Bug#1068818: sngrep: CVE-2024-3119 CVE-2024-3120

[Victor Seva]

Hi,

On 21/4/24 21:58, Moritz Muehlenhoff wrote:
> Hi Victor,
> diff looks fine, but I don't believe this really needs a DSA; it's rather 
> obscure attack vector.
> I think addressing this via the next Bookworm point release is perfectly 
> fine, what do you think?

Fine for me. No objections from my side.

  
> Procedure is outlined at
> https://www.debian.org/doc/manuals/developers-reference/pkgs.en.html#special-case-uploads-to-the-stable-and-oldstable-distributions

Ack.Thanks

-- 
-
|   ,''`.     Victor Seva |
|  : :' :  linuxman...@torreviejawireless.org |
|  `. `'  PGP: 8F19 CADC D42A 42D4 5563  730C 51A0 9B18 CF5A 5068 |
|`-  Debian Developer |
  -


OpenPGP_signature.asc
Description: PGP signature


OpenPGP_0x7D7B65C42A0EC8B2.asc
Description: application/pgp-keys

Bug#1067885: ITP: lua-cmsgpack -- MessagePack implementation and bindings for Lua

[Victor Seva]

Package: wnpp
Severity: wishlist
Owner: Victor Seva 
X-Debbugs-Cc: debian-de...@lists.debian.org, debian-packag...@sipwise.com, 
vs...@debian.org

* Package name: lua-cmsgpack
   Version : 0.4.0
   Upstream Contact: Salvatore Sanfilippo 
* URL : https://github.com/antirez/lua-cmsgpack/
* License : MIT
   Programming Lang: C, Lua
   Description : MessagePack implementation and bindings for Lua

MessagePack is an object serialization specification like JSON.
lua-cmsgpack is a self contained C file without external dependencies.



Build dependency of KeyDB (ITP #1067413) and it would be maintained
by the Lua team at https://salsa.debian.org/lua-team/lua-cmsgpack

-- 
-
|   ,''`. Victor Seva |
|  : :' :  linuxman...@torreviejawireless.org |
|  `. `'  PGP: 8F19 CADC D42A 42D4 5563  730C 51A0 9B18 CF5A 5068 |
|`-  Debian Developer |
  -


OpenPGP_signature.asc
Description: PGP signature


OpenPGP_0x7D7B65C42A0EC8B2.asc
Description: application/pgp-keys

Bug#1061494: [Pkg-xmpp-devel] Bug#1061494: create a prosody-config package that will configure prosody with good xmpp compliance by default with debconf

[Victor Seva]

Hi

On 25/1/24 20:59, Martin wrote:
> Hi Praveen,
> 
> IMHO, that's a good idea!

Yes, sounds nice.

> Esp. I like to have a config that is as similar as possible to Snikket,
> for those, who like to selfhost, but want to avoid docker.
> 
> I'm not sure, if that package should be part of prosody itself or if it
> should be a separate source package with a binary package, that depends
> on both prosody and prosody-modules.

another source package sounds too much. It can be included in prosody source.

Cheers

-- 
-
|   ,''`.     Victor Seva |
|  : :' :  linuxman...@torreviejawireless.org |
|  `. `'  PGP: 8F19 CADC D42A 42D4 5563  730C 51A0 9B18 CF5A 5068 |
|`-  Debian Developer |
  -


OpenPGP_signature.asc
Description: PGP signature


OpenPGP_0x7D7B65C42A0EC8B2.asc
Description: application/pgp-keys

Bug#1038975: sngrep: CVE-2023-36192

[Victor Seva]

Hi,

I've just uploaded to Sid sngrep 1.7.0-2 with [2] included.
I've prepared sngrep 1.6.0-2 for bookworm.

Waiting for you reply,
Victor

[0] https://security-tracker.debian.org/tracker/CVE-2023-36192
 https://www.cve.org/CVERecord?id=CVE-2023-36192
[1] https://github.com/irontec/sngrep/issues/438
[2] 
https://github.com/irontec/sngrep/commit/ad1daf15c8387bfbb48097c25197bf330d2d98fc

-- 
-
|   ,''`. Victor Seva |
|  : :' :  linuxman...@torreviejawireless.org |
|  `. `'   PGP Key ID: 0x51A09B18CF5A5068 |
|`-  Debian Developer |
  --BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 3.0 (quilt)
Source: sngrep
Binary: sngrep
Architecture: any
Version: 1.6.0-2
Maintainer: Debian VoIP Team 
Uploaders:  Ivan Alonso , Victor Seva ,
Homepage: https://github.com/irontec/sngrep
Standards-Version: 4.6.0.1
Vcs-Browser: https://salsa.debian.org/pkg-voip-team/sngrep/
Vcs-Git: https://salsa.debian.org/pkg-voip-team/sngrep.git
Build-Depends: debhelper-compat (= 12), libgcrypt20-dev, libgnutls28-dev | gnutls-dev, libncurses5-dev, libncursesw5-dev, libpcap-dev, libpcre2-dev
Package-List:
 sngrep deb comm optional arch=any
Checksums-Sha1:
 16120e0aa70606cc17697c7ba51557387b7daac6 248091 sngrep_1.6.0.orig.tar.gz
 e3f515e3f286c418918a909253a2d35ccb9fd776 488 sngrep_1.6.0.orig.tar.gz.asc
 63b5db9b18325c2514ff795da81f6a6392b0f99e 5384 sngrep_1.6.0-2.debian.tar.xz
Checksums-Sha256:
 fd80964d6560f2ff57b4f5bef2353d1a6f7c48d2f1a5f0a167c854bd2e801999 248091 sngrep_1.6.0.orig.tar.gz
 9170a813db1e0e9073a23550adfffa5d54a0dc32225067405f26191b40ea70e2 488 sngrep_1.6.0.orig.tar.gz.asc
 fb2c0f761cdf155fa9da66e656b78a3e404d1187acf39417eb425dd7dcf78187 5384 sngrep_1.6.0-2.debian.tar.xz
Files:
 1519ca6cd1167c0722debfb96e2ac173 248091 sngrep_1.6.0.orig.tar.gz
 bb6562ad778c8860fd2a55887bacbdec 488 sngrep_1.6.0.orig.tar.gz.asc
 f8907522f313a087c82b68bc9202c329 5384 sngrep_1.6.0-2.debian.tar.xz

-BEGIN PGP SIGNATURE-

iIcEARYKAC8WIQQq6AO8RS0zF4SC1vh9e2XEKg7IsgUCZJk4HxEcdnNldmFAZGVi
aWFuLm9yZwAKCRB9e2XEKg7IsrjmAP98coucWWUFpF0w5CoLmogrQgRQyLw+8xOq
YEZ3OBATrQD+IJt0HV5u6S1hxIZGe+aUkTWcXFuRW0BqSYZbaJKv6w0=
=Vfcg
-END PGP SIGNATURE-
diff -Nru sngrep-1.6.0/debian/changelog sngrep-1.6.0/debian/changelog
--- sngrep-1.6.0/debian/changelog   2022-09-03 08:13:32.0 +0200
+++ sngrep-1.6.0/debian/changelog   2023-06-26 08:55:18.0 +0200
@@ -1,3 +1,9 @@
+sngrep (1.6.0-2) bookworm-security; urgency=high
+
+  * fix from upstream for CVE-2023-36192
+
+ -- Victor Seva   Mon, 26 Jun 2023 08:55:18 +0200
+
 sngrep (1.6.0-1) unstable; urgency=medium
 
   * New upstream version 1.6.0
diff -Nru 
sngrep-1.6.0/debian/patches/ad1daf15c8387bfbb48097c25197bf330d2d98fc.patch 
sngrep-1.6.0/debian/patches/ad1daf15c8387bfbb48097c25197bf330d2d98fc.patch
--- sngrep-1.6.0/debian/patches/ad1daf15c8387bfbb48097c25197bf330d2d98fc.patch  
1970-01-01 01:00:00.0 +0100
+++ sngrep-1.6.0/debian/patches/ad1daf15c8387bfbb48097c25197bf330d2d98fc.patch  
2023-06-26 08:55:18.0 +0200
@@ -0,0 +1,42 @@
+From ad1daf15c8387bfbb48097c25197bf330d2d98fc Mon Sep 17 00:00:00 2001
+From: Kaian 
+Date: Fri, 9 Jun 2023 14:29:29 +0200
+Subject: [PATCH] capture: properly validate WS packet payload size #438
+
+---
+ src/capture.c | 13 +++--
+ 1 file changed, 11 insertions(+), 2 deletions(-)
+
+diff --git a/src/capture.c b/src/capture.c
+index 62ff08fb..3cbabeeb 100644
+--- a/src/capture.c
 b/src/capture.c
+@@ -901,8 +901,8 @@ capture_ws_check_packet(packet_t *packet)
+ size_payload = packet_payloadlen(packet);
+ payload = packet_payload(packet);
+ 
+-// Check we have payload
+-if (size_payload == 0)
++// Check we have enough payload (base)
++if (size_payload == 0 || size_payload <= 2)
+ return 0;
+ 
+ // Flags && Opcode
+@@ -931,8 +931,17 @@ capture_ws_check_packet(packet_t *packet)
+ return 0;
+ }
+ 
++// Check we have enough payload (base + extended payload headers)
++if ((int32_t) size_payload - ws_off <= 0) {
++return 0;
++}
++
+ // Get Masking key if mask is enabled
+ if (ws_mask) {
++// Check we have enough payload (base + extended payload headers + 
mask)
++if ((int32_t) size_payload - ws_off - 4 <= 0) {
++return 0;
++}
+ memcpy(ws_mask_key, (payload + ws_off), 4);
+ ws_off += 4;
+ }
diff -Nru sngrep-1.6.0/debian/patches/series sngrep-1.6.0/debian/patches/series
--- sngrep-1.6.0/debian/patches/series  1970-01-01 01:00:00.0 +0100
+++ sngrep-1.6.0/debian/patches/series  2023-06-26 08:55:18.0 +0200
@@ -0,0 +1,3 @@
+# https://security-tracker.debian.org/tracker/CVE-2023-36192
+# https://github.com/irontec/

Bug#978760: man page for lua-busted

[Victor Seva]

forwarded 978760 https://github.com/lunarmodules/busted/pull/704
thanks
--
-
|   ,''`. Victor Seva |
|  : :' :  linuxman...@torreviejawireless.org |
|  `. `'   PGP Key ID: 0x51A09B18CF5A5068 |
|`-  Debian Developer |
 -


OpenPGP_0x51A09B18CF5A5068.asc
Description: OpenPGP public key


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1018735: rtpengine: FTBFS with libwebsockets/4.3+

[Victor Seva]

Hi,

On 8/29/22 20:58, László Böszörményi (GCS) wrote:

Source: rtpengine
Version: 1:10.0.0+r36-5
Severity: important
Usertags: libwebsockets4.3
Tags: ftbfs upstream bookworm sid


I don't know where did you find that version. That is not coming from us


Hi,

Soon I would like to ask for libwebsockets 4.3.2 transition. Your
package fails to build with it in its self-testing. But it seems your
upstream has a newer release [1] with a change noted as:
websockets test: update for Python 3.10

Please package it as your time permits to let me do the libwebsockets
transition.



version in bookwork is alredy 10.5.1.3-1 and that one has [0] that is the 
backport of the
commit you mention.

[0] 
https://github.com/sipwise/rtpengine/commit/0984130a6dd7fb90db4a8b14723deb4fc9c3f656


Thanks,
Laszlo/GCS
[1] 
https://github.com/sipwise/rtpengine/commit/b1242befd2e7a2550e89c2b050aa6661c4e1f6ee



--
-
|   ,''`. Victor Seva |
|  : :' :  linuxman...@torreviejawireless.org |
|  `. `'   PGP Key ID: 0x51A09B18CF5A5068 |
|`-  Debian Developer |
 -


OpenPGP_0x51A09B18CF5A5068.asc
Description: OpenPGP public key


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1012398: ITP: golang-github-gomagedon-expectate --

[Victor Seva]

Package: wnpp
Severity: wishlist
Owner: Victor Seva 

* Package name: golang-github-gomagedon-expectate
  Version : 1.1.0-1
  Upstream Author : Steven C Kaufman 
* URL : https://github.com/gomagedon/expectate
* License : Expat
  Programming Lang: Go
  Description : lightweight testing utility for golang
  .
  This testing library's intended purpose is to provide 'expect'
  syntax assertions to golang without using the heavy-handed ginkgo
  toolset.

This package is needed by secsipidx 1.2.0

--
-
|   ,''`. |
|  : :' : |
|  `. `'  Victor Seva |
|`-PGP Key ID: 0x51A09B18CF5A5068 |
 -


OpenPGP_0x51A09B18CF5A5068.asc
Description: OpenPGP public key


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1004662: prosody: postinst keeps messing with snakeoil certs

[Victor Seva]

Hi,

On 3/15/22 10:29, Martin wrote:

On 2022-02-01 23:07, Martin wrote:

There have been a number of prosody package bugs related to snakeoil
certs. I wonder, if it is worth the trouble?

For most real world installations, people get LE certs or buy them or
they have their own CA.

Maybe prosody package should just drop the whole snakeoil stuff?


Now that 0.12 is released, it would be nice to get rid of this blocker.
Is there a good reason to cling to snakeoil certificates?



No one that I'm aware of. I'm in favor of just remove that part.

--
-
|   ,''`. |
|  : :' : |
|  `. `'  Victor Seva |
|`-PGP Key ID: 0x51A09B18CF5A5068 |
 -


OpenPGP_0x51A09B18CF5A5068.asc
Description: OpenPGP public key


OpenPGP_signature
Description: OpenPGP digital signature

Bug#991376: ITP: nats.c -- C client for the NATS messaging system

[Victor Seva]

Package: wnpp
Severity: wishlist
Owner: Victor Seva 
X-Debbugs-Cc: debian-de...@lists.debian.org

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

* Package name: nats.c
  Version : 2.5.1
  Upstream Author : Derek Collison de...@nats.io
* URL : https://github.com/nats-io/nats.c/
* License : Apache-2.0
  Programming Lang: C
  Description : C client for the NATS messaging system

 NATS messaging enables the exchange of data that is segmented into messages
 among computer applications and services. These messages are addressed by
 subjects and do not depend on network location. This provides an abstraction
 layer between the application or service and the underlying physical network.
 Data is encoded and framed as a message and sent by a publisher.
 The message is received, decoded, and processed by one or more subscribers.

 This is needed as a dependency for the new kamailio nats module
 https://www.kamailio.org/w/2021/07/new-kamailio-module-nats/

-BEGIN PGP SIGNATURE-

iQEzBAEBCgAdFiEE3S3PbKiJPTunbGuNsViYiXJxmOAFAmD4mcEACgkQsViYiXJx
mODXZwf/UOwxjAwGbPJok+WPfhPxiWRO0zWmhyytZg9wvF184LxLz1U+3Z5e2ss4
SA0eTeJJAaNseC/8uHtDrWFaupG11cdkffDsZZrWmG1bjDBO6T4kq2/SaNvrAH0o
8MqElLNiNr4zXoiPgzu1ZHZ+Jf7c8Algo6iPTjonyz2vU6S3x1EVxHWzGPTZzo05
TWYu56QyCzoOgNtS2yRnERW8O3lo2xq0oWPcsReK46wWbdFiErs3x0zVTaDtUYRR
eOpzdS26rtlF3gULVQZfng44JnHAV7SEPM/z6AyRPwUqbBSqVxefwH4sAjpLfoQI
QXj087lSbi+nP+BAsxzmmZecOO5J9Q==
=MKFe
-END PGP SIGNATURE-

Bug#988756: Prosody security update breaks websocket

[Victor Seva]

Hi

On 5/19/21 6:44 AM, J. Fahrner wrote:

Package: prosody
Version: 0.11.2-1+deb10u1

After latest security update prosodys websocket aborts with the 
following error:


May 18 08:33:07 general error   Top-level error, please report:
/usr/lib/prosody/net/websocket/frames.lua:76: bad argument #1 to 
's_byte' (string expected, got table)

May 18 08:33:07 general error
stack traceback:
     [C]: in function 's_byte'
     /usr/lib/prosody/net/websocket/frames.lua:76: in function 
'parse_frame_header'
     /usr/lib/prosody/net/websocket/frames.lua:138: in function 
'parse_frame'

     /usr/lib/prosody/modules/mod_websocket.lua:280: in function '?'
     /usr/lib/prosody/util/filters.lua:25: in function 'filter'
     /usr/lib/prosody/modules/mod_c2s.lua:284: in function 'data'
     /usr/lib/prosody/modules/mod_c2s.lua:309: in function 


     (...tail calls...)
     /usr/lib/prosody/net/server_select.lua:915: in function 


     [C]: in function 'xpcall'
     /usr/bin/prosody:80: in function 'loop'
     /usr/bin/prosody:90: in main chunk
     [C]: in ?



Can you please check that this version[0] would fix this issue?

