control b/debian/control
index 4b685f16..9cdc3f81 100644
--- a/debian/control
+++ b/debian/control
@@ -1,8 +1,8 @@
 Source: pam
 Section: libs
 Priority: optional
-Uploaders: Sam Hartman 
-Maintainer: Steve Langasek 
+Maintainer: Sam Hartman 
+Uploaders: Steve Langasek 
 Standards-Version: 4.6.0
 Build-Depends: debhelper-compat (= 13), dh-exec, quilt, flex, libdb-dev, 
libcrypt-dev, libselinux1-dev [linux-any], po-debconf, dh-autoreconf, 
autopoint, libaudit-dev [linux-any] , pkg-config, libfl-dev, 
libfl-dev:native, docbook-xsl, docbook-xml, xsltproc, libxml2-utils, w3m
 Build-Conflicts-Indep: fop
diff --git a/debian/local/pam-auth-update b/debian/local/pam-auth-update
index b3de86e7..ac00b1c9 100644
--- a/debian/local/pam-auth-update
+++ b/debian/local/pam-auth-update
@@ -162,7 +162,9 @@ push(@enabled,
 # Disable anything explicitly disabled
 @enabled = grep {!$to_disable{$_} } @enabled;
 # And we've seen anything we disable
-delete @seen{ keys %to_disable};
+foreach my $i (keys %to_disable) {
+$seen{$i} = 1;
+}
 
 # an empty module set is an error, so in that case grab all the defaults
 if (!@enabled) {
diff --git a/debian/po/tr.po b/debian/po/tr.po
index 0bd9b64c..19b0c1ef 100644
--- a/debian/po/tr.po
+++ b/debian/po/tr.po
@@ -1,48 +1,40 @@
-# Debconf questions for the Linux-PAM package.
-# Copyright (C) 2007 Steve Langasek 
+# Turkish translation of pam.
 # This file is distributed under the same license as the pam package.
-# Mert Dirik , 2008.
+# Mert Dirik , 2008, 2014.
 #
 msgid ""
 msgstr ""
-"Project-Id-Version: pam 0.99.7.1-5\n"
+"Project-Id-Version: pam\n"
 "Report-Msgid-Bugs-To: p...@packages.debian.org\n"
-"POT-Creation-Date: 2021-02-26 10:32-0500\n"
-"PO-Revision-Date: 2014-08-01 14:42+0200\n"
-"Last-Translator: Mert Dirik \n"
-"Language-Team: Debian L10n Turkish \n"
+"POT-Creation-Date: 2021-03-15 18:23-0400\n"
+"PO-Revision-Date: 2022-12-26 12:26+0300\n"
+"Last-Translator: Atila KOÇ \n"
 "Language: tr\n"
+"Language-Team: Debian L10n Turkish \n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
-"Plural-Forms: nplurals=1; plural=0;\n"
-"X-Generator: Poedit 1.5.4\n"
+"X-Generator: Poedit 2.4.2\n"
+"Plural-Forms: nplurals=2; plural=(n > 1);\n"
 
 #. Type: string
 #. Description
 #: ../libpam0g.templates:1001
 msgid "Services to restart for PAM library upgrade:"
-msgstr ""
-"PAM kitaplığının yükseltilmesi için yeniden başlatılacak olan hizmetler:"
+msgstr "PAM kitaplığının yükseltilmesi için yeniden başlatılacak hizmetler:"
 
 #. Type: string
 #. Description
 #: ../libpam0g.templates:1001
-#, fuzzy
-#| msgid ""
-#| "Most services that use PAM need to be restarted to use modules built for "
-#| "this new version of libpam.  Please review the following space-separated "
-#| "list of init.d scripts for services to be restarted now, and correct it "
-#| "if needed."
 msgid ""
 "Most services that use PAM need to be restarted to use modules built for "
 "this new version of libpam.  Please revi

Bug#1052198: libvte-2.91-0: swallowed characters on libreadline editing

2023-09-21 Thread Christoph Anton Mitterer

Hey there.

It's a bit weird, I can *no* longer reproduce it.

I have now (and everything else except libheif* at the current versions
of unstable):
libvte-2.91-0:amd64 0.74.0-2
gnome-terminal 3.50.0-1

If I use my original PS1 and the command I've mentioned before, go back
with the Up key and then remove the "2"... everything seems fine.


@Samuel, could you please also try whether you can still reproduce it?
If not, I'd say we might close the issue.



@Egmont, sorry, I hadn't seen you reply to the bug (Deb BTS is...
well...).

I now tried with xterm (where the issue doesn't appear, but as I've
said, I cannot even reproduce it with gnome-terminal anymore.

> In fact, I _think_ the culprit is that inside command substitution
> stuff, a.k.a.. $(...), nonprintable characters need to be enclosed
> within the raw bytes 0x01 and 0x02, rather than the two-character
> sequences \[ and \]. Not entirely sure, though.

That's interesting... why do you think so? The command substitution
should also be bash, and I'd have thus expected \[ and \] inside it
have therefore the same representation as outside and should thus be
identical?


Cheers,
Chris.

Bug#1052421: ITP: control -- Python Control Systems Library

2023-09-21 Thread Andrey Rakhmatullin

On Thu, Sep 21, 2023 at 08:37:53PM +, Kurva Prashanth wrote:
> It seems debian python team following certain convention when naming
> packages for python modules, libraries prefixed with "python-" and
> python3 packages are prefixed with "pyhton3-".
python3- prefixes for binary packages are mandated by
https://www.debian.org/doc/packaging-manuals/python-policy/index.html#module-package-names
There is no requirement for source packages to be prefixed with python-,
but it's often done e.g. to not pollute the source package namespace,
which makes total sense in your case.

> will use python3-control over python-control as it's a python3 package.
This goes against the current practice.

Bug#1052432: netavark: Upgrade to version 1.6 or later

2023-09-21 Thread Reinhard Tartler

Package: netavark
Version: 1.4.0-4
Severity: normal
X-Debbugs-Cc: none, Reinhard Tartler 

It would be great to upgrade the package to newer upstream version. I
could really need a hand with packaging the necessary
dependencies. Let's use this bug for tracking what needs to be done.


-- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (500, 'testing'), (50, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.4.0-4-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages netavark depends on:
ii  libc6  2.37-8
ii  libgcc-s1  13.2.0-3

Versions of packages netavark recommends:
ii  aardvark-dns  1.4.0-5

netavark suggests no packages.

-- no debconf information

Bug#1052431: RFP: rust-tonic -- rust implementation of gRPC

2023-09-21 Thread Reinhard Tartler

Package: wnpp
Severity: wishlist

* Package name: rust-tonic
  Version : 0.9
* URL or Web page : https://github.com/hyperium/tonic
* License : MIT
  Description : rust implementation of gRPC


Hey folks, I need help packaging tonic.

This package requires axum, for which I've filed #1052404. Tonic is
needed by newer versions of netavark (which is the userspace network
stack for podman, the alternative to docker).


Can someone please give me a hand with getting tonic into Debian?

Thanks!

Bug#1052421: ITP: control -- Python Control Systems Library

2023-09-21 Thread Kurva Prashanth

On 2023-09-22 00:09, Andrey Rakhmatullin wrote:
> On Thu, Sep 21, 2023 at 08:20:20PM +0200, Christoph Biedl wrote:
>> > * Package name: control
>> >   Version : 0.9.4
>> >   Upstream Author : > > >
>> > * URL : http://python-control.org/
>> 
>> While I cannot judge whether this package is a sensible addition to
>> Debian - I strongly ask you to re-consider the package name as "control"
>> can apply to many different areas, and is therefore not helping when
>> trying to figure if that package helps in a particular situation.
>> Also, as there's the debian/control file in each source package, this
>> will create some confusion and possibly even to users asking you for
>> help with their packaging.
>> 
>> Just from the above website, perhaps something like
>> python-feedback-control-systems or a bit shorter variant would be more
>> appropriate. I might be wrong.
> python-control is fine, considering it's https://pypi.org/project/control/
It seems debian python team following certain convention when naming
packages for python modules, libraries prefixed with "python-" and
python3 packages are prefixed with "pyhton3-".

will use python3-control over python-control as it's a python3 package.

Regards,
Kurva Prashanth

Bug#1052430: pastedeploy: FTBFS against dh-python 6.20230825

2023-09-21 Thread Simon Chopin

Package: pastedeploy
Severity: serious
Tags: patch ftbfs
Justification: fails to build from source (but built successfully in the past)
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu mantic ubuntu-patch
X-Debbugs-Cc: scho...@ubuntu.com

Hi,

The package now fails to build due to dh-python new clean behavior
removing the FakeApp egg info that is needed for the test suite to run.

We've applied the attached workaround in Ubuntu, although I think it'd
be nicer to have an API for specifying exclusion, see #1051837.

  * Fix FTBFS due to dh-python being overly enthusiastic in its cleaning
duties (LP: #2035337)

Thanks for considering the patch.

Simon Chopin

-- System Information:
Debian Release: trixie/sid
  APT prefers mantic
  APT policy: (500, 'mantic'), (100, 'mantic-proposed')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.5.0-5-generic (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_USER, TAINT_OOT_MODULE
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru pastedeploy-3.0.1/debian/rules pastedeploy-3.0.1/debian/rules
--- pastedeploy-3.0.1/debian/rules  2022-12-08 00:29:11.0 +0100
+++ pastedeploy-3.0.1/debian/rules  2023-09-21 22:20:30.0 +0200
@@ -22,3 +22,8 @@
 
 override_dh_installchangelogs:
dh_installchangelogs $(CURDIR)/docs/news.rst
+
+override_dh_auto_clean:
+   mv tests/fake_packages/FakeApp.egg/FakeApp.egg-info FakeApp.backup
+   dh_auto_clean
+   mv FakeApp.backup tests/fake_packages/FakeApp.egg/FakeApp.egg-info

Bug#1052429: snapd-glib: FTBFS on riscv64

2023-09-21 Thread Patrick Franz

Package: snapd-glib
Version: 1.63-5
Severity: important
Tags: ftbfs
X-Debbugs-Cc: delta...@debian.org

Dear Maintainer,

snapd-glib fails to build on riscv64.

plasma-discover build-depends on libsnapd-qt-dev and it would be nice
if we could make plasma-discover build on all supported architectures.

