Bug#864016: [Pkg-dns-devel] Bug#864016: dns-root-data: Upgrade breaks dnsmasq

[Robert Edmonds]

Robert Luberda wrote:
> Upgraded dns-root-data should declare "Breaks: dnsmasq (<< 2.77-1~)",
> see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863896#15

A "Breaks" doesn't really make sense here. There are only cosmetic
differences between the root.ds file format generated by previous
versions of dns-root-data and the current version in testing/unstable.
If we're going to make another dns-root-data upload for stretch we
should just switch the format to something that dnsmasq in testing can
understand.

Something like this in root.ds would support both the ad hoc sed parsers
in dnsmasq 2.76-5 (testing) and dnsmasq 2.77-1:

. IN DS 19036 8 2 
49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde32f24e8fb5
. IN DS 20326 8 2 
e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d

The attached patch implements this format.

(BTW, I'm not sure what's going on with the just-uploaded sed parser in
dnsmasq 2.77-2. It generates the message "sed: -e expression #1, char
103: Invalid range end" when I try to run it.)

-- 
Robert Edmonds
edmo...@debian.org
>From bf353876ab64a7c3afe9c72ea8019d6df89bbf42 Mon Sep 17 00:00:00 2001
From: Robert Edmonds 
Date: Tue, 6 Jun 2017 00:55:19 -0400
Subject: [PATCH] Change DS creation to omit TTL and use spaces instead of tabs
 (Closes: #864016)

The version of dnsmasq in testing (currently 2.76-5) and which will
apparently be released with stretch uses the following sed parser to
convert the root.ds file in dns-root-data to command-line arguments for
dnsmasq:

sed -e s/". IN DS "/--trust-anchor=.,/ -e s/" "/,/g $ROOT_DS

This chokes on the root.ds file shipped in the dns-root-data 2017041101
package. (See #858506 and #860064.) Consequently dnsmasq 2.77-1 shipped
the following parser:

sed -e s/"^.*DS[\t ]"/--trust-anchor=.,/ -e s/" "/,/g $ROOT_DS

This commit relaxes the format of the root.ds file so that it can be
parsed by the init script in both dnsmasq 2.76-5 and dnsmasq 2.77-1, by
removing the TTL field (which doesn't make much sense for a trust anchor
anyway) and converting the tab characters to spaces. This results in the
following root.ds content:

. IN DS 19036 8 2 49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde32f24e8fb5
. IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d

Both the dnsmasq 2.76-5 and 2.77-1 parsers convert the above root.ds
content to the following dnsmasq command-line arguments:

--trust-anchor=.,19036,8,2,49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde32f24e8fb5
--trust-anchor=.,20326,8,2,e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d

For comparison, previous versions of dns-root-data (before we started
shipping the second trust anchor for the KSK rollover) formatted the
root.ds file like this:

. IN DS 19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5

This commit also adds a workaround in debian/rules to munge the output
of ldns-key2ds so that the diff comparison will succeed.
---
 debian/rules  | 2 +-
 parse-root-anchors.sh | 4 +---
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/debian/rules b/debian/rules
index 16893f5..b697fc0 100755
--- a/debian/rules
+++ b/debian/rules
@@ -18,7 +18,7 @@ override_dh_auto_build:
 	./parse-root-anchors.sh < root-anchors.xml > root-anchors.ds
 
 	# Create key from downloaded root.key
-	/usr/bin/ldns-key2ds -n -2 root.key > root.ds
+	/usr/bin/ldns-key2ds -n -2 root.key | sed -e 's/\t/ /g' -e 's/ 172800//' > root.ds
 
 	# Compare the DS from root.key and from root-anchors.xml
 	diff root-anchors.ds root.ds
diff --git a/parse-root-anchors.sh b/parse-root-anchors.sh
index 3f96d69..4281534 100755
--- a/parse-root-anchors.sh
+++ b/parse-root-anchors.sh
@@ -2,8 +2,6 @@
 
 unset ZONE KTAG ALGO DTYPE DIGEST
 
-TTL=172800
-
 export IFS="="
 xml2 | while read -r KEY VAL; do
 case "$KEY" in
@@ -17,7 +15,7 @@ xml2 | while read -r KEY VAL; do
 		echo "Missing some KeyDigest parameter"
 		exit 1
 	fi
-	printf "%s\t%s\tIN\tDS\t%s %s %s %s\n" "$ZONE" "$TTL" "$KTAG" "$ALGO" "$DTYPE" "$DIGEST"
+	printf "%s IN DS %s %s %s %s\n" "$ZONE" "$KTAG" "$ALGO" "$DTYPE" "$DIGEST"
 	unset KTAG ALGO DTYPE DIGEST
 	;;
 esac
-- 
2.11.0

Bug#846548: marked as pending

[Eric Dorland]

OK, apologies for the delay (and I know we're getting down to the
wire). I just uploaded libp11-openssl1.1 to experimental and of course
it's in NEW. If this looks ok let me know what the next steps are if
we want to try to get it into stretch.

* Julien Cristau (jcris...@debian.org) wrote:
> On 05/30/2017 07:16 AM, Eric Dorland wrote:
> > * Julien Cristau (jcris...@debian.org) wrote:
> >> On 05/29/2017 03:15 AM, Eric Dorland wrote:
> >>> * Julien Cristau (jcris...@debian.org) wrote:
>  On Mon, May 22, 2017 at 03:42:57 +, Eric Dorland wrote:
> 
> > tag 846548 pending
> > thanks
> >
> > Hello,
> >
> > Bug #846548 reported by you has been fixed in the Git repository. You 
> > can
> > see the changelog below, and you can check the diff of the fix at:
> >
> > 
> > https://anonscm.debian.org/cgit/pkg-opensc/libp11.git/commit/?id=e8d6da0
> >
>  So, erm.  This seems like it would break using libengine-pkcs11-openssl
>  in an application using libssl1.0.2.  As a SONAME bump it also seems
>  rather inappropriate during the freeze.
> >>>
> >>> That's a good point. I was trying to provide an alternative to the
> >>> broken NMU that was going to be uploaded, but yes this will break
> >>> applications built against libssl1.0.2. It does fix using this with
> >>> the openssl tool however.
> >>>
> >> Right.
> >>
>  I'm very interested in having this fixed in stretch so I can get the
>  secure-boot stuff working on ftp-master, but this doesn't look like the
>  way to go.  Not to mention that you'd have to justify the bump from
>  0.4.3 to 0.4.4.
> 
>  Can you explain your plans here?
> >>>
> >>> As you suggested in your followup, the way forward would appear to be
> >>> to upload a new libp11 source package that builds against
> >>> libssl1.0.2. I can also backport all of the changes to 0.4.3 and
> >>> upload to testing-proposed-updates. Does that sound reasonable?
> >>>
> >> Having read through the 0.4.4 changes I think I'd be ok with getting
> >> that in if you're confident.  I guess the other question is should
> >> libp11-dev come from the openssl1.1-using package or the
> >> openssl1.0.2-using one.  At this late stage I guess it's safer to stay
> >> with 1.0.2, and have the libp11-openssl1.1 package (or however it's
> >> called) only provide a libengine-pkcs11-openssl1.1 binary?
> > 
> > OK, I like this plan. We should get the naming right going forward
> > though for the libengine-pkcs11-openssl1.1 package. Is that how other
> > packages are handling naming when they depend on a particular version
> > of openssl?
> > 
> I'm not sure, to be honest.  I don't know if there are any other similar
> cases right now.  This package name wouldn't survive stretch in any
> case, I guess?
> 
> > I should be able to get fixed uploads to unstable in a couple of days.
> > 
> Nice.  Thanks.
> 
> Cheers,
> Julien

-- 
Eric Dorland 
43CF 1228 F726 FD5B 474C  E962 C256 FBD5 0022 1E93


signature.asc
Description: PGP signature

Bug#863896: Can confirm bugs(s) and fixes

[Paul Tagliamonte]

I got around to doing some network maintaince, and upgraded the
non-critical packages on my router, along with dns-root-data. dnsmasq's
version did not change during this operation.

After restarting dnsmasq, the dhcpd was down, and clients weren't
getting IPs. After digging a bit (set -x on the init script, and
friends), I was able to work back to dns-root-data, and confirmed the
package version did change.

I saw these bugs, and I saw dnsmasq handles this better in sid -
thankfully, I keep sid pinned down for just such a bug :)

I upgraded dnsmasq, and I can confirm clients are happy again.

Hopefully we can push the migration to testing before more folks get
caught in this (although, I guess folks who run their own dhcpd tend to
be able to find bug reports such as this -- hey there, other nerds!)

Thanks for the fix, and thanks for maintaining these packages,
  Paul

-- 


signature.asc
Description: PGP signature

Bug#863890: dblatex: postrm fails on jessie to stretch upgrade

[Norbert Preining]

> If you can't say immediately "oh, this will clearly break things", and
> mixing 2014+2016 is merely an unsupported configuration, I would ignore

Thanks, I will ignore it. All files in the package are replaced,
besides maybe some files in /usr/share/doc/, so nothing that will
influence typesetting.

Thanks and all the best

Norbert

--
PREINING Norbert   http://www.preining.info
Accelia Inc. +JAIST +TeX Live +Debian Developer
GPG: 0x860CDC13   fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13

Bug#864224: sisu-pdf: switch dependency from texlive-math-extra to texlive-science

[Ralph Amissah]

Andreas, thank you,
Ralph

On Mon, Jun 5, 2017 at 4:59 PM, Andreas Beckmann  wrote:
> Followup-For: Bug #864224
> Control: tag -1 patch pending
>
> Hi,
>
> I just uploaded a 0-day NMU directly to sid, s.t. this can still reach
> stretch r0.
>
>
> Andreas

Bug#863890: dblatex: postrm fails on jessie to stretch upgrade

[Andreas Beckmann]

On 2017-06-06 00:38, Norbert Preining wrote:
> Hi Andreas,
> 
>>   install ok installed   texlive-latex-base  texlive-latex-base  
>> 2016.20170123-5
>>   install ok installed   texlive-math-extra  texlive-math-extra  
>> 2014.20141024-1
> 
> Interesting. Thanks for the information.
> What do you think should be done for stretch? Should I prepare new
> packages and try to get them into stretch? Doesn't look too promising
> at that late time.

If you can't say immediately "oh, this will clearly break things", and
mixing 2014+2016 is merely an unsupported configuration, I would ignore
it. Maybe queue it in case you need to do a stretch-pu at some point.
I don't expect this to happen frequently ... with the 5 packages now all
dependening on texlive-science instead of texlive-math-extra, this
occurrence is gone. So now maybe the only way to achieve the mismatch is
to perform partial upgrades. I don't want to search for them. Too many
possibilities. :-)


Andreas

Processed: Re: Bug#864269: radvd: FTFBS in sid (but not in stretch)

[Debian Bug Tracking System]

Processing control commands:

> severity -1 serious
Bug #864269 [radvd] radvd: FTFBS in sid (but not in stretch)
Severity set to 'serious' from 'important'

-- 
864269: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864269
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: closing 838858

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> close 838858
Bug #838858 [firmware-amd-graphics] firmware-amd-graphics: missing SI/CI smc 
firmware files
Bug #843061 [firmware-amd-graphics] radeon/hawaii_k_smc.bin fails to load with 
4.8 kernel
Bug #844605 [firmware-amd-graphics] X11 segfault with AMD GPU since 4.8.x / 
Firmware issue
Marked Bug as done
Marked Bug as done
Marked Bug as done
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
838858: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838858
843061: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=843061
844605: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844605
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#864225: marked as done (lhs2tex: switch dependency from texlive-math-extra to texlive-science)

[Debian Bug Tracking System]

Your message dated Mon, 05 Jun 2017 22:49:13 +
with message-id 
and subject line Bug#864225: fixed in lhs2tex 1.19-5
has caused the Debian Bug report #864225,
regarding lhs2tex: switch dependency from texlive-math-extra to texlive-science
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
864225: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864225
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: lhs2tex
Version: 1.19-4
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

texlive-math-extra is a real package in jessie but a virtual package
provided by texlive-science in stretch. That causes a hard time for apt
and it will likely remove lhs2tex instead of installing texlive-science
during jessie->stretch upgrades.


Andreas
--- End Message ---
--- Begin Message ---
Source: lhs2tex
Source-Version: 1.19-5

We believe that the bug you reported is fixed in the latest version of
lhs2tex, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 864...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Joachim Breitner  (supplier of updated lhs2tex package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Mon, 05 Jun 2017 12:28:59 -0400
Source: lhs2tex
Binary: lhs2tex
Architecture: source
Version: 1.19-5
Distribution: unstable
Urgency: high
Maintainer: Debian Haskell Group 

Changed-By: Joachim Breitner 
Description:
 lhs2tex- Generates LaTeX code from literate Haskell sources
Closes: 864225
Changes:
 lhs2tex (1.19-5) unstable; urgency=high
 .
   * Depend on texlive-science (closes: #864225)
Checksums-Sha1:
 1d1fb02e4349e61d417f3fe609523e8dbfc8ca8e 2047 lhs2tex_1.19-5.dsc
 4594568253de052b36c80d0d77a46d7c52c6629d 6592 lhs2tex_1.19-5.debian.tar.xz
 e30915f7919b099640c961efb7989c35652aeeb1 4910 lhs2tex_1.19-5_amd64.buildinfo
Checksums-Sha256:
 83c3104e59085edb5363bb63f316ceb20be3a23feea235c8c5f41a2ef01e8879 2047 
lhs2tex_1.19-5.dsc
 dc1cb7e363b656e153b103c0d32a1eae7a9f105bcc2fc3164dae132ea007908e 6592 
lhs2tex_1.19-5.debian.tar.xz
 faf77a563fa5a2c7f0d5bc5787560c91642edb83473f1ad35060ad7619b391c7 4910 
lhs2tex_1.19-5_amd64.buildinfo
Files:
 d55ccb3107e36d1438e2926fd8e1a92a 2047 haskell optional lhs2tex_1.19-5.dsc
 e3f69ad82e6c656b33b06d23d6768c08 6592 haskell optional 
lhs2tex_1.19-5.debian.tar.xz
 2fa135a6750c520cbfc8c7a4ad045fa8 4910 haskell optional 
lhs2tex_1.19-5_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEGkYIf5Vdk8V8YFcbPZCKs/D79R8FAlk13c4ACgkQPZCKs/D7
9R/JJxAAn/25EUs9OkEZRHiRVDAJgM+aDV+MygUBFIIy4/RpxRc5L8fOE1PpKZ/x
1S7DbxnHDBSHSsxHcbv0t2+eM6dfy/qpu3bgz+gZOr0S1l3z4aFBsgJ+NNfi2bGL
dfpCQFSIPK1GgcyBM3vVoIxEtyKwYwj3W1mXwVj4IfCABy/HuO8rlunu8kx6uPqI
FS6pNsjXYrehPuYo2bXjF2dS7IGagtEKAHeH0TRkFIY8M7sMFz394Htj0Mmdtn66
cP+MciUJsleYVm242LMGVy8dEZ847kdpQRf5xD4reuuqLbKyl6wasDL9k7TNHv4W
wnbG/3/p3KHS40YhtxH7W9yhiiGTFjU0qhW0IXAaal/9YYBcS/Z8y7JIgOsZn5yj
4XLLXThmF95s2Jv0z9Holw7DK0uFDdpYmGzJAPt7eq21QBiNDPCKLpoOogaUesKL
0umdLHKaftLSQ9Q7C5roJECVSDFBF3fR37Zh+oLvSOL5vvA3d3YF7hVWtQX7W7tK
5oh55nHtGJCLsrRhfnZ5Nhk/BKrgRM9VMmVf35zHC4DvPAKZB8PRSnJNMWefSHBd
ENVidP7GKqPBDB+44bfKayjhTOuALa7mHCtJUnBXu62bz+2+DzNLtqjiVbF6wGDP
WZoOCp938bmaM3aG1LZRpcrBbWxNVwcDK676iZAevd5pI2siV6M=
=Yy2C
-END PGP SIGNATURE End Message ---

Bug#863890: dblatex: postrm fails on jessie to stretch upgrade

[Norbert Preining]

Hi Andreas,

>   install ok installedtexlive-latex-base  texlive-latex-base  
> 2016.20170123-5
>   install ok installedtexlive-math-extra  texlive-math-extra  
> 2014.20141024-1

Interesting. Thanks for the information.
What do you think should be done for stretch? Should I prepare new
packages and try to get them into stretch? Doesn't look too promising
at that late time.

