Bug#890007: condor ftbfs on all architectures
Package: src:condor Version: 8.6.8~dfsg.1-1 Severity: serious Tags: sid buster looks it doesn't build with the new gsoap. cd "/<>/obj-x86_64-linux-gnu/src/condor_collector.V6" && /usr/bin/c++ -DBUILD_DATE="\"Feb 06 2018\"" -DCONDOR_VERSION=\"8.6.8\" -DGLIBC226=GLIBC226 -DGLIBC=GLIBC -DHAVE_CONFIG_H -DLINUX=\"LINUX_4.9.0-5-AMD64\" -DPLATFORM=\"X86_64-Debian_\" -DPRE_RELEASE_STR="\" Debian-8.6.8~dfsg.1-1+b1\"" -DWITH_OPENSSL -DX86_64=X86_64 -I"/<>/obj-x86_64-linux-gnu/bld_external/classads-8.6.8/install/include" -I/usr/include/globus -I/usr/lib64/globus/include -I/usr/lib/globus/include -I/usr/local/globus/include/globus -I"/<>/src/condor_includes" -I"/<>/obj-x86_64-linux-gnu/src/condor_includes" -I"/<>/src/condor_utils" -I"/<>/obj-x86_64-linux-gnu/src/condor_utils" -I"/<>/src/condor_daemon_core.V6" -I"/<>/src/condor_daemon_client" -I"/<>/src/ccb" -I"/<>/src/condor_io" -I"/<>/src/h" -I"/<>/obj-x86_64-linux-gnu/src/h" -I"/<>/obj-x86_64-linux-gnu/src/classad" -I"/<>/src/classad" -I"/<>/src/safefile" -I"/<>/obj-x86_64-linux-gnu/src/safefile" -I"/<>/obj-x86_64-linux-gnu/src/condor_collector.V6" -g -O2 -fdebug-prefix-map=/<>=. -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -std=c++11 -DWITH_IPV6 -fopenmp -g -O2 -fdebug-prefix-map=/<>=. -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -fPIC -fopenmp -Wall -W -Wextra -Wfloat-equal -Wendif-labels -Wpointer-arith -Wcast-qual -Wcast-align -Wvolatile-register-var -Wno-error=unused-local-typedefs -Wdeprecated-declarations -Wno-error=deprecated-declarations -Wno-nonnull-compare -Wno-error=nonnull-compare -fstack-protector -rdynamic -g -fPIE -DPIE -w -o CMakeFiles/condor_collector.dir/soap_collectorStub.cpp.o -c "/<>/src/condor_collector.V6/soap_collectorStub.cpp" /<>/src/condor_collector.V6/soap_collectorStub.cpp:31:17: error: 'soap_collector' is not a namespace-name using namespace soap_collector; ^~ /<>/src/condor_collector.V6/soap_collectorStub.cpp:31:31: error: expected namespace-name before ';' token using namespace soap_collector; ^ In file included from /<>/src/condor_collector.V6/soap_collectorStub.cpp:32:0: /<>/src/condor_collector.V6/../condor_utils/soap_helpers.cpp: In function 'bool convert_ad_to_adStruct(soap*, compat_classad::ClassAd*, condor__ClassAdStruct*, bool)': /<>/src/condor_collector.V6/../condor_utils/soap_helpers.cpp:49:14: error: invalid use of incomplete type 'struct condor__ClassAdStruct' ad_struct->__size = 0; ^~ /<>/src/condor_collector.V6/../condor_utils/soap_helpers.cpp:30:31: note: forward declaration of 'struct condor__ClassAdStruct' struct condor__ClassAdStruct *ad_struct, ^ /<>/src/condor_collector.V6/../condor_utils/soap_helpers.cpp:49:16: error: invalid use of incomplete type 'struct condor__ClassAdStruct' ad_struct->__size = 0; ^~ /<>/src/condor_collector.V6/../condor_utils/soap_helpers.cpp:30:31: note: forward declaration of 'struct condor__ClassAdStruct' struct condor__ClassAdStruct *ad_struct, ^ /<>/src/condor_collector.V6/../condor_utils/soap_helpers.cpp:50:14: error: invalid use of incomplete type 'struct condor__ClassAdStruct' ad_struct->__ptr = NULL; ^~ /<>/src/condor_collector.V6/../condor_utils/soap_helpers.cpp:30:31: note: forward declaration of 'struct condor__ClassAdStruct' struct condor__ClassAdStruct *ad_struct, ^ /<>/src/condor_collector.V6/../condor_utils/soap_helpers.cpp:50:16: error: invalid use of incomplete type 'struct condor__ClassAdStruct' ad_struct->__ptr = NULL; ^ /<>/src/condor_collector.V6/../condor_utils/soap_helpers.cpp:30:31: note: forward declaration of 'struct condor__ClassAdStruct' struct condor__ClassAdStruct *ad_struct, ^ /<>/src/condor_collector.V6/../condor_utils/soap_helpers.cpp:65:14: error: invalid use of incomplete type 'struct condor__ClassAdStruct' ad_struct->__size = 0; ^~ /<>/src/condor_collector.V6/../condor_utils/soap_helpers.cpp:30:31: note: forward declaration of 'struct condor__ClassAdStruct' struct condor__ClassAdStruct *ad_struct, ^ /<>/src/condor_collector.V6/../condor_utils/soap_helpers.cpp:65:16: error: invalid use of incomplete type 'struct condor__ClassAdStruct' ad_struct->__size = 0;
Bug#866109: marked as done (tiff: CVE-2017-9935: Heap-based buffer overflow in t2p_write_pdf)
Your message dated Fri, 09 Feb 2018 23:49:08 + with message-id and subject line Bug#866109: fixed in tiff 4.0.8-2+deb9u2 has caused the Debian Bug report #866109, regarding tiff: CVE-2017-9935: Heap-based buffer overflow in t2p_write_pdf to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 866109: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866109 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: tiff Version: 4.0.8-2 Severity: grave Tags: upstream security Forwarded: http://bugzilla.maptools.org/show_bug.cgi?id=2704 Hi, the following vulnerability was published for tiff, using severity grave for now since I'm not sure code execution can be ruled out. CVE-2017-9935[0]: | In LibTIFF 4.0.8, there is a heap-based buffer overflow in the | t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could | lead to different damages. For example, a crafted TIFF document can | lead to an out-of-bounds read in TIFFCleanup, an invalid free in | TIFFClose or t2p_free, memory corruption in t2p_readwrite_pdf_image, or | a double free in t2p_free. Given these possibilities, it probably could | cause arbitrary code execution. In the upstream bugtracker the reporter has provided his reproducers which can be used later on to verfiy a fix as well with the given testcases. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-9935 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9935 [1] http://bugzilla.maptools.org/show_bug.cgi?id=2704 Please adjust the affected versions in the BTS as needed, specifically no checks have been done yet for older versions than 4.0.8-2. Regards, Salvatore --- End Message --- --- Begin Message --- Source: tiff Source-Version: 4.0.8-2+deb9u2 We believe that the bug you reported is fixed in the latest version of tiff, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 866...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Laszlo Boszormenyi (GCS) (supplier of updated tiff package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 30 Dec 2017 20:13:06 + Source: tiff Binary: libtiff5 libtiffxx5 libtiff5-dev libtiff-tools libtiff-opengl libtiff-doc Architecture: source all amd64 Version: 4.0.8-2+deb9u2 Distribution: stretch-security Urgency: high Maintainer: Laszlo Boszormenyi (GCS) Changed-By: Laszlo Boszormenyi (GCS) Description: libtiff-doc - TIFF manipulation and conversion documentation libtiff-opengl - TIFF manipulation and conversion tools libtiff-tools - TIFF manipulation and conversion tools libtiff5 - Tag Image File Format (TIFF) library libtiff5-dev - Tag Image File Format library (TIFF), development files libtiffxx5 - Tag Image File Format (TIFF) library -- C++ interface Closes: 866109 868513 872607 873879 873880 885985 Changes: tiff (4.0.8-2+deb9u2) stretch-security; urgency=high . * Fix CVE-2017-11335: heap based buffer write overflow in tiff2pdf (closes: #868513). * Fix CVE-2017-12944: OOM prevention in TIFFReadDirEntryArray() (closes: #872607). * Fix CVE-2017-13726: reachable assertion abort in TIFFWriteDirectorySec() (closes: #873880). * Fix CVE-2017-13727: reachable assertion abort in TIFFWriteDirectoryTagSubifd() (closes: #873879). * Fix CVE-2017-18013: NULL pointer dereference in TIFFPrintDirectory() (closes: #885985). * Fix CVE-2017-9935: heap-based buffer overflow in the t2p_write_pdf() function (closes: #866109). Checksums-Sha1: 7b8e353320028667b6d5320533d7ab6ed0974868 2185 tiff_4.0.8-2+deb9u2.dsc 34dfd38e29ab6c66d21ca7e4a388088b6e0e4b40 26252 tiff_4.0.8-2+deb9u2.debian.tar.xz 9000bc577b99dcbdc8ef5dde806c2adeb78d744a 395746 libtiff-doc_4.0.8-2+deb9u2_all.deb 70f0e4fab28528f4ff8cd8e3bb7fa7a98c68b6ae 14182 libtiff-opengl-dbgsym_4.0.8-2+deb9u2_amd64.deb 92c052e7a85e13273f363cee870c6d9dcb21cc2b 100320 libtiff-opengl_4.0.8-2+deb9u2_amd64.deb 84a4b3be06f2fda59ee153e72d6f9d7a80371003 351868 libtiff-tools
Bug#883314: marked as done (wordpress: CVE-2017-17091 CVE-2017-17092 CVE-2017-17093 CVE-2017-17094)
Your message dated Fri, 09 Feb 2018 23:49:51 + with message-id and subject line Bug#883314: fixed in wordpress 4.7.5+dfsg-2+deb9u2 has caused the Debian Bug report #883314, regarding wordpress: CVE-2017-17091 CVE-2017-17092 CVE-2017-17093 CVE-2017-17094 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 883314: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883314 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: wordpress Version: 4.1+dfsg-1 X-Debbugs-CC: t...@security.debian.org secure-testing-t...@lists.alioth.debian.org Severity: grave Tags: security upstream fixed-upstream Hi, the following vulnerabilities were published for wordpress. CVE-2017-17091[0]: | wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser | key to a string that can be directly derived from the user ID, which | allows remote attackers to bypass intended access restrictions by | entering this string. CVE-2017-17092[1]: | wp-includes/functions.php in WordPress before 4.9.1 does not require | the unfiltered_html capability for upload of .js files, which might | allow remote attackers to conduct XSS attacks via a crafted file. CVE-2017-17093[2]: | wp-includes/general-template.php in WordPress before 4.9.1 does not | properly restrict the lang attribute of an HTML element, which might | allow attackers to conduct XSS attacks via the language setting of a | site. CVE-2017-17094[3]: | wp-includes/feed.php in WordPress before 4.9.1 does not properly | restrict enclosures in RSS and Atom fields, which might allow attackers | to conduct XSS attacks via a crafted URL. Published at [4]. The respective commits are all referenced in the corresponding CVE page on the security-tracker and were used for the CVE request. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-17091 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17091 [1] https://security-tracker.debian.org/tracker/CVE-2017-17092 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17092 [2] https://security-tracker.debian.org/tracker/CVE-2017-17093 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17093 [3] https://security-tracker.debian.org/tracker/CVE-2017-17094 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17094 [4] https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/ Regards, Salvatore --- End Message --- --- Begin Message --- Source: wordpress Source-Version: 4.7.5+dfsg-2+deb9u2 We believe that the bug you reported is fixed in the latest version of wordpress, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 883...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Craig Small (supplier of updated wordpress package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 04 Jan 2018 18:19:44 +1100 Source: wordpress Binary: wordpress wordpress-l10n wordpress-theme-twentysixteen wordpress-theme-twentyfifteen wordpress-theme-twentyseventeen Architecture: source all Version: 4.7.5+dfsg-2+deb9u2 Distribution: stretch-security Urgency: high Maintainer: Craig Small Changed-By: Craig Small Description: wordpress - weblog manager wordpress-l10n - weblog manager - language files wordpress-theme-twentyfifteen - weblog manager - twentytfifteen theme files wordpress-theme-twentyseventeen - weblog manager - twentyseventeen theme files wordpress-theme-twentysixteen - weblog manager - twentysixteen theme files Closes: 880528 883314 Changes: wordpress (4.7.5+dfsg-2+deb9u2) stretch-security; urgency=high . * Backport security patches from 4.9.1 Closes: #883314 - CVE-2017-17091 Use a properly generated hash for the newbloguser key instead of a determinate substring. Changeset 42272 - CVE-2017-17092 Remove the ability to upload JavaScript files for users who do not have the unfiltered_html capability Changeset 42275 - CVE-2017-17093 Add escapi
Bug#887488: marked as done (openocd: CVE-2018-5704 cross protocol scripting attack)
Your message dated Fri, 09 Feb 2018 23:47:09 + with message-id and subject line Bug#887488: fixed in openocd 0.9.0-1+deb8u1 has caused the Debian Bug report #887488, regarding openocd: CVE-2018-5704 cross protocol scripting attack to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 887488: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887488 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: openocd X-Debbugs-CC: t...@security.debian.org secure-testing-t...@lists.alioth.debian.org Severity: grave Tags: important Hi, the following vulnerability was published for openocd. CVE-2018-5704[0]: | Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use | HTTP POST for sending data to 127.0.0.1 port , which allows remote | attackers to conduct cross-protocol scripting attacks, and consequently | execute arbitrary commands, via a crafted web site. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-5704 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5704 Please adjust the affected versions in the BTS as needed. --- End Message --- --- Begin Message --- Source: openocd Source-Version: 0.9.0-1+deb8u1 We believe that the bug you reported is fixed in the latest version of openocd, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 887...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jonathan McDowell (supplier of updated openocd package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 18 Jan 2018 14:05:10 + Source: openocd Binary: openocd Architecture: source amd64 Version: 0.9.0-1+deb8u1 Distribution: stretch-security Urgency: high Maintainer: Uwe Hermann Changed-By: Jonathan McDowell Description: openocd- Open on-chip JTAG debug solution for ARM and MIPS systems Closes: 887488 Changes: openocd (0.9.0-1+deb8u1) stretch-security; urgency=high . * Update debian/gbp.conf to deal with stretch * Pull "bindto" command from upstream * Bind to localhost by default * Prevent some forms of Cross Protocol Scripting attacks (CVE-2018-5704) (Closes: #887488) Checksums-Sha1: 6e102d7ec65e63b3532efc88f6c5a27f3005d743 2079 openocd_0.9.0-1+deb8u1.dsc f57cb48ae09baac7dc6e3961f134317fb1dec290 4970346 openocd_0.9.0.orig.tar.gz 72a0629202620240f46f7a2da0003bf01c24a49b 16008 openocd_0.9.0-1+deb8u1.debian.tar.xz c2b495c301df9bb73c65b33d9b3f2e1c08d6339a 2613754 openocd-dbgsym_0.9.0-1+deb8u1_amd64.deb fa5cb2f27380d300b7bf3aa3779015363e19c30b 8973 openocd_0.9.0-1+deb8u1_amd64.buildinfo 8777f2982f08d8c8509dd3127709ff25014ca1ac 2269242 openocd_0.9.0-1+deb8u1_amd64.deb Checksums-Sha256: 325cd472ae912193f6d6930d8d22259986766c478b49670d01654f60503c52f6 2079 openocd_0.9.0-1+deb8u1.dsc 840ed225216f49f5c07bda8b2cbb5c8384bb4d8724335dcccf26787fa0650513 4970346 openocd_0.9.0.orig.tar.gz 499217f240a4250c57152f7be53f3df714c48eea10b4c65c3b9d6104a14be580 16008 openocd_0.9.0-1+deb8u1.debian.tar.xz 4a8dc913181516f490ca72446bf2fd170e7379a35877d458ec2d29f8c3faee20 2613754 openocd-dbgsym_0.9.0-1+deb8u1_amd64.deb 29cf813309e7642cde5f2307617a86c0beb1557be54ff8ca6cff731764c79b6a 8973 openocd_0.9.0-1+deb8u1_amd64.buildinfo 102d6ffa807be4654648a0b6209ee51cc0c646b50d4f3c3bab739c7ae895252a 2269242 openocd_0.9.0-1+deb8u1_amd64.deb Files: 676cddf173dd6f3f9343908d230493dd 2079 embedded extra openocd_0.9.0-1+deb8u1.dsc 7973c2c0132b1bb9fb1d12b4534418f4 4970346 embedded extra openocd_0.9.0.orig.tar.gz b258cc4bc8915eee7e671e5e1a3fb58b 16008 embedded extra openocd_0.9.0-1+deb8u1.debian.tar.xz 47515c006a0adca581b3000f53ac538b 2613754 debug extra openocd-dbgsym_0.9.0-1+deb8u1_amd64.deb dbf77caa0aeef22c79d8328ac30283b8 8973 embedded extra openocd_0.9.0-1+deb8u1_amd64.buildinfo 1d1b1bec9dc0f391f8ca9a36471dfd06 2269242 embedded extra openocd_0.9.0-1+deb8u1_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEERUuPEyEc/2gMWDpQ/xYvxc8/utEFAlpkpIIACgkQ/xYvxc8/ utFReRAAk4qQVAejSrz3yyKoHR/PGY2tNUv7
Bug#888297: marked as done (p7zip: CVE-2017-17969: ZIP Shrink: Heap Buffer Overflow)
Your message dated Fri, 09 Feb 2018 23:47:13 + with message-id and subject line Bug#888297: fixed in p7zip 16.02+dfsg-3+deb9u1 has caused the Debian Bug report #888297, regarding p7zip: CVE-2017-17969: ZIP Shrink: Heap Buffer Overflow to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 888297: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888297 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: p7zip Version: 16.02+dfsg-4 Severity: grave Tags: upstream newcomer security Justification: user security hole Dear Maintainer, p7zip, p7zip-full and the non-free component p7zip-rar are affected by two vulnerabilities: https://landave.io/2018/01/7-zip-multiple-memory-corruptions-via-rar-and- zip/?hn In particular, the RAR3 and LZW algorithm implementations are susceptible to memory corruption and may compromise a system through specially crafted archives. These issues have already been fixed upstream, and a new version of p7zip (18.0) is available. Please update all p7zip* packages to their latest versions as soon as possible. Thank you. -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (990, 'testing'), (900, 'stable'), (500, 'unstable-debug'), (500, 'testing-debug'), (300, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_GB.UTF-8), LANGUAGE=en_GB:en (charmap=UTF-8) (ignored: LC_ALL set to en_GB.UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages p7zip depends on: ii libc6 2.26-2 ii libgcc1 1:7.2.0-19 ii libstdc++6 7.2.0-19 p7zip recommends no packages. Versions of packages p7zip suggests: ii p7zip-full 16.02+dfsg-4 -- no debconf information --- End Message --- --- Begin Message --- Source: p7zip Source-Version: 16.02+dfsg-3+deb9u1 We believe that the bug you reported is fixed in the latest version of p7zip, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 888...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso (supplier of updated p7zip package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 02 Feb 2018 11:11:41 +0100 Source: p7zip Binary: p7zip p7zip-full Architecture: source Version: 16.02+dfsg-3+deb9u1 Distribution: stretch-security Urgency: high Maintainer: Robert Luberda Changed-By: Salvatore Bonaccorso Closes: 888297 Description: p7zip - 7zr file archiver with high compression ratio p7zip-full - 7z and 7za file archivers with high compression ratio Changes: p7zip (16.02+dfsg-3+deb9u1) stretch-security; urgency=high . * Non-maintainer upload by the Security Team. * Heap-based buffer overflow in 7zip/Compress/ShrinkDecoder.cpp (CVE-2017-17969) Thanks to Antoine Beaupré (Closes: #888297) Checksums-Sha1: d9be5730246a2a126a5a629b52329bbd03cea6f3 2110 p7zip_16.02+dfsg-3+deb9u1.dsc 0894bd217b25e90edd42bc47ea0edf8c6a324005 3611764 p7zip_16.02+dfsg.orig.tar.xz 8b0da7503dffe82e6f50cfaf1a4f1021d1fc2cf2 21008 p7zip_16.02+dfsg-3+deb9u1.debian.tar.xz Checksums-Sha256: d895c5fc94d46dd9390e925d0d687010fadc198e01624f5d620a7fcca5187e11 2110 p7zip_16.02+dfsg-3+deb9u1.dsc 50adee7a4259e3492d8b68dfd12bda0ed27e615193a16f10af296f23dc831b14 3611764 p7zip_16.02+dfsg.orig.tar.xz 4d0f8fe6ccef505212a77611457257b378982224f097b4c5caefe09687186d16 21008 p7zip_16.02+dfsg-3+deb9u1.debian.tar.xz Files: 87c3d4d312607500e5fc987b789cf75d 2110 utils optional p7zip_16.02+dfsg-3+deb9u1.dsc 95a6a79c62a84fee541f99f763b81c31 3611764 utils optional p7zip_16.02+dfsg.orig.tar.xz e6b42a74a1f22ff42197e7ccd9893d05 21008 utils optional p7zip_16.02+dfsg-3+deb9u1.debian.tar.xz -BEGIN PGP SIGNATURE- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlp026xfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EF+cP/RHZH/IbnJxc7G/rI6a9EP
Bug#889119: marked as done (php-console-table FTBFS with PHP 7.2)
Your message dated Fri, 09 Feb 2018 23:05:47 + with message-id and subject line Bug#889119: fixed in php-console-table 1.3.1-0.1 has caused the Debian Bug report #889119, regarding php-console-table FTBFS with PHP 7.2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 889119: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889119 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: php-console-table Version: 1.3.0-2 Severity: serious Tags: buster sid https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/php-console-table.html ... debian/rules override_dh_auto_test make[1]: Entering directory '/build/1st/php-console-table-1.3.0' pear run-tests Console_Table-*/tests Running 15 tests FAIL [ 1/15] Header and data as associative arrays.[Console_Table-1.3.0/tests/assoziative_arrays.phpt] PASS [ 2/15] Border: default ASCII mode[Console_Table-1.3.0/tests/border-ascii.phpt] PASS [ 3/15] Border: new custom mode[Console_Table-1.3.0/tests/border-custom.phpt] PASS [ 4/15] Border: new custom mode, alternative style[Console_Table-1.3.0/tests/border-custom2.phpt] PASS [ 5/15] Border: disable it[Console_Table-1.3.0/tests/border-disable.phpt] PASS [ 6/15] Border: custom border character[Console_Table-1.3.0/tests/border-dot.phpt] PASS [ 7/15] Border: empty character[Console_Table-1.3.0/tests/border-empty.phpt] PASS [ 8/15] Bug #20181: setAlign() on non-zero column[Console_Table-1.3.0/tests/bug20181.phpt] SKIP Data with ANSI color codes[Console_Table-1.3.0/tests/colors.phpt](reason: Console_Color2 not installed) Warning: count(): Parameter must be an array or an object that implements Countable in PEAR/RunTest.php on line 346 PHP Warning: count(): Parameter must be an array or an object that implements Countable in /usr/share/php/PEAR/RunTest.php on line 346 FAIL [10/15] Callback filters[Console_Table-1.3.0/tests/filters.phpt] FAIL [11/15] Multibyte strings[Console_Table-1.3.0/tests/multibyte.phpt] FAIL [12/15] Multiline table cells[Console_Table-1.3.0/tests/multiline.phpt] FAIL [13/15] Table without header[Console_Table-1.3.0/tests/no_header.phpt] PASS [14/15] Table without data[Console_Table-1.3.0/tests/no_rows.phpt] FAIL [15/15] Horizontal rules[Console_Table-1.3.0/tests/rules.phpt] wrote log to "/build/1st/php-console-table-1.3.0/run-tests.log" TOTAL TIME: 00:10 8 PASSED TESTS 1 SKIPPED TESTS 6 FAILED TESTS: /build/1st/php-console-table-1.3.0/Console_Table-1.3.0/tests/assoziative_arrays.phpt /build/1st/php-console-table-1.3.0/Console_Table-1.3.0/tests/filters.phpt /build/1st/php-console-table-1.3.0/Console_Table-1.3.0/tests/multibyte.phpt /build/1st/php-console-table-1.3.0/Console_Table-1.3.0/tests/multiline.phpt /build/1st/php-console-table-1.3.0/Console_Table-1.3.0/tests/no_header.phpt /build/1st/php-console-table-1.3.0/Console_Table-1.3.0/tests/rules.phpt Some tests failed debian/rules:7: recipe for target 'override_dh_auto_test' failed make[1]: *** [override_dh_auto_test] Error 1 --- End Message --- --- Begin Message --- Source: php-console-table Source-Version: 1.3.1-0.1 We believe that the bug you reported is fixed in the latest version of php-console-table, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 889...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Dimitri John Ledkov (supplier of updated php-console-table package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 09 Feb 2018 22:47:18 + Source: php-console-table Binary: php-console-table Architecture: source Version: 1.3.1-0.1 Distribution: unstable Urgency: medium Maintainer: Debian PHP PEAR Maintainers Changed-By: Dimitri John Ledkov Description: php-console-table - Closes: 889119 Changes: php-console-table (1.3.1-0.1) unstable; urgency=medium . * Non-maintainer upload * New upstream point release * Fixes FTBFS with php7.2 Closes: #889119 Checksums-Sha1: c4d2d4d5e7868790728970680c8c12e9e50d67c7 1828 php-console-table_1.3.1-0.1.dsc 746969753219ba583dd7e60c3aca9b8fe5d6ca79 11492 php-console-table_1.3.1.orig.tar.gz 3e76ca8e8dde13ff4ff08e3d822c09119e7667b2 3404 php-console-table_1.3.1-0.