Looking at the buildlogs, the fix seems to be rather easy as it is only
symbol-errors that prevent the successful build.

Thank you for maintaining the package.


--
Med vänliga hälsningar

Patrick Franz

Bug#1052421: ITP: control -- Python Control Systems Library

2023-09-21 Thread Kurva Prashanth

On 2023-09-21 23:50, Christoph Biedl wrote:
> Kurva Prashanth wrote...
> 
>> * Package name: control
>>   Version : 0.9.4
>>   Upstream Author : > >
>> * URL : http://python-control.org/
> 
> While I cannot judge whether this package is a sensible addition to
> Debian - I strongly ask you to re-consider the package name as "control"
> can apply to many different areas, and is therefore not helping when
> trying to figure if that package helps in a particular situation.
> Also, as there's the debian/control file in each source package, this
> will create some confusion and possibly even to users asking you for
> help with their packaging.
> 
> Just from the above website, perhaps something like
> python-feedback-control-systems or a bit shorter variant would be more
> appropriate. I might be wrong.
> 
> Christoph
I get what you're saying. Yes, "control" is a bit too general in deb
source packages. Your suggestion of "python-feedback-control-systems"
makes sense, and we'll I change package name.

Regards,
Kurva Prashanth

Bug#1052428: node-minimatch: please update to 9.x

2023-09-21 Thread Jérémy Lal

Package: node-minimatch
Version: 5.1.1+~5.1.2-1
Severity: normal

Hi,

nodejs 18.18.0 depends on node-minimatch 9.0.3.

It'd be nice if someone could update that module.

Regards,
Jérémy



-- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (101, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.4.0-4-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages node-minimatch depends on:
ii  node-brace-expansion  2.0.1-2

node-minimatch recommends no packages.

node-minimatch suggests no packages.

-- no debconf information

Bug#1052427: dh-builtusing: remove constraint on number of packages to match a wildcard

2023-09-21 Thread Andrej Shadura

Source: dh-builtusing
Version: 0.0.4
Severity: normal

Hello,

I wanted to generate a list of Rust source packages my package builds
with, so I tried using Static-Built-Using: ${dh-builtusing:librust-S-dev}.
However, that resulted in an error:

dh_builtusing: error: librust-S-dev matches several build dependencies: 
librust-anyhow-1-dev librust-blake2-0.10-dev librust-hex-0.4-dev 
librust-lazy-static-1-dev librust-log-0.4-dev librust-pyo3-0.19-dev 
librust-pyo3-log-0.8-dev librust-pythonize-0.19-dev librust-regex-1-dev 
librust-serde-1-dev librust-serde-json-1-dev

I don’t know why this is an error, but I don’t think it should be. Or
maybe there need to be two kinds of wildcards, one (the current S)
matching one package only, and another matching a non-empty set of
packages.

Thanks!

-- 
Cheers,
  Andrej

Bug#1052424: RFS: rust-rustup/1.26.0-1 [ITP] [Team] -- The Rust toolchain installer

2023-09-21 Thread Zixing Liu

Dear mentors,

I am looking for a sponsor for my package "rustup":

 * Package name : rustup
   Version  : 1.26.0-1
   Upstream contact : Daniel Silverstone 
 * URL  : https://github.com/rust-lang/rustup
 * License  : MIT or Apache-2.0, OFL-1.1-RFN
 * Vcs  : https://salsa.debian.org/rust-team/rustup
   Section  : rust

The source builds the following binary packages:

  librust-rustup-dev - Manage multiple rust installations with ease -
Rust source code
  rustup - The Rust toolchain installer

To access further information about this package, please visit the
following URL:

  https://mentors.debian.net/package/rustup/

Alternatively, you can download the package with 'dget' using this command:

  dget -x 
https://mentors.debian.net/debian/pool/main/r/rustup/rustup_1.26.0-1.dsc

Changes for the initial release:

 rustup (1.26.0-1) unstable; urgency=medium
 .
   * Team upload.
   * Package rustup 1.26.0 from local source using debcargo 2.6.0
   * Initial package upload. (Closes: #1026333)
   * d/copyright: update copyright data from upstream rustup 1.26.0:
 - Update copyright years
 - Add new licenses for new files
   * d/patches: add multiple patches to make rustup buildable under Debian:
 - 0001-cargo-remove-windows-dependencies.patch: Remove Windows dependencies
 - 0002-cargo-remove-reqwest-and-use-curl-instead.patch: Remove reqwest
   entirely (use curl as the downloader)
 - 0003-Bumped-retry.patch: Upgrade retry to ^2
 - 0004-cargo-relax-term-dependency-constraint.patch: Loosen term to ~0.5
 - 0005-tests-disable-self-update-tests.patch: Disable all the tests that
 do the self-update testing
 - 0006-Update-Rust-crate-toml-to-0.7.3.patch: Upgrade toml to ~0.7.3
 - 0007-Remove-external-images-from-the-web-pages.patch: Remove remotely
 loaded images from the HTML files
 .
   [ Ximin Luo ]
   * Package rustup 1.21.1 from local source using debcargo 2.4.3

Regards,
-- 
  Zixing Liu

Bug#1052421: ITP: control -- Python Control Systems Library

2023-09-21 Thread Andrey Rakhmatullin

On Thu, Sep 21, 2023 at 08:20:20PM +0200, Christoph Biedl wrote:
> > * Package name: control
> >   Version : 0.9.4
> >   Upstream Author :  > >
> > * URL : http://python-control.org/
> 
> While I cannot judge whether this package is a sensible addition to
> Debian - I strongly ask you to re-consider the package name as "control"
> can apply to many different areas, and is therefore not helping when
> trying to figure if that package helps in a particular situation.
> Also, as there's the debian/control file in each source package, this
> will create some confusion and possibly even to users asking you for
> help with their packaging.
> 
> Just from the above website, perhaps something like
> python-feedback-control-systems or a bit shorter variant would be more
> appropriate. I might be wrong.
python-control is fine, considering it's https://pypi.org/project/control/

Bug#1052426: eom: add libavif-gdk-pixbuf in recommends

2023-09-21 Thread mike

Package: eom
Version: 1.26.0-2
Severity: wishlist
X-Debbugs-Cc: okgomdjgbm...@gmail.com

Dear Maintainer,


libavif-gdk-pixbuf should be added as a dependency. It starts to be used.

Given that it's still a bit rare, i propose to add it in recommends, so that 
users can chose not to install it.

Bug#1052424: RFS: rust-rustup/1.26.0-1 [ITP] [Team] -- The Rust toolchain installer

2023-09-21 Thread Zixing Liu

Package: sponsorship-requests
Severity: wishlist

Dear mentors,

I am looking for a sponsor for my package "rust-rustup":

 * Package name : rust-rustup
   Version  : 1.26.0-1
   Upstream contact : Daniel Silverstone 
 * URL  : https://github.com/rust-lang/rustup
 * License  : MIT or Apache-2.0, OFL-1.1-RFN
 * Vcs  : https://salsa.debian.org/rust-team/rustup
   Section  : rust

The source builds the following binary packages:

  librust-rustup-dev - Manage multiple rust installations with ease -
Rust source code
  rustup - The Rust toolchain installer

To access further information about this package, please visit the
following URL:

  https://mentors.debian.net/package/rust-rustup/

Alternatively, you can download the package with 'dget' using this command:

  dget -x 
https://mentors.debian.net/debian/pool/main/r/rust-rustup/rust-rustup_1.26.0-1.dsc

Changes for the initial release:

 rust-rustup (1.26.0-1) UNRELEASED; urgency=medium
 .
   * Team upload.
   * Package rustup 1.26.0 from local source using debcargo 2.6.0
   * Initial package upload. (Closes: #1026333)
   * d/copyright: update copyright data from upstream rustup 1.26.0:
 - Update copyright years
 - Add new licenses for new files
   * d/patches: add multiple patches to make rustup buildable under Debian:
 - 0001-cargo-remove-windows-dependencies.patch: Remove Windows dependencies
 - 0002-cargo-remove-reqwest-and-use-curl-instead.patch: Remove reqwest
   entirely (use curl as the downloader)
 - 0003-Bumped-retry.patch: Upgrade retry to ^2
 - 0004-cargo-relax-term-dependency-constraint.patch: Loosen term to ~0.5
 .
   [ Ximin Luo ]
   * Package rustup 1.21.1 from local source using debcargo 2.4.3

Regards,
--
  Zixing Liu

Bug#1037142: linux-image-6.1.0-9-amd64: AMD 7900XTX GPU several issues with Linux 6.1 affecting normal usage

2023-09-21 Thread Diederik de Haas

On Tuesday, 6 June 2023 12:50:16 CEST AAF wrote:
> Package: src:linux
> Version: 6.1.27-1
> Severity: important
> Tags: upstream

This is fixed upstream in the following commits:
master: 0a611560f53bfd489e33f4a718c915f1a6123d03 (6.6-rc2)
6.1: cb30ff2adb10a660ded094b088aca763aaf74dea (6.1.54)
6.5: 5479e06e07bdc0d77ae9646e8830978fb48aaf6a (6.5.4)

All with title: "drm/amdgpu: register a dirty framebuffer callback for fbcon"

signature.asc
Description: This is a digitally signed message part.

