Bug#1066077: usr-is-merged fails to install on a /usr-merged system
Package: usr-is-merged Version: 39 When attempting to install, I received the following message: ** * * The usr-is-merged package cannot be installed because this system does * not have a merged /usr. * * Please install the usrmerge package to convert this system to merged-/usr. * * For more information please read https://wiki.debian.org/UsrMerge. * ** This despite the fact that I have version 39 of usrmerge installed, and the symlinks were indeed set up correctly. In the end, it turned out to be because /usr itself was a symlink, and although this causes no issues for either the merging process or any running software, since the check is using "readlink -f" it erroneously fails. -- =D ave
Bug#1066052: gcc-13: several acats tests raise ADA.CALENDAR.TIME_ERROR : a-calend.adb:601
Source: gcc-12 Version: 12.3.0-15 Severity: normal Dear Maintainer, In test log, I see a number of tests with following error: splitting /build/gcc-12-TxDF5I/gcc-12-12.3.0/build/gcc/testsuite/ada/acats1/test s/a/a26007a.adt into: a26007a.adb BUILD a26007a.adb /build/gcc-12-TxDF5I/gcc-12-12.3.0/build/gcc/gnatmake --GNATBIND=/build/gcc-12-TxDF5I/gcc-12-12.3.0/build/gcc/gnatbind --GNATLINK=/build/gcc-12-TxDF5I/gcc-12-12.3.0/build/gcc/gnatlink --GCC=/build/gcc-12-TxDF5I/gcc-12-12.3.0/build/gcc/xgcc -B/build/gcc-12-TxDF5I/gcc-12-12.3.0/build/gcc/ -gnatws -O2 -gnat95 -I/build/gcc-12-TxDF5I/gcc-12-12.3.0/build/gcc/testsuite/ada/acats1/../acats/support a26007a.adb -largs --GCC=/build/gcc-12-TxDF5I/gcc-12-12.3.0/build/gcc/xgcc -B/build/gcc-12-TxDF5I/gcc-12-12.3.0/build/gcc/ /build/gcc-12-TxDF5I/gcc-12-12.3.0/build/gcc/xgcc -c -B/build/gcc-12-TxDF5I/gcc-12-12.3.0/build/gcc/ -gnatws -O2 -gnat95 -I/build/gcc-12-TxDF5I/gcc-12-12.3.0/build/gcc/testsuite/ada/acats1/../acats/support a26007a.adb /build/gcc-12-TxDF5I/gcc-12-12.3.0/build/gcc/gnatbind -I/build/gcc-12-TxDF5I/gcc-12-12.3.0/build/gcc/testsuite/ada/acats1/../acats/support -x a26007a.ali /build/gcc-12-TxDF5I/gcc-12-12.3.0/build/gcc/gnatlink a26007a.ali -O2 --GCC=/build/gcc-12-TxDF5I/gcc-12-12.3.0/build/gcc/xgcc -B/build/gcc-12-TxDF5I/gcc-12-12.3.0/build/gcc/ RUN a26007a raised ADA.CALENDAR.TIME_ERROR : a-calend.adb:601 FAIL: a26007a Regards, Dave Anglin -- System Information: Debian Release: trixie/sid APT prefers buildd-unstable APT policy: (500, 'buildd-unstable'), (500, 'unstable') Architecture: hppa (parisc64) Kernel: Linux 6.1.80+ (SMP w/4 CPU threads) Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) -- no debconf information
Bug#1065831: apt tries to uninstall kde & plasma (full-upgrade)
On Mon, Mar 11, 2024 at 05:09:47PM +0100, Miguel Angel Rojas wrote: > Yes, it is confusing for me too. Without considering this t64 migration, > “apt upgrade” should *NOT* remove any package (just upgrading a package to > a newer version or install new dependencies). But it is removing packages > right now! i.e. again, with this t64 migration, it makes the old libraries > to be uninstalled and install the new *t64 version. > > Any thoughts why “apt upgrade” is removing packages even when documentation > says it shouldn’t? or is it a bug? If "apt upgrade" is saying that it removes packages, that is a bug, yes. Please run: apt upgrade -s -o Dir::Log::Solver=/tmp/apt-upgrade-bug.edsp.xz (as normal user; the -s enables simulation so nothing bad can happen) That will create a /tmp/apt-upgrade-bug.edsp.xz file (a few MBs big) you can sent to me (it might be too big for a bug and/or the mailinglist). That file contains information about all packages currently available to you and which of them you have installed – as that changes quiet often and its near impossible to reproduce a problem, especially while a big transition is underway, otherwise. If that package-removing upgrade happened in the past, you can look it up in /var/log/apt/history.log – far less details and harder to reproduce, but at least some chance… I do have to note that I am somewhat dubious through. I have heard that claim quiet often recently and so far it turned out not to be an "apt upgrade" invocation in the end, confusing it with autoremove remarks or didn't expect that some non-t64 and t64 packages became co-installable… but never say never. Best regards David Kalnischkies signature.asc Description: PGP signature
Bug#1065038: src:commit-patch: fails to migrate to testing for too long: uploader built arch:all binary
Hi, Your package is only blocked because the arch:all binary package(s) aren't built on a buildd. Unfortunately the Debian infrastructure doesn't allow arch:all packages to be properly binNMU'ed. Hence, I will shortly do a no-changes source-only upload to DELAYED/15, closing this bug. Please let me know if I should delay or cancel that upload. I think this failed. I got this email shortly afterward: Subject: commit-patch_2.6.2-1_amd64.changes REJECTED > Version check failed: Your upload included the source package commit-patch, version 2.6.2-1, however unstable already has version 2.6.2-1. Uploads to unstable must have a higher version than present in unstable. Is this expected or did something go wrong? Today I got this: commit-patch 2.6-2.1 is marked for autoremoval from testing on 2024-03-29 It is affected by these RC bugs: 1065038: commit-patch: fails to migrate to testing for too long: uploader built arch:all binary https://bugs.debian.org/1065038 So I think things are not in a good state. What is the solution to this? Thanks, David
Bug#1065720: Useless in Debian nowadays
Package: php-text-wiki Version: 1.2.1-3.1 Severity: serious php-text-wiki has no reverse dependencies anymore. We should probably not ship this package in Trixie (not sure if we actually want to remove it from Bookworm). I intend to follow up with an RM request in a few months if nobody objects (but feel free to beat me to it). Regards David signature.asc Description: PGP signature
Bug#1065719: Useless in Debian nowadays
Package: php-net-dime Version: 1.0.2-3.1 Severity: serious php-net-dime has no reverse dependencies anymore. We should probably not ship this package in Trixie (not sure if we actually want to remove it from Bookworm). I intend to follow up with an RM request in a few months if nobody objects (but feel free to beat me to it). Regards David signature.asc Description: PGP signature
Bug#1065718: Useless in Debian nowadays
Package: php-net-nntp Version: 1.5.0-2.1 Severity: serious php-net-nntp has no reverse dependencies anymore. We should probably not ship this package in Trixie (not sure if we actually want to remove it from Bookworm). I intend to follow up with an RM request in a few months if nobody objects (but feel free to beat me to it). Regards David signature.asc Description: PGP signature
Bug#1065716: Useless in Debian nowadays
Package: php-letodms-core Version: 3.4.2-1.1 Severity: serious php-letodms-core has no reverse dependencies anymore. We should probably not ship this package in Trixie (not sure if we actually want to remove it from Bookworm). I intend to follow up with RM requests in a few months if nobody objects (but feel free to beat me to it). Regards David signature.asc Description: PGP signature
Bug#1065717: Useless in Debian nowadays
Package: php-http-webdav-server Version: 1.0.0RC8-1.1 Severity: serious php-http-webdav-server has no reverse dependencies anymore. We should probably not ship this package in Trixie (not sure if we actually want to remove it from Bookworm). I intend to follow up with RM requests in a few months if nobody objects (but feel free to beat me to it). Regards David signature.asc Description: PGP signature
Bug#1065712: Useless in Debian nowadays
Package: php-net-whois Version: 1.0.5-3.2 Severity: serious X-Debbugs-Cc: Debian PHP PEAR Maintainers [ Filled as RC by a Debian PHP PEAR Maintainers team member to see this package auto-removed from testing. ] php-net-whois has no reverse dependencies anymore. We should probably not ship this package in Trixie (not sure if we actually want to remove it from Bookworm, Bullseye, etc.) I intend to follow up with RM requests in a few months if nobody objects (but feel free to beat me to it). Regards David signature.asc Description: PGP signature
Bug#1065710: Useless in Debian nowadays
Package: debpear Version: 0.5+nmu1 Severity: serious [ Filled as RC by a team member to see this package auto-removed from testing. ] debpear has no reverse dependencies, not seen any development in the last ten years, and has a decreasing popcon (probably in link with the decreasing interest in PEAR as a way to distribute PHP packages compared to Composer). We should probably not ship this package in Trixie (not sure if it is worth removing from Bookworm). I intend to follow up with RM requests in a few months if nobody objects (but feel free to beat me to it). Regards David signature.asc Description: PGP signature
Bug#1065708: Useless in Debian nowadays
Package: php-validate Version: 0.8.5-4.2 Severity: serious X-Debbugs-Cc: Debian PHP PEAR Maintainers [ Filled as RC by a Debian PHP PEAR Maintainers team member to see this package auto-removed from testing. ] php-validate has no reverse dependencies anymore. We should probably not ship this package in Trixie (not sure if we actually want to remove it from Bookworm, Bullseye, etc.) I intend to follow up with RM requests in a few months if nobody objects (but feel free to beat me to it). Regards David signature.asc Description: PGP signature
Bug#1041477: php-net-ftp: PHP Fatal error with Bookworm PHP 8.2
control: tags -1 serious Hi Benjamin, Thank you for the report, and apologies nobody came back to you sooner. Le Wed, Jul 19, 2023 at 11:24:44AM +, Benjamin Renard a écrit : > Package: php-net-ftp > Version: 1:1.4.0-2.1 […] > This package seem not compatible with the PHP 8.2 version included in > Debian Bookworn. Also, this package has no reverse dependencies. Given the amount of care it brought in the last few years, I believe it should be removed from the archive. Bumping the severity to see it removed from testing ASAP, maybe it should also be removed from (at least) Bookworm. I intend to follow up with RM requests in a few months if nobody objects (but feel free to beat me to it). Regards David signature.asc Description: PGP signature
Bug#1065707: Useless in Debian nowadays
Package: libphp-snoopy Version: 2.0.0-3 Severity: serious [ Filled as RC by a team member to see this package auto-removed from testing. ] libphp-snoopy has no reverse dependencies anymore. We should probably not ship this package in Trixie (not sure if we actually want to remove it from Bookworm and Bullseye). I intend to follow up with RM requests in a few months if nobody objects (but feel free to beat me to it). Regards David signature.asc Description: PGP signature
Bug#1065705: Useless in Debian nowadays
Package: php-mdb2 Version: 2.5.0b5-2.1 Severity: serious [ Filled as RC by a team member to see this package auto-removed from testing. ] php-mdb2 has no reverse dependencies anymore (except for php-mdb2-driver-pgsql and php-mdb2-driver-mysql that are also targeted by this bug report). We should probably not ship these packages in Trixie (not sure if we actually want to remove them from Bookworm). I intend to follow up with RM requests in a few months if nobody objects (but feel free to beat me to it). Regards David signature.asc Description: PGP signature
Bug#1041982: Speeding up Symfony 6 transition? [Was: Upcoming transitions (Symfony, PHPUnit, etc.)]
Hi, Le Wed, Feb 21, 2024 at 08:19:06AM +0100, David Prévot a écrit : > […] I wish to > proceed with the transition during the next MiniDebCampHamburg happening > early March (in less than two weeks). > > https://wiki.debian.org/DebianEvents/de/2024/MiniDebCampHamburg And that’s done (in unstable)! It needed some last minute tweaking for debci mostly, but the [excuses] page looks good now. I expect the only blockers will be removal (or fix) of php-laravel-lumen-framework and php-laravel-framework (autoremoval expected March 14 and April 7 respectively, sooner if the release team uses some magic). excuses: https://qa.debian.org/excuses.php?package=symfony Thanks to everyone involved! I intend to follow up with some more major version bump on packages that were waiting for Symfony (php-psr-link, php-psr-log, php-email-validator and some packages from the Doctrine stack…). The next big transition in PHP libraries before Trixie may be PHPUnit 11 if we manage to pull it off. Cheers, taffit signature.asc Description: PGP signature
Bug#1065597: racket: Inclusion of mzdyn.o in the binary package
Rafael Laboissière writes: > At any rate, I wonder why the following mzscheme code: > > (begin > (require dynext/link) > (with-handlers >(((lambda args #t) (lambda args #f))) >(for-each (lambda (x) (printf "~a" x)) > (expand-for-link-variant > (current-standard-link-libraries) > I'm not sure what will come of it, but I have reported this issue as https://github.com/racket/cext-lib/issues/4 I haven't marked this Debian bug as forwarded as I believe they are different bugs.
Bug#1065633: [SPAM] Re: Bug#1065633: openldap: FTBFS on hppa - implicit declaration of function 'kadm5_s_init_with_password_ctx'
On 2024-03-07 7:21 p.m., Ryan Tandy wrote: On Thu, Mar 07, 2024 at 01:29:54PM -0800, Ryan Tandy wrote: The binNMUs succeeded on several release arches already. I'm not sure why hppa would be different. I see -Werror=implicit-function-declaration in its compiler commands, but I don't know where it's coming from. I remembered later maybe seeing something about this around time64 build flags, and sure enough, in dpkg 1.22.5: https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=ef90821fe45b99fa8c8c4279b9a74c30f59f491d So actually it looks like hppa was only the first to encounter it, and armel/armhf are likely to fail the same way (right now they are still BD-Uninstallable), in which case this bug will be RC. Yes, see: https://wiki.debian.org/BrainDumpT64 We have been doing a lot of manual builds, so it's possible we may have messed up. -- John David Anglin dave.ang...@bell.net
Bug#1065633: openldap: FTBFS on hppa - implicit declaration of function ‘kadm5_s_init_with_password_ctx’
Source: openldap Version: 2.5.13+dfsg-5+b4 Severity: normal Tags: ftbfs Dear Maintainer, See: https://buildd.debian.org/status/fetch.php?pkg=openldap=hppa=2.5.13%2Bdfsg-5%2Bb4=1709830559=0 smbk5pwd.c: In function ‘smbk5pwd_modules_init’: smbk5pwd.c:917:23: error: implicit declaration of function ‘kadm5_s_init_with_password_ctx’; did you mean ‘kadm5_init_with_password_ctx’? [-Werror=implicit-function-declaration] 917 | ret = kadm5_s_init_with_password_ctx( context, | ^~ | kadm5_init_with_password_ctx smbk5pwd.c:924:25: warning: ‘krb5_get_error_string’ is deprecated [-Wdeprecated-declarations] 924 | err_str = krb5_get_error_string( context ); | ^~~ In file included from /usr/include/heimdal/krb5.h:967, from smbk5pwd.c:45: /usr/include/heimdal/krb5-protos.h:4188:1: note: declared here 4188 | krb5_get_error_string (krb5_context /*context*/) | ^ smbk5pwd.c:926:33: warning: ‘krb5_get_err_text’ is deprecated [-Wdeprecated-declarations] 926 | err_msg = (char *)krb5_get_err_text( context, ret ); | ^~~ /usr/include/heimdal/krb5-protos.h:4152:1: note: declared here 4152 | krb5_get_err_text ( | ^ smbk5pwd.c:931:33: warning: ‘krb5_free_error_string’ is deprecated [-Wdeprecated-declarations] 931 | krb5_free_error_string( context, err_str ); | ^~ /usr/include/heimdal/krb5-protos.h:3721:1: note: declared here 3721 | krb5_free_error_string ( | ^~ cc1: some warnings being treated as errors make[2]: *** [Makefile:54: smbk5pwd.lo] Error 1 Regards, Dave Anglin -- System Information: Debian Release: trixie/sid APT prefers buildd-unstable APT policy: (500, 'buildd-unstable'), (500, 'unstable') Architecture: hppa (parisc64) Kernel: Linux 6.1.80+ (SMP w/4 CPU threads) Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system)
Bug#1065597: racket: Inclusion of mzdyn.o in the binary package
Rafael Laboissière writes: > > However, it does not work because the file mzdyn.o is needed and > cannot be found anywhere. Indeed, this file is mentioned in the Racket > documentation.[*] > My knowledge here is incomplete, and I'd be happy to be corrected, but: I think that documentation relates to the old "bc" backend of racket. For most architectures we are using the new "cs" backend (and will possibly migrate the remaining architectures). So it may not be possible to do the same kind of linking as was done with the old backend.
Bug#1065583: quodlibet: Clicking cover art stifles keyboard input & any clicks outside the image - accessibility nightmare
Package: quodlibet Version: 4.5.0-2 Severity: normal Tags: upstream a11y X-Debbugs-Cc: unimportantdav...@gmail.com To reproduce: 1. Start playing a track that causes some associated album art to be displayed in the small icon at right. 2. Click that small album art thumbnail to enlarge the image. 3. Attempt to control Quod Libet using either the keyboard or mouse in any way other than a mouse-click inside the enlarged displayed image (including important "meta" controls like minimizing the window, pressing Ctrl+Q to attempt to Quit, etc.). Optionally, attempt expected ways to close the album art preview like pressing Esc, Space, or Enter. Such controls do not work. 4. Control can be regained only by clicking within the enlarged album art display, or by pressing Ctrl+W, and as far as I can tell, absolutely no other means. Proposed actions: 1. The enlarged album art display should be very easy to close/dismiss, including by pressing the keys Esc, Space, or Enter, and possibly even by pressing any key whatsoever. This is especially important for disabled users who may use accessibility tools and alternative input devices to control their systems, and significantly also those who are reliant on standard keyboard inputs and shortcuts. 2. The album art should also be closed/dismissed when a user clicks outside of the enlarged image, or, alternatively, the functions of Quod Libet not covered by the enlarged image should be able to be operated with mouse clicks, if they are not covered, though my preference would be the former. 3. Having the album art enlarged should not prevent windowing system controls (minimize button, "X" close button, etc.) from being clicked. Thanks so much for contributing to the best music player on the planet. -- System Information: Debian Release: 12.5 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-18-amd64 (SMP w/4 CPU threads; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages quodlibet depends on: ii exfalso 4.5.0-2 ii gir1.2-gst-plugins-base-1.0 1.22.0-3+deb12u1 ii gir1.2-gstreamer-1.0 1.22.0-2 ii gir1.2-keybinder-3.0 0.3.2-1.1 ii gstreamer1.0-alsa1.22.0-3+deb12u1 ii gstreamer1.0-plugins-base1.22.0-3+deb12u1 ii gstreamer1.0-plugins-good1.22.0-5+deb12u1 ii gstreamer1.0-plugins-ugly1.22.0-2+deb12u1 ii python3 3.11.2-1+b1 Versions of packages quodlibet recommends: ii gir1.2-gtksource-3.0 3.24.11-2+b1 ii gir1.2-webkit2-4.0 2.42.5-1~deb12u1 ii gnome-shell [notification-daemon] 43.9-0+deb12u1 ii python3-dbus 1.3.2-4+b1 ii python3-pyinotify 0.9.6-2 Versions of packages quodlibet suggests: ii gstreamer1.0-plugins-bad 1.22.0-4+deb12u5 -- no debconf information
Bug#1057689: minetest: calls home for upstream version check
Hello! as a workaround you can set empty `update_information_url` in `~/.minetest/minetest.conf`. For Debian developer maintaining minetest, this can be patched in `src/defaultsettings.cpp` same way by setting it to empty string. Please, consider this message also as a request to bump minetest up to 5.8.0 version. Thank you! -- David Heidelberg
Bug#1065497: Please allow php-psr-log 3
Hi Sunil, Le Tue, Mar 05, 2024 at 02:47:18PM -0800, Sunil Mohan Adapa a écrit : > On Tue, 5 Mar 2024 14:48:49 +0100 David =?iso-8859-1?Q?Pr=E9vot?= > wrote: > > Package: php-klogger > > Version: 1.2.2-2 > > Severity: important […] > > Please, test your package with php-psr-log 3 and […] > > […] upload to experimental a fix to make your packages work with > > php-psr-log 3 (so we can easily upload it to unstable in sync with > > php-psr-log 3). > > I have patch available for making php-klogger depend on php-psr-log >= 3.0. Thanks for the quick follow up! > However, it does not work with php-psr-log 1.x anymore. So I don't know how > the two packages can be uploaded together. That’s fine, the patched version of php-klogger can be uploaded to experimental now (so we may detect eventual regressions), and once we’re ready, we just have to upload php-psr-log 3 and the patched version of php-klogger in sync. Regards, taffit signature.asc Description: PGP signature
Bug#1065500: orc: liborc-0.4-dev-bin depends on both liborc-0.4-0 and liborc-0.4-0t64
Source: orc Version: 1:0.4.34-4.2 Severity: normal Dear Maintainer, See: https://packages.debian.org/sid/liborc-0.4-dev-bin Regards, Dave Anglin -- System Information: Debian Release: trixie/sid APT prefers buildd-unstable APT policy: (500, 'buildd-unstable'), (500, 'unstable') Architecture: hppa (parisc64) Kernel: Linux 6.1.80+ (SMP w/4 CPU threads) Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system)
Bug#1065497: Please allow php-psr-log 3
Package: php-klogger Version: 1.2.2-2 Severity: important Hi James, Sunil, AFAICT, php-klogger is the only blocker preventing php-psr-log 3 upload to unstable. php-psr-log 3 is available in experimental since 2021, and recent php-psr-log will be needed for the php-monolog 3 transition. Please, test your package with php-psr-log 3 and relax the versioned dependency if you manage to make your package work with any php-psr-log version, or upload to experimental a fix to make your packages work with php-psr-log 3 (so we can easily upload it to unstable in sync with php-psr-log 3). TIA. Cheers, taffit signature.asc Description: PGP signature
Bug#1063721: spip: has stopped working, complains about PHP version being ‘too recent’
control: severity -1 serious control: found -1 4.1.15+dfsg-1 Hi, Le Sun, Feb 11, 2024 at 07:30:39PM +0100, Axel a écrit : > Package: spip > Version: 4.1.9+dfsg-1+deb12u4 > Severity: important […] > after the upgrade, I could not log in to my site anymore. […] …/ecrire shows: > > “This installation will probably fail, or damage your site. PHP version 8.2.7 > too recent (maximum = 8.1.99)” Ouch, thanks for the feedback, I was able reproduce the issue on a new install (it also breaks on new installation…), I assume changing _PHP_MAX to 8.2.99 in /usr/share/spip/ecrire/inc_version.php should allow one to workaround this issue. Regards, taffit signature.asc Description: PGP signature
Bug#1064998: guile-lib: broken package when cross building
Hello debian maintainers, Vagrant, > Forwarding this upstream, originally submitted in the Debian bug > tracking system at: > https://bugs.debian.org/1064998 > ... > Would the guile-lib developers consider merging this? Are there any > use-cases where this is inappropriate? Certainly! Thanks for the report, it somehow did skip my attention when i worked on this (a long long time ago ...), that calling GUILE_SITE_DIR also defines GUILE_SITE_CCACHE I'll fix this for the next release. > Thanks! I am the one who thanks (all of you) David pgpIY56GkC7Pr.pgp Description: OpenPGP digital signature
Bug#1065112: Acknowledgement (linux-image-6.1.0-18-amd64: System unresponsive after resume from suspend when WoWLAN enabled in iwlwifi)
Some more data... Testing various kernels from https://snapshot.debian.org/binary/?cat=l , I have found that: • linux-image-6.0.0-0.deb11.2-amd64 - has an error, but stays responsive (log except below, full dmesg at http://paste.debian.net/1309322/). • linux-image-6.0.0-1-amd64 - has an error, and is unresponsive except for (some) sysrq keys (stack trace photo at https://imgur.com/a/1R6gYLh ). Although there is some sort of error/crash in both kernels, only linux-image-6.0.0-1-amd64 becomes unusable, so that's probably more urgent. Log excerpt for linux-image-6.0.0-0.deb11.2-amd6 ... [9.755992] IPv6: ADDRCONF(NETDEV_CHANGE): wlp3s0: link becomes ready [ 10.556787] wlp3s0: Limiting TX power to 20 (20 - 0) dBm as advertised by 4c:22:f3:aa:0a:c3 [ 127.171444] PM: suspend entry (deep) [ 127.180424] Filesystems sync: 0.008 seconds [ 127.205820] (NULL device *): firmware: direct-loading firmware regulatory.db [ 127.205857] (NULL device *): firmware: direct-loading firmware regulatory.db.p7s [ 127.206064] (NULL device *): firmware: direct-loading firmware iwlwifi-7265D-29.ucode [ 127.206147] (NULL device *): firmware: direct-loading firmware i915/skl_dmc_ver1_27.bin [ 127.206217] Freezing user space processes ... (elapsed 0.001 seconds) done. [ 127.207668] OOM killer disabled. [ 127.207677] Freezing remaining freezable tasks ... (elapsed 0.001 seconds) done. [ 127.210388] serial 00:01: disabled [ 127.210518] e1000e: EEE TX LPI TIMER: 0011 [ 127.232775] sd 0:0:0:0: [sda] Synchronizing SCSI cache [ 127.232926] sd 0:0:0:0: [sda] Stopping disk [ 127.236750] iwlwifi :03:00.0: Applying debug destination EXTERNAL_DRAM [ 127.696949] ACPI: PM: Preparing to enter system sleep state S3 [ 127.698270] ACPI: PM: Saving platform NVS memory [ 127.698427] Disabling non-boot CPUs ... [ 127.700468] smpboot: CPU 1 is now offline [ 127.703320] smpboot: CPU 2 is now offline [ 127.705876] smpboot: CPU 3 is now offline [ 127.708599] ACPI: PM: Low-level resume complete [ 127.708642] ACPI: PM: Restoring platform NVS memory [ 127.709314] Enabling non-boot CPUs ... [ 127.709350] x86: Booting SMP configuration: [ 127.709352] smpboot: Booting Node 0 Processor 1 APIC 0x2 [ 127.710109] CPU1 is up [ 127.710136] smpboot: Booting Node 0 Processor 2 APIC 0x4 [ 127.710779] CPU2 is up [ 127.710813] smpboot: Booting Node 0 Processor 3 APIC 0x6 [ 127.711515] CPU3 is up [ 127.712376] ACPI: PM: Waking up from system sleep state S3 [ 127.720256] pcieport :00:1b.0: Intel SPT PCH root port ACS workaround enabled [ 127.720642] pcieport :00:1d.0: Intel SPT PCH root port ACS workaround enabled [ 127.724156] i915 :00:02.0: [drm] [ENCODER:94:DDI B/PHY B] is disabled/in DSI mode with an ungated DDI clock, gate it [ 127.724168] i915 :00:02.0: [drm] [ENCODER:103:DDI C/PHY C] is disabled/in DSI mode with an ungated DDI clock, gate it [ 127.724172] i915 :00:02.0: [drm] [ENCODER:114:DDI D/PHY D] is disabled/in DSI mode with an ungated DDI clock, gate it [ 127.724175] i915 :00:02.0: [drm] [ENCODER:124:DDI E/PHY E] is disabled/in DSI mode with an ungated DDI clock, gate it [ 127.724389] ACPI BIOS Error (bug): AE_AML_BUFFER_LIMIT, Field [DRQL] at bit offset/length 136/8 exceeds size of target Buffer (128 bits) (20220331/dsopcode-198) [ 127.724397] ACPI Error: Aborting method \_SB.PCI0.LPCB.SIO1.DSRS due to previous error (AE_AML_BUFFER_LIMIT) (20220331/psparse-529) [ 127.724403] ACPI Error: Aborting method \_SB.PCI0.LPCB.UAR1._SRS due to previous error (AE_AML_BUFFER_LIMIT) (20220331/psparse-529) [ 127.724409] serial 00:01: activation failed [ 127.724411] serial 00:01: PM: dpm_run_callback(): pnp_bus_resume+0x0/0xa0 returns -5 [ 127.724417] serial 00:01: PM: failed to resume: error -5 [ 127.733272] sd 0:0:0:0: [sda] Starting disk [ 127.743867] [ cut here ] [ 127.743869] Timeout waiting for hardware access (CSR_GP_CNTRL 0x080403d8) [ 127.743883] WARNING: CPU: 2 PID: 1113 at drivers/net/wireless/intel/iwlwifi/pcie/trans.c:2128 __iwl_trans_pcie_grab_nic_access+0x1ef/0x220 [iwlwifi] [ 127.743899] Modules linked in: snd_seq_dummy snd_hrtimer snd_seq snd_seq_device ctr ccm qrtr snd_hda_codec_hdmi binfmt_misc intel_rapl_msr intel_rapl_common nls_ascii nls_cp437 vfat fat x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel snd_ctl_led kvm iwlmvm irqbypass snd_hda_codec_realtek ghash_clmulni_intel mac80211 snd_hda_codec_generic snd_hda_intel snd_intel_dspcfg snd_intel_sdw_acpi libarc4 aesni_intel crypto_simd snd_hda_codec cryptd mei_hdcp mei_wdt snd_hda_core iwlwifi snd_hwdep rapl snd_pcm intel_cstate dell_wmi sparse_keymap ledtrig_audio intel_uncore snd_timer iTCO_wdt dell_smbios dcdbas intel_pmc_bxt cfg80211 wmi_bmof dell_wmi_descriptor pcspkr snd mei_me iTCO_vendor_support watchdog ee1004 rfkill soundcore mei intel_pch_thermal intel_pmc_core acpi_pad evdev sg msr parport_pc ppdev lp parport fuse efi_pstore loop dm_mod configfs efivarfs ip_tables x_tables
