Processed: Re: Bug#901562: invesalius: Segmentation fault at startup

2018-06-14 Thread Debian Bug Tracking System 
Processing control commands:

> forwarded -1 https://github.com/invesalius/invesalius3/issues/136
Bug #901562 [invesalius] invesalius: Segmentation fault at startup
Set Bug forwarded-to-address to 
'https://github.com/invesalius/invesalius3/issues/136'.
> tags -1 upstream
Bug #901562 [invesalius] invesalius: Segmentation fault at startup
Added tag(s) upstream.
> tags -1 help
Bug #901562 [invesalius] invesalius: Segmentation fault at startup
Added tag(s) help.

-- 
901562: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901562
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#833692: pinot: links GPLv2+ code with OpenSSL

2018-06-14 Thread Jonas Smedegaard 
Quoting Olly Betts (2018-06-14 22:46:54)
> I've already made an upload, but it looks like there are some changes 
> there since the last upload (at least to debian/copyright).  I'll sort 
> out merging them and doing another upload, though I might let the 
> first upload migrate to testing first, so at least pinot is back in 
> testing.
> 
> > Thanks a lot for co-maintaining!  Please do tell if you have any 
> > questions or disagree with how some stuff was done in the past - or 
> > simply change things and inform me, if you prefer (we are in it 
> > together - equally!).
> 
> I changed from cdbs to dh as you said that was OK on IRC, and together 
> with moving to debhelper compat 11 that makes for a very simple 
> debian/rules.
> 
> I left the update to gmime 3.0 out of this upload as it seemed better 
> to prioritise fixing the RC bugs and get a working package back in 
> testing.

Good.  All of it.


 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private


signature.asc
Description: signature

Bug#901562: invesalius: Segmentation fault at startup

2018-06-14 Thread Andreas Tille 
Control: forwarded -1 https://github.com/invesalius/invesalius3/issues/136
Control: tags -1 upstream
Control: tags -1 help

Hi,

thank you for the bug report.
I've forwarded the issue upstream and hope for a quick solution.

Kind regards

  Andreas.

-- 
http://fam-tille.de

Bug#901109: marked as done (icmake: FTBFS when built with dpkg-buildpackage -A)

2018-06-14 Thread Debian Bug Tracking System 
Your message dated Fri, 15 Jun 2018 05:19:24 +
with message-id 
and subject line Bug#901109: fixed in icmake 9.02.07-2
has caused the Debian Bug report #901109,
regarding icmake: FTBFS when built with dpkg-buildpackage -A
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
901109: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901109
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: src:icmake
Version: 9.02.07-1
Severity: serious

Dear maintainer:

I tried to build this package in stretch with "dpkg-buildpackage -A"
but it failed:


[...]
 debian/rules build-indep
dh build-indep
   dh_update_autotools_config -i
   dh_autoreconf -i
   debian/rules override_dh_auto_build-indep
make[1]: Entering directory '/<>'
./icm_install docdoc  debian/icmake-doc

Usage: ./icm_install [strip] all|progs|scripts|man|skel|doc|etc|docdoc 
[installdir]

debian/rules:37: recipe for target 'override_dh_auto_build-indep' failed
make[1]: *** [override_dh_auto_build-indep] Error 1
make[1]: Leaving directory '/<>'
debian/rules:14: recipe for target 'build-indep' failed
make: *** [build-indep] Error 2
dpkg-buildpackage: error: debian/rules build-indep subprocess returned exit 
status 2


To reproduce, please try "dpkg-buildpackage -A".
(The error does not happen with "dpkg-buildpackage").

Thanks.
--- End Message ---
--- Begin Message ---
Source: icmake
Source-Version: 9.02.07-2

We believe that the bug you reported is fixed in the latest version of
icmake, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 901...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
tony mancill  (supplier of updated icmake package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 14 Jun 2018 21:51:35 -0700
Source: icmake
Binary: icmake icmake-doc
Architecture: source all amd64
Version: 9.02.07-2
Distribution: unstable
Urgency: medium
Maintainer: Francesco Paolo Lovergine 
Changed-By: tony mancill 
Description:
 icmake - Intelligent C-like MAKEr, or the ICce MAKE utility
 icmake-doc - Documentation files for icmake
Closes: 901109
Changes:
 icmake (9.02.07-2) unstable; urgency=medium
 .
   * Update Vcs fields for migration from Alioth -> Salsa
   * Bump Standards-Version to 4.1.4
   * Address FTBFS with dpkg-buildpackage -A (Closes: #901109)
   * Update Homepage, Source and watch for new upstream location
Checksums-Sha1:
 c5b6f43cc66e4380420c76fb5f39af7798d2ad10 2027 icmake_9.02.07-2.dsc
 326d6cbdc2ab666a890969bd849714912b1aa927 6092 icmake_9.02.07-2.debian.tar.xz
 c29e2ae1f89e72cbda68eef5543fce1cfa4fc14c 106568 icmake-doc_9.02.07-2_all.deb
 701a91dd0ec78931cbfb342b2ac9bcf28a075582 5731 icmake_9.02.07-2_amd64.buildinfo
 fc1731815407e8631de17cb75f17562083f45008 129772 icmake_9.02.07-2_amd64.deb
Checksums-Sha256:
 06b430e3548c55659b25d34d6fb9a6e75b624dcd4a718edf3ce8b08387300daf 2027 
icmake_9.02.07-2.dsc
 75daf56d6fb83f6abb847b915b686f6d2d0457783cc9a68ad4de32feef390553 6092 
icmake_9.02.07-2.debian.tar.xz
 0e732ec64dd94abf1d5be4b85bdd7e8115d5ab574cc1ad0a6dd1a98e3b066fd3 106568 
icmake-doc_9.02.07-2_all.deb
 4fc5d4f4390ead721a0a33dc75fd74450c10a61ad8457651e9f4d24213402cf4 5731 
icmake_9.02.07-2_amd64.buildinfo
 5f0c63d766615a1d9dafc16120a86ca27c9b5aa5acde9b3c58561989b4ddcd6f 129772 
icmake_9.02.07-2_amd64.deb
Files:
 c1f0c69e4ab6dff76ca9a3d157546cad 2027 devel optional icmake_9.02.07-2.dsc
 81c734d59a2b614c0b4471afde898742 6092 devel optional 
icmake_9.02.07-2.debian.tar.xz
 fc860a7e3b1de871e2bb020043d70c68 106568 doc optional 
icmake-doc_9.02.07-2_all.deb
 cca856b102cdd0d2724cd296b94566e2 5731 devel optional 
icmake_9.02.07-2_amd64.buildinfo
 2e65770cf9b00da81e14e506cfa53767 129772 devel optional 
icmake_9.02.07-2_amd64.deb

-BEGIN PGP SIGNATURE-

iQJIBAEBCgAyFiEE5Qr9Va3SequXFjqLIdIFiZdLPpYFAlsjRtwUHHRtYW5jaWxs
QGRlYmlhbi5vcmcACgkQIdIFiZdLPpbC9Q/6AzLCK/lWkFJGc0KkKWhRlY6fM9OE
Zu4gzhy6CMS+cvvnorHwuRyD83iZrl7NborYRbgtiANYG0fqRwaWxR9Tovc7a1wA

Processed: notfound 901574 in 1.6.5-7

2018-06-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> notfound 901574 1.6.5-7
Bug #901574 {Done: Colin Watson } [pass] pass: Security 
Vulnerability: Faulty GPG Signature Checking (CVE-2018-12356)
No longer marked as found in versions password-store/1.6.5-7.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
901574: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901574
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: found 901574 in 1.7.1-4

2018-06-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> found 901574 1.7.1-4
Bug #901574 {Done: Colin Watson } [pass] pass: Security 
Vulnerability: Faulty GPG Signature Checking (CVE-2018-12356)
Marked as found in versions password-store/1.7.1-4.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
901574: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901574
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#869994: SQL-Ledger packaging project at salsa.debian.org

2018-06-14 Thread Robert J. Clay 
The old Aloith server is is no longer available and has largely been
replaced the new GItLab instance at salsa.debian.org.

The SQL-Ledger packaging project is now at
https://salsa.debian.org/debian/sql-ledger.


-- 
Robert J. Clay
rjc...@gmail.com

Bug#901574: marked as done (pass: Security Vulnerability: Faulty GPG Signature Checking (CVE-2018-12356))

2018-06-14 Thread Debian Bug Tracking System 
Your message dated Fri, 15 Jun 2018 00:49:45 +
with message-id 
and subject line Bug#901574: fixed in password-store 1.7.2-1
has caused the Debian Bug report #901574,
regarding pass: Security Vulnerability: Faulty GPG Signature Checking 
(CVE-2018-12356)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
901574: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901574
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: pass
Version: 1.6.5-7
Severity: important

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

I was reading 
https://lists.zx2c4.com/pipermail/password-store/2018-June/003308.html and 
checked my installation and saw the security fix wasn't applied yet.

Please apply commit:
https://git.zx2c4.com/password-store/commit/?id=8683403b77f59c56fcb1f05c61ab33b9fd61a30d

See also:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/11310766438958f0166ac0ba0d77fe0174f6e937


*** End of the template - remove these template lines ***


-- System Information:
Debian Release: 9.4
  APT prefers stable
  APT policy: (999, 'stable'), (900, 'testing'), (400, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-6-amd64 (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968), LANGUAGE=en_US:en 
(charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages pass depends on:
ii  gnupg   2.1.18-8~deb9u2
ii  gnupg2  2.1.18-8~deb9u2
ii  pwgen   2.07-1.1+b1
ii  tree1.7.0-5

Versions of packages pass recommends:
ii  git 1:2.11.0-3+deb9u3
ii  gnupg2  2.1.18-8~deb9u2
ii  xclip   0.12+svn84-4+b1

Versions of packages pass suggests:
ii  libxml-simple-perl  2.22-1
iu  perl5.24.1-3+deb9u4
ii  ruby1:2.3.3

-- no debconf information
--- End Message ---
--- Begin Message ---
Source: password-store
Source-Version: 1.7.2-1

We believe that the bug you reported is fixed in the latest version of
password-store, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 901...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Colin Watson  (supplier of updated password-store package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 15 Jun 2018 01:16:58 +0100
Source: password-store
Binary: pass
Architecture: source
Version: 1.7.2-1
Distribution: unstable
Urgency: medium
Maintainer: Colin Watson 
Changed-By: Colin Watson 
Description:
 pass   - lightweight directory-based password manager
Closes: 901574
Changes:
 password-store (1.7.2-1) unstable; urgency=medium
 .
   * New upstream release:
 - CVE-2018-12356: Ensure signature regexes are anchored (closes:
   #901574).
Checksums-Sha1:
 b1ea37522f359b62c649d7a295641ebeeca869aa 1892 password-store_1.7.2-1.dsc
 d8027e01634cec0694a5513ab6950e639cf2c69c 63620 password-store_1.7.2.orig.tar.xz
 69aae8d84360bee5978e66afbf6241bc779c67c9 6288 
password-store_1.7.2-1.debian.tar.xz
 acc6afe41737756b321a3dddad9b3799d62b417c 10724 
password-store_1.7.2-1_source.buildinfo
Checksums-Sha256:
 8484d389c7e44716d8c12497be66e35ea3f6f03f8cfbbb0b9af5f639ec2e574a 1892 
password-store_1.7.2-1.dsc
 4768c5e1965c4d2aeb28818681e484fb105b6f46cbd75a97608615c4ec6980ea 63620 
password-store_1.7.2.orig.tar.xz
 86e3c09b5d4e5c4b7a4079a4c09858182d71eba0ea49d143434231fe2c2da461 6288 
password-store_1.7.2-1.debian.tar.xz
 270a21afb11669dff9a0a0fd2e694c1a9f9fe3c8cc9b5f2b70800698e9dd52a0 10724 
password-store_1.7.2-1_source.buildinfo
Files:
 50612f4566c3b8ad0da0667a068acad8 1892 admin optional password-store_1.7.2-1.dsc
 6e2fd1baae2354fe03fae85e403505be 63620 admin optional 
password-store_1.7.2.orig.tar.xz
 57e70ed142f43f81a13d05b76af974f3 6288 admin optional 
password-store_1.7.2-1.debian.tar.xz
 4941737e59a4b7b326332dafd6bb9bd1 10724 admin optional 
password-store_1.7.2-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEErApP8SYRtvzPAcEROTWH2X2GUAsFAlsjBZEACgkQOTWH2X2G
UAtdEg/+KtXsuzWutZVcJscDAbnHdxDu0QnccJy9V0+M3MSF8e4YXiq8w8ZdS07E

Bug#897555: subversion: FTBFS: /bin/bash: /usr/lib/jvm/default-java/bin/javah: No such file or directory

2018-06-14 Thread James McCoy 
On Thu, Jun 14, 2018 at 08:49:53PM +0300, Niko Tyni wrote:
> On Wed, May 16, 2018 at 08:33:58AM -0400, James McCoy wrote:
> > On Fri, May 11, 2018 at 04:27:39PM +0200, Emmanuel Bourg wrote:
> > > Control: tags -1 + patch
> > > 
> > > Le 06/05/2018 à 02:13, James McCoy a écrit :
> > > 
> > > > It looks like that will do the right thing.  Now I just need to figure
> > > > out the larger issue of adapting upstream's build system.
> > > 
> > > I've managed to patch the EZT Make template to use 'javac -h' instead of
> > > javah. A few classes with no native methods but static fields used in
> > > native code also required the addition of the @Native annotation.
> > 
> > Thanks!  I'll get the annotations upstreamed soon, since those seem like
> > obvious fixes.  I'm pretty close to having a more general fix for the
> > Java templates, but if subversion starts getting in the way of other
> > packages it's good to have your patch to fall back on.
> 
> Hi, any news on this? It's blocking parts of our Perl 5.28 rebuild
> testing, and will obviously block the transition as well when we get
> that far.

I ended up having to throw away what I had been doing and try a
different approach.  That got sidelined by other work, so I'll look into
uploading Emmanuel's temporary fix soon.

Cheers,
-- 
James
GPG Key: 4096R/91BF BF4D 6956 BD5D F7B7  2D23 DFE6 91AE 331B A3DB

Bug#901575: ln: '/usr/share/emacs/site-lisp/dictionaries-common/debian-ispell.el' and './debian-ispell.el' are the same file

2018-06-14 Thread 積丹尼 Dan Jacobson 
Package: dictionaries-common
Version: 1.27.5
Severity: grave

Setting up dictionaries-common (1.27.5) ...
Install emacsen-common for emacs
emacsen-common: Handling install of emacsen flavor emacs
Install dictionaries-common for emacs
install/dictionaries-common: Byte-compiling for emacsen flavour emacs
ln: '/usr/share/emacs/site-lisp/dictionaries-common/debian-ispell.el' and 
'./debian-ispell.el' are the same file
ERROR: install script from dictionaries-common package failed
dpkg: error processing package dictionaries-common (--configure):
 installed dictionaries-common package post-installation script subprocess 
returned error exit status 1
Processing triggers for man-db (2.8.3-2) ...
Errors were encountered while processing:
 dictionaries-common
E: Sub-process /usr/bin/dpkg returned an error code (1)

Processed: severity of 901574 is grave

2018-06-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> severity 901574 grave
Bug #901574 [pass] pass: Security Vulnerability: Faulty GPG Signature Checking 
(CVE-2018-12356)
Severity set to 'grave' from 'important'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
901574: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901574
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: retitle 901549 to matrix-synapse: CVE-2018-12423: unauthorised users can hijack rooms when there is no m.room.power_levels event in force

2018-06-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> retitle 901549 matrix-synapse: CVE-2018-12423: unauthorised users can hijack 
> rooms when there is no m.room.power_levels event in force
Bug #901549 {Done: Andrej Shadura } [src:matrix-synapse] 
matrix-synapse: unauthorised users can hijack rooms when there is no 
m.room.power_levels event in force
Changed Bug title to 'matrix-synapse: CVE-2018-12423: unauthorised users can 
hijack rooms when there is no m.room.power_levels event in force' from 
'matrix-synapse: unauthorised users can hijack rooms when there is no 
m.room.power_levels event in force'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
901549: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901549
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#859719: sslscan: Please migrate to openssl1.1 in Buster

2018-06-14 Thread Sebastian Andrzej Siewior 
Marvin, do you have any plans here? Upstream made it clear that they
won't support openssl 1.1.0+ and I doubt that an embedded copy of the
ssl library will work here (not saying it won't, it is not my
decision).

Sebastian

Processed: your mail

2018-06-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> forwarded 859784 https://github.com/tobez/validns/pull/64
Bug #859784 [validns] validns: Please migrate to openssl1.1 in Buster
Set Bug forwarded-to-address to 'https://github.com/tobez/validns/pull/64'.
>
End of message, stopping processing here.

Please contact me if you need assistance.
-- 
859784: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859784
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#901572: acccheck: CVE-2018-12268: Command Injection via shell metacharacters in a username or password file

2018-06-14 Thread Salvatore Bonaccorso 
Source: acccheck
Version: 0.2.1-1
Severity: grave
Tags: security upstream

Hi,

The following vulnerability was published for acccheck.

CVE-2018-12268[0]:
| acccheck.pl in acccheck 0.2.1 allows Command Injection via shell
| metacharacters in a username or password file, as demonstrated by
| injection into an smbclient command line.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2018-12268
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12268

Regards,
Salvatore

Processed: Re: Bug#901547: seabios: Source tarball ships compiled binaries

2018-06-14 Thread Debian Bug Tracking System 
Processing control commands:

> tag -1 + moreinfo
Bug #901547 [seabios] seabios: Source tarball ships compiled binaries
Added tag(s) moreinfo.

-- 
901547: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901547
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#901547: seabios: Source tarball ships compiled binaries

2018-06-14 Thread Michael Tokarev 
Control: tag -1 + moreinfo

14.06.2018 19:23, Vivia Nikolaidou wrote:
> Package: seabios
> Version: 1.11.1-1
> Severity: serious
> Justification: Policy 2.1.2
> 
> Dear Maintainer,
> 
> I just noticed that the source tarball of seabios includes some compiled
> binaries:
[]
> They should not be shipped at all, they should just be built when packaging.

What is "should" in this case? I don't see a reason to repackage upstream
tarball just to remove the iasl pre-compiled files it contains.
We ensure the pre-built files are not used during build, and the source
of them is included, so we comply to DFSG.

Thanks,

/mjt

Processed: Re: Bug#901567: unburden-home-dir: FTBFS: No such file or directory: '/usr/lib/python3/dist-packages/mkdocs/themes/readthedocs/fonts/fontawesome-webfont.woff'

2018-06-14 Thread Debian Bug Tracking System 
Processing control commands:

> reassign -1 mkdocs 0.17.4+dfsg-1
Bug #901567 [src:unburden-home-dir] unburden-home-dir: FTBFS: No such file or 
directory: 
'/usr/lib/python3/dist-packages/mkdocs/themes/readthedocs/fonts/fontawesome-webfont.woff'
Bug reassigned from package 'src:unburden-home-dir' to 'mkdocs'.
No longer marked as found in versions unburden-home-dir/0.4.1.
Ignoring request to alter fixed versions of bug #901567 to the same values 
previously set
Bug #901567 [mkdocs] unburden-home-dir: FTBFS: No such file or directory: 
'/usr/lib/python3/dist-packages/mkdocs/themes/readthedocs/fonts/fontawesome-webfont.woff'
Marked as found in versions python-mkdocs/0.17.4+dfsg-1.
> forcemerge 901318 -1
Bug #901318 [mkdocs] mkdocs: package contains broken symlink to font-awesome.ttf
Bug #901567 [mkdocs] unburden-home-dir: FTBFS: No such file or directory: 
'/usr/lib/python3/dist-packages/mkdocs/themes/readthedocs/fonts/fontawesome-webfont.woff'
Severity set to 'important' from 'serious'
901567 was not blocked by any bugs.
901567 was not blocking any bugs.
Added blocking bug(s) of 901567: 899124
Marked as found in versions python-mkdocs/0.17.3+dfsg-1.
Bug #901318 [mkdocs] mkdocs: package contains broken symlink to font-awesome.ttf
Marked as found in versions python-mkdocs/0.17.4+dfsg-1.
Merged 901318 901567
> severity -1 serious
Bug #901567 [mkdocs] unburden-home-dir: FTBFS: No such file or directory: 
'/usr/lib/python3/dist-packages/mkdocs/themes/readthedocs/fonts/fontawesome-webfont.woff'
Bug #901318 [mkdocs] mkdocs: package contains broken symlink to font-awesome.ttf
Severity set to 'serious' from 'important'
Severity set to 'serious' from 'important'
> affects -1 + src:unburden-home-dir
Bug #901567 [mkdocs] unburden-home-dir: FTBFS: No such file or directory: 
'/usr/lib/python3/dist-packages/mkdocs/themes/readthedocs/fonts/fontawesome-webfont.woff'
Bug #901318 [mkdocs] mkdocs: package contains broken symlink to font-awesome.ttf
Added indication that 901567 affects src:unburden-home-dir
Added indication that 901318 affects src:unburden-home-dir

-- 
901318: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901318
901567: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901567
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#833692: pinot: links GPLv2+ code with OpenSSL

2018-06-14 Thread Olly Betts 
On Thu, Jun 14, 2018 at 11:13:04AM +0200, Jonas Smedegaard wrote:
> Quoting Olly Betts (2018-06-14 04:29:27)
> > On Thu, Jun 14, 2018 at 12:45:38AM +0200, Jonas Smedegaard wrote:
> >> I still like pinot and believe there is a use for it in Debian as 
> >> alternative to extract and tracker.  But evidently it keeps falling 
> >> too low on my priority list :-(
> >> 
> >> Please do adopt it.  Or co-maintain it with me, if you prefer that.
> >
> > Sounds good.  I've made a start on preparing an upload.
> >
> > It looks like the packaging was on collab-maint which has now gone - 
> > do you have a checkout of it handy?  Not vital, but preserving the 
> > history seems useful if it's easy to do.
> 
> https://salsa.debian.org/debian/pinot

Thanks.

