Bug#1037346: cyrus-imapd: all emails disappeared after upgrading from bullseye to bookworm (similar to #1007965)
Op 06-02-2024 om 11:34 schreef Jens Georg: Package: cyrus-common Version: 3.2.6-2+deb11u2 Followup-For: Bug #1037346 Some additional information: - You can roll-back to package 3.2 after the upgrade to 3.6, the mailboxes will re-appear again - You might encounter some junk mailboxes from the failed conversion attempt, the remedy is to convert mailboxes.db to text, remove the offending lines, and convert it back to its original format. - The proper may to migrate to 3.6 without hassle is: - Stop cyrus-imapd service - Download and compile 3.4, run ./imap/ctl_cyrusdb -r once (make a copy of /var/lib/cyrus/mailboxes.db beforehand, of course) - Then proceed with the update It seems that the debian package, despite claiming that it has the necessary patches to make the upgrade possible, doesn't. I still have to do the upgrade on a few machines.. Did you do this on Debian 11 or Debian 12? What did you download exactly? Maybe this? https://github.com/cyrusimap/cyrus-imapd/tree/cyrus-imapd-3.4.6 After downloading and go to the right directory something like: systemctl stop cyrus-imap ./configure make sudo make install Did you use any Debian patches? sudo cp -a /var/lib/cyrus/mailboxes.db /path/to/backup/ ./imap/ctl_cyrusdb -r How did you remove this version? Then install the new Debian packages? Bye, Paul -- Paul van der Vlis Linux systeembeheer Groningen https://vandervlis.nl/
Bug#1059473: Fujitsu Lifebook U7511 (SK01)
erial bus controller [0c80]: Intel Corporation Tiger Lake-LP Serial IO I2C Controller #0 [8086:a0e8] (rev 20) Subsystem: Fujitsu Client Computing Limited Tiger Lake-LP Serial IO I2C Controller [1e26:004e] Kernel driver in use: intel-lpss Kernel modules: intel_lpss_pci 00:15.2 Serial bus controller [0c80]: Intel Corporation Tiger Lake-LP Serial IO I2C Controller #2 [8086:a0ea] (rev 20) Subsystem: Fujitsu Client Computing Limited Tiger Lake-LP Serial IO I2C Controller [1e26:004e] Kernel driver in use: intel-lpss Kernel modules: intel_lpss_pci 00:15.3 Serial bus controller [0c80]: Intel Corporation Tiger Lake-LP Serial IO I2C Controller #3 [8086:a0eb] (rev 20) Subsystem: Fujitsu Client Computing Limited Tiger Lake-LP Serial IO I2C Controller [1e26:004e] Kernel driver in use: intel-lpss Kernel modules: intel_lpss_pci 00:16.0 Communication controller [0780]: Intel Corporation Tiger Lake-LP Management Engine Interface [8086:a0e0] (rev 20) Subsystem: Fujitsu Client Computing Limited Tiger Lake-LP Management Engine Interface [1e26:004e] Kernel driver in use: mei_me Kernel modules: mei_me 00:1c.0 PCI bridge [0604]: Intel Corporation Device [8086:a0b8] (rev 20) Subsystem: Fujitsu Client Computing Limited Device [1e26:004e] Kernel driver in use: pcieport 00:1c.7 PCI bridge [0604]: Intel Corporation Tiger Lake-LP PCI Express Root Port #8 [8086:a0bf] (rev 20) Subsystem: Fujitsu Client Computing Limited Tiger Lake-LP PCI Express Root Port [1e26:004e] Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Tiger Lake-LP LPC Controller [8086:a082] (rev 20) Subsystem: Fujitsu Client Computing Limited Tiger Lake-LP LPC Controller [1e26:004e] 00:1f.3 Multimedia audio controller [0401]: Intel Corporation Tiger Lake-LP Smart Sound Technology Audio Controller [8086:a0c8] (rev 20) Subsystem: Fujitsu Client Computing Limited Tiger Lake-LP Smart Sound Technology Audio Controller [1e26:0040] Kernel driver in use: sof-audio-pci-intel-tgl Kernel modules: snd_hda_intel, snd_sof_pci_intel_tgl 00:1f.4 SMBus [0c05]: Intel Corporation Tiger Lake-LP SMBus Controller [8086:a0a3] (rev 20) Subsystem: Fujitsu Client Computing Limited Tiger Lake-LP SMBus Controller [1e26:004e] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.5 Serial bus controller [0c80]: Intel Corporation Tiger Lake-LP SPI Controller [8086:a0a4] (rev 20) Subsystem: Fujitsu Client Computing Limited Tiger Lake-LP SPI Controller [1e26:004e] 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection (13) I219-LM [8086:15fb] (rev 20) Subsystem: Fujitsu Client Computing Limited Ethernet Connection (13) I219-LM [1e26:001a] Kernel driver in use: e1000e Kernel modules: e1000e 01:00.0 Non-Volatile memory controller [0108]: KIOXIA Corporation NVMe SSD Controller BG4 [1e0f:0001] Subsystem: KIOXIA Corporation NVMe SSD Controller BG4 (DRAM-less) [1e0f:0001] Kernel driver in use: nvme Kernel modules: nvme 5b:00.0 SD Host controller [0805]: O2 Micro, Inc. SD/MMC Card Reader Controller [1217:8621] (rev 01) Subsystem: Fujitsu Client Computing Limited SD/MMC Card Reader Controller [1e26:001d] Kernel driver in use: sdhci-pci Kernel modules: sdhci_pci root@laptop:~# root@laptop:~# lsusb Bus 004 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub Bus 003 Device 008: ID 058f:9540 Alcor Micro Corp. AU9540 Smartcard Reader Bus 003 Device 007: ID 298d:2033 Next Biometrics NB-2033-U Bus 003 Device 005: ID 05e3:0608 Genesys Logic, Inc. Hub Bus 003 Device 003: ID 04f2:b703 Chicony Electronics Co., Ltd FJ Camera Bus 003 Device 004: ID 046d:c077 Logitech, Inc. Mouse Bus 003 Device 002: ID 05e3:0608 Genesys Logic, Inc. Hub Bus 003 Device 006: ID 8087:0026 Intel Corp. AX201 Bluetooth Bus 003 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub root@laptop:~# -- Paul van der Vlis Linux systeembeheer Groningen https://vandervlis.nl/
Bug#1058806: HP EliteBook 860 G9 (4C148AV)
Hello Pascal and others, Op 17-12-2023 om 23:21 schreef Pascal Hambourg: On 17/12/2023 à 23:03, Paul van der Vlis wrote: Op 17-12-2023 om 22:36 schreef Pascal Hambourg: It may be an initialization issue: this error has been observed when booting after Windows hibernation or Fast Startup state. There is Windows on the NVMe disk of the laptop. Fastboot and secureboot where off. UEFI/BIOS "fast boot" is not the same as Windows "fast startup". I haven't changed anything in the bios, and I don't know Windows, if it started accidentally then I stopped it again. I have the machine to borrow from a dealer. I have also tested if I could boot the installer with fastboot on or secureboot on. But that dit not work. Debian should work with secure boot on. Also the installer? I was interested and tried it. The Debian installer did not start with secure boot on. I've tried it again now and found in the bios an option "use Microsoft UEFI CA key". This option was off, when I turn it on the Debian installer did start with secure boot on. With regards, Paul -- Paul van der Vlis Linux systeembeheer Groningen https://vandervlis.nl/
Bug#1058806: HP EliteBook 860 G9 (4C148AV)
Hello Pascal, and others, Op 17-12-2023 om 22:36 schreef Pascal Hambourg: On 17/12/2023 at 14:31, Paul van der Vlis wrote: Could it be the issue that was fixed in kernel 6.1.67-1 (available in proposed updates)? The 12.4 installer kernel has the wireless bug but it is uncertain whether it affects the installer or not. What was wrong with the integrated Intel wireless controller ? Do you still have the installer logs (/var/log/installer/syslog) ? I will add the syslog. The error was "iwlwifi: probe of :00:14.3 failed with error -110" (Note for those who are reading this thread through the debian-boot mailing list: the mail with attachment was too big for the mailing list) Ah, maybe the next time better compressed... It was 1.1MB. So it is not related with the recent wireless bug in 6.1.66. It may be an initialization issue: this error has been observed when booting after Windows hibernation or Fast Startup state. There is Windows on the NVMe disk of the laptop. Fastboot and secureboot where off. My goal was to test if Debian would work fine without removing Windows, and it does. I have also tested if I could boot the installer with fastboot on or secureboot on. But that dit not work. See https://bugzilla.kernel.org/show_bug.cgi?id=209641 https://bugzilla.kernel.org/show_bug.cgi?id=201319#c55 for possible workarounds if it happens again. I see I did not use my Debian 12.4 stick, but a Debian 12.1 stick. When you tried the installer again, which version was it ? Again 12.1, because I wanted to see if that the problem was. But it worked, even with 12.1. It's a bit strange install, I did install on an external USB SSD. I do not think it is relevant. I think that too. So Linux hibernation worked fine using an USB disk. With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer Groningen https://vandervlis.nl/
Bug#1058806: HP EliteBook 860 G9 (4C148AV)
Op 16-12-2023 om 22:16 schreef Pascal Hambourg: Hello Paul, On 16/12/2023 at 20:15, Paul van der Vlis wrote: Image version: Debian 12.4 Machine: HP EliteBook 860 G9 (4C148AV) (...) Comments/Problems: I needed an USB dongle to get network. After installation I did use a backport-kernel to get the wifi working. (...) 00:14.3 Network controller: Intel Corporation Alder Lake-P PCH CNVi WiFi (rev 01) According to /usr/share/misc/pci.ids, this device has PCI ID 8086:51f0 which is listed in bookworm's iwlwifi module aliases. You are right, it has PCI ID 8086:51f0. I have tried it again, and cannot reproduce this problem. It works with the kernel of the installer. Sorry for the mistake. With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer Groningen https://vandervlis.nl/
Bug#1058806: HP EliteBook 860 G9 (4C148AV)
v 04) 00:0d.2 USB controller: Intel Corporation Alder Lake-P Thunderbolt 4 NHI #0 (rev 04) 00:0d.3 USB controller: Intel Corporation Alder Lake-P Thunderbolt 4 NHI #1 (rev 04) 00:12.0 Serial controller: Intel Corporation Alder Lake-P Integrated Sensor Hub (rev 01) 00:14.0 USB controller: Intel Corporation Alder Lake PCH USB 3.2 xHCI Host Controller (rev 01) 00:14.2 RAM memory: Intel Corporation Alder Lake PCH Shared SRAM (rev 01) 00:14.3 Network controller: Intel Corporation Alder Lake-P PCH CNVi WiFi (rev 01) 00:15.0 Serial bus controller: Intel Corporation Alder Lake PCH Serial IO I2C Controller #0 (rev 01) 00:16.0 Communication controller: Intel Corporation Alder Lake PCH HECI Controller (rev 01) 00:16.3 Serial controller: Intel Corporation Alder Lake AMT SOL Redirection (rev 01) 00:1c.0 PCI bridge: Intel Corporation Alder Lake PCH-P PCI Express Root Port #9 (rev 01) 00:1e.0 Communication controller: Intel Corporation Alder Lake PCH UART #0 (rev 01) 00:1e.2 Serial bus controller: Intel Corporation Alder Lake SPI Controller (rev 01) 00:1f.0 ISA bridge: Intel Corporation Alder Lake PCH eSPI Controller (rev 01) 00:1f.3 Multimedia audio controller: Intel Corporation Alder Lake PCH-P High Definition Audio Controller (rev 01) 00:1f.4 SMBus: Intel Corporation Alder Lake PCH-P SMBus Host Controller (rev 01) 00:1f.5 Serial bus controller: Intel Corporation Alder Lake-P PCH SPI Controller (rev 01) 02:00.0 Non-Volatile memory controller: Sandisk Corp WD Green SN350 NVMe SSD 1 TB (DRAM-less) 57:00.0 Wireless controller [0d40]: Intel Corporation XMM7560 LTE Advanced Pro Modem (rev 01) lsusb Technology Corp. Gen1 SATA 6Gb/s Bridge Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub Bus 001 Device 004: ID 06cb:00f0 Synaptics, Inc. Bus 001 Device 007: ID 0b95:7720 ASIX Electronics Corp. AX88772 Bus 001 Device 008: ID 8087:0033 Intel Corp. AX211 Bluetooth Bus 001 Device 002: ID 30c9:0040 Luxvisions Innotech Limited HP 5MP Camera Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 004 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub Bus 003 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub -- Paul van der Vlis Linux systeembeheer Groningen https://vandervlis.nl/
Bug#1037346: cyrus-imapd: Stable should have gone from Cyrus 3.2.6 to 3.2.10 first
Hello Yadd, Thanks for all your work on Cyrus-imapd in Debian! On Wed, 19 Jul 2023 06:38:48 +0400 Yadd wrote: the patch needed to update to 3.6 is included in version 3.2.6-2+deb11u2. So the doc should be updated to explain that "we should have upgraded from Cyrus 3.2.6-2 to 3.2.6-2+deb11u2 before going to 3.6.x" I have heard about problems, even when upgrading from 3.2.6-2+deb11u2. Ellie writes: "From the amount of failures reported by people who have let apt upgrade Cyrus for them, I guess there's a step missing in whatever apt does". Is there something missing so far you know? https://cyrus.topicbox.com/groups/info/Ta01e6935b46972c7-Mbb5e079f8d91464da502f947/upgrade-cyrus-on-debian-11-to-12 Is it a good idea to upgrade first to the backported version in Debian 11, and then later to Debian 12? (In this way, I can concentrate on Cyrus first.) I have many mailboxes on my server, some of them are over 20 years old, and some of them contain much data. With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer Groningen https://vandervlis.nl/
Bug#1003703: Print menu does not work well
Package: firefox-esr Version: 91.5.0esr-1 In this version of Firefox there is a new Mozilla print dialog window active, what does not work well. E.g. the default setting of my printer is black/white and double sided printing, but the dialog box displays color and single sided. When I print this way, it becomes black/white and double sided, so not what the print dialog says... It is possible to use the system print dialog box with this setting in about:config: print.tab_modal.enabled false In my opinion this would be a better default. With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer Groningen https://vandervlis.nl/
