Bug#849149: marked as done (bpfcc: FTBFS: FlexLexer.h: No such file or directory)

[Debian Bug Tracking System]

Your message dated Sat, 31 Dec 2016 13:24:55 +0530
with message-id <1483170895.13102.5.ca...@debian.org>
and subject line Re: Bug#849149: bpfcc: FTBFS: FlexLexer.h: No such file or 
directory
has caused the Debian Bug report #849149,
regarding bpfcc: FTBFS: FlexLexer.h: No such file or directory
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
849149: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849149
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: bpfcc
Version: 0.2.0-1
Severity: serious
Justification: fails to build from source (but built successfully in the past)

Builds of bpfcc in minimal environments (notably, the autobuilders)
have been failing:

  /«PKGBUILDDIR»/src/cc/frontends/b/lexer.h:22:23: fatal error: FlexLexer.h: No 
such file or directory

Please declare a build dependency on libfl-dev, on which flex no
longer depends so that it can properly be Multi-Arch: foreign.  (See
#840080.)

Thanks!

FTR, I'm filing this bug as a regression because it would interfere
with binNMUs.

-- 
Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org)
http://www.mit.edu/~amu/ | http://stuff.mit.edu/cgi/finger/?a...@monk.mit.edu
--- End Message ---
--- Begin Message ---
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On Fri, 2016-12-23 at 14:26 +0530, Ritesh Raj Sarraf wrote:
> On Thu, 2016-12-22 at 18:42 -0500, Aaron M. Ucko wrote:
> > Builds of bpfcc in minimal environments (notably, the autobuilders)
> > have been failing:
> > 
> >   /«PKGBUILDDIR»/src/cc/frontends/b/lexer.h:22:23: fatal error: FlexLexer.h:
> > No such file or directory
> > 
> > Please declare a build dependency on libfl-dev, on which flex no
> > longer depends so that it can properly be Multi-Arch: foreign.  (See
> > #840080.)
> > 
> 
> Thanks Aaron. This is done but I have other build failures on i386 arch which
> is
> blocking the upload.
> 
> https://github.com/iovisor/bcc/issues/873

THis should now be fixed with the 0.2.0-2 upload

- -- 
Ritesh Raj Sarraf | http://people.debian.org/~rrs
Debian - The Universal Operating System
-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEQCVDstmIVAB/Yn02pjpYo/LhdWkFAlhnZE8ACgkQpjpYo/Lh
dWni3Q//ZRKHVy5A5JCUVDdsT/e5Wc3NZ3DSaJGeyu86Id98fljD2VThjSi5afuZ
GKee+xyDio3jC/3N6rmFkuLXHW49ZX3AvqhTCPu9NjVUS8r3G7KOx5Z5PkUuhQw+
M3x9dz0+JiXtfDRYi83kQr9n7kyvglZQakVvNSzuQNKwwQT+8ED0MAmsxuc51KkW
BhAYHQ8qFLsNZHYvXs6N0xYwMnLKVvHP2CYDqTdLEaX865kOGZzGbF2DmoPfOUbN
gQnZMh9t7kmlUp0l7wzEqMiNBoGY5KSoC3RVIyVD151xBWkdkD33urcYn/IzPcJw
lujCpFj36YUp9YSmzhtak3udhRK7R6NOl188E7sKSmd7GxoTm/0XpTZA6FlrDTTf
amr82UuO6yfCFJDRzQxYeVSKs3KiQ/t47H4QnD3jfBg1fWfbucO3pzmk9ZBwDGSN
GvilRRxy7kaHbdfR1n6grVI/r9N6xs9sS3guZ8cY2ICowrqogkM8hLa002Wfghts
XmhcvffWd3mVBq+3/vNKcFkuYFlw7aoZ2MiqhdRttnCh0H1+k5KBshyvUUU2eqCg
gVH9/xoI03Sac6B+ybjo82K3MXAfJsJqg+8cDndEqglF7+1FynB7bd1SZ7oQNKzl
57dEsNLI0pFrUgwuUjjVVrH64jkZG9w4u2vWs74DRDWgALGjYgk=
=ETP7
-END PGP SIGNATURE End Message ---

Bug#849631: dnscrypt-proxy 1.8.1-4 fails to start

[Eric Dorland]

Control: tags + moreinfo unreproducible

I'm not seeing this on my system. If you upgrade what does your
dnscrypt-proxy.socket, dnscrypt-proxy.service and
/etc/dnscrypt-proxy/dnscrypt-proxy.conf files look like?

* Perl (zer0.div...@yahoo.fr) wrote:
> Package: dnscrypt-proxy
> Version: 1.7.0+dfsg-1
> Severity: serious
> Tags: upstream
> Justification: serious
> 
> Dear Maintainer,
> 
>* What led up to the situation?
>After upgrade dnscrypt-proxy, it wan't start anymore.
>* What exactly did you do (or not do) that was effective (or
>  ineffective)?
>  Working as before.
>* What was the outcome of this action?
>dnscrypt-proxy.service and dnscrypt-proxy.socket stop working.
>I get these output in journalctl:
>Dec 28 22:13:03 debian systemd[1]: dnscrypt-proxy.service: Service
>hold-off time over, scheduling restart.
>Dec 28 22:13:03 debian systemd[1]: dnscrypt-proxy.service: Start
>request repeated too quickly.
>Dec 28 22:13:03 debian systemd[1]: dnscrypt-proxy.socket: Unit
>entered failed state.
>Dec 28 22:13:03 debian systemd[1]: dnscrypt-proxy.service: Unit
>entered failed state.
>Dec 28 22:13:03 debian systemd[1]: dnscrypt-proxy.service: Failed
>with result 'start-limit-hit'.
>
>And if I feed dnscrypt-proxy command with the configuration file, I
>get in terminal:
>Dec 28 22:13:01 debian dnscrypt-proxy[1694]: Wed Dec 28 22:13:01 2016
>[INFO] + DNS Security Extensions are supported
>Dec 28 22:13:01 debian dnscrypt-proxy[1694]: Wed Dec 28 22:13:01 2016
>[INFO] + Provider supposedly doesn't keep logs
>Dec 28 22:13:01 debian systemd[1]: dnscrypt-proxy.service: Service
>hold-off time over, scheduling restart.
> 
>* What outcome did you expect instead?
>Running dnscrypt-proxy.service and dnscrypt-proxy.socket.
> 
> *** End of the template - remove these template lines ***
> 
> 
> -- System Information:
> Debian Release: stretch/sid
>   APT prefers unstable
>   APT policy: (990, 'unstable'), (150, 'testing'), (100, 'stable'), (5, 
> 'experimental')
> Architecture: amd64 (x86_64)
> 
> Kernel: Linux 4.8.0-1-amd64 (SMP w/4 CPU cores)
> Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
> 
> Versions of packages dnscrypt-proxy depends on:
> ii  adduser  3.115
> ii  init-system-helpers  1.46
> ii  libc62.24-8
> ii  libltdl7 2.4.6-2
> ii  libsodium18  1.0.11-1
> ii  libsystemd0  232-8
> 
> dnscrypt-proxy recommends no packages.
> 
> Versions of packages dnscrypt-proxy suggests:
> ii  resolvconf  1.79
> 
> -- Configuration Files:
> /etc/default/dnscrypt-proxy changed:
> DNSCRYPT_PROXY_LOCAL_ADDRESS=127.0.2.1:53
> DNSCRYPT_PROXY_RESOLVER_NAME=dnscrypt.org-fr
> DNSCRYPT_PROXY_OPTIONS=""
> 
> /etc/dnscrypt-proxy/dnscrypt-proxy.conf changed:
> ResolverName=dnscrypt.org-fr

That equals sign looks problematic.

> ResolversList /usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv
> Daemonize yes
> PidFile /var/run/dnscrypt-proxy.pid
> User _dnscrypt-proxy
> LocalAddress 127.0.2.1:53
> EphemeralKeys yes
> MaxActiveRequests 250
> LogFile /var/log/dnscrypt-proxy.log
> LogLevel 7
> BlockIPv6 yes
> 
> 
> -- no debconf information

-- 
Eric Dorland 
43CF 1228 F726 FD5B 474C  E962 C256 FBD5 0022 1E93


signature.asc
Description: PGP signature

Bug#817327: marked as done (cyclades-serial-client: Mandatory debian/compat for debhelper)

[Debian Bug Tracking System]

Your message dated Sat, 31 Dec 2016 05:48:25 +
with message-id 
and subject line Bug#817327: fixed in cyclades-serial-client 0.93
has caused the Debian Bug report #817327,
regarding cyclades-serial-client: Mandatory debian/compat for debhelper
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
817327: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=817327
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: cyclades-serial-client
Severity: important
Usertags: mandatory-debian-compat

Hi,

The package cyclades-serial-client uses debhelper but does not have a 
debian/compat
file.

 * Please add a debian/compat file at your earliest convenience.

 * This will become mandatory in the first debhelper upload after
   15th of April.

If your package is *also* affected by any of the following debhelper
related deprecations, please consider fixing them at the same time:

 * debhelper compat 4 is deprecated and is expected to be removed
   on the 15th of June.
   - Compat 9 is recommended
   - Compat 5 is the bare minimum
   - If the package has been relying on dh_install being lenient about
 missing files, please see "MIGRATING TO COMPAT 5 OR LATER" in [1].

Thanks,
~Niels

[1] https://lists.debian.org/debian-devel/2015/09/msg00257.html
--- End Message ---
--- Begin Message ---
Source: cyclades-serial-client
Source-Version: 0.93

We believe that the bug you reported is fixed in the latest version of
cyclades-serial-client, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 817...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Russell Coker  (supplier of updated 
cyclades-serial-client package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 31 Dec 2016 16:37:21 +1100
Source: cyclades-serial-client
Binary: cyclades-serial-client
Architecture: source amd64
Version: 0.93
Distribution: unstable
Urgency: medium
Maintainer: Russell Coker 
Changed-By: Russell Coker 
Description:
 cyclades-serial-client - Network Serial port client software for Cyclades 
terminal servers
Closes: 800212 817327
Changes:
 cyclades-serial-client (0.93) unstable; urgency=medium
 .
   * Fix debhelper compatability level  Closes: #800212
 Closes: #817327
Checksums-Sha1:
 cd8e0595959a24d4e05667044235b00b2b3afa5d 1469 cyclades-serial-client_0.93.dsc
 0962b8083b50f83d8c4f30747f06584c5cc8bf3a 124887 
cyclades-serial-client_0.93.tar.gz
 b9b71b56feb4269c3779e7e23a0eede6dd951149 4597 
cyclades-serial-client_0.93_amd64.buildinfo
 5d4d18517aa12b186761d50201d8ad0746485bd1 31592 
cyclades-serial-client_0.93_amd64.deb
Checksums-Sha256:
 11c7ac0a013a7c601ff1612303d42c3a3258c5604289bcaa141393cd085e8680 1469 
cyclades-serial-client_0.93.dsc
 d0bf2f70cbc9ea28c9ad5da11aba8e96c136235bb2d1f2c28662d2197642fd8a 124887 
cyclades-serial-client_0.93.tar.gz
 315b7a3633b83ae3b6b4047e4a66adb008c09158d06db794a6b24010faab0d3e 4597 
cyclades-serial-client_0.93_amd64.buildinfo
 caf9d3c1712a402f2d7352303464598b510ee1740faa8295b2aa9a2353dc4b17 31592 
cyclades-serial-client_0.93_amd64.deb
Files:
 1428fc961ac05d44720d6b09b37d5e21 1469 comm optional 
cyclades-serial-client_0.93.dsc
 eb2f052281008a866ed8cb1cf624a98d 124887 comm optional 
cyclades-serial-client_0.93.tar.gz
 662e79156eb65e818acb0ac0bdb1f686 4597 comm optional 
cyclades-serial-client_0.93_amd64.buildinfo
 9190cfbefd140fa06340c96b8505927a 31592 comm optional 
cyclades-serial-client_0.93_amd64.deb

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlhnRF8ACgkQ0UHNMPxL
j3kEPA/8CY2m1QmYUGXTAIWCwnD7uKBbS+fInZZ9dfCZJoc2+1tR0ntXwr8BINtL
grIYFFl2Q/70zCB2ypriZe3juZRNadQ/SEAuYy3MDm+eJ0IN+MmzVJbmmS4VLXHc
X0EETwQNPQWK9HoW/0D6V9mHV1WhUdcqgaIJal726R+HnEeLh2JtGPlqJFKhAmca
8FWd32lR2pgaAQNPmfhWNRSFZ8JvAMFNuORkk6s3mNfShLzdyY8b+xII6SMNDVwI
7I7PrtWBRqgkSyCVToVVzsRrTnewbEfu4TWFgV66Pgf7n9nl+qp5pIjECJn7wYN0
5bADzZSSWPy11bJpc6jopY13T50f06OcSYGEVP72OWUwc1xEVj9enhuhgL/774uH
/IWWWmLzGRvVTyTbx8thuqA30wVHcDlgp6hD8/cKW/jns5p4Dq/PQaqIPmhYvRFM

Bug#800212: marked as done (cyclades-serial-client: Please migrate a supported debhelper compat level)

[Debian Bug Tracking System]

Your message dated Sat, 31 Dec 2016 05:48:25 +
with message-id 
and subject line Bug#800212: fixed in cyclades-serial-client 0.93
has caused the Debian Bug report #800212,
regarding cyclades-serial-client: Please migrate a supported debhelper compat 
level
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
800212: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=800212
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: cyclades-serial-client
Severity: important
Usertags: deprecated-debhelper-compat-leq-3

Hi,

The package cyclades-serial-client is using a debhelper compat level of 3 or 
less
according to lintian.  These compat levels have been deprecated for
the past ~10 years and debhelper will remove support for them in the near
future (as declared in [1]).

 * Please migrate the package to a supported debhelper compat level.
   - Compat 9 is recommended
   - Compat 5 is the bare minimum (compat 4 will be removed soon as
 well)

 * If your package uses any of the following tools, please remove them
   from the rules files.  Neither of them does anything except warn
   about their deprecation.
   - dh_desktop
   - dh_scrollkeeper (deadline: January 1st 2016)
   - dh_suidregister
   - dh_undocumented

 * Please note that your package might have been flagged for using
   e.g. "DH_COMPAT=2 dh_foo ...".
   - This will still cause issues when the compat level is removed.

 * If the package has been relying on dh_install being lenient about
   missing files, please see "MIGRATING TO COMPAT 5 OR LATER" in [1].

 * Deadline: 
   - compat 1+2: November 1st 2015
   - compat 3: January 1st 2016

If you are using other deprecated debhelper features (such as omitting
the debian/compat file), please consider fixing those while you are at
it.

Thanks,
~Niels

[1] https://lists.debian.org/debian-devel/2015/09/msg00257.html
--- End Message ---
--- Begin Message ---
Source: cyclades-serial-client
Source-Version: 0.93

We believe that the bug you reported is fixed in the latest version of
cyclades-serial-client, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 800...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Russell Coker  (supplier of updated 
cyclades-serial-client package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 31 Dec 2016 16:37:21 +1100
Source: cyclades-serial-client
Binary: cyclades-serial-client
Architecture: source amd64
Version: 0.93
Distribution: unstable
Urgency: medium
Maintainer: Russell Coker 
Changed-By: Russell Coker 
Description:
 cyclades-serial-client - Network Serial port client software for Cyclades 
terminal servers
Closes: 800212 817327
Changes:
 cyclades-serial-client (0.93) unstable; urgency=medium
 .
   * Fix debhelper compatability level  Closes: #800212
 Closes: #817327
Checksums-Sha1:
 cd8e0595959a24d4e05667044235b00b2b3afa5d 1469 cyclades-serial-client_0.93.dsc
 0962b8083b50f83d8c4f30747f06584c5cc8bf3a 124887 
cyclades-serial-client_0.93.tar.gz
 b9b71b56feb4269c3779e7e23a0eede6dd951149 4597 
cyclades-serial-client_0.93_amd64.buildinfo
 5d4d18517aa12b186761d50201d8ad0746485bd1 31592 
cyclades-serial-client_0.93_amd64.deb
Checksums-Sha256:
 11c7ac0a013a7c601ff1612303d42c3a3258c5604289bcaa141393cd085e8680 1469 
cyclades-serial-client_0.93.dsc
 d0bf2f70cbc9ea28c9ad5da11aba8e96c136235bb2d1f2c28662d2197642fd8a 124887 
cyclades-serial-client_0.93.tar.gz
 315b7a3633b83ae3b6b4047e4a66adb008c09158d06db794a6b24010faab0d3e 4597 
cyclades-serial-client_0.93_amd64.buildinfo
 caf9d3c1712a402f2d7352303464598b510ee1740faa8295b2aa9a2353dc4b17 31592 
cyclades-serial-client_0.93_amd64.deb
Files:
 1428fc961ac05d44720d6b09b37d5e21 1469 comm optional 
cyclades-serial-client_0.93.dsc
 eb2f052281008a866ed8cb1cf624a98d 124887 comm optional 
cyclades-serial-client_0.93.tar.gz
 662e79156eb65e818acb0ac0bdb1f686 4597 comm optional 
cyclades-serial-client_0.93_amd64.buildinfo
 9190cfbefd140fa06340c96b8505927a 31592 comm optional 
cyclades-serial-client_0.93_amd64.deb

-BEGIN PGP 

Bug#830472: can't reproduce, not serious

[Russell Coker]

severity 830472 normal
thanks

I can't reproduce this.  Version 0.74 fixed all the GCC6 related bugs that 
occur on my system.

Version 0.75 should stay in testing because the amd64 package I uploaded 
compiled without any serious warnings.

I'll fix this bug if I can reproduce it, but it's not a reason to remove 
postal from testing.  If you have any suggestions for reproducing it then 
please let me know.

-- 
My Main Blog http://etbe.coker.com.au/
My Documents Bloghttp://doc.coker.com.au/

Processed: can't reproduce, not serious

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> severity 830472 normal
Bug #830472 [src:postal] postal: FTBFS: smtp.h:28:58: error: 'hash' was not 
declared in this scope
Severity set to 'normal' from 'serious'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
830472: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830472
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#849661: marked as done (gap-guava: FTBFS with some SHELLs(?): cd: too many arguments)

[Debian Bug Tracking System]

Your message dated Sat, 31 Dec 2016 03:03:50 +
with message-id 
and subject line Bug#849661: fixed in gap-guava 3.13+ds-2
has caused the Debian Bug report #849661,
regarding gap-guava: FTBFS with some SHELLs(?): cd: too many arguments
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
849661: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849661
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: gap-guava
Version: 3.13+ds-1
Severity: serious
Justification: fails to build from source
Tags: sid stretch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: ftbfs
X-Debbugs-CC: reproducible-bui...@lists.alioth.debian.org

Dear Maintainer,

The package fails to build:

gcc -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2
-fdebug-prefix-map=/build/gap-guava-3.13+ds/2nd=.
-fstack-protector-strong -Wformat -Werror=format-security
-Wno-unused-result -Wl,-z,relro -Wl,-z,now -o leonconv leonconv.c
cd leon make
/bin/sh: line 0: cd: too many arguments
Makefile:14: recipe for target 'all' failed


There's definitely an error in the Makefile:
https://sources.debian.net/src/gap-guava/3.13%2Bds-1/src/Makefile/#L14

all :   $(FILES)
cd leon make


The variation appears to be that most shells treat this is "cd leon"
(and ignore the rest of the arguments), whereas some shells reject it as
an error:

% mkdir -p foo bar; for s in bash zsh dash posh sh; do $s -c 'cd foo bar'; done
zsh:cd:1: string not in pwd: foo
posh: cd: too many arguments

(the others succeed)

I have no idea what upstream intended there.

A full build log can be seen on the reproducible-builds builders, which
vary the shell (between bash and.. some sh):
https://tests.reproducible-builds.org/debian/unstable/amd64/gap-guava
--- End Message ---
--- Begin Message ---
Source: gap-guava
Source-Version: 3.13+ds-2

We believe that the bug you reported is fixed in the latest version of
gap-guava, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 849...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jerome Benoit  (supplier of updated gap-guava package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 31 Dec 2016 01:50:14 +
Source: gap-guava
Binary: gap-guava gap-guava-bin
Architecture: source
Version: 3.13+ds-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 

Changed-By: Jerome Benoit 
Description:
 gap-guava  - coding theory library for GAP
 gap-guava-bin - coding theory library for GAP (arch-dep files)
Closes: 849661
Changes:
 gap-guava (3.13+ds-2) unstable; urgency=medium
 .
   * FTBFS fix release (Closes: #849661), discard inert but now causing failure
 (and certainly forgotten) command in the target `all' in src/Makefile.
   * Debianization:
 - debian/control:
   - Standards Version, bump to 3.9.8;
 - debian/patches/*:
   - d/p/upstream-fix-src-make_machinery-disambiguation-bug_849661.patch,
 introduce;
   - Origin fields, correct;
 - debian/tests/*:
   - d/t/makecheck.tst, typo.
Checksums-Sha1:
 51e9238d9704b03fc613d773a0e589d481fda137 2900 gap-guava_3.13+ds-2.dsc
 c75caa033e2a5eef44759ac26b7fb714a86ed252 10016 
gap-guava_3.13+ds-2.debian.tar.xz
Checksums-Sha256:
 d13da09b844ed8b6220683ffd980e0c16ee605d02b9377f6aed5a1ed159cc542 2900 
gap-guava_3.13+ds-2.dsc
 3d216e36aa887540a233d6926618e2aa9bfc4bcdabaa015cfbfa621b375a18fa 10016 
gap-guava_3.13+ds-2.debian.tar.xz
Files:
 84d70271ffd5cbbf2417dcfd1f97009b 2900 math optional gap-guava_3.13+ds-2.dsc
 87728e2de9c47e57578776a171430800 10016 math optional 
gap-guava_3.13+ds-2.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQQcBAEBCgAGBQJYZxOlAAoJED+SGaZ/NsaLQZcf/RCGN6GM0AhLakavd1+CGozq
8tRemtg3wIIDPzm6mTldR7nfwnt8ROFBswHpwTdhvpQVw3r1sYfOcVAF3aVHfT8Y
beC+iQcM6DCiucMCg8VfjesQi3wfLRSZWwgcwdiE+hNGDe+UVSJHc4wZ3YMssZvx
o6C63MZoqIQijHdsuX1cpv5Jwbu8pppCLDL3QoBlWDXcS8Mszh/992ABhEtoCXut
CljznKFnSJn+BUehawI9kW4jJT4EFhs1N4fja974bPgFSb7ywkdJrjFsanpUggFs

Bug#849633: marked as done (Kernel packages need Breaks on older virtualbox-dkms versions)

[Debian Bug Tracking System]

Your message dated Sat, 31 Dec 2016 01:58:51 +
with message-id <1483149531.3983.28.ca...@decadent.org.uk>
and subject line Re: Kernel packages need Breaks on older virtualbox-dkms 
versions
has caused the Debian Bug report #849633,
regarding Kernel packages need Breaks on older virtualbox-dkms versions
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
849633: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849633
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: virtualbox-dkms
Version: 4.3.36-dfsg-1+deb8u1
Severity: grave
Justification: renders package unusable

Dear Maintainer,

I updated my kernel via apt. VirtualBox does not work since because of
error when compiling the DKMS modules. This issue persists since a few
kernel updates.

See the log output of /var/lib/dkms/virtualbox/4.3.36/build/make.log
which I have attached.

-- System Information:
Debian Release: 8.6
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.7.0-0.bpo.1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages virtualbox-dkms depends on:
ii  dkms  2.2.1.0+git20160527-1~bpo8+1

Versions of packages virtualbox-dkms recommends:
ii  virtualbox  4.3.36-dfsg-1+deb8u1

virtualbox-dkms suggests no packages.