Norbert

--
PREINING Norbert   http://www.preining.info
Accelia Inc. +JAIST +TeX Live +Debian Developer
GPG: 0x860CDC13   fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13

Bug#863927: qtwebengine-opensource-src: FTBFS: memory exhausted

[Sandro Knauß]

Moin,

thanks for your work! I'll added the NMU patch to the git repo too.

Best regards,

sandro

--
On Montag, 5. Juni 2017 22:28:10 CEST Adrian Bunk wrote:
> On Mon, Jun 05, 2017 at 10:44:59AM +0200, Rene Engelhard wrote:
> >...
> >
> > This looks unnecessarily ugly to me (or I miss something). Why not use
> > dpkg-buildflags' mechanism for this? See e.g.
> >
> >...
> >
> > In this case maybe _APPEND -g1 (if you don't do the _STRIP)
> 
> Thanks, your _APPEND suggestion is much better than my original patch.
> 
> Sandro, the debdiff of my upload is attached.
> 
> > Regards,
> > 
> > Rene
> 
> cu
> Adrian



signature.asc
Description: This is a digitally signed message part.

Processed: Re: libterralib: superfluous Conflicts/Replaces on libterralib3 cause problems on upgrades to stretch

[Debian Bug Tracking System]

Processing control commands:

> tag -1 patch
Bug #863885 [libterralib] libterralib: superfluous Conflicts/Replaces on 
libterralib3 cause problems on upgrades to stretch
Added tag(s) patch.

-- 
863885: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863885
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#863885: libterralib: superfluous Conflicts/Replaces on libterralib3 cause problems on upgrades to stretch

[Andreas Beckmann]

Followup-For: Bug #863885
Control: tag -1 patch

Hi,

I just filed a jessie-pu request with the attached patch.
I plan to NMU libterralib for jessie to get this fixed in the next point
release.


Andreas
>From dc64a1dbcc9aaa2b3927fd4883e52ad7560b6e52 Mon Sep 17 00:00:00 2001
From: Andreas Beckmann 
Date: Mon, 5 Jun 2017 23:12:34 +0200
Subject: [PATCH] remove superfluous Conflicts/Replaces: libterralib3

---
 debian/changelog | 8 
 debian/control   | 4 ++--
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 7963767..2dc6e2f 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+libterralib (4.3.0+dfsg.1-2+deb8u1) jessie; urgency=medium
+
+  * Non-maintainer upload.
+  * Remove superfluous Conflicts/Replaces: libterralib3 since that causes
+problems upgrading to stretch which has that package.  (Closes: #863885)
+
+ -- Andreas Beckmann   Mon, 05 Jun 2017 23:06:46 +0200
+
 libterralib (4.3.0+dfsg.1-2) unstable; urgency=medium
 
   * Remove libjpeg8-dev dependency; just use libjpeg-dev.
diff --git a/debian/control b/debian/control
index bc4a29c..72564ba 100644
--- a/debian/control
+++ b/debian/control
@@ -37,8 +37,8 @@ Multi-Arch: same
 Depends: ${shlibs:Depends}, ${misc:Depends}
 Pre-Depends: ${misc:Pre-Depends}
 Suggests: libterralib-doc (= ${binary:Version})
-Conflicts: libterralib1c2a, libterralib3
-Replaces: libterralib1c2a, libterralib3
+Conflicts: libterralib1c2a
+Replaces: libterralib1c2a
 Description: C++ library for Geographical Information Systems
  TerraLib enables quick development of custom-built geographical applications
  using spatial databases. As a research tool, TerraLib  is aimed at providing a
-- 
2.11.0

Bug#864224: marked as done (sisu-pdf: switch dependency from texlive-math-extra to texlive-science)

[Debian Bug Tracking System]

Your message dated Mon, 05 Jun 2017 21:19:14 +
with message-id 
and subject line Bug#864224: fixed in sisu 7.1.9-1.1
has caused the Debian Bug report #864224,
regarding sisu-pdf: switch dependency from texlive-math-extra to texlive-science
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
864224: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864224
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: sisu-pdf
Version: 7.1.9-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

texlive-math-extra is a real package in jessie but a virtual package
provided by texlive-science in stretch. That causes a hard time for apt
and it will likely remove sisu-pdf instead of installing texlive-science
during jessie->stretch upgrades.


Andreas
--- End Message ---
--- Begin Message ---
Source: sisu
Source-Version: 7.1.9-1.1

We believe that the bug you reported is fixed in the latest version of
sisu, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 864...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Beckmann  (supplier of updated sisu package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Mon, 05 Jun 2017 22:44:06 +0200
Source: sisu
Binary: sisu sisu-complete sisu-pdf sisu-postgresql sisu-sqlite
Architecture: source
Version: 7.1.9-1.1
Distribution: unstable
Urgency: medium
Maintainer: SiSU Project 
Changed-By: Andreas Beckmann 
Description:
 sisu   - documents - structuring, publishing in multiple formats and searc
 sisu-complete - installs all SiSU related packages
 sisu-pdf   - dependencies to convert SiSU LaTeX output to pdf
 sisu-postgresql - SiSU dependencies for use with PostgreSQL database
 sisu-sqlite - SiSU dependencies for use with SQLite database
Closes: 864224
Changes:
 sisu (7.1.9-1.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Switch dependency from texlive-math-extra to its successor
 texlive-science to ease upgrades from jessie to stretch.
 (Closes: #864224)
Checksums-Sha1:
 235cd2b17f88c03b8abc77a248069d9fdf281898 2028 sisu_7.1.9-1.1.dsc
 3105ecbf42f3f9441ca4e1a06df6b8b70875780d 73596 sisu_7.1.9-1.1.debian.tar.xz
 ab6b771bc8d62d22eb1a947c66e3b8c00245eb81 5146 sisu_7.1.9-1.1_source.buildinfo
Checksums-Sha256:
 ca19447f2eeea9854f45025ee2cb4b4f4af9e1da65ab3493e4169c9c863d6315 2028 
sisu_7.1.9-1.1.dsc
 9c16b2dd1c285ddf593cb1db911228a5752e63b96e78b797f6c4c59a854b8e27 73596 
sisu_7.1.9-1.1.debian.tar.xz
 8c0196cac57ac149f4f0270b92a47272566ed76deaf5e4ce4b9d874493a2f11d 5146 
sisu_7.1.9-1.1_source.buildinfo
Files:
 9d13bd6834257968c5ab2f6403a8222a 2028 text optional sisu_7.1.9-1.1.dsc
 532b19cebad7aa4e285d7cefd9f478dc 73596 text optional 
sisu_7.1.9-1.1.debian.tar.xz
 7bc2dc4b23ac1faae5d57b44ef15e5c8 5146 text optional 
sisu_7.1.9-1.1_source.buildinfo

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBCAAGBQJZNcVuAAoJEF+zP5NZ6e0IODUP/3CNT1FJrPW3nnAxjuCmupr/
qCemFmkvLGDQ7UlReteltY4yHOzzTPKTLh0qNMROrMqm7Ekt+V1i1pvqmIVJmw7K
Y+hV7j2X9hYZ+WijowNk6EwMCehxPB1TpsrZkVfw6hp8LCs+7p6SwrlH+CdpVBS8
mnMkDFqWn9QBt/udUmg6pikwvdoZsFDT82FGbsoIfn2XsMBNj3IqvtqoRkufcV5U
o9GQTDCVBwyFWxAwkqrRSvJ7P8gRcClW1wjw6VJZPa+9zKXvNs3P1tlTu0Pyr7EW
VxiPhl7PMl0riwexoB0NE69lA0POv1MCb7zkMHxx3QdtHeQCtIdEWDX7yH7YB/x7
Qs9KD2ZCTlxi6jhggy1NVayQ/HxQWPCEosD+gGBYfZ6mVtr2CzBEyJ1+/RJBjFvz
Y60H/U/ucCxlY8ZE2m+psS3VfGgpOtbM/1TLlOHJOYU0XDiymJMnZ33Uqelr6+fQ
hjcALehP0XPzVjvgwqE0ot7bDOtpqAsEf5np1eGAmyj24F9oOZapnyI+xgRmEvY9
ofTNA/cxHTHJMjbSX3aXBG87Q5E8j43P5q41aprwKncIVZC0kEQvZ6pprWZRNVfs
lAFqt5Lu+N42nHqeiF2upN/4MWyUq6FRjncAKzNz83+E3qqCFO+kQd2T7DrStOba
sb66ZqcqgYSMZh3gA3qz
=5tna
-END PGP SIGNATURE End Message ---

Bug#863890: marked as done (postrm fails on jessie to stretch upgrade)

[Debian Bug Tracking System]

Your message dated Mon, 05 Jun 2017 21:04:05 +
with message-id 
and subject line Bug#863890: fixed in dblatex 0.3.9-3
has caused the Debian Bug report #863890,
regarding postrm fails on jessie to stretch upgrade
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
863890: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863890
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: dblatex
Version: 0.3.5-2
Severity: serious

Hi,

When dist-upgrading from jessie to stretch, I've seen this happen on a number
of systems:

Removing dblatex (0.3.5-2) ...
/var/lib/dpkg/info/dblatex.postrm: 44: /var/lib/dpkg/info/dblatex.postrm: 
mktexlsr: not found
dpkg: error processing package dblatex (--remove):
 subprocess installed post-removal script returned error exit status 127
Removing texlive-math-extra (2014.20141024-1) ...
Processing triggers for man-db (2.7.0.2-5) ...
Errors were encountered while processing:
 dblatex
E: Sub-process /usr/bin/dpkg returned an error code (1)

This breaks the upgrade. It might be that we need a fix in jessie,
but I don't honestly know the best fix, as it seems to be about
removing the old package, not installing the new one. I've included a full
transcript below in case it helps:


[long list of downloads]
Fetched 1,549 MB in 1min 8s (22.6 MB/s) 
 
Traceback (most recent call last):
  File "/usr/bin/apt-listchanges", line 250, in 
main()
  File "/usr/bin/apt-listchanges", line 48, in main
debs = apt_listchanges.read_apt_pipeline(config)
  File "/usr/share/apt-listchanges/apt_listchanges.py", line 98, in 
read_apt_pipeline
del filenames[pkg]
KeyError: 'texlive-latex-recommended'
Extracting templates from packages: 100%
Preconfiguring packages ...
Deferring configuration of apt-listchanges until python3 is available
(Reading database ... 109184 files and directories currently installed.)
Preparing to unpack .../libkeyutils1_1.5.9-9_amd64.deb ...
Unpacking libkeyutils1:amd64 (1.5.9-9) over (1.5.9-5+b1) ...
Preparing to unpack .../libk5crypto3_1.15-1_amd64.deb ...
Unpacking libk5crypto3:amd64 (1.15-1) over (1.12.1+dfsg-19+deb8u2) ...
Preparing to unpack .../libgssapi-krb5-2_1.15-1_amd64.deb ...
Unpacking libgssapi-krb5-2:amd64 (1.15-1) over (1.12.1+dfsg-19+deb8u2) ...
Preparing to unpack .../libkrb5-3_1.15-1_amd64.deb ...
Unpacking libkrb5-3:amd64 (1.15-1) over (1.12.1+dfsg-19+deb8u2) ...
Preparing to unpack .../libkrb5support0_1.15-1_amd64.deb ...
Unpacking libkrb5support0:amd64 (1.15-1) over (1.12.1+dfsg-19+deb8u2) ...
Preparing to unpack .../libncurses5-dev_6.0+20161126-1_amd64.deb ...
Unpacking libncurses5-dev:amd64 (6.0+20161126-1) over (5.9+20140913-1+b1) ...
Replacing files in old package ncurses-bin (5.9+20140913-1+b1) ...
Preparing to unpack .../libtinfo-dev_6.0+20161126-1_amd64.deb ...
Unpacking libtinfo-dev:amd64 (6.0+20161126-1) over (5.9+20140913-1+b1) ...
Preparing to unpack .../binutils_2.28-5_amd64.deb ...
Unpacking binutils (2.28-5) over (2.25-5) ...
Preparing to unpack .../libc6-dev_2.24-10_amd64.deb ...
Unpacking libc6-dev:amd64 (2.24-10) over (2.19-18+deb8u6) ...
Preparing to unpack .../libc-dev-bin_2.24-10_amd64.deb ...
Unpacking libc-dev-bin (2.24-10) over (2.19-18+deb8u6) ...
Preparing to unpack .../linux-libc-dev_4.9.25-1_amd64.deb ...
Unpacking linux-libc-dev:amd64 (4.9.25-1) over (3.16.36-1+deb8u1) ...
Preparing to unpack .../libtinfo5_6.0+20161126-1_amd64.deb ...
Unpacking libtinfo5:amd64 (6.0+20161126-1) over (5.9+20140913-1+b1) ...
Processing triggers for libc-bin (2.19-18+deb8u6) ...
Processing triggers for man-db (2.7.0.2-5) ...
Setting up libtinfo5:amd64 (6.0+20161126-1) ...
Processing triggers for libc-bin (2.19-18+deb8u6) ...
(Reading database ... 109283 files and directories currently installed.)
Preparing to unpack .../libncursesw5_6.0+20161126-1_amd64.deb ...
Unpacking libncursesw5:amd64 (6.0+20161126-1) over (5.9+20140913-1+b1) ...
Processing triggers for libc-bin (2.19-18+deb8u6) ...
Setting up libncursesw5:amd64 (6.0+20161126-1) ...
Processing triggers for libc-bin (2.19-18+deb8u6) ...
(Reading database ... 109283 files and directories currently installed.)
Preparing to unpack .../libncurses5_6.0+20161126-1_amd64.deb ...
Unpacking libncurses5:amd64 (6.0+20161126-1) over (5.9+20140913-1+b1) ...
Processing triggers for libc-bin (2.19-18+deb8u6) ...
Setting up libncurses5:amd64 (6.0+20161126-1) ...
Processing triggers for libc-bin (2.19-18+deb8u6) ...
(Reading database ... 109283 files and directories currently 

Processed: Re: sisu-pdf: switch dependency from texlive-math-extra to texlive-science

[Debian Bug Tracking System]

Processing control commands:

> tag -1 patch pending
Bug #864224 [sisu-pdf] sisu-pdf: switch dependency from texlive-math-extra to 
texlive-science
Added tag(s) pending and patch.