Bug#889144: marked as done (stricter PIDfile handling breaks several daemons)
Your message dated Fri, 09 Feb 2018 22:52:12 + with message-id and subject line Bug#889144: fixed in systemd 237-2 has caused the Debian Bug report #889144, regarding stricter PIDfile handling breaks several daemons to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 889144: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889144 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: systemd Version: 237-1 Severity: important Tags: upstream Hi! The upstream commit db256aab13d8a89d583ecd2bacf0aca87c66effc "core: be stricter when handling PID files and MAINPID sd_notify() messages" breaks several daemons in Debian. Known issues exist for - munin-node https://bugs.debian.org/889073 - ulogd2 - dnsmasq https://lists.debian.org/debian-user/2018/01/msg01331.html and possibly others. Symptom is a timeout during service start, constant service restarts (if configured) and log messages like: Feb 2 14:22:49 HOST systemd[1]: ulogd2.service: Permission denied while opening PID file or unsafe symlink chain: /run/ulog/ulogd.pid Feb 2 14:23:54 HOST systemd[1]: munin-node.service: Permission denied while opening PID file or unsafe symlink chain: /run/munin/munin-node.pid Problem lies, as far as I understand the change, in the permissions of the directory in which the PIDfile is created by the daemon. In all cases it does not belong root:root but the respective service user: HOST:/run# ls -ld ulog munin drwxr-xr-x 2 munin root 100 Feb 2 14:50 munin drwxr-xr-x 2 ulog ulog 40 Feb 2 14:24 ulog My quick'n'dirty workaround for munin was to change the PIDfile path to just "/run" in both the systemd unit and the configuration file and for ulogd2 I converted the unit from Type=forking to Type=simple, omitting the PIDfile completely. But this can only be a workaround in my opinion, because the upstream change changes an assumption on how and where PIDfiles can work without any prior notice. This needs to be changed to a non-fatal warning and not an error, IMHO. Grüße, Sven. -- Package-specific info: -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'unstable'), (500, 'testing'), (200, 'experimental'), (1, 'experimental-debug') Architecture: i386 (x86_64) Foreign Architectures: amd64 Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8), LANGUAGE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages systemd depends on: ii adduser 3.116 ii libacl1 2.2.52-3+b1 ii libapparmor1 2.12-2 ii libaudit11:2.8.2-1 ii libblkid12.30.2-0.3 ii libc62.26-6 ii libcap2 1:2.25-1.2 ii libcryptsetup12 2:2.0.0-1 ii libgcrypt20 1.8.1-4 ii libgpg-error01.27-5 ii libidn11 1.33-2.1 ii libip4tc01.6.1-2+b1 ii libkmod2 25-1 ii liblz4-1 0.0~r131-2+b1 ii liblzma5 5.2.2-1.3 ii libmount12.30.2-0.3 ii libpam0g 1.1.8-3.6 ii libseccomp2 2.3.1-2.1 ii libselinux1 2.7-2 ii libsystemd0 237-1 ii mount2.30.2-0.3 ii procps 2:3.3.12-3 ii util-linux 2.30.2-0.3 Versions of packages systemd recommends: ii dbus1.12.2-1 ii libpam-systemd 237-1 Versions of packages systemd suggests: ii policykit-10.105-18 pn systemd-container Versions of packages systemd is related to: pn dracut ii initramfs-tools 0.130 ii udev 237-1 -- Configuration Files: /etc/systemd/journald.conf changed [not included] /etc/systemd/logind.conf changed [not included] /etc/systemd/system.conf changed [not included] -- debconf-show failed --- End Message --- --- Begin Message --- Source: systemd Source-Version: 237-2 We believe that the bug you reported is fixed in the latest version of systemd, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 889...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Michael Biebl (supplier of updated systemd package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-
Processed: Bug #889144 in systemd marked as pending
Processing control commands: > tag -1 pending Bug #889144 [systemd] stricter PIDfile handling breaks several daemons Added tag(s) pending. -- 889144: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889144 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#885340: marked as done (CVE-2017-17504)
Your message dated Fri, 09 Feb 2018 22:35:40 + with message-id and subject line Bug#885340: fixed in imagemagick 8:6.9.9.34+dfsg-1 has caused the Debian Bug report #885340, regarding CVE-2017-17504 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 885340: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885340 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: imagemagick Severity: important Tags: security https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17504: https://github.com/ImageMagick/ImageMagick/issues/872 ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/ce3a586a43a7d13442587eb7f28d129557b6a135 ImageMagick-7: https://github.com/ImageMagick/ImageMagick/commit/59c49559e302e06bfba46cb6feb4e39adbe675b6 ImageMagick-7: https://github.com/ImageMagick/ImageMagick/commit/fb89192c4ca1600741af79dd22166a7d91e76924 --- End Message --- --- Begin Message --- Source: imagemagick Source-Version: 8:6.9.9.34+dfsg-1 We believe that the bug you reported is fixed in the latest version of imagemagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 885...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastien Roucariès (supplier of updated imagemagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 08 Feb 2018 13:38:05 +0100 Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source Version: 8:6.9.9.34+dfsg-1 Distribution: experimental Urgency: high Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16) libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI) libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-5 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-5-extra - low-level image manipulation library - extra codecs (Q16) libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16) libmagickcore-6.q16hdri-5 - low-level image manipulation library -- quantum depth Q16HDRI libmagickcore-6.q16hdri-5-extra - low-level image manipulation library - extra codecs (Q16HDRI
Bug#889144: Bug #889144 in systemd marked as pending
Control: tag -1 pending Hello, Bug #889144 in systemd reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below, and you can check the diff of the fix at: https://salsa.debian.org/systemd-team/systemd/commit/d8753ea48c3ed470140c7b9b6c0aa1b1073135b3 service: relax PID file symlink chain checks a bit Let's read the PID file after all if there's a potentially unsafe symlink chain in place. But if we do, then refuse taking the PID if its outside of the cgroup. Closes: #889144 (this message was generated automatically) -- Greetings
Bug#885339: marked as done (CVE-2017-17499)
Your message dated Fri, 09 Feb 2018 22:35:40 + with message-id and subject line Bug#885339: fixed in imagemagick 8:6.9.9.34+dfsg-1 has caused the Debian Bug report #885339, regarding CVE-2017-17499 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 885339: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885339 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: imagemagick Version: 8:6.9.7.4+dfsg-16 Severity: important Tags: security https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17499: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=33078&sid=5fbb164c3830293138917f9b14264ed1 ImageMagick-7: https://github.com/ImageMagick/ImageMagick/commit/8c35502217c1879cb8257c617007282eee3fe1cc ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/dd96d671e4d5ae22c6894c302e8996c13f24c45a --- End Message --- --- Begin Message --- Source: imagemagick Source-Version: 8:6.9.9.34+dfsg-1 We believe that the bug you reported is fixed in the latest version of imagemagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 885...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastien Roucariès (supplier of updated imagemagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 08 Feb 2018 13:38:05 +0100 Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source Version: 8:6.9.9.34+dfsg-1 Distribution: experimental Urgency: high Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16) libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI) libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-5 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-5-extra - low-level image manipulation library - extra codecs (Q16) libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16) libmagickcore-6.q16hdri-5 - low-level image manipulation library -- quantum depth Q16HDRI libmagickcore-6.q16hdri-5-extra - low-level image manipulation library - extra codecs (Q16HDRI) libmagickcore-6.q16hd
Bug#890001: marked as done (libspring-java: CVE-2018-1199 Security bypass with static resources)
Your message dated Fri, 9 Feb 2018 23:39:35 +0100 with message-id <424323a7-fd41-b43b-2171-992bdacad...@debian.org> and subject line Re: Bug#890001: libspring-java: CVE-2018-1199 Security bypass with static resources has caused the Debian Bug report #890001, regarding libspring-java: CVE-2018-1199 Security bypass with static resources to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 890001: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890001 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libspring-java X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, the following vulnerability was published for libspring-java. I intend to fix this in sid/buster by uploading 4.3.14. CVE-2018-1199[0]: Security bypass with static resources If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-1199 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1199 Please adjust the affected versions in the BTS as needed. signature.asc Description: OpenPGP digital signature --- End Message --- --- Begin Message --- Version: 4.3.14-1 signature.asc Description: OpenPGP digital signature --- End Message ---
Bug#885125: marked as done (imagemagick: CVE-2017-17879: heap-buffer-overflow in ReadOneMNGImage)
Your message dated Fri, 09 Feb 2018 22:35:40 + with message-id and subject line Bug#885125: fixed in imagemagick 8:6.9.9.34+dfsg-1 has caused the Debian Bug report #885125, regarding imagemagick: CVE-2017-17879: heap-buffer-overflow in ReadOneMNGImage to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 885125: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885125 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: imagemagick Version: 8:6.9.7.4+dfsg-1 Severity: important Tags: patch security upstream Forwarded: https://github.com/ImageMagick/ImageMagick/issues/906 Hi, the following vulnerability was published for imagemagick. CVE-2017-17879[0]: | In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based | buffer over-read in ReadOneMNGImage in coders/png.c, related to length | calculation and caused by an off-by-one error. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-17879 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17879 [1] https://github.com/ImageMagick/ImageMagick/issues/906 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: imagemagick Source-Version: 8:6.9.9.34+dfsg-1 We believe that the bug you reported is fixed in the latest version of imagemagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 885...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastien Roucariès (supplier of updated imagemagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 08 Feb 2018 13:38:05 +0100 Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source Version: 8:6.9.9.34+dfsg-1 Distribution: experimental Urgency: high Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16) libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI) libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-5 - l
Bug#881392: marked as done (imagemagick: CVE-2017-16546)
Your message dated Fri, 09 Feb 2018 22:35:40 + with message-id and subject line Bug#881392: fixed in imagemagick 8:6.9.9.34+dfsg-1 has caused the Debian Bug report #881392, regarding imagemagick: CVE-2017-16546 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 881392: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881392 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: patch security upstream Forwarded: https://github.com/ImageMagick/ImageMagick/issues/851 Hi, the following vulnerability was published for imagemagick. CVE-2017-16546[0]: | The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does | not properly validate the colormap index in a WPG palette, which allows | remote attackers to cause a denial of service (use of uninitialized | data or invalid memory allocation) or possibly have unspecified other | impact via a malformed WPG file. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-16546 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16546 [1] https://github.com/ImageMagick/ImageMagick/issues/851 [2] https://github.com/ImageMagick/ImageMagick/commit/e04cf3e9524f50ca336253513d977224e083b816 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: imagemagick Source-Version: 8:6.9.9.34+dfsg-1 We believe that the bug you reported is fixed in the latest version of imagemagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 881...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastien Roucariès (supplier of updated imagemagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 08 Feb 2018 13:38:05 +0100 Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source Version: 8:6.9.9.34+dfsg-1 Distribution: experimental Urgency: high Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16) libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI) libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-6
Bug#878562: marked as done (imagemagick: CVE-2017-14989)
Your message dated Fri, 09 Feb 2018 22:35:40 + with message-id and subject line Bug#878562: fixed in imagemagick 8:6.9.9.34+dfsg-1 has caused the Debian Bug report #878562, regarding imagemagick: CVE-2017-14989 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 878562: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878562 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: imagemagick Version: 8:6.8.9.9-1 Severity: important Tags: patch security upstream Forwarded: https://github.com/ImageMagick/ImageMagick/issues/781 Hi, the following vulnerability was published for imagemagick. CVE-2017-14989[0]: | A use-after-free in RenderFreetype in MagickCore/annotate.c in | ImageMagick 7.0.7-4 Q16 allows attackers to crash the application via a | crafted font file, because the FT_Done_Glyph function (from FreeType 2) | is called at an incorrect place in the ImageMagick code. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-14989 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14989 [1] https://github.com/ImageMagick/ImageMagick/issues/781 Regards, Salvatore --- End Message --- --- Begin Message --- Source: imagemagick Source-Version: 8:6.9.9.34+dfsg-1 We believe that the bug you reported is fixed in the latest version of imagemagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 878...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastien Roucariès (supplier of updated imagemagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 08 Feb 2018 13:38:05 +0100 Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source Version: 8:6.9.9.34+dfsg-1 Distribution: experimental Urgency: high Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16) libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI) libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-5 - low-level image manipulatio
Bug#878507: marked as done (imagemagick: CVE-2017-13769)
Your message dated Fri, 09 Feb 2018 22:35:39 + with message-id and subject line Bug#878507: fixed in imagemagick 8:6.9.9.34+dfsg-1 has caused the Debian Bug report #878507, regarding imagemagick: CVE-2017-13769 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 878507: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878507 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: patch security upstream Forwarded: https://github.com/ImageMagick/ImageMagick/issues/705 Hi, the following vulnerability was published for imagemagick. CVE-2017-13769[0]: | The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick | through 7.0.6-10 allows an attacker to cause a denial of service | (buffer over-read) by sending a crafted JPEG file. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-13769 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13769 [1] https://github.com/ImageMagick/ImageMagick/issues/705 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: imagemagick Source-Version: 8:6.9.9.34+dfsg-1 We believe that the bug you reported is fixed in the latest version of imagemagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 878...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastien Roucariès (supplier of updated imagemagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 08 Feb 2018 13:38:05 +0100 Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source Version: 8:6.9.9.34+dfsg-1 Distribution: experimental Urgency: high Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16) libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI) libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-5 - low-level image manipulation library -- qu
Bug#876097: marked as done (imagemagick: CVE-2017-14224: Heap buffer overflow in WritePCXImage)
Your message dated Fri, 09 Feb 2018 22:35:39 + with message-id and subject line Bug#876097: fixed in imagemagick 8:6.9.9.34+dfsg-1 has caused the Debian Bug report #876097, regarding imagemagick: CVE-2017-14224: Heap buffer overflow in WritePCXImage to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 876097: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876097 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: upstream security patch Forwarded: https://github.com/ImageMagick/ImageMagick/issues/733 Hi, the following vulnerability was published for imagemagick. CVE-2017-14224[0]: | A heap-based buffer overflow in WritePCXImage in coders/pcx.c in | ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of | service or code execution via a crafted file. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-14224 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14224 [1] https://github.com/ImageMagick/ImageMagick/issues/733 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: imagemagick Source-Version: 8:6.9.9.34+dfsg-1 We believe that the bug you reported is fixed in the latest version of imagemagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 876...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastien Roucariès (supplier of updated imagemagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 08 Feb 2018 13:38:05 +0100 Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source Version: 8:6.9.9.34+dfsg-1 Distribution: experimental Urgency: high Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16) libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI) libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-5 - low-level
Bug#878508: marked as done (imagemagick: CVE-2017-13758)
Your message dated Fri, 09 Feb 2018 22:35:39 + with message-id and subject line Bug#878508: fixed in imagemagick 8:6.9.9.34+dfsg-1 has caused the Debian Bug report #878508, regarding imagemagick: CVE-2017-13758 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 878508: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878508 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: patch security upstream Forwarded: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32583 Hi, the following vulnerability was published for imagemagick. CVE-2017-13758[0]: | In ImageMagick 7.0.6-10, there is a heap-based buffer overflow in the | TracePoint() function in MagickCore/draw.c. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-13758 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13758 [1] https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32583 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: imagemagick Source-Version: 8:6.9.9.34+dfsg-1 We believe that the bug you reported is fixed in the latest version of imagemagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 878...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastien Roucariès (supplier of updated imagemagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 08 Feb 2018 13:38:05 +0100 Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source Version: 8:6.9.9.34+dfsg-1 Distribution: experimental Urgency: high Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16) libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI) libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-5 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-5
Bug#878527: marked as done (imagemagick: CVE-2017-14607)