Bug#989441: Missing Nvidia /lib/firmware/nouveau/nv106_fuc084
Package: firmware-nonfree Version: 20210315-2 I did install a computer with this videocard with Debian 11 RC1: 0b:00.0 VGA compatible controller: NVIDIA Corporation GK208B [GeForce GT 710] (rev a1) This firmware file was missing: /lib/firmware/nouveau/nv106_fuc084 Without it, vdpauinfo did tell that all decoder capabilities where not supported. With the file, some of them where supported. from https://nouveau.freedesktop.org/VideoAcceleration.html $ mkdir /tmp/nouveau $ cd /tmp/nouveau $ wget https://raw.github.com/envytools/firmware/master/extract_firmware.py $ wget http://us.download.nvidia.com/XFree86/Linux-x86/325.15/NVIDIA-Linux-x86-325.15.run $ sh NVIDIA-Linux-x86-325.15.run --extract-only $ python2 extract_firmware.py # this script is for python 2 only # mkdir /lib/firmware/nouveau # cp -d nv* vuc-* /lib/firmware/nouveau/ With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#988797: RC1 installation report
Package: installation-reports I did install Debian on an Acer laptop. The installation went OK, but I have some things to tell: 1. After the installation the 240GB SSD was after a short period full with PCIe AER errors in the logs. I think it's good to tell about errors in the logs, but doing that thousands of times is not OK. After using "PCI=NOAER" the laptop works fine. 2. After the installation the sources.list had a "deb cdrom" line. Important to tell that I've used the official DVD ISO image. This problem was there too in Debian 10. I will add the sources.list. I think most people who use a DVD-iso will use internet to install more packages, and will remove the DVD or stick. I sell Debian DVD's. With regards, Paul van der Vlis - # deb cdrom:[Debian GNU/Linux bullseye-DI-rc1 _Bullseye_ - Official Snapshot amd64 DVD Binary-1 20210415-20:26]/ bul> deb cdrom:[Debian GNU/Linux bullseye-DI-rc1 _Bullseye_ - Official Snapshot amd64 DVD Binary-1 20210415-20:26]/ bulls> deb http://ftp.nl.debian.org/debian/ bullseye main deb-src http://ftp.nl.debian.org/debian/ bullseye main deb http://security.debian.org/debian-security bullseye-security main contrib deb-src http://security.debian.org/debian-security bullseye-security main contrib - -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#932081: Does not work in Buster
So far I see Sogo does not work for e-mail in Buster, because it cannot login to the IMAP server. Even without TLS and database/imap on localhost. Good to see the problems are fixed in testing.
Bug#918917: Please add Firefox to the favorites
Op 05-12-2020 om 14:01 schreef Fabio Fantoni: About gnome-terminal is still present in menu and favorites after upgrade to 4.8, I'll try to check also in clean install (probably in next days). Tried clean install from tasksel and install xterm instead gnome-terminal, after install gnome-terminal is still showed in menu and favorites so gnome-terminal can be maintained as default but must found a way to install it instead of xterm. From a fast search I not found why and where install it. @Norbert: any idea? Not sure how you are testing, but I don't see gnome-terminal in the menu. And I think that's normal because of: OnlyShowIn=GNOME;Unity; in the .desktop file. This is a Debian patch: https://sources.debian.org/patches/gnome-terminal/3.38.1-2/01_onlyshowin.patch/ With regards, Paul -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#918917: Please add Firefox to the favorites
Op 04-12-2020 om 17:41 schreef Fabio Fantoni: Il 04/12/2020 11:15, Norbert Preining ha scritto: I'm definitely for Atril and mate-terminal, G3 stuff is just too anti-user for me. All functionality hidden in a way that you have to search for it again and again (embedded fonts? Print? ...) I added firefox-esr in favorites (in git). Great! About gnome-terminal is still present in menu and favorites after upgrade to 4.8, I'll try to check also in clean install (probably in next days). About Atril I did a fast try and is better as interface (simpler/more intuitive), I also did a fast search and as I feared it does not seem to have a significant development, not even as a porting of patches from evince, significant bugfixes present in evince for years, reported in atril but not backported; and also significant features added in evince and not present in atril (for example https://github.com/mate-desktop/atril/issues/254). It doesn't seem optimal to me neither one nor the other :( You are right, could be better. But it's not that the project is dead, there are patches, 18 days ago the last one. I am using Atril every day and I have never missed this feature. This is not about selecting text but a way to mark text. With regards, Paul -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#918917: Please add Firefox to the favorites
Op 04-12-2020 om 00:06 schreef Norbert Preining: In this case it would be good - and if it isn't a problem - to simply add *both* to the favorites, and only the one present will be shown. Fabio, could you commit the respective change to the experimental branch, please? Sounds great! I suggest mate-terminal. It should show up in cinnamon (when I used it it did). Again, Fabio, if you could push these changes to experimental that would be great. Mate-terminal is very good too! What I also would like to suggest, is to install Atril and to remove Evince as PDF reader. The point with Evince is that the layout is very different from the other programs, it has a Gnome-look. You have to find how you can print, for example. Atril comes from Mate and lookslike all the other programs. With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#918917: Please add Firefox to the favorites
Op 22-11-2020 om 17:53 schreef Fabio Fantoni: And really, there is no Firefox in the favorites, so there is something wrong. Maybe the problem is that it's "firefox-esr" and not "firefox" ? Is correct, it set firefox.desktop, firefox-esr have firefox-esr.desktop instead. @Norbert @Maxy: what do you think is the better do? I think would be good have default favorite working in both debian stable/testing (with only firefox-esr) and ubuntu and derivates (with only firefox) Maybe it's an idea to add them both? There is no firefox-esr in Ubuntu, so I guess it will show no icon like now in Debian. With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#918917: Please add Firefox to the favorites
Op 22-11-2020 om 17:53 schreef Fabio Fantoni: cinnamon-desktop-environment actually have gnome-terminal as default Hmm, you are right. But the menu does not show it. Maybe because of: OnlyShowIn=GNOME;Unity; in /usr/share/applications/org.gnome.Terminal.desktop So maybe better to use another terminal? you can install any of the 22 terminal that provide xfce4-terminal (and remove gnome-terminal if already instealled) without broke/remove cinnamon-desktop-environment metapackage if you want I need a good terminal to do that ;-) With regards, Paul -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#918917: Please add Firefox to the favorites
On Sun, 8 Sep 2019 20:06:30 +0200 Fabio Fantoni wrote: Il 10/01/2019 15:34, Paul van der Vlis ha scritto: > Package: cinnamon > Version: 3.8.8-1 > Severity: wishlist > > Please add Firefox to the favorites in the menu. Hi, was already done in cinnamon 3.0 and is still present: https://salsa.debian.org/cinnamon-team/cinnamon/blob/master/debian/cinnamon.gsettings-override it wasn't as expected? you have installed cinnamon 3.8 or version <3.0 and upgraded until 3.8 (dist-upgrade debian from previous version or using debian testing/sid)? I sell Debian on pre-installed laptops, so I install Debian stable very often. And my default is Cinnamon. And really, there is no Firefox in the favorites, so there is something wrong. Maybe the problem is that it's "firefox-esr" and not "firefox" ? What I also would like is a nice terminal. Normally the Cinnamon-task does only install xterm what's really not nice, so I install xfce-terminal using a script. But even that is a pain, because I need Xterm to do that. I cannot scroll back to see errors, the font is too small, etc. I would like to come in contact with the person who makes the defaults for Cinnamon. With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#969504: This is a i18n issue
When I do: mv ~.mozilla ~.mozilla-backup LANG=C firefox-esr Then everything is OK in English -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#969504: Screenshot
Screenshot after: mv ~/.mozilla ~/.mozilla-backup So with a clean config. https://vandervlis.nl/screenshot.png -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#969504: Certificate manager window is too small, no import button
Package: firefox-esr Version: 68.12.0esr When you want to add a client-certificate, you go to about:preferences | privacy and security | show certificates-button Then the certificate manager window opens, and you have to go to the "your certificates" tab. The default size from this window is too small, you don't see the "import" button. Only if you resize the window you see the button. -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#928952: Problems after security update 9.26a~dfsg-0+deb9u3
Op 13-05-19 om 22:42 schreef Salvatore Bonaccorso: > Do the test packages of > https://people.debian.org/~carnil/tmp/cups-filters/ for cups filter > resolve the issue for you? Yes ;-) With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#928952: Problems after security update 9.26a~dfsg-0+deb9u3
Package: ghostscript Version: 9.26a~dfsg-0+deb9u3 After doing the Ghostscript upgrade from 9.26a~dfsg-0+deb9u2 to 9.26a~dfsg-0+deb9u3 cups did not print anymore at a customer PC. Downgrading the ghostscript package did help. My customer is using a Brother HL-L2365DW connected through USB with "Generic PCL6/PCL XL Printer Foomatic/ljet4d" driver. My Lexmark x546dtn network printer does work fine using postscript after the upgrade, but not using PCL6. I get there: Idle - "Filter failed". I guess there is something wrong with printing PCL6. Workarround: apt install libgs9-common=9.26a~dfsg-0+deb9u2 \ libgs9=9.26a~dfsg-0+deb9u2 ghostscript=9.26a~dfsg-0+deb9u2 systemctl restart cups make a file /etc/apt/preferences.d/ghostscript for pinning: --- Package: libgs9-common Pin: version 9.26a~dfsg-0+deb9u2 Pin-Priority: 1001 Package: libgs9 Pin: version 9.26a~dfsg-0+deb9u2 Pin-Priority: 1001 Package: ghostscript Pin: version 9.26a~dfsg-0+deb9u2 Pin-Priority: 1001 --- apt update With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#928298: LUKS1 encrypting does not work
Package: zulucrypt-gui Version: 5.4.0-3 When I try to encrypt an USB-stick with the default-settings it gives an error and it does not work. First when I choose "LUKS2" it works. Using LUKS1 is the default in Zulucrypt-gui. ( When I insert an not-encrypted USB-stick Zulucrypt-gui does not see it. First when I unmount the stick, Zulucrypt lists it to make it possible to encrypt it.) With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#922065: Bind9 does not start after upgrade because of AppArmor + workarround
Op 12-02-19 om 00:21 schreef Bernhard Schmidt: > Sorry, had a typo in it (_default.nzd.lock vs. _default.nzd-lock). > Please change the filename in /etc/apparmor.d/local/usr.sbin.named to > match the name of the file not being accessible and reload the profile. > > That worked in my quick test. It works here now too ;-) With regards, Paul van der Vlis
Bug#922065: Bind9 does not start after upgrade because of AppArmor + workarround
Op 11-02-19 om 23:49 schreef Bernhard Schmidt: > Am 11.02.19 um 23:32 schrieb Paul van der Vlis: > > Hi Paul, > > please keep the Bug CCed... Ah, sorry. >>>> I upgraded from Debian9 tot Debian10 (testing). After this, bind did not >>>> start. Syslog says it's AppArmor (see syslog below). >>>> >>>> A work-arround is "aa-complain /usr/sbin/named". >>>> You need the package apparmor-utils for that. >>> >>> Are you using "allow-new-zones" in your bind configuration? >> >> Yes. >> >>> Does adding >>> >>> /var/cache/bind/_default.nzd.lock rwk, >> >> With " rwk," at the end? > > Yes, that means "read write lock", which according to the log you showed > was the denied operation. > >> When I do "aa-enforce /usr/sbin/named", then I cannot start Bind9 anymore. > > Please show the aa denials from your syslog in this case. See below. No string with "apparmor" found, but when I run "aa-complain /usr/sbin/named" it works again. > I'll try to reproduce ASAP as well. ;-) Paul -- Feb 11 23:55:14 server named[23092]: mdb_env_open of '_default.nzd' failed: Permission denied Feb 11 23:55:14 server named[23092]: loading configuration: failure Feb 11 23:55:14 server named[23092]: exiting (due to fatal error) Feb 11 23:55:14 server systemd[1]: bind9.service: Control process exited, code=exited, status=1/FAILURE Feb 11 23:55:14 server systemd[1]: bind9.service: Failed with result 'exit-code'. Feb 11 23:55:14 server systemd[1]: Failed to start BIND Domain Name Server. --- root@server:~# ls -l /var/cache/bind/_default.nzd -rw--- 1 bind bind 32768 feb 7 12:39 /var/cache/bind/_default.nzd -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#921654: Disable updates for workarround
Disable Widevine updates for the workarround. If you do not, Widevine will downgrade.