-- 
864224: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864224
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#864224: sisu-pdf: switch dependency from texlive-math-extra to texlive-science

[Andreas Beckmann]

Followup-For: Bug #864224
Control: tag -1 patch pending

Hi,

I just uploaded a 0-day NMU directly to sid, s.t. this can still reach
stretch r0.


Andreas
diff -Nru sisu-7.1.9/debian/changelog sisu-7.1.9/debian/changelog
--- sisu-7.1.9/debian/changelog	2016-08-01 03:31:50.0 +0200
+++ sisu-7.1.9/debian/changelog	2017-06-05 22:44:06.0 +0200
@@ -1,3 +1,12 @@
+sisu (7.1.9-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Switch dependency from texlive-math-extra to its successor
+texlive-science to ease upgrades from jessie to stretch.
+(Closes: #864224)
+
+ -- Andreas Beckmann   Mon, 05 Jun 2017 22:44:06 +0200
+
 sisu (7.1.9-1) unstable; urgency=medium
 
   [ Ralph Amissah ]
diff -Nru sisu-7.1.9/debian/control sisu-7.1.9/debian/control
--- sisu-7.1.9/debian/control	2016-08-01 03:31:50.0 +0200
+++ sisu-7.1.9/debian/control	2017-06-05 22:44:06.0 +0200
@@ -83,7 +83,7 @@
 Depends:
  ${misc:Depends}, ruby | ruby-interpreter, sisu (= ${source:Version}),
  texlive-latex-base, texlive-fonts-recommended, texlive-generic-recommended,
- texlive-latex-recommended, texlive-latex-extra, texlive-math-extra,
+ texlive-latex-recommended, texlive-latex-extra, texlive-science,
  texlive-xetex, fonts-liberation, lmodern, latex-cjk-all, texlive-lang-cjk
 Suggests: evince | pdf-viewer
 Description: dependencies to convert SiSU LaTeX output to pdf

Processed: found 863742 in libllvm-4.0-ocaml-dev/1:4.0.1~+rc2-1

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> found 863742 libllvm-4.0-ocaml-dev/1:4.0.1~+rc2-1
Bug #863742 [libllvm-4.0-ocaml-dev,libllvm-5.0-ocaml-dev] libllvm-5.0-ocaml-dev 
and libllvm-4.0-ocaml-dev: error when trying to install together
The source libllvm-4.0-ocaml-dev and version 1:4.0.1~+rc2-1 do not appear to 
match any binary packages
Marked as found in versions libllvm-4.0-ocaml-dev/1:4.0.1~+rc2-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
863742: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863742
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: found 863739 in python-clang-4.0/1:4.0.1~+rc2-1

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> found 863739 python-clang-4.0/1:4.0.1~+rc2-1
Bug #863739 [python-clang-4.0,python-clang-5.0] python-clang-5.0 and 
python-clang-4.0: error when trying to install together
The source python-clang-4.0 and version 1:4.0.1~+rc2-1 do not appear to match 
any binary packages
Marked as found in versions python-clang-4.0/1:4.0.1~+rc2-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
863739: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863739
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#854874: marked as done (libbde FTBFS on 32bit: FAIL: test_library.sh)

[Debian Bug Tracking System]

Your message dated Mon, 05 Jun 2017 19:34:43 +
with message-id 
and subject line Bug#854874: fixed in libbde 20170204-2
has caused the Debian Bug report #854874,
regarding libbde FTBFS on 32bit: FAIL: test_library.sh
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
854874: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854874
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: libbde
Version: 20170204-1
Severity: serious

https://buildd.debian.org/status/package.php?p=libbde

...
FAIL: test_library.sh
=

Testing: aes_ccm_encrypted_key  (PASS)
Testing: error  (PASS)
Testing: io_handle  (PASS)
Testing: key  (PASS)
Testing: key_protector  (PASS)
./test_runner.sh: line 383: 25346 Segmentation fault  ${TEST_EXECUTABLE} 
${ARGUMENTS[@]} 2> /dev/null
Testing: metadata  (FAIL)
FAIL test_library.sh (exit status: 139)
...

Testsuite summary for libbde 20170204

# TOTAL: 3
# PASS:  0
# SKIP:  2
# XFAIL: 0
# FAIL:  1
# XPASS: 0
# ERROR: 0

See tests/test-suite.log
Please report to joachim.m...@gmail.com

Makefile:1262: recipe for target 'test-suite.log' failed
make[4]: *** [test-suite.log] Error 1
--- End Message ---
--- Begin Message ---
Source: libbde
Source-Version: 20170204-2

We believe that the bug you reported is fixed in the latest version of
libbde, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 854...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Hilko Bengen  (supplier of updated libbde package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Mon, 05 Jun 2017 15:07:30 +0200
Source: libbde
Binary: libbde-dev libbde1 libbde-utils libbde-dbg python-libbde python3-libbde
Architecture: source
Version: 20170204-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Forensics 
Changed-By: Hilko Bengen 
Description:
 libbde-dbg - BitLocker Drive Encryption access library -- debug symbols
 libbde-dev - BitLocker Drive Encryption access library -- development files
 libbde-utils - Tools to access the BitLocker Drive Encryption format.
 libbde1- BitLocker Drive Encryption access library
 python-libbde - BitLocker Drive Encryption access library -- Python 2 bindings
 python3-libbde - BitLocker Drive Encryption access library -- Python 3 bindings
Closes: 854874
Changes:
 libbde (20170204-2) unstable; urgency=medium
 .
   * Disable memory tests that caused FTBFS errors on a number of
 architectures (Closes: #854874)
Checksums-Sha1:
 9245e7cba674beb02a18fb768ca05bc03f2f424f 2275 libbde_20170204-2.dsc
 c25f65e26101c392951d860d3ec5ba65effd162e 3940 libbde_20170204-2.debian.tar.xz
 f822e7aa36302ded56f9bef94d7e3d44e6d9a0c0 6374 
libbde_20170204-2_source.buildinfo
Checksums-Sha256:
 8a3e1b1faddcea908aa3f17bd416787845e2955e2779f4158ac495af207aeb91 2275 
libbde_20170204-2.dsc
 afd3dabf345bc410af5cf19d87a84352d4fab5025089245d443297d65997293c 3940 
libbde_20170204-2.debian.tar.xz
 4b7a7f47e4042815fb855b3783598ad5124e9b392f0c8fa34f81bd3d039f87ff 6374 
libbde_20170204-2_source.buildinfo
Files:
 775a04ac221f6171ceb8784ec7efddaa 2275 libs optional libbde_20170204-2.dsc
 da6c14162f8c3ded756c37a588407388 3940 libs optional 
libbde_20170204-2.debian.tar.xz
 610eb2d8e80b6ef71f83a9e79344de27 6374 libs optional 
libbde_20170204-2_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEErnMQVUQqHZbPTUx4dbcQY1whOn4FAlk1rOAACgkQdbcQY1wh
On4CWw//aXE5oDhjxVlYJoZcey9i3kFxAyiieEW3sut4u1ult8PQ0FGnmdtw21CF
9ceqxiEJ9az9UwysVYBL3Vtx4WI+Q6g42/2P0HF2N8vfNlq1HmAupBIvr4TBivHP
jfikX9raIFsrfT44WgulTX1f62UF/j2RX9UdvX8AXP1cH+oEHA59u5zgKq1jZoYz
pJIZTALVBJz4QlwJ4i0sIBo/hspiHC2gStG+vXSc44OQMGd12kzbkemdzSrjtsny
v8U51UvsRwqElRNqJd8PI7ot68DdDWrv2yK732FmCO09KJCaC6AIN7uVXRHC1Jgy

Bug#863927: qtwebengine-opensource-src: FTBFS: memory exhausted

[Adrian Bunk]

On Mon, Jun 05, 2017 at 10:44:59AM +0200, Rene Engelhard wrote:
>...
> This looks unnecessarily ugly to me (or I miss something). Why not use
> dpkg-buildflags' mechanism for this? See e.g.
>...
> In this case maybe _APPEND -g1 (if you don't do the _STRIP)

Thanks, your _APPEND suggestion is much better than my original patch.

Sandro, the debdiff of my upload is attached.

> Regards,
> 
> Rene

cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

diffstat for qtwebengine-opensource-src-5.7.1+dfsg 
qtwebengine-opensource-src-5.7.1+dfsg

 changelog |8 
 rules |8 
 2 files changed, 16 insertions(+)

diff -Nru qtwebengine-opensource-src-5.7.1+dfsg/debian/changelog 
qtwebengine-opensource-src-5.7.1+dfsg/debian/changelog
--- qtwebengine-opensource-src-5.7.1+dfsg/debian/changelog  2017-01-18 
20:08:01.0 +0200
+++ qtwebengine-opensource-src-5.7.1+dfsg/debian/changelog  2017-06-05 
16:16:54.0 +0300
@@ -1,3 +1,11 @@
+qtwebengine-opensource-src (5.7.1+dfsg-6.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Build with -g1 instead of -g on 32bit architectures.
+(Closes: #863927)
+
+ -- Adrian Bunk   Mon, 05 Jun 2017 16:16:54 +0300
+
 qtwebengine-opensource-src (5.7.1+dfsg-6) unstable; urgency=medium
 
   [ Sandro Knauß ]
diff -Nru qtwebengine-opensource-src-5.7.1+dfsg/debian/rules 
qtwebengine-opensource-src-5.7.1+dfsg/debian/rules
--- qtwebengine-opensource-src-5.7.1+dfsg/debian/rules  2017-01-18 
20:00:38.0 +0200
+++ qtwebengine-opensource-src-5.7.1+dfsg/debian/rules  2017-06-05 
16:16:54.0 +0300
@@ -6,6 +6,14 @@
 export NINJAFLAGS=-v
 include /usr/share/dpkg/default.mk
 
+DEB_HOST_ARCH_BITS ?= $(shell dpkg-architecture -qDEB_HOST_ARCH_BITS)
+
+# TODO: properly integrate with the other debug setting
+ifeq (32,$(DEB_HOST_ARCH_BITS))
+   export DEB_CFLAGS_MAINT_APPEND = -g1
+   export DEB_CXXFLAGS_MAINT_APPEND = -g1
+endif
+
 export CFLAGS := $(shell dpkg-buildflags --get CFLAGS) $(shell dpkg-buildflags 
--get CPPFLAGS)
 export CXXFLAGS := $(shell dpkg-buildflags --get CXXFLAGS) $(shell 
dpkg-buildflags --get CPPFLAGS)
 export LDFLAGS := $(shell dpkg-buildflags --get LDFLAGS) -Wl,--as-needed

Bug#852962: ycmd FTBFS on mipsel: test failures

[Christoph Biedl]

James Cowgill wrote...

> On Thu, 1 Jun 2017 00:15:28 +0200 Christoph Biedl

> > Did so, but failed to reproduce the issue on the mipsel porter box.
> > However, the bug seems to manifest when building in a qemu-static
> > chroot. In that scenario however, diagnostic tools like strace
> > fail.
> > 
> > Updates will follow as I get them.
> 
> I've tried this on various mips hardware and I can only seems to fail on
> Loongsons (where is reliably fails 100% of the time). Blacklisting it on
> those machines could be an option given how close to the release we are.

Thanks for looking into this, James. Personally, if such a blacklisting
was acceptable for the release team (Cc:'ed), I was happy to spend the
remaining time on other issues in stretch. Since I still haven't figured
out what actually goes wrong during the test suite, I'd just like to
avoid this package (and its reverse dependencies) fall out of stretch.

Christoph


signature.asc
Description: Digital signature

Processed: Re: Bug#864158: qtcharts-opensource-src: Files wrongly declared as non-free in tarball

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> severity 864158 important
Bug #864158 [src:qtcharts-opensource-src] qtcharts-opensource-src: Files 
wrongly declared as non-free in tarball
Severity set to 'important' from 'serious'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
864158: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864158
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#864158: qtcharts-opensource-src: Files wrongly declared as non-free in tarball

[Lisandro Damián Nicanor Pérez Meyer]

severity 864158 important
thanks

Fixed in https://codereview.qt-project.org/#/c/196447/3//ALL,unified

On 4 June 2017 at 11:35, Lisandro Damián Nicanor Pérez Meyer
 wrote:
> Source: qtcharts-opensource-src
> Version: 5.7.1-3
> Severity: serious
> Justification: Files declared as only commercial
> Forwarded: https://bugreports.qt.io/browse/QTBUG-61126
>
> Files in the tarball has been incorrectly marked as commercial-only
> by upstream.
>
> The files are meant to be DFSG-compatible, so I'll briefly wait for upstream 
> to
> fix this. In case it doesn't happens soon I plan to ask for the source 
> removal.
>
> -- System Information:
> Debian Release: 9.0
>   APT prefers unstable
>   APT policy: (990, 'unstable'), (500, 'unstable-debug'), (500, 
> 'testing-debug'), (500, 'buildd-unstable'), (500, 'testing'), (500, 
> 'stable'), (1, 'experimental-debug')
> Architecture: amd64
>  (x86_64)
> Foreign Architectures: i386
>
> Kernel: Linux 4.9.0-3-amd64 (SMP w/2 CPU cores)
> Locale: LANG=es_AR.UTF-8, LC_CTYPE=es_AR.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/bash
> Init: systemd (via /run/systemd/system)



-- 
Lisandro Damián Nicanor Pérez Meyer
http://perezmeyer.com.ar/
http://perezmeyer.blogspot.com/

Processed: severity of 862053 is serious

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> # otherwise regression from jessie
> severity 862053 serious
Bug #862053 {Done: Craig Small } [wordpress] wordpress: 
CVE-2017-8295
Severity set to 'serious' from 'important'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
862053: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862053
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#864226: marked as done (pycorrfit: switch recommends from texlive-math-extra to texlive-science)

[Debian Bug Tracking System]

Your message dated Mon, 05 Jun 2017 17:04:35 +
with message-id 
and subject line Bug#864226: fixed in pycorrfit 0.9.9+dfsg-2
has caused the Debian Bug report #864226,
regarding pycorrfit: switch recommends from texlive-math-extra to 
texlive-science
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
864226: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864226
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: pycorrfit
Version: 0.9.9+dfsg-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

texlive-math-extra is a real package in jessie but a virtual package
provided by texlive-science in stretch. That causes a hard time for apt
and it will likely remove texlive-math-extra, but not install
texlive-science during jessie->stretch upgrades (with
--install-recommends enabled).