-- no debconf information
DKMS make.log for virtualbox-4.3.36 for kernel 4.8.0-0.bpo.2-amd64 (x86_64)
Thu Dec 29 10:42:53 CET 2016
make: Entering directory '/usr/src/linux-headers-4.8.0-0.bpo.2-amd64'
  LD  /var/lib/dkms/virtualbox/4.3.36/build/built-in.o
  LD  /var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/built-in.o
  CC [M]  /var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/linux/SUPDrv-linux.o
  CC [M]  /var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/SUPDrv.o
  CC [M]  /var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/SUPDrvTracer.o
  CC [M]  /var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/SUPDrvSem.o
  CC [M]  /var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/alloc-r0drv.o
  CC [M]  /var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/initterm-r0drv.o
  CC [M]  /var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/memobj-r0drv.o
  CC [M]  
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/mpnotification-r0drv.o
  CC [M]  
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/powernotification-r0drv.o
  CC [M]  
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/assert-r0drv-linux.o
  CC [M]  
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/alloc-r0drv-linux.o
  CC [M]  
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/initterm-r0drv-linux.o
  CC [M]  
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/memobj-r0drv-linux.o
  CC [M]  
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/memuserkernel-r0drv-linux.o
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/memobj-r0drv-linux.c: 
In function ‘rtR0MemObjNativeFree’:
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/memobj-r0drv-linux.c:581:21:
 error: implicit declaration of function ‘page_cache_release’ 
[-Werror=implicit-function-declaration]
 page_cache_release(pMemLnx->apPages[iPage]);
 ^
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/memobj-r0drv-linux.c: 
In function ‘rtR0MemObjNativeLockUser’:
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/memobj-r0drv-linux.c:1032:29:
 warning: passing argument 1 of ‘get_user_pages’ makes integer from pointer 
without a cast
 rc = get_user_pages(pTask,  /* Task for fault 
accounting. */
 ^
In file included from 
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/the-linux-kernel.h:88:0,
 from 
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/memobj-r0drv-linux.c:31:
/usr/src/linux-headers-4.8.0-0.bpo.2-common/include/linux/mm.h:1315:6: note: 
expected ‘long unsigned int’ but argument is of type ‘struct task_struct *’
 long get_user_pages(unsigned long start, unsigned long nr_pages,
  ^
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/memobj-r0drv-linux.c:1033:29:
 warning: passing argument 2 of ‘get_user_pages’ makes integer from pointer 
without a cast
 pTask->mm,  /* Whose pages. */
 ^
In file included from 
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/the-linux-kernel.h:88:0,
 from 

Bug#849597: libguestfs0: Missing multiple dependencies

[Richard W.M. Jones]

In Fedora we package up the icoutils dependencies in a separate
subpackage to avoid pulling in all of X and Perl when installing the
main library:

http://pkgs.fedoraproject.org/cgit/rpms/libguestfs.git/tree/libguestfs.spec#n427

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-p2v converts physical machines to virtual machines.  Boot with a
live CD or over the network (PXE) and turn machines into KVM guests.
http://libguestfs.org/virt-v2v

Bug#849787: mcstrans: Running mcstrans triggers 849748 and is the most serious SE Linux problem

[Russell Coker]

Package: mcstrans
Version: 2.6-2
Severity: critical
Tags: upstream
Justification: breaks unrelated software

While mcstrans has no problems for what it does, it triggers bad interactions
between systemd, dbus, and SE Linux.  I don't think it is possible to properly
solve these issues before the sid is frozen.  Therefore I think that mcstrans
should be removed from testing and not offered for installation in the next
stable release.

At this time this is the most serious problem we have with SE Linux in Debian.

As an aside by default Fedora doesn't run mcstrans.  I don't know whether it's
for the same reason, but in any case Fedora users are surviving well enough
without it.

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.8.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages mcstrans depends on:
ii  init-system-helpers  1.46
ii  libc62.24-8
ii  libcap2  1:2.25-1
ii  libpcre3 2:8.39-2
ii  libselinux1  2.6-3
ii  lsb-base 9.20161125
ii  selinux-utils2.6-3

mcstrans recommends no packages.

mcstrans suggests no packages.

-- no debconf information

Bug#849077: [pkg-wpa-devel] Bug#849077: wpasupplicant: [Regression] Updating wpasupplicant makes not possible to connect to encrypted WiFi

[Michael Owen]

I had the exact same error with all my ralink, broadcom and realtek
adapters.
Adding the lines to NetworkManager.conf

[device]

   wifi.scan-rand-mac-address=no

fixed them all. I did not have the problem with the internal Atheros on my 
Inspiron.

Fixing this is excellent, I no longer have to use wicd to connect as I prefer 
NetworkManager.


On Mon, 26 Dec 2016 16:39:43 -0300 Lisandro
=?ISO-8859-1?Q?Dami=E1n_Nicanor_P=E9rez?= Meyer 
wrote:
> On lunes, 26 de diciembre de 2016 20:04:08 ART Andrew Shadura wrote:
> > On 26/12/16 19:28, Lisandro Damián Nicanor Pérez Meyer wrote:
> > > Thanks to Eduard Bloch at [bug] I've tried adding
> > >
> > > [device]
> > > wifi.scan-rand-mac-address=no
> > >
> > > to /etc/NetworkManager/NetworkManager.conf
> > >
> > > and updating wpasupplicant... and voilá, WiFi is on again.
> > >
> > > [bug] 
> > >
> > > I don't know if it's a bug in the driver, NM or wpasupplicant, but at
> > > least
> > > things now work.
> >
> > Lisandro, what NM version are you using? A related bug has been fixed by
> > mbiebl recently:
> >
> > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=835822#67
>
> Interesting. I was using 1.4.2-3. After trying this workaround/fix I
updated
> to 1.4.4-1 which is what I'm currently using.
>
> Thanks!
>
> --
> Quizá, para muchos, ahora que lo pienso, Wikipedia tiene
> ciertamente un defecto imperdonable. No adorna.
> Ariel Torres, "Probablemente, la Wikipedia esté bien"
> La Nación Tecnología, Sábado 25 de agosto de 2007
> http://www.lanacion.com.ar/tecnologia/nota.asp?nota_id=937889
>
> Lisandro Damián Nicanor Pérez Meyer
> http://perezmeyer.com.ar/
> http://perezmeyer.blogspot.com/

Bug#849661: gap-guava: FTBFS with some SHELLs(?): cd: too many arguments

[Jerome BENOIT]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hello GUAVA enthusiasts,

@Chris, thanks for report the issue.

On 29/12/16 16:08, Chris West (Faux) wrote:
> Source: gap-guava
> Version: 3.13+ds-1
> Severity: serious
> Justification: fails to build from source
> Tags: sid stretch
> User: reproducible-bui...@lists.alioth.debian.org
> Usertags: ftbfs
> X-Debbugs-CC: reproducible-bui...@lists.alioth.debian.org
> 
> Dear Maintainer,
> 
> The package fails to build:
> 
> gcc -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2
> -fdebug-prefix-map=/build/gap-guava-3.13+ds/2nd=.
> -fstack-protector-strong -Wformat -Werror=format-security
> -Wno-unused-result -Wl,-z,relro -Wl,-z,now -o leonconv leonconv.c
> cd leon make
> /bin/sh: line 0: cd: too many arguments
> Makefile:14: recipe for target 'all' failed
> 

I can reproduce the FTBFS within a schroot Sid environment on my amd64 box with 
bash as sh.
This shell issue is rather disturbing.

> 
> There's definitely an error in the Makefile:
> https://sources.debian.net/src/gap-guava/3.13%2Bds-1/src/Makefile/#L14
> 
> all :   $(FILES)
> cd leon make
> 

This code looks insane. I am on my way to attempt to harden it,


> 
> The variation appears to be that most shells treat this is "cd leon"
> (and ignore the rest of the arguments), whereas some shells reject it as
> an error:
> 
> % mkdir -p foo bar; for s in bash zsh dash posh sh; do $s -c 'cd foo bar'; 
> done
> zsh:cd:1: string not in pwd: foo
> posh: cd: too many arguments
> 
> (the others succeed)
> 
> I have no idea what upstream intended there.
> 
> A full build log can be seen on the reproducible-builds builders, which
> vary the shell (between bash and.. some sh):
> https://tests.reproducible-builds.org/debian/unstable/amd64/gap-guava
> 

Thanks,
Jerome


- -- 
Jerome BENOIT | calculus+at-rezozer^dot*net
https://qa.debian.org/developer.php?login=calcu...@rezozer.net
AE28 AE15 710D FF1D 87E5  A762 3F92 19A6 7F36 C68B
-BEGIN PGP SIGNATURE-

iQQcBAEBCgAGBQJYZvAWAAoJED+SGaZ/NsaLJBAgALNPE1jQx+vhGMGWTiFUJytV
U9s3YDlwrnWN0BC+XIKOYouz7PXxgqZ7n5j4vbFhD2bUARxizYXjedWs7ClidGig
PR2vFyuNHz63PP2NOyDDr+VPr2deIPSSsA1M3V5lJ1jzP6KJeK/JdrWRfMxgmwJT
MdQZoLJsLADbJm+gY05iiK3juKwLkwS3TBRf1YVj9Qk1w+G226c2NLZu/8HylE0y
cJCGUgAMJxiVViwoS6ycVcQ3GE0stAbtIw/Str7sDtAzcylweD6DEwkxg3/sNowT
YB5yXpnELUPOBbM94nwRMOnIXbBjtCjpNS0Rv3ULBiFb/VgNdAijhIdRF+Xh/QxU
ltkvcCmuV6jx7Kp2tKv0xQyktBvEoCq2RWxOsvOKqW3j/7HHa25OWno+icddslUE
6l9sJsN12NO6hQcmJKwNciof6+f7vkTtq6AT5iDWFjlfx6tCVQY1NBJU9EPX/C+P
BvXbXzXtAvP4izAByyTbNiHaylDc8LaXGXMk8AWu1ZWWStI86L8wrL0L3AqF2V2l
648BvPIMgnOc0ljlEN+8ITOSpyzDEtPnNz/jPdIKcuIJ+o8RnAvgQ0xvaFzRz69k
a1IFSeIkAXkNmW06hUN1oTJH8clTsnMCNRmr7QvjbGM9IyWXkCrZz1yQxLfAkQdg
U4fHZmuOl92TyEIePO7V85C/GDB//+1fA2mf//QFFSvN5tfVhY6tXWgRhkLLsi3C
JceuMQl0CIQZIksznlJCT0uO99F6JOdeYuYq5nfXtZriaJCtiLhoAuZmjoUnrind
Iiy7tC6jErgCQ0fluCbCw3sey9joUKKePR8BwDMhZKpvDo4+KU6+gYD8aasqSeaw
euDZi5b73g4eoM7Xz2g9arCLBFnIn8Fd7h9LFHXNtSmK4jsDcL0Pa4TDcsmC9faX
TIj2EZLi9lG0SSU5ChwZ294wegeETw4y9chFYANNyBf/67ixICJtonJUjKDOHEj7
yQCxD9zivwCxMJZyHC1N3aJM/vpQiBAGpQ4H7NgK2KWfjXHkmZSGsaF7MbQLJfqF
iWOAQFyEoeb54gLcZ5rAgy6IdrJ4FzlqL2FKFl9AyvcLGQIg5w6Hl0M3zYwHuyaP
lh6+IDy32tTAgWCWf6L9UWbhK3M5jwcZCsK8OJUhMfSNNtAS2j2wS6M37bI6JAlj
FyD3rkrCXHsZKIBuxvmtwG/zWJ/tGs737aoGlBepNPmTE4R6/s7NtdYOz5tmG2EZ
o+aH9Bhzn0kF6SOBBWtgKbYHuPUpbeCru50m55w7fFd3PJ9vNFJHc9X8dP0KJJbs
BnfqDtLhMy6L7ywRtqVKU+V23Asg1TeQkRLYaXLq1Ox3XU1VM4omRuusXTMlgRc=
=YI3F
-END PGP SIGNATURE-

Bug#849779: nvidia-driver: Nvidia packages crashed the OS - Not bootable after installing them

[Luca Boccassi]

Control: severity -1 normal
Control: close -1

On Fri, 2016-12-30 at 19:20 -0300, Mariel Opazo Damiani wrote:
> Package: nvidia-driver
> Version: dont know, had to purge it out of the system. Latest one available 
> right before  Dec 30, 2016.
> Severity: critical
> Justification: breaks the whole system
> 
> Dear Maintainer,
> 
> Was trying to install an nvidia video card driver because linux didnt detect 
> it existed at all. 
> First tried with the package nvidia-detect but it said it didnt detect 
> anything.
> Then I manually downloaded the driver from nvidias webpage, installed it and 
> nothing changed, no video card detected. 
> Then moved onto the last thing I had read to work and added a non free 
> repository so I could downlaod nvidia-smi and nvidia-driver. 
> Downloaded both and also the package nvidia-xconfig, used the command 
> "nvidia-driver" and followed it with "nvidia-xconfig", restarted the computer 
> and it wouldnt boot. 
> Had to purge all nvidia related packages out of my system and restore the 
> file "xorg.conf" to its previous state (completely blank) to get my computer 
> to work again.
> 
> The video card in question is NVIDIA GeForce 940-mx (2GB). Checked the 
> supported video cards by NVIDIA and mine is one of them. 

On an optimus system the base driver cannot be installed by itself. See
https://wiki.debian.org/Bumblebee

To use the proprietary driver on an optimus system the bumblebee-nvidia
package is needed.

Furthermore, as Nvidia's website states, the minimum driver version for
the 940mx is the 352 series, so the nvidia-driver in jessie is too old.
Make sure to install all the packages from backports:

sudo apt-get install -t jessie-backports bumblebee-nvidia

So closing this as invalid. If you have issues with bumblebee, please
open a separate bug against that package.

Kind regards,
Luca Boccassi


signature.asc
Description: This is a digitally signed message part

Processed: Re: Bug#849779: nvidia-driver: Nvidia packages crashed the OS - Not bootable after installing them

[Debian Bug Tracking System]

Processing control commands:

> severity -1 normal
Bug #849779 [nvidia-driver] nvidia-driver: Nvidia packages crashed the OS - Not 
bootable after installing them
Severity set to 'normal' from 'critical'
> close -1
Bug #849779 [nvidia-driver] nvidia-driver: Nvidia packages crashed the OS - Not 
bootable after installing them
Marked Bug as done

-- 
849779: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849779
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: jruby: FTBFS (sbuild hangs)

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 849217 + unreproducible
Bug #849217 [src:jruby] jruby: FTBFS (sbuild hangs)
Added tag(s) unreproducible.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
849217: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849217
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#849779: More information

[Mariel O]

I first tried to fix the system by deleting xorg.conf, since it was the only 
file the commands said they had changed. When turning on  my computer an error 
appeared that it couldn't log in, a white screen with an image and message that 
I don't recall what said.


It wasn't the black screen that represents the system thinking to log in (how 
it would stay infinitely), it was an error screen.  I restored the file to its 
nvidia configuration because I went to sleep and wanted things to be left out 
as they were when the problem arose.


The next day I logged in as root, purged every single package that had "nvidia" 
in its name, since I knew one of them was doing something that was screwing 
with more than just the "xorg.conf" file and rebooted. It didn't reboot to 
regular OS, it reboot to only having the shell, not a graphics interactive 
because it didn't detect the screen. Went in to the folder containing 
"xorg.conf" and changed it back to the original one (blank), for some reason 
the purging didn't touch this file. Then restarted again and it logged in fine.

Processed: Re: Bug#835542: flex: comparison between signed and unsigned integer expressions

[Debian Bug Tracking System]

Processing control commands:

> tag -1 patch pending
Bug #835542 [flex] flex: comparison between signed and unsigned integer 
expressions
Added tag(s) pending and patch.

-- 
835542: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=835542
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#835542: flex: comparison between signed and unsigned integer expressions

[Christoph Berg]

Control: tag -1 patch pending

Re: Vladimír Čunát 2016-09-27 

> I'm curious: will there be a fix for 2.6.1?

I've just uploaded flex_2.6.1-1.2_source.changes fixing this to
delayed/5, patch attached.

 debian/NEWS.Debian |2 +-
 debian/changelog   |   12 +
 src/flex.skl   |   10 
 src/gen.c  |2 +-
 src/skel.c |   70 ++--
 5 files changed, 54 insertions(+), 42 deletions(-)

The net change is in flex.skl + gen.c; skel.c is generated from these.

Christoph

No differences were encountered between the control files

diff -Nru flex-2.6.1/debian/changelog flex-2.6.1/debian/changelog
--- flex-2.6.1/debian/changelog	2016-12-30 23:28:29.0 +0100
+++ flex-2.6.1/debian/changelog	2016-12-30 23:28:29.0 +0100
@@ -1,3 +1,15 @@
+flex (2.6.1-1.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Cherry-pick 1da19feba7c957e0f0af0c3eeadc29e8c82b0ca3,
+cf4121fa97abac8aeaa5e08b8fc0b2380228494e and
+8c098febc9a599397921e9b6938b7fb85e38cc7e from upstream to fix comparison
+between signed and unsigned integer expressions in generated lexer
+(Closes: #835542).
+  * Fix distribution in last upload's NEWS.Debian.
+
+ -- Christoph Berg   Fri, 30 Dec 2016 20:29:41 +0100
+
 flex (2.6.1-1.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru flex-2.6.1/debian/NEWS.Debian flex-2.6.1/debian/NEWS.Debian
--- flex-2.6.1/debian/NEWS.Debian	2016-12-30 23:28:29.0 +0100
+++ flex-2.6.1/debian/NEWS.Debian	2016-12-30 23:28:29.0 +0100
@@ -1,4 +1,4 @@
-flex (2.6.1-1.1) UNRELEASED; urgency=medium
+flex (2.6.1-1.1) unstable; urgency=medium
 
In this upload, the flex package drops its dependency on libfl-dev, because
it is impossible to forward the correct architecture constraint. It contains
diff -Nru flex-2.6.1/src/flex.skl flex-2.6.1/src/flex.skl
--- flex-2.6.1/src/flex.skl	2016-12-30 23:28:29.0 +0100
+++ flex-2.6.1/src/flex.skl	2016-12-30 23:28:29.0 +0100
@@ -1661,7 +1661,7 @@
 M4_YY_DECL_GUTS_VAR();
 	char *dest = YY_CURRENT_BUFFER_LVALUE->yy_ch_buf;
 	char *source = YY_G(yytext_ptr);
-	yy_size_t number_to_move, i;
+	int number_to_move, i;
 	int ret_val;
 
 	if ( YY_G(yy_c_buf_p) > _CURRENT_BUFFER_LVALUE->yy_ch_buf[YY_G(yy_n_chars) + 1] )
@@ -1690,7 +1690,7 @@
 	/* Try to read more data. */
 
 	/* First move last chars to start of buffer. */
-	number_to_move = (yy_size_t) (YY_G(yy_c_buf_p) - YY_G(yytext_ptr)) - 1;
+	number_to_move = (int) (YY_G(yy_c_buf_p) - YY_G(yytext_ptr) - 1);
 
 	for ( i = 0; i < number_to_move; ++i )
 		*(dest++) = *(source++);
@@ -1778,7 +1778,7 @@
 	else
 		ret_val = EOB_ACT_CONTINUE_SCAN;
 
-	if ((int) (YY_G(yy_n_chars) + number_to_move) > YY_CURRENT_BUFFER_LVALUE->yy_buf_size) {
+	if ((YY_G(yy_n_chars) + number_to_move) > YY_CURRENT_BUFFER_LVALUE->yy_buf_size) {
 		/* Extend the array by 50%, plus the number we really need. */
 		int new_size = YY_G(yy_n_chars) + number_to_move + (YY_G(yy_n_chars) >> 1);
 		YY_CURRENT_BUFFER_LVALUE->yy_ch_buf = (char *) yyrealloc(
@@ -2451,11 +2451,11 @@
 	YY_BUFFER_STATE b;
 	char *buf;
 	yy_size_t n;
-	yy_size_t i;
+	int i;
 m4_dnl M4_YY_DECL_GUTS_VAR();
 
 	/* Get memory for full buffer, including space for trailing EOB's. */
-	n = (yy_size_t) _yybytes_len + 2;
+	n = (yy_size_t) (_yybytes_len + 2);
 	buf = (char *) yyalloc( n M4_YY_CALL_LAST_ARG );
 	if ( ! buf )
 		YY_FATAL_ERROR( "out of dynamic memory in yy_scan_bytes()" );
diff -Nru flex-2.6.1/src/gen.c flex-2.6.1/src/gen.c
--- flex-2.6.1/src/gen.c	2016-03-01 12:08:30.0 +0100
+++ flex-2.6.1/src/gen.c	2016-12-30 23:28:29.0 +0100
@@ -1973,7 +1973,7 @@
 		("if ( yy_act != YY_END_OF_BUFFER && yy_rule_can_match_eol[yy_act] )");
 	++indent_level;
 	indent_puts ("{");
-	indent_puts ("yy_size_t yyl;");
+	indent_puts ("int yyl;");
 	do_indent ();
 	out_str ("for ( yyl = %s; yyl < yyleng; ++yyl )\n",
 		 yymore_used ? (yytext_is_array ? "YY_G(yy_prev_more_offset)" :
diff -Nru flex-2.6.1/src/skel.c flex-2.6.1/src/skel.c
--- flex-2.6.1/src/skel.c	2016-03-02 01:54:10.0 +0100
+++ flex-2.6.1/src/skel.c	2016-12-30 23:28:29.0 +0100
@@ -18,10 +18,10 @@
   "%#  through m4. Macros beginning with `m4_' will be processed.",
   "%#  The quoting is \"[[\" and \"]]\" so we don't interfere with",
   "%#  user code.",
-  "%# ",
+  "%#",
   "%# All generate macros for the m4 stage contain the text \"m4\" or \"M4\"",
   "%# in them. This is to distinguish them from CPP macros.",
-  "%# The exception to this rule is YY_G, which is an m4 macro, ",
+  "%# The exception to this rule is YY_G, which is an m4 macro,",
   "%# but it needs to be remain short because it is used everywhere.",
   "%#",
   "/* A lexical scanner generated by flex */",
@@ -34,7 +34,7 @@
   "m4_changequote",
   "m4_changequote([[, ]])",
   "",
-  "%# ",
+  "%#",
   "%# 

Bug#849531: [Logwatch-devel] Bug#849531: Possible security problem, new logwatch sends mails with charset UTF-8

['Klaus Ethgen']

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Am Fr den 30. Dez 2016 um 22:53 schrieb Jason Pyeron:
> You would have the same issue with cat /var/log/x

True. That is the reason I always tell the people not to use cat for
that. (There is only little you should use cat for ever.)

I seen many problems occure because an admin not listening.

Regards
   Klaus
- -- 
Klaus Ethgen   http://www.ethgen.ch/
pub  4096R/4E20AF1C 2011-05-16Klaus Ethgen 
Fingerprint: 85D4 CA42 952C 949B 1753  62B3 79D0 B06F 4E20 AF1C
-BEGIN PGP SIGNATURE-
Comment: Charset: ISO-8859-1

iQGzBAEBCgAdFiEEMWF28vh4/UMJJLQEpnwKsYAZ9qwFAlhm39wACgkQpnwKsYAZ
9qwDZAwAtKQHpIpI+l+rVG+/1TUs5xguzj3Yox7ZCc3irYbDiq5Q6qty95ZRiyv5
HYMJhTQjYjV7Spz7EBYllxfZ7ZvSxxKRmH7Zvbw3RGZFOGVRFUQ0uAJIylzh9x7U
Ugh5LyhYhJsxeK5PRrWuKj6ARYIHivyaNEce/bQ6XzP2rK6mEZJJZhJJ8q1djei4
8cCCvfOBjjug1qQmbdwc8uGDr4fPz32gc1DhdeZY4HUSBXa9Ib7dl3XIP27vU28K
FId+ZtkdE8ObHIuw/c8w8odB8k3D/20Q6axrCUAYZVmdXeqbXhL88Iz6K5Ugx9uo
NxK+4xG2kez9J06s2RDtZzPwwS4Kaa5un8v5hItZg39zikVYFtLiNLJM+IIpSos0
tszgLrFRKmM+IFXkj3eZabE/dYU230AT62vxg6wqzNh3zNTJucPan2i3ad7vCKcs
Sjy+O238p1CSjmZsI6A9iodMPnsbm3pTFUm9p7WM5x9MjgfBMMNPPVeASWBEdry0
ezxxPXPJ
=Jl6P
-END PGP SIGNATURE-

Bug#849779: nvidia-driver: Nvidia packages crashed the OS - Not bootable after installing them

[Mariel Opazo Damiani]

Package: nvidia-driver
Version: dont know, had to purge it out of the system. Latest one available 
right before  Dec 30, 2016.
Severity: critical
Justification: breaks the whole system

Dear Maintainer,

Was trying to install an nvidia video card driver because linux didnt detect it 
existed at all. 
First tried with the package nvidia-detect but it said it didnt detect anything.
Then I manually downloaded the driver from nvidias webpage, installed it and 
nothing changed, no video card detected. 
Then moved onto the last thing I had read to work and added a non free 
repository so I could downlaod nvidia-smi and nvidia-driver. 
Downloaded both and also the package nvidia-xconfig, used the command 
"nvidia-driver" and followed it with "nvidia-xconfig", restarted the computer 
and it wouldnt boot. 
Had to purge all nvidia related packages out of my system and restore the file 
"xorg.conf" to its previous state (completely blank) to get my computer to work 
again.

The video card in question is NVIDIA GeForce 940-mx (2GB). Checked the 
supported video cards by NVIDIA and mine is one of them. 