Bug#1052423: unp: cbr is a rar file

2023-09-21 Thread mike

Package: unp
Version: 2.0~pre10
Severity: normal
X-Debbugs-Cc: okgomdjgbm...@gmail.com

Dear Maintainer,

unp -s gives:
"zip,cbz,cbr,jar,war,ear,xpi,adf: unzip"

but cbr is a renamed rar file.
I haven't actually tested it, so i don't know if it's just the list that is 
wrong or if it will actually try to unzip a cbr.

Bug#1052410: psycopg3: should maintainer/uploader be turned?

2023-09-21 Thread Tomasz Rybak

According to Python Team Policy
https://salsa.debian.org/python-team/tools/python-modules/-/blob/master/policy.rst
both forms are allowed:
"""
A package maintained within the team should have the name of the team
either in the Maintainer field or in the Uploaders field.
"""

Please read full section "Maintainership" for deeper explanation.

For now psycopg is still Work-In-Progress, e.g. binary module is not
built because Debian does not contain Cython 3.0.0. Therefore I prefer
to keep closer eye on package and chosen second option.

Best regards.

-- 
Tomasz Rybak, Debian Developer 
GPG: A565 CE64 F866 A258 4DDC F9C7 ECB7 3E37 E887 AA8C


signature.asc
Description: This is a digitally signed message part

Bug#1052421: ITP: control -- Python Control Systems Library

2023-09-21 Thread Christoph Biedl

Kurva Prashanth wrote...

> * Package name: control
>   Version : 0.9.4
>   Upstream Author :  >
> * URL : http://python-control.org/

While I cannot judge whether this package is a sensible addition to
Debian - I strongly ask you to re-consider the package name as "control"
can apply to many different areas, and is therefore not helping when
trying to figure if that package helps in a particular situation.
Also, as there's the debian/control file in each source package, this
will create some confusion and possibly even to users asking you for
help with their packaging.

Just from the above website, perhaps something like
python-feedback-control-systems or a bit shorter variant would be more
appropriate. I might be wrong.

Christoph


signature.asc
Description: PGP signature

Bug#1052389: First login with libpam-mklocaluser always fails

On Do 21 Sep 2023 12:02:02 CEST, Petter Reinholdtsen wrote:

[Guido Berhoerster]

When logging in with LightDM the first login always fails due to a
discrepancy between the the home directory obtained from LDAP via
getpwent() and the newly created home directory. Specifically, the
LightDM daemon communicates the absolute path of the Xauthority file to
the session child process and sets the HOME environment variable to the
value obtained via getpwent() and uses that value to change the working
directory, all resulting in fatal errors.

There used to be code in libpam-mklocaluser to throw the user out after
the home directory is created, to ensure that the user is not logged in
with the wrong $HOME set. Is this not happening with LightDM? Because
$HOME change after some processes read it, it is not possible to both
create the local home directory and continue with the login.

That kickout code got dropped from libpam-mklocaluser because with
GDM3 there was no evident problem. So, we went towards getting that
kick-out solved rather than adding an artificial logout:

https://salsa.debian.org/debian-edu/upstream/libpam-mklocaluser/-/commit/407497044bd135bc013d32a83b091f35a9ae3abf

However, as Guido discovered today, the session might have still been
ok in GNOMEv3 (tested in bullseye), but the associated systemd --user
services probably were not.

Or are you talking about being thrown out by libpam-mklocaluser when
logging in for the first time? This is by design and intented due to
the protocol provided by PAM.

It is not intended by design anymore...

Mike
--

DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de

pgpaEFrTRIvpN.pgp
Description: Digitale PGP-Signatur

Bug#1029557: debian-edu-config: Session exits on first login on roaming-workstation fails


On  Do 21 Sep 2023 16:05:51 CEST, Guido Berhoerster wrote:


This is actually a bug in LightDM which makes assumptions about the home
directory not changing and hardcoding paths to the Xauthority file.

There is also a small fix for libpam-mklocaluser necessary so it runs
before the pam_systemd module so that systemd/DBus started processes
have the correct home directory.

If you want to test, you need to rebuild lightdm with the patch from
https://github.com/canonical/lightdm/pull/323 and change the
libpam-mklocaluser pam-config priority.

The latter is necessary for other display managers as well.


Just merged that:
https://salsa.debian.org/debian-edu/upstream/libpam-mklocaluser/-/merge_requests/2

Mike
--

DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de



pgpOk75PXKU14.pgp
Description: Digitale PGP-Signatur

Bug#1052422: RFS: streamlink/6.2.0-1 -- CLI for extracting video streams from various websites to a video player

2023-09-21 Thread Alexis Murzeau


Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "streamlink" for a new
upstream version 6.2.0.

  * Package name: streamlink
Version : 6.2.0-1
Upstream Author : Streamlink Team
  * URL : https://streamlink.github.io/
  * License : BSD-2-clause, Apache-2.0, MIT/Expat, SIL-OFL-1.1
  * Vcs : https://github.com/wxMaxima-developers/wxmaxima
Section : python

It builds those binary packages:

   python3-streamlink - Python module for extracting video streams from
various websites
   python3-streamlink-doc - CLI for extracting video streams from
various websites (documentation)
   streamlink - CLI for extracting video streams from various websites
to a video player

To access further information about this package, please visit the
following URL:

   https://mentors.debian.net/package/streamlink/

Alternatively, you can download the package with 'dget' using this command:

   dget -x
https://mentors.debian.net/debian/pool/main/s/streamlink/streamlink_6.2.0-1.dsc

Changes since the last upload to unstable:
streamlink (6.2.0-1) unstable; urgency=medium

  * New upstream version 6.2.0
  * d/patches: update patches

 -- Alexis Murzeau   Thu, 21 Sep 2023 19:54:32 +0200



Regards,
--
Alexis Murzeau
PGP: B7E6 0EBB 9293 7B06 BDBC  2787 E7BD 1904 F480 937F

Bug#1052421: ITP: control -- Python Control Systems Library

2023-09-21 Thread Kurva Prashanth

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: debian-de...@lists.debian.org,
:debian-pyt...@lists.debian.org
Owner: Kurva Prashanth 

* Package name: control
  Version : 0.9.4
  Upstream Author : >
* URL : http://python-control.org/
* License : BSD-3-Clause
  Programming Lang: Python
  Description : Python Control Systems Library

Python Control Systems Library is a Python module that implements basic
operations for analysis and design of feedback control systems. 

I've started using this python control library to design a controller
and sensor-based state estimation for flapping wing robot. It provides a
set of python classes and functions that implement common operations for
the analysis and design of feedback control systems.

I intend to maintain package under the Debian Python team umbrella.

to maintain

Regards,
Kurva Prashanth

Bug#1052379: lxc FTBFS when systemdsystemunitdir changes in systemd.pc

2023-09-21 Thread Mathias Gibbens

Control: tags -1 + pending

  Thanks for the patch -- it will be included in the next upload of
lxc.

Mathias


signature.asc
Description: This is a digitally signed message part

Bug#1051938: Resolved with a reboot

2023-09-21 Thread Michel Meyers


Hello,

As an FYI: I downgraded systemd 253.5-1 but couldn't get it to function 
("Failed to activate service 'org.freedesktop.systemd1'")


I eventually rebooted my system (ended up having to boot of a live 
distro and fix the initramfs images which had all gotten broken during 
the initial upgrade failure) and the problem has disappeared after that. 
apt upgrade re-applied systemd 254.1-3 with no issues.


- Michel

Bug#1052419: cups-daemon: NEWS.Debian is only tech-gibberish

2023-09-21 Thread IOhannes m zmoelnig

Package: cups-daemon
Version: 2.4.2-6
Followup-For: Bug #1052419

Just as a follow-up: after double-checking my cupsd.conf file, I see that
the  section is present multiple-times in the
document, once each in the "default", "authenticated" and "kerberos" Policy
section.
I assume, that the patch needs to be applied to the "default" policy, as for the
other policies there is already an AuthType defined.

is this correct?
(the nature of a patch file does not make this obvious)
this ought to be documented as well.

And since i'm pretty sure that i've neve touched this file myself (at least
etckeeper shows that it was only ever changed while i installed cups-daemon 1½
years ago), i wonder why there was no dialog showing me the differences between
the files.


cheers

Bug#1052417: bind9: CVE-2023-4236

2023-09-21 Thread Ondřej Surý

Thanks for the nudge.  I must be tired or something as I totally forgot about 
updating
the versions in upstream Debian. I'm working on it right now.

Ondrej
--
Ondřej Surý (He/Him)
ond...@sury.org

> On 21. 9. 2023, at 19:23, Salvatore Bonaccorso  wrote:
> 
> Source: bind9
> Version: 1:9.18.16-1
> Severity: grave
> Tags: security upstream
> X-Debbugs-Cc: car...@debian.org, Debian Security Team 
> 
> Control: found -1 1:9.18.16-1~deb12u1
> 
> Hi,
> 
> The following vulnerability was published for bind9.
> 
> CVE-2023-4236[0]:
> | A flaw in the networking code handling DNS-over-TLS queries may
> | cause `named` to terminate unexpectedly due to an assertion failure.
> | This happens when internal data structures are incorrectly reused
> | under significant DNS-over-TLS query load. This issue affects BIND 9
> | versions 9.18.0 through 9.18.18 and 9.18.11-S1 through 9.18.18-S1.
> 
> 
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
> 
> For further information see:
> 
> [0] https://security-tracker.debian.org/tracker/CVE-2023-4236
>https://www.cve.org/CVERecord?id=CVE-2023-4236
> [1] https://kb.isc.org/docs/cve-2023-4236
> 
> Regards,
> Salvtore
>

Bug#1052407: ITP: unblob -- Extracting, analyzing, and reverse engineering firmware images

2023-09-21 Thread Alexandre Detiste

This looks nice.