Your message dated Fri, 09 Feb 2018 22:35:39 + with message-id and subject line Bug#878527: fixed in imagemagick 8:6.9.9.34+dfsg-1 has caused the Debian Bug report #878527, regarding imagemagick: CVE-2017-14607 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 878527: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878527 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: patch security upstream Forwarded: https://github.com/ImageMagick/ImageMagick/issues/765 Hi, the following vulnerability was published for imagemagick. CVE-2017-14607[0]: | In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to | ReadTIFFImage has been reported in coders/tiff.c. An attacker could | possibly exploit this flaw to disclose potentially sensitive memory or | cause an application crash. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-14607 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14607 [1] https://github.com/ImageMagick/ImageMagick/issues/765 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: imagemagick Source-Version: 8:6.9.9.34+dfsg-1 We believe that the bug you reported is fixed in the latest version of imagemagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 878...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastien Roucariès (supplier of updated imagemagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 08 Feb 2018 13:38:05 +0100 Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source Version: 8:6.9.9.34+dfsg-1 Distribution: experimental Urgency: high Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16) libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI) libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q
Bug#878578: marked as done (imagemagick: CVE-2017-15277)
Your message dated Fri, 09 Feb 2018 22:35:40 + with message-id and subject line Bug#878578: fixed in imagemagick 8:6.9.9.34+dfsg-1 has caused the Debian Bug report #878578, regarding imagemagick: CVE-2017-15277 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 878578: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878578 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: patch security upstream Forwarded: https://github.com/ImageMagick/ImageMagick/issues/592 Hi, the following vulnerability was published for imagemagick. CVE-2017-15277[0]: | ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick | 1.3.26 leaves the palette uninitialized when processing a GIF file that | has neither a global nor local palette. If the affected product is used | as a library loaded into a process that operates on interesting data, | this data sometimes can be leaked via the uninitialized palette. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-15277 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15277 [1] https://github.com/ImageMagick/ImageMagick/issues/592 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: imagemagick Source-Version: 8:6.9.9.34+dfsg-1 We believe that the bug you reported is fixed in the latest version of imagemagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 878...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastien Roucariès (supplier of updated imagemagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 08 Feb 2018 13:38:05 +0100 Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source Version: 8:6.9.9.34+dfsg-1 Distribution: experimental Urgency: high Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16) libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI) libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-6-arch-config - low-level image manipulation library - arch
Bug#876488: marked as done (imagemagick: CVE-2017-14682: Heap buffer overflow in GetNextToken())
Your message dated Fri, 09 Feb 2018 22:35:39 + with message-id and subject line Bug#876488: fixed in imagemagick 8:6.9.9.34+dfsg-1 has caused the Debian Bug report #876488, regarding imagemagick: CVE-2017-14682: Heap buffer overflow in GetNextToken() to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 876488: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876488 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: grave Tags: upstream security patch Forwarded: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32726 Hi, the following vulnerability was published for imagemagick. CVE-2017-14682[0]: | GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote | attackers to cause a denial of service (heap-based buffer overflow and | application crash) or possibly have unspecified other impact via a | crafted SVG document, a different vulnerability than CVE-2017-10928. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-14682 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14682 [1] https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32726 [2] https://github.com/ImageMagick/ImageMagick/commit/3bee958ee63eb6ec62834d0c7b28b4b6835e6a00 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: imagemagick Source-Version: 8:6.9.9.34+dfsg-1 We believe that the bug you reported is fixed in the latest version of imagemagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 876...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastien Roucariès (supplier of updated imagemagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 08 Feb 2018 13:38:05 +0100 Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source Version: 8:6.9.9.34+dfsg-1 Distribution: experimental Urgency: high Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16) libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI) libmagick++-dev - object-oriented C++ interface to ImageMagick
Bug#872373: marked as done (CVE-2017-12877)
Your message dated Fri, 09 Feb 2018 22:35:38 + with message-id and subject line Bug#872373: fixed in imagemagick 8:6.9.9.34+dfsg-1 has caused the Debian Bug report #872373, regarding CVE-2017-12877 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 872373: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872373 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: imagemagick Version: 8:6.9.7.4+dfsg-16 Severity: grave Tags: security This was assigned CVE-2017-12877: https://github.com/ImageMagick/ImageMagick/issues/662 https://github.com/ImageMagick/ImageMagick/commit/98dda239ec398dd56453460849b4c9057fc424e5 Cheers, Moritz --- End Message --- --- Begin Message --- Source: imagemagick Source-Version: 8:6.9.9.34+dfsg-1 We believe that the bug you reported is fixed in the latest version of imagemagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 872...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastien Roucariès (supplier of updated imagemagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 08 Feb 2018 13:38:05 +0100 Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source Version: 8:6.9.9.34+dfsg-1 Distribution: experimental Urgency: high Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16) libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI) libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-5 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-5-extra - low-level image manipulation library - extra codecs (Q16) libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16) libmagickcore-6.q16hdri-5 - low-level image manipulation library -- quantum depth Q16HDRI libmagickcore-6.q16hdri-5-extra - low-level image manipulation library - extra codecs (Q16HDRI) libmagickcore-6.q16hdri-dev - low-level image manipulation library - development files (Q16HDRI libmagickcore-dev - low-level image manipulation library -- dummy package libmagickwand-6-headers - image manipula
Bug#873134: marked as done (imagemagick: CVE-2017-12983)
Your message dated Fri, 09 Feb 2018 22:35:39 + with message-id and subject line Bug#873134: fixed in imagemagick 8:6.9.9.34+dfsg-1 has caused the Debian Bug report #873134, regarding imagemagick: CVE-2017-12983 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 873134: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873134 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: security patch upstream Forwarded: https://github.com/ImageMagick/ImageMagick/issues/682 Hi, the following vulnerability was published for imagemagick. CVE-2017-12983[0]: | Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c | in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of | service (application crash) or possibly have unspecified other impact | via a crafted file. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-12983 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12983 [1] https://github.com/ImageMagick/ImageMagick/issues/682 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: imagemagick Source-Version: 8:6.9.9.34+dfsg-1 We believe that the bug you reported is fixed in the latest version of imagemagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 873...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastien Roucariès (supplier of updated imagemagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 08 Feb 2018 13:38:05 +0100 Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source Version: 8:6.9.9.34+dfsg-1 Distribution: experimental Urgency: high Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16) libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI) libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-
Bug#873099: marked as done (imagemagick: CVE-2017-13134)
Your message dated Fri, 09 Feb 2018 22:35:38 + with message-id and subject line Bug#873099: fixed in imagemagick 8:6.9.9.34+dfsg-1 has caused the Debian Bug report #873099, regarding imagemagick: CVE-2017-13134 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 873099: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873099 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: security patch upstream Forwarded: https://github.com/ImageMagick/ImageMagick/issues/670 Hi, the following vulnerability was published for imagemagick. CVE-2017-13134[0]: | In ImageMagick 7.0.6-6, a heap-based buffer over-read was found in the | function SFWScan in coders/sfw.c, which allows attackers to cause a | denial of service via a crafted file. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-13134 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13134 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: imagemagick Source-Version: 8:6.9.9.34+dfsg-1 We believe that the bug you reported is fixed in the latest version of imagemagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 873...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastien Roucariès (supplier of updated imagemagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 08 Feb 2018 13:38:05 +0100 Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source Version: 8:6.9.9.34+dfsg-1 Distribution: experimental Urgency: high Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16) libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI) libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-5 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-5-extra - low-level image man
Bug#889995: marked as done (steam: Fails to install: depends on removed package libtxc-dxtn0:i386)
Your message dated Fri, 09 Feb 2018 22:06:26 + with message-id and subject line Bug#889987: fixed in steam 1.0.0.54-4 has caused the Debian Bug report #889987, regarding steam: Fails to install: depends on removed package libtxc-dxtn0:i386 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 889987: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889987 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: steam Version: 1.0.0.54-3 Severity: important Dear Maintainer, Steam fails to install, as follows: The following packages have unmet dependencies: steam:i386 : Depends: libtxc-dxtn0:i386 but it is not installable E: Unable to correct problems, you have held broken packages. libtxc-dxtn0 appears to be obsolete (and is no longer in unstable), as https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888430 Thanks, Joe -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.14.0-3-amd64 (SMP w/12 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages steam depends on: ii debconf [debconf-2.0]1.5.65 ii libc62.26-6 ii libgl1-mesa-dri 17.3.3-1 ii libgl1-mesa-glx 17.3.3-1 ii libgpg-error01.27-6 ii libstdc++6 8-20180207-2 ii libtxc-dxtn-s2tc [libtxc-dxtn0] 1.0+git20151227-2 ii libudev1 237-1 ii libx11-6 2:1.6.4-3 ii libxinerama1 2:1.1.3-1+b3 ii xz-utils 5.2.2-1.3 Versions of packages steam recommends: ii fonts-liberation 1:1.07.4-5 ii konsole [x-terminal-emulator] 4:17.08.3-1 ii libxss11:1.2.2-1+b2 ii xterm [x-terminal-emulator]331-1 ii zenity 3.26.0-2 Versions of packages steam suggests: pn steam-devices -- debconf information excluded signature.asc Description: OpenPGP digital signature --- End Message --- --- Begin Message --- Source: steam Source-Version: 1.0.0.54-4 We believe that the bug you reported is fixed in the latest version of steam, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 889...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Simon McVittie (supplier of updated steam package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 09 Feb 2018 21:42:49 + Source: steam Binary: steam steam-devices Architecture: source Version: 1.0.0.54-4 Distribution: unstable Urgency: medium Maintainer: Debian Games Team Changed-By: Simon McVittie Description: steam - Valve's Steam digital software delivery system steam-devices - Device support for Steam-related hardware Closes: 889987 Changes: steam (1.0.0.54-4) unstable; urgency=medium . * Team upload * Depend on libgl1-mesa-dri (>= 17.3) | libtxc-dxtn0 now that S3TC support is no longer patent-encumbered and has been enabled in Mesa (Closes: #889987) - The alternative dependency can be removed if backports to older suites are no longer interesting. Checksums-Sha1: 107d95816ab97d7996c3b7a630a76e2bf5742ab2 1888 steam_1.0.0.54-4.dsc d281d7c523d07a58906bace025c536911a3709c6 9972 steam_1.0.0.54-4.debian.tar.xz 570b20a00175eb492c62703123172eb359bcaeef 5570 steam_1.0.0.54-4_source.buildinfo Checksums-Sha256: 328bed3b3acd89920aca26da212fbeb4c0be3a4341f6bd675fea56cfcaf8c129 1888 steam_1.0.0.54-4.dsc cbe463ebb67e8ef4cc98bf3a41b7e3d012e7d461ed34eb517b044b7d1d5b7502 9972 steam_1.0.0.54-4.debian.tar.xz dbbefb205c4cd24f33cc68cf9ea1477ea0700d51ca6d22a2dfff42533d2a7d19 5570 steam_1.0.0.54-4_source.buildinfo Files: 510db40b1a16cb26e1f2e2b618033b98 1888 non-free/games optional steam_1.0.0.54-4.dsc a78791664190d72f4d94dabb4ece3801 9972 non-free/games optional steam_1.0.0.54-4.debian.tar.xz b3961e66dac408ba381d1222575
Bug#889987: marked as done (steam: depends on non-existent libtxc-dxtn0)
Your message dated Fri, 09 Feb 2018 22:06:26 + with message-id and subject line Bug#889987: fixed in steam 1.0.0.54-4 has caused the Debian Bug report #889987, regarding steam: depends on non-existent libtxc-dxtn0 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 889987: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889987 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: steam Version: 1.0.0.54-3 Severity: grave Hi, on a fresh buster, sid install I get on $ sudo apt-get install steam Paketlisten werden gelesen... Fertig Abhängigkeitsbaum wird aufgebaut. Statusinformationen werden eingelesen Fertig Einige Pakete konnten nicht installiert werden. Das kann bedeuten, dass Sie eine unmögliche Situation angefordert haben oder, wenn Sie die Unstable-Distribution verwenden, dass einige erforderliche Pakete noch nicht erstellt wurden oder Incoming noch nicht verlassen haben. Die folgenden Informationen helfen Ihnen vielleicht, die Situation zu lösen: Die folgenden Pakete haben unerfüllte Abhängigkeiten: steam:i386 : Hängt ab von: libc6:i386 (>= 2.15) soll aber nicht installiert werden Hängt ab von: libstdc++6:i386 (>= 4.3) soll aber nicht installiert werden Hängt ab von: libx11-6:i386 soll aber nicht installiert werden Hängt ab von: libudev1:i386 soll aber nicht installiert werden Hängt ab von: libxinerama1:i386 soll aber nicht installiert werden Hängt ab von: libtxc-dxtn0:i386 Hängt ab von: libgl1-mesa-dri:i386 soll aber nicht installiert werden Hängt ab von: libgl1-mesa-glx:i386 soll aber nicht installiert werden Hängt ab von: libgpg-error0:i386 soll aber nicht installiert werden Empfiehlt: libxss1:i386 soll aber nicht installiert werden E: Probleme können nicht korrigiert werden, Sie haben zurückgehaltene defekte Pakete. Please ask me if you have a question. CU Jörg -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing'), (300, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.14.0-3-amd64 (SMP w/6 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) --- End Message --- --- Begin Message --- Source: steam Source-Version: 1.0.0.54-4 We believe that the bug you reported is fixed in the latest version of steam, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 889...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Simon McVittie (supplier of updated steam package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 09 Feb 2018 21:42:49 + Source: steam Binary: steam steam-devices Architecture: source Version: 1.0.0.54-4 Distribution: unstable Urgency: medium Maintainer: Debian Games Team Changed-By: Simon McVittie Description: steam - Valve's Steam digital software delivery system steam-devices - Device support for Steam-related hardware Closes: 889987 Changes: steam (1.0.0.54-4) unstable; urgency=medium . * Team upload * Depend on libgl1-mesa-dri (>= 17.3) | libtxc-dxtn0 now that S3TC support is no longer patent-encumbered and has been enabled in Mesa (Closes: #889987) - The alternative dependency can be removed if backports to older suites are no longer interesting. Checksums-Sha1: 107d95816ab97d7996c3b7a630a76e2bf5742ab2 1888 steam_1.0.0.54-4.dsc d281d7c523d07a58906bace025c536911a3709c6 9972 steam_1.0.0.54-4.debian.tar.xz 570b20a00175eb492c62703123172eb359bcaeef 5570 steam_1.0.0.54-4_source.buildinfo Checksums-Sha256: 328bed3b3acd89920aca26da212fbeb4c0be3a4341f6bd675fea56cfcaf8c129 1888 steam_1.0.0.54-4.dsc cbe463ebb67e8ef4cc98bf3a41b7e3d012e7d461ed34eb517b044b7d1d5b7502 9972 steam_1.0.0.54-4.debian.tar.xz dbbefb205c4cd24f33cc68cf9ea1477ea0700d51ca6d22a2dfff42533d2a7d19 5570 steam_1.0.0.54-4_source.buildinfo Files: 510db40b1a16cb26e1f2e2b618033b98 1888 non-free/games
Processed: Re: Please drop Build-Depends on deprecated libck-connector-dev
Processing control commands: > severity -1 serious Bug #865043 [src:lxdm] Please drop Build-Depends on deprecated libck-connector-dev Severity set to 'serious' from 'normal' -- 865043: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865043 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#889987: steam: depends on non-existent libtxc-dxtn0
Hi, This package was a workaround againt S3TC pattent. This pattent has now expired and functionality has been merged into Mesa. Greetings, https://www.phoronix.com/scan.php?page=news_item&px=S3TC-Lands-In-Mesa 2018-02-09 20:59 GMT+01:00 James Cowgill : > > Control: retitle -1 steam: depends on non-existent libtxc-dxtn0 > > Hi, > > On 09/02/18 19:44, Stephen Kitt wrote: > > Hi Jörg, > > > > On Fri, 09 Feb 2018 19:39:39 +0100, Jörg Frings-Fürst > > wrote: > >> on a fresh buster, sid install I get on > >> > >> $ sudo apt-get install steam > > [...] > >> Die folgenden Pakete haben unerfüllte Abhängigkeiten: > >> steam:i386 : Hängt ab von: libc6:i386 (>= 2.15) soll aber nicht > >> installiert > >> werden > >> Hängt ab von: libstdc++6:i386 (>= 4.3) soll aber nicht > >> installiert werden > >> Hängt ab von: libx11-6:i386 soll aber nicht installiert > >> werden > >> Hängt ab von: libudev1:i386 soll aber nicht installiert > >> werden > >> Hängt ab von: libxinerama1:i386 soll aber nicht installiert > >> werden > >> Hängt ab von: libtxc-dxtn0:i386 > > The only package which provided this library was removed at the end of > January: > https://tracker.debian.org/pkg/s2tc > https://tracker.debian.org/news/928386 > > I guess only main was checked so noone realized steam (in non-free) > still depended on it :/ > > Thanks, > James >
Processed: found 890001 in 4.3.13-1
Processing commands for cont...@bugs.debian.org: > found 890001 4.3.13-1 Bug #890001 [libspring-java] libspring-java: CVE-2018-1199 Security bypass with static resources There is no source info for the package 'libspring-java' at version '4.3.13-1' with architecture '' Unable to make a source version for version '4.3.13-1' Marked as found in versions 4.3.13-1. > thanks Stopping processing here. Please contact me if you need assistance. -- 890001: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890001 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: retitle 890000 to exim4: CVE-2018-6789: Buffer overflow in an utility function