-- System Information:
Debian Release: 8.6
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#849775: emacs24: FTBFS randomly (Wrong type argument: number-or-marker-p, nil)

[Rob Browning]

Santiago Vila  writes:

> This is essentially the same bug as #842728, but in emacs24.
> [ If you need a full build log, just say so and I will include it ]
>
> I guess, but I don't really know, that the same fix that worked
> for emacs25 should work here as well. 

OK, thanks -- I'm going to hold off on this for a couple of days.  We're
waiting to hear back from the release team about the possibility of
switching emacs-defaults to emacs25 and then removing emacs24 from
stretch.

  https://lists.debian.org/debian-emacsen/2016/12/msg00016.html

-- 
Rob Browning
rlb @defaultvalue.org and @debian.org
GPG as of 2011-07-10 E6A9 DA3C C9FD 1FF8 C676 D2C4 C0F0 39E9 ED1B 597A
GPG as of 2002-11-03 14DD 432F AE39 534D B592 F9A0 25C8 D377 8C7E 73A4

Bug#717487: marked as done (please keep xfm out of testing (I plan to request removal))

[Debian Bug Tracking System]

Your message dated Fri, 30 Dec 2016 22:07:59 +
with message-id 
and subject line Bug#849772: Removed package(s) from unstable
has caused the Debian Bug report #717487,
regarding please keep xfm out of testing (I plan to request removal)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
717487: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717487
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: xfm
Version: 1.5.4-3
Severity: serious

As xfm lost updates to file format detection as libmagic no longer
ships magic definitions for other programs and due to its old age,
I plan to request removal of xfm.

To give anyone a fair warning time, I'm filing this bug to keep it
out of testing.

I've filed a RFA as #717486, feel free to adopt the package if you want
it to live longer instead.

Bernhard R. Link
--- End Message ---
--- Begin Message ---
Version: 1.5.4-3+rm

Dear submitter,

as the package xfm has just been removed from the Debian archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see https://bugs.debian.org/849772

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmas...@ftp-master.debian.org.

Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)--- End Message ---

Bug#817486: marked as done (gotmail: Removal of debhelper compat 4)

[Debian Bug Tracking System]

Your message dated Fri, 30 Dec 2016 22:06:32 +
with message-id 
and subject line Bug#849702: Removed package(s) from unstable
has caused the Debian Bug report #817486,
regarding gotmail: Removal of debhelper compat 4
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
817486: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=817486
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: gotmail
Severity: important
Usertags: compat-4-removal

Hi,

The package gotmail uses debhelper with a compat level of 4,
which is deprecated and scheduled for removal.

 * Please bump the debhelper compat at your earliest convenience.
   on the 15th of June.
   - Compat 9 is recommended
   - Compat 5 is the bare minimum
   - If the package has been relying on dh_install being lenient about
 missing files, please see "MIGRATING TO COMPAT 5 OR LATER" in [1].

 * Compat level 4 will be removed on the first debhelper upload after
   the 15th of June.

Thanks,
~Niels

[1] https://lists.debian.org/debian-devel/2015/09/msg00257.html
--- End Message ---
--- Begin Message ---
Version: 0.9.0-1+rm

Dear submitter,

as the package gotmail has just been removed from the Debian archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see https://bugs.debian.org/849702

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmas...@ftp-master.debian.org.

Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)--- End Message ---

Bug#845517: marked as done (system-storage-manager: fails to report listing)

[Debian Bug Tracking System]

Your message dated Fri, 30 Dec 2016 22:05:49 +
with message-id 
and subject line Bug#849671: Removed package(s) from unstable
has caused the Debian Bug report #845517,
regarding system-storage-manager: fails to report listing
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
845517: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845517
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: system-storage-manager
Version: 0.4-1
Severity: grave
Justification: renders package unusable


In its current form, ssm is not much useful. And given that it now lacks
a maintainer,  it is more advisable to not see it part of Stretch,
unless someone takes over this package.

This bug report is to ensure that, in its current form,
system-storage-manager does not become part of Debian Stable.

rrs@chutzpah:~$ sudo ssm list
[sudo] password for rrs:
Traceback (most recent call last):
  File "/usr/bin/ssm", line 33, in 
sys.exit(main.main())
  File "/usr/lib/python2.7/dist-packages/ssmlib/main.py", line 1709, in main
args.func(args)
  File "/usr/lib/python2.7/dist-packages/ssmlib/main.py", line 1115, in list
self.dev.ptable()
  File "/usr/lib/python2.7/dist-packages/ssmlib/main.py", line 795, in dev
self._dev = Devices(options=self.options)
  File "/usr/lib/python2.7/dist-packages/ssmlib/main.py", line 672, in __init__
my_btrfs = btrfs.BtrfsDev(options=self.options)
  File "/usr/lib/python2.7/dist-packages/ssmlib/backends/btrfs.py", line 408, 
in __init__
super(BtrfsDev, self).__init__(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/ssmlib/backends/btrfs.py", line 133, 
in __init__
fs_used = get_real_number(array[6])
  File "/usr/lib/python2.7/dist-packages/ssmlib/backends/btrfs.py", line 36, in 
get_real_number
number = float(string[0:-2])
ValueError: invalid literal for float(): 4.84G
13:47 ____  => 1  


-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (990, 'testing'), (500, 'unstable-debug'), 
(500, 'testing-debug'), (100, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.8.9brk0+ (SMP w/4 CPU cores)
Locale: LANG=en_IN, LC_CTYPE=en_IN (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages system-storage-manager depends on:
ii  btrfs-tools4.7.3-1
ii  cryptsetup-bin 2:1.7.3-2
ii  dmsetup2:1.02.136-1
ii  libpython2.7-stdlib [python-argparse]  2.7.12-5
ii  lvm2   2.02.167-1
ii  python 2.7.11-2
ii  xfsprogs   4.3.0+nmu1

system-storage-manager recommends no packages.

system-storage-manager suggests no packages.

-- no debconf information
--- End Message ---
--- Begin Message ---
Version: 0.4-1+rm

Dear submitter,

as the package system-storage-manager has just been removed from the Debian 
archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see https://bugs.debian.org/849671

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmas...@ftp-master.debian.org.

Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)--- End Message ---

Bug#838585: marked as done (libstoragemgmt: current version (1.2.3) shouldn't be part of Stretch)

[Debian Bug Tracking System]

Your message dated Fri, 30 Dec 2016 22:04:28 +
with message-id 
and subject line Bug#849670: Removed package(s) from unstable
has caused the Debian Bug report #838585,
regarding libstoragemgmt: current version (1.2.3) shouldn't be part of Stretch
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
838585: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838585
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: libstoragemgmt
Severity: grave
Justification: renders package unusable

This is a placeholder bug to indicate that libstoragemgmt shouldn't, in
its current form, be part of the Stretch Release.

I could request the removal of it from the archive, but I'm hopeful that
someone else may step up and take over its maintenance.

The package has been orphaned as mentioned in #824749

-- System Information:
Debian Release: stretch/sid
  APT prefers testing-debug
  APT policy: (990, 'testing-debug'), (990, 'unstable'), (990, 'testing'), 
(500, 'unstable-debug'), (101, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.8.0-rc7alxb+ (SMP w/4 CPU cores)
Locale: LANG=en_IN.utf8, LC_CTYPE=en_IN.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
Version: 1.2.3-1+rm

Dear submitter,

as the package libstoragemgmt has just been removed from the Debian archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see https://bugs.debian.org/849670

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmas...@ftp-master.debian.org.

Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)--- End Message ---

Bug#849531: [Logwatch-devel] Bug#849531: Possible security problem, new logwatch sends mails with charset UTF-8

[Jason Pyeron]

> -Original Message-
> From: Willi Mann
> Sent: Friday, December 30, 2016 16:21
> To: Klaus Ethgen; 849...@bugs.debian.org
> Cc: logwatch-de...@lists.sourceforge.net
> Subject: Re: [Logwatch-devel] Bug#849531: Possible security 
> problem, new logwatch sends mails with charset UTF-8
> 
> Hi Klaus,
> 
> Am 2016-12-30 um 18:36 schrieb Klaus Ethgen:
> > Hi Willi,
> > 
> > Am Fr den 30. Dez 2016 um 18:18 schrieb Willi Mann:
> >> can you elaborate how this could be exploited?
> > 
> > Well, log principally contains untrusted data that could be injected
> > from untrusted source. That is no security hole itself.
> > 
> > But when that data gets displayed with the wrong charset, that can
> > trigger problems in window managers (for example). See 
> xterm which can
> > be controlled via ansii sequences. Even more, it could 
> trigger stream
> > conversion problems if the UTF-8 implementation is not really fully
> > tested with broken streams.

You would have the same issue with cat /var/log/x



> 
> So far, I cannot see that the change you mentioned would be 
> problematic.

Adding the binmode(OUTFILE, ":utf8"); fixes your primary report.

> What I do see is that it might be wise to sanitize the output of
> logwatch. A possible way to go might be to remove any byte 
> with value <
> 0x20 - unless it is a newline or tab. But that is independent of the
> ISO-8859-15 to utf-8 change.

Please open a new bug for this enhancement, as it a different issue.

-Jason

Bug#849777: shutter: CVE-2016-10081: Insecure use of perl exec()

[Salvatore Bonaccorso]

Source: shutter
Version: 0.88.3-1
Severity: grave
Tags: upstream security
Justification: user security hole
Forwarded: https://bugs.launchpad.net/shutter/+bug/1652600

Hi,

the following vulnerability was published for shutter.

CVE-2016-10081[0]:
| /usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote
| attackers to execute arbitrary commands via a crafted image name that
| is mishandled during a "Run a plugin" action.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2016-10081
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10081
[1] https://bugs.launchpad.net/shutter/+bug/1652600

Regards,
Salvatore

Bug#849775: emacs24: FTBFS randomly (Wrong type argument: number-or-marker-p, nil)

[Santiago Vila]

Package: src:emacs24
Version: 24.5+1-7.1
Severity: serious

Dear maintainer:

I tried to build this package in stretch with "dpkg-buildpackage -A"
(which is what the "Arch: all" autobuilder would do to build it)
but it failed:


[...]
 debian/rules build-indep
dh build-indep --parallel
   debian/rules override_dh_testdir
make[1]: Entering directory '/<>/emacs24-24.5+1'
dh_testdir debian/emacsVER.postinst
make[1]: Leaving directory '/<>/emacs24-24.5+1'
   dh_update_autotools_config -i -O--parallel
   debian/rules override_dh_auto_configure
make[1]: Entering directory '/<>/emacs24-24.5+1'
dh_testdir debian/emacsVER.postinst
./autogen.sh
Checking whether you have the necessary tools...
(Read INSTALL.REPO for more details on building Emacs)

[... snipped ...]

make[3]: Entering directory '/<>/emacs24-24.5+1/debian/build-nox/lisp'
cd ../leim && /usr/bin/make -w all EMACS="../src/emacs"
make[4]: Entering directory '/<>/emacs24-24.5+1/debian/build-nox/leim'
EMACSLOADPATH= '../src/emacs' -batch --no-site-file --no-site-lisp -batch -l 
ja-dic-cnv \
  -f batch-skkdic-convert -dir "./../lisp/leim/ja-dic" \
  "./SKK-DIC/SKK-JISYO.L"
Reading file 
"/<>/emacs24-24.5+1/debian/build-nox/leim/SKK-DIC/SKK-JISYO.L" ...
Processing OKURI-ARI entries ...
Processing POSTFIX entries ...
Processing PREFIX entries ...
Collecting OKURI-NASI entries ...
collected 26% ...
collected 30% ...
collected 40% ...
collected 50% ...
collected 60% ...
collected 70% ...
collected 80% ...
collected 90% ...
Processing OKURI-NASI entries ...
processed 10% ...
processed 20% ...
processed 30% ...
processed 40% ...
processed 50% ...
processed 60% ...
processed 70% ...
processed 80% ...
processed 90% ...
processed 100% ...
Saving file 
/<>/emacs24-24.5+1/debian/build-nox/lisp/leim/ja-dic/ja-dic.el...
Wrong type argument: number-or-marker-p, nil
Makefile:138: recipe for target '../lisp/leim/ja-dic/ja-dic.el' failed
make[4]: *** [../lisp/leim/ja-dic/ja-dic.el] Error 255
make[4]: Leaving directory '/<>/emacs24-24.5+1/debian/build-nox/leim'
Makefile:335: recipe for target 'leim' failed
make[3]: *** [leim] Error 2
make[3]: Leaving directory '/<>/emacs24-24.5+1/debian/build-nox/lisp'
Makefile:365: recipe for target 'lisp' failed
make[2]: *** [lisp] Error 2
make[2]: Leaving directory '/<>/emacs24-24.5+1/debian/build-nox'
debian/rules:368: recipe for target 'override_dh_auto_build' failed
make[1]: *** [override_dh_auto_build] Error 2
make[1]: Leaving directory '/<>/emacs24-24.5+1'
debian/rules:235: recipe for target 'build-indep' failed
make: *** [build-indep] Error 2
dpkg-buildpackage: error: debian/rules build-indep gave error exit status 2


This is essentially the same bug as #842728, but in emacs24.
[ If you need a full build log, just say so and I will include it ]

I guess, but I don't really know, that the same fix that worked
for emacs25 should work here as well. 

Thanks.

Bug#849531: Possible security problem, new logwatch sends mails with charset UTF-8

[Willi Mann]

Hi Klaus,

Am 2016-12-30 um 18:36 schrieb Klaus Ethgen:
> Hi Willi,
> 
> Am Fr den 30. Dez 2016 um 18:18 schrieb Willi Mann:
>> can you elaborate how this could be exploited?
> 
> Well, log principally contains untrusted data that could be injected
> from untrusted source. That is no security hole itself.
> 
> But when that data gets displayed with the wrong charset, that can
> trigger problems in window managers (for example). See xterm which can
> be controlled via ansii sequences. Even more, it could trigger stream
> conversion problems if the UTF-8 implementation is not really fully
> tested with broken streams.

OK, I understand that text from untrusted sources is dangerous and could
be harmful to your terminal - and that it is better to assume logfiles
to be such an untrusted source. However, the change only affects
mailers, right? For mailers, I would expect them to not trust any mails
they get, and therefore to remove any dangerous byte sequences.
Otherwise, the mailer contains the security hole - and an attacker does
not need to go via logfiles and logwatch, he just sends you mail.

When running logwatch such that it writes its output to the terminal,
the change does not have any effect on the security, right?. If there is
a security issue with untrusted data, it was already there before.

So far, I cannot see that the change you mentioned would be problematic.
What I do see is that it might be wise to sanitize the output of
logwatch. A possible way to go might be to remove any byte with value <
0x20 - unless it is a newline or tab. But that is independent of the
ISO-8859-15 to utf-8 change.

Bye
Willi

Bug#849390: google-android-installers

[Hans-Christoph Steiner]

It turns out that the approach in google-android-installers is not
maintainable going forward, so we need to split out each source package
from google-android-installers into its own source package.  So we'll
need to remove google-android-ndk-installer from
google-android-installers.  We can leave the rest in
google-android-installers as is for stretch.

Also, only the source package of google-android-installers is
1472023576, the google-android-ndk-installer binary package produced by
it has a binary package version of 12.b+1.

Bug#849196: Sometimes, supress_warnings misses one of its attributes

[Ole Streicher]

Hi Sandro,

On 30.12.2016 15:01, Sandro Tosi wrote:
> On Fri, Dec 23, 2016 at 9:47 AM, Ole Streicher  wrote:
>> This is a regression; it did not happen with 1.11. Please fix this
>> regression ASAP so that skimage can migrate safely before the freeze.
> 
> as asked on the github issue, is disabling parallel tests execution in
> skimage a viable temporary solution?

For the moment, I disabled the build time tests in skimage completely
because of #849196, to ensure it migrates before the freeze (I took the
really latest chance to do so). Therefore, I would not touch the package
before Jan 5. Once it is in testing, It would be however very important
to re-enable the tests, since this is more a crude hack than a clean
solution.

Unfortunately, I am not familar with the skimage code (I just did the
firefighter job here); specifically I don't know where to switch off
parallel tests, and what other implications that has. Maybe, you discuss
this with Yaroslav (in Cc), who is the skimage package maintainer? Also
the parallel bug I opened on the "scikit-image" github (referenced on
the numpy issue) may help there. Finally, Yaroslav should decide here.

I personally however would much more prefer to go back to the latest
numpy 1.11 in testing, and update only after 1.12 is released. I very
dislike having workarounds because a beta or a release candidate
uploaded to testing is buggy. And I would also prefer not to have a beta
or RC shipped with Stretch.

Best regards

Ole

Bug#849666: marked as done (gradm2: FTBFS on arm64: /usr/bin/ld: cannot find -lfl)

[Debian Bug Tracking System]

Your message dated Fri, 30 Dec 2016 19:48:48 +
with message-id 
and subject line Bug#849666: fixed in gradm2 3.1~201608131257-2
has caused the Debian Bug report #849666,
regarding gradm2: FTBFS on arm64: /usr/bin/ld: cannot find -lfl
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
849666: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849666
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: gradm2
Version: 3.1~201608131257-1
Severity: serious
Justification: fails to build from source
Tags: sid stretch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: ftbfs
X-Debbugs-CC: reproducible-bui...@lists.alioth.debian.org

Dear Maintainer,

The package fails to build:

/usr/bin/gcc -O2 -fPIC -fPIE -Wcast-qual -DGRSEC_DIR=\"/etc/grsec2\" 
-D_LARGEFILE64_SOURCE -o gradm2 gradm.tab.o lex.gradm.o learn_pass1.tab.o 
learn_pass2.tab.o fulllearn_pass1.tab.o fulllearn_pass2.tab.o 
fulllearn_pass3.tab.o gradm_misc.o gradm_parse.o gradm_arg.o gradm_pw.o 
gradm_opt.o gradm_cap.o gradm_sha256.o gradm_adm.o gradm_analyze.o gradm_res.o 
gradm_human.o gradm_learn.o gradm_net.o gradm_nest.o gradm_pax.o gradm_sym.o 
gradm_newlearn.o gradm_fulllearn.o gradm_lib.o lex.fulllearn_pass1.o 
lex.fulllearn_pass2.o lex.fulllearn_pass3.o lex.learn_pass1.o lex.learn_pass2.o 
grlearn_config.tab.o lex.grlearn_config.o gradm_globals.o gradm_replace.o -lfl 
-Wl,-z,relro -Wl,-z,now -pie
/usr/bin/ld: cannot find -lfl
collect2: error: ld returned 1 exit status
Makefile:61: recipe for target 'gradm2' failed
make[1]: *** [gradm2] Error 1


Full build log:
https://tests.reproducible-builds.org/debian/unstable/arm64/gradm2
--- End Message ---
--- Begin Message ---
Source: gradm2
Source-Version: 3.1~201608131257-2

We believe that the bug you reported is fixed in the latest version of
gradm2, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 849...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Laszlo Boszormenyi (GCS)  (supplier of updated gradm2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 30 Dec 2016 14:33:11 +
Source: gradm2
Binary: gradm2
Architecture: source amd64
Version: 3.1~201608131257-2
Distribution: unstable
Urgency: low
Maintainer: Laszlo Boszormenyi (GCS) 
Changed-By: Laszlo Boszormenyi (GCS) 
Description:
 gradm2 - Administration program for the grsecurity2 RBAC based ACL system
Closes: 849666
Changes:
 gradm2 (3.1~201608131257-2) unstable; urgency=low
 .
   * Add libfl-dev to build depends (closes: #849666).
Checksums-Sha1:
 50ef3dba9a2d4f6587a922b8ea5178b0c171a579 1839 gradm2_3.1~201608131257-2.dsc
 4ca53ff6ab9f91093f77f3dcbddffee47b3dea15 12780 
gradm2_3.1~201608131257-2.debian.tar.xz
 9a17cbdb56596480103b75434fe715ac7ef3962c 5375 
gradm2_3.1~201608131257-2_amd64.buildinfo
 ae67f30ac78a74c7773e6d63e26403585c57fa81 112210 
gradm2_3.1~201608131257-2_amd64.deb
Checksums-Sha256:
 c4d36d65a68565e36eff1e147f496e1868e76b78fcfaa4273b0b35713232f1be 1839 
gradm2_3.1~201608131257-2.dsc
 af86dc59b56ce61aac8cb9d76d26b26a35ef5efe9bc8ce328adeb6fe3229f378 12780 
gradm2_3.1~201608131257-2.debian.tar.xz
 0d0e308bbca6df53e329ace30c6d323efdfab021306be73c4cc57b2dfef5540b 5375 
gradm2_3.1~201608131257-2_amd64.buildinfo
 6d2e6e6f7efb02cc832c7bf27c0719810d488167f0518e09ffdc710419ec3303 112210 
gradm2_3.1~201608131257-2_amd64.deb
Files:
 82d056ebf7359f3dec02ac35d62cf942 1839 admin optional 
gradm2_3.1~201608131257-2.dsc
 471cca9b62f8d03f4e407131d1e5ca07 12780 admin optional 
gradm2_3.1~201608131257-2.debian.tar.xz
 2e5868599b43d18e4a4ff1e668e23bd0 5375 admin optional 
gradm2_3.1~201608131257-2_amd64.buildinfo
 7c83aea8126b52d36521de2fc1b73dd8 112210 admin optional 
gradm2_3.1~201608131257-2_amd64.deb

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAlhmtPgACgkQ3OMQ54ZM
yL9A0Q//fZMH5Ca/21ZF+uM0+fJ2NWqOaRy5KDFSgMbSA04ggjnn2LXn20AcE7Oj
ZVdEQ9duBbqqFkKUXx3yGs/MBNqupctW8T0ytuT2Rl7ltmA12SUI+rbCSQh1gGgQ
ALmseHMKvdOy52dZ/4LkpK6N+nyhObCOYIz7JaJPsaDYFdhScFE6xNwR99YfSKKH

Bug#849750: marked as done (Crashes the (LXDE) desktop)

[Debian Bug Tracking System]

Your message dated Fri, 30 Dec 2016 19:38:59 +
with message-id 
and subject line Bug#849750: fixed in libsfml 2.4.1+dfsg-2
has caused the Debian Bug report #849750,
regarding Crashes the (LXDE) desktop
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
849750: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849750
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

Package: marsshooter
Version: 0.7.6-1+b1
Severity: critical

Hi,

I installed the package, clicked on the menu entry and my lxde panel 
just disappeared. I restarted lxdm and retried : same effect!


Restarting lxdm and launching in a terminal, I get :

Cannot connect to server socket err = No such file or directory
Cannot connect to server request channel
jack server is not running or cannot be started
JackShmReadWritePtr::~JackShmReadWritePtr - Init not done for 
4294967295, skipping unlock
JackShmReadWritePtr::~JackShmReadWritePtr - Init not done for 
4294967295, skipping unlock

Searching for configuration file... Found /home/jpuydt/.marsshooter/mars.cfg
Searching for data files... Found /usr/share/games/marsshooter/
Happy Gaming...

(comment: it doesn't find jackd which isn't a problem, but

but the game doesn't display anything (it runs though: I have to ctrl+C 
to get the prompt back), and it looks like both the panel and the window 
manager are dead : all the running apps' windows turn borderless. I can 
still launch new apps by clicking on the desktop icons.


I didn't know if I should set the severity to grave or critical, but 
since the game is both not usable and trying to run it breaks something 
else, I settled for critical.