Bug#1065266: bullseye-pu: package php-phpseclib/2.0.30-2+deb11u2
Le Sat, Mar 02, 2024 at 11:22:22AM +0100, David Prévot a écrit : […] > [x] attach debdiff against the package in oldstable Second try. diff -Nru php-phpseclib-2.0.30/debian/changelog php-phpseclib-2.0.30/debian/changelog --- php-phpseclib-2.0.30/debian/changelog 2023-12-31 15:36:22.0 +0100 +++ php-phpseclib-2.0.30/debian/changelog 2024-02-27 21:15:41.0 +0100 @@ -1,3 +1,15 @@ +php-phpseclib (2.0.30-2+deb11u2) bullseye; urgency=medium + + * Backport upstream fixes +- BigInteger: put guardrails on isPrime() and randomPrime() [CVE-2024-27354] +- BigInteger: rm visibility modifiers from static variables +- ASN1: limit OID length [CVE-2024-27355] +- Tests: updates for phpseclib 2.0 +- BigInteger: phpseclib 2.0 updates +- BigInteger: fix getLength() + + -- David Prévot Tue, 27 Feb 2024 21:15:41 +0100 + php-phpseclib (2.0.30-2+deb11u1) bullseye-security; urgency=medium * Backport upstream SSH2 changes diff -Nru php-phpseclib-2.0.30/debian/patches/0028-BigInteger-put-guardrails-on-isPrime-and-randomPrime.patch php-phpseclib-2.0.30/debian/patches/0028-BigInteger-put-guardrails-on-isPrime-and-randomPrime.patch --- php-phpseclib-2.0.30/debian/patches/0028-BigInteger-put-guardrails-on-isPrime-and-randomPrime.patch 1970-01-01 01:00:00.0 +0100 +++ php-phpseclib-2.0.30/debian/patches/0028-BigInteger-put-guardrails-on-isPrime-and-randomPrime.patch 2024-02-27 21:15:41.0 +0100 @@ -0,0 +1,76 @@ +From: terrafrost +Date: Fri, 23 Feb 2024 08:57:22 -0600 +Subject: BigInteger: put guardrails on isPrime() and randomPrime() + +Origin: upstream, https://github.com/phpseclib/phpseclib/commit/ad5dbdf2129f5e0fb644637770b7f33de8ca8575 +Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2024-27354 +--- + phpseclib/Math/BigInteger.php | 41 - + 1 file changed, 40 insertions(+), 1 deletion(-) + +diff --git a/phpseclib/Math/BigInteger.php b/phpseclib/Math/BigInteger.php +index 9df0bf0..bbe7c86 100644 +--- a/phpseclib/Math/BigInteger.php b/phpseclib/Math/BigInteger.php +@@ -729,6 +729,33 @@ class BigInteger + return $result; + } + ++/** ++ * Return the size of a BigInteger in bits ++ * ++ * @return int ++ */ ++function getLength() ++{ ++if (MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_INTERNAL) { ++return strlen($this->toBits()); ++} ++ ++$max = count($this->value) - 1; ++return $max != -1 ? ++$max * MATH_BIGINTEGER_BASE + ceil(log($a->value[$max] + 1, 2)) : ++0; ++} ++ ++/** ++ * Return the size of a BigInteger in bytes ++ * ++ * @return int ++ */ ++function getLengthInBytes() ++{ ++return ceil($this->getLength() / 8); ++} ++ + /** + * Copy an object + * +@@ -3237,6 +3264,11 @@ class BigInteger + $min = $temp; + } + ++$length = $max->getLength(); ++if ($length > 8196) { ++user_error('Generation of random prime numbers larger than 8196 has been disabled'); ++} ++ + static $one, $two; + if (!isset($one)) { + $one = new static(1); +@@ -3344,7 +3376,14 @@ class BigInteger + */ + function isPrime($t = false) + { +-$length = strlen($this->toBytes()); ++$length = $this->getLength(); ++// OpenSSL limits RSA keys to 16384 bits. The length of an RSA key is equal to the length of the modulo, which is ++// produced by multiplying the primes p and q by one another. The largest number two 8196 bit primes can produce is ++// a 16384 bit number so, basically, 8196 bit primes are the largest OpenSSL will generate and if that's the largest ++// that it'll generate it also stands to reason that that's the largest you'll be able to test primality on ++if ($length > 8196) { ++user_error('Primality testing is not supported for numbers larger than 8196 bits'); ++} + + if (!$t) { + // see HAC 4.49 "Note (controlling the error probability)" diff -Nru php-phpseclib-2.0.30/debian/patches/0029-BigInteger-rm-visibility-modifiers-from-static-varia.patch php-phpseclib-2.0.30/debian/patches/0029-BigInteger-rm-visibility-modifiers-from-static-varia.patch --- php-phpseclib-2.0.30/debian/patches/0029-BigInteger-rm-visibility-modifiers-from-static-varia.patch 1970-01-01 01:00:00.0 +0100 +++ php-phpseclib-2.0.30/debian/patches/0029-BigInteger-rm-visibility-modifiers-from-static-varia.patch 2024-02-27 21:15:41.0 +0100 @@ -0,0 +1,48 @@ +From: terrafrost +Date: Fri, 23 Feb 2024 21:55:47 -0600 +Subject: BigInteger: rm visibility modifiers from static variables + +the non static variables don't have privacy modifiers so idk that +the static ones ought to either. phpseclib 3.0 uses privacy +modifiers but not the 2.0 branch + +Origin: upstream, https
Bug#1065268: bullseye-pu: package phpseclib/1.0.19-3+deb11u2
Package: release.debian.org Severity: normal Tags: bullseye X-Debbugs-Cc: phpsec...@packages.debian.org, t...@security.debian.org Control: affects -1 + src:phpseclib User: release.debian@packages.debian.org Usertags: pu Hi, This issue is simalar to #1065264 for bookworm I’d like to see CVE-2024-27354 and CVE-2024-27355 addressed in the next point release. We agreed with the security team that these issues are not worth a DSA. This update also fixes an issue in dependency loading similar to CVE-2024-24821 as fixed in composer/DSA-5632-1. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in oldstable [x] the issue is verified as fixed in unstable TIA for considering. Cheers, taffit diff -Nru phpseclib-1.0.19/debian/autoload.php.tpl phpseclib-1.0.19/debian/autoload.php.tpl --- phpseclib-1.0.19/debian/autoload.php.tpl 2023-12-31 15:43:05.0 +0100 +++ phpseclib-1.0.19/debian/autoload.php.tpl 2024-02-27 21:27:58.0 +0100 @@ -1,7 +1,7 @@ Tue, 27 Feb 2024 21:27:58 +0100 + phpseclib (1.0.19-3+deb11u1) bullseye-security; urgency=medium * Track bullseye diff -Nru phpseclib-1.0.19/debian/patches/0029-BigInteger-put-guardrails-on-isPrime-and-randomPrime.patch phpseclib-1.0.19/debian/patches/0029-BigInteger-put-guardrails-on-isPrime-and-randomPrime.patch --- phpseclib-1.0.19/debian/patches/0029-BigInteger-put-guardrails-on-isPrime-and-randomPrime.patch 1970-01-01 01:00:00.0 +0100 +++ phpseclib-1.0.19/debian/patches/0029-BigInteger-put-guardrails-on-isPrime-and-randomPrime.patch 2024-02-27 21:27:58.0 +0100 @@ -0,0 +1,76 @@ +From: terrafrost +Date: Fri, 23 Feb 2024 08:57:22 -0600 +Subject: BigInteger: put guardrails on isPrime() and randomPrime() + +Origin: upstream, https://github.com/phpseclib/phpseclib/commit/ad5dbdf2129f5e0fb644637770b7f33de8ca8575 +Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2024-27354 +--- + phpseclib/Math/BigInteger.php | 41 - + 1 file changed, 40 insertions(+), 1 deletion(-) + +diff --git a/phpseclib/Math/BigInteger.php b/phpseclib/Math/BigInteger.php +index 35df7ad..1dd4729 100644 +--- a/phpseclib/Math/BigInteger.php b/phpseclib/Math/BigInteger.php +@@ -746,6 +746,33 @@ class Math_BigInteger + return $result; + } + ++/** ++ * Return the size of a BigInteger in bits ++ * ++ * @return int ++ */ ++function getLength() ++{ ++if (MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_INTERNAL) { ++return strlen($this->toBits()); ++} ++ ++$max = count($this->value) - 1; ++return $max != -1 ? ++$max * MATH_BIGINTEGER_BASE + ceil(log($a->value[$max] + 1, 2)) : ++0; ++} ++ ++/** ++ * Return the size of a BigInteger in bytes ++ * ++ * @return int ++ */ ++function getLengthInBytes() ++{ ++return ceil($this->getLength() / 8); ++} ++ + /** + * Copy an object + * +@@ -3283,6 +3310,11 @@ class Math_BigInteger + $min = $temp; + } + ++$length = $max->getLength(); ++if ($length > 8196) { ++user_error('Generation of random prime numbers larger than 8196 has been disabled'); ++} ++ + static $one, $two; + if (!isset($one)) { + $one = new Math_BigInteger(1); +@@ -3390,7 +3422,14 @@ class Math_BigInteger + */ + function isPrime($t = false) + { +-$length = strlen($this->toBytes()); ++$length = $this->getLength(); ++// OpenSSL limits RSA keys to 16384 bits. The length of an RSA key is equal to the length of the modulo, which is ++// produced by multiplying the primes p and q by one another. The largest number two 8196 bit primes can produce is ++// a 16384 bit number so, basically, 8196 bit primes are the largest OpenSSL will generate and if that's the largest ++// that it'll generate it also stands to reason that that's the largest you'll be able to test primality on ++if ($length > 8196) { ++user_error('Primality testing is not supported for numbers larger than 8196 bits'); ++} + + if (!$t) { + // see HAC 4.49 "Note (controlling the error probability)" Les fichiers binaires /tmp/q2874tUZtM/phpseclib-1.0.19/debian/patches/0030-ASN1-limit-OID-length.patch et /tmp/8dbXhTc93J/phpseclib-1.0.19/debian/patches/0030-ASN1-limit-OID-length.patch sont différents diff -Nru phpseclib-1.0.19/debian/patches/0031-BigInteger-fix-getLength.patch phpseclib-1.0.19/debian/patches/0031-BigInteger-fix-getLength.patch --- phpseclib-1.0.19/debian/patches/0031-BigInteger-fix-getLength.patch 1970-01-01 01:00:00.0 +0100 +++ phpseclib-1.0.19/debian/patches/0031-BigInteger-fix-getLength.patch 2024-02-27 21:27:58.0 +0100 @@ -0,0 +1,31 @@ +From: terrafrost +Date: Sat, 24
Bug#1065266: bullseye-pu: package php-phpseclib/2.0.30-2+deb11u2
Package: release.debian.org Severity: normal Tags: bullseye X-Debbugs-Cc: php-phpsec...@packages.debian.org, t...@security.debian.org Control: affects -1 + src:php-phpseclib User: release.debian@packages.debian.org Usertags: pu Hi, This issue is similar to #1065263 for bookworm I’d like to see CVE-2024-27354 and CVE-2024-27355 addressed in the next point release. We agreed with the security team that these issues are not worth a DSA. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in oldstable [x] the issue is verified as fixed in unstable TIA for considering. Cheers, taffit signature.asc Description: PGP signature
Bug#1065264: bookworm-pu: package phpseclib/1.0.20-1+deb12u2
Package: release.debian.org Severity: normal Tags: bookworm X-Debbugs-Cc: phpsec...@packages.debian.org, t...@security.debian.org Control: affects -1 + src:phpseclib User: release.debian@packages.debian.org Usertags: pu Hi, I’d like to see CVE-2024-27354 and CVE-2024-27355 addressed in the next point release. We agreed with the security team that these issues are not worth a DSA. This update also fixes an issue in dependency loading similar to CVE-2024-24821 as fixed in composer/DSA-5632-1. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in stable [x] the issue is verified as fixed in unstable TIA for considering. Cheers, taffit diff -Nru phpseclib-1.0.20/debian/changelog phpseclib-1.0.20/debian/changelog --- phpseclib-1.0.20/debian/changelog 2023-12-31 11:37:21.0 +0100 +++ phpseclib-1.0.20/debian/changelog 2024-02-26 22:58:32.0 +0100 @@ -1,3 +1,13 @@ +phpseclib (1.0.20-1+deb12u2) bookworm; urgency=medium + + * Backport upstream fixes +- BigInteger: put guardrails on isPrime() and randomPrime() [CVE-2024-27354] +- ASN1: limit OID length [CVE-2024-27355] +- BigInteger: fix getLength() + * Force system dependencies loading + + -- David Prévot Mon, 26 Feb 2024 22:58:32 +0100 + phpseclib (1.0.20-1+deb12u1) bookworm-security; urgency=medium * Track Bookworm diff -Nru phpseclib-1.0.20/debian/patches/0011-BigInteger-put-guardrails-on-isPrime-and-randomPrime.patch phpseclib-1.0.20/debian/patches/0011-BigInteger-put-guardrails-on-isPrime-and-randomPrime.patch --- phpseclib-1.0.20/debian/patches/0011-BigInteger-put-guardrails-on-isPrime-and-randomPrime.patch 1970-01-01 01:00:00.0 +0100 +++ phpseclib-1.0.20/debian/patches/0011-BigInteger-put-guardrails-on-isPrime-and-randomPrime.patch 2024-02-26 22:58:32.0 +0100 @@ -0,0 +1,76 @@ +From: terrafrost +Date: Fri, 23 Feb 2024 08:57:22 -0600 +Subject: BigInteger: put guardrails on isPrime() and randomPrime() + +Origin: upstream, https://github.com/phpseclib/phpseclib/commit/ad5dbdf2129f5e0fb644637770b7f33de8ca8575 +Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2024-27354 +--- + phpseclib/Math/BigInteger.php | 41 - + 1 file changed, 40 insertions(+), 1 deletion(-) + +diff --git a/phpseclib/Math/BigInteger.php b/phpseclib/Math/BigInteger.php +index 961e6ca..5f6b8f3 100644 +--- a/phpseclib/Math/BigInteger.php b/phpseclib/Math/BigInteger.php +@@ -746,6 +746,33 @@ class Math_BigInteger + return $result; + } + ++/** ++ * Return the size of a BigInteger in bits ++ * ++ * @return int ++ */ ++function getLength() ++{ ++if (MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_INTERNAL) { ++return strlen($this->toBits()); ++} ++ ++$max = count($this->value) - 1; ++return $max != -1 ? ++$max * MATH_BIGINTEGER_BASE + ceil(log($a->value[$max] + 1, 2)) : ++0; ++} ++ ++/** ++ * Return the size of a BigInteger in bytes ++ * ++ * @return int ++ */ ++function getLengthInBytes() ++{ ++return ceil($this->getLength() / 8); ++} ++ + /** + * Copy an object + * +@@ -3283,6 +3310,11 @@ class Math_BigInteger + $min = $temp; + } + ++$length = $max->getLength(); ++if ($length > 8196) { ++user_error('Generation of random prime numbers larger than 8196 has been disabled'); ++} ++ + static $one, $two; + if (!isset($one)) { + $one = new Math_BigInteger(1); +@@ -3390,7 +3422,14 @@ class Math_BigInteger + */ + function isPrime($t = false) + { +-$length = strlen($this->toBytes()); ++$length = $this->getLength(); ++// OpenSSL limits RSA keys to 16384 bits. The length of an RSA key is equal to the length of the modulo, which is ++// produced by multiplying the primes p and q by one another. The largest number two 8196 bit primes can produce is ++// a 16384 bit number so, basically, 8196 bit primes are the largest OpenSSL will generate and if that's the largest ++// that it'll generate it also stands to reason that that's the largest you'll be able to test primality on ++if ($length > 8196) { ++user_error('Primality testing is not supported for numbers larger than 8196 bits'); ++} + + if (!$t) { + // see HAC 4.49 "Note (controlling the error probability)" Les fichiers binaires /tmp/iyz_ted7Do/phpseclib-1.0.20/debian/patches/0012-ASN1-limit-OID-length.patch et /tmp/6XyXWtF89o/phpseclib-1.0.20/debian/patches/0012-ASN1-limit-OID-length.patch sont différents diff -Nru phpseclib-1.0.20/debian/patches/0013-BigInteger-fix-getLength.patch phpseclib-1.0.20/debian/patches/0013-BigInteger-fix-getLength.patc
Bug#1065263: bookworm-pu: package php-phpseclib/2.0.42-1+deb12u2
Package: release.debian.org Severity: normal Tags: bookworm X-Debbugs-Cc: php-phpsec...@packages.debian.org, t...@security.debian.org Control: affects -1 + src:php-phpseclib User: release.debian@packages.debian.org Usertags: pu Hi, I’d like to see CVE-2024-27354 and CVE-2024-27355 addressed in the next point release. We agreed with the security team that these issues are not worth a DSA. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in stable [x] the issue is verified as fixed in unstable TIA for considering. Cheers, taffit diff -Nru php-phpseclib-2.0.42/debian/changelog php-phpseclib-2.0.42/debian/changelog --- php-phpseclib-2.0.42/debian/changelog 2023-12-31 11:49:50.0 +0100 +++ php-phpseclib-2.0.42/debian/changelog 2024-02-26 23:23:19.0 +0100 @@ -1,3 +1,15 @@ +php-phpseclib (2.0.42-1+deb12u2) bookworm; urgency=medium + + * Backport upstream fixes +- BigInteger: put guardrails on isPrime() and randomPrime() [CVE-2024-27354] +- BigInteger: rm visibility modifiers from static variables +- ASN1: limit OID length [CVE-2024-27355] +- Tests: updates for phpseclib 2.0 +- BigInteger: phpseclib 2.0 updates +- BigInteger: fix getLength() + + -- David Prévot Mon, 26 Feb 2024 23:23:19 +0100 + php-phpseclib (2.0.42-1+deb12u1) bookworm-security; urgency=medium * Track bookworm diff -Nru php-phpseclib-2.0.42/debian/patches/0010-BigInteger-put-guardrails-on-isPrime-and-randomPrime.patch php-phpseclib-2.0.42/debian/patches/0010-BigInteger-put-guardrails-on-isPrime-and-randomPrime.patch --- php-phpseclib-2.0.42/debian/patches/0010-BigInteger-put-guardrails-on-isPrime-and-randomPrime.patch 1970-01-01 01:00:00.0 +0100 +++ php-phpseclib-2.0.42/debian/patches/0010-BigInteger-put-guardrails-on-isPrime-and-randomPrime.patch 2024-02-26 23:23:19.0 +0100 @@ -0,0 +1,76 @@ +From: terrafrost +Date: Fri, 23 Feb 2024 08:57:22 -0600 +Subject: BigInteger: put guardrails on isPrime() and randomPrime() + +Origin: upstream, https://github.com/phpseclib/phpseclib/commit/ad5dbdf2129f5e0fb644637770b7f33de8ca8575 +Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2024-27354 +--- + phpseclib/Math/BigInteger.php | 41 - + 1 file changed, 40 insertions(+), 1 deletion(-) + +diff --git a/phpseclib/Math/BigInteger.php b/phpseclib/Math/BigInteger.php +index 81b69ac..fd9cd57 100644 +--- a/phpseclib/Math/BigInteger.php b/phpseclib/Math/BigInteger.php +@@ -729,6 +729,33 @@ class BigInteger + return $result; + } + ++/** ++ * Return the size of a BigInteger in bits ++ * ++ * @return int ++ */ ++function getLength() ++{ ++if (MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_INTERNAL) { ++return strlen($this->toBits()); ++} ++ ++$max = count($this->value) - 1; ++return $max != -1 ? ++$max * MATH_BIGINTEGER_BASE + ceil(log($a->value[$max] + 1, 2)) : ++0; ++} ++ ++/** ++ * Return the size of a BigInteger in bytes ++ * ++ * @return int ++ */ ++function getLengthInBytes() ++{ ++return ceil($this->getLength() / 8); ++} ++ + /** + * Copy an object + * +@@ -3237,6 +3264,11 @@ class BigInteger + $min = $temp; + } + ++$length = $max->getLength(); ++if ($length > 8196) { ++user_error('Generation of random prime numbers larger than 8196 has been disabled'); ++} ++ + static $one, $two; + if (!isset($one)) { + $one = new static(1); +@@ -3344,7 +3376,14 @@ class BigInteger + */ + function isPrime($t = false) + { +-$length = strlen($this->toBytes()); ++$length = $this->getLength(); ++// OpenSSL limits RSA keys to 16384 bits. The length of an RSA key is equal to the length of the modulo, which is ++// produced by multiplying the primes p and q by one another. The largest number two 8196 bit primes can produce is ++// a 16384 bit number so, basically, 8196 bit primes are the largest OpenSSL will generate and if that's the largest ++// that it'll generate it also stands to reason that that's the largest you'll be able to test primality on ++if ($length > 8196) { ++user_error('Primality testing is not supported for numbers larger than 8196 bits'); ++} + + if (!$t) { + // see HAC 4.49 "Note (controlling the error probability)" diff -Nru php-phpseclib-2.0.42/debian/patches/0011-BigInteger-rm-visibility-modifiers-from-static-varia.patch php-phpseclib-2.0.42/debian/patches/0011-BigInteger-rm-visibility-modifiers-from-static-varia.patch --- php-phpseclib-2.0.42/debian/patches/0011-BigInteger-rm-visibility-modifiers-from-static-varia.patch 1970-01-01 01:00
Bug#1065261: bookworm-pu: package php-phpseclib3/3.0.19-1+deb12u3
Package: release.debian.org Severity: normal Tags: bookworm X-Debbugs-Cc: php-phpsecl...@packages.debian.org, t...@security.debian.org Control: affects -1 + src:php-phpseclib3 User: release.debian@packages.debian.org Usertags: pu Hi, Iâd like to see CVE-2024-27354 and CVE-2024-27355 addressed in the next point release. We agreed with the security team that these issues are not worth a DSA. This update also fixes an issue in dependency loading similar to CVE-2024-24821 as fixed in composer/DSA-5632-1. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in stable [x] the issue is verified as fixed in unstable TIA for considering. Cheers, taffit diff -Nru php-phpseclib3-3.0.19/debian/autoload.php.tpl php-phpseclib3-3.0.19/debian/autoload.php.tpl --- php-phpseclib3-3.0.19/debian/autoload.php.tpl 1970-01-01 01:00:00.0 +0100 +++ php-phpseclib3-3.0.19/debian/autoload.php.tpl 2024-02-27 21:58:00.0 +0100 @@ -0,0 +1,31 @@ + Tue, 27 Feb 2024 21:58:00 +0100 + php-phpseclib3 (3.0.19-1+deb12u2) bookworm-security; urgency=medium * Backport upstream SSH2 changes diff -Nru php-phpseclib3-3.0.19/debian/clean php-phpseclib3-3.0.19/debian/clean --- php-phpseclib3-3.0.19/debian/clean 2023-12-31 12:13:49.0 +0100 +++ php-phpseclib3-3.0.19/debian/clean 2024-02-27 21:58:00.0 +0100 @@ -1,6 +1,7 @@ -debian/autoload.php.tpl debian/autoload.tests.php.tpl +ParagonIE phpseclib/autoload.php phpseclib3 +random_compat tests/.phpunit.result.cache vendor/ diff -Nru php-phpseclib3-3.0.19/debian/patches/0011-BigInteger-put-guardrails-on-isPrime-and-randomPrime.patch php-phpseclib3-3.0.19/debian/patches/0011-BigInteger-put-guardrails-on-isPrime-and-randomPrime.patch --- php-phpseclib3-3.0.19/debian/patches/0011-BigInteger-put-guardrails-on-isPrime-and-randomPrime.patch 1970-01-01 01:00:00.0 +0100 +++ php-phpseclib3-3.0.19/debian/patches/0011-BigInteger-put-guardrails-on-isPrime-and-randomPrime.patch 2024-02-27 21:58:00.0 +0100 @@ -0,0 +1,42 @@ +From: terrafrost +Date: Sat, 24 Feb 2024 08:38:47 -0600 +Subject: BigInteger: put guardrails on isPrime() and randomPrime() + +Origin: upstream, https://github.com/phpseclib/phpseclib/commit/0358eb163c55a9fd7b3848b9ecc83f6b9e49dbf5 +Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2024-27354 +--- + phpseclib/Math/BigInteger/Engines/Engine.php | 14 ++ + 1 file changed, 14 insertions(+) + +diff --git a/phpseclib/Math/BigInteger/Engines/Engine.php b/phpseclib/Math/BigInteger/Engines/Engine.php +index 2b00bc3..3a735e7 100644 +--- a/phpseclib/Math/BigInteger/Engines/Engine.php b/phpseclib/Math/BigInteger/Engines/Engine.php +@@ -781,6 +781,11 @@ abstract class Engine implements \JsonSerializable + $min = $temp; + } + ++$length = $max->getLength(); ++if ($length > 8196) { ++throw new \RuntimeException("Generation of random prime numbers larger than 8196 has been disabled ($length)"); ++} ++ + $x = static::randomRange($min, $max); + + return static::randomRangePrimeInner($x, $min, $max); +@@ -985,6 +990,15 @@ abstract class Engine implements \JsonSerializable + */ + public function isPrime($t = false) + { ++// OpenSSL limits RSA keys to 16384 bits. The length of an RSA key is equal to the length of the modulo, which is ++// produced by multiplying the primes p and q by one another. The largest number two 8196 bit primes can produce is ++// a 16384 bit number so, basically, 8196 bit primes are the largest OpenSSL will generate and if that's the largest ++// that it'll generate it also stands to reason that that's the largest you'll be able to test primality on ++$length = $this->getLength(); ++if ($length > 8196) { ++throw new \RuntimeException("Primality testing is not supported for numbers larger than 8196 bits ($length)"); ++} ++ + if (!$t) { + $t = $this->setupIsPrime(); + } diff -Nru php-phpseclib3-3.0.19/debian/patches/0012-Tests-add-unit-test-for-EC-pub-key-with-excessively-.patch php-phpseclib3-3.0.19/debian/patches/0012-Tests-add-unit-test-for-EC-pub-key-with-excessively-.patch --- php-phpseclib3-3.0.19/debian/patches/0012-Tests-add-unit-test-for-EC-pub-key-with-excessively-.patch 1970-01-01 01:00:00.0 +0100 +++ php-phpseclib3-3.0.19/debian/patches/0012-Tests-add-unit-test-for-EC-pub-key-with-excessively-.patch 2024-02-27 21:58:00.0 +0100 @@ -0,0 +1,46 @@ +From: terrafrost +Date: Sat, 24 Feb 2024 08:42:27 -0600 +Subject: Tests: add unit test for EC pub key with excessively large integer + +Origin: backport, https://github.com/phpseclib/phpseclib/commit/e17409a3e39baf7c8ed9635c04130802463b117b +--- + tests/Unit/File/X509/X509Test.php| 12 + tests/Unit/File/X509/mal-cert-01.der | Bin 0 ->
Bug#1065209: package sae_pk_gen
Package: hostapd Version: 2:2.10-12 Severity: wishlist Hi, I think https://w1.fi/cgit/hostap/tree/hostapd/sae_pk_gen.c is needed to configure hostapd for SAE-PK. Would it be possible to build it (https://w1.fi/cgit/hostap/tree/hostapd/Makefile#n1390) and include that in the package?
