Bug#965329: check_ldaps (and maybe others?) cannot be restricted to IPv4-only checks via -4 cmdline switch
Package: monitoring-plugins-standard
Version: 2.2-6
Hi,
I just stumbled over a peculiar thing.
I migrated one of my LDAP server that gets monitored via Icinga2 for
IPv6 and IPv4 connectivity separately. The LDAP hosts IPv6 setup is
still buggy after its migration and the Icinga2 host for now gets
blocked by the providers firewall and cannot reach the the LDAP
server's IPv6 address (like a fw DROP or a routing problem). (I filed
a ticket with the server hoster for that, so this is off-topic here).
However...
I'd expect the IPv4 check_ldaps test to succeed (and see a check_ldaps
timeout for the IPv6 test). But that's not the case.
I obfuscated IPs a bit in the below strace output:
IPv4
1.2.3.4 is the LDAP server to check
5.6.7.8 is the Icinga2 host that does the check
IPv6
2a01:::101 is the LDAP server to check
2001:::2 is the Icinga2 host that does the check
The check is:
check_ldaps -4 -3 -b dc=my,dc=domain -H ldap-server-x-on.my.domain -p636
I expect that the check happens on IPv4 only and IPv6 checking is
totally omitted.
The check does not work. It hangs and gives a "CRITICAL - Socket
timeout after 10 seconds"
Running this with strace -f reveals that the check is _NOT_ being done
on the IPv4 addresses, but via the IPv6 addresses. This is not what I
told the command to do via command line switch "-4".
Stracing the command call...
```
(root@icinga-host) {~} # strace -f /usr/lib/nagios/plugins/check_ldaps
-4 -3 -b dc=my,dc=domain -H ldap-server-x-on.my.domain -p636
[...]
recvmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0,
nl_groups=}, msg_namelen=12, msg_iov=[{iov_base={{len=20,
type=NLMSG_DONE, flags=NLM_F_MULTI, seq=1595174041, pid=24211}, 0},
iov_len=4096}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 20
close(3)= 0
socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(636),
sin_addr=inet_addr("1.2.3.4")}, 16) = 0
getsockname(3, {sa_family=AF_INET, sin_port=htons(49266),
sin_addr=inet_addr("5.6.7.8")}, [28->16]) = 0
close(3)= 0
socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET6, sin6_port=htons(636),
inet_pton(AF_INET6, "2a01:::101", _addr),
sin6_flowinfo=htonl(0), sin6_scope_id=0}, 28) = 0
getsockname(3, {sa_family=AF_INET6, sin6_port=htons(44501),
inet_pton(AF_INET6, "2001:::2", _addr),
sin6_flowinfo=htonl(0), sin6_scope_id=0}, [28]) = 0
close(3)= 0
socket(AF_INET6, SOCK_STREAM, IPPROTO_IP) = 3
fcntl(3, F_SETFD, FD_CLOEXEC) = 0
setsockopt(3, SOL_SOCKET, SO_KEEPALIVE, [1], 4) = 0
setsockopt(3, SOL_TCP, TCP_NODELAY, [1], 4) = 0
connect(3, {sa_family=AF_INET6, sin6_port=htons(636),
inet_pton(AF_INET6, "2a01:::101", _addr),
sin6_flowinfo=htonl(0), sin6_scope_id=0}, 28) = ? ERESTARTSYS (To be
restarted if SA_RESTART is set)
--- SIGALRM {si_signo=SIGALRM, si_code=SI_KERNEL} ---
WTF??? Why IPv6 here...?
openat(AT_FDCWD, "/usr/share/locale/locale.alias", O_RDONLY|O_CLOEXEC) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=2995, ...}) = 0
read(4, "# Locale name alias data base.\n#"..., 4096) = 2995
read(4, "", 4096) = 0
close(4)= 0
openat(AT_FDCWD,
"/usr/share/locale/en_US/LC_MESSAGES/monitoring-plugins.mo", O_RDONLY)
= -1 ENOENT (No such file or directory)
openat(AT_FDCWD,
"/usr/share/locale/en/LC_MESSAGES/monitoring-plugins.mo", O_RDONLY) =
-1 ENOENT (No such file or directory)
fstat(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0x3), ...}) = 0
write(1, "CRITICAL - Socket timeout after "..., 43CRITICAL - Socket
timeout after 10 seconds
) = 43
exit_group(2) = ?
+++ exited with 2 +++
```
Hope this makes sense to someone and that there is a proper upstream
issue tracker to forward this problem to. If it gets addressed by
someone, a fix-up for buster would be great (I'd volunteer to test and
handle the SRU for this).
Mike
--
DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940
GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de
pgpE8KrOoRsjq.pgp
Description: Digitale PGP-Signatur
Bug#939292: puppet-development-kit
Hello Thorsten, On 2020-07-17 4:39 p.m., Thorsten Alteholz wrote: > do you make progress with uploading puppet-development-kit? Do you need > a hand? thanks for suggesting your help! the current situation is that I've packaged "most of the dependencies" with help from folks in the ruby team. I've sent a progression update on the puppet packaging list: https://alioth-lists.debian.net/pipermail/pkg-puppet-devel/2020-July/012146.html to summarize the current status: * I'm stuck on ruby-spdx-licenses : I've asked upstream and SPDX about what licensing should be applied to the .json file that the library "vendors" and I still haven't received any feedback from SPDX. I *believe* that some form of creative commons license could apply given what I've found on their website (see details on the puppet pkg mailing list). * this also blocks metadata-json-lint -- maybe we can start work on packaging this thing regardless of the licensing issues for spdx-licenses, then we'll be closer to the goal. * I've worked on ruby-pathspec and I'm almost done with it. if I can find some free time soon, I'll try and upload it to debian archives. * the next "easy" batch of dependencies is ruby-rspec-puppet-facts, facterdb and jgrep. signature.asc Description: OpenPGP digital signature
Bug#964670: gsettings-qt: FTBFS: QQmlComponent: Component is not ready
Hi, On Fr 17 Jul 2020 16:43:39 CEST, Boyuan Yang wrote: Control: reopen 964670 X-Debbugs-CC: sunwea...@debian.org Hi Mike, It seems that the latest upload still did not solve this problem and all buildd builds are failing. ACK. Will take a look. Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgpsaJYpJAazx.pgp Description: Digitale PGP-Signatur
Bug#964318: gosa login broken with PHP 7.4
Control: forwarded -1 https://github.com/gosa-project/gosa-core/pull/33 Hi, On Do 09 Jul 2020 21:54:34 CEST, Wolfgang Schweer wrote: On Mon, Jul 06, 2020 at 12:05:44PM +0200, Wolfgang Schweer wrote: In both encrypt and decrypt cases, the chosen cipher method seems to return 0. This is the case because the chosen method (aes-256-ecb) doesn't use an initialization vector ($iv) at all, causing its length ($ivlen) to be 0, see e.g. https://usr.ed48.com/php/ssl/?xf=7 So the encrypt/decrypt implementation seems to have been sort of wrong before (and only now with PHP 7.4 an error is thrown). Please check and test the attached changes to /usr/share/gosa/include/functions.inc and /usr/sbin/gosa-encrypt-passwords; works for me, but then my skills are low level and this is a quite sensitive issue. Wolfgang patch submitted upstream. https://github.com/gosa-project/gosa-core/pull/33 Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgpO_IaXRLe8T.pgp Description: Digitale PGP-Signatur
Bug#953489: fixed in php-horde-text-filter-jsmin 1.0.2-8
Control: close -1 Hi Ivo, On Fr 10 Jul 2020 21:46:28 CEST, Ivo De Decker wrote: On 7/10/20 8:57 PM, Mike Gabriel wrote: Hi Ivo, Hi Mike, I have asked for white-listing some days back. I have pinged Philipp Kern explicitly once more (he white-listed php-horde-javascriptminify-jsmin just the other day...). I will close this bug, once the white-listing is in place. I am not in a hurry with testing migration, as we need to fix autopkgtests first, anyway. OK. I just wanted to make sure you were aware of the situation. Thanks, Ivo Philipp just added the pkg to the buildd non-free whitelist. Thus, closing this bug. Mike -- mike gabriel aka sunweaver (Debian Developer) mobile: +49 (1520) 1976 148 landline: +49 (4351) 486 14 27 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunwea...@debian.org, http://sunweavers.net pgpCKFHlMzy_T.pgp Description: Digitale PGP-Signatur
Bug#961874: Demote the dependency on Xfce libraries to suggests or recommends
Control: tags -1 + confirmed On 30 May 2020, Amr Ibrahim wrote: > > In Debian pragha depends on libxfce4ui-2-0 and libxfce4util7, however, > according to upstream*, pragha is independent of Xfce and libxfce4ui is > optional and not strictly required to run the app. So I think the > depends is too strong especially when the app is installed in a non-Xfce > environment. So please demote the Xfce libraries to suggests or > recommends, whichever you see more appropriate. To remove the dependency, I need to build pragha without libxfce4ui, which disables some of pragha's features. I'm testing this new build to understand what the removed features do. Thanks for the report, Gabriel
Bug#964318: gosa login broken with PHP 7.4
Hi Wolfgang, On Do 09 Jul 2020 21:54:34 CEST, Wolfgang Schweer wrote: On Mon, Jul 06, 2020 at 12:05:44PM +0200, Wolfgang Schweer wrote: In both encrypt and decrypt cases, the chosen cipher method seems to return 0. This is the case because the chosen method (aes-256-ecb) doesn't use an initialization vector ($iv) at all, causing its length ($ivlen) to be 0, see e.g. https://usr.ed48.com/php/ssl/?xf=7 So the encrypt/decrypt implementation seems to have been sort of wrong before (and only now with PHP 7.4 an error is thrown). Please check and test the attached changes to /usr/share/gosa/include/functions.inc and /usr/sbin/gosa-encrypt-passwords; works for me, but then my skills are low level and this is a quite sensitive issue. Wolfgang thanks for looking at this. I'll handle communication with upstream and gosa testing + fixing. Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgpPPItmnZbV0.pgp Description: Digitale PGP-Signatur
Bug#964811: dpkg-maintscript-helper: error: file '/usr/share/horde/themes/*' not owned by package 'php-horde'
HI Andy, On Fr 10 Jul 2020 20:03:06 CEST, Andy Dorman wrote: Package: php-horde Version: 5.2.21+debian1-1 Severity: important Dear Maintainer, This is similar to #778750, but different enough that it probably needs a separate ticket. We use Horde for it's very complete and robust webmail component. Over the years we have developed over 100 different themes (most are simple color variations), all stored in /usr/share/horde/themes/... yorick:/etc# ls /usr/share/horde/themes/ azur chargers-SD luc mustangs-THHS bluemoon chargers-UAH lucblue mustangs-TMC bluewhite chargers-UNH mobile NeXTgrey bulldogs-AAM cornflower mountaineers-ASU postnuke bulldogs-C deacons-BC mountaineers-BC print bulldogs-default deacons-defaultmountaineers-default purple bulldogs-FSU deacons-EBC mountaineers-EHS shadow bulldogs-FU deacons-WFU mountaineers-EOU silver bulldogs-GU default mountaineers-LHS simplex bulldogs-H fadetogreen mountaineers-MBHS sounds bulldogs-LTU fanmail mountaineers-MSMC tango-blue bulldogs-MSU fanmail.css mountaineers-MU usarmy bulldogs-SU fanmail-login.css mountaineers-SHS usarmy1 bulldogs-UGA fanmail_login.css mountaineers-SVC usarmy10 bulldogs-YU gamecocks-default mountaineers-WHS usarmy11 burntorange gamecocks-JSU mountaineers-WSC usarmy12 camo gamecocks-SCHS mountaineers-WVU usarmy13 camouflage gamecocks-SHS mozilla usarmy14 chargers-AA gamecocks-USC mustangs-CPSU usarmy15 chargers-ACC gennevilliers mustangs-default usarmy2 chargers-BCU graphics mustangs-KMHS usarmy3 chargers-CSHS green mustangs-MC usarmy4 chargers-default grey mustangs-MIC usarmy5 chargers-ELCA hi-contrast mustangs-MSU usarmy6 chargers-ETHS hotpink mustangs-RVHS usarmy7 chargers-McCHS ideas mustangs-SMSU usarmy8 chargers-NHS lavander mustangs-SMU usarmy9 chargers-PCHS lightblue mustangs-stjbb Possibly this was not the correct way to handle color themes? When we tried to update this server yesterday we saw several thousand dpkg errors like this, one for every directory & file in our themes directory: dpkg-maintscript-helper: error: file '/usr/share/horde/themes/usarmy10' not owned by package 'php-horde' And finally after all the individual file and directory errors... dpkg-maintscript-helper: error: directory '/usr/share/horde/themes' contains files not owned by package php-horde, cannot switch to symlink dpkg: error processing archive /var/cache/apt/archives/php-horde_5.2.23+debian0-4_all.deb (--unpack): new php-horde package pre-installation script subprocess returned error exit status 1 If our situation is unique and it is too much trouble to handle our case, we are fine with doing the appropriate file moves and adding symlinks manually, but we do not know what needs to be done. Any help in that direction would be appreciated. Thank you. Thanks for reporting this. Note that #778750 has been settled meanwhile. With just the default theme, the package upgrade flow now works. The question now is, how to handle custom themes copied to /usr/share/horde/[/]themes. My suggestion would be: * abort if custom theme folders are detected and provide a debconf notification that tells what to do (move the custom theme folders out of the way, or rather to: /etc/horde/themes-available.d// * then we need a nice script "horde-enable-theme" (and "horde-disable-theme") to get the symlinking in /etc/horde/themes-enabled.d// Please note, that and are swapped in themes-available.d and themes-enabled.d The above explanation should also show how to deal with your personal upgrade. Other than that: would you be interested in shipping your theme variations as a Debian package? Greets, Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgpQUrI99xa4s.pgp Description: Digitale PGP-Signatur
Bug#953489: fixed in php-horde-text-filter-jsmin 1.0.2-8
Hi Ivo, On Fr 10 Jul 2020 20:07:46 CEST, Ivo De Decker wrote: Control: reopen -1 On Tue, Jun 30, 2020 at 05:48:37AM +, Debian FTP Masters wrote: * d/control: Add 'XS-Autobuild: yes' flag. (Closes: #953489). Hi, Adding this isn't enough to allow auto-building. It also needs to be whitelisted as described in https://www.debian.org/doc/manuals/developers-reference/pkgs.html#non-free-buildd As long as this hasn't happened, the autobuild won't happen. So I suggest you do a binary upload in the mean time, to allow the package to migrate to testing. Note that binaries uploaded by maintainers for sources in contrib and non-free are allowed to migrate to testing. Thanks, Ivo I have asked for white-listing some days back. I have pinged Philipp Kern explicitly once more (he white-listed php-horde-javascriptminify-jsmin just the other day...). I will close this bug, once the white-listing is in place. I am not in a hurry with testing migration, as we need to fix autopkgtests first, anyway. Mike -- mike gabriel aka sunweaver (Debian Developer) mobile: +49 (1520) 1976 148 landline: +49 (4351) 486 14 27 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunwea...@debian.org, http://sunweavers.net pgp7cGiBzoW66.pgp Description: Digitale PGP-Signatur
Bug#964755: i3: Memory leak consumes all available memory
Michael Stapelberg writes: > Is this fixed with commit > https://github.com/i3/i3/commit/025743eaf9c993e57c7fdd20127078b835bcd2c0 > already (not yet released)? Or are we talking about a separate leak? I'm not sure. I wasn't aware of this commit but it sounds very promising. Let me give it some test and report back. -- Gabriel Krisman Bertazi
Bug#964755: i3: Memory leak consumes all available memory
Package: i3 Version: 4.18-1 Severity: important Dear Maintainer, I've seen my xorg grow in memory usage through the course of the day, until it consumes all RAM available and starts swapping, even when the machine is left idle. This is 100% reproducible on my system, after killing X and restarting it, it starts to eat memory again. I'm reporting this against i3 instead of xorg, because I found other Debian derivative users reporting this issue against i3, and it doesn't seem to reproduce on other X based WM. I reproduced this on a machine after a fresh install of bullseye, with the package version below. In my system, it is taking around 1 day to fill up 10GB of RAM. I'm happy to apply patches and test packages you provide to help debug this. -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 5.7.0-1-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_FIRMWARE_WORKAROUND Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), LANGUAGE=en_CA:en (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages i3 depends on: ii i3-wm 4.18-1 Versions of packages i3 recommends: ii dunst 1.4.1-1 ii i3lock 2.11.1-1 ii i3status2.13-3 ii suckless-tools 45-1 i3 suggests no packages. -- no debconf information
Bug#964447: plasma-workspace: please split out xembed-sni-proxy into separate bin:pkg
Package: src:plasma-workspace Severity: whishlist X-Debbugs-Cc: debian-m...@lists.debian.org Hi all, I just stumbled over the xembed-sni-proxy executable from src:plasma-workspace. I plan to support it in ayatana-indicator-application [1] (and thus in the mate-indicator-applet of the MATE desktop environment). For a cross-desktop use case, it would be nice to have xembed-sni-proxy available as a standalone package (that does not pull in the complete KDE package stack). Would that be a feasible thing to do for plasma-workspace in Debian? Thanks+Greets, Mike [1] https://github.com/AyatanaIndicators/ayatana-indicator-application/issues/1 -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgpRA1i3XPoDL.pgp Description: Digitale PGP-Signatur
Bug#964147: freerdp2-x11: xfreerdp fails with symbol lookup error
Control: retitle -1 enforce same version for installed freerdp2 bin:pkgs Control: severity -1 normal Hi, On Do 02 Jul 2020 22:22:34 CEST, Michael Meier wrote: On 02.07.20 10:06, Michael Meier wrote: Package: freerdp2-x11 Version: 2.1.2+dfsg1-1 Severity: grave Justification: renders package unusable I've just updated xfreerdp. The new versions can't be executed.it fails with: xfreerdp: symbol lookup error: /usr/lib/x86_64-linux-gnu/libfreerdp- client2.so.2: undefined symbol: msusb_msconfig_write The previous version i used: 2.0.0~git20190204.1.2693389a+dfsg1-2~bpo10+1 worked well. Propably some library version dependency which isn't correctly stated in the .deb package? so after some trying out I've foudn out that I've also had to update: libfreerdp-client2-2:amd64 2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u1 -> 2.1.2+dfsg1-2 then it works. The version dependency seems to be wrong somewhere... You obviously have a half-broken setup as you seem to mix buster-backports packages and packages from unstable. This may well fail for several reasons. On the other hand, it might be sensible to enforce all freerdp2 bin:pkgs to be from the same version / build. This, I think we should enforce this via debian/control. Will look into this, but with downgraded severity. Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgpH3Q81RVNTO.pgp Description: Digitale PGP-Signatur