I've already made an upload, but it looks like there are some changes
there since the last upload (at least to debian/copyright).  I'll
sort out merging them and doing another upload, though I might let the
first upload migrate to testing first, so at least pinot is back in
testing.

> Thanks a lot for co-maintaining!  Please do tell if you have any 
> questions or disagree with how some stuff was done in the past - or 
> simply change things and inform me, if you prefer (we are in it together 
> - equally!).

I changed from cdbs to dh as you said that was OK on IRC, and together
with moving to debhelper compat 11 that makes for a very simple
debian/rules.

I left the update to gmime 3.0 out of this upload as it seemed better
to prioritise fixing the RC bugs and get a working package back in
testing.

Cheers,
Olly

Bug#901567: unburden-home-dir: FTBFS: No such file or directory: '/usr/lib/python3/dist-packages/mkdocs/themes/readthedocs/fonts/fontawesome-webfont.woff'

2018-06-14 Thread Axel Beckert 
Control: reassign -1 mkdocs 0.17.4+dfsg-1
Control: forcemerge 901318 -1 
Control: severity -1 serious
Control: affects -1 + src:unburden-home-dir

Hi Niko,

thanks for the bug report. I can confirm that unburden-home-dir
currently FTBFS due to this issue.

Niko Tyni wrote:
> It probably regressed due to mkdocs changes (currently at 0.17.4+dfsg-1),
> please reassign + set affects if it's a bug there.

Done herewith as this indeed is a bug in mkdocs:

>   make[1]: Entering directory '/<>'
>   env LC_ALL=C.UTF-8 mkdocs build --clean
>   ronn --manual="Unburden Your Home Directory" -r --pipe 
> docs/unburden-home-dir.1.md > unburden-home-dir.1
>   INFO-  Cleaning site directory 
>   INFO-  Building documentation to directory: /<>/html 
>   Traceback (most recent call last):
> File "/usr/bin/mkdocs", line 6, in 
>   cli()
> File "/usr/lib/python3/dist-packages/click/core.py", line 722, in __call__
>   return self.main(*args, **kwargs)
> File "/usr/lib/python3/dist-packages/click/core.py", line 697, in main
>   rv = self.invoke(ctx)
> File "/usr/lib/python3/dist-packages/click/core.py", line 1066, in invoke
>   return _process_result(sub_ctx.command.invoke(sub_ctx))
> File "/usr/lib/python3/dist-packages/click/core.py", line 895, in invoke
>   return ctx.invoke(self.callback, **ctx.params)
> File "/usr/lib/python3/dist-packages/click/core.py", line 535, in invoke
>   return callback(*args, **kwargs)
> File "/usr/lib/python3/dist-packages/mkdocs/__main__.py", line 156, in 
> build_command
>   ), dirty=not clean)
> File "/usr/lib/python3/dist-packages/mkdocs/commands/build.py", line 276, 
> in build
>   theme_dir, config['site_dir'], exclude=['*.py', '*.pyc', '*.html', 
> 'mkdocs_theme.yml'], dirty=dirty
> File "/usr/lib/python3/dist-packages/mkdocs/utils/__init__.py", line 179, 
> in copy_media_files
>   copy_file(source_path, output_path)
> File "/usr/lib/python3/dist-packages/mkdocs/utils/__init__.py", line 113, 
> in copy_file
>   shutil.copyfile(source_path, output_path)
> File "/usr/lib/python3.6/shutil.py", line 120, in copyfile
>   with open(src, 'rb') as fsrc:
>   FileNotFoundError: [Errno 2] No such file or directory: 
> '/usr/lib/python3/dist-packages/mkdocs/themes/readthedocs/fonts/fontawesome-webfont.woff'
>   make[1]: *** [Makefile:10: html/index.html] Error 1

… and already filed: https://bugs.debian.org/901318

It seems caused by a change in the fonts-font-awesome package on whose
files mkdocs has symlinks to, which are currently broken. As far as I
can see, at least those two symlinks are affected:
/usr/lib/python3/dist-packages/mkdocs/themes/readthedocs/fonts/fontawesome-webfont.woff
/usr/lib/python3/dist-packages/mkdocs/themes/readthedocs/fonts/fontawesome-webfont.ttf

At least in my case it bailed out because of another file as in your case.

Regards, Axel
-- 
 ,''`.  |  Axel Beckert , https://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-|  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE

Processed: Re: Please stop build-depending on pdftk

2018-06-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> severity 893702 serious
Bug #893702 [src:diffoscope] Please stop build-depending on pdftk
Severity set to 'serious' from 'important'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
893702: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893702
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#901567: unburden-home-dir: FTBFS: No such file or directory: '/usr/lib/python3/dist-packages/mkdocs/themes/readthedocs/fonts/fontawesome-webfont.woff'

2018-06-14 Thread Niko Tyni 
Source: unburden-home-dir
Version: 0.4.1
Severity: serious

This package fails to build on current sid/amd64.

It probably regressed due to mkdocs changes (currently at 0.17.4+dfsg-1),
please reassign + set affects if it's a bug there.


  make[1]: Entering directory '/<>'
  env LC_ALL=C.UTF-8 mkdocs build --clean
  ronn --manual="Unburden Your Home Directory" -r --pipe 
docs/unburden-home-dir.1.md > unburden-home-dir.1
  INFO-  Cleaning site directory 
  INFO-  Building documentation to directory: /<>/html 
  Traceback (most recent call last):
File "/usr/bin/mkdocs", line 6, in 
  cli()
File "/usr/lib/python3/dist-packages/click/core.py", line 722, in __call__
  return self.main(*args, **kwargs)
File "/usr/lib/python3/dist-packages/click/core.py", line 697, in main
  rv = self.invoke(ctx)
File "/usr/lib/python3/dist-packages/click/core.py", line 1066, in invoke
  return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/usr/lib/python3/dist-packages/click/core.py", line 895, in invoke
  return ctx.invoke(self.callback, **ctx.params)
File "/usr/lib/python3/dist-packages/click/core.py", line 535, in invoke
  return callback(*args, **kwargs)
File "/usr/lib/python3/dist-packages/mkdocs/__main__.py", line 156, in 
build_command
  ), dirty=not clean)
File "/usr/lib/python3/dist-packages/mkdocs/commands/build.py", line 276, 
in build
  theme_dir, config['site_dir'], exclude=['*.py', '*.pyc', '*.html', 
'mkdocs_theme.yml'], dirty=dirty
File "/usr/lib/python3/dist-packages/mkdocs/utils/__init__.py", line 179, 
in copy_media_files
  copy_file(source_path, output_path)
File "/usr/lib/python3/dist-packages/mkdocs/utils/__init__.py", line 113, 
in copy_file
  shutil.copyfile(source_path, output_path)
File "/usr/lib/python3.6/shutil.py", line 120, in copyfile
  with open(src, 'rb') as fsrc:
  FileNotFoundError: [Errno 2] No such file or directory: 
'/usr/lib/python3/dist-packages/mkdocs/themes/readthedocs/fonts/fontawesome-webfont.woff'
  make[1]: *** [Makefile:10: html/index.html] Error 1
  make[1]: Leaving directory '/<>'
  dh_auto_build: make -j4 returned exit code 2
  make: *** [debian/rules:8: binary] Error 2
 
Thanks for your work,
-- 
Niko Tyni   nt...@debian.org

Bug#900953: marked as done (plexus-archiver: CVE-2018-1002200)

2018-06-14 Thread Debian Bug Tracking System 
Your message dated Thu, 14 Jun 2018 19:17:10 +
with message-id 
and subject line Bug#900953: fixed in plexus-archiver 2.2-1+deb9u1
has caused the Debian Bug report #900953,
regarding plexus-archiver: CVE-2018-1002200
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
900953: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900953
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: plexus-archiver
Version: 3.5-1
Severity: grave
Tags: patch security upstream
Justification: user security hole
Forwarded: https://github.com/codehaus-plexus/plexus-archiver/pull/87

Hi,

The following vulnerability was published for plexus-archiver.

CVE-2018-1002200[0]:
| arbitrary file write vulnerability / arbitrary code execution using a
| specially crafted zip file

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2018-1002200
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002200
[1] https://github.com/codehaus-plexus/plexus-archiver/pull/87

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: plexus-archiver
Source-Version: 2.2-1+deb9u1

We believe that the bug you reported is fixed in the latest version of
plexus-archiver, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 900...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso  (supplier of updated plexus-archiver 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 10 Jun 2018 16:49:48 +0200
Source: plexus-archiver
Binary: libplexus-archiver-java
Architecture: source
Version: 2.2-1+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Debian Java Maintainers 

Changed-By: Salvatore Bonaccorso 
Description:
 libplexus-archiver-java - Archiver plugin for the Plexus compiler system
Closes: 900953
Changes:
 plexus-archiver (2.2-1+deb9u1) stretch-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fail when trying to extract outside of dest dir (CVE-2018-1002200)
 Fixes arbitrary file write vulnerability using a specially crafted zip
 file. (Closes: #900953)
Checksums-Sha1:
 b240cce32f14ba1f7074af0ca35e0ef718872ee0 2480 plexus-archiver_2.2-1+deb9u1.dsc
 bcbe1e9013634eb77c20b90729c0434df9a11246 136141 plexus-archiver_2.2.orig.tar.gz
 2ac61f5c2eec9e3ffa532280bbe0cc9300a50a54 4924 
plexus-archiver_2.2-1+deb9u1.debian.tar.xz
 3dc5d05a123c571d10063c6e3bec7c460be62b70 6188 
plexus-archiver_2.2-1+deb9u1_source.buildinfo
Checksums-Sha256:
 840aeb21bbe2b43850123ec4b542cba9457eea26e766b63522576789616e1ce8 2480 
plexus-archiver_2.2-1+deb9u1.dsc
 93572eafdbf0e037303a5a1ed7e91b9cb251a9072ae513067efa5ca3ca32570e 136141 
plexus-archiver_2.2.orig.tar.gz
 4fccf74ef9cbea391933543f7cbd697aff405756c70b46a24aa355cd6c2376ab 4924 
plexus-archiver_2.2-1+deb9u1.debian.tar.xz
 a50060addb77050187942a4cb64de024b3fc70f85cf53804650eccafb24b8cfe 6188 
plexus-archiver_2.2-1+deb9u1_source.buildinfo
Files:
 5d56f32b90171db07195165d8eb1300d 2480 java optional 
plexus-archiver_2.2-1+deb9u1.dsc
 d3325095c0859aeac96aa14d7276a9d3 136141 java optional 
plexus-archiver_2.2.orig.tar.gz
 4df7e694bc223a6171b0e1073dcfa5ff 4924 java optional 
plexus-archiver_2.2-1+deb9u1.debian.tar.xz
 496b98e813ce1698fed3ae3ed9fe0648 6188 java optional 
plexus-archiver_2.2-1+deb9u1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlsdQPZfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EHZ8QAIHNfzrr4KHOeg1RqEtRe3SiaFP5glqC
hBItfRF9CZavsfjipEj+eBHlu02prZYos+idX/sNV1v1JoP2Cm2sbv0sLtRyknjD
Iv2blbu3r/ajC2onZPdXtROkgO7xprguoB246CFEd9Zc8m7B1MpphO4UWc2yLm6g
TOx5XW8I3f5jcWqyhMfdaAxhfrN1ptRKDXO26iqvMqMtYysuRYaUtBy7smNOB2mP
BV9Ipsu2W7Kr6l0QECDTho421nYGmwzKcwgQhw4fQfLKeZfa0HtexPKM6202HdEm

Bug#864719: marked as done (slapd: fails to configure when olcSuffix contains a backslash-escaped umlaut)

2018-06-14 Thread Debian Bug Tracking System 
Your message dated Thu, 14 Jun 2018 19:17:38 +
with message-id 
and subject line Bug#864719: fixed in openldap 2.4.40+dfsg-1+deb8u4
has caused the Debian Bug report #864719,
regarding slapd: fails to configure when olcSuffix contains a backslash-escaped 
umlaut
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
864719: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864719
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: slapd
Version: 2.4.31-2+deb7u3
Severity: serious
Justification: fails to configure

With recent security updates being available in Debian oldstable
(soon to be oldoldstable, but hey!), the package fails to upgrade
because it fails to configure if the olcSuffix contains a nōn-ASCII
character (and a space, but I don’t think that is it).

I will be filtering the name of our client as follows, believing
that the problem will still appear.

olcSuffix: o=Kundenname M\c3\bcumlaut,c=de

No, I did not invent this…

With “set -x” in slapd.postinst (and reverting the default /bin/sh
to bash to be sure it’s not an mksh problem) I get:

root@prodname-dollarcustomer:~ # dpkg -a --configure
Setting up slapd (2.4.31-2+deb7u3) ...
+ . /usr/share/debconf/confmodule
++ '[' '!' '' ']'
++ PERL_DL_NONLAZY=1
++ export PERL_DL_NONLAZY
++ '[' '' ']'
++ exec /usr/share/debconf/frontend /var/lib/dpkg/info/slapd.postinst configure 
2.4.31-2+deb7u3
+ . /usr/share/debconf/confmodule
++ '[' '!' 1 ']'
++ '[' -z '' ']'
++ exec
++ '[' '' ']'
++ exec
++ DEBCONF_REDIR=1
++ export DEBCONF_REDIR
+ MODE=configure
+ OLD_VERSION=2.4.31-2+deb7u3
+ '[' -f /etc/default/slapd ']'
+ . /etc/default/slapd
++ SLAPD_CONF=
++ SLAPD_USER=openldap
++ SLAPD_GROUP=openldap
++ SLAPD_PIDFILE=
++ SLAPD_SERVICES='ldap:/// ldapi:///'
++ SLAPD_SENTINEL_FILE=/etc/ldap/noslapd
++ SLAPD_OPTIONS=
+ '[' -z '' ']'
+ '[' -f /etc/ldap/slapd.conf ']'
+ SLAPD_CONF=/etc/ldap/slapd.d
+ '[' configure = configure ']'
+ '[' openldap = openldap ']'
+ create_new_user
++ getent group openldap
+ '[' -z openldap:x:112: ']'
++ getent passwd openldap
+ '[' -z 'openldap:x:106:112:OpenLDAP Server 
Account,,,:/var/lib/ldap:/bin/false' ']'
+ is_initial_configuration configure 2.4.31-2+deb7u3
+ '[' configure = configure ']'
+ '[' -z 2.4.31-2+deb7u3 ']'
+ '[' configure = reconfigure ']'
+ '[' '' ']'
+ '[' configure = configure ']'
+ '[' '!' -e /etc/ldap/slapd.d ']'
+ return 1
+ postinst_upgrade_configuration
++ database_dumping_destdir
++ local dir
++ db_get slapd/dump_database_destdir
++ _db_cmd 'GET slapd/dump_database_destdir'
++ _db_internal_IFS='
'
++ IFS=' '
++ printf '%s\n' 'GET slapd/dump_database_destdir'
++ IFS='
'
++ IFS='
'
++ read -r _db_internal_line
++ RET=/var/backups/slapd-VERSION
++ case ${_db_internal_line%%[  ]*} in
++ return 0
+++ sed -e s/VERSION/2.4.31-2+deb7u3/
+++ echo /var/backups/slapd-VERSION
++ dir=/var/backups/slapd-2.4.31-2+deb7u3
++ mkdir -p -m 700 /var/backups/slapd-2.4.31-2+deb7u3
++ echo /var/backups/slapd-2.4.31-2+deb7u3
+ echo -n '  Backing up /etc/ldap/slapd.d in 
/var/backups/slapd-2.4.31-2+deb7u3... '
  Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.4.31-2+deb7u3... + 
backup_config_once
+ local backupdir
+ '[' -z '' ']'
++ database_dumping_destdir
++ local dir
++ db_get slapd/dump_database_destdir
++ _db_cmd 'GET slapd/dump_database_destdir'
++ _db_internal_IFS='
'
++ IFS=' '
++ printf '%s\n' 'GET slapd/dump_database_destdir'
++ IFS='
'
++ IFS='
'
++ read -r _db_internal_line
++ RET=/var/backups/slapd-VERSION
++ case ${_db_internal_line%%[  ]*} in
++ return 0
+++ sed -e s/VERSION/2.4.31-2+deb7u3/
+++ echo /var/backups/slapd-VERSION
++ dir=/var/backups/slapd-2.4.31-2+deb7u3
++ mkdir -p -m 700 /var/backups/slapd-2.4.31-2+deb7u3
++ echo /var/backups/slapd-2.4.31-2+deb7u3
+ backupdir=/var/backups/slapd-2.4.31-2+deb7u3
+ '[' -e /etc/ldap/slapd.d ']'
+ cp -a /etc/ldap/slapd.d /var/backups/slapd-2.4.31-2+deb7u3
+ FLAG_CONFIG_BACKED_UP=yes
+ echo done.
done.
+ database_format_changed
+ dpkg --compare-versions 2.4.31-2+deb7u3 lt-nl 2.4.25-2
+ return 1
+ migrate_to_slapd_d_style
+ previous_version_older 2.4.23-3
+ dpkg --compare-versions 2.4.31-2+deb7u3 lt-nl 2.4.23-3
+ return 1
+ previous_version_older 2.4.23-5
+ dpkg --compare-versions 2.4.31-2+deb7u3 lt-nl 2.4.23-5
+ return 1
+ configure_v2_protocol_support
+ local new_conf
+ db_get slapd/allow_ldap_v2
+ _db_cmd 'GET slapd/allow_ldap_v2'
+ _db_internal_IFS='
'
+ IFS=' '
+ printf '%s\n' 'GET slapd/allow_ldap_v2'
+ IFS='
'
+ IFS='
'
+ read -r _db_internal_line
+ RET=false
+ case ${_db_internal_line%%[   ]*} in
+ return 0
+ '[' false '!=' true ']'
+ return

Bug#864719: marked as done (slapd: fails to configure when olcSuffix contains a backslash-escaped umlaut)

2018-06-14 Thread Debian Bug Tracking System 
Your message dated Thu, 14 Jun 2018 19:17:09 +
with message-id 
and subject line Bug#864719: fixed in openldap 2.4.44+dfsg-5+deb9u2
has caused the Debian Bug report #864719,
regarding slapd: fails to configure when olcSuffix contains a backslash-escaped 
umlaut
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
864719: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864719
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: slapd
Version: 2.4.31-2+deb7u3
Severity: serious
Justification: fails to configure

With recent security updates being available in Debian oldstable
(soon to be oldoldstable, but hey!), the package fails to upgrade
because it fails to configure if the olcSuffix contains a nōn-ASCII
character (and a space, but I don’t think that is it).

