Bug#996048: postfix-mta-sts-resolver: diff for NMU version 1.0.0-4.1
Hi Adrian, On Friday, 04 February 2022, 02:24 +0200, Adrian Bunk wrote: > Control: tags 996048 + patch > Control: tags 996048 + pending > > Dear maintainer, > > I've prepared an NMU for postfix-mta-sts-resolver (versioned as 1.0.0-4.1) > and uploaded it to DELAYED/14. Please feel free to tell me if I should > cancel it. Please cancel it, the specific issue was fixed upstream :) Marc Dequènes has uploaded the new version in the mean time. Thanks, Benjamin
Bug#1002376: python-aiosqlite: FTBFS: AttributeError: module 'mistune' has no attribute 'BlockGrammar'
On Sunday, 02 January 2022, 13:15 +0100, Benjamin Hof wrote: > compatible to mistune v2 At the moment this is not the case.
Bug#1002376: python-aiosqlite: FTBFS: AttributeError: module 'mistune' has no attribute 'BlockGrammar'
Control: affects 1001591 + src:python-aiosqlite This looks like the mistune v2 incompatibility with m2r. Upstream switched from m2r to sphinx-mdinclude (a m2r fork compatible to mistune v2) in git.
Bug#996048: [Pkg-openssl-devel] Bug#996048: postfix-mta-sts-resolver: autopkgtest doesn't handle new version of ca-certificates nicely: rehash: warning: skipping ca-certificates.crt, it does not conta
Control: reassign -1 src:ca-certificates On Monday, 08 November 2021, 15:57 +0200, Adrian Bunk wrote: > On Tue, Oct 19, 2021 at 09:13:56AM +0200, Julien Cristau wrote: > > On Mon, Oct 18, 2021 at 11:05:14PM +0200, Kurt Roeckx wrote: > > > On Mon, Oct 18, 2021 at 10:40:59PM +0200, Julien Cristau wrote: > > > > On Mon, Oct 18, 2021 at 02:50:50PM +0200, Benjamin Hof wrote: > > > > > Hi, > > > > > > > > > > I think the following change might be the relevant one: > > > > > > > > > > --- a/update-ca-certificates > > > > > +++ b/update-ca-certificates > > > > > @@ -164,8 +164,6 @@ > > > > >done > > > > > fi > > > > > > > > > > -rm -f "$CERTBUNDLE" > > > > > - > > > > > ADDED_CNT=$(wc -l < "$ADDED") > > > > > REMOVED_CNT=$(wc -l < "$REMOVED") > > > > > > > > > > It triggers this stderr output during openssl rehash (l. 184): > > > > > > > > > > rehash: warning: skipping ca-certificates.crt,it does not contain > > > > > exactly one certificate or CRL > > > > > > > > > Ah, that makes sense. Annoying... > > > > > > > > Kurt/Sebastian, do you think there's a chance openssl rehash could grow > > > > some sort of ignore option so update-ca-certificates could ask it to > > > > skip ca-certificates.crt, to avoid spitting out a warning for it? > > > > > > As in rehash all files in that directory, excluding a file? I > > > guess that's an option. I guess it's not an option to move the > > > file to a different location. > > > > > Exactly. /etc/ssl/certs/ca-certificates.crt is the package's main > > "interface" so I suspect it'd be quite painful to move. Likewise moving > > the certs and hash symlinks themselves would break packages/scripts > > looking them up that way. > > > > The other option for me would be to revert the fix for bug #920348. > > In any case, there is nothing happening here specific to > postfix-mta-sts-resolver, the same problem would happen with > any other package that does not permit stderr output in the > autopkgtest when upgrading ca-certificates is tested. > > The failing part of the autopkgtest is a testing->unstable upgrade of > ca-certificates. > > Any objections to reassigning this to ca-certificates? Sure! Kind regards, Benjamin
Bug#996048: postfix-mta-sts-resolver: autopkgtest doesn't handle new version of ca-certificates nicely: rehash: warning: skipping ca-certificates.crt,it does not contain exactly one certificate or CRL