Bug#1065120: python3-tables: includes Python package dependency on blosc2 in metadata
Package: python3-tables Version: 3.9.2-1 Severity: normal X-Debbugs-Cc: none, david.m.co...@gmail.com, David M. Cooke Dear Maintainer, While attempting to run vitables, I get the following traceback: Traceback (most recent call last): File "/usr/bin/vitables", line 33, in sys.exit(load_entry_point('ViTables==3.0.2', 'gui_scripts', 'vitables-run')()) ^^ File "/usr/bin/vitables", line 25, in importlib_load_entry_point return next(matches).load() File "/usr/lib/python3.11/importlib/metadata/__init__.py", line 202, in load module = import_module(match.group('module')) File "/usr/lib/python3.11/importlib/__init__.py", line 126, in import_module return _bootstrap._gcd_import(name[level:], package, level) File "", line 1204, in _gcd_import File "", line 1176, in _find_and_load File "", line 1147, in _find_and_load_unlocked File "", line 690, in _load_unlocked File "", line 940, in exec_module File "", line 241, in _call_with_frames_removed File "/usr/share/vitables/vitables/start.py", line 31, in from vitables.vtapp import VTApp File "/usr/share/vitables/vitables/vtapp.py", line 43, in import vitables.preferences.pluginsloader as pluginsloader File "/usr/share/vitables/vitables/preferences/pluginsloader.py", line 26, in import pkg_resources File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 3327, in @_call_aside ^^^ File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 3302, in _call_aside f(*args, **kwargs) File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 3340, in _initialize_master_working_set working_set = WorkingSet._build_master() ^^ File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 631, in _build_master ws.require(__requires__) File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 968, in require needed = self.resolve(parse_requirements(requirements)) ^^ File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 829, in resolve dist = self._resolve_dist( ^^^ File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 870, in _resolve_dist raise DistributionNotFound(req, requirers) pkg_resources.DistributionNotFound: The 'blosc2>=2.3.0' distribution was not found and is required by tables (Reported as Bug#1065117) Ultimately, I believe the problem to be that /usr/lib/python3/dist-packages/tables-3.9.2.dist-info/METADATA includes a line 'Requires-Dist: blosc2 >=2.3.0' (unless that information is somewhere elso also; I couldn't find it elsewhere). However, the blosc2 Python package isn't installed (nor, for that matter, packaged for Debian). When vitables starts to look for plugins, the pkg_resources module attempts to resolve vitables' Python dependencies. >From what I can tell, the Python bindings in the blosc2 package aren't used, and it's only listed for the blosc2 library and headers it includes -- python3-tables is built against the libblosc2-2 Debian package instead. I think removing the offending line from METADATA should be a sufficient fix. -- System Information: Debian Release: trixie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.6.15-amd64 (SMP w/8 CPU threads; PREEMPT) Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en_US Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages python3-tables depends on: ii python-tables-data 3.9.2-1 ii python3 3.11.6-1 ii python3-cpuinfo 9.0.0-1 ii python3-numexpr 2.9.0-1 ii python3-numpy 1:1.24.2-2 ii python3-packaging 23.2-1 ii python3-tables-lib 3.9.2-1 python3-tables recommends no packages. Versions of packages python3-tables suggests: pn python-tables-doc ii python3-netcdf41.6.5-1+b1 ii vitables 3.0.2-4 -- no debconf information
Bug#1065117: vitables: fails to start
Package: vitables Version: 3.0.2-4 Severity: important X-Debbugs-Cc: david.m.co...@gmail.com Dear Maintainer, Running vitables (version 3.0.2-4 from sid) results in the following Python traceback: Traceback (most recent call last): File "/usr/bin/vitables", line 33, in sys.exit(load_entry_point('ViTables==3.0.2', 'gui_scripts', 'vitables- run')()) ^^ File "/usr/bin/vitables", line 25, in importlib_load_entry_point return next(matches).load() File "/usr/lib/python3.11/importlib/metadata/__init__.py", line 202, in load module = import_module(match.group('module')) File "/usr/lib/python3.11/importlib/__init__.py", line 126, in import_module return _bootstrap._gcd_import(name[level:], package, level) File "", line 1204, in _gcd_import File "", line 1176, in _find_and_load File "", line 1147, in _find_and_load_unlocked File "", line 690, in _load_unlocked File "", line 940, in exec_module File "", line 241, in _call_with_frames_removed File "/usr/share/vitables/vitables/start.py", line 31, in from vitables.vtapp import VTApp File "/usr/share/vitables/vitables/vtapp.py", line 43, in import vitables.preferences.pluginsloader as pluginsloader File "/usr/share/vitables/vitables/preferences/pluginsloader.py", line 26, in import pkg_resources File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 3327, in @_call_aside ^^^ File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 3302, in _call_aside f(*args, **kwargs) File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 3340, in _initialize_master_working_set working_set = WorkingSet._build_master() ^^ File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 631, in _build_master ws.require(__requires__) File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 968, in require needed = self.resolve(parse_requirements(requirements)) ^^ File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 829, in resolve dist = self._resolve_dist( ^^^ File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 870, in _resolve_dist raise DistributionNotFound(req, requirers) pkg_resources.DistributionNotFound: The 'blosc2>=2.3.0' distribution was not found and is required by tables I believe the problem is that when vitables starts to look for plugins, the pkg_resource module examines the vitable package requirements (contained in /usr/share/vitables/ViTables-3.0.2.egg-info/requires.txt), which leads it to the tables package and to its METADATA file /usr/lib/python3/dist-packages/tables-3.9.2.dist-info/METADATA which contains 'Requires-Dist: blosc2 >=2.3.0'. Now, the tables package (packaged as the Debian packages python3-tables, python3-tables-lib, python3-tables-data, or source package pytables) doesn't actually use the Python bindings in the Python package blosc2, as per its documentation, but only the C library and headers that package provides (as a convenience). Python3-tables-lib instead is built directly with libblosc2-2 (which should be fine). Basically, Debian requirements aren't matching the requirements declared by Python. I'll file a separate bug against python3-tables. (As a side note: this is about the third Python app package I've filed a bug against for crashing while _starting_ the program. Please! Actually try to run things before uploading!!) -- System Information: Debian Release: trixie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.6.15-amd64 (SMP w/8 CPU threads; PREEMPT) Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en_US Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages vitables depends on: ii python3 3.11.6-1 ii python3-numexpr 2.9.0-1 ii python3-numpy1:1.24.2-2 ii python3-pyqt55.15.10+dfsg-1 ii python3-qtpy 2.4.1-2 ii python3-tables 3.9.2-1 vitables recommends no packages. vitables suggests no packages. -- no debconf information
Bug#1065112: Acknowledgement (linux-image-6.1.0-18-amd64: System unresponsive after resume from suspend when WoWLAN enabled in iwlwifi)
Clarification: The above step: "3. After suspend, press a key" is to wake the system up. (I had tried magic packet and it didn't work, so pressed a key to wake and got a lit screen but no interactivity.) With WoWLAN disabled, pressing a key would successfully wake. With WoWLAN enabled, WoWLAN didn't work, and pressing a key would wake it enough to light the display - but not respond except to sysrq. On Thu, 29 Feb 2024 at 21:18, Debian Bug Tracking System < ow...@bugs.debian.org> wrote: > Thank you for filing a new Bug report with Debian. > > You can follow progress on this Bug here: 1065112: > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065112. > > This is an automatically generated reply to let you know your message > has been received. > > Your message is being forwarded to the package maintainers and other > interested parties for their attention; they will reply in due course. > > As you requested using X-Debbugs-CC, your message was also forwarded to > da...@balch.co.uk > (after having been given a Bug report number, if it did not have one). > > Your message has been sent to the package maintainer(s): > Debian Kernel Team > > If you wish to submit further information on this problem, please > send it to 1065...@bugs.debian.org. > > Please do not send mail to ow...@bugs.debian.org unless you wish > to report a problem with the Bug-tracking system. > > -- > 1065112: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065112 > Debian Bug Tracking System > Contact ow...@bugs.debian.org with problems >
Bug#1065112: linux-image-6.1.0-18-amd64: System unresponsive after resume from suspend when WoWLAN enabled in iwlwifi
Package: src:linux Version: 6.1.76-1 Severity: normal X-Debbugs-Cc: da...@balch.co.uk Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? I am trying to get WoWLAN working on an old DELL via a PCIe WiFi card ( https://www.amazon.co.uk/dp/B0BTCNG9TD?psc=1=ppx_yo2ov_dt_b_product_details ) that uses the Intel 7265 chipset ( https://www.intel.com/content/www/us/en/products/sku/83635/intel-dual-band-wirelessac-7265/specifications.html ). The card's result from lspci: 03:00.0 Network controller [0280]: "Intel Corporation Wireless 7265 [8086:095a] (rev 59)" * What exactly did you do (or not do) that was effective (or ineffective)? 1. Enabled WoWLAN with magic-packet with `iw phy0 wowlan enable magic-packet` 2. Suspend PC with `echo "mem" > /sys/power/state` 3. After suspend, press a key. I also tried this with a pristine build of linux 6.7.6, and encountered the same problem. * What was the outcome of this action? The display lit up, showing the same information as before suspend, but the mouse and keyboard don't respond. Magic SysRq does respond. I found my way to seeing the kernel crash message (via preventing console_suspend, and tweaking /proc/sys/kernel/{prink,sysrq} values), as shown in the image at: https://imgur.com/a/E7dD0ND Initial analysis of that photo from iam_tj[m]1 on irc #debian-kernel (2024-02-29 19:48): >From your photo we see >`drivers/net/wireless/intel/iwlwifi/iwl-trans.c::iwl_trans_txq_enable_cfg()` >report "bad state" and that is called from >`drivers/net/wireless/intel/iwlwifi/mvm/d3.c::iwl_mvm_send_wowlan_get_status()` > that reports "failed to query wakeup status (-5)". >From reading the code around WoWLAN it seems a special WoWLAN firmware should >be loaded into the device on suspend and on resume the driver is checking it >is (still) there. If not the driver should cause a full device reset. `asm_exc_invalid_op` is a TRAP leading to `arch/x86/kernel/traps.c::handle_invalid_op()` which may imply the code in RAM has been corrupted (in the function `iwl_pcie_tx_start()` presumably). Doesn't seem too likely though since code (.text sections) should be read-only unless the RAM itself is faulty - but if that one wouldn't expect the same error every time. * What outcome did you expect instead? The system resumes from suspend and is fully interactive (as it does when WoWLAN is disabled). -- Package-specific info: ** Version: Linux version 6.1.0-18-amd64 (debian-ker...@lists.debian.org) (gcc-12 (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40) #1 SMP PREEMPT_DYNAMIC Debian 6.1.76-1 (2024-02-01) ** Command line: BOOT_IMAGE=/boot/vmlinuz-6.1.0-18-amd64 root=UUID=b15802a9-4b38-4cb9-9109-fdf1cad881b0 ro quiet crashkernel=384M-:128M ** Not tainted ** Kernel log: [4.039828] mei_me :00:16.0: enabling device ( -> 0002) [4.064801] input: PC Speaker as /devices/platform/pcspkr/input/input9 [4.066671] ee1004 0-0051: 512 byte EE1004-compliant SPD EEPROM, read-only [4.066685] ee1004 0-0053: 512 byte EE1004-compliant SPD EEPROM, read-only [4.110654] iTCO_wdt iTCO_wdt: Found a Intel PCH TCO device (Version=4, TCOBASE=0x0400) [4.112303] dcdbas dcdbas: Dell Systems Management Base Driver (version 5.6.0-3.4) [4.113931] iTCO_wdt iTCO_wdt: initialized. heartbeat=30 sec (nowayout=0) [4.128354] cfg80211: Loading compiled-in X.509 certificates for regulatory database [4.128506] cfg80211: Loaded X.509 cert 'b...@debian.org: 577e021cb980e0e820821ba7b54b4961b8b4fadf' [4.128645] cfg80211: Loaded X.509 cert 'romain.per...@gmail.com: 3abbc6ec146e09d1b6016ab9d6cf71dd233f0328' [4.128783] cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7' [4.128917] cfg80211: Loaded X.509 cert 'wens: 61c038651aabdcf94bd0ac7ff06c7248db18c600' [4.133009] platform regulatory.0: firmware: direct-loading firmware regulatory.db [4.133129] platform regulatory.0: firmware: direct-loading firmware regulatory.db.p7s [4.133616] input: Dell WMI hotkeys as /devices/platform/PNP0C14:00/wmi_bus/wmi_bus-PNP0C14:00/9DBB5994-A997-11DA-B012-B622A1EF5492/input/input10 [4.154628] Intel(R) Wireless WiFi driver for Linux [4.166726] pcieport :00:1d.0: Intel SPT PCH root port ACS workaround enabled [4.166880] iwlwifi :03:00.0: enabling device (0100 -> 0102) [4.169833] iwlwifi :03:00.0: firmware: direct-loading firmware iwlwifi-7265D-29.ucode [4.169856] iwlwifi :03:00.0: Found debug destination: EXTERNAL_DRAM [4.169857] iwlwifi :03:00.0: Found debug configuration: 0 [4.170045] iwlwifi :03:00.0: loaded firmware version 29.4063824552.0 7265D-29.ucode op_mode iwlmvm [4.184779] snd_hda_intel :00:1f.3: enabling device (0100 -> 0102) [4.187148] RAPL PMU: API unit is 2^-32 Joules, 4 fixed counters, 655360 ms ovfl timer [4.187150] RAPL PMU: hw unit of domain
Bug#1065041: src:racket-mode: fails to migrate to testing for too long: autopkgtest failure
Paul Gevers writes: > Source: racket-mode > Version: 20231222git0-1 > Severity: serious > Control: close -1 20240129git0-1 > Tags: sid trixie > User: release.debian@packages.debian.org > Usertags: out-of-sync > In principle the autopkgtest failure should be fixed with 20240129git0-2 just uploaded to unstable. We'll have to wait for the servers to catch up to see for sure. d
Bug#1065079: bullseye-pu: package php-doctrine-annotations/1.11.2-1+deb11u1
Le Thu, Feb 29, 2024 at 03:06:35PM +0100, David Prévot a écrit : > [x] attach debdiff against the package in (old)stable One more time… diff -Nru php-doctrine-annotations-1.11.2/debian/autoload.php.tpl php-doctrine-annotations-1.11.2/debian/autoload.php.tpl --- php-doctrine-annotations-1.11.2/debian/autoload.php.tpl 2020-11-26 19:54:10.0 +0100 +++ php-doctrine-annotations-1.11.2/debian/autoload.php.tpl 2024-02-18 12:30:56.0 +0100 @@ -1,6 +1,6 @@ Sun, 18 Feb 2024 12:32:47 +0100 + php-doctrine-annotations (1.11.2-1) unstable; urgency=medium [ Grégoire Paris ] diff -Nru php-doctrine-annotations-1.11.2/debian/clean php-doctrine-annotations-1.11.2/debian/clean --- php-doctrine-annotations-1.11.2/debian/clean 2020-11-26 19:54:10.0 +0100 +++ php-doctrine-annotations-1.11.2/debian/clean 2024-02-18 12:31:13.0 +0100 @@ -1,3 +1,7 @@ .phpunit.result.cache lib/Doctrine/Common/Annotations/autoload.php +lib/Doctrine/Common/Cache +lib/Doctrine/Common/Lexer +lib/Psr +lib/Symfony vendor/ diff -Nru php-doctrine-annotations-1.11.2/debian/control php-doctrine-annotations-1.11.2/debian/control --- php-doctrine-annotations-1.11.2/debian/control 2021-02-20 14:32:25.0 +0100 +++ php-doctrine-annotations-1.11.2/debian/control 2024-02-18 12:29:35.0 +0100 @@ -10,7 +10,7 @@ phpab, phpunit Standards-Version: 4.5.1 -Vcs-Git: https://salsa.debian.org/php-team/pear/php-doctrine-annotations.git -b debian/latest +Vcs-Git: https://salsa.debian.org/php-team/pear/php-doctrine-annotations.git -b debian/bullseye Vcs-Browser: https://salsa.debian.org/php-team/pear/php-doctrine-annotations Homepage: https://www.doctrine-project.org/projects/annotations.html Rules-Requires-Root: no diff -Nru php-doctrine-annotations-1.11.2/debian/gbp.conf php-doctrine-annotations-1.11.2/debian/gbp.conf --- php-doctrine-annotations-1.11.2/debian/gbp.conf 2021-02-20 14:25:27.0 +0100 +++ php-doctrine-annotations-1.11.2/debian/gbp.conf 2024-02-18 12:29:42.0 +0100 @@ -1,5 +1,5 @@ [DEFAULT] -debian-branch = debian/latest +debian-branch = debian/bullseye filter = [ '.gitattributes' ] pristine-tar = True upstream-vcs-tag = %(version%~%-)s diff -Nru php-doctrine-annotations-1.11.2/debian/rules php-doctrine-annotations-1.11.2/debian/rules --- php-doctrine-annotations-1.11.2/debian/rules 2021-02-20 14:32:22.0 +0100 +++ php-doctrine-annotations-1.11.2/debian/rules 2024-02-18 12:31:33.0 +0100 @@ -1,7 +1,7 @@ #!/usr/bin/make -f %: - dh $@ + dh $@ -XCommon/Cache -XCommon/Lexer -Xlib/Psr -XSymfony override_dh_auto_build: phpab \ @@ -9,6 +9,10 @@ --template debian/autoload.php.tpl \ lib/Doctrine/Common/Annotations mkdir --parents vendor + ln -s /usr/share/php/Doctrine/Common/Cache lib/Doctrine/Common + ln -s /usr/share/php/Doctrine/Common/Lexer lib/Doctrine/Common + ln -s /usr/share/php/Psr lib + ln -s /usr/share/php/Symfony lib phpab \ --output vendor/autoload.php \ --template debian/autoload.tests.php.tpl \ signature.asc Description: PGP signature
Bug#1065079: bullseye-pu: package php-doctrine-annotations/1.11.2-1+deb11u1
Package: release.debian.org Severity: normal Tags: bullseye X-Debbugs-Cc: php-doctrine-annotati...@packages.debian.org, t...@security.debian.org Control: affects -1 + src:php-doctrine-annotations User: release.debian@packages.debian.org Usertags: pu [6/6 for bullseye] This is a follow up from composer/DSA-5632-1, similar to #1065065 in bookworm. In order to fix a Debian-specific issue related to CVE-2024-24821, we agreed with the security team to push related dependencies via the next point release. The only change (besides changelog entry) in the binary package is the following (thanks to diffoscope). │ │ ├── ./usr/share/php/Doctrine/Common/Annotations/autoload.php │ │ │ @@ -1,10 +1,10 @@ │ │ │ signature.asc Description: PGP signature
Bug#1065077: bullseye-pu: package php-zend-code/4.0.0-2+deb11u1
Package: release.debian.org Severity: normal Tags: bullseye X-Debbugs-Cc: php-zend-c...@packages.debian.org, t...@security.debian.org Control: affects -1 + src:php-zend-code User: release.debian@packages.debian.org Usertags: pu [5/6 for bullseye] This is a follow up from composer/DSA-5632-1, similar to #1065062 in bookworm. In order to fix a Debian-specific issue related to CVE-2024-24821, we agreed with the security team to push related dependencies via the next point release. The only change (besides changelog entry) in the binary package is the following (thanks to diffoscope). │ │ ├── ./usr/share/php/Laminas/Code/autoload.php │ │ │ @@ -1,14 +1,12 @@ │ │ │ diff -Nru php-zend-code-4.0.0/debian/autoload.php.tpl php-zend-code-4.0.0/debian/autoload.php.tpl --- php-zend-code-4.0.0/debian/autoload.php.tpl 2021-01-11 20:28:16.0 +0100 +++ php-zend-code-4.0.0/debian/autoload.php.tpl 2024-02-18 12:20:19.0 +0100 @@ -1,10 +1,8 @@ Sun, 18 Feb 2024 12:21:22 +0100 + php-zend-code (4.0.0-2) unstable; urgency=medium * Upload to unstable in sync with (reverse-)dependencies diff -Nru php-zend-code-4.0.0/debian/clean php-zend-code-4.0.0/debian/clean --- php-zend-code-4.0.0/debian/clean 2021-01-03 18:07:35.0 +0100 +++ php-zend-code-4.0.0/debian/clean 2024-02-18 12:18:12.0 +0100 @@ -1,4 +1,5 @@ .phpunit.result.cache +Doctrine src/autoload.php vendor/ Laminas/ diff -Nru php-zend-code-4.0.0/debian/control php-zend-code-4.0.0/debian/control --- php-zend-code-4.0.0/debian/control 2021-01-03 18:08:00.0 +0100 +++ php-zend-code-4.0.0/debian/control 2024-02-18 12:13:21.0 +0100 @@ -12,7 +12,7 @@ pkg-php-tools Standards-Version: 4.5.1 Homepage: https://docs.laminas.dev/laminas-code/ -Vcs-Git: https://salsa.debian.org/php-team/pear/php-zend-code.git -b debian/latest +Vcs-Git: https://salsa.debian.org/php-team/pear/php-zend-code.git -b debian/bullseye Vcs-Browser: https://salsa.debian.org/php-team/pear/php-zend-code Rules-Requires-Root: no diff -Nru php-zend-code-4.0.0/debian/gbp.conf php-zend-code-4.0.0/debian/gbp.conf --- php-zend-code-4.0.0/debian/gbp.conf 2021-01-03 18:07:35.0 +0100 +++ php-zend-code-4.0.0/debian/gbp.conf 2024-02-18 12:13:27.0 +0100 @@ -1,5 +1,5 @@ [DEFAULT] -debian-branch = debian/latest +debian-branch = debian/bullseye pristine-tar = True pristine-tar-commit = True diff -Nru php-zend-code-4.0.0/debian/rules php-zend-code-4.0.0/debian/rules --- php-zend-code-4.0.0/debian/rules 2021-01-03 18:07:35.0 +0100 +++ php-zend-code-4.0.0/debian/rules 2024-02-18 12:21:22.0 +0100 @@ -7,7 +7,10 @@ --template debian/autoload.php.tpl \ src mkdir --parents vendor Laminas - ln -s ../src Laminas/Code + cp -r src Laminas/Code + ln -s /usr/share/php/Doctrine . + ln -s /usr/share/php/Laminas/EventManager Laminas + ln -s /usr/share/php/Laminas/Stdlib Laminas phpab --output vendor/autoload.php \ --template debian/autoload.tests.php.tpl \ test signature.asc Description: PGP signature