I will be filtering the name of our client as follows, believing
that the problem will still appear.

olcSuffix: o=Kundenname M\c3\bcumlaut,c=de

No, I did not invent this…

With “set -x” in slapd.postinst (and reverting the default /bin/sh
to bash to be sure it’s not an mksh problem) I get:

root@prodname-dollarcustomer:~ # dpkg -a --configure
Setting up slapd (2.4.31-2+deb7u3) ...
+ . /usr/share/debconf/confmodule
++ '[' '!' '' ']'
++ PERL_DL_NONLAZY=1
++ export PERL_DL_NONLAZY
++ '[' '' ']'
++ exec /usr/share/debconf/frontend /var/lib/dpkg/info/slapd.postinst configure 
2.4.31-2+deb7u3
+ . /usr/share/debconf/confmodule
++ '[' '!' 1 ']'
++ '[' -z '' ']'
++ exec
++ '[' '' ']'
++ exec
++ DEBCONF_REDIR=1
++ export DEBCONF_REDIR
+ MODE=configure
+ OLD_VERSION=2.4.31-2+deb7u3
+ '[' -f /etc/default/slapd ']'
+ . /etc/default/slapd
++ SLAPD_CONF=
++ SLAPD_USER=openldap
++ SLAPD_GROUP=openldap
++ SLAPD_PIDFILE=
++ SLAPD_SERVICES='ldap:/// ldapi:///'
++ SLAPD_SENTINEL_FILE=/etc/ldap/noslapd
++ SLAPD_OPTIONS=
+ '[' -z '' ']'
+ '[' -f /etc/ldap/slapd.conf ']'
+ SLAPD_CONF=/etc/ldap/slapd.d
+ '[' configure = configure ']'
+ '[' openldap = openldap ']'
+ create_new_user
++ getent group openldap
+ '[' -z openldap:x:112: ']'
++ getent passwd openldap
+ '[' -z 'openldap:x:106:112:OpenLDAP Server 
Account,,,:/var/lib/ldap:/bin/false' ']'
+ is_initial_configuration configure 2.4.31-2+deb7u3
+ '[' configure = configure ']'
+ '[' -z 2.4.31-2+deb7u3 ']'
+ '[' configure = reconfigure ']'
+ '[' '' ']'
+ '[' configure = configure ']'
+ '[' '!' -e /etc/ldap/slapd.d ']'
+ return 1
+ postinst_upgrade_configuration
++ database_dumping_destdir
++ local dir
++ db_get slapd/dump_database_destdir
++ _db_cmd 'GET slapd/dump_database_destdir'
++ _db_internal_IFS='
'
++ IFS=' '
++ printf '%s\n' 'GET slapd/dump_database_destdir'
++ IFS='
'
++ IFS='
'
++ read -r _db_internal_line
++ RET=/var/backups/slapd-VERSION
++ case ${_db_internal_line%%[  ]*} in
++ return 0
+++ sed -e s/VERSION/2.4.31-2+deb7u3/
+++ echo /var/backups/slapd-VERSION
++ dir=/var/backups/slapd-2.4.31-2+deb7u3
++ mkdir -p -m 700 /var/backups/slapd-2.4.31-2+deb7u3
++ echo /var/backups/slapd-2.4.31-2+deb7u3
+ echo -n '  Backing up /etc/ldap/slapd.d in 
/var/backups/slapd-2.4.31-2+deb7u3... '
  Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.4.31-2+deb7u3... + 
backup_config_once
+ local backupdir
+ '[' -z '' ']'
++ database_dumping_destdir
++ local dir
++ db_get slapd/dump_database_destdir
++ _db_cmd 'GET slapd/dump_database_destdir'
++ _db_internal_IFS='
'
++ IFS=' '
++ printf '%s\n' 'GET slapd/dump_database_destdir'
++ IFS='
'
++ IFS='
'
++ read -r _db_internal_line
++ RET=/var/backups/slapd-VERSION
++ case ${_db_internal_line%%[  ]*} in
++ return 0
+++ sed -e s/VERSION/2.4.31-2+deb7u3/
+++ echo /var/backups/slapd-VERSION
++ dir=/var/backups/slapd-2.4.31-2+deb7u3
++ mkdir -p -m 700 /var/backups/slapd-2.4.31-2+deb7u3
++ echo /var/backups/slapd-2.4.31-2+deb7u3
+ backupdir=/var/backups/slapd-2.4.31-2+deb7u3
+ '[' -e /etc/ldap/slapd.d ']'
+ cp -a /etc/ldap/slapd.d /var/backups/slapd-2.4.31-2+deb7u3
+ FLAG_CONFIG_BACKED_UP=yes
+ echo done.
done.
+ database_format_changed
+ dpkg --compare-versions 2.4.31-2+deb7u3 lt-nl 2.4.25-2
+ return 1
+ migrate_to_slapd_d_style
+ previous_version_older 2.4.23-3
+ dpkg --compare-versions 2.4.31-2+deb7u3 lt-nl 2.4.23-3
+ return 1
+ previous_version_older 2.4.23-5
+ dpkg --compare-versions 2.4.31-2+deb7u3 lt-nl 2.4.23-5
+ return 1
+ configure_v2_protocol_support
+ local new_conf
+ db_get slapd/allow_ldap_v2
+ _db_cmd 'GET slapd/allow_ldap_v2'
+ _db_internal_IFS='
'
+ IFS=' '
+ printf '%s\n' 'GET slapd/allow_ldap_v2'
+ IFS='
'
+ IFS='
'
+ read -r _db_internal_line
+ RET=false
+ case ${_db_internal_line%%[   ]*} in
+ return 0
+ '[' false '!=' true ']'
+ return

Bug#901562: invesalius: Segmentation fault at startup

2018-06-14 Thread Torquil Macdonald Sørensen 
Package: invesalius
Version: 3.1.1-3
Severity: grave
Justification: renders package unusable

When trying to run invesalius, I get this segmentation fault:

torquil@lenovo-p51:~$ invesalius3
/usr/share/invesalius/invesalius/data/transformations.py:1899: UserWarning: 
failed to import module _transformations
  warnings.warn("failed to import module %s" % name)
  session mode:  0
  Segmentation fault
torquil@lenovo-p51:~$

Best regards,
Torquil Sørensen

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.16.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages invesalius depends on:
ii  invesalius-bin 3.1.1-3
ii  python 2.7.15-3
ii  python-concurrent.futures  3.2.0-1
ii  python-configparser3.5.0-1
ii  python-gdcm2.8.6-2
ii  python-nibabel 2.3.0-1
ii  python-numpy   1:1.14.5-1
ii  python-pil 5.1.0-1
ii  python-psutil  5.4.6-1
ii  python-scipy   0.19.1-2
ii  python-serial  3.4-3
ii  python-skimage 0.13.1-3
ii  python-vtk66.3.0+dfsg2-2+b2
ii  python-vtkgdcm 2.8.6-2
ii  python-wxgtk3.03.0.2.0+dfsg-8
ii  python2.7  2.7.15-1

invesalius recommends no packages.

invesalius suggests no packages.

-- no debconf information

Bug#897555: subversion: FTBFS: /bin/bash: /usr/lib/jvm/default-java/bin/javah: No such file or directory

2018-06-14 Thread Niko Tyni 
On Wed, May 16, 2018 at 08:33:58AM -0400, James McCoy wrote:
> On Fri, May 11, 2018 at 04:27:39PM +0200, Emmanuel Bourg wrote:
> > Control: tags -1 + patch
> > 
> > Le 06/05/2018 à 02:13, James McCoy a écrit :
> > 
> > > It looks like that will do the right thing.  Now I just need to figure
> > > out the larger issue of adapting upstream's build system.
> > 
> > I've managed to patch the EZT Make template to use 'javac -h' instead of
> > javah. A few classes with no native methods but static fields used in
> > native code also required the addition of the @Native annotation.
> 
> Thanks!  I'll get the annotations upstreamed soon, since those seem like
> obvious fixes.  I'm pretty close to having a more general fix for the
> Java templates, but if subversion starts getting in the way of other
> packages it's good to have your patch to fall back on.

Hi, any news on this? It's blocking parts of our Perl 5.28 rebuild
testing, and will obviously block the transition as well when we get
that far.

Thanks for your work,
-- 
Niko Tyni   nt...@debian.org

Bug#887687: libsmokeqt4-dev: broken symlinks and causes qt4-perl FTBFS

2018-06-14 Thread Niko Tyni 
On Fri, Jan 19, 2018 at 06:23:25AM +0200, Adrian Bunk wrote:
> Package: libsmokeqt4-dev
> Version: 4:4.14.3-1.2
> Severity: serious
> Control: affects -1 src:qt4-perl
> 
> qt4-perl FTBFS:
> 
> https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/qt4-perl.html

> /usr/lib/libsmokeqt3support.so and several other .so
> links are broken.

Just a note that this is going to be a blocker for Perl 5.28 transition,
which is expected to happen in the next few months.

debconf Build-Depends: libqtgui4-perl which is going to need a binNMU for
Perl 5.28 but FTBFS because of this bug.

Dear Qt/KDE maintainers: do you think qt4-perl should still be kept alive,
or should the support in debconf be finally removed (see #629405) ?
I see there's a prospective alternative KDE debconf frontend (#631769)
but that seems stalled unfortunately.

Copying the debconf maintainers as well.
-- 
Niko Tyni   nt...@debian.org

Processed: retitle 901495 to redis: multiple security issues in Lua scripting (CVE-2018-11218 CVE-2018-11219)

2018-06-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> retitle 901495 redis: multiple security issues in Lua scripting 
> (CVE-2018-11218 CVE-2018-11219)
Bug #901495 {Done: Chris Lamb } [redis] redis: multiple 
security issues in Lua scripting
Changed Bug title to 'redis: multiple security issues in Lua scripting 
(CVE-2018-11218 CVE-2018-11219)' from 'redis: multiple security issues in Lua 
scripting'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
901495: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901495
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#901556: enigmail contains unbuildable artifacts

2018-06-14 Thread Daniel Kahn Gillmor 
Package: enigmail
Version: 2:2.0-1
Severity: serious
Tags: upstream
Justification: Policy 2.1.3 (DFSG §3)

Enigmail starting in version 2.0 contains a pre-built copy of
OpenPGP.js, without source code that can build that artifact.

The best way to handle this would be to put OpenPGP.js into debian
(see https://bugs.debian.org/787774), but i've tried to do this and
the node dependency tree is too much for me to handle.

the next-best way to handle this would be to put just the sources of
OpenPGP.js into enigmail and have the enigmail build itself generate
the necessary OpenPGP.js built artifacts.  I've tried to do this with
debian/missing-sources/ but even from there i'm unable to generate the
compiled artifacts that enigmail wants to use.  I've asked upstream
about this, and it doesn't sound feasible for them to do it upstream
either: I don't believe that upstream has ever built OpenPGP.js from
source.

The third option (which i'm pursuing now) is to strip out OpenPGP.js
from enigmail and ensure that it works with only GnuPG (it's mostly
GnuPG in the first place).

Until that's done, i don't believe enigmail is DFSG-free, because it
does not include the source code for all of its parts.

in frustration,

--dkg

-- System Information:
Debian Release: buster/sid
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing'), (500, 'oldstable'), 
(200, 'unstable-debug'), (200, 'unstable'), (1, 'experimental-debug'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.16.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages enigmail depends on:
ii  gnupg2.2.8-2
ii  gnupg-agent  2.2.8-2
ii  gnupg2   2.2.8-2
ii  gpg-agent [gnupg-agent]  2.2.8-2
ii  icedove  1:52.4.0-1
ii  thunderbird  1:52.8.0-1

Versions of packages enigmail recommends:
ii  pinentry-gnome3 [pinentry-x11]  1.1.0-1+b1
ii  pinentry-gtk2 [pinentry-x11]1.1.0-1+b1
ii  pinentry-qt [pinentry-x11]  1.1.0-1+b1

enigmail suggests no packages.

-- no debconf information

Bug#898630: marked as done (enigmail: efail attack against enigmail)

2018-06-14 Thread Debian Bug Tracking System 
Your message dated Thu, 14 Jun 2018 17:20:38 +
with message-id 
and subject line Bug#898630: fixed in enigmail 2:2.0.7-2
has caused the Debian Bug report #898630,
regarding enigmail: efail attack against enigmail
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
898630: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898630
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: enigmail
Severity: grave
Tags: security
Justification: user security hole

Hi Daniel,

in case you haven't already heard about it by now, a vulnerability has
been published against S/MIME and PGP/MIME in various email clients,
including thunderbird (and enigmail).

I'm unsure if CVE-2017-17688 (OpenPGP CFB gadget attacks) applies
to Thunderbird/enigmail or only GnuPG, but the PGP/MIME vulnerability
does apply to enigmail.

Some fixes apparently went in to enigmail 2.0.0 but I'm unsure which of
them yet, so any pointers appreciated (for example by closing with the
correct version number :).

I think we'll likely want to release a DSA too.

Regards,
-- 
Yves-Alexis

-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (450, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.16.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8), 
LANGUAGE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages enigmail depends on:
ii  gnupg2.2.5-1
ii  gpg-agent [gnupg-agent]  2.2.5-1
pn  thunderbird | icedove

Versions of packages enigmail recommends:
ii  pinentry-gnome3 [pinentry-x11]  1.1.0-1+b1
ii  pinentry-gtk2 [pinentry-x11]1.1.0-1+b1

enigmail suggests no packages.
--- End Message ---
--- Begin Message ---
Source: enigmail
Source-Version: 2:2.0.7-2

We believe that the bug you reported is fixed in the latest version of
enigmail, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 898...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Daniel Kahn Gillmor  (supplier of updated enigmail 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 14 Jun 2018 13:06:56 -0400
Source: enigmail
Binary: enigmail
Architecture: source
Version: 2:2.0.7-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Mozilla Extension Maintainers 

Changed-By: Daniel Kahn Gillmor 
Description:
 enigmail   - GPG support for Thunderbird and Debian Icedove
Closes: 97 898630
Changes:
 enigmail (2:2.0.7-2) unstable; urgency=medium
 .
   * acknowledge accidental move to unstable (oops)
 (closes: #97, #898630)
   * skip unit tests for now, since they cause build failures
Checksums-Sha1:
 1304828cd34ec02a93b88f867291cc313b404d52 1774 enigmail_2.0.7-2.dsc
 0bf61b7fc0f9256f7a9c5c5bec847d4879613887 140120 enigmail_2.0.7-2.debian.tar.xz
 c66979da7b8af7cfbebaa680062700192aaa7782 11387 enigmail_2.0.7-2_amd64.buildinfo
Checksums-Sha256:
 d580f7d6440b6537d84233aa779b8918e6885bccd04d666d29c45ea048a77232 1774 
enigmail_2.0.7-2.dsc
 66fa3adfd8eee0931bd447ef9cdccaa1605449929c4de8266d22bcebf0c4f3ee 140120 
enigmail_2.0.7-2.debian.tar.xz
 42a0de22b357a25037ec070fee352f04cdc3d428534589b8cc898be742af33fd 11387 
enigmail_2.0.7-2_amd64.buildinfo
Files:
 de95a2990b964580cc38a35b91bc0d23 1774 mail optional enigmail_2.0.7-2.dsc
 b515479c2b761c1fe827642959a43cdc 140120 mail optional 
enigmail_2.0.7-2.debian.tar.xz
 e7fbdbd805a5c4bef551f66a0c30c375 11387 mail optional 
enigmail_2.0.7-2_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iHUEARYKAB0WIQTTaP514aqS9uSbmdJsHx7ezFD6UwUCWyKhugAKCRBsHx7ezFD6
UxPiAP94Ke9WRB9ns45h8k/yxMeDFiqgpuBgXC5kPtBLAVUp+QD/QiN6ZosaJ0/X
mFjiFHtyXtcjmN8mRGLUVxe7Dwpv5wM=
=qG5D
-END PGP SIGNATURE End Message ---

Processed: [bts-link] source package src:ruby-rspec-puppet

2018-06-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> #
> # bts-link upstream status pull for source package src:ruby-rspec-puppet
> # see http://lists.debian.org/debian-devel-announce/2006/05/msg1.html
> # https://bts-link-team.pages.debian.net/bts-link/
> #
> user debian-bts-l...@lists.debian.org
Setting user to debian-bts-l...@lists.debian.org (was 
debian-bts-l...@lists.debian.org).
> # remote status report for #892558 (http://bugs.debian.org/892558)
> # Bug title: ruby-rspec-puppet FTBFS with Ruby 2.5
> #  * https://github.com/rodjek/rspec-puppet/issues/670
> #  * remote status changed: open -> closed
> #  * closed upstream
> tags 892558 + fixed-upstream
Bug #892558 [src:ruby-rspec-puppet] ruby-rspec-puppet FTBFS with Ruby 2.5
Added tag(s) fixed-upstream.
> usertags 892558 - status-open
Usertags were: status-open.
Usertags are now: .
> usertags 892558 + status-closed
There were no usertags set.
Usertags are now: status-closed.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
892558: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892558
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#901549: marked as done (matrix-synapse: unauthorised users can hijack rooms when there is no m.room.power_levels event in force)

2018-06-14 Thread Debian Bug Tracking System 
Your message dated Thu, 14 Jun 2018 17:05:55 +
with message-id 
and subject line Bug#901549: fixed in matrix-synapse 0.31.2+dfsg-1
has caused the Debian Bug report #901549,
regarding matrix-synapse: unauthorised users can hijack rooms when there is no 
m.room.power_levels event in force
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
901549: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901549
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: matrix-synapse
Version: 0.31.1+dfsg-1
Severity: grave
Tags: patch security upstream
Forwarded: https://github.com/matrix-org/synapse/pull/3397

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

- From https://matrix.org/blog/2018/06/14/security-update-synapse-0-31-2/:

> …we are releasing a security update of Synapse (0.31.2) today which
> changes the rules used to authenticate power_level events, such that
> we fail-safe rather than fail-deadly if the existing auth mechanisms
> fail. In practice this means changing the default power level required
> to set state to be 50 rather than 0 if there is no power_levels event
> present, thus meaning that only the room creator can set the initial
> power_levels event.

See also https://github.com/matrix-org/matrix-doc/issues/1304
(Proposal to simplify the auth rules of m.room.power_level events.)

-BEGIN PGP SIGNATURE-

iQFIBAEBCAAyFiEEeuS9ZL8A0js0NGiOXkCM2RzYOdIFAlsinAYUHGFuZHJld3No
QGRlYmlhbi5vcmcACgkQXkCM2RzYOdKFbQf8CmUFQ7Cnf1gq15BzZ7DW5wdHFSF2
mtCHGSGQQksyjuSw+Lz3Unqil3YRI9Z8hvPM/oCadFH19JxSBPRhW2a90WjZ67V4
8Vcn2l1VC4mLd98Ms38v1j7TiU2Qa3gfadk6+YIXq51D5OC8LXRKozoVHH0XJ0yG
3iV8LodPqL2D5wcDuQry8uZ4tEH3lhQbzqIjZKKeJp2WhFZBCuAU98DYjL7plqph
36Ce41+0z4zJXYi8DQ55MPOskOqYCOHFUZxTBw8umhwfK32xD9ao+Qfv27Poh0YT
M6EgZjkKqBBBVZc8NzvuEmHSHMcjI1FdlpZFHhy0DhYmkpPwJ3RHyW+k7g==
=5wg3
-END PGP SIGNATURE-
--- End Message ---
--- Begin Message ---
Source: matrix-synapse
Source-Version: 0.31.2+dfsg-1

We believe that the bug you reported is fixed in the latest version of
matrix-synapse, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 901...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andrej Shadura  (supplier of updated matrix-synapse 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Thu, 14 Jun 2018 18:53:36 +0200
Source: matrix-synapse
Binary: matrix-synapse
Architecture: source
Version: 0.31.2+dfsg-1
Distribution: unstable
Urgency: high
Maintainer: Matrix Packaging Team 

Changed-By: Andrej Shadura 
Description:
 matrix-synapse - Matrix reference homeserver
Closes: 901549
Changes:
 matrix-synapse (0.31.2+dfsg-1) unstable; urgency=high
 .
   * New upstream release:
 - SECURITY UPDATE:
   Prevent unauthorised users from setting state events in a room
   when there is no m.room.power_levels event in force in the room.
   (Closes: #901549)
Checksums-Sha1:
 923eb7cfdcc40d9cee28625002e3b23c2fea694f 2446 matrix-synapse_0.31.2+dfsg-1.dsc
 8ccbcaa85a7f9984912e04bfe60029db17bb071e 931855 
matrix-synapse_0.31.2+dfsg.orig.tar.gz
 1f2b6e11ead3332816f636ed04f5a8f4cd7a6bcf 85900 
matrix-synapse_0.31.2+dfsg-1.debian.tar.xz
Checksums-Sha256:
 358543705f1467764e7e90ecf0b5695118ab5e440d8415b76dbc5441381c56f1 2446 
matrix-synapse_0.31.2+dfsg-1.dsc
 a24a81d397d275718e5eef526f4cf194262730c14c77b4e7af8943e7fa608b47 931855 
matrix-synapse_0.31.2+dfsg.orig.tar.gz
 d2dead7ca85f0df37b5b55226d26cc69ce2f76cadcd328be3b1db9699adb33f3 85900 
matrix-synapse_0.31.2+dfsg-1.debian.tar.xz
Files:
 14d130a5883fad665961668d2129bb4b 2446 net optional 
matrix-synapse_0.31.2+dfsg-1.dsc
 6e179c338d050fcf897213172b4cad0b 931855 net optional 
matrix-synapse_0.31.2+dfsg.orig.tar.gz
 21381ce4bb0c27dfb8dfcd90d24d6145 85900 net optional 
matrix-synapse_0.31.2+dfsg-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEEeuS9ZL8A0js0NGiOXkCM2RzYOdIFAlsincwACgkQXkCM2RzY
OdIhQwf+LCdWB/2VZc5FIPC1KbKgws+f/jpNlGk0NuakLsYxNVA50fFBn9eXK2Wo
h/4P77E5r2wJvCIG4390rNeZxzi80qmcf7fN6IV1ofw6GH8P7yt8zi272kSNchhm
m7mgmqMOEDKkbwYBUQIPlDg/ArE+ZyZvF+XgbYEZ3Ps5Ll2pzlOrpiCZNKfWzOJB
5ft2e2nryq/1FI9GgdPT8hGuTaIiX/iU+tIBwrtDRteaV9bYbbplTWwC2D8e1ubJ

Bug#901549: matrix-synapse: unauthorised users can hijack rooms when there is no m.room.power_levels event in force

2018-06-14 Thread Andrej Shadura 
Source: matrix-synapse
Version: 0.31.1+dfsg-1
Severity: grave
Tags: patch security upstream
Forwarded: https://github.com/matrix-org/synapse/pull/3397

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

- From https://matrix.org/blog/2018/06/14/security-update-synapse-0-31-2/:

> …we are releasing a security update of Synapse (0.31.2) today which
> changes the rules used to authenticate power_level events, such that
> we fail-safe rather than fail-deadly if the existing auth mechanisms
> fail. In practice this means changing the default power level required
> to set state to be 50 rather than 0 if there is no power_levels event
> present, thus meaning that only the room creator can set the initial
> power_levels event.