[0] 
https://www.torreviejawireless.org/prosody/prosody_0.11.2-1%2Bdeb10u2_amd64.deb

Bug#988695: unblock: prosody/0.11.9-1

[Victor Seva]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Please unblock package prosody.

We fixed 5 CVE issues [0] already on sid and buster, this version needs
to migrate to testing in order not to have any security regression.

Security team asked me to contact you in order to get your unblock
approval. More info about this release at upstream [1] and our BTS at
#988668 [2].

[0] https://security-tracker.debian.org/tracker/source-package/prosody
[1] https://prosody.im/security/advisory_20210512.txt
[2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988668

unblock prosody/0.11.9-1

- -- System Information:
Debian Release: 10.9
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable'), (1, 'unstable'), (1, 
'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-0.bpo.5-amd64 (SMP w/16 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US 
(charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

-BEGIN PGP SIGNATURE-

iQEzBAEBCgAdFiEEDmBQEMrYIhRFqKAgIXSmjn2oLMcFAmCjeY4ACgkQIXSmjn2o
LMePfAf/YVdSkJvEj9ZorZrCgdngUObO/wep7PpKRP7BcA+xhrAjehb9+eb8rI+Y
JIjiyLFTQMBZxKos+NI1R7ubmodBfCRbIpwsmy06fbhyQXPx17TmNKR0pPEB36UN
DO0IcCRl7FLClYHgo41EolfCsLyu7Th4gCWQ6PSNe0aUHZVKPZxAsGcBdWwAuICg
LkbhCsQuKTzuEJpLmuq9pz9UFyMVgqncNxeITvb94/pMPeMzhV/Cr0JQoj3b9SZS
f3W5/2gm7IPL1xV4+EMiugPpJB0ECfeM3BbKP1fwi9q3cFSpQjCEksFO5anRkLM5
OFIPtZ6LIwJyYf3jfSlgWO5JCtbHTQ==
=4E83
-END PGP SIGNATURE-
diff -Nru prosody-0.11.8/core/certmanager.lua 
prosody-0.11.9/core/certmanager.lua
--- prosody-0.11.8/core/certmanager.lua 2021-02-15 16:29:13.0 +0100
+++ prosody-0.11.9/core/certmanager.lua 2021-05-12 17:22:02.0 +0200
@@ -36,9 +36,13 @@
 local resolve_path = require"util.paths".resolve_relative_path;
 local config_path = prosody.paths.config or ".";
 
+local function test_option(option)
+   return not not 
ssl_newcontext({mode="server",protocol="sslv23",options={ option }});
+end
+
 local luasec_major, luasec_minor = ssl._VERSION:match("^(%d+)%.(%d+)");
 local luasec_version = tonumber(luasec_major) * 100 + tonumber(luasec_minor);
-local luasec_has = softreq"ssl.config" or {
+local luasec_has = ssl.config or softreq"ssl.config" or {
algorithms = {
ec = luasec_version >= 5;
};
@@ -46,11 +50,12 @@
curves_list = luasec_version >= 7;
};
options = {
-   cipher_server_preference = luasec_version >= 2;
-   no_ticket = luasec_version >= 4;
-   no_compression = luasec_version >= 5;
-   single_dh_use = luasec_version >= 2;
-   single_ecdh_use = luasec_version >= 2;
+   cipher_server_preference = 
test_option("cipher_server_preference");
+   no_ticket = test_option("no_ticket");
+   no_compression = test_option("no_compression");
+   single_dh_use = test_option("single_dh_use");
+   single_ecdh_use = test_option("single_ecdh_use");
+   no_renegotiation = test_option("no_renegotiation");
};
 };
 
@@ -115,6 +120,7 @@
no_compression = luasec_has.options.no_compression and 
configmanager.get("*", "ssl_compression") ~= true;
single_dh_use = luasec_has.options.single_dh_use;
single_ecdh_use = luasec_has.options.single_ecdh_use;
+   no_renegotiation = luasec_has.options.no_renegotiation;
};
verifyext = { "lsec_continue", "lsec_ignore_purpose" };
curve = luasec_has.algorithms.ec and not 
luasec_has.capabilities.curves_list and "secp384r1";
diff -Nru prosody-0.11.8/debian/changelog prosody-0.11.9/debian/changelog
--- prosody-0.11.8/debian/changelog 2021-02-16 14:26:08.0 +0100
+++ prosody-0.11.9/debian/changelog 2021-05-14 09:17:12.0 +0200
@@ -1,3 +1,16 @@
+prosody (0.11.9-1) unstable; urgency=high
+
+  * New upstream version 0.11.9 addressing several security issues
+    - https://prosody.im/security/advisory_20210512/
++ CVE-2021-32918
++ CVE-2021-32920
++ CVE-2021-32921
++ CVE-2021-32917
++ CVE-2021-32919
+  * refresh patches
+
+ -- Victor Seva   Fri, 14 May 2021 09:17:12 +0200
+
 prosody (0.11.8-1) unstable; urgency=medium
 
   * New upstream version 0.11.8
diff -Nru prosody-0.11.8/debian/patches/0001-conf.patch 
prosody-0.11.9/debian/patches/0001-conf.patch
--- prosody-0.11.8/debian/patches/0001-conf.patch   2021-02-16 
14:26:08.0 +0100

Bug#977493: ITP: secsipidx -- Secure SIP Identity Extensions - IETF STIR and SHAKEN

[Victor Seva]

Package: wnpp
Severity: wishlist
Owner: Victor Seva 
X-Debbugs-Cc: debian-de...@lists.debian.org

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

* Package name: secsipidx
  Version : 1.0.0
  Upstream Author : Daniel-Constantin Mierla 
* URL : https://github.com/asipto/secsipidx
* License : BSD-3-clause
  Programming Lang: Go
  Description : Secure SIP Identity Extensions - IETF STIR and SHAKEN

 Secure SIP/Telephony Identity Extensions Overview Applications
 and libraries implementing STIR and SHAKEN (RFC8224, RFC8588), used in
 SIP/VoIP services:
.
 • RFC8224 - https://tools.ietf.org/html/rfc8224
 • RFC8588 - https://tools.ietf.org/html/rfc8588
.
 Components:
 • secsipid: Go library - common functions
 • csecsipid: C library - wrapper code to build dynamic or static library
   and .h include files
 • secsipidx: main.go - CLI tool and HTTP API server for checking or building 
SIP
   identitysecsipidx

This is build dependency of a new kamailio module: secsipid [0] and it
would be maintained under the go team umbrella
[0] https://www.kamailio.org/docs/modules/devel/modules/secsipid.html

-BEGIN PGP SIGNATURE-

iQEzBAEBCgAdFiEE3S3PbKiJPTunbGuNsViYiXJxmOAFAl/Y9PgACgkQsViYiXJx
mOD/Ggf/SIOvoqoi/WU41M7iPWiZlo6k/wSatZGID+butC/yrCLcqblfQPGgYK7D
WEQcF28I7oj9lPd0qEnhEq+AdEd/Sj6RyWqql5L4ERwhHkt1K1V1gIrLaRtmm4kz
KT2LTx2ebE6U7mhJEv6/+ZObHEetMioNvWaCtSKmUop2jy6npqzpO1MXBgEnEPaa
h5Qg759iI6/GQwhh6dpy3zLfL5o7KDeE8eBPW0RL0bgL5Kjo5ut1Lk2AiPsPZ/Ck
5mgyoPUHX8yRfwoqfnB59OYrPylL2FTRBtcFV+VNDeQI9osbnYyfQhQ7v54nuQgq
yLr6I4zeNNB1oIXH0Fbr8g4zID7z7A==
=pwkG
-END PGP SIGNATURE-

Bug#962042: smuxi-frontend-gnome: clicking on a link does not open it in the web browser

[Victor Seva]

Package: smuxi-frontend-gnome
Followup-For: Bug #962042

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Works in my buster installation

- -- System Information:
Debian Release: 10.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable'), (1, 'unstable'), (1, 
'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.5.0-0.bpo.2-amd64 (SMP w/16 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US 
(charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages smuxi-frontend-gnome depends on:
ii  libdbus-glib2.0-cil 0.6.0-1
ii  libdbus2.0-cil  0.8.1-2
ii  libglade2.0-cil 2.12.40-2
ii  libglib2.0-02.58.3-2+deb10u2
ii  libglib2.0-cil  2.12.40-2
ii  libgtk2.0-0 2.24.32-3
ii  libgtk2.0-cil   2.12.40-2
ii  libgtkspell02.0.16-1.2
ii  liblog4net1.2-cil   1.2.10+dfsg-7
ii  libmessagingmenu12.10-cil   1.0.1-1
ii  libmono-corlib4.5-cil   5.18.0.240+dfsg-3
ii  libmono-posix4.0-cil5.18.0.240+dfsg-3
ii  libmono-system-core4.0-cil  5.18.0.240+dfsg-3
ii  libmono-system-web4.0-cil   5.18.0.240+dfsg-3
ii  libmono-system4.0-cil   5.18.0.240+dfsg-3
ii  libnotify0.4-cil0.4.0~r3032-7
ii  librsvg2-common 2.44.10-2.1
ii  mono-runtime5.18.0.240+dfsg-3
ii  smuxi-engine1.0.7-5

Versions of packages smuxi-frontend-gnome recommends:
ii  ksshaskpass [ssh-askpass]   4:5.14.5-1
ii  notification-daemon 3.20.0-4
ii  plasma-workspace [notification-daemon]  4:5.14.5.1-1

smuxi-frontend-gnome suggests no packages.

- -- no debconf information

-BEGIN PGP SIGNATURE-

iQEzBAEBCgAdFiEEDmBQEMrYIhRFqKAgIXSmjn2oLMcFAl7d78MACgkQIXSmjn2o
LMcOUQf9GQDzDlpIfjU3fYMsWiZUDPKGSopA24tKh24kDp6bl3LTlChELfNvkrxf
PsKXRaBHQdFTwrnngq+itJU8cTjHaL6sGNkxI78NXusJGXl4s405VtMFADXq8Na5
L0r7FmwVZLNaqEvyB1re+WHpMynur8tMRpCyR46GmxvzgSuX9nIfz8FaBdIsy4qR
XhtEIZ9kWJAI+GVaacurYrr8T2OE6YJOsFEUwdd7m8RNdqEoqb4B8GtBoq4U5puh
TTbF/xgdMgY7/OqDMcmcLLshFExXTfG/uZr+RErtTcx0Wh2BkVdhw5FdFTly4ri2
sDdXPWtN3HG4I89r2fVS/CxXqcAKug==
=unlO
-END PGP SIGNATURE-

Bug#929803: Package:kamailio-java-modules request for buster (Package:kamailio-java-modules with openjdk deps)

[Victor Seva]

package kamailio-java-modules
tags 929803 wontfix
--

Hi,

> I need a kamailio_java package for kamailio 5 's buster without the
gcj dependancy.

app_java packaging was removed due [0]. There are several problems with
it [1][2]. If you need it, maybe you can help upstream to get it working.

Cheers,
Victor

[0] https://github.com/kamailio/kamailio/issues/1487
[1] https://github.com/kamailio/kamailio/issues/1969
[2] https://github.com/kamailio/kamailio/issues/1984



signature.asc
Description: OpenPGP digital signature

Bug#951154: Acknowledgement (prosody: ejabberd2prosody crashes)

[Victor Seva]

Can you please check if this issue still happens with prosody
0.11.4-1~bpo10+1?

Cheers,
Victor

Bug#803119: [Debian-rtc-admin] prosody config, status update

[Victor Seva]

On Thu, 13 Jun 2019 at 14:50, Jonas Smedegaard  wrote:

> I am not familiar with Puppet so cannot help review that.
>
> It seems to me noone else in the team is familiar with it either -
> including Victor who wrote previously that he has "no idea how to test
> this and see what the result would be."
>

Just to be clear, I had some experience with puppet in an environment that
I was able to log into the machine and test the changes. My problem here is
how to reproduce the machine in a VM.

Cheers,
Victor

Bug#803119: [Debian-rtc-admin] prosody config, status update

[Victor Seva]

On Thu, 13 Jun 2019 at 13:09, gustavo panizzo  wrote:

> I've been working on how to maintain and update the prosody config
>
> this was my initial attempt using a Makefile
> https://salsa.debian.org/rtc-team/prosody-configuration
>
> this is my current attempt using puppet and the module Victor suggested
>
> https://salsa.debian.org/gfa/dsa-puppet/merge_requests/1/diffs
>
> this is depending this merge
> https://github.com/voxpupuli/puppet-posix_acl/pull/62 if the merge takes
> to long I'll fork the module in salsa
>
> My goal for the first iteration is to have the patch merged by DSA so we
> can have a way to deploy changes in the service easily and
> auditable, afterwards (help welcomed!) I'll add anti-spam measures and
> http_uploads :)
>
> reviews of the MR are very much welcomed
>

This is great!

Some comments:

* the need of posix_acl maybe is not necessary. This was needed to do
manual changes to the configs. If We can manage the config via puppet I
think is not really needed. Maybe without posix_acl it would be easier to
get approved by DSA. Being able to read /var/log/prosody/ is good enough to
check and debug the service.
* can you please explain and document how to get the "generated" configs.
In other words, how to test this in a VM with puppet masterless.

Great work Gustavo. Thank you for this!
Cheers,
Victor

Bug#843703: please allow users to create multi-user chatrooms

[Victor Seva]

>  Is it already too late to consider changing name?

Not at all, there is only one room 'rtc' and this is us.


> 
>  id="d55828bd-6b97-4326-8b12-b9619147181b" from="
> vs...@debian.org/gajim.BA9QCKUE">
> http://jabber.org/protocol/disco#items; />
> 
> 
> 
> 
>  type="result" id="d55828bd-6b97-4326-8b12-b9619147181b" from="
> conference.debian.org">
> http://jabber.org/protocol/disco#items;>
> 
> 
> 

Bug#843703: please allow users to create multi-user chatrooms

[Victor Seva]

MUC service is already enabled for debian.org as conference.debian.org. The
only problem with this is that users from outside debian.org can't use it.

This was my initial decision in order not to get more spam and noise that
was already high at that moment.

deba...@debian.org suggested to open MUC to external users adding
conference.debian.org to the DNS.

> On Wed, 29 May 2019 at 11:32, Jonas Smedegaard
> (I find conference@... a little bit too generic, maybe it can be
> changed to conference.xmpp.debian.org or whatever later.)

fine then, can We agree in the name then?

I propose muc.debian.org

Cheers,
Victor

Bug#803119: prosody config

[Victor Seva]

Initial work, just adding the prosody module is here [0]. Next step would
be to use the module to generate the configs We need. And modify it if
something is missing and try to push those changes upstream.

But, I have no idea how to test this and see what the result would be. I
would need to investigate how to play with dsa-puppet in a local
development environment. Any hints?

Cheers,
Victor

[0] https://salsa.debian.org/vseva/dsa-puppet/commits/vseva/xmpp

Bug#921015: kamailio 5.2 invalid permissions at run dir cuases several issues

[Victor Seva]

On Fri, 1 Feb 2019 at 14:25, PICCORO McKAY Lenz 
wrote:

> Hi victor, you didnt noted tha i mentiones that i use buster, and i
> mention that only happened when kamailio need to comunicate
> internally.. this means with many modules enables and asterisk in the
> game... and i noted that build from upstream already happened in 5.1
> and 5.2 so seems its a kamailio bug
>

Please, provide a test bed in order to reproduce.

In your bugreport you are claiming that /var/run/kamailio has the wrong
permissions. This is done on sysv or systemd level nothing to do with
kamailio itself.
As I said before, both scripts that the package provides are taking care of
it.

Please, provide detailed info since the default installation works as
expected.