I already knew & use binwalk but here they say this tool is even better:

https://github.com/e-m-b-a/emba/releases/tag/1.2.3-RIP-binwalk

Le jeu. 21 sept. 2023 à 17:57, SZ Lin  a écrit :
> * Package name: unblob
>   Description:   Extracting, analyzing, and reverse engineering firmware 
> images

Bug#1052420: bullseye-pu: package flameshot/0.9.0+ds1-2+deb11u1

Package: release.debian.org
Control: affects -1 + src:flameshot
X-Debbugs-Cc: flames...@packages.debian.org
User: release.debian@packages.debian.org
Usertags: pu
Tags: bullseye
X-Debbugs-Cc: by...@debian.org
Severity: normal


[ Reason ]
As reported in https://bugs.debian.org/1051408 , current flameshot
in Debian 11 (Bullseye) will silently upload the current captured
screenshot to imgur without confirmation whenever the corresponding
hotkey is pressed. This imposes a security risk of leaking sensitive
information.

In order to mitigate this issue, I propose to upload flameshot
0.9.0+ds1-2+deb11u1, which strips the embedded imgur token hardcoded
in the source code. Users who wish to utilize the img uploading
feature can fill in their own imgur token in flameshot config
window to re-enable the feature.


[ Impact ]
If the update is not approved, users of flameshot will have their
captured screenshot uploaded to imgur by default when the hotkey
is pressed without prompt, which poses a security and information
leaking risk to Debian 11 users using flameshot.

[ Tests ]
Manually tested in a Debian Bullseye VM.

[ Risks ]
Minimum risk as seen from debdiff.

[ Checklist ]
  [X] *all* changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in (old)stable
  [X] the issue is verified as fixed in unstable

[ Changes ]
Reset hardcoded imgur token to all zero to invalidate img uploading
functionality by default. For details, please check debdiff attached.

[ Other info ]
Upstream takes a different fix by popping up a confirmation window
whenever an image upload is to be done. The details can be found
at https://github.com/flameshot-org/flameshot/releases/tag/v11.0.0 .
Such solution is not applied here due to the workload in backporting
all UI source code changes.


Thanks,
Boyuan Yang
diff -Nru flameshot-0.9.0+ds1/debian/changelog flameshot-0.9.0+ds1/debian/changelog
--- flameshot-0.9.0+ds1/debian/changelog	2021-07-22 18:10:19.0 -0400
+++ flameshot-0.9.0+ds1/debian/changelog	2023-09-21 13:16:48.0 -0400
@@ -1,3 +1,20 @@
+flameshot (0.9.0+ds1-2+deb11u1) bullseye; urgency=medium
+
+  * debian/patches/0006-Disable-default-imgur-token.patch:
+Disable default imgur uploading token.
+.
+Flameshot before v0.10.0 does not pop up confirmation before
+uploading the screenshot to imgur, which is a security risk
+that may leak sensitive user information.
+.
+This patch strips the embedded default imgur token from the
+source code to disable default image uploading. Users who need
+image uploading functionality may set their own imgur token
+in flameshot configuration to re-enable this functionality.
+(Closes: #1051408)
+
+ -- Boyuan Yang   Thu, 21 Sep 2023 13:16:48 -0400
+
 flameshot (0.9.0+ds1-2) unstable; urgency=high
 
   * debian/patches/0003-Disable-automatic-update-checking-by-default.patch:
diff -Nru flameshot-0.9.0+ds1/debian/NEWS.Debian flameshot-0.9.0+ds1/debian/NEWS.Debian
--- flameshot-0.9.0+ds1/debian/NEWS.Debian	1969-12-31 19:00:00.0 -0500
+++ flameshot-0.9.0+ds1/debian/NEWS.Debian	2023-09-21 13:16:48.0 -0400
@@ -0,0 +1,16 @@
+flameshot (0.9.0+ds1-2+deb11u1) bullseye; urgency=medium
+
+  * This version disables the default imgur uploading token.
+.
+Flameshot before v0.10.0 does not pop up confirmation before
+uploading the screenshot to imgur, which is a security risk
+that may leak sensitive user information.
+.
+This version strips the embedded default imgur token from the
+source code to disable default image uploading. Users who need
+image uploading functionality may set their own imgur token
+in flameshot configuration to re-enable this functionality.
+.
+For more information, check out https://bugs.debian.org/1051408 .
+
+ -- Boyuan Yang   Thu, 21 Sep 2023 13:16:48 -0400
diff -Nru flameshot-0.9.0+ds1/debian/patches/0006-Disable-default-imgur-token.patch flameshot-0.9.0+ds1/debian/patches/0006-Disable-default-imgur-token.patch
--- flameshot-0.9.0+ds1/debian/patches/0006-Disable-default-imgur-token.patch	1969-12-31 19:00:00.0 -0500
+++ flameshot-0.9.0+ds1/debian/patches/0006-Disable-default-imgur-token.patch	2023-09-21 13:16:39.0 -0400
@@ -0,0 +1,45 @@
+From: Boyuan Yang 
+Date: Thu, 21 Sep 2023 13:14:23 -0400
+Subject: Disable default imgur token
+
+Flameshot before v0.10.0 does not pop up confirmation before
+uploading the screenshot to imgur, which is a security risk
+that may leak sensitive user information.
+
+This patch strips the embedded default imgur token from the
+source code to disable default image uploading. Users who need
+image uploading functionality may set their own imgur token
+to re-enable this functionality.
+
+Bug-Debian: https://bugs.debian.org/1051408
+---
+ src/CMakeLists.txt | 2 +-
+ src/imgur.pri  | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+dif

Bug#1052216: plasma-mobile should depend on plasma-dialer

2023-09-21 Thread Marco Mattiolo


Hi,

thank you for reporting.

For the point of plasma-mobile not depending on plasma-dialer, I'm sorry 
that's a "wontfix": there are usecases (e.g. tablet) where plasma-mobile 
can be used without plasma-dialer, then it makes no sense for 
plasma-mobile to depend on plasma-dialer and to force some user to 
install plasma-dialer even if not needed.


Your point will be addressed in the near future, as a metapackage is 
being worked on to bring something like plasma-mobile-phone (which will 
depend on plasma-dialer and many others) and plasma-mobile-tablet (which 
will not depend on plasma-dialer) to Debian. In the phone usecase, you 
will have to install plasma-mobile-phone to get a full plasma-mobile 
system for the phone usecase, including the dialer.



For the point of the plasma-dialer error, that's an error I've seen in 
two situations: inside a virtual machine (hence no modem available to 
route audio calls) or when something was crashing really bad. Just to be 
sure, have you installed plasma-dialer from the Debian repo with all its 
dependencies, right? Does this error still happen after reboot?


Kind regards

Marco

Bug#1052419: cups-daemon: NEWS.Debian is only tech-gibberish

2023-09-21 Thread IOhannes m zmoelnig

Package: cups-daemon
Version: 2.4.2-6
Severity: normal

Dear Maintainer,

While doing a routing update on my Debian/sid laptop today, i was greeted with
the following:

> cups (2.4.2-6) unstable; urgency=low
> 
>   In case this is not a fresh installation of cups, please double check
>   whether your cupsd.conf really does contain the limitiation for
>   "CUPS-Get-Document" (see patch 0015-CVE-2023-32360.patch)
> 
>  -- Thorsten Alteholz   Tue, 19 Sep 2023 21:20:27 +0200

wth?

NEWS.Debian is a user-facing interface for telling them important news.
(That's why they are shown in the first place).
As such, I think that the users ought to understand what this means.
I'm fine with the first two lines, but then it goes downhill.
Which "limitation of CUPS-Get-Document"? which patch?

I think we cannot expect our users to do a 'apt-get source cupsd' to hunt down a
patchfile and then understand the implications of what it does.
Even if they are smart enough to just head over to

to inspect the patch.
And then infer from the subject of the patch, that they might also hunt down
CVE-2023-32360 to see what this is all about.

*maybe* (but hey, i know that this is hard to write) something like this is 
better:
> This release addresses a security issue (CVE-2023-32360) which allows
> unauthorized users to fetch documents over local or remote networks.
> Since this is a configuration fix, it might be that it does not reach you if 
> you
> are updating 'cups-daemon' (rather than doing a fresh installation).
> Please double check your /etc/cups/cupds.conf file, whether it limits the 
> access
> to CUPS-Get-Document with something like the following
> >  
> >AuthType Default
> >Require user @OWNER @SYSTEM
> >Order deny,allow
> >   
> (The important line is the 'AuthType Default' in this section)


(sidenote: since the NEWS.Debian file is shown only on upgrade, i think it is
safe to assume that "this is not a fresh installation of cups".)

Thanks for maintaining cups, probably one of the most installed packages
(outside of essential) in Debian (that's why I think it is even more important
to get the NEWS right)

cheers


-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.5.0-1-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages cups-daemon depends on:
ii  adduser3.137
ii  bc 1.07.1-3+b1
ii  init-system-helpers1.65.2
ii  libavahi-client3   0.8-11
ii  libavahi-common3   0.8-11
ii  libc6  2.37-10
ii  libcups2   2.4.2-6
ii  libdbus-1-31.14.10-1
ii  libgssapi-krb5-2   1.20.1-4
ii  libpam0g   1.5.2-7
ii  libpaper1  1.1.29
ii  libsystemd0254.4-1
ii  procps 2:4.0.3-1
ii  ssl-cert   1.1.2
ii  sysvinit-utils [lsb-base]  3.08-1

Versions of packages cups-daemon recommends:
ii  avahi-daemon  0.8-11
ii  colord1.4.6-3
ii  cups-browsed  1.28.17-3
ii  ipp-usb   0.9.23-1+b6

Versions of packages cups-daemon suggests:
ii  cups   2.4.2-6
ii  cups-bsd   2.4.2-6
ii  cups-client2.4.2-6
ii  cups-common2.4.2-6
ii  cups-filters   1.28.17-3
pn  cups-pdf   
ii  cups-ppdc  2.4.2-6
ii  cups-server-common 2.4.2-6
ii  foomatic-db-compressed-ppds [foomatic-db]  20230202-1
ii  ghostscript10.02.0~dfsg-2
ii  poppler-utils  22.12.0-2+b1
pn  smbclient  
ii  udev   254.4-1

-- no debconf information

Bug#1052416: bind9: CVE-2023-3341

2023-09-21 Thread Salvatore Bonaccorso

Source: bind9
Version: 1:9.18.16-1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 
Control: found -1 1:9.18.16-1~deb12u1
Control: found -1 1:9.16.42-1~deb11u1
Control: found -1 1:9.16.37-1~deb11u1

Hi,

The following vulnerability was published for bind9.