See also https://github.com/matrix-org/matrix-doc/issues/1304
(Proposal to simplify the auth rules of m.room.power_level events.)

-BEGIN PGP SIGNATURE-

iQFIBAEBCAAyFiEEeuS9ZL8A0js0NGiOXkCM2RzYOdIFAlsinAYUHGFuZHJld3No
QGRlYmlhbi5vcmcACgkQXkCM2RzYOdKFbQf8CmUFQ7Cnf1gq15BzZ7DW5wdHFSF2
mtCHGSGQQksyjuSw+Lz3Unqil3YRI9Z8hvPM/oCadFH19JxSBPRhW2a90WjZ67V4
8Vcn2l1VC4mLd98Ms38v1j7TiU2Qa3gfadk6+YIXq51D5OC8LXRKozoVHH0XJ0yG
3iV8LodPqL2D5wcDuQry8uZ4tEH3lhQbzqIjZKKeJp2WhFZBCuAU98DYjL7plqph
36Ce41+0z4zJXYi8DQ55MPOskOqYCOHFUZxTBw8umhwfK32xD9ao+Qfv27Poh0YT
M6EgZjkKqBBBVZc8NzvuEmHSHMcjI1FdlpZFHhy0DhYmkpPwJ3RHyW+k7g==
=5wg3
-END PGP SIGNATURE-

Bug#901547: seabios: Source tarball ships compiled binaries

2018-06-14 Thread Vivia Nikolaidou 
Package: seabios
Version: 1.11.1-1
Severity: serious
Justification: Policy 2.1.2

Dear Maintainer,

I just noticed that the source tarball of seabios includes some compiled
binaries:

$ ls src/fw/*.hex
src/fw/acpi-dsdt.hex  src/fw/ssdt-misc.hex  src/fw/ssdt-pcihp.hex  src/fw/ssdt-
proc.hex

In debian/rules, these files are moved away and rebuilt:

# move out shipped .hex files and rebuild them
mkdir -p build/src/fw
for f in ${FW_FILES}; do [ -f $$f.sav -o ! -f $$f ] || mv $$f $$f.sav;
done
rm -f ${FW_FILES}
make OUT=build/ ${FW_FILES}
touch $@

They should not be shipped at all, they should just be built when packaging.



-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.16.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=el_GR.UTF-8 (charmap=UTF-8), LANGUAGE= 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

-- no debconf information

Bug#900936: some info on this bug

2018-06-14 Thread Valentin Blot 
I filled a bug upstream because the source of the problem is that the
agent is started while geoclue is not running.

see https://gitlab.freedesktop.org/geoclue/geoclue/issues/68

Bug#901526: python-django: FTBFS: FAIL: test_invalid (migrations.test_loader.PycLoaderTests)

2018-06-14 Thread Chris Lamb 
Chris Lamb wrote:

> We are likely deleting or otherwise refreshing the .pyc file. :)

Curiously, I can reproduce in stretch, buster and sid in upstream's
git repo...


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#901542: sreview: FTBFS: unable to load addon sysuser

2018-06-14 Thread Niko Tyni 
Source: sreview
Version: 0.3.1-1
Severity: serious

This package fails to build in a clean sid/amd64 chroot.

>From the build log:

  dpkg-buildpackage: info: host architecture amd64
   fakeroot debian/rules clean
  dh clean --with apache2,sysuser
  dh: unable to load addon sysuser: Can't locate 
Debian/Debhelper/Sequence/sysuser.pm in @INC (you may need to install the 
Debian::Debhelper::Sequence::sysuser module) (@INC contains: /etc/perl 
/usr/local/lib/x86_64-linux-gnu/perl/5.26.2 /usr/local/share/perl/5.26.2 
/usr/lib/x86_64-linux-gnu/perl5/5.26 /usr/share/perl5 
/usr/lib/x86_64-linux-gnu/perl/5.26 /usr/share/perl/5.26 
/usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base) at (eval 11) line 
1.
  BEGIN failed--compilation aborted at (eval 11) line 1.
  
  make: *** [debian/rules:4: clean] Error 2
  dpkg-buildpackage: error: fakeroot debian/rules clean subprocess returned 
exit status 2
 
-- 
Niko Tyni   nt...@debian.org

Bug#901540: vnlog: FTBFS: test failures

2018-06-14 Thread Niko Tyni 
Source: vnlog
Version: 1.9-1
Severity: serious

This package failed to build on many architectures where previous versions
have built.

  https://buildd.debian.org/status/package.php?p=vnlog

From the i386 build log:

Test failed. Expected success, but got failure.
Ran 'perl /<>/test/../vnl-sort -k a data1 data2'.
STDERR: 'All input legends must match! Instead files 'data1' and 'data2' have 
keys 'a b e' and 'a b' respectively at /<>/lib/Vnlog/Util.pm line 
234.
Vnlog::Util::ensure_all_legends_equivalent(ARRAY(0x58855cfc)) called at 
/<>/test/../vnl-sort line 131
' at /<>/test/TestHelpers.pm line 95.
TestHelpers::check("# a b\x{a}1 1.69\x{a}20 0.09\x{a}3 0.49\x{a}4 
2.89\x{a}5 -10\x{a}5 7.29\x{a}6 -8\x{a}7 -6\x{a}8 -"..., "-k", "a", "\$data1", 
"\$data2") called at test/test_vnl-sort.pl line 82
[...]
11 tests failed!
Makefile:79: recipe for target 'test/test_vnl-sort.pl.RUN' failed
make[1]: *** [test/test_vnl-sort.pl.RUN] Error 1
make[1]: *** Waiting for unfinished jobs
All tests passed!
All tests passed!
make[1]: Leaving directory '/<>'
dh_auto_test: make -j4 test returned exit code 2
debian/rules:6: recipe for target 'build-arch' failed
make: *** [build-arch] Error 2
dpkg-buildpackage: error: debian/rules build-arch subprocess returned exit 
status 2

-- 
Niko Tyni   nt...@debian.org

Bug#901539: gnushogi swallows errors from make (policy 4.6)

2018-06-14 Thread Helmut Grohne 
Source: gnushogi
Version: 1.4.2-3
Severity: serious
Justification: policy 4.6
Tags: upstream

If you run

grep '^\s*-' Makefile.in

you'll find a number of crucial make rules that ignore errors. In
particular the main build and install targets are among them. Thus
gnushogi continues building in the presence of errors and risks
misbuilds. Such behaviour is prohibited by policy section 4.6.

Helmut

Bug#894172: marked as done (python-virtualenv-clone: Conflicts with virtualenv-clone)

2018-06-14 Thread Debian Bug Tracking System 
Your message dated Thu, 14 Jun 2018 14:59:16 +
with message-id 
and subject line Bug#894172: fixed in virtualenv-clone 0.3.0-1.2
has caused the Debian Bug report #894172,
regarding python-virtualenv-clone: Conflicts with virtualenv-clone
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
894172: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894172
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: python-virtualenv-clone
Version: 0.3.0-1.1
Severity: normal

Dear Maintainer,

While dist-upgrading, virtualenv-clone pulled in python-virtualenv-clone
and the following happened:

Preparing to unpack .../39-python-virtualenv-clone_0.3.0-1.1_all.deb ...
Unpacking python-virtualenv-clone (0.3.0-1.1) ...
dpkg: error processing archive
/tmp/apt-dpkg-install-YAqdAR/39-python-virtualenv-clone_0.3.0-1.1_all.deb
(--unpack):
 trying to overwrite '/usr/bin/virtualenv-clone', which is also in package
virtualenv-clone 0.2.5-1

Purging virtualenv-clone (and virtualenvwrapper which depends on it)
allowed me to continue.

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.15.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_IN.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8),
LANGUAGE=en_IN:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages python-virtualenv-clone depends on:
ii  python  2.7.14-4

python-virtualenv-clone recommends no packages.

python-virtualenv-clone suggests no packages.

-- no debconf information

-- 
Alok
--- End Message ---
--- Begin Message ---
Source: virtualenv-clone
Source-Version: 0.3.0-1.2

We believe that the bug you reported is fixed in the latest version of
virtualenv-clone, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 894...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Laurent Bigonville  (supplier of updated virtualenv-clone 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Thu, 14 Jun 2018 11:14:40 +0200
Source: virtualenv-clone
Binary: virtualenv-clone python-virtualenv-clone python3-virtualenv-clone
Architecture: source all
Version: 0.3.0-1.2
Distribution: unstable
Urgency: medium
Maintainer: Jan Dittberner 
Changed-By: Laurent Bigonville 
Description:
 python-virtualenv-clone - script for cloning a non-relocatable virtualenv 
(Python2)
 python3-virtualenv-clone - script for cloning a non-relocatable virtualenv 
(Python3)
 virtualenv-clone - script for cloning a non-relocatable virtualenv 
(transitional pac
Closes: 894172
Changes:
 virtualenv-clone (0.3.0-1.2) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * debian/control: Update the Vcs-* fields to point to salsa
   * debian/control: Add Breaks/Replaces against virtualenv-clone (<< 0.3.0) as
 the virtualenv-clone executable as been moved around (Closes: #894172)
   * Move virtualenv-clone manpage to the new packages as well
   * debian/control: Move Homepage to pypy.org
   * debian/control: Avoid duplicate short description
Checksums-Sha1:
 e56c3dfa281121de55efe87cc1da740a02e2ce7c 1912 virtualenv-clone_0.3.0-1.2.dsc
 3a09e29fde869520d6026f4f44953040ac1183ce 2980 
virtualenv-clone_0.3.0-1.2.debian.tar.xz
 0bd2efc065c270b1f26f6617731c423e7a8392de 7760 
python-virtualenv-clone_0.3.0-1.2_all.deb
 39b8b39a7c79f28d045ed257cdfa71a382aa0f2a 7828 
python3-virtualenv-clone_0.3.0-1.2_all.deb
 2b14978e77a08caf8a33eea69ca7ae034ffc05d3 3764 
virtualenv-clone_0.3.0-1.2_all.deb
 eaa41f159552622d0166f38f61d02193fcced269 7462 
virtualenv-clone_0.3.0-1.2_amd64.buildinfo
Checksums-Sha256:
 0b8fcb3e6fa1a06e10abba4e4a450570c5f273e437eb155e214c931858a50933 1912 
virtualenv-clone_0.3.0-1.2.dsc
 4fb56d4a666301288797645e124af9704013dff561cbbd1fa0a43f059e1340f0 2980 
virtualenv-clone_0.3.0-1.2.debian.tar.xz
 e950e6dee5fa3d2510868b6390bc88e6fc1be29067437ff1710c559f908b8b03 7760 
python-virtualenv-clone_0.3.0-1.2_all.deb
 22249686cb0742217d7485c9a9780e72afe0154644b2dea51ff5d7881724b61c 7828 
python3-virtualenv-clone_0.3.0-1.2_all.deb

Bug#900297: marked as done (ruby-ethon: switch dependency to libcurl4)

2018-06-14 Thread Debian Bug Tracking System 
Your message dated Thu, 14 Jun 2018 14:57:33 +
with message-id 
and subject line Bug#900297: fixed in ruby-ethon 0.9.0-2
has caused the Debian Bug report #900297,
regarding ruby-ethon: switch dependency to libcurl4
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
900297: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900297
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: ruby-ethon
Version: 0.9.0-1
Severity: serious
Tags: buster sid

Hi,

curl has bumped the SONAME to libcurl4 for the openssl 1.1 ABI.
Please update the dependency to libcurl4.

Note that Ubuntu has already done the switch and they had some
remarks wrt the ABI:

ruby-ethon (0.9.0-1ubuntu1) bionic; urgency=medium

  * Bump dependency from libcurl3 to libcurl4 for the openssl1.1 transition.
Note that this changes the ABI with respect to SSL_CTX objects;
consumers of ruby-ethon must now switch to using OpenSSL 1.1 objects
instead of OpenSSL 1.0 if they use curl_easy_setopt(SSL_CTX_FUNCTION).

 -- Steve Langasek   Thu, 01 Mar 2018 21:49:45 -0800

Cheers,
Emilio
--- End Message ---
--- Begin Message ---
Source: ruby-ethon
Source-Version: 0.9.0-2

We believe that the bug you reported is fixed in the latest version of
ruby-ethon, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 900...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sruthi Chandran  (supplier of updated ruby-ethon package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 14 Jun 2018 18:18:47 +0530
Source: ruby-ethon
Binary: ruby-ethon
Architecture: source
Version: 0.9.0-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Ruby Extras Maintainers 

Changed-By: Sruthi Chandran 
Description:
 ruby-ethon - libcurl wrapper using ffi
Closes: 900297
Changes:
 ruby-ethon (0.9.0-2) unstable; urgency=medium
 .
   * Team upload.
   * Bump dependency from libcurl3 to libcurl4 for the openssl1.1 transition.
 Note that this changes the ABI with respect to SSL_CTX objects;
 consumers of ruby-ethon must now switch to using OpenSSL 1.1 objects
 instead of OpenSSL 1.0 if they use curl_easy_setopt(SSL_CTX_FUNCTION).
 (Thanks to Steve Langasek for the note) (Closes: #900297)
Checksums-Sha1:
 bffb9038930c130e905379f967049282eb0df47b 2121 ruby-ethon_0.9.0-2.dsc
 3d91514d39648e5b8fd2f06d087f1aeb6adf3b63 2872 ruby-ethon_0.9.0-2.debian.tar.xz
 0daf32c76106f23eea7c42052c862f29f7d2a9bb 7392 
ruby-ethon_0.9.0-2_source.buildinfo
Checksums-Sha256:
 9adfc59bd256718935cf8c5f614e61931e677dee62f83e73e7f161b8050431af 2121 
ruby-ethon_0.9.0-2.dsc
 61b714a90a68fbc20a71b7f95b11aafe42abad906cb75bd8eb59ecaf99bcdbdd 2872 
ruby-ethon_0.9.0-2.debian.tar.xz
 cf08ef0db04cf646b734bfe625f99390328b5b053e8768f8e20967bc4ae5e076 7392 
ruby-ethon_0.9.0-2_source.buildinfo
Files:
 ed0ae167d528563567e82cc44c7c581e 2121 ruby optional ruby-ethon_0.9.0-2.dsc
 601004bf4bf28d2a1440593ea6ccc2c7 2872 ruby optional 
ruby-ethon_0.9.0-2.debian.tar.xz
 72d27a6ec5b25655e00f9b007a4a653e 7392 ruby optional 
ruby-ethon_0.9.0-2_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEsclPZxif+sAmSPvz1N6yL8C5bhUFAlsid3MACgkQ1N6yL8C5
bhXakQ//UlvOFDIimR/JP+NTQ6qZsVnLRZk6mBfDXmWr8xYLjSesudaz2wMO4W2A
j+nfAsT0SYt+R3l2xLj7RG6fULPtfrkfxzpFJ/6VwpT3qHtP88TAHMR8zidEYIX6
X4icceD9MbKghZUlH+AT+HDGXV4UqSp55WQktACnXuMtkCcBghZImBlEUSaSaujs
Z82TNN/LZWT63UHqz24RSTU9DP+FKgIu7zP4lja2a+sf+ycxk1FB97dAlGJV1KKO
U32Pa0xBmxKPiKOiuXCf5Mi+/+v98KB/DOSP2nBd9xD2cFTE+b7LVRyIud1373n3
prbgoY3I5F4S0XpIm3D0dvRLydYtXQwQ8WnJu1oi1DVm92IiemGyRtcNWY1vXvRx
YowB7RfsfiKMmu5AKx7jq1aNTcMj3XGrOFCb8QD+BTtLQNIYczwZ2Oc1oImnx2lf
tA8cykAiorDQgKBT70YCla7LU7PuMXbbPnj+MXWm8nVnhELPBPccMKPOotqgYaab
YnviOMyVEH3pldjS3J3UrWO8y7+UPeqsbPRWGz+iOLKls0MXS0nHE0rYv7NwrWQX
9n12YepdiUoKgn+2QZfER20B/7ZDEYiWly90UEcC5AEpaa7I2aat5Bv2U5ingieJ
1B9/OiGbzgvTP8uUDUn+ZKhzUi+sN1Q+FTes3s+8eO2AhxpuN2w=
=9JCq
-END PGP SIGNATURE End Message ---

Bug#901483: marked as done (bind9: CVE-2018-5738: improperly permits recursive query service to unauthorized clients)

2018-06-14 Thread Debian Bug Tracking System 
Your message dated Thu, 14 Jun 2018 14:54:40 +
with message-id 
and subject line Bug#901483: fixed in bind9 1:9.11.3+dfsg-2
has caused the Debian Bug report #901483,
regarding bind9: CVE-2018-5738: improperly permits recursive query service to 
unauthorized clients
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
901483: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901483
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: bind9
Version: 1:9.11.3+dfsg-1
Severity: grave
Tags: security upstream
Justification: user security hole

Hi,

The following vulnerability was published for bind9, affecting the
version present in unstable (older suites do not include the upstream
change #4777).