Bug#1065076: bullseye-pu: package php-proxy-manager/2.11.1+1.0.3-1+deb11u1
Package: release.debian.org Severity: normal Tags: bullseye X-Debbugs-Cc: php-proxy-mana...@packages.debian.org, t...@security.debian.org Control: affects -1 + src:php-proxy-manager User: release.debian@packages.debian.org Usertags: pu [4/6 for bullseye] This is a follow up from composer/DSA-5632-1, similar to #1065061 in bookworm. In order to fix a Debian-specific issue related to CVE-2024-24821, we agreed with the security team to push related dependencies via the next point release. The only change (besides changelog entry) in the binary package is the following (thanks to diffoscope). │ │ ├── ./usr/share/php/ProxyManager/autoload.php │ │ │ @@ -1,10 +1,10 @@ │ │ │ diff -Nru php-proxy-manager-2.11.1+1.0.3/debian/autoload.php.tpl php-proxy-manager-2.11.1+1.0.3/debian/autoload.php.tpl --- php-proxy-manager-2.11.1+1.0.3/debian/autoload.php.tpl 2021-01-27 20:55:23.0 +0100 +++ php-proxy-manager-2.11.1+1.0.3/debian/autoload.php.tpl 2024-02-18 12:10:10.0 +0100 @@ -1,6 +1,6 @@ Sun, 18 Feb 2024 12:10:39 +0100 + php-proxy-manager (2.11.1+1.0.3-1) unstable; urgency=medium [ Nicolas Grekas ] diff -Nru php-proxy-manager-2.11.1+1.0.3/debian/clean php-proxy-manager-2.11.1+1.0.3/debian/clean --- php-proxy-manager-2.11.1+1.0.3/debian/clean 2021-01-15 03:02:22.0 +0100 +++ php-proxy-manager-2.11.1+1.0.3/debian/clean 2024-02-18 12:10:10.0 +0100 @@ -1,4 +1,6 @@ .phpunit.result.cache -ProxyManager +Laminas +ProxyManager/ src/ProxyManager/autoload.php +Symfony vendor/ diff -Nru php-proxy-manager-2.11.1+1.0.3/debian/control php-proxy-manager-2.11.1+1.0.3/debian/control --- php-proxy-manager-2.11.1+1.0.3/debian/control 2021-01-27 21:03:45.0 +0100 +++ php-proxy-manager-2.11.1+1.0.3/debian/control 2024-02-18 12:10:10.0 +0100 @@ -12,7 +12,7 @@ pkg-php-tools Standards-Version: 4.5.1 Homepage: https://github.com/FriendsOfPHP/proxy-manager-lts -Vcs-Git: https://salsa.debian.org/php-team/pear/php-proxy-manager.git -b debian/lts +Vcs-Git: https://salsa.debian.org/php-team/pear/php-proxy-manager.git -b debian/bullseye Vcs-Browser: https://salsa.debian.org/php-team/pear/php-proxy-manager Rules-Requires-Root: no diff -Nru php-proxy-manager-2.11.1+1.0.3/debian/gbp.conf php-proxy-manager-2.11.1+1.0.3/debian/gbp.conf --- php-proxy-manager-2.11.1+1.0.3/debian/gbp.conf 2021-01-27 20:55:23.0 +0100 +++ php-proxy-manager-2.11.1+1.0.3/debian/gbp.conf 2024-02-18 12:10:10.0 +0100 @@ -1,5 +1,5 @@ [DEFAULT] -debian-branch = debian/lts +debian-branch = debian/bullseye pristine-tar = True pristine-tar-commit = True upstream-branch = upstream-lts diff -Nru php-proxy-manager-2.11.1+1.0.3/debian/patches/0001-Also-skip-system-classes-during-tests.patch php-proxy-manager-2.11.1+1.0.3/debian/patches/0001-Also-skip-system-classes-during-tests.patch --- php-proxy-manager-2.11.1+1.0.3/debian/patches/0001-Also-skip-system-classes-during-tests.patch 2021-01-27 20:55:23.0 +0100 +++ php-proxy-manager-2.11.1+1.0.3/debian/patches/0001-Also-skip-system-classes-during-tests.patch 2024-02-18 12:10:10.0 +0100 @@ -3,22 +3,23 @@ Subject: Also skip system classes during tests --- - tests/ProxyManagerTest/Functional/FatalPreventionFunctionalTest.php | 2 ++ - 1 file changed, 2 insertions(+) + tests/ProxyManagerTest/Functional/FatalPreventionFunctionalTest.php | 3 +++ + 1 file changed, 3 insertions(+) diff --git a/tests/ProxyManagerTest/Functional/FatalPreventionFunctionalTest.php b/tests/ProxyManagerTest/Functional/FatalPreventionFunctionalTest.php -index 146eeb0..abded91 100644 +index 146eeb0..37cceb8 100644 --- a/tests/ProxyManagerTest/Functional/FatalPreventionFunctionalTest.php +++ b/tests/ProxyManagerTest/Functional/FatalPreventionFunctionalTest.php -@@ -112,6 +112,7 @@ final class FatalPreventionFunctionalTest extends TestCase +@@ -112,6 +112,8 @@ final class FatalPreventionFunctionalTest extends TestCase realpath(__DIR__ . '/../../../src'), realpath(__DIR__ . '/../../../vendor'), realpath(__DIR__ . '/../../ProxyManagerTest'), ++realpath(__DIR__ . '/../../../ProxyManager'), +realpath('/usr/share/php'), ]; return array_filter( -@@ -138,6 +139,7 @@ final class FatalPreventionFunctionalTest extends TestCase +@@ -138,6 +140,7 @@ final class FatalPreventionFunctionalTest extends TestCase if (strpos($realPath, $skippedPath) === 0) { // skip classes defined within ProxyManager, vendor or the test suite diff -Nru php-proxy-manager-2.11.1+1.0.3/debian/rules php-proxy-manager-2.11.1+1.0.3/debian/rules --- php-proxy-manager-2.11.1+1.0.3/debian/rules 2021-01-27 20:55:23.0 +0100 +++ php-proxy-manager-2.11.1+1.0.3/debian/rules 2024-02-18 12:10:10.0 +0100 @@ -15,7 +15,9 @@ tests/ProxyManagerTest \ tests/ProxyManagerTestAsset \ tests/Stubbed/Laminas/Server - ln -s src/ProxyManager . + cp
Bug#1065075: bullseye-pu: package symfony/4.4.19+dfsg-2+deb11u5
Package: release.debian.org Severity: normal Tags: bullseye X-Debbugs-Cc: symf...@packages.debian.org, t...@security.debian.org Control: affects -1 + src:symfony User: release.debian@packages.debian.org Usertags: pu [3/6 for bullseye] This is a follow up from composer/DSA-5632-1, similar to #1065059 in bookworm. In order to fix a Debian-specific issue related to CVE-2024-24821, we agreed with the security team to push related dependencies via the next point release. It also adds an upstream patch in order to fix the testsuite, already referenced via #1061033 in Debian. The only change (besides changelog entry) in the binary packages is of the following kind (thanks to diffoscope), for example for php-symfony-cache. │ │ ├── ./usr/share/php/Symfony/Component/Cache/autoload.php │ │ │ @@ -1,14 +1,13 @@ │ │ │ diff -Nru symfony-4.4.19+dfsg/debian/autoload.php symfony-4.4.19+dfsg/debian/autoload.php --- symfony-4.4.19+dfsg/debian/autoload.php 2023-11-11 19:09:20.0 +0100 +++ symfony-4.4.19+dfsg/debian/autoload.php 2024-02-18 10:59:51.0 +0100 @@ -1,76 +1,76 @@ Sun, 18 Feb 2024 10:59:51 +0100 + symfony (4.4.19+dfsg-2+deb11u4) bullseye; urgency=medium * [Mime] regenerate test certificates (Closes: #1034854) diff -Nru symfony-4.4.19+dfsg/debian/clean symfony-4.4.19+dfsg/debian/clean --- symfony-4.4.19+dfsg/debian/clean2023-11-11 19:09:20.0 +0100 +++ symfony-4.4.19+dfsg/debian/clean2024-02-18 10:59:51.0 +0100 @@ -1,5 +1,6 @@ .phpunit.result.cache CHANGELOG +build/ debian/autoloaders/ debian/packages_to_build/ vendor/ diff -Nru symfony-4.4.19+dfsg/debian/patches/make-sure-that-the-submitted-year-is-an-accepted-choice.patch symfony-4.4.19+dfsg/debian/patches/make-sure-that-the-submitted-year-is-an-accepted-choice.patch --- symfony-4.4.19+dfsg/debian/patches/make-sure-that-the-submitted-year-is-an-accepted-choice.patch 1970-01-01 01:00:00.0 +0100 +++ symfony-4.4.19+dfsg/debian/patches/make-sure-that-the-submitted-year-is-an-accepted-choice.patch 2024-02-18 10:59:51.0 +0100 @@ -0,0 +1,35 @@ +From: Christian Flothmann +Date: Tue, 2 Jan 2024 08:56:56 +0100 +Subject: make sure that the submitted year is an accepted choice + +Origin: upstream, https://github.com/symfony/symfony/commit/64f675ced4c60a67f564608fb598dc27ea3de9f6 +Bug-Debian: https://bugs.debian.org/1061033 +--- + .../Component/Form/Tests/Extension/Core/Type/DateTimeTypeTest.php| 1 + + src/Symfony/Component/Form/Tests/Extension/Core/Type/DateTypeTest.php| 1 + + 2 files changed, 2 insertions(+) + +diff --git a/src/Symfony/Component/Form/Tests/Extension/Core/Type/DateTimeTypeTest.php b/src/Symfony/Component/Form/Tests/Extension/Core/Type/DateTimeTypeTest.php +index 506ec11..3016069 100644 +--- a/src/Symfony/Component/Form/Tests/Extension/Core/Type/DateTimeTypeTest.php b/src/Symfony/Component/Form/Tests/Extension/Core/Type/DateTimeTypeTest.php +@@ -701,6 +701,7 @@ class DateTimeTypeTest extends BaseTypeTest + $form = $this->factory->create(static::TESTED_TYPE, null, [ + 'widget' => $widget, + 'empty_data' => $emptyData, ++'years' => range(2018, (int) date('Y')), + ]); + $form->submit(null); + +diff --git a/src/Symfony/Component/Form/Tests/Extension/Core/Type/DateTypeTest.php b/src/Symfony/Component/Form/Tests/Extension/Core/Type/DateTypeTest.php +index 5891cc0..893fac1 100644 +--- a/src/Symfony/Component/Form/Tests/Extension/Core/Type/DateTypeTest.php b/src/Symfony/Component/Form/Tests/Extension/Core/Type/DateTypeTest.php +@@ -1021,6 +1021,7 @@ class DateTypeTest extends BaseTypeTest + $form = $this->factory->create(static::TESTED_TYPE, null, [ + 'widget' => $widget, + 'empty_data' => $emptyData, ++'years' => range(2018, (int) date('Y')), + ]); + $form->submit(null); + diff -Nru symfony-4.4.19+dfsg/debian/patches/series symfony-4.4.19+dfsg/debian/patches/series --- symfony-4.4.19+dfsg/debian/patches/series 2023-11-11 19:09:20.0 +0100 +++ symfony-4.4.19+dfsg/debian/patches/series 2024-02-18 10:59:51.0 +0100 @@ -24,3 +24,4 @@ Security-Http-Remove-CSRF-tokens-from-storage-on-successf.patch Mime-regenerate-test-certificates.patch TwigBridge-Ensure-CodeExtension-s-filters-properly-escape.patch +make-sure-that-the-submitted-year-is-an-accepted-choice.patch diff -Nru symfony-4.4.19+dfsg/debian/patches/VarDumper-Adapt-to-homemade-autoload.patch symfony-4.4.19+dfsg/debian/patches/VarDumper-Adapt-to-homemade-autoload.patch --- symfony-4.4.19+dfsg/debian/patches/VarDumper-Adapt-to-homemade-autoload.patch 2023-11-11 19:09:20.0 +0100 +++ symfony-4.4.19+dfsg/debian/patches/VarDumper-Adapt-to-homemade-autoload.patch 2024-02-18 10:59:51.0 +0100 @@ -4,11 +4,11 @@ Forwarded: no --- - src/Symfony/Component/VarDumper/Resources/bin/var-dump-server | 8 - 1 file
Bug#1065071: bullseye-pu: package php-symfony-contracts/1.1.10-2+deb11u1
Package: release.debian.org Severity: normal Tags: bullseye X-Debbugs-Cc: php-symfony-contra...@packages.debian.org, t...@security.debian.org Control: affects -1 + src:php-symfony-contracts User: release.debian@packages.debian.org Usertags: pu [2/6 for bullseye] This is a follow up from composer/DSA-5632-1, similar to #1065058 in bookworm. In order to fix a Debian-specific issue related to CVE-2024-24821, we agreed with the security team to push related dependencies via the next point release. The only change (besides changelog entry) in the binary packages is of the following kind (thanks to diffoscope), for example for php-symfony-cache-contracts. │ │ ├── ./usr/share/php/Symfony/Contracts/Cache/autoload.php │ │ │ @@ -1,13 +1,11 @@ │ │ │ diff -Nru php-symfony-contracts-1.1.10/debian/changelog php-symfony-contracts-1.1.10/debian/changelog --- php-symfony-contracts-1.1.10/debian/changelog 2020-09-15 22:17:37.0 +0200 +++ php-symfony-contracts-1.1.10/debian/changelog 2024-02-18 11:57:14.0 +0100 @@ -1,3 +1,9 @@ +php-symfony-contracts (1.1.10-2+deb11u1) bookworm; urgency=medium + + * Force system dependencies loading + + -- David Prévot Sun, 18 Feb 2024 11:57:14 +0100 + php-symfony-contracts (1.1.10-2) unstable; urgency=medium * Revert "stop using deprecated PHPUnit APIs", fixing symfony FTBFS diff -Nru php-symfony-contracts-1.1.10/debian/rules php-symfony-contracts-1.1.10/debian/rules --- php-symfony-contracts-1.1.10/debian/rules 2020-09-15 22:17:37.0 +0200 +++ php-symfony-contracts-1.1.10/debian/rules 2024-02-18 11:57:10.0 +0100 @@ -45,13 +45,13 @@ fi; \ done cp debian/autoload.php . - mkdir --parents vendor Symfony + mkdir --parents vendor Symfony/Contracts phpab \ --output vendor/autoload.php \ --template debian/autoload.tests.php.tpl \ Tests # Mimic expected path for tests - cp -r autoload.php Cache Deprecation EventDispatcher HttpClient Service Translation Symfony/Contracts + cp -r autoload.php Cache EventDispatcher HttpClient Service Translation Symfony/Contracts ln -s /usr/share/php/Symfony/Component Symfony ln -s /usr/share/php/Psr . signature.asc Description: PGP signature
Bug#1065070: bookworm-pu: package php-composer-xdebug-handler/1.4.5-1+deb11u1
Package: release.debian.org Severity: normal Tags: bookworm X-Debbugs-Cc: php-composer-xdebug-hand...@packages.debian.org, t...@security.debian.org Control: affects -1 + src:php-composer-xdebug-handler User: release.debian@packages.debian.org Usertags: pu [1/6 for bullseye] This is a follow up from composer/DSA-5632-1, similar to #1065057 in bookworm. In order to fix a Debian-specific issue related to CVE-2024-24821, we agreed with the security team to push related dependencies via the next point release. The only change (besides changelog entry) in the binary package is the following (thanks to diffoscope). │ │ ├── ./usr/share/php/Composer/XdebugHandler/autoload.php │ │ │ @@ -1,10 +1,10 @@ │ │ │ diff -Nru php-composer-xdebug-handler-1.4.5/debian/autoload.php.tpl php-composer-xdebug-handler-1.4.5/debian/autoload.php.tpl --- php-composer-xdebug-handler-1.4.5/debian/autoload.php.tpl 2020-11-22 16:28:34.0 +0100 +++ php-composer-xdebug-handler-1.4.5/debian/autoload.php.tpl 2024-02-18 09:01:17.0 +0100 @@ -1,6 +1,6 @@ Sun, 18 Feb 2024 09:02:41 +0100 + php-composer-xdebug-handler (1.4.5-1) unstable; urgency=medium [ Martin Matthaei ] diff -Nru php-composer-xdebug-handler-1.4.5/debian/clean php-composer-xdebug-handler-1.4.5/debian/clean --- php-composer-xdebug-handler-1.4.5/debian/clean 2020-11-22 16:28:34.0 +0100 +++ php-composer-xdebug-handler-1.4.5/debian/clean 2024-02-18 09:01:35.0 +0100 @@ -1,4 +1,5 @@ Composer/ +Psr src/autoload.php vendor/ .phpunit.result.cache diff -Nru php-composer-xdebug-handler-1.4.5/debian/control php-composer-xdebug-handler-1.4.5/debian/control --- php-composer-xdebug-handler-1.4.5/debian/control 2020-11-22 16:31:14.0 +0100 +++ php-composer-xdebug-handler-1.4.5/debian/control 2024-02-18 08:59:53.0 +0100 @@ -11,7 +11,7 @@ Standards-Version: 4.5.1 Homepage: https://github.com/composer/xdebug-handler Vcs-Browser: https://salsa.debian.org/php-team/pear/php-composer-xdebug-handler -Vcs-Git: https://salsa.debian.org/php-team/pear/php-composer-xdebug-handler.git -b debian/latest +Vcs-Git: https://salsa.debian.org/php-team/pear/php-composer-xdebug-handler.git -b debian/bullseye Rules-Requires-Root: no Package: php-composer-xdebug-handler diff -Nru php-composer-xdebug-handler-1.4.5/debian/gbp.conf php-composer-xdebug-handler-1.4.5/debian/gbp.conf --- php-composer-xdebug-handler-1.4.5/debian/gbp.conf 2020-11-22 16:29:46.0 +0100 +++ php-composer-xdebug-handler-1.4.5/debian/gbp.conf 2024-02-18 08:59:57.0 +0100 @@ -1,5 +1,5 @@ [DEFAULT] -debian-branch = debian/latest +debian-branch = debian/bullseye pristine-tar = True pristine-tar-commit = True diff -Nru php-composer-xdebug-handler-1.4.5/debian/rules php-composer-xdebug-handler-1.4.5/debian/rules --- php-composer-xdebug-handler-1.4.5/debian/rules 2020-11-22 16:28:34.0 +0100 +++ php-composer-xdebug-handler-1.4.5/debian/rules 2024-02-18 09:02:12.0 +0100 @@ -8,7 +8,8 @@ --template debian/autoload.php.tpl \ src mkdir --parents vendor Composer - ln -s ../src Composer/XdebugHandler + cp -r src Composer/XdebugHandler + ln -s /usr/share/php/Psr . phpab \ --output vendor/autoload.php \ --template debian/autoload.tests.php.tpl \ signature.asc Description: PGP signature
Bug#1065068: bookworm-pu: package php-doctrine-deprecations/1.0.0-2+deb12u1
Package: release.debian.org Severity: normal Tags: bookworm X-Debbugs-Cc: php-doctrine-deprecati...@packages.debian.org, t...@security.debian.org Control: affects -1 + src:php-doctrine-deprecations User: release.debian@packages.debian.org Usertags: pu [9/9 for bookworm] This is a follow up from composer/DSA-5632-1 (the last one for Bookworm). In order to fix a Debian-specific issue related to CVE-2024-24821, we agreed with the security team to push related dependencies via the next point release. The only change (besides changelog entry) in the binary package is the following (thanks to diffoscope). │ │ ├── ./usr/share/php/Doctrine/Deprecations/autoload.php │ │ │ @@ -1,13 +1,13 @@ │ │ │ diff -Nru php-doctrine-deprecations-1.0.0/debian/autoload.php.tpl php-doctrine-deprecations-1.0.0/debian/autoload.php.tpl --- php-doctrine-deprecations-1.0.0/debian/autoload.php.tpl 1970-01-01 01:00:00.0 +0100 +++ php-doctrine-deprecations-1.0.0/debian/autoload.php.tpl 2024-02-15 23:25:51.0 +0100 @@ -0,0 +1,29 @@ + Thu, 15 Feb 2024 23:26:09 +0100 + php-doctrine-deprecations (1.0.0-2) unstable; urgency=medium * Be tolerant about line number pointer (PHP 8.2 related fix) diff -Nru php-doctrine-deprecations-1.0.0/debian/clean php-doctrine-deprecations-1.0.0/debian/clean --- php-doctrine-deprecations-1.0.0/debian/clean 2022-06-19 21:05:43.0 +0200 +++ php-doctrine-deprecations-1.0.0/debian/clean 2024-02-15 23:25:51.0 +0100 @@ -1,5 +1,5 @@ .phpunit.result.cache -debian/autoload.php.tpl debian/autoload.tests.php.tpl lib/Doctrine/Deprecations/autoload.php +lib/Psr vendor/ diff -Nru php-doctrine-deprecations-1.0.0/debian/control php-doctrine-deprecations-1.0.0/debian/control --- php-doctrine-deprecations-1.0.0/debian/control 2022-06-19 21:19:29.0 +0200 +++ php-doctrine-deprecations-1.0.0/debian/control 2024-02-15 23:23:24.0 +0100 @@ -10,7 +10,7 @@ phpunit, pkg-php-tools (>= 1.41~) Standards-Version: 4.6.1 -Vcs-Git: https://salsa.debian.org/php-team/pear/php-doctrine-deprecations.git +Vcs-Git: https://salsa.debian.org/php-team/pear/php-doctrine-deprecations.git -b debian/bookworm Vcs-Browser: https://salsa.debian.org/php-team/pear/php-doctrine-deprecations Homepage: https://www.doctrine-project.org/ Rules-Requires-Root: no diff -Nru php-doctrine-deprecations-1.0.0/debian/gbp.conf php-doctrine-deprecations-1.0.0/debian/gbp.conf --- php-doctrine-deprecations-1.0.0/debian/gbp.conf 2022-06-19 21:07:24.0 +0200 +++ php-doctrine-deprecations-1.0.0/debian/gbp.conf 2024-02-15 23:23:30.0 +0100 @@ -1,5 +1,5 @@ [DEFAULT] -debian-branch = debian/latest +debian-branch = debian/bookworm filter = [ '.gitattributes' ] pristine-tar = True upstream-vcs-tag = v%(version%~%-)s diff -Nru php-doctrine-deprecations-1.0.0/debian/install php-doctrine-deprecations-1.0.0/debian/install --- php-doctrine-deprecations-1.0.0/debian/install 2022-06-19 21:05:43.0 +0200 +++ php-doctrine-deprecations-1.0.0/debian/install 2024-02-15 23:25:51.0 +0100 @@ -1 +1 @@ -lib/* usr/share/php +lib/Doctrine usr/share/php diff -Nru php-doctrine-deprecations-1.0.0/debian/rules php-doctrine-deprecations-1.0.0/debian/rules --- php-doctrine-deprecations-1.0.0/debian/rules 2022-06-19 21:05:43.0 +0200 +++ php-doctrine-deprecations-1.0.0/debian/rules 2024-02-15 23:25:51.0 +0100 @@ -4,12 +4,12 @@ dh $@ override_dh_auto_build: - phpabtpl composer.json > debian/autoload.php.tpl phpab \ --output lib/Doctrine/Deprecations/autoload.php \ --template debian/autoload.php.tpl \ lib/Doctrine/Deprecations mkdir --parents vendor + ln -s /usr/share/php/Psr lib/ phpabtpl \ --require doctrine/deprecations \ > debian/autoload.tests.php.tpl signature.asc Description: PGP signature
Bug#1065067: bookworm-pu: package php-doctrine-lexer/2.1.0-2+deb12u1