CVE-2023-3341[0]:
| The code that processes control channel messages sent to `named`
| calls certain functions recursively during packet parsing. Recursion
| depth is only limited by the maximum accepted packet size; depending
| on the environment, this may cause the packet-parsing code to run
| out of available stack memory, causing `named` to terminate
| unexpectedly. Since each incoming control channel message is fully
| parsed before its contents are authenticated, exploiting this flaw
| does not require the attacker to hold a valid RNDC key; only network
| access to the control channel's configured TCP port is necessary.
| This issue affects BIND 9 versions 9.2.0 through 9.16.43, 9.18.0
| through 9.18.18, 9.19.0 through 9.19.16, 9.9.3-S1 through
| 9.16.43-S1, and 9.18.0-S1 through 9.18.18-S1.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-3341
https://www.cve.org/CVERecord?id=CVE-2023-3341
[1] https://kb.isc.org/docs/cve-2023-3341

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#1052418: RFP: gtklock -- GTK-based lockscreen for wayland

2023-09-21 Thread Matthias Geiger

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: team+swa...@tracker.debian.org

* Package name: gtklock
  Version : 2.1.0
  Upstream Contact: Jovan Lanik 
* URL : https://github.com/jovanlanik/gtklock
* License : GPL-3
  Programming Lang: C
  Description : GTK-based lockscreen for wayland

gtklock is a simple lockscreen for wlroots-based applications.
I think this would be nice to have in debian for users who prefer
an alternative to swaylock. Packaging looks fairly trivial; I may or may not
pick this up later.

best,

werdahias

Bug#1052417: bind9: CVE-2023-4236

2023-09-21 Thread Salvatore Bonaccorso

Source: bind9
Version: 1:9.18.16-1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 
Control: found -1 1:9.18.16-1~deb12u1

Hi,

The following vulnerability was published for bind9.

CVE-2023-4236[0]:
| A flaw in the networking code handling DNS-over-TLS queries may
| cause `named` to terminate unexpectedly due to an assertion failure.
| This happens when internal data structures are incorrectly reused
| under significant DNS-over-TLS query load. This issue affects BIND 9
| versions 9.18.0 through 9.18.18 and 9.18.11-S1 through 9.18.18-S1.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-4236
https://www.cve.org/CVERecord?id=CVE-2023-4236
[1] https://kb.isc.org/docs/cve-2023-4236

Regards,
Salvtore

Bug#1052415: rust-tungstenite: CVE-2023-43669

2023-09-21 Thread Salvatore Bonaccorso

Source: rust-tungstenite
Version: 0.20.0-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/snapview/tungstenite-rs/issues/376
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for rust-tungstenite.

CVE-2023-43669[0]:
| The Tungstenite crate through 0.20.0 for Rust allows remote
| attackers to cause a denial of service (minutes of CPU consumption)
| via an excessive length of an HTTP header in a client handshake. The
| length affects both how many times a parse is attempted (e.g.,
| thousands of times) and the average amount of data for each parse
| attempt (e.g., millions of bytes).


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-43669
https://www.cve.org/CVERecord?id=CVE-2023-43669
[1] https://github.com/snapview/tungstenite-rs/issues/376

Regards,
Salvatore

Bug#1052172: gnome-terminal: crash during scroll-up

2023-09-21 Thread Patrice Duroux

Sorry sure !
Here it is:

(gdb) bt full
#0  g_utf8_pointer_to_offset (str=, pos=) at ../../../glib/gutf8.c:423
s = 0x563a15601000 
offset = 836761
#1  0x7f48eff1f0e6 in
vte_terminal_accessible_get_text_somewhere(AtkText*, gint,
AtkTextBoundary, direction, gint*, gint*)
(text=0x563a154bc160, offset=,
boundary_type=, direction=22074,
start_offset=0x563a154bc160, end_offset=0x6f) at
../src/vteaccess.cc:949
accessible = 0x563a154bc160
priv = 0xddc
current = 
prev = 836761
next = 
start = 
end = 
line = 
impl = 0xffdf
__PRETTY_FUNCTION__ = "void
vte_terminal_set_enable_bidi(VteTerminal*,
gboolean)\000\000\000\000\000\000\000gboolean
vte_terminal_get_enable_shaping(Vte"
#2  0x563a15302550 in  ()
#3  0x in  ()

Le jeu. 21 sept. 2023 à 19:09, Samuel Thibault  a écrit :
>
> Hello,
>
> Patrice Duroux, le jeu. 21 sept. 2023 19:04:22 +0200, a ecrit:
> > Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
> > Core was generated by `/usr/libexec/gnome-terminal-server'.
> > Program terminated with signal SIGSEGV, Segmentation fault.
> > #0  g_utf8_pointer_to_offset (str=, pos= > out>) at ../../../glib/gutf8.c:423
> > 423../../../glib/gutf8.c: Aucun fichier ou dossier de ce type.
> > [Current thread is 1 (Thread 0x7f48ec2dad00 (LWP 6255))]
> > (gdb)
>
> At this point I would need a
>
> bt full
>
>
> (it's not a problem that it doesn't find the files, that's the good
> point in open source, we have the source code :)
>
> Samuel

Bug#1051408: Acknowledgement (flameshot: uploads potentially sensitive screenshots to the internet)

X-Debbugs-CC: Peter 
Control: tags -1 +confirmed
Control: notfound -1 12.1.0-2
Control: fixed -1 12.1.0-2

Hi,

On Thu, 7 Sep 2023 19:43:10 +0200 Peter  wrote:
> Thank you for the quick response to my message.
> 
> My message is wrong in one place: I tested the old version from Debian 
> Bullseye.
> 
> In Bookworm it behaves as follows: There is an "Imgur Application Client 
> Id" configured in the installation. So it is possible to use the upload 
> without any further configuration. But before uploading there is a 
> security prompt. In German: "Möchest du diese Aufnahme hochladen?"/"Do 
> you want to upload this image?". You may set "Upload without confirmation".
> 
> For privacy reasons I would prefer the image upload function to be 
> disabled by default and no Imgur Application Id configured.

Debian's flameshot package maintainer here.

My understanding is that this bug only affects flameshot in Debian 11.
Since flameshot in Debian 12 or later provides a confirmation window
before uploading, no security concern should be assumed. As a package
maintainer, I do not want to deviate from upstream's decision on providing
a default imgur token in newer flameshot.

Your concern of flameshot in Debian 11 looks valid. You proposed the patch
to completely strip imgur token is kind of brute-force and I don't really
like it, but I don't have enough time to backport a proper fix on popping up
a confirmation window before imgur upload. As a result, I will take it
as-is and provide an oldstable-proposed-updates for flameshot in Debian 11.

NOTE: such change will later need to be reviewed by Debian Release Team, and
the acceptance of this patch is solely at the discretion of Release Team, which
I cannot guarantee to be accepted.

Thanks,
Boyuan Yang

signature.asc
Description: This is a digitally signed message part

Bug#1052172: gnome-terminal: crash during scroll-up

Hello,

Patrice Duroux, le jeu. 21 sept. 2023 19:04:22 +0200, a ecrit:
> Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
> Core was generated by `/usr/libexec/gnome-terminal-server'.
> Program terminated with signal SIGSEGV, Segmentation fault.
> #0  g_utf8_pointer_to_offset (str=, pos= out>) at ../../../glib/gutf8.c:423
> 423../../../glib/gutf8.c: Aucun fichier ou dossier de ce type.
> [Current thread is 1 (Thread 0x7f48ec2dad00 (LWP 6255))]
> (gdb)

At this point I would need a

bt full


(it's not a problem that it doesn't find the files, that's the good
point in open source, we have the source code :)

Samuel

Bug#1039857: podman crashes my systemd-managed sway session on exit

2023-09-21 Thread Antoine Beaupré

Hi!

Could I get some feedback on this patch? I've been running this for
months now without any problems and it improves systemd support quite a
bit...

Right now I'm relying on this for my desktop session which makes
upgrades rather... brittle. :)

a.