Cheers,
Victor

Bug#921015: kamailio 5.2 invalid permissions at run dir cuases several issues

[Victor Seva]

 severity 921015 normal
--
thanks

Hello,

*You didn't mentioned if you are using systemd or sysv. Both have rules to
create and set permissions for /var/run/kamailio dir:*

*# debian/kamailio.init*

*HOMEDIR=/var/run/$NAME[..]USER=kamailioGROUP=kamailio[..]*




*# /var/run can be a tmpfsif [ ! -d $HOMEDIR ]; thenmkdir -p $HOMEDIR
  chown ${USER}:${GROUP} $HOMEDIRfi # debian/kamailio.service#
/var/run/kamailio in
tmpfsRuntimeDirectory=kamailioRuntimeDirectoryMode=0750In my testing with
the default config (sysv):seting RUN_KAMAILIO=yes on /etc/default/kamailio*












*root@c56eab6f6ec2:/# service kamailio start[] Starting Kamailio SIP
Server: kamailio:Listening on  udp: 127.0.0.1:5060
 udp: 172.17.0.2:5060
 tcp: 127.0.0.1:5060
 tcp: 172.17.0.2:5060
Aliases:  tcp: c56eab6f6ec2:5060
 tcp: localhost:5060 udp: c56eab6f6ec2:5060
 udp: localhost:5060/usr/sbin/kamailio[754]: INFO: rr
[../outbound/api.h:52]: ob_load_api(): unable to import bind_ob - maybe
module is not loaded/usr/sbin/kamailio[754]: INFO: rr [rr_mod.c:177]:
mod_init(): outbound module not available/usr/sbin/kamailio[754]: INFO:
 [main.c:2648]: main(): processes (at least): 32 - shm size: 67108864
- pkg size: 8388608/usr/sbin/kamailio[754]: INFO: 
[core/udp_server.c:153]: probe_max_receive_buffer(): SO_RCVBUF is initially
212992/usr/sbin/kamailio[754]: INFO:  [core/udp_server.c:205]:
probe_max_receive_buffer(): SO_RCVBUF is finally
425984/usr/sbin/kamailio[754]: INFO:  [core/udp_server.c:153]:
probe_max_receive_buffer(): SO_RCVBUF is initially
212992/usr/sbin/kamailio[754]: INFO:  [core/udp_server.c:205]:
probe_max_receive_buffer(): SO_RCVBUF is finally
425984/usr/sbin/kamailio[754]: ERROR:  [core/tcp_main.c:2739]:
tcp_init(): could not get TCP protocol number/usr/sbin/kamailio[754]:
ERROR:  [core/tcp_main.c:2739]: tcp_init(): could not get TCP
protocol number. okroot@c56eab6f6ec2:/# ls -lah /var/run/kamailio/total
12Kdrwxr-xr-x 2 kamailio kamailio 4.0K Feb  1 12:49 .drwxr-xr-x 1 root
 root 4.0K Feb  1 12:48 ..-rw-r--r-- 1 kamailio kamailio4 Feb  1
12:49 kamailio.pidsrw--- 1 kamailio kamailio0 Feb  1 12:49
kamailio_ctlprw-rw 1 root root0 Feb  1 12:49
kamailio_rpc.fifosrw-rw 1 root root0 Feb  1 12:49
kamailio_rpc.sockroot@c56eab6f6ec2:/# kamcmd kamcmd 1.5Copyright 2006
iptelorg GmbHThis is free software with ABSOLUTELY NO WARRANTY.For details
type `warranty'.kamcmd> ps754 main process - attendant755 udp receiver
child=0 sock=127.0.0.1:5060 756 udp receiver child=1
sock=127.0.0.1:5060 757 udp receiver child=2
sock=127.0.0.1:5060 758 udp receiver child=3
sock=127.0.0.1:5060 759 udp receiver child=4
sock=127.0.0.1:5060 760 udp receiver child=5
sock=127.0.0.1:5060 761 udp receiver child=6
sock=127.0.0.1:5060 762 udp receiver child=7
sock=127.0.0.1:5060 763 udp receiver child=0
sock=172.17.0.2:5060 764 udp receiver child=1
sock=172.17.0.2:5060 765 udp receiver child=2
sock=172.17.0.2:5060 766 udp receiver child=3
sock=172.17.0.2:5060 767 udp receiver child=4
sock=172.17.0.2:5060 768 udp receiver child=5
sock=172.17.0.2:5060 769 udp receiver child=6
sock=172.17.0.2:5060 770 udp receiver child=7
sock=172.17.0.2:5060 771 slow timer772 timer773
secondary timer774 JSONRPCS FIFO775 JSONRPCS DATAGRAM776 ctl handler777 tcp
receiver (generic) child=0778 tcp receiver (generic) child=1779 tcp
receiver (generic) child=2780 tcp receiver (generic) child=3781 tcp
receiver (generic) child=4782 tcp receiver (generic) child=5783 tcp
receiver (generic) child=6784 tcp receiver (generic) child=7785 tcp main
processkamcmd>Cheers,Victor*

Bug#836236: prosody: doesn't try IPv4 when IPv6 fails

[Victor Seva]

Hi Cyril,

Can you please confirm that this error does not exist in the current
version of prosody 0.11.1-1?

Thanks,
Victor Seva

Bug#902452: Kamailio TLS module in Debian Stretch is unusable

[Victor Seva]

proposed change to stretch #917880

Bug#917880: stretch-pu: package kamailio/4.4.4-2+deb9u3

[Victor Seva]

Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

version in stable can't be used with TLS enabled due to #902452 with
severity grave. If user enables TLS kamailio fails to start.

Upstream fix was included on 4.4.6 version[0]. Proposed update only include 
that fix.

[0] 
https://github.com/kamailio/kamailio/commit/406c02f7b76ada56d6e1f73e763fecb05c1f51c5

- -- System Information:
Debian Release: buster/sid
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing'), (200, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=es_ES.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEjxnK3NQqQtRVY3MMUaCbGM9aUGgFAlwp7dUACgkQUaCbGM9a
UGj1SBAAmh+N9LaAj/MNe/X1R1bjFLnYQC8JNxn+zJ9q69MUpOUXqPuSVfqn7G7V
wsRhNW1498bVLu5rATfm4zxxzcaWF+TjsVzfjGye3NDBWQ1N3ukb/t8t0BtecYgw
m/rEMF+ekE8w1x0w/NlAqlsbIYr7elQomx31HaS6vCac0a2sxqJ5T5U6G2s1j5fR
zmeKOkjwlvrWdg7/Ad/MwJj7SkpZiqGzEEK7bwe/wBvxg5FE7mGbfYXe4QH9TA6c
ssVLWjQ26juJ5U7cCJhrA/bh/n0uiMns+w6So7NWJ/VttgfKBAa48CnNHe+pYTn3
WbwMfa0oq9GnAXlph+/8xqzkJBDscxT5EeCflzpjP/5ilsFKiLfTWKdivTNSxW4a
+qU28etGpAfF4amz34xe9KAhLhGcnwHEPSgNCgjzjWtgmk9Mf59Whzm15Rs7n/1y
x/oDJbv7KOqoMpfz4/dvCPDJE2NrQruC9Y+SIRRO6Xzm1cWyPgxmrTknu+OPC44l
4EwF8Zupl84LC/lVuQ3SvT11Q65xo7cZe8APYfdqeJjqji8W9ErsJOKX6RMRtHgh
pQr0aSktlyrRdxAjwUZMeQ+WasNGnB47DB+gKEWvc2eSfKPLMrttPuFIf+9Z/9vK
vDUzx3ZdZItC5xqGEisS5aai7PEPz+k8749ZN3GetPDn/53fNf8=
=u1vf
-END PGP SIGNATURE-
diff -Nru kamailio-4.4.4/debian/changelog kamailio-4.4.4/debian/changelog
--- kamailio-4.4.4/debian/changelog 2018-09-07 23:15:42.0 +0200
+++ kamailio-4.4.4/debian/changelog 2018-12-31 10:28:23.0 +0100
@@ -1,3 +1,10 @@
+kamailio (4.4.4-2+deb9u4) stretch; urgency=medium
+
+  * fix kerberos and zlib check (Closes: #902452)
+so TLS can be used again via kamailio-tls-modules
+
+ -- Victor Seva   Mon, 31 Dec 2018 10:28:23 +0100
+
 kamailio (4.4.4-2+deb9u3) stretch-security; urgency=high
 
   * Non-maintainer upload by the Security Team.
diff -Nru kamailio-4.4.4/debian/patches/series 
kamailio-4.4.4/debian/patches/series
--- kamailio-4.4.4/debian/patches/series2018-09-07 23:15:42.0 
+0200
+++ kamailio-4.4.4/debian/patches/series2018-12-31 10:28:23.0 
+0100
@@ -3,6 +3,7 @@
 upstream/0001-tmx-allocate-space-to-store-ending-0-for-branch-valu.patch
 upstream/0002-core-improve-to-header-check-guards-str-consists-of-.patch
 upstream/0001-core-improve-header-safe-guards-for-Via-handling.patch
+upstream/0001-tls-do-kerberos-and-zlib-init-checks-only-for-libssl.patch
 #
 no_lib64_on_64_bits.patch
 no_INSTALL_file.patch
diff -Nru 
kamailio-4.4.4/debian/patches/upstream/0001-tls-do-kerberos-and-zlib-init-checks-only-for-libssl.patch
 
kamailio-4.4.4/debian/patches/upstream/0001-tls-do-kerberos-and-zlib-init-checks-only-for-libssl.patch
--- 
kamailio-4.4.4/debian/patches/upstream/0001-tls-do-kerberos-and-zlib-init-checks-only-for-libssl.patch
  1970-01-01 01:00:00.0 +0100
+++ 
kamailio-4.4.4/debian/patches/upstream/0001-tls-do-kerberos-and-zlib-init-checks-only-for-libssl.patch
  2018-12-31 10:28:23.0 +0100
@@ -0,0 +1,57 @@
+From 406c02f7b76ada56d6e1f73e763fecb05c1f51c5 Mon Sep 17 00:00:00 2001
+From: Daniel-Constantin Mierla 
+Date: Fri, 31 Mar 2017 12:56:52 +0200
+Subject: [PATCH] tls: do kerberos and zlib init checks only for libssl < 1.1.0
+
+- using string matching inside libssl compile flags is no longer
+  reliable
+- reported by GH #1050
+
+(cherry picked from commit e59fa823b7b9513d3d1adb958d5e8ec055082d83)
+(cherry picked from commit b12ac4ea9efae41b83a2664ea4f25b1d59bc2032)
+---
+ modules/tls/tls_init.c | 9 +
+ 1 file changed, 9 insertions(+)
+
+diff --git a/modules/tls/tls_init.c b/modules/tls/tls_init.c
+index af2d4c54e..133bc7fc8 100644
+--- a/modules/tls/tls_init.c
 b/modules/tls/tls_init.c
+@@ -563,11 +563,13 @@ int init_tls_h(void)
+ {
+   /*struct socket_info* si;*/
+   long ssl_version;
++#if OPENSSL_VERSION_NUMBER < 0x01010L
+   int lib_kerberos;
+   int lib_zlib;
+   int kerberos_support;
+   int comp_support;
+   const char* lib_cflags;
++#endif
+   int low_mem_threshold1;
+   int low_mem_threshold2;
+   str tls_grp;
+@@ -603,6 +605,10 @@ int init_tls_h(void)
+   else
+   return -1; /* safer to exit */
+   }
++
++/* check kerberos support using compile flags only for version < 1.1.0 */
++#if OPENSSL_VERSION_NUMBER < 0x01010L
++
+ #ifdef TLS_KERBEROS_SUPPORT
+   kerberos_support=1;
+ #else
+@@ -672,6 +678,9 @@ int init_tls_h(void)
+   "

Bug#902452: Kamailio TLS module in Debian Stretch is unusable

[Victor Seva]

upstream fix included at 4.4.6
https://github.com/kamailio/kamailio/commit/406c02f7b76ada56d6e1f73e763fecb05c1f51c5

Bug#902452: Kamailio TLS module in Debian Stretch is unusable

[Victor Seva]

> kamailio[4041]: INFO: tls [tls_init.c:633]: init_tls_h(): tls:
_init_tls_h:  compiled  with  openssl  version "OpenSSL 1.1.0f  25 May
2017" (0x1010006f), kerberos support: on, compression: on
kamailio[4041]: INFO: tls [tls_init.c:641]: init_tls_h(): tls: init_tls_h:
installed openssl library version > "OpenSSL 1.1.0j  20 Nov 2018"
(0x101000af), kerberos support: off,  zlib compression: off
 compiler: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS
-DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2
-DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m
-DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM
-DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM
-DPOLY1305_ASM -DOPENSSLDIR="\"/usr/lib/ssl\""
-DENGINESDIR="\"/usr/lib/x86_64-linux-gnu/engines-1.1\""
> kamailio[4041]: : tls [tls_init.c:651]: init_tls_h(): ERROR: tls:
init_tls_h: openssl compile options mismatch: library has kerberos support
disabled and Kamailio tls enabled (unstable configuration)
 (tls_force_run in kamailio.cfg will override this check)
> kamailio[4041]: CRITICAL:  [main.c:2592]: main(): could not
initialize tls, exiting...
> kamailio[4041]: INFO:  [sctp_core.c:53]: sctp_core_destroy(): SCTP
API not initialized

Full error output

Bug#902452: Kamailio TLS module in Debian Stretch is unusable

[Victor Seva]

Thanks for the report,

I didn't find the time to investigate but
I think this info is relevant here
https://github.com/kamailio/kamailio/issues/1050

Will try to look into this in the next few days,
Victor Seva

Bug#914530: fixed in lua-ldap 1.2.3-1

[Victor Seva]

Hi Daniel,

can you please test this patch.

Cheers,
Victor
From: Victor Seva 
Date: Thu, 20 Dec 2018 11:08:55 +0100
Subject: don't set global lualdap on lua > 5.1

---
 src/lualdap.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/lualdap.c b/src/lualdap.c
index f2404b8..5dd5971 100644
--- a/src/lualdap.c
+++ b/src/lualdap.c
@@ -1093,7 +1093,9 @@ int luaopen_lualdap (lua_State *L) {
 	lualdap_createmeta (L);
 	luaL_newlib(L, lualdap);
 	lua_pushvalue(L, -1);
+#if LUA_VERSION_NUM < 502
 	lua_setglobal(L, LUALDAP_TABLENAME);
+#endif
 	set_info (L);
 
 	return 1;

Bug#785480: Expanding interest in bcg729

[Victor Seva]

I have just started to update the repo in salsa [0] to the new 1.0.4
upstream version.

Help getting the package in shape for inclusion in Debian is appreciated
:-)

[0] https://salsa.debian.org/pkg-voip-team/bcg729/

Bug#916126: ITP: rtpengine -- Proxy for RTP and media streams

[Victor Seva]

Package: wnpp
Severity: wishlist
Owner: Victor Seva 

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

* Package name: rtpengine
  Version : mr6.5.2.1
  Upstream Author : Sipwise Development Team 
* URL : https://github.com/sipwise/rtpengine/
* License : GPL-3+ with OpenSSL exception
  Programming Lang: C
  Description : Proxy for RTP and media streams

The Sipwise NGCP rtpengine is a proxy for RTP traffic and other UDP based media
traffic. It's meant to be used with the Kamailio SIP proxy and forms a drop-in
replacement for any of the other available RTP and media proxies.

Currently the only supported platform is GNU/Linux.

Features

Media traffic running over either IPv4 or IPv6
Bridging between IPv4 and IPv6 user agents
Bridging between different IP networks or interfaces
TOS/QoS field setting
Customizable port range
Multi-threaded
Advertising different addresses for operation behind NAT
In-kernel packet forwarding for low-latency and low-CPU performance
Automatic fallback to normal userspace operation if kernel module is 
unavailable
Support for Kamailio's rtpproxy module
Legacy support for old OpenSER mediaproxy module

When used through the rtpengine module (or its older counterpart called
rtpproxy-ng), the following additional features are available:

Full SDP parsing and rewriting
Supports non-standard RTCP ports (RFC 3605)
ICE (RFC 5245) support:
Bridging between ICE-enabled and ICE-unaware user agents
Optionally acting only as additional ICE relay/candidate
Optionally forcing relay of media streams by removing other ICE 
candidates
SRTP (RFC 3711) support:
Support for SDES (RFC 4568) and DTLS-SRTP (RFC 5764)
AES-CM and AES-F8 ciphers, both in userspace and in kernel
HMAC-SHA1 packet authentication
Bridging between RTP and SRTP user agents
Support for RTCP profile with feedback extensions (RTP/AVPF, RFC 4585 and 
5124)
Arbitrary bridging between any of the supported RTP profiles (RTP/AVP, 
RTP/AVPF, RTP/SAVP, RTP/SAVPF)
RTP/RTCP multiplexing (RFC 5761) and demultiplexing
Breaking of BUNDLE'd media streams 
(draft-ietf-mmusic-sdp-bundle-negotiation)
Recording of media streams, decrypted if possible
Transcoding and repacketization

Rtpengine does not (yet) support:

Playback of pre-recorded streams/announcements
ZRTP, although ZRTP passes through rtpengine just fine



This package will be maintained under the pkg-voip team umbrella


-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEjxnK3NQqQtRVY3MMUaCbGM9aUGgFAlwOV1QACgkQUaCbGM9a
UGiugg//fT1Sq3GdbqCYtZy/qjKUbLqGMM5XOoyz22fOjBPryNvCwdmNWpS/zlIn
zKosWxrOcc7oeSch9f249qtbNyhQ52Ctz37W0qnqnOtSpPDtAhV/mMmB0l4R0pGn
C5Afz9aTdM6+hVjF4qkdkRSGP0nV5uBwqIaaorFvl+9pAdhLFVfs14Q/KoHMxhTt
dnh3jyvanUmru+6Aoy+J+lZRM0SUNec6Sa3q4Vxm38W2mBGcxM2iqu5yHeUckGWm
z5vdU7wCmuB2d6IgIHlDS7EJYqsZpjJqWBNWo7qoBqKeU3zIj61c7o6Y4Locvcjr
vZ207KnlhQ2oPeX9mtzptRsJKwGbZdWMOfwrVw4gOfyGaw5uumnVODvMR5VZuSBs
7S/fX2YKvVzmZdhPq/xljCG9IzPgea7MEb40N5mVPNEArlsEbAhaqzxn73c80OIy
M17bnB1IKmdU4Viy9/edpdt3CRJdRcy7L4URRhLd+y7aHcTqACJ7Llt58MQMeFTP
FadFU4niZXBD4Y3yuJKpARleAVaYb12PxIGrJsNnrTjvd74Ii57IuBRjr4D3x1FS
tpzs9dk+qfHJoMlRnOZSKVqGiJDgYmF4zA++cRkBwhdUs/dp6RLof3Jlnx3HdSyh
fJ27yzMkuNq900UAmwjv1UgoyojvClxjcUoWErzQQrsB47exnuE=
=rni1
-END PGP SIGNATURE-

Bug#898013: lua-redis: Not compatible with lua5.3

[Victor Seva]

Hi,

sorry for the late reply.