Package: release.debian.org Severity: normal Tags: bookworm X-Debbugs-Cc: php-doctrine-le...@packages.debian.org, t...@security.debian.org Control: affects -1 + src:php-doctrine-lexer User: release.debian@packages.debian.org Usertags: pu [8/9 for bookworm] This is a follow up from composer/DSA-5632-1. In order to fix a Debian-specific issue related to CVE-2024-24821, we agreed with the security team to push related dependencies via the next point release. The only change (besides changelog entry) in the binary package is the following (thanks to diffoscope). │ │ ├── ./usr/share/php/Doctrine/Common/Lexer/autoload.php │ │ │ @@ -1,11 +1,11 @@ │ │ │ diff -Nru php-doctrine-lexer-2.1.0/debian/autoload.php.tpl php-doctrine-lexer-2.1.0/debian/autoload.php.tpl --- php-doctrine-lexer-2.1.0/debian/autoload.php.tpl 1970-01-01 01:00:00.0 +0100 +++ php-doctrine-lexer-2.1.0/debian/autoload.php.tpl 2024-02-15 23:22:05.0 +0100 @@ -0,0 +1,29 @@ + Thu, 15 Feb 2024 23:22:10 +0100 + php-doctrine-lexer (2.1.0-2) unstable; urgency=medium * Upload to unstable diff -Nru php-doctrine-lexer-2.1.0/debian/clean php-doctrine-lexer-2.1.0/debian/clean --- php-doctrine-lexer-2.1.0/debian/clean 2022-12-12 07:58:13.0 +0100 +++ php-doctrine-lexer-2.1.0/debian/clean 2024-02-15 23:22:05.0 +0100 @@ -1,5 +1,4 @@ .phpunit.result.cache -debian/autoload.php.tpl debian/autoload.tests.php.tpl Doctrine/ src/autoload.php diff -Nru php-doctrine-lexer-2.1.0/debian/control php-doctrine-lexer-2.1.0/debian/control --- php-doctrine-lexer-2.1.0/debian/control 2023-01-01 10:10:48.0 +0100 +++ php-doctrine-lexer-2.1.0/debian/control 2024-02-15 23:20:25.0 +0100 @@ -9,7 +9,7 @@ phpab, phpunit Standards-Version: 4.6.2 -Vcs-Git: https://salsa.debian.org/php-team/pear/php-doctrine-lexer.git -b debian/bookworm +Vcs-Git: https://salsa.debian.org/php-team/pear/php-doctrine-lexer.git -b debian/bookworm-security Vcs-Browser: https://salsa.debian.org/php-team/pear/php-doctrine-lexer Homepage: https://www.doctrine-project.org/projects/lexer.html Rules-Requires-Root: no diff -Nru php-doctrine-lexer-2.1.0/debian/gbp.conf php-doctrine-lexer-2.1.0/debian/gbp.conf --- php-doctrine-lexer-2.1.0/debian/gbp.conf 2023-01-01 10:10:48.0 +0100 +++ php-doctrine-lexer-2.1.0/debian/gbp.conf 2024-02-15 23:20:29.0 +0100 @@ -1,5 +1,5 @@ [DEFAULT] -debian-branch = debian/bookworm +debian-branch = debian/bookworm-security filter = [ '.gitattributes' ] pristine-tar = True upstream-branch = upstream-2.x diff -Nru php-doctrine-lexer-2.1.0/debian/rules php-doctrine-lexer-2.1.0/debian/rules --- php-doctrine-lexer-2.1.0/debian/rules 2022-12-12 07:59:50.0 +0100 +++ php-doctrine-lexer-2.1.0/debian/rules 2024-02-15 23:22:05.0 +0100 @@ -3,13 +3,13 @@ dh $@ override_dh_auto_build: - phpabtpl composer.json > debian/autoload.php.tpl phpab \ --output src/autoload.php \ --template debian/autoload.php.tpl \ src mkdir --parents vendor Doctrine/Common - ln -s ../../src Doctrine/Common/Lexer + cp -r src Doctrine/Common/Lexer + ln -s /usr/share/php/Doctrine/Deprecations Doctrine phpabtpl \ --require doctrine/lexer \ > debian/autoload.tests.php.tpl signature.asc Description: PGP signature
Bug#1065065: bookworm-pu: package php-doctrine-annotations/2.0.1-1+deb12u1
Package: release.debian.org Severity: normal Tags: bookworm X-Debbugs-Cc: php-doctrine-annotati...@packages.debian.org, t...@security.debian.org Control: affects -1 + src:php-doctrine-annotations User: release.debian@packages.debian.org Usertags: pu [7/9 for bookworm] This is a follow up from composer/DSA-5632-1. In order to fix a Debian-specific issue related to CVE-2024-24821, we agreed with the security team to push related dependencies via the next point release. The only change (besides changelog entry) in the binary package is the following (thanks to diffoscope). │ │ ├── ./usr/share/php/Doctrine/Common/Annotations/autoload.php │ │ │ @@ -1,12 +1,12 @@ │ │ │ diff -Nru php-doctrine-annotations-2.0.1/debian/autoload.php.tpl php-doctrine-annotations-2.0.1/debian/autoload.php.tpl --- php-doctrine-annotations-2.0.1/debian/autoload.php.tpl 1970-01-01 01:00:00.0 +0100 +++ php-doctrine-annotations-2.0.1/debian/autoload.php.tpl 2024-02-15 23:14:38.0 +0100 @@ -0,0 +1,30 @@ + Thu, 15 Feb 2024 23:14:38 +0100 + php-doctrine-annotations (2.0.1-1) unstable; urgency=medium [ Alexander M. Turek ] diff -Nru php-doctrine-annotations-2.0.1/debian/clean php-doctrine-annotations-2.0.1/debian/clean --- php-doctrine-annotations-2.0.1/debian/clean 2021-05-23 19:31:29.0 +0200 +++ php-doctrine-annotations-2.0.1/debian/clean 2024-02-15 23:14:38.0 +0100 @@ -1,5 +1,8 @@ .phpunit.result.cache -debian/autoload.php.tpl debian/autoload.tests.php.tpl lib/Doctrine/Common/Annotations/autoload.php +lib/Doctrine/Common/Cache +lib/Doctrine/Common/Lexer +lib/Psr +lib/Symfony vendor/ diff -Nru php-doctrine-annotations-2.0.1/debian/control php-doctrine-annotations-2.0.1/debian/control --- php-doctrine-annotations-2.0.1/debian/control 2023-02-03 05:25:51.0 +0100 +++ php-doctrine-annotations-2.0.1/debian/control 2024-02-15 23:14:38.0 +0100 @@ -13,7 +13,7 @@ phpunit, pkg-php-tools Standards-Version: 4.6.2 -Vcs-Git: https://salsa.debian.org/php-team/pear/php-doctrine-annotations.git +Vcs-Git: https://salsa.debian.org/php-team/pear/php-doctrine-annotations.git -b debian/bookworm Vcs-Browser: https://salsa.debian.org/php-team/pear/php-doctrine-annotations Homepage: https://www.doctrine-project.org/projects/annotations.html Rules-Requires-Root: no diff -Nru php-doctrine-annotations-2.0.1/debian/gbp.conf php-doctrine-annotations-2.0.1/debian/gbp.conf --- php-doctrine-annotations-2.0.1/debian/gbp.conf 2021-02-20 14:25:27.0 +0100 +++ php-doctrine-annotations-2.0.1/debian/gbp.conf 2024-02-15 23:14:38.0 +0100 @@ -1,5 +1,5 @@ [DEFAULT] -debian-branch = debian/latest +debian-branch = debian/bookworm filter = [ '.gitattributes' ] pristine-tar = True upstream-vcs-tag = %(version%~%-)s diff -Nru php-doctrine-annotations-2.0.1/debian/rules php-doctrine-annotations-2.0.1/debian/rules --- php-doctrine-annotations-2.0.1/debian/rules 2021-10-11 03:02:26.0 +0200 +++ php-doctrine-annotations-2.0.1/debian/rules 2024-02-15 23:14:38.0 +0100 @@ -1,15 +1,18 @@ #!/usr/bin/make -f %: - dh $@ + dh $@ -XCommon/Cache -XCommon/Lexer -Xlib/Psr -XSymfony override_dh_auto_build: - phpabtpl composer.json > debian/autoload.php.tpl phpab \ --output lib/Doctrine/Common/Annotations/autoload.php \ --template debian/autoload.php.tpl \ lib/Doctrine/Common/Annotations mkdir --parents vendor + ln -s /usr/share/php/Doctrine/Common/Cache lib/Doctrine/Common + ln -s /usr/share/php/Doctrine/Common/Lexer lib/Doctrine/Common + ln -s /usr/share/php/Psr lib + ln -s /usr/share/php/Symfony lib phpabtpl \ --require doctrine/annotations \ --require doctrine/cache \ signature.asc Description: PGP signature
Bug#1065062: bookworm-pu: package php-zend-code/4.8.0-1+deb12u1
Package: release.debian.org Severity: normal Tags: bookworm X-Debbugs-Cc: php-zend-c...@packages.debian.org, t...@security.debian.org Control: affects -1 + src:php-zend-code User: release.debian@packages.debian.org Usertags: pu [6/9 for bookworm] This is a follow up from composer/DSA-5632-1. In order to fix a Debian-specific issue related to CVE-2024-24821, we agreed with the security team to push related dependencies via the next point release. The only change (besides changelog entry) in the binary package is the following (thanks to diffoscope). │ │ ├── ./usr/share/php/Laminas/Code/autoload.php │ │ │ @@ -1,14 +1,14 @@ │ │ │ diff -Nru php-zend-code-4.8.0/debian/autoload.php.tpl php-zend-code-4.8.0/debian/autoload.php.tpl --- php-zend-code-4.8.0/debian/autoload.php.tpl 1970-01-01 01:00:00.0 +0100 +++ php-zend-code-4.8.0/debian/autoload.php.tpl 2024-02-15 23:03:09.0 +0100 @@ -0,0 +1,30 @@ + Thu, 15 Feb 2024 23:03:09 +0100 + php-zend-code (4.8.0-1) unstable; urgency=medium [ Marco Pivetta ] diff -Nru php-zend-code-4.8.0/debian/clean php-zend-code-4.8.0/debian/clean --- php-zend-code-4.8.0/debian/clean 2022-12-11 17:50:13.0 +0100 +++ php-zend-code-4.8.0/debian/clean 2024-02-15 23:03:09.0 +0100 @@ -1,6 +1,6 @@ .phpunit.result.cache -debian/autoload.php.tpl debian/autoload.tests.php.tpl +Doctrine src/autoload.php vendor/ Laminas/ diff -Nru php-zend-code-4.8.0/debian/control php-zend-code-4.8.0/debian/control --- php-zend-code-4.8.0/debian/control 2022-06-18 16:41:55.0 +0200 +++ php-zend-code-4.8.0/debian/control 2024-02-15 23:03:09.0 +0100 @@ -12,7 +12,7 @@ pkg-php-tools (>= 1.41~) Standards-Version: 4.6.1 Homepage: https://docs.laminas.dev/laminas-code/ -Vcs-Git: https://salsa.debian.org/php-team/pear/php-zend-code.git +Vcs-Git: https://salsa.debian.org/php-team/pear/php-zend-code.git -b debian/bookworm Vcs-Browser: https://salsa.debian.org/php-team/pear/php-zend-code Rules-Requires-Root: no diff -Nru php-zend-code-4.8.0/debian/gbp.conf php-zend-code-4.8.0/debian/gbp.conf --- php-zend-code-4.8.0/debian/gbp.conf 2021-04-09 03:16:02.0 +0200 +++ php-zend-code-4.8.0/debian/gbp.conf 2024-02-15 23:03:09.0 +0100 @@ -1,5 +1,5 @@ [DEFAULT] -debian-branch = debian/latest +debian-branch = debian/bookworm filter = [ '.gitattributes' ] pristine-tar = True upstream-vcs-tag = %(version%~%-)s diff -Nru php-zend-code-4.8.0/debian/rules php-zend-code-4.8.0/debian/rules --- php-zend-code-4.8.0/debian/rules 2022-12-11 17:50:13.0 +0100 +++ php-zend-code-4.8.0/debian/rules 2024-02-15 23:03:09.0 +0100 @@ -3,12 +3,13 @@ dh $@ -Xindex.md override_dh_auto_build: - phpabtpl composer.json > debian/autoload.php.tpl phpab --output src/autoload.php \ --template debian/autoload.php.tpl \ src mkdir --parents vendor Laminas - ln -s ../src Laminas/Code + cp -r src Laminas/Code + ln -s /usr/share/php/Doctrine . + ln -s /usr/share/php/Laminas/Stdlib Laminas phpabtpl \ --require laminas/laminas-code \ > debian/autoload.tests.php.tpl signature.asc Description: PGP signature
Bug#1065061: bookworm-pu: package php-proxy-manager/2.11.1+1.0.14-1+deb12u1
Package: release.debian.org Severity: normal Tags: bookworm X-Debbugs-Cc: php-proxy-mana...@packages.debian.org, t...@security.debian.org Control: affects -1 + src:php-proxy-manager User: release.debian@packages.debian.org Usertags: pu [5/9 for bookworm] This is a follow up from composer/DSA-5632-1. In order to fix a Debian-specific issue related to CVE-2024-24821, we agreed with the security team to push related dependencies via the next point release. The only change (besides changelog entry) in the binary package is the following (thanks to diffoscope). │ │ ├── ./usr/share/php/ProxyManager/autoload.php │ │ │ @@ -1,12 +1,12 @@ │ │ │ diff -Nru php-proxy-manager-2.11.1+1.0.14/debian/autoload.php.tpl php-proxy-manager-2.11.1+1.0.14/debian/autoload.php.tpl --- php-proxy-manager-2.11.1+1.0.14/debian/autoload.php.tpl 1970-01-01 01:00:00.0 +0100 +++ php-proxy-manager-2.11.1+1.0.14/debian/autoload.php.tpl 2024-02-15 22:58:41.0 +0100 @@ -0,0 +1,30 @@ + Thu, 15 Feb 2024 22:58:41 +0100 + php-proxy-manager (2.11.1+1.0.14-1) unstable; urgency=medium [ Nicolas Grekas ] diff -Nru php-proxy-manager-2.11.1+1.0.14/debian/clean php-proxy-manager-2.11.1+1.0.14/debian/clean --- php-proxy-manager-2.11.1+1.0.14/debian/clean 2022-10-22 12:12:26.0 +0200 +++ php-proxy-manager-2.11.1+1.0.14/debian/clean 2024-02-15 22:58:41.0 +0100 @@ -1,6 +1,7 @@ .phpunit.result.cache -ProxyManager -debian/autoload.php.tpl debian/autoload.tests.php.tpl +Laminas +ProxyManager/ src/ProxyManager/autoload.php +Symfony vendor/ diff -Nru php-proxy-manager-2.11.1+1.0.14/debian/control php-proxy-manager-2.11.1+1.0.14/debian/control --- php-proxy-manager-2.11.1+1.0.14/debian/control 2023-01-30 13:41:38.0 +0100 +++ php-proxy-manager-2.11.1+1.0.14/debian/control 2024-02-15 22:58:41.0 +0100 @@ -13,7 +13,7 @@ pkg-php-tools (>= 1.41~) Standards-Version: 4.6.2 Homepage: https://github.com/FriendsOfPHP/proxy-manager-lts -Vcs-Git: https://salsa.debian.org/php-team/pear/php-proxy-manager.git +Vcs-Git: https://salsa.debian.org/php-team/pear/php-proxy-manager.git -b debian/bookworm Vcs-Browser: https://salsa.debian.org/php-team/pear/php-proxy-manager Rules-Requires-Root: no diff -Nru php-proxy-manager-2.11.1+1.0.14/debian/gbp.conf php-proxy-manager-2.11.1+1.0.14/debian/gbp.conf --- php-proxy-manager-2.11.1+1.0.14/debian/gbp.conf 2022-10-22 12:12:26.0 +0200 +++ php-proxy-manager-2.11.1+1.0.14/debian/gbp.conf 2024-02-15 22:58:41.0 +0100 @@ -1,5 +1,5 @@ [DEFAULT] -debian-branch = debian/lts +debian-branch = debian/bookworm filter = [ '.gitattributes' ] pristine-tar = True upstream-branch = upstream-lts diff -Nru php-proxy-manager-2.11.1+1.0.14/debian/patches/0001-Also-skip-system-classes-during-tests.patch php-proxy-manager-2.11.1+1.0.14/debian/patches/0001-Also-skip-system-classes-during-tests.patch --- php-proxy-manager-2.11.1+1.0.14/debian/patches/0001-Also-skip-system-classes-during-tests.patch 2023-01-30 13:40:33.0 +0100 +++ php-proxy-manager-2.11.1+1.0.14/debian/patches/0001-Also-skip-system-classes-during-tests.patch 2024-02-15 22:58:41.0 +0100 @@ -3,22 +3,23 @@ Subject: Also skip system classes during tests --- - tests/ProxyManagerTest/Functional/FatalPreventionFunctionalTest.php | 2 ++ - 1 file changed, 2 insertions(+) + tests/ProxyManagerTest/Functional/FatalPreventionFunctionalTest.php | 3 +++ + 1 file changed, 3 insertions(+) diff --git a/tests/ProxyManagerTest/Functional/FatalPreventionFunctionalTest.php b/tests/ProxyManagerTest/Functional/FatalPreventionFunctionalTest.php -index 8e4f48d..9d65c6f 100644 +index 8e4f48d..eebd45a 100644 --- a/tests/ProxyManagerTest/Functional/FatalPreventionFunctionalTest.php +++ b/tests/ProxyManagerTest/Functional/FatalPreventionFunctionalTest.php -@@ -109,6 +109,7 @@ final class FatalPreventionFunctionalTest extends TestCase +@@ -109,6 +109,8 @@ final class FatalPreventionFunctionalTest extends TestCase realpath(__DIR__ . '/../../../src'), realpath(__DIR__ . '/../../../vendor'), realpath(__DIR__ . '/../../ProxyManagerTest'), ++realpath(__DIR__ . '/../../../ProxyManager'), +realpath('/usr/share/php'), ]; return array_filter( -@@ -135,6 +136,7 @@ final class FatalPreventionFunctionalTest extends TestCase +@@ -135,6 +137,7 @@ final class FatalPreventionFunctionalTest extends TestCase if (strpos($realPath, $skippedPath) === 0) { // skip classes defined within ProxyManager, vendor or the test suite diff -Nru php-proxy-manager-2.11.1+1.0.14/debian/rules php-proxy-manager-2.11.1+1.0.14/debian/rules --- php-proxy-manager-2.11.1+1.0.14/debian/rules 2022-10-22 12:12:26.0 +0200 +++ php-proxy-manager-2.11.1+1.0.14/debian/rules 2024-02-15 22:58:41.0 +0100 @@ -3,7 +3,6 @@ dh $@ override_dh_auto_build: - phpabtpl composer.json >
Bug#1065060: bookworm-pu: package php-proxy-manager/2.11.1+1.0.14-1+deb12u1
Package: release.debian.org Severity: normal Tags: bookworm X-Debbugs-Cc: php-proxy-mana...@packages.debian.org, t...@security.debian.org Control: affects -1 + src:php-proxy-manager User: release.debian@packages.debian.org Usertags: pu [5/9 for bookworm] This is a follow up from composer/DSA-5632-1. In order to fix a Debian-specific issue related to CVE-2024-24821, we agreed with the security team to push related dependencies via the next point release. The only change (besides changelog entry) in the binary package is the following (thanks to diffoscope). │ │ ├── ./usr/share/php/ProxyManager/autoload.php │ │ │ @@ -1,12 +1,12 @@ │ │ │ diff -Nru php-proxy-manager-2.11.1+1.0.14/debian/autoload.php.tpl php-proxy-manager-2.11.1+1.0.14/debian/autoload.php.tpl --- php-proxy-manager-2.11.1+1.0.14/debian/autoload.php.tpl 1970-01-01 01:00:00.0 +0100 +++ php-proxy-manager-2.11.1+1.0.14/debian/autoload.php.tpl 2024-02-15 22:58:41.0 +0100 @@ -0,0 +1,30 @@ + Thu, 15 Feb 2024 22:58:41 +0100 + php-proxy-manager (2.11.1+1.0.14-1) unstable; urgency=medium [ Nicolas Grekas ] diff -Nru php-proxy-manager-2.11.1+1.0.14/debian/clean php-proxy-manager-2.11.1+1.0.14/debian/clean --- php-proxy-manager-2.11.1+1.0.14/debian/clean2022-10-22 12:12:26.0 +0200 +++ php-proxy-manager-2.11.1+1.0.14/debian/clean2024-02-15 22:58:41.0 +0100 @@ -1,6 +1,7 @@ .phpunit.result.cache -ProxyManager -debian/autoload.php.tpl debian/autoload.tests.php.tpl +Laminas +ProxyManager/ src/ProxyManager/autoload.php +Symfony vendor/ diff -Nru php-proxy-manager-2.11.1+1.0.14/debian/control php-proxy-manager-2.11.1+1.0.14/debian/control --- php-proxy-manager-2.11.1+1.0.14/debian/control 2023-01-30 13:41:38.0 +0100 +++ php-proxy-manager-2.11.1+1.0.14/debian/control 2024-02-15 22:58:41.0 +0100 @@ -13,7 +13,7 @@ pkg-php-tools (>= 1.41~) Standards-Version: 4.6.2 Homepage: https://github.com/FriendsOfPHP/proxy-manager-lts -Vcs-Git: https://salsa.debian.org/php-team/pear/php-proxy-manager.git +Vcs-Git: https://salsa.debian.org/php-team/pear/php-proxy-manager.git -b debian/bookworm Vcs-Browser: https://salsa.debian.org/php-team/pear/php-proxy-manager Rules-Requires-Root: no diff -Nru php-proxy-manager-2.11.1+1.0.14/debian/gbp.conf php-proxy-manager-2.11.1+1.0.14/debian/gbp.conf --- php-proxy-manager-2.11.1+1.0.14/debian/gbp.conf 2022-10-22 12:12:26.0 +0200 +++ php-proxy-manager-2.11.1+1.0.14/debian/gbp.conf 2024-02-15 22:58:41.0 +0100 @@ -1,5 +1,5 @@ [DEFAULT] -debian-branch = debian/lts +debian-branch = debian/bookworm filter = [ '.gitattributes' ] pristine-tar = True upstream-branch = upstream-lts diff -Nru php-proxy-manager-2.11.1+1.0.14/debian/patches/0001-Also-skip-system-classes-during-tests.patch php-proxy-manager-2.11.1+1.0.14/debian/patches/0001-Also-skip-system-classes-during-tests.patch --- php-proxy-manager-2.11.1+1.0.14/debian/patches/0001-Also-skip-system-classes-during-tests.patch 2023-01-30 13:40:33.0 +0100 +++ php-proxy-manager-2.11.1+1.0.14/debian/patches/0001-Also-skip-system-classes-during-tests.patch 2024-02-15 22:58:41.0 +0100 @@ -3,22 +3,23 @@ Subject: Also skip system classes during tests --- - tests/ProxyManagerTest/Functional/FatalPreventionFunctionalTest.php | 2 ++ - 1 file changed, 2 insertions(+) + tests/ProxyManagerTest/Functional/FatalPreventionFunctionalTest.php | 3 +++ + 1 file changed, 3 insertions(+) diff --git a/tests/ProxyManagerTest/Functional/FatalPreventionFunctionalTest.php b/tests/ProxyManagerTest/Functional/FatalPreventionFunctionalTest.php -index 8e4f48d..9d65c6f 100644 +index 8e4f48d..eebd45a 100644 --- a/tests/ProxyManagerTest/Functional/FatalPreventionFunctionalTest.php +++ b/tests/ProxyManagerTest/Functional/FatalPreventionFunctionalTest.php -@@ -109,6 +109,7 @@ final class FatalPreventionFunctionalTest extends TestCase +@@ -109,6 +109,8 @@ final class FatalPreventionFunctionalTest extends TestCase realpath(__DIR__ . '/../../../src'), realpath(__DIR__ . '/../../../vendor'), realpath(__DIR__ . '/../../ProxyManagerTest'), ++realpath(__DIR__ . '/../../../ProxyManager'), +realpath('/usr/share/php'), ]; return array_filter( -@@ -135,6 +136,7 @@ final class FatalPreventionFunctionalTest extends TestCase +@@ -135,6 +137,7 @@ final class FatalPreventionFunctionalTest extends TestCase if (strpos($realPath, $skippedPath) === 0) { // skip classes defined within ProxyManager, vendor or the test suite diff -Nru php-proxy-manager-2.11.1+1.0.14/debian/rules php-proxy-manager-2.11.1+1.0.14/debian/rules --- php-proxy-manager-2.11.1+1.0.14/debian/rules2022-10-22 12:12:26.0 +0200 +++ php-proxy-manager-2.11.1+1.0.14/debian/rules2024-02-15 22:58:41.0 +0100 @@ -3,7
Bug#1065059: bookworm-pu: package symfony/5.4.23+dfsg-1+deb12u2
Package: release.debian.org Severity: normal Tags: bookworm X-Debbugs-Cc: symf...@packages.debian.org, t...@security.debian.org Control: affects -1 + src:symfony User: release.debian@packages.debian.org Usertags: pu [4/9 for bookworm] This is a follow up from composer/DSA-5632-1 and similar to #1065058. In order to fix a Debian-specific issue related to CVE-2024-24821, we agreed with the security team to push related dependencies via the next point release. It also adds an upstream patch in order to fix the testsuite, already referenced via #1061033 in Debian. The only change (besides changelog entry) in the binary packages is of the following kind (thanks to diffoscope), for example for php-symfony-cache. │ │ ├── ./usr/share/php/Symfony/Component/Cache/autoload.php │ │ │ @@ -1,16 +1,16 @@ │ │ │ signature.asc Description: PGP signature
Bug#1065058: bookworm-pu: package php-symfony-contracts/2.5.2-1+deb12u1