CVE-2018-5738[0]:
|Some versions of BIND can improperly permit recursive query service to
|unauthorized clients

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2018-5738
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5738
[1] https://kb.isc.org/article/AA-01616/0/CVE-2018-5738

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: bind9
Source-Version: 1:9.11.3+dfsg-2

We believe that the bug you reported is fixed in the latest version of
bind9, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 901...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ondřej Surý  (supplier of updated bind9 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 14 Jun 2018 13:01:47 +
Source: bind9
Binary: bind9 bind9utils bind9-doc bind9-host libbind-dev libbind9-160 
libdns1100 libirs160 libisc169 liblwres160 libisccc160 libisccfg160 dnsutils 
libbind-export-dev libdns-export1100 libdns-export1100-udeb libirs-export160 
libirs-export160-udeb libisc-export169 libisc-export169-udeb libisccc-export160 
libisccc-export160-udeb libisccfg-export160 libisccfg-export160-udeb
Architecture: source
Version: 1:9.11.3+dfsg-2
Distribution: unstable
Urgency: medium
Maintainer: BIND 9 Package 
Changed-By: Ondřej Surý 
Description:
 bind9  - Internet Domain Name Server
 bind9-doc  - Documentation for BIND
 bind9-host - DNS lookup utility (deprecated)
 bind9utils - Utilities for BIND
 dnsutils   - Clients provided with BIND
 libbind-dev - Static Libraries and Headers used by BIND
 libbind-export-dev - Development files for the exported BIND libraries
 libbind9-160 - BIND9 Shared Library used by BIND
 libdns-export1100 - Exported DNS Shared Library
 libdns-export1100-udeb - Exported DNS library for debian-installer (udeb)
 libdns1100 - DNS Shared Library used by BIND
 libirs-export160 - Exported IRS Shared Library
 libirs-export160-udeb - Exported IRS library for debian-installer (udeb)
 libirs160  - DNS Shared Library used by BIND
 libisc-export169 - Exported ISC Shared Library
 libisc-export169-udeb - Exported ISC library for debian-installer (udeb)
 libisc169  - ISC Shared Library used by BIND
 libisccc-export160 - Command Channel Library used by BIND
 libisccc-export160-udeb - Command Channel Library used by BIND (udeb)
 libisccc160 - Command Channel Library used by BIND
 libisccfg-export160 - Exported ISC CFG Shared Library
 libisccfg-export160-udeb - Exported ISC CFG library for debian-installer (udeb)
 libisccfg160 - Config File Handling Library used by BIND
 liblwres160 - Lightweight Resolver Library used by BIND
Closes: 899959 901483
Changes:
 bind9 (1:9.11.3+dfsg-2) unstable; urgency=medium
 .
   * [CVE-2018-5738]: Add upstream fix to close the default open recursion
 (Closes: #901483)
   * Change the maintainer address (Closes: #899959)
Checksums-Sha1:
 47625ba3ef08c3b0e38a7d51945ade02569f67d8 3933 bind9_9.11.3+dfsg-2.dsc
 1d9dbeab8b74bb5c45d81a73bb7bae313bfd9580 82192 
bind9_9.11.3+dfsg-2.debian.tar.xz
 1ec75d21d36d37d64de0dd5cae3fdc10a3cdf86e 19444 
bind9_9.11.3+dfsg-2_amd64.buildinfo
Checksums-Sha256:
 4fdeb2fa8b7f960936d6a997cb566230fbe218fa3b7979567bb3357df90bb2bc 3933 
bind9_9.11.3+dfsg-2.dsc

Bug#901223: marked as done (gitaly: FTBFS: prometheus.Observer does not implement prometheus.Histogram)

2018-06-14 Thread Debian Bug Tracking System 
Your message dated Thu, 14 Jun 2018 14:55:21 +
with message-id 
and subject line Bug#901223: fixed in gitaly 0.96.2+debian-1
has caused the Debian Bug report #901223,
regarding gitaly: FTBFS: prometheus.Observer does not implement 
prometheus.Histogram
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
901223: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901223
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: gitaly
Version: 0.96.1+debian-4
Severity: serious
Justification: fails to build from source (but built successfully in the past)

Hi,

gitaly/experimental FTBFS:

https://buildd.debian.org/status/fetch.php?pkg=gitaly=amd64=0.96.1%2Bdebian-4=1528128434=0

...
gitlab.com/gitlab-org/gitaly/internal/middleware/limithandler/testpb
gitlab.com/gitlab-org/gitaly/internal/middleware/limithandler
gitlab.com/gitlab-org/gitaly/internal/helper/housekeeping
# gitlab.com/gitlab-org/gitaly/internal/middleware/limithandler
src/gitlab.com/gitlab-org/gitaly/internal/middleware/limithandler/metrics.go:109:13:
 cannot use histogramVec.WithLabelValues(serviceName, methodName) (type 
prometheus.Observer) as type prometheus.Histogram in assignment:
prometheus.Observer does not implement prometheus.Histogram (missing 
Collect method)
gitlab.com/gitlab-org/gitaly/vendor/google.golang.org/grpc/reflection
github.com/stretchr/testify/require
gitlab.com/gitlab-org/gitaly/internal/helper/fieldextractors
gitlab.com/gitlab-org/gitaly/client
gitlab.com/gitlab-org/gitaly/cmd/gitaly-ssh
dh_auto_build: cd obj-x86_64-linux-gnu && go install 
-gcflags=\"-trimpath=/<>/gitaly-0.96.1\+debian/obj-x86_64-linux-gnu/src\"
 
-asmflags=\"-trimpath=/<>/gitaly-0.96.1\+debian/obj-x86_64-linux-gnu/src\"
 -v -p 4 -ldflags "-X 
gitlab.com/gitlab-org/gitaly/internal/version.version=0.96.1+debian" 
gitlab.com/gitlab-org/gitaly/auth gitlab.com/gitlab-org/gitaly/client 
gitlab.com/gitlab-org/gitaly/cmd/gitaly 
gitlab.com/gitlab-org/gitaly/cmd/gitaly-ssh 
gitlab.com/gitlab-org/gitaly/internal/archive 
gitlab.com/gitlab-org/gitaly/internal/command 
gitlab.com/gitlab-org/gitaly/internal/config 
gitlab.com/gitlab-org/gitaly/internal/connectioncounter 
gitlab.com/gitlab-org/gitaly/internal/diff 
gitlab.com/gitlab-org/gitaly/internal/git 
gitlab.com/gitlab-org/gitaly/internal/git/alternates 
gitlab.com/gitlab-org/gitaly/internal/git/catfile 
gitlab.com/gitlab-org/gitaly/internal/git/log 
gitlab.com/gitlab-org/gitaly/internal/helper 
gitlab.com/gitlab-org/gitaly/internal/helper/fieldextractors 
gitlab.com/gitlab-org/gitaly/internal/helper/housekeeping 
gitlab.com/gitlab-org/gitaly/internal/helper/lines 
gitlab.com/gitlab-org/gitaly/internal/linguist 
gitlab.com/gitlab-org/gitaly/internal/logsanitizer 
gitlab.com/gitlab-org/gitaly/internal/middleware/cancelhandler 
gitlab.com/gitlab-org/gitaly/internal/middleware/limithandler 
gitlab.com/gitlab-org/gitaly/internal/middleware/limithandler/testpb 
gitlab.com/gitlab-org/gitaly/internal/middleware/metadatahandler 
gitlab.com/gitlab-org/gitaly/internal/middleware/panichandler 
gitlab.com/gitlab-org/gitaly/internal/middleware/sentryhandler 
gitlab.com/gitlab-org/gitaly/internal/rubyserver 
gitlab.com/gitlab-org/gitaly/internal/rubyserver/balancer 
gitlab.com/gitlab-org/gitaly/internal/server 
gitlab.com/gitlab-org/gitaly/internal/server/auth 
gitlab.com/gitlab-org/gitaly/internal/service 
gitlab.com/gitlab-org/gitaly/internal/service/blob 
gitlab.com/gitlab-org/gitaly/internal/service/commit 
gitlab.com/gitlab-org/gitaly/internal/service/conflicts 
gitlab.com/gitlab-org/gitaly/internal/service/diff 
gitlab.com/gitlab-org/gitaly/internal/service/namespace 
gitlab.com/gitlab-org/gitaly/internal/service/notifications 
gitlab.com/gitlab-org/gitaly/internal/service/operations 
gitlab.com/gitlab-org/gitaly/internal/service/ref 
gitlab.com/gitlab-org/gitaly/internal/service/remote 
gitlab.com/gitlab-org/gitaly/internal/service/repository 
gitlab.com/gitlab-org/gitaly/internal/service/server 
gitlab.com/gitlab-org/gitaly/internal/service/smarthttp 
gitlab.com/gitlab-org/gitaly/internal/service/ssh 
gitlab.com/gitlab-org/gitaly/internal/service/wiki 
gitlab.com/gitlab-org/gitaly/internal/storage 
gitlab.com/gitlab-org/gitaly/internal/supervisor 
gitlab.com/gitlab-org/gitaly/internal/supervisor/test-scripts 
gitlab.com/gitlab-org/gitaly/internal/tempdir 
gitlab.com/gitlab-org/gitaly/internal/testhelper 
gitlab.com/gitlab-org/gitaly/internal/version 
gitlab.com/gitlab-org/gitaly/streamio returned exit code 2
make[1]: *** [debian/rules:23: override_dh_auto_build] Error 2
make[1]: Leaving

Bug#901537: ooniprobe: FTBFS: ERROR: test_send_packet_with_answer (ooni.tests.test_txscapy.TestTxScapy)

2018-06-14 Thread Andreas Beckmann 
Source: ooniprobe
Version: 2.3.0-1
Severity: serious
Justification: fails to build from source

Hi,

ooniprobe recently started to FTBFS in a minimal current sid pbuilder
environment:

==
ERROR: test_send_packet_with_answer (ooni.tests.test_txscapy.TestTxScapy)
test_send_packet_with_answer
--
TimeoutError:  (test_send_packet_with_answer) still 
running at 120.0 secs

--
Ran 156 tests in 171.430s

FAILED (errors=1, skipped=25)


Andreas


ooniprobe_2.3.0-1.log.gz
Description: application/gzip

Bug#858819: availability new package version in stable

2018-06-14 Thread Kraus, Sebastian 
Dear Adrian Bunk,



thanks for your corrections.

Do you plan to push the new package version

also to Debian stable (stretch)? There only the

buggy package version 2.10.0-1 is available.



Regards

Sebastian



Sebastian Kraus
Team IT am Institut für Chemie
Gebäude C, Straße des 17. Juni 115, Raum C7

Technische Universität Berlin
Fakultät II
Institut für Chemie
Sekretariat C3
Straße des 17. Juni 135
10623 Berlin

Email: sebastian.kr...@tu-berlin.de

Bug#901526: python-django: FTBFS: FAIL: test_invalid (migrations.test_loader.PycLoaderTests)

2018-06-14 Thread Chris Lamb 
Hi Andreas,

> […]

This is the test in question:

def test_invalid(self):
"""
MigrationLoader reraises ImportErrors caused by "bad magic number" pyc
files with a more helpful message.
"""
with 
self.temporary_migration_module(module='migrations.test_migrations_bad_pyc'):
msg = (
r"Couldn't import '\w+.migrations.0001_initial' as it appears "
"to be a stale .pyc file."
)
with self.assertRaisesRegex(ImportError, msg):
MigrationLoader(connection)

We are likely deleting or otherwise refreshing the .pyc file. :)


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#901526: python-django: FTBFS: FAIL: test_invalid (migrations.test_loader.PycLoaderTests)

2018-06-14 Thread Chris Lamb 
Hi Andreas,

> python-django/experimental FTBFS with a test failure on both i386 and
> amd64:
> 
> ==
> FAIL: test_invalid (migrations.test_loader.PycLoaderTests)
> --
> Traceback (most recent call last):
>   File "/usr/lib/python3.6/unittest/case.py", line 59, in 
> testPartExecutor
> yield
>   File "/usr/lib/python3.6/unittest/case.py", line 605, in run
> testMethod()
>   File "/build/python-django-2.1~alpha1/tests/migrations/
> test_loader.py", line 530, in test_invalid
> MigrationLoader(connection)
>   File "/usr/lib/python3.6/unittest/case.py", line 203, in __exit__
> self._raiseFailure("{} not raised".format(exc_name))
>   File "/usr/lib/python3.6/unittest/case.py", line 135, in _raiseFailure
> raise self.test_case.failureException(msg)
> AssertionError: ImportError not raised

Cool, same thing in the r-b setup:

  
https://tests.reproducible-builds.org/debian/rb-pkg/experimental/amd64/python-django.html


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#901523: sbt-template-resolver: FTBFS with openjdk-10

2018-06-14 Thread Andreas Beckmann 
Source: sbt-template-resolver
Version: 0.1-1
Severity: serious
Justification: fails to build from source

Hi,

sbt-template-resolver FTBFS with openjdk-10 as the default jdk:

[...]
   debian/rules override_dh_auto_build
make[1]: Entering directory '/build/sbt-template-resolver-0.1'
mkdir -p /build/sbt-template-resolver-0.1/debian/sbt_home/.ivy2/cache
cp -fr /build/sbt-template-resolver-0.1/bootstrapdeps/* 
/build/sbt-template-resolver-0.1/debian/sbt_home/.ivy2/cache/
mkdir /build/sbt-template-resolver-0.1/debian/sbt_home/.sbt
echo "[repositories]" > 
/build/sbt-template-resolver-0.1/debian/sbt_home/.sbt/repositories
echo "local" >> 
/build/sbt-template-resolver-0.1/debian/sbt_home/.sbt/repositories
cp -frv /build/sbt-template-resolver-0.1/bootstrapdeps-sources/. 
/build/sbt-template-resolver-0.1/debian/sbt_home/.ivy2/cache/
'/build/sbt-template-resolver-0.1/bootstrapdeps-sources/./org.scala-sbt/compiler-interface/srcs'
 -> 
'/build/sbt-template-resolver-0.1/debian/sbt_home/.ivy2/cache/./org.scala-sbt/compiler-interface/srcs'
'/build/sbt-template-resolver-0.1/bootstrapdeps-sources/./org.scala-sbt/compiler-interface/srcs/compiler-interface-0.13.12-sources.jar'
 -> '/build/sbt-template-resolver-0.1/debian/sbt_home/.ivy2/cache/./org.scala-
sbt/compiler-interface/srcs/compiler-interface-0.13.12-sources.jar'
/build/sbt-template-resolver-0.1/bootstrapsbt/bin/sbt -verbose -debug -sbt-dir 
/build/sbt-template-resolver-0.1/debian/sbt_home/.sbt -ivy 
/build/sbt-template-resolver-0.1/debian/sbt_home/.ivy2 'set offline := true
' -Dsbt.override.build.repos=true packageBin make-pom
[residual] arg = '-sbt-dir'
[residual] arg = '/build/sbt-template-resolver-0.1/debian/sbt_home/.sbt'
[addJava] arg = 
'-Dsbt.ivy.home=/build/sbt-template-resolver-0.1/debian/sbt_home/.ivy2'
[residual] arg = 'set offline := true'
[addJava] arg = '-Dsbt.override.build.repos=true'
[residual] arg = 'packageBin'
[residual] arg = 'make-pom'
[addJava] arg = 
'-Dsbt.global.base=/build/sbt-template-resolver-0.1/debian/sbt_home/.sbt'
[residual] arg = 'set offline := true'
[residual] arg = 'packageBin'
[residual] arg = 'make-pom'
[process_args] java_version = '10.0.1'
# Executing command line:
java
-Xms1024m
-Xmx1024m
-XX:ReservedCodeCacheSize=128m
-XX:MaxMetaspaceSize=256m
-Dsbt.ivy.home=/build/sbt-template-resolver-0.1/debian/sbt_home/.ivy2
-Dsbt.override.build.repos=true
-Dsbt.global.base=/build/sbt-template-resolver-0.1/debian/sbt_home/.sbt
-jar
/build/sbt-template-resolver-0.1/bootstrapsbt/bin/sbt-launch.jar
"set offline := true"
packageBin
make-pom

Getting org.scala-sbt sbt 0.13.12 ...
:: retrieving :: org.scala-sbt#boot-app
confs: [default]
49 artifacts copied, 0 already retrieved (17462kB/53ms)
Getting Scala 2.10.6 (for sbt)...
:: retrieving :: org.scala-sbt#boot-scala
confs: [default]
5 artifacts copied, 0 already retrieved (24494kB/25ms)
[ERROR] Failed to construct terminal; falling back to unsupported
java.lang.NumberFormatException: For input string: "0x100"
at 
java.base/java.lang.NumberFormatException.forInputString(NumberFormatException.java:65)
at java.base/java.lang.Integer.parseInt(Integer.java:652)
at java.base/java.lang.Integer.valueOf(Integer.java:983)
at jline.internal.InfoCmp.parseInfoCmp(InfoCmp.java:59)
at jline.UnixTerminal.parseInfoCmp(UnixTerminal.java:233)
at jline.UnixTerminal.(UnixTerminal.java:64)
at jline.UnixTerminal.(UnixTerminal.java:49)
at 
java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native
 Method)
at 
java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at 
java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at 
java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:488)
at java.base/java.lang.Class.newInstance(Class.java:560)
at jline.TerminalFactory.getFlavor(TerminalFactory.java:209)
at jline.TerminalFactory.create(TerminalFactory.java:100)
at jline.TerminalFactory.get(TerminalFactory.java:184)
at jline.TerminalFactory.get(TerminalFactory.java:190)
at sbt.ConsoleLogger$.ansiSupported(ConsoleLogger.scala:123)
at sbt.ConsoleLogger$.(ConsoleLogger.scala:117)
at sbt.ConsoleLogger$.(ConsoleLogger.scala)
at sbt.GlobalLogging$.initial(GlobalLogging.scala:43)
at sbt.StandardMain$.initialGlobalLogging(Main.scala:61)
at sbt.StandardMain$.initialState(Main.scala:70)
at sbt.xMain.run(Main.scala:29)
at xsbt.boot.Launch$$anonfun$run$1.apply(Launch.scala:109)
at xsbt.boot.Launch$.withContextLoader(Launch.scala:128)
at xsbt.boot.Launch$.run(Launch.scala:109)
at xsbt.boot.Launch$$anonfun$apply$1.apply(Launch.scala:35)
at xsbt.boot.Launch$.launch(Launch.scala:117)
at

Bug#901522: scala-pickling: FTBFS with openjdk-10

2018-06-14 Thread Andreas Beckmann 
Source: scala-pickling
Version: 0.10.1-1
Severity: serious
Justification: fails to build from source

Hi,

scala-pickling FTBFS with openjdk-10 as the default jdk:

[...]
   debian/rules override_dh_auto_build
make[1]: Entering directory '/build/scala-pickling-0.10.1'
mkdir -p /build/scala-pickling-0.10.1/debian/sbt_home/.ivy2/cache
cp -fr /build/scala-pickling-0.10.1/bootstrapdeps/* 
/build/scala-pickling-0.10.1/debian/sbt_home/.ivy2/cache/
mkdir /build/scala-pickling-0.10.1/debian/sbt_home/.sbt
echo "[repositories]" > 
/build/scala-pickling-0.10.1/debian/sbt_home/.sbt/repositories
echo "local" >> /build/scala-pickling-0.10.1/debian/sbt_home/.sbt/repositories
cp -frv /build/scala-pickling-0.10.1/bootstrapdeps-sources/. 
/build/scala-pickling-0.10.1/debian/sbt_home/.ivy2/cache/
'/build/scala-pickling-0.10.1/bootstrapdeps-sources/./org.scala-sbt/compiler-interface/srcs'
 -> 
'/build/scala-pickling-0.10.1/debian/sbt_home/.ivy2/cache/./org.scala-sbt/compiler-interface/srcs'
'/build/scala-pickling-0.10.1/bootstrapdeps-sources/./org.scala-sbt/compiler-interface/srcs/compiler-interface-0.13.12-sources.jar'
 -> 
'/build/scala-pickling-0.10.1/debian/sbt_home/.ivy2/cache/./org.scala-sbt/comp
iler-interface/srcs/compiler-interface-0.13.12-sources.jar'
/build/scala-pickling-0.10.1/bootstrapsbt/bin/sbt -verbose -debug -sbt-dir 
/build/scala-pickling-0.10.1/debian/sbt_home/.sbt -ivy 
/build/scala-pickling-0.10.1/debian/sbt_home/.ivy2 'set offline := true' 
-Dsbt.over
ride.build.repos=true packageBin make-pom
[residual] arg = '-sbt-dir'
[residual] arg = '/build/scala-pickling-0.10.1/debian/sbt_home/.sbt'
[addJava] arg = 
'-Dsbt.ivy.home=/build/scala-pickling-0.10.1/debian/sbt_home/.ivy2'
[residual] arg = 'set offline := true'
[addJava] arg = '-Dsbt.override.build.repos=true'
[residual] arg = 'packageBin'
[residual] arg = 'make-pom'
[addJava] arg = 
'-Dsbt.global.base=/build/scala-pickling-0.10.1/debian/sbt_home/.sbt'
[residual] arg = 'set offline := true'
[residual] arg = 'packageBin'
[residual] arg = 'make-pom'
[process_args] java_version = '10.0.1'
# Executing command line:
java
-Xms1024m
-Xmx1024m
-XX:ReservedCodeCacheSize=128m
-XX:MaxMetaspaceSize=256m
-Dsbt.ivy.home=/build/scala-pickling-0.10.1/debian/sbt_home/.ivy2
-Dsbt.override.build.repos=true
-Dsbt.global.base=/build/scala-pickling-0.10.1/debian/sbt_home/.sbt
-jar
/build/scala-pickling-0.10.1/bootstrapsbt/bin/sbt-launch.jar
"set offline := true"
packageBin
make-pom

Getting org.scala-sbt sbt 0.13.12 ...
:: retrieving :: org.scala-sbt#boot-app
confs: [default]
49 artifacts copied, 0 already retrieved (17462kB/59ms)
Getting Scala 2.10.6 (for sbt)...
:: retrieving :: org.scala-sbt#boot-scala
confs: [default]
5 artifacts copied, 0 already retrieved (24494kB/26ms)
[ERROR] Failed to construct terminal; falling back to unsupported
java.lang.NumberFormatException: For input string: "0x100"
at 
java.base/java.lang.NumberFormatException.forInputString(NumberFormatException.java:65)
at java.base/java.lang.Integer.parseInt(Integer.java:652)
at java.base/java.lang.Integer.valueOf(Integer.java:983)
at jline.internal.InfoCmp.parseInfoCmp(InfoCmp.java:59)
at jline.UnixTerminal.parseInfoCmp(UnixTerminal.java:233)
at jline.UnixTerminal.(UnixTerminal.java:64)
at jline.UnixTerminal.(UnixTerminal.java:49)
at 
java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native
 Method)
at 
java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at 
java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at 
java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:488)
at java.base/java.lang.Class.newInstance(Class.java:560)
at jline.TerminalFactory.getFlavor(TerminalFactory.java:209)
at jline.TerminalFactory.create(TerminalFactory.java:100)
at jline.TerminalFactory.get(TerminalFactory.java:184)
at jline.TerminalFactory.get(TerminalFactory.java:190)
at sbt.ConsoleLogger$.ansiSupported(ConsoleLogger.scala:123)
at sbt.ConsoleLogger$.(ConsoleLogger.scala:117)
at sbt.ConsoleLogger$.(ConsoleLogger.scala)
at sbt.GlobalLogging$.initial(GlobalLogging.scala:43)
at sbt.StandardMain$.initialGlobalLogging(Main.scala:61)
at sbt.StandardMain$.initialState(Main.scala:70)
at sbt.xMain.run(Main.scala:29)
at xsbt.boot.Launch$$anonfun$run$1.apply(Launch.scala:109)
at xsbt.boot.Launch$.withContextLoader(Launch.scala:128)
at xsbt.boot.Launch$.run(Launch.scala:109)
at xsbt.boot.Launch$$anonfun$apply$1.apply(Launch.scala:35)
at xsbt.boot.Launch$.launch(Launch.scala:117)
at xsbt.boot.Launch$.apply(Launch.scala:18)
at xsbt.boot.Boot$.runImpl(Boot.scala:41)
at

Bug#901495: redis: multiple security issues in Lua scripting

2018-06-14 Thread Chris Lamb 
Chris Lamb wrote:

> > redis: multiple security issues in Lua scripting
> 
> This has now been assigned CVE-2018-11219 & CVE-2018-11218.