Andreas
--- End Message ---
--- Begin Message ---
Source: pycorrfit
Source-Version: 0.9.9+dfsg-2

We believe that the bug you reported is fixed in the latest version of
pycorrfit, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 864...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Tille  (supplier of updated pycorrfit package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Mon, 05 Jun 2017 18:24:28 +0200
Source: pycorrfit
Binary: pycorrfit
Architecture: source amd64
Version: 0.9.9+dfsg-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Med Packaging Team 

Changed-By: Andreas Tille 
Description:
 pycorrfit  - tool for fitting correlation curves on a logarithmic plot
Closes: 864226
Changes:
 pycorrfit (0.9.9+dfsg-2) unstable; urgency=medium
 .
   * Recommends: s/texlive-math-extra/texlive-science/
 Closes: #864226
Checksums-Sha1:
 70b139a9d17749cf35ad7b3450245d0ec2982112 2392 pycorrfit_0.9.9+dfsg-2.dsc
 b02ec7b4689847f6cedcdf39e56eb01ef4082f34 4144 
pycorrfit_0.9.9+dfsg-2.debian.tar.xz
 8f2a3e78782e4b69cbe894c15016d991cbf84a81 60126 
pycorrfit-dbgsym_0.9.9+dfsg-2_amd64.deb
 08ce6124167ef0f314522db3114d84d0a7d006e5 11563 
pycorrfit_0.9.9+dfsg-2_amd64.buildinfo
 2d42fe050a0a19347a7ca1d9b1ad8a44e3711cef 820034 
pycorrfit_0.9.9+dfsg-2_amd64.deb
Checksums-Sha256:
 c25fc929d979ae389c9466f1413ed4ca14f342ab8c0e32213f7c8990876b26ae 2392 
pycorrfit_0.9.9+dfsg-2.dsc
 6bf3cdf3d47b28b118dd432a4583ed7fb3debd295a535e2aa593520e4082ab5d 4144 
pycorrfit_0.9.9+dfsg-2.debian.tar.xz
 de9450f38d5ffc885db0dca63fb39c44bf42d9261e4e4714728cc8baf0f0c306 60126 
pycorrfit-dbgsym_0.9.9+dfsg-2_amd64.deb
 c265e545cbf86e47b8ca617468d1bdb3b1a6bfcb3b484e34700a1b823376c098 11563 
pycorrfit_0.9.9+dfsg-2_amd64.buildinfo
 0f069657143c5564954143cab6184b03aee185dbaa7465c58a83c0598bf6fe97 820034 
pycorrfit_0.9.9+dfsg-2_amd64.deb
Files:
 6d72ac824d0516ee649012dbfb47d987 2392 python optional 
pycorrfit_0.9.9+dfsg-2.dsc
 cc7a6e3790eb77fe81d5baa9cb75fb0d 4144 python optional 
pycorrfit_0.9.9+dfsg-2.debian.tar.xz
 f74525d3b0659b6f89c1d5e42cf45fe3 60126 debug extra 
pycorrfit-dbgsym_0.9.9+dfsg-2_amd64.deb
 345be7d5193b022821b8768ce84f4c25 11563 python optional 
pycorrfit_0.9.9+dfsg-2_amd64.buildinfo
 b0f737cfe5469fdd6837b880744e0718 820034 python optional 
pycorrfit_0.9.9+dfsg-2_amd64.deb

-BEGIN PGP SIGNATURE-

iQJFBAEBCAAvFiEE8fAHMgoDVUHwpmPKV4oElNHGRtEFAlk1iFYRHHRpbGxlQGRl
Ymlhbi5vcmcACgkQV4oElNHGRtF1jg/+IjCGffPAFoR9UhhC7yadrN2JksZKbkto
RegqdDNGJdyas1Z8/afIzmxvAWmiO4GE3AzdB7d5P7/nltAhMfWBC4v315sbvMWC
SRoRMbhj2xQZO9Pp4h4GS496XNO2ZffJuZ9zvk33gG3UO1uzKwcx/bB5Sj6ohpcH
iSzwM+LfusxL1oRqwdl4o5BuSjTjliR8OsUbGVlsSzmONASQGdI29a12ZjLIE+XO
L7ThOy8h/Ur3bBfGuRTv8zCWykJvW+lIadtpPdO1fF2KQxjcl2ZWmBQhT6+A1NVQ
oHb4SJOYqj/wZKidEhL5/TQp5OPxalOxKMFCaiNzGAYiFR/V4k9+PiripxG/RGgJ
J/yO8ezBrygnYnQy3+9LieNAZTJkLTHTQrSwham+zM/82PP6O3bxeymoe/M9cZ9E
CUIZITL5Ih2lDQhvxPazEZNQA+s8aCeGziiUqIS+D11xLAZYfpcgKKNvCYYbaaQc
GyAoMc5xOSK/3oCdTWJvMoiXUDq766RuCuP7bjOfMk2xp00iux9I+gZgp8Zvx3l+
tH4tjk1KETPw9A0upomjky/IbQF1it97eN4vXj7PtIevI+Hm0X28YEDsaJ6iHZTf
8Mndc+w0VvDMqvjXARbtuQ/kc2E5mohckk//aEq6rCrOx1bvQRIa55iP4mqgyuM2
U9NonafHY+Y=
=cBmZ

Bug#863897: marked as done (sudo: CVE-2017-1000368: Arbitrary terminal access due to issue in parsing /proc/[pid]/stat when process name contains newline)

[Debian Bug Tracking System]

Your message dated Mon, 05 Jun 2017 17:04:40 +
with message-id 
and subject line Bug#863897: fixed in sudo 1.8.19p1-2.1
has caused the Debian Bug report #863897,
regarding sudo: CVE-2017-1000368: Arbitrary terminal access due to issue in 
parsing /proc/[pid]/stat when process name contains newline
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
863897: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863897
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: sudo
Version: 1.8.10p3-1
Severity: important
Tags: patch upstream

Hi

sudo 1.8.20p2 fixes an issue in parsing /proc/[pid]/stat when the
process name contains a newline.

The bug is not exploitable due to the changes in how /dev is traversed
made in sudo 1.8.20p1 for CVE-2017-1000367.

Still it is probably good to have it fixed in a point release as well
for stable releases (or if accepted by the release team as well
targetted for stretch).

Announce:
https://www.sudo.ws/pipermail/sudo-announce/2017-May/000155.html

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: sudo
Source-Version: 1.8.19p1-2.1

We believe that the bug you reported is fixed in the latest version of
sudo, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 863...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso  (supplier of updated sudo package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 05 Jun 2017 14:22:55 +0200
Source: sudo
Binary: sudo sudo-ldap
Architecture: source
Version: 1.8.19p1-2.1
Distribution: stretch
Urgency: high
Maintainer: Bdale Garbee 
Changed-By: Salvatore Bonaccorso 
Closes: 863897
Description: 
 sudo   - Provide limited super user privileges to specific users
 sudo-ldap  - Provide limited super user privileges to specific users
Changes:
 sudo (1.8.19p1-2.1) stretch; urgency=high
 .
   * Non-maintainer upload.
   * Use /proc/self consistently on Linux
   * CVE-2017-1000368: Arbitrary terminal access (Closes: #863897)
Checksums-Sha1: 
 389d97a5450dea0ba937c08514ed2b94bd4ba6eb 2162 sudo_1.8.19p1-2.1.dsc
 aca0feb33f0163911502ee1d0675bb09177e6f95 26228 sudo_1.8.19p1-2.1.debian.tar.xz
Checksums-Sha256: 
 e7bac2de56bdab027eaa0087a15b9558e57f27cfa49de43cac3d8cd5019b932b 2162 
sudo_1.8.19p1-2.1.dsc
 3152691a37e26e26d6829853c607ec6db9aaa1a50a1ea87a4dee2cbecaff29bd 26228 
sudo_1.8.19p1-2.1.debian.tar.xz
Files: 
 fc0e06c179860d8532d80c77aafeb9b6 2162 admin optional sudo_1.8.19p1-2.1.dsc
 296aeafeeef6279358c2d5a68b36eba4 26228 admin optional 
sudo_1.8.19p1-2.1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlk1VJhfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89ETGkP/3t12eGY3DIlamI7OjaCU9QzosEbYbBn
Y0i4U4Hl7yAuId6k3Cg1fJUgXeP6GnadUwR+w5SqsuypSaOM8z2SWuwPjlnoOCow
pkzg+0edOlSCOwTMf1Luj5C5i1ar8w5+zg49ghe3yC3lB9TsBodCsJKHFE5mQNnQ
sKT6dxfD29PqphcpMT7CgznhFWnUssvFxIxOpE1q2NkZK/mFSQANzs6WBnuKhRIn
1Dw6aw9ylwSxU4KS5u2rGShjCaK4tAlLoMN8BX6LC5FQQ2GX8EBpXocBxuZg8YH3
ca7TrhXe3RS1uqdtVIZRfMuIBmY67cXZm9oTQsCS/ymEbiJd6Dm421mwYbjLBB0W
p+37g7e5wwSFo3pcUvq973k40LUCmd7fCw4JoJi/pTOH+1EK33/0rHdgbK+mOYiq
r0Y/QcmAT5OW9kk8IV1jwtMbJKW8JlrnpmaVpOacLPuBwCWOIAIo0gLSN0/OV5Ie
EKSsGq+HKEgs0p4vNuvgNQg4d/sHnqD/0Ck5Ac0gRGRBwJLDqHkqWAUfQ1TOWRRV
aAjiixYBm8PhOHz8X0b+FxpKjEYxMdAV87pR/+V7EvnByMKq+JmILX00aCVleJGB
z4+15vvzAl5yTUQ/dfduy5H61asQdpwJcdkRXrtHp4+0ajg77LD6gC/zHJlG0u2V
f5hxfHB74jPh
=B0ch
-END PGP SIGNATURE End Message ---

Bug#863927: marked as done (qtwebengine-opensource-src: FTBFS: memory exhausted)

[Debian Bug Tracking System]

Your message dated Mon, 05 Jun 2017 16:50:23 +
with message-id 
and subject line Bug#863927: fixed in qtwebengine-opensource-src 5.7.1+dfsg-6.1
has caused the Debian Bug report #863927,
regarding qtwebengine-opensource-src: FTBFS: memory exhausted
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
863927: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863927
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: qtwebengine-opensource-src
Version: 5.7.1+dfsg-6
Severity: serious
Tags: stretch sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20170601-i386 qa-ftbfs
Justification: FTBFS in stretch on i386

Hi,

During a rebuild of all packages in stretch (in a stretch chroot, not a
sid chroot), your package failed to build on i386.

Note that the build node has a lot of RAM, so if memory is really
exhausted, it could mean that it can no longer be built on i386.

Relevant part (hopefully):
> make[1]: Entering directory 
> '/<>/qtwebengine-opensource-src-5.7.1+dfsg'
> dh_link --package=qt5webengine-examples \
>   usr/share/javascript/jquery/jquery.min.js 
> usr/lib/i386-linux-gnu/qt5/examples/webenginewidgets/contentmanipulation/jquery.min.js
>  \
>   usr/share/javascript/marked/marked.min.js 
> usr/lib/i386-linux-gnu/qt5/examples/webenginewidgets/markdowneditor/resources/marked.min.js
> dh_link --remaining-packages
> make[1]: Leaving directory 
> '/<>/qtwebengine-opensource-src-5.7.1+dfsg'
>dh_strip_nondeterminism
>dh_compress
>dh_fixperms
>dh_strip
> objcopy: 
> debian/libqt5webenginecore5/usr/lib/i386-linux-gnu/libQt5WebEngineCore.so.5.7.1:
>  unable to initialize compress status for section .debug_info
> objcopy:debian/libqt5webenginecore5/usr/lib/i386-linux-gnu/libQt5WebEngineCore.so.5.7.1:
>  Memory exhausted
> dh_strip: objcopy --only-keep-debug --compress-debug-sections 
> debian/libqt5webenginecore5/usr/lib/i386-linux-gnu/libQt5WebEngineCore.so.5.7.1
>  
> debian/.debhelper/libqt5webenginecore5/dbgsym-root/usr/lib/debug/.build-id/d4/c82995202e374ab64d53e8f6f30fd1f5f1866f.debug
>  returned exit code 1
> debian/rules:68: recipe for target 'binary' failed
> make: *** [binary] Error 2

The full build log is available from:
   
http://aws-logs.debian.net/2017/06/01/qtwebengine-opensource-src_5.7.1+dfsg-6_testing-i386.log

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on EC2 VM instances from
Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
failed build was retried once to eliminate random failures.
--- End Message ---
--- Begin Message ---
Source: qtwebengine-opensource-src
Source-Version: 5.7.1+dfsg-6.1

We believe that the bug you reported is fixed in the latest version of
qtwebengine-opensource-src, which is due to be installed in the Debian FTP 
archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 863...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Adrian Bunk  (supplier of updated qtwebengine-opensource-src 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 05 Jun 2017 16:16:54 +0300
Source: qtwebengine-opensource-src
Binary: qtwebengine5-dev libqt5webengine5 libqt5webenginecore5 
libqt5webenginewidgets5 libqt5webengine-data qml-module-qtwebengine 
qtwebengine5-examples qtwebengine5-doc qtwebengine5-doc-html
Architecture: source
Version: 5.7.1+dfsg-6.1
Distribution: unstable
Urgency: medium
Maintainer: Debian Qt/KDE Maintainers 
Changed-By: Adrian Bunk 
Description:
 libqt5webengine-data - Web content engine library for Qt
 libqt5webengine5 - Web content engine library for Qt
 libqt5webenginecore5 - Web content engine library for Qt
 libqt5webenginewidgets5 - Web content engine library for Qt
 qml-module-qtwebengine - Qt WebEngine QML module
 qtwebengine5-dev - Web content engine library for Qt - development files
 qtwebengine5-doc - Qt 5 webengine documentation
 qtwebengine5-doc-html - Qt 5 webengine HTML documentation
 

Bug#863931: marked as done (dlang-openssl: FTBFS: build-dependency not installable: ldc)

[Debian Bug Tracking System]

Your message dated Mon, 5 Jun 2017 19:08:06 +0300
with message-id <20170605160806.itewjeg3t2mscnx5@localhost>
and subject line dlang-openssl has been removed from stretch
has caused the Debian Bug report #863931,
regarding dlang-openssl: FTBFS: build-dependency not installable: ldc
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
863931: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863931
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: dlang-openssl
Version: 1.1.5+1.0.1g-1
Severity: serious
Tags: stretch sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20170601-i386 qa-ftbfs
Justification: FTBFS in stretch on i386

Hi,

During a rebuild of all packages in stretch (in a stretch chroot, not a
sid chroot), your package failed to build on i386.

Relevant part (hopefully):
> +--+
> | Install package build dependencies  
>  |
> +--+
> 
> 
> Setup apt archive
> -
> 
> Merged Build-Depends: debhelper (>= 9), ldc | gdc | d-compiler | d-v2-compiler
> Filtered Build-Depends: debhelper (>= 9), ldc
> dpkg-deb: building package 'sbuild-build-depends-dlang-openssl-dummy' in 
> '/<>/resolver-ICq4P5/apt_archive/sbuild-build-depends-dlang-openssl-dummy.deb'.
> dpkg-scanpackages: warning: Packages in archive but missing from override 
> file:
> dpkg-scanpackages: warning:   sbuild-build-depends-core-dummy 
> sbuild-build-depends-dlang-openssl-dummy
> dpkg-scanpackages: info: Wrote 2 entries to output Packages file.
> Ign:1 copy:/<>/resolver-ICq4P5/apt_archive ./ InRelease
> Get:2 copy:/<>/resolver-ICq4P5/apt_archive ./ Release [963 B]
> Ign:3 copy:/<>/resolver-ICq4P5/apt_archive ./ Release.gpg
> Get:4 copy:/<>/resolver-ICq4P5/apt_archive ./ Sources [513 B]
> Get:5 copy:/<>/resolver-ICq4P5/apt_archive ./ Packages [574 B]
> Fetched 2050 B in 0s (176 kB/s)
> Reading package lists...
> Reading package lists...
> 
> Install dlang-openssl build dependencies (apt-based resolver)
> -
> 
> Installing build dependencies
> Reading package lists...
> Building dependency tree...
> Reading state information...
> Some packages could not be installed. This may mean that you have
> requested an impossible situation or if you are using the unstable
> distribution that some required packages have not yet been created
> or been moved out of Incoming.
> The following information may help to resolve the situation:
> 
> The following packages have unmet dependencies:
>  sbuild-build-depends-dlang-openssl-dummy : Depends: ldc but it is not 
> installable
> E: Unable to correct problems, you have held broken packages.
> apt-get failed.