Processing commands for cont...@bugs.debian.org: > retitle 89 exim4: CVE-2018-6789: Buffer overflow in an utility function Bug #89 [src:exim4] exim4: CVE-2018-6789 Changed Bug title to 'exim4: CVE-2018-6789: Buffer overflow in an utility function' from 'exim4: CVE-2018-6789'. > thanks Stopping processing here. Please contact me if you need assistance. -- 89: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=89 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#890001: libspring-java: CVE-2018-1199 Security bypass with static resources
Package: libspring-java X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, the following vulnerability was published for libspring-java. I intend to fix this in sid/buster by uploading 4.3.14. CVE-2018-1199[0]: Security bypass with static resources If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-1199 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1199 Please adjust the affected versions in the BTS as needed. signature.asc Description: OpenPGP digital signature
Bug#890000: exim4: CVE-2018-6789
Source: exim4 Version: 4.90-1 Severity: grave Tags: security upstream Hi, the following vulnerability was published for exim4 (actually not really the details, filling the bug for having a tracking bug in the BTS). CVE-2018-6789[0]: | An issue was discovered in the SMTP listener in Exim 4.90 and earlier. | By sending a handcrafted message, a buffer overflow may happen in a | specific function. This can be used to execute code remotely. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-6789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6789 [1] https://exim.org/static/doc/security/CVE-2018-6789.txt Please adjust the affected versions in the BTS as needed, when issue goes public with details and possibly adjust severity. Regards, Salvatore
Processed: reopen 889987
Processing commands for cont...@bugs.debian.org: > reopen 889987 Bug #889987 {Done: Joe Dight } [steam] steam: depends on non-existent libtxc-dxtn0 Bug #889995 {Done: Joe Dight } [steam] steam: Fails to install: depends on removed package libtxc-dxtn0:i386 Bug reopened Ignoring request to alter fixed versions of bug #889987 to the same values previously set Ignoring request to alter fixed versions of bug #889995 to the same values previously set > thanks Stopping processing here. Please contact me if you need assistance. -- 889987: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889987 889995: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889995 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#889996: resiprocate-turn-server: broken init script stop action
Package: resiprocate-turn-server Version: 1:1.11.0~beta1-3 Severity: serious User: debian-ad...@lists.debian.org Usertags: needed-by-DSA-Team X-Debbugs-Cc: debian-ad...@lists.debian.org Hi, your init script "stop" action is broken. stop) log_daemon_msg "Stopping $DESC ($NAME)" $BIN if start-stop-daemon --stop --quiet --oknodo --user $USER --pidfile $PIDFILE --exec $DAEMON ; then log_end_msg 0 else log_end_msg 1 fi ;; It is missing the --retry option which means it doesn't wait until the process is actually dead before exiting. This shows up in the "restart" action with: restart) $0 stop && sleep 2 && $0 start ;; That "sleep" is evidence that "stop" is broken. And because systemd never calls the init script with "restart" but uses "stop" followed by "start" (which is supposed to be the same thing), the old "sleep" workaround for broken "stop" no longer works. Please add the appropriate "--retry" option to "stop" and remove that "sleep". Cheers, Julien
Bug#889987: marked as done (steam: depends on non-existent libtxc-dxtn0)
Your message dated Fri, 09 Feb 2018 20:31:49 + with message-id <6752f660bd27098562f264af30836...@joedight.net> and subject line realized bug is a duplicate has caused the Debian Bug report #889995, regarding steam: depends on non-existent libtxc-dxtn0 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 889995: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889995 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: steam Version: 1.0.0.54-3 Severity: grave Hi, on a fresh buster, sid install I get on $ sudo apt-get install steam Paketlisten werden gelesen... Fertig Abhängigkeitsbaum wird aufgebaut. Statusinformationen werden eingelesen Fertig Einige Pakete konnten nicht installiert werden. Das kann bedeuten, dass Sie eine unmögliche Situation angefordert haben oder, wenn Sie die Unstable-Distribution verwenden, dass einige erforderliche Pakete noch nicht erstellt wurden oder Incoming noch nicht verlassen haben. Die folgenden Informationen helfen Ihnen vielleicht, die Situation zu lösen: Die folgenden Pakete haben unerfüllte Abhängigkeiten: steam:i386 : Hängt ab von: libc6:i386 (>= 2.15) soll aber nicht installiert werden Hängt ab von: libstdc++6:i386 (>= 4.3) soll aber nicht installiert werden Hängt ab von: libx11-6:i386 soll aber nicht installiert werden Hängt ab von: libudev1:i386 soll aber nicht installiert werden Hängt ab von: libxinerama1:i386 soll aber nicht installiert werden Hängt ab von: libtxc-dxtn0:i386 Hängt ab von: libgl1-mesa-dri:i386 soll aber nicht installiert werden Hängt ab von: libgl1-mesa-glx:i386 soll aber nicht installiert werden Hängt ab von: libgpg-error0:i386 soll aber nicht installiert werden Empfiehlt: libxss1:i386 soll aber nicht installiert werden E: Probleme können nicht korrigiert werden, Sie haben zurückgehaltene defekte Pakete. Please ask me if you have a question. CU Jörg -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing'), (300, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.14.0-3-amd64 (SMP w/6 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) --- End Message --- --- Begin Message --- Just realized that this is a duplicate of #889987, I didn't check for bugs on the src package. Sorry. signature.asc Description: OpenPGP digital signature --- End Message ---
Bug#889995: marked as done (steam: Fails to install: depends on removed package libtxc-dxtn0:i386)
Your message dated Fri, 09 Feb 2018 20:31:49 + with message-id <6752f660bd27098562f264af30836...@joedight.net> and subject line realized bug is a duplicate has caused the Debian Bug report #889995, regarding steam: Fails to install: depends on removed package libtxc-dxtn0:i386 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 889995: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889995 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: steam Version: 1.0.0.54-3 Severity: important Dear Maintainer, Steam fails to install, as follows: The following packages have unmet dependencies: steam:i386 : Depends: libtxc-dxtn0:i386 but it is not installable E: Unable to correct problems, you have held broken packages. libtxc-dxtn0 appears to be obsolete (and is no longer in unstable), as https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888430 Thanks, Joe -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.14.0-3-amd64 (SMP w/12 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages steam depends on: ii debconf [debconf-2.0]1.5.65 ii libc62.26-6 ii libgl1-mesa-dri 17.3.3-1 ii libgl1-mesa-glx 17.3.3-1 ii libgpg-error01.27-6 ii libstdc++6 8-20180207-2 ii libtxc-dxtn-s2tc [libtxc-dxtn0] 1.0+git20151227-2 ii libudev1 237-1 ii libx11-6 2:1.6.4-3 ii libxinerama1 2:1.1.3-1+b3 ii xz-utils 5.2.2-1.3 Versions of packages steam recommends: ii fonts-liberation 1:1.07.4-5 ii konsole [x-terminal-emulator] 4:17.08.3-1 ii libxss11:1.2.2-1+b2 ii xterm [x-terminal-emulator]331-1 ii zenity 3.26.0-2 Versions of packages steam suggests: pn steam-devices -- debconf information excluded signature.asc Description: OpenPGP digital signature --- End Message --- --- Begin Message --- Just realized that this is a duplicate of #889987, I didn't check for bugs on the src package. Sorry. signature.asc Description: OpenPGP digital signature --- End Message ---
Processed: merge 889987 and 889995 attempt 2
Processing commands for cont...@bugs.debian.org: > reassign 889987 steam 1.0.0.54-3 Bug #889987 [src:steam] steam: depends on non-existent libtxc-dxtn0 Bug reassigned from package 'src:steam' to 'steam'. No longer marked as found in versions steam/1.0.0.54-3. Ignoring request to alter fixed versions of bug #889987 to the same values previously set Bug #889987 [steam] steam: depends on non-existent libtxc-dxtn0 Marked as found in versions steam/1.0.0.54-3. > forcemerge 889987 889995 Bug #889987 [steam] steam: depends on non-existent libtxc-dxtn0 Bug #889995 [steam] steam: Fails to install: depends on removed package libtxc-dxtn0:i386 Severity set to 'grave' from 'important' Merged 889987 889995 > thanks Stopping processing here. Please contact me if you need assistance. -- 889987: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889987 889995: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889995 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed (with 1 error): merge 889987 and 889995
Processing commands for cont...@bugs.debian.org: > forcemerge 889987 889995 Bug #889987 [src:steam] steam: depends on non-existent libtxc-dxtn0 Unable to merge bugs because: package of #889995 is 'steam' not 'src:steam' Failed to forcibly merge 889987: Did not alter merged bugs. > thanks Stopping processing here. Please contact me if you need assistance. -- 889987: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889987 889995: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889995 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#886944: python3-regex: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE
Hi Sandro, On Thu, Feb 08, 2018 at 10:47:08PM -0500, Sandro Tosi wrote: > Hello Nicholas, > > On Tue, Feb 6, 2018 at 10:15 PM, Nicholas D Steeves > wrote: > > > > Hi Sandro, > > > > Would you like a patch for current_version-new_revision or for > > new_upstream_version-1? I assumed the latter, and send two patches > > also assuming that you'd squash them. Of course I'd be happy to > > squash them myself and rewrite the messages. Whatever you prefer :-) > > i would prefer a single patch for current_version-new_revision (small > upload to fix the issue) - i'll then prepare a new upstream release > soon after. > > Thanks, > -- > Sandro "morph" Tosi > My website: http://sandrotosi.me/ > Me at Debian: http://wiki.debian.org/SandroTosi > G+: https://plus.google.com/u/0/+SandroTosi Patch is attached. It would be nice for the -dbg packages to be symlinks to their respective packages, which would be safe because the -dbg packages depend on the non-dbg ones...but I couldn't figure out an easy way to handle both stretch2buster and buster_intermediary_version2buster_release, other than switching to dbgsym. Cheers, Nicholas From 50b123c8912bb10d3f5906676d9951a7db36e5c4 Mon Sep 17 00:00:00 2001 From: Nicholas D Steeves Date: Tue, 6 Feb 2018 15:43:34 -0500 Subject: [PATCH] Correct errors in maintscripts. (Closes: #886944) --- debian/python-regex-dbg.maintscript | 2 +- debian/python3-regex-dbg.maintscript | 2 +- debian/python3-regex.maintscript | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/debian/python-regex-dbg.maintscript b/debian/python-regex-dbg.maintscript index 06d5276..98054e4 100644 --- a/debian/python-regex-dbg.maintscript +++ b/debian/python-regex-dbg.maintscript @@ -1 +1 @@ -symlink_to_dir /usr/share/doc/python-regex-dbg python-regex-dbg 0.1.20171212-1 +symlink_to_dir /usr/share/doc/python-regex-dbg python-regex 0.1.20171212-2~ diff --git a/debian/python3-regex-dbg.maintscript b/debian/python3-regex-dbg.maintscript index cb7b44f..3316dc3 100644 --- a/debian/python3-regex-dbg.maintscript +++ b/debian/python3-regex-dbg.maintscript @@ -1 +1 @@ -symlink_to_dir /usr/share/doc/python3-regex-dbg python3-regex-dbg 0.1.20171212-1 +symlink_to_dir /usr/share/doc/python3-regex-dbg python-regex 0.1.20171212-2~ diff --git a/debian/python3-regex.maintscript b/debian/python3-regex.maintscript index 899180d..e99ccd2 100644 --- a/debian/python3-regex.maintscript +++ b/debian/python3-regex.maintscript @@ -1 +1 @@ -symlink_to_dir /usr/share/doc/python3-regex python3-regex 0.1.20171212-1 +symlink_to_dir /usr/share/doc/python3-regex python-regex 0.1.20171212-2~ -- 2.11.0 signature.asc Description: PGP signature
Processed: Re: Bug#889987: steam: depends on non-existent libtxc-dxtn0
Processing control commands: > retitle -1 steam: depends on non-existent libtxc-dxtn0 Bug #889987 [src:steam] Steam can't install. Depends on libc6:i386, libstdc++6:i386, and more Changed Bug title to 'steam: depends on non-existent libtxc-dxtn0' from 'Steam can't install. Depends on libc6:i386, libstdc++6:i386, and more'. -- 889987: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889987 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#889987: Steam can't install. Depends on libc6:i386, libstdc++6:i386, and more
On Fri, Feb 09, 2018 at 07:39:39PM +0100, Jörg Frings-Fürst wrote: > Source: steam > Version: 1.0.0.54-3 > Severity: grave > > Hi, > > on a fresh buster, sid install I get on > > $ sudo apt-get install steam >... > Die folgenden Pakete haben unerfüllte Abhängigkeiten: > steam:i386 : Hängt ab von: libc6:i386 (>= 2.15) soll aber nicht installiert > werden > Hängt ab von: libstdc++6:i386 (>= 4.3) soll aber nicht > installiert werden > Hängt ab von: libx11-6:i386 soll aber nicht installiert werden > Hängt ab von: libudev1:i386 soll aber nicht installiert werden > Hängt ab von: libxinerama1:i386 soll aber nicht installiert > werden > Hängt ab von: libtxc-dxtn0:i386 > Hängt ab von: libgl1-mesa-dri:i386 soll aber nicht installiert > werden > Hängt ab von: libgl1-mesa-glx:i386 soll aber nicht installiert > werden > Hängt ab von: libgpg-error0:i386 soll aber nicht installiert > werden > Empfiehlt: libxss1:i386 soll aber nicht installiert werden > E: Probleme können nicht korrigiert werden, Sie haben zurückgehaltene defekte > Pakete. > > > Please ask me if you have a question. apt is not really good at reporting the actual root cause, please add the packages it cannot install until either installation succeeds or the real error is found. >... > -- System Information: > Debian Release: buster/sid > APT prefers testing > APT policy: (500, 'testing'), (300, 'unstable'), (1, 'experimental') >... Do you have any packages from sid installed? If yes, does sudo apt-get -t unstable install steam work? > CU > Jörg cu Adrian -- "Is there not promise of rain?" Ling Tan asked suddenly out of the darkness. There had been need of rain for many days. "Only a promise," Lao Er said. Pearl S. Buck - Dragon Seed
Bug#889987: steam: depends on non-existent libtxc-dxtn0
Control: retitle -1 steam: depends on non-existent libtxc-dxtn0 Hi, On 09/02/18 19:44, Stephen Kitt wrote: > Hi Jörg, > > On Fri, 09 Feb 2018 19:39:39 +0100, Jörg Frings-Fürst > wrote: >> on a fresh buster, sid install I get on >> >> $ sudo apt-get install steam > [...] >> Die folgenden Pakete haben unerfüllte Abhängigkeiten: >> steam:i386 : Hängt ab von: libc6:i386 (>= 2.15) soll aber nicht installiert >> werden >> Hängt ab von: libstdc++6:i386 (>= 4.3) soll aber nicht >> installiert werden >> Hängt ab von: libx11-6:i386 soll aber nicht installiert werden >> Hängt ab von: libudev1:i386 soll aber nicht installiert werden >> Hängt ab von: libxinerama1:i386 soll aber nicht installiert >> werden >> Hängt ab von: libtxc-dxtn0:i386 The only package which provided this library was removed at the end of January: https://tracker.debian.org/pkg/s2tc https://tracker.debian.org/news/928386 I guess only main was checked so noone realized steam (in non-free) still depended on it :/ Thanks, James signature.asc Description: OpenPGP digital signature
Bug#889987: Steam can't install. Depends on libc6:i386, libstdc++6:i386, and more
Hi Jörg, On Fri, 09 Feb 2018 19:39:39 +0100, Jörg Frings-Fürst wrote: > on a fresh buster, sid install I get on > > $ sudo apt-get install steam [...] > Die folgenden Pakete haben unerfüllte Abhängigkeiten: > steam:i386 : Hängt ab von: libc6:i386 (>= 2.15) soll aber nicht installiert > werden > Hängt ab von: libstdc++6:i386 (>= 4.3) soll aber nicht > installiert werden > Hängt ab von: libx11-6:i386 soll aber nicht installiert werden > Hängt ab von: libudev1:i386 soll aber nicht installiert werden > Hängt ab von: libxinerama1:i386 soll aber nicht installiert > werden > Hängt ab von: libtxc-dxtn0:i386 > Hängt ab von: libgl1-mesa-dri:i386 soll aber nicht installiert > werden > Hängt ab von: libgl1-mesa-glx:i386 soll aber nicht installiert > werden > Hängt ab von: libgpg-error0:i386 soll aber nicht installiert > werden > Empfiehlt: libxss1:i386 soll aber nicht installiert werden > E: Probleme können nicht korrigiert werden, Sie haben zurückgehaltene > defekte Pakete. > > > Please ask me if you have a question. Silly question perhaps, but have you added the i386 architecture? Also, for future bug reports, please run apt with LANG=C... Regards, Stephen pgpXPUjuSOuJr.pgp Description: OpenPGP digital signature
Bug#889751: marked as done (scdaemon: BAD PIN since 2.2.4-2 upgrade)
Your message dated Fri, 09 Feb 2018 19:20:13 + with message-id and subject line Bug#889751: fixed in gnupg2 2.2.4-3 has caused the Debian Bug report #889751, regarding scdaemon: BAD PIN since 2.2.4-2 upgrade to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 889751: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889751 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: scdaemon Version: 2.2.4-2 Severity: normal Hi, since the recent 2.2.4-2 upgrade, when trying to use my smartcard (auth key for SSH for example), I get: févr. 06 20:37:35 scapa gpg-agent[1793]: scdaemon[26257]: verify CHV2 failed: Bad PIN févr. 06 20:37:35 scapa gpg-agent[1793]: scdaemon[26257]: app_auth failed: Bad PIN févr. 06 20:37:35 scapa gpg-agent[1793]: smartcard signing failed: Bad PIN even though I'm sure it's the right PIN. At that point I'm a little reluctant in doing another try because it's the last one before I need to get my admin PIN. Regards, -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable'), (450, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-5-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8), LANGUAGE=fr_FR.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages scdaemon depends on: ii gpg-agent 2.2.4-2 ii libassuan0 2.5.1-2 ii libc6 2.26-6 ii libgcrypt201.8.1-4 ii libgpg-error0 1.27-6 ii libksba8 1.3.5-2 ii libnpth0 1.5-3 ii libusb-1.0-0 2:1.0.21-2 scdaemon recommends no packages. scdaemon suggests no packages. -- no debconf information --- End Message --- --- Begin Message --- Source: gnupg2 Source-Version: 2.2.4-3 We believe that the bug you reported is fixed in the latest version of gnupg2, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 889...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Daniel Kahn Gillmor (supplier of updated gnupg2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 09 Feb 2018 13:51:35 -0500 Source: gnupg2 Binary: gpgconf gnupg-agent gpg-agent gpg-wks-server gpg-wks-client scdaemon gpgsm gpg gnupg gnupg2 gpgv gpgv2 dirmngr gpgv-udeb gpgv-static gpgv-win32 gnupg-l10n gnupg-utils Architecture: source Version: 2.2.4-3 Distribution: unstable Urgency: medium Maintainer: Debian GnuPG Maintainers Changed-By: Daniel Kahn Gillmor Description: dirmngr- GNU privacy guard - network certificate management service gnupg - GNU privacy guard - a free PGP replacement gnupg-agent - GNU privacy guard - cryptographic agent (dummy transitional packa gnupg-l10n - GNU privacy guard - localization files gnupg-utils - GNU privacy guard - utility programs gnupg2 - GNU privacy guard - a free PGP replacement (dummy transitional pa gpg- GNU Privacy Guard -- minimalist public key operations gpg-agent - GNU privacy guard - cryptographic agent gpg-wks-client - GNU privacy guard - Web Key Service client gpg-wks-server - GNU privacy guard - Web Key Service server gpgconf- GNU privacy guard - core configuration utilities gpgsm - GNU privacy guard - S/MIME version gpgv - GNU privacy guard - signature verification tool gpgv-static - minimal signature verification tool (static build) gpgv-udeb - minimal signature verification tool (udeb) gpgv-win32 - GNU privacy guard - signature verification tool (win32 build) gpgv2 - GNU privacy guard - signature verification tool (dummy transition scdaemon - GNU privacy guard - smart card support Closes: 889751 889921 Changes: gnupg2 (2.2.4-3) unstable; urgency=medium . * version build-deps on mingw library toolchain (Closes: #889921) * drop misbehaving upstream scd patch (Closes: #889751) Checksums-Sha1: 6235c7636ff8e6c5244b1726a640871e2bde199d 2885 gnupg2_2.2.4-3.dsc eba2d0df788fb4980241c3d53e972364d9411d1c 71771 gnupg2_2.2.4-3.debian.tar.bz2 7d8b8eb55b3b737f7daaf5904dab9dc30d09bbea 19158 gnupg2_2.2.4-3_amd64.