Security team, oermission to upload the attached to
stretch-security?

  redis (3:3.2.6-3+deb9u1) stretch-security; urgency=high

* CVE-2018-11218, CVE-2018-11219: Backport patches to fix multiple heap
  corruption and integer overflow vulnerabilities. (Closes: #901495)

   -- Chris Lamb   Thu, 14 Jun 2018 15:08:27 +0200


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-
diff --git a/debian/changelog b/debian/changelog
index c66f34fb..1c449909 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+redis (3:3.2.6-3+deb9u1) stretch-security; urgency=high
+
+  * CVE-2018-11218, CVE-2018-11219: Backport patches to fix multiple heap
+corruption and integer overflow vulnerabilities. (Closes: #901495)
+
+ -- Chris Lamb   Thu, 14 Jun 2018 15:08:27 +0200
+
 redis (3:3.2.6-1) unstable; urgency=medium
 
   * New upstream release.
diff --git a/debian/patches/0009-Security-fix-redis-cli-buffer-overflow.patch 
b/debian/patches/0009-Security-fix-redis-cli-buffer-overflow.patch
new file mode 100644
index ..0ba4ccd7
--- /dev/null
+++ b/debian/patches/0009-Security-fix-redis-cli-buffer-overflow.patch
@@ -0,0 +1,53 @@
+From: antirez 
+Date: Mon, 11 Jun 2018 12:08:42 +0200
+Subject: Security: fix redis-cli buffer overflow.
+
+Thanks to Fakhri Zulkifli for reporting it.
+
+The fix switched to dynamic allocation, copying the final prompt in the
+static buffer only at the end.
+---
+ src/redis-cli.c | 27 ---
+ 1 file changed, 16 insertions(+), 11 deletions(-)
+
+diff --git a/src/redis-cli.c b/src/redis-cli.c
+index 9043915..f5e26d9 100644
+--- a/src/redis-cli.c
 b/src/redis-cli.c
+@@ -151,20 +151,25 @@ static long long mstime(void) {
+ }
+ 
+ static void cliRefreshPrompt(void) {
+-int len;
+-
+ if (config.eval_ldb) return;
+-if (config.hostsocket != NULL)
+-len = snprintf(config.prompt,sizeof(config.prompt),"redis %s",
+-   config.hostsocket);
+-else
+-len = anetFormatAddr(config.prompt, sizeof(config.prompt),
+-   config.hostip, config.hostport);
++
++sds prompt = sdsempty();
++if (config.hostsocket != NULL) {
++prompt = sdscatfmt(prompt,"redis %s",config.hostsocket);
++} else {
++char addr[256];
++anetFormatAddr(addr, sizeof(addr), config.hostip, config.hostport);
++prompt = sdscatlen(prompt,addr,strlen(addr));
++}
++
+ /* Add [dbnum] if needed */
+ if (config.dbnum != 0)
+-len += snprintf(config.prompt+len,sizeof(config.prompt)-len,"[%d]",
+-config.dbnum);
+-snprintf(config.prompt+len,sizeof(config.prompt)-len,"> ");
++prompt = sdscatfmt(prompt,"[%i]",config.dbnum);
++
++/* Copy the prompt in the static buffer. */
++prompt = sdscatlen(prompt,"> ",2);
++snprintf(config.prompt,sizeof(config.prompt),"%s",prompt);
++sdsfree(prompt);
+ }
+ 
+ /* Return the name of the dotfile for the specified 'dotfilename'.
diff --git 
a/debian/patches/0010-Security-fix-Lua-struct-package-offset-handling.patch 
b/debian/patches/0010-Security-fix-Lua-struct-package-offset-handling.patch
new file mode 100644
index ..8cbc89ce
--- /dev/null
+++ b/debian/patches/0010-Security-fix-Lua-struct-package-offset-handling.patch
@@ -0,0 +1,40 @@
+From: antirez 
+Date: Tue, 15 May 2018 13:13:49 +0200
+Subject: Security: fix Lua struct package offset handling.
+
+After the first fix to the struct package I found another similar
+problem, which is fixed by this patch. It could be reproduced easily by
+running the following script:
+
+return struct.unpack('f', "x",-3)
+
+The above will access bytes before the 'data' pointer.
+---
+ deps/lua/src/lua_struct.c | 8 ++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/deps/lua/src/lua_struct.c b/deps/lua/src/lua_struct.c
+index a602bb4..e263f8e 100644
+--- a/deps/lua/src/lua_struct.c
 b/deps/lua/src/lua_struct.c
+@@ -295,14 +295,18 @@ static int b_unpack (lua_State *L) {
+   const char *fmt = luaL_checkstring(L, 1);
+   size_t ld;
+   const char *data = luaL_checklstring(L, 2, );
+-  size_t pos = luaL_optinteger(L, 3, 1) - 1;
++  size_t pos = luaL_optinteger(L, 3, 1);
++  luaL_argcheck(L, pos > 0, 3, "offset must be 1 or greater");
++  pos--; /* Lua indexes are 1-based, but here we want 0-based for C
++  * pointer math. */
+   defaultoptions();
+   lua_settop(L, 2);
+   while (*fmt) {
+ int opt = *fmt++;
+ size_t size = optsize(L, opt, );
+ pos += gettoalign(pos, , opt, size);
+-luaL_argcheck(L, pos+size <= ld, 2, "data string too short");
++luaL_argcheck(L, size <= ld && pos <= ld - size,
++   2, "data string too short");
+ luaL_checkstack(L, 1, "too many results");
+ switch

Bug#901521: cinnamon-control-center: fails to clean after build: attempts to distclean in panels/common twice

2018-06-14 Thread Andreas Beckmann 
Source: cinnamon-control-center
Version: 3.8.0-1
Severity: serious
Justification: fails to build from source (but built successfully in the past)

Hi,

cinnamon-control-center fails to clean after a successful build. It
attempts to perform a distclean in panels/common twice, but then the
Makefile is already gone:

[...]
Making distclean in panels
make[2]: Entering directory '/build/cinnamon-control-center-3.8.0/panels'
Making distclean in common
make[3]: Entering directory '/build/cinnamon-control-center-3.8.0/panels/common'
rm -rf .libs _libs
test -z "liblanguage.la" || rm -f liblanguage.la
rm -f *.o
 rm -f list-languages
rm -f *.lo
rm -f *.tab.c
test -z "" || rm -f 
test . = "." || test -z "" || rm -f 
rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
rm -f ./so_locations
rm -rf ./.deps
rm -f Makefile
make[3]: Leaving directory '/build/cinnamon-control-center-3.8.0/panels/common'
Making distclean in common
make[3]: Entering directory '/build/cinnamon-control-center-3.8.0/panels/common'
make[3]: *** No rule to make target 'distclean'.  Stop.
make[3]: Leaving directory '/build/cinnamon-control-center-3.8.0/panels/common'
Makefile:443: recipe for target 'distclean-recursive' failed
make[2]: *** [distclean-recursive] Error 1
make[2]: Leaving directory '/build/cinnamon-control-center-3.8.0/panels'
Makefile:501: recipe for target 'distclean-recursive' failed
make[1]: *** [distclean-recursive] Error 1
make[1]: Leaving directory '/build/cinnamon-control-center-3.8.0'
dh_auto_clean: make -j4 distclean returned exit code 2
debian/rules:11: recipe for target 'clean' failed
make: *** [clean] Error 2


This can be triggered by attempting to build the package twice in a row.


Andreas


cinnamon-control-center_3.8.0-1_twice.log.gz
Description: application/gzip

Bug#901520: scopt: FTBFS with openjdk-10

2018-06-14 Thread Andreas Beckmann 
Source: scopt
Version: 3.5.0-1
Severity: serious
Justification: fails to build from source

Hi,

scopt FTBFS with openjdk-10 as the default jdk:

[...]
   debian/rules override_dh_auto_build
make[1]: Entering directory '/build/scopt-3.5.0'
git init
Initialized empty Git repository in /build/scopt-3.5.0/.git/
mkdir -p /build/scopt-3.5.0/debian/sbt_home/.ivy2/cache
cp -fr /build/scopt-3.5.0/bootstrapdeps/* 
/build/scopt-3.5.0/debian/sbt_home/.ivy2/cache/
mkdir /build/scopt-3.5.0/debian/sbt_home/.sbt
echo "[repositories]" > /build/scopt-3.5.0/debian/sbt_home/.sbt/repositories
echo "local" >> /build/scopt-3.5.0/debian/sbt_home/.sbt/repositories
cp -frv /build/scopt-3.5.0/bootstrapdeps-sources/. 
/build/scopt-3.5.0/debian/sbt_home/.ivy2/cache/
'/build/scopt-3.5.0/bootstrapdeps-sources/./org.scala-sbt/compiler-interface/srcs'
 -> 
'/build/scopt-3.5.0/debian/sbt_home/.ivy2/cache/./org.scala-sbt/compiler-interface/srcs'
'/build/scopt-3.5.0/bootstrapdeps-sources/./org.scala-sbt/compiler-interface/srcs/compiler-interface-0.13.12-sources.jar'
 -> 
'/build/scopt-3.5.0/debian/sbt_home/.ivy2/cache/./org.scala-sbt/compiler-interface/srcs/
compiler-interface-0.13.12-sources.jar'
/build/scopt-3.5.0/bootstrapsbt/bin/sbt -verbose -debug -sbt-dir 
/build/scopt-3.5.0/debian/sbt_home/.sbt -ivy 
/build/scopt-3.5.0/debian/sbt_home/.ivy2 'set offline := true' 
-Dsbt.override.build.repos=true packageB
in make-pom
[residual] arg = '-sbt-dir'
[residual] arg = '/build/scopt-3.5.0/debian/sbt_home/.sbt'
[addJava] arg = '-Dsbt.ivy.home=/build/scopt-3.5.0/debian/sbt_home/.ivy2'
[residual] arg = 'set offline := true'
[addJava] arg = '-Dsbt.override.build.repos=true'
[residual] arg = 'packageBin'
[residual] arg = 'make-pom'
[addJava] arg = '-Dsbt.global.base=/build/scopt-3.5.0/debian/sbt_home/.sbt'
[residual] arg = 'set offline := true'
[residual] arg = 'packageBin'
[residual] arg = 'make-pom'
[process_args] java_version = '10.0.1'
# Executing command line:
java
-Xms1024m
-Xmx1024m
-XX:ReservedCodeCacheSize=128m
-XX:MaxMetaspaceSize=256m
-Dsbt.ivy.home=/build/scopt-3.5.0/debian/sbt_home/.ivy2
-Dsbt.override.build.repos=true
-Dsbt.global.base=/build/scopt-3.5.0/debian/sbt_home/.sbt
-jar
/build/scopt-3.5.0/bootstrapsbt/bin/sbt-launch.jar
"set offline := true"
packageBin
make-pom

Getting org.scala-sbt sbt 0.13.12 ...
:: retrieving :: org.scala-sbt#boot-app
confs: [default]
49 artifacts copied, 0 already retrieved (17462kB/60ms)
Getting Scala 2.10.6 (for sbt)...
:: retrieving :: org.scala-sbt#boot-scala
confs: [default]
5 artifacts copied, 0 already retrieved (24494kB/26ms)
[ERROR] Failed to construct terminal; falling back to unsupported
java.lang.NumberFormatException: For input string: "0x100"
at 
java.base/java.lang.NumberFormatException.forInputString(NumberFormatException.java:65)
at java.base/java.lang.Integer.parseInt(Integer.java:652)
at java.base/java.lang.Integer.valueOf(Integer.java:983)
at jline.internal.InfoCmp.parseInfoCmp(InfoCmp.java:59)
at jline.UnixTerminal.parseInfoCmp(UnixTerminal.java:233)
at jline.UnixTerminal.(UnixTerminal.java:64)
at jline.UnixTerminal.(UnixTerminal.java:49)
at 
java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native
 Method)
at 
java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at 
java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at 
java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:488)
at java.base/java.lang.Class.newInstance(Class.java:560)
at jline.TerminalFactory.getFlavor(TerminalFactory.java:209)
at jline.TerminalFactory.create(TerminalFactory.java:100)
at jline.TerminalFactory.get(TerminalFactory.java:184)
at jline.TerminalFactory.get(TerminalFactory.java:190)
at sbt.ConsoleLogger$.ansiSupported(ConsoleLogger.scala:123)
at sbt.ConsoleLogger$.(ConsoleLogger.scala:117)
at sbt.ConsoleLogger$.(ConsoleLogger.scala)
at sbt.GlobalLogging$.initial(GlobalLogging.scala:43)
at sbt.StandardMain$.initialGlobalLogging(Main.scala:61)
at sbt.StandardMain$.initialState(Main.scala:70)
at sbt.xMain.run(Main.scala:29)
at xsbt.boot.Launch$$anonfun$run$1.apply(Launch.scala:109)
at xsbt.boot.Launch$.withContextLoader(Launch.scala:128)
at xsbt.boot.Launch$.run(Launch.scala:109)
at xsbt.boot.Launch$$anonfun$apply$1.apply(Launch.scala:35)
at xsbt.boot.Launch$.launch(Launch.scala:117)
at xsbt.boot.Launch$.apply(Launch.scala:18)
at xsbt.boot.Boot$.runImpl(Boot.scala:41)
at xsbt.boot.Boot$.main(Boot.scala:17)
at xsbt.boot.Boot.main(Boot.scala)

error: error while loading package, Missing dependency 'object java.lang.Object 
in compiler mirror', required by

Bug#901519: gdcm: FTBFS: xsltApplySequenceConstructor: A potential infinite template recursion was detected.

2018-06-14 Thread Andreas Beckmann 
Source: gdcm
Version: 2.8.6-2exp1python3
Severity: serious
Justification: fails to build from source (but built successfully in the past)

Hi,

gdcm/experimental FTBFS in an up-to-date minimal sid+experimental
pbuilder environment, in both amd64 and i386:

[323/644] cd /build/gdcm-2.8.6/obj-x86_64-linux-gnu/Utilities/doxygen && 
/usr/bin/cmake -E copy /build/gdcm-2.8.6/Utilities/doxygen/man/gdcmdump.xml 
/build/gdcm-2.8.6/obj-x86_64-linux-gnu/Utilities/doxygen/gdcmdum
p.xml && /usr/bin/xsltproc --param man.output.quietly 1 --nonet 
/build/gdcm-2.8.6/obj-x86_64-linux-gnu/Utilities/doxygen/gdcmdump.xml
FAILED: Utilities/doxygen/gdcmdump.1 
cd /build/gdcm-2.8.6/obj-x86_64-linux-gnu/Utilities/doxygen && /usr/bin/cmake 
-E copy /build/gdcm-2.8.6/Utilities/doxygen/man/gdcmdump.xml 
/build/gdcm-2.8.6/obj-x86_64-linux-gnu/Utilities/doxygen/gdcmdump.xml && /
usr/bin/xsltproc --param man.output.quietly 1 --nonet 
/build/gdcm-2.8.6/obj-x86_64-linux-gnu/Utilities/doxygen/gdcmdump.xml
runtime error: file 
file:/usr/share/xml/docbook/stylesheet/docbook-xsl-ns/lib/lib.xsl line 62 
element variable
xsltApplySequenceConstructor: A potential infinite template recursion was 
detected.
You can adjust xsltMaxDepth (--maxdepth) in order to raise the maximum number 
of nested template calls and variables/params (currently set to 3000).
Templates:
#0 name string.subst 
#1 name string.subst 
#2 name string.subst 
#3 name string.subst 
#4 name string.subst 
#5 name string.subst 
#6 name string.subst 
#7 name string.subst 
#8 name string.subst 
#9 name string.subst 
#10 name string.subst 
#11 name string.subst 
#12 name string.subst 
#13 name string.subst 
#14 name string.subst 
Variables:
#0
replacement 
target 
string 
#1
target 
string 
#2
string 
#3
replacement 
target 
string 
#4
target 
string 
#5
string 
#6
replacement 
target 
string 
#7
target 
string 
#8
string 
#9
replacement 
target 
string 
#10
target 
string 
#11
string 
#12
replacement 
target 
string 
#13
target 
string 
#14
string 
no result for 
/build/gdcm-2.8.6/obj-x86_64-linux-gnu/Utilities/doxygen/gdcmdump.xml
[324/644] cd /build/gdcm-2.8.6/obj-x86_64-linux-gnu/Utilities/doxygen && 
/usr/bin/cmake -E copy /build/gdcm-2.8.6/Utilities/doxygen/man/gdcmgendir.xml 
/build/gdcm-2.8.6/obj-x86_64-linux-gnu/Utilities/doxygen/gdcmgendir.xml && 
/usr/bin/xsltproc --param man.output.quietly 1 --nonet 
/build/gdcm-2.8.6/obj-x86_64-linux-gnu/Utilities/doxygen/gdcmgendir.xml
[325/644] /usr/bin/c++  
-DvtkDomainsChemistry_AUTOINIT="1(vtkDomainsChemistryOpenGL2)" 
-DvtkFiltersCore_AUTOINIT="1(vtkFiltersParallelDIY2)" 
-DvtkFiltersFlowPaths_AUTOINIT="1(vtkFiltersParallelFlowPaths)" 
-DvtkIOExodus_AUTOINIT="1(vtkIOParallelExodus)" 
-DvtkIOGeometry_AUTOINIT="1(vtkIOMPIParallel)" 
-DvtkIOImage_AUTOINIT="1(vtkIOMPIImage)" 
-DvtkIOParallel_AUTOINIT="1(vtkIOMPIParallel)" 
-DvtkIOSQL_AUTOINIT="2(vtkIOMySQL,vtkIOPostgreSQL)" 
-DvtkRenderingContext2D_AUTOINIT="1(vtkRenderingContextOpenGL2)" 
-DvtkRenderingCore_AUTOINIT="3(vtkInteractionStyle,vtkRenderingFreeType,vtkRenderingOpenGL2)"
 