Bug#922065: Bind9 does not start after upgrade because of AppArmor + workarround
Package: bind9 Version: 1:9.11.5.P1+dfsg-1 Severity: normal I upgraded from Debian9 tot Debian10 (testing). After this, bind did not start. Syslog says it's AppArmor (see syslog below). A work-arround is "aa-complain /usr/sbin/named". You need the package apparmor-utils for that. With regards, Paul van der Vlis - Feb 11 15:53:50 server systemd[1]: Starting BIND Domain Name Server... Feb 11 15:53:50 server named[8143]: starting BIND 9.11.5-P1-1-Debian (Extended Support Version) Feb 11 15:53:50 server named[8143]: running on Linux x86_64 4.19.0-2-amd64 #1 SMP Debian 4.19.16-1 (2019-01-17) Feb 11 15:53:50 server named[8143]: built with '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=/usr/include' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc' '--localstate dir=/var' '--disable-silent-rules' '--libdir=/usr/lib/x86_64-linux-gnu' '--libexecdir=/usr/lib/x86_64-linux-gnu' '--disable-maintainer-mode' '--disable-dependency-tracking' '--libdir=/usr/lib/x86_64-linux- gnu' '--sysconfdir=/etc/bind' '--with-python=python3' '--localstatedir=/' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-gost=no' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-libidn2' '--with-libjson=/usr' '--with-lmdb=/usr' '--with-gnu-ld' '--with-geoip=/usr' '--with-atf=no' '--enable-ipv6' '--enable-rrl' '--enable-filter-' '--enable-native-pk cs11' '--with-pkcs11=/usr/lib/softhsm/libsofthsm2.so' '--with-randomdev=/dev/urandom' '--enable-dnstap' '--with-eddsa=no' 'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 -fdebug-prefix-map=/build/bind9-3MF9P u/bind9-9.11.5.P1+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -fno-strict-aliasing -fno-delete-null-pointer-checks -DNO_VERSION_DATE -DDIG_SIGCHASE' 'LDFLAGS=-Wl,-z,relro -Wl,-z,now' ' CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2' Feb 11 15:53:50 server named[8143]: running as: named -u bind Feb 11 15:53:50 server named[8143]: compiled by GCC 8.2.0 Feb 11 15:53:50 server named[8143]: compiled with OpenSSL version: OpenSSL 1.1.1a 20 Nov 2018 Feb 11 15:53:50 server named[8143]: linked to OpenSSL version: OpenSSL 1.1.1a 20 Nov 2018 Feb 11 15:53:50 server named[8143]: compiled with libxml2 version: 2.9.4 Feb 11 15:53:50 server named[8143]: linked to libxml2 version: 20904 Feb 11 15:53:50 server named[8143]: compiled with libjson-c version: 0.12.1 Feb 11 15:53:50 server named[8143]: linked to libjson-c version: 0.12.1 Feb 11 15:53:50 server named[8143]: threads support is enabled Feb 11 15:53:50 server named[8143]: Feb 11 15:53:50 server named[8143]: BIND 9 is maintained by Internet Systems Consortium, Feb 11 15:53:50 server named[8143]: Inc. (ISC), a non-profit 501(c)(3) public-benefit Feb 11 15:53:50 server named[8143]: corporation. Support and training for BIND 9 are Feb 11 15:53:50 server named[8143]: available at https://www.isc.org/support Feb 11 15:53:50 server named[8143]: Feb 11 15:53:50 server named[8143]: adjusted limit on open files from 524288 to 1048576 Feb 11 15:53:50 server named[8143]: found 4 CPUs, using 4 worker threads Feb 11 15:53:50 server named[8143]: using 3 UDP listeners per interface Feb 11 15:53:50 server named[8143]: using up to 4096 sockets Feb 11 15:53:50 server named[8143]: loading configuration from '/etc/bind/named.conf' Feb 11 15:53:50 server named[8143]: /etc/bind/named.conf.options:28: '127.0.0.1/8': address/prefix length mismatch Feb 11 15:53:50 server named[8143]: reading built-in trust anchors from file '/etc/bind/bind.keys' Feb 11 15:53:50 server named[8143]: initializing GeoIP Country (IPv4) (type 1) DB Feb 11 15:53:50 server named[8143]: GEO-106FREE 20181108 Build Feb 11 15:53:50 server named[8143]: initializing GeoIP Country (IPv6) (type 12) DB Feb 11 15:53:50 server named[8143]: GEO-106FREE 20181108 Build Feb 11 15:53:50 server named[8143]: GeoIP City (IPv4) (type 2) DB not available Feb 11 15:53:50 server named[8143]: GeoIP City (IPv4) (type 6) DB not available Feb 11 15:53:50 server named[8143]: GeoIP City (IPv6) (type 30) DB not available Feb 11 15:53:50 server named[8143]: GeoIP City (IPv6) (type 31) DB not available Feb 11 15:53:50 server named[8143]: GeoIP Region (type 3) DB not available Feb 11 15:53:50 server named[8143]: GeoIP Region (type 7) DB not available Feb 11 15:53:50 server named[8143]: GeoIP ISP (type 4) DB not available Feb 11 15:53:50 server named[8143]: G
Bug#921654: Old Widevine version
Firefox-esr 60.5.0esr-1~deb9u1 tries to install Widevine 1.4.8.1008, but the installation fails. Firefox 65 from mozilla.org installs Widevine 4.10.1196.0 in ~/.mozilla. This installation succeeds, and after that EME works. After that Firefox-esr 60.5.0esr-1~deb9u1 works too. I did not found a way to install Widevine 4.10.1196.0 with firefox-esr 60.5.0esr-1~deb9u1. -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#921654: Widevine EME DRM does not work anymore + workarround
Package: firefox-esr Version: 60.5.0esr-1~deb9u1 Severity: normal After the latest security update, the Widevine DRM plugin is downloading but never get installed when going to an website what expects EME like: https://bitmovin.com/demos/drm https://www.npostart.nl/live/npo-1 I have also tested this "clean" (without .mozilla directory), but it does not work. When I download Firefox 65 from Mozilla, unpack it in my homedirectory and click on "firefox", FF 65 starts and I can install Widevine. After that, I can play video with 60.5.0esr-1~deb9u1 ! With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#918921: Please make Atril the default viewer for PDF-files
Package: cinnamon Version: 3.8.8-1 Severity: wishlist I would prefer Atril as the default PDF-viewer in Cinnamon. The problem with Evince is, that the layout is very different from the other programs in Cinnamon. With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#918917: Please add Firefox to the favorites
Package: cinnamon Version: 3.8.8-1 Severity: wishlist Please add Firefox to the favorites in the menu. With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#910397: closed by Mike Hommey (Bug#910397: fixed in firefox-esr 60.3.0esr-2)
Nice to hear this bug is fixed! I cannot find Firefox version 60.3.0esr-2 in the Debian repositories at the moment, so I cannot check if the problem is gone for me too. With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#909000: Fixed for new point release
First I did not understand this fix. But now I see the new version is in proposed-updates. So it's in the queue for the new Debian 9.6. https://release.debian.org/proposed-updates/stable.html
Bug#910397: Firefox 60.3.0esr, same problem
Firefox 60.3.0esr has the same problem. Tested with both Linkello and meet.jit.si.
Bug#909000: Enigmail 2.0 needed in Stretch after Thunderbird 60 upload
Op 22-10-18 om 14:28 schreef Fabián Rodríguez: > For now the only workaround seems to be manual installation via > Thunderbird's addons. No, see my earlier message in this bug with the title "workarround". Works fine for me. With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#909000: Thunderbird 60 cannot STILL be at stretch normal repository
Op 15-10-18 om 22:16 schreef Jonas Meurer: > Hello, > > On Wed, 10 Oct 2018 19:19:53 +0200 Narcis Garcia > wrote: >> Stable packages aren't ready for Thunderbird 60 presence. >> It's better to wait for better repository consistence before adding this >> update. > > With keeping Thunderbird at version 52 in stretch you mean to keep the > packages with known security vulnerabilites? For obvious reasons, that's > not an option. In my opinion, "main" is the wrong place for Thunderbird (and Firefox). When it's not possible to keep them secure in the old version, they should be removed from main. And I think "backports" would be a good alternative. But this is another discusson... -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#910397: Contact Bistri support
I had contact with Bistri support. They say the problem is solved in Firefox 60.2.3esr.