Bug#964285: asterisk: New upstream release: 17.5.1
Source: asterisk Severity: wishlist Hello dear maintainers! First, thanks for your work for keeping this package alive in debian. I use it for work and it's greatly useful. I've just had a quick look at upstream and it would seem as though the version that's presently in bullseye is quite late with regards to the upstream latest release. The latest release is as of this writing 17.5.1. It would be fantastic to get the 17.x branch in testing before bullseye reaches its freeze cycle. Cheers, and many thanks in advance! -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.6.0-1-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_WARN Locale: LANG=en_CA.utf8, LC_CTYPE=en_CA.utf8 (charmap=UTF-8) (ignored: LC_ALL set to en_CA.utf8), LANGUAGE=en_CA.utf8 (charmap=UTF-8) (ignored: LC_ALL set to en_CA.utf8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Bug#778750: theme still broken, problem with directory structure and symlink
Hi Ivan Sergio, On Fr 03 Jul 2020 18:41:19 CEST, Ivan Sergio Borgonovo wrote: I've just read more carefully your follow up: The theming folder in /etc/ also needs to be moved a bit: /etc/horde/themes-available.d/default -> /etc/horde/themes-available.d/default/horde OK, it was on purpose... but it seems it's not working, at least here. I'm going to try to do some further tests and see if I'd missed something with the cache... but once I "fixed" it as described in previous post and refreshed the cache it started to work. I find very unlikely that both the packaged directory structure and my structure can both work, one has to be wrong. Yours was correct, mine was wrong. I have fiddled with the themes-enabled.d/ subfolder now and swapped the order compared to themes-available.d/: /etc/horde/themes-available.d// vs. /etc/horde/themes-enabled.d// I changed the /usr/share/horde/[/]themes symlink now and point it to /etc/horde/themes-enabled.d/ This should fix thing. However, it makes enabling/disabling a theme (if there were more than on) more complex. I will see to providing a script for this. Please retry. Thanks for the feedback ping-pong. MIke -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgpuTBl_2WY_M.pgp Description: Digitale PGP-Signatur
Bug#778750: theme still broken, problem with directory structure and symlink
On Fr 03 Jul 2020 18:41:19 CEST, Ivan Sergio Borgonovo wrote: I've just read more carefully your follow up: The theming folder in /etc/ also needs to be moved a bit: /etc/horde/themes-available.d/default -> /etc/horde/themes-available.d/default/horde OK, it was on purpose... but it seems it's not working, at least here. I'm going to try to do some further tests and see if I'd missed something with the cache... but once I "fixed" it as described in previous post and refreshed the cache it started to work. I find very unlikely that both the packaged directory structure and my structure can both work, one has to be wrong. I forgot to mention: the latest fixes should be in: php-horde 5.2.23+debian0-3 php-horde-imp 6.2.26-2 php-horde-gollem 3.0.13-4 I am still unsure what your dpkg problem was. Maybe it is gone now(?). Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgp96szqns3x6.pgp Description: Digitale PGP-Signatur
Bug#778750: theme still broken, problem with directory structure and symlink
Hi, thanks for testing the upgrade. Sorry that it failed again. Let's see... On Fr 03 Jul 2020 18:29:40 CEST, Ivan Sergio Borgonovo wrote: I just safe-upgraded some stuff and I came across 2 different problems: 1) dpkg: warning: unable to delete old directory '/usr/share/horde/themes/default/graphics': Directory not empty I can't hide those. Most users won't see those. They only occur when upgrading from 5.2.23+debian0-1. ... dpkg: dependency problems prevent configuration of php-horde-imp: php-horde-imp depends on php-horde (>= 5.2.23+debian0-2~); however: Version of php-horde on system is 5.2.23+debian0-1. dpkg: error processing package php-horde-imp (--configure): dependency problems - leaving unconfigured Setting up php-horde-service-weather (2.5.4-7) ... dpkg: dependency problems prevent configuration of php-horde: php-horde-service-weather (2.5.4-7) breaks php-horde (<< 5.2.23+debian0-2~) and is installed. Version of php-horde to be configured is 5.2.23+debian0-1. dpkg: error processing package php-horde (--configure): dependency problems - leaving unconfigured Setting up re2c (1.3-2) ... dpkg: dependency problems prevent configuration of php-horde-gollem: php-horde-gollem depends on php-horde (>= 5.2.23+debian0-1~); however: Package php-horde is not configured yet. php-horde-gollem depends on php-horde (<< 6.0.0~alpha1); however: Package php-horde is not configured yet. dpkg: error processing package php-horde-gollem (--configure): dependency problems - leaving unconfigured Oh well... ... Errors were encountered while processing: php-horde-imp php-horde php-horde-gollem This may be or may not be related to the fact that I made manual changes to /etc/horde/ and /usr/share/themes to make them work as I thought was expected. I am not sure, yet. I'll need to investigate deeper. 2) root@caronte:~# ls /etc/horde/themes-available.d/ default but root@caronte:~# ls /usr/share/horde/themes block embed.css facebook.css feed-rss.xsl graphics ie8.css info.php mozilla.css opera.css rtl.css screen.css smartmobile sounds webkit.css wouldn't it had to be all this inside /usr/share/horde/themes/default? Oh yes. You are right! Damn! furthermore it seems that the content of /etc/horde/themes-available.d/default/horde should actually be inside /etc/horde/themes-available.d/default/ No. All other Horde applications have their own /themes/ dir. So this was on purpose. I think I've manually fixed it... [...] Sorry for the hassle once more! It would be nice if there was a way to refresh the cache without tweaking the conf.php file. Yeah. Maybe I can provide a script for that. Will see... Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgp21feW7pxoA.pgp Description: Digitale PGP-Signatur
Bug#778750: horde un-themed after upgrade
Hi Ivan Sergio, On Do 02 Jul 2020 15:21:31 CEST, Mike Gabriel wrote: Hi Ivan Sergio, On Do 02 Jul 2020 12:18:15 CEST, Ivan Sergio Borgonovo wrote: Unfortunately something went wrong with this update or something should be added in the changelog. As soon as I updated php-horde, horde rendered un-themed. Everything in /etc/horde/themes-* seems fine. Horde cache in /tmp has been cleared but horde remains un-themed and version displayed is still 5.2.22 apache and php-fpm have been restarted. Horde Administration > Configuration have been updated. thanks in advance for your help Urgh... I am sorry for this. Please note that I am currently in the process of getting Horde fully into shape for Debian 11 and things are not as ready as they seem. The theme moval to /etc/ was not thought through until the very end, I fear... I have now fixed php-horde and it should cleanly upgrade from any previous php-horde version, even the previous broken one. The theming folder in /etc/ also needs to be moved a bit: /etc/horde/themes-available.d/default -> /etc/horde/themes-available.d/default/horde The package should handle that fairly ok. I just identified several other packages that also need this move: php-horde-ansel -> not yet in unstable again (license issue) php-horde-gollem php-horde-imp -> these two have been adapted to the new theme location, too. Let me know, if the upgrade for those two work ok for you. php-horde-ingo php-horde-kronolith php-horde-mnemo php-horde-nag php-horde-passwd php-horde-service-weather php-horde-sesha php-horde-trean php-horde-turba php-horde-whups php-horde-wicked These are on my list for tomorrow night. If you feel like helping, maybe you can file individual RC bugs against all the src:php-horde-* pkgs named above (except ansel, it has not yet been uploaded again), so we have a means for tracking this flaw. Please don't do any bug reports any more. I have the issue on my list. Sorry for causing you pain with this. Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgpCjN8pnOv1S.pgp Description: Digitale PGP-Signatur
Bug#778750: horde un-themed after upgrade
Hi Ivan Sergio, On Do 02 Jul 2020 12:18:15 CEST, Ivan Sergio Borgonovo wrote: Unfortunately something went wrong with this update or something should be added in the changelog. As soon as I updated php-horde, horde rendered un-themed. Everything in /etc/horde/themes-* seems fine. Horde cache in /tmp has been cleared but horde remains un-themed and version displayed is still 5.2.22 apache and php-fpm have been restarted. Horde Administration > Configuration have been updated. thanks in advance for your help Urgh... I am sorry for this. Please note that I am currently in the process of getting Horde fully into shape for Debian 11 and things are not as ready as they seem. The theme moval to /etc/ was not thought through until the very end, I fear... I just identified several other packages that also need this move: php-horde-ansel php-horde-gollem php-horde-imp php-horde-ingo php-horde-kronolith php-horde-mnemo php-horde-nag php-horde-passwd php-horde-service-weather php-horde-sesha php-horde-trean php-horde-turba php-horde-whups php-horde-wicked I will prepare uploads/fixes within the couple of days. If you feel like helping, maybe you can file individual RC bugs against all the src:php-horde-* pkgs named above (except ansel, it has not yet been uploaded again), so we have a means for tracking this flaw. Thanks for noticing and getting in touch so quickly. Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgpD8aNwQbV4c.pgp Description: Digitale PGP-Signatur
Bug#951537: Resolved in 2.1.5-1 for unstable
Control: close -1 Control: fixed -1 2.1.5-1 This issue has now been also resolved in Debian unstable via upload of php-horde-2.1.5-1. Unfortunately, closing this bug via d/changelog has been left out. Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgp3YcaOdqpW2.pgp Description: Digitale PGP-Signatur
Bug#949055: autofs: FTBFS with libxml2 2.9.10 (uses xml2-config)
On Mo 29 Jun 2020 15:25:26 CEST, Hugh McMaster wrote: Hallo Andreas, Did you ever have time to follow up with upstream about your patch? I saw they had some feedback that needs to be addressed before the patch can be merged. It looks very straightforward to fix. If will not have time, I am happy to take care of this and resubmit the final patch under your name. Hugh Wow. That'd be awesome helping out on this, Hugh. Thanks. Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgp44kTBpUjaq.pgp Description: Digitale PGP-Signatur
Bug#881719: libcdio 2.1.0 and lubcdio++
Hi, Vasyl, On Mon, 29 Jun 2020, Vasyl Gello wrote: > The MR I amended after Gabriel's review is stuck since June 2nd. Yes, my bad. > Gabriel, can you please revise the MR and upload the fixed package to the > queue? Will do (I'll try to do it today)! Thanks for the heads-up. :)
Bug#693782: auto.master.d documentation
On So 28 Jun 2020 19:18:48 CEST, Sam Morris wrote: On Tue, Nov 20, 2012 at 11:17:09AM +0100, Stefan Skoglund wrote: The documentation for how to use the 'auto.master.d' feature is really non-existing. What exists is a sketch from the designer for what it is (or how it should be.) /etc/auto.master now has comments that describe how to use the feature: # Include /etc/auto.master.d/*.autofs # To add an extra map using this mechanism you will need to add # two configuration items - one /etc/auto.master.d/extra.autofs file # (using the same line format as the auto.master file) # and a separate mount map (e.g. /etc/auto.extra or an auto.extra NIS map) # that is referred to by the extra.autofs file. # +dir:/etc/auto.master.d For instance, I have the following: $ cat /etc/auto.master.d/work.autofs /workfile:/etc/auto.workbrowse $ cat /etc/auto.work server1-share1-fstype=cifs,sec=krb5i,cruid=$CRUID,multiuser ://server1.example.com/share1 server2-share1-fstype=cifs,sec=krb5i,cruid=$CRUID,multiuser ://server2.example.com/share1 In addition, auto.master(5) describes the + inclusion feature: Additionally, a map may be included from its source as if it were itself present in the master map by including a line of the form: +[maptype[,format]:map options] and automount(8) will process the map according to the specification described below for map entries. ... the format of a master map entry: mount-point [map-type[,format]:]map [options] ... and describes the 'dir' map-type: This map type can be used at + master map including notation. The contents of files under given directory are included to the master map. The name of file to be included must be ended with ".autofs". A file will be ignored if its name is not ended with the suffix. In addition a dot file, a file which name is started with "." is also ignored. Thanks! Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgpAituwRnY5K.pgp Description: Digitale PGP-Signatur
Bug#963033: linux-image-arm64: kexec loses EFI system tables with Debian kernels
Hi,
This is introduced by a Debian specific patch
features/all/lockdown/arm64-add-kernel-config-option-to-lock-down-when.patch
The following patch fixes it.
>8
From: Gabriel Krisman Bertazi
Subject: [PATCH] arm64: Don't disable EFI boot mode on linux,uefi-secure-boot
table absence
The Debian specific out-of-tree kernel patch titled ("arm64: add kernel
config option to lock down when in Secure Boot mode") introduces a
regression for EFI-booted systems that don't have a
"linux,uefi-secure-boot" FDT entry.
In these systems, when the table is not found, it causes the FDT
function to error out and not return other UEFI tables, in particular
the System Table, which makes the kernel think it is not running on EFI
mode.
Instead, let the EFI mode boot continue with the correct System Table,
and consider the efi secureboot mode as unknown.
This regression was found at least as early as the debian port to 5.4.19,
but it still affects the most recent 5.7.6 debian kernel.
Signed-off-by: Gabriel Krisman Bertazi
---
drivers/firmware/efi/arm-init.c | 2 +-
drivers/firmware/efi/fdtparams.c | 18 +++---
2 files changed, 12 insertions(+), 8 deletions(-)
diff --git a/drivers/firmware/efi/arm-init.c b/drivers/firmware/efi/arm-init.c
index 78fcfbe3ddb9..fcb60320e77a 100644
--- a/drivers/firmware/efi/arm-init.c
+++ b/drivers/firmware/efi/arm-init.c
@@ -206,7 +206,7 @@ void __init efi_init(void)
{
struct efi_memory_map_data data;
u64 efi_system_table;
- u32 secure_boot;
+ u32 secure_boot = efi_secureboot_mode_unknown;
/* Grab UEFI information placed in FDT by stub */
efi_system_table = efi_get_fdt_params(, _boot);
diff --git a/drivers/firmware/efi/fdtparams.c b/drivers/firmware/efi/fdtparams.c
index 152ca7cfccc9..78c36e582408 100644
--- a/drivers/firmware/efi/fdtparams.c
+++ b/drivers/firmware/efi/fdtparams.c
@@ -96,13 +96,15 @@ u64 __init efi_get_fdt_params(struct efi_memory_map_data
*mm, u32 *secure_boot)
struct {
void*var;
int size;
+ int required;
+
} target[] = {
- [SYSTAB] = { , sizeof(systab) },
- [MMBASE] = { >phys_map, sizeof(mm->phys_map) },
- [MMSIZE] = { >size, sizeof(mm->size) },
- [DCSIZE] = { >desc_size,sizeof(mm->desc_size) },
- [DCVERS] = { >desc_version, sizeof(mm->desc_version) },
- [SBMODE] = { secure_boot, sizeof(*secure_boot) },
+ [SYSTAB] = {,sizeof(systab), 1},
+ [MMBASE] = {>phys_map, sizeof(mm->phys_map), 1},
+ [MMSIZE] = {>size, sizeof(mm->size), 1},
+ [DCSIZE] = {>desc_size, sizeof(mm->desc_size), 1},
+ [DCVERS] = {>desc_version, sizeof(mm->desc_version), 1},
+ [SBMODE] = {secure_boot,sizeof(*secure_boot), 0 },
};
BUILD_BUG_ON(ARRAY_SIZE(target) != ARRAY_SIZE(name));
@@ -125,8 +127,10 @@ u64 __init efi_get_fdt_params(struct efi_memory_map_data
*mm, u32 *secure_boot)
continue;
if (!j)
goto notfound;
+
pr_err("Can't find property '%s' in DT!\n", pname);
- return 0;
+ if (target[j].required)
+ return 0;
}
return systab;
}
--
2.27.0
Bug#963724: charybdis: The init script's "reload" action does not perform the intended reload
Package: charybdis Version: 4.1.1-1+b1 Severity: normal Hello, I've found out that the init script, as it is currently shipped by this package does not properly perform its "reload" action. This means that when one changes the configuration, or rotates the TLS certificates, the service does not get to see the new configurations or certificates. I've found out that this was caused by the fact that start-stop-daemon refused to act when requested to find a process by only using a PIDFILE which is not owned by root, which is what the "reload" action is currently doing. Adding "--user $NAME" to the action makes start-stop-daemon more confident and permits the reload action to actually happen. See the patch sent to salsa: https://salsa.debian.org/debian/charybdis/-/merge_requests/1 -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.6.0-1-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_WARN Locale: LANG=en_CA.utf8, LC_CTYPE=en_CA.utf8 (charmap=UTF-8) (ignored: LC_ALL set to en_CA.utf8), LANGUAGE=en_CA.utf8 (charmap=UTF-8) (ignored: LC_ALL set to en_CA.utf8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages charybdis depends on: ii adduser 3.118 ii init-system-helpers 1.57 ii libc62.30-8 ii libltdl7 2.4.6-14 ii libmbedcrypto3 2.16.5-1 ii libmbedtls12 2.16.5-1 ii libmbedx509-02.16.5-1 ii libsqlite3-0 3.32.3-1 ii lsb-base 11.1.0 ii zlib1g 1:1.2.11.dfsg-2 charybdis recommends no packages. charybdis suggests no packages.