Bug#889987: Steam can't install. Depends on libc6:i386, libstdc++6:i386, and more
Source: steam Version: 1.0.0.54-3 Severity: grave Hi, on a fresh buster, sid install I get on $ sudo apt-get install steam Paketlisten werden gelesen... Fertig Abhängigkeitsbaum wird aufgebaut. Statusinformationen werden eingelesen Fertig Einige Pakete konnten nicht installiert werden. Das kann bedeuten, dass Sie eine unmögliche Situation angefordert haben oder, wenn Sie die Unstable-Distribution verwenden, dass einige erforderliche Pakete noch nicht erstellt wurden oder Incoming noch nicht verlassen haben. Die folgenden Informationen helfen Ihnen vielleicht, die Situation zu lösen: Die folgenden Pakete haben unerfüllte Abhängigkeiten: steam:i386 : Hängt ab von: libc6:i386 (>= 2.15) soll aber nicht installiert werden Hängt ab von: libstdc++6:i386 (>= 4.3) soll aber nicht installiert werden Hängt ab von: libx11-6:i386 soll aber nicht installiert werden Hängt ab von: libudev1:i386 soll aber nicht installiert werden Hängt ab von: libxinerama1:i386 soll aber nicht installiert werden Hängt ab von: libtxc-dxtn0:i386 Hängt ab von: libgl1-mesa-dri:i386 soll aber nicht installiert werden Hängt ab von: libgl1-mesa-glx:i386 soll aber nicht installiert werden Hängt ab von: libgpg-error0:i386 soll aber nicht installiert werden Empfiehlt: libxss1:i386 soll aber nicht installiert werden E: Probleme können nicht korrigiert werden, Sie haben zurückgehaltene defekte Pakete. Please ask me if you have a question. CU Jörg -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing'), (300, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.14.0-3-amd64 (SMP w/6 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Bug#889829: ghc: error while loading shared libraries: libHShaskeline-0.7.3.0-ghc8.0.2.so
On Fri, Feb 09, 2018 at 11:43:56AM +, James Clarke wrote: > What version of glibc do you have? Have you got any interesting (to ld.so) > environment variables exported or configuration files changed? root@appvm:/home/user# ghc /usr/lib/ghc/bin/ghc: error while loading shared libraries: libHShaskeline-0.7.3.0-ghc8.0.2.so: cannot open shared object file: No such file or directory root@appvm:/home/user# export declare -x HOME="/root" declare -x LOGNAME="root" declare -x OLDPWD declare -x PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" declare -x PWD="/home/user" declare -x SCHROOT_ALIAS_NAME="sid" declare -x SCHROOT_CHROOT_NAME="sid" declare -x SCHROOT_COMMAND="-bash" declare -x SCHROOT_GID="0" declare -x SCHROOT_GROUP="root" declare -x SCHROOT_SESSION_ID="sid" declare -x SCHROOT_UID="0" declare -x SCHROOT_USER="root" declare -x SHELL="/bin/bash" declare -x SHLVL="1" declare -x TERM="xterm-256color" declare -x USER="root" root@appvm:/home/user# dpkg -l |grep libc- ii klibc-utils2.0.4-11 amd64small utilities built with klibc for early boot ii libc-bin 2.26-6 amd64GNU C Library: Binaries ii libc-dev-bin 2.26-6 amd64GNU C Library: Development binaries ii libc-l10n 2.26-6 all GNU C Library: localization files ii linux-libc-dev:amd64 4.14.13-1 amd64Linux support headers for userspace development all packages are updated to latest in sid for amd64 (and the fact that I see this in Qubes seems to be irrelevant as Petter saw this on a plain Debian system as well). -- cheers, Holger signature.asc Description: PGP signature
Bug#882328: [Pkg-gauche-devel] Bug#882328: gauche-c-wrapper FTBFS with glibc 2.25
another idea would be to allow to skip macros via some keyword :skip-macro example patch: --- gauche-c-wrapper-0.6.1/lib/c-wrapper/c-parser.scm 2009-08-08 16:44:52.0 +0200 +++ gauche-c-wrapper-0.6.1.new/lib/c-wrapper/c-parser.scm 2018-02-09 16:56:03.390344967 +0100 @@ -1099,7 +1099,7 @@ ;;:show-define? #f)) ;;(start-macro-reset!))) -(define (parse-macro include-dirs headers options) +(define (parse-macro include-dirs headers options skip-macro) (unwind-protect (guard (e (( e) (let ((errmsg (make-error-message (condition-ref e 'message @@ -1115,7 +1115,10 @@ (raise e (call-with-gcc-io include-dirs headers options (lambda (in out) - (let ((macro-list (queue->list (macro-queue + (let ((macro-list (filter + (lambda(m) + (not (skip-macro (car m + (queue->list (macro-queue) (for-each (lambda (macro-def) (display (car macro-def) out) (newline out)) @@ -1152,11 +1155,11 @@ (else (errorf "~s can't be used for :import argument." import-cond) -(define (c-parse include-dirs headers options import-arg export? sandbox hides) +(define (c-parse include-dirs headers options import-arg export? sandbox hides skip-macro) (with-parse-context (lambda () (parse-source include-dirs headers options) - (parse-macro include-dirs headers options) + (parse-macro include-dirs headers options skip-macro) (let ((export-syms (if import-arg --- gauche-c-wrapper-0.6.1/lib/c-wrapper.scm2009-08-08 16:44:52.0 +0200 +++ gauche-c-wrapper-0.6.1.new/lib/c-wrapper.scm2018-02-09 16:45:26.045654080 +0100 @@ -91,7 +91,8 @@ (module #t) (export? #f) (output #f) - (hide-symbols '())) + (hide-symbols '()) + (skip-macro (lambda(m) #f))) (when (eq? module #t) (set! export? #t)) (parameterize ((sandbox-module (make-sandbox curmod module))) @@ -117,7 +118,8 @@ (lambda (expr) (push! output-list expr)) (sandbox-module)) - hide-symbols) + hide-symbols + skip-macro) (if output (call-with-output-file output (lambda (out) @@ -154,7 +156,8 @@ (module #t) (export? #f) (output #f) - (hide-symbols '())) + (hide-symbols '()) + (skip-macro (lambda(m) #f))) (cond ((compiled-lib-exist? compiled-lib) `(begin @@ -171,7 +174,7 @@ " "))) `(begin (c-ld ,ld-option) - (c-include ,headers :option ,cpp-option :import ,import-arg :output ,output :module ,module :export? ,export? :hide-symbols ,hide-symbols))) + (c-include ,headers :option ,cpp-option :import ,import-arg :output ,output :module ,module :export? ,export? :hide-symbols ,hide-symbols :skip-macro ,skip-macro))) (define-syntax define-enum (syntax-rules () --- gauche-c-wrapper-0.6.1/testsuite/cwrappertest.scm 2009-08-08 16:44:51.0 +0200 +++ gauche-c-wrapper-0.6.1.new/testsuite/cwrappertest.scm 2018-02-09 16:49:49.349893969 +0100 @@ -10,7 +10,7 @@ (test-module 'c-wrapper) (c-load-library "./ffitest") -(c-include "./ffitest.h") +(c-include "./ffitest.h" :skip-macro (lambda(m) (#/^__glibc_macro_warning/ m))) (define-syntax test-cfunc (syntax-rules ()
Bug#888880: Hyvää päivää,
Hyvää päivää, Olen Thomas Walter, joka on rahoitusalan edustaja tunnetusta lainanantajasta, joka tunnetaan nimellä Corporate Lenders. Onko sinulla huono luotto tai tarvitset rahaa maksamaan laskuja? korko on 3%. Täytä alla oleva lomake, jos olet kiinnostunut lainasta. Koko nimi: sukupuoli: Tarvittava summa: Kesto: Voit ottaa meihin yhteyttä sähköpostitse: i...@corporatelendersonline.com Terveiset, Herra Thomas Walter -- Esta mensagem foi verificada pelo sistema de antivírus e acredita-se estar livre de perigo.
Bug#889934: Bug #889934 in salt marked as pending
Control: tag -1 pending Hello, Bug #889934 in salt reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below, and you can check the diff of the fix at: https://salsa.debian.org/salt-team/salt/commit/ce54ee3739fd52f2240783d6122c5317dc2771a4 Breaks Python 3 not compatible salt-formulas (Closes: #889934) (this message was generated automatically) -- Greetings
Processed: Bug #889934 in salt marked as pending
Processing control commands: > tag -1 pending Bug #889934 [salt-common] salt-common needs Breaks on package versions without Python 3 support Added tag(s) pending. -- 889934: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889934 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#889805: marked as done (manpages-tr and man-db: error when trying to install together)
Your message dated Fri, 09 Feb 2018 15:11:46 + with message-id and subject line Bug#889805: fixed in man-db 2.8.1-1 has caused the Debian Bug report #889805, regarding manpages-tr and man-db: error when trying to install together to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 889805: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889805 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: man-db,manpages-tr Version: man-db/2.8.0-2 Version: manpages-tr/1.0.5.1-2 Severity: serious User: trei...@debian.org Usertags: edos-file-overwrite Date: 2018-02-07 Architecture: amd64 Distribution: sid Hi, automatic installation tests of packages that share a file and at the same time do not conflict by their package dependency relationships has detected the following problem: E: Sub-process false returned an error code (1) E: Prior errors apply to /var/cache/apt/archives/libgdbm5_1.14.1-2_amd64.deb E: Prior errors apply to /var/cache/apt/archives/man-db_2.8.0-2_amd64.deb E: Prior errors apply to /var/cache/apt/archives/manpages-tr_1.0.5.1-2_all.deb debconf: apt-extracttemplates failed: No such file or directory Selecting previously unselected package libgdbm5:amd64. (Reading database ... 10980 files and directories currently installed.) Preparing to unpack .../libgdbm5_1.14.1-2_amd64.deb ... Unpacking libgdbm5:amd64 (1.14.1-2) ... Preparing to unpack .../man-db_2.8.0-2_amd64.deb ... Unpacking man-db (2.8.0-2) over (2.7.6.1-4) ... Selecting previously unselected package manpages-tr. Preparing to unpack .../manpages-tr_1.0.5.1-2_all.deb ... Unpacking manpages-tr (1.0.5.1-2) ... dpkg: error processing archive /var/cache/apt/archives/manpages-tr_1.0.5.1-2_all.deb (--unpack): trying to overwrite '/usr/share/man/tr/man1/apropos.1.gz', which is also in package man-db 2.8.0-2 dpkg-deb: error: paste subprocess was killed by signal (Broken pipe) Processing triggers for libc-bin (2.26-6) ... Errors were encountered while processing: /var/cache/apt/archives/manpages-tr_1.0.5.1-2_all.deb E: Sub-process /usr/bin/dpkg returned an error code (1) This is a serious bug as it makes installation fail, and violates sections 7.6.1 and 10.1 of the policy. An optimal solution would consist in only one of the packages installing that file, and renaming or removing the file in the other package. Depending on the circumstances you might also consider Replace relations or file diversions. If the conflicting situation cannot be resolved then, as a last resort, the two packages have to declare a mutual Conflict. Please take into account that Replaces, Conflicts and diversions should only be used when packages provide different implementations for the same functionality. Here is a list of files that are known to be shared by both packages (according to the Contents file for sid/amd64, which may be slightly out of sync): /usr/share/man/tr/man1/apropos.1.gz /usr/share/man/tr/man1/man.1.gz /usr/share/man/tr/man1/manpath.1.gz This bug has been filed against both packages. If you, the maintainers of the two packages in question, have agreed on which of the packages will resolve the problem please reassign the bug to that package. You may then also register in the BTS that the other package is affected by the bug. -Ralf. PS: for more information about the detection of file overwrite errors of this kind see http://qa.debian.org/dose/file-overwrites.html. --- End Message --- --- Begin Message --- Source: man-db Source-Version: 2.8.1-1 We believe that the bug you reported is fixed in the latest version of man-db, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 889...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Colin Watson (supplier of updated man-db package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 09 Feb 2018 13:32:41 + Source: man-db Binary: man-db Architecture: source Version: 2.8.1-1 Distribution: unstable Urgency: medium Maintainer: Colin Watson Changed-By: Colin Watson Description: man-db - on-line manual pager Closes: 889805 Changes: man-db (2.8.1-1) unstable; urgency=medium . *
Bug#853527: lmms: ftbfs with GCC-7
El dv 09 de 02 de 2018 a les 17:22 +0300, Dmitry Eremin-Solenikov va escriure: > Any progress on uploading > 1.1.3-8 or packaging 1.1.90? Pending upload. smime.p7s Description: S/MIME cryptographic signature
Bug#888912: sagemath test failures with mpfr 4.0.0 and several architectures
Not a surprise as long as some dependencies are built against libmpfr4. It looks like all dependencies are now rebuilt against libmpfr6 but sagemath is still failing. https://buildd.debian.org/status/fetch.php?pkg=sagemath&arch=amd64&ver=8.1-2%2Bb2&stamp=1517950645&raw=0
Bug#853527: lmms: ftbfs with GCC-7
Package: src:lmms Followup-For: Bug #853527 LMMS is out of testing for quite a long time. Any progress on uploading 1.1.3-8 or packaging 1.1.90? -- With best wishes Dmitry -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8), LANGUAGE=en_GB:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Bug#889961: courier-authdaemon: Upgrade failures in 0.68.0-4 package
I was working on this yesterday. First noticed it about a week ago. Here are the upstream bugs: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889144 https://github.com/systemd/systemd/issues/8085 And the money quotes: "looking at the bigger picture here: This change in systemd, while with security in mind, changes the way PIDfiles have been handled for the last ... forever." "and who will be blamed (again)? systemd of course, "breaking all the things again". And rightfully so. This is systemd breaking shit again for fun. On 02/09/2018 02:33 AM, Amos Jeffries wrote: It seems that the systemd/systemctl is removing the /run/courier/authdaemon/pid file underneath courier. Removing the line "PIDFile=/run/courier/authdaemon/pid" from the installed .service file resolves this problem and upgrade works fine. Amos
Bug#889805: marked as done (manpages-tr and man-db: error when trying to install together)
Your message dated Fri, 09 Feb 2018 13:35:24 + with message-id and subject line Bug#889805: fixed in manpages-tr 1.0.5.1-3 has caused the Debian Bug report #889805, regarding manpages-tr and man-db: error when trying to install together to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 889805: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889805 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: man-db,manpages-tr Version: man-db/2.8.0-2 Version: manpages-tr/1.0.5.1-2 Severity: serious User: trei...@debian.org Usertags: edos-file-overwrite Date: 2018-02-07 Architecture: amd64 Distribution: sid Hi, automatic installation tests of packages that share a file and at the same time do not conflict by their package dependency relationships has detected the following problem: E: Sub-process false returned an error code (1) E: Prior errors apply to /var/cache/apt/archives/libgdbm5_1.14.1-2_amd64.deb E: Prior errors apply to /var/cache/apt/archives/man-db_2.8.0-2_amd64.deb E: Prior errors apply to /var/cache/apt/archives/manpages-tr_1.0.5.1-2_all.deb debconf: apt-extracttemplates failed: No such file or directory Selecting previously unselected package libgdbm5:amd64. (Reading database ... 10980 files and directories currently installed.) Preparing to unpack .../libgdbm5_1.14.1-2_amd64.deb ... Unpacking libgdbm5:amd64 (1.14.1-2) ... Preparing to unpack .../man-db_2.8.0-2_amd64.deb ... Unpacking man-db (2.8.0-2) over (2.7.6.1-4) ... Selecting previously unselected package manpages-tr. Preparing to unpack .../manpages-tr_1.0.5.1-2_all.deb ... Unpacking manpages-tr (1.0.5.1-2) ... dpkg: error processing archive /var/cache/apt/archives/manpages-tr_1.0.5.1-2_all.deb (--unpack): trying to overwrite '/usr/share/man/tr/man1/apropos.1.gz', which is also in package man-db 2.8.0-2 dpkg-deb: error: paste subprocess was killed by signal (Broken pipe) Processing triggers for libc-bin (2.26-6) ... Errors were encountered while processing: /var/cache/apt/archives/manpages-tr_1.0.5.1-2_all.deb E: Sub-process /usr/bin/dpkg returned an error code (1) This is a serious bug as it makes installation fail, and violates sections 7.6.1 and 10.1 of the policy. An optimal solution would consist in only one of the packages installing that file, and renaming or removing the file in the other package. Depending on the circumstances you might also consider Replace relations or file diversions. If the conflicting situation cannot be resolved then, as a last resort, the two packages have to declare a mutual Conflict. Please take into account that Replaces, Conflicts and diversions should only be used when packages provide different implementations for the same functionality. Here is a list of files that are known to be shared by both packages (according to the Contents file for sid/amd64, which may be slightly out of sync): /usr/share/man/tr/man1/apropos.1.gz /usr/share/man/tr/man1/man.1.gz /usr/share/man/tr/man1/manpath.1.gz This bug has been filed against both packages. If you, the maintainers of the two packages in question, have agreed on which of the packages will resolve the problem please reassign the bug to that package. You may then also register in the BTS that the other package is affected by the bug. -Ralf. PS: for more information about the detection of file overwrite errors of this kind see http://qa.debian.org/dose/file-overwrites.html. --- End Message --- --- Begin Message --- Source: manpages-tr Source-Version: 1.0.5.1-3 We believe that the bug you reported is fixed in the latest version of manpages-tr, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 889...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Murat Demirten (supplier of updated manpages-tr package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 08 Feb 2018 13:38:20 +0300 Source: manpages-tr Binary: manpages-tr Architecture: source Version: 1.0.5.1-3 Distribution: unstable Urgency: high Maintainer: Murat Demirten Changed-By: Murat Demirten Description: manpages-tr - Turkish version of the manual pages Closes: 854293 8560
Processed: Bug #889805 in man-db marked as pending
Processing control commands: > tag -1 pending Bug #889805 [man-db,manpages-tr] manpages-tr and man-db: error when trying to install together Ignoring request to alter tags of bug #889805 to the same tags previously set -- 889805: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889805 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#889805: Bug #889805 in man-db marked as pending
Control: tag -1 pending Hello, Bug #889805 in man-db reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below, and you can check the diff of the fix at: https://salsa.debian.org/debian/man-db/commit/adf2c42fcec2bdb09234abc70ce84fc66db16b76 Breaks/Replaces manpages-tr (<< 1.0.5.1-3) (closes: #889805). (this message was generated automatically) -- Greetings