The full build log is available from:
   
http://aws-logs.debian.net/2017/06/01/dlang-openssl_1.1.5+1.0.1g-1_testing-i386.log

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on EC2 VM instances from
Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
failed build was retried once to eliminate random failures.
--- End Message ---
--- Begin Message ---
dlang-openssl has been removed from stretch,
and the problem is not in sid.

cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed--- End Message ---

Bug#863935: marked as done (dlang-libevent: FTBFS: build-dependency not installable: ldc)

[Debian Bug Tracking System]

Your message dated Mon, 5 Jun 2017 19:08:54 +0300
with message-id <20170605160854.gcbfockbsjvezhsr@localhost>
and subject line dlang-libevent has been removed from stretch
has caused the Debian Bug report #863935,
regarding dlang-libevent: FTBFS: build-dependency not installable: ldc
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
863935: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863935
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: dlang-libevent
Version: 2.0.16-1
Severity: serious
Tags: stretch sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20170601-i386 qa-ftbfs
Justification: FTBFS in stretch on i386

Hi,

During a rebuild of all packages in stretch (in a stretch chroot, not a
sid chroot), your package failed to build on i386.

Relevant part (hopefully):
> +--+
> | Install package build dependencies  
>  |
> +--+
> 
> 
> Setup apt archive
> -
> 
> Merged Build-Depends: debhelper (>= 9), ldc | gdc | d-compiler | d-v2-compiler
> Filtered Build-Depends: debhelper (>= 9), ldc
> dpkg-deb: building package 'sbuild-build-depends-dlang-libevent-dummy' in 
> '/<>/resolver-edUPrm/apt_archive/sbuild-build-depends-dlang-libevent-dummy.deb'.
> dpkg-scanpackages: warning: Packages in archive but missing from override 
> file:
> dpkg-scanpackages: warning:   sbuild-build-depends-core-dummy 
> sbuild-build-depends-dlang-libevent-dummy
> dpkg-scanpackages: info: Wrote 2 entries to output Packages file.
> Ign:1 copy:/<>/resolver-edUPrm/apt_archive ./ InRelease
> Get:2 copy:/<>/resolver-edUPrm/apt_archive ./ Release [963 B]
> Ign:3 copy:/<>/resolver-edUPrm/apt_archive ./ Release.gpg
> Get:4 copy:/<>/resolver-edUPrm/apt_archive ./ Sources [514 B]
> Get:5 copy:/<>/resolver-edUPrm/apt_archive ./ Packages [575 B]
> Fetched 2052 B in 0s (156 kB/s)
> Reading package lists...
> Reading package lists...
> 
> Install dlang-libevent build dependencies (apt-based resolver)
> --
> 
> Installing build dependencies
> Reading package lists...
> Building dependency tree...
> Reading state information...
> Some packages could not be installed. This may mean that you have
> requested an impossible situation or if you are using the unstable
> distribution that some required packages have not yet been created
> or been moved out of Incoming.
> The following information may help to resolve the situation:
> 
> The following packages have unmet dependencies:
>  sbuild-build-depends-dlang-libevent-dummy : Depends: ldc but it is not 
> installable
> E: Unable to correct problems, you have held broken packages.
> apt-get failed.

The full build log is available from:
   
http://aws-logs.debian.net/2017/06/01/dlang-libevent_2.0.16-1_testing-i386.log

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on EC2 VM instances from
Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
failed build was retried once to eliminate random failures.
--- End Message ---
--- Begin Message ---
dlang-libevent has been removed from stretch,
and the problem is not in sid.

cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed--- End Message ---

Bug#862531: Bug#862530: aoetools: provide a systemd service to allow proper shutdown of AoE mounts

[Wouter Verhelst]

Control: tags -1 + help

On Thu, May 18, 2017 at 06:41:59PM +0200, Christoph Biedl wrote:
> (At least) AoE devices are handled properly if mounted with the _netdev
> mount option.

... but NBD devices are not. I'm not sure what changed, have been trying
to figure that out for the past week or so. With a line like the
following in fstab...

/dev/nbd0 /mnt _netdev 0 0

...the system will boot properly in jessie, but not in stretch. It used
to work properly in stretch too, at least during dc16 when I wrote the
systemd support.

Not sure what changed, but this is a serious regression from jessie, and
I'd like to see it resolved before the release.

-release: This bug is currently marked as Grave. Not sure whether that's
appropriate, but I do think that "serious" is. However, I don't think
it's my bug, since this used to work.

Anyone have any clue what's happening, or what has changed? I've got no
clue, and I don't think I'll be able to fix this today anymore...

-- 
Help me, off-by-one kenobi. You're my only nought.

Processed: Re: Bug#862531: Bug#862530: aoetools: provide a systemd service to allow proper shutdown of AoE mounts

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + help
Bug #862531 [nbd-client] nbd-client: provide a systemd service to allow proper 
shutdown of NBD mounts
Added tag(s) help.

-- 
862531: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862531
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#864223: marked as done (cadabra: switch dependency from texlive-math-extra to texlive-science)

[Debian Bug Tracking System]

Your message dated Mon, 05 Jun 2017 15:03:52 +
with message-id 
and subject line Bug#864223: fixed in cadabra 1.46-3
has caused the Debian Bug report #864223,
regarding cadabra: switch dependency from texlive-math-extra to texlive-science
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
864223: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864223
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: cadabra
Version: 1.46-2
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

texlive-math-extra is a real package in jessie but a virtual package
provided by texlive-science in stretch. That causes a hard time for apt
and it will likely remove cadabra instead of installing texlive-science
during jessie->stretch upgrades.


Andreas
--- End Message ---
--- Begin Message ---
Source: cadabra
Source-Version: 1.46-3

We believe that the bug you reported is fixed in the latest version of
cadabra, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 864...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Axel Beckert  (supplier of updated cadabra package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Mon, 05 Jun 2017 15:08:56 +0200
Source: cadabra
Binary: cadabra
Architecture: source amd64
Version: 1.46-3
Distribution: unstable
Urgency: high
Maintainer: Debian QA Group 
Changed-By: Axel Beckert 
Description:
 cadabra- field-theory motivated computer algebra system
Closes: 864223
Changes:
 cadabra (1.46-3) unstable; urgency=high
 .
   * QA upload.
   * Switch dependency from virtual package texlive-math-extra to
 texlive-science to ease upgrades from Jessie to Stretch. (Closes:
 #864223)
Checksums-Sha1:
 96405e5d893b88f080110dce5bcaf978c9392885 1993 cadabra_1.46-3.dsc
 b15d99e1601544afd6dc3cb58c41e54bdaa3172f 11356 cadabra_1.46-3.debian.tar.xz
 85cc8d505f3e2f906c6c38683241e4230289fb99 10588 cadabra_1.46-3_amd64.buildinfo
 704393b5070609a021f8f1f7aea45aad5e5c07a7 591068 cadabra_1.46-3_amd64.deb
Checksums-Sha256:
 7b6e9ee3e7957f66e46510883767db1ce0b2395c8ba3aea396b32709a278bc90 1993 
cadabra_1.46-3.dsc
 1d649c8991bc6d461761cfb67685512221511cb6c1bdf00817ae56b47643675f 11356 
cadabra_1.46-3.debian.tar.xz
 83a65a9c8370bcee27858b0beba5f8692d4bc2c7e2453c883d2d9b788f5c9b4e 10588 
cadabra_1.46-3_amd64.buildinfo
 23613d01c9b1e251cb37a51e94213fc0c1c85f58114692053ee279a0198b2297 591068 
cadabra_1.46-3_amd64.deb
Files:
 8a7ad38e983c7ec7c7a8f54fb5e990b8 1993 math optional cadabra_1.46-3.dsc
 699ce2a02c7a57bdd6dd662ee770d999 11356 math optional 
cadabra_1.46-3.debian.tar.xz
 c2eb46247dc30dea6d0178b649e534b5 10588 math optional 
cadabra_1.46-3_amd64.buildinfo
 62e777b7c2ed0d3d98bff9a63e5e7a03 591068 math optional cadabra_1.46-3_amd64.deb

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEERoyJeTtCmBnp12Ema+Zjx1o1yXUFAlk1WYQACgkQa+Zjx1o1
yXXk4w/9Gtu8GKgHfWrwTt5N9VkiIkKHBXw6MBuePPIXectLCd1EXIMsjYgsLymK
S7QPnOgg+q+yanBWFUhTmxuc29CkGE9ssu6iE1eDhC8nNt+BI8pzcdbcGqo/kgJK
JbyU48pon/oxouLwbY20Nfh6wNjwzHdVikNGp953u4TYOWM/Fiqn/U3/IHlIpk9c
PYwKhkYSCVdEeQs3F2g2w76U3rQYMbB9AL715c0koV4K7uWXxxyakIy9cSnZwS4y
8A6ISJI1WYxohAEPKvD8gYr/+mKW9PMRVLdMdJNpsW4DX3WG4SZ7rkjR4oEo3Viy
K2DfboNlJCFJhLPo73w8GJDtfjoxKY5+gAxicUKCQhXIbDgrt638o1m21+HYpm6i
FRhjoZYxMjs2uvrNQgTO5oWOO/ZvJCWNVpfwyILMnHZE2lROFf3GrRSIgD1PzLKb
iLLrFJQ3FDt1/ttetlLbvpSxfvT6t1bTufYBR35lTYbdBqsTeR8fTyWCifKJDbbe
oPpLsja9sizeZlBldn0E06HHcrlxkZDtoFn4uDqieLq9bQYyDM5xhO0DuRvNFiTe
8Iy01FlMSQyjIx0E/cWP2+uLK4kB3zLie9QIhi/1RMmDtp8qZAaLIdBIodHZ+BzC
lN+I1DfVQECWV7Q8WERefkK/OUaRWHfwCIox+2ELqSN3qRRxiGk=
=7ENi
-END PGP SIGNATURE End Message ---

Processed: tag stretch

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tag 860064 + stretch
Bug #860064 {Done: Simon Kelley } [dnsmasq] [dnsmasq] 
startup failue when dns-root-data installed
Bug #863896 {Done: Simon Kelley } [dnsmasq] dnsmasq: 
systemd appends junk to the dnsmasq commandline
Added tag(s) stretch.
Added tag(s) stretch.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
860064: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860064
863896: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863896
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Remove moreinfo tag and adjust severity

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 864204 - moreinfo
Bug #864204 [runit] runit: Removal of runit-init removes /sbin/init breaking 
boot for runit users
Removed tag(s) moreinfo.
> severity 864204 important
Bug #864204 [runit] runit: Removal of runit-init removes /sbin/init breaking 
boot for runit users
Severity set to 'important' from 'grave'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
864204: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864204
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#863890: dblatex: postrm fails on jessie to stretch upgrade

[Andreas Beckmann]

Hi Norbert,

that might be interesting for you: after the jessie2stretch
upgrade of lhs2tex we have a mixture of texlive 2014+2016
packages, so some Breaks might still be missing.

(There is now #864225 against lhs2tex to switch the dependency to
texlive-science, so this reproducer of the problem will go away soon).

On 2017-06-05 14:30, Andreas Beckmann wrote:
>   lhs2tex: texlive-math-extra survives the distupgrade to stretch

https://piuparts.debian.org/jessie2stretch/pass/lhs2tex_1.19-4+b1.log

  install ok installed  texlive-basetexlive-base2016.20170123-5
  install ok installed  texlive-binariestexlive-binaries
2016.20160513.41080.dfsg-1
  install ok installed  texlive-fonts-recommended   
texlive-fonts-recommended   2016.20170123-5
  install ok installed  texlive-latex-base  texlive-latex-base  
2016.20170123-5
  install ok installed  texlive-math-extra  texlive-math-extra  
2014.20141024-1

Andreas

Bug#852962: ycmd FTBFS on mipsel: test failures

[James Cowgill]

Hi,

On Thu, 1 Jun 2017 00:15:28 +0200 Christoph Biedl
 wrote:
> Julien Cristau wrote...
> 
> > On Wed, Feb  1, 2017 at 10:49:34 +0100, Emilio Pozuelo Monfort wrote:
> >
> > > Somehow this has built now:
> > >
> > > https://buildd.debian.org/status/logs.php?pkg=ycmd=0%2B20161219%2Bgit486b809-1=mipsel
> > >
> > > Let's downgrade for now.
> > >
> > Next upload failed again, somebody needs to look at this.
> 
> Did so, but failed to reproduce the issue on the mipsel porter box.
> However, the bug seems to manifest when building in a qemu-static
> chroot. In that scenario however, diagnostic tools like strace
> fail.
> 
> Updates will follow as I get them.

I've tried this on various mips hardware and I can only seems to fail on
Loongsons (where is reliably fails 100% of the time). Blacklisting it on
those machines could be an option given how close to the release we are.

Interestingly I cannot reproduce this bug with qemu-user so I'm not sure
what's going on there.

James



signature.asc
Description: OpenPGP digital signature

Processed: tagging 864223

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 864223 + pending
Bug #864223 [cadabra] cadabra: switch dependency from texlive-math-extra to 
texlive-science
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
864223: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864223
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#863267: marked as done (Miscalculates MigrationHistory dependencies between multiple django apps - regression from 1.8)

[Debian Bug Tracking System]

Your message dated Mon, 05 Jun 2017 13:07:19 +
with message-id 
and subject line Bug#863267: fixed in python-django 1:1.10.7-2
has caused the Debian Bug report #863267,
regarding Miscalculates MigrationHistory dependencies between multiple django 
apps - regression from 1.8
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
863267: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863267
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: python-django
Version: 1:1.10.7-1
Severity: serious
Control: block 847277 by -1
Control: block 863259 by -1

This bug is based on #847277, #863259, and the related
discussion on the debian-backports list.

If upgrading from 1.7 in jessie to 1.10 in stretch is not
fully supported unless upgrading through 1.8, then 1.8 is
required in stretch.