Bug#910397: Tab crashes while connecting webrtc video conferencing
Op 08-10-18 om 19:46 schreef Julien Cristau: > On Fri, Oct 5, 2018 at 23:53:46 +0200, Paul van der Vlis wrote: > >> Package: firefox-esr >> Version: 60.2.2esr-1~deb9u1 >> >> When I connect with webrtc microphone and webcam the Firefox tab crashes >> when the second person connects. Both sides are crashing. This is since >> version 60, before no problem. Also no problem with Chromium. >> >> Easy to test without account with e.g.: >> https://linkello.com >> https://meet.jit.si >> > Hitting something that looks suspiciously like this, on appear.in. > > Example report from about:crashes: > https://crash-stats.mozilla.org/report/index/1478bfee-aa7c-4307-a5c3-cb7460181008 I get this report from about:crashes when I test on linkello.com: https://crash-stats.mozilla.com/report/index/a5b29379-d476-4f83-84c6-2694f0181010 I get the same report on both machines (you need 2 machines connecting to reproduce this problem). Paul -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#910397: Tab crashes while connecting webrtc video conferencing
Package: firefox-esr Version: 60.2.2esr-1~deb9u1 When I connect with webrtc microphone and webcam the Firefox tab crashes when the second person connects. Both sides are crashing. This is since version 60, before no problem. Also no problem with Chromium. Easy to test without account with e.g.: https://linkello.com https://meet.jit.si With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#909743: Wrong upstream version check
Package: qemu Version: 1:2.12+dfsg-3 https://tracker.debian.org/pkg/qemu says: "A new upstream version is available: 3.0.0-rc4". But version 3.0 is already released last month. So there is something wrong with the script what checks the upstream version I guess. With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#909000: Workarround
As a workarround you can install gnupg from backports and enigmail from testing. I guess Daniel will also backport Enigmail 2.0.8 now it's in testing. -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#893800: installation-reports: Not loading free Atheros 9170 wireless firmware
Package: installation-reports Severity: normal Dear Maintainer, This report is about Debian Installer Buster Alpha 2 release. But in Debian Jessie the situation is the same. When I try to use an Netgear WN111 v2 USB stick with Atheros 9170 chipset, it will not be detected by the installer. After loading the installion modules from CD (or in my case USB-stick), I have to remove the stick and plug it in again. Then the firmware is loaded and it is detected by the installer. With regards, Paul van der Vlis -- Package-specific info: Boot method: Image version: Date: Machine: Partitions: Base System Installation Checklist: [O] = OK, [E] = Error (please elaborate below), [ ] = didn't try it Initial boot: [ ] Detect network card:[ ] Configure network: [ ] Detect CD: [ ] Load installer modules: [ ] Clock/timezone setup: [ ] User/password setup:[ ] Detect hard drives: [ ] Partition hard drives: [ ] Install base system:[ ] Install tasks: [ ] Install boot loader:[ ] Overall install:[ ] Comments/Problems: -- Please make sure that the hardware-summary log file, and any other installation logs that you think would be useful are attached to this report. Please compress large files using gzip. Once you have filled out this report, mail it to sub...@bugs.debian.org. == Installer lsb-release: == DISTRIB_ID=Debian DISTRIB_DESCRIPTION="Debian GNU/Linux installer" DISTRIB_RELEASE="8 (jessie) - installer build 20150422+deb8u4" X_INSTALLATION_MEDIUM=cdrom == Installer hardware-summary: == uname -a: Linux laptop 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt25-2 (2016-04-08) x86_64 GNU/Linux lspci -knn: 00:00.0 Host bridge [0600]: Intel Corporation 3rd Gen Core processor DRAM Controller [8086:0154] (rev 09) lspci -knn: Subsystem: Lenovo Device [17aa:21fa] lspci -knn: Kernel driver in use: ivb_uncore lspci -knn: 00:02.0 VGA compatible controller [0300]: Intel Corporation 3rd Gen Core processor Graphics Controller [8086:0166] (rev 09) lspci -knn: Subsystem: Lenovo Device [17aa:21fa] lspci -knn: 00:14.0 USB controller [0c03]: Intel Corporation 7 Series/C210 Series Chipset Family USB xHCI Host Controller [8086:1e31] (rev 04) lspci -knn: Subsystem: Lenovo Device [17aa:21fa] lspci -knn: Kernel driver in use: xhci_hcd lspci -knn: 00:16.0 Communication controller [0780]: Intel Corporation 7 Series/C210 Series Chipset Family MEI Controller #1 [8086:1e3a] (rev 04) lspci -knn: Subsystem: Lenovo Device [17aa:21fa] lspci -knn: 00:19.0 Ethernet controller [0200]: Intel Corporation 82579LM Gigabit Network Connection [8086:1502] (rev 04) lspci -knn: Subsystem: Lenovo Device [17aa:21f3] lspci -knn: Kernel driver in use: e1000e lspci -knn: 00:1a.0 USB controller [0c03]: Intel Corporation 7 Series/C210 Series Chipset Family USB Enhanced Host Controller #2 [8086:1e2d] (rev 04) lspci -knn: Subsystem: Lenovo Device [17aa:21fa] lspci -knn: Kernel driver in use: ehci-pci lspci -knn: 00:1b.0 Audio device [0403]: Intel Corporation 7 Series/C210 Series Chipset Family High Definition Audio Controller [8086:1e20] (rev 04) lspci -knn: Subsystem: Lenovo Device [17aa:21fa] lspci -knn: 00:1c.0 PCI bridge [0604]: Intel Corporation 7 Series/C210 Series Chipset Family PCI Express Root Port 1 [8086:1e10] (rev c4) lspci -knn: Kernel driver in use: pcieport lspci -knn: 00:1c.1 PCI bridge [0604]: Intel Corporation 7 Series/C210 Series Chipset Family PCI Express Root Port 2 [8086:1e12] (rev c4) lspci -knn: Kernel driver in use: pcieport lspci -knn: 00:1c.2 PCI bridge [0604]: Intel Corporation 7 Series/C210 Series Chipset Family PCI Express Root Port 3 [8086:1e14] (rev c4) lspci -knn: Kernel driver in use: pcieport lspci -knn: 00:1d.0 USB controller [0c03]: Intel Corporation 7 Series/C210 Series Chipset Family USB Enhanced Host Controller #1 [8086:1e26] (rev 04) lspci -knn: Subsystem: Lenovo Device [17aa:21fa] lspci -knn: Kernel driver in use: ehci-pci lspci -knn: 00:1f.0 ISA bridge [0601]: Intel Corporation QM77 Express Chipset LPC Controller [8086:1e55] (rev 04) lspci -knn: Subsystem: Lenovo Device [17aa:21fa] lspci -knn: 00:1f.2 SATA controller [0106]: Intel Corporation 7 Series Chipset Family 6-port SATA Controller [AHCI mode] [8086:1e03] (rev 04) lspci -knn: Subsystem: Lenovo Device [17aa:21fa] lspci -knn: Kernel driver in use: ahci lspci -knn: 00:1f.3 SMBus [0c05]: Intel Corporation 7 Series/C210 Series Chipset Family SMBus Controller [8086:1e22] (rev 04) lspci -knn: Subsystem: Lenovo Device [17aa:21fa] lspci -knn: 02:00.0 System peripheral [0880]: Ricoh Co Ltd PCIe SDXC/MMC Host Controller [1180:e823] (rev 07) lspci -knn: Subsystem: Lenovo Device [17aa:21fa] lspci -knn: Ke
Bug#872150: davmail: A backport would be nice
Package: davmail Version: 4.8.0.2479-2 Severity: wishlist Dear Maintainer, A backport for version 4.8 would be nice, because of many fixed problems. With regards, Paul van der Vlis
Bug#870073: [Pkg-mozext-maintainers] Bug#870073: gnome-keyring hijacking gpg-agent on jessie
Op 08-08-17 om 00:57 schreef Daniel Kahn Gillmor:> On Mon 2017-08-07 19:57:41 +0200, Paul van der Vlis wrote: >> I did now as root: >> dpkg-divert --local --rename --divert \ >> /etc/xdg/autostart/gnome-keyring-gpg.desktop-disable \ >> --add /etc/xdg/autostart/gnome-keyring-gpg.desktop >> >> And I logged out and in again. Now I can use Enigmail, but it works not >> really nice. Before I could turn-on encrypting and signing using the >> menu. Now it says default "encrypt (auto)" and it's not clear if it's >> encrypting or not. If I click on it, it says "encrypt" without "(auto)" >> and then it works, but I cannot turn it off anymore using the menu. But >> maybe this is new and normal. > > Are you talking about during message composition? Yes. > there is a big enigmail toolbar that should be at the top of each > composition window. it has two buttons, one for signing, and one for > encryption. those buttons should be very clear whether they're selected > or not. If you don't have the toolbar, maybe its been customized away? That's possible. > can you do "View | Toolbars | Enigmail Toolbar" ? This helps! > I think maybe the other report that you're making here is that the > checkboxes on thunderbird 53 menus on jessie are not visible. Correct. > I can confirm that: > I've cloned this bug to document that problem and bring it to the > attention of the thunderbird devs. Nice to hear. >> So I think what other people with this probleme have to do is: >> - >> echo "use-agent" >> ~/.gnupg/gpg.conf >> >> sudo dpkg-divert --local --rename --divert \ >> /etc/xdg/autostart/gnome-keyring-gpg.desktop-disable \ >> --add /etc/xdg/autostart/gnome-keyring-gpg.desktop >> >> logout and login again. >> - > > That sounds plausible. i could even consider shipping the > dpkg-diversion in the jessie version of enigmail, if the gnome-keyring > maintainers are OK with it. (or they could ship an update in jessie > that disables it too) Maybe think about it. A message after the upgrade of Enigmail would be an simple alternative. > But really, users should be encouraged to upgrade to stretch :) I have many customers who buy a laptop with Debian from me, but do not come when there is a new version. And organizations what cannot upgrade before much testing. Jessie has security support, and that is important. With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#870073: [Pkg-mozext-maintainers] Bug#870073: enigmail: Does not encrypt and gives alerts after upgrade to Thunderbird 52
Hello Daniel, Op 07-08-17 om 18:57 schreef Daniel Kahn Gillmor: > Control: retitle 870073 enigmail: [jessie only] enigmail needs access to a > running gpg-agent > > On Sun 2017-08-06 16:16:18 +0200, Paul van der Vlis wrote: >> Op 31-07-17 om 23:38 schreef Daniel Kahn Gillmor: >>> I haven't seen this message at all. are you certain that gpg-agent is >>> running? >> >> I don't see it when I using "ps aux". > > ok, this is an issue that is specific to debian jessie only. on stretch > and later, the gpg-agent has an autolaunch mechanism that avoids these > problems entirely. Aha. >>> Do you ever see a dialog box that prompts you for your gpg >>> password? >> >> When I first use Enigmail I am asked for a password. After that, I can >> use Enigmail without any question about a password (I don't like this >> behaviour. But I don't know how to turn it off). > > It sounds like enigmail is auto-launching an agent during key > generation, and using it for the rest of the session. I'd imagine if > you "killall gpg-agent" after key creation you will find that enigmail > no longer works. I have not created a keypair, I have an excisting keypair what I use. > enigmail 1.9.8.1 expects gpg to use a gpg agent process. It does not > prompt the user for a passphrase during normal use. Aha. >>> Can you try adding "use-agent" to your ~/.gnupg/gpg.conf and then >>> logging out and logging back in again? >> >> Yes, the behaviour is still there when I use "use-agent" in >> ~/.gnupg/gpg.conf and logout and login again. >> >> But then I see gpg-agent running with "ps aux". > > this is strange. what do the following commands show when you've logged > in with "use-agent" running? > > > echo $GPG_AGENT_INFO /run/user/1000/keyring/gpg:0:1 > gpg-connect-agent 'getinfo socket_name' /bye ERR 280 not implemented >> The following tests are without "use-agent" in my gpg.conf. > > you should put use-agent in gpg.conf if you want to use enigmail I've done that now, but it does not work OK. > -- or > you should upgrade to stretch where it is on by default. :) I would like to find out this problem first. >>> As a workaround, please also try closing thunderbird and then >>> re-launching it with the following command: >>> >>> gpg-agent --daemon thunderbird >>> >>> Does that cause the error message to go away? >> >> Now, I get another dialog window asking me for the password. It has >> "pinentry" in the title. >> I don't get an error anymore while decrypting. >> Encryption seems to be OK, and asks again for a password. >> >> So this looks-like OK, but different as normal. > > this is a workaround for you not having "use-agent" in your gpg.conf. I think it's also a workarround for the Gnome-keyring-hijaking... >> Maybe this is interesting: >> gpg: WARNING: The GNOME keyring manager hijacked the GnuPG agent. >> gpg: WARNING: GnuPG will not work properly - please configure that tool >> to not interfere with the GnuPG system! >> >> I am using Cinnamon as my desktop-environment, and GDM3 as display manager. > > please see: > >https://wiki.gnupg.org/GnomeKeyring I did now as root: dpkg-divert --local --rename --divert \ /etc/xdg/autostart/gnome-keyring-gpg.desktop-disable \ --add /etc/xdg/autostart/gnome-keyring-gpg.desktop And I logged out and in again. Now I can use Enigmail, but it works not really nice. Before I could turn-on encrypting and signing using the menu. Now it says default "encrypt (auto)" and it's not clear if it's encrypting or not. If I click on it, it says "encrypt" without "(auto)" and then it works, but I cannot turn it off anymore using the menu. But maybe this is new and normal. > for information about gnome-keyring and gpg-agent. modern versions of > gnome-keyring and gpg-agent play nicer together. > >> 2017-08-06 16:00:06.149 [DEBUG] enigmail.js: detectGpgAgent: >> GPG_AGENT_INFO='/run/user/1000/keyring/gpg:0:1' > > This is very surprising to me, especially for gpg-agent 2.0.26. I don't > think that version of gpg-agent used /run/user -- i would expect it > instead to use something like /tmp/gpg-1uGi7D/S.gpg-agent:679:1 > > where is this value coming from? have you modified any config files, or > tried to mix packages across versions of the distro? No, my installation is "clean". I don't do strange things on this production machine. But maybe I have co