On Sat, 5 May 2018 at 22:27, Tim Duesterhus 
wrote:

> this package cannot be used with lua5.3 out of the box, because
> it is not installed into the LUA_PATH:
>
>
according to upstream [0]:
> This library is tested and works with Lua 5.1, Lua 5.2 (using a
compatible version of LuaSocket) and LuaJit 2.0.

So I'm providing lua5.1 and lua5.2 links.

Can you please confirm that it works for you with lua5.3, please

[0] https://github.com/nrk/redis-lua#compatibility

Bug#911214: RM: asterisk-prompt-es -- ROM; outdated, no longer needed

[Victor Seva]

Package: ftp.debian.org
Severity: normal

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

As the maintainer of this package, please remove it. Is no longer
relevant for the version we provide this days of asterisk.

Thanks,
Victor Seva


-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEjxnK3NQqQtRVY3MMUaCbGM9aUGgFAlvG4boACgkQUaCbGM9a
UGgEaw//UeyLyu+HRgJcmFMGvq+3QkSuqD2VwM5BNKI6o3LSt3Txl3HbIoAa3Fmz
eeqL4A7ZzfHqJpXn8ip1ZOC5zGStiautYZHpZnqap5HUp1/up2gWFmnpKP9Cv5Jp
Q0HHv/dW/Tx7gvzdn5cPGk5uWrrlGCQ/Qwk7l+HNINldrekloFT3Qp7+M44D9U+1
RHrNUGP0hB5o1d0XGZ6+hIJojdSgk+JvoFnHl4XdA8IcIkXonOsqIL3asip95i4d
P3GE/rUs7U4o0VTtQt3bX2kIheOZoewLu2FoPs72Ww/9/5lZ81MtOz1MqHTnvcYY
NQYbgWIL/a8/uoO8YFkgpER9+YvINATus0e0cD4PA7wgMnT4DEE5yMnMPC3U2XfB
DCtu/EPDxnYSUoKMchcnQojE0hTvM+p+urXXklEVcl8JTvhR+fCCgCIJVAURv+ok
HLRdVRks8lk8HboE3Wpugcw1uTlJIk2g5Dd5VwQ9ZMEWKhCitOpsCp1l2o2NZjOX
vM1TqgQ3Fwed45biYYB6fcf6gamdK/lIvYpdqqw4bPekE0xQOcVci7h23vGFklDX
WHl4WDIMrq+fehv4jmGj8CFT+1bOPvlbvpQ8MGfiwpPyORw+AZQ1EK3nfqnTiTel
eLcQwhHnZvLMC5DRCmnc2gzJhMlyHYHYzE9O1OU4xGv7LaHrSZ8=
=/sa/
-END PGP SIGNATURE-

Bug#910506: split package into architecture dependent and independent ones

[Victor Seva]

Hi,

On Sun, Oct 7, 2018, 20:09 W. Martin Borgert  wrote:

> On 2018-10-07 18:05, Boris Pek wrote:
> > I would suggest you to reconsider all pros and cons of this decision.
>
> Sorry for already uploading my change. I should have waited for
> comments, esp. after asking! I'm absolutely open to revert the
> change, if we would agree, that it were a bad idea. It is only
> one commit. So far, I still think, the split is a good idea,
> but I do not care too much about it. Any comment from the
> prosody uploaders?
>

Sorry but I think the slip has no real benefit. I'm with Boris here.

Cheers,
Victor

Bug#910283: ITP: kamcli -- Kamailio Command Line Interface Control Tool

[Victor Seva]

Package: wnpp
Severity: wishlist
Owner: Victor Seva 

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

* Package name: kamcli
  Version : 1.1.0
  Upstream Author : Daniel-Constantin Mierla 
* URL : https://github.com/kamailio/kamcli
* License : GPL-2+
  Programming Lang: Python
  Description : Kamailio Command Line Interface Control Tool

 kamcli is aiming at being a modern and extensible alternative to the shell
 script kamctl.
 .
 It requires that jsonrpcs module of Kamailio is loaded and configured to
 listen on an Unix domain socket or FIFO file. The way to interact with
 Kamailio has to be set inside kamcli config file (kamcli.ini).


-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEjxnK3NQqQtRVY3MMUaCbGM9aUGgFAlu19xIACgkQUaCbGM9a
UGjhpA/7BfI64U2WaFHND/z31q/bhnItirxqS9DQi6d/YPjxDBeLjEG2FqWKuKJg
1rBPhnk43zSwTiIT7Yr9taTuUnU18S2S8UM4+bxLLff3lBxf0xztkQABN0DOMAdT
hDdsFRJqvZ8L6jKpqHBH+Z8m6ebikKgBI4I5kLUm0w5YG7LkGS9MQ5X47otjnL21
rRvpnFopWsD7GkJRyToCnBGm0AlhBSp4db+838NijJLMiPvmVpyGrnjDJWM5XSlQ
Tsf8cZ/6tSDMAPNjt4nEoOYGIBnYIsauw1MzeMwqtyn5Xfx655Tu1VJGzlmi+b9s
n5zyhEN2G4XD0rN7sZRUXUT0AVFGP+XMAhYMStApa13uX/ZeXQBXqt+SMLGM7RKt
Mj9P4Z5i/gChwbSC62nfGxa+2c0XtP9o32D078OKacQPDyf7yvzfOEEkI7Cb0Uly
rlPLQPU5v19zLVPDMTcLOQRdQa1lo01Lk8KEqhpnBlWFpkjyopCQtYL1sezT3kuE
F7z85oL9EBz1bovDAW7DWotrWdZEJInNpqyVl7Qt5R+vfiCqI2nwu/xmjcimhDbX
Ej5ZKwyXXUaguBljqXQEpGuSstKOJnWOeDk3nbNZ+uSVjdkoCi8LlWtrKch3yNfE
Bx7X546AVfuZIynzPsCEGuD7AJJnUyXFV3JuaQweZh/OeaxOClo=
=V+22
-END PGP SIGNATURE-

Bug#907137: ITP: messagingmenu-sharp -- CLI binding for the MessagingMenu library

[Victor Seva]

Package: wnpp
Severity: wishlist
Owner: Victor Seva 

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

* Package name: messagingmenu-sharp
  Version : 1.0.1-1
  Upstream Author : Mirco Bauer 
* URL : https://www.meebey.net/projects/messagingmenu-sharp/
* License : GPL-3+
  Programming Lang: C#
  Description : CLI binding for the MessagingMenu library

This package provides the messagingmenu-sharp assembly that allows CLI
(.NET)
 programs to use the MessagingMenu library.

smuxi depends on it and after #895027 It needs libmessagingmenu-cil-dev


-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEjxnK3NQqQtRVY3MMUaCbGM9aUGgFAlt/xHUACgkQUaCbGM9a
UGicnw//RNeiWe3x5kUwm1uNhuNZQNGPt1+XC1sCGSIX1QPkWxmOJSAcTISzIe0j
WKmx8H+qpxJYXj0AnNq/GiWJe+Nx2OFQp5ozlTObWaenWBbK+bovniS+Z8m80Shr
ZZnkaWiKpiAJ9FBMZYAn2dGmbpEGws75flLhFUFfg98Ihvtpw0dqboT6vecStR2e
1C/1ReWdCgJ1Wtmg3eCOnoh3ISTXvq1SB3XP3c5SQDNVSr/XRQglm4dY4qNxM/CX
sNw7Zb942eCErKE2ZrHktPWsSGsJ+wKUlZ/lq4yw/D+/Fo/zyyiioDw/S4ia8bNX
84WZaqQM8+CcrCahSkVpB3HLg2YBCH2l35gkEeenqE/IYOw34NcWfRcTJjBplD2u
fAwwdzW2123VHaMeHa93VW5X/+v4oulTWyZAmBW6b83JHaDGSgkN5DsJrKZHv4p3
9f9qXUlp5jsIVCrRdk2OM9eoYsV1cYS2CJKBZfxwfpF+JLYrLi3643/wdnGvlxB9
Gu7A19Bb+MHGbM09tfJcpRC4RTHEdTCGnEhPf/rOOBcXyuIwxE2xRyciMNBaN3qE
jxvRyd3oce6AeWr//iIPECHoaUY7Cf7y7QIB9iPSIlRsEiO8hxEOMeFUAzHN2sNC
gr2+bbft9Mj1wZ1BQqghhN74DILwAxqedsMr+A/Sv6ho0aF+U8k=
=Rnf8
-END PGP SIGNATURE-

Bug#891925: lua-dbi: new version available and needs to change upstream source

[Victor Seva]

Package: lua-dbi
Severity: wishlist

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Dear Maintainer,

the project seems to live now at [0] and there's even a 0.6 version
released.

[0] https://github.com/mwild1/
[1] https://github.com/mwild1/luadbi/releases/tag/v0.6


- -- System Information:
Debian Release: buster/sid
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing'), (200, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.15.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEjxnK3NQqQtRVY3MMUaCbGM9aUGgFAlqZgBwACgkQUaCbGM9a
UGjVkg/9HkL9ubp5xH4OTioEOAV78ahirUBpwSrcP47dmCqHXTBCgqm0VtSh1nD5
yLfWY18Zm+ek7AkmWJmMNkOpj2MwEEGcb9DG1n7EOYVV7sRi1SBQt15NbwFHayXD
MQE/R99zF99lpQlM2hA+FCe++U9LFm4x5SBmUfmUjlaE3yj2Ap0FXjoZSDq3vPZ8
zNhmbecZOmTVwQs32XKB669wur0YuF6ZddwRKs5mW8DXme2ZuTe0PdvecgCshNdO
QtjIX28pjPtViVqgTOrCgJiXujLz1hgGChgLkmVp+HdixSSz89QmGmX833+3Lyfh
S13X45cwL0/KUYnGz2wxVrOwED9jJwQaGWgUxdrsDdkCJ5C2sD+JPEVazyJnWTLr
s1+2H/10dA7MAaqS6EUQlY3YeCJKh/4EVl4As53BUSYmOoVb7l9Z8YlnXb/v6uB7
oAdZvi6DTR2m/8znJnqhH++y6hy+EpIV209/uXM4tLT7kv/6BQ0dmqOFK7x3p/CV
S7TSZrJSQgaUA8kO+CPid2jficD4adbgBPF4xW+NRImaeKZ2z7fpnrTyBA7ByAVv
f7HiCkGT/0bpHgjmgMdeL+d/ybhyeJEBv2OBd0r6YxcbvI3SbN9n3dmv6dBt0nEQ
JqF262/ddFOqwUxD++JMKItbhgDPS6r8StBxlwgcwtywgheeKaI=
=tswd
-END PGP SIGNATURE-

Bug#889745: kamailio: Wait for process to terminate on sysvinit stop action

[Victor Seva]

Patch reworked to be applied upstream [0].

Will be included in my next upload, thanks! :-)

[0]
https://github.com/kamailio/kamailio/commit/4cc60ede961554220cd265bd212407f42d5b8262

Bug#851464: suggest/recommend python-bcrypt (provides bcrypt auth backend)

[Victor Seva]

I don't see any reference of bcrypt at [0]

[0] https://prosody.im/doc/modules/mod_auth_internal_hashed

And I would assume you meant lua bcrypt [1] witch is not even packaged

[1] https://github.com/mikejsavage/lua-bcrypt

Bug#868096: sipsak: Authentication (REGISTER method) fails using usrloc mode

[Victor Seva]

tags 868096 + fixed-upstream pending



signature.asc
Description: OpenPGP digital signature

Bug#354454: Spelling errors in the man page

[Victor Seva]

Reported upstream [0]
[0] https://github.com/nils-ohlmeier/sipsak/pull/39



signature.asc
Description: OpenPGP digital signature

Bug#868096: sipsak: Authentication (REGISTER method) fails using usrloc mode

[Victor Seva]

On 07/12/2017 02:27 AM, Jorge Daniel Sequeira Matias wrote:
> Package: sipsak
> Version: 0.9.6+git20160713-2
> Severity: important
> 
> Dear Maintainer,
> 
> I'm using sipsak in my Nagios monitoring system configuration to check if my 
> VoIP (SIP) server is authenticating users correctly.
> This command is being used to do a "usrloc" mode test and is being invoked in 
> the following way:
> 
> $ sipsak -U -s x@foobar.domain -a  -N
> 
> After upgrading from Debian/Wheezy to Debian/Stretch sipsak stopped working 
> correctly. Now, when doing "usrloc" mode tests, which imply doing a SIP 
> REGISTER, 
> it always fails authentication returning "SIP failure" when it should have 
> returned "SIP ok".
> I have used several toosl to verify the authentication digest response that 
> sipsak sends to the server and confirmed that it is doing wrong MD5 
> calcultions.
> 
> After this I have compiled directly from upstream using latest commit [1] 
> (20170712) and confirmed that current upstream version is working correctly 
> regarding to this issue.
> 
> [1] 
> https://github.com/nils-ohlmeier/sipsak/commit/b1fdbd775ab4fe6e8d8602d8f574d948ed8a980f
> 

FTR the actual fix is [2]

[2] 
https://github.com/nils-ohlmeier/sipsak/commit/a43f1389114b1144009ac814d93f6fb31241e047



signature.asc
Description: OpenPGP digital signature

Bug#864759: ITP: libusrsctp -- portable SCTP userland stack

[Victor Seva]

Package: wnpp
Severity: wishlist
Owner: Victor Seva <vs...@debian.org>

* Package name: libusrsctp
  Version : 0.9.3~gitd5f916d
  Upstream Author : Randall Stewart and Michael Tuexen
* URL : https://github.com/sctplab/usrsctp/
* License : BSD
  Programming Lang: C
  Description : portable SCTP userland stack

SCTP is a message oriented, reliable transport protocol with direct support for
multihoming that runs on top of IP or UDP, and supports both v4 and v6 versions.

Like TCP, SCTP provides reliable, connection oriented data delivery with 
congestion control.
Unlike TCP, SCTP also provides message boundary preservation, ordered and 
unordered message
delivery, multi-streaming and multi-homing. Detection of data corruption, loss 
of data and
duplication of data is achieved by using checksums and sequence numbers. A 
selective
retransmission mechanism is applied to correct loss or corruption of data.

Is a build-dependency of janus package and it will be maintained under pkg-voip 
team

Bug#863790: unblock: prosody/0.9.12-2

[Victor Seva]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package prosody

As described at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863475
prosody will fail to resolve dns requests if lua-event 0.4.3 (in stretch
right now) is used, 'use_libevent = true' in config.

This bug will make prosody fail to connect to any other XMPP server
using a domain. This is quite important for a IM service.

The fix is coming from upstream and I did test it.