Bug#949196: libzypp: diff for NMU version 17.7.0-1.1
Hi, Am Montag, 22. Juni 2020 schrieb Giovanni Mascellani: > Hi, > > Il 20/06/20 19:01, Mike Gabriel ha scritto: > > Thanks for patching libzypp. Your NMU is ok, I will include your > > .debdiff on its VCS. In fact, I am considering orphaning libzypp and > > zypper in Debian. Do you have interest in taking over? > > Ugh, I just realized I stupidly embedded the amd64 architecture in my > patch, leading to obvious FTBFS on the other archs. It is ok for you if > I directly NMU libzypp replacing x86_64-linux-gnu with > $(DEB_HOST_MULTIARCH)? yes, please. Mike -- Gesendet von meinem Fairphone (powered by SailfishOS)
Bug#963243: linux-image-5.6.0-2-amd64: percpu ref mismatch after switching to atomic
Package: src:linux Version: 5.6.14-1 Severity: normal Dear Maintainer, I found this kernel call trace in dmesg after an upgrade. I believe it might be important to someone because it happened during a interruption handling or something. Feel free to close otherwise. The computer seems to work just fine. Thanks -- Package-specific info: ** Version: Linux version 5.6.0-2-amd64 (debian-ker...@lists.debian.org) (gcc version 9.3.0 (Debian 9.3.0-13)) #1 SMP Debian 5.6.14-1 (2020-05-23) ** Command line: BOOT_IMAGE=/vmlinuz-5.6.0-2-amd64 root=/dev/mapper/iron-system ro net.ifnames=1 biosdevname=0 cgroup_enable=memory cgroup_enable=cpuset swapaccount=1 scsi_mod.use_blk_mq=y dm_mod.use_blk_mq=y quiet ** Tainted: W (512) * kernel issued warning ** Kernel log: [1924692.842450] systemd[1]: systemd 245.6-1 running in system mode. (+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN2 -IDN +PCRE2 default-hierarchy=hybrid) [1924692.862637] systemd[1]: Detected architecture x86-64. [1924692.908327] systemd[1]: /lib/systemd/system/squid.service:15: PIDFile= references a path below legacy directory /var/run/, updating /var/run/squid.pid \xe2\x86\x92 /run/squid.pid; please update the unit file accordingly. [1924692.916731] systemd[1]: /lib/systemd/system/krb5-kdc.service:7: PIDFile= references a path below legacy directory /var/run/, updating /var/run/krb5-kdc.pid \xe2\x86\x92 /run/krb5-kdc.pid; please update the unit file accordingly. [1924692.921101] systemd[1]: /lib/systemd/system/docker.socket:6: ListenStream= references a path below legacy directory /var/run/, updating /var/run/docker.sock \xe2\x86\x92 /run/docker.sock; please update the unit file accordingly. [1924692.12] audit: type=1305 audit(1592733750.168:114388): op=set audit_pid=0 old=3072020 auid=4294967295 ses=4294967295 subj==unconfined res=1 [1924693.57] audit: type=1400 audit(1592733750.168:114389): apparmor="DENIED" operation="open" profile="/usr/sbin/apt-cacher-ng" name="/etc/ssl/openssl.cnf" pid=216596 comm="apt-cacher-ng" requested_mask="r" denied_mask="r" fsuid=126 ouid=0 [1924693.000942] audit: type=1131 audit(1592733750.168:114390): pid=1 uid=0 auid=4294967295 ses=4294967295 subj==unconfined msg='unit=auditd comm="systemd" exe="/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [1924693.004514] audit: type=1131 audit(1592733750.172:114391): pid=1 uid=0 auid=4294967295 ses=4294967295 subj==unconfined msg='unit=rpc-svcgssd comm="systemd" exe="/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [1924693.004981] audit: type=1131 audit(1592733750.172:114392): pid=1 uid=0 auid=4294967295 ses=4294967295 subj==unconfined msg='unit=rpcbind comm="systemd" exe="/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [1924693.005418] audit: type=1131 audit(1592733750.172:114393): pid=1 uid=0 auid=4294967295 ses=4294967295 subj==unconfined msg='unit=dnsmasq comm="systemd" exe="/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [1924693.007233] audit: type=1305 audit(1592733750.176:114394): op=set audit_enabled=1 old=1 auid=4294967295 ses=4294967295 subj==unconfined res=1 [1924693.007236] audit: type=1305 audit(1592733750.176:114395): op=set audit_pid=216608 old=0 auid=4294967295 ses=4294967295 subj==unconfined res=1 [1924693.034441] [ cut here ] [1924693.034447] percpu ref (cgroup_bpf_release_fn) <= 0 (-6) after switching to atomic [1924693.034458] WARNING: CPU: 1 PID: 1 at lib/percpu-refcount.c:160 percpu_ref_switch_to_atomic_rcu+0x119/0x120 [1924693.034459] Modules linked in: veth xfrm_user xfrm_algo overlay fuse ufs qnx4 hfsplus hfs minix vfat msdos fat jfs xfs nf_conntrack_netlink xt_CHECKSUM tun rfkill cpufreq_userspace cpufreq_powersave cpufreq_conservative nfnetlink_log act_police sch_ingress cls_u32 sch_sfq sch_cbq nft_chain_nat xt_MASQUERADE nf_nat nft_counter xt_state xt_conntrack nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 xt_multiport ipt_REJECT nf_reject_ipv4 xt_tcpudp nft_compat nf_tables ip_set_hash_net ip_set nfnetlink binfmt_misc amdgpu snd_hda_codec_realtek snd_hda_codec_generic gpu_sched ledtrig_audio snd_hda_codec_hdmi ttm edac_mce_amd snd_hda_intel snd_intel_dspcfg drm_kms_helper snd_hda_codec kvm_amd snd_hda_core cec snd_hwdep kvm i2c_algo_bit sp5100_tco snd_pcm snd_timer ccp snd nct6775 joydev irqbypass evdev mfd_core wmi_bmof pcspkr watchdog k10temp soundcore rng_core sg button loop hwmon_vid acpi_cpufreq br_netfilter bridge stp llc parport_pc ppdev auth_rpcgss lp drm parport sunrpc ip_tables x_tables autofs4 [1924693.034494] ext4 crc16 mbcache jbd2 btrfs blake2b_generic zstd_decompress zstd_compress dm_crypt dm_mod raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c crc32c_generic raid1 raid0 multipath linear md_mod sd_mod hid_generic usbhid hid crc32_pclmul crc32c_intel
Bug#949196: libzypp: diff for NMU version 17.7.0-1.1
Hi, Am Samstag, 20. Juni 2020 schrieb Giovanni Mascellani: > Control: tags 949196 + patch > Control: tags 949196 + pending > > Dear maintainer, > > I've prepared an NMU for libzypp (versioned as 17.7.0-1.1) and > uploaded it to DELAYED/02. Please feel free to tell me if I > should delay it longer. > > Regards. Thanks for patching libzypp. Your NMU is ok, I will include your .debdiff on its VCS. In fact, I am considering orphaning libzypp and zypper in Debian. Do you have interest in taking over? Greets, Mike -- Gesendet von meinem Fairphone (powered by SailfishOS)
Bug#586413: ITA: tightvnc -- virtual network computing server software
Hi Sven, On Mi 17 Jun 2020 20:34:39 CEST, Sven Geuer wrote: Owner: debma...@g-e-u-e-r.de Hi Ola, thank you for your consent. I take ownership of this bug now. It will be closed with the upcoming upload of tightvnc. Thanks for having maintained tightvnc for all these years. If there's anything in contrast to what you intended, please let me know. We'll get it sorted out. Sven I have created a tightvnc repo for you. https://salsa.debian.org/debian-remote-team/tightvnc/ As I see it, the package has never been maintained in Git. It would be cool to have its complete history (Debian package imports via gbp import-dsc) added to that new Git repo. Sven, do you know you to do such an import (including all recent Debian release branches)? If not, I am happy to help you with that. @Ola: or do you have some packaging Git around locally that you used in the past? Mike -- mike gabriel aka sunweaver (Debian Developer) mobile: +49 (1520) 1976 148 landline: +49 (4351) 486 14 27 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunwea...@debian.org, http://sunweavers.net pgpxbdqsYuQ_7.pgp Description: Digitale PGP-Signatur
Bug#586413: RFA: a lot of packages
Hi Sven, On Di 16 Jun 2020 23:07:27 CEST, Sven Geuer wrote: Hi Mike, Hi Ola, I would be interested in maintaining tightvnc as a new member of the Debian Remote Maintainers Team. I already started some work on it in a private repository on salsa [1]. 'FTBFS with gcc-10' is already fixed. Being a DM, I currently maintain two packages under the umbrella of the Debian Security Tools Packaging Team, and had contributed to other packages of this team [2]. @Mike: May I ask you to accept me as team member to debian-remote? @Ola: Would you want to stay listed as uploader with moving tightvnc to the team? Please let me know, if you accept my application. Best, Sven [1] https://salsa.debian.org/sven-geuer-guest/tightvnc [2] https://qa.debian.org/developer.php?email=debmaint%40g-e-u-e-r.de Awesome! Regarding your Debian Remote Team applications: Welcome in! I'll wait for Ola's response, then I'll give you permissions on the tightvnc.git repo. Mike -- mike gabriel aka sunweaver (Debian Developer) mobile: +49 (1520) 1976 148 landline: +49 (4351) 486 14 27 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunwea...@debian.org, http://sunweavers.net pgpkeY5bw_WS5.pgp Description: Digitale PGP-Signatur
Bug#962692: puppet: Crashes due to "missing" facts.d directories
Hi, >> A quick workaround to get facter to run is to create the three >> directories: > >> /etc/facter/facts.d >> /etc/puppetlabs/facter/facts.d >> /opt/puppetlabs/facter/facts.d > > Yup, confirmed that works. Thank you! thanks for the workaround. while it seems to work when running facter as root, I'm still getting the same crash (back trace seems to be the same) when running facter as an unprivileged user even though the three directories are world-readable. I'm reporting this added detail since using puppet/facter as an unprivileged user can be important for validating syntax, running spec tests, etc. during development. $ ls -ld /etc/facter/facts.d/ /etc/puppetlabs/facter/facts.d /opt/puppetlabs/facter/facts.d drwxr-xr-x 2 root root 4096 Jun 15 17:10 /etc/facter/facts.d/ drwxr-xr-x 2 root root 4096 Jun 15 17:10 /etc/puppetlabs/facter/facts.d drwxr-xr-x 2 root root 4096 Jun 15 17:10 /opt/puppetlabs/facter/facts.d $ facter free(): invalid size Aborted $ gdb facter [...] Reading symbols from facter... (No debugging symbols found in facter) (gdb) r Starting program: /usr/bin/facter [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". [Detaching after vfork from child process 1565235] free(): invalid pointer Program received signal SIGABRT, Aborted. __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50 50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory. (gdb) bt #0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50 #1 0x779bf55b in __GI_abort () at abort.c:79 #2 0x77a18038 in __libc_message (action=action@entry=do_abort, fmt=fmt@entry=0x77b24f3e "%s\n") at ../sysdeps/posix/libc_fatal.c:181 #3 0x77a1f3da in malloc_printerr (str=str@entry=0x77b230e0 "free(): invalid pointer") at malloc.c:5339 #4 0x77a20dcc in _int_free (av=, p=, have_lock=0) at malloc.c:4173 #5 0x77e775d4 in ?? () from /usr/lib/x86_64-linux-gnu/libfacter.so.3.11.0 #6 0x77e77bd8 in facter::facts::collection::add_external_facts(std::vector, std::allocator >, std::allocator, std::allocator > > > const&) () from /usr/lib/x86_64-linux-gnu/libfacter.so.3.11.0 #7 0x5557154c in main () signature.asc Description: OpenPGP digital signature
Bug#962813: does not build with ghc 8.8
Hi, On So 14 Jun 2020 16:41:31 CEST, Picca Frédéric-Emmanuel wrote: Source: haskell-tree-monad Severity: critical Hello, this package does not build with the up-comming ghc 8.8 version. It is not part of stackage LTS, and it was not updated by upstream since 2009. It means that there is few chance to see the upstream fix this issue. so it is considere to remove it from Debian. Someone can salvage it by providing a patch (prefereably to the upstream first). Cheers I have pinged upstream (off-list, off-bts) on this issue and will provide feedback once I hear from them. Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgpBxjskrIlfd.pgp Description: Digitale PGP-Signatur
Bug#962592: autocomplete with tar command doesn't work (Debian 10.4)
On Fri, 12 Jun 2020, Sławomir Stańczak wrote: > > W dniu 11.06.2020 o 21:41, Gabriel F. T. Gomes pisze: > > If I understand correctly, you would like for 'tar -cf ' to > > complete with tar files already present in the file system. > > Yes. This prevents overwriting of an existing archive. I am a little puzzled. Have you changed your mind and now you think that *not* completing is the right thing to do? > Thank you very much for your help and links. Ah, I forgot to mention that you can always use Alt+/ to complete with every file in the path, which will suggest *any* file, not just those ending in '.tar*'. Anyhow, I thought that that might help you a little before we can get this fixed (if we ever make it into upstream bash-completion). Cheers, Gabriel
Bug#962592: autocomplete with tar command doesn't work (Debian 10.4)
On 10 Jun 2020, Sławomir Stańczak wrote:
>
>$ tar -cf 000/ not working
If I understand correctly, you would like for 'tar -cf ' to
complete with tar files already present in the file system. Although I
believe that this would be a reasonable thing to do, upstream
bash-completion seems to believe that there's no point in doing so, as
can be seem in the current code [1]:
# Generate completions for -f/--file.
__tar_file_option()
{
local ext="$1"
case "$tar_mode" in
c)
# no need to advise user to re-write existing tarball
_filedir -d
;;
*)
_filedir "$ext"
;;
esac
}
On the other hand, Ville Skyttä, the current upstream maintainer,
suggested, in the past [2], that the behavior you expect could be a
good thing.
I'll try to come up with an upstream patch.
Cheers,
Gabriel
PS: This bug is similar to https://bugs.debian.org/619548, which I
closed on the assumption that upstream wouldn't want this change. Now I
believe I shouldn't have closed it at all, so I'll use this new bug to
track this. Thanks for the report.
[1]
https://github.com/scop/bash-completion/blob/master/completions/tar#L215-L229
[2] https://bugs.debian.org/618734#68
Bug#961600: cyrus-common: The bug remains with version 3.2.1-3
Package: cyrus-common Version: 3.2.1-3~bpo10+1 Followup-For: Bug #961600 The bug is still present with version 3.2.1-3 How can I disable http2 support? Thanks
Bug#962301: ITP: lomiri-ui-toolkit -- Qt Components for Lomiri Operating Environment
Package: wnpp Severity: wishlist Owner: Mike Gabriel * Package name: lomiri-ui-toolkit Version : 0.1.0 Upstream Author : Marius Gripsgard * URL : https://gitlab.com/ubports/core/lomiri-ui-toolkit/ * License : LGPL-3.0 (et al.) Programming Lang: C++ Description : Qt Components for Lomiri Operating Environment Qt Components for Lomiri offers a set of reusable user interface components for Qt Quick 2 / QML. . This is the essential UI toolkit for the Lomiri Operating Environment enhancing Qt5 to its needs. . This package will be maintained by the Debian UBports Packaging Team.
Bug#881719: libcdio 2.1.0 and lubcdio++
On Tue, 02 Jun 2020, Bálint Réczey wrote: > > Done. I've omitted the last commit because I suggest using -1~exp0 > Debian version for the upload to experimental. IMO looks nicer when > the upload to unstable has -1. Thanks for the review. I'll fix this, then upload again to mentors.