Bug#870073: [Pkg-mozext-maintainers] Bug#870073: enigmail: Does not encrypt and gives alerts after upgrade to Thunderbird 52
Hello Daniel, Sorry for my late responce! Op 31-07-17 om 23:38 schreef Daniel Kahn Gillmor: > Control: tags 870073 + moreinfo unreproducible > > Hi Paul-- > > I have a jessie system with the exact same versions of the software > described here, and i'm not seeing this behavior. Can you help me to > replicate it? I will try... > On Sat 2017-07-29 15:20:33 +0200, Paul van der Vlis wrote: >> >> When I read an encrypted message in Thunderbird, I get this warning: >> -- >> Enigmail Alert: >> GnuPG reported an error in the communication with gpg-agent (a component of >> GnuPG). >> This is a system setup or configuration error that prevents Enigmail from >> working properly and cannot be fixed automatically. >> We strongly recommend that you consult our support web site at >> https://enigmail.net/faq. >> -- >> After this, the message is decrypted. > > I haven't seen this message at all. are you certain that gpg-agent is > running? I don't see it when I using "ps aux". > Do you ever see a dialog box that prompts you for your gpg > password? When I first use Enigmail I am asked for a password. After that, I can use Enigmail without any question about a password (I don't like this behaviour. But I don't know how to turn it off). > Can you try adding "use-agent" to your ~/.gnupg/gpg.conf and then > logging out and logging back in again? Yes, the behaviour is still there when I use "use-agent" in ~/.gnupg/gpg.conf and logout and login again. But then I see gpg-agent running with "ps aux". The following tests are without "use-agent" in my gpg.conf. > As a workaround, please also try closing thunderbird and then > re-launching it with the following command: > > gpg-agent --daemon thunderbird > > Does that cause the error message to go away? Now, I get another dialog window asking me for the password. It has "pinentry" in the title. I don't get an error anymore while decrypting. Encryption seems to be OK, and asks again for a password. So this looks-like OK, but different as normal. The following tests are with Thunderbird starting in the normal way (by clicking on the icon). >> But when I sent a message to somebody with a PGP key in my keyring, >> the message is normally encrypted. But not now, and I do not get a >> warning about that. > > If you open up the "Enigmail" menu (from the "hamburger" menu on the > right-hand of the toolbar)> and choose "Preferences", and then click > "Display Expert Settings and Menus", then you'll have more debugging > options visible to you. > once you've got that checked, the "Enigmail" menu should have "Debugging > Options" which shows "View Console" and "View Log". can you send some > details from those to this bug report, if they seem safe to publish? > (if they do not seem safe to publish, or you are unsure, but you're OK > sharing them with me, you can encrypt them with key > 0EE5BE979282D80B9F7540F1CCD2ED94D21739E9 and e-mail them to me > privately). Maybe this is interesting: gpg: WARNING: The GNOME keyring manager hijacked the GnuPG agent. gpg: WARNING: GnuPG will not work properly - please configure that tool to not interfere with the GnuPG system! I am using Cinnamon as my desktop-environment, and GDM3 as display manager. Console: --- Initializing Enigmail service ... EnigmailAgentPath=/usr/bin/gpg2 enigmail> /usr/bin/gpg2 --version --version --batch --no-tty --charset utf-8 --display-charset utf-8 gpg (GnuPG) 2.0.26 libgcrypt 1.6.3 Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Home: ~/.gnupg Ondersteunde algoritmes: Publieke sleutel: RSA, RSA, RSA, ELG, DSA Versleutelingsalgoritme: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 Hashalgoritme: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compressiealgoritme: Niet gecomprimeerd, ZIP, ZLIB, BZIP2 enigmail> /usr/bin/gpg2 --charset utf-8 --display-charset utf-8 --use-agent --batch --no-tty --status-fd 2 --max-output 356600 --decrypt enigmail> /usr/bin/gpg2 --charset utf-8 --display-charset utf-8 --use-agent --batch --no-tty --status-fd 2 --max-output 356600 --decrypt enigmail> /usr/bin/gpg2 --charset utf-8 --display-charset utf-8 --use-agent --batch --no-tty --status-fd 2 --max-output 356600 --decrypt Log: Enigmail version 1.9.8.1 OS/CPU
Bug#869774: [SECURITY] [DSA 3921-1] enigmail update
Hello, I've tried today the upgrade, but there was no new version. When I look at the end of this page: https://packages.debian.org/jessie/enigmail Then I see architecture "all" with version 2:1.9.8.1-1~deb8u1, and e.g. architecture amd64 with version 2:1.8.2-4~deb8u1. I think the last one is used, and that's the old one. For Stretch, there is only an architecture "all". With regards, Paul van der Vlis. Op 28-07-17 om 21:16 schreef Moritz Muehlenhoff: > - > Debian Security Advisory DSA-3921-1 secur...@debian.org > https://www.debian.org/security/ Moritz Muehlenhoff > July 28, 2017 https://www.debian.org/security/faq > - > > Package: enigmail > Debian Bug : 869774 > > In DSA 3918 Thunderbird was upgraded to the latest ESR series. This > update upgrades Enigmail, the OpenPGP extention for Thunderbird, > to version 1.9.8.1 to restore full compatibility. > > For the oldstable distribution (jessie), this problem has been fixed > in version 2:1.9.8.1-1~deb8u1. > > For the stable distribution (stretch), this problem has been fixed in > version 2:1.9.8.1-1~deb9u1. > > We recommend that you upgrade your enigmail packages. > > Further information about Debian Security Advisories, how to apply > these updates to your system and frequently asked questions can be > found at: https://www.debian.org/security/ > > Mailing list: debian-security-annou...@lists.debian.org > -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#869774: thunderbird 52 needs enigmail 1.9.8 or later
Op 27-07-17 om 20:52 schreef Daniel Kahn Gillmor: > On Thu 2017-07-27 17:23:25 +0200, Paul van der Vlis wrote: >> On Thu, 27 Jul 2017 09:59:46 -0400 Daniel Kahn Gillmor >> wrote: >> >>> I can confirm that enigmail 2:1.9.8.1-1 (from debian testing) installs >>> successfully on jessie and that it appears to fix the underlying >>> problem. >> >> My experience is different: it installs without a problem, it gives >> warnings while decrypting. And it looks-like it encrypts, but it sent >> plain text. > > yikes. this is a particularly scary failure mode, and i think it is > distinct from the report here, which includes messages simply failing to > send (esp. those with attachments) and some buttons or UI elements being > unresponsive. > > Could you open this as a separate issue in the debian BTS? can you help > me to reproduce the behavior you're describing? I haven't see that yet. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870073 >> When I install it from Mozilla, it has the same problem on my machine, I >> am now back to Thunderbird 45 as a work-arround, what works fine. > > glad there's a workaround, but it doesn't sound like something > particularly sustainable long term. if you can help me replicate the > "looks-encrypted-but-sends-in-the-clear" failure mode? When I answer an encrypted message of somebody in my keyring, I expect that the message will become encrypted. But that's not the case. It's sent unencrypted without a warning. With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#870073: enigmail: Does not encrypt and gives alerts after upgrade to Thunderbird 52
Package: enigmail Version: 2:1.9.8.1-1~deb8u1 Severity: important Dear Maintainer, After the security upgrade to Thunderbird version 52.2.1 Enigmail did not work anymore. I've tried now Enigmail version 2:1.9.8.1-1~deb8u1 but it has the same problem. Because I could not install this version of Enigmail using apt, I've downloaded it from here: http://security.debian.org/debian- security/pool/updates/main/e/enigmail/enigmail_1.9.8.1-1~deb8u1_all.deb And installed it with "dpkg -i". When I read an encrypted message in Thunderbird, I get this warning: -- Enigmail Alert: GnuPG reported an error in the communication with gpg-agent (a component of GnuPG). This is a system setup or configuration error that prevents Enigmail from working properly and cannot be fixed automatically. We strongly recommend that you consult our support web site at https://enigmail.net/faq. -- After this, the message is decrypted. But when I sent a message to somebody with a PGP key in my keyring, the message is normally encrypted. But not now, and I do not get a warning about that. With Thunderbird 45 I did not have these problems. With regards, Paul van der Vlis -- System Information: Debian Release: 8.9 APT prefers oldstable-updates APT policy: (500, 'oldstable-updates'), (500, 'oldstable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-0.bpo.3-amd64 (SMP w/2 CPU cores) Locale: LANG=nl_NL.utf8, LC_CTYPE=nl_NL.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages enigmail depends on: ii gnupg 1.4.18-7+deb8u3 ii gnupg-agent2.0.26-6+deb8u1 ii gnupg2 2.0.26-6+deb8u1 ii icedove1:52.2.1-4~deb8u1 ii thunderbird [icedove] 1:52.2.1-4~deb8u1 Versions of packages enigmail recommends: ii pinentry-gtk2 [pinentry-x11] 0.8.3-2 enigmail suggests no packages.
Bug#869774: thunderbird 52 needs enigmail 1.9.8 or later [was: Re: Bug#869774: Corrections - propably wrong cause]
On Thu, 27 Jul 2017 09:59:46 -0400 Daniel Kahn Gillmor wrote: > I can confirm that enigmail 2:1.9.8.1-1 (from debian testing) installs > successfully on jessie and that it appears to fix the underlying > problem. My experience is different: it installs without a problem, it gives warnings while decrypting. And it looks-like it encrypts, but it sent plain text. When I install it from Mozilla, it has the same problem on my machine, I am now back to Thunderbird 45 as a work-arround, what works fine. With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#869774: Problems with enigmail
On Wed, 26 Jul 2017 15:20:41 +0200 Paul van der Vlis wrote: > As a work-arround I've downloaded Enigmail from Debian 9, and installed > it using "dpkg -i". > > I can encrypt messages without a problem now, (...) They are NOT encyrpted and sended in plain text! What I did now is this and it seems to be a working work-arround: apt remove thunderbird icedove apt install thunderbird=1:45.8.0-3~deb8u1 apt install thunderbird-l10n-nl=1:45.8.0-3~deb8u1 apt install lightning=1:45.8.0-3~deb8u1 apt install lightning-l10n-nl=1:45.8.0-3~deb8u1 apt install icedove=1:45.8.0-3~deb8u1 apt install enigmail=2:1.8.2-4~deb8u1 apt -t jessie-backports install xul-ext-sogo-connector After this you need also do some kind of pinning. With regards, Paul van der Vlis
Bug#869774: Problems with enigmail
Hello, I have the same problem, I also get the error "This is an encrypted OpenPGP message. In order to decrypt this mail, you need to install an OpenPGP add-on." But Enigmail is installed. A reboot did not help. As a work-arround I've downloaded Enigmail from Debian 9, and installed it using "dpkg -i". I can encrypt messages without a problem now, but when I decrypt a message I get this alert: -- Enigmail alert: GnuPG reported an error in the communication with gpg-agent (a component of GnuPG). This is a system setup or configuration error that prevents Enigmail from working properly and cannot be fixed automatically. We strongly recommend that you consult our support web site at https://enigmail.net/faq. -- After clicking OK, I see the message decrypted. I have installed the package gnupg-agent, but I don't see pgp-agent in the output of "ps aux". With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#862102: Test with 4.11 kernel from experimental
I've tested with linux-image-4.11.0-trunk-amd64 from experimental and I've seen the same problem.