Hi, I think the following change might be the relevant one: --- a/update-ca-certificates +++ b/update-ca-certificates @@ -164,8 +164,6 @@ done fi -rm -f "$CERTBUNDLE" - ADDED_CNT=$(wc -l < "$ADDED") REMOVED_CNT=$(wc -l < "$REMOVED") It triggers this stderr output during openssl rehash (l. 184): rehash: warning: skipping ca-certificates.crt,it does not contain exactly one certificate or CRL I'm happy to change the upstream integration test to adopt to that, or else it would also make sense to me that update-ca-certificates not output to stderr under normal operation. Perhaps it might even make sense to suppress this particular message entirely? Kind regards, Benjamin
Bug#990977: unblock: python-aiosqlite/0.16.1-2
Package: release.debian.org User: release.debian@packages.debian.org Usertags: unblock Severity: normal Please unblock package python-aiosqlite [ Reason ] The upload contains a small bugfix (#982529) to the package build. We mistakenly thought the existing autopkgtest would allow the package to migrate and missed that it is marked 'superficial'. I'd be happy to provide a new upload with a more useful autopkgtest that executes the test suite, if that'd work for you. [ Impact ] Package does not build reproducibly. [ Tests ] The test suite runs through. [ Risks ] One line change to the package build. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock python-aiosqlite/0.16.1-2 diff -Nru python-aiosqlite-0.16.1/debian/changelog python-aiosqlite-0.16.1/debian/changelog --- python-aiosqlite-0.16.1/debian/changelog2020-11-28 09:32:34.0 +0100 +++ python-aiosqlite-0.16.1/debian/changelog2021-06-27 23:17:37.0 +0200 @@ -1,3 +1,10 @@ +python-aiosqlite (0.16.1-2) unstable; urgency=medium + + * Fix reproducibility by removing RECORD file (Closes: #982529). Thanks to +Chris Lamb. + + -- Benjamin Hof Sun, 27 Jun 2021 23:17:37 +0200 + python-aiosqlite (0.16.1-1) unstable; urgency=medium * New upstream release. diff -Nru python-aiosqlite-0.16.1/debian/rules python-aiosqlite-0.16.1/debian/rules --- python-aiosqlite-0.16.1/debian/rules2020-11-28 09:32:34.0 +0100 +++ python-aiosqlite-0.16.1/debian/rules2021-06-27 23:17:37.0 +0200 @@ -21,4 +21,4 @@ # make reproducible override_dh_auto_install: dh_auto_install - find -name direct_url.json -delete + find \( -name direct_url.json -or -name RECORD \) -delete
Bug#982211: RM: python-pynetstring -- ROM; unused, no reverse depends
Package: ftp.debian.org Severity: normal Please remove python-pynetstring. It was required as a dependency of postfix-mta-sts-resolver for a while, but now has no reverse dependencies anymore. Thanks! signature.asc Description: PGP signature
Bug#968636: Build packages reproducibly with flit
Package: flit Version: 2.3.0-3 Severity: wishlist Forwarded: https://github.com/takluyver/flit/pull/366 Debian packages built using flit are not building reproducibly, because the RECORD file it generates may differ on subsequent runs.
Bug#968516: Add Suggests: postfix-mta-sts-resolver
Source: postfix Version: 3.5.6-1 Severity: wishlist Dear maintainer, Please consider adding a "Suggests: postfix-mta-sts-resolver". Quoting from its documentation: MTA-STS, specified in RFC 8461, is a security standard for email servers. When a site configures MTA-STS, other mail servers can require the successful authentication of that site when forwarding mail there. Kind regards, Benjamin
Bug#963652: Patch to build with current sphinx
Control: tags -1 patch
Control: block 964387 by -1
Hi,
I believe this issue also affects packages that use python3-m2r as
build dependency.
In the upstream repo there is a patch, which I have attached here.