Hope that helps,

Snark on #debian-games
--- End Message ---
--- Begin Message ---
Source: libsfml
Source-Version: 2.4.1+dfsg-2

We believe that the bug you reported is fixed in the latest version of
libsfml, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 849...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
James Cowgill  (supplier of updated libsfml package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 30 Dec 2016 19:02:05 +
Source: libsfml
Binary: libsfml-dev libsfml-audio2.4 libsfml-graphics2.4 libsfml-network2.4 
libsfml-system2.4 libsfml-window2.4 libsfml-doc
Architecture: source
Version: 2.4.1+dfsg-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Games Team 
Changed-By: James Cowgill 
Description:
 libsfml-audio2.4 - Simple and Fast Multimedia Library - Audio part
 libsfml-dev - Simple and Fast Multimedia Library - Development Files
 libsfml-doc - Simple and Fast Multimedia Library - Documentation
 libsfml-graphics2.4 - Simple and Fast Multimedia Library - Graphics part
 libsfml-network2.4 - Simple and Fast Multimedia Library - Network part
 libsfml-system2.4 - Simple and Fast Multimedia Library - System part
 libsfml-window2.4 - Simple and Fast Multimedia Library - Window part
Closes: 849750
Changes:
 libsfml (2.4.1+dfsg-2) unstable; urgency=medium
 .
   * Fix segfaults triggered by sf::Window::setIcon. (Closes: #849750)
   * Use debhelper compat 10.
Checksums-Sha1:
 b0904f4c5ef8bac08898216b210d21a0ba92d509 2679 libsfml_2.4.1+dfsg-2.dsc
 d406103d2ac93659a68f95f1cc4a27c2ff0e4205 19196 
libsfml_2.4.1+dfsg-2.debian.tar.xz
Checksums-Sha256:
 80b0f9eb54f70d2b8e0152f6de4a38bd1cd8402a27bf77737d70677bd50e840c 2679 
libsfml_2.4.1+dfsg-2.dsc
 4c0d0e02f3df21cda05d927eb16ee992a917de744feaddf5950d413d9cab74e9 19196 
libsfml_2.4.1+dfsg-2.debian.tar.xz
Files:
 91f52646291e717a76004d6009a44ec3 2679 libs optional libsfml_2.4.1+dfsg-2.dsc
 c9d184409e75948a64e52db1e8841244 19196 libs optional 
libsfml_2.4.1+dfsg-2.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJIBAEBCgAyFiEE+Ixt5DaZ6POztUwQx/FnbeotAe8FAlhmr58UHGpjb3dnaWxs
QGRlYmlhbi5vcmcACgkQx/FnbeotAe+Nbw//brymlqoIpFZJkOrQHyUFPdrx/ZFb
i4fhKl3Nz8NDP8IiQGzxotrbkRxVGxoAwvWBENU0qbuvDKnY6oMGCCJN3WCUlVMA
VrkXuN3/QrvgeVLuE1wI5xxznZcHk4jAyON1kpjdUp+byTHaZrkzG/rPPQjYt2/q

Processed: Re: Bug#849666: gradm2: FTBFS on arm64: /usr/bin/ld: cannot find -lfl

[Debian Bug Tracking System]

Processing control commands:

> tags -1 -unreproducible
Bug #849666 [src:gradm2] gradm2: FTBFS on arm64: /usr/bin/ld: cannot find -lfl
Removed tag(s) unreproducible.

-- 
849666: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849666
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#849666: gradm2: FTBFS on arm64: /usr/bin/ld: cannot find -lfl

[GCS]

Control: tags -1 -unreproducible

On Fri, Dec 30, 2016 at 12:10 PM, Adrian Bunk  wrote:
> On Fri, Dec 30, 2016 at 08:36:55AM +0100, László Böszörményi wrote:
>> Will try the QEMU + pbuilder build as
>> well, but you might just got some other, transient problem.
>
> This does not look lika a transient problem:
>
> Recently (in 2.6.1-1.1) flex dropped the dependency on libfl-dev.
>
> RC bugs were filed for packages that now need a build-dependency on
> libfl-dev, but it is possible that gradm2 was missed for some reason.
 Indeed, gradm2 was missed. Added the libfl-dev build dependency and
upload will happen very soon.

Regards,
Laszlo/GCS

Bug#849531: [Logwatch-devel] Bug#849531: Possible security problem,new logwatch sends mails with charset UTF-8

[Jason Pyeron]

A very rudimentary test:

/projects/logwatch
$ perl -e 'for ($i=0; $i<256; ++$i) {print chr($i);}' | hexdump.exe -C
  00 01 02 03 04 05 06 07  08 09 0a 0b 0c 0d 0e 0f  ||
0010  10 11 12 13 14 15 16 17  18 19 1a 1b 1c 1d 1e 1f  ||
0020  20 21 22 23 24 25 26 27  28 29 2a 2b 2c 2d 2e 2f  | !"#$%&'()*+,-./|
0030  30 31 32 33 34 35 36 37  38 39 3a 3b 3c 3d 3e 3f  |0123456789:;<=>?|
0040  40 41 42 43 44 45 46 47  48 49 4a 4b 4c 4d 4e 4f  |@ABCDEFGHIJKLMNO|
0050  50 51 52 53 54 55 56 57  58 59 5a 5b 5c 5d 5e 5f  |PQRSTUVWXYZ[\]^_|
0060  60 61 62 63 64 65 66 67  68 69 6a 6b 6c 6d 6e 6f  |`abcdefghijklmno|
0070  70 71 72 73 74 75 76 77  78 79 7a 7b 7c 7d 7e 7f  |pqrstuvwxyz{|}~.|
0080  80 81 82 83 84 85 86 87  88 89 8a 8b 8c 8d 8e 8f  ||
0090  90 91 92 93 94 95 96 97  98 99 9a 9b 9c 9d 9e 9f  ||
00a0  a0 a1 a2 a3 a4 a5 a6 a7  a8 a9 aa ab ac ad ae af  ||
00b0  b0 b1 b2 b3 b4 b5 b6 b7  b8 b9 ba bb bc bd be bf  ||
00c0  c0 c1 c2 c3 c4 c5 c6 c7  c8 c9 ca cb cc cd ce cf  ||
00d0  d0 d1 d2 d3 d4 d5 d6 d7  d8 d9 da db dc dd de df  ||
00e0  e0 e1 e2 e3 e4 e5 e6 e7  e8 e9 ea eb ec ed ee ef  ||
00f0  f0 f1 f2 f3 f4 f5 f6 f7  f8 f9 fa fb fc fd fe ff  ||
0100

/projects/logwatch
$ perl -e 'binmode(STDOUT, ":utf8"); for ($i=0; $i<256; ++$i) {print STDOUT 
chr($i);}' | hexdump.exe -C
  00 01 02 03 04 05 06 07  08 09 0a 0b 0c 0d 0e 0f  ||
0010  10 11 12 13 14 15 16 17  18 19 1a 1b 1c 1d 1e 1f  ||
0020  20 21 22 23 24 25 26 27  28 29 2a 2b 2c 2d 2e 2f  | !"#$%&'()*+,-./|
0030  30 31 32 33 34 35 36 37  38 39 3a 3b 3c 3d 3e 3f  |0123456789:;<=>?|
0040  40 41 42 43 44 45 46 47  48 49 4a 4b 4c 4d 4e 4f  |@ABCDEFGHIJKLMNO|
0050  50 51 52 53 54 55 56 57  58 59 5a 5b 5c 5d 5e 5f  |PQRSTUVWXYZ[\]^_|
0060  60 61 62 63 64 65 66 67  68 69 6a 6b 6c 6d 6e 6f  |`abcdefghijklmno|
0070  70 71 72 73 74 75 76 77  78 79 7a 7b 7c 7d 7e 7f  |pqrstuvwxyz{|}~.|
0080  c2 80 c2 81 c2 82 c2 83  c2 84 c2 85 c2 86 c2 87  ||
0090  c2 88 c2 89 c2 8a c2 8b  c2 8c c2 8d c2 8e c2 8f  ||
00a0  c2 90 c2 91 c2 92 c2 93  c2 94 c2 95 c2 96 c2 97  ||
00b0  c2 98 c2 99 c2 9a c2 9b  c2 9c c2 9d c2 9e c2 9f  ||
00c0  c2 a0 c2 a1 c2 a2 c2 a3  c2 a4 c2 a5 c2 a6 c2 a7  ||
00d0  c2 a8 c2 a9 c2 aa c2 ab  c2 ac c2 ad c2 ae c2 af  ||
00e0  c2 b0 c2 b1 c2 b2 c2 b3  c2 b4 c2 b5 c2 b6 c2 b7  ||
00f0  c2 b8 c2 b9 c2 ba c2 bb  c2 bc c2 bd c2 be c2 bf  ||
0100  c3 80 c3 81 c3 82 c3 83  c3 84 c3 85 c3 86 c3 87  ||
0110  c3 88 c3 89 c3 8a c3 8b  c3 8c c3 8d c3 8e c3 8f  ||
0120  c3 90 c3 91 c3 92 c3 93  c3 94 c3 95 c3 96 c3 97  ||
0130  c3 98 c3 99 c3 9a c3 9b  c3 9c c3 9d c3 9e c3 9f  ||
0140  c3 a0 c3 a1 c3 a2 c3 a3  c3 a4 c3 a5 c3 a6 c3 a7  ||
0150  c3 a8 c3 a9 c3 aa c3 ab  c3 ac c3 ad c3 ae c3 af  ||
0160  c3 b0 c3 b1 c3 b2 c3 b3  c3 b4 c3 b5 c3 b6 c3 b7  ||
0170  c3 b8 c3 b9 c3 ba c3 bb  c3 bc c3 bd c3 be c3 bf  ||
0180
 
This confirms that binmode utf8 is needed to print out the full ASCII range.

> -Original Message-
> From: Jason Pyeron [mailto:jpye...@pdinc.us] 
> Sent: Friday, December 30, 2016 14:03
> To: Jason Pyeron; 'Willi Mann'; logwatch-de...@lists.sourceforge.net
> Cc: 849...@bugs.debian.org; 849531-forwar...@bugs.debian.org; 
> 'Klaus Ethgen'
> Subject: RE: [Logwatch-devel] Bug#849531: Possible security 
> problem,new logwatch sends mails with charset UTF-8
> 
> I have opened https://sourceforge.net/p/logwatch/bugs/56/ .
> 
> I am working a test case for this right now.
> 
> As I see it, there are 3 paths to test.
> 
> Output as STDOUT, file, and email. In each case does an 8bit 
> value (0x00..0xff unsigned) result in a valid UTF-8 character.
> 
> Is binmode(STDOUT, ":utf8") needed? Does it fix the issue if 
> it was needed?
> 
> > > -Original Message-
> > > From: Willi Mann
> > > Sent: Friday, December 30, 2016 12:18
> > > To: logwatch-devel
> > > Cc: 849...@bugs.debian.org; 
> 849531-forwar...@bugs.debian.org; Klaus Ethgen
> > > What would be your suggested fix?
> 
> 
> $ git show f9db5949c58321175bda66310156f43ae607109f
> commit f9db5949c58321175bda66310156f43ae607109f
> Author: bjorn 
> Date:   Sat Oct 15 17:38:40 2016 -0700
> 
> Changed encoding to UTF-8, as suggested by Goran Uddeborg.
> 
> diff --git a/scripts/logwatch.pl b/scripts/logwatch.pl
> index 0f863dc..0167755 100755
> --- a/scripts/logwatch.pl
> +++ b/scripts/logwatch.pl
> @@ -1162,9 +1162,9 @@ sub initprint {
>   }
>   

Bug#849531: [Logwatch-devel] Bug#849531: Possible security problem,new logwatch sends mails with charset UTF-8

[Jason Pyeron]

I have opened https://sourceforge.net/p/logwatch/bugs/56/ .

I am working a test case for this right now.

As I see it, there are 3 paths to test.

Output as STDOUT, file, and email. In each case does an 8bit value (0x00..0xff 
unsigned) result in a valid UTF-8 character.

Is binmode(STDOUT, ":utf8") needed? Does it fix the issue if it was needed?

> > -Original Message-
> > From: Willi Mann
> > Sent: Friday, December 30, 2016 12:18
> > To: logwatch-devel
> > Cc: 849...@bugs.debian.org; 849531-forwar...@bugs.debian.org; Klaus Ethgen
> > What would be your suggested fix?


$ git show f9db5949c58321175bda66310156f43ae607109f
commit f9db5949c58321175bda66310156f43ae607109f
Author: bjorn 
Date:   Sat Oct 15 17:38:40 2016 -0700

Changed encoding to UTF-8, as suggested by Goran Uddeborg.

diff --git a/scripts/logwatch.pl b/scripts/logwatch.pl
index 0f863dc..0167755 100755
--- a/scripts/logwatch.pl
+++ b/scripts/logwatch.pl
@@ -1162,9 +1162,9 @@ sub initprint {
  }
  #Config{output} html
  if ( $Config{'format'} eq "html" ) {
-$out_mime .= "Content-Type: text/html; charset=\"iso-8859-1\"\n\n";
+$out_mime .= "Content-Type: text/html; charset=\"UTF-8\"\n\n";
  } else {
-$out_mime .= "Content-Type: text/plain; 
charset=\"iso-8859-1\"\n\n";
+$out_mime .= "Content-Type: text/plain; charset=\"UTF-8\"\n\n";
  }

  if ($Config{'hostformat'} eq "split") { #8.0 check hostlimit also? or 
ne none?

Processed: Re: Processed (with 1 error): Re: Bug#849750: Crashes the (LXDE) desktop

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> reassign 849750 libsfml-window2.4 2.4.1+dfsg-1
Bug #849750 [marsshooter] Crashes the (LXDE) desktop
Bug reassigned from package 'marsshooter' to 'libsfml-window2.4'.
No longer marked as found in versions marsshooter/0.7.6-1.
Ignoring request to alter fixed versions of bug #849750 to the same values 
previously set
Bug #849750 [libsfml-window2.4] Crashes the (LXDE) desktop
Marked as found in versions libsfml/2.4.1+dfsg-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
849750: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849750
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed (with 1 error): Re: Bug#849750: Crashes the (LXDE) desktop

[Debian Bug Tracking System]

Processing control commands:

> reassign libsfml-window2.4 2.4.1+dfsg-1
Unknown command or malformed arguments to command.

> tags -1 pending
Bug #849750 [marsshooter] Crashes the (LXDE) desktop
Added tag(s) pending.

-- 
849750: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849750
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#849750: Crashes the (LXDE) desktop

[James Cowgill]

Control: reassign libsfml-window2.4 2.4.1+dfsg-1
Control: tags -1 pending

Hi,

On 30/12/16 17:24, Markus Koschany wrote:
> Control: severity -1 serious
> 
> On 30.12.2016 15:27, Julien Puydt wrote:
>> Package: marsshooter
>> Version: 0.7.6-1+b1
>> Severity: critical
>>
>> Hi,
>>
>> I installed the package, clicked on the menu entry and my lxde panel
>> just disappeared. I restarted lxdm and retried : same effect!
>>
>> Restarting lxdm and launching in a terminal, I get :
>>
>> Cannot connect to server socket err = No such file or directory
>> Cannot connect to server request channel
>> jack server is not running or cannot be started
>> JackShmReadWritePtr::~JackShmReadWritePtr - Init not done for
>> 4294967295, skipping unlock
>> JackShmReadWritePtr::~JackShmReadWritePtr - Init not done for
>> 4294967295, skipping unlock
>> Searching for configuration file... Found
>> /home/jpuydt/.marsshooter/mars.cfg
>> Searching for data files... Found /usr/share/games/marsshooter/
>> Happy Gaming...
>>
>> (comment: it doesn't find jackd which isn't a problem, but
>>
>> but the game doesn't display anything (it runs though: I have to ctrl+C
>> to get the prompt back), and it looks like both the panel and the window
>> manager are dead : all the running apps' windows turn borderless. I can
>> still launch new apps by clicking on the desktop icons.
>>
>> I didn't know if I should set the severity to grave or critical, but
>> since the game is both not usable and trying to run it breaks something
>> else, I settled for critical.
>>
>> Hope that helps,
> 
> Hello,
> 
> please help us by providing more information about your system next
> time. The reportbug tool is quite convenient for this matter because it
> automatically detects which Debian distribution you run, the
> architecture, and the versions of all installed package dependencies.
> Without those information I can only guess what went wrong. Also please
> always try to confirm or not confirm the bug with other games that use
> the same graphic stack. Very often the underlying issue is in SDL or
> SFML or even lower in the X or driver stack.
> 
> So for the record the game currently works fine on amd64, testing with
> GNOME 3. It doesn't work for me on i386, sid, Openbox, LXDE, Xfce4 and
> Enlightenment. The game just segfaults the moment when the window is
> normally created.
> 
> I am attaching a debug log with the relevant information. I am not sure
> if this is a bug in libsfml-window2.4 or marsshooter itself because I
> can't reproduce it with Extremetuxracer. I only know that the game
> worked fine a couple of months ago when I tried it on i386 and the code
> has not changed.

From the stacktrace, this bug is definitely this one related to the
sf::Window::setIcon function:
https://github.com/SFML/SFML/pull/1171

This would explain why it only crashes with marsshooter -
extremetuxracer doesn't try to change the application icon.

I can also reproduce LXDE crashing (specifically openbox crashes). It
seems to be random which of marsshooter or openbox crashes. GDB says
that openbox crashes in a function related to icons so it's probably
related to the above PR.

I will upload the fix from the above PR and hopefully that will fix both
segfaults here.

Thanks,
James



signature.asc
Description: OpenPGP digital signature

Bug#849531: [Logwatch-devel] Bug#849531: Possible security problem, new logwatch sends mails with charset UTF-8

[Jason Pyeron]

> -Original Message-
> From: Willi Mann [mailto:wi...@debian.org] 
> Sent: Friday, December 30, 2016 12:18
> To: logwatch-de...@lists.sourceforge.net
> Cc: 849...@bugs.debian.org; 849531-forwar...@bugs.debian.org; 
> Klaus Ethgen
> Subject: Re: [Logwatch-devel] Bug#849531: Possible security 
> problem, new logwatch sends mails with charset UTF-8
> 
> Hi Klaus,
> 
> can you elaborate how this could be exploited? 

It does not make the list at http://unicode.org/reports/tr36/ , but bad utf-8 
**may** cause email programs to behave badly. A google
for unicode crash brings up the iPhone message processing issues...

> What would be your suggested fix?

Not sure it is a high risk issue, but perl should use 

binmode(STDOUT, ":utf8");

to encode the perl strings as utf-8.

> 
> I'm including the upstream mailing list in the conversation.
> 
> thanks you
> Willi
> 
> Am 2016-12-28 um 10:09 schrieb Klaus Ethgen:
> > Package: logwatch
> > Version: 7.4.3+git20161207-1
> > Severity: critical
> > 
> > Current logwatch did change from sending mails with charset iso-8859-1
> > to UTF-8. This openes up a potential security hole as UTF-8 is not able

To give context...

commit f9db5949c58321175bda66310156f43ae607109f
Author: bjorn 
Date:   Sat Oct 15 17:38:40 2016 -0700

Changed encoding to UTF-8, as suggested by Goran Uddeborg.

diff --git a/scripts/logwatch.pl b/scripts/logwatch.pl
index 0f863dc..0167755 100755
--- a/scripts/logwatch.pl
+++ b/scripts/logwatch.pl
@@ -1162,9 +1162,9 @@ sub initprint {
  }
  #Config{output} html
  if ( $Config{'format'} eq "html" ) {
-$out_mime .= "Content-Type: text/html; charset=\"iso-8859-1\"\n\n";
+$out_mime .= "Content-Type: text/html; charset=\"UTF-8\"\n\n";
  } else {
-$out_mime .= "Content-Type: text/plain; 
charset=\"iso-8859-1\"\n\n";
+$out_mime .= "Content-Type: text/plain; charset=\"UTF-8\"\n\n";
  }

  if ($Config{'hostformat'} eq "split") { #8.0 check hostlimit also? or 
ne none?

> > to display all 8bit data.
> > 
> > This is especially true as the output from logwatch is from 
> untrusted
> > source where there could easily put some malicious content 
> in. Logwatch
> > does nothing to cleanup the mail content or convert it from 
> the native
> > charset to UTF-8.
> > 
> > Note that this bug went in recently as 7.4.0 did not have this bug
> > (neither does 7.4.1). I do not find any upstream changelog in the
> > package and when I download it from upstream directly, I 
> cannot find any
> > note of this breaking change.
> > 
> > -- System Information:
> > Debian Release: stretch/sid
> >   APT prefers unstable
> >   APT policy: (500, 'unstable'), (500, 'testing'), (1, 
> 'experimental')
> > Architecture: amd64 (x86_64)
> > Foreign Architectures: i386
> > 
> > Kernel: Linux 4.7.10 (SMP w/8 CPU cores)
> > Locale: LANG=de_DE, LC_CTYPE=de_DE (charmap=ISO-8859-1)
> > Shell: /bin/sh linked to /bin/dash
> > Init: sysvinit (via /sbin/init)
> > 
> > Versions of packages logwatch depends on:
> > ii  exim4-daemon-light [mail-transport-agent]  4.88~RC6-2
> > pn  perl:any   
> > 
> > Versions of packages logwatch recommends:
> > ii  libdate-manip-perl   6.56-1
> > ii  libsys-cpu-perl  0.61-2+b1
> > pn  libsys-meminfo-perl  
> > 
> > Versions of packages logwatch suggests:
> > ii  fortune-mod  1:1.99.1-7
> > 
> > -- no debconf information
> > 
> > 
> 
> 
> --
> 
> Check out the vibrant tech community on one of the world's most 
> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
> ___
> Logwatch-devel mailing list
> logwatch-de...@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/logwatch-devel
> 

Bug#849593: libfftw3-single3: dependencies in shlibs file not tight enough (Was: Bug#849589: ardour: undefined symbol: fftwf_make_planner_thread_safe)

[Julian Taylor]

On 30.12.2016 18:17, Ghislain Vaillant wrote:
>> The goal is for dpkg-shlibdeps to generate a dependency like
>> "libfftw3-single3 (>= 3.3.5)" for any package which uses
>> fftwf_make_planner_thread_safe. This is needed otherwise you may get a
>> linker error like ardour does, and it's is done by using the symbols or
>> shlibs systems as described in policy 8.6.
> 
> I am personally not familiar with the symbols stuff, so it would be up
> to somewhat from the team or yourself to provide a patch for this issue.
> 

A symbol file for fftw3 would be good, I never did it as it a fair bit
of work as the symbols are arch specific. At the time it wasn't really
necessary as fftw did not add new public symbols in ages, this was not
the case for the last update which I did not do.

Stricter shlibs is simple, though it may make some backward installs a
bit more tedious as you need to pull fftw3 too, but not a really big
deal. I may be able to look into it soon.

Note the majority of symbols fftw3 exports are private, a patch I made a
while back to only export the real public ones (FFTW_EXTERN marked ones)
was rejected upstream.

cheers,
Julian

Bug#849531: Possible security problem, new logwatch sends mails with charset UTF-8

[Klaus Ethgen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi Willi,

Am Fr den 30. Dez 2016 um 18:18 schrieb Willi Mann:
> can you elaborate how this could be exploited?

Well, log principally contains untrusted data that could be injected
from untrusted source. That is no security hole itself.

But when that data gets displayed with the wrong charset, that can
trigger problems in window managers (for example). See xterm which can
be controlled via ansii sequences. Even more, it could trigger stream
conversion problems if the UTF-8 implementation is not really fully
tested with broken streams.

> What would be your suggested fix?

Send the data with a char set that cover the full byte, not only a part
of it like UTF-8 or convert it somehow to UTF-8 what would be impossible
as you don't know the source char set.

The fail-safe default before was ISO-8859-1. So I suggest to use it
again.