Either in addition to 1.10 (with properly supported and
documented 1.7 -> 1.8 -> 1.10 upgrade paths), or as 2:1.8

If lava-server is in a special situation due to doing
something very uncommon, then this bug should be closed
and the severity of #847277 set back to RC (with the likely
consequence that lava-server won't be part of stretch).
--- End Message ---
--- Begin Message ---
Source: python-django
Source-Version: 1:1.10.7-2

We believe that the bug you reported is fixed in the latest version of
python-django, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 863...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Raphaël Hertzog  (supplier of updated python-django package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 29 May 2017 16:59:51 +0200
Source: python-django
Binary: python-django python3-django python-django-common python-django-doc
Architecture: source all
Version: 1:1.10.7-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Modules Team 

Changed-By: Raphaël Hertzog 
Description:
 python-django - High-level Python web development framework (Python 2 version)
 python-django-common - High-level Python web development framework (common)
 python-django-doc - High-level Python web development framework (documentation)
 python3-django - High-level Python web development framework (Python 3 version)
Closes: 816435 863267
Changes:
 python-django (1:1.10.7-2) unstable; urgency=medium
 .
   * Accept again migrations depending on initial migrations that
 can be fake applied. Closes: #863267
   * Add patch to fix DEP-8 test. Closes: #816435
Checksums-Sha1:
 b6af2b3c4179b5e3dd873ead990eeeb2d6ad3b05 2466 python-django_1.10.7-2.dsc
 088e97e5902be49d7c84c631df0fadf1a1cc1d36 30620 
python-django_1.10.7-2.debian.tar.xz
 073ebccb0a1ca315fbd927d7ba054da6f27c8f29 1514418 
python-django-common_1.10.7-2_all.deb
 c5abfc15772961adfa2a285a3b3c2b600d0d8029 2531148 
python-django-doc_1.10.7-2_all.deb
 752ebde9413948b8ec0624ebf5bbd06d014f64b5 903592 python-django_1.10.7-2_all.deb
 acabdd731c4b330b3a71e9f0a4a250c97a53d2f4 8639 
python-django_1.10.7-2_amd64.buildinfo
 e8257ed94a10722f51c8b88edfa910eb3ac00d2d 885218 python3-django_1.10.7-2_all.deb
Checksums-Sha256:
 8baa6ec3d9e9e76c53dc7fe36e6099c6fada10da391ab13e690014c3f1aa76b9 2466 
python-django_1.10.7-2.dsc
 7a532a367b64032b0edf1ff46f8e4afaf5a6fae9c85d72c31b595794eb14a607 30620 
python-django_1.10.7-2.debian.tar.xz
 04795622a583ffb3af391c0c95fc59260fc34d6f16f55d10531ca1e731fe02a9 1514418 
python-django-common_1.10.7-2_all.deb
 9775f70fbf34cc7a0d64426c00ac6f2ddc59d2c79b2ea0fc7151074ff9cc5e51 2531148 
python-django-doc_1.10.7-2_all.deb
 fb8cb44dcc327868969334e564fe795fcee24da9099c864eaf519806a9c067d7 903592 
python-django_1.10.7-2_all.deb
 01ceadb27a49bb4367a87b121fb5f5dc28dd89184010d05ef467484a06e54575 8639 
python-django_1.10.7-2_amd64.buildinfo
 5b7403fe22a35ad9bfc85469ff6c53a92e61c7f6a88a4f55506e124625ab8814 885218 
python3-django_1.10.7-2_all.deb
Files:
 8e2a95d9b236d38c79379a03df967e1b 2466 python optional 
python-django_1.10.7-2.dsc
 7f5977184a232cc0be5f23deae83a1a8 30620 python optional 
python-django_1.10.7-2.debian.tar.xz
 

Bug#864223: cadabra: switch dependency from texlive-math-extra to texlive-science

[Andreas Beckmann]

On 2017-06-05 15:00, Axel Beckert wrote:
> Hi Andreas,
> 
> Andreas Beckmann wrote:
>> texlive-math-extra is a real package in jessie but a virtual package
>> provided by texlive-science in stretch. That causes a hard time for apt
>> and it will likely remove cadabra instead of installing texlive-science
>> during jessie->stretch upgrades.
> 
> If you haven't started preparing the upload already (nothing can be
> seen in the git repo yet), I'd take care of this.

go ahead, there are 4 similar new bugs in total (plus the original
dblatex one)


Andreas

Bug#864223: cadabra: switch dependency from texlive-math-extra to texlive-science

[Axel Beckert]

Hi Andreas,

Andreas Beckmann wrote:
> texlive-math-extra is a real package in jessie but a virtual package
> provided by texlive-science in stretch. That causes a hard time for apt
> and it will likely remove cadabra instead of installing texlive-science
> during jessie->stretch upgrades.

If you haven't started preparing the upload already (nothing can be
seen in the git repo yet), I'd take care of this.

Regards, Axel
-- 
 ,''`.  |  Axel Beckert , http://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-|  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE

Bug#863897: marked as done (sudo: CVE-2017-1000368: Arbitrary terminal access due to issue in parsing /proc/[pid]/stat when process name contains newline)

[Debian Bug Tracking System]

Your message dated Mon, 05 Jun 2017 12:48:42 +
with message-id 
and subject line Bug#863897: fixed in sudo 1.8.20p1-1.1
has caused the Debian Bug report #863897,
regarding sudo: CVE-2017-1000368: Arbitrary terminal access due to issue in 
parsing /proc/[pid]/stat when process name contains newline
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
863897: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863897
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: sudo
Version: 1.8.10p3-1
Severity: important
Tags: patch upstream

Hi

sudo 1.8.20p2 fixes an issue in parsing /proc/[pid]/stat when the
process name contains a newline.

The bug is not exploitable due to the changes in how /dev is traversed
made in sudo 1.8.20p1 for CVE-2017-1000367.

Still it is probably good to have it fixed in a point release as well
for stable releases (or if accepted by the release team as well
targetted for stretch).

Announce:
https://www.sudo.ws/pipermail/sudo-announce/2017-May/000155.html

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: sudo
Source-Version: 1.8.20p1-1.1

We believe that the bug you reported is fixed in the latest version of
sudo, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 863...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso  (supplier of updated sudo package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 05 Jun 2017 14:19:33 +0200
Source: sudo
Binary: sudo sudo-ldap
Architecture: source
Version: 1.8.20p1-1.1
Distribution: unstable
Urgency: high
Maintainer: Bdale Garbee 
Changed-By: Salvatore Bonaccorso 
Closes: 863897
Description: 
 sudo   - Provide limited super user privileges to specific users
 sudo-ldap  - Provide limited super user privileges to specific users
Changes:
 sudo (1.8.20p1-1.1) unstable; urgency=high
 .
   * Non-maintainer upload.
   * Use /proc/self consistently on Linux
   * CVE-2017-1000368: Arbitrary terminal access (Closes: #863897)
Checksums-Sha1: 
 632b59c58896d36142379c33d11e2d34fe029fdd 2162 sudo_1.8.20p1-1.1.dsc
 f1b0157950c46e859f4a2038322b09aa1f83e2b7 24368 sudo_1.8.20p1-1.1.debian.tar.xz
Checksums-Sha256: 
 a9db40dc5f6c7b318cb4e3dea0263f9c3989c034f107155f437f4766d06b6ff1 2162 
sudo_1.8.20p1-1.1.dsc
 51d76c6cb6d83e6b1dd7598c8fb265344b03593bcefeb5c3d4e4901df8404439 24368 
sudo_1.8.20p1-1.1.debian.tar.xz
Files: 
 472bbc089e135e6d885f7a20a8f0ca54 2162 admin optional sudo_1.8.20p1-1.1.dsc
 1a108f88581121c6c2d07235e355120a 24368 admin optional 
sudo_1.8.20p1-1.1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlk1T+RfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89Ef6EQAJT3sXazYlrbgyjG2Ce7f3BA0Ab1CBRh
IM+MGVJybXmIVa1z0DHSLH27k1gL0cWxq0UG9pXoWgAwNHZv2Fm2HE/UNGZGgLjX
U+63+iQ7mxP0N/jUGNR+/hC0waqxWAHjhTAKYIbYb8IvHm/urgnFYLK/Cxke++w3
ytYp6nIUAboLJozbEp/e1fzGRXzbpuohaC47Fy8kMFsw2C6v9HvbUE5YVmMsCxtt
8buobd0srYvXjjTbU2iDR+UObjrwy8MW+5C0CZDP8HTEk6OkfwaZ4pZwCg8Vikk2
8nCLeL0T6rKB5d73bTmfHAIE8PT51SE1BCerAUu9E5MeCmqk1mGshF/PzzTGMnK9
WS98ZNh/LjneA3MFq2ZEojbO/0JUJ+R5lFFfvB1jR7TSTfInnDQhYJG/rgoytAYA
mzGNkXS/f7x5TWarrsN/yAuLGx7i4f5uIHxX2W97Wt2gOde4xrUN+k/gzNIEYisN
1kUxTOc+QV20wlRvT7USic1vWgBNzJQ6u/ghM+zaRjYNPTPjVlnyRcqbIG3GqqiI
7p5w0fGqE3NglepEo7KZAz6+jMR/2/yN1uchs6HNujn3tLglZq2ALYr65CadAimL
7wZjSKyAdcfxipWunic2M+u3oTzBEZKLQWFbNRniIO/89uzLOJBMi+daDtv/8lWT
ls3GCeSkgSJx
=M9yY
-END PGP SIGNATURE End Message ---

Processed: Re: Bug#864044: pasystray: Segmentation fault on startup (under wayland?)

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> forwarded 864044 https://github.com/christophgysin/pasystray/issues/90
Bug #864044 [pasystray] pasystray: Segmentation fault on startup (under 
wayland?)
Set Bug forwarded-to-address to 
'https://github.com/christophgysin/pasystray/issues/90'.
> severity 864044 important
Bug #864044 [pasystray] pasystray: Segmentation fault on startup (under 
wayland?)
Severity set to 'important' from 'serious'
> --
Stopping processing here.

Please contact me if you need assistance.
-- 
864044: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864044
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#864044: pasystray: Segmentation fault on startup (under wayland?)

[Scott Leggett]

forwarded 864044 https://github.com/christophgysin/pasystray/issues/90
severity 864044 important
--

On 2017-06-03.11:18, Felipe Sateler wrote:
> Package: pasystray
> Version: 0.6.0-1
> Severity: serious
> 
> pasystray crashes on startup when running under gnome wayland:
> 
> #0  0xedc7 in x11_property_init () at x11-property.c:46
> #1  0xb10a in init (settings=0x7fffdf10) at pasystray.c:65
> #2  0x8f63 in main (argc=1, argv=0x7fffe018) at pasystray.c:52
> 
> Turns out the ScreenOfDisplay is NULL. I'm not sure if that is is a
> problem in pasystray usage or X/Wayland. But this effectively makes
> pasystray unusable.

Hi Felipe, thanks for the bug report!

It looks as though wayland is simply unsupported in pasystray. I've
tested it under Gnome with X (the default for stretch), and the bug does
not manifest. For that reason I'm downgrading the severity to important.

I've forwarded the details of this bug and the request for wayland
support on to upstream.

-- 
Regards,
Scott.


signature.asc
Description: PGP signature

Bug#864225: lhs2tex: switch dependency from texlive-math-extra to texlive-science

[Andreas Beckmann]

Package: lhs2tex
Version: 1.19-4
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

texlive-math-extra is a real package in jessie but a virtual package
provided by texlive-science in stretch. That causes a hard time for apt
and it will likely remove lhs2tex instead of installing texlive-science
during jessie->stretch upgrades.


Andreas

Bug#864226: pycorrfit: switch recommends from texlive-math-extra to texlive-science

[Andreas Beckmann]

Package: pycorrfit
Version: 0.9.9+dfsg-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

texlive-math-extra is a real package in jessie but a virtual package
provided by texlive-science in stretch. That causes a hard time for apt
and it will likely remove texlive-math-extra, but not install
texlive-science during jessie->stretch upgrades (with
--install-recommends enabled).


Andreas

Bug#864223: cadabra: switch dependency from texlive-math-extra to texlive-science

[Andreas Beckmann]

Package: cadabra
Version: 1.46-2
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

texlive-math-extra is a real package in jessie but a virtual package
provided by texlive-science in stretch. That causes a hard time for apt
and it will likely remove cadabra instead of installing texlive-science
during jessie->stretch upgrades.


Andreas

Bug#864224: sisu-pdf: switch dependency from texlive-math-extra to texlive-science

[Andreas Beckmann]

Package: sisu-pdf
Version: 7.1.9-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

texlive-math-extra is a real package in jessie but a virtual package
provided by texlive-science in stretch. That causes a hard time for apt
and it will likely remove sisu-pdf instead of installing texlive-science
during jessie->stretch upgrades.


Andreas

Bug#863890: dblatex: postrm fails on jessie to stretch upgrade

[Andreas Beckmann]

I think I found the underlying cause:

dblatex depends on texlive-math-extra which is a real package in jessie
and a virtual package in stretch, provided by texlive-science.
This gives apt a hard time to find the correct solution (install
texlive-science and remove texlive-math-extra), and failing to do so apt
decides to remove dblatex, triggering the bug.

Please switch the dependency from texlive-math-extra to texlive-science
(and also drop the superfluous mktexlsr calls) and upload to sid
immediately.
This should make apt find the correct solution and no longer decide to
remove dblatex. So you can skip fixing the package in jessie if the bug
is no longer triggered.

Further packages in stretch that depend on texlive-math-extra:
  cadabra
  lhs2tex
  sisu-pdf
  pycorrfit (Recommends)
  science-typesetting (Suggests)

from piuparts jessie2stretch tests:
  cadabra: gets removed while upgrading from jessie
  lhs2tex: texlive-math-extra survives the distupgrade to stretch
  sisu-pdf: gets removed
  pycorrfit: (--install-recommends) texlive-math-extra gets removed,
 but texlive-science does not get installed.

Andreas

Bug#864204: runit: Removal of runit-init removes /sbin/init breaking boot for runit users

[Simon Ruderich]

On Mon, Jun 05, 2017 at 12:38:15PM +0300, Adrian Bunk wrote:
> How would that break things for *jessie* users?
>
> The runit-init package is not in jessie, and the runit package in jessie
> does not provide /sbin/init

Ah, sorry for that. I thought that runit-init was already in
Jessie and didn't verify that. Please ignore that bug for the
Stretch release.

But it would still be nice if the Sid users didn't get a broken
system if they upgrade runit and reboot.

Regards
Simon
-- 
+ privacy is necessary
+ using gnupg http://gnupg.org
+ public key id: 0x92FEFDB7E44C32F9


signature.asc
Description: PGP signature

Bug#863890: dblatex: postrm fails on jessie to stretch upgrade

[Steinar H. Gunderson]

On Mon, Jun 05, 2017 at 01:16:05PM +0200, Andreas Beckmann wrote:
>> I don't have a full list of pre-upgrade packages, but the command was a
>> standard “apt full-upgrade”. The deconfigure is presumably due to the
>> Breaks:, as Norbert mentioned.
> You should be able to find the logs for the actions taken/planned by apt
> for that upgrade in /var/log/apt/history.log*, the should help me
> reproduce the upgrade scenario.

Sure, but that's a different thing. :-) I've seen this on at least three
distinct installations, so I'm a bit surprised nobody else has reported it.
I'm attaching history.log.1 from one of the affected machines.

/* Steinar */
-- 
Homepage: https://www.sesse.net/


history.log.1.gz
Description: application/gzip

Processed: bug 864210 is forwarded to https://github.com/grpc/grpc/pull/10492

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> forwarded 864210 https://github.com/grpc/grpc/pull/10492
Bug #864210 {Done: Salvatore Bonaccorso } [src:grpc] 
CVE-2017-9431
Set Bug forwarded-to-address to 'https://github.com/grpc/grpc/pull/10492'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
864210: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864210
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: tagging 864210

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 864210 + upstream fixed-upstream
Bug #864210 {Done: Salvatore Bonaccorso } [src:grpc] 
CVE-2017-9431
Added tag(s) upstream and fixed-upstream.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
864210: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864210
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#863890: dblatex: postrm fails on jessie to stretch upgrade

[Andreas Beckmann]

On 2017-06-04 09:23, Steinar H. Gunderson wrote:
> On Sun, Jun 04, 2017 at 12:15:56AM +0200, Andreas Beckmann wrote:
>> If I read the upgrade log correct, dblatex got first deconfigured and
>> later *removed* during the distupgrade. Actually most of the texlive
>> stack seems to get removed (including texlive-binaries, which ships
>> mktexlsr). Why did this happen? What was the actual command you used to
>> perform the upgrade? What was the set of packages installed before the
>> upgrade?
> 
> I don't have a full list of pre-upgrade packages, but the command was a
> standard “apt full-upgrade”. The deconfigure is presumably due to the
> Breaks:, as Norbert mentioned.