Bug#961978: buster-pu: package freerdp2/2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u2
Hi Adam, On Mo 01 Jun 2020 13:29:23 CEST, Adam D. Barratt wrote: On Mon, 2020-06-01 at 13:20 +0200, Mike Gabriel wrote: I just uploaded this update of freerdp2 to Debian buster. Thanks to Bernhard Miklautz, we have several security patches available: + [ Bernhard Miklautz ] + * debian/patches - security releated backports from upstream +* Add 0003-Fixed-6007-Boundary-checks-in- rdp_read_flow_control.patch +* Add 0004-Fixed-6009-Bounds-checks-in- autodetect_recv_bandwidt.patch Not every bug necessarily has to be fixed in stable... For clarity, all of these are resolved in unstable already? Regards, Adam another option other than a little cherry-picking hell could be bumping buster's version to 2.1.1+dfsg-1, too. Similar to what people did in Ubuntu... https://usn.ubuntu.com/4379-1/ Mike -- mike gabriel aka sunweaver (Debian Developer) mobile: +49 (1520) 1976 148 landline: +49 (4351) 486 14 27 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunwea...@debian.org, http://sunweavers.net pgpu2cFY83SXt.pgp Description: Digitale PGP-Signatur
Bug#881719: libcdio 2.1.0 and lubcdio++
On 01 Jun 2020, Bálint Réczey wrote: > >I've checked the package and it refers to >https://salsa.debian.org/debian/libcdio as the packaging repo while it >is not present. >I fyou agree let me clone your packaging repo there, then I can review >the changes. Oh, please. And thank you. :) >I can't upload in the next few days (weeks?) because my keys are >expired and I'm waiting for the next keyring push to get them >refreshed. No problem. Cheers, Gabriel
Bug#961978: buster-pu: package freerdp2/2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u2
Hi Adam, On Mo 01 Jun 2020 13:29:23 CEST, Adam D. Barratt wrote: On Mon, 2020-06-01 at 13:20 +0200, Mike Gabriel wrote: I just uploaded this update of freerdp2 to Debian buster. Thanks to Bernhard Miklautz, we have several security patches available: + [ Bernhard Miklautz ] + * debian/patches - security releated backports from upstream +* Add 0003-Fixed-6007-Boundary-checks-in- rdp_read_flow_control.patch +* Add 0004-Fixed-6009-Bounds-checks-in- autodetect_recv_bandwidt.patch Not every bug necessarily has to be fixed in stable... Well, this is only a small selection of fixes from what has been fixed for recent 2.1.1. The urgent once. During Corona lock down, several Linux security experts files PRs and bug reports against FreeRDP. For clarity, all of these are resolved in unstable already? Yes, all bugs are resolved in upstream release 2.1.1 (which has just been uploaded to unstable a couple of days ago). Mike -- mike gabriel aka sunweaver (Debian Developer) mobile: +49 (1520) 1976 148 landline: +49 (4351) 486 14 27 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunwea...@debian.org, http://sunweavers.net pgp96y2WWL1v5.pgp Description: Digitale PGP-Signatur
Bug#961978: buster-pu: package freerdp2/2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u2
Package: release.debian.org Severity: normal Tags: buster User: release.debian@packages.debian.org Usertags: pu Dear release team, I just uploaded this update of freerdp2 to Debian buster. Thanks to Bernhard Miklautz, we have several security patches available: + [ Bernhard Miklautz ] + * debian/patches - security releated backports from upstream +* Add 0003-Fixed-6007-Boundary-checks-in-rdp_read_flow_control.patch +* Add 0004-Fixed-6009-Bounds-checks-in-autodetect_recv_bandwidt.patch +* Add 0005-Fixed-6006-bounds-checks-in-update_read_synchronize.patch +* Add 0006-Fixed-6005-Bounds-checks-in-update_read_bitmap_data.patch +* Add 0007-Fixed-6011-Bounds-check-in-rdp_read_font_capability.patch +* Add 0008-Fixed-6013-Check-new-length-is-0.patch +* Add 0009-Fix-6010-Check-length-in-read_icon_info.patch +* Add 0010-Use-substreams-to-parse-gcc_read_server_data_blocks.patch +* Add 0011-Fixed-Stream_-macros-bracing-arguments.patch +* Add 0012-Use-safe-seek-for-capability-parsing.patch +* Add 0013-Fixed-CVE-2020-11525-Out-of-bounds-read-in-bitmap_ca.patch + (CVE-2020-11525). +* Add 0014-Fixed-6012-CVE-2020-11526-Out-of-bounds-read-in-upda.patch + (CVE-2020-11526). +* Add 0015-Fix-CVE-2020-11523-clamp-invalid-rectangles-to-size-.patch + (CVE-2020-11523). +* Add 0016-Fix-CVE-2020-11524-out-of-bounds-access-in-interleav.patch + (CVE-2020-11524). +* Add 0017-Fixed-CVE-2020-11522-Limit-number-of-DELTA_RECT-to-4.patch + (CVE-2020-11522). +* Add 0018-Fixed-CVE-2020-11521-Out-of-bounds-write-in-planar-c.patch + (CVE-2020-11521). +* Add 0019-Fixed-possible-NULL-access.patch +* Add 0020-Check-for-int-overflow-in-gdi_InvalidateRegion.patch -> This patchwork will be the first round of CVE closures (all no-dsa, as discussed with Salvatore from the security team). Whenever Bernhard finds time, he will provide more patches and a +deb10u3 is probably already in sight. + [ Mike Gabriel ] + * debian/patches: ++ Add 0002_fix-channels-smartcard-fix-statusw-call.patch. Fix smartcard + login failures. (Closes: #919281). -> a functionality fix for people using smartcard readers with FreeRDP. Thanks+Greets, Mike -- System Information: Debian Release: 10.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.19.0-8-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled diff -Nru freerdp2-2.0.0~git20190204.1.2693389a+dfsg1/debian/changelog freerdp2-2.0.0~git20190204.1.2693389a+dfsg1/debian/changelog --- freerdp2-2.0.0~git20190204.1.2693389a+dfsg1/debian/changelog 2019-12-16 11:36:02.0 +0100 +++ freerdp2-2.0.0~git20190204.1.2693389a+dfsg1/debian/changelog 2020-06-01 13:08:46.0 +0200 @@ -1,3 +1,39 @@ +freerdp2 (2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u2) buster; urgency=medium + + [ Bernhard Miklautz ] + * debian/patches - security releated backports from upstream +* Add 0003-Fixed-6007-Boundary-checks-in-rdp_read_flow_control.patch +* Add 0004-Fixed-6009-Bounds-checks-in-autodetect_recv_bandwidt.patch +* Add 0005-Fixed-6006-bounds-checks-in-update_read_synchronize.patch +* Add 0006-Fixed-6005-Bounds-checks-in-update_read_bitmap_data.patch +* Add 0007-Fixed-6011-Bounds-check-in-rdp_read_font_capability.patch +* Add 0008-Fixed-6013-Check-new-length-is-0.patch +* Add 0009-Fix-6010-Check-length-in-read_icon_info.patch +* Add 0010-Use-substreams-to-parse-gcc_read_server_data_blocks.patch +* Add 0011-Fixed-Stream_-macros-bracing-arguments.patch +* Add 0012-Use-safe-seek-for-capability-parsing.patch +* Add 0013-Fixed-CVE-2020-11525-Out-of-bounds-read-in-bitmap_ca.patch + (CVE-2020-11525). +* Add 0014-Fixed-6012-CVE-2020-11526-Out-of-bounds-read-in-upda.patch + (CVE-2020-11526). +* Add 0015-Fix-CVE-2020-11523-clamp-invalid-rectangles-to-size-.patch + (CVE-2020-11523). +* Add 0016-Fix-CVE-2020-11524-out-of-bounds-access-in-interleav.patch + (CVE-2020-11524). +* Add 0017-Fixed-CVE-2020-11522-Limit-number-of-DELTA_RECT-to-4.patch + (CVE-2020-11522). +* Add 0018-Fixed-CVE-2020-11521-Out-of-bounds-write-in-planar-c.patch + (CVE-2020-11521). +* Add 0019-Fixed-possible-NULL-access.patch +* Add 0020-Check-for-int-overflow-in-gdi_InvalidateRegion.patch + + [ Mike Gabriel ] + * debian/patches: ++ Add 0002_fix-channels-smartcard-fix-statusw-call.patch. Fix smartcard + login failures. (Closes: #919281). + + -- Mike Gabriel Mon, 01 Jun 2020 13:08:46 +0200 + freerdp2 (2.0.0~git20190204.1.2693389a+dfsg1-1+d
Bug#881719: libcdio 2.1.0 and lubcdio++
On 31 May 2020, Gabriel F. T. Gomes wrote: > >we will need a sponsor. The package is now on mentors: https://mentors.debian.net/package/libcdio Balint, could you review it and, if everything is fine, sponsor it? (I'm asking because Vasyl mentioned you are guiding the packaging of Kodi, if I got it right) Cheers, Gabriel
Bug#881719: libcdio 2.1.0 and lubcdio++
Hi, Vasyl, On 24 May 2020, Vasyl Gello wrote: > >Yes experimental is OK for me, even though I uploaded libshairplay & >libudfread to unstable queue. Balint asked me initially to target Kodi 19.0 to >experimental so I will probably re-upload both libraries to experimental to >keep everything consistent. Awesome. I accepted your merge request and I prepared the package for experimental. It will take a while to get there though, because I'm not a DD yet (my process is still ongoing), so we will need a sponsor. Also, since it adds new binary packages, it will also have to go through the new queue. Cheers, Gabriel
Bug#961944: buster-pu: package php-horde/5.2.20+debian0-1+deb10u2
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
Dear release team,
I have just uploaded this php-horde update to buster, fixing a no-dsa CVE:
+ * CVE-2020-8035: Don't allow to view images inline if opened directly.
+ * debian/patches/0001-Fix-rewrite-base.patch: Trivial rebase.
Greets,
Mike
-- System Information:
Debian Release: 10.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500,
'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-8-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru php-horde-5.2.20+debian0/debian/changelog
php-horde-5.2.20+debian0/debian/changelog
--- php-horde-5.2.20+debian0/debian/changelog 2019-12-14 03:13:53.0
+0100
+++ php-horde-5.2.20+debian0/debian/changelog 2020-05-31 21:45:26.0
+0200
@@ -1,3 +1,10 @@
+php-horde (5.2.20+debian0-1+deb10u2) buster; urgency=medium
+
+ * CVE-2020-8035: Don't allow to view images inline if opened directly.
+ * debian/patches/0001-Fix-rewrite-base.patch: Trivial rebase.
+
+ -- Mike Gabriel Sun, 31 May 2020 21:45:26 +0200
+
php-horde (5.2.20+debian0-1+deb10u1) buster; urgency=high
* Fix CVE-2019-12095: Stored XSS vuln in the Horde Cloud Block.
diff -Nru php-horde-5.2.20+debian0/debian/patches/0001-Fix-rewrite-base.patch
php-horde-5.2.20+debian0/debian/patches/0001-Fix-rewrite-base.patch
--- php-horde-5.2.20+debian0/debian/patches/0001-Fix-rewrite-base.patch
2019-12-14 03:13:53.0 +0100
+++ php-horde-5.2.20+debian0/debian/patches/0001-Fix-rewrite-base.patch
2020-05-31 21:45:26.0 +0200
@@ -6,11 +6,9 @@
horde-5.2.20/.htaccess | 1 +
1 file changed, 1 insertion(+)
-diff --git a/horde-5.2.20/.htaccess b/horde-5.2.20/.htaccess
-index 89eaf0a..348046e 100644
--- a/horde-5.2.20/.htaccess
+++ b/horde-5.2.20/.htaccess
-@@ -5,6 +5,7 @@ allow from all
+@@ -10,6 +10,7 @@
RewriteEngine On
diff -Nru
php-horde-5.2.20+debian0/debian/patches/0003-CVE-2020-8035-dont-allow-to-view-images-inline.patch
php-horde-5.2.20+debian0/debian/patches/0003-CVE-2020-8035-dont-allow-to-view-images-inline.patch
---
php-horde-5.2.20+debian0/debian/patches/0003-CVE-2020-8035-dont-allow-to-view-images-inline.patch
1970-01-01 01:00:00.0 +0100
+++
php-horde-5.2.20+debian0/debian/patches/0003-CVE-2020-8035-dont-allow-to-view-images-inline.patch
2020-05-31 21:45:26.0 +0200
@@ -0,0 +1,28 @@
+From 64127fe3c2b9843c9760218e59dae9731cc56bdf Mon Sep 17 00:00:00 2001
+From: Jan Schneider
+Date: Mon, 20 Apr 2020 23:07:51 +0200
+Subject: [PATCH] Don't allow to view images inline if opened directly.
+
+This services is supposed to process and view images inside a web page.
+---
+ services/images/view.php | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/horde-5.2.20/services/images/view.php
b/horde-5.2.20/services/images/view.php
+index bc7da534..f5b0cb25 100644
+--- a/horde-5.2.20/services/images/view.php
b/horde-5.2.20/services/images/view.php
+@@ -84,6 +84,7 @@
+
+ /* Check if no editing action required and send the image to browser. */
+ if (empty($action)) {
++header('Content-Disposition: attachment');
+ $image->display();
+ exit;
+ }
+@@ -132,4 +133,5 @@
+ /* Write out any changes to the temporary file. */
+ file_put_contents($file_name, $image->raw());
+
++header('Content-Disposition: attachment');
+ $image->display();
diff -Nru php-horde-5.2.20+debian0/debian/patches/series
php-horde-5.2.20+debian0/debian/patches/series
--- php-horde-5.2.20+debian0/debian/patches/series 2019-12-14
03:13:53.0 +0100
+++ php-horde-5.2.20+debian0/debian/patches/series 2020-05-31
21:45:26.0 +0200
@@ -1,2 +1,3 @@
0001-Fix-rewrite-base.patch
0002-CVE-2019-12095-Fix-XSS-vuln-in-the-Horde-Cloud-Block.patch
+0003-CVE-2020-8035-dont-allow-to-view-images-inline.patch
Bug#961945: stretch-pu: package php-horde/5.2.13+debian0-1+deb9u2
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu
Dear release team,
I have just uploaded this php-horde update to stretch, fixing a no-dsa CVE:
+ * CVE-2020-8035: Don't allow to view images inline if opened directly.
+ * debian/patches/0001-Fix-rewrite-base.patch: Trivial rebase.
Greets,
Mike
-- System Information:
Debian Release: 10.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500,
'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-8-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru php-horde-5.2.13+debian0/debian/changelog
php-horde-5.2.13+debian0/debian/changelog
--- php-horde-5.2.13+debian0/debian/changelog 2019-12-14 03:10:06.0
+0100
+++ php-horde-5.2.13+debian0/debian/changelog 2020-05-31 21:45:26.0
+0200
@@ -1,3 +1,10 @@
+php-horde (5.2.13+debian0-1+deb9u2) stretch; urgency=medium
+
+ * CVE-2020-8035: Don't allow to view images inline if opened directly.
+ * debian/patches/0001-Fix-rewrite-base.patch: Trivial rebase.
+
+ -- Mike Gabriel Sun, 31 May 2020 21:45:26 +0200
+
php-horde (5.2.13+debian0-1+deb9u1) stretch; urgency=high
* Fix CVE-2019-12095: Stored XSS vuln in the Horde Cloud Block.
diff -Nru php-horde-5.2.13+debian0/debian/patches/0001-Fix-rewrite-base.patch
php-horde-5.2.13+debian0/debian/patches/0001-Fix-rewrite-base.patch
--- php-horde-5.2.13+debian0/debian/patches/0001-Fix-rewrite-base.patch
2019-12-14 03:10:06.0 +0100
+++ php-horde-5.2.13+debian0/debian/patches/0001-Fix-rewrite-base.patch
2020-05-31 21:45:26.0 +0200
@@ -6,11 +6,9 @@
horde-5.2.13/.htaccess | 1 +
1 file changed, 1 insertion(+)
-diff --git a/horde-5.2.13/.htaccess b/horde-5.2.13/.htaccess
-index 89eaf0a..348046e 100644
--- a/horde-5.2.13/.htaccess
+++ b/horde-5.2.13/.htaccess
-@@ -5,6 +5,7 @@ allow from all
+@@ -10,6 +10,7 @@
RewriteEngine On
diff -Nru
php-horde-5.2.13+debian0/debian/patches/0003-CVE-2020-8035-dont-allow-to-view-images-inline.patch
php-horde-5.2.13+debian0/debian/patches/0003-CVE-2020-8035-dont-allow-to-view-images-inline.patch
---
php-horde-5.2.13+debian0/debian/patches/0003-CVE-2020-8035-dont-allow-to-view-images-inline.patch
1970-01-01 01:00:00.0 +0100
+++
php-horde-5.2.13+debian0/debian/patches/0003-CVE-2020-8035-dont-allow-to-view-images-inline.patch
2020-05-31 21:45:26.0 +0200
@@ -0,0 +1,28 @@
+From 64127fe3c2b9843c9760218e59dae9731cc56bdf Mon Sep 17 00:00:00 2001
+From: Jan Schneider
+Date: Mon, 20 Apr 2020 23:07:51 +0200
+Subject: [PATCH] Don't allow to view images inline if opened directly.
+
+This services is supposed to process and view images inside a web page.
+---
+ services/images/view.php | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/horde-5.2.13/services/images/view.php
b/horde-5.2.13/services/images/view.php
+index bc7da534..f5b0cb25 100644
+--- a/horde-5.2.13/services/images/view.php
b/horde-5.2.13/services/images/view.php
+@@ -84,6 +84,7 @@
+
+ /* Check if no editing action required and send the image to browser. */
+ if (empty($action)) {
++header('Content-Disposition: attachment');
+ $image->display();
+ exit;
+ }
+@@ -132,4 +133,5 @@
+ /* Write out any changes to the temporary file. */
+ file_put_contents($file_name, $image->raw());
+
++header('Content-Disposition: attachment');
+ $image->display();
diff -Nru php-horde-5.2.13+debian0/debian/patches/series
php-horde-5.2.13+debian0/debian/patches/series
--- php-horde-5.2.13+debian0/debian/patches/series 2019-12-14
03:10:06.0 +0100
+++ php-horde-5.2.13+debian0/debian/patches/series 2020-05-31
21:45:26.0 +0200
@@ -1,2 +1,3 @@
0001-Fix-rewrite-base.patch
0002-CVE-2019-12095-Fix-XSS-vuln-in-the-Horde-Cloud-Block.patch
+0003-CVE-2020-8035-dont-allow-to-view-images-inline.patch
Bug#961937: stretch-pu: package ssvnc/1.0.29-3+deb9u1
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu
Dear release team,
I just uploaded this ssvnc update to Debian stretch:
+ * Non-maintainer upload by the LTS team.