Regards
   Klaus
- -- 
Klaus Ethgen   http://www.ethgen.ch/
pub  4096R/4E20AF1C 2011-05-16Klaus Ethgen 
Fingerprint: 85D4 CA42 952C 949B 1753  62B3 79D0 B06F 4E20 AF1C
-BEGIN PGP SIGNATURE-
Comment: Charset: ISO-8859-1

iQGzBAEBCgAdFiEEMWF28vh4/UMJJLQEpnwKsYAZ9qwFAlhmmyAACgkQpnwKsYAZ
9qzhKQv9Gecm9WzvdohmcSwFTX9mMpsSN34r1zcMbWgMEYw2PRIYtBBsPvf8gZ5q
vb1qWmipWoYE4HGPsNftm5+VhdkIdvU5fyB2UIcSAtOgjNqY7pTpe3yC3o0DHFcq
7SFuBerH8peJM6HvuPXzsRQVxk0/YOBG+OvprKyi6fWYbDN3wC6xfv1gB4BAI0b7
2kBmBxgV7RhN1qgttbGOXmDCvxvlVydArmotmaWG7DUqfFle/T9Y9FOOFBvdEy+z
JGdQSNX6TNryiVXAnAJJepa7GCLV0/1CuSV0327WV5vBJXAJCqcW4zbI2+MZp79A
2WCoOzy8JdeAxacK2XV2xynVzvqfIrw41E9QFMdoo/944zR6S3VqwZh4PF97FJW+
tDt+vAnYKglOzufjbFxKojjffba357TumQ3oH1+4JAAKZIKeeJXa2iVt8stD1eBN
O34FmWY5qffn8oeP3AbB54LHJBoNmzpJErZqEZYv/1gZi3pSu0Ie4BrMu0IFQr3y
cOLr8pkg
=pzp3
-END PGP SIGNATURE-

Bug#849286: marked as done (leap-cli: FTBFS: Could not find 'capistrano' (~> 2.15) - did find: [capistrano-3.4.0] (Gem::LoadError))

[Debian Bug Tracking System]

Your message dated Fri, 30 Dec 2016 17:33:26 +
with message-id 
and subject line Bug#849286: fixed in leap-cli 1.9-2
has caused the Debian Bug report #849286,
regarding leap-cli: FTBFS: Could not find 'capistrano' (~> 2.15) - did find: 
[capistrano-3.4.0] (Gem::LoadError)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
849286: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849286
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: leap-cli
Version: 1.9-1
Severity: serious
Justification: fails to build from source
User: reproducible-bui...@lists.alioth.debian.org
Usertags: ftbfs
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org

Dear Maintainer,

leap-cli fails to build from source in unstable/amd64:

  […]

  Unpacking openssl (1.1.0c-2) ...
  Selecting previously unselected package ca-certificates.
  Preparing to unpack .../01-ca-certificates_20161130_all.deb ...
  Unpacking ca-certificates (20161130) ...
  Selecting previously unselected package rubygems-integration.
  Preparing to unpack .../02-rubygems-integration_1.11_all.deb ...
  Unpacking rubygems-integration (1.11) ...
  Selecting previously unselected package ruby-did-you-mean.
  Preparing to unpack .../03-ruby-did-you-mean_1.0.0-2_all.deb ...
  Unpacking ruby-did-you-mean (1.0.0-2) ...
  Selecting previously unselected package ruby-minitest.
  Preparing to unpack .../04-ruby-minitest_5.9.0-1_all.deb ...
  Unpacking ruby-minitest (5.9.0-1) ...
  Selecting previously unselected package ruby-net-telnet.
  Preparing to unpack .../05-ruby-net-telnet_0.1.1-2_all.deb ...
  Unpacking ruby-net-telnet (0.1.1-2) ...
  Selecting previously unselected package ruby-power-assert.
  Preparing to unpack .../06-ruby-power-assert_0.3.0-1_all.deb ...
  Unpacking ruby-power-assert (0.3.0-1) ...
  Selecting previously unselected package ruby-test-unit.
  Preparing to unpack .../07-ruby-test-unit_3.1.7-2_all.deb ...
  Unpacking ruby-test-unit (3.1.7-2) ...
  Selecting previously unselected package libssl1.0.2:amd64.
  Preparing to unpack .../08-libssl1.0.2_1.0.2j-4_amd64.deb ...
  Unpacking libssl1.0.2:amd64 (1.0.2j-4) ...
  Selecting previously unselected package libyaml-0-2:amd64.
  Preparing to unpack .../09-libyaml-0-2_0.1.7-2_amd64.deb ...
  Unpacking libyaml-0-2:amd64 (0.1.7-2) ...
  Selecting previously unselected package libruby2.3:amd64.
  Preparing to unpack .../10-libruby2.3_2.3.3-1_amd64.deb ...
  Unpacking libruby2.3:amd64 (2.3.3-1) ...
  Selecting previously unselected package ruby2.3.
  Preparing to unpack .../11-ruby2.3_2.3.3-1_amd64.deb ...
  Unpacking ruby2.3 (2.3.3-1) ...
  Selecting previously unselected package ruby.
  Preparing to unpack .../12-ruby_1%3a2.3.3_amd64.deb ...
  Unpacking ruby (1:2.3.3) ...
  Selecting previously unselected package rake.
  Preparing to unpack .../13-rake_10.5.0-2_all.deb ...
  Unpacking rake (10.5.0-2) ...
  Selecting previously unselected package ruby-i18n.
  Preparing to unpack .../14-ruby-i18n_0.7.0-2_all.deb ...
  Unpacking ruby-i18n (0.7.0-2) ...
  Selecting previously unselected package ruby-colorize.
  Preparing to unpack .../15-ruby-colorize_0.8.1-1_all.deb ...
  Unpacking ruby-colorize (0.8.1-1) ...
  Selecting previously unselected package ruby-net-ssh.
  Preparing to unpack .../16-ruby-net-ssh_1%3a3.2.0-1_all.deb ...
  Unpacking ruby-net-ssh (1:3.2.0-1) ...
  Selecting previously unselected package ruby-net-scp.
  Preparing to unpack .../17-ruby-net-scp_1.2.1-4_all.deb ...
  Unpacking ruby-net-scp (1.2.1-4) ...
  Selecting previously unselected package ruby-sshkit.
  Preparing to unpack .../18-ruby-sshkit_1.9.0-1_all.deb ...
  Unpacking ruby-sshkit (1.9.0-1) ...
  Selecting previously unselected package capistrano.
  Preparing to unpack .../19-capistrano_3.4.0-1_all.deb ...
  Unpacking capistrano (3.4.0-1) ...
  Selecting previously unselected package gem2deb-test-runner.
  Preparing to unpack .../20-gem2deb-test-runner_0.33.1_amd64.deb ...
  Unpacking gem2deb-test-runner (0.33.1) ...
  Selecting previously unselected package libgmpxx4ldbl:amd64.
  Preparing to unpack .../21-libgmpxx4ldbl_2%3a6.1.2+dfsg-1_amd64.deb ...
  Unpacking libgmpxx4ldbl:amd64 (2:6.1.2+dfsg-1) ...
  Selecting previously unselected package libgmp-dev:amd64.
  Preparing to unpack .../22-libgmp-dev_2%3a6.1.2+dfsg-1_amd64.deb ...
  Unpacking libgmp-dev:amd64 (2:6.1.2+dfsg-1) ...
  Selecting previously unselected package ruby2.3-dev:amd64.
  Preparing to unpack .../23-ruby2.3-dev_2.3.3-1_amd64.deb ...
  Unpacking ruby2.3-dev:amd64 (2.3.3-1) ...
  Selecting 

Processed: Re: Bug#849750: Crashes the (LXDE) desktop

[Debian Bug Tracking System]

Processing control commands:

> severity -1 serious
Bug #849750 [marsshooter] Crashes the (LXDE) desktop
Severity set to 'serious' from 'critical'

-- 
849750: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849750
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#849750: Crashes the (LXDE) desktop

[Markus Koschany]

Control: severity -1 serious

On 30.12.2016 15:27, Julien Puydt wrote:
> Package: marsshooter
> Version: 0.7.6-1+b1
> Severity: critical
> 
> Hi,
> 
> I installed the package, clicked on the menu entry and my lxde panel
> just disappeared. I restarted lxdm and retried : same effect!
> 
> Restarting lxdm and launching in a terminal, I get :
> 
> Cannot connect to server socket err = No such file or directory
> Cannot connect to server request channel
> jack server is not running or cannot be started
> JackShmReadWritePtr::~JackShmReadWritePtr - Init not done for
> 4294967295, skipping unlock
> JackShmReadWritePtr::~JackShmReadWritePtr - Init not done for
> 4294967295, skipping unlock
> Searching for configuration file... Found
> /home/jpuydt/.marsshooter/mars.cfg
> Searching for data files... Found /usr/share/games/marsshooter/
> Happy Gaming...
> 
> (comment: it doesn't find jackd which isn't a problem, but
> 
> but the game doesn't display anything (it runs though: I have to ctrl+C
> to get the prompt back), and it looks like both the panel and the window
> manager are dead : all the running apps' windows turn borderless. I can
> still launch new apps by clicking on the desktop icons.
> 
> I didn't know if I should set the severity to grave or critical, but
> since the game is both not usable and trying to run it breaks something
> else, I settled for critical.
> 
> Hope that helps,

Hello,

please help us by providing more information about your system next
time. The reportbug tool is quite convenient for this matter because it
automatically detects which Debian distribution you run, the
architecture, and the versions of all installed package dependencies.
Without those information I can only guess what went wrong. Also please
always try to confirm or not confirm the bug with other games that use
the same graphic stack. Very often the underlying issue is in SDL or
SFML or even lower in the X or driver stack.

So for the record the game currently works fine on amd64, testing with
GNOME 3. It doesn't work for me on i386, sid, Openbox, LXDE, Xfce4 and
Enlightenment. The game just segfaults the moment when the window is
normally created.

I am attaching a debug log with the relevant information. I am not sure
if this is a bug in libsfml-window2.4 or marsshooter itself because I
can't reproduce it with Extremetuxracer. I only know that the game
worked fine a couple of months ago when I tried it on i386 and the code
has not changed.

I'm ccing James maybe he is able to spot the error immediately.

Regards,

Markus






marsshooter_debug.tar.xz
Description: application/xz


signature.asc
Description: OpenPGP digital signature

Processed: tagging 846459

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 846459 + pending
Bug #846459 [src:pam] pam: add libfl-dev to Build-Depends
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
846459: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=846459
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#849531: marked as forwarded (Possible security problem, new logwatch sends mails with charset UTF-8)

[Debian Bug Tracking System]

Your message dated Fri, 30 Dec 2016 18:18:00 +0100
with message-id 
has caused the   report #849531,
regarding Possible security problem, new logwatch sends mails with charset UTF-8
to be marked as having been forwarded to the upstream software
author(s) logwatch-de...@lists.sourceforge.net

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
849531: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849531
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Hi Klaus,

can you elaborate how this could be exploited? What would be your
suggested fix?

I'm including the upstream mailing list in the conversation.

thanks you
Willi

Am 2016-12-28 um 10:09 schrieb Klaus Ethgen:
> Package: logwatch
> Version: 7.4.3+git20161207-1
> Severity: critical
> 
> Current logwatch did change from sending mails with charset iso-8859-1
> to UTF-8. This openes up a potential security hole as UTF-8 is not able
> to display all 8bit data.
> 
> This is especially true as the output from logwatch is from untrusted
> source where there could easily put some malicious content in. Logwatch
> does nothing to cleanup the mail content or convert it from the native
> charset to UTF-8.
> 
> Note that this bug went in recently as 7.4.0 did not have this bug
> (neither does 7.4.1). I do not find any upstream changelog in the
> package and when I download it from upstream directly, I cannot find any
> note of this breaking change.
> 
> -- System Information:
> Debian Release: stretch/sid
>   APT prefers unstable
>   APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
> 
> Kernel: Linux 4.7.10 (SMP w/8 CPU cores)
> Locale: LANG=de_DE, LC_CTYPE=de_DE (charmap=ISO-8859-1)
> Shell: /bin/sh linked to /bin/dash
> Init: sysvinit (via /sbin/init)
> 
> Versions of packages logwatch depends on:
> ii  exim4-daemon-light [mail-transport-agent]  4.88~RC6-2
> pn  perl:any   
> 
> Versions of packages logwatch recommends:
> ii  libdate-manip-perl   6.56-1
> ii  libsys-cpu-perl  0.61-2+b1
> pn  libsys-meminfo-perl  
> 
> Versions of packages logwatch suggests:
> ii  fortune-mod  1:1.99.1-7
> 
> -- no debconf information
> 
> --- End Message ---

Bug#849531: Possible security problem, new logwatch sends mails with charset UTF-8

[Willi Mann]

Hi Klaus,

can you elaborate how this could be exploited? What would be your
suggested fix?

I'm including the upstream mailing list in the conversation.

thanks you
Willi

Am 2016-12-28 um 10:09 schrieb Klaus Ethgen:
> Package: logwatch
> Version: 7.4.3+git20161207-1
> Severity: critical
> 
> Current logwatch did change from sending mails with charset iso-8859-1
> to UTF-8. This openes up a potential security hole as UTF-8 is not able
> to display all 8bit data.
> 
> This is especially true as the output from logwatch is from untrusted
> source where there could easily put some malicious content in. Logwatch
> does nothing to cleanup the mail content or convert it from the native
> charset to UTF-8.
> 
> Note that this bug went in recently as 7.4.0 did not have this bug
> (neither does 7.4.1). I do not find any upstream changelog in the
> package and when I download it from upstream directly, I cannot find any
> note of this breaking change.
> 
> -- System Information:
> Debian Release: stretch/sid
>   APT prefers unstable
>   APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
> 
> Kernel: Linux 4.7.10 (SMP w/8 CPU cores)
> Locale: LANG=de_DE, LC_CTYPE=de_DE (charmap=ISO-8859-1)
> Shell: /bin/sh linked to /bin/dash
> Init: sysvinit (via /sbin/init)
> 
> Versions of packages logwatch depends on:
> ii  exim4-daemon-light [mail-transport-agent]  4.88~RC6-2
> pn  perl:any   
> 
> Versions of packages logwatch recommends:
> ii  libdate-manip-perl   6.56-1
> ii  libsys-cpu-perl  0.61-2+b1
> pn  libsys-meminfo-perl  
> 
> Versions of packages logwatch suggests:
> ii  fortune-mod  1:1.99.1-7
> 
> -- no debconf information
> 
> 

Bug#849593: libfftw3-single3: dependencies in shlibs file not tight enough (Was: Bug#849589: ardour: undefined symbol: fftwf_make_planner_thread_safe)

[Ghislain Vaillant]

CC'd to d-science,

On Fri, 30 Dec 2016 01:24:07 + James Cowgill  
wrote:

Hi,

On 30/12/16 00:50, Ghislain Vaillant wrote:
> On Thu, 29 Dec 2016 00:30:58 + James Cowgill  wrote:
>> Control: severity -1 serious
>> Control: clone -1 -2
>> Control: reassign -2 libfftw3-single3 3.3.5-1
>> Control: block -1 by -2
>> Control: retitle -2 libfftw3-single3: dependencies in shlibs file not tight 
enough
>>
>> Hi,
>>
>> On 29/12/16 00:02, Oleksandr Gavenko wrote:
>>> Package: ardour
>>> Version: 1:5.5.0~dfsg-1
>>> Severity: important
>>>
>>> Application is being crashing constantly with:
>>>
>>> bash# ardour5
>>> /usr/lib/ardour5/ardour-5.5.0: symbol lookup error: 
/usr/lib/ardour5/ardour-5.5.0: undefined symbol: fftwf_make_planner_thread_safe
>> [...]
>>> Versions of packages ardour depends on:
>> [...]
>>> ii  libfftw3-single3 3.3.4-2
>
> How come? Both testing and unstable have 3.3.5-1.

I don't think that matters. Partial upgrades should work (and
derivatives may rely on it).


Next time, it would be nice to explain upfront that the new version of 
ardour you are trying to build may *conditionally* use new features 
introduced by FFTW 3.5:


https://github.com/Ardour/ardour/search?utf8=%E2%9C%93=fftwf_make_planner_thread_safe=Code


>> This package is the problem. The fftwf_make_planner_thread_safe
>> function is only present in fftw3 3.3.5 (so upgrading your package
>> would fix this). fftw3 should generate a stricter dependency so that
>> this doesn't happen.
>
> libfftw3-dev depends on libfftw3_single3 (=${binary:Version}).
>
> How is that not strict enough?

I'm talking about the dependency from ardour to libfftw3_single3. The
dependency from libfftw3-dev doesn't matter here.


Maybe this could be *temporarily* fixed on ardour's end by requiring 
libfftw3-dev (>= 3.3.5) as a b-dep no?



>> fftw3 maintainers: to fix this you either need to provide a symbols
>> file, or pass a suitable -V option to dh_makeshlibs so the shlibs file
>> contains a stricter dependency.
>
> Please be more explicit about the expected outcome (i.e. the stricter
> dependency you keep mentioning).

Please read policy 8.6 which describes most of this more fully.

The goal is for dpkg-shlibdeps to generate a dependency like
"libfftw3-single3 (>= 3.3.5)" for any package which uses
fftwf_make_planner_thread_safe. This is needed otherwise you may get a
linker error like ardour does, and it's is done by using the symbols or
shlibs systems as described in policy 8.6.


I am personally not familiar with the symbols stuff, so it would be up 
to somewhat from the team or yourself to provide a patch for this issue.


Hope this helps,
Ghis

Processed: Re: aufs-dkms: dkms install fails

[Debian Bug Tracking System]

Processing control commands:

> severity -1 serious
Bug #849568 [aufs-dkms] aufs-dkms: dkms install fails
Severity set to 'serious' from 'important'
> tags -1 pending
Bug #849568 [aufs-dkms] aufs-dkms: dkms install fails
Added tag(s) pending.

-- 
849568: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849568
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: NMU: SSL1.0 for now

[Debian Bug Tracking System]

Processing control commands:

> severity -1 important
Bug #828274 [src:crtmpserver] crtmpserver: FTBFS with openssl 1.1.0
Severity set to 'important' from 'serious'

-- 
828274: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828274
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#828274: NMU: SSL1.0 for now

[Adam Borowski]

Control: severity -1 important

Hi!
I'm uploading a 0-day NMU for this, using the more conservative solution,
ie, using SSL 1.0 for stretch.

Thus, I'm not closing the bug but only downgrading to important.


Debdiff attached.


Meow!
-- 
Autotools hint: to do a zx-spectrum build on a pdp11 host, type:
  ./configure --host=zx-spectrum --build=pdp11
diff -Nru crtmpserver-1.0~dfsg/debian/changelog 
crtmpserver-1.0~dfsg/debian/changelog
--- crtmpserver-1.0~dfsg/debian/changelog   2016-07-30 04:29:24.0 
+0200
+++ crtmpserver-1.0~dfsg/debian/changelog   2016-12-30 17:40:06.0 
+0100
@@ -1,3 +1,10 @@
+crtmpserver (1.0~dfsg-5.3) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix FTBFS by using SSL1.0 for now (Downgrades: #828274).
+
+ -- Adam Borowski   Fri, 30 Dec 2016 17:40:06 +0100
+
 crtmpserver (1.0~dfsg-5.2) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru crtmpserver-1.0~dfsg/debian/control 
crtmpserver-1.0~dfsg/debian/control
--- crtmpserver-1.0~dfsg/debian/control 2016-07-30 04:26:13.0 +0200
+++ crtmpserver-1.0~dfsg/debian/control 2016-12-30 17:40:03.0 +0100
@@ -9,7 +9,7 @@
  cmake,
  debhelper (>= 9),
  liblua5.1-0-dev,
- libssl-dev,
+ libssl1.0-dev,
  libtinyxml-dev,
  pkg-config
 Standards-Version: 3.9.3
@@ -83,7 +83,7 @@
 Depends:
  crtmpserver-libs(= ${binary:Version}),
  liblua5.1-0-dev,
- libssl-dev,
+ libssl1.0-dev,
  libtinyxml-dev,
  ${misc:Depends}
 Description: Development files for the crtmpserver platform

Bug#746005: Problems in Lilipond and Guile -- #746005

[Dr. Tobias Quathamer]

Am 30.12.2016 um 07:28 schrieb Marc Dequènes (duck):

Quack,

I think the release team should have been involved much much earlier.


Hi,

the release team has been involved, see Emilio's mail from April 2015:



About a year later, Emilio states that the release team discussed this 
problem and "wouldn't like to release Stretch with guile-1.8 just for 
lilypond's sake":




However, he also wrote in that message that "We can discuss this again 
later in the cycle if necessary, though hopefully lilypond can get in 
shape and we won't need to do that :)"



It seems having Lilypond working with recent Guile before the release is
not going to happen. Even if it built properly there would maybe have
runtime bugs to solve.


Yes.


If people are willing to maintain Guile 1.8 into stable during another
release lifetime, I guess the release team would be ok with it. Maybe it
would be possible to provide a backport of Guile 2.x and newer Lilypond
later (when it works) and drop Guile 1.8 and current Lilypond from
stable in a subsequent point release. This could be announced in the
release notes from the start, so no surprise.

Anyway, I'm Cc-ing the release team so they don't discover the problem
much later.


Thanks for bringing the release team into the loop again, maybe they can 
state their position on this bug.


Regards,
Tobias




signature.asc
Description: OpenPGP digital signature

Bug#849753: marked as done (node-liftoff: Cannot install due to incorrect dependency)

[Debian Bug Tracking System]

Your message dated Fri, 30 Dec 2016 16:04:19 +
with message-id 
and subject line Bug#849753: fixed in node-liftoff 2.3.0-2
has caused the Debian Bug report #849753,
regarding node-liftoff: Cannot install due to incorrect dependency
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
849753: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849753
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: node-liftoff
Version: 2.3.0-1
Severity: grave
Justification: renders package unusable

node-liftoff depends on node-extend >= 3.0.0 but only 2.0.0 is available
in the debian repository which makes this package uninstallable.

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.8.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
Source: node-liftoff
Source-Version: 2.3.0-2

We believe that the bug you reported is fixed in the latest version of
node-liftoff, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 849...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Pirate Praveen  (supplier of updated node-liftoff package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 30 Dec 2016 20:56:49 +0530
Source: node-liftoff
Binary: node-liftoff
Architecture: source
Version: 2.3.0-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Javascript Maintainers 

Changed-By: Pirate Praveen 
Description:
 node-liftoff - command line tool launcher
Closes: 849753
Changes:
 node-liftoff (2.3.0-2) unstable; urgency=medium
 .
   * Team upload
   * Relax node-liftoff (Closes: #849753)
Checksums-Sha1:
 a438719d15ac96b585d25875fa764e6c765d77df 2233 node-liftoff_2.3.0-2.dsc
 8ebe1a588de565ef1d5e24f915474081baf321ab 3548 
node-liftoff_2.3.0-2.debian.tar.xz
Checksums-Sha256:
 c2b3de1d0dc938e6d0642270bf2ed855046ae04359ca74df750452b6c7597d43 2233 
node-liftoff_2.3.0-2.dsc
 9edb8187c99338f573c2b00af43950b59175bf77758868d9ad671242096e63b6 3548 
node-liftoff_2.3.0-2.debian.tar.xz
Files:
 1489000f63c69b1e553142de6c17457d 2233 web optional node-liftoff_2.3.0-2.dsc
 6ee3bd4585dc350b541a25f71d223fa8 3548 web optional 
node-liftoff_2.3.0-2.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEKnl0ri/BUtd4Z9pKzh+cZ0USwioFAlhmfpMACgkQzh+cZ0US
wird0A//VisWNdbjtahHsdyWBIuIsuHMXaTqRaBSToadF0ez8zJSR6SH0AonHOaC
YSWAvIuBqnadcPJhR21HD+zJDUON9pw2jYkAEe2NOxtqzXwmLX2unRR6Pd25tfn+
ZudUj5bAjBFzr1v7LHfHhEHGDu2CWJfRiVrHAsN/CCC++fLtSETq1tNnpaJhvcZY
4VJsIVplyraFJIlemj6ZDIZzlWTNKRZ5zBkdgz5N0GSLvTXdBs/10/bm2Xsbfe4h
syRywS8cmE51vqJ0FrGJTsf/fMOAn/p4ipGc0viZx8ueBoO6X8odsB5EZyeblErN
4RwTX00qy/2Y4gRc9hya6j4elwIAtMiA6eU5euB/WU585JMoRgwnVMNd8ZVBoYD6
HwVu9VbvCaFUcJiP7b6pOLmw82brsGkNqNQVOuMYV1x/xhrTwcinU96jNx6YLdP8
ezxsBQnWHNx2q29jVwDKYtXePamoI8IUEY5qgY8yNqguhPC27F2RhZo1Ncwodlx2
PNn60BTqhepPhOhHgPnWwx+2qkjKK8bKXj2kPhQLS/PPssQR0rUAQcDPA8qYlmQb
8ZGtm6/G1ouGMm84CITYKsFwooPLyVAu3a9G2AYUlHZiDnKj7xN1qhFNxgJYt+7+
2UnXiRt76hY0brYPRTcBrjfLi2oR4mw5ZGVAkUFRQvWLS2NYzSc=
=uhLm
-END PGP SIGNATURE End Message ---

Bug#846626: fbpanel: debian/copyright reports incorrect licenses (including mine)!

[Francesco Poli]

On Fri, 02 Dec 2016 19:51:07 +0100 Francesco Poli (wintermute) wrote:

[...]
> Please review the licensing status of the entire source tree and
> document it properly in the debian/copyright file!
[...]

Hello again,
I noticed that fbpanel/7.0-2 managed to migrate to testing, despite
being affected by this RC bug.
This happened because of a BTS version tracking info management issue.


Anyway, fbpanel is now scheduled for auto-removal from testing on
January, the 14th, as stated on its tracker page [1].

[1] https://tracker.debian.org/pkg/fbpanel

Please fix this RC bug soon!
If fbpanel is auto-removed from testing, it won't have a chance to
re-enter testing before the release of stretch, due to the soft freeze
(which will begin shortly: on January, the 5th) [2].

[2] https://lists.debian.org/debian-devel-announce/2016/12/msg0.html

Thanks for your time.
Bye!


-- 
 http://www.inventati.org/frx/
 There's not a second to spare! To the laboratory!
. Francesco Poli .
 GnuPG key fpr == CA01 1147 9CD2 EFDF FB82  3925 3E1C 27E1 1F69 BFFE


pgp9zBNxIWPXz.pgp
Description: PGP signature

Bug#848625: Please drop openssl-blacklist dependency

[Gennaro Oliva]

Hi Chirstian,

On Mon, Dec 19, 2016 at 03:23:06AM +0100, Christian Hofstaedtler wrote:
> Please drop the dependency on openssl-blacklist, if possible.
> As outlined in #833245, it's usefulness is probably over.

thank you for your comment; openssl dependency will be dropped in the
next upcoming release of the package.
Best regards
-- 
Gennaro Oliva

Bug#849756: sssd-ldap fails to connect to ldaps:// due to problem with non-blocking socket

[Bernhard R . Link]

Package: sssd-ldap
Version: 1.14.2-1
Severity: serious
Tags: security

Feel free to downgrade the severity, but as this sends passwords in cleartext 
(though in a case that I hope
will never work so not that likely to loose important passwords) and makes me 
wonder whether this package can
work at all with any ldaps server, I guessed it might be a suitable severity.