-DvtkRenderingFreeType_AUTOINIT="2(vtkRenderingFreeTypeFontConfig,vtkRenderingMatplotlib)"
 -DvtkRenderingLICOpenGL2_AUTOINIT="1(vtkRenderingParallelLIC)" 
-DvtkRenderingOpenGL2_AUTOINIT="1(vtkRenderingGL2PSOpenGL2)" 
-DvtkRenderingVolume_AUTOINIT="1(vtkRenderingVolumeOpenGL2)" -Dvtkgdcm_EXPORTS 
-I/usr/include/vtk-7.1 -I/usr/include/freetype2 -I/usr/include/x86_64-linux-gnu 
-I/usr/lib/x86_64-linux-gnu/openmpi/include/openmpi 
-I/usr/lib/x86_64-linux-gnu/openmpi/include -I/usr/include/python3.6m 
-I/usr/include/hdf5/openmpi -I/usr/include/jsoncpp -I/usr/include/libxml2 
-I/usr/include/tcl -ISource/Common -I../Source/Common 
-I../Source/DataStructureAndEncodingDefinition 
-I../Source/MediaStorageAndFileFormat -I../Source/DataDictionary 
-I../Utilities/VTK -I/usr/lib/jvm/java-8-openjdk-amd64/include 
-I/usr/lib/jvm/java-8-openjdk-amd64/include/linux -g -O2 
-fdebug-prefix-map=/build/gdcm-2.8.6=. -fstack-protector-strong -Wformat 
-Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2  -fPIC -MD -MT 
Utilities/VTK/CMakeFiles/vtkgdcm.dir/vtkGDCMThreadedImageReader2.cxx.o -MF 
Utilities/VTK/CMakeFiles/vtkgdcm.dir/vtkGDCMThreadedImageReader2.cxx.o.d -o 
Utilities/VTK/CMakeFiles/vtkgdcm.dir/vtkGDCMThreadedImageReader2.cxx.o -c 
../Utilities/VTK/vtkGDCMThreadedImageReader2.cxx
[326/644] /usr/bin/c++  
-DvtkDomainsChemistry_AUTOINIT="1(vtkDomainsChemistryOpenGL2)" 
-DvtkFiltersCore_AUTOINIT="1(vtkFiltersParallelDIY2)" 
-DvtkFiltersFlowPaths_AUTOINIT="1(vtkFiltersParallelFlowPaths)" 
-DvtkIOExodus_AUTOINIT="1(vtkIOParallelExodus)" 
-DvtkIOGeometry_AUTOINIT="1(vtkIOMPIParallel)" 
-DvtkIOImage_AUTOINIT="1(vtkIOMPIImage)" 
-DvtkIOParallel_AUTOINIT="1(vtkIOMPIParallel)" 
-DvtkIOSQL_AUTOINIT="2(vtkIOMySQL,vtkIOPostgreSQL)" 
-DvtkRenderingContext2D_AUTOINIT="1(vtkRenderingContextOpenGL2)" 
-DvtkRenderingCore_AUTOINIT="3(vtkInteractionStyle,vtkRenderingFreeType,vtkRenderingOpenGL2)"

Bug#901518: protobuf: FTBFS with openjdk-10: error: package sun.misc does not exist

2018-06-14 Thread Andreas Beckmann 
Source: protobuf
Version: 3.6.0.1-1
Severity: serious
Justification: fails to build from source (but built successfully in the past)

Hi,

protobuf/experimental FTBFS with openjdk-10 as default jdk. I didn't
test the version in sid.

   debian/rules override_dh_auto_build-indep
make[1]: Entering directory '/build/protobuf-3.6.0.1'
dh_auto_build --indep
make -j4
make[2]: Entering directory '/build/protobuf-3.6.0.1'
make  all-recursive
make[3]: Entering directory '/build/protobuf-3.6.0.1'
Making all in .
make[4]: Entering directory '/build/protobuf-3.6.0.1'
make[4]: Leaving directory '/build/protobuf-3.6.0.1'
Making all in src
make[4]: Entering directory '/build/protobuf-3.6.0.1/src'
make[4]: Nothing to be done for 'all'.
make[4]: Leaving directory '/build/protobuf-3.6.0.1/src'
make[3]: Leaving directory '/build/protobuf-3.6.0.1'
make[2]: Leaving directory '/build/protobuf-3.6.0.1'
# Java build.
ant -f debian/java-build.xml jar
Buildfile: /build/protobuf-3.6.0.1/debian/java-build.xml

generate:
[mkdir] Created dir: 
/build/protobuf-3.6.0.1/java/core/target/generated-sources
 [echo] src

compile:
[mkdir] Created dir: /build/protobuf-3.6.0.1/java/core/target/classes
[javac] Using javac -source 1.5 is no longer supported, switching to 7
[javac] Using javac -target 1.5 is no longer supported, switching to 7
[javac] Release attribute not specified, defaulting to the value of the 
target attribute (7)
[javac] Compiling 79 source files to 
/build/protobuf-3.6.0.1/java/core/target/classes
[javac] Ignoring source, target and bootclasspath as release has been set
[javac] 
/build/protobuf-3.6.0.1/java/core/src/main/java/com/google/protobuf/UnsafeUtil.java:45:
 error: package sun.misc does not exist
[javac]   private static final sun.misc.Unsafe UNSAFE = getUnsafe();
[javac]^
[javac] 
/build/protobuf-3.6.0.1/java/core/src/main/java/com/google/protobuf/UnsafeUtil.java:292:
 error: package sun.misc does not exist
[javac]   static sun.misc.Unsafe getUnsafe() {
[javac]  ^
[javac] 
/build/protobuf-3.6.0.1/java/core/src/main/java/com/google/protobuf/UnsafeUtil.java:432:
 error: package sun.misc does not exist
[javac] sun.misc.Unsafe unsafe;
[javac] ^
[javac] 
/build/protobuf-3.6.0.1/java/core/src/main/java/com/google/protobuf/UnsafeUtil.java:434:
 error: package sun.misc does not exist
[javac] MemoryAccessor(sun.misc.Unsafe unsafe) {
[javac]^
[javac] 
/build/protobuf-3.6.0.1/java/core/src/main/java/com/google/protobuf/UnsafeUtil.java:511:
 error: package sun.misc does not exist
[javac] JvmMemoryAccessor(sun.misc.Unsafe unsafe) {
[javac]   ^
[javac] 
/build/protobuf-3.6.0.1/java/core/src/main/java/com/google/protobuf/UnsafeUtil.java:293:
 error: package sun.misc does not exist
[javac] sun.misc.Unsafe unsafe = null;
[javac] ^
[javac] 
/build/protobuf-3.6.0.1/java/core/src/main/java/com/google/protobuf/UnsafeUtil.java:297:
 error: package sun.misc does not exist
[javac]   new PrivilegedExceptionAction() {
[javac] ^
[javac] 
/build/protobuf-3.6.0.1/java/core/src/main/java/com/google/protobuf/UnsafeUtil.java:299:
 error: package sun.misc does not exist
[javac] public sun.misc.Unsafe run() throws Exception {
[javac]^
[javac] 
/build/protobuf-3.6.0.1/java/core/src/main/java/com/google/protobuf/UnsafeUtil.java:300:
 error: package sun.misc does not exist
[javac]   Class k = sun.misc.Unsafe.class;
[javac] ^
[javac] 
/build/protobuf-3.6.0.1/java/core/src/main/java/com/google/protobuf/UnsafeUtil.java:300:
 error: package sun.misc does not exist
[javac]   Class k = sun.misc.Unsafe.class;
[javac]  ^
[javac] Note: Some input files use or override a deprecated API.
[javac] Note: Recompile with -Xlint:deprecation for details.
[javac] Note: Some input files use unchecked or unsafe operations.
[javac] Note: Recompile with -Xlint:unchecked for details.
[javac] 10 errors

BUILD FAILED
/build/protobuf-3.6.0.1/debian/java-build.xml:27: Compile failed; see the 
compiler error output for details.

Total time: 5 seconds
make[1]: *** [debian/rules:69: override_dh_auto_build-indep] Error 1
make[1]: Leaving directory '/build/protobuf-3.6.0.1'
make: *** [debian/rules:18: build] Error 2


Andreas


protobuf_3.6.0.1-1.log.gz
Description: application/gzip

Bug#897239: marked as done (librelion+mpi+gui-dev: uninstallable everywhere but on amd64,i386)

2018-06-14 Thread Debian Bug Tracking System 
Your message dated Thu, 14 Jun 2018 12:49:40 +
with message-id 
and subject line Bug#897239: fixed in relion 1.4+dfsg-4
has caused the Debian Bug report #897239,
regarding librelion+mpi+gui-dev: uninstallable everywhere but on amd64,i386
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
897239: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=897239
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: librelion+mpi+gui-dev
Version: 1.4+dfsg-3
Severity: serious

Hi,

librelion+mpi+gui-dev depends on librelion+mpi+gui-1.4-1, which is only
built on amd64/i386. Now that librelion+mpi+gui-dev is built on other
architectures, it has become uninstallable. Please either restrict
librelion+mpi+gui-dev to amd64/i386, or make librelion+mpi+gui-1.4-1
build everywhere.

Emilio
--- End Message ---
--- Begin Message ---
Source: relion
Source-Version: 1.4+dfsg-4

We believe that the bug you reported is fixed in the latest version of
relion, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 897...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Tille  (supplier of updated relion package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Thu, 14 Jun 2018 14:10:42 +0200
Source: relion
Binary: relion-bin relion-bin+mpi relion-bin+gui relion-bin+mpi+gui 
librelion-dev-common librelion-dev librelion+mpi-dev librelion+gui-dev 
librelion+mpi+gui-dev librelion-1.4-1 librelion+mpi-1.4-1 librelion+gui-1.4-1 
librelion+mpi+gui-1.4-1
Architecture: source
Version: 1.4+dfsg-4
Distribution: unstable
Urgency: medium
Maintainer: Debian Med Packaging Team 

Changed-By: Andreas Tille 
Description:
 librelion+gui-1.4-1 - RELION dynnamic library (3D reconstructions in 
cryo-electron micr
 librelion+gui-dev - C++ API for RELION (3D reconstructions in cryo-electron 
microscop
 librelion+mpi+gui-1.4-1 - RELION dynnamic library (3D reconstructions in 
cryo-electron micr
 librelion+mpi+gui-dev - C++ API for RELION (3D reconstructions in 
cryo-electron microscop
 librelion+mpi-1.4-1 - RELION dynnamic library (3D reconstructions in 
cryo-electron micr
 librelion+mpi-dev - C++ API for RELION (3D reconstructions in cryo-electron 
microscop
 librelion-1.4-1 - RELION dynnamic library (3D reconstructions in cryo-electron 
micr
 librelion-dev - C++ API for RELION (3D reconstructions in cryo-electron 
microscop
 librelion-dev-common - C++ API for RELION (3D reconstructions in cryo-electron 
microscop
 relion-bin - toolkit for 3D reconstructions in cryo-electron microscopy
 relion-bin+gui - parallel toolkit for 3D reconstructions in cryo-electron 
microsco
 relion-bin+mpi - parallel toolkit for 3D reconstructions in cryo-electron 
microsco
 relion-bin+mpi+gui - parallel toolkit for 3D reconstructions in cryo-electron 
microsco
Closes: 897239
Changes:
 relion (1.4+dfsg-4) unstable; urgency=medium
 .
   * Team upload.
   * Add watch file (and delete README.source that explains why there is no
 watch file)
   * New upstream version
   * debhelper 11
   * Point Vcs fields to salsa.debian.org
   * Standards-Version: 4.1.4
   * Restrict architectures to amd64 and i386
 Closes: #897239
Checksums-Sha1:
 2b3b6268d88d18c88a9f010a6041add56a495050 3045 relion_1.4+dfsg-4.dsc
 0401cfbd908ca0e20ac329b54dc89064f8769ebe 8344 relion_1.4+dfsg-4.debian.tar.xz
Checksums-Sha256:
 8920964671d9368186db95099c854245550f4c1938967527c9d9cdebd4205f20 3045 
relion_1.4+dfsg-4.dsc
 decc35ec3a44ab14455e97c3bdc64a8dfa8131f9e6bb431eec126e26e488842e 8344 
relion_1.4+dfsg-4.debian.tar.xz
Files:
 9f76535c2808f260c8b8763139483bc7 3045 science optional relion_1.4+dfsg-4.dsc
 6dbbdab7bdca852823bca0b27b403eda 8344 science optional 
relion_1.4+dfsg-4.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQJFBAEBCAAvFiEE8fAHMgoDVUHwpmPKV4oElNHGRtEFAlsiX9gRHHRpbGxlQGRl
Ymlhbi5vcmcACgkQV4oElNHGRtGPLQ//dZ1eZV/IKQoZt+WCe+7hF8yass4CJ08A
J99tta0uRVX8U/F1uGFgU30+YSpPzm+qvhC37eP+mvyrJpaaZsFyCZP2cd0eoXr3
AwN1CEfP4WmDCzXRhs+gNTGwvl1NKfd8W8UnWykMvnBIF6uU0IVvK9onp/1V68dY
iQD8b1xEVdXIt8MJpXDKvINawA6VTyJzmZ/g62+qZU5tC68M6805RbjSP0rS7FHF

Bug#901516: sbt-serialization: FTBFS with openjdk-10: NumberFormatException: For input string: "0x100"

2018-06-14 Thread Andreas Beckmann 
Package: sbt-serialization
Version: 0.1.2-1
Severity: serious
Justification: fails to build from source

sbt-serialization FTBFS with openjdk-10 as default jdk:

   debian/rules override_dh_auto_build
make[1]: Entering directory '/build/sbt-serialization-0.1.2'
git init
Initialized empty Git repository in /build/sbt-serialization-0.1.2/.git/
mkdir -p /build/sbt-serialization-0.1.2/debian/sbt_home/.ivy2/cache
cp -fr /build/sbt-serialization-0.1.2/bootstrapdeps/* 
/build/sbt-serialization-0.1.2/debian/sbt_home/.ivy2/cache/
mkdir /build/sbt-serialization-0.1.2/debian/sbt_home/.sbt
echo "[repositories]" > 
/build/sbt-serialization-0.1.2/debian/sbt_home/.sbt/repositories
echo "local" >> /build/sbt-serialization-0.1.2/debian/sbt_home/.sbt/repositories
cp -frv /build/sbt-serialization-0.1.2/bootstrapdeps-sources/. 
/build/sbt-serialization-0.1.2/debian/sbt_home/.ivy2/cache/
'/build/sbt-serialization-0.1.2/bootstrapdeps-sources/./org.scala-sbt/compiler-interface/srcs'
 -> 
'/build/sbt-serialization-0.1.2/debian/sbt_home/.ivy2/cache/./org.scala-sbt/compiler-interface/srcs'
'/build/sbt-serialization-0.1.2/bootstrapdeps-sources/./org.scala-sbt/compiler-interface/srcs/compiler-interface-0.13.12-sources.jar'
 -> '/build/sbt-serialization-0.1.2/debian/sbt_home/.ivy2/cache/./org.scala-sbt/
compiler-interface/srcs/compiler-interface-0.13.12-sources.jar'
/build/sbt-serialization-0.1.2/bootstrapsbt/bin/sbt -verbose -debug -sbt-dir 
/build/sbt-serialization-0.1.2/debian/sbt_home/.sbt -ivy 
/build/sbt-serialization-0.1.2/debian/sbt_home/.ivy2 'set offline := true' -Dsb
t.override.build.repos=true packageBin make-pom
[residual] arg = '-sbt-dir'
[residual] arg = '/build/sbt-serialization-0.1.2/debian/sbt_home/.sbt'
[addJava] arg = 
'-Dsbt.ivy.home=/build/sbt-serialization-0.1.2/debian/sbt_home/.ivy2'
[residual] arg = 'set offline := true'
[addJava] arg = '-Dsbt.override.build.repos=true'
[residual] arg = 'packageBin'
[residual] arg = 'make-pom'
[addJava] arg = 
'-Dsbt.global.base=/build/sbt-serialization-0.1.2/debian/sbt_home/.sbt'
[residual] arg = 'set offline := true'
[residual] arg = 'packageBin'
[residual] arg = 'make-pom'
[process_args] java_version = '10.0.1'
# Executing command line:
java
-Xms1024m
-Xmx1024m
-XX:ReservedCodeCacheSize=128m
-XX:MaxMetaspaceSize=256m
-Dsbt.ivy.home=/build/sbt-serialization-0.1.2/debian/sbt_home/.ivy2
-Dsbt.override.build.repos=true
-Dsbt.global.base=/build/sbt-serialization-0.1.2/debian/sbt_home/.sbt
-jar
/build/sbt-serialization-0.1.2/bootstrapsbt/bin/sbt-launch.jar
"set offline := true"
packageBin
make-pom

Getting org.scala-sbt sbt 0.13.12 ...
:: retrieving :: org.scala-sbt#boot-app
confs: [default]
49 artifacts copied, 0 already retrieved (17462kB/56ms)
Getting Scala 2.10.6 (for sbt)...
:: retrieving :: org.scala-sbt#boot-scala
confs: [default]
5 artifacts copied, 0 already retrieved (24494kB/24ms)
[ERROR] Failed to construct terminal; falling back to unsupported
java.lang.NumberFormatException: For input string: "0x100"
at 
java.base/java.lang.NumberFormatException.forInputString(NumberFormatException.java:65)
at java.base/java.lang.Integer.parseInt(Integer.java:652)
at java.base/java.lang.Integer.valueOf(Integer.java:983)
at jline.internal.InfoCmp.parseInfoCmp(InfoCmp.java:59)
at jline.UnixTerminal.parseInfoCmp(UnixTerminal.java:233)
at jline.UnixTerminal.(UnixTerminal.java:64)
at jline.UnixTerminal.(UnixTerminal.java:49)
at 
java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native
 Method)
at 
java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at 
java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at 
java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:488)
at java.base/java.lang.Class.newInstance(Class.java:560)
at jline.TerminalFactory.getFlavor(TerminalFactory.java:209)
at jline.TerminalFactory.create(TerminalFactory.java:100)
at jline.TerminalFactory.get(TerminalFactory.java:184)
at jline.TerminalFactory.get(TerminalFactory.java:190)
at sbt.ConsoleLogger$.ansiSupported(ConsoleLogger.scala:123)
at sbt.ConsoleLogger$.(ConsoleLogger.scala:117)
at sbt.ConsoleLogger$.(ConsoleLogger.scala)
at sbt.GlobalLogging$.initial(GlobalLogging.scala:43)
at sbt.StandardMain$.initialGlobalLogging(Main.scala:61)
at sbt.StandardMain$.initialState(Main.scala:70)
at sbt.xMain.run(Main.scala:29)
at xsbt.boot.Launch$$anonfun$run$1.apply(Launch.scala:109)
at xsbt.boot.Launch$.withContextLoader(Launch.scala:128)
at xsbt.boot.Launch$.run(Launch.scala:109)
at xsbt.boot.Launch$$anonfun$apply$1.apply(Launch.scala:35)
at xsbt.boot.Launch$.launch(Launch.scala:117)
at

Bug#901495: redis: multiple security issues in Lua scripting

2018-06-14 Thread Chris Lamb 
Hi,

> redis: multiple security issues in Lua scripting

This has now been assigned CVE-2018-11219 & CVE-2018-11218.


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#901513: slurm-client: fails to upgrade from 'wheezy' - trying to overwrite /usr/bin/sacctmgr, /usr/share/man/man1/sacctmgr.1.gz

2018-06-14 Thread Andreas Beckmann 
Package: slurm-client
Version: 14.03.9-5+deb8u1
Severity: serious
Tags: jessie
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package fails to upgrade from
'wheezy'.
It installed fine in 'wheezy', then the upgrade to 'jessie' fails
because it tries to overwrite other packages files without declaring a
Breaks+Replaces relation.

See policy 7.6 at
https://www.debian.org/doc/debian-policy/#overwriting-files-and-replacing-packages-replaces

>From the attached log (scroll to the bottom...):

  Selecting previously unselected package slurm-client.
  Unpacking slurm-client (from .../slurm-client_14.03.9-5+deb8u1_amd64.deb) ...
  dpkg: error processing 
/var/cache/apt/archives/slurm-client_14.03.9-5+deb8u1_amd64.deb (--unpack):
   trying to overwrite '/usr/share/man/man1/sacctmgr.1.gz', which is also in 
package slurm-llnl-slurmdbd 2.3.4-2+b1
  dpkg-deb: error: subprocess paste was killed by signal (Broken pipe)
  Errors were encountered while processing:
   /var/cache/apt/archives/slurm-client_14.03.9-5+deb8u1_amd64.deb

The conflicting files are:

  usr/bin/sacctmgr
  usr/share/man/man1/sacctmgr.1.gz

This should be fixable by adding
  Breaks+Replaces: slurm-llnl-slurmdbd (<< 14.03.9-5)
(The existing B+R: slurmdbd (<< 14.03.9-5) is probably incorrect and was
intended to do this, but better keep it in place ...)