@Magnus: Thanks for fixing ssnvc in testing/unstable regarding below CVE
issues. I saw that those issues haven't been covered for in stretch+buster,
so I was so brisk and dput fixes straight away.
+ * Porting of libvncclient security patches (Closes: #945827):
+- CVE-2018-20020: heap out-of-bound write vulnerability inside structure
+ in VNC client code.
+- CVE-2018-20021: CWE-835: Infinite loop vulnerability in VNC client code.
+- CVE-2018-20022: CWE-665: Improper Initialization vulnerability.
+- CVE-2018-20024: null pointer dereference that can result DoS.
@release team: The upload fixes the not-so-critical CVEs given above.
Thanks+Greets,
Mike
-- System Information:
Debian Release: 10.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500,
'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-8-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru ssvnc-1.0.29/debian/changelog ssvnc-1.0.29/debian/changelog
--- ssvnc-1.0.29/debian/changelog 2016-07-30 23:10:11.0 +0200
+++ ssvnc-1.0.29/debian/changelog 2020-05-31 20:59:43.0 +0200
@@ -1,3 +1,15 @@
+ssvnc (1.0.29-3+deb9u1) stretch; urgency=medium
+
+ * Non-maintainer upload by the LTS team.
+ * Porting of libvncclient security patches (Closes: #945827):
+- CVE-2018-20020: heap out-of-bound write vulnerability inside structure
+ in VNC client code.
+- CVE-2018-20021: CWE-835: Infinite loop vulnerability in VNC client code.
+- CVE-2018-20022: CWE-665: Improper Initialization vulnerability.
+- CVE-2018-20024: null pointer dereference that can result DoS.
+
+ -- Mike Gabriel Sun, 31 May 2020 20:59:43 +0200
+
ssvnc (1.0.29-3) unstable; urgency=low
* debian/rules: Add call to dh_strip_nondeterminism.
diff -Nru ssvnc-1.0.29/debian/patches/libvncclient_CVE-2018-20020.patch
ssvnc-1.0.29/debian/patches/libvncclient_CVE-2018-20020.patch
--- ssvnc-1.0.29/debian/patches/libvncclient_CVE-2018-20020.patch
1970-01-01 01:00:00.0 +0100
+++ ssvnc-1.0.29/debian/patches/libvncclient_CVE-2018-20020.patch
2019-12-16 19:37:52.0 +0100
@@ -0,0 +1,22 @@
+Description: CVE-2018-20020
+ heap out-of-bound write vulnerability inside structure in VNC client code that
+ can result remote code execution
+---
+
+Author: Abhijith PA
+Origin:
https://github.com/LibVNC/libvncserver/commit/7b1ef0ffc4815cab9a96c7278394152bdc89dc4d
+Bug: https://github.com/LibVNC/libvncserver/issues/250
+Bug-Debian: https://bugs.debian.org/916941
+Last-Update: 2018-12-23
+
+--- a/vnc_unixsrc/vncviewer/corre.c
b/vnc_unixsrc/vncviewer/corre.c
+@@ -76,7 +76,7 @@
+ FillRectangle(rx, ry, rw, rh, gcv.foreground);
+ #endif
+
+-if (!ReadFromRFBServer(buffer, hdr.nSubrects * (4 + (BPP / 8
++if (hdr.nSubrects > BUFFER_SIZE / (4 + (BPP / 8)) ||
!ReadFromRFBServer(buffer, hdr.nSubrects * (4 + (BPP / 8
+ return False;
+
+ ptr = (CARD8 *)buffer;
diff -Nru ssvnc-1.0.29/debian/patches/libvncclient_CVE-2018-20021.patch
ssvnc-1.0.29/debian/patches/libvncclient_CVE-2018-20021.patch
--- ssvnc-1.0.29/debian/patches/libvncclient_CVE-2018-20021.patch
1970-01-01 01:00:00.0 +0100
+++ ssvnc-1.0.29/debian/patches/libvncclient_CVE-2018-20021.patch
2019-12-16 19:37:52.0 +0100
@@ -0,0 +1,22 @@
+Description: CVE-2018-20021
+ CWE-835: Infinite loop vulnerability in VNC client code. Vulnerability allows
+ attacker to consume excessive amount of resources like CPU and RAM
+---
+
+Author: Abhijith PA
+Origin:
https://github.com/LibVNC/libvncserver/commit/c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c
+Bug: https://github.com/LibVNC/libvncserver/issues/251
+Bug-Debian: https://bugs.debian.org/916941
+Last-Update: 2018-12-23
+
+--- a/vnc_unixsrc/vncviewer/rfbproto.c
b/vnc_unixsrc/vncviewer/rfbproto.c
+@@ -3156,7 +3156,7 @@
+ if (db) fprintf(stderr, "Raw: %dx%d+%d+%d\n",
rect.r.w, rect.r.h, rect.r.x, rect.r.y);
+ area_raw += rect.r.w * rect.r.h;
+
+- while (rect.r.h > 0) {
++ while (linesToRead && rect.r.h > 0) {
+ if (linesToRead > rect.r.h) {
+ linesToRead = rect.r.h;
+ }
diff -Nru ssvnc-1.0.29/debian/patches/libvncclient_CVE-2018-20022.patch
ssvnc-1.0.29/debian/patches/libvncclient_
Bug#961936: buster-pu: package ssvnc/1.0.29-4+deb10u1
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
Dear release team,
I just uploaded this ssvnc update to Debian buster:
+ * Non-maintainer upload by the LTS team.
@Magnus: Thanks for fixing ssnvc in testing/unstable regarding below CVE
issues. I saw that those issues haven't been convered in stretch+buster,
so I was so brisk and dput fixes straight away.
+ * Porting of libvncclient security patches (Closes: #945827):
+- CVE-2018-20020: heap out-of-bound write vulnerability inside structure
+ in VNC client code.
+- CVE-2018-20021: CWE-835: Infinite loop vulnerability in VNC client code.
+- CVE-2018-20022: CWE-665: Improper Initialization vulnerability.
+- CVE-2018-20024: null pointer dereference that can result DoS.
@release team: The upload fixes the not-so-critical CVEs given above.
Thanks+Greets,
Mike
-- System Information:
Debian Release: 10.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500,
'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-8-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru ssvnc-1.0.29/debian/changelog ssvnc-1.0.29/debian/changelog
--- ssvnc-1.0.29/debian/changelog 2018-06-24 19:39:53.0 +0200
+++ ssvnc-1.0.29/debian/changelog 2020-05-31 20:58:21.0 +0200
@@ -1,3 +1,15 @@
+ssvnc (1.0.29-4+deb10u1) buster; urgency=medium
+
+ * Non-maintainer upload by the LTS team.
+ * Porting of libvncclient security patches (Closes: #945827):
+- CVE-2018-20020: heap out-of-bound write vulnerability inside structure
+ in VNC client code.
+- CVE-2018-20021: CWE-835: Infinite loop vulnerability in VNC client code.
+- CVE-2018-20022: CWE-665: Improper Initialization vulnerability.
+- CVE-2018-20024: null pointer dereference that can result DoS.
+
+ -- Mike Gabriel Sun, 31 May 2020 20:58:21 +0200
+
ssvnc (1.0.29-4) unstable; urgency=low
* default-jdk-headless is enough to build.
diff -Nru ssvnc-1.0.29/debian/patches/libvncclient_CVE-2018-20020.patch
ssvnc-1.0.29/debian/patches/libvncclient_CVE-2018-20020.patch
--- ssvnc-1.0.29/debian/patches/libvncclient_CVE-2018-20020.patch
1970-01-01 01:00:00.0 +0100
+++ ssvnc-1.0.29/debian/patches/libvncclient_CVE-2018-20020.patch
2019-12-16 19:37:52.0 +0100
@@ -0,0 +1,22 @@
+Description: CVE-2018-20020
+ heap out-of-bound write vulnerability inside structure in VNC client code that
+ can result remote code execution
+---
+
+Author: Abhijith PA
+Origin:
https://github.com/LibVNC/libvncserver/commit/7b1ef0ffc4815cab9a96c7278394152bdc89dc4d
+Bug: https://github.com/LibVNC/libvncserver/issues/250
+Bug-Debian: https://bugs.debian.org/916941
+Last-Update: 2018-12-23
+
+--- a/vnc_unixsrc/vncviewer/corre.c
b/vnc_unixsrc/vncviewer/corre.c
+@@ -76,7 +76,7 @@
+ FillRectangle(rx, ry, rw, rh, gcv.foreground);
+ #endif
+
+-if (!ReadFromRFBServer(buffer, hdr.nSubrects * (4 + (BPP / 8
++if (hdr.nSubrects > BUFFER_SIZE / (4 + (BPP / 8)) ||
!ReadFromRFBServer(buffer, hdr.nSubrects * (4 + (BPP / 8
+ return False;
+
+ ptr = (CARD8 *)buffer;
diff -Nru ssvnc-1.0.29/debian/patches/libvncclient_CVE-2018-20021.patch
ssvnc-1.0.29/debian/patches/libvncclient_CVE-2018-20021.patch
--- ssvnc-1.0.29/debian/patches/libvncclient_CVE-2018-20021.patch
1970-01-01 01:00:00.0 +0100
+++ ssvnc-1.0.29/debian/patches/libvncclient_CVE-2018-20021.patch
2019-12-16 19:37:52.0 +0100
@@ -0,0 +1,22 @@
+Description: CVE-2018-20021
+ CWE-835: Infinite loop vulnerability in VNC client code. Vulnerability allows
+ attacker to consume excessive amount of resources like CPU and RAM
+---
+
+Author: Abhijith PA
+Origin:
https://github.com/LibVNC/libvncserver/commit/c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c
+Bug: https://github.com/LibVNC/libvncserver/issues/251
+Bug-Debian: https://bugs.debian.org/916941
+Last-Update: 2018-12-23
+
+--- a/vnc_unixsrc/vncviewer/rfbproto.c
b/vnc_unixsrc/vncviewer/rfbproto.c
+@@ -3156,7 +3156,7 @@
+ if (db) fprintf(stderr, "Raw: %dx%d+%d+%d\n",
rect.r.w, rect.r.h, rect.r.x, rect.r.y);
+ area_raw += rect.r.w * rect.r.h;
+
+- while (rect.r.h > 0) {
++ while (linesToRead && rect.r.h > 0) {
+ if (linesToRead > rect.r.h) {
+ linesToRead = rect.r.h;
+ }
diff -Nru ssvnc-1.0.29/debian/patches/libvncclient_CVE-2018-20022.patch
ssvnc-1.0.29/debian/patches/libvncclient_CVE-2018-20022
Bug#961660: DebHelper dh_bash-completion broken since Stretch OS, Bash Completion scripts not installed anymore into Path according to debian/.bash-completion
On 27 May 2020, Jürgen Kuri wrote: > >When I build the packages for Debian Jessie, everything works as expected, >both completion scripts are installed into the path: > > $ ls -la /etc/bash_completion.d/ > total 24 > drwxr-xr-x 2 root root 4096 May 26 16:58 . > drwxr-xr-x 92 root root 4096 May 18 12:12 .. > -rw-r--r-- 1 root root 933 May 18 17:26 fsmtool2-completion > -rw-r--r-- 1 root root 980 May 18 17:26 fsmtool2_mtest-completion For some time (I don't know exactly how long, because I only adopted bash-completion about 2 years ago), the default installation path for completion is /usr/share/bash-completion/completions/, as you have noticed. So, I'd say that dh_bash-completion is doing the rigth thing. >When I build the packages for Debian OS Stretch or Buster, bash-completion >does not work for both command line tools any more cause the completion >scripts are installed below: > > * /usr/share/bash-completion/completions/fsmtool2-completion > * /usr/share/bash-completion/completions/fsmtool2_mtest-completion On the other, you are saying that the completions do not work from this location, and that's puzzling me. Could you provide more details about the problem you are actually getting? Bash-completion is supposed to work with files in this location. Cheers, Gabriel
Bug#961921: buster-pu: package php-horde-gollem/3.0.12-3+deb10u1
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
Dear release team,
I just uploaded an update for php-horde-gollem, fixing CVE-2020-8034.
+ * debian/patches:
++ Add CVE-2020-8034.patch. Fix XSS vulnerability in breadcrumb output
+ (Reported by: polict of Shielder). (Closes: #961649, CVE-2020-8034).
+
Greets,
Mike
-- System Information:
Debian Release: 10.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500,
'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-8-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru php-horde-gollem-3.0.12/debian/changelog
php-horde-gollem-3.0.12/debian/changelog
--- php-horde-gollem-3.0.12/debian/changelog2018-05-15 15:16:48.0
+0200
+++ php-horde-gollem-3.0.12/debian/changelog2020-05-31 16:20:16.0
+0200
@@ -1,3 +1,11 @@
+php-horde-gollem (3.0.12-3+deb10u1) buster-security; urgency=medium
+
+ * debian/patches:
++ Add CVE-2020-8034.patch. Fix XSS vulnerability in breadcrumb output
+ (Reported by: polict of Shielder). (Closes: #961649, CVE-2020-8034).
+
+ -- Mike Gabriel Sun, 31 May 2020 16:20:16 +0200
+
php-horde-gollem (3.0.12-3) unstable; urgency=medium
* Update Standards-Version to 4.1.4, no change
diff -Nru php-horde-gollem-3.0.12/debian/patches/CVE-2020-8034.patch
php-horde-gollem-3.0.12/debian/patches/CVE-2020-8034.patch
--- php-horde-gollem-3.0.12/debian/patches/CVE-2020-8034.patch 1970-01-01
01:00:00.0 +0100
+++ php-horde-gollem-3.0.12/debian/patches/CVE-2020-8034.patch 2020-05-31
16:19:48.0 +0200
@@ -0,0 +1,44 @@
+From a73bef1aef27d4cbfc7b939c2a81dea69aabb083 Mon Sep 17 00:00:00 2001
+From: Jan Schneider
+Date: Wed, 4 Mar 2020 18:54:06 +0100
+Subject: [PATCH] [jan] SECURITY: Fix XSS vulnerability in breadcrumb output
+ (Reported by: polict of Shielder, CVE-2020-8034).
+
+---
+ doc/changelog.yml | 3 ++-
+ lib/Gollem.php| 5 +++--
+ 2 files changed, 5 insertions(+), 3 deletions(-)
+
+#diff --git a/doc/changelog.yml b/doc/changelog.yml
+#index dbad6ef..3e429bd 100644
+#--- a/doc/changelog.yml
+#+++ b/doc/changelog.yml
+#@@ -18,7 +18,8 @@
+# license:
+# identifier: GPL-2.0
+# uri: http://www.horde.org/licenses/gpl
+#- notes:
+#+ notes: |
+#+[jan] SECURITY: Fix XSS vulnerability in breadcrumb output (Reported by:
polict of Shielder, CVE-2020-8034).
+# 3.0.12:
+# api: 3.0.0
+# state:
+diff --git a/gollem-3.0.12/lib/Gollem.php b/gollem-3.0.12/lib/Gollem.php
+index 9a4a7cd..ec255e7 100644
+--- a/gollem-3.0.12/lib/Gollem.php
b/gollem-3.0.12/lib/Gollem.php
+@@ -692,10 +692,11 @@ public static function directoryNavLink($currdir, $url)
+ $dir = implode('/', $part);
+ if ((strstr($dir, self::$backend['root']) !== false) &&
+ (self::$backend['root'] != $dir)) {
++$part = htmlspecialchars($parts[($i - 1)]);
+ if ($i == $parts_count) {
+-$label[] = $parts[($i - 1)];
++$label[] = $part;
+ } else {
+-$label[] = Horde::link($url->add('dir', $dir),
sprintf(_("Up to %s"), $dir)) . htmlspecialchars($parts[($i - 1)]) . '';
++$label[] = Horde::link($url->add('dir', $dir),
sprintf(_("Up to %s"), $dir)) . $part . '';
+ }
+ }
+ }
+
diff -Nru php-horde-gollem-3.0.12/debian/patches/series
php-horde-gollem-3.0.12/debian/patches/series
--- php-horde-gollem-3.0.12/debian/patches/series 1970-01-01
01:00:00.0 +0100
+++ php-horde-gollem-3.0.12/debian/patches/series 2020-05-31
16:19:48.0 +0200
@@ -0,0 +1 @@
+CVE-2020-8034.patch
Bug#961922: stretch-pu: package php-horde-gollem/3.0.10-1+deb9u1
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu
Dear release team,
I just uploaded an update for php-horde-gollem to stretch, fixing
CVE-2020-8034.
+ * debian/patches:
++ Add CVE-2020-8034.patch. Fix XSS vulnerability in breadcrumb output
+ (Reported by: polict of Shielder). (Closes: #961649, CVE-2020-8034).