This might be the cause of other "[sdap_process_result] (0x0040): ldap_result 
error: [Can't contact LDAP server]" bug reports, but as this error message is 
so generic, I'm creating a new bug report.

sssd calls ldap_install_tls on a socket without removing and NON_BLOCKING bits 
from it.
This seems to be not supported by the current libldap2-4 version, which returns 
LDAP_SUCCESS but later fails.

Due to the way libldap fails the request is then send unencrypted (within the 
SSL Stream).
Here it usually happens that sssd sends both the "Client Hello" and an 
"Application Data" block (containing unencryted ldap_default_bind_dn and 
ldap_default_authtok)  before the server can even answer with an hello and the 
server than sends (depending when the Application data arrives) either with an 
Unexpected Message Fatal Alert or an Unencrypted Data Alert. (The ldap Server 
log reports TLS handshake errors, while the on the sssd side one gets 
"[sdap_process_result] (0x0040): ldap_result error: [Can't contact LDAP 
server]").

Some example data extracted from the output of wireshark:


Transmission Control Protocol, Src Port: 47911 (47911), Dst Port: 636 (636), 
Seq: 1, Ack: 1, Len: 150
Secure Sockets Layer
TLSv1.2 Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 145
Handshake Protocol: Client Hello

Transmission Control Protocol, Src Port: 47911 (47911), Dst Port: 636 (636), 
Seq: 151, Ack: 1, Len: 140
Secure Sockets Layer
TLSv1.2 Record Layer: Application Data Protocol: ldap
Content Type: Application Data (23)
Version: TLS 1.2 (0x0303)
Length: 135
Encrypted Application Data: 
30818402010160600201030439636e3d...

Transmission Control Protocol, Src Port: 636 (636), Dst Port: 47911 (47911), 
Seq: 1, Ack: 151, Len: 0

Transmission Control Protocol, Src Port: 636 (636), Dst Port: 47911 (47911), 
Seq: 1, Ack: 291, Len: 0

Transmission Control Protocol, Src Port: 636 (636), Dst Port: 47911 (47911), 
Seq: 1, Ack: 291, Len: 1448
Secure Sockets Layer
TLSv1.2 Record Layer: Handshake Protocol: Server Hello
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 53
Handshake Protocol: Server Hello

Transmission Control Protocol, Src Port: 47911 (47911), Dst Port: 636 (636), 
Seq: 291, Ack: 1449, Len: 0

Transmission Control Protocol, Src Port: 636 (636), Dst Port: 47911 (47911), 
Seq: 1449, Ack: 291, Len: 2648
[2 Reassembled TCP Segments (3389 bytes): #29(1390), #31(1999)]
Secure Sockets Layer
TLSv1.2 Record Layer: Handshake Protocol: Certificate
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 3384
Handshake Protocol: Certificate
Secure Sockets Layer
TLSv1.2 Record Layer: Handshake Protocol: Server Key Exchange
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 527
Handshake Protocol: Server Key Exchange

Transmission Control Protocol, Src Port: 47911 (47911), Dst Port: 636 (636), 
Seq: 291, Ack: 4097, Len: 0

Transmission Control Protocol, Src Port: 636 (636), Dst Port: 47911 (47911), 
Seq: 4097, Ack: 291, Len: 216
[2 Reassembled TCP Segments (333 bytes): #31(117), #33(216)]
Secure Sockets Layer
TLSv1.2 Record Layer: Handshake Protocol: Multiple Handshake Messages
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 328
Handshake Protocol: Certificate Request
Handshake Protocol: Server Hello Done

Transmission Control Protocol, Src Port: 47911 (47911), Dst Port: 636 (636), 
Seq: 291, Ack: 4313, Len: 0

Transmission Control Protocol, Src Port: 636 (636), Dst Port: 47911 (47911), 
Seq: 4313, Ack: 291, Len: 7
Secure Sockets Layer
TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Unexpected Message)
Content Type: Alert (21)
Version: TLS 1.2 (0x0303)
Length: 2
Alert Message



The content of the "Application Data Protocol: ldap" package is plain 
non-encrypted data (here a bit redacted):
0``9cn=,cn=X,cn=,ou=X 
MYPASWORD___01.3.6.1.4.1.42.2.27.8.5.1


As I can see it the cause of this is that in 
../openldap-2.4.44+dfsg/libraries/libldap/tls2.c
the code is:

#ifdef LDAP_USE_NON_BLOCKING_TLS
/*
 * Use non-blocking io during SSL Handshake when a timeout is configured
 */
if ( ld->ld_options.ldo_tm_net.tv_sec >= 0 ) {
ber_sockbuf_ctrl( ld->ld_sb, LBER_SB_OPT_SET_NONBLOCK, sb );
 

Bug#848294: marked as done (diaspora-installer-mysql: update mysql dependencies for mariadb)

[Debian Bug Tracking System]

Your message dated Fri, 30 Dec 2016 15:33:41 +
with message-id 
and subject line Bug#848294: fixed in diaspora-installer 0.6.0.0+debian5
has caused the Debian Bug report #848294,
regarding diaspora-installer-mysql: update mysql dependencies for mariadb
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
848294: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848294
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: diaspora-installer-mysql
Version: 0.6.0.0+debian4
Severity: serious

diaspora-installer-mysql depends on mysql-server and libmysqlclient-dev.

Those dependencies should be updated as:

  default-mysql-server | virtual-mysql-server, default-libmysqlclient-dev

as we are making mariadb the default mysql provider.

Thanks,
Emilio

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (800, 'unstable'), (700, 'experimental'), (650, 'testing'), (500, 
'unstable-debug'), (500, 'testing-debug')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, armhf

Kernel: Linux 4.8.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
Source: diaspora-installer
Source-Version: 0.6.0.0+debian5

We believe that the bug you reported is fixed in the latest version of
diaspora-installer, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 848...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Pirate Praveen  (supplier of updated diaspora-installer 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 30 Dec 2016 19:32:06 +0530
Source: diaspora-installer
Binary: diaspora-installer diaspora-installer-mysql diaspora-common
Architecture: source
Version: 0.6.0.0+debian5
Distribution: unstable
Urgency: medium
Maintainer: Debian Ruby Extras Maintainers 

Changed-By: Pirate Praveen 
Description:
 diaspora-common - distributed social networking service - common files
 diaspora-installer - distributed social networking service - installer
 diaspora-installer-mysql - distributed social networking service - installer 
(with mysql)
Closes: 847286 848294 848458
Changes:
 diaspora-installer (0.6.0.0+debian5) unstable; urgency=medium
 .
   * diaspora-common: add lsb-base to depends
   * Update diaspora-common dependencies for mariadb (Closes: #848458)
 .
   [ Balasankar C ]
   * Update diaspora-installer-mysql dependencies for mariadb (Closes: #848294)
   * Properly set permissions for gems installed by bundler (Closes: #847286)
Checksums-Sha1:
 0ff681f4f6fdd297919ae1a77551557211f93794 2014 
diaspora-installer_0.6.0.0+debian5.dsc
 f681f569f1f4b55f2981a6d7db8b45d2482b6885 29520 
diaspora-installer_0.6.0.0+debian5.tar.xz
Checksums-Sha256:
 69e72950041375cffedb3eb1bf351701228149074a72327c2906dbc3f6e9c46c 2014 
diaspora-installer_0.6.0.0+debian5.dsc
 74a47496f7ca52f1796386ecdbd6ed6023d4fd5ff53f63d5105a256122ab0fe1 29520 
diaspora-installer_0.6.0.0+debian5.tar.xz
Files:
 3f677a6d6fd40814fccf026d89efa10b 2014 ruby optional 
diaspora-installer_0.6.0.0+debian5.dsc
 56d182971362c71983dc78870ac56473 29520 ruby optional 
diaspora-installer_0.6.0.0+debian5.tar.xz

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEKnl0ri/BUtd4Z9pKzh+cZ0USwioFAlhmeaIACgkQzh+cZ0US
wioawxAAiPns5stb8dC5Phhk/4HugcInhpPZFz0ajkpR362/T+2wtC36ksqViAgv
yqUeBLYJSSzSFRsKXfpF0XZNm1oa+y33cixubbulH50wsibPAF+/x3JHZhf3AZG7
eNwkhN2Ox9MhWe+qjoeXyJj42ubHFGm+AC3h3xPx+GoV6V4uoEQr0PAaePX4Lzwm
tGCjWazP7LcsoIU4Ygl8glaCTZONNAasYOR3lwu0xo2KJBVmWpTPF/+5QLxv4qwU
/VLGch/a8w0sn6X1/6HN5YmqbszcmYqbNaSVXabBtDq5U4pSo1CeFq2laoJqdTxh
dBJuywUmZe1StdlZhIOFTmxGxmfXFtzojLI5AhVYcSLemdptsHQkEcNHis5xGJj/
XuGY94blDz3IRCJGYE95r1i3qwHxWAJjH+h0o8n/XJPmGGfkF4Zpaif7Um3xD1i+
QjXunbAt8g7koHgz6onbXGaChRGaeOLRPv2PWqx241x8VVS1zl24HqDxR+z0GTfc
x2MTVuB+Cb3tLgPt6p6Xx3FYf6kx5nbyzqUg2sSmrp64sdxY3y2fi/4CJu6hEgCL
DDEykOe+qzkiynDFImaEWioGZxer5VH8WVvTLI5keNXrPD1E534PKT1ye2TmMvB7

Bug#847286: marked as done (diaspora-installer: installs world-writable files under /usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems)

[Debian Bug Tracking System]

Your message dated Fri, 30 Dec 2016 15:33:41 +
with message-id 
and subject line Bug#847286: fixed in diaspora-installer 0.6.0.0+debian5
has caused the Debian Bug report #847286,
regarding diaspora-installer: installs world-writable files under 
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
847286: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847286
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: diaspora-installer
Version: 0.6.0.0+debian4
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package installs
world-writable files.

>From the attached log (scroll to the bottom...):

  ERROR: BAD PERMISSIONS
  -rw-rw-rw- 1 diaspora nogroup  1935 Dec  5 17:24 
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/configurate-0.3.1/lib/configurate/lookup_chain.rb
  -rw-rw-rw- 1 diaspora nogroup73 Dec  5 17:25 
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/rails-assets-markdown-it-diaspora-mention-1.0.0/Gemfile
  -rw-rw-rw- 1 diaspora nogroup   481 Dec  5 17:25 
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/rails-assets-markdown-it-diaspora-mention-1.0.0/README.md
  -rw-rw-rw- 1 diaspora nogroup28 Dec  5 17:25 
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/rails-assets-markdown-it-diaspora-mention-1.0.0/Rakefile
  -rw-rw-rw- 1 diaspora nogroup73 Dec  5 17:25 
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/rails-assets-markdown-it-diaspora-mention-1.0.0/app/assets/javascripts/markdown-it-diaspora-mention.js
  -rw-rw-rw- 1 diaspora nogroup 22469 Dec  5 17:25 
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/rails-assets-markdown-it-diaspora-mention-1.0.0/app/assets/javascripts/markdown-it-diaspora-mention/markdown-it-diaspora-mention.js
  -rw-rw-rw- 1 diaspora nogroup   801 Dec  5 17:25 
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/rails-assets-markdown-it-diaspora-mention-1.0.0/lib/rails-assets-markdown-it-diaspora-mention.rb
  -rw-rw-rw- 1 diaspora nogroup68 Dec  5 17:25 
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/rails-assets-markdown-it-diaspora-mention-1.0.0/lib/rails-assets-markdown-it-diaspora-mention/version.rb
  -rw-rw-rw- 1 diaspora nogroup   848 Dec  5 17:25 
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/rails-assets-markdown-it-diaspora-mention-1.0.0/rails-assets-markdown-it-diaspora-mention.gemspec
  -rw-rw-rw- 1 diaspora nogroup   754 Dec  5 17:25 
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/rails-assets-markdown-it-diaspora-mention-1.0.0/rails-assets-markdown-it-diaspora-mention.json
  -rw-rw-rw- 1 diaspora nogroup73 Dec  5 17:25 
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/rails-assets-markdown-it-sanitizer-0.4.2/Gemfile
  -rw-rw-rw- 1 diaspora nogroup   460 Dec  5 17:25 
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/rails-assets-markdown-it-sanitizer-0.4.2/README.md
  -rw-rw-rw- 1 diaspora nogroup28 Dec  5 17:25 
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/rails-assets-markdown-it-sanitizer-0.4.2/Rakefile
  -rw-rw-rw- 1 diaspora nogroup59 Dec  5 17:25 
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/rails-assets-markdown-it-sanitizer-0.4.2/app/assets/javascripts/markdown-it-sanitizer.js
  -rw-rw-rw- 1 diaspora nogroup  8864 Dec  5 17:25 
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/rails-assets-markdown-it-sanitizer-0.4.2/app/assets/javascripts/markdown-it-sanitizer/markdown-it-sanitizer.js
  -rw-rw-rw- 1 diaspora nogroup   775 Dec  5 17:25 
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/rails-assets-markdown-it-sanitizer-0.4.2/lib/rails-assets-markdown-it-sanitizer.rb
  -rw-rw-rw- 1 diaspora nogroup62 Dec  5 17:25 
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/rails-assets-markdown-it-sanitizer-0.4.2/lib/rails-assets-markdown-it-sanitizer/version.rb
  -rw-rw-rw- 1 diaspora nogroup   775 Dec  5 17:25 
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/rails-assets-markdown-it-sanitizer-0.4.2/rails-assets-markdown-it-sanitizer.gemspec
  -rw-rw-rw- 1 diaspora nogroup   708 Dec  5 17:25 
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/rails-assets-markdown-it-sanitizer-0.4.2/rails-assets-markdown-it-sanitizer.json


cheers,

Andreas


diaspora-installer_0.6.0.0+debian4.log.gz
Description: application/gzip
--- End Message ---
--- Begin Message ---
Source: diaspora-installer
Source-Version: 0.6.0.0+debian5

We believe that the bug you reported is fixed in the latest version of
diaspora-installer, which is due to be 

Bug#813675: marked as done (twittering-mode: Lack of support of HTTP/2 makes package unusable)

[Debian Bug Tracking System]

Your message dated Fri, 30 Dec 2016 15:23:23 +
with message-id 
and subject line Bug#813675: fixed in twittering-mode 3.1.0-1
has caused the Debian Bug report #813675,
regarding twittering-mode: Lack of support of HTTP/2 makes package unusable
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
813675: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813675
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Subject: twittering-mode: Lack of support of HTTP/2 makes package unusable
Package: twittering-mode
Version: 3.0.0-1
Severity: important

Dear Maintainer,

Given that Twitter upped the HTTP version of its API to HTTP/2 and the lack
of suppport of twmode,
this package completely useless until the regexes are upgraded to suppport
HTTP/2 responses (see [1]).

Thanks.

[1] https://github.com/hayamiz/twittering-mode/issues/114

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (101, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.3.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8) (ignored:
LC_ALL set to es_ES.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages twittering-mode depends on:
ii  curl 7.47.0-1
ii  emacs46.1
ii  openssl  1.0.2f-2

twittering-mode recommends no packages.

twittering-mode suggests no packages.

-- no debconf information

-- 

---
   Daniel Franganillo Corrales
---
--- End Message ---
--- Begin Message ---
Source: twittering-mode
Source-Version: 3.1.0-1

We believe that the bug you reported is fixed in the latest version of
twittering-mode, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 813...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Takaya Yamashita  (supplier of updated twittering-mode 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 25 Dec 2016 15:29:55 +0900
Source: twittering-mode
Binary: twittering-mode
Architecture: source all
Version: 3.1.0-1
Distribution: unstable
Urgency: medium
Maintainer: Takaya Yamashita 
Changed-By: Takaya Yamashita 
Description:
 twittering-mode - Twitter client for Emacs
Closes: 668679 813675
Changes:
 twittering-mode (3.1.0-1) unstable; urgency=medium
 .
   * New upstream release (Closes: #813675)
   * debian/clean: Delete unnecessary files with the new upstream version.
   * debian/compat: Update debhelper to 9.
   * debian/control:
 - Update Standards-Version to 3.9.8.
 - Build-Depends: Update debhelper to 9.
 - Depends: Support various versions.
   * debian/copyright: Fixed lintian error.
   * debian/docs: Delete unnecessary files with the new upstream version.
   * debian/emacsen-compat: Comply to newer Emacs policy.
   * debian/emacsen-startup: Add Config for autoload (Closes: #668679)
   * debian/install: Delete unnecessary files with the new upstream version.
   * debian/rules: Delete unnecessary files with the new upstream version.
Checksums-Sha1:
 f21168a60cac0cb8f794f73b610c9588fe5357bc 1758 twittering-mode_3.1.0-1.dsc
 0f4dd7465b2d4169c257af17eb9e185b25c3401c 670644 
twittering-mode_3.1.0.orig.tar.gz
 15bafb011692a09301bfde21816c9409ca3c4ac1 4980 
twittering-mode_3.1.0-1.debian.tar.xz
 b398a4c5d9da185e26fbc44273cb3b3fa34a4702 124356 twittering-mode_3.1.0-1_all.deb
 fdd2e17b326bc5d3bf8ca8c94839907b942d8e9b 4565 
twittering-mode_3.1.0-1_amd64.buildinfo
Checksums-Sha256:
 abcf89ca554404e44070748aeff6df2b980de3c1730afb1bb0e42e4b2bfd218b 1758 
twittering-mode_3.1.0-1.dsc
 0b6ca146af6e5c06efa327ef2d4fbb9c56bbff7e28a802623c735fc7fa6249f3 670644 
twittering-mode_3.1.0.orig.tar.gz
 88dc31ad3a1a4fff5ceacaa0c5bac02583247a03c9288ae9f9cf448404d04d4b 4980 
twittering-mode_3.1.0-1.debian.tar.xz
 f4458225657dcaf24a0663b925a81463eb20f471d49bcfd053869b318974ecaf 124356 
twittering-mode_3.1.0-1_all.deb
 

Bug#849753: node-liftoff: Cannot install due to incorrect dependency

[Baruch Even]

Package: node-liftoff
Version: 2.3.0-1
Severity: grave
Justification: renders package unusable

node-liftoff depends on node-extend >= 3.0.0 but only 2.0.0 is available
in the debian repository which makes this package uninstallable.

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.8.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Processed (with 1 error): merging 848294 848431

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> merge 848294 848431
Bug #848294 [diaspora-installer-mysql] diaspora-installer-mysql: update mysql 
dependencies for mariadb
Unable to merge bugs because:
severity of #848431 is 'important' not 'serious'
Failed to merge 848294: Did not alter merged bugs.

> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
848294: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848294
848431: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848431
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#849750: Crashes the (LXDE) desktop

[Julien Puydt]

Package: marsshooter
Version: 0.7.6-1+b1
Severity: critical

Hi,

I installed the package, clicked on the menu entry and my lxde panel 
just disappeared. I restarted lxdm and retried : same effect!


Restarting lxdm and launching in a terminal, I get :

Cannot connect to server socket err = No such file or directory
Cannot connect to server request channel
jack server is not running or cannot be started
JackShmReadWritePtr::~JackShmReadWritePtr - Init not done for 
4294967295, skipping unlock
JackShmReadWritePtr::~JackShmReadWritePtr - Init not done for 
4294967295, skipping unlock

Searching for configuration file... Found /home/jpuydt/.marsshooter/mars.cfg
Searching for data files... Found /usr/share/games/marsshooter/
Happy Gaming...

(comment: it doesn't find jackd which isn't a problem, but

but the game doesn't display anything (it runs though: I have to ctrl+C 
to get the prompt back), and it looks like both the panel and the window 
manager are dead : all the running apps' windows turn borderless. I can 
still launch new apps by clicking on the desktop icons.


I didn't know if I should set the severity to grave or critical, but 
since the game is both not usable and trying to run it breaks something 
else, I settled for critical.


Hope that helps,

Snark on #debian-games

Bug#849196: Sometimes, supress_warnings misses one of its attributes

[Sandro Tosi]

On Fri, Dec 23, 2016 at 9:47 AM, Ole Streicher  wrote:
> This is a regression; it did not happen with 1.11. Please fix this
> regression ASAP so that skimage can migrate safely before the freeze.

as asked on the github issue, is disabling parallel tests execution in
skimage a viable temporary solution?

-- 
Sandro "morph" Tosi
My website: http://sandrotosi.me/
Me at Debian: http://wiki.debian.org/SandroTosi
G+: https://plus.google.com/u/0/+SandroTosi

Bug#846459: adding an unrelated fix to the NMU

[Adam Borowski]

Hi!
I've been asked to add an unrelated fix, for #810873 (pam_getenv: "Unescaped
left brace in regex" with Perl 5.22) to the NMU.

Here's an updated debdiff.  I'll upload to where it was (DELAYED-5) once
I've done some more testing.


Meow!
-- 
Autotools hint: to do a zx-spectrum build on a pdp11 host, type:
  ./configure --host=zx-spectrum --build=pdp11
diff -u pam-1.1.8/debian/changelog pam-1.1.8/debian/changelog
--- pam-1.1.8/debian/changelog
+++ pam-1.1.8/debian/changelog
@@ -1,3 +1,12 @@
+pam (1.1.8-3.5) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Build-Depend on libfl-dev:native as well, for cross builds.
+Re-closes: #846459
+  * Fix "Unescaped left brace in regex" with Perl 5.22. Closes: #810873
+
+ -- Adam Borowski   Fri, 30 Dec 2016 14:37:29 +0100
+
 pam (1.1.8-3.4) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -u pam-1.1.8/debian/control pam-1.1.8/debian/control
--- pam-1.1.8/debian/control
+++ pam-1.1.8/debian/control
@@ -4,7 +4,7 @@
 Uploaders: Sam Hartman , Roger Leigh 
 Maintainer: Steve Langasek 
 Standards-Version: 3.9.8
-Build-Depends: libcrack2-dev (>= 2.8), bzip2, debhelper (>= 9), quilt (>= 
0.48-1), flex, libdb-dev, libselinux1-dev [linux-any], po-debconf, 
dh-autoreconf, autopoint, libaudit-dev [linux-any], pkg-config, libfl-dev, 
docbook-xsl, docbook-xml, xsltproc, libxml2-utils, w3m
+Build-Depends: libcrack2-dev (>= 2.8), bzip2, debhelper (>= 9), quilt (>= 
0.48-1), flex, libdb-dev, libselinux1-dev [linux-any], po-debconf, 
dh-autoreconf, autopoint, libaudit-dev [linux-any], pkg-config, libfl-dev, 
libfl-dev:native, docbook-xsl, docbook-xml, xsltproc, libxml2-utils, w3m
 Build-Conflicts-Indep: fop
 Build-Conflicts: libdb4.2-dev, libxcrypt-dev
 Vcs-Bzr: https://alioth.debian.org/scm/loggerhead/pkg-pam/debian/sid
diff -u pam-1.1.8/debian/local/pam_getenv pam-1.1.8/debian/local/pam_getenv
--- pam-1.1.8/debian/local/pam_getenv
+++ pam-1.1.8/debian/local/pam_getenv
@@ -75,7 +75,7 @@
   my ($val) = @_;
 return undef unless $val;
die "Cannot handle PAM items\n" if /(?

Bug#849589: ardour: undefined symbol: fftwf_make_planner_thread_safe

[Oleksandr Gavenko]

On Thu, Dec 29, 2016 at 2:30 AM, James Cowgill  wrote:

> On 29/12/16 00:02, Oleksandr Gavenko wrote:
> > Application is being crashing constantly with:
> >
> > bash# ardour5
> > /usr/lib/ardour5/ardour-5.5.0: symbol lookup error:
> /usr/lib/ardour5/ardour-5.5.0: undefined symbol:
> fftwf_make_planner_thread_safe
> [...]
> > Versions of packages ardour depends on:
> [...]
> > ii  libfftw3-single3 3.3.4-2
>
> This package is the problem. The fftwf_make_planner_thread_safe
> function is only present in fftw3 3.3.5 (so upgrading your package
> would fix this). fftw3 should generate a stricter dependency so that
> this doesn't happen.
>
> Thanks, this resolve issue!