Please note that the window for the final jessie point release closes
this weekend ...


cheers,

Andreas


slurm-llnl-slurmdbd=2.3.4-2+b1_slurm-client=14.03.9-5+deb8u1.log.gz
Description: application/gzip

Bug#833692: pinot: links GPLv2+ code with OpenSSL

2018-06-14 Thread Jonas Smedegaard 
Quoting Olly Betts (2018-06-14 04:29:27)
> On Thu, Jun 14, 2018 at 12:45:38AM +0200, Jonas Smedegaard wrote:
>> I still like pinot and believe there is a use for it in Debian as 
>> alternative to extract and tracker.  But evidently it keeps falling 
>> too low on my priority list :-(
>> 
>> Please do adopt it.  Or co-maintain it with me, if you prefer that.
>
> Sounds good.  I've made a start on preparing an upload.
>
> It looks like the packaging was on collab-maint which has now gone - 
> do you have a checkout of it handy?  Not vital, but preserving the 
> history seems useful if it's easy to do.

https://salsa.debian.org/debian/pinot


Thanks a lot for co-maintaining!  Please do tell if you have any 
questions or disagree with how some stuff was done in the past - or 
simply change things and inform me, if you prefer (we are in it together 
- equally!).


 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private


signature.asc
Description: signature

Bug#900882: susv4: fails to install: ERROR 404: Not Found.

2018-06-14 Thread Simon McVittie 
Control: tags -1 + patch

On Wed, 06 Jun 2018 at 12:29:54 +0200, Jakub Wilk wrote:
> --2018-06-06 10:24:50--  
> http://pubs.opengroup.org/onlinepubs/9699919799/download/susv4tc2.tar.bz2
...
> 2018-06-06 10:24:52 ERROR 404: Not Found.

I've prepared a patch to update this package to susv4-2018, aka
POSIX.1-2017, and fixed some minor issues I noticed while doing that
update. Please see attached.

I've also imported the history of the sus package from snapshot.debian.org
into a git repository at . If you
find that useful, please copy that repository somewhere appropriate (I
would suggest https://salsa.debian.org/debian) or ask me to move it. My
proposed changes are available on the proposed/susv4-2018 branch in the
same repository.

On Sun, 02 Jul 2017 at 13:13:49 +0200, Andreas Beckmann wrote:
> during a test with piuparts I noticed your package left unowned files on
> the system after purge, which is a violation of policy 6.8 (or 10.8)
...
>   /usr/share/doc/susv4/susv4tc2/   not owned
>   /usr/share/doc/susv4/susv4tc2/Figures/   not owned

This is because the postrm wasn't updated when the rest of the package
was updated from TC1 to TC2, so it is still trying to delete
/usr/share/doc/susv4/susv4tc1. It's fixed in the attached patches.

smcv
>From 57d7d008fd4761213ab6364e8380107a12bd66e1 Mon Sep 17 00:00:00 2001
From: Simon McVittie 
Date: Thu, 14 Jun 2018 09:04:27 +0100
Subject: [PATCH 1/4] Update susv4 to POSIX.1-2017 (SUSv4, 2018 edition)

- This fixes installability of the package since SUSv4 TC2 is no
  longer available for download (Closes: #900882)
- Delete the correct directory in postrm (Closes: #866872)
- Update doc-base metadata
- Update Lintian overrides
---
 debian/changelog   | 12 
 debian/control |  7 ---
 debian/susv4.doc-base  |  8 
 debian/susv4.lintian-overrides |  4 ++--
 debian/susv4.postinst  |  8 
 debian/susv4.prerm |  2 +-
 6 files changed, 27 insertions(+), 14 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index f58df3b..013d3c2 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,15 @@
+sus (7.20161013+nmu1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Update susv4 to POSIX.1-2017 (SUSv4, 2018 edition)
+- This fixes installability of the package since SUSv4 TC2 is no
+  longer available for download (Closes: #900882)
+- Delete the correct directory in postrm (Closes: #866872)
+- Update doc-base metadata
+- Update Lintian overrides
+
+ -- Simon McVittie   Thu, 14 Jun 2018 08:20:34 +0100
+
 sus (7.20161013) unstable; urgency=medium
 
   * New upstream release: contains SUSv4 TC2; update checksum
diff --git a/debian/control b/debian/control
index d810a5d..4cd1f96 100644
--- a/debian/control
+++ b/debian/control
@@ -27,9 +27,10 @@ Description: Fetch and install SUSv3
 Package: susv4
 Architecture: all
 Depends: wget, bzip2, ${misc:Depends}
-Description: Fetch and install SUSv4 (POSIX.1-2008)
+Description: Fetch and install SUSv4 (POSIX.1-2017)
  The Single Unix Specifications are not permitted to be generally
  redistributed, so this is an installer that fetches them and installs
  them in a Debian appropriate way.  This installer will fetch and
- install POSIX:2008 (also known as Single Unix Specification v4) with
- POSIX:2013 Technical Corrigendum 1 and POSIX:2016 Technical Corrigendum 2.
+ install POSIX.1-2017 (variously also known as IEEE Std 1003.1-2017,
+ The Open Group Base Specifications Issue 7, 2018 Edition, or
+ Single Unix Specification v4, 2018 edition).
diff --git a/debian/susv4.doc-base b/debian/susv4.doc-base
index 2a4b809..c039ce9 100644
--- a/debian/susv4.doc-base
+++ b/debian/susv4.doc-base
@@ -1,9 +1,9 @@
 Document: susv4
-Title: Single Unix Specification Version 4
+Title: Single Unix Specification Version 4, 2018 edition
 Author: The Open Group
-Abstract: This is the POSIX:2008 standard with POSIX:2013 corrigendum 1
+Abstract: The POSIX.1-2017 standard for Unix-like operating systems.
 Section: Debian
 
 Format: HTML
-Index: /usr/share/doc/susv4/susv4tc1/index.html
-Files: /usr/share/doc/susv4/susv4tc1/*.html
+Index: /usr/share/doc/susv4/susv4-2018/index.html
+Files: /usr/share/doc/susv4/susv4-2018/*.html
diff --git a/debian/susv4.lintian-overrides b/debian/susv4.lintian-overrides
index 8e90836..1eda5d8 100644
--- a/debian/susv4.lintian-overrides
+++ b/debian/susv4.lintian-overrides
@@ -1,3 +1,3 @@
 susv4: postinst-has-useless-call-to-install-docs
-susv4: doc-base-file-references-missing-file susv4:8 /usr/share/doc/susv4/susv4tc1/index.html
-susv4: doc-base-file-references-missing-file susv4:9 /usr/share/doc/susv4/susv4tc1/*.html
+susv4: doc-base-file-references-missing-file susv4:8 /usr/share/doc/susv4/susv4-2018/index.html
+susv4: doc-base-file-references-missing-file susv4:9 /usr/share/doc/susv4/susv4-2018/*.html
diff --git a/debian/susv4.postinst

Processed: Re: Bug#900882: susv4: fails to install: ERROR 404: Not Found.

2018-06-14 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + patch
Bug #900882 [susv4] susv4: fails to install: ERROR 404: Not Found.
Added tag(s) patch.

-- 
900882: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900882
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#888095: [debian-mysql] Bug#888095:

2018-06-14 Thread Andy Li 
Hi Otto,

On Fri, May 11, 2018 at 9:53 AM, Andy Li  wrote:

>
>
>> > On 10/05/18 20:24, Otto Kekäläinen wrote:
>> >> MariaDB 10.3 needs to be finalized and imported into Debian. After
>> >> that all the mess that are a fallout of a misfortunate upload of
>> >> mariadb-10.2 to Debian unstable will start to become resolved.
>>
>
> What do you mean by finalized? Are we waiting upstream for something?
> If it will still take an unknown number of months to stabilize, using
> an epoch as suggested by Emilio seems to be a good immediate solution.
>

I'm sure you have been busy, but this issue has been there unfixed for
several months.
I would appreciate if you can spend a few minutes to answer our questions.
If you lack the time to maintain the package, would you let the Debian
MySQL Maintainers team temporally handle it?

Best regards,
Andy

Processed: bug 899365 is forwarded to https://github.com/uBlockOrigin/uBlock-issues/issues/73

2018-06-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> forwarded 899365 https://github.com/uBlockOrigin/uBlock-issues/issues/73
Bug #899365 [webext-ublock-origin] webext-ublock-origin: webext package does 
not work in Firefox
Set Bug forwarded-to-address to 
'https://github.com/uBlockOrigin/uBlock-issues/issues/73'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
899365: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=899365
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: tagging 894172

2018-06-14 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 894172 + pending
Bug #894172 [python-virtualenv-clone] python-virtualenv-clone: Conflicts with 
virtualenv-clone
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
894172: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894172
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#901495: marked as done (redis: multiple security issues in Lua scripting)

2018-06-14 Thread Debian Bug Tracking System 
Your message dated Thu, 14 Jun 2018 06:50:29 +
with message-id 
and subject line Bug#901495: fixed in redis 5:4.0.10-1
has caused the Debian Bug report #901495,
regarding redis: multiple security issues in Lua scripting
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
901495: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901495
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: redis
Version: 3:3.2.6-1
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security

>From https://github.com/antirez/redis/issues/5017:

> The Apple Security Team, together with Alibaba and myself,
> identified several security issues in the Lua script engine. The full
> report is here: 

No CVE has (yet) been assigned:

  https://github.com/antirez/redis/issues/5017#issuecomment-397038992

Version tagged >= 3:3.2.6-1 due to stretch having Lua support but
wheezy (2.8.17) does not.


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-
--- End Message ---
--- Begin Message ---
Source: redis
Source-Version: 5:4.0.10-1

We believe that the bug you reported is fixed in the latest version of
redis, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 901...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Chris Lamb  (supplier of updated redis package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Thu, 14 Jun 2018 08:37:09 +0200
Source: redis
Binary: redis redis-sentinel redis-server redis-tools
Built-For-Profiles: nocheck
Architecture: source amd64 all
Version: 5:4.0.10-1
Distribution: unstable
Urgency: medium
Maintainer: Chris Lamb 
Changed-By: Chris Lamb 
Description:
 redis  - Persistent key-value database with network interface (metapackage
 redis-sentinel - Persistent key-value database with network interface 
(monitoring)
 redis-server - Persistent key-value database with network interface
 redis-tools - Persistent key-value database with network interface (client)
Closes: 901495
Changes:
 redis (5:4.0.10-1) unstable; urgency=medium
 .
   * New upstream security release. See:
  for more information.
 (Closes: #901495)
Checksums-Sha1:
 d8110559a87910bee534101489ddf79c16e0e873 2080 redis_4.0.10-1.dsc
 d2738d9b93a3220eecc83e89a7c28593b58e4909 1738465 redis_4.0.10.orig.tar.gz
 9d06c0885ba15566e8423f86a9cff85c540219b1 23892 redis_4.0.10-1.debian.tar.xz
 deb31140353533f7797c861838c7ffb675117255 68276 
redis-sentinel_4.0.10-1_amd64.deb
 a15d82e2fc54f63f2fb56c34fa1f297d63c44f6e 93924 redis-server_4.0.10-1_amd64.deb
 0f82b577bc37b17874b82f30b3eb9e4aee434f97 1429828 
redis-tools-dbgsym_4.0.10-1_amd64.deb
 612cbfa48827bad995337734efecae75293ae7d6 573484 redis-tools_4.0.10-1_amd64.deb
 5314fe35132fda6684a9dab8ab71eccfb68844ca 61548 redis_4.0.10-1_all.deb
 719fbf8afd10a58aa98468be258435ecf485ec15 6513 redis_4.0.10-1_amd64.buildinfo
Checksums-Sha256:
 5a9f25b65306822094d16e8471f0b8721a547360d1eab3a3cab1f60e0e0bbf0a 2080 
redis_4.0.10-1.dsc
 1db67435a704f8d18aec9b9637b373c34aa233d65b6e174bdac4c1b161f38ca4 1738465 
redis_4.0.10.orig.tar.gz
 694abc852c501f46af606f78fcef97a9e2baf42271e173f4c44fbf8f1670dcd4 23892 
redis_4.0.10-1.debian.tar.xz
 c76762a57dee5b1775b1d26e877b85469756fc6d55953bd915a6be24333747e2 68276 
redis-sentinel_4.0.10-1_amd64.deb
 d690725d3e2421782c28c677349f10b300cc30c823693c6a7c5faa8dbfbf8a98 93924 
redis-server_4.0.10-1_amd64.deb
 8ce4784a0074ecda14a22e8f5ba8d53649e0e95d8ff3331329866534771658b9 1429828 
redis-tools-dbgsym_4.0.10-1_amd64.deb
 008ef02f83ad0a5b03ffa9651eddf577087bcb73b3c69350c559fa85964ef2b5 573484 
redis-tools_4.0.10-1_amd64.deb
 51b2dc4092924cffbe58c4d0b8875300969260d1ecff3da27a447a9a44f6c3b5 61548 
redis_4.0.10-1_all.deb
 938806b605d53d4f90102deff8d8955bd9dccb76b405c8a613d8b71792dfa57a 6513 
redis_4.0.10-1_amd64.buildinfo
Files:
 e02bf96f568d3e528da197fbbaf40df0 2080 database optional redis_4.0.10-1.dsc
 115b82ea07cb4a6f37c5fd86ab5a6d45 1738465 database optional 
redis_4.0.10.orig.tar.gz
 dd389d665908182c1b5b23b6d85aa8d9 23892 database

Bug#901136: marked as done (sysuser-helper fails in terrible ways if users exist through NSS modules that are not libnss-unix)

2018-06-14 Thread Debian Bug Tracking System 
Your message dated Thu, 14 Jun 2018 06:50:44 +
with message-id 
and subject line Bug#901136: fixed in sreview 0.3.1-1
has caused the Debian Bug report #901136,
regarding sysuser-helper fails in terrible ways if users exist through NSS 
modules that are not libnss-unix
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
901136: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901136
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: sreview-common
Version: 0.3.0-1~bpo.1
Severity: grave
User: debian-ad...@lists.debian.org
Usertags: needed-by-DSA-Team


sreview-common failed to configure.

| Setting up sreview-common (0.3.0-1~bpo.1) ...
| usermod: user 'sreview' does not exist in /etc/passwd
| dpkg: error processing package sreview-common (--configure):
|  subprocess installed post-installation script returned error exit status 6
| dpkg: dependency problems prevent configuration of sreview-encoder:
|  sreview-encoder depends on sreview-common; however:
|   Package sreview-common is not configured yet.
| 
| dpkg: error processing package sreview-encoder (--configure):
...

Now we can't get rid of it anymore
| vittoria:~# apt-get purge sreview-detect sreview-master sreview-encoder 
sreview-web sreview-common
| 
| [..]
| After this operation, 165 kB disk space will be freed.
| Do you want to continue? [Y/n] 
| (Reading database ... 77344 files and directories currently installed.)
| Removing sreview-common (0.3.0-1~bpo.1) ...
| passwd: user 'sreview' does not exist in /etc/passwd
| dpkg: error processing package sreview-common (--remove):
|  subprocess installed pre-removal script returned error exit status 1
| usermod: user 'sreview' does not exist in /etc/passwd
| dpkg: error while cleaning up:
|  subprocess installed post-installation script returned error exit status 6
| Errors were encountered while processing:
|  sreview-common
| E: Sub-process /usr/bin/dpkg returned an error code (1)

-- 
|  .''`.   ** Debian **
  Peter Palfrader   | : :' :  The  universal
 https://www.palfrader.org/ | `. `'  Operating System
|   `-https://www.debian.org/
--- End Message ---
--- Begin Message ---
Source: sreview
Source-Version: 0.3.1-1

We believe that the bug you reported is fixed in the latest version of
sreview, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 901...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Wouter Verhelst  (supplier of updated sreview package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Thu, 14 Jun 2018 08:38:56 +0200
Source: sreview
Binary: sreview-master sreview-web sreview-encoder sreview-common sreview-detect
Architecture: source all
Version: 0.3.1-1
Distribution: unstable
Urgency: medium
Maintainer: Wouter Verhelst 
Changed-By: Wouter Verhelst 
Description:
 sreview-common - SReview -- common code
 sreview-detect - SReview input detection script
 sreview-encoder - SReview encoder code
 sreview-master - SReview components for master host
 sreview-web - SReview webinterface
Closes: 901136
Changes:
 sreview (0.3.1-1) unstable; urgency=medium
 .
   * New upstream release (minor updates)
   * Drop dh_sysuser usage, it hasn't been tested with NSS modules, just
 add an adduser call instead. Closes: 901136.
Checksums-Sha1:
 1a3e2e461a91f1380a32f2ea5cacc2bc55cb0ce6 2049 sreview_0.3.1-1.dsc
 641a469df4126f6030937d919f2de160959d281b 3201662 sreview_0.3.1.orig.tar.gz
 379e1cc5e16107f98159491f8ae94a585fa047b3 32664 sreview_0.3.1-1.diff.gz
 fe4572e69ff02b4382ecc98cd15633dea023ca2f 45144 sreview-common_0.3.1-1_all.deb
 5aa4832e81547de72ed41c75c16d9d908f418cb8 21836 sreview-detect_0.3.1-1_all.deb
 b2f9b043e0cf4b690d9c0462eebf6034a13d33be 33868 sreview-encoder_0.3.1-1_all.deb
 a90c88a04d89dff89b4b645c37f2ae2d131411c8 24672 sreview-master_0.3.1-1_all.deb
 9b5fb7139cfab2450f918956b4cf88a2332ceb2f 30796 sreview-web_0.3.1-1_all.deb
 6fe626bb6542fddde416d98790c84b2360bbf1b9 14973 sreview_0.3.1-1_amd64.buildinfo
Checksums-Sha256:
 a7ed3677e6fe23718d4fd9654bd7f74fb664618866324c532d891bd207cf40c8 2049

Bug#901136: can't remove if install fails

2018-06-14 Thread Wouter Verhelst 
On Thu, Jun 14, 2018 at 08:08:02AM +0300, kact...@gnu.org wrote:
> 
> [2018-06-14 00:32] Wouter Verhelst 
> > Hi,
> 
> Hi!
> 
> > On Wed, Jun 13, 2018 at 03:21:11AM +0300, kact...@gnu.org wrote:
> > > I never worked with NSS, but how did it happen, that useradd {in postinst}
> > > created user in a way, that userdel {in prerm} could not find?
> > 
> > That's not what happened.
> > 
> > The sreview user already existed before the sreview-common package was
> > installed, but it did not exist in /etc/passwd; instead, it existed in a
> > different location, configured through an NSS module.
> 
> Am I correct, some time ago it was created by previous version of maintainer 
> script,
> when I did not use dh-sysuser?

No.

It was created in Debian's LDAP directory.

> > The easiest way for you to test this is probably to install libnss-db,
> > change the value of ETC in /etc/default/libnss-db to some other
> > directory and cull the DBS value so it contains just passwd, then create
> > a file called "passwd" in the directory that you pointed ETC to, run
> > "make -C /var/lib/misc", and add "db" to /etc/nsswitch.conf on the
> > "passwd" line.
> > 
> > Meanwhile, I'm going to have to implement it properly and remove
> > dh_sysuser from my build-depends. Ah well.
> 
> So sad. Maybe you could suggest what should I use instead of 'useradd/userdel'
> in sysuser-helper to make dh-sysuser also work with NSS?

You generally cannot modify users from the command line (or from a
maintainer script) that are created through any NSS module that is not
libnss-compat (note: I said "unix" before, but that was obviously
wrong).

There's nothing wrong with useradd, but you should be prepared for the
possibility that the user already exists or cannot be modified.

Alternatively, you can just use adduser.

-- 
Could you people please use IRC like normal people?!?

  -- Amaya Rodrigo Sastre, trying to quiet down the buzz in the DebConf 2008
 Hacklab

Bug#901495: redis: multiple security issues in Lua scripting

2018-06-14 Thread Chris Lamb 
Package: redis
Version: 3:3.2.6-1
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security

>From https://github.com/antirez/redis/issues/5017:

> The Apple Security Team, together with Alibaba and myself,
> identified several security issues in the Lua script engine. The full
> report is here: 

No CVE has (yet) been assigned:

  https://github.com/antirez/redis/issues/5017#issuecomment-397038992

Version tagged >= 3:3.2.6-1 due to stretch having Lua support but
wheezy (2.8.17) does not.


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-