Package: release.debian.org Severity: normal Tags: bookworm X-Debbugs-Cc: php-symfony-contra...@packages.debian.org, t...@security.debian.org Control: affects -1 + src:php-symfony-contracts User: release.debian@packages.debian.org Usertags: pu [3/9 for bookworm] This is a follow up from composer/DSA-5632-1, #1065056 and #1065057. In order to fix a Debian-specific issue related to CVE-2024-24821, we agreed with the security team to push related dependencies via the next point release. The only change (besides changelog entry) in the binary packages is of the following kind (thanks to diffoscope), for example for php-symfony-cache-contracts. │ │ ├── ./usr/share/php/Symfony/Contracts/Cache/autoload.php │ │ │ @@ -1,14 +1,14 @@ │ │ │ diff -Nru php-symfony-contracts-2.5.2/debian/autoload.php php-symfony-contracts-2.5.2/debian/autoload.php --- php-symfony-contracts-2.5.2/debian/autoload.php 2022-06-18 17:59:28.0 +0200 +++ php-symfony-contracts-2.5.2/debian/autoload.php 2024-02-15 22:48:06.0 +0100 @@ -3,12 +3,12 @@ // require_once 'Psr/Container/autoload.php'; (already required by Service) // require_once 'Psr/EventDispatcher/autoload.php'; (already required by EventDispatcher) -require_once 'Symfony/Contracts/Cache/autoload.php'; -require_once 'Symfony/Contracts/Deprecation/autoload.php'; -require_once 'Symfony/Contracts/EventDispatcher/autoload.php'; -require_once 'Symfony/Contracts/HttpClient/autoload.php'; -require_once 'Symfony/Contracts/Service/autoload.php'; -require_once 'Symfony/Contracts/Translation/autoload.php'; +require_once __DIR__ . '/Cache/autoload.php'; +require_once __DIR__ . '/Deprecation/autoload.php'; +require_once __DIR__ . '/EventDispatcher/autoload.php'; +require_once __DIR__ . '/HttpClient/autoload.php'; +require_once __DIR__ . '/Service/autoload.php'; +require_once __DIR__ . '/Translation/autoload.php'; // if (stream_resolve_include_path('Symfony/Component/Cache/autoload.php')){ (already suggested by Cache) // include_once 'Symfony/Component/Cache/autoload.php'; diff -Nru php-symfony-contracts-2.5.2/debian/changelog php-symfony-contracts-2.5.2/debian/changelog --- php-symfony-contracts-2.5.2/debian/changelog 2022-07-01 07:08:46.0 +0200 +++ php-symfony-contracts-2.5.2/debian/changelog 2024-02-15 22:48:06.0 +0100 @@ -1,3 +1,10 @@ +php-symfony-contracts (2.5.2-1+deb12u1) bookworm; urgency=medium + + * Track debian/bookworm-security + * Force system dependencies loading + + -- David Prévot Thu, 15 Feb 2024 22:48:06 +0100 + php-symfony-contracts (2.5.2-1) unstable; urgency=medium [ Nicolas Grekas ] diff -Nru php-symfony-contracts-2.5.2/debian/clean php-symfony-contracts-2.5.2/debian/clean --- php-symfony-contracts-2.5.2/debian/clean 2022-06-18 17:59:28.0 +0200 +++ php-symfony-contracts-2.5.2/debian/clean 2024-02-15 22:48:06.0 +0100 @@ -1,14 +1,14 @@ .phpunit.result.cache +autoload.php Cache/autoload.php +debian/autoloaders/ +debian/autoload.tests.php.tpl +debian/packages_to_build/ Deprecation/autoload.php EventDispatcher/autoload.php HttpClient/autoload.php +Psr Service/autoload.php -Tests/autoload.php Translation/autoload.php -autoload.php -debian/autoloaders/ -debian/packages_to_build/ -debian/*.tpl Symfony/ vendor/ diff -Nru php-symfony-contracts-2.5.2/debian/control php-symfony-contracts-2.5.2/debian/control --- php-symfony-contracts-2.5.2/debian/control 2022-06-18 18:24:38.0 +0200 +++ php-symfony-contracts-2.5.2/debian/control 2024-02-15 22:48:06.0 +0100 @@ -15,7 +15,7 @@ pkg-php-tools (>= 1.41~) Standards-Version: 4.6.1 Homepage: https://symfony.com/components/Contracts -Vcs-Git: https://salsa.debian.org/php-team/pear/php-symfony-contracts.git -b debian/bookworm +Vcs-Git: https://salsa.debian.org/php-team/pear/php-symfony-contracts.git -b debian/bookworm-security Vcs-Browser: https://salsa.debian.org/php-team/pear/php-symfony-contracts Rules-Requires-Root: no diff -Nru php-symfony-contracts-2.5.2/debian/gbp.conf php-symfony-contracts-2.5.2/debian/gbp.conf --- php-symfony-contracts-2.5.2/debian/gbp.conf 2022-06-18 18:24:38.0 +0200 +++ php-symfony-contracts-2.5.2/debian/gbp.conf 2024-02-15 22:48:06.0 +0100 @@ -1,5 +1,5 @@ [DEFAULT] -debian-branch = debian/bookworm +debian-branch = debian/bookworm-security pristine-tar = True upstream-branch = upstream-2 upstream-vcs-tag = v%(version%~%-)s diff -Nru php-symfony-contracts-2.5.2/debian/php-symfony-cache-contracts.autoload.php.tpl php-symfony-contracts-2.5.2/debian/php-symfony-cache-contracts.autoload.php.tpl --- php-symfony-contracts-2.5.2/debian/php-symfony-cache-contracts.autoload.php.tpl 1970-01-01 01:00:00.0 +0100 +++ php-symfony-contracts-2.5.2/debian/php-symfony-cache-contracts.autoload.php.tpl 2024-02-15 22:48:06.0 +0100 @@ -0,0 +1,30 @@ +> debian/packages_to_build/$$deb_pkg_name; \ echo "pkg_path='$$pkg_path'" >> debian/packages_to_build/$$deb
Bug#1065057: bookworm-pu: package php-composer-xdebug-handler/3.0.3-2+deb12u1
Package: release.debian.org Severity: normal Tags: bookworm X-Debbugs-Cc: php-composer-xdebug-hand...@packages.debian.org, t...@security.debian.org Control: affects -1 + src:php-composer-xdebug-handler User: release.debian@packages.debian.org Usertags: pu [2/9 for bookworm] This is a follow up from composer/DSA-5632-1. In order to fix a Debian-specific issue related to CVE-2024-24821, we agreed with the security team to push related dependencies via the next point release. The only change (besides changelog entry) in the binary package is the following (thanks to diffoscope). │ │ ├── ./usr/share/php/Composer/XdebugHandler/autoload.php │ │ │ @@ -1,12 +1,12 @@ │ │ │ diff -Nru php-composer-xdebug-handler-3.0.3/debian/autoload.php.tpl php-composer-xdebug-handler-3.0.3/debian/autoload.php.tpl --- php-composer-xdebug-handler-3.0.3/debian/autoload.php.tpl 1970-01-01 01:00:00.0 +0100 +++ php-composer-xdebug-handler-3.0.3/debian/autoload.php.tpl 2024-02-13 17:13:43.0 +0100 @@ -0,0 +1,30 @@ + Tue, 13 Feb 2024 17:13:43 +0100 + php-composer-xdebug-handler (3.0.3-2) unstable; urgency=medium * Upload to unstable for composer 2.3 diff -Nru php-composer-xdebug-handler-3.0.3/debian/clean php-composer-xdebug-handler-3.0.3/debian/clean --- php-composer-xdebug-handler-3.0.3/debian/clean 2022-01-05 14:42:04.0 +0100 +++ php-composer-xdebug-handler-3.0.3/debian/clean 2024-02-13 17:13:43.0 +0100 @@ -1,6 +1,6 @@ .phpunit.result.cache Composer/ -debian/autoload.php.tpl debian/autoload.tests.php.tpl +Psr src/autoload.php vendor/ diff -Nru php-composer-xdebug-handler-3.0.3/debian/control php-composer-xdebug-handler-3.0.3/debian/control --- php-composer-xdebug-handler-3.0.3/debian/control 2022-06-17 19:03:15.0 +0200 +++ php-composer-xdebug-handler-3.0.3/debian/control 2024-02-13 17:13:43.0 +0100 @@ -12,7 +12,7 @@ Standards-Version: 4.6.1 Homepage: https://github.com/composer/xdebug-handler Vcs-Browser: https://salsa.debian.org/php-team/pear/php-composer-xdebug-handler -Vcs-Git: https://salsa.debian.org/php-team/pear/php-composer-xdebug-handler.git -b debian/latest +Vcs-Git: https://salsa.debian.org/php-team/pear/php-composer-xdebug-handler.git -b debian/bookworm-security Rules-Requires-Root: no Package: php-composer-xdebug-handler diff -Nru php-composer-xdebug-handler-3.0.3/debian/gbp.conf php-composer-xdebug-handler-3.0.3/debian/gbp.conf --- php-composer-xdebug-handler-3.0.3/debian/gbp.conf 2022-01-05 15:28:30.0 +0100 +++ php-composer-xdebug-handler-3.0.3/debian/gbp.conf 2024-02-13 17:13:43.0 +0100 @@ -1,5 +1,5 @@ [DEFAULT] -debian-branch = debian/latest +debian-branch = debian/bookworm-security filter = [ '.gitattributes' ] pristine-tar = True upstream-vcs-tag = %(version%~%-)s diff -Nru php-composer-xdebug-handler-3.0.3/debian/rules php-composer-xdebug-handler-3.0.3/debian/rules --- php-composer-xdebug-handler-3.0.3/debian/rules 2022-01-05 14:42:04.0 +0100 +++ php-composer-xdebug-handler-3.0.3/debian/rules 2024-02-13 17:13:43.0 +0100 @@ -3,13 +3,14 @@ dh $@ override_dh_auto_build: - phpabtpl composer.json > debian/autoload.php.tpl phpab \ --output src/autoload.php \ --template debian/autoload.php.tpl \ src mkdir --parents vendor Composer - ln -s ../src Composer/XdebugHandler + cp -r src Composer/XdebugHandler + ln -s /usr/share/php/Composer/Pcre Composer + ln -s /usr/share/php/Psr . phpabtpl \ --require composer/xdebug-handler \ > debian/autoload.tests.php.tpl signature.asc Description: PGP signature
Bug#1065056: bookworm-pu: package php-composer-class-map-generator/1.0.0-2+deb12u1
Package: release.debian.org Severity: normal Tags: bookworm X-Debbugs-Cc: php-composer-class-map-genera...@packages.debian.org, t...@security.debian.org Control: affects -1 + src:php-composer-class-map-generator User: release.debian@packages.debian.org Usertags: pu [1/9 for bookworm] This is a follow up from composer/DSA-5632-1. In order to fix a Debian-specific issue related to CVE-2024-24821, we agreed with the security team to push related dependencies via the next point release. The only change (besides changelog entry) in the binary package is the following (thanks to diffoscope). │ │ ├── ./usr/share/php/Composer/ClassMapGenerator/autoload.php │ │ │ @@ -1,12 +1,12 @@ │ │ │ diff -Nru php-composer-class-map-generator-1.0.0/debian/autoload.php.tpl php-composer-class-map-generator-1.0.0/debian/autoload.php.tpl --- php-composer-class-map-generator-1.0.0/debian/autoload.php.tpl 1970-01-01 01:00:00.0 +0100 +++ php-composer-class-map-generator-1.0.0/debian/autoload.php.tpl 2024-02-13 17:00:47.0 +0100 @@ -0,0 +1,30 @@ + Tue, 13 Feb 2024 17:00:52 +0100 + php-composer-class-map-generator (1.0.0-2) unstable; urgency=medium * Upload to unstable diff -Nru php-composer-class-map-generator-1.0.0/debian/clean php-composer-class-map-generator-1.0.0/debian/clean --- php-composer-class-map-generator-1.0.0/debian/clean 2021-12-09 12:41:37.0 +0100 +++ php-composer-class-map-generator-1.0.0/debian/clean 2024-02-13 17:00:47.0 +0100 @@ -1,6 +1,6 @@ .phpunit.result.cache Composer/ -debian/autoload.php.tpl debian/autoload.tests.php.tpl src/autoload.php +Symfony vendor/ diff -Nru php-composer-class-map-generator-1.0.0/debian/control php-composer-class-map-generator-1.0.0/debian/control --- php-composer-class-map-generator-1.0.0/debian/control 2022-07-26 11:03:24.0 +0200 +++ php-composer-class-map-generator-1.0.0/debian/control 2024-02-13 17:00:47.0 +0100 @@ -13,7 +13,7 @@ Standards-Version: 4.6.1 Homepage: https://github.com/composer/class-map-generator Vcs-Browser: https://salsa.debian.org/php-team/pear/php-composer-class-map-generator -Vcs-Git: https://salsa.debian.org/php-team/pear/php-composer-class-map-generator.git +Vcs-Git: https://salsa.debian.org/php-team/pear/php-composer-class-map-generator.git -b debian/bookworm Rules-Requires-Root: no Package: php-composer-class-map-generator diff -Nru php-composer-class-map-generator-1.0.0/debian/gbp.conf php-composer-class-map-generator-1.0.0/debian/gbp.conf --- php-composer-class-map-generator-1.0.0/debian/gbp.conf 2021-12-09 12:43:32.0 +0100 +++ php-composer-class-map-generator-1.0.0/debian/gbp.conf 2024-02-13 17:00:47.0 +0100 @@ -1,5 +1,5 @@ [DEFAULT] -debian-branch = debian/latest +debian-branch = debian/bookworm filter = [ '.gitattributes' ] pristine-tar = True upstream-branch = upstream/latest diff -Nru php-composer-class-map-generator-1.0.0/debian/rules php-composer-class-map-generator-1.0.0/debian/rules --- php-composer-class-map-generator-1.0.0/debian/rules 2022-07-26 08:11:20.0 +0200 +++ php-composer-class-map-generator-1.0.0/debian/rules 2024-02-13 17:00:47.0 +0100 @@ -3,13 +3,14 @@ dh $@ override_dh_auto_build: - phpabtpl composer.json > debian/autoload.php.tpl phpab \ --output src/autoload.php \ --template debian/autoload.php.tpl \ src mkdir --parents vendor Composer - ln -s ../src Composer/ClassMapGenerator + cp -r src Composer/ClassMapGenerator + ln -s /usr/share/php/Composer/Pcre Composer + ln -s /usr/share/php/Symfony . phpabtpl \ --require composer/class-map-generator \ --require symfony/filesystem \ signature.asc Description: PGP signature
Bug#1064018: Testsuite is not run
On Tue, 27 Feb 2024 11:53:16 +0100 Lukas Märdian wrote: > Hey! How does this patch relate to my proposed changes in the > following MR? > https://salsa.debian.org/debian/libcbor/-/merge_requests/3 It makes the addition of '-DWITH_TESTS=ON' to the dh_auto_configure line in your proposed change no longer necessary. Your remaining proposed changes are unaffected by this patch. In versions 0.10.2-1.1 and earlier of the libcbor package in Debian, the testsuite was not run at build time. The WITH_TESTS CMake variable in the upstream source controlled the running of tests. However, this is not the idiomatic way to control test execution using CMake and the package's rules file did not define that variable. Starting with version 0.10.2-1.2, the package has been modified with my patch to run the testsuite by default. The testsuite can be skipped by running CMake with the '-DBUILD_TESTING=OFF' option. Starting with debhelper version 13.12, dh_auto_configure automatically calls CMake with that option if the DEB_BUILD_OPTIONS environment variable contains 'nocheck'. > I cannot see the tests being run at build-time even with the most > recent upload. Am I missing something? The testsuite should be run automatically starting with version 0.10.2-1.2. Please confirm you have the right version. -- Plasma
Bug#1041982: Speeding up Symfony 6 transition? [Was: Upcoming transitions (Symfony, PHPUnit, etc.)]
control: severity 1039731 serious control: severity 1051989 serious control: severity 1051985 serious control: severity 1039733 serious Le Wed, Feb 21, 2024 at 08:19:06AM +0100, David Prévot a écrit : > Le Wed, Jan 03, 2024 at 07:04:12PM +0100, David Prévot a écrit : > […] > > I’m in favour of raising the severity of bugs blocking this transition > > to RC level ASAP: Symfony 6 has been in experimental for a while now > > I intend to do so early next week And here we are. Cheers, taffit signature.asc Description: PGP signature
Bug#1064870: thunar: Thunar 100% CPU usage sshfs
Package: thunar Version: 4.16.8-1 Severity: important X-Debbugs-Cc: dpchr...@holgerdanske.com Dear Maintainer, When using Thunar to browse a file system mounted via sshfs, Thunar sometimes triggers 100% usage of all CPU's. This persists until Thunar is killed: 2024-02-26 13:26:03 dpchrist@laalaa ~ $ ps -A | grep -i thunar 1565 ?00:00:00 panel-27-thunar 1624 ?00:29:18 Thunar 2024-02-26 13:26:08 dpchrist@laalaa ~ $ kill 1624 David -- System Information: Debian Release: 11.9 APT prefers oldstable-updates APT policy: (500, 'oldstable-updates'), (500, 'oldstable-security'), (500, 'oldstable') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-28-amd64 (SMP w/8 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages thunar depends on: ii desktop-file-utils 0.26-1 ii exo-utils4.16.0-1+deb11u1 ii libatk1.0-0 2.36.0-2 ii libc62.31-13+deb11u8 ii libcairo21.16.0-5 ii libexo-2-0 4.16.0-1+deb11u1 ii libgdk-pixbuf-2.0-0 2.42.2+dfsg-1+deb11u1 ii libglib2.0-0 2.66.8-1+deb11u1 ii libgtk-3-0 3.24.24-4+deb11u3 ii libgudev-1.0-0 234-1 ii libice6 2:1.0.10-1 ii libnotify4 0.7.9-3 ii libpango-1.0-0 1.46.2-3 ii libsm6 2:1.2.3-1 ii libthunarx-3-0 4.16.8-1 ii libxfce4ui-2-0 4.16.0-1 ii libxfce4util74.16.0-1 ii libxfconf-0-34.16.0-2 ii shared-mime-info 2.0-1 ii thunar-data 4.16.8-1 Versions of packages thunar recommends: ii dbus-user-session [default-dbus-session-bus] 1.12.28-0+deb11u1 ii gvfs 1.46.2-1 ii libxfce4panel-2.0-4 4.16.2-1 ii policykit-1-gnome [polkit-1-auth-agent] 0.105-7 ii thunar-volman 4.16.0-1 ii tumbler 4.16.0-1 ii udisks2 2.9.2-2+deb11u1 ii xdg-user-dirs 0.17-2 Versions of packages thunar suggests: pn gvfs-backends ii thunar-archive-plugin 0.4.0-2 ii thunar-media-tags-plugin 0.3.0-2 -- no debconf information
Bug#1064846: kdevelop: Code highlighting breaks when changing compiler
Package: kdevelop Version: 4:23.08.1-2+b1 Severity: normal X-Debbugs-Cc: davidjamescastor...@proton.me Dear Maintainer, When using the default compiler on my system (GCC/G++) the code highlighting works fine and mousing over variables shows declaration etc.. However, when I switch the compiler to clang or cross compiling for ARM (by passing -DCMAKE_C_COMPILER=/usr/bin/clang in "extra parameters" in the configuration dialog), the code highlight and variable prediction/help text stops working. Keywords like void and extern are still coloured blue, and strings are still coloured red, but everything else is just plain. These were all CMake projects. -- System Information: Debian Release: trixie/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.6.15-amd64 (SMP w/12 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages kdevelop depends on: ii kdevelop-data 4:23.08.1-2 ii kdevelop512-libs 4:23.08.1-2+b1 ii kinit 5.107.0-1 ii kio 5.107.0-1+b1 ii libapr1 1.7.2-3+b2 ii libaprutil1 1.6.3-1+b1 ii libastyle33.1-3+b1 ii libc6 2.37-15 ii libclang1-16 1:16.0.6-19 ii libgcc-s1 14-20240201-3 ii libgrantlee-templates5 [grantlee5-templates-5-3] 5.3.1-3+b1 ii libkasten4controllers05:0.26.15-1 ii libkasten4core0 5:0.26.15-1 ii libkasten4okteta2controllers0 5:0.26.15-1 ii libkasten4okteta2core05:0.26.15-1 ii libkasten4okteta2gui0 5:0.26.15-1 ii libkf5archive55.107.0-1+b1 ii libkf5bookmarks5 5.107.0-1+b1 ii libkf5codecs5 5.107.0-1+b1 ii libkf5completion5 5.107.0-1+b1 ii libkf5configcore5 5.107.0-1+b1 ii libkf5configgui5 5.107.0-1+b1 ii libkf5configwidgets5 5.107.0-2+b1 ii libkf5coreaddons5 5.107.0-1+b1 ii libkf5crash5 5.107.0-1+b1 ii libkf5declarative55.107.0-1+b1 ii libkf5guiaddons5 5.107.0-1+b1 ii libkf5i18n5 5.107.0-1+b1 ii libkf5iconthemes5 5.107.0-1+b1 ii libkf5itemmodels5 5.107.0-1+b1 ii libkf5itemviews5 5.107.0-1+b1 ii libkf5jobwidgets5 5.107.0-1+b1 ii libkf5kiocore55.107.0-1+b1 ii libkf5kiofilewidgets5 5.107.0-1+b1 ii libkf5kiogui5 5.107.0-1+b1 ii libkf5kiowidgets5 5.107.0-1+b1 ii libkf5newstuffcore5 5.107.0-2+b1 ii libkf5newstuffwidgets55.107.0-2+b1 ii libkf5parts5 5.107.0-1+b1 ii libkf5purpose-bin 5.107.0-1+b1 ii libkf5purpose55.107.0-1+b1 ii libkf5service-bin 5.107.0-1+b1 ii libkf5service55.107.0-1+b1 ii libkf5sonnetui5 5.107.0-1+b1 ii libkf5texteditor5 5.107.0-1+b1 ii libkf5textwidgets55.107.0-1+b1 ii libkf5threadweaver5 5.107.0-1+b1 ii libkf5widgetsaddons5 5.107.0-1+b1 ii libkf5xmlgui5 5.107.0-1+b1 ii libkomparediff2-5 4:22.12.3-1 ii libokteta3core0 5:0.26.15-1 ii libokteta3gui05:0.26.15-1 ii libprocesscore9 4:5.27.10-1 ii libprocessui9 4:5.27.10-1 ii libqt5core5a 5.15.10+dfsg-7 ii libqt5dbus5 5.15.10+dfsg-7 ii libqt5gui55.15.10+dfsg-7 ii
Bug#1064641: Useless in Debian
Package: php-sql-formatter Version: 1.2.17+dct1.1.3-1 Severity: serious Tags: sid trixie [ Filled as an RC-bug by the maintainer to see the package auto-removed from testing. ] I packaged php-sql-formatter as used by php-doctrine-bundle, but php-doctrine-bundle got removed a while ago from testing (cf. #996108) and unstable (cf. #1036726). There is a priori little point to ship php-sql-formatter in the next (or current TBH) stable Debian release. I intend to follow up with an RM request in a few months if nobody objects (but feel free to beat me to it). Regards David signature.asc Description: PGP signature
Bug#1064538: perftest FTBFS on hppa: get_cycles not implemented
Source: perftest Version: 24.01.0+0.38-1 Severity: normal Tags: ftbfs patch Dear Maintainer, See: https://buildd.debian.org/status/fetch.php?pkg=perftest=hppa=24.01.0%2B0.38-1=1708389231=0 Attached patch fixes build. Please install. Regards, Dave Anglin -- System Information: Debian Release: trixie/sid APT prefers buildd-unstable APT policy: (500, 'buildd-unstable'), (500, 'unstable') Architecture: hppa (parisc64) Kernel: Linux 6.1.77+ (SMP w/4 CPU threads) Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) --- ./src/get_clock.h.save 2024-02-23 21:28:08.358672860 + +++ ./src/get_clock.h 2024-02-23 21:34:51.861653976 + @@ -114,6 +114,14 @@ return perf_get_cycles(); } +#elif defined(__hppa__) +typedef unsigned long long cycles_t; +static inline cycles_t get_cycles(void) +{ + cycles_t clk; + asm volatile("mfctl %%cr16, %0" : "=r" (clk)); + return clk; +} #else #warning get_cycles not implemented for this architecture: attempt asm/timex.h #include
Bug#1064468: Settings schema 'org.gnome.desktop.a11y.interface' does not contain a key named 'show-status-shapes'
Package: gnome-settings-daemon Version: 46~beta-1 After a recent upgrade, many applications running under gnome X11 stopped using gnome's settings. (Like large text, cursor theme, etc.) Digging into it, I found that org.gnome.SettingsDaemon.XSettings.service had failed to start with this error message: feb 21 23:54:27 solaria gsd-xsettings[2760]: Settings schema 'org.gnome.desktop.a11y.interface' does not contain a key named 'show-status-shapes' Upgrading gsettings-desktop-schemas from 45.0-2 to 46~beta-3 seems to have fixed the problem. So I think gnome-settings-daemon's dependency on gsettings-desktop-schemas (>= 42~) should be updated to require a newer version?
Bug#1064381: ITP: elfkickers -- collection of programs that access and manipulate ELF files
Gürkan Myczko writes: > On 21.02.2024 12:28, David Bremner wrote: > Being the universal operating system, these tools are certainly not for > normal users > but more like developers and people in the embedded area. > I include developers in people who don't care about the implementation, > I have found sstrip to squeeze away some more kilobytes from binaries. A list of the tools with what they do would be more useful. > Similar like elfutils it will only be interesting to people that want to > use it. Sure, I'm not talking about making it interesting for every user, just having a description that helps someone in the target audience find the package and/or know if they want to install it.
Bug#1064381: ITP: elfkickers -- collection of programs that access and manipulate ELF files
Gürkan Myczko writes: > This distribution is a collection of programs that are generally > unrelated, except in that they all deal with the ELF file format. > . > The main purpose of these programs is to be illustrative and > educational -- to help fellow programmers understand the ELF file > format and something of how it works under the Linux platform. For the > most part, these programs have limited real-world utility. > . > With the exception of shared use of the elfrw static library, each > program is independent of the others. There is no other shared code > between them, and they all take slightly different approaches to > handling ELF files. I question how helpful this description is helpful for users of a binary distribution like Debian, who are (IMHO) generally more focused on functionality than studying the implementation of programs.
Bug#1041982: Speeding up Symfony 6 transition? [Was: Upcoming transitions (Symfony, PHPUnit, etc.)]