Kind regards,
Benjamin
diff --git a/debian/patches/0001_suffix_arg_removed_from_sphinx_v3.0.0.patch b/debian/patches/0001_suffix_arg_removed_from_sphinx_v3.0.0.patch
new file mode 100644
index 000..18a3ced
--- /dev/null
+++ b/debian/patches/0001_suffix_arg_removed_from_sphinx_v3.0.0.patch
@@ -0,0 +1,28 @@
+Subject: suffix arg removed from sphinx v3.0.0
+
+Origin: other
+Forwarded: https://github.com/miyakogi/m2r/pull/55
+From: CrossNox
+Last-Update: 2020-04-06
+Applied-Upstream: no
+---
+ m2r.py | 6 +-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/m2r.py b/m2r.py
+index 897338d..6bd580e 100644
+--- a/m2r.py
b/m2r.py
+@@ -649,7 +649,11 @@ def setup(app):
+ app.add_config_value('m2r_parse_relative_links', False, 'env')
+ app.add_config_value('m2r_anonymous_references', False, 'env')
+ app.add_config_value('m2r_disable_inline_math', False, 'env')
+-app.add_source_parser('.md', M2RParser)
++try:
++app.add_source_parser(".md", M2RParser) # for older sphinx versions
++except TypeError:
++app.add_source_suffix(".md", "markdown")
++app.add_source_parser(M2RParser)
+ app.add_directive('mdinclude', MdInclude)
+ metadata = dict(
+ version=__version__,
diff --git a/debian/patches/series b/debian/patches/series
index 0819c7b..861d3c2 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,2 +1,3 @@
+0001_suffix_arg_removed_from_sphinx_v3.0.0.patch
2001_privacy.patch
2002_use_system_mathjax.patch
Bug#932849: ftp.debian.org: NEW process looses .buildinfo files
Hi, I've proposed a potential fix in https://salsa.debian.org/ftp-team/dak/merge_requests/150 Kind regards, Benjamin
Bug#927702: RFS: python-aiosqlite/0.10.0-1 [ITP] -- sqlite library for Python 3 using asyncio
On 23 April 2019, 12:36 +, Dmitry Bogatov wrote: >... > > I am looking for a sponsor for my package "python-aiosqlite": > > Is this package dependency of some application? Yes, postfix-mta-sts-resolver (#917366). Kind regards, Benjamin
Bug#927702: RFS: python-aiosqlite/0.10.0-1 [ITP] -- sqlite library for Python 3 using asyncio
Package: sponsorship-requests Severity: wishlist Dear mentors, I am looking for a sponsor for my package "python-aiosqlite": * Package name: python-aiosqlite Version : 0.10.0-1 Upstream Author : John Reese * URL : https://github.com/jreese/aiosqlite * License : Expat Section : python It builds those binary packages: python3-aiosqlite -- sqlite library for Python 3 using asyncio To access further information about this package, please visit the following URL: https://mentors.debian.net/package/python-aiosqlite Alternatively, one can download the package with dget using this command: dget -x https://mentors.debian.net/debian/pool/main/p/python-aiosqlite/python-aiosqlite_0.10.0-1.dsc I have provided the packaging repository at https://salsa.debian.org/benjamin-guest/aiosqlite The Vcs-Browser and Vcs-Git fields point to salsa.debian.org/debian, where I suggest the repository could live. Kind regards, Benjamin
Bug#927701: ITP: python-aiosqlite -- sqlite library for Python 3 using asyncio
Package: wnpp Severity: wishlist Owner: Benjamin Hof * Package name: python-aiosqlite Version : 0.10.0-1 Upstream Author : John Reese * URL : https://github.com/jreese/aiosqlite * License : Expat Programming Lang: Python Description : sqlite library for Python 3 using asyncio A Python 3 module for using sqlite with asyncio. It allows interaction with SQLite databases on the main asyncio event loop without blocking execution of other coroutines while waiting for queries or data fetches. This package is a dependency of postfix-mta-sts-resolver (ITP: #917366).