Bug#862102: linux-latest: AMD Firepro W4100 does not work well in 4K resolution
Source: linux-latest Version: AMD Firepro W4100 videocard does not work well in 4K resolution Severity: normal Dear Maintainer, The AMD Firepro W4100 works well in 4K with Linux with kernel 3.16, and I have also heard it works fine with kernel 4.3. But with the actual 4.9 kernel it does not work fine in 4K. Lower resolutions work fine, but in 4K you will see sometimes flickering when you do something (e.g. move your mouse). Everything is nice if you don't do anything. The problem is not 100% reproduceable, but if you work a bit you will see it. It is not useable in 4K. First I've installed Stretch and I saw the problem. I have tried another W4100 with the same problem, and I have also tried it in another workstation with the same problem (completely different system). Then I've installed Jessie with kernel 3.16 and everything works fine. I have installed firmware-amd-graphics from jessie-backports, everything still works OK. When I install the 4.9 kernel from jessie-backports I see the problem. If I use then grub and choose the 3.16 kernel there is no problem. Maybe this link is interesting, the author says everything works fine with Linux 4.3: http://blog.mycre.ws/articles/works-with-debian-intel-ssd-750-amd- firepro-w4100-dell-p2715q/ With regards, Paul van der Vlis
Bug#858880: cinnamon: Sometimes 100% CPU after starting
I saw the problem today often, and ik lookslike the gsettings command helped. But I still have problems reproducing the problem, after a "gsettings set org.cinnamon.settings-daemon.plugins.a11y-settings active false" I did not saw the problem anymore. Paul
Bug#858880: cinnamon: Sometimes 100% CPU after starting
Hello Marga and others, Op 22-04-17 om 12:54 schreef Margarita Manterola: > Hi, > > On 2017-03-28 09:20, Paul van der Vlis wrote: > >> I have seen many times that Cinnamon used 100% CPU after the >> displaymananger >> did the autologin. I've tested with Lightdm and with GDM3. Sometimes >> Cinnamon >> started after some time, sometimes it did not (or my patience was not big >> enough). > > I've seen this problem as well, particularly on intel graphics hardware > but I don't have enough data to be sure if that's the cause. > > Anyway, what seems to have helped is disabling the accessibility > settings applet. It would be helpful if you could try this out and > report whether this helps for you: > > gsettings set org.cinnamon.settings-daemon.plugins.a11y-settings active > false > > This will disable the plugin. After that, you would need to logout and > back in enough times to verify that it actually helped. Could you do that? I've made a new installation, on a Lenovo Thinkpad X220 with SSD and the same amount of memory (2x2GB). But I cannot reproduce the problem anymore. I've tested with the same type of hardware, but not the same device. The SSD is the same make, but another modell. What I still hear is a processor-fan what makes noice after logging in, so the processor is busy. But after a few seconds it's gone. After giving the gesettings-command I don't see changings in this. I will do a bit more tests. I did tests with Cinnamon version 3.2.7-2. With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#858880: cinnamon: Sometimes 100% CPU after starting
Package: cinnamon Version: 3.0.4-2~bpo8+1 Severity: normal Dear Maintainer, I had to make a laptop for many users with autologin, and wanted to use Cinnamon. I have used Debian 9 RC2 and the latest updates available on 2017-3-27. I have seen many times that Cinnamon used 100% CPU after the displaymananger did the autologin. I've tested with Lightdm and with GDM3. Sometimes Cinnamon started after some time, sometimes it did not (or my patience was not big enough). I have also tested some other desktops with Debian 9 RC2, I did not see this problems with Mate. Not sure the problem is only there with autologin. I have also seen other computers and laptops without this problem. I have tested with 3 different laptops, but all of the type Lenovo Thinkpad X220 with SSD. It is not really difficult to reproduce, but it's not always there. Maybe it's a timing-problem. With regards, Paul van der Vlis
Bug#828069: icedove: random crashes after latest security update
On 13-02-17 12:48, Jens Reyer wrote: On 02/13/2017 10:59 AM, Paul van der Vlis wrote: Is the old 1:45.1 version from before the security patch somewhere available? And the patch? http://snapshot.debian.org/package/icedove/ I found the older version is really much older. It's not only a security patch but a big update. This is the older version: http://snapshot.debian.org/package/icedove/38.8.0-1~deb8u1/ Paul
Bug#828069: icedove: random crashes after latest security update
On Wed, 14 Dec 2016 07:28:24 +0100 Carsten Schoenert wrote: > Debian is using GCC 4.9 for stable-security (GCC 4.8 on Wheezy LTS) and > GCC 6.2 in unstable/testing. > > Mozilla is still using GCC 4.7.3 right now. So I believe most of the > problems are related due gcc is not going that lazy anymore than the old > gcc. There are several also known problematic things due the strictness > of new gcc versions by Mozilla. So in the end we can't do much about > that segfault issue for now. When I understand you well, you think the segfaults are because of another version of GCC. But before the security update, there was really no problem. And I think the GCC version has not changed in stable, or am I wrong? And the same thing happend with Wheezy LTS. I have a customer (an organization with 8 clients) what still uses that. So I think it has to do with something what's in the security patch, or do I forget something? Is the old 1:45.1 version from before the security patch somewhere available? And the patch? Is there an upstream bug about this problem? I found this bug, but not sure it's the same problem: https://bugzilla.mozilla.org/show_bug.cgi?id=1284596 With regards, Paul -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#815352: New mailing list for RISC-V port(s)
I support the creation of the debian-riscv mailing list. With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#833741: Workaround
Hello, There is no big problem for existing installations, but if you make a new installation then flash does not work. This is what I do as root as a workaround: apt-get install pepperflashplugin-nonfree cd /usr/lib/ mv pepperflashplugin-nonfree pepperflashplugin-nonfree-backup mkdir pepperflashplugin-nonfree cd pepperflashplugin-nonfree wget -r -nd --no-parent https://vandervlis.nl/files/pepperflashplugin-nonfree/ rm index.html* After this flash will work, maybe you have to restart the browser. Of cause you can also use your /usr/lib/pepperflashplugin-nonfree from an older installation. That's what I did. With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#828069: Other versions and distro's
Hello, What if you install Thunderbird binaries from upstream. Does that have the same problems? Somebody tried that? https://www.mozilla.org/en-US/thunderbird/all/ And is there an upstream bug about this? Maybe interesting to know to know that the same problem excists in oldstable. I am interested if the same problem excist in other distro's like Ubuntu. I don't know about it. This problem is NOT on all computers. I know a few what do not have it. Maybe it can be interesting to find out the difference? This is not OK for a program in "stable"... With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#828069: Crashes
Hello, Many people have crashes, but not all. Most of my customers are using Intel hardware, Intel GPU, Debian stable 64-bits. When I can help with something, please tell. With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#507020: xen-utils-3.2-1: Pygrub says "Error: Boot loader didn't return any data!"
Op 21-08-15 om 17:32 schreef Ian Campbell: > Control: tags -1 +moreinfo > > Sorry this bug seems to have fallen through the cracks. > > On Thu, 27 Nov 2008 09:34:19 +0100 Paul van der Vlis > wrote: >> You may find bringing this up on xen-devel useful. > > Did you bring this up on the upstream list? No. > Does this bug still occur for you? I am using the workarround I wrote about. The only Xen instance I have is old. I don't know if it happens on a up-to-date Xen system. With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
Bug#790885: cyrus-common: Does not start on boot
Package: cyrus-common Version: 2.4.17+caldav~beta10-18 Severity: normal Dear Maintainer, * What led up to the situation? I did an upgrade. And on another machine a new install. The problem was in both cases the same. * What exactly did you do (or not do) that was effective (or ineffective)? I rebooted the machine. * What was the outcome of this action? No cyrus-imapd running. * What outcome did you expect instead? cyrus-imapd running. A workarround is to put this in /etc/rc.local, before "exit 0": /etc/init.d/cyrus-imapd start -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#787129: apt-setup-udeb: No contrib and non-free by default
Op 29-05-15 om 13:42 schreef Cyril Brulebois: > Cyril Brulebois (2015-05-29): >> This leaves us with the following question: why does the cdrom: line >> contain contrib. To which I don't have an immediate answer. It's not only about the "cdrom:" line, but also about the lines with the security and updates repositories: deb http://security.debian.org/ jessie/updates main contrib deb-src http://security.debian.org/ jessie/updates main contrib deb http://ftp.nl.debian.org/debian/ jessie-updates main contrib deb-src http://ftp.nl.debian.org/debian/ jessie-updates main contrib With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer, Groningen https://www.vandervlis.nl -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#787129: apt-setup-udeb: No contrib and non-free by default
Package: apt-setup-udeb Version: 1:0.97 Severity: normal Tags: d-i Dear Maintainer, I did install Debian with "Debian GNU/Linux 8.0.0 _Jessie_ - Official amd64 DVD Binary-1 20150425-12:54". After that I found in /etc/apt/sources.list lines with "contrib" enabled (see attachment). I would expect a sources.list without "contrib" enabled, because contrib installs software what's not dfsg-free, like the flashplugin from Adobe. And so far I know "contrib" is not an official part of Debian. # # deb cdrom:[Debian GNU/Linux 8.0.0 _Jessie_ - Official amd64 DVD Binary-1 20150425-12:54]/ jessie contrib main deb cdrom:[Debian GNU/Linux 8.0.0 _Jessie_ - Official amd64 DVD Binary-1 20150425-12:54]/ jessie contrib main deb http://ftp.nl.debian.org/debian/ jessie main deb-src http://ftp.nl.debian.org/debian/ jessie main deb http://security.debian.org/ jessie/updates main contrib deb-src http://security.debian.org/ jessie/updates main contrib # jessie-updates, previously known as 'volatile' deb http://ftp.nl.debian.org/debian/ jessie-updates main contrib deb-src http://ftp.nl.debian.org/debian/ jessie-updates main contrib
Bug#764982: Backports when the danger is contrib and non-free
Op 20-04-15 om 22:19 schreef Geert Stappers: > Op 20-04-15 om 09:39 schreef Turbo Fredriksson: >> Besides, we had this exact argument for weeks (months) about contrib >> and non-free 'in the day'. Eventually, _that_ (amongst others) "won" >> the argument - it's not an official part of Debian GNU/Linux! > > I had a closer look at /etc/apt/sources.list of a recent installed machine. > > And sadly discovered that 'contrib' and 'non-free' were enabled ... I have installed with RC1 and with RC2, but I cannot remember that I have seen that! Maybe you have used a nightly build? I am interested who did this when you are correct. Enabling non-free and contrib in sources.list is a very stupid idea because Debian is about DFSG software and non-free is not DFSG, and contrib needs non-DFSG software. I don't think this was a diskussion, this was maybe somebody who don't know Debian. Or somebody who does not care about free software, and wants to provocate a bit. But "backports main" is DFSG software and an official part of Debian. Or an "official Debian service", like Turbo prefers. With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer, Groningen http://www.vandervlis.nl -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#764982: Backports, where is the danger (why the FUD)
Op 19-04-15 om 22:00 schreef Turbo Fredriksson: > If someone wants newer version, they can (should!) upgrade to the newer > distribution. OR, if they're brave, use back ports. Do you mean upgrade to testing? Nobody gets a newer version by enabling backports in sources.list, you only get a newer version by using "apt-get -t ...". The problem is about packages what are NOT in stable. >> If you don't want backports for some reason, is easy to disable them in >> sources.list. > > Why!? Why should _I_ adapt to YOUR opinion? What makes you think that YOUR > opinion is the only, correct one?? Because this is not a RC bug. > Debian GNU/Linux don't enable contrib and non-free by default (or does it > now, haven't checked). And yet _I_ choose to use packages from there. Why > shouldn't EVERYONE be 'forced' to disable that, just to accommodate me?! > > Same with back ports. They're not really part of the Debian GNU/Linux > distribution. Only 'main' is. The're all provided on the Debian GNU/Linux > servers, but they're not the official distribution. So only 'main' should > be enabled by default by the installer. Backports main is official Debian. [1] > Besides, why are you still arguing about this? The decision have been made. > Live with it. If you really, really think this decision is in error, then > lobby for changing it in the next release. Now, the discussion is moot and > pointless - "suck it up". I've waited long for this. I've published about it. For me it's a big point. And then comes Cyril who removes it at the last moment... Not OK in my opinion. With regards, Paul van der Vlis. [1] https://www.debian.org/News/2010/20100905 -- Paul van der Vlis Linux systeembeheer, Groningen http://www.vandervlis.nl -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#764982: Backports, where is the danger (why the FUD)
Op 19-04-15 om 20:59 schreef Turbo Fredriksson: > On Apr 19, 2015, at 8:25 PM, Geert Stappers wrote: > >> What is the danger of having backports (default) enabled? > > From what I've seen (when I tried it a couple of years ago), is that > the back porting is quite … "sloppy". If the package needs a newer lib, > that is back ported as well. And the newer lib that depends on etc, etc. > > Eventually, you end up with such a bastardizised version of dist, it > simply WILL break in mysterious ways (and it have for me, which is why > is stopped using it). Did you check if it really was backports? I use backports on all machines I care about, and I never had dependency problems from backports (so far I remember). > The correct way is, off course, to do the back port properly, make the > software work with the version of the libraries etc that's already in > the repo/dist. So far I know backports are made the correct way. This type of problems are most of time coming from other repositories, outside Debian. If you don't want backports for some reason, is easy to disable them in sources.list. With regards, Paul vand er Vlis. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#764982: Sensible discussion