Thanks in advance,
Victor Seva

unblock prosody/0.9.12-2

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (650, 'testing'), (600, 'unstable'), (1, 'experimental')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru prosody-0.9.12/debian/changelog prosody-0.9.12/debian/changelog
--- prosody-0.9.12/debian/changelog 2017-01-11 09:56:01.0 +0100
+++ prosody-0.9.12/debian/changelog 2017-05-31 09:33:41.0 +0200
@@ -1,3 +1,11 @@
+prosody (0.9.12-2) unstable; urgency=medium
+
+  * [01d44c8] fix fails to initiate s2s when lua-event 0.4.3 is installed
+backport fix from https://prosody.im/issues/issue/555
+(Closes: #863475)
+
+ -- Victor Seva <vs...@debian.org>  Wed, 31 May 2017 09:33:41 +0200
+
 prosody (0.9.12-1) unstable; urgency=medium
 
   * [e840660] New upstream version 0.9.12
diff -Nru prosody-0.9.12/debian/patches/0005_net_dns_libevent_luasocket.patch 
prosody-0.9.12/debian/patches/0005_net_dns_libevent_luasocket.patch
--- prosody-0.9.12/debian/patches/0005_net_dns_libevent_luasocket.patch 
1970-01-01 01:00:00.0 +0100
+++ prosody-0.9.12/debian/patches/0005_net_dns_libevent_luasocket.patch 
2017-05-31 09:33:41.0 +0200
@@ -0,0 +1,23 @@
+From 9a59674e53fd449c2466975f2401e06872a4bdc3 Mon Sep 17 00:00:00 2001
+From: Kim Alvefur <z...@zash.se>
+Date: Fri, 25 Sep 2015 17:32:13 +0200
+Subject: [PATCH] net.dns: Use new IPv4-specific socket factory if available
+ (fixes dns on libevent with latest development version of luasocket)
+
+---
+ net/dns.lua | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/net/dns.lua b/net/dns.lua
+index acc1556c..80bd895c 100644
+--- a/net/dns.lua
 b/net/dns.lua
+@@ -620,7 +620,7 @@ function resolver:getsocket(servernum)-- - - - - - - - 
- - - - - getsocket
+   if peer:find(":") then
+   sock, err = socket.udp6();
+   else
+-  sock, err = socket.udp();
++  sock, err = (socket.udp4 or socket.udp)();
+   end
+   if sock and self.socket_wrapper then sock, err = 
self.socket_wrapper(sock, self); end
+   if not sock then
diff -Nru prosody-0.9.12/debian/patches/series 
prosody-0.9.12/debian/patches/series
--- prosody-0.9.12/debian/patches/series2017-01-11 09:56:01.0 
+0100
+++ prosody-0.9.12/debian/patches/series2017-05-31 09:33:41.0 
+0200
@@ -2,3 +2,4 @@
 0002-prosody-lua51.patch
 0003-buildflags.patch
 0004-fix-package.path-of-ejabberd2prosody.patch
+0005_net_dns_libevent_luasocket.patch

Bug#863122: ITP: lua-argparse -- feature-rich command line parser for Lua language

[Victor Seva]

Package: wnpp
Severity: wishlist
Owner: Victor Seva <vs...@debian.org>

* Package name: lua-argparse
  Version : 0.5.0
  Upstream Author : Peter Melnichenko
* URL : https://github.com/mpeterv/argparse
* License : Expat
  Programming Lang: Lua
  Description : feature-rich command line parser for Lua language

Argparse is a feature-rich command line parser for Lua inspired by argparse for 
Python.

Argparse supports positional arguments, options, flags, optional arguments, 
subcommands and more. Argparse automatically generates usage, help and error 
messages.

It will be maintained under pkg-lua team

Bug#844548: Kamailio compiled against openssl 1.1.0b fails to run with 1.1.0c

[Victor Seva]

tags 844548 - fixed-upstream + confirmed
thanks

rebuild with a newer version doesn't help.

> Mar 31 11:20:41 spce lb[17194]: INFO: tls [tls_init.c:633]: init_tls_h(): 
> tls: _init_tls_h:  compiled  with  openssl  version "OpenSSL 1.1.0e  16 Feb 
> 2017" (0x1010005f), kerberos support: on, compression: on
> Mar 31 11:20:41 spce lb[17194]: INFO: tls [tls_init.c:641]: init_tls_h(): 
> tls: init_tls_h: installed openssl library version "OpenSSL 1.1.0e  16 Feb 
> 2017" (0x1010005f), kerberos support: off,  zlib compression: off#012 
> compiler: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS 
> -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 
> -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM 
> -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM 
> -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM 
> -DOPENSSLDIR="\"/usr/lib/ssl\"" 
> -DENGINESDIR="\"/usr/lib/x86_64-linux-gnu/engines-1.1\"" 
> Mar 31 11:20:41 spce lb[17194]: : tls [tls_init.c:651]: init_tls_h(): ERROR: 
> tls: init_tls_h: openssl compile options mismatch: library has kerberos 
> support disabled and Kamailio tls enabled (unstable configuration)#012 
> (tls_force_run in kamailio.cfg will override this check)
> Mar 31 11:20:41 spce lb[17194]: CRITICAL:  [main.c:2592]: main(): could 
> not initialize tls, exiting...

Problem is how kamailio detects running support for it, we are
discussing solutions on the new upstream issue[0]

[0] https://github.com/kamailio/kamailio/issues/1050



signature.asc
Description: OpenPGP digital signature

Bug#849065: janus depends on libsrtp-dev (>= 1.5)

[Victor Seva]

El 13 mar. 2017 20:14, "Jonas Smedegaard"  escribió:

I am ready to release Janus now.  You wanted notice first?


Pong.

Go ahead, great work.

Bug#849065: janus depends on libsrtp-dev (>= 1.5)

[Victor Seva]

2017-02-05 15:53 GMT+01:00 Jonas Smedegaard <d...@jones.dk>:
> Quoting Victor Seva (2016-12-22 14:05:03)
>
> Concretely for Janus the better solution than waiting (in vein) for
> libsrtp 1.5 is to instead link with libsrtp2.
>
> I have a succesful build with a few upstrem-cherrypicked pathes to fix
> linking with libsrtp2.

Perfect

>> Let's try to work to get Janus packaged, no matter if it gets into
>> stretch or not
>
> Would you mind me applying those to the Debian git?
>
> And more generally, would you like me to add myself as co-maintainer and
> hack along without asking you each time?  Even release at will too?  Or
> what level of coordination would you prefer?

Sure, go ahead and hack, just ping me before release anything

Bug#849065: janus depends on libsrtp-dev (>= 1.5)

[Victor Seva]

On 12/22/2016 01:52 PM, Jonas Smedegaard wrote:
> Excerpts from Victor Seva's message of December 22, 2016 10:44 am:
>> I'm working on packaging janus WebRTC gateway [0] but it depends
>> on a newer version of srtp. I notice that some work was done [1]
>> last year in experimental. Is there a plan to upload that version
>> to unstable before the stretch freeze?
> 
> Thanks for nudging about this - and thanks for packaging Janus!!

Thanks to my employer, sipwise!

> What is needed is for someone to test that all reverse dependencies work
> when linking against the 1.5 release.
> 
> I have not yet found time to look into that - much appreciated if you
> could help with that.

I will try to help on that. I will keep you posted.

> "build-rdeps libsrtp0-dev" gives the following:
> 
> asterisk
> chromium-browser
> ekiga
> gst-plugins-bad1.0
> kopete
> opal
> pjproject
> reconserver
> resiprocate
> ring
> t38modem
> 
> I suspect that chromium-browser does not really use libsrtp, but instead
> uses an embedded slight fork.  My suspicion is backed by
> chromium-browser not listed in "apt-cache showpkg libsrtp0" (but another
> explanation for that might be that it uses static linking).  Similar
> might be the case for reciprocate, ring and ekiga which lack binary
> dependency too.
> 
> When all reverse dependencies have been verified to work, we can
> consider if we feel this is not a "major library transition" (because
> those were frozen since primo december).
> 
> Alternatively, I can try finish the packaging of libsrtp2 as a separate
> source package - and we can hope that ftpmaster succeed in approving
> that in the very few days left before freeze of NEW queue.
> 
> All in all, chances are slim but not yet zero.  But then, chances are
> even slimmer for you to succeed in packaging janus in time for the NEW
> queue freeze: I strongly recommend that you release your package without
> srtp support at first, if at all possible - to get the ftpmasters
> working on approval of the source while you wait for ways to get usable
> libsrtp in the archive!

Let's try to work to get Janus packaged, no matter if it gets into
stretch or not

Cheers,
Victor




signature.asc
Description: OpenPGP digital signature

Bug#849065: janus depends on libsrtp-dev (>= 1.5)

[Victor Seva]

Package: srtp
Severity: wishlist


I'm working on packaging janus WebRTC gateway [0] but it depends
on a newer version of srtp. I notice that some work was done [1]
last year in experimental. Is there a plan to upload that version
to unstable before the stretch freeze?


[0] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849059
[1] https://tracker.debian.org/news/728686


Cheers,
Victor

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (650, 'testing'), (600, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.8.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#849059: ITP: janus -- WebRTC gateway

[Victor Seva]

Package: wnpp
Severity: wishlist
Owner: Victor Seva <vs...@debian.org>

* Package name: janus
  Version : 0.2.1
  Upstream Author : Meetecho
* URL : http://janus.conf.meetecho.com/
* License : GPL3
  Programming Lang: C
  Description : WebRTC gateway

Janus is an open source, general purpose, WebRTC gateway
designed and developed by Meetecho

This package will be maintained under the pkg-voip team umbrella.

Bug#847196: monit segfault on stop and start

[Victor Seva]

On 12/06/2016 01:25 PM, Marco Innocenti wrote:
> Package: monit
> Version: 1:5.4-2+deb7u1
> Severity: grave
> Justification: renders package unusable
> 
> Dear Maintainer,
> after upgrading monit to version 1:5.4-2+deb7u1 monit stopped
> working in all the servers we maintain. Reverting back to 1:5.4-2
> solved our problem.
> We see a segfault after a stop or a start command. Status is working as
> usual.
> 
> root@didanet19:~# monit status | tail 
> 
> System 'system_didanet19.private.cineca.it'
>   statusRunning
>   monitoring status Monitored
>   load average  [0.04] [0.13] [0.10]
>   cpu   4.0%us 0.3%sy 0.0%wa
>   memory usage  3918168 kB [23.7%]
>   swap usage0 kB [0.0%]
>   data collectedTue, 06 Dec 2016 13:20:36
> 
> root@didanet19:~# monit stop system_didanet19.private.cineca.it
> Segmentation fault
> root@didanet19:~# monit start system_didanet19.private.cineca.it
> Segmentation fault
> 
> 
> root@didanet19:~# grep monit /var/log/messages
> Dec  6 13:10:12 didanet19 kernel: [4764451.817749] monit[26940]: segfault at
> e ip 7f0b74faba6a sp 7fff5da8ce80 error 4 in
> libc-2.13.so[7f0b74f66000+184000]
> Dec  6 13:10:20 didanet19 kernel: [4764459.757404] monit[26941]: segfault at
> c ip 7fe2afe78a6a sp 7ffc400517f0 error 4 in
> libc-2.13.so[7fe2afe33000+184000]
> Dec  6 13:10:24 didanet19 kernel: [4764463.479828] monit[26942]: segfault at
> b ip 7fd7e1acda6a sp 7fff322b8f60 error 4 in
> libc-2.13.so[7fd7e1a88000+184000]
> Dec  6 13:20:55 didanet19 kernel: [4765093.487700] monit[28100]: segfault at
> b ip 7f99d7141a6a sp 7ffdb8bef4d0 error 4 in
> libc-2.13.so[7f99d70fc000+184000]
> Dec  6 13:21:00 didanet19 kernel: [4765099.141708] monit[28101]: segfault at
> c ip 7effe0eaba6a sp 7fffdce03b50 error 4 in
> libc-2.13.so[7effe0e66000+184000]
> 


Yes, I just notice the security update is broken.

I have prepared the fix for this and I was planing to contact the
security team about this.

Thanks for reporting,
Victor Seva


From ee30a7dff71a579d32c6744c38834a5808b10c3f Mon Sep 17 00:00:00 2001
From: Victor Seva <linuxman...@torreviejawireless.org>
Date: Tue, 6 Dec 2016 10:40:19 +0100
Subject: [PATCH] fix 09_CVE-2016-7067.patch producing Segmentation fault on
 action

---
 debian/changelog |  8 
 debian/patches/10_fixCVE-2016-7067.patch | 17 +
 debian/patches/series|  1 +
 3 files changed, 26 insertions(+)
 create mode 100644 debian/patches/10_fixCVE-2016-7067.patch

diff --git a/debian/changelog b/debian/changelog
index 36b8e78..41ff485 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+monit (1:5.4-2+deb7u2) wheezy-security; urgency=medium
+
+  * Non-maintainer upload.
+  * fix 09_CVE-2016-7067.patch producing Segmentation fault
+on action
+
+ -- Victor Seva <vs...@debian.org>  Tue, 06 Dec 2016 10:29:16 +0100
+
 monit (1:5.4-2+deb7u1) wheezy-security; urgency=high
 
   * Non-maintainer upload by the LTS Team.
diff --git a/debian/patches/10_fixCVE-2016-7067.patch b/debian/patches/10_fixCVE-2016-7067.patch
new file mode 100644
index 000..32ff6af
--- /dev/null
+++ b/debian/patches/10_fixCVE-2016-7067.patch
@@ -0,0 +1,17 @@
+--- a/src/control.c
 b/src/control.c
+@@ -125,12 +125,13 @@ int control_service_daemon(const char *S
+ "Content-Length: %d\r\n"
+ "%s"
+ "\r\n"
+-"action=%s",
+ "securitytoken=%s=%s",
+ S,
+ token,
++strlen("securitytoken=") + strlen(token) + 1 +
+ strlen("action=") + strlen(action),
+ auth ? auth : "",
++token,
+ action) < 0)
+ {
+ LogError("%s: Cannot send the command '%s' to the monit daemon -- %s", prog, action ? action : "null", STRERROR);
diff --git a/debian/patches/series b/debian/patches/series
index 6116d00..c5ea434 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -3,3 +3,4 @@
 07_spelling.patch
 08_hide_low_priority_info_from_stderr.patch
 09_CVE-2016-7067.patch
+10_fixCVE-2016-7067.patch
-- 
2.10.2



signature.asc
Description: OpenPGP digital signature

Bug#846099: [Debian-rtc-admin] Bug#846099: Please enable spam blocking on the XMPP server

[Victor Seva]

On 11/28/2016 02:28 PM, W. Martin Borgert wrote:
> Package: rtc.debian.org
> Severity: wishlist
> 
> I get a lot of spam on my Debian XMPP account.
> Please enable some kind of spam blocking.
> I suggest to use mod_block_strangers, which works fine for me.


mod_block_strangers has been added to prosody-modules
0.0~hg20160813.65d9093525ca+dfsg-3

ASA it reaches stretch I will push it to jessie-backports



signature.asc
Description: OpenPGP digital signature

Bug#842962: Please provide a stable backport

[Victor Seva]

prosody_0.9.10-1~bpo8+1 uploaded to jessie-backports

 Forwarded Message 
Subject: prosody_0.9.10-1~bpo8+1_amd64.changes is NEW
Date: Mon, 07 Nov 2016 09:07:40 +
From: Debian FTP Masters <ftpmas...@ftp-master.debian.org>
To: Victor Seva <vs...@debian.org>, Matthew James Wild <mwi...@gmail.com>

binary:prosody is NEW.
binary:prosody is NEW.
source:prosody is NEW.

Your package has been put into the NEW queue, which requires manual action
from the ftpteam to process. The upload was otherwise valid (it had a good
OpenPGP signature and file hashes are valid), so please be patient.

Packages are routinely processed through to the archive, and do feel
free to browse the NEW queue[1].

If there is an issue with the upload, you will receive an email from a
member of the ftpteam.

If you have any questions, you may reply to this email.

[1]: https://ftp-master.debian.org/new.html



signature.asc
Description: OpenPGP digital signature

Bug#843200: prosody: Please provide 0.9.11

[Victor Seva]

prosody 0.9.11-1 was uploaded at Date: Fri, 04 Nov 2016 08:53:23 +0100 [0]

[0] https://tracker.debian.org/news/812339



signature.asc
Description: OpenPGP digital signature

Bug#842962: Please provide a stable backport

[Victor Seva]

Hi Matthew,

On 11/02/2016 05:42 PM, W. Martin Borgert wrote:
> Package: prosody
> Version: 0.9.10-1
> Severity: wishlist
> 
> Between 0.9.7 and 0.9.10, some improvements have been implemented:
> 
> http://blog.prosody.im/prosody-0-9-8-released/
> http://blog.prosody.im/prosody-0-9-9-security-release/
> http://blog.prosody.im/prosody-0-9-10-released/
> 
> It would be nice to let users of Debian stable enjoy them.
> 

I've just pushed jessie-backports to the repo. I will build and push
this version if you have no objections next week.