Bug#923682: RFS: postfix-mta-sts-resolver/0.2.7-1 [ITP] -- Daemon providing MTA-STS map to Postfix
Package: sponsorship-requests Severity: wishlist Dear mentors, I am looking for a sponsor for my package "postfix-mta-sts-resolver": * Package name: postfix-mta-sts-resolver Version : 0.2.7-1 Upstream Author : Vladislav Yarmak * URL : https://github.com/Snawoot/postfix-mta-sts-resolver * License : Expat Section : mail It builds those binary packages: postfix-mta-sts-resolver - Daemon providing MTA-STS map to Postfix To access further information about this package, please visit the following URL: https://mentors.debian.net/package/postfix-mta-sts-resolver Alternatively, one can download the package with dget using this command: dget -x https://mentors.debian.net/debian/pool/main/p/postfix-mta-sts-resolver/postfix-mta-sts-resolver_0.2.7-1.dsc I have provided the packaging repository at https://salsa.debian.org/benjamin-guest/postfix-mta-sts-resolver The Vcs-Browser and Vcs-Git fields point to salsa.debian.org/debian, where I suggest the repository could live. Kind regards, Benjamin
Bug#923683: RFS: python-pynetstring/0.1~dev2+git20180925.40cd4a61-1 [ITP] -- netstring library for Python 3
Package: sponsorship-requests Severity: wishlist Dear mentors, I am looking for a sponsor for my package "python-pynetstring": * Package name: python-pynetstring Version : 0.1~dev2+git20180925.40cd4a61-1 Upstream Author : Robert Johansson * URL : https://github.com/rj79/pynetstring * License : Expat Section : python It builds those binary packages: python3-pynetstring - netstring library for Python 3 To access further information about this package, please visit the following URL: https://mentors.debian.net/package/python-pynetstring Alternatively, one can download the package with dget using this command: dget -x https://mentors.debian.net/debian/pool/main/p/python-pynetstring/python-pynetstring_0.1~dev2+git20180925.40cd4a61-1.dsc I have provided the packaging repository at https://salsa.debian.org/benjamin-guest/pynetstring The Vcs-Browser and Vcs-Git fields point to salsa.debian.org/debian, where I suggest the repository could live. Kind regards, Benjamin
Bug#923676: ITP: python-pynetstring -- netstring library for Python 3
Package: wnpp Severity: wishlist Owner: Benjamin Hof * Package name: python-pynetstring Version : 0.1~dev2+git20180925.40cd4a61-1 Upstream Author : Robert Johansson * URL : https://github.com/rj79/pynetstring * License : Expat Programming Lang: Python Description : netstring library for Python 3 A Python 3 module for encoding and decoding netstrings, a serialisation method designed for network transfer and safe parsing. The netstring format is defined at https://cr.yp.to/proto/netstrings.txt. This package is a dependency of postfix-mta-sts-resolver (ITP: #917366).
Bug#914833: RFS: python-pyxs/0.4.1-1 [ITP] -- Pure Python XenStore client implementation
Hey nicoo, Awesome, thank you for taking the time! I agree with your edits and have pushed the updated changelog. Kind regards, Benjamin
Bug#914833: RFS: python-pyxs/0.4.1-1 [ITP] -- Pure Python XenStore client implementation
Hi, I re-uploaded the package (under the same Debian version) with updated policy and debhelper versions. Kind regards, Benjamin
Bug#914833: RFS: python-pyxs/0.4.1-1 [ITP] -- Pure Python XenStore client implementation
Hi nicoo, Thank you for looking at my package! I appreciate any feedback. On Freitag, 07 Dezember 2018, 13:08 +0100, Nicolas Braud-Santoni wrote: > I created salsa.d.o/Debian/pyxs and granted access to @benjamin-guest. > Can you confirm this is you? :) Thank you! It is I and I have pushed there. > Speaking of which, it was signed with an OpenPGP key that I was unable to > find on keyservers: 0x5B290760467674D74D787DF41B47C9BAC891A072 The key is now to be found at the deep end of the sks pool; it appears not to be fully propagated yet :) gpg --keyserver keyserver2.computer42.org \ --recv-keys 4A1A4FB9DFAF3A4015B19FE5667FBEDE1C69BE14 Kind regards, Benjamin signature.asc Description: PGP signature
Bug#914833: RFS: python-pyxs/0.4.1-1 [ITP] -- Pure Python XenStore client implementation