Bug#889953: marked as done (libbpp-phyl FTBFS on 32bit: RegisterRatesSubstitutionModel.h:154:36: error: invalid covariant return type)
Your message dated Fri, 09 Feb 2018 13:22:07 + with message-id and subject line Bug#889953: fixed in libbpp-phyl 2.3.2-2 has caused the Debian Bug report #889953, regarding libbpp-phyl FTBFS on 32bit: RegisterRatesSubstitutionModel.h:154:36: error: invalid covariant return type to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 889953: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889953 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: libbpp-phyl Version: 2.3.2-1 Severity: serious https://buildd.debian.org/status/package.php?p=libbpp-phyl&suite=sid ... In file included from /<>/src/Bpp/Phyl/Io/BppOSubstitutionModelFormat.cpp:113:0: /<>/src/Bpp/Phyl/Io/../Model/RegisterRatesSubstitutionModel.h:154:36: error: invalid covariant return type for 'virtual std::vector bpp::RegisterRatesSubstitutionModel::getModelStates(int) const' std::vector getModelStates(int i) const ^~ In file included from /<>/src/Bpp/Phyl/Io/../Model/Codon/../AbstractBiblioSubstitutionModel.h:44:0, from /<>/src/Bpp/Phyl/Io/../Model/Codon/MG94.h:43, from /<>/src/Bpp/Phyl/Io/BppOSubstitutionModelFormat.cpp:50: /<>/src/Bpp/Phyl/Io/../Model/Codon/../AbstractWrappedModel.h:77:25: error: overriding 'virtual std::vector bpp::AbstractWrappedModel::getModelStates(int) const' std::vector getModelStates(int code) const { return getModel().getModelStates(code); } ^~ --- End Message --- --- Begin Message --- Source: libbpp-phyl Source-Version: 2.3.2-2 We believe that the bug you reported is fixed in the latest version of libbpp-phyl, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 889...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Julien Dutheil (supplier of updated libbpp-phyl package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 09 Feb 2018 09:10:11 +0200 Source: libbpp-phyl Binary: libbpp-phyl-dev libbpp-phyl11 Architecture: source Version: 2.3.2-2 Distribution: unstable Urgency: medium Maintainer: Debian Med Packaging Team Changed-By: Julien Dutheil Description: libbpp-phyl-dev - Bio++ Phylogenetic library development files libbpp-phyl11 - Bio++ Phylogenetic library Closes: 889953 Changes: libbpp-phyl (2.3.2-2) unstable; urgency=medium . * Fixed covariant return type on 32bits arch. Closes: #889953 Checksums-Sha1: 6ff4cdbbbc5dace6f6c15656f9176377e8eb7f6a 2167 libbpp-phyl_2.3.2-2.dsc 9f5c9c913e0c3f736097a95864b1f68f9050e1bd 5252 libbpp-phyl_2.3.2-2.debian.tar.xz 00b4834bad47749f89daba36e0666c66bd156d4a 13599 libbpp-phyl_2.3.2-2_source.buildinfo Checksums-Sha256: a81a1aad9664b0c0b7d3969896dfc8ff1784949ff6a7d1d81d62152f6497c045 2167 libbpp-phyl_2.3.2-2.dsc 2769190cb2448fee27c34fc94ff9086285e9abbb95868d6ac0fedde39b83c17f 5252 libbpp-phyl_2.3.2-2.debian.tar.xz 83c1e64bf86433029cb39c2bb294102c542d93c5e306b3ce257819e9d7d61a2a 13599 libbpp-phyl_2.3.2-2_source.buildinfo Files: 56d30d25945cbe704a838357a554832e 2167 science optional libbpp-phyl_2.3.2-2.dsc d2c80136fa038c6b09aad738d5f83845 5252 science optional libbpp-phyl_2.3.2-2.debian.tar.xz f66accb130199a26514dff9dc0d38830 13599 science optional libbpp-phyl_2.3.2-2_source.buildinfo -BEGIN PGP SIGNATURE- iQJCBAEBCAAsFiEE8fAHMgoDVUHwpmPKV4oElNHGRtEFAlp9mCoOHHRpbGxlYUBy a2kuZGUACgkQV4oElNHGRtGCshAAgUjDgWIg+wWzLvjyamPZn92V+tBcJShI8hTQ QLjRdt0x2ur6Aetp3LC1GMzsouWRPAcvXguy3PiOf0tTCsnU1IMZSd/9Wzeif4ML rPv79m9z6bmKq7m2b4T4ISJIoTf4DGpDpOhVZYTE0ZyB/XwyWfGIP5pSk1nC2agX GMISEayqgGw/3uELuC/gHYKEw8/ANuCo2MxdnIo8UqlSYeVzY+oitjCkQwFCYa86 IFJtE1SawZe9hM/X1Uvldt5kH2peL2timM5+9W0H9WvckBRwyrJmpIrk2ENsmzTB rtEXcdH3Kqom4cTqp/pWw1c++o2mxj92AI/qPWYWJfhcAljy2HDAk0YXU1bEO7my pVPSs0aP5YXKsjLuEckDiNee3qYpVuNr84vFg/8HDHyKN9ReqG/3ilBtSW6a0GUw YV8SG0P1qbAUEtjK1dH5Lhb+Y38Sae5RgbhfVaTE7dI9ecKSI3DVpQnWrEYH8uhy /7qohy/V0PZiYPQAOP28zLiZGTRapKsR/P2mIBS/S7ub4+YhjhBS+qs1TkzfIIjG WBfQisssKB7gxwhQzqOkxNjE5dWdfTSaxaY4Kfqed3abfExb6ZkHmbVVpfxu4tU5 RQvh7J3S3XW5cTl4ywHDItrWetJcMWtSOo8fjNiemjonBU35hclUrsFx6y5H6iY8 mVHFgPo= =YFQG -END PGP
Processed: add bug dep for h323plus
Processing commands for cont...@bugs.debian.org: > block 858857 by 859558 Bug #858857 [h323plus] h323plus: Please migrate to openssl1.1 in Buster 858857 was not blocked by any bugs. 858857 was blocking: 871056 Added blocking bug(s) of 858857: 859558 > End of message, stopping processing here. Please contact me if you need assistance. -- 858857: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858857 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#889953: libbpp-phyl FTBFS on 32bit: RegisterRatesSubstitutionModel.h:154:36: error: invalid covariant return type
Hi Julien, On Fri, Feb 09, 2018 at 09:34:58AM +0100, Julien Yann Dutheil wrote: > I have committed a patch. But there are other errors like: Thanks for the quick response. For future pushes can you please make sure two things: 1. Add DEP3 headers to the patch - at least Author, Last-Updated and Description, if applicable Bug-Debian. 2. Close fixed bugs in changelog I've pushed my changes in case you have no idea what I mean. Kind regards Andreas. -- http://fam-tille.de
Bug#889829: ghc: error while loading shared libraries: libHShaskeline-0.7.3.0-ghc8.0.2.so
On 8 Feb 2018, at 19:46, Holger Levsen wrote: > > On Thu, Feb 08, 2018 at 03:04:22PM +0100, Petter Reinholdtsen wrote: >> [Clint Adams] >>> objdump -p /usr/lib/ghc/bin/ghc-pkg | grep RUNPATH > > $ objdump -p /usr/lib/ghc/bin/ghc-pkg | grep RUNPATH > RUNPATH > > $ORIGIN/../terminfo-0.4.0.2:$ORIGIN/../ghc-boot-8.0.2:$ORIGIN/../ghc-boot-th-8.0.2:$ORIGIN/../Cabal-1.24.2.0:$ORIGIN/../process-1.4.3.0:$ORIGIN/../pretty-1.1.3.3:$ORIGIN/../directory-1.3.0.0:$ORIGIN/../unix-2.7.2.1:$ORIGIN/../time-1.6.0.1:$ORIGIN/../filepath-1.4.1.1:$ORIGIN/../binary-0.8.3.0:$ORIGIN/../containers-0.5.7.1:$ORIGIN/../bytestring-0.10.8.1:$ORIGIN/../deepseq-1.4.2.0:$ORIGIN/../array-0.5.1.1:$ORIGIN/../base-4.9.1.0:$ORIGIN/../integer-gmp-1.0.0.1:$ORIGIN/../ghc-prim-0.5.0.0:$ORIGIN/../rts > > is what I get. Do you need any more info? I still see this... Well that's correct; you can see $ORIGIN/../terminfo-0.4.0.2 in there which is where it should be getting libHSterminfo-0.4.0.2-ghc8.0.2.so, but for some reason your ld.so is not looking at RUNPATH; once it fails to find it on the system search path it's supposed to then print something like: 15470: search path=/usr/lib/ghc/bin/../terminfo-0.4.0.2:/usr/lib/ghc/bin/../ghc-boot-8.0.2:/usr/lib/ghc/bin/../ghc-boot-th-8.0.2:/usr/lib/ghc/bin/../Cabal-1.24.2.0:/usr/lib/ghc/bin/../process-1.4.3.0:/usr/lib/ghc/bin/../pretty-1.1.3.3:/usr/lib/ghc/bin/../directory-1.3.0.0:/usr/lib/ghc/bin/../unix-2.7.2.1:/usr/lib/ghc/bin/../time-1.6.0.1:/usr/lib/ghc/bin/../filepath-1.4.1.1:/usr/lib/ghc/bin/../binary-0.8.3.0:/usr/lib/ghc/bin/../containers-0.5.7.1:/usr/lib/ghc/bin/../bytestring-0.10.8.1:/usr/lib/ghc/bin/../deepseq-1.4.2.0:/usr/lib/ghc/bin/../array-0.5.1.1:/usr/lib/ghc/bin/../base-4.9.1.0:/usr/lib/ghc/bin/../integer-gmp-1.0.0.1:/usr/lib/ghc/bin/../ghc-prim-0.5.0.0:/usr/lib/ghc/bin/../rts/tls/x86_64/x86_64:/usr/lib/ghc/bin/../rts/tls/x86_64:/usr/lib/ghc/bin/../rts/tls/x86_64:/usr/lib/ghc/bin/../rts/tls:/usr/lib/ghc/bin/../rts/x86_64/x86_64:/usr/lib/ghc/bin/../rts/x86_64:/usr/lib/ghc/bin/../rts/x86_64:/usr/lib/ghc/bin/../rts (RUNPATH from file /usr/lib/ghc/bin/ghc-pkg) What version of glibc do you have? Have you got any interesting (to ld.so) environment variables exported or configuration files changed? Regards, James
Bug#889962: node-mapnik FTBFS with mapnik-vector-tile 1.6.0+dfsg-1
Control: tags -1 upstream Control: forwarded -1 https://github.com/mapnik/node-mapnik/issues/843 Upsteam is working on 3.6.3 which will support mapnik-vector-tile 1.6.0. Since node-mapnik is not in testing anyway breaking it with mvt is not an issue for the time being. Kind Regards, Bas
Processed: Re: Bug#889962: node-mapnik FTBFS with mapnik-vector-tile 1.6.0+dfsg-1
Processing control commands: > tags -1 upstream Bug #889962 [src:node-mapnik] node-mapnik FTBFS with mapnik-vector-tile 1.6.0+dfsg-1 Added tag(s) upstream. > forwarded -1 https://github.com/mapnik/node-mapnik/issues/843 Bug #889962 [src:node-mapnik] node-mapnik FTBFS with mapnik-vector-tile 1.6.0+dfsg-1 Set Bug forwarded-to-address to 'https://github.com/mapnik/node-mapnik/issues/843'. -- 889962: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889962 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#888754: marked as done (pike7.8: build fix for new gdbm (>=1.13))
Your message dated Fri, 09 Feb 2018 11:21:07 + with message-id and subject line Bug#888754: fixed in pike7.8 7.8.866-8.1 has caused the Debian Bug report #888754, regarding pike7.8: build fix for new gdbm (>=1.13) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 888754: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888754 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: pike7.8 Version: 7.8.866-8 Tags: patch Severity: important Hello, please apply the following cherry-pick from pike8.0 to fix the build with the upcoming gdbm 1.13 and 1.14 (please verify I did cherry-pick it correctly too) This bug will become RC once the Release Team acks the transition --- pike7.8-7.8.866.orig/src/modules/Gdbm/gdbmmod.c +++ pike7.8-7.8.866/src/modules/Gdbm/gdbmmod.c @@ -20,6 +20,9 @@ #if defined(HAVE_GDBM_H) && defined(HAVE_LIBGDBM) +/* This symbol conflicts with the Gdbm 1.13 header files. */ +#undef fatal + #include #ifdef _REENTRANT thanks Gianfranco signature.asc Description: OpenPGP digital signature --- End Message --- --- Begin Message --- Source: pike7.8 Source-Version: 7.8.866-8.1 We believe that the bug you reported is fixed in the latest version of pike7.8, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 888...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Gianfranco Costamagna (supplier of updated pike7.8 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 07 Feb 2018 11:37:38 +0100 Source: pike7.8 Binary: pike7.8-core pike7.8 pike7.8-dev pike7.8-manual pike7.8-reference pike7.8-doc pike7.8-full pike7.8-mysql pike7.8-pg pike7.8-odbc pike7.8-svg pike7.8-image pike7.8-sdl pike7.8-gdbm pike7.8-gtk pike7.8-gl pike7.8-sane pike7.8-pcre pike7.8-bzip2 pike7.8-fuse pike7.8-sqlite pike7.8-dnssd pike7.8-kerberos Architecture: source Version: 7.8.866-8.1 Distribution: unstable Urgency: medium Maintainer: Magnus Holmgren Changed-By: Gianfranco Costamagna Description: pike7.8- Recommended metapackage for Pike 7.8 pike7.8-bzip2 - Bzip2 module for Pike pike7.8-core - Powerful interpreted programming language pike7.8-dev - Development files for Pike 7.8 pike7.8-dnssd - DNS Service Discovery (DNS-SD) for Pike pike7.8-doc - Pike 7.8 documentation metapackage pike7.8-full - Metapackage for Pike 7.8 pike7.8-fuse - Filesystem in USErspace support for Pike pike7.8-gdbm - Gdbm module for Pike pike7.8-gl - Mesa modules for Pike pike7.8-gtk - GTK+ 2.0 module for Pike pike7.8-image - Image modules for Pike pike7.8-kerberos - Kerberos and GSSAPI modules for Pike pike7.8-manual - Pike 7.8 manual pike7.8-mysql - MySQL modules for Pike pike7.8-odbc - ODBC modules for Pike pike7.8-pcre - PCRE module for Pike pike7.8-pg - PostgreSQL modules for Pike pike7.8-reference - Pike 7.8 reference pike7.8-sane - SANE module for Pike pike7.8-sdl - SDL module for Pike pike7.8-sqlite - SQLite module for Pike pike7.8-svg - SVG format support for Pike Closes: 888754 Changes: pike7.8 (7.8.866-8.1) unstable; urgency=medium . * Non-maintainer upload * Fix build failure, by cherry-picking a fix from pike8.0 (Closes: #888754) Checksums-Sha1: 6e07161d1dcdda9ff48c9f94c5dfc64d20330a94 3788 pike7.8_7.8.866-8.1.dsc 4408995ac723dc1119e00556300c82d816d3acd4 38784 pike7.8_7.8.866-8.1.debian.tar.xz 3aff546708c4b495b976ef415230a19ad3e24a19 14113 pike7.8_7.8.866-8.1_source.buildinfo Checksums-Sha256: 5528bea6ebf872b6d41e6920dfd4277bf1c24bd0f2fd71ac501bc76a9d0093c7 3788 pike7.8_7.8.866-8.1.dsc cfbf94b155f8b6f90bf8bf74eb5c736ea4c83b730bc2a74cbdea8c342e463638 38784 pike7.8_7.8.866-8.1.debian.tar.xz 7f266537b51f248d6ae2923c28fc6713872375e3589229eb7fdc820347e4538c 14113 pike7.8_7.8.866-8.1_source.buildinfo Files: e0133f9cd3fbccb2e0c1ce0fe8f7645e 3788 interpreters optional pike7.8_7.8.866-8.1.dsc a75d312b430ba9bb0321c9c075464ef5 38784 interpreters optional pike7.8_7.8.866-8.1.debian.tar.xz 4e4d097cf98c5b75980773df988b6ab4 14113 interpreters optional pike7.8_7.8.866-8.1_source.buildinfo -BEGIN PGP SIGNATURE- iQIcBAEBCAAGBQJaetcTAAoJEPNPCXROn13ZVeYQAIQgL3hoHkaI
Bug#889903: python-gnupg needs an explict b-d on 2to3
On 2018-02-08 at 16:31:05 +0100, Matthias Klose wrote: > python-gnupg needs an explict b-d on 2to3. The binary is now provided in a > separate package. will do it asap, thanks > Please could you also run the testsuite with verbosity=2 ? I can't think any reason why not, so I will probably also do this in the same upload -- Elena ``of Valhalla''
Bug#883757: marked as done (ignition-transport: Includes "test/gtest/cmake/internal_utils.cmake" listed in Files-Excluded header)
Your message dated Fri, 09 Feb 2018 11:01:51 + with message-id and subject line Bug#883757: fixed in ignition-transport 4.0.0+dfsg-1 has caused the Debian Bug report #883757, regarding ignition-transport: Includes "test/gtest/cmake/internal_utils.cmake" listed in Files-Excluded header to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 883757: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883757 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: ignition-transport Version: 1.3.0-5 Severity: serious User: la...@debian.org Usertags: files-excluded Dear Maintainer, ignition-transport lists "test/gtest" in the Files-Excluded field in debian/copyright but the source tree contains test/gtest/cmake/internal_utils.cmake. This is probably a DFSG violation, or at the upstream tarball was not repacked as intended. Alternatively, the field is simply out of date. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- --- End Message --- --- Begin Message --- Source: ignition-transport Source-Version: 4.0.0+dfsg-1 We believe that the bug you reported is fixed in the latest version of ignition-transport, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 883...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jose Luis Rivero (supplier of updated ignition-transport package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 05 Feb 2018 14:04:13 + Source: ignition-transport Binary: libignition-transport4 libignition-transport-dev libignition-transport4-dev Architecture: source all amd64 Version: 4.0.0+dfsg-1 Distribution: unstable Urgency: medium Maintainer: Debian Science Maintainers Changed-By: Jose Luis Rivero Description: libignition-transport-dev - transitional package libignition-transport4 - Ignition Robotics Transport Library - Shared library libignition-transport4-dev - Ignition Robotics transport Library - Development files Closes: 883757 888017 Changes: ignition-transport (4.0.0+dfsg-1) unstable; urgency=medium . [ Jose Luis Rivero ] * New upstream version 4.0.0+dfsg (Closes: #883757) (Closes: #888017) . [ Anton Gladky ] * Switch to compat-level 11 * Set Standards-Version: 4.1.3 * Update VCS-fields (move to salsa) Checksums-Sha1: 89786b7038de29a3e75184bc9f7bcc4cce8aeb95 2549 ignition-transport_4.0.0+dfsg-1.dsc de598e7b48d0379a7d3efbcd0f93174acde85497 194328 ignition-transport_4.0.0+dfsg.orig.tar.xz 8219c1fa55ff47b99b9efdd92e6d43c484387a19 4576 ignition-transport_4.0.0+dfsg-1.debian.tar.xz 0e26773114ca725c24766a3c0bfb3b624dc891e5 9121 ignition-transport_4.0.0+dfsg-1_amd64.buildinfo 3b187ab2fdf3b9c91e624aabbff47ef9222c662b 5056 libignition-transport-dev_4.0.0+dfsg-1_all.deb 9bbee59560779ec7d6ec6c33608edbb16d27de86 1865092 libignition-transport4-dbgsym_4.0.0+dfsg-1_amd64.deb d6673c1bf813dbeaebf6a62bee36091f911b7857 42404 libignition-transport4-dev_4.0.0+dfsg-1_amd64.deb 9b426a4aec83e70acf4622ef8f387267955aeb6c 133624 libignition-transport4_4.0.0+dfsg-1_amd64.deb Checksums-Sha256: de1dbfc99c2de11b549b3a02d2fe34743f1db893b3b82e1a7fb346c2f850 2549 ignition-transport_4.0.0+dfsg-1.dsc 18c3104694614f80f99ff295309d771d2f0ef61718f2647f760e23965d62ef6c 194328 ignition-transport_4.0.0+dfsg.orig.tar.xz 005e2212ef1f59e5dd926351d4a0f587d7517fdee4e953c60619774877f2a174 4576 ignition-transport_4.0.0+dfsg-1.debian.tar.xz 47892d93f804b4d91d23a093a479d8cc0fd6dc7881ac565509ec82df2d8d73cc 9121 ignition-transport_4.0.0+dfsg-1_amd64.buildinfo 10873be0d741c313733a4e4c103993f19e76b3da08323173e88de37b1609ab03 5056 libignition-transport-dev_4.0.0+dfsg-1_all.deb 49f140d75a0c5f62b3800c97bf8c8c4cf43e7adbfcad3207826500c826ce35f4 1865092 libignition-transport4-dbgsym_4.0.0+dfsg-1_amd64.deb e7dfd6408eb4a6455bb3d4382d7a4c9d7eaa5070396e2e36226183814cc3acf2 42404 libignition-transport4-dev_4.0.0+dfsg-1_amd64.deb 91633b478fe693728bd764030578fec616ddeacddc2b0aa309001ac66e7e0b63 133624 libignition-transport4_4.0.0+dfsg-1_amd64.deb Files: 5bde0e0efc9c1d47050bccda1f8612cc 2549 science optiona
Bug#888729: marked as done (partitionmanager FTBFS with libkpmcore-dev 3.3.0-2)