Regards
Victor Seva



signature.asc
Description: OpenPGP digital signature

Bug#842963: Please provide 0.10 (future) in experimental

[Victor Seva]

On 11/02/2016 05:47 PM, W. Martin Borgert wrote:
> Package: prosody
> Version: 0.9.10-1
> Severity: wishlist
> 
> https://hg.prosody.im/0.10 contains the next planned release of
> prosody. It would be nice to have it already in Debian to get the
> bugs out and align it with Debian and the prosody-modules package.
> In experimental, not unstable, of course.
> 
> AFAIK, some people already use 0.10 in production, e.g. yax.im.
> 

Yes, I'll try to start working at 0.10 in the next days

Regards,
Victor Seva



signature.asc
Description: OpenPGP digital signature

Bug#836835: gnome-control-center: segfault when editing a cable network

[Victor Seva]

Package: gnome-control-center
Version: 1:3.21.90-1
Followup-For: Bug #836835

Same crash here. If I remove the network config via terminal:

$ nmcli connection del 

Then add a new wired connection, as soon as I want to add a DNS like 127.0.0.1
when I introduce the last 1 the panel just crash

gnome-control-c[6768]: segfault at f6000a ip 7f885bbeee76 sp 
7ffe4cde5fc8 error 4 in libc-2.23.so[7f885bb71000+197000]

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (650, 'testing'), (600, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.7.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages gnome-control-center depends on:
ii  accountsservice0.6.40-3
ii  apg2.2.3.dfsg.1-4
ii  colord 1.3.2-1
ii  desktop-file-utils 0.23-1
ii  gnome-control-center-data  1:3.21.90-1
ii  gnome-desktop3-data3.21.90-3
ii  gnome-settings-daemon  3.21.90-2
ii  gsettings-desktop-schemas  3.21.4-2
ii  libaccountsservice00.6.40-3
ii  libatk1.0-02.21.90-2
ii  libc6  2.23-5
ii  libcairo-gobject2  1.14.6-1+b1
ii  libcairo2  1.14.6-1+b1
ii  libcanberra-gtk3-0 0.30-3
ii  libcanberra0   0.30-3
ii  libcheese-gtk253.20.2-2
ii  libcheese8 3.20.2-2
ii  libclutter-1.0-0   1.26.0-2
ii  libclutter-gtk-1.0-0   1.8.0-2
ii  libcolord-gtk1 0.1.26-1
ii  libcolord2 1.3.2-1
ii  libcups2   2.1.4-4
ii  libfontconfig1 2.11.0-6.7
ii  libgdk-pixbuf2.0-0 2.34.0-1
ii  libglib2.0-0   2.49.6-1
ii  libgnome-bluetooth13   3.20.0-1
ii  libgnome-desktop-3-12  3.21.90-3
ii  libgoa-1.0-0b  3.21.91-1
ii  libgoa-backend-1.0-1   3.21.91-1
ii  libgrilo-0.3-0 0.3.1-1
ii  libgtk-3-0 3.21.5-3
ii  libgtop-2.0-10 2.34.1-2
ii  libgudev-1.0-0 230-3
ii  libibus-1.0-5  1.5.11-1
ii  libkrb5-3  1.14.3+dfsg-1
ii  libmm-glib01.6.0-1
ii  libnm0 1.4.0-3
ii  libnma01.4.0-2
ii  libpango-1.0-0 1.40.2-1
ii  libpangocairo-1.0-01.40.2-1
ii  libpolkit-gobject-1-0  0.105-16
ii  libpulse-mainloop-glib09.0-3
ii  libpulse0  9.0-3
ii  libpwquality1  1.3.0-1
ii  libsmbclient   2:4.4.5+dfsg-2
ii  libsoup2.4-1   2.55.90-1
ii  libupower-glib30.99.4-3
ii  libwacom2  0.19-1
ii  libx11-6   2:1.6.3-1
ii  libxi6 2:1.7.6-1
ii  libxml22.9.4+dfsg1-1+b1

Versions of packages gnome-control-center recommends:
ii  cracklib-runtime  2.9.2-3
ii  cups-pk-helper0.2.6-1
ii  gkbd-capplet  3.6.0-1
ii  gnome-online-accounts 3.21.91-1
ii  gnome-user-guide  3.20.2-1
ii  gnome-user-share  3.18.2-1
ii  iso-codes 3.70-1
ii  libnss-myhostname 231-4
ii  mousetweaks   3.12.0-1
ii  network-manager-gnome 1.4.0-2
ii  policykit-1   0.105-16
ii  pulseaudio-module-bluetooth   9.0-3
ii  realmd0.16.3-1
ii  rygel 0.30.3-1
ii  rygel-tracker 0.30.3-1
ii  system-config-printer-common  1.5.7-2

Versions of packages gnome-control-center suggests:
ii  gstreamer1.0-pulseaudio  1.8.3-1+b1
pn  libcanberra-gtk-module   
ii  libcanberra-gtk3-module  0.30-3
ii  x11-xserver-utils7.7+7

-- no debconf information

Bug#836910: jessie-pu: package kamailio/4.2.0-2+deb8u1

[Victor Seva]

2016-09-07 9:30 GMT+02:00 Adam D. Barratt <a...@adam-barratt.org.uk>:
> Thanks for caring about fixing this in jessie.
>
> In order to okay an upload, however, we'd need to see a source debdiff for
> the proposed package, built and tested on a jessie system.

Sure.

Before:
dpkg -l | grep kamailio
ii  kamailio   4.2.0-2+deb8u1  amd64
 very fast and configurable SIP proxy
ii  kamailio-tls-modules:amd64 4.2.0-2+deb8u1  amd64
 contains the TLS kamailio transport module

root@debian-jessie-plain:/etc/kamailio# systemctl status kamailio -l
● kamailio.service - LSB: Start the Kamailio SIP proxy server
   Loaded: loaded (/etc/init.d/kamailio)
   Active: active (exited) since Wed 2016-09-07 11:36:47 CEST; 44s ago
  Process: 16399 ExecStop=/etc/init.d/kamailio stop (code=exited,
status=0/SUCCESS)
  Process: 16410 ExecStart=/etc/init.d/kamailio start (code=exited,
status=0/SUCCESS)

Sep 07 11:36:47 debian-jessie-plain kamailio[16410]: udp: localhost:5060
Sep 07 11:36:47 debian-jessie-plain /usr/sbin/kamailio[16426]: INFO:
rr [../outbound/api.h:54]: ob_load_api(): Failed to import bind_ob
Sep 07 11:36:47 debian-jessie-plain /usr/sbin/kamailio[16426]: INFO:
rr [rr_mod.c:160]: mod_init(): outbound module not available
Sep 07 11:36:47 debian-jessie-plain /usr/sbin/kamailio[16426]: INFO:
usrloc [hslot.c:53]: ul_init_locks(): locks array size 1024
Sep 07 11:36:47 debian-jessie-plain /usr/sbin/kamailio[16426]: INFO:
tls [tls_mod.c:346]: mod_init(): With ECDH-Support!
Sep 07 11:36:47 debian-jessie-plain /usr/sbin/kamailio[16426]: INFO:
tls [tls_mod.c:349]: mod_init(): With Diffie Hellman
Sep 07 11:36:47 debian-jessie-plain /usr/sbin/kamailio[16426]: : tls
[tls_init.c:515]: init_tls_h(): ERROR: tls: init_tls_h: installed
openssl library version is too different from the library the ser tls
module was compiled with: installed "OpenSSL 1.0.1t  3 May 2016"
(0x1000114f), compiled "OpenSSL 1.0.1k 8 Jan 2015" (0x100010bf).
Please
make sure a compatible version is used (tls_force_run in ser.cfg will
override this check)
Sep 07 11:36:47 debian-jessie-plain /usr/sbin/kamailio[16426]:
CRITICAL:  [main.c:2521]: main(): could not initialize tls,
exiting...
Sep 07 11:36:47 debian-jessie-plain kamailio[16410]: already running ... failed!
Sep 07 11:36:47 debian-jessie-plain kamailio[16410]: .

$ dpkg -l | grep openssl
ii  libgnutls-openssl27:amd64  3.3.8-6+deb8u3  amd64
 GNU TLS library - OpenSSL wrapper
ii  openssl1.0.1k-3+deb8u5 amd64
 Secure Sockets Layer toolkit - cryptographic utility


After:
$ dpkg -l | grep kamailio
ii  kamailio   4.2.0-2+deb8u2  amd64
 very fast and configurable SIP proxy
ii  kamailio-tls-modules:amd64 4.2.0-2+deb8u2  amd64
 contains the TLS kamailio transport module

$ systemctl status kamailio -l
● kamailio.service - LSB: Start the Kamailio SIP proxy server
   Loaded: loaded (/etc/init.d/kamailio)
   Active: active (running) since Wed 2016-09-07 11:45:11 CEST; 7s ago
   CGroup: /system.slice/kamailio.service

Installing previous openssl version has no effect, so fix works properly
diff -Nru kamailio-4.2.0/debian/changelog kamailio-4.2.0/debian/changelog
--- kamailio-4.2.0/debian/changelog 2016-03-21 00:24:40.0 +0100
+++ kamailio-4.2.0/debian/changelog 2016-09-07 10:00:32.0 +0200
@@ -1,3 +1,12 @@
+kamailio (4.2.0-2+deb8u2) stable-proposed-updates; urgency=medium
+
+  * use my DD account \o/
+  * add upstream fix for:
+proper check of libssl versions used for compilation
+and available on system (Closes: #833973)
+
+ -- Victor Seva <vs...@debian.org>  Wed, 07 Sep 2016 10:00:32 +0200
+
 kamailio (4.2.0-2+deb8u1) jessie-security; urgency=medium
 
   * CVE-2016-2385
diff -Nru kamailio-4.2.0/debian/control kamailio-4.2.0/debian/control
--- kamailio-4.2.0/debian/control   2015-01-28 20:48:03.0 +0100
+++ kamailio-4.2.0/debian/control   2016-09-07 10:00:32.0 +0200
@@ -2,7 +2,7 @@
 Section: net
 Priority: optional
 Maintainer: Debian VoIP Team <pkg-voip-maintain...@lists.alioth.debian.org>
-Uploaders: Victor Seva <linuxman...@torreviejawireless.org>,
+Uploaders: Victor Seva <vs...@debian.org>,
Tzafrir Cohen <tzaf...@debian.org>
 Build-Depends: bison,
debhelper (>= 9),
diff -Nru kamailio-4.2.0/debian/patches/fix_tls.patch 
kamailio-4.2.0/debian/patches/fix_tls.patch
--- kamailio-4.2.0/debian/patches/fix_tls.patch 1970-01-01 01:00:00.0 
+0100
+++ kamailio-4.2.0/debian/patches/fix_tls.patch 2016-09-07 10:00:32.0 
+0200
@@ -0,0 +1,34 @@
+From 0a5f99b28d01d79cf2675df6d2a6220167e2476e Mon Sep 17 00:00:00 2001
+From: Daniel-Constantin Mierla <mico...@gmail.com>
+Date: Tue, 7 Jun 2016 15:21:06 +0200
+Subject: [PATCH] tls: p

Bug#836910: jessie-pu: package kamailio/4.2.0-2+deb8u1

[Victor Seva]

Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu

kamailio in jessie has a bug described at #833973 that makes impossible
to use TLS with kamailio without downgrading openssl.

The issue was reported by me [0] to upstream and a fix was merged [1]

I would like to push this fix to jessie

Victor


[0] https://github.com/kamailio/kamailio/issues/662
[1] 
https://github.com/kamailio/kamailio/commit/0a5f99b28d01d79cf2675df6d2a6220167e2476e

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (650, 'testing'), (600, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.7.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#833973: [kamailio-tls-modules] fails to start because of different openssl versions

[Victor Seva]

fixed 83397 4.4.2-1

Bug#833973: [kamailio-tls-modules] fails to start because of different openssl versions

[Victor Seva]

forwarded 83397 https://github.com/kamailio/kamailio/issues/662

2016-08-11 2:07 GMT+02:00 Ben Sartor :
> Package: kamailio-tls-modules
> Version: 4.2.0-2+deb8u1
> Severity: normal
>
> --- Please enter the report below this line. ---
> Hi,
>
> recently I noticed kamailio does not start anymore. Here is the error message:
>
> tls [tls_init.c:515]: init_tls_h(): ERROR: tls: init_tls_h: installed openssl
> library version is too different from the library the ser tls module was
> compiled with: installed "OpenSSL 1.0.1t  3 May 2016" (0x1000114f), compiled
> "OpenSSL 1.0.1k 8 Jan 2015" (0x100010bf).
> Please make sure a compatible version is used (tls_force_run in ser.cfg will
> override this check)
> CRITICAL:  [main.c:2521]: main(): could not initialize tls, exiting...
>
>
> However a simple recompile fixed the problem for me. As suggested in the log
> message you may workaround this by putting the following line in your
> kamailio.cfg:
> modparam("tls", "tls_force_run", 1)
>
> Thanks a lot for maintaining the kamailio package. It runs great on my server
> since a couple of years now.
>
> --- System information. ---
> Architecture: amd64
> Kernel:   Linux 3.16.0-4-amd64
>
> Debian Release: 8.5
>   500 stable-updates  ftp.debian.org
>   500 stable-updates  ftp.de.debian.org
>   500 stable  security.debian.org
>   500 stable  ftp.de.debian.org
>   100 jessie-backports ftp.de.debian.org
>
> ___
> Pkg-voip-maintainers mailing list
> pkg-voip-maintain...@lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-voip-maintainers

Bug#825121: libradcli4: prompting due to modified conffiles which were not modified by the user: /etc/radcli/dictionary

[Victor Seva]

Hi Daniel,

are you aware of #825121 [0]? Do you have any plans to work on that?


Regards,
Victor Seva

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825121 [0]

Bug#815796: prosody: /etc/prosody/certs/localhost.cert symlink should be .crt

[Victor Seva]

fixed 815796 0.9.8-1
thanks
--

On 02/24/2016 03:36 PM, Kim Alvefur (Zash) wrote:
> Package: prosody
> Version: 0.9.7-2+deb8u3
> Severity: minor
> 
> Hi,
> 
> The prosody package creates a symlink /etc/prosody/certs/localhost.cert,
> but the default config uses "certs/localhost.crt", note the file ending.
> 
> This produces the following error in the logs:
> 
> SSL/TLS: Failed to load '/etc/prosody/certs/localhost.crt': Check that
> the path is correct, and the file exists. (for localhost)
> 

JFTR, this is fixed since 0.9.8-1:

> commit 36b502b1b88224e11a8dc7a2f390259978f1ca86
> Author: Sergei Golovan 
> Date:   Tue Jun 2 18:19:17 2015 +0300
> 
> Renamed localhost.cert link into localhost.crt.
> 
> diff --git a/debian/changelog b/debian/changelog
> index e434dd4..1d0bba9 100644
> --- a/debian/changelog
> +++ b/debian/changelog
> @@ -9,6 +9,8 @@ prosody (0.9.8-1) unstable; urgency=high
>- 0006-Also-disable-CharacterData-merging-after-stream-rest.patch
>* Do not reload prosody configuration after its log is rotated if the 
> daemon
>  is not actually running (closes: #763658).
> +  * Rename the default snakeoil localhost certificate to localhost.crt to
> +match its name in the config file (closes: #748721).
>* Apply upstream patch which fixes CNAME DNS record resolution
>  (closes: #787070):
>- 0007-Fix-CNAME-DNS-lookup.patch
> diff --git a/debian/prosody.links b/debian/prosody.links
> index 6431fe7..45d4212 100644
> --- a/debian/prosody.links
> +++ b/debian/prosody.links
> @@ -1,2 +1,2 @@
> -etc/ssl/certs/ssl-cert-snakeoil.pem etc/prosody/certs/localhost.cert
> +etc/ssl/certs/ssl-cert-snakeoil.pem etc/prosody/certs/localhost.crt
>  etc/ssl/private/ssl-cert-snakeoil.key etc/prosody/certs/localhost.key



signature.asc
Description: OpenPGP digital signature

Bug#743998: prosody: bad boot order with respect to SQL server

[Victor Seva]

The thing is that using a SQL server is not mandatory.
So adapt LSB headers to your needs is the solution.



signature.asc
Description: OpenPGP digital signature

Bug#810960: sngrep FTBFS on hppa/parisc architecture (with patch)

[Victor Seva]

forwarded 810960 https://github.com/irontec/sngrep/issues/81
thanks



signature.asc
Description: OpenPGP digital signature

Bug#805311: ITP: lua-unbound -- unbound binding for LUA

[Victor Seva]

Package: wnpp
Severity: wishlist
Owner: Victor Seva <linuxman...@torreviejawireless.org>

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

* Package name: lua-unbound
  Version : 0.0+hg~14fd7a2875e4
  Upstream Author : Kim Alvefur <z...@zash.se>
* URL : https://www.zash.se/luaunbound.html
* License : Expat
  Programming Lang: C, Lua
  Description : unbound binding for LUA

 libunbound performs and validates DNS lookups; it can be used to
 convert hostnames to IP addresses and back and obtain other
 information from the DNS. Cryptographic validation of results is
 performed with DNSSEC

 This is a dependency of mod_s2s_auth_dane to support secure
 delegation and for DANE.
 http://modules.prosody.im/mod_s2s_auth_dane.html
 (will be included at prosody-modules package)

 This will be maintained under the pkg-lua Team

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBCgAGBQJWSkwqAAoJEFGgmxjPWlBoh4YP/3qxmAdOLRl5j9mCZpvGY9aS
fkxkdtTAng44yOmjr14uP/h1M1W6nRQ3ltn0rRw37PY9vvq6Zpfcj0mRk4CvEjU4
eCi014As5b1NiYrx2DcvZ4dyv+qPMvLYJ/MOolGPHoRzHA1DZ8tixzNGHcIpBxK6
I3OuUvcmyCGsuzZj1QNnj55SMr46+eifX3JnaVPsF24amBAIpu6eWq8nC/7Y4kor
fbw4bDG/d9vjGLXc0KTaW/8SdbzPBBZyoeyIpvGUKCAZbdBVmqmzE8nCyKz74Sbm
W4oeJEJm7WmZWJNEYQb6lF/7wQSn8q8CwO+9ka0w0R1BkzsEKRgNwZ2qT9KNdj0p
nP8A3LDdtLhvUDu/DPQTeq5Y82NPnFxF53oU1GKBeIdD0E3/I62/j2qhuqWuEL6X
0bozIv+UWbl9F+t7susewTQNC2LDL75i1T/CyqPxwQSmV37cUafccHewYxjzGJR1
90AEQgasn2eXtsZJAPEuxMHFBfVdofAO4Bm4uB+dThgivhQ0OYaT1Bzbq1SG/Amh
fF0o4Lar+Oha6zDRGMwf22qrHvBp8/mk4FnZ5tEnkcmaix3LP2yO62JAdZV96ZuX
izQe55+/MFZdgbeoG3eKXd7ONMhbL4WEeFzEkB9BBH+PXCfuc3iMi9qtyDNbLRO4
XZZOBw39ZZ0ffY04Rq5S
=/iau
-END PGP SIGNATURE-

Bug#805313: enable DANE s2s authentication for prosody

[Victor Seva]

Package: rtc.debian.org
Severity: wishlist


In order to get mod_s2s_auth_dane [0] luaunbound [1] needs to be
packaged [2].