Package: sponsorship-requests Severity: wishlist Dear mentors, I am looking for a sponsor for my package "python-pyxs" * Package name: python-pyxs Version : 0.4.1-1 Upstream Author : Sergei Lebedev , Fedor Gogolev * URL : https://github.com/selectel/pyxs * License : LGPL-3 Section : python It builds those binary packages: python3-pyxs - Pure Python XenStore client implementation python-pyxs-doc - Pure Python XenStore client implementation (documentation) To access further information about this package, please visit the following URL: https://mentors.debian.net/package/python-pyxs Alternatively, one can download the package with dget using this command: dget -x https://mentors.debian.net/debian/pool/main/p/python-pyxs/python-pyxs_0.4.1-1.dsc I have provided the packaging repository at https://salsa.debian.org/benjamin-guest/pyxs The Vcs-Browser and Vcs-Git fields point to salsa.debian.org/debian, where I suggest the repository could live. Kind regards, Benjamin
Bug#481631: gnupg-agent: doesn't add (some?) SSH keys correctly
Package: gnupg-agent Version: 2.0.9-2 Severity: normal There's a problem with gnupg-agent 2.0.9-2 in lenny (i386). I recently created new SSH keys and tried adding them to the gnupg-agent with ssh-add. This worked fine for one (with a custom name, not id_rsa). Every time I tried to add an additional key named id_rsa however it failed after entering the passphrase for protecting the key material in gnupg. The key itself worked without any problem. - I executed ssh-add and entered the passphrase to decrypt the ssh key. - I saw the pinentry dialog and entered a passphrase. - Then a new dialog with a nice red/green bar for passphrase quality opened. I entered my passphrase again. - This time a message box opened saying not allowed characters in passphrase: insanely high negative number of 1 tries (the message was in german, I use the german localization of Debian.). [ I think the thing with this negative number may well be another, unrelated bug ] - This number was incremented on every time I pressed enter. Aha. - Then I pressed 'cancel'. - The key was stored in ~/.gnupg/private-keys-v1.d/ and also listed in ~/.gnupg/sshcontrol. - I tried to set the passphrase directly interacting with gpg-connect-agent after the above procedure, which worked. This key however did not work anymore (although the passphrase was accepted). The SSH server log complained with a message saying it couldn't decrypt some packet. I am very sorry I don't have the exact message anymore. Hum. I've tried to add different new generated keys and also tried out pinentry-curses (usually I use pinentry-gtk-2), but none made a difference. Please note that all keys I tried were 4096 bit RSA keys. Well, I haven't encountered such a problem before, so I downgraded gnupg-agent to version 2.0.0-5.2 from etch. Adding the key and using it worked fine with this version. I updated to 2.0.9-2 for using the key in an SSH connection and it worked. Praise. Well, I haven't encountered such a problem before, so I downgraded gnupg-agent to version 2.0.0-5.2 from etch. Adding the key and using it worked fine with this version. I updated to 2.0.9-2 for using the key in an SSH connection and it worked. Praise. My conclusion is therefore that there is some bug in the key adding procedures in gnupg-agent in lenny. I wasn't able to narrow it down any more. I would guess, since the key is identified correctly on attempting an SSH connection but then some crypto failes, that there is some error while storing the key encrypted with the passphrase in gnupg which destroys it partly. Because I haven't seen this fancy new quality bar before maybe there is some confusion in gnupg whether it is handling an SSH or a GnuPG key. Software I use (up to date Debian Lenny): - linux 2.6.25.3 self compiled - gnupg2 2.0.9-2 - libgcrypt11 1.4.1-1 - pinentry-gtk2 0.7.5-2 - pinentry-curses 0.7.5-2 I hope you can do something with this information and keep on your very good work. If you need further information please don't hesitate to contact me. With kind regards, Benjamin -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.25.3 (PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages gnupg-agent depends on: ii libc6 2.7-10 GNU C Library: Shared libraries ii libgcrypt11 1.4.1-1LGPL Crypto library - runtime libr ii libgpg-error0 1.4-2 library for common error values an ii libpth20 2.0.7-10 The GNU Portable Threads ii libreadline5 5.2-3 GNU readline and history libraries ii pinentry-curses [pinentry]0.7.5-2curses-based PIN or pass-phrase en ii pinentry-gtk2 [pinentry] 0.7.5-2GTK+-2-based PIN or pass-phrase en Versions of packages gnupg-agent recommends: ii gnupg 1.4.6-2.2 GNU privacy guard - a free PGP rep ii gnupg22.0.9-2GNU privacy guard - a free PGP rep ii gpgsm 2.0.9-2GNU privacy guard - S/MIME version -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