Hi, Le Wed, Jan 03, 2024 at 07:04:12PM +0100, David Prévot a écrit : […] > I’m in favour of raising the severity of bugs blocking this transition > to RC level ASAP: Symfony 6 has been in experimental for a while now I intend to do so early next week: symfony 6 was introduced in experimental during the latest Debian Reunion Hamburg, and I wish to proceed with the transition during the next MiniDebCampHamburg happening early March (in less than two weeks). https://wiki.debian.org/DebianEvents/de/2024/MiniDebCampHamburg This transition should not interfere with any other one, and should not even need any help from the Release Team (no binNMU since they’re all arch:all packages), yet they were helpful last time to speed it up by removing blocking packages from testing because we didn’t raise the blocking bug severity early enough. Regards, taffit signature.asc Description: PGP signature
Bug#682397: darktable: recommend opencl package
Tino Mettler via Pkg-phototools-devel writes: > > This is a general issue that the darktable package can not change. So > I propose to close this bug. > > Regards, > Tino I wonder if having the bug helps people see that there is no point in filing more bugs on the same topic. I guess we can always leave the next OpenCL bug open if that occurs.
Bug#1064043: closed by Michael Biebl (Re: Bug#1064043: systemd: /etc/fstab x-systemd.automount mount points, x-systemd.idle-timeout changes not effective)
On 2/16/24 16:01, Michael Biebl wrote: Am 16.02.24 um 12:51 schrieb David Sauvage - AdaLabs Ltd: the changes are not applied even after restarting the mount unit mnt-resource.mount. (when already mounted or not) Have you restarted the corresponding mnt-resource.automount unit as well? changes updated successfully after restarting mnt-resource.automount unit as well. Sorry for the noise.
Bug#1064043: closed by Michael Biebl (Re: Bug#1064043: systemd: /etc/fstab x-systemd.automount mount points, x-systemd.idle-timeout changes not effective)
the changes are not applied even after restarting the mount unit mnt-resource.mount. (when already mounted or not) Regards,
Bug#1064043: systemd: /etc/fstab x-systemd.automount mount points, x-systemd.idle-timeout changes not effective
Package: systemd Version: 247.3-7+deb11u4 Severity: normal X-Debbugs-Cc: david.sauv...@adalabs.com Dear Maintainer, Having a successful CFIS remote mount point specification using x-systemd.automount in /etc/fstab, after the first mount when the x-systemd.idle-timeout is changed, and necessary systemd updates run, the old idle timeout value is still the effective one, instead of the newly specified idle timeout value Given; - a successful CFIS remote mount point specification using x-systemd.automount in /etc/fstab [0] - command systemctl daemon-reload executed successfully, and - command systemctl restart remote-fs.target executed successfully, and - the resource above has been automatically mounted when needed and unmount after the idle timeout at least one time When; - the corresponding resource is currently not mounted - the x-systemd.idle-timeout parameter is changed (i.e from 900 to 60) in the /etc/fstab, and - command systemctl daemon-reload executed successfully, and - command systemctl restart remote-fs.target executed successfully Then; - The effective idle timeout is still the old one (i.e 900) instead of the newly specified value (i.e 60) - The generated file /run/systemd/generator/mnt-resource.mount [3] have the correct updated idle timeout value (i.e 60) - However, corresponding entries in /proc/mounts [1] and /proc/self/mountinfo [2] contains the old idle timeout value (i.e 900), which is the effective one, and not the newly specified idle timeout value (i.e 60). [0] /etc/fstab //W.X.Y.Z/Resource /mnt/resource cifs noauto,x-systemd.automount,x-systemd.idle-timeout=900,credentials=/dir/my-credentials,dir_mode=0755,file_mode=0644,uid=1000,gid=1000 0 [1] /proc/mounts systemd-1 /mnt/resource autofs rw,relatime,fd=52,pgrp=1,timeout=900,minproto=5,maxproto=5,direct,pipe_ino=13164 0 0 [2] /proc/self/mountinfo 82 26 0:32 / /mnt/resource rw,relatime shared:42 - autofs systemd-1 rw,fd=52,pgrp=1,timeout=900,minproto=5,maxproto=5,direct,pipe_ino=13164 [3] /run/systemd/generator/mnt-resource.mount # Automatically generated by systemd-fstab-generator [Unit] Documentation=man:fstab(5) man:systemd-fstab-generator(8) SourcePath=/etc/fstab [Mount] Where=/mnt/resource What=//W.X.Y.Z/Resource Type=cifs Options=noauto,x-systemd.automount,x-systemd.idle-timeout=60,credentials=/dir/my-credentials,dir_mode=0755,file_mode=0644,uid=1000,gid=1000 -- Package-specific info: -- System Information: Debian Release: 11.8 APT prefers oldstable-updates APT policy: (500, 'oldstable-updates'), (500, 'oldstable-security'), (500, 'oldstable') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-26-amd64 (SMP w/1 CPU thread) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages systemd depends on: ii adduser 3.118+deb11u1 ii libacl1 2.2.53-10 ii libapparmor1 2.13.6-10 ii libaudit11:3.0-2 ii libblkid12.36.1-8+deb11u1 ii libc62.31-13+deb11u7 ii libcap2 1:2.44-1 ii libcrypt11:4.4.18-4 ii libcryptsetup12 2:2.3.7-1+deb11u1 ii libgcrypt20 1.8.7-6 ii libgnutls30 3.7.1-5+deb11u3 ii libgpg-error01.38-2 ii libip4tc21.8.7-1 ii libkmod2 28-1 ii liblz4-1 1.9.3-2 ii liblzma5 5.2.5-2.1~deb11u1 ii libmount12.36.1-8+deb11u1 ii libpam0g 1.4.0-9+deb11u1 ii libseccomp2 2.5.1-1+deb11u1 ii libselinux1 3.1-3 ii libsystemd0 247.3-7+deb11u4 ii libzstd1 1.4.8+dfsg-2.1 ii mount2.36.1-8+deb11u1 ii util-linux 2.36.1-8+deb11u1 Versions of packages systemd recommends: ii dbus 1.12.28-0+deb11u1 ii systemd-timesyncd [time-daemon] 247.3-7+deb11u4 Versions of packages systemd suggests: pn policykit-1 pn systemd-container Versions of packages systemd is related to: pn dracut ii initramfs-tools 0.140 ii libnss-systemd 247.3-7+deb11u4 ii libpam-systemd 247.3-7+deb11u4 ii udev 247.3-7+deb11u4 -- no debconf information
Bug#1064018: [PATCH] #1064018: Enable testsuite
Control: tags 1064018 + patch Dear Maintainer, Attached is a debdiff patch which fixes #1064018. Questions/comments welcome. Thanks, -- Plasma diff -Nru libcbor-0.10.2/debian/changelog libcbor-0.10.2/debian/changelog --- libcbor-0.10.2/debian/changelog 2023-10-05 01:47:27.0 -0500 +++ libcbor-0.10.2/debian/changelog 2024-02-12 23:12:22.0 -0600 @@ -1,3 +1,16 @@ +libcbor (0.10.2-1.2) UNRELEASED; urgency=medium + + * Non-maintainer upload. + * d/p/Fix-non-standard-testing.patch: +Enable testing by default and toggle testing based on +BUILD_TESTING CMake variable. (Closes: 1064018) + * d/control: Build-Depend-Arch on debhelper (>= 13.12~) when +build profile is active because the BUILD_TESTING CMake variable is +automatically set to OFF for nocheck builds starting with +debhelper 13.12. + + -- Plasma (David Paul) Thu, 15 Feb 2024 20:46:41 -0600 + libcbor (0.10.2-1.1) unstable; urgency=medium * Non-maintainer upload. diff -Nru libcbor-0.10.2/debian/control libcbor-0.10.2/debian/control --- libcbor-0.10.2/debian/control 2023-10-05 01:47:27.0 -0500 +++ libcbor-0.10.2/debian/control 2024-02-12 23:11:57.0 -0600 @@ -3,6 +3,7 @@ Maintainer: Vincent Bernat Build-Depends: debhelper-compat (= 13), Build-Depends-Arch: cmake, +debhelper (>= 13.12~) , libcmocka-dev , Build-Depends-Indep: dh-sequence-sphinxdoc, doxygen, --- libcbor-0.10.2/debian/patches/Fix-non-standard-testing.patch 1969-12-31 18:00:00.0 -0600 +++ libcbor-0.10.2/debian/patches/Fix-non-standard-testing.patch 2024-02-12 23:12:22.0 -0600 @@ -0,0 +1,52 @@ +Description: Use idiomatic CMake to control testsuite execution. + Rather than creating and relying upon a WITH_TESTS variable in the top-level + CMakeLists.txt file, instead make use of the BUILD_TESTING variable defined + by the included CTest module. Also remove the enable_testing() command + invocation in CMakeLists.txt and instead rely on the one in the CTest module + which gets run whenever the BUILD_TESTING variable is not set to OFF. +Author: Plasma (David Paul) +Bug-Debian: https://bugs.debian.org/1064018 +Forwarded: no +Last-Update: 2024-02-15 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: libcbor-0.10.2/CMakeLists.txt +=== +--- libcbor-0.10.2.orig/CMakeLists.txt libcbor-0.10.2/CMakeLists.txt +@@ -29,11 +29,6 @@ option(CBOR_PRETTY_PRINTER "Include a pr + set(CBOR_BUFFER_GROWTH "2" CACHE STRING "Factor for buffer growth & shrinking") + set(CBOR_MAX_STACK_SIZE "2048" CACHE STRING "maximum size for decoding context stack") + +-option(WITH_TESTS "[TEST] Build unit tests (requires CMocka)" OFF) +-if(WITH_TESTS) +-add_definitions(-DWITH_TESTS) +-endif(WITH_TESTS) +- + option(WITH_EXAMPLES "Build examples" ON) + + option(HUGE_FUZZ "[TEST] Fuzz through 8GB of data in the test. Do not use with memory instrumentation!" OFF) +@@ -97,8 +92,6 @@ else() + add_definitions(-DEIGHT_BYTE_SIZE_T) + endif() + +-enable_testing() +- + set(CTEST_MEMORYCHECK_COMMAND "/usr/bin/valgrind") + set(MEMORYCHECK_COMMAND_OPTIONS "--tool=memcheck --track-origins=yes --leak-check=full --error-exitcode=1") + +@@ -168,12 +161,12 @@ if(use_lto) + set_property(DIRECTORY src PROPERTY INTERPROCEDURAL_OPTIMIZATION TRUE) + endif(use_lto) + +-if (WITH_TESTS) ++if (BUILD_TESTING) + add_subdirectory(test) + if(use_lto) + set_property(DIRECTORY test PROPERTY INTERPROCEDURAL_OPTIMIZATION TRUE) + endif(use_lto) +-endif (WITH_TESTS) ++endif (BUILD_TESTING) + + if (WITH_EXAMPLES) + add_subdirectory(examples) --- libcbor-0.10.2/debian/patches/series 1969-12-31 18:00:00.0 -0600 +++ libcbor-0.10.2/debian/patches/series 2024-02-11 16:49:18.0 -0600 @@ -0,0 +1 @@ +Fix-non-standard-testing.patch
Bug#1064012: RFS: oaknut/2.0.2-1 [ITP] -- C++20 assembler for AArch64 (ARMv8.0 to ARMv8.2)
Package: sponsorship-requests Severity: wishlist X-Debbugs-Cc: davidjamescastor...@proton.me Dear mentors, I am looking for a sponsor for my package "oaknut": * Package name : oaknut Version : 2.0.2-1 Upstream contact : merryhime <https://mary.rs/> * URL : https://github.com/merryhime/oaknut * License : Expat * Vcs : https://salsa.debian.org/Castor216/oaknut Section : libdevel The source builds the following binary packages: liboaknut-dev - C++20 assembler for AArch64 (ARMv8.0 to ARMv8.2) To access further information about this package, please visit the following URL: https://mentors.debian.net/package/oaknut/ Alternatively, you can download the package with 'dget' using this command: dget -x https://mentors.debian.net/debian/pool/main/o/oaknut/oaknut_2.0.2-1.dsc Changes for the initial release: oaknut (2.0.2-1) unstable; urgency=medium . * Initial release. (Closes: #1061078) Regards, -- David James
Bug#979332: New upstream version
Control: severity -1 serious Le Mon, Feb 12, 2024 at 06:15:27PM -0700, skizz...@skizzerz.net a écrit : > Seems the current version is causing errors due to using syntax removed in > PHP 8. I'm seeing the following error message: > TypeError: implode(): Argument #2 ($array) must be of type ?array, string > given /usr/share/php/simplepie/library/SimplePie/Parse/Date.php(544) > > This was fixed upstream a while ago, so I'm bumping this bug in hopes that > the package can be updated. The dokuwiki package depends on this one and > is broken on the pages that make use of the library, causing some wiki pages > to become inaccessible after an upgrade to bookworm. Increasing the severity accordingly (it affects stable too I assume…). Regards David signature.asc Description: PGP signature
Bug#1063748: ITP: pythonprop -- graphical interface to the VOACAP HF propagation engine
Package: wnpp Severity: wishlist Owner: David da Silva Polverari X-Debbugs-Cc: debian-de...@lists.debian.org * Package name: pythonprop Version : 0.30.1 Upstream Contact: James Watson * URL : https://github.com/jawatson/pythonprop * License : GPL-2+ Programming Lang: Python3 Description : graphical interface to the VOACAP HF propagation engine pythonprop is a collection of Python 3 scripts designed to create VOACAP input (.dat) files and plot the resulting predictions. . It can be used either in point-to-point (P2P) mode, to produce HF (High Frequency) propagation predictions between two fixed locations, or in area mode, to produce HF propagation plots over a user-defined area from a fixed transmit site. . This package provides the voacapgui, voaP2PPlot and voaAreaPlot scripts. It is useful for making HF (High Frequency) circuit prediction for amateur radio ("ham radio") operators. This package provides a GUI for the voacapl package [1]. I plan to maintain it by myself initially, later proposing to include it on the Debian Hamradio Team. I don't need a sponsor. [1] https://bugs.debian.org/1063747 -- ⢀⣴⠾⠻⢶⣦⠀ David da Silva Polverari ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋⠀ Debian: The universal operating system ⠈⠳⣄
Bug#1063747: ITP: voacapl -- HF circuit prediction engine
Package: wnpp Severity: wishlist Owner: David da Silva Polverari X-Debbugs-Cc: debian-de...@lists.debian.org * Package name: voacapl Version : 0.7.6 Upstream Contact: James Watson * URL : https://github.com/jawatson/voacapl * License : special (public domain), CC0-1.0 and GPL-3+ parts Programming Lang: Fortran Description : HF circuit prediction engine voacapl is an implementation of VOACAP, the NTIA/ITS professional HF (high frequency) propagation prediction program, originally developed for Voice of America (VOA). It reads input files in the standard VOACAP format and writes point-to-point or area prediction data to an output file (or files). . voacapl helps amateur radio operators ("hams") predict point-to-point path loss and coverage of a given transceiver if given as inputs the transmitting and receiving antennas, solar weather, and time/date. . The suggested pythonprop package provides a graphical interface for voacapl, accepting inputs as fields and plotting the results as graphics. VOACAP (Voice of America Coverage Analysis Program) is a modified version of IONCAP (Ionospheric Communication Analysis and Prediction Program), developed for use by Voice Of America (VOA). Originally, IONCAP was developed by the National Telecommunications and Information Administration (NTIA), being a model that has been under development by the U.S. Government since 1942. The strength of the model is that it uses world maps of ionospheric parameters to construct the ionospheric path and uses path-specific statistics to evaluate the system performance factors. IONCAP was selected by the VOA in 1985 because it provided the system performance analysis capability they needed for design specifications and it had a proven track record. VOACAP's enhanced model is used worldwide to predict HF point-to-point or area data. It is often used on Microsoft Windows, distributed inside the HFWIN32 suite [1], where it is called VOACAPW. There is a shortage of HF prediction packages on Debian. In the past, I had to resort to using Windows machines to make HF predictions. Thus, I intend to package voacapl, along with its companion GUI, pythonprop, which depends on it. Initially, I plan to package it by myself, and I will propose including it in the Debian Hamradio Team. I don't need a sponsor. I have already packaged them both, and just need to make some minor adjustments. [1] http://www.greg-hand.com/hfwin32.html -- ⢀⣴⠾⠻⢶⣦⠀ David da Silva Polverari ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋⠀ Debian: The universal operating system ⠈⠳⣄
Bug#1063185: readpe: NMU diff for 64-bit time_t transition
Dear Steve, First of all, thanks for your report and for the work on the transition! After having a look at [1] and [2], I found the only reported problem was due to the usage of a pointer to the pe_ctx structure (typedef'ed as pe_ctx_t) [3] as the first parameter of the exported functions from libpe, as its map_size field is of type off_t ("Base type has been changed from long to long long. Recompilation of a client program may be broken."). The output of `apt rdepends libpe1` shows that only the binaries built by readpe depend on it. Besides, within readpe itself, there is only one mention to accessing the map_size field directly outside of libpe, and it is commented out [4]. That said, I am not sure that including readpe in the transition will be necessary, but maybe I have overlooked something. But I thought I should add this information here. [1] https://adrien.dcln.fr/misc/armhf-time_t/2024-02-01T09:53:00/compat_reports/libpe-dev/base_to_lfs/compat_report.html [2] https://adrien.dcln.fr/misc/armhf-time_t/2024-02-01T09:53:00/compat_reports/libpe-dev/lfs_to_time_t/compat_report.html [3] https://salsa.debian.org/pkg-security-team/readpe/-/blob/debian/master/lib/libpe/include/libpe/context.h?ref_type=heads#L72 [4] https://salsa.debian.org/pkg-security-team/readpe/-/blob/debian/master/src/pescan.c?ref_type=heads#L372 Regards, -- ⢀⣴⠾⠻⢶⣦⠀ David da Silva Polverari ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋⠀ Debian: The universal operating system ⠈⠳⣄
Bug#1063659: nginx: Set worker_cpu_affinity in default configuration
Package: nginx Version: 1.22.1-9 Severity: wishlist X-Debbugs-Cc: davidgilm...@gmail.com Dear Maintainer, Please consider setting `worker_cpu_affinity auto;` in the default nginx.conf. The default configuration already sets `worker_processes auto;` to direct nginx to spin up a worker process on each CPU. The auto setting for worker_cpu_affinity is the sibling setting for auto worker_processes, it takes each of those worker processes and pins them to a unique CPU. -- System Information: Debian Release: 12.5 APT prefers stable-updates APT policy: (991, 'stable-updates'), (991, 'stable-security'), (990, 'stable'), (600, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-17-amd64 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages nginx depends on: ii iproute2 6.1.0-3 ii libc6 2.36-9+deb12u4 ii libcrypt1 1:4.4.36-4 ii libpcre2-8-0 10.42-1 ii libssl3 3.0.11-1~deb12u2 pn nginx-common ii zlib1g1:1.2.13.dfsg-1 nginx recommends no packages. nginx suggests no packages.
Bug#1061429: tomboy-ng copy and paste error
Hi Shawn, sorry about a slow response to your report, for reasons I don't understand, it was not forwarded to my address. Lets see if it is this time ! I am unable to replicate your problem I am afraid. I have a Trixie Gnome install running in a VM and find I can copy and paste backwards and forwards between tomboy-ng and either the Gnome Text Editor or a terminal session without any surprises. Can you advise me of what 'other' application you used in your failed test ? tomboy-ng is happy to send and receive plain text, uft8 text or rtf to the clipboard. Its pretty unlikely your test application cannot handle at least one of those David
Bug#1063150: python3-samba: errors when executiong update-initramfs
Package: python3-samba Version: 2:4.19.4+dfsg-3 Severity: normal When executing update-initramfs (triggered by a mdadm upgrade), I get following errors /usr/lib/python3/dist-packages/samba/tests/dns_forwarder_helpers/server.py:80: SyntaxWarning: invalid escape sequence '\s' m = re.match(b'^timeout\s+([\d.]+)$', data.strip()) /usr/lib/python3/dist-packages/samba/tests/samba_tool/join_member.py:43: SyntaxWarning: invalid escape sequence '\s' existing_records = re.findall('A:\s+(\d+\.\d+\.\d+\.\d+)\s', out) /usr/lib/python3/dist-packages/samba/tests/samba_tool/ntacl.py:93: SyntaxWarning: invalid escape sequence '\s' self.assertNotRegex(err, '^\s*File [^,]+, line \d+, in', /usr/lib/python3/dist-packages/samba/tests/samba_tool/user_virtualCryptSHA.py:42: SyntaxWarning: invalid escape sequence '\s' p = re.compile("^" + name + ":\s+(\S+)") /usr/lib/python3/dist-packages/samba/tests/samba_tool/user_virtualCryptSHA_base.py:42: SyntaxWarning: invalid escape sequence '\s' p = re.compile("^" + name + ":\s+(\S+)") -- System Information: Debian Release: trixie/sid APT prefers testing APT policy: (900, 'testing'), (800, 'stable-security'), (600, 'unstable'), (500, 'stable-updates'), (500, 'proposed-updates'), (400, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.6.13-amd64 (SMP w/8 CPU threads; PREEMPT) Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages python3-samba depends on: ii libbsd0 0.11.8-1 ii libc6 2.37-15~deb13u1 ii libgnutls30 3.8.3-1 ii libldb2 2:2.8.0+samba4.19.4+dfsg-3 ii libpython3.11 3.11.7-2 ii libtalloc22.4.2-1 ii libtevent00.16.1-1 ii python3 3.11.6-1 ii python3-ldb 2:2.8.0+samba4.19.4+dfsg-3 ii python3-talloc2.4.2-1 ii python3-tdb 1.4.10-1 ii samba-libs [libndr3] 2:4.19.4+dfsg-3 Versions of packages python3-samba recommends: pn python3-gpg python3-samba suggests no packages. -- no debconf information
Bug#1063096: python3-webview: proxy_tools dependency not found
Package: python3-webview Version: 4.4.1+dfsg-1 Severity: important Dear Maintainer, With the upgrade to python3-webview from 3.3.5 to 4.4.1, the package is no longer usable. The package is unable to find the module proxy_tools. For example, a simple script using webview fails: --- #!/bin/python3 import webview webview.create_window(title = 'Captive Portal Login', url = 'http://network-test.debian.org/nm', width = 1024, height = 768, min_size = (1024, 768), resizable = False) webview.start() --- The error is: --- Traceback (most recent call last): File "/home/user/bin/captiveportal.py", line 3, in import webview File "/usr/lib/python3/dist-packages/webview/__init__.py", line 23, in from proxy_tools import module_property ModuleNotFoundError: No module named 'proxy_tools' --- Presumably, python3-proxy_tools needs to be packaged and added to the dependencies of python3-webview. Thanks! David -- System Information: Debian Release: trixie/sid APT prefers testing APT policy: (500, 'testing'), (400, 'unstable'), (300, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.6.13-amd64 (SMP w/8 CPU threads; PREEMPT) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE=en_AU:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages python3-webview depends on: ii gir1.2-webkit2-4.1 2.42.4-1 ii python3 [python3-supported-min] 3.11.6-1 ii python3-bottle 0.12.25-1 ii python3-gi 3.46.0-3 ii python3-gi-cairo 3.46.0-3 ii python3-typing-extensions4.7.1-2 python3-webview recommends no packages. python3-webview suggests no packages. -- no debconf information
Bug#1062838: openconnect: NMU diff for 64-bit time_t transition
This looks like overkill to me, for openconnect. There's precisely one function exported from libopenconnect which uses time_t, and I suspect there aren't any *users* of that function in the distribution anyway (neither openconnect(8) nor NetworkManager- openconnect use it). So although it's not best practice, we could actually get away with just *dropping* that function, and adding a new function which returns either an explicit 64-bit value or a timespec or something. Alternatively... on how many of our 64-bit architectures can we just return the high 32 bits of the 64-bit time_t in a register that we call-clobbered anyway — so callers who expect a 64-bit time_t get to see it all, and callers who expect a 32-bit time_t just don't notice? The contents of the *low* 32 bits are the same either way, right? It definitely doesn't seem like we need to switch to a new soname ... except *are* you switching the soname? Or just the package name? It looks like the symbol versions are remaining the *same*...? How does that work? On Sat, 2024-02-03 at 16:13 -0300, Lucas Kanashiro wrote: > Source: openconnect > Version: 9.12-1 > Severity: serious > Tags: patch pending sid trixie > Justification: library ABI skew on upgrade > User: debian-...@lists.debian.org > Usertags: time-t > > NOTICE: these changes must not be uploaded to unstable yet! > > Dear maintainer, > > As part of the 64-bit time_t transition required to support 32-bit > architectures in 2038 and beyond > (https://wiki.debian.org/ReleaseGoals/64bit-time), we have identified > openconnect as a source package shipping runtime libraries whose ABI > either is affected by the change in size of time_t, or could not be > analyzed via abi-compliance-checker (and therefore to be on the safe > side we assume is affected). > > To ensure that inconsistent combinations of libraries with their > reverse-dependencies are never installed together, it is necessary to > have a library transition, which is most easily done by renaming the > runtime library package. > > Since turning on 64-bit time_t is being handled centrally through a > change > to the default dpkg-buildflags (https://bugs.debian.org/1037136), it > is > important that libraries affected by this ABI change all be uploaded > close > together in time. Therefore I have prepared a 0-day NMU for > openconnect > which will initially be uploaded to experimental if possible, then to > unstable after packages have cleared binary NEW. > > Please find the patch for this NMU attached. > > If you have any concerns about this patch, please reach out ASAP. > Although > this package will be uploaded to experimental immediately, there will > be a > period of several days before we begin uploads to unstable; so if > information > becomes available that your package should not be included in the > transition, > there is time for us to amend the planned uploads. > > > > -- System Information: > Debian Release: trixie/sid > APT prefers unstable > APT policy: (500, 'unstable') > Architecture: amd64 (x86_64) > > Kernel: Linux 6.2.0-39-generic (SMP w/32 CPU threads; PREEMPT) > Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, > TAINT_UNSIGNED_MODULE > Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not > set > Shell: /bin/sh linked to /usr/bin/dash > Init: systemd (via /run/systemd/system) smime.p7s Description: S/MIME cryptographic signature
Bug#1062366: nullmailer: adminaddr should also set From on mails from root@localhost
Martin-Éric Racine writes: > > The /etc/nullmailer/adminaddr address should also define the From for > messages sent BY root, not just TO root, and use it to make nullmailer > overwrite any outgoing root@defaultdomain message. > Hi Martin-Éric; Just to confirm, this seems like an upstream issue that I should forward? d
Bug#1061774: nmu: pngcheck_3.0.3-1
On Mon, Jan 29, 2024 at 04:45:59PM +0100, Filip Hroch wrote: > Dear Release Team, > > may I ask you to rebuild pngcheck package against to > the current version of zlib? > > I'm maintainer of fitspng package having bug #1059970, > and I found that the bug is not related on fitspng itself. > Actually, it is caused by pngcheck during CI tests > verification. The current binary of pngcheck is compiled > against an old zlib yet, and needs a recompilation. > In my opinion, there is no need for a rebuild. This is just a warning that upstream deemed useful to include on the program. If tests are failing because of that, I believe that fitspng tests are the ones that should be updated to take that behaviour into account (using allow-stderr and grepping for the 'OK', for example). If zlib's SONAME hasn't changed, there's not need to link against a newer version. Regards, David
Bug#1061733: RFS: dds-ktx/0.0~git20230626,c3ca8fe-1 -- Header-only library for parsing KTX textures
Package: sponsorship-requests Severity: normal X-Debbugs-Cc: davidjamescastor...@proton.me From: David James To: sub...@bugs.debian.org Subject: RFS: dds-ktx/0.0~git20230626.c3ca8fe-1 [ITP] -- Header-only library for parsing KTX textures Package: sponsorship-requests Severity: wishlist Dear mentors, I am looking for a sponsor for my package "dds-ktx": * Package name : dds-ktx Version : 0.0~git20230626.c3ca8fe-1 Upstream contact : sep...@pm.me * URL : https://github.com/septag/dds-ktx * License : BSD-2-clause * Vcs : https://salsa.debian.org/Castor216/dds-ktx Section : libs The source builds the following binary packages: dds-ktx-header - Header-only library for parsing KTX textures To access further information about this package, please visit the following URL: https://mentors.debian.net/package/dds-ktx/ Alternatively, you can download the package with 'dget' using this command: dget -x https://mentors.debian.net/debian/pool/main/d/dds-ktx/dds-ktx_0.0~git20230626.c3ca8fe-1.dsc Changes for the initial release: dds-ktx (0.0~git20230626.c3ca8fe-1) unstable; urgency=medium . * Initial release. (Closes: #1060208) Notes: This is one of the two remaining depedencies for the Citra Nintendo 3DS emulator. Regards, -- David James
Bug#1058764: opendmarc: installs deprecated /lib/opendmarc/opendmarc.service.generate
Chris Hofstaedtler: > Hi David, > > On Sun, Jan 28, 2024 at 01:44:34PM +0100, David Bürgin wrote: > > Hello Chris, > > > > the deprecation notice was included only with the last stable release. > > I think it would be nice to keep the file for another release or so. > > > > Please also note that the same file exists in the opendkim package. > > Alright. In this case, please move the file to /usr in your next > upload, for trixie. > > Please also make sure the packages don't keep installing a > /lib/opendmarc directory (instead of /usr/lib/opendmarc). > > Do you want a patch for that? I’m very far away from this project. If you have a patch ready it is welcome. thank you.