Bug#849747: bpfcc-tools needs different compile flags to work

[Ritesh Raj Sarraf]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Control: severity -1 normal
Control: tag -1 +moreinfo


Changing severity because I can't reproduce this.

On Fri, 2016-12-30 at 14:02 +0200, George Kargiotakis wrote:
> Package: bpfcc-tools
> Version: 0.2.0-1
> Severity: grave
> Tags: newcomer
> Justification: renders package unusable
> 
> Dear Maintainer,
> 
> Trying to run binaries after installing bpfcc-tools ends up in an error like
> the following:
> 
> # tcpconnect 
> In file included from :317:
> :5:10: fatal error: './include/linux/kconfig.h' file not found
> #include "./include/linux/kconfig.h"
>  ^
> 1 error generated.
> Traceback (most recent call last):
>   File "/usr/sbin/tcpconnect", line 207, in 
>     b = BPF(text=bpf_text)
>   File "/usr/lib/python2.7/dist-packages/bcc/__init__.py", line 197, in
> __init__
>     raise Exception("Failed to compile BPF module %s" % src_file)
> Exception: Failed to compile BPF module 


Here, locally on my box, I get:

rrs@learner:~$ sudo tcpconnect 
[sudo] password for rrs: 
In file included from /virtual/main.c:3:
In file included from include/net/sock.h:51:
In file included from include/linux/netdevice.h:38:
In file included from include/linux/dmaengine.h:20:
In file included from include/linux/device.h:24:
In file included from include/linux/pinctrl/devinfo.h:21:
In file included from include/linux/pinctrl/consumer.h:17:
In file included from include/linux/seq_file.h:10:
include/linux/fs.h:2696:9: warning: comparison of unsigned enum expression < 0
is always false
  [-Wtautological-compare]
if (id < 0 || id >= READING_MAX_ID)
~~ ^ ~
1 warning generated.
PIDCOMM IP SADDRDADDRDPORT
23710  hexchat  4  192.168.1.137192.168.1.7  2
23711  hexchat  4  192.168.1.137192.168.1.7  2
12942  Chrome_IOThr 4  192.168.1.137172.217.26.206   443 
^C2016-12-30 / 18:39:23 ♒♒♒  ☺  


Which makes me wonder why you see the error. For one, you are running it on 
Debian Jessie.
Can you confirm if you have the linux-libc-dev package installed ?

- -- 
Ritesh Raj Sarraf | http://people.debian.org/~rrs
Debian - The Universal Operating System
-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEQCVDstmIVAB/Yn02pjpYo/LhdWkFAlhmXqwACgkQpjpYo/Lh
dWmOnhAAkmmp8X+ZVrD3Oe9ZBidN8ux7ovnNZhjhC0BfmeNn3+hBpR/bc8nWoi8j
L4q/iq29DNQIHq6raKC2DErNMpW0G9wHfO3OQqzR9dzoiy6qUQtbETTnuQj5on08
OTe/l8k73dJ6wEhfjhDnMFBUsARSmT2C2P6V5+kWUmsRA2nqtaxb4yaM9efBxR2E
oUmroNP7qygXRnEZ/1uJdFkC2/0nPDZPc2GiYUgOarUVrRhJ4pDtsxYCZqE1jdcS
J8pn+o5SqDFjfg6NQUrY/+2T+6nj3mgnlo1M7wIfHDw7/Q2VySCzhBMWro+FMN5h
76il0Mds9iza8kqhNHSFkItGECJV2fMsGcSU349vUAYTYQz7waMcKTFv+gDaw/zl
APsSYV/XMK893UelIW6QUlGEuoTXP+b7LYLGGnO4HeQyeDcT09W91ux9qp5w0Nl3
YhMnfICNIXVFeiZyQiI1PNW7rFWK08R4XF8H7pYuMu6dmP5b+aJoFJX3qAj/FfQW
44g586GQadOpDxj8+9m1qPUOV9DlnJKZHw/hS2OkUz/OMgqsApUUdngGDnC3U2nr
LFjH0sWn+1iHt3YCYDzbj8YjI057q54Ra0toSs+kOwsoy6GwxeAqbHbBxrlJTaSK
WeN8nXEzwKK8HM8CSUQE1dad9Wmc6zIIhCJjX6wQ23Rf1tPtfJA=
=lmw+
-END PGP SIGNATURE-

Processed: Re: Bug#849747: bpfcc-tools needs different compile flags to work

[Debian Bug Tracking System]

Processing control commands:

> severity -1 normal
Bug #849747 [bpfcc-tools] bpfcc-tools needs different compile flags to work
Severity set to 'normal' from 'grave'
> tag -1 +moreinfo
Bug #849747 [bpfcc-tools] bpfcc-tools needs different compile flags to work
Added tag(s) moreinfo.

-- 
849747: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849747
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#846089: r-cran-rcmdr/armel unsatisfiable Depends: r-cran-rgl

[Dirk Eddelbuettel]

[ G, this sat in an unsent Emacs mail buffer for 10 days.  Packages was
  long uploaded.  Thanks again for the reminder  --Dirk ]

On 20 December 2016 at 11:25, Adrian Bunk wrote:
| On Mon, Nov 28, 2016 at 01:18:32PM -0600, Dirk Eddelbuettel wrote:
| > 
| > On 28 November 2016 at 21:01, Adrian Bunk wrote:
| > | On Mon, Nov 28, 2016 at 07:13:38AM -0600, Dirk Eddelbuettel wrote:
| > | > 
| > | > On 28 November 2016 at 14:13, Adrian Bunk wrote:
| > | > | Package: r-cran-rcmdr
| > | > | Version: 2.3-1-1
| > | > | Severity: serious
| > | > | 
| > | > | r-cran-rgl was removed on armel (see #842088).
| > | > | 
| > | > | r-cran-rcmdr is currently not able to re-enter testing
| > | > | since its dependencies cannot be fulfilled on armel.
| > | > | 
| > | > | There are two options for r-cran-rcmdr to re-enter testing:
| > | 
| > | It seems I did express myself in a misleading way.
| > | 
| > | I meant "either 1. OR 2.",
| > | 
| > | > | 1. make the r-cran-rgl dependency !armel if that makes sense
| > | > 
| > | > I can (and will now) do that.
| > | >  
| > | > | 2. - let src:rcmdr build-depend on r-cran-rgl so that it gets built
| > | > |  only on architectures where the latter is available, plus
| > | > 
| > | > I'll do that too. It is an old package with many Suggests; I usually 
try to
| > | > keep Depends and Build-Depends in check.
| > | 
| > | Now you have:
| > |   Build-Depends: r-cran-rgl
| > |   Depends: r-cran-rgl [!armel]
| > | 
| > | You are removing r-cran-rgl from the dependencies on armel,
| > | 
| > | while ensuring through the build dependencies that it won't ever get 
| > | built again on armel.
| > 
| > My bad.  I guess there was a reason I didn't have it in Build-Depends.
| > 
| > Will remove.
| >...
| 
| If r-cran-rcmdr should be in stretch, this has to be uploaded
| before Christmas.

Thanks for the reminder, this fell to the side.

rgl used to be a hard Depends: for Rcmdr and needed to be present at
built-time, that is no longer the case. I can probably try moving this to
Suggests: loosening the relationship.

Running pbuilder now...

Dirk

-- 
http://dirk.eddelbuettel.com | @eddelbuettel | e...@debian.org

Bug#849365: marked as done (libphp-phpmailer: CVE-2016-10033)

[Debian Bug Tracking System]

Your message dated Fri, 30 Dec 2016 12:19:02 +
with message-id 
and subject line Bug#849365: fixed in libphp-phpmailer 5.2.14+dfsg-2.1
has caused the Debian Bug report #849365,
regarding libphp-phpmailer: CVE-2016-10033
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
849365: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849365
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: libphp-phpmailer
Version: 5.2.9+dfsg-2
Severity: grave
Tags: security upstream
Justification: user security hole

Hi,

the following vulnerability was published for libphp-phpmailer.

CVE-2016-10033[0]:
remote code execution

Details though at the point of writing this bugreport are not yet
available. It is fixed in the new upstream version 5.2.18.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2016-10033
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10033

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: libphp-phpmailer
Source-Version: 5.2.14+dfsg-2.1

We believe that the bug you reported is fixed in the latest version of
libphp-phpmailer, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 849...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Thijs Kinkhorst  (supplier of updated libphp-phpmailer 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 30 Dec 2016 11:22:28 +
Source: libphp-phpmailer
Binary: libphp-phpmailer
Architecture: source all
Version: 5.2.14+dfsg-2.1
Distribution: unstable
Urgency: high
Maintainer: Debian PHP PEAR Maintainers 
Changed-By: Thijs Kinkhorst 
Description:
 libphp-phpmailer - full featured email transfer class for PHP
Closes: 849365
Changes:
 libphp-phpmailer (5.2.14+dfsg-2.1) unstable; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix CVE-2016-10033 (and CVE-2016-10045): apply commits
 4835657c 9743ff5c 833c35fe from upstream. Closes: #849365.
Checksums-Sha1:
 df5692fde82a79d13099b6a98bed3b2c3c7df035 1725 
libphp-phpmailer_5.2.14+dfsg-2.1.dsc
 9377456502201ad9726ca3380085989b403d0a32 8376 
libphp-phpmailer_5.2.14+dfsg-2.1.debian.tar.xz
 21787b4f76e05cc9fcccb13c44fbcacd6f88c26e 146990 
libphp-phpmailer_5.2.14+dfsg-2.1_all.deb
 1fa767c9ca5d65243265c9e73f83fc8bdf4b5ed9 5448 
libphp-phpmailer_5.2.14+dfsg-2.1_amd64.buildinfo
Checksums-Sha256:
 41896a97b246e3802e3feb1794e6408985dbb93461b1a2210dde4c50c5b40887 1725 
libphp-phpmailer_5.2.14+dfsg-2.1.dsc
 2baeddfecc1d58c5fa145df86f3934a54f3b770b57f5322f225c211ddb21ac53 8376 
libphp-phpmailer_5.2.14+dfsg-2.1.debian.tar.xz
 ee7d6edceaab0e492c24e813e020bea57d70fc562df982686f3039f99fc97243 146990 
libphp-phpmailer_5.2.14+dfsg-2.1_all.deb
 91af522e6479ef466562777f1e3498f95e6b94d74259d0ab803b81a891a47a68 5448 
libphp-phpmailer_5.2.14+dfsg-2.1_amd64.buildinfo
Files:
 17c85cb076d7c537cc74832345bd59f8 1725 php optional 
libphp-phpmailer_5.2.14+dfsg-2.1.dsc
 1083c3c296bc7d14467fadb38d685737 8376 php optional 
libphp-phpmailer_5.2.14+dfsg-2.1.debian.tar.xz
 24ff78c1b9bbf205e38ff0ec7d39f234 146990 php optional 
libphp-phpmailer_5.2.14+dfsg-2.1_all.deb
 d19f70cf7582391ee9b584ef71600aef 5448 php optional 
libphp-phpmailer_5.2.14+dfsg-2.1_amd64.buildinfo

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQEcBAEBCAAGBQJYZk4BAAoJEFb2GnlAHawETXAH/A966SYswH+JzvJEum6quLRV
wz5zIaGgoVu2E5Jh5y9r3JdgZGwmwsC8faPbHF4O27uoX1ko4QPn+wqhivpu3UCA
03KNHV2/ABkK/T3QdjVbtJkJo/5nf1pL3Ktcop+jiGmyUMSO5Op8e0PI4gxbOdjf
IhXXmfZ/bfzcWMBjOwmQkIG2rnfQkl58RzJBdaeh5xH6VFPAEZC7SjFS+nQBYjlc
d/fp8iFflDUi9Vy4KEqw0+JMqcTBX/2rpRpeK98rrIk6zlhxD0lG+fWbEMNKl1Pn
8XHeIgXg3dtx9SjYISobc3auL/XV16leUHqH/BL1L4mF4ci2gYqwRihtatwgEdg=
=/cAe
-END PGP SIGNATURE End Message ---

Bug#849633: Kernel packages need Breaks on older virtualbox-dkms versions

[Adrian Bunk]

Control: reopen -1
Control: reassign -1 src:linux 4.7.2-1
Control: retitle -1 Kernel packages need Breaks on older virtualbox-dkms 
versions

> From: Gianfranco Costamagna 
> To: Karl Voit , 849633-d...@bugs.debian.org
> Subject: Re: Bug#849633: virtualbox-dkms: Compiling error when updating
>  kernel
> 
> Hello,
> 
> >Version: 4.3.36-dfsg-1+deb8u1
> >Severity: grave
> >Justification: renders package unusable
> >
> >Kernel: Linux 4.7.0-0.bpo.1-amd64 (SMP w/4 CPU cores)
> 
> kernel from backports, vbox from stable.
> use vbox from backports or here instead:
> http://debomatic-amd64.debian.net/distribution#jessie-backports/virtualbox/5.1.12-dfsg-2~bpo8+1/buildlog

The bug is that the the kernel images do not have appropriate Breaks to 
enforce upgrade/removal of the old virtualbox-dkms package.

> G.

cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

Processed: Kernel packages need Breaks on older virtualbox-dkms versions

[Debian Bug Tracking System]

Processing control commands:

> reopen -1
Bug #849633 {Done: Gianfranco Costamagna } 
[virtualbox-dkms] virtualbox-dkms: Compiling error when updating kernel
Bug reopened
Ignoring request to alter fixed versions of bug #849633 to the same values 
previously set
> reassign -1 src:linux 4.7.2-1
Bug #849633 [virtualbox-dkms] virtualbox-dkms: Compiling error when updating 
kernel
Bug reassigned from package 'virtualbox-dkms' to 'src:linux'.
No longer marked as found in versions virtualbox/4.3.36-dfsg-1+deb8u1.
Ignoring request to alter fixed versions of bug #849633 to the same values 
previously set
Bug #849633 [src:linux] virtualbox-dkms: Compiling error when updating kernel
Marked as found in versions linux/4.7.2-1.
> retitle -1 Kernel packages need Breaks on older virtualbox-dkms versions
Bug #849633 [src:linux] virtualbox-dkms: Compiling error when updating kernel
Changed Bug title to 'Kernel packages need Breaks on older virtualbox-dkms 
versions' from 'virtualbox-dkms: Compiling error when updating kernel'.

-- 
849633: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849633
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#849365: Patch for NMU 5.2.14+dfsg-2.1

[Thijs Kinkhorst]

Hi,

On behalf of the Security Team I've taken the liberty to upload to
unstable a fix for CVE-2016-10033. The debdiff is attached.


Cheers,
Thijs
diff -Nru libphp-phpmailer-5.2.14+dfsg/debian/changelog libphp-phpmailer-5.2.14+dfsg/debian/changelog
--- libphp-phpmailer-5.2.14+dfsg/debian/changelog	2016-03-05 15:06:02.0 +
+++ libphp-phpmailer-5.2.14+dfsg/debian/changelog	2016-12-30 11:22:28.0 +
@@ -1,3 +1,11 @@
+libphp-phpmailer (5.2.14+dfsg-2.1) unstable; urgency=high
+
+  * Non-maintainer upload by the Security Team.
+  * Fix CVE-2016-10033 (and CVE-2016-10045): apply commits
+4835657c 9743ff5c 833c35fe from upstream. Closes: #849365.
+
+ -- Thijs Kinkhorst   Fri, 30 Dec 2016 11:22:28 +
+
 libphp-phpmailer (5.2.14+dfsg-2) unstable; urgency=medium
 
   * Team upload
diff -Nru libphp-phpmailer-5.2.14+dfsg/debian/patches/0002-Fix-CVE-2016-10033-CVE-2016-10045.patch libphp-phpmailer-5.2.14+dfsg/debian/patches/0002-Fix-CVE-2016-10033-CVE-2016-10045.patch
--- libphp-phpmailer-5.2.14+dfsg/debian/patches/0002-Fix-CVE-2016-10033-CVE-2016-10045.patch	1970-01-01 00:00:00.0 +
+++ libphp-phpmailer-5.2.14+dfsg/debian/patches/0002-Fix-CVE-2016-10033-CVE-2016-10045.patch	2016-12-30 11:22:28.0 +
@@ -0,0 +1,117 @@
+diff -Nur libphp-phpmailer-5.2.14+dfsg.orig/class.phpmailer.php libphp-phpmailer-5.2.14+dfsg.new/class.phpmailer.php
+--- libphp-phpmailer-5.2.14+dfsg.orig/class.phpmailer.php	2015-11-01 10:15:28.0 +
 libphp-phpmailer-5.2.14+dfsg.new/class.phpmailer.php	2016-12-30 11:20:08.368756474 +
+@@ -164,6 +164,7 @@
+ 
+ /**
+  * The path to the sendmail program.
++ * Must contain only a path to an executable, with no parameters or switches
+  * @var string
+  */
+ public $Sendmail = '/usr/sbin/sendmail';
+@@ -1329,19 +1330,27 @@
+  */
+ protected function sendmailSend($header, $body)
+ {
+-if ($this->Sender != '') {
++if (!(is_file($this->Sendmail) and is_executable($this->Sendmail))) {
++throw new phpmailerException($this->lang('execute') . $this->Sendmail, self::STOP_CRITICAL);
++}
++// CVE-2016-10033, CVE-2016-10045: Don't pass -f if characters will be escaped.
++if (!empty($this->Sender) and self::isShellSafe($this->Sender)) {
+ if ($this->Mailer == 'qmail') {
+-$sendmail = sprintf('%s -f%s', escapeshellcmd($this->Sendmail), escapeshellarg($this->Sender));
++$sendmailFmt = '%s -f%s';
+ } else {
+-$sendmail = sprintf('%s -oi -f%s -t', escapeshellcmd($this->Sendmail), escapeshellarg($this->Sender));
++$sendmailFmt = '%s -oi -f%s -t';
+ }
+ } else {
+ if ($this->Mailer == 'qmail') {
+-$sendmail = sprintf('%s', escapeshellcmd($this->Sendmail));
++$sendmailFmt = '%s';
+ } else {
+-$sendmail = sprintf('%s -oi -t', escapeshellcmd($this->Sendmail));
++$sendmailFmt = '%s -oi -t';
+ }
+ }
++
++// TODO: If possible, this should be changed to escapeshellarg.  Needs thorough testing.
++$sendmail = sprintf($sendmailFmt, escapeshellcmd($this->Sendmail), $this->Sender);
++
+ if ($this->SingleTo) {
+ foreach ($this->SingleToArray as $toAddr) {
+ if (!@$mail = popen($sendmail, 'w')) {
+@@ -1388,6 +1397,38 @@
+ }
+ 
+ /**
++ * Fix CVE-2016-10033 and CVE-2016-10045 by disallowing potentially unsafe shell characters.
++ *
++ * Note that escapeshellarg and escapeshellcmd are inadequate for our purposes, especially on Windows.
++ * @param string $string The string to be validated
++ * @see https://github.com/PHPMailer/PHPMailer/issues/924 CVE-2016-10045 bug report
++ * @access protected
++ * @return boolean
++ */
++protected static function isShellSafe($string)
++{
++// Future-proof
++if (escapeshellcmd($string) !== $string or !in_array(escapeshellarg($string), array("'$string'", "\"$string\""))) {
++return false;
++}
++
++$length = strlen($string);
++
++for ($i = 0; $i < $length; $i++) {
++$c = $string[$i];
++
++// All other characters have a special meaning in at least one common shell, including = and +.
++// Full stop (.) has a special meaning in cmd.exe, but its impact should be negligible here.
++// Note that this does permit non-Latin alphanumeric characters based on the current locale.
++if (!ctype_alnum($c) && strpos('@_-.', $c) === false) {
++return false;
++}
++}
++
++return true;
++}
++
++/**
+  * Send mail using the PHP mail() function.
+  * @param string $header The message headers
+  * @param string $body The message body
+@@ -1404,12 +1445,14 @@
+ }
+

Bug#849747: bpfcc-tools needs different compile flags to work

[George Kargiotakis]

Package: bpfcc-tools
Version: 0.2.0-1
Severity: grave
Tags: newcomer
Justification: renders package unusable

Dear Maintainer,

Trying to run binaries after installing bpfcc-tools ends up in an error like 
the following:

# tcpconnect 
In file included from :317:
:5:10: fatal error: './include/linux/kconfig.h' file not found
#include "./include/linux/kconfig.h"
 ^
1 error generated.
Traceback (most recent call last):
  File "/usr/sbin/tcpconnect", line 207, in 
b = BPF(text=bpf_text)
  File "/usr/lib/python2.7/dist-packages/bcc/__init__.py", line 197, in __init__
raise Exception("Failed to compile BPF module %s" % src_file)
Exception: Failed to compile BPF module 

The fix for this is already upstream and one needs to change the debian/rules 
file:

-   dh_auto_configure -- -DREVISION_LAST=$(UPSTREAM_VERSION) 
-DREVISION=$(UPSTREAM_VERSION) -DLLVM_DEFINITIONS="-D_GNU_SOURCE 
-D__STDC_CONSTANT_MACROS -D__STDC_FORMAT_MACROS -D__STDC_LIMIT_MACROS"
+   dh_auto_configure -- -DREVISION_LAST=$(UPSTREAM_VERSION) 
-DREVISION=$(UPSTREAM_VERSION) -DLLVM_DEFINITIONS="-D_GNU_SOURCE 
-D__STDC_CONSTANT_MACROS -D__STDC_FORMAT_MACROS -D__STDC_LIMIT_MACROS" 
-DBCC_KERNEL_HAS_SOURCE_DIR=1

The fix is documented here:
https://github.com/dkronst/bcc/commit/3e2f9d9d6250d3f8a076bbf1a953cf4f0d21f75a

After applying the change in debian/rules and rebuilding the package the 
binaries work:

# tcpconnect 
In file included from /virtual/main.c:3:
In file included from include/net/sock.h:51:
In file included from include/linux/netdevice.h:38:
In file included from include/linux/dmaengine.h:20:
In file included from include/linux/device.h:24:
In file included from include/linux/pinctrl/devinfo.h:21:
In file included from include/linux/pinctrl/consumer.h:17:
In file included from include/linux/seq_file.h:10:
include/linux/fs.h:2686:9: warning: comparison of unsigned enum
  expression < 0 is always false [-Wtautological-compare]
if (id < 0 || id >= READING_MAX_ID)
~~ ^ ~
1 warning generated.
PIDCOMM IP SADDRDADDRDPORT
3805   Chrome_IOThr 4  10.20.10.1 1.2.3.4443 

The following might also be a fix for the issue but I haven't tested it yet
https://github.com/iovisor/bcc/pull/701/files


-- System Information:
Debian Release: 8.6
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable'), (400, 'unstable'), 
(400, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.8.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages bpfcc-tools depends on:
ii  python-bpfcc0.2.0-1
ii  python-netaddr  0.7.12-2
pn  python:any  

bpfcc-tools recommends no packages.

bpfcc-tools suggests no packages.

-- no debconf information

Processed: androguard was not built on non-x86 before

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> severity 849647 important
Bug #849647 [src:androguard] androguard: FTBFS on non-x86: In function 'RDTSC': 
error: impossible constraint in 'asm'
Severity set to 'important' from 'serious'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
849647: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849647
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#806198: marked as done (siscone: FTBFS when built with dpkg-buildpackage -A (dh_testroot in build-indep))

[Debian Bug Tracking System]

Your message dated Fri, 30 Dec 2016 11:20:22 +
with message-id 
and subject line Bug#806198: fixed in siscone 2.0.6-2
has caused the Debian Bug report #806198,
regarding siscone: FTBFS when built with dpkg-buildpackage -A (dh_testroot in 
build-indep)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
806198: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806198
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: src:siscone
Version: 2.0.6-1.1
User: sanv...@debian.org
Usertags: binary-indep
Severity: important

Dear maintainer:

I tried to build this package with "dpkg-buildpackage -A"
(i.e. only architecture-independent packages), and it failed:


[...]
 debian/rules build-indep
dh_testdir
dh_testroot
dh_testroot: You must run this as root (or use fakeroot).
debian/rules:63: recipe for target 'doxygen-stamp' failed
make: *** [doxygen-stamp] Error 255
dpkg-buildpackage: error: debian/rules build-indep gave error exit status 2


In this case, debian/rules tries to ensure that you are root in a
target which is not supposed to be executed as root, and it fails.

The way to fix this is up to you, but my own personal preference,
which I would also recommend, is to get rid of each and every
dh_testdir and dh_testroot call.

After all, dpkg-buildpackage already takes care of being root
(or fakeroot) when required, and of course, it does also take care of
being in the right directory. Both things happen by design, so removing
those checks just make debian/rules shorter and easier to understand
without any loss of functionality. It would also make debian/rules
a little bit closer to the minimalistic style that "dh" allows.