[0] http://modules.prosody.i/mod_s2s_auth_dane.html
[1] https://www.zash.se/luaunbound.html
[2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805311



signature.asc
Description: OpenPGP digital signature

Bug#804749: FTBFS on mips: gcc error: '-march=r3000' requires '-mfp32'

[Victor Seva]

Source: kamailio
Version: 4.3.3-2

/usr/bin/make all quiet=verbose
make[1]: Entering directory '/«PKGBUILDDIR»'
config.mak loaded
Makefile.defs defs skipped
config.mak loaded
Makefile.defs defs skipped
gcc -funroll-loops -march=r3000 -ftree-vectorize -fno-strict-overflow
-Wall -D_FORTIFY_SOURCE=2 -g -O2 -fstack-protector-strong -Wformat
-Werror=format-security -DVERSION_NODATE   -DNAME='"kamailio"'
-DVERSION='"4.3.3"' -DARCH='"mips"' -DOS='linux_' -DOS_QUOTED='"linux"'
-DCOMPILER='"gcc 5.2.1"' -D__CPU_mips -D__OS_linux -DSER_VER=4003003
-DCFG_DIR='"/etc/kamailio/"' -DRUN_DIR='"/var/run/kamailio/"'
-DPKG_MALLOC -DSHM_MEM -DSHM_MMAP -DDNS_IP_HACK -DUSE_MCAST -DUSE_TCP
-DDISABLE_NAGLE -DHAVE_RESOLV_RES -DUSE_DNS_CACHE -DUSE_DNS_FAILOVER
-DUSE_DST_BLACKLIST -DUSE_NAPTR -DWITH_XAVP -DDBG_QM_MALLOC
-DMEM_JOIN_FREE -DUSE_TLS -DTLS_HOOKS -DUSE_CORE_STATS -DSTATISTICS
-DMALLOC_STATS -DWITH_AS_SUPPORT -DUSE_SCTP -DMIPS_HAS_LLSC -DNOSMP
-DCC_GCC_LIKE_ASM -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN
-DHAVE_SCHED_YIELD -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL
-DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_SCHED_SETSCHEDULER -DUSE_RAW_SOCKS
-DUSE_PTHREAD_MUTEX -DHAVE_EPOLL -DHAVE_SIGIO_RT -DSIGINFO64_WORKARROUND
-DUSE_FUTEX -DHAVE_SELECT   -c pass_fd.c -o pass_fd.o -MMD -MP
pass_fd.c:1:0: error: '-march=r3000' requires '-mfp32'
 /*
 ^
Makefile.rules:97: recipe for target 'pass_fd.o' failed
make[1]: *** [pass_fd.o] Error 1

Full logs at:

https://buildd.debian.org/status/fetch.php?pkg=kamailio=mips=4.3.3-2=1447211793=log




signature.asc
Description: OpenPGP digital signature

Bug#804746: [Debian-rtc-admin] Bug#804746: accept client connections on port 443

[Victor Seva]

On 11/11/2015 07:46 AM, Daniel Pocock wrote:
> Package: rtc.debian.org
> Severity: important
> 
> Users sometimes access the Internet through wifi networks in large
> hotels and airports and other unusual networks where only port 80 and
> 443 are working and other ports are not working.  Sometimes port 443 is
> only accessible through a HTTP proxy using the HTTP CONNECT method.
> 
> Each of the services (SIP, XMPP and TURN) should be adjusted to accepted
> client connections on port 443.

For XMPP, prosody has mod_bosh[0] in order to allow HTTP connections [1]

[0] http://prosody.im/doc/setting_up_bosh
[1] http://prosody.im/doc/http



signature.asc
Description: OpenPGP digital signature

Bug#803124: debian.org XMPP pending tasks (updated)

[Victor Seva]

> --- DSA tasks ---
>
> 2. installing the prosody-modules package from jessie-backports and
> verify that /usr/lib/prosody/modules/mod_auth_ha1.lua is working
> (the version of mod_auth_ha1.lua that we developed and tested at
> DebConf15 is in ~pocock/prosody-mod/mod_auth_ha1.lua)

Done. After some modifications in the prosody config file.
We are using the version provide by prosody-modules package




signature.asc
Description: OpenPGP digital signature

Bug#802493: debian-rtc mailing list creation

[Victor Seva]

This seems like a good idea to me, so +1 from me.



signature.asc
Description: OpenPGP digital signature

Bug#800583: new upstream version 1.12.0 available

[Victor Seva]

Source: unittest-xml-reporting
Severity: wishlist

There is several new upstream versions available. Last upload to 
Debian was on 2013. First and only.

I tried to access the svn but the unittest-xml-reporting is even not
there [0]

[0] svn://svn.debian.org/svn/python-modules/packages/unittext-xml-reporting

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (650, 'testing'), (600, 'unstable'), (500, 'testing-updates')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.1.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#556131: ITP: opensips -- very fast and configurable SIP server

[Victor Seva]

For the history: kamailio[0] is already packaged and included in Jessie.
Maintained under the pkg-voip team.

I will add some links for the context:

https://en.wikipedia.org/wiki/SIP_Express_Router
https://www.kamailio.org/w/openser-renamed-to-kamailio/
https://www.kamailio.org/w/history/

[0] https://tracker.debian.org/pkg/kamailio



signature.asc
Description: OpenPGP digital signature

Bug#779803: smuxi performs autoconnect on first startup

[Victor Seva]

Control: tags 779803 + fixed pending

Upstream fix to not reveal realname:
https://github.com/meebey/smuxi/commit/f21cc42e087e93f621b1a368770f46e41d6cff2f

trivial on purpose in order to not introduce regressions



signature.asc
Description: OpenPGP digital signature

Bug#795365: ITP: processor-trace -- Intel Processor Trace Decoder Library

[Victor Seva]

retitle 795365 ITP: intel-processor-trace -- Intel Processor Trace
Decoder Library
thanks
--

On 08/16/2015 12:05 AM, Henrique de Moraes Holschuh wrote:
 On Thu, 13 Aug 2015, Victor Seva wrote:
 * Package name: processor-trace
   Upstream Author : Intel Corporation

  Intel's reference implementation for decoding Intel PT.
 
 Maybe it would be better to call this package intel-pt or something like
 that? Or at least intel-processor-trace?
 
 After all, this software package is intel-specific, but the notion of
 processor tracing is not.
 

renamed. Initial _not working_ version pushed at:
http://anonscm.debian.org/cgit/pkg-gdb/intel-processor-trace.git/

Waiting for upstream to create the install rules



signature.asc
Description: OpenPGP digital signature

Bug#795347: RFS: pkwalify/1.22-1 (Closes: #792031)

[Victor Seva]

Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package pkwalify

* Package name: pkwalify
  Version : 1.22
  Upstream Author : Slaven Rezic sla...@rezic.de
* URL : https://github.com/eserte/p5-Kwalify/
* License : Artistic-2.0
  Programming Lang: Perl
  Description : perl kwalify schema validator

 Kwalify is a Perl implementation for validating data structures
 against the Kwalify schema. For a schema definition, see
 http://www.kuwata-lab.com/kwalify/ruby/users-guide.01.html
 .
 Note that there is no support for validator hooks (section 1-7 of the
 user guide document).

There is already a kwalify package[0] but it's implemented in Ruby
and this allows the user not to install another interpreter

I'm planing to push this to pkg-perl team repo

[0] https://packages.debian.org/wheezy/kwalify

It builds those binary packages:

  pkwalify   - perl kwalify validator

To access further information about this package, please visit the following 
URL:

http://mentors.debian.net/package/pkwalify


Alternatively, one can download the package with dget using this command:

  dget -x 
http://mentors.debian.net/debian/pool/main/p/pkwalify/pkwalify_1.22-1.dsc

More information about hello can be obtained from http://www.example.com.

Changes since the last upload:

pkwalify (1.22-1) unstable; urgency=low

  * Initial Release (closes: #792031).

 -- Victor Seva linuxman...@torreviejawireless.org  Fri, 10 Jul 2015 11:41:05 
+0200

Regards,
 Victor Seva

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (650, 'testing'), (600, 'unstable'), (500, 'testing-updates')
Architecture: amd64 (x86_64)

Kernel: Linux 4.1.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#792031: ITP: pkwalify -- perl kwalify schema validator

[Victor Seva]

Initial work at [0]

[0] https://anonscm.debian.org/cgit/users/maniac-guest/pkwalify.git/



signature.asc
Description: OpenPGP digital signature

Bug#795365: ITP: processor-trace -- Intel Processor Trace Decoder Library

[Victor Seva]

Package: wnpp
Severity: wishlist
Owner: Victor Seva linuxman...@torreviejawireless.org

* Package name: processor-trace
  Version : 1.4.0
  Upstream Author : Intel Corporation
* URL : https://github.com/01org/processor-trace/
* License : Expat
  Programming Lang: C
  Description : Intel Processor Trace Decoder Library

 Intel's reference implementation for decoding Intel PT.
 .
 Go to https://software.intel.com/en-us/intel-platform-analysis-library
 for sample code that uses the library.

new dependence needed for upcoming gdb 7.10

I plan to maintain this package along with gdb maintainer

Bug#795252: RM: op-panel -- ROM; obsolete

[Victor Seva]

Package: ftp.debian.org
Severity: normal

package valid for an old version of asterisk. No upstream release since 2009 and
it seems the now support the propietary version only

We would like to remove it, anyhow it's not in stable


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#729493: smuxi: Connection hangs after finding hostname

[Victor Seva]

Hi Felipe,

Is this bug still reproducible with smuxi 1.0-1?

Thanks,
Victor



signature.asc
Description: OpenPGP digital signature

Bug#794008: ITP: lua-lanes -- Lua extension library providing the possibility to run multiple Lua states in parallel

[Victor Seva]

Package: wnpp
Severity: wishlist
Owner: Victor Seva linuxman...@torreviejawireless.org

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

* Package name: lua-lanes
  Version : 3.10.0
  Upstream Author : Benoit Germain bnt.germ...@gmail.com
* URL : https://github.com/LuaLanes/lanes/
* License : MIT/X
  Programming Lang: C, Lua
  Description : Lua extension library providing the possibility to run 
multiple Lua states in parallel


It is intended to be used for optimizing performance on multicore CPU's and
to study ways to make Lua programs naturally parallel to begin with.

Features:
 * Lanes have separated data, by default. Shared data is possible with Linda 
objects.
 * Communications is separate of threads, using Linda objects.
 * Data passing uses fast inter-state copies (no serialization required).
 * Deep userdata concept, for sharing userdata over multiple lanes.
 * Millisecond level timers, integrated with the Linda system.
 * Threads can be given priorities.
 * Lanes are cancellable, with proper cleanup.
 * No Lua-side application level locking - ever!
 * Several totally independant Lanes universes may coexist in an
   application, one per master Lua state.

Limitations:
 * Coroutines are not passed between states.
 * Sharing full userdata between states needs special C side preparations (- 
deep userdata).
 * Network level parallelism not included.
 * Just like independant Lua states, Lanes universes cannot communicate 
together.

Dependence for luacheck ITP http://bugs.debian.org/776473
This will be maintained under the pkg-lua Team umbrella.

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBCgAGBQJVuRc0AAoJEFGgmxjPWlBoOPcP/0lgKh2QdVDoAn6drVzyFEaM
6GeN5fdIM/HAPPBapZVCn1jrmeMNOcKdh8/2cen2NW2XQd9vljdfvJgUglGy3c2t
C2p0i3Z256yutkGAJ6Pv2CVcvtyN7w7avKuytC3kk5ArjqnZ4mSZ3if48Sr//Ae/
w4dA94MEWAYlXlsd2Xm74MDjWauiEmzqMhppN7lTjcliemaEQvEzbr/D0l3dZYF0
U50i/w9k9/giYYivYrmAZ4WvzMOXLYBBCYA6/JsVe67URrHFaIsRVtPh6JHVAt8l
FlGrsBPXrOyU1lyelbd4RkDu23yyEb7GKEfezeu5fJ5zbgu7U9ks/p5vlc2BUHbM
ZxsPxTwbuwhYuIGjlUnzPebqFDDVUqWs2IHGE501jEi5nseNwrKYXST1qT9iH0Xw
2G/7bOlXZaGw+g5ZTf3WvEv+TXMlOBwj9y4ymI6h9RgPTOyCCdLm1fQA48mjLshH
mDT3JHhZ21Vrp03AVnhVLZsSsijIpeGSzfkbL1XkIuGoUM+yCxbyqpzmO/f/wZBp
1pFCjC8YALxHnZCJT3tw62UYfyvC7z4YRRJa0dyZDW74Wb1rYHSrLs9Gds5aR75j
CVuSBUHwGUJfzklh0OXcQmvsuFoOoLTQJPZlSiOiBMikNc+/j2DSa13YE07Y2Xq9
37PDWiZiM3DBw76S0ANF
=8mdK
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776473: ITP: luacheck -- static analyzer and a linter for the Lua language

[Victor Seva]

0.11.0 released

initial? work http://blog.torreviejawireless.org/debian/lua-check/



signature.asc
Description: OpenPGP digital signature

Bug#792455: ITP: golang-github-ugorji-go-codec -- encode/decode and rpc library for msgpack, binc, cbor and json

[Victor Seva]

Package: wnpp
Severity: wishlist
Owner: Victor Seva linuxman...@torreviejawireless.org

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

* Package name: golang-github-ugorji-go-codec
  Version : 0.0~git20150815.821cda7e
  Upstream Author : Ugorji Nwoke
* URL : https://github.com/ugorji/go
* License : MIT/X
  Programming Lang: GoLang
  Description : encode/decode and rpc library for msgpack, binc, cbor and 
json

go-codec library, a High Performance and Feature-Rich Idiomatic
encode/decode and rpc library for:

  msgpack: https://github.com/msgpack/msgpack
  binc: http://github.com/ugorji/binc
  cbor: http://cbor.io http://tools.ietf.org/html/rfc7049
  json: http://json.org http://tools.ietf.org/html/rfc7159

Dependence of cgrates [0]. This will be maintained under the ambrella of pkg-go 
team

[0] http://bugs.debian.org/787476

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBCgAGBQJVpYjhAAoJEFGgmxjPWlBok/8P/iim2LXMFgn99Q/AX9cRUVyu
B3H0aJyZoTM3bK1Nd0QOT1M0Qf+RV3BlPZqh0qwzvDfpx39H4A97c3QwaiQvTSf7
65gMvZ1tivcX/Leh+AE7cbSRP9hgu5jqftZx3gGXdhkXLimAXZcNNSn0QVzp+Uyj
BOR/JKOVh2vzc2vhIwjdeQs9kY0si4nXTcEe790FyeXabE5Zl0cVSTf3IRrHxxZz
iG8gZ1AniNu84iKXwEe2if68Sj5lsNm4KcF4WllMz3PjlZAcQasQ9/+ZBB0TVByh
g80HUOtkm7dSkHbeOqHTBwRDhxQyVxvWhGrMQqsAb9NQbUYIeeZtKFG1IuCsFikt
Nd9P7i+K8zgsNOUhYr2KezKNur799MK00yKjx/zdE3zmbCI/84tkoMEyEZVABcph
TkN29voDeHD40EhY+prlUd6R8ke3Dvxi9m4y1yBNeKucc4494Y8Mvoc7YIwMs/AX
Atgd9+Ce/Nry0mrAiLF5JwiGhZbvtbx0Oz/n+0IEm3/EUD7d9OkKhuVJ49QxIkOe
b39ZJD0SY+/XVBjmtWB7aTWQPTr50viXrq2WAs/iMrUKkxbpfkmnN8n62N6/ty5Q
VwCP0Zpeqvs2rDlmQYqIbbQNNwUvlBh2cxWzj8JS7vV0oQfef+1PQRtEhBAq8JN+
R46hQMO5HKmfsagh1K/g
=11Hl
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#792031: ITP: pkwalify -- perl kwalify schema validator

[Victor Seva]

Package: wnpp
Severity: wishlist
Owner: Victor Seva linuxman...@torreviejawireless.org

* Package name: pkwalify
  Version : 1.22
  Upstream Author : Slaven Rezic sla...@rezic.de
* URL : https://github.com/eserte/p5-Kwalify/
* License : Artistic-2.0
  Programming Lang: Perl
  Description : perl kwalify schema validator

 Kwalify is a Perl implementation for validating data structures
 against the Kwalify schema. For a schema definition, see
 http://www.kuwata-lab.com/kwalify/ruby/users-guide.01.html
 .
 Note that there is no support for validator hooks (section 1-7 of the
 user guide document).