On 2023-07-03 12:07:01, Antoine Beaupré wrote:
> Control: tags -1 +patch
>
> And here's the patch to fix this.
>
> I'll also send this as a MR to salsa.
> -- 
> Man is, at one and the same time, a solitary being and a social being,
>- Albert Einstein
> From 3c8450a9983da9904a81fc1313b5b4ae7fff0d43 Mon Sep 17 00:00:00 2001
> From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= 
> Date: Mon, 3 Jul 2023 11:32:53 -0400
> Subject: [PATCH 1/2] PATCH: signal readiness to sd-daemon
>
> This allows systemd to notice sway's startup is complete which allows,
> for example, the session manager to start Wayland programs in the
> right order. Without this signal, users have to go through rather
> horrible hacks to tell systemd that it can start further units.
>
> I've been using `NotifyAccess=all` in the sway.service file and `exec
> systemd-notify --ready` in my sway config to emulate this, but it's
> racy and error-prone.
>
> A particularly nasty bug triggered by `NotifyAccess=all` in particular
> is when podman starts and then terminates a container. In that
> context, conmon(8) ends up notifying systemd it's the session master
> and takes over thee "Main PID" field in systemd. When it dies, systemd
> believes the session is over and proceeds to kill the entire
> session. This is explained in more details in:
>
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039857
>
> This might not actually be the right place to do this. We call
> `server_run` right after, and maybe there would be a better place. But
> `server_run` only calls `wl_display_run` and that's part of the core
> `wayland` library. I'm not sure Wayland itself is a place to do this,
> so for now I'm scratching my own itch and doing this in Sway itself.
> ---
>  debian/changelog  |  7 ++
>  .../0003-signal-readiness-to-sd-daemon.patch  | 77 +++
>  debian/patches/series |  1 +
>  3 files changed, 85 insertions(+)
>  create mode 100644 debian/patches/0003-signal-readiness-to-sd-daemon.patch
>
> diff --git a/debian/changelog b/debian/changelog
> index 12fc3b16..477c4bbf 100644
> --- a/debian/changelog
> +++ b/debian/changelog
> @@ -1,3 +1,10 @@
> +sway (1.8.1-1.1) experimental; urgency=medium
> +
> +  * Non-maintainer upload.
> +  * Add patch for READY=1 signal to sd-daemon (Closes: #1039857)
> +
> + -- Antoine Beaupré   Mon, 03 Jul 2023 11:16:48 -0400
> +
>  sway (1.8.1-1) experimental; urgency=medium
>  
>* New upstream version
> diff --git a/debian/patches/0003-signal-readiness-to-sd-daemon.patch 
> b/debian/patches/0003-signal-readiness-to-sd-daemon.patch
> new file mode 100644
> index ..13ac494c
> --- /dev/null
> +++ b/debian/patches/0003-signal-readiness-to-sd-daemon.patch
> @@ -0,0 +1,77 @@
> +From d7cde9f35d93edd6c785e9404bed56094b702848 Mon Sep 17 00:00:00 2001
> +From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= 
> +Date: Mon, 3 Jul 2023 11:12:23 -0400
> +Subject: [PATCH] signal readiness to sd-daemon
> +
> +This allows systemd to notice sway's startup is complete which allows,
> +for example, the session manager to start Wayland programs in the
> +right order. Without this signal, users have to go through rather
> +horrible hacks to tell systemd that it can start further units.
> +
> +I've been using `NotifyAccess=all` in the sway.service file and `exec
> +systemd-notify --ready` in my sway config to emulate this, but it's
> +racy and error-prone.
> +
> +A particularly nasty bug triggered by `NotifyAccess=all` in particular
> +is when podman starts and then terminates a container. In that
> +context, conmon(8) ends up notifying systemd it's the session master
> +and takes over thee "Main PID" field in systemd. When it dies, systemd
> +believes the session is over and proceeds to kill the entire
> +session. This is explained in more details in:
> +
> +https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039857
> +
> +This might not actually be the right place to do this. We call
> +`server_run` right after, and maybe there would be a better place. But
> +`server_run` only calls `wl_display_run` and that's part of the core
> +`wayland` library. I'm not sure Wayland itself is a place to do this,
> +so for now I'm scratching my own itch and doing this in Sway itself.
> +---
> + sway/main.c | 11 +++
> + 1 file changed, 11 insertions(+)
> +
> +Index: b/sway/main.c
> +===
> +--- a/sway/main.c2023-07-03 11:52:40.761162143 -0400
>  b/sway/main.c2023-07-03 11:52:40.757162142 -0400
> +@@ -26,6 +26,12 @@
> + #include "stringop.h"
> + #include "util.h"
> + 
> ++#ifdef HAVE_LIBSYSTEMD
> ++#include 
> ++#elif HAVE_LIBELOGIND
> ++#include 
> ++#endif

Bug#1052172: gnome-terminal: crash during scroll-up

2023-09-21 Thread Patrice Duroux

Hi,

I have installed your packages and here is the result after reproducing a crash:

#coredumpctl debug
   PID: 6255 (gnome-terminal-)
   UID: 1001 (patrice)
   GID: 1001 (patrice)
Signal: 11 (SEGV)
 Timestamp: Thu 2023-09-21 18:59:03 CEST (1min 4s ago)
  Command Line: /usr/libexec/gnome-terminal-server
Executable: /usr/libexec/gnome-terminal-server
 Control Group:
/user.slice/user-1001.slice/user@1001.service/app.slice/app-org.gnome.Terminal.slice/gnome-terminal-server.service
  Unit: user@1001.service
 User Unit: gnome-terminal-server.service
 Slice: user-1001.slice
 Owner UID: 1001 (patrice)
   Boot ID: 0888970f49044cfbac6fd735e69b0268
Machine ID: be351e757dc049ffa300ddbaf0f4856a
  Hostname: kos-moceratops
   Storage:
/var/lib/systemd/coredump/core.gnome-terminal-.1001.0888970f49044cfbac6fd735e69b0268.6255.169531554300.zst
(present)
  Size on Disk: 2.0M
   Message: Process 6255 (gnome-terminal-) of user 1001 dumped core.

Module libzstd.so.1 from deb libzstd-1.5.5+dfsg2-2.amd64
Module libsystemd.so.0 from deb systemd-254.4-1.amd64
Stack trace of thread 6255:
#0  0x7f48f0a0eb30 g_utf8_pointer_to_offset
(libglib-2.0.so.0 + 0x91b30)
#1  0x7f48eff1f0e6 emit_text_changed_insert
(libvte-2.91.so.0 + 0x670e6)
#2  0x7f48efeed03f
_ZN3vte8terminal8Terminal18emit_text_scrolledEl (libvte-2.91.so.0 +
0x3503f)
#3  0x7f48eff15265
_ZN3vte8platform6Widget25vadjustment_value_changedEv (libvte-2.91.so.0
+ 0x5d265)
#4  0x7f48f0ad9540 g_closure_invoke
(libgobject-2.0.so.0 + 0x16540)
#5  0x7f48f0aecafc signal_emit_unlocked_R
(libgobject-2.0.so.0 + 0x29afc)
#6  0x7f48f0aee501 signal_emit_valist_unlocked
(libgobject-2.0.so.0 + 0x2b501)
#7  0x7f48f0af4186 g_signal_emit_valist
(libgobject-2.0.so.0 + 0x31186)
#8  0x7f48f0af4243 g_signal_emit
(libgobject-2.0.so.0 + 0x31243)
#9  0x7f48f00b4297 emit_value_changed
(libgtk-3.so.0 + 0xb4297)
#10 0x7f48f025e152 gtk_range_real_change_value
(libgtk-3.so.0 + 0x25e152)
#11 0x7f48f00915ce
_gtk_marshal_BOOLEAN__ENUM_DOUBLE (libgtk-3.so.0 + 0x915ce)
#12 0x7f48f0ad9540 g_closure_invoke
(libgobject-2.0.so.0 + 0x16540)
#13 0x7f48f0aed188 signal_emit_unlocked_R
(libgobject-2.0.so.0 + 0x2a188)
#14 0x7f48f0aedd51 signal_emit_valist_unlocked
(libgobject-2.0.so.0 + 0x2ad51)
#15 0x7f48f0af4186 g_signal_emit_valist
(libgobject-2.0.so.0 + 0x31186)
#16 0x7f48f0af4243 g_signal_emit
(libgobject-2.0.so.0 + 0x31243)
#17 0x7f48f025c46c update_slider_position
(libgtk-3.so.0 + 0x25c46c)
#18 0x7f48f025f75c gtk_range_drag_gesture_update
(libgtk-3.so.0 + 0x25f75c)
#19 0x7f48f0094e20
_gtk_marshal_VOID__DOUBLE_DOUBLEv (libgtk-3.so.0 + 0x94e20)
#20 0x7f48f0ad9749 _g_closure_invoke_va
(libgobject-2.0.so.0 + 0x16749)
#21 0x7f48f0aee5bf signal_emit_valist_unlocked
(libgobject-2.0.so.0 + 0x2b5bf)
#22 0x7f48f0af4186 g_signal_emit_valist
(libgobject-2.0.so.0 + 0x31186)
#23 0x7f48f0af4243 g_signal_emit
(libgobject-2.0.so.0 + 0x31243)
#24 0x7f48f0adc986 g_cclosure_marshal_VOID__BOXEDv
(libgobject-2.0.so.0 + 0x19986)
#25 0x7f48f0ad9749 _g_closure_invoke_va
(libgobject-2.0.so.0 + 0x16749)
#26 0x7f48f0aee5bf signal_emit_valist_unlocked
(libgobject-2.0.so.0 + 0x2b5bf)
#27 0x7f48f0af4186 g_signal_emit_valist
(libgobject-2.0.so.0 + 0x31186)
#28 0x7f48f0af4243 g_signal_emit
(libgobject-2.0.so.0 + 0x31243)
#29 0x7f48f01b1912 gtk_gesture_handle_event
(libgtk-3.so.0 + 0x1b1912)
#30 0x7f48f01b4c32 gtk_gesture_single_handle_event
(libgtk-3.so.0 + 0x1b4c32)
#31 0x7f48f0179541
gtk_event_controller_handle_event (libgtk-3.so.0 + 0x179541)
#32 0x7f48f0348a7d _gtk_widget_run_controllers
(libgtk-3.so.0 + 0x348a7d)
#33 0x7f48f0090d98 _gtk_marshal_BOOLEAN__BOXEDv
(libgtk-3.so.0 + 0x90d98)
#34 0x7f48f0ad9749 _g_closure_invoke_va
(libgobject-2.0.so.0 + 0x16749)
#35 0x7f48f0aed913 signal_emit_valist_unlocked
(libgobject-2.0.so.0 + 0x2a913)
#36 0x7f48f0af4186 g_signal_emit_valist
(libgobject-2.0.so.0 + 0x31186)
#37 0x7f48f0af4243 g_signal_emit
(libgobject-2.0.so.0 + 0x31243)
#38 0x7f48f034a4d4 gtk_widget_event_internal
(libgtk-3.so.0 + 0x34a4d4)
#39 0x7f48f01fca5e propagate_event_up
(libgtk-3.so.0 + 0x1fca5e)
#40 0x

Bug#1052386: opentracker: correction to the short description

Package: opentracker
Followup-For: Bug #1052386
X-Debbugs-Cc: benatt...@gezapig.nl

Dear Maintainer,

In turn of my earlier message, in this case the term "open" I guess has another
meaning.