> Paul van der Vlis (2015-04-19): >> Cyril Brulebois wrote: >> > Packages sometimes bitrot in backports, with unfixed security issues, >> > up to the point they get removed. That can also happen because they're >> > not supportable anymore (e.g. owncloud in wheezy-backports). Now we >> > have debian-security-support for pathological cases in stable; does >> > that work for backports? I'm pretty sure running a no longer supported >> > owncloud instance is one of the worst things you can do with your >> > data… >> >> Some packages in stable have the same problem. >> Take a look at Chromium. > > Are you really not reading what you're quoting? That doesn't help having > a sensible discussion. I don't see the big difference. In both cases people did care, but it was not possible to fix the problems. There was no bitrot, it was too difficult. What I think you mean to say, is that backports is not officially handled by the Debian security team. Do you think the problems in Owncloud would be fixed by the security team when it was in stable? I don't think so. But maybe it is sometimes correct for some less important packages, *because* backports is not much used. And I think there is a difference between packages what are in stable and in backports, and packages what are only in backports. When packages are only in backports, the focus is much more on backports, and the security support of the maintainer will be better. And it is more easy to fix problems in backports then in stable, because you can use a newer version of upstream. Except in case of a freeze, but then there is security support for testing. With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer, Groningen http://www.vandervlis.nl -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#764982: Bitrot in backports
Cyril Brulebois wrote: > Packages sometimes bitrot in backports, with unfixed security issues, up > to the point they get removed. That can also happen because they're not > supportable anymore (e.g. owncloud in wheezy-backports). Now we have > debian-security-support for pathological cases in stable; does that work > for backports? I'm pretty sure running a no longer supported owncloud > instance is one of the worst things you can do with your data… Some packages in stable have the same problem. Take a look at Chromium. With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer, Groningen http://www.vandervlis.nl -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#764982: Backports removed from sources.list ;-(
Op 19-04-15 om 18:12 schreef Cyril Brulebois: > Paul van der Vlis (2015-04-19): >> I saw backports has been removed as default setting from sources.list in >> Jessie RC3. I am very disappointed by this last minute change, without >> much discussion so far I know. I did not know about this bug. > > Not knowing about this bug report doesn't mean there were no arguments > given; quite the contrary actually, since nobody opposed them. Some arguments: The biggest argument against backports in sources.list is, that a user could install a new package by accident from backports without knowing it comes from backports. I think the correct way to fix this is, to inform the users by putting this information into the release notes. Most people who want to install a package what's not in main, will install it from backports when it's available only there. People who do not want to use packages from backports, can remove backports from sources.list. Do you know any serious Debian sysadmin who does not change sources.list? I don't. So it's for the users who are not so experienced. I think very many users don't know about backports at all. Putting backports default in sources.list makes it a lot more normal to use backports. One of the biggest arguments against Debian is that the software is so old. With backports enabled, that's not true. Most software what's in backports is newer then in e.g. Ubuntu. True, you normally don't use it. But when you need it, it's there. In my opinion packages like Iceweasel don't belong in main, they belong in backports. That's another discussion, but backports default enabled makes this possible. Another argument against removing: This is not a RC bug, so it's to late to fix it. With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer, Groningen http://www.vandervlis.nl -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#764982: Backports removed from
> Paul van der Vlis (2015-04-19): >> I saw backports has been removed as default setting from sources.list in >> Jessie RC3. I am very disappointed by this last minute change, without >> much discussion so far I know. I did not know about this bug. > > Not knowing about this bug report doesn't mean there were no arguments > given; quite the contrary actually, since nobody opposed them. Most people did know that backports is/was in Jessie, but I think not many people did know about this bug. People don´t search for bugs when they don't have a problem with something... Now there is no time for a discussion anymore! And this was not a RC-bug. >> In my opinion it's very good when backports is default in sources.list. > > My opinion is that I don't want to push ticking time bombs into the hands > of our users. And that's exactly what defaulting to enabling backports > was. I always enable backports on all machines I am responsible for, because I use that repository. Are all machines with backports enabled ticking timebombs? No, but you have to know what you do. With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer, Groningen http://www.vandervlis.nl -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#764982: Backports removed from sources.list ;-(
Hello, I saw backports has been removed as default setting from sources.list in Jessie RC3. I am very disappointed by this last minute change, without much discussion so far I know. I did not know about this bug. In my opinion it's very good when backports is default in sources.list. With regards, Paul van der Vlis. The bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=764982 -- Paul van der Vlis Linux systeembeheer, Groningen http://www.vandervlis.nl/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#775541: NFS mounts from /etc/fstab works for me
Hello, I don't see real problems with NFS mounts from /etc/fstab, I am using it with homedirs on about 14 clients with NFS4 and MIT Kerberos. NFS is not needed for booting. After booting /home is mounted. Maybe NFS comes up before the network is accessabel, it does not wait. The only point is an ugly red error during boot. With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer, Groningen http://www.vandervlis.nl -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#778794: postfixadmin: Please change the dependencies/recommendations
Package: postfixadmin Version: 2.3.7-1 Severity: wishlist Dear Maintainer, Please add MariaDB as an alternative for Mysql/Postgresgl. MariaDB is compatible with MySQL. Or better: make the database a recommendation, it can be on another server I expect. And I see a recommendation against dovecot-core or courier-authlib-* This will install dovecot-core when you have Cyrus-imapd installed and that's not a good combination I expect. In the setup how I use Cyrus-imapd, libsasl2-2 is responseble for the authentication. But maybe it's better to remove the whole dependency against Dovecot/Courier/Cyrus, because it can be on another server. With regards, Paul van der Vlis. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#777538: gnome-shell-extensions: No gnome-classic alternative for x-session-manager
Package: gnome-shell-extensions Version: 3.14.2-1 Severity: normal In the alternatives system, it is not possible to choose "Gnome Classic" as the default desktop (x-session-manager). You can choose other desktops when installed, but not "Gnome Classic". In "man gnome-session" they tell you can change the default desktop in /usr/share/gnome-session/sessions/gnome.session but this is a workarround in my opionion. It's not a real config-file, and if you change it you cannot start the normal Gnome anymore, so you have to replace it. Maybe we can use this bug to find a workarround for this problem. The same problem is with "Gnome on Wayland", but this is part of the package gnome-session. It's no problem to choose "Gnome Fallback", when installed. -- System Information: Debian Release: 8.0 APT prefers testing-updates APT policy: (500, 'testing-updates'), (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages gnome-shell-extensions depends on: ii dconf-gsettings-backend [gsettings-backend] 0.22.0-1 ii gir1.2-atk-1.0 2.14.0-1 ii gir1.2-clutter-1.0 1.20.0-1 ii gir1.2-gdkpixbuf-2.0 2.31.1-2+b1 ii gir1.2-glib-2.0 1.42.0-2.2 ii gir1.2-gmenu-3.0 3.13.3-5 ii gir1.2-gtk-3.0 3.14.5-1 ii gir1.2-gtop-2.0 2.28.5-2+b1 ii gir1.2-mutter-3.03.14.2-1 ii gir1.2-pango-1.0 1.36.8-3 ii gnome-session3.14.0-2 ii gnome-shell 3.14.2-3+b1 ii gvfs 1.22.2-1 Versions of packages gnome-shell-extensions recommends: ii gnome-tweak-tool 3.14.2-2 gnome-shell-extensions suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#776595: Screenshot link
Screenshot: https://lists.vrijschrift.org/pipermail/vertaling/attachments/20150202/4a00f061/attachment-0001.png -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#776595: Upstream fixed in the same way as the patch
This bug is upstream fixed on the same way as in the patch: https://l10n.gnome.org/POT/gnome-menus.master/gnome-menus.master.nl.po With regards, Paul van der Vlis. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#776595: gnome-menus: Two folders with the same name in the Dutch translation
Package: gnome-menus Version: 3.13.3-5 Severity: important Tags: l10n Dear Maintainer, * What led up to the situation? Using the menu of "Gnome Classic". * What exactly did you do (or not do) that was effective (or ineffective)? I opened the "Applications" menu item. In Dutch this is called "Toepassingen". * What was the outcome of this action? I saw two folders called "Hulpmiddelen". I found out that both "Accesoiries" and "Utitlities" where translated into "Hulpmiddelen". * What outcome did you expect instead? Folders with different names, this is very confusing. -- System Information: Debian Release: 8.0 APT prefers testing-updates APT policy: (500, 'testing-updates'), (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages gnome-menus depends on: ii python3 3.4.2-2 pn python3:any gnome-menus recommends no packages. gnome-menus suggests no packages. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#711470: ath9k_htc updated firmware for firmware-linux-free
There is a Debian source package for ath9k_htc made by Trisquel people: http://packages.trisquel.info/en/source/toutatis-updates/open-ath9k-htc-firmware With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer, Groningen http://www.vandervlis.nl -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#711470: ath9k_htc updated firmware for firmware-linux-free
Hello, I think we must really shame our self this software is not in Debian Jessie! Is there no RFP? Maybe it cannot be in firmware-linux-free because the code has another source. With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer, Groningen http://www.vandervlis.nl -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#766032: icedove: A year security support of old-stable
Maybe I was not clear this is about the future, not about the past. So I would like to have a year time to change from Wheezy to Jessie. I'v made this bug for Iceweasel and Chromium too. This are the 3 programms what give problems while using Debian on the desktop. I realize that Icedove depends on other programs. I would like it when the maintainer would warn when he/she expects a problem. E.g. because of a newer compiler what's needed. Then other people could work on backporting a newer compiler. With regards, Paul van der Vlis. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#766034: closed by Michael Gilbert
> Michael Gilbert wrote: > On Mon, Oct 20, 2014 at 6:23 AM, Paul van der Vlis wrote: >> I would like to have a year security support of the package in >> old-stable. >> >> Background: sometimes the configuration of a desktop is complex >> (Kerberos, NFS4, LDAP, etc), so it's not possible for me to do an >> upgrade in a short time. >> For that reasan I would like it when I would have a year to do the >> upgrade. I don't care if the supported package is in main or in >> backports. >> >> When it's not possible to do so, I would like a diskussion about the >> "why". We could use the same package in oldstable as in stable. > > That's not really possible. Google dropped support for the oldstable > compilers probably 2 years ago now. Maybe I was not clear enough: I mean in the future. I would like to have a year to migrate from Wheezy to Jessie. When you need a newer compiler, I think we should backport a newer compiler. Please tell us what you need, or what you think you will need in the near future. With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer, Groningen http://www.vandervlis.nl -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#766031: iceweasel: A year security support of old-stable
op 21-10-14 02:27, Mike Hommey schreef: > On Tue, Oct 21, 2014 at 01:57:06AM +0200, Paul van der Vlis wrote: >> op 21-10-14 00:57, Mike Hommey schreef: >>> old-stable packages were available on mozilla.debian.net until the last >>> 24.8.0esr-1 update. >>> Except it's not possible anymore because it requires >>> a compiler version much newer than what's available in old-stable. >> >> Maybe I was not clear enough, this bug is about the future. >> I would like to have 1 year time before I need to upgrade to Jessie. > > This is not something that can be acted on now, and is not something > that belongs in the bug tracking system. Maybe you are right about that. It's a goal. But maybe we can think about what we can do to reach that goal. E.g. by making backports. Or by changing policies so that a package may depend on a package in backports, when it's really important. With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer, Groningen http://www.vandervlis.nl -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#766031: iceweasel: A year security support of old-stable
op 21-10-14 09:54, Sylvestre Ledru schreef: > Hello, > > On 21/10/2014 01:57, Paul van der Vlis wrote: >> op 21-10-14 00:57, Mike Hommey schreef: >>> old-stable packages were available on mozilla.debian.net until the last >>> 24.8.0esr-1 update. >>> Except it's not possible anymore because it requires >>> a compiler version much newer than what's available in old-stable. >> Maybe I was not clear enough, this bug is about the future. >> I would like to have 1 year time before I need to upgrade to Jessie. >> > Don't forget that most of the DDs are volunteers. I know. > If it is really critical for you, you should have a look here: > https://www.debian.org/consultants/ I am one myself. > or > http://www.freexian.com/services/debian-lts.html Maybe I was not clear enough that I am talking about the future, not about the past. So I would like to have one year for switching from Wheezy to Jessie. I am glad with one year support for oldstable. See e.g.: https://www.debian.org/security/2013/dsa-2716 Wheezy was released on May 4 2013, so the security support for Squeeze was dropped in less then 2 months after the release of Wheezy. That's too short for me. When there is more needed, I would like a discussion. E.g. about backporting of packages when they are needed for compiling. The people from Mozilla could help with this goal (but maybe they do allready what they can). With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer, Groningen http://www.vandervlis.nl -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#766031: iceweasel: A year security support of old-stable