You should be able to find the logs for the actions taken/planned by apt
for that upgrade in /var/log/apt/history.log*, the should help me
reproduce the upgrade scenario.


Andreas

Processed: found 864210 in 1.2.5-1+nmu0, closing 864210

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> found 864210 1.2.5-1+nmu0
Bug #864210 [src:grpc] CVE-2017-9431
Marked as found in versions grpc/1.2.5-1+nmu0.
> close 864210 1.3.2-0.1
Bug #864210 [src:grpc] CVE-2017-9431
Marked as fixed in versions grpc/1.3.2-0.1.
Bug #864210 [src:grpc] CVE-2017-9431
Marked Bug as done
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
864210: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864210
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#864210: found 864210 in 1.2.5-1+nmu0, closing 864210

[Salvatore Bonaccorso]

found 864210 1.2.5-1+nmu0
close 864210 1.3.2-0.1
thanks

Bug#863707: marked as done (simple-tpm-pk11: FTBFS: ./m4/test-driver: line 107: 4695 Aborted (core dumped) )

[Debian Bug Tracking System]

Your message dated Mon, 05 Jun 2017 10:49:41 +
with message-id 
and subject line Bug#863707: fixed in openssl 1.1.0f-3
has caused the Debian Bug report #863707,
regarding simple-tpm-pk11: FTBFS: ./m4/test-driver: line 107: 4695 Aborted 
(core dumped) 
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
863707: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863707
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: simple-tpm-pk11
Version: 0.06-1
Severity: serious
Justification: fails to build from source
User: reproducible-bui...@lists.alioth.debian.org
Usertags: ftbfs
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org

Dear Maintainer,

simple-tpm-pk11 fails to build from source in unstable/amd64:

  […]

  /bin/bash ./libtool  --tag=CXX   --mode=link g++ -I/usr/src/gtest 
-std=gnu++0x -Wall -g -O2 -fdebug-prefix-map=«BUILDDIR»=. 
-fstack-protector-strong -Wformat -Werror=format-security  -Wl,-z,relro 
-Wl,-z,now -o stpm-verify_test src/stpm_verify_test-verify.o 
src/stpm_verify_test-verify_test.o src/stpm_verify_test-common.o 
src/stpm_verify_test-tspiwrap.o src/stpm_verify_test-fake_tspi.o 
src/stpm_verify_test-libgtest.o -lpthread  -lcrypto -ltspi 
  libtool: link: g++ -I/usr/src/gtest -std=gnu++0x -Wall -g -O2 
-fdebug-prefix-map=«BUILDDIR»=. -fstack-protector-strong -Wformat 
-Werror=format-security -Wl,-z -Wl,relro -Wl,-z -Wl,now -o stpm-verify_test 
src/stpm_verify_test-verify.o src/stpm_verify_test-verify_test.o 
src/stpm_verify_test-common.o src/stpm_verify_test-tspiwrap.o 
src/stpm_verify_test-fake_tspi.o src/stpm_verify_test-libgtest.o  -lpthread 
-lcrypto -ltspi
  make[3]: Leaving directory '«BUILDDIR»'
  make  check-TESTS
  make[3]: Entering directory '«BUILDDIR»'
  make[4]: Entering directory '«BUILDDIR»'
  ./m4/test-driver: line 107:  4695 Aborted (core dumped) "$@" 
> $log_file 2>&1
  FAIL: stpm-keygen_test
  PASS: stpm-sign_test
  PASS: common_test
  PASS: pk11_test
  PASS: stpm-verify_test
  
 simple-tpm-pk11 0.06: ./test-suite.log
  
  
  # TOTAL: 5
  # PASS:  4
  # SKIP:  0
  # XFAIL: 0
  # FAIL:  1
  # XPASS: 0
  # ERROR: 0
  
  .. contents:: :depth: 2
  
  FAIL: stpm-keygen_test
  ==
  
  Running main() from gtest_main.cc
  [==] Running 8 tests from 2 test cases.
  [--] Global test environment set-up.
  [--] 2 tests from Usage
  [ RUN  ] Usage.NoOpts
  [   OK ] Usage.NoOpts (0 ms)
  [ RUN  ] Usage.HelpOpts
  [   OK ] Usage.HelpOpts (0 ms)
  [--] 2 tests from Usage (0 ms total)
  
  [--] 6 tests from Keygen
  [ RUN  ] Keygen.EmptyOutputName
  [   OK ] Keygen.EmptyOutputName (0 ms)
  [ RUN  ] Keygen.BadOutputName
  [   OK ] Keygen.BadOutputName (1 ms)
  [ RUN  ] Keygen.OK
  [   OK ] Keygen.OK (2 ms)
  [ RUN  ] Keygen.SWKeyOK
  [   OK ] Keygen.SWKeyOK (14 ms)
  [ RUN  ] Keygen.SmallerKey
  [   OK ] Keygen.SmallerKey (1 ms)
  [ RUN  ] Keygen.WrongTPMKeySize
  [   OK ] Keygen.WrongTPMKeySize (2 ms)
  [--] 6 tests from Keygen (20 ms total)
  
  [--] Global test environment tear-down
  [==] 8 tests from 2 test cases ran. (20 ms total)
  [  PASSED  ] 8 tests.
  
  [ FATAL ] /usr/include/gtest/internal/gtest-port.h:2044:: 
pthread_key_delete(key_)failed with error 22
  FAIL stpm-keygen_test (exit status: 134)
  
  
  Testsuite summary for simple-tpm-pk11 0.06
  
  # TOTAL: 5
  # PASS:  4
  # SKIP:  0
  # XFAIL: 0
  # FAIL:  1
  # XPASS: 0
  # ERROR: 0
  
  See ./test-suite.log
  Please report to tho...@habets.se
  
  Makefile:1695: recipe for target 'test-suite.log' failed
  make[4]: *** [test-suite.log] Error 1
  make[4]: Leaving directory '«BUILDDIR»'
  Makefile:1801: recipe for target 'check-TESTS' failed
  make[3]: *** [check-TESTS] Error 2
  make[3]: Leaving directory '«BUILDDIR»'
  Makefile:2060: recipe for target 'check-am' failed
  make[2]: *** [check-am] Error 2
  make[2]: Leaving directory '«BUILDDIR»'
  Makefile:1581: recipe for target 'check-recursive' failed
  make[1]: *** [check-recursive] Error 1
  make[1]: Leaving directory '«BUILDDIR»'
  dh_auto_test: make 

Bug#864186: marked as done (xtensor-python FTBFS: [ FATAL ] gtest-port.h:2044:: pthread_key_delete(key_)failed with error 22)

[Debian Bug Tracking System]

Your message dated Mon, 05 Jun 2017 10:49:41 +
with message-id 
and subject line Bug#863707: fixed in openssl 1.1.0f-3
has caused the Debian Bug report #863707,
regarding xtensor-python FTBFS: [ FATAL ] gtest-port.h:2044:: 
pthread_key_delete(key_)failed with error 22
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
863707: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863707
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: xtensor-python
Version: 0.12.1-1
Severity: serious

https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/xtensor-python.html

...
[--] Global test environment tear-down
[==] 32 tests from 3 test cases ran. (2 ms total)
[  PASSED  ] 32 tests.

[ FATAL ] 
xtensor-python_0.12.1-1/obj-x86_64-linux-gnu/test/googletest-src/googletest/include/gtest/internal/gtest-port.h:2044::
 pthread_key_delete(key_)failed with error 22
Aborted
test/CMakeFiles/xtest.dir/build.make:60: recipe for target 
'test/CMakeFiles/xtest' failed
make[5]: *** [test/CMakeFiles/xtest] Error 134


Looking at the test history at reproducible builds, it is likely
that some change in a dependency between 2017-05-19 and 2017-05-31
causes this issues:
https://tests.reproducible-builds.org/debian/history/xtensor-python.html
--- End Message ---
--- Begin Message ---
Source: openssl
Source-Version: 1.1.0f-3

We believe that the bug you reported is fixed in the latest version of
openssl, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 863...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Kurt Roeckx  (supplier of updated openssl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 05 Jun 2017 11:40:42 +0200
Source: openssl
Binary: openssl libssl1.1 libcrypto1.1-udeb libssl1.1-udeb libssl-dev libssl-doc
Architecture: source
Version: 1.1.0f-3
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenSSL Team 
Changed-By: Kurt Roeckx 
Description:
 libcrypto1.1-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl-doc - Secure Sockets Layer toolkit - development documentation
 libssl1.1  - Secure Sockets Layer toolkit - shared libraries
 libssl1.1-udeb - ssl shared library - udeb (udeb)
 openssl- Secure Sockets Layer toolkit - cryptographic utility
Closes: 863707
Changes:
 openssl (1.1.0f-3) unstable; urgency=medium
 .
   * Don't cleanup a thread-local key we didn't create it (Closes: #863707)
Checksums-Sha1:
 c0a0e380ccfb6fdda7986292f127a3b2fe1892a5 2583 openssl_1.1.0f-3.dsc
 7e367313f2b2fd9cc32ea9e1ab84961af0a55f6f 54152 openssl_1.1.0f-3.debian.tar.xz
 1b852fe6eb898e4a391cbea0d9937f2edd7955b7 5200 openssl_1.1.0f-3_source.buildinfo
Checksums-Sha256:
 a4d69ed8c10134374d86fee593e85bb5165e6d539ab86294e40532a3ed276642 2583 
openssl_1.1.0f-3.dsc
 2b1ca97264b073345375a69ee95e32a9850f0288462bc58e9054dfa769f14806 54152 
openssl_1.1.0f-3.debian.tar.xz
 0c7775dabc9d47f602d045cadf3b9fb58d0421a8d6013e5e0e5ca168e158a83e 5200 
openssl_1.1.0f-3_source.buildinfo
Files:
 f9a7835dd13f04630e5840fbf729e82a 2583 utils optional openssl_1.1.0f-3.dsc
 74f652d235fe17efd398afb949d74887 54152 utils optional 
openssl_1.1.0f-3.debian.tar.xz
 0769c0d26f45b543e9a76cc7239afb5b 5200 utils optional 
openssl_1.1.0f-3_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEUWHm1ANgDdycoJP748TdzR5MEkQFAlk1NQ4ACgkQ48TdzR5M
EkTLCA//fBckq+OO0G42AQ9ZFZznrQAyPt8U7Ofih17GiI+Gx0mjC5G39Th/yDzE
fWOQx1vmhX1nGOOSoudinZO0DV3Dar34ShjP9benw0zT3hBW7O7LRmfomWvscZG3
uGkrnhLaIdwupED4znWaZVq1dX+T9x4V+QtJBZLoaJQrc4L3hPWQ1giAQVce/be8
0ADiM+btkpQFZGEGPZb5zOMAhlnvVa4XNCf9xkP8+fAzISLqvnoi299U9xc2iPBR
Bzuik6iYyw9Zd269gXFMQY7C6XBlW6RZJsvWYu3qkqftO9ym6+i+E3dxYjWNmAXh
ODEqCxOLrQhZKOhK9sfxViAGBVz0dTDUbPLQI17BpJKaTh9Wp6zB2HYJvPlwsOpe
GGqTpWV93WrzI1H34U/Nt4kyfBljsa9ijMgf8+IjSRli8+JnIO+UuwssmZhsZWyr
l9eT4kbSURenApWY7Zh6KZG2uUhezZr7O3pGn9vU3bAQlSJ07AKQC2IlR7SiKWGV
rlwIdICiAzHQE5YaFZ5MDPRsR1ZDYqE82SlmWJI61zztG322KibZSkWupkg0YGBM

Bug#864210: CVE-2017-9431

[Moritz Muehlenhoff]

Source: grpc
Severity: grave
Tags: security

Hi,
please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9431

Cheers,
Moritz

Bug#863707: [Pkg-openssl-devel] Bug#863707: Bug fixed in openssl?

[Kurt Roeckx]

On Mon, Jun 05, 2017 at 10:30:11AM +0100, Thomas Habets wrote:
> https://github.com/openssl/openssl/issues/3615 says this has been
> fixed in 
> https://github.com/openssl/openssl/commit/7dca72af91936d246700b78e06def16561a36028
> and was an OpenSSL bug.
> 
> So should this issue be closed?

This issue has been reassigned to the openssl package, and it's not
fixed yet in Debian. There is nothing to do on the simple-tpm-pk11
side.


Kurt

Processed: found 864204 in 2.1.2-9.1

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> found 864204 2.1.2-9.1
Bug #864204 [runit] runit: Removal of runit-init removes /sbin/init breaking 
boot for runit users
Marked as found in versions runit/2.1.2-9.1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
864204: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864204
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: tagging 864204

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 864204 + moreinfo
Bug #864204 [runit] runit: Removal of runit-init removes /sbin/init breaking 
boot for runit users
Added tag(s) moreinfo.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
864204: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864204
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#864204: runit: Removal of runit-init removes /sbin/init breaking boot for runit users

[Adrian Bunk]

On Mon, Jun 05, 2017 at 10:40:25AM +0200, Simon Ruderich wrote:
> Package: runit
> Version: 2.1.2-9.2
> Severity: grave
> Justification: renders package unusable
> 
> Hello,
> 
> With the recent removal of runit-init in -9.1 /sbin/init is no
> longer provided breaking the boot for users depending on runit as
> init system. So a user happily running runit in Jessie will have
> a system which no longer boots in Stretch.
>...

How would that break things for *jessie* users?

The runit-init package is not in jessie, and the runit package in jessie 
does not provide /sbin/init

> Regards
> Simon

cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

Bug#863707: Bug fixed in openssl?

[Thomas Habets]

https://github.com/openssl/openssl/issues/3615 says this has been
fixed in 
https://github.com/openssl/openssl/commit/7dca72af91936d246700b78e06def16561a36028
and was an OpenSSL bug.

So should this issue be closed?