-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-12-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages opentracker depends on:
ii  libc6  2.36-9+deb12u1
pn  libowfat0  
ii  zlib1g 1:1.2.13.dfsg-1

opentracker recommends no packages.

opentracker suggests no packages.

Bug#1020217: snapshot.debian.org: write a generic file driver supporting multiple backend (such as object-storage)

On 21/09/23 at 18:26 +0200, Lucas Nussbaum wrote:
> Hi Baptiste,
> 
> On 18/09/22 at 11:29 +0200, Baptiste Beauplat wrote:
> > Having files stored into an object-like storage could improve cost and
> > performence over the conventional storage that snapshot is currently
> > using. (Currently using over 130 TB!)
> > 
> > Multiple componants needs to access snapshot farm. The importer, the web
> > app (if not redirected) and multiple other scripts.
> > 
> > We should write a generic file driver to allow all those component to
> > access/update/delete file from a config-defined backend.
> > 
> > This driver would be usable in at least two langauges: ruby and python.
> > I'm not sure what is the best course of action here. Some kind of
> > bindings or maintaining two separate drivers.
> > 
> > Note that there is also some C program as part for snapshot (the fsck
> > program).
> > 
> > I was thinking for writing at least two backend for the driver:
> > 
> > - a standard flat filesystem storage (what we have currently)
> > - an object-like storage. S3 would be a good candidate since a couple of
> >   opensource storage solution provide S3 compatible API.
> > 
> > That would allow a two step transision: start using the driver, then
> > switch the backend.
> 
> I was wondering if you made some progress on this?
> 
> Your plan looks very good. I agree that a S3 backend would make a lot of
> sense (usable both with self-hosted solutions like MinIO, or with
> managed services).
> 
> Let me know if I can help somehow.

Looking at the code:

The Ruby part (in charge of importing data) already has an abstraction
layer:
https://salsa.debian.org/snapshot-team/snapshot/-/blob/master/snapshot#L59

The Python part (in charge of the web app) doesn't:
https://salsa.debian.org/snapshot-team/snapshot/-/blob/master/web/app/snapshot/controllers/archive.py#L192

Lucas

Bug#1047224: python-astor: Fails to build source after successful build

2023-09-21 Thread Tianon Gravi

On Thu, 21 Sept 2023 at 09:31, Lucas Nussbaum  wrote:
> Yes, it was closed on Sept 7th (I retried all packages to close bugs
> fixed by the above change).
> I'm not sure how you ran into it? Did I mess up something while
> mass-closing?

Doh, no, sorry; that's gonna be my bad.  I had the two bug emails in
my inbox backlog to respond to, and the BTS and I aren't exactly
compatible (bug closing emails don't properly thread with the bug
emails and don't obviously contain details about the bug being closed
unless they're read, and when coupled with the amount of those I get
that don't pertain to me, I tend to miss them if there wasn't also a
separate message to the bug that does thread correctly or at least has
a better subject).  Mea culpa!

♥,
- Tianon
  4096R / B42F 6819 007F 00F8 8E36  4FD4 036A 9C25 BF35 7DD4

Bug#1052414: mozjs102: New upstream release 115.x

2023-09-21 Thread Simon McVittie

Source: mozjs102
Severity: wishlist
Forwarded: https://ftp-master.debian.org/new.html
Control: block 1052145 by -1
Control: block 1050237 by -1

Tracking bug for getting mozjs115 out of the NEW queue and into
experimental, without which we can't have gjs 1.77.x/1.78.x.

smcv

Bug#1052386: opentracker: correction to the short description

Package: opentracker
Followup-For: Bug #1052386
X-Debbugs-Cc: benatt...@gezapig.nl

Dear Maintainer,

I hope you understand the reason of this package being in main?
Please change the short title to?: BitTorrent tracker
The rest of the short title is useless.


-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-12-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages opentracker depends on:
ii  libc6  2.36-9+deb12u1
pn  libowfat0  
ii  zlib1g 1:1.2.13.dfsg-1

opentracker recommends no packages.

opentracker suggests no packages.

Bug#1050237: mutter: Upload mutter & GNOME Shell 45 to Unstable

2023-09-21 Thread Simon McVittie

Control: block 1050237 by 1052145

On Mon, 18 Sep 2023 at 16:55:18 +0100, Simon McVittie wrote:
> On Tue, 22 Aug 2023 at 09:39:06 -0400, Jeremy Bícha wrote:
> > This is a tracking and discussion bug for uploading Mutter & GNOME
> > Shell 45 to Unstable.
> 
> I've done the usual mass-bug-filing for extensions that are not compatible
> with the new Shell version:
> https://udd.debian.org/cgi-bin/bts-usertags.cgi?user=pkg-gnome-maintainers%40lists.alioth.debian.org&tag=gnome-shell-45

As noted in #1052145, at least one of those extensions needs gjs 1.77.x
(or preferably 1.78), which in turn needs mozjs115, which is waiting
in NEW for ftp team approval.

smcv

Bug#1047224: python-astor: Fails to build source after successful build

Hi,

On 20/09/23 at 20:33 -0700, Tianon Gravi wrote:
> On Sun, 13 Aug 2023 at 14:59, Lucas Nussbaum  wrote:
> > > dpkg-source: info: local changes detected, the modified files are:
> > >  python-astor-0.8.1/astor.egg-info/PKG-INFO
> > > dpkg-source: error: aborting due to unexpected upstream changes, see 
> > > /tmp/python-astor_0.8.1-4.diff.StEqUF
> 
> This looks like it's what was fixed in
> https://salsa.debian.org/python-team/tools/dh-python/-/commit/31eff8f,
> right? (So this bug can probably be closed?)

Yes, it was closed on Sept 7th (I retried all packages to close bugs
fixed by the above change).
I'm not sure how you ran into it? Did I mess up something while
mass-closing?

Lucas

Bug#1052413: pyequihash: should maintainer/uploader be turned?

Source: pyequihash
Version: 0.2-2
Severity: minor
X-Debbugs-Cc: benatt...@gezapig.nl

Dear Maintainer,

Normally the Debian Python Team would be maintainer.
Then Joost van Baal-Ilić would be under uploaders.

Now it's opposite.


-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-12-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#1052412: pymdown-extensions: should maintainer/uploader be turned?

Source: pymdown-extensions
Version: 9.5-2
Severity: minor
X-Debbugs-Cc: benatt...@gezapig.nl

Dear Maintainer,

Normally the Debian Python Team would be maintainer.
Then Sandro Tosi would be under uploaders.

Now it's opposite.


-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-12-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#1020217: snapshot.debian.org: write a generic file driver supporting multiple backend (such as object-storage)

Hi Baptiste,

On 18/09/22 at 11:29 +0200, Baptiste Beauplat wrote:
> Having files stored into an object-like storage could improve cost and
> performence over the conventional storage that snapshot is currently
> using. (Currently using over 130 TB!)
> 
> Multiple componants needs to access snapshot farm. The importer, the web
> app (if not redirected) and multiple other scripts.
> 
> We should write a generic file driver to allow all those component to
> access/update/delete file from a config-defined backend.
> 
> This driver would be usable in at least two langauges: ruby and python.
> I'm not sure what is the best course of action here. Some kind of
> bindings or maintaining two separate drivers.
> 
> Note that there is also some C program as part for snapshot (the fsck
> program).
> 
> I was thinking for writing at least two backend for the driver:
> 
> - a standard flat filesystem storage (what we have currently)
> - an object-like storage. S3 would be a good candidate since a couple of
>   opensource storage solution provide S3 compatible API.
> 
> That would allow a two step transision: start using the driver, then
> switch the backend.

I was wondering if you made some progress on this?

Your plan looks very good. I agree that a S3 backend would make a lot of
sense (usable both with self-hosted solutions like MinIO, or with
managed services).

Let me know if I can help somehow.

Lucas

Bug#1052411: apt: [INTL:de] updated German po file translation

2023-09-21 Thread Helge Kreutzmann

Package: apt
Version: 2.7.6
Severity: wishlist
Tags: patch l10n

Please find the updated German po file translation for apt
attached.

If you update your template, please use
'msgfmt --statistics '
to check the po-files for fuzzy or untranslated strings.

If there are such strings, please contact me so I can update the
German translation.

Greetings
Helge


-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


apt_2.7.6_de.po.gz
Description: application/gzip


signature.asc
Description: PGP signature

Bug#1052410: psycopg3: should maintainer/uploader be turned?

Source: psycopg3
Version: 3.1.7-4
Severity: minor
X-Debbugs-Cc: benatt...@gezapig.nl

Dear Maintainer,

Normally the Debian Python Team would be maintainer.
Then Tomasz Rybak would be under uploaders.

Now it's opposite.


-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-12-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#1051739: Package is uninstallable, bug unacknowledged, therefore release critical


Control: tags -1 wontfix

Hi,

On  So 17 Sep 2023 03:39:55 CEST, Joseph Carter wrote:


Control: severity -1 grave

I didn't do this when filing the bug since ages ago it was  
considered impolite for end-users to set severity and particularly  
to set a severity above important. But it's been a week without  
acknowledgment or fix, and it is release critical even if it's a  
contrib package that isn't for the Holy Gnoman Empire DE.