Your message dated Fri, 09 Feb 2018 10:46:09 + with message-id and subject line Bug#888729: fixed in partitionmanager 3.3.1-1 has caused the Debian Bug report #888729, regarding partitionmanager FTBFS with libkpmcore-dev 3.3.0-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 888729: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888729 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: partitionmanager Version: 3.2.1-3 Severity: serious https://buildd.debian.org/status/package.php?p=partitionmanager&suite=sid ... /<>/src/config/advancedpagewidget.cpp: In member function 'QString AdvancedPageWidget::backend() const': /<>/src/config/advancedpagewidget.cpp:37:11: error: 'KService' does not name a type; did you mean 'Device'? const KService::List services = CoreBackendManager::self()->list(); ^~~~ Device /<>/src/config/advancedpagewidget.cpp:38:26: error: 'services' was not declared in this scope for (const auto &p : services) ^~~~ /<>/src/config/advancedpagewidget.cpp:38:26: note: suggested alternative: 'Device' for (const auto &p : services) ^~~~ Device /<>/src/config/advancedpagewidget.cpp: In member function 'void AdvancedPageWidget::setBackend(const QString&)': /<>/src/config/advancedpagewidget.cpp:47:11: error: 'KService' does not name a type; did you mean 'Device'? const KService::List services = CoreBackendManager::self()->list(); ^~~~ Device /<>/src/config/advancedpagewidget.cpp:48:26: error: 'services' was not declared in this scope for (const auto &p : services) ^~~~ /<>/src/config/advancedpagewidget.cpp:48:26: note: suggested alternative: 'Device' for (const auto &p : services) ^~~~ Device /<>/src/config/advancedpagewidget.cpp: In member function 'void AdvancedPageWidget::setupDialog()': /<>/src/config/advancedpagewidget.cpp:55:11: error: 'KService' does not name a type; did you mean 'Device'? const KService::List services = CoreBackendManager::self()->list(); ^~~~ Device /<>/src/config/advancedpagewidget.cpp:56:26: error: 'services' was not declared in this scope for (const auto &p : services) ^~~~ /<>/src/config/advancedpagewidget.cpp:56:26: note: suggested alternative: 'Device' for (const auto &p : services) ^~~~ Device src/CMakeFiles/partitionmanager.dir/build.make:181: recipe for target 'src/CMakeFiles/partitionmanager.dir/config/advancedpagewidget.cpp.o' failed make[3]: *** [src/CMakeFiles/partitionmanager.dir/config/advancedpagewidget.cpp.o] Error 1 --- End Message --- --- Begin Message --- Source: partitionmanager Source-Version: 3.3.1-1 We believe that the bug you reported is fixed in the latest version of partitionmanager, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 888...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jonathan Carter (supplier of updated partitionmanager package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 09 Feb 2018 09:47:40 +0200 Source: partitionmanager Binary: partitionmanager Architecture: source amd64 Version: 3.3.1-1 Distribution: unstable Urgency: medium Maintainer: Debian KDE Extras Team Changed-By: Jonathan Carter Description: partitionmanager - file, disk and partition management for KDE Closes: 888729 Changes: partitionmanager (3.3.1-1) unstable; urgency=medium . * Upload to unstable (Closes: #888729) Checksums-Sha1: e2d36a2ea68386e6330b65492d1a81edfea57fe5 2557 partitionmanager_3.3.1-1.dsc 4db11841b6c4d7a15807d8bb2f4f2b6aa456007b 4796 partitionmanager_3.3.1-1.debian.tar.xz 0875ee00714e828cdf3ffa51b2da46094bb2d9f6 5541820 partitionmanager-dbgsym_3.3.1-1_amd64.deb 5c30d430d1a5cbe91ea868d319948bd84bb9848b 20279 partitionmanager_3.3.1-1_amd64.buildinfo 80bf0c20aca7d3ab7cbd952b4430f0d6574d91c4 1506324 partitionmanager_3.3
Bug#881885: marked as done (tuxpaint: FTBFS with high degree of parallelism)
Your message dated Fri, 09 Feb 2018 10:47:48 + with message-id and subject line Bug#881885: fixed in tuxpaint 1:0.9.22-9~exp4 has caused the Debian Bug report #881885, regarding tuxpaint: FTBFS with high degree of parallelism to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 881885: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881885 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: tuxpaint Version: 1:0.9.22-7 Severity: serious Justification: fails to build from source (but built successfully in the past) Hi, tuxpaint FTBFS during a highly parallel build. With -j16 it always failed, with -j8 it failed sometimes. Probably anything using 2 or more threads could fail. msgfmt -o trans/wa.mo src/po/wa.po ...Preparing translation files... msgfmt -o trans/el.mo src/po/el.po msgfmt: error while opening "trans/el.mo" for writing: No such file or directory Makefile:414: recipe for target 'trans/el.mo' failed make[1]: *** [trans/el.mo] Error 1 Looks like a race condition between creating a directory and putting a file into it. Andreas --- End Message --- --- Begin Message --- Source: tuxpaint Source-Version: 1:0.9.22-9~exp4 We believe that the bug you reported is fixed in the latest version of tuxpaint, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 881...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jonathan Carter (supplier of updated tuxpaint package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 09 Feb 2018 12:03:40 +0200 Source: tuxpaint Binary: tuxpaint tuxpaint-plugins-default tuxpaint-dev tuxpaint-data Architecture: source all amd64 Version: 1:0.9.22-9~exp4 Distribution: experimental Urgency: medium Maintainer: Jonathan Carter Changed-By: Jonathan Carter Description: tuxpaint - Paint program for young children tuxpaint-data - Data files for Tux Paint, a paint program for children tuxpaint-dev - Development files for Tux Paint tuxpaint-plugins-default - Magic tool plugins for Tux Paint Closes: 881885 Changes: tuxpaint (1:0.9.22-9~exp4) experimental; urgency=medium . * Add patch to create directory when translations are compiled (Closes: #881885) Checksums-Sha1: 0e9ac975e3bad3d9936d4ccd8422c4f9b1c624ec 2155 tuxpaint_0.9.22-9~exp4.dsc f8f09a0c6ea709b058f9c5132086b6e7b3025fd0 11472 tuxpaint_0.9.22-9~exp4.debian.tar.xz b172d3f0405cb353d628200f1fb6e64c1afbd2a0 6937552 tuxpaint-data_0.9.22-9~exp4_all.deb 6533647d165a788782ea2817f5bf2850fb6a8a07 11000 tuxpaint-dbgsym_0.9.22-9~exp4_amd64.deb 1b72df8ffae5cf014f8d03d66a521c7746df3fc2 102252 tuxpaint-dev_0.9.22-9~exp4_all.deb 1f62245f587b2f8076fafb92bf118083ae1b4be4 1584716 tuxpaint-plugins-default-dbgsym_0.9.22-9~exp4_amd64.deb 26a27896fc36d732fc172a181331661bd16e16e8 869480 tuxpaint-plugins-default_0.9.22-9~exp4_amd64.deb ca25fd0f5c66c93f7037d9fd0c07fdf35eb2 14116 tuxpaint_0.9.22-9~exp4_amd64.buildinfo c929f34ff2f9bd0377fa13e48ed4cb5619dffc84 216308 tuxpaint_0.9.22-9~exp4_amd64.deb Checksums-Sha256: 03ed38996d8d91fda01f55269a5e6330ca6b6d322f54c941748c8ed1ee1ebd57 2155 tuxpaint_0.9.22-9~exp4.dsc ae02018eef394d43bb77332085b6b7973b21b6348cf66e12d4a1ee795be7eac5 11472 tuxpaint_0.9.22-9~exp4.debian.tar.xz d28593752972bbeadb5a90890a1022f4e87bfa67914d537310e3aedf5206128e 6937552 tuxpaint-data_0.9.22-9~exp4_all.deb d57652723d9e926211ed642172da1852799e863e4f5ec05d22e29bc49f916765 11000 tuxpaint-dbgsym_0.9.22-9~exp4_amd64.deb 91c72ad7b787a125dd26c3d44943ab218678e41a3748eb723f8133ab091a7bda 102252 tuxpaint-dev_0.9.22-9~exp4_all.deb 09711eee82e23e131f09691a61cbab3fddbaf0094deb3670a2bd7e23afa97ecf 1584716 tuxpaint-plugins-default-dbgsym_0.9.22-9~exp4_amd64.deb 07fe39176e3a649238fbb17a024a4f2e03f71ac351602a43a5b6ac109c1ad908 869480 tuxpaint-plugins-default_0.9.22-9~exp4_amd64.deb efd98ed5323c39982f802052dcc2d9a95ccbb205cf65bf10c597bdaaeb17f32d 14116 tuxpaint_0.9.22-9~exp4_amd64.buildinfo 9fd8b5ff35fa0e9050c0571cbce3a52715dc689a0aeb372bd3bb067bfef0985f 216308 tuxpaint_0.9.22-9~exp4_amd64.deb Files: 02f743eef68e79ec9d12ca3d400ad3a5 2155 graphics optional tuxpaint_0.9.22-9~exp4.dsc 9af7f
Bug#889961: courier-authdaemon: Upgrade failures in 0.68.0-4 package
It seems that the systemd/systemctl is removing the /run/courier/authdaemon/pid file underneath courier. Removing the line "PIDFile=/run/courier/authdaemon/pid" from the installed .service file resolves this problem and upgrade works fine. Amos
Bug#889688: marked as done (gweled crashes when rsvg reports an error)
Your message dated Fri, 09 Feb 2018 10:39:45 + with message-id and subject line Bug#889688: fixed in gweled 0.9.1-5 has caused the Debian Bug report #889688, regarding gweled crashes when rsvg reports an error to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 889688: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889688 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: gweled Version: 0.9.1-4 Severity: grave --- Please enter the report below this line. --- Can no longer use the program. Error from CLI: ~$ gweled *WARNING* **: Locale not supported by C library. *WARNING* **: GError set over the top of a previous GError or uninitializ --- System information. --- Architecture: Kernel: Linux 4.14.0-2-amd64 Debian Release: buster/sid 500 yakkety ppa.launchpad.net 500 unstableftp.us.debian.org 500 testing ftp.us.debian.org 500 sid linux.dropbox.com 500 lucid ppa.launchpad.net 100 jessie-backports ftp.us.debian.org 1 experimentalftp.us.debian.org --- Package information. --- Depends (Version) | Installed ===-+- libatk1.0-0 (>= 1.12.4) | libc6 (>= 2.15) | libcairo2(>= 1.2.4) | libfontconfig1(>= 2.11) | libfreetype6 (>= 2.2.1) | libgdk-pixbuf2.0-0 (>= 2.22.0) | libglib2.0-0(>= 2.37.3) | libgtk2.0-0 (>= 2.20.0) | libmikmod3 (>= 3.3.3) | libpango-1.0-0 (>= 1.14.0) | libpangocairo-1.0-0 (>= 1.14.0) | libpangoft2-1.0-0 (>= 1.14.0) | librsvg2-2 (>= 2.14.4) | Package's Recommends field is empty. Package's Suggests field is empty. --- End Message --- --- Begin Message --- Source: gweled Source-Version: 0.9.1-5 We believe that the bug you reported is fixed in the latest version of gweled, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 889...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Stephen Kitt (supplier of updated gweled package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 09 Feb 2018 09:43:43 +0100 Source: gweled Binary: gweled Architecture: source Version: 0.9.1-5 Distribution: unstable Urgency: medium Maintainer: Debian Games Team Changed-By: Stephen Kitt Description: gweled - "Diamond Mine"-style puzzle game Closes: 889688 Changes: gweled (0.9.1-5) unstable; urgency=medium . * Cope with librsvg’s new behaviour by always using URIs instead of paths. (Closes: #889688.) * Add a missing function declaration. * Document old patches. * Switch to debhelper compatibility 11, and adjust patches so the package can build multiple times in a row. * Ship /usr/games/gweled with the desired ownership and permissions, instead of using dpkg-statoverride. * Standards-Version 4.1.3, no further change required. Checksums-Sha1: 08990f99e414a0c36bf7fbfce51fbbd88bebe44c 1928 gweled_0.9.1-5.dsc a322c9b679dc9a004ec96a84a700af50a88d0ada 10636 gweled_0.9.1-5.debian.tar.xz 684642730163b03669bc756c02bc64e19dc67be3 12306 gweled_0.9.1-5_source.buildinfo Checksums-Sha256: 2034385fa2f440b8188e0bb10756439a6ea0d858a94a719fb5027d3ca44369c2 1928 gweled_0.9.1-5.dsc af136cf2fb178fc969ceb3f429a8c7b7704f0f1414936beb58fb6a2e34a59306 10636 gweled_0.9.1-5.debian.tar.xz 6f0a1c7ac814805bab809a6e4e422b3f9dcc001b33c15e80b50a21352cf19725 12306 gweled_0.9.1-5_source.buildinfo Files: c7031aa0ab4f7bbc81db348594bbccae 1928 games optional gweled_0.9.1-5.dsc 34727fec84e74989939a5e5fb5cd4c54 10636 games optional gweled_0.9.1-5.debian.tar.xz 466a3afd8f3473033c50fbaa9a2beaf8 12306 games optional gweled_0.9.1-5_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEnPVX/hPLkMoq7x0ggNMC9Yhtg5wFAlp9X0wACgkQgNMC9Yht g5zZFg/+K0l5pOJDAW6DMME4EOt2uZErO354++/s395byXhST2ux2AeP/tdJnTN6 SIcGJccFbYFdpbwrkmYltCluEjZPYZ+nvl+kuww79NcUsD2sLMuwNLWsRagYEK3d JaAlX+cGYkdHEet9rGFOePW15TDMX8eFrtQPdUunV6GNOZIrcb0CPHkqI70zVMG2 E4BTJMuC1NRU2wGdoZ+Mx1f/q0Zh4ktDzsZQ/uiIphKn8KYl0eRaw0AWO5i
Bug#888752: marked as done (ifmail: please switch to new gdbm, or prepare to use the compat package)
Your message dated Fri, 09 Feb 2018 10:39:53 + with message-id and subject line Bug#888752: fixed in ifmail 2.14tx8.10-23.1 has caused the Debian Bug report #888752, regarding ifmail: please switch to new gdbm, or prepare to use the compat package to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 888752: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888752 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: ifmail Version: 2.14tx8.10-23 Tags: patch Severity: important Hello, please update the package to use new gdbm API, or prepare to use the libgdbm-compat-dev additional dependency (currently available only in experimental). This bug will become serious once release team acks the transition. thanks G. signature.asc Description: OpenPGP digital signature --- End Message --- --- Begin Message --- Source: ifmail Source-Version: 2.14tx8.10-23.1 We believe that the bug you reported is fixed in the latest version of ifmail, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 888...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Gianfranco Costamagna (supplier of updated ifmail package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 07 Feb 2018 10:34:20 +0100 Source: ifmail Binary: ifmail ifgate ifcico Architecture: source Version: 2.14tx8.10-23.1 Distribution: unstable Urgency: medium Maintainer: Marco d'Itri Changed-By: Gianfranco Costamagna Description: ifcico - Fidonet Technology transport package ifgate - Internet to Fidonet gateway ifmail - Internet to Fidonet gateway Closes: 888752 Changes: ifmail (2.14tx8.10-23.1) unstable; urgency=medium . * Non-maintainer upload. * Use the compat level gdbm package, to fix build with new gdbm (This needs porting to new gdbm api, because the compat package will eventually disappear) (Closes: #888752) Checksums-Sha1: 712c43d20144df1490cb72f06be915b257dd6c51 1926 ifmail_2.14tx8.10-23.1.dsc 988bd91bfe45735a937dfd7d63a94b01b30417d4 40012 ifmail_2.14tx8.10-23.1.debian.tar.xz dd13a115e96c9ecbda10f5aa1ee873b719a09561 6494 ifmail_2.14tx8.10-23.1_source.buildinfo Checksums-Sha256: 556aa8f5bebc5ece377c146147d426f4dc13afdfadc2a7460bfc1fa758cf2c48 1926 ifmail_2.14tx8.10-23.1.dsc ffdbd79cb7338ca9445affa3d785693fb5a26918242d155e2758d597c411e688 40012 ifmail_2.14tx8.10-23.1.debian.tar.xz 7e266d694f04b52fad764954e9e524c738587051aa9c5a1de973fb5d5fb887d3 6494 ifmail_2.14tx8.10-23.1_source.buildinfo Files: ce02bb8e685262b3713c0a688de35678 1926 comm extra ifmail_2.14tx8.10-23.1.dsc 4ab02f580a0ee65514426b29cd77089d 40012 comm extra ifmail_2.14tx8.10-23.1.debian.tar.xz 73e4d590a86b0831ee9734063f9f52e0 6494 comm extra ifmail_2.14tx8.10-23.1_source.buildinfo -BEGIN PGP SIGNATURE- iQIcBAEBCAAGBQJaeshaAAoJEPNPCXROn13ZpyMQAI5jcr5J+CbLfeCAMSnCH+bb bdvz63wVOsmWIKLGA9QwAr1hOsE8DamYepRsnDYpp2CH+SXnZW0HL92xfpnScNz8 T3P3R/86kFqo+hT73kJo8zBznl+Q8J3+CrBECcNmdpVWTdLlLhDBExYNthmzXefe L9uZIBJWLh8nDlf8ngbXA7NJuUpz6/BImHxc6khm/U/ZxEvgFeOmh7YP2eZBU7Cs pb5fNRh8ufjC+UqJmHCDg4vUEfwCj3u5j/cBnkd/9vGWvstgP/HIeSQfYadfmciw DQbBWI7992FZhqXXYjuXHKnJAXkTHNn83Y0MiQzZMo8duRXSstb4u5rIat5BIBDV FznoXV5zQ+4w7aByPZgEXhXVeFIoHGU+N92JxoiP3lU3cWr/c6Wl08INMlKIqH44 eZfeCbP+eIR60cA3wXEioHHC5alhs691sL6TjRFOnZxViBCoMYmPg2blpp3QVNey TrA7XD5XtgzbmiNPSZoihrfyRfNvrjrSWbYiPCTkaKw6P1/IH6PtCb9kEQf1E665 giMEFCbWuygwfVP+rCPicIYcgoTF2+qvUxCD5GOEpXoPry4hTpwu5gw4WwHus33K Yq1FNDWG2XZ96DEHe2EsQxULhIauzwiD3cmBi+mtTrHCS/NqOd126TarpQC7vr46 tIdWSJcWDdHLg35RanTv =NLRj -END PGP SIGNATURE End Message ---
Bug#889962: node-mapnik FTBFS with mapnik-vector-tile 1.6.0+dfsg-1
Source: node-mapnik Version: 3.6.2+dfsg-3 Severity: serious https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/node-mapnik.html ... ../src/mapnik_vector_tile.cpp: In static member function 'static v8::Local VectorTile::_compositeSync(Nan::NAN_METHOD_ARGS_TYPE)': ../src/mapnik_vector_tile.cpp:626:27: warning: comparison is always false due to limited range of data type [-Wtype-limits] if (fill_type < 0 || fill_type >= mapnik::vector_tile_impl::polygon_fill_type_max) ~~^~~ ../src/mapnik_vector_tile.cpp: In static member function 'static Nan::NAN_METHOD_RETURN_TYPE VectorTile::composite(Nan::NAN_METHOD_ARGS_TYPE)': ../src/mapnik_vector_tile.cpp:1000:27: warning: comparison is always false due to limited range of data type [-Wtype-limits] if (fill_type < 0 || fill_type >= mapnik::vector_tile_impl::polygon_fill_type_max) ~~^~~ ../src/mapnik_vector_tile.cpp: In static member function 'static Nan::NAN_METHOD_RETURN_TYPE VectorTile::addGeoJSON(Nan::NAN_METHOD_ARGS_TYPE)': ../src/mapnik_vector_tile.cpp:3261:27: warning: comparison is always false due to limited range of data type [-Wtype-limits] if (fill_type < 0 || fill_type >= mapnik::vector_tile_impl::polygon_fill_type_max) ~~^~~ ../src/mapnik_vector_tile.cpp: In static member function 'static void VectorTile::EIO_RenderTile(uv_work_t*)': ../src/mapnik_vector_tile.cpp:5147:35: error: 'spherical_mercator' is not a member of 'mapnik::vector_tile_impl' mapnik::vector_tile_impl::spherical_mercator merc(closure->d->tile_size()); ^~ ../src/mapnik_vector_tile.cpp:5151:13: error: 'merc' was not declared in this scope merc.xyz(closure->x,closure->y,closure->z,minx,miny,maxx,maxy); ^~~~ ../src/mapnik_vector_tile.cpp:5151:13: note: suggested alternative: 'getc' merc.xyz(closure->x,closure->y,closure->z,minx,miny,maxx,maxy); ^~~~ getc ../src/mapnik_vector_tile.cpp:5155:13: error: 'merc' was not declared in this scope merc.xyz(closure->d->get_tile()->x(), ^~~~ ../src/mapnik_vector_tile.cpp:5155:13: note: suggested alternative: 'getc' merc.xyz(closure->d->get_tile()->x(), ^~~~ getc mapnik.target.mk:220: recipe for target 'Release/obj.target/mapnik/src/mapnik_vector_tile.o' failed make[2]: *** [Release/obj.target/mapnik/src/mapnik_vector_tile.o] Error 1
Bug#889961: courier-authdaemon: Upgrade failures in 0.68.0-4 package