Once this issue with dh_testroot is fixed, please ensure that both
"dpkg-buildpackage -A" and "dpkg-buildpackage -B" work. After that,
the package will be suitable to be uploaded in source-only form if you
wish.

Thanks.
--- End Message ---
--- Begin Message ---
Source: siscone
Source-Version: 2.0.6-2

We believe that the bug you reported is fixed in the latest version of
siscone, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 806...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ghislain Antony Vaillant  (supplier of updated siscone 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 30 Dec 2016 00:02:51 +
Source: siscone
Binary: libsiscone0v5 libsiscone-dev libsiscone-spherical0v5 
libsiscone-spherical-dev siscone-examples siscone-doc-html siscone-doc-pdf
Architecture: source
Version: 2.0.6-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 

Changed-By: Ghislain Antony Vaillant 
Description:
 libsiscone-dev - Seedless Infrared Safe Cone jet finder - development files
 libsiscone-spherical-dev - Spherical version of SISCone - development files
 libsiscone-spherical0v5 - Spherical version of SISCone
 libsiscone0v5 - Seedless Infrared Safe Cone jet finder
 siscone-doc-html - Developer's reference manual of SISCone (HTML)
 siscone-doc-pdf - Developer's reference manual of SISCone (PDF)
 siscone-examples - Seedless Infrared Safe Cone jet finder - example files
Closes: 790034 806198
Changes:
 siscone (2.0.6-2) unstable; urgency=medium
 .
   * Team upload
 .
   [ Ghislain Antony Vaillant ]
   * Make build reproducible
 - New patch Remove-datetime-from-footer.html.patch
 Thanks to Maria Valentina Marin for the patch (Closes: #790034)
   * Fix arch-indep only build.
 Thanks to Santiago Vila for the fix (Closes: #806198)
   * cme fix dpkg-control:
 - Drop DM-Upload-Allowed field
 - Bump standards version to 3.9.8
 - Use secure VCS URI
 - Wrap and sort
   * cme fix dpkg-copyright:
 - Use HTTPS URI for Format field
 - Remove new line at end of file
   * Upgrade packaging to debhelper 10
Checksums-Sha1:
 

Bug#849666: gradm2: FTBFS on arm64: /usr/bin/ld: cannot find -lfl

[Adrian Bunk]

On Fri, Dec 30, 2016 at 08:36:55AM +0100, László Böszörményi wrote:
> Control: tags -1 +unreproducible
> 
> On Thu, Dec 29, 2016 at 5:33 PM, Chris West (Faux)
>  wrote:
> > Source: gradm2
> > Version: 3.1~201608131257-1
> > Severity: serious
> > Justification: fails to build from source
> [...]
> > The package fails to build:
> [...]
>  May you retry please? It built on a buildd some time ago. But more
> importantly installed a basic Stretch (with empty tasksel options) in
> a QEMU ARM64 machine yesterday evening. It was dist-upgraded to Sid
> and gradm2 was built fine in it.

The build should fail after "apt-get remove libfl-dev".

> Will try the QEMU + pbuilder build as
> well, but you might just got some other, transient problem.

This does not look lika a transient problem:

Recently (in 2.6.1-1.1) flex dropped the dependency on libfl-dev.

RC bugs were filed for packages that now need a build-dependency on 
libfl-dev, but it is possible that gradm2 was missed for some reason.

> Thanks,
> Laszlo/GCS

cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

Bug#849657: [Ceph-maintainers] Bug#849657: ceph: FTBFS on mips(el): g++: virtual memory exhausted: Cannot allocate memory

[Mathieu Malaterre]

On Fri, Dec 30, 2016 at 10:06 AM, Emilio Pozuelo Monfort
 wrote:
> On 29/12/16 20:56, Gaudenz Steinlin wrote:
>>
>> Hi Emilio
>>
>> Emilio Pozuelo Monfort  writes:
>>
>>> Source: ceph
>>> Version: 10.2.5-2
>>> Severity: serious
>>>
>>> Your package failed to build on mips/el:
>>>
>>> g++ -DHAVE_CONFIG_H -I.  -D__CEPH__ -D_FILE_OFFSET_BITS=64 -D_THREAD_SAFE 
>>> -D__STDC_FORMAT_MACROS -D_GNU_SOURCE 
>>> -DCEPH_LIBDIR=\"/usr/lib/mipsel-linux-gnu\" 
>>> -DCEPH_PKGLIBDIR=\"/usr/lib/mipsel-linux-gnu/ceph\" 
>>> -DGTEST_USE_OWN_TR1_TUPLE=0 -D_REENTRANT-Wdate-time -D_FORTIFY_SOURCE=2 
>>> -I/usr/include/nss -I/usr/include/nspr  -Wall -Wtype-limits 
>>> -Wignored-qualifiers -Winit-self -Wpointer-arith -Werror=format-security 
>>> -fno-strict-aliasing -fsigned-char -rdynamic -ftemplate-depth-1024 
>>> -Wnon-virtual-dtor -Wno-invalid-offsetof -O2 -g -pipe -Wall 
>>> -Wp,-U_FORTIFY_SOURCE -Wp,-D_FORTIFY_SOURCE=2 -fexceptions 
>>> --param=ssp-buffer-size=4 -fPIE -fstack-protector-strong  
>>> -Wstrict-null-sentinel -g -O2 -fdebug-prefix-map=/«PKGBUILDDIR»=. 
>>> -fstack-protector-strong -Wformat -Werror=format-security -c -o 
>>> tools/rbd/action/Resize.o tools/rbd/action/Resize.cc
>>> virtual memory exhausted: Cannot allocate memory
>>> Makefile:24792: recipe for target
>>> 'test/encoding/ceph_dencoder-ceph_dencoder.o' failed
>>
>> I already noticed this and tried to contact m...@buildd.debian.org and
>> mip...@buildd.debian.org. Unfortunately nobody responded yet, so I don't
>> know if the message was even received or not. AFAIK these are the
>> correct contact points for buildd issues.
>
> This is not a buildd issue but a porting issue. debian-mips@ldo is better for
> this. Added to Cc.
>
>> I don't think there is much I can do about this bug and I'm not
>> convinced this is a issue in ceph. If the buildds are unable to build
>> the package we can either completely remove ceph for mips/mipsel or try
>> to only build the client part and have a reduced set of packages on
>> these architectures.
>
> IIRC there are some flags you can pass to reduce memory usage. Most notably
> ggc-min-expand (which is going to be changed in GCC itself, but afaik it 
> hasn't
> happened yet). So you could try adding
>
> --param ggc-min-expand=10
>
> to CFLAGS/CXXFLAGS.
>
> I'd try that before thinking about removing the package from mips.

Reducing -O2 to -O1 did solve the issue for openvdb on mips* (kudos Jochen)

https://packages.qa.debian.org/o/openvdb/news/20161224T090717Z.html

Bug#849633: marked as done (virtualbox-dkms: Compiling error when updating kernel)

[Debian Bug Tracking System]

Your message dated Fri, 30 Dec 2016 11:05:54 + (UTC)
with message-id <1615570307.6211139.1483095954...@mail.yahoo.com>
and subject line Re: Bug#849633: virtualbox-dkms: Compiling error when updating 
kernel
has caused the Debian Bug report #849633,
regarding virtualbox-dkms: Compiling error when updating kernel
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
849633: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849633
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: virtualbox-dkms
Version: 4.3.36-dfsg-1+deb8u1
Severity: grave
Justification: renders package unusable

Dear Maintainer,

I updated my kernel via apt. VirtualBox does not work since because of
error when compiling the DKMS modules. This issue persists since a few
kernel updates.

See the log output of /var/lib/dkms/virtualbox/4.3.36/build/make.log
which I have attached.

-- System Information:
Debian Release: 8.6
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.7.0-0.bpo.1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages virtualbox-dkms depends on:
ii  dkms  2.2.1.0+git20160527-1~bpo8+1

Versions of packages virtualbox-dkms recommends:
ii  virtualbox  4.3.36-dfsg-1+deb8u1

virtualbox-dkms suggests no packages.

-- no debconf information
DKMS make.log for virtualbox-4.3.36 for kernel 4.8.0-0.bpo.2-amd64 (x86_64)
Thu Dec 29 10:42:53 CET 2016
make: Entering directory '/usr/src/linux-headers-4.8.0-0.bpo.2-amd64'
  LD  /var/lib/dkms/virtualbox/4.3.36/build/built-in.o
  LD  /var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/built-in.o
  CC [M]  /var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/linux/SUPDrv-linux.o
  CC [M]  /var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/SUPDrv.o
  CC [M]  /var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/SUPDrvTracer.o
  CC [M]  /var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/SUPDrvSem.o
  CC [M]  /var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/alloc-r0drv.o
  CC [M]  /var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/initterm-r0drv.o
  CC [M]  /var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/memobj-r0drv.o
  CC [M]  
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/mpnotification-r0drv.o
  CC [M]  
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/powernotification-r0drv.o
  CC [M]  
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/assert-r0drv-linux.o
  CC [M]  
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/alloc-r0drv-linux.o
  CC [M]  
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/initterm-r0drv-linux.o
  CC [M]  
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/memobj-r0drv-linux.o
  CC [M]  
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/memuserkernel-r0drv-linux.o
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/memobj-r0drv-linux.c: 
In function ‘rtR0MemObjNativeFree’:
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/memobj-r0drv-linux.c:581:21:
 error: implicit declaration of function ‘page_cache_release’ 
[-Werror=implicit-function-declaration]
 page_cache_release(pMemLnx->apPages[iPage]);
 ^
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/memobj-r0drv-linux.c: 
In function ‘rtR0MemObjNativeLockUser’:
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/memobj-r0drv-linux.c:1032:29:
 warning: passing argument 1 of ‘get_user_pages’ makes integer from pointer 
without a cast
 rc = get_user_pages(pTask,  /* Task for fault 
accounting. */
 ^
In file included from 
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/the-linux-kernel.h:88:0,
 from 
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/memobj-r0drv-linux.c:31:
/usr/src/linux-headers-4.8.0-0.bpo.2-common/include/linux/mm.h:1315:6: note: 
expected ‘long unsigned int’ but argument is of type ‘struct task_struct *’
 long get_user_pages(unsigned long start, unsigned long nr_pages,
  ^
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/memobj-r0drv-linux.c:1033:29:
 warning: passing argument 2 of ‘get_user_pages’ makes integer from pointer 
without a cast
 pTask->mm,  /* Whose pages. */
 ^
In file included from 
/var/lib/dkms/virtualbox/4.3.36/build/vboxdrv/r0drv/linux/the-linux-kernel.h:88:0,
 from 

Processed: gocryptfs was not built on arm64 before

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> severity 849662 important
Bug #849662 [src:gocryptfs] gocryptfs: FTBFS on arm64: panic: page size 
incorrect: 65536
Severity set to 'important' from 'serious'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
849662: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849662
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: severity of 846020 is important

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> severity 846020 important
Bug #846020 [src:ruby-clockwork] ruby-clockwork: FTBFS 
(Clockwork::DatabaseEvents::SyncPerformer::setup::when fails)
Severity set to 'important' from 'serious'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
846020: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=846020
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#846020: ruby-clockwork: FTBFS (Clockwork::DatabaseEvents::SyncPerformer::setup::when fails)

[李健秋]

Package: ruby-clockwork
Followup-For: Bug #846020

Attach a patch to disable this specific test that randomly fails on
havey load machine.

Best regards,
-Andrew
Description: Disable test due to randomly fails on heavy load machine
Bug-Debian: https://bugs.debian.org/846020
Reviewed-By: Andrew Lee (李健秋) 
Last-Update: <2016-12-30>

--- ruby-clockwork-1.2.0.orig/test/database_events/sync_performer_test.rb
+++ /dev/null
@@ -1,291 +0,0 @@
-require "minitest/autorun"
-require 'mocha/setup'
-require 'time'
-require 'active_support/time'
-
-require_relative '../../lib/clockwork'
-require_relative '../../lib/clockwork/database_events'
-require_relative 'test_helpers'
-
-describe Clockwork::DatabaseEvents::SyncPerformer do
-  before do
-@now = Time.now
-DatabaseEventModel.delete_all
-DatabaseEventModel2.delete_all
-
-Clockwork.manager = @manager = Clockwork::DatabaseEvents::Manager.new
-class << @manager
-  def log(msg); end # silence log output
-end
-  end
-
-  after do
-Clockwork.clear!
-  end
-
-  describe "setup" do
-before do
-  @subject = Clockwork::DatabaseEvents::SyncPerformer
-end
-
-describe "arguments" do
-  it 'raises argument error if model is not set' do
-error = assert_raises KeyError do
-  @subject.setup(every: 1.minute) {}
-end
-assert_equal error.message, ":model must be set to the model class"
-  end
-
-  it 'raises argument error if every is not set' do
-error = assert_raises KeyError do
-  @subject.setup(model: DatabaseEventModel) {}
-end
-assert_equal error.message, ":every must be set to the database sync frequency"
-  end
-end
-
-describe "when database reload frequency is greater than model frequency period" do
-  before do
-@events_run = []
-@sync_frequency = 1.minute
-  end
-
-  it 'fetches and registers event from database' do
-DatabaseEventModel.create(:frequency => 10)
-setup_sync(model: DatabaseEventModel, :every => @sync_frequency, :events_run => @events_run)
-
-tick_at(@now, :and_every_second_for => 1.second)
-
-assert_equal ["DatabaseEventModel:1"], @events_run
-  end
-
-  it 'fetches and registers multiple events from database' do
-DatabaseEventModel.create(:frequency => 10)
-DatabaseEventModel.create(:frequency => 10)
-setup_sync(model: DatabaseEventModel, :every => @sync_frequency, :events_run => @events_run)
-
-tick_at(@now, :and_every_second_for => 1.second)
-
-assert_equal ["DatabaseEventModel:1", "DatabaseEventModel:2"], @events_run
-  end
-
-  it 'does not run event again before frequency specified in database' do
-model = DatabaseEventModel.create(:frequency => 10)
-setup_sync(model: DatabaseEventModel, :every => @sync_frequency, :events_run => @events_run)
-
-tick_at(@now, :and_every_second_for => model.frequency - 1.second)
-assert_equal 1, @events_run.length
-  end
-
-  it 'runs event repeatedly with frequency specified in database' do
-model = DatabaseEventModel.create(:frequency => 10)
-setup_sync(model: DatabaseEventModel, :every => @sync_frequency, :events_run => @events_run)
-
-tick_at(@now, :and_every_second_for => (2 * model.frequency) + 1.second)
-
-assert_equal 3, @events_run.length
-  end
-
-  it 'runs reloaded events from database repeatedly' do
-model = DatabaseEventModel.create(:frequency => 10)
-setup_sync(model: DatabaseEventModel, :every => @sync_frequency, :events_run => @events_run)
-
-tick_at(@now, :and_every_second_for => @sync_frequency - 1)
-model.update(:name => "DatabaseEventModel:1:Reloaded")
-tick_at(@now + @sync_frequency, :and_every_second_for => model.frequency * 2)
-
-assert_equal ["DatabaseEventModel:1:Reloaded", "DatabaseEventModel:1:Reloaded"], @events_run[-2..-1]
-  end
-
-  it 'updates modified event frequency with event reloading' do
-model = DatabaseEventModel.create(:frequency => 10)
-setup_sync(model: DatabaseEventModel, :every => @sync_frequency, :events_run => @events_run)
-
-tick_at(@now, :and_every_second_for => @sync_frequency - 1.second)
-model.update(:frequency => 5)
-tick_at(@now + @sync_frequency, :and_every_second_for => 6.seconds)
-
-# model runs at: 1, 11, 21, 31, 41, 51 (6 runs)
-# database sync happens at: 60
-# modified model runs at: 61 (next tick after reload) and then 66 (2 runs)
-assert_equal 8, @events_run.length
-  end
-
-  it 'stoped running deleted events from database' do
-model = DatabaseEventModel.create(:frequency => 10)
-setup_sync(model: DatabaseEventModel, :every => @sync_frequency, :events_run => @events_run)
-
-tick_at(@now, :and_every_second_for => (@sync_frequency - 1.second))
-before = 

Bug#849217: jruby: FTBFS (sbuild hangs)

[Santiago Vila]

On Fri, Dec 30, 2016 at 01:46:57AM +, Miguel Landaeta wrote:

> Can you provide the full log of the failed build attempt?
>
> I can't reproduce this issue, although I don't use sbuild to build my
> packages but cowbuilder.
> 
> Since I couldn't reproduce the issue with my builder tool of choice,
> I'll setup sbuild later to try again. In the meantine, the full build
> log could be handy.

Some failed build logs here:

https://people.debian.org/~sanvila/jruby/

Note: The first one was made with eatmydata, but after I disabled it
the failure (randomly) keeps happening.

Thanks.

Bug#846748: marked as done (erlang-cowlib: FTBFS: src/cow_multipart.erl:427: crypto:rand_bytes/1 is deprecated and will be removed in a future release; use crypto:strong_rand_bytes/1)

[Debian Bug Tracking System]

Your message dated Fri, 30 Dec 2016 09:48:28 +
with message-id 
and subject line Bug#846748: fixed in erlang-cowlib 1.3.0-2
has caused the Debian Bug report #846748,
regarding erlang-cowlib: FTBFS: src/cow_multipart.erl:427: crypto:rand_bytes/1 
is deprecated and will be removed in a future release; use 
crypto:strong_rand_bytes/1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
846748: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=846748
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: erlang-cowlib
Version: 1.3.0-1
Severity: serious
Tags: stretch sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20161202 qa-ftbfs
Justification: FTBFS on amd64

Hi,

During a rebuild of all packages in sid, your package failed to build on
amd64.

Relevant part (hopefully):
>  debian/rules build
> dh build
>dh_testdir
>dh_update_autotools_config
>dh_auto_configure
>debian/rules override_dh_auto_build
> make[1]: Entering directory '/<>'
> dh_auto_build
>   make -j1
> make[2]: Entering directory '/<>'
>  ERLC   cow_multipart.erl cow_http_hd.erl cow_ws.erl cow_http.erl 
> cow_spdy.erl cow_cookie.erl cow_mimetypes.erl cow_http_te.erl cow_qs.erl 
> cow_date.erl
> compile: warnings being treated as errors
> src/cow_multipart.erl:427: crypto:rand_bytes/1 is deprecated and will be 
> removed in a future release; use crypto:strong_rand_bytes/1
> erlang.mk:359: recipe for target 'ebin/cowlib.app' failed
> make[3]: *** [ebin/cowlib.app] Error 1

The full build log is available from:
   http://aws-logs.debian.net/2016/12/02/erlang-cowlib_1.3.0-1_unstable.log

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on EC2 VM instances from
Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
failed build was retried once to eliminate random failures.
--- End Message ---
--- Begin Message ---
Source: erlang-cowlib
Source-Version: 1.3.0-2

We believe that the bug you reported is fixed in the latest version of
erlang-cowlib, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 846...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Balint Reczey  (supplier of updated erlang-cowlib 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 30 Dec 2016 10:33:15 +0100
Source: erlang-cowlib
Binary: erlang-cowlib
Architecture: source
Version: 1.3.0-2
Distribution: unstable
Urgency: medium
Maintainer: LeoFS maintainers team 
Changed-By: Balint Reczey 
Description:
 erlang-cowlib - Erlang library for manipulating web protocols
Closes: 846748
Changes:
 erlang-cowlib (1.3.0-2) unstable; urgency=medium
 .
   * Use crypto:strong_rand_bytes/1 instead of rypto:rand_bytes/1
 (Closes: #846748)
Checksums-Sha1:
 268fd3d8f82cdfc9e3183a7398eb6f03d2eed45f 2077 erlang-cowlib_1.3.0-2.dsc
 6fedb70c7108f8d9be2c7a62732e4b923cbd8f08 3152 
erlang-cowlib_1.3.0-2.debian.tar.xz
Checksums-Sha256:
 749757776e8140a24cf41114c4450ba8917dac00abf560623aa45cdb40d8a545 2077 
erlang-cowlib_1.3.0-2.dsc
 e27e8add7cf82d178544eb753cb4f39d8db5be18b614f2a39e5ceb17013d6aaa 3152 
erlang-cowlib_1.3.0-2.debian.tar.xz
Files:
 3a29ac4daaa33778b63844818af582d8 2077 devel optional erlang-cowlib_1.3.0-2.dsc
 c4782503a6f89882751cac44c853607f 3152 devel optional 
erlang-cowlib_1.3.0-2.debian.tar.xz

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBCAAGBQJYZiotAAoJEPZk0la0aRp9qsEP/3h4InEINeO0n+6OtNkjNn+I
lhOMJIISTGrzA5cjT53vJlif7OHTA7YxLn8IljuQF9qJmlzxL+CTG7wbJK9hR/Wq
/uC6f4pAzYD1TmRs6P+ZwoTJURexa+AWHYxxR0izF7UiqRAkebaH3TUp18sGsODE
2kI+e4E+Oxmr4pxArggaDBdcBD7604kotveqmA49qXshBSwcYVs/uGdpLDMLSTz8
CrXPpjSkeYlKByv3RvC3JX/xKJF7wSqjdJ/glzS6jHzilYH071yG629Rt0FvcMmx
4eNEUj/GHB98FJ5ihOvcG2tENCfKdshFR5Cg344YgsWklPvzbVLCW44thvtgd6ff
C0S5WX34EZfGoGph/rwJxLt/S5yqC3wCWkZ75Pf4byFs3EXfla+uedFgGizkYsXw
fDBzVdmE59eYeGT7YxXHcuGk+RZXcN4VfTzcN0x1d3JyUcoej7NIl3m0vui5ZR9C

Bug#849657: [Ceph-maintainers] Bug#849657: ceph: FTBFS on mips(el): g++: virtual memory exhausted: Cannot allocate memory

[Emilio Pozuelo Monfort]

On 29/12/16 20:56, Gaudenz Steinlin wrote:
> 
> Hi Emilio
> 
> Emilio Pozuelo Monfort  writes:
> 
>> Source: ceph
>> Version: 10.2.5-2
>> Severity: serious
>>
>> Your package failed to build on mips/el:
>>
>> g++ -DHAVE_CONFIG_H -I.  -D__CEPH__ -D_FILE_OFFSET_BITS=64 -D_THREAD_SAFE 
>> -D__STDC_FORMAT_MACROS -D_GNU_SOURCE 
>> -DCEPH_LIBDIR=\"/usr/lib/mipsel-linux-gnu\" 
>> -DCEPH_PKGLIBDIR=\"/usr/lib/mipsel-linux-gnu/ceph\" 
>> -DGTEST_USE_OWN_TR1_TUPLE=0 -D_REENTRANT-Wdate-time -D_FORTIFY_SOURCE=2 
>> -I/usr/include/nss -I/usr/include/nspr  -Wall -Wtype-limits 
>> -Wignored-qualifiers -Winit-self -Wpointer-arith -Werror=format-security 
>> -fno-strict-aliasing -fsigned-char -rdynamic -ftemplate-depth-1024 
>> -Wnon-virtual-dtor -Wno-invalid-offsetof -O2 -g -pipe -Wall 
>> -Wp,-U_FORTIFY_SOURCE -Wp,-D_FORTIFY_SOURCE=2 -fexceptions 
>> --param=ssp-buffer-size=4 -fPIE -fstack-protector-strong  
>> -Wstrict-null-sentinel -g -O2 -fdebug-prefix-map=/«PKGBUILDDIR»=. 
>> -fstack-protector-strong -Wformat -Werror=format-security -c -o 
>> tools/rbd/action/Resize.o tools/rbd/action/Resize.cc
>> virtual memory exhausted: Cannot allocate memory
>> Makefile:24792: recipe for target
>> 'test/encoding/ceph_dencoder-ceph_dencoder.o' failed
> 
> I already noticed this and tried to contact m...@buildd.debian.org and
> mip...@buildd.debian.org. Unfortunately nobody responded yet, so I don't
> know if the message was even received or not. AFAIK these are the
> correct contact points for buildd issues.

This is not a buildd issue but a porting issue. debian-mips@ldo is better for
this. Added to Cc.

> I don't think there is much I can do about this bug and I'm not
> convinced this is a issue in ceph. If the buildds are unable to build
> the package we can either completely remove ceph for mips/mipsel or try
> to only build the client part and have a reduced set of packages on
> these architectures.

IIRC there are some flags you can pass to reduce memory usage. Most notably
ggc-min-expand (which is going to be changed in GCC itself, but afaik it hasn't
happened yet). So you could try adding

--param ggc-min-expand=10

to CFLAGS/CXXFLAGS.

I'd try that before thinking about removing the package from mips.

Cheers,
Emilio

> The second option would have the advantage that no changes to the
> reverse dependencies (notably qemu) are needed.
> 
> Gaudenz
>