Bug#1061323: RFP: rust-toml2json -- A very small CLI for converting TOML to JSON
Matthias Geiger writes: > * Package name: rust-toml2json > Version : 1.3.1 > Upstream Contact: woodruffw > * URL : https://github.com/woodruffw/toml2json > * License : MIT > Programming Lang: Rust > Description : A very small CLI for converting TOML to JSON > > Filing on behalf on bremner. Since src: reserialize provides a toml2json > binary it would have to be renamed. All its dependencies are in debin > so this would be easy to package. I inherited this "wish" from a private upstream project. I'm not sure it's strictly needed or if I can use the one from "reserialize" with some work. I did notice some grumbling about reserialize (don't know/remember the specifics) and that the rust toml2json supports a -p for pretty-print option, while reserialize apparently does not support pretty-printing.
Bug#1061354: packages.debian.org: MIT mirror returns 503 error
Package: www.debian.org Severity: important Dear Maintainer, packages.debian.org appears to likely have two physical hosts, one at MIT, and one hosted via conova(?): = packages.debian.org has address 128.31.0.51 packages.debian.org has address 195.192.210.132 packages.debian.org has IPv6 address 2603:400a::bb8::801f:33 packages.debian.org has IPv6 address 2a02:16a8:dc41:100::132 NetRange: 128.31.0.0 - 128.31.255.255 CIDR: 128.31.0.0/16 NetName:MIT-RES NetRange: 2603:4000:: - 2603:40FF:::::: CIDR: 2603:4000::/24 NetName:MIT-V6 inetnum:195.192.208.0 - 195.192.215.255 netname:AT-CONOVA-19960403 inet6num: 2a02:16a8:dc41:100::/56 netname:CUS-DEBIAN ... route6: 2a02:16a8::/32 descr: conova communications GmbH IPv6 Route Object = While the two conova-associated IPs seem to work fine, the MIT-associated hosts hang for 60 seconds before eventually returning a 503: = $ time curl -I --resolve packages.debian.org:443:128.31.0.51 "https://packages.debian.org/sid/p7zip; HTTP/2 503 ... real1m4.353s $ time curl -I --resolve packages.debian.org:443:[2a02:16a8:dc41:100::132] "https://packages.debian.org/sid/p7zip; HTTP/2 200 ... real0m0.519s $ time curl -I --resolve packages.debian.org:443:[2603:400a::bb8::801f:33] "https://packages.debian.org/sid/p7zip; HTTP/2 503 ... real1m4.350s $ time curl -I --resolve packages.debian.org:443:195.192.210.132 "https://packages.debian.org/sid/p7zip; HTTP/2 200 ... real0m0.523s This also results in a web browser failing to load the page ~50% of the time (across launches). I have confirmed this behavior from multiple ISPs, web browsers, and curl.
Bug#1058999: linux-image-6.5.0-5-amd64: System hangs when connecting an ethernet NIC to network which was not connected on boot
Le 22/01/2024 à 13:49, Erwan David a écrit : Le 23/12/2023 à 21:26, Erwan David a écrit : Le 19/12/2023 à 19:34, Diederik de Haas a écrit : On Tuesday, 19 December 2023 19:16:33 CET Erwan David wrote: Same behaviour with 6.6.3-1 from experimental (that's what apt gave me, maybe tomoroow the 6.6.4). Either your APT cache should be updated or you're using a mirror which is rather severely out of date. 6.6.4-1 was uploaded to Debian on 2023-12-03, a day after .3-1. it was 6.6.4. I tried with my Aten Dock : same thing. I disabled the virtualbox service so that the virtualbox modules are not loaded : it does not hang immediately, but waits a few minutes before doing it. Some more details : 1) problem does not come from ethernet Nics, but rather from Wifi chipset, blocking appears when it is deactivated either by BIOS (when connecting Ethernet) or manually (through nm-applet in KDE) Wifi chipset is 02:00.0 Network controller: Intel Corporation Wireless 8265 / 8275 (rev 78) Sorry, mail sent too fast : It seems to work better with kernel 6.6.11 (6.6.9 still had the bug). I'll do some other tests when possible (this laptop is my work laptop, and I cannot do tests leading to possible crash as often as I would wa nt -- Erwan David
Bug#1058999: linux-image-6.5.0-5-amd64: System hangs when connecting an ethernet NIC to network which was not connected on boot
Le 23/12/2023 à 21:26, Erwan David a écrit : Le 19/12/2023 à 19:34, Diederik de Haas a écrit : On Tuesday, 19 December 2023 19:16:33 CET Erwan David wrote: Same behaviour with 6.6.3-1 from experimental (that's what apt gave me, maybe tomoroow the 6.6.4). Either your APT cache should be updated or you're using a mirror which is rather severely out of date. 6.6.4-1 was uploaded to Debian on 2023-12-03, a day after .3-1. it was 6.6.4. I tried with my Aten Dock : same thing. I disabled the virtualbox service so that the virtualbox modules are not loaded : it does not hang immediately, but waits a few minutes before doing it. Some more details : 1) problem does not come from ethernet Nics, but rather from Wifi chipset, blocking appears when it is deactivated either by BIOS (when connecting Ethernet) or manually (through nm-applet in KDE) Wifi chipset is 02:00.0 Network controller: Intel Corporation Wireless 8265 / 8275 (rev 78) -- Erwan David
Bug#1061169: aptitude: "aptitude install debhelper-compat" fails with "virtual package provided by: debhelper debhelper debhelper"
(drive-by comment from an apt maintainer) On Sat, Jan 20, 2024 at 06:30:34AM +, Askar Safin wrote: > - Type "aptitude install debhelper-compat" > > The command will fail with the following absolutely absurd message: > > # aptitude install debhelper-compat > "debhelper-compat" is a virtual package provided by: > debhelper debhelper debhelper debhelper debhelper > You must choose one to install. > Unable to apply some actions, aborting debhelper has (currently) five versioned provides. I think aptitude doesn't support/expect versioned provides here (if at all): src/cmdline/cmdline_action.cc:278 ff although there are other places where a similar message is generated in src/pkg_item.cc and src/gtk/entitysummary.cc. Would be a good idea to check if a package is already in the pkgvector before adding it again – or make that vector a set. Note that libapt has wrappers like APT::PackageSet nowadays which should work better and more natural than typedef'ed std-containers… but that transition might be a bigger effort than just adding an (untested) `if (std::ranges::find(possible, j) == possible.end())` before the push_back. Best regards David Kalnischkies signature.asc Description: PGP signature
Bug#1061158: ITP: discord-rpc -- library for Discord Rich Presence integration
Hi Mathias, That is very kind of you. When it clears lintian and I have tested it against Citra I will let you know. Thanks again. David
Bug#1061158: ITP: discord-rpc -- library for Discord Rich Presence integration
Package: wnpp Severity: wishlist Owner: David James X-Debbugs-Cc: debian-de...@lists.debian.org, davidjamescastor...@proton.me * Package name: discord-rpc Version : 3.4.0 Upstream Contact: Discord, Inc * URL : https://github.com/discord/discord-rpc * License : MIT Programming Lang: C, C++, CMake, Python Description : library for Discord Rich Presence integration This is a library for integrating Discord features into games and applications. For example, it allows an application to connect to Discord and show in-game activity on a user's profile. It is also a Citra dependency. There are multiple FOSS projects aside from Citra that also integrate this library and could make use of this package if they were ever packaged themselves (e.g. Duckstation, PCSX2 etc.). I would be maintaining this package myself, but would need a sponsor.
Bug#1061148: apt: option -a has several meanings and is unusable
On Fri, Jan 19, 2024 at 05:10:40PM +0100, Vincent Lefevre wrote: > The -a=... version is not documented in the manual, only -a alone, Compare -t, which also doesn't say -t=foo. Probably mostly due to -t foo working as well or just because the manpages like their inconsistencies and would deserve some love, but who has the time to not just complain but also actually write all of it… (reordered for posterity) >-a, --host-architecture >This option controls the architecture packages are built for by >apt-get source --compile and how cross-builddependencies are >satisfied. > > There are 2 verbs "controls" and "are built". And I don't see how > to parse "for by". A package is "built for" the given (with -a) host architecture by "apt-get source --compile" – aka its instructed to cross-compile a package for the given host architecture instead of doing a "normal" compile where host and build architecture are the same. So, "apt-get source -b -a armhf foo" will (simplified) build a "foo_armhf.deb" on your (likely amd64) machine to be used on another (probably less powerful) armhf machine. Similar for build-dep, just that this won't build anything but interprets certain dependencies differently. Using the option properly requires preparations that would fill their own manpage to explain properly and its certainly not APTs place to do that as it is just a tiny cog in the cross-machinery. > Still, I don't see what this option does. So, long story short: You would if you would need that option, but you don't need it, so you don't. --print-uris prints URIs; nowhere is explained what URI stands for, it is just assumed that people who need it will know. Hey, quick, what is a "build profile" and can you name a few? Now go and ask that question another user and see how that goes. >By default is it not set which means that the host >architecture is the same as the build architecture (which is >defined by APT::Architecture). Configuration Item: >APT::Get::Host-Architecture. > In the next sentence: "is it". Should this be > "it is"? The comma is missing before "which". Perhaps it should, "is it not" has the hint of a question. In German I would write such a sentence without a comma as the added phrase isn't [that] optional, but not sure if a German – or English – teacher would actually agree on me claiming "definition phrase", which are not separated by commas in both languages. Could easily be done without a which if we were really trying. Doesn't matter that much through as I would agree that the manpage(s) need a revamp, but certainly not by me and not based on this. For this specific option in particular, 99% of the user base are probably better served if we were to remove its documentation entirely. What about the 1%? Well, they deserve to write the patches to improve the manpage and potentially fixup the translations (depending on how much they reword here). [Case in point, the option as documented doesn't work for years and nobody noticed – because 1% was an overstatement already; fixed in git] Best regards David Kalnischkies signature.asc Description: PGP signature
Bug#1061094: mmdebstrap vs. apt -o DPkg::Inhibit-Shutdown
tl;dr: Fine by me, just some explaining comments for the record. On Thu, Jan 18, 2024 at 12:54:45PM +1100, Trent W. Buck wrote: > This MIGHT affect someone else doing "apt -o Dir=⋯" to do custom installs, but > everything I can think of offhand is a wrapper around debootstrap, except for > https://github.com/openSUSE/obs-build/blob/master/obs-docker-support#L118 This one sets different sources.list files, doesn't change Dir and is hence still effected by the inhibit… except that this probably runs somewhere in docker, so likely without dbus, systemd and what not. > Everything I can find seems to set e.g. Dir::Etc rather than Dir itself. > > https://codesearch.debian.net/search?q=apt.*-o.*Dir%5B%5E%3A%5D > https://github.com/search?q=%2Fapt.*-o.*Dir%2F=code (requires > Microsoft account, requires javascript) Just for the record: To find more users you would need to look for RootDir as well, which was used heavily before Dir. Looking for scripts setting these options on the command line is probably not catching a lot of users as command line parsing happens pretty late – after config files are read – so setting {Root,}Dir is usually done in a config file given via the APT_CONFIG environment variable. Case in point: Our very own test cases do something akin to chrootless mode of mmdebstrap with APT_CONFIG and Dir … and now I wonder how often those tests inhibit and release the block on shutdown. I guess I never tried to shutdown while running our tests. ☺ Also, as this is libapt, this isn't apt specific, could potentially be used via apt-get, aptitude, python-apt, libapt-perl, synaptics, your run of the mile software center, … its just increasingly unlikely. A usecase I could imagine is someone trying to recover his main system from a live CD. If your main system is sufficiently broken that chrooting into it doesn't really work you could operate on it from the outside similar to mmdebstrap (after all, the to be bootstrapped system is sufficiently broken… given it doesn't really exist yet). Anyway, this is a relatively new safeguard (60cc44d160 – April 2019) nobody should really hard-depend on: Having it inhibited for too many or for too few by default isn't that big of a problem and if someone cares either way they can always set the option explicitly. Given it is mainly supposed to avoid accidents for users who don't interact with apt directly Dir == "/" is probably the closest we can be to a sensible default value for the inhibition here if we ignore that ideally the front ends would do the inhibition instead of our low-level library, but that ship sailed… Best regards David Kalnischkies signature.asc Description: PGP signature
Bug#1061048: RFS: RPGMod/1.3 ITP -- heyo!
On Tue, Jan 16, 2024 at 07:42:09PM -0300, peq42 wrote: > I am looking for a sponsor for my package "RPGMod": Package names are lowercase. No idea about the package or what it even is, but it looks a bit and mentions games, so the Debian Games Team might be a good place to find people/sponsors who know the field and can give hints: https://wiki.debian.org/Games/Team > * URL : http://peq42.com I suppose: https://peq42.com/projects/rpgmod/ > * Vcs : https://peq42.com/downloads/RPGmod%20-%20Linux.deb "Vcs" means "Version control system", while optional its strongly recommend to use one (also for your upstream development). Look it up on your preferred search engine; it might change your life. > Alternatively, you can download the package with 'dget' using this command: > > dget -x https://peq42.com/downloads/RPGmod%20-%20Linux.deb Usually, you upload a source package that builds one (or more) binary packages (= the deb files). Your deb uses zst as compressor, so I guess you built it on a semi recent Ubuntu release (older versions might have problems with it, Debian releases even more – read-only support exists rather recentish). You don't need to know what the first part of that sentence means to be a good packager (but feel free to look it up if you are interested), but packages for Debian should be built in the Debian release they are targeting (for a new package, that would usually be 'unstable') – you can use virtual machines, chroots and what not for that and use e.g. tools like sbuild. Your package installs (most) things in /opt – that isn't suitable for packages targeted at the Debian archive. I also note that your package claims to have no dependencies whatsever, which I find somewhat hard to believe even if it is technically possible. > additional comments: > I'm sorry if this e-mail is not exactly perfect or if anything is missing, > this is my first time packaging and submiting a package to the debian store. > I setup the package using my personal e-mail(gabrielpm2...@gmail.com) and > real name(Gabriel), but for the sake of lowering spam I get there, if > possible, utilize this one(admi...@peq42.com) in the store You can give any mail you like in the packaging… personally I am using my @debian.org address in the packages and my personal mail for communication on this and other lists, reply to bugreports and so on. Others do the reverse. None of it will help lower spam though as nobody and nothing can avoid an (un)healthy dosage of spam. Note that Debian doesn't have a "store". We have repository(s) which can mean the same thing and actually pre-dates stores, but usually involves a different mind set: (Personal opinion follows) We don't "sell" individual packages as products, but an entire catalog of 70.000+ packages that work (and play) well together. As said, I haven't looked too closely at the package, but even so I think you will need to invest a lot more work into making it fit for the Debian archive… or in other words: lots of documentation to read, policies to follow and friends to make on and off list(s). Good luck & Best regards David Kalnischkies signature.asc Description: PGP signature
Bug#1061111: RFS: dpkg-buildenv/1.0.0 [ITP] -- Builds debian packages in a docker container.
Hi, On Thu, Jan 18, 2024 at 02:35:40PM +, Aidan wrote: > I am looking for a sponsor for my package "dpkg-buildenv": Similar to my recent "veto" of apt-verify in #1059267, which was subsequently ignored and pushed into the archive anyhow, I would like to call into question the naming of the package/application… There are various "dpkg-build*" tools already that grabbing 'env' feels wrong (I would confuse it probably with 'flag' on a bad day), especially if that isn't at least discussed with dpkg maintainers (I at least see no mention of it on the list) and given that this is something that "just" works with Docker. As explained in the other bug, there is no veto and as you can see its easy to completely ignore me (and anyone else) but I wanted to say it anyhow, so that nobody is surprised later on. Best regards David Kalnischkies signature.asc Description: PGP signature
Bug#1061078: ITP: oaknut -- Aarch64 (arm64) code emitter
Package: wnpp Severity: wishlist Owner: David James X-Debbugs-Cc: debian-de...@lists.debian.org, davidjamescastor...@proton.me * Package name: oaknut Version : 1.2.2 Upstream Contact: MerryHime <https://mary.rs> * URL : https://github.com/merryhime/oaknut * License : MIT (Expat) Programming Lang: C++, CMake Description : Aarch64 (arm64) code emitter Oaknut is a header-only C++20 assembler for arm64 systems. It is designed to process C++ code and emit it to memory at runtime. I am in the process of packaging Citra, the Nintendo 3DS emulator. This is one of the dependencies required to package Citra on arm64. Without this, I would have to exclude the arm64 architecture entirely. In addition to being a Citra dependency, this software would also be useful for anyone creating software to emulate an embedded ARM 8.0-8.2 system. I would maintain this package myself, but would need a sponsor.
Bug#1059291: bookworm-pu: package spip/4.1.9+dfsg-1+deb12u4
Control: retitle -1 bookworm-pu: package spip/4.1.9+dfsg-1+deb12u4 Le Sat, Dec 30, 2023 at 12:06:56PM +0100, Salvatore Bonaccorso a écrit : > On Fri, Dec 22, 2023 at 01:28:00PM +0100, David Prévot wrote: […] > > This issue is similar to #1059289 for oldstable. > > > > Another upstream release fixed a security (XSS) issue. The last two > > updates of this kind didn’t warrant a DSA, so I guess this one will not > > warrant one either (security team X-D-CCed in case I’m wrong). And here we are again, another XSS was fixed (in a plugin not provided by the version in oldstable), second debdiff attached, thanks in advance for considering. Regards, taffit diff --git a/debian/changelog b/debian/changelog index 333c4146c1..23a523a96a 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +spip (4.1.9+dfsg-1+deb12u4) bookworm; urgency=medium + + * Backport security fix from 4.1.15 +- fix XSS in uploaded files using bigup + + -- David Prévot Fri, 12 Jan 2024 13:42:36 +0100 + spip (4.1.9+dfsg-1+deb12u3) bookworm; urgency=medium * Backport security fix from 4.1.13 diff --git a/debian/patches/0013-fix-viter-de-possibles-XSS-avec-le-nom-des-fichiers-.patch b/debian/patches/0013-fix-viter-de-possibles-XSS-avec-le-nom-des-fichiers-.patch new file mode 100644 index 00..7c72b8539d --- /dev/null +++ b/debian/patches/0013-fix-viter-de-possibles-XSS-avec-le-nom-des-fichiers-.patch @@ -0,0 +1,79 @@ +From: Matthieu Marcillaud +Date: Sun, 7 Jan 2024 22:07:19 +0100 +Subject: =?utf-8?q?fix=3A_=C3=89viter_de_possibles_XSS_avec_le_nom_des_fich?= + =?utf-8?q?iers_upload=C3=A9s_=28en_js=29?= + +(cherry picked from commit df7543f1dc9d04f068dd12c901b89a98db535961) + +Origin: upstream, https://git.spip.net/spip/bigup/commit/ada821c076d67d1147a195178223d0b4a6d8cecc +--- + plugins-dist/bigup/javascript/bigup.js | 34 ++-- + plugins-dist/bigup/javascript/bigup.utils.js | 12 +- + 2 files changed, 33 insertions(+), 13 deletions(-) + +diff --git a/plugins-dist/bigup/javascript/bigup.js b/plugins-dist/bigup/javascript/bigup.js +index bd84fc1..5b9b5be 100644 +--- a/plugins-dist/bigup/javascript/bigup.js b/plugins-dist/bigup/javascript/bigup.js +@@ -190,18 +190,28 @@ function Bigup(params, opts, callbacks) { + var extension = $.trouver_extension(file.name); + + var template = +- '\n' +- + '\n\t' +- + '\n\t\t' +- + '\n\t\t' +- + '\n\t\t\t' + file.name + '' +- + '\n\t\t\t' + $.taille_en_octets(file.size) + '' +- + '\n\t\t' +- + '\n\t\t' +- + '\n\t\t\t' + _T("bigup:bouton_annuler") + '' +- + '\n\t\t' +- + '\n\t' +- + '\n\n'; ++ '\n' + ++ '\n\t' + ++ '\n\t\t' + ++ '\n\t\t' + ++ '\n\t\t\t' + ++ $.escapeHtml(file.name) + ++ '' + ++ '\n\t\t\t' + ++ $.taille_en_octets(file.size) + ++ '' + ++ '\n\t\t' + ++ '\n\t\t' + ++ '\n\t\t\t' + ++ _T('bigup:bouton_annuler') + ++ '' + ++ '\n\t\t' + ++ '\n\t' + ++ '\n\n'; + + return template; + } +diff --git a/plugins-dist/bigup/javascript/bigup.utils.js b/plugins-dist/bigup/javascript/bigup.utils.js +index 872123b..4a1bad9 100644 +--- a/plugins-dist/bigup/javascript/bigup.utils.js b/plugins-dist/bigup/javascript/bigup.utils.js +@@ -171,4 +171,14 @@ $.mime_type_image = function(extension) { + break; + } + return mime; +-}; +\ No newline at end of file ++}; ++ ++/** Escape HTML */ ++$.escapeHtml = function(unsafe) { ++ return unsafe ++ .replaceAll('&', '') ++ .replaceAll('<', '') ++ .replaceAll('>', '') ++ .replaceAll('"', '') ++ .replaceAll("'", ''); ++} diff --git a/debian/patches/0014-fix-Ajout-d-un-point-virgule-manquant.patch b/debian/patches/0014-fix-Ajout-d-un-point-virgule-manquant.patch new file mode 100644 index 00..33e6a87c7e --- /dev/null +++ b/debian/patches/0014-fix-Ajout-d-un-point-virgule-manquant.patch @@ -0,0 +1,21 @@ +From: Glop +Date: Thu, 11 Jan 2024 17:16:45 +0100 +Subject: fix: Ajout d'un point-virgule manquant + +(cherry picked from commit ac51139245cea6e6dd44dba47b30122b69ff1f1c) + +Origin: upstream, https://git.spip.net/spip/bigup/commit/0757f015717cb72b84dba0e9a375ec71caddf1c2 +--- + plugins-dist/bigup/javascript/bigup.utils.js | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/plugins-dist/bigup/javascript/bigup.utils.js b/plugins-dist/bigup/javascript/bigup.utils.js +index 4a1bad9..a255f2f 100644 +--- a/plugins-dist/bigup/javascript/bigup.utils.js b/plugins-dist/bigup/javascript/bigup.utils.js +@@ -181,4 +181,4 @@ $.escapeHtml = function(unsafe) { + .replaceAll('>', '') + .replaceAll('"', '') + .replaceAll("'", ''); +-} ++}; diff --git a/debian/patches/series b/debian/patches/series index c0ceb74e71..38c2a1189b 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -10,3 +10,5 @@ 0010-security-Utiliser-auth_desensibiliser_se
Bug#1060208: ITP: dds-ktx -- header-only library for reading KTX format textures
On further inspection, I have noticed that several commits have been made since 1.1. To maintain compatibility with Citra I will therefore be bumping the version to 1.1~git20211021.c3ca8fe.