Greets,
Mike
-- System Information:
Debian Release: 10.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500,
'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-8-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru php-horde-gollem-3.0.10/debian/changelog
php-horde-gollem-3.0.10/debian/changelog
--- php-horde-gollem-3.0.10/debian/changelog2016-12-18 21:55:24.0
+0100
+++ php-horde-gollem-3.0.10/debian/changelog2020-05-31 16:43:57.0
+0200
@@ -1,3 +1,11 @@
+php-horde-gollem (3.0.10-1+deb9u1) stretch; urgency=medium
+
+ * debian/patches:
++ Add CVE-2020-8034.patch. Fix XSS vulnerability in breadcrumb output
+ (Reported by: polict of Shielder). (Closes: #961649, CVE-2020-8034).
+
+ -- Mike Gabriel Sun, 31 May 2020 16:43:57 +0200
+
php-horde-gollem (3.0.10-1) unstable; urgency=medium
* New upstream version 3.0.10
diff -Nru php-horde-gollem-3.0.10/debian/patches/CVE-2020-8034.patch
php-horde-gollem-3.0.10/debian/patches/CVE-2020-8034.patch
--- php-horde-gollem-3.0.10/debian/patches/CVE-2020-8034.patch 1970-01-01
01:00:00.0 +0100
+++ php-horde-gollem-3.0.10/debian/patches/CVE-2020-8034.patch 2020-05-31
16:43:57.0 +0200
@@ -0,0 +1,44 @@
+From a73bef1aef27d4cbfc7b939c2a81dea69aabb083 Mon Sep 17 00:00:00 2001
+From: Jan Schneider
+Date: Wed, 4 Mar 2020 18:54:06 +0100
+Subject: [PATCH] [jan] SECURITY: Fix XSS vulnerability in breadcrumb output
+ (Reported by: polict of Shielder, CVE-2020-8034).
+
+---
+ doc/changelog.yml | 3 ++-
+ lib/Gollem.php| 5 +++--
+ 2 files changed, 5 insertions(+), 3 deletions(-)
+
+#diff --git a/doc/changelog.yml b/doc/changelog.yml
+#index dbad6ef..3e429bd 100644
+#--- a/doc/changelog.yml
+#+++ b/doc/changelog.yml
+#@@ -18,7 +18,8 @@
+# license:
+# identifier: GPL-2.0
+# uri: http://www.horde.org/licenses/gpl
+#- notes:
+#+ notes: |
+#+[jan] SECURITY: Fix XSS vulnerability in breadcrumb output (Reported by:
polict of Shielder, CVE-2020-8034).
+# 3.0.12:
+# api: 3.0.0
+# state:
+diff --git a/gollem-3.0.10/lib/Gollem.php b/gollem-3.0.10/lib/Gollem.php
+index 9a4a7cd..ec255e7 100644
+--- a/gollem-3.0.10/lib/Gollem.php
b/gollem-3.0.10/lib/Gollem.php
+@@ -692,10 +692,11 @@ public static function directoryNavLink($currdir, $url)
+ $dir = implode('/', $part);
+ if ((strstr($dir, self::$backend['root']) !== false) &&
+ (self::$backend['root'] != $dir)) {
++$part = htmlspecialchars($parts[($i - 1)]);
+ if ($i == $parts_count) {
+-$label[] = $parts[($i - 1)];
++$label[] = $part;
+ } else {
+-$label[] = Horde::link($url->add('dir', $dir),
sprintf(_("Up to %s"), $dir)) . htmlspecialchars($parts[($i - 1)]) . '';
++$label[] = Horde::link($url->add('dir', $dir),
sprintf(_("Up to %s"), $dir)) . $part . '';
+ }
+ }
+ }
+
diff -Nru php-horde-gollem-3.0.10/debian/patches/series
php-horde-gollem-3.0.10/debian/patches/series
--- php-horde-gollem-3.0.10/debian/patches/series 1970-01-01
01:00:00.0 +0100
+++ php-horde-gollem-3.0.10/debian/patches/series 2020-05-31
16:40:31.0 +0200
@@ -0,0 +1 @@
+CVE-2020-8034.patch
Bug#942282: O: php-horde-core -- Core Horde Framework library (AND all php-horde*!)
Hi Juri, On Fr 29 Mai 2020 13:24:50 CEST, debian wrote: Hello Mike, Let me know, if you'd still be interested in co-maintaining this massive package pile. I'd add you to Uploaders: and grant you access to the horde-team group on Salsa. you can add me to Uploaders. Since 2. May I have access to horde-team. I would try to update packages for unstable and automate packaging with salsa-ci. More people are welcome. Best Regards, Juri Grabowski Ok, I will add you to Uploaders: with the next upload round. I'll use your deb...@jugra.de address, right? Regarding uploads to unstable: I have dput all php-horde-* packages by now, however, a few are still awaiting review in NEW. I will follow-up with a second upload round (source-only) once all packages have landed. I will also do the new upstream release bumps then. What would your plans be for salsa-ci. I have far less expirience in that realm and I am happy to learn from what you are about to do regarding that. Can you explain? Greets, Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgp6Eqk6DR9Un.pgp Description: Digitale PGP-Signatur
Bug#961753: ITP: suru-icon-theme -- Suru icon theme for Lomiri Operating Environment
Package: wnpp Severity: wishlist Owner: Mike Gabriel * Package name: suru-icon-theme Version : 20.05 Upstream Author : Marius Gripsgard * URL : https://gitlab.com/ubports/core/suru-icon-theme/ * License : CC-BY-SA-3.0 Programming Lang: Description : Suru icon theme for Lomiri Operating Environment Lomiri Operating Environment is a convergent work shell designed for use cases on phone, tablet or desktop devices. . The Suru Icon Theme is the default icon theme in Lomiri (former Unity8). In Ubuntu, the suru-icon-theme bin:pkg is shipped as part of the ubuntu-theme src:pkg. The proposal is to share one suru-icon-theme between Debian Ubuntu (Desktop) and UBports' Ubuntu Touch. . See https://bugs.launchpad.net/ubuntu-themes/+bug/1881180 for details. . The package will be maintained by the Debian UBports team under the umbrella of the Debian Desktop Theme Team. .
Bug#961698: ITP: lomiri-url-dispatcher -- Lomiri Operating Environment service for requesting URLs to be opened
Package: wnpp Severity: wishlist Owner: Mike Gabriel * Package name: lomiri-url-dispatcher Version : 0.1.0 Upstream Author : Marius Gripsgard * URL : https://gitlab.com/ubports/core/lomiri-url-dispatcher * License : LGPL-3 Programming Lang: C / C++ Description : Lomiri Operating Environment service for requesting URLs to be opened Lomiri's URL dispatcher allows applications to request a URL to be opened and handled by another process without seeing the list of other applications on the system, or starting them inside its own Application Confinement. . Lomiri URL dispatcher is a fork / continuation of Ubuntu's URL dispatcher and can be installed alongside of url-dispatcher. . This packaged is part of the effort of getting the Lomiri Operating Environment into Debian.
Bug#961562: cyrus-imapd: Unstable 3.2.0 LMTPD broken
Package: cyrus-imapd Version: 3.2.0-5~bpo10+1 Followup-For: Bug #961562 Hi, same problem here. /var/log/exim4/mainlog 2020-05-28 08:32:03 1jeC5C-0002F9-SB == assiste...@resnovae.it R=local_user T=local_delivery_cyrus defer (-1): LMTP connection closed after end of data /var/log/mail.err May 28 08:32:03 mailserver cyrus/master[20202]: process type:SERVICE name:lmtpunix path:/usr/lib/cyrus/bin/lmtpd age:0.563s pid:8650 signaled to death by signal 6 (Aborted) -- System Information: Debian Release: 10.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable'), (100, 'testing'), (50, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-8-amd64 (SMP w/12 CPU cores) Kernel taint flags: TAINT_FIRMWARE_WORKAROUND Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8), LANGUAGE=it_IT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages cyrus-imapd depends on: ii cyrus-common 3.2.0-5~bpo10+1 ii libc6 2.28-10 ii libcom-err2 1.44.5-1+deb10u3 ii libsasl2-22.1.27+dfsg-1+deb10u1 ii libssl1.1 1.1.1d-0+deb10u3 ii libwrap0 7.6.q-28 ii zlib1g1:1.2.11.dfsg-1 Versions of packages cyrus-imapd recommends: ii rsync 3.1.3-6 cyrus-imapd suggests no packages. -- no debconf information
Bug#951565: freerdp2-x11: does not work at all, immediately exits, against xrdp server (rdesktop works)
Control: close -1 Hi, On Fr 21 Feb 2020 20:47:57 CET, Mike Gabriel wrote: Hi Thorsten, hi Bernhard, On Fr 21 Feb 2020 12:01:14 CET, Bernhard Miklautz wrote: Hi Thorsten, On Tue, Feb 18, 2020 at 07:18:23AM +0100, Thorsten Glaser wrote: tglase@tglase-nb:~ $ xfreerdp /v:tglase-edge .. [07:15:08:628] [29233:29234] [INFO][com.winpr.clipboard] - initialized POSIX local file subsystem [07:15:08:744] [29233:29234] [ERROR][com.freerdp.core.update] - [0x03] Cache Glyph - SERVER BUG: The support for this feature was not announced! Use /relax-order-checks to ignore [07:15:08:745] [29233:29234] [INFO][com.freerdp.client.common] - Network disconnect! [07:15:08:745] [29233:29234] [ERROR][com.freerdp.client.x11] - Failed to check FreeRDP file descriptor .. I also tried xfreerdp /size:1000x768 /v:tglase-edge but that does not change anything. FreeRDP does strict protocol level checks per default since a while. xrdp does use the glyph cache without announcing/negotiating it - this causes xfreerdp to close the connection. Give the options /relax-order-checks (as the error above indicates) and +glyph-cache a try. As reference also See: https://github.com/neutrinolabs/xrdp/issues/1229 and https://github.com/neutrinolabs/xrdp/issues/1266 Best regards, Bernhard Bernhard, thanks for your answer on this. Thorsten, shall we close or reassign to xRDP? :-P Mike Closing this manually. No feedback from bug submitter. Not a bug in freerdp2. Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgpE4q7LTR7UJ.pgp Description: Digitale PGP-Signatur
Bug#767465: hello
-- Bonjour J'espère que vous allez bien. je m'appelle Gabriel. Nous pouvons être amis J'ai des informations importantes que je voudrais partager avec vous Passez une bonne journée Cordialement, Gabriel
Bug#961600: cyrus-common: High CPU usage for httpd with 3.2
Package: cyrus-common
Version: 3.2.0-5~bpo10+1
Severity: normal
Hi,
After the upgrade to version 3.2, the httpd process for CARD-DAV
connections reaches very high CPU usage in a short time.
-- System Information:
Debian Release: 10.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable'), (100, 'testing'),
(50, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-8-amd64 (SMP w/12 CPU cores)
Kernel taint flags: TAINT_FIRMWARE_WORKAROUND
Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8),
LANGUAGE=it_IT.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages cyrus-common depends on:
ii adduser 3.118
ii db-upgrade-util 5.3.1+nmu1
ii db-util 5.3.1+nmu1
ii debconf [debconf-2.0] 1.5.71
ii e2fsprogs 1.44.5-1+deb10u3
ii exim4-daemon-heavy [mail-transport-agent] 4.92-8+deb10u4
ii gawk 1:4.2.1+dfsg-1
ii init-system-helpers 1.56+nmu1
ii libbrotli1 1.0.7-2
ii libc6 2.28-10
ii libclamav9 0.102.2+dfsg-0+deb10u1
ii libcom-err2 1.44.5-1+deb10u3
ii libgcc1 1:8.3.0-6
ii libgssapi-krb5-2 1.17-3
ii libical3 3.0.4-3
ii libicu63 63.1-6+deb10u1
ii libjansson4 2.12-1
ii libk5crypto3 1.17-3
ii libkrb5-3 1.17-3
ii libkrb5support0 1.17-3
ii libldap-2.4-2 2.4.47+dfsg-3+deb10u2
ii libnghttp2-14 1.40.0-1
ii libpcre3 2:8.39-12
ii libpq5 11.7-0+deb10u1
ii libsasl2-2 2.1.27+dfsg-1+deb10u1
ii libsasl2-modules 2.1.27+dfsg-1+deb10u1
ii libshp2 1.4.1-3
ii libsnmp30 5.7.3+dfsg-5
ii libsqlite3-0 3.27.2-3
ii libssl1.1 1.1.1d-0+deb10u3
ii libstdc++6 8.3.0-6
ii libwrap0 7.6.q-28
ii libxapian30 1.4.11-1
ii libxml2 2.9.4+dfsg1-7+b3
ii libzephyr4 3.1.2-1+b3
ii lsb-base 10.2019051400
ii netbase 5.6
ii perl 5.28.1-6
ii zlib1g 1:1.2.11.dfsg-1
Versions of packages cyrus-common recommends:
ii cyrus-admin 3.2.0-5~bpo10+1
ii cyrus-caldav 3.2.0-5~bpo10+1
ii cyrus-imapd 3.2.0-5~bpo10+1
Versions of packages cyrus-common suggests:
ii apt-listchanges 3.19
ii cyrus-admin 3.2.0-5~bpo10+1
ii cyrus-caldav 3.2.0-5~bpo10+1
ii cyrus-clients 3.2.0-5~bpo10+1
pn cyrus-doc
ii cyrus-imapd 3.2.0-5~bpo10+1
pn cyrus-murder
pn cyrus-nntpd
pn cyrus-pop3d
pn cyrus-replication
ii sasl2-bin 2.1.27+dfsg-1+deb10u1
-- Configuration Files:
/etc/cyrus.conf changed:
START {
# do not delete this entry!
recover cmd="/usr/sbin/cyrus ctl_cyrusdb -r"
# this is only necessary if idlemethod is set to "idled" in imapd.conf
idled cmd="idled"
# this is useful on backend nodes of a Murder cluster
# it causes the backend to syncronize its mailbox list with
# the mupdate master upon startup
#mupdatepush cmd="/usr/sbin/cyrus ctl_mboxlist -m"
# this is recommended if using duplicate delivery suppression
delprune cmd="/usr/sbin/cyrus expire -E 3"
# this is recommended if caching TLS sessions
tlsprune cmd="/usr/sbin/cyrus tls_prune"
}
SERVICES {
# --- Normal cyrus spool, or Murder backends ---
# add or remove based on preferences
imap cmd="imapd -U 30" listen="imap" prefork=0 maxchild=200
imaps cmd="imapd -s -U 30" listen="imaps" prefork=0 maxchild=200
#pop3 cmd="pop3d -U 30" listen="pop3" prefork=0 maxchild=50
#pop3s cmd="pop3d -s -U 30" listen="pop3s" prefork=0 maxchild=50
#nntp cmd="nntpd -U 30" listen="nntp" prefork=0 maxchild=100
#nntps cmd="nntpd -s -U 30" listen="nntps" prefork=0 maxchild=100
#http cmd="httpd -U 30" listen="8008" prefork=0 maxchild=100
https cmd="httpd -s -U 30" listen="8443" prefork=0 maxchild=100
# At least one form of LMTP is required for delivery
# (you must keep the Unix socket name in sync with imap.conf)
#lmtp cmd="lmtpd" listen="localhost:lmtp" prefork=0 maxchild=20
lmtpunix cmd="lmtpd" listen="/run/cyrus/socket/lmtp" prefork=0 maxchild=20
# --
# useful if you need to give users remote access to sieve
# by default, we limit this to localhost in Debian
sieve cmd="timsieved" listen="localhost:sieve" prefork=0 maxchild=100
# this one is needed for the notification services
notify cmd="notifyd" listen="/run/cyrus/socket/notify" proto="udp" prefork=1
# --- Murder frontends -
# enable these and disable the matching services above, # except for
sieve (which deals automatically with Murder)
# mupdate database service - must prefork at least 1
# (mupdate slaves)
#mupdate cmd="mupdate" listen=3905 prefork=1
# (mupdate master, only one in the entire cluster)
#mupdate cmd="mupdate -m" listen=3905 prefork=1
# proxies that will connect to the backends
#imap cmd="proxyd" listen="imap" prefork=0 maxchild=100
#imaps cmd="proxyd -s" listen="imaps" prefork=0 maxchild=100
#pop3 cmd="pop3proxyd" listen="pop3" prefork=0 maxchild=50
#pop3s cmd="pop3proxyd -s" listen="pop3s" prefork=0 maxchild=50
#lmtp cmd="lmtpproxyd" listen="lmtp" prefork=1 maxchild=20
# --
}
EVENTS {
# this is required
checkpoint cmd="/usr/sbin/cyrus ctl_cyrusdb -c" period=30
# this is only necessary if using duplicate delivery suppression
delprune cmd="/usr/sbin/cyrus
Bug#961501: remmina is calling home for update notifications
On Di 26 Mai 2020 10:00:56 CEST, Antenore Gatta wrote: [...] Thanks for your understanding on this issue, Antenore. Much appreciated. I prefere to relase a clean and cleaned 1.4.6 version than playing with workaround patches that may introduce other bugs Yeah, I think getting this fixed in the next upstream release is fair enough. Thanks a lot, Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgpJHCzVGWDyY.pgp Description: Digitale PGP-Signatur
Bug#961501: remmina is calling home for update notifications
Hi Antenore, Thanks for the quick reply. On Mo 25 Mai 2020 15:24:44 CEST, Antenore Gatta wrote: Hi Christoph, Upstream developer… I think it's a bit exaggerated to say that is a privacy violation. Debian users expect from Debian, to be a safe harbour, so all package maintainers are requested to patch out code that does unwanted / uncontrollable connections to the internet for stats collections and such. We just get a plain text file from https://remmina.org (e.g. https:// remmina.org/news/remmina_news.php?ver=1.4.5) with the new changelog. While I understand the interest in usage statistics, in Debian we cannot have that part of the phoning-home code. I am sorry. Remmina on a regular basis verify if there's a new file or if the file of the version requested (the PHP parameter) has been changed/updated. Thanks for the explanation of the mechanism. We do this to notify users about new versions, especially when there are important bugs that have been fixed. This is not helpful in a GNU distribution using a conservative-style release model (not sure if this is the correct term) like Debian does. Imagine Debian stable and oldstable users being reminded of their software being out of date on every upstream release. Of course, their software is out of date, as they use remmina from Debian (old)stable (not testing/unstable). They get those notifications but cannot do anything about it (except upgrading to Debian testing). So, also from a usability point of view, those notification windows will be a disturbance to the users of Debian. Libreoffice does something similar for instance and other software, in Debian, as well. Really? Than this must be considered as a bug. Which other packages have you observed doing this? I understand it may be quite annoying and we can add an opt-out option, would that be enough? Nope. I'd vote for a build-time switch that disables that code. I am sorry. Another option could be a disabled-by-default (via build-time option) update notification feature. A new remmina user should not be bothered by update notification popups they won't be able to install (because their Debian version won't have that update). Please consider that for a small project like Remmina is quite important to keep a channel opened with our users, otherwise we keep receiving and answering to the same issues again again, because usual people do not do the effort of searching through our bug tracking system. I fully understand that. People running on old software tend to report old bugs upstream. Please point them to the distribution they use, if they do that. In other projects, I use issue reporting templates that always ask for upstream version, package version and distro + distroversion. To amend the mess a little. We do not track people and the stats is a completely separated system, that is only opt-in. I am sorry, but this won't change the policy here. Thanks for not tracking your users. Much appreciated. So, let's find a solution that makes everybody happy. I hope, you are ok with the above and the strictness of the policy. light+love Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgpGPHeBWVslw.pgp Description: Digitale PGP-Signatur
Bug#881719: libcdio 2.1.0 and lubcdio++
Hi, Vasyl, on 24 May 2020, Vasyl Gello wrote: > >Gabriel has prepared 2.1.0 in his Salsa repo and I added C++ interfaces needed >by Kodi 19.0: >https://salsa.debian.org/gabrielftg-guest/libcdio/-/merge_requests/1 Thank you so much for writing this pull requests. I wasn't aware that there was a C++ interface in libcdio. I'm actually very new to libcdio; I only came across it because it is a dependency of another project (pragha) that I mantain. I'll review your merge request as soon as possible, then I'll prepare a package for uploading. Initially, and because I was a little uncomfortable with the soname change, I thought about uploading to experimental first. Would that work for you? >Can the version 2.1.0 be pushed into distribution? Please bear in mind that we will have to go through the NEW queue, because of the new binary packages (not just the C++ libraries, but also because of the soname bump on the C library). Cheers, Gabriel
Bug#959545: libmateweather: FTBFS: dh_auto_test: error: make -j4 check VERBOSE=1 returned exit code 2
Control: forwarded -1 https://github.com/mate-desktop/libmateweather/issues/76 Hi, On So 03 Mai 2020 14:55:57 CEST, Lucas Nussbaum wrote: Source: libmateweather Version: 1.24.0-1 Severity: serious Justification: FTBFS on amd64 Tags: bullseye sid ftbfs Usertags: ftbfs-20200501 ftbfs-bullseye Hi, During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part (hopefully): make[2]: Entering directory '/<>/data' xmllint --valid --noout ../data/Locations.xml.in ./check-timezones.sh ./Locations.xml.in Invalid timezones in ./Locations.xml.in: America/Godthab make[2]: *** [Makefile:637: check] Error 1 make[2]: Leaving directory '/<>/data' make[1]: *** [Makefile:490: check-recursive] Error 1 make[1]: Leaving directory '/<>' dh_auto_test: error: make -j4 check VERBOSE=1 returned exit code 2 The full build log is available from: http://qa-logs.debian.net/2020/05/01/libmateweather_1.24.0-1_unstable.log A list of current common problems and possible solutions is available at http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute! About the archive rebuild: The rebuild was done on EC2 VM instances from Amazon Web Services, using a clean, minimal and up-to-date chroot. Every failed build was retried once to eliminate random failures. I have forwarded the above upstream. https://github.com/mate-desktop/libmateweather/issues/76 Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgputhavmdr8K.pgp Description: Digitale PGP-Signatur
Bug#961254: libpam-mklocaluser: stop enforcing logout on initial login
Package: libpam-mklocaluser
Version: 0.17
Severity: important
The libpam-mklocaluser package is a core component of Debian Edu
roaming workstations. It creates a local POSIX user account for users
that exist e.g. in an LDAP database. The libpam-mklocaluser makes it
possible to prep a machine for a user in a way that makes it possible
to take the machine off-site.
The libpam-mklocaluser package especially modifies the user's home
directory when creating this local POSIX user account. Whatever HOME
path people have in LDAP, on the roaming workstation, all users are
shoved into /home/.
Over years, however, there has been a design flaw in the tool which I
could solve last night by reading the pam_python.so code.
The design flaw has been: The current version of libpam-mklocaluser
enforces a session logout when users do their initial login into a
machine. Thus, in class room situations, all students have to login
twice into a notebook/tablet before they can actually use their
computers. This takes a way 5 minutes of the class's lesson and could
be avoided.
Attached is a patch that drops the enforcement of the re-login and
manipulates the HOME env var after the local POSIX user account has
been fully prepared by libpam-mklocaluser.
I'd love to see this issue solved in Debian buster, too.
This implicitly fixes Debian bug #760496.
Greets,
Mike
--
DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940
GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de
diff --git a/debian/pam-python.py b/debian/pam-python.py
index fad6362..4780de1 100755
--- a/debian/pam-python.py
+++ b/debian/pam-python.py
@@ -147,14 +147,8 @@ def check_and_create_localuser(pamh, user):
# FIXME Should be rewritten in python, I guess
runcmd(pamh, "if [ -d /etc/mklocaluser.d ]; then ORIGHOMEDIR='%s'
USER='%s' /bin/run-parts /etc/mklocaluser.d ; fi" % (homedir, user))
- # Let the user know what is going on
- msg = pamh.Message(pamh.PAM_TEXT_INFO,
- "Local user created in /home/, please log in again to
start using it.")
- pamh.conversation(msg)
-
- # Throw out user, as the log process cached the home directory
- # and need to be restarted.
- return pamh.PAM_TRY_AGAIN
+ pamh.env['HOME'] = "/home/%s" % user
+
except Exception as e:
syslog.syslog("Failure while creating local user: %s " % (e))
pass
pgpbXnk9cHRxa.pgp
Description: Digitale PGP-Signatur
Bug#843693: hello
-- Hello hope you are doing great. my name is Gabriel. We can be friends I have important information I would like to share with you Have a great day
Bug#960640: bash-completion: dh_bash-completion needs to record installed files for dh_missing
Hi, Andreas, Could you point out a package that still uses dh_bash-completion? I'm having a hard time finding one so that I can reproduce the problem before working on the fix. Thank you!
Bug#734788: Bonjour
-- Bonjour J'espère que vous allez bien. je m'appelle Gabriel. Nous pouvons être amis J'ai des informations importantes que je voudrais partager avec vous Passez une bonne journée Cordialement, Gabriel
Bug#906072: Ogon packages available (Linux RDP Server)
Hi Marcel, On Do 16 Apr 2020 19:33:51 CEST, marcel wrote: Hi, I just wanted to let you know about ab packaged version of ogon (https://github.com/ogon-project (https://github.com/ogon-project), a linux Remote Desktop Protocol (RDP) server implementation). https://launchpad.net/~linux-ng/+archive/ubuntu/ogon (https://launchpad.net/~linux-ng/+archive/ubuntu/ogon) Maybe this can make it into Debian and helps to get ogon usable for a wider public. I plan to work on Ogon as my next (unpaid) packaging project in Debian. It is awesome that you have already wrapped-up the Ogon components as DEBs. This will ease our day. Main question is, if you'd be interested in co-maintaining Ogon in Debian (and consequently in all derivatives of Debian, thus in Ubuntu). I guess, that Bernhard Miklautz (one of the upstream authors) will also be around for tricky issues and as our contact point on the upstream side. The packaging should ideally happen in the Debian Remote Maintainers' namespace on salsa.debian.org [1]. Have you used Git for doing the DEB packaging of Ogon for your PPA? If so, could you provide access to those repos, so I can pull them over to salsa.debian.org (GitLab)? Furthermore, if you'd be interested in co-maintaining there are several possible cooperation modes possible. I could be your reviewer (and tutor) regarding Debian policy conformant packaging of software (if you'd be interested in becoming a Debian Developer). We could also cooperate in a cross-distro approach: I am responsible for Ogon in Debian, you take care for it in one of its derivatives (e.g. Ubuntu) with proper upload permissions there (a model, Martin Wimpress and have been using for the MATE desktop packaging). Let me know what you think! Mike [1] https://salsa.debian.org/debian-remote-team -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgp1goqHt6pqz.pgp Description: Digitale PGP-Signatur
Bug#960478: xorg-server: Allow XDMCP keepalives to be disabled
Hi Herbert, On Mi 13 Mai 2020 07:28:52 CEST, herbert wrote: Package: xorg-server Version: 2:1.20.4-1 Severity: wishlist As it is, when an XDMCP session is used over TCP keepalive packets are periodically sent and the session is torn down if no replies come back. During a transient network failure, this causes an X session that could otherwise survive just fine to be terminated prematurely. While some may wish for this behaviour, perhaps to avoid a locked-up X terminal, it would be nice if there was an option to either extend the timeout so that failures of a few minutes do not cause the session to be torn down, or even better just disable the keepalives altogether. this is OT here, but you may want to try X2Go. Torn down sessions can be resumed in their previous state if connections fail. X2Go also supports connecting to XDMCP sessions, but makes those XDMCP (more) sessions persistent / robust against connection drop-outs. Greets, Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgptHDpstggAx.pgp Description: Digitale PGP-Signatur
Bug#959477: ITP: ckeditor3 -- Javascript rich text editor for embedding into websites (v3)
Hi Bastien, On Mo 11 Mai 2020 01:32:53 CEST, Bastien ROUCARIES wrote: On Sat, May 2, 2020 at 9:21 PM Mike Gabriel wrote: Package: wnpp Severity: wishlist Owner: Mike Gabriel * Package name: ckeditor3 Version : 3.6.6.1 Upstream Author : Frederico Knabben * URL : http://ckeditor.com/download * License : GPL-2+ Programming Lang: Javascript Description : Javascript rich text editor for embedding into websites (v3) I plan to re-upload ckeditor3 to Debian as part of my initiative to re-provide Horde in Debian. . Unfortunately, Horde upstream has still not moved on to ckeditor4, thus this old version of ckeditor is required for the interim. . Before Debian 11 gets released I plan to provide a patch to Horde Upstream that fixes this problem. ckeditor in debian is 3 by memory nope, ckeditor has been 4.x for a while in Debian... (4.12.1 currently in unstable). Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgpB74K6YJWrI.pgp Description: Digitale PGP-Signatur
Bug#886525: ITP: rt4-extension-mergeusers -- Merge users (Request Tracker)
Hello, On Sun, 07 Jan 2018 23:39:36 +1300 Andrew Ruthven wrote: > Package: wnpp > Severity: wishlist > Owner: Andrew Ruthven > > * Package name: rt4-extension-mergeusers > Version : 1.03 > Upstream Author : Best Practical Solutions, LLC > * URL : https://metacpan.org/release/RT-Extension-MergeUsers > * License : GPL v2 > Programming Lang: Perl > Description : Merge users (Request Tracker) > > This extension allows merging users in Request Tracker. > > You always end up with duplicate users in a ticketing system since people > use different email addresses. This extension provides a mechanism to > manage that better. > > The intial packaging work has been carried but by myself for my employer. > Ongoing maintenance will be by the Debian Request Tracker Group (of which > I'm a member). I'm quite interested in seeing this extension packaged in debian. Do you have your packaging work published somewhere that I could retrieve? signature.asc Description: OpenPGP digital signature
Bug#894998: ITP: rt4-extension-rest2 -- REST2 API extension (Request Tracker)
Hello, On Fri, 06 Apr 2018 14:57:30 +1200 Andrew Ruthven wrote: > Package: wnpp > Severity: wishlist > Owner: Andrew Ruthven > > * Package name: rt4-extension-rest2 > Version : 1.03 > Upstream Author : Best Practical Solutions > * URL : https://metacpan.org/release/RT-Extension-REST2 > * License : GPLv2 > Programming Lang: Perl > Description : REST2 API extension (Request Tracker) > > This extension adds a modern REST API to Request Tracker. > > The existing API for RT is a rather painful RFC822 (yes email) based > system via HTTP. This extension provides a much nicer JSON based RESTful > interface. > > The intial packaging work has been carried but by myself for my employer. > Ongoing maintenance will be by the Debian Request Tracker Group (of which > I'm a member). I'm quite interested in seeing this extension packaged in debian. Do you have your packaging work published somewhere that I could retrieve? signature.asc Description: OpenPGP digital signature
Bug#959944: ITP: xdg-desktop-portal-wlr -- xdg-desktop-portal backend for wlroots
On Do 07 Mai 2020 10:09:14 UTC, Birger Schacht wrote: Package: wnpp Severity: wishlist Owner: Birger Schacht * Package name: xdg-desktop-portal-wlr Version : 0.1.0 Upstream Author : Simon Ser * URL : https://github.com/emersion/xdg-desktop-portal-wlr * License : MIT Programming Lang: C Description : xdg-desktop-portal backend for wlroots This package will provide support for the screenshot, screencast, and possibly remote-desktop xdg-desktop-portal interfaces for wlroots based compositors. I plan to maintain it in the swaywm-team. ping me if uou need a sponsor for this... Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de
Bug#882584: Found the salsa package
Hi Yanu, On Mi 06 Mai 2020 21:44:59 CEST, yanu wrote: On Sun, 15 Mar 2020 12:26:28 + Mike Gabriel wrote: On So 15 Mär 2020 03:10:03 CET, Martin Quinson wrote: > On Sat, Mar 14, 2020 at 09:02:49PM +, Mike Gabriel wrote: >> On Sa 14 Mär 2020 00:36:21 CET, Martin Quinson wrote: >> >> > https://salsa.debian.org/debian-edu-pkg-team/openboard/ >> > >> > could we however modify this git repository to use git-buildpackage? >> > It makes things so much easier to maintain... >> > >> > Thanks for your work, >> > Mt >> >> Sorry, no. I see myself in a constant process of removing more and more >> files from the upstream Git tag/tarball, because files are non-DFSG for this >> or that reason. I am not willing to pollute the salsa repo with these >> changes. > > Ok, you know that better than I do. > >> To get openboard on salsa built, these steps should work: >> >> $ git clone https://salsa.debian.org/debian-edu-pkg-team/openboard.git >> $ cd openboard >> $ debian/rules get-orig-source >> $ debuild -uc -us -S -Zxz -d >> $ dpkg-source -x openboard_.dsc >> $ cd openboard- >> $ debuild -uc -us > > I just tried, and it fails on the last step because of missing > dependencies. Maybe we could add a .gitlab-ci attempting these steps > so that we see where we currently stand? > >> IIRC, the current version on the repo's master branch only works / builds >> well on Debian testing/unstable. I'll try to invest some time on OpenBoard during the next week to bring myself and then you up to speed. I have a long feedback mail (in German) from a teacher in Germany with several suggestions. I'll try to translate the gist of that and post it to you (and the debian-edu-pkg-team's mailing list). I'm on debian/unstable (desktop and laptop) and confirms that openboard is working, not perfect, but good. With the compile-steps from Mike, I could compile all the openboard-packages, after installing a lot of dependencies (I saved the list). openboard - Interactive White Board Application openboard-common - Interactive White Board Application (common files) openboard-dbgsym - debug symbols for openboard openboard-fonts-nonfree - Interactive White Board Application (non-free fonts) As a electric teacher in corana-times, I'm using openboard everyday as my main tool to teach. Once in a while there is a crash, but after a quick restart, nothing is lost. I would like to use this also after they find a vaccin against corona. Then I would like to use it more often to evaluate papers, instead of printing them (saving the trees). Also bought a wacom tablet to draw sketches, graphics, ... The wacom pen-top is melting fast ;-) So, it would be great to have this software in debian repositories. My software-knowledge doesn't go further than some hobby-programming on arduino. I'm willing to donate some developping-time ? Keep up the good work ! I am sorry, that work on this is s delayed. My goal is to get this openboard beast into bullseye. I'll try to give this some prio before the school term ends. Sigh... Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgpNo08Zg4hh_.pgp Description: Digitale PGP-Signatur
Bug#942282: O: php-horde-core -- Core Horde Framework library (AND all php-horde*!)