-- 
typedef struct me_s {
 char name[]  = { "Thomas Habets" };
 char email[] = { "tho...@habets.se" };
 char kernel[]= { "Linux" };
 char *pgpKey[]   = { "http://www.habets.pp.se/pubkey.txt; };
 char pgp[] = { "9907 8698 8A24 F52F 1C2E  87F6 39A4 9EEA 460A 0169" };
 char coolcmd[]   = { "echo '. ./_&. ./_'>_;. ./_" };
} me_t;

Processed: bug 863707 is forwarded to https://github.com/openssl/openssl/issues/3615

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> forwarded 863707 https://github.com/openssl/openssl/issues/3615
Bug #863707 [libssl1.1] simple-tpm-pk11: FTBFS: ./m4/test-driver: line 107: 
4695 Aborted (core dumped) 
Bug #864177 [libssl1.1] nordugrid-arc: FTBFS: test failure
Bug #864186 [libssl1.1] xtensor-python FTBFS: [ FATAL ] gtest-port.h:2044:: 
pthread_key_delete(key_)failed with error 22
Set Bug forwarded-to-address to 
'https://github.com/openssl/openssl/issues/3615'.
Set Bug forwarded-to-address to 
'https://github.com/openssl/openssl/issues/3615'.
Set Bug forwarded-to-address to 
'https://github.com/openssl/openssl/issues/3615'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
863707: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863707
864177: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864177
864186: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864186
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#863927: qtwebengine-opensource-src: FTBFS: memory exhausted

[Rene Engelhard]

Hi,

On Mon, Jun 05, 2017 at 12:07:48AM +0300, Adrian Bunk wrote:
> --- qtwebengine-opensource-src-5.7.1+dfsg/debian/rules2017-01-18 
> 20:00:38.0 +0200
> +++ qtwebengine-opensource-src-5.7.1+dfsg/debian/rules2017-06-04 
> 22:12:35.0 +0300
> @@ -6,16 +6,22 @@
>  export NINJAFLAGS=-v
>  include /usr/share/dpkg/default.mk
>  
> -export CFLAGS := $(shell dpkg-buildflags --get CFLAGS) $(shell 
> dpkg-buildflags --get CPPFLAGS)
> -export CXXFLAGS := $(shell dpkg-buildflags --get CXXFLAGS) $(shell 
> dpkg-buildflags --get CPPFLAGS)
> +DEB_HOST_ARCH ?= $(shell dpkg-architecture -qDEB_HOST_ARCH)
> +DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH)
> +
> +# TODO: properly integrate with the other debug setting for buster
> +ifneq (,$(filter $(DEB_HOST_ARCH), armel armhf i386 mips mipsel))
> + export CFLAGS := $(shell dpkg-buildflags --get CFLAGS) $(shell 
> dpkg-buildflags --get CPPFLAGS) -g1
> + export CXXFLAGS := $(shell dpkg-buildflags --get CXXFLAGS) $(shell 
> dpkg-buildflags --get CPPFLAGS) -g1
> +else
> + export CFLAGS := $(shell dpkg-buildflags --get CFLAGS) $(shell 
> dpkg-buildflags --get CPPFLAGS)
> + export CXXFLAGS := $(shell dpkg-buildflags --get CXXFLAGS) $(shell 
> dpkg-buildflags --get CPPFLAGS)
> +endif
>  export LDFLAGS := $(shell dpkg-buildflags --get LDFLAGS) -Wl,--as-needed
>  export QT_SELECT := qt5
>  
>  VERSION_CLEAN_UPSTREAM = $(call dpkg_late_eval,VERSION_CLEAN_UPSTREAM,echo 
> '$(DEB_VERSION_UPSTREAM)' | sed -e 's/\(~\|+\).*//')
>  
> -DEB_HOST_ARCH ?= $(shell dpkg-architecture -qDEB_HOST_ARCH)
> -DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH)
> -
>  gstab_architectures :=
>  fulldebug_architectures :=
>  disabled_jit_architectures := armel mips mipsel

This looks unnecessarily ugly to me (or I miss something). Why not use
dpkg-buildflags' mechanism for this? See e.g.

https://anonscm.debian.org/cgit/pkg-openoffice/libreoffice.git/tree/rules#n878:

ifeq "$(ENABLE_SYMBOLS)" "y"
  # Small symbols?
  ifeq "$(SMALL_SYMBOLS)" "y"
CONFIGURE_FLAGS += --enable-symbols=SMALL
DEB_CFLAGS_MAINT_STRIP := -g
DEB_CXXFLAGS_MAINT_STRIP := -g
DEB_CFLAGS_MAINT_PREPEND += -g1
DEB_CXXFLAGS_MAINT_PREPEND += -g1
export DEB_CFLAGS_MAINT_STRIP DEB_CXXFLAGS_MAINT_STRIP
export DEB_CFLAGS_MAINT_PREPEND DEB_CXXFLAGS_MAINT_PREPEND
  else
CONFIGURE_FLAGS += --enable-symbols
  endif
endif
export DPKG_EXPORT_BUILDFLAGS=y 
include /usr/share/dpkg/buildflags.mk

In this case maybe _APPEND -g1 (if you don't do the _STRIP)

Regards,

Rene

Bug#864204: runit: Removal of runit-init removes /sbin/init breaking boot for runit users

[Simon Ruderich]

Package: runit
Version: 2.1.2-9.2
Severity: grave
Justification: renders package unusable

Hello,

With the recent removal of runit-init in -9.1 /sbin/init is no
longer provided breaking the boot for users depending on runit as
init system. So a user happily running runit in Jessie will have
a system which no longer boots in Stretch.

I know runit as default init system is not supported but I see no
reason to break it for any current user who happily uses runit.
The recent fix in #861536 is not enough as /sbin/init is still
missing.

Regards
Simon
-- 
+ privacy is necessary
+ using gnupg http://gnupg.org
+ public key id: 0x92FEFDB7E44C32F9


signature.asc
Description: PGP signature

Bug#863890: dblatex: postrm fails on jessie to stretch upgrade

[Norbert Preining]

Hi Andreas,

> Would an explicit, direct dependency on texlive-binaries have led to
> another apt order in the dist-upgrade?

Actually, in this case no, you are right. The problem was pointed out
by Adrian - in postrm the availability of depending packages is not
guaranteed.

> > Furthermore, it would be much simpler to *NOT* do anything as mktexlsr
> > is called automatically (trigger on /usr/share/texmf).
> 
> Sorry, didn't know this.

No prob, although it has been like this since about 2010 or even 2009 ;-)

> This suggestion renders the discussion above about a direct dependency
> on texlive-binaries obsolete.  I would be happy to drop the mktexlsr

Indeed.

> calls in postrm/postinst.  In this case the postrm call failed, thus the
> fix needs to be applied to *jessie* dblatex, doesn't it?

In principle, yes.

All the best

Norbert

--
PREINING Norbert   http://www.preining.info
Accelia Inc. +JAIST +TeX Live +Debian Developer
GPG: 0x860CDC13   fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13

Bug#863890: dblatex: postrm fails on jessie to stretch upgrade

[Andreas Hoenen]

Andreas Hoenen  wrote:

> Norbert Preining  wrote:
> > Since the postinst script does nothing else TeX related, it would be
> > the simplest solution to completly drop the code about mktexlsr.
>
> This suggestion renders the discussion above about a direct dependency
> on texlive-binaries obsolete.  I would be happy to drop the mktexlsr
> calls in postrm/postinst.  In this case the postrm call failed, thus the
> fix needs to be applied to *jessie* dblatex, doesn't it?

I have filed BTS #864201 against release.debian.org suggesting a fix
targeted at jessie dblatex: removing the mktexlsr call from postrm

-- 
Andreas Hoenen 
GPG: 1024D/B888D2CE
 A4A6 E8B5 593A E89B 496B
 82F0 728D 8B7E B888 D2CE


signature.asc
Description: PGP signature

Bug#863927: qtwebengine-opensource-src: FTBFS: memory exhausted

[Sandro Knauß]

Hey,

thanks for your help.

Please go for an NMU (delay 0 is fine for me). I'll add the patch to the git 
repo, if you don't have access to it.

Best Regards,

sandro

--
> I found the problem:
> The -g is coming from dpkg-buildflags.
> 
> Below is the smallest patch I see for this, a proper reshuffle of the
> debug settings in debian/rules looked too heavy so near to the release.
> 
> Could you upload this, or can I do an NMU?
> 
> > Best Regards,
> > 
> > sandro
> 
> cu
> Adrian
> 
> 
> --- qtwebengine-opensource-src-5.7.1+dfsg/debian/rules2017-01-18
> 20:00:38.0 +0200 +++
> qtwebengine-opensource-src-5.7.1+dfsg/debian/rules2017-06-04
> 22:12:35.0 +0300 @@ -6,16 +6,22 @@
>  export NINJAFLAGS=-v
>  include /usr/share/dpkg/default.mk
> 
> -export CFLAGS := $(shell dpkg-buildflags --get CFLAGS) $(shell
> dpkg-buildflags --get CPPFLAGS) -export CXXFLAGS := $(shell dpkg-buildflags
> --get CXXFLAGS) $(shell dpkg-buildflags --get CPPFLAGS) +DEB_HOST_ARCH ?=
> $(shell dpkg-architecture -qDEB_HOST_ARCH)
> +DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH)
> +
> +# TODO: properly integrate with the other debug setting for buster
> +ifneq (,$(filter $(DEB_HOST_ARCH), armel armhf i386 mips mipsel))
> + export CFLAGS := $(shell dpkg-buildflags --get CFLAGS) $(shell
> dpkg-buildflags --get CPPFLAGS) -g1 + export CXXFLAGS := $(shell
> dpkg-buildflags --get CXXFLAGS) $(shell dpkg-buildflags --get CPPFLAGS) -g1
> +else
> + export CFLAGS := $(shell dpkg-buildflags --get CFLAGS) $(shell
> dpkg-buildflags --get CPPFLAGS) + export CXXFLAGS := $(shell
> dpkg-buildflags --get CXXFLAGS) $(shell dpkg-buildflags --get CPPFLAGS)
> +endif
>  export LDFLAGS := $(shell dpkg-buildflags --get LDFLAGS) -Wl,--as-needed
>  export QT_SELECT := qt5
> 
>  VERSION_CLEAN_UPSTREAM = $(call dpkg_late_eval,VERSION_CLEAN_UPSTREAM,echo
> '$(DEB_VERSION_UPSTREAM)' | sed -e 's/\(~\|+\).*//')
> 
> -DEB_HOST_ARCH ?= $(shell dpkg-architecture -qDEB_HOST_ARCH)
> -DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH)
> -
>  gstab_architectures :=
>  fulldebug_architectures :=
>  disabled_jit_architectures := armel mips mipsel



signature.asc
Description: This is a digitally signed message part.

Processed: tagging 861849, tagging 863958, tagging 861775, tagging 857377

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 861849 + pending
Bug #861849 [kopanocore] kopanocore: d/p/OpenSSL-Make-SSLv2-conditional.patch 
has obvious  logic bug
Added tag(s) pending.
> tags 863958 + pending
Bug #863958 [kopano-server] kopano-server: postrm script still refers to 
zarafa-server
Added tag(s) pending.
> tags 861775 + pending
Bug #861775 [kopanocore] kopanocore: src:kopanocore has a harcoded php7.0-mapi 
binary
Added tag(s) pending.
> tags 857377 + pending
Bug #857377 [kopano-dev] kopano-dev: fails to upgrade from 'jessie' - trying to 
overwrite /usr/lib/x86_64-linux-gnu/libmapi.so
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
857377: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857377
861775: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861775
861849: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861849
863958: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863958
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#864188: libbpp-core2v5: symbols removed without soname bump

[Andreas Tille]

Hi Julien,

while I made a mistake to upload libbpp-core to unstable rather than
experimental as it was planed this has probably lead to spot a bug
earlier.  The problem is that the soversion needs to be bumped due to
the ABI change.  

   $ objdump -p ./libbpp-core.so.2.0.4   | sed -n 's/^.*SONAME *//p'
   libbpp-core.so.2

I think you should bump the SOVERSION to reflect that change.

Kind regards

 Andreas.

On Mon, Jun 05, 2017 at 02:42:58AM +0300, Adrian Bunk wrote:
> Package: libbpp-core2v5
> Version: 2.3.0-1~exp1
> Severity: serious
> Control: affects -1 libbpp-seq9v5 src:libbpp-phyl
> 
> 2.3.0-1~exp1 in unstable (sic) removes symbols without changing soname,
> causing the following FTBFS in libbpp-phyl:
> 
> https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/libbpp-phyl.html
> 
> ...
> [ 93%] Linking CXX executable test_bowker
> cd /build/1st/libbpp-phyl-2.2.0/obj-x86_64-linux-gnu/test && /usr/bin/cmake 
> -E cmake_link_script CMakeFiles/test_bowker.dir/link.txt --verbose=1
> /usr/bin/c++   -Wall -Wshadow -Weffc++ -Wconversion  -Wl,-z,relro 
> CMakeFiles/test_bowker.dir/test_bowker.cpp.o  -o test_bowker -rdynamic 
> -lbpp-seq -lbpp-core -L../src -lbpp-phyl 
> /usr/lib/gcc/x86_64-linux-gnu/6/../../../x86_64-linux-gnu/libbpp-seq.so: 
> undefined reference to `bpp::RandomTools::lnGamma(double)'
> /usr/lib/gcc/x86_64-linux-gnu/6/../../../x86_64-linux-gnu/libbpp-seq.so: 
> undefined reference to 
> `bpp::TextTools::startsWith(std::__cxx11::basic_string std::char_traits, std::allocator > const&, 
> std::__cxx11::basic_string > const&)'
> /usr/lib/gcc/x86_64-linux-gnu/6/../../../x86_64-linux-gnu/libbpp-seq.so: 
> undefined reference to 
> `bpp::ApplicationTools::parameterExists(std::__cxx11::basic_string std::char_traits, std::allocator > const&, 
> std::map std::allocator >, std::__cxx11::basic_string std::char_traits, std::allocator >, 
> std::less std::allocator > >, 
> std::allocator std::char_traits, std::allocator > const, 
> std::__cxx11::basic_string > > > >&)'
> /usr/lib/gcc/x86_64-linux-gnu/6/../../../x86_64-linux-gnu/libbpp-seq.so: 
> undefined reference to 
> `bpp::ApplicationTools::getStringParameter(std::__cxx11::basic_string std::char_traits, std::allocator > const&, 
> std::map std::allocator >, std::__cxx11::basic_string std::char_traits, std::allocator >, 
> std::less std::allocator > >, 
> std::allocator std::char_traits, std::allocator > const, 
> std::__cxx11::basic_string > > > >&, std::__cxx11::basic_string std::allocator > const&, std::__cxx11::basic_string std::char_traits, std::allocator > const&, bool, int)'
> collect2: error: ld returned 1 exit status
> test/CMakeFiles/test_bowker.dir/build.make:99: recipe for target 
> 'test/test_bowker' failed
> make[3]: *** [test/test_bowker] Error 1

-- 
http://fam-tille.de

Bug#853787: wxmaxima: loadfile: failed to load /usr/share/wxMaxima/wxmathml.lisp

[Gunter Königsmann]

On 05.06.2017 08:43, Daniel Baumann wrote:
> I use newest maxima backported to stretch.
> 

But the newest wxmaxima backport doesn't contain the lines that need to
be patched. Also there is no stretch backports repository, currently, as
stretch is still the "testing" revision of debian and backports are made
from stretch, not to stretch.

...which means I have to renew my question: which debian version and
-flavor are you using and which wxMaxima version? And where did you get
that version from?

Currently stretch is in a freeze => don't know if it is currently
possible to upload something to testing - which then can be backported
to "backports".

Thanks a lot,
and

Kind regards,

Gunter.

Bug#853787: wxmaxima: loadfile: failed to load /usr/share/wxMaxima/wxmathml.lisp

[Daniel Baumann]

I use newest maxima backported to stretch.

Regards,
Daniel

Bug#853787: wxmaxima: loadfile: failed to load /usr/share/wxMaxima/wxmathml.lisp

[Gunter Königsmann]

The question I now have is:

Which debian distribution and version do you use does contain the
version that has been broken by the sudden gcl change and that does  not
yet incorporate the patch?

Thanks a lot,
and
Kind regards,

Gunter.

On 05.06.2017 07:37, Daniel Baumann wrote:
> tag 853787 patch
> thanks
> 
> I can confirm that the following patch works fine:
> 
> https://sources.progress-linux.org/dist
> Regards,
> Daniel
>