There is already a kwalify package[0] but it's implemented in Ruby
and this allows the user not to install another interpreter

I'm planing to push this to pkg-perl team repo

[0] https://packages.debian.org/wheezy/kwalify


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#788468: ITP: golang-cronexpr-dev -- Cron expression parser

[Victor Seva]

Package: wnpp
Severity: wishlist
Owner: Victor Seva linuxman...@torreviejawireless.org

* Package name: golang-cronexpr-dev
  Version : 1.0.0-1
  Upstream Author : Raymond Hill
* URL : https://github.com/gorhill/cronexpr
* License : GPL-3
  Programming Lang: Golang
  Description : cron expression parser

Given a cron expression and a time stamp, you can get the next time
stamp which satisfies the cron expression.
.
The time-matching algorithm in this implementation is efficient, it
avoids as much as possible to guess the next matching time stamp, a
common technique seen in a number of implementations out there.


library needed for cgrates package [0]

[0] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787476



signature.asc
Description: OpenPGP digital signature

Bug#788248: ITP: golang-mysql-dev -- MySQL-Driver for Go's database/sql package

[Victor Seva]

Package: wnpp
Severity: wishlist

* Package name: golang-mysql-dev
  Version : 1.2-1
  Upstream Author : Julien Schmidt go-sql-driver at julienschmidt.com
* URL : https://github.com/go-sql-driver/mysql
* License : MPL 2.0
  Programming Lang: Go
  Description : MySQL-Driver for Go's database/sql package

Features:
- Lightweight and fast
- Native Go implementation. No C-bindings, just pure Go
- Connections over TCP/IPv4, TCP/IPv6 or Unix domain sockets
- Automatic handling of broken connections
- Automatic Connection Pooling (by database/sql package)
- Supports queries larger than 16MB
- Full sql.RawBytes support.
- Intelligent LONG DATA handling in prepared statements
- Secure LOAD DATA LOCAL INFILE support with file Whitelisting and
io.Reader support
- Optional time.Time parsing
- Optional placeholder interpolation



signature.asc
Description: OpenPGP digital signature

Bug#787476: ITP: cgrates -- Real-time Charging System for Telecom ISP environments

[Victor Seva]

Package: wnpp
Severity: wishlist
Owner: Victor Seva linuxman...@torreviejawireless.org

* Package name: cgrates
  Version : 0.9.1~rc5
  Upstream Author : ITsysCOM GmbH
* URL : https://github.com/cgrates/cgrates
* License : GPL-3
  Programming Lang: Golang
  Description : fast and easy scalable rating engine


It is written in Go and accessible from any language via JSON RPC. The
code is well documented (go doc compliant API docs) and heavily tested


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#772138: sngrep in Debian

[Victor Seva]

On 05/16/2015 12:11 PM, Ivan Alonso [Kaian] wrote:
 Hi Victor,
 
   Of course!
 
   Right now I have some repositories with version 0.3.1-1 [1] and I'll soon 
   release 0.3.2 which will solve a couple of minor bugs.

Ok. Upgrading. Please ping me when 0.3.2 is released.

   It will be nice if users can download it from official repositories but
   I will need some kind of guidance. Feel free to point me what can I do to
   help with the packaging/releasing proccess.

I'm going to try to find a sponsor, sadly I'm not yet a DD. I will keep
you inform.

Cheers,
Victor




signature.asc
Description: OpenPGP digital signature

Bug#772138: sngrep in Debian

[Victor Seva]

Hi Ivan,

I would like to see sngrep entering Debian repositories. I saw that
you're still looking for a sponsor for it [1]. Are you willing to
maintain it under the Debian pkg-voip [0] umbrella?


Cheers,
Victor

[0] https://wiki.debian.org/Teams/VoIP
[1] http://mentors.debian.net/package/sngrep




signature.asc
Description: OpenPGP digital signature

Bug#772138: ITP: sngrep -- Ncurses SIP Messages flow viewer

[Victor Seva]

Hi,

I've created [0] the git repo and commit some changes in order to get
sngrep built.


Cheers,
Victor

[0] http://anonscm.debian.org/cgit/pkg-voip/sngrep.git/



signature.asc
Description: OpenPGP digital signature

Bug#776473: ITP: luacheck -- static analyzer and a linter for the Lua language

[Victor Seva]

0.10.0 released

initial work http://blog.torreviejawireless.org/debian/lua-check/




signature.asc
Description: OpenPGP digital signature

Bug#780358: Annual ping for Victor Seva

[Victor Seva]

Package: debian-maintainers
Severity: normal

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi this is my annual ping for debian-maintainers

- -- System Information:
Debian Release: 8.0
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBCgAGBQJVAa5hAAoJEFGgmxjPWlBopdMQAJEgBVRESpksvO5Tu/V+MBLr
1lbrM7EQEzcEZCbOVe0SB0kjhlcFc1IyA/gT4mxCRVh8FuiC3GLuhyZ+/jhJHY81
mCfoH4Hx0s6wC4SQVnKw3FdcvI5UDpYfPLz5L/NEBoCVo2QlLkJLAX4ie4z4+eOm
xjnXWEK/5IXmhm7lM+OHSY5S6izSPX006RcZqp11XsIo5M/a5b6WPnF7yBwtPKJR
qoUwOMV1f5teRUbQ9GnpRhVCj9pUzKowhKMjUvNTBsB+MUQarO3ZtmLxYhOAM8bP
C/rrNUHCFzjEZdVkBjKSS8stv5F1iP6DsCzPQy8+Vj7dDWUmFm1R59PidkEv7ngc
bBXmszEHAE9aiZE3SiLwTZkTRmV5Wzufc/OawC4aQW73Sa6uBUgHtB/sTFwOXySH
hOyv00Xm/GCpQRQsgGx/D05/3Invv16rKQCyKg9eO6SLqhfb53iXK/OTkfPDxhTz
Gha+Wu4RG1uVDHg/FUgUNWxHSpnalr/25+QlfUP1uQdD5n1vGndMv5h6NQQAKaeA
wtAe46RXf6s/zRVr+A9mwDZFQppVZAm+BtigH0pYuLzpwK0r1UzHCuSwHBOj2Pfv
7SZ2ZeGPVOequsXwOUyukqVwnRl4c4el0MZv47f1bpNT9Hqp1tJcN+Srv/dQuTCU
+Dsqf6nixPbeHTQWdnbf
=glAN
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#606138: Allow use of tomcat7-user package with solr-tomcat

[Victor Seva]

tags 606138 + fixed pending



signature.asc
Description: OpenPGP digital signature

Bug#776473: ITP: luacheck -- static analyzer and a linter for the Lua language

[Victor Seva]

0.9.0 released

initial work http://blog.torreviejawireless.org/debian/lua-check/



signature.asc
Description: OpenPGP digital signature

Bug#778376: pkgconfig libgcj.pc link points to non existent file

[Victor Seva]

Package: gcj-jdk
Severity: normal
Tags: patch

# dpkg -L gcj-jdk | grep libgcj.pc
/usr/lib/pkgconfig/x86_64-linux-gnu/libgcj.pc
# ls -la /usr/lib/pkgconfig/x86_64-linux-gnu/libgcj.pc
lrwxrwxrwx 1 root root 11 Oct 18 09:03 
/usr/lib/pkgconfig/x86_64-linux-gnu/libgcj.pc - libgcj15.pc
# ls -la /usr/lib/pkgconfig/x86_64-linux-gnu/libgcj15.pc
ls: cannot access /usr/lib/pkgconfig/x86_64-linux-gnu/libgcj15.pc: No such file 
or directory
# ls -la /usr/lib/x86_64-linux-gnu/pkgconfig/libgcj15.pc
lrwxrwxrwx 1 root root 13 Oct 24 16:49 
/usr/lib/x86_64-linux-gnu/pkgconfig/libgcj15.pc - libgcj-4.9.pc


Switching from /usr/lib/pkgconfig/x86_64-linux-gnu/ to 
/usr/lib/x86_64-linux-gnu/pkgconfig/
will solve the problem.

-- System Information:
Debian Release: 8.0
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- debian/rules.orig	2015-02-14 10:44:11.0 +0100
+++ debian/rules	2015-02-14 10:43:37.0 +0100
@@ -700,8 +700,8 @@
 	  /usr/share/java/libgcj-$(PV_GCJ).jar /usr/share/java/libgcj.jar
 ifeq ($(with_multiarch_lib),yes)
 	dh_link -pgcj-jdk \
-	  /usr/lib/pkgconfig/$(DEB_HOST_MULTIARCH)/$(LIBGCJ_PC) \
-	  /usr/lib/pkgconfig/$(DEB_HOST_MULTIARCH)/libgcj.pc
+	  /usr/lib/$(DEB_HOST_MULTIARCH)/pkgconfig/$(LIBGCJ_PC) \
+	  /usr/lib/$(DEB_HOST_MULTIARCH)/pkgconfig/libgcj.pc
 else
 	dh_link -pgcj-jdk \
 	  /usr/lib/pkgconfig/$(LIBGCJ_PC) /usr/lib/pkgconfig/libgcj.pc

Bug#775565: ITP: lua5.3 -- scripting language

[Victor Seva]

Hi Enrico,

On 01/17/2015 02:07 PM, Enrico Tassi wrote:
 A git repo pkg-lua/lua5.3 on alioth was created, help is very welcome.

I would like to help here, is there any TODO or plan here?

Cheers,
Victor



signature.asc
Description: OpenPGP digital signature

Bug#776473: ITP: luacheck -- static analyzer and a linter for the Lua language

[Victor Seva]

Package: wnpp
Severity: wishlist
Owner: Victor Seva linuxman...@torreviejawireless.org

* Package name: luacheck
  Version : 0.8.0
  Upstream Author : Peter Melnichenko mpeter...@gmail.com
* URL : https://github.com/mpeterv/luacheck/
* License : Expat
  Programming Lang: Lua
  Description : static analyzer and a linter for the Lua language

Luacheck is a static analyzer and a linter for Lua which
 detects issues such as usage of undefined global variables,
 unused variables and values, etc. It is fairly configurable
 and can be used as a part of automated testing, manually
 from the command line or inside an editor.

This will be packaged under the umbrella of the pkg-lua team


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776508: (preapproval) unblock: kamailio/4.2.0-2

[Victor Seva]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock security

Please unblock package kamailio

A security bugreport was reported #775681 [0] by Helmut Grohne 
hel...@subdivi.de
regarding two issues:

  * kamcmd defaults to connecting to unixs:/tmp/kamailio_ctl.

- added default_ctl.patch.
  ctl defaults to /var/run/kamailio/kamailio_ctl.
  add ctl binrpc module parameter to etc/kamailio/kamailio*cfg
  to point this change.

  * The kamailio build definitely is vulnerable as can be seen in
utils/kamctl/Makefile.

- kamctl_build.patch.
  use basedir instead of /tmp
  Patch already accepted by upstream [1]

There is an ongoing discussion with upstream about default configs at [2].

So this version will fix those issues. Notice that this version will include
fixes pushed by Anibal Monsalve Salazar ani...@debian.org as Non-maintainer 
upload
4.2.0-1.1 regarding FTBFS on mipsel and mips #767500

unblock kamailio/4.2.0-2

[0] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775681
[1] https://github.com/kamailio/kamailio/pull/56
[2] https://github.com/kamailio/kamailio/issues/48

-- System Information:
Debian Release: 8.0
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru kamailio-4.2.0/debian/changelog kamailio-4.2.0/debian/changelog
--- kamailio-4.2.0/debian/changelog	2014-10-21 23:17:18.0 +0200
+++ kamailio-4.2.0/debian/changelog	2015-01-28 20:48:03.0 +0100
@@ -1,3 +1,21 @@
+kamailio (4.2.0-2) unstable; urgency=medium
+
+  * [d614569] fix fifo and ctl defaults pointing to unsecure /tmp dir
+Closes: #775681
+
+ -- Victor Seva linuxman...@torreviejawireless.org  Wed, 28 Jan 2015 20:43:44 +0100
+
+kamailio (4.2.0-1.1) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Fix FTBFS on mipsel and mips.
+Add mips/mipsel arch in debian/control.
+Disable the Mono module on mips in debian/rules (like it is on ia64).
+Add fix-mips.patch Patch by Dejan Latinovic dejan.latino...@imgtec.com
+Closes: #767500.
+
+ -- Anibal Monsalve Salazar ani...@debian.org  Thu, 13 Nov 2014 10:48:28 +
+
 kamailio (4.2.0-1) unstable; urgency=medium
 
   * [8774ae4] Imported Upstream version 4.2.0
diff -Nru kamailio-4.2.0/debian/control kamailio-4.2.0/debian/control
--- kamailio-4.2.0/debian/control	2014-10-21 23:17:18.0 +0200
+++ kamailio-4.2.0/debian/control	2015-01-28 20:48:03.0 +0100
@@ -23,7 +23,7 @@
libldap2-dev,
liblua5.1-0-dev,
libmemcached-dev,
-   libmono-2.0-dev [!ia64],
+   libmono-2.0-dev [!ia64 !mips],
libmysqlclient-dev,
libncurses5-dev,
libpcre3-dev,
@@ -51,7 +51,7 @@
 Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-voip/kamailio.git
 
 Package: kamailio
-Architecture: amd64 armel i386 ia64 powerpc ppc64 s390x
+Architecture: amd64 armel i386 ia64 powerpc ppc64 s390x mips mipsel
 Multi-Arch: foreign
 Pre-Depends: ${misc:Pre-Depends}
 Depends: adduser, python, ${misc:Depends}, ${shlibs:Depends}
@@ -94,7 +94,7 @@
 Package: kamailio-dbg
 Priority: extra
 Section: debug
-Architecture: amd64 armel i386 ia64 powerpc ppc64 s390x
+Architecture: amd64 armel i386 ia64 powerpc ppc64 s390x mips mipsel
 Multi-Arch: same
 Pre-Depends: ${misc:Pre-Depends}
 Depends: kamailio (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
@@ -107,7 +107,7 @@
  modules. You only need to install it if you need to debug Kamailio.
 
 Package: kamailio-geoip-modules
-Architecture: amd64 armel i386 ia64 powerpc ppc64 s390x
+Architecture: amd64 armel i386 ia64 powerpc ppc64 s390x mips mipsel
 Multi-Arch: same
 Pre-Depends: ${misc:Pre-Depends}
 Depends: kamailio (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
@@ -120,7 +120,7 @@
  use GeoIP API within configuration file.
 
 Package: kamailio-sqlite-modules
-Architecture: amd64 armel i386 ia64 powerpc ppc64 s390x
+Architecture: amd64 armel i386 ia64 powerpc ppc64 s390x mips mipsel
 Multi-Arch: same
 Pre-Depends: ${misc:Pre-Depends}
 Depends: kamailio (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
@@ -133,7 +133,7 @@
  This package provides the SQLite database driver for Kamailio.
 
 Package: kamailio-json-modules
-Architecture: amd64 armel i386 ia64 powerpc ppc64 s390x
+Architecture: amd64 armel i386 ia64 powerpc ppc64 s390x mips mipsel
 Multi-Arch: same
 Pre-Depends: ${misc:Pre-Depends}
 Depends: kamailio (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
@@ -146,7 +146,7 @@
  and the JSON-RPC client over netstrings.
 
 Package: kamailio-memcached-modules
-Architecture: amd64 armel i386 ia64 powerpc ppc64 s390x
+Architecture: amd64 armel i386 ia64 powerpc ppc64 s390x mips mipsel

Bug#775681: multiple /tmp file vulnerabilities

[Victor Seva]

On 01/25/2015 09:52 PM, Helmut Grohne wrote:
 On Sat, Jan 24, 2015 at 02:30:37PM +0100, Victor Seva wrote:
 On 01/18/2015 05:16 PM, Helmut Grohne wrote:
[snip]
 All of these fixes are appropriate for a Debian Security Advisory. Thus
 they should also be appropriate for a freeze unblock. Please file a pre
 approval unblock bug.

preapproval unblock bugreport [0]

[0] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776508



signature.asc
Description: OpenPGP digital signature