op 21-10-14 00:57, Mike Hommey schreef: > old-stable packages were available on mozilla.debian.net until the last > 24.8.0esr-1 update. > Except it's not possible anymore because it requires > a compiler version much newer than what's available in old-stable. Maybe I was not clear enough, this bug is about the future. I would like to have 1 year time before I need to upgrade to Jessie. When a newer compiler is needed, I would like to hear about such a problem. I think it's sometimes possible to backport a compiler. Or we can study how other distributions like Redhat or Ubuntu are handling this problem. I don't think mozilla.debian.net is the right place for security updates for the next oldstable. With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer, Groningen http://www.vandervlis.nl -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#766034: chromium: A year security support of old-stable
Package: chromium Version: 37.0.2062.120-1~deb7u1 Severity: wishlist Dear Maintainer, I would like to have a year security support of the package in old-stable. Background: sometimes the configuration of a desktop is complex (Kerberos, NFS4, LDAP, etc), so it's not possible for me to do an upgrade in a short time. For that reasan I would like it when I would have a year to do the upgrade. I don't care if the supported package is in main or in backports. When it's not possible to do so, I would like a diskussion about the "why". We could use the same package in oldstable as in stable. With regards, Paul van der Vlis -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#766032: icedove: A year security support of old-stable
Package: icedove Version: 24.8.1-1~deb7u1 Severity: wishlist Dear Maintainer, I would like to have a year security support of the package in old-stable. Background: I use the package on many desktops, sometimes the configuration is complex (Kerberos, NFS4, LDAP, etc), so it's not possible for me to do an upgrade in a short time. For that reasan I would like it when I would have a year to do the upgrade. I don't care if the supported package is in main or in backports. When it's not possible to do so, I would like a diskussion about the "why". We could use the same package in oldstable as in stable. With regards, Paul van der Vlis -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#766027: icedove: Display message when restart is needed
Package: icedove Version: 24.8.1-1~deb7u1 Severity: wishlist Dear Maintainer, I would like it when users get a message on the desktop when a restart of Icedove is needed, because of a (security) upgrade of Icedove. Background: as a sysadmin I use Debian with Gnome on many desktops, the users do not do the upgrades themself in most cases. Some users do not reboot often. They get sometimes strange errors after an upgrade. After a restart of Icedove everything works fine again. With regards, Paul van der Vlis. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#766029: chromium: Display message when restart is needed
Package: chromium Version: 37.0.2062.120-1~deb7u1 Severity: wishlist Dear Maintainer, I would like it when users get a message on the desktop when a restart of Chromium is needed, because of a (security) upgrade. Background: as a sysadmin I use Debian with Gnome on many desktops, the users do not do the upgrades themself in most cases. Some users do not reboot often. They get sometimes strange errors after an upgrade. After a restart of the browser everything works fine again. With regards, Paul van der Vlis. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#766025: iceweasel: Display message when restart is needed
Package: iceweasel Version: 31.2.0esr-2~deb7u1 Severity: wishlist Dear Maintainer, I would like it when users get a message on the desktop when a restart of Iceweasel is needed, because of a (security) upgrade of Iceweasel. Background: as a sysadmin I use Debian with Gnome on many desktops, the users do not do the upgrades themself in most cases. Some users do not reboot often. They get sometimes strange errors after an upgrade. After a restart of the browser everything works fine again. With regards, Paul van der Vlis. -- Addons package information ii gecko-mediapla 1.0.6-1 amd64Multimedia plug-in for Gecko brow ii gnome-shell3.4.2-7+deb7 amd64graphical shell for the GNOME des ii icedtea-7-plug 1.4-3~deb7u2 amd64web browser plugin based on OpenJ ii iceweasel 31.2.0esr-2~ amd64Web browser based on Firefox ii iceweasel-l10n 1:31.2.0esr- all German language package for Icewe ii iceweasel-l10n 1:31.2.0esr- all Dutch language package for Icewea ii rhythmbox-plug 2.97-2.1 amd64plugins for rhythmbox music playe ii totem-mozilla 3.0.1-8 amd64Totem Mozilla plugin ii xine-plugin1.0.2-4 amd64xine-based media player plugin fo ii xul-ext-firebu 1.12.8+dfsg- all web development plugin for Icewea ii xul-ext-noscri 2.6.8.19-1~d all permissions manager for Iceweasel -- System Information: Debian Release: 7.7 APT prefers stable APT policy: (700, 'stable'), (500, 'stable-updates') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=nl_NL.utf8, LC_CTYPE=nl_NL.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages iceweasel depends on: ii debianutils 4.3.2 ii fontconfig2.9.0-7.1 ii libasound21.0.25-4 ii libatk1.0-0 2.4.0-2 ii libc6 2.13-38+deb7u6 ii libcairo2 1.12.2-3 ii libdbus-1-3 1.6.8-1+deb7u4 ii libdbus-glib-1-2 0.100.2-1 ii libevent-2.0-52.0.19-stable-3 ii libffi5 3.0.10-3 ii libfontconfig12.9.0-7.1 ii libfreetype6 2.4.9-1.1 ii libgcc1 1:4.7.2-5 ii libgdk-pixbuf2.0-02.26.1-1 ii libglib2.0-0 2.33.12+really2.32.4-5 ii libgtk2.0-0 2.24.10-2 ii libhunspell-1.3-0 1.3.2-4 ii libpango1.0-0 1.30.0-1 ii libsqlite3-0 3.7.13-1+deb7u1 ii libstartup-notification0 0.12-1 ii libstdc++64.7.2-5 ii libx11-6 2:1.5.0-1+deb7u1 ii libxext6 2:1.3.1-2+deb7u1 ii libxrender1 1:0.9.7-1+deb7u1 ii libxt61:1.1.3-1+deb7u1 ii procps1:3.3.3-3 ii zlib1g1:1.2.7.dfsg-13 iceweasel recommends no packages. Versions of packages iceweasel suggests: ii fonts-mathjax 2.2-1~bpo70+1 ii fonts-oflb-asana-math 000.907-4 ii fonts-stix [otf-stix] 1.1.0-1 ii libcanberra0 0.28-6 ii libgnomeui-0 2.24.5-2 ii libgssapi-krb5-2 1.10.1+dfsg-5+deb7u2 pn mozplugger -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#766031: iceweasel: A year security support of old-stable
Package: iceweasel Version: 31.2.0esr-2~deb7u1 Severity: wishlist Dear Maintainer, I would like to have a year security support of the package in old-stable. Background: I use the package on many desktops, sometimes the configuration is complex (Kerberos, NFS4, LDAP, etc), so it's not possible for me to do an upgrade in a short time. For that reasan I would like it when I would have a year to do the upgrade. I don't care if the supported package is in main or in backports. With regards, Paul van der Vlis -- Addons package information ii gecko-mediapla 1.0.6-1 amd64Multimedia plug-in for Gecko brow ii gnome-shell3.4.2-7+deb7 amd64graphical shell for the GNOME des ii icedtea-7-plug 1.4-3~deb7u2 amd64web browser plugin based on OpenJ ii iceweasel 31.2.0esr-2~ amd64Web browser based on Firefox ii iceweasel-l10n 1:31.2.0esr- all German language package for Icewe ii iceweasel-l10n 1:31.2.0esr- all Dutch language package for Icewea ii rhythmbox-plug 2.97-2.1 amd64plugins for rhythmbox music playe ii totem-mozilla 3.0.1-8 amd64Totem Mozilla plugin ii xine-plugin1.0.2-4 amd64xine-based media player plugin fo ii xul-ext-firebu 1.12.8+dfsg- all web development plugin for Icewea ii xul-ext-noscri 2.6.8.19-1~d all permissions manager for Iceweasel -- System Information: Debian Release: 7.7 APT prefers stable APT policy: (700, 'stable'), (500, 'stable-updates') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=nl_NL.utf8, LC_CTYPE=nl_NL.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages iceweasel depends on: ii debianutils 4.3.2 ii fontconfig2.9.0-7.1 ii libasound21.0.25-4 ii libatk1.0-0 2.4.0-2 ii libc6 2.13-38+deb7u6 ii libcairo2 1.12.2-3 ii libdbus-1-3 1.6.8-1+deb7u4 ii libdbus-glib-1-2 0.100.2-1 ii libevent-2.0-52.0.19-stable-3 ii libffi5 3.0.10-3 ii libfontconfig12.9.0-7.1 ii libfreetype6 2.4.9-1.1 ii libgcc1 1:4.7.2-5 ii libgdk-pixbuf2.0-02.26.1-1 ii libglib2.0-0 2.33.12+really2.32.4-5 ii libgtk2.0-0 2.24.10-2 ii libhunspell-1.3-0 1.3.2-4 ii libpango1.0-0 1.30.0-1 ii libsqlite3-0 3.7.13-1+deb7u1 ii libstartup-notification0 0.12-1 ii libstdc++64.7.2-5 ii libx11-6 2:1.5.0-1+deb7u1 ii libxext6 2:1.3.1-2+deb7u1 ii libxrender1 1:0.9.7-1+deb7u1 ii libxt61:1.1.3-1+deb7u1 ii procps1:3.3.3-3 ii zlib1g1:1.2.7.dfsg-13 iceweasel recommends no packages. Versions of packages iceweasel suggests: ii fonts-mathjax 2.2-1~bpo70+1 ii fonts-oflb-asana-math 000.907-4 ii fonts-stix [otf-stix] 1.1.0-1 ii libcanberra0 0.28-6 ii libgnomeui-0 2.24.5-2 ii libgssapi-krb5-2 1.10.1+dfsg-5+deb7u2 pn mozplugger -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#762190: icedove: Please add extra mimetypes to .desktop file
Package: icedove Version: 24.8.0-1~deb7u1 Severity: wishlist Tags: patch Dear Maintainer, I am using iceowl-extension as my calendar, but I cannot choose it in the gnome default applications because the mimetype is missing in the desktop file. When I add the mimetype to icedove.desktop in Jessie, and I run "update- desktop-database -q", I can choose Icedove in Gnome default applications as my calendar. And Icedove starts when I click on "open calendar" in Gnome. It does not start in the calendar tab, but this is better then that Evolution starts... In the file "icedove.desktop" I've changed the line: MimeType=message/rfc822;x-scheme-handler/mailto into: MimeType=message/rfc822;x-scheme-handler/mailto;text/calendar;text/x-vcard; I realize that iceowl-extension is optional, so maybe it's better to create an extra desktop file in iceowl what adds this functionalily in a seperate desktop-file. But I think the above solution is more easy and good enough. With regards, Paul van der Vlis. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#758037: nautilus-dropbox: Does not install
Package: nautilus-dropbox Version: 1.4.0-3 Severity: grave Justification: renders package unusable Dear Maintainer, I've tried to install the package, but after downloading dropbox for 100% the installation let me wait forever. In /var/log/dpkg.log I saw the package is half installed. I did not see the message about restarting Nautilus. I've tried this on more then one computer with the same result. -- System Information: Debian Release: 7.6 APT prefers stable APT policy: (700, 'stable'), (500, 'stable-updates') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=nl_NL.utf8, LC_CTYPE=nl_NL.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages nautilus-dropbox depends on: ii libatk1.0-0 2.4.0-2 ii libc62.13-38+deb7u3 ii libcairo-gobject21.12.2-3 ii libcairo21.12.2-3 ii libgdk-pixbuf2.0-0 2.26.1-1 ii libglib2.0-0 2.33.12+really2.32.4-5 ii libgtk-3-0 3.4.2-7 ii libnautilus-extension1a 3.4.2-1+build1 ii libpango1.0-01.30.0-1 ii policykit-1 0.105-3 ii procps 1:3.3.3-3 ii python 2.7.3-4+deb7u1 ii python-gpgme 0.2-3 ii python-gtk2 2.24.0-3+b1 nautilus-dropbox recommends no packages. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#700061: No usable local backends
Hello, Maybe there is no useable local backend, but this package is very usefull for the remote driver. So I think this is not a "grave" bug but a "normal" bug. You could even see it as a "wishlist" bug, because what you want is support for Iceweasel. With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer, Groningen http://www.vandervlis.nl -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#636677: Sources seems to be available
Hello, The complete sourcecode seems to be available at http://code.google.com/p/selenium/source/ See this bug: https://bugs.launchpad.net/ubuntu/+source/python-selenium/+bug/1188229 With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer, Groningen http://www.vandervlis.nl -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#751002: libldap-2.4: No check of root certificate validity date
Hi Randy, op 11-06-14 03:34, Ryan Tandy schreef: > Hi Paul, > > On 09/06/14 04:29 AM, Paul van der Vlis wrote: >> While upgrading from Debian 6 to Debian 7 LDAPS did not work anymore >> on the >> client. I found out the root-certificate was outdated for a long time >> and the >> validity date of a root certificate is not checked on a Debian 6 >> client. But it >> is checked on a Debian 7 client, and this can give unexpected problems >> while >> upgrading. And it is a risk for Debian 6 installations. > > This is a behaviour change between squeeze and wheezy, yes, but in > libgnutls, not libldap; you can confirm it using gnutls-cli. > > Are you suggesting the behaviour of gnutls in squeeze should be made > more strict like in wheezy? If so we should reassign this to gnutls. I think it's a bug in Squeeze not to check the root certificate. But fixing the bug will give problems in existing installations and Squeeze does not have normal security-support anymore. We could reassign it to gnutls, or tell the people from squeeze-lts about it. Maybe it's important for other packages or other situations. >> The error while upgrading is: >> ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) > > Without any context that is a bit vague, but it sounds like a result I > would expect in case of an expired certificate. Increasing libldap's > debug level, or testing with "ldapsearch -d 1", will show you more > details about the underlying cause of the failure. > > If you need to disable the certificate verification to get your upgrade > finished, you can use the TLS_REQCERT ldap.conf(5) option, but that's a > rather big hammer as it disables several kinds of validation at once. > > As the expiry check has already been fixed in wheezy and later, can you > be more explicit about the changes you think should be done in order to > resolve this report? My goal was to give some publicity for people who are searching for this problem during upgrading, like I did. And to tell about this bug in Squeeze. For me it's no problem to close the bug. Thanks for your information! With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer, Groningen http://www.vandervlis.nl -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#751002: ibldap-2.4: No check of root certificate validity date
Package: ibldap-2.4 Version: 2.4.23 Severity: normal Dear Maintainer, While upgrading from Debian 6 to Debian 7 LDAPS did not work anymore on the client. I found out the root-certificate was outdated for a long time and the validity date of a root certificate is not checked on a Debian 6 client. But it is checked on a Debian 7 client, and this can give unexpected problems while upgrading. And it is a risk for Debian 6 installations. The error while upgrading is: ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) With regards, Paul van der Vlis -- Paul van der Vlis Linux systeembeheer, Groningen http://www.vandervlis.nl -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