Hi Juri, On Do 28 Nov 2019 23:18:16 CET, debian wrote: Hello Mike, with this manual https://salsa.debian.org/horde-team/tools/blob/master/README.md I was successfully building horde packages 6 months ago. If you want, you can add me to horde team. Best Regards, Juri Grabowski after php-horde* pkgs have been removed from unstable last week (Mathieu missed my statement of interest in adopting php-horde*), I have re-uploaded the first bulk of packages (ring0.list mainly). Let me know, if you'd still be interested in co-maintaining this massive package pile. I'd add you to Uploaders: and grant you access to the horde-team group on Salsa. Greets, Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgpLSNRCO6Wfr.pgp Description: Digitale PGP-Signatur
Bug#959477: ITP: ckeditor3 -- Javascript rich text editor for embedding into websites (v3)
Package: wnpp Severity: wishlist Owner: Mike Gabriel * Package name: ckeditor3 Version : 3.6.6.1 Upstream Author : Frederico Knabben * URL : http://ckeditor.com/download * License : GPL-2+ Programming Lang: Javascript Description : Javascript rich text editor for embedding into websites (v3) I plan to re-upload ckeditor3 to Debian as part of my initiative to re-provide Horde in Debian. . Unfortunately, Horde upstream has still not moved on to ckeditor4, thus this old version of ckeditor is required for the interim. . Before Debian 11 gets released I plan to provide a patch to Horde Upstream that fixes this problem.
Bug#925444: smokeping: --pid-dir doesn't worj as expected
Hi Cameron, Sorry it took me so much time to reply. I've just now fixed my local discardable VM setup for testing so I'm able to dive in again. On Tue, 11 Feb 2020 11:23:19 +1000 Cameron Davidson wrote: > This has just started hapenning to my also. > > The cause, I think, that evenutally a tmpfile cleanup will delete > /run/smokeping - maybe depends on age and/or because it is not owned by > root. This is very strange.. As I've mentioned earlier in this bug report, the systemd unit file should have a directive (RuntimeDirectory) that automatically creates the directory /run/smokeping. I've just verified and the sysvinit script also does create the directory (albeit under /var/run, but that should be equivalent since /var/run can be expected to symlink to /run). Something that I've just discovered today though is that systemd completely destroys the /run/smokeping directory when the service is stopped. So this might throw some ppl off (myself included!) when trying to debug this. maybe one thing that might be interesting to verify is whether the configuration file points to the right directory for "piddir". In the default configuration that the package ships, the file /etc/smokeping/config.d/pathnames contains the following: root@debian-10-amd64:~# cat /etc/smokeping/config.d/pathnames sendmail = /usr/sbin/sendmail imgcache = /var/cache/smokeping/images imgurl = ../smokeping/images datadir = /var/lib/smokeping piddir = /var/run/smokeping smokemail = /etc/smokeping/smokemail tmail = /etc/smokeping/tmail dyndir = /var/lib/smokeping/__cgi check in this file if "piddir" points either to /var/run/smokeping or /run/smokeping, otherwise try and correct the path. and finally as I mentioned earlier, if smokeping is running in "slave" mode, then --pid-dir behaves differently : it does not create a pid file for some reason. if you're running smokeping using this mode, then take a look at the example file I've added to the package: /usr/share/doc/smokeping/examples/systemd/slave_mode.conf this can be copied in a systemd override directory and then adapted for the master url. the file contains some instructions in comments for where to place it. > One solution (I found for other systemd processes run as non-root) is to > add a config file: > > /usr/lib/tmpfiles.d/smokeping.conf > > Contents should be something like: > > d /run/smokeping 0755 smokeping smokeping - - > > to have systemd recreate the dir when smokeping is started. I believe this should be non-necessary since both the init script and the systemd units have some method to automatically create the directory. If you're still unable to get the pid file to be created by systemd, then maybe I'm missing something out. In this case, tell me a bit more information about your system. e.g. what CPU architecture is being used (amd64, arm64, i386, ...) and what version of systemd your system currently has installed. Cheers! signature.asc Description: OpenPGP digital signature
Bug#959359: ITP: php-horde-sesha -- A simple Inventory App for Horde
Package: wnpp Severity: wishlist Owner: Mike Gabriel Package name: sesha Version : 1.0.0RC3 Upstream Author : Jan Schneider , Ralf Lang URL : http://horde.org/ License : GPL-2.0 Programming Lang: PHP Description : A simple Inventory App for Horde Sesha allows you to define categories with a rich set of attributes to manage your inventory stock . Unfortunately, this package has recently been removed from Debian unstable. . I am planning to re-upload this package and pick up maintenance of Horde in Debian..
Bug#959361: ITP: php-horde-whups -- Ticket-tracking application
Package: wnpp Severity: wishlist Owner: Mike Gabriel Package name: whups Version : 3.0.12 Upstream Author : Chuck Hagenbuch , Jan Schneider URL : http://horde.org/ License : BSD-2-Clause Programming Lang: PHP Description : Ticket-tracking application Whups is a Horde ticket-tracking application. It is very flexible in design, and can be used for help-desk requests, tracking software development, and anything else that needs to track a set of requests and their status. . Unfortunately, this package has recently been removed from Debian unstable. . I am planning to re-upload this package and pick up maintenance of Horde in Debian..
Bug#959362: ITP: php-horde-wicked -- Wiki application
Package: wnpp Severity: wishlist Owner: Mike Gabriel Package name: wicked Version : 2.0.8 Upstream Author : Jan Schneider , Chuck Hagenbuch URL : http://horde.org/ License : GPL-2.0 Programming Lang: PHP Description : Wiki application Wicked is a wiki application for Horde. . Unfortunately, this package has recently been removed from Debian unstable. . I am planning to re-upload this package and pick up maintenance of Horde in Debian..
Bug#959360: ITP: php-horde-scheduler -- Horde Scheduler System
Package: wnpp Severity: wishlist Owner: Mike Gabriel Package name: Horde_Scheduler Version : 2.0.3 Upstream Author : Chuck Hagenbuch URL : http://horde.org/ License : LGPL-2.1 Programming Lang: PHP Description : Horde Scheduler System Horde Scheduler System . Unfortunately, this package has recently been removed from Debian unstable. . I am planning to re-upload this package and pick up maintenance of Horde in Debian..
Bug#959354: ITP: php-horde-xml-wbxml -- Horde_Xml_Wbxml provides an API for encoding and decoding WBXML documents used in SyncML and other wireless applications
Package: wnpp Severity: wishlist Owner: Mike Gabriel Package name: Horde_Xml_Wbxml Version : 2.0.3 Upstream Author : Chuck Hagenbuch , Jan Schneider URL : http://horde.org/ License : LGPL-2.1 Programming Lang: PHP Description : Horde_Xml_Wbxml provides an API for encoding and decoding WBXML documents used in SyncML and other wireless applications Encoding and decoding of WBXML (Wireless Binary XML) documents. WBXML is used in SyncML for transferring smaller amounts of data with wireless devices. . Unfortunately, this package has recently been removed from Debian unstable. . I am planning to re-upload this package and pick up maintenance of Horde in Debian..
Bug#959352: ITP: php-horde-text-filter-jsmin -- Horde Text Filter - Jsmin PHP Driver
Package: wnpp Severity: wishlist Owner: Mike Gabriel Package name: Horde_Text_Filter_Jsmin Version : 1.0.2 Upstream Author : Michael Slusarz URL : http://horde.org/ License : JSMin Programming Lang: PHP Description : Horde Text Filter - Jsmin PHP Driver The JSMin javascript minifier driver for use with the Horde_Text_Filter package. . Unfortunately, this package has recently been removed from Debian unstable. . I am planning to re-upload this package and pick up maintenance of Horde in Debian..
Bug#959355: ITP: php-horde-lz4 -- Horde LZ4 Compression Extension
Package: wnpp Severity: wishlist Owner: Mike Gabriel Package name: horde_lz4 Version : 1.0.10 Upstream Author : Michael Slusarz URL : http://horde.org/ License : MIT (Expat) Programming Lang: PHP Description : Horde LZ4 Compression Extension PHP extension that implements the LZ4 compression algorithm - an extremely fast lossless compression algorithm. . Unfortunately, this package has recently been removed from Debian unstable. . I am planning to re-upload this package and pick up maintenance of Horde in Debian..
Bug#959347: ITP: php-horde-service-gravatar -- API accessor for gravatar.com
Package: wnpp Severity: wishlist Owner: Mike Gabriel Package name: Horde_Service_Gravatar Version : 1.0.1 Upstream Author : Michael Slusarz , Gunnar Wrobel URL : http://horde.org/ License : LGPL-2.1 Programming Lang: PHP Description : API accessor for gravatar.com A library for accessing the Avatar services at gravatar.com. . Unfortunately, this package has recently been removed from Debian unstable. . I am planning to re-upload this package and pick up maintenance of Horde in Debian..
Bug#959340: ITP: php-horde-memcache -- Horde Memcache API
Package: wnpp Severity: wishlist Owner: Mike Gabriel Package name: Horde_Memcache Version : 2.1.1 Upstream Author : Michael Slusarz URL : http://horde.org/ License : LGPL-2.1 Programming Lang: PHP Description : Horde Memcache API Provides an API to access a memcache installation. . Unfortunately, this package has recently been removed from Debian unstable. . I am planning to re-upload this package and pick up maintenance of Horde in Debian..
Bug#959357: ITP: php-horde-ansel -- Photo gallery application
Package: wnpp Severity: wishlist Owner: Mike Gabriel Package name: ansel Version : 3.0.10 Upstream Author : Michael J Rubinsky , Jan Schneider , Chuck Hagenbuch URL : http://horde.org/ License : GPL-2.0 Programming Lang: PHP Description : Photo gallery application Ansel is a full featured photo gallery application. . Unfortunately, this package has recently been removed from Debian unstable. . I am planning to re-upload this package and pick up maintenance of Horde in Debian..
Bug#959349: ITP: php-horde-service-twitter -- Horde Twitter client
Package: wnpp Severity: wishlist Owner: Mike Gabriel Package name: Horde_Service_Twitter Version : 2.1.6 Upstream Author : Michael J Rubinsky URL : http://horde.org/ License : BSD-2-Clause Programming Lang: PHP Description : Horde Twitter client Client libraries for the Twitter REST API. . Unfortunately, this package has recently been removed from Debian unstable. . I am planning to re-upload this package and pick up maintenance of Horde in Debian..
Bug#959348: ITP: php-horde-service-weather -- Horde Weather Provider.
Package: wnpp Severity: wishlist Owner: Mike Gabriel Package name: Horde_Service_Weather Version : 2.5.4 Upstream Author : Michael J Rubinsky URL : http://horde.org/ License : BSD-2-Clause Programming Lang: PHP Description : Horde Weather Provider. Set of classes that provide an abstraction to various online weather service providers. Includes drivers for WeatherUnderground and WorldWeatherOnline. . Unfortunately, this package has recently been removed from Debian unstable. . I am planning to re-upload this package and pick up maintenance of Horde in Debian..
Bug#959353: ITP: php-horde-thrift -- Thrift
Package: wnpp Severity: wishlist Owner: Mike Gabriel Package name: Horde_Thrift Version : 2.0.3 Upstream Author : Chuck Hagenbuch URL : http://horde.org/ License : Apache 2.0 Programming Lang: PHP Description : Thrift Packaged version of the PHP Thrift client . Unfortunately, this package has recently been removed from Debian unstable. . I am planning to re-upload this package and pick up maintenance of Horde in Debian..
Bug#959350: ITP: php-horde-syncml -- Horde_SyncMl provides an API for processing SyncML requests
Package: wnpp Severity: wishlist Owner: Mike Gabriel Package name: Horde_SyncMl Version : 2.0.7 Upstream Author : Jan Schneider URL : http://horde.org/ License : LGPL-2.1 Programming Lang: PHP Description : Horde_SyncMl provides an API for processing SyncML requests Classes for implementing a SyncML server. . Unfortunately, this package has recently been removed from Debian unstable. . I am planning to re-upload this package and pick up maintenance of Horde in Debian..
Bug#959351: ITP: php-horde-test -- Horde testing base classes
Package: wnpp Severity: wishlist Owner: Mike Gabriel Package name: Horde_Test Version : 2.6.3 Upstream Author : Chuck Hagenbuch , Jan Schneider URL : http://horde.org/ License : LGPL-2.1 Programming Lang: PHP Description : Horde testing base classes Horde-specific PHPUnit base classes. . Unfortunately, this package has recently been removed from Debian unstable. . I am planning to re-upload this package and pick up maintenance of Horde in Debian..
Bug#959341: ITP: php-horde-mongo -- Horde Mongo Configuration
Package: wnpp Severity: wishlist Owner: Mike Gabriel Package name: Horde_Mongo Version : 1.1.0 Upstream Author : Michael Slusarz URL : http://horde.org/ License : LGPL-2.1 Programming Lang: PHP Description : Horde Mongo Configuration Provides an API to ensure that the PECL Mongo extension can be used consistently across various Horde packages. . Unfortunately, this package has recently been removed from Debian unstable. . I am planning to re-upload this package and pick up maintenance of Horde in Debian..
Bug#959344: ITP: php-horde-pdf -- Horde PDF library
Package: wnpp Severity: wishlist Owner: Mike Gabriel Package name: Horde_Pdf Version : 2.0.7 Upstream Author : Jan Schneider , Chuck Hagenbuch , Mike Naberezny URL : http://horde.org/ License : LGPL-2.1 Programming Lang: PHP Description : Horde PDF library PDF generation using only PHP, without requiring any external libraries. . Unfortunately, this package has recently been removed from Debian unstable. . I am planning to re-upload this package and pick up maintenance of Horde in Debian..
Bug#959346: ITP: php-horde-service-facebook -- Horde Facebook client
Package: wnpp Severity: wishlist Owner: Mike Gabriel Package name: Horde_Service_Facebook Version : 2.0.10 Upstream Author : Michael J Rubinsky URL : http://horde.org/ License : BSD-2-Clause Programming Lang: PHP Description : Horde Facebook client Client libraries for the Facebook REST API. . Unfortunately, this package has recently been removed from Debian unstable. . I am planning to re-upload this package and pick up maintenance of Horde in Debian..
Bug#959345: ITP: php-horde-scribe -- Scribe
Package: wnpp Severity: wishlist Owner: Mike Gabriel Package name: Horde_Scribe Version : 2.0.3 Upstream Author : Chuck Hagenbuch URL : http://horde.org/ License : Apache 2.0 Programming Lang: PHP Description : Scribe Packaged version of the PHP Scribe client. . Unfortunately, this package has recently been removed from Debian unstable. . I am planning to re-upload this package and pick up maintenance of Horde in Debian..
Bug#959358: ITP: php-horde-passwd -- Horde password changing application
Package: wnpp Severity: wishlist Owner: Mike Gabriel Package name: passwd Version : 5.0.7 Upstream Author : Jan Schneider , Michael Slusarz URL : http://horde.org/ License : GPL-2.0 Programming Lang: PHP Description : Horde password changing application An application to change any user passwords stored in various backends like SQL, LDAP, Kolab, passwd files etc. . Unfortunately, this package has recently been removed from Debian unstable. . I am planning to re-upload this package and pick up maintenance of Horde in Debian..
Bug#959356: ITP: php-horde-service-urlshortener -- Horde_Service_UrlShortener Class
Package: wnpp Severity: wishlist Owner: Mike Gabriel Package name: Horde_Service_UrlShortener Version : 2.0.3 Upstream Author : Michael J Rubinsky URL : http://horde.org/ License : LGPL-2.1 Programming Lang: PHP Description : Horde_Service_UrlShortener Class Interfaces to various URL shortening services. . Unfortunately, this package has recently been removed from Debian unstable. . I am planning to re-upload this package and pick up maintenance of Horde in Debian..
Bug#959343: ITP: php-horde-openxchange -- Open-Xchange Connector
Package: wnpp Severity: wishlist Owner: Mike Gabriel Package name: Horde_OpenXchange Version : 1.0.1 Upstream Author : Jan Schneider URL : http://horde.org/ License : LGPL-2.1 Programming Lang: PHP Description : Open-Xchange Connector Library to interact with Open-Xchange servers. . Unfortunately, this package has recently been removed from Debian unstable. . I am planning to re-upload this package and pick up maintenance of Horde in Debian..
Bug#959342: ITP: php-horde-oauth -- Horde OAuth client/server
Package: wnpp Severity: wishlist Owner: Mike Gabriel Package name: Horde_Oauth Version : 2.0.4 Upstream Author : Chuck Hagenbuch URL : http://horde.org/ License : BSD-2-Clause Programming Lang: PHP Description : Horde OAuth client/server An OAuth consumer (http://oauth.net) and OAuth infrastructure, and in the future will provide an OAuth server. . Unfortunately, this package has recently been removed from Debian unstable. . I am planning to re-upload this package and pick up maintenance of Horde in Debian..
Bug#959339: ITP: php-horde-mapi -- MAPI utility library
Package: wnpp Severity: wishlist Owner: Mike Gabriel Package name: Horde_Mapi Version : 1.0.10 Upstream Author : Michael J Rubinsky URL : http://horde.org/ License : LGPL-2.1 Programming Lang: PHP Description : MAPI utility library Provides various utility classes for dealing with Microsoft MAPI structured data. . Unfortunately, this package has recently been removed from Debian unstable. . I am planning to re-upload this package and pick up maintenance of Horde in Debian..
Bug#959330: ITP: php-horde-hashtable -- Horde Hash Table Interface
Package: wnpp Severity: wishlist Owner: Mike Gabriel Package name: Horde_HashTable Version : 1.2.6 Upstream Author : Michael Slusarz URL : http://horde.org/ License : LGPL-2.1 Programming Lang: PHP Description : Horde Hash Table Interface Provides an abstract API to access various hash table implementations. . Unfortunately, this package has recently been removed from Debian unstable. . I am planning to re-upload this package and pick up maintenance of Horde in Debian..