Package: courier-authdaemon Version: 0.68.0-4+b1 Severity: critical stop The Courier authdaemon package is failing to configure during install. Similar issue happened on the -3 package but I managed to get that to install with manually stopping all courier processes before upgrading. That workaround no longer has any effect. aptitude upgrade The following partially installed packages will be configured: courier-authdaemon courier-imap courier-pop No packages will be installed, upgraded, or removed. 0 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Need to get 0 B of archives. After unpacking 0 B will be used. Setting up courier-pop (0.78.0-2+b1) ... A dependency job for courier-pop.service failed. See 'journalctl -xe' for details. ... Setting up courier-imap (4.18.1+0.78.0-2+b1) ... A dependency job for courier-imap.service failed. See 'journalctl -xe' for details. invoke-rc.d: initscript courier-imap, action "start" failed. * courier-imap.service - Courier IMAP Daemon Loaded: loaded (/lib/systemd/system/courier-imap.service; enabled; vendor preset: enabled) Active: inactive (dead) since Fri 2018-02-02 20:12:20 NZDT; 1 weeks 0 days ago Main PID: 705 (code=exited, status=0/SUCCESS) Feb 09 21:44:44 rio systemd[1]: Dependency failed for Courier IMAP Daemon. Feb 09 21:44:44 rio systemd[1]: courier-imap.service: Job courier-imap.service/start failed with result 'dependency'. Feb 09 21:45:03 rio systemd[1]: Dependency failed for Courier IMAP Daemon. Feb 09 21:45:03 rio systemd[1]: courier-imap.service: Job courier-imap.service/start failed with result 'dependency'. Feb 09 21:45:09 rio systemd[1]: Dependency failed for Courier IMAP Daemon. Feb 09 21:45:09 rio systemd[1]: courier-imap.service: Job courier-imap.service/start failed with result 'dependency'. Feb 09 21:45:39 rio systemd[1]: Dependency failed for Courier IMAP Daemon. Feb 09 21:45:39 rio systemd[1]: courier-imap.service: Job courier-imap.service/start failed with result 'dependency'. Warning: Journal has been rotated since unit was started. Log output is incomplete or unavailable. dpkg: error processing package courier-imap (--configure): installed courier-imap package post-installation script subprocess returned error exit status 1 Setting up courier-authdaemon (0.68.0-4+b1) ... Job for courier-authdaemon.service failed because the service did not take the steps required by its unit configuration. See "systemctl status courier-authdaemon.service" and "journalctl -xe" for details. invoke-rc.d: initscript courier-authdaemon, action "start" failed. * courier-authdaemon.service - Courier Authentification Daemon Loaded: loaded (/lib/systemd/system/courier-authdaemon.service; disabled; vendor preset: enabled) Active: failed (Result: protocol) since Fri 2018-02-09 21:45:39 NZDT; 8ms ago Process: 4623 ExecStart=/usr/sbin/authdaemond start (code=exited, status=0/SUCCESS) Main PID: 667 (code=exited, status=0/SUCCESS) Feb 09 21:45:39 rio systemd[1]: Starting Courier Authentification Daemon... Feb 09 21:45:39 rio systemd[1]: courier-authdaemon.service: Can't open PID file /run/courier/authdaemon/pid (yet?) after start: No such file or directory Feb 09 21:45:39 rio systemd[1]: courier-authdaemon.service: Failed with result 'protocol'. Feb 09 21:45:39 rio systemd[1]: Failed to start Courier Authentification Daemon. dpkg: error processing package courier-authdaemon (--configure): installed courier-authdaemon package post-installation script subprocess returned error exit status 1 Errors were encountered while processing: courier-pop courier-imap courier-authdaemon E: Sub-process /usr/bin/dpkg returned an error code (1) Setting up courier-pop (0.78.0-2+b1) ... A dependency job for courier-pop.service failed. See 'journalctl -xe' for details. ... Setting up courier-authdaemon (0.68.0-4+b1) ... Job for courier-authdaemon.service failed because the service did not take the steps required by its unit configuration. See "systemctl status courier-authdaemon.service" and "journalctl -xe" for details. invoke-rc.d: initscript courier-authdaemon, action "start" failed. * courier-authdaemon.service - Courier Authentification Daemon Loaded: loaded (/lib/systemd/system/courier-authdaemon.service; disabled; vendor preset: enabled) Active: failed (Result: protocol) since Fri 2018-02-09 21:45:41 NZDT; 7ms ago Process: 4821 ExecStart=/usr/sbin/authdaemond start (code=exited, status=0/SUCCESS) Main PID: 667 (code=exited, status=0/SUCCESS) Feb 09 21:45:41 rio systemd[1]: Starting Courier Authentification Daemon... Feb 09 21:45:41 rio systemd[1]: courier-authdaemon.service: Can't open PID file /run/courier/authdaemon/pid (yet?) after start: No such file or directory Feb 09 21:45:41 rio systemd[1]: courier-authdaemon.service: Failed with result 'protocol'. Feb 09 21:45:41 rio systemd[1]: Failed to start Courier Authentification Daemon. dpkg: error processing package courier-authdaemon (--configure): installed courier-authda
Bug#889751: [pkg-gnupg-maint] Bug#889751: scdaemon: BAD PIN since 2.2.4-2 upgrade
On Fri, 2018-02-09 at 10:10 +0100, Yves-Alexis Perez wrote: > On Thu, 2018-02-08 at 19:47 -0500, Daniel Kahn Gillmor wrote: > I'm adding Arnaud to the loop because he's the main developer, and I can > actually see that the last commit (https://github.com/ANSSI-FR/SmartPGP/comm > it > /78d769b671e429b6e3e7b2454b869a66f269741f) seems very relevant. > > So maybe the bug actually lies here rather than in scdaemon. > > > > can you try rebuilding with that patch removed and testing that? If > > you'd prefer i upload something to experimental for you to try without > > having to rebuild, let me know and i'll do that. > > Yes, I can try a rebuild and report back, but I'll first investigate > SmartPGP. > After a quick chat with Arnaud, it seems that even though there might be fixes to be done at the applet level, the GnuPG patch doesn't seem ready for prime time and reverting it might be a good idea. See that thread on gnupg-devel: https://lists.gnupg.org/pipermail/gnupg-devel/2018-February/033424.html I did a rebuild with the patch disabled and I can confirm it fixes the issue for me. Regards, -- Yves-Alexis signature.asc Description: This is a digitally signed message part
Bug#889859: [Debichem-devel] Bug#889859: chemps2: FTBFS on mipsel: test5 segfaults
Hi Michael, > Yeah, unfortunately, mipsel is not the most stable architecture. I am > not sure what we should do here, we can either agressively retry to > build on mipsel until all tests pass or alternatively ignore test > failures. I don't think it would be easy to just ignore them on mipsel, > so that'd mean we might not catch issues going forward on other arches. > > We do ignore testsuite failures for several other packages, but I think > it is way better to fail on testsuite failures and to diagnose them. In > this case, there's probably just not much to diagnose. > > The final alternative would be to remove the previous mipsel binaries so > the missing build here will not impact chemps2's testing migration. > > If it's not too much trouble, I would suggest to retry the build until it passes? Seb
Bug#889859: [Debichem-devel] Bug#889859: chemps2: FTBFS on mipsel: test5 segfaults
Hi, On Fri, Feb 09, 2018 at 09:26:25AM +0100, Sebastian Wouters wrote: > First one: > > Test project /<>/obj-mipsel-linux-gnu > Start 3: test3 > 1/3 Test #3: test3 Passed8.10 sec > Start 5: test5 > 2/3 Test #5: test5 ***Exception: SegFault 9.37 > sec > Start 8: test8 > 3/3 Test #8: test8 ***Exception: SegFault 6.62 > sec > > 33% tests passed, 2 tests failed out of 3 > > Total Test time (real) = 24.11 sec > > The following tests FAILED: > 5 - test5 (SEGFAULT) > 8 - test8 (SEGFAULT) > > > > Second one: > > Test project /<>/obj-mipsel-linux-gnu > Start 3: test3 > 1/3 Test #3: test3 Passed8.38 sec > Start 5: test5 > 2/3 Test #5: test5 Passed 19.40 sec > Start 8: test8 > 3/3 Test #8: test8 ***Exception: SegFault 6.53 > sec > > 67% tests passed, 1 tests failed out of 3 > > Total Test time (real) = 34.35 sec > > The following tests FAILED: > 8 - test8 (SEGFAULT) > > > > Third one: > > Test project /<>/obj-mipsel-linux-gnu > Start 3: test3 > 1/3 Test #3: test3 Passed 19.01 sec > Start 5: test5 > 2/3 Test #5: test5 ***Exception: SegFault 1.75 > sec > Start 8: test8 > 3/3 Test #8: test8 Passed 14.19 sec > > 67% tests passed, 1 tests failed out of 3 > > Total Test time (real) = 34.99 sec > > The following tests FAILED: > 5 - test5 (SEGFAULT) > > > It seems that passing or seg fault seems to occur randomly. Yeah, unfortunately, mipsel is not the most stable architecture. I am not sure what we should do here, we can either agressively retry to build on mipsel until all tests pass or alternatively ignore test failures. I don't think it would be easy to just ignore them on mipsel, so that'd mean we might not catch issues going forward on other arches. We do ignore testsuite failures for several other packages, but I think it is way better to fail on testsuite failures and to diagnose them. In this case, there's probably just not much to diagnose. The final alternative would be to remove the previous mipsel binaries so the missing build here will not impact chemps2's testing migration. Michael
Bug#889953: libbpp-phyl FTBFS on 32bit: RegisterRatesSubstitutionModel.h:154:36: error: invalid covariant return type
On Fri, Feb 09, 2018 at 09:34:58AM +0100, Julien Yann Dutheil wrote: > Hi, > > I have committed a patch. Thanks. > But there are other errors like: >... > /usr/include/c++/7/bits/stl_iterator.h:1241:5: note: parameter passing for > argument of type 'std::move_iterator' changed in GCC 7.1 > __miter_base(move_iterator<_Iterator> __it) > ^~~~ > > which I am unsure how to handle... This is not an error, this is a warning. libbpp-phyl in unstable already has a different so-name than libbpp-phyl in stable, so any potential stretch -> buster upgrade issues are already covered. > Julien. cu Adrian -- "Is there not promise of rain?" Ling Tan asked suddenly out of the darkness. There had been need of rain for many days. "Only a promise," Lao Er said. Pearl S. Buck - Dragon Seed
Bug#889751: [pkg-gnupg-maint] Bug#889751: scdaemon: BAD PIN since 2.2.4-2 upgrade
On Thu, 2018-02-08 at 19:47 -0500, Daniel Kahn Gillmor wrote: > Control: severity 889751 serious > > Hi Corsac-- > > On Wed 2018-02-07 11:28:42 +0100, Yves-Alexis Perez wrote: > > On Tue, 2018-02-06 at 20:42 +0100, Yves-Alexis Perez wrote: > > > > > since the recent 2.2.4-2 upgrade, when trying to use my smartcard (auth > > > key for SSH for example), I get: > > > > > > févr. 06 20:37:35 scapa gpg-agent[1793]: scdaemon[26257]: verify CHV2 > > > failed: Bad PIN > > > févr. 06 20:37:35 scapa gpg-agent[1793]: scdaemon[26257]: app_auth > > > failed: Bad PIN > > > févr. 06 20:37:35 scapa gpg-agent[1793]: smartcard signing failed: Bad > > > PIN > > > > > > even though I'm sure it's the right PIN. > > ugh, i'm sorry to hear this. > > > > At that point I'm a little reluctant in doing another try because it's > > > the last one before I need to get my admin PIN. > > > > Downgrading scdaemon, gpg-agent and gpgconf to 2.2.4-1 fixes the problem. > > If > > you need more information, please ask. > > I think the main likely culprit is > debian/patches/scd-Support-KDF-Data-Object-of-OpenPGPcard-V3.3.patch, > which was cherry-picked from upstream. > > Can you give more detail about what specific smartcard you have? It's the setup described on https://www.corsac.net/?rub=blog&post=1588 so a JavaCard running the SmartPGP applet from https://github.com/ANSSI-FR/smartPGP I'm adding Arnaud to the loop because he's the main developer, and I can actually see that the last commit (https://github.com/ANSSI-FR/SmartPGP/commit /78d769b671e429b6e3e7b2454b869a66f269741f) seems very relevant. So maybe the bug actually lies here rather than in scdaemon. > > can you try rebuilding with that patch removed and testing that? If > you'd prefer i upload something to experimental for you to try without > having to rebuild, let me know and i'll do that. Yes, I can try a rebuild and report back, but I'll first investigate SmartPGP. Regards, -- Yves-Alexis signature.asc Description: This is a digitally signed message part
Bug#889892: mpv: fix for CVE-2018-6360 breaks youtube playlists
Hi, Make sure you CC the bug number when you reply, so that other people can see your comments. On 08/02/18 14:26, Marc Becker wrote: > Hello James, > > newer upstream LUA code supports direct urls for playlists, v0.23 code does > not. > To my knowledge our (base) code forces calls 'youtube-dl' again for each > playlist > entry by adding a 'ytdl://'-prefix. > So FOR THIS VERSION it should not be necessary to check a url when CREATING a > playlist entry. It is certain to get to filter entries (again) due to their > prefix. > > So in short, keep the original: >> playlist = playlist .. "ytdl://" .. site .. "\n" > and only filter urls that are returned directly (line 270 ff.) or added to > EDL playlists. > > While I am aware this is against "fail early" practices it is closest > in control flow logic to the original code and there might be cases/sites > where the 'ytdl://' prefix is needed due to the older LUA logic. [replied to lower down] > Additionally: > If somebody manages to slip in a multiline value for 'site' it's over anyway… > Up-to-date upstream code does not really handle this either. > Let's hope the downloader validates its input. That probably warrants some investigation... > Glad if I could help and please scream at me if I'm on the wrong track here. You have been helpful - noone realized there was a regression until you reported it :) > Hi James, > > needed too long to compose last message, and missed your > mail(s), sorry > > The only problem would arise if there is some internal logic > that decides to return links to some other protocol type but > must, for some strange reason, again be handled by 'youtube-dl'. My fix has already been uploaded now do it would be a bit of a pain to change it :/ However, I think it is still correct. It effectively incorporates this upstream commit, so if what I have done is wrong, upstream has also made a mistake: https://github.com/mpv-player/mpv/commit/1623430b200c7bf67ec19bcab13ccbe9a494d2c7 Thanks, James signature.asc Description: OpenPGP digital signature
Bug#882141: closed by Scott Kitterman (Bug#882141: fixed in postfix 3.2.4-1)
On Fri, Feb 09, 2018 at 01:50:29AM -0500, Scott Kitterman wrote: > Because I don't get that error when I try to replicate the condition. So postconf does not fail for you if inet_interfaces lists an ip the system does not currently have? > Feb 09 01:28:58 relay02 postmulti[3783]: fatal: parameter inet_interfaces: no > local interface found for 1.2.3.4 According to this, postmulti errors out. And as postconf uses the same code, I don't see how it would succeed. > Not sure how to replicate the error you're having. The problem is a failing postconf/postmulti if the ip does not exists. And while the generator is called, apart from 127.0.0.1 and ::1, _none_ exist. Bastian -- Hailing frequencies open, Captain.
Bug#889953: libbpp-phyl FTBFS on 32bit: RegisterRatesSubstitutionModel.h:154:36: error: invalid covariant return type
Hi, I have committed a patch. But there are other errors like: In file included from /usr/include/c++/7/bits/stl_algobase.h:67:0, from /usr/include/c++/7/bits/char_traits.h:39, from /usr/include/c++/7/string:40, from /usr/include/Bpp/Numeric/VectorExceptions.h:46, from /usr/include/Bpp/Numeric/VectorTools.h:43, from /usr/include/Bpp/Numeric/Prob/DiscreteDistribution.h:43, from /usr/include/Bpp/Io/IoDiscreteDistributionFactory.h:43, from /usr/include/Bpp/Io/BppODiscreteDistributionFormat.h:43, from /<>/src/Bpp/Phyl/Io/BppORateDistributionFormat.h:43, from /<>/src/Bpp/Phyl/Io/BppORateDistributionFormat.cpp:40: /usr/include/c++/7/bits/stl_iterator.h: In function 'decltype (std::__miter_base(__it.base())) std::__miter_base(std::move_iterator<_IteratorL>) [with _Iterator = double*]': /usr/include/c++/7/bits/stl_iterator.h:1241:5: note: parameter passing for argument of type 'std::move_iterator' changed in GCC 7.1 __miter_base(move_iterator<_Iterator> __it) ^~~~ which I am unsure how to handle... Julien. On Fri, Feb 9, 2018 at 8:41 AM, Adrian Bunk wrote: > Source: libbpp-phyl > Version: 2.3.2-1 > Severity: serious > > https://buildd.debian.org/status/package.php?p=libbpp-phyl&suite=sid > > ... > In file included from /<>/src/Bpp/Phyl/Io/ > BppOSubstitutionModelFormat.cpp:113:0: > /<>/src/Bpp/Phyl/Io/../Model/RegisterRatesSubstitutionModel.h:154:36: > error: invalid covariant return type for 'virtual std::vector int> bpp::RegisterRatesSubstitutionModel::getModelStates(int) const' > std::vector getModelStates(int i) const > ^~ > In file included from /<>/src/Bpp/Phyl/Io/../Model/Codon/../ > AbstractBiblioSubstitutionModel.h:44:0, > from /<>/src/Bpp/Phyl/ > Io/../Model/Codon/MG94.h:43, > from /<>/src/Bpp/Phyl/Io/ > BppOSubstitutionModelFormat.cpp:50: > /<>/src/Bpp/Phyl/Io/../Model/Codon/../AbstractWrappedModel.h:77:25: > error: overriding 'virtual std::vector > bpp::AbstractWrappedModel::getModelStates(int) const' > std::vector getModelStates(int code) const { return > getModel().getModelStates(code); } > ^~ > > -- Julien Y. Dutheil, Ph-D 0 (+49) 4522 763 298 § Max Planck Institute for Evolutionary Biology Molecular Systems Evolution Department of Evolutionary Genetics Plön -- GERMANY § Institute of Evolutionary Sciences - Montpellier University of Montpellier 2 -- FRANCE
Bug#889859: chemps2: FTBFS on mipsel: test5 segfaults
Dear Aaron, Of the three build logs [1]: First one: Test project /<>/obj-mipsel-linux-gnu Start 3: test3 1/3 Test #3: test3 Passed8.10 sec Start 5: test5 2/3 Test #5: test5 ***Exception: SegFault 9.37 sec Start 8: test8 3/3 Test #8: test8 ***Exception: SegFault 6.62 sec 33% tests passed, 2 tests failed out of 3 Total Test time (real) = 24.11 sec The following tests FAILED: 5 - test5 (SEGFAULT) 8 - test8 (SEGFAULT) Second one: Test project /<>/obj-mipsel-linux-gnu Start 3: test3 1/3 Test #3: test3 Passed8.38 sec Start 5: test5 2/3 Test #5: test5 Passed 19.40 sec Start 8: test8 3/3 Test #8: test8 ***Exception: SegFault 6.53 sec 67% tests passed, 1 tests failed out of 3 Total Test time (real) = 34.35 sec The following tests FAILED: 8 - test8 (SEGFAULT) Third one: Test project /<>/obj-mipsel-linux-gnu Start 3: test3 1/3 Test #3: test3 Passed 19.01 sec Start 5: test5 2/3 Test #5: test5 ***Exception: SegFault 1.75 sec Start 8: test8 3/3 Test #8: test8 Passed 14.19 sec 67% tests passed, 1 tests failed out of 3 Total Test time (real) = 34.99 sec The following tests FAILED: 5 - test5 (SEGFAULT) It seems that passing or seg fault seems to occur randomly. Best wishes, Sebastian [1] https://buildd.debian.org/status/logs.php?pkg=chemps2&ver=1.8.5-1&arch=mipsel
Bug#889953: libbpp-phyl FTBFS on 32bit: RegisterRatesSubstitutionModel.h:154:36: error: invalid covariant return type
Source: libbpp-phyl Version: 2.3.2-1 Severity: serious https://buildd.debian.org/status/package.php?p=libbpp-phyl&suite=sid ... In file included from /<>/src/Bpp/Phyl/Io/BppOSubstitutionModelFormat.cpp:113:0: /<>/src/Bpp/Phyl/Io/../Model/RegisterRatesSubstitutionModel.h:154:36: error: invalid covariant return type for 'virtual std::vector bpp::RegisterRatesSubstitutionModel::getModelStates(int) const' std::vector getModelStates(int i) const ^~ In file included from /<>/src/Bpp/Phyl/Io/../Model/Codon/../AbstractBiblioSubstitutionModel.h:44:0, from /<>/src/Bpp/Phyl/Io/../Model/Codon/MG94.h:43, from /<>/src/Bpp/Phyl/Io/BppOSubstitutionModelFormat.cpp:50: /<>/src/Bpp/Phyl/Io/../Model/Codon/../AbstractWrappedModel.h:77:25: error: overriding 'virtual std::vector bpp::AbstractWrappedModel::getModelStates(int) const' std::vector getModelStates(int code) const { return getModel().getModelStates(code); } ^~
Bug#889859: chemps2: FTBFS on mipsel: test5 segfaults
Dear Aaron, To be honest, I haven't got the fogiest. On other architectures, it works fine. And test5 hasn't been individually changed since v1.8 was released (24 Aug 2016): https://github.com/SebWouters/CheMPS2/commits/master/tests/test5.cpp.in https://github.com/SebWouters/CheMPS2/releases Could it be that it was an individual accidental seg fault, which doesn't re-occur upon running another time? Best wishes, Sebastian