Joseph


Problem here is that we are removing GTK-2+ from Debian  
testing/unstable, so the libs that get built against GTK-2+ (such as  
libayatana-appindicator-1).


Problem here is that the downloaded dropbox executable probably is  
still GTK-2+. I need to test this and see how easily portable to GTK-3  
is.


Mike
--

DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de



pgpGR67IN6S5W.pgp
Description: Digitale PGP-Signatur

Bug#1029557: debian-edu-config: Session exits on first login on roaming-workstation fails

2023-09-21 Thread Guido Berhoerster


On 21.09.23 17:54, Mike Gabriel wrote:

On  Do 21 Sep 2023 16:05:51 CEST, Guido Berhoerster wrote:


This is actually a bug in LightDM which makes assumptions about the home
directory not changing and hardcoding paths to the Xauthority file.

There is also a small fix for libpam-mklocaluser necessary so it runs
before the pam_systemd module so that systemd/DBus started processes
have the correct home directory.


Thanks for digging this out!!!


If you want to test, you need to rebuild lightdm with the patch from
https://github.com/canonical/lightdm/pull/323 and change the
libpam-mklocaluser pam-config priority.


I'll need to see how we can escalate this to the lightdm maintainer in 
Debian. Unfortunately, neither lightdm upstream nor downstream is really 
active with development.


I'll prepare a patch for the package based on the above PR.


The latter is necessary for other display managers as well.


Interestingly, with GDMv3 (bullseye version), the login would just work 
on first attempt.


GDM might handle the login better but everything started by systemd and 
DBus will likely have the wrong home directory because of the order of 
session type PAM modules.


--
Guido Berhoerster

Bug#1052409: initramfs-tools: zstd breaks update-initramfs leading to missingmodules broken uuid link to root

2023-09-21 Thread Christian Kiss

Package: initramfs-tools
Version: 0.142
Severity: normal
X-Debbugs-Cc: christianpeterk...@yahoo.com

Dear Maintainer,

debian12 bookworm
kernelconfig initramfs-tools mandatory zstd (since kernel 5.9)
seems to misconfigure or break non-sse2 update-initramfs -u
leading to "missing modules" or broken uuid link to root andor boot during
bootprocess
drops to shell

the uuid link to a dmraid mapper is not the relevant factor in this

any bullseye initramfstool operation worked before flawlessly including kernel
6.0 on deb11
this i s a bookworm bug

Greetings
Christian KISS
*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
   * What was the outcome of this action?
   * What outcome did you expect instead?

*** End of the template - remove these template lines ***


-- Package-specific info:
-- initramfs sizes
-rw-r--r-- 1 root root 17M Aug 13 19:27 /boot/initrd.img-5.10.0-23-rt-686-pae
-rw-r--r-- 1 root root 17M Aug 13 19:27 
/boot/initrd.img-6.1.0-0.deb11.7-rt-686-pae
-rw-r--r-- 1 root root 65M Sep 21 14:31 /boot/initrd.img-6.1.0-12-rt-686-pae
-- /proc/cmdline
BOOT_IMAGE=/vmlinuz-5.10.0-23-rt-686-pae 
root=UUID=1d4b5b23-bf4e-4c23-88c8-438a01de5a4c ro dmraid=true splash 
maxcstate=0 max.cstate=0 quiet kaslr pti=on slab_nomerge page_poison=1 
slub_debug=FPZ nosmt

-- resume
RESUME=UUID=4b9b288b-6e37-48b5-8390-ffaad362e47e
-- /proc/filesystems
ext3
ext2
ext4
fuseblk

-- lsmod
Module  Size  Used by
ctr16384  2
aes_generic36864  4
libaes 16384  1 aes_generic
crypto_simd16384  0
cryptd 20480  1 crypto_simd
ccm20480  6
snd_seq_dummy  16384  0
snd_hrtimer16384  0
qrtr   32768  4
nf_log_ipv616384  6
xt_hl  16384  22
ip6_tables 24576  52
ip6t_rt20480  3
ip6t_REJECT16384  531
nf_reject_ipv6 20480  1 ip6t_REJECT
nf_log_ipv416384  6
nf_log_common  16384  2 nf_log_ipv6,nf_log_ipv4
xt_LOG 20480  12
xt_recent  24576  4
xt_multiport   20480  24
nft_limit  16384  15
xt_limit   16384  0
xt_addrtype16384  4
xt_tcpudp  20480  0
xt_conntrack   16384  16
nf_conntrack  139264  1 xt_conntrack
nf_defrag_ipv6 24576  1 nf_conntrack
nf_defrag_ipv4 16384  1 nf_conntrack
ipt_REJECT 16384  535
nf_reject_ipv4 16384  1 ipt_REJECT
nft_compat 20480  1211
nft_counter16384  1243
nf_tables 172032  4658 nft_limit,nft_compat,nft_counter
libcrc32c  16384  2 nf_conntrack,nf_tables
nfnetlink  20480  2 nft_compat,nf_tables
hid_generic16384  0
binfmt_misc20480  1
usbhid 49152  0
hid   110592  2 hid_generic,usbhid
uas28672  0
usb_storage57344  2 uas
tuner_simple   20480  1
tuner_types16384  1 tuner_simple
ath5k 139264  0
tuner  28672  1
ath28672  1 ath5k
snd_emu10k1_synth  20480  0
snd_emux_synth 36864  1 snd_emu10k1_synth
snd_seq_midi_emul  20480  1 snd_emux_synth
mac80211  692224  1 ath5k
msp340032768  1
snd_seq_virmidi16384  1 snd_emux_synth
snd_seq_midi   20480  0
sr_mod 24576  0
snd_seq_midi_event 16384  2 snd_seq_virmidi,snd_seq_midi
cdrom  53248  1 sr_mod
snd_seq57344  6 
snd_seq_virmidi,snd_seq_midi_event,snd_seq_dummy,snd_seq_midi_emul,snd_seq_midi,snd_emux_synth
bttv  122880  0
snd_emu10k1   135168  1 snd_emu10k1_synth
cfg80211  643072  3 mac80211,ath,ath5k
tea575x16384  1 bttv
snd_via82xx_modem  24576  0
tveeprom   24576  1 bttv
snd_util_mem   16384  2 snd_emu10k1,snd_emux_synth
pcspkr 16384  0
snd_ac97_codec122880  2 snd_via82xx_modem,snd_emu10k1
snd_hwdep  16384  2 snd_emu10k1,snd_emux_synth
videobuf_dma_sg16384  1 bttv
snd_rawmidi32768  3 snd_emu10k1,snd_seq_virmidi,snd_seq_midi
ac97_bus   16384  1 snd_ac97_codec
videobuf_core  24576  2 bttv,videobuf_dma_sg
snd_bt87x  20480  0
snd_seq_device 16384  5 
snd_emu10k1,snd_seq,snd_emu10k1_synth,snd_rawmidi,snd_seq_midi
rfkill 20480  4 cfg80211
rc_core45056  1 bttv
snd_pcm90112  4 
snd_via82xx_modem,snd_emu10k1,snd_bt87x,snd_ac97_codec
libarc416384  1 mac80211
videodev  180224  4 tuner,tea575x,msp3400,bttv
i2c_viapro 20480  0
ehci_pci   20480  0
mc

Bug#1052408: zstd breaks update-initramfs leading to missingmodules broken uuid link

2023-09-21 Thread Christian Kiss

Package: zstd
Version: 1.5.4+dfsg2-5
Severity: normal
X-Debbugs-Cc: christianpeterk...@yahoo.com

Dear Maintainer,



debian12 bookworm
kernelconfig initramfs-tools mandatory zstd (since kernel 5.9)
seems to misconfigure or break non-sse2 update-initramfs -u
leading to "missing modules" or broken uuid link to root andor boot during
bootprocess
drops to shell

the uuid link to a dmraid mapper is not the relevant factor in this

any bullseye initramfstool operation worked before flawlessly including kernel
6.0 on deb11
this i s a bookworm bug

Greetings
Christian KISS
*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
   * What was the outcome of this action?
   * What outcome did you expect instead?

*** End of the template - remove these template lines ***


-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 
'oldstable-updates'), (500, 'oldstable-security'), (500, 'stable'), (500, 
'oldstable')
Architecture: i386 (i686)

Kernel: Linux 5.10.0-23-rt-686-pae (SMP w/1 CPU thread; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages zstd depends on:
ii  libc6   2.36-9+deb12u1
ii  libgcc-s1   12.2.0-14
ii  liblz4-11.9.4-1
ii  liblzma55.4.1-0.2
ii  libstdc++6  12.2.0-14
ii  zlib1g  1:1.2.13.dfsg-1

zstd recommends no packages.

zstd suggests no packages.

-- no debconf information

Bug#1052407: ITP: unblob -- Extracting, analyzing, and reverse engineering firmware images

2023-09-21 Thread 林上智

Package: wnpp
Severity: wishlist
Owner: SZ Lin (林上智) 
X-Debbugs-CC: debian-de...@lists.debian.org

* Package name: unblob
  Version : 23.8.11
  Upstream Author : ONEKEY GmbH
* URL : https://github.com/onekey-sec/unblob
* License : Expat
  Programming Lang: Python
  Description:   Extracting, analyzing, and reverse engineering firmware images

 Unblob serves as a precise, speedy, and user-friendly extraction
 toolkit. It analyzes unidentified  binary blobs across over 30
 various types of archive, compression, and file-system formats.
 .
 Additionally, it performs recursive content extraction and identifies
 unaccounted-for data segments.
 .
 Unblob is under Expat

Bug#1029557: debian-edu-config: Session exits on first login on roaming-workstation fails